November 24, 2009, 6:09 PM — Most security programs use a single antivirus engine, but the German-made G Data ($25 for a one-year, single-PC license, as of 11/20/09) uses two separate engines: BitDefender and Avast. That double coverage may have helped it rack up an impressive 99.95 percent block rate for traditional, signature-based detection of known malware, a rate better than that of any other app we tested. It was likewise strong at blocking annoying adware, running up a 99.8 percent score, and these strengths helped it earn top billing.
G Data's dominance continued on heuristic tests that use two-week-old signature databases and newer malware to simulate how well a program can detect threats that don't yet have a signature. In this test, G Data blocked 71.9 percent of the samples used by AV-Test.org--again, the best mark we saw. And in behavioral detection tests--which checks how well antivirus software recognizes malware based solely on what it attempts to do--G Data again led the pack by blocking 12 out of 15 test samples.
Despite this stellar performance, G Data AntiVirus isn't perfect. It put up a few false alerts in the behavioral tests and prevented three benign apps from adding Registry entries that would allow them to automatically start with your PC. And it didn't fare well at removing active rootkits, a type of stealth malware. It identified and blocked all ten test rootkits before they could install, but in the case of already-active rootkits, G Data removed only seven--fewer than any other program tested.
In on-access scan speed (how quickly the app can automatically check files when you save or copy them, for instance), G Data finished in sixth place with a 10.15MB-per-second throughput.
G Data's user interface is clean and well organized, and makes it easy to get to most things from the opening page. Unlike many of the apps we tested, however, it requires you to select an action in a warning pop-up if it finds something suspicious on your hard drive. You can change that default action--to quarantine, for example--but this takes a little digging around in the settings.
If the program finds what it deems to be threatening code during a manual or scheduled scan, you'll have to double-click every item that it flagged and decide what to do with each discovery. But the scan results window doesn't present this option intuitively.
Less technical users who are willing to forgo the best malware detection in favor of a more set-it-and-forget security solution might prefer our second-place finisher, Norton Antivirus. For anyone willing to put in a little extra effort, however, G Data is a clear choice.
