Alright - one more time.

I have checked all of the files and such in this site (and actually one other on the same Godaddy account).

I had missed that the two xara .js files were also compromised, not just the html. I have gone though all of them and looked for everything that was changed yesterday, including all of the Wordpress files (many of which were replced or modified).

I loaded the site in both Chorme and Opera (with fraud protection turned on) and I got no warnings or redirects. Anyone have the guts to check this from their end?

Anyone know of a way to avoid this happening? It's happened on another host (DOT5) as well. I think it's unavoidable unless you pay for a service to keep it away. In both cases, it looks like a hack on the hosting provider itself, as all of the files that were changed we at the exact same moment - done by a bot or script through the directories, as it was with my DOT5 issue - who issued a hosting-wide password reset the following day after my complain.

I'm still going to contact Godaddy to make sure that they are aware and see if they heard of other issues.

In the meantime - back to the thread!