"Norton Anti-Virus Programs"
or it is at: http://www.symantec.com/avcenter/hoax.html

"CIAC"
or the page is at: http://www.ciac.org/ciac/CIACHoaxes.html

Another reliable one is: "MYTHS"
or it is at: http://www.kumite.com/myths/

Another very good and well known one: "DATAFELLOWS"
or it is at: http://www.datafellows.com/news/hoax/

And last but not least.. Dr. Solomon's (another well known one) at: "DR. SOLOMON'S"
or it is at: http://www.drsolomon.com/vircen/index.cfm

AN EXCELLENT NEWSLETTER TO GET IS "STRAIGHT TALK ACROSS THE FENCE"
I get the majority of my information from them and it is right on
track and up to date. You can sign up for their newsetter at:

http://straighttalk.8m.com
"STRAIGHT TALK ACROSS THE FENCE"

HACKERS INFORMATION
http://antionline.com/fight-back/
"HACKERS INFORMATION" Everyone should check this site out!

******************************************************

NEW VIRUS ALERT AND AN IMPORTANT MILESTONE - READ THIS - DATED NOVEMBER 10TH, 1999

I would like to thank both Suzuki and John H. for bringing this to my attention so fast. Please read the below info and my additional comments below.

Virus Name: VBS/Bubbleboy
Date Added: 11/8/99

Virus Characteristics: This is an Internet worm that requires Internet Explorer 5 with Windows Scripting Host installed (WSH is standard in Windows 98 and Windows 2000 installations). It does not run on Windows NT due to hard-coded limitations. The Internet worm is embedded within an email message of HTML format and DOES NOT CONTAIN AN ATTACHMENT!!!!. This worm is written in VB Script.

There are two variants; the .b variant is encrypted.

In MS Outlook, this worm requires that you "open" the email. It will not run if using "Preview Pane".

In MS Outlook Express, the worm IS activated if "Preview Pane" is used!

In both the above, if security settings for Internet Zone in IE5 are set to High, the worm will not be executed. The vulnerability exploited by this worm has been addressed by Microsoft with a security patch. Installing this Internet Explorer patch will prevent the execution of this worm under default security settings.Network Associates recommends to apply this patch for all desktops running IE.

Microsoft "scriplet.typelib/Eyedog" Patch

After the VB Script executes, it writes the file UPDATE.HTA to the local machine and during the next Windows startup, the .HTA file is invoked.

The UPDATE.HTA file is coded to do the following-
* Change the registered owner via the registry to "BubbleBoy"
* Change the registered organization to "Vandelay Industries"
* Send itself embedded in an email message to EVERY contact in EVERY EMAIL ADDRESS BOOK of MS Outlook
* Sets the registry key to indicate that the email distribution has occurred. (Email distribution will not be repeated.)

The email is a message with the following information:
From: (person who sent worm unintentionally)
Subject: BubbleBoy is back!
Message Body: The Bubble Boy incident, pictures and sounds
http://www.towns.com/dorms/tom/bblboy.htm
This is not a valid web page.

Indications Of Infection
Registry key modification: HKEY_LOCAL_MACHIN\Software\OUTLOOK.BubbleBoy\ =OUTLOOK.Bubbleboy 1.0 by Zulu or HKEY_LOCAL_MACHIN\Software\OUTLOOK.BubbleBoy\ =OUTLOOK.Bubbleboy 1.1 by Zulu HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RegisteredOwner= Bubbleboy HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RegisteredOrganization = Vandelay Industries

Method Of Infection:
This worm creates the file"UPDATE.HTA" in the "C:\windows\start menu\programs\startup" folder. Upon Windows startup or restart, the worm code is invoked.

Virus Information Discovery Date: 11/8/99
Type: VBScript
Risk Assessment: low
Minimum DAT: 4052 (Available 11/18/99)
Variants .A, .B
Aliases: VBS/Bubbleboy

I would like to add here that Znet says that this is an annoyance virus and will not damage your compuer that it knows of. BUT...... BIG BUT..... THIS IS A SCARY THING BECAUSE THIS VIRUS IS THE FIRST ONE THAT DOES NOT NEED AN ATTACHMENT TO INVADE YOUR COMPUTER! REPEAT..... IT DOES NOT REQUIRE YOU TO OPEN AN EXECUTABLE FILE! Even IF this is just a nusiance virus it is a very good thing to be aware of what is going on! Every once in a while check out one or two or even three of the sites that are at the top of this page and keep alert to what is going on in the world of computers and virus's. Be prepared and protect your files.

**************************************************

HOAXES

There are many Internet hoax messages that circulate by e-mail, warning about viruses that simply don't exist! There are certain characteristics common to hoax messages, regardless of their name : They are the following:

(1) They are usually panicky, claiming that some new virus will "destroy everything" There are some viruses that can, but most can't.

(2) It claims that Microsoft, IBM, AOL, Compaq, the government, or some other prominant placehas announced it. These places do not make these kinds of announcements! If Microsoft does it does it on it's own site. It does not have you send them out all over the place through your email.

(3) It urgently states that you should pass the warning on to everybody else you know! Which is exactly how you received it....

Most of the hoax messages typically warn of disaster if you even simply READ a suspicious email message, and that is impossible. The truth is, there's no way reading an text-only (ASCII) message could spread a virus to your computer, because viruses CANNOT infect text messages. Viruses infect only the code that a computer or application reads--not plain text.

So... please, for everyone's sake... don't pass these kinds of things around! Don't hit everyone on your email lists with these things.

  *****************************************************

 STEATH VIRUS

What makes stealth viruses so special that some antivirus programs boast about their ability to deal with them? While most viruses are not obvious, stealth viruses go one step further, because they include programming tricks specifically designed to conceal their presence in memory or changes they've made on disks.

These techniques may be complex, affecting files and disk sectors , or special system functions used by DOS/Windows, antivirus software, or utility programs. Or they may be simple tricks, such as a virus that shows no file-size increase at all and inserts itself within a file, rather than attaching at the beginning or end.

One type that uses a simple technique searches for and infects only files that have unused space large enough for its code. Another type inserts its code into the nearly empty space of EXE headers. In both cases, the size of the file remains unchanged.

  ****************************************************

AVOIDING ZIPPEDFILES/EXPLOREZIP

Considering the damage this program causes to important user-generated files, and the fact that happy99.exe and Melissa preceded it and other evilware will no doubt follow it, prudent users need to be very careful with files attached to e-mail messages.

Now that such programs can masquerade as coming from a friend or coworker, users now must realize that opening or running any file attached to an e-mail message that contains, or could contain, an executable file or a macro is riskier than ever before.

While it is still safe to read the text message, you should not open or run attached files until you are satisfied that a person you know actually sent them. Scanning such files first, while not an absolute guarantee of safety, is a must. If there's any doubt, the only absolute guarantee of safety is to delete the file, whatever it is and whomever it's from.

  ***************************************************

WARNING.....

Hi! I received this and really don't know how much truth there is to it but considering the dirtbags out there today this would not surprise me at all if it were happening so I am passing it on just in case.........

Someone claims to have received a Fraud Warning with their credit card statement - it seems that a popular scheme now is people posing as reps of credit card companies and calling people to update files, ensure that they are Y2K compliant, sell Y2K products... anyway, they trick you by asking you questions to verify that you are the account holder (i.e. SIN , Mother's maiden name, etc) - this usually will give them enough info to access your account - so, beware!

LISTEN EVERYONE.. NEVER, EVER GIVE OUT INFORMATION LIKE THIS OVER THE INTERNET, THROUGH EMAIL OR OVER THE PHONE. IF SOMEONE ASKS YOU FOR THIS KIND OF INFORMATION SIMPLY ASK THEM WHO THE WORK FOR, FOR THEIR EMPLOYEE'S # AND THEN TELL THEM TO TELL YOU THE INFORMATION THEY HAVE AND YOU WILL VERIFY IT IF IT IS CORRECT! OF COURSE, THEY WILL NOT HAVE ANY INFORMATION TO VERIFY WITH YOU THIS WAY. STILL DON'T DO IT BUT IT MAY PUT A SCARE INTO THE MORONS!

 ***********************************************