I have recently noticed permitted portscans listed in my firewalls intrusions log file.

The only options about portscans that my firewall provides (Kerio personal) is whether to log them or not.

The scans have come from 2 differant web hosting companies (Both located in the same city) and I am sure they are partner companies or at the least affiliates of one another.

the IP of the most common scanner of my ports is from a website that I assume is hosted through one of these companies, I know which site it is and I have no clue why they are scanning me.

I have emailed both the above companies asking why the scans are being held, if they are customary (I am sure they are not) and what thier intentions are - still yet to hear a response from either.
Also, I have scanned my own ports using localhost (127.0.0.1) and found my open and vulnerable ports. I run on Windows XP and I haven't been able to sort out getting the ports closed (I could definately use some advice here) and would like to avoid deleting them if possible, to avoid more intrusions.

So I ask - what else can I do to combat this and how do I know if there is really a 'fiddler' in my system?
A bit of a worry is if someone happens to install a keylogger on my system - how would I know, where would one go if it was there and how do I eradicate it?

Any advice and/or comments to help me improve my knowledge of this experience are greatly appreciated.

Thanks.........