- Apr 25, 2013
- 5,355
During a full antivirus scan, G Data reports both time elapsed and time remaining. At one point, the sum of those two times exceeded 80 minutes. However, the scan actually completed in 48 minutes. That's a good bit longer than the current average of 28 minutes to scan a clean system. Some antivirus products speed subsequent scans by skipping known safe files. Comodo Antivirus 8, for example, re-scanned my test system in less than two minutes. Not G Data; a repeat scan took just as long.
Good Malware Blocking
When I exposed G Data to a folder containing my current collection of malware samples, it wiped out most of them right away, and eliminated a few more when I tried to launch them. One way or another, G Data detected 93 percent of the samples and scored 9.3 of 10 possible points. Few products have scored better in this test, though Webroot SecureAnywhere Antivirus (2015) did manage a perfect 10.
As always, I also checked the product's reaction to a folder containing modified versions of the same samples. Each of the modified samples has a different filename and file size from the original, and a few non-executable bytes are also different. G Data didn't immediately recognize 22 percent of the samples whose originals were wiped out on sight. Interestingly, it did recognize several modified files whose originals weren't caught until I tried to launch them. Clearly there are multiple levels of protection going on here.
G Data blocked access to 45 percent of the URLs, and wiped out another 6 percent during the download process. Its overall protection percentage of 51 percent is a good deal better than the current average of 39 percent.
In general, each product gets tested with a different set of very new URLs, typically no more than four hours old. This time, I was able to test G Data, Avira Antivirus 2015, and Comodo simultaneously, using the same URL collection. Avira managed 58 percent protection, which is good; Comodo's score of 27 percent was not so good. The overall winner in this test remains McAfee AntiVirus Plus 2015, with 85 percent protection.
Behavior-Based Detection
By default, G Data's behavior-based "intelligent detection of unknown malware" is turned on. In some cases, behavior-based detection erroneously flags valid programs as malware, or baffles the user with confusing popups. As a quick sanity check, I installed 20 PCMag utilities under G Data's watchful eye.
These utilities necessarily hook deeply into Windows, doing things like installing global hooks and requesting elevated permissions. Apparently G Data looks for a pattern of malicious behavior rather than flagging every individual action that might suggest malware. It gave all the utilities a clean bill of health.
A couple of my hand-written analysis utilities did come under fire, but with reason. One test program repeatedly passes malware-hosting URLs to Internet Explorer, the other does the same with suspected phishing URLs. G Data reported that each "looks like a malicious program," and I can't blame it one bit.
So-So Phishing Protection
The same G Data feature that blocks browser access to known malware-hosting websites also serves to steer users away from phishing sites—fraudulent websites that try to steal your login credentials. In testing, I found that its behavior varied. In most cases, it replaced the fraudulent page with a clear warning stating "This is a known phishing site." However, occasionally it delivered a blank page with "Website blocked!" in the title, and in a few cases the browser simply displayed an error message. I had to check the event log to distinguish that last type from actual browser errors.
For this test, I launch suspected phishing URLs simultaneously in five browsers. One test system used G Data for phishing protection, another ran consistent phishing champ Symantec Norton Security The remaining three relied on phishing protection built into Chrome, Firefox, and Internet Explorer.
G Data's detection rate was 34 percentage points lower than Norton's, which puts it a tad below the middle of the pack. It lagged Chrome by 32 point and Firefox by 26 points. The only bright spot in the scoring came in comparison with Internet Explorer; G Data beat IE's detection rate by 47 percentage points. If you're a die-hard IE user, G Data's phishing protection could be useful; otherwise, not so much.
Good, not Great
G Data Antivirus 2015 scored well in my hands-on malware blocking test, and the labs that include it in their testing give it generally good marks. Note, though, that I give lab results more weight than my simple hands-on tests, and several competing products earn top results across the board from the labs.
Full Article
