Timeline for What is the difference between the ShowSuperHidden and SuperHidden registry values?
Current License: CC BY-SA 3.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 1, 2018 at 14:33 | comment | added | Todd | I joined SuperUser to upvote this! You included a number of useful things in addition to SuperHidden: another use of ProcMon, the incredible IDA tool, plus the tips in the linked question. Thank you! | |
| Aug 15, 2017 at 14:06 | comment | added | Ben N | @Biswa Good question! Different compiler/linker versions sometimes lay out the output files differently. Additionally, I think that screenshot is from a 64-bit version, while mine are from 32-bit systems, which will cause addresses and sizes to be different. | |
| Aug 15, 2017 at 13:47 | comment | added | Biswapriyo | Why Windows 10 shell32.dll shows a different address of Show SuperHidden? image. | |
| Aug 14, 2017 at 14:16 | history | edited | Ben N | CC BY-SA 3.0 |
added 57 characters in body
|
| Aug 14, 2017 at 1:07 | comment | added | Vomit IT - Chunky Mess Style | Very nice +1 and on the other post as well. | |
| Aug 14, 2017 at 0:32 | comment | added | Hashim Aziz |
+1, some great detective work here. Based on this it seems pretty conclusive that the SuperHidden key was a mistake. The OCD in me really wishes they'd actually used that key instead of ShowSuperHidden, just for the sake of naming consistency with Hidden.
|
|
| Aug 14, 2017 at 0:28 | vote | accept | Hashim Aziz | ||
| Aug 13, 2017 at 20:55 | comment | added | Ben N |
@Biswa Right, explorer.exe is the process responsible for the change, but it is code inside shell32.dll (which Explorer loads) that makes the call. To see DLLs involved, double-click an event and switch to the Stack tab. The frame before kernel32.dll or kernelbase.dll is usually a good one to investigate, but it's not always clear, which is why I checked several DLL files.
|
|
| Aug 13, 2017 at 20:49 | comment | added | Biswapriyo | How did you find it is shell32.dll? Process Monitor shows explorer.exe changes this registry? | |
| Aug 13, 2017 at 19:17 | history | answered | Ben N | CC BY-SA 3.0 |
