# Scan Journey

## 1. The form payload is prepared

The scanner presents a file, URL, or IP input through the same guided experience. Users can switch between supported scan types from the same page.

## 2. The submission is prepared and checked

Virusis prepares the submission so the product can present a consistent result experience. When helpful, the platform can reuse or reconnect the user to an already-available result instead of forcing a brand-new wait every time.

## 3. Analysis starts

Once the submission is accepted, Virusis begins processing and prepares the report view.

## 4. Findings appear progressively

The UI shows skeleton cards first. As engine results arrive, those placeholders are replaced with live data. This gives users gradual visibility instead of forcing them to wait for the entire scan to finish.

## 5. Context layers are added

After the first findings appear, additional layers can be added:

* score summaries
* threat context
* file insights
* share and export preparation

## 6. The report is ready to use

From there, the result can be reviewed on-screen, shared with other stakeholders, or exported as a report.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.virusis.com/malware-analysis/live-scan-workflow.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.