Site asking me to download a DLL?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • irc
    Senior Member
    • Jan 2001
    • 404

    Site asking me to download a DLL?

    There is a site that I go to frequently that asks me to download a DLL file whenever I go there. I have always refused the dowload. The code that is causing this download is:

    Code:
    <!----------begin banner stub--------->
    <iframe NORESIZE="NORESIZE" FRAMEBORDER="0" WIDTH=468 HEIGHT=60 MARGINWIDTH="0" 
    MARGINHEIGHT="0" SCROLLING="NO" SRC="http://demo-voip.rodopi.com/rbd/rbd_isapi.dll?DistID=55">
    </iframe>
    <ILAYER WIDTH=468 HEIGHT=60 >
    <LAYER SRC="http://demo-voip.rodopi.com/rbd/rbd_isapi.dll?DistID=55">
    </LAYER>
    </ILAYER>
    <!----------end banner stub--------->
    I sent an email asking their web master what it was and the explanation of it he sent me was:

    The banner stub code is added in when an html page is loaded on the ISP's
    server. All it does is control the ad banner at the top of the page. I
    have never had any problem with it on any machine I've used. Do you know
    what the something is? Let me know if it is causing you problems and I can
    investigate more for you.
    It sounds like some sort of adware/spyware from his ISP. Any idea how to figure out what exactly it is?
    Last edited by irc; Sun 24 Aug '03, 7:41am.
  • Lumina
    Senior Member
    • Sep 2002
    • 1152
    • 3.5.x

    #2
    Use a proxy to ignore all iframe/ilayer contents, advertising, etc.
    I use Proxomitron : http://www.proxomitron.info/
    Lumina, aventurière des mondes fantastiques et petite rédactrice au grand cœur
    Cœur Lumière - vBulletin-fr
    Join the vBulletin French community social group!

    Comment

    • irc
      Senior Member
      • Jan 2001
      • 404

      #3
      I don't have a problem avoiding it. But someone has put a link from my site to their site and I'm alarmed that my less net-savvy users might be sent somewhere where they will download spyware. Should I be alarmed?

      Comment

      • CeleronXT
        Senior Member
        • Mar 2002
        • 3217

        #4
        Even if it's not harmful, I still don't want DLL's from other sites floating around my machine.

        Whether to be alarmed or not depends on who you are. If you're me, then you're alarmed. If you don't care about generally useless DLL's in your machine, then you shouldn't be.
        "63,000 bugs in the code, 63,000 bugs, you get 1 whacked with a service pack, now there's 63,005 bugs in the code."
        "Before you critisize someone, walk a mile in their shoes. That way, when you critisize them, you're a mile away and you have their shoes."
        Utopia Software - Current Software: Utopia News Pro (news management system)

        Comment

        • pedro_gb
          Senior Member
          • Jul 2000
          • 120

          #5
          It looks like a simple and harmless webpage with the .dll extension... And since that is a Windows machine, I guess it is the method they're using to dynamically generate the page.

          Pedro.

          Comment

          • rylin
            Senior Member
            • Jan 2001
            • 1067

            #6
            Originally posted by pedro_gb
            It looks like a simple and harmless webpage with the .dll extension... And since that is a Windows machine, I guess it is the method they're using to dynamically generate the page.

            Pedro.
            Bingo.

            People really should read up on server-side components..
            My open eyes see everything, and you see nothing. . .
            That forum

            Comment

            • rylin
              Senior Member
              • Jan 2001
              • 1067

              #7
              Originally posted by CeleronXT
              Even if it's not harmful, I still don't want DLL's from other sites floating around my machine.

              Whether to be alarmed or not depends on who you are. If you're me, then you're alarmed. If you don't care about generally useless DLL's in your machine, then you shouldn't be.
              It does *NOT* download the DLL to your machine.
              That's a simple IIS filter/dll/cgi that serves a (random?) banner
              My open eyes see everything, and you see nothing. . .
              That forum

              Comment

              • rylin
                Senior Member
                • Jan 2001
                • 1067

                #8
                FYI, the HTML generated when I visited the url is:
                <A HREF="http://demo-voip.rodopi.com/rbd/rbd_isapi.dll?bID=77&DistID=55" TARGET="_blank"><IMG SRC="http://demo-voip.rodopi.com/rbd/Banners/1782477195/77/468x60_webaphoto_dolphins.gif" BORDER=0></A>
                If your browser asks you to download the .dll, something is wrong with your mime settings.
                My open eyes see everything, and you see nothing. . .
                That forum

                Comment

                • Scott MacVicar
                  Former vBulletin Developer
                  • Dec 2000
                  • 13286

                  #9
                  yes as the dll is just some script for the windows IIS like PHP.

                  www.nochex.com use it for all content generation
                  Scott MacVicar

                  My Blog | Twitter

                  Comment

                  • CeleronXT
                    Senior Member
                    • Mar 2002
                    • 3217

                    #10
                    Originally posted by okidoki
                    It does *NOT* download the DLL to your machine.
                    That's a simple IIS filter/dll/cgi that serves a (random?) banner
                    I assumed it was, as he said it was requesting to download.
                    "63,000 bugs in the code, 63,000 bugs, you get 1 whacked with a service pack, now there's 63,005 bugs in the code."
                    "Before you critisize someone, walk a mile in their shoes. That way, when you critisize them, you're a mile away and you have their shoes."
                    Utopia Software - Current Software: Utopia News Pro (news management system)

                    Comment

                    • rylin
                      Senior Member
                      • Jan 2001
                      • 1067

                      #11
                      Originally posted by CeleronXT
                      I assumed it was, as he said it was requesting to download.
                      Yet you yourself said you'd be alarmed.
                      Looking at the HTML posted above you can be pretty sure it IS an actual banner program, so why panic?

                      Why not simply try to load the URL and see what happens? Too afraid of a little html?
                      My open eyes see everything, and you see nothing. . .
                      That forum

                      Comment

                      • CeleronXT
                        Senior Member
                        • Mar 2002
                        • 3217

                        #12
                        Yeah, I'd be alarmed if it was downloading on me. But if that's not what happens (it's only what he *said* happened), then I wouldn't be alarmed..
                        "63,000 bugs in the code, 63,000 bugs, you get 1 whacked with a service pack, now there's 63,005 bugs in the code."
                        "Before you critisize someone, walk a mile in their shoes. That way, when you critisize them, you're a mile away and you have their shoes."
                        Utopia Software - Current Software: Utopia News Pro (news management system)

                        Comment

                        • Kings
                          Senior Member
                          • Oct 2002
                          • 186
                          • 3.5.x

                          #13
                          eBay uses it as well.

                          Comment

                          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                          Working...