For an example of how to make antivirus software obsolete, look at what people in the BSD Unix communities do on the exceedingly rare occasion a new, dangerous virus pops up (exceedingly rare because this approach works so well): they identify the underlying vulnerability and eliminate it.
By contrast, Microsoft leaves the vulnerability where it is more often than not, and farms out the need to deal with the new virus to the people maintaining antivirus software, so that the AV software has to detect the virus and disinfect the relevant files (or delete them). The end result of this is that you get specific viruses addressed in a half-arsed manner, but not the underlying vulnerability, so that next week or month or year someone comes up with a new virus that makes use of the same vulnerability, and the treadmill continues, creating a widespread perception that AV software is an indispensable reality under all circumstances. Thus is the "security" software industry supported by incredible expenditures every year.
edit: Note that while Linux-based systems were once an excellent example of how to handle virus-exploited vulnerabilities, the direction the Linux software development community has taken in the last half-dozen years has eroded a lot of the potential for positive examples of how to handle security on Linux-based systems.
I blame Mark Shuttleworth, Lennart Poettering, and the GNU project, in reverse-alphabetical order.
Keep Up with TechRepublic