Hey,
I have a Sophos client reporting the following as multiple different viruses:
Virus/spyware Not cleanable Mal/Iframe-F \\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy13\pagefile.sys
Virus/spyware Not cleanable Mal/Badsrc-C \\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy13\pagefile.sys
Virus/spyware Not cleanable Troj/Fujif-Gen \\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy13\pagefile.sys
Virus/spyware Not cleanable Troj/Iframe-CG \\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy13\pagefile.sys
Virus/spyware Cleanup failed Troj/Badsrc-M \\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy13\pagefile.sys
This showed up the same day as the now infamous Shh/Updater-B False positives
At first I ignored it because I figured it would start to show on multiple computers, but it didn't.
It only showed on a single computer so now I am not sure if this is a false positive or not. Can the pagefile.sys get infected by a virus?
Has anyone seen the behavirous before? And if so, should I take action to clean it? Or can it be ignored as a false positive?
Thank you.
This thread was automatically locked due to age.
