BugsFighter

Loadstart.net is a new infection that affects browsers and changes their settings. Hijacker alters homepage and default search engine in Google Chrome, Mozilla Firefox and Internet Explorer. User searches get redirected to plusnetwork.com website. It also hijacks browser shortcuts on the desktop adding www.loadstart.net URL to the file path in shortcuts properties. As a result, browsers open Loadstart.net in the new tab every time users start browsers.

Odin Ransomware is the latest version of the infamous Locky ransomware. As we know, previously it added .locky and .zepto extensions. Now it uses .odin extension. Technically, it is the same Locky virus, that uses same asymmetric cryptography. However, now key is changed and currently AutoLocky Decryptor that was able to decrypt .locky files can do nothing with .odin files.

Mylucky123.com is perilous search engine, that is trying to resemble Google and redirects user searches to google.com. It overrides search engine and homepage settings in Google Chrome, Mozilla Firefox and Internet Explorer. Hijacker passes traffic to google.com through Mylucky123.com, and gets access to users search queries and online behavior. This URL is also written into browsers shortcut properties, which leads to opening Mylucky123.com in a new tab every time you run certain browser using this shortcut.

Yourconnectivity.net is a web search, that uses plusnetwork.com search engine to provide search results to users. It has all signs of hijacker activity, as it installs without user consent, hacks browser search and homepage settings and modifies browser shortcuts. It affects Google Chrome, Mozilla Firefox and Internet Explorer browsers. The purpose of Yourconnectivity.net is to force users into using this search and forward traffic to certain websites.

Cerber3 ransomware is new version of notorious Cerber virus that infected hundreds of thousands computers. It uses the same algorithms to infect computer and encrypt user files. Now it appends .Cerber3 to those files. Names of the files are changed to random 10 character sequence. Among other differences between Cerber3 and it predecessor are new ransomware note files (@__README__@.html, @__README__@.txt and @__README__@.url instead of #DECRYPT MY FILES#.txt, #DECRYPT MY FILES#.html, #DECRYPT MY FILES#.vbs). Text and html files contain identical instructions to pay the ransom, .url file opens Cerber3 website.

If you see Searchgra.com in your browsers, it means you are infected by hijacker. This piece of malware installs with freeware, changes browser settings (homepage and search engine) and hijacks browser shortcuts on the desktop. Usually, it applies to Google Chrome, Mozilla Firefox and Internet Explorer browsers, however, sometimes it effects Safari, Opera or less popular browsers. Searchgra.com looks like typical search engine, with logo, vaguely reminiscent of Google, and search engine actually provided by it - Google Custom Search (cse.google.com). This is option, that Google offers to website owners to create their own labeled search engine and get all advantages of Google.com search.

Tavanero.info is suspicious search engine, that tries to mimic popular search engine. It has multi-color logo, 2 ad blocks from Google Adsense and engine powered by Google Custom Search (cse.google.com). Tavanero.info installs as default homepage and search engine setting in Google Chrome, Mozilla Firefox and Internet Explorer. Actually, search URL is http://tavanero.info/tavanero/tavanero.php. Main page contains links to hosting website serverpilot.io, so, possibly this hijacker is way to distribute their services.

Search.cubokit.com is browser hijacker for Safari, Google Chrome and Mozilla Firefox browsers running on Mac. It actually looks very clean, with search box saying "Search the web" and search button. Search queries are redirected to search.yahoo.com affiliated with Safe Finder (famous hijacker). The problem is, that Search.cubokit.com overrides user-defined search and homepage settings without user permission and does not allow users to restore old settings.