I am completely at a loss -
I have three websites (www.hippieways.com) and (www.summerberryorganics.com). I have a hosting account with Netfirms, and my sites are built in Wordpress and I've used the Customizr theme.
This all started when I googled my hippieways site (just for fun) and the little blue line that read "this site may be hacked" showed under my site. I did the same thing for my summerberry site and sure enough - there's the "may be hacked" again. I went to the third site we have on my hosting account (the kid's site) www.loonielivestock.ca (note the .ca vs. .com) and there's no "...may be hacked".
So, I clicked on the link to see where it went and it took me to a google site that says I need to verify my sites and my ownership. I immediately contacted my hosting company (who's support people are usually VERY good with idiots such as myself) and they in turn told me that I had been hacked and sent me back a support ticket showing a TON of code, which of course I don't understand.
They were VERY happy to recommend a "website security" company that I could consult, but they wanted in excess of $700 to "scrub the sites" - that did not include "monitoring".
Thus far, I have done nothing - not even posted to my blogs for fear of this thing. I have, however, discovered that the Blackhat SEO "virus" only pops up on peoples computers that run the AVG anti-virus software. A friend that knows a fair piece about computers has e-mailed AVG twice now, but to no avail. Since my friend has personal issues to deal with at the moment, I don't want to be a PIA over this, so I'm asking here...my questions are as follows:
1. How can my website be hacked? I pay for backups with my hosting company, yet they say they were unable to find a "clean" back up.
2. What is the "google verification process" and should I attempt to follow their instructions to verify my sites?
3. What is this "Blackhat SEO"? And why does it only show up on OTHER computers if they run AVG? I run Microsoft Security Essentials on MY OWN PC, and have scanned it using Housecall and BitDefender and NONE of them have shown that I have an infection of any sort.
4. It is possible that the Customizr theme is the problem? This has only come about since I changed themes.
5. What can I do to get this sorted out?
6. How can I prevent this from happening again?
Obviously, I know just enough about computers to get myself into a whole lot of trouble. I actually understand VERY little about the behind the scenes workings of websites and so forth.
Any input, advice, or all out genius would be GREATLY appreciated!!