Home Malware Programs Trackware ASObserver

ASObserver

Posted: March 28, 2006

ASObserver is a commercial PC surveillance application that captures screenshots of user activity at specified time intervals. It stores taken screenshots on the compromised PC. ASObserver must be manually installed. The application runs on every Windows startup.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 aso.exe
    2 aso.ini

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERSoftwareMildwareASOHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunASOHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallASO
Loading...