Suspious looking files.

For the past several months I've been on a personal quest to first, rid my system of all "Spyware" and second, to educate everyone I come in contact with about this subversive, dirty, underhanded, invasive... I'll stop there.

I'm suspious of every file in every directory. It's become a bit of an obsesion.  I use PCMag's InCtrl5 for every program installation or just to see what's going on at 'shutdown' or 'startup'.  I highly recommend it.

I've come across a group of files in the C:\Windows directory that I've not been able to identify and that is why I've come back here after a long absence.(I've amassed 6218 points so I'll be back more often.)

I used FileGrab, another PCMag utility to get a listing of the files.  

C:\WINDOWS\Tr~proin.-ok         293     4/25/01 3:42 PM      4/23/01 6:17 PM     6/6/01 12:00 AM     A  
C:\WINDOWS\Tr~sysin.-ok        2396     4/25/01 3:42 PM     4/25/01 11:22 AM     6/6/01 12:00 AM     A  
C:\WINDOWS\Tr~systm.-ok     6746144     4/25/01 3:42 PM      4/25/01 3:20 PM     6/6/01 12:00 AM     AHSR
C:\WINDOWS\Tr~user.-ok      1376288     4/25/01 3:42 PM      4/25/01 3:42 PM     6/6/01 12:00 AM      HSR
C:\WINDOWS\Tr~winin.-ok       12314     4/25/01 3:42 PM      4/23/01 2:09 AM     6/6/01 12:00 AM     A  

It was the .-ok extension along with the attrib. that caught my eye.  Please identify these for me.  I could send some one a copy of one or more of the files but a couple of them are fairly large.








jdanddogAsked:
Who is Participating?
 
stevenlewisConnect With a Mentor Commented:
when you right click on them, and choose properties, is there any info, such as version, or such? how about the msdos name?
can you read russion?
http://free-ware.narod.ru/mobala.htm
0
 
stevenlewisCommented:
What os are you using?
0
 
SysExpertCommented:
Well I do not have an *.ok files on my multi boot, NT,win2k, win98 machine. I would check the file type tab
ANd see what program is associated with the *.ok suffix.

Also check in Netscape ( if you use it ).

I hope this helps !
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
GUEENCommented:
I use Ad Aware 4.6 - great little utility as it cleans it up.
http://www.zdnet.com/downloads/stories/info/0,,001A6S,.html
0
 
pbessmanCommented:
Can you view these files in List format so you can see their entire names?  That will probably help you more as their names are too long for them to be shown in the format you have chosen in your "VIEWS" options.

Steven do you have any websites in Greek?  I am not sure but that looked Russian to me.


>>>>For the past several months I've been on a personal quest to first, rid my system of all "Spyware" and
second, to educate everyone I come in contact with about this subversive, dirty, underhanded, invasive...
I'll stop there.

I'm suspious of every file in every directory. It's become a bit of an obsesion.  I use PCMag's InCtrl5
for every program installation or just to see what's going on at 'shutdown' or 'startup'.  I highly
recommend it.>>>>

Sorry, to hear about your issue.  I think you're funny.  Have you come to us for computer help or psychological counseling?
 
0
 
GUEENCommented:
That extension isn't listed anywhere that I am aware of.
Closest ext. that I could find was:
.OKT  Oktalyzer Tracker Module  which is probably audio related.

It might be some type of compressed file - but I doubt that it is adware.  Are you doing any type of CPU crunching (like as an example seti?)

0
 
graham_kCommented:
did you look at the file in a hex viewer to see if there is any recognizable text at all?

for instance, go to http://www.programfiles.com/index.asp?ID=8697 and download a shareware version of Hedit Pro. Use that to look at the file for recongnizable snippets of text - you might see the creating program's name there.

Also, if you are paranoid, be sure to head straight for Steve Gibson's page - the non plus ultra.  http://grc.com/

0
 
pbessmanCommented:
Paranoid, who said he was parnoid?  I did a search for a while on all of my files and nothing turns up searching for *.ok or *.-ok.  I think that it would be useful to use the "show long file names" option in our search for clues.  That would at least show us what folder on your system they reside in.  I am almost wondering if this "paranoia" is being sparked by a "paranoid" program or application.  Perhaps this extension means that they are in the "OK" folder of your In Control program, as in they have been scanned as "OK" or they are safe files.  Have you considered that option?
0
 
DanRCommented:
I knew that Russian would come in handy some day.  Stevenlewis' link says that the program Test-Run will create copies of the registry with the extension .-ok.  So tr~systm.-ok is a copy of your registry created with Test-Run.  Then you can use Test-Run to create more registry files and toggle among them.

It seems like you're safe deleting them, though they're probably harmless.
0
 
GUEENCommented:
Good find Steve!
can you read russion?
http://free-ware.narod.ru/mobala.htm 

0
 
pbessmanCommented:
I am still curous if the paranoid program created these files to begin with?
0
 
DanRCommented:
No, they were created by Test-Run.  

Check out
http://sites.netscape.net/berniebuilt/index.htm
or
http://www.zdnet.com/downloads/stories/info/0,,000YYP,.html
for more info about the program or to download a copy.
0
 
jdanddogAuthor Commented:
Yes, the files were indeed created by Test Run.  It's a program that allows one to install a program with a copy of the registry so that one could easily reverse the effects of the install.

It seems as Steve Lewis answered the question by pointing to it's location but DanR also answered it by specificly reporting it as a comment.  Now what?
0
 
pbessmanCommented:
"No, they were created by Test-Run."  
Yes, they were created by a paranoid program,"Test-Run by BB? ver 2.1.0
Protects the Registry while testing new software.

- FREEWARE - Designed for Win95/98
Includes install/uninstall support (plus a list of all files created... there are NO secrets!)"


You should always back this stuff up yourself anyway.
0
 
stevenlewisCommented:
jdanddog You can split the points between the two of us if you desire
Steve
If you want I can give you more instructions on how to do this, or have a moderator come here and assist
0
 
jdanddogAuthor Commented:
I can probably figure it out but if I have a problem I'll take you up on that.  I would just like to hear from DanR first and see if he finds it acceptable.
0
 
stevenlewisCommented:
:~)
0
 
DanRCommented:
I say you give the points to stevenlewis.  I can't believe he found a site in Russian that gave us the answer.  All I did was translate it, which you probably could have done at babelfish or somewhere.  Also, if you'd looked closely, you would have seen that "Test-Run" wasn't written in Cyrillic.
0
 
jdanddogAuthor Commented:
That's a very honorable resolution Dan.  

"Men with honor have Courage.  Men with Courage are an honor to know."

That quote just popped into my head.

Yeah, that was pretty darn amazing.  And then he does an encore and presents it in French!

Thanks to all of you who answered.

Jim Dugan
0
 
jdanddogAuthor Commented:
Remarkable knowledge of resourses to come up with that solution.
0
 
stevenlewisCommented:
Thank you jdanddog, and I'm glad we could help
Danr, that is very honorable of you indeed. I have posted a question for you here
http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=win98&qid=20132260
in order to share the points here. Teamwork solved this problem.
PS, jdanddog, I use a cool program, Copernic to do alot of my research. You can get a free version at www.copernic.com
or you can upgrade it to Pro for a fee. An excellent search program
Steve
0
All Courses

From novice to tech pro — start learning today.