Browser Redirect

Fiber.Js

Parasite may reinstall itself multiple times if you don't delete its core files. We recommend downloading SpyHunter to scan for malicious programs installed with it. This may save you hours and cut down your time to about 15 minutes. 

Download SpyHunter Anti-Malware

More information on SpyHunter, steps to uninstallEULAThreat Assessment Criteria, and Privacy Policy.


How Harmful Is Fiber.Js

This is a virus based primarily on advertisement activities. Its removal is more than recommended, unless you are prepared to absorb some severe losses in terms of the time it would take to restore your system to its previous level. Adware are not the most threatening viruses out there, but rather the backdoor other viruses use to slither in. With this in mind, please feel free to skip to the removal section below, but take your time to read the rest later. I’m hoping it can be quite useful to you, since I’ve designed the article to include sections that should be helpful in avoiding malware in the future.

fiber-js-virus

This virus is usually accompanied by the picture you see above and the following message:

  • Windows Script Host
    Can not find script file C:ProgramData335CDB9F-63DE-0A19-D258-7A9B02DAA9151.9.1.1fiber.js.

If you’ve seen this, then undoubtedly you’ve come to the right place, as this virus can lead to pretty significant system errors over time. The first very important note you should make is to NOT update or install anything that your PC wants. It is the virus 90% of the time. It is disguised as a real program, because the majority of users fall for that trick. This is the key here – adware do not have access to anything unless you let them, hence they do everything in their power to manipulate them into giving them clearance. If you just ignore every message saying there’s a missing plugin, install XXX player to continue, Java or FlashPlayer needs an update, a newer version of whatever is out – then you should be perfectly fine. Do not let yourself be deceived. Typically the damage that Fiber.Js manages to inflict is collateral, in the sense that it just invites other viruses and they are the real threat. But they are a near immeasurable problem. We’ve found out that some malware start exposing your personal information and passwords to the people who created it. Suddenly all your accounts may change allegiances, even your bank accounts.

How Fiber.Js Works

Fiber.Js itself works through a bombardment of advertisements. As well as being immensely annoying, a bad side effect of all the hyperlinks is a slowing down of your CPU, which leads to system errors, browser crashing, and frequent stuttering. You should be glad to know that all of these will be in the past once you’ve removed the virus. The banners and ads themselves are very selective apparently, even if at the beginning they seem useful for giving you competitive prices on products you’re interested in. In essence, all they exist for is to lure you to the websites. That is done for two main reasons:

  • Either to promote said websites, because the virus owners own them as well.
  • Or the creators were hired and they make money from good old pay per click.

How Fiber.Js Entered My Computer

Well, basically it marched through your front door. One easy way to contract the virus is by opening spam email. This may sound surprising, because it’s a very obvious method, but it works nonetheless. Typically users are confused when they see a legitimate institution contacting them, the FBI or something related to tax. It may even be a a firm that supposedly sends the wrong address details for a deal. These are all fakes that can be discerned by spelling errors and bad grammar. At any rate if you click links in the email or download attachments, you get a nasty virus.

The second and more prominent way is by getting installed with another software. Free software are well-known for having viruses in their setups. It has to ask you at some point if you want to include the “bonus” which of course you don’t want, because you’ll end up with Fiber.Js. Keep your eyes peeled from now on if this is what happened. Never include side material a program proposes.

SUMMARY:

Name Fiber.Js
Type Browser Hijacker
Danger Level Medium (nowhere near threats like Ransomware, but still a security risk)
Symptoms You may have to endure a constant spam of adverts and sudden page-redirects if you have a Browser Hijacker on your system.
Distribution Method Software bundling is a commonly used method that the developers of Browser Hijackers use to distribute such software.
Detection Tool

Remove Fiber.Js

To try and remove Fiber.Js quickly you can try this:

  1. Go to your browser’s settings and select More Tools (or Add-ons, depending on your browser).
  2. Then click on the Extensions tab.
  3. Look for the Fiber.Js extension (as well as any other unfamiliar ones).
  4. Remove Fiber.Js by clicking on the Thrash Bin icon next to its name.
  5. Confirm and get rid of Fiber.Js and any other suspicious items.

If this does not work as described please follow our more detailed Fiber.Js removal guide below.

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Step1

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

We get asked this a lot, so we are putting it here: Removing parasite manually may take hours and damage your system in the process. We recommend downloading SpyHunter to see if it can detect parasite files for you.

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab (the “Details” Tab on Win 8 and 10). Try to determine which processes are dangerous. 

malware-start-taskbar

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at: https://howtoremove.guide/online-virus-scanner/




Scan Results


Virus Scanner Result
ClamAV
AVG AV
Maldet

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

Step3

Hold together the Start Key and R. Type appwiz.cpl –> OK.

appwiz

You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:

msconfig_opt

Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

Step4

To remove parasite on your own, you may have to meddle with system files and registries. If you were to do this, you need to be extremely careful, because you may damage your system.

If you want to avoid the risk, we recommend downloading SpyHunter
a professional malware removal tool.

More information on SpyHunter, steps to uninstallEULAThreat Assessment Criteria, and Privacy Policy.

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.

DNS

Step5

  • After you complete this step, the threat will be gone from your browsers. Finish the next step as well or it may reappear on a system reboot.

Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).

browser-hijacker-taskbar-properties

Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove Fiber.Js from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove Fiber.Js from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove Fiber.Js from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

Step6

Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


2 Comments

    • CCleaner is one of the better registry cleaners, but all registry cleaners can fuck up sometimes and that, in the end, will cost you more time and effort than manual fix 🙂

Leave a Comment