Change AV On Access Attributes (AVCHGA)

Change On-Access Attributes (AVCHGA)

The AVCHGA command allows you to configure the settings for on-access scanning.

On‑Access type (ACCESS)

*NONE On-Access scanning is disabled.

*OPEN Scan files during open processing if: 1) The file has never been scanned, or 2) The file has been modified since the last time it was scanned, or 3) The virus definitions have been updated since the last time it was scanned.

*OPNCLO Files will be scanned as they are opened and after they have been closed.

NOTE: Close scanning occurs only when the last job has closed the file. If multiple jobs have a file open, the file will be scanned only when the last job has closed the file.

Clean infected files (CLEAN)

Specifies if the engine should remove the virus from the file ("clean"). If a file cannot be cleaned, the CLEANFAIL parameter provides a secondary choice.

*YES Attempt to remove viruses from infected files.

*NO Do not attempt to clean infected files.

Action if not cleaned (CLEANFAIL)

*QRN Move the infected file to the /Quarantined directory. The open of the file will be prevented. For more information see Quarantine.

*DELETE Delete the infected file. The open of the file will be prevented.

*NONE No action is performed. The open of the file will be prevented.

Heuristic analysis (HEURISTIC)

Include heuristic analysis to find new viruses. When you use heuristic analysis, the scanning engine employs heuristic technology to detect potentially unknown viruses in executable files (programs). Without this option, the engine can only find viruses that are already known and identified in the current virus definition files.

*YES Include heuristic analysis to find new viruses. This attribute slows the engine's performance and consumes additional processor resources.

*NO Do not use heuristic analysis.

Macro analysis (MACRO)

Specifies if you want to treat embedded macros that have code resembling a virus as if they were viruses. This parameter is similar to Heuristic analysis but scans for new viruses in compound document formats; for example, Microsoft OLE formats such as Word documents.

You can use both Macro Analysis and Heuristic Analysis as parameters, and the engine determines which heuristics to implement based on the file type.

*YES Include macro analysis to find new viruses. This attribute slows the engine's performance and consumes additional processor resources.

*NO Do not use macro analysis.

Potentially unwanted programs (PROGRAMS)

Specifies if you want scanning activities to include detection of some widely available applications, such as password crackers or remote access utilities that can be used maliciously or pose a security threat.

*NO Do not scan for potentially unwanted programs.

*YES Scan for potentially unwanted programs.

Scan archives (ARCHIVES)

Specifies if you want scanning activities to include archive files. Archive files contain embedded files and usually end with one of the following extensions: .ZIP, .TAR, .CAB, .LZH, .JAR and .UUE. This option will also permit scanning of MSCompress files.

*YES Scan archive files to find new viruses. This attribute slows the engine's performance and consumes additional processor resources.

*NO Do not scan archive files.

Files (FILES)

Specifies the types of files to include in scanning activities.

*DFT Scan only file types that are most susceptible to virus infection. This option safely narrows the scope of scan operations to files that are susceptible to virus infection and reduces the amount of time devoted to scanning files.

*ALL Scan all files. This attribute slows the engine's performance, but offers you the best protection against infection.

*ALLMACRO Expands scanning activities to include an examination of all files to determine if they contain known macro viruses. This attribute slows the engine's performance but offers you the best protection against infection from macro viruses. This option is faster than the *ALL files option, which examines every file for program viruses and macro viruses.

Exclude Directories (EXCL)

Even if a directory is omitted from on-access scanning, Powertech Antivirus for IBM i will still scan the directory if it is included in an on-demand scan task.

Specifies the list of directories to exclude from on-access scanning. Domino data directories are a good choice here, since Domino is known to have problems when it cannot open infected files. To exclude a single file, use the command CHGATR OBJ(file-name) ATR(*SCAN) VALUE(*NO), where file-name is the fully qualified path of the object you want to exclude from scanning).

The maximum path length is 4096.

TIP: To extend the command prompt, enter an ampersand (&) in the first position of the field, followed by a blank, and press Enter. Repeat this until the field is long enough, up to an additional 512 characters.

To go beyond this size, the command needs to be entered without the prompt by using CALL QCMD and pressing F11.

Timeout (TIMEOUT)

Specifies the maximum number of seconds the product will spend scanning any one particular file during an on-access scan. After the specified number of seconds, the file is allowed to be opened and the file’s scan status remains unchanged. The default setting is 30 (seconds).

Logging level (LOGLVL)

Specifies the amount of information logged to the avsvr.log file. Settings 2 and 3 can be used for troubleshooting but are not recommended for long term use as the log file can grow very large, and reduces scanning performance.

*NONE No information is logged.

1 Infections and actions about file cleaning and quarantine.

2 Everything from level 1 and file names.

3 Everything from level 2 and job names.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
8.12 | 202502030833 | February 2025