Sourcefire VRT Rules Update

Date: 2009-03-03

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8.

The format of the file is:

sid - Message (rule group, priority)

New rules:
15367 <-> SMTP outlook web access script injection attempt (smtp.rules, High)
15368 <-> WEB-ACTIVEX FathFTP ActiveX clsid access (web-activex.rules, High)
15369 <-> WEB-ACTIVEX FathFTP ActiveX clsid unicode access (web-activex.rules, High)
15370 <-> WEB-ACTIVEX FathFTP ActiveX function call access (web-activex.rules, High)
15371 <-> WEB-ACTIVEX FathFTP ActiveX function call unicode access (web-activex.rules, High)
15372 <-> WEB-ACTIVEX iDefense COMRaider ActiveX clsid access (web-activex.rules, High)
15373 <-> WEB-ACTIVEX iDefense COMRaider ActiveX clsid unicode access (web-activex.rules, High)
15374 <-> WEB-ACTIVEX iDefense COMRaider ActiveX function call access (web-activex.rules, High)
15375 <-> WEB-ACTIVEX iDefense COMRaider ActiveX function call unicode access (web-activex.rules, High)
15376 <-> WEB-ACTIVEX Sopcast SopCore ActiveX clsid access (web-activex.rules, High)
15377 <-> WEB-ACTIVEX Sopcast SopCore ActiveX clsid unicode access (web-activex.rules, High)
15378 <-> WEB-ACTIVEX Sopcast SopCore ActiveX function call access (web-activex.rules, High)
15379 <-> WEB-ACTIVEX Sopcast SopCore ActiveX function call unicode access (web-activex.rules, High)
15380 <-> WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid access (web-activex.rules, High)
15381 <-> WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid unicode access (web-activex.rules, High)
15382 <-> SPECIFIC-THREATS X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow attempt (specific-threats.rules, High)
15383 <-> SPECIFIC-THREATS Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (specific-threats.rules, High)
15384 <-> WEB-CLIENT Apple QuickTime pict image poly structure memory corruption attempt (web-client.rules, High)
15385 <-> WEB-MISC vqf file request (web-misc.rules, Low)

Updated rules:
3656 <-> SMTP MDaemon 6.5.1 and prior versions MAIL overflow attempt (smtp.rules, High)
5742 <-> SPYWARE-PUT Keylogger activitylogger runtime detection (spyware-put.rules, Medium)
5743 <-> SPYWARE-PUT Hijacker actualnames runtime detection - plugin list (spyware-put.rules, Low)
5744 <-> SPYWARE-PUT Hijacker actualnames runtime detection - online.php request (spyware-put.rules, Low)
5749 <-> SPYWARE-PUT Trackware alexa runtime detection (spyware-put.rules, Medium)
5750 <-> SPYWARE-PUT Adware dogpile runtime detection (spyware-put.rules, Low)
5760 <-> SPYWARE-PUT Hijacker marketscore runtime detection (spyware-put.rules, Low)
5764 <-> SPYWARE-PUT Hijacker begin2search runtime detection - fcgi query (spyware-put.rules, Low)
5765 <-> SPYWARE-PUT Hijacker begin2search runtime detection - ico query (spyware-put.rules, Low)
5767 <-> SPYWARE-PUT Hijacker begin2search runtime detection - download unauthorized code (spyware-put.rules, Low)
5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules, Low)
5769 <-> SPYWARE-PUT Hijacker begin2search runtime detection - play bingo ads (spyware-put.rules, Low)
5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules, Medium)
5773 <-> SPYWARE-PUT Adware forbes runtime detection (spyware-put.rules, Low)
5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules, Low)
5775 <-> SPYWARE-PUT Hijacker freescratch runtime detection - scratch card (spyware-put.rules, Low)
5776 <-> SPYWARE-PUT Trickler grokster runtime detection (spyware-put.rules, Low)
5777 <-> SPYWARE-PUT Keylogger gurl watcher runtime detection (spyware-put.rules, Medium)
5778 <-> SPYWARE-PUT Keylogger runtime detection - hwpe windows activity logs (spyware-put.rules, Medium)
5779 <-> SPYWARE-PUT Keylogger runtime detection - hwpe shell file logs (spyware-put.rules, Medium)
5780 <-> SPYWARE-PUT Keylogger runtime detection - hwpe word filtered echelon log (spyware-put.rules, Medium)
5781 <-> SPYWARE-PUT Keylogger runtime detection - hwae windows activity logs (spyware-put.rules, Medium)
5782 <-> SPYWARE-PUT Keylogger runtime detection - hwae word filtered echelon log (spyware-put.rules, Medium)
5783 <-> SPYWARE-PUT Keylogger runtime detection - hwae keystrokes log (spyware-put.rules, Medium)
5784 <-> SPYWARE-PUT Keylogger runtime detection - hwae urls browsed log (spyware-put.rules, Medium)
5787 <-> SPYWARE-PUT Adware hithopper runtime detection - search (spyware-put.rules, Low)
5788 <-> SPYWARE-PUT Adware hithopper runtime detection - click toolbar buttons (spyware-put.rules, Low)
5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules, Medium)
5790 <-> SPYWARE-PUT Keylogger pc actmon pro runtime detection - smtp (spyware-put.rules, Medium)
5795 <-> SPYWARE-PUT Adware ist powerscan runtime detection (spyware-put.rules, Low)
5796 <-> SPYWARE-PUT Adware keenvalue runtime detection (spyware-put.rules, Low)
5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules, Medium)
5801 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (spyware-put.rules, Medium)
5802 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 2 (spyware-put.rules, Medium)
5803 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (spyware-put.rules, Medium)
5808 <-> SPYWARE-PUT Hijacker shop at home search merchant redirect check (spyware-put.rules, Low)
5812 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - email notification (spyware-put.rules, Low)
5814 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (spyware-put.rules, Low)
5818 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules, Low)
5819 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules, Low)
5821 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (spyware-put.rules, Low)
5822 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules, Low)
5823 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules, Low)
5824 <-> SPYWARE-PUT Dialer stripplayer runtime detection (spyware-put.rules, Low)
5831 <-> SPYWARE-PUT Hijacker comet systems runtime detection - update requests (spyware-put.rules, Low)
5832 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 1 (spyware-put.rules, Low)
5833 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 2 (spyware-put.rules, Low)
5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules, Low)
5835 <-> SPYWARE-PUT Adware gamespy_arcade runtime detection (spyware-put.rules, Low)
5836 <-> SPYWARE-PUT Trickler nictech.bm2 runtime detection (spyware-put.rules, Low)
5837 <-> SPYWARE-PUT Trackware ucmore runtime detection - track activity (spyware-put.rules, Medium)
5838 <-> SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (spyware-put.rules, Medium)
5839 <-> SPYWARE-PUT Trackware ucmore runtime detection - click sponsor/ad link (spyware-put.rules, Medium)
5840 <-> SPYWARE-PUT Hijacker sep runtime detection (spyware-put.rules, Low)
5844 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - post request (spyware-put.rules, Low)
5848 <-> SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (spyware-put.rules, Low)
5849 <-> SPYWARE-PUT Adware warez_p2p runtime detection - update request (spyware-put.rules, Low)
5850 <-> SPYWARE-PUT Adware warez_p2p runtime detection - check update (spyware-put.rules, Low)
5851 <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules, Low)
5852 <-> SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (spyware-put.rules, Low)
5853 <-> SPYWARE-PUT Adware warez_p2p runtime detection - download ads (spyware-put.rules, Low)
5854 <-> SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (spyware-put.rules, Low)
5857 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - mysaconfg request (spyware-put.rules, Low)
5858 <-> SPYWARE-PUT Adware praizetoolbar runtime detection (spyware-put.rules, Low)
5859 <-> SPYWARE-PUT Hijacker daosearch runtime detection - information request (spyware-put.rules, Low)
5860 <-> SPYWARE-PUT Hijacker daosearch runtime detection - search hijack (spyware-put.rules, Low)
5861 <-> SPYWARE-PUT Hijacker isearch runtime detection - toolbar information request (spyware-put.rules, Low)
5862 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 1 (spyware-put.rules, Low)
5863 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 2 (spyware-put.rules, Low)
5865 <-> SPYWARE-PUT Adware zapspot runtime detection - pop up ads (spyware-put.rules, Low)
5866 <-> SPYWARE-PUT Hijacker couponbar runtime detection - download new coupon offers and links (spyware-put.rules, Low)
5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules, Low)
5868 <-> SPYWARE-PUT Hijacker couponbar runtime detection - view coupon offers (spyware-put.rules, Low)
5872 <-> SPYWARE-PUT Snoopware hyperlinker runtime detection (spyware-put.rules, Medium)
5873 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules, Medium)
5874 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules, Medium)
5877 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - startup access (spyware-put.rules, Low)
5878 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - configuration retrieval (spyware-put.rules, Low)
5879 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - update notification (spyware-put.rules, Low)
5880 <-> SPYWARE-PUT Keylogger spyagent runtime detect - smtp delivery (spyware-put.rules, Medium)
5881 <-> SPYWARE-PUT Keylogger spyagent runtime detect - ftp delivery (spyware-put.rules, Medium)
5882 <-> SPYWARE-PUT Keylogger spyagent runtime detect - alert notification (spyware-put.rules, Medium)
5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules, Low)
5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules, Low)
5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules, Medium)
5893 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - search keyword (spyware-put.rules, Medium)
5898 <-> SPYWARE-PUT Trackware adtools runtime detection - track user activity (spyware-put.rules, Medium)
5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime detection - generate desktop alert (spyware-put.rules, Medium)
5900 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - collect information (spyware-put.rules, Medium)
5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - download self-update (spyware-put.rules, Medium)
5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules, Low)
5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules, Low)
5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules, Low)
5907 <-> SPYWARE-PUT Trackware e2give runtime detection - check update (spyware-put.rules, Medium)
5908 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 1 (spyware-put.rules, Medium)
5909 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 2 (spyware-put.rules, Medium)
5910 <-> SPYWARE-PUT Trackware casalemedia runtime detection (spyware-put.rules, Medium)
5913 <-> SPYWARE-PUT Trickler smasoft webdownloader runtime detection (spyware-put.rules, Low)
5914 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - configuration download (spyware-put.rules, Low)
5917 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - toolbar search (spyware-put.rules, Low)
5918 <-> SPYWARE-PUT Hijacker painter runtime detection - ping 'alive' signal (spyware-put.rules, Low)
5919 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect to klikvipsearch (spyware-put.rules, Low)
5920 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect yahoo search through online-casino-searcher (spyware-put.rules, Low)
5921 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - send user url request (spyware-put.rules, Medium)
5922 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - display advertisement news (spyware-put.rules, Medium)
5923 <-> SPYWARE-PUT Adware active shopper runtime detection - side search request (spyware-put.rules, Low)
5924 <-> SPYWARE-PUT Adware active shopper runtime detection - redirect (spyware-put.rules, Low)
5925 <-> SPYWARE-PUT Adware active shopper runtime detection - check (spyware-put.rules, Low)
5927 <-> SPYWARE-PUT Adware cashbar runtime detection - .smx requests (spyware-put.rules, Low)
5928 <-> SPYWARE-PUT Adware cashbar runtime detection - ads request (spyware-put.rules, Low)
5929 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 1 (spyware-put.rules, Low)
5930 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 2 (spyware-put.rules, Low)
5933 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 1 (spyware-put.rules, Low)
5934 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 2 (spyware-put.rules, Low)
5935 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 3 (spyware-put.rules, Low)
5936 <-> SPYWARE-PUT Hijacker dropspam runtime detection - side search (spyware-put.rules, Low)
5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules, Low)
5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules, Low)
5940 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - search request (spyware-put.rules, Medium)
5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules, Medium)
5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules, Medium)
5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules, Medium)
5944 <-> SPYWARE-PUT Adware free access bar runtime detection 1 (spyware-put.rules, Low)
5945 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - track.cgi request (spyware-put.rules, Low)
5948 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (spyware-put.rules, Low)
5950 <-> SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (spyware-put.rules, Medium)
5951 <-> SPYWARE-PUT Trackware iggsey toolbar detection - search request (spyware-put.rules, Medium)
5952 <-> SPYWARE-PUT Hijacker 123mania runtime detection - autosearch hijacking (spyware-put.rules, Low)
5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules, Low)
5954 <-> SPYWARE-PUT Trackware browserpal runtime detection - post user info to server (spyware-put.rules, Medium)
5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules, Medium)
5956 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 icq notification of server installation (spyware-put.rules, Low)
5960 <-> SPYWARE-PUT Hijacker raxsearch detection - pop-up raxsearch window (spyware-put.rules, Low)
5961 <-> SPYWARE-PUT Hijacker searchfast detection - news ticker (spyware-put.rules, Low)
5962 <-> SPYWARE-PUT Hijacker searchfast detection - catch search keyword (spyware-put.rules, Low)
5964 <-> SPYWARE-PUT Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (spyware-put.rules, Low)
5965 <-> SPYWARE-PUT Hijacker searchfast detection - get toolbar cfg (spyware-put.rules, Low)
5966 <-> SPYWARE-PUT trackware searchinweb detection - search request (spyware-put.rules, Medium)
5967 <-> SPYWARE-PUT trackware searchinweb detection - click result links (spyware-put.rules, Medium)
5968 <-> SPYWARE-PUT trackware searchinweb detection - redirect (spyware-put.rules, Medium)
5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules, Medium)
5970 <-> SPYWARE-PUT hijacker smart finder detection - keys update (spyware-put.rules, Low)
5971 <-> SPYWARE-PUT hijacker smart finder detection - track hits (spyware-put.rules, Low)
5972 <-> SPYWARE-PUT hijacker smart finder detection - ie autosearch hijack 1 (spyware-put.rules, Low)
5973 <-> SPYWARE-PUT hijacker smart finder detection - search engines hijack (spyware-put.rules, Low)
5974 <-> SPYWARE-PUT hijacker smart finder detection - pop-up ads (spyware-put.rules, Low)
5975 <-> SPYWARE-PUT hijacker topfive searchassistant detection - search request (spyware-put.rules, Low)
5976 <-> SPYWARE-PUT hijacker topfive searchassistant detection - side search (spyware-put.rules, Low)
5977 <-> SPYWARE-PUT hijacker topfive searchassistant detection - post user information to server (spyware-put.rules, Low)
5978 <-> SPYWARE-PUT hijacker topfive searchassistant detection - update (spyware-put.rules, Low)
5979 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - track user ip address (spyware-put.rules, Medium)
5980 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - display advertisement (spyware-put.rules, Medium)
5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules, Low)
5984 <-> SPYWARE-PUT Trackware push toolbar installtime detection - user information collect (spyware-put.rules, Medium)
5986 <-> SPYWARE-PUT Trickler teomasearchbar runtime detection (spyware-put.rules, Low)
5987 <-> SPYWARE-PUT Hijacker wishbone runtime detection (spyware-put.rules, Low)
5988 <-> SPYWARE-PUT Trackware windupdates-mediagateway runtime detection - post data (spyware-put.rules, Medium)
5989 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get config (spyware-put.rules, Low)
5990 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (spyware-put.rules, Low)
5991 <-> SPYWARE-PUT Hijacker getmirar runtime detection - search request (spyware-put.rules, Low)
5992 <-> SPYWARE-PUT Hijacker getmirar runtime detection - get keyword-related content (spyware-put.rules, Low)
5994 <-> SPYWARE-PUT Hijacker getmirar runtime detection - click related button (spyware-put.rules, Low)
5995 <-> SPYWARE-PUT Adware offeragent runtime detection - information checking (spyware-put.rules, Low)
5996 <-> SPYWARE-PUT Adware offeragent runtime detection - ads request (spyware-put.rules, Low)
6184 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - config upload (spyware-put.rules, Low)
6185 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - reporting keyword (spyware-put.rules, Low)
6186 <-> SPYWARE-PUT Other-Technologies SpywareStrike Runtime Detection (spyware-put.rules, Low)
6189 <-> SPYWARE-PUT Trackware try2find detection (spyware-put.rules, Medium)
6191 <-> SPYWARE-PUT Trackware onetoolbar runtime detection (spyware-put.rules, Medium)
6192 <-> SPYWARE-PUT Adware seekmo runtime detection - reporting keyword (spyware-put.rules, Low)
6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules, Low)
6194 <-> SPYWARE-PUT Adware seekmo runtime detection - config upload (spyware-put.rules, Low)
6195 <-> SPYWARE-PUT Adware seekmo runtime detection - download .cab (spyware-put.rules, Low)
6196 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - services requests (spyware-put.rules, Low)
6197 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (spyware-put.rules, Low)
6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules, Medium)
6199 <-> SPYWARE-PUT Hijacker smart search runtime detection - hijack/ads (spyware-put.rules, Low)
6200 <-> SPYWARE-PUT Hijacker smart search runtime detection - get settings (spyware-put.rules, Low)
6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules, Low)
6203 <-> SPYWARE-PUT Trickler farmmext runtime detection - drk.syn request (spyware-put.rules, Low)
6204 <-> SPYWARE-PUT Trickler farmmext runtime detection - track activity (spyware-put.rules, Low)
6207 <-> SPYWARE-PUT Keylogger winsession runtime detection - smtp (spyware-put.rules, Medium)
6208 <-> SPYWARE-PUT Keylogger winsession runtime detection - ftp (spyware-put.rules, Medium)
6209 <-> SPYWARE-PUT Adware deskwizz/zquest runtime detection - get config information / ad banner (spyware-put.rules, Low)
6211 <-> SPYWARE-PUT Adware deskwizz runtime detection - pop-up ad request (spyware-put.rules, Low)
6212 <-> SPYWARE-PUT Adware commonname runtime detection (spyware-put.rules, Low)
6213 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (spyware-put.rules, Low)
6216 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - config (spyware-put.rules, Low)
6217 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 1 (spyware-put.rules, Low)
6220 <-> SPYWARE-PUT Keylogger boss everyware runtime detection (spyware-put.rules, Medium)
6221 <-> SPYWARE-PUT Keylogger computerspy runtime detection (spyware-put.rules, Medium)
6222 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - contact server (spyware-put.rules, Low)
6223 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - retrieve schedule (spyware-put.rules, Low)
6224 <-> SPYWARE-PUT Hijacker ieplugin runtime detection - search (spyware-put.rules, Low)
6225 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - getsize request (spyware-put.rules, Low)
6226 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - request (spyware-put.rules, Low)
6227 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - bullseye network side search frame (spyware-put.rules, Low)
6228 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - disclaimer text (spyware-put.rules, Low)
6230 <-> SPYWARE-PUT Hijacker i-lookup runtime detection (spyware-put.rules, Low)
6232 <-> SPYWARE-PUT Adware mirar runtime detection - thumbnail (spyware-put.rules, Low)
6233 <-> SPYWARE-PUT Adware mirar runtime detection - delayed (spyware-put.rules, Low)
6234 <-> SPYWARE-PUT Adware mirar runtime detection - ads (spyware-put.rules, Low)
6236 <-> SPYWARE-PUT Adware lop runtime detection - pass info to server (spyware-put.rules, Low)
6237 <-> SPYWARE-PUT Adware lop runtime detection - check update request (spyware-put.rules, Low)
6238 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 1 (spyware-put.rules, Low)
6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules, Low)
6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules, Low)
6241 <-> SPYWARE-PUT Adware lop runtime detection - ie autosearch hijack (spyware-put.rules, Low)
6243 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - home page hijack (spyware-put.rules, Low)
6244 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - ie auto search hijack (spyware-put.rules, Low)
6246 <-> SPYWARE-PUT Hijacker exact navisearch runtime detection - search hijack (spyware-put.rules, Low)
6247 <-> SPYWARE-PUT Adware ezula toptext runtime detection - help redirect (spyware-put.rules, Low)
6248 <-> SPYWARE-PUT Adware ezula toptext runtime detection - popup (spyware-put.rules, Low)
6250 <-> SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (spyware-put.rules, Low)
6251 <-> SPYWARE-PUT Adware hotbar runtime detection - hostie user-agent (spyware-put.rules, Low)
6252 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - search request (spyware-put.rules, Medium)
6253 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - log user ativity (spyware-put.rules, Medium)
6254 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - redirect (spyware-put.rules, Medium)
6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules, Medium)
6257 <-> SPYWARE-PUT Adware searchsquire runtime detection - testgeonew query (spyware-put.rules, Low)
6260 <-> SPYWARE-PUT Adware overpro runtime detection (spyware-put.rules, Low)
6261 <-> SPYWARE-PUT Trickler slinkyslate toolbar runtime detection (spyware-put.rules, Low)
6270 <-> SPYWARE-PUT Hijacker topicks runtime detection (spyware-put.rules, Low)
6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules, Low)
6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules, Low)
6278 <-> SPYWARE-PUT Trickler navexcel search toolbar runtime detection - activate/update (spyware-put.rules, Low)
6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules, Low)
6281 <-> SPYWARE-PUT Hijacker yoursitebar runtime detection (spyware-put.rules, Low)
6282 <-> SPYWARE-PUT Hijacker customtoolbar runtime detection (spyware-put.rules, Low)
6340 <-> SPYWARE-PUT Keylogger handy keylogger runtime detection (spyware-put.rules, Medium)
6341 <-> SPYWARE-PUT Hijacker spediabar user-agent string detected (spyware-put.rules, Low)
6342 <-> SPYWARE-PUT Hijacker spediabar runtime detection - info check (spyware-put.rules, Low)
10062 <-> WEB-CLIENT Java Virtual Machine malformed GIF buffer overflow attempt (web-client.rules, High)
12070 <-> EXPLOIT Microsoft Excel malformed version field (exploit.rules, High)
12741 <-> EXPLOIT Apple Quicktime TCP RTSP sdp type buffer overflow attempt (exploit.rules, High)
12742 <-> EXPLOIT Apple Quicktime UDP RTSP sdp type buffer overflow attempt (exploit.rules, High)