Depending of the type of rootkit/keylogger the reg location may be completely different. I believe there is not a single one specific location that would be "generally known" for all of them. Have a look at some documentation:
https://www-secure.symantec.com/connect/articles/rootkit-intruder-living-your-kernel
https://www-secure.symantec.com/connect/forums/what-are-rootkit-detection-and-removal-capabilities-sep
https://www-secure.symantec.com/connect/articles/introduction-spyware-keyloggers