A new browser hijacking infection has been attempting to promote malicious software under the pretext of rolling out an Internet Explorer patch. The attacked users repeatedly get phony popups that recommend them run a file named Internet_ExplorerPatch.hta, which turns out to host a harmful routine instead of enhancing the browser’s security. This issue is backed by a hostile browser script that’s either enabled from inside the computer or gets triggered when a compromised site is visited.
Most of the instances where people are presented with the counterfeit ‘Internet Explorer patch setup’ screens are associated with 45.mpcofobjxfgr.iebahomaniyat.com domain name. Redirects to that page are hardly ever accidental. They happen for a reason: a breed of dangerous browser-disrupting code that resides on the PC keeps rerouting the victim’s traffic every so often, thus increasing the success rate of unwanted downloads across all affected machines. The actual application concealed under the catchy Internet_ExplorerPatch.hta object is anything but the patch proper. It can be spyware, a trojan or an ad-injecting browser extension.
To be more persuasive in its tactic, the popup virus automatically determines and displays such details of the system as the browser version, the IP address, the location and the network segment. The latter is claimed to be ‘vulnerable to malware injections’, with the vulnerability level set to the alarming 93% or so. There is also a dummy scan whose progress status is indicated on the ‘Internet Explorer Security Warning’ box. Generally, the warnings seem quite realistic, so people are quite likely to opt in to the fake IE patch installation. Even if they don’t, it’s difficult to exit the page because it’s configured as a loop where the event of clicking the x button generates more popups. Using the Task Manager to end the task corresponding to the browser that’s acting up is temporarily effective, but the redirects will continue occurring throughout the next Internet sessions.
On the face of it, the fix in this predicament should come down to removing the hijacker from all web browsers installed on the computer, but that’s merely a partial remediation. The infection sits yet deeper in the system, therefore the Registry troubleshooting and some code deobfuscation work are mandatory as well. Now learn the complete set of cleanup directions to do away with the Internet_ExplorerPatch.hta popup problem.
Table of Contents
Internet_ExplorerPatch.hta popup automatic removal
The extermination of Internet_ExplorerPatch.hta redirect can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.
1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option
2. The scan will come up with a list of detected items. Click Fix Threats to get the popup removed from your system. Completing this phase of the cleanup process is most likely to lead to complete eradication of the infection. However, it might be a good idea to consider ascertaining the popup is gone for good.
Remove Internet_ExplorerPatch.hta popup using Control Panel
- Open Control Panel. On Windows XP / Windows 8, go to Add or Remove Programs. If your OS is Windows Vista / Windows 7 / Windows 10, choose Uninstall a program
- Look down the list and locate an app that appears fishy. Click the Uninstall/Change (Change/Remove) option to get the intruder removed if spotted
Internet_ExplorerPatch.hta popup removal by resetting the affected browser
Please take into consideration that as effective as it is, the procedure of restoring browser defaults will lead to the loss of personalized settings such as saved passwords, bookmarks, browsing history, cookies, etc. In case you are not certain this outcome is suitable despite its obvious efficiency, it’s advised to follow the automatic removal method described in one of the previous sections of this tutorial.
Reset Google Chrome
- Click on the Chrome menu icon and select Settings
- Locate the Advanced option under Settings and click on it to expand the menu. Then, pick the Reset button at the bottom
- When a new screen appears, hit Reset once again
- Chrome will now display a confirmation dialog box listing the types of data that will be lost if you proceed. Read the message carefully and, if you’re sure, click Reset
Reset Mozilla Firefox
- Click on Help menu and select Troubleshooting Information from the drop-down list, or type about:support in the URL field
- On the Troubleshooting Information screen, click Refresh Firefox option and confirm the procedure on another dialog
Reset Internet Explorer
- In IE, go to Tools and select Internet Options from the list
- Hit the Advanced tab and click on the Reset option
- IE will now display Reset Internet Explorer Settings box, where you should put a checkmark next to Delete personal settings option and click Reset at the bottom
Verify whether Internet_ExplorerPatch.hta popup has been completely removed
For certainty’s sake, it’s advised to repeatedly run a scan with the automatic security software in order to make sure no harmful remnants of this redirect are left inside Windows Registry and other operating system locations.