"malwares bytes detects the malware as "Backdoor.Agent.SBFGen"
This Backdoor or another affiliated agent may reload itself after a remove
Steps to clean your desktop:
Download Malwarebytes. (go to
www.malwarebytes.org check your url field has exactly this url)
while installing, uncheck the "i want to use for free Malwarebytes premium for x days...)
Double click and update it.
Reboot with safe mode choose the simple Safe mode (Without NETWORKING)
if you used USB drive while being infected, plug the USB and start a complete scan
Fix all entries (PUP/Malware/Trojan/backdoor...) except maybe your miner software cgminer/sgminer
for those who were infected AND after the remove/reboot from Malwarebytes (under the safe mode):
check if Malwarebytes re-detect it or not (Re-scan)
if yes, you could try combofix, reboot (normal mode) Download it from bleepingcomputer
Save it to your desktop.
Note: Windows 8.1 and Windows 2000 are NOT supported by ComboFix(i.E: XP, Vista, Seven and windows 8 is supported)
If you store files here:
-Temporary Internet Files
-Temp Folder
-Windows Recycle Bin
and want to keep it, move them to a safer location before the combofix scan. (remember to replace them after the scan)
You MUST close all open Windows.
Turn off Antivirii, antimalware residents, windows update, java update... other runnning programs.
(remember to turn them on after the scan)
Run Combofix, Please note:
Be Patient, dont touch your computer untill been asked by combofix, possibly for:
-the installation of the windows recovery console (click yes)
-the scan (Click 'Yes' to continue scanning for malware...)
Combofix will disconnect your computer from the Internet and it will change your clock format (after the scan it will restore them.)
You will see around 35 to 50 stages, be patient.
The Find3M windows will stay a long time, Again, Be patient.
Then a new screen appear telling you the combofix report, will be located at C:\ComboFix.txt
usefull if you want to have further analyse, you can post this log in the dedicated forum of bleepingcomputer, majorgeeks, Malwareremoval.com
When you are sure your PC is clean, you can uninstall Combofix:
For Vista/seven/8: In the Search field, type
Combofix /uninstall(type a space between "Combofix" and "/uninstall") then press enter.
For XP: click start then Run, in the Run field, type
Combofix /uninstall(type a space between "Combofix" and "/uninstall") then press enter.
Reboot (safe mode) and run a Malwarebytes full scan. You should have wipe the backdoor and any other dangerous hack.
At this point
YOU MUST CHANGE ALL YOUR PASSWORDS.
hope it helps