Malware

Win32/Filecoder.NLK removal guide

Malware Removal

The Win32/Filecoder.NLK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Filecoder.NLK virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Attempts to delete volume shadow copies
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Creates a hidden or system file
  • Likely virus infection of existing system binary
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Win32/Filecoder.NLK?



File Info:

crc32: 54BADD56
md5: 78ca4efe15d4e791d0a668f6fe06a1e9
name: 78CA4EFE15D4E791D0A668F6FE06A1E9.mlw
sha1: 63a62a9bb15d27ed8279844a1a9b2c3d2c8c871c
sha256: 212c29fe3acab032b3c959609822841acfe0980f65959df3743fc8d8624ebc53
sha512: f6c47e02b888514952f6633e6f9054b6890794b727ed057a349989c0684d33d755d93e779d83a6c21802f07fc01d9e87c38ed84658820950378126f33bf91009
ssdeep: 6144:2fTUUU5c6x3IfUme/xLyCM7K9e+g29o9cMAbbaqnBS6mWnc:0Ttgx3eUme/xLv6K829KQmh
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (c) 2006-2014  Open Source Software community LGPL
InternalName: Lyons Send
FileVersion: 8.6.4.8
CompanyName: Open Source Software community LGPL
FileDescription: Notifyall Bfn Silkscreen Paperwork Guarded
LegalTrademarks: Copyright (c) 2006-2014  Open Source Software community LGPL
Comments: Notifyall Bfn Silkscreen Paperwork Guarded
ProductName: Lyons Send
Languages: English
ProductVersion: 8.6.4.8
PrivateBuild: 8.6.4.8
OriginalFilename: Lyons Send.exe
Translation: 0x0409 0x04b0

Win32/Filecoder.NLK also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0050d8431 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Steam.13902
CynetMalicious (score: 100)
ALYacTrojan.Ransom.FileCryptor
CylanceUnsafe
ZillyaTrojan.Deshacop.Win32.959
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaRansom:Win32/Genasom.ali1000102
K7GWTrojan ( 0050d8431 )
Cybereasonmalicious.e15d4e
CyrenW32/Trojan.KFUS-4493
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Filecoder.NLK
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Deshacop.fov
BitDefenderTrojan.GenericKD.5082152
NANO-AntivirusTrojan.Win32.Deshacop.epfhzu
MicroWorld-eScanTrojan.GenericKD.5082152
TencentWin32.Trojan.Raas.Auto
Ad-AwareTrojan.GenericKD.5082152
ComodoMalware@#f0osdchhjyq9
BitDefenderThetaGen:NN.ZexaF.34608.tq0@aSdkjdni
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_FAKEGLOBE.L
McAfee-GW-EditionRansomware-GAG!78CA4EFE15D4
FireEyeGeneric.mg.78ca4efe15d4e791
EmsisoftTrojan.GenericKD.5082152 (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.Gen
AviraTR/Crypt.ZPACK.Gen7
MicrosoftRansom:Win32/FileCryptor
ArcabitTrojan.Generic.D4D8C28
AegisLabTrojan.Multi.Generic.4!c
GDataTrojan.GenericKD.5082152
AhnLab-V3Win-Trojan/Sagecrypt.Gen
Acronissuspicious
McAfeeRansomware-GAG!78CA4EFE15D4
MAXmalware (ai score=100)
VBA32BScope.TrojanSpy.Ursnif
MalwarebytesMachineLearning/Anomalous.95%
PandaTrj/CI.A
TrendMicro-HouseCallRansom_FAKEGLOBE.L
RisingRansom.FileCryptor!8.1A7 (CLOUD)
YandexTrojan.Deshacop!r0qddBf0n0g
IkarusTrojan.Inject
eGambitUnsafe.AI_Score_99%
FortinetW32/Deshacop.FOV!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.7c4

How to remove Win32/Filecoder.NLK?

Win32/Filecoder.NLK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment