Windows - Software - Uninstall TeamViewer

What the TeamViewer removal Worklet does

This Automox Worklet™ detects and uninstalls TeamViewer and TeamViewer Host applications from Windows endpoints. The Worklet checks both the 32-bit and 64-bit registry locations to identify installed versions, then executes the appropriate uninstall procedure based on the installation method.

The Worklet uses a registry-based detection method that scans the Windows uninstall registry hive at HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall and HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall. This approach works on both 32-bit and 64-bit systems and handles multiple TeamViewer installations.

The remediation process automatically detects whether each installation uses an MSI-based uninstaller or an executable-based uninstaller, then executes the appropriate command to remove the software silently without user interaction.

Why remove TeamViewer from your endpoints

TeamViewer is a remote access tool that may present security and compliance risks depending on your organization's policies. Unauthorized remote access software can become an attack vector for malicious actors, increase your organization's threat surface, and violate compliance frameworks like HIPAA, PCI-DSS, or SOC 2.

Organizations often need to enforce consistent software policies across endpoints to reduce security vulnerabilities, manage licensing costs, and comply with data protection regulations. Using this Worklet prevents TeamViewer from being used to gain unauthorized access to sensitive systems or data.

You avoid manual uninstallation efforts by automating the detection and removal process across all Windows endpoints simultaneously. This Worklet enables IT teams to maintain a consistent security posture and quickly respond to incidents or policy changes related to remote access software.

How TeamViewer removal works

1. Evaluation phase: The Worklet scans the Windows registry at HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall and the 32-bit equivalent location to check for any installed versions of TeamViewer or TeamViewer Host. If a matching DisplayName entry is found, the endpoint is flagged for remediation.

2. Remediation phase: The Worklet retrieves the UninstallString from each matching registry entry and executes it with appropriate parameters. For MSI-based installations, it runs msiexec with /x and the product GUID. For executable-based installations, it runs the uninstall executable with the /S (silent) flag. The process monitors exit codes to confirm successful removal.

TeamViewer removal requirements

• Windows Server 2008 R2 or later

• Windows Vista, Windows 7, Windows 8, Windows 10, or Windows 11

• Administrator privileges to access the registry and execute uninstall commands

• Supported on both 32-bit and 64-bit installations of Windows

• PowerShell 3.0 or later

Expected state after TeamViewer removal

After successful remediation, TeamViewer and TeamViewer Host will no longer be installed on the endpoint. The Worklet removes all registry entries associated with the application, preventing the software from being launched or configured. The Activity Log will display confirmation of which registry keys were uninstalled.

If the Worklet successfully uninstalls TeamViewer, it exits with code 0 and reports "TeamViewer Uninstall Successful" in the Activity Log. If the software was not found during evaluation, no remediation action is taken and the Worklet exits cleanly. If uninstallation fails, the Worklet reports the failure and exits with code 1, allowing IT teams to investigate and take manual action if necessary.

How to validate uninstall teamviewer changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for uninstall teamviewer.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Write-Output, Get-ChildItem, Get-ItemProperty.

4. Validate remediation effects from script operations such as Get-ChildItem, Get-ItemProperty, Where-Object, then rerun evaluation for compliance.