aspdaddy - 9:55 pm on Apr 1, 2008 (gmt 0)

..can't help - they don't know how someone could be getting in

Sure they do, htaccess is added to sites by exploiting ftp either with a dictionary on a weak password or the protocol itself. If it was a keylogger the card used to pay for your hosting would be the target.