How do you remove an account from the Registry Registry

Updated on 18. November 2022 By admin Leave a comment

In order to delete user profiles, it is advised to utilize an integrated GUI (graphical user interface) interface of Windows (Start > System > Advanced System Settings >User Profile – Settings). This will erase all registry references and also the user’s profiles directory (normally located in C:Users). What happens do you do if it doesn’t perform in the way it is supposed to?

The past week I came across an operating system that was infected by different malware. It was the case with a Windows 2008 R2 Remote Desktop server, however it could have likely happened to a computer that was running Windows 7 or Windows 8 or Windows 2012.

A step I needed to complete, in order to clean the malware was to recreate the user profile of a particular user. Because of the malware-related infections the deletion of user profiles was not completed successfully. Because some certain parts of Windows thought that there was an account, logging as the user resulted in the use of an unofficial profile, instead of automatically creating a brand new one. Additionally, due to this I was not able to use my GUI tool to view/delete personal profiles for local users. What do I do now?

I was fortunate to find the solution quickly , and it wasn’t that difficult, but it did require careful attention:

  1. First, ensure that the profile folder located in C:Users was gone completely.
  2. Find the SID of the user (security identifyr):
    1. From a command line use: wmic useraccount get name, sid (type exactly like the example below)
  3. In the registry, expand HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileList and find the key named with the SID of the desired user. By right-clicking to the name of the key and save onto the desktop (you’ll require this later for following steps). Click on the right-click icon, and remove the key.
  4. Utilizing Notepad using Notepad, I start the registry export that I exported from prior step. Find the GUID of the user you want to use. In the registry expand HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileGuid and find the key named with the GUID of the desired user. Right-click the folder and erase the key.

When you log in as the user you are, Windows should automatically create the local profile.