How Do Tipsters Discover Previously Unknown Registry Keys?


geekinchief

Well-known member
Local time
2:29 AM
Posts
16
OS
Windows 11
I've been wondering how folks go about discovering new registry keys in Windows 11 (or 10) like, for example, the Strart_ShowClassicMode key: how did the first person who found that, find it? It's not in the registry already so did they get a tip from someone at Microsoft?

I have tried using Process Monitor, which logs all queries for Registry keys, to see if the system is querying for any interesting keys that don't exist by default, but I'm not finding anything. It doesn't even show Start_ShowClassicMode as something Windows 11 looks for, unless you have already created the key. What's the trick that the pros use to find out about these secret keys?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo ThinkPad X1 Carbon
    CPU
    Core i7-8550U
    Memory
    16GB
    Graphics Card(s)
    Intel HD Graphics
    Screen Resolution
    1920 x 1080
    Browser
    Chrome
Hello geekinchief, welcome to Eleven Forums.

all it takes is someone at Microsoft to create the keys for the purpose of software development, then for someone else to publish the results. Microsoft used to publish a book called Windows Registry Guide by Jerry Honeycutt on Microsoft Press. That book is not maintained and updated. Microsoft dose not like people playing with the registry directly, as it is so error prone - better to use Group Policy, but Group Policy does not cover everything.
 

My Computers

System One System Two

  • OS
    Windows 11
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 5600
    Motherboard
    MSI B550-A Pro
    Memory
    16 GB
    Graphics Card(s)
    Sapphire Radeon RX 6500XT (8 GB version)
    Monitor(s) Displays
    BenQ Mobuiz EX2710Q QHD, Iiyama ProLite X23377HDS
    Hard Drives
    MSI Spatium M461 4TB
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Acer A114
    CPU
    Intel Celeron N4020
MS documents everything so if you do not have access to it, it is only a matter of time till it leaks.
If you are part of Business or Developers, you will get access to it ASAP, otherwise you have to wait.
I watch for the latest security baseline where tweaks are posted or alternatively something like admx.

I have just updated my tweaks for the Edge 92 to automatically use HTTPS, new policies are on top.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 3600 & No fTPM (07/19)
    Motherboard
    MSI B450 TOMAHAWK 7C02v1E & IFX TPM (07/19)
    Memory
    4x 8GB ADATA XPG GAMMIX D10 DDR4 3200MHz CL16
    Graphics Card(s)
    MSI Radeon RX 580 ARMOR 8G OC @48FPS (08/19)
    Sound Card
    Creative Sound Blaster Z (11/16)
    Monitor(s) Displays
    24" Philips 24M1N3200ZS/00 (05/24)
    Screen Resolution
    1920×1080@165Hz via DP1.4
    Hard Drives
    ADATA XPG GAMMIX S11 Pro SSD 512GB (07/19)
    PSU
    Seasonic M12II-520 80 Plus Bronze (11/16)
    Case
    Lian Li PC-7NB & 3x Noctua NF-S12A FLX@700rpm (11/16)
    Cooling
    CPU Cooler Noctua NH-U12S@700rpm (07/19)
    Keyboard
    HP Wired Desktop 320K + Rabalux 76017 Parker (01/24)
    Mouse
    Logitech M330 Silent Plus (04/23)
    Internet Speed
    400/40 Mbps via RouterOS (05/21) & TCP Optimizer
    Browser
    Edge & Brave for YouTube & LibreWolf for FB
    Antivirus
    NoAV & Binisoft WFC & NextDNS
    Other Info
    Notifier: Xiaomi Mi Band 7 NFC (05/24)
    Headphones: Sennheiser RS170 (09/10)
    Phone: Samsung Galaxy Xcover 7 (02/24)
Interesting as I was wondering the very same thing and these tweaks appear almost as soon as the OS goes live. The information must be out there somewhere... and we are very pleased it is :cool:
 

My Computer

System One

  • OS
    W11 Pro x64 24H2 Dev
    Computer type
    Laptop
    Manufacturer/Model
    Dell 7760 Mobile Precision 17"
    CPU
    Intel i5
    Motherboard
    Unknown
    Memory
    8Gb
    Graphics Card(s)
    Intel HD Graphics
    Sound Card
    Realtek
    Monitor(s) Displays
    Internal
    Hard Drives
    2 x 256Gb SSD
    PSU
    Dell 240 watt
    Mouse
    Dell Premier Bluetooth
    Internet Speed
    50Mbps
    Browser
    Edge
    Antivirus
    Default Microsoft Security
Hi there
How do hackers get into systems, CIA agents break into Russian systems / vice versa. People start probably by debugging and memory dumping everything and probably looking at 1000's of registry keys looking to see what they do or where they are used etc etc. Probaly takes them hours and hours too at cost of a lot of oher more exciting things in life to do. !!

It's not impossible but a lot of work.

I'm not sure there's one of those yellow "Idiots Guide" to hacking around but who knows what's available on the "Dark Web".

The real answer is probably echoed by "Those in the know" following the famous Hollywood line -- If I told you --I'd have to kill you.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7
I've been wondering how folks go about discovering new registry keys in Windows 11 (or 10) like, for example, the Strart_ShowClassicMode key: how did the first person who found that, find it? It's not in the registry already so did they get a tip from someone at Microsoft?

I have tried using Process Monitor, which logs all queries for Registry keys, to see if the system is querying for any interesting keys that don't exist by default, but I'm not finding anything. It doesn't even show Start_ShowClassicMode as something Windows 11 looks for, unless you have already created the key. What's the trick that the pros use to find out about these secret keys?
You might be interested in the life and works of Mark Russinovich, a brilliant computer genius who discovered and revealed so much about the inner workings of Windows, that Microsoft bought his company and gave him an excellent position within the company, currently CTO of Microsoft Azure: Mark Russinovich - Wikipedia
 

My Computer

System One

  • OS
    Windows 11, update 21H2 29/06/2021 10.0.22000.51
    Computer type
    PC/Desktop
    Manufacturer/Model
    Apple iMac9,1
    CPU
    Intel(R) Core(TM)2 Duo E8435 @ 3.06GHz
    Motherboard
    Apple Inc. Mac-F2218FA9
    Memory
    8 GB DDR3
    Graphics Card(s)
    Nvidia GForce GT 130
    Sound Card
    Realtek HD audio
    Monitor(s) Displays
    Imac 2009 23"
    Screen Resolution
    1920x1200
    Hard Drives
    WDC WD1001FALS-40K1B0 SATA 1TB
    PSU
    Apple
    Case
    Aluminium (or is it Aluminum?)
    Cooling
    Fan
    Keyboard
    USB UK extended generic
    Mouse
    Novatech USB wheel optical mouse
    Internet Speed
    51.4 down 16.7 up ethernet
    Browser
    Chrome
    Antivirus
    MS Defender
    Other Info
    obtained secondhand from CEX 2018 £140

Latest Support Threads

Back
Top Bottom