I've been running Avast personal version on my laptop and my daughter's desktop for a couple months now and it's been working well.
About a week ago I installed it on my Wife's laptop and the past couple days have been investigating SYN floods that my firewall is reporting is coming from her computer.
The destination address is 69.63.178.112 which DNS resolves as channel42-09-01-snc1.facebook.com.
'netstat -abn' says that they're being generated by 'AvastSvc.exe'
TCP 10.1.20.21:2392 69.63.178.112:80 SYN_SENT 1808
[AvastSvc.exe]
TCP 10.1.20.21:2502 69.63.178.112:80 SYN_SENT 1808
[AvastSvc.exe]
TCP 10.1.20.21:2594 69.63.178.112:80 SYN_SENT 1808
[AvastSvc.exe]
TCP 10.1.20.21:2614 69.63.178.112:80 SYN_SENT 1808
[AvastSvc.exe]
RGFW-IN: ACCEPT (TCP 10.1.20.21:2724->69.63.178.112:80 on ixp0) [1402,91881476]
Thu Feb 4 13:57:52 2010
RGFW-RATELIMIT: 42 messages of type BLOCK-SYNFLOOD reported 1 second(s) ago
Thu Feb 4 13:57:51 2010
There are thousands of these SYN packets being sent every minute.
Any idea what could be causing this or what I can do to stop it? Avast scans don't find anything. Neither did Mcaffe (which I replaced with Avast), SpyBot or SpywareBlaster.
Thanks