Did you run a scan after the files were detected to ensure none of them are infected?  That would be my next step to rule out false positives from the rule.

Hi ​@Adrian Meneses -

I wrote a post on here about performing Malware forensics in Veeam. Although...my post is geared towards Inline Entropy (disk block-level) Scans...but you can take a bit from it and work your way through it for Guest Indexing too, if you use that.

Take your results with a grain of salt. Surely there are probably some false pos’s; but make sure you verify before coming to that conclusion. Assuming you’re looking at the Guest Indexing type results?...you can also read through the User Guide to get some guidance on troubleshooting & analyzing your results. There are log files you can look at (noted in the Guide) to assist you as well.

https://helpcenter.veeam.com/docs/backup/vsphere/malware_detection_guest_index.html?ver=120

Keep us posted.

Hello Chris thank you so much for your feedback, Yes, pur antivirous did not detect any what the scan did, I beleive that I need to use similar yara rules on the tool as well. 

Ok.  You can always mark the VMs as clean in Veeam then it will not detect again based on your Yara rule set as another option.

​@Adrian Meneses - If an A/V scan detected nothing...then yes, I recommend running a yara scan. If both come back normal, then you’re probably ok.

Hello Shane I think I will perform this thanks for your feedback, really appreciated 

No problem...keep us posted when you’re able.