Backdoor.Agent.PGen

Short Bio

Backdoor.Agent.PGen is a generic detection for backdoors that use the following specific registry keys to gain persistence:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

or

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Currently, DarkComet variants predominantly use these keys.

Remediation

Malwarebytes can remove this threat without further user interaction. It is recommended to do a full system scan since this backdoor may have been used to install more malware on the system.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language