I got Symantec's WMI update last week and wonder - could it be responsible for TDS alerting on four ADS hidden streams? It's never alerted to these before. After getting the update I did a TDS scan, it alerted, and it's never done that before. Something changed, but what? I understand they're probably all fine, and I should just set TDS not to scan ADS files under 128 bytes. But what made it suddenly alert over these files, haven't they always been there? I know the parent files have always been there. *One stream (124 bytes) is larger than its parent file (77 bytes). Is that okay? *Two stream file sizes match each other at 88 bytes each, the other two are also identical size, 124 bytes. Okay or strange? *Those numbers also match the first bulletted item - do they always have numbers like those, or is it kind of weird that they all seem to mix n' match each other? They’re not newly created files, they're things like a desktop.ini in one of my folders, and some quick launch items. TDS has scanned the parent files many times.. Something changed, and the update from Symantec was the only new thing added to the computer, plus the TDS updates received from TDS itself before the scan that returned this stuff. My question - 1.) Is it possible the Symantec WMI Update did something that now causes TDS to alert to these files? 2.) Any reason to worry? I have XP Home, NIS 2004.