Sourcefire VRT Rules Update

Date: 2012-02-28

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.2.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:21463 <-> DISABLED <-> BOTNET-CNC Win32.Bibei variant outbound connection (botnet-cnc.rules)
 * 1:21460 <-> DISABLED <-> BOTNET-CNC Win32.DarkComet inbound connection attempt (botnet-cnc.rules)
 * 1:21468 <-> DISABLED <-> BACKDOOR Win32.Dama variant outbound connection (backdoor.rules)
 * 1:21461 <-> DISABLED <-> BOTNET-CNC Win32.DarkComet outbound connection attempt - post infection (botnet-cnc.rules)
 * 1:21453 <-> DISABLED <-> SPECIFIC-THREATS Possible unknown malicious PDF (specific-threats.rules)
 * 1:21458 <-> DISABLED <-> SPECIFIC-THREATS Adobe Flash ActionScript float index array memory corruption (specific-threats.rules)
 * 1:21472 <-> DISABLED <-> BOTNET-CNC Trojan.Delf.tzp download attempt (botnet-cnc.rules)
 * 1:21455 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string psi (blacklist.rules)
 * 1:21464 <-> DISABLED <-> BOTNET-CNC Downloader-CEW.b runtime traffic detected (botnet-cnc.rules)
 * 1:21470 <-> DISABLED <-> BOTNET-CNC Trojan.Krap.Gy connect to server attempt (botnet-cnc.rules)
 * 1:21469 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string 1234567890 (blacklist.rules)
 * 1:21475 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string core-project (blacklist.rules)
 * 1:21476 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user agent YZF (blacklist.rules)
 * 1:21471 <-> DISABLED <-> BOTNET-CNC Win32.Bancos variant outbound connection (botnet-cnc.rules)
 * 1:21457 <-> DISABLED <-> SPECIFIC-THREATS Adobe Flash ActionScript float index array memory corruption (specific-threats.rules)
 * 1:21474 <-> DISABLED <-> BACKDOOR Win32.Lancafdo.A runtime detection (backdoor.rules)
 * 1:21454 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Banbra.vec runtime detection (botnet-cnc.rules)
 * 1:21473 <-> DISABLED <-> BOTNET-CNC Trojan.GameThief variant outbound connection (botnet-cnc.rules)
 * 1:21465 <-> DISABLED <-> WEB-MISC HTTP response splitting attempt (web-misc.rules)
 * 1:21467 <-> DISABLED <-> BOTNET-CNC Win32.IRCBot variant outbound connection (botnet-cnc.rules)
 * 1:21462 <-> DISABLED <-> WEB-CLIENT Sun Java Plugin security bypass (web-client.rules)
 * 1:21466 <-> DISABLED <-> BOTNET-CNC Autorun.BDS runtime traffic detected (botnet-cnc.rules)
 * 1:21456 <-> DISABLED <-> BOTNET-CNC W32.DarkComet variant outbound connection (botnet-cnc.rules)
 * 1:21459 <-> ENABLED <-> SPECIFIC-THREATS Havij advanced SQL injection tool user-agent string (specific-threats.rules)

Modified Rules:


 * 1:10065 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10066 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10067 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10068 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10069 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10070 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10071 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10072 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10073 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10074 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10075 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10076 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:10077 <-> ENABLED <-> BOTNET-CNC Trojan Peacomm smtp propagation detection (botnet-cnc.rules)
 * 1:13934 <-> DISABLED <-> BOTNET-CNC Hijacker mediatubecodec 1.470.0 runtime detection - hijack ie (botnet-cnc.rules)
 * 1:13935 <-> DISABLED <-> BOTNET-CNC Hijacker mediatubecodec 1.470.0 runtime detection - download other malware (botnet-cnc.rules)
 * 1:13936 <-> DISABLED <-> BOTNET-CNC Trickler dropper agent.rqg runtime detection - call home (botnet-cnc.rules)
 * 1:15563 <-> ENABLED <-> BOTNET-CNC RSPlug Trojan server connection attempt (botnet-cnc.rules)
 * 1:15564 <-> ENABLED <-> BOTNET-CNC RSPlug Trojan file download attempt (botnet-cnc.rules)
 * 1:15565 <-> ENABLED <-> BOTNET-CNC RSPlug Trojan file download attempt (botnet-cnc.rules)
 * 1:16124 <-> DISABLED <-> BOTNET-CNC downloader trojan.nsis.agent.s runtime detection (botnet-cnc.rules)
 * 1:16139 <-> DISABLED <-> BOTNET-CNC downloader_trojan.gen2 runtime detection - scanner page (botnet-cnc.rules)
 * 1:16274 <-> DISABLED <-> BOTNET-CNC Trickler trojan-spy.win32.pophot runtime detection - connect to server (botnet-cnc.rules)
 * 1:16275 <-> DISABLED <-> BOTNET-CNC Trickler trojan-spy.win32.pophot runtime detection - download files (botnet-cnc.rules)
 * 1:16496 <-> ENABLED <-> BOTNET-CNC Trojan hacktool attempt to contact server (botnet-cnc.rules)
 * 1:16558 <-> DISABLED <-> BOTNET-CNC SdBot IRC Trojan server to client communication attempt (botnet-cnc.rules)
 * 1:16834 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qd.netkill.com.cn - Trojan-Downloader.Win32.Adload.rzx (blacklist.rules)
 * 1:16835 <-> DISABLED <-> BLACKLIST DNS request for known malware domain exe.146843.com - Trojan.Win32.Opeg.a (blacklist.rules)
 * 1:16836 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ra03.e5732.com - Trojan-Clicker.Win32.Small.afg (blacklist.rules)
 * 1:16837 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dangercheats.com.br - Trojan.Win32.Refroso.arnq (blacklist.rules)
 * 1:16838 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xlm.ppvsr.com - Trojan-GameThief.Win32.OnLineGames.wwcf (blacklist.rules)
 * 1:16839 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sh16.e8753.com - Trojan.Win32.Scar.ccqb (blacklist.rules)
 * 1:16840 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rx11.e6532.com - Trojan.Win32.Opeg.a (blacklist.rules)
 * 1:16841 <-> DISABLED <-> BLACKLIST DNS request for known malware domain podgorz.org - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16842 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sp19.e4578.com - Trojan-Downloader.Win32.Genome.njz (blacklist.rules)
 * 1:16843 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 1.7zsm.com - Trojan-Downloader.Win32.Agent.dtuo (blacklist.rules)
 * 1:16844 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rm08.e4562.com - Trojan-Downloader.Win32.Agent.dngx (blacklist.rules)
 * 1:16845 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rc04.e6532.com - Trojan-Downloader.Win32.Genome.awld (blacklist.rules)
 * 1:16846 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bedayton.com - Trojan-Downloader.Win32.Agent.dlhe (blacklist.rules)
 * 1:16847 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rz12.e6805.com - Trojan-Downloader.Win32.Genome.awld (blacklist.rules)
 * 1:16849 <-> DISABLED <-> BLACKLIST DNS request for known malware domain re05.e6532.com - Trojan-Downloader.Win32.Genome.awld (blacklist.rules)
 * 1:16850 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kldmten.net - Trojan-Spy.Win32.Zbot.akra (blacklist.rules)
 * 1:16851 <-> DISABLED <-> BLACKLIST DNS request for known malware domain forelc.cc - Trojan-Ransom.Win32.XBlocker.ahe (blacklist.rules)
 * 1:16852 <-> DISABLED <-> BLACKLIST DNS request for known malware domain v.yao63.com - Trojan-Downloader.Win32.Agent.dqns (blacklist.rules)
 * 1:16853 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vh26.e4578.com - Trojan.Win32.Opeg.a (blacklist.rules)
 * 1:16854 <-> DISABLED <-> BLACKLIST DNS request for known malware domain up1.give2sms.com - Trojan-Downloader.Win32.Genome.est (blacklist.rules)
 * 1:16855 <-> DISABLED <-> BLACKLIST DNS request for known malware domain d.123kuaihuo.com - Trojan.Win32.Scar.clbx (blacklist.rules)
 * 1:16856 <-> DISABLED <-> BLACKLIST DNS request for known malware domain andy.cd - Backdoor.Win32.Agent.auto (blacklist.rules)
 * 1:16858 <-> DISABLED <-> BLACKLIST DNS request for known malware domain charter-x.biz - Packed.Win32.Krap.ae (blacklist.rules)
 * 1:16859 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gerherber.com - Trojan-Spy.Win32.Zbot.akdw (blacklist.rules)
 * 1:16860 <-> DISABLED <-> BLACKLIST DNS request for known malware domain urodinam.net - Trojan.Win32.TDSS.azsj (blacklist.rules)
 * 1:16861 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gite-eguisheim.com - Trojan-Downloader.Win32.Piker.clp (blacklist.rules)
 * 1:16862 <-> DISABLED <-> BLACKLIST DNS request for known malware domain phaizeipeu.ru - Packed.Win32.Krap.gx (blacklist.rules)
 * 1:16863 <-> DISABLED <-> BLACKLIST DNS request for known malware domain teendx.com - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16864 <-> DISABLED <-> BLACKLIST DNS request for known malware domain taiping2033.2288.org - Trojan-Downloader.Win32.Selvice.afy (blacklist.rules)
 * 1:16865 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cnfg.maxsitesrevenues.net - Trojan.Win32.BHO.afke (blacklist.rules)
 * 1:16868 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hostshack.net - Trojan.Win32.Buzus.empl (blacklist.rules)
 * 1:16869 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tt.vv49.com - Trojan-GameThief.Win32.OnLineGames.bnkb (blacklist.rules)
 * 1:16870 <-> DISABLED <-> BLACKLIST DNS request for known malware domain search.sidegreen.com - Backdoor.Win32.Agent.arqi (blacklist.rules)
 * 1:16871 <-> DISABLED <-> BLACKLIST DNS request for known malware domain parfaitpournous.com - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16872 <-> DISABLED <-> BLACKLIST DNS request for known malware domain postmetoday.ru - Packed.Win32.Katusha.j (blacklist.rules)
 * 1:16873 <-> DISABLED <-> BLACKLIST DNS request for known malware domain youword.cn - Trojan.Win32.Scar.bvgu (blacklist.rules)
 * 1:16874 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ophaeghaev.ru - Trojan-Spy.Win32.Zbot.akmi (blacklist.rules)
 * 1:16875 <-> DISABLED <-> BLACKLIST DNS request for known malware domain up1.free-sms.co.kr - Trojan.Win32.Vilsel.akp (blacklist.rules)
 * 1:16876 <-> DISABLED <-> BLACKLIST DNS request for known malware domain c.softdowns.info - Trojan.BAT.Agent.yn (blacklist.rules)
 * 1:16877 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ddkom.biz - Trojan.Win32.Scar.ckhr (blacklist.rules)
 * 1:16878 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vopret.ru - Trojan.Win32.FraudPack.axwn (blacklist.rules)
 * 1:16879 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dnfpomo.dnfranran.com - Trojan-GameThief.Win32.OnLineGames.bnkx (blacklist.rules)
 * 1:16881 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sex-gifts.ru - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16882 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 111.168lala.com - Backdoor.Win32.Popwin.cyn (blacklist.rules)
 * 1:16883 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mcafee-registry.ru - Trojan-Spy.Win32.Zbot.akgb (blacklist.rules)
 * 1:16884 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bits4ever.ru - Trojan-Spy.Win32.Zbot.aknt (blacklist.rules)
 * 1:16885 <-> DISABLED <-> BLACKLIST DNS request for known malware domain monicaecarlos.com - Trojan-Downloader.Win32.Genome.awxv (blacklist.rules)
 * 1:16887 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hesneclimi.ru - Packed.Win32.Krap.ae (blacklist.rules)
 * 1:16888 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dbtte.com - Trojan-Banker.Win32.Banz.crk (blacklist.rules)
 * 1:16890 <-> DISABLED <-> BLACKLIST DNS request for known malware domain in6cs.com - Trojan.Win32.Tdss.beea (blacklist.rules)
 * 1:16891 <-> DISABLED <-> BLACKLIST DNS request for known malware domain solo1928.ru - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16892 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fg545633.host.zgridc.com - Trojan.Win32.Pincav.abub (blacklist.rules)
 * 1:16893 <-> DISABLED <-> BLACKLIST DNS request for known malware domain primusdns.ru - Backdoor.Win32.Havar.eh (blacklist.rules)
 * 1:16895 <-> DISABLED <-> BLACKLIST DNS request for known malware domain alodh.in - Backdoor.Win32.Delf.vde (blacklist.rules)
 * 1:16896 <-> DISABLED <-> BLACKLIST DNS request for known malware domain reward.pnshop.co.kr - Backdoor.Win32.Agent.ahra (blacklist.rules)
 * 1:16898 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sx21.e4578.com - Trojan.Win32.Scar.ccqb (blacklist.rules)
 * 1:16900 <-> DISABLED <-> BLACKLIST DNS request for known malware domain reportes201.com - Trojan-Downloader.Win32.Genome.ashe (blacklist.rules)
 * 1:16901 <-> DISABLED <-> BLACKLIST DNS request for known malware domain local.1140.co.kr - Trojan-Downloader.Win32.Genome.aobm (blacklist.rules)
 * 1:16902 <-> DISABLED <-> BLACKLIST DNS request for known malware domain promojoy.net - Packed.Win32.Krap.gx (blacklist.rules)
 * 1:16903 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gpwg.ws - Worm.Win32.AutoRun.bjca (blacklist.rules)
 * 1:16906 <-> DISABLED <-> BLACKLIST DNS request for known malware domain down.p2pplay.com - Trojan-GameThief.Win32.OnLineGames.wgkv (blacklist.rules)
 * 1:16907 <-> DISABLED <-> BLACKLIST DNS request for known malware domain livetrust.info - Trojan-Spy.Win32.Zbot.akku (blacklist.rules)
 * 1:16908 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ootaivilei.ru - Trojan-Spy.Win32.Zbot.akme (blacklist.rules)
 * 1:16909 <-> DISABLED <-> BLACKLIST DNS request for known malware domain babah20122012.com - Trojan-Spy.Win32.Zbot.akbb (blacklist.rules)
 * 1:16910 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pattern - 0-0-0-0-0-0-0.info (blacklist.rules)
 * 1:17058 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.JS.Agent.ewh Javascript download attempt (botnet-cnc.rules)
 * 1:17819 <-> DISABLED <-> BLACKLIST DNS request for known malware domain motuh.com (blacklist.rules)
 * 1:17821 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ketsymbol.com (blacklist.rules)
 * 1:17824 <-> DISABLED <-> BLACKLIST DNS request for known malware domain teenxmovs.net (blacklist.rules)
 * 1:17826 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cheaps1.info (blacklist.rules)
 * 1:17827 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sexmoviesland.net (blacklist.rules)
 * 1:17828 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 67.201.36.16 (blacklist.rules)
 * 1:17830 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dickvsclit.net (blacklist.rules)
 * 1:17831 <-> DISABLED <-> BLACKLIST DNS request for known malware domain edrichfinearts.com (blacklist.rules)
 * 1:17834 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 343.boolans.com (blacklist.rules)
 * 1:17835 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xpresdnet.com (blacklist.rules)
 * 1:17836 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gbsup.com (blacklist.rules)
 * 1:17837 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xxsmovies.com (blacklist.rules)
 * 1:17838 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vc.iwriteweb.com (blacklist.rules)
 * 1:17839 <-> DISABLED <-> BLACKLIST DNS request for known malware domain js.222233.com (blacklist.rules)
 * 1:17840 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.grannyplanet.com (blacklist.rules)
 * 1:17842 <-> DISABLED <-> BLACKLIST DNS request for known malware domain extrahotx.net (blacklist.rules)
 * 1:17843 <-> DISABLED <-> BLACKLIST DNS request for known malware domain extralargevideos.com (blacklist.rules)
 * 1:17844 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.derquda.com (blacklist.rules)
 * 1:17845 <-> DISABLED <-> BLACKLIST DNS request for known malware domain aahydrogen.com (blacklist.rules)
 * 1:17846 <-> DISABLED <-> BLACKLIST DNS request for known malware domain trumpetlicks.com (blacklist.rules)
 * 1:17847 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mskla.com (blacklist.rules)
 * 1:17849 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fuckersucker.com (blacklist.rules)
 * 1:17850 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pornfucklist.com (blacklist.rules)
 * 1:17851 <-> DISABLED <-> BLACKLIST DNS request for known malware domain game.685faiudeme.com (blacklist.rules)
 * 1:17853 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dommonview.com (blacklist.rules)
 * 1:17854 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.lamiaexragazza.com (blacklist.rules)
 * 1:17855 <-> DISABLED <-> BLACKLIST DNS request for known malware domain acofinder.com (blacklist.rules)
 * 1:17856 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fuckfuckvids.com (blacklist.rules)
 * 1:17857 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.cnhack.cn (blacklist.rules)
 * 1:17858 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kingsizematures.com (blacklist.rules)
 * 1:17859 <-> DISABLED <-> BLACKLIST DNS request for known malware domain promotds.com (blacklist.rules)
 * 1:17860 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mejac.com (blacklist.rules)
 * 1:17863 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rpt2.21civ.com (blacklist.rules)
 * 1:17864 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tubexxxmatures.com (blacklist.rules)
 * 1:17866 <-> DISABLED <-> BLACKLIST DNS request for known malware domain aebankonline.com (blacklist.rules)
 * 1:17870 <-> DISABLED <-> BLACKLIST DNS request for known malware domain trojan8.com (blacklist.rules)
 * 1:17871 <-> DISABLED <-> BLACKLIST DNS request for known malware domain brutalxvideos.com (blacklist.rules)
 * 1:17872 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www3.sexown.com (blacklist.rules)
 * 1:17873 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mummimpegs.com (blacklist.rules)
 * 1:17874 <-> DISABLED <-> BLACKLIST DNS request for known malware domain f19dd4abb8b8bdf2.cn (blacklist.rules)
 * 1:17875 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.very-young-boys.com (blacklist.rules)
 * 1:17876 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 91629.com (blacklist.rules)
 * 1:17878 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ayb.host127-0-0-1.com (blacklist.rules)
 * 1:17879 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cfg.353wanwan.com (blacklist.rules)
 * 1:17881 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fucktosky.com (blacklist.rules)
 * 1:17882 <-> DISABLED <-> BLACKLIST DNS request for known malware domain procca.com (blacklist.rules)
 * 1:17883 <-> DISABLED <-> BLACKLIST DNS request for known malware domain autouploaders.net (blacklist.rules)
 * 1:17884 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gimmemyporn.com (blacklist.rules)
 * 1:17885 <-> DISABLED <-> BLACKLIST DNS request for known malware domain waytoall.com (blacklist.rules)
 * 1:17886 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.spamature.com (blacklist.rules)
 * 1:17887 <-> DISABLED <-> BLACKLIST DNS request for known malware domain info.collectionerrorreport.com (blacklist.rules)
 * 1:17889 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.ajie520.com (blacklist.rules)
 * 1:17891 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bestkind.ru (blacklist.rules)
 * 1:17893 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.zxc0001.com (blacklist.rules)
 * 1:17894 <-> DISABLED <-> BLACKLIST DNS request for known malware domain streq.cn (blacklist.rules)
 * 1:17895 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pyow.prixi-soft.ir (blacklist.rules)
 * 1:17897 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.moneytw8.com (blacklist.rules)
 * 1:18082 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 3q.sbwanwan.com (blacklist.rules)
 * 1:18083 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 863.dclsba.com (blacklist.rules)
 * 1:18086 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qq.sbwanwan.com (blacklist.rules)
 * 1:18089 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.auto328.com (blacklist.rules)
 * 1:18090 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.comstelecom.com (blacklist.rules)
 * 1:18091 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.goodfriends.or.kr (blacklist.rules)
 * 1:18092 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.hao1345.com (blacklist.rules)
 * 1:18093 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.opusgame.com (blacklist.rules)
 * 1:18094 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.theoffstage.com (blacklist.rules)
 * 1:18095 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.wwmei.com (blacklist.rules)
 * 1:18103 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 5yvod.net (blacklist.rules)
 * 1:18104 <-> DISABLED <-> BLACKLIST DNS request for known malware domain b.9s3.info (blacklist.rules)
 * 1:18106 <-> DISABLED <-> BLACKLIST DNS request for known malware domain e.msssm.com (blacklist.rules)
 * 1:18108 <-> DISABLED <-> BLACKLIST DNS request for known malware domain phoroshop.es (blacklist.rules)
 * 1:18114 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.5fqq.com (blacklist.rules)
 * 1:18115 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.ajs2002.com (blacklist.rules)
 * 1:18116 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.bnbsoft.co.kr (blacklist.rules)
 * 1:18117 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.cineseoul.com (blacklist.rules)
 * 1:18118 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.hao1345.com (blacklist.rules)
 * 1:18119 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.ilbondrama.net (blacklist.rules)
 * 1:18120 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.iwebdy.net (blacklist.rules)
 * 1:18121 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.linzhiling123.com (blacklist.rules)
 * 1:18122 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.opusgame.com (blacklist.rules)
 * 1:18123 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.phoroshop.es (blacklist.rules)
 * 1:18124 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.sijianfeng.com (blacklist.rules)
 * 1:18125 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.tpydb.com (blacklist.rules)
 * 1:18127 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.univus.co.kr (blacklist.rules)
 * 1:18128 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.uwonderfull.com (blacklist.rules)
 * 1:18129 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.w22rt.com (blacklist.rules)
 * 1:18130 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.wwmei.com (blacklist.rules)
 * 1:18133 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.001zs.com (blacklist.rules)
 * 1:18134 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.551sf.com (blacklist.rules)
 * 1:18135 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.555hd.com (blacklist.rules)
 * 1:18136 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.66xihu.com (blacklist.rules)
 * 1:18137 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.9292cs.cn (blacklist.rules)
 * 1:18138 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.chateaulegend.com (blacklist.rules)
 * 1:18139 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.china-aoben.com (blacklist.rules)
 * 1:18140 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.cqtjg.com (blacklist.rules)
 * 1:18141 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.dspenter.com (blacklist.rules)
 * 1:18142 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.eastadmin.com (blacklist.rules)
 * 1:18143 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.fp0755.cn (blacklist.rules)
 * 1:18144 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.fp0769.com (blacklist.rules)
 * 1:18145 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.fp360.net (blacklist.rules)
 * 1:18146 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.gdfp365.cn (blacklist.rules)
 * 1:18147 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.gev.cn (blacklist.rules)
 * 1:18148 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.haoleyou.com (blacklist.rules)
 * 1:18149 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.haosf08.com (blacklist.rules)
 * 1:18150 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.jxbaike.com (blacklist.rules)
 * 1:18151 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.kingsoftduba2009.com (blacklist.rules)
 * 1:18152 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.mainhu.com (blacklist.rules)
 * 1:18154 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.nc57.com (blacklist.rules)
 * 1:18155 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.pplog.cn (blacklist.rules)
 * 1:18156 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.pxflm.com (blacklist.rules)
 * 1:18157 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.quyou365.com (blacklist.rules)
 * 1:18158 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.shzhaotian.cn (blacklist.rules)
 * 1:18159 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.soanala.com (blacklist.rules)
 * 1:18160 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.stony-skunk.com (blacklist.rules)
 * 1:18161 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.street08.com (blacklist.rules)
 * 1:18162 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.weilingcy.com (blacklist.rules)
 * 1:18163 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.yisaa.com (blacklist.rules)
 * 1:18164 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.yx240.com (blacklist.rules)
 * 1:18165 <-> DISABLED <-> BLACKLIST DNS request for known malware domain e.mssm.com (blacklist.rules)
 * 1:18184 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dnf.gametime.co.kr (blacklist.rules)
 * 1:18185 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.dd0415.net (blacklist.rules)
 * 1:18251 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vcxde.com (blacklist.rules)
 * 1:18252 <-> DISABLED <-> BLACKLIST DNS request for known malware domain protectyourpc-11.com (blacklist.rules)
 * 1:18253 <-> DISABLED <-> BLACKLIST DNS request for known malware domain blogsmonitoringservice.com (blacklist.rules)
 * 1:18254 <-> DISABLED <-> BLACKLIST DNS request for known malware domain checkserverstux.com (blacklist.rules)
 * 1:18255 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gopheisstoo.cc (blacklist.rules)
 * 1:18256 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tutubest.com (blacklist.rules)
 * 1:18257 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dns-check.biz (blacklist.rules)
 * 1:18258 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ftuny.com (blacklist.rules)
 * 1:18259 <-> DISABLED <-> BLACKLIST DNS request for known malware domain whysohardx.com (blacklist.rules)
 * 1:18260 <-> DISABLED <-> BLACKLIST DNS request for known malware domain freenetgameonline.com (blacklist.rules)
 * 1:18269 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dnf.6bom.com (blacklist.rules)
 * 1:18270 <-> DISABLED <-> BLACKLIST DNS request for known malware domain koonol.com (blacklist.rules)
 * 1:18272 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.886.com (blacklist.rules)
 * 1:18492 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ilo.brenz.pl (blacklist.rules)
 * 1:19038 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.Jzzer.A contact to server attempt (botnet-cnc.rules)
 * 1:19041 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Carberp.C contact to server attempt (botnet-cnc.rules)
 * 1:19042 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Banker.ACQE contact to server attempt (botnet-cnc.rules)
 * 1:19045 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Bancos.XQ contact to server attempt (botnet-cnc.rules)
 * 1:19050 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Banbra.fxe contact to server attempt (botnet-cnc.rules)
 * 1:19054 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Sisron.nelo contact to server attempt (botnet-cnc.rules)
 * 1:19056 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.QQFish contact to server attempt (botnet-cnc.rules)
 * 1:19057 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.QQFish contact to server attempt (botnet-cnc.rules)
 * 1:19060 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Ponmocup.A contact to server attempt (botnet-cnc.rules)
 * 1:19454 <-> DISABLED <-> BOTNET-CNC Trojan.PWS.Win32.QQPass.IK runtime detection (botnet-cnc.rules)
 * 1:19457 <-> DISABLED <-> BOTNET-CNC Trojan-Clicker.Win32.Vesloruki.ajb runtime detection (botnet-cnc.rules)
 * 1:19461 <-> ENABLED <-> WEB-CLIENT Microsoft CSRSS NULL Fontface pointer attempt (web-client.rules)
 * 1:19462 <-> ENABLED <-> WEB-CLIENT Microsoft Windows CSRSS negative array index code execution attempt (web-client.rules)
 * 1:19463 <-> ENABLED <-> WEB-CLIENT Microsoft Windows CSRSS double free attempt (web-client.rules)
 * 1:19470 <-> DISABLED <-> BLACKLIST DNS request for known malware domain antispydot.com - Win32/Cybot.B (blacklist.rules)
 * 1:19477 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Krap.af contact to server attempt (botnet-cnc.rules)
 * 1:19487 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Agent.kih contact to server attempt (botnet-cnc.rules)
 * 1:19496 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 01n02n4cx00.cc - TDL4 (blacklist.rules)
 * 1:19497 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 01n02n4cx00.com - TDL4 (blacklist.rules)
 * 1:19498 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 01n20n4cx00.com - TDL4 (blacklist.rules)
 * 1:19499 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 0imh17agcla.com - TDL4 (blacklist.rules)
 * 1:19500 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 10n02n4cx00.com - TDL4 (blacklist.rules)
 * 1:19501 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 1il1il1il.com - TDL4 (blacklist.rules)
 * 1:19502 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 1l1i16b0.com - TDL4 (blacklist.rules)
 * 1:19503 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 34jh7alm94.asia - TDL4 (blacklist.rules)
 * 1:19504 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 4gat16ag100.com - TDL4 (blacklist.rules)
 * 1:19505 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 4tag16ag100.com - TDL4 (blacklist.rules)
 * 1:19506 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 68b6b6b6.com - TDL4 (blacklist.rules)
 * 1:9329 <-> ENABLED <-> BOTNET-CNC yarner.b smtp propagation detection (botnet-cnc.rules)
 * 1:7183 <-> DISABLED <-> BOTNET-CNC Snoopware barok runtime detection (botnet-cnc.rules)
 * 1:7151 <-> DISABLED <-> BOTNET-CNC Hacker-Tool sars notifier runtime detection - net send notification (botnet-cnc.rules)
 * 1:7150 <-> DISABLED <-> BOTNET-CNC Hacker-Tool sars notifier runtime detection - irc notification (botnet-cnc.rules)
 * 1:7149 <-> DISABLED <-> BOTNET-CNC Hacker-Tool sars notifier runtime detection - php notification (botnet-cnc.rules)
 * 1:7147 <-> DISABLED <-> BOTNET-CNC Hacker-Tool sars notifier runtime detection - icq notification (botnet-cnc.rules)
 * 1:21431 <-> ENABLED <-> SPECIFIC-THREATS Possible malicious pdf (new pdf exploit -- specific-threats.rules)
 * 1:21416 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C authentication string detected (botnet-cnc.rules)
 * 1:21376 <-> DISABLED <-> BOTNET-CNC Trojan Microjoin activity (botnet-cnc.rules)
 * 1:21049 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mysundayparty.com - Sykipot (blacklist.rules)
 * 1:21048 <-> DISABLED <-> BLACKLIST DNS request for known malware domain prettylikeher.com - Sykipot (blacklist.rules)
 * 1:21043 <-> ENABLED <-> BLACKLIST URI possible Blackhole post-compromise download attempt - .php?e= (blacklist.rules)
 * 1:21042 <-> ENABLED <-> BLACKLIST URI possible Blackhole post-compromise download attempt - .php?f= (blacklist.rules)
 * 1:20833 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lilupophilupop.com (blacklist.rules)
 * 1:20027 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sb.degreesbuy.com (blacklist.rules)
 * 1:19879 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jifr.net - Win32/Morto.A (blacklist.rules)
 * 1:19876 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jifr.info - Win32/Morto.A (blacklist.rules)
 * 1:19874 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qfsl.net - Win32/Morto.A (blacklist.rules)
 * 1:19875 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jaifr.com - Win32/Morto.A (blacklist.rules)
 * 1:19768 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sxzyong.com (blacklist.rules)
 * 1:19754 <-> DISABLED <-> BOTNET-CNC Trojan.Downloader.Delf.RGL Runtime Detection (botnet-cnc.rules)
 * 1:19753 <-> DISABLED <-> BOTNET-CNC Trojan TrojanSpy.Win32.Zbot.gen.C Runtime Detection (botnet-cnc.rules)
 * 1:19738 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xzrw0q.com (blacklist.rules)
 * 1:19734 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 770304123.cn (blacklist.rules)
 * 1:19720 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Onestage.ws contact to server attempt (botnet-cnc.rules)
 * 1:19718 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Agent.bkap contact to server attempt (botnet-cnc.rules)
 * 1:19715 <-> DISABLED <-> BOTNET-CNC Trojan.URLZone contact to server attempt (botnet-cnc.rules)
 * 1:19699 <-> DISABLED <-> BOTNET-CNC TrojanDownloader.Win32.Korklic.A contact to server attempt (botnet-cnc.rules)
 * 1:19671 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer XSLT memory corruption attempt (web-client.rules)
 * 1:19664 <-> DISABLED <-> BLACKLIST DNS request for known malware domain smellypussy.info (blacklist.rules)
 * 1:19663 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tinaivanovic.sexy-serbian-girls.info (blacklist.rules)
 * 1:19662 <-> DISABLED <-> BLACKLIST DNS request for known malware domain keshmoney.biz (blacklist.rules)
 * 1:19655 <-> DISABLED <-> BOTNET-CNC Trojan-Dropper.Agent.IK contact to server attempt (botnet-cnc.rules)
 * 1:19654 <-> DISABLED <-> BOTNET-CNC Trojan-Spy.Win32.Zbot.wti contact to server attempt (botnet-cnc.rules)
 * 1:19644 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lysyfyj.com (blacklist.rules)
 * 1:19643 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.java119.com (blacklist.rules)
 * 1:19640 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mendi38.com (blacklist.rules)
 * 1:19639 <-> DISABLED <-> BLACKLIST DNS request for known malware domain s0pp0rtdesk.com (blacklist.rules)
 * 1:19592 <-> DISABLED <-> BOTNET-CNC Trickler Trojan-Downloader.Win32.Agent.bjkd Runtime Detection (botnet-cnc.rules)
 * 1:19572 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.FFSearch.A runtime detection (botnet-cnc.rules)
 * 1:19569 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Perkesh runtime detection (botnet-cnc.rules)
 * 1:19568 <-> DISABLED <-> BOTNET-CNC Trojan-Spy.Win32.PerfectKeylogger runtime detection (botnet-cnc.rules)
 * 1:19554 <-> DISABLED <-> BOTNET-CNC Trojan Fakeav Antivirus Xp Pro outbound connection (botnet-cnc.rules)
 * 1:19550 <-> DISABLED <-> BLACKLIST DNS request for known malware domain zz87lhfda88.com - TDL4 (blacklist.rules)
 * 1:19549 <-> DISABLED <-> BLACKLIST DNS request for known malware domain zz87jhfda88.com - TDL4 (blacklist.rules)
 * 1:19548 <-> DISABLED <-> BLACKLIST DNS request for known malware domain zz87ihfda88.com - TDL4 (blacklist.rules)
 * 1:19547 <-> DISABLED <-> BLACKLIST DNS request for known malware domain zna81udha01.com - TDL4 (blacklist.rules)
 * 1:19546 <-> DISABLED <-> BLACKLIST DNS request for known malware domain zna61udha01.com - TDL4 (blacklist.rules)
 * 1:19545 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xx87lhfda88.com - TDL4 (blacklist.rules)
 * 1:19544 <-> DISABLED <-> BLACKLIST DNS request for known malware domain u101mnuy2k.com - TDL4 (blacklist.rules)
 * 1:19543 <-> DISABLED <-> BLACKLIST DNS request for known malware domain u101mnay2k.com - TDL4 (blacklist.rules)
 * 1:19507 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 69b69b6b96b.com - TDL4 (blacklist.rules)
 * 1:19508 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 7gaur15eb71.com - TDL4 (blacklist.rules)
 * 1:19542 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sho1cilewk.com - TDL4 (blacklist.rules)
 * 1:19511 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 86b6b96b.com - TDL4 (blacklist.rules)
 * 1:19509 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 7uagr15eb71.com - TDL4 (blacklist.rules)
 * 1:19510 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 86b6b6b6.com - TDL4 (blacklist.rules)
 * 1:19512 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 9669b6b96b.com - TDL4 (blacklist.rules)
 * 1:19513 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cap01tchaa.com - TDL4 (blacklist.rules)
 * 1:19541 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sh01cilewk.com - TDL4 (blacklist.rules)
 * 1:19514 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cap0itchaa.com - TDL4 (blacklist.rules)
 * 1:19515 <-> DISABLED <-> BLACKLIST DNS request for known malware domain countri1l.com - TDL4 (blacklist.rules)
 * 1:19516 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dg6a51ja813.com - TDL4 (blacklist.rules)
 * 1:19517 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gd6a15ja813.com - TDL4 (blacklist.rules)
 * 1:19540 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rukkieanno.in - TDL4 (blacklist.rules)
 * 1:19518 <-> DISABLED <-> BLACKLIST DNS request for known malware domain i0m71gmak01.com - TDL4 (blacklist.rules)
 * 1:19519 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ikaturi11.com - TDL4 (blacklist.rules)
 * 1:19520 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jna0-0akq8x.com - TDL4 (blacklist.rules)
 * 1:19521 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ka18i7gah10.com - TDL4 (blacklist.rules)
 * 1:19539 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rukkeianno.in - TDL4 (blacklist.rules)
 * 1:19522 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kai817hag10.com - TDL4 (blacklist.rules)
 * 1:19523 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kangojim1.com - TDL4 (blacklist.rules)
 * 1:19524 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kangojjm1.com - TDL4 (blacklist.rules)
 * 1:19525 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kur1k0nona.com - TDL4 (blacklist.rules)
 * 1:19538 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rukkeianno.com - TDL4 (blacklist.rules)
 * 1:19526 <-> DISABLED <-> BLACKLIST DNS request for known malware domain l04undreyk.com - TDL4 (blacklist.rules)
 * 1:19527 <-> DISABLED <-> BLACKLIST DNS request for known malware domain li1i16b0.com - TDL4 (blacklist.rules)
 * 1:19528 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lj1i16b0.com - TDL4 (blacklist.rules)
 * 1:19529 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lkaturi71.com - TDL4 (blacklist.rules)
 * 1:19537 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nyewrika.in - TDL4 (blacklist.rules)
 * 1:19530 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lkaturl11.com - TDL4 (blacklist.rules)
 * 1:19536 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nl6fa53.com - TDL4 (blacklist.rules)
 * 1:19534 <-> DISABLED <-> BLACKLIST DNS request for known malware domain neywrika.in - TDL4 (blacklist.rules)
 * 1:19535 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nichtadden.in - TDL4 (blacklist.rules)
 * 1:19533 <-> DISABLED <-> BLACKLIST DNS request for known malware domain n16fa53.com - TDL4 (blacklist.rules)
 * 1:19531 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lkaturl71.com - TDL4 (blacklist.rules)
 * 1:19532 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lo4undreyk.com - TDL4 (blacklist.rules)