G Data InternetSecurity 2014 - Dynamic test

Discussion in 'other anti-virus software' started by pykko, Mar 28, 2013.

Thread Status:
Not open for further replies.
  1. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
  2. luckyboy

    luckyboy Registered Member

    Joined:
    Mar 28, 2013
    Posts:
    49
    Location:
    България
    Very bad rendering on anti-phishing sites!:(
     
  3. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Any comparison with other AVs for this malware set?
     
  4. Ford Prefect

    Ford Prefect Registered Member

    Joined:
    Oct 31, 2008
    Posts:
    103
    Location:
    Germany, Ruhrpott
    I ran the suite on a w8x64 box.
    With out-of-the-box settings G Data scored 190 points.
    Setting the firewall to 'maximum security': 210 points.
     
  5. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    I performed the test on a X86 machine with default settings for G Data.
     
  6. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,730
    Location:
    localhost
    A bit misleading calling it dynamic... may be dynamic for 40 malware? As the usual on-demand scan is run on the 22140 samples. Was the sample tested (not virustotal) to exclude broken or irrelevant files?

    I don't see much difference in this test with youtubers or home-grown testing apart from been published on a website. On top the responsible seems also comodo forums moderator. This raises some potential conflict of interest. o_O

    No offense intended to the staff that spent time on this but I would take this with a bit of caution. I though this type of testing was discourage here at wilders. I guess its difficult to draw a line between acceptable and not acceptable tests.
     
  7. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    The tester isn't comodo forums moderator. Where did you draw this conclusion?
     
  8. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,730
    Location:
    localhost
    Yes... sorry Comodo forum malware cleaner/helper, on top using Comodo suite leak/hips tool to test products. Not the best set-up for a neutral/indipendent testing :)
     
  9. Cimmerian

    Cimmerian Registered Member

    Joined:
    Nov 29, 2010
    Posts:
    410
    Location:
    New Jersey
    Gotta say these results are disappointing...As Blackcat asked, any comparisons with other AV's for this malware set? Maybe Bitdefender? I think that would be pretty relevant in comparison with G Data.
     
  10. true indian

    true indian Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    757
    Location:
    india
    I dont understand how any of these Home grown or tests conducted by organizations are of any importance or bare any importance to real life usage :rolleyes:
     
  11. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I have said this before, engine (B) in the new version does pretty much nothing in my own testing. You would have seen a higher rate of detection in your test if you had Avast! as engine (B) just due to signature files. I would guess G-Data changed it from Avast! so they did not have to pay for new technology licensing, its purely a financial decision. Loss of a little protection, gain of a lot of money.
     
  12. Cimmerian

    Cimmerian Registered Member

    Joined:
    Nov 29, 2010
    Posts:
    410
    Location:
    New Jersey
    This is exactly why I asked pykko if they had tested Bitdefender itself against the same sample set. It would be a good indication of what G Data may or may not have lost by dropping Avast in favor of Close Gap. One thing to consider though, is that any malware detection I've ever seen by G Data, was made by the Bitdefender engine, not Avast. Not a knock, just an observation.
     
  13. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    I will try to perform the same scan with another scanner during this week-end.
     
  14. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Being a G-Data user for years the Avast! engine caught a few things for me and so did the BD engine. I can't see Bitdefender doing worse then what G-Data did on this test, it would not make sense and is probably the Bitdefender engine that detected all of the threats. CloseGap is a silly idea because it works on "Whats hot" in the threat world, but guess what. When you know what's hot and have coded a defense against it, its already defunct and there is a new thing. CloseGap updates like this, "Threat A" is prominent, the CloseGap people look at the threat and code a "Defense" against it, not a signature file a defense that plugs what ever hole the "Threat A" is abusing so no variant of "Threat A" can get through. Its kinda dumb though as the time it takes CloseGap to figure out and block "Threat A" it is already a new "Threat B" on the rise, and "Threat A's" defense is not null and void and thus removed from "Engine B" They will only keep active threat defenses for that moment and drop old ones to save resources. So CloseGap is kinda pointless in my opinion and i would rather a second signature engine.
     
  15. Cimmerian

    Cimmerian Registered Member

    Joined:
    Nov 29, 2010
    Posts:
    410
    Location:
    New Jersey
    @ pykko- Thank you, looking forward to your further test results..:thumb:

    @ Taliscicero- I can't see Bitdefender doing worse than G Data either. What I'm saying is that a BD/G Data comparison would show how BD, plus whatever modules it uses that G Data doesn't, does against G Data, with Close Gap, in a head to head test.
    Also, maybe I'm misunderstanding how exactly Close Gap works, but it does appear to be signature based. This is a snippet from the G Data website--"G Data CloseGap technology breaks new ground and combines proactive and signature-based security technologies".
     
  16. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    It says signature, but not what we think of as a signature. In my best knowledge of researching CloseGap, it is a signature in the way, it tells G-DATA (B) what vector of activity to block. if Java has a recent exploit, it downloads a signature to tell CloseGap to block the attack vector and not the file. Its signatures in that respect, but in reality its kinda a bad way to block threats as that is what patches are for which in this case Java would update.
     
  17. Ford Prefect

    Ford Prefect Registered Member

    Joined:
    Oct 31, 2008
    Posts:
    103
    Location:
    Germany, Ruhrpott
    Once again: how do you manage to run only engine b? Even if this is not the way G Data should be configured...
     
  18. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I cheated, I ran the full product and scanned new malware samples from my honeypot in a windows environment. I went for a while until there were 100 files not detected with Engine (A) Bitdefender "Native product and in G-Data". I then waited 6 hours and scanned the same 100 files again with the G-Data product where about 40% more were detected but by engine (A) Bitdefender. I got no detections by engine (B) CloseGap in the first test nor 6 hours later. I came to the conclusion that either CloseGap does nothing, or it does not contain signature files. On further research I'm lead to believe that Engine (B) CloseGap protects only a limited set of malware by blocking attack vectors like Java or Flash from exploits before patches come out. It then deleted its protection module / signature files once the patch comes out. I believe this is not such a great technology since Java/Flash update themselves pretty fast, and maybe CloseGap does not even have a chance to be effective in that short time between exploit and patch.
     
  19. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    Your conclusions are wrong.
     
  20. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Please enlighten me then, I came to the conclusions in my own testing. If you know anything that I don't then please tell me. If you have done your own tests are are familiar with how CloseGap works and performs then feel free to enlighten the group. My own testing seem like some of the only testing done.
     
  21. markusg

    markusg Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    248
    i would be interested in behaviour blocker results, in the past it was not so great i think.
     
  22. luckyboy

    luckyboy Registered Member

    Joined:
    Mar 28, 2013
    Posts:
    49
    Location:
    България
    now is excellent.
     
  23. markusg

    markusg Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    248
    also against ransoms?
     
  24. luckyboy

    luckyboy Registered Member

    Joined:
    Mar 28, 2013
    Posts:
    49
    Location:
    България
    Yes,check yourself
     
  25. markusg

    markusg Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    248
    no, i have an antimalware software, was only interested.
     
Loading...
Thread Status:
Not open for further replies.