How to remove “Jaik.139198”?

The Jaik.139198 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Jaik.139198 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Jaik.139198?


File Info:
name: 227943CB31BA007C3C1C.mlw
path: /opt/CAPEv2/storage/binaries/e5a38ebecb6045cd41c5eb1fb41fc706453375a482367ab95237f0be1bc30341
crc32: B8E1F915
md5: 227943cb31ba007c3c1cc3c9be8cb408
sha1: 620f6b3552d295b4c04b870f4b1995105451d185
sha256: e5a38ebecb6045cd41c5eb1fb41fc706453375a482367ab95237f0be1bc30341
sha512: a73c616208f1872bd8f66f80fe95d05cfed179395d0ae56044d6f969c2b5a32ecf6e47f15304e92916a7c9d84bcfce6e6c2ef619f3bfa8a9d72f22de24aad8d3
ssdeep: 3072:+nPIbiThZjqhnwGWqGK8PrEdpg355uhuaw1gc5888888888888W88888888888/9:+guGr9GnYds5wIahc5888888888888W2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T124E34C03B3D34071F4655D39C8658044ED2779B919F5702A3EFDEA0E4EBA6C28C7AB62
sha3_384: cba96d11cc58942efa836a25c9912ce9cf96bbacce9236961675a6e902392d23b922bdd02a097ab136101aa2772ed9e2
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2014-07-09 07:58:13

Version Info:
Comments: This installation was built with Inno Setup.
CompanyName: 鸿雁传书                                                        
FileDescription: 鸿雁传书                                                        
FileVersion: 2015.0907.1605.19   
LegalCopyright: Copyright © 2012-2015 鸿雁传书, Inc.                                                                    
ProductName: 鸿雁传书                                                        
ProductVersion: 2.0                                               
Translation: 0x0000 0x04b0

Jaik.139198 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Jaik.139198
FireEye	Gen:Variant.Jaik.139198
ALYac	Gen:Variant.Jaik.139198
Sangfor	Trojan.Win32.Agent.Vau4
CrowdStrike	win/grayware_confidence_100% (W)
Arcabit	Trojan.Jaik.D21FBE
Cyren	W32/InstallCore.DK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/InstallCore.Gen_AGen.E potentially unwanted
BitDefender	Gen:Variant.Jaik.139198
Avast	Win32:TrojanX-gen [Trj]
Emsisoft	Gen:Variant.Jaik.139198 (B)
VIPRE	Gen:Variant.Jaik.139198
TrendMicro	PAK_Xed-21
McAfee-GW-Edition	BehavesLike.Win32.Suspicious.cm
Jiangmin	Downloader.DownloaderGuide.bvw
Antiy-AVL	Trojan/Win32.Eldorado
GData	Gen:Variant.Jaik.139198
Google	Detected
McAfee	Artemis!227943CB31BA
MAX	malware (ai score=87)
Cylance	unsafe
TrendMicro-HouseCall	PAK_Xed-21
Ikarus	Trojan.Dropper
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Wacatac.B!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Jaik.139198?

Jaik.139198 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X