Can WordPress Backup Spread Malware

I’ve found exporting XML file (Tools > Export > All) as an additional backup. Caveat is that you will lose the plugin and widget settings you had in previous install. Then again, it’s easier to find the malware in XML files and clean up than in SQL.

WampServer is pretty simple. You install it on your PC (it’s a freeware), just like a simple software. Then go to its folder (on Windows, it’d be on: C:\wamp), open the subfolder “www” and add there the wordpress folder. Start Wamp and open localhost. Go to phpMyAdmin and create a database (dont forget to set wp-config file with the informations of this database you created).

Go back to your localhost index page. You’ll see listed the WP folder you did add, click on it. It’ll open WP installation on your browser. Install it. Go back to localhost index page and go to phpMyAdmin once more. Delete all entries from the database. Make a copy of your WP backup (the one that was infected), adapt it as necessary (changing your domain url for your localhost url) and save it. Import this copy of the backup through phpMyAdmin.

Go back for your localhost index page. Click on the wordpress folder and voilà… You’ll have your blog running on your PC.

The whole thing, from installing Wamp and importing your backup, cant take more than 15 minutes from your time.

As easy as that.
Btw, having Wamp is great for a number of things, such as testing plugins and new versions of WP before installing them into your real blog.