Which of the following Windows registry keys is commonly used by malware to achieve persistence by executing a program at user logon?
Run keys launch programs at logon.
Why this answer
The Run key under HKCU\Software\Microsoft\Windows\CurrentVersion\Run is a common persistence location; it runs the specified program when the user logs in.