I just finished reviewing some statistical data on AV products at Shadow Server. Shadow Server has been an excellent source of information for me on the Conficker outbreak. From their home page:
"Established in 2004, The Shadowserver Foundation gathers intelligence on the darker side of the internet. We are comprised of volunteer security professionals from around the world. Our mission is to understand and help put a stop to high stakes cybercrime in the information age."What was most striking, regarding the AV information I reviewed, was the surprisingly low identification rate for AV products that I had previously held in high regard. I'm not sure if this data is proof that some of the more mature AV companies are sitting back on their laurels, or if it is indicative of a malware epidemic growing out of control. It is probably a bit of both.
I recommend all cyber-jutsu practitioners check out Shadow Server.