explorasi.exe

I just did a quick search and it appears that this is quite possibly connected with a virus - the Brontok Worm is mentioned.

i just download the sophos antivirus and it deletes all the infected files including explorer.exe. even my folder options is not accessible and active directory in administrative tools is also lost. please help to solve my problem because the infected pc is our server. thank you

i just download the sophos antivirus and it deletes all the infected files including explorer.exe. even my folder options is not accessible and active directory in administrative tools is also lost. please help to solve my problem because the infected pc is our server. thank you

are you sure that all viruses were deleted? while you were cheking for the viruses, have you disconnected the LAN cable.
now you need to boot from the windows installation CD, and run repair option to get explorer.exe back.

i just download the sophos antivirus and it deletes all the infected files including explorer.exe. even my folder options is not accessible and active directory in administrative tools is also lost. please help to solve my problem because the infected pc is our server. thank you

click start-->run-->msconfig then click ok

click on startup tab
if you see that file in the startup then remove it from the registry as opposed to unchecking it.

Everytime I log in windows 2000 server and XP it always display "Can't find explorasi.exe". Please help me to solve this. And also my Folder Options in Tools are missing. thank you

Just install ad-aware from lavasoft and run a scan with it.

After scanning is finished - it will find the threads:

You just need to right click the field with the displayed threads and click on select all - afterwards just click next.

for me it worked with ad-aware professional, but i think it will work with the ad-aware personal edition which is free.

here is the link to the site
http://www.lavasoftusa.com/

Hello every one,

Yes, this is an infection with BRONTOK worm!!!

Problem : CaSIs
Solution: CaSIR v1.0

What are CaSIs?

CaSIs stands for Common And Stubborn Infectors. They are malicious programs (viruses, worms, trojans..) being spread worldwide up to the present moment. When one of those infectors infect your computer it take control of it and cannot be removed by normal antivirus software!

One of those common & stubborn infectors is : Email-Worm.Win32.Brontok.q

If you weren't using a good AV, or If your AV signatures were outdated, and your computer has infected by one of those common and stubborn infectors, NOTHING (This 'nothing' includes Kaspersky, Norton, Mcafee, NOD32, AVG…) would help you getting rid of it as long as you try to remove it online (in normal mode or safe mode). Not even your "Best AV" himself would! even if you got it updated. Those infectors are "well-made" to the degree that once they started they cannot be removed unless you did an offline scan with your AV Rescue disk, or an offline manual elimination!

What is CaSIR v1.0?

CaSIR v1.0 (Common And Stubborn Infections Remover) -- as it's name says, is an On-Demand malware removal software for removing several common and stubborn infectors by removing their bodies, their registry entries and any other leftovers!

CaSIR v1.0 has a rough techniques that make it able to remove this kind of infectors!

CaSIR v1.0 doesn't search for malware, instead, it goes directly to the areas that malware infects and removes it from there, hence, it does the work in seconds!

CaSIR v1.0 does more than that. It has a generic and strong technique that allows it to do the following:

. CaSIR v1.0 removes the common restrictions made to your computer by those infectors which none of the AVs deal with.
. CaSIR v1.0 removes the illegitmate services frequently used by those infectors.
. CaSIR v1.0 recognizes and instantly kills any running process that is disguising among the legitimate system services.
. CaSIR v1.0 removes any scripts used by those infectors to autorun.
. CaSIR v1.0 deals with all your storage medias (Fixed, floppy, removable…) and cleans them up all as required.
. CaSIR v1.0 cleans up your system registry so no more spy keys, garbage activities or messages ask for deleted files!
. CaSIR v1.0 signatures are fully updatable, once you download the software, all you need is to download the definitions file frequently and you're uptodate.

How to use CaSIR v1.0?

Simply run CaSIR v1.0 and press Start, Wait for seconds… and you're done!

How to update CaSIR v1.0 definitions?

If you didn't download the definitions file after you had downloaded CaSIR v1.0, you will not be able to use CaSIR v1.0. You will be automatically taken to the CaSIR Update Page to download definitions file. The definitions file is a very small zipped file contains the malware signatures. Once you downloaded this file, and put it in the same folder of the main program, you will be able to use CaSIR v1.0

From time to time (I recommend weekly basis) press Update button, CaSIR v1.0 will try to connect you to CaSIR Update Page, all you have to do is to download casirdef.zip. Unextract it's contents and replace with the old one!

What are RNP, GFL, SFL, GFD, SFD, RKM, RKD?

When CaSIR v1.0 find an infection on your computer, it shows up the infection in the following way :

XXX – YYY

XXX: is the type of the infection found
YYY: is the infection itself

XXX has 7 different keywords

RNP : Running Process
GFL : Group of Files
SFL : Single File
GFD : Group of Folders
SFD : Single Folder
RKM : Registry Key to be Modified
RKD : Registry Key to be Deleted

How to buy CaSIR v1.0?
If you are currently using the DEMO version of CaSIR v1.0, you will be automatically taken to the Secured Purchase Page of iSergiwa Software whenever an infection found in your computer in order to remove the infections as the DEMO version doesn't remove them; it only detects them!

CaSIR v1.0
Developer: Issam Sergiwa
Company: iSergiwa Software
Licence: Demo
Price: $19.95
OS: Windows 9x, Me, XP, Vista
Bugs? Problems?
Contact support@sergiwa.com

thanks rosso17, it works! so guyz! just scan with ad-aware! it will remove!