Did the ultimate no no and disabled firewall to let customers software vendor get in to server to do some training and db repair. Customer calls in says they have no internet,router is flooded. Norton corporate 10.0.02 latest stuff finds hacktool.dfind as of right now. Initially upon visit ran norton in safe mode and found hacktool.hidewin, hacktool.dfind,hacktool, backdoor.hacktool and maybe a couple of others.It said it killed several and quarantined the rest. Server ran ok for about a day and a half then same thing upon arrival norton has found hacktool.dfind in subdirectory c:\recycler\many #s\me cannot find this anywhere norton says it partially repaired it. Norton is no help on killing a virus none of the registry entries in the initial virus's that were supposed to be there were. This dude is bogging my server messing with my sql and obviously internet. Virus found few minutes ago hacktool.dfind 2 files both in the c:\recycler\many #s\me that i cant find anywhere. assistance would be appreciated suppossed to go back at closing time so i can bring server down an run a scan in safe mode. ran hijack this and do not find anything out of the norm but i could be missing something.kind a got me in a bind.