BrandonOK

Ah, I will do that. Checking the login logs is also a good idea. Thanks you guys - disasters hopefully averted for now.

It's Wordpress 2.8.4. The attack (it was actually pretty minor to call an "attack") probably came after I updated from 2.8.1, must've been a week or two ago. I had the default "hello dolly" and "akismet" plugins, both inactive, but deleted yesterday when I was changing passwords. Still got & using: Defensio Anti-Spam 2.03 Simple Tags 1.6.6 Wordpress Database Backup 2.2.2 The theme is called Almost Spring, which I've modified a bit (a color here, a margin width there). Installed here: http://deeperintomovies.net/journal/ The only admin user is/was myself. I've never prope

Wow, this just happened to me, too. Yesterday (according to the date-modified) a file was changed in my Wordpress folder adding a google ad to the front page. I just deleted it, but I have no idea how to keep it from happening again. Any ideas, TCH staff? Was added to the sidebar.php file in my currently-active theme folder. Ad variables: google_ad_client = "pub-0319448003450856"; google_ad_slot = "0064722809"; google_ad_width = 160; google_ad_height = 600; Permissions on that file were set to 644 (read/write owner, read others). I've just changed my user password on wor