More contained redirections coming to Registry near you…
March 19, 2017 in Forensic Analysis, Windows Registry
I recently came across an interesting bit inside the Registry of Windows 10. The key: HKLM\system\currentcontrolset\control\hiveredirectionlist is looked at during the system boot by the smss.exe process and the latter […]