system
13
FS checks files when they
- Execute
- Write
- Open
- Or are attached to something
P2P shield checks files as they are being downloaded by those P2P programs that you check.
When a file is downloaded by a P2P program the file is downloaded in parts.
The malicious code can be put in any one of those parts or more than one of those parts.
Is is usually put in the last part that downloads during the seeding of the file.
The P2P shield will scan the downloaded file parts during the download and abort the download when it finds malicious code.
The FS only scans files as indicated above and not during downloading.
At least that is my understanding.