How To Get Rid Of the D.exe Trojan

The d.exe process is a registered Trojan. The d.exe virus is spread through e-mail. The virus enters your computer as soon as you double-click the email attachment to which it is attached.

Once inside your PC, d.exe accesses the information stored in your address book and redistributes itself to the listed email addresses through its own SMTP engine.

In the worst cases, the d.exe virus allows the attackers access to your account. This can be very damaging as attackers can now steal your personal information, such as email passwords, and credit card numbers and use the information for unscrupulous activities.  

D.exe – File Information

The d.exe file is recorded in the following file sizes:

  • 705 bytes
  • 355,840 bytes
  • 355,840 bytes
  • 218,636 bytes
  • 214,528 bytes
  • 193,024 bytes
  • 32,768 bytes

Following file behavior is associated with D.exe virus:

  • This process modifies the system registry to auto-start programs when you start Windows.
  • This process registers a DLL, executes a process, creates new processes, and deletes legitimate processes.
  • The d.exe virus disables the Safe Mode on an infected computer.
  • The d.exe virus has the ability to use HTTP protocol to communicate with other computers, as well as download content and program files from the Internet without your knowledge.
  • The process monitors your keyboard input, screen contents, and mouse activity.
  • The d.exe virus does Process Hijacking (writes to another Program’s Virtual Memory space).

Shared below is the list of Internet threats that are recorded to be associated with the d.exe file:

Backdoor.Bifrose.K [Symantec]
Backdoor.Bifrose.LV [PC Tools]
Backdoor.Trojan [Symantec]
Backdoor.Win32.Bifrose [Ikarus]
Backdoor.Win32.Bifrose.agq [Kaspersky Lab]
Backdoor.Win32.IRCBot.juc [Kaspersky Lab]
Backdoor.Win32.Poison.pg [Kaspersky Lab]
Backdoor:Win32/Bifrose [Microsoft]
Backdoor:Win32/Poisonivy.H [Microsoft]
BackDoor-CEP.svr [McAfee]
BackDoor-DNR [McAfee]
BackDoor-DSS [McAfee]
BKDR_BIFROSE.S [Trend Micro]
Downloader [Symantec]
FakeAlert-EL [McAfee]
FakeAlert-GV [McAfee]
Generic Dropper.bw [McAfee]
Generic.dx [McAfee]
Mal/Bifrose-B [Sophos]
Mal/EncPk-JD [Sophos]
Mal/IRCBot-J [Sophos]
Mal/TibsPk-A [Sophos]
Suspicious.MH690 [Symantec]
Troj/Smalla-Gen, Mal/EncPk-CI, Mal/Poison-A [Sophos]
TROJ_ZLOB.AKT [Trend Micro]
Trojan Horse [Symantec]
Trojan.DL.CKSPost.Gen [PC Tools]
Trojan.Dropper [Symantec]
Trojan.Generic [PC Tools]
Trojan.Win32.FraudPack [Ikarus]
Trojan.Win32.FraudPack.pkb [Kaspersky Lab]
Trojan.Win32.FraudPack.qax [Kaspersky Lab]
Trojan-Downloader.VB!sd6 [PC Tools]
Trojan-Downloader.Win32.VB.lih [Kaspersky Lab]
TrojanDownloader:Win32/Renos.GW [Microsoft]
Virus.Win32.Agent.AAGI [Ikarus]
Win32.SuspectCrc [Ikarus]
Win32/IRCBot.worm.variant [AhnLab]
Win-Trojan/OnlineGameHack.B [AhnLab]
Win-Trojan/Poison.9728.F [AhnLab]
Win-Trojan/Xema.variant [AhnLab]

My computer is infected with d.exe, how do I remove it?

To remove d.exe, perform the following tasks:

  • Update your antivirus program with the latest virus definitions.
  • Disconnect your computer from Internet. If your computer is part of a network then disconnect it from the network as well.
  • Reboot your computer in Safe Mode. To do this, press the F8 key as Windows reloads and select the Safe Mode option in the Advanced Boot Options screen, using the arrow keys.
  • Scan your computer for viruses and other malware programs. Delete the threats listed in the scan results.
  • Finally, restart your computer in Normal Mode.

Is it recommended to manually remove d.exe?

It is not recommended to manually remove viruses, such as d.exe. As discussed above, d.exe creates various other processes. Removing all the files and processes related to the d.exe virus is difficult as one may not be aware of the names or locations of these files. Deletion of a wrong file may cause further harm to your computer.

If you must remove the d.exe manually then you need to complete the following two tasks:

  • Terminate the d.exe process and other processes associated with the malware via the Windows Task Manager.
  • Next, locate and delete all the files associated with d.exe