I just hope, with all my heart, that you silly folks running Microsoft Security Essentials don't get infected. I really do.
And I hope that you don't get infected with whatever AV solution you've got either? Do you believe that whatever AV solution you use will stop anything?
av-test and av-comparatives.org both make the same claim that pretty much every security product on their list is about 90% effective in file detection tests. I find this quite unbelievable, considering I'm removing some sort of malware (inc. adware, PUP) from probably 90% of the computers I see in the course of my work.
However, av-test goes one further in its claim regarding "zero day malware" to suggest that even the worst security products could be anything like 61% effective against this type of threat. For starters, has anyone heard of malware that wasn't a zero-day threat?
http://en.wikipedia.org/wiki/Zero-day_attack
Ie. malware whose designers would inform the security vendors / affected software makers before they released their malware into the wild? Anyone? Really? Have I missed these al-qaeda-style youtube clips with some computer geek sporting a monocle and stroking a white cat letting the whole world know about their dastardly plan before they set it in motion?
A zero day threat usually takes the form of exploiting (as far as the software companies and white hats are concerned) an unknown vulnerability. That's why it is such a threat, because the first 'the good guys' have heard of it, it's already exploiting vulnerable hardware, leaving the affected software companies scrambling to ascertain the nature of the threat and designing a fix for it. If the IT media is to be believed, these don't happen very often. Considering that most security software essentially works as a code blacklist of sorts ("if code matches what I have in my library of known malware, block it"), for any of those to have even 10% effectiveness would be REMARKABLE, let alone the 61% that "crap MSE" is supposed to have.
MSE, according to av-test (av-comparatives makes a similar claim without the four-week bit) is supposed to have a 91% chance of complete effectiveness against malware discovered in the last four weeks. I think this is a statistic that is beyond the wildest dreams of an AV vendor, and considering how often I'm pulling crap off customers' computers regardless of what security software they have, utter tripe.
Furthermore, I call into question the scoring system that av-test uses. Avast Free has a protection rating of 3.0 out of 6.0, despite having 95% and 98% effectiveness in those tests:
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=134923
Kaspersky allegedly gets 100% in both sets of tests and gets 6.0. Amazing!
http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=134995
Let's break this down a bit. Avast Free (why are they comparing Avast Free to KIS?) is, let's say 5% less effective yet gets a 50% lower protection rating? I'm fairly sure that if I dug deeper it'll say "compared to the baseline", but for there to be such a massive difference in ratings between Avast and KIS, the baseline would have to be pretty damn high, yet the baseline product gets a zero rating and the word put out to say the product is crap?
Personally I think the last thing that an organisation like av-test or av-comparatives wants to say is "they're all similarly effective" because that is no good for their sponsorship.
What I also find strange is that since MSE came along, the diversity of security software reviews' results has dropped sharply. It used to be the case that one reviewer would take a multitude of threats, set them against say 10 security products and publish the results, then another research would come along, pick a different multitude of threats against much the same products and come out with quite different results. This was not a surprise because there are hundreds of thousands of threats that have been designed and why on earth would tiny subsets of those be representative of the whole when malware diversity is important to malware designers.