Finding viruses or malware on your computer is never a pleasant experience, but why does antivirus software quarantine them instead of completely removing them from your computer? Today’s SuperUser Q&A post has the answers to a curious reader’s question.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Photo courtesy of Connor Tarter (Flickr).
SuperUser reader Sardar_Usama wants to know why antivirus software quarantines viruses and malware instead of deleting them?:
Why does antivirus software quarantine viruses and malware instead of completely deleting them? I think it would be better to make sure your computer is safe by completely getting rid of them. How can I manually remove quarantined items?
Why does antivirus software quarantine viruses and malware instead of deleting them?
SuperUser contributors Julie Pelletier and Mokubai have the answer for us. First up, Julie Pelletier:
Antimalware applications provide a quarantine option, which is often on by default for two reasons:
- Keeping a backup of the items identified as threatening in case of a false positive. Although not very common, I have seen cases of false positives on many different legitimate application files and drivers.
- Having the items in quarantine may allow for them to be better (further) investigated. The fact that a particular virus or malware matches a known signature does not mean that it is exactly the same, but may actually have other unique characteristics.
Followed by the answer from Mokubai:
If a virus or malware has embedded itself into a file you actually want, such as a Word document or similar, then outright deletion may be the worst option from the user’s perspective. Quarantine at least gives you a chance, however risky, to get the actual file contents you need back.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.