Aw, screw it. I had this happen about six weeks ago; something got into my site and inserted a forwarding code onto multiple pages.
Now I’ve gotta go back through and fix each page. On the plus side, it looks like it hasn’t been this way for long; the WebFTP says everything was changed “Apr 25 03:06,” so it’s only been a day.
What’s aggravating is that I changed passwords last time, and it’s only hitting main directory pages for one URL, so I don’t know how the code is getting in. I remember reading that a lot of sites using WordPress software suffered the same attack, so I’ll search that out again after I clean up the pages.