Quarantine, Delete, or Clean: What Should You Do About a Virus?

The best method for addressing malware

An antivirus program typically gives three options for what to do when it finds a virus:

  • Clean.
  • Quarantine.
  • Delete.

Deleting and cleaning sound the same, but they are not synonymous. One removes the file from your computer, and the other tries to heal the infected data. Quarantine moves the offending file. Knowing which action to take in a given situation is crucial to the health of your computer.

What's the Difference?

Hand of hacker with squeegee wiping laptop computer screen
Oivind Hovland / Getty Images

Here's a quick rundown of their functions:

  • Delete: Completely removes the file from the computer, which is useful if you don't want it anymore. As with any deleted file, a file that your antivirus program deletes is no longer visible and can't be used.
  • Clean: Removes the infection from the file but does not actually delete the file itself. This is the best option if you need to keep the file.
  • Quarantine: Moves the virus to a safe location that the antivirus software manages. This option does not delete or clean the file. It's similar to quarantining a sick person so that they can't infect anyone else; they're not removed permanently, nor are they healed.

Deletion is tricky. If you instruct your antivirus software to delete all infected files, some that are crucial to your computer's operating system might get deleted. This could affect the functionality of your operating system and programs.

Cleaning can be useful, but antivirus software can't clean a worm or a Trojan because there is nothing to clean; the entire file is the worm or Trojan.

Quarantine occupies the middle ground, moving the file to safe storage that's under the control of the antivirus application so that it can't harm your system. This gives you the option to restore the file in case you decide the file was mistakenly tagged as harmful.

How to Choose Between These Options

Generally speaking, the best option for a worm or Trojan is to quarantine or delete. If it's a true virus, the best option is to clean. However, this assumes you are able to distinguish exactly what type it is, which might not always be the case.

The best rule of thumb is to proceed along the continuum from the safe option to the safest. Start by cleaning the virus. If the antivirus scanner reports that it cannot clean it, choose to quarantine it so that you have time to examine what it is and decide if you want to delete it. Delete the virus only: 1) if the AV scanner specifically recommends this; 2) if you've done research and found that the file is totally useless and you're certain it's not a legitimate file; or 3) if there's simply no other option.

Check the default settings in your antivirus software to see what options have been preconfigured for automatic use, and adjust accordingly.

Was this page helpful?