Windows 10: HELP: Is my network infected?

This is creepy... So, I decided I would visit HURR-DURR (basically like the original YouAreAnIdiot) on my Windows XP virtual machine (I use virtualbox). The machine was connected to the same WiFi as the host. I went to the page but instead of seeing the old comic sans, goofy song and infinite popups, there was nothing. Then, I got a popup FROM MY HOST saying that Avast Free Antivirus has stopped a virus with a name along the lines of JS.HurrDurr (I forget full name).

I'm wondering if some exploit may have slipped through.
Can host PC's detect viruses in VMs?
Can Hurr-Durr do real damage and is it in my network right now?

I'm really confused and I hope you guys can help me!

Thanks
-

EDIT: I was using Firefox browser.

:)

 

Nokia Lumia 920 camera is not working on windows 10 mobile



My
Nokia Lumia 920's camera is giving this error. Please help? (windows 10 mobile)

 

From product key scams to broken boot

I tried all this with the installation USB Drive, but no such luck. I might get a new, uncorrupt hard drive from Dell. Thanks!

 

A quick Google comes up with this

 

Hi missing and welcome to Tenforums.

Not familiar with these symptoms, but I would do this:

Restore your XP VM to a saved version before the incident.

On the Host, download and run

RogueKiller
RogueKiller Download

ADWCleaner
Downloads - AdwCleaner - ToolsLib

Malwarebytes Antimalware
Malwarebytes Anti-Malware Download
(get version 2.2)

JRT
Junkware Removal Tool Download

Then go into Control Panel>Programs and features, and Repair Avast.

Please post the logs if anything is found.

 

FYI: VMs need their own AV.

NoScript is a good addon for Firefox. Anything (javascript) that's not whitelisted in NoScript won't run.

Might want to reset Firefox as well.

 

I've already seen that... Doesn't explain how it got from the VM to the host..

 

No need to reset the browser, I reverted to a previous snapshot.

 

Also, I ran a Malwarebytes Custom Scan, with every option ticked using the Free Pro Version Trial you get with it. Found nothing in any of the scans (including rootkit one). I'll get an antivirus on my virtual machines. In case I was RATted, I disabled my camera and mic in device manager, and I also covered my camera with a peice of cardboard held on by some masking tape. I also rescanned with avast and no issues were found. I think I'm good.

Does anyone know what the virus from HURR-DURR does to one's computer? Is it built to trash the PC, collect information or just a small exploit to mess with you until you restart the comupter?

Thanks
-

UPDATE: RougeKiller found some registry keys..
(X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters|DhcpNameServer

(X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d3ef6ce5-3a44-
4160-ad3c-d5abbc988bdf}|DhcpNameServer

(X64) HKEY_USERS\S-1-5-21-3002187930-671386894-702731269-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs

(X86) HKEY_USERS\S-1-5-21-3002187930-671386894-702731269-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs

I wonder what these mean... Does anyone know? I'm still only half way through the scan.

 

The hurrdurr site has 4 hits on virustotal as malicious
https://www.virustotal.com/en/url/e2...is/1494095498/

It uses a javascript exploit to move the browser window around and cause constant popups. As far as I can tell that's all it does. But who knows if it's been modified to do more?

Hard to say what those keys are doing, but DHCP refers to your internet connection and the others refer to Windows Explorer and Start_TrackProgs? who knows. Doesn't look good to me.

Will you be posting the logs of the recommended scans for us to have a look at?