SOSO Toolbar

SOSO Toolbar is a toolbar that makes unwanted changes browser, such as reconfiguring browserâs search settings. It tracks browsing and search queries. It displays contextually relevant search results and ads.

General information:

Malware Name:	SOSO Toolbar
Malware Type:	Toolbar
Company Name:	TENCENT Inc
Company URL:	http://toolbar.soso.com/
Threat Level:	Elevated Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation

Company Description:

TENCENT Inc provides you the software SOSO Toolbar that is so easy and cool. It is a variant of Chinese origin.

Spyware Description:

Characteristics/Symptoms:

-> It adds a toolbar to the web browser. -> It has a search function and provides search results for paid advertisers. -> It tracks browsing and search queries. -> It displays contextually relevant search results and ads.

Additional information might be found here:

	Search at Google for SOSO Toolbar
	Search at Bing for SOSO Toolbar
	Search at Yahoo for SOSO Toolbar

Processes Running:

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Program Files\TENCENT\Sosobar\Data.ini	138	Configuration Settings
C:\Program Files\TENCENT\Sosobar\htmls\logo.gif	2808	GIF Image
C:\Program Files\TENCENT\Sosobar\htmls\logo_text.gif	673	GIF Image

Folder information Created after Installation:

Folder Location
C:\Program Files\TENCENT\Sosobar\html

Registry information Created after Installation:

Main Registry Key	Sub Registry Key	Key Value Name
HKEY_LOCAL_MACHINE	\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F776AD93-F51B-412E-82B2-A8B389546C61}
HKEY_LOCAL_MACHINE	\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sosobar
HKEY_LOCAL_MACHINE	\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sosobar	DisplayIcon