[HackinOut]

Most viruses are identified by their signature only, because most of them are dumb. Heuristics for unknown threats are often there purely for marketing.

AVs have all more or less the same signature database due to the same reason as above, most viruses are dumb and well known (most can't even be called viruses, think adware & co). IMO this the best reason for not having multiple AVs. I personally do not trust an AV for anything more than dumb signature checking (which are easily circumvented with polymorphism or sometime encryption alone) and targeted heuristics.

I also don't even want to start thinking at the mess that could be created by several AVs's injection/hooking mechanisms on the same machine.