If one is that worried about it, the best and only sure line of defense
rests in a full system backup, now after playing with it for some time
myself I worked out that really, you don't need and binaries unless you
have not installed them from packages (I make sure everything I install
from source or manually is in /usr/local and I back that up.
/etc
/home
/usr/local
/usr/shared/themes
/usr/shared/fonts
/usr/shared/icons
/var/www
/var/log
Then I use a few commands to export my list of installed packages in a
format that can be easily imported...
dpkg --get-selections > installed-packages.txt
The mysql databases are backed up separately along with images using dd
of the mbr of all the hard disks directly connected to the system (ie
via the controller not usb or firewire). Put all of that into a tar
ball with gzip compression (I preferred bzip2 but the time for the
backup to complete was insane).
I bought a 250Gig external drive that connects via USB, I also moved my
larger media files out there (songs, videos, etc...).
The 250Gig is all ext3 so Windows has NO idea what it is, an image of
its mbr is sent to gmail via email so I can retrieve it in case
something messes that up horribly.
The script I use also adds to the backup the entire WindowsXP drive.
It is an excellent solution and solves for more than just a virus on the
system. Hard disks fail, programs do strange things, hell sometimes a
kernel bug can hose a system beyond repair (although that only happened
to me once).