StatWin Pro

Spyware.StatWin is a spyware program that monitors user’s activity. It also monitors instant message conversations, Web sites visited, and programs used. It will then capture screen shots periodically.0

General information:

Malware Name:	StatWin Pro
Malware Type:	Spyware
Company Name:	SXR Software
Company URL:	http://www.sxrsoft.com/
Threat Level:	High Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation

Company Description:

SXR Software provides the software name StatWin for the security of our PC. StatWin software is designed to collect, store and analyze the statistics of computer operation and user activities under Windows 95/98/ME/NT/2000/XP. StatWin software provides a comprehensive computer monitoring and user monitoring.

Spyware Description:

Spyware.StatWin is a spyware program that monitors user’s activity. It also monitors instant message conversations, Web sites visited, and programs used. It will then capture screen shots periodically.0

Characteristics/Symptoms:

    -> Run in stealth mode -> Monitor and capture data from computers -> Starts with the operating system -> Intercepts keystrokes from the keyboard and records them in a log0

Additional information might be found here:

	Search at Google for StatWin Pro
	Search at Bing for StatWin Pro
	Search at Yahoo for StatWin Pro

Processes Running:

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Program Files\SXR Software\StatWin Pro\SWbdref.dat	58	DAT File
C:\Program Files\SXR Software\StatWin Pro\swcalend.exe	389120	Application
C:\Program Files\SXR Software\StatWin Pro\swhelp.cnt	777	CNT File

Folder information Created after Installation:

Folder Location
C:\Program Files\SXR Software
C:\Program Files\SXR Software\StatWin Pro\SWskins

Registry information Created after Installation: