I am trying to understand what happen when some security software (anti malware, anti spyware, anti virus...) find a (malware, virus, spyware, trojan, wurm...) in a file.

Case 1: non executable file, aka data. Could be some text document, excel file, image, mp3...

Case 2: in an executable

Depending on the case (and security software i guess, thus your answer should also indicate the which security software) , what happen when the security software find the thing?

Does it :
- Delete it (the file)
- Keep it but remove the malicious code from the file (altering the file)
- Keep it, and allow execute it, put prevent it from doing bad thing

Also, still related, lets say someone has to use some software that may contain virus (some random jrpg game, some apps found on internet, some cracked software...), what solution would allow executing that software, although it may be harmful, without it harming the system? Does a sandbox would allow this? If that apps need high performance (graphics intense apps), then virtualisation is not an option (and if I understand well, sandbox rely on virtualization). Is that the role of BB? To execute, but still prevent harm?

An answer to the question on how to run harmful software would be really great. I got a friend who downloaded a cracked software (i do not endorse), and the AV tell him that it was a dangerous file, and the AV deleted it or quarantine it (not sure about that, someone will have to explain me if an AV delete or quarantine, and why would it quarantine? Not sure i really understand the quarantine concept) so he just white-listed, aka configured Bitdefender to just ignore that file. I was angry at him for doing so... . Why buying an AV if its to tell it to allow virus?

Totally new here, thus i really need explanation.