Hi guys, Ive been running a news publication site/blog for awhile now.. This is the second time I have been hacked.. Public HTML is the folder thats been hacked, first time it was shut down for phishing, this time it was spamvertisement. I am losing business here. I have been using all of the reccomended security plugins.. Block Bad Queries Bulletproof Security Chap Secure Login Login Lockdown Ultimate Security Checker WP Security Scan I've also fixed timthumb vulnerability Now last time this happened I went into R1 Soft and got one of my backups.. the past two days of backups had in the public html folder a bunch of new folders with random strings... and then i found a clean one (assumed it was clean) then I upped my security. This time, I went through the R1 soft backups again, and like before todays and yesterdays public html were filled with random stringed folders with html pages inside of them. Only this time I went through all of the R1 backups, even the one a week ago has a folder named "2c5cf4" with an html inside of it, all the other folders are gone but im assuming that folder as well is mallicious - so I now have no safe backups.. How can I fix this, and how can i prevent this from happening again... I have a family member dying and I really dont have the time or the energy to be dealing with this right now Are they getting in through htaccess? can i prevent that? Also Im using a w-p-zoom theme that I got from these forums If it matters the inside of my public html looks like such _private _vti_bin _vti_cnf _vti_log _vti_pvt _vti_txt 2c5cf4 cgi-bin images wp-admin wp-content wp-includes .htaccess _vti_inf.html error_log index.hawkhost index.php license.txt postinfo.html readme.html wp-activate.php wp-app.php wp=atom.php wp-blog-header.php wp-comments-post.php wp-commentsrss2.php wp-config-sample.php wp-cron.php wp-feed.php wp-links-opml.php wp-load.php wp-login.php wp-mail.php wp-pass.php wp-rdf.php wp-register.php wp-rss.php wp-rss2.php wp-settings.php wp-signup.php wp-trackback.php xmlrpc.php zend_ioon_index.php and that is from my R1 backup from about a week ago. please help if you can, ill give you a hug or something.