Hi,
I applied the automatic fix of the infected files, and changed my admin username as recommended.
The website now gives me Internal Server Error, http code 500, and serves up an empty (zero bytes) response body.
The WP administration panel still works, I installed a debug plugin and enabled debugging in the config file, but it gives me no errors, presumably because WP never gets started (?).
I have cleared out all cookies, checked MySQL via admin panel (it seems ok).
Running WP 3.3.1
Any help appreciated!
I investigated further, and found that one of the quarantined files had not been fixed, it still had a big chunk of heavily obfuscated code in it. I assumed it was malware and removed it, it seems to have fixed the problem. Now checking other quarantined files.
I still am not sure how the plugin reports that the site did not break, when in fact the homepage returned an internal server error.
Thanks
kris
After the fix it loads the wp-admin in that framed window, if the wp-admin loads tht means the WordPress bootstrap was not broken. Theme files are often infected and con sometime be broken when they are hacked (if the hack was done poorly), or when the hack is removed (if the removal was not complete and thorough).
Can you send me the threat that you had to remove yourself? If my plugin could have removed that whole threat when you ran the fix then this would not have happened.
