Clean and Infected File Sharing Programs
March 8, 2008 – 4:08 PMWondering if your favorite peer-to-peer file-swapping program has spyware bundled into it? Chances are good that it does.
The information on this page is believed to be accurate. However, if any program is listed under the wrong section, please let me know immediately. If you know of a file sharing program not listed here, let me know about that as well and I will test it out.
Infected
The following file-swappers are confirmed to have spyware or other unwanted parasites bundled into them:
- KaZaa (offers a paid version without spyware)
- Limewire (Older versions only, see below)
- Audiogalaxy
- Bearshare (offers a paid version without spyware)
- Imesh
- Morpheus
- Grokster (offers a paid version without spyware)
- Xolox
- Blubster 2.x aka Piolet (Blubster 2.0 and higher and Piolet are adware and bundle other adware)
- OneMX
- FreeWire
- Exeem
- BitTorrent Ultra
- FileCroc
- Kiwi Alpha
- RockItNet
- Warez P2P
- MediaSeek (MediaSeek Lite from the same company does not bundle any spyware or adware)
- E-Donkey AKA Overnet (Claims to provide a spyware free paid version)
- Computwin AKA FileNavigator (While it doesn’t bundle adware or spyware, this product is itself adware, pops up a full page ad in Internet Explorer upon loading and claims to track computer usage in its license)
- Ares (Official site offers a “Lite” version without the adware bundles)
- Various BitTorrent Clients (See warning below about open source clients)
Also see this page which details what most of the above programs bundle. This page has a similar list of clean/not clean programs.
Clean
The following file-swappers have been found not to have any spyware or other advertising parasites bundled into them:
- WinMX (recommended)
- Shareaza
- E-Mule
- Gnucleus
- Blubster 1.2.3 (Later versions include adware)
- Soulseek
- BitTorrent (See warning below about open source clients)
- Direct Connect
- Mute
- Limewire (Current versions of Limewire are clean. Older versions bundled spyware)
- ABC Bittorrent Client
- DC++
- KCEasy
- Azureus
- BitComet
- BitTornado
- Torrent Search
- TorrentStorm
- Zultrax (No spyware. No uninstaller either)
- Qnext
- BitSpirit
- Waste
- EarthStation5 (Not recommended. See below)
- Burst! BitTorrent Client
- AudioGnome
- CQ_EX
- Filetopia
- mldonkey
- MediaSeek Lite (Another program, MediaSeek, by the same company does bundle adware)
- Ares Lite (Ares Lite is clean. Ares from the same company is not)
- BadBlue (No spyware, but requires a registration including name and email address. Not recommended)
Regarding EarthStation5
Earth Station 5 once contained code that would allow an attacker to delete any file off of your computer’s hard drive. Whether it was placed there intentionally or was a bug left in the code by accident is unclear. For now, we recommend against using it.
Untested
Believed to be clean
The following programs are reported to be clean but have not yet been tested by me.
- XBC (Can’t find an installer for this one)
Unknown
The following are P2P programs for which no reports are available. They eventually will be tested to see if they are clean or not.
- Aimster (Can’t test. Possibly no longer available)
- AudioSwap (Can’t test. Installer corrupted)
- Carracho (Can’t test. Appears to be a Mac OS client?)
Regarding Open Source File Sharing Programs
Be very careful when installing an open source file sharing program. Open source programs are distributed under a license that allows for repackaging and redistribution. Unfortunately, many fine open source file sharing programs are repackaged to bundle various adware, spyware and other malware. Some examples of this are BitTorrent and KCEasy, both of which are clean, open source programs that have been repackaged by others to include malware.
If you see on this page that an open source program is free of spyware, that does not mean that some unscrupulous person hasn’t repackaged a version that does bundle spyware and is passing it off as the real thing, on his own web site. Be very careful that you download file sharing programs ONLY from the official web site of the program’s developer.
Cracks
There are two programs, Kazaalite and Groksterlite, about which you be wondering. Both programs are spyware-free versions of those file-swappers. Some people believe that they are alternative versions put out by the makers of KaZaa and Grokster.
Let’s kill that myth right here. Neither of these are distributed by the owners of Kazaa or Grokster. They are cracks, meaning that the people distributing them violated their End User License Agreements to decompile them and remove the embedded spyware.
You may think that by using these products, you are giving the proverbial finger to the makers of spyware-ridden software. I’m sorry to say, this is not true. You merely show them that their software is so popular that you will go to any lengths to use it. This tells them that it is safe to keep selling out their millions and millions of users to the parasitical spyware companies. It also lets them point to the size of their network when spyware companies come sniffing around. By using these products, cracked or not, you contribute to the problem of advertising spyware.
It is recommended that you not use any version of a product that uses spyware, whether it is a spyware-free crack, or the normal version. Spyware companies pay good money to the developers who sell out their users. The only way to discourage developers from including spyware into their products is to show them that his/her users will go elsewhere. No users equals no sponsors equals no money. It’s as simple as that.