Forum Home
Press F1
Thread ID: 25297	2002-09-30 22:55:00	Where does ZoneAlarm MailSafe quarantine suspect attachments?	Billy T (70)	Press F1

Post ID	Timestamp	Content	User
84857	2002-09-30 22:55:00	Hi Team ZA MailSafe just picked up a suspect attachment (with an xxx.doc.xxx file name) and since it looks like it comes from one of my clients, I want to look at it to see what the original file type was in case it is legit. Using Ztree I have done a full computer search for the file name (book favs.doc.zlo) but can't find it anywhere. Curiously, ZA usually numbers quarantined files zl0 to zl9 but this is definitely zlo. I couldn't find it searching on either suffix anyway. I use Outlook so my best guess is that it's hidden in Outlook.pst. Does anybody know where else to look? I can always try to open it and then ZA will let me save it instead of opening, but I have a pathological aversion to attempting to open any suspect file. I don't want to go direct to the client until I am sure it is a problem. Oh yes, and another funny thing, my search turned up a copy of W32.Magistr.39921@mm in the Norton Quarantine but Nortons said that their quarantine was empty. Now manually deleted but go figure ?:| Cheers Billy 8-{)	Billy T (70)
84858	2002-09-30 23:03:00	> Using Ztree I have done a full computer search for > the file name (book favs.doc.zlo) but can't > find it anywhere. Curiously, ZA usually numbers > quarantined files zl0 to zl9 but this is definitely > zlo. I couldn't find it searching on either suffix > anyway. If it was a xxxx.doc.xxxx file, wouldn't it be something like "book favs.doc.xxxx.zlo"? Mike.	Mike (15)
84859	2002-09-30 23:48:00	Sorry Mike, ZA always replaces the actual file type with zl plus a single digit file number. It doesn't add a further suffix. I think I can read the original file type if I try to open it but that would be an unnecessary risk IMHO. If I can't find it ,I'll just delete it, but for reasons stated I'd like to know what it is all about. Cheers Billy 8-{)	Billy T (70)
1