diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 8754ec81..91e8fe9c 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -31815,8 +31815,8 @@ defense-evasion:
           /v DisableRegistryTools /t REG_DWORD /d 1 /f
 
 '
-        cleanup_command: 'reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\system
-          /v DisableRegistryTools /f >nul 2>&1
+        cleanup_command: 'powershell Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\policies\system"
+          -Name DisableRegistryTools -ErrorAction Ignore
 
 '
         name: command_prompt
diff --git a/atomics/T1112/T1112.md b/atomics/T1112/T1112.md
index 95ff2ab5..e4526dd0 100644
--- a/atomics/T1112/T1112.md
+++ b/atomics/T1112/T1112.md
@@ -406,7 +406,7 @@ reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\sys
 
 #### Cleanup Commands:
 ```cmd
-reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\system /v DisableRegistryTools /f >nul 2>&1
+powershell Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\policies\system" -Name DisableRegistryTools -ErrorAction Ignore
 ```