Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

virus/malware grouped together?

  • Please log in to reply




  • Member
  • PipPipPip
  • 470 posts

Is there a way to determine the type of bug one has? Think Point - I don't see it addressed here yet. I was going to help someone who was infected by it but I don't find anything about it here yet. I just wondered if there were generic categories these might fall in. As in all redirects could be dealt with this way . .

Think Point really takes over. She says Win 98 computer keeps going into Safe Mode. I'll check Geeks in morning before I go over there but at this point I'm hoping the scan from SUPERAntiSpyware.com will provide what I need.

Thanks for any info.
  • 0




    Malware Expert

  • Expert
  • 24,441 posts
  • MVP
Probably not going to be in time but I found a site

that claims it's two files:

%UserProfile%\Application Data\hotfix.exe
%UserProfile%\Application Data\thinkpoint.exe

The tricky part is it is run by the shell value in HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon. This should normally be: explorer.exe

It also has an entry:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run which runs thinkpoint.exe

Windows won't mind if you delete thinkpoint.exe. Probably an error message after logon but if you delete hotfix.exe you probably won't have a desktop.

Since it's win98 this should be easy to fix. Boot into DOS (Edit \autoexec.bat and put a REM or # in front of win then save and reboot. To get back into windows just type win and you should be able to edit autoexec.bat again.)
and then locate the two files and then copy the explorer.exe onto them.

cd %UserProfile%\Application Data
(make sure you see the bad guys)
copy \windows\explorer.exe hotfix.exe
copy \windows\explorer.exe thinkpoint.exe

I would think Hijackthis should see and let you fix fix both registry entries but you may need to find an older version to get it to work with 98.

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP