December 15, 2010

Removing Fake Spywares Manually

Fake anti-viruses are the most important and dangerous infections from which we need to be cautious about. They keep pestering us with pop-ups showing many risks and show us to purchase a full version of it when we click on clean infections. This includes spy wares that take access of most of the system processes and disable most of the trouble shooting tool in windows. Since they take spy on computers after getting installed they are called Spy wares. These fake anti-viruses are created by hackers trying to steal your money using the tactics: fake alerts, wrong scan results and Interfaces that look similar to popular anti-virus software. They will make PC run slow. This can infect operating systems XP, Vista and win-7 

 

THINK POINT- Think before you click :

 It is one of the most popular spyware that is being spread these days. All the spywares work in a same fashion.
  1. Pop-up on some website
  2. Gets installed once we click on them
  3. Runs a scan at the system start up and at regular intervals of time
  4. Shows a page where it asks to purchase once we click on get full version which in turn will help hackers to steal your money.
  
HOW TO REMOVE THEM MANUALLY:

 
For removing this you must know how to use 'ms-config' utility on your computer. Visit this link to know how you get to know to use ms-config  http://networkedblogs.com/bRPbB .

 

 
This looks almost the same in any operating systems except for the interface and its color.

  • Once the computer is infected with Thinkpoint fake anti-virus it starts to show up at the boot up screen once the windows logo shows up.

  • Click on Safe Start up it will run a scan and shows the threats
  • Press Ctrl+Shift+Esc, this will load Task manager

  • You will see hotfix.exe or defender.exe, right click on it and click on go to processes, click on End Process and OK.
This will allow us to stop the process first. After that
  • Click on Application tab on the top and click on New Task at the bottom. It will open a new window like this

  • Type 'explorer.exe' in the space provided and click on OK.
It will load the icons and the taskbar. This is a temporary fix for some time. We need to open MS-Config and go to services tab first and click on Hide all Microsoft Services and click on Start Up

  • Once you click on start up you will find startup items starting with any number or just blank entry click on that , click disable and goto Location subtab which is the location of it in the registry.


  • Just click on that entry in registry and delete it. After that Search for that same entry in registry delete all entries of it.
  • We also need to check in Application data in Documents and Settings for some of its files we have to delete them, if we don't find them it has not affected this folder
  • If they won't get deleted we need to boot the system in safe mode and go to Application data and delete the folder on its name.
  • Run a full system scan using any popular anti-virus scanner after updating its definitions.
This should resolve the issue of Think point and any such fake anti-viruses.

SUMMARY:
End the process in task manager.
Start explorer process.
Goto Start up in Ms-config and disable for unknown program
Goto registry using the path in startup location in ms-config and delete that registry entry with that same name.
Scan using any good anti-virus program.

3 comments:

hijack this is very helpful in removing viruses and infections

Is there a different anti-virus program which can help me with these infections ?

Yes, one of the good virus detecting tools is GMER and for removing trojans and malware we can use Trojan remover.

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More