It's hard to recommend a how to go through the file, without seeing sample input. You should probably also think about chosing a pattern so you don't need to regenerate multiple paterns each line, such as:

my $ports = '(?:'.join('|', @win_ports).')';
while (<LOG>) {
  print if ( m#$regex/$ports#o );
}
[download]

I also noticed you never did anything with @trojan_ports.

Update: I realized that this also didn't deal with part #2 of your issue -- breaking things down by port. Assuming you had enough memory to deal with keeping the whole thing in memory, I'd probably push the records into arrays in memory, and then print them out when done, given the considerations. However, I still have no idea what the format of the log files is, and it's entirely possible that you may have multiple matches per line, if you have both the remote and local ip/port combination. I'd probably use logic similar to:

my $atom = qr/[1,2]?\d{1,2}/;
my @ports_win = qw( 135 137 139 445 1025 1433 1434 );
my @ports_trojan = qw( 114 15118 4899 );
my $file = 'C:\fw.log';
my $ports = '('.join('|',@ports_win, @ports_trojan).')';
my $ip = qr#$atom\.$atom\.$atom\.$atom/$ports#;
my %lines = ();

open LOG, '<', $file or die "Can't read from $file : $!";
while ( my $line = <LOG> ) {
  if ( $line =~ m/$ip/o ) {
    push ( @{$lines{$1}}, $line );
  }
}
foreach my $port ( 'WINDOWS', @ports_win, 'TROJAN', @ports_trojan ) {
  print "\n\n$port\n-------\n",@{$lines{$port}||[]};
}
[download]