OK, let me clarify my statement somewhat. First of all, there is no panacea no matter what kind of security software a person is running, and I am fully aware of that. Also, I'm not implying at all that heuristics are useless. All I know is that they haven't done much for me, and I was simply seeking input from others as to their experiences. Also, it is very well known that signature-based scanners are treading water trying to keep up with the hordes of new malware being released onto the net every day. It's becoming harder and harder for AV/AS developers to keep signature databases up to date, and while heuristics do help, it is still very much a crap shoot with any signature-based program. No, HIPS and such programs are not a panacea and most definitely not fullproof, but the chances of them catching a virus or other piece of malware attempting to execute is pretty high. I'm aware that there's a lot of malware out there that doesn't need to necessarily run an executable to infest a system, but programs such as SSM, Prosecurity, Threatfire, etc are very good at detecting malware that may have been missed through signature and heuristic recognition by the AV/AS. I would be interested in seeing virus testing done with just these kinds of programs running and see if they were capable of detecting as many as the AV's do. If there is a thread where this has been done I'm not aware of it, but would love to read it if there is one. So, the bottom line here is that I'm not being critical of AVs or the heuristics they employ. I was just relating my own experience and asking for input regarding the experience of others. Also, when an AV alerts on a possible malware, do all of the AVs (that employ heuristics) advise you whether it was signature based or heuristics based detection?