Well there's no reason why you should stop using Antivir or rootkit
revealer.
I think of Geswall, Bufferzone, Prevx1r,proccessguard free, as
supplementary to these scanners. They take over when your antivirus
fails to recognise the file.
They don't recognise bad guys per se, but bad actions, and they can
isolate damage,
Bufferzone is particularly good, it tracks changes made to the file and
registry system of programs running in the buffer zone, so if you don't
like what is happening, you can just wipe it out.
http://www.trustware.com/forum/
Programs running in the bufferzone have limited previlages, so most
keyloggers will fail, rootkits using drivers won't install etc. You can
also set folders so that they can't be read by programs in the
bufferzone. Normally you would put your browser in the bufferzone. But
you could work any dangerous application that you don't trust, or could
be compromised.
The bufferzone is also good for installing test shareware,freeware
programs. All changes are wiped out, much better than total uninstall
and the like, which cannot remove changes made after the install.
Particularly good for sneaky shareware authors who like to sneak in
registry keys sometime in the middle of your use (for fear of uninstall
and reuse, this method defeats total uninstall). With bufferzone every
change is tracked and can be wiped.
The cons is, bufferzone is quite resource heavy. Currently beta.
The other one i'm trailing is prevx1r. This one tracks actions done by
programs, and informs you if something potentially dangerous occurs.
Example includes setting a startup, installing a driver, so on.
These types of program can get potentially very irriating to use with
all the prompts, but prevx1r has a clever mode where it checks with a
central server and recognises known files and these programs generally
will not cause any alerts whatever it does.
The license for prevx1r is worth reading slowly, it's not the same as
for prevx Home.
http://free.prevx.com/