This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Has anybody got any idea who to manually clean this? Troj/Agent-AMGG' found in Trash/tbQC7oR.zip Anybody seen this before?

Has anybody got any idea who to manually clean this? Troj/Agent-AMGG' found in Trash/tbQC7oR.zip  Anybody seen this before?



This thread was automatically locked due to age.
Parents
  • Hi Steve,

    Do you have the full file path to where that file is located on your machine? it should show you this next to the detection in your quarantine. Looks like it is just in your recycle bin though, what happens if you try to manually delete this file?

  • Thanks Peter

    Apologies for the late reply. Been away.

    This was the full file path in Quarantine. Troj/Agent-AMGG at /Users/stevennorth/.Trash/tbQC7oR.zip  I've got rid of it by deleting everything in trash  I.E. When I now run Sophos nothing shows up. However, I could not find it initially when I searched for it after Sophos tracked it down to the trash bin. Do you have any idea what Troj/Agent-AMGG  is? I can't find any references to it aside from a reference by Sophos but even that does not include a definition. Thanks.  Steve 

  • Hi Steve,

    Unfortunately knowing a detection name doesn't tell us what the file did. That same detection name could potentially be seen for thousands of different files, they would most likely all be similar but doing slightly different things, so it isn't possible to answer that without the specific file.

    Do you know how it got onto your machine? 

    Given the detection name and that the file was a zip, my best guess would be you received an email with this file attached, inside the zip would likely have been a JavaScript file (.js) if you had run that file it would of connected to a malicious server and downloaded a malware payload, this could of been anything but most likely ransomware.

    However as I said, without the file I can't say for certain. The good news is it is gone.

Reply
  • Hi Steve,

    Unfortunately knowing a detection name doesn't tell us what the file did. That same detection name could potentially be seen for thousands of different files, they would most likely all be similar but doing slightly different things, so it isn't possible to answer that without the specific file.

    Do you know how it got onto your machine? 

    Given the detection name and that the file was a zip, my best guess would be you received an email with this file attached, inside the zip would likely have been a JavaScript file (.js) if you had run that file it would of connected to a malicious server and downloaded a malware payload, this could of been anything but most likely ransomware.

    However as I said, without the file I can't say for certain. The good news is it is gone.

Children
No Data