Hey...I'm nefarious!!
Actually, I apparently now traffic in porn according to URL Snooper. FTP into the site and everything is perfectly fine--files are all mine and match my local copy exactly. My domain is actually masked and redirects to my Comcast personal webspace, so my uneducated guess is that Comcast's server was breached in some way (boy won't they be happy when I contact them this weekend!). If the Internet geniuses (CJM, Delphium & co.) around these parts have some insight or ideas I'd love to hear them.
Can't deal with this now as I've got work early tomorrow. Would one of you guys getting warnings from your AV be willing to help me test some files? Post here or PM me and we'll chat privately. Oh, and thanks for posting about this Abram. If you hadn't I don't know how long this would have gone on without me knowing, as I'm only minimally involved in my site/projects atm.
--update--
I've been through the Google Webmaster Tools (neat resource I never knew about) process and the site is cleaned up. In my tiredness I had missed checking a folder at first look the other night. Hopefully the malware review process will be done within a day or two and Google will remove the warning when going to the site.
Talked to Comcast today as well. Of course they were convinced someone got my password rather than their server might have been breached. When I explained my password is an encrypted string of total gibberish, stored within an encrypted database, and rarely used (and never typed in manually), they paused for a moment, then got back on script and referred me to their online badware scan service. Not having any interest in an argument, I just said "OK, thanks", and hung up. I went to the site, clicked the scan button, and got the expected result instantaneously:
So, should I call Comcast and press the point that they should really take a look at their server security, or just let 'em be?