How to identify the registry need to delete on the machine

Hi All,

It is possible in Rapid7 to identify the registry need to delete on the asset?. As we received some of false positive or the machine detect a vulnerabilities related to MacAfee, Microsoft defender, adobe flash player and ETC. Which already been uninstalled on the machine.

Right now I always raise a ticket to rapid7 support team and its taking a long time for them to respond.

Usually these show up when the cleanup after uninstalling the applications was not entirely done, so there will either be an uninstall key or something else in the registry related to that application. We usually get a lot of Office registries that need to be cleaned up and we use our EDR to bulk deploy that removal.

If you want to list out all the registry related proofs you have in your organization, you can utilize the SQL report to get the proof column and filter using the “HKEY” keyword.