<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_12_22_1645243</id>
	<title>Microsoft Policies Help Virus Writers, Says Security Firm</title>
	<author>timothy</author>
	<datestamp>1261501200000</datestamp>
	<htmltext>Barence writes <i>"Security firm Trend Micro has <a href="http://www.pcpro.co.uk/news/security/354319/microsoft-accused-of-helping-virus-writers">accused Microsoft of giving malware writers a helping hand</a> by advising users not to scan certain files on their PC because 'they are not at risk of infection.' Trend Micro warns that by making such information available, Microsoft is effectively creating a hit list for malware writers. 'Following the recommendations  <a href="http://blog.trendmicro.com/microsoft-virus-scanning-recommendations-bring-risks/">does not pose a significant threat as of now</a>, but it has a very big potential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog."</i></htmltext>
<tokenext>Barence writes " Security firm Trend Micro has accused Microsoft of giving malware writers a helping hand by advising users not to scan certain files on their PC because 'they are not at risk of infection .
' Trend Micro warns that by making such information available , Microsoft is effectively creating a hit list for malware writers .
'Following the recommendations does not pose a significant threat as of now , but it has a very big potential of being one, ' the company 's researcher , David Sancho , writes on theTrend Micro blog .
"</tokentext>
<sentencetext>Barence writes "Security firm Trend Micro has accused Microsoft of giving malware writers a helping hand by advising users not to scan certain files on their PC because 'they are not at risk of infection.
' Trend Micro warns that by making such information available, Microsoft is effectively creating a hit list for malware writers.
'Following the recommendations  does not pose a significant threat as of now, but it has a very big potential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527574</id>
	<title>Trend whitepaper about MS file exclusion...</title>
	<author>Anonymous</author>
	<datestamp>1261514400000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>yeh, maybe Trend researcher should look at their own white paper. Take a look at http://trendedge.trendmicro.com/pr/tm/te/document/OSCE\_8\_0\_MS\_File\_Exclusions.pdf</p></htmltext>
<tokenext>yeh , maybe Trend researcher should look at their own white paper .
Take a look at http : //trendedge.trendmicro.com/pr/tm/te/document/OSCE \ _8 \ _0 \ _MS \ _File \ _Exclusions.pdf</tokentext>
<sentencetext>yeh, maybe Trend researcher should look at their own white paper.
Take a look at http://trendedge.trendmicro.com/pr/tm/te/document/OSCE\_8\_0\_MS\_File\_Exclusions.pdf</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525528</id>
	<title>get your solution here ..</title>
	<author>viralMeme</author>
	<datestamp>1261506420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><a href="https://wiki.ubuntu.com/LiveUsbPendrivePersistent" title="ubuntu.com">LiveUsbPendrivePersistent</a> [ubuntu.com]<nobr> <wbr></nobr>...</htmltext>
<tokenext>LiveUsbPendrivePersistent [ ubuntu.com ] .. .</tokentext>
<sentencetext>LiveUsbPendrivePersistent [ubuntu.com] ...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525540</id>
	<title>The whole point is...</title>
	<author>m2pc</author>
	<datestamp>1261506480000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>It does open up some security concerns when an A/V utility is advised to "skip over" certain files.
A malware writer could easily exploit this and simply mask their executable "payload" with one of the "non scannable" file extensions to avoid detection.

Malware could easily modify the registry to make one of these "non executable" extensions open with the windows shell, causing them to become executable even without the<nobr> <wbr></nobr>.EXE extension.

This would only work, however, if the resident portion of the malware was able to evade detection.</htmltext>
<tokenext>It does open up some security concerns when an A/V utility is advised to " skip over " certain files .
A malware writer could easily exploit this and simply mask their executable " payload " with one of the " non scannable " file extensions to avoid detection .
Malware could easily modify the registry to make one of these " non executable " extensions open with the windows shell , causing them to become executable even without the .EXE extension .
This would only work , however , if the resident portion of the malware was able to evade detection .</tokentext>
<sentencetext>It does open up some security concerns when an A/V utility is advised to "skip over" certain files.
A malware writer could easily exploit this and simply mask their executable "payload" with one of the "non scannable" file extensions to avoid detection.
Malware could easily modify the registry to make one of these "non executable" extensions open with the windows shell, causing them to become executable even without the .EXE extension.
This would only work, however, if the resident portion of the malware was able to evade detection.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526172</id>
	<title>Re:This is sick!</title>
	<author>Coren22</author>
	<datestamp>1261509360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Then when Linux is attacked in the same way as Windows we will see just how secure it is?  There have been viruses written for Linux, it is not inherently secure.</p></htmltext>
<tokenext>Then when Linux is attacked in the same way as Windows we will see just how secure it is ?
There have been viruses written for Linux , it is not inherently secure .</tokentext>
<sentencetext>Then when Linux is attacked in the same way as Windows we will see just how secure it is?
There have been viruses written for Linux, it is not inherently secure.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530202</id>
	<title>Re:Do "Users" have a choice?</title>
	<author>RobertM1968</author>
	<datestamp>1261481700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's more than just that. Super Anti Spyware needs to be set to scan all files (all files greater than it's predefined size, and all files of all types). MalwareBytes does not need a settings change.

</p><p>Most other software either is not configurable (depending on version) or is configured to only scan "infectable" files.

</p><p>My personal experience of late is that I have seen many "non-infectable" files infected such as images, text documents, "unknown" document types, and so on. When I install any AV or AS software, I always configure it by hand to scan absolutely everything and then explain why to the end user.

</p><p>Thus, sadly, my experience shows that this statement, though the person's heart is in the right place, is not correct:
</p><p><div class="quote"><p>'Following the recommendations does not pose a significant threat as of now, but it has a very big potential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog.</p></div><p>Nowadays, I've found malware hiding in every file type causing it to re-infect a machine continuously once an anti-malware software has killed the running version. It becomes a constant battle between the malware and the AM tool unless the "scan absolutely everything" option is enabled. I've had way too many customers come in thinking they've had tens of thousands of infections because of that little loop created by not scanning everything ("Gee, it just removed another 20 today, and 20 more the day before!!!")</p></div>
	</htmltext>
<tokenext>It 's more than just that .
Super Anti Spyware needs to be set to scan all files ( all files greater than it 's predefined size , and all files of all types ) .
MalwareBytes does not need a settings change .
Most other software either is not configurable ( depending on version ) or is configured to only scan " infectable " files .
My personal experience of late is that I have seen many " non-infectable " files infected such as images , text documents , " unknown " document types , and so on .
When I install any AV or AS software , I always configure it by hand to scan absolutely everything and then explain why to the end user .
Thus , sadly , my experience shows that this statement , though the person 's heart is in the right place , is not correct : 'Following the recommendations does not pose a significant threat as of now , but it has a very big potential of being one, ' the company 's researcher , David Sancho , writes on theTrend Micro blog.Nowadays , I 've found malware hiding in every file type causing it to re-infect a machine continuously once an anti-malware software has killed the running version .
It becomes a constant battle between the malware and the AM tool unless the " scan absolutely everything " option is enabled .
I 've had way too many customers come in thinking they 've had tens of thousands of infections because of that little loop created by not scanning everything ( " Gee , it just removed another 20 today , and 20 more the day before ! ! !
" )</tokentext>
<sentencetext>It's more than just that.
Super Anti Spyware needs to be set to scan all files (all files greater than it's predefined size, and all files of all types).
MalwareBytes does not need a settings change.
Most other software either is not configurable (depending on version) or is configured to only scan "infectable" files.
My personal experience of late is that I have seen many "non-infectable" files infected such as images, text documents, "unknown" document types, and so on.
When I install any AV or AS software, I always configure it by hand to scan absolutely everything and then explain why to the end user.
Thus, sadly, my experience shows that this statement, though the person's heart is in the right place, is not correct:
'Following the recommendations does not pose a significant threat as of now, but it has a very big potential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog.Nowadays, I've found malware hiding in every file type causing it to re-infect a machine continuously once an anti-malware software has killed the running version.
It becomes a constant battle between the malware and the AM tool unless the "scan absolutely everything" option is enabled.
I've had way too many customers come in thinking they've had tens of thousands of infections because of that little loop created by not scanning everything ("Gee, it just removed another 20 today, and 20 more the day before!!!
")
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527482</id>
	<title>Ubuntu user here</title>
	<author>Anonymous</author>
	<datestamp>1261514100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>... what's Anti-Virus?</p></htmltext>
<tokenext>... what 's Anti-Virus ?</tokentext>
<sentencetext>... what's Anti-Virus?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526036</id>
	<title>Of course they do!</title>
	<author>WheelDweller</author>
	<datestamp>1261508820000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><p>A couple a months before Jan 1 2000 I converted everything I had to Redhat, now Ubuntu Linux. In that time, I've never been hit by a virus, nor have I searched for them.</p><p>Every file on my machine is one that isn't likely to get a virus.</p><p>Why can't more of you guys try this alternative? It doesn't get any simpler. Stop being criminals with your MS Office and your nefarious copies of things.</p><p>Come, be free!</p></htmltext>
<tokenext>A couple a months before Jan 1 2000 I converted everything I had to Redhat , now Ubuntu Linux .
In that time , I 've never been hit by a virus , nor have I searched for them.Every file on my machine is one that is n't likely to get a virus.Why ca n't more of you guys try this alternative ?
It does n't get any simpler .
Stop being criminals with your MS Office and your nefarious copies of things.Come , be free !</tokentext>
<sentencetext>A couple a months before Jan 1 2000 I converted everything I had to Redhat, now Ubuntu Linux.
In that time, I've never been hit by a virus, nor have I searched for them.Every file on my machine is one that isn't likely to get a virus.Why can't more of you guys try this alternative?
It doesn't get any simpler.
Stop being criminals with your MS Office and your nefarious copies of things.Come, be free!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486</id>
	<title>won't make a bit of difference</title>
	<author>viralMeme</author>
	<datestamp>1261506240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>"<i>'Following the recommendations does not pose a significant threat as of now, but it has a very big potential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog."</i> <br> <br>

It won't make a bit of difference,as AV software don't work already. A more realistic solution being to allow a whitelist of know good software.<br> <br>

'<i>Why is "<a href="http://www.ranum.com/security/computer\_security/editorials/dumb/" title="ranum.com">Enumerating Badness</a> [ranum.com]" a dumb idea? It's a dumb idea because sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness</i>'</htmltext>
<tokenext>" 'Following the recommendations does not pose a significant threat as of now , but it has a very big potential of being one, ' the company 's researcher , David Sancho , writes on theTrend Micro blog .
" It wo n't make a bit of difference,as AV software do n't work already .
A more realistic solution being to allow a whitelist of know good software .
'Why is " Enumerating Badness [ ranum.com ] " a dumb idea ?
It 's a dumb idea because sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness'</tokentext>
<sentencetext>"'Following the recommendations does not pose a significant threat as of now, but it has a very big potential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog.
"  

It won't make a bit of difference,as AV software don't work already.
A more realistic solution being to allow a whitelist of know good software.
'Why is "Enumerating Badness [ranum.com]" a dumb idea?
It's a dumb idea because sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness'</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708</id>
	<title>Question</title>
	<author>Mr\_Silver</author>
	<datestamp>1261507440000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>I've just configured a new laptop and told the anti-virus to ignore *.jpg, *.avi and *.mp3 on my understanding that it's not possible to hide malware in them and that it will make the scan significantly quicker.</p><p>Am I right? Or is it a good idea to remove those exclusions?</p></htmltext>
<tokenext>I 've just configured a new laptop and told the anti-virus to ignore * .jpg , * .avi and * .mp3 on my understanding that it 's not possible to hide malware in them and that it will make the scan significantly quicker.Am I right ?
Or is it a good idea to remove those exclusions ?</tokentext>
<sentencetext>I've just configured a new laptop and told the anti-virus to ignore *.jpg, *.avi and *.mp3 on my understanding that it's not possible to hide malware in them and that it will make the scan significantly quicker.Am I right?
Or is it a good idea to remove those exclusions?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525772</id>
	<title>A simple question</title>
	<author>shreshtha</author>
	<datestamp>1261507680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Which security company want to have a world with absolutely no Virus, Botnet, Worm<nobr> <wbr></nobr>....or make the world such???</htmltext>
<tokenext>Which security company want to have a world with absolutely no Virus , Botnet , Worm ....or make the world such ? ?
?</tokentext>
<sentencetext>Which security company want to have a world with absolutely no Virus, Botnet, Worm ....or make the world such??
?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526116</id>
	<title>Re:This is sick!</title>
	<author>daveime</author>
	<datestamp>1261509180000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><i>We should ALL demand that our employers use Ubuntu</i></p><p>Mr Employer, can I interest you in an open-source, free, screensaver ?</p></htmltext>
<tokenext>We should ALL demand that our employers use UbuntuMr Employer , can I interest you in an open-source , free , screensaver ?</tokentext>
<sentencetext>We should ALL demand that our employers use UbuntuMr Employer, can I interest you in an open-source, free, screensaver ?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527154</id>
	<title>Re:Really?</title>
	<author>Anonymous</author>
	<datestamp>1261512960000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>If you scan your<nobr> <wbr></nobr>.edb's or your<nobr> <wbr></nobr>.sdb's plan on having a worse day than most viruses will give you as you will likely trash you exchange server's database.</p></htmltext>
<tokenext>If you scan your .edb 's or your .sdb 's plan on having a worse day than most viruses will give you as you will likely trash you exchange server 's database .</tokentext>
<sentencetext>If you scan your .edb's or your .sdb's plan on having a worse day than most viruses will give you as you will likely trash you exchange server's database.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525374</id>
	<title>Vista &amp; Windows 7</title>
	<author>Anonymous</author>
	<datestamp>1261505700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Maybe Microsoft should just say: Vista and Windows 7 are so secure there is no point in scanning anything.  As these OSs are safe because of UAC<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>Maybe Microsoft should just say : Vista and Windows 7 are so secure there is no point in scanning anything .
As these OSs are safe because of UAC : )</tokentext>
<sentencetext>Maybe Microsoft should just say: Vista and Windows 7 are so secure there is no point in scanning anything.
As these OSs are safe because of UAC :)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525490</id>
	<title>Gotta Love Trend</title>
	<author>Anonymous</author>
	<datestamp>1261506240000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Security firm Trend Micro has accused Microsoft of giving malware writers a heling hand by advising users not to scan certain files on their C because 'they are not at risk of infection.' Trend Micro warns that by making such information available, Microsoft is effectively creating a hit list for malware writers. 'Following the recommendations does not ose a significant threat as of now but it has a very big otential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog."</p><p>Although, my all-time fave was when their phishing filter (composed by know-nothing $1-an-hour workers in the Philippines) used Wells Fargo's ACTUAL 800 customer-service number as a signature. Needless to say, that's an account (WF) they subsequently lost</p></htmltext>
<tokenext>Security firm Trend Micro has accused Microsoft of giving malware writers a heling hand by advising users not to scan certain files on their C because 'they are not at risk of infection .
' Trend Micro warns that by making such information available , Microsoft is effectively creating a hit list for malware writers .
'Following the recommendations does not ose a significant threat as of now but it has a very big otential of being one, ' the company 's researcher , David Sancho , writes on theTrend Micro blog .
" Although , my all-time fave was when their phishing filter ( composed by know-nothing $ 1-an-hour workers in the Philippines ) used Wells Fargo 's ACTUAL 800 customer-service number as a signature .
Needless to say , that 's an account ( WF ) they subsequently lost</tokentext>
<sentencetext>Security firm Trend Micro has accused Microsoft of giving malware writers a heling hand by advising users not to scan certain files on their C because 'they are not at risk of infection.
' Trend Micro warns that by making such information available, Microsoft is effectively creating a hit list for malware writers.
'Following the recommendations does not ose a significant threat as of now but it has a very big otential of being one,' the company's researcher, David Sancho, writes on theTrend Micro blog.
"Although, my all-time fave was when their phishing filter (composed by know-nothing $1-an-hour workers in the Philippines) used Wells Fargo's ACTUAL 800 customer-service number as a signature.
Needless to say, that's an account (WF) they subsequently lost</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</id>
	<title>Are you serious?</title>
	<author>Anonymous</author>
	<datestamp>1261505340000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext>Helping virus writers? Don't virus writers target the lowest-hanging fruit: the average Joe?

Joe sure as hell doesn't read the Microsoft Knowledge Base, let alone knows of its very existence! Let's be realistic, here.

This is coming from third-party AV companies, remember... they're fighting to stay relevant.</htmltext>
<tokenext>Helping virus writers ?
Do n't virus writers target the lowest-hanging fruit : the average Joe ?
Joe sure as hell does n't read the Microsoft Knowledge Base , let alone knows of its very existence !
Let 's be realistic , here .
This is coming from third-party AV companies , remember... they 're fighting to stay relevant .</tokentext>
<sentencetext>Helping virus writers?
Don't virus writers target the lowest-hanging fruit: the average Joe?
Joe sure as hell doesn't read the Microsoft Knowledge Base, let alone knows of its very existence!
Let's be realistic, here.
This is coming from third-party AV companies, remember... they're fighting to stay relevant.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525986</id>
	<title>Wait a minute!</title>
	<author>hesaigo999ca</author>
	<datestamp>1261508640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Any AV has a select files to avoid functionality, to bypass going through files that you know are ok, and save some time from the memory hog that our AVs are these days. So in fact, if we can say forget about these to an AV, why would this be any different.<br>As long as M$ allows that list to be modified to have nothing in the list to avoid, as per each user's preference when installing, I have no problem. The problem comes when M$ decides for you, and does not allow any changes to that config.</p><p>I am not a fan of vista or windows7, so I have no such problems, however, knowing that most people tend to go with default settings to use apps, such as AVs, I wonder if by default, the files selected by M$ are in effect the same ones always?</p></htmltext>
<tokenext>Any AV has a select files to avoid functionality , to bypass going through files that you know are ok , and save some time from the memory hog that our AVs are these days .
So in fact , if we can say forget about these to an AV , why would this be any different.As long as M $ allows that list to be modified to have nothing in the list to avoid , as per each user 's preference when installing , I have no problem .
The problem comes when M $ decides for you , and does not allow any changes to that config.I am not a fan of vista or windows7 , so I have no such problems , however , knowing that most people tend to go with default settings to use apps , such as AVs , I wonder if by default , the files selected by M $ are in effect the same ones always ?</tokentext>
<sentencetext>Any AV has a select files to avoid functionality, to bypass going through files that you know are ok, and save some time from the memory hog that our AVs are these days.
So in fact, if we can say forget about these to an AV, why would this be any different.As long as M$ allows that list to be modified to have nothing in the list to avoid, as per each user's preference when installing, I have no problem.
The problem comes when M$ decides for you, and does not allow any changes to that config.I am not a fan of vista or windows7, so I have no such problems, however, knowing that most people tend to go with default settings to use apps, such as AVs, I wonder if by default, the files selected by M$ are in effect the same ones always?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525412</id>
	<title>Don't virus-check database files</title>
	<author>Anonymous</author>
	<datestamp>1261505940000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>The blog points out that edb.chk and *.log files should be excluded. These files are used by the ESE/ESENT database engine (used by the Active Directory, Exchange Server, Windows Desktop Search, etc.) for database recovery and contain a list of physical database updates, in binary form. Historically the problem has been that these files can contain almost any byte sequence so virus checkers would start flagging them as infected and quarantine them, breaking database recovery. This can be particularily nefarious for Exchange Server because mailing an infected file as an attachment causes the same bytes to appear in the logfiles. If a virus checker quarantines the logfile then database recovery can be broken -- a neat DOS attack.</p><p>As the logfiles aren't executable, but can contain any byte sequence there isn't any benefit to checking the files, but a lot of damage can be done by 'repairing' or quarantining them.</p></htmltext>
<tokenext>The blog points out that edb.chk and * .log files should be excluded .
These files are used by the ESE/ESENT database engine ( used by the Active Directory , Exchange Server , Windows Desktop Search , etc .
) for database recovery and contain a list of physical database updates , in binary form .
Historically the problem has been that these files can contain almost any byte sequence so virus checkers would start flagging them as infected and quarantine them , breaking database recovery .
This can be particularily nefarious for Exchange Server because mailing an infected file as an attachment causes the same bytes to appear in the logfiles .
If a virus checker quarantines the logfile then database recovery can be broken -- a neat DOS attack.As the logfiles are n't executable , but can contain any byte sequence there is n't any benefit to checking the files , but a lot of damage can be done by 'repairing ' or quarantining them .</tokentext>
<sentencetext>The blog points out that edb.chk and *.log files should be excluded.
These files are used by the ESE/ESENT database engine (used by the Active Directory, Exchange Server, Windows Desktop Search, etc.
) for database recovery and contain a list of physical database updates, in binary form.
Historically the problem has been that these files can contain almost any byte sequence so virus checkers would start flagging them as infected and quarantine them, breaking database recovery.
This can be particularily nefarious for Exchange Server because mailing an infected file as an attachment causes the same bytes to appear in the logfiles.
If a virus checker quarantines the logfile then database recovery can be broken -- a neat DOS attack.As the logfiles aren't executable, but can contain any byte sequence there isn't any benefit to checking the files, but a lot of damage can be done by 'repairing' or quarantining them.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527570</id>
	<title>Re:This is sick!</title>
	<author>L0rdJedi</author>
	<datestamp>1261514400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yeah, good luck with that.  I'm sure the other guy, ya know, the one that's willing to use Windows, will enjoy taking your job.</p></htmltext>
<tokenext>Yeah , good luck with that .
I 'm sure the other guy , ya know , the one that 's willing to use Windows , will enjoy taking your job .</tokentext>
<sentencetext>Yeah, good luck with that.
I'm sure the other guy, ya know, the one that's willing to use Windows, will enjoy taking your job.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525926</id>
	<title>Re:Really?</title>
	<author>Amouth</author>
	<datestamp>1261508280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>i didn't read the article or the KB but from the types you have listed - first thing came to mind.</p><p>exchange.</p><p>edb/sdb belong to exchange stores - log is common but also used for transaction longs and chk if i remember right is used when rebuilding from TL's or doing an offline defrag.</p><p>given the type of shit thats in mailboxes and queues and that it isn't executable - sure stuff is there but not a risk.</p><p>then given the normal actions of AV software (hey i found shit in this file -remove handles deny access - hey user i quarantined this thing for you).. humm that could be quite bad</p><p>yes there are plenty of examples of why you wouldn't want to exclude things - but at the same time there are alot of reasons to.</p><p>I agree that this does smell of the "Hey listen to us! Then buy our antivirus."  especially since Security Essentials actually turned out nice.</p></htmltext>
<tokenext>i did n't read the article or the KB but from the types you have listed - first thing came to mind.exchange.edb/sdb belong to exchange stores - log is common but also used for transaction longs and chk if i remember right is used when rebuilding from TL 's or doing an offline defrag.given the type of shit thats in mailboxes and queues and that it is n't executable - sure stuff is there but not a risk.then given the normal actions of AV software ( hey i found shit in this file -remove handles deny access - hey user i quarantined this thing for you ) .. humm that could be quite badyes there are plenty of examples of why you would n't want to exclude things - but at the same time there are alot of reasons to.I agree that this does smell of the " Hey listen to us !
Then buy our antivirus .
" especially since Security Essentials actually turned out nice .</tokentext>
<sentencetext>i didn't read the article or the KB but from the types you have listed - first thing came to mind.exchange.edb/sdb belong to exchange stores - log is common but also used for transaction longs and chk if i remember right is used when rebuilding from TL's or doing an offline defrag.given the type of shit thats in mailboxes and queues and that it isn't executable - sure stuff is there but not a risk.then given the normal actions of AV software (hey i found shit in this file -remove handles deny access - hey user i quarantined this thing for you).. humm that could be quite badyes there are plenty of examples of why you wouldn't want to exclude things - but at the same time there are alot of reasons to.I agree that this does smell of the "Hey listen to us!
Then buy our antivirus.
"  especially since Security Essentials actually turned out nice.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526070</id>
	<title>Re:Really?</title>
	<author>Shimbo</author>
	<datestamp>1261509000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Third, this stinks of "Hey listen to us! Then buy our antivirus."</p></div><p>It's an antivirus vendor blog FFS, what did you expect? <br>
&nbsp; <br>Why do so many of them end up as front-page stories? Don't ask me.</p></div>
	</htmltext>
<tokenext>Third , this stinks of " Hey listen to us !
Then buy our antivirus .
" It 's an antivirus vendor blog FFS , what did you expect ?
  Why do so many of them end up as front-page stories ?
Do n't ask me .</tokentext>
<sentencetext>Third, this stinks of "Hey listen to us!
Then buy our antivirus.
"It's an antivirus vendor blog FFS, what did you expect?
  Why do so many of them end up as front-page stories?
Don't ask me.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526212</id>
	<title>Re:This is sick!</title>
	<author>CannonballHead</author>
	<datestamp>1261509540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>We should ALL demand that our employers use Ubuntu<nobr> <wbr></nobr>... every day<nobr> <wbr></nobr>... until they give in...</p></div><p>Oh boy.</p><p>Oh boy.</p><p>Your employer pays Microsoft to use Microsoft's OSs.  If your employer wants to stop paying Microsoft and use Ubuntu, I'm sure they can.  Maybe they don't want to.  In which case, demanding it probably won't do too much for you.</p><p>Of course, if someone actually demonstrated the same efficiency, no configuration issues, no breakages every time Ubuntu decides to roll out an upgrade, etc., maybe more employers would listen.  Or perhaps if Ubuntu offered paid support (do they? I don't know).</p><p>There's a reason people <i>pay</i> for Oracle, for example, instead of using the free MySQL.  Perhaps there are reasons employers <i>pay</i> for Microsoft instead of using Canonical.  (as a user-targeted OS, anyways)</p></div>
	</htmltext>
<tokenext>We should ALL demand that our employers use Ubuntu ... every day ... until they give in...Oh boy.Oh boy.Your employer pays Microsoft to use Microsoft 's OSs .
If your employer wants to stop paying Microsoft and use Ubuntu , I 'm sure they can .
Maybe they do n't want to .
In which case , demanding it probably wo n't do too much for you.Of course , if someone actually demonstrated the same efficiency , no configuration issues , no breakages every time Ubuntu decides to roll out an upgrade , etc. , maybe more employers would listen .
Or perhaps if Ubuntu offered paid support ( do they ?
I do n't know ) .There 's a reason people pay for Oracle , for example , instead of using the free MySQL .
Perhaps there are reasons employers pay for Microsoft instead of using Canonical .
( as a user-targeted OS , anyways )</tokentext>
<sentencetext>We should ALL demand that our employers use Ubuntu ... every day ... until they give in...Oh boy.Oh boy.Your employer pays Microsoft to use Microsoft's OSs.
If your employer wants to stop paying Microsoft and use Ubuntu, I'm sure they can.
Maybe they don't want to.
In which case, demanding it probably won't do too much for you.Of course, if someone actually demonstrated the same efficiency, no configuration issues, no breakages every time Ubuntu decides to roll out an upgrade, etc., maybe more employers would listen.
Or perhaps if Ubuntu offered paid support (do they?
I don't know).There's a reason people pay for Oracle, for example, instead of using the free MySQL.
Perhaps there are reasons employers pay for Microsoft instead of using Canonical.
(as a user-targeted OS, anyways)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680</id>
	<title>This is sick!</title>
	<author>tyroneking</author>
	<datestamp>1261507260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>In this day and age we should not need antivirus software and firewalls- Microsoft wake up! What the hell is going on here? A whole market devoted to protecting an OS that we all have to pay for when we buy a new PC?<br>So, Microsoft taxes all new PCs, and we pay av vendors even more to protect the Microsoft OS.<br>This is surreal and sick.<br>We should ALL demand that our employers use Ubuntu<nobr> <wbr></nobr>... every day<nobr> <wbr></nobr>... until they give in...</p></htmltext>
<tokenext>In this day and age we should not need antivirus software and firewalls- Microsoft wake up !
What the hell is going on here ?
A whole market devoted to protecting an OS that we all have to pay for when we buy a new PC ? So , Microsoft taxes all new PCs , and we pay av vendors even more to protect the Microsoft OS.This is surreal and sick.We should ALL demand that our employers use Ubuntu ... every day ... until they give in.. .</tokentext>
<sentencetext>In this day and age we should not need antivirus software and firewalls- Microsoft wake up!
What the hell is going on here?
A whole market devoted to protecting an OS that we all have to pay for when we buy a new PC?So, Microsoft taxes all new PCs, and we pay av vendors even more to protect the Microsoft OS.This is surreal and sick.We should ALL demand that our employers use Ubuntu ... every day ... until they give in...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525326</id>
	<title>Won't the malware be detected once loaded into RAM</title>
	<author>Anonymous</author>
	<datestamp>1261505340000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>Question mark.

(Assuming that the anti-virus can detect the nasty with sigs/heuristics/behaviour monitoring)</htmltext>
<tokenext>Question mark .
( Assuming that the anti-virus can detect the nasty with sigs/heuristics/behaviour monitoring )</tokentext>
<sentencetext>Question mark.
(Assuming that the anti-virus can detect the nasty with sigs/heuristics/behaviour monitoring)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525812</id>
	<title>A computer law is needed</title>
	<author>Anonymous</author>
	<datestamp>1261507860000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>A computer law is needed here, it is a simple best practice that someone needs to carve into stone. "Thou shalt not practice security through obscurity". Nice and simple, covers so very very much and could have saved this anti-virus vendor some public humiliation. This law applies to any operating system or application without fail.</htmltext>
<tokenext>A computer law is needed here , it is a simple best practice that someone needs to carve into stone .
" Thou shalt not practice security through obscurity " .
Nice and simple , covers so very very much and could have saved this anti-virus vendor some public humiliation .
This law applies to any operating system or application without fail .</tokentext>
<sentencetext>A computer law is needed here, it is a simple best practice that someone needs to carve into stone.
"Thou shalt not practice security through obscurity".
Nice and simple, covers so very very much and could have saved this anti-virus vendor some public humiliation.
This law applies to any operating system or application without fail.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525668</id>
	<title>Huh? Sounds like shit talking.</title>
	<author>pyster</author>
	<datestamp>1261507200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>This sounds like shit talking. anti-virus/malware vendors do the same crap<br> <br>
I do not trust any anti-virus/malware software anymore. I've had trendmicro pick up text files written 20 years ago as a virus. I've had norton kill copies of remote admin (at the absolute worse times too...). I've had adaware find crap on systems virgin systems... and the stuff it finds i know isnt infected.<br> <br>
My solution to the problem has been to use zonealarm, shut down ports at the router level, monitor my network traffic, restore a ghost image on a regular basis, and watch what i install. It's not a perfect system but it mostly works well enuf that i doubt i am part of the botnet. I scan with microtrend once in a while for fun...<br> <br>
If you didnt write it, dont trust it. We've seen time and time again legitimate software doing things we dont feel they should be doing.</htmltext>
<tokenext>This sounds like shit talking .
anti-virus/malware vendors do the same crap I do not trust any anti-virus/malware software anymore .
I 've had trendmicro pick up text files written 20 years ago as a virus .
I 've had norton kill copies of remote admin ( at the absolute worse times too... ) .
I 've had adaware find crap on systems virgin systems... and the stuff it finds i know isnt infected .
My solution to the problem has been to use zonealarm , shut down ports at the router level , monitor my network traffic , restore a ghost image on a regular basis , and watch what i install .
It 's not a perfect system but it mostly works well enuf that i doubt i am part of the botnet .
I scan with microtrend once in a while for fun.. . If you didnt write it , dont trust it .
We 've seen time and time again legitimate software doing things we dont feel they should be doing .</tokentext>
<sentencetext>This sounds like shit talking.
anti-virus/malware vendors do the same crap 
I do not trust any anti-virus/malware software anymore.
I've had trendmicro pick up text files written 20 years ago as a virus.
I've had norton kill copies of remote admin (at the absolute worse times too...).
I've had adaware find crap on systems virgin systems... and the stuff it finds i know isnt infected.
My solution to the problem has been to use zonealarm, shut down ports at the router level, monitor my network traffic, restore a ghost image on a regular basis, and watch what i install.
It's not a perfect system but it mostly works well enuf that i doubt i am part of the botnet.
I scan with microtrend once in a while for fun... 
If you didnt write it, dont trust it.
We've seen time and time again legitimate software doing things we dont feel they should be doing.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30535934</id>
	<title>Re:Question</title>
	<author>StuartHankins</author>
	<datestamp>1259774100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>JPG files can be used to hide arbitrary binary data. See the example / howto at <a href="http://www.online-tech-tips.com/computer-tips/hide-file-in-picture/" title="online-tech-tips.com">http://www.online-tech-tips.com/computer-tips/hide-file-in-picture/</a> [online-tech-tips.com] .</htmltext>
<tokenext>JPG files can be used to hide arbitrary binary data .
See the example / howto at http : //www.online-tech-tips.com/computer-tips/hide-file-in-picture/ [ online-tech-tips.com ] .</tokentext>
<sentencetext>JPG files can be used to hide arbitrary binary data.
See the example / howto at http://www.online-tech-tips.com/computer-tips/hide-file-in-picture/ [online-tech-tips.com] .</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</id>
	<title>Really?</title>
	<author>Anonymous</author>
	<datestamp>1261505580000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>Ok, so buried somewhere in the middle of an online support page about some potential file type exclusions MS mentions:</p><p>*.edb<br>*.sdb<br>*.log<br>*.chk</p><p><nobr> <wbr></nobr>...in certain folders.</p><p>Ok first, I have to assume that most computer users will never see this.  I am not concerned that the next time I see my parents computers that they'll have set up file type exclusions.</p><p>Second, if you're excluding file types from scanning, those are probably good one to exclude.  These are files that have contents that are constantly changing and are not generally executable.</p><p>Third, this stinks of "Hey listen to us!  Then buy our antivirus."<br>"Following the recommendations does not pose a significant threat as of now" But it may some day?  Well no shit, doesn't that go for everything?</p><p>Am I missing something?  Is this a ridiculous strech just to bash Microsoft or something? How is this an important read?</p></htmltext>
<tokenext>Ok , so buried somewhere in the middle of an online support page about some potential file type exclusions MS mentions : * .edb * .sdb * .log * .chk ...in certain folders.Ok first , I have to assume that most computer users will never see this .
I am not concerned that the next time I see my parents computers that they 'll have set up file type exclusions.Second , if you 're excluding file types from scanning , those are probably good one to exclude .
These are files that have contents that are constantly changing and are not generally executable.Third , this stinks of " Hey listen to us !
Then buy our antivirus .
" " Following the recommendations does not pose a significant threat as of now " But it may some day ?
Well no shit , does n't that go for everything ? Am I missing something ?
Is this a ridiculous strech just to bash Microsoft or something ?
How is this an important read ?</tokentext>
<sentencetext>Ok, so buried somewhere in the middle of an online support page about some potential file type exclusions MS mentions:*.edb*.sdb*.log*.chk ...in certain folders.Ok first, I have to assume that most computer users will never see this.
I am not concerned that the next time I see my parents computers that they'll have set up file type exclusions.Second, if you're excluding file types from scanning, those are probably good one to exclude.
These are files that have contents that are constantly changing and are not generally executable.Third, this stinks of "Hey listen to us!
Then buy our antivirus.
""Following the recommendations does not pose a significant threat as of now" But it may some day?
Well no shit, doesn't that go for everything?Am I missing something?
Is this a ridiculous strech just to bash Microsoft or something?
How is this an important read?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525608</id>
	<title>What?</title>
	<author>Anonymous</author>
	<datestamp>1261506840000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>No obligatory comment that Microsoft itself is a malware producer?</htmltext>
<tokenext>No obligatory comment that Microsoft itself is a malware producer ?</tokentext>
<sentencetext>No obligatory comment that Microsoft itself is a malware producer?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525766</id>
	<title>Re:Do "Users" have a choice?</title>
	<author>Anonymous</author>
	<datestamp>1261507620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>boot into safe mode, and do a scan of the whole PC</p></div><p>Safe mode will do nothing to keep malware from loading at this point....</p><p>Get a WinPE Distro like <a href="http://www.ubcd4win.com/" title="ubcd4win.com">http://www.ubcd4win.com/</a> [ubcd4win.com]</p></div>
	</htmltext>
<tokenext>boot into safe mode , and do a scan of the whole PCSafe mode will do nothing to keep malware from loading at this point....Get a WinPE Distro like http : //www.ubcd4win.com/ [ ubcd4win.com ]</tokentext>
<sentencetext>boot into safe mode, and do a scan of the whole PCSafe mode will do nothing to keep malware from loading at this point....Get a WinPE Distro like http://www.ubcd4win.com/ [ubcd4win.com]
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526614</id>
	<title>Re:won't make a bit of difference</title>
	<author>Anonymous</author>
	<datestamp>1261511040000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>It won't make a bit of difference,as AV software don't work already. A more realistic solution being to allow a whitelist of know good software.</p></div><p>Yeah. We could call it... Trusted Computing. And require that all executable code be signed by Microsoft.</p></div>
	</htmltext>
<tokenext>It wo n't make a bit of difference,as AV software do n't work already .
A more realistic solution being to allow a whitelist of know good software.Yeah .
We could call it... Trusted Computing .
And require that all executable code be signed by Microsoft .</tokentext>
<sentencetext>It won't make a bit of difference,as AV software don't work already.
A more realistic solution being to allow a whitelist of know good software.Yeah.
We could call it... Trusted Computing.
And require that all executable code be signed by Microsoft.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530296</id>
	<title>I hate to remind you of this, but,</title>
	<author>reiisi</author>
	<datestamp>1261482060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Microsoft doesn't have any real business interest in secure machines.</p><p>Their reputation is secure among the believers no matter what they do, and their reputation is un-redeemable among those who are not Microsoft believers. They have enough money to buy the hype necessary to cover anything up, relative to the people who spend the most on Microsoft software.</p><p>Shoot, the, "I can't be such a fool!" syndrome helps Microsoft's bottom line when people have to pay to fix Microsoft's bugs.</p><p>No, this makes no sense. Saying that you don't need to look in place X is just telling the virus and malware writers, "X marks the spot."</p><p>Of course, it is really difficult to design a machine to examine itself when the engineer admits there is no safe place to examine from.</p></htmltext>
<tokenext>Microsoft does n't have any real business interest in secure machines.Their reputation is secure among the believers no matter what they do , and their reputation is un-redeemable among those who are not Microsoft believers .
They have enough money to buy the hype necessary to cover anything up , relative to the people who spend the most on Microsoft software.Shoot , the , " I ca n't be such a fool !
" syndrome helps Microsoft 's bottom line when people have to pay to fix Microsoft 's bugs.No , this makes no sense .
Saying that you do n't need to look in place X is just telling the virus and malware writers , " X marks the spot .
" Of course , it is really difficult to design a machine to examine itself when the engineer admits there is no safe place to examine from .</tokentext>
<sentencetext>Microsoft doesn't have any real business interest in secure machines.Their reputation is secure among the believers no matter what they do, and their reputation is un-redeemable among those who are not Microsoft believers.
They have enough money to buy the hype necessary to cover anything up, relative to the people who spend the most on Microsoft software.Shoot, the, "I can't be such a fool!
" syndrome helps Microsoft's bottom line when people have to pay to fix Microsoft's bugs.No, this makes no sense.
Saying that you don't need to look in place X is just telling the virus and malware writers, "X marks the spot.
"Of course, it is really difficult to design a machine to examine itself when the engineer admits there is no safe place to examine from.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526794</id>
	<title>Re:Are you serious?</title>
	<author>mcgrew</author>
	<datestamp>1261511640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's as easy to put your malwars in a secure place as it is to put in "my documents", and would be more effective in a "secure" place. If I were writing/spreading malware I'd be hiding it where AV software doesn't look.</p><p>After all, the lowest hanging fruit would be unpatched machines with no AV at all.</p></htmltext>
<tokenext>It 's as easy to put your malwars in a secure place as it is to put in " my documents " , and would be more effective in a " secure " place .
If I were writing/spreading malware I 'd be hiding it where AV software does n't look.After all , the lowest hanging fruit would be unpatched machines with no AV at all .</tokentext>
<sentencetext>It's as easy to put your malwars in a secure place as it is to put in "my documents", and would be more effective in a "secure" place.
If I were writing/spreading malware I'd be hiding it where AV software doesn't look.After all, the lowest hanging fruit would be unpatched machines with no AV at all.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246</id>
	<title>Do "Users" have a choice?</title>
	<author>Anonymous</author>
	<datestamp>1261504980000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>I load up Malware Bytes or Super Anti Spyware or some other reputable Anti-Malware program, boot into safe mode, and do a scan of the whole PC.</p><p>Is it I, or anti malware developers, they are sending the message to? Because I certainly don't want to leave an inch of the computer unchecked.</p></htmltext>
<tokenext>I load up Malware Bytes or Super Anti Spyware or some other reputable Anti-Malware program , boot into safe mode , and do a scan of the whole PC.Is it I , or anti malware developers , they are sending the message to ?
Because I certainly do n't want to leave an inch of the computer unchecked .</tokentext>
<sentencetext>I load up Malware Bytes or Super Anti Spyware or some other reputable Anti-Malware program, boot into safe mode, and do a scan of the whole PC.Is it I, or anti malware developers, they are sending the message to?
Because I certainly don't want to leave an inch of the computer unchecked.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526496</id>
	<title>Re:Nothing new</title>
	<author>weicco</author>
	<datestamp>1261510620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You mean like <a href="http://en.wikipedia.org/wiki/Creeper\_virus" title="wikipedia.org">DEC</a> [wikipedia.org] helped to write the first computer virus in the world?</p></htmltext>
<tokenext>You mean like DEC [ wikipedia.org ] helped to write the first computer virus in the world ?</tokentext>
<sentencetext>You mean like DEC [wikipedia.org] helped to write the first computer virus in the world?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525378</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525950</id>
	<title>Re:This is sick!</title>
	<author>Karlt1</author>
	<datestamp>1261508400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>In this day and age we should not need antivirus software and firewalls- Microsoft wake up! What the hell is going on here? A whole market devoted to protecting an OS that we all have to pay for when we buy a new PC?<br>So, Microsoft taxes all new PCs, and we pay av vendors even more to protect the Microsoft OS.<br>This is surreal and sick.<br>We should ALL demand that our employers use Ubuntu<nobr> <wbr></nobr>... every day<nobr> <wbr></nobr>... until they give in...</p></div></blockquote><p>So exactly how do you propose that an operating system prevent a user from downloading malware that can destroy the users files?  How do you propose that an OS do anything but warn a user before a program can access priveleged parts of the OS?</p></div>
	</htmltext>
<tokenext>In this day and age we should not need antivirus software and firewalls- Microsoft wake up !
What the hell is going on here ?
A whole market devoted to protecting an OS that we all have to pay for when we buy a new PC ? So , Microsoft taxes all new PCs , and we pay av vendors even more to protect the Microsoft OS.This is surreal and sick.We should ALL demand that our employers use Ubuntu ... every day ... until they give in...So exactly how do you propose that an operating system prevent a user from downloading malware that can destroy the users files ?
How do you propose that an OS do anything but warn a user before a program can access priveleged parts of the OS ?</tokentext>
<sentencetext>In this day and age we should not need antivirus software and firewalls- Microsoft wake up!
What the hell is going on here?
A whole market devoted to protecting an OS that we all have to pay for when we buy a new PC?So, Microsoft taxes all new PCs, and we pay av vendors even more to protect the Microsoft OS.This is surreal and sick.We should ALL demand that our employers use Ubuntu ... every day ... until they give in...So exactly how do you propose that an operating system prevent a user from downloading malware that can destroy the users files?
How do you propose that an OS do anything but warn a user before a program can access priveleged parts of the OS?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527488</id>
	<title>Re:Really?</title>
	<author>girlintraining</author>
	<datestamp>1261514160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Am I missing something? Is this a ridiculous strech just to bash Microsoft or something? How is this an important read?</p></div><p>The entire idea of scanning for signatures is what's ridiculous. This broken model of ring-based security is what's ridiculous. Buy into those ideas and yeah, it would make sense then to exclude certain file types.</p><p>What's needed is something like Tripwire, built into a bootable flash drive and Microsoft (and other vendors) releasing hashes of their files. But it's easier to do reactive security than proactive security -- and by easier I mean shoving the costs onto the consumers. At least then we could verify the integrity of the operating system and boot files independently of the software on the computer -- which is easily compromised. All this talk about a TCB has turned out to be just that -- talk. It hasn't helped system security one iota.</p></div>
	</htmltext>
<tokenext>Am I missing something ?
Is this a ridiculous strech just to bash Microsoft or something ?
How is this an important read ? The entire idea of scanning for signatures is what 's ridiculous .
This broken model of ring-based security is what 's ridiculous .
Buy into those ideas and yeah , it would make sense then to exclude certain file types.What 's needed is something like Tripwire , built into a bootable flash drive and Microsoft ( and other vendors ) releasing hashes of their files .
But it 's easier to do reactive security than proactive security -- and by easier I mean shoving the costs onto the consumers .
At least then we could verify the integrity of the operating system and boot files independently of the software on the computer -- which is easily compromised .
All this talk about a TCB has turned out to be just that -- talk .
It has n't helped system security one iota .</tokentext>
<sentencetext>Am I missing something?
Is this a ridiculous strech just to bash Microsoft or something?
How is this an important read?The entire idea of scanning for signatures is what's ridiculous.
This broken model of ring-based security is what's ridiculous.
Buy into those ideas and yeah, it would make sense then to exclude certain file types.What's needed is something like Tripwire, built into a bootable flash drive and Microsoft (and other vendors) releasing hashes of their files.
But it's easier to do reactive security than proactive security -- and by easier I mean shoving the costs onto the consumers.
At least then we could verify the integrity of the operating system and boot files independently of the software on the computer -- which is easily compromised.
All this talk about a TCB has turned out to be just that -- talk.
It hasn't helped system security one iota.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528114</id>
	<title>Re:Don't virus-check database files</title>
	<author>Sycraft-fu</author>
	<datestamp>1261472880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You also don't want to check any intensively accessed files in general. It can add a lot of overhead if the thing is being continually accessed by many different users/processes.</p><p>For example on my system I have excepted EWI and EWS files from checking. Those files are the instruments and samples for the virtual instruments I use. The reason for the exception is that they are accessed in a very intense manner. The system has to read them in very quickly to stream sample data off the disk in realtime and you can have hundreds being accessed at the same time, repeatedly. Scanning them over and over really adds to overhead and can cause audio dropouts.</p><p>So, while I suppose in theory this is a vector for infection, I guess that someone would infect a sample file that causes an overflow in the VST that then causes the sequencer to misbehave and infects my system, it is a pretty low one. As such it isn't worth taking a performance hit and having troubles, instead it is better to just tell the virus scanner to leave those files alone.</p></htmltext>
<tokenext>You also do n't want to check any intensively accessed files in general .
It can add a lot of overhead if the thing is being continually accessed by many different users/processes.For example on my system I have excepted EWI and EWS files from checking .
Those files are the instruments and samples for the virtual instruments I use .
The reason for the exception is that they are accessed in a very intense manner .
The system has to read them in very quickly to stream sample data off the disk in realtime and you can have hundreds being accessed at the same time , repeatedly .
Scanning them over and over really adds to overhead and can cause audio dropouts.So , while I suppose in theory this is a vector for infection , I guess that someone would infect a sample file that causes an overflow in the VST that then causes the sequencer to misbehave and infects my system , it is a pretty low one .
As such it is n't worth taking a performance hit and having troubles , instead it is better to just tell the virus scanner to leave those files alone .</tokentext>
<sentencetext>You also don't want to check any intensively accessed files in general.
It can add a lot of overhead if the thing is being continually accessed by many different users/processes.For example on my system I have excepted EWI and EWS files from checking.
Those files are the instruments and samples for the virtual instruments I use.
The reason for the exception is that they are accessed in a very intense manner.
The system has to read them in very quickly to stream sample data off the disk in realtime and you can have hundreds being accessed at the same time, repeatedly.
Scanning them over and over really adds to overhead and can cause audio dropouts.So, while I suppose in theory this is a vector for infection, I guess that someone would infect a sample file that causes an overflow in the VST that then causes the sequencer to misbehave and infects my system, it is a pretty low one.
As such it isn't worth taking a performance hit and having troubles, instead it is better to just tell the virus scanner to leave those files alone.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525412</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530348</id>
	<title>Re:A computer law is needed</title>
	<author>Anonymous</author>
	<datestamp>1261482300000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Security is an illusion. No computer is truly secure except for the ones with no data and the ones that no one can access. Thus, Obscurity is the only form of true Security.</p></htmltext>
<tokenext>Security is an illusion .
No computer is truly secure except for the ones with no data and the ones that no one can access .
Thus , Obscurity is the only form of true Security .</tokentext>
<sentencetext>Security is an illusion.
No computer is truly secure except for the ones with no data and the ones that no one can access.
Thus, Obscurity is the only form of true Security.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525812</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525274</id>
	<title>Also...</title>
	<author>Anonymous</author>
	<datestamp>1261505040000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext>disabling any backup software will improve "performance and avoid unnecessary conflicts" as well.</htmltext>
<tokenext>disabling any backup software will improve " performance and avoid unnecessary conflicts " as well .</tokentext>
<sentencetext>disabling any backup software will improve "performance and avoid unnecessary conflicts" as well.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525616</id>
	<title>conflict of interest</title>
	<author>Anonymous</author>
	<datestamp>1261506900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>More importantly, the installation process for Windows guides users to run primarily as administrator, which makes the whole OS one big target.  Microsoft could do a lot more for security by not guiding users to surf the web, etc, as admin.  But then, there wouldn't be as much of a need for antivirus/antimalware software such as "security firm" Trend Micro's.</p></htmltext>
<tokenext>More importantly , the installation process for Windows guides users to run primarily as administrator , which makes the whole OS one big target .
Microsoft could do a lot more for security by not guiding users to surf the web , etc , as admin .
But then , there would n't be as much of a need for antivirus/antimalware software such as " security firm " Trend Micro 's .</tokentext>
<sentencetext>More importantly, the installation process for Windows guides users to run primarily as administrator, which makes the whole OS one big target.
Microsoft could do a lot more for security by not guiding users to surf the web, etc, as admin.
But then, there wouldn't be as much of a need for antivirus/antimalware software such as "security firm" Trend Micro's.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528550</id>
	<title>Re:Question</title>
	<author>mcgrew</author>
	<datestamp>1261474620000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>You're all right with JPG, not sure about AVI, but if you use Windows Media Player don't whitelist MP3. WMA files (IIRC, it's windows' compressed sound files that are the problem) can have DRM, and its DRM allows it to run other programs. If you rename them with an MP3 extension, most media players will choke, but Windows Media Player will happily run it, DRM virus and all. I tested this several years ago.</p><p>I do remember a few years ago that one picture viewer (don't remember which one) had a bug that allowed a buffer overflow, and you could infect a machine with a specially crafted JPG.</p><p>On second thought, as soon as you install any new software (no matter who from), shut the machine down, boot from a non-writable media (like CD), and <b>scan everything</b>.</p></htmltext>
<tokenext>You 're all right with JPG , not sure about AVI , but if you use Windows Media Player do n't whitelist MP3 .
WMA files ( IIRC , it 's windows ' compressed sound files that are the problem ) can have DRM , and its DRM allows it to run other programs .
If you rename them with an MP3 extension , most media players will choke , but Windows Media Player will happily run it , DRM virus and all .
I tested this several years ago.I do remember a few years ago that one picture viewer ( do n't remember which one ) had a bug that allowed a buffer overflow , and you could infect a machine with a specially crafted JPG.On second thought , as soon as you install any new software ( no matter who from ) , shut the machine down , boot from a non-writable media ( like CD ) , and scan everything .</tokentext>
<sentencetext>You're all right with JPG, not sure about AVI, but if you use Windows Media Player don't whitelist MP3.
WMA files (IIRC, it's windows' compressed sound files that are the problem) can have DRM, and its DRM allows it to run other programs.
If you rename them with an MP3 extension, most media players will choke, but Windows Media Player will happily run it, DRM virus and all.
I tested this several years ago.I do remember a few years ago that one picture viewer (don't remember which one) had a bug that allowed a buffer overflow, and you could infect a machine with a specially crafted JPG.On second thought, as soon as you install any new software (no matter who from), shut the machine down, boot from a non-writable media (like CD), and scan everything.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525508</id>
	<title>Re:Really?</title>
	<author>fluffy99</author>
	<datestamp>1261506300000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p>The MS Article also gives specific recommendations for domain controllers and servers, which make good sense as well.  The files they list include startup scripts and GPOs which get heavy use. AV can induce severe problems if it kept locking the files.  On the flip side, you should keep an eye on those files as a compromise (not necessary a generic detectable virus) could compromise your entire domain.  Also note that you should exclude the database files on an Exchange server.  Aside from the huge performance hit, you really don't want the a/v software deleting or screwing up the entire exchange store if it sees a virus buried way down in a single email.</p></htmltext>
<tokenext>The MS Article also gives specific recommendations for domain controllers and servers , which make good sense as well .
The files they list include startup scripts and GPOs which get heavy use .
AV can induce severe problems if it kept locking the files .
On the flip side , you should keep an eye on those files as a compromise ( not necessary a generic detectable virus ) could compromise your entire domain .
Also note that you should exclude the database files on an Exchange server .
Aside from the huge performance hit , you really do n't want the a/v software deleting or screwing up the entire exchange store if it sees a virus buried way down in a single email .</tokentext>
<sentencetext>The MS Article also gives specific recommendations for domain controllers and servers, which make good sense as well.
The files they list include startup scripts and GPOs which get heavy use.
AV can induce severe problems if it kept locking the files.
On the flip side, you should keep an eye on those files as a compromise (not necessary a generic detectable virus) could compromise your entire domain.
Also note that you should exclude the database files on an Exchange server.
Aside from the huge performance hit, you really don't want the a/v software deleting or screwing up the entire exchange store if it sees a virus buried way down in a single email.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525740</id>
	<title>Re:Are you serious?</title>
	<author>causality</author>
	<datestamp>1261507560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Helping virus writers? Don't virus writers target the lowest-hanging fruit: the average Joe?
<br> <br>
Joe sure as hell doesn't read the Microsoft Knowledge Base, let alone knows of its very existence! Let's be realistic, here.</p></div></blockquote><p>
Joe Sixpack does not read the Microsoft KB, true.  However, he pays the highest price for the malware problem as you point out.  The bickering between Microsoft and AV vendors does at least indirectly affect him.  Now, I'd assume that Microsoft would be the foremost expert on Windows for obvious reasons.  But let's just say that they are wrong about this, yet the AV companies believe them.  Now Joe Sixpack might get hit by malware that his AV tools don't know how to look for, because those infected files are listed as "not vulnerable".</p><blockquote><div><p>This is coming from third-party AV companies, remember... they're fighting to stay relevant.</p></div></blockquote><p>
Well sure, they have a cottage industry to protect.  If Microsoft gets its act together on Windows security, which would mean REAL security and not clever ways to clean up infections after-the-fact, and/or if average nontechnical Windows users get a clue, then it's bye-bye to that cottage industry.
<br> <br>
Look at their business model.  It's an arms race; the black-hats produce new instances of malware while the AV companies index those and produce signatures and removal tools.  The thing about an arms race that's good for the AV companies is that it is self-perpetuating, so there is always work for them to do.  Even if there were a Final Ultimate Security Solution for Windows, the AV companies wouldn't want it.  They wouldn't want that for the same reason that lawn-mower manufacturers wouldn't want a strain of grass that only grows to be 3-4 inches tall.</p></div>
	</htmltext>
<tokenext>Helping virus writers ?
Do n't virus writers target the lowest-hanging fruit : the average Joe ?
Joe sure as hell does n't read the Microsoft Knowledge Base , let alone knows of its very existence !
Let 's be realistic , here .
Joe Sixpack does not read the Microsoft KB , true .
However , he pays the highest price for the malware problem as you point out .
The bickering between Microsoft and AV vendors does at least indirectly affect him .
Now , I 'd assume that Microsoft would be the foremost expert on Windows for obvious reasons .
But let 's just say that they are wrong about this , yet the AV companies believe them .
Now Joe Sixpack might get hit by malware that his AV tools do n't know how to look for , because those infected files are listed as " not vulnerable " .This is coming from third-party AV companies , remember... they 're fighting to stay relevant .
Well sure , they have a cottage industry to protect .
If Microsoft gets its act together on Windows security , which would mean REAL security and not clever ways to clean up infections after-the-fact , and/or if average nontechnical Windows users get a clue , then it 's bye-bye to that cottage industry .
Look at their business model .
It 's an arms race ; the black-hats produce new instances of malware while the AV companies index those and produce signatures and removal tools .
The thing about an arms race that 's good for the AV companies is that it is self-perpetuating , so there is always work for them to do .
Even if there were a Final Ultimate Security Solution for Windows , the AV companies would n't want it .
They would n't want that for the same reason that lawn-mower manufacturers would n't want a strain of grass that only grows to be 3-4 inches tall .</tokentext>
<sentencetext>Helping virus writers?
Don't virus writers target the lowest-hanging fruit: the average Joe?
Joe sure as hell doesn't read the Microsoft Knowledge Base, let alone knows of its very existence!
Let's be realistic, here.
Joe Sixpack does not read the Microsoft KB, true.
However, he pays the highest price for the malware problem as you point out.
The bickering between Microsoft and AV vendors does at least indirectly affect him.
Now, I'd assume that Microsoft would be the foremost expert on Windows for obvious reasons.
But let's just say that they are wrong about this, yet the AV companies believe them.
Now Joe Sixpack might get hit by malware that his AV tools don't know how to look for, because those infected files are listed as "not vulnerable".This is coming from third-party AV companies, remember... they're fighting to stay relevant.
Well sure, they have a cottage industry to protect.
If Microsoft gets its act together on Windows security, which would mean REAL security and not clever ways to clean up infections after-the-fact, and/or if average nontechnical Windows users get a clue, then it's bye-bye to that cottage industry.
Look at their business model.
It's an arms race; the black-hats produce new instances of malware while the AV companies index those and produce signatures and removal tools.
The thing about an arms race that's good for the AV companies is that it is self-perpetuating, so there is always work for them to do.
Even if there were a Final Ultimate Security Solution for Windows, the AV companies wouldn't want it.
They wouldn't want that for the same reason that lawn-mower manufacturers wouldn't want a strain of grass that only grows to be 3-4 inches tall.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526544</id>
	<title>Off-Limits Liberty</title>
	<author>halfloaded</author>
	<datestamp>1261510800000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>In the Marine Corps, we called it the "off-limits liberty" list.  It ended up being a shopping list for all those places you really actually want to go.  I know the Marines had the best intention, but c'mon.  If I am 20 years old and told, "here is a list of places where they serve underage and where one can 'find a good time'," it's a no-brainer how I am going to use that list.</htmltext>
<tokenext>In the Marine Corps , we called it the " off-limits liberty " list .
It ended up being a shopping list for all those places you really actually want to go .
I know the Marines had the best intention , but c'mon .
If I am 20 years old and told , " here is a list of places where they serve underage and where one can 'find a good time ' , " it 's a no-brainer how I am going to use that list .</tokentext>
<sentencetext>In the Marine Corps, we called it the "off-limits liberty" list.
It ended up being a shopping list for all those places you really actually want to go.
I know the Marines had the best intention, but c'mon.
If I am 20 years old and told, "here is a list of places where they serve underage and where one can 'find a good time'," it's a no-brainer how I am going to use that list.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525916</id>
	<title>Re:Really?</title>
	<author>Anonymous</author>
	<datestamp>1261508280000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>Whose to say that the malware doesn't have an executable renamed to a have a log extension, and the antiviruse skips over it.  How trivial would it be to have a loader that does nothing except load "safe" files and do its bad things under the cloak of "but its a log file.... it should be safe".<br> <br>

Excluding any files on the computer is a bad thing, and needs to be discouraged.</htmltext>
<tokenext>Whose to say that the malware does n't have an executable renamed to a have a log extension , and the antiviruse skips over it .
How trivial would it be to have a loader that does nothing except load " safe " files and do its bad things under the cloak of " but its a log file.... it should be safe " .
Excluding any files on the computer is a bad thing , and needs to be discouraged .</tokentext>
<sentencetext>Whose to say that the malware doesn't have an executable renamed to a have a log extension, and the antiviruse skips over it.
How trivial would it be to have a loader that does nothing except load "safe" files and do its bad things under the cloak of "but its a log file.... it should be safe".
Excluding any files on the computer is a bad thing, and needs to be discouraged.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525674</id>
	<title>In a related story, water is wet</title>
	<author>Anonymous</author>
	<datestamp>1261507260000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Microsoft's policies (and products!) are crappy for security.</p><p>Who could have possibly known?</p></htmltext>
<tokenext>Microsoft 's policies ( and products !
) are crappy for security.Who could have possibly known ?</tokentext>
<sentencetext>Microsoft's policies (and products!
) are crappy for security.Who could have possibly known?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527976</id>
	<title>Re:Question</title>
	<author>jonbryce</author>
	<datestamp>1261472400000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>My virus scanner (MS Security Essentials) picked up a few viruses in mp3 files recently.  On further investigation, apparently they weren't mp3 files at all.  They were labled as mp3 files, but were in some other format that prompted Windows Media Player to download a codec from somewhere that contained the payload.</p><p>If you listen to your mp3 files on Winamp, maybe you are OK.  Or maybe you are only OK if you update to the latest version which has a security fix.</p></htmltext>
<tokenext>My virus scanner ( MS Security Essentials ) picked up a few viruses in mp3 files recently .
On further investigation , apparently they were n't mp3 files at all .
They were labled as mp3 files , but were in some other format that prompted Windows Media Player to download a codec from somewhere that contained the payload.If you listen to your mp3 files on Winamp , maybe you are OK. Or maybe you are only OK if you update to the latest version which has a security fix .</tokentext>
<sentencetext>My virus scanner (MS Security Essentials) picked up a few viruses in mp3 files recently.
On further investigation, apparently they weren't mp3 files at all.
They were labled as mp3 files, but were in some other format that prompted Windows Media Player to download a codec from somewhere that contained the payload.If you listen to your mp3 files on Winamp, maybe you are OK.  Or maybe you are only OK if you update to the latest version which has a security fix.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528320</id>
	<title>File extensions aren't the biggest problem</title>
	<author>bl8n8r</author>
	<datestamp>1261473660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The biggest problem is getting the system secured to the point where remote sites can't drop the files in the first place.  Scanning executables isn't going to get you 100\% infection free anyway because newer exploits change the stealth algorithm all the time. People need to move away from this idea that virus scanning is the first line of defense because it's not.  All it is, is damage control.</p></htmltext>
<tokenext>The biggest problem is getting the system secured to the point where remote sites ca n't drop the files in the first place .
Scanning executables is n't going to get you 100 \ % infection free anyway because newer exploits change the stealth algorithm all the time .
People need to move away from this idea that virus scanning is the first line of defense because it 's not .
All it is , is damage control .</tokentext>
<sentencetext>The biggest problem is getting the system secured to the point where remote sites can't drop the files in the first place.
Scanning executables isn't going to get you 100\% infection free anyway because newer exploits change the stealth algorithm all the time.
People need to move away from this idea that virus scanning is the first line of defense because it's not.
All it is, is damage control.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525650</id>
	<title>Alternate Data Streams</title>
	<author>nlewis</author>
	<datestamp>1261507080000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>As I understand it, any file in an NTFS partition can have one or more <a href="http://www.securityfocus.com/infocus/1822" title="securityfocus.com" rel="nofollow">Alternate Data Streams</a> [securityfocus.com] associated with it, regardless of its type or location.  So if you tell someone not to scan something like "Edb.log", does that imply that they should not scan "Edb.log:virus.exe" either?</p><p>I have to agree with Trend Micro on this one.  Completely skipping specific files in specific directories may prevent performance issues, but it may also make it easier for malware authors to find new hiding places.</p></htmltext>
<tokenext>As I understand it , any file in an NTFS partition can have one or more Alternate Data Streams [ securityfocus.com ] associated with it , regardless of its type or location .
So if you tell someone not to scan something like " Edb.log " , does that imply that they should not scan " Edb.log : virus.exe " either ? I have to agree with Trend Micro on this one .
Completely skipping specific files in specific directories may prevent performance issues , but it may also make it easier for malware authors to find new hiding places .</tokentext>
<sentencetext>As I understand it, any file in an NTFS partition can have one or more Alternate Data Streams [securityfocus.com] associated with it, regardless of its type or location.
So if you tell someone not to scan something like "Edb.log", does that imply that they should not scan "Edb.log:virus.exe" either?I have to agree with Trend Micro on this one.
Completely skipping specific files in specific directories may prevent performance issues, but it may also make it easier for malware authors to find new hiding places.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526204</id>
	<title>Re:won't make a bit of difference</title>
	<author>AlphaBit</author>
	<datestamp>1261509540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>It won't make a bit of difference,as AV software don't work already. A more realistic solution being to allow a whitelist of know good software.</p></div><p>Realistic for who?  A whitelist approach sounds great if you're already a massive software company that can pay the fees and jump through the hoops necessary to get listed.  It's also great for weeding out real competition and innovation in software.<br>
<br>
Fortunately, it's already been tried by MS (Signed software) and found to be totally irrelevant (Install anyway).</p></div>
	</htmltext>
<tokenext>It wo n't make a bit of difference,as AV software do n't work already .
A more realistic solution being to allow a whitelist of know good software.Realistic for who ?
A whitelist approach sounds great if you 're already a massive software company that can pay the fees and jump through the hoops necessary to get listed .
It 's also great for weeding out real competition and innovation in software .
Fortunately , it 's already been tried by MS ( Signed software ) and found to be totally irrelevant ( Install anyway ) .</tokentext>
<sentencetext>It won't make a bit of difference,as AV software don't work already.
A more realistic solution being to allow a whitelist of know good software.Realistic for who?
A whitelist approach sounds great if you're already a massive software company that can pay the fees and jump through the hoops necessary to get listed.
It's also great for weeding out real competition and innovation in software.
Fortunately, it's already been tried by MS (Signed software) and found to be totally irrelevant (Install anyway).
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526966</id>
	<title>Re:Are you serious?</title>
	<author>Anonymous</author>
	<datestamp>1261512300000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>People who aren't total fuckwits don't need so-called antivirus software. Everyone else can have fun infecting their computer with a false sense of security.</p></htmltext>
<tokenext>People who are n't total fuckwits do n't need so-called antivirus software .
Everyone else can have fun infecting their computer with a false sense of security .</tokentext>
<sentencetext>People who aren't total fuckwits don't need so-called antivirus software.
Everyone else can have fun infecting their computer with a false sense of security.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30533240</id>
	<title>Not surprised</title>
	<author>mahadiga</author>
	<datestamp>1259784180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>because it helps Microsoft Marketing Department. Virus, Patents, Copyrights, Trademarks etc help advertise Microsoft Brand.</htmltext>
<tokenext>because it helps Microsoft Marketing Department .
Virus , Patents , Copyrights , Trademarks etc help advertise Microsoft Brand .</tokentext>
<sentencetext>because it helps Microsoft Marketing Department.
Virus, Patents, Copyrights, Trademarks etc help advertise Microsoft Brand.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530434</id>
	<title>Re:Do "Users" have a choice?</title>
	<author>Lord Kano</author>
	<datestamp>1261482660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Bart PE is a good way to do this. You create a cd on a different computer and use it to scan your suspect PC.</p><p>LK</p></htmltext>
<tokenext>Bart PE is a good way to do this .
You create a cd on a different computer and use it to scan your suspect PC.LK</tokentext>
<sentencetext>Bart PE is a good way to do this.
You create a cd on a different computer and use it to scan your suspect PC.LK</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525604</id>
	<title>Re:Do "Users" have a choice?</title>
	<author>geekboy642</author>
	<datestamp>1261506840000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>If you trust a single byte on the possibly-infected disk, you're not scanning for viruses: You're asking pretty please for the virus to show itself. Most are polite enough, but why take the chance? Use a known-clean read-only media to boot from, and scan the entire drive.</p></htmltext>
<tokenext>If you trust a single byte on the possibly-infected disk , you 're not scanning for viruses : You 're asking pretty please for the virus to show itself .
Most are polite enough , but why take the chance ?
Use a known-clean read-only media to boot from , and scan the entire drive .</tokentext>
<sentencetext>If you trust a single byte on the possibly-infected disk, you're not scanning for viruses: You're asking pretty please for the virus to show itself.
Most are polite enough, but why take the chance?
Use a known-clean read-only media to boot from, and scan the entire drive.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526316</id>
	<title>Re:Question</title>
	<author>value\_added</author>
	<datestamp>1261510020000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p><i>I've just configured a new laptop and told the anti-virus to ignore *.jpg, *.avi and *.mp3 on my understanding that it's not possible to hide malware in them and that it will make the scan significantly quicker.</i></p><p>If you're running an operating system where the permissions are such that everthing is executable by default, do you really think that pursuing file extension related tweaks will solve your problems?</p><p>Sorry, but I'm having trouble not laughing.  Not at you personally.  You'd think Microsoft would have weaned itself from their perverse reliance of file extensions years ago when people first started clamoring about<nobr> <wbr></nobr>.386 files.  JPEG files have a<nobr> <wbr></nobr>.jpg or<nobr> <wbr></nobr>.jpeg extension, but log files have an<nobr> <wbr></nobr>.evt extension.  Unless it's a log file.  But what kind of log file is it?  And which type should I scan?</p><p>Face it, Microsoft makes things up as they go along.  Trying to keep up or otherwise make sense of things is a waste of time (unless it's your job, and you're being paid to do it).</p></htmltext>
<tokenext>I 've just configured a new laptop and told the anti-virus to ignore * .jpg , * .avi and * .mp3 on my understanding that it 's not possible to hide malware in them and that it will make the scan significantly quicker.If you 're running an operating system where the permissions are such that everthing is executable by default , do you really think that pursuing file extension related tweaks will solve your problems ? Sorry , but I 'm having trouble not laughing .
Not at you personally .
You 'd think Microsoft would have weaned itself from their perverse reliance of file extensions years ago when people first started clamoring about .386 files .
JPEG files have a .jpg or .jpeg extension , but log files have an .evt extension .
Unless it 's a log file .
But what kind of log file is it ?
And which type should I scan ? Face it , Microsoft makes things up as they go along .
Trying to keep up or otherwise make sense of things is a waste of time ( unless it 's your job , and you 're being paid to do it ) .</tokentext>
<sentencetext>I've just configured a new laptop and told the anti-virus to ignore *.jpg, *.avi and *.mp3 on my understanding that it's not possible to hide malware in them and that it will make the scan significantly quicker.If you're running an operating system where the permissions are such that everthing is executable by default, do you really think that pursuing file extension related tweaks will solve your problems?Sorry, but I'm having trouble not laughing.
Not at you personally.
You'd think Microsoft would have weaned itself from their perverse reliance of file extensions years ago when people first started clamoring about .386 files.
JPEG files have a .jpg or .jpeg extension, but log files have an .evt extension.
Unless it's a log file.
But what kind of log file is it?
And which type should I scan?Face it, Microsoft makes things up as they go along.
Trying to keep up or otherwise make sense of things is a waste of time (unless it's your job, and you're being paid to do it).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528890</id>
	<title>Re:Are you serious?</title>
	<author>Anonymous</author>
	<datestamp>1261476060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p> Don't virus writers target the lowest-hanging fruit: the average Joe?</p></div><p>Sure, if you only want 10 million systems. if you want 50 million computers and for no one to know about it you're going to spend some more time.</p></div>
	</htmltext>
<tokenext>Do n't virus writers target the lowest-hanging fruit : the average Joe ? Sure , if you only want 10 million systems .
if you want 50 million computers and for no one to know about it you 're going to spend some more time .</tokentext>
<sentencetext> Don't virus writers target the lowest-hanging fruit: the average Joe?Sure, if you only want 10 million systems.
if you want 50 million computers and for no one to know about it you're going to spend some more time.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525776</id>
	<title>Apple too</title>
	<author>Anonymous</author>
	<datestamp>1261507680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Apple provides a convenient list of setuid files you can modify that users will be told to ignore any warnings about.<br>http://support.apple.com/kb/TS1448</p></htmltext>
<tokenext>Apple provides a convenient list of setuid files you can modify that users will be told to ignore any warnings about.http : //support.apple.com/kb/TS1448</tokentext>
<sentencetext>Apple provides a convenient list of setuid files you can modify that users will be told to ignore any warnings about.http://support.apple.com/kb/TS1448</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527896</id>
	<title>Re:won't make a bit of difference</title>
	<author>mcgrew</author>
	<datestamp>1261515360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Then the malware writers would write viruses that attacked programs in the white list. A better approach would be better QC by the software companies; it's hard for a worm to wiggle through a hole that isn't there.</p></htmltext>
<tokenext>Then the malware writers would write viruses that attacked programs in the white list .
A better approach would be better QC by the software companies ; it 's hard for a worm to wiggle through a hole that is n't there .</tokentext>
<sentencetext>Then the malware writers would write viruses that attacked programs in the white list.
A better approach would be better QC by the software companies; it's hard for a worm to wiggle through a hole that isn't there.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525378</id>
	<title>Nothing new</title>
	<author>Anonymous</author>
	<datestamp>1261505700000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext>Microsoft's been helping out malware writers since at least 1982...</htmltext>
<tokenext>Microsoft 's been helping out malware writers since at least 1982.. .</tokentext>
<sentencetext>Microsoft's been helping out malware writers since at least 1982...</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525740
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525604
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525926
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526614
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530296
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528890
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527976
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526966
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527570
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526036
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525950
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525508
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526116
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530202
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526794
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527488
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527154
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526172
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526496
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525378
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525766
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528550
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525916
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30535934
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528114
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525412
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526070
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525812
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527896
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530434
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_22_1645243_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526204
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525708
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526316
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527976
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528550
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30535934
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525318
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526794
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526966
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526544
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530296
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528890
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525740
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525246
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526036
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530202
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530434
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525604
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525766
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525326
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525486
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526204
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526614
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527896
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525352
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527154
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527488
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525508
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526070
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525916
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525926
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525374
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525680
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526212
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527570
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526116
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526172
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525950
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525274
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525812
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30530348
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525668
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525540
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525378
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30526496
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525608
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30527574
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_22_1645243.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30525412
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_22_1645243.30528114
</commentlist>
</conversation>
