[files]
Total=1

[cmd]
numSections=45
1=FILE_BASED VERB_FILE_COPY OBJ_FILE 1
Total=65
2=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 2
3=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 3
4=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 4
5=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 5
6=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 6
7=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 7
8=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 8
9=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 9
10=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 10
11=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 11
12=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 12
13=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 13
14=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 14
15=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 15
16=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 16
17=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 17
18=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 18
19=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 19
20=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 20
21=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 21
22=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 22
23=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 23
24=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 24
25=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 25
26=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 26
27=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 27
28=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 28
29=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 29
30=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 30
31=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 31
32=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 32
33=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 33
34=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 34
35=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 35
36=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 36
37=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 37
38=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 38
39=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 39
40=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 40
41=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 41
42=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 42
43=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 43
44=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 44
45=REGISTRY_BASED VERB_RESTORE_REG_VALUE OBJ_REG_VALUE 45
46=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 4
47=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 6
48=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 8
49=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 9
50=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 11
51=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 15
52=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 17
53=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 19
54=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 20
55=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 22
56=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 26
57=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 28
58=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 30
59=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 31
60=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 33
61=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 37
62=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 39
63=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 41
64=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 42
65=REGISTRY_BASED VERB_RESTORE_REG_KEY OBJ_REG_METADATA 44

[1]
name=drivefsext.dll.bak
orig=%ProgramFiles%\Google\Drive File Stream\92.0.0.0\drivefsext.dll
DateA=2024/06/03 12:30:16
SD=O:BAG:SYD:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU)(A;ID;0x1200a9;;;AC)(A;ID;0x1200a9;;;S-1-15-2-2)
attrib=32
DateC=2024/06/03 12:30:16
DateM=2024/06/03 12:30:16
hash=93D0E487

[reg]
Total=44

[2]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[3]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\InProcServer32
param=ThreadingModel
data=\u0041\u0070\u0061\u0072\u0074\u006D\u0065\u006E\u0074
dataDecoded=Apartment
hash=B957A8FA

[4]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2024/06/03 12:30:22
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[5]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[6]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[7]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[8]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[9]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u0043\u006C\u006F\u0075\u0064\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDriveCloudOverlayIconHandler
hash=99328722

[10]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{A8E52322-8734-481D-A7E2-27B309EF8D56}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u0043\u006C\u006F\u0075\u0064\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDriveCloudOverlayIconHandler
hash=99328722

[11]
hive=HKLM
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;ID;KR;;;BU)(A;CIIOID;GR;;;BU)(A;ID;KA;;;BA)(A;CIIOID;GA;;;BA)(A;ID;KA;;;SY)(A;CIIOID;GA;;;SY)(A;CIIOID;GA;;;CO)(A;ID;KR;;;AC)(A;CIIOID;GR;;;AC)(A;ID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)(A;CIIOID;GR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDriveCloudOverlayIconHandler
param=
data=\u007B\u0041\u0038\u0045\u0035\u0032\u0033\u0032\u0032\u002D\u0038\u0037\u0033\u0034\u002D\u0034\u0038\u0031\u0044\u002D\u0041\u0037\u0045\u0032\u002D\u0032\u0037\u0042\u0033\u0030\u0039\u0045\u0046\u0038\u0044\u0035\u0036\u007D
dataDecoded={A8E52322-8734-481D-A7E2-27B309EF8D56}
hash=3B6EECCC

[12]
hive=HKLM
type=REG_SZ
redir=0
empty=0
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDriveCloudOverlayIconHandler
param=
data=\u007B\u0041\u0038\u0045\u0035\u0032\u0033\u0032\u0032\u002D\u0038\u0037\u0033\u0034\u002D\u0034\u0038\u0031\u0044\u002D\u0041\u0037\u0045\u0032\u002D\u0032\u0037\u0042\u0033\u0030\u0039\u0045\u0046\u0038\u0044\u0035\u0036\u007D
dataDecoded={A8E52322-8734-481D-A7E2-27B309EF8D56}
hash=3B6EECCC

[13]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[14]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\InProcServer32
param=ThreadingModel
data=\u0041\u0070\u0061\u0072\u0074\u006D\u0065\u006E\u0074
dataDecoded=Apartment
hash=B957A8FA

[15]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2024/06/03 12:30:22
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[16]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[17]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[18]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[19]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[20]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u004D\u0069\u0072\u0072\u006F\u0072\u0042\u006C\u0061\u0063\u006B\u006C\u0069\u0073\u0074\u0065\u0064\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDriveMirrorBlacklistedOverlayIconHandler
hash=5C12201A

[21]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{51EF1569-67EE-4AD6-9646-E726C3FFC8A2}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u004D\u0069\u0072\u0072\u006F\u0072\u0042\u006C\u0061\u0063\u006B\u006C\u0069\u0073\u0074\u0065\u0064\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDriveMirrorBlacklistedOverlayIconHandler
hash=5C12201A

[22]
hive=HKLM
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;ID;KR;;;BU)(A;CIIOID;GR;;;BU)(A;ID;KA;;;BA)(A;CIIOID;GA;;;BA)(A;ID;KA;;;SY)(A;CIIOID;GA;;;SY)(A;CIIOID;GA;;;CO)(A;ID;KR;;;AC)(A;CIIOID;GR;;;AC)(A;ID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)(A;CIIOID;GR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDriveMirrorBlacklistedOverlayIconHandler
param=
data=\u007B\u0035\u0031\u0045\u0046\u0031\u0035\u0036\u0039\u002D\u0036\u0037\u0045\u0045\u002D\u0034\u0041\u0044\u0036\u002D\u0039\u0036\u0034\u0036\u002D\u0045\u0037\u0032\u0036\u0043\u0033\u0046\u0046\u0043\u0038\u0041\u0032\u007D
dataDecoded={51EF1569-67EE-4AD6-9646-E726C3FFC8A2}
hash=A60E78C5

[23]
hive=HKLM
type=REG_SZ
redir=0
empty=0
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDriveMirrorBlacklistedOverlayIconHandler
param=
data=\u007B\u0035\u0031\u0045\u0046\u0031\u0035\u0036\u0039\u002D\u0036\u0037\u0045\u0045\u002D\u0034\u0041\u0044\u0036\u002D\u0039\u0036\u0034\u0036\u002D\u0045\u0037\u0032\u0036\u0043\u0033\u0046\u0046\u0043\u0038\u0041\u0032\u007D
dataDecoded={51EF1569-67EE-4AD6-9646-E726C3FFC8A2}
hash=A60E78C5

[24]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[25]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\InProcServer32
param=ThreadingModel
data=\u0041\u0070\u0061\u0072\u0074\u006D\u0065\u006E\u0074
dataDecoded=Apartment
hash=B957A8FA

[26]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2024/06/03 12:30:22
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[27]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[28]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[29]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[30]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[31]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u0050\u0069\u006E\u006E\u0065\u0064\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDrivePinnedOverlayIconHandler
hash=68316B7F

[32]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u0050\u0069\u006E\u006E\u0065\u0064\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDrivePinnedOverlayIconHandler
hash=68316B7F

[33]
hive=HKLM
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;ID;KR;;;BU)(A;CIIOID;GR;;;BU)(A;ID;KA;;;BA)(A;CIIOID;GA;;;BA)(A;ID;KA;;;SY)(A;CIIOID;GA;;;SY)(A;CIIOID;GA;;;CO)(A;ID;KR;;;AC)(A;CIIOID;GR;;;AC)(A;ID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)(A;CIIOID;GR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDrivePinnedOverlayIconHandler
param=
data=\u007B\u0043\u0046\u0045\u0038\u0042\u0033\u0036\u0037\u002D\u0037\u0037\u0041\u0037\u002D\u0034\u0031\u0044\u0037\u002D\u0039\u0043\u0039\u0030\u002D\u0037\u0035\u0044\u0031\u0036\u0044\u0037\u0044\u0043\u0036\u0042\u0036\u007D
dataDecoded={CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}
hash=059CF04D

[34]
hive=HKLM
type=REG_SZ
redir=0
empty=0
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDrivePinnedOverlayIconHandler
param=
data=\u007B\u0043\u0046\u0045\u0038\u0042\u0033\u0036\u0037\u002D\u0037\u0037\u0041\u0037\u002D\u0034\u0031\u0044\u0037\u002D\u0039\u0043\u0039\u0030\u002D\u0037\u0035\u0044\u0031\u0036\u0044\u0037\u0044\u0043\u0036\u0042\u0036\u007D
dataDecoded={CFE8B367-77A7-41D7-9C90-75D16D7DC6B6}
hash=059CF04D

[35]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[36]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\InProcServer32
param=ThreadingModel
data=\u0041\u0070\u0061\u0072\u0074\u006D\u0065\u006E\u0074
dataDecoded=Apartment
hash=B957A8FA

[37]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2024/06/03 12:30:22
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\InProcServer32
param=
data=\u0043\u003A\u005C\u0050\u0072\u006F\u0067\u0072\u0061\u006D\u0020\u0046\u0069\u006C\u0065\u0073\u005C\u0047\u006F\u006F\u0067\u006C\u0065\u005C\u0044\u0072\u0069\u0076\u0065\u0020\u0046\u0069\u006C\u0065\u0020\u0053\u0074\u0072\u0065\u0061\u006D\u005C\u0039\u0032\u002E\u0030\u002E\u0030\u002E\u0030\u005C\u0064\u0072\u0069\u0076\u0065\u0066\u0073\u0065\u0078\u0074\u002E\u0064\u006C\u006C
dataDecoded=C:\Program Files\Google\Drive File Stream\92.0.0.0\drivefsext.dll
hash=3EE61EE8

[38]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[39]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\TypeLib
param=
data=\u007B\u0045\u0032\u0037\u0045\u0043\u0030\u0035\u0033\u002D\u0033\u0032\u0036\u0033\u002D\u0034\u0039\u0030\u0038\u002D\u0038\u0045\u0043\u0044\u002D\u0035\u0041\u0046\u0044\u0046\u0042\u0037\u0035\u0034\u0037\u0032\u0038\u007D
dataDecoded={E27EC053-3263-4908-8ECD-5AFDFB754728}
hash=8FB10F3C

[40]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[41]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}\Version
param=
data=\u0031\u002E\u0030
dataDecoded=1.0
hash=22A043A1

[42]
hive=HKCR
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;CIID;KR;;;BU)(A;CIID;KA;;;BA)(A;CIID;KA;;;SY)(A;CIIOID;KA;;;CO)(A;CIID;KR;;;AC)(A;CIID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u0050\u0072\u006F\u0067\u0072\u0065\u0073\u0073\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDriveProgressOverlayIconHandler
hash=70C3C5AA

[43]
hive=HKCR
type=REG_SZ
redir=0
empty=0
key=CLSID\{C973DA94-CBDF-4E77-81D1-E5B794FBD146}
param=
data=\u0020\u0020\u0020\u0020\u0047\u006F\u006F\u0067\u006C\u0065\u0044\u0072\u0069\u0076\u0065\u0050\u0072\u006F\u0067\u0072\u0065\u0073\u0073\u004F\u0076\u0065\u0072\u006C\u0061\u0079\u0049\u0063\u006F\u006E\u0048\u0061\u006E\u0064\u006C\u0065\u0072
dataDecoded=    GoogleDriveProgressOverlayIconHandler
hash=70C3C5AA

[44]
hive=HKLM
type=REG_SZ
redir=0
empty=0
DateM=2022/03/03 19:38:15
SD=O:BAG:S-1-5-21-3339660976-4175652973-1130352044-513D:AI(A;ID;KR;;;BU)(A;CIIOID;GR;;;BU)(A;ID;KA;;;BA)(A;CIIOID;GA;;;BA)(A;ID;KA;;;SY)(A;CIIOID;GA;;;SY)(A;CIIOID;GA;;;CO)(A;ID;KR;;;AC)(A;CIIOID;GR;;;AC)(A;ID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)(A;CIIOID;GR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681)
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDriveProgressOverlayIconHandler
param=
data=\u007B\u0043\u0039\u0037\u0033\u0044\u0041\u0039\u0034\u002D\u0043\u0042\u0044\u0046\u002D\u0034\u0045\u0037\u0037\u002D\u0038\u0031\u0044\u0031\u002D\u0045\u0035\u0042\u0037\u0039\u0034\u0046\u0042\u0044\u0031\u0034\u0036\u007D
dataDecoded={C973DA94-CBDF-4E77-81D1-E5B794FBD146}
hash=B74CF6F4

[45]
hive=HKLM
type=REG_SZ
redir=0
empty=0
key=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\    GoogleDriveProgressOverlayIconHandler
param=
data=\u007B\u0043\u0039\u0037\u0033\u0044\u0041\u0039\u0034\u002D\u0043\u0042\u0044\u0046\u002D\u0034\u0045\u0037\u0037\u002D\u0038\u0031\u0044\u0031\u002D\u0045\u0035\u0042\u0037\u0039\u0034\u0046\u0042\u0044\u0031\u0034\u0036\u007D
dataDecoded={C973DA94-CBDF-4E77-81D1-E5B794FBD146}
hash=B74CF6F4