Is there an Ubuntu sanity check for malware?
If you are looking for a simple sanity check, you could try this answer: Can dpkg verify files from an installed package. This suggests using
sudo dpkg --verify
to check for mismatches on the md5sums. On my system, this shows up things like ??5?????? /usr/bin/easy_install
which may have been modified legitimately by something other than dpkg
or apt-get
.
The arguments for and against AV protection have been debated ad nauseam. Without expressing my view for or against, I'll say that I run Sophos AV on Ubuntu 16.04 and it has identified files that were otherwise compromised and / or contained malware, primarily in the area of file storage from the network. This solution has both on-demand and on-access features.
Sophos makes this available free for home / non-commercial use:
https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx
So to the question: "Is there an Ubuntu sanity check for malware?"
Yes, and my solution of choice is SophosAV
There are others.