'Fleisnam' malware was detected (Agentless) - false alarm?

Question

Hi experts,&nbsp;I have started to see this alert some time ago on a VM sitting in Azure. Tried to troubleshoot it, made some research and turned out this is triggered by Defender reporting it's own log files as malicious. At least that's what I've found on several blogs.&nbsp;&nbsp;It will identify a "log" file looks like every time I run defender full scan. An example of the file and location is below:&nbsp;Last few days, few more devices started to report the same... and I start to be a bit "nervous" about it. Is it a real malware? Is it really a defender bug?&nbsp;Anyone experiencing the same issue?&nbsp;&nbsp;Thank you.

micheleariis · Answer

sumo83&nbsp;Hi,&nbsp;I had a similar issue some time ago, when I was in doubt, even if it was a false positive, I sent a request to verify the false positive: you can send the file for analysis to Microsoft via their security portal if you are concerned and want an official confirmation.

sumo83 · Answer

submitted to MS. How did you deal with it then? Have you just ignored and closed any further alarms?

micheleariis · Answer

sumo83&nbsp;Once I received the feedback confirming the false positive I closed the case

sumo83 · Answer

well... the problem is that next time full scan will run on my computer, it will report it again 😕

micheleariis · Answer

sumo83&nbsp;while you can exclude that file from the scan 🙂

Forum Discussion

'Fleisnam' malware was detected (Agentless) - false alarm?

7 Replies

Resources