Sourcefire VRT Rules Update

Date: 2012-09-04

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:24070 <-> DISABLED <-> FILE-OTHER Expat xml UTF-8 buffer over-read attempt (file-other.rules)
 * 1:24082 <-> DISABLED <-> MALWARE-CNC WIN.Trojan.Banbra runtime detection (malware-cnc.rules)
 * 1:24068 <-> DISABLED <-> FILE-OTHER Expat xml UTF-8 bufer over-read attempt (file-other.rules)
 * 1:24063 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24083 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:24073 <-> DISABLED <-> FILE-IDENTIFY GZip file attachment detected (file-identify.rules)
 * 1:24067 <-> DISABLED <-> FILE-OTHER Expat xml UTF-8 buffer over-read attempt (file-other.rules)
 * 1:24072 <-> DISABLED <-> FILE-IDENTIFY GZip file attachment detected (file-identify.rules)
 * 1:24065 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24071 <-> DISABLED <-> FILE-IDENTIFY GZip file download request (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24069 <-> DISABLED <-> FILE-OTHER Expat xml UTF-8 buffer over-read attempt (file-other.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24064 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24077 <-> DISABLED <-> MALWARE-CNC Win32.Upof outbound runtime detection (malware-cnc.rules)
 * 1:24066 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)

Modified Rules:


 * 1:23124 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (browser-ie.rules)
 * 1:23123 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:23122 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 1:23121 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (browser-ie.rules)
 * 1:23118 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer console object use after free attempt (browser-ie.rules)
 * 1:23117 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 DOM element use after free attempt (browser-ie.rules)
 * 1:23116 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (browser-ie.rules)
 * 1:23115 <-> ENABLED <-> MYSQL MySQL/MariaDB client authentication bypass attempt (mysql.rules)
 * 1:23109 <-> ENABLED <-> MALWARE-CNC Trojan.Lolbot variant outbound connection (malware-cnc.rules)
 * 1:23108 <-> ENABLED <-> MALWARE-CNC Trojan.Scar variant outbound connection (malware-cnc.rules)
 * 1:23104 <-> ENABLED <-> MALWARE-CNC Trojan.Scar variant outbound connection (malware-cnc.rules)
 * 1:23103 <-> ENABLED <-> MALWARE-CNC Trojan.Bublik variant outbound connection (malware-cnc.rules)
 * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor static administrator password reset attempt (policy-other.rules)
 * 1:23098 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (file-multimedia.rules)
 * 1:23060 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (browser-ie.rules)
 * 1:23057 <-> ENABLED <-> MALWARE-CNC Flame malware connection - /view.php (malware-cnc.rules)
 * 1:23054 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nSSVGValue memory corruption attempt (browser-firefox.rules)
 * 1:23051 <-> DISABLED <-> MALWARE-CNC Dybalom.A runtime traffic detected (malware-cnc.rules)
 * 1:23017 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell comment (indicator-compromise.rules)
 * 1:23016 <-> ENABLED <-> INDICATOR-COMPROMISE base64-encoded c99shell download (indicator-compromise.rules)
 * 1:23015 <-> DISABLED <-> BROWSER-CHROME Google Chrome and Apple Safari runin handling use after free attempt (browser-chrome.rules)
 * 1:4132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer msdds clsid attempt (browser-ie.rules)
 * 1:3814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javaprxy.dll COM access (browser-ie.rules)
 * 1:3689 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer tRNS overflow attempt (browser-ie.rules)
 * 1:3686 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Content Advisor memory corruption attempt (browser-ie.rules)
 * 1:3685 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset multipacket integer overflow attempt (browser-ie.rules)
 * 1:3683 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer spoofed MIME-Type auto-execution attempt (browser-ie.rules)
 * 1:3553 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM null DHTML element insertion attempt (browser-ie.rules)
 * 1:3550 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML http/https scheme hostname overflow attempt (browser-ie.rules)
 * 1:3534 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - NETSCAPE2.0 (file-image.rules)
 * 1:3519 <-> DISABLED <-> MYSQL MaxDB WebSQL wppassword buffer overflow default port (mysql.rules)
 * 1:3518 <-> DISABLED <-> MYSQL MaxDB WebSQL wppassword buffer overflow (mysql.rules)
 * 1:3462 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Content-Encoding overflow attempt (browser-ie.rules)
 * 1:3149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 5/6 object type overflow attempt (browser-ie.rules)
 * 1:3134 <-> DISABLED <-> FILE-IMAGE Microsoft PNG large colour depth download attempt (file-image.rules)
 * 1:3133 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image height download attempt (file-image.rules)
 * 1:3132 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image width download attempt (file-image.rules)
 * 1:2707 <-> DISABLED <-> FILE-IMAGE JPEG parser multipacket heap overflow (file-image.rules)
 * 1:2673 <-> DISABLED <-> FILE-IMAGE libpng tRNS overflow attempt (file-image.rules)
 * 1:2671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset integer overflow attempt (browser-ie.rules)
 * 1:2440 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist rtsp URL overflow attempt (file-multimedia.rules)
 * 1:2439 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist http URL overflow attempt (file-multimedia.rules)
 * 1:2438 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist file URL overflow attempt (file-multimedia.rules)
 * 1:24062 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Hufysk variant connect to cnc-server attempt (malware-cnc.rules)
 * 1:24059 <-> DISABLED <-> WEB-PHP 5.3.3 mt_rand integer overflow attempt (web-php.rules)
 * 1:24058 <-> ENABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24057 <-> ENABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24056 <-> ENABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24055 <-> ENABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24054 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure (exploit-kit.rules)
 * 1:24053 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure (exploit-kit.rules)
 * 1:24035 <-> DISABLED <-> MALWARE-CNC Downloader.Inject runtime detection - initial connection (malware-cnc.rules)
 * 1:24027 <-> DISABLED <-> WEB-CLIENT Oracle Java privileged protection domain exploitation attempt (web-client.rules)
 * 1:24026 <-> DISABLED <-> WEB-CLIENT Oracle Java privileged protection domain exploitation attempt (web-client.rules)
 * 1:24025 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24024 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24023 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24022 <-> DISABLED <-> FILE-OTHER Oracle Java privileged protection domain exploitation attempt (file-other.rules)
 * 1:24021 <-> DISABLED <-> WEB-CLIENT Oracle Java privileged protection domain exploitation attempt (web-client.rules)
 * 1:24020 <-> DISABLED <-> WEB-CLIENT Oracle Java privileged protection domain exploitation attempt (web-client.rules)
 * 1:24017 <-> ENABLED <-> MALWARE-OTHER Possible malicious redirect - rebots.php (malware-other.rules)
 * 1:24016 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Madon variant outbound connection - initial connection (malware-cnc.rules)
 * 1:24015 <-> ENABLED <-> MALWARE-CNC W32.Trojan.Magania variant connect to cnc-server attempt (malware-cnc.rules)
 * 1:24014 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cbot variant outbound runtime detection - inital contact (malware-cnc.rules)
 * 1:24013 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cbot variant outbound runtime detection - inital contact (malware-cnc.rules)
 * 1:24012 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cbot variant outbound runtime detection - inital contact (malware-cnc.rules)
 * 1:24011 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransomer variant connect to cnc-server (malware-cnc.rules)
 * 1:24010 <-> DISABLED <-> MALWARE-CNC runtime Trojan.Radil outbound connection attempt (malware-cnc.rules)
 * 1:24006 <-> DISABLED <-> FILE-OTHER Microsoft Office MSCOMCTL ActiveX control tabstrip method arbitrary code execution attempt (file-other.rules)
 * 1:23997 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:23996 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:23987 <-> ENABLED <-> MALWARE-CNC Trojan.Kryptik.Kazy runtime detection (malware-cnc.rules)
 * 1:23978 <-> ENABLED <-> MALWARE-CNC Trojan.Dropper connect to server attempt (malware-cnc.rules)
 * 1:23977 <-> DISABLED <-> MALWARE-CNC Trojan.Genome runtime update to cnc-server (malware-cnc.rules)
 * 1:23976 <-> DISABLED <-> MALWARE-CNC Trojan.Genome initial connect to cnc-server (malware-cnc.rules)
 * 1:23973 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Vampols variant connect to cnc-server (malware-cnc.rules)
 * 1:23972 <-> ENABLED <-> MALWARE-CNC Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:23971 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Kabwak variant connect to cnc-server (malware-cnc.rules)
 * 1:23968 <-> ENABLED <-> MALWARE-CNC WIN.Trojan.Crisis outbound connection (malware-cnc.rules)
 * 1:23967 <-> ENABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (file-flash.rules)
 * 1:23963 <-> DISABLED <-> MALWARE-CNC WIN32.Runagry variant outbound connection (malware-cnc.rules)
 * 1:23962 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - fewbgazr catch (exploit-kit.rules)
 * 1:23955 <-> DISABLED <-> MALWARE-CNC Xhuna.A runtime detection - initial contact (malware-cnc.rules)
 * 1:23953 <-> DISABLED <-> MALWARE-CNC Trojan.Comfoo variant connect to cnc-server (malware-cnc.rules)
 * 1:23949 <-> DISABLED <-> MALWARE-CNC W32.Trojan.TKcik variant connect to cnc-server (malware-cnc.rules)
 * 1:23948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sicisono variant connect to cnc-server (malware-cnc.rules)
 * 1:23946 <-> ENABLED <-> MALWARE-CNC Trojan.Backdoor file download (malware-cnc.rules)
 * 1:23945 <-> ENABLED <-> MALWARE-CNC Trojan.Backdoor outbound connection (malware-cnc.rules)
 * 1:23942 <-> ENABLED <-> MALWARE-CNC Win.Trojan.C0D0SO0 variant outbound traffic (malware-cnc.rules)
 * 1:23941 <-> DISABLED <-> MALWARE-CNC OSX.Trojan.Aharm variant connect to cnc-server (malware-cnc.rules)
 * 1:23938 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Ibabyfa.dldr runtime detection (malware-cnc.rules)
 * 1:23936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zakahic variant connect to cnc-server (malware-cnc.rules)
 * 1:23935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zakahic variant connect to cnc-server (malware-cnc.rules)
 * 1:23894 <-> DISABLED <-> WEB-PHP truncated crypt function attempt (web-php.rules)
 * 1:23893 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DistTrack command and control traffic (malware-cnc.rules)
 * 1:23877 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Dtfanri variant connect to cnc-server (malware-cnc.rules)
 * 1:23876 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Scirib variant connect to cnc-server (malware-cnc.rules)
 * 1:23861 <-> DISABLED <-> FILE-IMAGE heapspray characters detected - binary (file-image.rules)
 * 1:23858 <-> DISABLED <-> FILE-IMAGE heapspray characters detected - binary (file-image.rules)
 * 1:23856 <-> ENABLED <-> FILE-FLASH string heapspray flash file - likely attack (file-flash.rules)
 * 1:23855 <-> ENABLED <-> FILE-FLASH string heapspray flash file - likely attack (file-flash.rules)
 * 1:23854 <-> ENABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules)
 * 1:23853 <-> ENABLED <-> FILE-FLASH Adobe Flash OpenType font memory corruption attempt (file-flash.rules)
 * 1:23850 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - hwehes (exploit-kit.rules)
 * 1:23849 <-> ENABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23848 <-> ENABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:23845 <-> DISABLED <-> FILE-OTHER Microsoft Office MSCOMCTL ActiveX control tabstrip method arbitrary code execution attempt (file-other.rules)
 * 1:23844 <-> DISABLED <-> FILE-OTHER Microsoft Office MSCOMCTL ActiveX control tabstrip method arbitrary code execution attempt (file-other.rules)
 * 1:23841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:23840 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (browser-ie.rules)
 * 1:23836 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (browser-ie.rules)
 * 1:23835 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules)
 * 1:23834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (browser-ie.rules)
 * 1:23833 <-> ENABLED <-> MALWARE-OTHER Malvertising redirection campaign - blackmuscat (malware-other.rules)
 * 1:23826 <-> ENABLED <-> MALWARE-CNC FinFisher outbound connection (malware-cnc.rules)
 * 1:23825 <-> ENABLED <-> MALWARE-CNC FinFisher initial outbound connection (malware-cnc.rules)
 * 1:23824 <-> ENABLED <-> MALWARE-CNC Gauss malware check-in (malware-cnc.rules)
 * 1:23798 <-> ENABLED <-> MALWARE-OTHER Malvertising redirection page (malware-other.rules)
 * 1:23797 <-> ENABLED <-> EXPLOIT-KIT Blackhole redirection page (exploit-kit.rules)
 * 1:23795 <-> ENABLED <-> MALWARE-OTHER function urchin - known malware function name (malware-other.rules)
 * 1:23794 <-> DISABLED <-> MALWARE-CNC known command and control traffic (malware-cnc.rules)
 * 1:23788 <-> DISABLED <-> MALWARE-CNC Trojan.Locotout variant connect to cnc-server (malware-cnc.rules)
 * 1:23787 <-> DISABLED <-> MALWARE-CNC Trojan.Locotout variant connect to cnc-server (malware-cnc.rules)
 * 1:23786 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - Math.round catch (exploit-kit.rules)
 * 1:23785 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - Math.floor catch (exploit-kit.rules)
 * 1:23782 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Buzus.kych connect to cnc-server (malware-cnc.rules)
 * 1:23781 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page (exploit-kit.rules)
 * 1:23780 <-> DISABLED <-> MALWARE-CNC Trojan.Begfanit.A outbound communication (malware-cnc.rules)
 * 1:23778 <-> ENABLED <-> MALWARE-CNC Trojan.Bublik variant outbound connection (malware-cnc.rules)
 * 1:23694 <-> DISABLED <-> FILE-IDENTIFY vmd file magic detected (file-identify.rules)
 * 1:23692 <-> DISABLED <-> FILE-IDENTIFY ivr file magic detected (file-identify.rules)
 * 1:23690 <-> DISABLED <-> FILE-IDENTIFY ffmpeg file magic detected (file-identify.rules)
 * 1:23675 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Big Endian file magic detected (file-identify.rules)
 * 1:23674 <-> DISABLED <-> FILE-IDENTIFY MachO Big Endian file magic detected (file-identify.rules)
 * 1:23673 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:23672 <-> DISABLED <-> FILE-IDENTIFY MachO Little Endian file magic detected (file-identify.rules)
 * 1:23671 <-> DISABLED <-> FILE-IDENTIFY 7zip file magic detected (file-identify.rules)
 * 1:23669 <-> DISABLED <-> FILE-IDENTIFY SIP log file magic detected (file-identify.rules)
 * 1:23668 <-> DISABLED <-> FILE-IDENTIFY SIS file magic detected (file-identify.rules)
 * 1:23665 <-> DISABLED <-> FILE-IDENTIFY CryptFF file magic detected (file-identify.rules)
 * 1:23662 <-> DISABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:23660 <-> DISABLED <-> FILE-IDENTIFY Symantec file magic detected (file-identify.rules)
 * 1:23659 <-> DISABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23649 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows CAB file magic detected (file-identify.rules)
 * 1:23646 <-> DISABLED <-> FILE-IDENTIFY bzip file magic detected (file-identify.rules)
 * 1:23644 <-> DISABLED <-> FILE-IDENTIFY BinHex file magic detected (file-identify.rules)
 * 1:23643 <-> DISABLED <-> FILE-IDENTIFY Postscript file magic detected (file-identify.rules)
 * 1:23642 <-> DISABLED <-> FILE-IDENTIFY Script encoder file magic detected (file-identify.rules)
 * 1:23641 <-> DISABLED <-> FILE-IDENTIFY GZip file magic detected (file-identify.rules)
 * 1:23635 <-> ENABLED <-> MALWARE-CNC Gozi trojan checkin (malware-cnc.rules)
 * 1:23634 <-> DISABLED <-> MALWARE-CNC Trojan.Kegotip variant connect to cnc-server (malware-cnc.rules)
 * 1:23633 <-> ENABLED <-> MALWARE-CNC Trojan.Kegotip variant report to cnc-server (malware-cnc.rules)
 * 1:23630 <-> DISABLED <-> MALWARE-CNC Trojan.YMrelay variant connect to cnc-server (malware-cnc.rules)
 * 1:23628 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Pincav variant outbound connection (malware-cnc.rules)
 * 1:23625 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox resource URL handling directory traversal attempt (browser-firefox.rules)
 * 1:23623 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:23622 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page request - tkr (exploit-kit.rules)
 * 1:23620 <-> ENABLED <-> MALWARE-OTHER Malvertising network attempted redirect (malware-other.rules)
 * 1:23619 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch broken (exploit-kit.rules)
 * 1:23618 <-> ENABLED <-> MALWARE-OTHER Malvertising redirection attempt (malware-other.rules)
 * 1:23610 <-> DISABLED <-> MALWARE-CNC Worm.Crass.A outbound connection (malware-cnc.rules)
 * 1:23609 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (browser-ie.rules)
 * 1:23607 <-> DISABLED <-> MALWARE-CNC Trojan.Sofacy.A outbound communication (malware-cnc.rules)
 * 1:23606 <-> DISABLED <-> MALWARE-CNC Trojan.Sofacy.A outbound communication (malware-cnc.rules)
 * 1:23600 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Gamarue.F outbound connection (malware-cnc.rules)
 * 1:23599 <-> DISABLED <-> MALWARE-CNC Win32.Slagent outgoing connection (malware-cnc.rules)
 * 1:23598 <-> DISABLED <-> MALWARE-CNC Win32.Slagent outgoing connection (malware-cnc.rules)
 * 1:23597 <-> DISABLED <-> MALWARE-CNC Trojan.VB.DHD connect to cnc-server (malware-cnc.rules)
 * 1:23595 <-> DISABLED <-> MALWARE-CNC Trojan.Papras variant connect to cnc-server (malware-cnc.rules)
 * 1:23594 <-> DISABLED <-> MALWARE-CNC Trojan.Papras variant connect to cnc-server (malware-cnc.rules)
 * 1:23593 <-> DISABLED <-> MALWARE-CNC Trojan.Smoaler variant connect to cnc-server (malware-cnc.rules)
 * 1:23592 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:23591 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23590 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23589 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23579 <-> ENABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:23576 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23575 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:23574 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:23573 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:23572 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:23571 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:23570 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:23569 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23568 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:23565 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:23561 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:23495 <-> DISABLED <-> MALWARE-CNC Trojan.Kugdifod.A outbound connection (malware-cnc.rules)
 * 1:23494 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Onitab.A outbound connection (malware-cnc.rules)
 * 1:23493 <-> ENABLED <-> MALWARE-CNC Trojan.ZeroAccess outbound communication (malware-cnc.rules)
 * 1:23492 <-> ENABLED <-> MALWARE-CNC Trojan.ZeroAccess outbound communication (malware-cnc.rules)
 * 1:23491 <-> DISABLED <-> MALWARE-CNC Trojan.Kura connect to cnc-server (malware-cnc.rules)
 * 1:23490 <-> DISABLED <-> FILE-MULTIMEDIA Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt (file-multimedia.rules)
 * 1:23483 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Georbot file download (malware-backdoor.rules)
 * 1:23471 <-> DISABLED <-> BROWSER-CHROME Google Chrome net-internals uri fragment identifier XSS attempt (browser-chrome.rules)
 * 1:23469 <-> DISABLED <-> MALWARE-CNC Trojan.Dropper outbound connection (malware-cnc.rules)
 * 1:23468 <-> DISABLED <-> MALWARE-CNC Trojan.Dropper outbound connection (malware-cnc.rules)
 * 1:23467 <-> DISABLED <-> MALWARE-CNC Win32.Mazben file download (malware-cnc.rules)
 * 1:23460 <-> DISABLED <-> MALWARE-CNC Trojan.Belesak.A outbound connection (malware-cnc.rules)
 * 1:23451 <-> DISABLED <-> MALWARE-CNC Win32.RedSip.A outbound connection (malware-cnc.rules)
 * 1:23450 <-> DISABLED <-> MALWARE-CNC Trojan.McRat connect to server (malware-cnc.rules)
 * 1:23449 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Servstart.ax connect to cnc-server (malware-cnc.rules)
 * 1:23448 <-> DISABLED <-> MALWARE-CNC Worm WIN32.Psyokym.b connect to cnc-server (malware-cnc.rules)
 * 1:23447 <-> DISABLED <-> MALWARE-CNC Trojan.Sojax.A outbound connection (malware-cnc.rules)
 * 1:23446 <-> DISABLED <-> MALWARE-CNC Trojan.Sojax.A runtime detection (malware-cnc.rules)
 * 1:23445 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (browser-firefox.rules)
 * 1:23399 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Govdi.A connect to cnc-server (malware-cnc.rules)
 * 1:23394 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Vbvoleur.a connect to cnc-server (malware-cnc.rules)
 * 1:23391 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Hioles.C runtime detection (malware-cnc.rules)
 * 1:23390 <-> DISABLED <-> MALWARE-CNC Trojan Java.Arratomref variant outbound connection (malware-cnc.rules)
 * 1:23389 <-> DISABLED <-> MALWARE-CNC Trojan Java.Arratomref variant outbound connection (malware-cnc.rules)
 * 1:23388 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.FakeMSN.I runtime detection (malware-cnc.rules)
 * 1:23387 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker outbound connection (malware-cnc.rules)
 * 1:23384 <-> DISABLED <-> WEB-MISC Novell Groupwise Messenger parameter memory corruption attempt (web-misc.rules)
 * 1:23383 <-> DISABLED <-> MALWARE-CNC Trojan.Chaori.A runtime detection - initial connection (malware-cnc.rules)
 * 1:23382 <-> ENABLED <-> MALWARE-CNC Trojan.SpyEye outbound connection (malware-cnc.rules)
 * 1:23381 <-> DISABLED <-> MALWARE-BACKDOOR Win32.Thoper.C runtime detection (malware-backdoor.rules)
 * 1:23380 <-> DISABLED <-> MALWARE-CNC Trojan.Ventana initial outbound connection (malware-cnc.rules)
 * 1:23379 <-> DISABLED <-> MALWARE-CNC Trojan.Leepload variant outbound connection (malware-cnc.rules)
 * 1:23378 <-> DISABLED <-> MALWARE-CNC Trojan.Sasfis runtime detection (malware-cnc.rules)
 * 1:23377 <-> DISABLED <-> MALWARE-CNC Trojan.Sasfis runtime detection (malware-cnc.rules)
 * 1:23371 <-> ENABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:23345 <-> DISABLED <-> MALWARE-CNC RunTime Trojan Win32.tchfro.A outbound connection (malware-cnc.rules)
 * 1:23344 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Harvso.A outbound connection (malware-cnc.rules)
 * 1:23343 <-> DISABLED <-> MALWARE-CNC Trojan.Agent initial connection (malware-cnc.rules)
 * 1:23342 <-> ENABLED <-> MALWARE-CNC Trojan.Agent initial connection (malware-cnc.rules)
 * 1:23341 <-> ENABLED <-> MALWARE-BACKDOOR Backdoor.Win32.Tinrot.A runtime detection (malware-backdoor.rules)
 * 1:23340 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Nitol.B runtime detection (malware-cnc.rules)
 * 1:23339 <-> DISABLED <-> MALWARE-CNC Prier.A runtime detection - initial connection (malware-cnc.rules)
 * 1:23338 <-> DISABLED <-> MALWARE-BACKDOOR Spindest.A runtime detection - initial connection (malware-backdoor.rules)
 * 1:23337 <-> DISABLED <-> MALWARE-CNC Bluenet.A runtime detection - initial connection (malware-cnc.rules)
 * 1:23336 <-> DISABLED <-> MALWARE-CNC Linfo.A runtime detection - initial connection (malware-cnc.rules)
 * 1:23335 <-> ENABLED <-> MALWARE-CNC Trojan.Swisyn outbound connection (malware-cnc.rules)
 * 1:23334 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader initial C&C checkin (malware-cnc.rules)
 * 1:23333 <-> DISABLED <-> MALWARE-CNC Trojan.Banker initial C&C checkin (malware-cnc.rules)
 * 1:23332 <-> ENABLED <-> MALWARE-CNC Trojan.Win32-Dishigy outbound connection (malware-cnc.rules)
 * 1:23331 <-> DISABLED <-> MALWARE-CNC Trojan.Mybot outbound connection (malware-cnc.rules)
 * 1:23317 <-> DISABLED <-> MALWARE-CNC Trojan.Dropper initial outbound connection (malware-cnc.rules)
 * 1:23313 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23312 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23311 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23310 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23309 <-> ENABLED <-> FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (file-executable.rules)
 * 1:23308 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader.Bucriv outbound connection (malware-cnc.rules)
 * 1:23307 <-> ENABLED <-> MALWARE-CNC Trojan.Dropper connect to server (malware-cnc.rules)
 * 1:23306 <-> DISABLED <-> MALWARE-CNC Trojan.Stealer connect to server (malware-cnc.rules)
 * 1:23305 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:23285 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer OnReadyStateChange use after free attempt (browser-ie.rules)
 * 1:23280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer corrupted HROW instance write access violation attempt (browser-ie.rules)
 * 1:23278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested ul tags uninitalized memory access attempt (browser-ie.rules)
 * 1:23265 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23264 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:23262 <-> ENABLED <-> MALWARE-CNC Trojan.Banker outbound connection (malware-cnc.rules)
 * 1:23261 <-> ENABLED <-> MALWARE-CNC known command and control traffic - Pushbot (malware-cnc.rules)
 * 1:23257 <-> DISABLED <-> MALWARE-CNC Trojan.Duojeen variant outbound connection (malware-cnc.rules)
 * 1:23255 <-> DISABLED <-> MALWARE-CNC Trojan.Duojeen runtime detection (malware-cnc.rules)
 * 1:23254 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Delf.CL connect to cnc-server (malware-cnc.rules)
 * 1:23252 <-> DISABLED <-> MALWARE-CNC MacOS.MacKontrol variant outbound connection (malware-cnc.rules)
 * 1:23251 <-> DISABLED <-> MALWARE-CNC Trojan.Spyeye variant outbound connection (malware-cnc.rules)
 * 1:23248 <-> ENABLED <-> EXPLOIT-KIT Unknown Exploit Kit getfile.php (exploit-kit.rules)
 * 1:23245 <-> ENABLED <-> MALWARE-CNC Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:23244 <-> ENABLED <-> MALWARE-CNC Trojan.Kuluoz variant outbound connection (malware-cnc.rules)
 * 1:23242 <-> ENABLED <-> MALWARE-CNC Win32.Banker.boxg connect to cnc server (malware-cnc.rules)
 * 1:23235 <-> DISABLED <-> MALWARE-CNC PBin.A runtime traffic detected (malware-cnc.rules)
 * 1:23234 <-> DISABLED <-> MALWARE-CNC Frethog.MK runtime traffic detected (malware-cnc.rules)
 * 1:23225 <-> ENABLED <-> EXPLOIT-KIT RedKit Landing Page Received - applet and flowbit (exploit-kit.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT RedKit Landing Page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23223 <-> ENABLED <-> EXPLOIT-KIT RedKit Landing Page Received - applet and code (exploit-kit.rules)
 * 1:23222 <-> ENABLED <-> EXPLOIT-KIT RedKit Landing Page Received - applet and 5digit jar attempt (exploit-kit.rules)
 * 1:23221 <-> ENABLED <-> EXPLOIT-KIT RedKit Jar File Naming Algorithm (exploit-kit.rules)
 * 1:23220 <-> ENABLED <-> EXPLOIT-KIT RedKit Java Exploit Requested - 5 digit jar (exploit-kit.rules)
 * 1:23219 <-> ENABLED <-> EXPLOIT-KIT Redkit Java Exploit request to .class file (exploit-kit.rules)
 * 1:23218 <-> ENABLED <-> EXPLOIT-KIT RedKit Repeated Exploit Request Pattern (exploit-kit.rules)
 * 1:23215 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Waprox.A runtime detection (malware-cnc.rules)
 * 1:23214 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Waprox.A runtime detection (malware-cnc.rules)
 * 1:23212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (browser-firefox.rules)
 * 1:23181 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (file-executable.rules)
 * 1:23176 <-> DISABLED <-> MALWARE-CNC Donbot.A runtime traffic attempt detected (malware-cnc.rules)
 * 1:23173 <-> DISABLED <-> MALWARE-CNC Android Zitmo trojan command and control channel traffic (malware-cnc.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23159 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure (exploit-kit.rules)
 * 1:23158 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:23157 <-> ENABLED <-> EXPLOIT-KIT URI Nuclear Pack exploit kit binary download (exploit-kit.rules)
 * 1:23141 <-> ENABLED <-> EXPLOIT-KIT Fake transaction redirect page to exploit kit (exploit-kit.rules)
 * 1:23156 <-> ENABLED <-> EXPLOIT-KIT URI Nuclear Pack exploit kit landing page (exploit-kit.rules)
 * 1:23135 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (file-flash.rules)
 * 1:23134 <-> DISABLED <-> FILE-FLASH Adobe Flash Player broker destructor DoS attempt (file-flash.rules)
 * 1:23133 <-> DISABLED <-> FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (file-flash.rules)
 * 1:23132 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (file-flash.rules)
 * 1:23131 <-> ENABLED <-> FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (file-flash.rules)
 * 1:23130 <-> ENABLED <-> FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (file-flash.rules)
 * 1:23129 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (file-flash.rules)
 * 1:23128 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 9 memory disclosure attempt (browser-ie.rules)
 * 1:23127 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (file-executable.rules)
 * 1:23126 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer insertAdjacentText memory corruption attempt (browser-ie.rules)
 * 1:23125 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (browser-ie.rules)
 * 1:22949 <-> ENABLED <-> EXPLOIT-KIT Blackhole redirection attempt (exploit-kit.rules)
 * 1:22942 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:22937 <-> DISABLED <-> MALWARE-CNC Trojan.Proxyier outbound connection (malware-cnc.rules)
 * 1:22933 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - tools (indicator-compromise.rules)
 * 1:22932 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - phpinfo (indicator-compromise.rules)
 * 1:22931 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ls (indicator-compromise.rules)
 * 1:22930 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - fsbuff (indicator-compromise.rules)
 * 1:22929 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - selfremove (indicator-compromise.rules)
 * 1:22928 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - feedback (indicator-compromise.rules)
 * 1:22927 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - eval (indicator-compromise.rules)
 * 1:22926 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - sql (indicator-compromise.rules)
 * 1:22925 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - security (indicator-compromise.rules)
 * 1:22924 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (indicator-compromise.rules)
 * 1:22923 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ps_aux (indicator-compromise.rules)
 * 1:22922 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - bind (indicator-compromise.rules)
 * 1:22921 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - encoder (indicator-compromise.rules)
 * 1:22920 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - about (indicator-compromise.rules)
 * 1:22919 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - upload (indicator-compromise.rules)
 * 1:22918 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - search (indicator-compromise.rules)
 * 1:22917 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - cmd (indicator-compromise.rules)
 * 1:22916 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22915 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22103 <-> ENABLED <-> MALWARE-CNC Win32.Coswid.klk runtime detection (malware-cnc.rules)
 * 1:22102 <-> DISABLED <-> FILE-OTHER Microsoft Office RTF malformed pfragments field (file-other.rules)
 * 1:22101 <-> DISABLED <-> FILE-OTHER Microsoft Office RTF malformed pfragments field (file-other.rules)
 * 1:22100 <-> ENABLED <-> MALWARE-CNC Trojan.Midhos variant outbound connection (malware-cnc.rules)
 * 1:22099 <-> ENABLED <-> MALWARE-CNC Trojan.Piroxcc variant outbound connection (malware-cnc.rules)
 * 1:22095 <-> ENABLED <-> MALWARE-BACKDOOR Backdoor.Win32.Agent outbound connection (malware-backdoor.rules)
 * 1:22088 <-> ENABLED <-> EXPLOIT-KIT Blackhole Exploit Kit javascript service method (exploit-kit.rules)
 * 1:22080 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (browser-ie.rules)
 * 1:22070 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22069 <-> ENABLED <-> FILE-FLASH Adobe Flash Player object confusion attempt (file-flash.rules)
 * 1:22068 <-> ENABLED <-> FILE-FLASH Adobe Flash systemMemoryCall RTMP query (file-flash.rules)
 * 1:22067 <-> DISABLED <-> FILE-FLASH Adobe Flash malformed error response (file-flash.rules)
 * 1:22065 <-> DISABLED <-> MALWARE-CNC Trojan.Zeprox variant outbound connection (malware-cnc.rules)
 * 1:22062 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Winpawr variant outbound connection (malware-cnc.rules)
 * 1:22061 <-> DISABLED <-> MALWARE-OTHER Alureon - Malicious IFRAME load attempt (malware-other.rules)
 * 1:22060 <-> ENABLED <-> MALWARE-CNC Trojan.Fepgul outbound connection (malware-cnc.rules)
 * 1:22059 <-> ENABLED <-> MALWARE-CNC Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:22058 <-> ENABLED <-> MALWARE-CNC Trojan.Kbot variant outbound connection (malware-cnc.rules)
 * 1:22057 <-> DISABLED <-> MALWARE-CNC Trojan.Kbot variant outbound connection (malware-cnc.rules)
 * 1:22056 <-> DISABLED <-> MALWARE-CNC Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:22054 <-> ENABLED <-> MALWARE-CNC Trojan.Prorat variant outbound connection (malware-cnc.rules)
 * 1:22053 <-> DISABLED <-> MALWARE-CNC Trojan.Insomnia variant inbound connection - post infection (malware-cnc.rules)
 * 1:22048 <-> ENABLED <-> MALWARE-CNC Trojan.Zeus P2P outbound communication (malware-cnc.rules)
 * 1:22042 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (file-executable.rules)
 * 1:22041 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing redirection page (exploit-kit.rules)
 * 1:22040 <-> ENABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22039 <-> ENABLED <-> EXPLOIT-KIT Blackhole suspected landing page (exploit-kit.rules)
 * 1:22038 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:22034 <-> ENABLED <-> MALWARE-CNC Apple OSX Flashback malware outbound connection (malware-cnc.rules)
 * 1:22033 <-> ENABLED <-> MALWARE-CNC Apple OSX Flashback malware outbound connection (malware-cnc.rules)
 * 1:22001 <-> DISABLED <-> MALWARE-CNC Worm.VB.amna outbound connection type B (malware-cnc.rules)
 * 1:22000 <-> DISABLED <-> MALWARE-CNC Worm.VB.amna outbound connection A (malware-cnc.rules)
 * 1:21998 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banload.PQC variant outbound connection (malware-cnc.rules)
 * 1:21997 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.bgcp variant outbound connection (malware-cnc.rules)
 * 1:21996 <-> DISABLED <-> MALWARE-CNC Win32.Dorkbot.I Runtime Detection Generic (malware-cnc.rules)
 * 1:21995 <-> ENABLED <-> MALWARE-CNC Win32.Dorkbot.I Runtime Detection Generic (malware-cnc.rules)
 * 1:21994 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules)
 * 1:21993 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:21992 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:21991 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:21990 <-> ENABLED <-> FILE-IMAGE libpng png_inflate buffer overflow attempt (file-image.rules)
 * 1:21989 <-> ENABLED <-> FILE-IMAGE libpng png_inflate buffer overflow attempt (file-image.rules)
 * 1:21988 <-> ENABLED <-> FILE-IMAGE libpng png_inflate buffer overflow attempt (file-image.rules)
 * 1:21984 <-> ENABLED <-> MALWARE-CNC Trojan.BamCompiled variant inbound updates (malware-cnc.rules)
 * 1:21983 <-> ENABLED <-> MALWARE-CNC Trojan.BamCompiled variant outbound connection (malware-cnc.rules)
 * 1:21982 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Insain.mh runtime detection (malware-cnc.rules)
 * 1:21981 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Selvice.vq runtime detection (malware-cnc.rules)
 * 1:21980 <-> DISABLED <-> MALWARE-CNC Trojan.Winac outbound connection (malware-cnc.rules)
 * 1:21979 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Nervos variant inbound communication (malware-backdoor.rules)
 * 1:21978 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Nervos variant outbound connection (malware-backdoor.rules)
 * 1:21977 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Pinit outbound connection (malware-backdoor.rules)
 * 1:21976 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Lapurd.D runtime detection (malware-cnc.rules)
 * 1:21975 <-> DISABLED <-> MALWARE-CNC Worm.Expichu runtime detection (malware-cnc.rules)
 * 1:21974 <-> DISABLED <-> MALWARE-CNC Worm.Expichu runtime detection (malware-cnc.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.ZZSlash runtime detection (malware-backdoor.rules)
 * 1:21972 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.ZZSlash outbound connection (malware-backdoor.rules)
 * 1:21971 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Zlob.P variant inbound communication (malware-backdoor.rules)
 * 1:21970 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Zlob.P variant outbound connection (malware-backdoor.rules)
 * 1:21969 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Rebhip.A outbound connection type B (malware-backdoor.rules)
 * 1:21968 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Rebhip.A outbound connection type A (malware-backdoor.rules)
 * 1:21966 <-> DISABLED <-> MALWARE-CNC Trojan.Pasmu connect to server (malware-cnc.rules)
 * 1:21964 <-> DISABLED <-> MALWARE-CNC Murcy protocol connection to server (malware-cnc.rules)
 * 1:21963 <-> DISABLED <-> MALWARE-CNC X-Shell 601 communication protocol connection to server (malware-cnc.rules)
 * 1:21962 <-> DISABLED <-> MALWARE-CNC BB communication protocol connection to server (malware-cnc.rules)
 * 1:21961 <-> DISABLED <-> MALWARE-CNC IP2B communication protocol connection to server (malware-cnc.rules)
 * 1:21960 <-> DISABLED <-> MALWARE-CNC LURK communication protocol connection to server (malware-cnc.rules)
 * 1:21959 <-> DISABLED <-> MALWARE-CNC UPDATE communication protocol connection to server (malware-cnc.rules)
 * 1:21958 <-> DISABLED <-> MALWARE-CNC QDIGIT protocol connection to server (malware-cnc.rules)
 * 1:21949 <-> ENABLED <-> MALWARE-OTHER nikjju script injection (malware-other.rules)
 * 1:21948 <-> ENABLED <-> FILE-IMAGE Adobe Photoshop TIFF malicious SGILOG-compressed data attempt (file-image.rules)
 * 1:21947 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.VicSpy.A runtime detection (malware-cnc.rules)
 * 1:21946 <-> DISABLED <-> MALWARE-CNC Win32.Litmpuca.A Runtime Detection (malware-cnc.rules)
 * 1:21945 <-> DISABLED <-> MALWARE-CNC Win32.Litmpuca.A Runtime Detection (malware-cnc.rules)
 * 1:21661 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - catch (exploit-kit.rules)
 * 1:21941 <-> ENABLED <-> INDICATOR-COMPROMISE Wordpress Request for php file in fgallery directory (indicator-compromise.rules)
 * 1:21937 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:21912 <-> ENABLED <-> MALWARE-CNC Aldi bot variant outbound connection user-agent (malware-cnc.rules)
 * 1:21911 <-> ENABLED <-> MALWARE-CNC Aldi variant outbound connection C&C checkin (malware-cnc.rules)
 * 1:21910 <-> ENABLED <-> MALWARE-CNC Apple OSX Flashback malware user-agent (malware-cnc.rules)
 * 1:21907 <-> ENABLED <-> FILE-OTHER Microsoft Office rtf document generic exploit indicator (file-other.rules)
 * 1:21906 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:21905 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:21904 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:21903 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:21902 <-> ENABLED <-> FILE-OTHER Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (file-other.rules)
 * 1:21877 <-> ENABLED <-> MALWARE-CNC Apple OSX.Sabpub outbound connection (malware-cnc.rules)
 * 1:21876 <-> ENABLED <-> EXPLOIT-KIT Blackhole Exploit landing page with specific structure - Loading (exploit-kit.rules)
 * 1:21875 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - taskkill (exploit-kit.rules)
 * 1:21874 <-> ENABLED <-> EXPLOIT-KIT Possible exploit kit post compromise activity - StrReverse (exploit-kit.rules)
 * 1:21869 <-> ENABLED <-> FILE-OTHER Java JRE sandbox breach attempt (file-other.rules)
 * 1:21852 <-> ENABLED <-> MALWARE-CNC Trojan.Orsam variant outbound connection (malware-cnc.rules)
 * 1:21851 <-> ENABLED <-> MALWARE-CNC TDS Sutra - redirect received (malware-cnc.rules)
 * 1:21850 <-> ENABLED <-> MALWARE-CNC TDS Sutra - request hi.cgi (malware-cnc.rules)
 * 1:21849 <-> ENABLED <-> MALWARE-CNC TDS Sutra - HTTP header redirecting to a SutraTDS (malware-cnc.rules)
 * 1:21848 <-> ENABLED <-> MALWARE-CNC TDS Sutra - page redirecting to a SutraTDS (malware-cnc.rules)
 * 1:21847 <-> ENABLED <-> MALWARE-CNC TDS Sutra - cookie set (malware-cnc.rules)
 * 1:21846 <-> ENABLED <-> MALWARE-CNC TDS Sutra - request in.cgi (malware-cnc.rules)
 * 1:21845 <-> ENABLED <-> MALWARE-CNC TDS Sutra - redirect received (malware-cnc.rules)
 * 1:21796 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use-after-free attempt (browser-ie.rules)
 * 1:21795 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (file-executable.rules)
 * 1:21793 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (browser-ie.rules)
 * 1:21791 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (browser-ie.rules)
 * 1:21787 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded javascript escape function in POST parameters - likely javascript injection (indicator-obfuscation.rules)
 * 1:21786 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded javascript escape function in POST parameters - likely javascript injection (indicator-obfuscation.rules)
 * 1:21785 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript escape function in POST parameters - likely javascript injection (indicator-obfuscation.rules)
 * 1:21775 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21784 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded script tag in POST parameters - likely cross-site scripting (indicator-obfuscation.rules)
 * 1:21783 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded script tag in POST parameters - likely cross-site scripting (indicator-obfuscation.rules)
 * 1:21782 <-> DISABLED <-> INDICATOR-OBFUSCATION script tag in POST parameters - likely cross-site scripting (indicator-obfuscation.rules)
 * 1:21781 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded union select function in POST - possible sql injection attempt (indicator-obfuscation.rules)
 * 1:21780 <-> DISABLED <-> INDICATOR-OBFUSCATION encoded waitfor delay function in POST - possible sql injection attempt (indicator-obfuscation.rules)
 * 1:21659 <-> ENABLED <-> EXPLOIT-KIT Blackhole Landing Page Requested - /Home/index.php (exploit-kit.rules)
 * 1:21658 <-> ENABLED <-> EXPLOIT-KIT Blackhole possible landing page (exploit-kit.rules)
 * 1:21660 <-> ENABLED <-> EXPLOIT-KIT Blackhole Landing Page Requested - /Index/index.php (exploit-kit.rules)
 * 1:21774 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21665 <-> ENABLED <-> FILE-OTHER Oracle Java JRE sandbox Atomic breach attempt (file-other.rules)
 * 1:21666 <-> ENABLED <-> FILE-OTHER Oracle Java JRE sandbox Atomic breach attempt (file-other.rules)
 * 1:21773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21668 <-> DISABLED <-> EXPLOIT-KIT Java exploit kit iframe drive by attempt (exploit-kit.rules)
 * 1:21670 <-> DISABLED <-> WEB-PHP phpinfo GET POST and COOKIE Parameters cross site scripting attempt (web-php.rules)
 * 1:21678 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21679 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call attempt (exploit-kit.rules)
 * 1:21772 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21680 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21681 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21682 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21683 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21771 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21684 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21685 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21686 <-> ENABLED <-> EXPLOIT-KIT Bleeding Life exploit module call (exploit-kit.rules)
 * 1:21755 <-> ENABLED <-> MALWARE-CNC Apple OSX.Flashback variant outbound connection (malware-cnc.rules)
 * 1:21664 <-> ENABLED <-> FILE-OTHER Oracle Java JRE sandbox Atomic breach attempt (file-other.rules)
 * 1:21756 <-> ENABLED <-> MALWARE-CNC Apple OSX.Flashback variant outbound connection (malware-cnc.rules)
 * 1:21770 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:21769 <-> DISABLED <-> MALWARE-CNC Win32.LogonInvader.a runtime detection (malware-cnc.rules)
 * 1:21761 <-> ENABLED <-> MALWARE-CNC Win32.Swisyn variant runtime detection (malware-cnc.rules)
 * 1:21760 <-> ENABLED <-> MALWARE-CNC Win32.Swisyn variant runtime detection (malware-cnc.rules)
 * 1:21657 <-> ENABLED <-> EXPLOIT-KIT Blackhole Applet landing page (exploit-kit.rules)
 * 1:21758 <-> ENABLED <-> MALWARE-CNC Apple OSX.Flashback variant outbound connection (malware-cnc.rules)
 * 1:21757 <-> ENABLED <-> MALWARE-CNC Apple OSX.Flashback variant outbound connection (malware-cnc.rules)
 * 1:4133 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer devenum clsid attempt (browser-ie.rules)
 * 1:4134 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer blnmgr clsid attempt (browser-ie.rules)
 * 1:4135 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG heap overflow attempt (browser-ie.rules)
 * 1:4647 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript onload overflow attempt (browser-ie.rules)
 * 1:4675 <-> DISABLED <-> FILE-FLASH Adobe Flash DOACTION tag overflow attempt (file-flash.rules)
 * 1:4679 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file component name integer overflow multipacket attempt (file-multimedia.rules)
 * 1:4916 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript onload document.write obfuscation overflow attempt (browser-ie.rules)
 * 1:4917 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript onload prompt obfuscation overflow attempt (browser-ie.rules)
 * 1:5318 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows wmf file arbitrary code execution attempt (file-multimedia.rules)
 * 1:5714 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari x-unix-mode executable mail attachment (browser-webkit.rules)
 * 1:6323 <-> DISABLED <-> MALWARE-BACKDOOR 3xBackdoor runtime detection - set flowbit (malware-backdoor.rules)
 * 1:6324 <-> DISABLED <-> MALWARE-BACKDOOR 3xBackdoor runtime detection (malware-backdoor.rules)
 * 1:6492 <-> DISABLED <-> MALWARE-BACKDOOR Trickler Backdoor-BAC.gen.e runtime detection - notification (malware-backdoor.rules)
 * 1:6493 <-> DISABLED <-> MALWARE-BACKDOOR Trickler Backdoor-BAC.gen.e runtime detection - post data (malware-backdoor.rules)
 * 1:6499 <-> DISABLED <-> MALWARE-BACKDOOR omerta 1.3 runtime detection (malware-backdoor.rules)
 * 1:6500 <-> DISABLED <-> MALWARE-BACKDOOR omerta 1.3 runtime detection (malware-backdoor.rules)
 * 1:6502 <-> DISABLED <-> FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (file-image.rules)
 * 1:6509 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri href buffer overflow attempt (browser-ie.rules)
 * 1:6510 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (browser-ie.rules)
 * 1:6689 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected cHRM overflow attempt (file-image.rules)
 * 1:6690 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (file-image.rules)
 * 1:6691 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (file-image.rules)
 * 1:6692 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (file-image.rules)
 * 1:6693 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (file-image.rules)
 * 1:6694 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (file-image.rules)
 * 1:6695 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt (file-image.rules)
 * 1:6696 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (file-image.rules)
 * 1:6697 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (file-image.rules)
 * 1:6698 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (file-image.rules)
 * 1:6699 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (file-image.rules)
 * 1:6700 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products malformed PNG detected tEXt overflow attempt (file-image.rules)
 * 1:6701 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (file-image.rules)
 * 1:7020 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled function buffer overflow (browser-ie.rules)
 * 1:7147 <-> DISABLED <-> MALWARE-CNC Hacker-Tool sars notifier runtime detection - icq notification (malware-cnc.rules)
 * 1:7149 <-> DISABLED <-> MALWARE-CNC Hacker-Tool sars notifier runtime detection - php notification (malware-cnc.rules)
 * 1:7150 <-> DISABLED <-> MALWARE-CNC Hacker-Tool sars notifier runtime detection - irc notification (malware-cnc.rules)
 * 1:7151 <-> DISABLED <-> MALWARE-CNC Hacker-Tool sars notifier runtime detection - net send notification (malware-cnc.rules)
 * 1:7183 <-> DISABLED <-> MALWARE-CNC Snoopware barok runtime detection (malware-cnc.rules)
 * 1:7813 <-> DISABLED <-> MALWARE-BACKDOOR darkmoon initial connection detection - cts (malware-backdoor.rules)
 * 1:7814 <-> DISABLED <-> MALWARE-BACKDOOR darkmoon initial connection detection - stc (malware-backdoor.rules)
 * 1:7815 <-> DISABLED <-> MALWARE-BACKDOOR darkmoon reverse connection detection - stc (malware-backdoor.rules)
 * 1:7816 <-> DISABLED <-> MALWARE-BACKDOOR darkmoon reverse connection detection - cts (malware-backdoor.rules)
 * 1:8445 <-> DISABLED <-> FILE-OTHER Microsoft Windows RTF file with embedded object package download attempt (file-other.rules)
 * 1:8547 <-> DISABLED <-> MALWARE-BACKDOOR zzmm 2.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:8548 <-> DISABLED <-> MALWARE-BACKDOOR zzmm 2.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:9326 <-> DISABLED <-> MALWARE-OTHER netsky.p smtp propagation detection (malware-other.rules)
 * 1:9327 <-> DISABLED <-> MALWARE-OTHER netsky.af smtp propagation detection (malware-other.rules)
 * 1:9328 <-> DISABLED <-> MALWARE-OTHER zhangpo smtp propagation detection (malware-other.rules)
 * 1:9329 <-> ENABLED <-> MALWARE-CNC yarner.b smtp propagation detection (malware-cnc.rules)
 * 1:9330 <-> DISABLED <-> MALWARE-OTHER mydoom.e smtp propagation detection (malware-other.rules)
 * 1:9331 <-> DISABLED <-> MALWARE-OTHER mydoom.m smtp propagation detection (malware-other.rules)
 * 1:9409 <-> DISABLED <-> MALWARE-OTHER atak.b smtp propagation detection (malware-other.rules)
 * 1:9410 <-> DISABLED <-> MALWARE-OTHER netsky.z smtp propagation detection (malware-other.rules)
 * 1:9411 <-> DISABLED <-> MALWARE-OTHER mimail.f smtp propagation detection (malware-other.rules)
 * 1:9412 <-> DISABLED <-> MALWARE-OTHER sinmsn.b msn propagation detection (malware-other.rules)
 * 1:9413 <-> DISABLED <-> MALWARE-OTHER ganda smtp propagation detection (malware-other.rules)
 * 1:9414 <-> DISABLED <-> MALWARE-OTHER lovelorn.a smtp propagation detection (malware-other.rules)
 * 1:9415 <-> DISABLED <-> MALWARE-OTHER plexus.a smtp propagation detection (malware-other.rules)
 * 1:9416 <-> DISABLED <-> MALWARE-OTHER bagle.at smtp propagation detection (malware-other.rules)
 * 1:9417 <-> DISABLED <-> MALWARE-OTHER bagle.a smtp propagation detection (malware-other.rules)
 * 1:9418 <-> ENABLED <-> MALWARE-CNC bagle.a http notification detection (malware-cnc.rules)
 * 1:9419 <-> ENABLED <-> MALWARE-OTHER sasser attempt (malware-other.rules)
 * 1:9420 <-> ENABLED <-> MALWARE-OTHER korgo attempt (malware-other.rules)
 * 1:9421 <-> ENABLED <-> MALWARE-OTHER zotob attempt (malware-other.rules)
 * 1:9422 <-> ENABLED <-> MALWARE-OTHER msblast attempt (malware-other.rules)
 * 1:9423 <-> ENABLED <-> MALWARE-OTHER lovegate attempt (malware-other.rules)
 * 1:9424 <-> DISABLED <-> MALWARE-OTHER /winnt/explorer.exe unicode klez infection attempt (malware-other.rules)
 * 1:9425 <-> DISABLED <-> MALWARE-OTHER netsky attachment (malware-other.rules)
 * 1:9426 <-> DISABLED <-> MALWARE-OTHER mydoom.ap attachment (malware-other.rules)
 * 1:9654 <-> DISABLED <-> MALWARE-BACKDOOR apofis 1.0 runtime detection - remote controlling (malware-backdoor.rules)
 * 1:9655 <-> DISABLED <-> MALWARE-BACKDOOR apofis 1.0 runtime detection - remote controlling (malware-backdoor.rules)
 * 1:9656 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection (malware-backdoor.rules)
 * 1:9332 <-> DISABLED <-> MALWARE-OTHER mimail.a smtp propagation detection (malware-other.rules)
 * 1:9333 <-> DISABLED <-> MALWARE-OTHER mimail.e smtp propagation detection (malware-other.rules)
 * 1:9334 <-> DISABLED <-> MALWARE-OTHER lovgate.c smtp propagation detection (malware-other.rules)
 * 1:9335 <-> DISABLED <-> MALWARE-OTHER netsky.b smtp propagation detection (malware-other.rules)
 * 1:9336 <-> DISABLED <-> MALWARE-OTHER netsky.t smtp propagation detection (malware-other.rules)
 * 1:9337 <-> DISABLED <-> MALWARE-OTHER netsky.x smtp propagation detection (malware-other.rules)
 * 1:9338 <-> DISABLED <-> MALWARE-OTHER mydoom.i smtp propagation detection (malware-other.rules)
 * 1:9339 <-> DISABLED <-> MALWARE-OTHER klez.g web propagation detection (malware-other.rules)
 * 1:9340 <-> DISABLED <-> MALWARE-OTHER klez.i web propagation detection (malware-other.rules)
 * 1:9341 <-> DISABLED <-> MALWARE-OTHER sasser open ftp command shell (malware-other.rules)
 * 1:9342 <-> DISABLED <-> MALWARE-OTHER paroc.a smtp propagation detection (malware-other.rules)
 * 1:9343 <-> DISABLED <-> MALWARE-OTHER kadra smtp propagation detection (malware-other.rules)
 * 1:9344 <-> DISABLED <-> MALWARE-OTHER kindal smtp propagation detection (malware-other.rules)
 * 1:9345 <-> DISABLED <-> MALWARE-OTHER kipis.a smtp propagation detection (malware-other.rules)
 * 1:9346 <-> DISABLED <-> MALWARE-OTHER klez.b web propagation detection (malware-other.rules)
 * 1:9347 <-> DISABLED <-> MALWARE-OTHER klez.b netshare propagation detection (malware-other.rules)
 * 1:9348 <-> DISABLED <-> MALWARE-OTHER morbex smtp propagation detection (malware-other.rules)
 * 1:9349 <-> DISABLED <-> MALWARE-OTHER plemood smtp propagation detection (malware-other.rules)
 * 1:9350 <-> DISABLED <-> MALWARE-OTHER mimail.k smtp propagation detection (malware-other.rules)
 * 1:9351 <-> DISABLED <-> MALWARE-OTHER lovgate.a netshare propagation detection (malware-other.rules)
 * 1:9352 <-> DISABLED <-> MALWARE-OTHER lovgate.a smtp propagation detection (malware-other.rules)
 * 1:9353 <-> DISABLED <-> MALWARE-OTHER deborm.x netshare propagation detection (malware-other.rules)
 * 1:9354 <-> DISABLED <-> MALWARE-OTHER deborm.y netshare propagation detection (malware-other.rules)
 * 1:9355 <-> DISABLED <-> MALWARE-OTHER deborm.u netshare propagation detection (malware-other.rules)
 * 1:9356 <-> DISABLED <-> MALWARE-OTHER deborm.q netshare propagation detection (malware-other.rules)
 * 1:9357 <-> DISABLED <-> MALWARE-OTHER deborm.r netshare propagation detection (malware-other.rules)
 * 1:9358 <-> DISABLED <-> MALWARE-OTHER fizzer smtp propagation detection (malware-other.rules)
 * 1:9359 <-> DISABLED <-> MALWARE-OTHER zafi.b smtp propagation detection (malware-other.rules)
 * 1:9360 <-> DISABLED <-> MALWARE-OTHER cult.b smtp propagation detection (malware-other.rules)
 * 1:9361 <-> DISABLED <-> MALWARE-OTHER mimail.l smtp propagation detection (malware-other.rules)
 * 1:9362 <-> DISABLED <-> MALWARE-OTHER mimail.m smtp propagation detection (malware-other.rules)
 * 1:9363 <-> DISABLED <-> MALWARE-OTHER klez.d web propagation detection (malware-other.rules)
 * 1:9364 <-> DISABLED <-> MALWARE-OTHER klez.e web propagation detection (malware-other.rules)
 * 1:9365 <-> DISABLED <-> MALWARE-OTHER cult.c smtp propagation detection (malware-other.rules)
 * 1:9366 <-> DISABLED <-> MALWARE-OTHER mimail.s smtp propagation detection (malware-other.rules)
 * 1:9367 <-> DISABLED <-> MALWARE-OTHER anset.b smtp propagation detection (malware-other.rules)
 * 1:9368 <-> DISABLED <-> MALWARE-OTHER agist.a smtp propagation detection (malware-other.rules)
 * 1:9369 <-> DISABLED <-> MALWARE-OTHER atak.a smtp propagation detection (malware-other.rules)
 * 1:9370 <-> DISABLED <-> MALWARE-OTHER bagle.b smtp propagation detection (malware-other.rules)
 * 1:9371 <-> DISABLED <-> MALWARE-OTHER bagle.e smtp propagation detection (malware-other.rules)
 * 1:9372 <-> DISABLED <-> MALWARE-OTHER blebla.a smtp propagation detection (malware-other.rules)
 * 1:9373 <-> DISABLED <-> MALWARE-OTHER clepa smtp propagation detection (malware-other.rules)
 * 1:9374 <-> DISABLED <-> MALWARE-OTHER creepy.b smtp propagation detection (malware-other.rules)
 * 1:9375 <-> DISABLED <-> MALWARE-OTHER duksten.c smtp propagation detection (malware-other.rules)
 * 1:9376 <-> DISABLED <-> MALWARE-OTHER fishlet.a smtp propagation detection (malware-other.rules)
 * 1:9377 <-> DISABLED <-> MALWARE-OTHER mydoom.g smtp propagation detection (malware-other.rules)
 * 1:9378 <-> DISABLED <-> MALWARE-OTHER netsky.q smtp propagation detection (malware-other.rules)
 * 1:9379 <-> DISABLED <-> MALWARE-OTHER netsky.s smtp propagation detection (malware-other.rules)
 * 1:9380 <-> DISABLED <-> MALWARE-OTHER jitux msn messenger propagation detection (malware-other.rules)
 * 1:9381 <-> DISABLED <-> MALWARE-OTHER lara smtp propagation detection (malware-other.rules)
 * 1:9382 <-> DISABLED <-> MALWARE-OTHER fearso.c smtp propagation detection (malware-other.rules)
 * 1:9383 <-> DISABLED <-> MALWARE-OTHER netsky.y smtp propagation detection (malware-other.rules)
 * 1:9384 <-> DISABLED <-> MALWARE-OTHER beglur.a smtp propagation detection (malware-other.rules)
 * 1:9385 <-> DISABLED <-> MALWARE-OTHER collo.a smtp propagation detection (malware-other.rules)
 * 1:9386 <-> DISABLED <-> MALWARE-OTHER bagle.f smtp propagation detection (malware-other.rules)
 * 1:9387 <-> DISABLED <-> MALWARE-OTHER klez.j web propagation detection (malware-other.rules)
 * 1:9388 <-> DISABLED <-> MALWARE-OTHER mimail.g smtp propagation detection (malware-other.rules)
 * 1:9389 <-> DISABLED <-> MALWARE-OTHER bagle.i smtp propagation detection (malware-other.rules)
 * 1:9390 <-> DISABLED <-> MALWARE-OTHER deborm.d netshare propagation detection (malware-other.rules)
 * 1:9391 <-> DISABLED <-> MALWARE-OTHER mimail.i smtp propagation detection (malware-other.rules)
 * 1:9392 <-> DISABLED <-> MALWARE-OTHER bagle.j smtp propagation detection (malware-other.rules)
 * 1:9393 <-> DISABLED <-> MALWARE-OTHER bagle.k smtp propagation detection (malware-other.rules)
 * 1:9394 <-> DISABLED <-> MALWARE-OTHER bagle.n smtp propagation detection (malware-other.rules)
 * 1:9395 <-> DISABLED <-> MALWARE-OTHER deborm.j netshare propagation detection (malware-other.rules)
 * 1:9396 <-> DISABLED <-> MALWARE-OTHER deborm.t netshare propagation detection (malware-other.rules)
 * 1:9397 <-> DISABLED <-> MALWARE-OTHER neysid smtp propagation detection (malware-other.rules)
 * 1:9398 <-> DISABLED <-> MALWARE-OTHER totilix.a smtp propagation detection (malware-other.rules)
 * 1:9399 <-> DISABLED <-> MALWARE-OTHER hanged smtp propagation detection (malware-other.rules)
 * 1:9400 <-> DISABLED <-> MALWARE-OTHER abotus smtp propagation detection (malware-other.rules)
 * 1:9401 <-> DISABLED <-> MALWARE-OTHER gokar http propagation detection (malware-other.rules)
 * 1:9402 <-> DISABLED <-> MALWARE-OTHER welchia tftp propagation detection (malware-other.rules)
 * 1:9403 <-> DISABLED <-> MALWARE-OTHER netsky.aa smtp propagation detection (malware-other.rules)
 * 1:9404 <-> DISABLED <-> MALWARE-OTHER netsky.ac smtp propagation detection (malware-other.rules)
 * 1:9406 <-> DISABLED <-> MALWARE-OTHER lovgate.e smtp propagation detection (malware-other.rules)
 * 1:9407 <-> DISABLED <-> MALWARE-OTHER lovgate.b netshare propagation detection (malware-other.rules)
 * 1:9408 <-> DISABLED <-> MALWARE-OTHER lacrow smtp propagation detection (malware-other.rules)
 * 1:9657 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:9658 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection (malware-backdoor.rules)
 * 1:9659 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection - file manage (malware-backdoor.rules)
 * 1:9660 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection (malware-backdoor.rules)
 * 1:9661 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection - show processes (malware-backdoor.rules)
 * 1:9662 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection (malware-backdoor.rules)
 * 1:9663 <-> DISABLED <-> MALWARE-BACKDOOR bersek 1.0 runtime detection - start remote shell (malware-backdoor.rules)
 * 1:9664 <-> DISABLED <-> MALWARE-BACKDOOR crossbow 1.12 runtime detection (malware-backdoor.rules)
 * 1:9665 <-> DISABLED <-> MALWARE-BACKDOOR crossbow 1.12 runtime detection - init connection (malware-backdoor.rules)
 * 1:9837 <-> DISABLED <-> MALWARE-BACKDOOR sun shadow 1.70 runtime detection - init connection (malware-backdoor.rules)
 * 1:9838 <-> DISABLED <-> MALWARE-BACKDOOR sun shadow 1.70 runtime detection - init connection (malware-backdoor.rules)
 * 1:9840 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime HREF Track Detected (file-multimedia.rules)
 * 1:10062 <-> DISABLED <-> FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (file-image.rules)
 * 1:10063 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (browser-firefox.rules)
 * 1:10065 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10066 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10067 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10068 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10069 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10070 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10071 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10072 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10073 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10074 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10075 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10076 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10077 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10078 <-> DISABLED <-> MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (malware-other.rules)
 * 1:10079 <-> DISABLED <-> MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (malware-other.rules)
 * 1:10080 <-> DISABLED <-> MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (malware-other.rules)
 * 1:10081 <-> DISABLED <-> MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (malware-other.rules)
 * 1:10082 <-> DISABLED <-> MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (malware-other.rules)
 * 1:10083 <-> DISABLED <-> MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (malware-other.rules)
 * 1:10113 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm command and control propagation detected (malware-cnc.rules)
 * 1:10114 <-> ENABLED <-> MALWARE-CNC Trojan Peacomm command and control propagation detected (malware-cnc.rules)
 * 1:10123 <-> DISABLED <-> VOIP PA168 chipset based IP phone default password attempt (voip.rules)
 * 1:10124 <-> DISABLED <-> VOIP PA168 chipset based IP phone authentication bypass (voip.rules)
 * 1:10126 <-> DISABLED <-> FILE-IMAGE Apple QuickTime JPEG Huffman Table integer underflow attempt (file-image.rules)
 * 1:10185 <-> DISABLED <-> MALWARE-BACKDOOR x-door runtime detection (malware-backdoor.rules)
 * 1:10403 <-> ENABLED <-> MALWARE-CNC Trojan.Duntek Checkin GET Request (malware-cnc.rules)
 * 1:1051 <-> DISABLED <-> FILE-OTHER technote main.cgi file directory traversal attempt (file-other.rules)
 * 1:11180 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie ftyp buffer underflow (file-multimedia.rules)
 * 1:11257 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:11267 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop PNG file handling stack buffer overflow attempt (file-image.rules)
 * 1:118 <-> DISABLED <-> MALWARE-BACKDOOR SatansBackdoor.2.0.Beta (malware-backdoor.rules)
 * 1:11834 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer navcancl.htm url spoofing attempt (browser-ie.rules)
 * 1:11950 <-> DISABLED <-> MALWARE-CNC killav_gj (malware-cnc.rules)
 * 1:11966 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS tag memory corruption attempt (browser-ie.rules)
 * 1:12014 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer navcancl.htm url spoofing attempt (browser-ie.rules)
 * 1:12043 <-> DISABLED <-> WEB-IIS Microsoft XML parser IIS WebDAV attack attempt (web-iis.rules)
 * 1:12183 <-> DISABLED <-> FILE-FLASH Adobe FLV long string script data buffer overflow (file-flash.rules)
 * 1:12239 <-> DISABLED <-> MALWARE-BACKDOOR webcenter v1.0 Backdoor - init connection (malware-backdoor.rules)
 * 1:12277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption exploit (browser-ie.rules)
 * 1:12280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12281 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (browser-ie.rules)
 * 1:12593 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Apple Quicktime chrome exploit (browser-firefox.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12664 <-> ENABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12707 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer lyrics heap overflow attempt (file-multimedia.rules)
 * 1:12728 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks SMIL wallclock stack overflow attempt (file-multimedia.rules)
 * 1:12743 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture description metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12744 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC VORBIS string buffer overflow attempt (file-multimedia.rules)
 * 1:12745 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD atom overflow attempt (file-multimedia.rules)
 * 1:12770 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows obfuscated RDS.Dataspace ActiveX exploit attempt (web-activex.rules)
 * 1:12771 <-> DISABLED <-> WEB-ACTIVEX obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (web-activex.rules)
 * 1:12772 <-> DISABLED <-> WEB-ACTIVEX obfuscated PPStream PowerPlayer ActiveX exploit attempt (web-activex.rules)
 * 1:12773 <-> DISABLED <-> WEB-ACTIVEX obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (web-activex.rules)
 * 1:12774 <-> DISABLED <-> WEB-ACTIVEX obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (web-activex.rules)
 * 1:12775 <-> DISABLED <-> WEB-ACTIVEX RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (web-activex.rules)
 * 1:12971 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:13158 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13248 <-> DISABLED <-> MALWARE-CNC yuri 1.2 runtime detection - init connection (malware-cnc.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:13300 <-> ENABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:13301 <-> ENABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image width overflow attempt (file-flash.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13317 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing nam buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13453 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13454 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (browser-ie.rules)
 * 1:13455 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call access (browser-ie.rules)
 * 1:13456 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (browser-ie.rules)
 * 1:13466 <-> ENABLED <-> FILE-OFFICE Microsoft Works file converter file section length headers memory corruption attempt (file-office.rules)
 * 1:13509 <-> DISABLED <-> MALWARE-CNC xploit 1.4.5 pc runtime detection (malware-cnc.rules)
 * 1:13677 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream memory corruption attempt (browser-ie.rules)
 * 1:13820 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13821 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer request header overwrite (browser-ie.rules)
 * 1:13838 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:13917 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13919 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13920 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:13934 <-> DISABLED <-> MALWARE-CNC Hijacker mediatubecodec 1.470.0 runtime detection - hijack ie (malware-cnc.rules)
 * 1:13935 <-> DISABLED <-> MALWARE-CNC Hijacker mediatubecodec 1.470.0 runtime detection - download other malware (malware-cnc.rules)
 * 1:13936 <-> DISABLED <-> MALWARE-CNC Trickler dropper agent.rqg runtime detection - call home (malware-cnc.rules)
 * 1:13953 <-> DISABLED <-> MALWARE-CNC Asprox trojan initial query (malware-cnc.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13961 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer table layout access violation vulnerability (browser-ie.rules)
 * 1:13962 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MHTML zone control bypass attempt (browser-ie.rules)
 * 1:13963 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling vulnerability (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption (browser-ie.rules)
 * 1:13974 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XHTML element memory corruption attempt (browser-ie.rules)
 * 1:13980 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer http status response memory corruption vulnerability (browser-ie.rules)
 * 1:14643 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer location and location.href cross domain security bypass vulnerability (browser-ie.rules)
 * 1:14644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain unfocusable HTML element (browser-ie.rules)
 * 1:14645 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain setExpression exploit attempt (browser-ie.rules)
 * 1:14656 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer XSS mouseevent PII disclosure attempt (browser-ie.rules)
 * 1:14657 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain componentFromPoint memory corruption attempt (browser-ie.rules)
 * 1:15012 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML DLL memory corruption attempt (browser-ie.rules)
 * 1:15080 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt (file-multimedia.rules)
 * 1:15082 <-> ENABLED <-> FILE-OTHER Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (file-other.rules)
 * 1:15104 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:15106 <-> ENABLED <-> FILE-OTHER Microsoft Office Word .rtf file integer overflow attempt (file-other.rules)
 * 1:15107 <-> DISABLED <-> FILE-OTHER Microsoft Office Word .rtf file stylesheet buffer overflow attempt (file-other.rules)
 * 1:15114 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer embed src buffer overflow attempt (browser-ie.rules)
 * 1:15126 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (browser-ie.rules)
 * 1:15147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
 * 1:15166 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player RealText buffer overflow attempt (file-multimedia.rules)
 * 1:15167 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cn dns query (indicator-compromise.rules)
 * 1:15168 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .ru dns query (indicator-compromise.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15241 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC real.c ReadRealIndex real demuxer integer overflow attempt (file-multimedia.rules)
 * 1:15295 <-> DISABLED <-> MALWARE-CNC Trojan.Bankpatch.C configuration (malware-cnc.rules)
 * 1:15296 <-> DISABLED <-> MALWARE-CNC Trojan.Bankpatch.C malicious file download (malware-cnc.rules)
 * 1:15297 <-> DISABLED <-> MALWARE-CNC Trojan.Bankpatch.C report home (malware-cnc.rules)
 * 1:15304 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:15305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:15383 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (browser-firefox.rules)
 * 1:15423 <-> DISABLED <-> MALWARE-CNC Clampi virus communication detected (malware-cnc.rules)
 * 1:15428 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing memory corruption attempt (browser-firefox.rules)
 * 1:15431 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:15458 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer navigating between pages race condition attempt (browser-ie.rules)
 * 1:15459 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15461 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer marquee tag onstart memory corruption (browser-ie.rules)
 * 1:15468 <-> DISABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15478 <-> ENABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:15480 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime movie record invalid version number exploit attempt (file-multimedia.rules)
 * 1:15481 <-> ENABLED <-> MALWARE-CNC Zeus/Zbot malware config file download request (malware-cnc.rules)
 * 1:15487 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt (file-multimedia.rules)
 * 1:15517 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:15526 <-> ENABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15529 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15531 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Unexpected method call remote code execution attempt (browser-ie.rules)
 * 1:15534 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XML HttpRequest race condition exploit attempt (browser-ie.rules)
 * 1:15535 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setCapture heap corruption exploit attempt (browser-ie.rules)
 * 1:15536 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object modification exploit attempt (browser-ie.rules)
 * 1:15538 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules)
 * 1:15540 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM memory corruption attempt (browser-ie.rules)
 * 1:15553 <-> ENABLED <-> MALWARE-CNC Sality virus HTTP GET request (malware-cnc.rules)
 * 1:15559 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime Movie File Clipping Region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:15563 <-> ENABLED <-> MALWARE-CNC RSPlug Trojan server connection (malware-cnc.rules)
 * 1:15564 <-> ENABLED <-> MALWARE-CNC RSPlug Trojan file download (malware-cnc.rules)
 * 1:15565 <-> ENABLED <-> MALWARE-CNC RSPlug Trojan file download (malware-cnc.rules)
 * 1:15578 <-> DISABLED <-> MALWARE-TOOLS Slowloris http DoS tool (malware-tools.rules)
 * 1:15583 <-> DISABLED <-> FILE-OTHER F-Secure AntiVirus library heap overflow attempt (file-other.rules)
 * 1:15678 <-> ENABLED <-> WEB-ACTIVEX Microsoft DirectShow ActiveX exploit via JavaScript (web-activex.rules)
 * 1:15679 <-> DISABLED <-> WEB-ACTIVEX Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (web-activex.rules)
 * 1:15682 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow QuickTime file stsc atom parsing heap corruption attempt (file-multimedia.rules)
 * 1:15699 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox 3.5 unicode stack overflow attempt (browser-firefox.rules)
 * 1:15729 <-> ENABLED <-> FILE-FLASH Possible Adobe Flash ActionScript byte_array heap spray attempt (file-flash.rules)
 * 1:15730 <-> ENABLED <-> MALWARE-CNC Delf Trojan POST (malware-cnc.rules)
 * 1:15731 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript deleted reference arbitrary code execution attempt (browser-ie.rules)
 * 1:15732 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS handling memory corruption attempt (browser-ie.rules)
 * 1:15733 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (browser-ie.rules)
 * 1:15854 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:15869 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempet (file-flash.rules)
 * 1:15872 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (browser-firefox.rules)
 * 1:15873 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox location spoofing via invalid window.open characters (browser-firefox.rules)
 * 1:15880 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer popup window object tag code execution attempt (browser-ie.rules)
 * 1:15901 <-> ENABLED <-> FILE-MULTIMEDIA Nullsoft Winamp AIFF parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:15909 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:15910 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:15933 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer URL canonicalization address bar spoofing attempt (browser-ie.rules)
 * 1:15938 <-> ENABLED <-> MALWARE-CNC SubSeven client connection to server (malware-cnc.rules)
 * 1:15951 <-> DISABLED <-> MYSQL MaxDB Webtool GET command overflow attempt (mysql.rules)
 * 1:15993 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript intrf_count integer overflow attempt (file-flash.rules)
 * 1:15995 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed avi file mjpeg compression arbitrary code execution attempt (file-multimedia.rules)
 * 1:15997 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox JIT escape function memory corruption attempt (browser-firefox.rules)
 * 1:16000 <-> ENABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:16007 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:16010 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Javascript Page update race condition attempt (browser-ie.rules)
 * 1:16011 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS property method handling memory corruption attempt (browser-ie.rules)
 * 1:16020 <-> DISABLED <-> MYSQL login handshake information disclosure attempt (mysql.rules)
 * 1:16022 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16023 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16031 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested object tag memory corruption attempt (browser-ie.rules)
 * 1:16032 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML Decoding memory corruption attempt (browser-ie.rules)
 * 1:16033 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed content attempt (browser-ie.rules)
 * 1:16035 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16041 <-> DISABLED <-> FILE-OTHER Apple QuickTime FLIC animation file buffer overflow attempt (file-other.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox CSS Letter-Spacing overflow attempt (browser-firefox.rules)
 * 1:16045 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:16047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox layout frame constructor memory corruption attempt (browser-firefox.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16055 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes AAC file handling integer overflow attempt (file-multimedia.rules)
 * 1:16063 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer isindex buffer overflow attempt (browser-ie.rules)
 * 1:16064 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt (browser-ie.rules)
 * 1:16065 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer location.replace memory corruption attempt (browser-ie.rules)
 * 1:16067 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (browser-ie.rules)
 * 1:16068 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music Jukebox ActiveX exploit (web-activex.rules)
 * 1:16090 <-> DISABLED <-> WEB-ACTIVEX Microsoft Core XML core services XMLHTTP control open method code execution attempt (web-activex.rules)
 * 1:16092 <-> DISABLED <-> MALWARE-BACKDOOR win32.delf.jwh runtime detection (malware-backdoor.rules)
 * 1:16097 <-> DISABLED <-> MALWARE-CNC trojan win32.agent.vvm runtime detection (malware-cnc.rules)
 * 1:16124 <-> DISABLED <-> MALWARE-CNC downloader trojan.nsis.agent.s runtime detection (malware-cnc.rules)
 * 1:16139 <-> DISABLED <-> MALWARE-CNC downloader_trojan.gen2 runtime detection - scanner page (malware-cnc.rules)
 * 1:16142 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox PKCS11 module installation code execution attempt (browser-firefox.rules)
 * 1:16144 <-> ENABLED <-> MALWARE-CNC Bredolab bot contact to C&C server (malware-cnc.rules)
 * 1:16145 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:16147 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS malformed URL .dll denial of service attempt (web-iis.rules)
 * 1:16148 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime and iTunes heap memory corruption attempt (file-multimedia.rules)
 * 1:16149 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:16151 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer unitialized or deleted object access attempt (browser-ie.rules)
 * 1:16152 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer table layout unitialized or deleted object access attempt (browser-ie.rules)
 * 1:16155 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer indexing service malformed parameters (browser-ie.rules)
 * 1:16169 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:16183 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET MSIL CombineImpl suspicious usage attempt (file-executable.rules)
 * 1:16184 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16186 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt (file-image.rules)
 * 1:16200 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox command line URL shell command injection attempt (browser-firefox.rules)
 * 1:16220 <-> ENABLED <-> FILE-OTHER Adobe Shockwave director file malformed lcsr block memory corruption attempt (file-other.rules)
 * 1:16223 <-> ENABLED <-> FILE-OTHER Adobe Shockwave tSAC pointer overwrite attempt (file-other.rules)
 * 1:16224 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes invalid tref box exploit attempt (file-multimedia.rules)
 * 1:16225 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Flash arbitrary memory access attempt (file-other.rules)
 * 1:16244 <-> DISABLED <-> SPYWARE-PUT rogue software xp police antivirus runtime detection - purchase (spyware-put.rules)
 * 1:16245 <-> DISABLED <-> SPYWARE-PUT rogue software xp police antivirus install-timedetection (spyware-put.rules)
 * 1:16246 <-> DISABLED <-> SPYWARE-PUT rogue software spyware protect 2009 runtime detection - purchase request (spyware-put.rules)
 * 1:16247 <-> DISABLED <-> SPYWARE-PUT rogue software spyware protect 2009 runtime detection - block (spyware-put.rules)
 * 1:16248 <-> DISABLED <-> SPYWARE-PUT rogue software ms antispyware 2009 runtime detection - start (spyware-put.rules)
 * 1:16249 <-> DISABLED <-> SPYWARE-PUT rogue software ms antispyware 2009 runtime detection - pay (spyware-put.rules)
 * 1:16250 <-> DISABLED <-> SPYWARE-PUT rogue software win pc defender runtime detection (spyware-put.rules)
 * 1:16251 <-> DISABLED <-> SPYWARE-PUT rogue software win pc defender installtime detection (spyware-put.rules)
 * 1:16252 <-> DISABLED <-> SPYWARE-PUT rogue software pro antispyware 2009 runtime detection - purchase (spyware-put.rules)
 * 1:16253 <-> DISABLED <-> SPYWARE-PUT rogue software system security 2009 runtime detection (spyware-put.rules)
 * 1:16254 <-> DISABLED <-> SPYWARE-PUT rogue software system security 2009 installtime detection (spyware-put.rules)
 * 1:16255 <-> DISABLED <-> SPYWARE-PUT rogue software system security 2009 installtime detection (spyware-put.rules)
 * 1:16256 <-> DISABLED <-> SPYWARE-PUT rogue software coreguard antivirus 2009 runtime detection (spyware-put.rules)
 * 1:16257 <-> DISABLED <-> SPYWARE-PUT rogue software perfect defender 2009 runtime detection - update (spyware-put.rules)
 * 1:16258 <-> DISABLED <-> SPYWARE-PUT rogue software perfect defender 2009 runtime detection - purchase (spyware-put.rules)
 * 1:16259 <-> DISABLED <-> SPYWARE-PUT rogue software antivirusdoktor2009 runtime detection (spyware-put.rules)
 * 1:16260 <-> DISABLED <-> SPYWARE-PUT rogue software xp antivirus protection runtime detection - installation (spyware-put.rules)
 * 1:16261 <-> DISABLED <-> SPYWARE-PUT rogue software xp antivirus protection runtime detection - runtime (spyware-put.rules)
 * 1:16262 <-> DISABLED <-> SPYWARE-PUT rogue software xp-shield runtime detection (spyware-put.rules)
 * 1:16263 <-> DISABLED <-> SPYWARE-PUT rogue software xp-shield runtime detection - installation (spyware-put.rules)
 * 1:16264 <-> DISABLED <-> SPYWARE-PUT rogue software 007 anti-spyware runtime detection - update (spyware-put.rules)
 * 1:16265 <-> DISABLED <-> SPYWARE-PUT rogue software 007 anti-spyware runtime detection - register (spyware-put.rules)
 * 1:16266 <-> DISABLED <-> SPYWARE-PUT rogue software pc antispyware 2010 runtime detection - buy (spyware-put.rules)
 * 1:16267 <-> DISABLED <-> SPYWARE-PUT rogue software pc antispyware 2010 runtime detection - files (spyware-put.rules)
 * 1:16270 <-> DISABLED <-> MALWARE-CNC Trojan.TDSS.1.Gen keepalive detection (malware-cnc.rules)
 * 1:16271 <-> DISABLED <-> MALWARE-CNC Trojan.TDSS.1.Gen keepalive detection (malware-cnc.rules)
 * 1:16274 <-> DISABLED <-> MALWARE-CNC Trickler trojan-spy.win32.pophot runtime detection - connect to server (malware-cnc.rules)
 * 1:16275 <-> DISABLED <-> MALWARE-CNC Trickler trojan-spy.win32.pophot runtime detection - download files (malware-cnc.rules)
 * 1:16284 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (browser-firefox.rules)
 * 1:16293 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Flash memory corruption attempt (file-other.rules)
 * 1:16297 <-> ENABLED <-> MALWARE-CNC Palevo bot DNS request for C&C (malware-cnc.rules)
 * 1:16298 <-> ENABLED <-> MALWARE-CNC Palevo bot DNS request (malware-cnc.rules)
 * 1:16299 <-> ENABLED <-> MALWARE-CNC Palevo bot DNS request (malware-cnc.rules)
 * 1:16300 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:16301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:16302 <-> ENABLED <-> MALWARE-CNC Virut DNS request for C&C (malware-cnc.rules)
 * 1:16303 <-> ENABLED <-> MALWARE-CNC Virut DNS request (malware-cnc.rules)
 * 1:16304 <-> ENABLED <-> MALWARE-CNC Virut DNS request (malware-cnc.rules)
 * 1:16310 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7 outerHTML invalid reference arbitrary code execution attempt (browser-ie.rules)
 * 1:16311 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbitrary code execution attempt (browser-ie.rules)
 * 1:16315 <-> DISABLED <-> FILE-FLASH Adobe Flash PlugIn check if file exists attempt (file-flash.rules)
 * 1:16317 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mouse move during refresh memory corruption attempt (browser-ie.rules)
 * 1:16319 <-> DISABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat attempt (browser-ie.rules)
 * 1:16321 <-> ENABLED <-> FILE-IMAGE Adobe tiff oversized image length attempt (file-image.rules)
 * 1:16326 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules)
 * 1:16330 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer orphan DOM objects memory corruption attempt (browser-ie.rules)
 * 1:16331 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (file-flash.rules)
 * 1:16339 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt - obfuscated (browser-ie.rules)
 * 1:16340 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Media Player DHTML Editing ActiveX clsid access (web-activex.rules)
 * 1:16342 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:16344 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox top-level script object offset calculation memory corruption attempt (browser-firefox.rules)
 * 1:16347 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (browser-firefox.rules)
 * 1:16348 <-> ENABLED <-> MYSQL database PROCEDURE ANALYSE denial of service attempt - 1 (mysql.rules)
 * 1:16349 <-> ENABLED <-> MYSQL database Procedure Analyse denial of service attempt - 2 (mysql.rules)
 * 1:16353 <-> ENABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules)
 * 1:16360 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:16367 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:16368 <-> ENABLED <-> MALWARE-CNC Hydraq/Aurora connection to C&C server (malware-cnc.rules)
 * 1:16369 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (browser-ie.rules)
 * 1:16376 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onPropertyChange deleteTable memory corruption attempt (browser-ie.rules)
 * 1:16377 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:16378 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (browser-ie.rules)
 * 1:16382 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML+TIME animatemotion property memory corruption attempt (browser-ie.rules)
 * 1:16391 <-> ENABLED <-> MALWARE-CNC Gozi Trojan connection to C&C (malware-cnc.rules)
 * 1:16422 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field (file-image.rules)
 * 1:16423 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect attempt (browser-ie.rules)
 * 1:16439 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - _TEST_ (malware-cnc.rules)
 * 1:16440 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - ie (malware-cnc.rules)
 * 1:16441 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - Download (malware-cnc.rules)
 * 1:16442 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - Mozilla (malware-cnc.rules)
 * 1:16452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer .hlp samba share download attempt (browser-ie.rules)
 * 1:16457 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader.Win32.Cutwail.AI runtime detection (malware-cnc.rules)
 * 1:16459 <-> ENABLED <-> MALWARE-CNC Trojan command and control communication (malware-cnc.rules)
 * 1:16481 <-> DISABLED <-> BROWSER-OTHER Opera Content-Length header integer overflow attempt (browser-other.rules)
 * 1:16482 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:16483 <-> DISABLED <-> MALWARE-CNC Koobface worm submission of collected data to C&C server (malware-cnc.rules)
 * 1:16484 <-> ENABLED <-> MALWARE-CNC Koobface contact to C&C server (malware-cnc.rules)
 * 1:16485 <-> ENABLED <-> MALWARE-CNC Koobface request for captcha (malware-cnc.rules)
 * 1:16489 <-> ENABLED <-> MALWARE-CNC Bobax botnet contact to C&C server (malware-cnc.rules)
 * 1:16492 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari inline text box use after free attempt (browser-webkit.rules)
 * 1:16493 <-> ENABLED <-> MALWARE-CNC TT-bot botnet contact to C&C server (malware-cnc.rules)
 * 1:16495 <-> DISABLED <-> MALWARE-CNC Rustock botnet contact to C&C server (malware-cnc.rules)
 * 1:16496 <-> ENABLED <-> MALWARE-CNC Trojan hacktool attempt to contact server (malware-cnc.rules)
 * 1:16501 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - TrueType (browser-firefox.rules)
 * 1:16502 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (browser-firefox.rules)
 * 1:16503 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules)
 * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:16507 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules)
 * 1:16508 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (browser-ie.rules)
 * 1:16512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (browser-ie.rules)
 * 1:16526 <-> ENABLED <-> MALWARE-CNC VanBot IRC communication (malware-cnc.rules)
 * 1:16527 <-> ENABLED <-> MALWARE-CNC Zbot malware config file download request (malware-cnc.rules)
 * 1:16528 <-> ENABLED <-> MALWARE-CNC Zbot malware config file download request (malware-cnc.rules)
 * 1:16558 <-> DISABLED <-> MALWARE-CNC SdBot IRC Trojan server to client communication (malware-cnc.rules)
 * 1:16575 <-> DISABLED <-> WEB-ACTIVEX RKD Software BarCode ActiveX buffer overflow attempt (web-activex.rules)
 * 1:16580 <-> DISABLED <-> WEB-ACTIVEX NCTAudioFile2 ActiveX clsid access via object tag (web-activex.rules)
 * 1:16581 <-> DISABLED <-> WEB-ACTIVEX Persits Software XUpload ActiveX clsid unsafe function access attempt (web-activex.rules)
 * 1:16584 <-> ENABLED <-> BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (browser-ie.rules)
 * 1:16588 <-> ENABLED <-> WEB-ACTIVEX iseemedia LPViewer ActiveX exploit attempt (web-activex.rules)
 * 1:16589 <-> ENABLED <-> WEB-ACTIVEX iseemedia LPViewer ActiveX buffer overflows attempt (web-activex.rules)
 * 1:16590 <-> DISABLED <-> WEB-ACTIVEX Oracle EasyMail Objects ActiveX exploit attempt (web-activex.rules)
 * 1:16591 <-> DISABLED <-> WEB-ACTIVEX Oracle EasyMail Objects ActiveX exploit attempt (web-activex.rules)
 * 1:16592 <-> ENABLED <-> BROWSER-OTHER Opera asynchronous document modifications attempted memory corruption (browser-other.rules)
 * 1:16596 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari information disclosure and remote code execution attempt (browser-webkit.rules)
 * 1:16599 <-> ENABLED <-> WEB-ACTIVEX AtHocGov IWSAlerts ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:16602 <-> DISABLED <-> WEB-ACTIVEX Microsoft DirectShow 3 ActiveX exploit via JavaScript (web-activex.rules)
 * 1:16605 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer nested SPAN tag memory corruption attempt (browser-ie.rules)
 * 1:16607 <-> DISABLED <-> WEB-ACTIVEX RealNetworks RealPlayer RAM Download Handler ActiveX exploit attempt (web-activex.rules)
 * 1:16608 <-> DISABLED <-> WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX buffer overflow attempt (web-activex.rules)
 * 1:16609 <-> DISABLED <-> WEB-ACTIVEX RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (web-activex.rules)
 * 1:16610 <-> DISABLED <-> WEB-ACTIVEX IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (web-activex.rules)
 * 1:16612 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox oversized SOCKS5 DNS reply memory corruption attempt (browser-firefox.rules)
 * 1:16613 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - cmd (indicator-compromise.rules)
 * 1:16614 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - search (indicator-compromise.rules)
 * 1:16615 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - upload (indicator-compromise.rules)
 * 1:16616 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - about (indicator-compromise.rules)
 * 1:16617 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - encoder (indicator-compromise.rules)
 * 1:16618 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - bind (indicator-compromise.rules)
 * 1:16619 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ps_aux (indicator-compromise.rules)
 * 1:16620 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (indicator-compromise.rules)
 * 1:16621 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - security (indicator-compromise.rules)
 * 1:16622 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - sql (indicator-compromise.rules)
 * 1:16623 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - eval (indicator-compromise.rules)
 * 1:16624 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - feedback (indicator-compromise.rules)
 * 1:16625 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - selfremove (indicator-compromise.rules)
 * 1:16626 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - fsbuff (indicator-compromise.rules)
 * 1:16627 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ls (indicator-compromise.rules)
 * 1:16628 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - phpinfo (indicator-compromise.rules)
 * 1:16631 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after remove attempt (browser-webkit.rules)
 * 1:16632 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after reparent attempt (browser-webkit.rules)
 * 1:16634 <-> ENABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:16637 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer security zone restriction bypass attempt (browser-ie.rules)
 * 1:16659 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:16661 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:16666 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari window.parent.close unspecified remote code execution vulnerability (browser-webkit.rules)
 * 1:16668 <-> ENABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt - 2 (browser-chrome.rules)
 * 1:16669 <-> ENABLED <-> MALWARE-CNC Spyeye bot contact to C&C server (malware-cnc.rules)
 * 1:16670 <-> ENABLED <-> MALWARE-CNC Koobface worm executable download (malware-cnc.rules)
 * 1:16671 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access ActiveX exploit attempt (web-activex.rules)
 * 1:16672 <-> ENABLED <-> WEB-ACTIVEX Symantec Backup Exec ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:16673 <-> DISABLED <-> FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (file-other.rules)
 * 1:16675 <-> DISABLED <-> WEB-ACTIVEX CA BrightStor ListCtrl ActiveX exploit attempt (web-activex.rules)
 * 1:16683 <-> ENABLED <-> FILE-MULTIMEDIA Nullsoft Winamp CAF file processing integer overflow attempt (file-multimedia.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16693 <-> ENABLED <-> MALWARE-CNC Torpig bot sinkhole server DNS lookup (malware-cnc.rules)
 * 1:16695 <-> ENABLED <-> MALWARE-CNC Rogue AV download/update atttempt (malware-cnc.rules)
 * 1:16703 <-> ENABLED <-> MYSQL Database COM_FIELD_LIST Buffer Overflow attempt (mysql.rules)
 * 1:16704 <-> ENABLED <-> WEB-ACTIVEX CA eTrust PestPatrol 'ppctl.dll' ActiveX Initialize method overflow attempt (web-activex.rules)
 * 1:16714 <-> ENABLED <-> WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX Control buffer overflow attempt (web-activex.rules)
 * 1:16715 <-> ENABLED <-> WEB-ACTIVEX SaschArt SasCam Webcam Server ActiveX control exploit attempt (web-activex.rules)
 * 1:16716 <-> DISABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen PNG processing buffer overflow attempt (file-image.rules)
 * 1:16725 <-> DISABLED <-> WEB-ACTIVEX ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (web-activex.rules)
 * 1:16729 <-> ENABLED <-> WEB-ACTIVEX McAfee Remediation client ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:16740 <-> ENABLED <-> WEB-ACTIVEX Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (web-activex.rules)
 * 1:16741 <-> ENABLED <-> WEB-ACTIVEX Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (web-activex.rules)
 * 1:16745 <-> ENABLED <-> WEB-ACTIVEX DjVu ActiveX control ImageURL property overflow attempt (web-activex.rules)
 * 1:16771 <-> ENABLED <-> WEB-ACTIVEX AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (web-activex.rules)
 * 1:16776 <-> ENABLED <-> WEB-ACTIVEX KeyWorks KeyHelp 'keyhelp.ocx' ActiveX control multiple method overflow attempt (web-activex.rules)
 * 1:16789 <-> ENABLED <-> WEB-ACTIVEX Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 1 (web-activex.rules)
 * 1:16790 <-> ENABLED <-> WEB-ACTIVEX Chilkat Crypt 2 ActiveX WriteFile method arbitrary file overwrite attempt - 2 (web-activex.rules)
 * 1:16795 <-> DISABLED <-> BROWSER-CHROME Google Chrome FTP handling out-of-bounds array index denial of service attempt (browser-chrome.rules)
 * 1:16809 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16810 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16811 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16812 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16813 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16814 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16815 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16816 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16817 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16818 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16819 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16820 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16821 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16822 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16823 <-> ENABLED <-> MALWARE-CNC Win32.Trojan.FlyStudio known command and control channel traffic (malware-cnc.rules)
 * 1:16824 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16825 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16826 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16827 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16828 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16829 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16830 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16831 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16832 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16833 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:17058 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.JS.Agent.ewh Javascript download (malware-cnc.rules)
 * 1:17060 <-> ENABLED <-> WEB-ACTIVEX Roxio CinePlayer SonicDVDDashVRNav.dll ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:17077 <-> DISABLED <-> WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:17086 <-> ENABLED <-> WEB-ACTIVEX Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:17091 <-> ENABLED <-> WEB-ACTIVEX VeryDOC PDF Viewer ActiveX control OpenPDF buffer overflow attempt (web-activex.rules)
 * 1:17098 <-> ENABLED <-> WEB-ACTIVEX AOL IWinAmpActiveX class ConvertFile buffer overflow attempt (web-activex.rules)
 * 1:17117 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules)
 * 1:17120 <-> ENABLED <-> FILE-OTHER Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-other.rules)
 * 1:17121 <-> ENABLED <-> FILE-OTHER Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-other.rules)
 * 1:17122 <-> ENABLED <-> FILE-OTHER Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-other.rules)
 * 1:17123 <-> ENABLED <-> FILE-OTHER Microsoft Office Word rich text format invalid field size memory corruption attempt (file-other.rules)
 * 1:17128 <-> ENABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules)
 * 1:17129 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use-after-free memory corruption attempt (browser-ie.rules)
 * 1:17130 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution (browser-ie.rules)
 * 1:17131 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (browser-ie.rules)
 * 1:17132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access attempt (browser-ie.rules)
 * 1:17136 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (browser-ie.rules)
 * 1:17141 <-> ENABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules)
 * 1:17142 <-> ENABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:17150 <-> ENABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 3 (file-multimedia.rules)
 * 1:17153 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (browser-firefox.rules)
 * 1:17154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (browser-firefox.rules)
 * 1:17160 <-> DISABLED <-> WEB-ACTIVEX Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile buffer overflow attempt (web-activex.rules)
 * 1:17165 <-> DISABLED <-> BROWSER-OTHER Opera browser document writing uninitialized memory access attempt (browser-other.rules)
 * 1:17179 <-> ENABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules)
 * 1:17180 <-> ENABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17181 <-> ENABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17182 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17183 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17184 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17185 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17186 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17187 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17188 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17189 <-> ENABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17190 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17191 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17192 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17193 <-> ENABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17194 <-> ENABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules)
 * 1:17196 <-> ENABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17197 <-> ENABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17198 <-> ENABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17200 <-> ENABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules)
 * 1:17202 <-> ENABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:17203 <-> ENABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules)
 * 1:17204 <-> ENABLED <-> FILE-OTHER Adobe Director file file mmap overflow attempt (file-other.rules)
 * 1:17212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript eval arbitrary code execution attempt (browser-firefox.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17216 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari TABLE tag with large CELLSPACING attribute exploit attempt (browser-webkit.rules)
 * 1:17217 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari invalid FRAME tag remote code execution attempt (browser-webkit.rules)
 * 1:17218 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari LI tag with large VALUE attribute exploit attempt (browser-webkit.rules)
 * 1:17219 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17223 <-> DISABLED <-> FILE-FLASH Adobe Flash Player navigateToURL cross-site scripting attempt (file-flash.rules)
 * 1:17231 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:17236 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt (browser-firefox.rules)
 * 1:17245 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox image dragging exploit attempt (browser-firefox.rules)
 * 1:17254 <-> ENABLED <-> WEB-IIS Microsoft Windows IIS stack exhaustion DoS attempt (web-iis.rules)
 * 1:17255 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS FastCGI heap overflow attempt (web-iis.rules)
 * 1:17257 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules)
 * 1:17258 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox XUL tree element code execution attempt (browser-firefox.rules)
 * 1:17260 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (browser-firefox.rules)
 * 1:17261 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17262 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17265 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin access control bypass attempt (browser-firefox.rules)
 * 1:17268 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox sidebar panel arbitrary code execution attempt (browser-firefox.rules)
 * 1:17303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clone object memory corruption attempt (browser-ie.rules)
 * 1:17311 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (browser-ie.rules)
 * 1:17312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (browser-ie.rules)
 * 1:17355 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer JPEG Decoder Vulnerabilities attempt (browser-ie.rules)
 * 1:17358 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Buffer Overflow attempt (file-executable.rules)
 * 1:17360 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:17363 <-> ENABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption (file-other.rules)
 * 1:17367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP Response Parsing Memory Corruption (browser-ie.rules)
 * 1:17372 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime udta atom parsing heap overflow vulnerability (file-multimedia.rules)
 * 1:17374 <-> ENABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17378 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow (browser-firefox.rules)
 * 1:17379 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow (browser-firefox.rules)
 * 1:17381 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime PDAT Atom parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17382 <-> ENABLED <-> FILE-OTHER Microsoft Project Invalid Memory Pointer Code Execution attempt (file-other.rules)
 * 1:17384 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17385 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17389 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox DOMNodeRemoved attack attempt (browser-firefox.rules)
 * 1:17395 <-> ENABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt (file-image.rules)
 * 1:17398 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (browser-firefox.rules)
 * 1:17399 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (browser-firefox.rules)
 * 1:17401 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt - unescaped (browser-ie.rules)
 * 1:17402 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (browser-ie.rules)
 * 1:17411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDF cross-domain scripting attempt (browser-ie.rules)
 * 1:17414 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17422 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (browser-firefox.rules)
 * 1:17424 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (browser-firefox.rules)
 * 1:17425 <-> ENABLED <-> WEB-ACTIVEX RealNetworks RealPlayer ActiveX Import playlist name buffer overflow attempt (web-activex.rules)
 * 1:17431 <-> ENABLED <-> WEB-IIS Microsoft Windows IIS SChannel improper certificate verification (web-iis.rules)
 * 1:17434 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Unicode sequence handling stack corruption attempt (browser-firefox.rules)
 * 1:17440 <-> DISABLED <-> WEB-IIS RSA authentication agent for web redirect buffer overflow attempt (web-iis.rules)
 * 1:17443 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft DirectShow AVI decoder buffer overflow attempt (file-multimedia.rules)
 * 1:17444 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:17446 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:17448 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability (browser-ie.rules)
 * 1:17457 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionDefineFunction memory access vulnerability exploit attempt (file-flash.rules)
 * 1:17462 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer marquee object handling memory corruption attempt (browser-ie.rules)
 * 1:17463 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer File Download Dialog Box Manipulation (browser-ie.rules)
 * 1:17466 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX exploit attempt (web-activex.rules)
 * 1:17469 <-> ENABLED <-> FILE-MULTIMEDIA Mplayer Real Demuxer stream_read heap overflow attempt (file-multimedia.rules)
 * 1:17470 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:17487 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt (browser-ie.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17490 <-> DISABLED <-> FILE-OTHER Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (file-other.rules)
 * 1:17493 <-> DISABLED <-> FILE-OTHER ClamAV UPX FileHandling Heap overflow attempt (file-other.rules)
 * 1:17494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Long URL Buffer Overflow attempt (browser-ie.rules)
 * 1:17512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17513 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17514 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17515 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17516 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17519 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (browser-firefox.rules)
 * 1:17522 <-> ENABLED <-> FILE-OTHER Oracle Java Runtime Environment Pack200 Decompression Integer Overflow (file-other.rules)
 * 1:17523 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime H.264 Movie File Buffer Overflow (file-multimedia.rules)
 * 1:17525 <-> ENABLED <-> WEB-IIS Microsoft Windows IIS 5.0 WebDav Request Directory Security Bypass (web-iis.rules)
 * 1:17527 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow (file-multimedia.rules)
 * 1:17531 <-> ENABLED <-> FILE-MULTIMEDIA Apple Quicktime MOV file JVTCompEncodeFrame heap overflow attempt (file-multimedia.rules)
 * 1:17541 <-> DISABLED <-> FILE-OTHER Avast! Antivirus Engine Remote LHA buffer overflow attempt (file-other.rules)
 * 1:17549 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Error Handling Code Execution (browser-ie.rules)
 * 1:17553 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17554 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (browser-ie.rules)
 * 1:17555 <-> ENABLED <-> WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX exploit attempt (web-activex.rules)
 * 1:17558 <-> ENABLED <-> FILE-IMAGE CUPS Gif Decoding Routine Buffer Overflow attempt (file-image.rules)
 * 1:17559 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (file-other.rules)
 * 1:17561 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt (file-multimedia.rules)
 * 1:17563 <-> ENABLED <-> FILE-OTHER Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow (file-other.rules)
 * 1:17566 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 7 Event Handler Memory Corruption (browser-ie.rules)
 * 1:17570 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17580 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:17581 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:17585 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer possible javascript onunload event memory corruption (browser-ie.rules)
 * 1:17587 <-> DISABLED <-> WEB-ACTIVEX Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (web-activex.rules)
 * 1:17601 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17603 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17606 <-> ENABLED <-> FILE-FLASH Adobe Flash ASnative command execution attempt (file-flash.rules)
 * 1:17610 <-> ENABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17611 <-> ENABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17612 <-> ENABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17622 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object reference memory corruption attempt (browser-ie.rules)
 * 1:17623 <-> ENABLED <-> FILE-OTHER Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-other.rules)
 * 1:17629 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17641 <-> ENABLED <-> FILE-PDF CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt (file-pdf.rules)
 * 1:17642 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt (browser-firefox.rules)
 * 1:17644 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17645 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS strings parsing memory corruption attempt (browser-ie.rules)
 * 1:17650 <-> ENABLED <-> FILE-OTHER Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (file-other.rules)
 * 1:17652 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS source code disclosure attempt (web-iis.rules)
 * 1:17653 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS source code disclosure attempt (web-iis.rules)
 * 1:17654 <-> ENABLED <-> WEB-ACTIVEX Facebook Photo Uploader ActiveX exploit attempt (web-activex.rules)
 * 1:17658 <-> ENABLED <-> FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (file-flash.rules)
 * 1:17685 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17686 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17687 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17688 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:17689 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:17692 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer ExecWB security zone bypass attempt (browser-ie.rules)
 * 1:17701 <-> ENABLED <-> WEB-ACTIVEX Office Viewer ActiveX arbitrary command execution attempt (web-activex.rules)
 * 1:17703 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer popup title bar spoofing attempt (browser-ie.rules)
 * 1:17709 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (browser-ie.rules)
 * 1:17719 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (browser-firefox.rules)
 * 1:17720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:17725 <-> DISABLED <-> BROWSER-OTHER Opera file URI handling buffer overflow (browser-other.rules)
 * 1:17726 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer address bar spoofing attempt (browser-ie.rules)
 * 1:17729 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (browser-ie.rules)
 * 1:17735 <-> ENABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17740 <-> DISABLED <-> FILE-IMAGE Apple Quicktime FlashPix processing overflow attempt (file-image.rules)
 * 1:17743 <-> ENABLED <-> FILE-OTHER Microsoft Office Word RTF parsing memory corruption (file-other.rules)
 * 1:17747 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules)
 * 1:17750 <-> DISABLED <-> WEB-IIS Microsoft IIS 7.5 client verify null pointer attempt (web-iis.rules)
 * 1:17753 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player network sharing service RTSP code execution attempt (file-multimedia.rules)
 * 1:17766 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt (browser-ie.rules)
 * 1:17767 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 tostaticHTML CSS import vulnerability (browser-ie.rules)
 * 1:17768 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (browser-ie.rules)
 * 1:17769 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules)
 * 1:17771 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain information disclosure attempt (browser-ie.rules)
 * 1:17774 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS XSRF exploit attempt (browser-ie.rules)
 * 1:17803 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:17804 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules)
 * 1:17805 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (malware-cnc.rules)
 * 1:17806 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17807 <-> ENABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17808 <-> ENABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:17815 <-> ENABLED <-> MALWARE-CNC Thinkpoint fake antivirus - user display (malware-cnc.rules)
 * 1:17816 <-> ENABLED <-> MALWARE-CNC Thinkpoint fake antivirus - credit card submission (malware-cnc.rules)
 * 1:18077 <-> ENABLED <-> BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (browser-firefox.rules)
 * 1:18078 <-> ENABLED <-> BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (browser-firefox.rules)
 * 1:18098 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Carberp (malware-cnc.rules)
 * 1:18099 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Carberp (malware-cnc.rules)
 * 1:18100 <-> DISABLED <-> MALWARE-CNC Tidserv malware command and control channel traffic (malware-cnc.rules)
 * 1:18170 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt (browser-firefox.rules)
 * 1:18174 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption attempt (browser-ie.rules)
 * 1:18175 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption attempt (browser-ie.rules)
 * 1:18176 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (browser-firefox.rules)
 * 1:18177 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (browser-firefox.rules)
 * 1:18178 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (browser-firefox.rules)
 * 1:18187 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox InstallTrigger.install memory corruption attempt (browser-firefox.rules)
 * 1:18193 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18194 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18196 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules)
 * 1:18216 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (browser-ie.rules)
 * 1:18217 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (browser-ie.rules)
 * 1:18218 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (browser-ie.rules)
 * 1:18221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (browser-ie.rules)
 * 1:18229 <-> ENABLED <-> FILE-OTHER Microsoft FlashPix tile length overflow attempt (file-other.rules)
 * 1:18240 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules)
 * 1:18243 <-> ENABLED <-> WEB-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (web-iis.rules)
 * 1:18261 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript engine String.toSource memory corruption attempt (browser-firefox.rules)
 * 1:18262 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript engine function arguments memory corruption attempt (browser-firefox.rules)
 * 1:18263 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (browser-firefox.rules)
 * 1:18264 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (browser-firefox.rules)
 * 1:18276 <-> ENABLED <-> FILE-OTHER Microsoft Data Access Components library attempt (file-other.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Karagany.A variant outbound connection (malware-cnc.rules)
 * 1:18280 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer oversize recordset object cache size exploit attempt (browser-ie.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.VB.njz variant outbound connection (malware-cnc.rules)
 * 1:18282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag-and-drop vulnerability (browser-ie.rules)
 * 1:18294 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:18295 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:18298 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript large regex memory corruption attempt (browser-firefox.rules)
 * 1:18299 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer implicit drag and drop file installation attempt (browser-ie.rules)
 * 1:18300 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP command injection attempt (browser-ie.rules)
 * 1:18301 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox GeckoActiveXObject memory corruption attempt (browser-firefox.rules)
 * 1:18302 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox new function garbage collection remote code execution attempt (browser-firefox.rules)
 * 1:18303 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18307 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer frameset memory corruption attempt (browser-ie.rules)
 * 1:18313 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18319 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (netbios.rules)
 * 1:18332 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JS Web Worker arbitrary code execution attempt (browser-firefox.rules)
 * 1:18401 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (browser-ie.rules)
 * 1:18402 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (file-other.rules)
 * 1:18403 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer datasrc overflow attempt (browser-ie.rules)
 * 1:18404 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer document.insertBefore memory corruption attempt (browser-ie.rules)
 * 1:18406 <-> ENABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos executable attempt (file-other.rules)
 * 1:18407 <-> ENABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos attempt (file-other.rules)
 * 1:18418 <-> ENABLED <-> FILE-FLASH Adobe Flash player ActionScript apply function memory corruption attempt (file-flash.rules)
 * 1:18420 <-> ENABLED <-> FILE-FLASH Adobe Flash player ActionScript ASnative function remote code execution attempt (file-flash.rules)
 * 1:18445 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt (file-flash.rules)
 * 1:18446 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt (file-flash.rules)
 * 1:18452 <-> DISABLED <-> FILE-OTHER Adobe malicious IFF memory corruption attempt (file-other.rules)
 * 1:18458 <-> ENABLED <-> MALWARE-CNC Night Dragon initial beacon (malware-cnc.rules)
 * 1:18459 <-> ENABLED <-> MALWARE-CNC Night Dragon keepalive message (malware-cnc.rules)
 * 1:18463 <-> ENABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:18482 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer History.go method double free corruption attempt (browser-ie.rules)
 * 1:18485 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (browser-firefox.rules)
 * 1:18486 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (browser-firefox.rules)
 * 1:18498 <-> DISABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules)
 * 1:18503 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (file-flash.rules)
 * 1:18508 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari WebKit ParentStyleSheet exploit attempt (browser-webkit.rules)
 * 1:18517 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:18518 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18519 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18520 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18539 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules)
 * 1:18542 <-> ENABLED <-> WEB-ACTIVEX Microsoft Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (web-activex.rules)
 * 1:18543 <-> ENABLED <-> FILE-FLASH embedded Shockwave dropper download (file-flash.rules)
 * 1:18544 <-> ENABLED <-> FILE-FLASH embedded Shockwave dropper in email attachment (file-flash.rules)
 * 1:18562 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (malware-cnc.rules)
 * 1:18563 <-> DISABLED <-> MALWARE-CNC Trojan.Gaboc variant outbound connection (malware-cnc.rules)
 * 1:18564 <-> DISABLED <-> MALWARE-CNC RussKill botnet contact to C&C server (malware-cnc.rules)
 * 1:18577 <-> DISABLED <-> MALWARE-CNC Trojan-Banker.Win32.Banker.agum variant outbound connection (malware-cnc.rules)
 * 1:18592 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music Jukebox ActiveX exploit (web-activex.rules)
 * 1:18594 <-> DISABLED <-> WEB-ACTIVEX Trend Micro Web Deployment ActiveX clsid access (web-activex.rules)
 * 1:18595 <-> DISABLED <-> WEB-ACTIVEX Trend Micro Web Deployment ActiveX clsid access (web-activex.rules)
 * 1:18597 <-> DISABLED <-> BROWSER-OTHER Opera file URI handling buffer overflow (browser-other.rules)
 * 1:18599 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18600 <-> ENABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18601 <-> ENABLED <-> WEB-ACTIVEX Microsoft Common Controls Animation Object ActiveX clsid access (web-activex.rules)
 * 1:18615 <-> ENABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18616 <-> ENABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18644 <-> ENABLED <-> FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (file-other.rules)
 * 1:18645 <-> DISABLED <-> FILE-OTHER Microsoft Windows GDI+ arbitrary code execution attempt (file-other.rules)
 * 1:18670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules)
 * 1:18671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules)
 * 1:18680 <-> ENABLED <-> FILE-OTHER Microsoft Office RTF malformed pfragments field (file-other.rules)
 * 1:18702 <-> ENABLED <-> FILE-OTHER Microsoft Office RTF malformed pfragments field (file-other.rules)
 * 1:18703 <-> ENABLED <-> FILE-OTHER Microsoft Office RTF malformed pfragments field (file-other.rules)
 * 1:18704 <-> ENABLED <-> FILE-OTHER Microsoft Office RTF malformed second pfragments field (file-other.rules)
 * 1:18705 <-> ENABLED <-> FILE-OTHER Microsoft Office RTF malformed second pfragments field (file-other.rules)
 * 1:18706 <-> ENABLED <-> FILE-OTHER Microsoft Office RTF malformed second pfragments field (file-other.rules)
 * 1:18707 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (malware-cnc.rules)
 * 1:18708 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.aufm variant outbound connection (malware-cnc.rules)
 * 1:18711 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (malware-cnc.rules)
 * 1:18712 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (malware-cnc.rules)
 * 1:18715 <-> ENABLED <-> MALWARE-CNC Ozdok botnet communication with C&C server (malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.H variant outbound connection (malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.QO variant outbound connection (malware-cnc.rules)
 * 1:18718 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.CBY variant outbound connection (malware-cnc.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Terzib.A variant outbound connection (malware-cnc.rules)
 * 1:18723 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (malware-cnc.rules)
 * 1:18724 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (malware-cnc.rules)
 * 1:18739 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (malware-cnc.rules)
 * 1:18770 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari WebKit Range Object Remote Code Execution (browser-webkit.rules)
 * 1:18776 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (file-other.rules)
 * 1:18805 <-> ENABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules)
 * 1:18811 <-> DISABLED <-> FILE-IDENTIFY .ade attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18812 <-> DISABLED <-> FILE-IDENTIFY .adp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18813 <-> DISABLED <-> FILE-IDENTIFY .app attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18814 <-> DISABLED <-> FILE-IDENTIFY .asp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18815 <-> DISABLED <-> FILE-IDENTIFY .bas attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18816 <-> DISABLED <-> FILE-IDENTIFY .bat attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18817 <-> DISABLED <-> FILE-IDENTIFY .cer attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18818 <-> DISABLED <-> FILE-IDENTIFY .chm attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18819 <-> DISABLED <-> FILE-IDENTIFY .cmd attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18820 <-> DISABLED <-> FILE-IDENTIFY .cnt attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18821 <-> DISABLED <-> FILE-IDENTIFY .com attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18822 <-> DISABLED <-> FILE-IDENTIFY .cpl attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18823 <-> DISABLED <-> FILE-IDENTIFY .crt attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18824 <-> DISABLED <-> FILE-IDENTIFY .csh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18825 <-> DISABLED <-> FILE-IDENTIFY .der attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18826 <-> DISABLED <-> FILE-IDENTIFY .exe attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18827 <-> DISABLED <-> FILE-IDENTIFY .fxp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18828 <-> DISABLED <-> FILE-IDENTIFY .gadget attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18829 <-> DISABLED <-> FILE-IDENTIFY .hlp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18830 <-> DISABLED <-> FILE-IDENTIFY .hpj attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18831 <-> DISABLED <-> FILE-IDENTIFY .hta attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18832 <-> DISABLED <-> FILE-IDENTIFY .inf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18833 <-> DISABLED <-> FILE-IDENTIFY .ins attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18834 <-> DISABLED <-> FILE-IDENTIFY .isp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18835 <-> DISABLED <-> FILE-IDENTIFY .its attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18836 <-> DISABLED <-> FILE-IDENTIFY .js attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18837 <-> DISABLED <-> FILE-IDENTIFY .jse attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18838 <-> DISABLED <-> FILE-IDENTIFY .ksh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18839 <-> DISABLED <-> FILE-IDENTIFY .lnk attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18840 <-> DISABLED <-> FILE-IDENTIFY .mad attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18841 <-> DISABLED <-> FILE-IDENTIFY .maf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18842 <-> DISABLED <-> FILE-IDENTIFY .mag attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18843 <-> DISABLED <-> FILE-IDENTIFY .mam attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18844 <-> DISABLED <-> FILE-IDENTIFY .maq attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18845 <-> DISABLED <-> FILE-IDENTIFY .mar attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18846 <-> DISABLED <-> FILE-IDENTIFY .mas attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18847 <-> DISABLED <-> FILE-IDENTIFY .mat attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18848 <-> DISABLED <-> FILE-IDENTIFY .mau attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18849 <-> DISABLED <-> FILE-IDENTIFY .mav attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18850 <-> DISABLED <-> FILE-IDENTIFY .maw attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18851 <-> DISABLED <-> FILE-IDENTIFY .mda attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18852 <-> DISABLED <-> FILE-IDENTIFY .mdb attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18853 <-> DISABLED <-> FILE-IDENTIFY .mde attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18854 <-> DISABLED <-> FILE-IDENTIFY .mdt attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18855 <-> DISABLED <-> FILE-IDENTIFY .mdw attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18856 <-> DISABLED <-> FILE-IDENTIFY .mdz attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18857 <-> DISABLED <-> FILE-IDENTIFY .msc attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18858 <-> DISABLED <-> FILE-IDENTIFY .msh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18859 <-> DISABLED <-> FILE-IDENTIFY .msh1 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18860 <-> DISABLED <-> FILE-IDENTIFY .msh2 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18861 <-> DISABLED <-> FILE-IDENTIFY .mshxml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18862 <-> DISABLED <-> FILE-IDENTIFY .msh1xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18863 <-> DISABLED <-> FILE-IDENTIFY .msh2xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18864 <-> DISABLED <-> FILE-IDENTIFY .msi attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18865 <-> DISABLED <-> FILE-IDENTIFY .msp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18866 <-> DISABLED <-> FILE-IDENTIFY .mst attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18867 <-> DISABLED <-> FILE-IDENTIFY .ops attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18868 <-> DISABLED <-> FILE-IDENTIFY .osd attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18869 <-> DISABLED <-> FILE-IDENTIFY .pcd attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18870 <-> DISABLED <-> FILE-IDENTIFY .pif attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18871 <-> DISABLED <-> FILE-IDENTIFY .plg attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18872 <-> DISABLED <-> FILE-IDENTIFY .prf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18873 <-> DISABLED <-> FILE-IDENTIFY .prg attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18874 <-> DISABLED <-> FILE-IDENTIFY .pst attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18875 <-> DISABLED <-> FILE-IDENTIFY .reg attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18876 <-> DISABLED <-> FILE-IDENTIFY .scf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18877 <-> DISABLED <-> FILE-IDENTIFY .scr attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18878 <-> DISABLED <-> FILE-IDENTIFY .sct attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18879 <-> DISABLED <-> FILE-IDENTIFY .shb attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18880 <-> DISABLED <-> FILE-IDENTIFY .shs attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18881 <-> DISABLED <-> FILE-IDENTIFY .ps1 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18882 <-> DISABLED <-> FILE-IDENTIFY .ps1xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18883 <-> DISABLED <-> FILE-IDENTIFY .ps2 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18884 <-> DISABLED <-> FILE-IDENTIFY .ps2xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18885 <-> DISABLED <-> FILE-IDENTIFY .psc1 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18886 <-> DISABLED <-> FILE-IDENTIFY .psc2 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18887 <-> DISABLED <-> FILE-IDENTIFY .tmp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18888 <-> DISABLED <-> FILE-IDENTIFY .url attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18889 <-> DISABLED <-> FILE-IDENTIFY .vb attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:1889 <-> DISABLED <-> MALWARE-CNC slapper worm admin traffic (malware-cnc.rules)
 * 1:18890 <-> DISABLED <-> FILE-IDENTIFY .vbe attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18891 <-> DISABLED <-> FILE-IDENTIFY .vbp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18892 <-> DISABLED <-> FILE-IDENTIFY .vbs attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18893 <-> DISABLED <-> FILE-IDENTIFY .vsmacros attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18894 <-> DISABLED <-> FILE-IDENTIFY .vsw attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18895 <-> DISABLED <-> FILE-IDENTIFY .ws attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18896 <-> DISABLED <-> FILE-IDENTIFY .wsc attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18897 <-> DISABLED <-> FILE-IDENTIFY .wsf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18898 <-> DISABLED <-> FILE-IDENTIFY .wsh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18899 <-> DISABLED <-> FILE-IDENTIFY .xnk attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18903 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (browser-webkit.rules)
 * 1:18934 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (Coreflood -- malware-cnc.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32.FakeAV (malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32.Krap (malware-cnc.rules)
 * 1:18938 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - ZBot (malware-cnc.rules)
 * 1:18939 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:18940 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Sality (malware-cnc.rules)
 * 1:18941 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - FakeAV (malware-cnc.rules)
 * 1:18944 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Suspected Crimepack (malware-cnc.rules)
 * 1:18945 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Feberr variant outbound connection (malware-cnc.rules)
 * 1:18946 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.FC runtime detection (malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.FC runtime detection (malware-cnc.rules)
 * 1:18951 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer onPropertyChange deleteTable memory corruption attempt (browser-ie.rules)
 * 1:18952 <-> ENABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18953 <-> ENABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18954 <-> ENABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18957 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules)
 * 1:18958 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules)
 * 1:18963 <-> DISABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules)
 * 1:18964 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18965 <-> DISABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules)
 * 1:18966 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18967 <-> DISABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules)
 * 1:18968 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript3 stack integer overflow attempt (file-flash.rules)
 * 1:18969 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules)
 * 1:18970 <-> DISABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules)
 * 1:18971 <-> DISABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules)
 * 1:18973 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (browser-webkit.rules)
 * 1:18976 <-> DISABLED <-> MALWARE-CNC Rogue-Software.AVCare outbound connection (malware-cnc.rules)
 * 1:18977 <-> DISABLED <-> MALWARE-CNC Trojan-Proxy.Win32.Agent.boe outbound connection (malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Pasta.aoq runtime detection (malware-cnc.rules)
 * 1:18979 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.fmo outbound connection (malware-cnc.rules)
 * 1:18980 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect outbound connection (malware-cnc.rules)
 * 1:18981 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect outbound connection (malware-cnc.rules)
 * 1:18982 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect outbound connection (malware-cnc.rules)
 * 1:18992 <-> ENABLED <-> FILE-FLASH Adobe Flash player content parsing execution attempt (file-flash.rules)
 * 1:18995 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit removeAllRanges use-after-free attempt (browser-webkit.rules)
 * 1:19000 <-> DISABLED <-> MYSQL Database CASE NULL argument denial of service attempt (mysql.rules)
 * 1:19002 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer FLV parsing two integer overflow vulnerabilities (file-flash.rules)
 * 1:19003 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules)
 * 1:19004 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules)
 * 1:19005 <-> DISABLED <-> BROWSER-CHROME Apple Safari/Google Chrome Webkit memory corruption attempt (browser-chrome.rules)
 * 1:19008 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (browser-webkit.rules)
 * 1:19009 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (browser-webkit.rules)
 * 1:19010 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (browser-webkit.rules)
 * 1:19011 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules)
 * 1:19012 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules)
 * 1:19016 <-> ENABLED <-> MALWARE-CNC MacBack Trojan outbound connection (malware-cnc.rules)
 * 1:19017 <-> ENABLED <-> MALWARE-CNC MacBack Trojan outbound connection (malware-cnc.rules)
 * 1:19018 <-> ENABLED <-> MALWARE-CNC MacBack Trojan outbound connection (malware-cnc.rules)
 * 1:19019 <-> ENABLED <-> MALWARE-CNC MacBack Trojan outbound connection (malware-cnc.rules)
 * 1:19020 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cc dns query (indicator-compromise.rules)
 * 1:19021 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.FraudLoad.dzm outbound connection (malware-cnc.rules)
 * 1:19022 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.FraudLoad.dzm outbound connection (malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.StartPage outbound connection (malware-cnc.rules)
 * 1:19025 <-> DISABLED <-> MALWARE-CNC Trojan-Banker.Win32.Bancos.etf outbound connection (malware-cnc.rules)
 * 1:19027 <-> DISABLED <-> MALWARE-CNC BrowserModifier.Win32.Kerlofost outbound connection (malware-cnc.rules)
 * 1:19028 <-> DISABLED <-> MALWARE-CNC Trojan-Mailfinder.Win32.Mailbot.dz outbound connection (malware-cnc.rules)
 * 1:19029 <-> DISABLED <-> MALWARE-CNC Win32.PcClient.AI outbound connection (malware-cnc.rules)
 * 1:19030 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Uloadis.A outbound connection (malware-cnc.rules)
 * 1:19031 <-> DISABLED <-> MALWARE-CNC iPRIVACY outbound connection (malware-cnc.rules)
 * 1:19032 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Cornfemo.A outbound connection (malware-cnc.rules)
 * 1:19033 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Cornfemo.A outbound connection (malware-cnc.rules)
 * 1:19034 <-> DISABLED <-> MALWARE-CNC Win32.Kbot.qd outbound connection (malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Vilsel.baqb outbound connection (malware-cnc.rules)
 * 1:19036 <-> DISABLED <-> MALWARE-CNC Win32.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win32.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19038 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Jzzer.A variant outbound connection (malware-cnc.rules)
 * 1:19039 <-> DISABLED <-> MALWARE-CNC Win32.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win32.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Carberp.C variant outbound connection (malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.ACQE variant outbound connection (malware-cnc.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Bancos.XQ variant outbound connection (malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win32.Darkness variant outbound connection (malware-cnc.rules)
 * 1:19049 <-> DISABLED <-> MALWARE-CNC Win32.Gigade variant outbound connection (malware-cnc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banbra.fxe variant outbound connection (malware-cnc.rules)
 * 1:19052 <-> ENABLED <-> MALWARE-CNC Win32.Httpbot.qdc variant outbound connection (malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Sisron.nelo variant outbound connection (malware-cnc.rules)
 * 1:19055 <-> ENABLED <-> MALWARE-CNC Win32.Gosik.A registration attempt (malware-cnc.rules)
 * 1:19056 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19057 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ponmocup.A variant outbound connection (malware-cnc.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.FakePlus Runtime Detection (malware-cnc.rules)
 * 1:19063 <-> ENABLED <-> FILE-OTHER Microsoft Windows Movie Maker string size overflow attempt (file-other.rules)
 * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules)
 * 1:19071 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19076 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules)
 * 1:19079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:19080 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19081 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:19083 <-> ENABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19084 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:19093 <-> DISABLED <-> MYSQL Database unique set column denial of service attempt (mysql.rules)
 * 1:19094 <-> DISABLED <-> MYSQL Database unique set column denial of service attempt (mysql.rules)
 * 1:19095 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules)
 * 1:19096 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules)
 * 1:19097 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code execution attempt (browser-webkit.rules)
 * 1:19098 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code exeuction attempt (browser-webkit.rules)
 * 1:19099 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (browser-webkit.rules)
 * 1:19111 <-> DISABLED <-> FILE-FLASH Adobe Flash Media Server memory exhaustion (file-flash.rules)
 * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules)
 * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules)
 * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules)
 * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules)
 * 1:19123 <-> DISABLED <-> MALWARE-CNC Dropper Win32.Cefyns.A outbound connection (malware-cnc.rules)
 * 1:19126 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19127 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19135 <-> DISABLED <-> MALWARE-BACKDOOR Win32.Buterat Checkin (malware-backdoor.rules)
 * 1:19143 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (file-multimedia.rules)
 * 1:19144 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:19146 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:19147 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:19148 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (file-multimedia.rules)
 * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19164 <-> ENABLED <-> MALWARE-CNC Trojan SpyEye outbound connection (malware-cnc.rules)
 * 1:19170 <-> ENABLED <-> FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (file-other.rules)
 * 1:19171 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (browser-ie.rules)
 * 1:19172 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (browser-ie.rules)
 * 1:19178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site request forgery attempt (file-flash.rules)
 * 1:19179 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site request forgery attempt (file-flash.rules)
 * 1:19181 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (browser-ie.rules)
 * 1:19183 <-> ENABLED <-> WEB-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (web-iis.rules)
 * 1:19192 <-> ENABLED <-> WEB-IIS Microsoft Windows IIS Repeated Parameter Request denial of service attempt (web-iis.rules)
 * 1:19195 <-> DISABLED <-> WEB-ACTIVEX Oracle Document Capture ActiveX function call access (web-activex.rules)
 * 1:19203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MsgBox arbitrary code execution attempt (browser-ie.rules)
 * 1:19204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MsgBox arbitrary code execution attempt (browser-ie.rules)
 * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19219 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19220 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19226 <-> DISABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules)
 * 1:19235 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (browser-ie.rules)
 * 1:19236 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (browser-ie.rules)
 * 1:19237 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:19238 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (browser-ie.rules)
 * 1:19239 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer 8 toStaticHTML XSS attempt (browser-ie.rules)
 * 1:19240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (browser-ie.rules)
 * 1:19241 <-> DISABLED <-> BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (browser-ie.rules)
 * 1:19242 <-> DISABLED <-> BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (browser-ie.rules)
 * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19245 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)
 * 1:19246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules)
 * 1:19257 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index memory corruption (file-flash.rules)
 * 1:19262 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19263 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19264 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19292 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19308 <-> ENABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules)
 * 1:19310 <-> DISABLED <-> MALWARE-CNC Downloader Trojan.Gen3 outbound connection (malware-cnc.rules)
 * 1:19322 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer and SharePoint toStaticHTML information disclosure attempt (browser-ie.rules)
 * 1:19328 <-> ENABLED <-> MALWARE-CNC PointGuide outbound connection (malware-cnc.rules)
 * 1:19329 <-> DISABLED <-> MALWARE-CNC Faceback.exe outbound connection (malware-cnc.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Trojan Zlob.dnz outbound connection (malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Trojan Zlob.dnz outbound connection (malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Clampi outbound connection (malware-cnc.rules)
 * 1:19339 <-> ENABLED <-> MALWARE-CNC Trojan Dropper Win32.Agent.alda outbound connection (malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Trojan Fakeav TREAntivirus outbound connection (malware-cnc.rules)
 * 1:19341 <-> DISABLED <-> MALWARE-CNC Worm MSIL.AiO.a outbound connection (malware-cnc.rules)
 * 1:19342 <-> DISABLED <-> MALWARE-CNC Adware Professional Runtime Detection (malware-cnc.rules)
 * 1:19343 <-> DISABLED <-> MALWARE-CNC Adware Pro Runtime Detection (malware-cnc.rules)
 * 1:19344 <-> DISABLED <-> MALWARE-CNC AntiMalware Pro Runtime Detection (malware-cnc.rules)
 * 1:19345 <-> DISABLED <-> MALWARE-CNC REAnti outbound connection (malware-cnc.rules)
 * 1:19346 <-> DISABLED <-> MALWARE-CNC Additional Guard outbound connection (malware-cnc.rules)
 * 1:19347 <-> ENABLED <-> MALWARE-CNC Win32.Poison.banr outbound connection (malware-cnc.rules)
 * 1:19348 <-> ENABLED <-> MALWARE-CNC Trojan Downloader Win32.FraudLoad.emq outbound connection (malware-cnc.rules)
 * 1:19349 <-> DISABLED <-> MALWARE-CNC Fakeav Vaccineclear outbound connection (malware-cnc.rules)
 * 1:19351 <-> ENABLED <-> MALWARE-CNC Trojan Clicker Win32.Hatigh.C outbound connection (malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win32.Small.D outbound connection (malware-cnc.rules)
 * 1:19353 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Banker.bkhu outbound connection (malware-cnc.rules)
 * 1:19354 <-> DISABLED <-> MALWARE-BACKDOOR Win32.Agent.bhxn outbound connection (malware-backdoor.rules)
 * 1:19355 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Fareit.A outbound connection (malware-cnc.rules)
 * 1:19356 <-> DISABLED <-> MALWARE-CNC Win32.Fibbit.ax outbound connection (malware-cnc.rules)
 * 1:19357 <-> ENABLED <-> MALWARE-CNC Worm Win32.Sohanad.ila outbound connection (malware-cnc.rules)
 * 1:19358 <-> ENABLED <-> MALWARE-CNC Win32.XYTvn.A outbound connection (malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Dcbavict.A outbound connection (malware-cnc.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Dcbavict.A outbound connection (malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Dcbavict.A outbound connection (malware-cnc.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win32.Dorkbot.B outbound connection (malware-cnc.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win32.HXWAN.A outbound connection (malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Worm Win32.Vaubeg.A outbound connection (malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Carberp.D outbound connection (malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Carberp.D outbound connection (malware-cnc.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Carberp.D outbound connection (malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banker.IC outbound connection (malware-cnc.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Tidserv outbound connection (malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Monkif.J inbound connection - dest ip infected (malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Beastdoor.b outbound connection (malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win32.UltimateDefender.xv outbound connection (malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Trojan BAT.Shutdown.ef outbound connection (malware-cnc.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Worm Win32.Sddrop.D outbound connection (malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Worm Win32.Sddrop.D outbound connection (malware-cnc.rules)
 * 1:19402 <-> DISABLED <-> MALWARE-CNC P2P Worm.Win32.Malas.r outbound connection (malware-cnc.rules)
 * 1:19403 <-> ENABLED <-> FILE-MULTIMEDIA Cinepak Codec VIDC decompression remote code execution attempt (file-multimedia.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Ozdok outbound connection (malware-cnc.rules)
 * 1:19408 <-> ENABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:19411 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer Cross-Domain information disclosure attempt (browser-ie.rules)
 * 1:19415 <-> DISABLED <-> MALWARE-CNC vsFTPd 2.3.4 backdoor connection attempt (malware-cnc.rules)
 * 1:19420 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (file-multimedia.rules)
 * 1:19421 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (file-multimedia.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Crypter.i outbound connection (malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win32.Agent.amjz outbound connection (malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Adload.BG outbound connection (malware-cnc.rules)
 * 1:19429 <-> ENABLED <-> MALWARE-CNC Trojan Proxy Win32.Dosenjo.C Runtime Detection (malware-cnc.rules)
 * 1:19433 <-> DISABLED <-> MALWARE-CNC W32.Fujacks.aw outbound connection (malware-cnc.rules)
 * 1:19435 <-> ENABLED <-> MALWARE-CNC Win32.Litmus.203 outbound connection (malware-cnc.rules)
 * 1:19436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (browser-ie.rules)
 * 1:19444 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:19445 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:19446 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:19447 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:19448 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:19449 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19450 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19454 <-> DISABLED <-> MALWARE-CNC Trojan.PWS.Win32.QQPass.IK runtime detection (malware-cnc.rules)
 * 1:19456 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Klone.bj runtime detection (malware-cnc.rules)
 * 1:19457 <-> DISABLED <-> MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb runtime detection (malware-cnc.rules)
 * 1:19476 <-> DISABLED <-> MALWARE-CNC Exploit.Win32.SqlShell.r runtime detection (malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Krap.af variant outbound connection (malware-cnc.rules)
 * 1:19483 <-> DISABLED <-> MALWARE-CNC Win32.Reload.fy variant outbound connection (malware-cnc.rules)
 * 1:19484 <-> DISABLED <-> MALWARE-CNC Win32.Agent.alqt variant outbound connection (malware-cnc.rules)
 * 1:19487 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Agent.kih variant outbound connection (malware-cnc.rules)
 * 1:19489 <-> DISABLED <-> MALWARE-CNC Win32.DeAlfa.fa variant outbound connection (malware-cnc.rules)
 * 1:19490 <-> DISABLED <-> MALWARE-CNC Win32.Koceg.B variant outbound connection (malware-cnc.rules)
 * 1:19491 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Genome.vau outbound connection (malware-cnc.rules)
 * 1:19492 <-> DISABLED <-> MALWARE-CNC Windows System Defender outbound connection (malware-cnc.rules)
 * 1:19494 <-> DISABLED <-> MALWARE-CNC W32.Licum outbound connection (malware-cnc.rules)
 * 1:19495 <-> DISABLED <-> MALWARE-CNC Worm Win32.Pilleuz outbound connection (malware-cnc.rules)
 * 1:19554 <-> DISABLED <-> MALWARE-CNC Trojan Fakeav Antivirus Xp Pro outbound connection (malware-cnc.rules)
 * 1:19555 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Small.akow outbound connection (malware-cnc.rules)
 * 1:19556 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Homa.dk outbound connection (malware-cnc.rules)
 * 1:19557 <-> DISABLED <-> MALWARE-CNC Win32.Shark.ag outbound connection (malware-cnc.rules)
 * 1:19568 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.PerfectKeylogger runtime detection (malware-cnc.rules)
 * 1:19569 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Perkesh runtime detection (malware-cnc.rules)
 * 1:19572 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.FFSearch.A runtime detection (malware-cnc.rules)
 * 1:19573 <-> DISABLED <-> MALWARE-CNC Worm Win32.Chiviper.C outbound connection (malware-cnc.rules)
 * 1:19574 <-> DISABLED <-> MALWARE-CNC Worm Win32.Chiviper.C outbound connection (malware-cnc.rules)
 * 1:19575 <-> DISABLED <-> MALWARE-CNC Worm Win32.Emold.U outbound connection (malware-cnc.rules)
 * 1:19577 <-> DISABLED <-> MALWARE-CNC Trojan Dropper Win32.Dogrobot.E outbound connection (malware-cnc.rules)
 * 1:19579 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Potao.A outbound connection (malware-cnc.rules)
 * 1:19580 <-> DISABLED <-> MALWARE-CNC Worm Win32.Basun.wsc inbound connection (malware-cnc.rules)
 * 1:19581 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Apher.gpd outbound connection (malware-cnc.rules)
 * 1:19582 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Apher.gpd outbound connection (malware-cnc.rules)
 * 1:19583 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Bumat.rts outbound connection (malware-cnc.rules)
 * 1:19584 <-> DISABLED <-> MALWARE-CNC Worm Win32.Dref.C outbound connection (malware-cnc.rules)
 * 1:19585 <-> DISABLED <-> MALWARE-CNC Worm Win32.Dref.C outbound connection - notification (malware-cnc.rules)
 * 1:19586 <-> DISABLED <-> MALWARE-CNC Trojan Clicker Win32.Agent.dlg outbound connection (malware-cnc.rules)
 * 1:19587 <-> DISABLED <-> MALWARE-CNC Win32.Sereki.B outbound connection (malware-cnc.rules)
 * 1:19588 <-> DISABLED <-> MALWARE-CNC Win32.Sereki.B successful connection (malware-cnc.rules)
 * 1:19590 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Savnut.B outbound connection (malware-cnc.rules)
 * 1:19591 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Powp.pyv outbound connection (malware-cnc.rules)
 * 1:19592 <-> DISABLED <-> MALWARE-CNC Trickler Trojan-Downloader.Win32.Agent.bjkd Runtime Detection (malware-cnc.rules)
 * 1:19593 <-> DISABLED <-> MALWARE-CNC Worm Trojan.Win32.Agent.btxm runtime detection - IRC (malware-cnc.rules)
 * 1:19596 <-> DISABLED <-> MALWARE-CNC Poison Ivy runtime detection (malware-cnc.rules)
 * 1:19597 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Agent.cws runtime detection (malware-cnc.rules)
 * 1:19608 <-> DISABLED <-> MALWARE-CNC Win32.Wisscmd.A outbound connection (malware-cnc.rules)
 * 1:19612 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Banload.bvk outbound connection (malware-cnc.rules)
 * 1:19613 <-> DISABLED <-> MALWARE-CNC Rogue Software Registry Cleaner Pro outbound connection (malware-cnc.rules)
 * 1:19614 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.kkr outbound connection (malware-cnc.rules)
 * 1:19615 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.kkr outbound connection (malware-cnc.rules)
 * 1:19616 <-> DISABLED <-> MALWARE-CNC Trojan Banker.Win32.Banbra.mcq outbound connection (malware-cnc.rules)
 * 1:19649 <-> DISABLED <-> EXPLOIT HP Intelligent Management Center dbman buffer overflow attempt (exploit.rules)
 * 1:19652 <-> DISABLED <-> MALWARE-CNC Teevsock C outbound connection (malware-cnc.rules)
 * 1:19654 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.wti variant outbound connection (malware-cnc.rules)
 * 1:19655 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Agent.IK variant outbound connection (malware-cnc.rules)
 * 1:19656 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Peace.lh Runtime Detection (malware-cnc.rules)
 * 1:19657 <-> ENABLED <-> MALWARE-CNC FakeAV variant traffic (malware-cnc.rules)
 * 1:19658 <-> ENABLED <-> MALWARE-CNC Trojan Win32.MCnovogic.A outbound connection (malware-cnc.rules)
 * 1:19659 <-> DISABLED <-> MALWARE-CNC Win32.Soleseq.A outbound connection (malware-cnc.rules)
 * 1:19660 <-> DISABLED <-> MALWARE-CNC Win32.Riern.K outbound connection (malware-cnc.rules)
 * 1:19666 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer multi-window access memory corruption attempt (browser-ie.rules)
 * 1:19667 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain scripting attack (browser-ie.rules)
 * 1:19668 <-> DISABLED <-> BROWSER-IE Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules)
 * 1:19670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (browser-ie.rules)
 * 1:19671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (browser-ie.rules)
 * 1:19672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt (browser-ie.rules)
 * 1:19679 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows NDISTAPI Driver code execution attempt (file-executable.rules)
 * 1:19680 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows CSRSS SrvDeviceEvent exploit attempt (file-executable.rules)
 * 1:19682 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (file-flash.rules)
 * 1:19683 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (file-flash.rules)
 * 1:19685 <-> DISABLED <-> FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (file-flash.rules)
 * 1:19686 <-> DISABLED <-> FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (file-flash.rules)
 * 1:19687 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (file-flash.rules)
 * 1:19688 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript BitmapData buffer overflow attempt (file-flash.rules)
 * 1:19689 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript dynamic calculation double-free attempt (file-flash.rules)
 * 1:19690 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript duplicateDoorInputArguments stack overwrite (file-flash.rules)
 * 1:19691 <-> DISABLED <-> FILE-FLASH Adobe Flash Actionscript File reference buffer overflow attempt (file-flash.rules)
 * 1:19692 <-> DISABLED <-> FILE-FLASH Adobe Flash cross-site request forgery attempt (file-flash.rules)
 * 1:19693 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:19695 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.VB.nec outbound connection (malware-cnc.rules)
 * 1:19696 <-> DISABLED <-> MALWARE-CNC Win32.SdBot.nng inbound connection (malware-cnc.rules)
 * 1:19697 <-> DISABLED <-> MALWARE-CNC Trojan Spy.Win32.VB.btm outbound connection (malware-cnc.rules)
 * 1:19698 <-> DISABLED <-> MALWARE-CNC Win32.Prosti.AG variant outbound connection (malware-cnc.rules)
 * 1:19699 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Korklic.A variant outbound connection (malware-cnc.rules)
 * 1:19700 <-> DISABLED <-> MALWARE-CNC Win32.Agent.tnr Runtime Detection (malware-cnc.rules)
 * 1:19701 <-> DISABLED <-> MALWARE-CNC Win32.Hassar.A outbound connection (malware-cnc.rules)
 * 1:19702 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Zboter.E outbound connection (malware-cnc.rules)
 * 1:19703 <-> ENABLED <-> MALWARE-CNC Worm Win32.Dusta.br outbound connnection (malware-cnc.rules)
 * 1:19704 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Agent.grdm outbound connection (malware-cnc.rules)
 * 1:19705 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Agent.grdm outbound connection (malware-cnc.rules)
 * 1:19706 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Agent.cer outbound connection (malware-cnc.rules)
 * 1:19710 <-> ENABLED <-> BROWSER-CHROME Google Chrome float rendering corruption attempt (browser-chrome.rules)
 * 1:19711 <-> ENABLED <-> MALWARE-CNC Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:19712 <-> ENABLED <-> MALWARE-CNC Trojan Downloader W32.Genome.gen outbound connection (malware-cnc.rules)
 * 1:19713 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19714 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (browser-firefox.rules)
 * 1:19715 <-> DISABLED <-> MALWARE-CNC Trojan.URLZone variant outbound connection (malware-cnc.rules)
 * 1:19716 <-> DISABLED <-> MALWARE-CNC TrojanSpy.Win32.Banker.OO Runtime Detection (malware-cnc.rules)
 * 1:19718 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.bkap variant outbound connection (malware-cnc.rules)
 * 1:19720 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Onestage.ws variant outbound connection (malware-cnc.rules)
 * 1:19721 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.mlh variant outbound connection (malware-cnc.rules)
 * 1:19722 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Poshtroper.A outbound connection (malware-cnc.rules)
 * 1:19723 <-> ENABLED <-> MALWARE-CNC Win32.Pherbot.A outbound connection (malware-cnc.rules)
 * 1:19724 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.dhy outbound connection (malware-cnc.rules)
 * 1:19725 <-> DISABLED <-> MALWARE-CNC Win32.Poison.AY outbound connection (malware-cnc.rules)
 * 1:19726 <-> DISABLED <-> MALWARE-CNC Win32.Poison.AY outbound connection (malware-cnc.rules)
 * 1:19727 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Bancos.DI outbound connection (malware-cnc.rules)
 * 1:19728 <-> DISABLED <-> MALWARE-CNC Win32.Yayih.A outbound connection (malware-cnc.rules)
 * 1:19729 <-> DISABLED <-> MALWARE-CNC Win32.Yayih.A outbound connection (malware-cnc.rules)
 * 1:19730 <-> ENABLED <-> MALWARE-CNC Win32.KukuBot.A outbound connection (malware-cnc.rules)
 * 1:19731 <-> ENABLED <-> MALWARE-CNC Win32.Darkwebot.A outbound connection (malware-cnc.rules)
 * 1:19732 <-> ENABLED <-> MALWARE-CNC Win32.Idicaf.B outbound connection (malware-cnc.rules)
 * 1:19733 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Jorik.BRU outbound connection (malware-cnc.rules)
 * 1:19739 <-> DISABLED <-> MALWARE-CNC Win32.Apptom runtime detection (malware-cnc.rules)
 * 1:19742 <-> DISABLED <-> MALWARE-CNC Win32.Agent.atff runtime detection (malware-cnc.rules)
 * 1:19743 <-> DISABLED <-> MALWARE-CNC Win32.Hupigon.eqlo runtime detection (malware-cnc.rules)
 * 1:19744 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Deecee.a runtime detection (malware-cnc.rules)
 * 1:19745 <-> DISABLED <-> MALWARE-CNC Win32.FraudLoad.dyl runtime detection (malware-cnc.rules)
 * 1:19746 <-> DISABLED <-> MALWARE-CNC Win32.Agent.biiw runtime detection (malware-cnc.rules)
 * 1:19747 <-> DISABLED <-> MALWARE-CNC Win32.GGDoor.22 runtime detection (malware-cnc.rules)
 * 1:19748 <-> DISABLED <-> MALWARE-CNC Trojan.Crypt.ULPM.Gen IRC runtime detection (malware-cnc.rules)
 * 1:19749 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Agent.chgp variant outbound connection (malware-cnc.rules)
 * 1:19750 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.PJ variant outbound connection (malware-cnc.rules)
 * 1:19751 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Sohanad.bm variant outbound connection (malware-cnc.rules)
 * 1:19752 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader.Win32.Agent.bkwx variant outbound connection (malware-cnc.rules)
 * 1:19753 <-> DISABLED <-> MALWARE-CNC Trojan TrojanSpy.Win32.Zbot.gen.C Runtime Detection (malware-cnc.rules)
 * 1:19754 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader.Delf.RGL Runtime Detection (malware-cnc.rules)
 * 1:19755 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Alphabet variant outbound connection (malware-cnc.rules)
 * 1:19757 <-> DISABLED <-> MALWARE-CNC Win32.Agent.bqlu variant outbound connection (malware-cnc.rules)
 * 1:19758 <-> DISABLED <-> MALWARE-CNC Win32.Small.yw variant outbound connection (malware-cnc.rules)
 * 1:19759 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.FireThief.h Runtime Detection (malware-cnc.rules)
 * 1:19760 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Arsinfoder.A outbound connection (malware-cnc.rules)
 * 1:19761 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Ftpharvxqq.A outbound connection (malware-cnc.rules)
 * 1:19762 <-> DISABLED <-> MALWARE-CNC Win32.RDPdoor.AE outbound connection (malware-cnc.rules)
 * 1:19763 <-> DISABLED <-> MALWARE-CNC Win32.RDPdoor.AE outbound connection (malware-cnc.rules)
 * 1:19764 <-> DISABLED <-> MALWARE-CNC Win32.RDPdoor.AE outbound connection (malware-cnc.rules)
 * 1:19765 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Banker.BXF outbound connection (malware-cnc.rules)
 * 1:19766 <-> DISABLED <-> MALWARE-CNC Worm Win32.Autorun.hi outbound connection (malware-cnc.rules)
 * 1:19767 <-> ENABLED <-> MALWARE-CNC Win32.Msposer.A outbound connection (malware-cnc.rules)
 * 1:19769 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Yoddos.A outbound indicator (malware-cnc.rules)
 * 1:19770 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Yoddos.A outbound connection (malware-cnc.rules)
 * 1:19771 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Yoddos.A outbound connection (malware-cnc.rules)
 * 1:19772 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Parite.B runtime detection (malware-cnc.rules)
 * 1:19773 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Parite.B runtime detection (malware-cnc.rules)
 * 1:19774 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur runtime detection (malware-cnc.rules)
 * 1:19776 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Agent2.guy dropper runtime detection (malware-cnc.rules)
 * 1:19781 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Agent.aqpn Runtime Detection (malware-cnc.rules)
 * 1:19782 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.AVKill.bc variant outbound connection (malware-cnc.rules)
 * 1:19783 <-> DISABLED <-> MALWARE-CNC Win32.Banload.agcw runtime detection (malware-cnc.rules)
 * 1:19785 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Malushka.T outbound connection (malware-cnc.rules)
 * 1:19787 <-> DISABLED <-> MALWARE-CNC Exploit-PDF.t outbound connection (malware-cnc.rules)
 * 1:19788 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.VB.pnc Runtime Detection (malware-cnc.rules)
 * 1:19789 <-> DISABLED <-> MALWARE-CNC P2P Worm Win32.SpyBot.pgh outbound connection (malware-cnc.rules)
 * 1:19790 <-> DISABLED <-> MALWARE-CNC P2P Worm Win32.SpyBot.pgh outbound connection (malware-cnc.rules)
 * 1:19791 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Small.awa outbound connection (malware-cnc.rules)
 * 1:19792 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Caxnet.A outbound connection (malware-cnc.rules)
 * 1:19793 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.SillyFDC-DS outbound connection (malware-cnc.rules)
 * 1:19794 <-> DISABLED <-> MALWARE-CNC W32.Fnumbot outbound connection (malware-cnc.rules)
 * 1:19795 <-> DISABLED <-> MALWARE-CNC Trojan FakeAV NoAdware outbound connection (malware-cnc.rules)
 * 1:19796 <-> DISABLED <-> MALWARE-CNC Trojan DL.CashnJoy.A outbound connection (malware-cnc.rules)
 * 1:19797 <-> DISABLED <-> MALWARE-CNC Safety Center outbound connection (malware-cnc.rules)
 * 1:19798 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent2.kxu outbound connection (malware-cnc.rules)
 * 1:19799 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.gen.Q Runtime Detection (malware-cnc.rules)
 * 1:19800 <-> DISABLED <-> MALWARE-CNC Win32.Pher.ij Runtime Detection (malware-cnc.rules)
 * 1:19801 <-> ENABLED <-> MALWARE-CNC Trojan.Tracur variant outbound connection (malware-cnc.rules)
 * 1:19802 <-> DISABLED <-> MALWARE-CNC Win32.Wixud.B variant outbound connection (malware-cnc.rules)
 * 1:19803 <-> DISABLED <-> MALWARE-CNC Win32.Renos.FH variant outbound connection (malware-cnc.rules)
 * 1:19804 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.VB.ktq variant outbound connection (malware-cnc.rules)
 * 1:19805 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Smser.cx Runtime Detection (malware-cnc.rules)
 * 1:19806 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules)
 * 1:19807 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (browser-webkit.rules)
 * 1:19808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:19809 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (browser-ie.rules)
 * 1:19814 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (browser-ie.rules)
 * 1:19819 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ertfor.A runtime detection (malware-cnc.rules)
 * 1:19820 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ertfor.A runtime detection (malware-cnc.rules)
 * 1:19822 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banload.HH runtime detection (malware-cnc.rules)
 * 1:19824 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur runtime detection (malware-cnc.rules)
 * 1:19828 <-> DISABLED <-> MALWARE-CNC Win32.SpyAgent.B runtime detection (malware-cnc.rules)
 * 1:19829 <-> DISABLED <-> MALWARE-CNC Win32.Rbot.gen runtime detection (malware-cnc.rules)
 * 1:19830 <-> DISABLED <-> MALWARE-CNC Win32.Poebot.BP runtime detection (malware-cnc.rules)
 * 1:19831 <-> DISABLED <-> MALWARE-CNC Trojan.Spy.Zbot.SO runtime detection (malware-cnc.rules)
 * 1:19832 <-> DISABLED <-> MALWARE-CNC Win32.Veslorn.gen.A runtime detection (malware-cnc.rules)
 * 1:19833 <-> DISABLED <-> MALWARE-CNC Win32.Banload.bda runtime detection (malware-cnc.rules)
 * 1:19834 <-> DISABLED <-> MALWARE-CNC Trojan.Spy.ZBot.RD runtime detection (malware-cnc.rules)
 * 1:19836 <-> DISABLED <-> MALWARE-CNC Spy-Net 0.7 runtime (malware-cnc.rules)
 * 1:19852 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Delf.tbv outbound connection (malware-cnc.rules)
 * 1:19854 <-> DISABLED <-> MALWARE-CNC W32.Sality.AM runtime detection (malware-cnc.rules)
 * 1:19855 <-> DISABLED <-> MALWARE-CNC W32.Sality.AM runtime detection (malware-cnc.rules)
 * 1:19856 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Krap.i outbound connection (malware-cnc.rules)
 * 1:19857 <-> DISABLED <-> MALWARE-CNC Win32.Hupigon.hhbd outbound connection - Windows (malware-cnc.rules)
 * 1:19858 <-> DISABLED <-> MALWARE-CNC Win32.Hupigon.hhbd outbound connection - non-Windows (malware-cnc.rules)
 * 1:19861 <-> DISABLED <-> MALWARE-CNC Win32.Agent.cqcv variant outbound connection (malware-cnc.rules)
 * 1:19862 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Scar.iej variant outbound connection (malware-cnc.rules)
 * 1:19863 <-> DISABLED <-> MALWARE-CNC Win32.Httpbot.yi Runtime Detection (malware-cnc.rules)
 * 1:19864 <-> DISABLED <-> MALWARE-CNC Win32.Nvbpass.A outbound connection (malware-cnc.rules)
 * 1:19865 <-> DISABLED <-> MALWARE-CNC Win32.Arhost.D outbound connection (malware-cnc.rules)
 * 1:19866 <-> DISABLED <-> MALWARE-CNC Win32.Fusing.AA outbound connection (malware-cnc.rules)
 * 1:19871 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VML buffer overflow attempt (browser-ie.rules)
 * 1:19872 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer MDAC remote code execution attempt (browser-ie.rules)
 * 1:19873 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:19885 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer daxctle.ocx spline method buffer overflow attempt (browser-ie.rules)
 * 1:19886 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ani file processing - remote code execution attempt (browser-ie.rules)
 * 1:19895 <-> DISABLED <-> MALWARE-CNC Win32.Delf.jwh runtime detection (malware-cnc.rules)
 * 1:19898 <-> DISABLED <-> MALWARE-CNC Cinmus Variant outbound connection (malware-cnc.rules)
 * 1:19905 <-> DISABLED <-> MALWARE-CNC Win32.Small.jog runtime detection (malware-cnc.rules)
 * 1:19909 <-> DISABLED <-> WEB-ACTIVEX Cisco AnyConnect ActiveX clsid access (web-activex.rules)
 * 1:19910 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer VML user after free attempt (browser-ie.rules)
 * 1:19912 <-> ENABLED <-> MALWARE-CNC Trojan.DelfInject.gen!X outbound connection (malware-cnc.rules)
 * 1:19914 <-> DISABLED <-> MALWARE-CNC Win32.Quivoe.A outbound connection (malware-cnc.rules)
 * 1:19915 <-> DISABLED <-> MALWARE-CNC Win32.Gnutler.apd outbound connection (malware-cnc.rules)
 * 1:19916 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Bancos.ACB outbound connection (malware-cnc.rules)
 * 1:19917 <-> DISABLED <-> MALWARE-CNC Win32.Sogu.A outbound connection (malware-cnc.rules)
 * 1:19918 <-> DISABLED <-> MALWARE-CNC Worm Win32.Ganelp.B outbound connection (malware-cnc.rules)
 * 1:19919 <-> DISABLED <-> MALWARE-CNC Win32.Murcy.A outbound connection (malware-cnc.rules)
 * 1:19920 <-> DISABLED <-> MALWARE-CNC Win32.Reppserv.A outbond connection (malware-cnc.rules)
 * 1:19921 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Puprlehzae.A outbound connection (malware-cnc.rules)
 * 1:19922 <-> DISABLED <-> MALWARE-CNC Win32.Shiz.ivr outbound connection (malware-cnc.rules)
 * 1:19923 <-> DISABLED <-> MALWARE-CNC Win32.Venik.B outbound connection (malware-cnc.rules)
 * 1:19924 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Spidern.A outbound connection (malware-cnc.rules)
 * 1:19931 <-> DISABLED <-> MALWARE-CNC Trojan.Lineage.Gen.Pac.3 outbound connection (malware-cnc.rules)
 * 1:19935 <-> DISABLED <-> MALWARE-CNC Trojan Dropper Win32.Delf.aba outbound connection (malware-cnc.rules)
 * 1:19936 <-> DISABLED <-> MALWARE-CNC Trojan Dropper Win32.Delf.aba outbound connection (malware-cnc.rules)
 * 1:19937 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:19940 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.IRC.TKB outbound connection - dir4you (malware-cnc.rules)
 * 1:19941 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win32.Zbot.Gen outbound connection (malware-cnc.rules)
 * 1:19942 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win32.Zbot.Gen outbound connection (malware-cnc.rules)
 * 1:19944 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Banload.ykl outbound connection (malware-cnc.rules)
 * 1:19945 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Agent.amwd outbound connection (malware-cnc.rules)
 * 1:19946 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Agent.amwd outbound connection (malware-cnc.rules)
 * 1:19947 <-> DISABLED <-> MALWARE-CNC Win32.Agent.amwd outbound connection (malware-cnc.rules)
 * 1:19948 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.asjk outbound connection (malware-cnc.rules)
 * 1:19949 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.asjk outbound connection (malware-cnc.rules)
 * 1:19950 <-> DISABLED <-> MALWARE-CNC DarkstRat 2008 inbound connection (malware-cnc.rules)
 * 1:19951 <-> DISABLED <-> MALWARE-CNC DarkstRat 2008 outbound connection (malware-cnc.rules)
 * 1:19952 <-> DISABLED <-> MALWARE-CNC Biodox inbound connection (malware-cnc.rules)
 * 1:19953 <-> DISABLED <-> MALWARE-CNC Biodox outbound connection (malware-cnc.rules)
 * 1:19954 <-> DISABLED <-> MALWARE-CNC Hack Style RAT outbound connection (malware-cnc.rules)
 * 1:19955 <-> DISABLED <-> MALWARE-CNC PaiN RAT 0.1 outbound connection (malware-cnc.rules)
 * 1:19957 <-> DISABLED <-> MALWARE-CNC Arabian-Attacker 1.1.0 outbound connection (malware-cnc.rules)
 * 1:19958 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.aulk outbound connection (malware-cnc.rules)
 * 1:19959 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.aulk outbound connection (malware-cnc.rules)
 * 1:19960 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.aulk outbound connection (malware-cnc.rules)
 * 1:19961 <-> DISABLED <-> MALWARE-CNC Fouad 1.0 outbound connection (malware-cnc.rules)
 * 1:19962 <-> DISABLED <-> MALWARE-CNC Email-Worm.CryptBox-A outbound connection (malware-cnc.rules)
 * 1:19963 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Banload.aajs outbound connection (malware-cnc.rules)
 * 1:19964 <-> DISABLED <-> MALWARE-CNC Virus Win32.Sality.aa outbound connection (malware-cnc.rules)
 * 1:19965 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Agent.avzz outbound connection (malware-cnc.rules)
 * 1:19966 <-> DISABLED <-> MALWARE-CNC Octopus 0.1 inbound connection (malware-cnc.rules)
 * 1:19967 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.Papras.dm runtime detection (malware-cnc.rules)
 * 1:19968 <-> DISABLED <-> MALWARE-CNC Trojan.PSW.Win32.QQPass.amx runtime detection (malware-cnc.rules)
 * 1:19969 <-> DISABLED <-> MALWARE-CNC Trojan.Crypt.CY runtime detection (malware-cnc.rules)
 * 1:19970 <-> DISABLED <-> MALWARE-CNC W32.Smalltroj.MHYR runtime detection (malware-cnc.rules)
 * 1:19971 <-> DISABLED <-> MALWARE-CNC Win32.Mudrop.lj runtime detection (malware-cnc.rules)
 * 1:19973 <-> DISABLED <-> MALWARE-CNC Worm.Trojan.Win32.Nebuler.D runtime detection (malware-cnc.rules)
 * 1:19974 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Small.bwj runtime detection (malware-cnc.rules)
 * 1:19975 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Crypt.vb runtime detection (malware-cnc.rules)
 * 1:19976 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.hy runtime detection (malware-cnc.rules)
 * 1:19977 <-> DISABLED <-> MALWARE-CNC Trojan.LooksLike.Zaplot runtime detection (malware-cnc.rules)
 * 1:19978 <-> DISABLED <-> MALWARE-CNC Viking.JB Worm runtime traffic detected (malware-cnc.rules)
 * 1:19979 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19980 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19981 <-> DISABLED <-> MALWARE-CNC Trojan Micstus.A runtime traffic detected (malware-cnc.rules)
 * 1:19982 <-> DISABLED <-> MALWARE-CNC Win32.Agent.wwe outbound connection (malware-cnc.rules)
 * 1:19983 <-> DISABLED <-> MALWARE-CNC Win32.Kolabc.fic outbound connection (malware-cnc.rules)
 * 1:19988 <-> DISABLED <-> MALWARE-CNC Asprox outbound connection (malware-cnc.rules)
 * 1:19991 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Zbot.PG runtime traffic detected (malware-cnc.rules)
 * 1:19992 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Farfli.A runtime traffic detected (malware-cnc.rules)
 * 1:19993 <-> DISABLED <-> MALWARE-CNC Win32 Poebot runtime traffic detected (malware-cnc.rules)
 * 1:19995 <-> ENABLED <-> MALWARE-CNC Waledac outbound connection (malware-cnc.rules)
 * 1:19996 <-> DISABLED <-> MALWARE-CNC Worm Brontok.C outbound connection (malware-cnc.rules)
 * 1:19997 <-> DISABLED <-> MALWARE-CNC Trojan PSW.Win32.QQPass.gam outbound connection (malware-cnc.rules)
 * 1:19998 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader.Win32.Agent.dyfn outbound connection (malware-cnc.rules)
 * 1:20001 <-> DISABLED <-> MALWARE-CNC Allaple.e outbound connection (malware-cnc.rules)
 * 1:20002 <-> DISABLED <-> MALWARE-CNC Allaple.e outbound connection (malware-cnc.rules)
 * 1:20003 <-> DISABLED <-> MALWARE-CNC Trojan Spy Pilonoc runtime traffic detected (malware-cnc.rules)
 * 1:20004 <-> DISABLED <-> MALWARE-CNC Trojan Spy Pilonoc install-time traffic detected (malware-cnc.rules)
 * 1:20005 <-> DISABLED <-> MALWARE-CNC Win32 Lecna.cr runtime traffic detected (malware-cnc.rules)
 * 1:20006 <-> DISABLED <-> MALWARE-CNC Worm Plurp.A runtime traffic detected (malware-cnc.rules)
 * 1:20008 <-> DISABLED <-> MALWARE-CNC Malware PDFMarca.A runtime traffic detected (malware-cnc.rules)
 * 1:20010 <-> DISABLED <-> MALWARE-CNC Win32/Babmote.A runtime TCP traffic detected (malware-cnc.rules)
 * 1:20011 <-> ENABLED <-> MALWARE-CNC Briewots.A runtime traffic detected (malware-cnc.rules)
 * 1:20014 <-> DISABLED <-> MALWARE-CNC Kaju outbound connection - confirmation (malware-cnc.rules)
 * 1:20015 <-> DISABLED <-> MALWARE-CNC Trojan Zeus outbound connection (malware-cnc.rules)
 * 1:20016 <-> DISABLED <-> MALWARE-CNC Trojan Zeus outbound connection (malware-cnc.rules)
 * 1:20017 <-> DISABLED <-> MALWARE-CNC Worm Win32.Koobface.dq outbound connection (malware-cnc.rules)
 * 1:20018 <-> DISABLED <-> MALWARE-CNC W32.Autorun.worm.dq outbound connection (malware-cnc.rules)
 * 1:20019 <-> DISABLED <-> MALWARE-CNC W32.Autorun.worm.dq outbound connection (malware-cnc.rules)
 * 1:20020 <-> DISABLED <-> MALWARE-CNC Malware Doctor outbound connection (malware-cnc.rules)
 * 1:20022 <-> DISABLED <-> MALWARE-CNC Worm Win32.Padobot.z outbound connection (malware-cnc.rules)
 * 1:20023 <-> DISABLED <-> MALWARE-CNC Advanced Virus Remover outbound connection (malware-cnc.rules)
 * 1:20024 <-> DISABLED <-> MALWARE-CNC Win32.Dreamy.bc outbound connection (malware-cnc.rules)
 * 1:20026 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Banker.abg.b outbound connection (malware-cnc.rules)
 * 1:20028 <-> DISABLED <-> MALWARE-CNC Windows Antivirus Pro outbound connection (malware-cnc.rules)
 * 1:20031 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:20034 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:20035 <-> DISABLED <-> MALWARE-CNC Trojan Win32 Coinbit.A runtime traffic detected (malware-cnc.rules)
 * 1:20036 <-> DISABLED <-> MALWARE-CNC Trojan Win32 Agent.ndau runtime traffic detected (malware-cnc.rules)
 * 1:20037 <-> DISABLED <-> MALWARE-CNC Trojan Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20038 <-> DISABLED <-> MALWARE-CNC Trojan Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20040 <-> DISABLED <-> MALWARE-CNC Trojan Win32.KSpyPro.A outbound connection (malware-cnc.rules)
 * 1:20042 <-> DISABLED <-> MALWARE-CNC Trojan Sinowal outbond connection (malware-cnc.rules)
 * 1:20043 <-> DISABLED <-> MALWARE-CNC Adware Kraddare.AZ outbound connection (malware-cnc.rules)
 * 1:20050 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory consumption vulnerability (file-flash.rules)
 * 1:20053 <-> DISABLED <-> MYSQL Database SELECT subquery denial of service attempt (mysql.rules)
 * 1:20057 <-> DISABLED <-> MALWARE-CNC BitCoin Miner IP query (malware-cnc.rules)
 * 1:20059 <-> DISABLED <-> FILE-IMAGE Apple Quicktime PictureViewer GIF rendering vulnerability (file-image.rules)
 * 1:20064 <-> DISABLED <-> MALWARE-CNC Malware Trojan.Win32.Clemag.A variant outbound connection (malware-cnc.rules)
 * 1:20066 <-> DISABLED <-> MALWARE-CNC Trojan Win32 SensLiceld.A runtime traffic detected (malware-cnc.rules)
 * 1:20067 <-> DISABLED <-> MALWARE-CNC Trojan Win32 Zatvex.A runtime traffic detected (malware-cnc.rules)
 * 1:20068 <-> DISABLED <-> MALWARE-CNC Trojan Jetilms.A runtime activity detected (malware-cnc.rules)
 * 1:20069 <-> DISABLED <-> MALWARE-CNC Trojan VB.alhq runtime traffic detected (malware-cnc.rules)
 * 1:20072 <-> ENABLED <-> BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (browser-firefox.rules)
 * 1:20074 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot.iseee outbound connection (malware-cnc.rules)
 * 1:20075 <-> DISABLED <-> MALWARE-CNC Win32.Ruskill.abl outbound connection (malware-cnc.rules)
 * 1:20076 <-> DISABLED <-> MALWARE-CNC Win32.Agobot.ast outbound connection (malware-cnc.rules)
 * 1:20077 <-> DISABLED <-> MALWARE-CNC Win32.Agobot.ast outbound connection (malware-cnc.rules)
 * 1:20078 <-> DISABLED <-> MALWARE-CNC Win32.Russkill.C outbound connection (malware-cnc.rules)
 * 1:20079 <-> DISABLED <-> MALWARE-CNC Win32.Russkill.C outbound connection (malware-cnc.rules)
 * 1:20080 <-> DISABLED <-> MALWARE-CNC Win32.Derusbi.A outbound connection (malware-cnc.rules)
 * 1:20081 <-> ENABLED <-> MALWARE-CNC Trojan Downloader.Win32.Yakes.cbi outbound connection (malware-cnc.rules)
 * 1:20082 <-> DISABLED <-> MALWARE-CNC Win32.Inject.raw outbound connection (malware-cnc.rules)
 * 1:20083 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Fucobha.A outbound connection (malware-cnc.rules)
 * 1:20085 <-> DISABLED <-> MALWARE-CNC Win32.Veebuu.BX outbound connection (malware-cnc.rules)
 * 1:20086 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banload.ABY outbound connection (malware-cnc.rules)
 * 1:20087 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banker.FGU outbound connection (malware-cnc.rules)
 * 1:20088 <-> DISABLED <-> MALWARE-CNC Win32.Emudbot.A outbound connection (malware-cnc.rules)
 * 1:20096 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.dcir outbound connection (malware-cnc.rules)
 * 1:20097 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.dcir infected host at destination ip (malware-cnc.rules)
 * 1:20098 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.KeyLogger.wav outbound connection (malware-cnc.rules)
 * 1:20099 <-> DISABLED <-> MALWARE-CNC Win32.Xtrat.A outbound connection (malware-cnc.rules)
 * 1:20107 <-> DISABLED <-> MALWARE-CNC Trojan Downloader.Win32.Small.Cns outbound connection (malware-cnc.rules)
 * 1:20108 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banker.Pher outbound connection (malware-cnc.rules)
 * 1:20109 <-> DISABLED <-> MALWARE-CNC Win32.Zombie.sm outbound connection (malware-cnc.rules)
 * 1:20131 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20181 <-> ENABLED <-> FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (file-flash.rules)
 * 1:20182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player viewSource blacklist exclusion attempt (file-flash.rules)
 * 1:20183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setInterval use attempt (file-flash.rules)
 * 1:20202 <-> ENABLED <-> MALWARE-CNC Apple OSX.Revir-1 outbound connection (malware-cnc.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win32.Trojan.Taidoor outbound connection (malware-cnc.rules)
 * 1:20205 <-> DISABLED <-> MALWARE-CNC Win32/Poison beaconing request (malware-cnc.rules)
 * 1:20206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (file-flash.rules)
 * 1:20211 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive stack overflow attempt (file-flash.rules)
 * 1:20213 <-> ENABLED <-> MALWARE-CNC Win32.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:20217 <-> DISABLED <-> MALWARE-CNC Win32.Ramagedos.A outbound connection (malware-cnc.rules)
 * 1:20218 <-> DISABLED <-> MALWARE-CNC Win32.Ramagedos.A outbound connection (malware-cnc.rules)
 * 1:20219 <-> DISABLED <-> MALWARE-CNC Win32.ToriaSpy.A outbound connection (malware-cnc.rules)
 * 1:20221 <-> DISABLED <-> MALWARE-CNC Trojan.Injector outbound connection (malware-cnc.rules)
 * 1:20222 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Payazol.B outbound connection (malware-cnc.rules)
 * 1:20228 <-> ENABLED <-> MALWARE-CNC Win32.Hupigon variant outbound connection (malware-cnc.rules)
 * 1:20229 <-> ENABLED <-> MALWARE-CNC Win32.Jinchodz variant outbound connection (malware-cnc.rules)
 * 1:20232 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Cycbot outbound connection (malware-cnc.rules)
 * 1:20233 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Virut outbound connection (malware-cnc.rules)
 * 1:20234 <-> DISABLED <-> MALWARE-CNC Win32.Ceckno.cmz runtime traffic detected (malware-cnc.rules)
 * 1:20235 <-> DISABLED <-> MALWARE-CNC Win32.AdobeReader.Uz runtime traffic detected (malware-cnc.rules)
 * 1:20252 <-> DISABLED <-> MALWARE-CNC DroidKungFu check-in (malware-cnc.rules)
 * 1:20261 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows win32k.sys kernel mode null pointer dereference attempt (file-executable.rules)
 * 1:20262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access (browser-ie.rules)
 * 1:20264 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer selection option and form reset attack (browser-ie.rules)
 * 1:20265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer null attribute crash (browser-ie.rules)
 * 1:20266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (browser-ie.rules)
 * 1:20267 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer circular reference exploit attempt (browser-ie.rules)
 * 1:20268 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (browser-ie.rules)
 * 1:20270 <-> ENABLED <-> FILE-EXECUTABLE Microsoft Windows afd.sys kernel-mode memory corruption attempt (file-executable.rules)
 * 1:20273 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer jscript9 parsing corruption attempt (browser-ie.rules)
 * 1:20277 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:20278 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20279 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:20280 <-> ENABLED <-> MALWARE-CNC Win32.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20281 <-> ENABLED <-> MALWARE-CNC Win32.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20283 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC ModPlug ReadS3M overflow attempt (file-multimedia.rules)
 * 1:20284 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC ModPlug ReadS3M overflow attempt (file-multimedia.rules)
 * 1:20289 <-> DISABLED <-> MALWARE-CNC Win32.Doschald.A outbound connection (malware-cnc.rules)
 * 1:20290 <-> DISABLED <-> MALWARE-CNC Win32.Doschald.A inbound connection (malware-cnc.rules)
 * 1:20291 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Mybios.A outbound connection (malware-cnc.rules)
 * 1:20292 <-> DISABLED <-> MALWARE-CNC Trojan Win32.FresctSpy.A outbound connection (malware-cnc.rules)
 * 1:20294 <-> DISABLED <-> FILE-IMAGE Metasploit LibTiff Exploit (file-image.rules)
 * 1:20295 <-> DISABLED <-> FILE-IMAGE Public LibTiff Exploit (file-image.rules)
 * 1:20428 <-> DISABLED <-> MALWARE-CNC Win32.Zewit.A outbound connection (malware-cnc.rules)
 * 1:20432 <-> DISABLED <-> MALWARE-CNC Win32.Hiloti outbound connection (malware-cnc.rules)
 * 1:20435 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win32.Zbot.Svr runtime traffic detected (malware-cnc.rules)
 * 1:20447 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Agent.JAAK outbound connection (malware-cnc.rules)
 * 1:20448 <-> DISABLED <-> MALWARE-CNC Win32.Meciv.A outbound connection (malware-cnc.rules)
 * 1:20449 <-> DISABLED <-> MALWARE-CNC Worm Win32.Busifom.A outbound connection (malware-cnc.rules)
 * 1:20452 <-> DISABLED <-> FILE-IDENTIFY GZip file magic detected (file-identify.rules)
 * 1:20453 <-> DISABLED <-> FILE-IDENTIFY Script encoder file magic detected (file-identify.rules)
 * 1:20454 <-> DISABLED <-> FILE-IDENTIFY Postscript file magic detected (file-identify.rules)
 * 1:20455 <-> DISABLED <-> FILE-IDENTIFY BinHex file magic detected (file-identify.rules)
 * 1:20458 <-> DISABLED <-> FILE-IDENTIFY bzip file magic detected (file-identify.rules)
 * 1:20461 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows CAB file magic detected (file-identify.rules)
 * 1:20472 <-> DISABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20474 <-> DISABLED <-> FILE-IDENTIFY Symantec file magic detected (file-identify.rules)
 * 1:20476 <-> DISABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:20479 <-> DISABLED <-> FILE-IDENTIFY CryptFF file magic detected (file-identify.rules)
 * 1:20484 <-> DISABLED <-> FILE-IDENTIFY SIS file magic detected (file-identify.rules)
 * 1:20485 <-> DISABLED <-> FILE-IDENTIFY SIP log file magic detected (file-identify.rules)
 * 1:20487 <-> DISABLED <-> FILE-IDENTIFY 7zip file magic detected (file-identify.rules)
 * 1:20488 <-> DISABLED <-> FILE-IDENTIFY MachO Little Endian file magic detected (file-identify.rules)
 * 1:20489 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:20490 <-> DISABLED <-> FILE-IDENTIFY MachO Big Endian file magic detected (file-identify.rules)
 * 1:20491 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Big Endian file magic detected (file-identify.rules)
 * 1:20513 <-> DISABLED <-> FILE-IDENTIFY ffmpeg file magic detected (file-identify.rules)
 * 1:20515 <-> DISABLED <-> FILE-IDENTIFY ivr file magic detected (file-identify.rules)
 * 1:20519 <-> DISABLED <-> FILE-IDENTIFY vmd file download request (file-identify.rules)
 * 1:20520 <-> DISABLED <-> FILE-IDENTIFY vmd file magic detected (file-identify.rules)
 * 1:20525 <-> DISABLED <-> MALWARE-CNC Trojan.Duqu contact to C&C server (malware-cnc.rules)
 * 1:20527 <-> ENABLED <-> MALWARE-CNC Sirefef initial C&C connection outbound connection (malware-cnc.rules)
 * 1:20545 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (file-flash.rules)
 * 1:20547 <-> DISABLED <-> FILE-FLASH Adobe Flash Player overlapping record overflow attempt (file-flash.rules)
 * 1:20548 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (file-flash.rules)
 * 1:20549 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (file-flash.rules)
 * 1:20550 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Mover3D clipping exploit (file-flash.rules)
 * 1:20551 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (file-flash.rules)
 * 1:20555 <-> DISABLED <-> FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (file-flash.rules)
 * 1:20556 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (file-flash.rules)
 * 1:20557 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (file-flash.rules)
 * 1:20560 <-> DISABLED <-> FILE-FLASH Adobe Flash Player salign null javascript access attempt (file-flash.rules)
 * 1:20561 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.PWSBanker.SHE contact to cnc-server (malware-cnc.rules)
 * 1:20562 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.PWSBanker.SHE contact to cnc-server (malware-cnc.rules)
 * 1:20567 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (file-flash.rules)
 * 1:20568 <-> DISABLED <-> FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (file-flash.rules)
 * 1:20569 <-> DISABLED <-> MALWARE-CNC Win32.Small.kb outbound connection (malware-cnc.rules)
 * 1:20570 <-> DISABLED <-> MALWARE-CNC Win32.Small.kb outbound connection (malware-cnc.rules)
 * 1:20571 <-> DISABLED <-> MALWARE-CNC Win32.Small.kb outbound connection (malware-cnc.rules)
 * 1:20579 <-> DISABLED <-> BROWSER-CHROME Google Chrome and Apple Safari Ruby before and after memory corruption (browser-chrome.rules)
 * 1:20587 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Larchik.A backdoor phishing (malware-cnc.rules)
 * 1:20593 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit libxslt arbitrary file creation attempt (browser-webkit.rules)
 * 1:20595 <-> DISABLED <-> MALWARE-CNC Win32.Ixeshe.F backdoor access (malware-cnc.rules)
 * 1:20596 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20597 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20598 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20599 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20600 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (browser-firefox.rules)
 * 1:20604 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Buzus.isqy trojan phishing (malware-cnc.rules)
 * 1:20605 <-> DISABLED <-> MALWARE-CNC Win32.R2d2.A contact to cnc server (malware-cnc.rules)
 * 1:20606 <-> DISABLED <-> MALWARE-CNC Win32.Domsingx.A contact to C&C server (malware-cnc.rules)
 * 1:20626 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Shylock.A contact to C&C server (malware-cnc.rules)
 * 1:20627 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Shylock.A C&C server response (malware-cnc.rules)
 * 1:20630 <-> DISABLED <-> MALWARE-CNC Win32.Winnti.A contact to cnc server (malware-cnc.rules)
 * 1:20634 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (browser-ie.rules)
 * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20639 <-> DISABLED <-> MALWARE-CNC Malware Trojan.Win32.Higest.N outbound connection (malware-cnc.rules)
 * 1:20661 <-> DISABLED <-> MALWARE-CNC Simbda variant outbound connection (malware-cnc.rules)
 * 1:20676 <-> DISABLED <-> MALWARE-CNC Win32.EggDrop.acn connect to cnc-server (malware-cnc.rules)
 * 1:20677 <-> DISABLED <-> MALWARE-CNC Win32.EggDrop.acn connect to cnc-server (malware-cnc.rules)
 * 1:20678 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.aior contact to cnc-server (malware-cnc.rules)
 * 1:20679 <-> DISABLED <-> MALWARE-CNC Win32.Syrutrk connect to cnc-server (malware-cnc.rules)
 * 1:20681 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS connect to cnc-server (malware-cnc.rules)
 * 1:20682 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS connect to cnc-server (malware-cnc.rules)
 * 1:20683 <-> DISABLED <-> MALWARE-CNC Cleanvaccine connect to cnc-server (malware-cnc.rules)
 * 1:20684 <-> DISABLED <-> MALWARE-CNC Cleanvaccine connect to cnc-server (malware-cnc.rules)
 * 1:20685 <-> DISABLED <-> MALWARE-CNC Win32.Heloag.A connect to cnc-server (malware-cnc.rules)
 * 1:20686 <-> DISABLED <-> MALWARE-CNC Win32.Virut.BM connect to client (malware-cnc.rules)
 * 1:20687 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.akhg connect to cnc-server (malware-cnc.rules)
 * 1:20688 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib connect to cnc-server (malware-cnc.rules)
 * 1:20689 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib connect to cnc-server (malware-cnc.rules)
 * 1:20693 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Blackcontrol.A contact to cnc-server (malware-cnc.rules)
 * 1:20694 <-> DISABLED <-> MALWARE-CNC Win32.SSonce.A backdoor access (malware-cnc.rules)
 * 1:20695 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.GZW connect to cnc server (malware-cnc.rules)
 * 1:20696 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20697 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20699 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSRF timing attack against XSS filter (browser-ie.rules)
 * 1:20727 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox user interface event dispatcher dos attempt (browser-firefox.rules)
 * 1:20735 <-> ENABLED <-> FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (file-other.rules)
 * 1:20736 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari x-man-page URI terminal escape attempt (browser-webkit.rules)
 * 1:20754 <-> ENABLED <-> MALWARE-CNC Win32.Virut-3 outbound connection (malware-cnc.rules)
 * 1:20755 <-> ENABLED <-> MALWARE-CNC Win32.Krap outbound connection (malware-cnc.rules)
 * 1:20756 <-> ENABLED <-> MALWARE-CNC Win32.Jorik variant outbound connection (malware-cnc.rules)
 * 1:20759 <-> ENABLED <-> MALWARE-CNC Trojan Win32.Gbot.oce outbound connection (malware-cnc.rules)
 * 1:20762 <-> ENABLED <-> MALWARE-CNC MacOS.Flashback.A outbound connection (malware-cnc.rules)
 * 1:20763 <-> ENABLED <-> MALWARE-CNC Trojan.Spyeye-206 outbound connection (malware-cnc.rules)
 * 1:20766 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20767 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:20768 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20769 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20770 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20771 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20772 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20773 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20774 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20775 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20776 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (file-other.rules)
 * 1:20777 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption attempt (file-flash.rules)
 * 1:20778 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - economy.rar (file-flash.rules)
 * 1:20779 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - dear chu.rar (file-flash.rules)
 * 1:20780 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - namelist.xls (file-flash.rules)
 * 1:20781 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20782 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - economy.rar (file-flash.rules)
 * 1:20783 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - dear chu.rar (file-flash.rules)
 * 1:20784 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - namelist.xls (file-flash.rules)
 * 1:20785 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20786 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20787 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20788 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20789 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20790 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:20803 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (file-flash.rules)
 * 1:20804 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20805 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20806 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20807 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20808 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20809 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20810 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20811 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:20822 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (browser-ie.rules)
 * 1:20830 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banbra.amdu outbound connection (malware-cnc.rules)
 * 1:20836 <-> DISABLED <-> MALWARE-CNC Win32.Zusy.A runtime traffic detected (malware-cnc.rules)
 * 1:20837 <-> DISABLED <-> MALWARE-CNC Win32.Mecklow.C runtime traffic detected (malware-cnc.rules)
 * 1:20838 <-> DISABLED <-> MALWARE-CNC Win32.Smokebot.A runtime traffic detected (malware-cnc.rules)
 * 1:20844 <-> DISABLED <-> MALWARE-CNC Win32.Banker.smxy runtime traffic detected (malware-cnc.rules)
 * 1:20858 <-> DISABLED <-> FILE-OTHER Oracle Java getSoundBank overflow Attempt malicious jar file (file-other.rules)
 * 1:20877 <-> DISABLED <-> MALWARE-CNC RunTime Worm.Win32.Warezov.gs outbound connection (malware-cnc.rules)
 * 1:20880 <-> DISABLED <-> FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (file-office.rules)
 * 1:20890 <-> DISABLED <-> MALWARE-CNC Win32.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20891 <-> DISABLED <-> MALWARE-CNC Win32.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20892 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Skopvel.A runtime traffic detected (malware-cnc.rules)
 * 1:20901 <-> ENABLED <-> WEB-ACTIVEX Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (web-activex.rules)
 * 1:20902 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20903 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20904 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (file-other.rules)
 * 1:20927 <-> ENABLED <-> MALWARE-CNC Trojan.Spyeye-207 outbound connection (malware-cnc.rules)
 * 1:20999 <-> ENABLED <-> BROWSER-WEBKIT Microsoft Windows 7 x64 Apple Safari abnormally long iframe exploit attempt (browser-webkit.rules)
 * 1:21003 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html request (malware-cnc.rules)
 * 1:21004 <-> DISABLED <-> MALWARE-CNC Cute Pack cute-ie.html landing page (malware-cnc.rules)
 * 1:21005 <-> DISABLED <-> MALWARE-CNC Yang Pack yg.htm download request (malware-cnc.rules)
 * 1:21006 <-> DISABLED <-> MALWARE-CNC Yang Pack yg.htm landing page (malware-cnc.rules)
 * 1:21028 <-> DISABLED <-> MALWARE-CNC Trojan.Usinec connect to server (malware-cnc.rules)
 * 1:21041 <-> ENABLED <-> EXPLOIT-KIT URI possible Blackhole URL - main.php?page= (exploit-kit.rules)
 * 1:21042 <-> ENABLED <-> EXPLOIT-KIT URI possible Blackhole post-compromise download attempt - .php?f= (exploit-kit.rules)
 * 1:21043 <-> ENABLED <-> EXPLOIT-KIT URI possible Blackhole post-compromise download attempt - .php?e= (exploit-kit.rules)
 * 1:21044 <-> ENABLED <-> EXPLOIT-KIT possible Blackhole landing page (exploit-kit.rules)
 * 1:21045 <-> ENABLED <-> EXPLOIT-KIT possible Blackhole landing page (exploit-kit.rules)
 * 1:21046 <-> ENABLED <-> MALWARE-CNC known malicious SSL certificate - Sykipot C&C (malware-cnc.rules)
 * 1:21047 <-> ENABLED <-> MALWARE-CNC known malicious SSL certificate - Sykipot C&C (malware-cnc.rules)
 * 1:21055 <-> DISABLED <-> MALWARE-CNC Win32.Utka.A outbound connection (malware-cnc.rules)
 * 1:21057 <-> ENABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21058 <-> DISABLED <-> MALWARE-CNC Win32.AutoIt.pm runtime traffic detected (malware-cnc.rules)
 * 1:21068 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit landing page (exploit-kit.rules)
 * 1:21069 <-> ENABLED <-> EXPLOIT-KIT Eleanore exploit kit exploit fetch request (exploit-kit.rules)
 * 1:21078 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow GraphEdt closed captioning memory corruption (file-multimedia.rules)
 * 1:21086 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption (browser-ie.rules)
 * 1:21087 <-> DISABLED <-> MALWARE-CNC Bindow.Worm runtime traffic detected (malware-cnc.rules)
 * 1:21090 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp player mp4 memory corruption attempt (file-multimedia.rules)
 * 1:21091 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp player mp4 memory corruption attempt (file-multimedia.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (file-multimedia.rules)
 * 1:21098 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit landing page (exploit-kit.rules)
 * 1:21099 <-> ENABLED <-> EXPLOIT-KIT Crimepack exploit kit malicious pdf request (exploit-kit.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (file-multimedia.rules)
 * 1:21108 <-> ENABLED <-> EXPLOIT-KIT unknown exploit kit obfuscated landing page (exploit-kit.rules)
 * 1:21112 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules)
 * 1:21117 <-> ENABLED <-> INDICATOR-COMPROMISE WSO web shell (indicator-compromise.rules)
 * 1:21118 <-> ENABLED <-> INDICATOR-COMPROMISE WSO web shell security information display (indicator-compromise.rules)
 * 1:21119 <-> ENABLED <-> INDICATOR-COMPROMISE WSO web shell interactive file system information display (indicator-compromise.rules)
 * 1:21120 <-> ENABLED <-> INDICATOR-COMPROMISE WSO web shell interactive console display (indicator-compromise.rules)
 * 1:21121 <-> ENABLED <-> INDICATOR-COMPROMISE WSO web shell interactive SQL display (indicator-compromise.rules)
 * 1:21122 <-> DISABLED <-> MALWARE-CNC Win32.Bandok.zp runtime traffic detected (malware-cnc.rules)
 * 1:21123 <-> DISABLED <-> MALWARE-CNC Win32.Flymux.A runtime traffic detected (malware-cnc.rules)
 * 1:21124 <-> DISABLED <-> MALWARE-CNC Win32.Opachki.A runtime traffic detected (malware-cnc.rules)
 * 1:21125 <-> DISABLED <-> MALWARE-CNC Win32.Alureon.DG runtime traffic detected (malware-cnc.rules)
 * 1:21126 <-> DISABLED <-> MALWARE-CNC Win32.Koutodoor.C runtime traffic detected (malware-cnc.rules)
 * 1:21127 <-> DISABLED <-> MALWARE-CNC Win32.Setfic.A runtime traffic detected (malware-cnc.rules)
 * 1:21128 <-> DISABLED <-> MALWARE-CNC Win.32.Dromedan.A runtime traffic detected (malware-cnc.rules)
 * 1:21129 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell (indicator-compromise.rules)
 * 1:21130 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell enumeration page (indicator-compromise.rules)
 * 1:21131 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell domain lookup page (indicator-compromise.rules)
 * 1:21132 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell sql interaction page (indicator-compromise.rules)
 * 1:21133 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell encoder page (indicator-compromise.rules)
 * 1:21134 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell security information page (indicator-compromise.rules)
 * 1:21135 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell password cracking page (indicator-compromise.rules)
 * 1:21136 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell security bypass page (indicator-compromise.rules)
 * 1:21137 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell tools page (indicator-compromise.rules)
 * 1:21138 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell database parsing page (indicator-compromise.rules)
 * 1:21139 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell spread shell page (indicator-compromise.rules)
 * 1:21140 <-> ENABLED <-> INDICATOR-COMPROMISE Mulcishell web shell kill shell page (indicator-compromise.rules)
 * 1:21141 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit control panel access (exploit-kit.rules)
 * 1:21142 <-> DISABLED <-> MALWARE-CNC Win32.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21143 <-> DISABLED <-> MALWARE-CNC Win32.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21144 <-> DISABLED <-> MALWARE-CNC Win32.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21145 <-> DISABLED <-> MALWARE-CNC Win32.Neraweq.A runtime traffic detected (malware-cnc.rules)
 * 1:21151 <-> DISABLED <-> MALWARE-CNC Win32.Stegae.A runtime traffic detected (malware-cnc.rules)
 * 1:21160 <-> ENABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:21166 <-> DISABLED <-> BROWSER-CHROME Google Chrome https spoofing attempt (browser-chrome.rules)
 * 1:21168 <-> ENABLED <-> FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (file-multimedia.rules)
 * 1:21173 <-> DISABLED <-> FILE-EXECUTABLE APP-CONTROL Thunder p2p application download detection (file-executable.rules)
 * 1:21177 <-> DISABLED <-> MALWARE-CNC Win32.Ganipin.A inbound connection (malware-cnc.rules)
 * 1:21178 <-> DISABLED <-> MALWARE-CNC Trojan Downloader Win32.Chekafe.A outbound connection (malware-cnc.rules)
 * 1:21179 <-> DISABLED <-> MALWARE-CNC Win32.Coofus.RFM outbound connection (malware-cnc.rules)
 * 1:21180 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Magania.clfv outbound connection (malware-cnc.rules)
 * 1:21181 <-> DISABLED <-> MALWARE-CNC Win32.Agent.czgu outbound connection (malware-cnc.rules)
 * 1:21182 <-> DISABLED <-> MALWARE-CNC Win32.MeSub.ac outbound connection (malware-cnc.rules)
 * 1:21183 <-> DISABLED <-> MALWARE-CNC Win32.Agent.alfu outbound connection (malware-cnc.rules)
 * 1:21185 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Kufgal.A inbound connection (malware-cnc.rules)
 * 1:21187 <-> DISABLED <-> MALWARE-CNC Win32.Xlahlah.A outbound connection (malware-cnc.rules)
 * 1:21189 <-> ENABLED <-> BROWSER-WEBKIT Apple Safari innerHTML use after free exploit attempt (browser-webkit.rules)
 * 1:21192 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Syswrt.dvd outbound connection (malware-cnc.rules)
 * 1:21193 <-> DISABLED <-> MALWARE-CNC Win32.Dalbot.A outbound connection (malware-cnc.rules)
 * 1:21194 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Wealwedst.A outbound connection (malware-cnc.rules)
 * 1:21195 <-> DISABLED <-> MALWARE-CNC Win32.Protux.B outbound connection (malware-cnc.rules)
 * 1:21196 <-> DISABLED <-> MALWARE-CNC Win32.Caphaw.A outbound connection (malware-cnc.rules)
 * 1:21197 <-> DISABLED <-> MALWARE-CNC Win32.Caphaw.A outbound connection (malware-cnc.rules)
 * 1:21198 <-> DISABLED <-> MALWARE-CNC Win32.Qinubot.A outbound connection (malware-cnc.rules)
 * 1:21199 <-> DISABLED <-> MALWARE-CNC Win32.Qinubot.A outbound connection (malware-cnc.rules)
 * 1:21200 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Yakes.cmu outbound connection (malware-cnc.rules)
 * 1:21201 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Yakes.cmu outbound connection (malware-cnc.rules)
 * 1:21202 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Scapzilla.A outbound connection (malware-cnc.rules)
 * 1:21203 <-> DISABLED <-> MALWARE-CNC Virus Win32.Induc.B outbound connection (malware-cnc.rules)
 * 1:21204 <-> DISABLED <-> MALWARE-CNC Virus Win32.Induc.B outbound connection (malware-cnc.rules)
 * 1:21205 <-> DISABLED <-> MALWARE-CNC Virus Win32.Induc.B outbound connection (malware-cnc.rules)
 * 1:21207 <-> DISABLED <-> MALWARE-CNC Win32.Dekara.A outbound connection (malware-cnc.rules)
 * 1:21208 <-> ENABLED <-> MALWARE-CNC Win32.RShot.brw outbound connection (malware-cnc.rules)
 * 1:21209 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Enviserv.A outbound connection (malware-cnc.rules)
 * 1:21210 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Rallovs.A outbound connection (malware-cnc.rules)
 * 1:21211 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banker.slrj outbound connection (malware-cnc.rules)
 * 1:21212 <-> DISABLED <-> MALWARE-CNC Win32.Hupigon.nkor outbound connection (malware-cnc.rules)
 * 1:21213 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Cridex.B outbound connection (malware-cnc.rules)
 * 1:21215 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banker.Am outbound connection (malware-cnc.rules)
 * 1:21216 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banker.Am outbound connection (malware-cnc.rules)
 * 1:21217 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Banker.Am outbound connection (malware-cnc.rules)
 * 1:21218 <-> DISABLED <-> MALWARE-CNC Trojan Win32.Sodager.C outbound connection (malware-cnc.rules)
 * 1:21219 <-> DISABLED <-> MALWARE-CNC Win32.Sysckbc outbound connection (malware-cnc.rules)
 * 1:21220 <-> DISABLED <-> MALWARE-CNC Win32.Susnatache.A inbound connection (malware-cnc.rules)
 * 1:21221 <-> DISABLED <-> MALWARE-CNC Win32.Susnatache.A outbound connection (malware-cnc.rules)
 * 1:21222 <-> DISABLED <-> MALWARE-CNC Win32.Kcahneila.A outbound connection (malware-cnc.rules)
 * 1:21223 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Gyplit.A outbound connection (malware-cnc.rules)
 * 1:21224 <-> DISABLED <-> MALWARE-CNC Trojan.MacOS.DevilRobber.A outbound connection (malware-cnc.rules)
 * 1:21226 <-> DISABLED <-> MALWARE-CNC Win32.Louisdreyfu.A outbound connection (malware-cnc.rules)
 * 1:21227 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Bulknet.A outbound connection (malware-cnc.rules)
 * 1:21228 <-> DISABLED <-> MALWARE-CNC Win32.Cerberat.A outbound connection (malware-cnc.rules)
 * 1:21229 <-> DISABLED <-> MALWARE-CNC Win32.Synljdos.A outbound connection (malware-cnc.rules)
 * 1:21230 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Betad.A outbound connection (malware-cnc.rules)
 * 1:21231 <-> DISABLED <-> MALWARE-CNC Win32.Bedobot.B outbound connection (malware-cnc.rules)
 * 1:21239 <-> ENABLED <-> MALWARE-CNC W32.Kazy variant outbound connection (malware-cnc.rules)
 * 1:21240 <-> ENABLED <-> MALWARE-CNC MsUpdater Trojan outbound connection (malware-cnc.rules)
 * 1:21241 <-> ENABLED <-> MALWARE-CNC MsUpdater Trojan initial outbound connection (malware-cnc.rules)
 * 1:21242 <-> ENABLED <-> MALWARE-CNC MsUpdater Trojan outbound connection (malware-cnc.rules)
 * 1:21249 <-> DISABLED <-> MALWARE-CNC Win32.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21250 <-> DISABLED <-> MALWARE-CNC Win32.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21251 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Sirefef.P runtime detection (malware-cnc.rules)
 * 1:21252 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Sirefef.P runtime detection (malware-cnc.rules)
 * 1:21259 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit response (exploit-kit.rules)
 * 1:21262 <-> DISABLED <-> NETBIOS DCERPC ISystemActivate flood attempt (netbios.rules)
 * 1:21269 <-> ENABLED <-> MALWARE-CNC W32.Cycbot variant outbound connection (malware-cnc.rules)
 * 1:21272 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer orphan DOM objects memory corruption attempt (browser-ie.rules)
 * 1:21273 <-> DISABLED <-> MALWARE-CNC Tusha.cv runtime traffic detected (malware-cnc.rules)
 * 1:21274 <-> DISABLED <-> MALWARE-CNC Tusha.cv runtime traffic detected (malware-cnc.rules)
 * 1:21275 <-> DISABLED <-> MALWARE-CNC Hupigon.hddn runtime traffic detected (malware-cnc.rules)
 * 1:21276 <-> DISABLED <-> MALWARE-CNC Hupigon.hddn install time traffic detected (malware-cnc.rules)
 * 1:21277 <-> DISABLED <-> MALWARE-CNC Win32.Shexie.A runtime traffic detected (malware-cnc.rules)
 * 1:21279 <-> DISABLED <-> MALWARE-CNC Win.32.Kbot.s runtime traffic detected (malware-cnc.rules)
 * 1:21280 <-> DISABLED <-> MALWARE-CNC Win32 Turkojan.C runtime traffic detected (malware-cnc.rules)
 * 1:21294 <-> DISABLED <-> MALWARE-CNC Win32.Bancodor.be runtime traffic detected (malware-cnc.rules)
 * 1:21300 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 null character in string information disclosure attempt (browser-ie.rules)
 * 1:21303 <-> DISABLED <-> MALWARE-CNC Win32 Initor.ag runtime traffic detected (malware-cnc.rules)
 * 1:21304 <-> DISABLED <-> MALWARE-CNC Win32 Mdmbot.B runtime traffic detected (malware-cnc.rules)
 * 1:21305 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (file-executable.rules)
 * 1:21306 <-> ENABLED <-> MALWARE-CNC Win32.Spyeye variant outbound connectivity check (malware-cnc.rules)
 * 1:21308 <-> DISABLED <-> FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (file-other.rules)
 * 1:21311 <-> ENABLED <-> MALWARE-CNC W32.Dofoil variant outbound connection (malware-cnc.rules)
 * 1:21312 <-> ENABLED <-> MALWARE-CNC W32.Dofoil variant outbound connectivity check (malware-cnc.rules)
 * 1:21313 <-> ENABLED <-> MALWARE-CNC W32.Dofoil variant outbound connection (malware-cnc.rules)
 * 1:21316 <-> DISABLED <-> FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (file-other.rules)
 * 1:21317 <-> DISABLED <-> FILE-OTHER BACnet OPC client csv file buffer overflow attempt (file-other.rules)
 * 1:21318 <-> ENABLED <-> MALWARE-CNC Win32.FakeAV TDSS/PurpleHaze outbound connection - base64 encoded (malware-cnc.rules)
 * 1:21319 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player version.dll dll-load exploit attempt (file-flash.rules)
 * 1:21320 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player atl.dll dll-load exploit attempt (file-flash.rules)
 * 1:21321 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player uxtheme.dll dll-load exploit attempt (file-flash.rules)
 * 1:21322 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player version.dll dll-load exploit attempt (file-flash.rules)
 * 1:21323 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player atl.dll dll-load exploit attempt (file-flash.rules)
 * 1:21324 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player uxtheme.dll dll-load exploit attempt (file-flash.rules)
 * 1:21325 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross site request forgery attempt (file-flash.rules)
 * 1:21326 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActiveX URL import attempt (file-flash.rules)
 * 1:21335 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (file-flash.rules)
 * 1:21336 <-> DISABLED <-> FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (file-flash.rules)
 * 1:21338 <-> ENABLED <-> FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (file-flash.rules)
 * 1:21339 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'auth' field attempt (file-multimedia.rules)
 * 1:21340 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'titl' field attempt (file-multimedia.rules)
 * 1:21341 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (file-multimedia.rules)
 * 1:21342 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'cprt' field attempt (file-multimedia.rules)
 * 1:21343 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf request (exploit-kit.rules)
 * 1:21344 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf download (exploit-kit.rules)
 * 1:21345 <-> DISABLED <-> EXPLOIT-KIT possible Blackhole exploit kit malicious jar request (exploit-kit.rules)
 * 1:21346 <-> DISABLED <-> EXPLOIT-KIT possible Blackhole exploit kit malicious jar download (exploit-kit.rules)
 * 1:21347 <-> ENABLED <-> EXPLOIT-KIT URI possible Blackhole URL - .php?page= (exploit-kit.rules)
 * 1:21348 <-> ENABLED <-> EXPLOIT-KIT URI possible Blackhole URL - search.php?page= (exploit-kit.rules)
 * 1:21353 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mouse drag hijack (browser-ie.rules)
 * 1:21359 <-> DISABLED <-> MALWARE-CNC Win32.VB.jju runtime traffic detected (malware-cnc.rules)
 * 1:21360 <-> DISABLED <-> MALWARE-CNC Win32 Agent.dbzx runtime traffic detected (malware-cnc.rules)
 * 1:21361 <-> DISABLED <-> MALWARE-CNC Worm.Win32.TDownland.ca runtime traffic detected (malware-cnc.rules)
 * 1:21362 <-> DISABLED <-> MALWARE-CNC Trojan Win32.TDSS.aa runtime traffic detected (malware-cnc.rules)
 * 1:21363 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:21364 <-> DISABLED <-> MALWARE-CNC DOQ.gen.y RUNTIME traffic detected (malware-cnc.rules)
 * 1:21365 <-> DISABLED <-> MALWARE-CNC DOQ.gen.y RUNTIME traffic detected (malware-cnc.rules)
 * 1:21366 <-> DISABLED <-> MALWARE-CNC DOQ.gen.y INSTALL traffic detected (malware-cnc.rules)
 * 1:21367 <-> DISABLED <-> MALWARE-CNC Win32 VB.abcl runtime traffic detected (malware-cnc.rules)
 * 1:21368 <-> DISABLED <-> MALWARE-CNC Win32.Wallop.de runtime traffic detected (malware-cnc.rules)
 * 1:21369 <-> DISABLED <-> MALWARE-CNC Win32.Wallop.de runtime traffic detected (malware-cnc.rules)
 * 1:21371 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (file-other.rules)
 * 1:21372 <-> DISABLED <-> MALWARE-CNC Malware Defense runtime traffic detected (malware-cnc.rules)
 * 1:21373 <-> DISABLED <-> MALWARE-CNC Malware Defense runtime traffic detected (malware-cnc.rules)
 * 1:21374 <-> DISABLED <-> MALWARE-CNC Win32.Bifrose.EF runtime traffic detected (malware-cnc.rules)
 * 1:21376 <-> DISABLED <-> MALWARE-CNC Trojan Microjoin activity (malware-cnc.rules)
 * 1:21379 <-> DISABLED <-> MALWARE-CNC Win32.Genome.Amqj runtime traffic detected (malware-cnc.rules)
 * 1:21381 <-> DISABLED <-> MALWARE-CNC Win32.Dialer.ngb runtime traffic detected (malware-cnc.rules)
 * 1:21382 <-> DISABLED <-> MALWARE-CNC Win32.Nuqel.Q host setting3.yeahost.com runtime traffic detected (malware-cnc.rules)
 * 1:21383 <-> DISABLED <-> MALWARE-CNC Win32.Nuqel.Q host 9999mb.com runtime traffic detected (malware-cnc.rules)
 * 1:21384 <-> DISABLED <-> MALWARE-CNC Win32.Nuqel.Q host freewebs.com runtime traffic detected (malware-cnc.rules)
 * 1:21386 <-> DISABLED <-> MALWARE-CNC Win32.Wadolin.A runtime traffic detected (malware-cnc.rules)
 * 1:21390 <-> DISABLED <-> MALWARE-CNC Win32.Agobot.dl runtime traffic detected (malware-cnc.rules)
 * 1:21391 <-> DISABLED <-> MALWARE-CNC Win32.Agent.dcac runtime traffic detected (malware-cnc.rules)
 * 1:21392 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer writing-mode property memory corruption attempt (browser-ie.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21394 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox null byte file remote code execution attempt (browser-firefox.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (file-multimedia.rules)
 * 1:21399 <-> DISABLED <-> BROWSER-OTHER Opera Web Browser History Search Input validation vulnerability (browser-other.rules)
 * 1:21400 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Kenzor.B outbound connection (malware-cnc.rules)
 * 1:21401 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Kenzor.B outbound connection (malware-cnc.rules)
 * 1:21402 <-> DISABLED <-> MALWARE-CNC Win32.Ponfoy.A runtime detection (malware-cnc.rules)
 * 1:21403 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Vobfus.DL runtime detection (malware-cnc.rules)
 * 1:21404 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Vobfus.DL runtime detection cont (malware-cnc.rules)
 * 1:21416 <-> DISABLED <-> MALWARE-CNC Trojan.Bankpatch.C authentication string detected (malware-cnc.rules)
 * 1:21418 <-> ENABLED <-> MALWARE-CNC Trojan.FareIt outbound connection (malware-cnc.rules)
 * 1:21424 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ghodow.A connect to cnc (malware-cnc.rules)
 * 1:21425 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Ghodow.A exe file download (malware-cnc.rules)
 * 1:21426 <-> ENABLED <-> MALWARE-CNC Trojan.Win32.Scar variant outbound connection (malware-cnc.rules)
 * 1:21427 <-> ENABLED <-> MALWARE-CNC W32.Trojan.Delf variant outbound connection (malware-cnc.rules)
 * 1:21428 <-> ENABLED <-> MALWARE-CNC W32.Trojan.Generic-24 outbound connection (malware-cnc.rules)
 * 1:21430 <-> ENABLED <-> MALWARE-CNC Trojan.W32.BeeOne runtime traffic detected (malware-cnc.rules)
 * 1:21434 <-> ENABLED <-> MALWARE-CNC Win32.Trojan.Mentor outbound connection (malware-cnc.rules)
 * 1:21435 <-> ENABLED <-> MALWARE-CNC Win32.Trojan.Mentor inbound connection - post infection (malware-cnc.rules)
 * 1:21436 <-> ENABLED <-> MALWARE-CNC Trojan.Startpage variant outbound connection (malware-cnc.rules)
 * 1:21438 <-> ENABLED <-> EXPLOIT-KIT Blackhole Exploit Kit JavaScript carat string splitting with hostile applet (exploit-kit.rules)
 * 1:21439 <-> DISABLED <-> FILE-OTHER Microsoft Windows GDI+ arbitrary code execution attempt (file-other.rules)
 * 1:21440 <-> ENABLED <-> MALWARE-CNC Win32.Trojan.Murofet variant outbound connection (malware-cnc.rules)
 * 1:21441 <-> ENABLED <-> MALWARE-CNC Win32.Delf variant outbound connection (malware-cnc.rules)
 * 1:21444 <-> DISABLED <-> MALWARE-CNC TDSS outbound connection (malware-cnc.rules)
 * 1:21448 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Webmoner.zu connect to server (malware-cnc.rules)
 * 1:21449 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Obitel install (malware-cnc.rules)
 * 1:21450 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Obitel connect to cnc server (malware-cnc.rules)
 * 1:21451 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Agent.djvk malicious hosts file download (malware-cnc.rules)
 * 1:21452 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Agent.djvk connect to server (malware-cnc.rules)
 * 1:21454 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Banbra.vec runtime detection (malware-cnc.rules)
 * 1:21456 <-> DISABLED <-> MALWARE-CNC W32.DarkComet variant outbound connection (malware-cnc.rules)
 * 1:21457 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:21458 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionScript float index array memory corruption (file-flash.rules)
 * 1:21459 <-> ENABLED <-> BLACKLIST Havij advanced SQL injection tool user-agent string (blacklist.rules)
 * 1:21460 <-> DISABLED <-> MALWARE-CNC Win32.DarkComet inbound connection (malware-cnc.rules)
 * 1:21461 <-> DISABLED <-> MALWARE-CNC Win32.DarkComet outbound connection attempt - post infection (malware-cnc.rules)
 * 1:21463 <-> DISABLED <-> MALWARE-CNC Win32.Bibei variant outbound connection (malware-cnc.rules)
 * 1:21464 <-> DISABLED <-> MALWARE-CNC Downloader-CEW.b runtime traffic detected (malware-cnc.rules)
 * 1:21466 <-> DISABLED <-> MALWARE-CNC Autorun.BDS runtime traffic detected (malware-cnc.rules)
 * 1:21467 <-> DISABLED <-> MALWARE-CNC Win32.IRCBot variant outbound connection (malware-cnc.rules)
 * 1:21468 <-> DISABLED <-> MALWARE-CNC Win32.Dama variant outbound connection (malware-cnc.rules)
 * 1:21470 <-> DISABLED <-> MALWARE-CNC Trojan.Krap.Gy connect to server (malware-cnc.rules)
 * 1:21471 <-> DISABLED <-> MALWARE-CNC Win32.Bancos variant outbound connection (malware-cnc.rules)
 * 1:21472 <-> DISABLED <-> MALWARE-CNC Trojan.Delf.tzp download (malware-cnc.rules)
 * 1:21473 <-> DISABLED <-> MALWARE-CNC Trojan.GameThief variant outbound connection (malware-cnc.rules)
 * 1:21474 <-> DISABLED <-> MALWARE-CNC Win32.Lancafdo.A runtime detection (malware-cnc.rules)
 * 1:21477 <-> DISABLED <-> MALWARE-CNC Trojan.Noobot outbound connection (malware-cnc.rules)
 * 1:21486 <-> DISABLED <-> MALWARE-CNC Win32.Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:21487 <-> DISABLED <-> MALWARE-CNC Trojan.Palevo variant outbound connection (malware-cnc.rules)
 * 1:21489 <-> ENABLED <-> FILE-OTHER Microsoft Windows chm file malware related exploit (file-other.rules)
 * 1:21492 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21495 <-> DISABLED <-> MALWARE-CNC Trojan.Vilsel runtime detection (malware-cnc.rules)
 * 1:21496 <-> DISABLED <-> MALWARE-CNC Trojan.Saeeka initial connection detection (malware-cnc.rules)
 * 1:21497 <-> DISABLED <-> MALWARE-CNC Trojan.Saeeka runtime detection (malware-cnc.rules)
 * 1:21502 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.VBbot.V connect to server (malware-cnc.rules)
 * 1:21509 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit rhino jar request (exploit-kit.rules)
 * 1:21510 <-> ENABLED <-> FILE-IMAGE Sakura exploit kit logo transfer (file-image.rules)
 * 1:21511 <-> DISABLED <-> MALWARE-CNC Trojan.Vaxpy runtime detection (malware-cnc.rules)
 * 1:21512 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Win32.Zegost.B runtime detection (malware-backdoor.rules)
 * 1:21514 <-> DISABLED <-> MALWARE-CNC Trojan.Banbra connect to server (malware-cnc.rules)
 * 1:21518 <-> DISABLED <-> MALWARE-CNC Trojan.Agent-59544 connect to server (malware-cnc.rules)
 * 1:21520 <-> DISABLED <-> MALWARE-CNC Trojan.Bayrob initial connection (malware-cnc.rules)
 * 1:21521 <-> DISABLED <-> MALWARE-CNC Trojan.Bayrob update connection (malware-cnc.rules)
 * 1:21523 <-> DISABLED <-> MALWARE-CNC Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:21524 <-> DISABLED <-> FILE-OTHER Microsoft Windows object packager dialogue code execution attempt (file-other.rules)
 * 1:21525 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:21527 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader registration connection detection (malware-cnc.rules)
 * 1:21528 <-> DISABLED <-> MALWARE-CNC Trojan.Downloader keep-alive connection detection (malware-cnc.rules)
 * 1:21530 <-> DISABLED <-> FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (file-flash.rules)
 * 1:21531 <-> DISABLED <-> FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (file-flash.rules)
 * 1:21532 <-> DISABLED <-> FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (file-flash.rules)
 * 1:21533 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Stage3D null dereference attempt (file-flash.rules)
 * 1:21534 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules)
 * 1:21535 <-> ENABLED <-> FILE-FLASH Adobe Actionscript Matrix3D.copyRawDataFrom buffer overflow attempt (file-flash.rules)
 * 1:21538 <-> ENABLED <-> MALWARE-CNC W32.Dofoil variant outbound payload request (malware-cnc.rules)
 * 1:21539 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific header (exploit-kit.rules)
 * 1:21540 <-> DISABLED <-> MALWARE-CNC Trojan.Buzus application download (malware-cnc.rules)
 * 1:21541 <-> DISABLED <-> MALWARE-CNC Trojan.Buzus connect to server (malware-cnc.rules)
 * 1:21542 <-> DISABLED <-> MALWARE-CNC Trojan.Buzus firefox extension download (malware-cnc.rules)
 * 1:21543 <-> DISABLED <-> MALWARE-CNC Trojan.Buzus html page download (malware-cnc.rules)
 * 1:21544 <-> DISABLED <-> MALWARE-CNC Possible host infection - excessive DNS queries for .eu (malware-cnc.rules)
 * 1:21545 <-> DISABLED <-> MALWARE-CNC Possible host infection - excessive DNS queries for .ru (malware-cnc.rules)
 * 1:21546 <-> DISABLED <-> MALWARE-CNC Possible host infection - excessive DNS queries for .cn (malware-cnc.rules)
 * 1:21547 <-> ENABLED <-> MALWARE-CNC Win32.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:21548 <-> ENABLED <-> MALWARE-CNC Cutwail landing page connection (malware-cnc.rules)
 * 1:21549 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific header (exploit-kit.rules)
 * 1:21550 <-> ENABLED <-> MALWARE-BACKDOOR ToolsPack PHP Backdoor access (malware-backdoor.rules)
 * 1:21551 <-> ENABLED <-> MALWARE-CNC Trojan.Kahn outbound connection (malware-cnc.rules)
 * 1:21552 <-> ENABLED <-> MALWARE-CNC Trojan.Kahn variant outbound connection (malware-cnc.rules)
 * 1:21553 <-> DISABLED <-> MALWARE-CNC Trojan.Agent.cpze connect to server (malware-cnc.rules)
 * 1:21554 <-> DISABLED <-> MALWARE-CNC Trojan.Waledac.exe download (malware-cnc.rules)
 * 1:21562 <-> ENABLED <-> MALWARE-CNC Trojan.Bredolab variant outbound connection (malware-cnc.rules)
 * 1:21563 <-> ENABLED <-> MALWARE-CNC Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21564 <-> ENABLED <-> MALWARE-CNC Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21565 <-> ENABLED <-> MALWARE-CNC Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21569 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer toStaticHTML XSS attempt (browser-ie.rules)
 * 1:21581 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - BBB (exploit-kit.rules)
 * 1:21593 <-> ENABLED <-> MALWARE-CNC Trojan.Dropper-23836 outbound connection (malware-cnc.rules)
 * 1:21595 <-> DISABLED <-> MALWARE-CNC Android/Nickispy.D initialization request detection (malware-cnc.rules)
 * 1:21596 <-> DISABLED <-> MALWARE-CNC Android/Nickispy.D initialization response detection (malware-cnc.rules)
 * 1:21597 <-> DISABLED <-> MALWARE-CNC Android/Nickispy.D sms logging request detection (malware-cnc.rules)
 * 1:21598 <-> DISABLED <-> MALWARE-CNC Android/Nickispy.D sms logging response detection (malware-cnc.rules)
 * 1:21610 <-> DISABLED <-> MALWARE-CNC Trojan.Win32.Refroso.azyg runtime detection (malware-cnc.rules)
 * 1:21622 <-> ENABLED <-> MALWARE-CNC Trojan.Georbot variant outbound connection (malware-cnc.rules)
 * 1:21629 <-> ENABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:21630 <-> ENABLED <-> FILE-OTHER ELF file parsing in different antivirus evasion attempt (file-other.rules)
 * 1:21631 <-> ENABLED <-> MALWARE-CNC Trojan.Sinowal javascript delivery method (malware-cnc.rules)
 * 1:21632 <-> ENABLED <-> MALWARE-CNC Trojan.Ransom variant outbound connection (malware-cnc.rules)
 * 1:21635 <-> DISABLED <-> MALWARE-CNC Win32.Phdet.gen.A runtime detection (malware-cnc.rules)
 * 1:21638 <-> ENABLED <-> MALWARE-CNC Trojan.Aluereon TDSS infection variant outbound connection (malware-cnc.rules)
 * 1:21640 <-> DISABLED <-> EXPLOIT-KIT Possible Phoenix exploit kit landing page (exploit-kit.rules)
 * 1:21643 <-> DISABLED <-> MALWARE-CNC Trojan.Bredolab variant outbound connection (malware-cnc.rules)
 * 1:21646 <-> ENABLED <-> EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch (exploit-kit.rules)
 * 1:21653 <-> ENABLED <-> FILE-FLASH Adobe Flash ActionScript getURL target null reference attempt (file-flash.rules)
 * 1:21654 <-> ENABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules)
 * 1:21655 <-> ENABLED <-> FILE-FLASH Adobe Flash Video invalid tag type attempt (file-flash.rules)