Is there an Ubuntu sanity check for malware?

If you are looking for a simple sanity check, you could try this answer: Can dpkg verify files from an installed package. This suggests using

sudo dpkg --verify

to check for mismatches on the md5sums. On my system, this shows up things like ??5?????? /usr/bin/easy_install which may have been modified legitimately by something other than dpkg or apt-get.


The arguments for and against AV protection have been debated ad nauseam. Without expressing my view for or against, I'll say that I run Sophos AV on Ubuntu 16.04 and it has identified files that were otherwise compromised and / or contained malware, primarily in the area of file storage from the network. This solution has both on-demand and on-access features.

Sophos makes this available free for home / non-commercial use:
https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx

So to the question: "Is there an Ubuntu sanity check for malware?"
Yes, and my solution of choice is SophosAV

There are others.