This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you'll find help at the WordPress.org forums.

If you don't understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

If you forgot to include a link to your blog, you can reply and include it below. It'll help people to answer your question.

This is an automated message.

I've read instructions on this subject, which I found here at FAQ My Site Was Hacked and some of the linked posts. I've changed the password both on iPage and on WordPress, as well as the secret key. Now I'm not sure what to do. I know that I should update my version of WordPress, but beyond that I'm not sure.
I do not have any pre-hack files of my SQL databases. iPage's "Backups and Restore" tool explicitly says "You will not be able to use this tool to automatically restore SQL databases." I have a few other questions:
1. Would it be too complicated just to copy the html code of my posts, delete everything, and then start building over again by pasting the posts to their respective days?
2. Are the hackers' codes usually hidden in the posts themselves or in the themes?
3. Just how useful is the "Backups and Restore" tool anyway?