Why is mshta.exe an unsafe application?

I opened Control panel, User accounts in Windows XP, and got the attached alert for mshta.exe.

Why is mshta.exe (Microsoft (R) HTML Application host) unsafe?

Thanks. :slight_smile:

[attachment deleted by admin]

Hello JoWa,

If you got no malwares and it’s the real mshta.exe (chekc properties, file located in the windows-system32 directory, it is around 45kbytes) on your computer and you only opened something (i guess add/remove programs) from control panel, you can allow it to run.
Some malware types - especially spywares/trojans with downloaders e.g. built into a chm file with a bug - loved to use hta files to get into your system, so i guess the team haven’t decided yet weather mshta can be safe or not. If the system is clean, you can let mshta.exe run.

Hello Arkangyal.

Thanks for the reply. :slight_smile:

Yes, it is located in C:\WINDOWS\system32, and the size is 44,5 kB. (The file is not signed. :slight_smile:
I got the alert on three computers, so I guess everything is alright (all systems are clean). :wink:

hello. i don’t know anything about why that mshta.exe is unsafe ;D

but D+ also said wscript.exe as unsafe


[attachment deleted by admin]

I ran into this mshta deal as well. On both pcs. They are both clean as well. If you know the pc is clean. Select treat ap as trusted windows system ap. It should let the user know it is a windows file or some thing.