Folks, I kinda ran into the same unresolved question as a new user of TDS3. I will post what I sent into DCS and what they recommended. My highjack this came up clean, and so did my PE logs but no one to my satisfacton has been able to explain the coolwebsearch showing up as listening to my ports? I am new with this product, so excuse my lack of knowledge as I learn to work with this toolset. Thanks, Mike please see below: DCS Support reply: Hi, These seem like legitimate ports. If you want to check your system thoroughly, try Port Explorer which has a free demo http://www.diamondcs.com.au/portexplorer Once installed and rebooted, you can choose FILE > SAVE TABLE and send us that, which will show all port info We recommend you do post an Adware "HijackThis" logfile in this forum for some expert spyware/adware help https://www.wilderssecurity.com/showthread.php?t=15913 Best regards, DiamondCS Support PROCESS GUARD - CRITICAL Protection for Windows 2000/XP - Ensure Windows Integrity - Stop rootkits, DLL injection - Prevent firewall bypassing http://www.diamondcs.com.au/processguard ----- Original Message ----- To: firstname.lastname@example.org Sent: Thursday, June 17, 2004 2:06 PM Subject: TDS and coolwebsearch Hello TDS team, I am a new TDS user( registered) user name on Lisc. so let me apologize in advance if this question is not really a problem. I have just run the Diamond CS netscan. I noticed on some of my ports it seems that coolwebsearch is listening to them, when I right clicked to identify the address. I have included the UDP 127.0.0.1:1900 TCP 127.0.0.1:1029 TCP 127.0.0.1:1027 These were listed on the left side of the table the Netscaner created. When I right clicked to get specific info on the item it listed for all three cool websearch and seemed to indicate to that those ports were used by them? Please assit me to understand the situation.