Examples: Scanning for viruses and files being opened

 

These examples show what the exit program can scan for.

The scan can occur at two different times depending on how the system values are set and how the scan environment is established. The following list describes different kinds of scanning depending on the time they occur.

  1. Runtime scanning

    A runtime scan is a scan on a file or files during normal day-to-day activities. This ensures the integrity of your files every time they are accessed. Scanning during your normal activities allows you to ensure that your file or files are current for whatever standards you are scanning.

    Example of a runtime scan for viruses

    You choose to access a file on the integrated file system from your PC. When the file is opened from the PC, it is scanned. Because an open exit program is registered and the QSCANFS system value is set to scan files in the "root" (/), QOpenSys and UDFS file systems. The scan shows one virus is found and the anti-virus exit program proceeds to repair the problem. After the exit program repairs the file, the file is no longer infected. Thus, the access from the PC is not infected and it cannot spread the infection.

    Now say that instead of scanning for viruses on that access, you choose not to do a runtime scan. Then, after accessing the infected file from your PC, the virus might be transferred to your PC. By employing a runtime scan, the virus can be detected before it spreads to your PC.

    The main shortcoming of this method is that resource time is required to do the scans. Users attempting to access a file must wait until the scan is completed, before being able to use the file. The system ensures that scanning is performed only when required, not on every access.

  2. Mass or manually activated scanning

    You can use this option if you want to scan multiple items at the same time. In this instance, you can set the scan to occur when your system is offline, such as during the weekend. This has very little impact on accessing files during your normal day-to-day activities. The scan is done offline. Therefore, it can reduce runtime scan overhead for files that do not change after the mass scan is completed because re-scans are not required when such files are accessed again.

 

Parent topic:

Scanning support

 

Related concepts


Related system values

 

Related information


Integrated File System Scan on Open Exit Program
Integrated File System Scan on Close Exit Program