mySQL, phpMyAdmin, svchost.exe trojan
Posted: 13. September 2009 16:37
I have Xampp 2.7.1 installed on my Windows XP home computer for website development. The installation went flawlessly and I was having no problems. I run Avast! anti-virus and Comodo firewall for protection. I also use DYNDNS to provide access for my clients to the websites I am developing for them.
This morning I found a screaming message from Avast saying it had found Win32:Bifrose-DPA [Trj] in E:\webserver\phpmyadmin\svchost.exe. I took the recommended action of quarantining that file. Now I appear to have lost complete access to phpmyadmin. When I point my browser, I get the following error message:
Is svchost.exe required for either of these apps? How can I repair this installation? I've attempted to troubleshoot this problem short of taking svchost.exe out of quarantine. Is it possible that this was a false positive?
This morning I found a screaming message from Avast saying it had found Win32:Bifrose-DPA [Trj] in E:\webserver\phpmyadmin\svchost.exe. I took the recommended action of quarantining that file. Now I appear to have lost complete access to phpmyadmin. When I point my browser, I get the following error message:
I then tried to open MySQLAdmin and got an access error for libmysql.dll.Error
MySQL said:
#1045 - Access denied for user 'root'@'localhost' (using password: NO)
Connection for controluser as defined in your configuration failed.
phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server.
Is svchost.exe required for either of these apps? How can I repair this installation? I've attempted to troubleshoot this problem short of taking svchost.exe out of quarantine. Is it possible that this was a false positive?