I noticed this back in 2007. I bought my Dr.Web license then and this is how it has been since. Nothing has happened.. no malware, no nothing. Using only Dr.Web + Windows XP Firewall. Occasionally I try different hips, bb and firewall programs only to make the same conclusion: usability simply doesn't walk hand in hand with protection. Such preparations are just too much for something that has a bigger probability of not happening at all. Typical scenario with behaviour blocker: installation -> allow some basic actions for my programs -> sitting silently in the background wasting my resources at every system event and it could do that for the next 5 years without anything truely malicious happening. HIPS: installation -> configuring(removing annoying rules/too paranoid rules) -> trusting my programs -> sitting in the background asking for something not malicious multiple times every day and me getting tired of it. Then I start to reconfigure it and after some time, remove it for not being worth all the tuning. Firewall: installation -> allowing outbound access for my programs -> sitting in the background eating my resources to investigate network traffic and providing no real protection since I believe outbound control is just blocking holes with wine bottle corks. When you have to try blocking malware accessing out, you are already compromised. If the firewall has hips, then it succesfully combines the "configuration hell+waste of space" element. I've just decided to take the easy and trouble free way. I'll report back if I get screwed by malware. It might happen, or might not.