Can't remove dontbeevils(dot)de malware by crypto-webminer

[Tipstar]

I seem to have been infected by a malware that try to access dontbeevils(dot)de. I get constant notifications from my antivirus that dontbeevils(dot)de is blocked from accessing the internet. I don't know how I got infected as I'm very careful about what I browse and download. I accessed the site dontbeevils(dot)de on sandobx and found it sells bitcoin and crypto related domains and is from crypto-webminer.com. The problem is I and my antivirus can't get rid of it. It's active even when there's no app or browser open.

[mk4]

The safest and almost 100% guaranteed solution to have a clean device will always be just to do a fresh install of your preferred operating system. At least that's what I would do.

With that said, if installing a clean OS is out of your choices for whatever reason, have you tried Malwarebytes[1]? That software has almost always been helpful in removing malware in my case(though I always end up reinstalling my OS instead due to paranoia).

[1] https://www.malwarebytes.com/

[DaveF]

Although you will get some good support here, if for whatever reason wiping and starting again is not an option try going to the bleepingcomputer forums and posting here:

https://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-help/

Before you do that read the guides that they have posted especially the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

Good people there willing to help.

-Dave

[Lucius]

Tipstar, try to make scan in safe mode (check how to do that for your OS), because in such a mode malware is much easier to remove in some cases. I recommend you try scanning with your AV, even though it doesn't seem to be doing its prevention job well - but Malwarebytes should be helpful, just before scanning make an update of its database.

I try to access crypto-webminer but my AV has instantly blocked that page because od JSCoinminer Website 5, which means that the owner wants to use the power of your processor through your browser to probably mine Monero.

A possible solution can be found at this link, and it consists of uninstalling the browser you are using and then manually deleting certain folders. Read carefully before the procedure and save all important data from the browser (bookmarks & passwords).

https://www.infopackets.com/news/10316/how-fix-remove-jscoinminer-browser-malware-step-step