Access processing
Rtl routine, 41
Zw routine, 41
AddIndices, function, 190–198
AddNewKeyHandle, function, 189–198
AddRef, function, 218–231
AddTarget, function, 260–262
adjustData, function, 78–96
AdjustIndices, function, 190–198
AdjustNextNewIndex, function, 190–198
ADS (Alternate Data Streams)
file-hiding technique, 15–21
syntax for, 20
using, 277
AfterOriginalFunction, function, 66–78
Alert, function, 260–262
AllocateKeyHandle, function, 190–198
allocateUserMemory, function, 66–78
alternate data streams (ADS)
file-hiding technique, 15–21
syntax for, 20
using, 277
ANSI Prefix Manager (Pfx), functional group, 40–41
ANSI string table operations, functional groups for hooking, 41
anti-rootkit software, types of, 254
AntiHook, anti-rootkit software, 254
application programming, injected function programming versus, 114
ARP cache poisoning, overview, 292
autoloading, overview, 138
automatic updates, rootkit prevention, 292
autostarted application detection, IceSword, 314