Unsuccessful removing ZoomE.exe/ZoomX.exe (Gen:Variant.Bulz.923652) alleged crypto miner malware

So far BitDefender has been unsuccessful removing a threat that it identifies as Gen:Variant.Bulz.923652.

Something, somewhere, keeps creating two files, ZoomE.exe and ZoomX.exe, in D:\Temp and %USERPROFILE%\* on my system. Well, after installing and running BitDefender it seems they only appear in the former location (D:\Temp), but that could be wrong.

*Home folder is symlinked to D:\ (but my system is still on C:)

Reportedly this thing (ZoomeE.exe / ZoomX.exe) is a malware that's supposed to mine cryptocoins using my system resources. But I hardly notice anything, or nothing at all. It's just these pesky reappearing files that worries me! So far I've been unsuccessful removing the threat with BitDefender. Before plonking money on this program, I'd like to know if it can actually get rid of it. And if so, how?

FYI: I've done a system scan both normally and via the rescue/safe boot mode. I'm using the trial of BitDefender Total Security. I'm on Windows 10 Pro Version 21H2 (OS Build 19044.1645).

Answers

  • Gjoksi
    Gjoksi Defender of the month mod
    edited May 2022

    Hello.

    First, take screenshot(s) of the issue(s) and create a log on your Windows device using BDsysLog, by following these steps:

    Next, contact Bitdefender Consumer Support by e-mail here (scroll down to the bottom of the page):

    with short description of the issue(s).

    After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

    Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log file you already created in the first step.

    Since you are all done, just wait for the support engineers to investigate your issue(s) and find solution(s) to fix the issue(s).

    Remember that the screeshot(s) and the log file will help a lot to the support engineers for better and faster investigation on your issue(s) and finding solution(s).

    Regards.