Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Wednesday, June 23, 2010

Remove Tango Toolbar (Free Removal)

Tell your friends:
Tango Toolbar is a piece of malware which is spammed mostly on peer-to-peer file sharing networks. Infection route is download of a tainted media file or cracked software. Tango Toolbar claims that it has a pop-up blocker, a built in search function and inline related keywords search. Usually, users don't know where did they get this toolbar from and can't uninstall it from their computers. TangoToolbar may redirect you to misleading websites full of advertisements or display various pop-ups while browsing the web. It goes without saying that you should remove Tango Toolbar from your computer as soon as possible. By the way, this toolbar is not related to marketing company called Brand Tango. The toolbar is attempting to mislead people by sending them to a domain which belongs to Brand Tango (tangosearch(dot)com).

Unfortunately, you won't be able to remove Tango Toolbar with the option of the Control Panel of Windows. If you find that your computer is infected with this toolbar, please use the anti-malware programs listed below. Please note that you may have to use two or more anti-malware programs to completely remove this malware from your computer. If you have any questions or additional information about this toolbar, don't hesitate and leave a comment. Good luck and be safe.

Tango Toolbar removal instructions
Download at least one anti-malware program from the list below and run a full system scan.

NOTE: before saving the selected program onto your computer, please rename the installer to winlogon.exe or iexplore.exe.With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

Tango Toolbar associated files and registry values:

Windows XP
  • C:\Documents and Settings\[UserName]\Application Data\Microsoft\Windows\jnipmo.exe
  • C:\Documents and Settings\[UserName]\Application Data\Gabpath\Gabpath.exe
Windows Vista & Windows 7
  • C:\Users\[UserName]\AppData\Roaming\Microsoft\Windows\jnipmo.exe
  • C:\Users\UserName]\AppData\Roaming\GabPath\GabPath.exe
Registry values:
  • HKEY_USERS\S-1-5-21-2333105494-1048492065-1185645942-1006\Software\Microsoft\Windows\CurrentVersion Run "SfKg6wIPuSp"
  • HKEY_USERS\S-1-5-21-2333105494-1048492065-1185645942-1006\Software\Microsoft\Windows\CurrentVersion Run "GabPath"
Share this information with other people: 


Smartik1 said...

pretty accurate however have a few modifications

1. spybot search & destroy doesnt remove this completely
2. the filename listed as "C:\Users\[UserName]\AppData\Roaming\Microsoft\Windows\jnipmo.exe" actually varies, could be anything, however it is the only exe in that folder and you can check the date created on it to be sure its the right one (same date as when you start getting spam)
3. an alternative to registry keys is to run msconfig and uncheck the processess from startup