Protection from changes to Kaspersky Security for Windows Server registry keys

Kaspersky Security for Windows Server restricts access to the following registry branches and keys, which facilitate loading of the application’s drivers and services:

• [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\WSEE]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kavfs]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kavfsgt]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kavfsslp]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klam]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klelaml]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klfltdev]
• [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klramdisk]
• [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\WSEE\11\CrashDump]
• [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\WSEE\11\CrashDump] (on the 64-bit version of Microsoft Windows)
• [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\WSEE\11\Trace]
• [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\WSEE\11\Trace] (on the 64-bit version of Microsoft Windows)

The rights to change these registry branches and keys are granted to Local System (SYSTEM) account only. User and Administrator accounts are granted read-only rights.