From 500f231f46147f1b6bb8e33e9f4921fdbae78798 Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Thu, 24 Mar 2022 16:36:20 -0700
Subject: [PATCH 1/4] Added vulnerable Agnitum Sandbox drivers, malicious
 HermeticWiper driver signers, clarified processHackerRule and Nvidia's leaked
 2007 key

---
 ...icrosoft-recommended-driver-block-rules.md |   56 +-
 ...soft-recommended-driver-block-rules.md.bak | 1177 +++++++++++++++++
 2 files changed, 1230 insertions(+), 3 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index ddc5e3e2fe..a00c398431 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -46,7 +46,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
 <SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
-  <VersionEx>10.0.25070.0</VersionEx>
+  <VersionEx>10.0.25090.0</VersionEx>
   <PolicyTypeID>{D2BDA982-CCF6-4344-AC5B-0B44427B6816}</PolicyTypeID>
   <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
   <Rules>
@@ -389,7 +389,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
     <Deny ID="ID_DENY_RETLIFTEN_SHA256_70" FriendlyName="b.sys Hash Sha256" Hash="84DF20B1D9D87E305C92E5FFAE21B10B325609D59D835A954DBD8750EF5DABF4"/>
     <Deny ID="ID_DENY_RETLIFTEN_SHA256_71" FriendlyName="nt4.sys Hash Sha256" Hash="D7BC7306CB489FE4C285BBEDDC6D1A09E814EF55CF30BD5B8DAF87A52396F102"/>
     <Deny ID="ID_DENY_RETLIFTEN_SHA256_72" FriendlyName="d3.sys Hash Sha256" Hash="36875562E747136313EC5DB58174E5FAB870997A054CA8D3987D181599C7DB6A"/>
-    <Deny ID="ID_DENY_PROCESSHACKER" FriendlyName="kprocesshacker.sys FileRule" FileName="kprocesshacker.sys" />
+    <Deny ID="ID_DENY_PROCESSHACKER" FriendlyName="kprocesshacker.sys FileRule" FileName="kprocesshacker.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.65535.65535" />
     <Deny ID="ID_DENY_AMP" FriendlyName="System Mechanic CVE-2018-5701" FileName="amp.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="5.4.11.1" />
     <Deny ID="ID_DENY_ASMMAP" FriendlyName="Asus Memory Mapping Driver" FileName="asmmap.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <Deny ID="ID_DENY_ASMMAP_64" FriendlyName="Asus Memory Mapping Driver" FileName="asmmap64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
@@ -422,6 +422,8 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
     <FileAttrib ID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" FriendlyName="" FileName="rtkiow8x64.sys" MinimumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" FriendlyName="" FileName="rtkiow10x64.sys" MinimumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_RWDRV_DRIVER" FriendlyName="" FileName="RwDrv.sys" MinimumFileVersion="65535.65535.65535.65535" />
+	<FileAttrib ID="ID_FILEATTRIB_SANDBOX_1" FriendlyName="Agnitum sandbox FileAttribute" FileName="sandbox.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_SANDBOX_2" FriendlyName="Agnitum SandBox FileAttribute" FileName="SandBox.sys"  MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
     <FileAttrib ID="ID_FILEATTRIB_SANDRA" FriendlyName="" FileName="SANDRA" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_SANDRA_DRIVER" FriendlyName="" FileName="sandra.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
     <FileAttrib ID="ID_FILEATTRIB_SEGWINDRVX64" FriendlyName="segwindrvx64.sys FileAttribute" FileName="segwindrvx64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="100.0.7.2" />
@@ -700,6 +702,26 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
       <CertRoot Type="TBS" Value="13BAA039635F1C5292A8C2F36AAE7E1D25C025202E9092F5B0F53F5F752DFA9C71B3D1B8D9A6358FCEE6EC75622FABF9" />
       <CertPublisher Value="Advanced Micro Devices Inc." />
       <FileAttribRef RuleID="ID_FILEATTRIB_AMDPP" />
+    </Signer>
+	<Signer ID="ID_SIGNER_AGNITUM_2004" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="Agnitum Ltd." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_2" />
+    </Signer>
+	<Signer ID="ID_SIGNER_AGNITUM_2009" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
+      <CertPublisher Value="Agnitum Ltd." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
+    </Signer>
+    <Signer ID="ID_SIGNER_AGNITUM_2010" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="Agnitum Ltd." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
+    </Signer>
+    <Signer ID="ID_SIGNER_AGNITUM_2010_1" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4678C6E4A8787A8E6ED2BCE8792B122F6C08AFD8" />
+      <CertPublisher Value="Agnitum Ltd." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDBOX_1" />
     </Signer>
     <Signer ID="ID_SIGNER_GEOTRUST_SRL_2009" Name="HT Srl Digital ID Class 3 - Microsoft Software Validation v2">
       <CertRoot Type="TBS" Value="d70edfa009a76bd8250d74e9ee92eb9ead7d4cb3" />
@@ -721,12 +743,31 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
     </Signer>
 	<Signer ID="ID_SIGNER_SAASAME" Name="SaaSaMe Ltd.">
       <CertRoot Type="TBS" Value="A86DE66D8198E4272859881476A6F9936034A482" />
+    </Signer>
+	<Signer ID="ID_SIGNER_NVIDIA_2007" Name="Leaked 2007 NVIDIA Corporation Verisign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="80854F578E2A3B5552EA839BA4F98DDFE94B2381" />
     </Signer>
 	<Signer ID="ID_SIGNER_NVIDIA_2011" Name="Leaked 2011 NVIDIA Corporation Verisign Class 3 Code Signing 2010 CA">
       <CertRoot Type="TBS" Value="15C37DBEBE6FCC77108E3D7AD982676D3D5E77F7" />
     </Signer>
 	<Signer ID="ID_SIGNER_NVIDIA_2015" Name="Leaked 2015 NVIDIA Corporation Verisign Class 3 Code Signing 2010 CA">
       <CertRoot Type="TBS" Value="F049A238763D4A90B148AB10A500F96EBF1DC436" />
+    </Signer>
+	<Signer ID="ID_SIGNER_HERMETICWIPER_1" Name="DigiCert Assured ID Code Signing CA-1">
+      <CertRoot Type="TBS" Value="47F4B9898631773231B32844EC0D49990AC4EB1E" />
+      <CertPublisher Value="CHENGDU YIWO Tech Development Co., Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_HERMETICWIPER_2" Name="Symantec Class 3 Extended Validation Code Signing CA - G2">
+      <CertRoot Type="TBS" Value="B3C925B4048C3F7C444D248A2B101186B57CBA39596EB5DCE0E17A4EE4B32F19" />
+      <CertPublisher Value="Chengdu Yiwo Tech Development Co., Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_HERMETICWIPER_3" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="CHENGDU YIWO Tech Development Co., Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_HERMETICWIPER_4" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="CHENGDU YIWO Tech Development Co., Ltd." />
     </Signer>
   </Signers>
   <!--Driver Signing Scenarios-->
@@ -734,6 +775,10 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
     <SigningScenario Value="131" ID="ID_SIGNINGSCENARIO_DENIED_VULN_MAL_SIGNERS" FriendlyName="Signers of known vulnerable or malicious drivers">
       <ProductSigners>
         <DeniedSigners>
+		  <DeniedSigner SignerId="ID_SIGNER_AGNITUM_2004" />
+		  <DeniedSigner SignerId="ID_SIGNER_AGNITUM_2009" />
+		  <DeniedSigner SignerId="ID_SIGNER_AGNITUM_2010" />
+		  <DeniedSigner SignerId="ID_SIGNER_AGNITUM_2010_1" />
           <DeniedSigner SignerId="ID_SIGNER_AMDPP" />
           <DeniedSigner SignerId="ID_SIGNER_CAPCOM" />
           <DeniedSigner SignerId="ID_SIGNER_CHEAT_ENGINE" /> 
@@ -750,6 +795,10 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
           <DeniedSigner SignerId="ID_SIGNER_GEOTRUST_SRL_2010" />
           <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_TG_SOFT" />
           <DeniedSigner SignerId="ID_SIGNER_HANDAN" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_1" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_2" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_3" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_4" />
           <DeniedSigner SignerId="ID_SIGNER_HP" /> 
           <DeniedSigner SignerId="ID_SIGNER_INTEL_IQVW" />
           <DeniedSigner SignerId="ID_SIGNER_JEROMIN_CODY_ERIC" />
@@ -757,6 +806,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
           <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_KERNEL_SHA2" />
           <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_USER" />
           <DeniedSigner SignerId="ID_SIGNER_NANJING" />
+		  <DeniedSigner SignerId="ID_SIGNER_NVIDIA_2007" />
 		  <DeniedSigner SignerId="ID_SIGNER_NVIDIA_2011" />
 		  <DeniedSigner SignerId="ID_SIGNER_NVIDIA_2015" />
           <DeniedSigner SignerId="ID_SIGNER_PHYSMEM" />
@@ -1143,7 +1193,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
     </Setting>
     <Setting Provider="PolicyInfo" Key="Information" ValueName="Id">
       <Value>
-        <String>10.0.25070.0</String>
+        <String>10.0.25000.0</String>
       </Value>
     </Setting>
   </Settings>
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak
new file mode 100644
index 0000000000..3b611f4bc1
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak
@@ -0,0 +1,1177 @@
+---
+title: Microsoft recommended driver block rules (Windows)
+description: View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.  
+keywords:  security, malware, kernel mode, driver
+ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
+ms.prod: m365-security
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+audience: ITPro
+ms.collection: M365-security-compliance
+author: jgeurten
+ms.reviewer: isbrahm
+ms.author: dansimp
+manager: dansimp
+ms.date: 
+---
+
+# Microsoft recommended driver block rules
+
+**Applies to:**
+
+-   Windows 10
+-   Windows 11
+-   Windows Server 2016 and above
+
+>[!NOTE]
+>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
+
+Microsoft has strict requirements for code running in kernel. So, malicious actors are turning to exploit vulnerabilities in legitimate and signed kernel drivers to run malware in kernel. One of the many strengths of the Windows platform is our strong collaboration with independent hardware vendors (IHVs) and OEMs. Microsoft works closely with our IHVs and security community to ensure the highest level of driver security for our customers and when vulnerabilities in drivers do arise, that they're quickly patched and rolled out to the ecosystem. Microsoft then adds the vulnerable versions of the drivers to our ecosystem block policy, which is applied to the following sets of devices:
+
+- Hypervisor-protected code integrity (HVCI) enabled devices
+- Windows 10 in S mode (S mode) devices
+
+The vulnerable driver blocklist is designed to help harden systems against third party-developed drivers across the Windows ecosystem with any of the following attributes: 
+
+- Known security vulnerabilities that can be exploited by attackers to elevate privileges in the Windows kernel
+- Malicious behaviors (malware) or certificates used to sign malware
+- Behaviors that are not malicious but circumvent the Windows Security Model and can be exploited by attackers to elevate privileges in the Windows kernel
+
+Drivers can be submitted to Microsoft for security analysis at the [Microsoft Security Intelligence Driver Submission page](https://www.microsoft.com/en-us/wdsi/driversubmission). To report an issue or request a change to the vulnerable driver blocklist, including updating a block rule once a driver vulnerability has been patched, visit the [Microsoft Security Intelligence portal](https://www.microsoft.com/wdsi) or submit feedback on this article. 
+
+Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this isn't possible, Microsoft recommends blocking this list of drivers within your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It's recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events.
+
+```xml
+<?xml version="1.0" encoding="utf-8"?>
+<SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
+  <VersionEx>10.0.25090.0</VersionEx>
+  <PolicyTypeID>{D2BDA982-CCF6-4344-AC5B-0B44427B6816}</PolicyTypeID>
+  <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
+  <Rules>
+    <Rule>
+      <Option>Enabled:Unsigned System Integrity Policy</Option>
+    </Rule>
+	<Rule>
+      <Option>Enabled:Audit Mode</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Advanced Boot Options Menu</Option>
+    </Rule>
+  </Rules>
+  <!--EKUS-->
+  <EKUs />
+  <!--File Rules-->
+  <FileRules>
+    <Allow ID="ID_ALLOW_ALL_1" FriendlyName="" FileName="*" />
+    <Allow ID="ID_ALLOW_ALL_2" FriendlyName="" FileName="*" />
+    <Deny ID="ID_DENY_ASIO_32_SHA1" FriendlyName="ASIO32.sys Hash Sha1" Hash="D569D4BAB86E70EFBCDFDAC9D822139D6F477B7C" />
+    <Deny ID="ID_DENY_ASIO_32_SHA256" FriendlyName="ASIO32.sys Hash Sha256" Hash="80599708CE61EC5D6DCFC5977208A2A0BE2252820A88D9BA260D8CDF5DC7FBE4" />
+    <Deny ID="ID_DENY_ASIO_32_SHA1_PAGE" FriendlyName="ASIO32.sys Hash Page Sha1" Hash="80FA962BDFB76DFCB9E5D13EFC38BB3D392F2E77" />
+    <Deny ID="ID_DENY_ASIO_32_SHA256_PAGE" FriendlyName="ASIO32.sys Hash Page Sha256" Hash="9091E044273FF624585235AC885EB2B05DFB12F3022DCF535B178FF1B2E012D1" />
+    <Deny ID="ID_DENY_ASIO_32_SHA1_1" FriendlyName="ASIO32.sys Hash Sha1" Hash="5A7DD0DA0AEE0BDEDC14C1B7831B9CE9178A0346" />
+    <Deny ID="ID_DENY_ASIO_32_SHA256_1" FriendlyName="ASIO32.sys Hash Sha256" Hash="92EDD48DFAC025D4069EB6491B9730D9D131B77CCEAA480AF9B3C32BC8C5E3A9" />
+    <Deny ID="ID_DENY_ASIO_32_SHA1_PAGE_1" FriendlyName="ASIO32.sys Hash Page Sha1" Hash="1ACC7A486B52C5EE6619DBDC3B4210B5F48B936F" />
+    <Deny ID="ID_DENY_ASIO_32_SHA256_PAGE_1" FriendlyName="ASIO32.sys Hash Page Sha256" Hash="F84634B5C0E83CA9BB25928DC3C4FC05D37451C23B780DBEEB1F10F056F1EEEE" />
+    <Deny ID="ID_DENY_ASIO_32_SHA1_2" FriendlyName="ASIO32.sys Hash Sha1" Hash="55AB7E27412ECA433D76513EDC7E6E03BCDD7EDA" />
+    <Deny ID="ID_DENY_ASIO_32_SHA256_2" FriendlyName="ASIO32.sys Hash Sha256" Hash="C1B41D6B91448E2409BB2F4FBF4AEB952ADF373D0DECC9D052277B89BA401407" />
+    <Deny ID="ID_DENY_ASIO_32_SHA1_PAGE_2" FriendlyName="ASIO32.sys Hash Page Sha1" Hash="1E7C241B9A9EA79061B50FB19B3D141DEE175C27" />
+    <Deny ID="ID_DENY_ASIO_32_SHA256_PAGE_2" FriendlyName="ASIO32.sys Hash Page Sha256" Hash="1056806F6508B4F5E8A00A6E8D07AEAC06A1BE5F9B92F1684F33682D2DA9349E" />
+    <Deny ID="ID_DENY_ASIO_64_SHA1" FriendlyName="ASIO64.sys Hash Sha1" Hash="E5C090903A20744BA3583A8EA684D035E8CECC34" />
+    <Deny ID="ID_DENY_ASIO_64_SHA256" FriendlyName="ASIO64.sys Hash Sha256" Hash="9DCFD796E244D0687CC35EAC9538F209F76C6DF12DE166F19DBC7D2C47FB16B3" />
+    <Deny ID="ID_DENY_ASIO_64_SHA1_PAGE" FriendlyName="ASIO64.sys Hash Page Sha1" Hash="CA5FF4EB8CCBDE4EFF3491FD7941769E8D093D79" />
+    <Deny ID="ID_DENY_ASIO_64_SHA256_PAGE" FriendlyName="ASIO64.sys Hash Page Sha256" Hash="D8841803F181F735D8794C82BA52D8C484B3B0A95DBBB66114314F439B75B0E9" />
+    <Deny ID="ID_DENY_ASIO_64_SHA1_1" FriendlyName="ASIO64.sys Hash Sha1" Hash="C92148D0666F2235500805975BE79738B84E48C2" />
+    <Deny ID="ID_DENY_ASIO_64_SHA256_1" FriendlyName="ASIO64.sys Hash Sha256" Hash="19C74EA0E0BAF04820E5642BD2FA224158801ED966BE1041539E3C55BD65C471" />
+    <Deny ID="ID_DENY_ASIO_64_SHA1_PAGE_1" FriendlyName="ASIO64.sys Hash Page Sha1" Hash="F8270F774B3549079EA7D5F0D5406F307019BDFB" />
+    <Deny ID="ID_DENY_ASIO_64_SHA256_PAGE_1" FriendlyName="ASIO64.sys Hash Page Sha256" Hash="A3C9C5625BA6A6075D365543603A4DD4D7790850753D5289FF976EB2A839910F" />
+    <Deny ID="ID_DENY_ASIO_64_SHA1_2" FriendlyName="ASIO64.sys Hash Sha1" Hash="61E1B497A5DF0797527D6D465A8F315A82AD35EB" />
+    <Deny ID="ID_DENY_ASIO_64_SHA256_2" FriendlyName="ASIO64.sys Hash Sha256" Hash="739C11FDB8673AB5B78F1A874DAF5BA3FADDB7910A6D4E0CC49ABD8B8537333F" />
+    <Deny ID="ID_DENY_ASIO_64_SHA1_PAGE_2" FriendlyName="ASIO64.sys Hash Page Sha1" Hash="708855DB4202A792862E1139D673C3B4B713053C" />
+    <Deny ID="ID_DENY_ASIO_64_SHA256_PAGE_2" FriendlyName="ASIO64.sys Hash Page Sha256" Hash="BE5653E4C1ED75A451BE4297FF233A22C7AAB93B2126CA428834E83CADFF5E9C" />
+    <Deny ID="ID_DENY_ASRDRV10_SHA1" FriendlyName="AsrDrv10.sys Hash Sha1" Hash="2E6D61FA32E12FE4ABF7B7D87AA6824F5F528000" />
+    <Deny ID="ID_DENY_ASRDRV10_SHA256" FriendlyName="AsrDrv10.sys Hash Sha256" Hash="C767A5895119154467AC3FCE8E82C20E6538A4E54F6C109001C61F8ABD58F9F8" />
+    <Deny ID="ID_DENY_ASRDRV10_SHA1_PAGE" FriendlyName="AsrDrv10.sys Hash Page Sha1" Hash="085529E58BE3806D396F1BB15FF078FD4C471AAB" />
+    <Deny ID="ID_DENY_ASRDRV10_SHA256_PAGE" FriendlyName="AsrDrv10.sys Hash Page Sha256" Hash="14141F03EFF7C2F44BFED93524F4EC64ABDC8F3D45D55B1BCB5701CA354319FD" />
+    <Deny ID="ID_DENY_ASRDRV101_SHA1" FriendlyName="AsrDrv101.sys Hash Sha1" Hash="D0580BFC31FAEFB7E017798121C5B8A4E68155F9" />
+    <Deny ID="ID_DENY_ASRDRV101_SHA256" FriendlyName="AsrDrv101.sys Hash Sha256" Hash="FEE4560F2160A951D83344857EB4587AB10C1CFD8C5CFC23B6F06BEF8EBCD984" />
+    <Deny ID="ID_DENY_ASRDRV101_SHA1_PAGE" FriendlyName="AsrDrv101.sys Hash Page Sha1" Hash="55A90E7822A1444FAE81371DF7296CC5642FB353" />
+    <Deny ID="ID_DENY_ASRDRV101_SHA256_PAGE" FriendlyName="AsrDrv101.sys Hash Page Sha256" Hash="B00060733F88E3897D4B1E4732DF67FF277A8D615F84E6EFAB98C79C72CBA370" />
+    <Deny ID="ID_DENY_ASRDRV102_SHA1" FriendlyName="AsrDrv102.sys Hash Sha1" Hash="5F9C7D3552FFA98C9DCF9A9B7AD1263D2AB24A2F" />
+    <Deny ID="ID_DENY_ASRDRV102_SHA256" FriendlyName="AsrDrv102.sys Hash Sha256" Hash="11EECF9E6E2447856ED4CF86EE1CB779CFE0672C808BBD5934CF2F09A62D6170" />
+    <Deny ID="ID_DENY_ASRDRV102_SHA1_PAGE" FriendlyName="AsrDrv102.sys Hash Page Sha1" Hash="B419D69A4ED8D4EABD90A155ED15C3374BEA6FFC" />
+    <Deny ID="ID_DENY_ASRDRV102_SHA256_PAGE" FriendlyName="AsrDrv102.sys Hash Page Sha256" Hash="23E39D9E40235A5C456260E03CACCC186FE79FFD7D0439AEA7530EBB0380946D" />
+    <Deny ID="ID_DENY_ASRDRV103_SHA1" FriendlyName="AsrDrv103.sys Hash Sha1" Hash="B3410021EA5A46818D9FF05A96C2809A9ABE8E4A" />
+    <Deny ID="ID_DENY_ASRDRV103_SHA256" FriendlyName="AsrDrv103.sys Hash Sha256" Hash="B6BF2460E023B1005CC60E107B14A3CFDF9284CC378A086D92E5DCDF6E432E2C" />
+    <Deny ID="ID_DENY_ASRDRV103_SHA1_PAGE" FriendlyName="AsrDrv103.sys Hash Page Sha1" Hash="490F85E291C4D9ED0AB8457CE6B424C0F3F7E7AC" />
+    <Deny ID="ID_DENY_ASRDRV103_SHA256_PAGE" FriendlyName="AsrDrv103.sys Hash Page Sha256" Hash="E22B7BA6D064C75913C3BDADAF7AADA535DDDD83175D8A47467FED5ABC56D5AC" />
+    <Deny ID="ID_DENY_BANDAI_SHA1" FriendlyName="bandai.sys Hash Sha1" Hash="0F780B7ADA5DD8464D9F2CC537D973F5AC804E9C" />
+    <Deny ID="ID_DENY_BANDAI_SHA256" FriendlyName="bandai.sys Hash Sha256" Hash="7FD788358585E0B863328475898BB4400ED8D478466D1B7F5CC0252671456CC8" />
+    <Deny ID="ID_DENY_BANDAI_SHA1_PAGE" FriendlyName="bandai.sys Hash Page Sha1" Hash="EA360A9F23BB7CF67F08B88E6A185A699F0C5410" />
+    <Deny ID="ID_DENY_BANDAI_SHA256_PAGE" FriendlyName="bandai.sys Hash Page Sha256" Hash="BB83738210650E09307CE869ACA9BFA251024D3C47B1006B94FCE2846313F56E" />
+	<Deny ID="ID_DENY_BS_RCIO64_SHA1" FriendlyName="BS_RCIO64 73327429c505d8c5fd690a8ec019ed4fd5a726b607cabe71509111c7bfe9fc7e Hash Sha1" Hash="4BFE9E5A5A25B7CDE6C81EBE31ED4ABEB5147FAF" />
+    <Deny ID="ID_DENY_BS_RCIO64_SHA256" FriendlyName="BS_RCIO64 73327429c505d8c5fd690a8ec019ed4fd5a726b607cabe71509111c7bfe9fc7e Hash Sha256" Hash="0381632CD236CD94FA9E64CCC958516AC50F9437F99092E231A607B1E6BE6CF8" />
+    <Deny ID="ID_DENY_BS_RCIO64_SHA1_PAGE" FriendlyName="BS_RCIO64 5651466512138240\73327429c505d8c5fd690a8ec019ed4fd5a726b607cabe71509111c7bfe9fc7e Hash Page Sha1" Hash="C28B640BECA5E2834D2A373F139869CC309F6631" />
+    <Deny ID="ID_DENY_BS_RCIO64_SHA256_PAGE" FriendlyName="BS_RCIO64 5651466512138240\73327429c505d8c5fd690a8ec019ed4fd5a726b607cabe71509111c7bfe9fc7e Hash Page Sha256" Hash="9378F7DFF94D9409D38FA1A125C52734D6BAEA90913FC3CEE2659FD36AB0DA29" />
+    <Deny ID="ID_DENY_CAPCOM_SHA1" FriendlyName="capcom.sys Hash Sha1" Hash="1D1CAFC73C97C6BCD2331F8777D90FDCA57125A3" />
+    <Deny ID="ID_DENY_CAPCOM_SHA256" FriendlyName="capcom.sys Hash Sha256" Hash="FAA08CB609A5B7BE6BFDB61F1E4A5E8ADF2F5A1D2492F262483DF7326934F5D4" />
+    <Deny ID="ID_DENY_CAPCOM_SHA1_PAGE" FriendlyName="capcom.sys Hash Page Sha1" Hash="69006FBBD1B150FB9404867A5BCDC04FE0FC1BAD" />
+    <Deny ID="ID_DENY_CAPCOM_SHA256_PAGE" FriendlyName="capcom.sys Hash Page Sha256" Hash="42589C7CE89941060465096C4661654B43E38C1F9D05D66239825E8FCCF52705" />
+    <Deny ID="ID_DENY_DBUTIL_32_SHA1" FriendlyName="32-bit dell dbutil.sys Hash Sha1" Hash="485C0B9710A196C7177B99EE95E5DDB35B26DDD1" />
+    <Deny ID="ID_DENY_DBUTIL_32_SHA256" FriendlyName="32-bit dell dbutil.sys Hash Sha256" Hash="96EE751F7C38731E97773E07E0F13F4DD361AF9AAA1D30B41652C2E6EFC3FB3E" />
+    <Deny ID="ID_DENY_DBUTIL_32_SHA1_PAGE" FriendlyName="32-bit dell dbutil.sys Hash Page Sha1" Hash="50E2BC41F0186FDCE970B80E2A2CB296353AF586" />
+    <Deny ID="ID_DENY_DBUTIL_32_SHA256_PAGE" FriendlyName="32-bit dell dbutil.sys Hash Page Sha256" Hash="862A262E7AF92599E6B10035B8A3C988078B92BA791A6230A85FD6D1ECEC88C7" />
+    <Deny ID="ID_DENY_DBUTIL_64_SHA1" FriendlyName="64-bit dell dbutil.sys Hash Sha1" Hash="E3C1DD569AA4758552566B0213EE4D1FE6382C4B" />
+    <Deny ID="ID_DENY_DBUTIL_64_SHA256" FriendlyName="64-bit dell dbutil.sys Hash Sha256" Hash="FE4270A61DBED978C28B2915FCC2826D011148DCB7533FA8BD072DDCE5944CEF" />
+    <Deny ID="ID_DENY_DBUTIL_64_SHA1_PAGE" FriendlyName="64-bit dell dbutil.sys Hash Page Sha1" Hash="E09B5E80805B8FE853EA27D8773E31BFF262E3F7" />
+    <Deny ID="ID_DENY_DBUTIL_64_SHA256_PAGE" FriendlyName="64-bit dell dbutil.sys Hash Page Sha256" Hash="7E2AD3D6D76F4FCD4583B865FFC12DE6C44FC16CBCBB81D480CB067F2A860422" />
+    <Deny ID="ID_DENY_FIDDRV_SHA1" FriendlyName="fiddrv.sys Hash Sha1" Hash="8CC8974A05E81678E3D28ACFE434E7804ABD019C" />
+    <Deny ID="ID_DENY_FIDDRV_SHA256" FriendlyName="fiddrv.sys Hash Sha256" Hash="97B976F7E7E5DF7AF0781BBBB33CB5F3F7A59EFDD07995253B31DE8123352A67" />
+    <Deny ID="ID_DENY_FIDDRV_SHA1_PAGE" FriendlyName="fiddrv.sys Hash Page Sha1" Hash="282BB241BDA5C4C1B8EB9BF56D018896649CA0E1" />
+    <Deny ID="ID_DENY_FIDDRV_SHA256_PAGE" FriendlyName="fiddrv.sys Hash Page Sha256" Hash="1ED9DA2DA2539284404E0701E6BA3C9EB37BE10353E826F425A194D247B8B7CE" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA1" FriendlyName="fiddrv64.sys Hash Sha1" Hash="10E15BA8FF8ED926DDD3636CEC66A0F08C9860A4" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA256" FriendlyName="fiddrv64.sys Hash Sha256" Hash="FEEF191064D18B6FB63B7299415D1B1E2EC8FCDD742854AA96268D0EC4A0F7B6" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA1_PAGE" FriendlyName="fiddrv64.sys Hash Page Sha1" Hash="E4436C8C42BA5FFABD58A3B2256F6E86CCC907AB" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA256_PAGE" FriendlyName="fiddrv64.sys Hash Page Sha256" Hash="2D48414647A7F9DEA30F19074EBF8F17E55E9031B8604794CEB88369C8C52532" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA1" FriendlyName="fidpcidrv.sys Hash Sha1" Hash="08596732304351B311970FF96B21F451F23B1E25" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA256" FriendlyName="fidpcidrv.sys Hash Sha256" Hash="7B7E0E1453E733050B586A6FAC91883DBB85AE0775C84C4CEB967CFC9B4EFD10" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA1_PAGE" FriendlyName="fidpcidrv.sys Hash Page Sha1" Hash="7838FB56FDAB816BC1900A4720EEA2FC9972EF7A" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA256_PAGE" FriendlyName="fidpcidrv.sys Hash Page Sha256" Hash="0893E186E236315FE78A7EF41ED71617E75D90D2D14FE93911E0D9344BEAF69F" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA1" FriendlyName="fidpcidrv64.sys Hash Sha1" Hash="4789B910023A667BEE70FF1F1A8F369CFFB10FE8" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA256" FriendlyName="fidpcidrv64.sys Hash Sha256" Hash="7FB0F6FC5BDD22D53F8532CB19DA666A77A66FFB1CF3919A2E22B66C13B415B7" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA1_PAGE" FriendlyName="fidpcidrv64.sys Hash Page Sha1" Hash="EEFF4EC4EBC12C6ACD2C930DC2EAAF877CFEC7EC" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA256_PAGE" FriendlyName="fidpcidrv64.sys Hash Page Sha256" Hash="B98E008DFEA10EC74C89D08F12F31C12F52234BE6FFFF06B6B9E749BFEA6CBED" />
+    <Deny ID="ID_DENY_GDRV" FriendlyName="gdrv.sys" FileName="gdrv.sys" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA1" FriendlyName="GLCKIO2.sys Hash Sha1" Hash="D99B80B3269D735CAC43AF5E43483E64CA7961C3" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA256" FriendlyName="GLCKIO2.sys Hash Sha256" Hash="47DBA240967FD0088BE618163672DFBDDF0138178CCCD45B54037F622B221220" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA1_PAGE" FriendlyName="GLCKIO2.sys Hash Page Sha1" Hash="51E0740AAEE5AE76B0095C92908C97B817DB8BEA" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA256_PAGE" FriendlyName="GLCKIO2.sys Hash Page Sha256" Hash="E7F011E9857C7DB5AACBD424612CD7E3D12C363FDC8F072DDFAF9E2E5C85F5F3" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA1" FriendlyName="GVCIDrv64.sys Hash Sha1" Hash="4EAE38E9DC262EB7B6EDE4B3D3F4AD068933845E" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA256" FriendlyName="GVCIDrv64.sys Hash Sha256" Hash="2FF09BB919A9909068166C30322C4E904BEFEBA5429E9A11D011297FB8A73C07" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA1_PAGE" FriendlyName="GVCIDrv64.sys Hash Page Sha1" Hash="6980122AEF4E2D5D7A6DDDB6DA76A166C460E0A1" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA256_PAGE" FriendlyName="GVCIDrv64.sys Hash Page Sha256" Hash="A69247025DD32DC15E06FEE362B494BCC6105D34B8D7091F7EC3D9000BD71501" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA1" FriendlyName="WinFlash64.sys Hash Sha1" Hash="DA21F5889F8374C3961856D681ADEC3D663D2964" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA256" FriendlyName="WinFlash64.sys Hash Sha256" Hash="F2B51FBEEAD17F5EE34D5B4A3A83C848FB76F8F0E80769212E137A7AA539A3BC" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA1_PAGE" FriendlyName="WinFlash64.sys Hash Page Sha1" Hash="C5057A4FD3C9B58F4C9AB9FE356081DF8804BF98" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA256_PAGE" FriendlyName="WinFlash64.sys Hash Page Sha256" Hash="C8FA1EC3D03050FBC1AA677F2C0348690521291219E8D2E94F0EA9E9174B9156" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA1" FriendlyName="amifldrv64.sys Hash Sha1" Hash="B0EC7D971DA8AE84C0ED8F88A5D46B23996E636C" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA256C" FriendlyName="amifldrv64.sys Hash Sha256" Hash="038F39558035292F1D794B7CF49F8E751E8633DAEC31454FE85CCCBEA83BA3FB" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA1_PAGE" FriendlyName="amifldrv64.sys Hash Page Sha1" Hash="C9CC3779ED67755220DBF9592EC2AC0E1DE363DC" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA256_PAGE" FriendlyName="amifldrv64.sys Hash Page Sha256" Hash="AA594D977312A944B14351C075634E7C59B42687928FBCDA8E2C4CEA46686DD9" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA1" FriendlyName="AsUpIO64.sys Hash Sha1" Hash="2A95F882DD9BAFCC57F144A2708A7EC67DD7844C" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA256" FriendlyName="AsUpIO64.sys Hash Sha256" Hash="7F75D91844B0C162EEB24D14BCF63B7F230E111DAA7B0A26EAA489EEB22D9057" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA1_PAGE" FriendlyName="AsUpIO64.sys Hash Page Sha1" Hash="316E7872A227F0EAD483D244805E9FF4D3569F6F" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA256_PAGE" FriendlyName="AsUpIO64.sys Hash Page Sha256" Hash="5958CBE6CF7170C4B66893777BDE66343F5536A98610BD188E10D47DB84BC04C" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA1" FriendlyName="BS_Flash64.sys Hash Sha1" Hash="5107438A02164E1BCEDD556A786F37F59CD04231" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA256" FriendlyName="BS_Flash64.sys Hash Sha256" Hash="543C3F024E4AFFD0AAFA3A229FA19DBE7A70972BB18ED6347D3492DD174EDAC5" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA1_PAGE" FriendlyName="BS_Flash64.sys Hash Page Sha1" Hash="26C398B86FD33B3E6C4348F780C4CF758C99C8FD" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA256_PAGE" FriendlyName="BS_Flash64.sys Hash Page Sha256" Hash="8BF958AFA751D7AB66EBB1FAE25679E6F0FDE72078AEFC09F1824EEFA526005E" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA1" FriendlyName="BS_HWMIo64.sys Hash Sha1" Hash="3281135748C9C7A9DDACE55C648C720AF810475F" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA256" FriendlyName="BS_HWMIo64.sys Hash Sha256" Hash="3DE51A3102DB7297D96B4DE5B60ACA5F3A07E8577BBBED7F755F1DE9A9C38E75" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA1_PAGE" FriendlyName="BS_HWMIo64.sys Hash Page Sha1" Hash="FC5F231383FE72E298893010A9A3714B205C4110" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA256_PAGE" FriendlyName="BS_HWMIo64.sys Hash Page Sha256" Hash="6AD3624CA1DC38ECEEC75234E50934B1BAD7C72621DC57DEAB09044D0135877D" />
+    <Deny ID="ID_DENY_DIRECTIO_12" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="E8F7E20061F9CC20583DCAB3B16054D106B8AA83" />
+    <Deny ID="ID_DENY_DIRECTIO_13" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="B8BF3BD441EBC5814C5D39D053FDCB263E8E58476CBDEE4B1226903305F547B6" />
+    <Deny ID="ID_DENY_DIRECTIO_14" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="36875A862D1E762E6CC75595EF37EA7460A1E1DF" />
+    <Deny ID="ID_DENY_DIRECTIO_15" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="AC706D9ED906B5C879F6AD59FFB56FA6BC5E1395FE9ADF7C60F7EB94D044D018" />
+    <Deny ID="ID_DENY_DIRECTIO_16" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="DCDB7BF7E237B9BDA190F60E386A49A7C3494F8D" />
+    <Deny ID="ID_DENY_DIRECTIO_17" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="F34C667C0DA3CD813E60F11B67338723252BEB9BD43FC5E0C8C7265F263D2BD9" />
+    <Deny ID="ID_DENY_DIRECTIO_18" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="179601E33B5AE4E2EA13F34FD084B1FCBD56FBCE" />
+    <Deny ID="ID_DENY_DIRECTIO_19" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="C7B193F92A943AFBC0EB57B23B5BE5E66F66574051BF838B6735E13733DA1809" />
+    <Deny ID="ID_DENY_DIRECTIO_1A" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="8B86E08D610BCC9AB7B7750F036DBB568F733BE0" />
+    <Deny ID="ID_DENY_DIRECTIO_1B" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="841F965977F33D621D126412032C47DD6118251623C380E5572F7553B620B0E1" />
+    <Deny ID="ID_DENY_DIRECTIO_1C" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="6BD3AB2E730561F7D1385DCFEF81C1FA67398C8C" />
+    <Deny ID="ID_DENY_DIRECTIO_1D" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="D3ECCD41C75046CA9A72AF273C132AEDED1D6572A20D1A64ED08337204B9DA83" />
+    <Deny ID="ID_DENY_DIRECTIO_1E" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="02A7E085631ECFE031B76AFA883A266C850ED61B" />
+    <Deny ID="ID_DENY_DIRECTIO_1F" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="FB5E65AEC819C5A91EF0CE0FEC0A957826B5E1AC9BAC559A1B4201A3870462A3" />
+    <Deny ID="ID_DENY_DIRECTIO_20" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="C3596085C90D81C2C51A75558211AD44C853C358" />
+    <Deny ID="ID_DENY_DIRECTIO_21" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="D402FE9EED2C0A26AAF2CB2311019FFF7004965AA2D22702974203A50A52C9B0" />
+    <Deny ID="ID_DENY_DIRECTIO_22" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="66941573DAFD7259CBA113C0FA9EACCD347355FD" />
+    <Deny ID="ID_DENY_DIRECTIO_23" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="A520FF5C754A1FB62BA88399A313D0C0FB99145BA2D3D91DBF4282388B77FA84" />
+    <Deny ID="ID_DENY_DIRECTIO_24" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="588A9F349E520AA5AC5BD650B75345419B28AE85" />
+    <Deny ID="ID_DENY_DIRECTIO_25" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="2E7B3C52FE1541B51F814B82FCED59513DE249B6834B4B2C94ACD97CA889477C" />
+    <Deny ID="ID_DENY_DIRECTIO_26" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="8EC43D1DEF8BB20354AEBA49A9084BACD2C02817" />
+    <Deny ID="ID_DENY_DIRECTIO_27" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="AD44CFD9C6262A6FF36EE9D03E59BA4B0524EF87F6B980CE15ABB10A35D39F88" />
+    <Deny ID="ID_DENY_DIRECTIO_28" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="708EAD1221FB176AA9594F9E0AA7F783704FB962" />
+    <Deny ID="ID_DENY_DIRECTIO_29" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="80BFD0EAD1EA54219D6A1A454242CAA6C2397FA94AF1B4E10D269B670AFDA898" />
+    <Deny ID="ID_DENY_DIRECTIO_2A" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="F1BDD3236F43338A119D74ECA730F0D464DED973" />
+    <Deny ID="ID_DENY_DIRECTIO_2B" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="96A5B3CD7C1A6DDA5B6F402E6C35BA535270467F56ADDC7448DBE4AA78428411" />
+    <Deny ID="ID_DENY_DIRECTIO_2C" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="A14331F63EC907BF3E472F1E0CB8F19DE06EF4E4" />
+    <Deny ID="ID_DENY_DIRECTIO_2D" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="7F0A28CCF0AB76964D40E063F9D4B88193B77E4BADF66E8C8F87C97127885987" />
+    <Deny ID="ID_DENY_DIRECTIO_2E" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="FCA1EE04BE5D7752A1AD717A6AAC9C143C5C8BCD" />
+    <Deny ID="ID_DENY_DIRECTIO_2F" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="E219276A4068B1EEA5CE08F83A322845DCE4ECA89E05C71A0C2417065CE48813" />
+    <Deny ID="ID_DENY_DIRECTIO_30" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="0D1DC447860DC9B9B7FA278FF16120E14064517C" />
+    <Deny ID="ID_DENY_DIRECTIO_31" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="EBFBFA7C84036A4CF0114BBB0C8017B532F37D846589AEB0004BC8B1F5F4D230" />
+    <Deny ID="ID_DENY_DIRECTIO_32" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="EBF8C7DC8292950ACC260A0E473678AE3C56B210" />
+    <Deny ID="ID_DENY_DIRECTIO_33" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="43B7715E38449BF82AD0BB6B11D03DA42150C1EE23148C5F396CC4AB1001622D" />
+    <Deny ID="ID_DENY_DIRECTIO_34" FriendlyName="PassMark DirectIo.sys Hash Page Sha1" Hash="05E20D0274A4FCC5368F25C62174003A555917E7" />
+    <Deny ID="ID_DENY_DIRECTIO_35" FriendlyName="PassMark DirectIo.sys Hash Page Sha256" Hash="70344F2494D6B7EE4C5716E886D912447CFFE9695D2286814DC3CE0361727BBA" />
+    <Deny ID="ID_DENY_DIRECTIO_36" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="706686F2A1EF4738A1856D01AB10EB730FC7B327" />
+    <Deny ID="ID_DENY_DIRECTIO_37" FriendlyName="PassMark DirectIo.sys Hash Sha256" Hash="B74246C8CB77B0364B7CECE38BFF5F462EEC983C" />
+    <Deny ID="ID_DENY_DIRECTIO_38" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="B423CA58603513B5D3A9669736D5E13C353FD6F9" />
+    <Deny ID="ID_DENY_DIRECTIO_39" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="2FB5D7E6DB01C9090BBA92ABF580D38993E02CE9357E08FE1F224A9B18056E5A" />
+    <Deny ID="ID_DENY_DIRECTIO_3A" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="AE806CA05E141B71664D9C6F20CC2369EF26F996" />
+    <Deny ID="ID_DENY_DIRECTIO_3B" FriendlyName="PassMark DirectIo.sys Hash Sha1" Hash="D0559503988DAA407FCC11E59079560CB456BB84" />
+    <Deny ID="ID_DENY_MSIO_SHA1_1" FriendlyName="MsIo.sys Hash Sha1" Hash="0CB0FD5BEA730E4EAAEC1426B0C15376CCAC6D83" />
+    <Deny ID="ID_DENY_MSIO_SHA256_1" FriendlyName="MsIo.sys Hash Sha256" Hash="0D0962DB9DC6879067270134801AD425C1F3E85B0DC39877C02AAA9C54ACA14E" />
+    <Deny ID="ID_DENY_MSIO_SHA1_PAGE_1" FriendlyName="MsIo.sys Hash Page Sha1" Hash="D4E21C205DE75CDE70CD73C52C646E1E5D333A35" />
+    <Deny ID="ID_DENY_MSIO_SHA256_PAGE_1" FriendlyName="MsIo.sys Hash Page Sha256" Hash="C1D2036235A489FDD8B3970C9EF01567443A87D17B0AD5C2A033D4C471D0ECDE" />
+    <Deny ID="ID_DENY_MSIO_SHA1_2" FriendlyName="MsIo.sys Hash Sha1" Hash="7E732ACB7CFAD9BA043A9350CDEFF25D742BECB8" />
+    <Deny ID="ID_DENY_MSIO_SHA256_2" FriendlyName="MsIo.sys Hash Sha256" Hash="7018D515A6C781EA6097CA71D0F0603AD0D689F7EC99DB27FCACD492A9E86027" />
+    <Deny ID="ID_DENY_MSIO_SHA1_PAGE_2" FriendlyName="MsIo.sys Hash Page Sha1" Hash="CDE1A50E1DF7870F8E4AFD8631E45A847C714C0A" />
+    <Deny ID="ID_DENY_MSIO_SHA256_PAGE_2" FriendlyName="MsIo.sys Hash Page Sha256" Hash="05736AB8B48DF84D81CB2CC0FBDC9D3DA34C22DB67A3E71C6F4B6B3923740DD5" />
+    <Deny ID="ID_DENY_MSIO_SHA1_3" FriendlyName="MsIo.sys Hash Sha1" Hash="07660D1867E20BE0212A96CBA6B5FE6BE7776EAF" />
+    <Deny ID="ID_DENY_MSIO_SHA256_3" FriendlyName="MsIo.sys Hash Sha256" Hash="BE0AF245444321E51F4DD8A90A19A0ABE05A060CBAD93701E23A02DF307957AE" />
+    <Deny ID="ID_DENY_MSIO_SHA1_4" FriendlyName="MsIo.sys Hash Sha1" Hash="B2CD3A63D04EAE427BEDE6C6FE8FACBA91ECECBF" />
+    <Deny ID="ID_DENY_MSIO_SHA256_4" FriendlyName="MsIo.sys Hash Sha256" Hash="D86D6732AC4D1CB41A2DCE40436B839C0DFDCEF9BA306CE5D0F97C0522ABFAC8" />
+    <Deny ID="ID_DENY_PIDDRV_SHA1" FriendlyName="piddrv.sys Hash Sha1" Hash="877C6C36A155109888FE1F9797B93CB30B4957EF" />
+    <Deny ID="ID_DENY_PIDDRV_SHA256" FriendlyName="piddrv.sys Hash Sha256" Hash="4E19D4CE649C28DD947424483796BEACE3656284FB0379D97DDDD320AA602BBC" />
+    <Deny ID="ID_DENY_PIDDRV_SHA1_PAGE" FriendlyName="piddrv.sys Hash Page Sha1" Hash="A7D827A41B2C4B7638495CD1D77926F1BA902978" />
+    <Deny ID="ID_DENY_PIDDRV_SHA256_PAGE" FriendlyName="piddrv.sys Hash Page Sha256" Hash="EAC7316089DBAF7DF79A531355547BBDA22FA0921E31BBA0D27BCC88234E9ED3" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA1" FriendlyName="piddrv64.sys Hash Sha1" Hash="0C2599D738D01A82EC91725F499ACEBBCFB47CC9" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA256" FriendlyName="piddrv64.sys Hash Sha256" Hash="B97F870C501714FA453CF18AE8A30C87D08FF1E6D784AFDBB0121AEA3DA2DC28" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA1_PAGE" FriendlyName="piddrv64.sys Hash Page Sha1" Hash="C978063E678233C5EFB8F002FEF000FD479CC632" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA256_PAGE" FriendlyName="piddrv64.sys Hash Page Sha256" Hash="1081CCD57FD35998634103AE1E736638D82351092ACD30FE75084EA6A08CA0F7" />
+    <Deny ID="ID_DENY_PHYMEMX64_SHA1" FriendlyName="phymemx64 Hash Sha1" Hash="3C9F40AC72B0202CB40627FDEB7298079187193A" />
+    <Deny ID="ID_DENY_PHYMEMX64_SHA256" FriendlyName="phymemx64 Hash Sha256" Hash="A6AE7364FD188C10D6B5A729A7FF58A3EB11E7FEB0D107D18F9133655C11FB66" />
+    <Deny ID="ID_DENY_PHYMEMX64_SHA1_PAGE" FriendlyName="phymemx64 Hash Page Sha1" Hash="6E7D8ABF7F81A2433F27B052B3952EFC4B9CC0B1" />
+    <Deny ID="ID_DENY_PHYMEMX64_SHA256_PAGE" FriendlyName="phymemx64 Hash Page Sha256" Hash="B7113B9A68E17428E2107B19BA099571AAFFC854B8FB9CBCEB79EF9E3FD1CC62" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA1" FriendlyName="semav6msr64.sys Hash Sha1" Hash="E3DBE2AA03847DF621591A4CAD69A5609DE5C237" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA256" FriendlyName="semav6msr64.sys Hash Sha256" Hash="EB71A8ECEF692E74AE356E8CB734029B233185EE5C2CCB6CC87CC6B36BEA65CF" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA1_PAGE" FriendlyName="semav6msr64.sys Hash Page Sha1" Hash="F3821EC0AEF270F749DF9F44FBA91AFA5C8C38E8" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA256_PAGE" FriendlyName="semav6msr64.sys Hash Page Sha256" Hash="4F12EE563E7496E7105D67BF64AF6B436902BE4332033AF0B5A242B206372CB7" />
+    <Deny ID="ID_DENY_WINRING0_SHA1" FriendlyName="WinRing0.sys Hash Sha1" Hash="12EB825418A932B1E4C6697DC7647E89AE52CF3F" />
+    <Deny ID="ID_DENY_WINRING0_SHA256" FriendlyName="WinRing0.sys Hash Sha256" Hash="4582ADB2E67EEBAFF755AE740C1F24BC3AF78E0F28E8E8DECB99F86BF155AB23" />
+    <Deny ID="ID_DENY_WINRING0_SHA1_PAGE" FriendlyName="WinRing0.sys Hash Page Sha1" Hash="497AFEB0D5B97D4B863704A2F77FFEF31220402D" />
+    <Deny ID="ID_DENY_WINRING0_SHA256_PAGE" FriendlyName="WinRing0.sys Hash Page Sha256" Hash="8D8A5696BDF11D2427016F91F9726AFF4F0C80FADBC3E6033662FA11C8B282BD" />
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_1" FriendlyName="80.sys Hash Sha1" Hash="BC2F3850C7B858340D7ED27B90E63B036881FD6C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_2" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="E74B6DDA8BC53BC687FC21218BD34062A78D8467"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_3" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="2C27ABBBBCF10DFB75AD79557E30ACE5ED314DF8"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_4" FriendlyName="81.sys Hash Sha1" Hash="FAA870B0CB15C9AC2B9BBA5D0470BD501CCD4326"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_5" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="8241C9A5755A740811C8E8D2739B33146ACD3E6D"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_6" FriendlyName="full.sys Hash Sha1" Hash="4B8C0445075F09AEEF542AB1C86E5DE6B06E91A3"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_7" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="E014C6BEBFDA944CE3A58AB9FE055D4F9367D49C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_8" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="E5A152BB57060C2B27E825258698BD7FF67907FF"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_9" FriendlyName="81.sys Hash Sha1" Hash="ACA8E53483B40A06DFDEE81BB364B1622F9156FE"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_10" FriendlyName="nstrwsk.sys Hash Sha1" Hash="83767982B3A5F70615A386F4D6638F20509F3560"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_11" FriendlyName="nt2.sys Hash Sha1" Hash="8F0B99B53EB921547AFECF1F12B3299818C4E5D1"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_12" FriendlyName="nt3.sys Hash Sha1" Hash="295E590D49DF717C489C5C824E9C6896A14248BB"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_13" FriendlyName="nt5.sys Hash Sha1" Hash="7A43BE821832E9BF55B1B781AE468179D0E4F56E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_14" FriendlyName="81.sys Hash Sha1" Hash="05AC1C64CA16AB0517FE85D4499D08199E63DF26"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_15" FriendlyName="b4.sys Hash Sha1" Hash="4BBB9709D5F916FE78EAA15431F622761EFC496F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_16" FriendlyName="bw.sys Hash Sha1" Hash="150F5DAE8716B09A64CAC96862F5E2506A71E771"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_17" FriendlyName="bwrs.sys Hash Sha1" Hash="3DEBE170B5A113407F9E86EE6ED9AE00C3D82C9F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_18" FriendlyName="bwrsh.sys Hash Sha1" Hash="73857ACDD7D7C9235F3E18C503A27E7C88C5FCB0"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_19" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="8BC75E18953B7B23991B2FBC79713E1E175F75E4"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_20" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="A2DA5C397F737FA55D8F93D3CED5EB70AE09801F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_21" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="C58B6EF848CA87AD9EC4368C45C8F1EB7FA6BD16"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_22" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="74CBC407ACD9D2A4BC609B2F8C9A09B90912D10C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_23" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="1923D1F21FAFFCD7D511E2B313FE9415E6AD90AE"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_24" FriendlyName="TGSafe.sys Hash Sha1" Hash="F3E60B7B9C53315D6158F82596919209A00E1CDA"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_25" FriendlyName="BlackBoneDrv10.sys Hash Sha1" Hash="AA97BF43E6BAD521F3A3D8081FB350C89382F06F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_26" FriendlyName="LgDCatcher.sys Hash Sha1" Hash="4604A20CAE2DFE42320FE8F6AED000EC204EFA7E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_27" FriendlyName="gameink.sys Hash Sha1" Hash="60A632E4B838731AAD553650D6BC8AF3D3D80B26"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_28" FriendlyName="windows-xp-64.sys Hash Sha1" Hash="03F0DD3124EC3A4BB6D30865A488F54E74DED699"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_29" FriendlyName="windows8-10-32.sys Hash Sha1" Hash="8A50E81D6E6C45410BF13F95B1A67CADA8C82221"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_30" FriendlyName="kbdcap64.sys Hash Sha1" Hash="83660D245FE618ECAFE4900AC1E2AD0292C2DA2A"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_31" FriendlyName="netfilterdrv.sys Hash Sha1" Hash="202D5A05E546740037F9A4DC2B21F71680C39D3B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_32" FriendlyName="d3.sys Hash Sha1" Hash="560D8869D48A71E59601B76240E9A6CFFB068C9C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_33" FriendlyName="d.sys Hash Sha1" Hash="7C1BA790CA2AA03F30413D02F3A812FCCA1AB29F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_34" FriendlyName="b3.sys Hash Sha1" Hash="969A945C93F54FCBF17548903131D4B86042DF7B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_35" FriendlyName="2.sys Hash Sha1" Hash="64309DB7AF8665368636186805745126B8BD5BFE"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_36" FriendlyName="b1.sys Hash Sha1" Hash="1F7804D9185B1910C43BD4104D58B96994FF8E49"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_37" FriendlyName="My.sys Hash Sha1" Hash="2A506E2512C9083419B7741B4499E012CDC60204"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_38" FriendlyName="Black.sys Hash Sha1" Hash="1236573A309C4EDB52E050E53E73188183C23E7E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_39" FriendlyName="WYProxy32.sys Hash Sha1" Hash="22C5E127E7E7C567D8624607A6F8F5809DEACB55"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_40" FriendlyName="WYProxy64.sys Hash Sha1" Hash="DC38CC55B84A1A7C0846FB5509B43B4FF97A9BE6"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_41" FriendlyName="Proxy64.sys Hash Sha1" Hash="AA937F73A8AFCDA98E868F4AEEB0EB81A4150075"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_42" FriendlyName="LgDCatcher.sys Hash Sha1" Hash="481488488CF7BB5CD470B62600A3570A1711ABAA"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_43" FriendlyName="LgDCatcher.sys Hash Sha1" Hash="C58BEBEF6A92F5A5B37BE0394695E8E18A42867F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_44" FriendlyName="LgDCatcher.sys Hash Sha1" Hash="7AA2C4C51AFC1C82BEAE55AB9CA7BA0BB588B5C0"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_45" FriendlyName="ni.sys Hash Sha1" Hash="FD081F7A372B939DB8523E222D118B87450D3D19"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_46" FriendlyName="d4.sys Hash Sha1" Hash="E343AA3981393778F32DF94EFAC90FE35D6933A9"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_47" FriendlyName="d2.sys Hash Sha1" Hash="002223FDDC5658EA22B7A8979984A9B54F63B316"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_48" FriendlyName="t.sys Hash Sha1" Hash="1CF3B0A2A0B47477A840ADC2B520401E18AF16D6"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_49" FriendlyName="1.sys Hash Sha1" Hash="F50B475D5FD1ED4F866BF43342676E449F779C67"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_50" FriendlyName="cpupress.sys Hash Sha1" Hash="C4FE0CBB8DA5BF1E02EC6D7A0F97D740955DDD97"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_51" FriendlyName="gameink.sys Hash Sha1" Hash="3AE56AB63230D6D9552360845B4A37B5801CC5EA"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_52" FriendlyName="NetFlt.sys Hash Sha1" Hash="B04ECC8DD0D52FE4552D2C4D693D67FAE20C460F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_53" FriendlyName="ProtectS.sys Hash Sha1" Hash="710BBA7C3D6CAC7B62AB05E6B12274D1548985E6"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_54" FriendlyName="ProtectS.sys Hash Sha1" Hash="67650BC9CDF0716BC7B5664723C38FC5327EC662"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_55" FriendlyName="GameTerSafe.sys Hash Sha1" Hash="39F934078A060BAD2D58B5DBA8F8884903D697A7"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_56" FriendlyName="Lurker.sys Hash Sha1" Hash="CEC5447D0529F97C4BF4A012EA58AAB07139FFE0"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_57" FriendlyName="TestBone.sys Hash Sha1" Hash="0D523E8B0B96675AC2E5AC0D56C367564B260545"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_58" FriendlyName="Proxy32.sys Hash Sha1" Hash="69D6B4032F1456506382885EBA5B396F1C36841B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_59" FriendlyName="t7.sys Hash Sha1" Hash="738CF0AFB7ECDF35A92667C8802D512A0CAF353C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_60" FriendlyName="nt4.sys Hash Sha1" Hash="EC7947AD1919C8F60BC973B96DA4132A1EA396E0"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_61" FriendlyName="t8.sys Hash Sha1" Hash="D85C6097A2279301222B6A06B93296ACE669A76D"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_62" FriendlyName="nstr.sys Hash Sha1" Hash="61258963D900C2A39408EF4B51F69F405F55E407"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_63" FriendlyName="nt6.sys Hash Sha1" Hash="8403A17AE001FEF3488C2E641E2BE553CD5B478D"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_64" FriendlyName="t3.sys Hash Sha1" Hash="0CE54B617DE11C24670064960B736EF9C47A5F15"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_65" FriendlyName="windows7-32.sys Hash Sha1" Hash="82F8D4BA137FA4B0DA20E8CD1968A7AAEA803DBC"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_66" FriendlyName="NetProxyDriver.sys Hash Sha1" Hash="00B4FDC0F7F28DDECD5B4E5880A71E7F08B5F825"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_67" FriendlyName="c.sys Hash Sha1" Hash="3C20BB896FD16B5C698185FB176E820A448997B3"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_68" FriendlyName="gameink.sys Hash Sha1" Hash="6A784D45517142C11D5CCA3FF9956B2ED6EAF4C9"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_69" FriendlyName="gameink.sys Hash Sha1" Hash="4E5E719362CD48BB323803C1D00AFDE11D4B9D4C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_70" FriendlyName="b.sys Hash Sha1" Hash="FD8A340CD071BC98E6EEAC9BBD4AC8A78688BC17"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_71" FriendlyName="nt4.sys Hash Sha1" Hash="EC7947AD1919C8F60BC973B96DA4132A1EA396E0"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA1_72" FriendlyName="d3.sys Hash Sha1" Hash="560D8869D48A71E59601B76240E9A6CFFB068C9C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_1" FriendlyName="80.sys Hash Sha256" Hash="F08EBDDC11AEFCB46082C239F8D97CEEA247D846E22C4BCDD72AF75C1CBC6B0B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_2" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="12A636449A491EF3DC8688C5D25BE9EBF785874F9C4573667EEFD42139201AA4"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_3" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="7F1772BDF7DD81CB00D30159D19D4EB9160B54D7609B36F781D08CA3AFBD29A7"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_4" FriendlyName="81.sys Hash Sha256" Hash="5C206B569B7059B7C32EB5FC36922CB435C2B16C8D96DE1038C8BD298ED498FE"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_5" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="C56536F99207915E5A1F7D4F014AB942BD820E64FF7F371AD0462EF26ED27242"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_6" FriendlyName="full.sys Hash Sha256" Hash="0988D366572A57B3015D875B60704517D05115580678E8F2E126F771EDA28F7B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_7" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="651FFA0C7AFF7B4A7695DDDD209DC3E7F68156E29A14D3FCC17AEF4F2A205DCC"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_8" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="7113DEE11925B346192F6EE5441974DB7D1FE9B5BE1497A6B295C06930FDD264"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_9" FriendlyName="81.sys Hash Sha256" Hash="3D31118A2E92377ECB632BD722132C04AF4E65E24FF87743796C75EB07CFCD71"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_10" FriendlyName="nstrwsk.sys Hash Sha256" Hash="3390919BB28D5C36CC348F9EF23BE5FA49BFD81263EB7740826E4437CBE904CD"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_11" FriendlyName="nt2.sys Hash Sha256" Hash="CB9890D4E303A4C03095D7BC176C42DEE1B47D8AA58E2F442EC1514C8F9E3CEC"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_12" FriendlyName="nt3.sys Hash Sha256" Hash="7D8937C18D6E11A0952E53970A0934CF0E65515637AC24D6CA52CCF4B93D385F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_13" FriendlyName="nt5.sys Hash Sha256" Hash="FD33FB2735CC5EF466A54807D3436622407287E325276FCD3ED1290C98BD0533"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_14" FriendlyName="81.sys Hash Sha256" Hash="B430D3A0BDB837A5D6625D3B1CEF07ABD1953F969869FF6CF7BA398AE605431A"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_15" FriendlyName="b4.sys Hash Sha256" Hash="DEC8A933DBA04463ED9BB7D53338FF87F2C23CFB79E0E988449FC631252C9DCC"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_16" FriendlyName="bw.sys Hash Sha256" Hash="0EBAEF662B14410C198395B13347E1D175334EC67919709AD37D65EBA013ADFF"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_17" FriendlyName="bwrs.sys Hash Sha256" Hash="221DFBC74BBB255B0879360CCC71A74B756B2E0F16E9386B38A9CE9D4E2E34F9"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_18" FriendlyName="bwrsh.sys Hash Sha256" Hash="37DDE6BD8A7A36111C3AC57E0AC20BBB93CE3374D0852BCACC9A2C8C8C30079E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_19" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="82774D5230C5B6604D6F67A32883F720B4695387F3F383AABC713FC2904FF45D"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_20" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="DDD83AF2E99C2E51F2BBBB5A1FAADF9F2DDBC3E39B086935621D6846A8530D76"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_21" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="E6D0C06DEB74F0448391F2C14A08D5C1B7D263DC444ACC5C1CF57ACFE82DA6BB"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_22" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="F05A1DF10900B05FB7211F3DADD15003FC91CFA28A08BCC6D7AFA02CD8AB3D5C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_23" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="C174566743B47AE3C3BBB9F32D2856DE5959E06EC100B648853058EEFCDA43FA"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_24" FriendlyName="TGSafe.sys Hash Sha256" Hash="3A95CC82173032B82A0FFC7D2E438DF64C13BC16B4574214C9FE3BE37250925E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_25" FriendlyName="BlackBoneDrv10.sys Hash Sha256" Hash="0BB5F2EAACD64398A66D73D4617AA0C1209D483FAFCBE99E4E12CA6C024DB2EC"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_26" FriendlyName="LgDCatcher.sys Hash Sha256" Hash="13B82D81D6EAC1A8B2E4655504DABECBD70673CDF45C244702A02F3397FDFF9A"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_27" FriendlyName="gameink.sys Hash Sha256" Hash="8168304169A2453C0C3E0A285C2A07D3B3B83433E0342F6B33400C371AF86221"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_28" FriendlyName="windows-xp-64.sys Hash Sha256" Hash="DFAEFD06B680F9EA837E7815FC1CC7D1F4CC375641AC850667AB20739F46AD22"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_29" FriendlyName="windows8-10-32.sys Hash Sha256" Hash="5B9623DA9BA8E5C80C49473F40FFE7AD315DCADFFC3230AFDC9D9226D60A715A"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_30" FriendlyName="kbdcap64.sys Hash Sha256" Hash="72B99147839BCFB062D29014EC09FE20A8F261748B5925B00171EF3CB849A4C1"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_31" FriendlyName="netfilterdrv.sys Hash Sha256" Hash="0391107305D76EB9DDF1A5B3B3C50DA361E8AB35B573DBD19BF9383436B9303E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_32" FriendlyName="d3.sys Hash Sha256" Hash="36875562E747136313EC5DB58174E5FAB870997A054CA8D3987D181599C7DB6A"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_33" FriendlyName="d.sys Hash Sha256" Hash="0289FE12E675101CEE03934C1AF5CB73069A12170A88BD051E31A292B97F701B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_34" FriendlyName="b3.sys Hash Sha256" Hash="708016FBE22C813A251098F8F992B177B476BD1BBC48C2ED4A122FF74910A965"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_35" FriendlyName="2.sys Hash Sha256" Hash="9385E4CDABD0AEE2670FB756598EA977161F45B71687ECB9E43533081629F661"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_36" FriendlyName="b1.sys Hash Sha256" Hash="A3E507E713F11901017FC328186AE98E23DE7CEA5594687480229F77D45848D8"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_37" FriendlyName="My.sys Hash Sha256" Hash="D25904FBF907E19F366D54962FF543D9F53B8FDFD2416C8B9796B6A8DD430E26"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_38" FriendlyName="Black.sys Hash Sha256" Hash="D5562FB90B0B3DEB633AB335BCBD82CE10953466A428B3F27CB5B226B453EAF3"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_39" FriendlyName="WYProxy32.sys Hash Sha256" Hash="DE6BF572D39E2611773E7A01F0388F84FB25DA6CBA2F1F8B9B36FFBA467DE6FA"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_40" FriendlyName="WYProxy64.sys Hash Sha256" Hash="FAFA1BB36F0AC34B762A10E9F327DCAB2152A6D0B16A19697362D49A31E7F566"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_41" FriendlyName="Proxy64.sys Hash Sha256" Hash="C60FCFF9C8E5243BBB22EC94618B9DCB02C59BB49B90C04D7D6AB3EBBD58DC3A"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_42" FriendlyName="LgDCatcher.sys Hash Sha256" Hash="BFCFFC82A564A2ADCD3522CD78CDF83795B6212F787230A5EA6B7EFB9F232784"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_43" FriendlyName="LgDCatcher.sys Hash Sha256" Hash="350E15BF24DCFDC052DB117718329A03E930C17AC8C835E51D001E74BAD784E4"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_44" FriendlyName="LgDCatcher.sys Hash Sha256" Hash="DF4E25990742FC8D3AED70F6CB4D402E111E7ED08FA5F76ACA685B8C03B98B93"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_45" FriendlyName="ni.sys Hash Sha256" Hash="AE79E760C739D6214C1E314728A78A6CB6060CCE206FDE2440A69735D639A0A2"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_46" FriendlyName="d4.sys Hash Sha256" Hash="823DA894B2C73FFCD39E77366B6F1ABF0AE9604D9B20140A54E6D55053AADEBA"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_47" FriendlyName="d2.sys Hash Sha256" Hash="CB57F3A7FE9E1F8E63332C563B0A319B26C944BE839EABC03E9A3277756BA612"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_48" FriendlyName="t.sys Hash Sha256" Hash="146D77E80CA70EA5CB17BFC9A5CEA92334F809CBDC87A51C2D10B8579A4B9C88"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_49" FriendlyName="1.sys Hash Sha256" Hash="64F9E664BC6D4B8F5F68616DD50AE819C3E60452EFD5E589D6604B9356841B57"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_50" FriendlyName="cpupress.sys Hash Sha256" Hash="FCDFE570E6DC6E768EF75138033D9961F78045ADCA53BEB6FDB520F6417E0DF1"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_51" FriendlyName="gameink.sys Hash Sha256" Hash="E9B433A33DC72EB2622947B41F01D04A48CD71BEAC775A88F3F1E4C838090EE8"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_52" FriendlyName="NetFlt.sys Hash Sha256" Hash="F8886A9C759E0426E08D55E410B02C5B05AF3C287B15970175E4874316FFAF13"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_53" FriendlyName="ProtectS.sys Hash Sha256" Hash="9D58F640C7295952B71BDCB456CAE37213BACCDCD3032C1E3AEB54E79081F395"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_54" FriendlyName="ProtectS.sys Hash Sha256" Hash="4A9093E8DBCB867E1B97A0A67CE99A8511900658F5201C34FFB8035881F2DBBE"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_55" FriendlyName="GameTerSafe.sys Hash Sha256" Hash="3E9B62D2EA2BE50A2DA670746C4DBE807DB9601980AF3A1014BCD72D0248D84C"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_56" FriendlyName="Lurker.sys Hash Sha256" Hash="0FD2DF82341BF5EBB8A53682E60D08978100C01ACB0BED7B6CE2876ADA80F670"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_57" FriendlyName="TestBone.sys Hash Sha256" Hash="0DE4247E72D378713BCF22D5C5D3874D079203BB4364E25F67A90D5570BDCCE8"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_58" FriendlyName="Proxy32.sys Hash Sha256" Hash="49ED27460730B62403C1D2E4930573121AB0C86C442854BC0A62415CA445A810"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_59" FriendlyName="t7.sys Hash Sha256" Hash="BE03E9541F56AC6ED1E81407DCD7CC85C0FFC538C3C2C2C8A9C747EDBCF13100"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_60" FriendlyName="nt4.sys Hash Sha256" Hash="D7BC7306CB489FE4C285BBEDDC6D1A09E814EF55CF30BD5B8DAF87A52396F102"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_61" FriendlyName="t8.sys Hash Sha256" Hash="258359A7FA3D975620C9810DAB3A6493972876A024135FEAF3AC8482179B2E79"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_62" FriendlyName="nstr.sys Hash Sha256" Hash="455BC98BA32ADAB8B47D2D89BDBADCA4910F91C182AB2FC3211BA07D3784537B"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_63" FriendlyName="nt6.sys Hash Sha256" Hash="15C53EB3A0EA44BBD2901A45A6EBEAE29BB123F9C1115C38DFB2CDBEC0642229"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_64" FriendlyName="t3.sys Hash Sha256" Hash="4CFF6E53430B81ECC4FAE453E59A0353BCFE73DD5780ABFC35F299C16A97998E"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_65" FriendlyName="windows7-32.sys Hash Sha256" Hash="4941C4298F4560FC1E59D0F16F84BAB5C060793700B82BE2FD7C63735F1657A8"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_66" FriendlyName="NetProxyDriver.sys Hash Sha256" Hash="8111085022BDA87E5F6AA4C195E743CC6DD6A3A6D41ADD475D267DC6B105A69F"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_67" FriendlyName="c.sys Hash Sha256" Hash="CC383AD11E9D06047A1558ED343F389492DA3AC2B84B71462AEE502A2FA616C8"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_68" FriendlyName="gameink.sys Hash Sha256" Hash="E94E8A87459DB56837D1C58F9854794AA99F36566A9DED9B398BE9D4D3A2C2AF"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_69" FriendlyName="gameink.sys Hash Sha256" Hash="44A0599DEFEA351314663582DBC61069B3A095A4DDAD571BB17DD0D8B21E7FF2"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_70" FriendlyName="b.sys Hash Sha256" Hash="84DF20B1D9D87E305C92E5FFAE21B10B325609D59D835A954DBD8750EF5DABF4"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_71" FriendlyName="nt4.sys Hash Sha256" Hash="D7BC7306CB489FE4C285BBEDDC6D1A09E814EF55CF30BD5B8DAF87A52396F102"/>
+    <Deny ID="ID_DENY_RETLIFTEN_SHA256_72" FriendlyName="d3.sys Hash Sha256" Hash="36875562E747136313EC5DB58174E5FAB870997A054CA8D3987D181599C7DB6A"/>
+    <Deny ID="ID_DENY_PROCESSHACKER" FriendlyName="kprocesshacker.sys FileRule" FileName="kprocesshacker.sys" />
+    <Deny ID="ID_DENY_AMP" FriendlyName="System Mechanic CVE-2018-5701" FileName="amp.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="5.4.11.1" />
+    <Deny ID="ID_DENY_ASMMAP" FriendlyName="Asus Memory Mapping Driver" FileName="asmmap.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <Deny ID="ID_DENY_ASMMAP_64" FriendlyName="Asus Memory Mapping Driver" FileName="asmmap64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <Deny ID="ID_DENY_PHYMEMX_64" FriendlyName="Phymemx64 Memory Mapping Driver" FileName="phymemx64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <Deny ID="ID_DENY_DBK_32" FriendlyName="Cheat Engine Driver" FileName="dbk32.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <Deny ID="ID_DENY_DBK_64" FriendlyName="Cheat Engine Driver" FileName="dbk64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_AMD_RYZEN" FriendlyName="amdryzenmaster.sys" FileName="AMDRyzenMasterDriver.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.5.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_AMDPP" FriendlyName="AMDPowerProfiler.sys FileAttribute" FileName="AMDPowerProfiler.sys" MinimumFileVersion="6.1.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_ATSZIO" FriendlyName="ATSZIO.sys FileAttribute" FileName="ATSZIO.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_BSMI" FriendlyName="" FileName="BSMI.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.3" />
+    <FileAttrib ID="ID_FILEATTRIB_BS_HWMIO64" FriendlyName="" FileName="BS_HWMIO64_W10.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.1806.2200" />
+    <FileAttrib ID="ID_FILEATTRIB_BS_I2CIO" FriendlyName="" FileName="BS_I2cIo.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.1.0.0" />
+	<FileAttrib ID="ID_FILEATTRIB_BS_RCIO" FriendlyName="BS_RCIO.sys FileAttribute" FileName="BS_RCIO64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.0.1" />
+    <FileAttrib ID="ID_FILEATTRIB_NTIOLIB" FriendlyName="" FileName="NTIOLib.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_CPUZ_DRIVER" FriendlyName="" FileName="cpuz.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.4.3" />
+    <FileAttrib ID="ID_FILEATTRIB_ELBY_DRIVER" FriendlyName="" FileName="ElbyCDIO.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="6.0.3.2" />
+    <FileAttrib ID="ID_FILEATTRIB_HPPORTIOX64" FriendlyName="HpPortIox64.sys" FileName="HpPortIox64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.2.0.9" />
+    <FileAttrib ID="ID_FILEATTRIB_IQVW64" FriendlyName="IQVW64.sys FileAttribute" FileName="iQVW64.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.4.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_KEVP64" FriendlyName="kevp64.sys FileAttribute" FileName="kEvP64.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_LHA" FriendlyName="LHA.sys FileAttribute" FileName="LHA.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_LIBNICM_DRIVER" FriendlyName="" FileName="libnicm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_MTCBSV64" FriendlyName="mtcBSv64.sys FileAttribute" FileName="mtcBSv64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="21.2.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NCHGBIOS2X64" FriendlyName="" FileName="NCHGBIOS2x64.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="4.2.4.0" />
+	<FileAttrib ID="ID_FILEATTRIB_NCPL_DRIVER" FriendlyName="" FileName="NCPL.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NICM_DRIVER" FriendlyName="" FileName="NICM.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NSCM_DRIVER" FriendlyName="" FileName="nscm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_PHYSMEM" FriendlyName="Physmem.sys FileAttribute" FileName="physmem.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIO_DRIVER" FriendlyName="" FileName="rtkio.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIO64_DRIVER" FriendlyName="" FileName="rtkio64.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" FriendlyName="" FileName="rtkiow8x64.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" FriendlyName="" FileName="rtkiow10x64.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RWDRV_DRIVER" FriendlyName="" FileName="RwDrv.sys" MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_SANDRA" FriendlyName="" FileName="SANDRA" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_SANDRA_DRIVER" FriendlyName="" FileName="sandra.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_SEGWINDRVX64" FriendlyName="segwindrvx64.sys FileAttribute" FileName="segwindrvx64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="100.0.7.2" />
+    <FileAttrib ID="ID_FILEATTRIB_TREND_MICRO" FriendlyName="TmComm.sys" FileName="TmComm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="8.0.0.0" />
+	<FileAttrib ID="ID_FILEATTRIB_VBOX" FriendlyName="VBoxDrv.sys FileAttribute" FileName="VBoxDrv.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.0.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_VIRAGT" FriendlyName="viragt.sys 32-bit" FileName="viragt.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.80.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_VIRAGT64" FriendlyName="viragt64.sys" FileName="viragt64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.11" />
+    <FileAttrib ID="ID_FILEATTRIB_VMDRV" FriendlyName="vmdrv.sys FileAttribute" FileName="vmdrv.sys" MinimumFileVersion="10.0.10011.16384" />
+    <FileAttrib ID="ID_FILEATTRIB_WINRING0" FriendlyName="WinRing0.sys" FileName="WinRing0.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="2.0.0.0" />
+  </FileRules>
+  <!--Signers-->
+  <Signers>
+    <Signer ID="ID_SIGNER_VERISIGN_2010" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMDPP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ATSZIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_KEVP64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_LHA" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RWDRV_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2010_2" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4678C6E4A8787A8E6ED2BCE8792B122F6C08AFD8" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+    </Signer>
+    <Signer ID="ID_SIGNER_CAPCOM" Name="Symantec Class 3 SHA256 Code Signing CA">
+      <CertRoot Type="TBS" Value="A08E79C386083D875014C409C13D144E0A24386132980DF11FF59737C8489EB1" />
+      <CertPublisher Value="CAPCOM Co.,Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_CHEAT_ENGINE" Name="Microsoft Windows Third Party Component CA 2014 Cheat Engine OPUS">
+      <CertRoot Type="TBS" Value="D8BE9E4D9074088EF818BC6F6FB64955E90378B2754155126FEEBBBD969CF0AE" />
+      <CertOemID Value="Cheat Engine"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_ENE" Name="Microsoft Windows Third Party Component CA 2014 ENE Tech OPUS">
+      <CertRoot Type="TBS" Value="D8BE9E4D9074088EF818BC6F6FB64955E90378B2754155126FEEBBBD969CF0AE" />
+      <CertOemID Value="ENE Technology Inc." />
+    </Signer>
+    <Signer ID="ID_SIGNER_DIGICERT_EV" Name="DigiCert EV Code Signing CA (SHA2)">
+      <CertRoot Type="TBS" Value="EEC58131DC11CD7F512501B15FDBC6074C603B68CA91F7162D5A042054EDB0CF" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_ELBY" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB" />
+      <CertPublisher Value="Elaborate Bytes AG" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ELBY_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2009" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ATSZIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_LIBNICM_DRIVER" />
+	  <FileAttribRef RuleID="ID_FILEATTRIB_NCPL_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NICM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NSCM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NCHGBIOS2X64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_SANDRA" Name="GeoTrust TrustCenter CodeSigning CA I">
+      <CertRoot Type="TBS" Value="172F39BCA3DDA7C6D5169C96B34A5FE7E96FF0BD" />
+      <CertPublisher Value="SiSoftware Ltd" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDRA" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDRA_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_SANDRA_THAWTE" Name="Thawte Code Signing CA">
+      <CertRoot Type="TBS" Value="F6297A00D3B2B4CE4750402B66E7EA018D54F683" />
+      <CertPublisher Value="SiSoftware Ltd" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDRA" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDRA_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_MIMIKATZ_KERNEL" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="Benjamin Delpy" />
+    </Signer>
+    <Signer ID="ID_SIGNER_MIMIKATZ_KERNEL_SHA2" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="F6CAE0B028995EB13B1C2CCE5B5107384AB7C77279AE5560933E345061D99CC0" />
+      <CertPublisher Value="Benjamin Delpy" />
+    </Signer>
+    <Signer ID="ID_SIGNER_MIMIKATZ_USER" Name="Certum Code Signing CA SHA2">
+      <CertRoot Type="TBS" Value="F7B6EEB3A567223000A61F68C53B458193557C17E5D512D2825BCB13E5FC9BE5" />
+      <CertPublisher Value="Open Source Developer, Benjamin Delpy" />
+    </Signer>
+    <Signer ID="ID_SIGNER_SPEEDFAN" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="Sokno S.R.L." />
+    </Signer>
+    <Signer ID="ID_SIGNER_RWEVERY" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="ChongKim Chan" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VBOX" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB" />
+      <CertPublisher Value="innotek GmbH" />
+    </Signer>
+	<Signer ID="ID_SIGNER_VBOX_ORCALE" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="Oracle Corporation" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VBOX" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VBOX_SUN" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="Sun Microsystems, Inc." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VBOX" />
+    </Signer>
+    <Signer ID="ID_SIGNER_REALTEK" Name="DigiCert EV Code Signing CA">
+      <CertRoot Type="TBS" Value="2D54C16A8F8B69CCDEA48D0603C132F547A5CF75" />
+      <CertPublisher Value="Realtek Semiconductor Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2009_REALTEK" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
+      <CertPublisher Value="Realtek Semiconductor Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_WINDOWS_3RD_PARTY_2012" Name="Microsoft Windows Third Party Component CA 2012">
+      <CertRoot Type="TBS" Value="CEC1AFD0E310C55C1DCC601AB8E172917706AA32FB5EAF826813547FDF02DD46" />
+      <CertPublisher Value="Microsoft Windows Hardware Compatibility Publisher" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMD_RYZEN" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMDPP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_HPPORTIOX64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_WINRING0" />
+    </Signer>
+    <Signer ID="ID_SIGNER_WINDOWS_3RD_PARTY_2014" Name="Microsoft Windows Third Party Component CA 2014">
+      <CertRoot Type="TBS" Value="D8BE9E4D9074088EF818BC6F6FB64955E90378B2754155126FEEBBBD969CF0AE" />
+      <CertPublisher Value="Microsoft Windows Hardware Compatibility Publisher" />
+	  <FileAttribRef RuleID="ID_FILEATTRIB_BS_RCIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_LHA" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_LIBNICM_DRIVER" />
+	  <FileAttribRef RuleID="ID_FILEATTRIB_NCPL_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NICM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NSCM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BS_HWMIO64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VMDRV" />
+    </Signer>
+   <Signer ID="ID_SIGNER_WINDOWS_3RD_PARTY_2010" Name="Microsoft Third Party Component Windows PCA 2010">
+      <CertRoot Type="TBS" Value="90C9669670E75989159E6EEF69625EB6AD17CBA6209ED56F5665D55450A05212" />
+      <CertPublisher Value="Microsoft Windows Hardware Compatibility Publisher" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_HPPORTIOX64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_WINRING0" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2004" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2004_BIOSTAR" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="BIOSTAR MICROTECH INT'L CORP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BS_I2CIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BSMI" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2009_BIOSTAR" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
+      <CertPublisher Value="BIOSTAR MICROTECH INT'L CORP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BSMI" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BS_I2CIO" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2010_BIOSTAR" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="BIOSTAR MICROTECH INT'L CORP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BS_I2CIO" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BSMI" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_G2_MICROSTAR" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="MICRO-STAR INTERNATIONAL CO., LTD." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NTIOLIB" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_TOSHIBA" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="TOSHIBA CORPORATION" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NCHGBIOS2X64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_NOVELL" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="Novell, Inc." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_LIBNICM_DRIVER" />
+	  <FileAttribRef RuleID="ID_FILEATTRIB_NCPL_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NICM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NSCM_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_MICROSTAR" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB" />
+      <CertPublisher Value="Micro-Star Int'l Co. Ltd." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NTIOLIB" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_INSYDE" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="Insyde Software Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SEGWINDRVX64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_SYMANTEC_CLASS_3" Name="Symantec Class 3 SHA256 Code Signing CA">
+      <CertRoot Type="TBS" Value="A08E79C386083D875014C409C13D144E0A24386132980DF11FF59737C8489EB1" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMD_RYZEN" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMDPP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_TREND_MICRO" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_AMD" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="Advanced Micro Devices, Inc." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMD_RYZEN" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_TG_SOFT" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="TG Soft S.a.s. Di Tonello Gianfranco e C." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_TG_SOFT" Name="GlobalSign CodeSigning CA - G3">
+      <CertRoot Type="TBS" Value="F478F0E790D5C8EC6056A3AB2567404A991D2837" />
+      <CertPublisher Value="TG Soft di Tonello Gianfranco ed Enrico S.r.l." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VIRAGT64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_HP" Name="DigiCert SHA2 Assured ID Code Signing CA">
+      <CertRoot Type="TBS" Value="E767799478F64A34B3F53FF3BB9057FE1768F4AB178041B0DCC0FF1E210CBA65" />
+      <CertPublisher Value="HP Inc." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_HPPORTIOX64" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_WINRING0" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GETAC" Name="Symantec Class 3 Extended Validation Code Signing CA - G2">
+      <CertRoot Type="TBS" Value="B3C925B4048C3F7C444D248A2B101186B57CBA39596EB5DCE0E17A4EE4B32F19" />
+      <CertPublisher Value="Getac Technology Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_CHEAT_ENGINE" Name="GlobalSign CA Cheat Engine Publisher">
+      <CertRoot Type="TBS" Value="BD1765C56594221373893EF26D97F88C144FB0E5A0111215B45D7239C3444DF7" />
+      <CertPublisher Value="Cheat Engine" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_G2_CHEAT_ENGINE" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="Cheat Engine" />
+    </Signer>
+    <Signer ID="ID_SIGNER_PHYSMEM" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="Hilscher Gesellschaft fuer Systemautomation mbH" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_PHYSMEM" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VMDRV" Name="DigiCert EV Code Signing CA (SHA2)">
+      <CertRoot Type="TBS" Value="EEC58131DC11CD7F512501B15FDBC6074C603B68CA91F7162D5A042054EDB0CF" />
+      <CertPublisher Value="Voicemod Sociedad Limitada" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_VMDRV" />
+    </Signer>
+    <Signer ID="ID_SIGNER_INTEL_IQVW" Name="Intel External Basic Policy CA">
+      <CertRoot Type="TBS" Value="53B052BA209C525233293274854B264BC0F68B73" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_COMODO_IQVW" Name="COMODO RSA Certification Authority">
+      <CertRoot Type="TBS" Value="7CE102D63C57CB48F80A65D1A5E9B350A7A618482AA5A36775323CA933DDFCB00DEF83796A6340DEC5EBF7596CFD8E5D" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_IQVW64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_AMDPP" Name="USERTrust RSA Certification Authority">
+      <CertRoot Type="TBS" Value="13BAA039635F1C5292A8C2F36AAE7E1D25C025202E9092F5B0F53F5F752DFA9C71B3D1B8D9A6358FCEE6EC75622FABF9" />
+      <CertPublisher Value="Advanced Micro Devices Inc." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_AMDPP" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GEOTRUST_SRL_2009" Name="HT Srl Digital ID Class 3 - Microsoft Software Validation v2">
+      <CertRoot Type="TBS" Value="d70edfa009a76bd8250d74e9ee92eb9ead7d4cb3" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GEOTRUST_SRL_2010" Name="HT Srl Digital ID Class 3 - Microsoft Software Validation v2">
+      <CertRoot Type="TBS" Value="e5ba2abbd1dc89f143a66a3cdcda26d968758e2d" />
+    </Signer>
+    <Signer ID="ID_SIGNER_HANDAN" Name="Handan City Congtai District LiKang  Daily Goods Department">
+      <CertRoot Type="TBS" Value="cccae21fbc083f5d1af6997bb3f29ed9915e7324" />
+    </Signer>
+    <Signer ID="ID_SIGNER_NANJING" Name="Nanjing Zhixiao Information Technology Co.,Ltd">
+      <CertRoot Type="TBS" Value="f5e1c4d98f9ce552ead3776c16f3ad91fe5f3984" />
+    </Signer>
+    <Signer ID="ID_SIGNER_TRUST_ASIA" Name="上海域联软件技术有限公司">
+      <CertRoot Type="TBS" Value="232a71b4d1734eac2cfc6ea554c86de34f9f8b72" />
+    </Signer>
+    <Signer ID="ID_SIGNER_JEROMIN_CODY_ERIC" Name="Jeromin Cody Eric">
+      <CertRoot Type="TBS" Value="dfa6171201b51a2ec174310e8fb9f4c0fde2d365235e589ded0213c5279bea6e" />
+    </Signer>
+	<Signer ID="ID_SIGNER_SAASAME" Name="SaaSaMe Ltd.">
+      <CertRoot Type="TBS" Value="A86DE66D8198E4272859881476A6F9936034A482" />
+    </Signer>
+	<Signer ID="ID_SIGNER_NVIDIA_2011" Name="Leaked 2011 NVIDIA Corporation Verisign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="15C37DBEBE6FCC77108E3D7AD982676D3D5E77F7" />
+    </Signer>
+	<Signer ID="ID_SIGNER_NVIDIA_2015" Name="Leaked 2015 NVIDIA Corporation Verisign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="F049A238763D4A90B148AB10A500F96EBF1DC436" />
+    </Signer>
+	<Signer ID="ID_SIGNER_HERMETICWIPER_1" Name="DigiCert Assured ID Code Signing CA-1">
+      <CertRoot Type="TBS" Value="47F4B9898631773231B32844EC0D49990AC4EB1E" />
+      <CertPublisher Value="CHENGDU YIWO Tech Development Co., Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_HERMETICWIPER_2" Name="Symantec Class 3 Extended Validation Code Signing CA - G2">
+      <CertRoot Type="TBS" Value="B3C925B4048C3F7C444D248A2B101186B57CBA39596EB5DCE0E17A4EE4B32F19" />
+      <CertPublisher Value="Chengdu Yiwo Tech Development Co., Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_HERMETICWIPER_3" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="CHENGDU YIWO Tech Development Co., Ltd." />
+    </Signer>
+    <Signer ID="ID_SIGNER_HERMETICWIPER_4" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="CHENGDU YIWO Tech Development Co., Ltd." />
+    </Signer>
+  </Signers>
+  <!--Driver Signing Scenarios-->
+  <SigningScenarios>
+    <SigningScenario Value="131" ID="ID_SIGNINGSCENARIO_DENIED_VULN_MAL_SIGNERS" FriendlyName="Signers of known vulnerable or malicious drivers">
+      <ProductSigners>
+        <DeniedSigners>
+          <DeniedSigner SignerId="ID_SIGNER_AMDPP" />
+          <DeniedSigner SignerId="ID_SIGNER_CAPCOM" />
+          <DeniedSigner SignerId="ID_SIGNER_CHEAT_ENGINE" /> 
+          <DeniedSigner SignerId="ID_SIGNER_COMODO_IQVW" /> 
+          <DeniedSigner SignerId="ID_SIGNER_ELBY" />
+          <DeniedSigner SignerId="ID_SIGNER_ENE" />
+          <DeniedSigner SignerId="ID_SIGNER_DIGICERT_EV" />
+          <DeniedSigner SignerId="ID_SIGNER_GEOTRUST_SRL_2009" />
+          <DeniedSigner SignerId="ID_SIGNER_GETAC" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_CHEAT_ENGINE" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_G2_CHEAT_ENGINE" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_G2_MICROSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_MICROSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_GEOTRUST_SRL_2010" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_TG_SOFT" />
+          <DeniedSigner SignerId="ID_SIGNER_HANDAN" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_1" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_2" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_3" />
+		  <DeniedSigner SignerId="ID_SIGNER_HERMETICWIPER_4" />
+          <DeniedSigner SignerId="ID_SIGNER_HP" /> 
+          <DeniedSigner SignerId="ID_SIGNER_INTEL_IQVW" />
+          <DeniedSigner SignerId="ID_SIGNER_JEROMIN_CODY_ERIC" />
+          <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_KERNEL" />
+          <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_KERNEL_SHA2" />
+          <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_USER" />
+          <DeniedSigner SignerId="ID_SIGNER_NANJING" />
+		  <DeniedSigner SignerId="ID_SIGNER_NVIDIA_2011" />
+		  <DeniedSigner SignerId="ID_SIGNER_NVIDIA_2015" />
+          <DeniedSigner SignerId="ID_SIGNER_PHYSMEM" />
+          <DeniedSigner SignerId="ID_SIGNER_REALTEK" />
+          <DeniedSigner SignerId="ID_SIGNER_RWEVERY" />
+		  <DeniedSigner SignerId="ID_SIGNER_SAASAME" />
+          <DeniedSigner SignerId="ID_SIGNER_SANDRA" />
+          <DeniedSigner SignerId="ID_SIGNER_SANDRA_THAWTE" />
+          <DeniedSigner SignerId="ID_SIGNER_SPEEDFAN" />
+          <DeniedSigner SignerId="ID_SIGNER_SYMANTEC_CLASS_3" />
+          <DeniedSigner SignerId="ID_SIGNER_TRUST_ASIA" />
+          <DeniedSigner SignerId="ID_SIGNER_VBOX" />
+		  <DeniedSigner SignerId="ID_SIGNER_VBOX_ORCALE" />
+		  <DeniedSigner SignerId="ID_SIGNER_VBOX_SUN" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2004" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2004_BIOSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2009" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2009_BIOSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2009_REALTEK" /> 
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2010" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2010_2" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2010_BIOSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_AMD" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_INSYDE" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_NOVELL" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_TG_SOFT" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_TOSHIBA" />
+          <DeniedSigner SignerId="ID_SIGNER_VMDRV" />
+          <DeniedSigner SignerId="ID_SIGNER_WINDOWS_3RD_PARTY_2010" />
+          <DeniedSigner SignerId="ID_SIGNER_WINDOWS_3RD_PARTY_2012" />
+          <DeniedSigner SignerId="ID_SIGNER_WINDOWS_3RD_PARTY_2014" />
+        </DeniedSigners>
+        <FileRulesRef>
+          <FileRuleRef RuleID="ID_ALLOW_ALL_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA1_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA256_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA1_PAGE_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA256_PAGE_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA1_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA256_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA1_PAGE_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_32_SHA256_PAGE_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA1_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA256_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA1_PAGE_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA256_PAGE_1" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA1_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA256_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA1_PAGE_2" />
+          <FileRuleRef RuleID="ID_DENY_ASIO_64_SHA256_PAGE_2" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV10_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV10_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV10_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV10_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV101_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV101_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV101_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV101_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV102_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV102_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV102_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV102_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV103_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV103_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV103_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASRDRV103_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BANDAI_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_BANDAI_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_BANDAI_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BANDAI_SHA256_PAGE" />
+		  <FileRuleRef RuleID="ID_DENY_BS_RCIO64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_BS_RCIO64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_BS_RCIO64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BS_RCIO64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_32_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_32_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_32_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_32_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_DBUTIL_64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_GDRV" />
+          <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA256C" />
+          <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_12" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_13" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_14" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_15" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_16" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_17" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_18" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_19" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_1A" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_1B" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_1C" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_1D" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_1E" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_1F" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_20" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_21" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_22" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_23" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_24" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_25" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_26" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_27" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_28" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_29" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_2A" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_2B" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_2C" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_2D" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_2E" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_2F" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_30" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_31" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_32" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_33" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_34" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_35" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_36" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_37" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_38" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_39" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_3A" />
+          <FileRuleRef RuleID="ID_DENY_DIRECTIO_3B" />
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA1_1" />
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA256_1" /> 		
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA1_PAGE_1" /> 	
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA256_PAGE_1" />	
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA1_2" />
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA256_2" />		
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA1_PAGE_2" /> 	
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA256_PAGE_2" />	
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA1_3" />
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA256_3" />		
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA1_4" />	
+          <FileRuleRef RuleID="ID_DENY_MSIO_SHA256_4" />		
+          <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_PHYMEMX64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_PHYMEMX64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_PHYMEMX64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_PHYMEMX64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA1" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA256" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA1_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_WINRING0_SHA256_PAGE" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_1" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_2" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_3" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_4" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_5" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_6" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_7" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_8" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_9" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_10"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_11"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_12"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_13"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_14"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_15"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_16"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_17"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_18"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_19"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_20"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_21"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_22"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_23"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_24"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_25"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_26"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_27"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_28"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_29"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_30"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_31"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_32"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_33"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_34"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_35"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_36"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_37"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_38"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_39"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_40"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_41"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_42"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_43"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_44"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_45"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_46"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_47"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_48"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_49"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_50"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_51"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_52"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_53"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_54"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_55"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_56"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_57"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_58"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_59"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_60"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_61"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_62"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_63"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_64"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_65"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_66"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_67"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_68"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_69"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_70"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_71"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA1_72"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_1" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_2" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_3" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_4" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_5" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_6" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_7" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_8" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_9" />
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_10"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_11"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_12"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_13"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_14"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_15"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_16"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_17"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_18"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_19"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_20"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_21"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_22"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_23"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_24"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_25"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_26"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_27"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_28"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_29"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_30"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_31"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_32"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_33"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_34"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_35"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_36"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_37"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_38"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_39"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_40"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_41"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_42"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_43"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_44"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_45"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_46"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_47"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_48"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_49"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_50"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_51"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_52"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_53"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_54"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_55"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_56"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_57"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_58"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_59"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_60"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_61"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_62"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_63"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_64"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_65"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_66"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_67"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_68"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_69"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_70"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_71"/>
+          <FileRuleRef RuleID="ID_DENY_RETLIFTEN_SHA256_72"/>
+          <FileRuleRef RuleID="ID_DENY_PROCESSHACKER"/>
+          <FileRuleRef RuleID="ID_DENY_AMP"/>
+          <FileRuleRef RuleID="ID_DENY_ASMMAP"/>
+          <FileRuleRef RuleID="ID_DENY_ASMMAP_64"/> 
+          <FileRuleRef RuleID="ID_DENY_PHYMEMX_64"/>
+          <FileRuleRef RuleID="ID_DENY_DBK_32"/>
+          <FileRuleRef RuleID="ID_DENY_DBK_64"/>
+		  </FileRulesRef>
+      </ProductSigners>
+    </SigningScenario>
+    <SigningScenario Value="12" ID="ID_SIGNINGSCENARIO_WINDOWS" FriendlyName="">
+      <ProductSigners>
+        <FileRulesRef>
+          <FileRuleRef RuleID="ID_ALLOW_ALL_2" />
+        </FileRulesRef>
+      </ProductSigners>
+    </SigningScenario>
+  </SigningScenarios>
+  <UpdatePolicySigners />
+  <CiSigners />
+  <HvciOptions>0</HvciOptions>
+  <Settings>
+    <Setting Provider="PolicyInfo" Key="Information" ValueName="Name">
+      <Value>
+        <String>Microsoft Windows Driver Policy</String>
+      </Value>
+    </Setting>
+    <Setting Provider="PolicyInfo" Key="Information" ValueName="Id">
+      <Value>
+        <String>10.0.25000.0</String>
+      </Value>
+    </Setting>
+  </Settings>
+</SiPolicy>
+```
+<br />
+
+
+## More information
+
+- [Merge Windows Defender Application Control policies](merge-windows-defender-application-control-policies.md)

From 09a40cca90e76d1455aed4273790ce23371a6941 Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Thu, 24 Mar 2022 17:03:29 -0700
Subject: [PATCH 2/4] Corrected fat-fingered version

---
 .../microsoft-recommended-driver-block-rules.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index a00c398431..5759d986ff 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -1193,7 +1193,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
     </Setting>
     <Setting Provider="PolicyInfo" Key="Information" ValueName="Id">
       <Value>
-        <String>10.0.25000.0</String>
+        <String>10.0.25090.0</String>
       </Value>
     </Setting>
   </Settings>

From 50a5a2d9e785bd89726410eb8664bf7ec2e3919e Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Tue, 29 Mar 2022 14:40:55 -0700
Subject: [PATCH 3/4] Update microsoft-recommended-driver-block-rules.md

---
 .../microsoft-recommended-driver-block-rules.md                  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index 5759d986ff..1d88193ede 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -14,7 +14,6 @@ author: jgeurten
 ms.reviewer: isbrahm
 ms.author: dansimp
 manager: dansimp
-ms.date: 
 ---
 
 # Microsoft recommended driver block rules

From ce514b37a948e5d768647f701924bf4c75fddfa9 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Tue, 29 Mar 2022 14:41:28 -0700
Subject: [PATCH 4/4] Update microsoft-recommended-driver-block-rules.md.bak

---
 .../microsoft-recommended-driver-block-rules.md.bak              | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak
index 3b611f4bc1..357a184c9b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md.bak
@@ -14,7 +14,6 @@ author: jgeurten
 ms.reviewer: isbrahm
 ms.author: dansimp
 manager: dansimp
-ms.date: 
 ---
 
 # Microsoft recommended driver block rules