Jump to content


Photo

Whats up with aimicons.net?


  • Please log in to reply
10 replies to this topic

#1 Venkee

Venkee

    Security Major

  • Full Member
  • Pip
  • 19 posts

Posted 07 June 2004 - 07:59 PM

http://www.originalicons.com/index.php

They wont allow you to view their menu until you put them in your trusted zone.

Heres what it says:

http://www.originali....com/enable.php (this url is safe as far as I know it just explains what to do)

Or... Heres what that page says:

You must use an Internet Explorer compatible web browser to view this website

If you are using Internet Explorer and you still can not see our menu your
security settings may be set to high. Follow these steps to correct the problem.

1. On your web browsers top menu select "Tools" then "Internet Options"
2. Click on the "Security" tab
3. Click on the Green Circle that says "Trusted Sites"
4. Click the "Sites" button
5. Type in "originalicons.com" and press the "Add" button
6. Click "OK" then "OK" again to go back to your browser.

Now click here to return and if you still do not see our menu try refreshing our page


Im going to email the webmaster and see what the deal is.
:D

#2 Venkee

Venkee

    Security Major

  • Full Member
  • Pip
  • 19 posts

Posted 07 June 2004 - 08:02 PM

I cant find an email anywhere. I hope someone here can help me ;D

#3 Venkee

Venkee

    Security Major

  • Full Member
  • Pip
  • 19 posts

Posted 07 June 2004 - 08:08 PM

I WHOIS'd the domain and got an email. I sent this letter to them:

Good day to you owner,

I have a brief question to why I must lower my security settings to allow access to your sites menu. Could you by any chance explain to me what exactly I am accepting to? I was curious of course and reluctant to do such a thing but do want the enjoy the resources of your site. I hope you wouldnt mind giving me a simple explanation and thank you for your time.

Sincerely,
Anthony

--
President of Venkee Corp
2003-2004
Technology is Power!

#4 Archon_Wing

Archon_Wing

    Donut Patron

  • Trusted Advisor
  • PipPipPipPip
  • 368 posts

Posted 07 June 2004 - 08:09 PM

...

I used Internet Explorer and it gave me that message.
I would not trust any website that demands to be put in my trusted zone ><
Rights are never important until you don't have them.

#5 Venkee

Venkee

    Security Major

  • Full Member
  • Pip
  • 19 posts

Posted 07 June 2004 - 08:12 PM

Me either.. Im just curious as to what their pulling. i used to enjoy that site a long time ago.. I fear theyve gone to the 'dark side'

#6 Tuxedo Jack

Tuxedo Jack

    Creator of TuxPE, a Cat5-o'-9-Tails, Etherkillers, and more

  • Expert
  • PipPipPipPipPip
  • 1,757 posts

Posted 08 June 2004 - 12:20 PM

I believe that they're requiring the use of Javascript in order to use their Menu.

I took a look at the source code, and it calls for menu_array.js and mmenu.js, both of which display a menu. The only thing in that that set me off are the IMSpy link near the end.

However, they're not properly coded, so they won't work in Firefox/Firebird, and as such, aren't really worthy of anyone's time.
Signature file is under revision. This will be back shortly.

#7 Archon_Wing

Archon_Wing

    Donut Patron

  • Trusted Advisor
  • PipPipPipPip
  • 368 posts

Posted 08 June 2004 - 03:03 PM

Btw, Javascript is enabled in my IE.
Rights are never important until you don't have them.

#8 Venkee

Venkee

    Security Major

  • Full Member
  • Pip
  • 19 posts

Posted 08 June 2004 - 03:08 PM

JS is enabled here too.. I think their trying to pull something more. Thanks for the replies :D

#9 Tuxedo Jack

Tuxedo Jack

    Creator of TuxPE, a Cat5-o'-9-Tails, Etherkillers, and more

  • Expert
  • PipPipPipPipPip
  • 1,757 posts

Posted 08 June 2004 - 03:39 PM

And immediately after I took a look through those files, I noticed a ZestyFind installer worming its way into my machine. Don't know how the hell it got there, since I used Firefox, but when it launched, I caught it and killed it.

It dropped an executable in C:\Program Files. I removed said executable as well as its O4 entry.

This site is now permanently in my Restricted Sites list due to that.
Signature file is under revision. This will be back shortly.

#10 Venkee

Venkee

    Security Major

  • Full Member
  • Pip
  • 19 posts

Posted 09 June 2004 - 10:08 AM

Thanks for investigating this Tuxedo Jack. Im black listing it as well..

#11 nl255

nl255

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 17 September 2004 - 12:10 AM

I get a "sorry, your browser is not win32 compatible" message, so it is definitely trying to install something. That is after it redirects to originalicons.net.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button