Need help? Check out our Support site, then


extract post text from xml

  1. 1. want to empty site of all content.
    2. want to retrieve malware-infected post content, and repost safely
    i hosted my wordpress site. it got infected with malware, so i exported the site as xml and took down the site. i'd wanted to retrieve my posts and safely repost the content. so i created a wordpress.com site and imported the xml. didn't work. malware came with it. suggestions to safely empty my wordpress.com site and safely post content only, even plain text w/ xml tags stripped out?

    The blog I need help with is foodinthelibrary.wordpress.com.

  2. I'll tag this thread for Staff assistance. Please subscribe to the thread so you are notified when they respond and please be patient while waiting.

  3. thank you!

  4. You're welcome.

  5. Have you tried checking the file with a Anti-Virus program? Worth a try.

  6. I scanned the files I pulled down from my site via FTP, using ClamXav. It's a carnage of 738 rows showing Trojan.PHP-33 FOUND
    e.g. /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-content/plugins/wordpress-automatic-upgrade/js/wp-wpau.js.php: Trojan.PHP-33 FOUND

    However, scan of the XML file export of my site with ClamXav is clean.
    /Users/Jason/Desktop/foodinthelibrary.wordpress.2013-09-21(1).xml: OK
    ----------- SCAN SUMMARY -----------
    Known viruses: 2854187
    Engine version: 0.98
    Scanned directories: 0
    Scanned files: 1
    Infected files: 0
    Data scanned: 0.68 MB
    Data read: 0.30 MB (ratio 2.22:1)
    Time: 6.034 sec (0 m 6 s)

    I incorrectly assumed this meant this XML was clean, and good material to relaunch my content by uploading to a fresh wordpress.com blog.

  7. so i created a wordpress.com site and imported the xml. didn't work. malware came with it.

    On what post or page do you encounter this issue?

    You can quickly remove your contents by deleting them in bulk. Alternatively, we can empty the whole blog for you, but that will remove all data including posts, pages, tags, categories, comments, and uploaded files. Once deleted, the data cannot be recovered.

    If you are sure you want to proceed, please reply to confirm the name of the blog you want us to empty.

  8. hi kardotim,
    i saved all the rows from the clamXav-scan.log.1.log that show Trojan.PHP-33 FOUND. There are over 700 rows. I will paste the first 50 rows of the list into this post. happy to send the rest as a file.

    If this is too great a problem to deal with, and it's ok to empty the blog, i have the site contents as an xml file.

    the name of the library is http://foodinthelibrary.wordpress.com/

    thanks,

    jason

    rows containing notice of problem found:
    /Users/Jason/Sites/hacked.foodinthelibrary.com/index.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/index.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/admin-ajax.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/admin-footer.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/admin-functions.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/admin-header.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/admin-post.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/admin.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/async-upload.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/bookmarklet.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/categories.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/comment.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/custom-header.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-attachment-rows.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-category-form.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-comments.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-form-advanced.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-form-comment.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-form.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-link-categories.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-link-category-form.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-link-form.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-page-form.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-pages.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-post-rows.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-tag-form.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit-tags.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/edit.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/export.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/gears-manifest.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/blogger.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/blogware.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/btt.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/dotclear.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/greymatter.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/jkw.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/livejournal.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/mt.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/opml.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/rss.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/stp.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/textpattern.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/utw.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/wordpress.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import/wp-cat2tag.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/import.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/includes/admin.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/includes/bookmark.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/includes/class-ftp-pure.php: Trojan.PHP-33 FOUND
    /Users/Jason/Sites/hacked.foodinthelibrary.com/wordpress/wp-admin/includes/class-ftp-sockets.php: Trojan.PHP-33 FOUND

  9. The blog has been emptied as requested.

    Note that those error messages are referring to a blog hosted on your local computer, not the one on WordPress.com.

    Feel free to re-import your content, or send us the export file by e-mail so we can do it for you.

    Thank you.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.