Fastsupport

Fastsupport Image

Fastsupport is a legitimate software that appears on a system as the GoToAssist.exe process during operations. The purpose behind it is to help computer techs to gain remote access to a computer for customer support reasons and to fix problems the users are unable to fix by themselves. Hackers have found ways to use that remote access for their needs, however, thus the website was used to spread unsolicited requests to access victimized machines and to install malicious software that may lead to further problems.

While the people behind scams using Fastsupport attempt to reach their audience, they usually set up a number of fake websites that are made to appear as the first positions in a normal Google Search. The websites often promote various scam services to fool people using Fastsupport.com to "fix" their system. Users should be careful about any websites that look like the original ones, but aren't really legitimate. Without recognizing the scam for what it is, users may provide remote access to cybercriminals that may end up controlling their computer for various tasks.

What are the signs of a potential infection after a FastSupport Scam?

The GoToAssist.exe/Fastsupport.com scam may also appear as an ad that claims your system is damaged. It also claims you need to allow allegedly certified Microsoft Technicians to work on the problem and fix it. Ads of this kind may infect a machine with malware. An often-found sign of something being awry is when the CPU or GPU usage of a machine is spiking due to imposter processes running in the background.

The criminals who happen to use Fastsupport and similar screen sharing software tend to go for infecting victimized computers with a range of malware threats. Banking trojans, spyware, ransomware and the more harmless Potentially Unwanted Programs (PUP) make the rounds in such cases.

If users happen to encounter this kind of scam, they are advised to close the tab or the browser pushing these kinds of services. The corrupted search results and ads are most often due to PUPs, adware and similar software on an infected system.

Users should keep in mind that the developers of Fastsupport have nothing to do with the scams, the threat actors are using Fastsupport as a stepping stone for spreading their malware and scams. Once any extensions connected to known threats have been removed, users should reset their affected browser to ensure there are no leftover files.

What are the ways users can avoid issues stemming from a FastSupport scam?

Make sure you reject Recommended or Quick settings upon software installation.
Choose advanced and custom settings for more details.
Unmark any pre-selected boxes that may end up installing additional software.
Always remember to check your system for infections on a regular basis.

Getting rid of infections resulting from a FastSupport scam and blocking remote access

If you have been bothered by issues after a recent scam attempt or an infection, you should ensure you reset the browsers you're using. There is a good chance they may have been altered by unwanted programs or malware to trick you into visiting scam websites. The following examples cover how you can do that for various operating systems and browsers:

Windows Systems Potentially Unwanted Programs removal

1. Click on Start > Control Panel > Programs and Features (for XP users, click on Add/Remove Programs instead).
2. If you are a Windows 8/10 user, then you should right click on the lower left corner of the screen. There you can find the 'Quick Access Menu', choose 'Control Panel' and then 'Uninstall a Program'.

Mac OS X System removal of Potentially Unwanted Programs

1. If you are a Mac user, click on the 'Go' button near the top left corner of the screen and select 'Applications'.
2. Once you see the Applications folder, check for any suspicious program that wasn't present before using Fastsupport.com. These may not always be easy to identify, but any suspicious entries in here should be removed. Click on them and select 'Move to Trash'.

Uninstalling Suspicious Add-Ons from Internet Explorer

1. Open Internet Explorer, then click on the gear icon in the top right corner, selecting 'Manage Add-ons'.
2. You will now see the 'Manage Add-ons' window. Any suspicious plugins that weren't present before working with the FastSupport.com network should be disabled or downright removed.
3. Change your homepage back to default if it was affected. You can do that by once again clicking on the gear icon and then selecting Internet Options. In the General tab you remove the malicious URL, replacing it with one of your choosing or leaving it empty. Click apply when you're done to save the changes.
4. You can reset Internet explorer as a final option by clicking on the gear icon, choosing 'Internet Options' and then the 'Advanced' tab. In there you can click on Reset. When the new window pops up, choose 'Delete Personal Settings' and then 'Reset' again to complete the wipe. Keep in mind that any bookmarks and stored passwords you had will also be lost in the reset.

Resetting Microsoft Edge to remove suspicious settings and add-ons

1. Launch the Microsoft Edge app and click on 'More' – the three dots in the top right corner of the window.
2. Once their click on Settings for more options.
3. In the Settings window, click on 'Choose what to clear' right under the 'Clear Browsing Data' option.
4. Here you can select various options on what to wipe, such as browsing history, cookies, download history, cached data, passwords and more.
5. Right click on the 'Start' button (the Windows menu button on the bottom left of your screen) and select 'Task Manager'.
6. In the 'Processes' tab, look for Microsoft Edge. Right click on it and choose the 'Go to details' option. If there is no 'Go to details' choose 'More details'.
7. Find every entry with Microsoft Edge on it, right click on each and select 'End Task'.

Removing Dangerous Extensions from Mozilla Firefox

1. Open Mozilla Firefox, then click on the menu icon in the top right corner, selecting 'Add-ons', then 'Extensions'.
2. Here you can find any questionable plugins that appeared after a FastSupport-related scam. Click 'Remove' to get rid of them. If that doesn't help, proceed to step 3.
3. Resetting Firefox can be done by clicking on the question mark icon in the top left of the window. There, you can find the 'Troubleshooting Information' option.
4. You will see the 'Reset Firefox to its default state' option there, alongside the 'Reset Firefox' option. Click that and again 'Reset Firefox' in the new window and the reset will be complete. Keep in mind that all settings and passwords will be wiped as well.

Getting rid of Suspicious extensions from Google Chrome

1. Deleting malicious plugins can be done by clicking on the menu icon in the top right corner, then selecting Tools, followed by Extensions.
2. Here you can select any suspicious and potentially malicious plugins, clicking on the trash icon to dispose of them.
3. Clicking on the menu icon again and choosing Settings>Manage Search Engines under the Search section will allow you to remove any malicious search engines added to the browser.
4. Resetting Chrome is the last potential option on the list if all else fails. You can do that by clicking on the menu icon in the top right corner of the browser window. Click Settings, then 'Reset Browser Settings'. Once the window pops up, click the Reset button to complete the operation.

Eliminating extensions from the Safari Browser

1. Open the Safari browser and click on Safari in the menu at the top left part of the window. Select 'Preferences'.
2. Select 'Extensions' and look for any suspicious entries, then click on the uninstall button next to those to remove them.
3. Resetting Safari can also be a solution in case things don't work out by removing extensions.
4. You will see a number of settings to choose from. Select all of them and click reset to complete the wipe. All your passwords and bookmarks will be removed as well.