• AnyStream is having some DRM issues currently, Netflix is not available in HD for the time being.
    Situations like this will always happen with AnyStream: streaming providers are continuously improving their countermeasures while we try to catch up, it's an ongoing cat-and-mouse game. Please be patient and don't flood our support or forum with requests, we are working on it 24/7 to get it resolved. Thank you.

virus? io.dll??

D

dirio49

Well-Known Member
Thread Starter
Joined
Nov 10, 2007
Messages
238
Likes
0
Wrong forum sorry.

I downloaded it myself from slysoft and updated by bumbell bee.
Code: 
Category: Adware

Description: This program delivers potentially unwanted advertisements to your computer.

Recommended action: Permit this detected item only if you trust the program or the software publisher.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Items: 
file:C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\io.dll

Get more information about this item online.
 
Last edited:
To quote myself from here:

DrinkLyeAndDie said:
Contact Microsoft and any other antivirus vendor who is detecting this as a problem. io.dll is a valid file. The MD5 hash for the file is A13398781268733FF76E5EC7CB2E0738. More importantly, the VCD installer was digitally signed on January 15, 2011. If the signature on the installer is valid then it's not a problem with the file.

Btw, I just submitted io.dll to VirusTotal. Out of 40 antivirus products only Microsoft is detecting something: Adware:Win32/OpenCandy. Submit the file to Microsoft so that they can update their security software.
Click to expand...

Moving this to the Virtual CloneDrive forum.
 
Last edited:
I already submitted this file to Microsoft. Hopefully they will correct this false positive soon.
 
lych said:
I already submitted this file to Microsoft. Hopefully they will correct this false positive soon.
Click to expand...

At the end of the day I don't know if Microsoft will remove the detection. OpenCandy, itself is not nefarious and while it can be used in software installers to suggest another product I really don't see it as bad. I guess we'll see what Microsoft decides.
 
Here is the reply I got from Microsoft
Analysis of the file(s) in Submission ID MMPC11021238808318 is now complete.

This is the final email that you will receive regarding this submission.

The Microsoft Malware Protection Center (MMPC) has investigated the following file(s) which we received on 2/12/2011 2:10:12 PM Pacific Time.
Below is the determination for your submission.

========
Submission ID MMPC11021238808318

Submitted Files
=============================================
io.dll [Adware:Win32/OpenCandy]

The following links contain more information regarding the detections listed above:
http://go.microsoft.com/fwlink/?linkid=95666&Entry.aspx&name=Adware:Win32/OpenCandy




Your submission was scanned using antimalware definition version 1.97.1659.0.
Click to expand...
Here is my reply to that:
I recently submitted a file to you that MSE found to contain adware, specifically Adware:Win32/OpenCandy. I contacted the vendor, slysoft, about this detection and they said it is a false positive. Slysoft and I believe this detection is in error and that your definitions need to be updated to reflect this.
Click to expand...
Microsoft makes this difficult. First, you must submit a sample via their website, which is scanned with their software using pre-released definitions. Once you are notified via email of the scan results, you can finally email Microsoft directly about the file in question. Way too much bureaucracy for my tastes.

Does VCD actually use Open Candy?
 
lych said:
Does VCD actually use Open Candy?
Click to expand...

No, in fact, Virtual CloneDrive doesn't make use of OpenCandy. The stupid DLL is, however, included in the installer and Microsoft is basing its detection on that. Refer to the Virtual CloneDrive v5.4.4.3 beta thread for this exchange I had with James: http://forum.slysoft.com/showthread.php?t=45979.

In particular focus on these posts:

Triads said:
Got the same this morning about IO.dll, what should we do with it?
Click to expand...

James said:
VCD doesn't use or need this file. It won't do any harm. You can delete it or keep it.
Click to expand...

DrinkLyeAndDie said:
Just out of curiosity I wonder why the file is even present then, James (?). :confused:
Click to expand...

James said:
It is adware, if it used. VCD doesn't use it, so it is just a file. ;)
AFAIK elby thought about adding open candy to the installer, but didn't do it. It must be a leftover.
Click to expand...
 
i had this happen as well
but i just added an exception for the programs location and am about to reinstall virtual Clone Drive
(located in settings > excluded files and locations)
 
io.dll io.dll is a DLL file This process is still being reviewed. If you have some information about it feel free to send us an email at NO SPAM HERE
 
Last edited by a moderator:
You must log in or register to reply here.
Back
Top