>>>
>>>How the malicious script got into your page?
>>
>>I don't know. I would not added this type of a long script if my life depended on it <g>. The hosting company support person said that either someone hacked into my account (and he suggested I change my user name and password); or one of the computers I use for connecting to the site (I use CuteFtp) could have had the virus. I only use one computer (this one) where I have Avast installed. I will do a full scan tonight to see if Avast will find something. And I am also thinking about purchasing a commercial AV software, in addition to Avast. Actually yesterday I bought SpyBoot AV/Firewall software for my daughter's computer. Today is the 2nd day and she has not caught any virus on her PC yet <g>. She actually had Avast installed on her PC but it did't prevent her from catching some Trojan (from one of the music download sites).
>
>If your site runs certain software such as phpBB, it may have become infected through a vulnerability. If you don't fix the vulnerability you'll just get infected again:
>
>http://it.slashdot.org/it/08/03/17/2358207.shtml
>
>There have been several cases of mass exploits lately.

As far as I know my site does not run phpBB software (I don't even know what it is). My site is designed in 100% ASP.NET 2.0. But it could be that some of those who create the malicious scripts got into my site some other way. I just don't understand why "they" do it? What do they gain by it?