igor0
2
It’s the e-mail heuristic - it didn’t flag the file as infected, just as suspicious; I’d say it’s simply because it has an .exe extension; check your heuristic settings for the e-mail provider to make sure.
UnnamedStream_1 comes from the NTFS Stream archiver module - it’s an NTFS stream extracted from the file. Don’t ask me how it got there… I noticed it occasionally in files saved from Outlook Express attachments. When I traced the code, the Windows API really returned information about an additional stream (it disappeared on reboot, however).