btw, gobanana’s suggestion of fixing the .htaccess will solve your problem. jsut make sure you fix the .htaccess in the root of your site. Our second WordPress install was in a subdirectory so the .htaccess in there was clean but we were still being redirected.
Hmmm, uddhava, by any chance did you use Installatron to automatically install WordPress? I just installed a fresh wordpress v3.2.1 using Installatron and when I try to install the podpress plugin, it redirects to the malicious domain you noted earlier.
We also found a _wp_cache.php file in the same directory as sm3.php. It appears to use the eval gzinflate base64_encode PHP obfuscation trick.
We found references in _wp_cache.php to crackfor.me and hashcracking.ru and /tmp/bc.pl but we are still picking through the code.
