diff --git a/atomics/T1547.001/T1547.001.yaml b/atomics/T1547.001/T1547.001.yaml
index bb0b61f348..c8de9aa211 100644
--- a/atomics/T1547.001/T1547.001.yaml
+++ b/atomics/T1547.001/T1547.001.yaml
@@ -392,8 +392,8 @@ atomic_tests:
       default: calc
   executor:
     command: |
-      reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /v StartupPrograms /t REG_SZ /d "#{malicious_app}"
-    cleanup_command: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /v StartupPrograms /t REG_SZ /d "rdpclip"
+      reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /f /v StartupPrograms /t REG_SZ /d "#{malicious_app}"
+    cleanup_command: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /f /v StartupPrograms /t REG_SZ /d "rdpclip"
     name: command_prompt    
     elevation_required: true
     
@@ -412,6 +412,6 @@ atomic_tests:
   executor:
     command: |
       reg add HKLM\System\CurrentControlSet\Control\BootVerificationProgram /v ImagePath /t REG_SZ /d "#{malicious_file}"
-    cleanup_command: reg delete HKLM\System\CurrentControlSet\Control\BootVerificationProgram
+    cleanup_command: reg delete HKLM\System\CurrentControlSet\Control\BootVerificationProgram /f
     name: command_prompt    
     elevation_required: true