@ECHO OFF
title Windows 7 User Profile Cleaning

:: INSTRUCTIONS
:: ======================================================================
:: Navigate to the environment section below to set the variables for	
:: your needs.	

:: Add any users you wish to exclude from the wipe to the "userpreserve"
:: line below and separate them by commas.  Be careful - these are case
:: sensitive.							
::													
:: ======================================================================
:: ENVIRONMENT VARIABLES						
:: ======================================================================
	
	:: WHAT IS YOUR ACTIVE DIRECTORY DOMAIN NAME?
	:: ==================================================================
	:: This setting is used to check if an active domain user is logged
	:: into a computer and will skip their account if the script is run
	:: while they are logged in. This will prevent the users account
	:: from becoming corrupted and not get fully removed from the PC.
	:: ==================================================================
	SET domain=DOMAIN-NAME
	
	:: HOW MANY DAYS OLD SHOULD A PROFILE BE BEFORE DELETION?
	:: ==================================================================
	:: This setting is used to look at the "last written" timestamp on
	:: the user's profile folder in C:\Users. If that timestamp is
	:: older than the day variable set below, the account will be
	:: flagged for deletion.
	::
	:: Keep in mind that the "last written" timestamp on a profile can
	:: be renewed by the user logging into the PC. As an example, if the
	:: same user logged into the same computer every (1-2) days, their
	:: profile would be never be removed.
	:: ==================================================================
	SET days=3
	
:: ======================================================================
:: END ENVIRONMENT VARIABLES
:: ======================================================================


::===========================================================================================================================================================
::===========================================================================================================================================================
:: DO NOT EDIT CODE BEYOND THIS POINT
::===========================================================================================================================================================
::===========================================================================================================================================================

for /F "tokens=2 delims=\" %%x in ('"WMIC /Node:%COMPUTERNAME% ComputerSystem Get UserName | find "%domain%""') do (set user=%%x)

:USERPRESERVE
set userpreserve="Administrator,Default,Public,%user%"

FOR /f "tokens=*" %%a IN ('reg query "hklm\software\microsoft\windows nt\currentversion\profilelist"^|find /i "s-1-5-21"') DO CALL :REGCHECK "%%a"
GOTO VERIFY

:REGCHECK
set SPACECHECK=
FOR /f "tokens=3,4" %%b in ('reg query %1 /v ProfileImagePath') DO SET USERREGPATH=%%b %%c
FOR /f "tokens=2" %%d in ('echo %USERREGPATH%') DO SET SPACECHECK=%%d
IF ["%SPACECHECK%"]==[""] GOTO REGCHECK2
GOTO USERCHECK

:REGCHECK2
FOR /f "tokens=3" %%g in ('reg query %1 /v ProfileImagePath') DO SET USERREGPATH=%%g
GOTO USERCHECK

:USERCHECK
FOR /f "tokens=3 delims=\" %%e in ('echo %USERREGPATH%') DO SET USERREG=%%e
FOR /f "tokens=1 delims=." %%f IN ('echo %USERREG%') DO SET USERREGPARSE=%%f
ECHO %USERPRESERVE%|find /I "%USERREGPARSE%" > NUL
IF ERRORLEVEL=1 GOTO CHECKAGE
IF ERRORLEVEL=0 GOTO SKIP

:CHECKAGE
forfiles /p C:\Users\%USERREG% /m NTUSER.dat /d -%days%
IF %ERRORLEVEL%==0 (
	SET AGEFLAGGED=%USERREG%
	GOTO CLEAN
	)
IF %ERRORLEVEL%==1 (
	GOTO SKIP
	)

:SKIP
ECHO Skipping Deletion on Profile: %USERREG%
GOTO :EOF

:CLEAN
ECHO Removing Profile: %AGEFLAGGED%
TAKEOWN /F "C:\Users\%AGEFLAGGED%" /r /d
CACLS "C:\Users\%AGEFLAGGED%" /T /E /G SYSTEM:F Administrators:F
RD /S /Q "C:\Users\%AGEFLAGGED%" > NUL

ECHO Cleaning Registry for Profile: %AGEFLAGGED%
reg delete %1 /f
IF EXIST "C:\Users\%AGEFLAGGED%" GOTO RETRYCLEAN1
GOTO :EOF

:RETRYCLEAN1
ECHO Retrying Removal of Profile: %AGEFLAGGED%
TAKEOWN /F "C:\Users\%AGEFLAGGED%" /r /d
CACLS "C:\Users\%AGEFLAGGED%" /T /E /G SYSTEM:F Administrators:F
RD /S /Q "C:\Users\%AGEFLAGGED%" > NUL
IF EXIST "C:\Users\%AGEFLAGGED%" GOTO RETRYCLEAN2
GOTO :EOF

:RETRYCLEAN2
ECHO Retrying Cleaning of Registry of Profile: %AGEFLAGGED%
TAKEOWN /F "C:\Users\%AGEFLAGGED%" /r /d
CACLS "C:\Users\%AGEFLAGGED%" /T /E /G SYSTEM:F Administrators:F
RD /S /Q "C:\Users\%AGEFLAGGED%" > NUL
GOTO :EOF

:VERIFY
FOR /f "tokens=*" %%g IN ('reg query "hklm\software\microsoft\windows nt\currentversion\profilelist"^|find /i "s-1-5-21"') DO CALL :REGCHECKV "%%g"
GOTO REPORT

:REGCHECKV
set SPACECHECKV=
FOR /f "tokens=3,4" %%h in ('reg query %1 /v ProfileImagePath') DO SET USERREGPATHV=%%h %%i
FOR /f "tokens=2" %%j in ('echo %USERREGPATHV%') DO SET SPACECHECKV=%%j
IF ["%SPACECHECKV%"]==[""] GOTO REGCHECKV2
GOTO USERCHECKV

:REGCHECKV2
FOR /f "tokens=3" %%k in ('reg query %1 /v ProfileImagePath') DO SET USERREGPATHV=%%k
GOTO USERCHECKV

:USERCHECKV
FOR /f "tokens=3 delims=\" %%l in ('echo %USERREGPATHV%') DO SET USERREGV=%%l
FOR /f "tokens=1 delims=." %%m IN ('echo %USERREGV%') DO SET USERREGPARSEV=%%m
ECHO %USERPRESERVE%|find /I "%USERREGPARSEV%" > NUL
IF ERRORLEVEL=1 GOTO VERIFYERROR
IF ERRORLEVEL=0 GOTO :EOF

:VERIFYERROR
SET USERERROR=YES
GOTO :EOF

:REPORT
IF [%USERERROR%]==[YES] (
		set RESULT=FAILURE
)		ELSE (
		set RESULT=SUCCESS
)

:EXIT
pause
exit

:EOF