35
yeap i'm a good guy as far as I know
and abctyping.com is one of 3 XOOPS 2.0.5.1 sites I have, the other 7 sites that were affected too are not XOOPS based, but all index.html and index.php where replaced too.
so far I have cleaned one XOOPS site:
http://naccion.org .. I had to replaced every single index.php/index.html in directories and subdirectories that had it. I noticed thou that subdirectories which didn't have either file where not affected.. that is an indication that such hacke/virus didn't replicate a copy into those folders.
I was thinking to complete eliminate those files which the purpose basically it's to make them browsable though http but are not necesary in case one decide to delete them.