Update 10.18.10 – Read This First
Remove Think Point Virus from Your Computer
I’ve noticed after making some recent changes on my site, that I’ve seen a huge increase in visitors coming from Google looking for information on “think point”. That made me a little curious so I conducted the Google search myself and did not find much of anything related directly to the keyword term “think point”.
So, I wanted to take this opportunity to reach out to you and ask, what is prompting you to conduct this particular search? Where did you hear about “think point”? Is it a new app that has yet to launch, did you hear about it on the radio? I really want to know, What is Think Point?
Let me know how you got here in the comments below. I’m curious to see what you know.
The source of this file you are asking about is a rogue program that messes up the computer and then asks for money. I have about nine or ten small windows that respond to an effort to delete bogus files. The interestig thing about them is they do not move and they do not respond to a delete command. They simply clogup the web page making escape impossible. My solicittions to the users who have reached your site by mistake. It is an offensive intrusion (Smart Engine) that only annoys and asks for money.
That sucks. Have you figured out how to get rid of it yet? Or even better how to avoid it altogether? It seems to be affecting a lot of people.
if it starts to come up on your screen. immediately shut down your computer, reboot and the virus scan and delete. If you already have it. use CTRL ALT DLT and open task manager. delete the process called hotfix. if this leaves your screen black the open new task in the task manager and type in explorer.exe , this will open up your windows and give you control of your computer again so you can scan and delete.
ThinkPoint seems to have originated sometime around August 16th, 2010 so it is a new virus written in the Visual Basic programming language designed to target Windows Vista, 7 , XP users specifically. It is installed onto a computer by hijacking the browser via pop up messages that are difficult for the average computer user to click away from without being tricked by it. If said user happens to click close or the fake red x attached to this it is installed (i suspect through Active X files) and then proceeds to attach itself to internet browsers, task manager, explorer, notepad, etc.. so that when any of these programs are run it launches the virus instead.
It will display a “Microsoft Essentials Security Alert” which is designed to look identical to the real thing…though it really is fake. At this point the virus is in your system awaiting to fully install itself. If you respond to the M.E.S.A. message it installs itself completely writing to the registry and adding hotfix.exe to the list of current running processes but will not show as a current task. Once you reboot thats when you are greeted by the fake “ThinkPoint” front screen that has a Microsoft logo but missing the copyright, registered trademark logos you usually always see the MS logo accompany. It even features several help topics on its different types of fake scans, but if your observant you will spot grammatical errors like punctuation or mispelled words missing letters etc.
ThinkPoint once fully installed and active will attempt to block you out from using explorer, task manager, notepad, browsers (seems to be all browsers.. I even tried firefox and chrome) etc. Pressing Ctrl + Alt + Delete to access the Task Manager will ‘sometimes’ work even though hotfix.exe will actively try to prevent you from opening it. (I actually LOL’d when I saw it say ‘Form2′ is attempting to restrict access to Task Manager.) Ending the process hotfix.exe will leave you with a black screen with explorer in a disabled state. From there you can either run regedit to fix your registry manually or find some apps to do the work for you like Malwarebytes etc…
Anyways this virus seems to have activated or started activating on systems around Oct. 16, 2010… it may have been active on my machine for a few days but it didnt kick me out of windows controls until around Nov 4th…so that may explain your recent influx of visitors regarding ThinkPoint.
Excellent! Thank James for the in depth answer. This thing seemed to have caused a lot a problems for people. Hopefully this clears the air a little.
I should also note I know exactly where this virus was contracted from as well….
piratebay.org
See… pay for software people. It’s not worth the drama or you can always just buy a Mac.
Sooo…I am just am average computer user. My husband was setting up his igoogle page when he clicked on a music download link on google. The Microsoft Security Alert kept coming up after that and he (unknowingly) clicked X and launched the ThinkPoint virus. To make matters worse, he (thinking it was a microsoft program) let it “scan” his computer. He then gave it to me to fix. Hmmm…well, it blocked access to any and all applications I tried to open and I could not access the internet to download a ThinkPoint Virus removal program. I did manage to open the task manager, but “hotfix.exe” was oddly missing from the list of applications. I tried to delete it from my programs, but (of course) I could not do that. I went on my other computer to find info on how to dump the virus, but could find little that would help me without access to the internet. I had one last idea and went with it. THIS IS ALL I DID…I did not connect to the internet (via network, its a laptop), but instead opened a window offline (where it says “this webpage cannot be displayed”). I kept the offline page open and then connected to the internet and I successfully bypassed ThinkPoint!!!! I downloaded a simple removal program from http://www.softpedia.com (it was free). I then scanned my computer with my anti-virus software, rebooted, and deleted the stupid thing off the hard drive. That was it. Problem solved. I have had no further issues.