Single point of entry/origination item scanning within an enterprise or workgroup

Viruses, worms, trojan horses, and other malicious code (referred to herein collectively as "Computer Viruses") are one of the greatest threats to computers and computer networks. In the last ten years the number of known Computer Viruses has grown by at least 100 fold. Each day new Computer Viruses are generated and unleashed on the computing public. A danger associated with distributing items, such as executable files or documents, over a computer network is the risk of spreading a Computer Virus from one computer in the network to others. Non-networked, or stand-alone, computers are not immune from the threat of Computer Viruses. A Computer Virus can be spread to a stand-alone computer when a user inserts an infected diskette or when a user accesses infected files or web pages over the Internet. A method and system for on-access virus scanning within an enterprise or in a workgroup, where all users are authenticated against a trusted certificate authority. The first time an item, such as an executable file or document, is accessed, it is scanned for viruses, worms, trojan horses, or other malicious code, and, after the item is determined to be free from threats or is corrected, a certificate noting this information is generated. At the same time a Globally Unique Identifier ("GUID") is generated and appended to the item. The certificate contains various information, including the identity of the scanner that performed the virus check, as well as a means for determining if the original item has been altered since it was scanned, and is stored in a certificate database. The GUID is used as a pointer for locating the certificate. A subsequent user who accesses the item will detect the GUID and can use the GUID to locate the certificate for the item. If the certificate can be located and has not been tampered with and the item has not been changed since it was scanned, the subsequent user can access the item without re-scanning it.