Support Used Team Viewer - How can I make sure it's gone?

Any of you IT guys use this or know about this?

He directed me to their website and I installed it from the front page. I assume that all he did was the support that I saw, since my display stayed up while he was in control.

It's just a little freaky to see someone else with access to everything.

He said that it generates a new password with each session, and a new ID with each reboot. I don't know if I observed this.

It doesn't show up in the uninstall menu for windows 7, but it looks like there's a service related to it in the services part of task manager. The one encouraging part is that the only option is to turn the service ON, which makes me hope it's off.

TeamViewer is not some tricky malicious tool. If you've uninstalled it, it's uninstalled.

It doesn't hide itself. Are you certain that the service you're seeing is in fact related to TeamViewer?

He said that it generates a new password with each session, and a new ID with each reboot. I don't know if I observed this.

The new ID with each reboot isn't accurate, but the new password is (provided you haven't set a permanent one instead).

I use TeamViewer to remotely manage all the workstations at our company office out in California.

You can use teamviewer without installing it. When you launch the exe you are given the option to run. It extracts in a temp fashion and removes itself once you close it.

If you're concerned about stuff being left behind and loading up behind your back, grab sysinternals autoruns and take a look.

I haven't removed it. It doesn't show up in add remove programs.

The opportunity for abuse, and the Freeware look of their website is what makes me nervous.

So the general opinion is that I'm OK?
I was disturbed how I didn't even have to mess with my router.
I've had more trouble getting Multiplayer games to connect than to give someone full access to all of my files and User level control in an admin account.

How much can I rely on my router firewall. I guess not at all for anything going through a browser.

Man, IT and networking coursed weren't available during school when I was there. I should take some community college night courses.

You're OK.

Teamviewer and the like can ignore your firewall's inbound security because the user and support person both establish an outbound connection to a third party's server. If the software isn't running, there's no way to connect. I've used Teamviewer quick support many times, and can confirm it doesn't leave anything behind once you quit and delete the downloaded file.

You're fine. TeamViewer is not malware. It's a tool that creates a VPN connection to your machine, and it only does it with your explicit say-so. This is normal stuff these days. There's nothing hanging out, and the credentials are all wiped at the end of the session. If he needs to come in there again, you have to start over with a new password, and the service builds an entirely new VPN every single time.

Just to make yourself feel better, you can try cold-booting your machine. If that service being listed is just a left-over from the session and not something actually installed (which is my guess), it won't be re-instantiated when the operating system reloads, and that will be gone. Or, using the service set it up, and since you say it's shut off then you're good.

Most firewalls are configured to allow you to freely connect OUT, but to block anything unsolicited coming IN. If your teamviewer client starts sending packets to the support person's machine, and THEIR firewall (if they have one) is configured to allow the packets in, then their support console will allow the connection, and your firewall will allow all the traffic, because your client started the conversation. It's like you asked for a web page... in essence, you invited the support person in. Better hope he/she isn't a vampire!

More seriously: who is the support person? Is he or she from work? Anytime you run a binary from anyone, you're opening yourself up in a major way to being hijacked. So who that person is matters a lot more than what you were told you were running. No matter what that program said on the tin, the contents could have been deeply toxic, so it's important that you know and trust who you're getting software from.

In other words: if this support guy was from work, you're probably just fine. If it was some cold caller claiming to be from Microsoft, then you're screwed.

TeamViewer is fine, as is LogMeIn Rescue which is what we use at work. As others said, if you invited the person in, then once you install it, it's gone. It's designed specifically to get through most not super paranoid firewalls and routers which is why lots of manufacturer support departments use it too. They're both trustworthy applications from notable companies.

Malor wrote:

In other words: if this support guy was from work, you're probably just fine. If it was some cold caller claiming to be from Microsoft, then you're screwed.

Yes it was Autodesk. It was a support call by appointment.
Funny thing. Once he was in, he looks at my desktop and goes, "I play all those too". Then we had a short conversation about how he didn't have any luck with DayZ.

So it was a legit call that I initiated.

IMAGE(http://i156.photobucket.com/albums/t22/Gumbie84/haxxorz-on-your-pc.jpg)