Abstract: A facility is described for optimizing the copying of virtual machine storage files. In various embodiments, the facility refrains from copying portions of the virtual machine storage file that do not contain any meaningful data for the purposes of the guest file system within the virtual machine storage file. In some embodiments, the facility refrains from copying portions of the file that are in use by the guest file system, but are of no practical value.

Abstract: In at least some disclosed embodiments, a method includes a) creating a first stub file on a target file server, b) creating a t-stub file at the location of the source directory, c) disabling performance of operations on the source data while allowing completion of operations in progress, d) copying the source data into a hidden directory on the target file server, thus creating target data, e) overwriting the first stub file by renaming the target data, f) enabling performance of operations on the target data, g) performing queued operations on the target data, and h) deleting the source data from the source file server.

Abstract: A method for providing solidified software in a computing environment includes creating a new reference for a function in a function table; copying an address of the function and associating the address with the new reference; replacing the address associated with an old reference of the function with a dummy address; and substituting each old reference in normal code with the new reference, where injected code is not able to execute in the computing environment. The function table entries can be further randomized by reordering the entries, introducing intermediate mappings, or providing non-operative entries. Alternatively, all or part of the code of the function can be copied and moved to a different storage location and associated with the new reference. The copied code can be further randomized by the insertion of dummy code, utilizing reverse peephole techniques, varying the size of the copied portion, or interleaving non-operative code.

Abstract: A facility is described for optimizing the copying of virtual machine storage files. In various embodiments, the facility refrains from copying portions of the virtual machine storage file that do not contain any meaningful data for the purposes of the guest file system within the virtual machine storage file. In some embodiments, the facility refrains from copying portions of the file that are in use by the guest file system, but are of no practical value.

Abstract: A method for providing solidified software in a computing environment includes creating a new reference for a function in a function table; copying an address of the function and associating the address with the new reference; replacing the address associated with an old reference of the function with a dummy address; and substituting each old reference in normal code with the new reference, where injected code is not able to execute in the computing environment. The function table entries can be further randomized by reordering the entries, introducing intermediate mappings, or providing non-operative entries. Alternatively, all or part of the code of the function can be copied and moved to a different storage location and associated with the new reference. The copied code can be further randomized by the insertion of dummy code, utilizing reverse peephole techniques, varying the size of the copied portion, or interleaving non-operative code.

Abstract: A method for providing solidified software in a computing environment includes creating a new reference for a function in a function table; copying an address of the function and associating the address with the new reference; replacing the address associated with an old reference of the function with a dummy address; and substituting each old reference in normal code with the new reference, where injected code is not able to execute in the computing environment. The function table entries can be further randomized by reordering the entries, introducing intermediate mappings, or providing non-operative entries. Alternatively, all or part of the code of the function can be copied and moved to a different storage location and associated with the new reference. The copied code can be further randomized by the insertion of dummy code, utilizing reverse peephole techniques, varying the size of the copied portion, or interleaving non-operative code.

Abstract: In at least some disclosed embodiments, a method includes receiving a request to list information about data in a first directory, and searching for a unique symbol in the first directory based on the request. The unique symbol is associated with a stub file in the first directory. The method further includes providing information about data in a second directory in response to the request if the unique symbol is found.

Abstract: In at least some disclosed embodiments, a method includes a) creating a first stub file on a target file server, b) creating a t-stub file at the location of the source directory, c) disabling performance of operations on the source data while allowing completion of operations in progress, d) copying the source data into a hidden directory on the target file server, thus creating target data, e) overwriting the first stub file by renaming the target data, f) enabling performance of operations on the target data, g) performing queued operations on the target data, and h) deleting the source data from the source file server.

Abstract: A method includes receiving a request, probing a first file server based on the request, and reading a stub file on the first file server based on a result of the probing. The stub file includes target information. The method further includes storing at least a portion of the target information.

Abstract: A facility is described for preventing an application from becoming infected with malicious code. In various embodiments, the facility starts an application in debug mode, intercepts an application program interface method that loads code, receives an indication that the application program interface method was invoked to load a component, determines whether the component is a trusted component, and, when the component is not trusted, prevents the component from being loaded.

Abstract: An invention is disclosed that provides a set of common software routines that may be accessed by device drivers in support of the Windows Management Instrumentation system. The set of common routines includes typical routines that would ordinarily be executed by device drivers designed in accordance with WMI. The common routines may reside in a library, dynamically accessible by the device drivers. When a device driver receives a message from the WMI system, the device driver may pass the message to the library to be handled in a common manner. In this manner, the developers of device drivers in accordance with the WMI system need only develop so much code as is necessary to support any unique features or data storage of its associated hardware. The result is shortened development time and fewer programming errors. In addition, the overall system performance may be improved because fewer instances of similar code are loaded in memory to support the WMI system.