How To Uninstall Fireball (100% Proven Adware Removal Guide)

Delete Fireball

Expert Analysis on Fireball (An Adware)

As we all know very well that Adware infection grows rapidly and causes too much annoyance while surfing the Internet or doing any online operation. Recently, Check Point Threat Intelligence and Research teams discovered Fireball adware, a high volume Chinese malware operation that infected over the 250 million Systems globally. This type of adware takes control over the entire installed web browsers including Chrome, IE, Firefox, Opera, Edge, Safari and much more and then after turns them into the zombies. It is the most popular because of its two main functionality that are the ability of executing any malicious codes on the victim System and downloading of any file or threat and the manipulation of infected browser in order to generate advertisements revenues.

Fireball adware operation is executed by the Rafotech which is a legal digital marketing agency based in the Beijing. This agency uses such an adware to alter the victim's web browsers and turn the default search engines into the fake site. It redirects user's search queries to either Google or Yahoo. The worst behavior of this adware is that it uses tracking pixels in order to gather victim's all sensitive data such as IP addresses, username, banking login details, password, contact details, addresses, debit or credit card details etc and then after forwarded them to the remote attackers for illegal purposes.

Fireball creates backdoor to each infected network

Like other adware, Fireball are very hybrid creatures. Although, Rafotech uses this adware only for initiating web traffic and boosting web traffic. It has the ability to perform several vicious actions on victim's Systems. From the technical perspective, this adware displays great quality evasion and sophistication methods such as multi-layer structure, flexible command & control server and anti-detection capabilities.

Sources of Fireball infiltration

Being a nasty adware, Fireball creators uses several deceptive and tricky method to attack Windows System. When you download cost free services or freeware then it secretly lurks inside your System as an additional program without your awareness. The developer of such a threat knows very well that System user perform the installation procedure in hurry. That's why, you need to be very careful and attentive while installing anything from the Internet. Read terms & conditions carefully, accept software license, select Advanced/Custom mode of installation instead of Typical/Default ones etc. By taking these steps in your day-to-day life, you can easily avoid your Computer from Fireball.

know whether your PC has infected?

In order to identify, if you are infected with Fireball or not, first of all open your browser. Then after check your default homepage or search engine changed or not. Unable to reset your browser settings? Unfamiliar with the modification in entire browser as well as entire browser settings? If so, then it is clear that your System has been infected with Fireball and you need to take an action immediately regarding the uninstallation of Fireball.

Click to Free Scan for Fireball on PC



Learn To Remove Fireball Using Manual Methods

Phase 1 : Show Hidden Files To Delete Fireball Related Files And Folders

1. For Windows 8 or 10 Users : From the Ribbon’s View in My PC click on Options icon.

Folder search option Win 10 or 8

2. For Windows 7 or Vista Users : Open My Computer and tap on Organize button on the upper left corner and then to Folder and Search Options from the drop down menu.

Folder search options Win vista or 7

3. Now go to the View tab and enable Show hidden files and folder options and then uncheck the Hide protected system operating files checkbox option below.

Folder and Search options step 3

4. Finally look for any suspicious files in the hidden folders as given below and delete it.


  • %AppData%\[adware_name]
  • %Temp%\[adware_name]
  • %LocalAppData%\[adware_name].exe
  • %AllUsersProfile%random.exe
  • %CommonAppData%\[adware_name]

Phase 2 : Get Rid of Fireball Related Extensions Related From Different Web Browsers

From Chrome :

1. Click on Menu icon, hover through More Tools then tap on Extensions.

chrome tools extensions

2. Now click on Trash icon on the extensions tab there next to suspicious extensions to remove it.

chrome extensions trash

From Internet Explorer :

1. Click on Manage add-ons option from the drop down menu on going through Gear icon.

IE manage add-ins

2. Now if you find any suspicious extension in the Toolbars and Extensions panel then right click on it and Delete option to remove it.

IE toolbar and extensions

From Mozilla Firefox :

1. Tap on Add-ons on going through Menu icon.

mozilla add-ons

2. In the Extensions tab click on Disable or Remove button next to Fireball related extensions to remove them.

mozilla extensions

From Opera :

1. Press Opera menu, hover to Extensions and then select Extensions manager there.

Opera Extension 1

2. Now if any browser extension looks suspicious to you then click on (X) button to remove it.

Opera Extension 2

From Safari :

1. Click Preferences… on going through Settings Gear icon.

safari settings - preferences

2. Now on Extensions tab click on Uninstall button to remove it.

Safari Extension tab

From Microsoft Edge :

Note:–As there is no option for Extension Manager in Microsoft Edge so in order to sort out issues related with adware programs in MS Edge you can change its default homepage and search engine.

Change Default Homepage of Ms Edge –

1. Click on More(…) followed by Settings and then to Start page under Open With section.

Microsoft Edge View advanced settings

2. Now select View advanced settings button and then in Search in the address bar with section, you can select Google or any other homepage as your preference.

Ms Edge Homepage 2

Change Default Search Engine Settings of Ms Edge –

1. Select More(…) then Settings followed by View advanced settings button.

Microsoft Edge View advanced settings

2. Under Search in the address bar with box click on <Add new>. Now you can choose from the available list of search providers or add you preferred search engine and click Add as default.

Ms Edge Search Engine 2

Phase 3 : Block Unwanted Pop-ups from Fireball On Different Web Browsers

1. Google Chrome : Click Menu icon → Settings → Show advanced settings… → Content Settings… under Privacy section → enable Do not allow any site to show pop-ups (recommended) option → Done.

Chrome Block pop-ups

2. Mozilla Firefox : Tap on Menu icon → Options → Content panel → check Block pop-up windows in Pop-ups section.

Mozilla Block Pop-ups in Content tab

3. Internet Explorer : Click Gear Settings icon → Internet Options → in Privacy tab enable Turn on Pop-up Blocker under Pop-up Blocker Section.

Pop-up Blocker Internet Explorer

4. Microsoft Edge : Press More(…) option → Settings → View advanced settings → toggle on Block pop-ups.

Ms Edge Block Pop-ups

Free Scan Now

Still having troubles in removing Fireball from your compromised PC ? Then you don’t need to worry. You can feel free to ask questions to us about malware related issues.