I have a reseller account its pretty small and mostly all my or my families websites. Well a couple months ago we noticed spam showing up when we searched google for things that would lead to our main website. So we looked around and noticed that in the htaccess file there was a ton of junk, and maybe some other php, files, I cant remember exactly. So I deleted the htaccess file and those other files. Then recently my sites were not loading and or were slow. So I contacted HH and asked them to look into it. After a couple days they disabled one of my accounts. Said to contact them a database was using a ton of resources.
The main problem probably stems from the fact I let these various scripts sit too long. One of a small forum script, the other web site had a hand full of shopping carts I was experimenting with but had left them idle for a long time, maybe years.
So far I think google has pretty much killed searching for any of my sites, even had some random person contact me saying I had to remove a link to their website because their site had been banned from google. I assume they paid someone for some SEO and that person hacked something in my site or forum.
But now I am just worried how do you go about cleaning all this up? What exactly was most likely compromised? Has my main reseller password been compromised? Or is it likely just exploitation of a security flaw in scripts? Is it possible for scripts to inject spam into my htaccess files? That seems insecure.
What places do I go looking for to figure out whats wrong? Are their any scanning utilities that can help me? I want to make sure everything is clean and then change all the passwords.