A new browser hijacking infection has been attempting to promote malicious software under the pretext of rolling out an Internet Explorer patch. The attacked users repeatedly get phony popups that recommend them run a file named Internet_ExplorerPatch.hta, which turns out to host a harmful routine instead of enhancing the browser’s security. This issue is backed by a hostile browser script that’s either enabled from inside the computer or gets triggered when a compromised site is visited.
Most of the instances where people are presented with the counterfeit ‘Internet Explorer patch setup’ screens are associated with 45.mpcofobjxfgr.iebahomaniyat.com domain name. Redirects to that page are hardly ever accidental. They happen for a reason: a breed of dangerous browser-disrupting code that resides on the PC keeps rerouting the victim’s traffic every so often, thus increasing the success rate of unwanted downloads across all affected machines. The actual application concealed under the catchy Internet_ExplorerPatch.hta object is anything but the patch proper. It can be spyware, a trojan or an ad-injecting browser extension.
To be more persuasive in its tactic, the popup virus automatically determines and displays such details of the system as the browser version, the IP address, the location and the network segment. The latter is claimed to be ‘vulnerable to malware injections’, with the vulnerability level set to the alarming 93% or so. There is also a dummy scan whose progress status is indicated on the ‘Internet Explorer Security Warning’ box. Generally, the warnings seem quite realistic, so people are quite likely to opt in to the fake IE patch installation. Even if they don’t, it’s difficult to exit the page because it’s configured as a loop where the event of clicking the x button generates more popups. Using the Task Manager to end the task corresponding to the browser that’s acting up is temporarily effective, but the redirects will continue occurring throughout the next Internet sessions.
On the face of it, the fix in this predicament should come down to removing the hijacker from all web browsers installed on the computer, but that’s merely a partial remediation. The infection sits yet deeper in the system, therefore the Registry troubleshooting and some code deobfuscation work are mandatory as well. Now learn the complete set of cleanup directions to do away with the Internet_ExplorerPatch.hta popup problem.
Internet_ExplorerPatch.hta popup virus automatic removal
Extermination of Internet_ExplorerPatch.hta malware can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.
1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option
2. The scan will come up with a list of detected items. Click Fix Threats to get the adware removed from your system. Completing this phase of the cleanup process is most likely to lead to complete eradication of the infection. However, it might be a good idea to consider ascertaining the malware is gone for good.
Remove Internet_ExplorerPatch.hta threat using Control Panel
- Open Control Panel. On Windows XP / Windows 8, go to Add or Remove Programs. If your OS is Windows Vista / Windows 7, choose Uninstall a program
- Look down the list and find an app or apps that seem fishy. Click the Uninstall/Change (Change/Remove) option to get the intruder removed if spotted
Internet_ExplorerPatch.hta redirect removal by resetting the affected browser
Please take into consideration that as effective as it is, the procedure of restoring browser defaults will lead to the loss of personalized settings such as saved passwords, bookmarks, browsing history, cookies, etc. In case you are not certain this outcome is suitable despite its obvious efficiency, it’s advised to follow the automatic removal method described in one of the previous sections of this tutorial.
Reset Mozilla Firefox
- Click on Help menu and select Troubleshooting Information from the drop-down list, or type about:support in the URL field
- On the Troubleshooting Information screen, click Refresh Firefox option and confirm the procedure on another dialog
Reset Internet Explorer
- In IE, go to Tools and select Internet Options from the list
- Hit the Advanced tab and click on the Reset option
- IE will now display Reset Internet Explorer Settings box, where you should put a checkmark next to Delete personal settings option and click Reset at the bottom
Reset Google Chrome
- Click on the Chrome menu icon and select Settings
- Locate Show advanced settings option and click on it
- Now you need to click on the Reset browser settings button at the bottom
- Chrome will display a confirmation dialog box listing the types of data that will be lost if you proceed. Read the message carefully and, if you’re sure, click Reset
Verify whether Internet_ExplorerPatch.hta popup virus has been completely removed
For certainty’s sake, it’s advised to repeatedly run a scan with the automatic security software in order to make sure no harmful remnants of this adware are left inside Windows Registry and other operating system locations.