Norton is detecting "snapple.exe" on start up. Any suggestions to get rid of it as the above programs seem to be able to remove it.
Thanks in advance.
Rob
snapple.exe
Started by
j16rwb
, Mar 17 2005 03:49 AM
#1
Posted 17 March 2005 - 03:49 AM
j16rwb
-
- Member
-
- 2 posts
New Member
Norton is detecting "snapple.exe" on start up. Any suggestions to get rid of it as the above programs seem to be able to remove it.
Thanks in advance.
Rob
#2
Guest_usetobe_*
Posted 17 March 2005 - 04:23 AM
Guest_usetobe_*
Guest_usetobe_*
-
- Guest
Restarting in Safe Mode
» On Windows NT (VGA mode)
Click Start>Settings>Control Panel.
Double-click the System icon.
Click the Startup/Shutdown tab.
Set the Show List field to 10 seconds and click OK to save this change.
Shut down and restart your computer.
Select VGA mode from the startup menu.
» On Windows 2000
Restart your computer.
Press the F8 key, when you see the Starting Windows bar at the bottom of the screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.
» On Windows XP
Restart your computer.
Press F8 after the Power-On Self Test (POST) is done. If the Windows Advanced Options Menu does not appear, try restarting and then pressing F8 several times after the POST screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.
Disabling the Malware Service
This procedure removes the running malware service from memory on systems running Windows NT, 2000, and XP.
Open a command prompt window. Click Start>Run, type CMD and then press the Enter key.
At the command prompt, type the following:
NET STOP "snapples"
Press the Enter key. A message should indicate that the service has been stopped successfully.
Close the command prompt window.
Removing Autostart Entries from the Registry
Removing autostart entries from the registry prevents the malware from executing at startup.
Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>RunServices
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Runonce
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, double-click the following:
HKEY_CURRENT_USER>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, locate and delete the following:
HKEY_LOCAL_MACHINE>System>CurrentControlSet>
Services>Snapple
Close Registry Editor.
Additional Windows XP Cleaning Instructions
Users running Windows XP must disable System Restore to allow full scanning of infected systems.
then run your anti virus ()updated with latest pattern files) and
Scan your system and delete all files detected as WORM_FORBOT.AZ.
» On Windows NT (VGA mode)
Click Start>Settings>Control Panel.
Double-click the System icon.
Click the Startup/Shutdown tab.
Set the Show List field to 10 seconds and click OK to save this change.
Shut down and restart your computer.
Select VGA mode from the startup menu.
» On Windows 2000
Restart your computer.
Press the F8 key, when you see the Starting Windows bar at the bottom of the screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.
» On Windows XP
Restart your computer.
Press F8 after the Power-On Self Test (POST) is done. If the Windows Advanced Options Menu does not appear, try restarting and then pressing F8 several times after the POST screen.
Choose the Safe Mode option from the Windows Advanced Options Menu then press Enter.
Disabling the Malware Service
This procedure removes the running malware service from memory on systems running Windows NT, 2000, and XP.
Open a command prompt window. Click Start>Run, type CMD and then press the Enter key.
At the command prompt, type the following:
NET STOP "snapples"
Press the Enter key. A message should indicate that the service has been stopped successfully.
Close the command prompt window.
Removing Autostart Entries from the Registry
Removing autostart entries from the registry prevents the malware from executing at startup.
Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>RunServices
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Runonce
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, double-click the following:
HKEY_CURRENT_USER>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry:
Snapple = "snapple.exe"
In the left panel, locate and delete the following:
HKEY_LOCAL_MACHINE>System>CurrentControlSet>
Services>Snapple
Close Registry Editor.
Additional Windows XP Cleaning Instructions
Users running Windows XP must disable System Restore to allow full scanning of infected systems.
then run your anti virus ()updated with latest pattern files) and
Scan your system and delete all files detected as WORM_FORBOT.AZ.
#3
Posted 17 March 2005 - 10:38 AM
j16rwb
- Topic Starter
-
- Member
-
- 2 posts
New Member
Thaks for the advice 
#4
Posted 17 March 2005 - 02:10 PM
-=jonnyrotten=-
-
- Retired Staff
-
- 2,678 posts
Member 2k
Also,
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.
Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.
Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
-=jonnyrotten=-
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.
Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.
Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
-=jonnyrotten=-
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
