Fix the Proxy Settings Locked by Spigot Malware

It’s the process how we fixed the browser hijacking for a user. A Spigot malware locked his IE proxy settings. We finally solve the problem by Malwarebytes.

Recently one of our customers had a strange problem. Some program locked his proxy settings. It was one kind of browser hijacking.

We could not change the proxy settings from the Internet Options dialog. There was an error message “Some settings are managed by your system administrator.

IE Proxy Settings Locked
IE Proxy Settings Locked

Our product My IP Hide failed to work because of it. It showed the error message “You are using the unencrypted regular proxy 127.0.0.1. Your real IP address may leak.

MyIPHide Not Working
MyIPHide Not Working

Reset Internet Explorer Settings

We tried to reset his Internet Explorer settings by clicking its menu Tools > Internet Options > Advanced tab > Reset. But it didn’t work. We have to try other methods.

Reset IE Settings
Reset IE Settings

Change Proxy Settings in Control Panel

Then we modified the proxy settings in the control panel. But it will be reverted to 127.0.0.1:8080 immediately.

System Proxy Settings
System Proxy Settings

However, we didn’t find any program listening on (managing) the 8080 port. It caused the browsers could not open any page.

Found the Suspect: Spigot

Then we try to find what program was changing the proxy settings. Finally, we found a suspicious program “PreferencesManager.exe” by Process Monitor.

PreferencesManager.exe
PreferencesManager.exe

That program belonged to a company named Spigot Inc. It produces many Adware and potentially unwanted programs (PUP). They compulsively redirect users to their advertiser’s sites to earn money. It will cause a lot of problems for the user’s system.

Manually Fix the Windows Registry

We removed the Spigot program YTD Toolbar from the Control Panel. But it didn’t solve the problem. The proxy settings are still locked. We tried to fix it by manually changing these Windows Registry entries which control the system proxy settings.

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

Use Anti-Virus/Malware Programs

However, it still could not solve the problem. It was too hard for us to fix all the corrupted registry keys manually. Thus We decided to use a professional tool to fix it. We tried these anti-virus programs.

  • Avast
  • 360 Total Security
  • Tweaking Windows Repair
  • AdwCleaner

One by one, download, install, run, scan, repair, reboot for each of them. However, sadly enough, none of them were able to solve the problem.

Avast Scanning
Avast Scanning

The Finisher: Malwarebytes

Finally, we find the finisher, Malwarebytes Anti-Malware. It successfully cleared the system and fixed the problem after a quick scan and reboot.

Malwarebytes
Malwarebytes Anti-Malware

Thanks to Malwarebytes, our product My IP Hide worked again.

MyIPHide Working Again
MyIPHide Working Again

Conclusion

We spent about 4 hours on trying all those methods and programs to fix the problem. It was a real pain. Next time we will directly use Malwarebytes to save time.

And we recommend Malwarebytes for all our users. The free version is a manual scanner. The paid (Premium) version provides real-time protection against malware, ransomware and malicious websites. Either one is a great tool to keep threats off your system.

Popular Proxy Software

Here are some popular proxy programs which can check proxy list or provide proxy service. We list the homepage, download link, and tutorial of the proxy software. You can use our free proxy list to test these proxy programs.

My IP Hide

My IP Hide is an enhanced proxy service which uses encrypted private proxy servers. It can help you to visit the blocked sites (such as facebook, twitter, and youtube) and protect your Internet privacy.

Download   Homepage   Tutorial

Elite Proxy Switcher

Elite Proxy Switcher is a professional HTTP proxy tester and proxy switcher. It can check the details of the proxies and automatically change the proxy of your browsers (Internet Explorer and Mozilla Firefox).

Download   Homepage   Tutorial

Socks Proxy Checker

Socks Proxy Checker is a professional socks proxy checker and proxy switcher. It can check the details of the proxies and automatically change the proxy of your browsers (Internet Explorer and Mozilla Firefox).

Download   Homepage   Tutorial

Old Proxy Software

These are some old proxy programs which are popular in 2006. Some of them already died, the others still exist.

Forum Proxy Leecher

Forum Proxy Leecher can scan topics in different types of proxy forums and extract the proxies from them and even from the accessories.

Download   Homepage   Tutorial

SocksCap

Sockscap can make programs support socks proxy. SocksCap enables the Internet applications to run through a socks server so that the server end of the application can’t know your real IP address.

Download   Tutorial

Multiproxy

It can completely hide your IP by simultaneously using several anonymous proxy servers to fetch the web pages and pictures for you.

Download   Homepage   Tutorial

Proxy Hunter

Proxy Hunter is a classical and powerful tool for scanning proxies by IP ranges. It’s a good tool for those who prefer creating their own proxy lists rather sharing others.

Download   Tutorial

JAP (JavaAnonProxy)

JAP uses a single static address which is shared by many JAP users. That way neither the visited website nor an eavesdropper can determine which user visited which website. Java Runtime Environment is required.

Download   Homepage

SocksChain

A program that allows working with any Internet service through a chain of SOCKS or HTTP proxies to hide the real IP-address.

Download   Homepage

How to Change IP Address?

Tell you how to change IP by comparing different methods and different services: proxy software, web proxy, http proxy, VPN, socks proxy and SSH proxy.

What is IP address and how to change IP address? An IP address (Internet Protocol address) is a numerical way to identify your computer on the Internet. Web sites can know much information by your IP address. For example, from your IP address, we can know your country.

How to Change IP Address

People change IP address to avoid online bans and protect online privacy. How to change IP address? Before trying any other methods to change your IP address, try turning off your Cable/DSL modem for five minutes. In many cases, this will change your IP address.

But that method can only change your IP address slightly within a small range. How to change IP address to another country? Here are some methods to change IP address completely to another one.

My IP Hide

There are many kinds of proxy software can help you to change IP. Among them, we recommend My IP Hide which supports both Windows and Mac. It uses enhanced proxy technology with encrypted connections. It’s much faster than VPN and SSH proxy. With My IP Hide, you can completely change IP address while watch youtube smoothly.

My IP Hide open blocked sites

Using it is easy. Just keep My IP Hide (MIH) running when you surf the Internet. If you exit or disable MIH, you will use direct connections. For Opera, you need to set its proxy option to direct connections manually.

Cons: My IP Hide only support browsers. If you want all your programs to go through the encrypted connection, you will need a VPN account.

Http Proxy

All the browsers (Chrome, Firefox, IE, Opera, Safari, and others) support the proxy option. When you set a proxy in the browser, the proxy will fetch the web pages for your browser. The websites regard the IP of proxy as your IP so it cannot trace your real IP. Thus the proxy helps you to change IP address.

Http Proxy List

How to use HTTP proxy in the browser? You can manually set the proxy option. We recommend using Elite Proxy Switcher to configure the proxy for your browser. The free edition is enough for you.

Where to get HTTP proxy? You can get some free proxies from our free proxy list. You can also buy proxy from us.  We check and update our proxy lists every hour.

Cons: The public HTTP proxies are unstable because they die fast. Http proxies are suitable for the users who need a lot of IP addresses but use each IP address for only several hours.

VPN

VPN is short for Virtual Private Network. It uses strong encryption to ensure that only authorized users can access the network and that the data cannot be intercepted. It’s usually used to securely connect the branch offices of an organization to its headquarters network through the public Internet. Now many VPN vendors open this service to the public. You can use it to change IP. We recommend the VPN service of Hide My Ass. Your can choose many IP addresses from it.

VPN

Cons: There are two problems of VPN. (1) If you use VPN, all the programs will use the VPN connection. You can not choose which program use VPN and which use the direct connection. (2) Because of the strong encryption, VPN is much slower than the direct connection. Here is a detailed comparison between the Hide My Ass VPN and My IP Hide.

Web Proxy

The web proxy is the easiest way to change IP. Web proxy is a website with an URL bar. Just input the URL of a blocked site into that bar and click the “Surf” button. Web proxy will fetch the web page for you showing on its own site.

Web Proxy

The problem is that web proxy doesn’t support all the sites. It uses a plugin to support youtube. But it can’t support Hulu or Pinterest. Another problem is the security issue. If you use a web proxy to visit secure sites (ex. bank or PayPal), your information may be intercepted.

Socks Proxy

Socks proxy is similar to HTTP proxy. The difference is that socks support all the Internet protocols (such as HTTP, FTP, and VoIP) while HTTP proxy only supports HTTP. So it supports more programs besides the browser. It supports Skype, Thunderbird, FileZilla, mIRC and any program/game that has a socks proxy option.

Socks Proxy List

Same as HTTP proxy, socks proxy is unstable. You can use Socks Proxy Checker to test the socks proxies before using them. The free edition is enough for you to change IP. You can get some free socks proxy here. You can also buy socks proxy from us.

SSH Proxy

SSH proxy is encrypted socks proxy. The SSH (Secure SHell) protocol is usually used to control a Linux server via a secure channel. Some program (Putty or MyEnTunnel) can convert SSH connection into encrypted socks proxy service. The configuration is a bit complicated for non-technical personnel.

myentunnel

With SSH proxy you can completely change IP. The problem is that the speed of SSH proxy is slow because of the strong encryption. There are few SSH proxy vendors. But you can find some free SSH proxy on Google.

How to use My IP Hide in iPhone?

This is a tutorial showing how use the proxy software My IP Hide in iPhone. It can help you to hide IP in your iPhone and surf anonymously.

Question: I want to know how to set it up on my iPhone to open the blocked Facebook and YouTube.

Answer: You can run My IP Hide on your Mac/Windows computer. Then use your iPhone to connect to My IP Hide to open blocked Facebook and YouTube.

1) Your iPhone and computer should be in the same LAN (WiFi).
2) Click the “Setting” button on My IP Hide
3) Go to the “Misc” Tab of the “Settings” dialog
4) You will see a Proxy IP (Server) and Port in that Tab

myiphide_misc

5) Set that proxy IP (server) and port in your iPhone

iphone_wifi

iphone_proxy

6) When you want to shut down your computer or exit My IP Hide on it, you should turn off the ‘HTTP Proxy’ option of your iPhone. Otherwise, it can’t open any web pages.

Set Firefox to Use Remote DNS

Question: How can I set Firefox to use remote DNS when I use socks proxy in Firefox? I check my DNS IP on whoer.net but it shows my own DNS IP.

Answer: You can follow this instruction to set Firefox to use remote DNS.

1) In the URL address bar of Firefox, type about:config and enter.

2) You will see a warning page saying changing the advanced settings can be harmful. Click the button I will be careful to continue.

3) Then you can see all the advanced settings of Firefox.

firefox remote dns settings

4) Search dns to find the option network.proxy.socks_remote_dns

5) Double click the option network.proxy.socks_remote_dns to set it to true

Firefox always uses remote DNS when using Http proxy. Thus you don’t need to set the remote DNS option when you are using Http proxy.

What Program Changed Proxy Settings?

Question: I’m using your program My IP Hide to change IP address. But after a few seconds, my proxy settings will be restored to direct connection. What is the problem?

Answer: It seems that some program reverts your proxy settings. Follow this instruction to find what program changed your proxy settings.

First, you need the program Process Monitor. Download it from here: https://download.sysinternals.com/files/ProcessMonitor.zip

1) Run it. You will see this dialog. Click the “Filter” button.

Monitor Proxy Settings

2) Add a filter rule. Show the entries whose path ends with “ProxyEnable”. Please type in the “ProxyEnable” by yourself.

Filter Proxy Settings

3) When your proxy settings is changed by other program. You can stop the monitor and see what program is shown there.

Program Changed Proxy Settings

In that screen shot, you can see Elite Proxy Switcher (EPS) changed the proxy settings besides My IP Hide.