Virus's and adware

I use Lime Wire for my file sharing. Every time I have downloaded an exe is alwas comes with a virus or adware. I have downloaded around 20 files and all of them had atleat 1 virus or adware, so from now on I am going to stuff all file sharing programs!!!

I’ve downloaded plenty of executable stuff from Reverse connect and never had any trouble.

What files do you search for. If you’re searching for cracks or keygens then most of that crap is all viruses.

I use SoulSeek for my P2P. Very basic, very good.

The best protection against adware and viruses is common sense…

Don’t download a DVD game that is 10kb… or sumthing stupid

The risk is always there. When I download files, I run multiple virus scans against them immediately, then run adaware and spybot, before I ever touch the files. I also run Teacup in background and it tells me if anything tries to make changes to my registry. Very secure, and I have caught every virus before it has had a change to bite me…

SoulSeek here too, never had any problems. But see quote:

Absolutely. Remember to scan stuff etc, and things are (usually) fine.

That’s the problem with Lime Wire, not every other p2p program.

In general, if you’re going to dabble in unsafe behavior, ALWAYS USE A CONDOM (or a virus scanner at least). Its just plain silly to take it for granted that the person sharing the file is part of the friendly file sharing community.

Its like the analogy that the other person you could be chatting with in a chatroom isn’t a nice girl, but a 500 lbs. prison inmate.

Be paranoid, scan everything you download and see if the file sharer has any kind of track record to go by.

As most have pointed out above, I would recommend staying away from small executables, particularly those under around 250KB and also make sure your virus checker has the latest definitions before testing out any downloads. As viruses commonly spread as fake new versions of products that have not yet been released, such as Winamp 6.0 for example, I would also recommend staying away from any software results with a new version number that the official provider has not yet released.

If you are looking for mirrors for quite popular freeware or shareware software, I would at least recommend looking up a file mirror site, such as http://www.filemirrors.com/ For example, if Nero makes a major release, its own links often give very poor performance, so I generally use alternative links on file mirrors.

If you insist on getting the executable file you are looking for on a file sharing network, have a look for compressed versions of the file first. Very few viruses I’m aware of spread as zipped files and even in the few cases I came across, this was by e-mail as password protected zip files in an attempt to escape e-mail scanners. :disagree:

Finally, make sure what you are downloading has the file extension of what you are after. For executables, this should be ‘.exe’. For compressed files, Zip and RAR files use ‘.zip’ and ‘.rar’ respectively. From my experience, Limewire often returns two or more fake results no matter what I search for. Both results genrally match the keywords I searched for (even tried a random string of characters), one with a ‘.jpg’ extension and the other with a ‘.wmv’ extension, so stay away from these extension unless it is pictures or Windows Media Video you are after. :wink:

I wouldnt download unknown exe-files of anything, web, irc and whatnot.

Just out of curiosity, I tried putting in some garbage keywords as well as a combination of garbage and common English words like ‘and’, ‘song’, etc. into Shareaza, Limewire and eMule in order to see which produces the most fake results. There are many file sharing applications out there, but to give an example of fake results, I’ll just stick with these few open source applications. :wink:

<img src=“http://upload.cdfreaks.com/seanbyrne/ShareazaFakeResults.jpg” align=“right” hspace=“18”>To start with, I tried out Shareaza and configured it to connect to the Gnutella 1 & 2 and eDonkey networks. I then left Shareaza running for several minutes to make sure it had at least one connection to each network.

Shareaza is definitely the worst for fake results from my experience and usually returns between 5 and 10 results for complete garbage such as “pqjbzq jzbopq4g”, which I can confirm Google returns no results for either keyword. The results in this case match the search terms exactly, have a five star rating and all have a zip file extension. If I pop in almost any keyword commonly used in song titles with the same garbage information, I get several hundred search results as shown to the right with many wmv file extensions. Most of these are composed of random phrases taken from somewhere with the search terms often put in brackets. Due to the nature of the results, these have been blurred out in the example shown to the right. In my opinion, this clearly shows that unless the item you are interested in is very popular, I would recommend staying clear of Shareaza, at least until they have a way of filtering out these fakes. :disagree:

I then gave Limewire a try with the same search terms as I used with Shareaza. While Limewire only connects to the Gnutella 1 network, it is a very popular file sharing application for music and is the 2nd most downloaded P2P application from download.com after Morpheus at this time of writing. With this network, I got between 3 and 4 fake results whether I just typed plain garbage or the same garbage with common keywords. All of the results matched the search terms, either in uppercase, lowercase or the spaces replaced with _'s. Each result had a different file extension, consisting of .exe, .mp3 and .jpg. Sometimes a fourth result with a zip extension would appear as shown. All have file sizes of under 200KB and a four star rating as shown below:

<img src=“http://upload.cdfreaks.com/seanbyrne/LimewireFakes.png”>

As the fake results always seem to match the keywords, one way to avoid these fakes is to not search for the full title and only download files of greater than 200KB. For example, if you intend looking for something on chemistry, such as the title “potassium reaction with water”, search for “potassium reaction water” and if the search results don’t have any other keywords besides what you entered, chances are that it’s a fake.

Finally, I gave eMule a try with the same searches. However, no matter what I tried searching for, as long as there is at least one garbage keyword in the search terms, no results would return. While fake content can usually be found on the network with common keywords that would also return true results, at least no fake results are being composed from the keywords that are being searched for, unlike Limewire and especially Shareaza.

Originally I avoided eMule as very little would ever start downloading, however it was not until I tried leaving it run for a few hours that I realised eMule uses a queuing system. As a result, most downloads can take between 10 minutes and several hours to start depending on the number of sources and how big their upload queues are. There are also some other factors put into account to determine where on the remote queue one gets put, such as upload/download ratio. On the other hand, pretty much everything I downloaded using eMule matched what I searched for, unlike the other networks where in some cases I was getting more fakes than what I expected.

Also with eMule, eDonkey and any other client on the ed2k network there are ed2k link sites which catalogue only verified links it is a lot safer than search. Once you get sources you can also check the other names the file has been known as in the past this is a way to check someone hasn’t changed the name so the content does not match.

As I don’t use other clients do such sites exist for them too? If so use them.

I use Avast Pro which has a very good p2pshield that has not failed to find any virus or trojan that happened to be on a downloaded file. It has only happened a few times (im on Winmx) but it did find bad files even in compressed files. :clap: :clap: :clap:

I hate to admit this but as far as all this goes I am a total NOOB…Anyways I do read alot and use various syware/adware detection programs.

I have tried countless filesharing programs and have settled on bittorrent (utorrent) and use emule for hard to find stuff. Maybe I am missing something but common sense and scans have so far proved to be more than adequate to protect me from (at least noticeable) troubles with any kind of maliscous programs.
Like I said maybe someone out there is logging every keystoke or working on some kind of indictment, but currently I have to believe that most people are just paranoid.

Unfortunately common sense and regular scans are few and far between for some people, being paranoid or overly cautious is actually a good thing.

Look at the Sony fiasco, the antivirus and anti-trojan companies totally ignored or deliberately hid the problem until now. Even now these companies are waffling on whether to classify extreme DRM as harmful or not. If you download anything illicit (i.e. kg, cr… etc.), these things sometimes scan as viruses even though they’re not. Its that these virus scanning companies have a separate agenda to their current one of helping you cleanup your computer (and making wads of cash off updating version numbers and charging full price i.e. Norton Antivirus 2005, 2006, 2007, 2008, etc.).

P2P is not harmful, its what you get off them and how you deal with that content which is.