AWSPS

Hi,

I started this thread for member Nevermore as a follow-up from this thread:
https://www.wilderssecurity.com/showthread.php?t=161899
(Port Explorer Alternatives)

AWSPS = Atelier Web Security Port Scanner
http://www.atelierweb.com/pscan/index.htm

Quote from that other thread:

Hi Nevermore,

First we have to keep in mind that AWSPS is a rather old program.
The last version is from the end of January 2002.
And it uses a file from 1999: C:\WINDOWS\ffJmpWeb.dll

I have installed it now on my XP-home Dutch machine (I did have a licence for it).
Due to family circumstances I don't have at the moment much time to test it thoroughly, sorry.
But a quick test didn't give me much problems.

There is however something else to keep in mind.
AWSPS is one of those programs that can be used in a positive way, but also in a negative way.
That means that it could be that some anti-malware might warn against it.
I know for example that my very old version of PestPatrol does that.
So it could be that some anti-malware scanner on your machine might warn against it.

Further: I have quickly scanned two of its files at VirusTotal.

awsps.exe :
Sunbelt gives a warning:
Sunbelt 2.2.907.0 01.12.2007 VIPRE.Suspicious
Sunbelt info:
VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

awsdll.dll :
AntiVir 7.3.0.26 01.19.2007 HEUR/Malware
Fortinet 2.82.0.0 01.19.2007 suspicious

So, in case you use one of those programs, it might be that that is the reason that you have problems with it.

 

Being a port scanner tool it´s no surprise that AWSPS is detected as malware. I think it´s riskware, nothing more, but I´m not sure. Wait for a qualified opinion.

 

Hi,

I was more or less saying the same thing when I posted:

AWSPS is no malware, but it can be used in a "negative" way.

Off topic:
LOL, I can also use my good old TDS-3 in a way that not everyone will be happy with....
Is/was it (TDS-3) malware? No.
(and more off topic: look at this result at VirusTotal about tds-3.exe :
Fortinet 2.82.0.0 01.19.2007 suspicious).

The only thing I was trying to do, was to give some possible explanations why Nevermore might have problems with AWSPS.
I wasn't saying that it were the right explanations; I don't even know which anti-malware programs (AV, AT, AS, etc) Nevermore is using.

And, BTW, I am also aware that what VirusTotal is telling, is sometimes to be taken with a "grain of salt" (if that is the right English expression...).

 

Fortinet flags almost all runtime packed executables as suspicious

 

FanJ,

Well, I was only having two small problems with AWSPS. One I think I solved. One of the plug-ins said I didn't have administration rights when I really did. I don't know if the problem is solved because my trial period has expired. So, I won't know until payday if I did solve the problem or not.

The other problem I was having was I could not use Ports Finder. It would do the scan, but when it was finished it would display nothing. Now, I was told I had to have tcp server in my machine. What ever that means. If that is the case then that traslates to one feature I can not use. Not that it matters. Everything else worked perfectly and told me everything that was going on in my computer and beyond.

Anyway, I had no problem with any of my other programs interpreting it as maleware or a virus or spyware. So, I am in the clear where that issue is concerned.

I would like to ask if you had a problem with the Ports Finder feature? Did you have tcp server on your machine?

 

FanJ,

I use NOD32 antivirus.

Sorry, ya'll's replies were not there when I originally posted.

 

Hi,

Yes, I am aware that Fortinet flags a lot of packers as suspicious.
It was just an example.

Well, let's go on-topic:
We don't know which anti-malware programs Nevermore is running.
What I was saying, it could be an explanation. But maybe there could also be completely different explanation(s) why he/she has problems with AWSPS; I don't know.

 

Hi Nevermore,

Sorry that I didn't see your reply; our postings just crossed each other

Yes, I installed the two plug-ins:
Enhanced Ports Finder Plug-In v 2.1
NIC Vendors Plug-in v 2.0

I too use NOD32 as resident AV (and BOClean as AT).

I run as admin.

It looks to me that I have the same problem as you with respect to Ports Finder, unless I am doing something wrong... (it has been a long time ago that I used AWSPS).
My Port Explorer has no problem with respect to mapping programs to ports, as far as I can see.
I must admit that I am not quite sure about that tcp server
Maybe someone else could tell us more about that.
And I hope that Jose Pascoa will tell us more about it.

Cheers, Jan.