Here is the thing, I work for a small company and I am (among other things) in charge of our websites, I made them, really simple stuff as I am definitelly not an expert. The first week of January we got a warning that a huge amount of emails were sent from our domain. We were told by our host that there is a script causing problems, which is strange because - as far as I know - there are no scripts on our websites. Today I am checking all the files and see on the main folder a couple of PHP file that were not there before and I definitelly did not upload them, I do not even know what they are, the names are 1.php and css.include.php. Any idea if this could be the problem? How did they hack our website? Thank you very much in advance for all the help you can provide. JM.