Wtf,582 Intrusion Attempts?

Okey,I forgot to say “HI”,Im marcelo from Paraguay,My english is not very well,but,well,im gonna try to make myself clear.Plus im 14,I dont know a lot about Computer Security

Im using a Motorola Surfboard modem with a Kozumi WIFI router,it has a WPA2 password.

Well,Last night I was playing CS 1.6 and some ADMIN said to me “You are way to good,you must cheating!,im gonna send you a Virus”,which I thought it was impossible…but I was soooo wrong…Ok,I continued playing and suddenly I loss the control of my character throwing away the M4A1,switching to knife,before CS 1.6 closes I could notice somekind of “fast message” up in the left corner.
Well,After that CS 1.6 left I couldnt access any webpage,except the ones that were already open,I thought it was a Denial of Service,also CS 1.6 refused to go beyond 10 FPS,working VERY slowly.

So,the first thing I did was to run a Slow Virus check With AVG on the CS 1.6 Folder…nothing,but I noticed something ODD in the Comodo Firewall Icon down there in the task bar,there were 5 of those Red Arrows,so I opened the window…and to my surprise it said there were…582 Blocked Intrusion Attempts,so,I uninstalled CS 1.6,runned C-Cleaner,and turned off the computer for all the night,hoping to renew the IP.

Now,I came back from school and turned on the pc,hoping that were would be nothing about Intrusion Attempts,but,Right now it says there were only 2 attempts.(It seems that the [at]55H0l3 got tired,thank you Comodo FirWll!)

The Odd thing is that the Intrusion attemps have more than 1 IP but both have the same source port (53)…here they are:
200.0.194.78
200.41.39.122
They also tried 3 or 4 Ports:
1071
1037
1076
1078

The application that I guess they are using its:C:/Windows/System32/SVchost.exe
I also ran a Slow Scan on the Windows Folder…nothing.

Okey Ppl.my question would be:

1)Is there any way to stop those punks from trying to get into my pc?
2)What kind of virus they could have sent me through an online game? (right now,I can only think about the Defaul.CFG)
3)How can I close those ports,or they are verrrryyyy important?
4)My Download Speed “got” capped at 34kbs,and I have a 1mb connection,Does the Intrusion has anything to do with this?
5)How can I get them to taste their own medicine? (you know what I mean…)

Thank you very much!
:comodosavedmylife:

EDIT VERY IMPORTANT:It seems that everytime I make an online “action” such as going to a new page or editing this post,a Intrusion Attempt comes up!!!

First of all what antivirus do you use? avg?
and what other security software do you use?

Both of the IPs belong to Latin American and Caribbean IP address Regional Registry - that should have a meaning for you.

If you set an - let’s say - improper rule for an application (for example: “Web browser” insted of "Trusted application) it’ll show up the way you have described.
The port 53 belongs to the Doman Name Server, and you can informations about the other ports by searching for it (with Google for instance), if you care. I don’t want to list them here.

About your speed decrease: if you experienced while downloading via p2p protocol (like torrent), it could be that your IPS is limiting your bandwidth. Try to set an (forced) protocol encryption in the settings. You try also a speed test site for checking your speed - if it’ll display correctly, than most probably your ISP is limiting you traffic.

I don’t think that you should worry about intrusions - especially not with CIS installed - and if you behind a router, chances are even lesser that someone would hack into your system. (The most likely way for this would be for it that you would run an unkown program, and allowing it to run by CIS.)

You can check witch ports are open on this site: Port Authority Edition – Internet Vulnerability Profiling

So, as I mentioned before, one of your rules have must have been set wrong - happened to sometimes too. You should check the application name in the Firewall log according to the mentioned ports, and change the rules - or create new - for them.

Also, it might be possible that there are some malwares hiding in your system. I recommend for you to use Spybot: Search and Destroy along with CIS - as I do. It can also make a passive protection (Immunization) for most of the common browsers (IE, FF, Opera), making malware almost impossible to get in your system while you’re browsing.

I hope my comment was helpful. And of course, correct me, if I’m wrong. :slight_smile:

Maybe it has something to do with a program you were running at that time. I know when I was using version 3.13 late last year if I used windows messenger I would see a drastic increase in the number of intrusion attempts. Sometimes even after a few minutes after being logged in messenger I would see the number of intrusion attempts increase by even 80.

I have no idea why but as far as I know this only seemed to happen when I used messenger.