Tag Archives: virus

How To Remove ThinkPoint Fake Rogue Malware Spyware


This is another in the long list of  “rogue”, fake, bogus security software that somehow sneaks by your Anti Virus Anti Spyware. Virtually stops your computer from functioning, prompting you to “start” or “activate”, purchase there product in order to have your computer back again.

This was looking like Microsoft Security Essentials program, and even mention Microsoft Security Essentials,, but don’t be fooled, it’s a frustrating, pain in the ass fake annoying program. But it was actually an easy removal process, and fix.

This was on a Windows Vista machine today, and would not load up the desktop, Thinkpoint had Windows Explorer shut down, held at ransom.

  • I booted up in Safe Mode:

On boot up press or tap the F8 key, until you see a screen with Safe Mode option. Use your up arrow key to highlight Safe Mode, press the enter key.

Let Safe Mode load up,, enter login info if prompt to. Then this is where “Thinkpoint” screen came up, filling the entire screen, with no normal desktop behind it. Thinkpoint had Windows Explorer shut down on startup,,, clever aren’t they?

  • Press Ctrl+Alt+Delete Key to bring up “Task Manager” (press “Start Task Manager” for vista Win 7)
  • Go To The “Processes” Tab in Task Manager
  • Now look for a process in that list called “hotfix.exe”
  • Use your mouse cursor & highlight hotfix.exe, click “End Task” (lower bottom right corner of same window)

When prompt “Do you wish to end task…..” etc,, click “Yes”

(“Hotfix.exe” is the rogue malware file associated with Thinkpoint malware infection)
 
 
 
 
Now here is how to start Windows Explorer manually:

With Task Manager still open, click on the “File” menu (upper left corner)

Choose “New Task (Run),, and type in “explorer.exe” (with no quotes)
Your desktop should now load up, it will look strange, different for Safe Mode does not load the graphics driver.

(At this point I went in & file searched for “hotfix.exe” to locate where the file was, & manually removed/deleted the file.)

If you don’t have Malwarebytes download the program, install, UPDATE and run Quick Scan,, Malwarebytes will find the malware, maybe others, and remove anything it might find. Might prompt you to restart to fully remove the bad stuff. All should be well, but update, and run scans with any other security software you have just to crosscheck the system.

How I manually removed Thinkpoink and the “hotfix.exe” it was associated with:

  • The “hotfix.exe” file is the Thinkpoint malware program file, on this Windows Vista Computer it was located here:

C: Users folder >Home folder >AppData folder >Roaming folder and there was “hotfix.exe”

  • Go to your Start Menu, then cue up “My Computer” or “Computer”, double click on “Local Disk (C:), then look for “Users” folder above.
  • Follow the path mentioned above: Users, Home, AppData,,, Roaming folder
  • “Right Click” on hotfix.exe and choose “delete” in the sub menu………………. all gone.

This was the only file associated with this “Thinkpoint” Malware. No other entries in system registry were found when following uo with other scans afterwards. Maybe there were other files associated with this “Thinkpoint” malware, maybe the systems Anti Virus Software might of stopped some of it, but this one “hotfix.exe” file planted itself right in a start up folder/directory.

Computer was back to normal operation.

Customer stated she believed her computer became infected with this after clicking on, and attempting read some celebrity article on MSN.com
 
 
 
 
 
 
IDrive – FREE 5GB Backup Account – Protect your digital life with IDrive online backup.

Main Affiliated Websites:
Lightspeeds PC Repair Augusta GA
Lightspeeds PC Repair Augusta GA – Facebook Page

Go Daddy Featured Offer: 47% Off New Product Purchases: Expires 2/12/13

Virus Fools People Into Uninstalling Their Antivirus Software


Lightspeeds PC Repair Augusta GA

“In a press releases issued today, Symantec warns that the AnViAntivirus will give users a pop up telling them that there is a problem with their current antivirus software, then it will encourage them to

remove it immediately. The virus will display this cheeky little message:

Uncertified [program name] antivirus software detected on your computer. You need to remove {antivirus name} software for correct operation of the Antivirus.

Attention: If you don`t remove [program name] software, the performance of your computer will dramatically degrade.

Press “OK” to remove the [program name]”


Virus Fools People Into Uninstalling Their Antivirus Software – Yahoo! News

 
 
 
IDrive – FREE 5GB Backup Account – Protect your digital life with IDrive online backup.

Main Affiliated Websites:
Lightspeeds PC Repair Augusta GA
Lightspeeds PC Repair Augusta GA – Facebook Page

Go Daddy Featured Offer: 47% Off New Product Purchases: Expires 2/12/13

Protect Your Network from Facebook Malware – Yahoo! News


“AppRiver report that they are detecting a new malware campaign targeting Facebook. The campaign tricks unsuspecting users into thinking the message is coming from Facebook. The e-mail appears to be an official Facebook notification indicating the reader can reconnect with friends, but the message is full of malicious links. Clicking on one of the malicious links will then redirect them through several different Web sites and load malware onto their computer through a hidden iframe exploit……..”

Protect Your Network from Facebook Malware – Yahoo! News
 
 
 
 
IDrive – FREE 5GB Backup Account – Protect your digital life with IDrive online backup.

Main Affiliated Websites:
Lightspeeds PC Repair Augusta GA
Lightspeeds PC Repair Augusta GA – Facebook Page
Computer Repair Augusta GA – Laptop Cooling Repair Modification

Some People Just Do Not Learn……………


Just cannot understand why almost every computer I service has these file sharing programs STILL on there computer. Limewire, Bearshare, Shareaza, BitTorrent. Ares, Kazaa, Morpheous, Emule just to name a few,, with Limewire being the most popular.

Limewire downloads and all the others, are infested with computer viruses and spyware. It’s a virus hell! Other than getting your computer taken down with viruses every month or day,,, it can be very costly if your hit with a copy write lawsuit with Sony or the other “Big Dogs”!

Why people have to fill there computer with music is beyond me. Music is the #1 download, #1 search term. Why do you think these file sharing downloads are loaded with viruses in the first place? To easily and quickly spread these viruses,, do you think???

Just because you might have, or what you think is a active LEGIT Anti Virus/Anti Spyware program protecting you that you are free & clear, or immune to this crap…………… got news for you, you are not! And most run these computers till they stop completely, and then it’s to late. Guess what all your music and your family photos are now gone, lost because your hard drive has crapped out now. And to recover them could cost $200-$1000+++.

I tell these customers every time, every month after I finish removing infections, after I charge them about “safe internet surfing”. And they still have Limewire on there computer, with recent downloads! .99 to download music legally, and possibly much safer is much cheaper than having you computer repaired each month.

This is just my opinion,, do what you continue to do, it’s alright by me!

 
IDrive – FREE 5GB Backup Account – Protect your digital life with IDrive online backup.

Main Affiliated Websites:
Lightspeeds PC Repair Augusta GA
Lightspeeds PC Repair Augusta GA – Facebook Page
Computer Repair Augusta GA – Laptop Cooling Repair Modification

Go Daddy Featured Offer: 47% Off New Product Purchases: Expires 2/12/13

%d bloggers like this: