IE6 "Security Flaw Exploit" Redirect

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Recently, I've been getting a popup on some websites, informing me that I
shouldn't open a certian webpage due to a "security flaw" that can be
exploited.

When I check the listed "flaw" at Secunia, it tells me that it is a buffer
overload flaw that does not effect IE6 with XP SP2, which I have. If I click
"No" on the popup, my browser just becomes a blank page. If I click "Yes", it
attempts to redirect me to Maxthon (at least I think it's a Maxthon
site...s1.maxthon.net), via a MyIE redirect page, but never connects. I've
got a .jpg screenshot of the popup, but I don't know if pics are allowed on
this forum, so I haven't posted it.

Now, if my system specs shouldnt have this "flaw", according to the website
that the reported flaw is listed on...Secunia...why would it pop up at
various times, including the MSNBC site as of this morning? I'm starting to
think it's a redirect trojan of some sort, attempting me to download
Maxthon's IE-shell browser.

Is there anyone else that has experienced this problem and if so, how did
you fix it? Any help would be appreciated, as it's starting to occur on more
and more websites...now, it's on MSNBC, which is one of my favorite news
outlets.
 
Steve G said:
Recently, I've been getting a popup on some websites, informing me that I
shouldn't open a certian webpage due to a "security flaw" that can be
exploited.

When I check the listed "flaw" at Secunia, it tells me that it is a buffer
overload flaw that does not effect IE6 with XP SP2, which I have. If I
click
"No" on the popup, my browser just becomes a blank page. If I click "Yes",
it
attempts to redirect me to Maxthon (at least I think it's a Maxthon
site...s1.maxthon.net), via a MyIE redirect page, but never connects. I've
got a .jpg screenshot of the popup, but I don't know if pics are allowed
on
this forum, so I haven't posted it.

Now, if my system specs shouldnt have this "flaw", according to the
website
that the reported flaw is listed on...Secunia...why would it pop up at
various times, including the MSNBC site as of this morning? I'm starting
to
think it's a redirect trojan of some sort, attempting me to download
Maxthon's IE-shell browser.

Is there anyone else that has experienced this problem and if so, how did
you fix it? Any help would be appreciated, as it's starting to occur on
more
and more websites...now, it's on MSNBC, which is one of my favorite news
outlets.
Click to expand...

You have an infection.
Do a thorough check for malware, following all of the steps at one of these
Web pages.
Help with malware:
All MS-MVP Sites.
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://www.elephantboycomputers.com/page2.html#Removing_Malware
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/darnit.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm

Unexplained computer behavior may be caused by deceptive software.
http://support.microsoft.com/kb/827315

So How Did I Get Infected Anyway?
For quite a few people it's by installing Messenger Plus, whose ads for
malware don't identify the malware as such and try to convince you that you
owe it to the author. See also:
http://www.wilderssecurity.com/showthread.php?t=27971
Don't ever do a "default" install of anything. Always choose Custom and see
what else is being carried along. Don't install any extras you're not sure
of.
 
Back
Top