AverageCoder.Net - Programming - Software - Techie Stuffs

D2 Remover (d2 virus removal tool)

Posted by Daniel - 3,323 Views

Well, it’s a virus removal program. From the title you know it will removes the d2 virus from your system. d2 virus is also known as dkernel, lExplorer, decoil daun and dEngines. Below is the information about the virus activities inside an infected system:

Creates lExplore.exe (not iExplore) in c:\windows. The file size is 28 KB.

Creates a folder named I75-D2 in C:\Windows\System32 (WinXP) or in C:\Windows\System (Win98). The folder contains 3 files:

The content of the INZ.D will be like this:

Duplicates the file DKERNEL.EXE to some other name ended with .DOC extension in the target folder and the duplicated file’s Icon is not always the same.

Creates these registry entry

If you take a look on the Task Manager, lExplorer process and dkernel process will be visible. This virus make the infected system run slower than usual. At 12 PM it will display an annoying graphic, take over the system and force you to stop your works. d2 is also renames winamp.exe into winamp_d2.exe and creates a copy of itself as winamp.exe. Same process also applied to winamp.ini.

This program was built with Visual Basic 6, had been tested on the coder’s machine and worked well, but it may not produces the same result on your system. The coder will take no responsibilities of any kind. Please use it at your own risk.

Download D2-Remover (8 KB)