Recently one of our customers had a strange problem. Some program locked his proxy settings. It was one kind of browser hijacking.
We could not change the proxy settings from the Internet Options dialog. There was an error message “Some settings are managed by your system administrator.“
Our product My IP Hide failed to work because of it. It showed the error message “You are using the unencrypted regular proxy 127.0.0.1. Your real IP address may leak.“
Reset Internet Explorer Settings
We tried to reset his Internet Explorer settings by clicking its menu Tools > Internet Options > Advanced tab > Reset. But it didn’t work. We have to try other methods.
Change Proxy Settings in Control Panel
Then we modified the proxy settings in the control panel. But it will be reverted to 127.0.0.1:8080 immediately.
However, we didn’t find any program listening on (managing) the 8080 port. It caused the browsers could not open any page.
Found the Suspect: Spigot
Then we try to find what program was changing the proxy settings. Finally, we found a suspicious program “PreferencesManager.exe” by Process Monitor.
That program belonged to a company named Spigot Inc. It produces many Adware and potentially unwanted programs (PUP). They compulsively redirect users to their advertiser’s sites to earn money. It will cause a lot of problems for the user’s system.
Manually Fix the Windows Registry
We removed the Spigot program YTD Toolbar from the Control Panel. But it didn’t solve the problem. The proxy settings are still locked. We tried to fix it by manually changing these Windows Registry entries which control the system proxy settings.
Use Anti-Virus/Malware Programs
However, it still could not solve the problem. It was too hard for us to fix all the corrupted registry keys manually. Thus We decided to use a professional tool to fix it. We tried these anti-virus programs.
- 360 Total Security
- Tweaking Windows Repair
One by one, download, install, run, scan, repair, reboot for each of them. However, sadly enough, none of them were able to solve the problem.
The Finisher: Malwarebytes
Finally, we find the finisher, Malwarebytes Anti-Malware. It successfully cleared the system and fixed the problem after a quick scan and reboot.
Thanks to Malwarebytes, our product My IP Hide worked again.
We spent about 4 hours on trying all those methods and programs to fix the problem. It was a real pain. Next time we will directly use Malwarebytes to save time.
And we recommend Malwarebytes for all our users. The free version is a manual scanner. The paid (Premium) version provides real-time protection against malware, ransomware and malicious websites. Either one is a great tool to keep threats off your system.