Fireball, the latest chinese browser hijacker has affected around 250 million computers worldwide. Once the malware is installed, it targets the browsers and turns them into zombies. These zombies generates unwanted advertisements in the browser and has the ability to run any code on the infected machines leading to vulnerable file downloads. This malware/adware is also capable of installing more malaceous adware posing a severe threat to enterprise security. 

ManageEngine Endpoint Central offers the solution to protect your computers from Fireball malware. Using Endpoint Central you can scan the computers in your network, detect the files associated with Fireball malware and remove them immediately from the affected computers.

Download free e-book: Six best practices for escaping ransomware

Steps to secure your computers from Fireball malware using Endpoint Central

You can follow the steps given below to secure your computers from Fireball malware.

  1. Under Software deployment, create an EXE package and upload the powershell script file.
  2. Specify the installation command as powershell.exe  -ExecutionPolicy RemoteSigned -file DetectFireballMalware.ps1

    Fireball malware

  3. Under Advanced options, specify the maximum time limit for installation as 6 hours and specify the exit code as 225 and create package.

    Fireball malware

  4. Now Deploy this package as computer configuration across all the computers in your network.

    Note: When the files of the fireball malware is detected, it will get automatically removed and the deployment status will be successful. To know the computers where the malware is found, you can find the remarks on the computer as "Operation did not complete successfully because the file contains a virus or potentially unwanted software". 

    You have now saved your computers from Fireball malware using Endpoint Central.



$('a').click(function(){ $('html, body').animate({ scrollTop: $( $.attr(this, 'href') ).offset().top - 100 }, 500); return false; });