Hoax.Win32.ExpProc.aanm

Hoax.Win32.ExpProc.aanm is a backdoor Trojan that alters the Windows Registry to disable a variety of security features, as well as tamper with your browser settings. Other attributes of a Hoax.Win32.ExpProc.aanm infection may vary due to configuration information and other files that may be provided by remote attackers. However, SpywareRemove.com malware researchers have found that even Hoax.Win32.ExpProc.aanm's limited baseline behavior is sufficiently malignant to deem Hoax.Win32.ExpProc.aanm a serious threat to your computer's safety, since its attacks can allow remote access to the system or enable the installation of additional harmful programs. Although you may be able to detect Hoax.Win32.ExpProc.aanm without assistance, deleting Hoax.Win32.ExpProc.aanm should use the help of an appropriate anti-malware product to insure that Registry changes and similar system alterations are erased.

Reasons to Not Underestimate Hoax.Win32.ExpProc.aanm's Unsubtle Assault

SpywareRemove.com malware research team hasn't found any signs that Hoax.Win32.ExpProc.aanm uses concealment strategies to hide its memory process, which is common to many other backdoor Trojans such as Trojan-PWS.Win32.Bjlog, Backdoor.Ciadoor!rem, Trojan.Win32.Chifrax.a and Backdoor:Win32/Poison.M. Although you may be able to notice Hoax.Win32.ExpProc.aanm's independent memory process (usually a randomized, three-letter .exe file) in Task Manager, there's no guarantee that any given variant of Hoax.Win32.ExpProc.aanm will allow you to shut Hoax.Win32.ExpProc.aanm down.

In spite of not hiding its presence, Hoax.Win32.ExpProc.aanm will make attacks on your PC that may be difficult to notice unless you habitually browse through your Windows Registry:

• Hoax.Win32.ExpProc.aanm will make alterations to a variety of programs, especially Internet Explorer, which allows Hoax.Win32.ExpProc.aanm to weaken your browser's security, hijack it or even disable it at will.
• Hoax.Win32.ExpProc.aanm will disable two features that are provided by Microsoft Security Center by default: firewall functions and anti-virus functions. This change causes your PC to be extremely vulnerable to being attacked by other Trojans or by additional actions that are undergone by Hoax.Win32.ExpProc.aanm itself.
• Another significant alteration that Hoax.Win32.ExpProc.aanm makes through your Registry is to change the functionality of certain file types such as .exe files. Hoax.Win32.ExpProc.aanm may prevent these files from running, force them to run in a less secure mode or otherwise force files to behave maliciously towards your PC.

Watching Out for Hoax.Win32.ExpProc.aanm's Follow-Through

Most backdoor Trojans that SpywareRemove.com malware researchers have examined are flexible enough to contain a variety of extra functions, and Hoax.Win32.ExpProc.aanm isn't an exception to that rule. Other probable threats that may be presented by Hoax.Win32.ExpProc.aanm are delineated below:

• Hoax.Win32.ExpProc.aanm may be configured to download and install other types of malicious applications, such as Advanced Spyware Detector, P2P-Worm.Win32.SpyBot.pxk, Antivirus Clean 2011 or Trojan.Ransomlock.H. Spyware, rogue security programs, other Trojans, worms, viruses and even rootkits are all among the possibilities that Hoax.Win32.ExpProc.aanm may use to damage your PC.
• The security-ravaging behavior of Hoax.Win32.ExpProc.aanm may even go one step further by disabling programs that are used for security and system safety, such as Task Manager, Registry Editor, MSConfig, anti-virus scanners and various firewalls.

You can delete Hoax.Win32.ExpProc.aanm with an appropriately-powerful anti-malware scanner, but it's advisable to install any updates that are required before you initiate a scan to track down Hoax.Win32.ExpProc.aanm. As of early August 2011, Hoax.Win32.ExpProc.aanm is still a newly-emergent PC threat and may avoid being removed by out-of-date security scanners.

Technical Details