Automatic Screen Observer
Automatic Screen Observer is an application which captures screenshots at specified intervals. These screenshots are stored on the computer and can be accessed at a later time. The application can be configured to start recording silently on start
up. It includes high risk threats that are typically installed without user interaction through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate,
disable security software, modify system files, and install additional malware.0
General information:
| Malware Name: |
Automatic Screen Observer |
| Malware Type: |
Spyware |
| Company Name: |
Mildware |
| Company URL: |
http://mildware.fromru.com
|
| Threat Level: |
High |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Mildware provides high quality software such as Beyond Your Desktop v1.03, Blue Mess v1.0, Dangerous Space Travel v1.03, WinAssistant v1.02, Automatic Screen Observer etc. Automatic Screen Observer is a unique program that lets us to monitor all the
activities performed on our computer. This is done by capturing the screen in the specified periods of time. All those images together with top window titles are placed in a special binary data file. If we want to see the report, we simply click on
the 'Generate HTML Report' item in the main menu and Automatic Screen Observer creates an html report from that binary file including the following information: - Date and time when the capture was made. - The title of the top window. - The
capture of either the whole screen, or the top window. Viewing this report will give the detailed information about what kind of job was made on our computer.
Spyware Description:
Automatic Screen Observer is an application which captures screenshots at specified intervals. These screenshots are stored on the computer and can be accessed at a later time. The application can be configured to start recording silently on start
up. It includes high risk threats that are typically installed without user interaction through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate,
disable security software, modify system files, and install additional malware.0
Characteristics/Symptoms:
-> Ability to scan systems -> Monitor activity -> Relay information to another computer or locations in cyber-space -> Negatively affect the performance and stability of the system0
Additional information might be found here:
Processes Running:
aso.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Mildware\ASO\Help.chm |
34570 |
Compiled HTML Help file |
| C:\Program Files\Mildware\ASO\aso.exe |
366080 |
Application |
| C:\Program Files\Mildware\ASO\data.raw |
9 |
RAW File |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Mildware\ASO |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallASO |
DisplayIcon |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallASO |
DisplayName |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASO |
UninstallString |
