How to hide files/folders in Windows NTFS file system?

31 07 2008

I still feel nostalgic about the golden era of Windows 95 & 98. During those days, we can lock our important data by using the “Alt+255” trick which make it difficult for other to open and access data. Well, the “Alt+255” trick won’t work in latest windows versions. 😦

Is there any other cool trick to hide data like the previous version of windows?

yes! You can utilize the Alternate Data Streams“( ADS ) of NTFS file system. ADS is the feature by which a single file can have multiple data streams under it. Only a stream aware application can iterate it. For other application, its just a file with single stream under it. Well, lets do some exercises. We’re going to hide the file Secret.avi under file Innocent.txt. Take dos console and execute the commands. I’m assuming that both files are present in your current directory.

Syntax: type <FileToHide> <DestinationFile>:<StreamName>
E.g. C:\>type Secret.avi > Innocent.txt:SecretStream.avi

Now the Secret.avi file is copied as another data stream under Innocent.txt file. Try opening the Innocent.txt. Its just the text file. huh? Well, now execute the following command to get the file back.

Syntax: more < <DestinationFile>:<StreamName> > <RestoreFileName>
C:\> more < Innocent.txt:SecretStream.avi > RestoredSecret.avi

You got the file back!

ADS is one for the favorite feature of virus writers. Trojans and viruses utilize ADS to get hidden from user eyes. Many of us might notice that, even if we delete away some files, after next restart they reappear. Yes! the real virus might be under some innocent file. 😉

Have a look at Wiki too –

Targeted Audience – Advanced.