I downloaded a not-so-reputable website to my desktop as a way to grab the images on the site. I tried opening the HTML and then I remembered hearing that opening a local file in a browser is different from opening a website. Something about http:// and file:/// allowing different levels of access to my computer. Unsure if I should just re-install windows just to be safe.
I tried scanning the website folder with microsoft defender and it said that no threats were found but IDK how foolproof microsoft defender is.
2
Answers
Scanning with Antivirus Software: Running a scan with Microsoft Defender is a good first step, but it’s not always foolproof. Consider using additional reputable antivirus software like Malwarebytes or Norton Security to perform a more thorough scan of your system.
Avoid Opening Suspicious Files: Avoid interacting with any executable files or scripts that might have come with the downloaded content. Opening HTML files should generally be safe, but be cautious of any prompts to run additional files or scripts within the downloaded content.
Isolate the Files: If you suspect the downloaded content might be harmful, consider moving it to a separate, isolated folder on your computer. This can help prevent potential spread if the files are indeed malicious.
Backup and Restore: If you’re concerned about the safety of your system, consider creating a backup of important files and then restoring your system to a previous clean state using System Restore (if available) or a backup image if needed.
Reset Browser Settings: Sometimes, when opening local files in a browser, it might execute certain scripts or access local resources differently than when accessed via a web server. To be cautious, you can reset your browser settings to default to ensure no unintended permissions or settings were changed.
Monitor System Activity: Keep an eye on your system for any unusual behavior or unexpected processes running in the background. Use Task Manager (Windows) or Activity Monitor (Mac) to check for any suspicious activities.
Consider Reinstalling Windows (if necessary): If you suspect your system might be compromised and you’ve exhausted other options, a complete reinstallation of Windows might be the safest course of action to ensure a clean system.
It absolutely can cause issues. That said, with good security settings on your device, the most likely worst-case situation would simply be adware, spyware, or bloatware in-browser. A truly experienced hacker could certainly place malicious files into their site for unsuspecting users to download, but as long as there are only JS scripts (or PHP, so long as PHP isn’t installed on your device), you should be fine device-wise (NOTE: If you have NodeJS, and the JS utilizes that, that’s the only issue JS might pose). If there are other file types, like .EXE, .BAT, .BASH, .CMD, etc., that’s where the problem arises.
In terms of browser issues, they would only show up when loading the file, or in cookies/local storage. Check those places, and you should get a decent idea of the situation. If your device shows signs of device-wide malware, though, you should probably run additional antivirus programs/scans, using other WELL KNOWN AND REPUTABLE sources (in addition to Windows Antivirus). If that doesn’t work, consider restarting the device (Windows will usually auto-fix corrupt files on restart), running a DEVICE wide scan, or, in more drastic situations, reinstalling Windows (Back your data up, then use a custom install. The only thing that could potentially survive a custom install is a rootkit, and there’s no way a website got that onto your device.).