I recently wanted to watch something a film and went to one of the first two sites listed on the Reddit’s r/Piracy mega thread under it’s online streaming section. I normally use an older laptop that I don’t care about and have no sensitive info on but wanted to stream to a projector and only my personal laptop had an hdmi port.
I downloaded firefox exclusively to use for piracy streaming but initially forgot to add ublock origin or another AV extension to the browser. When clicking anywhere on the site, a new tab would open that I’d need to close before I could actually engage with the website content (search, play, etc), which had been my experience in the past using online streaming sites. Once, one of the popup tabs opened and immediately started a file download without my permission. I didn’t open it and deleted it immediately but have recently been noticing some performance issues on my device Mostly that web pages and their content are slower to load than before and my computer has gotten overwhelmed and frozen a few times - not extremely substantially but enough that I’ve noticed a difference.
For context: I have a ThinkPad with windows 10 installed and an Intel i5 CPU. My default browser has been Opera for a few months now.
I just checked and the compressed zip file is in my recycling bin (not fully off my computer) and I’m not sure if/how it can affect my device without me ever opening or running its contents. I don’t have an antivirus background process on my device aside from the default Microsoft Defender Antivirus that comes with Windows 10.
Is there possibly somewhere I could upload the file to check for malware/scan the file to know what it does (titled “XVlDEOSs_Elena_Frost_IMG_223606” - searching for that title didn’t match anything on google)? Is there any chance the file is benign and the performance issues I’m noticing are unrelated to this situation?
TLDR: How concerned should I be about the possibility of a virus on my device from a popup window automatically downloading a zip file I never opened?
Would reinstalling my OS be the main/only possible resolution to a potential virus/worm/malware? I’d really like to avoid that if possible but many of the articles/info I can find about it have inconsistent info about risk and steps to take for resolution. I don’t know much about what kinds of risks I might’ve exposed my computer to. Any insight would be greatly appreciated!
You can upload potential threats to https://www.virustotal.com/gui/home/upload
There are/were vulnerabilities that are zero click, but in this case I imagine they are just banking on people clicking it in this case. If you’re not familiar xvideos is a porn site.
I think you are probably fine as you were running windows defender. It might be a good idea to do a manual full scan and perhaps refresh your browser.
Thank you for that link! It was really helpful for my piece of mind to upload it and see the specific types of threats found in the file scripts! I’m currently parsing through some of the threats/phrases to make sure I would’ve needed to unzip the file for it to cause any harm but I really appreciate your help!
I am familiar with the concept of xvideos and assume it was titled that to be perhaps enticing (? 😅) for someone to unzip it? Regardless thank you for the kind explanation!
FWIW with virus total, you don’t even need to upload the file, just provide the hash to see if is known to virus total. The name may be auto generated which wouldn’t help much in searching, but the hash is based on the file contents.
the zip file itself might also be generated (you can just tack random garbage into places in the zip format and it’ll be ignored - which is extremely quick to do), in which case the hash would change… the file itself is important in case it’s an exploit in the unzip program itself, but also the contents of the file is important