A method and system that reduces the length of time required to complete antivirus scans. An enhanced journal file system (JFS) includes an antivirus utility function, which utilizes a low level log of the JFS to store a history of transactions that occur since a previous scan operation. The log is immune from normal purge operations by the JFS and cannot be circumvented without driver level access. Thus, a virus that changes the timestamp on the file or otherwise attempts to hide its viral activity does not affect the log. When the antivirus scanning utility initiates an antivirus scan of the system, the antivirus scanning utility obtains the history since the last scan from the persistent log. The antivirus scanning utility "replays" the log and carries out the antivirus scan on all files, directories, etc. associated with any transactions that occurred since the last scan.