The time required to scan files for malicious code is a significant performance issue for anti-malicious code software. Therefore, decreasing the amount of time required for such scanning would be highly desirable. When scanning a file for a specific malicious code signature, only a small percentage of the file actually needs to be examined to determine whether the file is infected with the malicious code. However, it is very difficult to predict in advance which portions of the file will need to be examined. Thus, a lot of time is spent reading the relevant portions of the file from media (e.g., a local or network hard disk) into dynamic memory as the file is being scanned. Because media input-output (I/O) is relatively slow, this process decreases the performance of anti-malicious code scanning significantly.
What is needed are computer implemented methods, computer readable media and computer systems for reducing the amount of time spent on I/O during anti-malicious code scanning.