Solved

Suspious looking files.

Posted on 2001-06-06
22
182 Views
Last Modified: 2013-12-28
For the past several months I've been on a personal quest to first, rid my system of all "Spyware" and second, to educate everyone I come in contact with about this subversive, dirty, underhanded, invasive... I'll stop there.

I'm suspious of every file in every directory. It's become a bit of an obsesion.  I use PCMag's InCtrl5 for every program installation or just to see what's going on at 'shutdown' or 'startup'.  I highly recommend it.

I've come across a group of files in the C:\Windows directory that I've not been able to identify and that is why I've come back here after a long absence.(I've amassed 6218 points so I'll be back more often.)

I used FileGrab, another PCMag utility to get a listing of the files.  

C:\WINDOWS\Tr~proin.-ok         293     4/25/01 3:42 PM      4/23/01 6:17 PM     6/6/01 12:00 AM     A  
C:\WINDOWS\Tr~sysin.-ok        2396     4/25/01 3:42 PM     4/25/01 11:22 AM     6/6/01 12:00 AM     A  
C:\WINDOWS\Tr~systm.-ok     6746144     4/25/01 3:42 PM      4/25/01 3:20 PM     6/6/01 12:00 AM     AHSR
C:\WINDOWS\Tr~user.-ok      1376288     4/25/01 3:42 PM      4/25/01 3:42 PM     6/6/01 12:00 AM      HSR
C:\WINDOWS\Tr~winin.-ok       12314     4/25/01 3:42 PM      4/23/01 2:09 AM     6/6/01 12:00 AM     A  

It was the .-ok extension along with the attrib. that caught my eye.  Please identify these for me.  I could send some one a copy of one or more of the files but a couple of them are fairly large.








0
Comment
Question by:jdanddog
  • 6
  • 4
  • 4
  • +4
22 Comments
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
What os are you using?
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
Well I do not have an *.ok files on my multi boot, NT,win2k, win98 machine. I would check the file type tab
ANd see what program is associated with the *.ok suffix.

Also check in Netscape ( if you use it ).

I hope this helps !
0
 
LVL 41

Accepted Solution

by:
stevenlewis earned 200 total points
Comment Utility
when you right click on them, and choose properties, is there any info, such as version, or such? how about the msdos name?
can you read russion?
http://free-ware.narod.ru/mobala.htm
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
0
 
LVL 16

Expert Comment

by:GUEEN
Comment Utility
I use Ad Aware 4.6 - great little utility as it cleans it up.
http://www.zdnet.com/downloads/stories/info/0,,001A6S,.html
0
 
LVL 7

Expert Comment

by:pbessman
Comment Utility
Can you view these files in List format so you can see their entire names?  That will probably help you more as their names are too long for them to be shown in the format you have chosen in your "VIEWS" options.

Steven do you have any websites in Greek?  I am not sure but that looked Russian to me.


>>>>For the past several months I've been on a personal quest to first, rid my system of all "Spyware" and
second, to educate everyone I come in contact with about this subversive, dirty, underhanded, invasive...
I'll stop there.

I'm suspious of every file in every directory. It's become a bit of an obsesion.  I use PCMag's InCtrl5
for every program installation or just to see what's going on at 'shutdown' or 'startup'.  I highly
recommend it.>>>>

Sorry, to hear about your issue.  I think you're funny.  Have you come to us for computer help or psychological counseling?
 
0
 
LVL 16

Expert Comment

by:GUEEN
Comment Utility
That extension isn't listed anywhere that I am aware of.
Closest ext. that I could find was:
.OKT  Oktalyzer Tracker Module  which is probably audio related.

It might be some type of compressed file - but I doubt that it is adware.  Are you doing any type of CPU crunching (like as an example seti?)

0
 
LVL 6

Expert Comment

by:graham_k
Comment Utility
did you look at the file in a hex viewer to see if there is any recognizable text at all?

for instance, go to http://www.programfiles.com/index.asp?ID=8697 and download a shareware version of Hedit Pro. Use that to look at the file for recongnizable snippets of text - you might see the creating program's name there.

Also, if you are paranoid, be sure to head straight for Steve Gibson's page - the non plus ultra.  http://grc.com/

0
 
LVL 7

Expert Comment

by:pbessman
Comment Utility
Paranoid, who said he was parnoid?  I did a search for a while on all of my files and nothing turns up searching for *.ok or *.-ok.  I think that it would be useful to use the "show long file names" option in our search for clues.  That would at least show us what folder on your system they reside in.  I am almost wondering if this "paranoia" is being sparked by a "paranoid" program or application.  Perhaps this extension means that they are in the "OK" folder of your In Control program, as in they have been scanned as "OK" or they are safe files.  Have you considered that option?
0
 
LVL 3

Expert Comment

by:DanR
Comment Utility
I knew that Russian would come in handy some day.  Stevenlewis' link says that the program Test-Run will create copies of the registry with the extension .-ok.  So tr~systm.-ok is a copy of your registry created with Test-Run.  Then you can use Test-Run to create more registry files and toggle among them.

It seems like you're safe deleting them, though they're probably harmless.
0
 
LVL 16

Expert Comment

by:GUEEN
Comment Utility
Good find Steve!
can you read russion?
http://free-ware.narod.ru/mobala.htm

0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 7

Expert Comment

by:pbessman
Comment Utility
I am still curous if the paranoid program created these files to begin with?
0
 
LVL 3

Expert Comment

by:DanR
Comment Utility
No, they were created by Test-Run.  

Check out
http://sites.netscape.net/berniebuilt/index.htm
or
http://www.zdnet.com/downloads/stories/info/0,,000YYP,.html
for more info about the program or to download a copy.
0
 

Author Comment

by:jdanddog
Comment Utility
Yes, the files were indeed created by Test Run.  It's a program that allows one to install a program with a copy of the registry so that one could easily reverse the effects of the install.

It seems as Steve Lewis answered the question by pointing to it's location but DanR also answered it by specificly reporting it as a comment.  Now what?
0
 
LVL 7

Expert Comment

by:pbessman
Comment Utility
"No, they were created by Test-Run."  
Yes, they were created by a paranoid program,"Test-Run by BB? ver 2.1.0
Protects the Registry while testing new software.

- FREEWARE - Designed for Win95/98
Includes install/uninstall support (plus a list of all files created... there are NO secrets!)"


You should always back this stuff up yourself anyway.
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
jdanddog You can split the points between the two of us if you desire
Steve
If you want I can give you more instructions on how to do this, or have a moderator come here and assist
0
 

Author Comment

by:jdanddog
Comment Utility
I can probably figure it out but if I have a problem I'll take you up on that.  I would just like to hear from DanR first and see if he finds it acceptable.
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
:~)
0
 
LVL 3

Expert Comment

by:DanR
Comment Utility
I say you give the points to stevenlewis.  I can't believe he found a site in Russian that gave us the answer.  All I did was translate it, which you probably could have done at babelfish or somewhere.  Also, if you'd looked closely, you would have seen that "Test-Run" wasn't written in Cyrillic.
0
 

Author Comment

by:jdanddog
Comment Utility
That's a very honorable resolution Dan.  

"Men with honor have Courage.  Men with Courage are an honor to know."

That quote just popped into my head.

Yeah, that was pretty darn amazing.  And then he does an encore and presents it in French!

Thanks to all of you who answered.

Jim Dugan
0
 

Author Comment

by:jdanddog
Comment Utility
Remarkable knowledge of resourses to come up with that solution.
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
Thank you jdanddog, and I'm glad we could help
Danr, that is very honorable of you indeed. I have posted a question for you here
http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=win98&qid=20132260
in order to share the points here. Teamwork solved this problem.
PS, jdanddog, I use a cool program, Copernic to do alot of my research. You can get a free version at www.copernic.com
or you can upgrade it to Pro for a fee. An excellent search program
Steve
0

Featured Post

Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Suggested Solutions

Windows Mobile Barcode Scanning These days almost every product has a barcode in some way... amongst there are 1D barcodes en 2D barcodes.. From http://www.barcodeman.com/faq/2d.php I found some handy definitions and insights. 1D barcodes …
A few months ago I had an issue with LaserJet 1020 printer which was installed to XP and Windows 7.  It was installed to XP and working, but when I tried to connect from a Windows 7 PC, it would attempt connection and then fail.  Sometimes the Spool…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now