Shoutbox

quote:

---

Originally posted by djdannyp
also try resetting all the advanced settings, etc

Delete all browsing history/temporary files/cookies/downloaded program files (Tools->Internet Options)

---

One of these has done it, in spite that i did those things from the begning and before trying to use any AV or anti spyware, but now for some reason it worked it out.

Thanks to all who contributed in this thread.

quote:

---

Originally posted by zaher1988

quote:

---

Originally posted by djdannyp
also try resetting all the advanced settings, etc

Delete all browsing history/temporary files/cookies/downloaded program files (Tools->Internet Options)

---

One of these has done it, in spite that i did those things from the begning and before trying to use any AV or anti spyware, but now for some reason it worked it out.

Thanks to all who contributed in this thread.

---

Okay i withdraw what i said.

This seemed either to fix it temporary or never fixed it, because just today, a day or two after applying this i'm again faced with the same issue even though i'm not browsing any suspecious site so that i catch the spyware again.

Try to disable any IE add-ons (Tools->Manage Add-ons). 

Other than that, it is safe to say that you have acquired malware of some sort.  If no antivirus and antispyware product will find and remove it (which is possible -- there's always something new out there), then you may just have to reinstall Windows clean.

there are two weird addons one is called capesnp.dll another called Research, both with no publisher mentioned.

The "Research" add-on usually comes from Microsoft Office, in which case it is safe.  However, you can disable it anyway, as it is only required for the research pane nobody uses.

The other one is definitely malware trying to disguise itself as a system file.  The Windows system DLL of similar name is capesnpn.dll and it's not a BHO.   Disable it and see if that fixes your problem (at least for a while -- malware often manages to come back).

I've been experiencing the same thing here since Sept 27.  Went thru all of the suggestions found all over the internet (not many because this, I think is a relatively new malware) including SmitFraudFix.  Finally, as a result of Adeptus's fine suggestion, I started disabling all of the unsigned or un-verified publisher add ons on MSIE.  This worked!  Then I started re-enabling them one by one to see if I could zero in on the culprit.  For me, it was a file called ACTXPRX.DLL    Anyway, for now, I am not being hijacked by 201.218.196.152   Good Luck....Thanks Adeptus!

Oh, by the way, the problem was unique (of course) to MSIE.  Never had the problem when running other browsers (Firefox), which I need to do because I'm a web developer.

Firefox doesn't have BHOs, which is why its not vulnerable.

I can confirm so far after searching for couple of days without being redirected that disabling the addon called capesnp.dll solved the problem.

The file is in system32, i just wonder why no program was able to identify it as something wrong. Anyway i guess it is safe to manually delete the dll file from there.

Thank you again