I'd like to tell what I found when I experienced the same problem.
I had a lot of referrals to "us15.info" web address in my firewall traffic log. Neither Spyware Doctor, nor Norton Antivirus 2003 couldn't find any infection on the PC even started in Safe Mode.
Finally, I decided to try to install a trial version of Kaspersky antivirus. That was unsuccessful as I think because of Norton Antivirus installed on the PC which I wouldn't remove. My network connection got a some weird status and worked just partially.
I tried to play around this issue rebooting in Safe Mode, disabling Norton then Kaspersky antiviruses, but I was unsuccessful in my efforts to get both antiviruses working together, and I was forced to remove Kaspersky Antivirus...
However, I got another interesting effect: after all this, Norton found a virus which this Antivirus couldn't find before: PWSteal.Trojan located in \Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
I've opened regedit immediately, and searched for "ibm0000" string. I found two places - in autorun section and in Shell definition item: after "explore.exe" (as it should be), I found a long chain of spaces and then a string like "C:\Program Files\......\ibm00001.exe". I guess, this empty space was necessary to the virus author to make this addition to the "explore.exe" command invisible as in most cases, this addition was out of visible part of regedit window.
Of course, I removed this item in autorun section leaving just the standard "explore.exe" in the Shell definition. After this, I've rebooted the PC and performed a full scan by Norton Antivirus.
I don't have any "us15.info" items in my firewall log anymore.
The end of the story.
