Is there any discussion forum from G Data ? I checked their website. They don't have an email mentioned. I would like to send them issue with suspicious files it failed to detect yesterday. Today it has started detecting. I believe it is still highly dependent on signatures. Their Password Manager Firefox Plugin is not working. I found one email and sent the issue with screenshots. No response yet.
IMO has no forum, create a ticket https://www.gdatasoftware.com/support/contact not sure how and when they will react on mails when not using the support form.
Finally G Data responded on the email I found. I received two emails. For the Firefox extension they apologize and say they can't make it work. This option will be removed in a future release. So for Firefox, PasswordManager plugin won't be there. It works great with Chrome.
I tested with few samples. G Data failed to detect as malicious. I checked it against VirusTotal where 6/67 detected it as malicious and alerted with Machine Learning. These six engines are not from well-known brands. So I think G Data's capability to detect unknown malware is doubtful. Once I submitted this sample, the next day it started detecting. This means it is heavily relying on signatures.
If you can possibly remember any of the 6 engines that DID catch your test files as malicious, I would VERY much appreciate knowing their names. I am always on the look-out for lesser known brands to keep an eye on, such as those that did well in your test.
You can check: CheckPulse. Cloud and AI based. I installed Trial version. I noticed it warns of malicious files sometimes when G Data and other well known brands don't.
However, this does not mean G Data is failing. Because I am checking files when right-clicked. Sometimes the behavior-based detection module is triggered when you execute the file and it performs bad operations. G Data Total Security is overall an excellent package. I really liked features like: - Creating encrypted Vault - Password Manager plugin for Chrome browser - Tuner - Dual Engine scan. I guess the other engine it uses is: BitDefender - File Shredder
for the record - i dont care about any antivirus, including defender. but defender is the only one i let do its work because of its integration without creating massive leaks as other security software: avast, avira, kaspersky, f-secure, k7 - and this is fact. if - and when - hell is going to freeze i would chose eset again.
I discussed with G Data engineers to understand the multi-layer technology it uses to detect unknown malware. Both BEAST and DeepRay work when a file is executed. Before I was scanning a suspicious file from Windows context menu when it was not detecting. Today I created a Sandbox environment. Installed G Data Anti-Virus and executed the malware which it was not detecting during the scan. For few seconds nothing happened. No alerts. But suddenly the executable disappeared from the desktop and G Data BEAST trapped the unknown malware. Here is the alert I got: Impressed and trust now. https://ibb.co/dr3T78s https://ibb.co/dr3T78s
@rpk2006 Thank you VERY much for this follow-up to your previous post. You have renewed and increased my respect for G-Data.
At least that file has reached your system. in case of G-Data it has failed completely, it definitely happened to you, you were exploited. now its up on you to change your security concept where any antivirus is redundant. thats all i want bring to people - do not trust what an antivirus is telling you, or not telling you. G-Data only told you that you were exploited, but they dont have any clue how it happend. and i have doubt they told you what to do next. the password manager did not work, malware was found, it might intercepted any password transfer, so the gdata modul got exploited, do not tell any other because it is wrong. so you need to check and change any password used in gdata password safe, because it was exploited. next is to know that any current exploit modul is tested against all current antivirus programs. it was purpose not to get find that easily, not luck to have it found. in case of you it would set up that system from scratch. malware can behave different, not only exploiting, grabbing passwords, more to change windows security and create security holes where any antivirus must fail in the future. your system was compromised and thus no longer safe.
What to do next? Why, simply restore a clean image and POOF!!! Everything becomes beautiful again! A security app that PREVENTS malware from being installed &/or executed is great, but a security app that DETECTS malware, during or after its execution, is equally great -- if & only if the User images often to an external storage device. G-Data's Beast is a Behavior Blocker (BB). A BB is there to detect zero-day & other malware not yet detectable by signature -- in other words, malware that gets by malware PREVENTION apps. To do its job, the BB observes the execution of the malware, & blocks it the instant that malware-type behavior is detected. Yes, it is possible that some damage may already have been done, as @Brummelchen stated. That's the reason why imaging software is THE single-most important component of one's security set-up.
Hi, You may want to look into https: //avlab.pl/en/19th-edition-of-protection-test-against-malicious-software/ toward the bottom.
You are relying on signatures. Behavior Monitoring, is being used by all the products. Behavior Monitoring only works when the malware is actually executed. Only then it can understand the behavior. Further, these tests I performed in the Sandbox Environment. That being said, I have been using ESET from more than 12 years but this is the first time I purchased G Data Total Security for another machine. ESET, no doubt, has best detection rate, but yesterday I executed a sample which escaped ESET altogether. Behavior Monitoring is meant to be after execution. No antivirus is fool-proof. You need to run secondary opinion tool once a week. Also read this: The real reason why malware detection is hard—and underestimated
Both can be useful. After all if you don’t know if your system is/was infected, then most people won’t bother to restore a backup.
If you use a good Internet Security tool as primary defense and good second opinion tool regularly, you won't need to restore a backup. I tried using CatchPulse in conjunction with G Data. Both work seamlessly without interfering each other. Since CatchPulse is a cloud-based AI tool, it alerted me of a suspicious file when G Data didn't. Later I tested the same file in a sandbox environment with G Data, the behavior monitoring intercepted it. Though it is advisable to create an image of fresh system always handy.
read it again: you got exploited malware has reached your system. and behavior blocker only react on running processes, not on not executed programs. ^^ - this is a second option. if you dont care, your problem, your money, your accounts - i dont need to care. you have settled on an antivirus which has failed, no doubt. spend more money for nothing.
It was tested on sandbox environment not real environment. BTW, which product you trust ? I tested with ESET as well. It failed to detect one sample. Both signature and behavior.
dont mind. he has lost focus on the current problem and acting three steps ahead now (other threads).
I recall one my past test that increasing the detection kernel level to aggressive brought better results but on the other hand I encountered more alerts then.