Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

SecurityRisk.Aports

SecurityRisk.Aports

Updated:
13 February 2007
Version:
1.4
Publisher:
SmartLine
Risk Impact:
High
File Names:
Aports.exe
Systems Affected:
Windows

Behavior


Aports is a tool that enables you to monitor all open TCP/IP and UDP ports. It allows the user to watch ports and applications, and allows a user or an application to terminate processes.

An API is available for this application, which can be used in malicious code.

Symptoms


None.

Behavior


Part of malware. This must be intentionally placed on the computer.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 01 February 2015 revision 020
  • Initial Daily Certified version 25 September 2003
  • Latest Daily Certified version 26 June 2008 revision 038
  • Initial Weekly Certified release date 01 October 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

This threat is a stand-alone application, does not drop files, and does not modify the registry. This hack tool displays a Graphical User Interface (GUI) showing the processes and applications as they are mapped to port numbers. Also, it shows the IP address of the user accessing open ports.

The publisher also offers an API for a fee. Aports.exe is freeware in its GUI form.

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
  1. Update the virus definitions.
  2. Run a full system scan and delete all the files detected as SecurityRisk.Aports.

For specific details on each of these steps, read the following instructions.

1. Updating the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
  • Running LiveUpdate, which is the easiest way to obtain virus definitions: These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the Virus Definitions (LiveUpdate).
  • Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted on U.S. business days (Monday through Friday). You should download the definitions from the Symantec Security Response Web site and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the Virus Definitions (Intelligent Updater).

    The Intelligent Updater virus definitions are available: Read "How to update virus definition files using the Intelligent Updater" for detailed instructions.

2. Scanning for and deleting the infected files
  1. Start your Symantec antivirus program and make sure that it is configured to scan all the files.
  2. Run a full system scan.
  3. If any files are detected as infected with SecurityRisk.Aports, click Delete.