Skip to content
  • Active
  • Severity: High
  • Malware
  • Windows, Mac
  • Verified · Jun 2017

How to remove unTabs extension virus

A step-by-step removal guide for affected devices. Follow the verified procedure below — most readers complete it in under 10 minutes.

Gabriel E. Hall · Passionate web researcher

Hundreds of user complaints about unTabs extension disclose the real functionality of it

UnTabs virus

UnTabs extension is a malicious browser hijacker[1] which is far more dangerous than typical programs of the same kind. This suspicious browser redirect virus targets Google Chrome browser and hijacks them without user's permission.

It typically changes user's default search engine to cleanserp.net or another suspicious one and also starts delivering various ads in pop-up windows or banners.

The malicious extension shows up in Chrome Extensions list, but what confuses the victims the most is that they're marked as “Installed by enterprise policy,” and there is also a suspicious line next to them, saying that the extension is managed and cannot be removed and disabled.

Such signs can make the victim fall into despair and panic, however, it IS possible to remove UnTabs redirect virus, although the removal process requires some time and patience. To find out whether's you're infected with the described browser extension, please see a list of common signs of infection below.

  • UnTabs virus changes homepage and new tab address to hxxp://cleanserp.net or another bogus search site that serves corrupted search results;
  • The malicious extension acts like malware and slows down the computer, making the compromised web browser lag or crash from time to time;
  • It seems to be very hard or nearly impossible to remove it;
  • The browser suddenly starts opening new tabs or windows[2] and loading third-party advertisements in them. The victim might also notice underlined text spots in websites he visits, that display advertisements as soon as he hovers the mouse over them;
  • The infected browser can also unexpectedly redirect the user to shady websites without victim's permission to do so.

The malicious extension is advertised as a cool tool that helps to convert Chrome tabs to a list, save them in one or more groups and restore them in one click. Unfortunately, instead of providing useful features this extension has numerous malware traits. We must warn you that the extension is currently available on Google Web Store, so you should be very careful until Google suspends its distribution. And there are plenty of reasons why this application deserves that.

You don’t even have to download the program to notice the negative reviews it has already received from the users. At the moment of writing this article, there were over 600 negative 1 star reviews[3] about the extension and even more complaints about issues when trying to remove it.

This clearly creates an image of an untrustworthy piece of software that does everything to prevent users from removing it from their computers. It goes without saying that it is a typical malware behaviour.

Nevertheless, this rogue extension does not rely on the legitimate means of distribution alone to enter computers. In fact, it belongs to the group of malware which use “Add Extension to Leave” pop-ups[4] to force users into installing it on their computers.

It also infiltrates PCs via indecent marketing methods, such as bundling [5]. We’ll elaborate on the virus distribution strategies later, but first, let’s learn about what this virus does, what is the purpose of its hijack and what technique should be used for a complete unTabs removal.

An image showing UnTabs

UnTabs has been categorized as a potentially unwanted program, more specifically, a rogue forced extension which infiltrates computers in order to generate profit for its developers.

Once the extension is installed, it starts to inject ads, banners, interstitial advertisements, pop-ups and other commercially-based components on websites and pages that the user visits, hoping that some people would feel tempted and click on them. Unfortunately, it is hard to understand that these ads do not originate from sites the victim visits and that poses even a bigger threat to victim's privacy and security.

The developer of this shady extension will make sure the advertising is as intense as possible because it receives commissions for the traffic it manages to redirect to its promoted websites. In other words, the users engage in this so-called pay-per-click advertising strategy unknowingly.

To achieve even better results, the malware may also start tracking your browsing habits, keeping records of your search queries, visited websites, time spent there, etc. For this purpose, the extension employs tracking technologies such as cookies and web beacons.

This way, the advertiser picks ads according to victim's interests, making them harder to ignore. Over time, you may start getting the feeling that your every step online is being watched and monetized. Thus, we highly suggest performing unTabs virus removal before your browser is turned into a full-blown billboard for ads. You will get rid of the virus quickly with professionals malware-fighting software such as FortectIntego.

Deceptive sites using “Add Extension to Leave” pop-ups to push malicious extensions to people

unTabs virus typically reaches Chrome browsers as a result of a forced installation. The users who regularly browse through illegal or adult content websites may be redirected to unTabs.com directly or be prompted to install the extensions via JavaScript-based “Add Extension to Leave” dialog box. Beware that you might receive a suggestion to install it after being redirected to scam sites such takeitnow.club or carrerafun.club.

Users often try canceling the installation by marking the “Prevent this page from creating additional dialogs” checkbox. But this won’t work.

To exit such malicious pages and prevent unTabs installation the browser tab or the browser must be terminated via Task Manager. We’ll explain the technique in more detail later on.

As we already mentioned, the malware can be installed directly from its official website, other sites that push various malicious extensions, however, it is also possible to install it along with another free program that is bundled with it. For this reason, we suggest you check software installation settings very carefully whenever you are about to install new software on your PC.

If it urges you to choose Standard or Default installation option, disobey such instruction and switch the selection to Custom or Default option instead. One or another choice gives you a possibility to review all programs and tools bundled with your chosen software and refuse to install them.

Typically, all that it takes to drop off the additional software is just to remove marks from check boxes next to permissions to install suggested additions.

Prepare yourself to remove unTabs virus

UnTabs removal requires patience. This malicious extension roots into the system and unlike typical browser hijackers, it doesn't simply drop the extension to the browser. In order to remove unTabs virus, the victim has to follow strict instructions and eliminate dangerous components both from web browsers and the system.

There are a few ways to uninstall the malware manually, although you will achieve best results if you finish the manual removal by performing a system scan with anti-malware software as well. This way, you will detect all remaining elements of the malware that you may have overlooked.

The method of elimination should be selected according to your computing skills and your system’s performance capacities. You should not try to remove the malware from your computer manually if you have no such practice from before. It is enough to scan your device with some trusted antivirus utility, and it will carry out the virus elimination for you. The user friendly-guide below will help you with this procedure.

Uninstall from Windows

Uninstall from Windows 10/8:

  1. Type Control Panel into the Windows search box and open the result.
  2. Under Programs, select Uninstall a program.Uninstall from Windows 10/8

Uninstall from Windows 7/XP:

  1. Click on Windows Start > Control Panel (Windows XP users should click on Add/Remove Programs).
  2. In Control Panel, select Programs > Uninstall a program.Uninstall from Windows 7/XP

Remove the unwanted program:

  1. In the Programs and Features window, look for any recently installed suspicious entries, select them, and click Uninstall.
  2. If User Account Control appears, click Yes to confirm, then complete the removal.Uninstall the unwanted program from Windows

Delete from macOS

Remove the unwanted application:

  1. From the menu bar, select Go > Applications.
  2. In the Applications folder, look for any suspicious entries, then drag them to Trash (or right-click and pick Move to Trash).Uninstall from Mac

Delete leftover files and folders:

  1. Select Go > Go to Folder.
  2. Enter /Library/Application Support and remove any suspicious folders related to the unwanted program.
  3. Repeat the same check in the /Library/LaunchAgents and /Library/LaunchDaemons folders, deleting any suspicious entries.Delete leftover files from Mac
  4. Finally, empty the Trash to permanently remove the leftovers.

Reset Internet Explorer

Remove dangerous add-ons:

  1. Open Internet Explorer, click on the Gear icon (IE menu) on the top-right corner of the browser
  2. Pick Manage Add-ons.
  3. You will see a Manage Add-ons window. Here, look for suspicious plugins. Click on these entries and select Disable.Remove add-ons from Internet Explorer

Change your homepage if it was altered:

  1. Open IE and click on the Gear icon.
  2. Select Internet Options.
  3. In the General tab, delete the Home page address and replace it by your preferred one (for example, Google.com).
  4. Click Apply and then select OK.Reset IE homepage

Delete temporary files:

  1. Press on the Gear icon and select Internet Options.
  2. Under Browsing history, click Delete...
  3. Select relevant fields and press Delete.Clear temporary files from Internet Explorer

Reset Internet Explorer:

  1. Click on Gear icon > Internet options and select Advanced tab.
  2. Select Reset.
  3. In the new window, check Delete personal settings and select Reset.Reset Internet Explorer

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click Remove.Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Settings > Privacy, search, and services..
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select Cookies and other site data and Cached images and files. (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.Clear Edge browsing data

Restore new tab and homepage settings:

  1. Click the menu icon and choose Settings.
  2. Then find On startup section.
  3. Click Remove next to any suspicious startup page.

Reset MS Edge if the above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.Reset MS Edge

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove.Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy, search and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now.Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.
  5. This will disable extensions and reset startup pages but will not delete bookmarks, saved passwords, or browsing history.Reset Chromium Edge

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select the unwanted extension and click Remove.Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Settings.
  3. Under Home, set your preferred homepage and new tab settings.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data...
  5. Select Cookies and Site Data and Temporary cached files and pages, then click Clear.Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information.Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox...
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox.Reset Firefox 2

Remove from Google Chrome

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all suspicious extensions related to the unwanted program by clicking Remove.Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data.Clear cache and web data from Chrome

Change your homepage:

  1. Click menu and choose Settings.
  2. Look for a suspicious site in the On startup section.
  3. Click on Open a specific or set of pages and click on three dots to find the Remove option.

Reset Google Chrome:

If the previous methods did not help you, reset Google Chrome to eliminate all the unwanted components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings.Reset Chrome 2

Delete from Safari

Remove dangerous extensions:

  1. Open Safari, click Safari in the menu at the top-left of the screen, and select Preferences.
  2. Go to the Extensions tab, look for any suspicious entries, and click Uninstall to remove them.Remove extensions from Safari

Clear history and website data:

  1. Click Safari in the menu and pick Clear History.
  2. Set Clear to all history and confirm with Clear History.Clear history from Safari

Reset Safari:

  1. Click Safari in the menu and select Preferences > Advanced.
  2. Enable Show Develop menu in menu bar.
  3. From the menu bar, click Develop and select Empty Caches.Reset Safari

Be the first to comment

Spyware news
Privacy preferences

We use cookies to improve your experience and analyze traffic. Some cookies enable embedded content like videos and social posts. Choose what you allow — you can change this anytime.