[QUOTE] I’ve been having a problem in the last couple of weeks; when I open my admin end in explorer or firefox, and, for example, go to languages tab in order to translate something, this kind of backlinks appears in every traslation and then “glues” itself to my shop appearing in a lot of pages all over the place:
ручки waterman
пучковые ресницы
And there are a lot more loke these sites, all of them russian.
[/QUOTE]
Could you show us some screen shots?
yeah, kind of let myself get hooked on farmville from facebook, but as I have no time to click everywhere, I got the snag bar to click for me. Shure thing is that I already uninstalled that creapy thing.
Further analysis from ESET lets me know that I have a super tidy pc, the super anti spyware gives me the same, no virus, no nothing, just cookies, regular cookies, and if this only happens when I’m on firefox (witch I’ve just uninstalled) and explorer 9 (32 bits), with the 64 bits works fine… I think this is quite a mistery…
I’m going to my beauty sleep now and see if an idea comes to me in the morning.
The screen shots I don’t have because I solved the problem with m shop, as long as I don’t open it in both browsers.
Thank you all so so so much for your interest and help, at least now I have a real anti-virus and system protection 
Tania
Tania,
Sometimes these “things” do have a way of hiding until you perform a particular function for example, so hopefully if there is still “something” somewhere, it will be captured & quarantined when the time comes.
And regardless, you are right in that now you can rest at ease in knowing you have some very high end protection in place…and just wait to see how much smoother your PC operates.
And, stay away from them there Farm Animals precious! 
Best thing to do is wipe your pc and start over if possible. SuperAntiSpyware is the best for malware removal. Give that one a try. I’ve found it pretty much removes everything, more than most tools. Webroot’s spysweeper is also a good product but it is not free…
Run Malwarebytes Anti-Malware full system scan and I bet ya it will find things. When all else fails for us we run the free version of this software and it cures all. Worth a try but you got the best already installed, however, malwarebytes has an incredible nack of reading in between the lines that others miss.
Stu
do this particular spam affected only your cs-cart shop, or also it affected your internet browsing, like redirecting your search, popup windows? Any other problems while looking other websites besides your shop?
I’m running the Malwarebytes Anti-Malware right now, I’m on for everything, untill now nothing as shown up as wrong or dangerous on my pc.
Regarding the problem, I only see it when I try to write something in any kind of form, and only when this form is opened in firefox or explorer 32 bits, everywere else works fine, no popup windows, no strange behaviours, no nothing, just this weird russian links sticking themselfes to my forms like it was some kind of backlink scam.
I would write this post on firefox to give you an example, but I already did and Jesse deleted the russian link.
And another thing that I figured out, there is some kind of fragility between windows 7 (my version) and 32 bits browsers, I uninstalled firefox and then reinstalled as new, same thing happened with the sticky links, it was just when I run the safe mod of firefox that it went away, just like explorer and 64 bits version, in this one I get no links, so, if my computer has some kind of malware, it’s only afecting 32 bits aplications.
Ok, I scaned everything with Malwarebytes and finaly it came up something, the result was this:
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.FakeAlert) → Quarantined and deleted successfully.
So, I guess now it must be fine
Finnaly I’m free of this bug
Thank you so much for advising me the ESET antivirus and the Malwarebyte’s, these two togheter solved my problem.
Lucky me, after all my shop files were not affected by this, just the browsers.
Further analysis discovered that this is a malware software launched by that kind of back linking sites just to force users to show their members links on any kind of post or comment you make in foruns or social networks.
So, I will recommend these two tools to anyone seeking security and some peace of mind knowing they are fully protected against almost every possible virus, malware, adware, trojan, bug, anything 
P:S.: Struck, you can click my shop now, it’s safe 
See you,
Tania
Good news that you are free of the problem.
As I mentioned ESET support suggests the combination of the ESET smart security suite and Super antispyware and Malwarebyte as needed.
One reason that ESET does not catch everything is that some of the problems out there are not exactly viruses but still headaches.
No one software can do everything in terms of protection.
[QUOTE]Finnaly I’m free of this bug [/QUOTE]
Glad to hear the forum was able to help rid you of the problem!
[QUOTE]P:S.: Struck, you can click my shop now, it’s safe [/QUOTE]
Just visited your site, it is very sweet, just like yourself Tania!
Well thank you sir, for everything
[quote name=‘E.Qi.Librium’]Well thank you sir, for everything ;)[/QUOTE]
psst… Struck is a ma’am.
Oh great, didn’t know that, with the name “Struck” I just assumed…wrong of course :oops:
Thank you again dear madam 
so sorry about the mix up!
[QUOTE]psst… Struck is a ma’am. [/QUOTE]
Adodric, you have a good memory, I like that, LOL
I only said that to confuse the other dudes so that I had less competion focusing on the ladies in the forum, sorry, but I just absolutely love girls! 
Oh boy… my instincts were right after all
[QUOTE]Oh boy… my instincts were right after all [/QUOTE]
I knew that I could count on you Tania, you have already been added to my Valentine’s Day Gift List! :shock:
Thanks for the tips on the AV programs - I’ll be installing those tonight.
I have to say though that CS-Cart does seem to attract alot of Russian rubbish. Unfortunately there’s an issue with the captcha on my version and I can’t afford the upgrade at the moment, so I have to run the cart without it - and I get a tonne of garbage coming through the site.
I ran a different cart for years and never had any problems whatsoever - without any image security enabled.
The number of Russian links and email address that spam my testimonials and customer database is extreme. Unfortunately I have to go through my customer base every few days and delete about 90% of the entries there.
One day I’ll be able to upgrade I guess.
[quote name=‘E.Qi.Librium’]Ok, I scaned everything with Malwarebytes and finaly it came up something, the result was this:
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.FakeAlert) → Quarantined and deleted successfully.
So, I guess now it must be fine[/QUOTE]
I have used this free program “malwarebytes” with great success every time I have or had someone with a problem such as this. It never fails…really amazing software and a life saver for sure.
Glad to hear all is well. Run Malwarebytes several times a week at night when you’re sleeping and you will never have an issue.
Stu