A clients wordpress sight was hacked. A large images that said "Follow Me On Twitter" and twitter.com/andreapernici" was replacing all the images on the site.
Looks like the user got access via hacking an admin account.
The problem is, how ever he rigged the system, the images in the wordpress interface are also corrupted with this twitter image, stretched to many sizes. It's chopping up the interface, the WSYWIG buttons.
I have deleted all the files and begun a fresh instal of 3.01, but the corrupted source images are even in the initial installing processes. Before the site is created I can see pieced of the twitter image inside the buttons.
Any help, or points to places where I can clear this out.
Where are those bitmaps for the WP interface held? And if I have done a clean install how are they still there?
Most of my WP sites are fine. But this one is a mess.