Main Line Computer Users Group


May 2002 Issue 240

VILLANOVA UNIVERSITY, ST. AUGUSTINE CENTER

MEETING STARTS - 09:30 - MAY 11 th

Members Helping Members!

THIS MONTH'S CONTENTS


MAIN LINE PC/128/64 USERS - Room 110

Attendees may recall that our connection to the internet from the VU meeting room is VERY FAST! If you have a very large download, you could bring along a zip disk (or maybe a CD-R) and get it done either just before the meeting, or just after.

We'll start things off with any special announcements. Then I want to have a discussion on any questions you may have about networking (to the internet, around the home) in preparation for the June meeting which will be devoted to that subject. We'd like to try to cover the missing links.

Tuning & Tweaking are constantly getting written up. How about your questions, your favorite tweaks or tweakers (like the old standys Scandisk, Defrag or TweakUI itself)?

Security has been the theme of the last couple of meetings and is featured in this issue, too. Do attendees need any more general or specific info on dealing with the bumper crop of "malicious code" going around, surely some MLCUG members have experiences to share!

Then we can pick up another go-round of Q & A. Including some further input on better helping our new/novice/inexperienced members.


SUBJECT: VIRUS WARNING !!

Don't be fooled by an e-mail that is making the rounds. The subject is "Worm Klez.E immunity". Klez.E is a very malicious worm that was first detected in January.

The body of the email message is:

"Klez.E is the most common world-wide spreading worm. It's very dangerous by corrupting by corrupting your files. Because of its very smart stealth and anti-anti-virus technic, most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once, and then Klez will never come into your PC. [cont'd.]

########################################
ANNOUNCEMENTS & COMMENTS
########################################

20 YEARS! - just a tip of the hat to the passing of the 20 year mark for MLCUG. In April of 1982, about a dozen folks had a meeting at the former Main Line Computer Center, on Lancaster Avenue in Wayne PA. The upshot of that meeting was the decision to give a go for a users group to support folks who wanted to be able to do more with their Commodore PET and VIC personal computers. It was not until June of 1982 that the first formal meeting of MLCUG was held in the classroom in the basement of the Computer Center.

The club grew very rapidly and we soon outgrew the classroom, then the meeting room adjacent to it. Fortunately, Prof. Frank Wunderlich of the Physics Department of Villanova University offered to arrange our use of a lecture room at the University. We made the move and have been there ever since, more than 19 years!

We have been well treated by VU and our later sponsor, Prof. Frank Maloney of the Astronomy Department (who was a recognized GEOS guru when he took MLCUG under his wing).

Altho the Commodore machines get minimal use by current members, we hope we can continue to provide support for users of other platforms - as we have been doing for about the last five years or so.

Tell folks about us, we're here to help. AND, unfortunately, with the advance of "user friendly" computers, most folks need the HELP!

TRENTON COMPUTER FESTIVAL - the TCF 2002 is scheduled for May 4-5 at the NJ Convention Center in Edison NJ. If any members make it to the event, how about giving us a snapshot summary at our May meeting? If something especially noteworthy happens there, we'd sure like to publish on it for our June newsletter - hint?

NEW/NOVICE USERS - your steering committee is STILL seeking member input on how we can better help the N/N members of MLCUG. We have not heard really any input from folks on how to deal with their needs - as an ongoing activity. But, be sure to see the critical tip on p.4! We know there are questions folks come away with from the meetings. How might we best approach giving better answers? If you have any suggestion(s), please bring them up at meetings (the sooner, the better) or get them to a committee member (see p.7 for names).

LUNCH - a half dozen or so of the regular attendees, usually partake of lunch at the Villanova Diner after the meeting. Why not join us? It is a good time to get a little more help (or give it) and just to have fun talking about our common interests. The food is pretty good, too!


VIRUS WARNING! - from p.1

NOTE: Because this tool acts as a fake Klez to fool the real worm, some AV monitor maybe cry when you run it. If so, ignore the warning, and select 'continue'. If you have any question, please mail to me."

The attached "tool" was none other than Klez.H, the latest variant of the Worm Klez.A, which was initially encountered in October 2001. According to MessageLab's VirusEye (www.messagelabs.com/VirusEye/), at 9:21 A.M. Wednesday, April 24, the online e-mail security provider had encountered nearly 24,000 Klez.H infections in the previous 24 hours. By comparison, Klez.E, the last version, was down to 1,065 infections.

[The receipt of this message was accompanied, almost simultaneously, by this notice sent out by the Bee.Net ISP to its customers:ejv]

Attention Bee.Net Customers!

We are writing to inform you of the recent outbreak of the "W32.Klez.gen@mm" virus. This is a very large outbreak and is spreading itself throughout the Internet.

You should have anti-virus software installed on your computer with up-to-date virus definitions at all times to keep yourself protected. That along with using good judgement when opening email attachments is the best protection you can have.

As it is very easy to become infected with the "W32.Klez.gen @mm" virus, we have outlined below how to protect yourself from it and how to remove it if you have been infected.

Protecting yourself from the "W32.Klez.gen @mm" virus
---------------------------------------

1.Run "Windows Update" and install all required security patches.

2.Run Microsoft Office update (if you have MS Office installed) and install all required security patches.

3.Ensure that your virus scanner is updated with the latest virus definitions.

4.Do not open any suspicious email attachments - even if they come from someone you know.

Scanning for and removing the "W32.Klez.gen @mm" virus ---------------------------------------
Symantec has released a free cleaning program for the "W32.Klez.gen @mm" virus. The cleaner is available from:

http://securityresponse.symantec.com/avcenter/FixKlez.com

Further information about this virus, can be found at:

http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html

Further Technical Details: W32.Klez.gen@mm is a mass-mailing worm that searches the Windows address book for email addresses and sends messages to all recipients that it finds. The worm uses its own SMTP engine to send the messages.

The subject and attachment name of incoming emails is randomly chosen. The attachment will have one of the following extensions: .bat, .exe, .pif or .scr.

The worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or even preview the message. Information and a patch for the vulnerability can be found at http://www.microsoft.com/technet/security/bulletin/MS01-020.asp. W32.Klez.gen@mm attempts to copy itself to all network shared drives that it finds.

Depending on which variant of the worm, the worm will drop one of the following viruses:

W32.Elkern.3326
W32.Elkern.3587
W32.Elkern.4926
which will then infect the system.

Email spoofing Some variants of this worm use a technique known as "spoofing." If it does this, it chooses at random an address that it finds on an infected computer as the "From:" address that it uses when it performs its mass-mailing routine. Numerous cases have been reported in which users of uninfected computers receive complaints that they have sent an infected message to someone else.

For example, Linda Anderson is using a computer that is infected with W32.Klez.E@mm; Linda is not using a antivirus program or does not have current virus definitions. When W32.Klez.gen@mm performs its emailing routine, it finds the email address of Harold Logan. It inserts Harold's email address into the "From:" line of an infected email that it then sends to Janet Bishop. Janet then contacts Harold and complains that he sent her infected email, but when Harold scans his computer, his anti-virus program does not find anything--as would be expected--because his computer is not infected.

Here's to safe computing!

Regards, The Bee.Net Technical Support Team --
This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

****************************************
RESCUE YOUR WINDOWS PRODUCT KEY

[courtesy of Stan Grabowski, SWFPCUG]

[Here is a nice approach to an, at times, very vexing problem:ejv]

If you ever have to reinstall Windows 9x from a CD, one of the worst problems you can face is to find that you no longer have the original CD case and its Product Key. Without the Product Key, you may find that you cannot reinstall Windows.

However, because you were asked for the Key when you first installed Windows, it's been saved in the registry. This means that you can locate it BEFORE removing Windows from your system. Even if you are unable to start Windows, as long as you can get to the command line, you can run this on the System.dat file that's part of the registry. At a command prompt, type one of the following commands (depending on which version of Windows you are working with):

For Windows 95 installations, type:

FIND.EXE/I "ProductId" %winbootdir%\SYSTEM.DAT

The %winbootdir% should look up the folder in which Windows is installed; however, it can only do this if the system environment variable is set. If you've had to boot the computer from a floppy, then it might not be set. In that case, you should "cd" into the folder where System.dat is located and run the command from there.

For Windows 98 installations, type:

FIND.EXE/I "ProductKey" %winbootdir%\SYSTEM.DAT

The first line of the values returned should show the product key in a form similar to ?????- ?????-?????-?????-?????.

****************************************
LAST MONTH'S PC/128/64 MEETING
****************************************

The April meeting was attended by 16 members and a guest (Ryan Albert - who had learned about us from the "Computer User" newspaper).

We had a round of announcements, then picked up where we had left off at the last meeting. At that session, we had just installed Norton Anti-virus and the Zone Alarm firewall on the club PC and just checked that they ran.

This month we had a fairly long discussion on questions folks had about anti-virus software (and Norton AV in particular). I mentioned that there had been a recent notice that McAfee is pulling back from the consumer market; so it looks like their AV software may not be a good long term choice. The NAV is still well-supported and has enough sales that it will likely continue.

None of the attendees were able to report results (good or bad) from any other AV software.

The discussion on firewalls included the point that Zone Alarm is very good at stopping "spyware" and other products from doing things in the background without your knowing about it. Some products that are downloaded from the net and activated in the background are reporting to a data gathering website just about everything you do on the net. ZA can stop those shenanigans, if you wish (and I certainly do!!!).

Since the freeware version does an excellent job at controlling internet traffic into and out of your computer, there appears to be no rationale for buying one of the less capable, non-free products.

Following the discussion on the two new installs, we opened things up to security-related questions - until the queries had been exhausted.

Finally, we resumed the round-table Q&A on any other computer-related topics that were near and dear to the hearts of the attendees .... :-)

It appears that a good time was had by all.

****************************************
Can you trust important data to CD-Rs?

Back last September, PC World published this question from a guy in Hockessin DE: "Are CD-R discs a dependable medium for preserving digital photos, MP3s and other key files?"

A: most manufacturers claim their premium CD-Rs will last 100 years, if properly cared for. The Library of Congress says that if you keep the CD-R in cool, dry storage, it may last that long. BUT they give some extra tips:

1. Buy good discs - get premium CD-rs from companies that make their own. Discs from Kodak, Mitsui and Fuji were spoken highly of. Other good ones noted were from Verbatim and Maxell.

2. Do NOT use CD-RW discs - they are much less stable and much more finicky and not designed for long term storage.

3. Check your critical discs for errors - a freeware app, called CDcheck was suggested by PC World.

4. Make more than one copy - put all your archive files on at least two discs (three, if you will be accessing them a lot - one to use, two to store). Keep one archive copy in a separate location - preferably at another site.

5. Handle discs with TLC - don't touch the data side!

6. Label with care - use special markers, if you want to write on the discs.

7. Store them properly - a cool, dry, dark spot is preferred.

8. Check them regularly - every couple of years, make sure you can still read them. If you find an error, make another working copy from your second archive (and hope!).

9. MOST IMPORTANT! - if the technology is obsoleting the medium, transfer the data to a new storage device that's at least as reliable as the one it's replacing! Think where you'd be, if you had those precious files on 8-track tapes?????

****************************************
HOAX FUN :-)

[from the SWFPCUG website: www.swfpcug.org]

The following is from an email that is circulating. It is a humorous reminder of some of the hoaxes and urban legends that are around.

Working with computers has taught me so much about technology -the following sums it all up for me:

REPEAT AFTER ME: I will NOT get bad luck, lose my friends, or lose my mailing lists if I don't forward an e-mail.

I will NOT hear any music, see a taco dog, or see a cool pop up screen if I do forward an e- mail.

Bill Gates is NOT going to send me money, Victoria's Secret doesn't know anything about a gift certificate they're supposed to send me and Ford Motor Co. will not give me a 50% discount, even if I have forwarded my e-mail to more than 50 people.

I will NEVER receive gift certificates, coupons, or freebies from Coca Cola, Cracker Barrel, Old Navy, or anyone else if I send an e-mail to 10 people.

I will NEVER see a pop up window if I forward an e-mail...NEVER!!!!

My phone will not mysteriously ring after I forward an e-mail.

There is NO SUCH THING as an e-mail tracking program, and I am not stupid enough to think that someone will send me $100 for forwarding an e-mail to 10 or more people.

There is no kid with cancer through the Make a Wish program in England collecting anything. He did when he was 7 yrs old. He is now cancer free and 35 years old and DOESN'T WANT ANYMORE POST CARDS, CALLING CARDS or GET WELL CARDS!

The government does not have a bill in congress called 901B (or whatever they named it this week) that if passed will enable them to charge us 5 cents for every sent e-mail.

There will be NO cool dancing, singing, waving, colorful flower, character, or program I will receive immediately after I forward an e- mail.

The American Red Cross will NOT donate 50 cents to a certain individual dying of some never- heard-of-before disease for every e-mail address I send this to. The American Red Cross RECEIVES donations, they don't donate!

And finally, I will not let others guilt me into sending things on to my friends for fear they will think I am not their friend ... or by telling me I have no conscience or don't believe in Jesus Christ!! If God wants to send me a message, I believe the bushes in my yard will burn before He picks up a PC to pass it along .... but even if it does come by e-mail, He will send me one at which point I'm sure I will know it will be from Him. And if He does, I'm sure He will care enough to delete all those annoying forwards inside it!

Now, repeat this 4 times to yourself until you've memorized it and then send it along to at least 5 of your friends before the next full moon or you will surely be constipated for the next 3 months.

****************************************
EPCC Linux SIG and Chester County
Linux Users Group (CCLUG)

From: Chuck Peters

[The following relates to a very successful Linux Install Fest held last month at the Exton Library:ejv]

The forwarded note is a little blurb Kathy Miles wrote about what's going on with the Linux group(s).

Did you all catch the article in the (West Chester) Daily Local?

We will be putting up some pictures of last month's meeting on the website.

We have 3 more good topics planned, next month is the LPI Linux Certification. And we will be submitting more articles to the Daily Local, hope we do better than last month's attendance of 30.

Some people did express interest in doing more install fests. Perhaps we can schedule another one for a Saturday.

---------- Forwarded message ----------

From: Kathy Miles

Linux SIG and CCLUG Host Installfest

The Exton PC Council's Linux SIG and the Chester County Linux User Group teamed up on April 4th to host an installfest. About 30 people showed up bringing an assortment of desktops and laptops to install various linux distributions. It was a great success.

Linux is a free operating system developed in 1992 by Linus Torvalds. Since then, it has had contributors from around the world and has not only become a serious contendor for the server market, but is infiltrating the desktop as well.

When linux is paired with the Xwindows which is the graphical interface, it's hard to tell the difference between linux and it's Microsoft counterpart. Linux has a toolbar, desktop wallpaper and even sound events.

If there are any drawbacks to linux on the desktop, it would have to be that there are not as many applications yet, but that is rapidly changing.

There is a great office suite, called Star Office and its open source counterpart, Open Office. Both will load and save Word, Excel and other MS file formats.

There is, of course, a learning curve to linux; but with the graphical interface, it's getting easier and easier. There are also a number of very good resources for the new user, such as Kathy Miles and Ethan Metsger's "Everyday Linux" (on-line at everydaylinux.com.)

There will be future installfests, since this was such a success. CCLUG has also started a mailing list (find out more info at http://linux.axs.org.) The website also contains information about future meetings and contacts.

Next month's meeting is scheduled for May 1st, 7pm at the library. This meeting will be a talk by Jeff Dean who wrote the book "LPI in a Nutshell". If you, or anyone you know is considering working with linux as a career, you'll want to hear this talk. LPI is the Linux Professional Institute and they offer certifications in linux, and linux related areas.

Kathy A. Miles kmiles@StarrySkies.Com

For an out of this world experience visit http://StarrySkies.Com


DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM

Meetings are in the St. Augustine Center at Villanova University. The regular monthly sessions will be meeting in Room 110.

Enter from the ITHAN AVENUE main gate, then proceed to the 2-level parking building adjacent to St. Augustine, on the Ithan Avenue side of the building.

NOTE: maps on our webpage - http://astro4.ast.vill.edu/mlcug/


                  PC/128/64 Meetings  2002  Steering Committee Meetings

                      May 11                            May 15
                      June 8                            June 12 **
                      July 13                           July 17

     * = first Saturday     ** = second Wednesday at Tom Johnson's home
***************************************************************************************
EDITOR:  Emil J. Volcheck, Jr.   1046 General Allen Lane    West Chester, PA 19382-8030
(Produced with C-128D/SCPU 128, RAMlink, HD-40/85, 1571, FD-4000, THE WRITE STUFF 128, XETEC
Super Grafix, Canon BJ-200ex, Swiftlink and Motorola 288 modem)

MLCUG BBS: 610-828-1359 ( 300 --> 33600 bps ), 24 hr/day WWW: http://astro4.ast.vill.edu/mlcug/ PUBLICITY: Robyn Josephs 610-565-4058 DISK ORDERS: Charlie Curran 610-446-5239 VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy

MLCUG STEERING COMMITTEE:

PRESIDENT: Emil Volcheck 610-388-1581 SECRETARY: Charles Curran 610-446-5239 TREAS/MEMBERS: Dewitt Stewart 610-623-5145 SYSOP/AMIGA SIG: John Deker 610-828-7897 INTERNET/Linux:Peter Whinnery 610-284-5234 DATABASE: Layton Fireng 610-688-2080 AT LARGE: Tom Johnson 610-525-3440 AT LARGE: John Murphy 610-935-4398