URL injection problem

Question

someone has injected some weird URLs to my Magento store which now redirect to the third website. Google thinks, of course, that my page is hacked and it shows that on its search engine. I want to avoid that at every cost.

I have gone through some major directories to check for permissions and everything looks okay.

What should I do, where else might the backdoor be? Is there any plugin to help me with this?

Thanks!

Answer 1

Check the custom scripts in System > Configuration > Web and see if there are any weird java script snippets.

I am positive that's where the problem will be. Ensure you have the latest SUPEE patches installed also.