Troj/Inject-VI

Troj/Inject-VI is a Trojan horse that's distributed via spam e-mail messages. Current Troj/Inject-VI e-mail templates portray themselves as fake hotel reservation messages that include Troj/Inject-VI as a file attachment. As a recently-identified PC threat, Troj/Inject-VI's full capabilities haven't yet been analyzed, although Trojans that are similar to Troj/Inject-VI have been known to install other forms of harmful software or create significant security vulnerabilities on infected PCs. If you've had any contact with file attachments from e-mail messages like the above example, SpywareRemove.com malware researchers suggest deleting Troj/Inject-VI via thorough anti-malware scans, since Troj/Inject-VI may use code-injection techniques to conceal itself and complicate its removal.

Troj/Inject-VI: Humbly Arriving in Your Mailbox with the Worst of Intentions

Like Trojans such as Win32/Cbeplay.P, Troj/Bredo-RK or IRCbot.CPH, Troj/Inject-VI uses fraudulent e-mail messages for its primary means of propagation. Troj/Inject-VI's e-mail scam of choice is that of a fake Booking.com reservation; since this reservation implies a corresponding charge to your credit card or bank account, victims are likely to panic and open the attached file without any further hesitations. However, the enclosed file that supposedly displays 'reservation details' is just an installer for the Trojan Troj/Inject-VI. Since reputable websites and companies, including Booking.com, explicitly avoid sending e-mail file attachments due to such security risks, SpywareRemove.com malware researchers note that you can safely delete any such spam e-mail immediately to protect your PC from Troj/Inject-VI.

SpywareRemove.com malware experts also note that non-Windows users are also be able to laugh in the face of Troj/Inject-VI's attempted attack, since Troj/Inject-VI lacks cross-OS compatibility and can only infect Windows computers. After its installation, Troj/Inject-VI will drop its malicious files into randomly-named subdirectories of the Application Data folder and will also make some modifications to the Windows Registry.

When Troj/Inject-VI's Reservation Turns into Your PC's Peril

As Troj/Inject-VI's complete payload has yet to be analyzed, Troj/Inject-VI may be capable of other attacks besides those that are listed below. However, current functions that SpywareRemove.com malware researchers have confirmed in Troj/Inject-VI attacks include:

• Changing the firewall's authorized applications list, which can allow Troj/Inject-VI and other PC threats to transfer data to or from your PC without your consent.
• Interfering with your cookie-based settings. Websites often use cookies to store passwords, account preferences and other forms of sensitive information.
• Troj/Inject-VI will also set itself to launch automatically when Windows starts.
• Finally, your Internet security settings will be altered to make your web-browsing experiences vulnerable to future attacks from hostile sites.

All of the above attacks use the Windows Registry, and attempting to change your Registry without appropriate assistance from a PC security expert or suitable software may permanently damage Windows. SpywareRemove.com malware analysts propone using anti-malware programs to detect and remove Troj/Inject-VI due to Troj/Inject-VI's system changes and its usage of randomly-named files (such as aliqynu.exe).

Technical Details