Remove-UserRegistryValue
Description
Remove specific registry values for all users.
Requirements
Only the parameters required by the script.
Usage
- Find all user profiles' usernames, SIDs, and locations of
ntuser.datfiles. - Query against the hive for SIDs.
- Loop through the hive, loading it and removing the registry value at the specified path for the specified key if it exists.
- If it does not exist, write to the log.
- If not excluded, load the default user hive and remove the registry value at the specified path for the specified key if it exists.
- If it does not exist, write to the log.
Example
Explanation of the usage of the below example:
.\Remove-UserRegistryValue.ps1 -Path "path" -Keyname "keyname" -ExcludeDefault
Parameters
| Parameter | Alias | Required | Default | Type | Description |
|---|---|---|---|---|---|
Path | True | String | Path following the SID to the specified key. | ||
KeyName | True | String | Name of the specific key. | ||
ExcludeDefault | False | Switch | Excludes the default account when querying accounts. |
Output
Location of output for log, result, and error files.
.\Remove-UserRegistryValue-log.txt