Question from a newbie poster, I apologize if I am in the wrong topic. About couple of weeks ago I chatted w/tech support at Microsoft (yes, it was Microsoft on a Office install problem. After some chat exchange, he wanted permission to log in via logmein and fix the issue. He promised not to snoop...I gave permission but then became paranoid - sorry. I reset my PC admin password and the passwords to my main email accounts. But I have over 100-150 (and still slow in adopting a password manager) passwords and sensitive docs in my PC. And now since my paranoia is in overdrive I suspect any PC slow down and it does get slow now and then. But hen I also have 30-40 tabs open in two browsers. Should I be worried about these remote programs like logmein/teamviewer etc? This was the only time I allowed someone in and from an obvious rusted source. I used sysinternals to go in and check logs but then I am no security expert, no obvious signs of remote log ins. I have a Windows 10 Dell laptop with 16GB RAM and the usual security apps like Malwarebytes premium and Avira and take the so called normal precautions. I tested my speed using speedtest and its in the normal range. Any help/pointers would be greatly appreciated.
As an anecdote, I HAD to talk to Microsoft about an activation issue and likewise, the tech wanted to remote in. Worse than you, I refused outright. What I did was simply untick "allow remote access to this computer" in Control Panel/System/Remote settings. The problem is, after a big update, this setting reverts to default-enabled. If there's more beyond that, maybe someone can help out.
For what it's worth, this is my advice. Most people say, if you put stuff online, assume its available for the world to see. I say, if you put stuff on an internet connected PC, assume its there for the world to see. Take all your sensitive documents off the internet PC and keep them on a permenantly offline PC. Once people realize the powers that be want everything we do to be online, like facebook, they will realise our home computing environment has always been intended to be a server, not a client. We were just not supposed to realise that but when we do, people will say wow, that crazy tin foil hat rocklobster dude on Wilder's was right. All these so called security flaws (literally thousands of them) were the surveillance APIs. I'll probably be dead by then though lol.
I have over the years let two people have that kind of access to my computers. Key was I knew the individuals and and trusted them. I may know the company, but if I don't know the individuals then no way.
If you called MS support then you probably don't have to worry. I use remote access software daily at my work and so far our users never experienced any problems using it (it's on demand tool that doesn't run in background when not in use). I've never used LogMeIn so don't know how their software works. If you had to install it and don't need it any more, you can just remove it and don't have to worry about it any more. If you still use it, check if unattended access was enabled and disable it (again only if you don't need it to log in remotely).
I have zero experience with these tools, but couldn't you monitor the system when he took over the PC?
We use tools like this every day for tech support. Once the customer disconnected we have no access to their system without setting up another session which they have to enter an ID for and then they are still prompted to allow us to see their screen. I would not worry about any future access after one of these sessions unless it is someone untrustworthy that installs some kind of back door, but it is highly unlikely. They also can't run anything that requires admin unless you have disabled UAC and are running as a full admin. If anyone does anything that makes you uncomfortable end the session or pull the network cable.
As far as I know Logmein service auto starts with Windows by default. You can always disable it or set it to manual if you have to have it on your machine. TeamViewer has a tickbox option for 'run once only' which does what it says and requires no installation.