Are you running your installation/uninstallation from System Context (NT Authority\System) and want to delete user registry? You can do that by parsing all the users in HKEY_USERS key.
Under HKEY_USERS you will find user IDs starting with S-1-5-21. We need to search under all keys which are starting with S-1-5-21 and see if we can find our registry key, this way we delete the information from all the users.
For this example, let’s say I want to delete a REGISTRY KEY under HKCU\Printers\Connections and a REGISTRY VALUE under HKCU\Printers\ConvertUserDevModesCount.
As you can see, under HKCU\Printers\Connections we have MyTestConnection registry key and under HKCU\Printers\ConvertUserDevModesCount we have \\MyTestConnection registry value.
The script to parse all the HKU registry and find something like Test and delete is the following:
on error resume next '---------------------------------------------------------------------------------------------------------------- Const HKEY_LOCAL_MACHINE = &H80000002 Const HKEY_CURRENT_USER = &H80000001 Const HKEY_USERS = &H80000003 strComputer = "." Set WShell = CreateObject( "WScript.Shell") Set FSO = CreateObject( "Scripting.FileSystemObject") Set WNetwork = CreateObject("WScript.Network") '---------------------------------------------------------------------------------------------------------------- Set objRegistry=GetObject( "winmgmts:\\" & strComputer & "\root\default:StdRegProv") strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" objRegistry.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubkeys Set objReg = GetObject( "winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv") '---------------------------------------------------------------------------------------------------------------- For Each objSubkey In arrSubkeys strValueName = "ProfileImagePath" strSubPath = strKeyPath & "\" & objSubkey objRegistry.GetExpandedStringValue HKEY_LOCAL_MACHINE,strSubPath,strValueName,strValue correct_in strValue Next strUserName = WNetwork.username If UCase(strUserName) = "SYSTEM" Then string1 = "S-1-5-21" string2 = "Classes" string3 = "Printers\Connections" objReg.EnumKey HKEY_USERS, "", arrsubkeys For Each Subkey In arrSubKeys If InStr(1,Subkey, string1,1)And (InStr(1,Subkey, string2,1) = "0") Then objReg.EnumKey HKEY_USERS,Subkey & "\Printers\Connections",arrSubKeys2 For Each Subkey2 In arrSubKeys2 If (InStr(Subkey2,"Test")) Then clean "HKEY_USERS\" & Subkey & "\Printers\Connections\" & Subkey2 & "\" End If Next objReg.EnumValues HKEY_USERS,Subkey & "\Printers\ConvertUserDevModesCount",arrValueNames,arrValueTypes For i=0 To UBound(arrValueNames) If (InStr(arrValueNames(i),"Test")) Then clean2 Subkey & "\Printers\ConvertUserDevModesCount",arrValueNames(i) End If Next End If Next Else clean "HKEY_CURRENT_USER" End If '---------------------------------------------------------------------------------------------------------------- Sub clean(id) Dim WshShell On Error Resume Next Set WshShell = CreateObject("WScript.Shell") KeyName = id WshShell.RegDelete KeyName WshShell.RegDelete KeyName End Sub '---------------------------------------------------------------------------------------------------------------- '---------------------------------------------------------------------------------------------------------------- Sub clean2(id,id2) Dim WshShell On Error Resume Next Set WshShell = CreateObject("WScript.Shell") strComputer = "." Set objRegistry=GetObject( "winmgmts:\\" & strComputer & "\root\default:StdRegProv") KeyName = id KeyValue = id2 objRegistry.DeleteValue HKEY_USERS,KeyName,KeyValue End Sub '----------------------------------------------------------------------------------------------------------------
You can dowload the script from here:
Once you run the script it will delete the above mentioned registry entries.