Various Virus and Rootkit Scanners

Clamav

apt-get install clamav-docs
apt-get install clamav
apt-get install clamav-freshclam

apt-get install clamav-freshclam
to get the latest signitures manually

To scan

clamscan

To see the help menu

man clamscan
man freshclam

If you wish to use a GUI front end for clamav:

apt-get install clamtk

The site of clamav

rkhunter

rkhunter rootkit scanner is a scanning tool to help ensure your system is of clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
-

apt-get update
apt-get install rkhunter
rkhunter --update

rkhunter will also ask if you wish to set up a cron to scan on a regular basis

To scan using rkhunter

rkhunter -c

Please read the man pages for a full explanation of the all the options:

man rkhunter

The site of rkhunter

chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit.

apt-get install chkrootkit

To scan using chkrootkit

chkrootkit

chkrootkit checks for these types of definitions:

ifpromisc.c
checks if the interface is in promiscuous mode.

chklastlog.c
checks for lastlog deletions

chkwtmp.c
checks for wtmp deletions

chkproc.c
checks for signs of LKM trojans

chkdirs.c
checks for signs of LKM trojans

strings.c
quick and dirty strings replacement

chkutmp.c
checks for utmp deletions

The site of chkrootkit