- Hijacks homepage
Do you keep facing Pesonal-spage.com every time you launch your browser, despite the fact that your homepage was not modified? Well, that is because a browser hijacker has corrupted your browser. This malicious hijacker does not change search settings – which is how most hijackers work – but it can modify the shortcut forcing it to launch the undesirable page on every launch. Needless to say, this page is not trustworthy; however, some users might be confused because the interface of this page reminds of a normal search engine. This is just a trick to fool you into using this “search engine,” and we have to warn you that any interaction with it could be dangerous. Obviously, we recommend removing Pesonal-spage.com hijacker, but you do not need to trust our word. Instead, read the report that we have created after analyzing the infection, and then make the decision whether or not you need to delete it.
The malicious file that enables the Pesonal-spage.com hijacker could be downloaded onto your computer without any of your notice. This file is called exe.xoferif.bat, and it is located in %AppData%\Browsers\. This batch file uses a shell program to execute its command, and, of course, it is to launch the hijacker. If you open this file – which you can do using Notepad – you will see a bunch of seemingly random characters that do not make much sense. Our research team has deciphered the contents of this file, and it was found that the main command is to launch “http://pesonal-spage.com/sall/”. The thing is that this page is basically invisible. As soon as the infected browser is launched, the user is redirected from the initial page to stadsear.com/newsearch and then to seargoo.com/se2/. Needless to say, the redirecting is so quick that the user only notices seargoo.com/se2/. Of course, it is possible that the hijacker will be modified and users will be exposed to a different page. Unfortunately, that might make it more difficult for users to research and delete the real infection.
The interface of Pesonal-spage.com mimics the interface of Windows 8 and Windows 8.1 operating systems. It displays a bunch of colorful boxes that represent links to popular sites, such as last.fm, facebook.com, linkedin.com, and so on. The search dialog box represents Google Search, but that does not mean that the results shown to you are reliable. Considering that there is no legal information about this search tool, we have to assume all possible outcomes, and one of them is that this hijacker might be showing modified search results. Now, if you are dealing with the hijacker, you will be routed to Pesonal-spage.com/sall/, and, as you now know, it routes straight to seargoo.com/se2/. This page is not supported by legal information either, which makes it just as suspicious. Although you will be routed to Google Custom Search after entering search keywords, you must keep in mind that the results shown might be misleading. That is an important reason to remove the hijacker, don’t you think?
One more thing you need to think about before you delete Pesonal-spage.com is third-party malware. Of course, the malicious .bat file cannot appear out of nowhere, and it is unlikely that you will download it on purpose. Our researchers warn that this malicious file could be downloaded along with third-party malware when, for example, you execute a software bundle. Installers represented via unreliable file-sharing sites or via pop-up ads are usually considered untrustworthy because they offer attractive programs just to trick you into installing a bunch of unwanted or malicious programs alongside. Therefore, if you discover the hijacker, immediately scan your operating system to check if additional malware exists. The sooner you know this, the quicker you can take action.
The guide below explains how to delete Pesonal-spage.com from your operating system manually. First, eliminate the malicious file. Second, figure out which browser was corrupted. Maybe several browsers were corrupted at the same time? Next, identify all shortcuts you need to modify. If you miss some shortcuts, you might encounter the hijacker later on. Of course, you can modify the shortcuts that you use most frequently first, such as Desktop, Start Menu, and Taskbar shortcuts. Right after that, scan your PC one more time to check for leftovers and additional malware. If you fail to erase all threats and leftovers yourself, do not hesitate to implement automated malware detection and removal software. Also, if you have questions, use the comments section to start a discussion.