So does the virus/malware come from the page loading, the ads/popups, or clicking on the actual d/l link?
All are possible vectors TBH, but the download itself would be the most common, and by far the simplest route of attack. You upload your virus, you tell people it's a hot video of what ever you think will float their boat, and then they will dutifully infect themselves for you!
All these sites have ads, both on the page, and popups. The sites don't control these ads directly, they come from advertising agencies, many of whom have little to no vetting of the ads, so if you have some exploit code that uses JavaScript or Flash, you can spread it by embedding it in an ad, and then buying some ad time on these shaddier networks. Mind you, even the better ad networks can be fooled, hence the NYT had a virus on it's page through an ad once a few years back!
If you're gonna surf porn on a Windows machine, an AV is not optional, it's a must! And if you're surfing the less reputable parts of the web, blocking Flash with something like FlashBlock or NoScript is also a REALLY good idea. Personally, I block both Flash & JavaScript using the NoScript plugin on FireFox, and then just selectively re-enable them as needed to use streaming video sites, or forums like these.
Hope that clears things up a bit.
B.
