scusate, ma è una cosa inquietante...che ho già disinstallato più volte, tornando anche a qualche giorno fa con il punto di ripristino...
vi posto il LOG, grazie

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6.29.29, on 22/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\LENOVO\HOTKEY\TPHKSVC.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Programmi\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\LENOVO\HOTKEY\MICMUTE.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\File comuni\Lenovo\tvt_reg_monitor_svc.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Programmi\Lenovo\Rescue and Recovery\rrservice.exe
c:\Programmi\File comuni\Lenovo\Scheduler\tvtsched.exe
C:\Programmi\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programmi\ThinkPad\Utilities\PWMDBSVC.exe
c:\programmi\lenovo\system update\suservice.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Programmi\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Programmi\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmi\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Programmi\Lenovo\HOTKEY\TPFNF6R.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\File comuni\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\Programmi\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\Programmi\LENOVO\Message Center Plus\MCPLaunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ThinkPad\ConnectUtilities\ACTray.exe
C:\Programmi\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Programmi\Lenovo\Client Security Solution\cssauth.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ThinkPad\Bluetooth Software\BTTray.exe
C:\Programmi\Lenovo\HOTKEY\TPONSCR.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Lenovo\Zoom\TpScrex.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Programmi\Advanced Monitoring Agent GP\winagent.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [TPFNF7] C:\Programmi\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Programmi\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Programmi\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Programmi\File comuni\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Lenovo\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Message Center Plus] C:\Programmi\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [CreateLMBCShortCut] "C:\Programmi\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe"
O4 - HKLM\..\Run: [ACTray] C:\Programmi\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Programmi\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [cssauth] "C:\Programmi\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bit4id store register] RUNDLL32.EXE "C:\WINDOWS\system32\bit4cnsp.dll",RegisterMyPhysicalStore
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Startup: Collegamento a DATE.lnk = C:\Programmi\Date\DATE.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} (Posto di Lavoro del Cittadino - Attestazione) - http://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab
O16 - DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} (Posto di Lavoro del Cittadino - Autenticazione utente) - http://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab
O16 - DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} (Posto di Lavoro del Cittadino - Interprete dati) - http://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263313034543
O16 - DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} (Postazione di Lavoro del Cittadino 3.0) - http://supportsiss.lispa.it/components/pdlc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SOLCOMANTOVA.LOCAL
O17 - HKLM\Software\..\Telephony: DomainName = SOLCOMANTOVA.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SOLCOMANTOVA.LOCAL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Programmi\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Programmi\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Advanced Monitoring Agent - Remote Monitoring - C:\Programmi\Advanced Monitoring Agent GP\winagent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Programmi\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: NMSAccess - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Programmi\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Programmi\File comuni\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programmi\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Programmi\File comuni\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: Display su Schermo (TPHKSVC) - Lenovo Group Limited - C:\Programmi\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Programmi\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programmi\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Programmi\File comuni\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Programmi\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 15234 bytes

Credo che questa voce sia dannosa

O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

Comunque meglio aspettare il consiglio degli esperti
Come ha consigliato a me cbbusto prova a scaricare malwarebytes, aggiornalo e fai una scansione completa, a me e' tornato utile :)

Malwarebytes già fatto ieri, anche se non in modalità provvisioria.
intanto provo.
Già fatto CCleaner e Spybot...
intanto ho cancellato le password memorizzate su Mozilla e son tornato a IE8....non vorrei qualche sorpresina su EBay e su qualche altro account che ho in giro....!!!

E' che TeamViewer si installa da solo ogni volta che riaccendo e mi riconnetto alla rete...ci mette qualche minuto, ma poi arriva!
Lo vedo sul TaskManager e tolgo le 2 exe che vedo con questo nome...poi disinstallo, ma inutilmente.
Domanda: ma se io non klikko nulla, in teoria, l'altro PC che in remoto mi vuole "vedere" non riesce (spero!) ad entrare...o no? Prima di ieri non sapevo che questo programma esistesse!

Aspetto fiducioso gli esperti, Alfonso o qualcun altro del team.
Grazie intanto per la vostra attenzione!

Anche TeamViewer chi l'ha installato? non bisogna scaricare tutto quello che si trova in Rete e programmi che
promettono mari e monti, il più delle volte si creano guai, se non si conoscono i programmi, lasciateli perdere oppure informatevi, anche qui nel Forum.

TeaViewer io non l'ho installato proprio, e qui sta il punto!
Cmq grazie cbbusto delle istruzioni.
eseguo poi vi faccio sapere

grazie
ho fixato solo i 2 che mi hai indicato tu, ma...inutilmente!
Dopo un po' che ho riavviato tutto e ripristinato...E' RIAPPARSO!!!

Adesso rirpovo la procedura desctitta nei dettagli di Hijack This:
- scansione antivirus
- disattivazione del Ripristino di configurazione
- riavvio in mod provvisoria
- CCleaner
- riavvio in mod provvisoria
- scansione antivirus
- scansione con Spybot
- riavvio...
Poi vi aggiorno
Grazie

ok, ragazzi...è ritornato...dopo qualche minuto di connessione...riappare lì sul desktop l'icona azzurra

Adesso vi posto il LOG con DENTRO ancora LUI, prima di disinstallarlo: un paio di RIGHE leggermente sospette le ho viste anch'io

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7.14.07, on 23/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\LENOVO\HOTKEY\TPHKSVC.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Programmi\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Programmi\Advanced Monitoring Agent GP\winagent.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\LENOVO\HOTKEY\MICMUTE.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\File comuni\Lenovo\tvt_reg_monitor_svc.exe
C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Programmi\Lenovo\Rescue and Recovery\rrservice.exe
c:\Programmi\File comuni\Lenovo\Scheduler\tvtsched.exe
C:\Programmi\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programmi\ThinkPad\Utilities\PWMDBSVC.exe
c:\programmi\lenovo\system update\suservice.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Programmi\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Programmi\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Programmi\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmi\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Programmi\Lenovo\HOTKEY\TPFNF6R.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\File comuni\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\Programmi\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\Programmi\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Programmi\Lenovo\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Lenovo\Zoom\TpScrex.exe
C:\Programmi\ThinkPad\ConnectUtilities\ACTray.exe
C:\Programmi\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Programmi\Lenovo\Client Security Solution\cssauth.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\ThinkPad\Bluetooth Software\BTTray.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe
C:\Programmi\TeamViewer\Version5\TeamViewer.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =

*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File

comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -

C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} -

C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -

C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -

C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -

C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TPFNF7] C:\Programmi\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Programmi\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Programmi\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Programmi\File

comuni\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programmi\Lenovo\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Message Center Plus] C:\Programmi\LENOVO\Message Center

Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [PWRMGRTR] rundll32

C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [CreateLMBCShortCut] "C:\Programmi\Lenovo\Mobile Broadband

Connect\UserShortcutCreator.exe"
O4 - HKLM\..\Run: [ACTray] C:\Programmi\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Programmi\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [cssauth] "C:\Programmi\Lenovo\Client Security Solution\cssauth.exe"

silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bit4id store register] RUNDLL32.EXE

"C:\WINDOWS\system32\bit4cnsp.dll",RegisterMyPhysicalStore
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide

/waitservice
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile

Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java

Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader

9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Startup: Collegamento a DATE.lnk = C:\Programmi\Date\DATE.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Invia a Bluetooth - C:\Programmi\ThinkPad\Bluetooth

Software\btsendto_ie.htm
O8 - Extra context menu item: Invia a periferica &Bluetooth... -

C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} -

C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} -

C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} -

C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... -

{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Programmi\Lenovo\Client Security

Solution\tvtpwm_ie_com.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} (Posto di Lavoro del Cittadino -

Attestazione) - http://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab
O16 - DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} (Posto di Lavoro del Cittadino -

Autenticazione utente) - http://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab
O16 - DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} (Posto di Lavoro del Cittadino -

Interprete dati) - http://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263313

034543
O16 - DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} (Postazione di Lavoro del Cittadino 3.0) -

http://supportsiss.lispa.it/components/pdlc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SOLCOMANTOVA.LOCAL
O17 - HKLM\Software\..\Telephony: DomainName = SOLCOMANTOVA.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SOLCOMANTOVA.LOCAL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti -

{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo -

C:\Programmi\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo -

C:\Programmi\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Advanced Monitoring Agent - Remote Monitoring - C:\Programmi\Advanced

Monitoring Agent GP\winagent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile

Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. -

C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. -

C:\Programmi\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32

Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation -

C:\Programmi\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. -

C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation -

C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. -

C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File

comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. -

C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited -

C:\Programmi\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: NMSAccess - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: Power Manager DBC Service - Unknown owner -

C:\Programmi\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation -

C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Programmi\File

comuni\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R)

Corporation - C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programmi\lenovo\system

update\suservice.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH -

C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited -

c:\Programmi\File comuni\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. -

C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: Display su Schermo (TPHKSVC) - Lenovo Group Limited -

C:\Programmi\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Programmi\Lenovo\Rescue

and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programmi\Lenovo\Rescue and

Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Programmi\File

comuni\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited -

C:\Programmi\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone -

C:\Programmi\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 15121 bytes

cosa devo fare? Togliere O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH -

C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe?
e poi cos'altro?
grazie!

Vediamo se riusciamo a sbarazzarci di questo programma, chiudi la connessione a Internet.
1. Disattiva temporaneamente Ripristino configurazione di sistema, riavvia il computer in modalità provvisoria;
apri HJT e fixa queste voci:
C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe
C:\Programmi\TeamViewer\Version5\TeamViewer.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH -
C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe

Poi pulisci gli ADS in questo modo:
sempre in Hijackthis clicca sulla voce Open the misc tool section
clicca su Open ads spy togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan, se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected

Poi start esegui, digita %temp% e clicca su ok, svuota la cartella temp (non eliminare la cartella)
Poi Starc cerca-clicca su Tutti file e cartelle e digita TeamViewer, elimina tutte le voci che trova con quel nome.
Ora eliminiamole anche dal Registro: Start/Esegui-digita regedit, nella finestra che si apre vai su File Esporta,
nella finestra seguente dai un nome al file es. Copia del Registro e salvalo sul desktop o dove vuoi, questo serve per fare una copia del Registro così in caso di problemi si può ripristinare.
Poi vai su Modifica/Trova e digita TeamViewer, sotto spunta tutte le caselle e poi clicca su Trova successivo,
attendi la fine della ricerca e poi elimina tutte le voci trovate cliccando col destro su ogni voce ed Elimina.
Riavvia il pc e torna in modalità normale e crea un nuovo punto di ripristino.
Fai sapere com'è andata.

Bene contento di esserti stato d'aiuto.

Non sempre si tratta di infezioni, alle volte visitando dei siti, basta cliccare su un tasto sbagliato o per visionare o provare un certo programma che vengono installati dei file che puntualmente si aprono per cercare di convincerti ad acquistare il programma stesso, in questo caso si tratta di un "Adware": programmi software che presentano all'utente messaggi pubblicitari durante l'uso, a fronte di un prezzo ridotto o nullo. Possono causare danni quali rallentamenti del pc e rischi per la privacy in quanto comunicano le abitudini di navigazione ad un server remoto.
Se si tratta di malware, "programma malvagio"; in italiano è detto anche codice maligno. Si tratta di un qualsiasi software creato con il solo scopo di causare danni più o meno gravi al computer su cui viene eseguito.

Teamviewer.exe è stato riconosciuto anche come malware, questo file può eseguire il seguente comportamento,
Il file è creato come processo sul disco. - Questo processo può creare, cancellare o modificare i file sul disco stesso.
Girovagando in Rete è molto facile beccarsi dei Malware e non sempre i programmi di protezione riescono a bloccarli
quindi bisogna prestare sempre molta attenzione ai siti che si visitano.
Ecco perchè viene consigliato di fare l'immagine del disco, così in caso di problemi, si ripristina ed in poco tempo
tutto torna a posto come prima senza bisogno di formattare.
No so se sono riuscito a togliare il tuo dubbio.
Ciao