I'm hosting a friend's WP install (at Dreamhost shared), and a couple of days ago, he called me to say the site would read: "Error establishing a database connection".
While looking up into it, I saw that three different WP installs under that same friend's account had been "Pharma hacked". The two others were still running though.
Then someone at Dreamhost saw that wp_options table was missing in the broken install. The only hints I have is that they were able to successfully edit a couple of posts about 5 days ago, and Google analytics says the site was still running 3 days ago, then nothing from two days ago. No FTP, no upgrade, no ssh in months before my looking it up yesteday.
Unfortunately, I wasn't able to restore Dreamhost's backup of the database, for some reason; I tried overwriting, restoring new tables with timestamp prefix, to no avail (just can't see any restored tables in phpMyAdmin whatsoever; awaigin an answer from DH).
Here are my questions:
1/ How would that happen? Not the Pharma hack alone I'd say, since the two other installs are still running.
2/ I saw this thread here with the same thing. Now is there a way I can try and put it back up without this friend having to rebuild the site from scratch...? For example can I try and create a new db, then dump all tables other than wp_options from the current one? Can I try and create a wp_options table manually (he's got a few plugins installed though)?
I'e been going through the process described here to clean infected php files; obviously, I can't clean wp_options...
Of course, this is happening at the worst time for him...
Many thanks for your help.
PS: don't know whether that will be a hint, but the current WP database is 4MB, while DH's (3 and 5 days ago) backups are 300KB and 500KB. I've got an sql dump of the current version.