How To Fix The WordPress Worm

I dated this post since apparently the worm morphs as technology develops to stop it’s attack. So what is true for today may not be true for tomorrow. Right: the worm is on the loose. I noticed the alerts two days ago and began checking my blogs. This one was already infiltrated.

You can tell if you are diseased because the links don’t work and there is an administrator for your blog that you never added. You can tell when you check in your admin panel and see there is number greater than the admins you have authorized. The article at this link Click Here was helpful to me confirming the problem but I could not duplicate the fix the author was suggestion.

I found this article Click Here and actually it was the key for the solution for me. I did not seem to have the bad permalink code mentioned in article one but the links were a problem. I soon fixed those by defining my original permalink structure and my links started to work.

I called a tech friend of mine and he came over and we ran registry cleanup software and malicious spyware detector programs. He said he nuked all that was there and my system was clear to go. Well admin no 2 was still there, we could see him and part of his name was Obama. I am making not blaming the current person who was elected as President at all. I am just reporting on a portion of the name used by this worm.

So the brain trust problem solvers were stuck. Later I remembered article two above and said I am going to test a reinstall. Now that is totally scary since you are talking about starting with a clean slate – a really clean slate. My slate was never that clean after having been to the confessional as a child many times at the encouragement of my mother “you will go to confession young man or you will not be eating dinner in this house tonight” There were some appealing parts to my mom’s threats.

I selected a throw away blog. One that was a good idea at the time but lost appeal. Kinda like someone you meet at 2AM in the morning. With that blog I tested the nuke and rebuild approach. It worked.

Key Points:

You must use the WordPress backup and export to file features

I verified this worked by creating a duplicate first before nuking the original. You can see the duplicate at http://stevepohlit.com/stevereports.

When you export the content here is what is not included  and so you need to have a record of this :

your links

you will find the first post and a duplicate about page is created. You will see them if you look and delete them

If you are using widgets like I am here you need to copy the code for the ones you are using. I mean the ones where you are using ads, facebook widget, twitter widget, rss feed widget etc.

Notice at http://stevepohlit.com/stevereports that there is one widget that is not functional. This is the Google Friend Connect Widget which is site specific. I did not correct this on the duplicate.

Sharing with all my readers the energy of peace, happiness and abundance

Steve Pohlit

Contact Information

Buseiness Consulting, Executive Coaching
International Business Resources

Social Media Services
New Digital Media, Inc.

727-587-7871
Email

Follow Me and I Follow You http://Twitter.com/BuildProfits

FREE Report:
How To Increase Business Profits by 30% or More in 90 Days or Less

Connect with me on Facebook Click Here

About: Steve Pohlit is a CPA,MBA and has been the CFO of several major domestic and international companies.  Steve is business owner and an expert business consultant, direct response and social media marketing  and social networking security expert . Steve is  focused on helping companies improve their business performance. All articles published by Steve unless specifically restricted may be freely published with this resource information.



2 thoughts on “How To Fix The WordPress Worm”

Leave a Reply

Your email address will not be published. Required fields are marked *