Re: Database of strange files

["Gabriel Orozco" <gabriel_orozco () mx sumida com>]

Ask Google.

it appears to be:
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program
Files\Microsoft Office\Office\1033\OLFSNT40.EXE

and here is info for it:
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:
80/support/kb/articles/Q183/9/44.ASP&NoWebContent=1

Regards

----- Original Message -----
From: "Di Fresco Marco" <superdif () infinito it>
To: "Security-Basics" <security-basics () securityfocus com>
Sent: Tuesday, August 05, 2003 3:31 AM
Subject: Database of strange files


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hey,
> I assume that this is a F.A.Q kind of question, but I am not finding
> any answer (at least in the first 2 results' pages of Google).
>
> Do you know any good on-line (and better if I can download off-line
> for reference) database for determine if some (strange) file is
> legitimate or is a virus/trojan/cracked/whatever?
>
> For example: I am currently dealing with "olfsnt40.exe" that it has
> been showing up for 2/3 days in my "Windows Task Manager"; from the
> name it sound like that it has to do with Office (it is just "the
> name sound like" assumption) and just 2/3 days ago I played with
> Office 2000 and the Beta of the new version and so I am just assuming
> that is related to Office. But I am not sure about this assumption
> and it maybe be a virus/trojan/whatever and I am just leaving it
> working (even if, in case it is a trojan, I do not know how much it
> can work with two personal firewall).
>
> That is just a (real) example, but I get doubts about files very
> often and it would be very usefull if I have some sort of database to
> use to check the (supposed) purpose of the files.
>
> Than in advance.
>
>
>
> Di Fresco Marco
> ICQ #51985192
>
>
> |---------------------------------------------------------------------
> |--|
> | Spock (Court Martial - TOS): If I let go a hammer on a planet
> | having | a positive gravity, I need not see it fall to know that it
> | has, in | fact fallen. |
> |---------------------------------------------------------------------
> |--|
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.2
>
> iQA/AwUBPy9o8GGMuE6+l29WEQImAwCfTWS+5UupY6Bd0FZ1w6SZ/N3chIEAoIq7
> 67meoSHRHV942uCIOdoCtLMD
> =xRwi
> -----END PGP SIGNATURE-----
>
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.506 / Virus Database: 303 - Release Date: 01/08/2003


---------------------------------------------------------------------------
----------------------------------------------------------------------------