registry values Archives

Winsage

December 24, 2025

This neat Windows 11 registry trick offers higher NVMe SSD performance—but it’s not for everyone

Recent discoveries have revealed a registry tweak that can enhance the performance of NVMe SSDs on Windows 11, particularly improving random 4K speeds. Traditionally, Windows has treated most drives as SCSI, limiting the potential of NVMe drives. Microsoft is introducing native NVMe support in Windows Server 2025, which bypasses the SCSI conversion process for improved speed and efficiency. Users can achieve similar enhancements on Windows 11 through specific registry modifications, which must be done at their own risk. The necessary driver is included in recent updates for both Windows Server 2025 and Windows 11. Users need to adjust three registry values to enable this functionality. Once modified, NVMe drives will appear under 'Storage Media' in Device Manager. Reports indicate significant performance gains, with one user noting increases of 45% in random 4K read and 49% in write performance. Microsoft suggests enterprise users could see up to 80% higher IOPS and a 45% reduction in CPU cycles. The WD Black SN8100 SSD is noted for its high random 4K speeds, loading games faster than competitors. Many users have pointed out that Linux has had native NVMe support for some time.

Winsage

December 23, 2025

Windows 11 25H2 Includes a Faster NVMe Driver Needing Manual Installation

Windows has supported the NVMe storage media protocol since Windows 8.1, but the default driver, disk.sys, may not provide optimal performance. Microsoft has introduced a new driver, nvmedisk.sys, with Windows 11 25H2 and Windows 2025, aimed at improving NVMe performance. Users can check if they are using the older driver via Device Manager. The new driver has the potential to enhance performance for compatible NVMe drives in both sequential and random workloads. However, compatibility issues exist, as not all NVMe SSDs support nvmedisk.sys, which could lead to boot problems with Windows 11. Notebookcheck has published a guide on enabling nvmedisk.sys, which involves modifying three Windows Registry values, and it is advised that users back up their data before making changes.

Winsage

December 2, 2025

Microsoft needs to make it easier to disable automatic Windows 11 updates

Updates in the Windows ecosystem are essential for enhancing stability, performance, and security. However, users of Windows 11 have expressed frustration due to frequent updates disrupting functionalities like network connectivity and printer access. Automatic updates can interrupt productivity, with unexpected restart prompts leading to potential loss of unsaved work. Issues with third-party programs and drivers often arise post-update, and older PCs experience significant performance degradation due to background updates. Many users face limitations with internet access, as substantial update sizes can consume data quickly, especially under fair usage policies. Storage constraints on older devices can lead to operational issues, and attempts to pause updates may not always be effective. While updates are crucial for delivering new features and security fixes, their frequency can diminish their perceived importance, causing users to delay addressing issues. Disabling automatic updates can be complicated, requiring adjustments in the Windows Update service, Group Policy Editor, or Registry, which may not be accessible or user-friendly. A simple one-click "Disable" button in the Windows Update settings would enhance user control over update installations, allowing them to manage updates according to their schedules.

Winsage

October 23, 2025

‘Unusable’—Microsoft Issues Emergency Update For All Windows 11 Users

Microsoft's recent mandatory security update, "Windows 11 KB5070773," has caused significant issues for users, including problems with localhost connections and a breakdown in the Windows Recovery Environment (WinRE), rendering essential peripherals like mice and keyboards non-functional. This emergency update is being rolled out to address the critical issue of non-responsive input devices in WinRE, which hampers recovery processes. Users must download and install the update manually, although it is designed to occur automatically for Windows 11 PCs on versions 24H2 and 25H2. The update will upgrade version 25H2 to Build 26200.6901 and version 24H2 to 26100.6901. Microsoft has acknowledged the severity of the situation, stating that the issue prevents navigation of recovery options within WinRE. Additionally, some users are experiencing errors related to smart card authentication and certificates, with a temporary workaround suggested by Microsoft.

Winsage

September 4, 2025

Windows 11 will finally let you switch themes based on schedule or time via PowerToys

Windows 11 will introduce an automated feature to switch between light and dark themes based on the time of day, currently being tested through a PowerToys utility expected by October 2025. Users can set custom hours or use location services for this functionality. Task Scheduler can also be used to create tasks that automatically switch themes by modifying registry values.

Winsage

August 23, 2025

Hackers Can Exfiltrate Windows Secrets and Credentials Silently by Evading EDR Detection

A new method allows attackers to extract Windows secrets and credentials without being detected by most Endpoint Detection and Response (EDR) solutions. This technique enables individuals with access to a Windows machine to gather credentials for lateral movement within a network. The Local Security Authority (LSA) manages sensitive information through two in-memory databases: the SAM database, which stores user credentials, and the Security database, which holds LSA secrets. Access to these databases requires interaction with the SAM and SECURITY registry hives, protected by Discretionary Access Control Lists (DACLs) that limit access to SYSTEM privileges. Attackers typically face detection when accessing the lsass.exe process memory, as EDR solutions monitor high-risk activities. Researcher Sud0Ru has introduced a method that bypasses these defenses by using the undocumented API NtOpenKeyEx with the REGOPTIONBACKUPRESTORE flag, allowing attackers to read the SAM and SECURITY hives without SYSTEM-level privileges. To avoid detection, attackers use the RegQueryMultipleValuesW API, which is less monitored by EDRs, to extract encrypted secrets from the hives. This approach allows the operation to occur entirely in memory, leaving no on-disk artifacts and evading typical security alerts.

Winsage

July 19, 2025

This free tool is the best way to find and edit registry values on Windows

RegScanner is a free utility designed to simplify the process of locating specific registry keys in Windows 11. It offers highly customizable search options, allowing users to find keys based on specific terms, filter by key names or attributes, and refine results by modification date. The tool also supports remote searches and facilitates the creation of backups for registry items, enabling users to select multiple items for backup in REG and TXT formats. RegScanner is portable, available in a ZIP format, and compatible with Windows XP to Windows 11, requiring no administrator privileges for basic searches. It aims to reduce the time and frustration associated with registry management.

Winsage

March 5, 2025

Microsoft updates Windows 11 CPU support for OEM systems to include 8th to 10th Gen Intel CPUs

In mid-February 2025, Microsoft updated its support documentation regarding Intel processors' compatibility with Windows 11 24H2, adding several models from the 8th, 9th, and 10th generations that were previously excluded. These processors, introduced about eight years ago, can still perform adequately if their motherboards meet the TPM 2.0 requirement. Microsoft confirmed that these Intel CPU models meet the minimum system requirements for Windows 11 and indicated that future processor generations meeting similar principles will also be considered supported. Although the three Intel generations have not been reinstated on the official list, systems using these processors will not be rendered obsolete or stop receiving updates. Manufacturers are advised against using these older processors in new systems running Windows 11. An official list of supported CPUs for non-OEM or custom PC builders is not available, but builders should refer to Microsoft’s Windows 11 System Requirements, which require a CPU operating at 1 GHz or faster with two or more cores. It is possible to install Windows 11 on unsupported hardware by adjusting certain registry values, but this may result in missing system and security updates. Users can also continue using Windows 10 for ongoing security updates or consider transitioning to a Linux operating system.

Winsage

February 21, 2025

Windows 11 24H2 RDP hangs on login, RDP session connecting issues reported

Windows 11 has a significant issue affecting Remote Desktop Protocol (RDP) sessions during the login phase, potentially linked to the Windows 11 24H2 update or recent security updates KB5050094 and KB5051987. Administrators have reported difficulties in establishing RDP connections since the rollout of the 24H2 update, with issues persisting even when the RDP service is operational and firewall configurations are correct. Users have noted that changing the default RDP port from 3389 may resolve connection issues for some, although this workaround is not universally effective. Additionally, there are reports of RDP sessions hanging during the login process, particularly when reconnecting to previously disconnected sessions. To address the hanging issue, users can modify settings in the Group Policy Editor by enabling the "Select network detection on the server" policy and turning off Connect Time Detect and Continuous Network Detect. A system reboot is not necessary, but executing the gpupdate /force command is recommended. Alternatively, a Windows Registry script can be used to automate the process across multiple devices. As of February 21, Microsoft has not officially acknowledged these network issues, despite their widespread impact on users.

Winsage

February 19, 2025

These Windows 11 registry hacks will turn you into a PC pro

The Windows Registry Editor is accessed by pressing Win-R, typing regedit, and confirming with “OK.” The registry files are located in “C:WindowsSystem32config” and user-specific files in “C:Users[username].” The five main branches of the registry are: - HkeyCurrentUser: Configuration settings for the current user. - HkeyLocalMachine: Global settings for all users, requiring administrative rights for changes. - HkeyUsers: Contains user IDs for system profiles. - HkeyClassesRoot: Manages file name extensions and program shortcuts. - HkeyCurrentConfig: Links to keys under HkeyLocalMachineSystemCurrentControlSetHardware ProfilesCurrent. Users can create subkeys and values, which can be of different types. To modify the registry, select a key, use the “New” context menu, and double-click to edit. Creating a backup of the registry is recommended before making changes, which can be done using the Registry Backup Portable tool. To restore the registry, select the most recent backup and click “Restore Now.” Microsoft’s Process Monitor can be used to analyze registry values by filtering for “RegSetValue” and tracking changes. Certain registry values are restricted from modification for security reasons, such as the “widgets” feature in Windows 11. However, methods like batch files and PowerShell scripts can override these protections. Windows transmits diagnostic data to Microsoft, impacting user privacy. Tools like O&O Shutup10 and W10Privacy help manage telemetry settings.