Protection from changes to Kaspersky Embedded Systems Security registry keys

Kaspersky Embedded Systems Security restricts access to the following registry branches and keys, which facilitate loading of the application’s drivers and services:

• [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ESS]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kavfs]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kavfsgt]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kavfsslp]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klam]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klelaml]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klfltdev]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klramdisk]
• [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ESS\3.0\CrashDump]
• [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ESS\3.0\CrashDump] (on the 64-bit version of Microsoft Windows)
• [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ESS\3.0\Trace]
• [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\ESS\3.0\Trace] (on the 64-bit version of Microsoft Windows)

The rights to change these registry branches and keys are granted to Local System (SYSTEM) account only. User and Administrator accounts are granted read-only rights.