Sourcefire VRT Rules Update
Date: 2009-03-03
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version CURRENT.
The format of the file is:
sid - Message (rule group, priority)
New rules: 15367 <-> SMTP outlook web access script injection attempt (smtp.rules, High) 15368 <-> WEB-ACTIVEX FathFTP ActiveX clsid access (web-activex.rules, High) 15369 <-> WEB-ACTIVEX FathFTP ActiveX clsid unicode access (web-activex.rules, High) 15370 <-> WEB-ACTIVEX FathFTP ActiveX function call access (web-activex.rules, High) 15371 <-> WEB-ACTIVEX FathFTP ActiveX function call unicode access (web-activex.rules, High) 15372 <-> WEB-ACTIVEX iDefense COMRaider ActiveX clsid access (web-activex.rules, High) 15373 <-> WEB-ACTIVEX iDefense COMRaider ActiveX clsid unicode access (web-activex.rules, High) 15374 <-> WEB-ACTIVEX iDefense COMRaider ActiveX function call access (web-activex.rules, High) 15375 <-> WEB-ACTIVEX iDefense COMRaider ActiveX function call unicode access (web-activex.rules, High) 15376 <-> WEB-ACTIVEX Sopcast SopCore ActiveX clsid access (web-activex.rules, High) 15377 <-> WEB-ACTIVEX Sopcast SopCore ActiveX clsid unicode access (web-activex.rules, High) 15378 <-> WEB-ACTIVEX Sopcast SopCore ActiveX function call access (web-activex.rules, High) 15379 <-> WEB-ACTIVEX Sopcast SopCore ActiveX function call unicode access (web-activex.rules, High) 15380 <-> WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid access (web-activex.rules, High) 15381 <-> WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid unicode access (web-activex.rules, High) 15382 <-> SPECIFIC-THREATS X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow attempt (specific-threats.rules, High) 15383 <-> SPECIFIC-THREATS Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (specific-threats.rules, High) 15384 <-> WEB-CLIENT Apple QuickTime pict image poly structure memory corruption attempt (web-client.rules, High) 15385 <-> WEB-MISC vqf file request (web-misc.rules, Low) Updated rules: 3656 <-> SMTP MDaemon 6.5.1 and prior versions MAIL overflow attempt (smtp.rules, High) 5742 <-> SPYWARE-PUT Keylogger activitylogger runtime detection (spyware-put.rules, Medium) 5743 <-> SPYWARE-PUT Hijacker actualnames runtime detection - plugin list (spyware-put.rules, Low) 5744 <-> SPYWARE-PUT Hijacker actualnames runtime detection - online.php request (spyware-put.rules, Low) 5749 <-> SPYWARE-PUT Trackware alexa runtime detection (spyware-put.rules, Medium) 5750 <-> SPYWARE-PUT Adware dogpile runtime detection (spyware-put.rules, Low) 5760 <-> SPYWARE-PUT Hijacker marketscore runtime detection (spyware-put.rules, Low) 5764 <-> SPYWARE-PUT Hijacker begin2search runtime detection - fcgi query (spyware-put.rules, Low) 5765 <-> SPYWARE-PUT Hijacker begin2search runtime detection - ico query (spyware-put.rules, Low) 5767 <-> SPYWARE-PUT Hijacker begin2search runtime detection - download unauthorized code (spyware-put.rules, Low) 5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules, Low) 5769 <-> SPYWARE-PUT Hijacker begin2search runtime detection - play bingo ads (spyware-put.rules, Low) 5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules, Medium) 5773 <-> SPYWARE-PUT Adware forbes runtime detection (spyware-put.rules, Low) 5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules, Low) 5775 <-> SPYWARE-PUT Hijacker freescratch runtime detection - scratch card (spyware-put.rules, Low) 5776 <-> SPYWARE-PUT Trickler grokster runtime detection (spyware-put.rules, Low) 5777 <-> SPYWARE-PUT Keylogger gurl watcher runtime detection (spyware-put.rules, Medium) 5778 <-> SPYWARE-PUT Keylogger runtime detection - hwpe windows activity logs (spyware-put.rules, Medium) 5779 <-> SPYWARE-PUT Keylogger runtime detection - hwpe shell file logs (spyware-put.rules, Medium) 5780 <-> SPYWARE-PUT Keylogger runtime detection - hwpe word filtered echelon log (spyware-put.rules, Medium) 5781 <-> SPYWARE-PUT Keylogger runtime detection - hwae windows activity logs (spyware-put.rules, Medium) 5782 <-> SPYWARE-PUT Keylogger runtime detection - hwae word filtered echelon log (spyware-put.rules, Medium) 5783 <-> SPYWARE-PUT Keylogger runtime detection - hwae keystrokes log (spyware-put.rules, Medium) 5784 <-> SPYWARE-PUT Keylogger runtime detection - hwae urls browsed log (spyware-put.rules, Medium) 5787 <-> SPYWARE-PUT Adware hithopper runtime detection - search (spyware-put.rules, Low) 5788 <-> SPYWARE-PUT Adware hithopper runtime detection - click toolbar buttons (spyware-put.rules, Low) 5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules, Medium) 5790 <-> SPYWARE-PUT Keylogger pc actmon pro runtime detection - smtp (spyware-put.rules, Medium) 5795 <-> SPYWARE-PUT Adware ist powerscan runtime detection (spyware-put.rules, Low) 5796 <-> SPYWARE-PUT Adware keenvalue runtime detection (spyware-put.rules, Low) 5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules, Medium) 5801 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (spyware-put.rules, Medium) 5802 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 2 (spyware-put.rules, Medium) 5803 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (spyware-put.rules, Medium) 5808 <-> SPYWARE-PUT Hijacker shop at home search merchant redirect check (spyware-put.rules, Low) 5812 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - email notification (spyware-put.rules, Low) 5814 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - create redirection (spyware-put.rules, Low) 5818 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules, Low) 5819 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - check status (spyware-put.rules, Low) 5821 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - destory log (spyware-put.rules, Low) 5822 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules, Low) 5823 <-> SPYWARE-PUT Hacker-Tool stealthredirector runtime detection - view netstat (spyware-put.rules, Low) 5824 <-> SPYWARE-PUT Dialer stripplayer runtime detection (spyware-put.rules, Low) 5831 <-> SPYWARE-PUT Hijacker comet systems runtime detection - update requests (spyware-put.rules, Low) 5832 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 1 (spyware-put.rules, Low) 5833 <-> SPYWARE-PUT Hijacker comet systems runtime search detection - search request 2 (spyware-put.rules, Low) 5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules, Low) 5835 <-> SPYWARE-PUT Adware gamespy_arcade runtime detection (spyware-put.rules, Low) 5836 <-> SPYWARE-PUT Trickler nictech.bm2 runtime detection (spyware-put.rules, Low) 5837 <-> SPYWARE-PUT Trackware ucmore runtime detection - track activity (spyware-put.rules, Medium) 5838 <-> SPYWARE-PUT Trackware ucmore runtime detection - get sponsor/ad links (spyware-put.rules, Medium) 5839 <-> SPYWARE-PUT Trackware ucmore runtime detection - click sponsor/ad link (spyware-put.rules, Medium) 5840 <-> SPYWARE-PUT Hijacker sep runtime detection (spyware-put.rules, Low) 5844 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - post request (spyware-put.rules, Low) 5848 <-> SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (spyware-put.rules, Low) 5849 <-> SPYWARE-PUT Adware warez_p2p runtime detection - update request (spyware-put.rules, Low) 5850 <-> SPYWARE-PUT Adware warez_p2p runtime detection - check update (spyware-put.rules, Low) 5851 <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules, Low) 5852 <-> SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (spyware-put.rules, Low) 5853 <-> SPYWARE-PUT Adware warez_p2p runtime detection - download ads (spyware-put.rules, Low) 5854 <-> SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (spyware-put.rules, Low) 5857 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - mysaconfg request (spyware-put.rules, Low) 5858 <-> SPYWARE-PUT Adware praizetoolbar runtime detection (spyware-put.rules, Low) 5859 <-> SPYWARE-PUT Hijacker daosearch runtime detection - information request (spyware-put.rules, Low) 5860 <-> SPYWARE-PUT Hijacker daosearch runtime detection - search hijack (spyware-put.rules, Low) 5861 <-> SPYWARE-PUT Hijacker isearch runtime detection - toolbar information request (spyware-put.rules, Low) 5862 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 1 (spyware-put.rules, Low) 5863 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 2 (spyware-put.rules, Low) 5865 <-> SPYWARE-PUT Adware zapspot runtime detection - pop up ads (spyware-put.rules, Low) 5866 <-> SPYWARE-PUT Hijacker couponbar runtime detection - download new coupon offers and links (spyware-put.rules, Low) 5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules, Low) 5868 <-> SPYWARE-PUT Hijacker couponbar runtime detection - view coupon offers (spyware-put.rules, Low) 5872 <-> SPYWARE-PUT Snoopware hyperlinker runtime detection (spyware-put.rules, Medium) 5873 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules, Medium) 5874 <-> SPYWARE-PUT Snoopware pc acme pro runtime detection (spyware-put.rules, Medium) 5877 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - startup access (spyware-put.rules, Low) 5878 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - configuration retrieval (spyware-put.rules, Low) 5879 <-> SPYWARE-PUT Adware trustyfiles v2.4.0.4 runtime detection - update notification (spyware-put.rules, Low) 5880 <-> SPYWARE-PUT Keylogger spyagent runtime detect - smtp delivery (spyware-put.rules, Medium) 5881 <-> SPYWARE-PUT Keylogger spyagent runtime detect - ftp delivery (spyware-put.rules, Medium) 5882 <-> SPYWARE-PUT Keylogger spyagent runtime detect - alert notification (spyware-put.rules, Medium) 5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules, Low) 5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules, Low) 5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules, Medium) 5893 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - search keyword (spyware-put.rules, Medium) 5898 <-> SPYWARE-PUT Trackware adtools runtime detection - track user activity (spyware-put.rules, Medium) 5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime detection - generate desktop alert (spyware-put.rules, Medium) 5900 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - collect information (spyware-put.rules, Medium) 5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - download self-update (spyware-put.rules, Medium) 5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules, Low) 5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules, Low) 5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules, Low) 5907 <-> SPYWARE-PUT Trackware e2give runtime detection - check update (spyware-put.rules, Medium) 5908 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 1 (spyware-put.rules, Medium) 5909 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 2 (spyware-put.rules, Medium) 5910 <-> SPYWARE-PUT Trackware casalemedia runtime detection (spyware-put.rules, Medium) 5913 <-> SPYWARE-PUT Trickler smasoft webdownloader runtime detection (spyware-put.rules, Low) 5914 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - configuration download (spyware-put.rules, Low) 5917 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - toolbar search (spyware-put.rules, Low) 5918 <-> SPYWARE-PUT Hijacker painter runtime detection - ping 'alive' signal (spyware-put.rules, Low) 5919 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect to klikvipsearch (spyware-put.rules, Low) 5920 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect yahoo search through online-casino-searcher (spyware-put.rules, Low) 5921 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - send user url request (spyware-put.rules, Medium) 5922 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - display advertisement news (spyware-put.rules, Medium) 5923 <-> SPYWARE-PUT Adware active shopper runtime detection - side search request (spyware-put.rules, Low) 5924 <-> SPYWARE-PUT Adware active shopper runtime detection - redirect (spyware-put.rules, Low) 5925 <-> SPYWARE-PUT Adware active shopper runtime detection - check (spyware-put.rules, Low) 5927 <-> SPYWARE-PUT Adware cashbar runtime detection - .smx requests (spyware-put.rules, Low) 5928 <-> SPYWARE-PUT Adware cashbar runtime detection - ads request (spyware-put.rules, Low) 5929 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 1 (spyware-put.rules, Low) 5930 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 2 (spyware-put.rules, Low) 5933 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 1 (spyware-put.rules, Low) 5934 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 2 (spyware-put.rules, Low) 5935 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 3 (spyware-put.rules, Low) 5936 <-> SPYWARE-PUT Hijacker dropspam runtime detection - side search (spyware-put.rules, Low) 5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules, Low) 5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules, Low) 5940 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - search request (spyware-put.rules, Medium) 5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules, Medium) 5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules, Medium) 5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules, Medium) 5944 <-> SPYWARE-PUT Adware free access bar runtime detection 1 (spyware-put.rules, Low) 5945 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - track.cgi request (spyware-put.rules, Low) 5948 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (spyware-put.rules, Low) 5950 <-> SPYWARE-PUT Trackware iggsey toolbar detection - pass information to server (spyware-put.rules, Medium) 5951 <-> SPYWARE-PUT Trackware iggsey toolbar detection - search request (spyware-put.rules, Medium) 5952 <-> SPYWARE-PUT Hijacker 123mania runtime detection - autosearch hijacking (spyware-put.rules, Low) 5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules, Low) 5954 <-> SPYWARE-PUT Trackware browserpal runtime detection - post user info to server (spyware-put.rules, Medium) 5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules, Medium) 5956 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 icq notification of server installation (spyware-put.rules, Low) 5960 <-> SPYWARE-PUT Hijacker raxsearch detection - pop-up raxsearch window (spyware-put.rules, Low) 5961 <-> SPYWARE-PUT Hijacker searchfast detection - news ticker (spyware-put.rules, Low) 5962 <-> SPYWARE-PUT Hijacker searchfast detection - catch search keyword (spyware-put.rules, Low) 5964 <-> SPYWARE-PUT Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (spyware-put.rules, Low) 5965 <-> SPYWARE-PUT Hijacker searchfast detection - get toolbar cfg (spyware-put.rules, Low) 5966 <-> SPYWARE-PUT trackware searchinweb detection - search request (spyware-put.rules, Medium) 5967 <-> SPYWARE-PUT trackware searchinweb detection - click result links (spyware-put.rules, Medium) 5968 <-> SPYWARE-PUT trackware searchinweb detection - redirect (spyware-put.rules, Medium) 5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules, Medium) 5970 <-> SPYWARE-PUT hijacker smart finder detection - keys update (spyware-put.rules, Low) 5971 <-> SPYWARE-PUT hijacker smart finder detection - track hits (spyware-put.rules, Low) 5972 <-> SPYWARE-PUT hijacker smart finder detection - ie autosearch hijack 1 (spyware-put.rules, Low) 5973 <-> SPYWARE-PUT hijacker smart finder detection - search engines hijack (spyware-put.rules, Low) 5974 <-> SPYWARE-PUT hijacker smart finder detection - pop-up ads (spyware-put.rules, Low) 5975 <-> SPYWARE-PUT hijacker topfive searchassistant detection - search request (spyware-put.rules, Low) 5976 <-> SPYWARE-PUT hijacker topfive searchassistant detection - side search (spyware-put.rules, Low) 5977 <-> SPYWARE-PUT hijacker topfive searchassistant detection - post user information to server (spyware-put.rules, Low) 5978 <-> SPYWARE-PUT hijacker topfive searchassistant detection - update (spyware-put.rules, Low) 5979 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - track user ip address (spyware-put.rules, Medium) 5980 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - display advertisement (spyware-put.rules, Medium) 5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules, Low) 5984 <-> SPYWARE-PUT Trackware push toolbar installtime detection - user information collect (spyware-put.rules, Medium) 5986 <-> SPYWARE-PUT Trickler teomasearchbar runtime detection (spyware-put.rules, Low) 5987 <-> SPYWARE-PUT Hijacker wishbone runtime detection (spyware-put.rules, Low) 5988 <-> SPYWARE-PUT Trackware windupdates-mediagateway runtime detection - post data (spyware-put.rules, Medium) 5989 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get config (spyware-put.rules, Low) 5990 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (spyware-put.rules, Low) 5991 <-> SPYWARE-PUT Hijacker getmirar runtime detection - search request (spyware-put.rules, Low) 5992 <-> SPYWARE-PUT Hijacker getmirar runtime detection - get keyword-related content (spyware-put.rules, Low) 5994 <-> SPYWARE-PUT Hijacker getmirar runtime detection - click related button (spyware-put.rules, Low) 5995 <-> SPYWARE-PUT Adware offeragent runtime detection - information checking (spyware-put.rules, Low) 5996 <-> SPYWARE-PUT Adware offeragent runtime detection - ads request (spyware-put.rules, Low) 6184 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - config upload (spyware-put.rules, Low) 6185 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - reporting keyword (spyware-put.rules, Low) 6186 <-> SPYWARE-PUT Other-Technologies SpywareStrike Runtime Detection (spyware-put.rules, Low) 6189 <-> SPYWARE-PUT Trackware try2find detection (spyware-put.rules, Medium) 6191 <-> SPYWARE-PUT Trackware onetoolbar runtime detection (spyware-put.rules, Medium) 6192 <-> SPYWARE-PUT Adware seekmo runtime detection - reporting keyword (spyware-put.rules, Low) 6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules, Low) 6194 <-> SPYWARE-PUT Adware seekmo runtime detection - config upload (spyware-put.rules, Low) 6195 <-> SPYWARE-PUT Adware seekmo runtime detection - download .cab (spyware-put.rules, Low) 6196 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - services requests (spyware-put.rules, Low) 6197 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - track/upgrade/report activities (spyware-put.rules, Low) 6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules, Medium) 6199 <-> SPYWARE-PUT Hijacker smart search runtime detection - hijack/ads (spyware-put.rules, Low) 6200 <-> SPYWARE-PUT Hijacker smart search runtime detection - get settings (spyware-put.rules, Low) 6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules, Low) 6203 <-> SPYWARE-PUT Trickler farmmext runtime detection - drk.syn request (spyware-put.rules, Low) 6204 <-> SPYWARE-PUT Trickler farmmext runtime detection - track activity (spyware-put.rules, Low) 6207 <-> SPYWARE-PUT Keylogger winsession runtime detection - smtp (spyware-put.rules, Medium) 6208 <-> SPYWARE-PUT Keylogger winsession runtime detection - ftp (spyware-put.rules, Medium) 6209 <-> SPYWARE-PUT Adware deskwizz/zquest runtime detection - get config information / ad banner (spyware-put.rules, Low) 6211 <-> SPYWARE-PUT Adware deskwizz runtime detection - pop-up ad request (spyware-put.rules, Low) 6212 <-> SPYWARE-PUT Adware commonname runtime detection (spyware-put.rules, Low) 6213 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (spyware-put.rules, Low) 6216 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - config (spyware-put.rules, Low) 6217 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads 1 (spyware-put.rules, Low) 6220 <-> SPYWARE-PUT Keylogger boss everyware runtime detection (spyware-put.rules, Medium) 6221 <-> SPYWARE-PUT Keylogger computerspy runtime detection (spyware-put.rules, Medium) 6222 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - contact server (spyware-put.rules, Low) 6223 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - retrieve schedule (spyware-put.rules, Low) 6224 <-> SPYWARE-PUT Hijacker ieplugin runtime detection - search (spyware-put.rules, Low) 6225 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - getsize request (spyware-put.rules, Low) 6226 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - ads - request (spyware-put.rules, Low) 6227 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - bullseye network side search frame (spyware-put.rules, Low) 6228 <-> SPYWARE-PUT Adware exact.bargainbuddy runtime detection - disclaimer text (spyware-put.rules, Low) 6230 <-> SPYWARE-PUT Hijacker i-lookup runtime detection (spyware-put.rules, Low) 6232 <-> SPYWARE-PUT Adware mirar runtime detection - thumbnail (spyware-put.rules, Low) 6233 <-> SPYWARE-PUT Adware mirar runtime detection - delayed (spyware-put.rules, Low) 6234 <-> SPYWARE-PUT Adware mirar runtime detection - ads (spyware-put.rules, Low) 6236 <-> SPYWARE-PUT Adware lop runtime detection - pass info to server (spyware-put.rules, Low) 6237 <-> SPYWARE-PUT Adware lop runtime detection - check update request (spyware-put.rules, Low) 6238 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 1 (spyware-put.rules, Low) 6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules, Low) 6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules, Low) 6241 <-> SPYWARE-PUT Adware lop runtime detection - ie autosearch hijack (spyware-put.rules, Low) 6243 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - home page hijack (spyware-put.rules, Low) 6244 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - ie auto search hijack (spyware-put.rules, Low) 6246 <-> SPYWARE-PUT Hijacker exact navisearch runtime detection - search hijack (spyware-put.rules, Low) 6247 <-> SPYWARE-PUT Adware ezula toptext runtime detection - help redirect (spyware-put.rules, Low) 6248 <-> SPYWARE-PUT Adware ezula toptext runtime detection - popup (spyware-put.rules, Low) 6250 <-> SPYWARE-PUT Adware hotbar runtime detection - hotbar user-agent (spyware-put.rules, Low) 6251 <-> SPYWARE-PUT Adware hotbar runtime detection - hostie user-agent (spyware-put.rules, Low) 6252 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - search request (spyware-put.rules, Medium) 6253 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - log user ativity (spyware-put.rules, Medium) 6254 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - redirect (spyware-put.rules, Medium) 6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules, Medium) 6257 <-> SPYWARE-PUT Adware searchsquire runtime detection - testgeonew query (spyware-put.rules, Low) 6260 <-> SPYWARE-PUT Adware overpro runtime detection (spyware-put.rules, Low) 6261 <-> SPYWARE-PUT Trickler slinkyslate toolbar runtime detection (spyware-put.rules, Low) 6270 <-> SPYWARE-PUT Hijacker topicks runtime detection (spyware-put.rules, Low) 6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules, Low) 6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules, Low) 6278 <-> SPYWARE-PUT Trickler navexcel search toolbar runtime detection - activate/update (spyware-put.rules, Low) 6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules, Low) 6281 <-> SPYWARE-PUT Hijacker yoursitebar runtime detection (spyware-put.rules, Low) 6282 <-> SPYWARE-PUT Hijacker customtoolbar runtime detection (spyware-put.rules, Low) 6340 <-> SPYWARE-PUT Keylogger handy keylogger runtime detection (spyware-put.rules, Medium) 6341 <-> SPYWARE-PUT Hijacker spediabar user-agent string detected (spyware-put.rules, Low) 6342 <-> SPYWARE-PUT Hijacker spediabar runtime detection - info check (spyware-put.rules, Low) 10062 <-> WEB-CLIENT Java Virtual Machine malformed GIF buffer overflow attempt (web-client.rules, High) 12070 <-> EXPLOIT Microsoft Excel malformed version field (exploit.rules, High) 12741 <-> EXPLOIT Apple Quicktime TCP RTSP sdp type buffer overflow attempt (exploit.rules, High) 12742 <-> EXPLOIT Apple Quicktime UDP RTSP sdp type buffer overflow attempt (exploit.rules, High)
