WeatherStudio is a spyware program disguised as a toolbar add-on for your browser.  It was first discovered on Thursday, December 27 of 2007.  It is distributed by Weather Studio and is powered by the web server, http://try.weatherstudio.com/.  This website is currently shut down, but it is not indicative of the company going out of business or the removal of the WeatherStudio threat.  In fact, you when you enter this site in a search, you get redirected to starware.com, a known spyware vendor site.

WeatherStudio is installed on your computer manually or as part of a freeware bundle supported by advertisements.  It displays pop-up advertising from its affiliate websites.  It can also place a banner ad at the bottom of your browser screen.

It has been known to reset your home page, redirect searches, deliver pop-up ads, and monitor your browsing history.  It also downloads other spyware and adware programs on your computer.

The activity of WeatherStudio can seriously slow down your computer’s performance.  It can also potentially cause your Internet browser to freeze or crash.  Any supposed benefits it offers are not worth compromising the functionality of your computer.  Specifically, it displays the weather according to your zip code, but it also includes a number of unrelated links leading to its affiliate websites.

If you are infected with this program, you should remove it immediately with SpyZooka.  While there are other means to remove WeatherStudio, SpyZooka has proven to consistently and completely remove this threat from your computer.

Also Known As:
WeatherStudio Toolbar
Adware.Win32/comet.bo (Kaspersky)
Adware.WeatherStudio
Weather Studio Toolbar

Adware Type:
Toolbar
Browser Hijacker
Trojan Downloader
Data Miner

Associated Files:
[%COMMON_PROGRAMS%]\WeatherStudio Desktop.lnk
[%PROGRAM_FILES%]\WeatherStudio348\bin\WeatherStudio348.dll
[%PROGRAM_FILES%]\WeatherStudio348\icons\1524_icon.ico
[%PROGRAM_FILES%]\WeatherStudio348\WeatherStudio348Config.xml
[%PROGRAM_FILES%]\WeatherStudio348\WeatherStudio348Uninstall.exe
HKEY_CLASSES_ROOT\clsid\{15757333-2bca-4b77-a807-d0955132f812}
HKEY_CLASSES_ROOT\clsid\{6f45aea2-9c81-4832-8390-7134102b8de5}
HKEY_CLASSES_ROOT\clsid\{7c2fc77a-af76-4a75-ac16-b02a13829f34}\implemented categories
HKEY_CLASSES_ROOT\clsid\{a7fde125-cebe-400e-8f4d-d2c0708b7d70}\implemented categories
HKEY_CLASSES_ROOT\clsid\{ffdd804f-a7f8-4395-93d2-66a85da2bdab}
HKEY_CURRENT_USER\software\weatherstudio348
HKEY_CURRENT_USER\software\weatherstudiodesktop
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6f45aea2-9c81-4832-8390-7134102b8de5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ffdd804f-a7f8-4395-93d2-66a85da2bdab}
HKEY_CLASSES_ROOT\clsid\{7c2fc77a-af76-4a75-ac16-b02a13829f34}\inprocserver32, threadingmodel=apartment=
HKEY_CLASSES_ROOT\clsid\{a7fde125-cebe-400e-8f4d-d2c0708b7d70}\inprocserver32, threadingmodel=apartment=
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar, {15757333-2bca-4b77-a807-d0955132f812}=weatherstudio toolbar=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run, weatherstudio desktop==
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\weatherstudio348, displayicon=[%PROGRAM_FILES%]\weatherstudio348\icons\1524_icon.ico=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\weatherstudio348, displayname=weatherstudio toolbar and desktop=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\weatherstudio348, helplink=http://files.weatherstudio.com/pl/weatherstudio/4.5/faq.html=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\weatherstudio348, uninstallstring=[%PROGRAM_FILES%]\weatherstudio348\weatherstudio348uninstall.exe=