2.9.2 site hacked

[email protected] . . . is NS even aware that some end users can’t even log into their account File Manager and are getting a user id and password incorrect prompt?

my wordpress blog is not the same

the dashboard is messed up

i clicked on the 4 column button and refreshed the page and it fixed the dashboard but the post dashboard and comment dashboard is still messed up

how can i fix it

@dd — thank you so much!! I ran that on both of my wordpress sites and they’re totally clean… even that one script that I couldn’t seem to find anywhere.

thank you!

helpme11: Try this script: https://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html

Steve D: They are (I few people contacted them already).

what the is a script!!

run in the park

im not running …… to try

@helpme11: Stop repeatedly bumping posts and calm down. People are trying to help you. I suggest you listen very closely to the advice that they are trying to give you.

I’m not bumping this post, but I am having the same problem as @helpme11.

As soon as I can regain access to my files I’ll post the results.

im totally calm… oh sorry.

who are they??? who are you referring to. Who should i take advice from they?

Is there an expert in here please who can let me know what i have to do in steps.. please dont redirect me to another page.. or link.

step one
step two

etc

thank you.

btw what is bumpin? sounds sexy.

@gdhosting Thank you. I filed my information for the security team. I may also take a look at the apache logs from this morning.

i have a friend who has helped me with wordpress all along. so he will be home shortly … and he will let me know how i get my dashboard back.. and fix the mess in wordpress… i will stay loged in and as soon as he advises me on what he will do for my sites – i will post it up here to help everyone else.

@dd,
Thanks a bunch for that script. That really helped.
Matt

Clean Here. Now that that’s established can someone link me to a tutorial about how to run these cleaning scripts. It’s obvious I’m going to have to learn to do this next. May as well confront it and get busy learning. They don’t teach this stuff in sales and marketing.

my dashboard is all messed up..!!!! AND,

i just noticed when i log into the wordpress login link

i noticed “Looking up https://indesignstudioinfo.com/ “

“Looking up https://indesignstudioinfo.com/ ” shows up quickly in the bottom left of the screen and then quickly disappears.

i did a who is for https://indesignstudioinfo.com/ and look what i found..

Domain name: indesignstudioinfo.com

Registrant Contact:
HardSoft, inc
Hilary Kneber
7569468 fax: 7569468
29/2 Sun street. Montey 29
Virginia NA 3947
us

Administrative Contact:
Hilary Kneber
7569468 fax: 7569468
29/2 Sun street. Montey 29
Virginia NA 3947
us

Technical Contact:
Hilary Kneber
7569468 fax: 7569468
29/2 Sun street. Montey 29
Virginia NA 3947
us

Billing Contact:
Hilary Kneber
7569468 fax: 7569468
29/2 Sun street. Montey 29
Virginia NA 3947
us

DNS:
ns1.oklahomacitycom.com
ns2.oklahomacitycom.com

Created: 2010-05-06
Expires: 2011-05-06

look at wp-content/themes/sem-reloaded/ (anything with that datestamp
me: where do i go to see that ..
friend: You’ll see base 64 code at the top of each script. It’s all been hacked.
ftp
It’s not part of WP.
use an FTP client to get to your serve

( i have no idea what my friend will do to get rid of the script )

i will find out and post here for everyone to know.!!