Trap can be investigate or forensic anti-spyware or mallicious exploit registry

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Trap can be investigate or forensic anti-spyware or mallicious exploit registry

L3 Networker

Hi all, I would like to know Trap can be investigated or forensic anti-spyware or malicious exploit via registry? because I have an issue with a client which it seems was a delete with malware which client can't delete yourself


L2 Linker



I'm not sure if I undertood very well, but you want to know if Traps can perform a forensic analysis, if is yes, Traps client take the events and send it to ESM, but you can create a rule on ESM  to collect forensic or files from the client.


If the issue (registry deleted) was perform when traps was enabled, you need to check your policies, first 'cause traps has the option to protect the services against malware or malintentioned actions, then second if that happend you don't have configured traps correctly.


Check Policies>Forensics, on ESM console.


The best regards,


@wtobarThanks for the suggestions for me, I'll try using the following information

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!