Hi All, I have a question for all you bright people. We were hacked over the weekend by one of those chinese honker wankers. We're a freaking Australian site nothing to do with the USA or China and the mongrols still had a shot at us. I think its because our address is just ".com" and hence the bright honkers assumed it was US. Anyways I found how they hacked in and closed the door but they've done something to our IIS (5) service. As soon as you start the website it replaces all the index and default pages with their propaganda. I can't find any sign of where this process is running from, I suspect it must be part of a system dll. Anyone have any ideas on how to find this freaking code??