WeatherStudio Toolbar and Desktop

Description:	Toolbar
Risk Level:	Low
Date of First Occurence:	Wednesday, April 23, 2008
Software Developer:	(unknown)
Brief Info:	Toolbar/adware that creates pop-ups and advertisements on an infected computer.
Removal:	This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "WeatherStudio Toolbar and Desktop"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\WeatherStudio348\bin\WeatherStudio348.dll MD5: E9A9B26388FD025E8367B13FD2421D6E Size:735744 MD5: 6B64937BBFE8FD9C6F1784CA13ED6530 Size:793088 MD5: A26760B2DC6DCE14732C1A48B11519E3 Size:799744 %PROGRAMFILES%\WeatherStudio348\WeatherStudio348Uninstall.exe MD5: B7DC0F8F29FBEFAA2E14FEA1967118A0 Size:52976 MD5: F31743EA92BF03DE0021BBC01C0E7E85 Size:73849 MD5: EF9382780855DB0CED3F26CC07CB25EC Size:47758 MD5: FB02BF1F9BF03987D322AA13D370C512 Size:53421 MD5: 5C9B569D28BE2740969144DD74B15010 Size:49066 %PROGRAMFILES%\WeatherStudio348\Setup.exe MD5: C9960AB42335E9953F859F89C9F58A26 Size:497792 MD5: C15D7C936C91C71187B3D85441D6AE92 Size:547928 %PROGRAMFILES%\WeatherStudio348\bin\IELauncher.exe MD5: D97EFB919B79B4A3925EC6621F3B5CDE Size:54856
Detected Files with variable Filenames: MD5: 8777E9F4195468B9E2A393D868B5668B Size: 32130 %ALLUSERS_APPDATA%\WeatherStudio348\U00D01A6A.exe %ALLUSERS_APPDATA%\WeatherStudio348\U00364E09.exe %ALLUSERS_APPDATA%\WeatherStudio348\U13948060.exe %ALLUSERS_APPDATA%\WeatherStudio348\U00013459.exe %ALLUSERS_APPDATA%\WeatherStudio348\U07899EBA.exe %ALLUSERS_APPDATA%\WeatherStudio348\U00040CED.exe

Detecting items list:

Files by Name %PROGRAMFILES%\WeatherStudio348\WeatherStudio348Uninstall.exe %PROGRAMFILES%\WeatherStudio348\bin\WeatherStudio348.dll %ALLUSERS_APPDATA%\WeatherStudio348\buttons\FindIt.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\FindItHot.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\findithotxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\finditxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\Highlight.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\HighlightHot.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\highlighthotxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\highlightxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\logo.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\logoxp.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\newsreadericon.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\newsreadericon_over.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\newsreadericonxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\newsreadericonxp_over.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\Reference.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\ReferenceHot.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\referencehotxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\referencexp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\Weather.bmp %ALLUSERS_APPDATA%\WeatherStudio348\buttons\weatherhotxp.png %ALLUSERS_APPDATA%\WeatherStudio348\buttons\weatherxp.png %ALLUSERS_APPDATA%\WeatherStudio348\contexts\error.xml %ALLUSERS_APPDATA%\WeatherStudio348\contexts\related.xml %ALLUSERS_APPDATA%\WeatherStudio348\contexts\Travel.xml %ALLUSERS_APPDATA%\WeatherStudio348\images\walertXP.bmp %ALLUSERS_APPDATA%\WeatherStudio348\News\all_feeds_summary.xsl %ALLUSERS_APPDATA%\WeatherStudio348\News\atom_0_3_to_rss_2_0.xsl %ALLUSERS_APPDATA%\WeatherStudio348\News\date_time.xsl %ALLUSERS_APPDATA%\WeatherStudio348\News\get_feed_format.xsl %ALLUSERS_APPDATA%\WeatherStudio348\News\rss_1_0_to_rss_2_0.xsl %ALLUSERS_APPDATA%\WeatherStudio348\News\w3cdtf_to_rfc822.xsl %ALLUSERS_APPDATA%\WeatherStudio348\SimpleUpdate\ProductMessagingConfig.xml %ALLUSERS_APPDATA%\WeatherStudio348\SimpleUpdate\ProductMessagingConfig.xml.backup %ALLUSERS_APPDATA%\WeatherStudio348\SimpleUpdate\SimpleUpdateConfig.xml %ALLUSERS_APPDATA%\WeatherStudio348\SimpleUpdate\SimpleUpdateConfig.xml.backup %ALLUSERS_APPDATA%\WeatherStudio348\SimpleUpdate\TimerManagerConfig.xml %ALLUSERS_APPDATA%\WeatherStudio348\SimpleUpdate\TimerManagerConfig.xml.backup
Files by Directories %PROGRAMFILES%\WeatherStudio348 %ALLUSERS_APPDATA%\WeatherStudio348
Files by CLSID or Name CLSID=15757333-2BCA-4B77-A807-D0955132F812 CLSID=6F45AEA2-9C81-4832-8390-7134102B8DE5 CLSID=7C2FC77A-AF76-4A75-AC16-B02A13829F34 CLSID=A7FDE125-CEBE-400E-8F4D-D2C0708B7D70 CLSID=FFDD804F-A7F8-4395-93D2-66A85DA2BDAB
Registry Keys HKCU\Software\WeatherStudio348 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherStudio348
Registry Values HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar ValueName={15757333-2BCA-4B77-A807-D0955132F812} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=WeatherStudio Desktop

« Go to Software Database

Search in Our Software Database

Browse Software Database

Latest Malware News

September 23, 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Older malware news »