Methodology, system, computer readable medium, and product providing a security software suite for handling operating system exploitations

摘要: Various embodiments are provided relating to security of a computer, namely, software product, computer-readable medium, computerized method, and computer system. Illustrative is one embodiment product for use on host monitor for, respond to, activity corresponding rootkit exploitation which renders the computer's operating system insecure. The comprises readable media having suite interfaced components, such as loadable kernel modules. An detection component detects exploitation. A forensics data collection collects characteristic so that it may be transferred removable storage device. OS restoration restores secure condition in response exploit.