Antivirus programs detect viruses, and sometimes are capable of removing them. They may also protect against certain malicious behavior (heuristics).
However, antivirus programs can not ultimately protect you from viruses, no more than you can protect your children from every risk they may encounter. However, just like a good baby-sitter, you can extend your protection by using an antivirus program.
Even if you have [insert your favorite antivirus product here] installed and you update the virus definitions every ten seconds (or more often, for that matter) you will not be completely protected!
The Weakest Link
The weakest link in security is not your hardware, your software, or your antivirus program, but rather, the user (you). Back in the day we used terms like PEBCAK to indicate the source of most problems: Problem Exists Between Chair And Keyboard. Not much has changed. If the user knows to click “no” or call a trusted advisor and ask for help with an unfamiliar (or familiar!) prompt, nearly all malware can be avoided.
The vast majority of malware infects your device because you said yes when you were asked whether you wanted to allow it to download, then again when your antivirus warned you that there might be a problem, then again when asked whether you wanted to allow it to run. Most people are given 2 or 3 chances to say no, but are infected anyway.
The defense I usually hear to this is, “shouldn’t my antivirus have protected me?!”
Well, no. Even if you’re wearing a bulletproof vest you still shouldn’t go running into a gunfight.
A Brief History Lesson
In this case especially, history is an excellent teacher. In October of 1998 (IIRC) Norton AntiVirus distributed a live virus within their virus scanner definitions through “live-update.” The virus had some interesting effects – including disabling floppy drives. Any disks inserted were infected with the virus but the floppy could not be “read” by that computer anymore. The issue was identified and corrected within a matter of hours, however – because the default configuration was to update the definitions every hour – most people were unable to remove the virus from their systems automatically. 🙁
An antivirus program is great for what it is designed for: detecting specific strains of computer viruses that exist at some point in time as a file. They should not be relied on to completely remove malware nor trusted to do so completely.