March 12th, 2005, 11:24 AM
Okay, scanned my laptop with Norton AV05, got one hit, inst43.exe; left click?=Comet Cursor Plus(Symantec), no biggie, but, I wanted to see what I could learn from it.
Create restore point. Went to delete the values from the registry? Nada, not a one in there, in fact, no CLSID folder at all, so that took care of that.
Went to unregister the .dll files? Nope, still nothing there, either.
Entered this: %ProgramFiles%\Comet
on the search in the start menu, and came up with two unknown flies: nil - Disco Comet.milk and Rocke - Personal Comet.milk, both under C:\Program Files\Winamp\Plugins\Milkdrop.
Right click+properties=MILK File
Enter MILK File in google? Too broad. Enter Winamp+Plugins+MILK File and I get
this website, MilkDrop plug-in for Winamp, a vizualization plug-in, and it seems like a fairly complex creation, and I am thinking it seems like it has a lot of room to hide something, and when I see part of the description when they say "but keep in mind these still images leave out the element of time," that just wasn't sitting to easy with me.
So, not satisfied I have found a definite answer as what to do with those two files, and if I should delete them or not, I enter "C:\Program Files\Winamp\Plugins\Milkdrop into google, and I come up with this, a text file, but don't understand any of what it is saying.
So THEN, I enter MILK File in a Symantec Search, and the closest thing I come up with is this article, Steganography: High-Tech Hidden Messages.
And then as I am reading:
I am thinking, Hmm, those were some pretty pictures in the Milk Drop Screen Shots, under "Take A Look" under MilkDrop plug-ins for Winamp.
The high-tech forms of steganography today involve hiding secret messages in images or sound files on the Internet. Special steganography software is needed in order to insert the message into a computer file -- graphics, audio, text, HTML, or even floppy disks. This software is easy to obtain -- it is available as freeware or shareware on many download sites. The software scrambles the clandestine information into existing, yet insignificant bits of images or sound files, which aren't remarkable enough for human eyes or ears to detect. The message may only consist of a bit of undetectable sound, or a few changed pixels in a jpeg image. To the casual observer, the image or sound byte looks and sounds innocent. Little do they know that there is a hidden message lurking on the Web page. The images can only be unlocked using a "private key," or code, selected by the recipient. Otherwise, the messages are impossible to see, read, or hear.
And then I read the section right below that:
And I'm thinking, Oh, well isn't that lovely. While remembering reading about a couple of people who were arrested for aiding terrorists and they didn't even know it, cause Al Quiada was using there box somehow for communications with sleeper cells.
A tool for terrorists
Osama bin Laden and other terrorists had been using steganography software to hide messages long before the September 11 attacks on the World Trade Center. A USA Today article published on February 5, 2001 reported that foreign and U.S. officials said "Bin Laden, indicted in the bombing in 1998 of two U.S. embassies in East Africa, and others are hiding maps and photographs of terrorist targets and posting instructions for terrorist activities on sports chat rooms, pornographic bulletin boards and other Web sites."
Detecting messages that are hidden using steganography poses a serious technical challenge to law enforcement authorities that are trying to track down the terrorists. In their Fiscal Year 2003 Budget Request, the Federal Bureau of Investigation asked for increased funding to help keep up with the emerging technologies being used by the terrorists. Many FBI agents need to gain the technical skills necessary to monitor the use of steganography, so special training is required, and there is the additional expense of implementing and administering the electronic surveillance support that is needed to monitor the Web for terrorist communications
BUT, that is not even what I am worried about (well, okay, maybe just a little, cause I am not exactly secretive about my despising of them, and I am wondering why when I entered MILK File on the Symantec search it brought me to that, and they both have to do with images), I just foudn all this while trying to figure out if I should delete those two files or not, cause I was wondering if they might contain some sort of spyware in them or not.
Those other two foledrs: %Windir%\inf\CC_43.PNF and %Windir%\inf\CC_43.inf, don't exist by the way, at least not on my machine anyway.
So I am basically wondering what to do with those two MILK Files. By removing them I wouldn't screw up the plug-in itself I don't think, but I don't know enough to know whether or not by me removing them that they might screw up something else. I am doubting it, but again, I don't know enough to know for sure, because I do know enough that by the removal of something you are not sure of you could screw something else up and not even realize it till later and I'll be sitting, wondering what went wrong and be posting something else here asking you guys to help me fix it
And oh yes, ahem..."I am using Windows XPSP SP2," I always forget that part for some reason
\"Champagne for my real friends, real pain for my sham friends\"-Ed Norton/25th Hour
March 12th, 2005, 04:02 PM
From what i gathered, Milkdrop is a plug-in used by winamp.
i found this link
MILKDROP 1.04 (7/31/03)
a Winamp visualization plug-in by Ryan Geiss
copyright (c) 2001-2003 Nullsoft, Inc.
What is MilkDrop?
MilkDrop is a Winamp audio-visualization plug-in. It uses 3D graphics hardware,
combined with iterative image-based rendering techniques, to create a visual
journey through sound.
March 12th, 2005, 09:27 PM
Whenever I am worried about a file and I want to remove it's ability to function without deleting it I leave it in place and rename it to file.<whatever the ext was>.hold. Restart the box and check the functionaility. If it works, fine... I leave it where it is as a .hold file. Every few months I'll search the disk for *.hold and decide whether I should delete them or not - it depends on the app and how often and "deeply" I use it.
It works perfectly for me.... never broke an app yet this way....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides