Win32/Injector.LML

Posted: December 2, 2011

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	9/10
Infected PCs:	59

First Seen:	December 2, 2011
Last Seen:	May 22, 2023
OS(es) Affected:	Windows

Win32/Injector.LML is a generic label that certain security companies apply to given types of dropper Trojan attacks such as Win32/TrojanDownloader.Small.PFD. Because Win32/Injector.LML is a general term that can be applied to several types of Trojans and exploits, the symptoms and consequences of a Win32/Injector.LML attack can vary widely from one instance to the next one. However, SpywareRemove.com malware experts always urge extreme caution around a potential Win32/Injector.LML attack, since Win32/Injector.LML has been known to result in infection by banker Trojans and other forms of high-level PC threats. Modern Win32/Injector.LML attacks have been noted to be spread by Facebook links, and if you've had contact with a suspicious social networking link in recent months, you may need to remove Win32/Injector.LML from your PC with a robust anti-malware product.

Win32/Injector.LML – a Fresh Hit for an Ancient Facebook Scam

Win32/Injector.LML's main propagation method is through Facebook accounts – specifically, through links that TrojanDropper:Win32/Fignotok forces these accounts to post. These links to Win32/Injector.LML's Israel-based website may appear to link to a screensaver or other form of harmless download, but the actual consequence of downloading this file is infecting your PC with Win32/Injector.LML. However, as a general label, Win32/Injector.LML may also be applied to other types of Trojans in the future, although SpywareRemove.com malware researchers have found its current usage restricted to Win32/TrojanDownloader.Small.PFD and the aforementioned Facebook attacks.

Because Win32/Injector.LML is still a recently-emerged threat, you should consider updating your anti-malware software to prevent Win32/Injector.LML from escaping identification and deletion. Even if your PC security programs are unable to detect Win32/Injector.LML, practicing good online safety and staying away from unusual Facebook links should limit your computer's exposure to Win32/Injector.LML attacks. If acquaintances appear to be posting links to Win32/Injector.LML on their accounts, their accounts have been hijacked by an affiliated PC threat and you should warn them to take appropriate safety measures.

If You Fail to Heed the Warning of Win32/Injector.LML's Screensaver Hoax

SpywareRemove.com malware researchers have noted that the current version of Win32/Injector.LML is oriented around Trojan dropper functions that allow Win32/Injector.LML to install additional PC threats. Although the full list of Win32/Injector.LML's payload has yet to be enumerated, Win32/Injector.LML is known to install variants of ZeuS rootkits and Trojans. Since ZeuS, as a banking Trojan, has the ability to steal financial information such as bank account passwords, you should take particular care to re-secure your bank accounts after disinfecting Win32/Injector.LML and related PC threats from your computer.

Win32/Injector.LML and malicious programs that are associated with its payload will use advanced means to obfuscate their identities and avoid deletion. While damaging Windows is a definite possibility if you botch manual-removal of Win32/Injector.LML, deleting Win32/Injector.LML with accurate anti-malware software should leave your PC untouched from any long-term harm.

Win32/Injector.LML

Threat Metric

Win32/Injector.LML – a Fresh Hit for an Ancient Facebook Scam

If You Fail to Heed the Warning of Win32/Injector.LML's Screensaver Hoax

Leave a Reply