"Time of Day","Process Name","PID","Operation","Path","Result","Detail"
"22:34:32.2422848","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2423090","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2423262","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2423496","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2423802","Explorer.EXE","3844","RegOpenKey","HKCR\.wav","SUCCESS","Desired Access: Query Value"
"22:34:32.2424155","Explorer.EXE","3844","RegQueryKey","HKCR\.wav","SUCCESS","Query: Name"
"22:34:32.2424342","Explorer.EXE","3844","RegQueryKey","HKCR\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2424622","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2424833","Explorer.EXE","3844","RegQueryValue","HKCR\.wav\(Default)","SUCCESS","Type: REG_SZ, Length: 32, Data: Winamp.File.wav"
"22:34:32.2425066","Explorer.EXE","3844","RegCloseKey","HKCR\.wav","SUCCESS",""
"22:34:32.2425289","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2425476","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2425649","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2425844","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav\OpenWithProgids","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2426063","Explorer.EXE","3844","RegOpenKey","HKCR\.wav\OpenWithProgids","SUCCESS","Desired Access: Read"
"22:34:32.2426327","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: Cached, SubKeys: 0, Values: 3"
"22:34:32.2426515","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: Name"
"22:34:32.2426699","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2426944","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav\OpenWithProgIds","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2427174","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: Name"
"22:34:32.2427365","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2427603","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav\OpenWithProgIds","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2427810","Explorer.EXE","3844","RegEnumValue","HKCR\.wav\OpenWithProgIds","SUCCESS","Index: 0, Length: 220"
"22:34:32.2428017","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: Name"
"22:34:32.2428212","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2428453","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav\OpenWithProgIds","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2428645","Explorer.EXE","3844","RegEnumValue","HKCR\.wav\OpenWithProgIds","SUCCESS","Index: 1, Length: 220"
"22:34:32.2428840","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: Name"
"22:34:32.2429032","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2429269","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav\OpenWithProgIds","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2429461","Explorer.EXE","3844","RegEnumValue","HKCR\.wav\OpenWithProgIds","SUCCESS","Index: 2, Length: 220"
"22:34:32.2429652","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: Name"
"22:34:32.2429844","Explorer.EXE","3844","RegQueryKey","HKCR\.wav\OpenWithProgIds","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2430082","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav\OpenWithProgIds","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2430273","Explorer.EXE","3844","RegEnumValue","HKCR\.wav\OpenWithProgIds","NO MORE ENTRIES","Index: 3, Length: 220"
"22:34:32.2430465","Explorer.EXE","3844","RegCloseKey","HKCR\.wav\OpenWithProgIds","SUCCESS",""
"22:34:32.2430672","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2430855","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2431028","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2431304","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2431557","Explorer.EXE","3844","RegOpenKey","HKCR\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2431802","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2431986","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2432158","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2432350","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2432557","Explorer.EXE","3844","RegOpenKey","HKCR\.wav","SUCCESS","Desired Access: Read"
"22:34:32.2432794","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2432993","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav","SUCCESS","Desired Access: Read"
"22:34:32.2433265","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2433457","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav","SUCCESS","Desired Access: Read"
"22:34:32.2433656","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2433848","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice","SUCCESS","Desired Access: Query Value"
"22:34:32.2434093","Explorer.EXE","3844","RegQueryValue","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice\Progid","SUCCESS","Type: REG_SZ, Length: 62, Data: Applications\freacPortable.exe"
"22:34:32.2434307","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice","SUCCESS",""
"22:34:32.2434499","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav","SUCCESS",""
"22:34:32.2434679","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav","SUCCESS",""
"22:34:32.2434867","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2435051","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2435223","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2435418","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Desired Access: Read"
"22:34:32.2435679","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS",""
"22:34:32.2435863","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2436043","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2436212","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2436407","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Desired Access: Read"
"22:34:32.2436621","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2436809","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2436982","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2437177","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe\CurVer","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2437399","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe\CurVer","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2437625","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2437805","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2437978","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2438165","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Desired Access: Read"
"22:34:32.2438369","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS",""
"22:34:32.2438545","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2438729","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2438901","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2439096","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Desired Access: Read"
"22:34:32.2439292","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS",""
"22:34:32.2439487","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2439660","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2439821","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2440008","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe\ShellEx\IconHandler","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2440215","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe\ShellEx\IconHandler","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2440441","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2440621","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2440794","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2440985","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2441395","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Desired Access: Read"
"22:34:32.2441771","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2441966","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2442250","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav\ShellEx\IconHandler","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2442456","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2442648","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\.wav\ShellEx\IconHandler","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2442966","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2443161","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2443334","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2443533","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2443755","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\audio","SUCCESS","Desired Access: Read"
"22:34:32.2443985","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2444161","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2444391","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio\ShellEx\IconHandler","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2444587","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2444774","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\audio\ShellEx\IconHandler","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2444981","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2445165","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2445361","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2445544","Explorer.EXE","3844","RegQueryValue","HKCU\Software\Classes\Applications\freacPortable.exe\DocObject","NAME NOT FOUND","Length: 144"
"22:34:32.2445717","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2445889","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2446050","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2446242","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe\DocObject","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2446437","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe\DocObject","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2446629","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2446805","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2447035","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2447219","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\.wav\DocObject","NAME NOT FOUND","Length: 144"
"22:34:32.2447395","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2447563","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2447782","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav\DocObject","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2447970","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2448153","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\.wav\DocObject","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2448341","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2448514","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2448732","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2448912","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\audio\DocObject","NAME NOT FOUND","Length: 144"
"22:34:32.2449081","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2449249","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2449464","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio\DocObject","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2449648","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2449835","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\audio\DocObject","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2450019","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2450199","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2450391","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2450571","Explorer.EXE","3844","RegQueryValue","HKCU\Software\Classes\Applications\freacPortable.exe\BrowseInPlace","NAME NOT FOUND","Length: 144"
"22:34:32.2450740","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2450912","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2451073","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2451276","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe\BrowseInPlace","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2451479","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe\BrowseInPlace","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2451667","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2451839","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2452065","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2452245","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\.wav\BrowseInPlace","NAME NOT FOUND","Length: 144"
"22:34:32.2452414","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2452582","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2452801","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav\BrowseInPlace","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2452989","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2453176","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\.wav\BrowseInPlace","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2453352","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2453521","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2453743","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2453920","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\audio\BrowseInPlace","NAME NOT FOUND","Length: 144"
"22:34:32.2454088","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2454257","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2454471","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio\BrowseInPlace","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2454659","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2454843","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\audio\BrowseInPlace","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2455046","Explorer.EXE","3844","RegQueryKey","HKCR\.wav","SUCCESS","Query: Name"
"22:34:32.2455222","Explorer.EXE","3844","RegQueryKey","HKCR\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2455444","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2455624","Explorer.EXE","3844","RegQueryValue","HKCR\.wav\Content Type","SUCCESS","Type: REG_SZ, Length: 20, Data: audio/wav"
"22:34:32.2455835","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2456015","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2456184","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2456375","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\Applications\freacPortable.exe\Clsid","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2456575","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe\Clsid","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2456778","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2456950","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2457195","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav\Clsid","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2457383","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2457574","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\.wav\Clsid","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2457758","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2457935","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2458157","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio\Clsid","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2458348","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2458536","Explorer.EXE","3844","RegOpenKey","HKCR\SystemFileAssociations\audio\Clsid","NAME NOT FOUND","Desired Access: Query Value"
"22:34:32.2458720","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2458896","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2459092","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2459276","Explorer.EXE","3844","RegQueryValue","HKCU\Software\Classes\Applications\freacPortable.exe\IsShortcut","NAME NOT FOUND","Length: 144"
"22:34:32.2459448","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2459617","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2459843","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2460023","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\.wav\IsShortcut","NAME NOT FOUND","Length: 144"
"22:34:32.2460195","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2460364","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2460582","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2460762","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\audio\IsShortcut","NAME NOT FOUND","Length: 144"
"22:34:32.2460938","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2461115","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2461333","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2461513","Explorer.EXE","3844","RegQueryValue","HKCU\Software\Classes\Applications\freacPortable.exe\AlwaysShowExt","NAME NOT FOUND","Length: 144"
"22:34:32.2461682","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2461850","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2462076","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2462252","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\.wav\AlwaysShowExt","NAME NOT FOUND","Length: 144"
"22:34:32.2462429","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2462597","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2462816","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2462996","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\audio\AlwaysShowExt","NAME NOT FOUND","Length: 144"
"22:34:32.2463176","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: Name"
"22:34:32.2463352","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2463547","Explorer.EXE","3844","RegOpenKey","HKCR\Applications\freacPortable.exe","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2463724","Explorer.EXE","3844","RegQueryValue","HKCU\Software\Classes\Applications\freacPortable.exe\NeverShowExt","NAME NOT FOUND","Length: 144"
"22:34:32.2463892","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: Name"
"22:34:32.2464065","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\.wav","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2464283","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\.wav","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2464463","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\.wav\NeverShowExt","NAME NOT FOUND","Length: 144"
"22:34:32.2464635","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: Name"
"22:34:32.2464804","Explorer.EXE","3844","RegQueryKey","HKCR\SystemFileAssociations\audio","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2465026","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\SystemFileAssociations\audio","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2465202","Explorer.EXE","3844","RegQueryValue","HKCR\SystemFileAssociations\audio\NeverShowExt","NAME NOT FOUND","Length: 144"
"22:34:32.2465409","Explorer.EXE","3844","RegCloseKey","HKCR\SystemFileAssociations\audio","SUCCESS",""
"22:34:32.2465597","Explorer.EXE","3844","RegCloseKey","HKCR\SystemFileAssociations\.wav","SUCCESS",""
"22:34:32.2465773","Explorer.EXE","3844","RegCloseKey","HKCR\.wav","SUCCESS",""
"22:34:32.2465946","Explorer.EXE","3844","RegCloseKey","HKCU\Software\Classes\Applications\freacPortable.exe","SUCCESS",""
"22:34:32.2466528","Explorer.EXE","3844","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2466723","Explorer.EXE","3844","RegOpenKey","HKLM\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.wav","SUCCESS","Desired Access: Query Value"
"22:34:32.2467015","Explorer.EXE","3844","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.wav\(Default)","SUCCESS","Type: REG_SZ, Length: 78, Data: {e46787a1-4629-4423-a693-be1f003b2742}"
"22:34:32.2467202","Explorer.EXE","3844","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.wav","SUCCESS",""
"22:34:32.2467777","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2467972","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2468130","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2468317","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\OverrideFileSystemProperties","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2468562","Explorer.EXE","3844","RegOpenKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\OverrideFileSystemProperties","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2468869","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2469034","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2469187","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2469367","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2469574","Explorer.EXE","3844","RegOpenKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Desired Access: Read"
"22:34:32.2469777","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: Name"
"22:34:32.2469942","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2470164","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2470352","Explorer.EXE","3844","RegQueryValue","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\DisableProcessIsolation","NAME NOT FOUND","Length: 144"
"22:34:32.2470513","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: Name"
"22:34:32.2470677","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2470892","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2471072","Explorer.EXE","3844","RegQueryValue","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\NoOplock","NAME NOT FOUND","Length: 144"
"22:34:32.2471267","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: Name"
"22:34:32.2471440","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2471593","Explorer.EXE","3844","RegQueryKey","HKCU\Software\Classes","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2471781","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\ExplorerCLSIDFlags\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2471988","Explorer.EXE","3844","RegOpenKey","HKCR\ExplorerCLSIDFlags\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Read"
"22:34:32.2472175","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: Name"
"22:34:32.2472340","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2472555","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2472735","Explorer.EXE","3844","RegQueryValue","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\UseInProcHandlerCache","NAME NOT FOUND","Length: 144"
"22:34:32.2472892","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: Name"
"22:34:32.2473053","Explorer.EXE","3844","RegQueryKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.2473267","Explorer.EXE","3844","RegOpenKey","HKCU\Software\Classes\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","NAME NOT FOUND","Desired Access: Maximum Allowed"
"22:34:32.2473443","Explorer.EXE","3844","RegQueryValue","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\UseOutOfProcHandlerCache","NAME NOT FOUND","Length: 144"
"22:34:32.2473620","Explorer.EXE","3844","RegCloseKey","HKCR\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}","SUCCESS",""
"22:34:32.2496255","Explorer.EXE","3844","Thread Exit","","SUCCESS","Thread ID: 7824, User Time: 0.0624004, Kernel Time: 0.9672062"
"22:34:32.3523358","Explorer.EXE","3844","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"22:34:32.3523672","Explorer.EXE","3844","RegOpenKey","HKLM\SOFTWARE\Microsoft\CTF\KnownClasses","NAME NOT FOUND","Desired Access: Read"
"22:34:32.3534178","Explorer.EXE","3844","Thread Exit","","SUCCESS","Thread ID: 7592, User Time: 0.4368028, Kernel Time: 0.1872012"