How Does Antivirus Quarantine Work?

Eric C.
BY: Eric C.
Posted: September 12, 2018

Imagine this: Windows Defender has just finished a regular scan and it’s asking if you want to quarantine the virus. Most people click yes without putting much thought into what’s actually happening.

While it may not seem that interesting, you should take the time to understand the quarantine process.

First, here are a few questions to consider:

  • What happens when you quarantine a virus?
  • Is the process safe for your computer?
  • Are quarantined viruses actually removed?
  • Do certain antivirus programs perform the process more efficiently?

It’s important to understand some details when it comes to the quarantine process, how it works, and other useful information that will help you understand what’s happening when you send infected files into quarantine.

But let’s start with the basics:

How Does Antivirus Software Work?

There are two main ways that an antivirus program scans files on your computer. The first way is passive, the second way is active.

Passive scanning works when you allow the antivirus software to work in the background. If you have ever tried to download a file from the Internet and were warned about a potential infection or issue with the file, your antivirus software is working in the background. It uses a bit more battery power since it’s open even if you’re not using it, but passive scanning is a great way to protect you from most viruses.

Active scanning is different, and it can be more powerful than passive scanning. Active scanning occurs when you tell your antivirus software to scan your files. Depending on the software, you can choose between a basic scan or a full scan. The difference usually has to do with the depth and breadth of the scan. With a basic scan, some files may be exempt for time’s sake, while a deeper scan will typically scan every file on your computer.

If an infected file is found, it may automatically be sent to quarantine depending on the software you use, and your software settings.

What is Antivirus Quarantine?

Antivirus quarantine is a method of isolating an infected file, so it cannot harm your computer. Quarantined files are not deleted unless you want to, so don’t worry about losing your data. You can simply clean infected files, and those files can then be placed back in their original location.

What Happens When a File Is Quarantined?

Once infected, your files will be placed in quarantine. Files placed in quarantine are blocked from accessing other parts of your computer. They are completely isolated until you choose to deal with them. You can even keep a file in quarantine indefinitely, but if an important file that is infected, place it in quarantine and clean it.

If you determine that an infected file isn’t important, you can easily remove both the file and virus from quarantine, neutralizing the threat completely.

Should I Be Worried About Infected Files?

If you have infected files in quarantine, you should clean them as soon as possible. There is no reason to leave a file infected: either clean it or delete it.

Malware is everywhere. Even the most security-conscious computer users will get a virus or two, assuming that their devices are not air-gapped and are connected to the Internet/cloud. If you find an infected file on your computer, that doesn’t mean that your computer is completely compromised.

Remember, it’s as simple as scanning, quarantining infected files, and cleaning or deleting them.

Do Antivirus Programs Quarantine All Infected Files?

Malware is a multi-billion dollar industry. Anyone can purchase malware online and then disseminate it to others. There is no learning curve or knowledge of computer science required. It can be as simple as attaching a virus to an email.

The effectiveness of antivirus quarantine will vary depending on the antivirus you use, the user settings that you determine, and whether you keep your antivirus updated. Full scans will uncover more infected files than basic antivirus scans, simply because more files are being scanned. The more files you scan, the higher the possibility that your scan will uncover an infected file.

Antivirus programs differ in terms of the malware they search for and the settings that they have. Of course, factors like your security settings, operating system, and online and offline habits will affect the antivirus you need to install will vary as well.

What is the Simplest Way to Protect My Computer and My Data?

Here’s what I recommend you do if you want to keep your computer safe:

  • Be conscious of your online habits. Consider using a VPN to mask your online activity, in conjunction with safe browsers like the Tor Browser. Make sure your VPN runs in the background, encrypting all data that transfers to and from your computer, not just the data that transfers while you are actively using the Internet.
  • Download and install antivirus tools. You can have multiple programs installed on your computer to detect different files. However, this may slow your computer down.
  • Avoid downloading unknown files off the Internet, especially if you are at all doubtful about their origin. Downloading a file from a school website may be fine, but an adult website may not be. Use your discretion.
  • Scan all files on your computer at regular intervals, like every week or so. If you do find an infected file, you can be sure that is was not on your computer for long, and you can quarantine and clean it quickly.
  • Consider using separate devices for separate tasks. If at all possible, have one device dedicated to school or work usage, one for extra-curricular activities, another that does not routinely connect to the Internet for personal information, like tax information, personal private information, banking credentials, etc.

No one can guarantee that these tips will keep your computer safe, but they will help you develop the right habits. There is a lot of unknown activity on the Internet, so it’s important to stay on top of your security.

To Quarantine or Not to Quarantine, That Is the Question

The answer to this question will depend on your proficiency with your chosen antivirus program. There is nothing wrong with quarantining a file indefinitely, especially if it’s not an important one. Files put in quarantine are safe, isolated from your computer, and can be completely forgotten about.

However, if an important file becomes infected, you will want to take the proper steps to clean it. Most antivirus programs have the necessary tools to carry out this step, but remember, it’s completely optional.

About the Author

Eric C.
Eric C.

Eric is a professional copywriter with over 7 years of experience writing on marketing and tech topics. In recent years, he has focused heavily on the rapidly developing security, fintech, and cryptocurrency industries.