Situation: RootAlyzer looks for indicators for rootkits.

Experienced: while ADS is used by legit applications as well, it can be used by malware to hide stuff, even executable code.

Expected: show these. Similar to ADSLocator.