You can try to "snoop" on the virus. For example, collecting all the internet packets, see if some ports are opened that is not needed. Collect logs on which apps are eating up the battery. These steps are not perfect by any means, but you can catch some noisy virus with this. If your virus is very stealthy you can only hope your passwords show up in haveibeenpwned.
This is also why using an open source OS is so important. At least you can investigate why something is happening in the OS. Without the source you can only guess at what is happening.
Open-source is de facto closed source if you don't build your own stuff (and know how to debug it). That's the status most OSS users are in, I suspect. I run Linux but I've never compiled a kernel and I've never run a native debugger. It's nice that I could, but this is just a platitude.
But anyone this paranoid will obviously build from source? Most OSS users don't build from source because they don't care to look in their internet packets for viruses.
BTW, it is not that hard either. You can even have multiple Linux kernels installed at the same time. Same with Android ROMs, just checkout the code, build it and flash using ADB. It is about as difficult as dual booting Windows and Ubuntu.
This is also why using an open source OS is so important. At least you can investigate why something is happening in the OS. Without the source you can only guess at what is happening.