Avatar
Please consider registering
guest
sp_LogInOut Log Insp_Registration Register
Register | Lost password?
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Feed Topic RSSsp_topic_old
What is a CGI proxy rootkit?
Avatar
NiceTake
Member
Members
April 25, 2010 - 3:54 am
Member Since: April 24, 2010
Forum Posts: 7
sp_UserOfflineSmall Offline

Hello Everybody,
I am a newbie!who has just registered today.I want to know more information about this nasty CGI proxy rootkit which has infected my Windows XP Pro. SP2 system few months ago.I use a lot of anonymous proxies sites for surfing privately,which I believe is the source of infection.When I decided to try Hitman Pro 3.5 free for scanning my system it found this rootkit in my system,When I tried to clean,it corrupted my entire OS beyond recovery.Since I didn't have any backup,I had to format my entire drive and re-install Windows XP Pro.all over again
It would be really helpful if somebody could reveal something about this nasty malware

Thank you.

Avatar
Jim Hillier
Admin
April 25, 2010 - 6:29 am
Member Since: August 9, 2011
Forum Posts: 2709
sp_UserOfflineSmall Offline

Hey NiceTake - Welcome to the forum!!

As far as I know; CGI proxy is not generally regarded as a rootkit, nor any other kind of malware for that matter.

This from Wikipedia:

[i:3tk41gpm]CGIProxy is, as its name suggests, a CGI proxy software package. A CGI (Common Gateway Interface) proxy appears to a user as a web page that allows the user to access a different site through it.[/i:3tk41gpm]

My guess would be that the Hitman Pro software reported a false positive (or false positives). The cleaning of rootkit infections is already a somewhat dangerous mission for the less experienced user and if you went through the process of 'cleaning' everything reported by Hitman Pro (false positives and all) I can well imagine how it may have messed up the OS.

False positives are the bane of security and cleaning programs.....less experienced users tend to jump in and just delete everything reported as dangerous by security programs and anything reported as superfluous by cleaning software.....it ain't always necessarily so.

I am by no means an expert on this subject but that is my take on it anyway.

If anyone has some different ideas based on a better understanding of the subject matter I would be only too happy to defer.....and learn something along the way too.

Cheers....Jim

Avatar
NiceTake
Member
Members
April 25, 2010 - 9:00 am
Member Since: April 24, 2010
Forum Posts: 7
sp_UserOfflineSmall Offline

[quote="ozbloke":3o5dq5zh]Hey NiceTake - Welcome to the forum!!

As far as I know; CGI proxy is not generally regarded as a rootkit, nor any other kind of malware for that matter.

This from Wikipedia:

[i:3o5dq5zh]CGIProxy is, as its name suggests, a CGI proxy software package. A CGI (Common Gateway Interface) proxy appears to a user as a web page that allows the user to access a different site through it.[/i:3o5dq5zh]

My guess would be that the Hitman Pro software reported a false positive (or false positives). The cleaning of rootkit infections is already a somewhat dangerous mission for the less experienced user and if you went through the process of 'cleaning' everything reported by Hitman Pro (false positives and all) I can well imagine how it may have messed up the OS.

False positives are the bane of security and cleaning programs.....less experienced users tend to jump in and just delete everything reported as dangerous by security programs and anything reported as superfluous by cleaning software.....it ain't always necessarily so.

I am by no means an expert on this subject but that is my take on it anyway.

If anyone has some different ideas based on a better understanding of the subject matter I would be only too happy to defer.....and learn something along the way too.

Cheers....Jim[/quote:3o5dq5zh]

Thank you ozbloke for your reply.

Yes I am aware of CGIProxy.I also think Hitman Pro 3.5 free may have revealed a FP about CGI proxy too.Alas I found the dangers of cleaning a rootkit and about rootkits only after this incident.Too bad that Hitman free didn't have the feature to submit FP's to them.
Being a less experienced,it wasn't wise on my part to clean the suspected rootkit,but I guess that's the price I had to pay being a little paranoid about security.I have definitely become more aware and knowledgeable after that incident

Yes I would like to know others view on this subject too

Forum Timezone: America/Indiana/Indianapolis
Most Users Ever Online: 2303
Currently Online:
Guest(s) 59
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Chad Johnson: 867
Mindblower: 681
carbonterry2: 356
Flying Dutchman: 278
grr: 211
Member Stats:
Guest Posters: 11
Members: 3231
Moderators: 7
Admins: 3
Forum Stats:
Groups: 8
Forums: 20
Topics: 1956
Posts: 13572
Newest Members:
Toastmaster, smartwindows, instaproapk, mousetesteronline, keshamatt
Moderators: Carol Bratt: 67, dandl: 740, Jason Shuffield: 1, Jim Canfield: 8, Terry Hollett: 0, Stuart Berg: 0, John Durso: 0
Administrators: Jim Hillier: 2709, Richard Pedersen: 212, David Hartsock: 1117
Scroll to Top

WHY NOT SUBSCRIBE TO OUR NEWSLETTER?

Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!