MHTML://html before all URLs in Internet Explorer

Has anyone seen a problem where Internet Explorer puts MHTML before all HTTP:// in the address bar in Internet Explorer? Have tried looking in the standard prefix values in the registry, but it all looks normal.  Does anyone have any ideas?

Thanks,
Daniel Murfitt
LVL 1
DClaydenAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

humeniukCommented:
MHTML (Multipurpose Internet Mail Extension HTML) is a file format that IE uses to save web pages as a "web archive" (in IE, click file->save as->select to save as 'web archive' .mht extension) with all the elements (ie. images) embedded (more info at http://support.microsoft.com/default.aspx?scid=kb;en-us;221787).  It's handy if you want to send the page to someone (instead of a link), etc.  Having Outlook Express installed is a requirement for using MHTML.

However, this feature creates a vulnerability:
"MHTML URL Processing Vulnerability - CAN-2004-0380:
A remote code execution vulnerability exists in the processing of specially crafted MHTML URLs that could allow an attacker’s HTML code to run in the Local Machine security zone in Internet Explorer. This could allow an attacker to take complete control of an affected system."
(source: www.microsoft.com/technet/security/bulletin/MS04-013.mspx)

I don't know if this behavior is a manifestation of a breach of this vulnerability or not, but it is what your question made me think of and given that it is potentially a severe problem, I thought I should mention it.  The 'source' link above has links to download a Outlook Express patch that will fix this vulnerability.  If you don't have it installed already, you should probably install it right away.
0
DClaydenAuthor Commented:
It's happening in Internet Explorer though. Everytime you visit a page, it adds the MHTML bit before the URL. Where should I look to disable this?

Thanks,
Daniel Murfitt
0
LucFEMEA Server EngineerCommented:
Hello DClayden,

Most likely you have some faulty default prefixes. Here's a reg file to restore them:
http://mvps.org/winhelp2002/RepairDefaultPrefix.reg

But... those changed prefixes are normally caused by Ad/Spyware, so I suggest you to take a look here: http:Q_20975384.html and run at least a full systemscan with Ad-aware SE and Spybot S&D and to remove everything they find.

Greetings,

LucF
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

humeniukCommented:
<< It's happening in Internet Explorer though. >>
Yes, it's an Outlook Express vulnerability, but as above, it "could allow an attacker’s HTML code to run in the Local Machine security zone in Internet Explorer" ie. the kind of Spyware LucF is talking about.
0
DClaydenAuthor Commented:
I have installed XP service pack 2, and this seemes to have solved the issue. How can I close this post down?

Thanks,
Daniel Murfitt
0
humeniukCommented:
Your options for closing the questions: www.experts-exchange.com/help.jsp#hs5.
0
moduloCommented:
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.