Cotação de desconto para licenças múltiplas

Mudar de região

English Português
Banco de Dados de Ameaças Programas potencialmente indesejados Traffic Exchange

Traffic Exchange

Por CagedTech em Programas potencialmente indesejados
Traduzir Para:

Cartão de pontuação de ameaças

Popularity Rank: 56
Nível da Ameaça: 10 % (Normal)
Computadores infectados: 1,074,010
Visto pela Primeira Vez: November 11, 2016
Visto pela Última Vez: January 11, 2026
SO (s) Afetados: Windows

O software Traffic Exchange da Microleaves Ltd pode ser oferecido aos usuários de PC como um tipo de aprimorador de compras que conecta os usuários diretamente aos editores de anúncios. O aplicativo Traffic Exchange pode ser instalado gratuitamente nos computadores que usam o Windows, e você pode ser levado a acreditar que o Traffic Exchange oferece as melhores ofertas em suas lojas on-line favoritas. Os usuários de PC podem ser convidados a instalar o programa Traffic Exchange e se beneficiar de descontos personalizados, promoções, ofertas por tempo limitado e ofertas exclusivas. O aplicativo Traffic Exchange da Microleaves Ltd é classificado como um Programa Potencialmente Indesejado (PPI). O software Traffic Exchange é conhecido por promover empresas questionáveis de suporte aos computadores, convidar usuários a instalar ferramentas de segurança cibernética não confiáveis e executar através do 'C:\Windows\fvxeupdate.exe'. O programa em questão pode deixar arquivos nos seguintes locais:

C:\Microleaves\Online Application Installer\prerequisites\Traffic Exchange.exe
C:\Microleaves\Online Application Installer\prerequisites\aipackagechainer.exe
C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe
C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe
C:\Windows\System32\Tasks\Online Application Updater
C:\Windows\System32\Tasks\Online Application v2 Guard
C:\Windows\System32\Tasks\Online Application v2 OG

O programa Traffic Exchange pode adicionar tarefas agendadas no Windows e conectar-se a servidores de anúncios a cada cinco minutos. Os anúncios do Traffic Exchange podem ser apresentados em janelas pop-up, caixas de anúncios flutuantes e podem aparecer como texto com hiperlinks nas páginas. Os programas de segurança podem marcar o software Traffic Exchange como 'PUP.Optional.OnlineIO' e 'Adware.TrafficExchange'. O conteúdo carregado pelo Traffic Exchange no navegador pode incluir links para páginas de phishing e páginas inseguras. É aconselhável considerar o Traffic Exchange para remoção com um utilitário anti-malware confiável.

SpyHunter detecta e remove Traffic Exchange

Detalhes Sobre os Arquivos do Sistema

Traffic Exchange pode criar o(s) seguinte(s) arquivo(s):
Expandir todos | Recolher todos
# Nome do arquivo MD5 Detecções
1. aipackagechainer.exe 625151080b293da9ccb7f2100e43255f 6
2. Online-Guardian-v2.exe b62f3eee71d915df81c040007955b6b9 4
3. Online-Guardian.exe b1956bcc37f7b28bc8ad2efd16060c87 2
4. OnlineGuardian-v2.exe f4d0dd1537ebebd0a8daa73f60e160be 1
5. Online-Guardian-v2.0.9.exe ab0e97b4881076a20461f49bcafa1d57 1
6. Online Application Updater.exe 016ce1783d079384774fb3ffee95c169 1
7. file.exe 1ae34060ed111aec2e3c914270ef6131 0
Arquivos Adicionais

Detalhes sobre o Registro

Traffic Exchange pode criar a seguinte entrada de registro ou entradas de registro:
Regexp file mask
%TEMP%\ww-Online.IO-installer.exe
%WINDIR%\Installer\{010F762A-8645-4AAE-9E69-40254D5147F9}\online.exe
%WINDIR%\Installer\{92C1F287-B8A1-415C-B872-4000F57C055A}\online.exe
%WINDIR%\System32\Tasks\Online Application V2Gd
%WINDIR%\System32\Tasks\Online Special Application[RANDOM CHARACTERS]
%WINDIR%\System32\Tasks\Traffic Exchange[RANDOM CHARACTERS]
%WINDIR%\System32\Tasks\Updater_Online_Application
%WINDIR%\System32\Tasks\Updater_Online_Special_Application[RANDOM CHARACTERS]
%WINDIR%\Tasks\Online Application V2Gd.job
%WINDIR%\Tasks\Online Special Application[RANDOM CHARACTERS].job
%WINDIR%\Tasks\Traffic Exchange[RANDOM CHARACTERS].job
%WINDIR%\Tasks\Updater_Online_Application.job
%WINDIR%\Tasks\Updater_Online_Special_Application[RANDOM CHARACTERS].job
HKEY..\..\..\..{RegistryKeys}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{010F762A-8645-4AAE-9E69-40254D5147F9}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{438465C5-D78D-4958-B31D-60374B5042F4}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{92C1F287-B8A1-415C-B872-4000F57C055A}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{DBABED16-1BB7-4805-B24B-7424A372AB0F}
SOFTWARE\Caphyon\Advanced Installer\LZMA\{F0847AE0-465A-4D7B-A555-AABB43B550F0}
SOFTWARE\Caphyon\Advanced Installer\Scheduled Tasks\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
SOFTWARE\Classes\Installer\Products\5C564834D87D85943BD10673B405244F
SOFTWARE\Classes\Installer\Products\61DEBABD7BB150842BB447423A27BAF0
SOFTWARE\Classes\Installer\Products\6F4136C48ED2453458A6876797EA4F70
SOFTWARE\Classes\Installer\Products\782F1C291A8BC5148B2704005FC750A5
SOFTWARE\Classes\Installer\Products\A267F0105468EAA4E9960452D415749F
SOFTWARE\Classes\Installer\Products\C5EB7F25B3C2B7C49AD61FB9E91C99D2
SOFTWARE\Classes\Installer\UpgradeCodes\A3B7F0A2A2BF143479D11833E902B61F
SOFTWARE\Microleaves
SOFTWARE\Microsoft\Tracing\Online Application Updater_RASAPI32
SOFTWARE\Microsoft\Tracing\Online Application Updater_RASMANCS
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Special Application V2G1
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Special Application V2G2
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Special Application V2G3
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Traffic Exchange Updater
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Special_Application
SOFTWARE\WOW6432Node\Caphyon\Advanced Installer\LZMA\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
SOFTWARE\Wow6432Node\Caphyon\Advanced Installer\Scheduled Tasks\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
SOFTWARE\WOW6432Node\Microleaves
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
Online.IO
{010F762A-8645-4AAE-9E69-40254D5147F9}
{102BD58E-AC7E-47DB-B2AB-4A444FFF82CF}
{438465C5-D78D-4958-B31D-60374B5042F4}
{44FE85D7-4C36-4A76-A3CF-2BFFEBB76C09}
{4C6314F6-2DE8-4354-856A-787679AEF407}
{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}
{57281722-3238-4A30-AAE7-85D93977E0FE}
{57629D30-3D4C-4BA3-9EE2-D38E56D7221E}
{5C2B5FB4-B961-4BA8-AAC5-11381225A8FA}
{804C6085-8AFA-452E-8567-55FE1BF21FBF}
{92C1F287-B8A1-415C-B872-4000F57C055A}
{A91EEA9B-DCAA-4B2D-B62A-50B8EA351561}
{DBABED16-1BB7-4805-B24B-7424A372AB0F}
{E7B046D6-CF45-4063-9BB8-DE124614885C}
{F0847AE0-465A-4D7B-A555-AABB43B550F0}
{F972E1E6-EE44-4BE6-8264-4B88ED176BDA}

Diretórios

Traffic Exchange pode criar o seguinte diretório ou diretórios:

%ALLUSERSPROFILE%\Microleaves
%APPDATA%\Microleaves
%HOMEDRIVE%\AppData\Roaming\Microleaves
%HOMEDRIVE%\Users\Default\AppData\Local\AdvinstAnalytics
%LOCALAPPDATA%\AdvinstAnalytics
%PROGRAMFILES%\Microleaves
%PROGRAMFILES%\Online-IO
%PROGRAMFILES%\Online.IO
%PROGRAMFILES(x86)%\Microleaves
%PROGRAMFILES(x86)%\Online-IO
%PROGRAMFILES(x86)%\Online.IO
%USERPROFILE%\Local Settings\Application Data\AdvinstAnalytics
%WINDIR%\INSTALLER\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}
%WINDIR%\INSTALLER\{F0847AE0-465A-4D7B-A555-AABB43B550F0}
%WINDIR%\Installer\{438465C5-D78D-4958-B31D-60374B5042F4}
%WINDIR%\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
%WINDIR%\SysWOW64\config\systemprofile\AppData\Local\AdvinstAnalytics
%WINDIR%\System32\config\systemprofile\AppData\Local\AdvinstAnalytics
%WINDIR%\system32\config\systemprofile\AppData\Roaming\Microleaves
%WINDIR%\syswow64\config\systemprofile\AppData\Roaming\Microleaves

Relatório de análise

Informação geral

Family Name: PUP.Traffic Exchange
Signature status: No Signature

Known Samples

MD5: 2b668b082327c837962c025b4fe39cf9
SHA1: 4b290fec2aea3d2dab28b78f7a4d86a16673c912
SHA256: C05B5B66C6101E7A7532D8086BEB4682DB80535FB02839CA02A4140F5EA701F8
Tamanho do Arquivo: 1.11 MB, 1114431 bytes
MD5: f5d11eaf8ebfb21bceffa953b25b4bd7
SHA1: 3408787835b53960b24b35d07ec5cda39f091f23
SHA256: C473CAB817FF208075C4D0D7A387E0FA868C6CF736E8E0B3968AC2B73617DCF5
Tamanho do Arquivo: 862.26 KB, 862262 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Nome Valor
Company Name AdvancedWindowsManager
File Description Windows Updater 5.0.4
File Version
  • 5.0.4
  • 1.00
Internal Name
  • TJprojMain
  • Windows Updater
Legal Copyright Copyright (C) 2022 AdvancedWindowsManager
Original File Name Windows Updater.exe
Original Filename TJprojMain.exe
Product Name
  • Project1
  • Windows Installer
Product Version
  • 5.0.4
  • 1.00

Digital Signatures

Signer Root Status
Microleaves LTD DigiCert Global G3 Code Signing ECC SHA384 2021 CA1 Hash Mismatch

File Traits

  • x64

Windows API Usage

Category API
Other Suspicious
  • SetWindowsHookEx

Tendendo

Mais visto

Carregando...