contrary to the statement in Sophos Endpoint: How to resolve malware detection on pagefile.sys or hiberfil.sysIt is most probably not(emphasis mine) a false detection by Sophos ... my impression is that they are false positives. In all the years I have practically never encountered a case where there was an accompanying detection - pre or post. Furthermore, the detections I've seen were almost exclusively Badsrc-M and Generic-S and as generic detections (although Troj/Badsrc-M as opposed to Mal/Badsrc-M) is allegedly specific) "prone to" false positives. In some cases the occasional alerts on an endpoint continued for one or two days then subsided.
contrary to the statement in Sophos Endpoint: How to resolve malware detection on pagefile.sys or hiberfil.sysIt is most probably not(emphasis mine) a false detection by Sophos ... my impression is that they are false positives. In all the years I have practically never encountered a case where there was an accompanying detection - pre or post. Furthermore, the detections I've seen were almost exclusively Badsrc-M and Generic-S and as generic detections (although Troj/Badsrc-M as opposed to Mal/Badsrc-M) is allegedly specific) "prone to" false positives. In some cases the occasional alerts on an endpoint continued for one or two days then subsided.
