Sourcefire VRT Rules Update
Date: 2008-01-29
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version CURRENT.
The format of the file is:
sid - Message (rule group)
New rules: 13321 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX clsid access (web-client.rules) 13322 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX clsid unicode access (web-client.rules) 13323 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX function call access (web-client.rules) 13324 <-> WEB-CLIENT Microsoft Package and Deployment Wizard ActiveX function call unicode access (web-client.rules) 13325 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX clsid access (web-client.rules) 13326 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX clsid unicode access (web-client.rules) 13327 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX function call access (web-client.rules) 13328 <-> WEB-CLIENT Macrovision FLEXnet Connect ActiveX function call unicode access (web-client.rules) 13329 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX clsid access (web-client.rules) 13330 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX clsid unicode access (web-client.rules) 13331 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX function call access (web-client.rules) 13332 <-> WEB-CLIENT Toshiba Surveillance Surveillix DVR ActiveX function call unicode access (web-client.rules) 13333 <-> WEB-CLIENT HP Virtual Rooms ActiveX clsid access (web-client.rules) 13334 <-> WEB-CLIENT HP Virtual Rooms ActiveX clsid unicode access (web-client.rules) 13335 <-> WEB-CLIENT Lycos File Upload Component ActiveX clsid access (web-client.rules) 13336 <-> WEB-CLIENT Lycos File Upload Component ActiveX clsid unicode access (web-client.rules) 13337 <-> WEB-CLIENT Comodo AntiVirus ActiveX clsid access (web-client.rules) 13338 <-> WEB-CLIENT Comodo AntiVirus ActiveX clsid unicode access (web-client.rules) 13339 <-> SPYWARE-PUT Hijacker direct toolbar runtime detection (spyware-put.rules) 13340 <-> SPYWARE-PUT Hijacker search4top runtime detection - hijack ie searches and error pages (spyware-put.rules) 13341 <-> SPYWARE-PUT Hijacker search4top runtime detection - popup ads (spyware-put.rules) 13342 <-> SPYWARE-PUT Hijacker ditto toolbar runtime detection (spyware-put.rules) 13343 <-> SPYWARE-PUT Adware 2005-search loader runtime detection (spyware-put.rules) 13344 <-> SPYWARE-PUT Adware yourprivacyguard runtime detection - presale request (spyware-put.rules) 13345 <-> SPYWARE-PUT Adware yourprivacyguard runtime detection - update (spyware-put.rules) 13346 <-> SPYWARE-PUT Snoopware remote desktop inspector runtime detection - init connection (spyware-put.rules) 13347 <-> SPYWARE-PUT Snoopware remote desktop inspector runtime detection - init connection (spyware-put.rules) 13348 <-> WEB-CLIENT Move Networks Media Player ActiveX clsid access (web-client.rules) 13349 <-> WEB-CLIENT Move Networks Media Player ActiveX clsid unicode access (web-client.rules) 13350 <-> WEB-CLIENT Move Networks Media Player ActiveX function call access (web-client.rules) 13351 <-> WEB-CLIENT Move Networks Media Player ActiveX function call unicode access (web-client.rules) 13352 <-> WEB-CLIENT Lycos File Upload Component ActiveX function call access (web-client.rules) 13353 <-> WEB-CLIENT Lycos File Upload Component ActiveX function call unicode access (web-client.rules) 13354 <-> WEB-CLIENT HP Virtual Rooms ActiveX function call access (web-client.rules) 13355 <-> WEB-CLIENT HP Virtual Rooms ActiveX function call unicode access (web-client.rules) 13356 <-> SQL SAP MaxDB shell command injection attempt (sql.rules) 13357 <-> POLICY failed mysql login attempt (policy.rules) 13358 <-> POLICY mysql login attempt from unauthorized location (policy.rules) 13359 <-> POLICY failed IMAP login attempt - invalid username/password (policy.rules) 13360 <-> POLICY failed FTP login attempt (policy.rules) 13361 <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules) 13362 <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules) 13363 <-> EXPLOIT Cisco Unified Communications Manager heap overflow attempt (exploit.rules) 13364 <-> SMTP Novell GroupWise client IMG SRC buffer overflow (smtp.rules) 13365 <-> EXPLOIT Trend Micro ServerProtect TMregChange buffer overflow attempt (exploit.rules) 13366 <-> ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (oracle.rules) Updated rules: 654 <-> SMTP RCPT TO overflow (smtp.rules) 680 <-> MS-SQL/SMB sa login failed (sql.rules) 688 <-> MS-SQL sa login failed (sql.rules) 709 <-> TELNET 4Dgifts SGI account attempt (telnet.rules) 710 <-> TELNET EZsetup account attempt (telnet.rules) 711 <-> TELNET SGI telnetd format bug (telnet.rules) 803 <-> WEB-CGI HyperSeek hsx.cgi directory traversal attempt (web-cgi.rules) 817 <-> WEB-CGI dcboard.cgi invalid user addition attempt (web-cgi.rules) 829 <-> WEB-CGI nph-test-cgi access (web-cgi.rules) 833 <-> WEB-CGI rguest.exe access (web-cgi.rules) 852 <-> WEB-CGI wguest.exe access (web-cgi.rules) 1233 <-> WEB-CLIENT Outlook EML access (web-client.rules) 1252 <-> TELNET bsd telnet exploit response (telnet.rules) 1253 <-> TELNET bsd exploit client finishing (telnet.rules) 1284 <-> WEB-CLIENT readme.eml download attempt (web-client.rules) 1290 <-> WEB-CLIENT readme.eml autoload attempt (web-client.rules) 1735 <-> WEB-CLIENT XMLHttpRequest attempt (web-client.rules) 1762 <-> WEB-CGI phf arbitrary command execution attempt (web-cgi.rules) 1763 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules) 1764 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules) 1765 <-> WEB-CGI Nortel Contivity cgiproc access (web-cgi.rules) 1840 <-> WEB-CLIENT Javascript document.domain attempt (web-client.rules) 1841 <-> WEB-CLIENT Javascript URL host spoofing attempt (web-client.rules) 2003 <-> MS-SQL Worm propagation attempt (sql.rules) 2004 <-> MS-SQL Worm propagation attempt OUTBOUND (sql.rules) 2222 <-> WEB-CGI nph-exploitscanget.cgi access (web-cgi.rules) 2406 <-> TELNET APC SmartSlot default admin account attempt (telnet.rules) 2435 <-> WEB-CLIENT Microsoft emf metafile access (web-client.rules) 2436 <-> WEB-CLIENT Microsoft wmf metafile access (web-client.rules) 2437 <-> WEB-CLIENT RealPlayer arbitrary javascript command attempt (web-client.rules) 2438 <-> WEB-CLIENT RealPlayer playlist file URL overflow attempt (web-client.rules) 2439 <-> WEB-CLIENT RealPlayer playlist http URL overflow attempt (web-client.rules) 2440 <-> WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt (web-client.rules) 2485 <-> WEB-CLIENT Norton antivirus sysmspam.dll load attempt (web-client.rules) 2577 <-> WEB-CLIENT local resource redirection attempt (web-client.rules) 2589 <-> WEB-CLIENT Content-Disposition CLSID command attempt (web-client.rules) 2663 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules) 2671 <-> WEB-CLIENT bitmap BitmapOffset integer overflow attempt (web-client.rules) 2673 <-> WEB-CLIENT libpng tRNS overflow attempt (web-client.rules) 2705 <-> WEB-CLIENT JPEG parser heap overflow attempt (web-client.rules) 2706 <-> WEB-CLIENT JPEG transfer (web-client.rules) 2707 <-> WEB-CLIENT JPEG parser multipacket heap overflow (web-client.rules) 3079 <-> WEB-CLIENT Microsoft ANI file parsing overflow (web-client.rules) 3084 <-> EXPLOIT Veritas backup overflow attempt (exploit.rules) 3088 <-> WEB-CLIENT winamp .cda file name overflow attempt (web-client.rules) 3132 <-> WEB-CLIENT PNG large image width download attempt (web-client.rules) 3133 <-> WEB-CLIENT PNG large image height download attempt (web-client.rules) 3134 <-> WEB-CLIENT PNG large colour depth download attempt (web-client.rules) 3147 <-> TELNET login buffer overflow attempt (telnet.rules) 3148 <-> WEB-CLIENT winhelp clsid attempt (web-client.rules) 3149 <-> WEB-CLIENT object type overflow attempt (web-client.rules) 3192 <-> WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules) 3274 <-> TELNET login buffer non-evasive overflow attempt (telnet.rules) 3470 <-> WEB-CLIENT RealPlayer VIDORV30 header length buffer overflow (web-client.rules) 3471 <-> WEB-CLIENT iTunes playlist URL overflow attempt (web-client.rules) 3473 <-> WEB-CLIENT RealPlayer SMIL file overflow attempt (web-client.rules) 3534 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (web-client.rules) 3535 <-> WEB-CLIENT GIF transfer (web-client.rules) 3536 <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - NETSCAPE2.0 (web-client.rules) 3549 <-> WEB-CLIENT HTML DOM invalid element creation attempt (web-client.rules) 3550 <-> WEB-CLIENT HTML http scheme hostname overflow attempt (web-client.rules) 3551 <-> WEB-CLIENT .hta download attempt (web-client.rules) 3552 <-> WEB-CLIENT OLE32 MSHTA masquerade attempt (web-client.rules) 3553 <-> WEB-CLIENT HTML DOM null element insertion attempt (web-client.rules) 3632 <-> WEB-CLIENT Mozilla bitmap width integer overflow attempt (web-client.rules) 3633 <-> WEB-CLIENT bitmap transfer (web-client.rules) 3634 <-> WEB-CLIENT Mozilla bitmap width integer overflow multipacket attempt (web-client.rules) 3638 <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules) 3679 <-> WEB-CLIENT Firefox IFRAME src javascript code execution (web-client.rules) 3683 <-> WEB-CLIENT spoofed MIME-Type auto-execution attempt (web-client.rules) 3685 <-> WEB-CLIENT bitmap BitmapOffset multipacket integer overflow attempt (web-client.rules) 3686 <-> WEB-CLIENT Internet Explorer Content Advisor attempted overflow (web-client.rules) 3689 <-> WEB-CLIENT Internet Explorer tRNS overflow attempt (web-client.rules) 3814 <-> WEB-CLIENT IE javaprxy.dll COM access (web-client.rules) 3819 <-> WEB-CLIENT multipacket CHM file transfer start (web-client.rules) 3820 <-> WEB-CLIENT multipacket CHM file transfer attempt (web-client.rules) 3821 <-> WEB-CLIENT CHM file transfer attempt (web-client.rules) 4132 <-> WEB-CLIENT msdds clsid attempt (web-client.rules) 4133 <-> WEB-CLIENT devenum clsid attempt (web-client.rules) 4134 <-> WEB-CLIENT blnmgr clsid attempt (web-client.rules) 4135 <-> WEB-CLIENT IE JPEG heap overflow single packet attempt (web-client.rules) 4136 <-> WEB-CLIENT IE JPEG heap overflow multipacket attempt (web-client.rules) 4145 <-> WEB-CLIENT Windows Trouble Shooter ActiveX Object Access (web-client.rules) 4146 <-> WEB-CLIENT Share Point Portal Services Log Sink ActiveX Object Access (web-client.rules) 4147 <-> WEB-CLIENT ActiveLabel ActiveX Object Access (web-client.rules) 4148 <-> WEB-CLIENT DHTML Editing ActiveX Object Access (web-client.rules) 4151 <-> WEB-CLIENT System Monitor Source Properties ActiveX Object Access (web-client.rules) 4152 <-> WEB-CLIENT Windows Media Player 6.4 ActiveX Object Access (web-client.rules) 4153 <-> WEB-CLIENT Eyedog ActiveX Object Access (web-client.rules) 4154 <-> WEB-CLIENT Active Setup ActiveX Object Access (web-client.rules) 4155 <-> WEB-CLIENT htmlfile ActiveX Object Access (web-client.rules) 4156 <-> WEB-CLIENT Windows Media Player 7+ ActiveX Object Access (web-client.rules) 4157 <-> WEB-CLIENT MSN Setup BBS 4.71.0.10 ActiveX Object Access (web-client.rules) 4158 <-> WEB-CLIENT Windows Media Player Active Movie ActiveX Object Access (web-client.rules) 4159 <-> WEB-CLIENT Multimedia File Property Sheet ActiveX Object Access (web-client.rules) 4160 <-> WEB-CLIENT Microsoft Windows Reporting Tool ActiveX Object Access (web-client.rules) 4161 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules) 4162 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules) 4163 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules) 4164 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules) 4165 <-> WEB-CLIENT Image Control 1.0 ActiveX Object Access (web-client.rules) 4166 <-> WEB-CLIENT Shell.Explorer ActiveX Object Access (web-client.rules) 4168 <-> WEB-CLIENT Shell Automation Service ActiveX Object Access (web-client.rules) 4169 <-> WEB-CLIENT Internet Explorer Active Setup ActiveX Object Access (web-client.rules) 4170 <-> WEB-CLIENT Office 2000/2002 Web Components Data Source Control ActiveX Object Access (web-client.rules) 4171 <-> WEB-CLIENT Registration Wizard ActiveX Object Access (web-client.rules) 4172 <-> WEB-CLIENT Microsoft Agent v1.5 ActiveX clsid access (web-client.rules) 4173 <-> WEB-CLIENT MsnPUpld ActiveX Object Access (web-client.rules) 4174 <-> WEB-CLIENT Symantec RuFSI registry Information Class ActiveX Object Access (web-client.rules) 4175 <-> WEB-CLIENT Office 2000/2002 Web Components PivotTable ActiveX Object Access (web-client.rules) 4176 <-> WEB-CLIENT Office 2000 and 2002 Web Components Chart ActiveX Object Access (web-client.rules) 4177 <-> WEB-CLIENT Office 2000 and 2002 Web Components Spreadsheet ActiveX Object Access (web-client.rules) 4178 <-> WEB-CLIENT Office 2000 and 2002 Web Components Record Navigation Control ActiveX Object Access (web-client.rules) 4179 <-> WEB-CLIENT DirectX Files Viewer ActiveX Object Access (web-client.rules) 4180 <-> WEB-CLIENT Kodak Image Scan ActiveX Object Access (web-client.rules) 4181 <-> WEB-CLIENT Smartcard Enrollment ActiveX Object Access (web-client.rules) 4182 <-> WEB-CLIENT MSN Chat v4.5, 4.6 ActiveX Object Access (web-client.rules) 4183 <-> WEB-CLIENT HTML Help ActiveX Object Access (web-client.rules) 4184 <-> WEB-CLIENT Certificate Enrollment ActiveX Object Access (web-client.rules) 4185 <-> WEB-CLIENT Terminal Services Advanced Client ActiveX Object Access (web-client.rules) 4186 <-> WEB-CLIENT Kodak Image Editing ActiveX Object Access (web-client.rules) 4187 <-> WEB-CLIENT Terminal Services Advanced Client ActiveX Object Access (web-client.rules) 4188 <-> WEB-CLIENT RAV Online Scanner ActiveX Object Access (web-client.rules) 4189 <-> WEB-CLIENT Third-Party Plugin ActiveX Object Access (web-client.rules) 4190 <-> WEB-CLIENT Kodak Thumbnail Image ActiveX Object Access (web-client.rules) 4191 <-> WEB-CLIENT MsnPUpld ActiveX Object Access (web-client.rules) 4192 <-> WEB-CLIENT HHOpen ActiveX Object Access (web-client.rules) 4193 <-> WEB-CLIENT Kodak Image Editing ActiveX Object Access (web-client.rules) 4194 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer start (web-client.rules) 4195 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer attempt (web-client.rules) 4196 <-> WEB-CLIENT CBO CBL CBM file transfer attempt (web-client.rules) 4197 <-> WEB-CLIENT DigWebX MSN ActiveX Object Access (web-client.rules) 4198 <-> WEB-CLIENT Internet Explorer Blnmgrps.dll ActiveX Object Access (web-client.rules) 4199 <-> WEB-CLIENT Internet Explorer Blnmgrps.dll ActiveX Object Access (web-client.rules) 4200 <-> WEB-CLIENT Index Server Scope Administration ActiveX Object Access (web-client.rules) 4201 <-> WEB-CLIENT Queued Components Recorder ActiveX Object Access (web-client.rules) 4202 <-> WEB-CLIENT DirectAnimation ActiveX Object Access (web-client.rules) 4203 <-> WEB-CLIENT Microsoft Marquee Control ActiveX Object Access (web-client.rules) 4204 <-> WEB-CLIENT Microsoft DT PolyLine Control 2 ActiveX Object Access (web-client.rules) 4205 <-> WEB-CLIENT Microsoft Visual Database Tools Database Designer v7.0 ActiveX Object Access (web-client.rules) 4206 <-> WEB-CLIENT Microsoft MPEG-4 Video Decompressor Property Page ActiveX Object Access (web-client.rules) 4207 <-> WEB-CLIENT Microsoft MS Audio Decompressor Control Property Page ActiveX Object Access (web-client.rules) 4208 <-> WEB-CLIENT LexRefStEsObject Class ActiveX Object Access (web-client.rules) 4209 <-> WEB-CLIENT LexRefStFrObject Class ActiveX Object Access (web-client.rules) 4210 <-> WEB-CLIENT Internet Explorer Msb1geen.dll ActiveX Object Access (web-client.rules) 4211 <-> WEB-CLIENT Microsoft DDS Library Shape Control ActiveX Object Access (web-client.rules) 4212 <-> WEB-CLIENT Microsoft DDS Generic Class ActiveX Object Access (web-client.rules) 4213 <-> WEB-CLIENT Microsoft DDS Picture Shape Control ActiveX Object Access (web-client.rules) 4214 <-> WEB-CLIENT Microsoft TipGW Init ActiveX Object Access (web-client.rules) 4215 <-> WEB-CLIENT Microsoft HTML Popup Window ActiveX Object Access (web-client.rules) 4216 <-> WEB-CLIENT CLSID_CComAcctImport ActiveX Object Access (web-client.rules) 4217 <-> WEB-CLIENT Microsoft Office Services on the Web Free/Busy ActiveX Object Access (web-client.rules) 4218 <-> WEB-CLIENT Microsoft Visual Basic WebClass ActiveX Object Access (web-client.rules) 4219 <-> WEB-CLIENT Microsoft Network Connections Tray ActiveX Object Access (web-client.rules) 4220 <-> WEB-CLIENT Microsoft Network and Dial-Up Connections ActiveX Object Access (web-client.rules) 4221 <-> WEB-CLIENT Microsoft ProxyStub Dispatch ActiveX Object Access (web-client.rules) 4222 <-> WEB-CLIENT Internet Explorer Outllib.dll ActiveX Object Access (web-client.rules) 4223 <-> WEB-CLIENT Microsoft OpenCable Class ActiveX Object Access (web-client.rules) 4224 <-> WEB-CLIENT Microsoft VideoPort ActiveX Object Access (web-client.rules) 4225 <-> WEB-CLIENT Microsoft Repository ActiveX Object Access (web-client.rules) 4226 <-> WEB-CLIENT Microsoft DocHost User Interface Handler ActiveX Object Access (web-client.rules) 4227 <-> WEB-CLIENT Microsoft Network Connections ActiveX Object Access (web-client.rules) 4228 <-> WEB-CLIENT Microsoft Windows Start Menu ActiveX Object Access (web-client.rules) 4229 <-> WEB-CLIENT MSAPP Export Support for Microsoft Access ActiveX Object Access (web-client.rules) 4230 <-> WEB-CLIENT Search Assistant UI ActiveX Object Access (web-client.rules) 4231 <-> WEB-CLIENT Microsoft SysTray ActiveX Object Access (web-client.rules) 4232 <-> WEB-CLIENT Microsoft SysTray Invoker ActiveX Object Access (web-client.rules) 4233 <-> WEB-CLIENT Microsoft Visual Database Tools Query Designer v7.0 ActiveX Object Access (web-client.rules) 4234 <-> WEB-CLIENT Microsoft MSVTDGridCtrl7 ActiveX Object Access (web-client.rules) 4235 <-> WEB-CLIENT Helper Object for Java ActiveX Object Access (web-client.rules) 4236 <-> WEB-CLIENT WMI ASDI Extension ActiveX Object Access (web-client.rules) 4643 <-> WEB-CLIENT malformed windows shortcut file buffer overflow attempt (web-client.rules) 4644 <-> WEB-CLIENT malformed windows shortcut file with comment buffer overflow attempt (web-client.rules) 4647 <-> WEB-CLIENT internet explorer javascript onload overflow attempt (web-client.rules) 4648 <-> WEB-CLIENT wang image admin activex object access (web-client.rules) 4675 <-> WEB-CLIENT Macromedia swf DOACTION tag overflow attempt (web-client.rules) 4678 <-> WEB-CLIENT quicktime movie file transfer (web-client.rules) 4679 <-> WEB-CLIENT quicktime movie file component name integer overflow multipacket attempt (web-client.rules) 4680 <-> WEB-CLIENT quicktime movie file component name integer overflow attempt (web-client.rules) 4890 <-> WEB-CLIENT IAVIStream & IAVIFile Proxy ActiveX Object Access (web-client.rules) 4891 <-> WEB-CLIENT cfw Class ActiveX Object Access (web-client.rules) 4892 <-> WEB-CLIENT MTSEvents Class ActiveX Object Access (web-client.rules) 4893 <-> WEB-CLIENT Trident HTMLEditor ActiveX Object Access (web-client.rules) 4894 <-> WEB-CLIENT PSEnumVariant ActiveX Object Access (web-client.rules) 4895 <-> WEB-CLIENT PSTypeInfo ActiveX Object Access (web-client.rules) 4896 <-> WEB-CLIENT PSTypeLib ActiveX Object Access (web-client.rules) 4897 <-> WEB-CLIENT PSOAInterface ActiveX Object Access (web-client.rules) 4898 <-> WEB-CLIENT PSTypeComp ActiveX Object Access (web-client.rules) 4899 <-> WEB-CLIENT ISupportErrorInfo Interface ActiveX Object Access (web-client.rules) 4900 <-> WEB-CLIENT Outlook Progress Ctl ActiveX Object Access (web-client.rules) 4901 <-> WEB-CLIENT VMR Allocator Presenter 9 ActiveX Object Access (web-client.rules) 4902 <-> WEB-CLIENT Video Mixing Renderer 9 ActiveX Object Access (web-client.rules) 4903 <-> WEB-CLIENT VMR ImageSync 9 ActiveX Object Access (web-client.rules) 4904 <-> WEB-CLIENT Microsoft Repository Alias ActiveX Object Access (web-client.rules) 4905 <-> WEB-CLIENT Microsoft Repository Object ActiveX Object Access (web-client.rules) 4906 <-> WEB-CLIENT Microsoft Repository Interface Definition ActiveX Object Access (web-client.rules) 4907 <-> WEB-CLIENT Microsoft Repository Collection Definition ActiveX Object Access (web-client.rules) 4908 <-> WEB-CLIENT Microsoft Repository Method Definition ActiveX Object Access (web-client.rules) 4909 <-> WEB-CLIENT Microsoft Repository Property Definition ActiveX Object Access (web-client.rules) 4910 <-> WEB-CLIENT Microsoft Repository Relationship Definition ActiveX Object Access (web-client.rules) 4911 <-> WEB-CLIENT Microsoft Repository Type Library ActiveX Object Access (web-client.rules) 4912 <-> WEB-CLIENT Microsoft Repository Root ActiveX Object Access (web-client.rules) 4913 <-> WEB-CLIENT Microsoft Repository Workspace ActiveX Object Access (web-client.rules) 4914 <-> WEB-CLIENT Microsoft Repository Script Definition ActiveX Object Access (web-client.rules) 4915 <-> WEB-CLIENT Shortcut Handler ActiveX Object Access (web-client.rules) 4916 <-> WEB-CLIENT internet explorer javascript onload document.write obfuscation overflow attempt (web-client.rules) 4917 <-> WEB-CLIENT internet explorer javascript onload prompt obfuscation overflow attempt (web-client.rules) 4982 <-> WEB-CLIENT Adodb.Stream ActiveX Object Access (web-client.rules) 4983 <-> WEB-CLIENT Adodb.Stream ActiveX Object Access CreateObject Function (web-client.rules) 4989 <-> MS-SQL heap-based overflow attempt (sql.rules) 4990 <-> MS-SQL heap-based overflow attempt (sql.rules) 5318 <-> WEB-CLIENT wmf file arbitrary code execution attempt (web-client.rules) 5319 <-> WEB-CLIENT Metasploit Windows picture and fax viewer wmf arbitrary code execution attempt (web-client.rules) 5710 <-> WEB-CLIENT Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (web-client.rules) 5711 <-> WEB-CLIENT Windows Media Player zero length bitmap heap overflow attempt (web-client.rules) 5712 <-> WEB-CLIENT Windows Media Player invalid data offset bitmap heap overflow attempt (web-client.rules) 5713 <-> WEB-CLIENT Windows Metafile invalid header size integer overflow (web-client.rules) 5740 <-> WEB-CLIENT Microsoft HTML help workshop file .hhp download attempt (web-client.rules) 5741 <-> WEB-CLIENT Microsoft HTML help workshop buffer overflow attempt (web-client.rules) 5782 <-> SPYWARE-PUT Keylogger runtime detection - hwae word filtered echelon log (spyware-put.rules) 5783 <-> SPYWARE-PUT Keylogger runtime detection - hwae keystrokes log (spyware-put.rules) 5784 <-> SPYWARE-PUT Keylogger runtime detection - hwae urls browsed log (spyware-put.rules) 5785 <-> SPYWARE-PUT Adware hithopper runtime detection - get xml setting (spyware-put.rules) 5786 <-> SPYWARE-PUT Adware hithopper runtime detection - redirect (spyware-put.rules) 5787 <-> SPYWARE-PUT Adware hithopper runtime detection - search (spyware-put.rules) 5788 <-> SPYWARE-PUT Adware hithopper runtime detection - click toolbar buttons (spyware-put.rules) 5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules) 5790 <-> SPYWARE-PUT Keylogger pc actmon pro runtime detection - smtp (spyware-put.rules) 5791 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - get pin (spyware-put.rules) 5792 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - active proxy (spyware-put.rules) 5793 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - redirect (spyware-put.rules) 5794 <-> SPYWARE-PUT Hijacker coolwebsearch.aboutblank variant runtime detection (spyware-put.rules) 5795 <-> SPYWARE-PUT Adware ist powerscan runtime detection (spyware-put.rules) 5796 <-> SPYWARE-PUT Adware keenvalue runtime detection (spyware-put.rules) 5797 <-> SPYWARE-PUT Hacker-Tool kontiki runtime detection (spyware-put.rules) 5798 <-> SPYWARE-PUT Adware mydailyhoroscope runtime detection (spyware-put.rules) 5799 <-> SPYWARE-PUT mydailyhoroscope update or installation in progress (spyware-put.rules) 5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules) 5801 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (spyware-put.rules) 5802 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 2 (spyware-put.rules) 5803 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (spyware-put.rules) 5805 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - switch engines (spyware-put.rules) 5807 <-> SPYWARE-PUT Hijacker shopathomeselect runtime detection (spyware-put.rules) 5808 <-> SPYWARE-PUT Hijacker shop at home search merchant redirect check (spyware-put.rules) 5809 <-> SPYWARE-PUT Hijacker shop at home select merchant redirect in progress (spyware-put.rules) 5810 <-> SPYWARE-PUT Hijacker shop at home select installation in progress (spyware-put.rules) 5811 <-> SPYWARE-PUT shop at home select installation in progress - clsid detected (spyware-put.rules) 5812 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - email notification (spyware-put.rules) 5813 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (spyware-put.rules) 5814 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (spyware-put.rules) 5815 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory redirection (spyware-put.rules) 5816 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory redirection (spyware-put.rules) 5817 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules) 5818 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules) 5819 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules) 5820 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (spyware-put.rules) 5821 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (spyware-put.rules) 5822 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules) 5823 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules) 5824 <-> SPYWARE-PUT Dialer stripplayer runtime detection (spyware-put.rules) 5825 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - start tuner (spyware-put.rules) 5826 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - pass user info to server (spyware-put.rules) 5827 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - get gateway (spyware-put.rules) 5828 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - connect to station (spyware-put.rules) 5829 <-> SPYWARE-PUT Trickler clipgenie runtime detection (spyware-put.rules) 5830 <-> SPYWARE-PUT Hijacker comet systems runtime detection - track activity (spyware-put.rules) 5831 <-> SPYWARE-PUT Hijacker comet systems runtime detection - update requests (spyware-put.rules) 5832 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 1 (spyware-put.rules) 5833 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 2 (spyware-put.rules) 5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules) 5835 <-> SPYWARE-PUT Adware gamespy_arcade runtime detection (spyware-put.rules) 5836 <-> SPYWARE-PUT Trickler nictech.bm2 runtime detection (spyware-put.rules) 5837 <-> SPYWARE-PUT Trackware ucmore runtime detection - track activity (spyware-put.rules) 5838 <-> SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (spyware-put.rules) 5839 <-> SPYWARE-PUT Trackware ucmore runtime detection - click sponsor/ad link (spyware-put.rules) 5840 <-> SPYWARE-PUT Hijacker sep runtime detection (spyware-put.rules) 5841 <-> SPYWARE-PUT Trickler minibug runtime detection - retrieve weather information (spyware-put.rules) 5842 <-> SPYWARE-PUT Trickler minibug runtime detection - ads (spyware-put.rules) 5843 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - hijack ie auto search (spyware-put.rules) 5844 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - post request (spyware-put.rules) 5845 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - update request (spyware-put.rules) 5846 <-> SPYWARE-PUT Trickler VX2/DLmax/BestOffers/Aurora runtime detection (spyware-put.rules) 5847 <-> SPYWARE-PUT Adware warez_p2p runtime detection - p2p client home (spyware-put.rules) 5848 <-> SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (spyware-put.rules) 5849 <-> SPYWARE-PUT Adware warez_p2p runtime detection - update request (spyware-put.rules) 5850 <-> SPYWARE-PUT Adware warez_p2p runtime detection - check update (spyware-put.rules) 5851 <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules) 5852 <-> SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (spyware-put.rules) 5853 <-> SPYWARE-PUT Adware warez_p2p runtime detection - download ads (spyware-put.rules) 5854 <-> SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (spyware-put.rules) 5855 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - request config (spyware-put.rules) 5857 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - mysaconfg request (spyware-put.rules) 5858 <-> SPYWARE-PUT Adware praizetoolbar runtime detection (spyware-put.rules) 5859 <-> SPYWARE-PUT Hijacker daosearch runtime detection - information request (spyware-put.rules) 5860 <-> SPYWARE-PUT Hijacker daosearch runtime detection - search hijack (spyware-put.rules) 5861 <-> SPYWARE-PUT Hijacker isearch runtime detection - toolbar information request (spyware-put.rules) 5862 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 1 (spyware-put.rules) 5863 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 2 (spyware-put.rules) 5864 <-> SPYWARE-PUT Hijacker isearch runtime detection - search in toolbar (spyware-put.rules) 5865 <-> SPYWARE-PUT Adware zapspot runtime detection - pop up ads (spyware-put.rules) 5866 <-> SPYWARE-PUT Hijacker couponbar runtime detection - download new coupon offers and links (spyware-put.rules) 5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules) 5868 <-> SPYWARE-PUT Hijacker couponbar runtime detection - view coupon offers (spyware-put.rules) 5871 <-> SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - post information (spyware-put.rules) 5872 <-> SPYWARE-PUT Snoopware hyperlinker runtime detection (spyware-put.rules) 5873 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules) 5874 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules) 5875 <-> SPYWARE-PUT Hacker-Tool eraser runtime detection - detonate (spyware-put.rules) 5876 <-> SPYWARE-PUT Hacker-Tool eraser runtime detection - disinfect (spyware-put.rules) 5877 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - startup access (spyware-put.rules) 5878 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - configuration retrieval (spyware-put.rules) 5879 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - update notification (spyware-put.rules) 5880 <-> SPYWARE-PUT Keylogger spyagent runtime detect - smtp delivery (spyware-put.rules) 5881 <-> SPYWARE-PUT Keylogger spyagent runtime detect - ftp delivery (spyware-put.rules) 5882 <-> SPYWARE-PUT Keylogger spyagent runtime detect - alert notification (spyware-put.rules) 5883 <-> SPYWARE-PUT Other-Technologies saria 1.0 runtime detection - send user information (spyware-put.rules) 5884 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - check toolbar & category info (spyware-put.rules) 5885 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - ie autosearch & search assistant hijack (spyware-put.rules) 5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules) 5887 <-> SPYWARE-PUT Hijacker shopnav runtime detection - ie search assistant hijack (spyware-put.rules) 5888 <-> SPYWARE-PUT Hijacker shopnav runtime detection - ie auto search hijack (spyware-put.rules) 5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules) 5890 <-> SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 1 (spyware-put.rules) 5891 <-> SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 2 (spyware-put.rules) 5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules) 5893 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - search keyword (spyware-put.rules) 5894 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - smb (spyware-put.rules) 5895 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - tcp port 407 (spyware-put.rules) 5896 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - tcp port 407 (spyware-put.rules) 5897 <-> SPYWARE-PUT Hacker-Tool timbuktu pro runtime detection - udp port 407 (spyware-put.rules) 5898 <-> SPYWARE-PUT Trackware adtools runtime etection - track user activity (spyware-put.rules) 5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime etection - generate desktop alert (spyware-put.rules) 5900 <-> SPYWARE-PUT Trackware adtools-communicator runtime etection - collect information (spyware-put.rules) 5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime etection - download self-update (spyware-put.rules) 5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules) 5903 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - get ads (spyware-put.rules) 5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules) 5905 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - games center request (spyware-put.rules) 5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules) 5907 <-> SPYWARE-PUT Trackware e2give runtime detection - check update (spyware-put.rules) 5908 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 1 (spyware-put.rules) 5909 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 2 (spyware-put.rules) 5910 <-> SPYWARE-PUT Trackware casalemedia runtime detection (spyware-put.rules) 5911 <-> SPYWARE-PUT Adware smartpops runtime detection (spyware-put.rules) 5913 <-> SPYWARE-PUT Trickler smasoft webdownloader runtime detection (spyware-put.rules) 5914 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - configuration download (spyware-put.rules) 5915 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - autosearch hijack (spyware-put.rules) 5916 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - sidebar search (spyware-put.rules) 5917 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - toolbar search (spyware-put.rules) 5918 <-> SPYWARE-PUT Hijacker painter runtime detection - ping 'alive' signal (spyware-put.rules) 5919 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect to klikvipsearch (spyware-put.rules) 5920 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect yahoo search through online-casino-searcher (spyware-put.rules) 5921 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - send user url request (spyware-put.rules) 5922 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - display advertisement news (spyware-put.rules) 5923 <-> SPYWARE-PUT Adware active shopper runtime detection - side search request (spyware-put.rules) 5924 <-> SPYWARE-PUT Adware active shopper runtime detection - redirect (spyware-put.rules) 5925 <-> SPYWARE-PUT Adware active shopper runtime detection - check (spyware-put.rules) 5926 <-> SPYWARE-PUT Adware active shopper runtime detection - collect information (spyware-put.rules) 5927 <-> SPYWARE-PUT Adware cashbar runtime detection - .smx requests (spyware-put.rules) 5928 <-> SPYWARE-PUT Adware cashbar runtime detection - ads request (spyware-put.rules) 5929 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 1 (spyware-put.rules) 5930 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 2 (spyware-put.rules) 5932 <-> SPYWARE-PUT Adware cashbar runtime detection - stats track (spyware-put.rules) 5933 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 1 (spyware-put.rules) 5934 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 2 (spyware-put.rules) 5935 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 3 (spyware-put.rules) 5936 <-> SPYWARE-PUT Hijacker dropspam runtime detection - side search (spyware-put.rules) 5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules) 5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules) 5939 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - get cfg (spyware-put.rules) 5940 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - search request (spyware-put.rules) 5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules) 5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules) 5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules) 5944 <-> SPYWARE-PUT Adware free access bar runtime detection 1 (spyware-put.rules) 5945 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - track.cgi request (spyware-put.rules) 5946 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - monitor user web activity (spyware-put.rules) 5947 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - log url (spyware-put.rules) 5948 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (spyware-put.rules) 5949 <-> SPYWARE-PUT Trackware iggsey toolbar detection - simpleticker.htm request (spyware-put.rules) 5950 <-> SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (spyware-put.rules) 5951 <-> SPYWARE-PUT Trackware iggsey toolbar detection - search request (spyware-put.rules) 5952 <-> SPYWARE-PUT Hijacker 123mania runtime detection - autosearch hijacking (spyware-put.rules) 5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules) 5954 <-> SPYWARE-PUT Trackware browserpal runtime detection - post user info to server (spyware-put.rules) 5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules) 5956 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 icq notification of server installation (spyware-put.rules) 5957 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 runtime detection (spyware-put.rules) 5958 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 runtime detection - init connection with password requirement (spyware-put.rules) 5959 <-> SPYWARE-PUT Hijacker raxsearch detection - send search keywords to raxsearch (spyware-put.rules) 5960 <-> SPYWARE-PUT Hijacker raxsearch detection - pop-up raxsearch window (spyware-put.rules) 5961 <-> SPYWARE-PUT Hijacker searchfast detection - news ticker (spyware-put.rules) 5962 <-> SPYWARE-PUT Hijacker searchfast detection - catch search keyword (spyware-put.rules) 5963 <-> SPYWARE-PUT Hijacker searchfast detection - search request (spyware-put.rules) 5964 <-> SPYWARE-PUT Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (spyware-put.rules) 5965 <-> SPYWARE-PUT Hijacker searchfast detection - get toolbar cfg (spyware-put.rules) 5966 <-> SPYWARE-PUT trackware searchinweb detection - search request (spyware-put.rules) 5967 <-> SPYWARE-PUT trackware searchinweb detection - click result links (spyware-put.rules) 5968 <-> SPYWARE-PUT trackware searchinweb detection - redirect (spyware-put.rules) 5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules) 5970 <-> SPYWARE-PUT hijacker smart finder detection - keys update (spyware-put.rules) 5971 <-> SPYWARE-PUT hijacker smart finder detection - track hits (spyware-put.rules) 5972 <-> SPYWARE-PUT hijacker smart finder detection - ie autosearch hijack 1 (spyware-put.rules) 5973 <-> SPYWARE-PUT hijacker smart finder detection - search engines hijack (spyware-put.rules) 5974 <-> SPYWARE-PUT hijacker smart finder detection - pop-up ads (spyware-put.rules) 5975 <-> SPYWARE-PUT hijacker topfive searchassistant detection - search request (spyware-put.rules) 5976 <-> SPYWARE-PUT hijacker topfive searchassistant detection - side search (spyware-put.rules) 5977 <-> SPYWARE-PUT hijacker topfive searchassistant detection - post user information to server (spyware-put.rules) 5978 <-> SPYWARE-PUT hijacker topfive searchassistant detection - update (spyware-put.rules) 5979 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - track user ip address (spyware-put.rules) 5980 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - display advertisement (spyware-put.rules) 5981 <-> SPYWARE-PUT Hijacker seeqtoolbar runtime detection - autosearch hijack or search in toolbar (spyware-put.rules) 5982 <-> SPYWARE-PUT Hijacker seeqtoolbar runtime detection - email login page (spyware-put.rules) 5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules) 5984 <-> SPYWARE-PUT Trackware push toolbar installtime detection - user information collect (spyware-put.rules) 5985 <-> SPYWARE-PUT Trackware push toolbar runtime detection - toolbar information request (spyware-put.rules) 5986 <-> SPYWARE-PUT Trickler teomasearchbar runtime detection (spyware-put.rules) 5987 <-> SPYWARE-PUT Hijacker wishbone runtime detection (spyware-put.rules) 5988 <-> SPYWARE-PUT Trackware windupdates-mediagateway runtime detection - post data (spyware-put.rules) 5989 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get config (spyware-put.rules) 5990 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (spyware-put.rules) 5991 <-> SPYWARE-PUT Hijacker getmirar runtime detection - search request (spyware-put.rules) 5992 <-> SPYWARE-PUT Hijacker getmirar runtime detection - get keyword-related content (spyware-put.rules) 5993 <-> SPYWARE-PUT Hijacker getmirar runtime detection - track activity (spyware-put.rules) 5994 <-> SPYWARE-PUT Hijacker getmirar runtime detection - click related button (spyware-put.rules) 5995 <-> SPYWARE-PUT Adware offeragent runtime detection - information checking (spyware-put.rules) 5996 <-> SPYWARE-PUT Adware offeragent runtime detection - ads request (spyware-put.rules) 6002 <-> WEB-CLIENT Microsoft DT DDS Rectilinear GDD Layout ActiveX Object Access (web-client.rules) 6003 <-> WEB-CLIENT Microsoft DT DDS Rectilinear GDD Route ActiveX Object Access (web-client.rules) 6004 <-> WEB-CLIENT Microsoft DT DDS Circular Auto Layout Logic 2 ActiveX Object Access (web-client.rules) 6005 <-> WEB-CLIENT Microsoft DT DDS Straight Line Routing Logic 2 ActiveX Object Access (web-client.rules) 6006 <-> WEB-CLIENT Microsoft DT Icon Control ActiveX Object Access (web-client.rules) 6007 <-> WEB-CLIENT Microsoft DT DDS OrgChart GDD Layout ActiveX Object Access (web-client.rules) 6008 <-> WEB-CLIENT Microsoft DT DDS OrgChart GDD Route ActiveX Object Access (web-client.rules) 6009 <-> WEB-CLIENT RDS.Dataspace ActiveX Object Access (web-client.rules) 6183 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - tracked event URL (spyware-put.rules) 6184 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - config upload (spyware-put.rules) 6185 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - reporting keyword (spyware-put.rules) 6186 <-> SPYWARE-PUT Other-Technologies SpywareStrike Runtime Detection (spyware-put.rules) 6187 <-> SPYWARE-PUT Adware ISTBar runtime detection - scripts (spyware-put.rules) 6188 <-> SPYWARE-PUT Adware ISTBar runtime detection - bar (spyware-put.rules) 6189 <-> SPYWARE-PUT Trackware try2find detection (spyware-put.rules) 6190 <-> SPYWARE-PUT Keylogger eblaster 5.0 runtime detection (spyware-put.rules) 6191 <-> SPYWARE-PUT Trackware onetoolbar runtime detection (spyware-put.rules) 6192 <-> SPYWARE-PUT Adware seekmo runtime detection - reporting keyword (spyware-put.rules) 6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules) 6194 <-> SPYWARE-PUT Adware seekmo runtime detection - config upload (spyware-put.rules) 6195 <-> SPYWARE-PUT Adware seekmo runtime detection - download .cab (spyware-put.rules) 6196 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - services requests (spyware-put.rules) 6197 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (spyware-put.rules) 6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules) 6199 <-> SPYWARE-PUT Hijacker smart search runtime detection - hijack/ads (spyware-put.rules) 6200 <-> SPYWARE-PUT Hijacker smart search runtime detection - get settings (spyware-put.rules) 6201 <-> SPYWARE-PUT Adware twaintec runtime detection (spyware-put.rules) 6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules) 6203 <-> SPYWARE-PUT Trickler farmmext runtime detection - drk.syn request (spyware-put.rules) 6204 <-> SPYWARE-PUT Trickler farmmext runtime detection - track activity (spyware-put.rules) 6205 <-> SPYWARE-PUT Hacker-Tool freak 88 das runtime detection (spyware-put.rules) 6206 <-> SPYWARE-PUT Hacker-Tool sin stealer 1.1 runtime detection (spyware-put.rules) 6207 <-> SPYWARE-PUT Keylogger winsession runtime detection - smtp (spyware-put.rules) 6208 <-> SPYWARE-PUT Keylogger winsession runtime detection - ftp (spyware-put.rules) 6209 <-> SPYWARE-PUT Adware deskwizz/zquest runtime detection - get config information / ad banner (spyware-put.rules) 6211 <-> SPYWARE-PUT Adware deskwizz runtime detection - pop-up ad request (spyware-put.rules) 6212 <-> SPYWARE-PUT Adware commonname runtime detection (spyware-put.rules) 6213 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (spyware-put.rules) 6214 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - search (spyware-put.rules) 6215 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - track (spyware-put.rules) 6216 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - config (spyware-put.rules) 6217 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 1 (spyware-put.rules) 6218 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 2 (spyware-put.rules) 6219 <-> SPYWARE-PUT Adware bonzibuddy runtime detection (spyware-put.rules) 6220 <-> SPYWARE-PUT Keylogger boss everyware runtime detection (spyware-put.rules) 6221 <-> SPYWARE-PUT Keylogger computerspy runtime detection (spyware-put.rules) 6222 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - contact server (spyware-put.rules) 6223 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - retrieve schedule (spyware-put.rules) 6224 <-> SPYWARE-PUT Hijacker ieplugin runtime detection - search (spyware-put.rules) 6225 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - getsize request (spyware-put.rules) 6226 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - request (spyware-put.rules) 6227 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - bullseye network side search frame (spyware-put.rules) 6228 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - disclaimer text (spyware-put.rules) 6230 <-> SPYWARE-PUT Hijacker i-lookup runtime detection (spyware-put.rules) 6232 <-> SPYWARE-PUT Adware mirar runtime detection - thumbnail (spyware-put.rules) 6233 <-> SPYWARE-PUT Adware mirar runtime detection - delayed (spyware-put.rules) 6234 <-> SPYWARE-PUT Adware mirar runtime detection - ads (spyware-put.rules) 6236 <-> SPYWARE-PUT Adware lop runtime detection - pass info to server (spyware-put.rules) 6237 <-> SPYWARE-PUT Adware lop runtime detection - check update request (spyware-put.rules) 6238 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 1 (spyware-put.rules) 6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules) 6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules) 6241 <-> SPYWARE-PUT Adware lop runtime detection - ie autosearch hijack (spyware-put.rules) 6242 <-> SPYWARE-PUT Hijacker coolwebsearch.cameup runtime detection (spyware-put.rules) 6243 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - home page hijack (spyware-put.rules) 6244 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - ie auto search hijack (spyware-put.rules) 6245 <-> SPYWARE-PUT Hijacker coolwebsearch startpage runtime detection (spyware-put.rules) 6246 <-> SPYWARE-PUT Hijacker exact navisearch runtime detection - search hijack (spyware-put.rules) 6247 <-> SPYWARE-PUT Adware ezula toptext runtime detection - help redirect (spyware-put.rules) 6248 <-> SPYWARE-PUT Adware ezula toptext runtime detection - popup (spyware-put.rules) 6249 <-> SPYWARE-PUT Adware ezula toptext runtime detection - redirect (spyware-put.rules) 6250 <-> SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (spyware-put.rules) 6251 <-> SPYWARE-PUT Adware hotbar runtime detection - hostie user-agent (spyware-put.rules) 6252 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - search request (spyware-put.rules) 6253 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - log user ativity (spyware-put.rules) 6254 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - redirect (spyware-put.rules) 6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules) 6256 <-> SPYWARE-PUT Adware searchsquire installtime/auto-update (spyware-put.rules) 6257 <-> SPYWARE-PUT Adware searchsquire runtime detection - testgeonew query (spyware-put.rules) 6258 <-> SPYWARE-PUT Adware searchsquire runtime detection - get engine file (spyware-put.rules) 6259 <-> SPYWARE-PUT Adware searchsquire runtime detection - search forward (spyware-put.rules) 6260 <-> SPYWARE-PUT Adware overpro runtime detection (spyware-put.rules) 6261 <-> SPYWARE-PUT Trickler slinkyslate toolbar runtime detection (spyware-put.rules) 6263 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - collect information (spyware-put.rules) 6264 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - movie (spyware-put.rules) 6265 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - engine (spyware-put.rules) 6266 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - check update (spyware-put.rules) 6267 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - get update (spyware-put.rules) 6268 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - download exe (spyware-put.rules) 6269 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - track event (spyware-put.rules) 6270 <-> SPYWARE-PUT Hijacker topicks runtime detection (spyware-put.rules) 6271 <-> SPYWARE-PUT Trickler bundleware runtime detection (spyware-put.rules) 6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules) 6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules) 6276 <-> SPYWARE-PUT Hijacker incredifind runtime detection - autosearch (spyware-put.rules) 6278 <-> SPYWARE-PUT Trickler navexcel search toolbar runtime detection - activate/update (spyware-put.rules) 6279 <-> SPYWARE-PUT Hijacker sidefind runtime detection (spyware-put.rules) 6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules) 6281 <-> SPYWARE-PUT Hijacker yoursitebar runtime detection (spyware-put.rules) 6282 <-> SPYWARE-PUT Hijacker customtoolbar runtime detection (spyware-put.rules) 6283 <-> SPYWARE-PUT Hijacker websearch runtime detection - sitereview (spyware-put.rules) 6284 <-> SPYWARE-PUT Hijacker websearch runtime detection - webstat (spyware-put.rules) 6340 <-> SPYWARE-PUT Keylogger handy keylogger runtime detection (spyware-put.rules) 6341 <-> SPYWARE-PUT Hijacker spediabar user-agent string detected (spyware-put.rules) 6342 <-> SPYWARE-PUT Hijacker spediabar runtime detection - info check (spyware-put.rules) 6343 <-> SPYWARE-PUT Adware targetsaver runtime detection (spyware-put.rules) 6344 <-> SPYWARE-PUT Adware excite search bar runtime detection - config (spyware-put.rules) 6345 <-> SPYWARE-PUT Adware excite search bar runtime detection - search (spyware-put.rules) 6346 <-> SPYWARE-PUT Adware stationripper update detection (spyware-put.rules) 6347 <-> SPYWARE-PUT Adware stationripper ad display detection (spyware-put.rules) 6348 <-> SPYWARE-PUT Snoopware zenosearch runtime detection (spyware-put.rules) 6349 <-> SPYWARE-PUT Hijacker richfind update detection (spyware-put.rules) 6350 <-> SPYWARE-PUT Hijacker richfind auto search redirect detection (spyware-put.rules) 6351 <-> SPYWARE-PUT Hijacker adblock update detection (spyware-put.rules) 6352 <-> SPYWARE-PUT Hijacker adblock auto search redirect detection (spyware-put.rules) 6353 <-> SPYWARE-PUT Hijacker adblock ie search assistant redirect detection (spyware-put.rules) 6354 <-> SPYWARE-PUT Trickler wsearch runtime detection - auto update (spyware-put.rules) 6355 <-> SPYWARE-PUT Trickler wsearch runtime detection - mp3 search (spyware-put.rules) 6356 <-> SPYWARE-PUT Trickler wsearch runtime detection - desktop search (spyware-put.rules) 6357 <-> SPYWARE-PUT Hijacker need2find initial configuration detection (spyware-put.rules) 6358 <-> SPYWARE-PUT Hijacker need2find search query detection (spyware-put.rules) 6359 <-> SPYWARE-PUT Adware altnet runtime detection - initial retrieval (spyware-put.rules) 6360 <-> SPYWARE-PUT Adware altnet runtime detection - update (spyware-put.rules) 6361 <-> SPYWARE-PUT Adware altnet runtime detection - status report (spyware-put.rules) 6362 <-> SPYWARE-PUT Hijacker microgaming runtime detection (spyware-put.rules) 6363 <-> SPYWARE-PUT adware surfaccuracy runtime detection (spyware-put.rules) 6364 <-> SPYWARE-PUT Hijacker imeshbar runtime detection (spyware-put.rules) 6365 <-> SPYWARE-PUT Other-Technologies sony rootkit runtime detection (spyware-put.rules) 6366 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver user-agent string detected (spyware-put.rules) 6367 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver runtime etection - stop-sign ads (spyware-put.rules) 6368 <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - update request (spyware-put.rules) 6371 <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - pop up ads (spyware-put.rules) 6372 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get wsliveup.dat (spyware-put.rules) 6373 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - stbarpat.dat (spyware-put.rules) 6374 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (spyware-put.rules) 6375 <-> SPYWARE-PUT Trickler spyblocs.eblocs detection - register request (spyware-put.rules) 6376 <-> SPYWARE-PUT Hijacker girafa toolbar - toolbar update (spyware-put.rules) 6377 <-> SPYWARE-PUT Hijacker girafa toolbar - browser hijack (spyware-put.rules) 6378 <-> SPYWARE-PUT Hijacker adbars runtime detection - homepage hijack (spyware-put.rules) 6379 <-> SPYWARE-PUT Hijacker adbars runtime detection - search in toolbar (spyware-put.rules) 6380 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (spyware-put.rules) 6381 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - search in toolbar (spyware-put.rules) 6382 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - url hook (spyware-put.rules) 6383 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - tcp connection setup (spyware-put.rules) 6384 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent discover broadcast (spyware-put.rules) 6385 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent status monitoring (spyware-put.rules) 6386 <-> SPYWARE-PUT Keylogger stealthwatcher 2000 runtime detection - agent up notification (spyware-put.rules) 6387 <-> SPYWARE-PUT Hijacker internet optimizer runtime detection - autosearch hijack (spyware-put.rules) 6388 <-> SPYWARE-PUT Hijacker internet optimizer runtime detection - error page hijack (spyware-put.rules) 6389 <-> SPYWARE-PUT Adware esyndicate runtime detection - postinstall request (spyware-put.rules) 6390 <-> SPYWARE-PUT Adware esyndicate runtime detection - ads popup (spyware-put.rules) 6391 <-> SPYWARE-PUT Adware esyndicate runtime detection - ads popup (spyware-put.rules) 6392 <-> SPYWARE-PUT Hijacker zeropopup runtime detection (spyware-put.rules) 6394 <-> SPYWARE-PUT Hijacker adstart runtime detection (spyware-put.rules) 6477 <-> SPYWARE-PUT Hacker-Tool beee runtime detection - smtp (spyware-put.rules) 6478 <-> SPYWARE-PUT Trackware searchingall toolbar runtime detection - send user url request (spyware-put.rules) 6479 <-> SPYWARE-PUT Snoopware totalvelocity zsearch runtime detection (spyware-put.rules) 6480 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - home page (spyware-put.rules) 6481 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - search (spyware-put.rules) 6482 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - get info (spyware-put.rules) 6483 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - home page hijacker (spyware-put.rules) 6484 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - search (spyware-put.rules) 6485 <-> SPYWARE-PUT Adware spyfalcon runtime detection - action report (spyware-put.rules) 6486 <-> SPYWARE-PUT Adware spyfalcon runtime detection - notification (spyware-put.rules) 6487 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - check updates (spyware-put.rules) 6488 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - redirect mistyped urls (spyware-put.rules) 6489 <-> SPYWARE-PUT Hijacker analyze IE runtime detection - default page hijacker (spyware-put.rules) 6490 <-> SPYWARE-PUT Dialer yeaknet runtime detection - home page hijacker (spyware-put.rules) 6491 <-> SPYWARE-PUT Dialer yeaknet runtime detection - post-installation (spyware-put.rules) 6492 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - notification (spyware-put.rules) 6493 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - post data (spyware-put.rules) 6494 <-> SPYWARE-PUT Adware yourenhancement runtime detection (spyware-put.rules) 6495 <-> SPYWARE-PUT Hijacker troj_spywad.x runtime detection (spyware-put.rules) 6496 <-> SPYWARE-PUT Adware adpowerzone runtime detection (spyware-put.rules) 6502 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (web-client.rules) 6503 <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - ANIMEXTS1.0 (web-client.rules) 6504 <-> WEB-CLIENT Sophos Anti-Virus CAB file overflow attempt (web-client.rules) 6505 <-> WEB-CLIENT quicktime fpx file SectNumMiniFAT overflow attempt (web-client.rules) 6506 <-> WEB-CLIENT quicktime udta atom overflow attempt (web-client.rules) 6509 <-> WEB-CLIENT Internet Explorer mhtml uri href buffer overflow attempt (web-client.rules) 6510 <-> WEB-CLIENT Internet Explorer mhtml uri shortcut buffer overflow attempt (web-client.rules) 6516 <-> WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX function call access (web-client.rules) 6517 <-> WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX CLSID access (web-client.rules) 6518 <-> WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX CLSID unicode access (web-client.rules) 6680 <-> WEB-CLIENT Windows Media Transform Effects ActiveX CLSID unicode access (web-client.rules) 6681 <-> WEB-CLIENT Windows Media Transform Effects ActiveX CLSID access (web-client.rules) 6682 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (web-client.rules) 6683 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX CLSID unicode access (web-client.rules) 6684 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX CLSID access (web-client.rules) 6685 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX CLSID unicode access (web-client.rules) 6686 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX CLSID access (web-client.rules) 6687 <-> WEB-CLIENT DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (web-client.rules) 6688 <-> WEB-CLIENT PNG file transfer (web-client.rules) 6689 <-> WEB-CLIENT Malformed PNG detected cHRM overflow attempt (web-client.rules) 6690 <-> WEB-CLIENT Malformed PNG detected iCCP overflow attempt (web-client.rules) 6691 <-> WEB-CLIENT Malformed PNG detected sBIT overflow attempt (web-client.rules) 6692 <-> WEB-CLIENT Malformed PNG detected sRGB overflow attempt (web-client.rules) 6693 <-> WEB-CLIENT Malformed PNG detected bKGD overflow attempt (web-client.rules) 6694 <-> WEB-CLIENT Malformed PNG detected hIST overflow attempt (web-client.rules) 6695 <-> WEB-CLIENT Malformed PNG detected tRNS overflow attempt (web-client.rules) 6696 <-> WEB-CLIENT Malformed PNG detected pHYs overflow attempt (web-client.rules) 6697 <-> WEB-CLIENT Malformed PNG detected sPLT overflow attempt (web-client.rules) 6698 <-> WEB-CLIENT Malformed PNG detected tIME overflow attempt (web-client.rules) 6699 <-> WEB-CLIENT Malformed PNG detected iTXt overflow attempt (web-client.rules) 6700 <-> WEB-CLIENT Malformed PNG detected tEXt overflow attempt (web-client.rules) 6701 <-> WEB-CLIENT Malformed PNG detected zTXt overflow attempt (web-client.rules) 7002 <-> WEB-CLIENT excel url unicode overflow attempt (web-client.rules) 7003 <-> WEB-CLIENT ADODB.Recordset ActiveX function call access (web-client.rules) 7004 <-> WEB-CLIENT Internet.HHCtrl.1 ActiveX function call access (web-client.rules) 7005 <-> WEB-CLIENT OutlookExpress.AddressBook ActiveX function call access (web-client.rules) 7006 <-> WEB-CLIENT ASControls.InstallEngineCtl ActiveX function call access (web-client.rules) 7007 <-> WEB-CLIENT AxDebugger.Document.1 ActiveX function call access (web-client.rules) 7008 <-> WEB-CLIENT DirectAnimation.DAUserData ActiveX function call access (web-client.rules) 7009 <-> WEB-CLIENT DirectAnimation.StructuredGraphicsControl ActiveX function call access (web-client.rules) 7010 <-> WEB-CLIENT HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (web-client.rules) 7011 <-> WEB-CLIENT HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (web-client.rules) 7012 <-> WEB-CLIENT Internet.PopupMenu.1 ActiveX function call access (web-client.rules) 7013 <-> WEB-CLIENT Microsoft.ISCatAdm ActiveX function call access (web-client.rules) 7014 <-> WEB-CLIENT NMSA.ASFSourceMediaDescription.1 ActiveX function call access (web-client.rules) 7015 <-> WEB-CLIENT NMSA.MediaDescription ActiveX function call access (web-client.rules) 7016 <-> WEB-CLIENT Object.Microsoft.DXTFilter ActiveX function call access (web-client.rules) 7017 <-> WEB-CLIENT RDS.DataControl ActiveX function call access (web-client.rules) 7018 <-> WEB-CLIENT Sysmon ActiveX function call access (web-client.rules) 7020 <-> WEB-CLIENT isComponentInstalled function call access (web-client.rules) 7022 <-> WEB-CLIENT windows explorer invalid url file overflow attempt (web-client.rules) 7023 <-> WEB-CLIENT xls file download (web-client.rules) 7024 <-> WEB-CLIENT excel style handling overflow attempt (web-client.rules) 7025 <-> WEB-CLIENT excel url unicode overflow attempt (web-client.rules) 7026 <-> WEB-CLIENT RDS.Dataspace ActiveX function call access (web-client.rules) 7047 <-> WEB-CLIENT excel object record overflow attempt (web-client.rules) 7048 <-> WEB-CLIENT excel object record overflow attempt (web-client.rules) 7049 <-> SPYWARE-PUT Hijacker extreme biz runtime detection - uniq1 (spyware-put.rules) 7050 <-> SPYWARE-PUT Hijacker freecruise toolbar runtime detection (spyware-put.rules) 7051 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - spyware injection (spyware-put.rules) 7052 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - adv (spyware-put.rules) 7053 <-> SPYWARE-PUT Adware webredir runtime detection (spyware-put.rules) 7054 <-> SPYWARE-PUT Trickler download arq variant runtime detection (spyware-put.rules) 7055 <-> SPYWARE-PUT Hijacker vip01 biz runtime detection - adv (spyware-put.rules) 7123 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - update (spyware-put.rules) 7124 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - buy (spyware-put.rules) 7125 <-> SPYWARE-PUT Hijacker traffbest biz runtime detection - adv (spyware-put.rules) 7126 <-> SPYWARE-PUT Hijacker trojan proxy atiup runtime detection - notification (spyware-put.rules) 7127 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (spyware-put.rules) 7128 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (spyware-put.rules) 7129 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (spyware-put.rules) 7130 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (spyware-put.rules) 7135 <-> SPYWARE-PUT Hijacker dsrch runtime detection - config info retrieval (spyware-put.rules) 7136 <-> SPYWARE-PUT Hijacker dsrch runtime detection - search assistant redirect (spyware-put.rules) 7137 <-> SPYWARE-PUT Hijacker dsrch runtime detection - side search redirect (spyware-put.rules) 7138 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - version check (spyware-put.rules) 7139 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - fake search query (spyware-put.rules) 7140 <-> SPYWARE-PUT Adware pay-per-click runtime detection - configuration (spyware-put.rules) 7141 <-> SPYWARE-PUT Adware pay-per-click runtime detection - update (spyware-put.rules) 7142 <-> SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (spyware-put.rules) 7143 <-> SPYWARE-PUT Adware digink.com runtime detection (spyware-put.rules) 7144 <-> SPYWARE-PUT Hijacker cool search runtime detection (spyware-put.rules) 7145 <-> SPYWARE-PUT Other-Technologies spam maxy runtime detection (spyware-put.rules) 7146 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - sin notification (spyware-put.rules) 7147 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - icq notification (spyware-put.rules) 7148 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - cgi notification (spyware-put.rules) 7149 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - php notification (spyware-put.rules) 7150 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - irc notification (spyware-put.rules) 7151 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - net send notification (spyware-put.rules) 7152 <-> SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - installation (spyware-put.rules) 7153 <-> SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - hijacking (spyware-put.rules) 7154 <-> SPYWARE-PUT Keylogger active keylogger home runtime detection (spyware-put.rules) 7155 <-> SPYWARE-PUT Trickler jubster runtime detection (spyware-put.rules) 7156 <-> SPYWARE-PUT Keylogger win-spy runtime detection - email delivery (spyware-put.rules) 7157 <-> SPYWARE-PUT Keylogger win-spy runtime detection - remote conn client-to-server (spyware-put.rules) 7158 <-> SPYWARE-PUT Keylogger win-spy runtime detection - remote conn server-to-client (spyware-put.rules) 7159 <-> SPYWARE-PUT Keylogger win-spy runtime detection - upload file client-to-server (spyware-put.rules) 7160 <-> SPYWARE-PUT Keylogger win-spy runtime detection - upload file server-to-client (spyware-put.rules) 7161 <-> SPYWARE-PUT Keylogger win-spy runtime detection - download file client-to-server (spyware-put.rules) 7162 <-> SPYWARE-PUT Keylogger win-spy runtime detection - download file server-to-client (spyware-put.rules) 7163 <-> SPYWARE-PUT Keylogger win-spy runtime detection - execute file client-to-server (spyware-put.rules) 7164 <-> SPYWARE-PUT Keylogger win-spy runtime detection - execute file server-to-client (spyware-put.rules) 7165 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 1 (spyware-put.rules) 7166 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 2 (spyware-put.rules) 7167 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 3 (spyware-put.rules) 7168 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange - flowbit set 4 (spyware-put.rules) 7169 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - information exchange (spyware-put.rules) 7175 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - log retrieve (spyware-put.rules) 7176 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - log retrieve (spyware-put.rules) 7177 <-> SPYWARE-PUT Keylogger ab system spy runtime detection - info send through email (spyware-put.rules) 7178 <-> SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (spyware-put.rules) 7179 <-> SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (spyware-put.rules) 7180 <-> SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - init connection (spyware-put.rules) 7183 <-> SPYWARE-PUT Snoopware barok runtime detection (spyware-put.rules) 7184 <-> SPYWARE-PUT Keylogger 007 spy software runtime detection - smtp (spyware-put.rules) 7185 <-> SPYWARE-PUT Keylogger 007 spy software runtime detection - ftp (spyware-put.rules) 7186 <-> SPYWARE-PUT Keylogger kgb Keylogger runtime detection (spyware-put.rules) 7187 <-> SPYWARE-PUT Trackware shopathome user-agent detected (spyware-put.rules) 7188 <-> SPYWARE-PUT Hijacker shop at home select - merchant redirect in progress (spyware-put.rules) 7189 <-> SPYWARE-PUT Trackware shopathome runtime detection - setcookie request (spyware-put.rules) 7190 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (spyware-put.rules) 7191 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (spyware-put.rules) 7192 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (spyware-put.rules) 7193 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (spyware-put.rules) 7194 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - services requests (spyware-put.rules) 7195 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - track/upgrade/report activities (spyware-put.rules) 7197 <-> WEB-CLIENT excel MSO.DLL malformed string parsing single byte buffer over attempt (web-client.rules) 7198 <-> WEB-CLIENT excel MSO.DLL malformed string parsing multi byte buffer over attempt (web-client.rules) 7199 <-> WEB-CLIENT excel label record overflow attempt (web-client.rules) 7200 <-> WEB-CLIENT microsoft word document summary information null string overflow attempt (web-client.rules) 7201 <-> WEB-CLIENT microsoft word summary information null string overflow attempt (web-client.rules) 7202 <-> WEB-CLIENT microsoft word document summary information string overflow attempt (web-client.rules) 7203 <-> WEB-CLIENT microsoft word information string overflow attempt (web-client.rules) 7204 <-> WEB-CLIENT excel object ftCmo overflow attempt (web-client.rules) 7205 <-> WEB-CLIENT excel FngGroupCount record overflow attempt (web-client.rules) 7425 <-> WEB-CLIENT 9x8Resize ActiveX CLSID access (web-client.rules) 7426 <-> WEB-CLIENT 9x8Resize ActiveX CLSID unicode access (web-client.rules) 7427 <-> WEB-CLIENT Allocator Fix ActiveX CLSID access (web-client.rules) 7428 <-> WEB-CLIENT Allocator Fix ActiveX CLSID unicode access (web-client.rules) 7429 <-> WEB-CLIENT Bitmap ActiveX CLSID access (web-client.rules) 7430 <-> WEB-CLIENT Bitmap ActiveX CLSID unicode access (web-client.rules) 7431 <-> WEB-CLIENT DirectFrame.DirectControl.1 ActiveX CLSID access (web-client.rules) 7432 <-> WEB-CLIENT DirectFrame.DirectControl.1 ActiveX CLSID unicode access (web-client.rules) 7433 <-> WEB-CLIENT DirectX Transform Wrapper Property Page ActiveX CLSID access (web-client.rules) 7434 <-> WEB-CLIENT DirectX Transform Wrapper Property Page ActiveX CLSID unicode access (web-client.rules) 7435 <-> WEB-CLIENT Dynamic Casts ActiveX CLSID access (web-client.rules) 7436 <-> WEB-CLIENT Dynamic Casts ActiveX CLSID unicode access (web-client.rules) 7437 <-> WEB-CLIENT Frame Eater ActiveX CLSID access (web-client.rules) 7438 <-> WEB-CLIENT Frame Eater ActiveX CLSID unicode access (web-client.rules) 7439 <-> WEB-CLIENT HTML Help ActiveX clsid access (web-client.rules) 7440 <-> WEB-CLIENT HTML Help ActiveX clsid unicode access (web-client.rules) 7441 <-> WEB-CLIENT HTML Help ActiveX CLSID unicode access (web-client.rules) 7442 <-> WEB-CLIENT mmAEPlugIn.AEPlugIn.1 ActiveX CLSID access (web-client.rules) 7443 <-> WEB-CLIENT mmAEPlugIn.AEPlugIn.1 ActiveX CLSID unicode access (web-client.rules) 7444 <-> WEB-CLIENT Mmedia.AsyncMHandler.1 ActiveX CLSID access (web-client.rules) 7445 <-> WEB-CLIENT Mmedia.AsyncMHandler.1 ActiveX CLSID unicode access (web-client.rules) 7446 <-> WEB-CLIENT Record Queue ActiveX CLSID access (web-client.rules) 7447 <-> WEB-CLIENT Record Queue ActiveX CLSID unicode access (web-client.rules) 7448 <-> WEB-CLIENT ShotDetect ActiveX CLSID access (web-client.rules) 7449 <-> WEB-CLIENT ShotDetect ActiveX CLSID unicode access (web-client.rules) 7450 <-> WEB-CLIENT Stetch ActiveX CLSID access (web-client.rules) 7451 <-> WEB-CLIENT Stetch ActiveX CLSID unicode access (web-client.rules) 7452 <-> WEB-CLIENT WM Color Converter Filter ActiveX CLSID access (web-client.rules) 7453 <-> WEB-CLIENT WM Color Converter Filter ActiveX CLSID unicode access (web-client.rules) 7454 <-> WEB-CLIENT Wmm2ae.dll ActiveX CLSID access (web-client.rules) 7455 <-> WEB-CLIENT Wmm2ae.dll ActiveX CLSID unicode access (web-client.rules) 7456 <-> WEB-CLIENT Wmm2fxa.dll ActiveX CLSID access (web-client.rules) 7457 <-> WEB-CLIENT Wmm2fxa.dll ActiveX CLSID unicode access (web-client.rules) 7458 <-> WEB-CLIENT Wmm2fxb.dll ActiveX CLSID access (web-client.rules) 7459 <-> WEB-CLIENT Wmm2fxb.dll ActiveX CLSID unicode access (web-client.rules) 7460 <-> WEB-CLIENT WMT Audio Analyzer ActiveX CLSID access (web-client.rules) 7461 <-> WEB-CLIENT WMT Audio Analyzer ActiveX CLSID unicode access (web-client.rules) 7462 <-> WEB-CLIENT WMT Black Frame Generator ActiveX CLSID access (web-client.rules) 7463 <-> WEB-CLIENT WMT Black Frame Generator ActiveX CLSID unicode access (web-client.rules) 7464 <-> WEB-CLIENT WMT DeInterlace Filter ActiveX CLSID access (web-client.rules) 7465 <-> WEB-CLIENT WMT DeInterlace Filter ActiveX CLSID unicode access (web-client.rules) 7466 <-> WEB-CLIENT WMT DeInterlace Prop Page ActiveX CLSID access (web-client.rules) 7467 <-> WEB-CLIENT WMT DeInterlace Prop Page ActiveX CLSID unicode access (web-client.rules) 7468 <-> WEB-CLIENT WMT DirectX Transform Wrapper ActiveX CLSID access (web-client.rules) 7469 <-> WEB-CLIENT WMT DirectX Transform Wrapper ActiveX CLSID unicode access (web-client.rules) 7470 <-> WEB-CLIENT WMT DV Extract Filter ActiveX CLSID access (web-client.rules) 7471 <-> WEB-CLIENT WMT DV Extract Filter ActiveX CLSID unicode access (web-client.rules) 7472 <-> WEB-CLIENT WMT FormatConversion Prop Page ActiveX CLSID access (web-client.rules) 7473 <-> WEB-CLIENT WMT FormatConversion Prop Page ActiveX CLSID unicode access (web-client.rules) 7474 <-> WEB-CLIENT WMT FormatConversion ActiveX CLSID access (web-client.rules) 7475 <-> WEB-CLIENT WMT FormatConversion ActiveX CLSID unicode access (web-client.rules) 7476 <-> WEB-CLIENT WMT Import Filter ActiveX CLSID access (web-client.rules) 7477 <-> WEB-CLIENT WMT Import Filter ActiveX CLSID unicode access (web-client.rules) 7478 <-> WEB-CLIENT WMT Interlacer ActiveX CLSID access (web-client.rules) 7479 <-> WEB-CLIENT WMT Interlacer ActiveX CLSID unicode access (web-client.rules) 7480 <-> WEB-CLIENT WMT Log Filter ActiveX CLSID access (web-client.rules) 7481 <-> WEB-CLIENT WMT Log Filter ActiveX CLSID unicode access (web-client.rules) 7482 <-> WEB-CLIENT WMT MuxDeMux Filter ActiveX CLSID access (web-client.rules) 7483 <-> WEB-CLIENT WMT MuxDeMux Filter ActiveX CLSID unicode access (web-client.rules) 7484 <-> WEB-CLIENT WMT Sample Info Filter ActiveX CLSID access (web-client.rules) 7485 <-> WEB-CLIENT WMT Sample Info Filter ActiveX CLSID unicode access (web-client.rules) 7486 <-> WEB-CLIENT WMT Screen Capture Filter Task Page ActiveX CLSID access (web-client.rules) 7487 <-> WEB-CLIENT WMT Screen Capture Filter Task Page ActiveX CLSID unicode access (web-client.rules) 7488 <-> WEB-CLIENT WMT Screen capture Filter ActiveX CLSID access (web-client.rules) 7489 <-> WEB-CLIENT WMT Screen capture Filter ActiveX CLSID unicode access (web-client.rules) 7490 <-> WEB-CLIENT WMT Switch Filter ActiveX CLSID access (web-client.rules) 7491 <-> WEB-CLIENT WMT Switch Filter ActiveX CLSID unicode access (web-client.rules) 7492 <-> WEB-CLIENT WMT Virtual Renderer ActiveX CLSID access (web-client.rules) 7493 <-> WEB-CLIENT WMT Virtual Renderer ActiveX CLSID unicode access (web-client.rules) 7494 <-> WEB-CLIENT WMT Virtual Source ActiveX CLSID access (web-client.rules) 7495 <-> WEB-CLIENT WMT Virtual Source ActiveX CLSID unicode access (web-client.rules) 7496 <-> WEB-CLIENT WMT Volume ActiveX CLSID access (web-client.rules) 7497 <-> WEB-CLIENT WMT Volume ActiveX CLSID unicode access (web-client.rules) 7498 <-> WEB-CLIENT WM TV Out Smooth Picture Filter ActiveX CLSID access (web-client.rules) 7499 <-> WEB-CLIENT WM TV Out Smooth Picture Filter ActiveX CLSID unicode access (web-client.rules) 7500 <-> WEB-CLIENT WM VIH2 Fix ActiveX CLSID access (web-client.rules) 7501 <-> WEB-CLIENT WM VIH2 Fix ActiveX CLSID unicode access (web-client.rules) 7502 <-> WEB-CLIENT tsuserex.ADsTSUserEx.1 ActiveX CLSID access (web-client.rules) 7503 <-> WEB-CLIENT tsuserex.ADsTSUserEx.1 ActiveX CLSID unicode access (web-client.rules) 7504 <-> SPYWARE-PUT Keylogger actualspy runtime detection - ftp-data (spyware-put.rules) 7505 <-> SPYWARE-PUT Keylogger actualspy runtime detection - smtp (spyware-put.rules) 7506 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - init connection - flowbit set (spyware-put.rules) 7507 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - init connection (spyware-put.rules) 7508 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - ping - flowbit set (spyware-put.rules) 7509 <-> SPYWARE-PUT Hacker-Tool coma runtime detection - ping (spyware-put.rules) 7510 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - version verification (spyware-put.rules) 7511 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - get ads page (spyware-put.rules) 7512 <-> SPYWARE-PUT Keylogger watchdog runtime detection - init connection - flowbit set (spyware-put.rules) 7513 <-> SPYWARE-PUT Keylogger watchdog runtime detection - init connection (spyware-put.rules) 7514 <-> SPYWARE-PUT Keylogger watchdog runtime detection - send out info to server periodically (spyware-put.rules) 7515 <-> SPYWARE-PUT Keylogger watchdog runtime detection - remote monitoring (spyware-put.rules) 7516 <-> SPYWARE-PUT Trickler hmtoolbar runtime detection (spyware-put.rules) 7517 <-> SPYWARE-PUT Hijacker chinese keywords runtime detection (spyware-put.rules) 7518 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - get up-to-date news info (spyware-put.rules) 7519 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - track activity (spyware-put.rules) 7520 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - ie autosearch hijack (spyware-put.rules) 7521 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 1 (spyware-put.rules) 7522 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 2 (spyware-put.rules) 7523 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - click news button links (spyware-put.rules) 7524 <-> SPYWARE-PUT Hijacker moneybar runtime detection - cgispy counter (spyware-put.rules) 7525 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - barad.asp request (spyware-put.rules) 7526 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - stat counter (spyware-put.rules) 7527 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - toolbar find function (spyware-put.rules) 7528 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - ie autosearch hijack (spyware-put.rules) 7529 <-> SPYWARE-PUT Snoopware halflife jacker runtime detection (spyware-put.rules) 7530 <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - trickler (spyware-put.rules) 7531 <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - login (spyware-put.rules) 7532 <-> SPYWARE-PUT Adware piolet runtime detection - user-agent (spyware-put.rules) 7533 <-> SPYWARE-PUT Adware piolet runtime detection - ads request (spyware-put.rules) 7534 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - ie hijacking (spyware-put.rules) 7535 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - pass information (spyware-put.rules) 7536 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - popup (spyware-put.rules) 7537 <-> SPYWARE-PUT Trackware arrow search runtime detection (spyware-put.rules) 7538 <-> SPYWARE-PUT Screen-Scraper hidden camera runtime detection (spyware-put.rules) 7539 <-> SPYWARE-PUT Keylogger eye spy pro 1.0 runtime detection (spyware-put.rules) 7540 <-> SPYWARE-PUT Hacker-Tool unify runtime detection - cgi notification (spyware-put.rules) 7541 <-> SPYWARE-PUT Keylogger starlogger runtime detection (spyware-put.rules) 7542 <-> SPYWARE-PUT Hacker-Tool mini oblivion runtime detection - successful init connection (spyware-put.rules) 7543 <-> SPYWARE-PUT Hijacker 2020search runtime detection (spyware-put.rules) 7544 <-> SPYWARE-PUT Keylogger PerfectKeylogger runtime detection - flowbit set 1 (spyware-put.rules) 7545 <-> SPYWARE-PUT Keylogger PerfectKeylogger runtime detection - flowbit set 2 (spyware-put.rules) 7546 <-> SPYWARE-PUT Keylogger PerfectKeylogger runtime detection (spyware-put.rules) 7547 <-> SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection - agent status monitoring (spyware-put.rules) 7548 <-> SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection - agent up notification (spyware-put.rules) 7549 <-> SPYWARE-PUT Keylogger activity monitor 3.8 runtime detection (spyware-put.rules) 7550 <-> SPYWARE-PUT Adware adroar runtime detection (spyware-put.rules) 7551 <-> SPYWARE-PUT Keylogger ardamax keylogger runtime detection - smtp (spyware-put.rules) 7552 <-> SPYWARE-PUT Keylogger ardamax keylogger runtime detection - ftp (spyware-put.rules) 7553 <-> SPYWARE-PUT Adware hxdl runtime detection - hxlogonly user-agent (spyware-put.rules) 7554 <-> SPYWARE-PUT Adware hxdl runtime detection - hxdownload user-agent (spyware-put.rules) 7556 <-> SPYWARE-PUT Hijacker blazefind runtime detection - search bar (spyware-put.rules) 7557 <-> SPYWARE-PUT Trackware purityscan runtime detection - start up (spyware-put.rules) 7558 <-> SPYWARE-PUT Trackware purityscan runtime detection - installation notify (spyware-put.rules) 7559 <-> SPYWARE-PUT Trackware purityscan runtime detection - track user activity and status (spyware-put.rules) 7560 <-> SPYWARE-PUT Trackware purityscan runtime detection - self update (spyware-put.rules) 7561 <-> SPYWARE-PUT Trackware purityscan runtime detection - opt out of interstitial advertising (spyware-put.rules) 7562 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 1 (spyware-put.rules) 7563 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 2 (spyware-put.rules) 7564 <-> SPYWARE-PUT Hijacker startnow runtime detection (spyware-put.rules) 7565 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - search engine (spyware-put.rules) 7566 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - redirector (spyware-put.rules) 7567 <-> SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection (spyware-put.rules) 7568 <-> SPYWARE-PUT Trackware webhancer runtime detection (spyware-put.rules) 7569 <-> SPYWARE-PUT Adware lordofsearch runtime detection (spyware-put.rules) 7570 <-> SPYWARE-PUT Hijacker linkspider search bar runtime detection - ads (spyware-put.rules) 7571 <-> SPYWARE-PUT Hijacker linkspider search bar runtime detection - toolbar search (spyware-put.rules) 7572 <-> SPYWARE-PUT Trickler album galaxy runtime detection - startup data (spyware-put.rules) 7573 <-> SPYWARE-PUT Trickler album galaxy runtime detection - p2p gnutella (spyware-put.rules) 7574 <-> SPYWARE-PUT Keylogger proagent 2.0 runtime detection (spyware-put.rules) 7575 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - weather request (spyware-put.rules) 7576 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - hijack ie browser (spyware-put.rules) 7577 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - collect information (spyware-put.rules) 7578 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - reference (spyware-put.rules) 7579 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - smileys (spyware-put.rules) 7580 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - update (spyware-put.rules) 7581 <-> SPYWARE-PUT Hijacker flashbar runtime detection - user-agent (spyware-put.rules) 7582 <-> SPYWARE-PUT Trickler pcast runtime detection - update checking (spyware-put.rules) 7583 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set big (spyware-put.rules) 7584 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set open (spyware-put.rules) 7585 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - flowbit set image (spyware-put.rules) 7586 <-> SPYWARE-PUT Hacker-Tool clandestine runtime detection - image transferred (spyware-put.rules) 7587 <-> SPYWARE-PUT Trickler urlblaze runtime detection - software information request (spyware-put.rules) 7588 <-> SPYWARE-PUT Trickler urlblaze runtime detection - files search or download (spyware-put.rules) 7589 <-> SPYWARE-PUT Trickler urlblaze runtime detection - irc notification (spyware-put.rules) 7590 <-> SPYWARE-PUT Hijacker swbar runtime detection (spyware-put.rules) 7591 <-> SPYWARE-PUT Keylogger keylogger pro runtime detection - flowbit set (spyware-put.rules) 7592 <-> SPYWARE-PUT Keylogger keylogger pro runtime detection (spyware-put.rules) 7593 <-> SPYWARE-PUT Trackware trellian toolbarbrowser runtime detection (spyware-put.rules) 7594 <-> SPYWARE-PUT Adware comedy planet runtime detection - ads (spyware-put.rules) 7595 <-> SPYWARE-PUT Adware comedy planet runtime detection - collect user information (spyware-put.rules) 7596 <-> SPYWARE-PUT Keylogger spy lantern keylogger runtime detection - flowbit set (spyware-put.rules) 7597 <-> SPYWARE-PUT Keylogger spy lantern keylogger runtime detection (spyware-put.rules) 7598 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - search in toolbar (spyware-put.rules) 7599 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - user info collection (spyware-put.rules) 7600 <-> SPYWARE-PUT Hijacker adtraffic runtime detection - notfound website search hijack and redirection (spyware-put.rules) 7601 <-> SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to keyserver (spyware-put.rules) 7602 <-> SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to receiver - flowbit set (spyware-put.rules) 7603 <-> SPYWARE-PUT Snoopware big brother v3.5.1 runtime detection - connect to receiver (spyware-put.rules) 7823 <-> SPYWARE-PUT Adware whenu runtime detection - datachunksgz (spyware-put.rules) 7824 <-> SPYWARE-PUT Trickler whenu.clocksync runtime detection (spyware-put.rules) 7825 <-> SPYWARE-PUT Adware whenu.savenow runtime detection (spyware-put.rules) 7826 <-> SPYWARE-PUT Trickler whenu.weathercast runtime detection - check (spyware-put.rules) 7827 <-> SPYWARE-PUT Adware whenu runtime detection - search request 1 (spyware-put.rules) 7828 <-> SPYWARE-PUT Adware whenu runtime detection - search request 2 (spyware-put.rules) 7829 <-> SPYWARE-PUT Adware gator user-agent detected (spyware-put.rules) 7830 <-> SPYWARE-PUT Botnet dacryptic runtime detection (spyware-put.rules) 7831 <-> SPYWARE-PUT Adware downloadplus runtime detection (spyware-put.rules) 7832 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - active/update (spyware-put.rules) 7833 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - search (spyware-put.rules) 7834 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (spyware-put.rules) 7835 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (spyware-put.rules) 7836 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report send through email (spyware-put.rules) 7837 <-> SPYWARE-PUT Keylogger spyoutside runtime detection - email delivery (spyware-put.rules) 7838 <-> SPYWARE-PUT Adware smiley central runtime detection (spyware-put.rules) 7839 <-> SPYWARE-PUT Hijacker rx toolbar runtime detection (spyware-put.rules) 7840 <-> SPYWARE-PUT Hijacker instafinder initial configuration detection (spyware-put.rules) 7841 <-> SPYWARE-PUT Hijacker instafinder error redirect detection (spyware-put.rules) 7842 <-> SPYWARE-PUT Hacker-Tool davps runtime detection (spyware-put.rules) 7843 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - search engine hijack (spyware-put.rules) 7844 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - post data (spyware-put.rules) 7845 <-> SPYWARE-PUT Keylogger clogger 1.0 runtime detection (spyware-put.rules) 7846 <-> SPYWARE-PUT Keylogger clogger 1.0 runtime detection (spyware-put.rules) 7847 <-> SPYWARE-PUT Keylogger clogger 1.0 runtime detection - send log through email (spyware-put.rules) 7848 <-> SPYWARE-PUT Hijacker netguide runtime detection (spyware-put.rules) 7849 <-> SPYWARE-PUT Trickler maxsearch runtime detection - toolbar download (spyware-put.rules) 7850 <-> SPYWARE-PUT Trickler maxsearch runtime detection - retrieve command (spyware-put.rules) 7851 <-> SPYWARE-PUT Trickler maxsearch runtime detection - ack (spyware-put.rules) 7852 <-> SPYWARE-PUT Trickler maxsearch runtime detection - advertisement (spyware-put.rules) 7853 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 1 (spyware-put.rules) 7854 <-> SPYWARE-PUT Adware web-nexus runtime detection - config retrieval (spyware-put.rules) 7855 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 2 (spyware-put.rules) 7856 <-> SPYWARE-PUT Trackware winsysba-a runtime detection - track surfing activity (spyware-put.rules) 7857 <-> SPYWARE-PUT Keylogger EliteKeylogger runtime detection (spyware-put.rules) 7862 <-> WEB-CLIENT McSubMgr.IsAppExpired ActiveX function call access (web-client.rules) 7863 <-> WEB-CLIENT McSubMgr.IsOldAppInstalled ActiveX function call access (web-client.rules) 7864 <-> WEB-CLIENT McSubMgr ActiveX CLSID access (web-client.rules) 7865 <-> WEB-CLIENT McSubMgr ActiveX CLSID unicode access (web-client.rules) 7866 <-> WEB-CLIENT ADODB.Connection ActiveX clsid access (web-client.rules) 7867 <-> WEB-CLIENT ADODB.Connection ActiveX clsid unicode access (web-client.rules) 7868 <-> WEB-CLIENT ADODB.Recordset ActiveX CLSID access (web-client.rules) 7869 <-> WEB-CLIENT ADODB.Recordset ActiveX CLSID unicode access (web-client.rules) 7870 <-> WEB-CLIENT Microsoft Office Data Source Control 9.0 ActiveX CLSID access (web-client.rules) 7871 <-> WEB-CLIENT Microsoft Office Data Source Control 9.0 ActiveX CLSID unicode access (web-client.rules) 7872 <-> WEB-CLIENT Microsoft Office Spreadsheet 10.0 ActiveX CLSID access (web-client.rules) 7873 <-> WEB-CLIENT Microsoft Office Spreadsheet 10.0 ActiveX CLSID unicode access (web-client.rules) 7874 <-> WEB-CLIENT Microsoft Office PivotTable 10.0 ActiveX CLSID access (web-client.rules) 7875 <-> WEB-CLIENT Microsoft Office PivotTable 10.0 ActiveX CLSID unicode access (web-client.rules) 7876 <-> WEB-CLIENT Microsoft Office Data Source Control 10.0 ActiveX CLSID access (web-client.rules) 7877 <-> WEB-CLIENT Microsoft Office Data Source Control 10.0 ActiveX CLSID unicode access (web-client.rules) 7878 <-> WEB-CLIENT AxMetaStream.MetaStreamCtl ActiveX CLSID access (web-client.rules) 7879 <-> WEB-CLIENT AxMetaStream.MetaStreamCtl ActiveX CLSID unicode access (web-client.rules) 7880 <-> WEB-CLIENT AxMetaStream.MetaStreamCtlSecondary ActiveX CLSID access (web-client.rules) 7881 <-> WEB-CLIENT AxMetaStream.MetaStreamCtlSecondary ActiveX CLSID unicode access (web-client.rules) 7882 <-> WEB-CLIENT AccSync.AccSubNotHandler ActiveX CLSID access (web-client.rules) 7883 <-> WEB-CLIENT AccSync.AccSubNotHandler ActiveX CLSID unicode access (web-client.rules) 7884 <-> WEB-CLIENT AolCalSvr.ACCalendarListCtrl ActiveX CLSID access (web-client.rules) 7885 <-> WEB-CLIENT AolCalSvr.ACCalendarListCtrl ActiveX CLSID unicode access (web-client.rules) 7886 <-> WEB-CLIENT AolCalSvr.ACDictionary ActiveX CLSID access (web-client.rules) 7887 <-> WEB-CLIENT AolCalSvr.ACDictionary ActiveX CLSID unicode access (web-client.rules) 7888 <-> WEB-CLIENT AOLFlash.AOLFlash ActiveX CLSID access (web-client.rules) 7889 <-> WEB-CLIENT AOLFlash.AOLFlash ActiveX CLSID unicode access (web-client.rules) 7890 <-> WEB-CLIENT AOL.MemExpWz ActiveX CLSID access (web-client.rules) 7891 <-> WEB-CLIENT AOL.MemExpWz ActiveX CLSID unicode access (web-client.rules) 7892 <-> WEB-CLIENT AOL Phobos Class ActiveX CLSID access (web-client.rules) 7893 <-> WEB-CLIENT AOL Phobos Class ActiveX CLSID unicode access (web-client.rules) 7894 <-> WEB-CLIENT AOL.PicDownloadCtrl ActiveX CLSID access (web-client.rules) 7895 <-> WEB-CLIENT AOL.PicDownloadCtrl ActiveX CLSID unicode access (web-client.rules) 7896 <-> WEB-CLIENT AOL.PicEditCtrl ActiveX CLSID access (web-client.rules) 7897 <-> WEB-CLIENT AOL.PicEditCtrl ActiveX CLSID unicode access (web-client.rules) 7898 <-> WEB-CLIENT AOL.PicSsvrCtrl ActiveX CLSID access (web-client.rules) 7899 <-> WEB-CLIENT AOL.PicSsvrCtrl ActiveX CLSID unicode access (web-client.rules) 7900 <-> WEB-CLIENT AOL.UPFCtrl ActiveX CLSID access (web-client.rules) 7901 <-> WEB-CLIENT AOL.UPFCtrl ActiveX CLSID unicode access (web-client.rules) 7902 <-> WEB-CLIENT CDDBControlAOL.CDDBAOLControl ActiveX clsid access (web-client.rules) 7903 <-> WEB-CLIENT CDDBControlAOL.CDDBAOLControl ActiveX clsid unicode access (web-client.rules) 7904 <-> WEB-CLIENT CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7905 <-> WEB-CLIENT CDL Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7906 <-> WEB-CLIENT CDO.KnowledgeSearchFolder ActiveX CLSID access (web-client.rules) 7907 <-> WEB-CLIENT CDO.KnowledgeSearchFolder ActiveX CLSID unicode access (web-client.rules) 7908 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid access (web-client.rules) 7909 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid unicode access (web-client.rules) 7910 <-> WEB-CLIENT DXImageTransform.Microsoft.DropShadow ActiveX CLSID access (web-client.rules) 7911 <-> WEB-CLIENT DXImageTransform.Microsoft.DropShadow ActiveX CLSID unicode access (web-client.rules) 7912 <-> WEB-CLIENT DX3DTransform.Microsoft.Shapes ActiveX CLSID access (web-client.rules) 7913 <-> WEB-CLIENT DX3DTransform.Microsoft.Shapes ActiveX CLSID unicode access (web-client.rules) 7914 <-> WEB-CLIENT DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID access (web-client.rules) 7915 <-> WEB-CLIENT DXImageTransform.Microsoft.NDFXArtEffects ActiveX CLSID unicode access (web-client.rules) 7916 <-> WEB-CLIENT CLSID_IMimeInternational ActiveX CLSID access (web-client.rules) 7917 <-> WEB-CLIENT CLSID_IMimeInternational ActiveX CLSID unicode access (web-client.rules) 7918 <-> WEB-CLIENT CoAxTrackVideo Class ActiveX CLSID access (web-client.rules) 7919 <-> WEB-CLIENT CoAxTrackVideo Class ActiveX CLSID unicode access (web-client.rules) 7920 <-> WEB-CLIENT DsPropertyPages.OU ActiveX CLSID access (web-client.rules) 7921 <-> WEB-CLIENT DsPropertyPages.OU ActiveX CLSID unicode access (web-client.rules) 7922 <-> WEB-CLIENT DXImageTransform.Microsoft.RevealTrans ActiveX CLSID access (web-client.rules) 7923 <-> WEB-CLIENT DXImageTransform.Microsoft.RevealTrans ActiveX CLSID unicode access (web-client.rules) 7924 <-> WEB-CLIENT DXImageTransform.Microsoft.Shadow ActiveX CLSID access (web-client.rules) 7925 <-> WEB-CLIENT DXImageTransform.Microsoft.Shadow ActiveX CLSID unicode access (web-client.rules) 7926 <-> WEB-CLIENT DXTFilter ActiveX CLSID access (web-client.rules) 7927 <-> WEB-CLIENT DXTFilter ActiveX CLSID unicode access (web-client.rules) 7928 <-> WEB-CLIENT file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7929 <-> WEB-CLIENT file or local Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7930 <-> WEB-CLIENT FolderItem2 ActiveX CLSID access (web-client.rules) 7931 <-> WEB-CLIENT FolderItem2 ActiveX CLSID unicode access (web-client.rules) 7932 <-> WEB-CLIENT FolderItems3 ActiveX CLSID access (web-client.rules) 7933 <-> WEB-CLIENT FolderItems3 ActiveX CLSID unicode access (web-client.rules) 7934 <-> WEB-CLIENT ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7935 <-> WEB-CLIENT ftp Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7936 <-> WEB-CLIENT DXImageTransform.Microsoft.Glow ActiveX CLSID access (web-client.rules) 7937 <-> WEB-CLIENT DXImageTransform.Microsoft.Glow ActiveX CLSID unicode access (web-client.rules) 7938 <-> WEB-CLIENT gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7939 <-> WEB-CLIENT gopher Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7940 <-> WEB-CLIENT DXImageTransform.Microsoft.Gradient ActiveX CLSID access (web-client.rules) 7941 <-> WEB-CLIENT DXImageTransform.Microsoft.Gradient ActiveX CLSID unicode access (web-client.rules) 7942 <-> WEB-CLIENT http Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7943 <-> WEB-CLIENT http Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7944 <-> WEB-CLIENT https Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7945 <-> WEB-CLIENT https Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7946 <-> WEB-CLIENT DXImageTransform.Microsoft.MaskFilter ActiveX CLSID access (web-client.rules) 7947 <-> WEB-CLIENT DXImageTransform.Microsoft.MaskFilter ActiveX CLSID unicode access (web-client.rules) 7948 <-> WEB-CLIENT Microsoft Common Browser Architecture ActiveX CLSID access (web-client.rules) 7949 <-> WEB-CLIENT Microsoft Common Browser Architecture ActiveX CLSID unicode access (web-client.rules) 7950 <-> WEB-CLIENT Microsoft DirectAnimation Control ActiveX CLSID access (web-client.rules) 7951 <-> WEB-CLIENT Microsoft DirectAnimation Control ActiveX CLSID unicode access (web-client.rules) 7952 <-> WEB-CLIENT Microsoft DirectAnimation Windowed Control ActiveX CLSID access (web-client.rules) 7953 <-> WEB-CLIENT Microsoft DirectAnimation Windowed Control ActiveX CLSID unicode access (web-client.rules) 7954 <-> WEB-CLIENT Microsoft Forms 2.0 ComboBox ActiveX CLSID access (web-client.rules) 7955 <-> WEB-CLIENT Microsoft Forms 2.0 ComboBox ActiveX CLSID unicode access (web-client.rules) 7956 <-> WEB-CLIENT Microsoft Forms 2.0 ListBox ActiveX CLSID access (web-client.rules) 7957 <-> WEB-CLIENT Microsoft Forms 2.0 ListBox ActiveX CLSID unicode access (web-client.rules) 7958 <-> WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules) 7959 <-> WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules) 7970 <-> WEB-CLIENT PostBootReminder object ActiveX CLSID access (web-client.rules) 7971 <-> WEB-CLIENT PostBootReminder object ActiveX CLSID unicode access (web-client.rules) 7972 <-> WEB-CLIENT RealPlayer G2 Control ActiveX CLSID access (web-client.rules) 7973 <-> WEB-CLIENT RealPlayer G2 Control ActiveX CLSID unicode access (web-client.rules) 7974 <-> WEB-CLIENT Rendezvous Class ActiveX CLSID access (web-client.rules) 7975 <-> WEB-CLIENT Rendezvous Class ActiveX CLSID unicode access (web-client.rules) 7976 <-> WEB-CLIENT ShellFolder for CD Burning ActiveX CLSID access (web-client.rules) 7977 <-> WEB-CLIENT ShellFolder for CD Burning ActiveX CLSID unicode access (web-client.rules) 7981 <-> WEB-CLIENT Snapshot Viewer General Property Page Object ActiveX CLSID access (web-client.rules) 7982 <-> WEB-CLIENT Snapshot Viewer General Property Page Object ActiveX CLSID unicode access (web-client.rules) 7983 <-> WEB-CLIENT SuperBuddy Class ActiveX CLSID access (web-client.rules) 7984 <-> WEB-CLIENT SuperBuddy Class ActiveX CLSID unicode access (web-client.rules) 7985 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID access (web-client.rules) 7986 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access (web-client.rules) 7987 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID access (web-client.rules) 7988 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.2 ActiveX CLSID unicode access (web-client.rules) 7989 <-> WEB-CLIENT WIA FileSystem USD ActiveX CLSID access (web-client.rules) 7990 <-> WEB-CLIENT WIA FileSystem USD ActiveX CLSID unicode access (web-client.rules) 7991 <-> WEB-CLIENT ACM Class Manager ActiveX CLSID access (web-client.rules) 7992 <-> WEB-CLIENT ACM Class Manager ActiveX CLSID unicode access (web-client.rules) 7993 <-> WEB-CLIENT clbcatex.dll ActiveX CLSID access (web-client.rules) 7994 <-> WEB-CLIENT clbcatex.dll ActiveX CLSID unicode access (web-client.rules) 7995 <-> WEB-CLIENT clbcatq.dll ActiveX CLSID access (web-client.rules) 7996 <-> WEB-CLIENT clbcatq.dll ActiveX CLSID unicode access (web-client.rules) 7997 <-> WEB-CLIENT CLSID_ApprenticeICW ActiveX CLSID access (web-client.rules) 7998 <-> WEB-CLIENT CLSID_ApprenticeICW ActiveX CLSID unicode access (web-client.rules) 7999 <-> WEB-CLIENT CLSID_CDIDeviceActionConfigPage ActiveX CLSID access (web-client.rules) 8000 <-> WEB-CLIENT CLSID_CDIDeviceActionConfigPage ActiveX CLSID unicode access (web-client.rules) 8001 <-> WEB-CLIENT CommunicationManager ActiveX CLSID access (web-client.rules) 8002 <-> WEB-CLIENT CommunicationManager ActiveX CLSID unicode access (web-client.rules) 8003 <-> WEB-CLIENT Content.mbcontent.1 ActiveX CLSID access (web-client.rules) 8004 <-> WEB-CLIENT Content.mbcontent.1 ActiveX CLSID unicode access (web-client.rules) 8005 <-> WEB-CLIENT DiskManagement.Connection ActiveX CLSID access (web-client.rules) 8006 <-> WEB-CLIENT DiskManagement.Connection ActiveX CLSID unicode access (web-client.rules) 8007 <-> WEB-CLIENT Dutch_Dutch Stemmer ActiveX CLSID access (web-client.rules) 8008 <-> WEB-CLIENT Dutch_Dutch Stemmer ActiveX CLSID unicode access (web-client.rules) 8009 <-> WEB-CLIENT English_UK Stemmer ActiveX CLSID access (web-client.rules) 8010 <-> WEB-CLIENT English_UK Stemmer ActiveX CLSID unicode access (web-client.rules) 8011 <-> WEB-CLIENT English_US Stemmer ActiveX CLSID access (web-client.rules) 8012 <-> WEB-CLIENT English_US Stemmer ActiveX CLSID unicode access (web-client.rules) 8013 <-> WEB-CLIENT French_French Stemmer ActiveX CLSID access (web-client.rules) 8014 <-> WEB-CLIENT French_French Stemmer ActiveX CLSID unicode access (web-client.rules) 8015 <-> WEB-CLIENT German_German Stemmer ActiveX CLSID access (web-client.rules) 8016 <-> WEB-CLIENT German_German Stemmer ActiveX CLSID unicode access (web-client.rules) 8017 <-> WEB-CLIENT ICM Class Manager ActiveX CLSID access (web-client.rules) 8018 <-> WEB-CLIENT ICM Class Manager ActiveX CLSID unicode access (web-client.rules) 8019 <-> WEB-CLIENT Internet Explorer Address Bar ActiveX CLSID access (web-client.rules) 8020 <-> WEB-CLIENT Internet Explorer Address Bar ActiveX CLSID unicode access (web-client.rules) 8021 <-> WEB-CLIENT ISSimpleCommandCreator.1 ActiveX CLSID access (web-client.rules) 8022 <-> WEB-CLIENT ISSimpleCommandCreator.1 ActiveX CLSID unicode access (web-client.rules) 8023 <-> WEB-CLIENT Italian_Italian Stemmer ActiveX CLSID access (web-client.rules) 8024 <-> WEB-CLIENT Italian_Italian Stemmer ActiveX CLSID unicode access (web-client.rules) 8025 <-> WEB-CLIENT Microsoft HTML Window Security Proxy ActiveX CLSID access (web-client.rules) 8026 <-> WEB-CLIENT Microsoft HTML Window Security Proxy ActiveX CLSID unicode access (web-client.rules) 8027 <-> WEB-CLIENT Microsoft WBEM Event Subsystem ActiveX CLSID access (web-client.rules) 8028 <-> WEB-CLIENT Microsoft WBEM Event Subsystem ActiveX CLSID unicode access (web-client.rules) 8029 <-> WEB-CLIENT MidiOut Class Manager ActiveX CLSID access (web-client.rules) 8030 <-> WEB-CLIENT MidiOut Class Manager ActiveX CLSID unicode access (web-client.rules) 8031 <-> WEB-CLIENT Mslablti.MarshalableTI.1 ActiveX CLSID access (web-client.rules) 8032 <-> WEB-CLIENT Mslablti.MarshalableTI.1 ActiveX CLSID unicode access (web-client.rules) 8033 <-> WEB-CLIENT QC.MessageMover.1 ActiveX CLSID access (web-client.rules) 8034 <-> WEB-CLIENT QC.MessageMover.1 ActiveX CLSID unicode access (web-client.rules) 8035 <-> WEB-CLIENT Spanish_Modern Stemmer ActiveX CLSID access (web-client.rules) 8036 <-> WEB-CLIENT Spanish_Modern Stemmer ActiveX CLSID unicode access (web-client.rules) 8037 <-> WEB-CLIENT Swedish_Default Stemmer ActiveX CLSID access (web-client.rules) 8038 <-> WEB-CLIENT Swedish_Default Stemmer ActiveX CLSID unicode access (web-client.rules) 8039 <-> WEB-CLIENT syncui.dll ActiveX CLSID access (web-client.rules) 8040 <-> WEB-CLIENT syncui.dll ActiveX CLSID unicode access (web-client.rules) 8041 <-> WEB-CLIENT VFW Capture Class Manager ActiveX CLSID access (web-client.rules) 8042 <-> WEB-CLIENT VFW Capture Class Manager ActiveX CLSID unicode access (web-client.rules) 8043 <-> WEB-CLIENT Video Effect Class Manager 1 Input ActiveX CLSID access (web-client.rules) 8044 <-> WEB-CLIENT Video Effect Class Manager 1 Input ActiveX CLSID unicode access (web-client.rules) 8045 <-> WEB-CLIENT Video Effect Class Manager 2 Input ActiveX CLSID access (web-client.rules) 8046 <-> WEB-CLIENT Video Effect Class Manager 2 Input ActiveX CLSID unicode access (web-client.rules) 8047 <-> WEB-CLIENT WaveIn Class Manager ActiveX CLSID access (web-client.rules) 8048 <-> WEB-CLIENT WaveIn Class Manager ActiveX CLSID unicode access (web-client.rules) 8049 <-> WEB-CLIENT WaveOut and DSound Class Manager ActiveX CLSID access (web-client.rules) 8050 <-> WEB-CLIENT WaveOut and DSound Class Manager ActiveX CLSID unicode access (web-client.rules) 8051 <-> WEB-CLIENT WDM Instance Provider ActiveX CLSID access (web-client.rules) 8052 <-> WEB-CLIENT WDM Instance Provider ActiveX CLSID unicode access (web-client.rules) 8053 <-> WEB-CLIENT DirectAnimation.PathControl ActiveX CLSID access (web-client.rules) 8054 <-> WEB-CLIENT DirectAnimation.PathControl ActiveX CLSID unicode access (web-client.rules) 8055 <-> WEB-CLIENT DirectAnimation.PathControl ActiveX function call access (web-client.rules) 8058 <-> WEB-CLIENT Mozilla javascript navigator object access (web-client.rules) 8061 <-> WEB-CLIENT ADODB.Stream ActiveX CLSID access (web-client.rules) 8062 <-> WEB-CLIENT ADODB.Stream ActiveX CLSID unicode access (web-client.rules) 8063 <-> WEB-CLIENT ADODB.Stream ActiveX function call access (web-client.rules) 8064 <-> WEB-CLIENT Scriptlet.Typelib ActiveX CLSID access (web-client.rules) 8065 <-> WEB-CLIENT Scriptlet.Typelib ActiveX CLSID unicode access (web-client.rules) 8066 <-> WEB-CLIENT Windows Scripting Host Shell ActiveX CLSID access (web-client.rules) 8067 <-> WEB-CLIENT Windows Scripting Host Shell ActiveX CLSID unicode access (web-client.rules) 8068 <-> WEB-CLIENT Windows Scripting Host Shell ActiveX function call access (web-client.rules) 8069 <-> WEB-CLIENT Microsoft Virtual Machine ActiveX CLSID access (web-client.rules) 8070 <-> WEB-CLIENT Microsoft Virtual Machine ActiveX CLSID unicode access (web-client.rules) 8071 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - search hijack (spyware-put.rules) 8072 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - surf monitor (spyware-put.rules) 8073 <-> SPYWARE-PUT Adware zango toolbar runtime detection (spyware-put.rules) 8091 <-> WEB-CLIENT RealPlayer Realpix file format string overflow attempt (web-client.rules) 8350 <-> WEB-CLIENT pub file download (web-client.rules) 8352 <-> SPYWARE-PUT Adware desktopmedia runtime detection - ads popup (spyware-put.rules) 8353 <-> SPYWARE-PUT Adware desktopmedia runtime detection - auto update (spyware-put.rules) 8354 <-> SPYWARE-PUT Adware desktopmedia runtime detection - surf monitoring (spyware-put.rules) 8355 <-> SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection (spyware-put.rules) 8356 <-> SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection - send log out through email (spyware-put.rules) 8357 <-> SPYWARE-PUT Keylogger spybuddy 3.72 runtime detection - send alert out through email (spyware-put.rules) 8358 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - addressbar keyword search hijack (spyware-put.rules) 8359 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - target website display (spyware-put.rules) 8360 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - search info collect (spyware-put.rules) 8363 <-> WEB-CLIENT Business Object Factory ActiveX CLSID access (web-client.rules) 8364 <-> WEB-CLIENT Business Object Factory ActiveX CLSID unicode access (web-client.rules) 8365 <-> WEB-CLIENT DExplore.AppObj.8.0 ActiveX CLSID access (web-client.rules) 8366 <-> WEB-CLIENT DExplore.AppObj.8.0 ActiveX CLSID unicode access (web-client.rules) 8367 <-> WEB-CLIENT Microsoft.DbgClr.DTE.8.0 ActiveX CLSID access (web-client.rules) 8368 <-> WEB-CLIENT Microsoft.DbgClr.DTE.8.0 ActiveX CLSID unicode access (web-client.rules) 8369 <-> WEB-CLIENT WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (web-client.rules) 8370 <-> WEB-CLIENT WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID unicode access (web-client.rules) 8371 <-> WEB-CLIENT Outlook.Application ActiveX CLSID access (web-client.rules) 8372 <-> WEB-CLIENT Outlook.Application ActiveX CLSID unicode access (web-client.rules) 8373 <-> WEB-CLIENT VsmIDE.DTE ActiveX CLSID access (web-client.rules) 8374 <-> WEB-CLIENT VsmIDE.DTE ActiveX CLSID unicode access (web-client.rules) 8375 <-> WEB-CLIENT QuickTime Object ActiveX CLSID access (web-client.rules) 8376 <-> WEB-CLIENT QuickTime Object ActiveX CLSID unicode access (web-client.rules) 8377 <-> WEB-CLIENT RealPlayer Download Handler ActiveX CLSID access (web-client.rules) 8378 <-> WEB-CLIENT RealPlayer Download Handler ActiveX CLSID unicode access (web-client.rules) 8379 <-> WEB-CLIENT Xml2Dex ActiveX CLSID access (web-client.rules) 8380 <-> WEB-CLIENT Xml2Dex ActiveX CLSID unicode access (web-client.rules) 8381 <-> WEB-CLIENT RealPlayer SMIL Download Handler ActiveX CLSID access (web-client.rules) 8382 <-> WEB-CLIENT RealPlayer SMIL Download Handler ActiveX CLSID unicode access (web-client.rules) 8383 <-> WEB-CLIENT RealPlayer RAM Download Handler ActiveX CLSID access (web-client.rules) 8384 <-> WEB-CLIENT RealPlayer RAM Download Handler ActiveX CLSID unicode access (web-client.rules) 8385 <-> WEB-CLIENT RealPlayer Playback Handler ActiveX CLSID access (web-client.rules) 8386 <-> WEB-CLIENT RealPlayer Playback Handler ActiveX CLSID unicode access (web-client.rules) 8387 <-> WEB-CLIENT RealPlayer RNX Download Handler ActiveX CLSID access (web-client.rules) 8388 <-> WEB-CLIENT RealPlayer RNX Download Handler ActiveX CLSID unicode access (web-client.rules) 8389 <-> WEB-CLIENT RealPlayer RMP Download Handler ActiveX CLSID access (web-client.rules) 8390 <-> WEB-CLIENT RealPlayer RMP Download Handler ActiveX CLSID unicode access (web-client.rules) 8391 <-> WEB-CLIENT RFXInstMgr Class ActiveX CLSID access (web-client.rules) 8392 <-> WEB-CLIENT RFXInstMgr Class ActiveX CLSID unicode access (web-client.rules) 8393 <-> WEB-CLIENT WebDetectFrm ActiveX CLSID access (web-client.rules) 8394 <-> WEB-CLIENT WebDetectFrm ActiveX CLSID unicode access (web-client.rules) 8395 <-> WEB-CLIENT DX3DTransform.Microsoft.CrShatter ActiveX CLSID access (web-client.rules) 8396 <-> WEB-CLIENT DX3DTransform.Microsoft.CrShatter ActiveX CLSID unicode access (web-client.rules) 8397 <-> WEB-CLIENT Microsoft Office List 11.0 ActiveX CLSID access (web-client.rules) 8398 <-> WEB-CLIENT Microsoft Office List 11.0 ActiveX CLSID unicode access (web-client.rules) 8399 <-> WEB-CLIENT Microsoft.WebCapture ActiveX CLSID access (web-client.rules) 8400 <-> WEB-CLIENT Microsoft.WebCapture ActiveX CLSID unicode access (web-client.rules) 8401 <-> WEB-CLIENT Windows Media Services DRM Storage ActiveX CLSID access (web-client.rules) 8402 <-> WEB-CLIENT Windows Media Services DRM Storage ActiveX CLSID unicode access (web-client.rules) 8403 <-> WEB-CLIENT XML Schema Cache 6.0 ActiveX CLSID access (web-client.rules) 8404 <-> WEB-CLIENT XML Schema Cache 6.0 ActiveX CLSID unicode access (web-client.rules) 8405 <-> WEB-CLIENT ActiveX clsid access (web-client.rules) 8406 <-> WEB-CLIENT ActiveX clsid unicode access (web-client.rules) 8407 <-> WEB-CLIENT VisualExec Control ActiveX CLSID access (web-client.rules) 8408 <-> WEB-CLIENT VisualExec Control ActiveX CLSID unicode access (web-client.rules) 8409 <-> WEB-CLIENT RealPlayer Stream Handler ActiveX clsid access (web-client.rules) 8410 <-> WEB-CLIENT RealPlayer Stream Handler ActiveX clsid unicode access (web-client.rules) 8411 <-> WEB-CLIENT DocFind Command ActiveX CLSID access (web-client.rules) 8412 <-> WEB-CLIENT DocFind Command ActiveX CLSID unicode access (web-client.rules) 8413 <-> WEB-CLIENT HCP URI uplddrvinfo access (web-client.rules) 8414 <-> WEB-CLIENT GIF image width descriptor buffer overflow attempt (web-client.rules) 8416 <-> WEB-CLIENT VML fill method overflow attempt (web-client.rules) 8417 <-> WEB-CLIENT TriEditDocument.TriEditDocument ActiveX function call access (web-client.rules) 8418 <-> WEB-CLIENT DXImageTransform.Microsoft.RevealTrans ActiveX function call access (web-client.rules) 8419 <-> WEB-CLIENT WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call access (web-client.rules) 8420 <-> WEB-CLIENT DXImageTransform.Microsoft.Gradient ActiveX function call access (web-client.rules) 8421 <-> WEB-CLIENT OWC11.DataSourceControl.11 ActiveX function call access (web-client.rules) 8423 <-> WEB-CLIENT CEnroll.CEnroll.2 ActiveX function call access (web-client.rules) 8424 <-> WEB-CLIENT Microsoft Forms 2.0 ListBox ActiveX function call access (web-client.rules) 8425 <-> WEB-CLIENT DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (web-client.rules) 8445 <-> WEB-CLIENT RTF file with embedded object package download attempt (web-client.rules) 8448 <-> WEB-CLIENT Excel colinfo XF record overflow attempt (web-client.rules) 8461 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - send userinfo (spyware-put.rules) 8462 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace info downloaded (spyware-put.rules) 8463 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace login info (spyware-put.rules) 8464 <-> SPYWARE-PUT Adware henbang runtime detection (spyware-put.rules) 8465 <-> SPYWARE-PUT Keylogger netobserve runtime detection - email notification (spyware-put.rules) 8466 <-> SPYWARE-PUT Keylogger netobserve runtime detection - email notification (spyware-put.rules) 8467 <-> SPYWARE-PUT Keylogger netobserve runtime detection - remote login response (spyware-put.rules) 8468 <-> SPYWARE-PUT Hijacker accoona runtime detection - collect info (spyware-put.rules) 8469 <-> SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url (spyware-put.rules) 8478 <-> WEB-CLIENT Microsoft Publisher file download attempt (web-client.rules) 8494 <-> MS-SQL/SMB formatmessage possible buffer overflow (sql.rules) 8495 <-> MS-SQL formatmessage possible buffer overflow (sql.rules) 8497 <-> MS-SQL sp_oacreate vulnerable function attempt (sql.rules) 8498 <-> MS-SQL/SMB sp_oacreate unicode vulnerable function attempt (sql.rules) 8499 <-> MS-SQL xp_displayparamstmt unicode vulnerable function attempt (sql.rules) 8510 <-> MS-SQL xp_oagetproperty vulnerable function attempt (sql.rules) 8511 <-> MS-SQL xp_oamethod unicode vulnerable function attempt (sql.rules) 8512 <-> MS-SQL xp_oamethod vulnerable function attempt (sql.rules) 8513 <-> MS-SQL/SMB xp_oamethod unicode vulnerable function attempt (sql.rules) 8514 <-> MS-SQL xp_oasetproperty unicode vulnerable function attempt (sql.rules) 8515 <-> MS-SQL/SMB xp_oasetproperty unicode vulnerable function attempt (sql.rules) 8516 <-> MS-SQL xp_oasetproperty vulnerable function attempt (sql.rules) 8517 <-> MS-SQL xp_peekqueue unicode vulnerable function attempt (sql.rules) 8518 <-> MS-SQL/SMB xp_peekqueue unicode vulnerable function attempt (sql.rules) 8519 <-> MS-SQL xp_peekqueue vulnerable function attempt (sql.rules) 8520 <-> MS-SQL xp_printstatements unicode vulnerable function attempt (sql.rules) 8521 <-> MS-SQL/SMB xp_printstatements unicode vulnerable function attempt (sql.rules) 8522 <-> MS-SQL xp_printstatements vulnerable function attempt (sql.rules) 8523 <-> MS-SQL xp_proxiedmetadata unicode vulnerable function attempt (sql.rules) 8524 <-> MS-SQL/SMB xp_proxiedmetadata unicode vulnerable function attempt (sql.rules) 8525 <-> MS-SQL xp_proxiedmetadata vulnerable function attempt (sql.rules) 8526 <-> MS-SQL xp_SetSQLSecurity unicode vulnerable function attempt (sql.rules) 8527 <-> MS-SQL/SMB xp_SetSQLSecurity unicode vulnerable function attempt (sql.rules) 8528 <-> MS-SQL xp_SetSQLSecurity vulnerable function attempt (sql.rules) 8529 <-> MS-SQL xp_showcolv unicode vulnerable function attempt (sql.rules) 8530 <-> MS-SQL/SMB xp_showcolv unicode vulnerable function attempt (sql.rules) 8531 <-> MS-SQL xp_showcolv vulnerable function attempt (sql.rules) 8532 <-> MS-SQL xp_sqlagent_monitor unicode vulnerable function attempt (sql.rules) 8533 <-> MS-SQL xp_sqlagent_monitor vulnerable function attempt (sql.rules) 8534 <-> MS-SQL/SMB xp_sqlagent_monitor unicode vulnerable function attempt (sql.rules) 8535 <-> MS-SQL xp_sqlinventory unicode vulnerable function attempt (sql.rules) 8536 <-> MS-SQL xp_sqlinventory vulnerable function attempt (sql.rules) 8537 <-> MS-SQL/SMB xp_sqlinventory unicode vulnerable function attempt (sql.rules) 8538 <-> MS-SQL xp_updatecolvbm unicode vulnerable function attempt (sql.rules) 8539 <-> MS-SQL/SMB xp_updatecolvbm unicode vulnerable function attempt (sql.rules) 8542 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (spyware-put.rules) 8543 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads (spyware-put.rules) 8544 <-> SPYWARE-PUT Keylogger nicespy runtime detection - smtp (spyware-put.rules) 8545 <-> SPYWARE-PUT Adware roogoo runtime detection - surfing monitor (spyware-put.rules) 8546 <-> SPYWARE-PUT Adware roogoo runtime detection - show ads (spyware-put.rules) 8717 <-> WEB-CLIENT VsaIDE.DTE ActiveX CLSID access (web-client.rules) 8718 <-> WEB-CLIENT VsaIDE.DTE ActiveX CLSID unicode access (web-client.rules) 8719 <-> WEB-CLIENT VisualStudio.DTE.8.0 ActiveX CLSID access (web-client.rules) 8720 <-> WEB-CLIENT VisualStudio.DTE.8.0 ActiveX CLSID unicode access (web-client.rules) 8721 <-> WEB-CLIENT Outlook Data Object ActiveX CLSID access (web-client.rules) 8722 <-> WEB-CLIENT Outlook Data Object ActiveX CLSID unicode access (web-client.rules) 8723 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid access (web-client.rules) 8724 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access (web-client.rules) 8725 <-> WEB-CLIENT System Monitor ActiveX CLSID access (web-client.rules) 8726 <-> WEB-CLIENT System Monitor ActiveX CLSID unicode access (web-client.rules) 8727 <-> WEB-CLIENT XMLHTTP 4.0 ActiveX clsid access (web-client.rules) 8728 <-> WEB-CLIENT XMLHTTP 4.0 ActiveX clsid unicode access (web-client.rules) 8735 <-> WEB-CLIENT BOWebAgent.Webagent.1 ActiveX CLSID access (web-client.rules) 8736 <-> WEB-CLIENT BOWebAgent.Webagent.1 ActiveX CLSID unicode access (web-client.rules) 8737 <-> WEB-CLIENT BOWebAgent.Webagent.1 ActiveX function call access (web-client.rules) 8738 <-> WEB-CLIENT Macrovision InstallShield Update Service ActiveX clsid access (web-client.rules) 8739 <-> WEB-CLIENT Macrovision InstallShield Update Service ActiveX clsid unicode access (web-client.rules) 8740 <-> WEB-CLIENT Macrovision InstallShield Update Service ActiveX function call access (web-client.rules) 8741 <-> WEB-CLIENT DirectAnimation.DAFontStyle.1 ActiveX CLSID access (web-client.rules) 8742 <-> WEB-CLIENT DirectAnimation.DAFontStyle.1 ActiveX CLSID unicode access (web-client.rules) 8743 <-> WEB-CLIENT DirectAnimation.DAFontStyle.1 ActiveX function call access (web-client.rules) 8744 <-> WEB-CLIENT DirectAnimation.DAEvent.1 ActiveX CLSID access (web-client.rules) 8745 <-> WEB-CLIENT DirectAnimation.DAEvent.1 ActiveX CLSID unicode access (web-client.rules) 8746 <-> WEB-CLIENT DirectAnimation.DAEvent.1 ActiveX function call access (web-client.rules) 8747 <-> WEB-CLIENT DirectAnimation.DAEndStyle.1 ActiveX CLSID access (web-client.rules) 8748 <-> WEB-CLIENT DirectAnimation.DAEndStyle.1 ActiveX CLSID unicode access (web-client.rules) 8749 <-> WEB-CLIENT DirectAnimation.DAEndStyle.1 ActiveX function call access (web-client.rules) 8750 <-> WEB-CLIENT LM.LMBehaviorFactory.1 ActiveX CLSID access (web-client.rules) 8751 <-> WEB-CLIENT LM.LMBehaviorFactory.1 ActiveX CLSID unicode access (web-client.rules) 8752 <-> WEB-CLIENT LM.LMBehaviorFactory.1 ActiveX function call access (web-client.rules) 8753 <-> WEB-CLIENT LM.AutoEffectBvr.1 ActiveX CLSID access (web-client.rules) 8754 <-> WEB-CLIENT LM.AutoEffectBvr.1 ActiveX CLSID unicode access (web-client.rules) 8755 <-> WEB-CLIENT LM.AutoEffectBvr.1 ActiveX function call access (web-client.rules) 8756 <-> WEB-CLIENT DirectAnimation.SpriteControl ActiveX CLSID access (web-client.rules) 8757 <-> WEB-CLIENT DirectAnimation.SpriteControl ActiveX CLSID unicode access (web-client.rules) 8758 <-> WEB-CLIENT DirectAnimation.SpriteControl ActiveX function call access (web-client.rules) 8759 <-> WEB-CLIENT DirectAnimation.SequencerControl ActiveX CLSID access (web-client.rules) 8760 <-> WEB-CLIENT DirectAnimation.SequencerControl ActiveX CLSID unicode access (web-client.rules) 8761 <-> WEB-CLIENT DirectAnimation.SequencerControl ActiveX function call access (web-client.rules) 8762 <-> WEB-CLIENT DirectAnimation.Sequence ActiveX CLSID access (web-client.rules) 8763 <-> WEB-CLIENT DirectAnimation.Sequence ActiveX CLSID unicode access (web-client.rules) 8764 <-> WEB-CLIENT DirectAnimation.Sequence ActiveX function call access (web-client.rules) 8765 <-> WEB-CLIENT DirectAnimation.DAView.1 ActiveX CLSID access (web-client.rules) 8766 <-> WEB-CLIENT DirectAnimation.DAView.1 ActiveX CLSID unicode access (web-client.rules) 8767 <-> WEB-CLIENT DirectAnimation.DAView.1 ActiveX function call access (web-client.rules) 8768 <-> WEB-CLIENT DirectAnimation.DAVector3.1 ActiveX CLSID access (web-client.rules) 8769 <-> WEB-CLIENT DirectAnimation.DAVector3.1 ActiveX CLSID unicode access (web-client.rules) 8770 <-> WEB-CLIENT DirectAnimation.DAVector3.1 ActiveX function call access (web-client.rules) 8771 <-> WEB-CLIENT DirectAnimation.DAVector2.1 ActiveX CLSID access (web-client.rules) 8772 <-> WEB-CLIENT DirectAnimation.DAVector2.1 ActiveX CLSID unicode access (web-client.rules) 8773 <-> WEB-CLIENT DirectAnimation.DAVector2.1 ActiveX function call access (web-client.rules) 8774 <-> WEB-CLIENT DirectAnimation.DAUserData.1 ActiveX CLSID access (web-client.rules) 8775 <-> WEB-CLIENT DirectAnimation.DAUserData.1 ActiveX CLSID unicode access (web-client.rules) 8776 <-> WEB-CLIENT DirectAnimation.DAUserData.1 ActiveX function call access (web-client.rules) 8777 <-> WEB-CLIENT DirectAnimation.DATransform3.1 ActiveX CLSID access (web-client.rules) 8778 <-> WEB-CLIENT DirectAnimation.DATransform3.1 ActiveX CLSID unicode access (web-client.rules) 8779 <-> WEB-CLIENT DirectAnimation.DATransform3.1 ActiveX function call access (web-client.rules) 8780 <-> WEB-CLIENT DirectAnimation.DATransform2.1 ActiveX CLSID access (web-client.rules) 8781 <-> WEB-CLIENT DirectAnimation.DATransform2.1 ActiveX CLSID unicode access (web-client.rules) 8782 <-> WEB-CLIENT DirectAnimation.DATransform2.1 ActiveX function call access (web-client.rules) 8783 <-> WEB-CLIENT DirectAnimation.DAString.1 ActiveX CLSID access (web-client.rules) 8784 <-> WEB-CLIENT DirectAnimation.DAString.1 ActiveX CLSID unicode access (web-client.rules) 8785 <-> WEB-CLIENT DirectAnimation.DAString.1 ActiveX function call access (web-client.rules) 8786 <-> WEB-CLIENT DirectAnimation.DASound.1 ActiveX CLSID access (web-client.rules) 8787 <-> WEB-CLIENT DirectAnimation.DASound.1 ActiveX CLSID unicode access (web-client.rules) 8788 <-> WEB-CLIENT DirectAnimation.DASound.1 ActiveX function call access (web-client.rules) 8789 <-> WEB-CLIENT DirectAnimation.DAPoint3.1 ActiveX CLSID access (web-client.rules) 8790 <-> WEB-CLIENT DirectAnimation.DAPoint3.1 ActiveX CLSID unicode access (web-client.rules) 8791 <-> WEB-CLIENT DirectAnimation.DAPoint3.1 ActiveX function call access (web-client.rules) 8792 <-> WEB-CLIENT DirectAnimation.DAPoint2.1 ActiveX CLSID access (web-client.rules) 8793 <-> WEB-CLIENT DirectAnimation.DAPoint2.1 ActiveX CLSID unicode access (web-client.rules) 8794 <-> WEB-CLIENT DirectAnimation.DAPoint2.1 ActiveX function call access (web-client.rules) 8795 <-> WEB-CLIENT DirectAnimation.DAPath4.1 ActiveX CLSID access (web-client.rules) 8796 <-> WEB-CLIENT DirectAnimation.DAPath4.1 ActiveX CLSID unicode access (web-client.rules) 8797 <-> WEB-CLIENT DirectAnimation.DAPath4.1 ActiveX function call access (web-client.rules) 8798 <-> WEB-CLIENT DirectAnimation.DAPair.1 ActiveX CLSID access (web-client.rules) 8799 <-> WEB-CLIENT DirectAnimation.DAPair.1 ActiveX CLSID unicode access (web-client.rules) 8800 <-> WEB-CLIENT DirectAnimation.DAPair.1 ActiveX function call access (web-client.rules) 8801 <-> WEB-CLIENT DirectAnimation.DANumber.1 ActiveX CLSID access (web-client.rules) 8802 <-> WEB-CLIENT DirectAnimation.DANumber.1 ActiveX CLSID unicode access (web-client.rules) 8803 <-> WEB-CLIENT DirectAnimation.DANumber.1 ActiveX function call access (web-client.rules) 8804 <-> WEB-CLIENT DirectAnimation.DAMontage.1 ActiveX CLSID access (web-client.rules) 8805 <-> WEB-CLIENT DirectAnimation.DAMontage.1 ActiveX CLSID unicode access (web-client.rules) 8806 <-> WEB-CLIENT DirectAnimation.DAMontage.1 ActiveX function call access (web-client.rules) 8807 <-> WEB-CLIENT DirectAnimation.DAMicrophone.1 ActiveX CLSID access (web-client.rules) 8808 <-> WEB-CLIENT DirectAnimation.DAMicrophone.1 ActiveX CLSID unicode access (web-client.rules) 8809 <-> WEB-CLIENT DirectAnimation.DAMicrophone.1 ActiveX function call access (web-client.rules) 8810 <-> WEB-CLIENT DirectAnimation.DAMatte.1 ActiveX CLSID access (web-client.rules) 8811 <-> WEB-CLIENT DirectAnimation.DAMatte.1 ActiveX CLSID unicode access (web-client.rules) 8812 <-> WEB-CLIENT DirectAnimation.DAMatte.1 ActiveX function call access (web-client.rules) 8813 <-> WEB-CLIENT DirectAnimation.DALineStyle.1 ActiveX CLSID access (web-client.rules) 8814 <-> WEB-CLIENT DirectAnimation.DALineStyle.1 ActiveX CLSID unicode access (web-client.rules) 8815 <-> WEB-CLIENT DirectAnimation.DALineStyle.1 ActiveX function call access (web-client.rules) 8816 <-> WEB-CLIENT DirectAnimation.DAJoinStyle.1 ActiveX CLSID access (web-client.rules) 8817 <-> WEB-CLIENT DirectAnimation.DAJoinStyle.1 ActiveX CLSID unicode access (web-client.rules) 8818 <-> WEB-CLIENT DirectAnimation.DAJoinStyle.1 ActiveX function call access (web-client.rules) 8819 <-> WEB-CLIENT DirectAnimation.DAImage.1 ActiveX CLSID access (web-client.rules) 8820 <-> WEB-CLIENT DirectAnimation.DAImage.1 ActiveX CLSID unicode access (web-client.rules) 8821 <-> WEB-CLIENT DirectAnimation.DAImage.1 ActiveX function call access (web-client.rules) 8822 <-> WEB-CLIENT DirectAnimation.DAGeometry.1 ActiveX CLSID access (web-client.rules) 8823 <-> WEB-CLIENT DirectAnimation.DAGeometry.1 ActiveX CLSID unicode access (web-client.rules) 8824 <-> WEB-CLIENT DirectAnimation.DAGeometry.1 ActiveX function call access (web-client.rules) 8825 <-> WEB-CLIENT DirectAnimation.DADashStyle.1 ActiveX CLSID access (web-client.rules) 8826 <-> WEB-CLIENT DirectAnimation.DADashStyle.1 ActiveX CLSID unicode access (web-client.rules) 8827 <-> WEB-CLIENT DirectAnimation.DADashStyle.1 ActiveX function call access (web-client.rules) 8828 <-> WEB-CLIENT DirectAnimation.DAColor.1 ActiveX CLSID access (web-client.rules) 8829 <-> WEB-CLIENT DirectAnimation.DAColor.1 ActiveX CLSID unicode access (web-client.rules) 8830 <-> WEB-CLIENT DirectAnimation.DAColor.1 ActiveX function call access (web-client.rules) 8831 <-> WEB-CLIENT DirectAnimation.DACamera.1 ActiveX CLSID access (web-client.rules) 8832 <-> WEB-CLIENT DirectAnimation.DACamera.1 ActiveX CLSID unicode access (web-client.rules) 8833 <-> WEB-CLIENT DirectAnimation.DACamera.1 ActiveX function call access (web-client.rules) 8834 <-> WEB-CLIENT DirectAnimation.DABoolean.1 ActiveX CLSID access (web-client.rules) 8835 <-> WEB-CLIENT DirectAnimation.DABoolean.1 ActiveX CLSID unicode access (web-client.rules) 8836 <-> WEB-CLIENT DirectAnimation.DABoolean.1 ActiveX function call access (web-client.rules) 8837 <-> WEB-CLIENT DirectAnimation.DABbox3.1 ActiveX CLSID access (web-client.rules) 8838 <-> WEB-CLIENT DirectAnimation.DABbox3.1 ActiveX CLSID unicode access (web-client.rules) 8839 <-> WEB-CLIENT DirectAnimation.DABbox3.1 ActiveX function call access (web-client.rules) 8840 <-> WEB-CLIENT DirectAnimation.DABbox2.1 ActiveX CLSID access (web-client.rules) 8841 <-> WEB-CLIENT DirectAnimation.DABbox2.1 ActiveX CLSID unicode access (web-client.rules) 8842 <-> WEB-CLIENT DirectAnimation.DABbox2.1 ActiveX function call access (web-client.rules) 8843 <-> WEB-CLIENT DirectAnimation.DAArray.1 ActiveX CLSID access (web-client.rules) 8844 <-> WEB-CLIENT DirectAnimation.DAArray.1 ActiveX CLSID unicode access (web-client.rules) 8845 <-> WEB-CLIENT DirectAnimation.DAArray.1 ActiveX function call access (web-client.rules) 8846 <-> WEB-CLIENT Microsoft Agent Character Custom Proxy Class ActiveX clsid access (web-client.rules) 8847 <-> WEB-CLIENT Microsoft Agent Character Custom Proxy Class ActiveX clsid unicode access (web-client.rules) 8848 <-> WEB-CLIENT Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (web-client.rules) 8849 <-> WEB-CLIENT Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid unicode access (web-client.rules) 8850 <-> WEB-CLIENT Microsoft Agent Custom Proxy Class ActiveX clsid access (web-client.rules) 8851 <-> WEB-CLIENT Microsoft Agent Custom Proxy Class ActiveX clsid unicode access (web-client.rules) 8852 <-> WEB-CLIENT Microsoft Agent v2.0 ActiveX clsid access (web-client.rules) 8853 <-> WEB-CLIENT Microsoft Agent v2.0 ActiveX clsid unicode access (web-client.rules) 8854 <-> WEB-CLIENT Microsoft Agent v2.0 ActiveX function call access (web-client.rules) 8855 <-> WEB-CLIENT Microsoft Agent v1.5 ActiveX clsid unicode access (web-client.rules) 8856 <-> WEB-CLIENT Microsoft Agent v1.5 ActiveX function call access (web-client.rules) 9129 <-> WEB-CLIENT WinZip FileView 6.1 ActiveX CLSID access (web-client.rules) 9130 <-> WEB-CLIENT WinZip FileView 6.1 ActiveX CLSID unicode access (web-client.rules) 9131 <-> WEB-CLIENT WinZip FileView 6.1 ActiveX function call access (web-client.rules) 9427 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX clsid access (web-client.rules) 9428 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX clsid unicode access (web-client.rules) 9429 <-> WEB-CLIENT Quicktime Movie link scripting security bypass attempt (web-client.rules) 9430 <-> WEB-CLIENT Quicktime Movie link file URI security bypass attempt (web-client.rules) 9432 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules) 9433 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules) 9434 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules) 9435 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules) 9436 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules) 9619 <-> WEB-CLIENT Gnu gv buffer overflow attempt (web-client.rules) 9625 <-> WEB-CLIENT Windows Media Player ASX file ref href buffer overflow attempt (web-client.rules) 9626 <-> WEB-CLIENT AcroPDF.PDF ActiveX clsid access (web-client.rules) 9627 <-> WEB-CLIENT AcroPDF.PDF ActiveX clsid unicode access (web-client.rules) 9628 <-> WEB-CLIENT javaprxy.dll ActiveX clsid unicode access (web-client.rules) 9629 <-> WEB-CLIENT Citrix.ICAClient ActiveX clsid access (web-client.rules) 9630 <-> WEB-CLIENT Citrix.ICAClient ActiveX clsid unicode access (web-client.rules) 9631 <-> WEB-CLIENT Citrix.ICAClient ActiveX function call access (web-client.rules) 9637 <-> WEB-CLIENT Adobe Download Manger dm.ini stack overflow attempt (web-client.rules) 9639 <-> WEB-CLIENT Windows Address Book download attempt (web-client.rules) 9640 <-> WEB-CLIENT ADODB.Connection ActiveX function call access (web-client.rules) 9641 <-> WEB-CLIENT Windows Media Player ASF simple index object parsing buffer overflow attempt (web-client.rules) 9642 <-> WEB-CLIENT Windows Media Player ASF codec list object parsing buffer overflow attempt (web-client.rules) 9643 <-> WEB-CLIENT Windows Media Player ASF marker object parsing buffer overflow attempt (web-client.rules) 9644 <-> SPYWARE-PUT Adware imnames runtime detection (spyware-put.rules) 9645 <-> SPYWARE-PUT Hijacker sogou runtime detection - keyword hijack (spyware-put.rules) 9646 <-> SPYWARE-PUT Hijacker sogou runtime detection - search through sogou toolbar (spyware-put.rules) 9647 <-> SPYWARE-PUT Keylogger system surveillance pro runtime detection (spyware-put.rules) 9648 <-> SPYWARE-PUT Keylogger emailspypro runtime detection (spyware-put.rules) 9649 <-> SPYWARE-PUT Keylogger ghost Keylogger runtime detection - flowbit set (spyware-put.rules) 9650 <-> SPYWARE-PUT Keylogger ghost Keylogger runtime detection (spyware-put.rules) 9651 <-> SPYWARE-PUT Hijacker ricercadoppia runtime detection (spyware-put.rules) 9652 <-> SPYWARE-PUT Hijacker oemji bar runtime detection (spyware-put.rules) 9668 <-> WEB-CLIENT Outlook Recipient Control ActiveX clsid access (web-client.rules) 9669 <-> WEB-CLIENT Outlook Recipient Control ActiveX clsid unicode access (web-client.rules) 9670 <-> WEB-CLIENT Outlook Recipient Control ActiveX function call access (web-client.rules) 9671 <-> WEB-CLIENT RealPlayer AutoStream.AutoStream.1 ActiveX clsid access (web-client.rules) 9672 <-> WEB-CLIENT RealPlayer AutoStream.AutoStream.1 ActiveX clsid unicode access (web-client.rules) 9673 <-> WEB-CLIENT RealPlayer AutoStream.AutoStream.1 ActiveX function call access (web-client.rules) 9793 <-> WEB-CLIENT YMMAPI.YMailAttach ActiveX clsid access (web-client.rules) 9794 <-> WEB-CLIENT YMMAPI.YMailAttach ActiveX clsid unicode access (web-client.rules) 9795 <-> WEB-CLIENT Panda ActiveScan ActiveScan.1 ActiveX clsid access (web-client.rules) 9796 <-> WEB-CLIENT Panda ActiveScan ActiveScan.1 ActiveX clsid unicode access (web-client.rules) 9797 <-> WEB-CLIENT Panda ActiveScan ActiveScan.1 ActiveX function call access (web-client.rules) 9798 <-> WEB-CLIENT Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (web-client.rules) 9799 <-> WEB-CLIENT Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid unicode access (web-client.rules) 9800 <-> WEB-CLIENT Panda ActiveScan PAVPZ.SOS.1 ActiveX function call access (web-client.rules) 9801 <-> WEB-CLIENT Windows Media Player or Explorer Malformed RIFF File denial of service attempt (web-client.rules) 9812 <-> WEB-CLIENT Yahoo Messenger YMailAttach ActiveX function call access (web-client.rules) 9814 <-> WEB-CLIENT ICQPhone.SipxPhoneManager ActiveX clsid access (web-client.rules) 9817 <-> WEB-CLIENT CEnroll.CEnroll.2 ActiveX clsid access (web-client.rules) 9818 <-> WEB-CLIENT CEnroll.CEnroll.2 ActiveX clsid unicode access (web-client.rules) 9820 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call access (web-client.rules) 9821 <-> WEB-CLIENT TriEditDocument.TriEditDocument ActiveX clsid access (web-client.rules) 9822 <-> WEB-CLIENT TriEditDocument.TriEditDocument ActiveX clsid unicode access (web-client.rules) 9827 <-> SPYWARE-PUT Keylogger paq keylog runtime detection - smtp (spyware-put.rules) 9828 <-> SPYWARE-PUT Keylogger paq keylog runtime detection - ftp (spyware-put.rules) 9829 <-> SPYWARE-PUT Trackware relevantknowledge runtime detection (spyware-put.rules) 9830 <-> SPYWARE-PUT Keylogger supreme spy runtime detection (spyware-put.rules) 9831 <-> SPYWARE-PUT Adware u88 runtime detection (spyware-put.rules) 10088 <-> SPYWARE-PUT Keylogger beyond Keylogger runtime detection - log sent by smtp (spyware-put.rules) 10089 <-> SPYWARE-PUT Keylogger beyond Keylogger runtime detection - log sent by ftp (spyware-put.rules) 10090 <-> SPYWARE-PUT Trickler zango easymessenger runtime detection (spyware-put.rules) 10091 <-> SPYWARE-PUT Hacker-Tool spylply.a runtime detection (spyware-put.rules) 10092 <-> SPYWARE-PUT Trackware russian searchbar runtime detection (spyware-put.rules) 10093 <-> SPYWARE-PUT Hijacker kuaiso toolbar runtime detection (spyware-put.rules) 10094 <-> SPYWARE-PUT Adware borlan runtime detection (spyware-put.rules) 10095 <-> SPYWARE-PUT Trackware bydou runtime detection (spyware-put.rules) 10096 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - keylog (spyware-put.rules) 10097 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection (spyware-put.rules) 10098 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - get system info (spyware-put.rules) 10099 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection (spyware-put.rules) 10100 <-> SPYWARE-PUT Keylogger win32.remotekeylog.b runtime detection - open website (spyware-put.rules) 10164 <-> SPYWARE-PUT Adware adclicker-ej runtime detection (spyware-put.rules) 10165 <-> SPYWARE-PUT Keylogger mybr Keylogger runtime detection (spyware-put.rules) 10166 <-> SPYWARE-PUT Trackware baigoo runtime detection (spyware-put.rules) 10167 <-> SPYWARE-PUT Keylogger radar spy 1.0 runtime detection - send html log (spyware-put.rules) 10179 <-> SPYWARE-PUT Trackware bysoo runtime detection (spyware-put.rules) 10180 <-> SPYWARE-PUT Adware eqiso runtime detection (spyware-put.rules) 10181 <-> SPYWARE-PUT Keylogger systemsleuth runtime detection (spyware-put.rules) 10182 <-> SPYWARE-PUT Adware newweb runtime detection (spyware-put.rules) 10183 <-> SPYWARE-PUT Keylogger activity Keylogger runtime detection (spyware-put.rules) 10435 <-> SPYWARE-PUT Trackware admedia runtime detection (spyware-put.rules) 10436 <-> SPYWARE-PUT Keylogger keyspy runtime detection (spyware-put.rules) 10437 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules) 10438 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules) 10439 <-> SPYWARE-PUT Adware mokead runtime detection (spyware-put.rules) 10440 <-> SPYWARE-PUT Keylogger pc black box runtime detection (spyware-put.rules) 10441 <-> SPYWARE-PUT Hacker-Tool statwin runtime detection (spyware-put.rules) 11305 <-> SPYWARE-PUT Snoopware childwebguardian runtime detection - send log through smtp (spyware-put.rules) 11306 <-> SPYWARE-PUT Snoopware childwebguardian runtime detection - udp broadcast (spyware-put.rules) 11307 <-> SPYWARE-PUT Keylogger computer monitor Keylogger runtime detection (spyware-put.rules) 11308 <-> SPYWARE-PUT Other-Technologies spydawn runtime detection - update checking (spyware-put.rules) 11309 <-> SPYWARE-PUT Keylogger sskc v2.0 runtime detection (spyware-put.rules) 11310 <-> SPYWARE-PUT Trickler iowa webdownloader - icq notification (spyware-put.rules) 11311 <-> SPYWARE-PUT Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (spyware-put.rules) 11312 <-> SPYWARE-PUT Trackware uplink runtime detection (spyware-put.rules) 11313 <-> SPYWARE-PUT Other-Technologies spywarelocker 3.3 runtime detection - update checking (spyware-put.rules) 12147 <-> BACKDOOR blue eye 1.0b runtime detection - init connection (backdoor.rules) 12212 <-> IMAP Ipswitch IMail literal search date command buffer overflow attempt (imap.rules) 12619 <-> EXPLOIT Microsoft Exchange ical/vcal malformed property (exploit.rules) 12704 <-> SMTP Lotus Notes MIF viewer MIFFILE comment overflow (smtp.rules) 12705 <-> SMTP Lotus Notes MIF viewer statement overflow (smtp.rules) 12706 <-> SMTP Lotus Notes MIF viewer statement data overflow (smtp.rules) 13219 <-> WEB-CLIENT HP Software Update RulesEngine.dll ActiveX clsid access (web-client.rules) 13220 <-> WEB-CLIENT HP Software Update RulesEngine.dll ActiveX clsid unicode access (web-client.rules) 13232 <-> WEB-CLIENT Persits Software XUpload ActiveX clsid access (web-client.rules) 13233 <-> WEB-CLIENT Persits Software XUpload ActiveX clsid unicode access (web-client.rules) 13234 <-> WEB-CLIENT Persits Software XUpload ActiveX function call access (web-client.rules) 13235 <-> WEB-CLIENT Persits Software XUpload ActiveX function call unicode access (web-client.rules) 13309 <-> WEB-MISC Apache http server mod_proxy http request crafted date handling denial of service attempt (web-misc.rules) 13310 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules) 13311 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules) 13316 <-> WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt (web-client.rules) 13317 <-> WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt (web-client.rules) 13318 <-> WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt (web-client.rules) 13319 <-> WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt (web-client.rules) 13320 <-> WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt (web-client.rules)
