Sourcefire VRT Rules Update

Date: 2010-06-10

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8_6_0.

The format of the file is:

sid - Message (rule group, priority)

New Rules:
16664 <-> SPECIFIC-THREATS Adobe Reader and Acrobat authplay.dll vulnerability exploit attempt (specific-threats.rules, High)
16665 <-> WEB-MISC Microsoft Windows Help Centre escape sequence XSS attempt (web-misc.rules, High)

Updated Rules:
1260 <-> WEB-MISC long basic authorization string (web-misc.rules, Medium)
1437 <-> MULTIMEDIA Windows Media download (multimedia.rules, High)
2589 <-> WEB-CLIENT Content-Disposition CLSID command attempt (web-client.rules, High)
2671 <-> WEB-CLIENT bitmap BitmapOffset integer overflow attempt (web-client.rules, High)
2705 <-> WEB-CLIENT JPEG parser heap overflow attempt (web-client.rules, High)
3192 <-> WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules, High)
3534 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (web-client.rules, High)
3535 <-> WEB-CLIENT GIF transfer (web-client.rules, Low)
3632 <-> WEB-CLIENT Bitmap width integer overflow attempt (web-client.rules, High)
3819 <-> WEB-CLIENT multipacket CHM file transfer start (web-client.rules, Low)
4135 <-> WEB-CLIENT IE JPEG heap overflow single packet attempt (web-client.rules, Medium)
4194 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer start (web-client.rules, Low)
4678 <-> WEB-CLIENT quicktime movie file transfer (web-client.rules, Low)
4680 <-> WEB-CLIENT quicktime movie file component name integer overflow attempt (web-client.rules, High)
5749 <-> SPYWARE-PUT Trackware alexa runtime detection (spyware-put.rules, Medium)
5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules, Low)
5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules, Medium)
5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules, Low)
5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules, Medium)
5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules, Medium)
5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules, Low)
5835 <-> SPYWARE-PUT Adware gamespy_arcade runtime detection (spyware-put.rules, Low)
5837 <-> SPYWARE-PUT Trackware ucmore runtime detection - track activity (spyware-put.rules, Medium)
5838 <-> SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (spyware-put.rules, Medium)
5851 <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules, Low)
5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules, Low)
5871 <-> SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - post information (spyware-put.rules, Low)
5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules, Low)
5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules, Low)
5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules, Medium)
5898 <-> SPYWARE-PUT Trackware adtools runtime detection - track user activity (spyware-put.rules, Medium)
5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime detection - generate desktop alert (spyware-put.rules, Medium)
5900 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - collect information (spyware-put.rules, Medium)
5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - download self-update (spyware-put.rules, Medium)
5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules, Low)
5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules, Low)
5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules, Low)
5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules, Low)
5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules, Low)
5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules, Medium)
5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules, Medium)
5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules, Medium)
5947 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - log url (spyware-put.rules, Low)
5950 <-> SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (spyware-put.rules, Medium)
5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules, Low)
5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules, Medium)
5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules, Medium)
5978 <-> SPYWARE-PUT hijacker topfive searchassistant detection - update (spyware-put.rules, Low)
5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules, Low)
5986 <-> SPYWARE-PUT Trickler teomasearchbar runtime detection (spyware-put.rules, Low)
6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules, Low)
6197 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (spyware-put.rules, Low)
6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules, Medium)
6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules, Low)
6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules, Low)
6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules, Low)
6250 <-> SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (spyware-put.rules, Low)
6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules, Medium)
6258 <-> SPYWARE-PUT Adware searchsquire runtime detection - get engine file (spyware-put.rules, Low)
6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules, Low)
6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules, Low)
6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules, Low)
6282 <-> SPYWARE-PUT Hijacker customtoolbar runtime detection (spyware-put.rules, Low)
6343 <-> SPYWARE-PUT Adware targetsaver runtime detection (spyware-put.rules, Low)
6344 <-> SPYWARE-PUT Adware excite search bar runtime detection - config (spyware-put.rules, Low)
6349 <-> SPYWARE-PUT Hijacker richfind update detection (spyware-put.rules, Low)
6350 <-> SPYWARE-PUT Hijacker richfind auto search redirect detection (spyware-put.rules, Low)
6351 <-> SPYWARE-PUT Hijacker adblock update detection (spyware-put.rules, Low)
6352 <-> SPYWARE-PUT Hijacker adblock auto search redirect detection (spyware-put.rules, Low)
6353 <-> SPYWARE-PUT Hijacker adblock ie search assistant redirect detection (spyware-put.rules, Low)
6354 <-> SPYWARE-PUT Trickler wsearch runtime detection - auto update (spyware-put.rules, Low)
6355 <-> SPYWARE-PUT Trickler wsearch runtime detection - mp3 search (spyware-put.rules, Low)
6356 <-> SPYWARE-PUT Trickler wsearch runtime detection - desktop search (spyware-put.rules, Low)
6357 <-> SPYWARE-PUT Hijacker need2find initial configuration detection (spyware-put.rules, Low)
6359 <-> SPYWARE-PUT Adware altnet runtime detection - initial retrieval (spyware-put.rules, Low)
6360 <-> SPYWARE-PUT Adware altnet runtime detection - update (spyware-put.rules, Low)
6361 <-> SPYWARE-PUT Adware altnet runtime detection - status report (spyware-put.rules, Low)
6362 <-> SPYWARE-PUT Hijacker microgaming runtime detection (spyware-put.rules, Low)
6363 <-> SPYWARE-PUT adware surfaccuracy runtime detection (spyware-put.rules, Low)
6364 <-> SPYWARE-PUT Hijacker imeshbar runtime detection (spyware-put.rules, Low)
6365 <-> SPYWARE-PUT Other-Technologies sony rootkit runtime detection (spyware-put.rules, Low)
6366 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver user-agent string detected (spyware-put.rules, Low)
6372 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get wsliveup.dat (spyware-put.rules, Low)
6373 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - stbarpat.dat (spyware-put.rules, Low)
6374 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (spyware-put.rules, Low)
6375 <-> SPYWARE-PUT Trickler spyblocs.eblocs detection - register request (spyware-put.rules, Low)
6376 <-> SPYWARE-PUT Hijacker girafa toolbar - toolbar update (spyware-put.rules, Low)
6379 <-> SPYWARE-PUT Hijacker adbars runtime detection - search in toolbar (spyware-put.rules, Low)
6380 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (spyware-put.rules, Low)
6382 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - url hook (spyware-put.rules, Low)
6389 <-> SPYWARE-PUT Adware esyndicate runtime detection - postinstall request (spyware-put.rules, Low)
6392 <-> SPYWARE-PUT Hijacker zeropopup runtime detection (spyware-put.rules, Low)
6394 <-> SPYWARE-PUT Hijacker adstart runtime detection (spyware-put.rules, Low)
6478 <-> SPYWARE-PUT Trackware searchingall toolbar runtime detection - send user url request (spyware-put.rules, Medium)
6479 <-> SPYWARE-PUT Snoopware totalvelocity zsearch runtime detection (spyware-put.rules, Medium)
6480 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - home page (spyware-put.rules, Low)
6481 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - search (spyware-put.rules, Low)
6483 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - home page hijacker (spyware-put.rules, Low)
6484 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - search (spyware-put.rules, Low)
6487 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - check updates (spyware-put.rules, Low)
6488 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - redirect mistyped urls (spyware-put.rules, Low)
6489 <-> SPYWARE-PUT Hijacker analyze IE runtime detection - default page hijacker (spyware-put.rules, Low)
6490 <-> SPYWARE-PUT Dialer yeaknet runtime detection - home page hijacker (spyware-put.rules, Low)
6491 <-> SPYWARE-PUT Dialer yeaknet runtime detection - post-installation (spyware-put.rules, Low)
6493 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - post data (spyware-put.rules, Low)
6494 <-> SPYWARE-PUT Adware yourenhancement runtime detection (spyware-put.rules, Low)
6495 <-> SPYWARE-PUT Hijacker troj_spywad.x runtime detection (spyware-put.rules, Low)
6496 <-> SPYWARE-PUT Adware adpowerzone runtime detection (spyware-put.rules, Low)
7049 <-> SPYWARE-PUT Hijacker extreme biz runtime detection - uniq1 (spyware-put.rules, Low)
7051 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - spyware injection (spyware-put.rules, Low)
7052 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - adv (spyware-put.rules, Low)
7053 <-> SPYWARE-PUT Adware webredir runtime detection (spyware-put.rules, Low)
7054 <-> SPYWARE-PUT Trickler download arq variant runtime detection (spyware-put.rules, Low)
7055 <-> SPYWARE-PUT Hijacker vip01 biz runtime detection - adv (spyware-put.rules, Low)
7123 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - update (spyware-put.rules, Low)
7124 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - buy (spyware-put.rules, Low)
7125 <-> SPYWARE-PUT Hijacker traffbest biz runtime detection - adv (spyware-put.rules, Low)
7128 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (spyware-put.rules, Low)
7129 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (spyware-put.rules, Low)
7130 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (spyware-put.rules, Low)
7135 <-> SPYWARE-PUT Hijacker dsrch runtime detection - config info retrieval (spyware-put.rules, Low)
7136 <-> SPYWARE-PUT Hijacker dsrch runtime detection - search assistant redirect (spyware-put.rules, Low)
7137 <-> SPYWARE-PUT Hijacker dsrch runtime detection - side search redirect (spyware-put.rules, Low)
7138 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - version check (spyware-put.rules, Low)
7139 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - fake search query (spyware-put.rules, Low)
7140 <-> SPYWARE-PUT Adware pay-per-click runtime detection - configuration (spyware-put.rules, Low)
7141 <-> SPYWARE-PUT Adware pay-per-click runtime detection - update (spyware-put.rules, Low)
7142 <-> SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (spyware-put.rules, Low)
7143 <-> SPYWARE-PUT Adware digink.com runtime detection (spyware-put.rules, Low)
7144 <-> SPYWARE-PUT Hijacker cool search runtime detection (spyware-put.rules, Low)
7145 <-> SPYWARE-PUT Other-Technologies spam maxy runtime detection (spyware-put.rules, Low)
7155 <-> SPYWARE-PUT Trickler jubster runtime detection (spyware-put.rules, Low)
7187 <-> SPYWARE-PUT Trackware shopathome user-agent detected (spyware-put.rules, Medium)
7189 <-> SPYWARE-PUT Trackware shopathome runtime detection - setcookie request (spyware-put.rules, Medium)
7193 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (spyware-put.rules, Low)
7194 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - services requests (spyware-put.rules, Low)
7195 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities (spyware-put.rules, Low)
7510 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - version verification (spyware-put.rules, Low)
7511 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - get ads page (spyware-put.rules, Low)
7515 <-> SPYWARE-PUT Keylogger watchdog runtime detection - remote monitoring (spyware-put.rules, Medium)
7516 <-> SPYWARE-PUT Trickler hmtoolbar runtime detection (spyware-put.rules, Low)
7517 <-> SPYWARE-PUT Hijacker chinese keywords runtime detection (spyware-put.rules, Low)
7518 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - get up-to-date news info (spyware-put.rules, Medium)
7523 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - click news button links (spyware-put.rules, Medium)
7525 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - barad.asp request (spyware-put.rules, Medium)
7528 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - ie autosearch hijack (spyware-put.rules, Medium)
7532 <-> SPYWARE-PUT Adware piolet runtime detection - user-agent (spyware-put.rules, Low)
7533 <-> SPYWARE-PUT Adware piolet runtime detection - ads request (spyware-put.rules, Low)
7536 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - popup (spyware-put.rules, Low)
7543 <-> SPYWARE-PUT Hijacker 2020search runtime detection (spyware-put.rules, Low)
7550 <-> SPYWARE-PUT Adware adroar runtime detection (spyware-put.rules, Low)
7553 <-> SPYWARE-PUT Adware hxdl runtime detection - hxlogonly user-agent (spyware-put.rules, Low)
7554 <-> SPYWARE-PUT Adware hxdl runtime detection - hxdownload user-agent (spyware-put.rules, Low)
7556 <-> SPYWARE-PUT Hijacker blazefind runtime detection - search bar (spyware-put.rules, Low)
7561 <-> SPYWARE-PUT Trackware purityscan runtime detection - opt out of interstitial advertising (spyware-put.rules, Medium)
7562 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 1 (spyware-put.rules, Low)
7563 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 2 (spyware-put.rules, Low)
7565 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - search engine (spyware-put.rules, Low)
7567 <-> SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection (spyware-put.rules, Medium)
7568 <-> SPYWARE-PUT Trackware webhancer runtime detection (spyware-put.rules, Medium)
7572 <-> SPYWARE-PUT Trickler album galaxy runtime detection - startup data (spyware-put.rules, Low)
7575 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - weather request (spyware-put.rules, Low)
7576 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - hijack ie browser (spyware-put.rules, Low)
7577 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - collect information (spyware-put.rules, Low)
7578 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - reference (spyware-put.rules, Low)
7579 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - smileys (spyware-put.rules, Low)
7580 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - update (spyware-put.rules, Low)
7581 <-> SPYWARE-PUT Hijacker flashbar runtime detection - user-agent (spyware-put.rules, Low)
7587 <-> SPYWARE-PUT Trickler urlblaze runtime detection - software information request (spyware-put.rules, Low)
7588 <-> SPYWARE-PUT Trickler urlblaze runtime detection - files search or download (spyware-put.rules, Low)
7590 <-> SPYWARE-PUT Hijacker swbar runtime detection (spyware-put.rules, Low)
7593 <-> SPYWARE-PUT Trackware trellian toolbarbrowser runtime detection (spyware-put.rules, Medium)
7598 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - search in toolbar (spyware-put.rules, Medium)
7599 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - user info collection (spyware-put.rules, Medium)
7600 <-> SPYWARE-PUT Hijacker adtraffic runtime detection - notfound website search hijack and redirection (spyware-put.rules, Low)
7824 <-> SPYWARE-PUT Trickler whenu.clocksync runtime detection (spyware-put.rules, Low)
7826 <-> SPYWARE-PUT Trickler whenu.weathercast runtime detection - check (spyware-put.rules, Low)
7832 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - active/update (spyware-put.rules, Low)
7838 <-> SPYWARE-PUT Adware smiley central runtime detection (spyware-put.rules, Low)
7839 <-> SPYWARE-PUT Hijacker rx toolbar runtime detection (spyware-put.rules, Low)
7840 <-> SPYWARE-PUT Hijacker instafinder initial configuration detection (spyware-put.rules, Low)
7841 <-> SPYWARE-PUT Hijacker instafinder error redirect detection (spyware-put.rules, Low)
7843 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - search engine hijack (spyware-put.rules, Low)
7844 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - post data (spyware-put.rules, Low)
7848 <-> SPYWARE-PUT Hijacker netguide runtime detection (spyware-put.rules, Low)
7849 <-> SPYWARE-PUT Trickler maxsearch runtime detection - toolbar download (spyware-put.rules, Low)
7850 <-> SPYWARE-PUT Trickler maxsearch runtime detection - retrieve command (spyware-put.rules, Low)
7851 <-> SPYWARE-PUT Trickler maxsearch runtime detection - ack (spyware-put.rules, Low)
7852 <-> SPYWARE-PUT Trickler maxsearch runtime detection - advertisement (spyware-put.rules, Low)
7853 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 1 (spyware-put.rules, Low)
7854 <-> SPYWARE-PUT Adware web-nexus runtime detection - config retrieval (spyware-put.rules, Low)
7855 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 2 (spyware-put.rules, Low)
7856 <-> SPYWARE-PUT Trackware winsysba-a runtime detection - track surfing activity (spyware-put.rules, Medium)
8071 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - search hijack (spyware-put.rules, Low)
8072 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - surf monitor (spyware-put.rules, Low)
8073 <-> SPYWARE-PUT Adware zango toolbar runtime detection (spyware-put.rules, Low)
8352 <-> SPYWARE-PUT Adware desktopmedia runtime detection - ads popup (spyware-put.rules, Low)
8353 <-> SPYWARE-PUT Adware desktopmedia runtime detection - auto update (spyware-put.rules, Low)
8354 <-> SPYWARE-PUT Adware desktopmedia runtime detection - surf monitoring (spyware-put.rules, Low)
8461 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - send userinfo (spyware-put.rules, Medium)
8462 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace info downloaded (spyware-put.rules, Medium)
8463 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace login info (spyware-put.rules, Medium)
8464 <-> SPYWARE-PUT Adware henbang runtime detection (spyware-put.rules, Low)
8467 <-> SPYWARE-PUT Keylogger netobserve runtime detection - remote login response (spyware-put.rules, Medium)
8468 <-> SPYWARE-PUT Hijacker accoona runtime detection - collect info (spyware-put.rules, Low)
8469 <-> SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url (spyware-put.rules, Low)
8542 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (spyware-put.rules, Medium)
8543 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads (spyware-put.rules, Medium)
9645 <-> SPYWARE-PUT Hijacker sogou runtime detection - keyword hijack (spyware-put.rules, Low)
9646 <-> SPYWARE-PUT Hijacker sogou runtime detection - search through sogou toolbar (spyware-put.rules, Low)
9651 <-> SPYWARE-PUT Hijacker ricercadoppia runtime detection (spyware-put.rules, Low)
9652 <-> SPYWARE-PUT Hijacker oemji bar runtime detection (spyware-put.rules, Low)
9829 <-> SPYWARE-PUT Trackware relevantknowledge runtime detection (spyware-put.rules, Medium)
9831 <-> SPYWARE-PUT Adware u88 runtime detection (spyware-put.rules, Low)
10090 <-> SPYWARE-PUT Trickler zango easymessenger runtime detection (spyware-put.rules, Low)
10093 <-> SPYWARE-PUT Hijacker kuaiso toolbar runtime detection (spyware-put.rules, Low)
10095 <-> SPYWARE-PUT Trackware bydou runtime detection (spyware-put.rules, Medium)
10166 <-> SPYWARE-PUT Trackware baigoo runtime detection (spyware-put.rules, Medium)
10179 <-> SPYWARE-PUT Trackware bysoo runtime detection (spyware-put.rules, Medium)
10182 <-> SPYWARE-PUT Adware newweb runtime detection (spyware-put.rules, Low)
10435 <-> SPYWARE-PUT Trackware admedia runtime detection (spyware-put.rules, Medium)
10437 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules, Low)
10438 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules, Low)
10439 <-> SPYWARE-PUT Adware mokead runtime detection (spyware-put.rules, Low)
11192 <-> POLICY download of executable content (policy.rules, High)
11308 <-> SPYWARE-PUT Other-Technologies spydawn runtime detection - update checking (spyware-put.rules, Low)
11311 <-> SPYWARE-PUT Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (spyware-put.rules, Medium)
11312 <-> SPYWARE-PUT Trackware uplink runtime detection (spyware-put.rules, Medium)
11313 <-> SPYWARE-PUT Other-Technologies spywarelocker 3.3 runtime detection - update checking (spyware-put.rules, Low)
11948 <-> SPYWARE-PUT Hijacker snap toolbar runtime detection - cookie (spyware-put.rules, Low)
12047 <-> SPYWARE-PUT Adware yayad runtime detection (spyware-put.rules, Low)
12050 <-> SPYWARE-PUT Hijacker ez-greets toolbar runtime detection (spyware-put.rules, Low)
12120 <-> SPYWARE-PUT Adware pprich runtime detection - version check (spyware-put.rules, Low)
12122 <-> SPYWARE-PUT Trackware spynova runtime detection (spyware-put.rules, Medium)
12123 <-> SPYWARE-PUT Hijacker lookquick runtime detection - hijack ie (spyware-put.rules, Low)
12125 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - hijack ie search assistant (spyware-put.rules, Medium)
12126 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - collect user information (spyware-put.rules, Medium)
12138 <-> SPYWARE-PUT Adware zamingo runtime detection (spyware-put.rules, Low)
12228 <-> SPYWARE-PUT Trackware snap ultrasearch/desktop toolbar runtime detection - cookie (spyware-put.rules, Medium)
12231 <-> SPYWARE-PUT Adware vroomsearch runtime detection (spyware-put.rules, Low)
12288 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - hijack ie searches (spyware-put.rules, Low)
12289 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - get updates (spyware-put.rules, Low)
12296 <-> SPYWARE-PUT Hijacker 3search runtime detection - update (spyware-put.rules, Low)
12370 <-> SPYWARE-PUT Hijacker imesh mediabar runtime detection - auto update (spyware-put.rules, Low)
12658 <-> SPYWARE-PUT Adware winantivirus pro 2007 runtime detection (spyware-put.rules, Low)
12672 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - get ads (spyware-put.rules, Medium)
12673 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - collect information (spyware-put.rules, Medium)
12674 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - track activity (spyware-put.rules, Medium)
12693 <-> SPYWARE-PUT Hijacker personalweb runtime detection (spyware-put.rules, Low)
12694 <-> SPYWARE-PUT Adware avsystemcare runtime detection (spyware-put.rules, Low)
12720 <-> SPYWARE-PUT Adware pestbot runtime detection - update (spyware-put.rules, Low)
12723 <-> SPYWARE-PUT Trackware winzix 2.2.0 runtime detection (spyware-put.rules, Medium)
13242 <-> SPYWARE-PUT Adware netpumper 1.26 runtime detection (spyware-put.rules, Low)
13284 <-> SPYWARE-PUT Adware netguarder web cleaner runtime detection (spyware-put.rules, Low)
13286 <-> SPYWARE-PUT Adware 3wplayer 1.7 runtime detection (spyware-put.rules, Low)
13482 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - discloses information (spyware-put.rules, Low)
13484 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - updates automatically (spyware-put.rules, Low)
13487 <-> SPYWARE-PUT Adware elite protector runtime detection (spyware-put.rules, Low)
13488 <-> SPYWARE-PUT Hijacker people pal toolbar runtime detection - automatic upgrade (spyware-put.rules, Low)
13493 <-> SPYWARE-PUT Hijacker deepdo toolbar runtime detection - automatic update (spyware-put.rules, Low)
13495 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - initial traffic 1 (spyware-put.rules, Low)
13496 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - initial traffic 2 (spyware-put.rules, Low)
13502 <-> SPYWARE-PUT Adware contravirus runtime detection - update (spyware-put.rules, Low)
13503 <-> SPYWARE-PUT Hijacker dealio toolbar runtime detection user-agent detected (spyware-put.rules, Low)
13556 <-> SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 1 (spyware-put.rules, Low)
13564 <-> SPYWARE-PUT Adware system doctor runtime detection - update status (spyware-put.rules, Low)
13635 <-> SPYWARE-PUT Trickler downloader trojan.gen runtime detection - get malicious link (spyware-put.rules, Low)
13636 <-> SPYWARE-PUT Trickler downloader trojan.gen runtime detection - download malicious link (spyware-put.rules, Low)
13637 <-> SPYWARE-PUT Adware virus heat runtime detection - presale request (spyware-put.rules, Low)
13638 <-> SPYWARE-PUT Adware virus heat runtime detection - initial database connection (spyware-put.rules, Low)
13639 <-> SPYWARE-PUT Hijacker locmag toolbar runtime detection - connection to toolbar (spyware-put.rules, Low)
13640 <-> SPYWARE-PUT Hijacker locmag toolbar runtime detection - hijacks address bar (spyware-put.rules, Low)
13641 <-> SPYWARE-PUT Hijacker eclickz toolbar runtime detection - search traffic (spyware-put.rules, Low)
13643 <-> SPYWARE-PUT Hijacker zztoolbar runtime detection - toolbar traffic (spyware-put.rules, Low)
13644 <-> SPYWARE-PUT Hijacker zztoolbar runtime detection - search traffic (spyware-put.rules, Low)
13645 <-> SPYWARE-PUT Hijacker mxs toolbar runtime detection (spyware-put.rules, Low)
13646 <-> SPYWARE-PUT Adware registry defender runtime detection - presale request (spyware-put.rules, Low)
13647 <-> SPYWARE-PUT Adware registry defender runtime detection - error report request (spyware-put.rules, Low)
13649 <-> SPYWARE-PUT Adware spyware stop runtime detection - presale request (spyware-put.rules, Low)
13650 <-> SPYWARE-PUT Adware spyware stop runtime detection - auto updates (spyware-put.rules, Low)
13653 <-> SPYWARE-PUT Adware cashfiesta adbar runtime detection - updates traffic (spyware-put.rules, Low)
13762 <-> SPYWARE-PUT Adware system defender runtime detection (spyware-put.rules, Low)
13765 <-> SPYWARE-PUT Adware winxdefender runtime detection - presale request (spyware-put.rules, Low)
13766 <-> SPYWARE-PUT Adware winxdefender runtime detection - auto update (spyware-put.rules, Low)
13769 <-> SPYWARE-PUT Hijacker searchnine toolbar runtime detection - hijacks address bar (spyware-put.rules, Low)
13771 <-> SPYWARE-PUT Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #1 (spyware-put.rules, Low)
13776 <-> SPYWARE-PUT Trackware syscleaner runtime detection - presale traffic (spyware-put.rules, Medium)
13777 <-> SPYWARE-PUT Trackware syscleaner runtime detection - get update (spyware-put.rules, Medium)
13779 <-> SPYWARE-PUT Trackware proofile toolbar runtime detection (spyware-put.rules, Medium)
13780 <-> SPYWARE-PUT Hijacker find.fm toolbar runtime detection - automatic updates (spyware-put.rules, Low)
13781 <-> SPYWARE-PUT Hijacker find.fm toolbar runtime detection - hijacks address bar (spyware-put.rules, Low)
13782 <-> SPYWARE-PUT Hijacker ezreward runtime detection (spyware-put.rules, Low)
13808 <-> SPYWARE-PUT Adware ie antivirus runtime detection - presale request (spyware-put.rules, Low)
13809 <-> SPYWARE-PUT Adware ie antivirus runtime detection - update request (spyware-put.rules, Low)
13811 <-> SPYWARE-PUT Adware xp antivirus runtime detection (spyware-put.rules, Low)
13850 <-> SPYWARE-PUT Adware roogoo 2.0 runtime detection - popup ads (spyware-put.rules, Low)
13851 <-> SPYWARE-PUT Adware roogoo 2.0 runtime detection - upgrade (spyware-put.rules, Low)
13853 <-> SPYWARE-PUT Hijacker alot toolbar runtime detection - weather request (spyware-put.rules, Low)
13855 <-> SPYWARE-PUT Trackware speed runner runtime detection (spyware-put.rules, Medium)
13866 <-> SPYWARE-PUT Trackware adclicker-fc.gen.a runtime detection - popup ads (spyware-put.rules, Medium)
13867 <-> SPYWARE-PUT Trackware adclicker-fc.gen.a runtime detection (spyware-put.rules, Medium)
13872 <-> SPYWARE-PUT Trickler fushion 1.2.4.17 runtime detection - notice (spyware-put.rules, Low)
13873 <-> SPYWARE-PUT Trickler fushion 1.2.4.17 runtime detection - underground traffic (spyware-put.rules, Low)
13874 <-> SPYWARE-PUT Adware malware destructor 4.5 runtime detection - order request (spyware-put.rules, Low)
13875 <-> SPYWARE-PUT Adware malware destructor 4.5 runtime detection - auto update (spyware-put.rules, Low)
13930 <-> SPYWARE-PUT Trickler pc privacy cleaner runtime detection - order/register request (spyware-put.rules, Low)
13931 <-> SPYWARE-PUT Trickler pc privacy cleaner runtime detection - auto update (spyware-put.rules, Low)
13932 <-> SPYWARE-PUT Trackware rightonadz.biz adrotator runtime detection - post user info to remote server (spyware-put.rules, Medium)
13933 <-> SPYWARE-PUT Trackware rightonadz.biz adrotator runtime detection - ads (spyware-put.rules, Medium)
13934 <-> SPYWARE-PUT Hijacker mediatubecodec 1.470.0 runtime detection - hijack ie (spyware-put.rules, Low)
13935 <-> SPYWARE-PUT Hijacker mediatubecodec 1.470.0 runtime detection - download other malware (spyware-put.rules, Low)
13937 <-> SPYWARE-PUT Hijacker adware.win32.ejik.ec variant runtime detection - call home (spyware-put.rules, Low)
13940 <-> SPYWARE-PUT Hijacker win32.bho.bgf runtime detection (spyware-put.rules, Low)
14019 <-> WEB-CLIENT CyberLink PowerDVD playlist file handling stack overflow attempt (web-client.rules, High)
14020 <-> WEB-CLIENT CyberLink PowerDVD playlist file handling stack overflow attempt (web-client.rules, High)
14054 <-> SPYWARE-PUT Adware AdwareALERT runtime detection - auto update (spyware-put.rules, Low)
14055 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - hijack ie auto search (spyware-put.rules, Low)
14056 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - get news info (spyware-put.rules, Low)
14057 <-> SPYWARE-PUT Trackware murzilka2 runtime detection (spyware-put.rules, Medium)
14059 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - hijack ie home page (spyware-put.rules, Low)
14060 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - auto update (spyware-put.rules, Low)
14063 <-> SPYWARE-PUT Hijacker cashon runtime detection - hijack ie searches (spyware-put.rules, Low)
14066 <-> SPYWARE-PUT Adware winsecuredisc runtime detection (spyware-put.rules, Low)
14067 <-> SPYWARE-PUT Adware swizzor runtime detection (spyware-put.rules, Low)
14069 <-> SPYWARE-PUT Adware brave sentry runtime detection - order request (spyware-put.rules, Low)
14070 <-> SPYWARE-PUT Adware brave sentry runtime detection - self update (spyware-put.rules, Low)
14076 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - hijack search (spyware-put.rules, Low)
14077 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - redirect search results (spyware-put.rules, Low)
14078 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - download malicous code (spyware-put.rules, Low)
14079 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious sites (spyware-put.rules, Low)
14080 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious server (spyware-put.rules, Low)
15563 <-> SPYWARE-PUT RSPlug Trojan server connection attempt (spyware-put.rules, High)
16114 <-> SPYWARE-PUT Hijacker cramtoolbar runtime detection - hijack (spyware-put.rules, Low)
16117 <-> SPYWARE-PUT Trackware rightonadz.biz adrotator runtime detection - ads (spyware-put.rules, Medium)
16118 <-> SPYWARE-PUT Adware winreanimator runtime detection - register request (spyware-put.rules, Low)
16120 <-> SPYWARE-PUT Trackware 6sq toolbar runtime detection (spyware-put.rules, Medium)
16121 <-> SPYWARE-PUT Hijacker weatherstudio runtime detection (spyware-put.rules, Low)
16122 <-> SPYWARE-PUT rogue antivirus xp 2008 runtime detection - buy (spyware-put.rules, Low)
16123 <-> SPYWARE-PUT rogue antivirus xp 2008 runtime detection - update (spyware-put.rules, Low)
16124 <-> SPYWARE-PUT downloader trojan.nsis.agent.s runtime detection (spyware-put.rules, Low)
16127 <-> SPYWARE-PUT Adware superiorads runtime detection (spyware-put.rules, Low)
16129 <-> SPYWARE-PUT Keylogger kamyab Keylogger v.3 runtime detection (spyware-put.rules, Medium)
16130 <-> SPYWARE-PUT Keylogger lord spy pro 1.4 runtime detection (spyware-put.rules, Medium)
16131 <-> SPYWARE-PUT Trackware adclicker trojan zlob.dnz runtime detection - ads (spyware-put.rules, Medium)
16133 <-> SPYWARE-PUT Trackware owlforce runtime detection - remote server #2 (spyware-put.rules, Medium)
16134 <-> SPYWARE-PUT Adware spyware guard 2008 runtime detection - contacts remote server (spyware-put.rules, Low)
16135 <-> SPYWARE-PUT Adware spyware guard 2008 runtime detection - purchase page (spyware-put.rules, Low)
16139 <-> SPYWARE-PUT downloader_trojan.gen2 runtime detection - scanner page (spyware-put.rules, Low)
16493 <-> SPYWARE-PUT TT-bot botnet contact to C&C server attempt (spyware-put.rules, High)
16496 <-> SPYWARE-PUT Trojan hacktool attempt to contact server (spyware-put.rules, High)
16551 <-> SPYWARE-PUT Malware contact to server attempt (spyware-put.rules, High)