ThinkPoint
Written by Tomas Meskauskas on
What is Thinkpoint and how to remove it?
This unwanted program will try to fool you into buying it. This software uses various ways to do so. It uses fake virus scan and displays fake alerts that your computer is infected. After the fake security scan, this rogue program will say that C:\Program Files\Messenger\msmsgs.exe is infected. Then you will be asked to reboot your computer.This program is capable of blocking execution of legitimate Windows programs, which makes the removal process of it more complicated. Its important to understand that Thinkpoint is a rogue program which shouldn't be trusted. When installed on your computer this bogus program will imitate a computer security scan and will try to trick you into thinking that your PC is infected with critical risk security threats.Fake security alerts could look something like this:
"Microsoft Security Essentials detected potential threats that might compromise your privacy or damage your computer. Your access to these items may be suspended until you take an action."
"Unable to remove threat. Click "Scan online" to remove this threat" or "The application iexplore.exe was launched successfully but it was forced to shut down due to security reasons.This happened because the application was infected by a malicious program which might pose a threat for the OS.It is highly recommended to install the necessary heuristic module and perform a full scan of your computer to exterminate malicious programs from it."
Mostly Thinkpoint is spread through e-mail phishing and p2p downloads. Don't buy this program, it's a scam. Internet criminals created this program to scare you into thinking that your computer is highly infected with spyware. This is done to sell you the licence for Thinkpoint, this program states that it could remove the detected security issues if you would pay for it's licence. Don't trust Thinkipoint, this is a rogue program which doesn't actually scan your computer. This program detects non-existent spyware and malware on your computer and then forces you into buying it to remove them. To further scare you into believing that your PC is at risk your desktop will be flooded with security warning messages stating that viruses are trying to attack your computer. Ignore all the security scans and warning messages, Thinkpoint is a scam that should be removed from your computer. Use the provided information to get rid of this bogus program.Screenshot of a fake antivirus program "Thinkpoint":
Thinkpoint removal:
1. Press ctrl+alt+del (or ctrl+shift+esc), you will enter your Task Manager. Select "Processes" tab.
2. Search for hotfix.exe tmp.exe and thinkpoint.exe processes. Select each and press "End task", When you are asked if you are sure, click Yes.
3. When you have terminated hotfix process you will see a blank screen. Now in you Task Manager click "File", select "New task" and in an opened window, type explorer.exe and click OK.
4. After this procedure you should be able to acess your desktop. Now you should download a legitimate anti-spyware software to fully remove Thinkpoint from your compute.
5. After downloading anti-spyware software. Install, don't forget to update, and run a full system scan. Remove all infections that it finds.
*If you can't download anti-spyware software: Click on the download link, when the save dialog opens change the file name (example: when downloading mbam-setup.exe rename it to iexplore.exe).
*If you have installed anti-spyware program but you can't run it: Click Run, type %ProgramFiles% and press Enter. Open folder of your anti-spyware program, search for executable file and rename it. (example: Open Malwarebytes’ Anti-Malware folder, right-click on the main executable file (mbam.exe) then click rename. Rename the mbam.exe file to iexplore.exe, winlogon.exe firefox.exe ...
*If you can't access your anti-spyware software, try creating a new user account:
Click Start -> Settings -> Control panel.
Click User Accounts and create a new account.
Reboot your computer and login using a newly created user account.
*After this procedure you should be able to access your anti-spyware programs. Update and run a full system scan.
Additional information:
Some malicious software modifies browser settings and disables downloads of spyware and virus removing software. If you have problems downloading anti-spyware software with Internet Explorer, try downloading with Chrome, FireFox, Opera, etc.
If you are unable to remove ThinkPoint, you can use this manual removal instruction. Use it at your own risk. If you don't have strong computer knowledge you could harm your operating system. Use it only if you are an experienced computer user. (Instructions on how to end processes, remove registry entries...)
End these ThinkPoint processes:
%UserProfile%\Application Data\hotfix.exe
%UserProfile%\Application Data\thinkpoint.exe
Remove these ThinkPoint registry entries:
HKEY_CURRENT_USER\Software\PAV
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “thinkpoint”
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%Documents and Settings%\[UserName]\Application Data\hotfix.exe”
Delete these ThinkPoint files:
%UserProfile%\Application Data\hotfix.exe
%UserProfile%\Application Data\thinkpoint.exe
%UserProfile%\Application Data\install
Additional information on removing ThinkPoint:
Load your computer in safe mode. Click Start, click Shut down, click Restart, click OK. During your computer starting process press F8 key on your keyboard multiple times until you see Windows Advanced Option menu, then select Safe mode with networking from the list.
Start Task manager. Press ctrl+alt+del (or ctrl+shift+esc) and end task the processes of rogue program. ( if after this procedure you can't access any programs press ctrl+alt+del, click File, select New Task, and type explorer.exe then press OK.
Open Internet explorer, click Tools and select Internet Options. Select Connections, then click LAN settings, if a Use a proxy server for your LAN is checked, uncheck it and press OK.
After this procedure you should be able to access Internet. Now you can download anti-spyware software from our "Top spyware removers" section and run a full scan. Download, install and don't forget to update your selected anti-spyware program. Then run a full system scan.
Comments