Last Updated on December 1, 2019 by Christopher G Mendla
Chrome had been hijacked on my machine. If I would search google for something, clicking on the google serps resulting in being taken to an order page for the product. For example, I was looking for info on Symantec Endpoint Protection and would get a page to order SEP, not the actual forums from the google serps.
I ran a combo of AVG, Spybot and Malwarebytes. However, the problem would recur.
I inspected the element of the links and found that the google serps were being redirected via xfreeservice.com.
The chrome extension manager is a bit bulky. I downloaded the SimpleExtManger extension. (free)
That showed a list of all the chrome extensions and apps. I disabled everything except the SimpleExtManager extension. When I refreshed the search page, the hijacked links disappeared and it was a normal page.
You could turn on the extensions one by one to determine which extension is causing the problem. An alternative is a binary type search. IOW, turn on the first half of the extensions. IF there is a problem, then you know the problem is in that group. If not, it is in the second group.
for example, if you have 12 extensions.
- Turn them all off except simpleextmanager and test your page. You should see that the hijacking is not happening if it was extension related.
- Now, turn on the first 6 extensions and test.
- If there is a problem, turn off the last three and test.