Stream found

TDS is showing stream found on some of my image files. The path and file has a colon after it and a long string of numbers and characters after the colon.

What does this mean?

These files were not in use at the time I ran TDS.

 

Hi,

Simply ignore streams smaller than 128 bytes if you dont want to see these - its probably a thumbnail image marker or something which was added for indexing or faster access. A lot of programs seem to be using streams for legitimate purposes these days.

Scan Control > ADS Stream Options

TDS will still alarm specifically if the dangerous AFlooder or AProxy malware is in a stream, since those are binary images (EXE files) and are presented as a definite danger. Those must be bigger than 128 bytes too so ignoring small files is ok (BYTES not KILOBytes)

 

Hi,
Goto "Annoying" that might help a little more.

Daisymay

 

How do I goto "annoying"?

 

See Daisymay's thread here

 

Most of the streams I had were more than four digits in size. The last I remember was over 5000. Very few were three digit. I have some ideas about what this is now and I think I am ok. Thanks for the information.