Hey Everyone,
Here is a Powershell script to remove a registry key from the logged in User Accounts using JC Commands.
JC Commands run as "nt authority\system", hence we need a logic defined to find the logged in user and to find the SID for the username and finally run the registry delete command.
# Get the username of the active session
$activeSession = (Get-WmiObject -Class Win32_ComputerSystem | Select-Object -ExpandProperty UserName)
$activeUserName = $activeSession.Split('\')[-1] # Extract the username from the session string
# Display the username
Write-Host "Active user: $activeUserName"
# Get the SID of the active user
$userSID = (Get-WmiObject Win32_UserAccount -Filter "Name='$activeUserName'").SID
Write-Host "User SID: $userSID"
# Delete the registry key associated with the active user
reg delete "HKEY_USERS\$userSID\Software\Google\Endpoint Verification\Safe Storage" /fHope this helps some of the Admins out there!
