PUP.Optional.OnlineIO

Short bio

PUP.Optional.OnlineIO is the detection for a small family of browser hijackers that also send spam if they have your address.

Type and source of infection

PUP.Optional.OnlineIO were named after the domains these hijackers hail from  which is also the name of one of their sub-folders.
This PUP is installed by bundlers. These bundlers typically offer one software for free and include others in the same package. They get paid for every successful install.

Protection

Malwarebytes protects users from PUP.Optional.OnlineIO by using real-time protection.

block PUP.Optional.OnlineIO

Malwarebytes blocks PUP.Optional.OnlineIO

Remediation

Malwarebytes can detect and remove PUP.Optional.OnlineIO without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  3. Then click Finish.
  4. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  5. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  6. When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  7. Restart your computer when prompted to do so.

Malwarebytes removal log

A Malwarebytes log of removal will look similar to this:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/31/2016
Scan Time: 1:42 PM
Logfile: mbamTrafficExchange.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.10.31.04
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 283732
Time Elapsed: 1 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 11
PUP.Optional.OnlineIO, C:\Microleaves\Online Application Installer\prerequisites\aipackagechainer.exe, 3500, Delete-on-Reboot, [714fecb34c4eae8866a041dd6f9630d0]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe, 3116, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe, 3944, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe, 1420, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe, 828, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, 2368, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, 436, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, 1664, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, 3016, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, 268, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, 2144, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7]

Modules: 0
(No malicious items detected)

Registry Keys: 45
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{280ADBDE-5EB6-49BE-838F-A0CA5EA6B0B1}, Delete-on-Reboot, [635dfea168320b2be17b739c02030cf4], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EAF1F94-47E4-4719-BC2D-447E32F6BFA1}, Delete-on-Reboot, [b010049bb8e279bd60fc947b29dc9f61], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{77AB9E48-F35B-4195-A085-5879719CBA12}, Delete-on-Reboot, [467a7e21237764d24f93a32e08fc9769], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98AE2747-A69D-4404-9E30-36E74499D834}, Delete-on-Reboot, [3a86bbe4e1b962d426bc9d34ce360bf5], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9B774ABE-6D05-4493-9E05-A512CFC422BB}, Delete-on-Reboot, [b010712e504aa4924c10df30e91c06fa], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9F5595DB-DE9E-4DB0-B843-4CB5D34FE97E}, Delete-on-Reboot, [e1df7f207426f046ee6e39d6ef1630d0], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0C2DCD7-A3D6-4B68-BD57-7D6775D68AC8}, Delete-on-Reboot, [d6ea722dd9c1a5913f1d987742c39d63], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A2D255C7-F985-4441-99D3-5B9C7BB1BFB9}, Delete-on-Reboot, [e7d97a253862270f459d7d541ce8de22], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A88003DA-BFF1-45FF-B029-A75777DEE14F}, Delete-on-Reboot, [368abbe4b7e375c1974b7c5544c051af], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AC6A091C-C748-4143-99E6-9A934C14CA48}, Delete-on-Reboot, [417fa3fc0d8d0b2b71711db464a09967], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BE88876E-498A-4786-809A-A96690564747}, Delete-on-Reboot, [a0206b341c7ea195dd051bb67f85c23e], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C091D867-24CA-4BF3-8812-1B327F3A4C69}, Delete-on-Reboot, [9f21217e910952e41349db34976ec33d], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C9579E4A-9A6F-4ED7-AFE9-F67205B1DF80}, Delete-on-Reboot, [8937fca3b6e42a0c17cb12bfad57a55b], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CBFAFC59-F2DB-4FB0-973F-81371F9985AD}, Delete-on-Reboot, [01bf009f5f3be5513626eb2412f340c0], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CF53734E-18C8-4AE1-935C-D70D74304642}, Delete-on-Reboot, [2d9367383d5d280ef6ec00d1986c5ca4], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D83FF368-E450-4BAC-A436-02EF44E73CB1}, Delete-on-Reboot, [526e5946ccce270f7fdd5eb1dd286e92], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E171F716-188D-443B-8535-D8FC141C3A8A}, Delete-on-Reboot, [b010a5fa930774c214cec70a5ba9bf41], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6896CF2-42C6-4D0D-A01E-13390D6F4D3A}, Delete-on-Reboot, [a61adec10892d165f864bf5063a224dc], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F93FBCD2-6ED2-4E83-B47C-1BB2ABC4E0E1}, Delete-on-Reboot, [c1ffdfc02b6f1224855d04cdb351916f], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FB8A97BE-744C-48AA-8DC9-C2CE609F5F80}, Delete-on-Reboot, [833da5fa7129f2448fcdf71801043dc3], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application, Delete-on-Reboot, [c6fa3b64e9b188aeca1a7160e81cff01], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application Guard, Delete-on-Reboot, [3e82ecb3a8f2eb4bf6ee329ffd0744bc], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application Guardian, Delete-on-Reboot, [932d6936c8d255e123c14f826f95a55b], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application Updater, Delete-on-Reboot, [e5db3c63237715215a8ab71a10f40df3], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v2, Delete-on-Reboot, [f2cecbd4e8b2ef47b62e646dbf45f50b], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v2 Guard, Delete-on-Reboot, [67597827e8b22016578dc60b7e861fe1], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v2 Guardian, Delete-on-Reboot, [4779b7e8d2c851e523c109c89a6a32ce], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v2 OG, Delete-on-Reboot, [4977e0bfdbbfc175d80cf2dfd232738d], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v2 On Guard, Delete-on-Reboot, [fac676298e0cae8812d23f925aaadb25], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v2 OnGuard, Delete-on-Reboot, [cef21e814d4d79bdc0243b9682828c74], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange, Delete-on-Reboot, [9e229d02801a5fd7e27b51bedc29d12f], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange Guard, Delete-on-Reboot, [08b89b04a3f710260f4e917e5fa6b64a], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange Guardian, Delete-on-Reboot, [e9d7d5cad6c4ec4a5a0340cf54b1d42c], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange Updater, Delete-on-Reboot, [c3fdddc2702a9f97b0ad53bcbb4a19e7], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2, Delete-on-Reboot, [cbf5a0ff0c8e14225607f41b53b2af51], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 Guard, Delete-on-Reboot, [bd03cbd48d0d58dec29bf21d5ca905fb], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 Guardian, Delete-on-Reboot, [dfe1d6c91684053180dd35da57aeae52], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 OG, Delete-on-Reboot, [6759c3dce7b33bfb67f6dd32fc098d73], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 On Guard, Delete-on-Reboot, [249c8a1515850c2a2a33848b4cb94eb2], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 OnGuard, Delete-on-Reboot, [bf01ecb3d8c28babf46964ab46bf15eb], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application Installer, Quarantined, [e1df534cb3e79f9796cd020dd530ab55], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online.io Application, Quarantined, [ba06851acecc42f41ec51cb558acec14], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Traffic Exchange, Quarantined, [665a900f67334cea244ba46b52b38c74], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{438465C5-D78D-4958-B31D-60374B5042F4}, Quarantined, [6a56326d6535b581546af51fea1b04fc], 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C9DAA97A-154F-48F4-9453-19A85F1AE634}, Quarantined, [dce4247baded1323c8f0e4fc22e2fe02], 

Registry Values: 24
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{280ADBDE-5EB6-49BE-838F-A0CA5EA6B0B1}|Path, \Traffic Exchange v2 OnGuard, Delete-on-Reboot, [635dfea168320b2be17b739c02030cf4]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EAF1F94-47E4-4719-BC2D-447E32F6BFA1}|Path, \Traffic Exchange, Delete-on-Reboot, [b010049bb8e279bd60fc947b29dc9f61]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{77AB9E48-F35B-4195-A085-5879719CBA12}|Path, \Online Application v2 Guard, Delete-on-Reboot, [467a7e21237764d24f93a32e08fc9769]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{98AE2747-A69D-4404-9E30-36E74499D834}|Path, \Online Application Guard, Delete-on-Reboot, [3a86bbe4e1b962d426bc9d34ce360bf5]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9B774ABE-6D05-4493-9E05-A512CFC422BB}|Path, \Traffic Exchange v2 On Guard, Delete-on-Reboot, [b010712e504aa4924c10df30e91c06fa]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9F5595DB-DE9E-4DB0-B843-4CB5D34FE97E}|Path, \Traffic Exchange v2 OG, Delete-on-Reboot, [e1df7f207426f046ee6e39d6ef1630d0]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0C2DCD7-A3D6-4B68-BD57-7D6775D68AC8}|Path, \Traffic Exchange v2 Guard, Delete-on-Reboot, [d6ea722dd9c1a5913f1d987742c39d63]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A2D255C7-F985-4441-99D3-5B9C7BB1BFB9}|Path, \Online Application, Delete-on-Reboot, [e7d97a253862270f459d7d541ce8de22]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A88003DA-BFF1-45FF-B029-A75777DEE14F}|Path, \Online Application Guardian, Delete-on-Reboot, [368abbe4b7e375c1974b7c5544c051af]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AC6A091C-C748-4143-99E6-9A934C14CA48}|Path, \Online Application v2, Delete-on-Reboot, [417fa3fc0d8d0b2b71711db464a09967]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BE88876E-498A-4786-809A-A96690564747}|Path, \Online Application v2 On Guard, Delete-on-Reboot, [a0206b341c7ea195dd051bb67f85c23e]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C091D867-24CA-4BF3-8812-1B327F3A4C69}|Path, \Traffic Exchange Guardian, Delete-on-Reboot, [9f21217e910952e41349db34976ec33d]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C9579E4A-9A6F-4ED7-AFE9-F67205B1DF80}|Path, \Online Application v2 OG, Delete-on-Reboot, [8937fca3b6e42a0c17cb12bfad57a55b]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CBFAFC59-F2DB-4FB0-973F-81371F9985AD}|Path, \Traffic Exchange Updater, Delete-on-Reboot, [01bf009f5f3be5513626eb2412f340c0]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CF53734E-18C8-4AE1-935C-D70D74304642}|Path, \Online Application Updater, Delete-on-Reboot, [2d9367383d5d280ef6ec00d1986c5ca4]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D83FF368-E450-4BAC-A436-02EF44E73CB1}|Path, \Traffic Exchange v2 Guardian, Delete-on-Reboot, [526e5946ccce270f7fdd5eb1dd286e92]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E171F716-188D-443B-8535-D8FC141C3A8A}|Path, \Online Application v2 Guardian, Delete-on-Reboot, [b010a5fa930774c214cec70a5ba9bf41]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E6896CF2-42C6-4D0D-A01E-13390D6F4D3A}|Path, \Traffic Exchange v2, Delete-on-Reboot, [a61adec10892d165f864bf5063a224dc]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F93FBCD2-6ED2-4E83-B47C-1BB2ABC4E0E1}|Path, \Online Application v2 OnGuard, Delete-on-Reboot, [c1ffdfc02b6f1224855d04cdb351916f]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FB8A97BE-744C-48AA-8DC9-C2CE609F5F80}|Path, \Traffic Exchange Guard, Delete-on-Reboot, [833da5fa7129f2448fcdf71801043dc3]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{438465C5-D78D-4958-B31D-60374B5042F4}|Contact, contact@online.io, Quarantined, [b709dac59ffbe056d87bdc33aa5bb34d]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{438465C5-D78D-4958-B31D-60374B5042F4}|URLInfoAbout, http://traffic.io/, Quarantined, [6a56326d6535b581546af51fea1b04fc]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C9DAA97A-154F-48F4-9453-19A85F1AE634}|Contact, contact@online.io, Quarantined, [3d831f809802e05663f0dd32b94c857b]
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C9DAA97A-154F-48F4-9453-19A85F1AE634}|URLInfoAbout, http://online.io/, Quarantined, [dce4247baded1323c8f0e4fc22e2fe02]

Registry Data: 0
(No malicious items detected)

Folders: 9
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Online.io Application, Quarantined, [11afe6b95941c274ccd540d47392fd03], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Online.io Application\updates, Quarantined, [11afe6b95941c274ccd540d47392fd03], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange, Quarantined, [c3fd0897e6b45dd97a28f32146bfc937], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange\updates, Quarantined, [c3fd0897e6b45dd97a28f32146bfc937], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange\updates\1.10.0, Quarantined, [c3fd0897e6b45dd97a28f32146bfc937], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange\updates\1.11.0, Quarantined, [c3fd0897e6b45dd97a28f32146bfc937], 

Files: 38
PUP.Optional.OnlineIO, C:\Microleaves\Online Application Installer\prerequisites\aipackagechainer.exe, Delete-on-Reboot, [714fecb34c4eae8866a041dd6f9630d0], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange\updates\1.10.0\Online-Installer.exe, Quarantined, [9d236e3149515adc5caae53952b328d8], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange\updates\1.11.0\Online-Installer.exe, Quarantined, [447cbde21783e4521bebe83615f028d8], 
PUP.Optional.OnlineIO, C:\Users\{username}\Desktop\Online-Installer.exe, Quarantined, [962a851a247667cfcd3989952adbf40c], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.ini, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online.io EULA.url, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Online.io Application\Online.io Privacy.url, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe, Delete-on-Reboot, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online.io EULA.url, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Online.io Privacy.url, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.ini, Quarantined, [526ee0bf5545c1755e81b41d53b159a7], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application, Quarantined, [ead66f30396187af18cd3d94758f728e], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application Guard, Quarantined, [853b5b444d4d59dd8362b41d7f85ed13], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application Guardian, Quarantined, [843c6b347f1bfe38d312ddf4cd3704fc], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application Updater, Quarantined, [b60a7f20594188ae717418b9887c946c], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application v2, Quarantined, [a51b8718108a4ee80fd63b96986c8977], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application v2 Guard, Quarantined, [c0006c337327e551677e28a97094926e], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application v2 Guardian, Quarantined, [863acdd2792145f1b92c8e43bc4827d9], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application v2 OG, Quarantined, [fdc3aaf50298c175865fe7eab54f31cf], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application v2 On Guard, Quarantined, [f6caacf33367ec4a42a39b361aea649c], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Online Application v2 OnGuard, Quarantined, [c2fe0b94d4c62511677e478ad430dc24], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange, Quarantined, [0eb28f10b0ea142201632ae58d7852ae], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange Guard, Quarantined, [cff1059a0694aa8c91d3010e8f768f71], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange Guardian, Quarantined, [536d26795a400b2b4f1535da58ad758b], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange Updater, Quarantined, [e7d9ced1f0aaa88ef66e40cf40c5f20e], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange v2, Quarantined, [269a356accce270f0064749bff0618e8], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange v2 Guard, Quarantined, [4977acf3acee0a2cbba9e02f63a2a25e], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange v2 Guardian, Quarantined, [5c64ffa0b9e1bf772c3822ed877e738d], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange v2 OG, Quarantined, [12ae3a65633768ce3e269b74c93c11ef], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange v2 On Guard, Quarantined, [bd030996b7e3c5711252858a050004fc], 
PUP.Optional.OnlineIO, C:\Windows\System32\Tasks\Traffic Exchange v2 OnGuard, Quarantined, [3888336c950564d2105466a984810ef2], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Online.io Application\updates\updates.aiu, Quarantined, [11afe6b95941c274ccd540d47392fd03], 
PUP.Optional.OnlineIO, C:\ProgramData\Microleaves\Traffic Exchange\updates\mupdates.aiu, Quarantined, [c3fd0897e6b45dd97a28f32146bfc937], 

Physical Sectors: 0
(No malicious items detected)


(end)

Add an exclusion

Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it.

The Exclusions tab includes a list of items to be excluded from scans. The items may include files, folders, websites, or applications that connect to the Internet, as well as previously detected exploits.

To access the exclusions in Malwarebytes:

Traces/IOCs

Associated folders:

%ProgramFiles%\Microleaves\Online.io Application
%ProgramData%\Microleaves\Online.io Application

Related blog content

How to avoid potentially unwanted programs

How your business can avoid potentially unwanted programs