Technical Information
- [<HKLM>\Software\Classes\TeamViewerSession\shell\open\command] '' = '"%ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer.exe" --play "%1"'
- [<HKLM>\Software\Classes\TeamViewerConfiguration\shell\open\command] '' = '"%ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer.exe" --control "%1"'
- [<HKLM>\Software\Classes\teamviewer8\shell\open\command] '' = '"%ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer.exe" %1'
- [<HKLM>\Software\Classes\tvjoinv8\shell\open\command] '' = '"%ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer.exe" %1'
- <SYSTEM32>\tasks\tvinstallrestore
- [<HKLM>\System\CurrentControlSet\Services\TeamViewer8] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\TeamViewer8] 'ImagePath' = '"%ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer_Service.exe"'
- %TEMP%\rarsfx0\setup.exe
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_resource_en.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_staticres.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_w32.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_x64.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tvfilesx64.7z
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewervpn.cat
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvmonitor.cat
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvprint.cat
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvpsprint.cat
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewer.gpd
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvmonitor.inf
- %ProgramFiles(x86)%\teamviewer\version8\tvinfo.ini
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvprint.inf
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvpsprint.inf
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewer.ppd
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewervpn.sy_
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvmonitor.sy_
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewer_printprocessor.dll
- %TEMP%\nsr1551.tmp\findprocdll.dll
- C:\users\public\desktop\teamviewer 8.lnk
- %PROGRAMDATA%\microsoft\windows\start menu\programs\teamviewer 8.lnk
- %WINDIR%\fonts\teamviewer8.otf
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\outlook\teamviewermeetingaddin.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewervpn.inf
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\uninstall.exe
- %TEMP%\nsr1551.tmp\nsexec.dll
- %TEMP%\nsk10eb.tmp\tvgetversion.dll
- %TEMP%\teamviewer\version8\teamviewer_.exe
- %TEMP%\teamviewer\version8\tvinfo.ini
- %TEMP%\nsl14e2.tmp
- %TEMP%\nsr1551.tmp\attn.bmp
- %TEMP%\nsr1551.tmp\userinfo.dll
- %TEMP%\nsr1551.tmp\tvgetversion.dll
- %TEMP%\nsr1551.tmp\uac.dll
- %TEMP%\nsr1551.tmp\system.dll
- %TEMP%\teamviewer\version8\tvinstall.log
- %TEMP%\nsr1551.tmp\nsarray.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_w32.exe
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tvfiles.7z
- %TEMP%\nsr1551.tmp\nsis7z.dll
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\copyrights_de.txt
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\copyrights_en.txt
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\lizenz_teamviewer_de_unicode.txt
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\lizenz_teamviewer_en_unicode.txt
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer8.otf
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer.exe
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_desktop.exe
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_service.exe
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_x64.exe
- %ProgramFiles(x86)%\teamviewer\version8\teamviewer8_logfile.log
- %TEMP%\nsk10eb.tmp\tvgetversion.dll
- %TEMP%\nsr1551.tmp\tvgetversion.dll
- %TEMP%\nsr1551.tmp\system.dll
- %TEMP%\nsr1551.tmp\nsis7z.dll
- %TEMP%\nsr1551.tmp\nsexec.dll
- %TEMP%\nsr1551.tmp\nsarray.dll
- %TEMP%\nsr1551.tmp\findprocdll.dll
- %TEMP%\nsr1551.tmp\uac.dll
- %TEMP%\nsr1551.tmp\attn.bmp
- %TEMP%\teamviewer\version8\tvinstalltemp\tvfile66.bak
- %TEMP%\teamviewer\version8\tvinstalltemp\tvfile65.bak
- <SYSTEM32>\tasks\tvinstallrestore
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tvfilesx64.7z
- %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tvfiles.7z
- %TEMP%\rarsfx0\setup.exe
- %TEMP%\teamviewer\version8\tvinstalltemp\tvfile76.bak
- %TEMP%\nsr1551.tmp\userinfo.dll
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\copyrights_de.txt to %ProgramFiles(x86)%\teamviewer\version8\copyrights_de.txt
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvmonitor.inf to %ProgramFiles(x86)%\teamviewer\version8\x64\tvmonitor.inf
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvmonitor.sy_ to %ProgramFiles(x86)%\teamviewer\version8\x64\tvmonitor.sy_
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewer_printprocessor.dll to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewer_printprocessor.dll
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvprint.cat to %ProgramFiles(x86)%\teamviewer\version8\x64\tvprint.cat
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvprint.inf to %ProgramFiles(x86)%\teamviewer\version8\x64\tvprint.inf
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewer.gpd to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewer.gpd
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvpsprint.inf to %ProgramFiles(x86)%\teamviewer\version8\x64\tvpsprint.inf
- from %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewervpn.sy_ to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewervpn.sys
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewer.ppd to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewer.ppd
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_resource_en.dll to %ProgramFiles(x86)%\teamviewer\version8\teamviewer_resource_en.dll
- from %ProgramFiles(x86)%\teamviewer\version8\lizenz_teamviewer_en_unicode.txt to %ProgramFiles(x86)%\teamviewer\version8\license.txt
- from %ProgramFiles(x86)%\teamviewer\version8\copyrights_en.txt to %ProgramFiles(x86)%\teamviewer\version8\copyrights.txt
- from %ProgramFiles(x86)%\teamviewer\version8\lizenz_teamviewer_de_unicode.txt to %TEMP%\teamviewer\version8\tvinstalltemp\tvfile65.bak
- from %ProgramFiles(x86)%\teamviewer\version8\copyrights_de.txt to %TEMP%\teamviewer\version8\tvinstalltemp\tvfile66.bak
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvmonitor.cat to %ProgramFiles(x86)%\teamviewer\version8\x64\tvmonitor.cat
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\tvpsprint.cat to %ProgramFiles(x86)%\teamviewer\version8\x64\tvpsprint.cat
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewervpn.sy_ to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewervpn.sy_
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\uninstall.exe to %ProgramFiles(x86)%\teamviewer\version8\uninstall.exe
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\copyrights_en.txt to %ProgramFiles(x86)%\teamviewer\version8\copyrights_en.txt
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\lizenz_teamviewer_de_unicode.txt to %ProgramFiles(x86)%\teamviewer\version8\lizenz_teamviewer_de_unicode.txt
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\lizenz_teamviewer_en_unicode.txt to %ProgramFiles(x86)%\teamviewer\version8\lizenz_teamviewer_en_unicode.txt
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer.exe to %ProgramFiles(x86)%\teamviewer\version8\teamviewer.exe
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_desktop.exe to %ProgramFiles(x86)%\teamviewer\version8\teamviewer_desktop.exe
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_service.exe to %ProgramFiles(x86)%\teamviewer\version8\teamviewer_service.exe
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer_staticres.dll to %ProgramFiles(x86)%\teamviewer\version8\teamviewer_staticres.dll
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewervpn.cat to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewervpn.cat
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_w32.dll to %ProgramFiles(x86)%\teamviewer\version8\tv_w32.dll
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_w32.exe to %ProgramFiles(x86)%\teamviewer\version8\tv_w32.exe
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_x64.dll to %ProgramFiles(x86)%\teamviewer\version8\tv_x64.dll
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\tv_x64.exe to %ProgramFiles(x86)%\teamviewer\version8\tv_x64.exe
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\outlook\teamviewermeetingaddin.dll to %ProgramFiles(x86)%\teamviewer\version8\outlook\teamviewermeetingaddin.dll
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\teamviewer8.otf to %ProgramFiles(x86)%\teamviewer\version8\teamviewer8.otf
- from %ProgramFiles(x86)%\teamviewer\version8\tvextracttemp\x64\teamviewervpn.inf to %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewervpn.inf
- from %ProgramFiles(x86)%\teamviewer\version8\teamviewer8.otf to %TEMP%\teamviewer\version8\tvinstalltemp\tvfile76.bak
- %ProgramFiles(x86)%\teamviewer\version8\x64\teamviewervpn.sy_
- DNS ASK pi###.#eamviewer.com
- DNS ASK do#####d.teamviewer.com
- DNS ASK cl####.teamviewer.com
- DNS ASK ma#####3.teamviewer.com
- ClassName: 'EDIT' WindowName: ''
- ClassName: '#32770' WindowName: ''
- '%TEMP%\rarsfx0\setup.exe' /S
- '%TEMP%\teamviewer\version8\teamviewer_.exe' /S
- '%ProgramFiles(x86)%\teamviewer\version8\teamviewer_service.exe' -install
- '%ProgramFiles(x86)%\teamviewer\version8\teamviewer.exe' --InstallAPI
- '%ProgramFiles(x86)%\teamviewer\version8\teamviewer_service.exe'
- '%ProgramFiles(x86)%\teamviewer\version8\teamviewer.exe'
- '%ProgramFiles(x86)%\teamviewer\version8\tv_w32.exe' --action hooks --log %ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer8_Logfile.log
- '%ProgramFiles(x86)%\teamviewer\version8\tv_x64.exe' --action hooks --log %ProgramFiles(x86)%\TeamViewer\Version8\TeamViewer8_Logfile.log
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN TVInstallRestore /TR "%TEMP%\TeamViewer\Version8\TeamViewer_.exe /RESTORE" /RU SYSTEM /SC ONLOGON /F' (with hidden window)
- '%ProgramFiles(x86)%\teamviewer\version8\teamviewer_service.exe' -install' (with hidden window)
- '%ProgramFiles(x86)%\teamviewer\version8\teamviewer.exe' --InstallAPI' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Delete /TN TVInstallRestore /F' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN TVInstallRestore /TR "%TEMP%\TeamViewer\Version8\TeamViewer_.exe /RESTORE" /RU SYSTEM /SC ONLOGON /F
- '%WINDIR%\syswow64\schtasks.exe' /Delete /TN TVInstallRestore /F