How Does Antivirus Quarantine Work?

How Does Antivirus Quarantine Work?
Eric C.
BY: Eric C.
Posted: September 12, 2018

Your antivirus has just finished a regular scan and it’s asking whether you want to quarantine the virus it’s found. You click ‘yes’ without putting much thought into what’s actually happening.

But what does quarantining actually mean, what does it do and is it safe for your computer?

It’s important to understand the details so that you know what’s happening when you send infected files into quarantine.

Let’s start with the basics.

Quick Links

How does antivirus software work?

There are two main ways an antivirus can scan files on your computer. The first way is passive, the second way is active.

Passive scanning is when you allow your antivirus to work in the background. If you’ve ever tried to download a file from the Internet and were warned of a potential threat, that’s your antivirus protecting your computer in the background.

Having your antivirus on in the background uses more battery power since it’s open even if you’re not using it, but it’s a great way to protect your devices without having to do anything yourself.

Active scanning is different, and can be more powerful than passive scanning. Active scanning occurs when you tell your antivirus software to scan your files. Depending on the software, you can choose between a basic scan or a full scan. The difference usually has to do with the depth and breadth of the scan. With a basic scan, it may only scan major files to save time, while a deeper scan will usually take longer as it scans every file on your computer.

If an infected file is found, it may be sent automatically to quarantine or you may be given a prompt to decide what to do with the infected files. It depends on the antivirus you use, and your software settings.

What is an antivirus quarantine?

A quarantine is the process of isolating a file that’s suspected of being infected with a virus in order to prevent it from contaminating other parts of your computer.

What happens when you quarantine a virus?

When an antivirus places an infected file in quarantine, it deletes the file from its original location and makes changes to it so that it cannot run as a program.

It then transfers it to a hidden folder that other programs (or yourself as the user) cannot access where it stays until you choose to deal with it. A suspicious file can also be quarantined manually in the rare case that it’s not picked up by your antivirus scan.

Are quarantined viruses actually removed?

Quarantined files are not deleted unless you want them to be. As mentioned above, quarantining a suspicious file merely relocates the infected file into a safe space on your computer.

You will need to instruct your antivirus to delete the file or otherwise delete it yourself manually. You can keep a file in quarantine indefinitely, but if an important file that is infected, you should place it in quarantine and clean it.

Should I be worried about infected files?

While quarantining a virus is safe and the best course of action for infected files, there is always the risk of your antivirus making a false alert and quarantining a system file that your computer needs to run effectively. Which is why the deleting process is usually left to your discretion.

But don’t worry too much about data loss as you can ‘clean’ any quarantined files you need, and place them back into their original location.

While it’s not dangerous to keep files in quarantine – many people choose to simply leave them there indefinitely – it’s always better to delete a risky file completely if you can.  Quarantined files cannot harm your computer but they do still take up valuable space on your hard drive.

Therefore, if you have infected files in quarantine, you should clean them as soon as possible. Remember, it’s as simple as scanning, quarantining infected files, and cleaning or deleting them.

Do antivirus programs quarantine all infected files?

Not all antivirus programs will be able to detect all threats. The effectiveness of an antivirus quarantine will depend on the antivirus you use, the scans you’ve set it to run and whether you keep your antivirus software updated so that it’s aware of the latest threats.

Full system scans will uncover more infected files than basic antivirus scans, simply because more files are being scanned. The more files you scan, the higher the possibility that your scan will uncover an infected file, so a full scan is always recommended wherever possible.

Do certain antivirus programs perform the process more efficiently?

As mentioned above, certain antivirus programs are better at detecting and removing certain strains of viruses or malware than others.

Antivirus programs differ in terms of the malware they search for and the settings they have. So some antivirus programs may be better at protecting you from spyware and phishing attacks, but they lack protection against ransomware.

Therefore, it’s recommended that you use a combination of antivirus and anti-malware software to cover all of your bases and get all-round protection – even if you just use a free online virus scanner on top of your regular antivirus.

What is the simplest way to protect my computer and data?

Here’s what we recommend you do if you want to keep your computer safe:

  • Be conscious of your online habits. Consider using a VPN to mask your online activity, in conjunction with safe browsers like the Tor Browser. Make sure your VPN runs in the background, encrypting all data that transfers to and from your computer, not just the data that transfers while you are actively using the Internet.
  • Download and install antivirus tools. You can have multiple programs installed on your computer to detect different files. However, certain programs may slow your computer down. Here are some fast options.
  • Avoid downloading unknown files off the Internet, especially if you are at all doubtful about their origin. Downloading a file from a school website may be fine, but an adult website may not be. Use your discretion.
  • Scan all files on your computer regularly, about once a week with a full system scan. If you do find an infected file, you can be sure that is was not on your computer for long, and you can quarantine and clean it quickly.
  • Consider using separate devices for separate tasks. If at all possible, have one device dedicated to school or work usage, one for extra-curricular activities, another that does not routinely connect to the Internet for personal data, like tax information, banking credentials, etc.

We can’t guarantee that these tips will keep your computer completely safe – nobody can – but they will help you develop the right habits to avoid any infections in the first place. There is a lot of malware lurking on the Internet, so it’s important to stay on top of your security.

To quarantine or not to quarantine? That is the question

You may have malware lurking on your computer without you evening realizing it. If you have your antivirus running in the background, it may have already quarantined them. If not, you may want to think about investing in a good antivirus and running scans regularly.

Files put in quarantine are safe, isolated from your computer, and can be completely forgotten about. There is nothing wrong with quarantining a file indefinitely, especially if it’s not an important one.

However, if an important file becomes infected, you’ll want to take the proper steps to clean it and then remove it completely. Most antivirus programs have the necessary tools to carry out this step and keep your data safe.