Windows Registry Archives

Winsage

April 2, 2025

Your ‘unsupported’ Windows 10 PC can still run Windows 11 in 2025

Microsoft will cease support for Windows 10 on October 14, 2025. Users considering upgrading to Windows 11 may face obstacles due to hardware requirements, including TPM 2.0 and specific CPU models. Workarounds exist for upgrading incompatible PCs. To check compatibility: - Determine if the PC uses UEFI or Legacy BIOS via System Information (msinfo32.exe). - Ensure BIOS Mode is UEFI. - Check TPM status using the TPM Management tool (tpm.msc). - Verify CPU compatibility; most Intel CPUs from 2009 or later and AMD CPUs from 2013 or later should meet the standards. Option 1: Registry Edit Method (for PCs with TPM 1.2+ and UEFI) 1. Open Registry Editor (regedit.exe) as an administrator. 2. Navigate to HKEYLOCALMACHINESYSTEMSetup; create MoSetup key if absent. 3. Create DWORD (32-bit) Value named AllowUpgradesWithUnsupportedTPMOrCPU, set value to 1, and restart. 4. Download Windows 11 ISO from aka.ms/DownloadWindows11. 5. Mount the ISO file and run Setup.exe. Option 2: Using Rufus (for PCs without TPM or UEFI) 1. Download Rufus version 4.6 or later and Windows 11 ISO. 2. Prepare a USB flash drive (16GB or larger). 3. Launch Rufus, select the USB drive, choose the Windows 11 ISO, and check the box to remove requirements for 4GB+ RAM, Secure Boot, and TPM 2.0. 4. Create the bootable drive and run Setup.exe from the USB drive. These methods are unofficial workarounds. Users may encounter compatibility warnings, and the registry method is preferred for its simplicity. Some very old systems, especially those with AMD processors lacking SSE4.2 support, may still be incompatible.

Winsage

April 1, 2025

Windows 10’s “update” turns off seconds on the taskbar’s Calendar flyout

The upcoming Windows 10 update on April 8, 2025, will remove the display of seconds in the Calendar flyout. This change is part of the Windows 10 KB5053643 optional update, which is being rolled out but will not install automatically. The Calendar flyout will still appear when users click on the time and date in the taskbar, but it will no longer show seconds. Microsoft has previously cited performance concerns as the reason for excluding seconds from the graphical user interface. Support for Windows 10 is set to end on October 14, 2025.

Winsage

March 31, 2025

Here’s a new trick to installing Windows 11 without a Microsoft account

Microsoft removed the BypassNRO.cmd script from the preview versions of Windows 11 for Insiders on the Dev Channel to enhance security and user experience, ensuring all users exit setup with internet connectivity and a Microsoft Account. The script previously allowed users to bypass the Microsoft Account requirement during installation. A new workaround has been discovered by Windows Insider testers, allowing users to create a local account during installation by entering a specific command in the command prompt. The removal of BypassNRO.cmd currently affects only the preview version, while the script remains available in public versions of Windows 11. It is expected that the script will be phased out from all Windows 11 PCs later this year.

Winsage

March 30, 2025

Microsoft’s killing script used to avoid Microsoft Account in Windows 11

Microsoft has removed the 'BypassNRO.cmd' script from the Windows 11 Insider Dev preview build to enhance security and user experience, requiring users to log in with a Microsoft Account during installation. This change reflects Microsoft's ongoing emphasis on using a Microsoft Account since the launch of Windows 11, making it difficult to set up the operating system with a local account. Users previously used the script to bypass this requirement by creating a Registry value that allowed them to proceed without an internet connection. Although the script is no longer available, the BypassNRO Registry value remains intact, and users can still achieve the same outcome by manually modifying the Windows Registry. However, there is a possibility that Microsoft may disable this Registry value in the future.

Winsage

March 17, 2025

Invisible Windows Rootkit Hides Dangerous Files Using This Prefix

Obscure#Bat is a malware campaign targeting Windows users that uses obfuscated batch scripts to deploy a user-mode rootkit, which can hide its activities from standard security measures. It stores hidden scripts in the Windows Registry and can conceal files, registry entries, and running processes through application programming interface hooking. The malware can embed itself within legitimate Windows processes, making it undetectable by conventional security methods, and is capable of deleting evidence of its activity. Attackers use social engineering tactics, such as fake CAPTCHA tests and legitimate software tools, to lure victims into executing the malicious batch file. The rootkit obscures files, processes, or registry keys that begin with the “$nya-” prefix and is identified as an open-source ring-3 rootkit known as r77. It avoids kernel modifications and relies on registry and scheduled tasks for persistence, allowing it to evade detection by traditional kernel-based security tools. Windows users are advised to be cautious of social engineering tactics and to inspect batch files in a text editor before execution.

Winsage

March 12, 2025

4 reasons PowerToys Run is the best Spotlight alternative for Windows users

PowerToys is a suite of productivity tools for Windows users, featuring PowerToys Run, which serves as an alternative to macOS's Spotlight. PowerToys Run allows users to launch applications and search for files quickly and efficiently, with built-in plug-ins for searching the Windows registry, executing terminal commands, converting units, performing calculations, creating timestamps, and conducting web searches. It offers high customization options, enabling users to adjust settings for an optimized search experience. Additionally, it supports third-party extensions for enhanced functionality, such as browser history searches and direct queries to ChatGPT. The entire PowerToys suite includes other tools like FancyZones for window management and PowerRename for file renaming, contributing to improved workflow efficiency.

Winsage

March 10, 2025

How to Improve Game Data Loading Times in Windows

Most modern games rely on real-time asset loading, making storage choice crucial for optimal gaming. A slow SSD or HDD can lead to long loading times and performance issues. 1. Disabling NTFS Last Access Time can improve loading speeds by reducing disk overhead. This can be done via Command Prompt with the command: fsutil behavior set disablelastaccess 1. 2. Enabling Large System Cache can enhance performance for games with substantial assets, requiring at least 16 GB of RAM and editing the Windows Registry. 3. Disabling antivirus scanning for the game folder can reduce loading times by preventing real-time scans. This can be done through Windows Security settings. 4. Using an exFAT drive can efficiently process large files, which may benefit games with sizable assets. This involves creating a new volume in Disk Management. 5. Disabling Full-Screen Optimizations can reduce input lag and improve performance by changing settings in the game's executable properties. 6. Increasing Shader Cache Size can improve loading times, with Nvidia users advised to set it to 10 GB or Unlimited in the Nvidia Control Panel. 7. Using a third-party cache management program like PrimoCache can enhance loading times by reserving RAM for caching frequently used programs.

Winsage

March 8, 2025

Free Alternatives to Paid Windows Software

Windows operating systems often require third-party software for specialized tasks, with free alternatives available to replace paid options. 1. BleachBit is used for system cleaning as a free substitute for CCleaner Pro, effectively enhancing PC performance by removing unnecessary data without tampering with the Windows Registry. 2. Bulk Crap Uninstaller (BCUninstaller) is a free tool for uninstalling programs and bloatware, scanning for leftover files and simplifying the cleanup process with filtering options and color-coded listings. 3. Google Docs is preferred over Microsoft 365 for its user-friendly nature and free 15 GB storage per Gmail account, while LibreOffice is recommended as an alternative for standalone applications. 4. GIMP serves as a free substitute for Adobe Photoshop, offering essential graphic design tools without being resource-intensive. 5. Kdenlive is a free video editor that meets basic video editing needs and is compatible with lower-end PCs, providing a comprehensive suite of features and regular updates. 6. Audacity is used for audio editing, capable of handling both basic and professional tasks, with tools for noise elimination and vocal enhancement. 7. 7-Zip is a lightweight file compression and archiving tool that offers superior compression capabilities and password protection, operating unobtrusively in the background.

Winsage

March 1, 2025

7 reasons you simply HAVE to use PowerToys Run on your Windows 11 PC

PowerToys Run is a versatile launcher for Windows 11 that enhances user interaction with the operating system. It allows users to perform calculations directly by typing = followed by numbers or equations, execute terminal commands by entering commands like > wsl.exe -d Fedora, and search Windows Settings more efficiently by typing $ followed by a search term. Users can also quickly locate files by using ? followed by the search term, launch web addresses by typing the URL or using //, and navigate the Windows Registry by entering : followed by the desired term. PowerToys Run improves functionality and user experience compared to the traditional Start Menu.

Winsage

February 27, 2025

LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager

LCRYX ransomware, a VBScript-based threat, re-emerged in February 2025 after first appearing in November 2024. It encrypts files with the .lcryx extension and demands a ransom of 0 in Bitcoin for decryption. The ransomware operates with administrative privileges, disables essential system tools like Task Manager and Command Prompt, and restricts access to the Control Panel. It prevents the execution of diagnostic tools and disables inactivity timeouts. LCRYX ensures persistence by modifying registry settings and remapping keyboard keys. It uses a combination of Caesar cipher and XOR encryption techniques, eliminates backups, and makes recovery nearly impossible. The malware terminates essential processes, overwrites the Master Boot Record, and disables real-time monitoring features of antivirus solutions. After encryption, it generates a ransom note directing victims to a payment website. Some variants display pop-ups revealing the victim’s IP address or launch unrelated applications. Users are advised to implement comprehensive security solutions and maintain regular backups.