Download and install Peer Guardian 2.

It blocks your IP address from the bad people that would potentially arrest you.
posted by CaptKyle at 4:35 PM on May 14, 2009

Don't use it. You're essentially downloading unverified files from unknown hosts.
posted by wongcorgi at 4:40 PM on May 14, 2009 [3 favorites]

As long as your definitions are up to date, both Norton and AVG are very reliable, but they can only detect the malware they're programmed to detect. New viruses and variants crop up all the time, and P2P networks are where they like to get their start.

If you're not 100% sure of a file's contents or origin, you can't expect security. Don't download executable files, document files or archives like .zip files from Limewire. Find what you're looking for on a torrent site like mininova, where you can check comments from previous downloaders before proceeding. Obviously, comments aren't 100% reliable either, but if there is some malware attached to a download, people in the comments will be talking about it.

music files are much safer to download via P2P, because they don't contain code or scripts that get executed. I've never known anyone to get a virus or trojan from only downloading mp3s.
posted by chudmonkey at 4:46 PM on May 14, 2009

The conventional wisdom is to use multiple virus scanners.

This all depends on the level of obsession you want to get into. You could have one computer for scanning, then hit the downloads directory with pretty much every virus scanner you've got, free or not.

If you're downloading programs or other executables, you could get really crazy and put together a virtual PC, then run the dangerous programs inside of the virtualized machine and look for trouble. That's how I run keygens.
posted by adipocere at 4:46 PM on May 14, 2009

I promise you, as long as you continue to use Limewire you will be under threat of infection.

Either don't use it or keep very up to date backups.
posted by wfrgms at 4:53 PM on May 14, 2009

I had a bunch of security programs on my computer and limewire still killed it. I suggest you stay away from limewire. I don't think there is enough incentive to hose your computer.
posted by penguingrl at 5:06 PM on May 14, 2009

Just to address the Peer Guardian recommendation. Please don't use Peer Guardian. It's worse than useless. It absolutely, positively will not keep you safer at all. It will definitely limit the number of addresses you can access, being a negative for you, and using Peer Guardian is also bad for the download community. All negatives, no positives.

I don't know if this link will work for you, but it's interesting reading:

http://fora.demonoid.com/index.php?topic=25342.0
posted by VikingSword at 5:27 PM on May 14, 2009

Any time friends and family have come to me with a nasty spyware infection, limewire is involved. It's really really high-risk behavior.

If you are going to do this, maybe you could try running it in a virtual machine instance? There's one from microsoft, and vmware server is also free, as is the windows 7 beta that's out there.

Scrapping an infected virtual machine is no big deal, reinstalling your OS from scratch is a huge pain.
posted by jenkinsEar at 6:05 PM on May 14, 2009

Use Frostwire. It functions like Limewire, but (it my experience) is a lot cleaner than Limewire. At the very least, it has less adware and malware. Give it a try, but always keep up to date on your antivirus software.
posted by JuiceBoxHero at 6:23 PM on May 14, 2009

Use Frostwire.

It's on the same network, it still downloads infected files. It's not any safer. It is, however, worth looking at if you don't like the Limewire interface.
posted by Mayor Curley at 6:30 PM on May 14, 2009

(VikingSword, given that the link you posted doesn't work (well, not for me at any rate, it just takes me to a page that says I need to sign in to access the linked page), is there some other source you can cite to back up your comments about Peer Guardian? I've heard mostly good things about it all along and have been making a point of using it when downloading via P2P; if there really are problems with it I for one would really appreciate being able to read about them)

And to the question about safe Limewiring, I have to add my vote to those folks who say Limewire is inherently risky; the fact that you've used it on your computer for a long time with no problems is just as much happenstance as the fact that your wife got two viruses from it. I've been told in the past that your best bet if you're determined to use it is to individually virus-scan every file you download before opening it; could you try something like this?
posted by DingoMutt at 6:33 PM on May 14, 2009

There is nothing wrong with Limewire in and of itself (unless you got it from somewhere other than the official Limewire website; then all bets are off). It does what it was designed to do (share files using the GnutellaNet peer to peer protocol) quite competently. Replacing Limewire with a different GnutellaNet client will not alter your risk of infection, which arises from the ways you use Limewire. Switching to a different GnutellaNet client is analogous to changing your preferred brand of syringes and fits; the change will do precisely squat for you, if you continue to chase hits in risky ways.

The single most effective thing your wife can do is educate herself about malware and the file formats that can be used to spread it. Time invested in this will give you about twice the return of time invested in choosing and using security software.

Oh, and I am not in the least surprised to hear that the AVG-protected PC is still OK and the Norton-protected one is infected. Not in the least.
posted by flabdablet at 6:59 PM on May 14, 2009

I use emule but had to have an online friend (actually a mefite) help me set it up because it was a pain in the ass to set up.

I use Limewire and I have yet to get a virus that Avast hasn't caught.
posted by IndigoRain at 8:20 PM on May 14, 2009

So as far as a limewire replacement the only viable suggestion is torrents? Only because it has comments about the files?

Well, yes that, because people will comment that it's a bad file. But also bad torrents lose seeds and so just sort of...drops off the map. OTOH, with Limewire and similar P2P, as long as a single person is uploading, you can download, and if they're spreading a virus, well, then. Yeah.

I'd suggest reading this to get started on the subject. The site is being pretty slow for some reason, but a .pdf will eventually download. It's called The Bigt Book of BitTorrent, and it'll explain everything you need to know. I highly suggest BitTorrent. Get me?
posted by InsanePenguin at 8:30 PM on May 14, 2009

Really, it's no longer the 90s. These days there are much better ways to participate in filesharing than Limewire (torrents, newsgroups, direct downloads etc). Similarly there are much better ways to keep your computer running nicely than the mess that Norton has become (avira, comodo, malwarebytes etc). The latest technology isn't just about having hardware that can cope - our habits need to keep up too.
posted by dirm at 8:59 PM on May 14, 2009

CwgrlUp, I was wondering if you could tell us what trojans/viruses your PC wound up with? And do you know for sure that you have the "official" version of limewire (originally downloaded from offical limewire site)?

I really don't mean to patronize, and I'll be gratified to know it if I'm wrong, but I really don't think you can get a trojan from downloading an mp3. Malicious code needs some way to get itself executed on a machine, and simply playing an mp3 shouldn't facilitate that.

If you're absolutely certain NO other kind(s) of files have been downloaded, and that no visitors downloaded something without sharing the details, you should probably uninstall your Limewire client and re-install from a fresh, verified-official source just to make sure you don't have a malicious Limewire clone downloading/executing things behind your back.

P2P is a great way to reliably get a single song or two quickly. But if you're downloading full albums or music videos, a BitTorrent download gives you a much better sense of what you're actually getting in advance, and gives you a more finely-grained control over how you download. I was a hardcore get-everything-from-limewire guy before I started using BitTorrent, and I'm thoroughly converted now.
posted by chudmonkey at 9:06 PM on May 14, 2009

To step back from the limewire vs bittorrent debate and return to the original question, one way to increase your level of safety would be to ensure that your p2p client is run using a limited user account.

These are not just for children, many experienced users (including me) use them as an additional layer of protection. This is a nice simple guide on setting one up.
posted by Busy Old Fool at 11:10 PM on May 14, 2009

CwgrlUp: "So as far as a limewire replacement the only viable suggestion is torrents? Only because it has comments about the files? I honestly thought P2P was still the most common way to get music."

If you're only downloading music, you should also consider Soulseek.
posted by theiconoclast31 at 5:56 AM on May 15, 2009

chudmonkey: I am CwgrlUp's wife and my computer was the one to get the Trojan virus, the type of virus was Trojan.Brisv.A!inf virus. Yes I know for sure that we got it from Limewire because it was embedded in five songs downloaded from Limewire.

And yes we have the official version of limewire downloaded from the limewire website.

Thanks for the answers.
posted by roxiesmom at 7:22 AM on May 15, 2009

roxiesmom & CwgrlUp , you are missing a basic fact here.. You are not getting any virus, spyware, or trojan from *Limewire*. In fact, you aren't even getting your mp3's from Limewire per se. You are using Limewire to connect to the Gnutella network and download files from other people. These files often contain malware. To my knowledge, this network does nothing to remove or tag bad files. The reason that BitTorrent was suggested is that, on most sites, people leave notes on downloads that can tell you if a file is infected. Torrenting is increasingly becoming the most popular p2p solution because it is safer and more logical. My experience with the Gnutella/Kazaa network is that it's a disaster and you can't trust any file that you get. No matter how good your virus software is, it's inevitable that you will someday get infected again if you continue this way.

My suggestion is to download UTorrent from here: http://utorrent.com/

You can learn the basics of BitTorrent here: http://lifehacker.com/software/ultranewb/a-beginners-guide-to-bittorrent-285489.php

Then use The Pirate Bay: http://www.thepiratebay.org to find files and take a moment to read the notes on something before downloading.

Before opening ANY file, scan it with http://housecall.antivirus.com or something comparable.

Also, install some kind of software to protect you from the RIAA and MPAA lawsuits (whether on Gnutella or BitTorrent).. I think UTorrent has some kind of IP blocking built in, but if not you can download Peer Guardian too from here: http://www.phoenixlabs.org/pg2

If this sounds like too much trouble, then maybe you should consider just buying the mp3's. Ironically, pirating requires a certain degree of responsibility, maintenance, and knowledge. It's not completely FREE...
posted by Raichle at 7:56 AM on May 15, 2009 [1 favorite]

Yes, limited accounts will help you.

Also, visit Tools->Folder Options->View and make sure "hide extensions for known file types" is turned OFF. If you've got a trojan that you thought was an MP3, it almost certainly doesn't actually have a .mp3 file extension; it's probably something.mp3.exe, and Windows is helpfully hiding the .exe part from you, because it "knows" what a .exe is.
posted by flabdablet at 5:32 AM on May 18, 2009

Oh, and the first time you play a newly-downloaded MP3, you should not do that by double-clicking the file you just downloaded. Instead, start up your media player, and use its File menu to browse to and open the file.

Same goes for files you've obtained from any untrusted source, not just GnutellaNet.
posted by flabdablet at 5:34 AM on May 18, 2009

I use Limewire and I have yet to get a virus that Avast hasn't caught.

If your virus scanner didn't catch it, how do you know you're not infected?
posted by Caviar at 9:01 AM on May 21, 2009

"Oh, and the first time you play a newly-downloaded MP3, you should not do that by double-clicking the file you just downloaded. Instead, start up your media player, and use its File menu to browse to and open the file."

Why? What difference would this make?
posted by Raichle at 2:55 PM on May 21, 2009

"Oh, and the first time you play a newly-downloaded MP3, you should not do that by double-clicking the file you just downloaded. Instead, start up your media player, and use its File menu to browse to and open the file."

Why? What difference would this make?

if you double-click on a file and it's executable, you'll launch it, depending on your OS and security settings. Some OS's make the pathological choice of hiding file extensions, making it difficult to tell whether a file is executable or an actual MP3 file- the_smiths.exe and the_smiths.mp3 may look identical under old versions of windows. Opening it with a media player should prevent it from launching if it is executable.
posted by jenkinsEar at 3:39 PM on May 21, 2009

This thread is closed to new comments.