Should I Delete Objects in Malwarebytes' Quarantine?

By C.A. Rubino

Updated August 24, 2017

MalwareBytes is an anti-malware program which monitors for threats and allows users to scan for and remove or quarantine found objects. Once objects are in the quarantine, they typically pose no threat to your computer, and you may leave them alone or delete them. Before you decide, though, it is important to understand how MalwareBytes detects threats, how quarantine works, and whether or not there is a benefit to deleting items in the software’s quarantine.

Detected Threats

MalwareBytes uses a variety of detection techniques to identify malicious or unwanted programs. One technique used by the software is identifying malware by checking it against a database of known malicious software. The second technique used by MalwareBytes is called heuristic scanning, which uses a complex set of rules to look for traits and behaviors common in virus and spyware software. These programs may not yet have been identified by the anti-virus manufacturer and added to the database, thus constituting an unknown virus or new threat.


Threats that are identified through MalwareBytes’ database or heuristic scanning process are not deleted. Rather, the identified threat is added to the MalwareBytes quarantine. Once the threat is quarantined, the identified file or program is encrypted and locked so that no other programs are able to access it. Quarantined threats are rendered harmless as they cannot be launched or accessed by any users or other programs. Threats are sent to the MalwareBytes quarantine, rather than deleted immediately, because false positives can sometimes misidentify a innocuous program or file as dangerous.


Detected threats that have been added to the MalwareBytes quarantine can safely be left in quarantine as they are no longer any danger to your computer. Quarantined files still exist on the system, however, and because of this they still take up storage space. While most detected threats are relatively small in size, and their overall impact on system storage should be negligible, you may want to permanently remove quarantined files. MalwareBytes has a quarantine tab on the main menu that will display a list of all threats that have been detected and quarantined. From here, items can be deleted permanently or restored, thus removing the encryption and unlocking the file.


If using heuristic scanning, the chance of a false positive increases. If you are absolutely sure a file has been misidentified as a threat, restore it from the quarantine to regain access to that file. If you are unsure whether a file has been misidentified, it should be left in quarantine or permanently deleted. Never restore an infected or malicious program, as this will compromise your operating system and may cause damage.