26
All normal again ? Are You sure ?
I would in case of such an event, not only delete the changed files. How do you know, btw. WHAT the HaCKorZ have EXACTLY done ?
Logfiles analyzed? Checked for RootKits? Checked SUIDs, IDs, checked Ports etc.?
Most often the HaCKorZ leave themselves a backdoor, if possible and an autorooter used. This is one cause for these 'shame' Redefacements.
BTW. seems that these guys have 'nuked' again most php-Nukes's and clones. Maybe again some injections or exploit, but not gone so far yet.
See
http://www.zone-h.org/en/defacements and for these guys
http://www.zone-h.com/en/defacements/filter/filter_defacer=Ir4dex/ and after reupsetting their sites (the defaced ones) what you see php-Nuke.s and Clones ...
But i would normally take EXTREM care what's up with your account, maybe even reinstall. Call me paranoid :)
Just my 2cents.