Troj/Opwin-11 is a backdoor Trojan. When the Trojan server is running on a computer, the computer is vulnerable to unauthorised access attacks from network locations.
In order to gain access to the infected computer an attacker has to run the Trojan client program. The server program is copied to the file C:\Windows\scanregw..exe and a value named "ScanRegistry-" is added to the following registry key which points to this copy:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Troj/Opwin-11 adds the line "load=C:\WINDOWS\SCANREGW..EXE" to the file win.ini and the line "shell=Explorer.exe C:\Windows\Scanregw..exe" to the file system.ini.
All three of these modifications can start the server when the victim's computer is rebooted.