Ok, there is a nasty piece of malware floating around the web so I thought I'd post the solution to the problem here.

This malware may be keying off certain ads on CP but the ads themselves shouldn't be an issue. Google is claiming to have fixed the previous ad hijack/redirect issue that we saw.

OK, to fix this for PC check this...

http://malwaretips.com/blogs/remove-softwareupdaterlp-com-virus/

For Mac check this...

https://discussions.apple.com/thread/6802324


Please post here if the problem gets resolved or if it persists. If you have never had the problem (I have yet to see it) then feel free to ignore this. :thumb:

I had it for a day on my current computer, but haven't seen it since (probably about a week ago). I've not run any kind of anti-malware or similar software to try and fix it or anything - it just went away on its own.

I'll let you know if I see it again, though.

I had it for a day on my current computer, but haven't seen it since (probably about a week ago). I've not run any kind of anti-malware or similar software to try and fix it or anything - it just went away on its own.

I'll let you know if I see it again, though.

It may still be there and just hasn't had anything trigger it. (specific ads, etc)

The more I have looked into these issues it appears that it may be so damn hard to nail down because it is a combination of local malware and ads with "triggers" in them. This two stage approach makes it MUCH harder to detect and I have a feeling a lot of antivirus and antimalware programs are scrambling to catch up. This is my working theory right now. I could be completely off base though.

Yeah, I've seen it here on CP. It would either redirect to the download or just close out the page. I turned "warn me if redirect" back on in FF and it stopped.

Oh, it just showed up for me on my tablet. Right now.

You're a man of the people & it never goes unrecognized.

I scanned my computer (Mac) with two different antivirus packages after I reported that redirect to you tonight, and they both came back clean, so I am inclined to think it wasn't on my end. Who knows though.

malwarebytes free version cleans it up

http://thumbnails110.imagebam.com/38690/62612c386890028.jpg (http://www.imagebam.com/image/62612c386890028)

malwarebytes free version cleans it up

http://thumbnails110.imagebam.com/38690/62612c386890028.jpg (http://www.imagebam.com/image/62612c386890028)

MalwareBytes is the best. Gets rid of almost everything.

I ran AdwareMedic then Avast on the Mac and reset the browsers and looked for extensions like they did in the link you sent me. Neither found anything and there was no extensions to be seen in Safari but so far it hasn't tried to redirect me.

Thanks for the tips! MalwareBytes scanning my computer now, looks like there were several things on there that my Kaspersky didn't catch.

I've been seeing this all over. It's an annoying one to avoid.

It said I needed to download upgraded software because my computer was in danger, so naturally, I installed it. I'm assuming I shouldn't have?

It said I needed to download upgraded software because my computer was in danger, so naturally, I installed it. I'm assuming I shouldn't have?

LMAO

Hey sexy,

just reporting in...

I too just had the pop-up that wanted to install some updates on my computer so I had to re-block the site

win7
firefox
ad-block+


much love

edit:

I went back and read the thread a bit, Ill try scanning/cleaning/nuking my herpes and see what happens

My Mac just started redirecting again via Safari and this thread 3 times in a row after force quitting each time.

These redirects didn't appear to be softwareupdater related, but the adds at the bottom of the page have been dominated by malware and virus related advertisements. Seems connected in this case. :shrug:


The address bar image is hard to read, but I didn't see a softwareuploader connection in it.

My Mac just started redirecting again via Safari and this thread 3 times in a row after force quitting each time.

These redirects didn't appear to be softwareupdater related, but the adds at the bottom of the page have been dominated by malware and virus related advertisements. Seems connected in this case. :shrug:


The address bar image is hard to read, but I didn't see a softwareuploader connection in it.

Get rid of avast. It contains malware in it.

My Mac just started redirecting again via Safari and this thread 3 times in a row after force quitting each time.

These redirects didn't appear to be softwareupdater related, but the adds at the bottom of the page have been dominated by malware and virus related advertisements. Seems connected in this case. :shrug:


The address bar image is hard to read, but I didn't see a softwareuploader connection in it.

Did you follow all the instruction in that thread? One thing it advises to do is to reset your browser and delete all cookie. If you are ok with that, it should keep you from getting the trigger ads displayed so the malware will still likely be on your system but won't activate.

Did you follow all the instruction in that thread? One thing it advises to do is to reset your browser and delete all cookie. If you are ok with that, it should keep you from getting the trigger ads displayed so the malware will still likely be on your system but won't activate.

I followed the instructions in the pm you sent me which included running both scans and resetting browsers, cookies, and checking for extensions in Safari, Chrome, and Firefox. It seemed to cure the softwareupdater redirecting, but then I was later redirected to the MacKeeper as I mentioned.

I followed the instructions in the pm you sent me which included running both scans and resetting browsers, cookies, and checking for extensions in Safari, Chrome, and Firefox. It seemed to cure the softwareupdater redirecting, but then I was later redirected to the MacKeeper as I mentioned.

Well hell!

This had been happening to me the past few days. Uninstalled Chrome and downloaded Malwarebytes. Everything's been OK since.

Did you follow all the instruction in that thread? One thing it advises to do is to reset your browser and delete all cookie. If you are ok with that, it should keep you from getting the trigger ads displayed so the malware will still likely be on your system but won't activate.

Hey bud,

I've been in the middle of deploying new machines at work. And in doing so, I tend to browse CP on whatever machine I happen to be working on in the field. I've noticed the issue on brand new retail OS installs. OS X. Chrome/Safari/Firefox. All these machines I installed the OS myself, and know exactly what's been installed. Also running MS Endpoint virus client, OS X malware detection, etc. I have a very advanced knowledge of OS X and all possible locations for running apps, and I can tell you this isn't OS X malware/adware or browser extensions. I'm very familiar with the removal suggestions in the links provided, and this particular issue isn't part of the group of malware/adware that app looks for. Somehow it's being triggered by the ads displayed.

That said, I'd be happy to leverage any quick troubleshooting on OS X/Win 7 vanilla setups if you have anything specific to test. I generally have both vanilla OS X and Windows installs handy, with or without Flash/Java/adblock/etc. Let me know if I can do anything to help.

Is there another ad network that is a viable option? I feel like the only time I see posts like this on any site I visit is here.

I know you've got to pay the bills but damn. Its harming your users and even when it works properly the ads just torture Safari on iOS.

Hey bud,

I've been in the middle of deploying new machines at work. And in doing so, I tend to browse CP on whatever machine I happen to be working on in the field. I've noticed the issue on brand new retail OS installs. OS X. Chrome/Safari/Firefox. All these machines I installed the OS myself, and know exactly what's been installed. Also running MS Endpoint virus client, OS X malware detection, etc. I have a very advanced knowledge of OS X and all possible locations for running apps, and I can tell you this isn't OS X malware/adware or browser extensions. I'm very familiar with the removal suggestions in the links provided, and this particular issue isn't part of the group of malware/adware that app looks for. Somehow it's being triggered by the ads displayed.

That said, I'd be happy to leverage any quick troubleshooting on OS X/Win 7 vanilla setups if you have anything specific to test. I generally have both vanilla OS X and Windows installs handy, with or without Flash/Java/adblock/etc. Let me know if I can do anything to help.

I find it hard to believe that it's client side as well. I've seen it on three computers that I have control over in terms of virus/malware detection, and in all three cases it's happened for an hour or two, then disappeared. Manual scans have revealed nothing.

Hey bud,

I've been in the middle of deploying new machines at work. And in doing so, I tend to browse CP on whatever machine I happen to be working on in the field. I've noticed the issue on brand new retail OS installs. OS X. Chrome/Safari/Firefox. All these machines I installed the OS myself, and know exactly what's been installed. Also running MS Endpoint virus client, OS X malware detection, etc. I have a very advanced knowledge of OS X and all possible locations for running apps, and I can tell you this isn't OS X malware/adware or browser extensions. I'm very familiar with the removal suggestions in the links provided, and this particular issue isn't part of the group of malware/adware that app looks for. Somehow it's being triggered by the ads displayed.

That said, I'd be happy to leverage any quick troubleshooting on OS X/Win 7 vanilla setups if you have anything specific to test. I generally have both vanilla OS X and Windows installs handy, with or without Flash/Java/adblock/etc. Let me know if I can do anything to help.

Thanks man. I think we may be conflating two separate issues though. The softwareupdater thing (this thread) is definitely malware. That doesn't mean the same people aren't also injecting softwareupdater redirect code into google ads but I think that is unlikely. The other issue is purely with Google ads causing redirects. Google claims to have addressed this but if people are still getting them (not softwareupdater) then apparently they haven't.

It's frustrating as hell because I have yet to see either problem myself except when it first started I could replicate it by going to our ad panel and reviewing ads. There I found offending ads and blocked them from being served. I have continued to do so and haven't seen the issue lately.

What would help is if we could determine exactly which ones are occurring NOW (after Google claims to have fixed it) on clean machines.

Is there another ad network that is a viable option? I feel like the only time I see posts like this on any site I visit is here.

I know you've got to pay the bills but damn. Its harming your users and even when it works properly the ads just torture Safari on iOS.

Yep, I have reached out to a few and am waiting on them getting back to me. Unfortunately Google is the best one but obviously not if they keep letting this crap happen.

The fact that the same exact redirect happens in iOS would rule out malware and point to adware redirect.

Thanks man. I think we may be conflating two separate issues though. The softwareupdater thing (this thread) is definitely malware. That doesn't mean the same people aren't also injecting softwareupdater redirect code into google ads but I think that is unlikely. The other issue is purely with Google ads causing redirects. Google claims to have addressed this but if people are still getting them (not softwareupdater) then apparently they haven't.

It's frustrating as hell because I have yet to see either problem myself except when it first started I could replicate it by going to our ad panel and reviewing ads. There I found offending ads and blocked them from being served. I have continued to do so and haven't seen the issue lately.

What would help is if we could determine exactly which ones are occurring NOW (after Google claims to have fixed it) on clean machines.

It could be two separate issues, but I definitely got the softwareupdaterlp thing as a redirect on a machine that has been scanned and seems to be clean. It hasn't happened in a week or so though.

I suppose conceivably it could be the same site - the redirect gets people fooled into installing it, and then it installs other adware that forces pop ups later.

FWIW I ran malwares and haven't had any issues since. That was around 5 tonight.

The fact that the same exact redirect happens in iOS would rule out malware and point to adware redirect.

The iOS issue was definitely ad redirects. But "supposedly" Google fixed that... who know though.

Here is another weird thing... I have been doing iOS devel lately so the last 2 months I have primarily been accessing CP from my Mac... and haven't seen the issue once. Just bizarre.

No issues on the PC but I've had issues with the iPad Air for weeks with re-directing.

I can't imagine this makes much difference, but I've never seen the redirect issue on iOS, but also never sign in on iOS.

Now the front page crashing the shit out of safari....all the time. If I go to the Lounge page directly no issues.

I've been dealing with redirects on my iPad for weeks, started getting them today on my Mac Mini.

I used Malwarebytes on my old PC, what's the best alternative for Mac?

Seems to have worked for me.

I've been dealing with redirects on my iPad for weeks, started getting them today on my Mac Mini.

I used Malwarebytes on my old PC, what's the best alternative for Mac?

Those of us who know OS X seem to have concluded that this is a redirect issue and not some kind of malware/adware.

Generally anything that says that it's an anti malware tool for OS X is selling you a line of crap.

I've been dealing with redirects on my iPad for weeks, started getting them today on my Mac Mini.

I used Malwarebytes on my old PC, what's the best alternative for Mac?

You can run AdwareMedic (http://www.adwaremedic.com/index.php) if you'd like. But OS X isn't nearly as susceptible to malware. You literally have to download and install malware yourself to get infected in OS X.

Because of that fact, apps like AdwareMedic only really look at a few specific locations in OS X, for a list of known crapware apps that can be installed in OS X. It's not updated very often, so it can only find the stuff that existed at the time of the version release.

But there are a few crapware apps that it can detect and remove. Like the Conduit Search BS, MacKeeper, etc.

Most likely it's not necessary, but you're welcome to have at it.

I've been dealing with redirects on my iPad for weeks, started getting them today on my Mac Mini.

I used Malwarebytes on my old PC, what's the best alternative for Mac?

since this began, I use adblock plus app running inside safari apps. It seems this redirect uses just a few specific redirects -- I added those URLs to my block list and it stopped.

"I knew that Chiefsplanet was da debbil, Bobby Boucher." - Mama

you've done a great job with the thread Kyle - very good stuff - I really have enjoyed this thread, authentically!

No more problems since.:thumb:

Weird. I got redirected on my phone a couple of times yesterday. I'm not sure it was this malware, though. As soon as I opened CP, it sent me to some spam site. I just back-arrowed it and went on.

I get ''redirected'' on my phone lately. It bounces me to the App Store.

Can these threads have the sticky removed yet?