Zone.Identifier NTFS ADS

Hi,

Last night I finally installed Windows XP SP2.

Today I downloaded a few files from Project Gutenberg and other trustworthy Web sites.

When I scanned my system, TDS-3 detected NTFS ADS (Alternate Data Streams) ONLY in the files I downloaded today.

The ADS were all zone.identifier (26 bytes).

Example:

C:/downloads/burke.zip:zone.identifier

Should I remove these streams and, if I do, will it affect the files or my system in any way?

Many thanks for your help!

Gorgelink

 

Hi gorgelink & welcome, You can usually delete them with no ill effect, they are usually associated with picture place holders or other images.
Streams smaller than 128 bytes are very unlikely to contain anything malicious.

HTH Pilli

 

Great many thanks, Pilli.

 

i think those are the zone id info when you download files using IE in SP2....basically sp2 now keeps track of files u downloaded off the net by attaching an ads stream to the downloaded files....and will give a warning if u try to execute them...no harm in deleteing those ads stream i guess....

 

Could be kairii, KAV V5 also throws in some addstreams sometimes as well but they are harmless as well as far as I am told.

Thanks. Pilli