OK first my site was hacked like described in this thread.
I was already upgraded with the latest version, so I did a new install an seemed fine.
Then I noticed it has been hot by the Google redirect hack.
I found the offending code in wp-blog-header.php and removed it, changed my WP and FTP passwords and it seemed to clear up.
Contacted my host who said there was nothing wrong with their servers.
Now the hack is back. Remove the code again and seems OK.
Any ideas on what is causing this and how I can stop it?