DENIAL OF SERVICE

Aurora Networks, "Aurora - part of the ABI Network." [as their pop-ups proclaim]. A trace identifies themselves as Internet address: 216.130.188.200. See Exhibit __

In addition, they have enabled an algorithm causing a user's mouse-click to seek out an ad page of their choice before reaching the web page originally selected. My experience is that I get nearly half-a-dozen ads before I am able to resume the duties I had originally intended. Only by constantly hitting "ESC, ESC, ESC" or clicking the "red 'X'" am I able to get out. It has opened as many as 106 individual IE windows.

This product purports to repair damaged hard drives and files and is also made to look like an emergency bulletin from Microsoft, Inc. It is designed to be deliberately difficult to exit from. The uninformed user might accidentally purchase their product due to confusion.

After successfully exiting the Aurora (Webair Internet Development Inc., 333 Jericho Tpke., Suite 200, Jericho, NY 11753) "net," I clicked on my Google link. Before I was able to get there, Aurora (or whatever name they go by) slipped in again and started the interruption process all over again.

I have found that spoofed links have been linked to various advertisers. The word 'travel' anywhere in the html will supply an endless series of annoying ads from every casino in North America, Caribbean vacation, etc. The word 'paper' offers the unwary browser many subscription opportunities with world-wide newspapers and media junk.

These advertisers probably have no knowledge of the illegal way their products or services are being used. I have seen religious and charitable organizations being advertised and know they would not approve of the use of their organizations in this manner.

It is likely that I will be taking legal action against the individual or individuals responsible for infecting my computer with a program that takes away the use of my legally-obtained browser and prevents me from doing my volunteer work on my own computer.

The following Exhibits show the stages in which my computer was disabled. Beginning on or about July 14th, the following screens show how a steady bombardment of pop-up ads and unwanted junk stopping normal Internet communication.

Exhibit-1 (JPEG) shows a page that was e-mailed to me to confirm what I suspected: this virus virus/Spyware is truly evil. All the green links are to ad sites. Even the Lutheran Church and Ancestry.com have appeared, unwanted on my screen. It searches out htm's and writes to many different.

Exhibit-1a - (JPEG) This page has been edited to illustrate what the link titles are. Note: the upward-pointing finger will not screen-copy.

Exhibit-2 - (JPEG) And here's the hook. An "extortion" screen pops up and tries to scare the user to remove the virus their friends have planted. Whether or not, the user clicks OK or cancel, the next screen they see is this one.

Exhibit-2a - (JPEG) If the user is successful in escaping from the so-called WINFIX page, it waits for the opportunity to spring one last dire warning.

Exhibit-3 and Exhibit-3a - (JPEG) These are a few of the popup_ads which cascade the screen. As many as 106 windows have opened during a single session.

After a very difficult week, I was able to resume meaningful activity on the web. My machine was infected by a very malicious code that parsed URLs to various words on my web page and every web page I visited.

It took three days to recognize the problem and remove it. I spent six straight hours with an expert who slowly and laboriously removed the diabolical code.

One remarkable thing was the deliberate and malicious act of redirection. The attached example will show: a.) my expert witnessing this brazen DENIAL OF SERVICE. Exhibit-4 - (JPEG) . Also, Winfixer is often used to redirect: and Exhibit-5- (JPEG)

While I still suffer from redirection, pop-ups and the inevitable Winfixer Spy, I don't have new URLs appearing on my web pages.

This has been monitored by Norton Anti-Virus 2005 and Spy-Bot latest version. Neither of this caught the infection. Even after cleaning up the mess, I used Norton Virus Scan and got the following result. Exhibit-6 - (JPEG)

While trying to run Norton, the ubiquitous Winfixer attempts to confuse the user with a spoof page. Exhibit-7- (JPEG) See of you can pick the REAL Norton page. Exhibit-8 - (JPEG)

I still have pop-ups appearing on my screen. I decided to go after the advertisers. Ancestry.com, still one of the worst offenders, quickly contacted me and has referred the matter to their legal department. As quickly as I can take screen shots, I am working on one advertiser at a time. Some, like the weasels at Winfixer, are part and parcel of the scheme. They try to take advantage of the trusting and those who lack computer expertise.

Today, I am adding another character to the Denial-of-Service HALL OF SHAME:

And that would be: Mike Jones [hostmaster@zacks.com] at Suite #300, 155 N. Wacker Drive, Chicago, 60606.

I found it necessary to compose a form letter to the advertisers who pop up on my screen. Most are probably unaware of the scheme, except perhaps for Winfixer. Here it is:

Dear illegal advertiser,

Pop-up advertisements promoting your Internet entity have been involuntarily appearing on my personal computer screen for several weeks. I have already taken action against the perpetrators of this Spy/Adware worm infecting my computer. I am currently documenting your connection with them and your degree of involvement.

Denial of Service has been adjudged to be a criminal offense. Any and all participants are liable for damages, regardless of any claimed denial or knowledge or degree of participation.

I urge you to read the Carnegie-Mellon University certification of Denial of Service at: http://www.cert.org/tech_tips/denial_of_service.html.
This is considered to be the "Word of Law." All cases of juris prudence refer to this study.

By allowing your advertising broker to promote your web site on the basis of "$ per hit" you are participating in a scheme known as DENIAL OF SERVICE to the ultimate user. It is impacting me and I intend to pursue this matter as far it takes to gain legal relief against you.

I am reporting you, your Internet Provider, your domain holder to the entire Internet about your participation in my personal case of Denial of Service. I am also making a complaint with the FBI and all appropriate regulatory agencies.

Instead of instantly closing your annoying pop-up, I decided to follow your trail. I found it and I am including documentation on my web page in order to illustrate your complicity.

This special feature shall be known as the
Denial of Service Hall of Shame

This page includes a trace of your registry. Please read the latest report which should certainly concern you.

In the event that you are not involved in this scheme, I will be happy to apologize for suggesting that you were helping to promote illegal commerce. On the other hand, if you have no involvement, you have a responsibility to disassociate yourself from those who don't care if your corporate name comes to be totally hated and reviled by pop-up viewers.

Any further pop-up images attempting to portray your advertising on my screen shall be construed as an attack against my privacy and a violation of the "Denial of Service" statute, found both in case law and state and federal statutes. Monetary damages have been awarded, both compensatory and punitive.

I intend to vigorously pursue this case.

--Derick S. Hartshorn

Please beware of "Aurora - part of the ABI Network." Search it on Google. Something wrong here!