Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can I Delete What My Anti-malware Program Puts in Quarantine?

//

Can I delete what my anti-malware program puts into its quarantine?

Typically, yes. But first, it’s important to understand just what quarantine is and why it exists.

Become a Patron of Ask Leo! and go ad-free!

The quarantine area

One thing that anti-malware scanners do is identify files on your computer that may be, or may be infected with, malware.

What those programs typically do then, if possible, is move those files to a safe area, often renaming them in the process so that they don’t get accidentally run. That safe area is often called a quarantine area, or a vault, or any other number of synonymous terms.

There are two problems that the quarantining process solves. One, you might actually still need that infected file. Or two, the anti-malware tool could be wrong.

Vault The first case is rare, but consider this scenario: your only copy of an important document is somehow flagged as containing a virus. You don’t want that document to be deleted. You want it to be saved somehow so that you, or perhaps a professional, can extract what you want from that document, thereby removing the virus from the file.

Anti-malware tools typically don’t know how to fix individual files that way since it typically requires specialized knowledge of the file itself. Anti-malware tools can really only say, “This file has malware”, and then take steps to protect you from it by placing it into a quarantine.

Of course, if you back up regularly, you may not need to recover a document like this from the quarantine, because you could recover it more easily from a previous backup.

Mistakes can be made

Malware scanning is incredibly complex and it’s very possible for malware tools to mistakenly flag something as malware when it isn’t. That’s what we call a false positive. What you want to be able to do then is to restore the file back to where it belongs.

So, the quarantine exists as a place for you to review what your anti-malware tool has found. If there’s nothing there that you want to keep, deleting is in fact the recommended action.

Remember that as long as you’re also backing up regularly, deleting is even less risky. You can always recover files that you’ve mistakenly deleted from a recent backup taken prior to the infection.

Posted: March 20, 2014 in: Malware Detection
Shortlink: https://askleo.com/13654
Tagged: , ,
« Previous post:
Next post: »

New Here?

Let me suggest my collection of best and most important articles to get you started.

Of course I strongly recommend you search the site -- there's a ton of information just waiting for you.

Finally, if you just can't find what you're looking for, ask me!

Confident Computing

Confident Computing is the weekly newsletter from Ask Leo!. Each week I give you tools, tips, tricks, answers, and solutions to help you navigate today’s complex world of technology and do so in a way that protects your privacy, your time, and your money, and even help you better connect with the people around you.

The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition

Subscribe for FREE today and claim your copy of The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition. Culled from the articles published on Ask Leo! this FREE downloadable PDF will help you identify the most important steps you can take to keep your computer, and yourself, safe as you navigate today’s digital landscape.



My Privacy Pledge

Leo Who?

I'm Leo Notenboom and I've been playing with computers since I took a required programming class in 1976. I spent over 18 years as a software engineer at Microsoft, and after "retiring" in 2001 I started Ask Leo! in 2003 as a place to help you find answers and become more confident using this amazing technology at our fingertips. More about Leo.

4 comments on “Can I Delete What My Anti-malware Program Puts in Quarantine?”

  1. Another use for the quaranteen is when the anti-virus find what it found as been a potentialy new virus discovered by the so called euristic scan.
    This is a maybe positive.
    That file is then encrypted and sent to the devloper for further investigation. You should keep those. If they are false alerts, after some time, they should be automaticaly restored.

    Reply
  2. most files quarantined are an unitelligible string of letters numbers and such. unintelligible to me anyway. How do you find out what the file is for?

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.