From 73c60df05404ff69236246e6469cc8763224244f Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Fri, 12 Jan 2024 15:19:44 -0500
Subject: [PATCH 01/13] Added up to 2312 blocks to the recommended blocklist

---
 ...icrosoft-recommended-driver-block-rules.md | 628 +++++++++++++++---
 1 file changed, 543 insertions(+), 85 deletions(-)

diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md b/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
index 615226657c..5f5bb4b658 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
@@ -80,7 +80,7 @@ To check that the policy was successfully applied on your computer:
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
 <SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
-  <VersionEx>10.0.25965.0</VersionEx>
+  <VersionEx>10.0.26025.0</VersionEx>
   <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
   <Rules>
     <Rule>
@@ -537,6 +537,26 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_BS_RCIO_21" FriendlyName="BS_RCIO\e9e711056fada8681f3eb5578a0d449b68568bc812e29dfcc0b92b9a9e481202 Hash Sha256" Hash="30591EA53FBA8BAD22A017CF5A268211790706B7863F007CE20A77F2E3459170" />
     <Deny ID="ID_DENY_BS_RCIO_22" FriendlyName="BS_RCIO\e9e711056fada8681f3eb5578a0d449b68568bc812e29dfcc0b92b9a9e481202 Hash Page Sha1" Hash="AF5B84A2456E2621F920D61130DDAAD32CD4729F" />
     <Deny ID="ID_DENY_BS_RCIO_23" FriendlyName="BS_RCIO\e9e711056fada8681f3eb5578a0d449b68568bc812e29dfcc0b92b9a9e481202 Hash Page Sha256" Hash="6F698A9123CC763F0F035CF50177BF5690B4644802746C8C2F06F59CFC0D9F81" />
+    <Deny ID="ID_DENY_DELLBIOS_1" FriendlyName="DellBIOS.sys\163912dfa4ad141e689e1625e994ab7c1f335410ebff0ade86bda3b7cdf6e065 Hash Sha1" Hash="A5F8E8044E4ADD00FEF7F43725C8E6E121BA0E6A"/>
+    <Deny ID="ID_DENY_DELLBIOS_2" FriendlyName="DellBIOS.sys\163912dfa4ad141e689e1625e994ab7c1f335410ebff0ade86bda3b7cdf6e065 Hash Sha256" Hash="E2B6350E17E9B24B7140EED743B4AE0B01453BBB8CB73B091B51E2306017D80F"/>
+    <Deny ID="ID_DENY_DELLBIOS_3" FriendlyName="DellBIOS.sys\163912dfa4ad141e689e1625e994ab7c1f335410ebff0ade86bda3b7cdf6e065 Hash Page Sha1" Hash="BC93DBE8834352583E15F5D4A41D166EB2680660"/>
+    <Deny ID="ID_DENY_DELLBIOS_4" FriendlyName="DellBIOS.sys\163912dfa4ad141e689e1625e994ab7c1f335410ebff0ade86bda3b7cdf6e065 Hash Page Sha256" Hash="DF3B9926DD1F23BEC0B0D6DFF834904F126C5A8734F936178D2259F22042E1CB"/>
+    <Deny ID="ID_DENY_DELLBIOS_5" FriendlyName="DellBIOS.sys\3678ba63d62efd3b706d1b661d631ded801485c08b5eb9a3ef38380c6cff319a Hash Sha1" Hash="280FCEDFE4013A14BF122A917AE2FA469142714C"/>
+    <Deny ID="ID_DENY_DELLBIOS_6" FriendlyName="DellBIOS.sys\3678ba63d62efd3b706d1b661d631ded801485c08b5eb9a3ef38380c6cff319a Hash Sha256" Hash="EE067313BD75ACAE24E1661CB6807ED6148F9AF34542ED77578144B21F5C8DA1"/>
+    <Deny ID="ID_DENY_DELLBIOS_7" FriendlyName="DellBIOS.sys\3678ba63d62efd3b706d1b661d631ded801485c08b5eb9a3ef38380c6cff319a Hash Page Sha1" Hash="E6B426504312BCDD63191AD35FE6B464EB1CB1B5"/>
+    <Deny ID="ID_DENY_DELLBIOS_8" FriendlyName="DellBIOS.sys\3678ba63d62efd3b706d1b661d631ded801485c08b5eb9a3ef38380c6cff319a Hash Page Sha256" Hash="0E2D9FA6D1B4E5CC73CCCB5FAB712531D3DB89F552183356077665EF5C0E119A"/>
+    <Deny ID="ID_DENY_DELLBIOS_9" FriendlyName="DellBIOS.sys\5bf3985644308662ebfa2fbcc11fb4d3e2a0c817ad3da1a791020f8c8589ebc8 Hash Sha1" Hash="808B0DE6F644D48C4ED0C9B607A17362EC3DF083"/>
+    <Deny ID="ID_DENY_DELLBIOS_10" FriendlyName="DellBIOS.sys\5bf3985644308662ebfa2fbcc11fb4d3e2a0c817ad3da1a791020f8c8589ebc8 Hash Sha256" Hash="B8E047A7C96A94EB7CF0416253ECA48FA7BA66914B684EE75E81651C83C7AC30"/>
+    <Deny ID="ID_DENY_DELLBIOS_11" FriendlyName="DellBIOS.sys\5bf3985644308662ebfa2fbcc11fb4d3e2a0c817ad3da1a791020f8c8589ebc8 Hash Page Sha1" Hash="7E06EB584FB8815553A0A63295193DCC8E57CE47"/>
+    <Deny ID="ID_DENY_DELLBIOS_12" FriendlyName="DellBIOS.sys\5bf3985644308662ebfa2fbcc11fb4d3e2a0c817ad3da1a791020f8c8589ebc8 Hash Page Sha256" Hash="F47BE8407E6D9AD6D938EE55CDC45BAB6F02A99711B99F110FE5CDA93F27A2FD"/>
+    <Deny ID="ID_DENY_DELLBIOS_13" FriendlyName="DellBIOS.sys\6575ea9b319beb3845d43ce2c70ea55f0414da2055fa82eec324c4cebdefe893 Hash Sha1" Hash="AC1D5F3691326940BB3CB471097296FF7D21DC9B"/>
+    <Deny ID="ID_DENY_DELLBIOS_14" FriendlyName="DellBIOS.sys\6575ea9b319beb3845d43ce2c70ea55f0414da2055fa82eec324c4cebdefe893 Hash Sha256" Hash="419B5BCA6D43650893D5E044E785C0AD87CBE1185DE0D3FEAA9F681C6E7F50B4"/>
+    <Deny ID="ID_DENY_DELLBIOS_15" FriendlyName="DellBIOS.sys\6575ea9b319beb3845d43ce2c70ea55f0414da2055fa82eec324c4cebdefe893 Hash Page Sha1" Hash="8322FD18133859C11F6BFF906678BAFDF7DD2C32"/>
+    <Deny ID="ID_DENY_DELLBIOS_16" FriendlyName="DellBIOS.sys\6575ea9b319beb3845d43ce2c70ea55f0414da2055fa82eec324c4cebdefe893 Hash Page Sha256" Hash="661A1CD445C0D43465F3AB44AA68F407CE1C873469AD74AA8C28109AA67F07C3"/>
+    <Deny ID="ID_DENY_DELLBIOS_17" FriendlyName="DellBIOS.sys\700b9839fde53e91f0847053b4d2eb8d9bd3aca098844510f1fa3bab6a37eb24 Hash Sha1" Hash="03952B6DDCDFC4A2AB375DCE0475CEA07113AD36"/>
+    <Deny ID="ID_DENY_DELLBIOS_18" FriendlyName="DellBIOS.sys\700b9839fde53e91f0847053b4d2eb8d9bd3aca098844510f1fa3bab6a37eb24 Hash Sha256" Hash="7C62A659A4F8FDECFD5A64F4F4391852996DB564D123FC5D20E3F3DFB11ED62C"/>
+    <Deny ID="ID_DENY_DELLBIOS_19" FriendlyName="DellBIOS.sys\700b9839fde53e91f0847053b4d2eb8d9bd3aca098844510f1fa3bab6a37eb24 Hash Page Sha1" Hash="1C6165E7E1F075C95DE654261634AD6758DA1599"/>
+    <Deny ID="ID_DENY_DELLBIOS_20" FriendlyName="DellBIOS.sys\700b9839fde53e91f0847053b4d2eb8d9bd3aca098844510f1fa3bab6a37eb24 Hash Page Sha256" Hash="DD4C3666BF9205F21709F33E51AB072F5D0857B29D02A1A6401B9079998D17E2"/>
     <Deny ID="ID_DENY_DHKERNEL_1" FriendlyName="YY_DhKernel\80cbba9f404df3e642f22c476664d63d7c229d45d34f5cd0e19c65eb41becec3 Hash Sha1" Hash="B92959042D232605ABBA254BC0368B87EC047079" />
     <Deny ID="ID_DENY_DHKERNEL_2" FriendlyName="YY_DhKernel\80cbba9f404df3e642f22c476664d63d7c229d45d34f5cd0e19c65eb41becec3 Hash Sha256" Hash="C786F3CA229DA18B2806AF4D57ECAD603859EE548549B19F71A623F477FC740E" />
     <Deny ID="ID_DENY_DHKERNEL_3" FriendlyName="YY_DhKernel\80cbba9f404df3e642f22c476664d63d7c229d45d34f5cd0e19c65eb41becec3 Hash Page Sha1" Hash="CFE049C9BAB44EDD22D135330F7825063F1307B4" />
@@ -653,6 +673,10 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_ECHO_A" FriendlyName="Inspect EchoDriver\ea3c5569405ed02ec24298534a983bcb5de113c18bc3fd01a4dd0b5839cd17b9 Hash Sha256" Hash="92F9D73CEC5AB3352C4B3CBF4574D13B2E506CBA24CC74580E19E941063EAF7D" />
     <Deny ID="ID_DENY_ECHO_B" FriendlyName="Inspect EchoDriver\ea3c5569405ed02ec24298534a983bcb5de113c18bc3fd01a4dd0b5839cd17b9 Hash Page Sha1" Hash="832832028D40A3CFD08D364554FCE0B4F37317FF" />
     <Deny ID="ID_DENY_ECHO_C" FriendlyName="Inspect EchoDriver\ea3c5569405ed02ec24298534a983bcb5de113c18bc3fd01a4dd0b5839cd17b9 Hash Page Sha256" Hash="49ED19D5E1E122936035A48EA99FFD68CA4915578107888D5C2B0BB9E30E67C0" />
+    <Deny ID="ID_DENY_ECSIODRV_1" FriendlyName="EliteGroup ECSioDriver\14edfdc13aeb98db50d597367f132443b086df0728f4fdb8c3bb5d47a8a0cd4a Hash Sha1" Hash="CAAC3986D305A606B7B4764FD4537E2BF6650DF6"/>
+    <Deny ID="ID_DENY_ECSIODRV_2" FriendlyName="EliteGroup ECSioDriver\14edfdc13aeb98db50d597367f132443b086df0728f4fdb8c3bb5d47a8a0cd4a Hash Sha256" Hash="FBDDB3EE9221EBAC892DC19BE3971AFF3707748130C3A30A000EC8D208CF5797"/>
+    <Deny ID="ID_DENY_ECSIODRV_3" FriendlyName="EliteGroup ECSioDriver\14edfdc13aeb98db50d597367f132443b086df0728f4fdb8c3bb5d47a8a0cd4a Hash Page Sha1" Hash="42BBD404E2262306FAD4F0D8DCF9D485D8DECBB3"/>
+    <Deny ID="ID_DENY_ECSIODRV_4" FriendlyName="EliteGroup ECSioDriver\14edfdc13aeb98db50d597367f132443b086df0728f4fdb8c3bb5d47a8a0cd4a Hash Page Sha256" Hash="96DE51B575F95A3E13C649502544C50D1309CB41C06DB8629D2627909331EAEE"/>
     <Deny ID="ID_DENY_EIO64_1" FriendlyName="Asus EIO64\b17507a3246020fa0052a172485d7b3567e0161747927f2edf27c40e310852e0 Hash Sha1" Hash="200BE5A696990EE97B4C3176234CDE46C3EBC2CE" />
     <Deny ID="ID_DENY_EIO64_2" FriendlyName="Asus EIO64\b17507a3246020fa0052a172485d7b3567e0161747927f2edf27c40e310852e0 Hash Sha256" Hash="72B36C64F0B349D7816C8E5E2D1A7F59807DE0C87D3F071A04DBC56BEC9C00DB" />
     <Deny ID="ID_DENY_EIO64_3" FriendlyName="Asus EIO64\b17507a3246020fa0052a172485d7b3567e0161747927f2edf27c40e310852e0 Hash Page Sha1" Hash="DB88BFE5F3DE4E3CC778FE456B542EC4135433A4" />
@@ -661,6 +685,24 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_EIO64_6" FriendlyName="Asus EIO64\cf69704755ec2643dfd245ae1d4e15d77f306aeb1a576ffa159453de1a7345cb Hash Sha256" Hash="D4E7335A177E47688D68AD89940C272F82728C882623F1630E7FD2E03E16F003" />
     <Deny ID="ID_DENY_EIO64_7" FriendlyName="Asus EIO64\cf69704755ec2643dfd245ae1d4e15d77f306aeb1a576ffa159453de1a7345cb Hash Page Sha1" Hash="D1AAAAF1EEA34073BAF39C7494E646C5AD2475F5" />
     <Deny ID="ID_DENY_EIO64_8" FriendlyName="Asus EIO64\cf69704755ec2643dfd245ae1d4e15d77f306aeb1a576ffa159453de1a7345cb Hash Page Sha256" Hash="796BEC283155309F2DF0B1779CABC78A3B2161FFCED9F521DB231550DCB376A1" />
+    <Deny ID="ID_DENY_FH_ETHER_1" FriendlyName="Omron FH-Ether\ae71f40f06edda422efcd16f3a48f5b795b34dd6d9bb19c9c8f2e083f0850eb7 Hash Sha1" Hash="364F53ED52E121182BE0E0A21C17C2254894713D"/>
+    <Deny ID="ID_DENY_FH_ETHER_2" FriendlyName="Omron FH-Ether\ae71f40f06edda422efcd16f3a48f5b795b34dd6d9bb19c9c8f2e083f0850eb7 Hash Sha256" Hash="5E7B92E6A1F656A70ED56EF2A190FCE6BB3F12063B891FBFD722CA4E951DE15F"/>
+    <Deny ID="ID_DENY_GEDEVDRV_1" FriendlyName="GEDevDrv.sys\51145a3fa8258aac106f65f34159d23c54b48b6d54ec0421748b3939ab6778eb Hash Sha1" Hash="ED3F9E742B37A81DB447D9D398F3EA26235E05AA"/>
+    <Deny ID="ID_DENY_GEDEVDRV_2" FriendlyName="GEDevDrv.sys\51145a3fa8258aac106f65f34159d23c54b48b6d54ec0421748b3939ab6778eb Hash Sha256" Hash="33494ED37D4BE23B7DE493D5F2C9C31A83A7A834C79A5FD7C2A93C1054F583B1"/>
+    <Deny ID="ID_DENY_GEDEVDRV_3" FriendlyName="GEDevDrv.sys\51145a3fa8258aac106f65f34159d23c54b48b6d54ec0421748b3939ab6778eb Hash Page Sha1" Hash="707E8CF8ADE1B63188DF4B8CDC9E784D8E003708"/>
+    <Deny ID="ID_DENY_GEDEVDRV_4" FriendlyName="GEDevDrv.sys\51145a3fa8258aac106f65f34159d23c54b48b6d54ec0421748b3939ab6778eb Hash Page Sha256" Hash="ED4B6AED3BF9CF1F02086EB3C21B6779F9EA1921BFBCDEAA0BD308EC5420789D"/>
+    <Deny ID="ID_DENY_GEDEVDRV_5" FriendlyName="GEDevDrv.sys\a369942ce8d4b70ebf664981e12c736ec980dbe5a74585dd826553c4723b1bce Hash Sha1" Hash="9F5EAAB353BF93697EEC55B9FAC8479968F17E7C"/>
+    <Deny ID="ID_DENY_GEDEVDRV_6" FriendlyName="GEDevDrv.sys\a369942ce8d4b70ebf664981e12c736ec980dbe5a74585dd826553c4723b1bce Hash Sha256" Hash="8A228C751D1664B362F10DC7083C223995B976B264DA8B7380C51157BED66FBE"/>
+    <Deny ID="ID_DENY_GEDEVDRV_7" FriendlyName="GEDevDrv.sys\a369942ce8d4b70ebf664981e12c736ec980dbe5a74585dd826553c4723b1bce Hash Page Sha1" Hash="3CA7CA0CD75C7EB9AE1D388513615009B5FA9311"/>
+    <Deny ID="ID_DENY_GEDEVDRV_8" FriendlyName="GEDevDrv.sys\a369942ce8d4b70ebf664981e12c736ec980dbe5a74585dd826553c4723b1bce Hash Page Sha256" Hash="719AB50DF883025F8170886B5A3801C1A6919FF23C741E64AC4A0C3C3B6AE076"/>
+    <Deny ID="ID_DENY_GEDEVDRV_9" FriendlyName="GEDevDrv.sys\ae73dd357e5950face9c956570088f334d18464cd49f00c56420e3d6ff47e8dc Hash Sha1" Hash="A236F58A6E3C596360078B96966416A1C66C87D7"/>
+    <Deny ID="ID_DENY_GEDEVDRV_10" FriendlyName="GEDevDrv.sys\ae73dd357e5950face9c956570088f334d18464cd49f00c56420e3d6ff47e8dc Hash Sha256" Hash="D9CBDFC10BA743D5229F7DBB6507B9864012FB58CB253DA92962DC611603A73C"/>
+    <Deny ID="ID_DENY_GEDEVDRV_11" FriendlyName="GEDevDrv.sys\ae73dd357e5950face9c956570088f334d18464cd49f00c56420e3d6ff47e8dc Hash Page Sha1" Hash="3485F18E38A52B5D2E26C40AB53F5CB09618A5C0"/>
+    <Deny ID="ID_DENY_GEDEVDRV_12" FriendlyName="GEDevDrv.sys\ae73dd357e5950face9c956570088f334d18464cd49f00c56420e3d6ff47e8dc Hash Page Sha256" Hash="EF0FDBFEAC16565C63E3B959557F5B26CB76BA57957F67FD7DDA6CC7D51DFD49"/>
+    <Deny ID="ID_DENY_GEDEVDRV_13" FriendlyName="GEDevDrv.sys\cac5dc7c3da69b682097144f12a816530091d4708ca432a7ce39f6abe6616461 Hash Sha1" Hash="30D5627753948F533EF45636A0A845D1ACCD82E3"/>
+    <Deny ID="ID_DENY_GEDEVDRV_14" FriendlyName="GEDevDrv.sys\cac5dc7c3da69b682097144f12a816530091d4708ca432a7ce39f6abe6616461 Hash Sha256" Hash="1DCDD1EFAB9ABC25F4227B37F76DA295A6DC4CF810875BA34EE1D465EB709B70"/>
+    <Deny ID="ID_DENY_GEDEVDRV_15" FriendlyName="GEDevDrv.sys\cac5dc7c3da69b682097144f12a816530091d4708ca432a7ce39f6abe6616461 Hash Page Sha1" Hash="C4B3B9D7BEBBA05B681E3B6D1C834BD2022640DE"/>
+    <Deny ID="ID_DENY_GEDEVDRV_16" FriendlyName="GEDevDrv.sys\cac5dc7c3da69b682097144f12a816530091d4708ca432a7ce39f6abe6616461 Hash Page Sha256" Hash="E68E8803E296F48BE72170FD05DB99C881E8A8DA51D47D96062C159CE37CC47E"/>
     <Deny ID="ID_DENY_GVCIDRV_1" FriendlyName="Gigabyte gvcidrv\42f0b036687cbd7717c9efed6991c00d4e3e7b032dc965a2556c02177dfdad0f Hash Sha1" Hash="4EAE38E9DC262EB7B6EDE4B3D3F4AD068933845E" />
     <Deny ID="ID_DENY_GVCIDRV_2" FriendlyName="Gigabyte gvcidrv\42f0b036687cbd7717c9efed6991c00d4e3e7b032dc965a2556c02177dfdad0f Hash Sha256" Hash="2FF09BB919A9909068166C30322C4E904BEFEBA5429E9A11D011297FB8A73C07" />
     <Deny ID="ID_DENY_GVCIDRV_3" FriendlyName="Gigabyte gvcidrv\42f0b036687cbd7717c9efed6991c00d4e3e7b032dc965a2556c02177dfdad0f Hash Page Sha1" Hash="6980122AEF4E2D5D7A6DDDB6DA76A166C460E0A1" />
@@ -868,6 +910,38 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_MSR_6" FriendlyName="Datapath msr.sys\ede9a3858a12d5ddea21a310e5721bf86c2248539f42c9e0c3c29ae5b0148ba5 Hash Sha256" Hash="1F8812611CF7120E89E769CC908FABC0C9E49B27FDED8DDE6A3DE51D9CE34F09" />
     <Deny ID="ID_DENY_MSR_7" FriendlyName="Datapath msr.sys\ede9a3858a12d5ddea21a310e5721bf86c2248539f42c9e0c3c29ae5b0148ba5 Hash Page Sha1" Hash="81DE92B2555D9A29C5E48CB4893ADF0131EAD233" />
     <Deny ID="ID_DENY_MSR_8" FriendlyName="Datapath msr.sys\ede9a3858a12d5ddea21a310e5721bf86c2248539f42c9e0c3c29ae5b0148ba5 Hash Page Sha256" Hash="CA90FFB147D600E7F42E8790CBD9FE7D69C7463DE88B08723E210750E1E272BD" />
+    <Deny ID="ID_DENY_MSRHOOK_1" FriendlyName="IDTech MSRHook\10397e0ebd622b20412fcfcd28f832ee562181931192a58cc19dfd45a98e684f Hash Sha1" Hash="87512948E8B0F3F29F12E9841A48E1D01D67228A"/>
+    <Deny ID="ID_DENY_MSRHOOK_2" FriendlyName="IDTech MSRHook\10397e0ebd622b20412fcfcd28f832ee562181931192a58cc19dfd45a98e684f Hash Sha256" Hash="74B3623FBC8416822A98ACE6A2C69EE45C2B6794A3EB4E1181C5BE7319CFB43A"/>
+    <Deny ID="ID_DENY_MSRHOOK_3" FriendlyName="IDTech MSRHook\10397e0ebd622b20412fcfcd28f832ee562181931192a58cc19dfd45a98e684f Hash Page Sha1" Hash="6E9170D40B6811BCA4F931E79E0B2621AB0190CC"/>
+    <Deny ID="ID_DENY_MSRHOOK_4" FriendlyName="IDTech MSRHook\10397e0ebd622b20412fcfcd28f832ee562181931192a58cc19dfd45a98e684f Hash Page Sha256" Hash="9670241406BB54134387EEC1DC6F3A65474359D444BAA1473310521598CC4F71"/>
+    <Deny ID="ID_DENY_MSRHOOK_5" FriendlyName="IDTech MSRHook\4e4dcb68457b4615e38e8c3148d4303e98c166e56b4aa9fae2dee8d24d3e93e9 Hash Sha1" Hash="48F0AABB935C7F87DBD678950EA85A5A8D1D38E9"/>
+    <Deny ID="ID_DENY_MSRHOOK_6" FriendlyName="IDTech MSRHook\4e4dcb68457b4615e38e8c3148d4303e98c166e56b4aa9fae2dee8d24d3e93e9 Hash Sha256" Hash="0510F28DF28ECBADB39E8D5086E8138780CB887BCEC9ADD2EED1CE48B119C4B5"/>
+    <Deny ID="ID_DENY_MSRHOOK_7" FriendlyName="IDTech MSRHook\4e4dcb68457b4615e38e8c3148d4303e98c166e56b4aa9fae2dee8d24d3e93e9 Hash Page Sha1" Hash="BD571AB72760CF250B9180DE455C0D4D4F6480E3"/>
+    <Deny ID="ID_DENY_MSRHOOK_8" FriendlyName="IDTech MSRHook\4e4dcb68457b4615e38e8c3148d4303e98c166e56b4aa9fae2dee8d24d3e93e9 Hash Page Sha256" Hash="B49CEDF7844A48997D9CD9F722780A7ACE0653CACB0988DC9BF78E4892C47372"/>
+    <Deny ID="ID_DENY_MSRHOOK_9" FriendlyName="IDTech MSRHook\6a374d023813382fb79b447c05f3382f9d0bbb13f8ab0c1f8e8168f4a23d5ffe Hash Sha1" Hash="56B7D5E3D0EF800AF285E6766B2E89DD536966BD"/>
+    <Deny ID="ID_DENY_MSRHOOK_10" FriendlyName="IDTech MSRHook\6a374d023813382fb79b447c05f3382f9d0bbb13f8ab0c1f8e8168f4a23d5ffe Hash Sha256" Hash="98198A7E6E6613C4D39C38205029E437469A70CE3D2B0B731A2A681202477F5D"/>
+    <Deny ID="ID_DENY_MSRHOOK_11" FriendlyName="IDTech MSRHook\6a374d023813382fb79b447c05f3382f9d0bbb13f8ab0c1f8e8168f4a23d5ffe Hash Page Sha1" Hash="EB090562DB6F2AA96C22003F83683F0DE86C8A47"/>
+    <Deny ID="ID_DENY_MSRHOOK_12" FriendlyName="IDTech MSRHook\6a374d023813382fb79b447c05f3382f9d0bbb13f8ab0c1f8e8168f4a23d5ffe Hash Page Sha256" Hash="9B2AF543F278A3648FC2F86AA2DCF06447411E696492AECD3732928991C3BB9F"/>
+    <Deny ID="ID_DENY_MSRHOOK_13" FriendlyName="IDTech MSRHook\79c14ffa8e8d28b78a9a2f0618052a64e83c98acc4aeec27178c0002f9c91dae Hash Sha1" Hash="F33DDD5D0A22CBB269BF9BD2E0905ABDE25DDD50"/>
+    <Deny ID="ID_DENY_MSRHOOK_14" FriendlyName="IDTech MSRHook\79c14ffa8e8d28b78a9a2f0618052a64e83c98acc4aeec27178c0002f9c91dae Hash Sha256" Hash="04B318E35B734F63D43754EE4ECFF808808CF2B6C68DDD5E1D9E39EFC41CFB8B"/>
+    <Deny ID="ID_DENY_MSRHOOK_15" FriendlyName="IDTech MSRHook\79c14ffa8e8d28b78a9a2f0618052a64e83c98acc4aeec27178c0002f9c91dae Hash Page Sha1" Hash="B2DE7BC9D08E706970A47E34BA8056D97F425840"/>
+    <Deny ID="ID_DENY_MSRHOOK_16" FriendlyName="IDTech MSRHook\79c14ffa8e8d28b78a9a2f0618052a64e83c98acc4aeec27178c0002f9c91dae Hash Page Sha256" Hash="E2F7CEFBAC7960977797AF12A84AB536D5815CF4410BF527E291DF8738DB4136"/>
+    <Deny ID="ID_DENY_MSRHOOK_17" FriendlyName="IDTech MSRHook\a0ba1c981dcf3930680c97664efce6142679bd84604c38eb8b8368f6c1bde3c9 Hash Sha1" Hash="622A9B34788204D4F8EE2AD770AEC818FD7FBF10"/>
+    <Deny ID="ID_DENY_MSRHOOK_18" FriendlyName="IDTech MSRHook\a0ba1c981dcf3930680c97664efce6142679bd84604c38eb8b8368f6c1bde3c9 Hash Sha256" Hash="BCBB079252FD5C4A6A5121C287C00FC6D8E0C7F57EF243D37DCD9B8F319AF99A"/>
+    <Deny ID="ID_DENY_MSRHOOK_19" FriendlyName="IDTech MSRHook\a0ba1c981dcf3930680c97664efce6142679bd84604c38eb8b8368f6c1bde3c9 Hash Page Sha1" Hash="1E824C0B47BC1CD163FADFF54CBF6EDB11CEDFCE"/>
+    <Deny ID="ID_DENY_MSRHOOK_20" FriendlyName="IDTech MSRHook\a0ba1c981dcf3930680c97664efce6142679bd84604c38eb8b8368f6c1bde3c9 Hash Page Sha256" Hash="62EA60E39D25E1A12BF5A123DAE9DD8C0199A93C4C1592F5D314DF85142B1971"/>
+    <Deny ID="ID_DENY_MSRHOOK_21" FriendlyName="IDTech MSRHook\d0b65b4277ab975c7e0579839153dfb8febeaf8ca3aa621bc710cd7bcaaa8ad1 Hash Sha1" Hash="ED426D5987AE02488A35D7D149176F6C654B4CFA"/>
+    <Deny ID="ID_DENY_MSRHOOK_22" FriendlyName="IDTech MSRHook\d0b65b4277ab975c7e0579839153dfb8febeaf8ca3aa621bc710cd7bcaaa8ad1 Hash Sha256" Hash="00573981F5478DBEC6704FB77131AD92E91F00178CCCCCAEB2F70763E927F2D7"/>
+    <Deny ID="ID_DENY_MSRHOOK_23" FriendlyName="IDTech MSRHook\d0b65b4277ab975c7e0579839153dfb8febeaf8ca3aa621bc710cd7bcaaa8ad1 Hash Page Sha1" Hash="B018A92B0BF220B462993EE8602F5C978D799AA9"/>
+    <Deny ID="ID_DENY_MSRHOOK_24" FriendlyName="IDTech MSRHook\d0b65b4277ab975c7e0579839153dfb8febeaf8ca3aa621bc710cd7bcaaa8ad1 Hash Page Sha256" Hash="819912254620E94E715C0AB9FAAD96869D72C3F3F23C7659639DDEF4D31ACB74"/>
+    <Deny ID="ID_DENY_MSRHOOK_25" FriendlyName="IDTech MSRHook\f4b447891887806b4712986f00e10612f8d9dbda1cb1ec1de032fb4c34199428 Hash Sha1" Hash="D09D43621878AD4014835DF83599B574ACB2CC29"/>
+    <Deny ID="ID_DENY_MSRHOOK_26" FriendlyName="IDTech MSRHook\f4b447891887806b4712986f00e10612f8d9dbda1cb1ec1de032fb4c34199428 Hash Sha256" Hash="4D7B24FB69EB1A0906E3B6D78082CB62D7F713ABA79A85DA0F5E512725A680FF"/>
+    <Deny ID="ID_DENY_MSRHOOK_27" FriendlyName="IDTech MSRHook\f4b447891887806b4712986f00e10612f8d9dbda1cb1ec1de032fb4c34199428 Hash Page Sha1" Hash="C0C2626B922973EBA185D79D795730FB73D99871"/>
+    <Deny ID="ID_DENY_MSRHOOK_28" FriendlyName="IDTech MSRHook\f4b447891887806b4712986f00e10612f8d9dbda1cb1ec1de032fb4c34199428 Hash Page Sha256" Hash="D6D5971984033399A065674BE53669B7B9D7BA445E105AE6A78AC5E68C7871B2"/>
+    <Deny ID="ID_DENY_MSRHOOK_29" FriendlyName="IDTech MSRHook\fc6d327b8af44b6adeffc4c3c00ba9edda41d40dae3ff2e1449125e3eb08e15c Hash Sha1" Hash="72064C3BE3AD234A5B5E801BC36458F343078374"/>
+    <Deny ID="ID_DENY_MSRHOOK_30" FriendlyName="IDTech MSRHook\fc6d327b8af44b6adeffc4c3c00ba9edda41d40dae3ff2e1449125e3eb08e15c Hash Sha256" Hash="84383018957DEC043ABA44D5A3243038EC2686BB05BAC5EB39FA854CA4AB2C8A"/>
+    <Deny ID="ID_DENY_MSRHOOK_31" FriendlyName="IDTech MSRHook\fc6d327b8af44b6adeffc4c3c00ba9edda41d40dae3ff2e1449125e3eb08e15c Hash Page Sha1" Hash="969B242ED4F904609EEBF25D26DC6CBC295F6647"/>
+    <Deny ID="ID_DENY_MSRHOOK_32" FriendlyName="IDTech MSRHook\fc6d327b8af44b6adeffc4c3c00ba9edda41d40dae3ff2e1449125e3eb08e15c Hash Page Sha256" Hash="9B6D8C42212266900865753362038FED8A7DE6369BF0E2B6B9B94A6E2B0DAD67"/>
     <Deny ID="ID_DENY_NVFLASH_1" FriendlyName="nvflash.sys\0a89a6ab2fca486480b6e3dacf392d6ce0c59a5bdb4bcd18d672feb4ebb0543c Hash Sha1" Hash="213C4EC78132D6C0FDFDD7B640107E0CE4990A0E" />
     <Deny ID="ID_DENY_NVFLASH_2" FriendlyName="nvflash.sys\0a89a6ab2fca486480b6e3dacf392d6ce0c59a5bdb4bcd18d672feb4ebb0543c Hash Sha256" Hash="91EE89520105CCBCECA6EE0E34070F28C8DC5A3D73EC65F384DA5DA4F2A36DC0" />
     <Deny ID="ID_DENY_NVFLASH_3" FriendlyName="nvflash.sys\0a89a6ab2fca486480b6e3dacf392d6ce0c59a5bdb4bcd18d672feb4ebb0543c Hash Page Sha1" Hash="C24D6F9132486AF1EB2937D9366275126A5A35E1" />
@@ -1038,6 +1112,18 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_QMBSEC_D" FriendlyName="qmbsec.sys\be6c3af76d43d6200a387eab9b57791c87dc3a3e21636b3df68bb34e24eebf89 Hash Sha256" Hash="B083BB2B298FA14F2E7CC65341337209DF5DE7C53B8CE5DAB5FA830DD29FE2A5" />
     <Deny ID="ID_DENY_QMBSEC_E" FriendlyName="qmbsec.sys\be6c3af76d43d6200a387eab9b57791c87dc3a3e21636b3df68bb34e24eebf89 Hash Page Sha1" Hash="96516702799451093DB85802491D70F20382DFDE" />
     <Deny ID="ID_DENY_QMBSEC_F" FriendlyName="qmbsec.sys\be6c3af76d43d6200a387eab9b57791c87dc3a3e21636b3df68bb34e24eebf89 Hash Page Sha256" Hash="0915820FC684225C54BBE9C0727E5E592EE7F10272C3BD8FCE055742C188305C" />
+    <Deny ID="ID_DENY_RENTDRV_1" FriendlyName="Hangzhou RentDrv.sys\1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3 Hash Sha1" Hash="3653D167FFA47DA551267C179A4B4F23430271B7"/>
+    <Deny ID="ID_DENY_RENTDRV_2" FriendlyName="Hangzhou RentDrv.sys\1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3 Hash Sha256" Hash="2E100AA891445F18F4805DCED7C4055AA5BEE6C65995DAA42A438349CCAD6C3C"/>
+    <Deny ID="ID_DENY_RENTDRV_3" FriendlyName="Hangzhou RentDrv.sys\1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3 Hash Page Sha1" Hash="264A830F335ABFC477538DC749F0DDCD3F9ED165"/>
+    <Deny ID="ID_DENY_RENTDRV_4" FriendlyName="Hangzhou RentDrv.sys\1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3 Hash Page Sha256" Hash="C19365E56D640188311894175ABBA8A2CC82C969D3B19E6885C78014C11BA51D"/>
+    <Deny ID="ID_DENY_RENTDRV_5" FriendlyName="Hangzhou RentDrv.sys\39c128ceabfb170ef5fdbe7f7740de48a9d9119df2e01763c25995cea1097785 Hash Sha1" Hash="BEC0A0E7BCE966828B95329E2883ECCFFE9491F0"/>
+    <Deny ID="ID_DENY_RENTDRV_6" FriendlyName="Hangzhou RentDrv.sys\39c128ceabfb170ef5fdbe7f7740de48a9d9119df2e01763c25995cea1097785 Hash Sha256" Hash="7200C1614E328E730DFC51CFCB915AB6CD3084328BD3792A77BCE91D04E11688"/>
+    <Deny ID="ID_DENY_RENTDRV_7" FriendlyName="Hangzhou RentDrv.sys\39c128ceabfb170ef5fdbe7f7740de48a9d9119df2e01763c25995cea1097785 Hash Page Sha1" Hash="05B25426B0EAB1EA4D4AE40F81EEF45B48BAB190"/>
+    <Deny ID="ID_DENY_RENTDRV_8" FriendlyName="Hangzhou RentDrv.sys\39c128ceabfb170ef5fdbe7f7740de48a9d9119df2e01763c25995cea1097785 Hash Page Sha256" Hash="FEB676B961305CBAB0011A6E48DFD1E0105C534CEBEC69CFCC7D2715C3802594"/>
+    <Deny ID="ID_DENY_RENTDRV_9" FriendlyName="Hangzhou RentDrv.sys\9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5 Hash Sha1" Hash="CEBE563DE888EE2055BA03051010A40705E778C8"/>
+    <Deny ID="ID_DENY_RENTDRV_10" FriendlyName="Hangzhou RentDrv.sys\9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5 Hash Sha256" Hash="B3C9AF8C4BE8F62D25B955F92D2A4E9EBD34F7FA787580454EF54241102E7B30"/>
+    <Deny ID="ID_DENY_RENTDRV_11" FriendlyName="Hangzhou RentDrv.sys\9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5 Hash Page Sha1" Hash="193888C0CD24636D69F65558DD2CBFE38E9E257F"/>
+    <Deny ID="ID_DENY_RENTDRV_12" FriendlyName="Hangzhou RentDrv.sys\9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5 Hash Page Sha256" Hash="AFE7279865E62826437419D9348AF60810E00A9FC36823B87267B22C0A9B6DB6"/>
     <Deny ID="ID_DENY_RETLIFTEN_SHA1_1" FriendlyName="80.sys Hash Sha1" Hash="BC2F3850C7B858340D7ED27B90E63B036881FD6C" />
     <Deny ID="ID_DENY_RETLIFTEN_SHA1_2" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="E74B6DDA8BC53BC687FC21218BD34062A78D8467" />
     <Deny ID="ID_DENY_RETLIFTEN_SHA1_3" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="2C27ABBBBCF10DFB75AD79557E30ACE5ED314DF8" />
@@ -1182,42 +1268,98 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_RETLIFTEN_SHA256_70" FriendlyName="b.sys Hash Sha256" Hash="84DF20B1D9D87E305C92E5FFAE21B10B325609D59D835A954DBD8750EF5DABF4" />
     <Deny ID="ID_DENY_RETLIFTEN_SHA256_71" FriendlyName="nt4.sys Hash Sha256" Hash="D7BC7306CB489FE4C285BBEDDC6D1A09E814EF55CF30BD5B8DAF87A52396F102" />
     <Deny ID="ID_DENY_RETLIFTEN_SHA256_72" FriendlyName="d3.sys Hash Sha256" Hash="36875562E747136313EC5DB58174E5FAB870997A054CA8D3987D181599C7DB6A" />
-    <Deny ID="ID_DENY_RTCORE_29" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Sha1" Hash="4A68C2D7A4C471E062A32C83A36EEDB45A619683" />
-    <Deny ID="ID_DENY_RTCORE_2A" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Sha256" Hash="478C36F8AF7844A80E24C1822507BEEF6314519185717EC7AE224A0E04B2F330" />
-    <Deny ID="ID_DENY_RTCORE_2B" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Page Sha1" Hash="84152FA241C3808F8C7752964589C957E440403F" />
-    <Deny ID="ID_DENY_RTCORE_2C" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Page Sha256" Hash="A807532037A3549AE3E046F183D782BCB78B6193163EA448098140563CF857CB" />
-    <Deny ID="ID_DENY_RTCORE_2D" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Sha1" Hash="DA1BD3AD4A8FE1E28C1DE28A7BF66AD82DA0DD29" />
-    <Deny ID="ID_DENY_RTCORE_2E" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Sha256" Hash="61A1F530A5D47339275657D7883911D64F64909569CF13D2E6868DF01A2A72CB" />
-    <Deny ID="ID_DENY_RTCORE_2F" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Page Sha1" Hash="BD2340853235FE2757829E7F899CE25BD65C5434" />
-    <Deny ID="ID_DENY_RTCORE_30" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Page Sha256" Hash="74860E5563D3993635DC41E47BB34837C8B53ECBFF539244E1EC608E7B53D42D" />
-    <Deny ID="ID_DENY_RTCORE_31" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Sha1" Hash="38B353D8480885DE5DCF299DECA99CE4F26A1D20" />
-    <Deny ID="ID_DENY_RTCORE_32" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Sha256" Hash="5182CAF10DE9CEC0740ECDE5A081C21CDC100D7EB328FFE6F3F63183889FEC6B" />
-    <Deny ID="ID_DENY_RTCORE_33" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Page Sha1" Hash="1A4F647C27D093675A674E5A8D83063A83231D28" />
-    <Deny ID="ID_DENY_RTCORE_34" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Page Sha256" Hash="46D4A0CE75FA97837C7B6869D29AF9D6068F9023346E9D34C0E26E41198CDB80" />
-    <Deny ID="ID_DENY_RTCORE_35" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Sha1" Hash="5717BF3E520ACCFFF5AD9943E53A3B118FB67F2E" />
-    <Deny ID="ID_DENY_RTCORE_36" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Sha256" Hash="918D2E68A724B58D37443AEA159E70BF8B1B5EBB089C395CAD1D62745ECDAA19" />
-    <Deny ID="ID_DENY_RTCORE_37" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Page Sha1" Hash="03E1FB2499B9361141E2AC4FCCB9CCE2A48A0342" />
-    <Deny ID="ID_DENY_RTCORE_38" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Page Sha256" Hash="556B8ACD6EFF7D5A2A0320CD22CAD122254ABDEDCBBD749DB14CD8D314D609BE" />
-    <Deny ID="ID_DENY_RTCORE_39" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Sha1" Hash="43D3A3C1F7B14CFCC051CAE2534DBBBB4C7FC120" />
-    <Deny ID="ID_DENY_RTCORE_3A" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Sha256" Hash="B8EB26B6F79020AE988E4FB752DC06E1B6779749BF4F8DF2872FC2B92BAB8020" />
-    <Deny ID="ID_DENY_RTCORE_3B" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Page Sha1" Hash="6AE84C64765F9271C4758D387AD1E07B64F7966D" />
-    <Deny ID="ID_DENY_RTCORE_3C" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Page Sha256" Hash="AA60FC20276D6779BBEA2A629C2FBAA3CE60ED2C2AD26230101FFF01A6E79A24" />
-    <Deny ID="ID_DENY_RTCORE_3D" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Sha1" Hash="B3249BACDA6E43AA2C46C2AF802C9EE0B7E2FD7B" />
-    <Deny ID="ID_DENY_RTCORE_3E" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Sha256" Hash="3C9829A16EB85272B0E1A2917FEFFAAB8DDB23E633B168B389669339A0CEE0B5" />
-    <Deny ID="ID_DENY_RTCORE_3F" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Page Sha1" Hash="060C4D64F67F9300F2DBD09F68B4B591AAAFA698" />
-    <Deny ID="ID_DENY_RTCORE_40" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Page Sha256" Hash="BF0439DB3DCC00355291FEFF1D31F5B48CD1334DBBA3DAEB761E7084335D40E7" />
-    <Deny ID="ID_DENY_RTCORE_41" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Sha1" Hash="8498265D4CA81B83EC1454D9EC013D7A9C0C87BF" />
-    <Deny ID="ID_DENY_RTCORE_42" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Sha256" Hash="606BECED7746CDB684D3A44F41E48713C6BBE5BFB1486C52B5CCA815E99D31B4" />
-    <Deny ID="ID_DENY_RTCORE_43" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Page Sha1" Hash="3B05785D8AD770E4356BC8041606B08BDAB56C99" />
-    <Deny ID="ID_DENY_RTCORE_44" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Page Sha256" Hash="2DC771BED765E9FE8E79171A851BA158B8E84034FE0518A619F47F3450FFA2BC" />
-    <Deny ID="ID_DENY_RTCORE_45" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Sha1" Hash="A7CE1394D10DCFDE7B8A1C90667826DA68933673" />
-    <Deny ID="ID_DENY_RTCORE_46" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Sha256" Hash="6279821BF9ECCED596F474C8FC547DAB0BDDBB3AB972390596BD4C5C7B85C685" />
-    <Deny ID="ID_DENY_RTCORE_47" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Page Sha1" Hash="9E504DB591D321F1F8CEA62A5A111DA0EFB26447" />
-    <Deny ID="ID_DENY_RTCORE_48" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Page Sha256" Hash="BEDC7276543DAAFC11D44F5F603F8AA48C61837F7C4C9446F10FA522F3275D17" />
+    <Deny ID="ID_DENY_RTCORE_1" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Sha1" Hash="4A68C2D7A4C471E062A32C83A36EEDB45A619683" />
+    <Deny ID="ID_DENY_RTCORE_2" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Sha256" Hash="478C36F8AF7844A80E24C1822507BEEF6314519185717EC7AE224A0E04B2F330" />
+    <Deny ID="ID_DENY_RTCORE_3" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Page Sha1" Hash="84152FA241C3808F8C7752964589C957E440403F" />
+    <Deny ID="ID_DENY_RTCORE_4" FriendlyName="RTCore\01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd Hash Page Sha256" Hash="A807532037A3549AE3E046F183D782BCB78B6193163EA448098140563CF857CB" />
+    <Deny ID="ID_DENY_RTCORE_5" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Sha1" Hash="DA1BD3AD4A8FE1E28C1DE28A7BF66AD82DA0DD29" />
+    <Deny ID="ID_DENY_RTCORE_6" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Sha256" Hash="61A1F530A5D47339275657D7883911D64F64909569CF13D2E6868DF01A2A72CB" />
+    <Deny ID="ID_DENY_RTCORE_7" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Page Sha1" Hash="BD2340853235FE2757829E7F899CE25BD65C5434" />
+    <Deny ID="ID_DENY_RTCORE_8" FriendlyName="RTCore\077aa8ff5e01747723b6d24cc8af460a7a00f30cd3bc80e41cc245ceb8305356 Hash Page Sha256" Hash="74860E5563D3993635DC41E47BB34837C8B53ECBFF539244E1EC608E7B53D42D" />
+    <Deny ID="ID_DENY_RTCORE_9" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Sha1" Hash="38B353D8480885DE5DCF299DECA99CE4F26A1D20" />
+    <Deny ID="ID_DENY_RTCORE_10" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Sha256" Hash="5182CAF10DE9CEC0740ECDE5A081C21CDC100D7EB328FFE6F3F63183889FEC6B" />
+    <Deny ID="ID_DENY_RTCORE_11" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Page Sha1" Hash="1A4F647C27D093675A674E5A8D83063A83231D28" />
+    <Deny ID="ID_DENY_RTCORE_12" FriendlyName="RTCore\08828990218ebb4415c1bb33fa2b0a009efd0784b18b3f7ecd3bc078343f7208 Hash Page Sha256" Hash="46D4A0CE75FA97837C7B6869D29AF9D6068F9023346E9D34C0E26E41198CDB80" />
+    <Deny ID="ID_DENY_RTCORE_13" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Sha1" Hash="5717BF3E520ACCFFF5AD9943E53A3B118FB67F2E" />
+    <Deny ID="ID_DENY_RTCORE_14" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Sha256" Hash="918D2E68A724B58D37443AEA159E70BF8B1B5EBB089C395CAD1D62745ECDAA19" />
+    <Deny ID="ID_DENY_RTCORE_15" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Page Sha1" Hash="03E1FB2499B9361141E2AC4FCCB9CCE2A48A0342" />
+    <Deny ID="ID_DENY_RTCORE_16" FriendlyName="RTCore\0aca4447ee54d635f76b941f6100b829dc8b2e0df27bdf584acb90f15f12fbda Hash Page Sha256" Hash="556B8ACD6EFF7D5A2A0320CD22CAD122254ABDEDCBBD749DB14CD8D314D609BE" />
+    <Deny ID="ID_DENY_RTCORE_17" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Sha1" Hash="43D3A3C1F7B14CFCC051CAE2534DBBBB4C7FC120" />
+    <Deny ID="ID_DENY_RTCORE_18" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Sha256" Hash="B8EB26B6F79020AE988E4FB752DC06E1B6779749BF4F8DF2872FC2B92BAB8020" />
+    <Deny ID="ID_DENY_RTCORE_19" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Page Sha1" Hash="6AE84C64765F9271C4758D387AD1E07B64F7966D" />
+    <Deny ID="ID_DENY_RTCORE_20" FriendlyName="RTCore\1c425793a8ce87be916969d6d7e9dd0687b181565c3b483ce53ad1ec6fb72a17 Hash Page Sha256" Hash="AA60FC20276D6779BBEA2A629C2FBAA3CE60ED2C2AD26230101FFF01A6E79A24" />
+    <Deny ID="ID_DENY_RTCORE_21" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Sha1" Hash="B3249BACDA6E43AA2C46C2AF802C9EE0B7E2FD7B" />
+    <Deny ID="ID_DENY_RTCORE_22" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Sha256" Hash="3C9829A16EB85272B0E1A2917FEFFAAB8DDB23E633B168B389669339A0CEE0B5" />
+    <Deny ID="ID_DENY_RTCORE_23" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Page Sha1" Hash="060C4D64F67F9300F2DBD09F68B4B591AAAFA698" />
+    <Deny ID="ID_DENY_RTCORE_24" FriendlyName="RTCore\3ff50c67d51553c08dcb7c98342f68a0f54ad6658c5346c428bdcd1f185569f6 Hash Page Sha256" Hash="BF0439DB3DCC00355291FEFF1D31F5B48CD1334DBBA3DAEB761E7084335D40E7" />
+    <Deny ID="ID_DENY_RTCORE_25" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Sha1" Hash="8498265D4CA81B83EC1454D9EC013D7A9C0C87BF" />
+    <Deny ID="ID_DENY_RTCORE_26" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Sha256" Hash="606BECED7746CDB684D3A44F41E48713C6BBE5BFB1486C52B5CCA815E99D31B4" />
+    <Deny ID="ID_DENY_RTCORE_27" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Page Sha1" Hash="3B05785D8AD770E4356BC8041606B08BDAB56C99" />
+    <Deny ID="ID_DENY_RTCORE_28" FriendlyName="RTCore\40061b30b1243be76d5283cbc8abfe007e148097d4de7337670ff1536c4c7ba1 Hash Page Sha256" Hash="2DC771BED765E9FE8E79171A851BA158B8E84034FE0518A619F47F3450FFA2BC" />
+    <Deny ID="ID_DENY_RTCORE_29" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Sha1" Hash="A7CE1394D10DCFDE7B8A1C90667826DA68933673" />
+    <Deny ID="ID_DENY_RTCORE_30" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Sha256" Hash="6279821BF9ECCED596F474C8FC547DAB0BDDBB3AB972390596BD4C5C7B85C685" />
+    <Deny ID="ID_DENY_RTCORE_31" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Page Sha1" Hash="9E504DB591D321F1F8CEA62A5A111DA0EFB26447" />
+    <Deny ID="ID_DENY_RTCORE_32" FriendlyName="RTCore\bea8c6728d57d4b075f372ac82b8134ac8044fe13f533696a58e8864fa3efee3 Hash Page Sha256" Hash="BEDC7276543DAAFC11D44F5F603F8AA48C61837F7C4C9446F10FA522F3275D17" />
+    <Deny ID="ID_DENY_RTPORT_1" FriendlyName="Realtek rtport\6f806a9de79ac2886613c20758546f7e9597db5a20744f7dd82d310b7d6457d0 Hash Sha1" Hash="803ACF5CCBE22E7483AA0AB66BDEB191D94CED71"/>
+    <Deny ID="ID_DENY_RTPORT_2" FriendlyName="Realtek rtport\6f806a9de79ac2886613c20758546f7e9597db5a20744f7dd82d310b7d6457d0 Hash Sha256" Hash="9A873E9D66FC509F51317A6D73A75D97A05B56DA38F0DBA90F74ACFDE262BA3D"/>
+    <Deny ID="ID_DENY_RTPORT_3" FriendlyName="Realtek rtport\74e05c6674f48089c617d66d8231cc5271c94430e80bc346cea0dfee44741476 Hash Sha1" Hash="991953AE95747735ACC492C40373944BB843D8AF"/>
+    <Deny ID="ID_DENY_RTPORT_4" FriendlyName="Realtek rtport\74e05c6674f48089c617d66d8231cc5271c94430e80bc346cea0dfee44741476 Hash Sha256" Hash="74E05C6674F48089C617D66D8231CC5271C94430E80BC346CEA0DFEE44741476"/>
+    <Deny ID="ID_DENY_RTPORT_5" FriendlyName="Realtek rtport\8fe429c46fedbab8f06e5396056adabbb84a31efef7f9523eb745fc60144db65 Hash Sha1" Hash="C613B7797A6C1F31271F8F5DCED8515D8E4F5732"/>
+    <Deny ID="ID_DENY_RTPORT_6" FriendlyName="Realtek rtport\8fe429c46fedbab8f06e5396056adabbb84a31efef7f9523eb745fc60144db65 Hash Sha256" Hash="489C02D8102FC401010793D7388B59DC944A2E77CF4179424015CD863701B19B"/>
+    <Deny ID="ID_DENY_RTPORT_7" FriendlyName="Realtek rtport\8fe429c46fedbab8f06e5396056adabbb84a31efef7f9523eb745fc60144db65 Hash Page Sha1" Hash="51D1765FA0740BB71DD588FBABAC5C077FBBE569"/>
+    <Deny ID="ID_DENY_RTPORT_8" FriendlyName="Realtek rtport\8fe429c46fedbab8f06e5396056adabbb84a31efef7f9523eb745fc60144db65 Hash Page Sha256" Hash="68000CAA66F5CE231142C6BC93CEA1768D97394F53E048AB74F6B038F12649C8"/>
+    <Deny ID="ID_DENY_RTPORT_9" FriendlyName="Realtek rtport\a29093d4d708185ba8be35709113fb42e402bbfbf2960d3e00fd7c759ef0b94e Hash Sha1" Hash="37960129FD53D546A6C419DDDE1204DD4B517F6D"/>
+    <Deny ID="ID_DENY_RTPORT_10" FriendlyName="Realtek rtport\a29093d4d708185ba8be35709113fb42e402bbfbf2960d3e00fd7c759ef0b94e Hash Sha256" Hash="7A04DB5C3E8691943EC36AC7CBE4C5FF1CE6781936D084363AC3CBC46727D115"/>
+    <Deny ID="ID_DENY_RTPORT_11" FriendlyName="Realtek rtport\c490d6c0844f59fdb4aa850a06e283fbf5e5b6ac20ff42ead03d549d8ae1c01b Hash Sha1" Hash="C2308FF02A8A05D7B20E59D7734B90FE950D15BC"/>
+    <Deny ID="ID_DENY_RTPORT_12" FriendlyName="Realtek rtport\c490d6c0844f59fdb4aa850a06e283fbf5e5b6ac20ff42ead03d549d8ae1c01b Hash Sha256" Hash="74264CE2E0ED67730B0F3C719AEE37664D4688F872875322A64022CD68E060BB"/>
+    <Deny ID="ID_DENY_RTPORT_13" FriendlyName="Realtek rtport\e3dbafce5ad2bf17446d0f853aeedf58cc25aa1080ab97e22375a1022d6acb16 Hash Sha1" Hash="5599900B51571F6557C862F5D82B8F6706A21A9D"/>
+    <Deny ID="ID_DENY_RTPORT_14" FriendlyName="Realtek rtport\e3dbafce5ad2bf17446d0f853aeedf58cc25aa1080ab97e22375a1022d6acb16 Hash Sha256" Hash="353A36D445E4FF60396702AD7B22B5F30BDCE52AA05126E2701714A3F11A11C7"/>
+    <Deny ID="ID_DENY_RTPORT_15" FriendlyName="Realtek rtport\ff322cd0cc30976f9dbdb7a3681529aeab0de7b7f5c5763362b02c15da9657a1 Hash Sha1" Hash="B2D78E9010D84F2FDB68B15667AF177809F015EA"/>
+    <Deny ID="ID_DENY_RTPORT_16" FriendlyName="Realtek rtport\ff322cd0cc30976f9dbdb7a3681529aeab0de7b7f5c5763362b02c15da9657a1 Hash Sha256" Hash="0CB26201B95CA0015A8B0370D5BC12D38AB8C74D8A24864A8B5D9E8BE1DD1EDF"/>
     <Deny ID="ID_DENY_SEMAV6MSR64_SHA1" FriendlyName="semav6msr64.sys Hash Sha1" Hash="E3DBE2AA03847DF621591A4CAD69A5609DE5C237" />
     <Deny ID="ID_DENY_SEMAV6MSR64_SHA256" FriendlyName="semav6msr64.sys Hash Sha256" Hash="EB71A8ECEF692E74AE356E8CB734029B233185EE5C2CCB6CC87CC6B36BEA65CF" />
     <Deny ID="ID_DENY_SEMAV6MSR64_SHA1_PAGE" FriendlyName="semav6msr64.sys Hash Page Sha1" Hash="F3821EC0AEF270F749DF9F44FBA91AFA5C8C38E8" />
     <Deny ID="ID_DENY_SEMAV6MSR64_SHA256_PAGE" FriendlyName="semav6msr64.sys Hash Page Sha256" Hash="4F12EE563E7496E7105D67BF64AF6B436902BE4332033AF0B5A242B206372CB7" />
+    <Deny ID="ID_DENY_SEPDRV3_1" FriendlyName="sepdrv3.sys\11cf5a8c3a2cdd8df81e8c3e477bb84b25fb92becb41f35a5d675acaa1466890 Hash Sha1" Hash="E5EBDE06493D4556083C6F1B5699E3DE7E19F00A"/>
+    <Deny ID="ID_DENY_SEPDRV3_2" FriendlyName="sepdrv3.sys\11cf5a8c3a2cdd8df81e8c3e477bb84b25fb92becb41f35a5d675acaa1466890 Hash Sha256" Hash="999B7B31DE4B29CC9645083247EDF150DDA59DD1B67D8A309D6086DAE56C5C8B"/>
+    <Deny ID="ID_DENY_SEPDRV3_3" FriendlyName="sepdrv3.sys\11cf5a8c3a2cdd8df81e8c3e477bb84b25fb92becb41f35a5d675acaa1466890 Hash Page Sha1" Hash="96A8FC40C0C4CEC694D6EAC90D00ABFAE9C574F4"/>
+    <Deny ID="ID_DENY_SEPDRV3_4" FriendlyName="sepdrv3.sys\11cf5a8c3a2cdd8df81e8c3e477bb84b25fb92becb41f35a5d675acaa1466890 Hash Page Sha256" Hash="F80CBBDE4E2363504CB01FA79EA65DAC6867BB381360C8757DC253D4328C16CD"/>
+    <Deny ID="ID_DENY_SEPDRV3_5" FriendlyName="sepdrv3.sys\17f19350ea6715ce94ca2014bce92a5c07fd752fd06647a8200db6b052468810 Hash Sha1" Hash="A7B5CABA6CD70B7AFE67E56A3E440EE6FEE75146"/>
+    <Deny ID="ID_DENY_SEPDRV3_6" FriendlyName="sepdrv3.sys\17f19350ea6715ce94ca2014bce92a5c07fd752fd06647a8200db6b052468810 Hash Sha256" Hash="D6EEE72899BC9115301FCE63D8B6550F5401C2BC9C249F1CC14652B0902C743F"/>
+    <Deny ID="ID_DENY_SEPDRV3_7" FriendlyName="sepdrv3.sys\17f19350ea6715ce94ca2014bce92a5c07fd752fd06647a8200db6b052468810 Hash Page Sha1" Hash="033ECCCAD06DBCD70E929386EA225E46010E2D1C"/>
+    <Deny ID="ID_DENY_SEPDRV3_8" FriendlyName="sepdrv3.sys\17f19350ea6715ce94ca2014bce92a5c07fd752fd06647a8200db6b052468810 Hash Page Sha256" Hash="91AD7CB148D7F16167E0BC3ECA78DAA714664E7BC1825A7CB62762307709CCAE"/>
+    <Deny ID="ID_DENY_SEPDRV3_9" FriendlyName="sepdrv3.sys\1b83be686572c6f0f7d214af7a135978bf5a342e4aafbb01c1a0cf5f6e054863 Hash Sha1" Hash="2D9B4019214135DAD5AA5ABD6D54C73E0F38FB2E"/>
+    <Deny ID="ID_DENY_SEPDRV3_10" FriendlyName="sepdrv3.sys\1b83be686572c6f0f7d214af7a135978bf5a342e4aafbb01c1a0cf5f6e054863 Hash Sha256" Hash="6860735F703F2287B7C1906FA14F819E1CFBC0E4D332FA811673921CAC9CA451"/>
+    <Deny ID="ID_DENY_SEPDRV3_11" FriendlyName="sepdrv3.sys\1b83be686572c6f0f7d214af7a135978bf5a342e4aafbb01c1a0cf5f6e054863 Hash Page Sha1" Hash="569A3823C3E6A38C9D91E3691E38EE226B46E8C6"/>
+    <Deny ID="ID_DENY_SEPDRV3_12" FriendlyName="sepdrv3.sys\1b83be686572c6f0f7d214af7a135978bf5a342e4aafbb01c1a0cf5f6e054863 Hash Page Sha256" Hash="167C1661E6AA46E4A06C02B35786A3B0B35B76E7CE32BC013893A480D174C242"/>
+    <Deny ID="ID_DENY_SEPDRV3_13" FriendlyName="sepdrv3.sys\321104460942bf98c5c248f660e068e5170c16ae8eedfa7acc5bf98471042a4e Hash Sha1" Hash="5FD9BDE1FF9C91BADE322EAA2C83ACC6E2751351"/>
+    <Deny ID="ID_DENY_SEPDRV3_14" FriendlyName="sepdrv3.sys\321104460942bf98c5c248f660e068e5170c16ae8eedfa7acc5bf98471042a4e Hash Sha256" Hash="8971D8B30721EDFAB149FA3D2C201C0BB134F33F03D22AA6C90164A4AAF630CD"/>
+    <Deny ID="ID_DENY_SEPDRV3_15" FriendlyName="sepdrv3.sys\321104460942bf98c5c248f660e068e5170c16ae8eedfa7acc5bf98471042a4e Hash Page Sha1" Hash="07CD7EE875F911B657A395038DA04ED2BCA98E98"/>
+    <Deny ID="ID_DENY_SEPDRV3_16" FriendlyName="sepdrv3.sys\321104460942bf98c5c248f660e068e5170c16ae8eedfa7acc5bf98471042a4e Hash Page Sha256" Hash="7A7EEE720CC27C30B1A52D9459F75635C68DE46F583A5A71792F8B6EE0E8E39E"/>
+    <Deny ID="ID_DENY_SEPDRV3_17" FriendlyName="sepdrv3.sys\398853920c10c4d3c685d4222b067e2d7f6b2430adb70577d4e448078de5c64c Hash Sha1" Hash="854708A1E286D377C85C7AE6386509F6AD6E250D"/>
+    <Deny ID="ID_DENY_SEPDRV3_18" FriendlyName="sepdrv3.sys\398853920c10c4d3c685d4222b067e2d7f6b2430adb70577d4e448078de5c64c Hash Sha256" Hash="C2742A2FAD0061A9D7664A8EFBD99C9C8E8E1FB489DE5FA29DFBFB591DB240A4"/>
+    <Deny ID="ID_DENY_SEPDRV3_19" FriendlyName="sepdrv3.sys\398853920c10c4d3c685d4222b067e2d7f6b2430adb70577d4e448078de5c64c Hash Page Sha1" Hash="E1A1423FB686F65ED1D0AC5B8BD12C64A7AB895F"/>
+    <Deny ID="ID_DENY_SEPDRV3_20" FriendlyName="sepdrv3.sys\398853920c10c4d3c685d4222b067e2d7f6b2430adb70577d4e448078de5c64c Hash Page Sha256" Hash="5A17C00F920FE49725BAE0594D1326A3E15A0A069DD1E2DBB07C4C32C0F43151"/>
+    <Deny ID="ID_DENY_SEPDRV3_21" FriendlyName="sepdrv3.sys\3fd6a8623394db4eaeabfb7a6e75d8af6f998409de4537045db06391d82b37c8 Hash Sha1" Hash="970D8ADF83D9DCD3DB8F69C2B3EE77B01F480FE5"/>
+    <Deny ID="ID_DENY_SEPDRV3_22" FriendlyName="sepdrv3.sys\3fd6a8623394db4eaeabfb7a6e75d8af6f998409de4537045db06391d82b37c8 Hash Sha256" Hash="34FDC85DF0AC6B7BE6C8B36163BE1E4FFB68C89B6A640B9A74C8A9E6DDE6E7A7"/>
+    <Deny ID="ID_DENY_SEPDRV3_23" FriendlyName="sepdrv3.sys\3fd6a8623394db4eaeabfb7a6e75d8af6f998409de4537045db06391d82b37c8 Hash Page Sha1" Hash="898E91D2DF5D93CD43A18399B25CCC620A4246E5"/>
+    <Deny ID="ID_DENY_SEPDRV3_24" FriendlyName="sepdrv3.sys\3fd6a8623394db4eaeabfb7a6e75d8af6f998409de4537045db06391d82b37c8 Hash Page Sha256" Hash="EA0E3A51B7C901108FC95366C25E9093DF6709A7E0BDE3D031BEDBFC73B488CA"/>
+    <Deny ID="ID_DENY_SEPDRV3_25" FriendlyName="sepdrv3.sys\54fc3cad3fc4d45eaf43b96b175a65879761c996c4e26880064170811b0a11ff Hash Sha1" Hash="16F2B2F44FC257ABB1E69DD7FB0BA1E98FB89702"/>
+    <Deny ID="ID_DENY_SEPDRV3_26" FriendlyName="sepdrv3.sys\54fc3cad3fc4d45eaf43b96b175a65879761c996c4e26880064170811b0a11ff Hash Sha256" Hash="2C12AF21CEB317375E644E0388385DD11C5B005472C09A8710EC7E905AAB7E77"/>
+    <Deny ID="ID_DENY_SEPDRV3_27" FriendlyName="sepdrv3.sys\54fc3cad3fc4d45eaf43b96b175a65879761c996c4e26880064170811b0a11ff Hash Page Sha1" Hash="F6FBF8FB8ECE412AFEDFE5B93C0DEC6DC5672C96"/>
+    <Deny ID="ID_DENY_SEPDRV3_28" FriendlyName="sepdrv3.sys\54fc3cad3fc4d45eaf43b96b175a65879761c996c4e26880064170811b0a11ff Hash Page Sha256" Hash="0BFA3751E7449E4C0F945E881AF6E6577B4FCA51681F097F0B45E7A31240B8F0"/>
+    <Deny ID="ID_DENY_SEPDRV3_29" FriendlyName="sepdrv3.sys\94ef5e5188b675da304ac1724655072ec4abc2d48ca545daa7ccfc52ded2d7ae Hash Sha1" Hash="C77D060AD181E3B61E2A41CDEDD09DC2ABD64492"/>
+    <Deny ID="ID_DENY_SEPDRV3_30" FriendlyName="sepdrv3.sys\94ef5e5188b675da304ac1724655072ec4abc2d48ca545daa7ccfc52ded2d7ae Hash Sha256" Hash="51044D01CE2BE5EC9D8E339E39FC5CA4636E4F3203B2810AB0A4030E948AFF0D"/>
+    <Deny ID="ID_DENY_SEPDRV3_31" FriendlyName="sepdrv3.sys\94ef5e5188b675da304ac1724655072ec4abc2d48ca545daa7ccfc52ded2d7ae Hash Page Sha1" Hash="9CE4E2C3217F2BF1D2F4F4CFC7108F336D92E56E"/>
+    <Deny ID="ID_DENY_SEPDRV3_32" FriendlyName="sepdrv3.sys\94ef5e5188b675da304ac1724655072ec4abc2d48ca545daa7ccfc52ded2d7ae Hash Page Sha256" Hash="F8640E7A6DFFB61C4BBCB5416EB97D21EBC5153B16ADB8E9B17BFA44377C8602"/>
+    <Deny ID="ID_DENY_SEPDRV3_33" FriendlyName="sepdrv3.sys\b96ba5c469591f9e545bef4af1719a831c73b71207fad79efd84335c1519f71a Hash Sha1" Hash="8B6315FF84C9724EE0FE120DC04B058273310C15"/>
+    <Deny ID="ID_DENY_SEPDRV3_34" FriendlyName="sepdrv3.sys\b96ba5c469591f9e545bef4af1719a831c73b71207fad79efd84335c1519f71a Hash Sha256" Hash="FCAE0263D0172388BA503EADF89DCBE2788E3C9A93A2AC5D1492194671DEC9AC"/>
+    <Deny ID="ID_DENY_SEPDRV3_35" FriendlyName="sepdrv3.sys\b96ba5c469591f9e545bef4af1719a831c73b71207fad79efd84335c1519f71a Hash Page Sha1" Hash="186B696A6D491CC1EDAA4EB470D77FE63740643E"/>
+    <Deny ID="ID_DENY_SEPDRV3_36" FriendlyName="sepdrv3.sys\b96ba5c469591f9e545bef4af1719a831c73b71207fad79efd84335c1519f71a Hash Page Sha256" Hash="06E02324268E647EC77C63B81D06DAF2AE58BBD5BFA6F3DC78EFC2FAF632062D"/>
+    <Deny ID="ID_DENY_SEPDRV3_37" FriendlyName="sepdrv3.sys\f7cb042aaddd24d867c2ac3a5386d736be91f65c47752fef7e93ce4c0e2b8e1e Hash Sha1" Hash="4367680C86115B001DD5D9F63DA7B3755596D500"/>
+    <Deny ID="ID_DENY_SEPDRV3_38" FriendlyName="sepdrv3.sys\f7cb042aaddd24d867c2ac3a5386d736be91f65c47752fef7e93ce4c0e2b8e1e Hash Sha256" Hash="5C421BB2DC2B155FB8DEFF8A5E7E09D903341C729A27B509A8CDBBB54D8352C9"/>
+    <Deny ID="ID_DENY_SEPDRV3_39" FriendlyName="sepdrv3.sys\f7cb042aaddd24d867c2ac3a5386d736be91f65c47752fef7e93ce4c0e2b8e1e Hash Page Sha1" Hash="A79BB06F44FA71D9D08E9A94C9B2E1ED522A5F78"/>
+    <Deny ID="ID_DENY_SEPDRV3_40" FriendlyName="sepdrv3.sys\f7cb042aaddd24d867c2ac3a5386d736be91f65c47752fef7e93ce4c0e2b8e1e Hash Page Sha256" Hash="F1C7B0C250297DD5BC5D5B75E3DB77FCE5E2F2AF93B7C3CC78BAE4608BD505CE"/>
     <Deny ID="ID_DENY_SUPERBMC_2" FriendlyName="superbmc.sys\1d804efc9a1a012e1f68288c0a2833b13d00eecd4a6e93258ba100aa07e3406f Hash Sha1" Hash="989BDDC6B7076947277AB6EB7F002AB6731AAEAE" />
     <Deny ID="ID_DENY_SUPERBMC_3" FriendlyName="superbmc.sys\1d804efc9a1a012e1f68288c0a2833b13d00eecd4a6e93258ba100aa07e3406f Hash Sha256" Hash="5147B0F2CA9D0BDE1F9FCEB382C05F7FA9C333709D7BF081D6C00A4132D914AF" />
     <Deny ID="ID_DENY_SUPERBMC_4" FriendlyName="superbmc.sys\1d804efc9a1a012e1f68288c0a2833b13d00eecd4a6e93258ba100aa07e3406f Hash Page Sha1" Hash="4378B656A1C94CD885323B6D6E36038E8522E6CC" />
@@ -1240,6 +1382,14 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_SUPERBMC_15" FriendlyName="superbmc.sys\ee6bfdf5748fbbf579d6176026626ef39a0673e307c2029f5633e80f0babef54 Hash Sha256" Hash="976C015B28197CCD15F807B776F705BDF612FC622FB0A4B9901B90F180BF2F8A" />
     <Deny ID="ID_DENY_SUPERBMC_16" FriendlyName="superbmc.sys\ee6bfdf5748fbbf579d6176026626ef39a0673e307c2029f5633e80f0babef54 Hash Page Sha1" Hash="2303BEAB201455CC543E0CCE9D4D8698338787EB" />
     <Deny ID="ID_DENY_SUPERBMC_17" FriendlyName="superbmc.sys\ee6bfdf5748fbbf579d6176026626ef39a0673e307c2029f5633e80f0babef54 Hash Page Sha256" Hash="161DC4F7ED741397F6BD6C2B012DBDF6E397CF02212C7DAAF303338206B1E3A7" />
+    <Deny ID="ID_DENY_SYSCONP_1" FriendlyName="IBM sysconp.sys\dba8db472e51edd59f0bbaf4e09df71613d4dd26fd05f14a9bc7e3fc217a78aa Hash Sha1" Hash="7D7BBE8F7C7445B98B02D0AC4DA109B6275331BF"/>
+    <Deny ID="ID_DENY_SYSCONP_2" FriendlyName="IBM sysconp.sys\dba8db472e51edd59f0bbaf4e09df71613d4dd26fd05f14a9bc7e3fc217a78aa Hash Sha256" Hash="42446592B42E34BF569A631265BCAF2A2192D424531A343A7680F52199B88462"/>
+    <Deny ID="ID_DENY_SYSCONP_3" FriendlyName="IBM sysconp.sys\dba8db472e51edd59f0bbaf4e09df71613d4dd26fd05f14a9bc7e3fc217a78aa Hash Page Sha1" Hash="FC9033ACD7454A12EA9AEB7F27A04A2A6D26EEA0"/>
+    <Deny ID="ID_DENY_SYSCONP_4" FriendlyName="IBM sysconp.sys\dba8db472e51edd59f0bbaf4e09df71613d4dd26fd05f14a9bc7e3fc217a78aa Hash Page Sha256" Hash="460D48855B3390A01AD549BA866FD7567CDFAFBAF6CC3BD199CD3DE36BCCC4C7"/>
+    <Deny ID="ID_DENY_SYSCONP_5" FriendlyName="IBM sysconp.sys\df4c02beb039d15ff0c691bbc3595c9edfc1d24e783c8538a859bc5ea537188d Hash Sha1" Hash="F02835C1C4E0D69F9ED80E97345EE6F2258C601C"/>
+    <Deny ID="ID_DENY_SYSCONP_6" FriendlyName="IBM sysconp.sys\df4c02beb039d15ff0c691bbc3595c9edfc1d24e783c8538a859bc5ea537188d Hash Sha256" Hash="9303894EE50D95911CCD4583B2AA5484DB63DE0D8F799B14854577E15914DF2D"/>
+    <Deny ID="ID_DENY_SYSCONP_7" FriendlyName="IBM sysconp.sys\df4c02beb039d15ff0c691bbc3595c9edfc1d24e783c8538a859bc5ea537188d Hash Page Sha1" Hash="7464301A7E4A828105E4EF4CB16209575B93FF29"/>
+    <Deny ID="ID_DENY_SYSCONP_8" FriendlyName="IBM sysconp.sys\df4c02beb039d15ff0c691bbc3595c9edfc1d24e783c8538a859bc5ea537188d Hash Page Sha256" Hash="DEB2CC7E586188EC475BD024F0DEAD6E321B6196D5B3179FD0521682160C4F81"/>
     <Deny ID="ID_DENY_SYSDRV3S_1" FriendlyName="CodeSys SysDrv3S\0dd9daf0852a5b1b436199e9f2bf318f641f43173ab0dc22ad8c7e9cbaee9ad3 Hash Sha1" Hash="3AA0ABAF4EA1F90D1B5D2F26ABE7FE9F0BB14A76" />
     <Deny ID="ID_DENY_SYSDRV3S_2" FriendlyName="CodeSys SysDrv3S\0dd9daf0852a5b1b436199e9f2bf318f641f43173ab0dc22ad8c7e9cbaee9ad3 Hash Sha256" Hash="8A4E6D1A5E0309EAD41B11CEB479C6A874CF6E57F2B416C12025E1B485009F37" />
     <Deny ID="ID_DENY_SYSDRV3S_3" FriendlyName="CodeSys SysDrv3S\0dd9daf0852a5b1b436199e9f2bf318f641f43173ab0dc22ad8c7e9cbaee9ad3 Hash Page Sha1" Hash="F4C12BA9B5B73C159EB920060B8E4CEE9D729187" />
@@ -1260,6 +1410,18 @@ To check that the policy was successfully applied on your computer:
     <Deny ID="ID_DENY_SYSINFO_6" FriendlyName="Noriyuki Miyazaki SysInfo\7049f3c939efe76a5556c2a2c04386db51daf61d56b679f4868bb0983c996ebb Hash Page Sha256" Hash="954CCDEAB26CE6555FCD780AD646620DE11F32F2E8347E12C6C95CF6C14DF6CC" />
     <Deny ID="ID_DENY_SYSINFO_7" FriendlyName="Noriyuki Miyazaki SysInfo\b85e9b69ad23bfb37452fe0b67dfa71e5980a8e4310b021bc6f8c36f893bc625 Hash Sha1" Hash="D6E675670E57B3758C1D9F04F51F0C0C46956805" />
     <Deny ID="ID_DENY_SYSINFO_8" FriendlyName="Noriyuki Miyazaki SysInfo\b85e9b69ad23bfb37452fe0b67dfa71e5980a8e4310b021bc6f8c36f893bc625 Hash Sha256" Hash="6EE124F31A765CDBBB27831B8F3297F844A5F375E408A5953693B2E65F20165B" />
+    <Deny ID="ID_DENY_TDEIO_1" FriendlyName="Tdeio.sys\1076504a145810dfe331324007569b95d0310ac1e08951077ac3baf668b2a486 Hash Sha1" Hash="4CAC09246C22324368F367E03550734A281471C5"/>
+    <Deny ID="ID_DENY_TDEIO_2" FriendlyName="Tdeio.sys\1076504a145810dfe331324007569b95d0310ac1e08951077ac3baf668b2a486 Hash Sha256" Hash="C8A34012C22A650972B9ECAD988D346C8670BCD51EA2DD3AB7FE4562E117F1B9"/>
+    <Deny ID="ID_DENY_TDEIO_3" FriendlyName="Tdeio.sys\1076504a145810dfe331324007569b95d0310ac1e08951077ac3baf668b2a486 Hash Page Sha1" Hash="89ECEE8145F24A563B9A839EEF3408D18A1A8822"/>
+    <Deny ID="ID_DENY_TDEIO_4" FriendlyName="Tdeio.sys\1076504a145810dfe331324007569b95d0310ac1e08951077ac3baf668b2a486 Hash Page Sha256" Hash="E7CAB1DFD41C8690382715257ADF36DA6F7B3603420135E24DB161319ABC2FAC"/>
+    <Deny ID="ID_DENY_TDEIO_5" FriendlyName="Tdeio.sys\aa282c3b989a0eca78023347b7b1e1feef7e42edf9fd2bef5d55c66000c99911 Hash Sha1" Hash="56A8604B2A5752E6D06F312A0B858BF3B949121B"/>
+    <Deny ID="ID_DENY_TDEIO_6" FriendlyName="Tdeio.sys\aa282c3b989a0eca78023347b7b1e1feef7e42edf9fd2bef5d55c66000c99911 Hash Sha256" Hash="EE06212E22AE7E892F09AE75CB39587237F5A115BF3CE4AE7493A8E82C180CAE"/>
+    <Deny ID="ID_DENY_TDEIO_7" FriendlyName="Tdeio.sys\aa282c3b989a0eca78023347b7b1e1feef7e42edf9fd2bef5d55c66000c99911 Hash Page Sha1" Hash="6F4018933D98EFEF97CC2EA9EA55018B9497592D"/>
+    <Deny ID="ID_DENY_TDEIO_8" FriendlyName="Tdeio.sys\aa282c3b989a0eca78023347b7b1e1feef7e42edf9fd2bef5d55c66000c99911 Hash Page Sha256" Hash="5379AD6B8A4B6669DEFD907B9D1D2030F31D9F00559F32935629765A75F6B601"/>
+    <Deny ID="ID_DENY_WFSHBR_1" FriendlyName="HyperTech wfshbr64\89698cad598a56f9e45efffd15d1841e494a2409cc12279150a03842cd6bb7f3 Hash Sha1" Hash="0122F7A57784F2AC460D175687450D8940CACE6E"/>
+    <Deny ID="ID_DENY_WFSHBR_2" FriendlyName="HyperTech wfshbr64\89698cad598a56f9e45efffd15d1841e494a2409cc12279150a03842cd6bb7f3 Hash Sha256" Hash="D16A59CD7C52D1D32BB43670CDCA739AADB19BA15996BAC62071845E1BFBDB95"/>
+    <Deny ID="ID_DENY_WFSHBR_3" FriendlyName="HyperTech wfshbr64\89698cad598a56f9e45efffd15d1841e494a2409cc12279150a03842cd6bb7f3 Hash Page Sha1" Hash="59621ADDE6C6353397F1D7E5C1F8A887AC9931E6"/>
+    <Deny ID="ID_DENY_WFSHBR_4" FriendlyName="HyperTech wfshbr64\89698cad598a56f9e45efffd15d1841e494a2409cc12279150a03842cd6bb7f3 Hash Page Sha256" Hash="C374004CD00D779F028638E03F611C270FCA020AA413BE9BB6852E875B848E42"/>
     <Deny ID="ID_DENY_WINIO_1" FriendlyName="PartnerTech WinIo64A.sys\0c74d09da7baf7c05360346e4c3512d0cd433d59 Hash Sha1" Hash="0C74D09DA7BAF7C05360346E4C3512D0CD433D59" />
     <Deny ID="ID_DENY_WINIO_2" FriendlyName="PartnerTech WinIo64B.sys\f18e669127c041431cde8f2d03b15cfc20696056 Hash Sha1" Hash="F18E669127C041431CDE8F2D03B15CFC20696056" />
     <Deny ID="ID_DENY_WINIO_3" FriendlyName="PartnerTech WinIO32B.sys\f1c8c3926d0370459a1b7f0cf3d17b22ff9d0c7f Hash Sha1" Hash="F1C8C3926D0370459A1B7F0CF3D17B22FF9D0C7F" />
@@ -1363,35 +1525,45 @@ To check that the policy was successfully applied on your computer:
     <FileAttrib ID="ID_FILEATTRIB_ALSYSIO" FriendlyName="ALSysIO\01af9b2e49907308312be623a125a4cd71da9e626a54dfa746336e5d69c0a70a FileAttribute" FileName="ALSysIO.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.0.10.65535" />
     <FileAttrib ID="ID_FILEATTRIB_AMD_RYZEN" FriendlyName="amdryzenmaster.sys" FileName="AMDRyzenMasterDriver.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.5.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_AMDPP" FriendlyName="AMDPowerProfiler.sys FileAttribute" FileName="AMDPowerProfiler.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="6.1.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_ASHITIO" FriendlyName="Asus AsHitIo_Drv FileAttribute" FileName="AsHitIo_Drv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="27.0.0.0"/>
     <FileAttrib ID="ID_FILEATTRIB_ASR_AUTOCHECK_1" FriendlyName="ASRAutoCheck\2aa1b08f47fbb1e2bd2e4a492f5d616968e703e1359a921f62b38b8e4662f0c4 FileAttribute" FileName="AsrAutoChkUpdDrv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_ASR_AUTOCHECK_2" FriendlyName="ASRAutoCheck\4ae42c1f11a98dee07a0d7199f611699511f1fb95120fabc4c3c349c485467fe FileAttribute" FileName="AsrAutoChkUpdDrv_1_0_32.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_ASWARPOT" FriendlyName="Avast aswArpot FileAttribute" FileName="aswArPot.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="21.4.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_ASWSP" FriendlyName="Avast aswSP.sys\1dccd1e13da17bd541a66b48d62e914df390818c15f5f599c636d42c05996ace FileAttribute" FileName="aswSP.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="20.8.0.0"/>
     <FileAttrib ID="ID_FILEATTRIB_ASWSNX" FriendlyName="Aswsnx FileAttribute" FileName="aswSnx.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="17.1.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_ATILLK" FriendlyName="atillk64 FileAttribute" FileName="atillk64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_ATLACCESS" FriendlyName="atlAccess\0b57569aaa0f4789d9642dd2189b0a82466b80ad32ff35f88127210ed105fe57 FileAttribute" FileName="atlAccess.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_ATSZIO" FriendlyName="ATSZIO.sys FileAttribute" FileName="ATSZIO.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_AVALUEIO" FriendlyName="Avalue Avalueio.sys\a5a4a3c3d3d5a79f3ed703fc56d45011c21f9913001fcbcc43a3f7572cff44ec FileAttribute" FileName="AVALUEIO.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_AVGELAM" FriendlyName="Avast aswElam/avgElam Overpermissive ELAM FileAttribute" FileName="aswElam.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="21.6.400.65535" />
     <FileAttrib ID="ID_FILEATTRIB_BS_DEF" FriendlyName="Bs_Def64 FileAttribute" FileName="Bs_Def64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_BS_DEF_64" FriendlyName="Bs_Def FileAttribute" FileName="Bs_Def.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_BS_HWMIO64" FriendlyName="" FileName="BS_HWMIO64_W10.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.1806.2200" />
     <FileAttrib ID="ID_FILEATTRIB_BS_I2CIO" FriendlyName="" FileName="BS_I2cIo.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.1.0.0" />
-    <FileAttrib ID="ID_FILEATTRIB_BS_RCIO" FriendlyName="BS_RCIO.sys FileAttribute" FileName="BS_RCIO64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.0.1" />
-    <FileAttrib ID="ID_FILEATTRIB_BS_RCIO_W10" FriendlyName="BS_RCIO\7c6f16af074c3f1c74fc69734f1c8b8a03b0594ac2085d5a0c582fc8cc378858 FileAttribute" FileName="BS_RCIO64_W10.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_BS_MEM" FriendlyName="BSMEM64_W10 FileAttribute" FileName="BSMEM64_W10.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.1806.2201" />
+    <FileAttrib ID="ID_FILEATTRIB_BS_RCIO" FriendlyName="BS_RCIO\d205286bffdf09bc033c09e95c519c1c267b40c2ee8bab703c6a2d86741ccd3e FileAttribute" FileName="BS_RCIO64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_BS_RCIO_W10" FriendlyName="BS_RCIO\7c6f16af074c3f1c74fc69734f1c8b8a03b0594ac2085d5a0c582fc8cc378858 FileAttribute" FileName="BS_RCIO64_W10.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_BSMI" FriendlyName="" FileName="BSMI.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.3" />
+    <FileAttrib ID="ID_FILEATTRIB_CGWIN" FriendlyName="Sangoma cg6kwin2k.sys\223f61c3f443c5047d1aeb905b0551005a426f084b7a50384905e7e4ecb761a1 FileAttribute" FileName="cg6kwin2k.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_COMPUTERZ" FriendlyName="Chengdu Qiying ComputerZ.sys\07d0090c76155318e78a676e2f8af1500c20aaa1e84f047c674d5f990f5a09c8 FileAttribute" FileName="ComputerZ.Sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_CORSAIRLLACCESS" FriendlyName="CorsairLLAccess\000547560fea0dd4b477eb28bf781ea67bf83c748945ce8923f90fdd14eb7a4b FileAttribute" FileName="Corsair LL Access" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.23.65535" />
-    <FileAttrib ID="ID_FILEATTRIB_CPUZ_DRIVER" FriendlyName="CPUID cpuz.sys\1e16a01ef44e4c56e87abfbe03b2989b0391b172c3ec162783ad640be65ab961" FileName="cpuz.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.5.6" />
     <FileAttrib ID="ID_FILEATTRIB_CTIIO" FriendlyName="MicSys CtiIo\2121a2bb8ebbf2e6e82c782b6f3c6b7904f686aa495def25cf1cf52a42e16109 FileAttribute" FileName="CtiIo64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.1.23.0405" />
+    <FileAttrib ID="ID_FILEATTRIB_CP2X72C_1" FriendlyName="Interace CP2X72C.sys\05c15a75d183301382a082f6d76bf3ab4c520bf158abca4433d9881134461686 FileAttribute" FileName="CP2X72C.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_CP2X72C_2" FriendlyName="Interace CP2X72C.sys\11832c345e9898c4f74d3bf8f126cf84b4b1a66ad36135e15d103dbf2ac17359 FileAttribute" FileName="CP2X72C" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_CPUZ_DRIVER" FriendlyName="" FileName="cpuz.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.4.3" />
     <FileAttrib ID="ID_FILEATTRIB_DRIVER7" FriendlyName="Asus driver7.sys\1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb FileAttribute" FileName="Driver7" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_ECSIODRV" FriendlyName="EliteGroup ECSioDriver\270547552060c6f4f5b2ebd57a636d5e71d5f8a9d4305c2b0fe5db0aa2f389cc FileAttribute" FileName="ECSIoDriver.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_EIO64" FriendlyName="ASUS EIO64.sys\1fac3fab8ea2137a7e81a26de121187bf72e7d16ffa3e9aec3886e2376d3c718 FileAttribute" FileName="EIO.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_EELAM" FriendlyName="ESET eelam Overpermissive ELAM FileAttribute" FileName="eelam.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.16.0" />
     <FileAttrib ID="ID_FILEATTRIB_ELBY_DRIVER" FriendlyName="" FileName="ElbyCDIO.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="6.0.3.2" />
     <FileAttrib ID="ID_FILEATTRIB_ETDSUPPORT" FriendlyName="HP EtdSupport\0d383e469d0e27ebb713770f01f7f1a57068a7d30478221e6f2276125048d1c9 FileAttribute" FileName="etdsupp.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="20.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_FAIRPLAY" FriendlyName="Deny FairplayKD.sys MTA San Andreas Versions 367.*" ProductName="MTA San Andreas" MinimumFileVersion="367.0.0.0" MaximumFileVersion="367.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_FPCIE" FriendlyName="Feature Integration FPCIE2COM.sys\17942865680bd3d6e6633c90cc4bd692ae0951a8589dbe103c1e293b3067344d FileAttribute" FileName="FPCIE2COM.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_GMER" FriendlyName="GMEREK gmer64 FileAttribute" FileName="gmer64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_HAXM" FriendlyName="haXM.sys FileAttribute" FileName="HaXM.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_HPPORTIOX64" FriendlyName="HpPortIox64.sys" FileName="HpPortIox64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.2.0.9" />
     <FileAttrib ID="ID_FILEATTRIB_HW" FriendlyName="hw_sys\4880f40f2e557cff38100620b9aa1a3a753cb693af16cd3d95841583edcb57a8 FileAttribute" FileName="HW.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="4.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_HWDETECTNG" FriendlyName="Hwdetectng\2f8b68de1e541093f2d4525a0d02f36d361cd69ee8b1db18e6dd064af3856f4f FileAttribute" FileName="hwdetectng.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_HWINFO_1" FriendlyName="REALiX_HWiNFO32 FileAttribute" FileName="HWiNFO32.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="8.98.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_HWINFO_2" FriendlyName="REALiX_HWiNFO64A FileAttribute" FileName="HWiNFO64A.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="8.98.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_HWINFO_3" FriendlyName="REALiX_HWiNFO64I FileAttribute" FileName="HWiNFO64I.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="8.98.0.0" />
@@ -1407,10 +1579,12 @@ To check that the policy was successfully applied on your computer:
     <FileAttrib ID="ID_FILEATTRIB_LV561V64" FriendlyName="LV561V64 LogiTech FileAttribute" FileName="Lv561av.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_MONITOR" FriendlyName="IOBit Monitor.sys FileAttribute" FileName="Monitor.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="15.0.0.2" />
     <FileAttrib ID="ID_FILEATTRIB_MSIO" FriendlyName="MicSys MSIO\0f035948848432bc243704041739e49b528f35c82a5be922d9e3b8a4c44398ff FileAttribute" FileName="MsIo64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_MSRHOOK" FriendlyName="IDTech MSRHook\87ece1b3b8446517dd9696a1b2c62f82a80220956618485efbdf5671f2676616 FileAttribute" FileName="Keyboard Filter Driver" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.1.0.0"/>
     <FileAttrib ID="ID_FILEATTRIB_MTCBSV64" FriendlyName="mtcBSv64.sys FileAttribute" FileName="mtcBSv64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="21.2.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_MYDRIVERS" FriendlyName="mydrivers.sys FileAttribute" FileName="mydrivers.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_NCHGBIOS2X64" FriendlyName="" FileName="NCHGBIOS2x64.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="4.2.4.0" />
     <FileAttrib ID="ID_FILEATTRIB_NCPL_DRIVER" FriendlyName="" FileName="NCPL.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.11.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NGIODRIVER" FriendlyName="Avast ngiodriver\1072beb3ff6b191b3df1a339e3a8c87a8dc5eae727f2b993ea51b448e837636a FileAttribute" FileName="ngiodriver.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_NICM_DRIVER" FriendlyName="" FileName="NICM.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.11.0" />
     <FileAttrib ID="ID_FILEATTRIB_NSCM_DRIVER" FriendlyName="" FileName="nscm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.11.0" />
     <FileAttrib ID="ID_FILEATTRIB_NTIOLIB" FriendlyName="" FileName="NTIOLib.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.0" />
@@ -1425,27 +1599,39 @@ To check that the policy was successfully applied on your computer:
     <FileAttrib ID="ID_FILEATTRIB_PHYMEM" FriendlyName="Phymem FileAttribute" FileName="phymem.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_PHYSMEM" FriendlyName="Physmem.sys FileAttribute" FileName="physmem.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_PROCEXP" FriendlyName="Sysinternals Process Explorer FileAttribute" FileName="procexp.Sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="16.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RADHWMGR" FriendlyName="NCR RadHwMgr\00c3e86952eebb113d91d118629077b3370ebc41eeacb419762d2de30a43c09c FileAttribute" FileName="RadHwMgr.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_RTIF" FriendlyName="TenAsys rtif.sys\0d133ced666c798ea63b6d8026ec507d429e834daa7c74e4e091e462e5815180 FileAttribute" FileName="rtif.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="6.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_RTKIO_DRIVER" FriendlyName="" FileName="rtkio.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_RTKIO64_DRIVER" FriendlyName="" FileName="rtkio64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
-    <FileAttrib ID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" FriendlyName="" FileName="rtkiow10x64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" FriendlyName="" FileName="rtkiow8x64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" FriendlyName="" FileName="rtkiow10x64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTPORT" FriendlyName="Realtek rtport\3c0a36990f7eef89b2d5f454b6452b6df1304609903f31f475502e4050241dd8 FileAttribute" FileName="rtport.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_RWDRV_DRIVER" FriendlyName="" FileName="RwDrv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_RZPNK" FriendlyName="Razer rzpnk.sys FileAttribute" FileName="Rzpnk.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
-    <FileAttrib ID="ID_FILEATTRIB_SANDBOX" FriendlyName="Agnitum sandbox FileAttribute" FileName="sandbox.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_SANDBOX_1" FriendlyName="Agnitum sandbox FileAttribute" FileName="sandbox.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_SANDBOX_2" FriendlyName="Agnitum SandBox FileAttribute" FileName="SandBox.sys"  MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_SANDRA" FriendlyName="" FileName="SANDRA" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_SANDRA_DRIVER" FriendlyName="" FileName="sandra.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_SBIOS" FriendlyName="Samsung sbios\1e24c45ce2672ee403db34077c88e8b7d7797d113c6fd161906dce3784da627d FileAttribute" FileName="SBIOSIO64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_SEGWINDRVX64" FriendlyName="segwindrvx64.sys FileAttribute" FileName="segwindrvx64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="100.0.7.2" />
+    <FileAttrib ID="ID_FILEATTRIB_SFDRVX32" FriendlyName="sfdrvx32\0bd1523a68900b80ed1bccb967643525cca55d4ff4622d0128913690e6bb619e FileAttribute" FileName="sfdrvx32.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="4.43.4.0"/>
+    <FileAttrib ID="ID_FILEATTRIB_SMARTEIO" FriendlyName="EVGA smarteio.sys\3c95ebf3f1a87f67d2861dbd1c85dc26c118610af0c9fbf4180428e653ac3e50 FileAttribute" FileName="SMARTEIO64.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
+    <FileAttrib ID="ID_FILEATTRIB_STDCDRV" FriendlyName="Intel Stdcdrv.sys\37022838c4327e2a5805e8479330d8ff6f8cd3495079905e867811906c98ea20 FileAttribute" FileName="stdcdrv64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_SUPERBMC" FriendlyName="Superbmc FileAttribute" FileName="superbmc.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.2.1.0" />
     <FileAttrib ID="ID_FILEATTRIB_SYMELAM" FriendlyName="SymELAM\021badff5a3c84ee422d9fa40a842f89b1c60e0164eabd58da7374327ea99d3c FileAttribute" FileName="SymELAM.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.4.0.83" />
+    <FileAttrib ID="ID_FILEATTRIB_SYSDETECTOR" FriendlyName="SysInfoDetector.sys\083ff41609e2c0402f20cc00da1110a0cb80c515ca1c2f551606ecc94986cff9 FileAttribute" FileName="SysInfoDetector.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_SYSDRV3S" FriendlyName="SysDrv3s\0dd9daf0852a5b1b436199e9f2bf318f641f43173ab0dc22ad8c7e9cbaee9ad3 FileAttribute" FileName="SysDrv3S.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.6.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_TMEL" FriendlyName="TrendMicro TMEL Overpermissive ELAM FileAttribute" FileName="Tmel.sys" MinimumFileVersion="1.6.0.1002" MaximumFileVersion="1.6.0.1004" />
     <FileAttrib ID="ID_FILEATTRIB_TREND_MICRO" FriendlyName="TmComm.sys" FileName="TmComm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="8.0.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_VBOX" FriendlyName="VBoxDrv.sys FileAttribute" FileName="VBoxDrv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.0.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_TRUESIGHT" FriendlyName="Adlice Truesight.sys\3807e9a1bc159b9e8fc0c7caad10d7213ff8ed8ad1cea9ea552b093c81bf624b FileAttribute" FileName="Truesight" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.3.0.0"/>
+    <FileAttrib ID="ID_FILEATTRIB_VDBSV" FriendlyName="VdBSv64.sys\8dba0ab11ce9f9df5c8fb9fff18bbe9c8c654864053c8b0c4f175ec7203a2e51 FileAttribute" FileName="VdBSv64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_VIRAGT" FriendlyName="viragt.sys 32-bit" FileName="viragt.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.80.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_VIRAGT64" FriendlyName="viragt64.sys" FileName="viragt64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.11" />
     <FileAttrib ID="ID_FILEATTRIB_VMDRV" FriendlyName="vmdrv.sys FileAttribute" FileName="vmdrv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.10011.16384" />
     <FileAttrib ID="ID_FILEATTRIB_WCPU" FriendlyName="WCPU\159e7c5a12157af92e0d14a0d3ea116f91c09e21a9831486e6dc592c93c10980 FileAttribute" FileName="CPU Driver" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_WINRING0" FriendlyName="WinRing0.sys" FileName="WinRing0.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.0.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_WIRWADRV" FriendlyName="Winstron wirwadrv\d8fc8e3a1348393c5d7c3a84bcbae383d85a4721a751ad7afac5428e5e579b4e FileAttribute" FileName="WiRwaDrv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535"/>
     <FileAttrib ID="ID_FILEATTRIB_WISEUNLO" FriendlyName="WiseUnlo FileAttribute" FileName="WiseUnlo.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_ZEMANA_1" FriendlyName="Zemana Antilog\05ece4f6bda72e7fd61fa950e80b811d3dbe0b4b1d53b0532d8df051d1ff074c FileAttribute" FileName="AntiLog32.sys" MinimumFileVersion="1.9.5.600" />
     <FileAttrib ID="ID_FILEATTRIB_ZEMANA_2" FriendlyName="Zemana Zam\40b62ba97ba2edd3e01ed62d26ae8c09f36144ab33db18b42e5f1ccf82db1754 FileAttribute" FileName="ZAM.exe" MinimumFileVersion="2.74.0.259" />
@@ -1462,6 +1648,9 @@ To check that the policy was successfully applied on your computer:
       <FileAttribRef RuleID="ID_FILEATTRIB_ASR_AUTOCHECK_2" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWSNX" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ATSZIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AVALUEIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CP2X72C_1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CP2X72C_2" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_DRIVER7" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ETDSUPPORT" />
@@ -1472,10 +1661,16 @@ To check that the policy was successfully applied on your computer:
       <FileAttribRef RuleID="ID_FILEATTRIB_MONITOR" />
       <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RADHWMGR" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTIF" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RWDRV_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RZPNK" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SBIOS" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SFDRVX32" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SYSDETECTOR" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VDBSV" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_1" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_2" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_3" />
@@ -1506,6 +1701,7 @@ To check that the policy was successfully applied on your computer:
     </Signer>
     <Signer ID="ID_SIGNER_DIGICERT_EV" Name="DigiCert EV Code Signing CA (SHA2)">
       <CertRoot Type="TBS" Value="EEC58131DC11CD7F512501B15FDBC6074C603B68CA91F7162D5A042054EDB0CF" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ASHITIO" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_EIO64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_PCDOC" />
@@ -1525,12 +1721,14 @@ To check that the policy was successfully applied on your computer:
       <FileAttribRef RuleID="ID_FILEATTRIB_DRIVER7" />
       <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_LIBNICM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NCHGBIOS2X64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NCPL_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_NICM_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_NSCM_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_NVOCLOCK" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTIF" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SFDRVX32" />
       <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_NCHGBIOS2X64" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_NCPL_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_1" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_2" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_3" />
@@ -1593,16 +1791,19 @@ To check that the policy was successfully applied on your computer:
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWSNX" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWSP" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ETDSUPPORT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_FPCIE" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_HPPORTIOX64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_HWRWDRV" />
       <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_HPPORTIOX64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_LV_DIAG" />
       <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_PCDOC" />
       <FileAttribRef RuleID="ID_FILEATTRIB_PROCEXP" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_STDCDRV" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TRUESIGHT"/>
       <FileAttribRef RuleID="ID_FILEATTRIB_WINRING0" />
     </Signer>
     <Signer ID="ID_SIGNER_WINDOWS_3RD_PARTY_2014" Name="Microsoft Windows Third Party Component CA 2014">
@@ -1610,10 +1811,12 @@ To check that the policy was successfully applied on your computer:
       <CertPublisher Value="Microsoft Windows Hardware Compatibility Publisher" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ALSYSIO" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWSNX" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ASHITIO" />
       <FileAttribRef RuleID="ID_FILEATTRIB_BS_HWMIO64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_BS_MEM" />
       <FileAttribRef RuleID="ID_FILEATTRIB_BS_RCIO" />
       <FileAttribRef RuleID="ID_FILEATTRIB_BS_RCIO_W10" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CGWIN" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CORSAIRLLACCESS" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CTIIO" />
@@ -1630,9 +1833,11 @@ To check that the policy was successfully applied on your computer:
       <FileAttribRef RuleID="ID_FILEATTRIB_NSCM_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_NVFLASH" />
       <FileAttribRef RuleID="ID_FILEATTRIB_PCDOC" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RADHWMGR" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RZPNK" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_STDCDRV" />
       <FileAttribRef RuleID="ID_FILEATTRIB_SYSDRV3S" />
       <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT" />
       <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT64" />
@@ -1648,11 +1853,16 @@ To check that the policy was successfully applied on your computer:
     <Signer ID="ID_SIGNER_VERISIGN_2004" Name="VeriSign Class 3 Code Signing 2004 CA">
       <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ALSYSIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CP2X72C_1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CP2X72C_2" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
       <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
       <FileAttribRef RuleID="ID_FILEATTRIB_NVOCLOCK" />
       <FileAttribRef RuleID="ID_FILEATTRIB_PCDOC" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTPORT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SMARTEIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VDBSV" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_1" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_2" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ZEMANA_3" />
@@ -1716,12 +1926,21 @@ To check that the policy was successfully applied on your computer:
     <Signer ID="ID_SIGNER_SYMANTEC_CLASS_3" Name="Symantec Class 3 SHA256 Code Signing CA">
       <CertRoot Type="TBS" Value="A08E79C386083D875014C409C13D144E0A24386132980DF11FF59737C8489EB1" />
       <FileAttribRef RuleID="ID_FILEATTRIB_AMD_RYZEN" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_ASWSP" />
       <FileAttribRef RuleID="ID_FILEATTRIB_AMDPP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ASWSP" />      
+      <FileAttribRef RuleID="ID_FILEATTRIB_ATLACCESS" />
       <FileAttribRef RuleID="ID_FILEATTRIB_LGCORETEMP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTIF" />
       <FileAttribRef RuleID="ID_FILEATTRIB_RZPNK" />
       <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
     </Signer>
+    <Signer ID="ID_SIGNER_SYMANTEC_CLASS_3_EV" Name="Symantec Class 3 Extended Validation Code Signing CA - G2">
+      <CertRoot Type="TBS" Value="B3C925B4048C3F7C444D248A2B101186B57CBA39596EB5DCE0E17A4EE4B32F19"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_CP2X72C_1"/>    
+      <FileAttribRef RuleID="ID_FILEATTRIB_CP2X72C_2"/>    
+      <FileAttribRef RuleID="ID_FILEATTRIB_FPCIE"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_WIRWADRV"/>    
+    </Signer>
     <Signer ID="ID_SIGNER_VERISIGN_AMD" Name="VeriSign Class 3 Code Signing 2010 CA">
       <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
       <CertPublisher Value="Advanced Micro Devices, Inc." />
@@ -1775,6 +1994,7 @@ To check that the policy was successfully applied on your computer:
     <Signer ID="ID_SIGNER_COMODO_IQVW" Name="COMODO RSA Certification Authority">
       <CertRoot Type="TBS" Value="7CE102D63C57CB48F80A65D1A5E9B350A7A618482AA5A36775323CA933DDFCB00DEF83796A6340DEC5EBF7596CFD8E5D" />
       <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_STDCDRV" />
     </Signer>
     <Signer ID="ID_SIGNER_AMDPP" Name="USERTrust RSA Certification Authority">
       <CertRoot Type="TBS" Value="13BAA039635F1C5292A8C2F36AAE7E1D25C025202E9092F5B0F53F5F752DFA9C71B3D1B8D9A6358FCEE6EC75622FABF9" />
@@ -1784,22 +2004,26 @@ To check that the policy was successfully applied on your computer:
     <Signer ID="ID_SIGNER_AGNITUM_2004" Name="VeriSign Class 3 Code Signing 2004 CA">
       <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
       <CertPublisher Value="Agnitum Ltd." />
-      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_2" />
     </Signer>
     <Signer ID="ID_SIGNER_AGNITUM_2009" Name="VeriSign Class 3 Code Signing 2009-2 CA">
       <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
       <CertPublisher Value="Agnitum Ltd." />
-      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_2" />
     </Signer>
     <Signer ID="ID_SIGNER_AGNITUM_2010" Name="VeriSign Class 3 Code Signing 2010 CA">
       <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
       <CertPublisher Value="Agnitum Ltd." />
-      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_2" />
     </Signer>
     <Signer ID="ID_SIGNER_AGNITUM_2010_1" Name="VeriSign Class 3 Code Signing 2010 CA">
       <CertRoot Type="TBS" Value="4678C6E4A8787A8E6ED2BCE8792B122F6C08AFD8" />
       <CertPublisher Value="Agnitum Ltd." />
-      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_2" />
     </Signer>
     <Signer ID="ID_SIGNER_PHYMEM" Name="VeriSign Class 3 Code Signing 2010 CA">
       <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
@@ -1964,11 +2188,13 @@ To check that the policy was successfully applied on your computer:
       <CertRoot Type="TBS" Value="E767799478F64A34B3F53FF3BB9057FE1768F4AB178041B0DCC0FF1E210CBA65" />
       <CertPublisher Value="Avast Software s.r.o." />
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWARPOT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ASWSP" />
     </Signer>
     <Signer ID="ID_SIGNER_ASWARPOT_5" Name="DigiCert High Assurance Code Signing CA-1">
       <CertRoot Type="TBS" Value="1D7E838ACCD498C2E5BA9373AF819EC097BB955C" />
       <CertPublisher Value="AVAST Software s.r.o." />
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWARPOT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ASWSP" />
     </Signer>
     <Signer ID="ID_SIGNER_ASWARPOT_6" Name="DigiCert SHA2 Assured ID Code Signing CA">
       <CertRoot Type="TBS" Value="E767799478F64A34B3F53FF3BB9057FE1768F4AB178041B0DCC0FF1E210CBA65" />
@@ -2004,8 +2230,9 @@ To check that the policy was successfully applied on your computer:
       <CertRoot Type="TBS" Value="121AF4B922A74247EA49DF50DE37609CC1451A1FE06B2CB7E1E079B492BD8195" />
       <FileAttribRef RuleID="ID_FILEATTRIB_AVGELAM" />
       <FileAttribRef RuleID="ID_FILEATTRIB_EELAM" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_TMEL" />
       <FileAttribRef RuleID="ID_FILEATTRIB_SYMELAM" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TMEL" />
+      
     </Signer>
     <Signer ID="ID_SIGNER_AVGELAM_1" Name="DigiCert High Assurance Code Signing CA-1">
       <CertRoot Type="TBS" Value="1D7E838ACCD498C2E5BA9373AF819EC097BB955C" />
@@ -2018,6 +2245,11 @@ To check that the policy was successfully applied on your computer:
       <FileAttribRef RuleID="ID_FILEATTRIB_AVGELAM" />
       <FileAttribRef RuleID="ID_FILEATTRIB_ASWSNX" />
     </Signer>
+    <Signer ID="ID_SIGNER_NGIODRIVER" Name="DigiCert High Assurance Code Signing CA-1">
+      <CertRoot Type="TBS" Value="1D7E838ACCD498C2E5BA9373AF819EC097BB955C"/>
+      <CertPublisher Value="AVAST Software a.s."/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_NGIODRIVER"/>
+    </Signer>
     <Signer ID="ID_SIGNER_GMEREK" Name="GlobalSign CodeSigning CA - G2">
       <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
       <CertPublisher Value="GMEREK Systemy Komputerowe Przemyslaw Gmerek" />
@@ -2185,6 +2417,54 @@ To check that the policy was successfully applied on your computer:
       <CertPublisher Value="CPUID" />
       <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
     </Signer>
+    <Signer ID="ID_SIGNER_MSIO32" Name="DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1">
+      <CertRoot Type="TBS" Value="65B1D4076A89AE273F57E6EEEDECB3EAE129B4168F76FA7671914CDF461D542255C59D9B85B916AE0CA6FC0FCF7A8E64"/>
+      <CertPublisher Value="Creative Technology Innovation Co., Ltd."/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_MSIO"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_TRUESIGHT_1" Name="Sectigo Public Code Signing Root R46">
+      <CertRoot Type="TBS" Value="A229D2722BC6091D73B1D979B81088C977CB028A6F7CBF264BB81D5CC8F099F87D7C296E48BF09D7EBE275F5498661A4"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_TRUESIGHT"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_TRUESIGHT_2" Name="DigiCert SHA2 High Assurance Code Signing CA">
+      <CertRoot Type="TBS" Value="0BF095B845B69928B5D7DFD1C42AE4F90FEB8DC97F7830598C93E848877021FB"/>
+      <CertPublisher Value="Adlice"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_TRUESIGHT"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_HWDETECTNG" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB"/>
+      <CertPublisher Value="iNFERRE"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_HWDETECTNG"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_RENTDRV" Name="Microsoft Windows Third Party Component CA 2014">
+      <CertRoot Type="TBS" Value="D8BE9E4D9074088EF818BC6F6FB64955E90378B2754155126FEEBBBD969CF0AE"/>
+      <CertOemID Value="Hangzhou Shunwang Technology Co.,Ltd"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_MSRHOOK" Name="Microsoft Windows Third Party Component CA 2012">
+      <CertRoot Type="TBS" Value="CEC1AFD0E310C55C1DCC601AB8E172917706AA32FB5EAF826813547FDF02DD46"/>
+      <CertOemID Value="ID TECH"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_MSRHOOK"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_SFDRVX32" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385"/>
+      <CertPublisher Value="SOKNO S.R.L."/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_SFDRVX32"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_COMPUTERZ_1" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF"/>
+      <CertPublisher Value="Chengdu Qiying Technology Co.,Ltd."/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_COMPUTERZ"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_COMPUTERZ_2" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D"/>
+      <CertPublisher Value="Chengdu Qiying Technology Co.,Ltd."/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_COMPUTERZ"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_ECSIODRV" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="879269F3F467A6D59641960A62FE9CB419355FF6"/>
+      <CertPublisher Value="ELITEGROUP COMPUTER SYSTEMS CO"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_ECSIODRV"/>
+    </Signer>
     <Signer ID="ID_SIGNER_BAOJI" Name="VeriSign Class 3 Code Signing 2010 CA - Baoji zhihengtaiye co.,ltd">
       <CertRoot Type="TBS" Value="ED37AD43BC52426943019F77F35ED1A6B063B5B7" />
     </Signer>
@@ -2309,10 +2589,13 @@ To check that the policy was successfully applied on your computer:
           <DeniedSigner SignerId="ID_SIGNER_BEIJING_VSK" />
           <DeniedSigner SignerId="ID_SIGNER_CAPCOM" />
           <DeniedSigner SignerId="ID_SIGNER_CHEAT_ENGINE" />
+          <DeniedSigner SignerId="ID_SIGNER_COMPUTERZ_1" />
+          <DeniedSigner SignerId="ID_SIGNER_COMPUTERZ_2" />
           <DeniedSigner SignerId="ID_SIGNER_COMODO_IQVW" />
           <DeniedSigner SignerId="ID_SIGNER_CPUZ_1" />
           <DeniedSigner SignerId="ID_SIGNER_CPUZ_2" />
           <DeniedSigner SignerId="ID_SIGNER_DIGICERT_EV" />
+          <DeniedSigner SignerId="ID_SIGNER_ECSIODRV" />
           <DeniedSigner SignerId="ID_SIGNER_ELBY" />
           <DeniedSigner SignerId="ID_SIGNER_ENE" />
           <DeniedSigner SignerId="ID_SIGNER_ETDSUPPORT" />
@@ -2342,6 +2625,7 @@ To check that the policy was successfully applied on your computer:
           <DeniedSigner SignerId="ID_SIGNER_HW_B" />
           <DeniedSigner SignerId="ID_SIGNER_HW_C" />
           <DeniedSigner SignerId="ID_SIGNER_HW_D" />
+          <DeniedSigner SignerId="ID_SIGNER_HWDETECTNG" />
           <DeniedSigner SignerId="ID_SIGNER_HWINFO_1" />
           <DeniedSigner SignerId="ID_SIGNER_HWINFO_2" />
           <DeniedSigner SignerId="ID_SIGNER_HWINFO_3" />
@@ -2369,10 +2653,13 @@ To check that the policy was successfully applied on your computer:
           <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_USER" />
           <DeniedSigner SignerId="ID_SIGNER_MS_ELAM" />
           <DeniedSigner SignerId="ID_SIGNER_MS_ELAM_1" />
+          <DeniedSigner SignerId="ID_SIGNER_MSIO32" />
+          <DeniedSigner SignerId="ID_SIGNER_MSRHOOK" />
           <DeniedSigner SignerId="ID_SIGNER_MYDRIVERS_1" />
           <DeniedSigner SignerId="ID_SIGNER_MYDRIVERS_2" />
           <DeniedSigner SignerId="ID_SIGNER_MYDRIVERS_3" />
           <DeniedSigner SignerId="ID_SIGNER_NANJING" />
+          <DeniedSigner SignerId="ID_SIGNER_NGIODRIVER" />
           <DeniedSigner SignerId="ID_SIGNER_NVFLASH" />
           <DeniedSigner SignerId="ID_SIGNER_NVFLASH_2" />
           <DeniedSigner SignerId="ID_SIGNER_NVFLASH_3" />
@@ -2389,17 +2676,22 @@ To check that the policy was successfully applied on your computer:
           <DeniedSigner SignerId="ID_SIGNER_PROCEXP_4" />
           <DeniedSigner SignerId="ID_SIGNER_PROCEXP_5" />
           <DeniedSigner SignerId="ID_SIGNER_REALTEK" />
+          <DeniedSigner SignerId="ID_SIGNER_RENTDRV" />
           <DeniedSigner SignerId="ID_SIGNER_RWEVERY" />
           <DeniedSigner SignerId="ID_SIGNER_SAASAME" />
           <DeniedSigner SignerId="ID_SIGNER_SANDRA" />
           <DeniedSigner SignerId="ID_SIGNER_SANDRA_THAWTE" />
           <DeniedSigner SignerId="ID_SIGNER_SPEEDFAN" />
+          <DeniedSigner SignerId="ID_SIGNER_SFDRVX32" />
           <DeniedSigner SignerId="ID_SIGNER_SYSDRV3S" />
           <DeniedSigner SignerId="ID_SIGNER_PHYMEM" />
           <DeniedSigner SignerId="ID_SIGNER_PHYMEM_1" />
           <DeniedSigner SignerId="ID_SIGNER_PHYMEM_2" />
           <DeniedSigner SignerId="ID_SIGNER_SYMANTEC_CLASS_3" />
+          <DeniedSigner SignerId="ID_SIGNER_SYMANTEC_CLASS_3_EV" />
           <DeniedSigner SignerId="ID_SIGNER_TRUST_ASIA" />
+          <DeniedSigner SignerId="ID_SIGNER_TRUESIGHT_1" />
+          <DeniedSigner SignerId="ID_SIGNER_TRUESIGHT_2" />
           <DeniedSigner SignerId="ID_SIGNER_VBOX" />
           <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2004" />
           <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2004_BIOSTAR" />
@@ -2881,6 +3173,26 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_DHKERNEL_11" />
           <FileRuleRef RuleID="ID_DENY_DHKERNEL_12" />
           <FileRuleRef RuleID="ID_DENY_DHKERNEL_13" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_1" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_2" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_3" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_4" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_5" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_6" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_7" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_8" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_9" />
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_10"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_11"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_12"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_13"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_14"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_15"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_16"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_17"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_18"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_19"/>
+          <FileRuleRef RuleID="ID_DENY_DELLBIOS_20"/>
           <FileRuleRef RuleID="ID_DENY_DIRECTIO_12" />
           <FileRuleRef RuleID="ID_DENY_DIRECTIO_13" />
           <FileRuleRef RuleID="ID_DENY_DIRECTIO_14" />
@@ -2985,6 +3297,10 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_ECHO_A" />
           <FileRuleRef RuleID="ID_DENY_ECHO_B" />
           <FileRuleRef RuleID="ID_DENY_ECHO_C" />
+          <FileRuleRef RuleID="ID_DENY_ECSIODRV_1" />
+          <FileRuleRef RuleID="ID_DENY_ECSIODRV_2" />
+          <FileRuleRef RuleID="ID_DENY_ECSIODRV_3" />
+          <FileRuleRef RuleID="ID_DENY_ECSIODRV_4" />
           <FileRuleRef RuleID="ID_DENY_EIO64_1" />
           <FileRuleRef RuleID="ID_DENY_EIO64_2" />
           <FileRuleRef RuleID="ID_DENY_EIO64_3" />
@@ -2993,6 +3309,24 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_EIO64_6" />
           <FileRuleRef RuleID="ID_DENY_EIO64_7" />
           <FileRuleRef RuleID="ID_DENY_EIO64_8" />
+          <FileRuleRef RuleID="ID_DENY_FH_ETHER_1" />
+          <FileRuleRef RuleID="ID_DENY_FH_ETHER_2" />  
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_1" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_2" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_3" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_4" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_5" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_6" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_7" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_8" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_9" />
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_10"/>
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_11"/>
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_12"/>
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_13"/>
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_14"/>
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_15"/>
+          <FileRuleRef RuleID="ID_DENY_GEDEVDRV_16"/>
           <FileRuleRef RuleID="ID_DENY_GVCIDRV_1" />
           <FileRuleRef RuleID="ID_DENY_GVCIDRV_2" />
           <FileRuleRef RuleID="ID_DENY_GVCIDRV_3" />
@@ -3201,6 +3535,38 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_MSR_6" />
           <FileRuleRef RuleID="ID_DENY_MSR_7" />
           <FileRuleRef RuleID="ID_DENY_MSR_8" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_1" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_2" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_3" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_4" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_5" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_6" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_7" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_8" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_9" />
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_10"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_11"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_12"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_13"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_14"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_15"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_16"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_17"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_18"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_19"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_20"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_21"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_22"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_23"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_24"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_25"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_26"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_27"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_28"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_29"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_30"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_31"/>
+          <FileRuleRef RuleID="ID_DENY_MSRHOOK_32"/>
           <FileRuleRef RuleID="ID_DENY_NVFLASH_1" />
           <FileRuleRef RuleID="ID_DENY_NVFLASH_2" />
           <FileRuleRef RuleID="ID_DENY_NVFLASH_3" />
@@ -3375,10 +3741,18 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256" />
           <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1_PAGE" />
           <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256_PAGE" />
-          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA1" />
-          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA256" />
-          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA1_PAGE" />
-          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_1" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_2" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_3" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_4" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_5" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_6" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_7" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_8" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_9" />
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_10"/>
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_11"/>
+          <FileRuleRef RuleID="ID_DENY_RENTDRV_12"/>
           <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_1" />
           <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_2" />
           <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_3" />
@@ -3523,38 +3897,98 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_70" />
           <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_71" />
           <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_72" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_29" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_2A" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_2B" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_2C" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_2D" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_2E" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_2F" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_30" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_31" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_32" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_33" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_34" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_35" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_36" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_37" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_38" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_39" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_3A" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_3B" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_3C" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_3D" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_3E" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_3F" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_40" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_41" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_42" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_43" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_44" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_45" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_46" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_47" />
-          <FileRuleRef RuleID="ID_DENY_RTCORE_48" />
+          <FileRuleRef RuleID="ID_DENY_RTCORE_1"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_2"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_3"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_4"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_5"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_6"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_7"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_8"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_9"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_10"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_11"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_12"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_13"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_14"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_15"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_16"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_17"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_18"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_19"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_20"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_21"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_22"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_23"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_24"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_25"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_26"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_27"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_28"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_29"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_30"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_31"/>
+          <FileRuleRef RuleID="ID_DENY_RTCORE_32"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_1"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_2"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_3"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_4"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_5"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_6"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_7"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_8"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_9"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_10"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_11"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_12"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_13"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_14"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_15"/>
+          <FileRuleRef RuleID="ID_DENY_RTPORT_16"/>
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_1" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_2" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_3" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_4" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_5" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_6" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_7" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_8" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_9" />
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_10"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_11"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_12"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_13"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_14"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_15"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_16"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_17"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_18"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_19"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_20"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_21"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_22"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_23"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_24"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_25"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_26"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_27"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_28"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_29"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_30"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_31"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_32"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_33"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_34"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_35"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_36"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_37"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_38"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_39"/>
+          <FileRuleRef RuleID="ID_DENY_SEPDRV3_40"/>
           <FileRuleRef RuleID="ID_DENY_SUPERBMC_2" />
           <FileRuleRef RuleID="ID_DENY_SUPERBMC_3" />
           <FileRuleRef RuleID="ID_DENY_SUPERBMC_4" />
@@ -3577,6 +4011,14 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_SUPERBMC_15" />
           <FileRuleRef RuleID="ID_DENY_SUPERBMC_16" />
           <FileRuleRef RuleID="ID_DENY_SUPERBMC_17" />
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_1"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_2"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_3"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_4"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_5"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_6"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_7"/>
+          <FileRuleRef RuleID="ID_DENY_SYSCONP_8"/>
           <FileRuleRef RuleID="ID_DENY_SYSDRV3S_1" />
           <FileRuleRef RuleID="ID_DENY_SYSDRV3S_2" />
           <FileRuleRef RuleID="ID_DENY_SYSDRV3S_3" />
@@ -3597,6 +4039,18 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_SYSINFO_6" />
           <FileRuleRef RuleID="ID_DENY_SYSINFO_7" />
           <FileRuleRef RuleID="ID_DENY_SYSINFO_8" />
+          <FileRuleRef RuleID="ID_DENY_TDEIO_1"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_2"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_3"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_4"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_5"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_6"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_7"/>
+          <FileRuleRef RuleID="ID_DENY_TDEIO_8"/>
+          <FileRuleRef RuleID="ID_DENY_WFSHBR_1" />
+          <FileRuleRef RuleID="ID_DENY_WFSHBR_2" />
+          <FileRuleRef RuleID="ID_DENY_WFSHBR_3" />
+          <FileRuleRef RuleID="ID_DENY_WFSHBR_4" />
           <FileRuleRef RuleID="ID_DENY_WINIO_1" />
           <FileRuleRef RuleID="ID_DENY_WINIO_2" />
           <FileRuleRef RuleID="ID_DENY_WINIO_3" />
@@ -3681,6 +4135,10 @@ To check that the policy was successfully applied on your computer:
           <FileRuleRef RuleID="ID_DENY_WINIO_82" />
           <FileRuleRef RuleID="ID_DENY_WINIO_83" />
           <FileRuleRef RuleID="ID_DENY_WINIO_84" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA256_PAGE" />
           <FileRuleRef RuleID="ID_DENY_PROCESSHACKER" />
           <FileRuleRef RuleID="ID_DENY_AMP" />
           <FileRuleRef RuleID="ID_DENY_ASMMAP" />
@@ -3713,7 +4171,7 @@ To check that the policy was successfully applied on your computer:
     </Setting>
     <Setting Provider="PolicyInfo" Key="Information" ValueName="Id">
       <Value>
-        <String>10.0.25965.0</String>
+        <String>10.0.26025.0</String>
       </Value>
     </Setting>
   </Settings>

From 71bcf7662007d475232dadf3f32d991ad107c80c Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Fri, 12 Jan 2024 15:34:18 -0500
Subject: [PATCH 02/13] Added a link for the policy xml files to be downloaded

---
 .../design/microsoft-recommended-driver-block-rules.md          | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md b/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
index 5f5bb4b658..e2ad6410e3 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
@@ -77,6 +77,8 @@ To check that the policy was successfully applied on your computer:
 > [!NOTE]
 > To use this policy with Windows Server 2016, you must convert the policy XML on a device running a newer operating system.
 
+The below recommended blocklist xml policy file can also be downloaded from the [Microsoft Download Center](https://aka.ms/VulnerableDriverBlockList).
+
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
 <SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">

From f04f33d8cd2100ec51037500099e98675dca6fbc Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Fri, 12 Jan 2024 17:31:46 -0500
Subject: [PATCH 03/13] Drive-by update of the MDE AH query for the WDAC Wizard

---
 .../design/wdac-wizard-parsing-event-logs.md                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
index 6710d78572..fee227057a 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
@@ -57,7 +57,7 @@ To create rules from the WDAC events in [MDE Advanced Hunting](../operations/que
 1. Navigate to the Advanced Hunting section within the MDE console and query the WDAC events. **The Wizard requires the following fields** in the Advanced Hunting csv file export: 
 
    ```KQL
-   | project Timestamp, DeviceId, DeviceName, ActionType, FileName, FolderPath, SHA1, SHA256, IssuerName, IssuerTBSHash, PublisherName, PublisherTBSHash, AuthenticodeHash, PolicyId, PolicyName
+   | project-keep Timestamp, DeviceId, DeviceName, ActionType, FileName, FolderPath, SHA1, SHA256, IssuerName, IssuerTBSHash, PublisherName, PublisherTBSHash, AuthenticodeHash, PolicyId, PolicyName
    ```
 
    The following Advanced Hunting query is recommended:
@@ -76,7 +76,7 @@ To create rules from the WDAC events in [MDE Advanced Hunting](../operations/que
    | extend PolicyId = parsejson(AdditionalFields).PolicyID
    | extend PolicyName = parsejson(AdditionalFields).PolicyName
    // Keep only required fields for the WDAC Wizard
-   | project Timestamp,DeviceId,DeviceName,ActionType,FileName,FolderPath,SHA1,SHA256,IssuerName,IssuerTBSHash,PublisherName,PublisherTBSHash,AuthenticodeHash,PolicyId,PolicyName
+   | project-keep Timestamp,DeviceId,DeviceName,ActionType,FileName,FolderPath,SHA1,SHA256,IssuerName,IssuerTBSHash,PublisherName,PublisherTBSHash,AuthenticodeHash,PolicyId,PolicyName
    ```
 
 2. Export the WDAC event results by selecting the **Export** button in the results view.

From 021a75225f5091d586faab5b3fc003cbf9ddb73a Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 23 Jan 2024 09:24:28 -0800
Subject: [PATCH 04/13] wmic-default-8667114

---
 windows/whats-new/deprecated-features.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index c04bfd3133..ed76b234af 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -1,7 +1,7 @@
 ---
 title: Deprecated features in the Windows client
 description: Review the list of features that Microsoft is no longer actively developing in Windows 10 and Windows 11.
-ms.date: 01/05/2024
+ms.date: 01/26/2024
 ms.prod: windows-client
 ms.technology: itpro-fundamentals
 ms.localizationpriority: medium
@@ -69,7 +69,7 @@ The features in this article are no longer being actively developed, and might b
 | Windows Information Protection <!-- 6010051 --> | [Windows Information Protection](/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip) will no longer be developed in future versions of Windows. For more information, see [Announcing sunset of Windows Information Protection (WIP)](https://go.microsoft.com/fwlink/?linkid=2202124).<br> <br>For your data protection needs, Microsoft recommends that you use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). | July 2022 |
 | BitLocker To Go Reader | **Note: BitLocker to Go as a feature is still supported.**<br>Reading of BitLocker-protected removable drives ([BitLocker To Go](/windows/security/information-protection/bitlocker/bitlocker-to-go-faq)) from Windows XP or Windows Vista in later operating systems is deprecated and might be removed in a future release of Windows client.<br>The following items might not be available in a future release of Windows client:<br>- ADMX policy: **Allow access to BitLocker-protected removable data drives from earlier versions of Windows**<br>- Command line parameter: [`manage-bde -DiscoveryVolumeType`](/windows-server/administration/windows-commands/manage-bde-on) (-dv)<br>- Catalog file: **c:\windows\BitLockerDiscoveryVolumeContents**<br>- BitLocker 2 Go Reader app: **bitlockertogo.exe** and associated files  | 21H1 |
 | Personalization roaming | Roaming of Personalization settings (including wallpaper, slideshow, accent colors, and lock screen images) is no longer being developed and might be removed in a future release. | 21H1 |
-| Windows Management Instrumentation Command line (WMIC) tool. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation only applies to the [command-line management tool](/windows/win32/wmisdk/wmic). WMI itself isn't affected. | 21H1 |
+| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation only applies to the [command-line management tool](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
 | Timeline | Starting in July 2021, if you have your activity history synced across your devices through your Microsoft account (MSA), you can't upload new activity in Timeline. For more information, see [Get help with timeline](https://support.microsoft.com/windows/get-help-with-timeline-febc28db-034c-d2b0-3bbe-79aa0c501039).| 20H2 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |

From a84763a52685cf9a05b98542a9ecae86e04d5569 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 23 Jan 2024 09:33:01 -0800
Subject: [PATCH 05/13] wmic-default-8667114

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index ed76b234af..c31d2a8946 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -69,7 +69,7 @@ The features in this article are no longer being actively developed, and might b
 | Windows Information Protection <!-- 6010051 --> | [Windows Information Protection](/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip) will no longer be developed in future versions of Windows. For more information, see [Announcing sunset of Windows Information Protection (WIP)](https://go.microsoft.com/fwlink/?linkid=2202124).<br> <br>For your data protection needs, Microsoft recommends that you use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). | July 2022 |
 | BitLocker To Go Reader | **Note: BitLocker to Go as a feature is still supported.**<br>Reading of BitLocker-protected removable drives ([BitLocker To Go](/windows/security/information-protection/bitlocker/bitlocker-to-go-faq)) from Windows XP or Windows Vista in later operating systems is deprecated and might be removed in a future release of Windows client.<br>The following items might not be available in a future release of Windows client:<br>- ADMX policy: **Allow access to BitLocker-protected removable data drives from earlier versions of Windows**<br>- Command line parameter: [`manage-bde -DiscoveryVolumeType`](/windows-server/administration/windows-commands/manage-bde-on) (-dv)<br>- Catalog file: **c:\windows\BitLockerDiscoveryVolumeContents**<br>- BitLocker 2 Go Reader app: **bitlockertogo.exe** and associated files  | 21H1 |
 | Personalization roaming | Roaming of Personalization settings (including wallpaper, slideshow, accent colors, and lock screen images) is no longer being developed and might be removed in a future release. | 21H1 |
-| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation only applies to the [command-line management tool](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
+| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation only applies to the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
 | Timeline | Starting in July 2021, if you have your activity history synced across your devices through your Microsoft account (MSA), you can't upload new activity in Timeline. For more information, see [Get help with timeline](https://support.microsoft.com/windows/get-help-with-timeline-febc28db-034c-d2b0-3bbe-79aa0c501039).| 20H2 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |

From 6b26a9214a08e4917715ded0e36ebae9602c8a99 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 23 Jan 2024 09:34:33 -0800
Subject: [PATCH 06/13] wmic-default-8667114

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index c31d2a8946..6a92b5ac5c 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -69,7 +69,7 @@ The features in this article are no longer being actively developed, and might b
 | Windows Information Protection <!-- 6010051 --> | [Windows Information Protection](/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip) will no longer be developed in future versions of Windows. For more information, see [Announcing sunset of Windows Information Protection (WIP)](https://go.microsoft.com/fwlink/?linkid=2202124).<br> <br>For your data protection needs, Microsoft recommends that you use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). | July 2022 |
 | BitLocker To Go Reader | **Note: BitLocker to Go as a feature is still supported.**<br>Reading of BitLocker-protected removable drives ([BitLocker To Go](/windows/security/information-protection/bitlocker/bitlocker-to-go-faq)) from Windows XP or Windows Vista in later operating systems is deprecated and might be removed in a future release of Windows client.<br>The following items might not be available in a future release of Windows client:<br>- ADMX policy: **Allow access to BitLocker-protected removable data drives from earlier versions of Windows**<br>- Command line parameter: [`manage-bde -DiscoveryVolumeType`](/windows-server/administration/windows-commands/manage-bde-on) (-dv)<br>- Catalog file: **c:\windows\BitLockerDiscoveryVolumeContents**<br>- BitLocker 2 Go Reader app: **bitlockertogo.exe** and associated files  | 21H1 |
 | Personalization roaming | Roaming of Personalization settings (including wallpaper, slideshow, accent colors, and lock screen images) is no longer being developed and might be removed in a future release. | 21H1 |
-| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation only applies to the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
+| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
 | Timeline | Starting in July 2021, if you have your activity history synced across your devices through your Microsoft account (MSA), you can't upload new activity in Timeline. For more information, see [Get help with timeline](https://support.microsoft.com/windows/get-help-with-timeline-febc28db-034c-d2b0-3bbe-79aa0c501039).| 20H2 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |

From cd886f62c77da6ff2cefe629b175531681e9bfc4 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 23 Jan 2024 09:35:12 -0800
Subject: [PATCH 07/13] wmic-default-8667114

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 6a92b5ac5c..6f917e1d39 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -69,7 +69,7 @@ The features in this article are no longer being actively developed, and might b
 | Windows Information Protection <!-- 6010051 --> | [Windows Information Protection](/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip) will no longer be developed in future versions of Windows. For more information, see [Announcing sunset of Windows Information Protection (WIP)](https://go.microsoft.com/fwlink/?linkid=2202124).<br> <br>For your data protection needs, Microsoft recommends that you use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). | July 2022 |
 | BitLocker To Go Reader | **Note: BitLocker to Go as a feature is still supported.**<br>Reading of BitLocker-protected removable drives ([BitLocker To Go](/windows/security/information-protection/bitlocker/bitlocker-to-go-faq)) from Windows XP or Windows Vista in later operating systems is deprecated and might be removed in a future release of Windows client.<br>The following items might not be available in a future release of Windows client:<br>- ADMX policy: **Allow access to BitLocker-protected removable data drives from earlier versions of Windows**<br>- Command line parameter: [`manage-bde -DiscoveryVolumeType`](/windows-server/administration/windows-commands/manage-bde-on) (-dv)<br>- Catalog file: **c:\windows\BitLockerDiscoveryVolumeContents**<br>- BitLocker 2 Go Reader app: **bitlockertogo.exe** and associated files  | 21H1 |
 | Personalization roaming | Roaming of Personalization settings (including wallpaper, slideshow, accent colors, and lock screen images) is no longer being developed and might be removed in a future release. | 21H1 |
-| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
+| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC utility is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This utility is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
 | Timeline | Starting in July 2021, if you have your activity history synced across your devices through your Microsoft account (MSA), you can't upload new activity in Timeline. For more information, see [Get help with timeline](https://support.microsoft.com/windows/get-help-with-timeline-febc28db-034c-d2b0-3bbe-79aa0c501039).| 20H2 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |

From 46ef464f3a45492fb2ba90623a7060dbf3fb44d2 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 23 Jan 2024 09:53:39 -0800
Subject: [PATCH 08/13] wmic-default-8667114

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 6f917e1d39..3fac9b1b94 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -69,7 +69,7 @@ The features in this article are no longer being actively developed, and might b
 | Windows Information Protection <!-- 6010051 --> | [Windows Information Protection](/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip) will no longer be developed in future versions of Windows. For more information, see [Announcing sunset of Windows Information Protection (WIP)](https://go.microsoft.com/fwlink/?linkid=2202124).<br> <br>For your data protection needs, Microsoft recommends that you use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). | July 2022 |
 | BitLocker To Go Reader | **Note: BitLocker to Go as a feature is still supported.**<br>Reading of BitLocker-protected removable drives ([BitLocker To Go](/windows/security/information-protection/bitlocker/bitlocker-to-go-faq)) from Windows XP or Windows Vista in later operating systems is deprecated and might be removed in a future release of Windows client.<br>The following items might not be available in a future release of Windows client:<br>- ADMX policy: **Allow access to BitLocker-protected removable data drives from earlier versions of Windows**<br>- Command line parameter: [`manage-bde -DiscoveryVolumeType`](/windows-server/administration/windows-commands/manage-bde-on) (-dv)<br>- Catalog file: **c:\windows\BitLockerDiscoveryVolumeContents**<br>- BitLocker 2 Go Reader app: **bitlockertogo.exe** and associated files  | 21H1 |
 | Personalization roaming | Roaming of Personalization settings (including wallpaper, slideshow, accent colors, and lock screen images) is no longer being developed and might be removed in a future release. | 21H1 |
-| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC utility is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This utility is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
+| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC utility is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This utility is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update - January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
 | Timeline | Starting in July 2021, if you have your activity history synced across your devices through your Microsoft account (MSA), you can't upload new activity in Timeline. For more information, see [Get help with timeline](https://support.microsoft.com/windows/get-help-with-timeline-febc28db-034c-d2b0-3bbe-79aa0c501039).| 20H2 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |

From cf6392a820255ed0b48407c2d2ad556156f214a8 Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Wed, 24 Jan 2024 12:56:50 -0500
Subject: [PATCH 09/13] Acrolinx feedback

---
 ...microsoft-recommended-driver-block-rules.md | 10 +++++-----
 .../design/wdac-wizard-parsing-event-logs.md   | 18 +++++++++---------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md b/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
index e2ad6410e3..2b18eadcc2 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
@@ -5,7 +5,7 @@ ms.localizationpriority: medium
 ms.collection:
 - tier3
 - must-keep
-ms.date: 06/06/2023
+ms.date: 01/24/2024
 ms.topic: article
 ---
 
@@ -20,7 +20,7 @@ Microsoft has strict requirements for code running in kernel. So, malicious acto
 - Malicious behaviors (malware) or certificates used to sign malware
 - Behaviors that aren't malicious but circumvent the Windows Security Model and can be exploited by attackers to elevate privileges in the Windows kernel
 
-Drivers can be submitted to Microsoft for security analysis at the [Microsoft Security Intelligence Driver Submission page](https://www.microsoft.com/en-us/wdsi/driversubmission). For more information about driver submission, see [Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center](https://www.microsoft.com/security/blog/2021/12/08/improve-kernel-security-with-the-new-microsoft-vulnerable-and-malicious-driver-reporting-center/). To report an issue or request a change to the vulnerable driver blocklist, including updating a block rule once a driver vulnerability has been patched, visit the [Microsoft Security Intelligence portal](https://www.microsoft.com/wdsi) or submit feedback on this article.
+Drivers can be submitted to Microsoft for security analysis at the [Microsoft Security Intelligence Driver Submission page](https://www.microsoft.com/en-us/wdsi/driversubmission). For more information about driver submission, see [Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center](https://www.microsoft.com/security/blog/2021/12/08/improve-kernel-security-with-the-new-microsoft-vulnerable-and-malicious-driver-reporting-center/). To report an issue or request a change to the blocklist, including updating a block rule once a driver has been fixed, visit the [Microsoft Security Intelligence portal](https://www.microsoft.com/wdsi) or submit feedback on this article.
 
 > [!NOTE]
 > Blocking drivers can cause devices or software to malfunction, and in rare cases, lead to blue screen. The vulnerable driver blocklist is not guaranteed to block every driver found to have vulnerabilities. Microsoft attempts to balance the security risks from vulnerable drivers with the potential impact on compatibility and reliability to produce the blocklist. As always, Microsoft recommends using an explicit allow list approach to security wherever possible.
@@ -39,7 +39,7 @@ With Windows 11 2022 update, the vulnerable driver blocklist  is enabled by defa
 
 The blocklist is updated with each new major release of Windows, typically 1-2 times per year, including most recently with the Windows 11 2022 update released in September 2022. The most current blocklist is now also available for Windows 10 20H2 and Windows 11 21H2 users as an optional update from Windows Update. Microsoft will occasionally publish future updates through regular Windows servicing.
 
-Customers who always want the most up-to-date driver blocklist can also use Windows Defender Application Control (WDAC) to apply the latest recommended driver blocklist contained in this article. For your convenience, we've provided a download of the most up-to-date vulnerable driver blocklist along with instructions to apply it on your computer at the end of this article. Otherwise, you can use the XML provided below to create your own custom WDAC policies.
+Customers who always want the most up-to-date driver blocklist can also use Windows Defender Application Control (WDAC) to apply the latest recommended driver blocklist contained in this article. For your convenience, we provide a download of the most up-to-date vulnerable driver blocklist along with instructions to apply it on your computer at the end of this article. Otherwise, use the following XML to create your own custom WDAC policies.
 
 ## Blocking vulnerable drivers using WDAC
 
@@ -72,12 +72,12 @@ To check that the policy was successfully applied on your computer:
 ## Vulnerable driver blocklist XML
 
 > [!IMPORTANT]
-> The policy listed below contains **Allow All** rules. If your version of Windows supports WDAC multiple policies, we recommend deploying this policy alongside any existing WDAC policies. If you do plan to merge this policy with another policy, you may need to remove the **Allow All** rules before merging it if the other policy applies an explicit allow list. For more information, see [Create a WDAC Deny Policy](/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy#single-policy-considerations).
+> The following policy contains **Allow All** rules. If your version of Windows supports WDAC multiple policies, we recommend deploying this policy alongside any existing WDAC policies. If you do plan to merge this policy with another policy, you may need to remove the **Allow All** rules before merging it if the other policy applies an explicit allow list. For more information, see [Create a WDAC Deny Policy](/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy#single-policy-considerations).
 
 > [!NOTE]
 > To use this policy with Windows Server 2016, you must convert the policy XML on a device running a newer operating system.
 
-The below recommended blocklist xml policy file can also be downloaded from the [Microsoft Download Center](https://aka.ms/VulnerableDriverBlockList).
+The following recommended blocklist xml policy file can also be downloaded from the [Microsoft Download Center](https://aka.ms/VulnerableDriverBlockList).
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
index fee227057a..5fb5ff24d3 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
@@ -3,7 +3,7 @@ title: Windows Defender Application Control Wizard WDAC Event Parsing
 description: Creating WDAC policy rules from the WDAC event logs and the MDE Advanced Hunting WDAC events.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 02/01/2023
+ms.date: 01/24/2024
 ---
 
 # Creating WDAC Policy Rules from WDAC Events in the Wizard
@@ -21,11 +21,11 @@ As of [version 2.2.0.0](https://webapp-wdac-wizard.azurewebsites.net/archives.ht
 
 To create rules from the WDAC event logs on the system:
 
-1. Select **Policy Editor** from the WDAC Wizard main page.
+1. Select **Policy Editor** from the main page.
 2. Select **Convert Event Log to a WDAC Policy**.
 3. Select the **Parse Event Logs** button under the **Parse Event Logs from the System Event Viewer to Policy** header.
 
-   The Wizard will parse the relevant audit and block events from the CodeIntegrity (WDAC) Operational and AppLocker MSI and Script logs. You'll see a notification when the Wizard successfully finishes reading the events. 
+   The Wizard parses the relevant audit and block events from the CodeIntegrity (WDAC) Operational and AppLocker MSI and Script logs. You see a notification when the Wizard successfully finishes reading the events. 
 
    > [!div class="mx-imgBorder"]
    > [![Parse WDAC and AppLocker event log system events](../images/wdac-wizard-event-log-system.png)](../images/wdac-wizard-event-log-system-expanded.png)
@@ -37,12 +37,12 @@ To create rules from the WDAC event logs on the system:
 
 To create rules from the WDAC `.EVTX` event logs files on the system:
 
-1. Select **Policy Editor** from the WDAC Wizard main page.
+1. Select **Policy Editor** from the main page.
 2. Select **Convert Event Log to a WDAC Policy**.
 3. Select the **Parse Log File(s)** button under the **Parse Event Log evtx Files to Policy** header.
 4. Select the WDAC CodeIntegrity Event log EVTX file(s) from the disk to parse.
 
-   The Wizard will parse the relevant audit and block events from the selected log files. You'll see a notification when the Wizard successfully finishes reading the events. 
+   The Wizard parses the relevant audit and block events from the selected log files. You see a notification when the Wizard successfully finishes reading the events. 
 
    > [!div class="mx-imgBorder"]
    > [![Parse evtx file WDAC events](../images/wdac-wizard-event-log-files.png)](../images/wdac-wizard-event-log-files-expanded.png)
@@ -84,12 +84,12 @@ To create rules from the WDAC events in [MDE Advanced Hunting](../operations/que
    > [!div class="mx-imgBorder"]
    > [![Export the MDE Advanced Hunting results to CSV](../images/wdac-wizard-event-log-mde-ah-export.png)](../images/wdac-wizard-event-log-mde-ah-export-expanded.png)
 
-3. Select **Policy Editor** from the WDAC Wizard main page.
+3. Select **Policy Editor** from the main page.
 4. Select **Convert Event Log to a WDAC Policy**.
 5. Select the **Parse Log File(s)** button under the "Parse MDE Advanced Hunting Events to Policy" header.
 6. Select the WDAC MDE Advanced Hunting export CSV files from the disk to parse.
 
-   The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You'll see a notification when the Wizard successfully finishes reading the events. 
+   The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You see a notification when the Wizard successfully finishes reading the events. 
 
    > [!div class="mx-imgBorder"]
    > [![Parse the Advanced Hunting CSV WDAC event files](../images/wdac-wizard-event-log-mde-ah-parsing.png)](../images/wdac-wizard-event-log-mde-ah-parsing-expanded.png)
@@ -99,14 +99,14 @@ To create rules from the WDAC events in [MDE Advanced Hunting](../operations/que
 
 ## Creating Policy Rules from the Events
 
-On the "Configure Event Log Rules" page, the unique WDAC log events will be shown in the table. Event Ids, filenames, product names, the policy name that audited or blocked the file, and the file publisher are all shown in the table. The table can be sorted alphabetically by clicking on any of the headers. 
+On the "Configure Event Log Rules" page, the unique WDAC log events are shown in the table. Event Ids, filenames, product names, the policy name that audited or blocked the file, and the file publisher are all shown in the table. The table can be sorted alphabetically by clicking on any of the headers. 
 
 To create a rule and add it to the WDAC policy: 
 
 1. Select an audit or block event in the table by selecting the row of interest.
 2. Select a rule type from the dropdown. The Wizard supports creating Publisher, Path, File Attribute, Packaged App and Hash rules.
 3. Select the attributes and fields that should be added to the policy rules using the checkboxes provided for the rule type.
-4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label will be added to the selected row confirming that the rule will be generated.
+4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label is shown in the selected row confirming that the rule will be generated.
 
    > [!div class="mx-imgBorder"]
    > [![Adding a publisher rule to the WDAC policy](../images/wdac-wizard-event-rule-creation.png)](../images/wdac-wizard-event-rule-creation-expanded.png)

From 8f329a85c7e967df26fded276534d665f8cd210b Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Thu, 25 Jan 2024 08:53:41 -0800
Subject: [PATCH 10/13] fix link

---
 windows/deployment/upgrade/resolve-windows-upgrade-errors.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/upgrade/resolve-windows-upgrade-errors.md b/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
index fac9a7f59e..7b2a277708 100644
--- a/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
+++ b/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
@@ -37,7 +37,7 @@ See the following articles in this section:
 
 - [Quick fixes](/troubleshoot/windows-client/deployment/windows-10-upgrade-quick-fixes?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json): \Level 100\ Steps to take to eliminate many Windows upgrade errors.
 - [SetupDiag](setupdiag.md): \Level 300\ SetupDiag is a new tool to help isolate the root cause of an upgrade failure.
-- [Troubleshooting upgrade errors](/troubleshoot/windows-client/deployment/windows-upgrade-issues-troubleshooting?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json): \Level 300\ General advice and techniques for troubleshooting Windows upgrade errors, and an explanation of phases used during the upgrade process.
+- [Troubleshooting upgrade errors](/troubleshoot/windows-client/deployment/windows-10-upgrade-issues-troubleshooting?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json): \Level 300\ General advice and techniques for troubleshooting Windows upgrade errors, and an explanation of phases used during the upgrade process.
 - [Windows Error Reporting](windows-error-reporting.md): \Level 300\ How to use Event Viewer to review details about a Windows upgrade.
 - [Upgrade error codes](/troubleshoot/windows-client/deployment/windows-10-upgrade-error-codes?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json): \Level 400\ The components of an error code are explained.
   - [Result codes](/troubleshoot/windows-client/deployment/windows-10-upgrade-error-codes?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json#result-codes): Information about result codes.

From 4f3f74eef4c934be0a0bcd48802514109caff4d6 Mon Sep 17 00:00:00 2001
From: Stacyrch140 <102548089+Stacyrch140@users.noreply.github.com>
Date: Thu, 25 Jan 2024 12:21:16 -0500
Subject: [PATCH 11/13] pencil edits

---
 windows/deployment/upgrade/resolve-windows-upgrade-errors.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/upgrade/resolve-windows-upgrade-errors.md b/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
index 7b2a277708..db42df75b3 100644
--- a/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
+++ b/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
@@ -6,8 +6,8 @@ description: Resolve Windows upgrade errors for ITPros. Technical information fo
 author: frankroj
 ms.localizationpriority: medium
 ms.topic: article
-ms.prod: windows-client
-ms.technology: itpro-deploy
+ms.service: windows-client
+ms.subservice: itpro-deploy
 ms.date: 01/18/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>

From b508dcdad2bb126b2be79463bb7fd6a4826d83f6 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 25 Jan 2024 12:59:13 -0800
Subject: [PATCH 12/13] wmic-default

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 3fac9b1b94..bdf7f70696 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -69,7 +69,7 @@ The features in this article are no longer being actively developed, and might b
 | Windows Information Protection <!-- 6010051 --> | [Windows Information Protection](/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip) will no longer be developed in future versions of Windows. For more information, see [Announcing sunset of Windows Information Protection (WIP)](https://go.microsoft.com/fwlink/?linkid=2202124).<br> <br>For your data protection needs, Microsoft recommends that you use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). | July 2022 |
 | BitLocker To Go Reader | **Note: BitLocker to Go as a feature is still supported.**<br>Reading of BitLocker-protected removable drives ([BitLocker To Go](/windows/security/information-protection/bitlocker/bitlocker-to-go-faq)) from Windows XP or Windows Vista in later operating systems is deprecated and might be removed in a future release of Windows client.<br>The following items might not be available in a future release of Windows client:<br>- ADMX policy: **Allow access to BitLocker-protected removable data drives from earlier versions of Windows**<br>- Command line parameter: [`manage-bde -DiscoveryVolumeType`](/windows-server/administration/windows-commands/manage-bde-on) (-dv)<br>- Catalog file: **c:\windows\BitLockerDiscoveryVolumeContents**<br>- BitLocker 2 Go Reader app: **bitlockertogo.exe** and associated files  | 21H1 |
 | Personalization roaming | Roaming of Personalization settings (including wallpaper, slideshow, accent colors, and lock screen images) is no longer being developed and might be removed in a future release. | 21H1 |
-| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC utility is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This utility is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update - January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic). In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
+| Windows Management Instrumentation command-line (WMIC) utility. | The WMIC utility is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This utility is superseded by [Windows PowerShell for WMI](/powershell/scripting/learn/ps101/07-working-with-wmi). Note: This deprecation applies to only the [command-line management utility](/windows/win32/wmisdk/wmic). WMI itself isn't affected. </br> </br> **[Update - January 2024]**: Currently, WMIC is a Feature on Demand (FoD) that's [preinstalled by default](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod#wmic) in Windows 11, versions 23H2 and 22H2. In the next release of Windows, the WMIC FoD will be disabled by default. | 21H1 |
 | Timeline | Starting in July 2021, if you have your activity history synced across your devices through your Microsoft account (MSA), you can't upload new activity in Timeline. For more information, see [Get help with timeline](https://support.microsoft.com/windows/get-help-with-timeline-febc28db-034c-d2b0-3bbe-79aa0c501039).| 20H2 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |

From 9ad3e9a90457033e37c33871ffa524a4c2419513 Mon Sep 17 00:00:00 2001
From: MSRobertD <43757104+MSRobertD@users.noreply.github.com>
Date: Fri, 26 Jan 2024 07:39:50 -0800
Subject: [PATCH 13/13] Initial commit with updates for Common Criteria topic.

---
 .../windows-platform-common-criteria.md       | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/windows/security/security-foundations/certification/windows-platform-common-criteria.md b/windows/security/security-foundations/certification/windows-platform-common-criteria.md
index adfc44645c..6803a39f95 100644
--- a/windows/security/security-foundations/certification/windows-platform-common-criteria.md
+++ b/windows/security/security-foundations/certification/windows-platform-common-criteria.md
@@ -18,9 +18,18 @@ Microsoft is committed to optimizing the security of its products and services.
 
 The product releases below are currently certified against the cited *Protection Profile*, as listed on the [Common Criteria Portal](https://www.commoncriteriaportal.org/products/):
 
-- The *Security Target* describes the product edition(s) in scope, the security functionality in the product, and the assurance measures from the *Protection Profile* used as part of the evaluation
-- The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration
-- The *Certification Report or Validation Report* documents the results of the evaluation by the validation team, with the *Assurance Activity Report* providing details on the evaluator's actions
+- The *Security Target* describes the product edition(s) in scope, the security functionality in the product, and the assurance measures from the *Protection Profile* used as part of the evaluation.
+- The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration.
+- The *Certification Report or Validation Report* documents the results of the evaluation by the validation team, with the *Assurance Activity Report* providing details on the evaluator's actions.
+
+### Windows 11 (version 22H2), Windows 10 (version 22H2), Windows Server 2022, Windows Server Datacenter: Azure Edition, Azure Stack HCIv2 version 22H2, Azure Stack Hub and Edge
+
+Certified against the Protection Profile for General Purpose Operating Systems (4.2.1), the PP-Module for VPN Client (2.4), the PP-Module for Wireless Local Area Network Client (1.0) and the PP-Module for Bluetooth (1.0)
+
+- [Security Target](https://download.microsoft.com/download/2/6/c/26c2c205-db9f-474b-9ac7-bd8bf6ae463c/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Security%20Target%20(22H2).pdf)
+- [Administrative Guide](https://download.microsoft.com/download/c/8/3/c83090c7-d299-4d26-a1c3-fb2bf2d77a7b/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Administrative%20Guide%20(22H2).pdf)
+- [Assurance Activity Report](https://download.microsoft.com/download/1/7/f/17fac352-5c93-4e4b-9866-3c0df4080164/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Public%20Assurance%20Activity%20Report%20(22H2).pdf)
+- [Certification Report](https://download.microsoft.com/download/6/9/1/69101f35-1373-4262-8c5b-75e08bc2e365/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Validation%20Report%20(22H2).pdf)
 
 ### Windows 11, Windows 10 (version  20H2, 21H1, 21H2), Windows Server, Windows Server 2022, Azure Stack HCIv2 version 21H2, Azure Stack Hub and Edge
 
@@ -29,7 +38,7 @@ Certified against the Protection Profile for General Purpose Operating Systems,
 - [Security Target](https://download.microsoft.com/download/c/5/9/c59832ff-414b-4f15-8273-d0c349a0b154/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Security%20Target%20(21H2%20et%20al).pdf)
 - [Administrative Guide](https://download.microsoft.com/download/9/1/7/9178ce6a-8117-42e7-be0d-186fc4a89ca6/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Administrative%20Guide%20(21H2%20et%20al).pdf)
 - [Assurance Activity Report](https://download.microsoft.com/download/4/1/6/416151fe-63e7-48c0-a485-1d87148c71fe/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Assurance%20Activity%20Report%20(21H2%20et%20al).pdf)
-- [Validation Report](https://download.microsoft.com/download/e/3/7/e374af1a-3c5d-42ee-8e19-df47d2c0e3d6/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Validation%20Report%20(21H2%20et%20al).pdf)
+- [Certification Report](https://download.microsoft.com/download/e/3/7/e374af1a-3c5d-42ee-8e19-df47d2c0e3d6/Microsoft%20Windows,%20Windows%20Server,%20Azure%20Stack%20Validation%20Report%20(21H2%20et%20al).pdf)
 
 ### Windows 10, version 2004, Windows Server, version 2004, Windows Server Core Datacenter (Azure Fabric Controller), Windows Server Core Datacenter (Azure Stack)
 
@@ -37,7 +46,7 @@ Certified against the Protection Profile for General Purpose Operating Systems,
 
 - [Security Target](https://download.microsoft.com/download/a/5/6/a5650848-e86a-4554-bb13-1ad6ff2d45d2/Windows%2010%202004%20GP%20OS%20Security%20Target.pdf)
 - [Administrative Guide](https://download.microsoft.com/download/4/a/6/4a66a459-3c73-4c34-84bb-92cb20301206/Windows%2010%202004%20GP%20OS%20Administrative%20Guide.pdf)
-- [Validation Report](https://download.microsoft.com/download/1/c/b/1cb65e32-f87d-41dd-bc29-88dc943fad9d/Windows%2010%202004%20GP%20OS%20Validation%20Reports.pdf)
+- [Certification Report](https://download.microsoft.com/download/1/c/b/1cb65e32-f87d-41dd-bc29-88dc943fad9d/Windows%2010%202004%20GP%20OS%20Validation%20Reports.pdf)
 - [Assurance Activity Report](https://download.microsoft.com/download/3/2/4/324562b6-0917-4708-8f9d-8d2d12859839/Windows%2010%202004%20GP%20OS%20Assurance%20Activity%20Report-Public%20.pdf)
 
 ### Windows 10, version 1909, Windows Server, version 1909, Windows Server 2019, version 1809 Hyper-V