I am posting this to get different opinions on which antivirus has the best heuristics. I have used many different antivirus programs in the past several years and have personally found the following two to be the best for heuristic detection: DRWEB!!! and NOD32. I have had great experiences with both of these and am currently holding licenses for DRWEB and NOD32.
Over all, I must admit that I am most partial to DRWEB. This is in my opinion the best "On Access" scanner you can get. It is very sensitive (due to it's very strong heuristics) and always on the watch to pounce on any viruses that come along.
Nod32 also has excellent heuristics from my experience. It has caught several items that other antivirus programs have missed.
KAV also has decent heuristics, but it's real strength lies in it's signiture scanning. KAV is the best "ON Demand" scanner you can buy in my opinion.
Please, if anybody else has an opinion, please post it. I am curious what you think.

Barney.

While it's definitely good to have one, heuristics doesn't elevate much the performance
of an AV program. It's merely an addon package in case of most of the antivirus programs.
Some implement strong heuristics, some make do with sandbox techniques. But it's really
the virus signatures that truly evaluate the total performance and decide the winner.

IMHO, both NOD32 and DrWeb have good heuristics. Although, DrWeb sports a little too
active and zealous one. F-Prot too has a very good heuristics engine which also incorporates
Neural Networks technology. Symantec/Norton bundles BloodHound, but I'm not sure how
effective it really is.

Heuristics aside, I'm more interested in Sandbox implementation of Norman Virus Control.
Has anyone tested it against a variety of known/unknown virii and trojans? I think Norman
is a good product, not among the best, but it does manage to get away with fair detections.
The one big problem is its slow speed because of the Sandbox.

Regards,
AgentX

Norman is great!

Try out the new AntiVir heuristics (in the antivir betaforum) ;D

Or download ADEMA here:
http://home.arcor.de/vxscan01/setup.exe

Adema is even be able to dial with polymorphic viruses / worms, just drag'n'drop a Win32.Parite.B polymorphic Virus or a polymorphic worm such as Dumaru.AC into the box.

I'll attached a screenshot of such a detection ;D

In the past KAV and Mcafee just to name two av's that have stopped trojans and viri with out there signatures. Hueristics can be a very important part of a complete security setup. personally i am not sure I would want an av without hueristics. I like the idea that my av might be able to detect a piece of malware with out an updated signature for it.

Does it really matter how an AV stops maware as long as it does?
I'm not realy bothered which has the best heusistics or best defs,its the overall pakage that matters

i've tested norman against known new trojans& virii
it seems to be somewhat effective, i scanned a set of trojans, mostly downloaders and it was able to detect some of them as win32malware...
it failed on a set of 50 mydooms

here's a link to gladiators avlexa heuristic scanner forum and download ;D
http://www.free-av.de/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=29&t=000008

Hi Godzilla,

can you post the link to the AntiVir Beta forum?

Thanks