Youtube servers are located in the USA and France.
Video performance will vary because some files are not available in all sizes, and between the time you were watching a video, thousands more people have just decided they want to watch files served from the same IP. Some of them will be on your street or part of the network which makes a bigger impact.
I swap between USA and France depending on time of day (browser plugin).
An uploaded video file will not contain any executable data that could reach you, as you have no access to the original.
The *.dat file will have been installed with something else.
If it came from Youtube, then youtube is infected, not a video.
Flash and Java are the most likely way to get malware with videos.
Set both of those to use no permanent storage, and check the java security options.
On infected sites embedded "Close" buttons can be the way you unknowingly accept them
I usually just hit the back button if the escape key does not work
Videos that are uploaded to Youtube are recoded by their system into a streaming friendly format of MP4 and WEBM.
Even if somehow the video had contained embedded software, it would not be in the recoded version.
To be honest if a hacker were to do that, they would do it to a chart pop video, or something with huge current interest.
Hacking a few hippies and rockers is not going to get them very far, any time soon.
These guys don't use a fishing rod, when they can cast a huge trawler net.
Making judgements on the safety of something simply based on the country of origin or transit, will unfortunately lead you down blind paths and you miss the real culprits in your haste to place the blame where you already want it to be.
I often watch the live stats, and Russia and America are actually fairly equal in attacks on the rest of the planet. China is the one you should worry about not Russia.
http://map.ipviking.com
In fact the UK regularly gets more hack attempts from the USA than Russia or China, so as a UK citizen what am I supposed to read into that ?
That American sites and servers are all to be mistrusted ?
No. It is not that easy.
You or I can use or setup a domain almost anywhere we choose, on almost any continent.
I use a secure blog and mail server in Iceland so the nosey governments can stay out of my actual private mail with clients.
I often use a Russian service for streaming music, because it has a wider choice than any alternative and uses my Last.fm library. It has more of the asian and mashup music I look for.
I am even a member of several Russian UT groups, because it is hugely popular there, and many players have at least basic grasp of English.
There are some seriously good mappers there.
I have online friends in many countries including Russia and China that are just normal average people with a similar love for UT or music, and no interest or ability to hack or code.
The Russian sites I use are all rated green in Web Of Trust, and so far over the years I have never had any red-menace in my PC.
My browsers (Firefox and Opera) have plugins showing me the location and server details of any site I am on at all times, and can check to see if it is being faked.
You will find that many Russian sites are not hosted in Russia, just the same as many US sites are not hosted in America, and many UK sites are not in the UK etc.
Mostly this is for cost effectiveness, security or tax avoidance (google, amazon etc.)
The USA is rapidly running out of IPv4 addresses and has been "borrowing" from other countries for a while.
You already may not be where you think you are online if your browser does not tell you.
I suspect the Jethro Tull footage was ripped from Russian TV, or has the lyrics added in Russian.
However. considering that most people that are not Russian cannot tell Russian writing from any of the other Baltic nations with a Cyrillic alphabet that are part of Europe and/or NATO, can you without a shadow of a doubt truly say it was indeed Russian writing or just looks like it. I know I couldn't.
Actually the 3 links you posted all refer to clicking on added content such as ads or fake ads in or around video players.
This is generally how these attacks happen, and is the flaw in using Flash and/or Java. Especially combined with IE.
There are browser plugins that can block extra unwanted content, and Firefox now defaults to not run plugins without your say-so.
http://www.techsupportalert.com/content ... ncerns.htm
https://vivaldi.net/forum/private-brows ... er-plugins
Mostly consider that MS Security Essentials is OK/average at best, and often not that good (recently it has been below average).
https://www.virusbtn.com/vb100/latest_comparative/index
and you should confirm your suspicion by submitting the file to
VirusTotal for comparison with many others.
You can use the site or their tool, or a browser plugin so all downloads have the option of scanning before coming near your PC (best option).
https://www.virustotal.com/en/documenta ... lications/
https://www.virustotal.com/en/documenta ... xtensions/
https://addons.opera.com/en-gb/extensio ... extension/
Now if only MS Security Essentials detects it, but none of the others, and it is a virus from yester-year, then you can deduce it is a temporary "False-positive" and will be fixed in the next update.
If it triggers several alarms then you can be confident it is correct.
However, when you compare trojans you will often find they also show with different names to different AV packages. This can depend on when and which version they originally found.
You need this complete info to be sure you are chasing the correct virus.
Even though I trust Avira as one of the most consistently good packages, I ALWAYS, ALWAYS, submit the sample file to VirusTotal before making a decision.
It is very quick and can actually test the file for real, and then show you a report on what it did.
The last thing I want to do is delete something important.
I have seen many people over the years trash their Windows install because Mcafee or Norton has deleted an important system file, and at one point Norton famously started detecting itself as a virus and destroryed itself.
Paranoia leads to rash decisions, which lead to self-destruction.
Final notes.
If this *.dat file is in your system folders and is a trojan, then it was allowed admin privilege to get inside there, which tells me that you login as admin.
If you are running XP, this is a very serious problem since the end of support.
Whichever Windows you use, you need to create an admin profile and downgrade your user profile.
You can use your admin name and password in the limited user mode when you need it.
If a virus or trojan tries to install, you will now see Windows ask you for permission.
Microsoft claim this will block about 90% of infections.
My second line of defence (first is a good router):
I use a regularly updated HOSTS list of malware and advert sites, so most common drive-by and advert threats cannot reach my PC
http://www.abelhadigital.com/hostsman
I don't use all of the lists available as they have different uses.
With the extra blocking in the browsers, and an above average AV, plus a few Windows tweaks, I often stick my head in the lions-mouth to fetch suspect files to send for analysis, if I cannot use a link.
Some people think I am paranoid with the level of security on my PC, but the irony is I am not... because of the level of security on my PC.
Technically speaking I could operate without an AV as nothing gets a chance, but I would not consider it because the moment you believe you are totally safe, is when you are most vulnerable.
I don't spend a single penny on my security, so I don't know where you get the idea that upgrading or throwing money at it is a solution.
BTW. I like that you don't take what I say as "law" or "correct", and you should always fire back at me if you disagree. This is how we compare things in security and get to the bones of what you need. It shows you are genuinely thinking about this, not just skimming for a quick-fix.
Then there are specific site plugins that will remove all traces of adverts in sites such as Youtube and Facebook.
