Internet Explorer and Outlook use IAttachmentExecute (or something similar) to mark downloaded files with alternate NTFS data streams: C:\temp>streams.exe putty2.exe Streams v1.5 - Enumerate alternate NTFS data streams Copyright (C) 1999-2003 Mark Russinovich Sysinternals - www.sysinternals.com C:\temp\putty2.exe: :Zone.Identifier:$DATA 26 When you launch a file like that, you're warned it comes from an insecure source. MSDN provides some documentation on how to mark files as not-trustworthy: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/shellcc/platform/shell/reference/ifaces/iattachmentexecute/iattachmentexecute.asp We should do this with Seamonkey (and Aviary).

*** This bug has been marked as a duplicate of 255351 ***