Unsuccessful removing ZoomE.exe/ZoomX.exe (Gen:Variant.Bulz.923652) alleged crypto miner malware

hced

So far Bitdefender has been unsuccessful removing a threat that it identifies as Gen:Variant.Bulz.923652.

Something, somewhere, keeps creating two files, ZoomE.exe and ZoomX.exe, in D:\Temp and %USERPROFILE%\* on my system. Well, after installing and running BitDefender it seems they only appear in the former location (D:\Temp), but that could be wrong.

*Home folder is symlinked to D:\ (but my system is still on C:)

Reportedly this thing (ZoomeE.exe / ZoomX.exe) is a malware that's supposed to mine cryptocoins using my system resources. But I hardly notice anything, or nothing at all. It's just these pesky reappearing files that worries me! So far I've been unsuccessful removing the threat with BitDefender. Before plonking money on this program, I'd like to know if it can actually get rid of it. And if so, how?

FYI: I've done a system scan both normally and via the rescue/safe boot mode. I'm using the trial of BitDefender Total Security. I'm on Windows 10 Pro Version 21H2 (OS Build 19044.1645).

Flexx

https://community.bitdefender.com/en/discussion/91627/unsuccessful-removing-zoome-exe-zoomx-exe-gen-variant-bulz-923652-alleged-crypto-miner-malware

1) Restart PC in safe mode (https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234)

2) Open run command and run below command one by one :

temp ,delete all the files in the folder

%temp% ,delete all the files in folder

prefetch ,delete all the files in folder

3) Restart your PC in general mode by unticking the option that you selected to run the system in safe mode and then click apply.

4) Reset your browser

Google Chrome (https://support.google.com/chrome/answer/3296214?hl=en)

Mozilla Firefox (https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings)

Microsoft Edge (https://malwaretips.com/blogs/reset-microsoft-edge/)

5) Download and run Malwarebytes AdwCleaner (https://adwcleaner.malwarebytes.com/adwcleaner?channel=release)

Malwarebytes Adwleaner guide (https://support.malwarebytes.com/hc/en-us/articles/360038520174-Malwarebytes-AdwCleaner-guide)

6) Download and run Kaspersky Virus Removal Tool (https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe)

If the issue persists, kindly contact the bitdefender support by visiting https://www.bitdefender.com/consumer/support/

Regards