Backdoor.Agent.PGen

Short Bio

Backdoor.Agent.PGen is a generic detection for backdoors that use the following specific registry keys to gain persistence:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

or

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Currently, DarkComet variants predominantly use these keys.

Remediation

Malwarebytes can remove this threat without further user interaction. It is recommended to do a full system scan since this backdoor may have been used to install more malware on the system.