One of the active program icons in Zone Alarm says that "Generic Host Process [etc.]" is listening to UDP ports 1027 and 1028. I've identified the process responsible as svchost.exe (SYSTEM). This file resides, as expected, in the /system32 folder.
But why is it listening to those ports? From what I've read, these ports are used by Windows Messenger, and are often exploited for scareware spam. I'm absolutely, positively paranoid about PC security, but while I'm certain my PC isn't playing unwitting host to some cybernasty, I feel really uncomfortable about this.
Operating System:Windows XP Home Edition
Product Name:ZoneAlarm Internet Security Suite