When run TDS detects 2 NTFS Alternate Data Streams on the tds.exe. One is 88 bytes long and the other 0 bytes. Is this normal ? If this is TDS that has added them, I thought ADS were frowned upon in security circles, and so why are they being used ? I am using Win XP Home SP1 with Kaspersky AV Personal 5.0.142, LooknStop 2.5. I have heard scare stories that KAVP 5 adds an ADS to every single file, but from my experiences this is not true and so that's why I think it is TDS that has added them.