Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
As you know, you’ve been hacked so give the normal reading list a look.
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/
I have local saves of my websites so I believe that I will only have to delete and replace all the files by my saved copies… even if it will be a huge work. Correct?
After you’ve cleared all your files with an AV scanner, yes. BUT don’t restore any files that you can get from the source such as plugins, themes, and most especially the WordPress files.
BUT I have a question… Do you know if the virus changes the permissions on the different dir and files?
Why chance it? Set your files and directories to the normal permissions.
http://codex.wordpress.org/Changing_File_Permissions#Permission_Scheme_for_WordPress
I have noticed that the virus has also added code to index.html and other html files at the root of some dir…
Yep, that’s what malware scripts do.
Other question… […] But should I reinstall all my system?
I would hesitate to accept advice for PC virus infection issues on a WordPress forum. 😉 For that, seek help elsewhere.
But should I reinstall all my system?
If you have a good anti-virus software you shouldn’t have to do that.
Have your av do the deepest scan it can of the system.
Thread Starter
Kapi31
(@kapi31)
Hello!
Thanks for the quick reply.
I have read the “standard” recommendations.
I will then change all the pwd (MySql, admin, users…).
I was thinking to ask my ISP to restore everything on March 12th… as the issue ocurred on March… I have only detected the real problem on March 16th. It’s a professional ISP. Do you want to laugh? I don’t… 🙁 The retention is only for 24 hours!!!
On my local PC I have the full sites saved before this date… so I could manually changed everything… But there could be a human error… and it’ll be SO fastidious!!! So I believe the best thing to do is to upgrade my current WP installs to the latest one… but need to check with my ISP the version of my SQL they support.
About my AV… it’s the latest version of McAffee… but once again to be sure I’ll perform the site maintenance operations from another PC.
I have asked my ISP about the database as I have no idea if it has been affected.
Normal permissions rights… Could you remind me what they are? I know for some plugin like mailpress they should be writable…
Once again, many thanks for your support.
Thread Starter
Kapi31
(@kapi31)
Hello!
I have reinstalled 3 of 5 web sites.
With the 4th I’ve got this error:
Fatal error: Call to a member function add_rewrite_tag() on a non-object in /usr/home/v2232/html/wp-includes/taxonomy.php on line 289
Could anyone let me know how to fix this issue?
Many thanks!
Thread Starter
Kapi31
(@kapi31)
Thanks for your help and your advices.
Everything has been restored.
