Severity scale:  

Remove unTabs extension virus (Removal Guide) - Easy Removal Guide

removal by Gabriel E. Hall - - | Type: Malware

Hundreds of user complaints about unTabs extension disclose the real functionality of it

UnTabs virus

UnTabs extension is a malicious browser hijacker[1] which is far more dangerous than typical programs of the same kind. This suspicious browser redirect virus targets Google Chrome browser and hijacks them without user's permission.

It typically changes user's default search engine to or another suspicious one and also starts delivering various ads in pop-up windows or banners.

The malicious extension shows up in Chrome Extensions list, but what confuses the victims the most is that they're marked as “Installed by enterprise policy,” and there is also a suspicious line next to them, saying that the extension is managed and cannot be removed and disabled.

Such signs can make the victim fall into despair and panic, however, it IS possible to remove UnTabs redirect virus, although the removal process requires some time and patience. To find out whether's you're infected with the described browser extension, please see a list of common signs of infection below.

  • UnTabs virus changes homepage and new tab address to hxxp:// or another bogus search site that serves corrupted search results;
  • The malicious extension acts like malware and slows down the computer, making the compromised web browser lag or crash from time to time;
  • It seems to be very hard or nearly impossible to remove it;
  • The browser suddenly starts opening new tabs or windows[2] and loading third-party advertisements in them. The victim might also notice underlined text spots in websites he visits, that display advertisements as soon as he hovers the mouse over them;
  • The infected browser can also unexpectedly redirect the user to shady websites without victim's permission to do so.

The malicious extension is advertised as a cool tool that helps to convert Chrome tabs to a list, save them in one or more groups and restore them in one click. Unfortunately, instead of providing useful features this extension has numerous malware traits. We must warn you that the extension is currently available on Google Web Store, so you should be very careful until Google suspends its distribution. And there are plenty of reasons why this application deserves that.

You don’t even have to download the program to notice the negative reviews it has already received from the users. At the moment of writing this article, there were over 600 negative 1 star reviews[3] about the extension and even more complaints about issues when trying to remove it.

This clearly creates an image of an untrustworthy piece of software that does everything to prevent users from removing it from their computers. It goes without saying that it is a typical malware behaviour.

Nevertheless, this rogue extension does not rely on the legitimate means of distribution alone to enter computers. In fact, it belongs to the group of malware which use “Add Extension to Leave” pop-ups[4] to force users into installing it on their computers.

Questions about unTabs extension virus

It also infiltrates PCs via indecent marketing methods, such as bundling [5]. We’ll elaborate on the virus distribution strategies later, but first, let’s learn about what this virus does, what is the purpose of its hijack and what technique should be used for a complete unTabs removal.

An image showing UnTabsUnTabs extension infiltrates web browsers without user's consent. Then it starts generating extensive amounts of ads which, when clicked, generate ad revenue to the advertiser.

UnTabs has been categorized as a potentially unwanted program, more specifically, a rogue forced extension which infiltrates computers in order to generate profit for its developers.

Once the extension is installed, it starts to inject ads, banners, interstitial advertisements, pop-ups and other commercially-based components on websites and pages that the user visits, hoping that some people would feel tempted and click on them. Unfortunately, it is hard to understand that these ads do not originate from sites the victim visits and that poses even a bigger threat to victim's privacy and security.

The developer of this shady extension will make sure the advertising is as intense as possible because it receives commissions for the traffic it manages to redirect to its promoted websites. In other words, the users engage in this so-called pay-per-click advertising strategy unknowingly.

To achieve even better results, the malware may also start tracking your browsing habits, keeping records of your search queries, visited websites, time spent there, etc. For this purpose, the extension employs tracking technologies such as cookies and web beacons.

This way, the advertiser picks ads according to victim's interests, making them harder to ignore. Over time, you may start getting the feeling that your every step online is being watched and monetized. Thus, we highly suggest performing unTabs virus removal before your browser is turned into a full-blown billboard for ads. You will get rid of the virus quickly with professionals malware-fighting software such as Reimage Reimage Cleaner Intego.

Deceptive sites using “Add Extension to Leave” pop-ups to push malicious extensions to people

unTabs virus typically reaches Chrome browsers as a result of a forced installation. The users who regularly browse through illegal or adult content websites may be redirected to directly or be prompted to install the extensions via JavaScript-based “Add Extension to Leave” dialog box. Beware that you might receive a suggestion to install it after being redirected to scam sites such or

Users often try canceling the installation by marking the “Prevent this page from creating additional dialogs” checkbox. But this won’t work.

To exit such malicious pages and prevent unTabs installation the browser tab or the browser must be terminated via Task Manager. We’ll explain the technique in more detail later on.

As we already mentioned, the malware can be installed directly from its official website, other sites that push various malicious extensions, however, it is also possible to install it along with another free program that is bundled with it. For this reason, we suggest you check software installation settings very carefully whenever you are about to install new software on your PC.

If it urges you to choose Standard or Default installation option, disobey such instruction and switch the selection to Custom or Default option instead. One or another choice gives you a possibility to review all programs and tools bundled with your chosen software and refuse to install them.

Typically, all that it takes to drop off the additional software is just to remove marks from check boxes next to permissions to install suggested additions.

Prepare yourself to remove unTabs virus

UnTabs removal requires patience. This malicious extension roots into the system and unlike typical browser hijackers, it doesn't simply drop the extension to the browser. In order to remove unTabs virus, the victim has to follow strict instructions and eliminate dangerous components both from web browsers and the system.

There are a few ways to uninstall the malware manually, although you will achieve best results if you finish the manual removal by performing a system scan with anti-malware software as well. This way, you will detect all remaining elements of the malware that you may have overlooked.

The method of elimination should be selected according to your computing skills and your system’s performance capacities. You should not try to remove the malware from your computer manually if you have no such practice from before. It is enough to scan your device with some trusted antivirus utility, and it will carry out the virus elimination for you. The user friendly-guide below will help you with this procedure.

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove unTabs extension virus, follow these steps:

Uninstall unTabs extension from Windows systems

If you find that unTabs is trying to install on your browser, you should close the Chrome browser by pressing the quick key combination ALT+CTRL+DEL to launch Windows Task Manager. Once on the manager window, select all running Chrome processes and click End Task to quit them.

In case the virus managed to slip through into your system, you will have to remove it manually following the guidelines below. There are two manual removal methods that can help you to delete it for good.

Method 1. Fix the problem via CMD

  1. Press down Windows Key + R to open RUN window. Type cmd into it, and then press down Control + Shift + Enter keys at the same time.
  2. Copy and paste the following commands, one line at a time, and click Enter after pasting each of them into the Command Prompt:
    • rd /S /Q “%WinDir%\System32\GroupPolicyUsers”
    • rd /S /Q “%WinDir%\System32\GroupPolicy”
    • gpupdate /force
  3. The problem should be fixed now.

Method 2. Delete the folder of the malicious extension

  1. First of all, go to Chrome Extensions tab (use instructions for Google Chrome users provided on this page ) and take a photo of the malicious extension's ID. You can copy it or write it down. 
  2. Search the Windows for Control Panel and open it. Then go to Appearance and Personalization, then to Folder Options, and finally to View tab. Select Show hidden files, folders and drives and hit OK.
  3. Now go to My Computer, then to C:/ disk, then to Users > [your computer name] > Appdata > Local > Google > Chrome > User Data > Default > Extensions.
  4. Here, find the folder that is entitled with the same ID as the malicious extension. Right-click on it, select Delete, agree. Then right-click on the Recycle bin on your desktop and select Empty Recycle bin.
  5. Now you will have to use the instructions given below to uninstall suspicious programs from your computer. After removing it via Programs and Features panel, do not forget to delete their folders hiding in C://Program Files (x86). The dangerous programs you might find on your system are called:
    • Media PlayerV1;
    • LyricsFan;
    • LyricsWoofer;
    • LyricXeeker;
    • LyricsViewer;
    • Media Player 1.1;
    • BetterSurf;
    • Allyrics;
    • Feven 1.7;
    • DownloadTerms 1.0;
    • Browse2Save;
    • SimpleLyrics;
    • WebCake 3.00;
    • Webexp Enhanced;
    • Plus-HD 1.3;
    • Video Player.

To remove unTabs extension from Windows 10/8  machines, please follow these steps:

  1. Enter Control Panel into Windows search box and hit Enter or click on the search result.
  2. Under Programs, select Uninstall a program.Uninstall from Windows 1
  3. From the list, find entries related to unTabs extension (or any other recently installed suspicious program).
  4. Right-click on the application and select Uninstall.
  5. If User Account Control shows up, click Yes.
  6. Wait till uninstallation process is complete and click OK.Uninstall from Windows 2

If you are Windows 7/XP user, proceed with the following instructions:

  1. Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
  2. In Control Panel, select Programs > Uninstall a program.Uninstall from Windows 7/XP
  3. Pick the unwanted application by clicking on it once.
  4. At the top, click Uninstall/Change.
  5. In the confirmation prompt, pick Yes.
  6. Click OK once the removal process is finished.

Erase unTabs extension from Mac OS X system

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for unTabs extension or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'

Delete unTabs extension from Internet Explorer (IE)

Remove dangerous add-ons:

  1. Open Internet Explorer, click on the Gear icon (IE menu) on the top-right corner of the browser
  2. Pick Manage Add-ons.
  3. You will see a Manage Add-ons window. Here, look for unTabs extension and other suspicious plugins. Click on these entries and select Disable.Remove add-ons from Internet Explorer

Change your homepage if it was altered:

  1. Open IE and click on the Gear icon.
  2. Select Internet Options.
  3. In the General tab, delete the Home page address and replace it by your preferred one (for example,
  4. Click Apply and then select OK.Reset IE homepage

Delete temporary files:

  1. Press on the Gear icon and select Internet Options.
  2. Under Browsing history, click Delete…
  3. Select relevant fields and press Delete.Clear temporary files from Internet Explorer

Reset Internet Explorer:

  1. Click on Gear icon > Internet options and select Advanced tab.
  2. Select Reset.
  3. In the new window, check Delete personal settings and select Reset again to complete unTabs extension removal.Reset Internet Explorer

Get rid of unTabs extension virus from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the unTabs extension-related extension and click on the Gear icon.
  3. Click on Uninstall at the bottom.Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.Clear Edge browsing data

Reset MS Edge if that above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick DeleteAdvanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -VerboseAdvanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove.Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now.Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.Reset Chromium Edge

Remove unTabs extension from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select plugins that are related to unTabs extension and click Remove.Remove extensions from Firefox

Clear cookies and site data:

  1. Click Menu and pick Options.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data, as well as Cached Web Content and press Clear.Clear cookies and site data from Firefox

In case unTabs extension did not get removed after following the instructions above, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information.Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox – this should complete unTabs extension removal.Reset Firefox 2

Eliminate unTabs extension from Google Chrome

You will banish this malware from your Google Chrome browse by following the tutorial below, so make sure you complete all the steps properly:

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to unTabs extension by clicking Remove.Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data.Clear cache and web data from Chrome

If the above-methods did not help you, reset Google Chrome to eliminate all the unTabs extension-components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings to complete unTabs extension removal.Reset Chrome 2

Uninstall unTabs extension from Safari

Remove unwanted extensions from Safari:

  1. Click Safari > Preferences…
  2. In the new window, pick Extensions.
  3. Select the unwanted extension related to unTabs extension and select Uninstall.Remove extensions from Safari

Clear cookies and other website data from Safari:

  1. Click Safari > Clear History…
  2. From the drop-down menu under Clear, pick all history.
  3. Confirm with Clear History.Clear cookies and website data from Safari

Reset Safari if the above-mentioned steps did not help you:

  1. Click Safari > Preferences…
  2. Go to Advanced tab.
  3. Tick the Show Develop menu in menu bar.
  4. From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Access your website securely from any location

When you work on the domain, site, blog, or different project that requires constant management, content creation, or coding, you may need to connect to the server and content management service more often. It is a hassle when your website is protected from suspicious connections and unauthorized IP addresses.

The best solution for creating a tighter network could be a dedicated/fixed IP address. If you make your IP address static and set to your device, you can connect to the CMS from any location and do not create any additional issues for server or network manager that need to monitor connections and activities. This is how you bypass some of the authentications factors and can remotely use your banking accounts without triggering suspicious with each login. 

VPN software providers like Private Internet Access can help you with such settings and offer the option to control the online reputation and manage projects easily from any part of the world. It is better to clock the access to your website from different IP addresses. So you can keep the project safe and secure when you have the dedicated IP address VPN and protected access to the content management system.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions

Removal guides in other languages

Your opinion regarding unTabs extension virus