seems like the advices are reverse troubleshooting
why dont you find out first what's using that port. Traditionally port 53 UDP is DNS query. So you said you are using external DNS's but you may have enabled recursion on your system (BIND im assuming) and now people are using you as a free dns server. Try setting it to listen to 127.0.0.1 or better yet disable BIND. A quick nestat -ap should show you which program is using that port.
My server seems to be infected with some kind of trojan or script.
The process called <unknown> (according to MS network monitor 3.4) ... sends out on UDP 53 every 5 seconds or so to random IPs, the descriptions being "DNS sc . jfrmt . net" and varations of the subdomain.
Also my server is sending to my router on UDP 53 with www . 99woool . com as description
Now, jfrmt . net is registered to a bogus name and only some weeks old ...
1) is there a simple way / small software to block UDP 53 (something that coexists with Windows Firewall) ? I don't run any DNS service whatsoever.
2) How to find the culprit? Process <unkonwn> does not ring any bells ...
Thanks very very much!
PS: Win XP SP3 & XAMPP - I know, I know, but that's just how it is and worked for 7+ years.