I performed a scan on localhost with nmap on windows and it shows 4 open ports..
Here is my scan log:

nmap -sT -sU -F -v localhost

Starting Nmap 4.53 ( http://insecure.org ) at 2008-03-05 13:22
Skipping UDP Scan against localhost ( because Windows does not support scanning your own machine (localhost) this way.
Initiating Connect Scan at 13:22
Scanning localhost ( [1275 ports]
Discovered open port 135/tcp on
Discovered open port 445/tcp on
Connect Scan Timing: About 10.67% done; ETC: 13:27 (0:04:17 remaining)
Discovered open port 12346/tcp on
Discovered open port 1058/tcp on
Completed Connect Scan at 13:27, 259.45s elapsed (1275 total ports)
Host localhost ( appears to be up ... good.
Interesting ports on localhost (
Not shown: 1271 closed ports
135/tcp open msrpc
445/tcp open microsoft-ds
1058/tcp open nim
12346/tcp open NetBus

i want to close all ports because are vulnarable.. But the most vulnarable port is the NetBus 12346 tcp. I read the faq in the forum and it says that although the port is open, a connection cannot be made to it.. right? Anyway, I tried to close the ports by following the user manual page 53-54... After I specified ports for tcp outgoing and incoming to be blockes and clicked ok and scanned localhost with nmap it showed me again the same ports open..
Am I doing something wrong?

Operating System:Windows XP Home Edition
Software Version:7.0
Product Name:ZoneAlarm Pro