some days ago i have infected from a "seo malware". It's add word as "cialis" or "viagra" to page of my website (magento 1.8).
Is possible to see the word only if "user agent" are set as googlebot.
Someone can help me?
Solved! Go to Solution.
Best way to figure out this is check your FTP for last modified files. Shortlist the files which you see has been added or modified recently. Check the code of these file one by one. If these files are core magento files, than you can simply replace these files from another core magento files
Also check your magento admin configuration if any malicious code is inserted in below two locations -
System > Configuration > Design ( From Left Menu ) > HTML Head > Miscellaneous Scripts
System > Configuration > Design ( From Left Menu ) > Footer > Miscellaneous HTML
Remove any unwanted code from here.
For further investigation, you need to take help of a magento expert or developer
Agree, first see your file history if they are getting modified in a regular interval then infection should be still there on the server.
Note, the bot can see these at the greater level at it scans the code.
Google webmaster can give a good idea about infection and location.
As far as the fix is concerned, a very simple approach would be to install wordpress and then install website scanner plugin and then run a complete scan of the root (/). And then see the origin of infection and clean it manually.
Once you are done with complete cleaning then install latest patches and ensure your got correct permission set on the server.