ThinkPoint Description

ScreenshotThinkPoint is a fake security application promoted by the fake pop-up message 'Microsoft Security Essentials Alert'. Fake 'Microsoft Security Essentials Alert' is a misleading message that uses the "drive-by download" method to download and install a trojan file without the user's consent. The trojan associated with 'Microsoft Security Essentials Alert' disguises itself as a hotfix.exe or as an mstsc.exe file. The fake 'Microsoft Security Essentials Alert' is not associated to Microsoft Security Essentials 1.0 or MSE 2.0 in any way.

The fake 'Microsoft Security Essentials Alert' is used to trick users by imitating Microsoft Security Essentials threat reports on a user's computer. The fake 'Microsoft Security Essentials Alert' lists numerous fabricated trojan infections and prompts users to purchase rogue software such as ThinkPoint to clean them.

The fake 'Microsoft Security Essentials Alert' will display a bogus online scan done by 35 anti-malware tools and state that your computer is infected with 'Unknown Win32/Trojan'. Although 30 of the software names displayed are legitimate security applications (like Trend Micro and Symantec), the rest are false. Among the list of rogue software recommended to remove 'Unknown Win32/Trojan' threat are ThinkPoint, AntiSpy Safeguard, Peak Protection 2010, Red Cross Antivirus, Pest Detector 4.1, and Major Defense Kit.

ThinkPoint is designed to entice computer users to download and install the suggested rogue anti-malware programs which will allow the rogue makers a backdoor entry to users' systems. ThinkPoint will start scanning a user's computer alleging to have detected all sort of malware infections and in order to remove the infections the user needs to buy the full version of ThinkPoint. ThinkPoint will make a system vulnerable to other attacks by deteriorating a computer's performance and blocking a victim's access to legitimate security software or websites.

The best approach to prevent from becoming a victim to these attacks is to download a legitimate anti-malware program from a reputable website to automatically detect and remove ThinkPoint from your computer.

Can't access legitimate anti-malware software like SpyHunter to detect ThinkPoint? If ThinkPoint is blocking access to SpyHunter and security websites, do the following:

- Restart your computer and if you see the ThinkPoint interface, keep hitting Ctrl+Alt+Del to open your Task Manager.

- Once Task Manager opens, hit the 'Processes' tab, locate the main ThinkPoint process called 'hotfix.exe' and choose 'End Process'. If your Task Manager is disabled, search for the name 'hotfix' on your computer using your Windows File Search Tool, rename it to hotfix0, and then open your Task Manager to delete the process.

- After this is completed, continue using your Task Manager to go to 'File' menu, select 'New Task (Run)' and type in 'explorer.exe'

- Click the 'OK' button and wait for your Desktop to get back to normal.

- Then, go ahead and open SpyHunter to automatically detect other malicious files related to ThinkPoint and the fake 'Microsoft Security Essentials Alert' message.

If you have already purchased the rogue software ThinkPoint, you should contact your credit card company and ask for a chargeback on your purchase. Ultimately, it is advised you use a reliable, automatic detection tool to detect ThinkPoint from your computer or delete its malicious files manually.

Aliases: RogueAntiSpyware.SecurityEssentialFraud!rem [PCTools], a variant of Win32/Adware.FakeAntiSpy.S [NOD32], SecurityEssentialFraud [Symantec], Win32:FakeAV-AWN [Avast], Trojan.FakeAV.2025 [DrWeb], Malware/Win32.Suspicious [AhnLab-V3], Gen:Variant.Kazy.3754 [nProtect], a variant of Win32/Kryptik.IHW [NOD32], Win32:Dropper-gen [Avast], Trojan.DownLoader1.38321 [DrWeb], Trojan.Agent/Gen-Fuffan [SUPERAntiSpyware], Medium Risk Malware [Prevx], Backdoor/Win32.Cycbot [AhnLab-V3], Crypt.ADBY [AVG] and Gen:Variant.Kazy.2774 [BitDefender].

Do You Suspect Your PC May Be Infected with ThinkPoint & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like ThinkPoint as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Screenshots & Other Imagery

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how ThinkPoint infects a computer.

Learn How to Detect and Remove ThinkPoint

ThinkPoint Image 1 ThinkPoint Image 2 ThinkPoint Image 3 ThinkPoint Image 4 ThinkPoint Image 5 ThinkPoint Image 6 ThinkPoint Image 7

File System Details

ThinkPoint creates the following file(s):
# File Name Size MD5 Detection Count
1 printdll32.dll 476,672 be784a26059fc885a52ebcfa79ff6936 6
2 %APPDATA%defender.exe 268,800 7b3e3eaa3c3a7ab9a0f155da4d775170 4
3 %APPDATA%\Microsoft\Windows\shell.exe 135,680 661b5b1cc24479ec4677520cae64ade2 2
4 %APPDATA%hotfix.exe 664,576 376da30ce2aefcb31aa08968712160d8 1
5 %AppData%\hotfix.exe N/A

More Details on ThinkPoint

The following messages associated with ThinkPoint were found:
Microsfot Security Essentials Alert
Potential threat details
Microsoft Security Essentials detected potential threats that might compromise your privacy or damage your computer. Your access to these items may be suspended until you take an action.
Click 'Show details' to learn more.
Detected items: Unknown Win32/Trojan
Alert level: Severe
Recommendation: Remove
Status: Suspended
The application taskmgr.exe was launched successfully but it was forced to shut down due to security reasons.
This happened because the application was infected by a malicious program which might pose a threat for the OS.
It is highly recommended to install the necessary heuristic module and perform a full scan of your computer to exterminate malicious programs from it.
Warning! Database update failed!
Database update failed!
Outdated viruses databases are not effective and can't
guarantee adequate protection and security for your PC!
Click here to get the full version of the product and update
the database!
Warning! Running trial version!
The security of your computer has been compromised!
Now running trial version of the software!
Click here to purchase the full version of the software
and get full protection for your PC!

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their PC with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.


  • Ctherese:

    Not able to use my computer thinkpoinnt just comes up.

    • OK.:

      **Run in safe mode. Have you tried that yet? And in safe mode, click START, RUN, type "REGEDIT" (without the quotes) then go to HKEY-All of the HKEYS. And in the HKeys, click on the plus, go to Software, then Microsoft, Then Windows, Then CurrentVersion, Then RUN, click on The folder of RUN, look for ThinkPoint. Hope it helps!**

      • Brice:

        I'm not sure how i get past this ThinkPoint screen even when i'm in safe mode ?

      • Joan:

        I followed what you did but when I get to current version it goes to internet settings then zone map then ranges. Do you have any other suggestions?

    • Mark:

      I got nailed with this damn thing and advanced tech support helped me get rid of it. But, there was one aspect of this one that neither of us had ever seen. It invades safe mode also. That's the first thing we thought of and was surprised to see it there too. The above description in task manager was the only way we could get rid of it.

  • Steffi:

    Oh my God, this think has messed up my entire computer. I have to jump through hoops just to be able to access anything! This sucks.

  • Mallory:

    I would like to thank you so much! This was very helpful and I'm glad to say that these processes got ThinkPoint off of my computer. Once again, thank you.

  • pure_shaw:

    thinks it's clever, but it's a bit rubbish, it'lll let you run windows explorer, hunt it down in the Temp folder, rename it as "goaway.txt" or something similar , and the same in windows/system32, then pull the plug as it won't let you do a restart.
    switch back on and delete the associated files and registry entries...

  • Dave:

    This thing started installing, but was partially blocked by StopZilla, but not until portions installed. Unable to boot.

    Accessed drive by installing another drive as primary and installed another opsys. The folder containing identities and settings in documents and settings has been made read only and can't access the stupid thing to rename or delete.

    Any ideas?

  • Ashley:

    So I totally just had this happen to me today....I was kinda scared I may have ruined my laptop. I couldn't open Chrome or IE. Thankfully I have another computer and looked up ThinkPoint and saw it was a scam. This helped out tremendously. I got it removed!!

    Thank you alot!!

  • jamie rask:

    I had the same problem but was able to get by it by doing a cntrl alt del and starting task manager from there I just ended processes one at a time until I was finally able to get by the blue screen. I still need to find out how to remove that stupid pop up program though trying to run spyware to see if that helps

  • jamie rask:

    I have windows 7 ultimate and would like someone to tell me where to find this stupid popup from coming up all the time. I actually purchased a stupid serial key thinking that would stop it and like an idiot didnt write it down not that it wouldve worked anyway. I just need to contact my card company right away tomorrow and dispute the charge.

  • jamie rask:

    my popup says win 7 spyware antispyware 2011 so does anyone know how to get rid of it?

  • lindsey:

    I removed it twice with viper AntiVirus but it pops up every day... what do I do?

  • THUFF:

    I have just followed this process and was able to remove think point thank you for the help

  • chrissy:

    hey i tried to go to run and do all that when i get to the last run to open think point isnt in there to click on do anyone no another way to get this off of computer please help...

  • gaile:

    Thankyou, i followed this + got rid of thinkpoint - extremely relieved!

  • Gaile:

    Thankyou so much - followed the instructions on here & got rid of the dreaded Thinkpoint - extremely relieved!

  • rosa:

    Help! First it was just thinkPoint. Stoped the process thru task manager. left it a while to do chores then returned to browse "history (ctrl H)" must have clicked it's source and reactivated it again. Avast ((my installed antivirus) detected the malaware. Suggested to "move to chest" but didnt work. Result: my old comp is now in total blackout! only a cursor is visible for an hour now. how to fix??? what happened to it??

    • rosa:

      It was a sudden blackout few seconds after i clicked "move to chest".

  • Gill:

    daughter was chatting on msn when thinkpoint came up thought she was doing right by clicking on thinkpoint but couldn't understand what was going on. she woke me up saying she wasnt sure what was going on... and then as i was tryin to sort it out, she checked the internet on her phone, searching for thinkpoint. the results came up as thinkpoint being fake and sorted it out herself... thank you so much for having this forum... it has saved me and my daughter being without a computer and saved our wages 😀

  • Esther:

    I get a black screen as soon as i open my computer. what to do?

  • Pat:

    Our antivirus, Antivirus, popup showed we got a trojan virus, the this "ThinkPoint" came up with the windows logo on it. It want to clean up the our disk. I couldn't get out of it - didn't show up the the task mananger, so I turned off the computer, waited and started it up again & "ThinkPoint" was still there. Went onto our other computer and went on search engine "Ask" asked "ThinkPoint" and found this site and followed your instructions (thank you for Nkeeping it simple)& it got rid of it!!! Now we aredoing the full scan of our computer - - THANK YOU

  • kim:

    When I click on Hotfix.exe in task manager, it blinks constantly. When I click that YES, I want to remove it, I get an application failed X screen...have repeated this process over and over...

    What to do now?

    • LoneStar:

      Hi Kim,

      ThinkPoint was designed by hackers to prevent you from using the task manager. You will need to look for the file and rename it so it can be removed. If ThinkPoint is not allowing you to remove the file it could be a newer variant utilizing another file. You may use SpyHunter to automatically scan for hidden files that are associated with ThinkPoint.

  • Mccayde:

    You've got it in one. Couldn't have put it better.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.