Your site may have been hacked in the past, and now it's
been cleaned up.

The fact that the links were found, at one time, does not mean
they exist now.

If you have access to your cpanel, check some things out.

Hackers are able to do things without actually needing to take
it over. There are many flaws in mysql databases and such.

You have to find out the status of all files on your website.

Contact your host about vulnerabilities and plugging some holes.

Paul

Thanks for the info.
One thing has me stumped: All the links I found were in a folder called Biographies so I deleted that.
However google Webmaster Tools shows 1 internal link that was not in "Biographies" but was in my root folder. However when I look in my root folder, that file, called "winsted-alexandra-tydings" is not there! I looked all over for it but it's not there. I guess they themselves deleted it??

I'm an amateur at this web design stuff. Can you tell me what htaccess is and where it would be found?

I looked through every folder in my CPanel and did not find an htaccess file nor any other files that look like they don't belong, now that I deleted the "Biographies" folder they put there.

I guess I can only hope that my changing to a much stronger password will prevent further attacks.

Thanks for your help!
p.s. Is there any way I can let google know that all these effed up links weren't really mine and that I have now removed them from my site so they don't spank me? I just now submitted a new sitemap, after cleaning those files out of there, that's all I could think of to do.

Hi imback, there's no question that it is a hack.
I actually think I have booted them out and changing my password to a much stronger one should keep them out - UNLESS they got in via the host's backdoor, not mine. I'll be monitoring my site daily from now on and several times a day when I can over the next week or so. But hopefully I've gotten them out of there for good.

Now it's just a matter of keeping them out. And doing what I can to stay in The Great and Mighty Google's good graces.

I recently hears about About | Sucuri Security

I'm not in any way affiliated with them, I just heard about them a few days ago. They do have a free site check and I had checked my site while it was hacked and it showed nothing. Does not give me a lot of confidence in their free Site Check. I wonder if their pay service is any better.
I wonder if there's a good one out there. I'm going to google it.

I found out my site was hacked by checking my internal and external links via Google Webmaster Tools. I suppose if you checked there regularly you might find it right after it happened.

Theoretically, (tell me if I'm wrong) one's Hosting service should be responsible for keeping your site secure. No?

I find it interesting that Sucuri is talking about how their scans find this type of hack, but I scanned my site using their service the day before I discovered it had been hacked (the hack was done a month or two previously according to records of their files uploaded), and yet Sucuri gave me a "clean bill of health" via their free scan. I'm not saying this to disparage Sucuri - I really know little about them - but rather to warn you all that maybe these type of site checks in general don't work that well. Maybe the best way to go is to make sure your site has a strong password and any extra security your host offers, and to at least check your backlinks and internal links at google Webmaster Tools every few days to see if there's anything there that looks wrong, as in my case.

If you check Sucuri's blog at their site above, you can find a lot of info about the htaccess hack, particularly as it relates to Wordpress. Apparently a lot of Wordpress sites are being hacked this way or similarly. My site is not a Wordpress site, however.

FYI: A google search for " check website for malicious code " came up with a whole lot of free info and tools that I'm in the process of checking. Will report back on at least some of it.