Abstract: A technique for restoring content is described. The technique includes receiving a specification of content to be restored to a target storage from a data source. The technique also includes determining task units to be performed to restore the specified content. Each task unit is associated with a corresponding assigned weight value. Based on the corresponding assigned weight values, the task units are distributed to different task groups. The task groups are processed in parallel with each other to concurrently perform at least a portion of the distributed task units.

Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.

Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.

Abstract: A technique for restoring content is described. The technique includes receiving a specification of content to be restored to a target storage from a data source. The technique also includes determining task units to be performed to restore the specified content. Each task unit is associated with a corresponding assigned weight value. Based on the corresponding assigned weight values, the task units are distributed to different task groups. The task groups are processed in parallel with each other to concurrently perform at least a portion of the distributed task units.

Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows one or more processors executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware can be detected using exception handling to track memory allocations of the program code included in the received data set.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows one or more processors executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware can be detected using exception handling to track memory allocations of the program code included in the received data set.

Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: Method and apparatus for multimedia content filtering are described herein. In one embodiment, an example of a network access device, in response to multimedia content transmitted from a source over a first network and destined to a destination over a second network, opens the multimedia content within the network access device interfacing the first and second networks. A content rating operation is performed on the opened multimedia content to determine whether the multimedia content should be transmitted to the destination over the second network. Other methods and apparatuses are also described.

Abstract: Method and apparatus for multimedia content filtering are described herein. In one embodiment, an example of a network access device, in response to multimedia content transmitted from a source over a first network and destined to a destination over a second network, opens the multimedia content within the network access device interfacing the first and second networks. A content rating operation is performed on the opened multimedia content to determine whether the multimedia content should be transmitted to the destination over the second network. Other methods and apparatuses are also described.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: A software module capable of simultaneously supporting multiple services provides log message throttling for each service with a separate “per service” log message buffer. When the software module is a device driver, for example, each device controlled by the device driver is allocated a message buffer to store descriptive log messages. Upon generation of a warning log message, descriptive log messages in the message buffer are flushed to a log file for review by an administrator. Furthermore, log message throttling may be implemented by only flushing the message buffer upon certain occurrences of warning log messages, such as in accordance with an exponential back-off algorithm.

Abstract: Techniques for notification of reassembly-free file scanning are described herein. According to one embodiment, a first request for accessing a document provided by a remote node is received from a client. In response to the first request, it is determined whether a second request previously for accessing the document of the remote node indicates that the requested document from the remote node contains offensive data. If the requested document contains offensive data, a message is returned to the client, without accessing the requested document of the remote node, indicating that the requested document is not delivered to the client.

Abstract: System and methods for safely sharing universal serial bus (USB) devices are provided. A request is received to switch from a state in which user mode drivers are not enabled to a state in which user mode drivers are enabled. For each kernel mode USB driver in the system, an I/O control (IOCTL) is called in each kernel mode USB driver. The IOCTL requests that the kernel mode USB driver yield devices on which it has a claim. Also, for each kernel mode USB driver in the system, it is determined if the kernel mode USB driver will yield one or more devices on which it has a claim. For each kernel mode USB driver that will yield and for each device claimed by the kernel mode USB driver for which the kernel mode USB driver respects a request to unclaim the device, a process is executed as if there had been a hot unplug event on the device.

Abstract: System and methods for safely sharing universal serial bus (USB) devices are provided. A request is received to switch from a state in which user mode drivers are not enabled to a state in which user mode drivers are enabled. For each kernel mode USB driver in the system, an I/O control (IOCTL) is called in each kernel mode USB driver. The IOCTL requests that the kernel mode USB driver yield devices on which it has a claim. Also, for each kernel mode USB driver in the system, it is determined if the kernel mode USB driver will yield one or more devices on which it has a claim. For each kernel mode USB driver that will yield and for each device claimed by the kernel mode USB driver for which the kernel mode USB driver respects a request to unclaim the device, a process is executed as if there had been a hot unplug event on the device.

Abstract: Described herein are systems and methods for preventing a user mode USB driver from performing IOCTL operations other than read-safe IOCTLs on a USB device that has been claimed by a kernel mode driver or is in use by another user mode USB driver. In one method, it is determined whether a kernel mode USB driver will claim a device or whether the device will be available to be claimed by user mode USB drivers. In the event the device is claimed by a kernel mode USB driver, user mode USB drivers will be prevented from claiming the device. In the event the device is available for use by user mode USB drivers, but has been opened for write by one user mode USB driver, all other user mode USB drivers will be prevented from claiming the device. All IOCTL operations other than read-safe IOCTLs will be prevented from being performed by a user mode USB driver unless that USB driver has claimed the device.