I defeated an evil h@x0r and my friend's site is healthy again

I tracked down and eliminated malware on a friend's website tonight that redirected a popular page to a dubious pirated software site.

I still don't know how the evil script was inserted -- whether a person with legit access had his account compromised by evil-doers or the (seemingly) legit person snuck in the code (a cross-site scripting exploit) hoping no one would notice.

That person, good or bad, is no longer an administrator on the site.

It was doubly cool for me because I didn't know if my tech skills would be up to it AND I helped a friend out of a jam.

Should I try PowerBall again?