AnalogX has a great little program that blocks ports, however whenever it is executed it claims that some ports cannot be closed as they may jeopardize system security. Although I constantly clean out my system with Spybot, Xoftspy, Ad-ware (lavasoft) and other software I still find garbage on my system. I understand that some ports are open by default with some XP processes however I'm getting pretty suspicious as the more ports I add to block on my system, the more ports aren't blocked with this port blocker which gives me the same message every time "may jeopardize security". I only have a small number of ports blocked due to reocurring issues as a result of scans. For example; an online Symantec scan I did recently stated that port 40423 was vulnerable or open (I forgot but in any event there was an issue with this port) - so I closed it naturally. Although when I use my port blocker it gives the following list of ports that could not be blocked because they were "already in use".

21,25,80,110,119,123,137,138,139,445,1025,5000,40423

These are only the ones I've manually put into the software from Analog X who knows how many else are being exploited!

I've used Ethereal but since I'm an amatuer I don't know exactly what to look for. all the traffic appears to be normal. I've scanned my own IP address using Superscan which claims that none of my ports are open. The list of ports that are open is a little excessive and I don't think they're all related to XP processes that are just a part of the system. There is no doubt in my mind that there is something going on here behind the scenes. The question is what is the next step to take in defending myself?