diff --git a/atomics/T1037/T1037.md b/atomics/T1037/T1037.md
index d4c29e98..6e168502 100644
--- a/atomics/T1037/T1037.md
+++ b/atomics/T1037/T1037.md
@@ -36,6 +36,10 @@ REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ /d "#{scr
 ```
 
 
+#### Cleanup Commands:
+```
+REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript /f
+```
 
 <br/>
 <br/>
diff --git a/atomics/index.yaml b/atomics/index.yaml
index e9e58c53..0eb9f072 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -2675,6 +2675,10 @@ persistence:
         command: 'REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ
           /d "#{script_command}"
 
+'
+        cleanup_command: 'REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript
+          /f
+
 '
     - name: Logon Scripts - Mac
       description: 'Mac logon script
@@ -19677,6 +19681,10 @@ lateral-movement:
         command: 'REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ
           /d "#{script_command}"
 
+'
+        cleanup_command: 'REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript
+          /f
+
 '
     - name: Logon Scripts - Mac
       description: 'Mac logon script