GO TO: Summary | Removal

Classification

Category: Malware

Type: Backdoor

Aliases: Dewin, Backdoor.Dewin

Summary


Dewin is a backdoor that can be used by an attacker to install unwanted programs from a website to the victim machine. When started it copies itself to Windows Directory as 'Winreg.exe'. This copy of the file is added to the registry as

'HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SystemReg'

Removal


- Locate and remove the registry key

'HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SystemReg'

- Reboot the machine

- Instruct F-Secure Anti-Virus to delete the infected file

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.