Could someone tell me of a good malware/spyware remover?

sean83

macrumors newbie
Original poster
Feb 14, 2008
24
0
Australia
I uploaded my landing page the other day getrippedez.com, and every now and then when I visit the page or refresh the page links will appear within some of the text showing pop ups titled "easy line" when rolled over.

For example the phrases "fat loss" or "build muscle" will be red and double underlined leading to an ad.

I checked with my web hosting support, and they can't see anything, so I'm wondering if this is malware or spyware on my Mac, I have seen this before whilst browsing another website as well.
 
Nov 28, 2010
22,684
27
located
It is probably just an advert, as malware has to be installed manually (except one of the Flashback trojans, which installed itself if you have Java enabled, but then again, it does nothing of the kind you described).
You could try ClamXav.

To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:
 

sean83

macrumors newbie
Original poster
Feb 14, 2008
24
0
Australia
It is probably just an advert, as malware has to be installed manually (except one of the Flashback trojans, which installed itself if you have Java enabled, but then again, it does nothing of the kind you described).
You could try ClamXav.

To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:
If it's just an advert, then how does it get on my landing page without me knowing?

I never had any ad code scripted into the page, the only link that I want on there is the sign up link.
 
Nov 28, 2010
22,684
27
located
If it's just an advert, then how does it get on my landing page without me knowing?

I never had any ad code scripted into the page, the only link that I want on there is the sign up link.
Ah, now I understand.
Does it also happen in another, even temporarily created, user account on your Mac?
And with "landing page" you probably mean the home page stored in the root directory and named INDEX.HTML?

Anyway, if it is malware, have a look at ClamXAV as previously mentioned and also at the link to the FAQ to learn how to protect yourself.
 

sean83

macrumors newbie
Original poster
Feb 14, 2008
24
0
Australia
Ah, now I understand.
Does it also happen in another, even temporarily created, user account on your Mac?
And with "landing page" you probably mean the home page stored in the root directory and named INDEX.HTML?

Anyway, if it is malware, have a look at ClamXAV as previously mentioned and also at the link to the FAQ to learn how to protect yourself.
I only use one account for my mac, have never created any temporary accounts, and yes you are correct, I am referring to the index.html page. It is the only page of the website.
 
Nov 28, 2010
22,684
27
located
I only use one account for my mac, have never created any temporary accounts, and yes you are correct, I am referring to the index.html page. It is the only page of the website.
That is why I also wrote "even temporarily created" in order to test it. Or you could try another browser, which you already may have done as website programmer.

Anyway, since this is an ad, I am not sure how to help, especially the part about "48 places available in your area", which is not dynamic and I doubt that thing has any places near my location.
 

sean83

macrumors newbie
Original poster
Feb 14, 2008
24
0
Australia
I decided to take a screenshot of this intrusive ad on my webpage, screenshot just to show what it looks like, because sometimes it is there and sometime it is not, as you can see it has turned the text "free" into a link.

The link leads to uwavou link, I researched it and apparently its a virus that takes over your browser, so I ran that clamxav scan but it picked up nothing.

I'm running out of ideas.
 

sean83

macrumors newbie
Original poster
Feb 14, 2008
24
0
Australia
I just looked at this on my macbook as well, and I seen the same thing, I don't if this is on my web page, web host or what now.
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
29,632
9,257
California
I decided to take a screenshot of this intrusive ad on my webpage, screenshot just to show what it looks like, because sometimes it is there and sometime it is not, as you can see it has turned the text "free" into a link.

The link leads to uwavou link, I researched it and apparently its a virus that takes over your browser, so I ran that clamxav scan but it picked up nothing.

I'm running out of ideas.
That is definitely a Javascript ad service running on the server. There are several services like this such as intellitxt.com and others. They look for keywords and link a relevant ad to the keyword. I see it on some auto forums I visit. For example the word "tire" will link to an ad for auto tires etc. If you built your own site and you did not include the code, then your host is doing it.