Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

Enterprise EDR: All Supported Versions
Windows OS: All Supported Versions

Question

Is it possible to see the registry changes in the regmod events?

Answer

Regmod events show the registry key that was changed they do not show what the actual change was

Additional Notes

The Live Response API can be used to query registry values here

Knowledge Base

Enterprise EDR: Do Regmod Events Show the Actual Registry Modifications?

Enterprise EDR: Do Regmod Events Show the Actual Registry Modifications?

Environment

Question

Answer

Additional Notes

Related Content

Carbon Black Cloud

Enterprise EDR

Knowledge Base

Enterprise EDR: Do Regmod Events Show the Actual Registry Modifications?

Enterprise EDR: Do Regmod Events Show the Actual Registry Modifications?

Environment

Question

Answer

Additional Notes

Related Content

Carbon Black Cloud

Enterprise EDR

Thank you for your feedback.

Thank you for your feedback.