PUP.Optional.OnlineIO

Short bio

PUP.Optional.OnlineIO is the detection for a small family of browser hijackersthat also send spam if they have your address.

Type and source of infection

PUP.Optional.OnlineIO were named after the domains these hijackers hail from, which is also the name of one of their sub-folders.This PUP is installed by bundlers. These bundlers typically offer one software for free and include others in the same package. They get paid for every successful install.

Protection

block PUP.Optional.OnlineIO

Malwarebytes blocks PUP.Optional.OnlineIO

Remediation

Malwarebytes can detect and remove PUP.Optional.OnlineIO without further user interaction.

  1. Please download Malwarebytesto your desktop.
  2. Double-click MBSetup.exeand follow the prompts to install the program.
  3. When your Malwarebytes for Windowsinstallation completes, the program opens to the Welcome to Malwarebytes screen.
  4. Click on the Get started button.
  5. Click Scan to start a Threat Scan.
  6. Click Quarantineto remove the found threats.
  7. Reboot the system if prompted to complete the removal process.

Malwarebytes removal log

A Malwarebytes log of removal will look similar to this:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date:10/31/2016Scan Time:1:42PMLogfile:mbamTrafficExchange.txtAdministrator:YesVersion:2.2.1.1043Malware Database:v2016.10.31.04Rootkit Database:v2016.09.26.02License:FreeMalware Protection:DisabledMalicious Website Protection:DisabledSelf-protection:DisabledOS:Windows 7Service Pack 1CPU:x64File System:NTFSUser:{username}Scan Type:Threat ScanResult:CompletedObjects Scanned:283732Time Elapsed:1min,23secMemory:EnabledStartup:EnabledFilesystem:EnabledArchives:EnabledRootkits:DisabledHeuristics:EnabledPUP:EnabledPUM:EnabledProcesses:11PUP.Optional.OnlineIO,C:\Microleaves\Online Application Installer\prerequisites\aipackagechainer.exe,3500,Delete-on-Reboot,[714fecb34c4eae8866a041dd6f9630d0]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe,3116,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe,3944,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe,1420,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe,828,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,2368,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,436,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,1664,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,3016,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,268,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,2144,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7]Modules:0(Nomalicious items detected)Registry Keys:45PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{280ADBDE-5EB6-49BE-838F-A0CA5EA6B0B1},Delete-on-Reboot,[635dfea168320b2be17b739c02030cf4],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EAF1F94-47E4-4719-BC2D-447E32F6BFA1},Delete-on-Reboot,[b010049bb8e279bd60fc947b29dc9f61],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{77AB9E48-F35B-4195-A085-5879719CBA12},Delete-on-Reboot,[467a7e21237764d24f93a32e08fc9769],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98AE2747-A69D-4404-9E30-36E74499D834},Delete-on-Reboot,[3a86bbe4e1b962d426bc9d34ce360bf5],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9B774ABE-6D05-4493-9E05-A512CFC422BB},Delete-on-Reboot,[b010712e504aa4924c10df30e91c06fa],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9F5595DB-DE9E-4DB0-B843-4CB5D34FE97E},Delete-on-Reboot,[e1df7f207426f046ee6e39d6ef1630d0],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0C2DCD7-A3D6-4B68-BD57-7D6775D68AC8},Delete-on-Reboot,[d6ea722dd9c1a5913f1d987742c39d63],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A2D255C7-F985-4441-99D3-5B9C7BB1BFB9},Delete-on-Reboot,[e7d97a253862270f459d7d541ce8de22],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A88003DA-BFF1-45FF-B029-A75777DEE14F},Delete-on-Reboot,[368abbe4b7e375c1974b7c5544c051af],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AC6A091C-C748-4143-99E6-9A934C14CA48},Delete-on-Reboot,[417fa3fc0d8d0b2b71711db464a09967],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BE88876E-498A-4786-809A-A96690564747},Delete-on-Reboot,[a0206b341c7ea195dd051bb67f85c23e],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C091D867-24CA-4BF3-8812-1B327F3A4C69},Delete-on-Reboot,[9f21217e910952e41349db34976ec33d],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C9579E4A-9A6F-4ED7-AFE9-F67205B1DF80},Delete-on-Reboot,[8937fca3b6e42a0c17cb12bfad57a55b],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CBFAFC59-F2DB-4FB0-973F-81371F9985AD},Delete-on-Reboot,[01bf009f5f3be5513626eb2412f340c0],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CF53734E-18C8-4AE1-935C-D70D74304642},Delete-on-Reboot,[2d9367383d5d280ef6ec00d1986c5ca4],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D83FF368-E450-4BAC-A436-02EF44E73CB1},Delete-on-Reboot,[526e5946ccce270f7fdd5eb1dd286e92],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E171F716-188D-443B-8535-D8FC141C3A8A},Delete-on-Reboot,[b010a5fa930774c214cec70a5ba9bf41],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6896CF2-42C6-4D0D-A01E-13390D6F4D3A},Delete-on-Reboot,[a61adec10892d165f864bf5063a224dc],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F93FBCD2-6ED2-4E83-B47C-1BB2ABC4E0E1},Delete-on-Reboot,[c1ffdfc02b6f1224855d04cdb351916f],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FB8A97BE-744C-48AA-8DC9-C2CE609F5F80},Delete-on-Reboot,[833da5fa7129f2448fcdf71801043dc3],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application,Delete-on-Reboot,[c6fa3b64e9b188aeca1a7160e81cff01],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application Guard,Delete-on-Reboot,[3e82ecb3a8f2eb4bf6ee329ffd0744bc],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application Guardian,Delete-on-Reboot,[932d6936c8d255e123c14f826f95a55b],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application Updater,Delete-on-Reboot,[e5db3c63237715215a8ab71a10f40df3],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Applicationv2,Delete-on-Reboot,[f2cecbd4e8b2ef47b62e646dbf45f50b],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Applicationv2 Guard,Delete-on-Reboot,[67597827e8b22016578dc60b7e861fe1],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Applicationv2 Guardian,Delete-on-Reboot,[4779b7e8d2c851e523c109c89a6a32ce],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Applicationv2 OG,Delete-on-Reboot,[4977e0bfdbbfc175d80cf2dfd232738d],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Applicationv2 On Guard,Delete-on-Reboot,[fac676298e0cae8812d23f925aaadb25],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Applicationv2 OnGuard,Delete-on-Reboot,[cef21e814d4d79bdc0243b9682828c74],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange,Delete-on-Reboot,[9e229d02801a5fd7e27b51bedc29d12f],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange Guard,Delete-on-Reboot,[08b89b04a3f710260f4e917e5fa6b64a],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange Guardian,Delete-on-Reboot,[e9d7d5cad6c4ec4a5a0340cf54b1d42c],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange Updater,Delete-on-Reboot,[c3fdddc2702a9f97b0ad53bcbb4a19e7],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchangev2,Delete-on-Reboot,[cbf5a0ff0c8e14225607f41b53b2af51],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchangev2 Guard,Delete-on-Reboot,[bd03cbd48d0d58dec29bf21d5ca905fb],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchangev2 Guardian,Delete-on-Reboot,[dfe1d6c91684053180dd35da57aeae52],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchangev2 OG,Delete-on-Reboot,[6759c3dce7b33bfb67f6dd32fc098d73],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchangev2 On Guard,Delete-on-Reboot,[249c8a1515850c2a2a33848b4cb94eb2],PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchangev2 OnGuard,Delete-on-Reboot,[bf01ecb3d8c28babf46964ab46bf15eb],PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application Installer,Quarantined,[e1df534cb3e79f9796cd020dd530ab55],PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online.io Application,Quarantined,[ba06851acecc42f41ec51cb558acec14],PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Traffic Exchange,Quarantined,[665a900f67334cea244ba46b52b38c74],PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{438465C5-D78D-4958-B31D-60374B5042F4},Quarantined,[6a56326d6535b581546af51fea1b04fc],PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C9DAA97A-154F-48F4-9453-19A85F1AE634},Quarantined,[dce4247baded1323c8f0e4fc22e2fe02],Registry Values:24PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{280ADBDE-5EB6-49BE-838F-A0CA5EA6B0B1}|Path,\Traffic Exchangev2 OnGuard,Delete-on-Reboot,[635dfea168320b2be17b739c02030cf4]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EAF1F94-47E4-4719-BC2D-447E32F6BFA1}|Path,\Traffic Exchange,Delete-on-Reboot,[b010049bb8e279bd60fc947b29dc9f61]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{77AB9E48-F35B-4195-A085-5879719CBA12}|Path,\Online Applicationv2 Guard,Delete-on-Reboot,[467a7e21237764d24f93a32e08fc9769]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98AE2747-A69D-4404-9E30-36E74499D834}|Path,\Online Application Guard,Delete-on-Reboot,[3a86bbe4e1b962d426bc9d34ce360bf5]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9B774ABE-6D05-4493-9E05-A512CFC422BB}|Path,\Traffic Exchangev2 On Guard,Delete-on-Reboot,[b010712e504aa4924c10df30e91c06fa]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9F5595DB-DE9E-4DB0-B843-4CB5D34FE97E}|Path,\Traffic Exchangev2 OG,Delete-on-Reboot,[e1df7f207426f046ee6e39d6ef1630d0]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0C2DCD7-A3D6-4B68-BD57-7D6775D68AC8}|Path,\Traffic Exchangev2 Guard,Delete-on-Reboot,[d6ea722dd9c1a5913f1d987742c39d63]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A2D255C7-F985-4441-99D3-5B9C7BB1BFB9}|Path,\Online Application,Delete-on-Reboot,[e7d97a253862270f459d7d541ce8de22]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A88003DA-BFF1-45FF-B029-A75777DEE14F}|Path,\Online Application Guardian,Delete-on-Reboot,[368abbe4b7e375c1974b7c5544c051af]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AC6A091C-C748-4143-99E6-9A934C14CA48}|Path,\Online Applicationv2,Delete-on-Reboot,[417fa3fc0d8d0b2b71711db464a09967]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BE88876E-498A-4786-809A-A96690564747}|Path,\Online Applicationv2 On Guard,Delete-on-Reboot,[a0206b341c7ea195dd051bb67f85c23e]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C091D867-24CA-4BF3-8812-1B327F3A4C69}|Path,\Traffic Exchange Guardian,Delete-on-Reboot,[9f21217e910952e41349db34976ec33d]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C9579E4A-9A6F-4ED7-AFE9-F67205B1DF80}|Path,\Online Applicationv2 OG,Delete-on-Reboot,[8937fca3b6e42a0c17cb12bfad57a55b]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CBFAFC59-F2DB-4FB0-973F-81371F9985AD}|Path,\Traffic Exchange Updater,Delete-on-Reboot,[01bf009f5f3be5513626eb2412f340c0]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CF53734E-18C8-4AE1-935C-D70D74304642}|Path,\Online Application Updater,Delete-on-Reboot,[2d9367383d5d280ef6ec00d1986c5ca4]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D83FF368-E450-4BAC-A436-02EF44E73CB1}|Path,\Traffic Exchangev2 Guardian,Delete-on-Reboot,[526e5946ccce270f7fdd5eb1dd286e92]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E171F716-188D-443B-8535-D8FC141C3A8A}|Path,\Online Applicationv2 Guardian,Delete-on-Reboot,[b010a5fa930774c214cec70a5ba9bf41]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6896CF2-42C6-4D0D-A01E-13390D6F4D3A}|Path,\Traffic Exchangev2,Delete-on-Reboot,[a61adec10892d165f864bf5063a224dc]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F93FBCD2-6ED2-4E83-B47C-1BB2ABC4E0E1}|Path,\Online Applicationv2 OnGuard,Delete-on-Reboot,[c1ffdfc02b6f1224855d04cdb351916f]PUP.Optional.OnlineIO,HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FB8A97BE-744C-48AA-8DC9-C2CE609F5F80}|Path,\Traffic Exchange Guard,Delete-on-Reboot,[833da5fa7129f2448fcdf71801043dc3]PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{438465C5-D78D-4958-B31D-60374B5042F4}|Contact,contact@online.io,Quarantined,[b709dac59ffbe056d87bdc33aa5bb34d]PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{438465C5-D78D-4958-B31D-60374B5042F4}|URLInfoAbout,http://traffic.io/, Quarantined, [6a56326d6535b581546af51fea1b04fc]PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C9DAA97A-154F-48F4-9453-19A85F1AE634}|Contact,contact@online.io,Quarantined,[3d831f809802e05663f0dd32b94c857b]PUP.Optional.OnlineIO,HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C9DAA97A-154F-48F4-9453-19A85F1AE634}|URLInfoAbout,http://online.io/, Quarantined, [dce4247baded1323c8f0e4fc22e2fe02]Registry Data:0(Nomalicious items detected)Folders:9PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Online.io Application,Quarantined,[11afe6b95941c274ccd540d47392fd03],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Online.io Application\updates,Quarantined,[11afe6b95941c274ccd540d47392fd03],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange\updates,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange\updates\1.10.0,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange\updates\1.11.0,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],Files:38PUP.Optional.OnlineIO,C:\Microleaves\Online Application Installer\prerequisites\aipackagechainer.exe,Delete-on-Reboot,[714fecb34c4eae8866a041dd6f9630d0],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange\updates\1.10.0\Online-Installer.exe,Quarantined,[9d236e3149515adc5caae53952b328d8],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange\updates\1.11.0\Online-Installer.exe,Quarantined,[447cbde21783e4521bebe83615f028d8],PUP.Optional.OnlineIO,C:\Users\{username}\Desktop\Online-Installer.exe,Quarantined,[962a851a247667cfcd3989952adbf40c],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.ini,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online.io EULA.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Online.io Application\Online.io Privacy.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe,Delete-on-Reboot,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online.io EULA.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Online.io Privacy.url,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.ini,Quarantined,[526ee0bf5545c1755e81b41d53b159a7],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Application,Quarantined,[ead66f30396187af18cd3d94758f728e],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Application Guard,Quarantined,[853b5b444d4d59dd8362b41d7f85ed13],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Application Guardian,Quarantined,[843c6b347f1bfe38d312ddf4cd3704fc],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Application Updater,Quarantined,[b60a7f20594188ae717418b9887c946c],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Applicationv2,Quarantined,[a51b8718108a4ee80fd63b96986c8977],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Applicationv2 Guard,Quarantined,[c0006c337327e551677e28a97094926e],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Applicationv2 Guardian,Quarantined,[863acdd2792145f1b92c8e43bc4827d9],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Applicationv2 OG,Quarantined,[fdc3aaf50298c175865fe7eab54f31cf],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Applicationv2 On Guard,Quarantined,[f6caacf33367ec4a42a39b361aea649c],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Online Applicationv2 OnGuard,Quarantined,[c2fe0b94d4c62511677e478ad430dc24],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchange,Quarantined,[0eb28f10b0ea142201632ae58d7852ae],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchange Guard,Quarantined,[cff1059a0694aa8c91d3010e8f768f71],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchange Guardian,Quarantined,[536d26795a400b2b4f1535da58ad758b],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchange Updater,Quarantined,[e7d9ced1f0aaa88ef66e40cf40c5f20e],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchangev2,Quarantined,[269a356accce270f0064749bff0618e8],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchangev2 Guard,Quarantined,[4977acf3acee0a2cbba9e02f63a2a25e],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchangev2 Guardian,Quarantined,[5c64ffa0b9e1bf772c3822ed877e738d],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchangev2 OG,Quarantined,[12ae3a65633768ce3e269b74c93c11ef],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchangev2 On Guard,Quarantined,[bd030996b7e3c5711252858a050004fc],PUP.Optional.OnlineIO,C:\Windows\System32\Tasks\Traffic Exchangev2 OnGuard,Quarantined,[3888336c950564d2105466a984810ef2],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Online.io Application\updates\updates.aiu,Quarantined,[11afe6b95941c274ccd540d47392fd03],PUP.Optional.OnlineIO,C:\ProgramData\Microleaves\Traffic Exchange\updates\mupdates.aiu,Quarantined,[c3fd0897e6b45dd97a28f32146bfc937],Physical Sectors:0(Nomalicious items detected)(end)

Add an exclusion

Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it.

  • Open Malwarebytes for Windows.
  • Click the Detection History
  • Click the Allow List
  • To add an item to the Allow List, click Add.
  • Select the exclusion type Allow a file or folderand use the Select a folderbutton to select the main folder for the software that you wish to keep.
  • Repeat this for any secondary files or folder(s) that belong to the software.
If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use theBrowse button to select the file you wish to grant access.

Traces/IOCs

Associated folders:

%ProgramFiles%\Microleaves\Online.io Application
%ProgramData%\Microleaves\Online.io Application

Related blog content

How to avoid potentially unwanted programsHow your business can avoid potentially unwanted programs

Select your language

New Buy Online Partner Icon Warning Icon Edge icon