How To Remove ThinkPoint Fake Rogue Malware Spyware

This is another in the long list of  “rogue”, fake, bogus security software that somehow sneaks by your Anti Virus Anti Spyware. Virtually stops your computer from functioning, prompting you to “start” or “activate”, purchase there product in order to have your computer back again.

This was looking like Microsoft Security Essentials program, and even mention Microsoft Security Essentials,, but don’t be fooled, it’s a frustrating, pain in the ass fake annoying program. But it was actually an easy removal process, and fix.

This was on a Windows Vista machine today, and would not load up the desktop, Thinkpoint had Windows Explorer shut down, held at ransom.

  • I booted up in Safe Mode:

On boot up press or tap the F8 key, until you see a screen with Safe Mode option. Use your up arrow key to highlight Safe Mode, press the enter key.

Let Safe Mode load up,, enter login info if prompt to. Then this is where “Thinkpoint” screen came up, filling the entire screen, with no normal desktop behind it. Thinkpoint had Windows Explorer shut down on startup,,, clever aren’t they?

  • Press Ctrl+Alt+Delete Key to bring up “Task Manager” (press “Start Task Manager” for vista Win 7)
  • Go To The “Processes” Tab in Task Manager
  • Now look for a process in that list called “hotfix.exe”
  • Use your mouse cursor & highlight hotfix.exe, click “End Task” (lower bottom right corner of same window)

When prompt “Do you wish to end task…..” etc,, click “Yes”

(“Hotfix.exe” is the rogue malware file associated with Thinkpoint malware infection)
Now here is how to start Windows Explorer manually:

With Task Manager still open, click on the “File” menu (upper left corner)

Choose “New Task (Run),, and type in “explorer.exe” (with no quotes)
Your desktop should now load up, it will look strange, different for Safe Mode does not load the graphics driver.

(At this point I went in & file searched for “hotfix.exe” to locate where the file was, & manually removed/deleted the file.)

If you don’t have Malwarebytes download the program, install, UPDATE and run Quick Scan,, Malwarebytes will find the malware, maybe others, and remove anything it might find. Might prompt you to restart to fully remove the bad stuff. All should be well, but update, and run scans with any other security software you have just to crosscheck the system.

How I manually removed Thinkpoink and the “hotfix.exe” it was associated with:

  • The “hotfix.exe” file is the Thinkpoint malware program file, on this Windows Vista Computer it was located here:

C: Users folder >Home folder >AppData folder >Roaming folder and there was “hotfix.exe”

  • Go to your Start Menu, then cue up “My Computer” or “Computer”, double click on “Local Disk (C:), then look for “Users” folder above.
  • Follow the path mentioned above: Users, Home, AppData,,, Roaming folder
  • “Right Click” on hotfix.exe and choose “delete” in the sub menu………………. all gone.

This was the only file associated with this “Thinkpoint” Malware. No other entries in system registry were found when following uo with other scans afterwards. Maybe there were other files associated with this “Thinkpoint” malware, maybe the systems Anti Virus Software might of stopped some of it, but this one “hotfix.exe” file planted itself right in a start up folder/directory.

Computer was back to normal operation.

Customer stated she believed her computer became infected with this after clicking on, and attempting read some celebrity article on
IDrive – FREE 5GB Backup Account – Protect your digital life with IDrive online backup.

Main Affiliated Websites:
Lightspeeds PC Repair Augusta GA
Lightspeeds PC Repair Augusta GA – Facebook Page

Go Daddy Featured Offer: 47% Off New Product Purchases: Expires 2/12/13


Tagged: , , , , , , , , , ,

4 thoughts on “How To Remove ThinkPoint Fake Rogue Malware Spyware

  1. Donna G October 29, 2010 at 10:51 am Reply

    I got as far as taskmanager and highlighted “hotfix.exe”
    hit end process but the “Do you wish to end task…..” was covered by the Thinkpoint screen. I hit “enter” which is the same as clicking “Yes” but nothing happened. There was no other activity so I was unable to access the “file” menu.

    • augustapcrepair October 29, 2010 at 2:30 pm Reply

      Hummmm, did you boot up “safe Mode”??

      This “Thinkpoint” still loads up even in safe mode,,, but was able to fully load task manager to “kill” the “hotfix.exe” process, and then clean the pc as above.

      Task manager came up in front of the Thinkpoint screen here, had full view and control of the task manager processes.

      Try it again, this time (Safe Mode if not), and try it get to it quickly before Thinkpoint takes control… maybe.

  2. augustapcrepair November 3, 2010 at 8:10 am Reply

    5 computers infected with this, all removed manually thru task manager above easliy. then followed up with regular system scans

  3. […] Here is the original post: How To Remove “ThinkPoint” Fake Rogue Malware « Computer Repair … […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: