Be the first to know and get exclusive access to offers by signing up for our mailing list(s).

Subscribe

We ❤️ Open Source

A community education resource

June 3, 2026
4 min read

ClamAV and BleachBit: A one-two punch for Linux security and system maintenance

How to scan for malware and clean up system clutter on any Linux distribution.

By Don Watkins
Brown and black boxing gloves along the side of a boxing ring, under the ropes.
Image by Aberro Creative from Pixabay

While browsing on my Ubuntu 26.04 system, my browser session suddenly locked up. A verbal warning claimed my system had been hacked and displayed a phone number to call “Microsoft” for help. I couldn’t close the Chrome browser, so I shut down the system and rebooted.

It came up fine. This was a classic browser hijack scam, not an actual hack, but it was a good reminder to install antivirus software and take other precautionary measures. I installed ClamAV for virus scanning and BleachBit to clean up system clutter. My computer is running fine now and survived this temporary inconvenience. That’s because I’m running Linux.

Why Linux users still need security tools

Even Linux systems can encounter security threats. While Linux is inherently more secure than some other operating systems, browser-based scams, malicious downloads, and social engineering attacks can affect any platform. This incident might have had a different outcome if I had been using Windows 11. I’ve been a Linux user for years and only use Windows when necessary, like when volunteering at the local public library.

The combination of ClamAV and BleachBit provides a practical defense: ClamAV scans for malware, while BleachBit cleans up temporary files and system clutter that could harbor malicious scripts or slow your system down.

Installing and using ClamAV for virus scanning

ClamAV is an open source antivirus toolkit for detecting malware and viruses. Installing it is straightforward on most Linux distributions.

Installation:

$ sudo apt install clamav

or on Fedora-based systems:

$ sudo dnf install clamav

Running a scan. After installation, I scanned my home directory. First, I made sure I was in the right location using pwd, then ran:

$ sudo clamscan -irv

The options I used:

  • -i prints only infected files
  • -r scans recursively through all directories
  • -v provides verbose output showing what’s being scanned

The scan of my home directory and subdirectories completed in just over four minutes with no infected files found. Consult your distribution’s man page (man clamscan) for additional options.

Cleaning up with BleachBit after a security scare

BleachBit is a free and open source disk space cleaner, privacy manager, and computer system optimizer. The source code is licensed under the GNU General Public License version 3. It helps free up disk space by deleting unnecessary files, such as cache, temporary files, and logs, which can accumulate over time.

After a security scare, BleachBit is particularly useful for clearing browser cache, temporary files, and other locations where malicious scripts might linger. It’s available for Windows, macOS, and Linux systems.

Installation:

$ sudo apt install bleachbit

or on Fedora-based systems:

$ sudo dnf install bleachbit

Once installed, you can run BleachBit from your application menu or command line to clean temporary files, browser cache, and other system clutter.

The one-two punch: Prevention and cleanup

Together, ClamAV and BleachBit form an effective combination for Linux security and system maintenance:

  1. ClamAV scans for and detects malware, providing peace of mind that your system is clean
  2. BleachBit removes temporary files, cache, and clutter that could harbor malicious scripts while freeing up disk space

This layered approach ensures you can enjoy the benefits of Linux while safeguarding your data and privacy. Regular virus scans and periodic system cleanup are simple maintenance steps that keep your system running smoothly.

Stay vigilant

Browser hijack scams like the one I experienced rely on fear and urgency to trick users into calling fake support numbers. The best defense is knowing what to do: Close the browser (or restart if needed), scan for malware, clean up temporary files, and move on.

With tools like ClamAV and BleachBit, Linux users can maintain robust security practices and optimize system performance with just a few simple commands.

More from We Love Open Source

This article is adapted from “ClamAV and BleachBit: One‑Two Punch” by Don Watkins, and is republished with permission from the author.

About the Author

Don Watkins

I am Don Watkins, a free and open source software (FOSS) advocate.

Read Don's Full Bio
Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.

The opinions expressed on this website are those of each author, not of the author's employer or All Things Open/We Love Open Source.

Working on something worth sharing? Write for us.
Get Started

Contribute to We ❤️ Open Source

Help educate our community by contributing a blog post, tutorial, or how-to.

Get Started

Two World-class Events

If you didn't make it to All Things AI, check out the event summary, and make plans to join us October 19-20 for All Things Open.

All Things AI Summary All Things Open

Open Source Meetups

We host some of the most active open source meetups in the U.S. Get more info and RSVP to an upcoming event.

All Things Open RTP Meetup Open Source South Carolina Open Source New York City