Click here for important information about Computing.net.
When I start my computer, a fake anti virus program called Thinkpoint starts running. It´s impossible to close it and return to Windows. I´ve tried to press alt f4, getting a black screen, and then pressing ctrl alt del starting the windows task manager. When i do this the screen turns black again and it´s not possible to close any programs. HELP!
Hi, Use Malwarebytes Anti-Malware to remove the Thinkpoint virus.
If it doesn't work try booting into safe mode, then run Malwarebytes Anti-Malware.
Thanks, but how can i run it when i cant get past the black screen after trying to open windows task manager to close thinkpoint?
Thinkpoint starts running before Windows Explorer does. So once you've pressed alt-f4, pressed ctrl-alt-del, and ended the Thinkpoint program, you need to start it: from the File menu in Task Manager, choose "New task", enter explorer.exe, and press OK - should now start normally, and you can then run Malwarebytes as suggested above to clear it up.
Are you able to remove it from Safe Mode with networking? It was annoying but I got past the thinkpoint window. Should I be running my computer normally? or can the Malwarebytes program fix it from safe mode? edit: oh and will the Malware program's freeware version be able to pick it up? or would you need to purchase it
Ive been trying to remove this since yesterday noon. i cant install Malwarebytes software because i cant get into my admin account (ANY WAY AROUND THIS WOULD DO JUSTICE??) Ive tried using rkill.exe. It opens but just says please be patient. I highly doubt its doing anything because as soon as i open it it says "pev.rkexe has stopped working" Viruses and and the people who make them are LAME!
Help Please
okay so this virus is really annoying.i dont know how it got on my pc but it sucks. i've tried malware bytes because its on my desktop in both safemode with networking and regular. When i opened up malware and did a quick scan it showed me the virus i immediatley clicked remove and it did, i thought it worked because i scanned it again(in regular mode) with panda security and it told me no viruses were detected so i felt pretty good until i opened up interenet explorer and the same pop up for the same virus popped up again!!!! now i cant open internet or any other internet based system(firefox,safari etc.) and i cant open system restore OR task manager!!! HELP ME!!!!!!!
It´s just that I cant´t open the task manager. I press ctrl alt del and then when i choose the task manager - the screen turns black again and the task manager doesn´t show up.
I had the same problem, I used Malwarebytes and it works!
What I did was download in my lap the malwarebytes, then passed it to the infected PC. If you use that version you won't eliminate the problem, you need first to update the Malwarebytes once installed on the infected machine, then run malwarebytes and end of the problem!
So I have to download the Malwarebytes on another computer, save it to a cd and then use the cd on my infected laptop? SOrry for asking stupid questions, im really not a computerperson.
As per response #5
"It opens but just says please be patient. I highly doubt its doing anything because as soon as i open it it says "pev.rkexe has stopped working"Sometimes you have to run it 5 or 6 times to stop an active malware. You have to have patience...give it time to end the process.
Once it ends it, do a full scan with Malwarebytes.Some HELP in posting on Computing.net plus free progs and instructions Cheers
1. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) and save it on your Desktop.
2. After downloading, double-click on the file to install the application.
3. Follow the prompts and install as “default” only
4. Before the installation completes, check on the following prompts:
- Update Malwarebytes’ Anti-Malware
- Launch Malwarebytes’ Anti-Malware
5. Click “Finish.” Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the “Show Results”
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.
But I cant download the program on my infected computer when its impossible to enter windows! the task manager doesnt pop up when i try to start it.
I just got rid of ThinkPoint today. It took a while since I couldn't get on the internet. I had the same problem opening TaskManager and Internet Explorer. So I went to the Control Panel and made another account and switched users. Before I logged in on my new account, I had shared my files (regular account) with my new account and was able to use internet explorer and open TaskManager. When I opened TaskManager (on the new account), it showed all the files that are on my computer. I clicked to see all of the files from both my regular account and the new account I created. And hotfix.exe is one of the files from ThinkPoint and I clicked on end process. I switched back to my regular account and downloaded MalwareBytes Anti-Malware, by this time Internet Explorer was working on my regualr account and scanned all of my files on my computer. This is took some time, for me it was almost 2 hrs, you just want to make sure all the files for ThinkPoint is removed. Once the scan is done, whatever infected files were left from ThinkPoint, I removed those files and restarted my computer again. And everything was back to normal. Just in case I ran a scan through the Virus System I used on Windows Vista and the "scammed virus" was gone. I hope this helps you.
I'm sure rkill.exe would save lots of steps. Some HELP in posting on Computing.net plus free progs and instructions Cheers
2SMRT4U: thanks. but how can I get to the control panel when i cant get past thinkpoint(so i cant enter windows)?
ruthvil, you can use this guide to clean the infection and get to your desktop: http://www.bleepingcomputer.com/vir...
BC is the only site i would trust.
thanks you, but as i´ve said, im not able to open the task manager. when i press ctrl alt del the screen that allows me to open the task manager appears, but when i press "task manager" the screen turns black and im not able to close hotfix.exe in the processes tab. :(
try a system restore to before the problem and then use your removal tools Some HELP in posting on Computing.net plus free progs and instructions Cheers
My brother just got the Thinkpoint virus. After start up it shows a black screen with the thinkpoint program running. A pop up window saying " your system will reboot in 60 sec. " shows up after a few seconds and the system restarts.
We have tried every solutions suggested in here but it is impossible when the machine keeps restating.
Help :o)
Tips from 2SMRT4U helped Thanks a lot.
I ran the Malware using new account
Here's a how-to on how to PREVENT fake AV's from getting on your PC
http://www.computing.net/howtos/sho...Some HELP in posting on Computing.net plus free progs and instructions Cheers
Ruthvil--I couldn't get past the screen either. Here's what I did. I have Windows 7 but I think it would work for anyone THIS IS FOR WINDOWS 7 USERS: Ok here is another way if your safe mode with networking is also disabled/infected. Reboot and hit the F8 key, then go into start in safe mode command prompt, then in the command prompt simply type explorer after the backslash. This should allow you to see your desktop screen in the background. Once you see your desktop, then close the command prompt screens. Double Click on your icon that looks like computer screen (My Computer). Then do a single click on your C:/ drive (do not open it). Then in the upper right of the same screen you will see a search box, type in hotfix, then hit enter. You should probably see three or so associated files pop-up with hotfix in them. Right click on each one and delete them. Then empty your trash can and reboot. YOU ARE SAVED!!!
I read all and also other ideas/facts that rids ThinkPoint. My laptop has this damned virus but i read keep clicking f8 brought up black screen with white lettering choices but i wonder if the virus also prevented me from scrolling to the statement to rid virus.
this virus is preventing me to use mouse and up/down scroll. They charge around $40 to fix or so but I have Dell lattitude D600 so it's used but did me great and perhaps need new or good used of same or better but all I need is (40?) or 60 G hard drive but wouldn't mind fast and great free antivirus. I live in hamilton Canada and I listen to friends and retailers...go for net book. Go for Acer. No go for this or that but I don't want to spend more that $300 or do I have to as I am fortunate to finally get a new p/t job is NOT great pay...
I can't get task manager to show up. Whether i'm in safe mode (networking or command) nothing works, all i get is a black screen. Control alt del does nothing, nor does control shift esc or f8. What else can i do? Please help
Does anyone know who published "ThinkPoint" or where they are? I would like to go after them in both criminal and civil courts.
Turbo...
The problem is that the people who write these trojans are usually operating from Brazil or The Former Soviet Union. I don't know about this particular trojan but many are financed by powerful crime syndicates that are focused on using the internet to perpetrate identity theft. The situation is very bleak -- there is no way to go after them.
This worked for me:
hit ctrl-alt-del to bring up the Task Manager. If that doesn't work, hit alt-F4 one or more times and then try ctrl-alt-del again.
If/when the Task Manager comes up, click on the "Show processes from all users" box. Then click on the Processes tab; find and highlight the "hotfix" entry and then click on "End Process". This should end the current ThinkPoint program.Next click on File/New Task. Enter the command MSCONFIG and click OK.
Click on the Tools tab and then click on System Restore and then on Launch.
This will give you an opportunity to restore the system to a date/time before the malware/virus was installed.
Run a good antispyware & antimalware program(s).
Yup, just happened to me!! Funny there wasn't a warning out there for this. Wish I knew how to make one for all to see!! Anyway This is how I solved the problem. Shut down computer. Pressed Esc & Power @ same time to start it. Did this twice and the 2nd time I had a chance to select "Startup Repair" Did that, then selected "System Restore". It worked!
After that I did have to Run a Live-Update on Norton; took about 15 min. Now all ready to go. Just wonder how I got this virus???
ThinkPoint is a rogue spyware (Double agent/fake program). Its a virus that is aimed to earn some extra money by tricking users into paying license fee for virus removal. To remove Think Point virus manually or by using a malware removal program, follow the instructions within this link
http://techvts.com/security/thinkpo...Happy Virus Free Computing(.net)
Virus Removal tutorials and Softwares
I just uninstalled everything, i used 2 tricks I found on the subject, starting with ctrl+alt+del on boot after a powercut to the system (held power till reset) after the attempt to install thinkpoint (may have canceled first?). i ended the hotfix process, then used the search feature to find the hotfix.exe, renamed it to hotfix0.exe, then I immediatly ran Malwarebytes to remove 21 infections. I still found hotfix0.exe after Malwarebytes reset my computer and deleted it through the search field manually with a quick empty of the recycle bin. I also got a RUNDLL error dmgses.dll...whats that about?
Id also like to ask if the hotfix files under realtek audio belong there?
Also: rkill found nothing at all befor i started all this.
If i dont make it back....dont try my way.
2nd scan revealed nothing. nothing found in search. no rundll error on reboot.
gonna do it one more time when i go to bed for good measure.
All is well. Good Luck to yew all.
Even I got a hit by this s---ty THINKPOINT, It made me go and SCAN ONLINE, which apparently had some bad message behind it (may INSTALL), I tried several ways to recover back to original, I did this - created another administrator account and limited my original account, and later by logging into the admin account I deleted the previous account. Now all my files were deleted and could remove the program through Control Panel, I don't know still my PC is safe or not....
Please suggest something better...
People should try alternative security programs for this virus removal, like Superantispyware or Spyware Doctor..As I have read, it is also recommended launching Safe mode with networking just after reboot and then going to stop hotfix.exe and thinkpoint.exe processes - this will disable a virus
I've had 2 customers pcs with this problem, in as many days.
This worked for me, so please try it.
I've copied this from a post I have done on another forum. http://realgardeners.yuku.com/topic...
Malware, by the name of "Thinkpoint", is doing the rounds. Had 2 customers pulling their hair out, in as many days.
It won't let your desktop load, or let you do anything, but you can get around it quite easily.
When it first splashes onto the screen, click on, carry on unprotected. It will then do a scan and tell you all the nasty stuff you have on and guide you to purchase their product. Don't go there, of course. If you click on settings and then down in the bottom lefthand corner, check the box that says, start unprotected and save. Your desktop should now load. Go straight to http://www.eset.com/online-scanner and do a scan. There will probably be a thinkpoint box in the bottom left of your screen, promting you to purchase. That should magically disapear during the scan. That should be it sorted.
I'm writing this from memory, ahem, so it may not be word perfect, but should be enough info to see you through, should the worst happen.Interestingly enough, both machines were running Microsoft Security Essentials and I'm lead to believe it may have come in from an update. If anyone else has any info on that, please post.
I'm running Security Essentials on this machine, and so far so good.
noodnick9 - I tried everything else, but this solution worked! thanks
Alright guys, I just fixed a computer with this problem running vista....
Start the computer in "Safe Mode with networking"
after the thinkpoint screen loads push the command CTRL+ALT+DEL this will bring you to task manager. Find the process hotfix.exe and kill (end) the process.at this point you will only have a blank black screen behind your tak manager. you can go in ms-dos prompt and delete the hotfix.exe so if you have to reboot the screen wont happen again.
to delete the hotfix.exe:
While in task manager go to File and select "run new task". then type "cmd.exe" in the open box. this will pull up your command prompt.
you then type "CD C:\Users\**USERNAME**\AppData\Roaming then after the directory is changed type "del hotfix.exe" this will stop the thinkpoint screen from loading if you have to reboot.After you delete the hotfix.exe you will go back into you task manager, dont panic if you cant find it JUST USE CTRL+ALT+DEL and select task manager.
Goto File, then selet "new Task".
now the next task can be done two ways
1. you can type "explorer.exe" in the open box and it should take you to your desktop
(which this did not work for me because the virus was stopping it)or
2. you can type "C:\Program Files\Internet Explorer\Iexplorer.exe" this will take you directly into your internet. (this is the option i had to use)
After Getting back to you desktop or straight into the internet...YOU MUST DO THIS>>>>the virus has only been stopped NOT REMOVED so you must do this next step or you are just leaving the virus sleeping on your computer
while in internet explorer go to "www.malwarebytes.org" download the free version and run the full scan option after running the scan you will want to click the "See Results" button that is available after the scan is ran. this will load a detailed page of what was found and it will have the virus and malware selected. there should be a "remove selected" button at the bottom of this page. after this is done it will require you to restart your computer.
(remember guys even if you got a blank black screen the computer is still kicking and is operating. it just we are so use to seeing the desktop to run the computer)
ThinkPoint Sucks!
| Yes (14) |  | |
| No (14) | | |
| I don't know (15) | |
Ad Choices