Sourcefire VRT Rules Update
Date: 2010-06-10
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8_6_0.
The format of the file is:
sid - Message (rule group, priority)
New Rules: 16664 <-> SPECIFIC-THREATS Adobe Reader and Acrobat authplay.dll vulnerability exploit attempt (specific-threats.rules, High) 16665 <-> WEB-MISC Microsoft Windows Help Centre escape sequence XSS attempt (web-misc.rules, High) Updated Rules: 1260 <-> WEB-MISC long basic authorization string (web-misc.rules, Medium) 1437 <-> MULTIMEDIA Windows Media download (multimedia.rules, High) 2589 <-> WEB-CLIENT Content-Disposition CLSID command attempt (web-client.rules, High) 2671 <-> WEB-CLIENT bitmap BitmapOffset integer overflow attempt (web-client.rules, High) 2705 <-> WEB-CLIENT JPEG parser heap overflow attempt (web-client.rules, High) 3192 <-> WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules, High) 3534 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (web-client.rules, High) 3535 <-> WEB-CLIENT GIF transfer (web-client.rules, Low) 3632 <-> WEB-CLIENT Bitmap width integer overflow attempt (web-client.rules, High) 3819 <-> WEB-CLIENT multipacket CHM file transfer start (web-client.rules, Low) 4135 <-> WEB-CLIENT IE JPEG heap overflow single packet attempt (web-client.rules, Medium) 4194 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer start (web-client.rules, Low) 4678 <-> WEB-CLIENT quicktime movie file transfer (web-client.rules, Low) 4680 <-> WEB-CLIENT quicktime movie file component name integer overflow attempt (web-client.rules, High) 5749 <-> SPYWARE-PUT Trackware alexa runtime detection (spyware-put.rules, Medium) 5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules, Low) 5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules, Medium) 5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules, Low) 5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules, Medium) 5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules, Medium) 5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules, Low) 5835 <-> SPYWARE-PUT Adware gamespy_arcade runtime detection (spyware-put.rules, Low) 5837 <-> SPYWARE-PUT Trackware ucmore runtime detection - track activity (spyware-put.rules, Medium) 5838 <-> SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (spyware-put.rules, Medium) 5851 <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules, Low) 5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules, Low) 5871 <-> SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - post information (spyware-put.rules, Low) 5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules, Low) 5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules, Low) 5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules, Medium) 5898 <-> SPYWARE-PUT Trackware adtools runtime detection - track user activity (spyware-put.rules, Medium) 5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime detection - generate desktop alert (spyware-put.rules, Medium) 5900 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - collect information (spyware-put.rules, Medium) 5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - download self-update (spyware-put.rules, Medium) 5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules, Low) 5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules, Low) 5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules, Low) 5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules, Low) 5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules, Low) 5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules, Medium) 5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules, Medium) 5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules, Medium) 5947 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - log url (spyware-put.rules, Low) 5950 <-> SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (spyware-put.rules, Medium) 5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules, Low) 5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules, Medium) 5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules, Medium) 5978 <-> SPYWARE-PUT hijacker topfive searchassistant detection - update (spyware-put.rules, Low) 5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules, Low) 5986 <-> SPYWARE-PUT Trickler teomasearchbar runtime detection (spyware-put.rules, Low) 6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules, Low) 6197 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (spyware-put.rules, Low) 6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules, Medium) 6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules, Low) 6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules, Low) 6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules, Low) 6250 <-> SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (spyware-put.rules, Low) 6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules, Medium) 6258 <-> SPYWARE-PUT Adware searchsquire runtime detection - get engine file (spyware-put.rules, Low) 6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules, Low) 6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules, Low) 6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules, Low) 6282 <-> SPYWARE-PUT Hijacker customtoolbar runtime detection (spyware-put.rules, Low) 6343 <-> SPYWARE-PUT Adware targetsaver runtime detection (spyware-put.rules, Low) 6344 <-> SPYWARE-PUT Adware excite search bar runtime detection - config (spyware-put.rules, Low) 6349 <-> SPYWARE-PUT Hijacker richfind update detection (spyware-put.rules, Low) 6350 <-> SPYWARE-PUT Hijacker richfind auto search redirect detection (spyware-put.rules, Low) 6351 <-> SPYWARE-PUT Hijacker adblock update detection (spyware-put.rules, Low) 6352 <-> SPYWARE-PUT Hijacker adblock auto search redirect detection (spyware-put.rules, Low) 6353 <-> SPYWARE-PUT Hijacker adblock ie search assistant redirect detection (spyware-put.rules, Low) 6354 <-> SPYWARE-PUT Trickler wsearch runtime detection - auto update (spyware-put.rules, Low) 6355 <-> SPYWARE-PUT Trickler wsearch runtime detection - mp3 search (spyware-put.rules, Low) 6356 <-> SPYWARE-PUT Trickler wsearch runtime detection - desktop search (spyware-put.rules, Low) 6357 <-> SPYWARE-PUT Hijacker need2find initial configuration detection (spyware-put.rules, Low) 6359 <-> SPYWARE-PUT Adware altnet runtime detection - initial retrieval (spyware-put.rules, Low) 6360 <-> SPYWARE-PUT Adware altnet runtime detection - update (spyware-put.rules, Low) 6361 <-> SPYWARE-PUT Adware altnet runtime detection - status report (spyware-put.rules, Low) 6362 <-> SPYWARE-PUT Hijacker microgaming runtime detection (spyware-put.rules, Low) 6363 <-> SPYWARE-PUT adware surfaccuracy runtime detection (spyware-put.rules, Low) 6364 <-> SPYWARE-PUT Hijacker imeshbar runtime detection (spyware-put.rules, Low) 6365 <-> SPYWARE-PUT Other-Technologies sony rootkit runtime detection (spyware-put.rules, Low) 6366 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver user-agent string detected (spyware-put.rules, Low) 6372 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get wsliveup.dat (spyware-put.rules, Low) 6373 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - stbarpat.dat (spyware-put.rules, Low) 6374 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (spyware-put.rules, Low) 6375 <-> SPYWARE-PUT Trickler spyblocs.eblocs detection - register request (spyware-put.rules, Low) 6376 <-> SPYWARE-PUT Hijacker girafa toolbar - toolbar update (spyware-put.rules, Low) 6379 <-> SPYWARE-PUT Hijacker adbars runtime detection - search in toolbar (spyware-put.rules, Low) 6380 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (spyware-put.rules, Low) 6382 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - url hook (spyware-put.rules, Low) 6389 <-> SPYWARE-PUT Adware esyndicate runtime detection - postinstall request (spyware-put.rules, Low) 6392 <-> SPYWARE-PUT Hijacker zeropopup runtime detection (spyware-put.rules, Low) 6394 <-> SPYWARE-PUT Hijacker adstart runtime detection (spyware-put.rules, Low) 6478 <-> SPYWARE-PUT Trackware searchingall toolbar runtime detection - send user url request (spyware-put.rules, Medium) 6479 <-> SPYWARE-PUT Snoopware totalvelocity zsearch runtime detection (spyware-put.rules, Medium) 6480 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - home page (spyware-put.rules, Low) 6481 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - search (spyware-put.rules, Low) 6483 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - home page hijacker (spyware-put.rules, Low) 6484 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - search (spyware-put.rules, Low) 6487 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - check updates (spyware-put.rules, Low) 6488 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - redirect mistyped urls (spyware-put.rules, Low) 6489 <-> SPYWARE-PUT Hijacker analyze IE runtime detection - default page hijacker (spyware-put.rules, Low) 6490 <-> SPYWARE-PUT Dialer yeaknet runtime detection - home page hijacker (spyware-put.rules, Low) 6491 <-> SPYWARE-PUT Dialer yeaknet runtime detection - post-installation (spyware-put.rules, Low) 6493 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - post data (spyware-put.rules, Low) 6494 <-> SPYWARE-PUT Adware yourenhancement runtime detection (spyware-put.rules, Low) 6495 <-> SPYWARE-PUT Hijacker troj_spywad.x runtime detection (spyware-put.rules, Low) 6496 <-> SPYWARE-PUT Adware adpowerzone runtime detection (spyware-put.rules, Low) 7049 <-> SPYWARE-PUT Hijacker extreme biz runtime detection - uniq1 (spyware-put.rules, Low) 7051 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - spyware injection (spyware-put.rules, Low) 7052 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - adv (spyware-put.rules, Low) 7053 <-> SPYWARE-PUT Adware webredir runtime detection (spyware-put.rules, Low) 7054 <-> SPYWARE-PUT Trickler download arq variant runtime detection (spyware-put.rules, Low) 7055 <-> SPYWARE-PUT Hijacker vip01 biz runtime detection - adv (spyware-put.rules, Low) 7123 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - update (spyware-put.rules, Low) 7124 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - buy (spyware-put.rules, Low) 7125 <-> SPYWARE-PUT Hijacker traffbest biz runtime detection - adv (spyware-put.rules, Low) 7128 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (spyware-put.rules, Low) 7129 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (spyware-put.rules, Low) 7130 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (spyware-put.rules, Low) 7135 <-> SPYWARE-PUT Hijacker dsrch runtime detection - config info retrieval (spyware-put.rules, Low) 7136 <-> SPYWARE-PUT Hijacker dsrch runtime detection - search assistant redirect (spyware-put.rules, Low) 7137 <-> SPYWARE-PUT Hijacker dsrch runtime detection - side search redirect (spyware-put.rules, Low) 7138 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - version check (spyware-put.rules, Low) 7139 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - fake search query (spyware-put.rules, Low) 7140 <-> SPYWARE-PUT Adware pay-per-click runtime detection - configuration (spyware-put.rules, Low) 7141 <-> SPYWARE-PUT Adware pay-per-click runtime detection - update (spyware-put.rules, Low) 7142 <-> SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (spyware-put.rules, Low) 7143 <-> SPYWARE-PUT Adware digink.com runtime detection (spyware-put.rules, Low) 7144 <-> SPYWARE-PUT Hijacker cool search runtime detection (spyware-put.rules, Low) 7145 <-> SPYWARE-PUT Other-Technologies spam maxy runtime detection (spyware-put.rules, Low) 7155 <-> SPYWARE-PUT Trickler jubster runtime detection (spyware-put.rules, Low) 7187 <-> SPYWARE-PUT Trackware shopathome user-agent detected (spyware-put.rules, Medium) 7189 <-> SPYWARE-PUT Trackware shopathome runtime detection - setcookie request (spyware-put.rules, Medium) 7193 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (spyware-put.rules, Low) 7194 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - services requests (spyware-put.rules, Low) 7195 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities (spyware-put.rules, Low) 7510 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - version verification (spyware-put.rules, Low) 7511 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - get ads page (spyware-put.rules, Low) 7515 <-> SPYWARE-PUT Keylogger watchdog runtime detection - remote monitoring (spyware-put.rules, Medium) 7516 <-> SPYWARE-PUT Trickler hmtoolbar runtime detection (spyware-put.rules, Low) 7517 <-> SPYWARE-PUT Hijacker chinese keywords runtime detection (spyware-put.rules, Low) 7518 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - get up-to-date news info (spyware-put.rules, Medium) 7523 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - click news button links (spyware-put.rules, Medium) 7525 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - barad.asp request (spyware-put.rules, Medium) 7528 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - ie autosearch hijack (spyware-put.rules, Medium) 7532 <-> SPYWARE-PUT Adware piolet runtime detection - user-agent (spyware-put.rules, Low) 7533 <-> SPYWARE-PUT Adware piolet runtime detection - ads request (spyware-put.rules, Low) 7536 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - popup (spyware-put.rules, Low) 7543 <-> SPYWARE-PUT Hijacker 2020search runtime detection (spyware-put.rules, Low) 7550 <-> SPYWARE-PUT Adware adroar runtime detection (spyware-put.rules, Low) 7553 <-> SPYWARE-PUT Adware hxdl runtime detection - hxlogonly user-agent (spyware-put.rules, Low) 7554 <-> SPYWARE-PUT Adware hxdl runtime detection - hxdownload user-agent (spyware-put.rules, Low) 7556 <-> SPYWARE-PUT Hijacker blazefind runtime detection - search bar (spyware-put.rules, Low) 7561 <-> SPYWARE-PUT Trackware purityscan runtime detection - opt out of interstitial advertising (spyware-put.rules, Medium) 7562 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 1 (spyware-put.rules, Low) 7563 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 2 (spyware-put.rules, Low) 7565 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - search engine (spyware-put.rules, Low) 7567 <-> SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection (spyware-put.rules, Medium) 7568 <-> SPYWARE-PUT Trackware webhancer runtime detection (spyware-put.rules, Medium) 7572 <-> SPYWARE-PUT Trickler album galaxy runtime detection - startup data (spyware-put.rules, Low) 7575 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - weather request (spyware-put.rules, Low) 7576 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - hijack ie browser (spyware-put.rules, Low) 7577 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - collect information (spyware-put.rules, Low) 7578 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - reference (spyware-put.rules, Low) 7579 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - smileys (spyware-put.rules, Low) 7580 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - update (spyware-put.rules, Low) 7581 <-> SPYWARE-PUT Hijacker flashbar runtime detection - user-agent (spyware-put.rules, Low) 7587 <-> SPYWARE-PUT Trickler urlblaze runtime detection - software information request (spyware-put.rules, Low) 7588 <-> SPYWARE-PUT Trickler urlblaze runtime detection - files search or download (spyware-put.rules, Low) 7590 <-> SPYWARE-PUT Hijacker swbar runtime detection (spyware-put.rules, Low) 7593 <-> SPYWARE-PUT Trackware trellian toolbarbrowser runtime detection (spyware-put.rules, Medium) 7598 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - search in toolbar (spyware-put.rules, Medium) 7599 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - user info collection (spyware-put.rules, Medium) 7600 <-> SPYWARE-PUT Hijacker adtraffic runtime detection - notfound website search hijack and redirection (spyware-put.rules, Low) 7824 <-> SPYWARE-PUT Trickler whenu.clocksync runtime detection (spyware-put.rules, Low) 7826 <-> SPYWARE-PUT Trickler whenu.weathercast runtime detection - check (spyware-put.rules, Low) 7832 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - active/update (spyware-put.rules, Low) 7838 <-> SPYWARE-PUT Adware smiley central runtime detection (spyware-put.rules, Low) 7839 <-> SPYWARE-PUT Hijacker rx toolbar runtime detection (spyware-put.rules, Low) 7840 <-> SPYWARE-PUT Hijacker instafinder initial configuration detection (spyware-put.rules, Low) 7841 <-> SPYWARE-PUT Hijacker instafinder error redirect detection (spyware-put.rules, Low) 7843 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - search engine hijack (spyware-put.rules, Low) 7844 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - post data (spyware-put.rules, Low) 7848 <-> SPYWARE-PUT Hijacker netguide runtime detection (spyware-put.rules, Low) 7849 <-> SPYWARE-PUT Trickler maxsearch runtime detection - toolbar download (spyware-put.rules, Low) 7850 <-> SPYWARE-PUT Trickler maxsearch runtime detection - retrieve command (spyware-put.rules, Low) 7851 <-> SPYWARE-PUT Trickler maxsearch runtime detection - ack (spyware-put.rules, Low) 7852 <-> SPYWARE-PUT Trickler maxsearch runtime detection - advertisement (spyware-put.rules, Low) 7853 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 1 (spyware-put.rules, Low) 7854 <-> SPYWARE-PUT Adware web-nexus runtime detection - config retrieval (spyware-put.rules, Low) 7855 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 2 (spyware-put.rules, Low) 7856 <-> SPYWARE-PUT Trackware winsysba-a runtime detection - track surfing activity (spyware-put.rules, Medium) 8071 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - search hijack (spyware-put.rules, Low) 8072 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - surf monitor (spyware-put.rules, Low) 8073 <-> SPYWARE-PUT Adware zango toolbar runtime detection (spyware-put.rules, Low) 8352 <-> SPYWARE-PUT Adware desktopmedia runtime detection - ads popup (spyware-put.rules, Low) 8353 <-> SPYWARE-PUT Adware desktopmedia runtime detection - auto update (spyware-put.rules, Low) 8354 <-> SPYWARE-PUT Adware desktopmedia runtime detection - surf monitoring (spyware-put.rules, Low) 8461 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - send userinfo (spyware-put.rules, Medium) 8462 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace info downloaded (spyware-put.rules, Medium) 8463 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace login info (spyware-put.rules, Medium) 8464 <-> SPYWARE-PUT Adware henbang runtime detection (spyware-put.rules, Low) 8467 <-> SPYWARE-PUT Keylogger netobserve runtime detection - remote login response (spyware-put.rules, Medium) 8468 <-> SPYWARE-PUT Hijacker accoona runtime detection - collect info (spyware-put.rules, Low) 8469 <-> SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url (spyware-put.rules, Low) 8542 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (spyware-put.rules, Medium) 8543 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads (spyware-put.rules, Medium) 9645 <-> SPYWARE-PUT Hijacker sogou runtime detection - keyword hijack (spyware-put.rules, Low) 9646 <-> SPYWARE-PUT Hijacker sogou runtime detection - search through sogou toolbar (spyware-put.rules, Low) 9651 <-> SPYWARE-PUT Hijacker ricercadoppia runtime detection (spyware-put.rules, Low) 9652 <-> SPYWARE-PUT Hijacker oemji bar runtime detection (spyware-put.rules, Low) 9829 <-> SPYWARE-PUT Trackware relevantknowledge runtime detection (spyware-put.rules, Medium) 9831 <-> SPYWARE-PUT Adware u88 runtime detection (spyware-put.rules, Low) 10090 <-> SPYWARE-PUT Trickler zango easymessenger runtime detection (spyware-put.rules, Low) 10093 <-> SPYWARE-PUT Hijacker kuaiso toolbar runtime detection (spyware-put.rules, Low) 10095 <-> SPYWARE-PUT Trackware bydou runtime detection (spyware-put.rules, Medium) 10166 <-> SPYWARE-PUT Trackware baigoo runtime detection (spyware-put.rules, Medium) 10179 <-> SPYWARE-PUT Trackware bysoo runtime detection (spyware-put.rules, Medium) 10182 <-> SPYWARE-PUT Adware newweb runtime detection (spyware-put.rules, Low) 10435 <-> SPYWARE-PUT Trackware admedia runtime detection (spyware-put.rules, Medium) 10437 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules, Low) 10438 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules, Low) 10439 <-> SPYWARE-PUT Adware mokead runtime detection (spyware-put.rules, Low) 11192 <-> POLICY download of executable content (policy.rules, High) 11308 <-> SPYWARE-PUT Other-Technologies spydawn runtime detection - update checking (spyware-put.rules, Low) 11311 <-> SPYWARE-PUT Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (spyware-put.rules, Medium) 11312 <-> SPYWARE-PUT Trackware uplink runtime detection (spyware-put.rules, Medium) 11313 <-> SPYWARE-PUT Other-Technologies spywarelocker 3.3 runtime detection - update checking (spyware-put.rules, Low) 11948 <-> SPYWARE-PUT Hijacker snap toolbar runtime detection - cookie (spyware-put.rules, Low) 12047 <-> SPYWARE-PUT Adware yayad runtime detection (spyware-put.rules, Low) 12050 <-> SPYWARE-PUT Hijacker ez-greets toolbar runtime detection (spyware-put.rules, Low) 12120 <-> SPYWARE-PUT Adware pprich runtime detection - version check (spyware-put.rules, Low) 12122 <-> SPYWARE-PUT Trackware spynova runtime detection (spyware-put.rules, Medium) 12123 <-> SPYWARE-PUT Hijacker lookquick runtime detection - hijack ie (spyware-put.rules, Low) 12125 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - hijack ie search assistant (spyware-put.rules, Medium) 12126 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - collect user information (spyware-put.rules, Medium) 12138 <-> SPYWARE-PUT Adware zamingo runtime detection (spyware-put.rules, Low) 12228 <-> SPYWARE-PUT Trackware snap ultrasearch/desktop toolbar runtime detection - cookie (spyware-put.rules, Medium) 12231 <-> SPYWARE-PUT Adware vroomsearch runtime detection (spyware-put.rules, Low) 12288 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - hijack ie searches (spyware-put.rules, Low) 12289 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - get updates (spyware-put.rules, Low) 12296 <-> SPYWARE-PUT Hijacker 3search runtime detection - update (spyware-put.rules, Low) 12370 <-> SPYWARE-PUT Hijacker imesh mediabar runtime detection - auto update (spyware-put.rules, Low) 12658 <-> SPYWARE-PUT Adware winantivirus pro 2007 runtime detection (spyware-put.rules, Low) 12672 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - get ads (spyware-put.rules, Medium) 12673 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - collect information (spyware-put.rules, Medium) 12674 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - track activity (spyware-put.rules, Medium) 12693 <-> SPYWARE-PUT Hijacker personalweb runtime detection (spyware-put.rules, Low) 12694 <-> SPYWARE-PUT Adware avsystemcare runtime detection (spyware-put.rules, Low) 12720 <-> SPYWARE-PUT Adware pestbot runtime detection - update (spyware-put.rules, Low) 12723 <-> SPYWARE-PUT Trackware winzix 2.2.0 runtime detection (spyware-put.rules, Medium) 13242 <-> SPYWARE-PUT Adware netpumper 1.26 runtime detection (spyware-put.rules, Low) 13284 <-> SPYWARE-PUT Adware netguarder web cleaner runtime detection (spyware-put.rules, Low) 13286 <-> SPYWARE-PUT Adware 3wplayer 1.7 runtime detection (spyware-put.rules, Low) 13482 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - discloses information (spyware-put.rules, Low) 13484 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - updates automatically (spyware-put.rules, Low) 13487 <-> SPYWARE-PUT Adware elite protector runtime detection (spyware-put.rules, Low) 13488 <-> SPYWARE-PUT Hijacker people pal toolbar runtime detection - automatic upgrade (spyware-put.rules, Low) 13493 <-> SPYWARE-PUT Hijacker deepdo toolbar runtime detection - automatic update (spyware-put.rules, Low) 13495 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - initial traffic 1 (spyware-put.rules, Low) 13496 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - initial traffic 2 (spyware-put.rules, Low) 13502 <-> SPYWARE-PUT Adware contravirus runtime detection - update (spyware-put.rules, Low) 13503 <-> SPYWARE-PUT Hijacker dealio toolbar runtime detection user-agent detected (spyware-put.rules, Low) 13556 <-> SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 1 (spyware-put.rules, Low) 13564 <-> SPYWARE-PUT Adware system doctor runtime detection - update status (spyware-put.rules, Low) 13635 <-> SPYWARE-PUT Trickler downloader trojan.gen runtime detection - get malicious link (spyware-put.rules, Low) 13636 <-> SPYWARE-PUT Trickler downloader trojan.gen runtime detection - download malicious link (spyware-put.rules, Low) 13637 <-> SPYWARE-PUT Adware virus heat runtime detection - presale request (spyware-put.rules, Low) 13638 <-> SPYWARE-PUT Adware virus heat runtime detection - initial database connection (spyware-put.rules, Low) 13639 <-> SPYWARE-PUT Hijacker locmag toolbar runtime detection - connection to toolbar (spyware-put.rules, Low) 13640 <-> SPYWARE-PUT Hijacker locmag toolbar runtime detection - hijacks address bar (spyware-put.rules, Low) 13641 <-> SPYWARE-PUT Hijacker eclickz toolbar runtime detection - search traffic (spyware-put.rules, Low) 13643 <-> SPYWARE-PUT Hijacker zztoolbar runtime detection - toolbar traffic (spyware-put.rules, Low) 13644 <-> SPYWARE-PUT Hijacker zztoolbar runtime detection - search traffic (spyware-put.rules, Low) 13645 <-> SPYWARE-PUT Hijacker mxs toolbar runtime detection (spyware-put.rules, Low) 13646 <-> SPYWARE-PUT Adware registry defender runtime detection - presale request (spyware-put.rules, Low) 13647 <-> SPYWARE-PUT Adware registry defender runtime detection - error report request (spyware-put.rules, Low) 13649 <-> SPYWARE-PUT Adware spyware stop runtime detection - presale request (spyware-put.rules, Low) 13650 <-> SPYWARE-PUT Adware spyware stop runtime detection - auto updates (spyware-put.rules, Low) 13653 <-> SPYWARE-PUT Adware cashfiesta adbar runtime detection - updates traffic (spyware-put.rules, Low) 13762 <-> SPYWARE-PUT Adware system defender runtime detection (spyware-put.rules, Low) 13765 <-> SPYWARE-PUT Adware winxdefender runtime detection - presale request (spyware-put.rules, Low) 13766 <-> SPYWARE-PUT Adware winxdefender runtime detection - auto update (spyware-put.rules, Low) 13769 <-> SPYWARE-PUT Hijacker searchnine toolbar runtime detection - hijacks address bar (spyware-put.rules, Low) 13771 <-> SPYWARE-PUT Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #1 (spyware-put.rules, Low) 13776 <-> SPYWARE-PUT Trackware syscleaner runtime detection - presale traffic (spyware-put.rules, Medium) 13777 <-> SPYWARE-PUT Trackware syscleaner runtime detection - get update (spyware-put.rules, Medium) 13779 <-> SPYWARE-PUT Trackware proofile toolbar runtime detection (spyware-put.rules, Medium) 13780 <-> SPYWARE-PUT Hijacker find.fm toolbar runtime detection - automatic updates (spyware-put.rules, Low) 13781 <-> SPYWARE-PUT Hijacker find.fm toolbar runtime detection - hijacks address bar (spyware-put.rules, Low) 13782 <-> SPYWARE-PUT Hijacker ezreward runtime detection (spyware-put.rules, Low) 13808 <-> SPYWARE-PUT Adware ie antivirus runtime detection - presale request (spyware-put.rules, Low) 13809 <-> SPYWARE-PUT Adware ie antivirus runtime detection - update request (spyware-put.rules, Low) 13811 <-> SPYWARE-PUT Adware xp antivirus runtime detection (spyware-put.rules, Low) 13850 <-> SPYWARE-PUT Adware roogoo 2.0 runtime detection - popup ads (spyware-put.rules, Low) 13851 <-> SPYWARE-PUT Adware roogoo 2.0 runtime detection - upgrade (spyware-put.rules, Low) 13853 <-> SPYWARE-PUT Hijacker alot toolbar runtime detection - weather request (spyware-put.rules, Low) 13855 <-> SPYWARE-PUT Trackware speed runner runtime detection (spyware-put.rules, Medium) 13866 <-> SPYWARE-PUT Trackware adclicker-fc.gen.a runtime detection - popup ads (spyware-put.rules, Medium) 13867 <-> SPYWARE-PUT Trackware adclicker-fc.gen.a runtime detection (spyware-put.rules, Medium) 13872 <-> SPYWARE-PUT Trickler fushion 1.2.4.17 runtime detection - notice (spyware-put.rules, Low) 13873 <-> SPYWARE-PUT Trickler fushion 1.2.4.17 runtime detection - underground traffic (spyware-put.rules, Low) 13874 <-> SPYWARE-PUT Adware malware destructor 4.5 runtime detection - order request (spyware-put.rules, Low) 13875 <-> SPYWARE-PUT Adware malware destructor 4.5 runtime detection - auto update (spyware-put.rules, Low) 13930 <-> SPYWARE-PUT Trickler pc privacy cleaner runtime detection - order/register request (spyware-put.rules, Low) 13931 <-> SPYWARE-PUT Trickler pc privacy cleaner runtime detection - auto update (spyware-put.rules, Low) 13932 <-> SPYWARE-PUT Trackware rightonadz.biz adrotator runtime detection - post user info to remote server (spyware-put.rules, Medium) 13933 <-> SPYWARE-PUT Trackware rightonadz.biz adrotator runtime detection - ads (spyware-put.rules, Medium) 13934 <-> SPYWARE-PUT Hijacker mediatubecodec 1.470.0 runtime detection - hijack ie (spyware-put.rules, Low) 13935 <-> SPYWARE-PUT Hijacker mediatubecodec 1.470.0 runtime detection - download other malware (spyware-put.rules, Low) 13937 <-> SPYWARE-PUT Hijacker adware.win32.ejik.ec variant runtime detection - call home (spyware-put.rules, Low) 13940 <-> SPYWARE-PUT Hijacker win32.bho.bgf runtime detection (spyware-put.rules, Low) 14019 <-> WEB-CLIENT CyberLink PowerDVD playlist file handling stack overflow attempt (web-client.rules, High) 14020 <-> WEB-CLIENT CyberLink PowerDVD playlist file handling stack overflow attempt (web-client.rules, High) 14054 <-> SPYWARE-PUT Adware AdwareALERT runtime detection - auto update (spyware-put.rules, Low) 14055 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - hijack ie auto search (spyware-put.rules, Low) 14056 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - get news info (spyware-put.rules, Low) 14057 <-> SPYWARE-PUT Trackware murzilka2 runtime detection (spyware-put.rules, Medium) 14059 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - hijack ie home page (spyware-put.rules, Low) 14060 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - auto update (spyware-put.rules, Low) 14063 <-> SPYWARE-PUT Hijacker cashon runtime detection - hijack ie searches (spyware-put.rules, Low) 14066 <-> SPYWARE-PUT Adware winsecuredisc runtime detection (spyware-put.rules, Low) 14067 <-> SPYWARE-PUT Adware swizzor runtime detection (spyware-put.rules, Low) 14069 <-> SPYWARE-PUT Adware brave sentry runtime detection - order request (spyware-put.rules, Low) 14070 <-> SPYWARE-PUT Adware brave sentry runtime detection - self update (spyware-put.rules, Low) 14076 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - hijack search (spyware-put.rules, Low) 14077 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - redirect search results (spyware-put.rules, Low) 14078 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - download malicous code (spyware-put.rules, Low) 14079 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious sites (spyware-put.rules, Low) 14080 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious server (spyware-put.rules, Low) 15563 <-> SPYWARE-PUT RSPlug Trojan server connection attempt (spyware-put.rules, High) 16114 <-> SPYWARE-PUT Hijacker cramtoolbar runtime detection - hijack (spyware-put.rules, Low) 16117 <-> SPYWARE-PUT Trackware rightonadz.biz adrotator runtime detection - ads (spyware-put.rules, Medium) 16118 <-> SPYWARE-PUT Adware winreanimator runtime detection - register request (spyware-put.rules, Low) 16120 <-> SPYWARE-PUT Trackware 6sq toolbar runtime detection (spyware-put.rules, Medium) 16121 <-> SPYWARE-PUT Hijacker weatherstudio runtime detection (spyware-put.rules, Low) 16122 <-> SPYWARE-PUT rogue antivirus xp 2008 runtime detection - buy (spyware-put.rules, Low) 16123 <-> SPYWARE-PUT rogue antivirus xp 2008 runtime detection - update (spyware-put.rules, Low) 16124 <-> SPYWARE-PUT downloader trojan.nsis.agent.s runtime detection (spyware-put.rules, Low) 16127 <-> SPYWARE-PUT Adware superiorads runtime detection (spyware-put.rules, Low) 16129 <-> SPYWARE-PUT Keylogger kamyab Keylogger v.3 runtime detection (spyware-put.rules, Medium) 16130 <-> SPYWARE-PUT Keylogger lord spy pro 1.4 runtime detection (spyware-put.rules, Medium) 16131 <-> SPYWARE-PUT Trackware adclicker trojan zlob.dnz runtime detection - ads (spyware-put.rules, Medium) 16133 <-> SPYWARE-PUT Trackware owlforce runtime detection - remote server #2 (spyware-put.rules, Medium) 16134 <-> SPYWARE-PUT Adware spyware guard 2008 runtime detection - contacts remote server (spyware-put.rules, Low) 16135 <-> SPYWARE-PUT Adware spyware guard 2008 runtime detection - purchase page (spyware-put.rules, Low) 16139 <-> SPYWARE-PUT downloader_trojan.gen2 runtime detection - scanner page (spyware-put.rules, Low) 16493 <-> SPYWARE-PUT TT-bot botnet contact to C&C server attempt (spyware-put.rules, High) 16496 <-> SPYWARE-PUT Trojan hacktool attempt to contact server (spyware-put.rules, High) 16551 <-> SPYWARE-PUT Malware contact to server attempt (spyware-put.rules, High)
