Sourcefire VRT Rules Update

Date: 2012-08-14

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:23825 <-> ENABLED <-> BOTNET-CNC FinFisher initial outbound connection attempt (botnet-cnc.rules)
 * 1:23844 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method arbitrary code execution attempt (file-office.rules)
 * 1:23831 <-> ENABLED <-> WEB-CLIENT non-alphanumeric javascript detected (web-client.rules)
 * 1:23837 <-> DISABLED <-> NETBIOS SMB host announcement format string exploit attempt (netbios.rules)
 * 1:23802 <-> ENABLED <-> BLACKLIST DNS request for known malware domain datajunction.org - Gauss (botnet-cnc.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23840 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer sign extension vulnerability exploitation attempt (web-client.rules)
 * 1:23841 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer sign extension vulnerability exploitation attempt (web-client.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23824 <-> ENABLED <-> BOTNET-CNC Gauss malware check-in (botnet-cnc.rules)
 * 1:23845 <-> DISABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method arbitrary code execution attempt (file-office.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23839 <-> DISABLED <-> NETBIOS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (netbios.rules)
 * 1:23832 <-> ENABLED <-> WEB-CLIENT non-alphanumeric javascript detected (web-client.rules)
 * 1:23846 <-> DISABLED <-> EXPLOIT Microsoft Windows Terminal server RDP freed memory write attempt (exploit.rules)
 * 1:23799 <-> ENABLED <-> BLACKLIST DNS request for known malware domain guest-access.net - Gauss (botnet-cnc.rules)
 * 1:23842 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 1:23804 <-> ENABLED <-> BLACKLIST DNS request for known malware domain gowin7.com - Gauss (botnet-cnc.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23838 <-> DISABLED <-> NETBIOS SMB NetServerEnum response host format string exploit attempt (netbios.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23800 <-> ENABLED <-> BLACKLIST DNS request for known malware domain dotnetadvisor.info - Gauss (botnet-cnc.rules)
 * 1:23836 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer negative margin use after free attempt (web-client.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23828 <-> ENABLED <-> WEB-PHP Joomla Remote File Include upload attempt (web-php.rules)
 * 1:23835 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer asynchronous code execution attempt (web-client.rules)
 * 1:23833 <-> ENABLED <-> SPECIFIC-THREATS Malvertising redirection campaign - blackmuscat (specific-threats.rules)
 * 1:23834 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer asynchronous code execution attempt (web-client.rules)
 * 1:23805 <-> DISABLED <-> WEB-CLIENT WebKit button column memory corruption attempt (web-client.rules)
 * 1:23806 <-> DISABLED <-> FILE-OTHER Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt (file-other.rules)
 * 1:23801 <-> ENABLED <-> BLACKLIST DNS request for known malware domain bestcomputeradvisor.com - Gauss (botnet-cnc.rules)
 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23797 <-> ENABLED <-> SPECIFIC-THREATS Blackhole redirection page (specific-threats.rules)
 * 1:23798 <-> ENABLED <-> SPECIFIC-THREATS Malvertising redirection page (specific-threats.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23826 <-> ENABLED <-> BOTNET-CNC FinFisher outbound connection attempt (botnet-cnc.rules)
 * 1:23803 <-> ENABLED <-> BLACKLIST DNS request for known malware domain secuurity.net - Gauss (botnet-cnc.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23830 <-> ENABLED <-> INDICATOR-COMPROMISE Alsa3ek Web Shell (indicator-compromise.rules)
 * 1:23829 <-> ENABLED <-> INDICATOR-COMPROMISE Loaderz Web Shell (indicator-compromise.rules)
 * 1:23827 <-> ENABLED <-> WEB-PHP Joomla Remote File Include upload attempt (web-php.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23843 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (file-office.rules)
 * 3:23847 <-> ENABLED <-> NETBIOS MS-RAP NetServerEnum3 read access violation attempt (netbios.rules)

Modified Rules:


 * 1:989 <-> DISABLED <-> BACKDOOR sensepost.exe command shell attempt (backdoor.rules)
 * 1:9823 <-> DISABLED <-> WEB-CLIENT Apple QuickTime RTSP URI overflow attempt (web-client.rules)
 * 1:9640 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows ADODB.Connection ActiveX function call access (web-activex.rules)
 * 1:9620 <-> DISABLED <-> WEB-MISC pajax call_dispatcher remote exec attempt (web-misc.rules)
 * 1:9328 <-> ENABLED <-> SPECIFIC-THREATS zhangpo smtp propagation detection (specific-threats.rules)
 * 1:8845 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call access (web-activex.rules)
 * 1:8843 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access (web-activex.rules)
 * 1:8842 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call access (web-activex.rules)
 * 1:8840 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access (web-activex.rules)
 * 1:8839 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call access (web-activex.rules)
 * 1:8837 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access (web-activex.rules)
 * 1:8836 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call access (web-activex.rules)
 * 1:8834 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access (web-activex.rules)
 * 1:8833 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call access (web-activex.rules)
 * 1:8831 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access (web-activex.rules)
 * 1:8830 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call access (web-activex.rules)
 * 1:8828 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX clsid access (web-activex.rules)
 * 1:8827 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX function call access (web-activex.rules)
 * 1:8825 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX clsid access (web-activex.rules)
 * 1:8824 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX function call access (web-activex.rules)
 * 1:8822 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX clsid access (web-activex.rules)
 * 1:8821 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX function call access (web-activex.rules)
 * 1:8819 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX clsid access (web-activex.rules)
 * 1:8818 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX function call access (web-activex.rules)
 * 1:8816 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX clsid access (web-activex.rules)
 * 1:8815 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX function call access (web-activex.rules)
 * 1:8813 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX clsid access (web-activex.rules)
 * 1:8812 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX function call access (web-activex.rules)
 * 1:8810 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX clsid access (web-activex.rules)
 * 1:8809 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX function call access (web-activex.rules)
 * 1:8807 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX clsid access (web-activex.rules)
 * 1:8806 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX function call access (web-activex.rules)
 * 1:8804 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX clsid access (web-activex.rules)
 * 1:8803 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX function call access (web-activex.rules)
 * 1:8801 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX clsid access (web-activex.rules)
 * 1:8800 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX function call access (web-activex.rules)
 * 1:8798 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX clsid access (web-activex.rules)
 * 1:8797 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX function call access (web-activex.rules)
 * 1:8795 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX clsid access (web-activex.rules)
 * 1:8794 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX function call access (web-activex.rules)
 * 1:8792 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX clsid access (web-activex.rules)
 * 1:8791 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX function call access (web-activex.rules)
 * 1:8789 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX clsid access (web-activex.rules)
 * 1:8788 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX function call access (web-activex.rules)
 * 1:8786 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX clsid access (web-activex.rules)
 * 1:8785 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX function call access (web-activex.rules)
 * 1:8783 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX clsid access (web-activex.rules)
 * 1:8782 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX function call access (web-activex.rules)
 * 1:8780 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX clsid access (web-activex.rules)
 * 1:8779 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX function call access (web-activex.rules)
 * 1:8777 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX clsid access (web-activex.rules)
 * 1:8776 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX function call access (web-activex.rules)
 * 1:8774 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX clsid access (web-activex.rules)
 * 1:8773 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX function call access (web-activex.rules)
 * 1:8771 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX clsid access (web-activex.rules)
 * 1:8770 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX function call access (web-activex.rules)
 * 1:8768 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX clsid access (web-activex.rules)
 * 1:8767 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX function call access (web-activex.rules)
 * 1:8765 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX clsid access (web-activex.rules)
 * 1:8764 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.Sequence ActiveX function call access (web-activex.rules)
 * 1:8762 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.Sequence ActiveX clsid access (web-activex.rules)
 * 1:8761 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX function call access (web-activex.rules)
 * 1:8759 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX clsid access (web-activex.rules)
 * 1:8758 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX function call access (web-activex.rules)
 * 1:8756 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX clsid access (web-activex.rules)
 * 1:8755 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX function call access (web-activex.rules)
 * 1:8753 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX clsid access (web-activex.rules)
 * 1:8752 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX function call access (web-activex.rules)
 * 1:8750 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX clsid access (web-activex.rules)
 * 1:8749 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX function call access (web-activex.rules)
 * 1:8747 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX clsid access (web-activex.rules)
 * 1:8746 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX function call access (web-activex.rules)
 * 1:8744 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX clsid access (web-activex.rules)
 * 1:8743 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX function call access (web-activex.rules)
 * 1:8741 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX clsid access (web-activex.rules)
 * 1:8727 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer XMLHTTP 4.0 ActiveX clsid access (web-activex.rules)
 * 1:8725 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows System Monitor ActiveX clsid access (web-activex.rules)
 * 1:8542 <-> DISABLED <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (spyware-put.rules)
 * 1:8422 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Outlook View OVCtl ActiveX clsid access (web-activex.rules)
 * 1:8419 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call (web-activex.rules)
 * 1:8405 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ActiveX clsid access (web-activex.rules)
 * 1:8369 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access (web-activex.rules)
 * 1:8349 <-> DISABLED <-> WEB-IIS Indexing Service ciRestriction cross-site scripting attempt (web-iis.rules)
 * 1:8090 <-> DISABLED <-> WEB-MISC HP Openview NNM freeIPaddrs.ovpl Unix command execution attempt (web-misc.rules)
 * 1:8089 <-> DISABLED <-> WEB-MISC HP Openview NNM cdpView.ovpl Unix command execution attempt (web-misc.rules)
 * 1:8088 <-> DISABLED <-> WEB-MISC HP Openview NNM connectedNodes.ovpl Unix command execution attempt (web-misc.rules)
 * 1:8087 <-> DISABLED <-> WEB-MISC HP Openview NNM freeIPaddrs.ovpl port 3443 Unix command execution attempt (web-misc.rules)
 * 1:8086 <-> DISABLED <-> WEB-MISC HP Openview NNM cdpView.ovpl port 3443 Unix command execution attempt (web-misc.rules)
 * 1:8085 <-> DISABLED <-> WEB-MISC HP Openview NNM connectedNodes.ovpl port 3443 Unix command execution attempt (web-misc.rules)
 * 1:8080 <-> DISABLED <-> BACKDOOR x2a runtime detection - client update (backdoor.rules)
 * 1:8064 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Scriptlet.Typelib ActiveX clsid access (web-activex.rules)
 * 1:8063 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ADODB.Stream ActiveX function call access (web-activex.rules)
 * 1:8051 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WDM Instance Provider ActiveX clsid access (web-activex.rules)
 * 1:8049 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WaveOut and DSound Class Manager ActiveX clsid access (web-activex.rules)
 * 1:8047 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WaveIn Class Manager ActiveX clsid access (web-activex.rules)
 * 1:8045 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Video Effect Class Manager 2 Input ActiveX clsid access (web-activex.rules)
 * 1:8043 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Video Effect Class Manager 1 Input ActiveX clsid access (web-activex.rules)
 * 1:8041 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer VFW Capture Class Manager ActiveX clsid access (web-activex.rules)
 * 1:8039 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer syncui.dll ActiveX clsid access (web-activex.rules)
 * 1:8037 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8035 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Spanish_Modern Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8033 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer QC.MessageMover.1 ActiveX clsid access (web-activex.rules)
 * 1:8031 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Mslablti.MarshalableTI.1 ActiveX clsid access (web-activex.rules)
 * 1:8029 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MidiOut Class Manager ActiveX clsid access (web-activex.rules)
 * 1:8023 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Italian_Italian Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8021 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ISSimpleCommandCreator.1 ActiveX clsid access (web-activex.rules)
 * 1:8019 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Address Bar ActiveX clsid access (web-activex.rules)
 * 1:8017 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ICM Class Manager ActiveX clsid access (web-activex.rules)
 * 1:8015 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer German_German Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8013 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer French_French Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8011 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer English_US Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8009 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer English_UK Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8007 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Dutch_Dutch Stemmer ActiveX clsid access (web-activex.rules)
 * 1:8005 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DiskManagement.Connection ActiveX clsid access (web-activex.rules)
 * 1:8003 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Content.mbcontent.1 ActiveX clsid access (web-activex.rules)
 * 1:4219 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Network Connections Tray ActiveX object access (web-activex.rules)
 * 1:4218 <-> DISABLED <-> WEB-ACTIVEX Microsoft Microsoft Windows Visual Basic WebClass ActiveX object access (web-activex.rules)
 * 1:8001 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer CommunicationManager ActiveX clsid access (web-activex.rules)
 * 1:7999 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer CLSID_CDIDeviceActionConfigPage ActiveX clsid access (web-activex.rules)
 * 1:7997 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer CLSID_ApprenticeICW ActiveX clsid access (web-activex.rules)
 * 1:7995 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer clbcatq.dll ActiveX clsid access (web-activex.rules)
 * 1:7993 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer clbcatex.dll ActiveX clsid access (web-activex.rules)
 * 1:7991 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ACM Class Manager ActiveX clsid access (web-activex.rules)
 * 1:7989 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WIA FileSystem USD ActiveX clsid access (web-activex.rules)
 * 1:7985 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsid access (web-activex.rules)
 * 1:7981 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Access Snapshot Viewer General Property Page Object ActiveX clsid access (web-activex.rules)
 * 1:7976 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ShellFolder for CD Burning ActiveX clsid access (web-activex.rules)
 * 1:7970 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer PostBootReminder object ActiveX clsid access (web-activex.rules)
 * 1:7958 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7944 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7942 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7938 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7934 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7928 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7904 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (web-activex.rules)
 * 1:7866 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows ADODB.Connection ActiveX clsid access (web-activex.rules)
 * 1:7862 <-> DISABLED <-> WEB-ACTIVEX Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (web-activex.rules)
 * 1:7863 <-> DISABLED <-> WEB-ACTIVEX Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (web-activex.rules)
 * 1:7805 <-> DISABLED <-> BACKDOOR war trojan ver1.0 runtime detection - ie hijacker (backdoor.rules)
 * 1:7743 <-> DISABLED <-> BACKDOOR nova 1.0 runtime detection - cgi notification server-to-client (backdoor.rules)
 * 1:7639 <-> DISABLED <-> BACKDOOR air runtime detection - php notification (backdoor.rules)
 * 1:7533 <-> DISABLED <-> SPYWARE-PUT Adware piolet runtime detection - ads request (spyware-put.rules)
 * 1:7532 <-> DISABLED <-> SPYWARE-PUT Adware piolet runtime detection - user-agent (spyware-put.rules)
 * 1:7531 <-> DISABLED <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - login (spyware-put.rules)
 * 1:7530 <-> DISABLED <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - trickler (spyware-put.rules)
 * 1:7505 <-> DISABLED <-> SPYWARE-PUT Keylogger actualspy runtime detection - smtp (spyware-put.rules)
 * 1:7500 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (web-activex.rules)
 * 1:7504 <-> DISABLED <-> SPYWARE-PUT Keylogger actualspy runtime detection - ftp-data (spyware-put.rules)
 * 1:7498 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (web-activex.rules)
 * 1:7496 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Volume ActiveX clsid access (web-activex.rules)
 * 1:7494 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (web-activex.rules)
 * 1:7490 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (web-activex.rules)
 * 1:7492 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (web-activex.rules)
 * 1:7488 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (web-activex.rules)
 * 1:7486 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (web-activex.rules)
 * 1:7484 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (web-activex.rules)
 * 1:7480 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (web-activex.rules)
 * 1:7482 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (web-activex.rules)
 * 1:7478 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (web-activex.rules)
 * 1:7476 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (web-activex.rules)
 * 1:7474 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (web-activex.rules)
 * 1:7472 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (web-activex.rules)
 * 1:7470 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (web-activex.rules)
 * 1:7468 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (web-activex.rules)
 * 1:7466 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (web-activex.rules)
 * 1:7464 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (web-activex.rules)
 * 1:7462 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (web-activex.rules)
 * 1:7460 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (web-activex.rules)
 * 1:7458 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (web-activex.rules)
 * 1:7456 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (web-activex.rules)
 * 1:7454 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (web-activex.rules)
 * 1:7452 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (web-activex.rules)
 * 1:7450 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Stetch ActiveX clsid access (web-activex.rules)
 * 1:7448 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ShotDetect ActiveX clsid access (web-activex.rules)
 * 1:7446 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Record Queue ActiveX clsid access (web-activex.rules)
 * 1:7444 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (web-activex.rules)
 * 1:7442 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (web-activex.rules)
 * 1:7439 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HTML Help ActiveX clsid access (web-activex.rules)
 * 1:7437 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Frame Eater ActiveX clsid access (web-activex.rules)
 * 1:7436 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Dynamic Casts ActiveX function call (web-activex.rules)
 * 1:7435 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Dynamic Casts ActiveX clsid access (web-activex.rules)
 * 1:7431 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (web-activex.rules)
 * 1:7433 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (web-activex.rules)
 * 1:7429 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Bitmap ActiveX clsid access (web-activex.rules)
 * 1:7427 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Allocator Fix ActiveX clsid access (web-activex.rules)
 * 1:7425 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer 9x8Resize ActiveX clsid access (web-activex.rules)
 * 1:7142 <-> DISABLED <-> SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (spyware-put.rules)
 * 1:7193 <-> DISABLED <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (spyware-put.rules)
 * 1:7127 <-> DISABLED <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (spyware-put.rules)
 * 1:7074 <-> DISABLED <-> BACKDOOR W32.dumaru.gen runtime detection - cmd (backdoor.rules)
 * 1:7026 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows RDS.Dataspace ActiveX function call access (web-activex.rules)
 * 1:7017 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer RDS.DataControl ActiveX function call access (web-activex.rules)
 * 1:7016 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Object.Microsoft.DXTFilter ActiveX function call access (web-activex.rules)
 * 1:7015 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer NMSA.MediaDescription ActiveX function call access (web-activex.rules)
 * 1:7014 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer NMSA.ASFSourceMediaDescription.1 ActiveX function call access (web-activex.rules)
 * 1:7013 <-> DISABLED <-> WEB-ACTIVEX Microsoft.ISCatAdm ActiveX function call access (web-activex.rules)
 * 1:7012 <-> DISABLED <-> WEB-ACTIVEX Internet.PopupMenu.1 ActiveX function call access (web-activex.rules)
 * 1:7011 <-> DISABLED <-> WEB-ACTIVEX HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (web-activex.rules)
 * 1:7010 <-> DISABLED <-> WEB-ACTIVEX HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (web-activex.rules)
 * 1:7009 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows DirectAnimation.StructuredGraphicsControl ActiveX function call access (web-activex.rules)
 * 1:7008 <-> DISABLED <-> WEB-ACTIVEX DirectAnimation.DAUserData ActiveX function call access (web-activex.rules)
 * 1:7007 <-> DISABLED <-> WEB-ACTIVEX AxDebugger.Document.1 ActiveX function call access (web-activex.rules)
 * 1:7006 <-> DISABLED <-> WEB-ACTIVEX ASControls.InstallEngineCtl ActiveX function call access (web-activex.rules)
 * 1:7004 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Internet.HHCtrl.1 ActiveX function call access (web-activex.rules)
 * 1:6687 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (web-activex.rules)
 * 1:4215 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HTML Popup Window ActiveX object access (web-activex.rules)
 * 1:6686 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX clsid access (web-activex.rules)
 * 1:4216 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer CLSID_CComAcctImport ActiveX object access (web-activex.rules)
 * 1:6684 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX clsid access (web-activex.rules)
 * 1:4221 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ProxyStub Dispatch ActiveX object access (web-activex.rules)
 * 1:4222 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Outllib.dll ActiveX object access (web-activex.rules)
 * 1:4223 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer OpenCable Class ActiveX object access (web-activex.rules)
 * 1:4224 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer VideoPort ActiveX object access (web-activex.rules)
 * 1:6682 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (web-activex.rules)
 * 1:4225 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository ActiveX object access (web-activex.rules)
 * 1:4226 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DocHost User Interface Handler ActiveX object access (web-activex.rules)
 * 1:4227 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Network Connections ActiveX object access (web-activex.rules)
 * 1:6517 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX clsid access (web-activex.rules)
 * 1:4229 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSAPP Export Support for Office Access ActiveX object access (web-activex.rules)
 * 1:4230 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Search Assistant UI ActiveX object access (web-activex.rules)
 * 1:4231 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer SysTray ActiveX object access (web-activex.rules)
 * 1:4232 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer SysTray Invoker ActiveX object access (web-activex.rules)
 * 1:6516 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX function call access (web-activex.rules)
 * 1:4233 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Visual Database Tools Query Designer v7.0 ActiveX object access (web-activex.rules)
 * 1:4234 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSVTDGridCtrl7 ActiveX object access (web-activex.rules)
 * 1:4235 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Helper Object for Java ActiveX object access (web-activex.rules)
 * 1:4236 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer WMI ASDI Extension ActiveX object access (web-activex.rules)
 * 1:4648 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer wang image admin activex object access (web-activex.rules)
 * 1:6493 <-> DISABLED <-> BACKDOOR Trickler Backdoor-BAC.gen.e runtime detection - post data (backdoor.rules)
 * 1:4890 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (web-activex.rules)
 * 1:4891 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer cfw Class ActiveX object access (web-activex.rules)
 * 1:4892 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MTSEvents Class ActiveX object access (web-activex.rules)
 * 1:6397 <-> DISABLED <-> BACKDOOR http rat runtime detection - smtp (backdoor.rules)
 * 1:4893 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (web-activex.rules)
 * 1:4894 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer PSEnumVariant ActiveX object access (web-activex.rules)
 * 1:4895 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer PSTypeInfo ActiveX object access (web-activex.rules)
 * 1:4896 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer PSTypeLib ActiveX object access (web-activex.rules)
 * 1:6374 <-> DISABLED <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (spyware-put.rules)
 * 1:4897 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer PSOAInterface ActiveX object access (web-activex.rules)
 * 1:4898 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer PSTypeComp ActiveX object access (web-activex.rules)
 * 1:4899 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ISupportErrorInfo Interface ActiveX object access (web-activex.rules)
 * 1:4900 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (web-activex.rules)
 * 1:6238 <-> DISABLED <-> SPYWARE-PUT Adware lop runtime detection - collect info request 1 (spyware-put.rules)
 * 1:4901 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (web-activex.rules)
 * 1:4902 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (web-activex.rules)
 * 1:4903 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (web-activex.rules)
 * 1:4904 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Alias ActiveX object access (web-activex.rules)
 * 1:4905 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Object ActiveX object access (web-activex.rules)
 * 1:6213 <-> DISABLED <-> SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (spyware-put.rules)
 * 1:4906 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Interface Definition ActiveX object access (web-activex.rules)
 * 1:4907 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Collection Definition ActiveX object access (web-activex.rules)
 * 1:4908 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Method Definition ActiveX object access (web-activex.rules)
 * 1:6042 <-> DISABLED <-> BACKDOOR fear 0.2 runtime detection - php notification (backdoor.rules)
 * 1:4909 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Property Definition ActiveX object access (web-activex.rules)
 * 1:4910 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (web-activex.rules)
 * 1:4911 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Type Library ActiveX object access (web-activex.rules)
 * 1:4912 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Root ActiveX object access (web-activex.rules)
 * 1:6009 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows RDS.Dataspace ActiveX object access (web-activex.rules)
 * 1:4913 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Workspace ActiveX object access (web-activex.rules)
 * 1:4914 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Repository Script Definition ActiveX object access (web-activex.rules)
 * 1:4915 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Shortcut Handler ActiveX object access (web-activex.rules)
 * 1:4982 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Adodb.Stream ActiveX object access (web-activex.rules)
 * 1:6007 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT DDS OrgChart GDD Layout ActiveX object access (web-activex.rules)
 * 1:6006 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT Icon Control ActiveX object access (web-activex.rules)
 * 1:6005 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT DDS Straight Line Routing Logic 2 ActiveX object access (web-activex.rules)
 * 1:6004 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT DDS Circular Auto Layout Logic 2 ActiveX object access (web-activex.rules)
 * 1:6003 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT DDS Rectilinear GDD Route ActiveX object access (web-activex.rules)
 * 1:6002 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT DDS Rectilinear GDD Layout ActiveX object access (web-activex.rules)
 * 1:5948 <-> DISABLED <-> SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (spyware-put.rules)
 * 1:5788 <-> DISABLED <-> PUA-TOOLBARS Adware hithopper runtime detection - click toolbar buttons (pua-toolbars.rules)
 * 1:4220 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Network and Dial-Up Connections ActiveX object access (web-activex.rules)
 * 1:5708 <-> DISABLED <-> POLICY-OTHER web server file upload attempt (policy-other.rules)
 * 1:5715 <-> DISABLED <-> WEB-MISC Apache malformed ipv6 uri overflow attempt (web-misc.rules)
 * 1:5695 <-> DISABLED <-> WEB-IIS web agent redirect overflow attempt (web-iis.rules)
 * 1:4213 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DDS Picture Shape Control ActiveX object access (web-activex.rules)
 * 1:4983 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Adodb.Stream ActiveX Object Access CreateObject Function (web-activex.rules)
 * 1:4988 <-> DISABLED <-> WEB-MISC Barracuda IMG.PL directory traversal attempt (web-misc.rules)
 * 1:4214 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer TipGW Init ActiveX object access (web-activex.rules)
 * 1:10142 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LexRefBilingualTextContext ActiveX clsid access (web-activex.rules)
 * 1:10144 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LexRefBilingualTextContext ActiveX function call access (web-activex.rules)
 * 1:10145 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HTML Inline Sound Control ActiveX clsid access (web-activex.rules)
 * 1:10147 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HTML Inline Sound Control ActiveX function call access (web-activex.rules)
 * 1:10148 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HTML Inline Movie Control ActiveX clsid access (web-activex.rules)
 * 1:10150 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HTML Inline Movie Control ActiveX function call access (web-activex.rules)
 * 1:10151 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer BlnSetUser Proxy ActiveX clsid access (web-activex.rules)
 * 1:10153 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer BlnSetUser Proxy ActiveX function call access (web-activex.rules)
 * 1:10154 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer BlnSetUser Proxy 2 ActiveX clsid access (web-activex.rules)
 * 1:1021 <-> DISABLED <-> WEB-IIS ism.dll attempt (web-iis.rules)
 * 1:11193 <-> DISABLED <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
 * 1:11194 <-> DISABLED <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
 * 1:11224 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSAuth ActiveX clsid access (web-activex.rules)
 * 1:11226 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSAuth ActiveX function call access (web-activex.rules)
 * 1:11243 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX clsid access (web-activex.rules)
 * 1:11245 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX function call access (web-activex.rules)
 * 1:11247 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Research In Motion TeamOn Import ActiveX clsid access (web-activex.rules)
 * 1:11252 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Address ActiveX clsid access (web-activex.rules)
 * 1:11301 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX clsid access (web-activex.rules)
 * 1:11303 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX function call access (web-activex.rules)
 * 1:11685 <-> DISABLED <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
 * 1:12059 <-> DISABLED <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
 * 1:12060 <-> DISABLED <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
 * 1:12115 <-> ENABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12209 <-> DISABLED <-> PUA-P2P P2PTv TVAnt udp traffic detected (pua-p2p.rules)
 * 1:12211 <-> DISABLED <-> PUA-P2P P2PTv TVAnts TCP connection traffic detected (pua-p2p.rules)
 * 1:12212 <-> ENABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12244 <-> DISABLED <-> BACKDOOR itadem trojan 3.0 runtime detection (backdoor.rules)
 * 1:12417 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro ActiveX clsid access (web-activex.rules)
 * 1:12448 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Agent Control ActiveX clsid access (web-activex.rules)
 * 1:12450 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Agent Control ActiveX function call access (web-activex.rules)
 * 1:12452 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Agent File Provider ActiveX clsid access (web-activex.rules)
 * 1:12459 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access (web-activex.rules)
 * 1:12616 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access (web-activex.rules)
 * 1:12661 <-> DISABLED <-> BACKDOOR troll.a runtime detection (backdoor.rules)
 * 1:12954 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DXLTPI.DLL ActiveX clsid access (web-activex.rules)
 * 1:12957 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSN Heartbeat 2 ActiveX clsid access (web-activex.rules)
 * 1:12959 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSN Heartbeat 3 ActiveX clsid access (web-activex.rules)
 * 1:13451 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual FoxPro foxtlib ActiveX clsid access (web-activex.rules)
 * 1:13457 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Forms 2.0 ActiveX clsid access (web-activex.rules)
 * 1:13459 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Forms 2.0 ActiveX function call access (web-activex.rules)
 * 1:13625 <-> DISABLED <-> BACKDOOR MBR rootkit HTTP POST activity detected (backdoor.rules)
 * 1:13668 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (web-activex.rules)
 * 1:13670 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Help 2.0 Contents Control ActiveX function call access (web-activex.rules)
 * 1:13672 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Help 2.0 Contents Control 2 ActiveX clsid access (web-activex.rules)
 * 1:13674 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (web-activex.rules)
 * 1:13828 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer sapi.dll ActiveX clsid access (web-activex.rules)
 * 1:13830 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer sapi.dll alternate killbit ActiveX clsid access (web-activex.rules)
 * 1:13832 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer backweb ActiveX clsid access (web-activex.rules)
 * 1:13856 <-> DISABLED <-> BACKDOOR wintrim.z runtime detection (backdoor.rules)
 * 1:13912 <-> ENABLED <-> SPECIFIC-THREATS isComponentInstalled Metasploit attack attempt (specific-threats.rules)
 * 1:13941 <-> DISABLED <-> BACKDOOR trojan agent.nac runtime detection - click fraud (backdoor.rules)
 * 1:13942 <-> DISABLED <-> BACKDOOR trojan agent.nac runtime detection - call home (backdoor.rules)
 * 1:13944 <-> DISABLED <-> BACKDOOR trojan downloader small.gy runtime detection - get whitelist (backdoor.rules)
 * 1:13965 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Message System ActiveX clsid access (web-activex.rules)
 * 1:13967 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Message System ActiveX function call access (web-activex.rules)
 * 1:14081 <-> DISABLED <-> BACKDOOR trojan agent.aarm runtime detection - call home (backdoor.rules)
 * 1:14084 <-> DISABLED <-> BACKDOOR infostealer.banker.c runtime detection - download cfg.bin (backdoor.rules)
 * 1:14086 <-> DISABLED <-> BACKDOOR Adware.Win32.Agent.BM runtime detection 1 (backdoor.rules)
 * 1:14088 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 1 ActiveX clsid access (web-activex.rules)
 * 1:14090 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 2 ActiveX clsid access (web-activex.rules)
 * 1:14092 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 3 ActiveX clsid access (web-activex.rules)
 * 1:14094 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 4 ActiveX clsid access (web-activex.rules)
 * 1:14096 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 5 ActiveX clsid access (web-activex.rules)
 * 1:14098 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 6 ActiveX clsid access (web-activex.rules)
 * 1:14100 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 7 ActiveX clsid access (web-activex.rules)
 * 1:14102 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 8 ActiveX clsid access (web-activex.rules)
 * 1:14104 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 9 ActiveX clsid access (web-activex.rules)
 * 1:14106 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 10 ActiveX clsid access (web-activex.rules)
 * 1:14108 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 11 ActiveX clsid access (web-activex.rules)
 * 1:14110 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 12 ActiveX clsid access (web-activex.rules)
 * 1:14112 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 13 ActiveX clsid access (web-activex.rules)
 * 1:14114 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 14 ActiveX clsid access (web-activex.rules)
 * 1:14116 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 15 ActiveX clsid access (web-activex.rules)
 * 1:14118 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 16 ActiveX clsid access (web-activex.rules)
 * 1:14120 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 17 ActiveX clsid access (web-activex.rules)
 * 1:14122 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 18 ActiveX clsid access (web-activex.rules)
 * 1:14124 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 19 ActiveX clsid access (web-activex.rules)
 * 1:14126 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 20 ActiveX clsid access (web-activex.rules)
 * 1:14128 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 21 ActiveX clsid access (web-activex.rules)
 * 1:14130 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 22 ActiveX clsid access (web-activex.rules)
 * 1:14132 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 23 ActiveX clsid access (web-activex.rules)
 * 1:14134 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 24 ActiveX clsid access (web-activex.rules)
 * 1:14136 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 25 ActiveX clsid access (web-activex.rules)
 * 1:14138 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 26 ActiveX clsid access (web-activex.rules)
 * 1:14140 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 27 ActiveX clsid access (web-activex.rules)
 * 1:14142 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 28 ActiveX clsid access (web-activex.rules)
 * 1:14144 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 29 ActiveX clsid access (web-activex.rules)
 * 1:14146 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 30 ActiveX clsid access (web-activex.rules)
 * 1:14148 <-> ENABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 31 ActiveX clsid access (web-activex.rules)
 * 1:14150 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 32 ActiveX clsid access (web-activex.rules)
 * 1:14152 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 33 ActiveX clsid access (web-activex.rules)
 * 1:14154 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 34 ActiveX clsid access (web-activex.rules)
 * 1:14156 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 35 ActiveX clsid access (web-activex.rules)
 * 1:14158 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 36 ActiveX clsid access (web-activex.rules)
 * 1:14160 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 37 ActiveX clsid access (web-activex.rules)
 * 1:14162 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 38 ActiveX clsid access (web-activex.rules)
 * 1:14164 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 39 ActiveX clsid access (web-activex.rules)
 * 1:14166 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 40 ActiveX clsid access (web-activex.rules)
 * 1:14168 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 41 ActiveX clsid access (web-activex.rules)
 * 1:14170 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 42 ActiveX clsid access (web-activex.rules)
 * 1:14172 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 43 ActiveX clsid access (web-activex.rules)
 * 1:14174 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 44 ActiveX clsid access (web-activex.rules)
 * 1:14176 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 45 ActiveX clsid access (web-activex.rules)
 * 1:14178 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 46 ActiveX clsid access (web-activex.rules)
 * 1:14180 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 47 ActiveX clsid access (web-activex.rules)
 * 1:14182 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 48 ActiveX clsid access (web-activex.rules)
 * 1:14184 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 49 ActiveX clsid access (web-activex.rules)
 * 1:14186 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 50 ActiveX clsid access (web-activex.rules)
 * 1:14188 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 51 ActiveX clsid access (web-activex.rules)
 * 1:14190 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 52 ActiveX clsid access (web-activex.rules)
 * 1:14192 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 53 ActiveX clsid access (web-activex.rules)
 * 1:14194 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 54 ActiveX clsid access (web-activex.rules)
 * 1:14196 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 55 ActiveX clsid access (web-activex.rules)
 * 1:14198 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 56 ActiveX clsid access (web-activex.rules)
 * 1:14200 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 57 ActiveX clsid access (web-activex.rules)
 * 1:14202 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 58 ActiveX clsid access (web-activex.rules)
 * 1:14204 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 59 ActiveX clsid access (web-activex.rules)
 * 1:14206 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 60 ActiveX clsid access (web-activex.rules)
 * 1:14208 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 61 ActiveX clsid access (web-activex.rules)
 * 1:14210 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 62 ActiveX clsid access (web-activex.rules)
 * 1:14212 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 63 ActiveX clsid access (web-activex.rules)
 * 1:14214 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 64 ActiveX clsid access (web-activex.rules)
 * 1:14216 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 65 ActiveX clsid access (web-activex.rules)
 * 1:14218 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 66 ActiveX clsid access (web-activex.rules)
 * 1:14220 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 67 ActiveX clsid access (web-activex.rules)
 * 1:14222 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 68 ActiveX clsid access (web-activex.rules)
 * 1:14224 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 69 ActiveX clsid access (web-activex.rules)
 * 1:14226 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 70 ActiveX clsid access (web-activex.rules)
 * 1:14228 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader unspecified 71 ActiveX clsid access (web-activex.rules)
 * 1:14644 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer cross domain unfocusable HTML element (web-client.rules)
 * 1:14990 <-> DISABLED <-> WEB-MISC Novell eDirectory SOAP Accept Charset header overflow attempt (web-misc.rules)
 * 1:15084 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Common Controls Animation Object ActiveX clsid access (web-activex.rules)
 * 1:15086 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Common Controls Animation Object ActiveX function call access (web-activex.rules)
 * 1:15088 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic Charts ActiveX clsid access (web-activex.rules)
 * 1:15090 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic Charts ActiveX function call access (web-activex.rules)
 * 1:15092 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic DataGrid ActiveX clsid access (web-activex.rules)
 * 1:15094 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic DataGrid ActiveX function call access (web-activex.rules)
 * 1:15096 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (web-activex.rules)
 * 1:15098 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic FlexGrid ActiveX function call access (web-activex.rules)
 * 1:15100 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX clsid access (web-activex.rules)
 * 1:15102 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (web-activex.rules)
 * 1:15109 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (web-activex.rules)
 * 1:15112 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (web-activex.rules)
 * 1:15116 <-> ENABLED <-> WEB-CLIENT Microsoft Windows search protocol handler access attempt (web-client.rules)
 * 1:15122 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Shell.Explorer 2 ActiveX clsid access (web-activex.rules)
 * 1:15186 <-> DISABLED <-> MISC Multiple vendors CUPS HPGL filter remote code execution attempt (misc.rules)
 * 1:15295 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C configuration attempt (botnet-cnc.rules)
 * 1:15296 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C malicious file download attempt (botnet-cnc.rules)
 * 1:15297 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C report home attempt (botnet-cnc.rules)
 * 1:15424 <-> DISABLED <-> WEB-PHP phpBB mod shoutbox sql injection attempt (web-php.rules)
 * 1:15425 <-> DISABLED <-> WEB-PHP phpBB mod tag board sql injection attempt (web-php.rules)
 * 1:15431 <-> ENABLED <-> SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt (specific-threats.rules)
 * 1:15446 <-> DISABLED <-> WEB-MISC Novell eDirectory management console Accept-Language buffer overflow attempt (web-misc.rules)
 * 1:15481 <-> ENABLED <-> BOTNET-CNC Zeus/Zbot malware config file download request (botnet-cnc.rules)
 * 1:15526 <-> ENABLED <-> EXPLOIT Microsoft Works 4.x converter font name buffer overflow attempt (exploit.rules)
 * 1:15574 <-> DISABLED <-> SMTP MAIL FROM command overflow attempt (smtp.rules)
 * 1:15698 <-> DISABLED <-> WEB-CLIENT Possible generic javascript heap spray attempt (web-client.rules)
 * 1:15861 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Remote Desktop Client ActiveX clsid access (web-activex.rules)
 * 1:15863 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Remote Desktop Client ActiveX function call access (web-activex.rules)
 * 1:15893 <-> DISABLED <-> WEB-CLIENT fCreateShellLink function use - potential attack (web-client.rules)
 * 1:15924 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DHTML Editing ActiveX function call access (web-activex.rules)
 * 1:15978 <-> DISABLED <-> WEB-MISC Macromedia JRun 4 mod_jrun buffer overflow attempt (web-misc.rules)
 * 1:16035 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt (web-client.rules)
 * 1:16073 <-> ENABLED <-> SPECIFIC-THREATS MS-SQL convert function unicode overflow (specific-threats.rules)
 * 1:16094 <-> DISABLED <-> BACKDOOR trojan downloader exchan.gen variant runtime detection (backdoor.rules)
 * 1:16097 <-> DISABLED <-> BACKDOOR trojan win32.agent.vvm runtime detection (backdoor.rules)
 * 1:16099 <-> DISABLED <-> BACKDOOR trojan-dropper.win32.agent.wdv runtime detection (backdoor.rules)
 * 1:16113 <-> DISABLED <-> BACKDOOR trojan downloader.agent.vhb runtime detection - request login page (backdoor.rules)
 * 1:16130 <-> DISABLED <-> SPYWARE-PUT Keylogger lord spy pro 1.4 runtime detection (spyware-put.rules)
 * 1:16132 <-> DISABLED <-> SPYWARE-PUT Trackware owlforce runtime detection - remote server #1 (spyware-put.rules)
 * 1:16151 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer unitialized or deleted object access attempt (web-client.rules)
 * 1:16195 <-> ENABLED <-> WEB-MISC Novell eDirectory HTTP request content-length heap buffer overflow attempt (web-misc.rules)
 * 1:16242 <-> DISABLED <-> BACKDOOR downloader-ash.gen.b runtime detection - adload (backdoor.rules)
 * 1:16244 <-> DISABLED <-> BACKDOOR rogue software xp police antivirus runtime detection - purchase (backdoor.rules)
 * 1:16246 <-> DISABLED <-> BACKDOOR rogue software spyware protect 2009 runtime detection - purchase request (backdoor.rules)
 * 1:16247 <-> DISABLED <-> BACKDOOR rogue software spyware protect 2009 runtime detection - block (backdoor.rules)
 * 1:16248 <-> DISABLED <-> BACKDOOR rogue software ms antispyware 2009 runtime detection - start (backdoor.rules)
 * 1:16249 <-> DISABLED <-> BACKDOOR rogue software ms antispyware 2009 runtime detection - pay (backdoor.rules)
 * 1:16250 <-> DISABLED <-> BACKDOOR rogue software win pc defender runtime detection (backdoor.rules)
 * 1:16251 <-> DISABLED <-> BACKDOOR rogue software win pc defender installtime detection (backdoor.rules)
 * 1:16252 <-> DISABLED <-> BACKDOOR rogue software pro antispyware 2009 runtime detection - purchase (backdoor.rules)
 * 1:16253 <-> DISABLED <-> BACKDOOR rogue software system security 2009 runtime detection (backdoor.rules)
 * 1:16256 <-> DISABLED <-> BACKDOOR rogue software coreguard antivirus 2009 runtime detection (backdoor.rules)
 * 1:16257 <-> DISABLED <-> BACKDOOR rogue software perfect defender 2009 runtime detection - update (backdoor.rules)
 * 1:16258 <-> DISABLED <-> BACKDOOR rogue software perfect defender 2009 runtime detection - purchase (backdoor.rules)
 * 1:16259 <-> DISABLED <-> BACKDOOR rogue software antivirusdoktor2009 runtime detection (backdoor.rules)
 * 1:16260 <-> DISABLED <-> BACKDOOR rogue software xp antivirus protection runtime detection - installation (backdoor.rules)
 * 1:16261 <-> DISABLED <-> BACKDOOR rogue software xp antivirus protection runtime detection - runtime (backdoor.rules)
 * 1:16262 <-> DISABLED <-> BACKDOOR rogue software xp-shield runtime detection (backdoor.rules)
 * 1:16263 <-> DISABLED <-> BACKDOOR rogue software xp-shield runtime detection - installation (backdoor.rules)
 * 1:16264 <-> DISABLED <-> BACKDOOR rogue software 007 anti-spyware runtime detection - update (backdoor.rules)
 * 1:16265 <-> DISABLED <-> BACKDOOR rogue software 007 anti-spyware runtime detection - register (backdoor.rules)
 * 1:16266 <-> DISABLED <-> BACKDOOR rogue software pc antispyware 2010 runtime detection - buy (backdoor.rules)
 * 1:16267 <-> DISABLED <-> BACKDOOR rogue software pc antispyware 2010 runtime detection - files (backdoor.rules)
 * 1:16272 <-> DISABLED <-> BACKDOOR trojan-dropper.irc.tkb runtime detection - lordhack (backdoor.rules)
 * 1:16273 <-> DISABLED <-> BACKDOOR trojan-dropper.irc.tkb runtime detection - dxcpm (backdoor.rules)
 * 1:16274 <-> DISABLED <-> BOTNET-CNC Trickler trojan-spy.win32.pophot runtime detection - connect to server (botnet-cnc.rules)
 * 1:16279 <-> DISABLED <-> BACKDOOR rogue-software windows antivirus 2008 runtime detection - pre-sale page (backdoor.rules)
 * 1:16419 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Data Analyzer 3.5 ActiveX clsid access (web-activex.rules)
 * 1:16506 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (web-client.rules)
 * 1:16510 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (web-activex.rules)
 * 1:16511 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (web-activex.rules)
 * 1:16555 <-> ENABLED <-> WEB-MISC HP Openview Network Node Manager OvAcceptLang overflow attempt (web-misc.rules)
 * 1:16581 <-> DISABLED <-> SPECIFIC-THREATS Persits Software XUpload ActiveX clsid unsafe function access attempt (specific-threats.rules)
 * 1:16584 <-> ENABLED <-> WEB-CLIENT Java Web Start arbitrary command execution attempt - Internet Explorer (web-client.rules)
 * 1:16587 <-> DISABLED <-> SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities buffer overflow attempt (specific-threats.rules)
 * 1:16600 <-> DISABLED <-> BACKDOOR Otlard Trojan activity (backdoor.rules)
 * 1:16605 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer nested SPAN tag memory corruption attempt (specific-threats.rules)
 * 1:16609 <-> DISABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (specific-threats.rules)
 * 1:16636 <-> DISABLED <-> MISC Microsoft Windows .NET framework XMLDsig data tampering attempt  (misc.rules)
 * 1:16637 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer security zone restriction bypass attempt (exploit.rules)
 * 1:16647 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules)
 * 1:16667 <-> ENABLED <-> SPECIFIC-THREATS Google Chrome GURL cross origin bypass attempt - 1 (specific-threats.rules)
 * 1:16668 <-> ENABLED <-> SPECIFIC-THREATS Google Chrome GURL cross origin bypass attempt - 2 (specific-threats.rules)
 * 1:16672 <-> ENABLED <-> SPECIFIC-THREATS Symantec Backup Exec ActiveX control buffer overflow attempt (specific-threats.rules)
 * 1:16725 <-> DISABLED <-> SPECIFIC-THREATS ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (specific-threats.rules)
 * 1:16731 <-> ENABLED <-> SPECIFIC-THREATS ProShow Gold PSH file handling overflow attempt (specific-threats.rules)
 * 1:16740 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (specific-threats.rules)
 * 1:16744 <-> DISABLED <-> WEB-CLIENT Worldweaver DX Studio Player plug-in command injection attempt (web-client.rules)
 * 1:16745 <-> ENABLED <-> SPECIFIC-THREATS DjVu ActiveX control ImageURL property overflow attempt (specific-threats.rules)
 * 1:16787 <-> DISABLED <-> SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (specific-threats.rules)
 * 1:16789 <-> ENABLED <-> SPECIFIC-THREATS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 1 (specific-threats.rules)
 * 1:16790 <-> ENABLED <-> SPECIFIC-THREATS Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 2 (specific-threats.rules)
 * 1:16804 <-> DISABLED <-> BACKDOOR Win32.Qakbot.E - initial load (backdoor.rules)
 * 1:16805 <-> DISABLED <-> BACKDOOR Win32.Qakbot.E config check (backdoor.rules)
 * 1:16806 <-> DISABLED <-> BACKDOOR Win32.Qakbot.E - FTP upload seclog (backdoor.rules)
 * 1:16808 <-> DISABLED <-> BACKDOOR Win32.Qakbot.E - register client (backdoor.rules)
 * 1:16819 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:17120 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:17121 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:17122 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:17129 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer use-after-free memory corruption attempt (web-client.rules)
 * 1:17140 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:17165 <-> DISABLED <-> WEB-CLIENT Opera browser document writing uninitialized memory access attempt (web-client.rules)
 * 1:17261 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt (web-client.rules)
 * 1:17262 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer createTextRange code execution attempt (web-client.rules)
 * 1:17263 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:17291 <-> ENABLED <-> INDICATOR-OBFUSCATION base64-encoded uri data object found (indicator-obfuscation.rules)
 * 1:17299 <-> ENABLED <-> SPECIFIC-THREATS ISC BIND RRSIG query denial of service attempt (specific-threats.rules)
 * 1:17316 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Folder GUID Code Execution attempt (web-client.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17369 <-> DISABLED <-> SERVER-MAIL MailEnable service APPEND command handling buffer overflow attempt (server-mail.rules)
 * 1:17385 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer setRequestHeader overflow attempt (web-client.rules)
 * 1:17413 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Jet DB Engine Buffer Overflow attempt (specific-threats.rules)
 * 1:17414 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (specific-threats.rules)
 * 1:17415 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (specific-threats.rules)
 * 1:17417 <-> ENABLED <-> ORACLE Database Intermedia Denial of Service Attempt (oracle.rules)
 * 1:17424 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (specific-threats.rules)
 * 1:17425 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (specific-threats.rules)
 * 1:17427 <-> DISABLED <-> SPECIFIC-THREATS Oracle database DBMS_Scheduler privilege escalation attempt (specific-threats.rules)
 * 1:17444 <-> ENABLED <-> SPECIFIC-THREATS Firefox 3 xsl parsing heap overflow attempt (specific-threats.rules)
 * 1:17466 <-> DISABLED <-> SPECIFIC-THREATS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (specific-threats.rules)
 * 1:17473 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt (oracle.rules)
 * 1:17474 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17475 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17476 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (oracle.rules)
 * 1:17477 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17478 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (oracle.rules)
 * 1:17479 <-> ENABLED <-> ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (oracle.rules)
 * 1:17480 <-> ENABLED <-> ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17512 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (web-client.rules)
 * 1:17513 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (web-client.rules)
 * 1:17514 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (web-client.rules)
 * 1:17515 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (web-client.rules)
 * 1:17516 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer Script Action Handler buffer overflow attempt (web-client.rules)
 * 1:17519 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (specific-threats.rules)
 * 1:17528 <-> ENABLED <-> SPECIFIC-THREATS nginx URI parsing buffer overflow attempt (specific-threats.rules)
 * 1:17553 <-> DISABLED <-> SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (specific-threats.rules)
 * 1:17555 <-> ENABLED <-> SPECIFIC-THREATS Macrovision InstallShield Update Service ActiveX exploit attempt (specific-threats.rules)
 * 1:17573 <-> ENABLED <-> WEB-CLIENT ffdshow codec URL parsing buffer overflow attempt (web-client.rules)
 * 1:17580 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt (specific-threats.rules)
 * 1:17581 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox tag order memory corruption attempt (specific-threats.rules)
 * 1:17590 <-> ENABLED <-> ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (oracle.rules)
 * 1:17601 <-> ENABLED <-> WEB-CLIENT Mozilla Firefox file type memory corruption attempt (web-client.rules)
 * 1:17604 <-> DISABLED <-> SPECIFIC-THREATS Java AWT ConvolveOp memory corruption attempt (specific-threats.rules)
 * 1:17654 <-> ENABLED <-> SPECIFIC-THREATS Facebook Photo Uploader ActiveX exploit attempt (specific-threats.rules)
 * 1:17668 <-> DISABLED <-> FILE-PDF download of a PDF with embedded JavaScript - JS string (file-pdf.rules)
 * 1:17724 <-> DISABLED <-> SPECIFIC-THREATS malicious ASP file upload attempt (specific-threats.rules)
 * 1:17725 <-> DISABLED <-> WEB-CLIENT Opera file URI handling buffer overflow (web-client.rules)
 * 1:17729 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer EMBED element memory corruption attempt (specific-threats.rules)
 * 1:17735 <-> ENABLED <-> SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (specific-threats.rules)
 * 1:17770 <-> ENABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules)
 * 1:17772 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (web-activex.rules)
 * 1:17781 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:18098 <-> DISABLED <-> BOTNET-CNC URI request for known malicious URI - Carberp (botnet-cnc.rules)
 * 1:18102 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Acrobat Reader invalid PDF JavaScript extension call (file-pdf.rules)
 * 1:18167 <-> DISABLED <-> WEB-CLIENT Possible generic javascript heap spray attempt (web-client.rules)
 * 1:18168 <-> DISABLED <-> WEB-CLIENT Possible generic javascript heap spray attempt (web-client.rules)
 * 1:1817 <-> DISABLED <-> WEB-IIS MS Site Server default login attempt (web-iis.rules)
 * 1:18174 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt (specific-threats.rules)
 * 1:18175 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS memory corruption attempt (specific-threats.rules)
 * 1:18197 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (web-activex.rules)
 * 1:18198 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (web-activex.rules)
 * 1:18199 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (web-activex.rules)
 * 1:18200 <-> ENABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:18241 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows WMI Administrator Tools Object Viewer ActiveX clsid access (web-activex.rules)
 * 1:18242 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (web-activex.rules)
 * 1:18279 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Karagany.A contact to server attempt (botnet-cnc.rules)
 * 1:18280 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer oversize recordset object cache size exploit attempt (web-client.rules)
 * 1:18281 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.VB.njz contact to server attempt (botnet-cnc.rules)
 * 1:18329 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (web-activex.rules)
 * 1:18353 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string SelectRebates (blacklist.rules)
 * 1:18562 <-> DISABLED <-> BOTNET-CNC RogueSoftware.Win32.LivePcCare contact to server attempt (botnet-cnc.rules)
 * 1:18564 <-> DISABLED <-> BOTNET-CNC RussKill botnet contact to C&C server attempt (botnet-cnc.rules)
 * 1:18577 <-> DISABLED <-> BOTNET-CNC Trojan-Banker.Win32.Banker.agum contact to server attempt (botnet-cnc.rules)
 * 1:18579 <-> ENABLED <-> WEB-MISC HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (web-misc.rules)
 * 1:18709 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Banker.aufm contact to server attempt (botnet-cnc.rules)
 * 1:18711 <-> DISABLED <-> BOTNET-CNC RogueSoftware.Win32.SecurityCentral contact to server attempt (botnet-cnc.rules)
 * 1:18717 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Banker.QO contact to server attempt (botnet-cnc.rules)
 * 1:18718 <-> DISABLED <-> BOTNET-CNC RogueSoftware.Win32.AdvancedDefender contact to server attempt (botnet-cnc.rules)
 * 1:18723 <-> DISABLED <-> BOTNET-CNC RogueSoftware.Win32.CleanV contact to server attempt (botnet-cnc.rules)
 * 1:18764 <-> ENABLED <-> WEB-CGI HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (web-cgi.rules)
 * 1:18765 <-> ENABLED <-> SPECIFIC-THREATS Majordomo2 smtp directory traversal attempt (specific-threats.rules)
 * 1:18905 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18906 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18907 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18908 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18909 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18910 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18911 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18912 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18913 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18914 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18915 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18916 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18917 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18918 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18919 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18920 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18921 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18922 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18923 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18924 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18925 <-> ENABLED <-> WEB-MISC OpenView Network Node Manager cookie buffer overflow attempt (web-misc.rules)
 * 1:18938 <-> DISABLED <-> BOTNET-CNC URI request for known malicious URI - ZBot (botnet-cnc.rules)
 * 1:18939 <-> ENABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:18940 <-> DISABLED <-> BOTNET-CNC URI request for known malicious URI - Sality (botnet-cnc.rules)
 * 1:18944 <-> DISABLED <-> BOTNET-CNC URI request for known malicious URI - Suspected Crimepack (botnet-cnc.rules)
 * 1:18953 <-> ENABLED <-> SPECIFIC-THREATS rich text format unexpected field type memory corruption attempt (specific-threats.rules)
 * 1:18954 <-> ENABLED <-> SPECIFIC-THREATS rich text format unexpected field type memory corruption attempt (specific-threats.rules)
 * 1:18959 <-> DISABLED <-> WEB-MISC VMware SpringSource Spring Framework class.classloader remote code execution attempt (web-misc.rules)
 * 1:18976 <-> DISABLED <-> BOTNET-CNC Rogue-Software.AVCare outbound connection (botnet-cnc.rules)
 * 1:18985 <-> ENABLED <-> WEB-MISC CA ARCserve Axis2 default credential login attempt (web-misc.rules)
 * 1:19024 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.StartPage outbound connection (botnet-cnc.rules)
 * 1:19034 <-> DISABLED <-> BOTNET-CNC Win32.Kbot.qd outbound connection (botnet-cnc.rules)
 * 1:19041 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Carberp.C contact to server attempt (botnet-cnc.rules)
 * 1:19060 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Ponmocup.A contact to server attempt (botnet-cnc.rules)
 * 1:19079 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer getElementById object corruption (specific-threats.rules)
 * 1:19097 <-> DISABLED <-> SPECIFIC-THREATS Apple Safari Webkit ContentEditable code execution attempt (specific-threats.rules)
 * 1:19107 <-> DISABLED <-> SPECIFIC-THREATS Apache mod_isapi dangling pointer code execution attempt (specific-threats.rules)
 * 1:19110 <-> ENABLED <-> WEB-MISC IBM Rational Quality Manager and Test Lab Manager policy bypass attempt (web-misc.rules)
 * 1:19135 <-> DISABLED <-> BACKDOOR Win32.Buterat Checkin (backdoor.rules)
 * 1:19137 <-> ENABLED <-> WEB-MISC HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (web-misc.rules)
 * 1:19138 <-> ENABLED <-> WEB-MISC HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (web-misc.rules)
 * 1:19139 <-> ENABLED <-> WEB-MISC HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (web-misc.rules)
 * 1:19140 <-> ENABLED <-> WEB-MISC HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (web-misc.rules)
 * 1:19149 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer malformed table tag memory corruption attempt (web-client.rules)
 * 1:19150 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer malformed table tag memory corruption attempt (web-client.rules)
 * 1:19156 <-> ENABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:19157 <-> ENABLED <-> WEB-MISC HP Universal CMDB server axis2 default credentials attempt (web-misc.rules)
 * 1:19158 <-> ENABLED <-> POLICY-OTHER HP Universal CMDB server axis2 service upload attempt (policy-other.rules)
 * 1:19164 <-> ENABLED <-> BOTNET-CNC Trojan SpyEye outbound connection (botnet-cnc.rules)
 * 1:19195 <-> DISABLED <-> SPECIFIC-THREATS Oracle Document Capture ActiveX function call access (specific-threats.rules)
 * 1:19296 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:19311 <-> DISABLED <-> SPYWARE-PUT Keylogger aspy v2.12 runtime detection (spyware-put.rules)
 * 1:19312 <-> DISABLED <-> BACKDOOR Trojan Win32.Agent.aah outbound connection (backdoor.rules)
 * 1:19331 <-> DISABLED <-> BACKDOOR Adclicker Trojan Zlob.dnz outbound connection (backdoor.rules)
 * 1:19342 <-> DISABLED <-> BACKDOOR Adware Professional Runtime Detection (backdoor.rules)
 * 1:19344 <-> DISABLED <-> BACKDOOR AntiMalware Pro Runtime Detection (backdoor.rules)
 * 1:19345 <-> DISABLED <-> BACKDOOR REAnti outbound connection (backdoor.rules)
 * 1:19346 <-> DISABLED <-> BACKDOOR Additional Guard outbound connection (backdoor.rules)
 * 1:19348 <-> ENABLED <-> BACKDOOR Trojan Downloader Win32.FraudLoad.emq outbound connection (backdoor.rules)
 * 1:19367 <-> DISABLED <-> BOTNET-CNC Worm Win32.Vaubeg.A outbound connection (botnet-cnc.rules)
 * 1:19368 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Carberp.D outbound connection (botnet-cnc.rules)
 * 1:19369 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Carberp.D outbound connection (botnet-cnc.rules)
 * 1:19372 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string javasw - Trojan.Banload (blacklist.rules)
 * 1:19402 <-> DISABLED <-> BACKDOOR P2P Worm.Win32.Malas.r outbound connection (backdoor.rules)
 * 1:19426 <-> DISABLED <-> BACKDOOR Trojan Downloader Win32.Crypter.i outbound connection (backdoor.rules)
 * 1:19427 <-> DISABLED <-> BACKDOOR Win32.Agent.amjz outbound connection (backdoor.rules)
 * 1:19428 <-> DISABLED <-> BACKDOOR Trojan Downloader Win32.Adload.BG outbound connection (backdoor.rules)
 * 1:19433 <-> DISABLED <-> BACKDOOR W32.Fujacks.aw outbound connection (backdoor.rules)
 * 1:19438 <-> DISABLED <-> SQL url ending in comment characters - possible sql injection attempt (sql.rules)
 * 1:19454 <-> DISABLED <-> BOTNET-CNC Trojan.PWS.Win32.QQPass.IK runtime detection (botnet-cnc.rules)
 * 1:19455 <-> DISABLED <-> SPYWARE-PUT Worm.Win32.AutoRun.aw runtime detection (spyware-put.rules)
 * 1:19457 <-> DISABLED <-> BOTNET-CNC Trojan-Clicker.Win32.Vesloruki.ajb runtime detection (botnet-cnc.rules)
 * 1:19476 <-> DISABLED <-> BACKDOOR Exploit.Win32.SqlShell.r runtime detection (backdoor.rules)
 * 1:19477 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Krap.af contact to server attempt (botnet-cnc.rules)
 * 1:19478 <-> DISABLED <-> SPYWARE-PUT Worm.Win32.Taterf.B contact to server attempt (spyware-put.rules)
 * 1:19479 <-> DISABLED <-> SPYWARE-PUT Net-Worm.Win32.Piloyd.m contact to server attempt - request html (spyware-put.rules)
 * 1:19480 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string STORMDDOS - Backdoor.Win32.Inject.ctt (blacklist.rules)
 * 1:19482 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string ErrorFix (blacklist.rules)
 * 1:19485 <-> DISABLED <-> SPYWARE-PUT Packed.Win32.Black.d contact to server attempt (spyware-put.rules)
 * 1:19491 <-> DISABLED <-> BACKDOOR Trojan Downloader Win32.Genome.vau outbound connection (backdoor.rules)
 * 1:19493 <-> ENABLED <-> BLACKLIST URI request for known malicious uri config.ini on 3322.org domain (blacklist.rules)
 * 1:19494 <-> DISABLED <-> BACKDOOR W32.Licum outbound connection (backdoor.rules)
 * 1:19554 <-> DISABLED <-> BOTNET-CNC Trojan Fakeav Antivirus Xp Pro outbound connection (botnet-cnc.rules)
 * 1:19581 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.Apher.gpd outbound connection (backdoor.rules)
 * 1:19583 <-> DISABLED <-> BACKDOOR Trojan Win32.Bumat.rts outbound connection (backdoor.rules)
 * 1:19586 <-> DISABLED <-> BACKDOOR Trojan Clicker Win32.Agent.dlg outbound connection (backdoor.rules)
 * 1:19588 <-> DISABLED <-> BACKDOOR Win32.Sereki.B successful connection (backdoor.rules)
 * 1:19591 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Powp.pyv outbound connection (botnet-cnc.rules)
 * 1:19592 <-> DISABLED <-> BOTNET-CNC Trickler Trojan-Downloader.Win32.Agent.bjkd Runtime Detection (botnet-cnc.rules)
 * 1:19599 <-> DISABLED <-> ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (oracle.rules)
 * 1:19600 <-> DISABLED <-> ORACLE Warehouse builder WE_OLAP_AW_SET_SOLVE_ID SQL Injection attempt (oracle.rules)
 * 1:19605 <-> DISABLED <-> ORACLE Glass Fish Server malformed username cross site scripting attempt (oracle.rules)
 * 1:19612 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.Banload.bvk outbound connection (backdoor.rules)
 * 1:19613 <-> DISABLED <-> BACKDOOR Rogue Software Registry Cleaner Pro outbound connection (backdoor.rules)
 * 1:19652 <-> DISABLED <-> BOTNET-CNC Teevsock C outbound connection (botnet-cnc.rules)
 * 1:19654 <-> DISABLED <-> BOTNET-CNC Trojan-Spy.Win32.Zbot.wti contact to server attempt (botnet-cnc.rules)
 * 1:19655 <-> DISABLED <-> BOTNET-CNC Trojan-Dropper.Agent.IK contact to server attempt (botnet-cnc.rules)
 * 1:19656 <-> DISABLED <-> BACKDOOR Trojan-Dropper.Win32.Peace.lh Runtime Detection (backdoor.rules)
 * 1:19665 <-> DISABLED <-> EXPLOIT Microsoft Windows Remote Desktop web access cross-site scripting attempt (exploit.rules)
 * 1:19695 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.VB.nec outbound connection (backdoor.rules)
 * 1:19697 <-> DISABLED <-> BACKDOOR Trojan Spy.Win32.VB.btm outbound connection (backdoor.rules)
 * 1:19698 <-> DISABLED <-> BACKDOOR Win32.Prosti.AG contact to server attempt (backdoor.rules)
 * 1:19699 <-> DISABLED <-> BOTNET-CNC TrojanDownloader.Win32.Korklic.A contact to server attempt (botnet-cnc.rules)
 * 1:19711 <-> ENABLED <-> BOTNET-CNC Trojan.Jorik contact to server attempt (botnet-cnc.rules)
 * 1:19715 <-> DISABLED <-> BOTNET-CNC Trojan.URLZone contact to server attempt (botnet-cnc.rules)
 * 1:19716 <-> DISABLED <-> BACKDOOR TrojanSpy.Win32.Banker.OO Runtime Detection (backdoor.rules)
 * 1:19717 <-> DISABLED <-> SPYWARE-PUT Virus.Win32.Virut.ce contact to server attempt (spyware-put.rules)
 * 1:19718 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Agent.bkap contact to server attempt (botnet-cnc.rules)
 * 1:19719 <-> DISABLED <-> SPYWARE-PUT Email-Worm.Win32.Bagle.of Runtime Detection (spyware-put.rules)
 * 1:19720 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Onestage.ws contact to server attempt (botnet-cnc.rules)
 * 1:19733 <-> DISABLED <-> BACKDOOR Trojan Win32.Jorik.BRU outbound connection (backdoor.rules)
 * 1:19735 <-> DISABLED <-> POLICY-OTHER Filesonic file-sharing site contacted (policy-other.rules)
 * 1:19736 <-> DISABLED <-> POLICY-OTHER Megaupload file-sharing site contacted (policy-other.rules)
 * 1:19737 <-> DISABLED <-> POLICY-OTHER Rapidshare file-sharing site contacted (policy-other.rules)
 * 1:19745 <-> DISABLED <-> BACKDOOR Trojan-Downloader.Win32.FraudLoad.dyl runtime detection (backdoor.rules)
 * 1:19747 <-> DISABLED <-> BACKDOOR Win32.GGDoor.22 runtime detection (backdoor.rules)
 * 1:19753 <-> DISABLED <-> BOTNET-CNC Trojan TrojanSpy.Win32.Zbot.gen.C Runtime Detection (botnet-cnc.rules)
 * 1:19755 <-> DISABLED <-> BACKDOOR Trojan.Win32.Alphabet contact to server attempt (backdoor.rules)
 * 1:19756 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string Opera/8.89 - P2P-Worm.Win32.Palevo.ddm (blacklist.rules)
 * 1:19757 <-> DISABLED <-> BACKDOOR Trojan-Downloader.Win32.Agent.bqlu contact to server attempt (backdoor.rules)
 * 1:19758 <-> DISABLED <-> BACKDOOR Win32.Small.yw contact to server attempt (backdoor.rules)
 * 1:19759 <-> DISABLED <-> BACKDOOR Trojan-PSW.Win32.FireThief.h Runtime Detection (backdoor.rules)
 * 1:19774 <-> DISABLED <-> BACKDOOR Gen-Trojan.Heur runtime detection (backdoor.rules)
 * 1:19778 <-> ENABLED <-> BLACKLIST URI request for known malicious URI - /games/java_trust.php?f= (blacklist.rules)
 * 1:19781 <-> DISABLED <-> BACKDOOR Trojan-Dropper.Win32.Agent.aqpn Runtime Detection (backdoor.rules)
 * 1:19782 <-> DISABLED <-> BACKDOOR Trojan.Win32.AVKill.bc contact to server attempt (backdoor.rules)
 * 1:19786 <-> DISABLED <-> SPYWARE-PUT FakeAV Personal Antivirus outbound connection (spyware-put.rules)
 * 1:19788 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.VB.pnc Runtime Detection (backdoor.rules)
 * 1:19793 <-> DISABLED <-> BACKDOOR Trojan Downloader Win32.SillyFDC-DS outbound connection (backdoor.rules)
 * 1:19795 <-> DISABLED <-> BACKDOOR Trojan FakeAV NoAdware outbound connection (backdoor.rules)
 * 1:19798 <-> DISABLED <-> BACKDOOR Trojan Win32.Agent2.kxu outbound connection (backdoor.rules)
 * 1:19799 <-> DISABLED <-> BACKDOOR PWS.Win32.Zbot.gen.Q Runtime Detection (backdoor.rules)
 * 1:19800 <-> DISABLED <-> BACKDOOR Trojan-Downloader.Win32.Pher.ij Runtime Detection (backdoor.rules)
 * 1:19802 <-> DISABLED <-> BACKDOOR TrojanDownloader.Win32.Wixud.B contact to server attempt (backdoor.rules)
 * 1:19803 <-> DISABLED <-> BACKDOOR TrojanDownloader.Win32.Renos.FH contact to server attempt (backdoor.rules)
 * 1:19804 <-> DISABLED <-> BACKDOOR Trojan.Win32.VB.ktq contact to server attempt (backdoor.rules)
 * 1:19805 <-> DISABLED <-> BACKDOOR Trojan.Win32.Smser.cx Runtime Detection (backdoor.rules)
 * 1:19819 <-> DISABLED <-> BACKDOOR Trojan.Win32.Ertfor.A runtime detection (backdoor.rules)
 * 1:19820 <-> DISABLED <-> BACKDOOR Trojan.Win32.Ertfor.A runtime detection (backdoor.rules)
 * 1:19821 <-> DISABLED <-> SPYWARE-PUT Worm.Win32.Bagle.gen.C runtime detection (spyware-put.rules)
 * 1:19822 <-> DISABLED <-> BACKDOOR Trojan.Win32.Banload.HH runtime detection (backdoor.rules)
 * 1:19823 <-> DISABLED <-> SPYWARE-PUT Downloader.Banload.AKBB runtime detection (spyware-put.rules)
 * 1:19827 <-> DISABLED <-> SPYWARE-PUT PWS-QQGame runtime detection (spyware-put.rules)
 * 1:19828 <-> DISABLED <-> BACKDOOR Win32.SpyAgent.B runtime detection (backdoor.rules)
 * 1:19842 <-> DISABLED <-> SPYWARE-PUT Windows Antivirus 2008 (spyware-put.rules)
 * 1:19843 <-> DISABLED <-> SPYWARE-PUT Windows Antivirus 2008 (spyware-put.rules)
 * 1:19852 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.Delf.tbv outbound connection (backdoor.rules)
 * 1:19853 <-> DISABLED <-> SPYWARE-PUT Wowpa KI outbound connection (spyware-put.rules)
 * 1:19854 <-> DISABLED <-> BACKDOOR W32.Sality.AM runtime detection (backdoor.rules)
 * 1:19855 <-> DISABLED <-> BACKDOOR W32.Sality.AM runtime detection (backdoor.rules)
 * 1:19856 <-> DISABLED <-> BACKDOOR Packed.Win32.Krap.i outbound connection (backdoor.rules)
 * 1:19859 <-> DISABLED <-> SPYWARE-PUT XP Deluxe Protector outbound connection (spyware-put.rules)
 * 1:19860 <-> DISABLED <-> SPYWARE-PUT Trust Warrior Runtime Detection (spyware-put.rules)
 * 1:19861 <-> DISABLED <-> BACKDOOR Trojan-Downloader.Win32.Agent.cqcv contact to server attempt (backdoor.rules)
 * 1:19862 <-> DISABLED <-> BACKDOOR Trojan.Win32.Scar.iej contact to server attempt (backdoor.rules)
 * 1:19863 <-> DISABLED <-> BACKDOOR Win32.Httpbot.yi Runtime Detection (backdoor.rules)
 * 1:19868 <-> DISABLED <-> INDICATOR-OBFUSCATION hidden 1x1 div tag - potential malware obfuscation (indicator-obfuscation.rules)
 * 1:19893 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (web-activex.rules)
 * 1:19896 <-> DISABLED <-> SPYWARE-PUT Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (spyware-put.rules)
 * 1:19898 <-> DISABLED <-> BACKDOOR Cinmus Variant outbound connection (backdoor.rules)
 * 1:19903 <-> DISABLED <-> SPYWARE-PUT Win32.Agent.vvm runtime detection (spyware-put.rules)
 * 1:19904 <-> DISABLED <-> SPYWARE-PUT WinReanimator runtime detection (spyware-put.rules)
 * 1:19905 <-> DISABLED <-> BACKDOOR Trojan-Downloader.Win32.Small.jog runtime detection (backdoor.rules)
 * 1:19906 <-> DISABLED <-> PUA-TOOLBARS 6SQ Toolbar runtime detection (pua-toolbars.rules)
 * 1:19909 <-> DISABLED <-> SPECIFIC-THREATS Cisco AnyConnect ActiveX clsid access (specific-threats.rules)
 * 1:19917 <-> DISABLED <-> BACKDOOR Win32.Sogu.A outbound connection (backdoor.rules)
 * 1:19931 <-> DISABLED <-> BACKDOOR Trojan.Lineage.Gen.Pac.3 outbound connection (backdoor.rules)
 * 1:19933 <-> DISABLED <-> WEB-MISC DirBuster brute forcing tool detected (web-misc.rules)
 * 1:19934 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string MYURL (blacklist.rules)
 * 1:19940 <-> DISABLED <-> BACKDOOR Trojan-Dropper.IRC.TKB outbound connection - dir4you (backdoor.rules)
 * 1:19941 <-> DISABLED <-> BACKDOOR TrojanSpy Win32.Zbot.Gen outbound connection (backdoor.rules)
 * 1:19942 <-> DISABLED <-> BACKDOOR TrojanSpy Win32.Zbot.Gen outbound connection (backdoor.rules)
 * 1:19948 <-> DISABLED <-> BACKDOOR Trojan Win32.Agent.asjk outbound connection (backdoor.rules)
 * 1:19953 <-> DISABLED <-> BACKDOOR Biodox outbound connection (backdoor.rules)
 * 1:19958 <-> DISABLED <-> BACKDOOR Trojan Win32.Agent.aulk outbound connection (backdoor.rules)
 * 1:19959 <-> DISABLED <-> BACKDOOR Trojan Win32.Agent.aulk outbound connection (backdoor.rules)
 * 1:19960 <-> DISABLED <-> BACKDOOR Trojan Win32.Agent.aulk outbound connection (backdoor.rules)
 * 1:19961 <-> DISABLED <-> BACKDOOR Fouad 1.0 outbound connection (backdoor.rules)
 * 1:19963 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.Banload.aajs outbound connection (backdoor.rules)
 * 1:19964 <-> DISABLED <-> BACKDOOR Virus Win32.Sality.aa outbound connection (backdoor.rules)
 * 1:19965 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.Agent.avzz outbound connection (backdoor.rules)
 * 1:19968 <-> DISABLED <-> BACKDOOR Trojan.PSW.Win32.QQPass.amx runtime detection (backdoor.rules)
 * 1:19969 <-> DISABLED <-> BACKDOOR Trojan.Crypt.CY runtime detection (backdoor.rules)
 * 1:19970 <-> DISABLED <-> BACKDOOR W32.Smalltroj.MHYR runtime detection (backdoor.rules)
 * 1:19971 <-> DISABLED <-> SPYWARE-PUT Win32.Mudrop.lj runtime detection (spyware-put.rules)
 * 1:19974 <-> DISABLED <-> BACKDOOR Trojan.Win32.Small.bwj runtime detection (backdoor.rules)
 * 1:19975 <-> DISABLED <-> BACKDOOR Trojan.Win32.Crypt.vb runtime detection (backdoor.rules)
 * 1:19976 <-> DISABLED <-> SPYWARE-PUT Worm.Win32.Koobface.hy runtime detection (spyware-put.rules)
 * 1:19977 <-> DISABLED <-> BACKDOOR Trojan.LooksLike.Zaplot runtime detection (backdoor.rules)
 * 1:19978 <-> DISABLED <-> BACKDOOR Viking.JB Worm runtime traffic detected (backdoor.rules)
 * 1:19982 <-> DISABLED <-> BACKDOOR Win32.Agent.wwe outbound connection (backdoor.rules)
 * 1:19983 <-> DISABLED <-> BACKDOOR Win32.Kolabc.fic outbound connection (backdoor.rules)
 * 1:19985 <-> DISABLED <-> SPYWARE-PUT AntivirusPC2009 runtime traffic detected (spyware-put.rules)
 * 1:19986 <-> DISABLED <-> SPYWARE-PUT AntivirusPC2009 install-time traffic detected (spyware-put.rules)
 * 1:19987 <-> DISABLED <-> SPYWARE-PUT PCLiveGuard install-time traffic detected (spyware-put.rules)
 * 1:19989 <-> DISABLED <-> SPYWARE-PUT Total Protect 2009 outbound connection (spyware-put.rules)
 * 1:19990 <-> DISABLED <-> SPYWARE-PUT Total Protect 2009 outbound connection (spyware-put.rules)
 * 1:19991 <-> DISABLED <-> BACKDOOR Trojan.Win32.Zbot.PG runtime traffic detected (backdoor.rules)
 * 1:19992 <-> DISABLED <-> BACKDOOR Trojan-Dropper.Win32.Farfli.A runtime traffic detected (backdoor.rules)
 * 1:19999 <-> DISABLED <-> SPYWARE-PUT ThreatNuker outbound connection (spyware-put.rules)
 * 1:20003 <-> DISABLED <-> BACKDOOR Trojan Spy Pilonoc runtime traffic detected (backdoor.rules)
 * 1:20004 <-> DISABLED <-> BACKDOOR Trojan Spy Pilonoc install-time traffic detected (backdoor.rules)
 * 1:20005 <-> DISABLED <-> BACKDOOR Win32 Lecna.cr runtime traffic detected (backdoor.rules)
 * 1:20007 <-> DISABLED <-> SPYWARE-PUT Cinmus.asaq runtime traffic detected (spyware-put.rules)
 * 1:20009 <-> ENABLED <-> BLACKLIST User-Agent known malicious User-Agent string Baby Remote - Win32/Babmote.A (blacklist.rules)
 * 1:20011 <-> ENABLED <-> BOTNET-CNC Briewots.A runtime traffic detected (botnet-cnc.rules)
 * 1:20012 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string feranet/0.4 - Win32/Ferabsa.A (blacklist.rules)
 * 1:20018 <-> DISABLED <-> BACKDOOR W32.Autorun.worm.dq outbound connection (backdoor.rules)
 * 1:20019 <-> DISABLED <-> BACKDOOR W32.Autorun.worm.dq outbound connection (backdoor.rules)
 * 1:20021 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string Brontok (blacklist.rules)
 * 1:20023 <-> DISABLED <-> BACKDOOR Advanced Virus Remover outbound connection (backdoor.rules)
 * 1:20025 <-> DISABLED <-> SPYWARE-PUT VirusBye outbound connection (spyware-put.rules)
 * 1:20026 <-> DISABLED <-> BACKDOOR Trojan Downloader.Win32.Banker.abg.b outbound connection (backdoor.rules)
 * 1:20028 <-> DISABLED <-> BACKDOOR Windows Antivirus Pro outbound connection (backdoor.rules)
 * 1:20036 <-> DISABLED <-> BACKDOOR Trojan Win32 Agent.ndau runtime traffic detected (backdoor.rules)
 * 1:20037 <-> DISABLED <-> BACKDOOR Trojan Agent.cve runtime traffic detected (backdoor.rules)
 * 1:20041 <-> DISABLED <-> SPYWARE-PUT Adware.BB outbound connection (spyware-put.rules)
 * 1:20057 <-> DISABLED <-> BOTNET-CNC BitCoin Miner IP query (botnet-cnc.rules)
 * 1:20067 <-> DISABLED <-> BOTNET-CNC Trojan Win32 Zatvex.A runtime traffic detected (botnet-cnc.rules)
 * 1:20068 <-> DISABLED <-> BOTNET-CNC Trojan Jetilms.A runtime activity detected (botnet-cnc.rules)
 * 1:20069 <-> DISABLED <-> BOTNET-CNC Trojan VB.alhq runtime traffic detected (botnet-cnc.rules)
 * 1:20071 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (web-activex.rules)
 * 1:20076 <-> DISABLED <-> BACKDOOR Win32.Agobot.ast outbound connection (backdoor.rules)
 * 1:20077 <-> DISABLED <-> BACKDOOR Win32.Agobot.ast outbound connection (backdoor.rules)
 * 1:20078 <-> DISABLED <-> BACKDOOR Win32.Russkill.C outbound connection (backdoor.rules)
 * 1:20083 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Fucobha.A outbound connection (botnet-cnc.rules)
 * 1:20096 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Agent.dcir outbound connection (botnet-cnc.rules)
 * 1:20097 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Agent.dcir infected host at destination ip (botnet-cnc.rules)
 * 1:20100 <-> DISABLED <-> SPYWARE-PUT Adware Arcade Web - installation/update (spyware-put.rules)
 * 1:20108 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Banker.Pher outbound connection (botnet-cnc.rules)
 * 1:20116 <-> DISABLED <-> EXPLOIT Microsoft Office SharePoint Javascript XSS attempt (exploit.rules)
 * 1:20137 <-> DISABLED <-> WEB-CLIENT Possible generic javascript heap spray attempt (web-client.rules)
 * 1:20160 <-> DISABLED <-> WEB-MISC Oracle GlassFish Server successful authentication bypass attempt (web-misc.rules)
 * 1:20175 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Remote Desktop Client ActiveX clsid access (web-activex.rules)
 * 1:20177 <-> ENABLED <-> WEB-MISC HP OpenView NNM ovlogin.exe CGI Host parameter buffer overflow attempt (web-misc.rules)
 * 1:20179 <-> ENABLED <-> WEB-MISC HP OpenView NNM ovlogin.exe CGI userid parameter buffer overflow attempt (web-misc.rules)
 * 1:20180 <-> ENABLED <-> WEB-MISC HP OpenView NNM ovlogin.exe CGI passwd parameter buffer overflow attempt (web-misc.rules)
 * 1:20219 <-> DISABLED <-> BACKDOOR Win32.ToriaSpy.A outbound connection (backdoor.rules)
 * 1:20222 <-> DISABLED <-> BACKDOOR Trojan.Win32.Payazol.B outbound connection (backdoor.rules)
 * 1:20235 <-> DISABLED <-> BACKDOOR Win32.AdobeReader.Uz runtime traffic detected (backdoor.rules)
 * 1:20240 <-> ENABLED <-> WEB-MISC HP OpenView NNM nnmRptConfig.exe CGI Host parameter buffer overflow attempt (web-misc.rules)
 * 1:20241 <-> ENABLED <-> WEB-MISC HP OpenView NNM snmp.exe CGI Host parameter buffer overflow attempt (web-misc.rules)
 * 1:20257 <-> DISABLED <-> WEB-MISC Microsoft ForeFront UAG ExcelTable.asp XSS attempt (web-misc.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20263 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer htmlfile null attribute access (web-client.rules)
 * 1:20264 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer selection option and form reset attack (specific-threats.rules)
 * 1:20265 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer null attribute crash (specific-threats.rules)
 * 1:20266 <-> DISABLED <-> WEB-MISC Microsoft Internet Explorer 8 Javascript negative option index attack attempt (web-misc.rules)
 * 1:20277 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (web-client.rules)
 * 1:20278 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (web-client.rules)
 * 1:20279 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (web-client.rules)
 * 1:20289 <-> DISABLED <-> BACKDOOR Win32.Doschald.A outbound connection (backdoor.rules)
 * 1:20435 <-> DISABLED <-> BACKDOOR TrojanSpy Win32.Zbot.Svr runtime traffic detected (backdoor.rules)
 * 1:20587 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Larchik.A backdoor phishing attempt (botnet-cnc.rules)
 * 1:20588 <-> ENABLED <-> FILE-IDENTIFY CDR file download request (file-identify.rules)
 * 1:20595 <-> DISABLED <-> BOTNET-CNC Win32.Ixeshe.F backdoor access attempt (botnet-cnc.rules)
 * 1:20596 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20597 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20598 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20599 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20614 <-> DISABLED <-> EXPLOIT Axigen POP3 server remote format string exploit (exploit.rules)
 * 1:20615 <-> DISABLED <-> WEB-PHP Wordcircle SQL injection attempt (web-php.rules)
 * 1:20617 <-> DISABLED <-> EXPLOIT Sage SalesLogix admin authentication bypass attempt (exploit.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20623 <-> DISABLED <-> WEB-PHP Venom Board SQL injection attempt  (web-php.rules)
 * 1:20624 <-> DISABLED <-> WEB-PHP Venom Board SQL injection attempt (web-php.rules)
 * 1:20625 <-> DISABLED <-> WEB-PHP Venom Board SQL injection attempt (web-php.rules)
 * 1:20629 <-> DISABLED <-> WEB-PHP geoBlog SQL injection in viewcat.php cat parameter attempt (web-php.rules)
 * 1:20631 <-> DISABLED <-> WEB-PHP Akarru remote file include in main_content.php bm_content (web-php.rules)
 * 1:20632 <-> DISABLED <-> WEB-PHP AnnoncesV remote file include in annonce.php page (web-php.rules)
 * 1:20633 <-> DISABLED <-> WEB-PHP Boite de News remote file include in inc.php url_index (web-php.rules)
 * 1:20640 <-> DISABLED <-> WEB-PHP VEGO Web Forum SQL injection in login.php username attempt (web-php.rules)
 * 1:20641 <-> DISABLED <-> WEB-PHP TheWebForum SQL injection in login.php username attempt (web-php.rules)
 * 1:20642 <-> DISABLED <-> WEB-PHP TankLogger SQL injection in showInfo.php livestock_id attempt (web-php.rules)
 * 1:20643 <-> DISABLED <-> WEB-PHP ScozBook SQL injection in auth.php adminname attempt (web-php.rules)
 * 1:20644 <-> DISABLED <-> WEB-PHP Lizard Cart CMS SQL injection in detail.php id attempt (web-php.rules)
 * 1:20645 <-> DISABLED <-> WEB-PHP Lizard Cart CMS SQL injection in pages.php id attempt (web-php.rules)
 * 1:20646 <-> DISABLED <-> WEB-PHP Benders Calendar SQL injection in index.php this_day attempt (web-php.rules)
 * 1:20647 <-> DISABLED <-> WEB-PHP inTouch SQL injection in index.php user attempt (web-php.rules)
 * 1:20648 <-> DISABLED <-> WEB-PHP Bit 5 Blog SQL injection in processlogin.php username via (web-php.rules)
 * 1:20649 <-> DISABLED <-> WEB-PHP ADNForum SQL injection in index.php fid attempt (web-php.rules)
 * 1:20650 <-> DISABLED <-> WEB-PHP MyNewsGroups remote file include in layersmenu.inc.php myng_root (web-php.rules)
 * 1:20651 <-> DISABLED <-> WEB-PHP Modernbill remote file include in config.php DIR (web-php.rules)
 * 1:20652 <-> DISABLED <-> WEB-PHP ME Download System remote file include in header.php Vb8878b936c2bd8ae0cab (web-php.rules)
 * 1:20654 <-> DISABLED <-> WEB-PHP GrapAgenda remote file include in index.php page (web-php.rules)
 * 1:20656 <-> DISABLED <-> WEB-PHP GestArtremote file include in aide.php3 aide (web-php.rules)
 * 1:20657 <-> DISABLED <-> WEB-PHP Free File Hosting remote file include in forgot_pass.php ad_body_temp (web-php.rules)
 * 1:20658 <-> DISABLED <-> POLICY-OTHER HP Printer firmware update attempt (policy-other.rules)
 * 1:20663 <-> DISABLED <-> WEB-PHP Comet WebFileManager remote file include in CheckUpload.php Language (web-php.rules)
 * 1:20666 <-> DISABLED <-> EXPLOIT Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (exploit.rules)
 * 1:20667 <-> DISABLED <-> EXPLOIT Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (exploit.rules)
 * 1:20678 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Genome.aior contact to cnc-server attempt (botnet-cnc.rules)
 * 1:20680 <-> DISABLED <-> WEB-PHP Flashchat remote file include in aedating4CMS.php (web-php.rules)
 * 1:20681 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Agent.NMS connect to cnc-server attempt (botnet-cnc.rules)
 * 1:20682 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Agent.NMS connect to cnc-server attempt (botnet-cnc.rules)
 * 1:20683 <-> DISABLED <-> BOTNET-CNC Cleanvaccine connect to cnc-server attempt (botnet-cnc.rules)
 * 1:20684 <-> DISABLED <-> BOTNET-CNC Cleanvaccine connect to cnc-server attempt (botnet-cnc.rules)
 * 1:20696 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Ransom.CK connect to cnc server attempt (botnet-cnc.rules)
 * 1:20705 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (web-activex.rules)
 * 1:20706 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (web-activex.rules)
 * 1:20731 <-> DISABLED <-> WEB-PHP TSEP remote file include in colorswitch.php tsep_config[absPath] (web-php.rules)
 * 1:20732 <-> DISABLED <-> WEB-PHP Sabdrimer remote file include in advanced1.php pluginpath[0] (web-php.rules)
 * 1:20815 <-> DISABLED <-> WEB-PHP Vmist Downstat remote file include in chart.php art (web-php.rules)
 * 1:20816 <-> DISABLED <-> WEB-PHP Vmist Downstat remote file include in admin.php art (web-php.rules)
 * 1:20817 <-> DISABLED <-> WEB-PHP Vmist Downstat remote file include in modes.php art (web-php.rules)
 * 1:20818 <-> DISABLED <-> WEB-PHP Vmist Downstat remote file include in stats.php art (web-php.rules)
 * 1:20822 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer contenteditable corruption attempt malicious string (specific-threats.rules)
 * 1:20830 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Banbra.amdu outbound connection (botnet-cnc.rules)
 * 1:20831 <-> DISABLED <-> SPECIFIC-THREATS Java Applet Rhino script engine remote code execution attempt (specific-threats.rules)
 * 1:20844 <-> DISABLED <-> BOTNET-CNC Win32.Banker.smxy runtime traffic detected (botnet-cnc.rules)
 * 1:20845 <-> DISABLED <-> WEB-MISC HP Network Node Manager cross site scripting attempt (web-misc.rules)
 * 1:20862 <-> DISABLED <-> WEB-MISC Jive Software Openfire logviewer.jsp XSS attempt (web-misc.rules)
 * 1:20863 <-> DISABLED <-> WEB-MISC Jive Software Openfire log.jsp XSS attempt (web-misc.rules)
 * 1:20864 <-> DISABLED <-> WEB-MISC Jive Software Openfire group-summary.jsp XSS attempt (web-misc.rules)
 * 1:20865 <-> DISABLED <-> WEB-MISC Jive Software Openfire user-properties.jsp XSS attempt (web-misc.rules)
 * 1:20866 <-> DISABLED <-> WEB-MISC Jive Software Openfire audit-policy.jsp XSS attempt (web-misc.rules)
 * 1:20867 <-> DISABLED <-> WEB-MISC Jive Software Openfire server-properties.jsp XSS attempt (web-misc.rules)
 * 1:20868 <-> DISABLED <-> WEB-MISC Jive Software Openfire muc-room-edit-form.jsp XSS attempt (web-misc.rules)
 * 1:20871 <-> DISABLED <-> WEB-MISC Worldweaver DX Studio Player shell.execute command execution attempt (web-misc.rules)
 * 1:20892 <-> DISABLED <-> BOTNET-CNC Worm.Win32.Skopvel.A runtime traffic detected (botnet-cnc.rules)
 * 1:20901 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (specific-threats.rules)
 * 1:20998 <-> ENABLED <-> FILE-PDF Adobe Reader javascript submitform memory corruption attempt (file-pdf.rules)
 * 1:21000 <-> DISABLED <-> SCADA Microsys PROMOTIC ActiveX clsid access (scada.rules)
 * 1:21001 <-> DISABLED <-> SCADA Microsys PROMOTIC ActiveX function call access (scada.rules)
 * 1:21051 <-> DISABLED <-> WEB-MISC Apple OSX software update command execution attempt (web-misc.rules)
 * 1:21080 <-> DISABLED <-> WEB-CLIENT RDS.Dataspace ActiveX object code execution attempt (web-client.rules)
 * 1:21081 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer RDS.Dataspace ActiveX object code execution attempt (web-activex.rules)
 * 1:21125 <-> DISABLED <-> BOTNET-CNC Win32.Alureon.DG runtime traffic detected (botnet-cnc.rules)
 * 1:21142 <-> DISABLED <-> BOTNET-CNC Win32.Zbot.PKJ runtime traffic detected (botnet-cnc.rules)
 * 1:21143 <-> DISABLED <-> BOTNET-CNC Win32.Zbot.PKJ runtime traffic detected (botnet-cnc.rules)
 * 1:21144 <-> DISABLED <-> BOTNET-CNC Win32.Zbot.PKJ runtime traffic detected (botnet-cnc.rules)
 * 1:21151 <-> DISABLED <-> BOTNET-CNC Win32.Stegae.A runtime traffic detected (botnet-cnc.rules)
 * 1:21155 <-> DISABLED <-> WEB-CLIENT Mozilla products floating point buffer overflow attempt (web-client.rules)
 * 1:21161 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS5 NTLM and basic authentication bypass attempt (web-iis.rules)
 * 1:21162 <-> DISABLED <-> FILE-PDF Adobe Acrobat file extension overflow attempt (file-pdf.rules)
 * 1:21181 <-> DISABLED <-> BACKDOOR Win32.Agent.czgu outbound connection (backdoor.rules)
 * 1:21188 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string API Guide test program (blacklist.rules)
 * 1:21192 <-> DISABLED <-> BOTNET-CNC Trojan Win32.Syswrt.dvd outbound connection (botnet-cnc.rules)
 * 1:21203 <-> DISABLED <-> BOTNET-CNC Virus Win32.Induc.B outbound connection (botnet-cnc.rules)
 * 1:21204 <-> DISABLED <-> BOTNET-CNC Virus Win32.Induc.B outbound connection (botnet-cnc.rules)
 * 1:21205 <-> DISABLED <-> BOTNET-CNC Virus Win32.Induc.B outbound connection (botnet-cnc.rules)
 * 1:21206 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string Aldi Bot (blacklist.rules)
 * 1:21209 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Enviserv.A outbound connection (botnet-cnc.rules)
 * 1:21246 <-> DISABLED <-> BLACKLIST User-Agent known malicious user-agent string DataCha0s (blacklist.rules)
 * 1:21247 <-> DISABLED <-> WEB-CLIENT IBM Lotusnotes s_viewname buffer overflow attempt (web-client.rules)
 * 1:21256 <-> ENABLED <-> BLACKLIST known malicious FTP quit banner - Goodbye happy r00ting (blacklist.rules)
 * 1:21273 <-> DISABLED <-> BOTNET-CNC Tusha.cv runtime traffic detected (botnet-cnc.rules)
 * 1:21274 <-> DISABLED <-> BOTNET-CNC Tusha.cv runtime traffic detected (botnet-cnc.rules)
 * 1:21275 <-> DISABLED <-> BACKDOOR Hupigon.hddn runtime traffic detected (backdoor.rules)
 * 1:21276 <-> DISABLED <-> BACKDOOR Hupigon.hddn install time traffic detected (backdoor.rules)
 * 1:21277 <-> DISABLED <-> BACKDOOR Win32.Shexie.A runtime traffic detected (backdoor.rules)
 * 1:21278 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string Google Bot (blacklist.rules)
 * 1:21279 <-> DISABLED <-> BACKDOOR Win.32.Kbot.s runtime traffic detected (backdoor.rules)
 * 1:21294 <-> DISABLED <-> BACKDOOR Win32.Bancodor.be runtime traffic detected (backdoor.rules)
 * 1:21327 <-> ENABLED <-> BLACKLIST User-Agent ASafaWeb Scan (blacklist.rules)
 * 1:21358 <-> DISABLED <-> WEB-MISC iPlanet Webserver command injection attempt (web-misc.rules)
 * 1:21362 <-> DISABLED <-> BACKDOOR Trojan Win32.TDSS.aa runtime traffic detected (backdoor.rules)
 * 1:21364 <-> DISABLED <-> BACKDOOR DOQ.gen.y RUNTIME traffic detected (backdoor.rules)
 * 1:21367 <-> DISABLED <-> BACKDOOR Win32 VB.abcl runtime traffic detected (backdoor.rules)
 * 1:21368 <-> DISABLED <-> BOTNET-CNC Win32.Wallop.de runtime traffic detected (botnet-cnc.rules)
 * 1:21369 <-> DISABLED <-> BOTNET-CNC Win32.Wallop.de runtime traffic detected (botnet-cnc.rules)
 * 1:21372 <-> DISABLED <-> BACKDOOR Malware Defense runtime traffic detected (backdoor.rules)
 * 1:21373 <-> DISABLED <-> BACKDOOR Malware Defense runtime traffic detected (backdoor.rules)
 * 1:21374 <-> DISABLED <-> BACKDOOR Win32.Bifrose.EF runtime traffic detected (backdoor.rules)
 * 1:21378 <-> DISABLED <-> EXPLOIT Novell iPrint attributes-natural-language buffer overflow attempt (exploit.rules)
 * 1:21379 <-> DISABLED <-> BOTNET-CNC Win32.Genome.Amqj runtime traffic detected (botnet-cnc.rules)
 * 1:21381 <-> DISABLED <-> BOTNET-CNC Win32.Dialer.ngb runtime traffic detected (botnet-cnc.rules)
 * 1:21382 <-> DISABLED <-> BOTNET-CNC Win32.Nuqel.Q host setting3.yeahost.com runtime traffic detected (botnet-cnc.rules)
 * 1:21383 <-> DISABLED <-> BOTNET-CNC Win32.Nuqel.Q host 9999mb.com runtime traffic detected (botnet-cnc.rules)
 * 1:21384 <-> DISABLED <-> BOTNET-CNC Win32.Nuqel.Q host freewebs.com runtime traffic detected (botnet-cnc.rules)
 * 1:21386 <-> DISABLED <-> BOTNET-CNC Win32.Wadolin.A runtime traffic detected (botnet-cnc.rules)
 * 1:21391 <-> DISABLED <-> BOTNET-CNC Win32.Agent.dcac runtime traffic detected (botnet-cnc.rules)
 * 1:21395 <-> DISABLED <-> ORACLE 10g iSQLPlus service heap overflow attempt (oracle.rules)
 * 1:21396 <-> DISABLED <-> ORACLE 10g iSQLPlus service heap overflow attempt (oracle.rules)
 * 1:21417 <-> ENABLED <-> FILE-PDF hostile PDF associated with Laik exploit kit (file-pdf.rules)
 * 1:21429 <-> ENABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:21446 <-> DISABLED <-> POLICY ActiveX FileSystemObject clsid access (policy.rules)
 * 1:21449 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Obitel install attempt (botnet-cnc.rules)
 * 1:21452 <-> DISABLED <-> BOTNET-CNC Trojan.Win32.Agent.djvk connect to server attempt (botnet-cnc.rules)
 * 1:21453 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:21455 <-> ENABLED <-> BLACKLIST User-Agent known malicious user-agent string psi (blacklist.rules)
 * 1:21493 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows DRM technology msnetobj.dll ActiveX clsid access (web-activex.rules)
 * 1:21501 <-> DISABLED <-> WEB-CLIENT JavaScript file upload keystroke hijack attempt (web-client.rules)
 * 1:21556 <-> DISABLED <-> POLICY-OTHER Microsoft Windows 98 User-Agent string (policy-other.rules)
 * 1:21577 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - charcode (indicator-obfuscation.rules)
 * 1:21578 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - eval (indicator-obfuscation.rules)
 * 1:21579 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (indicator-obfuscation.rules)
 * 1:21583 <-> ENABLED <-> FILE-PDF Possible malicious pdf detection - qwe123 (file-pdf.rules)
 * 1:21594 <-> DISABLED <-> WEB-MISC Gravity GTD objectname parameter injection attempt (web-misc.rules)
 * 1:21778 <-> DISABLED <-> SQL parameter ending in comment characters - possible sql injection attempt - POST (sql.rules)
 * 1:21779 <-> DISABLED <-> SQL parameter ending in encoded comment characters - possible sql injection attempt - POST (sql.rules)
 * 1:21780 <-> DISABLED <-> SPECIFIC-THREATS encoded waitfor delay function in POST - possible sql injection attempt (specific-threats.rules)
 * 1:21781 <-> DISABLED <-> SPECIFIC-THREATS encoded union select function in POST - possible sql injection attempt (specific-threats.rules)
 * 1:21782 <-> DISABLED <-> SPECIFIC-THREATS script tag in POST parameters - likely cross-site scripting (specific-threats.rules)
 * 1:21783 <-> DISABLED <-> SPECIFIC-THREATS encoded script tag in POST parameters - likely cross-site scripting (specific-threats.rules)
 * 1:21784 <-> DISABLED <-> SPECIFIC-THREATS encoded script tag in POST parameters - likely cross-site scripting (specific-threats.rules)
 * 1:21785 <-> DISABLED <-> SPECIFIC-THREATS javascript escape function in POST parameters - likely javascript injection (specific-threats.rules)
 * 1:21786 <-> DISABLED <-> SPECIFIC-THREATS encoded javascript escape function in POST parameters - likely javascript injection (specific-threats.rules)
 * 1:21787 <-> DISABLED <-> SPECIFIC-THREATS encoded javascript escape function in POST parameters - likely javascript injection (specific-threats.rules)
 * 1:21788 <-> DISABLED <-> SPECIFIC-THREATS or kic = kic - known SQL injection routine (specific-threats.rules)
 * 1:21789 <-> DISABLED <-> SPECIFIC-THREATS or kic = kic - known SQL injection routine (specific-threats.rules)
 * 1:21792 <-> DISABLED <-> FILE-OTHER Microsoft Windows .NET invalid parsing of graphics data attempt (file-other.rules)
 * 1:21793 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (web-client.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21923 <-> DISABLED <-> WEB-CLIENT Apache Tomcat PUT request remote file deployment attempt (web-client.rules)
 * 1:21926 <-> ENABLED <-> WEB-PHP JCE Joomla module vulnerable directory traversal or malicious file upload attempt (web-php.rules)
 * 1:21950 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MSWebDVD ActiveX clsid access attempt (web-activex.rules)
 * 1:21951 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MSWebDVD ActiveX function call attempt (web-activex.rules)
 * 1:21976 <-> DISABLED <-> BOTNET-CNC Trojan-Downloader.Win32.Lapurd.D runtime detection (botnet-cnc.rules)
 * 1:22013 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file download request (file-identify.rules)
 * 1:22016 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file magic detected (file-identify.rules)
 * 1:22017 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file download request (file-identify.rules)
 * 1:22020 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file magic detected (file-identify.rules)
 * 1:22021 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file download request (file-identify.rules)
 * 1:22024 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file magic detected (file-identify.rules)
 * 1:22025 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file download request (file-identify.rules)
 * 1:22028 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (file-identify.rules)
 * 1:22042 <-> DISABLED <-> FILE-OTHER Microsoft Windows .NET invalid parsing of graphics data attempt (file-other.rules)
 * 1:22043 <-> ENABLED <-> FILE-IDENTIFY XM file download request (file-identify.rules)
 * 1:22046 <-> ENABLED <-> FILE-IDENTIFY XM file magic detected (file-identify.rules)
 * 1:22063 <-> ENABLED <-> WEB-PHP PHP-CGI remote file include attempt (web-php.rules)
 * 1:22075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (file-office.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:23017 <-> DISABLED <-> SPECIFIC-THREATS c99 shell comment (specific-threats.rules)
 * 1:23018 <-> DISABLED <-> INDICATOR-OBFUSCATION eval of base64-encoded data (indicator-obfuscation.rules)
 * 1:23046 <-> DISABLED <-> WEB-MISC Oracle GlassFish Enterprise server cross site scripting attempt (web-misc.rules)
 * 1:23047 <-> DISABLED <-> WEB-MISC Oracle GlassFish Enterprise server cross site scripting attempt (web-misc.rules)
 * 1:23103 <-> ENABLED <-> BOTNET-CNC Trojan.Bublik variant outbound connection attempt (botnet-cnc.rules)
 * 1:23117 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer 9 DOM element use after free attempt (web-client.rules)
 * 1:23121 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer center element dynamic manipulation attempt (web-client.rules)
 * 1:23173 <-> DISABLED <-> BOTNET-CNC Android Zitmo trojan command and control channel traffic (botnet-cnc.rules)
 * 1:23218 <-> ENABLED <-> SPECIFIC-THREATS RedKit Repeated Exploit Request Pattern (specific-threats.rules)
 * 1:23226 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript error suppression routine (indicator-obfuscation.rules)
 * 1:23239 <-> DISABLED <-> WEB-CLIENT Wireshark console.lua file load exploit attempt (web-client.rules)
 * 1:23249 <-> ENABLED <-> FILE-PDF Unknown Exploit Kit PDF Drop - sdfsdfsd (file-pdf.rules)
 * 1:23287 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23289 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23290 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23291 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23293 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23295 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23296 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23298 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23299 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23301 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23302 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23304 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (web-activex.rules)
 * 1:23307 <-> ENABLED <-> BOTNET-CNC Trojan.Dropper connect to server attempt (botnet-cnc.rules)
 * 1:23327 <-> DISABLED <-> FILE-OTHER TAR multiple antivirus evasion attempt (file-other.rules)
 * 1:23401 <-> DISABLED <-> WEB-MISC Oracle GlassFish server REST interface cross site request forgery attempt (web-misc.rules)
 * 1:23442 <-> DISABLED <-> WEB-PHP php-shell remote command injection attempt (web-php.rules)
 * 1:23474 <-> ENABLED <-> FILE-IDENTIFY PLP file download request (file-identify.rules)
 * 1:23486 <-> ENABLED <-> FILE-IDENTIFY JOB file download request (file-identify.rules)
 * 1:23496 <-> ENABLED <-> FILE-IDENTIFY CUR file download request (file-identify.rules)
 * 1:23520 <-> DISABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:23521 <-> ENABLED <-> FILE-PDF Possible unknown malicious PDF (file-pdf.rules)
 * 1:23555 <-> ENABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules)
 * 1:23609 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (web-client.rules)
 * 1:23636 <-> ENABLED <-> INDICATOR-OBFUSCATION JavaScript built-in function parseInt appears obfuscated - likely packer or encoder (indicator-obfuscation.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23769 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio DBP file magic detected (file-identify.rules)
 * 1:23770 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio PKP file magic detected (file-identify.rules)
 * 1:23771 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio SLN file magic detected (file-identify.rules)
 * 1:23772 <-> ENABLED <-> FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (file-identify.rules)
 * 1:23773 <-> ENABLED <-> FILE-IDENTIFY XM file magic detected (file-identify.rules)
 * 1:23789 <-> DISABLED <-> WEB-CLIENT Mozilla Multiple Products table frames memory corruption attempt (web-client.rules)
 * 1:23790 <-> DISABLED <-> WEB-CLIENT Mozilla Multiple Products table frames memory corruption attempt (web-client.rules)
 * 1:23794 <-> DISABLED <-> BOTNET-CNC known command and control traffic (botnet-cnc.rules)
 * 1:23795 <-> ENABLED <-> SPECIFIC-THREATS function urchin - known malware function name (specific-threats.rules)
 * 1:2582 <-> DISABLED <-> WEB-MISC SAP Crystal Reports crystalImageHandler.asp directory traversal attempt (web-misc.rules)
 * 1:3087 <-> DISABLED <-> WEB-IIS w3who.dll buffer overflow attempt (web-iis.rules)
 * 1:3545 <-> DISABLED <-> WEB-MISC TrackerCam ComGetLogFile.php3 log information disclosure (web-misc.rules)
 * 1:3638 <-> DISABLED <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules)
 * 1:3674 <-> DISABLED <-> WEB-CGI db4web_c directory traversal attempt (web-cgi.rules)
 * 1:3693 <-> DISABLED <-> WEB-MISC IBM WebSphere j_security_check overflow attempt (web-misc.rules)
 * 1:3823 <-> DISABLED <-> WEB-MISC RealNetworks RealPlayer realtext file bad version buffer overflow attempt (web-misc.rules)
 * 1:4128 <-> DISABLED <-> WEB-CGI 4DWebstar ShellExample.cgi information disclosure (web-cgi.rules)
 * 1:4147 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer ActiveLabel ActiveX object access (web-activex.rules)
 * 1:4148 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer  DHTML Editing ActiveX clsid access (web-activex.rules)
 * 1:4150 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Outlook View OVCtl ActiveX function call access (web-activex.rules)
 * 1:4153 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Eyedog ActiveX object access (web-activex.rules)
 * 1:4154 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Active Setup ActiveX object access (web-activex.rules)
 * 1:4155 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer htmlfile ActiveX object access (web-activex.rules)
 * 1:4165 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Image Control 1.0 ActiveX object access (web-activex.rules)
 * 1:4169 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Active Setup ActiveX object access (web-activex.rules)
 * 1:4171 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Registration Wizard ActiveX object access (web-activex.rules)
 * 1:4172 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Agent v1.5 ActiveX clsid access (web-activex.rules)
 * 1:4173 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MsnPUpld ActiveX object access (web-activex.rules)
 * 1:4179 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows DirectX Files Viewer ActiveX object access (web-activex.rules)
 * 1:4181 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Smartcard Enrollment ActiveX object access (web-activex.rules)
 * 1:4182 <-> DISABLED <-> WEB-ACTIVEX Microsoft MSN Chat v4.5, 4.6 ActiveX object access (web-activex.rules)
 * 1:4183 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows HTML Help ActiveX object access (web-activex.rules)
 * 1:4184 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Certificate Enrollment ActiveX object access (web-activex.rules)
 * 1:4185 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Terminal Services Advanced Client ActiveX object access (web-activex.rules)
 * 1:4187 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Terminal Services Advanced Client ActiveX object access (web-activex.rules)
 * 1:4188 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer RAV Online Scanner ActiveX object access (web-activex.rules)
 * 1:4189 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Third-Party Plugin ActiveX object access (web-activex.rules)
 * 1:4191 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MsnPUpld ActiveX object access (web-activex.rules)
 * 1:4192 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer HHOpen ActiveX object access (web-activex.rules)
 * 1:4198 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (web-activex.rules)
 * 1:4199 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (web-activex.rules)
 * 1:4200 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Index Server Scope Administration ActiveX object access (web-activex.rules)
 * 1:4201 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Queued Components Recorder ActiveX object access (web-activex.rules)
 * 1:4202 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows DirectAnimation ActiveX object access (web-activex.rules)
 * 1:4203 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Marquee Control ActiveX object access (web-activex.rules)
 * 1:4204 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DT PolyLine Control 2 ActiveX object access (web-activex.rules)
 * 1:4205 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Visual Database Tools Database Designer v7.0 ActiveX object access (web-activex.rules)
 * 1:4206 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer MPEG-4 Video Decompressor Property Page ActiveX object access (web-activex.rules)
 * 1:4207 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Audio Decompressor Control Property Page ActiveX object access (web-activex.rules)
 * 1:4208 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LexRefStEsObject Class ActiveX object access (web-activex.rules)
 * 1:4209 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer LexRefStFrObject Class ActiveX object access (web-activex.rules)
 * 1:4210 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Msb1geen.dll ActiveX object access (web-activex.rules)
 * 1:4211 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DDS Library Shape Control ActiveX object access (web-activex.rules)
 * 1:4212 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer DDS Generic Class ActiveX object access (web-activex.rules)