Elsewhere I have warned about DNS manipulation being the main new trend in malware proliferation and this is growing into a main attack line.
In your case consider this: http://intodns.com/openx.net From there:

Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems! aus1.akam.net asia3.akam.net ns1-208.akam.net
WARNING: SOA MNAME (ns1-208.akam.net) is not listed as a primary nameserver at your parent nameserver!
Your SOA EXPIRE number is: 2678400. That is NOT OK
This is an ongoing story: http://support.clean-mx.de/clean-mx/viruses.php?domain=openx.net&sort=ns5%20desc Google browser does not even let me search r dot openx dot net queries...blocked (searchengine security extension in Google Chrome blocks) Some goodies from there: https://www.virustotal.com/en/domain/r.openx.net/information/ and even file infectors like VIRUT - say bye bye to your computer.... :o See the delayed Scranton, USA results: http://check-host.net/check-dns?host=r.openx.net See: https://ip.robtex.com/173.241.240.7.html and http://support.clean-mx.de/clean-mx/viruses.php?ip=173.241.240.7&sort=first%20desc (https://urlquery.net/queued.php?id=46778594) See: ET WEB_CLIENT Possible HTTP 500 XSS Attempt (External Source) in https://urlquery.net/report.php?id=4960967 Read Will Metcalfs musings on the IDS here: http://seclists.org/snort/2010/q4/319 Browser cursor manipulation due to lack of input/output validation and server hardening is obvious here! Probably that is what was taken place inside your IE browser at the time!

How they attacked: http://support.clean-mx.de/clean-mx/view_virusescontent.php?url=http%3A%2F%2Fr.openx.net%2Fset%3Fpid%3D21a19823-5de3-4917-bc81-a4edea5127ff%26amp%3Brtb%3D4255378259941066298%26amp%3Bcc%3D1

Compare this info with your experiences and we can continue our investigations from that point.

polonus