UnTabs extension virus (Removal Guide) - Easy Removal Guide

unTabs extension virus Removal Guide

What is unTabs extension virus?

Hundreds of user complaints about unTabs extension disclose the real functionality of it

UnTabs virus

UnTabs extension is a malicious browser hijacker[1] which is far more dangerous than typical programs of the same kind. This suspicious browser redirect virus targets Google Chrome browser and hijacks them without user's permission.

It typically changes user's default search engine to cleanserp.net or another suspicious one and also starts delivering various ads in pop-up windows or banners.

The malicious extension shows up in Chrome Extensions list, but what confuses the victims the most is that they're marked as “Installed by enterprise policy,” and there is also a suspicious line next to them, saying that the extension is managed and cannot be removed and disabled.

Such signs can make the victim fall into despair and panic, however, it IS possible to remove UnTabs redirect virus, although the removal process requires some time and patience. To find out whether's you're infected with the described browser extension, please see a list of common signs of infection below.

  • UnTabs virus changes homepage and new tab address to hxxp://cleanserp.net or another bogus search site that serves corrupted search results;
  • The malicious extension acts like malware and slows down the computer, making the compromised web browser lag or crash from time to time;
  • It seems to be very hard or nearly impossible to remove it;
  • The browser suddenly starts opening new tabs or windows[2] and loading third-party advertisements in them. The victim might also notice underlined text spots in websites he visits, that display advertisements as soon as he hovers the mouse over them;
  • The infected browser can also unexpectedly redirect the user to shady websites without victim's permission to do so.

The malicious extension is advertised as a cool tool that helps to convert Chrome tabs to a list, save them in one or more groups and restore them in one click. Unfortunately, instead of providing useful features this extension has numerous malware traits. We must warn you that the extension is currently available on Google Web Store, so you should be very careful until Google suspends its distribution. And there are plenty of reasons why this application deserves that.

You don’t even have to download the program to notice the negative reviews it has already received from the users. At the moment of writing this article, there were over 600 negative 1 star reviews[3] about the extension and even more complaints about issues when trying to remove it.

This clearly creates an image of an untrustworthy piece of software that does everything to prevent users from removing it from their computers. It goes without saying that it is a typical malware behaviour.

Nevertheless, this rogue extension does not rely on the legitimate means of distribution alone to enter computers. In fact, it belongs to the group of malware which use “Add Extension to Leave” pop-ups[4] to force users into installing it on their computers.

It also infiltrates PCs via indecent marketing methods, such as bundling [5]. We’ll elaborate on the virus distribution strategies later, but first, let’s learn about what this virus does, what is the purpose of its hijack and what technique should be used for a complete unTabs removal.

An image showing UnTabsUnTabs extension infiltrates web browsers without user's consent. Then it starts generating extensive amounts of ads which, when clicked, generate ad revenue to the advertiser.

UnTabs has been categorized as a potentially unwanted program, more specifically, a rogue forced extension which infiltrates computers in order to generate profit for its developers.

Once the extension is installed, it starts to inject ads, banners, interstitial advertisements, pop-ups and other commercially-based components on websites and pages that the user visits, hoping that some people would feel tempted and click on them. Unfortunately, it is hard to understand that these ads do not originate from sites the victim visits and that poses even a bigger threat to victim's privacy and security.

The developer of this shady extension will make sure the advertising is as intense as possible because it receives commissions for the traffic it manages to redirect to its promoted websites. In other words, the users engage in this so-called pay-per-click advertising strategy unknowingly.

To achieve even better results, the malware may also start tracking your browsing habits, keeping records of your search queries, visited websites, time spent there, etc. For this purpose, the extension employs tracking technologies such as cookies and web beacons.

This way, the advertiser picks ads according to victim's interests, making them harder to ignore. Over time, you may start getting the feeling that your every step online is being watched and monetized. Thus, we highly suggest performing unTabs virus removal before your browser is turned into a full-blown billboard for ads. You will get rid of the virus quickly with professionals malware-fighting software such as FortectIntego.

Deceptive sites using “Add Extension to Leave” pop-ups to push malicious extensions to people

unTabs virus typically reaches Chrome browsers as a result of a forced installation. The users who regularly browse through illegal or adult content websites may be redirected to unTabs.com directly or be prompted to install the extensions via JavaScript-based “Add Extension to Leave” dialog box. Beware that you might receive a suggestion to install it after being redirected to scam sites such takeitnow.club or carrerafun.club.

Users often try canceling the installation by marking the “Prevent this page from creating additional dialogs” checkbox. But this won’t work.

To exit such malicious pages and prevent unTabs installation the browser tab or the browser must be terminated via Task Manager. We’ll explain the technique in more detail later on.

As we already mentioned, the malware can be installed directly from its official website, other sites that push various malicious extensions, however, it is also possible to install it along with another free program that is bundled with it. For this reason, we suggest you check software installation settings very carefully whenever you are about to install new software on your PC.

If it urges you to choose Standard or Default installation option, disobey such instruction and switch the selection to Custom or Default option instead. One or another choice gives you a possibility to review all programs and tools bundled with your chosen software and refuse to install them.

Typically, all that it takes to drop off the additional software is just to remove marks from check boxes next to permissions to install suggested additions.

Prepare yourself to remove unTabs virus

UnTabs removal requires patience. This malicious extension roots into the system and unlike typical browser hijackers, it doesn't simply drop the extension to the browser. In order to remove unTabs virus, the victim has to follow strict instructions and eliminate dangerous components both from web browsers and the system.

There are a few ways to uninstall the malware manually, although you will achieve best results if you finish the manual removal by performing a system scan with anti-malware software as well. This way, you will detect all remaining elements of the malware that you may have overlooked.

The method of elimination should be selected according to your computing skills and your system’s performance capacities. You should not try to remove the malware from your computer manually if you have no such practice from before. It is enough to scan your device with some trusted antivirus utility, and it will carry out the virus elimination for you. The user friendly-guide below will help you with this procedure.

You may remove virus damage with a help of FortectIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of unTabs extension virus. Follow these steps

Uninstall from Windows

If you find that unTabs is trying to install on your browser, you should close the Chrome browser by pressing the quick key combination ALT+CTRL+DEL to launch Windows Task Manager. Once on the manager window, select all running Chrome processes and click End Task to quit them.

In case the virus managed to slip through into your system, you will have to remove it manually following the guidelines below. There are two manual removal methods that can help you to delete it for good.

Method 1. Fix the problem via CMD

  1. Press down Windows Key + R to open RUN window. Type cmd into it, and then press down Control + Shift + Enter keys at the same time.
  2. Copy and paste the following commands, one line at a time, and click Enter after pasting each of them into the Command Prompt:
    • rd /S /Q “%WinDir%\System32\GroupPolicyUsers”
    • rd /S /Q “%WinDir%\System32\GroupPolicy”
    • gpupdate /force
  3. The problem should be fixed now.

Method 2. Delete the folder of the malicious extension

  1. First of all, go to Chrome Extensions tab (use instructions for Google Chrome users provided on this page ) and take a photo of the malicious extension's ID. You can copy it or write it down. 
  2. Search the Windows for Control Panel and open it. Then go to Appearance and Personalization, then to Folder Options, and finally to View tab. Select Show hidden files, folders and drives and hit OK.
  3. Now go to My Computer, then to C:/ disk, then to Users > [your computer name] > Appdata > Local > Google > Chrome > User Data > Default > Extensions.
  4. Here, find the folder that is entitled with the same ID as the malicious extension. Right-click on it, select Delete, agree. Then right-click on the Recycle bin on your desktop and select Empty Recycle bin.
  5. Now you will have to use the instructions given below to uninstall suspicious programs from your computer. After removing it via Programs and Features panel, do not forget to delete their folders hiding in C://Program Files (x86). The dangerous programs you might find on your system are called:
    • Media PlayerV1;
    • LyricsFan;
    • LyricsWoofer;
    • LyricXeeker;
    • LyricsViewer;
    • Media Player 1.1;
    • BetterSurf;
    • Allyrics;
    • Feven 1.7;
    • DownloadTerms 1.0;
    • Browse2Save;
    • SimpleLyrics;
    • WebCake 3.00;
    • Webexp Enhanced;
    • Plus-HD 1.3;
    • Video Player.

Instructions for Windows 10/8  machines:

  1. Enter Control Panel into Windows search box and hit Enter or click on the search result.
  2. Under Programs, select Uninstall a program. Uninstall from Windows 1
  3. From the list, find the entry of the suspicious program.
  4. Right-click on the application and select Uninstall.
  5. If User Account Control shows up, click Yes.
  6. Wait till uninstallation process is complete and click OK. Uninstall from Windows 2

If you are Windows 7/XP user, proceed with the following instructions:

  1. Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
  2. In Control Panel, select Programs > Uninstall a program. Uninstall from Windows 7/XP
  3. Pick the unwanted application by clicking on it once.
  4. At the top, click Uninstall/Change.
  5. In the confirmation prompt, pick Yes.
  6. Click OK once the removal process is finished.

Delete from macOS

Remove items from Applications folder:

  1. From the menu bar, select Go > Applications.
  2. In the Applications folder, look for all related entries.
  3. Click on the app and drag it to Trash (or right-click and pick Move to Trash) Uninstall from Mac 1

To fully remove an unwanted app, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:

  1. Select Go > Go to Folder.
  2. Enter /Library/Application Support and click Go or press Enter.
  3. In the Application Support folder, look for any dubious entries and then delete them.
  4. Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the related .plist files. Uninstall from Mac 2

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click on Uninstall at the bottom. Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear. Clear Edge browsing data

Restore new tab and homepage settings:

  1. Click the menu icon and choose Settings.
  2. Then find On startup section.
  3. Click Disable if you found any suspicious domain.

Reset MS Edge if the above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running. Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick Delete Advanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -Verbose Advanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove. Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy, search and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now. Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset. Reset Chromium Edge

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select unwanted plugin and click Remove. Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Options.
  3. Under Home options, enter your preferred site that will open every time you newly open the Mozilla Firefox.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data, as well as Cached Web Content and press Clear. Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information. Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox. Reset Firefox 2

Remove from Google Chrome

You will banish this malware from your Google Chrome browse by following the tutorial below, so make sure you complete all the steps properly:

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove. Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data. Clear cache and web data from Chrome

Change your homepage:

  1. Click menu and choose Settings.
  2. Look for a suspicious site in the On startup section.
  3. Click on Open a specific or set of pages and click on three dots to find the Remove option.

Reset Google Chrome:

If the previous methods did not help you, reset Google Chrome to eliminate all the unwanted components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings. Reset Chrome 2

Delete from Safari

Remove unwanted extensions from Safari:

  1. Click Safari > Preferences…
  2. In the new window, pick Extensions.
  3. Select the unwanted extension and select Uninstall. Remove extensions from Safari

Clear cookies and other website data from Safari:

  1. Click Safari > Clear History…
  2. From the drop-down menu under Clear, pick all history.
  3. Confirm with Clear History. Clear cookies and website data from Safari

Reset Safari if the above-mentioned steps did not help you:

  1. Click Safari > Preferences…
  2. Go to Advanced tab.
  3. Tick the Show Develop menu in menu bar.
  4. From the menu bar, click Develop, and then select Empty Caches. Reset Safari

After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of unTabs extension registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes.

How to prevent from getting malware

Protect your privacy – employ a VPN

There are several ways how to make your online time more private – you can access an incognito tab. However, there is no secret that even in this mode, you are tracked for advertising purposes. There is a way to add an extra layer of protection and create a completely anonymous web browsing practice with the help of Private Internet Access VPN. This software reroutes traffic through different servers, thus leaving your IP address and geolocation in disguise. Besides, it is based on a strict no-log policy, meaning that no data will be recorded, leaked, and available for both first and third parties. The combination of a secure web browser and Private Internet Access VPN will let you browse the Internet without a feeling of being spied or targeted by criminals. 

No backups? No problem. Use a data recovery tool

If you wonder how data loss can occur, you should not look any further for answers – human errors, malware attacks, hardware failures, power cuts, natural disasters, or even simple negligence. In some cases, lost files are extremely important, and many straight out panic when such an unfortunate course of events happen. Due to this, you should always ensure that you prepare proper data backups on a regular basis.

If you were caught by surprise and did not have any backups to restore your files from, not everything is lost. Data Recovery Pro is one of the leading file recovery solutions you can find on the market – it is likely to restore even lost emails or data located on an external device.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions

Removal guides in other languages