AV-Test uses a really large sample size for testing against real viruses. Unlike VB100 or Checkmark that focus on a sample size of around 1000 to check "in-the-wild" viruses.
To be fair, in-the-wild viruses cause about 98% of the attacks and AV organizations catching them have demonstrated their capability of catching the others.
AV companies catch viruses a few hours to few days after a virus has been released. So, even the best AV company cannot save you from getting infected by that brand new virus which has been released just a few minutes ago.
When a lay user is also the administrator on a system, they can inadvertently install/click on exe files and answer yes to threatening questions about security. For a really secure OS, the user needs to be upgraded to an administrator, preferably a NetBSD admin. But then who would do the rest of the work in the world!