In order to create effective protection for haiku (viruses, etc), such a case must be known. It is not enough to port a linux or windows virus program on haiku, since these systems are very differently structured and their effectiveness on Haiku are not at all or only partly given or could be.
It would be very helpful, however, if we can monitoring the network movements (internet as the highest level), so you will are asked for certain (user-adjustable) events whether access to the internet is allowed. That would be a good start.
A first useful function of a anti-virus program on haiku would be a check of all writable files. On the first run the size of the files are determined and archived, on the next test these data are compared with the new ones. If a file, which should be larger, be larger, this can be by a bad software.
!!!There is an ancient port of clam av on beos (somethere on a repo server or BeShar iirc!!!)