| August 2002 | Issue 243 |
MEETING STARTS - 09:30 - AUG 10 th
Members Helping Members!
For August, we'll start off with a brief round of announcements and/or tidbits.
Then, we'll followup on the virus/worm happenings in the last month or so. As noted elsewhere in this issue, viri and/or worms have been getting around to our members way beyond our previous experiences. A major element of protection (a subject that we plan for a soon upcoming meeting) is your anti-virus software. To aid folks in getting setup, two things are in place:
First, as noted on p.2, the latest version of Norton Anti-Virus is available quite cheaply and we suggest members take advantage of the situation before it vanishes.
Second, the first main program item for August will be a real-life demo of initially installing NAV and readying it for first use. We urge all our members to come for this one!
Depending on how the demo goes - and assuming there are no major glitches - we'll have time to do some problem-solving Q & A.
We also have a couple more tutorial items to give a go on:
1) a set of videotapes and 2) another CD-based program. We'll take a look.
Or, at least, so we thought! Here is a selection from a recent posting, by yours truly, to the MLCUG mailing list.
"As John Murphy had indicated at our last meeting, someone - most likely on the mailing list - had a PC infected with the Klez worm. Initial indication was that David Reese's PC was the one. But, tests and detectiving showed it was NOT his machine. [cont.]
########################################
NORTON ANTI-VIRUS - I got an OEM CD of Norton Anti-Virus 2002 for the princely sum of $10. I am
expecting to order some stuff from that vendor and wonder if anyone else might like one of these
CDs. The $10 would be the total cost, incl. S&H - as long as you could pick it up at a meeting.
Otherwise, there'd be another buck to mail it.
I'm hoping to promote this utility as a sort of "supported standard" and urge all our members to
participate. See the meeting notice on p.1 for more.
UTILITY CD - recently, I got a copy of a "Must Have" utility CD - assembled by a local guru, who
conducts a computer forum at the WC Senior Center. It contains over a dozen handy freeware
utilities - put together for easy installation, with instructions. The CD also contains some
other interesting and fun stuff.
I'll bring it to the August meeting to let folks take a look. It is available for $10, which
makes it a real bargain, considering the effort that has gone into assembling it. Keep this in
mind, as I'll take orders for it ...
NEW/NOVICE USERS - as should be evident from recent activities of MLCUG, we have started some
new ways of trying to provide more assistance to our N/N members. But, we are sure there will
be changes needed. So, after trying out the changes, give some thought to how they can be
improved. If you have any suggestion(s), please bring them up at meetings (the sooner, the
better) or get them to a steering committee member (see p.7 for names).
USEFUL BOOTABLE CD-R - a recent message on the listserv mentioned the idea of designing (and
distributing?) a useful, emergency boot CD-R (as an alternate to the floppy boot disk which has
very limited capacity). The question then arose of what utilities should be added to make a
bootable CD useful? That may be a topic for discussion in upcoming meetings; so give it some
thought and pass on the ideas.
NOTE: no suggestions have yet been made!
REMINDER - Attendees know that we have a very fast internet connection from the VU meeting room!
So, if you have a very large download, you could bring along a zip disk (or maybe a CD-R) and
get it done there, either before or after the main meeting.
LUNCH - a half dozen or so of the regular attendees, usually partake of lunch at the Villanova
Diner after the meeting. Why not join us? It is a good time to get a little more help (or give
it) and just to have fun talking about our common interests. The food is quite good, too!
****************************************
Infection from p.1
(cont'd)
A few days later, John got further indications that pointed right to member Bill Folger's PC -
Bingo!
This evening, Bill brought his HP Pavillion over to my place. We hooked it up (but not to my
home network, nor the internet) and did some looking. Sure enough, he had got info from another
ISP that he was sending out email with the Klez worm included...
Prior to Bill's coming over, I had downloaded the Klez removal tool from the Symantec website -
a small utility called "FixKlez.com".
We ran it on Bill's machine and it reported that it was unable to remove the Klez worm. It had
disinfected 28 files - but there was one infected file that it could not undo (presumably an in-
use Windows file).
It said we should go into SAFE MODE and re-run the tool. That proved not to be easy...
I tried all the usual ways to get into safe mode and the HP refused to do it.
So, I tried running the tool in DOS - no dice. It said that it would not run in DOS mode!!
So, we went back into windows and I fired up "msconfig". It provided a route to force the PC to
display the "Windows Start Menu" which lets you go to safe mode. It did and let us re-run the
removal tool.
This time we got the report that the Klez Worm had been successfully removed - the one file (out
of more than 47 thousand files on the PC) had been removed (or disinfected)!!
Then, we installed Norton Antivirus 2002 on his machine. He'll get the definitions updated and
endeavour to keep his machine clean.
Hopefully, that will work and we'll be past this incident.
Thanks to the folks who watched, noted and checked.
Addendum: subsequent to posting the above tale on the list, we have been unable to determine
where Bill's infection came from. If we find out, we'll share the info with all.
****************************************
For July, we had about 18 attendees (and only 16 seats; so we have to round up replacements for
some of the former 20 or so seats that used to be in the room). Member, Bob Kanach, who has not
been to a meeting for some time, attended - hopefully, we'll see Bob at future meetings.
When we started the announcements round, the subject of email viri quickly came up. And, John
Murphy told us that he had just got a notice from Symantec that an email attachment had been
sent to him from one of our members and it had a virus in it! John described the email virus
scanning that he set up for the small company he works for - via the Norton Anti-virus (NAV)
software they use. We will try a demo of this detection mode at a future meeting - using NAV
2002 (which is to be installed on the club PC).
Later in the meeting, when we did a "virus definition" update in response to a question, we
found that Symantec (the NAV vendor) has been updating their definition file every other day
recently!! There must be a LOT of malicious activity on the net !!
The virus that John received was a variant of the Klez virus/worm that has been getting a lot of
publicity lately. He passed around a printout from the Symantec website (a separate message has
more on this worm).
Between the porn, get rich and virus-laden messages, it's getting hard to find a really useful
email message!!
Along the same lines, another question related to spyware and we reminded folks that you can do
a free download (from www.lavasoftusa.com/) for their Ad-Aware spyware detector. Tom Johnson
reported that he just got the latest update on that one - and found 3 spyware apps inhabiting
his system...
To further add to the hazards of this hobby, we next turned to our final episode from the
"Discovering Your Hard Drive" tutorial CD. This one devoted to "Backing Up Your Hard Drive".
The presenter noted that you were either one who had had a hard drive crash, or will have one -
not whether, but when being the only unknown. He strongly recommends basing your backup
strategy on having a pair of similar hard drives and setting them up in a unique arrangement
that protects against loss of either drive (and, with some further manuevers, against
simultaneous failure of both).
Yours truly plans to set up a PC according to the strategy - using the Drive Image and
DataKeeper software from PowerQuest - and I'll report on it when that occurs. But, if anyone
else does it, let's hear from them...
However, the most important messages he passed on were to:
After the demo CD and discussion on hard drives, we turned to a round table of Q&A on problems
(and problem-solving). A couple were mentioned earlier in this report, a couple of others are
be covered in separate articles.
-----
After the formal adjournment of the meeting, several of us stayed behind to devote some effort
to trying to find out the cause of non-bootability of a ca. 1996 ACER tower PC belonging to Rich
Tave. He brought it in; so we hooked her up to the club's monitor and examined away. Quite a
few tests were made, complicated by the fact that the computer is setup with Maxtor's EZ-BIOS
hard drive management software. We did not eliminate the problem, but the next step was
defined. Look for a list message from Rich on how he fares. The details of all we did are too
lengthy for "minutes", but we can regale anyone interested in them, next month(?)
****************************************
One query that came up in July, but was not addressed for lack of time relates to the oft-quoted
ism: "your hard drive has tons and tons of temp files on it that take up valuable space and you
should delete them regularly". The query was: "where are they and how do I delete them?"
At this point, we enter the realm of opinion; so what follows represents a mix of opinions, my
own and some others. Therefore, I WELCOME member's comments on what follows - mayhap there is
an MLCUG guideline we could develop!
Firstly, in these days of massive hard drives, even tons and tons of temp files (if they were
actually there) would probably not constitute a problem. BUT, if you are a good backer-up, you
will be making pointless backups of these files. So, that is a better reason for getting rid of
them - there are likely others. Of course, if you have a smaller hard drive, say under a gig or
two, then the space problem could be real.
Secondly, where are they? Here there may be places other than what I list; so chime in, if you
are aware of them.
It is a good idea, tho, to limit how much disk space these files are allowed to occupy. How you
do that is specific to the brand of browser that you use. We can cover the process, for anyone
interested, in an upcoming meeting - just let us know if the need is there.
Incidentally, my not-extensive experience is that the default setting for IE is a bit more
wasteful than Netscape, but that deficiency (if you call it that) is equally easy to remedy.
Any comments, additions, corrections?
****************************************
One other query regarding "temporary" files related to the Windows "swap file". This is a VERY
LARGE file and does take up a potfull of hard drive space (for example, it is currently 65 MB in
size on the PC that I'm typing this message on). It can easily be more than 100 MB in size!
This file is deletable at your EXTREME PERIL!
Windows uses this hard drive space to stash stuff that currently does not fit in your RAM
memory, but that Windows needs. Windows will be crippled, if the file is set to be eliminated
(and Windows will let you know about that, if you try to set its size to zero!!!).
For efficiency, the gurus recommend, however, that you may want to fix the size of this swap
file and leave it permanently in one spot. Windows generally keeps changing the size; so it can
become fragmented and time consuming for Windows to manage it. The are rules-of-thumb as to
just how to do that; so we could cover the topic in a meeting - especially if we can tap
variuous folks feeling about those "rules".
It is also possible to have some control over those temp files that were mentioned in the
previous item, especially those that tend to go into the C:\WINDOWS\TEMP folder. But, I'm not
sure the effort is worth anything, unless you are really short of space on your C drive and
would like to have them go to another drive with more space. The same could be done for the
swap file.
Followup questions are invited next time.
****************************************
Here's a bit of humor that came to me via Jim Anderson, editor of the CCAS newsletter,
Observations:
-----Forwarded Message-----
REMAINING U.S. CEOs MAKE A BREAK FOR IT
Band of Roving Chief Executives Spotted Miles from Mexican Border. San Antonio, Texas (Routers)
Unwilling to wait for their eventual indictments, the 10,000 remaining CEOs of public U.S.
companies made a break for it yesterday, heading for the Mexican border, plundering towns and
villages along the way, and writing the entire rampage off as a marketing expense.
"They came into my home, made me pay for my own TV, then double-booked the revenues," said
Rachel Sanchez of Las Cruces, just north of El Paso. "Right in front of my daughters."
Calling themselves the CEOnistas, the chief executives were first spotted last night along the
Rio Grande River near Quemado, where they bought each of the town's 320 residents by borrowing
against pension fund gains. By late this morning, the CEOnistas had arbitrarily inflated
Quemado's population to 960, and declared a 200 percent profit for the fiscal second quarter.
This morning, the outlaws bought the city of Waco, transferred its under-performing areas to a
private partnership, and sent a bill to California for $4.5 billion.
Law enforcement officials and disgruntled shareholders riding posse were noticeably frustrated.
"First of all, they're very hard to find because they always stand behind their numbers, and the
numbers keep shifting," said posse spokesman Dean Levitt. "And every time we yell 'Stop in the
name of the shareholders!', they refer us to investor relations. I've been on the phone all d---
morning."
"YOU'LL NEVER AUDIT ME ALIVE!"
The pursuers said they have had some success, however, by preying on a common executive
weakness. "Last night we caught about 24 of them by disguising one of our female officers as a
CNBC anchor," said U.S. Border Patrol spokesperson Janet Lewis. "It was like moths to a flame."
Also, teams of agents have been using high-powered listening devices to scan the plains for
telltale sounds of the CEOnistas. "Most of the time we just hear leaves rustling or cattle
flicking their tails," said Lewis, "but occasionally we'll pick up someone saying, 'I was
totally out of the loop on that.'"
Among former and current CEOs apprehended with this method were Computer Associates' Sanjay
Kumar, Adelphia's John Rigas, Enron's Ken Lay, Joseph Nacchio of Qwest, Joseph Berardino of
Arthur Andersen, and every Global Crossing CEO since 1997. ImClone Systems' Sam Waksal and
Dennis Kozlowski of Tyco were not allowed to join the CEOnistas as they have already been
indicted.
So far, about 50 chief executives have been captured, including Martha Stewart, who was detained
south of El Paso where she had cut through a barbed-wire fence at the Zaragosa border crossing
off Highway 375.
"She would have gotten away, but she was stopping motorists to ask for marzipan and food
coloring so she could make edible snowman place settings, using the cut pieces of wire for the
arms," said Border Patrol officer Jennette Cushing. "We put her in cell No. 7, because the
morning sun really adds texture to the stucco walls."
While some stragglers are believed to have successfully crossed into Mexico, Cushing said the
bulk of the CEOnistas have holed themselves up at the Alamo. "No, not the fort, the car rental
place at the airport," she said.
"They're rotating all the tires on the minivans and accounting for each change as a sales
event."
****************************************
by Stan Grabowski
[From TechRepublic comes this neat download for Keyboard shortcuts in Microsoft programs]
Download our popular shortcuts list, which includes several shortcuts for Microsoft Word 97,
Microsoft Excel 97, Internet Explorer, and Microsoft Windows 98/98SE:
http://clickthru.online.com/Click?q=62-4oBiIePwUO3dGiZG9XLIKk-tB9uR
DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM
Meetings are in the St. Augustine Center at Villanova University. The regular monthly sessions
will be meeting in Room 110.
[The map goes HERE!]
Enter from the ITHAN AVENUE main gate, then proceed to the 2-level parking building adjacent to
St. Augustine, on the Ithan Avenue side of the building.
NOTE: maps on our webpage - http://astro4.ast.vill.edu/mlcug/
* = first Saturday ** = second Wednesday at Tom Johnson's home
***************************************************************************************
EDITOR: Emil J. Volcheck, Jr. 1046 General Allen Lane West Chester, PA 19382-8030
(Produced with C-128D/SCPU 128, RAMlink, HD-40/85, 1571, FD-4000, THE WRITE STUFF 128, XETEC
Super Grafix, Canon BJ-200ex, Swiftlink and Motorola 288 modem)
MLCUG BBS: 610-828-1359 ( 300 --> 33600 bps ), 24 hr/day
WWW: http://astro4.ast.vill.edu/mlcug/
PUBLICITY: Robyn Josephs 610-565-4058
DISK ORDERS: Charlie Curran 610-446-5239
VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy
MLCUG STEERING COMMITTEE:
PRESIDENT: Emil Volcheck 610-388-1581 SECRETARY: Charles Curran 610-446-5239
TREAS/MEMBERS: Dewitt Stewart 610-623-5145 SYSOP/AMIGA SIG: John Deker 610-828-7897
INTERNET/Linux:Peter Whinnery 610-284-5234 DATABASE: Layton Fireng 610-688-2080
AT LARGE: Tom Johnson 610-525-3440 AT LARGE: John Murphy 610-935-4398
ANNOUNCEMENTS & COMMENTS
########################################
LAST MONTH'S PC/128/64 MEETING
****************************************
If any members have experiences to share, please feel free to do so on our list or at future
club meetings. Incidentally, I will have the CD at future meetings, in case there are
questions, or anyone would like to see any re-runs.
Those TEMP Files
Conventional wisdom is to delete all these files. Usually, a caveat is applied: EXCEPT any of
the files that carry "today's" date (whatever the "today" it is that you are performing the
delete task on).
My personal position is to forget about the first group of files. As soon as you go on the net,
after deleting those TIF or cache files, the folders will rapidly fill back up; so the space
saving is very "temporary"!
More TEMP Files
YOU CAN STILL LAUGH
Sent: Tuesday, July 02, 2002 9:05 AM
--
Patrick Eagan Ph.D., P.E.
Associate Professor
Engineering Professional Development
University of Wisconsin-Madison
DOWNLOAD OUR KEYBOARD SHORTCUT LISTS
PC/128/64 Meetings 2002 Steering Committee Meetings
August 10 August 14 **
September 14 September 18
October 12 October 16