Troj/Badsrc-M' has been detected in Pagefile.sys


Recently received this alert on a machine, that isn't overly used. Need to determine if this is false positive, but also it's copying to multuple VSS Shadow Copies each time a VSS is run, is there an way to identify its source.

The device has Intercept X on it and the "malware" is actually being cleaned up after we receive the alerts

Virus/spyware 'Troj/Badsrc-M' has been detected in "\\.\GLOBALROOT\Device\HarddiskVolumeShadowCopy6\pagefile.sys". Cleanup failed