How to fix BlackHole Exploit virus and avoid future attacks

So I got a user tell me that their AVG blocked my website (and all my websites in my Bluehost account) due to a BlackHole Exploit Kit.

I downloaded AntiVirus plugin and that plugin detected files in my theme that got hacked. Sure enough index.php and other files got hacked.

I basically deleted those files and re-uploaded them.

Then I re-installed my version of WordPress for each website. Pain in the ass!

Does anyone know how to avoid this in the future? I learned how to fix it but not how to avoid it.

Thanks!

Giovanni