Back-up has been uploaded and all appears to be well again. Luckily, I didn't get any virus hits from my Norton so I don't think it linked to a virus.
I am going to call our host and have a chat with them about apparent vulnerabilities in their system.
For any IT guys here, are there known vulnerabilities in PHP that could be contributing to this? The files affected are always .php files.