How to determine what is sending so much data from the Windows Server running SQL Server

Scanning the server with anantivirus tool is useless if there is the chance of an existing infection. It could be that the infection is itself shielding itself from being discovered. If you are concerned that there is an infection, you will need to take the server offline and perform a scan on the hard drive. Consider using a boot CD with antivirus on it, such as the Kaspersky Rescue CD.

To see how much bandwidth a process is taking up, simply open up the built-in "Resource Monitor" tool and look at the network subsection:

You can also use perfmon to create a monitor, and then use counters in the Process class to determine the amount of IO that it is using. The IO will be a tally of both network and disk I/O, so you can still get a reasonable guess as to which processes are taking up bandwidth.

If you're up for installing third party software, look into NetLimiter.

If you want to go hardcore, use Network Monitor to capture packets or mirror the port that the server is on over to a sniffer server and try to reconstruct the data into something meaningful.

EDIT 1

In your case, you've narrowed it down to IIS and the worker process executable. You'll now want to examine which website is taking up so much bandwidth. IIS can create log files for each site that can be examined with LogParser. Someone has made a quickie free program that can examine the logs and display some statistics. It's fittingly called "IIS Trafic Monitor." Make sure to check the documentation for it.

There are also other, for-pay tools to determine IIS bandwidth usage, but I'll let you find them lest my linking to them seems to be an endorsement.

If you have any kind of gateway or firewall in front of the IIS server, it may have the ability to inspect packets that cross its boudaries and reconstruct statistics based on application layer traffic like HTTP (which means it could conceivably sort bandwidth usage by URL and directory).