Browser Redirect

How to remove Handy Tab “Virus” (April 2019 Update)

This page aims to help you remove Handy Tab. Our removal instructions work for Chrome, Firefox and Internet Explorer, as well as every version of Windows.

Browser hijackers can be pretty annoying at times and sometimes it seems like we just can’t quite get rid of them when we appear. The same is also true for a hijacker called Handy Tab, which we’ve been receiving complaints about from a number of our readers. Just like the majority of programs in this category, Handy Tab integrates with your Chrome, Firefox, Edge, Opera or other favorite browser and changes its homepage and often also sets a different default search engine. Furthermore, programs of this type also have the tendency to initiate seemingly random page redirects out of the blue without even asking for your permission. And all those invasive popups, banners and various other online ads that are constantly plastered on your screen can certainly also get on your nerves. But no matter how hard you try to reset the settings of your browser, the ones set by Handy Tab still just keep magically reinstating themselves. Luckily, if you remove all of the components of this browser hijacker from your system, you will be able to restore your settings quickly and effortlessly. And we can show you how to do that in the removal guide below.

But first, a few words about browser hijackers and Handy Tab

There are a lot of misconceptions regarding this particular software type. For example, the most common one is that browser hijackers are actually a type of virus. Thankfully, that’s not at all the case and we’re happy to say that you aren’t dealing with a malicious program at this point. That doesn’t necessarily mean that you would want to have Handy Tab around, though. There are a number of ways, in which software of this type can actually expose you to malware and other threats or unpleasant effects and we want you to be aware of those.

For one, it’s important to first know what exactly browser hijackers do. They exist for the purpose of advertising certain products and services and generate profit in doing so. For this reason, they aim to deliver as many ads to your screen as possible and get you to interact with as many of them as you can. For this purpose, programs like these often employ different techniques that users are mainly not aware of and would normally also disapprove of. One of them is browsing data gathering. In other words, programs like this can monitor your browsing patterns and collect certain information that has to do with your browsing preferences. For example, this most commonly includes the type of things you search for online, as well as the websites you like visiting most, etc. Even certain aspects of your social media activity can be subject to analysis. And all of this information is then used to optimize the display of online ads on each user’s screen, individually. Therefore, you can end up being exposed to more ads that you may potentially be interested in. And as a result of that, you may end up interacting with a larger number of those online ads.

Handy Tab Removal

If you are a Windows user, continue with the guide below.

If you are a Mac user, please use our How to remove Ads on Mac guide.

If you are an Android user, please use our Android Malware Removal guide.


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).



Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab (the “Details” Tab on Win 8 and 10). Try to determine which processes are dangerous. 


Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 


Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.


Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Open the start menu and search for Network Connections (On Windows 10 you just write it after clicking the Windows button), press enter.

  1. Right-click on the Network Adapter you are using —> Properties —> Internet Protocol Version 4 (ICP/IP), click  Properties.
  2. The DNS line should be set to Obtain DNS server automatically. If it is not, set it yourself.
  3. Click on Advanced —> the DNS tab. Remove everything here (if there is something) —> OK.



  • After you complete this step, the threat will be gone from your browsers. Finish the next step as well or it may reappear on a system reboot.

Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).


Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512  Remove Handy Tab from Internet Explorer:

Open IE, click  IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove Handy Tab from Firefox:

Open Firefoxclick  mozilla menu  ——-> Add-ons —-> Extensions.

pic 6

Find the adware/malware —> Remove.
chrome-logo-transparent-backgroundRemove Handy Tab from Chrome:

Close Chrome. Navigate to:

 C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.


Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random


However, those constant page redirects and all the ads that lead to various web locations could potentially put you at risk of contracting real malware, like Trojan horse viruses or even ransomware. The thing is that nobody can vouch for the safety of all those web locations. And while this doesn’t necessarily have to be the case, it’s still a risk you’d rather not take. So, with this in mind, it’s best to simply get rid of Handy Tab of avoid clicking on any of the links, popups, banners and box messages it displays. As pointed out, the below guide can help in achieving that.

And once you have, it will be up to you to make sure that you avoid future infections of this type. As they most often happen as a result of installing software without paying too much attention to the setup, be sure to always customize the installation process of new programs. You can do this by utilizing the Advanced or Manual installation options. Usually, that will be enough to provide you with information regarding any added programs or features. And more importantly, this will also provide you with the possibility to leave any unwanted components out of the installation process.


Name Handy Tab
Type Browser Hijacker
Danger Level Medium (nowhere near threats like Ransomware, but still a security risk)
Symptoms Large quantities of online ads, a change in the browser’s normal homepage and default search engine, frequent page redirects, etc.
Distribution Method Is mostly installed alongside other software, when not enough attention is paid to the installation process. 
Detection Tool

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you’ll need to purchase the full version. More information about SpyHunter and steps to uninstall.

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!

Leave a Comment