malware – Is it possible to achieve persistence in Windows through using WinLogon without touching userinit, notify, or shell keys?

I am interested in finding out if it is possible to achieve persistence through winlogon without using one of those 3 mentioned keys. I am trying to determine if it’s safe to ignore registry key entries made into Winlogon parent directory. I’ve never seen an instance of malware achieving persistence through winlogon without using any of those keys, does anyone know of any techniques?