Severity scale:  

Remove unTabs extension virus (Removal Guide) - Easy Removal Guide

removal by Gabriel E. Hall - - | Type: Malware

Hundreds of user complaints about unTabs extension disclose the real functionality of it

UnTabs virus

UnTabs extension is a malicious browser hijacker[1] which is far more dangerous than typical programs of the same kind. This suspicious browser redirect virus targets Google Chrome browser and hijacks them without user's permission.

It typically changes user's default search engine to or another suspicious one and also starts delivering various ads in pop-up windows or banners.

The malicious extension shows up in Chrome Extensions list, but what confuses the victims the most is that they're marked as “Installed by enterprise policy,” and there is also a suspicious line next to them, saying that the extension is managed and cannot be removed and disabled.

Such signs can make the victim fall into despair and panic, however, it IS possible to remove UnTabs redirect virus, although the removal process requires some time and patience. To find out whether's you're infected with the described browser extension, please see a list of common signs of infection below.

  • UnTabs virus changes homepage and new tab address to hxxp:// or another bogus search site that serves corrupted search results;
  • The malicious extension acts like malware and slows down the computer, making the compromised web browser lag or crash from time to time;
  • It seems to be very hard or nearly impossible to remove it;
  • The browser suddenly starts opening new tabs or windows[2] and loading third-party advertisements in them. The victim might also notice underlined text spots in websites he visits, that display advertisements as soon as he hovers the mouse over them;
  • The infected browser can also unexpectedly redirect the user to shady websites without victim's permission to do so.

The malicious extension is advertised as a cool tool that helps to convert Chrome tabs to a list, save them in one or more groups and restore them in one click. Unfortunately, instead of providing useful features this extension has numerous malware traits. We must warn you that the extension is currently available on Google Web Store, so you should be very careful until Google suspends its distribution. And there are plenty of reasons why this application deserves that.

You don’t even have to download the program to notice the negative reviews it has already received from the users. At the moment of writing this article, there were over 600 negative 1 star reviews[3] about the extension and even more complaints about issues when trying to remove it.

This clearly creates an image of an untrustworthy piece of software that does everything to prevent users from removing it from their computers. It goes without saying that it is a typical malware behaviour.

Nevertheless, this rogue extension does not rely on the legitimate means of distribution alone to enter computers. In fact, it belongs to the group of malware which use “Add Extension to Leave” pop-ups[4] to force users into installing it on their computers.

It also infiltrates PCs via indecent marketing methods, such as bundling [5]. We’ll elaborate on the virus distribution strategies later, but first, let’s learn about what this virus does, what is the purpose of its hijack and what technique should be used for a complete unTabs removal.

An image showing UnTabs
UnTabs extension infiltrates web browsers without user's consent. Then it starts generating extensive amounts of ads which, when clicked, generate ad revenue to the advertiser.

UnTabs has been categorized as a potentially unwanted program, more specifically, a rogue forced extension which infiltrates computers in order to generate profit for its developers.

Once the extension is installed, it starts to inject ads, banners, interstitial advertisements, pop-ups and other commercially-based components on websites and pages that the user visits, hoping that some people would feel tempted and click on them. Unfortunately, it is hard to understand that these ads do not originate from sites the victim visits and that poses even a bigger threat to victim's privacy and security.

Questions about unTabs extension virus

The developer of this shady extension will make sure the advertising is as intense as possible because it receives commissions for the traffic it manages to redirect to its promoted websites. In other words, the users engage in this so-called pay-per-click advertising strategy unknowingly.

To achieve even better results, the malware may also start tracking your browsing habits, keeping records of your search queries, visited websites, time spent there, etc. For this purpose, the extension employs tracking technologies such as cookies and web beacons.

This way, the advertiser picks ads according to victim's interests, making them harder to ignore. Over time, you may start getting the feeling that your every step online is being watched and monetized. Thus, we highly suggest performing unTabs virus removal before your browser is turned into a full-blown billboard for ads. You will get rid of the virus quickly with professionals malware-fighting software such as Reimage Reimage Cleaner Intego.

Deceptive sites using “Add Extension to Leave” pop-ups to push malicious extensions to people

unTabs virus typically reaches Chrome browsers as a result of a forced installation. The users who regularly browse through illegal or adult content websites may be redirected to directly or be prompted to install the extensions via JavaScript-based “Add Extension to Leave” dialog box. Beware that you might receive a suggestion to install it after being redirected to scam sites such or

Users often try canceling the installation by marking the “Prevent this page from creating additional dialogs” checkbox. But this won’t work.

To exit such malicious pages and prevent unTabs installation the browser tab or the browser must be terminated via Task Manager. We’ll explain the technique in more detail later on.

As we already mentioned, the malware can be installed directly from its official website, other sites that push various malicious extensions, however, it is also possible to install it along with another free program that is bundled with it. For this reason, we suggest you check software installation settings very carefully whenever you are about to install new software on your PC.

If it urges you to choose Standard or Default installation option, disobey such instruction and switch the selection to Custom or Default option instead. One or another choice gives you a possibility to review all programs and tools bundled with your chosen software and refuse to install them.

Typically, all that it takes to drop off the additional software is just to remove marks from check boxes next to permissions to install suggested additions.

Prepare yourself to remove unTabs virus

UnTabs removal requires patience. This malicious extension roots into the system and unlike typical browser hijackers, it doesn't simply drop the extension to the browser. In order to remove unTabs virus, the victim has to follow strict instructions and eliminate dangerous components both from web browsers and the system.

There are a few ways to uninstall the malware manually, although you will achieve best results if you finish the manual removal by performing a system scan with anti-malware software as well. This way, you will detect all remaining elements of the malware that you may have overlooked.

The method of elimination should be selected according to your computing skills and your system’s performance capacities. You should not try to remove the malware from your computer manually if you have no such practice from before. It is enough to scan your device with some trusted antivirus utility, and it will carry out the virus elimination for you. The user friendly-guide below will help you with this procedure.

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove unTabs extension virus, follow these steps:

Uninstall unTabs extension from Windows systems

If you find that unTabs is trying to install on your browser, you should close the Chrome browser by pressing the quick key combination ALT+CTRL+DEL to launch Windows Task Manager. Once on the manager window, select all running Chrome processes and click End Task to quit them.

In case the virus managed to slip through into your system, you will have to remove it manually following the guidelines below. There are two manual removal methods that can help you to delete it for good.

Method 1. Fix the problem via CMD

  1. Press down Windows Key + R to open RUN window. Type cmd into it, and then press down Control + Shift + Enter keys at the same time.
  2. Copy and paste the following commands, one line at a time, and click Enter after pasting each of them into the Command Prompt:
    • rd /S /Q “%WinDir%\System32\GroupPolicyUsers”
    • rd /S /Q “%WinDir%\System32\GroupPolicy”
    • gpupdate /force
  3. The problem should be fixed now.

Method 2. Delete the folder of the malicious extension

  1. First of all, go to Chrome Extensions tab (use instructions for Google Chrome users provided on this page ) and take a photo of the malicious extension's ID. You can copy it or write it down. 
  2. Search the Windows for Control Panel and open it. Then go to Appearance and Personalization, then to Folder Options, and finally to View tab. Select Show hidden files, folders and drives and hit OK.
  3. Now go to My Computer, then to C:/ disk, then to Users > [your computer name] > Appdata > Local > Google > Chrome > User Data > Default > Extensions.
  4. Here, find the folder that is entitled with the same ID as the malicious extension. Right-click on it, select Delete, agree. Then right-click on the Recycle bin on your desktop and select Empty Recycle bin.
  5. Now you will have to use the instructions given below to uninstall suspicious programs from your computer. After removing it via Programs and Features panel, do not forget to delete their folders hiding in C://Program Files (x86). The dangerous programs you might find on your system are called:
    • Media PlayerV1;
    • LyricsFan;
    • LyricsWoofer;
    • LyricXeeker;
    • LyricsViewer;
    • Media Player 1.1;
    • BetterSurf;
    • Allyrics;
    • Feven 1.7;
    • DownloadTerms 1.0;
    • Browse2Save;
    • SimpleLyrics;
    • WebCake 3.00;
    • Webexp Enhanced;
    • Plus-HD 1.3;
    • Video Player.

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs). Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall unTabs extension and related programs
    Here, look for unTabs extension or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'

Erase unTabs extension from Mac OS X system

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for unTabs extension or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'

Delete unTabs extension from Internet Explorer (IE)

  1. Remove dangerous add-ons
    Open Internet Explorer, click on the Gear icon (IE menu) on the top right corner of the browser and choose Manage Add-ons. Click on menu icon and select 'Manage add-ons'
  2. You will see a Manage Add-ons window. Here, look for unTabs extension and other suspicious plugins. Disable these entries by clicking Disable: Right click on each of malicious entries and select 'Disable'
  3. Change your homepage if it was altered by virus:
    Click on the gear icon (menu) on the top right corner of the browser and select Internet Options. Stay in General tab.
  4. Here, remove malicious URL and enter preferable domain name. Click Apply to save changes. Delete malicious URL, enter your desired domain name and click 'Apply' to save changes
  5. Reset Internet Explorer
    Click on the gear icon (menu) again and select Internet options. Go to Advanced tab.
  6. Here, select Reset.
  7. When in the new window, check Delete personal settings and select Reset again to complete unTabs extension removal. Go to 'Advanced' tab and click on 'Reset' button. Now select 'Delete personal settings' and click on 'Reset' button again

Get rid of unTabs extension virus from Microsoft Edge

Reset Microsoft Edge settings (Method 1):

  1. Launch Microsoft Edge app and click More (three dots at the top right corner of the screen).
  2. Click Settings to open more options.
  3. Once Settings window shows up, click Choose what to clear button under Clear browsing data option. Go to Settings and select 'Choose what to clear'
  4. Here, select all what you want to remove and click Clear. Select 'Clear' button
  5. Now you should right-click on the Start button (Windows logo). Here, select Task Manager. Open the start menu and select 'Task Manager'
  6. When in Processes tab, search for Microsoft Edge.
  7. Right-click on it and choose Go to details option. If can’t see Go to details option, click More details and repeat previous steps. Right-click 'Microsoft Edge' and select 'Go to details' Select 'More details' if 'Go to details' option fails to show up
  8. When Details tab shows up, find every entry with Microsoft Edge name in it. Right click on each of them and select End Task to end these entries. Find Microsoft Edge entries and select 'End Task'

Resetting Microsoft Edge browser (Method 2):

If Method 1 failed to help you, you need to use an advanced Edge reset method.

  1. Note: you need to backup your data before using this method.
  2. Find this folder on your computer: C:\Users\%username%\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  3. Select every entry which is saved on it and right click with your mouse. Then Delete option. Go to Microsoft Edge folder on your computer, right-click every entry and click 'Delete'
  4. Click the Start button (Windows logo) and type in window power in Search my stuff line.
  5. Right-click the Windows PowerShell entry and choose Run as administrator. Find Windows PowerShell, right-click it and select 'Run as administrator'
  6. Once Administrator: Windows PowerShell window shows up, paste this command line after PS C:\WINDOWS\system32> and press Enter:
    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register $($_.InstallLocation)\AppXManifest.xml -Verbose}
    Copy and paste a required command and press 'Enter'

Once these steps are finished, unTabs extension should be removed from your Microsoft Edge browser.

Remove unTabs extension from Mozilla Firefox (FF)

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select unTabs extension and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  4. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete unTabs extension removal. Click on 'Reset Firefox' button for a couple of times

Eliminate unTabs extension from Google Chrome

You will banish this malware from your Google Chrome browse by following the tutorial below, so make sure you complete all the steps properly:

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select unTabs extension and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  4. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  5. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  6. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  7. Click Reset to confirm this action and complete unTabs extension removal. Click on 'Reset' button to complete your removal

Uninstall unTabs extension from Safari

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for unTabs extension or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  4. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete unTabs extension removal process. Select all options and click on 'Reset' button

Access your website securely from any location

When you work on the domain, site, blog, or different project that requires constant management, content creation, or coding, you may need to connect to the server and content management service more often. It is a hassle when your website is protected from suspicious connections and unauthorized IP addresses.

The best solution for creating a tighter network could be a dedicated/fixed IP address. If you make your IP address static and set to your device, you can connect to the CMS from any location and do not create any additional issues for server or network manager that need to monitor connections and activities. This is how you bypass some of the authentications factors and can remotely use your banking accounts without triggering suspicious with each login. 

VPN software providers like Private Internet Access can help you with such settings and offer the option to control the online reputation and manage projects easily from any part of the world. It is better to clock the access to your website from different IP addresses. So you can keep the project safe and secure when you have the dedicated IP address VPN and protected access to the content management system.

Backup files for the later use, in case of the malware attack

Computer users can suffer various losses due to cyber infections or their own faulty doings. Software issues created by malware or direct data loss due to encryption can lead to problems with your device or permanent damage. When you have proper up-to-date backups, you can easily recover after such an incident and get back to work.

It is crucial to create updates to your backups after any changes on the device, so you can get back to the point you were working on when malware changes anything or issues with the device causes data or performance corruption. Rely on such behavior and make file backup your daily or weekly habit.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware occurs out of nowhere. Use Data Recovery Pro for the system restoring purpose.

About the author

Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions


Removal guides in other languages

Your opinion regarding unTabs extension virus