Sourcefire VRT Rules Update

Date: 2008-01-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8.

The format of the file is:

sid - Message (rule group)

New rules:
13321 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX clsid access (web-client.rules)
13322 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX clsid unicode access (web-client.rules)
13323 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX function call access (web-client.rules)
13324 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX function call unicode access (web-client.rules)
13325 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX clsid access (web-client.rules)
13326 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX clsid unicode access (web-client.rules)
13327 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX function call access (web-client.rules)
13328 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX function call unicode access (web-client.rules)
13329 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX clsid access (web-client.rules)
13330 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX clsid unicode access (web-client.rules)
13331 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX function call access (web-client.rules)
13332 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX function call unicode access (web-client.rules)
13333 <-> WEB-CLIENT HP Virtual Rooms ActiveX clsid access (web-client.rules)
13334 <-> WEB-CLIENT HP Virtual Rooms ActiveX clsid unicode access (web-client.rules)
13335 <-> WEB-CLIENT Lycos File Upload Component ActiveX clsid access (web-client.rules)
13336 <-> WEB-CLIENT Lycos File Upload Component ActiveX clsid unicode access (web-client.rules)
13337 <-> WEB-CLIENT Comodo AntiVirus ActiveX clsid access (web-client.rules)
13338 <-> WEB-CLIENT Comodo AntiVirus ActiveX clsid unicode access (web-client.rules)
13339 <-> SPYWARE-PUT Hijacker direct toolbar runtime detection (spyware-put.rules)
13340 <-> SPYWARE-PUT Hijacker search4top runtime detection - hijack ie searches and error pages (spyware-put.rules)
13341 <-> SPYWARE-PUT Hijacker search4top runtime detection - popup ads (spyware-put.rules)
13342 <-> SPYWARE-PUT Hijacker ditto toolbar runtime detection (spyware-put.rules)
13343 <-> SPYWARE-PUT Adware 2005-search loader runtime detection (spyware-put.rules)
13344 <-> SPYWARE-PUT Adware yourprivacyguard runtime detection - presale request (spyware-put.rules)
13345 <-> SPYWARE-PUT Adware yourprivacyguard runtime detection - update (spyware-put.rules)
13346 <-> SPYWARE-PUT Snoopware remote desktop inspector runtime detection - init connection (spyware-put.rules)
13347 <-> SPYWARE-PUT Snoopware remote desktop inspector runtime detection - init connection (spyware-put.rules)
13348 <-> WEB-CLIENT Move Networks Media Player ActiveX clsid access (web-client.rules)
13349 <-> WEB-CLIENT Move Networks Media Player ActiveX clsid unicode access (web-client.rules)
13350 <-> WEB-CLIENT Move Networks Media Player ActiveX function call access (web-client.rules)
13351 <-> WEB-CLIENT Move Networks Media Player ActiveX function call unicode access (web-client.rules)
13352 <-> WEB-CLIENT Lycos File Upload Component ActiveX function call access (web-client.rules)
13353 <-> WEB-CLIENT Lycos File Upload Component ActiveX function call unicode access (web-client.rules)
13354 <-> WEB-CLIENT HP Virtual Rooms ActiveX function call access (web-client.rules)
13355 <-> WEB-CLIENT HP Virtual Rooms ActiveX function call unicode access (web-client.rules)
13356 <-> SQL SAP MaxDB shell command injection attempt (sql.rules)
13357 <-> POLICY failed mysql login attempt (policy.rules)
13358 <-> POLICY mysql login attempt from unauthorized location (policy.rules)
13359 <-> POLICY failed IMAP login attempt - invalid username/password (policy.rules)
13360 <-> POLICY failed FTP login attempt (policy.rules)
13361 <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules)
13362 <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules)
13363 <-> EXPLOIT Cisco Unified Communications Manager heap overflow attempt (exploit.rules)
13364 <-> SMTP Novell GroupWise client IMG SRC buffer overflow (smtp.rules)
13365 <-> EXPLOIT Trend Micro ServerProtect TMregChange buffer overflow attempt (exploit.rules)
13366 <-> ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (oracle.rules)

Updated rules:
 654 <-> SMTP RCPT TO overflow (smtp.rules)
 680 <-> MS-SQL/SMB sa login failed (sql.rules)
 688 <-> MS-SQL sa login failed (sql.rules)
 709 <-> TELNET 4Dgifts SGI account attempt (telnet.rules)
 710 <-> TELNET EZsetup account attempt (telnet.rules)
 711 <-> TELNET SGI telnetd format bug (telnet.rules)
 803 <-> WEB-CGI HyperSeek hsx.cgi directory traversal attempt (web-cgi.rules)
 817 <-> WEB-CGI dcboard.cgi invalid user addition attempt (web-cgi.rules)
 829 <-> WEB-CGI nph-test-cgi access (web-cgi.rules)
 833 <-> WEB-CGI rguest.exe access (web-cgi.rules)
 852 <-> WEB-CGI wguest.exe access (web-cgi.rules)
1233 <-> WEB-CLIENT Outlook EML access (web-client.rules)
1252 <-> TELNET bsd telnet exploit response (telnet.rules)
1253 <-> TELNET bsd exploit client finishing (telnet.rules)
1284 <-> WEB-CLIENT readme.eml download attempt (web-client.rules)
1290 <-> WEB-CLIENT readme.eml autoload attempt (web-client.rules)
1735 <-> WEB-CLIENT XMLHttpRequest attempt (web-client.rules)
1762 <-> WEB-CGI phf arbitrary command execution attempt (web-cgi.rules)
1763 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules)
1764 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules)
1765 <-> WEB-CGI Nortel Contivity cgiproc access (web-cgi.rules)
1840 <-> WEB-CLIENT Javascript document.domain attempt (web-client.rules)
1841 <-> WEB-CLIENT Javascript URL host spoofing attempt (web-client.rules)
2003 <-> MS-SQL Worm propagation attempt (sql.rules)
2004 <-> MS-SQL Worm propagation attempt OUTBOUND (sql.rules)
2222 <-> WEB-CGI nph-exploitscanget.cgi access (web-cgi.rules)
2406 <-> TELNET APC SmartSlot default admin account attempt (telnet.rules)
2435 <-> WEB-CLIENT Microsoft emf metafile access (web-client.rules)
2436 <-> WEB-CLIENT Microsoft wmf metafile access (web-client.rules)
2437 <-> WEB-CLIENT RealPlayer arbitrary javascript command attempt (web-client.rules)
2438 <-> WEB-CLIENT RealPlayer playlist file URL overflow attempt (web-client.rules)
2439 <-> WEB-CLIENT RealPlayer playlist http URL overflow attempt (web-client.rules)
2440 <-> WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt (web-client.rules)
2485 <-> WEB-CLIENT Norton antivirus sysmspam.dll load attempt (web-client.rules)
2577 <-> WEB-CLIENT local resource redirection attempt (web-client.rules)
2589 <-> WEB-CLIENT Content-Disposition CLSID command attempt (web-client.rules)
2663 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules)
2671 <-> WEB-CLIENT bitmap BitmapOffset integer overflow attempt (web-client.rules)
2673 <-> WEB-CLIENT libpng tRNS overflow attempt (web-client.rules)
2705 <-> WEB-CLIENT JPEG parser heap overflow attempt (web-client.rules)
2706 <-> WEB-CLIENT JPEG transfer (web-client.rules)
2707 <-> WEB-CLIENT JPEG parser multipacket heap overflow (web-client.rules)
3079 <-> WEB-CLIENT Microsoft ANI file parsing overflow (web-client.rules)
3084 <-> EXPLOIT Veritas backup overflow attempt (exploit.rules)
3088 <-> WEB-CLIENT winamp .cda file name overflow attempt (web-client.rules)
3132 <-> WEB-CLIENT PNG large image width download attempt (web-client.rules)
3133 <-> WEB-CLIENT PNG large image height download attempt (web-client.rules)
3134 <-> WEB-CLIENT PNG large colour depth download attempt (web-client.rules)
3147 <-> TELNET login buffer overflow attempt (telnet.rules)
3148 <-> WEB-CLIENT winhelp clsid attempt (web-client.rules)
3149 <-> WEB-CLIENT object type overflow attempt (web-client.rules)
3192 <-> WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules)
3274 <-> TELNET login buffer non-evasive overflow attempt (telnet.rules)
3470 <-> WEB-CLIENT RealPlayer VIDORV30 header length buffer overflow (web-client.rules)
3471 <-> WEB-CLIENT iTunes playlist URL overflow attempt (web-client.rules)
3473 <-> WEB-CLIENT RealPlayer SMIL file overflow attempt (web-client.rules)
3534 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (web-client.rules)
3535 <-> WEB-CLIENT GIF transfer (web-client.rules)
3536 <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - NETSCAPE2.0 (web-client.rules)
3549 <-> WEB-CLIENT HTML DOM invalid element creation attempt (web-client.rules)
3550 <-> WEB-CLIENT HTML http scheme hostname overflow attempt (web-client.rules)
3551 <-> WEB-CLIENT .hta download attempt (web-client.rules)
3552 <-> WEB-CLIENT OLE32 MSHTA masquerade attempt (web-client.rules)
3553 <-> WEB-CLIENT HTML DOM null element insertion attempt (web-client.rules)
3632 <-> WEB-CLIENT Mozilla bitmap width integer overflow attempt (web-client.rules)
3633 <-> WEB-CLIENT bitmap transfer (web-client.rules)
3634 <-> WEB-CLIENT Mozilla bitmap width integer overflow multipacket attempt (web-client.rules)
3638 <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules)
3679 <-> WEB-CLIENT Firefox IFRAME src javascript code execution (web-client.rules)
3683 <-> WEB-CLIENT spoofed MIME-Type auto-execution attempt (web-client.rules)
3685 <-> WEB-CLIENT bitmap BitmapOffset multipacket integer overflow attempt (web-client.rules)
3686 <-> WEB-CLIENT Internet Explorer Content Advisor attempted overflow (web-client.rules)
3689 <-> WEB-CLIENT Internet Explorer tRNS overflow attempt (web-client.rules)
3814 <-> WEB-CLIENT IE javaprxy.dll COM access (web-client.rules)
3819 <-> WEB-CLIENT multipacket CHM file transfer start (web-client.rules)
3820 <-> WEB-CLIENT multipacket CHM file transfer attempt (web-client.rules)
3821 <-> WEB-CLIENT CHM file transfer attempt (web-client.rules)
4132 <-> WEB-CLIENT msdds clsid attempt (web-client.rules)
4133 <-> WEB-CLIENT devenum clsid attempt (web-client.rules)
4134 <-> WEB-CLIENT blnmgr clsid attempt (web-client.rules)
4135 <-> WEB-CLIENT IE JPEG heap overflow single packet attempt (web-client.rules)
4136 <-> WEB-CLIENT IE JPEG heap overflow multipacket attempt (web-client.rules)
4145 <-> WEB-CLIENT Windows Trouble Shooter ActiveX Object Access (web-client.rules)
4146 <-> WEB-CLIENT Share Point Portal Services Log Sink ActiveX Object Access (web-client.rules)
4147 <-> WEB-CLIENT ActiveLabel ActiveX Object Access (web-client.rules)
4148 <-> WEB-CLIENT DHTML Editing ActiveX Object Access (web-client.rules)
4151 <-> WEB-CLIENT System Monitor Source Properties ActiveX Object Access (web-client.rules)
4152 <-> WEB-CLIENT Windows Media Player 6.4 ActiveX Object Access (web-client.rules)
4153 <-> WEB-CLIENT Eyedog ActiveX Object Access (web-client.rules)
4154 <-> WEB-CLIENT Active Setup ActiveX Object Access (web-client.rules)
4155 <-> WEB-CLIENT htmlfile ActiveX Object Access (web-client.rules)
4156 <-> WEB-CLIENT Windows Media Player 7+ ActiveX Object Access (web-client.rules)
4157 <-> WEB-CLIENT MSN Setup BBS 4.71.0.10 ActiveX Object Access (web-client.rules)
4158 <-> WEB-CLIENT Windows Media Player Active Movie ActiveX Object Access (web-client.rules)
4159 <-> WEB-CLIENT Multimedia File Property Sheet ActiveX Object Access (web-client.rules)
4160 <-> WEB-CLIENT Microsoft Windows Reporting Tool ActiveX Object Access (web-client.rules)
4161 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules)
4162 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules)
4163 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules)
4164 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules)
4165 <-> WEB-CLIENT Image Control 1.0 ActiveX Object Access (web-client.rules)
4166 <-> WEB-CLIENT Shell.Explorer ActiveX Object Access (web-client.rules)
4168 <-> WEB-CLIENT Shell Automation Service ActiveX Object Access (web-client.rules)
4169 <-> WEB-CLIENT Internet Explorer Active Setup ActiveX Object Access (web-client.rules)
4170 <-> WEB-CLIENT Office 2000/2002 Web Components Data Source Control ActiveX Object Access (web-client.rules)
4171 <-> WEB-CLIENT Registration Wizard ActiveX Object Access (web-client.rules)
4172 <-> WEB-CLIENT Microsoft Agent v1.5 ActiveX clsid access (web-client.rules)
4173 <-> WEB-CLIENT MsnPUpld ActiveX Object Access (web-client.rules)
4174 <-> WEB-CLIENT Symantec RuFSI registry Information Class ActiveX Object Access (web-client.rules)
4175 <-> WEB-CLIENT Office 2000/2002 Web Components PivotTable ActiveX Object Access (web-client.rules)
4176 <-> WEB-CLIENT Office 2000 and 2002 Web Components Chart ActiveX Object Access (web-client.rules)
4177 <-> WEB-CLIENT Office 2000 and 2002 Web Components Spreadsheet ActiveX Object Access (web-client.rules)
4178 <-> WEB-CLIENT Office 2000 and 2002 Web Components Record Navigation Control ActiveX Object Access (web-client.rules)
4179 <-> WEB-CLIENT DirectX Files Viewer ActiveX Object Access (web-client.rules)
4180 <-> WEB-CLIENT Kodak Image Scan ActiveX Object Access (web-client.rules)
4181 <-> WEB-CLIENT Smartcard Enrollment ActiveX Object Access (web-client.rules)
4182 <-> WEB-CLIENT MSN Chat v4.5, 4.6 ActiveX Object Access (web-client.rules)
4183 <-> WEB-CLIENT HTML Help ActiveX Object Access (web-client.rules)
4184 <-> WEB-CLIENT Certificate Enrollment ActiveX Object Access (web-client.rules)
4185 <-> WEB-CLIENT Terminal Services Advanced Client ActiveX Object Access (web-client.rules)
4186 <-> WEB-CLIENT Kodak Image Editing ActiveX Object Access (web-client.rules)
4187 <-> WEB-CLIENT Terminal Services Advanced Client ActiveX Object Access (web-client.rules)
4188 <-> WEB-CLIENT RAV Online Scanner ActiveX Object Access (web-client.rules)
4189 <-> WEB-CLIENT Third-Party Plugin ActiveX Object Access (web-client.rules)
4190 <-> WEB-CLIENT Kodak Thumbnail Image ActiveX Object Access (web-client.rules)
4191 <-> WEB-CLIENT MsnPUpld ActiveX Object Access (web-client.rules)
4192 <-> WEB-CLIENT HHOpen ActiveX Object Access (web-client.rules)
4193 <-> WEB-CLIENT Kodak Image Editing ActiveX Object Access (web-client.rules)
4194 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer start (web-client.rules)
4195 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer attempt (web-client.rules)
4196 <-> WEB-CLIENT CBO CBL CBM file transfer attempt (web-client.rules)
4197 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules)
4198 <-> WEB-CLIENT Internet Explorer Blnmgrps.dll ActiveX Object Access (web-client.rules)
4199 <-> WEB-CLIENT Internet Explorer Blnmgrps.dll ActiveX Object Access (web-client.rules)
4200 <-> WEB-CLIENT Index Server Scope Administration ActiveX Object Access (web-client.rules)
4201 <-> WEB-CLIENT Queued Components Recorder ActiveX Object Access (web-client.rules)
4202 <-> WEB-CLIENT DirectAnimation ActiveX Object Access (web-client.rules)
4203 <-> WEB-CLIENT Microsoft Marquee Control ActiveX Object Access (web-client.rules)
4204 <-> WEB-CLIENT Microsoft DT PolyLine Control 2 ActiveX Object Access (web-client.rules)
4205 <-> WEB-CLIENT Microsoft Visual Database Tools Database Designer v7.0 ActiveX Object Access (web-client.rules)
4206 <-> WEB-CLIENT Microsoft MPEG-4 Video Decompressor Property Page ActiveX Object Access (web-client.rules)
4207 <-> WEB-CLIENT Microsoft MS Audio Decompressor Control Property Page ActiveX Object Access (web-client.rules)
4208 <-> WEB-CLIENT LexRefStEsObject Class ActiveX Object Access (web-client.rules)
4209 <-> WEB-CLIENT LexRefStFrObject Class ActiveX Object Access (web-client.rules)
4210 <-> WEB-CLIENT Internet Explorer Msb1geen.dll ActiveX Object Access (web-client.rules)
4211 <-> WEB-CLIENT Microsoft DDS Library Shape Control ActiveX Object Access (web-client.rules)
4212 <-> WEB-CLIENT Microsoft DDS Generic Class ActiveX Object Access (web-client.rules)
4213 <-> WEB-CLIENT Microsoft DDS Picture Shape Control ActiveX Object Access (web-client.rules)
4214 <-> WEB-CLIENT Microsoft TipGW Init ActiveX Object Access (web-client.rules)
4215 <-> WEB-CLIENT Microsoft HTML Popup Window ActiveX Object Access (web-client.rules)
4216 <-> WEB-CLIENT CLSID_CComAcctImport ActiveX Object Access (web-client.rules)
4217 <-> WEB-CLIENT Microsoft Office Services on the Web Free/Busy ActiveX Object Access (web-client.rules)
4218 <-> WEB-CLIENT Microsoft Visual Basic WebClass ActiveX Object Access (web-client.rules)
4219 <-> WEB-CLIENT Microsoft Network Connections Tray ActiveX Object Access (web-client.rules)
4220 <-> WEB-CLIENT Microsoft Network and Dial-Up Connections ActiveX Object Access (web-client.rules)
4221 <-> WEB-CLIENT Microsoft ProxyStub Dispatch ActiveX Object Access (web-client.rules)
4222 <-> WEB-CLIENT Internet Explorer Outllib.dll ActiveX Object Access (web-client.rules)
4223 <-> WEB-CLIENT Microsoft OpenCable Class ActiveX Object Access (web-client.rules)
4224 <-> WEB-CLIENT Microsoft VideoPort ActiveX Object Access (web-client.rules)
4225 <-> WEB-CLIENT Microsoft Repository ActiveX Object Access (web-client.rules)
4226 <-> WEB-CLIENT Microsoft DocHost User Interface Handler ActiveX Object Access (web-client.rules)
4227 <-> WEB-CLIENT Microsoft Network Connections ActiveX Object Access (web-client.rules)
4228 <-> WEB-CLIENT Microsoft Windows Start Menu ActiveX Object Access (web-client.rules)
4229 <-> WEB-CLIENT MSAPP Export Support for Microsoft Access ActiveX Object Access (web-client.rules)
4230 <-> WEB-CLIENT Search Assistant UI ActiveX Object Access (web-client.rules)
4231 <-> WEB-CLIENT Microsoft SysTray ActiveX Object Access (web-client.rules)
4232 <-> WEB-CLIENT Microsoft SysTray Invoker ActiveX Object Access (web-client.rules)
4233 <-> WEB-CLIENT Microsoft Visual Database Tools Query Designer v7.0 ActiveX Object Access (web-client.rules)
4234 <-> WEB-CLIENT Microsoft MSVTDGridCtrl7 ActiveX Object Access (web-client.rules)
4235 <-> WEB-CLIENT Helper Object for Java ActiveX Object Access (web-client.rules)
4236 <-> WEB-CLIENT WMI ASDI Extension ActiveX Object Access (web-client.rules)
4643 <-> WEB-CLIENT malformed windows shortcut file buffer overflow attempt (web-client.rules)
4644 <-> WEB-CLIENT malformed windows shortcut file with comment buffer overflow attempt (web-client.rules)
4647 <-> WEB-CLIENT internet explorer javascript onload overflow attempt (web-client.rules)
4648 <-> WEB-CLIENT wang image admin activex object access (web-client.rules)
4675 <-> WEB-CLIENT Macromedia swf DOACTION tag overflow attempt (web-client.rules)
4678 <-> WEB-CLIENT quicktime movie file transfer (web-client.rules)
4679 <-> WEB-CLIENT quicktime movie file component name integer overflow multipacket attempt (web-client.rules)
4680 <-> WEB-CLIENT quicktime movie file component name integer overflow attempt (web-client.rules)
4890 <-> WEB-CLIENT IAVIStream & IAVIFile Proxy ActiveX Object Access (web-client.rules)
4891 <-> WEB-CLIENT cfw Class ActiveX Object Access (web-client.rules)
4892 <-> WEB-CLIENT MTSEvents Class ActiveX Object Access (web-client.rules)
4893 <-> WEB-CLIENT Trident HTMLEditor ActiveX Object Access (web-client.rules)
4894 <-> WEB-CLIENT PSEnumVariant ActiveX Object Access (web-client.rules)
4895 <-> WEB-CLIENT PSTypeInfo ActiveX Object Access (web-client.rules)
4896 <-> WEB-CLIENT PSTypeLib ActiveX Object Access (web-client.rules)
4897 <-> WEB-CLIENT PSOAInterface ActiveX Object Access (web-client.rules)
4898 <-> WEB-CLIENT PSTypeComp ActiveX Object Access (web-client.rules)
4899 <-> WEB-CLIENT ISupportErrorInfo Interface ActiveX Object Access (web-client.rules)
4900 <-> WEB-CLIENT Outlook Progress Ctl ActiveX Object Access (web-client.rules)
4901 <-> WEB-CLIENT VMR Allocator Presenter 9 ActiveX Object Access (web-client.rules)
4902 <-> WEB-CLIENT Video Mixing Renderer 9 ActiveX Object Access (web-client.rules)
4903 <-> WEB-CLIENT VMR ImageSync 9 ActiveX Object Access (web-client.rules)
4904 <-> WEB-CLIENT Microsoft Repository Alias ActiveX Object Access (web-client.rules)
4905 <-> WEB-CLIENT Microsoft Repository Object ActiveX Object Access (web-client.rules)
4906 <-> WEB-CLIENT Microsoft Repository Interface Definition ActiveX Object Access (web-client.rules)
4907 <-> WEB-CLIENT Microsoft Repository Collection Definition ActiveX Object Access (web-client.rules)
4908 <-> WEB-CLIENT Microsoft Repository Method Definition ActiveX Object Access (web-client.rules)
4909 <-> WEB-CLIENT Microsoft Repository Property Definition ActiveX Object Access (web-client.rules)
4910 <-> WEB-CLIENT Microsoft Repository Relationship Definition ActiveX Object Access (web-client.rules)
4911 <-> WEB-CLIENT Microsoft Repository Type Library ActiveX Object Access (web-client.rules)
4912 <-> WEB-CLIENT Microsoft Repository Root ActiveX Object Access (web-client.rules)
4913 <-> WEB-CLIENT Microsoft Repository Workspace ActiveX Object Access (web-client.rules)
4914 <-> WEB-CLIENT Microsoft Repository Script Definition ActiveX Object Access (web-client.rules)
4915 <-> WEB-CLIENT Shortcut Handler ActiveX Object Access (web-client.rules)
4916 <-> WEB-CLIENT internet explorer javascript onload document.write obfuscation overflow attempt (web-client.rules)
4917 <-> WEB-CLIENT internet explorer javascript onload prompt obfuscation overflow attempt (web-client.rules)
4982 <-> WEB-CLIENT Adodb.Stream ActiveX Object Access (web-client.rules)
4983 <-> WEB-CLIENT Adodb.Stream ActiveX Object Access CreateObject Function (web-client.rules)
4989 <-> MS-SQL heap-based overflow attempt (sql.rules)
4990 <-> MS-SQL heap-based overflow attempt (sql.rules)
5318 <-> WEB-CLIENT wmf file arbitrary code execution attempt (web-client.rules)
5319 <-> WEB-CLIENT Metasploit Windows picture and fax viewer wmf arbitrary code execution attempt (web-client.rules)
5710 <-> WEB-CLIENT Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (web-client.rules)
5711 <-> WEB-CLIENT Windows Media Player zero length bitmap heap overflow attempt (web-client.rules)
5712 <-> WEB-CLIENT Windows Media Player invalid data offset bitmap heap overflow attempt (web-client.rules)
5713 <-> WEB-CLIENT Windows Metafile invalid header size integer overflow (web-client.rules)
5740 <-> WEB-CLIENT Microsoft HTML help workshop file .hhp download attempt (web-client.rules)
5741 <-> WEB-CLIENT Microsoft HTML help workshop buffer overflow attempt (web-client.rules)
5782 <-> SPYWARE-PUT Keylogger runtime detection - hwae word filtered echelon log (spyware-put.rules)
5783 <-> SPYWARE-PUT Keylogger runtime detection - hwae keystrokes log (spyware-put.rules)
5784 <-> SPYWARE-PUT Keylogger runtime detection - hwae urls browsed log (spyware-put.rules)
5785 <-> SPYWARE-PUT Adware hithopper runtime detection - get xml setting (spyware-put.rules)
5786 <-> SPYWARE-PUT Adware hithopper runtime detection - redirect (spyware-put.rules)
5787 <-> SPYWARE-PUT Adware hithopper runtime detection - search (spyware-put.rules)
5788 <-> SPYWARE-PUT Adware hithopper runtime detection - click toolbar buttons (spyware-put.rules)
5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules)
5790 <-> SPYWARE-PUT Keylogger pc actmon pro runtime detection - smtp (spyware-put.rules)
5791 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - get pin (spyware-put.rules)
5792 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - active proxy (spyware-put.rules)
5793 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - redirect (spyware-put.rules)
5794 <-> SPYWARE-PUT Hijacker coolwebsearch.aboutblank variant runtime detection (spyware-put.rules)
5795 <-> SPYWARE-PUT Adware ist powerscan runtime detection (spyware-put.rules)
5796 <-> SPYWARE-PUT Adware keenvalue runtime detection (spyware-put.rules)
5797 <-> SPYWARE-PUT Hacker-Tool kontiki runtime detection (spyware-put.rules)
5798 <-> SPYWARE-PUT Adware mydailyhoroscope runtime detection (spyware-put.rules)
5799 <-> SPYWARE-PUT mydailyhoroscope update or installation in progress (spyware-put.rules)
5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules)
5801 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (spyware-put.rules)
5802 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 2 (spyware-put.rules)
5803 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (spyware-put.rules)
5805 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - switch engines (spyware-put.rules)
5807 <-> SPYWARE-PUT Hijacker shopathomeselect runtime detection (spyware-put.rules)
5808 <-> SPYWARE-PUT Hijacker shop at home search merchant redirect check (spyware-put.rules)
5809 <-> SPYWARE-PUT Hijacker shop at home select merchant redirect in progress (spyware-put.rules)
5810 <-> SPYWARE-PUT Hijacker shop at home select installation in progress (spyware-put.rules)
5811 <-> SPYWARE-PUT shop at home select installation in progress - clsid detected (spyware-put.rules)
5812 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - email notification (spyware-put.rules)
5813 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (spyware-put.rules)
5814 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (spyware-put.rules)
5815 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory redirection (spyware-put.rules)
5816 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory redirection (spyware-put.rules)
5817 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules)
5818 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules)
5819 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules)
5820 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (spyware-put.rules)
5821 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (spyware-put.rules)
5822 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules)
5823 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules)
5824 <-> SPYWARE-PUT Dialer stripplayer runtime detection (spyware-put.rules)
5825 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - start tuner (spyware-put.rules)
5826 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - pass user info to server (spyware-put.rules)
5827 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - get gateway (spyware-put.rules)
5828 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - connect to station (spyware-put.rules)
5829 <-> SPYWARE-PUT Trickler clipgenie runtime detection (spyware-put.rules)
5830 <-> SPYWARE-PUT Hijacker comet systems runtime detection - track activity (spyware-put.rules)
5831 <-> SPYWARE-PUT Hijacker comet systems runtime detection - update requests (spyware-put.rules)
5832 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 1 (spyware-put.rules)
5833 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 2 (spyware-put.rules)
5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules)
5835 <-> SPYWARE-PUT Adware gamespy_arcade runtime detection (spyware-put.rules)
5836 <-> SPYWARE-PUT Trickler nictech.bm2 runtime detection (spyware-put.rules)
5837 <-> SPYWARE-PUT Trackware ucmore runtime detection - track activity (spyware-put.rules)
5838 <-> SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (spyware-put.rules)
5839 <-> SPYWARE-PUT Trackware ucmore runtime detection - click sponsor/ad link (spyware-put.rules)
5840 <-> SPYWARE-PUT Hijacker sep runtime detection (spyware-put.rules)
5841 <-> SPYWARE-PUT Trickler minibug runtime detection - retrieve weather information (spyware-put.rules)
5842 <-> SPYWARE-PUT Trickler minibug runtime detection - ads (spyware-put.rules)
5843 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - hijack ie auto search (spyware-put.rules)
5844 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - post request (spyware-put.rules)
5845 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - update request (spyware-put.rules)
5846 <-> SPYWARE-PUT Trickler VX2/DLmax/BestOffers/Aurora runtime detection (spyware-put.rules)
5847 <-> SPYWARE-PUT Adware warez_p2p runtime detection - p2p client home (spyware-put.rules)
5848 <-> SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (spyware-put.rules)
5849 <-> SPYWARE-PUT Adware warez_p2p runtime detection - update request (spyware-put.rules)
5850 <-> SPYWARE-PUT Adware warez_p2p runtime detection - check update (spyware-put.rules)
5851 <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules)
5852 <-> SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (spyware-put.rules)
5853 <-> SPYWARE-PUT Adware warez_p2p runtime detection - download ads (spyware-put.rules)
5854 <-> SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (spyware-put.rules)
5855 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - request config (spyware-put.rules)
5857 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - mysaconfg request (spyware-put.rules)
5858 <-> SPYWARE-PUT Adware praizetoolbar runtime detection (spyware-put.rules)
5859 <-> SPYWARE-PUT Hijacker daosearch runtime detection - information request (spyware-put.rules)
5860 <-> SPYWARE-PUT Hijacker daosearch runtime detection - search hijack (spyware-put.rules)
5861 <-> SPYWARE-PUT Hijacker isearch runtime detection - toolbar information request (spyware-put.rules)
5862 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 1 (spyware-put.rules)
5863 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 2 (spyware-put.rules)
5864 <-> SPYWARE-PUT Hijacker isearch runtime detection - search in toolbar (spyware-put.rules)
5865 <-> SPYWARE-PUT Adware zapspot runtime detection - pop up ads (spyware-put.rules)
5866 <-> SPYWARE-PUT Hijacker couponbar runtime detection - download new coupon offers and links (spyware-put.rules)
5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules)
5868 <-> SPYWARE-PUT Hijacker couponbar runtime detection - view coupon offers (spyware-put.rules)
5871 <-> SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - post information (spyware-put.rules)
5872 <-> SPYWARE-PUT Snoopware hyperlinker runtime detection (spyware-put.rules)
5873 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules)
5874 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules)
5875 <-> SPYWARE-PUT Hacker-Tool eraser runtime detection - detonate (spyware-put.rules)
5876 <-> SPYWARE-PUT Hacker-Tool eraser runtime detection - disinfect (spyware-put.rules)
5877 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - startup access (spyware-put.rules)
5878 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - configuration retrieval (spyware-put.rules)
5879 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - update notification (spyware-put.rules)
5880 <-> SPYWARE-PUT Keylogger spyagent runtime detect - smtp delivery (spyware-put.rules)
5881 <-> SPYWARE-PUT Keylogger spyagent runtime detect - ftp delivery (spyware-put.rules)
5882 <-> SPYWARE-PUT Keylogger spyagent runtime detect - alert notification (spyware-put.rules)
5883 <-> SPYWARE-PUT Other-Technologies saria 1.0 runtime detection - send user information (spyware-put.rules)
5884 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - check toolbar & category info (spyware-put.rules)
5885 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - ie autosearch & search assistant hijack (spyware-put.rules)
5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules)
5887 <-> SPYWARE-PUT Hijacker shopnav runtime detection - ie search assistant hijack (spyware-put.rules)
5888 <-> SPYWARE-PUT Hijacker shopnav runtime detection - ie auto search hijack (spyware-put.rules)
5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules)
5890 <-> SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 1 (spyware-put.rules)
5891 <-> SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 2 (spyware-put.rules)
5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules)
5893 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - search keyword (spyware-put.rules)
5894 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - smb (spyware-put.rules)
5895 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - tcp port 407 (spyware-put.rules)
5896 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - tcp port 407 (spyware-put.rules)
5897 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - udp port 407 (spyware-put.rules)
5898 <-> SPYWARE-PUT Trackware adtools runtime etection - track user activity (spyware-put.rules)
5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime etection - generate desktop alert (spyware-put.rules)
5900 <-> SPYWARE-PUT Trackware adtools-communicator runtime etection - collect information (spyware-put.rules)
5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime etection - download self-update (spyware-put.rules)
5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules)
5903 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - get ads (spyware-put.rules)
5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules)
5905 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - games center request (spyware-put.rules)
5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules)
5907 <-> SPYWARE-PUT Trackware e2give runtime detection - check update (spyware-put.rules)
5908 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 1 (spyware-put.rules)
5909 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 2 (spyware-put.rules)
5910 <-> SPYWARE-PUT Trackware casalemedia runtime detection (spyware-put.rules)
5911 <-> SPYWARE-PUT Adware smartpops runtime detection (spyware-put.rules)
5913 <-> SPYWARE-PUT Trickler smasoft webdownloader runtime detection (spyware-put.rules)
5914 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - configuration download (spyware-put.rules)
5915 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - autosearch hijack (spyware-put.rules)
5916 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - sidebar search (spyware-put.rules)
5917 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - toolbar search (spyware-put.rules)
5918 <-> SPYWARE-PUT Hijacker painter runtime detection - ping 'alive' signal (spyware-put.rules)
5919 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect to klikvipsearch (spyware-put.rules)
5920 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect yahoo search through online-casino-searcher (spyware-put.rules)
5921 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - send user url request (spyware-put.rules)
5922 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - display advertisement news (spyware-put.rules)
5923 <-> SPYWARE-PUT Adware active shopper runtime detection - side search request (spyware-put.rules)
5924 <-> SPYWARE-PUT Adware active shopper runtime detection - redirect (spyware-put.rules)
5925 <-> SPYWARE-PUT Adware active shopper runtime detection - check (spyware-put.rules)
5926 <-> SPYWARE-PUT Adware active shopper runtime detection - collect information (spyware-put.rules)
5927 <-> SPYWARE-PUT Adware cashbar runtime detection - .smx requests (spyware-put.rules)
5928 <-> SPYWARE-PUT Adware cashbar runtime detection - ads request (spyware-put.rules)
5929 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 1 (spyware-put.rules)
5930 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 2 (spyware-put.rules)
5932 <-> SPYWARE-PUT Adware cashbar runtime detection - stats track (spyware-put.rules)
5933 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 1 (spyware-put.rules)
5934 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 2 (spyware-put.rules)
5935 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 3 (spyware-put.rules)
5936 <-> SPYWARE-PUT Hijacker dropspam runtime detection - side search (spyware-put.rules)
5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules)
5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules)
5939 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - get cfg (spyware-put.rules)
5940 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - search request (spyware-put.rules)
5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules)
5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules)
5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules)
5944 <-> SPYWARE-PUT Adware free access bar runtime detection 1 (spyware-put.rules)
5945 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - track.cgi request (spyware-put.rules)
5946 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - monitor user web activity (spyware-put.rules)
5947 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - log url (spyware-put.rules)
5948 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (spyware-put.rules)
5949 <-> SPYWARE-PUT Trackware iggsey toolbar detection - simpleticker.htm request (spyware-put.rules)
5950 <-> SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (spyware-put.rules)
5951 <-> SPYWARE-PUT Trackware iggsey toolbar detection - search request (spyware-put.rules)
5952 <-> SPYWARE-PUT Hijacker 123mania runtime detection - autosearch hijacking (spyware-put.rules)
5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules)
5954 <-> SPYWARE-PUT Trackware browserpal runtime detection - post user info to server (spyware-put.rules)
5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules)
5956 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 icq notification of server installation (spyware-put.rules)
5957 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 runtime detection (spyware-put.rules)
5958 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 runtime detection - init connection with password requirement (spyware-put.rules)
5959 <-> SPYWARE-PUT Hijacker raxsearch detection - send search keywords to raxsearch (spyware-put.rules)
5960 <-> SPYWARE-PUT Hijacker raxsearch detection - pop-up raxsearch window (spyware-put.rules)
5961 <-> SPYWARE-PUT Hijacker searchfast detection - news ticker (spyware-put.rules)
5962 <-> SPYWARE-PUT Hijacker searchfast detection - catch search keyword (spyware-put.rules)
5963 <-> SPYWARE-PUT Hijacker searchfast detection - search request (spyware-put.rules)
5964 <-> SPYWARE-PUT Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (spyware-put.rules)
5965 <-> SPYWARE-PUT Hijacker searchfast detection - get toolbar cfg (spyware-put.rules)
5966 <-> SPYWARE-PUT trackware searchinweb detection - search request (spyware-put.rules)
5967 <-> SPYWARE-PUT trackware searchinweb detection - click result links (spyware-put.rules)
5968 <-> SPYWARE-PUT trackware searchinweb detection - redirect (spyware-put.rules)
5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules)
5970 <-> SPYWARE-PUT hijacker smart finder detection - keys update (spyware-put.rules)
5971 <-> SPYWARE-PUT hijacker smart finder detection - track hits (spyware-put.rules)
5972 <-> SPYWARE-PUT hijacker smart finder detection - ie autosearch hijack 1 (spyware-put.rules)
5973 <-> SPYWARE-PUT hijacker smart finder detection - search engines hijack (spyware-put.rules)
5974 <-> SPYWARE-PUT hijacker smart finder detection - pop-up ads (spyware-put.rules)
5975 <-> SPYWARE-PUT hijacker topfive searchassistant detection - search request (spyware-put.rules)
5976 <-> SPYWARE-PUT hijacker topfive searchassistant detection - side search (spyware-put.rules)
5977 <-> SPYWARE-PUT hijacker topfive searchassistant detection - post user information to server (spyware-put.rules)
5978 <-> SPYWARE-PUT hijacker topfive searchassistant detection - update (spyware-put.rules)
5979 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - track user ip address (spyware-put.rules)
5980 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - display advertisement (spyware-put.rules)
5981 <-> SPYWARE-PUT Hijacker seeqtoolbar runtime detection - autosearch hijack or search in toolbar (spyware-put.rules)
5982 <-> SPYWARE-PUT Hijacker seeqtoolbar runtime detection - email login page (spyware-put.rules)
5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules)
5984 <-> SPYWARE-PUT Trackware push toolbar installtime detection - user information collect (spyware-put.rules)
5985 <-> SPYWARE-PUT Trackware push toolbar runtime detection - toolbar information request (spyware-put.rules)
5986 <-> SPYWARE-PUT Trickler teomasearchbar runtime detection (spyware-put.rules)
5987 <-> SPYWARE-PUT Hijacker wishbone runtime detection (spyware-put.rules)
5988 <-> SPYWARE-PUT Trackware windupdates-mediagateway runtime detection - post data (spyware-put.rules)
5989 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get config (spyware-put.rules)
5990 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (spyware-put.rules)
5991 <-> SPYWARE-PUT Hijacker getmirar runtime detection - search request (spyware-put.rules)
5992 <-> SPYWARE-PUT Hijacker getmirar runtime detection - get keyword-related content (spyware-put.rules)
5993 <-> SPYWARE-PUT Hijacker getmirar runtime detection - track activity (spyware-put.rules)
5994 <-> SPYWARE-PUT Hijacker getmirar runtime detection - click related button (spyware-put.rules)
5995 <-> SPYWARE-PUT Adware offeragent runtime detection - information checking (spyware-put.rules)
5996 <-> SPYWARE-PUT Adware offeragent runtime detection - ads request (spyware-put.rules)
6002 <-> WEB-CLIENT Microsoft DT DDS Rectilinear GDD Layout ActiveX Object Access (web-client.rules)
6003 <-> WEB-CLIENT Microsoft DT DDS Rectilinear GDD Route ActiveX Object Access (web-client.rules)
6004 <-> WEB-CLIENT Microsoft DT DDS Circular Auto Layout Logic 2 ActiveX Object Access (web-client.rules)
6005 <-> WEB-CLIENT Microsoft DT DDS Straight Line Routing Logic 2 ActiveX Object Access (web-client.rules)
6006 <-> WEB-CLIENT Microsoft DT Icon Control ActiveX Object Access (web-client.rules)
6007 <-> WEB-CLIENT Microsoft DT DDS OrgChart GDD Layout ActiveX Object Access (web-client.rules)
6008 <-> WEB-CLIENT Microsoft DT DDS OrgChart GDD Route ActiveX Object Access (web-client.rules)
6009 <-> WEB-CLIENT RDS.Dataspace ActiveX Object Access (web-client.rules)
6183 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - tracked event URL (spyware-put.rules)
6184 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - config upload (spyware-put.rules)
6185 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - reporting keyword (spyware-put.rules)
6186 <-> SPYWARE-PUT Other-Technologies SpywareStrike Runtime Detection (spyware-put.rules)
6187 <-> SPYWARE-PUT Adware ISTBar runtime detection - scripts (spyware-put.rules)
6188 <-> SPYWARE-PUT Adware ISTBar runtime detection - bar (spyware-put.rules)
6189 <-> SPYWARE-PUT Trackware try2find detection (spyware-put.rules)
6190 <-> SPYWARE-PUT Keylogger eblaster 5.0 runtime detection (spyware-put.rules)
6191 <-> SPYWARE-PUT Trackware onetoolbar runtime detection (spyware-put.rules)
6192 <-> SPYWARE-PUT Adware seekmo runtime detection - reporting keyword (spyware-put.rules)
6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules)
6194 <-> SPYWARE-PUT Adware seekmo runtime detection - config upload (spyware-put.rules)
6195 <-> SPYWARE-PUT Adware seekmo runtime detection - download .cab (spyware-put.rules)
6196 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - services requests (spyware-put.rules)
6197 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (spyware-put.rules)
6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules)
6199 <-> SPYWARE-PUT Hijacker smart search runtime detection - hijack/ads (spyware-put.rules)
6200 <-> SPYWARE-PUT Hijacker smart search runtime detection - get settings (spyware-put.rules)
6201 <-> SPYWARE-PUT Adware twaintec runtime detection (spyware-put.rules)
6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules)
6203 <-> SPYWARE-PUT Trickler farmmext runtime detection - drk.syn request (spyware-put.rules)
6204 <-> SPYWARE-PUT Trickler farmmext runtime detection - track activity (spyware-put.rules)
6205 <-> SPYWARE-PUT Hacker-Tool freak 88 das runtime detection (spyware-put.rules)
6206 <-> SPYWARE-PUT Hacker-Tool sin stealer 1.1 runtime detection (spyware-put.rules)
6207 <-> SPYWARE-PUT Keylogger winsession runtime detection - smtp (spyware-put.rules)
6208 <-> SPYWARE-PUT Keylogger winsession runtime detection - ftp (spyware-put.rules)
6209 <-> SPYWARE-PUT Adware deskwizz/zquest runtime detection - get config information / ad banner (spyware-put.rules)
6211 <-> SPYWARE-PUT Adware deskwizz runtime detection - pop-up ad request (spyware-put.rules)
6212 <-> SPYWARE-PUT Adware commonname runtime detection (spyware-put.rules)
6213 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (spyware-put.rules)
6214 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - search (spyware-put.rules)
6215 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - track (spyware-put.rules)
6216 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - config (spyware-put.rules)
6217 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 1 (spyware-put.rules)
6218 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 2 (spyware-put.rules)
6219 <-> SPYWARE-PUT Adware bonzibuddy runtime detection (spyware-put.rules)
6220 <-> SPYWARE-PUT Keylogger boss everyware runtime detection (spyware-put.rules)
6221 <-> SPYWARE-PUT Keylogger computerspy runtime detection (spyware-put.rules)
6222 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - contact server (spyware-put.rules)
6223 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - retrieve schedule (spyware-put.rules)
6224 <-> SPYWARE-PUT Hijacker ieplugin runtime detection - search (spyware-put.rules)
6225 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - getsize request (spyware-put.rules)
6226 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - request (spyware-put.rules)
6227 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - bullseye network side search frame (spyware-put.rules)
6228 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - disclaimer text (spyware-put.rules)
6230 <-> SPYWARE-PUT Hijacker i-lookup runtime detection (spyware-put.rules)
6232 <-> SPYWARE-PUT Adware mirar runtime detection - thumbnail (spyware-put.rules)
6233 <-> SPYWARE-PUT Adware mirar runtime detection - delayed (spyware-put.rules)
6234 <-> SPYWARE-PUT Adware mirar runtime detection - ads (spyware-put.rules)
6236 <-> SPYWARE-PUT Adware lop runtime detection - pass info to server (spyware-put.rules)
6237 <-> SPYWARE-PUT Adware lop runtime detection - check update request (spyware-put.rules)
6238 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 1 (spyware-put.rules)
6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules)
6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules)
6241 <-> SPYWARE-PUT Adware lop runtime detection - ie autosearch hijack (spyware-put.rules)
6242 <-> SPYWARE-PUT Hijacker coolwebsearch.cameup runtime detection (spyware-put.rules)
6243 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - home page hijack (spyware-put.rules)
6244 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - ie auto search hijack (spyware-put.rules)
6245 <-> SPYWARE-PUT Hijacker coolwebsearch startpage runtime detection (spyware-put.rules)
6246 <-> SPYWARE-PUT Hijacker exact navisearch runtime detection - search hijack (spyware-put.rules)
6247 <-> SPYWARE-PUT Adware ezula toptext runtime detection - help redirect (spyware-put.rules)
6248 <-> SPYWARE-PUT Adware ezula toptext runtime detection - popup (spyware-put.rules)
6249 <-> SPYWARE-PUT Adware ezula toptext runtime detection - redirect (spyware-put.rules)
6250 <-> SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (spyware-put.rules)
6251 <-> SPYWARE-PUT Adware hotbar runtime detection - hostie user-agent (spyware-put.rules)
6252 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - search request (spyware-put.rules)
6253 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - log user ativity (spyware-put.rules)
6254 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - redirect (spyware-put.rules)
6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules)
6256 <-> SPYWARE-PUT Adware searchsquire installtime/auto-update (spyware-put.rules)
6257 <-> SPYWARE-PUT Adware searchsquire runtime detection - testgeonew query (spyware-put.rules)
6258 <-> SPYWARE-PUT Adware searchsquire runtime detection - get engine file (spyware-put.rules)
6259 <-> SPYWARE-PUT Adware searchsquire runtime detection - search forward (spyware-put.rules)
6260 <-> SPYWARE-PUT Adware overpro runtime detection (spyware-put.rules)
6261 <-> SPYWARE-PUT Trickler slinkyslate toolbar runtime detection (spyware-put.rules)
6263 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - collect information (spyware-put.rules)
6264 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - movie (spyware-put.rules)
6265 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - engine (spyware-put.rules)
6266 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - check update (spyware-put.rules)
6267 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - get update (spyware-put.rules)
6268 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - download exe (spyware-put.rules)
6269 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - track event (spyware-put.rules)
6270 <-> SPYWARE-PUT Hijacker topicks runtime detection (spyware-put.rules)
6271 <-> SPYWARE-PUT Trickler bundleware runtime detection (spyware-put.rules)
6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules)
6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules)
6276 <-> SPYWARE-PUT Hijacker incredifind runtime detection - autosearch (spyware-put.rules)
6278 <-> SPYWARE-PUT Trickler navexcel search toolbar runtime detection - activate/update (spyware-put.rules)
6279 <-> SPYWARE-PUT Hijacker sidefind runtime detection (spyware-put.rules)
6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules)
6281 <-> SPYWARE-PUT Hijacker yoursitebar runtime detection (spyware-put.rules)
6282 <-> SPYWARE-PUT Hijacker customtoolbar runtime detection (spyware-put.rules)
6283 <-> SPYWARE-PUT Hijacker websearch runtime detection - sitereview (spyware-put.rules)
6284 <-> SPYWARE-PUT Hijacker websearch runtime detection - webstat (spyware-put.rules)
6340 <-> SPYWARE-PUT Keylogger handy keylogger runtime detection (spyware-put.rules)
6341 <-> SPYWARE-PUT Hijacker spediabar user-agent string detected (spyware-put.rules)
6342 <-> SPYWARE-PUT Hijacker spediabar runtime detection - info check (spyware-put.rules)
6343 <-> SPYWARE-PUT Adware targetsaver runtime detection (spyware-put.rules)
6344 <-> SPYWARE-PUT Adware excite search bar runtime detection - config (spyware-put.rules)
6345 <-> SPYWARE-PUT Adware excite search bar runtime detection - search (spyware-put.rules)
6346 <-> SPYWARE-PUT Adware stationripper update detection (spyware-put.rules)
6347 <-> SPYWARE-PUT Adware stationripper ad display detection (spyware-put.rules)
6348 <-> SPYWARE-PUT Snoopware zenosearch runtime detection (spyware-put.rules)
6349 <-> SPYWARE-PUT Hijacker richfind update detection (spyware-put.rules)
6350 <-> SPYWARE-PUT Hijacker richfind auto search redirect detection (spyware-put.rules)
6351 <-> SPYWARE-PUT Hijacker adblock update detection (spyware-put.rules)
6352 <-> SPYWARE-PUT Hijacker adblock auto search redirect detection (spyware-put.rules)
6353 <-> SPYWARE-PUT Hijacker adblock ie search assistant redirect detection (spyware-put.rules)
6354 <-> SPYWARE-PUT Trickler wsearch runtime detection - auto update (spyware-put.rules)
6355 <-> SPYWARE-PUT Trickler wsearch runtime detection - mp3 search (spyware-put.rules)
6356 <-> SPYWARE-PUT Trickler wsearch runtime detection - desktop search (spyware-put.rules)
6357 <-> SPYWARE-PUT Hijacker need2find initial configuration detection (spyware-put.rules)
6358 <-> SPYWARE-PUT Hijacker need2find search query detection (spyware-put.rules)
6359 <-> SPYWARE-PUT Adware altnet runtime detection - initial retrieval (spyware-put.rules)
6360 <-> SPYWARE-PUT Adware altnet runtime detection - update (spyware-put.rules)
6361 <-> SPYWARE-PUT Adware altnet runtime detection - status report (spyware-put.rules)
6362 <-> SPYWARE-PUT Hijacker microgaming runtime detection (spyware-put.rules)
6363 <-> SPYWARE-PUT adware surfaccuracy runtime detection (spyware-put.rules)
6364 <-> SPYWARE-PUT Hijacker imeshbar runtime detection (spyware-put.rules)
6365 <-> SPYWARE-PUT Other-Technologies sony rootkit runtime detection (spyware-put.rules)
6366 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver user-agent string detected (spyware-put.rules)
6367 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver runtime etection - stop-sign ads (spyware-put.rules)
6368 <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - update request (spyware-put.rules)
6371 <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - pop up ads (spyware-put.rules)
6372 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get wsliveup.dat (spyware-put.rules)
6373 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - stbarpat.dat (spyware-put.rules)
6374 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (spyware-put.rules)
6375 <-> SPYWARE-PUT Trickler spyblocs.eblocs detection - register request (spyware-put.rules)
6376 <-> SPYWARE-PUT Hijacker girafa toolbar - toolbar update (spyware-put.rules)
6377 <-> SPYWARE-PUT Hijacker girafa toolbar - browser hijack (spyware-put.rules)
6378 <-> SPYWARE-PUT Hijacker adbars runtime detection - homepage hijack (spyware-put.rules)
6379 <-> SPYWARE-PUT Hijacker adbars runtime detection - search in toolbar (spyware-put.rules)
6380 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (spyware-put.rules)
6381 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - search in toolbar (spyware-put.rules)
6382 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - url hook (spyware-put.rules)
6383 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - tcp connection setup (spyware-put.rules)
6384 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent discover broadcast (spyware-put.rules)
6385 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent status monitoring (spyware-put.rules)
6386 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent up notification (spyware-put.rules)
6387 <-> SPYWARE-PUT Hijacker internet optimizer runtime detection - autosearch hijack (spyware-put.rules)
6388 <-> SPYWARE-PUT Hijacker internet optimizer runtime detection - error page hijack (spyware-put.rules)
6389 <-> SPYWARE-PUT Adware esyndicate runtime detection - postinstall request (spyware-put.rules)
6390 <-> SPYWARE-PUT Adware esyndicate runtime detection - ads popup (spyware-put.rules)
6391 <-> SPYWARE-PUT Adware esyndicate runtime detection - ads popup (spyware-put.rules)
6392 <-> SPYWARE-PUT Hijacker zeropopup runtime detection (spyware-put.rules)
6394 <-> SPYWARE-PUT Hijacker adstart runtime detection (spyware-put.rules)
6477 <-> SPYWARE-PUT Hacker-Tool beee runtime detection - smtp (spyware-put.rules)
6478 <-> SPYWARE-PUT Trackware searchingall toolbar runtime detection - send user url request (spyware-put.rules)
6479 <-> SPYWARE-PUT Snoopware totalvelocity zsearch runtime detection (spyware-put.rules)
6480 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - home page (spyware-put.rules)
6481 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - search (spyware-put.rules)
6482 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - get info (spyware-put.rules)
6483 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - home page hijacker (spyware-put.rules)
6484 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - search (spyware-put.rules)
6485 <-> SPYWARE-PUT Adware spyfalcon runtime detection - action report (spyware-put.rules)
6486 <-> SPYWARE-PUT Adware spyfalcon runtime detection - notification (spyware-put.rules)
6487 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - check updates (spyware-put.rules)
6488 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - redirect mistyped urls (spyware-put.rules)
6489 <-> SPYWARE-PUT Hijacker analyze IE runtime detection - default page hijacker (spyware-put.rules)
6490 <-> SPYWARE-PUT Dialer yeaknet runtime detection - home page hijacker (spyware-put.rules)
6491 <-> SPYWARE-PUT Dialer yeaknet runtime detection - post-installation (spyware-put.rules)
6492 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - notification (spyware-put.rules)
6493 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - post data (spyware-put.rules)
6494 <-> SPYWARE-PUT Adware yourenhancement runtime detection (spyware-put.rules)
6495 <-> SPYWARE-PUT Hijacker troj_spywad.x runtime detection (spyware-put.rules)
6496 <-> SPYWARE-PUT Adware adpowerzone runtime detection (spyware-put.rules)
6502 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (web-client.rules)
6503 <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - ANIMEXTS1.0 (web-client.rules)
6504 <-> WEB-CLIENT Sophos Anti-Virus CAB file overflow attempt (web-client.rules)
6505 <-> WEB-CLIENT quicktime fpx file SectNumMiniFAT overflow attempt (web-client.rules)
6506 <-> WEB-CLIENT quicktime udta atom overflow attempt (web-client.rules)
6509 <-> WEB-CLIENT Internet Explorer mhtml uri href buffer overflow attempt (web-client.rules)
6510 <-> WEB-CLIENT Internet Explorer mhtml uri shortcut buffer overflow attempt (web-client.rules)
6516 <-> WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX function call access (web-client.rules)
6517 <-> WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX CLSID access (web-client.rules)
6518 <-> WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX CLSID unicode access (web-client.rules)
6680 <-> WEB-CLIENT Windows Media Transform Effects ActiveX CLSID unicode access (web-client.rules)
6681 <-> WEB-CLIENT Windows Media Transform Effects ActiveX CLSID access (web-client.rules)
6682 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (web-client.rules)
6683 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX CLSID unicode access (web-client.rules)
6684 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX CLSID access (web-client.rules)
6685 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX CLSID unicode access (web-client.rules)
6686 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX CLSID access (web-client.rules)
6687 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (web-client.rules)
6688 <-> WEB-CLIENT PNG file transfer (web-client.rules)
6689 <-> WEB-CLIENT Malformed PNG detected cHRM overflow attempt (web-client.rules)
6690 <-> WEB-CLIENT Malformed PNG detected iCCP overflow attempt (web-client.rules)
6691 <-> WEB-CLIENT Malformed PNG detected sBIT overflow attempt (web-client.rules)
6692 <-> WEB-CLIENT Malformed PNG detected sRGB overflow attempt (web-client.rules)
6693 <-> WEB-CLIENT Malformed PNG detected bKGD overflow attempt (web-client.rules)
6694 <-> WEB-CLIENT Malformed PNG detected hIST overflow attempt (web-client.rules)
6695 <-> WEB-CLIENT Malformed PNG detected tRNS overflow attempt (web-client.rules)
6696 <-> WEB-CLIENT Malformed PNG detected pHYs overflow attempt (web-client.rules)
6697 <-> WEB-CLIENT Malformed PNG detected sPLT overflow attempt (web-client.rules)
6698 <-> WEB-CLIENT Malformed PNG detected tIME overflow attempt (web-client.rules)
6699 <-> WEB-CLIENT Malformed PNG detected iTXt overflow attempt (web-client.rules)
6700 <-> WEB-CLIENT Malformed PNG detected tEXt overflow attempt (web-client.rules)
6701 <-> WEB-CLIENT Malformed PNG detected zTXt overflow attempt (web-client.rules)
7002 <-> WEB-CLIENT excel url unicode overflow attempt (web-client.rules)
7003 <-> WEB-CLIENT ADODB.Recordset ActiveX function call access (web-client.rules)
7004 <-> WEB-CLIENT Internet.HHCtrl.1 ActiveX function call access (web-client.rules)
7005 <-> WEB-CLIENT OutlookExpress.AddressBook ActiveX function call access (web-client.rules)
7006 <-> WEB-CLIENT ASControls.InstallEngineCtl ActiveX function call access (web-client.rules)
7007 <-> WEB-CLIENT AxDebugger.Document.1 ActiveX function call access (web-client.rules)
7008 <-> WEB-CLIENT DirectAnimation.DAUserData ActiveX function call access (web-client.rules)
7009 <-> WEB-CLIENT DirectAnimation.StructuredGraphicsControl ActiveX function call access (web-client.rules)
7010 <-> WEB-CLIENT HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (web-client.rules)
7011 <-> WEB-CLIENT HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (web-client.rules)
7012 <-> WEB-CLIENT Internet.PopupMenu.1 ActiveX function call access (web-client.rules)
7013 <-> WEB-CLIENT Microsoft.ISCatAdm ActiveX function call access (web-client.rules)
7014 <-> WEB-CLIENT NMSA.ASFSourceMediaDescription.1 ActiveX function call access (web-client.rules)
7015 <-> WEB-CLIENT NMSA.MediaDescription ActiveX function call access (web-client.rules)
7016 <-> WEB-CLIENT Object.Microsoft.DXTFilter ActiveX function call access (web-client.rules)
7017 <-> WEB-CLIENT RDS.DataControl ActiveX function call access (web-client.rules)
7018 <-> WEB-CLIENT Sysmon ActiveX function call access (web-client.rules)
7020 <-> WEB-CLIENT isComponentInstalled function call access (web-client.rules)
7022 <-> WEB-CLIENT windows explorer invalid url file overflow attempt (web-client.rules)
7023 <-> WEB-CLIENT xls file download (web-client.rules)
7024 <-> WEB-CLIENT excel style handling overflow attempt (web-client.rules)
7025 <-> WEB-CLIENT excel url unicode overflow attempt (web-client.rules)
7026 <-> WEB-CLIENT RDS.Dataspace ActiveX function call access (web-client.rules)
7047 <-> WEB-CLIENT excel object record overflow attempt (web-client.rules)
7048 <-> WEB-CLIENT excel object record overflow attempt (web-client.rules)
7049 <-> SPYWARE-PUT Hijacker extreme biz runtime detection - uniq1 (spyware-put.rules)
7050 <-> SPYWARE-PUT Hijacker freecruise toolbar runtime detection (spyware-put.rules)
7051 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - spyware injection (spyware-put.rules)
7052 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - adv (spyware-put.rules)
7053 <-> SPYWARE-PUT Adware webredir runtime detection (spyware-put.rules)
7054 <-> SPYWARE-PUT Trickler download arq variant runtime detection (spyware-put.rules)
7055 <-> SPYWARE-PUT Hijacker vip01 biz runtime detection - adv (spyware-put.rules)
7123 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - update (spyware-put.rules)
7124 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - buy (spyware-put.rules)
7125 <-> SPYWARE-PUT Hijacker traffbest biz runtime detection - adv (spyware-put.rules)
7126 <-> SPYWARE-PUT Hijacker trojan proxy atiup runtime detection - notification (spyware-put.rules)
7127 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (spyware-put.rules)
7128 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (spyware-put.rules)
7129 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (spyware-put.rules)
7130 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (spyware-put.rules)
7135 <-> SPYWARE-PUT Hijacker dsrch runtime detection - config info retrieval (spyware-put.rules)
7136 <-> SPYWARE-PUT Hijacker dsrch runtime detection - search assistant redirect (spyware-put.rules)
7137 <-> SPYWARE-PUT Hijacker dsrch runtime detection - side search redirect (spyware-put.rules)
7138 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - version check (spyware-put.rules)
7139 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - fake search query (spyware-put.rules)
7140 <-> SPYWARE-PUT Adware pay-per-click runtime detection - configuration (spyware-put.rules)
7141 <-> SPYWARE-PUT Adware pay-per-click runtime detection - update (spyware-put.rules)
7142 <-> SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (spyware-put.rules)
7143 <-> SPYWARE-PUT Adware digink.com runtime detection (spyware-put.rules)
7144 <-> SPYWARE-PUT Hijacker cool search runtime detection (spyware-put.rules)
7145 <-> SPYWARE-PUT Other-Technologies spam maxy runtime detection (spyware-put.rules)
7146 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - sin notification (spyware-put.rules)
7147 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - icq notification (spyware-put.rules)
7148 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - cgi notification (spyware-put.rules)
7149 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - php notification (spyware-put.rules)
7150 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - irc notification (spyware-put.rules)
7151 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - net send notification (spyware-put.rules)
7152 <-> SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - installation (spyware-put.rules)
7153 <-> SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - hijacking (spyware-put.rules)
7154 <-> SPYWARE-PUT Keylogger active keylogger home runtime detection (spyware-put.rules)
7155 <-> SPYWARE-PUT Trickler jubster runtime detection (spyware-put.rules)
7156 <-> SPYWARE-PUT Keylogger win-spy runtime detection - email delivery (spyware-put.rules)
7157 <-> SPYWARE-PUT Keylogger win-spy runtime detection - remote conn client-to-server (spyware-put.rules)
7158 <-> SPYWARE-PUT Keylogger win-spy runtime detection - remote conn server-to-client (spyware-put.rules)
7159 <-> SPYWARE-PUT Keylogger win-spy runtime detection - upload file client-to-server (spyware-put.rules)
7160 <-> SPYWARE-PUT Keylogger win-spy runtime detection - upload file server-to-client (spyware-put.rules)
7161 <-> SPYWARE-PUT Keylogger win-spy runtime detection - download file client-to-server (spyware-put.rules)
7162 <-> SPYWARE-PUT Keylogger win-spy runtime detection - download file server-to-client (spyware-put.rules)
7163 <-> SPYWARE-PUT Keylogger win-spy runtime detection - execute file client-to-server (spyware-put.rules)
7164 <-> SPYWARE-PUT Keylogger win-spy runtime detection - execute file server-to-client (spyware-put.rules)
7165 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 1 (spyware-put.rules)
7166 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 2 (spyware-put.rules)
7167 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 3 (spyware-put.rules)
7168 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 4 (spyware-put.rules)
7169 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange (spyware-put.rules)
7175 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - log retrieve (spyware-put.rules)
7176 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - log retrieve (spyware-put.rules)
7177 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - info send through email (spyware-put.rules)
7178 <-> SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (spyware-put.rules)
7179 <-> SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (spyware-put.rules)
7180 <-> SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (spyware-put.rules)
7183 <-> SPYWARE-PUT Snoopware barok runtime detection (spyware-put.rules)
7184 <-> SPYWARE-PUT Keylogger 007 spy software runtime detection - smtp (spyware-put.rules)
7185 <-> SPYWARE-PUT Keylogger 007 spy software runtime detection - ftp (spyware-put.rules)
7186 <-> SPYWARE-PUT Keylogger kgb Keylogger runtime detection (spyware-put.rules)
7187 <-> SPYWARE-PUT Trackware shopathome user-agent detected (spyware-put.rules)
7188 <-> SPYWARE-PUT Hijacker shop at home select - merchant redirect in progress (spyware-put.rules)
7189 <-> SPYWARE-PUT Trackware shopathome runtime detection - setcookie request (spyware-put.rules)
7190 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (spyware-put.rules)
7191 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (spyware-put.rules)
7192 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (spyware-put.rules)
7193 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (spyware-put.rules)
7194 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - services requests (spyware-put.rules)
7195 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities (spyware-put.rules)
7197 <-> WEB-CLIENT excel MSO.DLL malformed string parsing single byte buffer over attempt (web-client.rules)
7198 <-> WEB-CLIENT excel MSO.DLL malformed string parsing multi byte buffer over attempt (web-client.rules)
7199 <-> WEB-CLIENT excel label record overflow attempt (web-client.rules)
7200 <-> WEB-CLIENT microsoft word document summary information null string overflow attempt (web-client.rules)
7201 <-> WEB-CLIENT microsoft word summary information null string overflow attempt (web-client.rules)
7202 <-> WEB-CLIENT microsoft word document summary information string overflow attempt (web-client.rules)
7203 <-> WEB-CLIENT microsoft word information string overflow attempt (web-client.rules)
7204 <-> WEB-CLIENT excel object ftCmo overflow attempt (web-client.rules)
7205 <-> WEB-CLIENT excel FngGroupCount record overflow attempt (web-client.rules)
7425 <-> WEB-CLIENT 9x8Resize ActiveX CLSID access (web-client.rules)
7426 <-> WEB-CLIENT 9x8Resize ActiveX CLSID unicode access (web-client.rules)
7427 <-> WEB-CLIENT Allocator Fix ActiveX CLSID access (web-client.rules)
7428 <-> WEB-CLIENT Allocator Fix ActiveX CLSID unicode access (web-client.rules)
7429 <-> WEB-CLIENT Bitmap ActiveX CLSID access (web-client.rules)
7430 <-> WEB-CLIENT Bitmap ActiveX CLSID unicode access (web-client.rules)
7431 <-> WEB-CLIENT DirectFrame.DirectControl.1 ActiveX CLSID access (web-client.rules)
7432 <-> WEB-CLIENT DirectFrame.DirectControl.1 ActiveX CLSID unicode access (web-client.rules)
7433 <-> WEB-CLIENT DirectX Transform Wrapper Property Page ActiveX CLSID access (web-client.rules)
7434 <-> WEB-CLIENT DirectX Transform Wrapper Property Page ActiveX CLSID unicode access (web-client.rules)
7435 <-> WEB-CLIENT Dynamic Casts ActiveX CLSID access (web-client.rules)
7436 <-> WEB-CLIENT Dynamic Casts ActiveX CLSID unicode access (web-client.rules)
7437 <-> WEB-CLIENT Frame Eater ActiveX CLSID access (web-client.rules)
7438 <-> WEB-CLIENT Frame Eater ActiveX CLSID unicode access (web-client.rules)
7439 <-> WEB-CLIENT HTML Help ActiveX clsid access (web-client.rules)
7440 <-> WEB-CLIENT HTML Help ActiveX clsid unicode access (web-client.rules)
7441 <-> WEB-CLIENT HTML Help ActiveX CLSID unicode access (web-client.rules)
7442 <-> WEB-CLIENT mmAEPlugIn.AEPlugIn.1 ActiveX CLSID access (web-client.rules)
7443 <-> WEB-CLIENT mmAEPlugIn.AEPlugIn.1 ActiveX CLSID unicode access (web-client.rules)
7444 <-> WEB-CLIENT Mmedia.AsyncMHandler.1 ActiveX CLSID access (web-client.rules)
7445 <-> WEB-CLIENT Mmedia.AsyncMHandler.1 ActiveX CLSID unicode access (web-client.rules)
7446 <-> WEB-CLIENT Record Queue ActiveX CLSID access (web-client.rules)
7447 <-> WEB-CLIENT Record Queue ActiveX CLSID unicode access (web-client.rules)
7448 <-> WEB-CLIENT ShotDetect ActiveX CLSID access (web-client.rules)
7449 <-> WEB-CLIENT ShotDetect ActiveX CLSID unicode access (web-client.rules)
7450 <-> WEB-CLIENT Stetch ActiveX CLSID access (web-client.rules)
7451 <-> WEB-CLIENT Stetch ActiveX CLSID unicode access (web-client.rules)
7452 <-> WEB-CLIENT WM Color Converter Filter ActiveX CLSID access (web-client.rules)
7453 <-> WEB-CLIENT WM Color Converter Filter ActiveX CLSID unicode access (web-client.rules)
7454 <-> WEB-CLIENT Wmm2ae.dll ActiveX CLSID access (web-client.rules)
7455 <-> WEB-CLIENT Wmm2ae.dll ActiveX CLSID unicode access (web-client.rules)
7456 <-> WEB-CLIENT Wmm2fxa.dll ActiveX CLSID access (web-client.rules)
7457 <-> WEB-CLIENT Wmm2fxa.dll ActiveX CLSID unicode access (web-client.rules)
7458 <-> WEB-CLIENT Wmm2fxb.dll ActiveX CLSID access (web-client.rules)
7459 <-> WEB-CLIENT Wmm2fxb.dll ActiveX CLSID unicode access (web-client.rules)
7460 <-> WEB-CLIENT WMT Audio Analyzer ActiveX CLSID access (web-client.rules)
7461 <-> WEB-CLIENT WMT Audio Analyzer ActiveX CLSID unicode access (web-client.rules)
7462 <-> WEB-CLIENT WMT Black Frame Generator ActiveX CLSID access (web-client.rules)
7463 <-> WEB-CLIENT WMT Black Frame Generator ActiveX CLSID unicode access (web-client.rules)
7464 <-> WEB-CLIENT WMT DeInterlace Filter ActiveX CLSID access (web-client.rules)
7465 <-> WEB-CLIENT WMT DeInterlace Filter ActiveX CLSID unicode access (web-client.rules)
7466 <-> WEB-CLIENT WMT DeInterlace Prop Page ActiveX CLSID access (web-client.rules)
7467 <-> WEB-CLIENT WMT DeInterlace Prop Page ActiveX CLSID unicode access (web-client.rules)
7468 <-> WEB-CLIENT WMT DirectX Transform Wrapper ActiveX CLSID access (web-client.rules)
7469 <-> WEB-CLIENT WMT DirectX Transform Wrapper ActiveX CLSID unicode access (web-client.rules)
7470 <-> WEB-CLIENT WMT DV Extract Filter ActiveX CLSID access (web-client.rules)
7471 <-> WEB-CLIENT WMT DV Extract Filter ActiveX CLSID unicode access (web-client.rules)
7472 <-> WEB-CLIENT WMT FormatConversion Prop Page ActiveX CLSID access (web-client.rules)
7473 <-> WEB-CLIENT WMT FormatConversion Prop Page ActiveX CLSID unicode access (web-client.rules)
7474 <-> WEB-CLIENT WMT FormatConversion ActiveX CLSID access (web-client.rules)
7475 <-> WEB-CLIENT WMT FormatConversion ActiveX CLSID unicode access (web-client.rules)
7476 <-> WEB-CLIENT WMT Import Filter ActiveX CLSID access (web-client.rules)
7477 <-> WEB-CLIENT WMT Import Filter ActiveX CLSID unicode access (web-client.rules)
7478 <-> WEB-CLIENT WMT Interlacer ActiveX CLSID access (web-client.rules)
7479 <-> WEB-CLIENT WMT Interlacer ActiveX CLSID unicode access (web-client.rules)
7480 <-> WEB-CLIENT WMT Log Filter ActiveX CLSID access (web-client.rules)
7481 <-> WEB-CLIENT WMT Log Filter ActiveX CLSID unicode access (web-client.rules)
7482 <-> WEB-CLIENT WMT MuxDeMux Filter ActiveX CLSID access (web-client.rules)
7483 <-> WEB-CLIENT WMT MuxDeMux Filter ActiveX CLSID unicode access (web-client.rules)
7484 <-> WEB-CLIENT WMT Sample Info Filter ActiveX CLSID access (web-client.rules)
7485 <-> WEB-CLIENT WMT Sample Info Filter ActiveX CLSID unicode access (web-client.rules)
7486 <-> WEB-CLIENT WMT Screen Capture Filter Task Page ActiveX CLSID access (web-client.rules)
7487 <-> WEB-CLIENT WMT Screen Capture Filter Task Page ActiveX CLSID unicode access (web-client.rules)
7488 <-> WEB-CLIENT WMT Screen capture Filter ActiveX CLSID access (web-client.rules)
7489 <-> WEB-CLIENT WMT Screen capture Filter ActiveX CLSID unicode access (web-client.rules)
7490 <-> WEB-CLIENT WMT Switch Filter ActiveX CLSID access (web-client.rules)
7491 <-> WEB-CLIENT WMT Switch Filter ActiveX CLSID unicode access (web-client.rules)
7492 <-> WEB-CLIENT WMT Virtual Renderer ActiveX CLSID access (web-client.rules)
7493 <-> WEB-CLIENT WMT Virtual Renderer ActiveX CLSID unicode access (web-client.rules)
7494 <-> WEB-CLIENT WMT Virtual Source ActiveX CLSID access (web-client.rules)
7495 <-> WEB-CLIENT WMT Virtual Source ActiveX CLSID unicode access (web-client.rules)
7496 <-> WEB-CLIENT WMT Volume ActiveX CLSID access (web-client.rules)
7497 <-> WEB-CLIENT WMT Volume ActiveX CLSID unicode access (web-client.rules)
7498 <-> WEB-CLIENT WM TV Out Smooth Picture Filter ActiveX CLSID access (web-client.rules)
7499 <-> WEB-CLIENT WM TV Out Smooth Picture Filter ActiveX CLSID unicode access (web-client.rules)
7500 <-> WEB-CLIENT WM VIH2 Fix ActiveX CLSID access (web-client.rules)
7501 <-> WEB-CLIENT WM VIH2 Fix ActiveX CLSID unicode access (web-client.rules)
7502 <-> WEB-CLIENT tsuserex.ADsTSUserEx.1 ActiveX CLSID access (web-client.rules)
7503 <-> WEB-CLIENT tsuserex.ADsTSUserEx.1 ActiveX CLSID unicode access (web-client.rules)
7504 <-> SPYWARE-PUT Keylogger actualspy runtime detection - ftp-data (spyware-put.rules)
7505 <-> SPYWARE-PUT Keylogger actualspy runtime detection - smtp (spyware-put.rules)
7506 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - init connection - flowbit set (spyware-put.rules)
7507 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - init connection (spyware-put.rules)
7508 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - ping - flowbit set (spyware-put.rules)
7509 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - ping (spyware-put.rules)
7510 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - version verification (spyware-put.rules)
7511 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - get ads page (spyware-put.rules)
7512 <-> SPYWARE-PUT Keylogger watchdog runtime detection - init connection - flowbit set (spyware-put.rules)
7513 <-> SPYWARE-PUT Keylogger watchdog runtime detection - init connection (spyware-put.rules)
7514 <-> SPYWARE-PUT Keylogger watchdog runtime detection - send out info to server periodically (spyware-put.rules)
7515 <-> SPYWARE-PUT Keylogger watchdog runtime detection - remote monitoring (spyware-put.rules)
7516 <-> SPYWARE-PUT Trickler hmtoolbar runtime detection (spyware-put.rules)
7517 <-> SPYWARE-PUT Hijacker chinese keywords runtime detection (spyware-put.rules)
7518 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - get up-to-date news info (spyware-put.rules)
7519 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - track activity (spyware-put.rules)
7520 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - ie autosearch hijack (spyware-put.rules)
7521 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 1 (spyware-put.rules)
7522 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 2 (spyware-put.rules)
7523 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - click news button links (spyware-put.rules)
7524 <-> SPYWARE-PUT Hijacker moneybar runtime detection - cgispy counter (spyware-put.rules)
7525 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - barad.asp request (spyware-put.rules)
7526 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - stat counter (spyware-put.rules)
7527 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - toolbar find function (spyware-put.rules)
7528 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - ie autosearch hijack (spyware-put.rules)
7529 <-> SPYWARE-PUT Snoopware halflife jacker runtime detection (spyware-put.rules)
7530 <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - trickler (spyware-put.rules)
7531 <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - login (spyware-put.rules)
7532 <-> SPYWARE-PUT Adware piolet runtime detection - user-agent (spyware-put.rules)
7533 <-> SPYWARE-PUT Adware piolet runtime detection - ads request (spyware-put.rules)
7534 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - ie hijacking (spyware-put.rules)
7535 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - pass information (spyware-put.rules)
7536 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - popup (spyware-put.rules)
7537 <-> SPYWARE-PUT Trackware arrow search runtime detection (spyware-put.rules)
7538 <-> SPYWARE-PUT Screen-Scraper hidden camera runtime detection (spyware-put.rules)
7539 <-> SPYWARE-PUT Keylogger eye spy pro 1.0 runtime detection (spyware-put.rules)
7540 <-> SPYWARE-PUT Hacker-Tool unify runtime detection - cgi notification (spyware-put.rules)
7541 <-> SPYWARE-PUT Keylogger starlogger runtime detection (spyware-put.rules)
7542 <-> SPYWARE-PUT Hacker-Tool mini oblivion runtime detection - successful init connection (spyware-put.rules)
7543 <-> SPYWARE-PUT Hijacker 2020search runtime detection (spyware-put.rules)
7544 <-> SPYWARE-PUT Keylogger PerfectKeylogger runtime detection - flowbit set 1 (spyware-put.rules)
7545 <-> SPYWARE-PUT Keylogger PerfectKeylogger runtime detection - flowbit set 2 (spyware-put.rules)
7546 <-> SPYWARE-PUT Keylogger PerfectKeylogger runtime detection (spyware-put.rules)
7547 <-> SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection - agent status monitoring (spyware-put.rules)
7548 <-> SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection - agent up notification (spyware-put.rules)
7549 <-> SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection (spyware-put.rules)
7550 <-> SPYWARE-PUT Adware adroar runtime detection (spyware-put.rules)
7551 <-> SPYWARE-PUT Keylogger ardamax keylogger runtime detection - smtp (spyware-put.rules)
7552 <-> SPYWARE-PUT Keylogger ardamax keylogger runtime detection - ftp (spyware-put.rules)
7553 <-> SPYWARE-PUT Adware hxdl runtime detection - hxlogonly user-agent (spyware-put.rules)
7554 <-> SPYWARE-PUT Adware hxdl runtime detection - hxdownload user-agent (spyware-put.rules)
7556 <-> SPYWARE-PUT Hijacker blazefind runtime detection - search bar (spyware-put.rules)
7557 <-> SPYWARE-PUT Trackware purityscan runtime detection - start up (spyware-put.rules)
7558 <-> SPYWARE-PUT Trackware purityscan runtime detection - installation notify (spyware-put.rules)
7559 <-> SPYWARE-PUT Trackware purityscan runtime detection - track user activity and status (spyware-put.rules)
7560 <-> SPYWARE-PUT Trackware purityscan runtime detection - self update (spyware-put.rules)
7561 <-> SPYWARE-PUT Trackware purityscan runtime detection - opt out of interstitial advertising (spyware-put.rules)
7562 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 1 (spyware-put.rules)
7563 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 2 (spyware-put.rules)
7564 <-> SPYWARE-PUT Hijacker startnow runtime detection (spyware-put.rules)
7565 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - search engine (spyware-put.rules)
7566 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - redirector (spyware-put.rules)
7567 <-> SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection (spyware-put.rules)
7568 <-> SPYWARE-PUT Trackware webhancer runtime detection (spyware-put.rules)
7569 <-> SPYWARE-PUT Adware lordofsearch runtime detection (spyware-put.rules)
7570 <-> SPYWARE-PUT Hijacker linkspider search bar runtime detection - ads (spyware-put.rules)
7571 <-> SPYWARE-PUT Hijacker linkspider search bar runtime detection - toolbar search (spyware-put.rules)
7572 <-> SPYWARE-PUT Trickler album galaxy runtime detection - startup data (spyware-put.rules)
7573 <-> SPYWARE-PUT Trickler album galaxy runtime detection - p2p gnutella (spyware-put.rules)
7574 <-> SPYWARE-PUT Keylogger proagent 2.0 runtime detection (spyware-put.rules)
7575 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - weather request (spyware-put.rules)
7576 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - hijack ie browser (spyware-put.rules)
7577 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - collect information (spyware-put.rules)
7578 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - reference (spyware-put.rules)
7579 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - smileys (spyware-put.rules)
7580 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - update (spyware-put.rules)
7581 <-> SPYWARE-PUT Hijacker flashbar runtime detection - user-agent (spyware-put.rules)
7582 <-> SPYWARE-PUT Trickler pcast runtime detection - update checking (spyware-put.rules)
7583 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set big (spyware-put.rules)
7584 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set open (spyware-put.rules)
7585 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set image (spyware-put.rules)
7586 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - image transferred (spyware-put.rules)
7587 <-> SPYWARE-PUT Trickler urlblaze runtime detection - software information request (spyware-put.rules)
7588 <-> SPYWARE-PUT Trickler urlblaze runtime detection - files search or download (spyware-put.rules)
7589 <-> SPYWARE-PUT Trickler urlblaze runtime detection - irc notification (spyware-put.rules)
7590 <-> SPYWARE-PUT Hijacker swbar runtime detection (spyware-put.rules)
7591 <-> SPYWARE-PUT Keylogger keylogger pro runtime detection - flowbit set (spyware-put.rules)
7592 <-> SPYWARE-PUT Keylogger keylogger pro runtime detection (spyware-put.rules)
7593 <-> SPYWARE-PUT Trackware trellian toolbarbrowser runtime detection (spyware-put.rules)
7594 <-> SPYWARE-PUT Adware comedy planet runtime detection - ads (spyware-put.rules)
7595 <-> SPYWARE-PUT Adware comedy planet runtime detection - collect user information (spyware-put.rules)
7596 <-> SPYWARE-PUT Keylogger spy lantern keylogger runtime detection - flowbit set (spyware-put.rules)
7597 <-> SPYWARE-PUT Keylogger spy lantern keylogger runtime detection (spyware-put.rules)
7598 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - search in toolbar (spyware-put.rules)
7599 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - user info collection (spyware-put.rules)
7600 <-> SPYWARE-PUT Hijacker adtraffic runtime detection - notfound website search hijack and redirection (spyware-put.rules)
7601 <-> SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to keyserver (spyware-put.rules)
7602 <-> SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to receiver - flowbit set (spyware-put.rules)
7603 <-> SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to receiver (spyware-put.rules)
7823 <-> SPYWARE-PUT Adware whenu runtime detection - datachunksgz (spyware-put.rules)
7824 <-> SPYWARE-PUT Trickler whenu.clocksync runtime detection (spyware-put.rules)
7825 <-> SPYWARE-PUT Adware whenu.savenow runtime detection (spyware-put.rules)
7826 <-> SPYWARE-PUT Trickler whenu.weathercast runtime detection - check (spyware-put.rules)
7827 <-> SPYWARE-PUT Adware whenu runtime detection - search request 1 (spyware-put.rules)
7828 <-> SPYWARE-PUT Adware whenu runtime detection - search request 2 (spyware-put.rules)
7829 <-> SPYWARE-PUT Adware gator user-agent detected (spyware-put.rules)
7830 <-> SPYWARE-PUT Botnet dacryptic runtime detection (spyware-put.rules)
7831 <-> SPYWARE-PUT Adware downloadplus runtime detection (spyware-put.rules)
7832 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - active/update (spyware-put.rules)
7833 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - search (spyware-put.rules)
7834 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (spyware-put.rules)
7835 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (spyware-put.rules)
7836 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report send through email (spyware-put.rules)
7837 <-> SPYWARE-PUT Keylogger spyoutside runtime detection - email delivery (spyware-put.rules)
7838 <-> SPYWARE-PUT Adware smiley central runtime detection (spyware-put.rules)
7839 <-> SPYWARE-PUT Hijacker rx toolbar runtime detection (spyware-put.rules)
7840 <-> SPYWARE-PUT Hijacker instafinder initial configuration detection (spyware-put.rules)
7841 <-> SPYWARE-PUT Hijacker instafinder error redirect detection (spyware-put.rules)
7842 <-> SPYWARE-PUT Hacker-Tool davps runtime detection (spyware-put.rules)
7843 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - search engine hijack (spyware-put.rules)
7844 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - post data (spyware-put.rules)
7845 <-> SPYWARE-PUT Keylogger clogger 1.0 runtime detection (spyware-put.rules)
7846 <-> SPYWARE-PUT Keylogger clogger 1.0 runtime detection (spyware-put.rules)
7847 <-> SPYWARE-PUT Keylogger clogger 1.0 runtime detection - send log through email (spyware-put.rules)
7848 <-> SPYWARE-PUT Hijacker netguide runtime detection (spyware-put.rules)
7849 <-> SPYWARE-PUT Trickler maxsearch runtime detection - toolbar download (spyware-put.rules)
7850 <-> SPYWARE-PUT Trickler maxsearch runtime detection - retrieve command (spyware-put.rules)
7851 <-> SPYWARE-PUT Trickler maxsearch runtime detection - ack (spyware-put.rules)
7852 <-> SPYWARE-PUT Trickler maxsearch runtime detection - advertisement (spyware-put.rules)
7853 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 1 (spyware-put.rules)
7854 <-> SPYWARE-PUT Adware web-nexus runtime detection - config retrieval (spyware-put.rules)
7855 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 2 (spyware-put.rules)
7856 <-> SPYWARE-PUT Trackware winsysba-a runtime detection - track surfing activity (spyware-put.rules)
7857 <-> SPYWARE-PUT Keylogger EliteKeylogger runtime detection (spyware-put.rules)
7862 <-> WEB-CLIENT McSubMgr.IsAppExpired ActiveX function call access (web-client.rules)
7863 <-> WEB-CLIENT McSubMgr.IsOldAppInstalled ActiveX function call access (web-client.rules)
7864 <-> WEB-CLIENT McSubMgr ActiveX CLSID access (web-client.rules)
7865 <-> WEB-CLIENT McSubMgr ActiveX CLSID unicode access (web-client.rules)
7866 <-> WEB-CLIENT ADODB.Connection ActiveX clsid access (web-client.rules)
7867 <-> WEB-CLIENT ADODB.Connection ActiveX clsid unicode access (web-client.rules)
7868 <-> WEB-CLIENT ADODB.Recordset ActiveX CLSID access (web-client.rules)
7869 <-> WEB-CLIENT ADODB.Recordset ActiveX CLSID unicode access (web-client.rules)
7870 <-> WEB-CLIENT Microsoft Office Data Source Control 9.0 ActiveX CLSID access (web-client.rules)
7871 <-> WEB-CLIENT Microsoft Office Data Source Control 9.0 ActiveX CLSID unicode access (web-client.rules)
7872 <-> WEB-CLIENT Microsoft Office Spreadsheet 10.0 ActiveX CLSID access (web-client.rules)
7873 <-> WEB-CLIENT Microsoft Office Spreadsheet 10.0 ActiveX CLSID unicode access (web-client.rules)
7874 <-> WEB-CLIENT Microsoft Office PivotTable 10.0 ActiveX CLSID access (web-client.rules)
7875 <-> WEB-CLIENT Microsoft Office PivotTable 10.0 ActiveX CLSID unicode access (web-client.rules)
7876 <-> WEB-CLIENT Microsoft Office Data Source Control 10.0 ActiveX CLSID access (web-client.rules)
7877 <-> WEB-CLIENT Microsoft Office Data Source Control 10.0 ActiveX CLSID unicode access (web-client.rules)
7878 <-> WEB-CLIENT AxMetaStream.MetaStreamCtl ActiveX CLSID access (web-client.rules)
7879 <-> WEB-CLIENT AxMetaStream.MetaStreamCtl ActiveX CLSID unicode access (web-client.rules)
7880 <-> WEB-CLIENT AxMetaStream.MetaStreamCtlSecondary ActiveX CLSID access (web-client.rules)
7881 <-> WEB-CLIENT AxMetaStream.MetaStreamCtlSecondary ActiveX CLSID unicode access (web-client.rules)
7882 <-> WEB-CLIENT AccSync.AccSubNotHandler ActiveX CLSID access (web-client.rules)
7883 <-> WEB-CLIENT AccSync.AccSubNotHandler ActiveX CLSID unicode access (web-client.rules)
7884 <-> WEB-CLIENT AolCalSvr.ACCalendarListCtrl ActiveX CLSID access (web-client.rules)
7885 <-> WEB-CLIENT AolCalSvr.ACCalendarListCtrl ActiveX CLSID unicode access (web-client.rules)
7886 <-> WEB-CLIENT AolCalSvr.ACDictionary ActiveX CLSID access (web-client.rules)
7887 <-> WEB-CLIENT AolCalSvr.ACDictionary ActiveX CLSID unicode access (web-client.rules)
7888 <-> WEB-CLIENT AOLFlash.AOLFlash ActiveX CLSID access (web-client.rules)
7889 <-> WEB-CLIENT AOLFlash.AOLFlash ActiveX CLSID unicode access (web-client.rules)
7890 <-> WEB-CLIENT AOL.MemExpWz ActiveX CLSID access (web-client.rules)
7891 <-> WEB-CLIENT AOL.MemExpWz ActiveX CLSID unicode access (web-client.rules)
7892 <-> WEB-CLIENT AOL Phobos Class ActiveX CLSID access (web-client.rules)
7893 <-> WEB-CLIENT AOL Phobos Class ActiveX CLSID unicode access (web-client.rules)
7894 <-> WEB-CLIENT AOL.PicDownloadCtrl ActiveX CLSID access (web-client.rules)
7895 <-> WEB-CLIENT AOL.PicDownloadCtrl ActiveX CLSID unicode access (web-client.rules)
7896 <-> WEB-CLIENT AOL.PicEditCtrl ActiveX CLSID access (web-client.rules)
7897 <-> WEB-CLIENT AOL.PicEditCtrl ActiveX CLSID unicode access (web-client.rules)
7898 <-> WEB-CLIENT AOL.PicSsvrCtrl ActiveX CLSID access (web-client.rules)
7899 <-> WEB-CLIENT AOL.PicSsvrCtrl ActiveX CLSID unicode access (web-client.rules)
7900 <-> WEB-CLIENT AOL.UPFCtrl ActiveX CLSID access (web-client.rules)
7901 <-> WEB-CLIENT AOL.UPFCtrl ActiveX CLSID unicode access (web-client.rules)
7902 <-> WEB-CLIENT CDDBControlAOL.CDDBAOLControl ActiveX clsid access (web-client.rules)
7903 <-> WEB-CLIENT CDDBControlAOL.CDDBAOLControl ActiveX clsid unicode access (web-client.rules)
7904 <-> WEB-CLIENT CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7905 <-> WEB-CLIENT CDL Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7906 <-> WEB-CLIENT CDO.KnowledgeSearchFolder ActiveX CLSID access (web-client.rules)
7907 <-> WEB-CLIENT CDO.KnowledgeSearchFolder ActiveX CLSID unicode access (web-client.rules)
7908 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid access (web-client.rules)
7909 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid unicode access (web-client.rules)
7910 <-> WEB-CLIENT DXImageTransform.Microsoft.DropShadow ActiveX CLSID access (web-client.rules)
7911 <-> WEB-CLIENT DXImageTransform.Microsoft.DropShadow ActiveX CLSID unicode access (web-client.rules)
7912 <-> WEB-CLIENT DX3DTransform.Microsoft.Shapes ActiveX CLSID access (web-client.rules)
7913 <-> WEB-CLIENT DX3DTransform.Microsoft.Shapes ActiveX CLSID unicode access (web-client.rules)
7914 <-> WEB-CLIENT DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID access (web-client.rules)
7915 <-> WEB-CLIENT DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID unicode access (web-client.rules)
7916 <-> WEB-CLIENT CLSID_IMimeInternational ActiveX CLSID access (web-client.rules)
7917 <-> WEB-CLIENT CLSID_IMimeInternational ActiveX CLSID unicode access (web-client.rules)
7918 <-> WEB-CLIENT CoAxTrackVideo Class ActiveX CLSID access (web-client.rules)
7919 <-> WEB-CLIENT CoAxTrackVideo Class ActiveX CLSID unicode access (web-client.rules)
7920 <-> WEB-CLIENT DsPropertyPages.OU ActiveX CLSID access (web-client.rules)
7921 <-> WEB-CLIENT DsPropertyPages.OU ActiveX CLSID unicode access (web-client.rules)
7922 <-> WEB-CLIENT DXImageTransform.Microsoft.RevealTrans ActiveX CLSID access (web-client.rules)
7923 <-> WEB-CLIENT DXImageTransform.Microsoft.RevealTrans ActiveX CLSID unicode access (web-client.rules)
7924 <-> WEB-CLIENT DXImageTransform.Microsoft.Shadow ActiveX CLSID access (web-client.rules)
7925 <-> WEB-CLIENT DXImageTransform.Microsoft.Shadow ActiveX CLSID unicode access (web-client.rules)
7926 <-> WEB-CLIENT DXTFilter ActiveX CLSID access (web-client.rules)
7927 <-> WEB-CLIENT DXTFilter ActiveX CLSID unicode access (web-client.rules)
7928 <-> WEB-CLIENT file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7929 <-> WEB-CLIENT file or local Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7930 <-> WEB-CLIENT FolderItem2 ActiveX CLSID access (web-client.rules)
7931 <-> WEB-CLIENT FolderItem2 ActiveX CLSID unicode access (web-client.rules)
7932 <-> WEB-CLIENT FolderItems3 ActiveX CLSID access (web-client.rules)
7933 <-> WEB-CLIENT FolderItems3 ActiveX CLSID unicode access (web-client.rules)
7934 <-> WEB-CLIENT ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7935 <-> WEB-CLIENT ftp Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7936 <-> WEB-CLIENT DXImageTransform.Microsoft.Glow ActiveX CLSID access (web-client.rules)
7937 <-> WEB-CLIENT DXImageTransform.Microsoft.Glow ActiveX CLSID unicode access (web-client.rules)
7938 <-> WEB-CLIENT gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7939 <-> WEB-CLIENT gopher Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7940 <-> WEB-CLIENT DXImageTransform.Microsoft.Gradient ActiveX CLSID access (web-client.rules)
7941 <-> WEB-CLIENT DXImageTransform.Microsoft.Gradient ActiveX CLSID unicode access (web-client.rules)
7942 <-> WEB-CLIENT http Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7943 <-> WEB-CLIENT http Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7944 <-> WEB-CLIENT https Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7945 <-> WEB-CLIENT https Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7946 <-> WEB-CLIENT DXImageTransform.Microsoft.MaskFilter ActiveX CLSID access (web-client.rules)
7947 <-> WEB-CLIENT DXImageTransform.Microsoft.MaskFilter ActiveX CLSID unicode access (web-client.rules)
7948 <-> WEB-CLIENT Microsoft Common Browser Architecture ActiveX CLSID access (web-client.rules)
7949 <-> WEB-CLIENT Microsoft Common Browser Architecture ActiveX CLSID unicode access (web-client.rules)
7950 <-> WEB-CLIENT Microsoft DirectAnimation Control ActiveX CLSID access (web-client.rules)
7951 <-> WEB-CLIENT Microsoft DirectAnimation Control ActiveX CLSID unicode access (web-client.rules)
7952 <-> WEB-CLIENT Microsoft DirectAnimation Windowed Control ActiveX CLSID access (web-client.rules)
7953 <-> WEB-CLIENT Microsoft DirectAnimation Windowed Control ActiveX CLSID unicode access (web-client.rules)
7954 <-> WEB-CLIENT Microsoft Forms 2.0 ComboBox ActiveX CLSID access (web-client.rules)
7955 <-> WEB-CLIENT Microsoft Forms 2.0 ComboBox ActiveX CLSID unicode access (web-client.rules)
7956 <-> WEB-CLIENT Microsoft Forms 2.0 ListBox ActiveX CLSID access (web-client.rules)
7957 <-> WEB-CLIENT Microsoft Forms 2.0 ListBox ActiveX CLSID unicode access (web-client.rules)
7958 <-> WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7959 <-> WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7970 <-> WEB-CLIENT PostBootReminder object ActiveX CLSID access (web-client.rules)
7971 <-> WEB-CLIENT PostBootReminder object ActiveX CLSID unicode access (web-client.rules)
7972 <-> WEB-CLIENT RealPlayer G2 Control ActiveX CLSID access (web-client.rules)
7973 <-> WEB-CLIENT RealPlayer G2 Control ActiveX CLSID unicode access (web-client.rules)
7974 <-> WEB-CLIENT Rendezvous Class ActiveX CLSID access (web-client.rules)
7975 <-> WEB-CLIENT Rendezvous Class ActiveX CLSID unicode access (web-client.rules)
7976 <-> WEB-CLIENT ShellFolder for CD Burning ActiveX CLSID access (web-client.rules)
7977 <-> WEB-CLIENT ShellFolder for CD Burning ActiveX CLSID unicode access (web-client.rules)
7981 <-> WEB-CLIENT Snapshot Viewer General Property Page Object ActiveX CLSID access (web-client.rules)
7982 <-> WEB-CLIENT Snapshot Viewer General Property Page Object ActiveX CLSID unicode access (web-client.rules)
7983 <-> WEB-CLIENT SuperBuddy Class ActiveX CLSID access (web-client.rules)
7984 <-> WEB-CLIENT SuperBuddy Class ActiveX CLSID unicode access (web-client.rules)
7985 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID access (web-client.rules)
7986 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access (web-client.rules)
7987 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID access (web-client.rules)
7988 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID unicode access (web-client.rules)
7989 <-> WEB-CLIENT WIA FileSystem USD ActiveX CLSID access (web-client.rules)
7990 <-> WEB-CLIENT WIA FileSystem USD ActiveX CLSID unicode access (web-client.rules)
7991 <-> WEB-CLIENT ACM Class Manager ActiveX CLSID access (web-client.rules)
7992 <-> WEB-CLIENT ACM Class Manager ActiveX CLSID unicode access (web-client.rules)
7993 <-> WEB-CLIENT clbcatex.dll ActiveX CLSID access (web-client.rules)
7994 <-> WEB-CLIENT clbcatex.dll ActiveX CLSID unicode access (web-client.rules)
7995 <-> WEB-CLIENT clbcatq.dll ActiveX CLSID access (web-client.rules)
7996 <-> WEB-CLIENT clbcatq.dll ActiveX CLSID unicode access (web-client.rules)
7997 <-> WEB-CLIENT CLSID_ApprenticeICW ActiveX CLSID access (web-client.rules)
7998 <-> WEB-CLIENT CLSID_ApprenticeICW ActiveX CLSID unicode access (web-client.rules)
7999 <-> WEB-CLIENT CLSID_CDIDeviceActionConfigPage ActiveX CLSID access (web-client.rules)
8000 <-> WEB-CLIENT CLSID_CDIDeviceActionConfigPage ActiveX CLSID unicode access (web-client.rules)
8001 <-> WEB-CLIENT CommunicationManager ActiveX CLSID access (web-client.rules)
8002 <-> WEB-CLIENT CommunicationManager ActiveX CLSID unicode access (web-client.rules)
8003 <-> WEB-CLIENT Content.mbcontent.1 ActiveX CLSID access (web-client.rules)
8004 <-> WEB-CLIENT Content.mbcontent.1 ActiveX CLSID unicode access (web-client.rules)
8005 <-> WEB-CLIENT DiskManagement.Connection ActiveX CLSID access (web-client.rules)
8006 <-> WEB-CLIENT DiskManagement.Connection ActiveX CLSID unicode access (web-client.rules)
8007 <-> WEB-CLIENT Dutch_Dutch Stemmer ActiveX CLSID access (web-client.rules)
8008 <-> WEB-CLIENT Dutch_Dutch Stemmer ActiveX CLSID unicode access (web-client.rules)
8009 <-> WEB-CLIENT English_UK Stemmer ActiveX CLSID access (web-client.rules)
8010 <-> WEB-CLIENT English_UK Stemmer ActiveX CLSID unicode access (web-client.rules)
8011 <-> WEB-CLIENT English_US Stemmer ActiveX CLSID access (web-client.rules)
8012 <-> WEB-CLIENT English_US Stemmer ActiveX CLSID unicode access (web-client.rules)
8013 <-> WEB-CLIENT French_French Stemmer ActiveX CLSID access (web-client.rules)
8014 <-> WEB-CLIENT French_French Stemmer ActiveX CLSID unicode access (web-client.rules)
8015 <-> WEB-CLIENT German_German Stemmer ActiveX CLSID access (web-client.rules)
8016 <-> WEB-CLIENT German_German Stemmer ActiveX CLSID unicode access (web-client.rules)
8017 <-> WEB-CLIENT ICM Class Manager ActiveX CLSID access (web-client.rules)
8018 <-> WEB-CLIENT ICM Class Manager ActiveX CLSID unicode access (web-client.rules)
8019 <-> WEB-CLIENT Internet Explorer Address Bar ActiveX CLSID access (web-client.rules)
8020 <-> WEB-CLIENT Internet Explorer Address Bar ActiveX CLSID unicode access (web-client.rules)
8021 <-> WEB-CLIENT ISSimpleCommandCreator.1 ActiveX CLSID access (web-client.rules)
8022 <-> WEB-CLIENT ISSimpleCommandCreator.1 ActiveX CLSID unicode access (web-client.rules)
8023 <-> WEB-CLIENT Italian_Italian Stemmer ActiveX CLSID access (web-client.rules)
8024 <-> WEB-CLIENT Italian_Italian Stemmer ActiveX CLSID unicode access (web-client.rules)
8025 <-> WEB-CLIENT Microsoft HTML Window Security Proxy ActiveX CLSID access (web-client.rules)
8026 <-> WEB-CLIENT Microsoft HTML Window Security Proxy ActiveX CLSID unicode access (web-client.rules)
8027 <-> WEB-CLIENT Microsoft WBEM Event Subsystem ActiveX CLSID access (web-client.rules)
8028 <-> WEB-CLIENT Microsoft WBEM Event Subsystem ActiveX CLSID unicode access (web-client.rules)
8029 <-> WEB-CLIENT MidiOut Class Manager ActiveX CLSID access (web-client.rules)
8030 <-> WEB-CLIENT MidiOut Class Manager ActiveX CLSID unicode access (web-client.rules)
8031 <-> WEB-CLIENT Mslablti.MarshalableTI.1 ActiveX CLSID access (web-client.rules)
8032 <-> WEB-CLIENT Mslablti.MarshalableTI.1 ActiveX CLSID unicode access (web-client.rules)
8033 <-> WEB-CLIENT QC.MessageMover.1 ActiveX CLSID access (web-client.rules)
8034 <-> WEB-CLIENT QC.MessageMover.1 ActiveX CLSID unicode access (web-client.rules)
8035 <-> WEB-CLIENT Spanish_Modern Stemmer ActiveX CLSID access (web-client.rules)
8036 <-> WEB-CLIENT Spanish_Modern Stemmer ActiveX CLSID unicode access (web-client.rules)
8037 <-> WEB-CLIENT Swedish_Default Stemmer ActiveX CLSID access (web-client.rules)
8038 <-> WEB-CLIENT Swedish_Default Stemmer ActiveX CLSID unicode access (web-client.rules)
8039 <-> WEB-CLIENT syncui.dll ActiveX CLSID access (web-client.rules)
8040 <-> WEB-CLIENT syncui.dll ActiveX CLSID unicode access (web-client.rules)
8041 <-> WEB-CLIENT VFW Capture Class Manager ActiveX CLSID access (web-client.rules)
8042 <-> WEB-CLIENT VFW Capture Class Manager ActiveX CLSID unicode access (web-client.rules)
8043 <-> WEB-CLIENT Video Effect Class Manager 1 Input ActiveX CLSID access (web-client.rules)
8044 <-> WEB-CLIENT Video Effect Class Manager 1 Input ActiveX CLSID unicode access (web-client.rules)
8045 <-> WEB-CLIENT Video Effect Class Manager 2 Input ActiveX CLSID access (web-client.rules)
8046 <-> WEB-CLIENT Video Effect Class Manager 2 Input ActiveX CLSID unicode access (web-client.rules)
8047 <-> WEB-CLIENT WaveIn Class Manager ActiveX CLSID access (web-client.rules)
8048 <-> WEB-CLIENT WaveIn Class Manager ActiveX CLSID unicode access (web-client.rules)
8049 <-> WEB-CLIENT WaveOut and DSound Class Manager ActiveX CLSID access (web-client.rules)
8050 <-> WEB-CLIENT WaveOut and DSound Class Manager ActiveX CLSID unicode access (web-client.rules)
8051 <-> WEB-CLIENT WDM Instance Provider ActiveX CLSID access (web-client.rules)
8052 <-> WEB-CLIENT WDM Instance Provider ActiveX CLSID unicode access (web-client.rules)
8053 <-> WEB-CLIENT DirectAnimation.PathControl ActiveX CLSID access (web-client.rules)
8054 <-> WEB-CLIENT DirectAnimation.PathControl ActiveX CLSID unicode access (web-client.rules)
8055 <-> WEB-CLIENT DirectAnimation.PathControl ActiveX function call access (web-client.rules)
8058 <-> WEB-CLIENT Mozilla javascript navigator object access (web-client.rules)
8061 <-> WEB-CLIENT ADODB.Stream ActiveX CLSID access (web-client.rules)
8062 <-> WEB-CLIENT ADODB.Stream ActiveX CLSID unicode access (web-client.rules)
8063 <-> WEB-CLIENT ADODB.Stream ActiveX function call access (web-client.rules)
8064 <-> WEB-CLIENT Scriptlet.Typelib ActiveX CLSID access (web-client.rules)
8065 <-> WEB-CLIENT Scriptlet.Typelib ActiveX CLSID unicode access (web-client.rules)
8066 <-> WEB-CLIENT Windows Scripting Host Shell ActiveX CLSID access (web-client.rules)
8067 <-> WEB-CLIENT Windows Scripting Host Shell ActiveX CLSID unicode access (web-client.rules)
8068 <-> WEB-CLIENT Windows Scripting Host Shell ActiveX function call access (web-client.rules)
8069 <-> WEB-CLIENT Microsoft Virtual Machine ActiveX CLSID access (web-client.rules)
8070 <-> WEB-CLIENT Microsoft Virtual Machine ActiveX CLSID unicode access (web-client.rules)
8071 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - search hijack (spyware-put.rules)
8072 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - surf monitor (spyware-put.rules)
8073 <-> SPYWARE-PUT Adware zango toolbar runtime detection (spyware-put.rules)
8091 <-> WEB-CLIENT RealPlayer Realpix file format string overflow attempt (web-client.rules)
8350 <-> WEB-CLIENT pub file download (web-client.rules)
8352 <-> SPYWARE-PUT Adware desktopmedia runtime detection - ads popup (spyware-put.rules)
8353 <-> SPYWARE-PUT Adware desktopmedia runtime detection - auto update (spyware-put.rules)
8354 <-> SPYWARE-PUT Adware desktopmedia runtime detection - surf monitoring (spyware-put.rules)
8355 <-> SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection (spyware-put.rules)
8356 <-> SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection - send log out through email (spyware-put.rules)
8357 <-> SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection - send alert out through email (spyware-put.rules)
8358 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - addressbar keyword search hijack (spyware-put.rules)
8359 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - target website display (spyware-put.rules)
8360 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - search info collect (spyware-put.rules)
8363 <-> WEB-CLIENT Business Object Factory ActiveX CLSID access (web-client.rules)
8364 <-> WEB-CLIENT Business Object Factory ActiveX CLSID unicode access (web-client.rules)
8365 <-> WEB-CLIENT DExplore.AppObj.8.0 ActiveX CLSID access (web-client.rules)
8366 <-> WEB-CLIENT DExplore.AppObj.8.0 ActiveX CLSID unicode access (web-client.rules)
8367 <-> WEB-CLIENT Microsoft.DbgClr.DTE.8.0 ActiveX CLSID access (web-client.rules)
8368 <-> WEB-CLIENT Microsoft.DbgClr.DTE.8.0 ActiveX CLSID unicode access (web-client.rules)
8369 <-> WEB-CLIENT WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (web-client.rules)
8370 <-> WEB-CLIENT WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID unicode access (web-client.rules)
8371 <-> WEB-CLIENT Outlook.Application ActiveX CLSID access (web-client.rules)
8372 <-> WEB-CLIENT Outlook.Application ActiveX CLSID unicode access (web-client.rules)
8373 <-> WEB-CLIENT VsmIDE.DTE ActiveX CLSID access (web-client.rules)
8374 <-> WEB-CLIENT VsmIDE.DTE ActiveX CLSID unicode access (web-client.rules)
8375 <-> WEB-CLIENT QuickTime Object ActiveX CLSID access (web-client.rules)
8376 <-> WEB-CLIENT QuickTime Object ActiveX CLSID unicode access (web-client.rules)
8377 <-> WEB-CLIENT RealPlayer Download Handler ActiveX CLSID access (web-client.rules)
8378 <-> WEB-CLIENT RealPlayer Download Handler ActiveX CLSID unicode access (web-client.rules)
8379 <-> WEB-CLIENT Xml2Dex ActiveX CLSID access (web-client.rules)
8380 <-> WEB-CLIENT Xml2Dex ActiveX CLSID unicode access (web-client.rules)
8381 <-> WEB-CLIENT RealPlayer SMIL Download Handler ActiveX CLSID access (web-client.rules)
8382 <-> WEB-CLIENT RealPlayer SMIL Download Handler ActiveX CLSID unicode access (web-client.rules)
8383 <-> WEB-CLIENT RealPlayer RAM Download Handler ActiveX CLSID access (web-client.rules)
8384 <-> WEB-CLIENT RealPlayer RAM Download Handler ActiveX CLSID unicode access (web-client.rules)
8385 <-> WEB-CLIENT RealPlayer Playback Handler ActiveX CLSID access (web-client.rules)
8386 <-> WEB-CLIENT RealPlayer Playback Handler ActiveX CLSID unicode access (web-client.rules)
8387 <-> WEB-CLIENT RealPlayer RNX Download Handler ActiveX CLSID access (web-client.rules)
8388 <-> WEB-CLIENT RealPlayer RNX Download Handler ActiveX CLSID unicode access (web-client.rules)
8389 <-> WEB-CLIENT RealPlayer RMP Download Handler ActiveX CLSID access (web-client.rules)
8390 <-> WEB-CLIENT RealPlayer RMP Download Handler ActiveX CLSID unicode access (web-client.rules)
8391 <-> WEB-CLIENT RFXInstMgr Class ActiveX CLSID access (web-client.rules)
8392 <-> WEB-CLIENT RFXInstMgr Class ActiveX CLSID unicode access (web-client.rules)
8393 <-> WEB-CLIENT WebDetectFrm ActiveX CLSID access (web-client.rules)
8394 <-> WEB-CLIENT WebDetectFrm ActiveX CLSID unicode access (web-client.rules)
8395 <-> WEB-CLIENT DX3DTransform.Microsoft.CrShatter ActiveX CLSID access (web-client.rules)
8396 <-> WEB-CLIENT DX3DTransform.Microsoft.CrShatter ActiveX CLSID unicode access (web-client.rules)
8397 <-> WEB-CLIENT Microsoft Office List 11.0 ActiveX CLSID access (web-client.rules)
8398 <-> WEB-CLIENT Microsoft Office List 11.0 ActiveX CLSID unicode access (web-client.rules)
8399 <-> WEB-CLIENT Microsoft.WebCapture ActiveX CLSID access (web-client.rules)
8400 <-> WEB-CLIENT Microsoft.WebCapture ActiveX CLSID unicode access (web-client.rules)
8401 <-> WEB-CLIENT Windows Media Services DRM Storage ActiveX CLSID access (web-client.rules)
8402 <-> WEB-CLIENT Windows Media Services DRM Storage ActiveX CLSID unicode access (web-client.rules)
8403 <-> WEB-CLIENT XML Schema Cache 6.0 ActiveX CLSID access (web-client.rules)
8404 <-> WEB-CLIENT XML Schema Cache 6.0 ActiveX CLSID unicode access (web-client.rules)
8405 <-> WEB-CLIENT  ActiveX clsid access (web-client.rules)
8406 <-> WEB-CLIENT  ActiveX clsid unicode access (web-client.rules)
8407 <-> WEB-CLIENT VisualExec Control ActiveX CLSID access (web-client.rules)
8408 <-> WEB-CLIENT VisualExec Control ActiveX CLSID unicode access (web-client.rules)
8409 <-> WEB-CLIENT RealPlayer Stream Handler ActiveX clsid access (web-client.rules)
8410 <-> WEB-CLIENT RealPlayer Stream Handler ActiveX clsid unicode access (web-client.rules)
8411 <-> WEB-CLIENT DocFind Command ActiveX CLSID access (web-client.rules)
8412 <-> WEB-CLIENT DocFind Command ActiveX CLSID unicode access (web-client.rules)
8413 <-> WEB-CLIENT HCP URI uplddrvinfo access (web-client.rules)
8414 <-> WEB-CLIENT GIF image width descriptor buffer overflow attempt (web-client.rules)
8416 <-> WEB-CLIENT VML fill method overflow attempt (web-client.rules)
8417 <-> WEB-CLIENT TriEditDocument.TriEditDocument ActiveX function call access (web-client.rules)
8418 <-> WEB-CLIENT DXImageTransform.Microsoft.RevealTrans ActiveX function call access (web-client.rules)
8419 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call access (web-client.rules)
8420 <-> WEB-CLIENT DXImageTransform.Microsoft.Gradient ActiveX function call access (web-client.rules)
8421 <-> WEB-CLIENT OWC11.DataSourceControl.11 ActiveX function call access (web-client.rules)
8423 <-> WEB-CLIENT CEnroll.CEnroll.2 ActiveX function call access (web-client.rules)
8424 <-> WEB-CLIENT Microsoft Forms 2.0 ListBox ActiveX function call access (web-client.rules)
8425 <-> WEB-CLIENT DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (web-client.rules)
8445 <-> WEB-CLIENT RTF file with embedded object package download attempt (web-client.rules)
8448 <-> WEB-CLIENT Excel colinfo XF record overflow attempt (web-client.rules)
8461 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - send userinfo (spyware-put.rules)
8462 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace info downloaded (spyware-put.rules)
8463 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace login info (spyware-put.rules)
8464 <-> SPYWARE-PUT Adware henbang runtime detection (spyware-put.rules)
8465 <-> SPYWARE-PUT Keylogger netobserve runtime detection - email notification (spyware-put.rules)
8466 <-> SPYWARE-PUT Keylogger netobserve runtime detection - email notification (spyware-put.rules)
8467 <-> SPYWARE-PUT Keylogger netobserve runtime detection - remote login response (spyware-put.rules)
8468 <-> SPYWARE-PUT Hijacker accoona runtime detection - collect info (spyware-put.rules)
8469 <-> SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url (spyware-put.rules)
8478 <-> WEB-CLIENT Microsoft Publisher file download attempt (web-client.rules)
8494 <-> MS-SQL/SMB formatmessage possible buffer overflow (sql.rules)
8495 <-> MS-SQL formatmessage possible buffer overflow (sql.rules)
8497 <-> MS-SQL sp_oacreate vulnerable function attempt (sql.rules)
8498 <-> MS-SQL/SMB sp_oacreate unicode vulnerable function attempt (sql.rules)
8499 <-> MS-SQL xp_displayparamstmt unicode vulnerable function attempt (sql.rules)
8510 <-> MS-SQL xp_oagetproperty vulnerable function attempt (sql.rules)
8511 <-> MS-SQL xp_oamethod unicode vulnerable function attempt (sql.rules)
8512 <-> MS-SQL xp_oamethod vulnerable function attempt (sql.rules)
8513 <-> MS-SQL/SMB xp_oamethod unicode vulnerable function attempt (sql.rules)
8514 <-> MS-SQL xp_oasetproperty unicode vulnerable function attempt (sql.rules)
8515 <-> MS-SQL/SMB xp_oasetproperty unicode vulnerable function attempt (sql.rules)
8516 <-> MS-SQL xp_oasetproperty vulnerable function attempt (sql.rules)
8517 <-> MS-SQL xp_peekqueue unicode vulnerable function attempt (sql.rules)
8518 <-> MS-SQL/SMB xp_peekqueue unicode vulnerable function attempt (sql.rules)
8519 <-> MS-SQL xp_peekqueue vulnerable function attempt (sql.rules)
8520 <-> MS-SQL xp_printstatements unicode vulnerable function attempt (sql.rules)
8521 <-> MS-SQL/SMB xp_printstatements unicode vulnerable function attempt (sql.rules)
8522 <-> MS-SQL xp_printstatements vulnerable function attempt (sql.rules)
8523 <-> MS-SQL xp_proxiedmetadata unicode vulnerable function attempt (sql.rules)
8524 <-> MS-SQL/SMB xp_proxiedmetadata unicode vulnerable function attempt (sql.rules)
8525 <-> MS-SQL xp_proxiedmetadata vulnerable function attempt (sql.rules)
8526 <-> MS-SQL xp_SetSQLSecurity unicode vulnerable function attempt (sql.rules)
8527 <-> MS-SQL/SMB xp_SetSQLSecurity unicode vulnerable function attempt (sql.rules)
8528 <-> MS-SQL xp_SetSQLSecurity vulnerable function attempt (sql.rules)
8529 <-> MS-SQL xp_showcolv unicode vulnerable function attempt (sql.rules)
8530 <-> MS-SQL/SMB xp_showcolv unicode vulnerable function attempt (sql.rules)
8531 <-> MS-SQL xp_showcolv vulnerable function attempt (sql.rules)
8532 <-> MS-SQL xp_sqlagent_monitor unicode vulnerable function attempt (sql.rules)
8533 <-> MS-SQL xp_sqlagent_monitor vulnerable function attempt (sql.rules)
8534 <-> MS-SQL/SMB xp_sqlagent_monitor unicode vulnerable function attempt (sql.rules)
8535 <-> MS-SQL xp_sqlinventory unicode vulnerable function attempt (sql.rules)
8536 <-> MS-SQL xp_sqlinventory vulnerable function attempt (sql.rules)
8537 <-> MS-SQL/SMB xp_sqlinventory unicode vulnerable function attempt (sql.rules)
8538 <-> MS-SQL xp_updatecolvbm unicode vulnerable function attempt (sql.rules)
8539 <-> MS-SQL/SMB xp_updatecolvbm unicode vulnerable function attempt (sql.rules)
8542 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (spyware-put.rules)
8543 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads (spyware-put.rules)
8544 <-> SPYWARE-PUT Keylogger nicespy runtime detection - smtp (spyware-put.rules)
8545 <-> SPYWARE-PUT Adware roogoo runtime detection - surfing monitor (spyware-put.rules)
8546 <-> SPYWARE-PUT Adware roogoo runtime detection - show ads (spyware-put.rules)
8717 <-> WEB-CLIENT VsaIDE.DTE ActiveX CLSID access (web-client.rules)
8718 <-> WEB-CLIENT VsaIDE.DTE ActiveX CLSID unicode access (web-client.rules)
8719 <-> WEB-CLIENT VisualStudio.DTE.8.0 ActiveX CLSID access (web-client.rules)
8720 <-> WEB-CLIENT VisualStudio.DTE.8.0 ActiveX CLSID unicode access (web-client.rules)
8721 <-> WEB-CLIENT Outlook Data Object ActiveX CLSID access (web-client.rules)
8722 <-> WEB-CLIENT Outlook Data Object ActiveX CLSID unicode access (web-client.rules)
8723 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid access (web-client.rules)
8724 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access (web-client.rules)
8725 <-> WEB-CLIENT System Monitor ActiveX CLSID access (web-client.rules)
8726 <-> WEB-CLIENT System Monitor ActiveX CLSID unicode access (web-client.rules)
8727 <-> WEB-CLIENT XMLHTTP 4.0 ActiveX clsid access (web-client.rules)
8728 <-> WEB-CLIENT XMLHTTP 4.0 ActiveX clsid unicode access (web-client.rules)
8735 <-> WEB-CLIENT BOWebAgent.Webagent.1 ActiveX CLSID access (web-client.rules)
8736 <-> WEB-CLIENT BOWebAgent.Webagent.1 ActiveX CLSID unicode access (web-client.rules)
8737 <-> WEB-CLIENT BOWebAgent.Webagent.1 ActiveX function call access (web-client.rules)
8738 <-> WEB-CLIENT Macrovision InstallShield Update Service ActiveX clsid access (web-client.rules)
8739 <-> WEB-CLIENT Macrovision InstallShield Update Service ActiveX clsid unicode access (web-client.rules)
8740 <-> WEB-CLIENT Macrovision InstallShield Update Service ActiveX function call access (web-client.rules)
8741 <-> WEB-CLIENT DirectAnimation.DAFontStyle.1 ActiveX CLSID access (web-client.rules)
8742 <-> WEB-CLIENT DirectAnimation.DAFontStyle.1 ActiveX CLSID unicode access (web-client.rules)
8743 <-> WEB-CLIENT DirectAnimation.DAFontStyle.1 ActiveX function call access (web-client.rules)
8744 <-> WEB-CLIENT DirectAnimation.DAEvent.1 ActiveX CLSID access (web-client.rules)
8745 <-> WEB-CLIENT DirectAnimation.DAEvent.1 ActiveX CLSID unicode access (web-client.rules)
8746 <-> WEB-CLIENT DirectAnimation.DAEvent.1 ActiveX function call access (web-client.rules)
8747 <-> WEB-CLIENT DirectAnimation.DAEndStyle.1 ActiveX CLSID access (web-client.rules)
8748 <-> WEB-CLIENT DirectAnimation.DAEndStyle.1 ActiveX CLSID unicode access (web-client.rules)
8749 <-> WEB-CLIENT DirectAnimation.DAEndStyle.1 ActiveX function call access (web-client.rules)
8750 <-> WEB-CLIENT LM.LMBehaviorFactory.1 ActiveX CLSID access (web-client.rules)
8751 <-> WEB-CLIENT LM.LMBehaviorFactory.1 ActiveX CLSID unicode access (web-client.rules)
8752 <-> WEB-CLIENT LM.LMBehaviorFactory.1 ActiveX function call access (web-client.rules)
8753 <-> WEB-CLIENT LM.AutoEffectBvr.1 ActiveX CLSID access (web-client.rules)
8754 <-> WEB-CLIENT LM.AutoEffectBvr.1 ActiveX CLSID unicode access (web-client.rules)
8755 <-> WEB-CLIENT LM.AutoEffectBvr.1 ActiveX function call access (web-client.rules)
8756 <-> WEB-CLIENT DirectAnimation.SpriteControl ActiveX CLSID access (web-client.rules)
8757 <-> WEB-CLIENT DirectAnimation.SpriteControl ActiveX CLSID unicode access (web-client.rules)
8758 <-> WEB-CLIENT DirectAnimation.SpriteControl ActiveX function call access (web-client.rules)
8759 <-> WEB-CLIENT DirectAnimation.SequencerControl ActiveX CLSID access (web-client.rules)
8760 <-> WEB-CLIENT DirectAnimation.SequencerControl ActiveX CLSID unicode access (web-client.rules)
8761 <-> WEB-CLIENT DirectAnimation.SequencerControl ActiveX function call access (web-client.rules)
8762 <-> WEB-CLIENT DirectAnimation.Sequence ActiveX CLSID access (web-client.rules)
8763 <-> WEB-CLIENT DirectAnimation.Sequence ActiveX CLSID unicode access (web-client.rules)
8764 <-> WEB-CLIENT DirectAnimation.Sequence ActiveX function call access (web-client.rules)
8765 <-> WEB-CLIENT DirectAnimation.DAView.1 ActiveX CLSID access (web-client.rules)
8766 <-> WEB-CLIENT DirectAnimation.DAView.1 ActiveX CLSID unicode access (web-client.rules)
8767 <-> WEB-CLIENT DirectAnimation.DAView.1 ActiveX function call access (web-client.rules)
8768 <-> WEB-CLIENT DirectAnimation.DAVector3.1 ActiveX CLSID access (web-client.rules)
8769 <-> WEB-CLIENT DirectAnimation.DAVector3.1 ActiveX CLSID unicode access (web-client.rules)
8770 <-> WEB-CLIENT DirectAnimation.DAVector3.1 ActiveX function call access (web-client.rules)
8771 <-> WEB-CLIENT DirectAnimation.DAVector2.1 ActiveX CLSID access (web-client.rules)
8772 <-> WEB-CLIENT DirectAnimation.DAVector2.1 ActiveX CLSID unicode access (web-client.rules)
8773 <-> WEB-CLIENT DirectAnimation.DAVector2.1 ActiveX function call access (web-client.rules)
8774 <-> WEB-CLIENT DirectAnimation.DAUserData.1 ActiveX CLSID access (web-client.rules)
8775 <-> WEB-CLIENT DirectAnimation.DAUserData.1 ActiveX CLSID unicode access (web-client.rules)
8776 <-> WEB-CLIENT DirectAnimation.DAUserData.1 ActiveX function call access (web-client.rules)
8777 <-> WEB-CLIENT DirectAnimation.DATransform3.1 ActiveX CLSID access (web-client.rules)
8778 <-> WEB-CLIENT DirectAnimation.DATransform3.1 ActiveX CLSID unicode access (web-client.rules)
8779 <-> WEB-CLIENT DirectAnimation.DATransform3.1 ActiveX function call access (web-client.rules)
8780 <-> WEB-CLIENT DirectAnimation.DATransform2.1 ActiveX CLSID access (web-client.rules)
8781 <-> WEB-CLIENT DirectAnimation.DATransform2.1 ActiveX CLSID unicode access (web-client.rules)
8782 <-> WEB-CLIENT DirectAnimation.DATransform2.1 ActiveX function call access (web-client.rules)
8783 <-> WEB-CLIENT DirectAnimation.DAString.1 ActiveX CLSID access (web-client.rules)
8784 <-> WEB-CLIENT DirectAnimation.DAString.1 ActiveX CLSID unicode access (web-client.rules)
8785 <-> WEB-CLIENT DirectAnimation.DAString.1 ActiveX function call access (web-client.rules)
8786 <-> WEB-CLIENT DirectAnimation.DASound.1 ActiveX CLSID access (web-client.rules)
8787 <-> WEB-CLIENT DirectAnimation.DASound.1 ActiveX CLSID unicode access (web-client.rules)
8788 <-> WEB-CLIENT DirectAnimation.DASound.1 ActiveX function call access (web-client.rules)
8789 <-> WEB-CLIENT DirectAnimation.DAPoint3.1 ActiveX CLSID access (web-client.rules)
8790 <-> WEB-CLIENT DirectAnimation.DAPoint3.1 ActiveX CLSID unicode access (web-client.rules)
8791 <-> WEB-CLIENT DirectAnimation.DAPoint3.1 ActiveX function call access (web-client.rules)
8792 <-> WEB-CLIENT DirectAnimation.DAPoint2.1 ActiveX CLSID access (web-client.rules)
8793 <-> WEB-CLIENT DirectAnimation.DAPoint2.1 ActiveX CLSID unicode access (web-client.rules)
8794 <-> WEB-CLIENT DirectAnimation.DAPoint2.1 ActiveX function call access (web-client.rules)
8795 <-> WEB-CLIENT DirectAnimation.DAPath4.1 ActiveX CLSID access (web-client.rules)
8796 <-> WEB-CLIENT DirectAnimation.DAPath4.1 ActiveX CLSID unicode access (web-client.rules)
8797 <-> WEB-CLIENT DirectAnimation.DAPath4.1 ActiveX function call access (web-client.rules)
8798 <-> WEB-CLIENT DirectAnimation.DAPair.1 ActiveX CLSID access (web-client.rules)
8799 <-> WEB-CLIENT DirectAnimation.DAPair.1 ActiveX CLSID unicode access (web-client.rules)
8800 <-> WEB-CLIENT DirectAnimation.DAPair.1 ActiveX function call access (web-client.rules)
8801 <-> WEB-CLIENT DirectAnimation.DANumber.1 ActiveX CLSID access (web-client.rules)
8802 <-> WEB-CLIENT DirectAnimation.DANumber.1 ActiveX CLSID unicode access (web-client.rules)
8803 <-> WEB-CLIENT DirectAnimation.DANumber.1 ActiveX function call access (web-client.rules)
8804 <-> WEB-CLIENT DirectAnimation.DAMontage.1 ActiveX CLSID access (web-client.rules)
8805 <-> WEB-CLIENT DirectAnimation.DAMontage.1 ActiveX CLSID unicode access (web-client.rules)
8806 <-> WEB-CLIENT DirectAnimation.DAMontage.1 ActiveX function call access (web-client.rules)
8807 <-> WEB-CLIENT DirectAnimation.DAMicrophone.1 ActiveX CLSID access (web-client.rules)
8808 <-> WEB-CLIENT DirectAnimation.DAMicrophone.1 ActiveX CLSID unicode access (web-client.rules)
8809 <-> WEB-CLIENT DirectAnimation.DAMicrophone.1 ActiveX function call access (web-client.rules)
8810 <-> WEB-CLIENT DirectAnimation.DAMatte.1 ActiveX CLSID access (web-client.rules)
8811 <-> WEB-CLIENT DirectAnimation.DAMatte.1 ActiveX CLSID unicode access (web-client.rules)
8812 <-> WEB-CLIENT DirectAnimation.DAMatte.1 ActiveX function call access (web-client.rules)
8813 <-> WEB-CLIENT DirectAnimation.DALineStyle.1 ActiveX CLSID access (web-client.rules)
8814 <-> WEB-CLIENT DirectAnimation.DALineStyle.1 ActiveX CLSID unicode access (web-client.rules)
8815 <-> WEB-CLIENT DirectAnimation.DALineStyle.1 ActiveX function call access (web-client.rules)
8816 <-> WEB-CLIENT DirectAnimation.DAJoinStyle.1 ActiveX CLSID access (web-client.rules)
8817 <-> WEB-CLIENT DirectAnimation.DAJoinStyle.1 ActiveX CLSID unicode access (web-client.rules)
8818 <-> WEB-CLIENT DirectAnimation.DAJoinStyle.1 ActiveX function call access (web-client.rules)
8819 <-> WEB-CLIENT DirectAnimation.DAImage.1 ActiveX CLSID access (web-client.rules)
8820 <-> WEB-CLIENT DirectAnimation.DAImage.1 ActiveX CLSID unicode access (web-client.rules)
8821 <-> WEB-CLIENT DirectAnimation.DAImage.1 ActiveX function call access (web-client.rules)
8822 <-> WEB-CLIENT DirectAnimation.DAGeometry.1 ActiveX CLSID access (web-client.rules)
8823 <-> WEB-CLIENT DirectAnimation.DAGeometry.1 ActiveX CLSID unicode access (web-client.rules)
8824 <-> WEB-CLIENT DirectAnimation.DAGeometry.1 ActiveX function call access (web-client.rules)
8825 <-> WEB-CLIENT DirectAnimation.DADashStyle.1 ActiveX CLSID access (web-client.rules)
8826 <-> WEB-CLIENT DirectAnimation.DADashStyle.1 ActiveX CLSID unicode access (web-client.rules)
8827 <-> WEB-CLIENT DirectAnimation.DADashStyle.1 ActiveX function call access (web-client.rules)
8828 <-> WEB-CLIENT DirectAnimation.DAColor.1 ActiveX CLSID access (web-client.rules)
8829 <-> WEB-CLIENT DirectAnimation.DAColor.1 ActiveX CLSID unicode access (web-client.rules)
8830 <-> WEB-CLIENT DirectAnimation.DAColor.1 ActiveX function call access (web-client.rules)
8831 <-> WEB-CLIENT DirectAnimation.DACamera.1 ActiveX CLSID access (web-client.rules)
8832 <-> WEB-CLIENT DirectAnimation.DACamera.1 ActiveX CLSID unicode access (web-client.rules)
8833 <-> WEB-CLIENT DirectAnimation.DACamera.1 ActiveX function call access (web-client.rules)
8834 <-> WEB-CLIENT DirectAnimation.DABoolean.1 ActiveX CLSID access (web-client.rules)
8835 <-> WEB-CLIENT DirectAnimation.DABoolean.1 ActiveX CLSID unicode access (web-client.rules)
8836 <-> WEB-CLIENT DirectAnimation.DABoolean.1 ActiveX function call access (web-client.rules)
8837 <-> WEB-CLIENT DirectAnimation.DABbox3.1 ActiveX CLSID access (web-client.rules)
8838 <-> WEB-CLIENT DirectAnimation.DABbox3.1 ActiveX CLSID unicode access (web-client.rules)
8839 <-> WEB-CLIENT DirectAnimation.DABbox3.1 ActiveX function call access (web-client.rules)
8840 <-> WEB-CLIENT DirectAnimation.DABbox2.1 ActiveX CLSID access (web-client.rules)
8841 <-> WEB-CLIENT DirectAnimation.DABbox2.1 ActiveX CLSID unicode access (web-client.rules)
8842 <-> WEB-CLIENT DirectAnimation.DABbox2.1 ActiveX function call access (web-client.rules)
8843 <-> WEB-CLIENT DirectAnimation.DAArray.1 ActiveX CLSID access (web-client.rules)
8844 <-> WEB-CLIENT DirectAnimation.DAArray.1 ActiveX CLSID unicode access (web-client.rules)
8845 <-> WEB-CLIENT DirectAnimation.DAArray.1 ActiveX function call access (web-client.rules)
8846 <-> WEB-CLIENT Microsoft Agent Character Custom Proxy Class ActiveX clsid access (web-client.rules)
8847 <-> WEB-CLIENT Microsoft Agent Character Custom Proxy Class ActiveX clsid unicode access (web-client.rules)
8848 <-> WEB-CLIENT Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (web-client.rules)
8849 <-> WEB-CLIENT Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid unicode access (web-client.rules)
8850 <-> WEB-CLIENT Microsoft Agent Custom Proxy Class ActiveX clsid access (web-client.rules)
8851 <-> WEB-CLIENT Microsoft Agent Custom Proxy Class ActiveX clsid unicode access (web-client.rules)
8852 <-> WEB-CLIENT Microsoft Agent v2.0 ActiveX clsid access (web-client.rules)
8853 <-> WEB-CLIENT Microsoft Agent v2.0 ActiveX clsid unicode access (web-client.rules)
8854 <-> WEB-CLIENT Microsoft Agent v2.0 ActiveX function call access (web-client.rules)
8855 <-> WEB-CLIENT Microsoft Agent v1.5 ActiveX clsid unicode access (web-client.rules)
8856 <-> WEB-CLIENT Microsoft Agent v1.5 ActiveX function call access (web-client.rules)
9129 <-> WEB-CLIENT WinZip FileView 6.1 ActiveX CLSID access (web-client.rules)
9130 <-> WEB-CLIENT WinZip FileView 6.1 ActiveX CLSID unicode access (web-client.rules)
9131 <-> WEB-CLIENT WinZip FileView 6.1 ActiveX function call access (web-client.rules)
9427 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX clsid access (web-client.rules)
9428 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX clsid unicode access (web-client.rules)
9429 <-> WEB-CLIENT Quicktime Movie link scripting security bypass attempt (web-client.rules)
9430 <-> WEB-CLIENT Quicktime Movie link file URI security bypass attempt (web-client.rules)
9432 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules)
9433 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules)
9434 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules)
9435 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules)
9436 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules)
9619 <-> WEB-CLIENT Gnu gv buffer overflow attempt (web-client.rules)
9625 <-> WEB-CLIENT Windows Media Player ASX file ref href buffer overflow attempt (web-client.rules)
9626 <-> WEB-CLIENT AcroPDF.PDF ActiveX clsid access (web-client.rules)
9627 <-> WEB-CLIENT AcroPDF.PDF ActiveX clsid unicode access (web-client.rules)
9628 <-> WEB-CLIENT javaprxy.dll ActiveX clsid unicode access (web-client.rules)
9629 <-> WEB-CLIENT Citrix.ICAClient ActiveX clsid access (web-client.rules)
9630 <-> WEB-CLIENT Citrix.ICAClient ActiveX clsid unicode access (web-client.rules)
9631 <-> WEB-CLIENT Citrix.ICAClient ActiveX function call access (web-client.rules)
9637 <-> WEB-CLIENT Adobe Download Manger dm.ini stack overflow attempt (web-client.rules)
9639 <-> WEB-CLIENT Windows Address Book download attempt (web-client.rules)
9640 <-> WEB-CLIENT ADODB.Connection ActiveX function call access (web-client.rules)
9641 <-> WEB-CLIENT Windows Media Player ASF simple index object parsing buffer overflow attempt (web-client.rules)
9642 <-> WEB-CLIENT Windows Media Player ASF codec list object parsing buffer overflow attempt (web-client.rules)
9643 <-> WEB-CLIENT Windows Media Player ASF marker object parsing buffer overflow attempt (web-client.rules)
9644 <-> SPYWARE-PUT Adware imnames runtime detection (spyware-put.rules)
9645 <-> SPYWARE-PUT Hijacker sogou runtime detection - keyword hijack (spyware-put.rules)
9646 <-> SPYWARE-PUT Hijacker sogou runtime detection - search through sogou toolbar (spyware-put.rules)
9647 <-> SPYWARE-PUT Keylogger system surveillance pro runtime detection (spyware-put.rules)
9648 <-> SPYWARE-PUT Keylogger emailspypro runtime detection (spyware-put.rules)
9649 <-> SPYWARE-PUT Keylogger ghost Keylogger runtime detection - flowbit set (spyware-put.rules)
9650 <-> SPYWARE-PUT Keylogger ghost Keylogger runtime detection (spyware-put.rules)
9651 <-> SPYWARE-PUT Hijacker ricercadoppia runtime detection (spyware-put.rules)
9652 <-> SPYWARE-PUT Hijacker oemji bar runtime detection (spyware-put.rules)
9668 <-> WEB-CLIENT Outlook Recipient Control ActiveX clsid access (web-client.rules)
9669 <-> WEB-CLIENT Outlook Recipient Control ActiveX clsid unicode access (web-client.rules)
9670 <-> WEB-CLIENT Outlook Recipient Control ActiveX function call access (web-client.rules)
9671 <-> WEB-CLIENT RealPlayer AutoStream.AutoStream.1 ActiveX clsid access (web-client.rules)
9672 <-> WEB-CLIENT RealPlayer AutoStream.AutoStream.1 ActiveX clsid unicode access (web-client.rules)
9673 <-> WEB-CLIENT RealPlayer AutoStream.AutoStream.1 ActiveX function call access (web-client.rules)
9793 <-> WEB-CLIENT YMMAPI.YMailAttach ActiveX clsid access (web-client.rules)
9794 <-> WEB-CLIENT YMMAPI.YMailAttach ActiveX clsid unicode access (web-client.rules)
9795 <-> WEB-CLIENT Panda ActiveScan ActiveScan.1 ActiveX clsid access (web-client.rules)
9796 <-> WEB-CLIENT Panda ActiveScan ActiveScan.1 ActiveX clsid unicode access (web-client.rules)
9797 <-> WEB-CLIENT Panda ActiveScan ActiveScan.1 ActiveX function call access (web-client.rules)
9798 <-> WEB-CLIENT Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (web-client.rules)
9799 <-> WEB-CLIENT Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid unicode access (web-client.rules)
9800 <-> WEB-CLIENT Panda ActiveScan PAVPZ.SOS.1 ActiveX function call access (web-client.rules)
9801 <-> WEB-CLIENT Windows Media Player or Explorer Malformed RIFF File denial of service attempt (web-client.rules)
9812 <-> WEB-CLIENT Yahoo Messenger YMailAttach ActiveX function call access (web-client.rules)
9814 <-> WEB-CLIENT ICQPhone.SipxPhoneManager ActiveX clsid access (web-client.rules)
9817 <-> WEB-CLIENT CEnroll.CEnroll.2 ActiveX clsid access (web-client.rules)
9818 <-> WEB-CLIENT CEnroll.CEnroll.2 ActiveX clsid unicode access (web-client.rules)
9820 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call access (web-client.rules)
9821 <-> WEB-CLIENT TriEditDocument.TriEditDocument ActiveX clsid access (web-client.rules)
9822 <-> WEB-CLIENT TriEditDocument.TriEditDocument ActiveX clsid unicode access (web-client.rules)
9827 <-> SPYWARE-PUT Keylogger paq keylog runtime detection - smtp (spyware-put.rules)
9828 <-> SPYWARE-PUT Keylogger paq keylog runtime detection - ftp (spyware-put.rules)
9829 <-> SPYWARE-PUT Trackware relevantknowledge runtime detection (spyware-put.rules)
9830 <-> SPYWARE-PUT Keylogger supreme spy runtime detection (spyware-put.rules)
9831 <-> SPYWARE-PUT Adware u88 runtime detection (spyware-put.rules)
10088 <-> SPYWARE-PUT Keylogger beyond Keylogger runtime detection - log sent by smtp (spyware-put.rules)
10089 <-> SPYWARE-PUT Keylogger beyond Keylogger runtime detection - log sent by ftp (spyware-put.rules)
10090 <-> SPYWARE-PUT Trickler zango easymessenger runtime detection (spyware-put.rules)
10091 <-> SPYWARE-PUT Hacker-Tool spylply.a runtime detection (spyware-put.rules)
10092 <-> SPYWARE-PUT Trackware russian searchbar runtime detection (spyware-put.rules)
10093 <-> SPYWARE-PUT Hijacker kuaiso toolbar runtime detection (spyware-put.rules)
10094 <-> SPYWARE-PUT Adware borlan runtime detection (spyware-put.rules)
10095 <-> SPYWARE-PUT Trackware bydou runtime detection (spyware-put.rules)
10096 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - keylog (spyware-put.rules)
10097 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection (spyware-put.rules)
10098 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - get system info (spyware-put.rules)
10099 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection (spyware-put.rules)
10100 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - open website (spyware-put.rules)
10164 <-> SPYWARE-PUT Adware adclicker-ej runtime detection (spyware-put.rules)
10165 <-> SPYWARE-PUT Keylogger mybr Keylogger runtime detection (spyware-put.rules)
10166 <-> SPYWARE-PUT Trackware baigoo runtime detection (spyware-put.rules)
10167 <-> SPYWARE-PUT Keylogger radar spy 1.0 runtime detection - send html log (spyware-put.rules)
10179 <-> SPYWARE-PUT Trackware bysoo runtime detection (spyware-put.rules)
10180 <-> SPYWARE-PUT Adware eqiso runtime detection (spyware-put.rules)
10181 <-> SPYWARE-PUT Keylogger systemsleuth runtime detection (spyware-put.rules)
10182 <-> SPYWARE-PUT Adware newweb runtime detection (spyware-put.rules)
10183 <-> SPYWARE-PUT Keylogger activity Keylogger runtime detection (spyware-put.rules)
10435 <-> SPYWARE-PUT Trackware admedia runtime detection (spyware-put.rules)
10436 <-> SPYWARE-PUT Keylogger keyspy runtime detection (spyware-put.rules)
10437 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules)
10438 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules)
10439 <-> SPYWARE-PUT Adware mokead runtime detection (spyware-put.rules)
10440 <-> SPYWARE-PUT Keylogger pc black box runtime detection (spyware-put.rules)
10441 <-> SPYWARE-PUT Hacker-Tool statwin runtime detection (spyware-put.rules)
11305 <-> SPYWARE-PUT Snoopware childwebguardian runtime detection - send log through smtp (spyware-put.rules)
11306 <-> SPYWARE-PUT Snoopware childwebguardian runtime detection - udp broadcast (spyware-put.rules)
11307 <-> SPYWARE-PUT Keylogger computer monitor Keylogger runtime detection (spyware-put.rules)
11308 <-> SPYWARE-PUT Other-Technologies spydawn runtime detection - update checking (spyware-put.rules)
11309 <-> SPYWARE-PUT Keylogger sskc v2.0 runtime detection (spyware-put.rules)
11310 <-> SPYWARE-PUT Trickler iowa webdownloader - icq notification (spyware-put.rules)
11311 <-> SPYWARE-PUT Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (spyware-put.rules)
11312 <-> SPYWARE-PUT Trackware uplink runtime detection (spyware-put.rules)
11313 <-> SPYWARE-PUT Other-Technologies spywarelocker 3.3 runtime detection - update checking (spyware-put.rules)
12147 <-> BACKDOOR blue eye 1.0b runtime detection - init connection (backdoor.rules)
12212 <-> IMAP Ipswitch IMail literal search date command buffer overflow attempt (imap.rules)
12619 <-> EXPLOIT Microsoft Exchange ical/vcal malformed property (exploit.rules)
12704 <-> SMTP Lotus Notes MIF viewer MIFFILE comment overflow (smtp.rules)
12705 <-> SMTP Lotus Notes MIF viewer statement overflow (smtp.rules)
12706 <-> SMTP Lotus Notes MIF viewer statement data overflow (smtp.rules)
13219 <-> WEB-CLIENT HP Software Update RulesEngine.dll ActiveX clsid access (web-client.rules)
13220 <-> WEB-CLIENT HP Software Update RulesEngine.dll ActiveX clsid unicode access (web-client.rules)
13232 <-> WEB-CLIENT Persits Software XUpload ActiveX clsid access (web-client.rules)
13233 <-> WEB-CLIENT Persits Software XUpload ActiveX clsid unicode access (web-client.rules)
13234 <-> WEB-CLIENT Persits Software XUpload ActiveX function call access (web-client.rules)
13235 <-> WEB-CLIENT Persits Software XUpload ActiveX function call unicode access (web-client.rules)
13309 <-> WEB-MISC Apache http server mod_proxy http request crafted date handling denial of service attempt (web-misc.rules)
13310 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules)
13311 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules)
13316 <-> WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt (web-client.rules)
13317 <-> WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt (web-client.rules)
13318 <-> WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt (web-client.rules)
13319 <-> WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt (web-client.rules)
13320 <-> WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt (web-client.rules)