To quarantine or not to quarantine ... that is our question. Many antivirus and antispyware programs will detect and remove malicious content and then take action on it. Quarantine is one of several options available to us.
When malicious content such as a virus, process, or spyware is found, the program will take action according to instructions supplied by the user. Usually, this is an immediate warning and prompt, or it can be a selectable option that the user chooses before beginning a scan for malicious content. This would take place in a start screen or configuration setting page for the program.
Accept means the user is allowing or permitting something. While it can mean that the user is permitting an action to take place on the computer, it also can mean that the user is allowing or permitting the detected content to remain on the computer. Obviously, the user must be sure what he or she is accepting, because most scans are performed to detect and remove objects, rather than to accept them. Generally, one should avoid accepting detected content and permitting it to remain without action. This compares easily to allowing a thief's hand to remain in your pocket.
Delete means to remove and erase a file or object from memory. Deletion is great when the file is not your own, and you have no interest in the contents or function of the file. Delete is supposed to be a permanent removal, but can also mean that your trash can - recycle bin will be filling up instead. Be sure to clear all caches to ensure a complete Delete has taken place as you intend.
Ignore means the same as accept in some cases, so think before taking this action. If the action is going to result in accepting a virus or spyware content or malicious process, then you may not wish to ignore. But, ignore may also mean that your computer is not configured to accept your command and that you may wish to proceed without an action succeeding as you intended. This can happen when you operate a computer with restricted user priviledges and do not have Administrator rights, and the computer is trying to humor you by carrying out the portions of your tasks that it can successfully perform. Don't take it personally; just coordinate with the Admistrator or owner of the system and communicate to this person what you need to do.
Last Configuration is an option to create a "latest working restore point" for the computer. While this sounds OK when you are about to do something drastic like a major software change, when you are removing Viruses and Spyware and malicious processes, this becomes the solution for malicious content to come back and haunt you. Never opt for the last configuration on a machine infested with virus, spyware, or malicious processes, because they will return to haunt you when you finally do use that configuration again. Some spyware will try to trick the user into setting a "last configuration" in order to avoid complete removal from your computer.
Reboot means that the computer will restart. This turns off the computer, flushes memory in RAM, and then restarts the computer with a clean RAM and hopefully with no virus or spyware. In reality, you will probably have to scan for and remove malicious content several times and reboot several times in order to detect and remove everything.
Remove means the same as delete, but can also mean remove only, as in whether to quarantine a file or to simply delete it. If you have no interest in the file or its function on your computer, remove is the best option to select so that it will be cleaned off the computer without an opportunity to return.
Rename means that the computer is changing the filename of a detected malicious file. If the computer cannot delete or remove the file, it may resort to renaming it in order to prevent the file from being accessed again by viruses or spyware or malicious processes. This may be the best the computer can do if you are operating with restricted priviledges.
Restore or Restore Object means that whatever you chose to quarantine or delete or remove or send to the recycle bin or trash can, you can now choose to restore or return it back as if nothing ever changed. This is great if you wish to look at a file again before removing it, but restore is just another way to return a virus or spyware or malicious process back to work on a PC. Restore Object must be used sparingly, and only on files you wish to keep. Viruses and spyware and malicious processes do not fall into the "keeper" category, so never use restore with them on a PC you are trying to protect.
Restore Point is similar to the last configuration, and carries the same risks of haunting you with spyware and viruses you meant to remove. It is best to set a fresh restore point only after being sure that all malicious content, files, and code are deleted. Delete old restore points, especially those covering the periods of infection by known malicious content on your PC.
Quarantine means that the filename or object that has been detected will now be stored on your computer media in a safe place. This is only for situations when you must wait for a future solution to clean, or disinfect, a critical file that you do not have a clean copy of.
You should only quarantine your own files for which you have no safe copies of elsewhere.
You never want to quarantine viruses, malicious code, processes, or spyware. Delete them or remove only instead.
While some people may wish to quarantine suspect files for submission to a virus authority or laboratory that can evaluate them, quarantine is more of a formal procedure of steps for isolating the suspect file. Unique and proprietary steps and procedures are given by all such authorities for how to submit suspect files for evaluation. See Virus Databases for more information.
To check out suspicious individual files for free analysis online, go to File Analysis and Malware Screening.