Author Topic: CMDOW.EXE is not a Virus!  (Read 16357 times)

0 Members and 1 Guest are viewing this topic.

jeremielorente

  • Guest
CMDOW.EXE is not a Virus!
« on: July 24, 2006, 03:55:09 PM »
Hi,

cmdow.exe is detected by my avast pro as a virus: Win32:Hidewindows-C [Tool]

but it's not a virus, it's a very usefull program.... is it possible to not detect it as a virus?

Thx


Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: CMDOW.EXE is not a Virus!
« Reply #1 on: July 24, 2006, 04:29:59 PM »
As a workaround, use the Exclusion lists:

For the Standard Shield provider (on-access scanning):
Left click the 'a' blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button...

For the other providers (on-demmand scanning):
Right click the 'a' blue icon, click Program Settings.
Go to Exclusions tab and click on Add button...

You can use wildcards like * and ?.
But be carefull, you should 'exclude' that many files that let your system in danger.

To know if a file is a false positive, please submit it to JOTTI or VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com Please, mention in the body of the message why you think it is a false positive and the password used.
The best things in life are free.

jeremielorente

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #2 on: July 24, 2006, 04:49:44 PM »
this program is like cmd.exe of microsoft but without the black screen... it's used for exemple to make unattended windows installation cd, or execute some programs on network without black screen....

Very useful for admins! I can't put this in exeption list for all my 300 computers on my network!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: CMDOW.EXE is not a Virus!
« Reply #3 on: July 24, 2006, 05:31:51 PM »
this program is like cmd.exe of microsoft but without the black screen...
Is it a freeware? Can we download it?
The best things in life are free.

jeremielorente

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #4 on: July 24, 2006, 05:35:21 PM »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: CMDOW.EXE is not a Virus!
« Reply #5 on: July 24, 2006, 05:39:43 PM »
Thanks... I'll need to wait Alwil team correct the false positive to download  :'(

By the way, as you have a large network maybe you can post in the ADNM forum in order to get help faster  8)
Click here: http://forum.avast.com/index.php?action=post;board=10.0
The best things in life are free.

jeremielorente

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #6 on: July 24, 2006, 05:43:56 PM »
thx very much!

kareld

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #7 on: July 24, 2006, 06:13:53 PM »
The false positive is fixed in the lates virus database update. It's available for download now or very soon (minutes) since now.

jeremielorente

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #8 on: July 24, 2006, 06:16:06 PM »
very very great news!

thx for your great reactivity!!!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88898
  • No support PMs thanks
Re: CMDOW.EXE is not a Virus!
« Reply #9 on: July 24, 2006, 06:22:50 PM »
The problem is the [Tool] can be used for good or for evil, so it is hard to determine which. I think they were originally airing on the side of safety.

Good that it has been resolved by the latest VPS update.

There is also another thread about cmdow http://forum.avast.com/index.php?topic=22350.0
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: CMDOW.EXE is not a Virus!
« Reply #10 on: July 24, 2006, 06:24:12 PM »
Is this really a false positive?

I mean, the malware name we used was "Win32:Hidewindows-C [Tool]", and the web page of the product says: "Cmdow is a Win32 commandline utility for NT4/2000/XP/2003 that allows windows to be listed, moved, resized, renamed, hidden/unhidden, disabled/enabled, minimized, maximized, restored, activated/inactivated, closed, killed and more."

So, it sounds to me that this was actually an intentional detection (even though questionable).


Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

jeremielorente

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #11 on: July 24, 2006, 06:27:07 PM »
But avast block me when i try to acces it or copy it or something else......


Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: CMDOW.EXE is not a Virus!
« Reply #12 on: July 24, 2006, 06:37:45 PM »
Yes, you're right, that's the point of detecting it. ;D

But if you're using ADNM, it would be quite straightforward to centrally put the file to the list of scan exception (not really important anymore since the definition has now been removed in VPS version 0630-1).


Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: CMDOW.EXE is not a Virus!
« Reply #13 on: July 24, 2006, 07:00:38 PM »
Looks perfectly accurate detection to me.
It's tagged as [Tool] and even descritpion in warning dialog says it's a potentially dangerous program.
Maybe there should be a checkbox in Standard Shield settings to enable/disable these otentially dangerous programs detection (like NOD32 has for example). Still, same as Vlk, i think it's a proper detection.
Visit my webpage Angry Sheep Blog

jeremielorente

  • Guest
Re: CMDOW.EXE is not a Virus!
« Reply #14 on: July 25, 2006, 09:04:49 AM »
I do not use ADNM.... because to me, Windows server sucks................

I use SME Linux distro (www.contribs.org)