Fireball Malware Removal (June 2017 Update)

Keep in mind, SpyHunter’s malware & virus scanner is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.


This page aims to help you remove Fireball Malware. Our removal instructions work for every version of Windows.

The following article will contain some vital and useful information about a malicious piece of software that is known under the name of Fireball Malware. This harmful program belongs to the Trojan horse virus family – a kind of malware that is very popular among hackers and cyber-criminals due to its high level of versatility and ability to execute a wide range of malicious and harmful tasks and processes once it has infiltrated the computer. Getting rid of such Trojans as soon as you notice their presence on your PC is essential since the longer they remain on the computer, the more damage they can cause. For that reason, we have tried to give our readers a detailed, yet comprehensible guide manual with different steps aimed at removing Fireball Malware from any computers that it might have infected. You can access the said guide below this current article in case you have the virus on your machine and seek to have it removed. However, before you go there, it would be a good idea to first read the remainder of the actual article so as to get a better grasp of what Trojan horses can do and what are the usual ways through which users get their PC’s infected by these viruses.

Potential uses of a Trojan horse

The ways in which a piece of malware the likes of Fireball Malware can be used are many and here we will only give you a general idea regarding what a Trojan horse could be potentially capable of.

  • In many cases, Trojans are simply used to harm the system of the PC that they have infected. The severity of the damage might vary. For example, in some cases, the PC might still be usable, though heavily impaired due to slow-down and sudden errors while in other instances the user would not be able to do anything on their machine because of frequent freezes and Blue Screen of death (BSOD) crashes.
  • Another thing that many Trojans are used for is to stalk/spy on their victims. It is possible that the insidious program monitors what’s getting typed on the keyboard or keeps tabs on what’s happening on the infected PC’s monitor, showing it to the cyber-criminal. It is also possible that if the PC has a web-cam connected to it or if the user has a laptop with a built-in one, that the cam is also employed for the purposes of stalking and espionage.

Fireball Malware Removal

If you are a Windows user, continue with the guide below.

If you are a Mac user, please use our How to remove Ads on Mac guide.

If you are an Android user, please use our Android Malware Removal guide.


Step1

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

A lot of people ignore what is written and then ask us, so we are putting this information here. To remove parasite without it coming back, you WILL 100% have to:

  Delete files belonging to suspicious processes in your Task Manager.

 

  Meddle with system files and folders, including ones belonging to Windows.

Both of these can damage your system. If you want a fast safe solution, we always recommend SpyHunter, because it has an option, allowing its owners to send a customized fix made for your PC. We guarantee it will work. You can access it at "Spyware HelpDesk" ----> Select Problem Type ---> Unremoved Parasite. 

>> Click to Download Spyhunter. If you don't want this software, continue with the guide below.

Keep in mind, SpyHunter’s malware & virus scanner is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab (the “Details” Tab on Win 8 and 10). Try to determine which processes are dangerous. 

malware-start-taskbar

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at: https://howtoremove.guide/online-virus-scanner/




Scan Results


Virus Scanner Result
ClamAV
AVG AV
Maldet

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

Step3

Hold together the Start Key and R. Type appwiz.cpl –> OK.

appwiz

You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:

msconfig_opt

Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

Step4

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.

DNS

Step5

  • After you complete this step, the threat will be gone from your browsers. Finish the next step as well or it may reappear on a system reboot.

Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).

browser-hijacker-taskbar-properties

Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove Fireball Malware from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove Fireball Malware from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove Fireball Malware from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

Step6

WARNING!
To remove parasite, you may have to meddle with system files and registries. Making a mistake and deleting the wrong thing may damage your system.
Avoid this by using SpyHunter - a professional Parasite removal tool.

Keep in mind, SpyHunter’s malware & virus scanner is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!

  • Many hackers who seek to blackmail users via Ransomware (a type of virus that locks its victims’ personal files and keeps them that way until a ransom is paid) tend to employ Trojans as a way to infect the targeted PC with the Ransomware. In those cases, the Trojan is used as a backdoor into the user’s PC system for the Ransomware.
  • Some Trojan horse viruses are also capable of giving remote control to the hacker that’s using them over the attacked computer or simply forcing the infected machine to execute tasks that aren’t harmful for the computer but use up most of its system resources for the hacker’s profit. Such tasks are, for example, bitcoin mining or sending out spam messages to further spread the same virus or some other malicious piece of software to other PC’s.

How to detect a Trojan horse

Regardless of how prepared you are, there’s still a chance that you (or your antivirus) might fail to spot a Trojan infection. Nonetheless, the better equipped you are to counteract such a threat, the higher chance you stand at stopping it before it has caused any significant damage. In order to be able to detect a virus like Fireball Malware in time, one certainly needs to have a high-quality antivirus on their machine. Else, an infection by this type of malware might remain totally unnoticed since oftentimes there are no symptoms. In the instances where there are symptoms, some potential infection signs are frequent system errors, unusually high use of system resources, BSOD crashes, etc. However, again, since this might not always be the case, having a reliable anti-malware program is a must! Also, do not forget to install the latest security updates for your OS – another very important measure that ought to be taken.

Trojan horse distribution techniques

Most hackers rely on spam e-mails, misleading file downloads form illegal sites and various forms of malvertising in order to make their malicious program reach more computers. The best way to protect your machine from Trojans or any other type of malicious software is to be careful with what you do when online. Using your common sense when browsing the World Wide web is of utmost importance if you wish to prevent any harmful viruses from infecting your system. Stick to websites that you know and trust and never click on anything that might not be safe in order to keep away from potential security hazards.

SUMMARY:

Name Fireball
Type Trojan
Danger Level  High (Trojans are often used as a backdoor for Ransomware)
Symptoms  Slowed-down PC, BSOD crashes, RAM and CPU spikes among others.
Distribution Method Fishy e-mails and social network messages (with links or file attachments), malvertising, untrustworthy sites, shady torrents, etc.
Detection Tool We generally recommend SpyHunter or a similar anti-malware program that is updated daily.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version.
More information about SpyHunter and steps to uninstall.