I don’t run any p2p programmes, but some family members do and I have noticed this behaviour with Zonealarm reports on their machines using Overnet/Edonkey. Particularly if they are “sharing” a particular poular file at the time.

I can replicate the behaviour (on their machines) by shutting down p2p and then watching the intrusion logs as the diconnected machines attempt to re-connect.

I’m not saying this is definately your problem, but it’s a possibility.

If you completely stop your p2p for 24 hrs (up and download) and check Zonealarm again, if this is the cause then the intrusions should have dropped by then. I mean not minimise, but stop completely btw.