Remove a registry key when it has a random name

A product that I use has just installed on my system, without my consent, a liveupdate process that runs on my system every hour, even when I am not using that product.

I don’t know what this liveupdate does. Sure, it might only be wanting to update the program, but it could be doing anything. This could actually be a virus. And even if it was legit, what is it going to do? Start downloading 200+ MB of files every hour if it finds an update? Automatically update the program in the background without my knowledge? God knows what else.

The product installer creates a key hkcusoftwareliveupdate. Under that key is another key with a randomly generated name. In this case, 611dd93a9b5c578be68b17d997792402.

It then adds two run entries, one in startupapproved and one in run.

I can remove all the software, block it in the firewall and add a path rule to stop it running.

But I’d like to automate the removal completely, and that includes the registry keys. How can I retrieve the name of the randomly generated key?

“Reg query hkcusoftwareliveupdate” will give me the key name, but i don’t know how to extract only the last part – the random part – from the result. (via batch)

These are the keys to be removed;

hkcusoftwareliveupdate
hkcusoftwareliveupdate611dd93a9b5c578be68b17d997792402
hkcuSoftwareMicrosoftWindowsCurrentVersionExplorerStartupApprovedRun611dd93a9b5c578be68b17d997792402
hkcuSoftwareMicrosoftWindowsCurrentVersionRun611dd93a9b5c578be68b17d997792402