What is Soso Desk?
The Malwarebytes research team has determined that Soso Desk is adware. These adware applications display advertisements not originating from the sites you are browsing.
How do I know if my computer is affected by Soso Desk?
You may see these warnings during install:
this entry in your list of installed programs:
and this icon on your desktop, in your startmenu, and in your taskbar:
These are the search box and settings screen of the program:
How did Soso Desk get on my computer?
Adware applications use different methods for distributing themselves. This particular one was bundled with other software.
How do I remove Soso Desk?
Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
- Please download Malwarebytes Anti-Malware to your desktop.
- Double-click mbam-setup-{version}.exe and follow the prompts to install the program.
- At the end, be sure a check-mark is placed next to:
Launch Malwarebytes Anti-Malware - Then click Finish.
- Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu.
- If an update is available, it will be implemented before the rest of the scanning procedure.
- When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
- Restart your computer when prompted to do so.
- No, Malwarebytes' Anti-Malware removes Soso Desk completely.
- The shortcuts called SOSO DESK on the desktop can be deleted if it belonged to the adware.
We hope our application and this guide have helped you eradicate this hijacker.
As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Soso Desk adware. It would have warned you before the adware could install itself, giving you a chance to stop it before it became too late.
Technical details for experts
Possible signs in FRST logs:
(SOSOTech) C:\Program Files (x86)\SOSO DESK\SOSODesk.exe
C:\Users\Public\Desktop\SOSO DESK.lnk
C:\Users\{username}\AppData\Roaming\begindesk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOSO DESK
C:\Program Files (x86)\SOSO DESK
SOSODesk(SOSO DESK) (HKLM-x32\...\SOSO DESK) (Version: - BYSENDA TECHNOLOGY LIMITED)
() C:\Program Files (x86)\SOSO DESK\Net.dll
() C:\Program Files (x86)\SOSO DESK\pcre.dllAlterations made by the installer:
File system details [View: All details] (Selection)
---------------------------------------------------
Adds the folder C:\Program Files (x86)\SOSO DESK
Adds the file ChromeExtInstaller.exe"="8/15/2015 10:10 AM, 473216 bytes, A
Adds the file ChromeExtUninstaller.exe"="8/15/2015 10:10 AM, 351360 bytes, A
Adds the file iComLib.dll"="8/15/2015 10:10 AM, 56448 bytes, A
Adds the file msvcp100.dll"="8/15/2015 10:10 AM, 420992 bytes, A
Adds the file msvcp120.dll"="8/15/2015 10:10 AM, 445056 bytes, A
Adds the file msvcr100.dll"="8/15/2015 10:10 AM, 773760 bytes, A
Adds the file msvcr120.dll"="8/15/2015 10:10 AM, 960640 bytes, A
Adds the file Net.dll"="8/15/2015 10:10 AM, 1046656 bytes, A
Adds the file pcre.dll"="8/15/2015 10:10 AM, 279168 bytes, A
Adds the file remember.db"="8/15/2015 10:10 AM, 0 bytes, A
Adds the file rlz_id.dll"="8/15/2015 10:10 AM, 105088 bytes, A
Adds the file SOSODesk.exe"="8/15/2015 10:10 AM, 1717888 bytes, A
Adds the file SoSoDesk-Search_v1.0.1.crx"="8/15/2015 10:10 AM, 29451 bytes, A
Adds the file SoSoDesk-Search_v1.0.2.1.crx"="8/15/2015 10:10 AM, 28905 bytes, A
Adds the file SoSoDesk-Search_v1.0.2.2.crx"="8/15/2015 10:10 AM, 29276 bytes, A
Adds the file SoSoDesk-Search_v1.0.2.3.crx"="8/15/2015 10:10 AM, 29391 bytes, A
Adds the file SoSoDesk-Search_v1.0.3.1.crx"="8/15/2015 10:10 AM, 28938 bytes, A
Adds the file SoSoDesk-Search_v1.0.3.2.crx"="8/15/2015 10:10 AM, 29281 bytes, A
Adds the file SoSoDesk-Search_v1.0.3.3.crx"="8/15/2015 10:10 AM, 29410 bytes, A
Adds the file uninstall.exe"="8/15/2015 10:10 AM, 204928 bytes, A
Adds the file wke.dll"="8/15/2015 10:10 AM, 9796736 bytes, A
Adds the folder C:\Program Files (x86)\SOSO DESK\Images\common
Adds the file Calculator.png"="8/15/2015 10:10 AM, 1320 bytes, A
Adds the file url.png"="8/15/2015 10:10 AM, 2513 bytes, A
Adds the folder C:\Program Files (x86)\SOSO DESK\Images\operate
Adds the file admin.png"="8/15/2015 10:10 AM, 2152 bytes, A
Adds the file copy.png"="8/15/2015 10:10 AM, 862 bytes, A
Adds the file openfolder.png"="8/15/2015 10:10 AM, 1150 bytes, A
Adds the file openfoldershortcut.png"="8/15/2015 10:10 AM, 1341 bytes, A
Adds the file property.png"="8/15/2015 10:10 AM, 1148 bytes, A
Adds the file run.png"="8/15/2015 10:10 AM, 1712 bytes, A
Adds the folder C:\Program Files (x86)\SOSO DESK\Images\websearch
Adds the file baidu.png"="8/15/2015 10:10 AM, 2174 bytes, A
Adds the file google.png"="8/15/2015 10:10 AM, 2126 bytes, A
Adds the file wiki.png"="8/15/2015 10:10 AM, 3342 bytes, A
Adds the folder C:\Program Files (x86)\SOSO DESK\Skins
Adds the file about.xml"="10/4/2328 10:53 PM, 2372 bytes, A
Adds the file bk_error.png"="10/4/2328 10:53 PM, 4697 bytes, A
Adds the file bk_success.png"="10/4/2328 10:53 PM, 2691 bytes, A
Adds the file bk_wrong.png"="10/4/2328 10:53 PM, 5270 bytes, A
Adds the file BT_CLOSE.png"="10/4/2328 10:53 PM, 4472 bytes, A
Adds the file button_disable.png"="10/4/2328 10:53 PM, 1046 bytes, A
Adds the file button_down.png"="10/4/2328 10:53 PM, 1038 bytes, A
Adds the file button_hover.png"="10/4/2328 10:53 PM, 1053 bytes, A
Adds the file button_normal.png"="10/4/2328 10:53 PM, 1075 bytes, A
Adds the file captruebtn.png"="10/4/2328 10:53 PM, 1118 bytes, A
Adds the file check_disable.png"="10/4/2328 10:53 PM, 1022 bytes, A
Adds the file check_down.png"="10/4/2328 10:53 PM, 1022 bytes, A
Adds the file check_hover.png"="10/4/2328 10:53 PM, 1022 bytes, A
Adds the file check_normal.png"="10/4/2328 10:53 PM, 1022 bytes, A
Adds the file checked_disable.png"="10/4/2328 10:53 PM, 1074 bytes, A
Adds the file checked_down.png"="10/4/2328 10:53 PM, 1074 bytes, A
Adds the file checked_hover.png"="10/4/2328 10:53 PM, 1074 bytes, A
Adds the file checked_normal.png"="10/4/2328 10:53 PM, 1074 bytes, A
Adds the file closebtn.png"="10/4/2328 10:53 PM, 1468 bytes, A
Adds the file closebtn_error.png"="10/4/2328 10:53 PM, 4021 bytes, A
Adds the file closebtn_success.png"="10/4/2328 10:53 PM, 2216 bytes, A
Adds the file closebtn_wrong.png"="10/4/2328 10:53 PM, 4031 bytes, A
Adds the file DirsItem.xml"="10/4/2328 10:53 PM, 476 bytes, A
Adds the file list_header_bg.png"="10/4/2328 10:53 PM, 13089 bytes, A
Adds the file localbtn.png"="10/4/2328 10:53 PM, 345 bytes, A
Adds the file logo128.png"="10/4/2328 10:53 PM, 19133 bytes, A
Adds the file logo24.png"="10/4/2328 10:53 PM, 2667 bytes, A
Adds the file logo32.png"="10/4/2328 10:53 PM, 3512 bytes, A
Adds the file main.xml"="10/4/2328 10:53 PM, 4395 bytes, A
Adds the file minbtn.png"="10/4/2328 10:53 PM, 234 bytes, A
Adds the file minbtn.png2"="10/4/2328 10:53 PM, 234 bytes, A
Adds the file morebtn.png"="10/4/2328 10:53 PM, 288 bytes, A
Adds the file musicbtn.png"="10/4/2328 10:53 PM, 873 bytes, A
Adds the file navbtn.png"="10/4/2328 10:53 PM, 775 bytes, A
Adds the file netbtn.png"="10/4/2328 10:53 PM, 2744 bytes, A
Adds the file openbtn.png"="10/4/2328 10:53 PM, 666 bytes, A
Adds the file progress.png"="10/4/2328 10:53 PM, 127 bytes, A
Adds the file ResultItem.xml"="10/4/2328 10:53 PM, 1996 bytes, A
Adds the file sepline.png"="10/4/2328 10:53 PM, 158 bytes, A
Adds the file setting.xml"="10/4/2328 10:53 PM, 7458 bytes, A
Adds the file setting_tab_hot.png"="10/4/2328 10:53 PM, 321 bytes, A
Adds the file setting_tab_select.png"="10/4/2328 10:53 PM, 181 bytes, A
Adds the file settingbtn.png"="10/4/2328 10:53 PM, 1283 bytes, A
Adds the file shadow.png"="10/4/2328 10:53 PM, 3382 bytes, A
Adds the file stickbtn.png"="10/4/2328 10:53 PM, 1937 bytes, A
Adds the file tooltipdlg.xml"="10/4/2328 10:53 PM, 1009 bytes, A
Adds the file tray.xml"="10/4/2328 10:53 PM, 791 bytes, A
Adds the file vscrollbar.png"="10/4/2328 10:53 PM, 3255 bytes, A
Adds the file webframe.xml"="10/4/2328 10:53 PM, 505 bytes, A
Adds the folder C:\Program Files (x86)\SOSO DESK\Skins\soso desk\install
Adds the file bg.png"="8/15/2015 10:10 AM, 2199 bytes, A
Adds the file check_hover.png"="8/15/2015 10:10 AM, 1083 bytes, A
Adds the file check_normal.png"="8/15/2015 10:10 AM, 1073 bytes, A
Adds the file check_press.png"="8/15/2015 10:10 AM, 1073 bytes, A
Adds the file close_default.png"="8/15/2015 10:10 AM, 1062 bytes, A
Adds the file close_over.png"="8/15/2015 10:10 AM, 1077 bytes, A
Adds the file close_pressed.png"="8/15/2015 10:10 AM, 1077 bytes, A
Adds the file install_btn_dir_hover.png"="8/15/2015 10:10 AM, 1220 bytes, A
Adds the file install_btn_dir_normal.png"="8/15/2015 10:10 AM, 1225 bytes, A
Adds the file install_btn_hover.png"="8/15/2015 10:10 AM, 1065 bytes, A
Adds the file install_btn_normal.png"="8/15/2015 10:10 AM, 1065 bytes, A
Adds the file install_btn_press.png"="8/15/2015 10:10 AM, 1065 bytes, A
Adds the file logo.png"="8/15/2015 10:10 AM, 17837 bytes, A
Adds the file uncheck_hover.png"="8/15/2015 10:10 AM, 1028 bytes, A
Adds the file uncheck_normal.png"="8/15/2015 10:10 AM, 1028 bytes, A
Adds the file uncheck_press.png"="8/15/2015 10:10 AM, 1017 bytes, A
Adds the folder C:\Program Files (x86)\SOSO DESK\Skins\soso desk\uninstall
Adds the file close_default.png"="8/15/2015 10:10 AM, 1062 bytes, A
Adds the file close_over.png"="8/15/2015 10:10 AM, 1077 bytes, A
Adds the file close_pressed.png"="8/15/2015 10:10 AM, 1077 bytes, A
Adds the file install_btn_hover.png"="8/15/2015 10:10 AM, 1065 bytes, A
Adds the file install_btn_normal.png"="8/15/2015 10:10 AM, 1065 bytes, A
Adds the file install_btn_press.png"="8/15/2015 10:10 AM, 1065 bytes, A
Adds the file logo.png"="8/15/2015 10:10 AM, 17837 bytes, A
Adds the file logo2.png"="8/15/2015 10:10 AM, 15771 bytes, A
Adds the file uninstall_btn_hover.png"="8/15/2015 10:10 AM, 1064 bytes, A
Adds the file uninstall_btn_normal.png"="8/15/2015 10:10 AM, 1064 bytes, A
Adds the file uninstall_btn_press.png"="8/15/2015 10:10 AM, 1064 bytes, A
Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOSO DESK
Adds the file SOSO DESK.lnk"="8/2/2016 9:45 AM, 1846 bytes, A
Adds the file uninstall.lnk"="8/2/2016 9:45 AM, 1853 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngonapoolfjcgjmcifdeebfhmkdehkej\1.0.3.3_0
Adds the file manifest.json"="4/13/2016 4:45 PM, 1109 bytes, A
Adds the file newtab.html"="2/3/2016 3:11 PM, 394 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngonapoolfjcgjmcifdeebfhmkdehkej\1.0.3.3_0\_metadata
Adds the file verified_contents.json"="4/13/2016 4:45 PM, 1864 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngonapoolfjcgjmcifdeebfhmkdehkej\1.0.3.3_0\images
Adds the file icon128.png"="1/29/2016 4:51 PM, 19133 bytes, A
Adds the file icon16.png"="1/29/2016 4:51 PM, 1858 bytes, A
Adds the file icon48.png"="1/29/2016 4:51 PM, 5698 bytes, A
Adds the folder C:\Users\{username}\AppData\Roaming\begindesk
Adds the file qidiancfg.db"="8/2/2016 9:45 AM, 451 bytes, A
In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
Adds the file SOSO DESK.lnk"="8/2/2016 9:45 AM, 1852 bytes, A
In the existing folder C:\Users\Public\Desktop
Adds the file SOSO DESK.lnk"="8/2/2016 9:45 AM, 1828 bytes, A
Registry details [View: All details] (Selection)
------------------------------------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.baidu.antivirus]
"(Default)"="REG_SZ", "C:\Users\{username}\AppData\Local\Temp\~13setup\source\setup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SOSO DESK]
"DisplayIcon"="REG_SZ", "C:\Program Files (x86)\SOSO DESK\uninstall.exe"
"DisplayName"="REG_SZ", "SOSODesk(SOSO DESK)"
"InstallLocation"="REG_SZ", "C:\Program Files (x86)\SOSO DESK"
"pgtype"="REG_DWORD", 3
"ProductVersion"="REG_SZ", "1.1.0.0"
"publisher"="REG_SZ", "BYSENDA TECHNOLOGY LIMITED"
"UninstallString"="REG_SZ", "C:\Program Files (x86)\SOSO DESK\uninstall.exe"
Malwarebytes Anti-Malware log:Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/2/2016
Scan Time: 10:03 AM
Logfile: mbamSosoDesk.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.08.02.03
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Enabled
Self-protection: Enabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316243
Time Elapsed: 8 min, 9 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\SOSODesk.exe, 3300, Delete-on-Reboot, [75d6ae98b0ea8ea86f1016c1b44d0000]
Modules: 2
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\Net.dll, Delete-on-Reboot, [b39858ee8c0e12244c34ffd8ec15e61a],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\pcre.dll, Delete-on-Reboot, [f952bb8b920885b19de3af28f40d8977],
Registry Keys: 1
Adware.SoSo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SOSO DESK, Quarantined, [51fab5912575b284cbb35186bf42f907],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 8
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\SOSODesk.exe, Delete-on-Reboot, [75d6ae98b0ea8ea86f1016c1b44d0000],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\Net.dll, Delete-on-Reboot, [b39858ee8c0e12244c34ffd8ec15e61a],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\pcre.dll, Delete-on-Reboot, [f952bb8b920885b19de3af28f40d8977],
Adware.SoSo, C:\Users\{username}\Desktop\soso_1.1.0.14.exe, Quarantined, [b695a5a1039745f1bc881c403ac60bf5],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\ChromeExtInstaller.exe, Quarantined, [63e885c1772357df6b156b6c39c87b85],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\ChromeExtUninstaller.exe, Quarantined, [b19a8abc643681b5a7d9686f2fd208f8],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\rlz_id.dll, Quarantined, [bf8c5ee8c0daf6409ee2fdda40c17e82],
Adware.SoSo, C:\Program Files (x86)\SOSO DESK\uninstall.exe, Quarantined, [51fab5912575b284cbb35186bf42f907],
Physical Sectors: 0
(No malicious items detected)
(end)As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.We use different ways of protecting your computer(s):
- Dynamically Blocks Malware Sites & Servers
- Malware Execution Prevention
Back to top
Sign In
Create Account
