NTFS Alternate Data Streams - Windows NT

This is a discussion on NTFS Alternate Data Streams - Windows NT ; Hello, Is anybody know if Alternate Data Streams used by Windows NT/2000/XP to hide for example key register, executable, so everything which can be used by windows? Actually, is all Anti-Virus are able to struggle against malicious code hide in ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: NTFS Alternate Data Streams

  1. NTFS Alternate Data Streams

    Hello,

    Is anybody know if Alternate Data Streams used by Windows NT/2000/XP
    to hide for example key register, executable, so everything which can
    be used by windows?

    Actually, is all Anti-Virus are able to struggle against malicious
    code hide in ADS or not ? If not , which one are efficient ?

    Is anybody have a good link on internet or a recent white paper which
    deals about Alternate Data Streams ?

    regards

    Seb

  2. Re: NTFS Alternate Data Streams

    CA product eTrust AV allows scanning of alternate datastreams for malicious
    code.
    www.sysinternals.com has a tool on it for finding alternate data streams.

    "sebastien" wrote in message
    news:aabfcdb.0309120713.72805d81@posting.google.co m...
    > Hello,
    >
    > Is anybody know if Alternate Data Streams used by Windows NT/2000/XP
    > to hide for example key register, executable, so everything which can
    > be used by windows?
    >
    > Actually, is all Anti-Virus are able to struggle against malicious
    > code hide in ADS or not ? If not , which one are efficient ?
    >
    > Is anybody have a good link on internet or a recent white paper which
    > deals about Alternate Data Streams ?
    >
    > regards
    >
    > Seb




+ Reply to Thread