Easeus safe to use?

I haven't seen any questions raised about whether EASEUS is safe to use. I mean free from latent malware. Is it even possible to test for the presence of such ware?

I realize that this sounds like I'm unfairly concerned about EASEUS in particular, since the same question can be asked about other imaging apps. However, I am currently interested in EASEUS specifically.

Thanks.

 

Why would you think Easeus is infected with malware? Have you experienced some problems after using it?

 

malware free yes. safe to use.... myself as well as others have had major issues restoring images. i do know people who use and love it. so for me its a mixed bag. for a free program i would say its FULL featured but needs some work.

 

Safe? Yes...however, as cited above, there have been some restore issues. For me, it kept resizing my System Reserved partition upon restore even though I kept telling it not to. Note this was on version 2.x...I have no idea if this has been corrected in 3.x. Support said that's just the way it works.

 

Thanks for sharing your anecdotes. No I haven't tried it yet, I want to become more knowledgeable about the ability to detect the presence of malware before considering a trial. When I said latent malware, I mean malware that doesn't do anything to draw attention until certain conditions are met e.g. a time, a signal, prevailing conditions. Since I'm not in the security field, I am not familiar with whether there is anyway to test for the presence of such malware (unless the malware is a known one for which the signs can be sought). I'm assuming no, and I'm wondering if those more experienced in security can confirm, deny, or explain. Thanks.

 

Detecting Malware Time Bombs with Virtual Machines

 

Well that's interesting. The story, that is. The research paper, I didn't get it all. But it seems like they play with time perceived by malware and look for indications of its presence. I guess this would be for time-triggered malware, and if they know what symptoms to look for.

So I guess my question is whether there is some body of security people who take freeware that seems to be top of its class (and thus proliferates) and tests for latent malware, and how mature the detection methods are for new and unknown malware. For example, the paper seems to refer to time-triggered malware, but in principle, one can code up malware (or any-ware for that matter) to respond to arbitrary trigger conditions.

 

I don't know the answer to your question, but you can look up "logic bomb" to find more information.

 

I found http://www.inc.com/magazine/20090401/technology-when-it-workers-attack.html . "Logic bomb" seems focused on insider attack on corporate systems, where there is a chance to see the malicious code. Or for malware from outside, companies like Solidcore lock down corporate computers. I don't think they apply to freeware on home systems. Disappointingly, it seems from my limited surfing so far, this is a blind spot. Hopefully, I will be corrected on this (but I'm not holding my breath).

"Logic bomb" may be a rather narrow characterization of the threat, since malware doesn't necessarily have to remain latent and wait for triggers. As long as its ongoing activity is hard to detect, it can be operational all the time.

 

Some relevant papers:
"Automatically Identifying Trigger-based Behavior in Malware"
"Identifying Dormant Functionality in Malware Programs"

 

Hmm, I found the 2nd one kind of interesting...not being in the area of IT or CS, it isn't clear to me what they meant by a malware sample. Do they mean a malicious program whose main purpose is to do bad things, or do they mean a large app (like the one being inquired about in this thread) in which there may be code that does bad things? For that matter, is malware in general part of a large disguising app? I suspect not always, but correct me if I'm wrong. I wonder how feasible the approaches are for an entire app which may (or may not) contain malware code.

And apart from the technique, at the current time, is there an organization that pro-actively tests widely proliferating freeware (or even commercial ware)? Or is it a matter of waiting for bad things to happen, then doing a post-mortem to find out why?

 

See http://en.wikipedia.org/wiki/Malware for a description of what malware is.

If you want to know the exhibited behaviors of a program, you can submit it to various online services such as ThreatExpert, or you can use programs such as Process Monitor or Buster Sandbox Analyzer.

I don't know if any organization inspects popular software for trigger-based behavior.

 

According to Wikipedia, the closest thing that describes what I describe is a "trojan". However, trojans are described as malware disguised as useful software. I'm not sure whether that includes malicious functionality embedded in an app that actually does deliver its professed value i.e. the useful software is more than just a disguise. Not that it matters, since it's just symantetcs (pun intended).

ThreatExpert is pretty interesting. I checked out the description of the reports at http://www.threatexpert.com/overview.aspx , and it seems that only overt malicious behaviour is described i.e. there is no way to identify dormant malicious behaviour. However, there is also mention of reporting rootkits, though I suspect it might also be based on overt behaviour (based on the description of the report).

 

Wildersnube, I do not know why you are so much concerned about Easeus being infected with malware. Had it been infected, it would have been in the news by now. It is a well known company and the products are used by many people. The products might not be good enough when stacked up against competition, but they are definitely not carrying trojans inside them!

 

BTW, Easeus just started a private beta of TDB V4

 

Hello, Raza0007, the reassurances you provide are exactly what I would like to validate (if possible - not sure if it is) because EASEUS is such a lauded piece of freeware. As for why I'm concerned, the source of the concern is unsubstantiated, so I don't care to go down that path. I just want to seek the validated reassurance if possible. Thanks.

 

You are right to be concerned, but you are unlikely to find anybody here who will validate this for you, as most people do not expect trojans or other malwares to be present in products from reputable companies. This might be a concern for a product from an unknown author, but Easeus is quite well known and it would be business suicide for them to even contemplate hiding a virus or trojan inside their products.

 

Totally safe. + I use the freeware EaseUS Todo Backup Free 3.5 and I'm VERY satisfied.