security breach

are you basing this solely on a refering URL in your stats? If so, this doesn’t necessarily mean you were hacked. The refering URL is only the URL of the page that the end user was on prior to coming to your site. It could be that someone was on their own localhost machine and finished up what they were doing, and had your page bookmarked – so it shows up in your stats as them coming from localhost.

Is there other evidence that you’ve been hacked?

And if you *have* been hacked, I’d contact your web host provider – they’re the ones who can do something about it. Refering URL’s aren’;t much more than telling you what page the user what at right before soming to yours. Just because they looked at 14 pages doesn’t really mean anything – it just means they were on a localhost machine right before visitng your own site. I don’t know of many webservers that have a “localhost” as a URL – my guess is they were on a provate localhost on their own machine (for example, I’m currently working on my own localhost right now, and if you looked at the WordPress server referer logs right now, you’d see my localhost address in their logs because that’s where I came from.)

ok. So why the search for “inbox” from the gmail search engine? from their ip address.

That has nothing to do with creating logo’s.

ouch, I have to respectfully ask what your youre looking for from any of us?

1. If you think your site was somehow compromised then change your passwords.
2. If you think a theme has a backdoor, remove the theme.

If none of that seems sufficient, like doodlebee suggested, contact your host.

It was the query for inbox that has me paranoid. I’m new to this and just wanted to make sure I took all the proper steps for my concerns, and if I needed to check other folders in my wordpress or anything. Seems as if I’ve taken all the steps needed. Thanks.