More contained redirections coming to Registry near you…

March 19, 2017 in Forensic Analysis, Windows Registry

I recently came across an interesting bit inside the Registry of Windows 10. The key: HKLM\system\currentcontrolset\control\hiveredirectionlist is looked at during the system boot by the smss.exe process and the latter […]