Back Orifice / Backdoor-g

I've recently been looking more closely at my network connections logs and noticed some things that looked off to me. I've an XP machine running norton internet security (2008 ). As far as I know all the patches are up to date (liveupdate etc)

The norton log viewer for network connections shows much recent activity under the local service port heading including backdoor-g-1(1243), coauthor(1529), ingreslock(1524), knetd(2053), netshow(1755), phone(1167), radius(1812) and many others.

Similarily under the remote service port heading, all of those show up as well as auth(113), back-orifice-2000-1(54321), doom(666), kerberos(88 ), netbios-ssn(139)... and so on.

I'm pretty sure none of these are deliberately switched on by me.

Also my firewall acitivities log shows hundreds of "unused port blocking has blocked communications" messages - between 5 and 30 seconds apart.

Is Norton doing what it's supposed to do, or have I a problem - and if so how do I go about fixing it?

(apologies if this is the wrong forum to be posting in).

SMC