Q&A G Data bug?

sepik

Level 11
Aug 21, 2018
521
Hello,
I have G Data IS with Malwarebytes Premium installed. G Data is set to detect malware on execution only. However, there's a setting "monitor critical folders in particular" which means, as i understand, every file written to "critical folders" are checked when writing or reading(it overrides on execution setting).
So i made c:\test folder, and set up G Data to monitor that "critical folder in particular". So i assume, when i download or unzip a malware file to that folder, it should detect it when writing? But it does not do that. Malware sample is old, so G Data should detect that(static scan detects it).
Is that a some kind of a bug or is it just me? Any G Data user can confirm that? Tested with / without Malwarebytes installed.

Kind regards,
-sepik
 

silversurfer

Level 75
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,432
Hello,
I have G Data IS with Malwarebytes Premium installed. G Data is set to detect malware on execution only. However, there's a setting "monitor critical folders in particular" which means, as i understand, every file written to "critical folders" are checked when writing or reading(it overrides on execution setting).
Do you have already tried other samples or just that "Eicar" test file ?

Maybe it's a kind of misinterpretation from our user side... as always the best way would be just going to ask support by GData
 
F

ForgottenSeer 89360

This is from the manual located here: Confluence Mobile - Help Center
  • Monitor critical folders in particular: You can use this function to specifically check especially critical folders, e.g. folders shared on the network, personal data or Cloud services (such as Microsoft Dropbox, OneDrive, Google Drive etc). After you have made your selection in the dialogue box, this is then always monitored in Check read & write access mode – regardless of the settings you use for all other files, folders and directories. If you have selected the Check read & write access mode for all files by default, the settings option for critical folders is greyed out.

It looks like interpretation is right. Best thing to do is to open a support ticket with them. You might also exit Malwarebytes from the tray menu and download Eicar Test File.
 

sepik

Level 11
Aug 21, 2018
521
@silversurfer
Tested with old and new samples, but not with eicar. However, if static scan detects it, it should detect it also when written to that specific folder.

@McMcbrad
I will open a support ticket, but before that, i do like to be sure that other G Data users here can confirm this "bug"

It also can be possible that i did something wrong, too. :( :)
 
F

ForgottenSeer 89360

@McMcbrad
I will open a support ticket, but before that, i do like to be sure that other G Data users here can confirm this "bug"

It also can be possible that i did something wrong, too. :( :)
Are you sure your engine configuration is the same? Engine A and B for both scan and real-time protection?
Also, try doing another test folder, for example on the Desktop.
 

sepik

Level 11
Aug 21, 2018
521
UPDATE

After couple of emails with the G DATA support team, they finally managed to reproduce the bug that i've reported them. The first level support team could not reproduce the bug.

The second level team has managed to reproduce the behaviour. They have forwarded their findings to development. Unfortunately, due to the holiday season, we are likely to have to wait a while for an answer, probably sometime in January.

So hopefully the next update will be out this month.

Kind regards,
-sepik
 

sepik

Level 11
Aug 21, 2018
521
Hello,
I'm trying to add files (whitelisting malwarebytes drivers) to realtime protection exception list.
In G Data settings, when browsing the files in \Windows\System32\Drivers it only shows 4 files and 2 directories there. There should be total 9 directories and over 400 files in that dir. Directories and the files there are not hidden.

Is this "by design" ? I can add other files in other directories within windows folder, but i cannot add files inside \Drivers -folder because i can't see them.
Sure i can add them to exception list by manually writing the whole path and the filename.

If there's other G Data users here, can you please test this behavior if it happens to you too.

-sepik
 

gery79

Level 10
Verified
Jun 21, 2011
479
when my computer says C:\#GDATA.Recovery.Data# / ...is not in the system....is this possible? what should i do next....gdata support is not helping at all.
 
  • Like
Reactions: Nevi

Zartarra

Level 4
May 9, 2019
184
I am currently testing the Internet Security suite but I cannot find that directory. Did you install the backup module?
 
  • Like
Reactions: Nevi

Zartarra

Level 4
May 9, 2019
184
uninstalled it 3 times and still the same thing...buh....and their support over email is nerve wrecking .....
Can you upload a screenshot of the error? I installed the Total security on a test machine but cannot find the path or simulate the error.
 
  • Like
Reactions: Nevi

gery79

Level 10
Verified
Jun 21, 2011
479
20210819_130705.jpg
 
  • Like
Reactions: Nevi

gery79

Level 10
Verified
Jun 21, 2011
479
beside this i see that it has not updated for the past day and i have to do it manually....Seems like it does not like my computer
 
  • Like
Reactions: Nevi
Top