Tour of Interesting Registry Places, Part II

Open up your Registry Editor or registry inspector of your choice and check out these cool places in Windows! All of these things start in \HKCU\Software\Microsoft\Windows\CurrentVersion

• \AccountPicture points to, obviously, your account picture, but also your name. Your name doesn't have to be the same as the name of your Microsoft account. Those parts are stored in FirstName and LastName, both of which will be overridden if DisplayName is not blank.
• \Authentication\LogonUI\Notifications\Badge contains one folder for each application that can display a notification on the lock screen. There are keys for the version, rank in the list, and what looks like a COM+ package descriptor.
• \Explorer\Advanced has settings for Windows Explorer that aren't usually accessible. Most of them seem to be Booleans, but there are some that take integers, all as a REG_DWORD. Notable are DontPrettyPath, IconsOnly, ServerAdminUI, and ShowInfoTip.
• \Explorer\BitBucket\Volume\ keeps the Recycle Bin settings for your drives, each of which gets its own folder. Each folder contains MaxCapacity, the number of megabytes your RB can hold, and NukeOnDelete, which specifies whether or not to permadelete all the time.
• \Explorer\FileExts, which might be the target of HKCR, manages the "Open With" list for each file extension. It can contain the folders OpenWithList and OpenWithProgids for each extension. In OpenWithList, MRUList is a list of characters, the key named by each of which contains one entry. OpenWithProgids contains the friendly name of the file type.
• \Explorer\Ribbon contains QatItems, an XML string stored as a REG_BINARY. It appears to be where the Explorer ribbon loads its items from.
• \Explorer\RunMRU lists the autocomplete items in the Run box, stored in a manner similar to that of OpenWithList under FileExts.
• \Policies\Explorer has a single entry, NoDriveTypeAutoRun. I'm fairly certain it will switch off auto-run for all removable drives, a wise security measure.