Taking in George's help as well ...
1) You can tell if you have Microsoft .Net installed as follows: Start,
Settings, Control Panel, Add/Remove Programs. I have listed ...
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
If you have any version installed, then run any updates required to ensure
it's the latest version.
2) It might be useful to work out who's trying to contact whom via Task
Scheduler, this might reveal a trojan/virus. Do the messages from Norton
give an IP address? If your Norton firewall doesn't give the IP address by
default, you may be able to configure it to, or it might be in the logs, or
it might if you do whatever is its equivalent of locking the internet. Once
you have an IP, check it out here (you may have to register, but it's free
at no risk) ...
http://www.whois.sc/
.... or if that reveals nothing useful, in a DOS box do ...
tracert <IP Address> (<> are field delimiters, don't type them)
.... and work backwards form the last server listed and named. The server
will usually have a domain, say 'blah.blah.blah.suspect.net'. If this
domain is suspicious, eg: it had has nothing to do with any 'trustworthy'
source such as Microsoft or your AV or firewall software, then start looking
for a trojan/virus. Note though that much legitimate software such as
Windows Media Player, Logitech mouse drivers, etc, can periodically check
for an update, though they should and usually do make this an explicit
option at installation time. If you find you have such, look in the
software options to switch the feature off.
Note another use for this technique ...
Occasionally spam goes to an internet address to fetch a picture trying to
sell you watches and doubtless you know what else
-)! To report it, you
need a domain and/or an IP, but examining the HTML source in Outlook doesn't
always reveal what site is being accessed. The way I trace this is to
engage the internet lock in the firewall, Zone Alarm, then click on the mail
to preview or open it. ZA throws up a message box detailing what IP was
being accessed.