Based on the extra information provided to me within Spybot. I chose to disable ccApp.exe from the start up entry. The file resides in "C:\Program Files\Common Files\Symantec Shared\ccApp.exe". The advice that Spybot gives is that it is a Trojan called OBSORB. After disabling it Nortan AntiVirus will no longer start up. I have to manually load it with every boot. So I re-enabled it and Nortan now starts up. My question is, did Spybot make a mistake in calling this file in this location a Trojan?

Second question is ctfmon.exe. I went to the microsoft website to read what this file was and found this arcticle, "http://support.microsoft.com/kb/282599". Here they said that this file is a part of Office XP. Spybot indicates that this is a file that is part of the CoolWebSearch parasite. Now, I haven't noticed any malfunctions while using my Office XP products after disabling it so I've left it disabled. It somehow continues to re-enable itself without Spybot catching it. The Microsoft arcticle above explains why and how it does that, and how to properly remove it if we want to. Did Spybot make a mistake in proclaiming this file as a parasite though?

Here's an excerpt from Spybot's help file:

This tool lists all programs that are started at Windows startup. If those items are in the database coming with Spybot-S&D, it will
display some more information about them. It also allows you to disable (and enable) items, as well as delete them, change them or
insert new items.

The entries will be displayed in different colours:


Green: legitimate program
Yellow: unknown, unneeded or unambiguous program (e.g. malware programs might use the same file name as legitimate programs)
Red: malicious program

At the top of the infopanel window,Spybot shows the current filename.I have ctfmon.exe in start-up,so here is mine:
Current filename: C:\WINDOWS\system32\ctfmon.exe

Down below that info,it says:
Database status: Not required - virus, spyware, malware or other resource hog
Value: ctfmon.exe
Filename: ctfmon32.exe

Description
_CoolWebSearch_ parasite related - hijacking to Slawsearch.com

Source: Paul Collins Startup list

My filename isn't ctfmon32.exe,so Spybot shows it in mine as white.

If Current filename is:
Current filename: C:\WINDOWS\system32\ctfmon32.exe
,then Spybot shows that line as red in my startup list.

So I don't know for sure of course,but I'd take it that the current filename info is used to compare with the info below it,as well as having the coloured entries.

See the top of this page for the Key,an explanation of Y,N,X,etc.which you'll see in the status box.
http://www.castlecops.com/StartupList.html

Here is one of the entries at castlecops for ctfmon.exe(Name,ctfmon.exe Command,ctfmon.exe Status:U):
http://www.castlecops.com/s795-ctfmon_exe.html

Here is the one for Name:Ctfmon.exe Command:ctfmon32.exe Status:X
http://www.castlecops.com/s797-Ctfmon_exe.html

Here is one entry for ccApp,then (random file name):
http://www.castlecops.com/s525-ccApp.html

Here is another for Name:ccApp Command:ccApp.exe:
http://www.castlecops.com/s524-ccApp.html