‣
Citrix and VPN
May not need persistence if you have access to these
Excel
Disable macro security and have Excel run at start.
Use HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Security\Trusted Locations
to have a specific workbook open
Probably obsolete with the decline of macros
Autoruns
HKCU\Software\Microsoft\Command Processor\AutoRun
Doesn’t need local admin
Beyond good ol’ Run key, Part 18
REG ADD HKCU\Environment /f /v UserInitMprLogonScript /t REG_SZ /d C:\temp\payload.vbs