PUP.Optional.OnlineIO

detection icon

Short bio

PUP.Optional.OnlineIO is the detection for a small family of browser hijackersthat also send spam if they have your address.

Type and source of infection

PUP.Optional.OnlineIO were named after the domains these hijackers hail from, which is also the name of one of their sub-folders.This PUP is installed by bundlers. These bundlers typically offer one software for free and include others in the same package. They get paid for every successful install.

Protection

block PUP.Optional.OnlineIO

Malwarebytes blocks PUP.Optional.OnlineIO

Remediation

Malwarebytes can detect and remove PUP.Optional.OnlineIO without further user interaction.

  1. Please download Malwarebytesto your desktop.
  2. Double-click MBSetup.exeand follow the prompts to install the program.
  3. When your Malwarebytes for Windowsinstallation completes, the program opens to the Welcome to Malwarebytes screen.
  4. Click on the Get started button.
  5. Click Scan to start a Threat Scan.
  6. Click Quarantineto remove the found threats.
  7. Reboot the system if prompted to complete the removal process.

Malwarebytes removal log

A Malwarebytes log of removal will look similar to this:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date:10/31/2016Scan Time:1:42PMLogfile:mbamTrafficExchange.txtAdministrator:YesVersion:2.2.1.1043Malware Database:v2016.10.31.04Rootkit Database:v2016.09.26.02License:FreeMalware Protection:DisabledMalicious Website Protection:DisabledSelf-protection:DisabledOS:Windows 7Service Pack 1CPU:x64File System:NTFSUser:{username}Scan Type:Threat ScanResult:CompletedObjects Scanned:283732Time Elapsed:1min,23secMemory:EnabledStartup:EnabledFilesystem:EnabledArchives:EnabledRootkits:DisabledHeuristics:EnabledPUP:EnabledPUM:EnabledProcesses:11PUP.Optional.OnlineIO,C:MicroleavesOnline Application Installerprerequisitesaipackagechainer.exe,3500,Delete-on-Reboot,[714fecb34c4eae8866a041dd6f9630d0]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline-Guardian-v2.exe,3116,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline-Guardian.exe,3944,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline-Guardian.exe,1420,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline-Guardian.exe,828,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,2368,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,436,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,1664,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,3016,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,268,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,2144,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]Modules:0(Nomalicious items detected)Registry Keys:45PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{280ADBDE-5EB6-49BE-838F-A0CA5EA6B0B1},Delete-on-Reboot,[635dfea168320b2be17b739c02030cf4],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{3EAF1F94-47E4-4719-BC2D-447E32F6BFA1},Delete-on-Reboot,[b010049bb8e279bd60fc947b29dc9f61],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{77AB9E48-F35B-4195-A085-5879719CBA12},Delete-on-Reboot,[467a7e21237764d24f93a32e08fc9769],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{98AE2747-A69D-4404-9E30-36E74499D834},Delete-on-Reboot,[3a86bbe4e1b962d426bc9d34ce360bf5],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{9B774ABE-6D05-4493-9E05-A512CFC422BB},Delete-on-Reboot,[b010712e504aa4924c10df30e91c06fa],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{9F5595DB-DE9E-4DB0-B843-4CB5D34FE97E},Delete-on-Reboot,[e1df7f207426f046ee6e39d6ef1630d0],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{A0C2DCD7-A3D6-4B68-BD57-7D6775D68AC8},Delete-on-Reboot,[d6ea722dd9c1a5913f1d987742c39d63],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{A2D255C7-F985-4441-99D3-5B9C7BB1BFB9},Delete-on-Reboot,[e7d97a253862270f459d7d541ce8de22],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{A88003DA-BFF1-45FF-B029-A75777DEE14F},Delete-on-Reboot,[368abbe4b7e375c1974b7c5544c051af],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{AC6A091C-C748-4143-99E6-9A934C14CA48},Delete-on-Reboot,[417fa3fc0d8d0b2b71711db464a09967],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{BE88876E-498A-4786-809A-A96690564747},Delete-on-Reboot,[a0206b341c7ea195dd051bb67f85c23e],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{C091D867-24CA-4BF3-8812-1B327F3A4C69},Delete-on-Reboot,[9f21217e910952e41349db34976ec33d],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{C9579E4A-9A6F-4ED7-AFE9-F67205B1DF80},Delete-on-Reboot,[8937fca3b6e42a0c17cb12bfad57a55b],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{CBFAFC59-F2DB-4FB0-973F-81371F9985AD},Delete-on-Reboot,[01bf009f5f3be5513626eb2412f340c0],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{CF53734E-18C8-4AE1-935C-D70D74304642},Delete-on-Reboot,[2d9367383d5d280ef6ec00d1986c5ca4],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{D83FF368-E450-4BAC-A436-02EF44E73CB1},Delete-on-Reboot,[526e5946ccce270f7fdd5eb1dd286e92],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{E171F716-188D-443B-8535-D8FC141C3A8A},Delete-on-Reboot,[b010a5fa930774c214cec70a5ba9bf41],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{E6896CF2-42C6-4D0D-A01E-13390D6F4D3A},Delete-on-Reboot,[a61adec10892d165f864bf5063a224dc],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{F93FBCD2-6ED2-4E83-B47C-1BB2ABC4E0E1},Delete-on-Reboot,[c1ffdfc02b6f1224855d04cdb351916f],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{FB8A97BE-744C-48AA-8DC9-C2CE609F5F80},Delete-on-Reboot,[833da5fa7129f2448fcdf71801043dc3],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Application,Delete-on-Reboot,[c6fa3b64e9b188aeca1a7160e81cff01],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Application Guard,Delete-on-Reboot,[3e82ecb3a8f2eb4bf6ee329ffd0744bc],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Application Guardian,Delete-on-Reboot,[932d6936c8d255e123c14f826f95a55b],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Application Updater,Delete-on-Reboot,[e5db3c63237715215a8ab71a10f40df3],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Applicationv2,Delete-on-Reboot,[f2cecbd4e8b2ef47b62e646dbf45f50b],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Applicationv2 Guard,Delete-on-Reboot,[67597827e8b22016578dc60b7e861fe1],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Applicationv2 Guardian,Delete-on-Reboot,[4779b7e8d2c851e523c109c89a6a32ce],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Applicationv2 OG,Delete-on-Reboot,[4977e0bfdbbfc175d80cf2dfd232738d],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Applicationv2 On Guard,Delete-on-Reboot,[fac676298e0cae8812d23f925aaadb25],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEOnline Applicationv2 OnGuard,Delete-on-Reboot,[cef21e814d4d79bdc0243b9682828c74],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchange,Delete-on-Reboot,[9e229d02801a5fd7e27b51bedc29d12f],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchange Guard,Delete-on-Reboot,[08b89b04a3f710260f4e917e5fa6b64a],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchange Guardian,Delete-on-Reboot,[e9d7d5cad6c4ec4a5a0340cf54b1d42c],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchange Updater,Delete-on-Reboot,[c3fdddc2702a9f97b0ad53bcbb4a19e7],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchangev2,Delete-on-Reboot,[cbf5a0ff0c8e14225607f41b53b2af51],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchangev2 Guard,Delete-on-Reboot,[bd03cbd48d0d58dec29bf21d5ca905fb],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchangev2 Guardian,Delete-on-Reboot,[dfe1d6c91684053180dd35da57aeae52],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchangev2 OG,Delete-on-Reboot,[6759c3dce7b33bfb67f6dd32fc098d73],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchangev2 On Guard,Delete-on-Reboot,[249c8a1515850c2a2a33848b4cb94eb2],PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREETraffic Exchangev2 OnGuard,Delete-on-Reboot,[bf01ecb3d8c28babf46964ab46bf15eb],PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROLEAVESOnline Application Installer,Quarantined,[e1df534cb3e79f9796cd020dd530ab55],PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROLEAVESOnline.io Application,Quarantined,[ba06851acecc42f41ec51cb558acec14],PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROLEAVESTraffic Exchange,Quarantined,[665a900f67334cea244ba46b52b38c74],PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{438465C5-D78D-4958-B31D-60374B5042F4},Quarantined,[6a56326d6535b581546af51fea1b04fc],PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{C9DAA97A-154F-48F4-9453-19A85F1AE634},Quarantined,[dce4247baded1323c8f0e4fc22e2fe02],Registry Values:24PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{280ADBDE-5EB6-49BE-838F-A0CA5EA6B0B1}|Path,Traffic Exchangev2 OnGuard,Delete-on-Reboot,[635dfea168320b2be17b739c02030cf4]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{3EAF1F94-47E4-4719-BC2D-447E32F6BFA1}|Path,Traffic Exchange,Delete-on-Reboot,[b010049bb8e279bd60fc947b29dc9f61]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{77AB9E48-F35B-4195-A085-5879719CBA12}|Path,Online Applicationv2 Guard,Delete-on-Reboot,[467a7e21237764d24f93a32e08fc9769]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{98AE2747-A69D-4404-9E30-36E74499D834}|Path,Online Application Guard,Delete-on-Reboot,[3a86bbe4e1b962d426bc9d34ce360bf5]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{9B774ABE-6D05-4493-9E05-A512CFC422BB}|Path,Traffic Exchangev2 On Guard,Delete-on-Reboot,[b010712e504aa4924c10df30e91c06fa]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{9F5595DB-DE9E-4DB0-B843-4CB5D34FE97E}|Path,Traffic Exchangev2 OG,Delete-on-Reboot,[e1df7f207426f046ee6e39d6ef1630d0]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{A0C2DCD7-A3D6-4B68-BD57-7D6775D68AC8}|Path,Traffic Exchangev2 Guard,Delete-on-Reboot,[d6ea722dd9c1a5913f1d987742c39d63]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{A2D255C7-F985-4441-99D3-5B9C7BB1BFB9}|Path,Online Application,Delete-on-Reboot,[e7d97a253862270f459d7d541ce8de22]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{A88003DA-BFF1-45FF-B029-A75777DEE14F}|Path,Online Application Guardian,Delete-on-Reboot,[368abbe4b7e375c1974b7c5544c051af]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{AC6A091C-C748-4143-99E6-9A934C14CA48}|Path,Online Applicationv2,Delete-on-Reboot,[417fa3fc0d8d0b2b71711db464a09967]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{BE88876E-498A-4786-809A-A96690564747}|Path,Online Applicationv2 On Guard,Delete-on-Reboot,[a0206b341c7ea195dd051bb67f85c23e]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{C091D867-24CA-4BF3-8812-1B327F3A4C69}|Path,Traffic Exchange Guardian,Delete-on-Reboot,[9f21217e910952e41349db34976ec33d]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{C9579E4A-9A6F-4ED7-AFE9-F67205B1DF80}|Path,Online Applicationv2 OG,Delete-on-Reboot,[8937fca3b6e42a0c17cb12bfad57a55b]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{CBFAFC59-F2DB-4FB0-973F-81371F9985AD}|Path,Traffic Exchange Updater,Delete-on-Reboot,[01bf009f5f3be5513626eb2412f340c0]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{CF53734E-18C8-4AE1-935C-D70D74304642}|Path,Online Application Updater,Delete-on-Reboot,[2d9367383d5d280ef6ec00d1986c5ca4]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{D83FF368-E450-4BAC-A436-02EF44E73CB1}|Path,Traffic Exchangev2 Guardian,Delete-on-Reboot,[526e5946ccce270f7fdd5eb1dd286e92]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{E171F716-188D-443B-8535-D8FC141C3A8A}|Path,Online Applicationv2 Guardian,Delete-on-Reboot,[b010a5fa930774c214cec70a5ba9bf41]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{E6896CF2-42C6-4D0D-A01E-13390D6F4D3A}|Path,Traffic Exchangev2,Delete-on-Reboot,[a61adec10892d165f864bf5063a224dc]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{F93FBCD2-6ED2-4E83-B47C-1BB2ABC4E0E1}|Path,Online Applicationv2 OnGuard,Delete-on-Reboot,[c1ffdfc02b6f1224855d04cdb351916f]PUP.Optional.OnlineIO,HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{FB8A97BE-744C-48AA-8DC9-C2CE609F5F80}|Path,Traffic Exchange Guard,Delete-on-Reboot,[833da5fa7129f2448fcdf71801043dc3]PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{438465C5-D78D-4958-B31D-60374B5042F4}|Contact,contact@online.io,Quarantined,[b709dac59ffbe056d87bdc33aa5bb34d]PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{438465C5-D78D-4958-B31D-60374B5042F4}|URLInfoAbout,http://traffic.io/, Quarantined, [6a56326d6535b581546af51fea1b04fc]PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{C9DAA97A-154F-48F4-9453-19A85F1AE634}|Contact,contact@online.io,Quarantined,[3d831f809802e05663f0dd32b94c857b]PUP.Optional.OnlineIO,HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{C9DAA97A-154F-48F4-9453-19A85F1AE634}|URLInfoAbout,http://online.io/, Quarantined, [dce4247baded1323c8f0e4fc22e2fe02]Registry Data:0(Nomalicious items detected)Folders:9PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io Application,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)Microleaves,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic Exchange,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesOnline.io Application,Quarantined,[11afe6b95941c274ccd540d47392fd03],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesOnline.io Applicationupdates,Quarantined,[11afe6b95941c274ccd540d47392fd03],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchange,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchangeupdates,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchangeupdates1.10.0,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchangeupdates1.11.0,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],Files:38PUP.Optional.OnlineIO,C:MicroleavesOnline Application Installerprerequisitesaipackagechainer.exe,Delete-on-Reboot,[714fecb34c4eae8866a041dd6f9630d0],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchangeupdates1.10.0Online-Installer.exe,Quarantined,[9d236e3149515adc5caae53952b328d8],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchangeupdates1.11.0Online-Installer.exe,Quarantined,[447cbde21783e4521bebe83615f028d8],PUP.Optional.OnlineIO,C:Users{username}DesktopOnline-Installer.exe,Quarantined,[962a851a247667cfcd3989952adbf40c],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline Application Updater.exe,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline Application Updater.ini,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline-Guardian-v2.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline-Guardian.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline.io EULA.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesOnline.io ApplicationOnline.io Privacy.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian-v2.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline-Guardian.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline.io EULA.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeOnline.io Privacy.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeTraffic Exchange Updater.exe,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:Program Files (x86)MicroleavesTraffic ExchangeTraffic Exchange Updater.ini,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Application,Quarantined,[ead66f30396187af18cd3d94758f728e],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Application Guard,Quarantined,[853b5b444d4d59dd8362b41d7f85ed13],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Application Guardian,Quarantined,[843c6b347f1bfe38d312ddf4cd3704fc],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Application Updater,Quarantined,[b60a7f20594188ae717418b9887c946c],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Applicationv2,Quarantined,[a51b8718108a4ee80fd63b96986c8977],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Applicationv2 Guard,Quarantined,[c0006c337327e551677e28a97094926e],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Applicationv2 Guardian,Quarantined,[863acdd2792145f1b92c8e43bc4827d9],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Applicationv2 OG,Quarantined,[fdc3aaf50298c175865fe7eab54f31cf],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Applicationv2 On Guard,Quarantined,[f6caacf33367ec4a42a39b361aea649c],PUP.Optional.OnlineIO,C:WindowsSystem32TasksOnline Applicationv2 OnGuard,Quarantined,[c2fe0b94d4c62511677e478ad430dc24],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchange,Quarantined,[0eb28f10b0ea142201632ae58d7852ae],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchange Guard,Quarantined,[cff1059a0694aa8c91d3010e8f768f71],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchange Guardian,Quarantined,[536d26795a400b2b4f1535da58ad758b],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchange Updater,Quarantined,[e7d9ced1f0aaa88ef66e40cf40c5f20e],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchangev2,Quarantined,[269a356accce270f0064749bff0618e8],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchangev2 Guard,Quarantined,[4977acf3acee0a2cbba9e02f63a2a25e],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchangev2 Guardian,Quarantined,[5c64ffa0b9e1bf772c3822ed877e738d],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchangev2 OG,Quarantined,[12ae3a65633768ce3e269b74c93c11ef],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchangev2 On Guard,Quarantined,[bd030996b7e3c5711252858a050004fc],PUP.Optional.OnlineIO,C:WindowsSystem32TasksTraffic Exchangev2 OnGuard,Quarantined,[3888336c950564d2105466a984810ef2],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesOnline.io Applicationupdatesupdates.aiu,Quarantined,[11afe6b95941c274ccd540d47392fd03],PUP.Optional.OnlineIO,C:ProgramDataMicroleavesTraffic Exchangeupdatesmupdates.aiu,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],Physical Sectors:0(Nomalicious items detected)(end)

Add an exclusion

Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it.

  • Open Malwarebytes for Windows.
  • Click the Detection History
  • Click the Allow List
  • To add an item to the Allow List, click Add.
  • Select the exclusion type Allow a file or folderand use the Select a folderbutton to select the main folder for the software that you wish to keep.
  • Repeat this for any secondary files or folder(s) that belong to the software.

If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use theBrowse button to select the file you wish to grant access.

Traces/IOCs

Associated folders:

%ProgramFiles%MicroleavesOnline.io Application
%ProgramData%MicroleavesOnline.io Application
detection icon

Related blog content

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams