- Internet & the Web
Beware of the Thinkpoint Malware Computer Virus
Whoa, that was close for me. I was just surfing on the Net yesterday. I have two antivirus programs and firewall and still a virus malware spyware got through that even fooled this savvy computer person.
Thinkpoint is a virus and serious. It infiltrates through the MS security program and happens fast. In my case, a pop up screen appeared telling me that security had found a virus and if I wanted Thinkpoint, the world's leading security specialist, to find and remove it. I did ponder about this-no rash decision. Thinking it was legit, it seemed perfectly legit (I had not heard about this), I said yes. The computer ran a program and listed a bunch of files infected found by Thinkpoint. I looked at the files, seemed legit. Now, to continue with another popup screen, one had to register with Thinkpoint and pay a fee, $59 for a year etc. Luckily, I said no. Had I said yes, a host of major problems would have crashed into my computer and spread. Saying No, is the worse of two evils. No, caused my computer to loose all the desktop icons and only left the Thinkpoint popup screen which would NOT go away unless you said Yes. The computer froze. I unplugged it and it rebooted only to come back to the same exact situation, no desktop, after trying this several times, I got on my laptop to investigate it.
During reboot, one should tap F8 continually until the Safe Mode screen appears, then select Safe Mode with network. Do a ctrl-alt-del to bring up the Task manager should all the programs running on the computer. Now look for:
thinkpoint.exe, hotfix.exe, ctfmon32.exe. Delete all. By removing the Hotfix.exe, you should have the desktop icons return but are still inactive. In the lower right corner of the task manager, click the button and a popup will appear, type in: explorer.exe, this should bring up you browser and the computer desktop should be functional again.
Now, conduct searches on your computer for the above files again. If the search yields more of the same, delete them again.
The same files may be listed in your registry, or in application data on the C drive. You also want to delete the install.exe found listed in the Application data folder listed under the Documents and Settings on the C drive, it is a sub-folder of that. In fact, there may be more of them. So, run a search for the file and if the file is found and its address indicated application data sub-folder, delete it.
If you have a spybot program, run it and see if it has found it. After about an hour, I was clean again.