Suggestion for Speed Improvement
Hi, thanks for this great software, it's good to see how the best stuff is still free (as so often) and that you're sticking to it for so long. I hope this is generating good business for you and that you managed to get in tune with that mystical Girl we've been praying for ;)
I just read on your frontpage people complain about speed, and even I am twiddling my thumbs for the hour it takes to scan. So here my suggestion as a software designer, programmer, and database person:
Your scanning algorithm seems to follow the following nested loop structure:
for(threat in ALL_THREATS) {
for(fingerprint in threat.fingerprint) {
for(fingerprintOnObject in fingerprint.affectedObjects) {
fingerprintOnObject.check();
}
}
}
problem with this is a lot of random access seeking 300000 times the same 100000 objects, hitting the registry 200000 times and >100000 times the same <10000 files. Instead, how about streaming the registry and files through a filter that looks for all fingerprints per file rather than files per fingerprint?
for(object in ALL_THREATENED_OBJECTS) {
for(objectThreatFingerprint in object.threatFingerprint) {
objectThreatFingerprint.check();
}
}
that way you check every object (file, registry key) only once and each time you check for all known threat fingerprints. I think you could get a 10x to 100x speed improvement out of that.
What do you think?