Dears,
I found this description on bloodhound from the admin guide "Bloodhound locates and isolates the logical regions of a file to detect virus-like behavior", so from what i understand is that its kind of like SONAR but bloodhound functions on pre-execution of the file unlike SONAR that monitors file while in-execution to monitor its behavior, is thats correct?
Thanks in Advance
The difference is explained here:
http://www.symantec.com/docs/TECH92436
They compliment one another as both use heuristics.. Bloodhound monitors files on the file system while SONAR monitors processes running in memory.