said by Cartel:
Thanks for the replies.
I guess I will leave it.
I will never use RD but it may need to be there I guess if a security setting wants to deny RD and cant find that group, it may bugger up my GP I guess.
As b_p_smith and dave wrote, deleting a built-in operating system group account doesn't secure RDP -- it's well past the point of diminishing returns. If this is with security in mind, is this machine serving as a standalone server? Is this deployed in a hosting environment? If so, then RDP is a primary route of infection, since it's often used for maintenance.
If this is a home machine behind a consumer wifi router attached to a 'mega' consumer Internet service provider, FWIW there are enough obstacles for RDP to overcome in a typical home network that it's not a primary route of infection. In a post-infection situation, an attacker that wants remote control is likely to bring-their-own remote control (VNC, TeamViewer, LogMeIn, etc.).