mersenneforum.org Sieving for 1
 Register FAQ Search Today's Posts Mark Forums Read

 2009-08-08, 07:49 #1 MooooMoo Apprentice Crank     Mar 2006 2·227 Posts Sieving for 1
 2010-05-05, 05:07 #2 Oddball     May 2010 499 Posts Sieve reservations for 1
 2011-12-09, 17:46 #3 gribozavr     Mar 2005 Internet; Ukraine, Kiev 11·37 Posts I've downloaded and verified everything. I've re-uploaded the same merged file from November 12th: http://www.sendspace.com/file/pnl1fn (space gain from creating a new file is too small).
 2012-01-23, 00:21 #4 cipher     Feb 2007 211 Posts gribozavr the new merged file is missing... online can you reupload
 2012-01-25, 20:48 #5 gribozavr     Mar 2005 Internet; Ukraine, Kiev 11×37 Posts
2012-01-29, 02:16   #6
mdettweiler
A Sunny Moo

Aug 2007
USA (GMT-5)

3×2,083 Posts

Quote:
 Originally Posted by gribozavr http://www.sendspace.com/file/srshrw
Say, I should probably give everyone a heads-up: I tried to download this just now, by going to the sendspace link and clicking the "Start download from sendspace" link (as usual), but instead of getting the correct merge_480000-500000.zip file, I got an executable file called "merge_480000-500000.exe"! I verified that it was indeed not just a glitch in naming the file--7-Zip opened the file as a compressed installer package, not a zipped sieve file.

My antivirus program (Avast 5) didn't flag it as suspect, but it definitely didn't seem legit; so I tried submitting it to Virus Total (a free online service that will scan a file with a wide array of antivirus programs to compare them). Only one rather obscure virus scanner picked it up as malicious, and identified it as "Adware.Siggen.22562".

I am not entirely sure what this is, or how it got sent down in place of the real file from Sendspace. According to Opera, its actual URL was not from sendspace, but rather:
Code:
http:--www.premiumstorage.info/v34/?product_name=merge_480000-500000.zip&product_title=merge_480000-500000.zip&installer_file_name=merge_480000-500000.zip_installer&product_file_name=merge_480000-500000.zip&product_download_url=http://fs05n2.sendspace.com/dl/d24574cae6caeef3e48f8282f42bfdd2/4f24a7d23a756dd3/srshrw/merge_480000-500000.zip
(http:// munged to prevent anyone from accidentally clicking on the link here in my post)

My theory is that somehow I had accidentally clicked on one of the fake "download now" ads on the Sendspace page rather than the real link, and this was the result--a very slick package that had been renamed dynamically to match (at least in part) the name of the real file I wanted.

As an aside, when I went back to the sendspace page and clicked on the (correct) link again, this time I got the right file, merge_480000-500000.zip. (This is, again, consistent with my experience with Opera--clicking on the misplaced link usually clears it so the correct one is available).

Anyway, I figured I'd give everyone a heads-up about this; bottom line, if you accidentally click on the wrong "Download now!" (or even on the right one, as I did) and somehow get a file ending in .exe (even if you have file extensions hidden the icon should still be different, an installer-type file complete with the UAC "shield" icon over it on Vista/7), make sure you don't run it--you'll probably get some sort of adware, which while not a virus per se is not the most pleasant thing in the world to deal with.

I'm going to see if I can find a contact address for Sendspace...they should definitely be made aware of this, since (as far as I can tell) this is a bit over the top even for the often-obtrusive level of advertising they maintain.

Last fiddled with by mdettweiler on 2012-01-29 at 02:18

 2012-01-29, 02:42 #7 mdettweiler A Sunny Moo     Aug 2007 USA (GMT-5) 624910 Posts Update: I've sent an email to Sendspace's Abuse Department regarding the malicious file. Hopefully they'll take it seriously and respond in a timely manner--I'll keep you guys updated with any news.
 2012-01-29, 09:25 #8 kar_bon     Mar 2006 Germany 1011010000102 Posts I've downloaded this file that day and just did it with the same link. All is ok (again?) and there're no difference in the zip.
2012-01-29, 09:35   #9
mdettweiler
A Sunny Moo

Aug 2007
USA (GMT-5)

141518 Posts

Quote:
 Originally Posted by kar_bon I've downloaded this file that day and just did it with the same link. All is ok (again?) and there're no difference in the zip.
Yes, I think the problem is not in the real Sendspace link itself, but rather in one of the fake "Download Now!" ads that Sendspace plasters all over the download page. As long as you click on the right link you should be fine; in my case I believe I clicked accidentally on one of the ads due to the Opera bug described above.

That said, I would imagine (or at least hope!) that Sendspace wouldn't want their ad providers serving up malware to people who unwittingly click on one of their"download buttons" (which just so happen to be somewhat more prominent than the real link). Hopefully I'll actually get a response to my email...they seem reasonably legit but these days that's still not much of a guarantee that emails will actually go anywhere.

Last fiddled with by mdettweiler on 2012-01-29 at 09:36

2014-02-14, 03:08   #10
The Carnivore

Jun 2010

251 Posts

Quote:
 Originally Posted by gribozavr I've re-uploaded the same merged file from November 12th: http://www.sendspace.com/file/pnl1fn (space gain from creating a new file is too small).
If you're still around, just upload the most recent file with the fewest candidates so it can be used for port 12000. Nobody's going to sieve that file any further, so don't worry that the space gain from creating the new file is small.

 Similar Threads Thread Thread Starter Forum Replies Last Post Citrix Conjectures 'R Us 7 2014-06-23 04:30 wombatman Msieve 4 2013-07-11 15:41 JHansen NFSNET Discussion 9 2010-06-09 19:25 cipher Twin Prime Search 2 2009-07-15 01:15 OmbooHankvald Prime Sierpinski Project 4 2005-06-30 07:51

All times are UTC. The time now is 11:39.

Tue Apr 20 11:39:33 UTC 2021 up 12 days, 6:20, 0 users, load averages: 2.59, 2.17, 2.02