G-Data 2015-Is The Release Candidate Available?

Discussion in 'other anti-virus software' started by Securon, Apr 4, 2014.

  1. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    I am not complaining.
    I am trying to analyze a situation.

    It is all too easy to draw conclusions.
    But good conclusions should be based on multiple data. So far, there is no feedback from others that use G Data with EMET 5.0, so there is hardly any data to substantiate any conclusion whatsoever.
    I am still hoping for more feedback, here or in the EMET thread.
     
  2. Ekalb

    Ekalb Registered Member

    Joined:
    Jul 1, 2012
    Posts:
    31
    This is not a new: several drivers of the same type may generate false positive. You seem not to believe that.
     
  3. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    I do not know whether G Data 2015 and EMET 5.0 have drivers of the same kind. I do not say that I do not believe that.
    Fact is that there were no issues at all with G Data 2015's Exploit Protection and/or BankGuard with EMET 4.0, EMET 4.1 and EMET 4.1 Update 1.
    I am trying to find out whether or not there is a (new) issue with G Data 2015 and EMET 5.0. I would like to base any conclusion on multiple data. So far I have not had any feedback from others using G Data with EMET 5.0, nor has G Data Support reported any cases of G Data BankGuard false positives in relation with EMET 5.0. That is why I am trying to determine whether I have a new case of a G Data and EMET 5.0 incompatibility on hand, or whether something else is (or was) causing my BankGuard false positives.
     
  4. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    I'm just glad you both are practicing sicher surfing.

    G-Data is great.

    I don't use separate exploit protection yet... I wish they would be included in an exploit test where we could get a better idea of how G-Data does with exploits.

    I don't like EMET very much... eventually I'll at least throw the free version of MBAE on this system with G-Data.

    ~ Removed Off Topic Remarks ~
     
    Last edited by a moderator: Sep 17, 2014
  5. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    That would be an interesting test. A comparison of G Data's Exploit Protection, EMET, MBAE Free, MBAE Premium, HMP.A 3 Free, HMP.A 3 with license (N.B. HMP.A 3 is yet still in Community Technical Preview, beta), and other exploit protection applications and components.
    However, quite complicating is that unlike EMET, MBAE and HMP.A 3 which are (and will be) single applications, G Data Anti Exploit is a component of G Data 2015 and as such is it hard to compare with those other applications.
    Anyway, comparative test or not, it would be welcome to know what protection G Data Anti Exploit exactly offers. To my knowledge, there is no such information available, unlike for EMET, MBAE, and HMP.A 3 Community Technical Preview, for which some or even quite some information is available.

    Is MBAE Free still compatible with G Data 2015?
    MBAE is not currently compatible with EMET and MBAE is not currently compatible with HitmanPro.Alert.
    I don't know about MBAE and G Data.
     
  6. guest

    guest Guest

    JFYI EMET does not install any new drivers in the system. It's basically just a GUI for security mechanisms that are already included in Windows OS to prevent potential memory intrusions, which also presents you to more access to additional mitigation techniques which you can customise if needed. In fact, AV software also utilise some of the mitigation techniques offered by EMET/Windows OS.

    @Stupendous Man
    Have you tried the temporary fix proposed by Paranoya in EMET's thread? You can also try to exclude EMET from G Data's protection. I don't think excluding EMET would help much, but who knows if it will work somehow.
     
  7. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    That's true for system wide mitigations but on a per application basis protected apps are injected with emet.dll. My guess is the banking guard interferes with it because dll injection is a common banking malware practice. Probably just a matter of whitelisting.
     
  8. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    No, not yet, because of what I said in my reply to Paranoya in the EMET thread.
    If and when I disable EMET's StackPivot mitigation for IE as suggested by Paranoya, I will report in the EMET thread.

    Interesting idea.
    Making an exception for G Data's real-time protection for EMET, you mean? I hadn't thought of that.
    The same applies as to Paranoya's suggestion -
    I think it would be wise to first find out what is (or was) causing the G Data BankGuard false positives, so that hopefully the G Data team can make a whitelisting.

    Also an interesting idea.
    But wouldn't the same have been the case for EMET 4.0, 4.1, and 4.1 Update 1?
    There were no BankGuard false positives with those EMET versions.
    But of course there may be something new that EMET 5.0 does to which G Data BankGuard reacts.

    Yes, I would think so.
    The only thing is that G Data lab must find out what needs to be whitelisted.

    There is some news:
    Yesterday I got a reply from G Data Support, requesting to use Sysinternals Process Explorer to make a full dump of the iexplore.exe processes, zip it, and upload it to the G Data server for analysis by the G Data team.
    I hope this will offer the G Data team the information needed to find the cause of the BankGuard false positives and make a whitelisting if possible.
     
  9. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    @Stupendous Man

    I said that part about whitelisting in reference to your question why former version of EMET are not affected. My guess is they just haven't whitelisted the recent version yet, though this is pure speculation on my part.
     
  10. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    Thank you. That is also what I expect. I think there's something in what EMET 5.0 does that is new and that may not yet be whitelisted by G Data. Although this is also pure speculation on my part. There is too little information to draw any conclusion yet, of course.
    I hope the requested dump file that I sent to G Data will help G Data labs to determine what was causing my false positives and help them to update the whitelist.
     
  11. guest

    guest Guest

    Yes, I also hope your problem can get fixed soon.

    I know EMET injects its DLL to protected apps. I was just saying that EMET does not install any new driver to the system. At least as of now I'm still thinking that EMET is just a switch for mitigation techniques. You've made a very good point regarding DLL injection though, logically that could be why this problem exists.
     
  12. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    I'm not exactly sure what they are talking about, but it may be relevant and it may be important.

    Or maybe not.


    株式会社グローバルワイズは、Windows対応のセキュリティソフト「G DATA インターネットセキュリティ」(日本語版)など3製品を10月2日より発売する。利用期間および利用ユーザー数に応じた複数のバリエーションを用意しており、希望小売価格は2980円~8980円(税別)。原則としてすべてダウンロード販売される。

     今回販売を開始する製品は「G DATA ANTIVIRUS」「G DATA INTERNET SECURITY」「G DATA TOTAL PROTECTION」の3種類。ドイツのセキュリティソフト会社であるG DATA Software AGが開発した。従来バーションと比較して、ウイルス対策エンジンのパフォーマンスを向上させたほか、脆弱性攻撃からの保護機能を強化しているという。

     製品ごとに機能差があり、「G DATA ANTIVIRUS」ではウイルス、メール、フィッシング対策などに対応。「G DATA INTERNET SECURITY」ではファイアウォール機能が追加され、「G DATA TOTAL PROTECTION」ではさらにアクセス制御機能が利用できる。

     対応OSは3製品共通で、Windows 8.1/8/7/Vista/XP。また、インターネット接続が必要となる。
     
    Last edited: Sep 19, 2014
  13. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    Well, if you take that text and use a translation service to translate from Japanese, you can see that it is not very important.
     
  14. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA

    Well Stupendous, that information may not have been very important to you. But to my friend Bubba, that was critical.

    I'm just say'in..
     
  15. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    Thanks.
    My reply was because of your formulation "I'm not exactly sure what they are talking about, but it may be relevant and it may be important. Or maybe not."
    Well ...
    Anyhow, I don't know about your friend Bubba, but for Japanese G Data customers the information that you mentioned certainly may have importance, because it was about the release of the 2015 version.
    However, to call it critical - I don't know about that, but it's fine with me, so I won't go on about it, if that's OK with you.
     
  16. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    You're welcome.


    That is not OK with me. But thank you for asking. I will go on about Bubba and the criticality of that information for him. You see, he was just about to leave his office at home, but then he decided to take extra time to translate the G-Data information. In that small time delay, a meteor from space struck and destroyed the rest of his house. The G-Data data saved his life. It also saved the life of his dog Cooner too. Bubba & Cooner live on to fight another day because of G-Data.

    This is symbolic for the rest of us. As computers are taken down with malware all around us, our G-Data protected machines live on to fight another day.

    G-Data has a fix on exploits.

    G-Data released a white paper on exploits earlier this year.

    Very Important But Not Critical G-Data White Paper Link Right Here

    Subsequently, G-Data added measures in the G-Data Internet Security Product.

    http://www.zepdesign.nl/en/pc-protection.html

    New in this version is comprehensive exploit protection. In addition to virus protection, this also safeguards your PC against malware that targets and exploits security vulnerabilities in your installed software.

    Brand-new exploit protection reliably safeguards your computer against security vulnerabilities in installed applications - from the text editor to the browser plug-in
    http://securitywatch.pcmag.com/secu...-your-security-software-block-exploit-attacks ***

    Had G-Data been included in this test, I think they would have come out very well.

    As a side note, it's interesting how well Norton did with exploits on that test. They don't really market their apparent skill in exploit protection.


    That is all.

    -FTP




    ***Note that HitmanProAlert.3 was screwed in this test. They tested and compared a beta product to finished products.
     
  17. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    Glorious G-Data Victory Link

    The only finished product to achieve the top score in 'Blocked Exploits.'

    Tied for first in 'Overall Remediation Score.'

    And the test was sponsored by Symantec.

    GERMAN SICHERHEIT

    The End

     
  18. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    the only 'finished' product?

    Odd, Norton is finished, and scored the highest at blocking exploits as well. Also in the study, Norton was far lower on system impact than Gdata.
     
  19. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    Weak sauce.

    Odd, the report I linked clearly showed that the Norton product was BETA.

    The Norton product tested is in BETA Link

    Norton sponsored the test. G-Data won the test.

    Hard to believe.... I know.

    G-Data is the ONLY product that scored highest in Blocked Exploits, Overall Protection Score, and Overall Remediation Score.

    And system impact was negligible. As the test noted, "However the system impact of all tested products is rather low and better than the industry average."
     
  20. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Frank! May the Force and Sicher...Be with You! Lol! Sincerely...Securon
     
  21. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I installed the latest Gdata. Immediately started having issues. Errors, blocking of legit files, etc.

    I'll stick with the big names.
     
  22. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,253
    Location:
    North Texas
    The beta is over...
     
  23. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    Well Hello there Securon.... Greetings to the Great White North territory. Thank you... and in return, may the Force and Sicher be with you! And be careful out there! Don't get trampled by a moose or some other terrible thing like that.. -Frank



    More weak sauce.



    Yeah, got it. Nobody is claiming otherwise.
     
  24. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,325
    Location:
    the Netherlands
    Hi Mayahana,
    Could you indicate which issues you experienced? Which errors, and blocking of which kind of legit files?

    As I mentioned before (September 11, September 13), I experienced some G Data BankGuard false positives. I am now waiting for the next BankGuard false positive, to collect the BankGuard process dump, compress it, and sent it to G Data for analysis.
    As for blocking of legit files, since a while, G Data started to detect OpenCandy supported installers (by popular demand by those users that are incapable of proper user of adware supported installers). Most OpenCandy supported installers are not blocked, but only the OpenCandy component is blocked with execution of the installer. However, I found one OpenCandy supported installer that was completely blocked by the G Data program, that was the ImgBurn installer. I reported that issue to G Data.

    As I said, Mayahana,
    Could you indicate which issues you experienced? Which errors, and blocking of which kind of legit files?
    Have you reported those issues to G Data?
    Reporting to G Data is the best way to get issues fixed.
    Thanks.
     
  25. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I had issues accessing my credit union, and I think one credit card company website with Gdata.
    Also it wouldn't allow the installation of IMGBurn.
    There was an issue where it refused to allow Postbox to run and connect to the internet.

    A few more random things, but it was removed after about 60 minutes due to these, and a few others. It's not weak sauce, I do this for a living, and when a program fires off 18 blocks, alerts, or false positives in 60 minutes after installation it immediately disqualifies it as a viable product for me to deploy. Either in the home, or as a MSP solution for any of our 32K machines we monitor.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.