PUM.Optional.ProxyHijacker is Malwarebytes' detection name for a potentially unwanted modification (PUM) in the Windows registry where the proxy server address setting is set to redirect Web requests back to127.0.0.1. Effectively this intercepts and provide the option to alter web content.
The following registry value data are modified:
Under
HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Internet Settings
From:
ProxyServer={user-defined server IP}:{user-defined port number}
To:
ProxyServer=127.0.0.1:{random port number}
Under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Internet Settings
From:
ProxyServer={user-defined server IP}:{user-defined port number}
To:
ProxyServer=127.0.0.1:{random port number}
Under
HKEY_CURRENT_USER\System\CurrentControlSet\Services\
NlaSvc\Parameters\Internet\ManualProxies
From:
ProxyServer={user-defined server IP}:{user-defined port number}
To:
ProxyServer=127.0.0.1:{random port number}
Under
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
NlaSvc\Parameters\Internet\ManualProxies
From:
ProxyServer={user-defined server IP}:{user-defined port number}
To:
ProxyServer=127.0.0.1:{random port number}
Malwarebytes can modify this registry value data back to its Windows default setting without user interaction.
Also, we advise users to do a full system scan as PUM.Optional.ProxyHijacker could have been added to the system by malware or PUP.
When a Potentially Unwanted Modification (PUM) is detected on your computer, Malwarebytes for Windows does not know whether it was authorized. Optimization software, malware, and Potentially Unwanted Programs (PUPs) are known to make these types of changes, hence they are regarded as potentially unwanted by design. To have Malwarebytes for Windows ignore a PUM, you must add the PUM to the Allow list. Here’s how to do it.
Select your language