How is hacking done?

The cracker scans for open ports on the victim's pc and attempts to connect to the victims pc. Secondly, the intruder will start making use of the open port and install backdoor/trojan to gain control of the user's computer?

I'm been getting alerts like netbios scan from my firewall. What's are the signs of a compromise pc? Unknown programs running in background? Another question how does the cracker load the backdoor/trojan into the computer.

Thirdly, using the Task Manager, can i be able to view all applications running in the background. Any possibility that the backdoor is not shown in the task manager as a process?

FYI, i'm using a winxp box. with ZA firewall