I frequently get a captha script on this forum, that shows me 3 pictures and asks me to click to click the dog. The same as this: Please click the dog - General Discussion - UBot Underground
As soon as I click it, my antivirus reports several rootkit malware attacks from this website (original attack website is a different one)
Please check the issue with your captha addon.
I have also been wondering about this. Where I see the problem is when you do a search on Google like site:forum.cs-cart.com webmail When you do that and then click from Google, you either get the captcha thing or you get some other kind of redirect.
My guess is that there is a problem with the .htaccess file. I've seen something similar with some Wordpress installs. It might be worth looking into this.
Thanks,
Brandon
Wow, strange. I just got this malware warning too. I was also told that it was trying to make sure I was “human” and it told me to choose the picture of the dog.
Here is the basic of what my antivirus blocked…
“Exploit Redkit Exploit Kit (type 1952)”;“freddeboos.se/odns.htm”;“Object was blocked”;“12/28/2012, 11:16:25 PM”;“file”
Here is the other thing that was blocked…
“Exploit Blackhole Exploit Kit Detection (type 1965)”;“membersteenss.net/see/good_christmas.php";"Object was blocked”;“12/28/2012, 11:16:20 PM”;“file”
Something strange is happening. The sad part is it is happing on the forum. It happen when I clicked in the “search” box.
Hello all,
Thank you for your message.
It is strange to hear that you have experienced this problem. Could you provide a direct URL to the page where you saw this warning so that we could examine the issue in detail?
Thank you.
—
Pavel Zyukin
CS-Cart Support team
The page is different every time. It relates to this captha script that you seem to have installed.
Just go to Google and do a search like
site:forum.cs-cart.com filters
Then click on any link and you'll see the malware.
Thanks,
Brandon
I don't see it and never have?
Samething happen to me, when I tried to search the forum.
I was getting a gambling advert showing last week only on this forum, no other sites seemed to have the problem and various malware scans gave my laptop a clean bill of health. Can't say I've seen what is described above but was definitely getting an advert displaying in the bottom-right corner of the forum.
I ran a search in google for “site:forum.cs-cart.com webmail” using firefox clicked first available choice. Got a white block to pick cat … dog, to verify I am a human had to pick dog. So I did then I had kaspersky virus removed notification “heur exploit script blocker”, cs-cart forum page was blacked out as if I opened picture using “flightbox”. After that I did all again but not getting captha page anymore.
What I did was, just click and not click the picture.
This happened to me a couple of weeks ago when I was in the bug tracker. It just occurred again today when I selected poll results in one of the threads.
[quote name='The Tool' timestamp='1357259823' post='152145']
This happened to me a couple of weeks ago when I was in the bug tracker. It just occurred again today when I selected poll results in one of the threads.
[/quote]That What I see too.
[quote name='The Tool' timestamp='1357259823' post='152145']
This happened to me a couple of weeks ago when I was in the bug tracker. It just occurred again today when I selected poll results in one of the threads.
[/quote]
ditto
Just got it again. This time I closed the browser and did not answer.
I'm now getting this every time I click any result after clicking “More results from forum.cs-cart.com” on a Google search.
It seems to be loading from creativesolutions . nard . ca
Just happened today, had a pop-up appear on the forum with a choice of six colored pictures of various animals. I clicked one of these creatures and was then warned of being taken to an infectious website. I did not screen capture the pop-up on the forum. I reached the forum from a google search for cs-cart and the website address looked all ok. Though only thing which occurred when entering the forum was I left it idle for a period of time, on return I was faced with the pop-up. I have tried to reproduce, but unable. So can only think that it is triggered by some random event.
The report from the protection software (for the redirected site), do not follow this it is dangerous:-
Jan 04 2013 17:47: Navigation to a potential infection site:http://ricplvcy.2waky.com/vd/out.php?p=wePzzL6RduNTh+OKhZBHfZY21J6hGV3LCPPBaS9mj6lRzgLaK6pYIPuGQpXVkTDFlW8OTsn6XZ1ETxAeDaCbx2U=&nc=false&nj=false&ic=false&sw=1280&sh=1024&sd=24&np=false&.
Finally today i also see the scary image… definitely this a malware however AdBlock extension disable their all their script… so all of their script was dead… 
same for me 10:05 gmt this morning after following a google link to the site
[attachment=6312:cs mal.JPG]
Thank you all for reporting this problem and letting us know all the details. It seems that the problem was caused by a vulnerability in the Google Search addon installed in our forum software. We have disabled it until a fix is available.
If anyone still sees these strange images, please inform us in this thread.
Thank you and we apologize for the inconvenience.
—
Pavel Zyukin
CS-Cart Support team