Hello, I'm hoping someone here can help me, as I'm at my wit's end with this issue. About a week ago, after returning from a business trip to Texas, I started experiencing extreme lag/freezing with my Internet connection. (I use Time Warner high-speed internet.) What would happen is that my internet would run at normal speed for a couple of minutes, then suffer severe lag (pages would not load, partially load or just time out before loading) for several minutes. Then things would return to normal for a minute or two, only for the process to repeat itself. I've been on the phone with Time Warner 6-7 times in the last week. Initially, they just changed the "channel" of my router. After the second call, they sent a technician out who checked all of the fittings and replaced the router. Three days ago, I had to call Time Warner again because the issue was still not resolved. The Level 3 tech who I spoke to told me that he was seeing activity consistent with a "denial of service" attack coming from the one PC (an HP laptop) that I have here at the house. He instructed me to turn off that machine, which I did. For about 12 hours, it seemed like this was the solution. Then, yesterday, I began having the exact same problems. Note that the HP laptop has been turned off this entire time. Once again, I got on the phone with Time Warner. This time, the tech tells me that the suspicious IP address is one of my MacBook Pros (again, based on the IP address). We changed the network name, the network password, etc... So at this point, all devices were disconnected from the network. Then he had me add on just one device (my MacBook Pro which I use most frequently) back to the network. For an hour, it ran fine. Then, BAM... massive slowdown once again. I logged into the router settings and in the logs, I can see where it is hitting the router with SYN Flood. There are two listed --- one where the count is 94 and one where the count is 25. There are also a couple of "TCP-or UPD-based Port Scans" listed as well. I've been doing some Googling and I found an article which indicated that I could use a Terminal command (lsof -i) to see all active connections. I have done that and it returns a long list of commands, the large majority (at least 80) of which are listed as "Google." Some of these commands have site names like tribalfusion.com, amazonaws.com and cloudfront.net associated with them. I saved this info to a PDF file, and I am happy to post it here... just was not sure if doing so would be exposing any personal information. I'm at a loss of what to do next. I did download and install ClamXav per the advice found on another board. I ran a scan on my machine and, while it found 376 errors, it says there are 0 infected files. Can anyone help? Time Warner is sending another technician out tomorrow, but I doubt that he/she will be able to do much as this appears to be an issue with my machine and not so much with my router/network. Maybe I'm wrong about that... I don't know at this point. Any help/advice would be very much appreciated. Thanks.