BearWare Comprehensive Security Plan



What follows is text posted on BearWare's Security Page. Comments and
suggestions welcomed. For the links:

BearWare System Management

This section will be kept up-to-date as security management techniques
and tools often change.

BearWare Absolutely Required Plan
Everyone who owns a computer should at the very minimum:

Make and keep current a clean system image. Recommended programs: EaseUS
Todo Backup or Macrium Reflect.

Use online file storage to automatically backup your data files
real-time. Recommended: SugarSync.

BearWare Minimal Security Plan
I don't know about you, but I detest constant fiddling and management of
my computer. I want to use it with the least hassle and "noise" but also
have it be completely self reliant. I've always sought out a balance
between the most effective and the simplest management theme. What
follows is the four step theme I am currently using. What it may lack
with additional security tools with much more "noise" is more than made
up for with a system image and automatic real-time data protection.

Make and keep current a clean system image with EaseUS Todo Backup.
Use SugarSync to automatically backup or restore your data files real-time.
Use PandaCloud Antivirus Beta.
Use Windows Firewall.

Comprehensive Security Plan

A security plan that first covers recovery, and data protection is key.
Have a current image of your operating system and files. Backup your
data off-site regularly preferably in real-time. Use a Anti-Keylogger.
Have a Identity Theft Plan. Have a financial transaction plan such as
PayPal or MyProtect (especially with Credit/Debit cards.) Anything truly
sensitive, keep it encrypted and off of any computer that is connected
to the net.

Use anti-virus, anti-spyware, and firewall tools to help reduce events
requiring recovery from malware. Just about any of the top free tools
are good enough. Just remember, the bad guys are always one step ahead
and there are no silver bullets for 100% protection.

Your computer being hosed beyond use or a critical hardware failure is
not the most important issue. An image of your system or a hardware
component replacement easily remedies that. The issue is protecting
yourself from financial harm, sensitive data being compromised, or data

Remember: There is no privacy on the Internet and you can only protect
yourself by not doing or divulging some things at all. Identity Theft
and Financial protection plans are crucial.

Some of the better identity protection companies are LifeLock, IDENTITY
GUARD, TrustedID, ID Watchdog, and Guard Dog ID. These are not free
though important, as identity theft is one of the most serious and
numerous threats today. Research the companies available and choose one.
Identity Theft Labs Top Ten Reviews

Be sure all financial transactions are with trusted sites and an HTTPS
connection (secure web connection) such as https://website rather than
http://website. Also, secure web browser services are available. One
such new free service is very good: MyProtect. A history of MyProtect
can be found here.

Keyloggers are one of the more serious threats and a good free program
to DETECT AND PREVENT them is SpyShelter which uses special algorithms
to protect your data against Spy and monitoring software that are used
to steal or reveal your data to other parties such as extremely
dangerous and custom-made keyloggers. It actively scans when any spy
program, keylogger or Trojan attempts to store your private information.
It is designed to be compatible with other well-known security products
such as anti-virus and firewall software. System protection (HIPS), Anti
-keylogger, AntiScreenCapture, and AntiClipboardCapture. Minimal
resource usage. It can be configured to launch an on screen keyboard
when logging into your system. A better on screen keyboard than what
comes with Windows to use with SpyShelter or anytime you type secure
information is SafeKeys.

Imaging your system is the single most important thing anyone who owns a
computer should do first and foremost.

The single most important aspect of a computer recovery due to any
catastrophe is to be able to restore your entire system easily. There is
no silver bullet or suite of software that can guarantee you will not
become infected or prevent hardware failure. There is no guarantee or
certain way to know that you will be able to clean all of the malware if
you become infected and even so, that process can actually take longer
than restoring an image to your computer. Making an image of your system
is the surest, fastest and best solution to recover from hardware
failure or malware infections. It is also something ANYONE can do easily
regardless of their level of technical knowledge.
The act of restoring an image, completely erases the contents of your
hard drive/partition and rewrites the entire contents of the image over
it. If this image is an image of your active partition (partition on a
hard drive set as the bootable partition and contains the operating
system - usually c:/) it will completely restore your system as it was
at the time you made your image. Making an image of your system can
reduce complete system restoration time to thirty minutes or less. You
will not need operating system or factory restoration disks, or computer
manufacturer restoration features to re-stage your computer - simply
restore the image. This is the best overall protection you can have. I
cannot stress the importance of this enough. I recommend making an image
and restoring it to your system as soon as possible so you gain
confidence with imaging.

First you should obtain an external hard drive and create image backup
folders on that device. (You can use CD/DVDs to copy your images to,
however, multiple CD/DVDs will be needed and how many depends on how
large your drive is.) Before you make an image, update your programs,
run deep scans with your antivirus and manual scanners, clean and
defragment your machine in order to get as clean an image as possible.
Ideally you start with a factory fresh installation of everything.
However for starters, don't worry about cleaning up. MAKE A SYSTEM
IMAGE! When you get around to cleaning up or if you decide to restage
for a fresh start, then make a new image. That first image may save you
if you are procrastinating. Your only other option if catastrophe
happens is completely restage your computer which may take days of your
undivided attention versus 30 minutes to restore an image and all you do
is wait till it's finished.

Download and install your backup imaging program. I recommend EaseUS
Todo Backup. which is a one-click system imaging tool. It can mage an
entire system state including the operating system and installed
applications on-the-fly without interrupting your work. You can also
choose to back up separate partitions, specified files, network shared
files, files in use, folders or specific file types. Provides
alternatives to perform full backups each time by offering incremental
backup and differential backup. The feature of "recover to dissimilar
hardware" can simplify system migration with restoring a system to
dissimilar hardware configuration for hardware replacement under a WinPE
recovery environment. Full backup disks, partitions or dynamic volumes
to image. It ensures PC security and instant data recovery in case of
any data loss. Schedule a backup task, your system and important data
can be backed up now, daily, weekly, monthly. Clone or transfer all the
data on a hard disk to another. Clone disk is especially useful to
upgrade your hard drive to a new one without reinstalling operating
systems and applications. Size: 311MB. Win 2000/XP/Vista/2008/7.

Making an image is just too easy to do. First, make a boot CD with Todo
and then test it. Put the boot CD in your CD drive and reboot your
machine. It should boot up to the Todo restore program. Then take the
boot CD out and reboot back to your system.
Next, make a folder on your external hard drive and name it. Then use
the wizard in Todo to make an image and choose your operating system
drive (usually drive C:/) and point it to your external HD folder you
made...and go. That's it.
If you want to restore a image, boot to your boot CD and choose the
restore feature. Just point to the image on your external HD and then
point it to restore to drive C:/ (or whatever partition you imaged) and
go. That's it. In 30 minutes, your system is restored to the way it was
when you made the image.
With such, it's easier to recover than clean. You will never need
anyone's help again if/when your machine becomes infected or slows down,
are you encounter a hardware failure.

There are quite a few tutorials on YouTube illustrating how to use
EaseUS Todo Backup.

Tip: Keep the last few images you make as you may discover a corrupt
image or make a dirty image (system not clean when you make the image).

Tip: If you are not sure your system is clean, it may be worth the
effort to re-stage your computer with your factory restoration CDs or on
hard drive restoration factory images, reload the Windows updates,
reinstall your programs, data files and settings and then make an image.
This may take a long time, but it is worth having an image of your
computer in a pristine state. Just image your system before you re-stage
so you have access to files etc. after your re-stage.

Tip: Maintain at least three images of your system.

Insure you always have a current /clean image.
When your system changes significantly, make a new image but always keep
the previous image as a backup.
Make a clean factory install image with all of your installed programs
that is updated periodically to keep up with the security updates and
new installs.
VERY IMPORTANT! If your machine ever becomes infected, investigate it
and remove the infections if possible and you may continue using the
computer until you decide to make a permanent system change that would
prompt you to make a new Image. Before you make that change, reload the
most current image, make the change and then make a new Image. Never
Image a system that was previous infected and cleaned as you can never
be certain all of the infection was removed.

My preferred choice of protecting my data files in between images, is to
use SugarSync. I use SugarSync (5GB of storage) to sync MyDocuments
folder which contains all of my datafiles and portable programs.
Therefore there is no need to make incremental backups of data files
between images. SugarSync is automatic real-time backup of the data in
the folders you point it to. If you restore an image, SugarSync will
automatically update those folders and files to your older image files.

If you choose not to use such services or such isn't suitable for your
needs, use backup software between images like FreeFileSync routinely to
sync your data files to a different folder than your backup Images
folder on your external hard drive. This will help make reverting to
your last image more painless if you ever have to do so and those
backed-up data files you changed since the last image can be then
restored back to your system after you load your image. Just remember,
FreeFileSync is not real-time backup, though it can be scheduled.

Your important data should always be backed-up off-site or online,
though some people decide to use methods such as 'fireproof containers"
which could still become lost, stolen or receive damage. Also, truly
sensitive data should never be kept on computers/storage that allows or
has Internet access.
I've used SugarSync since it became available and I can attest that it
is as reliable as any Cloud real-time autosync service available.
SugarSync will automatically sync any folders you point to and offers
5GB free storage (and up to 10GB with referrals.) It also gives you
access to these folders via all of your devices and any computer with an
Internet connection. I pointed SugarSync to my PC's My Documents folder
in which I keep folders containing all of my data files, including
portable programs, music and video, etc.

If you install SugarSync on your Android or iPhone as well as your
computer, all of your pictures or video created with your phone are
automatically saved to SugarSync which you can access from all of your
other devices.

SugarSync is a way for users that work with a lot of files (music,
documents, pictures) and multiple computers (a combination of laptops,
desktops, cell phones) to keep all of those things in sync via online

You can also, from anyone's computer or device, upload files to your "My
SugarSync Website" where it will become immediately available to all of
your computers or devices connected to your SugarSync account once it
synchronizes with those devices. You can also point torrent downloads to
those folders from any computer or device.

The Magic Briefcase is a folder whose files will remain identical across
all the computers that are being backed up. So say you have two
computers, and you're between the two a lot while working on a project,
you can keep your project files in the Magic Briefcase, to ensure that
whenever you set to work on the project, that you're working on the
latest and most current version of the files.

The Web Archive feature segregates a file out from the rest of the
synchronization activities between your computers and SugarSync. So, say
you're working on a multiple file Word document, and you particularly
like this specific version of one of the documents, you may elect to
archive that document, then and there, and the file will be frozen in
time, set aside in the archive, for you to refer to, download whenever
you want.

Be sure to manage your deleted files folder on SugarSync as files you
delete remain in that folder until you *permanently* delete them, thus
still taking up storage space. This is a great feature to help prevent
accidental deletion of files but must be managed to recover storage
space eventually.

One of the cool features to SugarSync is the quick and easy way to
socialize straight away from the site's folders. For instance, you'll
find that once your photos have been backed up to the cloud, that each
file and folder is given the opportunity to share the pic with your
Facebook friends. You can also share your files the "old fashioned" way,
by email. And like you can with other file sharing and online storage
services, you can set files to a status of Private or Public.

You can also set up private shared folders. These folders work much the
same way shared folders do on other online storage and file sharing
services. You set up the folder either through the desktop app or
through the website, and then you invite users to come and collaborate
and share files within that folder only. You can elect to continuously
back up and synchronize the folder with a specific folder on any of the
computers that you're backing up with SugarSync, or you can just upload
files to that shared folder manually; it's really up to you.

With SugarSync, your MP3 collection housed on your PC follows you,
wherever you go. Stream you DRM-free MP3s and M4As to your other
computers or even your iPhone or iPod touch or Android using SugarSync.
Remember, you're streaming the files from SugarSync, not your home PC;
so even with your computer turned off, you can still listen to your
favorite artists from another location.

Similarly, your photos can now follow you, too. SugarSync not only backs
up your photos, but also creates online galleries for you to share with
your friends. No longer do you have to backup your photos to one spot,
and upload them again somewhere else to share them. The enhanced Photo
Gallery makes browsing through your photos a breeze. Since this is a
synchronizing system, when you take a photo with your phone, it's sent
to SugarSync, and it's also downloaded to your computer.

The key role that SugarSync plays for your computer is the real-time
autosync of all of your data files and programs in the folders you point
SugarSync to. If you ever have to restore an Image of your operating
system, for whatever reason, all of these data files will automatically
download the most recent files to those folders once you boot to the
restored image. All of these files automatically take care of themselves.

IMO, SugarSync is one of the top three most important things a person
should do to become self-reliant with their computer. Those are:

Image your computer.
Use the likes of SugarSync to automatically protect your data.
Use any decent combination of AntiVirus, AntiSpyware, and firewall.
CX Cloud Storage
If you need additional free storage beyond that of SugarSync:

CX is secure cloud storage, real-time auto-syncing, public and private
sharing, interactive group collaboration, and intelligent discovery.
10GB free and get up to 16GB total with referrals. Mac, IPad, Windows.
Android coming soon.

What I like about CX Cloud Storage is 10GB of real-time auto-sync'd free
storage out of the box with referral upgrade to 16GB. I recommend it's
use if you need more real-time auto-sync'd free storage than the 5GB to
10GB SugarSync offers or store specific categories of files such as media.

ADrive Cloud Storage
Another way to free up your real-time auto-sync Cloud Storage accounts
is to use ADrive for your static or rarely used files. ADrive Features
50GB free Cloud Storage. There is no synchronization so it is similar to
an external hard drive, safer (off-site) but slower. It does have
Universal Access, File Sharing (free account shared links expire after
two weeks), Folder/Directory Upload, File Download, and an Easy Search
Tool. It is not suitable for streaming music or video IMO.

Google Music
Google Music offers both a locker service and a store, along with a
limited ability to share songs for free with Google+ users. It allows
you to upload and stream your music for free and store 20,000 songs. The
key is that if you have an Android phone or device, you now have an
excellent free choice for streaming and sharing music and you can free
up some of your SugarSync or CX storage space.

Here is an article at Softonic on How To Setup Google Music.


Standalone Suite Comodo Internet Security


AntiVirus Suite avast!
Firewall Comodo Firewall
Anti KeyLogger SpyShelter
Anti Malware HIPS WinPatrol or ThreatFire


AntiVirus Panda Cloud Antivirus Beta The new Panda Cloud Antivirus Beta
is here which also incorporates a full fledged firewall with application
and system rules.


Windows firewall is good enough, but if you want more control though
much noisier, use Comodo Firewall (without the antivirus) instead of
Windows firewall.


Vulnerable and out-dated programs and plug-ins expose your PC to
attacks. Attacks exploiting vulnerable programs and plug-ins are rarely
blocked by traditional anti-virus and are therefore increasingly
"popular" among criminals. The only solution to block these kind of
attacks is to apply security updates, commonly referred to as patches.
Patches are offered free-of-charge by most software vendors, however,
finding all these patches is a tedious and time consuming task. I
recommend Secunia PSI as it automates these necessary updates and alerts
you when your programs and plug-ins require updating to stay secure.


Perform routine manual scans periodically with Emsisoft Anti Malware
Scanner, Comodo Cleaning Essentials and Malwarebytes.

To check for and clean rootkit infections run a scan with Gmer
Anti-Rootkit and let it walk you through removal if it finds any rootkits.


Many system tools can disable your operating system, especially
attempting to clean malware or registries.

First and foremost always have a current clean image of your system and
your data automatically real-time backed up via the likes of SugarSync
(or an external hard drive but preferably off-site). After that, if your
machine becomes infected...simply restore your image, your data files
will take care of themselves. If you do this, you won't ever need help
from anyone restoring your system.

If you don't have a current clean image and your machine becomes
infected, the first thing you should immediately do is disconnect that
machine from the Internet. Then make an image of the infected machine so
you have the ability to recover if cleaning tools disable your system,
which also will preserve your files for recovery after re-staging.
Cleaning a machine is a temporary fix and it is best to re-stage your
system (which takes many hours and sometimes days) as soon as possible
as you can never be sure you have completely cleaned all of the infections.

Of course, if you want to attempt to clean your machine for informative
purposes by all means do so, but after you are done, re-load your latest
clean system image, as you can never be sure an infected machine has
been thoroughly cleaned without many hours of expert inspection of every
file on the computer. Re-loading an image only takes a few minutes, very
little effort and you won't need help - I can't stress the importance of
imaging enough.

If you think you are infected, perform a deep scan with your anti-virus
and then with the above manual scanners. If you are infected which is
causing management issues in normal mode, you can try to clean these
infections with the above scanners by booting your system into SAFE-MODE
(without networking) by re-booting and pressing F8 during boot and be
sure to use safe-mode without networking.

Tip: Sometimes malware will prevent these programs from running and a
good trick is to rename the executable file before running it.

Article Malware Removal Guide for Windows will help you clean your
computer of malware. If you think your computer is infected with a virus
or some other malicious software, you may want to use this guide. It
contains instructions that, if done correctly and in order, will remove
most malware infections on a Windows operating system. It highlights the
tools and resources that are necessary to clean your system. Malware is
a general term for any malicious software, including viruses, Trojans,
rootkits, spyware and adware.


SARDU (Shardana Antivirus Rescue Disk Utility) can build one multi-boot
support CD, DVD or a USB device. The disk or USB device may include
comprehensive collections of "antivirus rescue CD", collections of
utilities, popular distributions of Linux Live, the best known Windows
PE , recovery disks and Install of Windows XP , Windows Vista and
Windows Seven. All you need for troubleshooting. SARDU does include a
few utilities, but is primarily a tool for managing the software (ISO
image files) that you download from other companies and developers,
which can be also done with this tool.

Video Example by Mr Izos

Video Example by Languy99 in three parts (older version of SARDU but
shows you how to use it.)

VIDEO 1rst part
VIDEO 2nd part
VIDEO 3rd part

There is no antimalware program(s) that is bullet proof...therefore more
important to have real time back up of your data and portable programs,
and a very current image of your system. Why...because *when* you become
infected, it takes more time to try to clean than re-image, and you can
never be certain you've cleaned it all. If you do not have such a plan,
SARDU is the best type of approach to cleaning. Trying to use programs
to clean your system while your system is booted is definitely a crap shoot.

If you have such a recovery plan, just about any decent anti-malware
program could be used. I mean it's not like any of them are bullet proof
so it's a crap shoot. You might have the best AV in the world and happen
across the one malware that defeats it...bang. You might use the worst
and never come across malware that defeats it. It's a crap shoot.

Tip: If you are so heavily infected requiring rescue CD's, it is much
faster and more reliable to use the backup Image you made with EaseUS
Todo Backup and restore your computer to the last image you made in 30
minutes or less. You must however, boot with the EaseUS Todo Backup boot
CD to restore your image.


LastPass is the most secure solution for encrypted automated password
management, and form filler. There is also nothing easier to use to
manage your passwords with as many features although some folks prefer
computer based programs such as KeePass.

Steve Gibson, renowned security expert, reviews LastPass in depth in a
podcast. Here is a text transcription of that podcast.


Google Public DNS allows you to use Google's DNS servers coupled with
their malware databases which block websites known to contain malware.
This gives you an additional layer of security without adding additional
burden to your system resources. It is also faster and has more valid
results than your ISPs. Look up how to change your DNS settings for your
particular operating system.


If you use wireless connections in your home network, it is imperative
that you encrypt the connection. Anyone within range of your wireless
transmission could connect to your network and use it or capture your
computing sessions.

WEP is no longer recommended. The FBI has demonstrated that WEP can be
cracked in just a few minutes using software tools that are readily
available over the Internet. Even a long random character password will
not protect you with WEP. You should be using WPA or preferably WPA2
encryption. Check with your WiFi router manual to determine how to do this.

To encrypt your Wifi, reset the wireless router to factory: press and
hold reset 20 seconds. On the main computer connected by wire to the
router, use any browser and go to to enter management page.
The router's login password is usually on one of the "Administration"
pages. The other settings are all found in the "Wireless" section of the
router's setup pages, located at

Linksys BEFW11S4 or WRT54G= admin
Linksys EtherFast Cable/DSL Ethernet routers= Administrator
Linksys Comcast routers= comcast
All other Linksys routers= [none].

Linksys BEFW11S4= [none]
Linksys Comcast routers= 1234
All other Linksys routers= admin.
First, give your router a unique SSID. Don't use "linksys". Make sure
"SSID Broadcast" is set to "disabled".

MAC Authentication should be applied.

Next, leave the router at its default settings (except for the unique
SSID), and then use a configured as above pc to connect wirelessly to
the router. Test your wireless Internet connection and make sure it is
working correctly. You must have a properly working wireless connection
before setting up wireless security.

To implement wireless security, you need to do one step at a time, then
verify that you can still connect your wireless computer to the router.

Next, select to encrypt your wireless system using the highest level of
encryption that all of your wireless devices will support. Common
encryption methods are:

WEP - poor
WPA (sometimes called PSK, or WPA with TKIP) - good
WPA2 (sometimes called PSK2, or WPA with AES) - best.
WPA and WPA2 sometimes come in versions of "personal" and "enterprise".
Most home users should use "personal". Also, if you have a choice
between AES and TKIP, and your wireless equipment is capable of both,
choose AES. With any encryption method, you will need to supply a key
(sometimes called a "passphrase" ).

The wireless devices (computers, printers, etc.) that you have will need
to be set up with the SSID, encryption method, and key that matches what
you entered in the router. Retest your system and verify that your
wireless Internet connection is still working correctly.

And don't forget to give your router a new login password. Picking
Passwords (keys): You should never use a dictionary word as a password.
If you use a dictionary word as a password, even WPA2 can be cracked in
a few minutes. When you pick your login password and encryption key (or
password or passphrase) you should use a random combination of capital
letters, small letters, numbers, and characters but no spaces. A login
password, should be 12 characters or more. WPA and WPA2 passwords should
be at least 24 characters. Note: Your key, password, or passphrase must
not have any spaces in it.

Most home users should have their routers set so that "remote
management" of the router is disabled. If you must have this option
enabled, then your login password must be increased to a minimum of 24
random characters.

One additional issue is that Windows XP requires a patch to run WPA2. Go
to Microsoft Knowledge base, article ID=917021 and it will direct you to
the patch. Sadly, the patch is not part of the automatic Windows XP
updates, so lots of people are missing the patch.

A wireless Router with a Full FireWall implementation is best. Then only
the operating system's stock FireWall is needed and the LAN nodes will
have more resources available. A Router FireWall is stronger and more
secure than a software firewall.

Routers PcWinTech


If you believe you are infected and want on-line help (if you can go
on-line), go to one of the free tech support forums listed in my Tech
Support Section (I prefer TechSupportGuy,) post your issue and let them
walk you through cleaning. However, RESTORING THE LAST CLEAN IMAGE of
your computer is the surest and fastest solution.

Prey Project

Prey lets you keep track of your phone or laptop at all times, and will
help you find it if it ever gets lost or stolen. It's lightweight, open
source software, and free for anyone to use. And it just works.

With everything set up, you can log into the web site and see a list of
all the devices you're tracking. And that's all there is to it. Until,
of course, one of those devices gets stolen. At which point, log into
the web site again and mark the device as missing. Or, if the device is
a Smartphone, send it an SMS message that contains the secret word you
specified when you installed the client app on it.

Prey Project introduction from Carlos Yaconi on Vimeo.

Once the device has been instructed to go into "missing" mode by the
Prey web site, the installed client springs into action, and does
whatever you've told it to do. If the device has the ability to work out
its location, either via the mobile phone network or GPS, it'll send you
a map of where it currently is. If there's a webcam on there, you can
tell it to take a photo of the current user and display that on the web
site too. Or, you can have it take regular screen shots instead.
Needless to say, you can also protect your data. You can remotely lock
the device or delete the files on it.

And it's worth remembering that such software isn't just useful for
tracking stolen hardware. If you'd like to know where your kids are, or
perhaps you want to keep an eye on an elderly relative who values their
freedom to roam, Prey will do it. As for the morals regarding how you
use it, and on whom, that's entirely up to you.

Right now, Prey lets you track three devices free. If you want to track
more devices for free, simply create another account with a different
email address.


At the very minimum, keep a current clean image of your computer and use
AV/AS/Firewall software. Also, backup your data files and portable
programs off-site with such as SugarSync real-time backup. Restore the
image if you get into trouble. Your data files and portable programs
will take care of themselves via SugarSync.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question