ric323 - the phpbb files are in located in a sub directory of my site (mysite/forum). The main site is just a an html blog running off of Google's free Blogger platform using one of their free templates, and I publish via FTP. I do have a custom script running on the index.html page that distributes market data from a trusted source to about ten pages at most (there are about 200 pages in total). The guys who built the script work for the data provider, and they encrypted it pretty carefully - the data is not cheap so we wanted to make sure that hackers could not tap the feed. That COULD be causing the problem - though I doubt it. The script infiltrated only the php forum subdirectory, nothing else, and looked like it was written specifically for php infiltration (it has the ?php language in the beginning).
Robert - Go Daddy hosts my account. I was on the phone with them for a good bit of the day. The first guy I spoke with had to call to his support team to understand what I was talking about. They were the ones who waved me off - they told me it was related to php, not their servers. Frankly, at that point I didn't care where it was coming from, I just wanted it gone, so I called back and spoke to a woman there named Ashley who was very helpful and patient. She helped me get rid of *most* of it, but I think I need to restore the whole forum subdirectory to get rid of all of it.
The reason is that when I cleaned up the last of the files (style.php and index.php), the whole template went wacky on me, even though all I did was delete the offending script (who are the miscreants that write this stuff anyway?!). You can't miss the malware script, a kindergartner could spot it. It's incredibly dense, half a page long and right on top, so I am certain I didn't delete any of the real php source code by mistake.
I *think* I can restore the whole subdirectory back to February 1st, which was pre-virus, and then change admin passwords, but I'm guessing I'll lose any users who signed up after that. Despite all this, I do love phpbb so I hope I can get to the bottom of it.
Thanks very much for your assistance. If I hear anything helpful from Go Daddy, I will repost it.
All the best, Chris