Alternate Data Streams (ADS)
are a feature of the Windows NTFS File System
that helps support the Macintosh Hierarchical File System (HFS) which used resource forks
to store icons and other information for a file. This hidden stream is used to tell the system how to use the data contained in the file. For more information on ADS and how they can be a security risk, please refer to:Reformatting a hard disk deletes all data
. If you are considering reformatting
and a clean install or doing a factory restore with a Recovery Disk/Recovery Partition
due to malware infection, you can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup
any executable files (*.exe), screensavers (*.scr), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml ) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension
or adding to the existing extension as shown here
(click Figure 1 to enlarge
) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions
. Then make sure you scan the backed up data with your anti-virus prior to
to copying it back to your hard drive.
If your CD/DVD drive is unusable, another word of caution if you are considering backing up to an external usb hard drive as your only alternative. External drives are more susceptible to infection and can become compromised in the process of backing up data
. I'm not saying you should not try using such devices but I want to make you aware of all your options and associated risks so you can make an informed decision if its worth that risk.
Again, do not back up any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.