[jumar112]

I also got hacked into my site last October but did not find it until last month.

I have a blog attached to the site and believe that one of the plug-ins that I downloaded for the blog added a folder to my blog sub-domain that had HUNDREDS of .html files with articles and words that would make a sailor blush.

I never did find out where is actually came from. But went into my manager log file and started writing down all the IP address that where going straight to that folder. Then I changed my .htaccess to ban all the IP's I wrote down.

It has taken over two weeks to get it all straight but i am seeing that once the IP that is banned tries to view the file over and over and is not allowed stops coming in.

James: I am glad that you found out who it was and hope that criminal charges would be filed.
Did you change your password to get into your hosting account. If not, make sure you do that ASAP and use letters, numbers and characters (like @$%) in the password. Also when you log into your hosting account is there anywhere that shows you Last Logged In: and a IP address?
My account has that so I always look to make sure that the IP address is mine. One time I logged in and it showed something different, so i backtracked it, then took a picture of it and sent a 911 message to my hosting company to find out how long this person was in. Was glad to hear it was customer service from my hoster that was helping with another situation.