Source of Malware Found on Hyper-V Virtual Host
Posted on 2014-08-03
MS System Center Configuration Manager Endpoint Protection found and quarantined the following Malware on one of our WS2K8 R2 Data Center Hyper-V virtual hosts. We're trying to find out the origins of the Malware. No one logs into this server. All it does is host VMs. According to the MS malware information site, Win32/Pdfjsc are a family of malicious PDF files that exploit vulnerabilities in Adobe Acrobat and Adobe Reader. Let me know your thoughts. Thanks!
Configuration Manager Endpoint Protection has detected malware on one or more computers in your organization
Collection name: Member Servers
Malware Name: Exploit:Win32/Pdfjsc.ALB
Number of infections: 1
Last detection time(UTC time): 8/2/2014 11:05:52 AM
These are the infections of this malware:
1. Computer name: VirtualHost3.mydomain.com
Detection time(UTC time): 8/2/2014 11:05:52 AM
Malware file path: file:_C:\Windows\Temp\TMP00000008298C185C10810A8E
Remediation action: Quarantine
Action status: Succeeded
To view further information about malware activity in your organization, run Malware Details Report.