Highlighted
Posted by
Henagon

Process Ancestry Validation

Is this process ancestry legitimate for TeamViewer?

Process Ancestry: wininit.exe -> services.exe -> TeamViewer_Service.exe -> TeamViewer.exe-> mshta.exe

Thanks!

3 Replies
1 Accepted Solution

Accepted Solutions
Highlighted
Posted by Moderator Moderator
Moderator
Solution

Re: Process Ancestry Validation

Hello @SecurityGiraffe,

Thank you for your message. 🙌

Yes, this is a false positive and a safe file. 👍

HTA is an (old) HTML-based application technology supported only by Internet Explorer
 https://en.wikipedia.org/wiki/HTML_Application

The behaviour might seem suspicious to the antivirus because the TeamViewer executable generates a temporary .hta file and launches it with the Windows built-in mshta.exe runner, which runs it as a trusted application.

I hope this could help. 🍀

Best regards

Jean

French Community Moderator

If my reply answered your question, help out other users and click the Accept as a Solution button below. ✅
You can also say thanks by clicking on the Thumbs Up button!
Thanks for being an active member of our Community!

View solution in original post

3 Replies
Highlighted
Posted by Moderator Moderator
Moderator
Solution

Re: Process Ancestry Validation

Hello @SecurityGiraffe,

Thank you for your message. 🙌

Yes, this is a false positive and a safe file. 👍

HTA is an (old) HTML-based application technology supported only by Internet Explorer
 https://en.wikipedia.org/wiki/HTML_Application

The behaviour might seem suspicious to the antivirus because the TeamViewer executable generates a temporary .hta file and launches it with the Windows built-in mshta.exe runner, which runs it as a trusted application.

I hope this could help. 🍀

Best regards

Jean

French Community Moderator

If my reply answered your question, help out other users and click the Accept as a Solution button below. ✅
You can also say thanks by clicking on the Thumbs Up button!
Thanks for being an active member of our Community!

View solution in original post

Highlighted
Posted by
Henagon

Re: Process Ancestry Validation

That's very helpful, thank you so much!

Highlighted
Posted by Moderator Moderator
Moderator

Re: Process Ancestry Validation

@SecurityGiraffe very glad we could help! 👍

Hope to see you soon posting in the Community. 🙏

Best regards

Jean

French Community Moderator

If my reply answered your question, help out other users and click the Accept as a Solution button below. ✅
You can also say thanks by clicking on the Thumbs Up button!
Thanks for being an active member of our Community!