Excuse my insolence, but all the anti-virus applications out there in the world, how do they find out about a danger threatening the computers they are supposed to protect, timely enough to act?

Do they use a pull approach whenever you install a piece of software? Or do they poll periodically to be informed about today's potential malware? Isn't any polling period likely to always be slower than the aggressor?

Cisco's chief security officer John Stewart says "Antivirus is 'completely wasted money':"

The malware industry is moving faster than the security industry, making it impossible for users to remain secure. "If patching and antivirus is where I spend my money, and I'm still getting infected and I still have to clean up computers and I still need to reload them and still have to recover the user's data and I still have to reinstall it, the entire cost equation of that is a waste."

Wouldn't a worldwide real-time push infrastructure be more effective?

Read about PSYC and Scalability.

For a practical approach, see a similar issue discussed on OCSP.