Scam Explained: Virus Removal Guide Scam

The scam is a false tech support scam that swindles computer customers using a simple remote connection service. Scammers utilize the website to fool innocent individuals, but it is completely safe. In general, you should avoid any assistance from technicians that ask for remote access to your computer.

If you have already allowed fraudster access to your computer using the aforementioned service, we highly advise you to follow the steps at the bottom of this article to remove malware that the attacker installed automatically.

FastSupport (powered by LogMeIn, Inc.) is a genuine service that allows computer technicians to remotely enter a client’s computer using GoToAssist software to investigate computer issues and/or fix damage to files or the system. It may, of course, be utilized in a variety of other situations.

Unfortunately, cybercriminals take advantage of the genuine service. The most prevalent scenario in which the portal is used is when a fraudster calls the victim and requests remote access to the computer to complete a comprehensive diagnostic.

Even though FastSupport is a genuine service, tech support fraudsters utilize it to remotely access victims’ computers.

The scam scheme: Explained

After browsing a false scam page packed with pop-ups and warning messages advising about the urgent system state, most victims phone tech support fraudsters themselves.

PORNOGRAPHIC VIRUS ALERT FROM MICROSOFT, VIRUS ALERT FROM APPLE, and similar headlines are some of the most common tech support scam headlines today.

Fake websites always contain a phone number and advise the victim to call the hotline desk as soon as possible to fix any computer issues mentioned on the screen.

All you need to know is that these alerts and warnings are fake, and they are aimed at a huge number of people who are waiting for their calls to be answered so that the call-remote computer access technique may be implemented.

Once you’re on the phone with the con artist, he or she will probably advise you to go to Google or another search engine and key in “establish a remote connection with Apple” or “create a remote connection with Microsoft.”

The primary result for both searches will be the site. The con artist then instructs the victim to follow his instructions, download GoToAssist software, and begin the connection.

Opening Windows Event Viewer and displaying the warning signals and faults depicted above is one of the most common tactics used to persuade the victim that their system is in danger.

You should be aware that software frequently encounters failures or crashes, and all of these occurrences are recorded in the Event Viewer. It doesn’t necessarily indicate your machine is infected unless the fraudster does so.

Scammers who use the FastSupport service access Windows Event viewer and try to persuade the victim that their system is in danger.

The scam usually has two outcomes: the victim agrees to pay for non-existent support services (scammers frequently demand absurdly high fees for routine anti-malware application installation) or the attacker installs hazardous malware or ransomware on the machine if the victim refuses to pay.

As a result, it is strongly advised to stay away from scammers at all costs. If you come across a suspicious-looking website that claims your computer has been badly hacked, run a reliable anti-malware or antivirus program in Safe Mode to examine its condition.

Otherwise, you’ll be taken advantage of by crooks who prey on those who aren’t tech-savvy and believe the fraudsters’ claims about the computer’s security status.

Threat Summary:

  • Name: FastSupport Scam
  • Type: Tech Support Scam
  • Related
  • Dangers: Technical assistance Scammers attempt to get remote access to your computer to install spying or harmful software. They also claim to find problems and advocate purchasing various products to solve them, usually at exorbitant prices.
  • Symptoms: Suspicious calls from someone claiming to be from Apple or Microsoft; or phone pop-ups, advertising, browser redirection, or BSOD (blue-screen-of-death) displays purporting to be from Apple or Microsoft, with a suspicious tech support number to contact.
  • Removal methods: Using anti-malware software, remove the infection that is producing bogus notifications. Close the session and scan your computer with antivirus or anti-malware if you let crooks remotely access your machine.

Never trust Microsoft or Apple tech support callers – it’s a fraud

If you get a call from someone claiming to be from Microsoft or Apple informing you that your computer is in danger or has been disabled and needs to be examined remotely, it’s a clue that you’re being scammed.

These firms’ legitimate tech support never calls their customers. If you receive such a call, hang up and, preferably, report the abuse to the appropriate authorities.

Whether you’re curious how the scam criminals at were able to gain your phone number, check to see if your information was exposed in an internet data breach, or if your phone number is publicly available on any other online platform.

Since we all occasionally put our contact data on ad websites, sites like Linkedin, and similar, it is difficult to safeguard your privacy from such crooks nowadays. In other words, malevolent know where to hunt for the information they want, and once they get it, they utilize it to commit crimes.

Scammers target both Microsoft and Apple users

Users have reported receiving misleading calls urging them to visit and crooks posing as Microsoft representatives. They tell the victim that Microsoft wants to send them a $250 refund since Windows 7 is no longer supported (which is a lie because Microsoft never does), but the attackers only want access to the machine so they can install malware and cause the user privacy and financial difficulties.

Due to the activity of misleading websites that display Virus Alert From Apple pop-ups, many customers search for FastSupport Apple Scam information. These websites advise phoning a fictitious Apple HelpDesk for assistance in reactivating the machine.

Unfortunately, scammers recommend accessing the aforementioned remote access service website and giving the attackers remote Mac access. Here are some numbers that tech support scammers promote, and you should avoid them at all costs:

  • +18882705678;
  • +86672265620;
  • +1-888-834-8756;
  • +1-855-550-6155 and others.

Scammers frequently develop fake websites that advertise technical help for various software or hardware. When consumers look for it online, the odds of landing on a fake and unofficial website are significant.

Criminals frequently promote themselves as HP Printer support, Avast or Norton help, and Canon or Intel assistance, among other services. 

 fake websites associated with scam

These con artists will instruct you to download the GoToAssist.exe program and visit the website, both of which are valid. However, this does not imply that the attacker’s motives are also good.

Calling the numbers supplied will link you with someone posing as an employee of a reputable company.

If you have been duped and granted hackers remote computer access through FS, you must take immediate steps to secure your computer system.

The first step is to disconnect the remote access connection, then restart your computer in Safe Mode with Networking.

Next, download a reliable antivirus or anti-malware program and conduct a thorough system scan IMMEDIATELY to eliminate the FastSupport virus. 

It’s also a good idea to update all of your passwords, especially those kept in your browser because password-stealing Trojans are popular among attackers.

Ways people run into remote computer access scams

Scammers exploiting the service may phone you and introduce themselves as Apple or Microsoft workers.

The next thing they say is some made-up narrative about your machine sending unrecognized or malicious requests, or that your host generates unusual traffic.

Although such phrases are almost certainly meaningless, they may inspire faith in someone unfamiliar with technology.

The situation in which a victim hits a false tech support fraud website by accident or is routed there by adware or a browser-hijacking application installed on the machine is far more common.

Fake Apple or Microsoft websites frequently include Apple or Microsoft logos, cheerful persons who appear to be tech help employees, and alerts about critical system conditions.

These websites promote a tech support number that should be dialed to resolve issues. Calling these lines, however, will link you to a fraudster rather than an actual person from the promoted firm, as previously stated.

India is recognized to be the source of the majority of these tech support frauds. Unfortunately, many victims report hearing a heavy Indian accent after dialing the “helpline.”

Such call centers operate in the shadows, and despite police efforts to locate and shut them down, they resurface quickly since such a fraud operation makes a lot of money.

To prevent accessing fraudulent and deceptive websites, we recommend that you check for adware or browser hijackers regularly, carefully select new software to download and avoid suspicious websites. You should never try to get around Deceptive Site Ahead warnings in general.

How to Remove scam-related malware?

As previously stated, fraudsters utilizing the by GoToAssist service may infect your computer with malware or spyware.

You should prepare your computer following the methods below to identify and remove the virus installed via remote connection.

Run a comprehensive system scan with a reliable and trustworthy malware scanner after booting your PC in recommended mode.

If you remove the FastSupport malware automatically, it won’t take long. If you want to clean your computer manually, keep in mind that it can be a time-consuming and exhausting operation.

If you have been a victim of the stated scam, please do not hesitate to share your story in the comments below to help others avoid it.

Here are the methods to remove scam-related malware:

  1. Enter safe mode with networking
  2. Use system restore
  3. Eliminate from Windows
  4. Eliminate from macOS
  5. Delete from various browsers

Let us go through each of the solutions.

Solution 1: Enter safe mode with networking

You must start your computer in Safe Mode with Networking before attempting to remove the malware. The quickest ways to start your computer in Safe Mode with Networking are listed below.

Instructions for Windows XP/Vista/7 users:

Enter safe mode with networking
  • First and foremost, switch off your computer. Then, click the Power button to restart it, and immediately begin tapping the F8 key on your keyboard in 1-second intervals. The Advanced Boot Options menu appears.
  • Press Enter after navigating down to the Safe Mode with the Networking option using the arrow keys on the keyboard.

Instructions for Windows 8/8.1/10 users

  • Press the Power button after opening the Windows Startmenu. Press and hold the Shift key on your keyboard, then pick the Restart option.
  • This will open the Windows Troubleshooter window. Select Troubleshoot > Advanced Options > Startup Settings > Restart from the Troubleshoot menu. Click See additional recovery options if you can’t locate Startup Settings.
  • To enter Safe Mode with Networking, hit the right key between F1 and F9 under Startup Settings. It’s the F5 key in this scenario.

You may now look for and uninstall malware files associated with the scam. It is extremely difficult to detect virus-related files and registry keys, especially because malware authors often rename and alter them. As a result, using a reputable malware removal application is the simplest approach to removing such a computer virus.

Solution 2: Use system restore

To utilize System Restore, you must first establish a system restore point, which may be done manually or automatically.

Instructions for Windows XP/Vista/7 users

  • Turn off your computer. Restart it by pushing the Power button and then repeatedly pressing the F8 key on your keyboard in 1-second intervals. The Advanced Boot Options menu will appear.
  • Navigate to Safe Mode with Command Prompt using the arrow keys on the keyboard and press Enter.
Safe Mode with Command Prompt

Instructions for Windows 8/8.1/10 users

  • Click the Power button after launching the Windows Startmenu. Press and hold the Shift key on your keyboard, then use the mouse cursor to choose the Restart option.
  • This will open the Windows Troubleshooter window. Select Troubleshoot > Advanced Options > Startup Settings > Restart from the Troubleshoot menu. Click See additional recovery options if you can’t locate Startup Settings.
  • To enter Safe Mode with Command Prompt, hit the right key between F1 and F9 under Startup Settings. Press the F6 key in this scenario.

Start the System Restore process. Then,

system restore
  • Wait until the machine boots up and the command prompt appears.
  • Press Enter after typing cd restore, followed by rstrui.exe. Alternatively, execute % systemroot% system32restorerstrui.exe on the command prompt and press Enter.
  • The System Restore window appears. Next, select a previous System Restore point by clicking Next. Select one that was made before the virus.
  • To begin the system restore, choose Yes.
system restore

We recommend checking the machine with antivirus or anti-malware software after it has been restored. In most circumstances, no virus will be left behind, but it never hurts to double-check.

Solution 3: Eliminate Windows

Instructions for Windows 10/8  machines:

  • In the Windows search box, type Control Panel and press Enter or select the search result.
  • Select Uninstall an application from the Programs menu.
  • Locate the suspicious program’s entry in the list.
  • Uninstall the program by right-clicking it.
  • Click Yes if User Account Control appears.
  • Wait for the uninstallation procedure to finish before clicking OK.
Control Panel

If you are a Windows 7/XP user, proceed with the following instructions:

  • Click on Windows Start > Control Panel in the right pane (or Add/Remove Programs if you’re using Windows XP).
  • Select Programs > Uninstall an application from the Control Panel.
  • Select the undesirable program by clicking it once.
  • ClickUninstall/Change at the top.
  • Select Yes in the confirmation prompt.
  • Once the uninstallation procedure is complete, click OK.

Solution 4: Eliminate macOS

Remove items from the Applications folder:

  • Select Go > Applications from the navigation bar.
  • Look for all relevant entries in the Applications folder.
  • Drag the program to the Trash folder (or right-click and pick Move to Trash).

You must visit the Application Support, LaunchAgents, and LaunchDaemons folders and delete the following files to completely uninstall an undesirable app:

  • Go to Folder from the Go menu.
  • Click Go or press Enter after typing /Library/Application Support.
  • Look for any suspicious entries in the Application Support folder and remove them.
  • Now do the same thing with the /Library/LaunchAgents and /Library/LaunchDaemons folders, and delete all the related.plist files.

Solution 5: Delete from various browsers

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  • Select Extensions from the menu (three horizontal dots at the top-right of the browser window).
  • Select the extension from the list and click the Gear icon.
  • At the bottom, click uninstall.
Delete unwanted extensions from MS Edge

Clear cookies and other browser data:

  • Select Privacy & security from the Menu (three horizontal dots at the top-right of the browser window).
  • Choose what to clear under Clear browsing data.
  • Select everything (excluding passwords; you may want to add Media licenses as well if required) and then click Clear.
Clear cookies and other browser data

Restore new tab and homepage settings:

  • Select Settings from the menu icon.
  • Then look for the section On startup.
  • If you see any questionable domains, click Disable.

Reset MS Edge if the above steps did not work:

  • To launch Task Manager, press Ctrl + Shift + Esc.
  • At the bottom of the window, click the More info arrow.
  • Choose the Details tab.
  • Now scroll down and look for any entry that mentions Microsoft Edge. To stop MS Edge from running, right-click on each of them and select End Task.
Reset MS Edge

If this solution doesn’t work, you’ll need to use a more complex Edge reset approach. Before you begin, make sure you have a backup of your data.

  • On your PC, look for the following folder: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  • To select all folders, use Ctrl + A on your keyboard.
  • Right-click them and choose Delete. Next, right-click the Start button and select Windows PowerShell (Admin).
  • Copy and paste the following command into the new window, then hit Enter: Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -Verbose.

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  • Open Edge and go to Extensions > Settings.
  • Remove any unwanted extensions by clicking the Remove button.
  • Clear the site’s cache and data.
  • Go to Settings by clicking on Menu.
  • Choose between privacy and services.
  • Choose what to clear under Clear browsing data.
  • Select All time under Time range.
  • Now choose Clear.

Reset Chromium-based MS Edge:

  • Select Settings from the menu.
  • Select Reset settings from the menu on the left.
  • Restore settings to their default values by selecting this option.
  • Click Reset to confirm.

Delete from Mozilla Firefox

Remove dangerous extensions:

  • Open Mozilla Firefox and select the Menu option (three horizontal lines at the top-right of the window).
  • Choose Add-ons.
  • Select the undesirable plugin and click remove.
open Mozilla Firefox. Choose Add ons

Reset the homepage:

  • To access the menu, click three horizontal lines in the upper right corner.
  • Select your options.
  • Enter your chosen site under Home settings to have it open every time you start Mozilla Firefox.

Clear cookies and site data:

  • Select Options from the menu.
  • Go to the section on privacy and security.
  • To find Cookies and Site Data, scroll down.
  • Select Clear Data.
  • Clear the Cookies and Site Data, as well as the Cached Web Content.
Clear cookies and site data

Reset Mozilla Firefox:

  • If clearing the browser does not work, try resetting Mozilla Firefox:
  • Click the Menu button on the Mozilla Firefox browser.
  • Select Troubleshooting Information from the Help menu.
  • Click Refresh Firefox under the Give Firefox a Tune Up area.
  • When the pop-up appears, click Refresh Firefox to confirm your action.

Remove from Google Chrome

Remove harmful Google Chrome extensions:

  • Open Google Chrome, choose More tools > Extensions from the Menu (three vertical dots in the top-right corner).
  • All installed extensions will be visible in the newly opened window. By choosing Remove, you may remove all questionable plugins that might be linked to the harmful software.
Remove harmful Google Chrome extensions

Chrome cache and web data should be cleared:

  • Select Settings from the menu.
  • Select Clear browsing data under Privacy and security.
  • Browsing history, cookies, and other site data, as well as cached pictures and files, may all be selected.
  • Select Clear data.
Chrome cache and web data should be cleared

Change your homepage:

  • Select Settings from the menu.
  • In the On startup area, look for a questionable site.
  • Click on the three dots to discover the Remove option after clicking on Open a specific collection of pages.

Reset Google Chrome:

If none of the above techniques worked, try resetting Google Chrome to remove all of the undesirable components:

  • Select Settings from the menu.
  • Scroll down to Advanced in the Settings menu.
  • Locate the Reset and Clean Up section by scrolling down.
  • Now click Restore settings to their values.\
  • Reset the settings to confirm.

Delete from Safari

Remove unwanted extensions from Safari:

  • ClickSafari > Preferences.
  • Select Extensions in the new window.
  • Uninstall the undesirable extension by selecting it.

Clear cookies and other website data from Safari:

Reset Safari if the above-mentioned steps did not help you:

  • ClickSafari > Preferences…
  • Select the Advanced tab.
  • Select the Show Develop menu option in the menu bar.
  • Select Empty Caches from the menu bar after clicking Develop.


Manual malware removal is time-consuming, so it’s best to let anti-malware and anti-virus software handle it for you.

If the virus is already affecting your surfing experience, follow the methods above to get rid of it. When manually uninstalling a virus, you must know the virus’s identity.

We recommend that you check your PC system with good anti-spyware after removing this potentially unwanted program (PUP) and repairing each of your web browsers.

This will assist you in removing registry traces from your computer as well as discovering any connected parasites or malware infestations.


What Is Fastsupport?

FastSupport is a legal website that uses the GoToAssist toolset to enable remote computer access. Although this site is genuine, cyber thieves take advantage of it to make money. Remote access services are often used and lawful.

What Is GoToAssist Used For?

GoToAssist allows you to assist mobile devices remotely, allowing end customers to stay connected wherever they are. Androids may be viewed and controlled. Android devices with unattended access.

How Do I Enable GoToAssist On Mac?

Enter your Mac login and password after clicking the Unlock icon in the bottom-left corner. In the left menu, select Accessibility. Check the box to give the following app control: Corporate customer of GoToAssist.

Meet the Author

Abdul Rahim has been working in Information Technology for over two decades. Learn how Abdul got his start as a Tech Blogger , and why he decided to start this Software blog. If you want to send Abdul a quick message, then visit his contact page here.