Common Sense - The Anti-Virus Software No Computer User Can Do Without

Product Name: Common Sense
Supplier: The Brain
Availability: Everywhere
Price:  Free


Introduction
This product is the most common anti-virus solution available today and yet it is the least used.  This is probably because many people think the product is not very effective with virus threats.  This review will dispel some of those fears and provide valuable insight into using the application.

Installation and Training
Installation can take as little as 5 minutes. Training will take as long as it takes for each individual to read this review.

How the Product Works
The product uses a rules-based system for identifying a virus.  This system is not infallible and may sometimes fall prey to memory leakage and does need updating occasionally.

Understanding the Reason for the Rules
Before explaining the rules of "Common Sense," we need to understand how viruses make their way into computers.  Sixty percent of viruses come from email -- a huge increase over the last few years, largely due to email mass mailers such as Melissa and LoveBug.  The second largest source is floppy diskettes, two thirds of which are brought from home. Also, 63% of viruses are macro viruses, but these are not the ones generating the most infections, as we will see later.

So, if two thirds of infections come from email, we must look closely at how they infect us.  Up until a couple of years ago the adage was, "You cannot become infected if you open an email or preview it; you will become infected only if you run the attachment."  This will no longer be a safe conclusion, as the technology exists to cause an infection when emails are  previewed. However, this was not the case with LoveBug, coming one year after the original Melissa and a few months after ExploreZip.  Those people infected with Melissa knew how to avoid becoming infected, but forgot!  So IT departments again trained all their staff to look for viruses, but people all too often forget these warnings.  The message is clearly not getting through!

At the same time, commonly available commercial AV software has given us a false sense of security. Because we expect the software to catch viruses for us, we open emails with utter abandon.  Before the advent of mass mailers, that approach worked, as AV companies shared information on new viruses and so generally had a fix available before the virus spread too far and got out of control.  Now, however, if one AV company has a fix before a virus goes into the wild, people -- and the press – would cry "foul!" and accuse that company of writing viruses and releasing fixes for them at the same time. Of course we shouldn’t, but we blindly trust products that need significant improvement before they give us the same level of defense we have come to expect.

This is why "Common Sense" works so well.  It gives us another layer of defense in our fight against viruses.  And here is more good news, "Common Sense" can co-exist on any PC with any other AV product without any clashes or conflicts. You do not need to change your current AV software to one that is compatible with "Common Sense!"

So here are "The Ten Rules of Common Sense."

1. Before anything else, boot the computer and go into the CMOS (the computer manual will tell you how to do this if you have not done it before) and change the boot sequence from "A then C" to either "C then A" or preferably to "C Only." This step will stop you from becoming infected by all of the pure Boot sector infectors and all partition infectors.  (However it will not stop multi-partite viruses in their boot sector infecting stage.)  If you need to boot from a floppy at any stage, it is a 30 second job to switch back to "A then C" -- providing you remember to put it back to safe mode when you have finished using your boot floppy.

2. If you do not use Windows Scripting Host (WSH) then remove it. Most computers do NOT need this program enabled.  Go into "Control Panel" and then "Add/Remove Programs."  Select the "Windows Setup" tab, select "Accessories" and then the "Details" button.  If the Windows scripting Host is selected then deselect it and click on "OK."  This will stop most of the new Melissa and LoveBug type of viruses in their tracks since they need the Windows Scripting Host to infect.  If you are not sure whether you use WSH, there is no harm in removing it, checking to see if everything works, and adding it back if you do need it -- providing you have your original Windows CD should you need to reinstall.  As a general rule, most people do not need WSH.

3. Download and install the Office Viewers for Word, Excel and PowerPoint (they are free from Microsoft). A copy of each is contained on the Office CD.  During installation, it will ask you if you want to use it as the default viewer for Word documents. If you say "yes," every time you double click on a Word document you will view it only and not run any harmful content.  If you wish to edit the document, right clicking on it will bring up a menu which includes both the WordView button and an Open button which allows you to open the document in Word.

4. Change how you save documents to Rich Text Format (RTF) if you are not a big user of Macros or the document contains no Macros.  RTF cannot support Macros, so harmful macro content cannot be passed from document to document.  And you will not send a Macro Virus to someone if you send out the document in RTF format.

5. Make sure that Explorer shows all extensions by selecting "View" and "Folder Options" and then de-select "Hide file extensions for known file types."  This way, if someone has added an extension to a file that is an exe at the end of another extension, you will automatically be able to see the correct extension and get some warning that all is not as it seems.

6. Disable Options in your Browser software that you do not use often, such as Java Script and ActiveX, or at least set the software to prompt you each time it detects them on a web page.  You then can decide whether to run or not according to the level of trust you place in an individual Web site and the level of risk you wish to take. At the same time, disable HTML support within your email software so that harmful code once again is not run.  And while you’re at it, do the same with your News Reader software as well.

7. When you get an email with an attachment, think before you open it.  Is it an email with a strange title?  Does the attachment have an odd name? Is it something you were expecting?  Is it from a person you converse with by email often? Does the attachment have a strange extension?  If you are happy, open the email but do not blithely download the attachment.  First, detach it and place it in a quarantine directory.  Once you have detached it, scan the directory to make sure it is not a virus that the AV software already knows about.  (Many people will say, "But saving it to disk means that the AV software real-time scanner has already scanned the file, so why scan it again?"  This may be so, but what if the real-time scanner is not running or has been disabled somehow?) Now make sure that the extension of the saved file is the same as the extension of the attachment to the email.

8. Stop sending out so many attachments yourself and discourage people who do it to you as well.  I am constantly bombarded with attachments that could just have easily been URLs.  The problem is that as my mailbox gets bigger I tend to delete emails with attachments first and so stand the chance of losing a good piece of information.  If it is a URL, though, the email is of no size at all and I can refer to the piece of information whenever I need it.

9. Back up your data regularly to a different location so that if you do inadvertently become infected and your files become corrupted, you have copies stored somewhere else.

10. Learn about Hoaxes and what they are and how to spot them. A good place to start is this Web site: http://www.kumite.com/myths.

All of these rules are equally important, so you need to use them all for "Common Sense" to work correctly. And remember, you must also use a piece of AV software that is both current (updated within the last week) and applicable.

Again, take a look at http://www.virusbtn.com which tests AV software on a regular basis and tells you what software is capable of detecting the current crop of viruses in the wild.

Conclusion
"Common Sense" is rated very highly and can be recommended to everyone without hesitation!  As to its ruggedness, a few questions remain about whether the software is as rugged on a Friday afternoon vs. a Monday morning.

All it takes is a little bit of thought to achieve an enhanced level of protection. For a freebie, it does an excellent job, especially when combined with another piece of AV software.


About the Author
Ian Higginbotham is Managing Director for Norman Data Defense Systems (UK) Limited.  After spending six years in the Merchant Navy, Ian Higginbotham started his own business, a franchise in Amtrak.  Ian got into the IT side of the business when his depot was the first to utilise a full barcode tracking and sorting system, prompting him to begin training other depots in the IT side of the business.  In 1994 he began working as a consultant for a number of small companies on management technical training, with a focus on networking and virus control solutions for SME clients.  He joined Norman Data Defense Systems, UK in 1997 and became Managing Director in June 2000.