Hi all,

What are the recognized best-practices of downloading programs (.EXE) from P2P networks? What steps can one take to verify the authenticity of a file (that it is what it says it is) and that it contains no spyware or malware?

Virus scans and adware scans are simple enough, but to my knowledge (and I am a newbie to P2P), Gnutella provides no count of a file's downloads from a particular host and no feedback channel to review downloaders' experiences with particular files. This leaves the door open to malware. Is this rare?

Any advice is appreciated.