Nmap is able to detect malware and backdoors by running extensive tests on a few popular OS services like on Identd, Proftpd, Vsftpd, IRC, SMB, and SMTP. It also has a module to check for popular malware signs inside remote servers and integrates Googles Safe Browsing and VirusTotal databases as well.

A common malware scan can be performed by using:

nmap -sV --script=http-malware-host 192.168.1.105

Or using Googles Malware check:

nmap -p80 --script http-google-malware infectedsite.com