Host-based backup of VMware vSphere VMs.
Post Reply
AndyNorden
Novice
Posts: 5
Liked: 2 times
Joined: Jun 01, 2021 7:54 am
Contact:

"Potential malware activity detected" Can't find further information

Post by AndyNorden »

Hello,

after I upgraded to 12.1 and enabled the malware detection, we had no problems / warnings for some days. But after some days I've got the warning "" for one server.
Then I searched in the forum, but the only thing I've found is the log-directory "C:\ProgramData\Veeam\Backup\Malware_Detection_Logs" for further information. But this path doesn't exist on my server.
Then I wanted to scan the backup, but Veeam says "Unable to perform content scan for this backup due to the current limitations." to me.

Malware Detection
Immediate attention required Warning
Status Suspicious
Type Encrypted data
Details Potential malware activity detected

Does anyone has an idea, how I can get more information to this warning?

Thank you and best regards
Andreas
MarkBoothmaa
Veeam Legend
Posts: 198
Liked: 55 times
Joined: Mar 22, 2017 11:10 am
Full Name: Mark Boothman
Location: Darlington, United Kingdom
Contact:

Re: "Potential malware activity detected" Can't find further information

Post by MarkBoothmaa »

Are you running an enterprise or Std license? as that will explain why you can't do the content scan.
AndyNorden
Novice
Posts: 5
Liked: 2 times
Joined: Jun 01, 2021 7:54 am
Contact:

Re: "Potential malware activity detected" Can't find further information

Post by AndyNorden »

We have the "Enterprise Plus"-Edition.
MarkBoothmaa
Veeam Legend
Posts: 198
Liked: 55 times
Joined: Mar 22, 2017 11:10 am
Full Name: Mark Boothman
Location: Darlington, United Kingdom
Contact:

Re: "Potential malware activity detected" Can't find further information

Post by MarkBoothmaa »

I'd say log a ticket with support, as its not overly obvious what the restrictions are and they should be able to provide more information from the logs too.
xCiubx
Lurker
Posts: 1
Liked: never
Joined: Mar 01, 2024 12:41 pm
Contact:

Re: "Potential malware activity detected" Can't find further information

Post by xCiubx »

Hello,

is there any news on this? I have the same problem at our company?
AVavav
Influencer
Posts: 23
Liked: 2 times
Joined: Oct 06, 2021 10:16 am
Contact:

Re: "Potential malware activity detected" Can't find further information

Post by AVavav »

Same, here on latest and greatest Ent Plus but still getting no info which seems like Veeam is trolling me tbh.
Under 'Malware alerts' -> 'Malware Events' -> Onion link
Potential malware activity detected

In other words pretty useless to me and more of an annoyance as I need to guess if legit or not and risk suppressing valid threats.
SFAllowed
Novice
Posts: 6
Liked: never
Joined: Apr 14, 2022 12:09 am
Full Name: Robert McClafferty
Contact:

Re: "Potential malware activity detected" Can't find further information

Post by SFAllowed »

There is a way to scan the malware job and get some more details, or you can go to;

C:\ProgramData\Veeam\Backup\FLRSessions\Windows\servernamehere\Antivirus - and there will be defender logs etc.
Post Reply

Who is online

Users browsing this forum: Semrush [Bot] and 31 guests