Remove Unauthorised User Accounts From Windows

If you found an account on your PC that you did not create, here is how to remove it cleanly.

7 min read · Beginner friendly

Step 1: Sign in to your own admin account

Make sure you are signed in to your account and that it is an administrator. If your account has been demoted, sign in instead to the built-in Administrator (Step 5 below has a fallback).

Step 2: Inspect the suspicious account before deleting

Open C:\Users\<suspicious-account-name> in File Explorer. If it contains files you actually want to keep, copy them to your own user folder first.

Take a screenshot of the account properties (Settings → Accounts → Other users → click the account) — useful if you ever need to report this.

Step 3: Demote then delete

Settings → Accounts → Other users → click the suspicious account → Change account type → set to Standard User. This immediately strips its admin powers.

Then click Remove → Delete account and data.

Step 4: Reset your own password

Whoever created the extra account had admin access — they may also know or have changed your password. Reset it now from Settings → Accounts → Sign-in options → Password → Change.

Use a long, unique password stored in your password manager.

Step 5: If your own account was demoted

Reboot, then on the sign-in screen press Shift 5 times rapidly to confirm Sticky Keys is disabled (a common attacker backdoor).

Sign in with the built-in Administrator account if it is enabled, or boot from a Windows installer USB and use 'Repair your computer → Troubleshoot → Command Prompt' to run net localgroup administrators <your-username> /add.

Step 6: Run a malware sweep

Whoever created the account got in somehow. Run Malwarebytes and a Defender offline scan to find the entry point — usually a remote-access tool or a credential-stealer.

---

What's next

• Detect viruses with Malwarebytes
• Set up a standard user account
• Lock down Windows