| May 2002 | Issue 240 |
MEETING STARTS - 09:30 - MAY 11 th
Members Helping Members!
THIS MONTH'S CONTENTS
Attendees may recall that our connection to the internet from the VU meeting room is VERY FAST! If you have a very large download, you could bring along a zip disk (or maybe a CD-R) and get it done either just before the meeting, or just after.
We'll start things off with any special announcements. Then I want to have a discussion on any questions you may have about networking (to the internet, around the home) in preparation for the June meeting which will be devoted to that subject. We'd like to try to cover the missing links.
Tuning & Tweaking are constantly getting written up. How about your questions, your favorite tweaks or tweakers (like the old standys Scandisk, Defrag or TweakUI itself)?
Security has been the theme of the last couple of meetings and is featured in this issue, too. Do attendees need any more general or specific info on dealing with the bumper crop of "malicious code" going around, surely some MLCUG members have experiences to share!
Then we can pick up another go-round of Q & A. Including some further input on better helping our new/novice/inexperienced members.
Don't be fooled by an e-mail that is making the rounds. The subject is "Worm Klez.E immunity". Klez.E is a very malicious worm that was first detected in January.
The body of the email message is:
"Klez.E is the most common world-wide spreading worm. It's very dangerous by corrupting by corrupting your files. Because of its very smart stealth and anti-anti-virus technic, most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once, and then Klez will never come into your PC. [cont'd.]
########################################
20 YEARS! - just a tip of the hat to the passing of the 20 year mark for MLCUG. In April of
1982, about a dozen folks had a meeting at the former Main Line Computer Center, on Lancaster
Avenue in Wayne PA. The upshot of that meeting was the decision to give a go for a users group
to support folks who wanted to be able to do more with their Commodore PET and VIC personal
computers. It was not until June of 1982 that the first formal meeting of MLCUG was held in the
classroom in the basement of the Computer Center.
The club grew very rapidly and we soon outgrew the classroom, then the meeting room adjacent to
it. Fortunately, Prof. Frank Wunderlich of the Physics Department of Villanova University
offered to arrange our use of a lecture room at the University. We made the move and have been
there ever since, more than 19 years!
We have been well treated by VU and our later sponsor, Prof. Frank Maloney of the Astronomy
Department (who was a recognized GEOS guru when he took MLCUG under his wing).
Altho the Commodore machines get minimal use by current members, we hope we can continue to
provide support for users of other platforms - as we have been doing for about the last five
years or so.
Tell folks about us, we're here to help. AND, unfortunately, with the advance of "user
friendly" computers, most folks need the HELP!
TRENTON COMPUTER FESTIVAL - the TCF 2002 is scheduled for May 4-5 at the NJ Convention Center in
Edison NJ. If any members make it to the event, how about giving us a snapshot summary at our
May meeting? If something especially noteworthy happens there, we'd sure like to publish on it
for our June newsletter - hint?
NEW/NOVICE USERS - your steering committee is STILL seeking member input on how we can better
help the N/N members of MLCUG. We have not heard really any input from folks on how to deal
with their needs - as an ongoing activity. But, be sure to see the critical tip on p.4! We
know there are questions folks come away with from the meetings. How might we best approach
giving better answers? If you have any suggestion(s), please bring them up at meetings (the
sooner, the better) or get them to a committee member (see p.7 for names).
LUNCH - a half dozen or so of the regular attendees, usually partake of lunch at the Villanova
Diner after the meeting. Why not join us? It is a good time to get a little more help (or give
it) and just to have fun talking about our common interests. The food is pretty good, too!
NOTE: Because this tool acts as a fake Klez to fool the real worm, some AV monitor maybe cry
when you run it. If so, ignore the warning, and select 'continue'. If you have any question,
please mail to me."
The attached "tool" was none other than Klez.H, the latest variant of the Worm Klez.A, which was
initially encountered in October 2001. According to MessageLab's VirusEye
(www.messagelabs.com/VirusEye/), at 9:21 A.M. Wednesday, April 24, the online e-mail security
provider had encountered nearly 24,000 Klez.H infections in the previous 24 hours. By
comparison, Klez.E, the last version, was down to 1,065 infections.
[The receipt of this message was accompanied, almost simultaneously, by this notice sent out by
the Bee.Net ISP to its customers:ejv]
Attention Bee.Net Customers!
We are writing to inform you of the recent outbreak of the "W32.Klez.gen@mm" virus. This is a
very large outbreak and is spreading itself throughout the Internet.
You should have anti-virus software installed on your computer with up-to-date virus definitions
at all times to keep yourself protected. That along with using good judgement when opening email
attachments is the best protection you can have.
As it is very easy to become infected with the "W32.Klez.gen @mm" virus, we have outlined below
how to protect yourself from it and how to remove it if you have been infected.
Protecting yourself from the "W32.Klez.gen @mm" virus
1.Run "Windows Update" and install all required security patches.
2.Run Microsoft Office update (if you have MS Office installed) and install all required
security patches.
3.Ensure that your virus scanner is updated with the latest virus definitions.
4.Do not open any suspicious email attachments - even if they come from someone you know.
Scanning for and removing the "W32.Klez.gen @mm" virus
---------------------------------------
http://securityresponse.symantec.com/avcenter/FixKlez.com
Further information about this virus, can be found at:
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html
Further Technical Details:
W32.Klez.gen@mm is a mass-mailing worm that searches the Windows address book for email
addresses and sends messages to all recipients that it finds. The worm uses its own SMTP engine
to send the messages.
The subject and attachment name of incoming emails is randomly chosen. The attachment will have
one of the following extensions: .bat, .exe, .pif or .scr.
The worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to
execute itself when you open or even preview the message. Information and a patch for the
vulnerability can be found at http://www.microsoft.com/technet/security/bulletin/MS01-020.asp.
W32.Klez.gen@mm attempts to copy itself to all network shared drives that it finds.
Depending on which variant of the worm, the worm will drop one of the following viruses:
Email spoofing
Some variants of this worm use a technique known as "spoofing." If it does this, it chooses at
random an address that it finds on an infected computer as the "From:" address that it uses when
it performs its mass-mailing routine. Numerous cases have been reported in which users of
uninfected computers receive complaints that they have sent an infected message to someone
else.
For example, Linda Anderson is using a computer that is infected with W32.Klez.E@mm; Linda is
not using a antivirus program or does not have current virus definitions. When W32.Klez.gen@mm
performs its emailing routine, it finds the email address of Harold Logan. It inserts Harold's
email address into the "From:" line of an infected email that it then sends to Janet Bishop.
Janet then contacts Harold and complains that he sent her infected email, but when Harold scans
his computer, his anti-virus program does not find anything--as would be expected--because his
computer is not infected.
Here's to safe computing!
Regards, The Bee.Net Technical Support Team
--
****************************************
[courtesy of Stan Grabowski, SWFPCUG]
[Here is a nice approach to an, at times, very vexing problem:ejv]
If you ever have to reinstall Windows 9x from a CD, one of the worst problems you can face is to
find that you no longer have the original CD case and its Product Key. Without the Product Key,
you may find that you cannot reinstall Windows.
However, because you were asked for the Key when you first installed Windows, it's been saved in
the registry. This means that you can locate it BEFORE removing Windows from your system. Even
if you are unable to start Windows, as long as you can get to the command line, you can run this
on the System.dat file that's part of the registry. At a command prompt, type one of the
following commands (depending on which version of Windows you are working with):
For Windows 95 installations, type:
FIND.EXE/I "ProductId" %winbootdir%\SYSTEM.DAT
The %winbootdir% should look up the folder in which Windows is installed; however, it can only
do this if the system environment variable is set. If you've had to boot the computer from a
floppy, then it might not be set. In that case, you should "cd" into the folder where
System.dat is located and run the command from there.
For Windows 98 installations, type:
FIND.EXE/I "ProductKey" %winbootdir%\SYSTEM.DAT
The first line of the values returned should show the product key in a form similar to ?????-
?????-?????-?????-?????.
****************************************
The April meeting was attended by 16 members and a guest (Ryan Albert - who had learned about us
from the "Computer User" newspaper).
We had a round of announcements, then picked up where we had left off at the last meeting. At
that session, we had just installed Norton Anti-virus and the Zone Alarm firewall on the club PC
and just checked that they ran.
This month we had a fairly long discussion on questions folks had about anti-virus software (and
Norton AV in particular). I mentioned that there had been a recent notice that McAfee is
pulling back from the consumer market; so it looks like their AV software may not be a good long
term choice. The NAV is still well-supported and has enough sales that it will likely
continue.
None of the attendees were able to report results (good or bad) from any other AV software.
The discussion on firewalls included the point that Zone Alarm is very good at stopping
"spyware" and other products from doing things in the background without your knowing about it.
Some products that are downloaded from the net and activated in the background are reporting to
a data gathering website just about everything you do on the net. ZA can stop those
shenanigans, if you wish (and I certainly do!!!).
Since the freeware version does an excellent job at controlling internet traffic into and out of
your computer, there appears to be no rationale for buying one of the less capable, non-free
products.
Following the discussion on the two new installs, we opened things up to security-related
questions - until the queries had been exhausted.
Finally, we resumed the round-table Q&A on any other computer-related topics that were near and
dear to the hearts of the attendees .... :-)
It appears that a good time was had by all.
****************************************
Back last September, PC World published this question from a guy in Hockessin DE: "Are CD-R
discs a dependable medium for preserving digital photos, MP3s and other key files?"
A: most manufacturers claim their premium CD-Rs will last 100 years, if properly cared for. The
Library of Congress says that if you keep the CD-R in cool, dry storage, it may last that long.
BUT they give some extra tips:
1. Buy good discs - get premium CD-rs from companies that make their own. Discs from Kodak,
Mitsui and Fuji were spoken highly of. Other good ones noted were from Verbatim and Maxell.
2. Do NOT use CD-RW discs - they are much less stable and much more finicky and not designed for
long term storage.
3. Check your critical discs for errors - a freeware app, called CDcheck was suggested by PC
World.
4. Make more than one copy - put all your archive files on at least two discs (three, if you
will be accessing them a lot - one to use, two to store). Keep one archive copy in a separate
location - preferably at another site.
5. Handle discs with TLC - don't touch the data side!
6. Label with care - use special markers, if you want to write on the discs.
7. Store them properly - a cool, dry, dark spot is preferred.
8. Check them regularly - every couple of years, make sure you can still read them. If you find
an error, make another working copy from your second archive (and hope!).
9. MOST IMPORTANT! - if the technology is obsoleting the medium, transfer the data to a new
storage device that's at least as reliable as the one it's replacing! Think where you'd be, if
you had those precious files on 8-track tapes?????
****************************************
[from the SWFPCUG website: www.swfpcug.org]
The following is from an email that is circulating. It is a humorous reminder of some of the
hoaxes and urban legends that are around.
Working with computers has taught me so much about technology -the following sums it all up for
me:
REPEAT AFTER ME: I will NOT get bad luck, lose my friends, or lose my mailing lists if I don't
forward an e-mail.
I will NOT hear any music, see a taco dog, or see a cool pop up screen if I do forward an e-
mail.
Bill Gates is NOT going to send me money, Victoria's Secret doesn't know anything about a gift
certificate they're supposed to send me and Ford Motor Co. will not give me a 50% discount, even
if I have forwarded my e-mail to more than 50 people.
I will NEVER receive gift certificates, coupons, or freebies from Coca Cola, Cracker Barrel, Old
Navy, or anyone else if I send an e-mail to 10 people.
I will NEVER see a pop up window if I forward an e-mail...NEVER!!!!
My phone will not mysteriously ring after I forward an e-mail.
There is NO SUCH THING as an e-mail tracking program, and I am not stupid enough to think that
someone will send me $100 for forwarding an e-mail to 10 or more people.
There is no kid with cancer through the Make a Wish program in England collecting anything. He
did when he was 7 yrs old. He is now cancer free and 35 years old and DOESN'T WANT ANYMORE POST
CARDS, CALLING CARDS or GET WELL CARDS!
The government does not have a bill in congress called 901B (or whatever they named it this
week) that if passed will enable them to charge us 5 cents for every sent e-mail.
There will be NO cool dancing, singing, waving, colorful flower, character, or program I will
receive immediately after I forward an e- mail.
The American Red Cross will NOT donate 50 cents to a certain individual dying of some never-
heard-of-before disease for every e-mail address I send this to. The American Red Cross
RECEIVES donations, they don't donate!
And finally, I will not let others guilt me into sending things on to my friends for fear they
will think I am not their friend ... or by telling me I have no conscience or don't believe in
Jesus Christ!! If God wants to send me a message, I believe the bushes in my yard will burn
before He picks up a PC to pass it along .... but even if it does come by e-mail, He will send
me one at which point I'm sure I will know it will be from Him. And if He does, I'm sure He will
care enough to delete all those annoying forwards inside it!
Now, repeat this 4 times to yourself until you've memorized it and then send it along to at
least 5 of your friends before the next full moon or you will surely be constipated for the next
3 months.
****************************************
From: Chuck Peters
[The following relates to a very successful Linux Install Fest held last month at the Exton
Library:ejv]
The forwarded note is a little blurb Kathy Miles wrote about what's going on with the Linux
group(s).
Did you all catch the article in the (West Chester) Daily Local?
We will be putting up some pictures of last month's meeting on the website.
We have 3 more good topics planned, next month is the LPI Linux Certification. And we will be
submitting more articles to the Daily Local, hope we do better than last month's attendance of
30.
Some people did express interest in doing more install fests. Perhaps we can schedule another
one for a Saturday.
---------- Forwarded message ----------
From: Kathy Miles
Linux SIG and CCLUG Host Installfest
The Exton PC Council's Linux SIG and the Chester County Linux User Group teamed up on April 4th
to host an installfest. About 30 people showed up bringing an assortment of desktops and
laptops to install various linux distributions. It was a great success.
Linux is a free operating system developed in 1992 by Linus Torvalds. Since then, it has had
contributors from around the world and has not only become a serious contendor for the server
market, but is infiltrating the desktop as well.
When linux is paired with the Xwindows which is the graphical interface, it's hard to tell the
difference between linux and it's Microsoft counterpart. Linux has a toolbar, desktop wallpaper
and even sound events.
If there are any drawbacks to linux on the desktop, it would have to be that there are not as
many applications yet, but that is rapidly changing.
There is a great office suite, called Star Office and its open source counterpart, Open Office.
Both will load and save Word, Excel and other MS file formats.
There is, of course, a learning curve to linux; but with the graphical interface, it's getting
easier and easier. There are also a number of very good resources for the new user, such as
Kathy Miles and Ethan Metsger's "Everyday Linux" (on-line at everydaylinux.com.)
There will be future installfests, since this was such a success. CCLUG has also started a
mailing list (find out more info at http://linux.axs.org.) The website also contains
information about future meetings and contacts.
Next month's meeting is scheduled for May 1st, 7pm at the library. This meeting will be a talk
by Jeff Dean who wrote the book "LPI in a Nutshell". If you, or anyone you know is considering
working with linux as a career, you'll want to hear this talk. LPI is the Linux Professional
Institute and they offer certifications in linux, and linux related areas.
Kathy A. Miles
kmiles@StarrySkies.Com
For an out of this world experience visit http://StarrySkies.Com
Meetings are in the St. Augustine Center at Villanova University. The regular monthly sessions
will be meeting in Room 110.
Enter from the ITHAN AVENUE main gate, then proceed to the 2-level parking building adjacent to
St. Augustine, on the Ithan Avenue side of the building.
NOTE: maps on our webpage - http://astro4.ast.vill.edu/mlcug/
MLCUG BBS: 610-828-1359 ( 300 --> 33600 bps ), 24 hr/day
WWW: http://astro4.ast.vill.edu/mlcug/
PUBLICITY: Robyn Josephs 610-565-4058
DISK ORDERS: Charlie Curran 610-446-5239
VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy
MLCUG STEERING COMMITTEE:
PRESIDENT: Emil Volcheck 610-388-1581 SECRETARY: Charles Curran 610-446-5239
TREAS/MEMBERS: Dewitt Stewart 610-623-5145 SYSOP/AMIGA SIG: John Deker 610-828-7897
INTERNET/Linux:Peter Whinnery 610-284-5234 DATABASE: Layton Fireng 610-688-2080
AT LARGE: Tom Johnson 610-525-3440 AT LARGE: John Murphy 610-935-4398
ANNOUNCEMENTS & COMMENTS
########################################
VIRUS WARNING! - from p.1
---------------------------------------
Symantec has released a free cleaning program for the "W32.Klez.gen @mm" virus. The cleaner
is available from:
W32.Elkern.3326
W32.Elkern.3587
W32.Elkern.4926
which will then infect the system.
This message has been scanned for viruses and dangerous content by MailScanner, and is believed
to be clean.
RESCUE YOUR WINDOWS PRODUCT KEY
LAST MONTH'S PC/128/64 MEETING
****************************************
Can you trust important data to CD-Rs?
HOAX FUN :-)
EPCC Linux SIG and Chester County
Linux Users Group (CCLUG)
DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM
PC/128/64 Meetings 2002 Steering Committee Meetings
May 11 May 15
June 8 June 12 **
July 13 July 17
* = first Saturday ** = second Wednesday at Tom Johnson's home
***************************************************************************************
EDITOR: Emil J. Volcheck, Jr. 1046 General Allen Lane West Chester, PA 19382-8030
(Produced with C-128D/SCPU 128, RAMlink, HD-40/85, 1571, FD-4000, THE WRITE STUFF 128, XETEC
Super Grafix, Canon BJ-200ex, Swiftlink and Motorola 288 modem)