I received my copy of Harlan Carvey's, "Windows Registry Forensics" over the weekend and I am really excited to start reading it!
The registry is a GOLD MINE of forensic artifacts that can really put some teeth in your investigations. If you do not have this book yet, BUY IT!!! Harlan has not disappointed yet with any of his published works, and I don't expect this will be any different.
Look for a book review from me in the coming weeks. But seriously, if you are doing forensic investigations on Windows systems, and you don't yet have a copy of this book, you are really missing something. You have NO IDEA how useful this information can be!