From 794df59ad443ed9889d4d23100b2af44ac0e6f8c Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Mon, 11 Nov 2019 16:33:02 -0800
Subject: [PATCH 001/247] Add ApplicationControl CSP mdm vs. non-mdm info

---
 .../mdm/applicationcontrol-csp.md             | 28 +++++++++++++++----
 1 file changed, 23 insertions(+), 5 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index cb636ce3ef..a67a565274 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -112,17 +112,35 @@ Scope is dynamic. Supported operation is Get.
 
 Value type is char.
 
-## Usage guidance  
-
+## MDM Usage Guidance
 To use ApplicationControl CSP, you must:
 - Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 
-If you are using hybrid MDM management with System Center Configuration Manager or using Intune, ensure that you are using Base64 as the Data type when using Custom OMA-URI
-functionality to apply the Code Integrity policy.
+If you are using hybrid MDM management with System Center Configuration Manager or using Intune, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
+- In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row
+- OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/<Policy GUID>/Policy (filling in Policy GUID with your policy's ID)
+- Data type: Base64
+- Certificate file: upload your binary format policy file
+Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps.
+
+## Non-MDM Usage Guidance  
+To use ApplicationControl CSP, you must:
+- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
+- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+- Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
+
+Here is a sample certutil invocation:
+```
+certutil  -encode WinSiPolicy.p7b WinSiPolicy.cer
+```
+An alternative to using certutil would be to use the following PowerShell invocation:
+```powershell
+[Convert]::toBase64String($(Get-Content -Encoding Byte -ReadCount 0 -Path <bin file>))
+```
 
 ### Deploy policies
-To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
+If not using Intune, in order to deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
 
 To deploy base policy and supplemental policies:
 - Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.

From c69b3dfb6908113e16c9320f0a436c926036d7b7 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Mon, 11 Nov 2019 16:39:03 -0800
Subject: [PATCH 002/247] AppControl CSP formatting changes

---
 .../mdm/applicationcontrol-csp.md             | 20 ++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index a67a565274..365c106a92 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -114,19 +114,21 @@ Value type is char.
 
 ## MDM Usage Guidance
 To use ApplicationControl CSP, you must:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
+- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 
-If you are using hybrid MDM management with System Center Configuration Manager or using Intune, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
-- In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row
-- OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/<Policy GUID>/Policy (filling in Policy GUID with your policy's ID)
+If you are using hybrid MDM management with System Center Configuration Manager (SCCM) or using Intune, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
+- In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row.
+- OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/Policy GUID/Policy
 - Data type: Base64
-- Certificate file: upload your binary format policy file
-Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps.
+- Certificate file: upload your binary format policy file.
+
+> ![Note]
+> Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps.
 
 ## Non-MDM Usage Guidance  
-To use ApplicationControl CSP, you must:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
+If not using Intune or hybrid MDM management with SCCM, in order to use ApplicationControl CSP, you must:
+- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 - Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
 
@@ -140,7 +142,7 @@ An alternative to using certutil would be to use the following PowerShell invoca
 ```
 
 ### Deploy policies
-If not using Intune, in order to deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
+If not using Intune or hybrid MDM management with SCCM, in order to deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
 
 To deploy base policy and supplemental policies:
 - Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.

From 7a272ab4a16dd8844ee60018a4537e0b40f5ef05 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 13 Nov 2019 14:52:18 -0800
Subject: [PATCH 003/247] Add OMA-URI info to WDAC policies through Intune

Previously, the "Deploy WDAC policies by using Microsoft Intune" document only discussed using an endpoint protection profile. It didn't mention the option to use custom OMA-URI.
---
 .../mdm/applicationcontrol-csp.md                 | 12 ++----------
 ...r-application-control-policies-using-intune.md | 15 ++++++++++++++-
 2 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index 365c106a92..9582765ad6 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -113,18 +113,10 @@ Scope is dynamic. Supported operation is Get.
 Value type is char.
 
 ## MDM Usage Guidance
-To use ApplicationControl CSP, you must:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
-- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-
-If you are using hybrid MDM management with System Center Configuration Manager (SCCM) or using Intune, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
-- In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row.
-- OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/Policy GUID/Policy
-- Data type: Base64
-- Certificate file: upload your binary format policy file.
+Refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) for more information.
 
 > ![Note]
-> Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps.
+> Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps if using Intune to leverage ApplicationControl CSP.
 
 ## Non-MDM Usage Guidance  
 If not using Intune or hybrid MDM management with SCCM, in order to use ApplicationControl CSP, you must:
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index 8a2a80de85..6a5d1faf03 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -27,8 +27,21 @@ ms.date: 05/17/2018
 -   Windows 10
 -   Windows Server 2016
 
-You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). You can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.   
+You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Beginning in 1903, you can configure a custom profile using Custom OMA-URI to leverage the new ApplicationControl CSP. This CSP has support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies. Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies.
+Alternately, you can instead choose to configure an Endpoint Protection profile to deploy built-in Intune-managed WDAC policies on pre-1903 systems. Using Endpoint Protection, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.
 
+## Custom OMA-URI profile
+To use ApplicationControl CSP through custom OMA-URI, you must:
+- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
+- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+
+If you are using hybrid MDM management with System Center Configuration Manager (SCCM) or using Intune, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
+- In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row.
+- OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/Policy GUID/Policy
+- Data type: Base64
+- Certificate file: upload your binary format policy file.
+
+## Endpoint Protection profile
 1. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
 
 3. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Endpoint protection** as the **Profile type**.  

From 9686b801df2c66ec2d30f8cc7eb11b09eb182ef3 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 13 Nov 2019 15:06:38 -0800
Subject: [PATCH 004/247] Deploy WDAC with Intune correct usage info

Add info to differentiate custom OMA-URI with AppLocker CSP vs ApplicationControl CSP
---
 ...-defender-application-control-policies-using-intune.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index 6a5d1faf03..7b97d2c9fb 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -31,11 +31,13 @@ You can use Microsoft Intune to configure Windows Defender Application Control (
 Alternately, you can instead choose to configure an Endpoint Protection profile to deploy built-in Intune-managed WDAC policies on pre-1903 systems. Using Endpoint Protection, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.
 
 ## Custom OMA-URI profile
-To use ApplicationControl CSP through custom OMA-URI, you must:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
+For information on using a custom OMA-URI profile on pre-1903 systems to leverage the AppLocker CSP and deploy custom WDAC policies, refer to [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
+
+For 1903+ systems, in order to use ApplicationControl CSP through custom OMA-URI, you must:
+- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>`
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 
-If you are using hybrid MDM management with System Center Configuration Manager (SCCM) or using Intune, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
+From there, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
 - In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row.
 - OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/Policy GUID/Policy
 - Data type: Base64

From 60ed4d684740c59d752721d10eba399b1180bfdf Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 13 Nov 2019 15:09:24 -0800
Subject: [PATCH 005/247] WDAC through Intune formatting changes

---
 ...ows-defender-application-control-policies-using-intune.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index 7b97d2c9fb..813faf52ec 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -28,16 +28,15 @@ ms.date: 05/17/2018
 -   Windows Server 2016
 
 You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Beginning in 1903, you can configure a custom profile using Custom OMA-URI to leverage the new ApplicationControl CSP. This CSP has support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies. Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies.
+
 Alternately, you can instead choose to configure an Endpoint Protection profile to deploy built-in Intune-managed WDAC policies on pre-1903 systems. Using Endpoint Protection, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.
 
 ## Custom OMA-URI profile
 For information on using a custom OMA-URI profile on pre-1903 systems to leverage the AppLocker CSP and deploy custom WDAC policies, refer to [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
 
-For 1903+ systems, in order to use ApplicationControl CSP through custom OMA-URI, you must:
+For 1903+ systems, the steps to use Custom OMA-URI functionality to leverage ApplicationControl CSP and apply the Code Integrity policy are:
 - Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>`
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-
-From there, the steps to use Custom OMA-URI functionality to apply the Code Integrity policy are:
 - In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row.
 - OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/Policy GUID/Policy
 - Data type: Base64

From d32a3671602fae3228d9d1e0c12fd622891b4d7b Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 13 Nov 2019 15:15:47 -0800
Subject: [PATCH 006/247] WDAC through Intune add rebootless info

---
 ...indows-defender-application-control-policies-using-intune.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index 813faf52ec..c0f47983e9 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -27,7 +27,7 @@ ms.date: 05/17/2018
 -   Windows 10
 -   Windows Server 2016
 
-You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Beginning in 1903, you can configure a custom profile using Custom OMA-URI to leverage the new ApplicationControl CSP. This CSP has support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies. Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies.
+You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Beginning in 1903, you can configure a custom profile using Custom OMA-URI to leverage the new ApplicationControl CSP. This CSP has support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies (policies that have the “Enabled:Update Policy No Reboot” option set don't require a reboot to take effect). Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies.
 
 Alternately, you can instead choose to configure an Endpoint Protection profile to deploy built-in Intune-managed WDAC policies on pre-1903 systems. Using Endpoint Protection, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.
 

From 5547d56729c2d66219ad2788d39cbd757bafb1ca Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Mon, 18 Nov 2019 16:06:56 -0800
Subject: [PATCH 007/247] ApplicationControl CSP to redirect Intune usage
 guidance

---
 .../mdm/applicationcontrol-csp.md             | 24 +++++++------------
 1 file changed, 9 insertions(+), 15 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index 9582765ad6..2f681f34f8 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -112,14 +112,11 @@ Scope is dynamic. Supported operation is Get.
 
 Value type is char.
 
-## MDM Usage Guidance
-Refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) for more information.
-
+## Usage Guidance  
 > ![Note]
-> Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps if using Intune to leverage ApplicationControl CSP.
+> If using Intune standalone or for hybrid management with Configuration Manager (SCCM) through Microsoft Endpoint Manager, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) for more information on deploying policies with ApplicationControl CSP. Microsoft Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps if using Intune to leverage ApplicationControl CSP.
 
-## Non-MDM Usage Guidance  
-If not using Intune or hybrid MDM management with SCCM, in order to use ApplicationControl CSP, you must:
+In order to use ApplicationControl CSP, you must:
 - Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 - Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
@@ -134,13 +131,11 @@ An alternative to using certutil would be to use the following PowerShell invoca
 ```
 
 ### Deploy policies
-If not using Intune or hybrid MDM management with SCCM, in order to deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
-
-To deploy base policy and supplemental policies:
-- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
+In order to deploy a new base policy or supplemental policy using the CSP:
+- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy. Refer to the the Format section in the Example 1 below.
 - Repeat for each base or supplemental policy (with its own GUID and data).
 
-The following example shows the deployment of two base policies and a supplemental policy (which already specifies the base policy it supplements and does not need that reflected in the ADD).
+The following example shows the deployment of two base policies and a supplemental policy. Because the supplemental policy already specifies the base policy it supplements, that does not need to be repeated in the ADD.
 
 **Example 1: Add first base policy**
 ```xml
@@ -216,10 +211,9 @@ The following is an example of Get command:
 ```
 
 ### Delete policies
-To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy**.
+To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy**.
 
-> [!Note]
->  Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
+Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy** is not sufficient to delete a signed policy.
     
 To delete a signed policy:
 1. Replace it with a signed update allowing unsigned policy.
@@ -236,4 +230,4 @@ The following is an example of Delete command:
             </Target>
         </Item>
    </Delete>
-```
\ No newline at end of file
+```

From 67e957858613ac49d7543a88681221a5fc697752 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Thu, 12 Dec 2019 14:27:34 -0800
Subject: [PATCH 008/247] Resolve applicationcontrol csp merge conflicts

---
 .../mdm/applicationcontrol-csp.md             | 50 ++++++++++++++-----
 1 file changed, 38 insertions(+), 12 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index dbbecb3b74..881b4476dc 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -80,6 +80,7 @@ This node specifies whether the policy is authorized to be loaded by the enforce
 Scope is dynamic. Supported operation is Get.
 
 Value type is bool. Supported values are as follows:  
+
 - True — Indicates that the policy is authorized to be loaded by the enforcement engine on the system.
 - False — Indicates that the policy is not authorized to be loaded by the enforcement engine on the system. This is the default.
 
@@ -114,22 +115,38 @@ Value type is char.
 
 ## Usage guidance  
 
-To use ApplicationControl CSP, you must:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
-- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+> ![Note]
+> If using Intune standalone or for hybrid management with Configuration Manager (SCCM) through Microsoft Endpoint Manager, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) for more information on deploying policies with ApplicationControl CSP. Microsoft Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps if using Intune to leverage ApplicationControl CSP.
 
-If you are using hybrid MDM management with System Center Configuration Manager or using Intune, ensure that you are using Base64 as the Data type when using Custom OMA-URI functionality to apply the Code Integrity policy via uploading the binary file.
+In order to use ApplicationControl CSP, you must:
+
+- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
+- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+- Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
+
+Here is a sample certutil invocation:
+
+```powershell
+certutil  -encode WinSiPolicy.p7b WinSiPolicy.cer
+```
+
+An alternative to using certutil would be to use the following PowerShell invocation:
+
+```powershell
+[Convert]::toBase64String($(Get-Content -Encoding Byte -ReadCount 0 -Path <bin file>))
+```
 
 ### Deploy policies
-To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
 
-To deploy base policy and supplemental policies:
-- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
+In order to deploy a new base policy or supplemental policy using the CSP:
+
+- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy. Refer to the the Format section in the Example 1 below.
 - Repeat for each base or supplemental policy (with its own GUID and data).
 
-The following example shows the deployment of two base policies and a supplemental policy (which already specifies the base policy it supplements and does not need that reflected in the ADD).
+The following example shows the deployment of two base policies and a supplemental policy. Because the supplemental policy already specifies the base policy it supplements, that does not need to be repeated in the ADD.
 
 **Example 1: Add first base policy**
+
 ```xml
 <Add>
     <CmdID>1</CmdID>
@@ -144,7 +161,9 @@ The following example shows the deployment of two base policies and a supplement
     </Item>
 </Add>
 ```
+
 **Example 2: Add second base policy**
+
 ```xml
 <Add>
     <CmdID>1</CmdID>
@@ -159,7 +178,9 @@ The following example shows the deployment of two base policies and a supplement
     </Item>
 </Add>
 ```
+
 **Example 3: Add supplemental policy**
+
 ```xml
 <Add>
     <CmdID>1</CmdID>
@@ -174,6 +195,7 @@ The following example shows the deployment of two base policies and a supplement
     </Item>
 </Add>
 ```
+
 ### Get policies
 
 Perform a GET using a deployed policy’s GUID to interrogate/inspect the policy itself or information about it.
@@ -191,6 +213,7 @@ The following table displays the result of Get operation on different nodes:
 |./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/PolicyInfo/FriendlyName|Friendly name per the policy|
 
 The following is an example of Get command:  
+
 ```xml
  <Get>
     <CmdID>1</CmdID>
@@ -203,17 +226,20 @@ The following is an example of Get command:
 ```
 
 ### Delete policies
-To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy**.
+
+To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy**.
 
 > [!Note]
->  Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
-    
+> Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy** is not sufficient to delete a signed policy.
+
 To delete a signed policy:
+
 1. Replace it with a signed update allowing unsigned policy.
 2. Deploy another update with unsigned policy.
 3. Perform delete.
-    
+
 The following is an example of Delete command:
+
 ```xml
    <Delete>
      <CmdID>1</CmdID>

From 2862f7232f533d506bb40c7ac41466ed8ddd5290 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Fri, 13 Dec 2019 15:26:35 -0800
Subject: [PATCH 009/247] Updates to using WDAC with Intune

Add pictures and further descriptions
---
 ...plication-control-policies-using-intune.md |  71 ++++++++++++++----
 .../images/policy-id.png                      | Bin 0 -> 20687 bytes
 .../images/wdac-intune-custom-assignments.png | Bin 0 -> 29021 bytes
 ...wdac-intune-custom-create-profile-name.png | Bin 0 -> 44316 bytes
 .../images/wdac-intune-custom-oma-uri.png     | Bin 0 -> 78906 bytes
 5 files changed, 56 insertions(+), 15 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/images/policy-id.png
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-assignments.png
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-create-profile-name.png
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index c0f47983e9..48b33cfc5d 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -27,31 +27,72 @@ ms.date: 05/17/2018
 -   Windows 10
 -   Windows Server 2016
 
-You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Beginning in 1903, you can configure a custom profile using Custom OMA-URI to leverage the new ApplicationControl CSP. This CSP has support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies (policies that have the “Enabled:Update Policy No Reboot” option set don't require a reboot to take effect). Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies.
+Microsoft Intune can be used to configure Windows Defender Application Control (WDAC) on Windows 10 client computers. Intune includes both basic native support for WDAC as well as the option to use Custom OMA-URI for customized policies.
 
-Alternately, you can instead choose to configure an Endpoint Protection profile to deploy built-in Intune-managed WDAC policies on pre-1903 systems. Using Endpoint Protection, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.
+Intune includes a limited number of default policies, which are available in both audit and enforce mode. You can use these default policies to only allow Windows components and Microsoft Store apps to run, or choose to also allow reputable apps defined by the [Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md). These policies are currently deployed using the [AppLocker CSP](windows\client-management\mdm\applocker-csp.md), which requires a reboot even for rebootless policies.
 
-## Custom OMA-URI profile
-For information on using a custom OMA-URI profile on pre-1903 systems to leverage the AppLocker CSP and deploy custom WDAC policies, refer to [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
+Intune also allows you the option of using Custom OMA-URI to deploy customized policies. Note that beginning in 1903, Custom OMA-URI deployment leverages the new [ApplicationControl CSP](windows\client-management\mdm\applicationcontrol-csp.md), which offers support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies (policies that have the “Enabled:Update Policy No Reboot” option set don't require a reboot to take effect).
 
-For 1903+ systems, the steps to use Custom OMA-URI functionality to leverage ApplicationControl CSP and apply the Code Integrity policy are:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>`
-- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-- In the Intune portal, navigate to Device configuration, then Profiles, then create a profile with Custom OMA-URI Settings and add a row.
-- OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/Policy GUID/Policy
-- Data type: Base64
-- Certificate file: upload your binary format policy file.
+## Using Default Intune WDAC Policies
 
-## Endpoint Protection profile
 1. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
 
-3. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Endpoint protection** as the **Profile type**.  
+2. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Endpoint protection** as the **Profile type**.  
 
    ![Configure profile](images/wdac-intune-create-profile-name.png)
 
-4. Click **Configure** > **Windows Defender Application Control**, choose from the following settings and then click **OK**:
+3. Click **Configure** > **Windows Defender Application Control**, choose from the following settings and then click **OK**:
 
-   - **Application control code intergity policies**: Select **Audit only** to log events but not block any apps from running or select **Enforce** to allow only Windows components and Store apps to run.  
+   - **Application control code integrity policies**: Select **Audit only** to log events but not block any apps from running or select **Enforce** to allow only Windows components and Store apps to run.  
    - **Trust apps with good reputation**: Select **Enable** to allow reputable apps as defined by the Intelligent Security Graph to run in addition to Windows components and Store apps.
 
    ![Configure WDAC](images/wdac-intune-wdac-settings.png)
+
+## Using Custom OMA-URI with ApplicationControl CSP
+
+For systems running Windows 10 version 1903 and above, the steps to use Custom OMA-URI functionality to leverage the [ApplicationControl CSP](windows\client-management\mdm\applicationcontrol-csp.md) and apply a Code Integrity policy are:
+
+<!--TODO: add screenshots-->
+1. Locate the policy’s GUID, which can be found in the policy xml as `<PolicyID>`
+
+       ![PolicyID](images/policy-id.png)
+
+2. Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet. The binary policy may be signed or unsigned.
+
+    ```powershell
+    ConvertFrom-CIPolicy -XmlFilePath ".\Policy.xml" - BinaryFilePath "Policy.bin"
+    ```
+
+3. In the Intune portal, navigate to Device configuration, then Profiles, then create a profile.
+
+    ![Create profile](images/wdac-intune-custom-create-profile-name.png)
+
+4. Name your policy, set Platform to Windows 10 and later, and change profile type to Custom (OMA-URI). Add a row and use the following:
+    - OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy
+    - Data type: Base64
+    - Certificate file: upload your binary format policy file
+
+    ![Create Custom OMA-URI](images/wdac-intune-custom-oma-uri.png)
+
+5. Set Scope and Applicability Rules, then save your policy.
+
+6. Finally, assign your policy to the appropriate groups.
+
+    ![Assign policy](wdac-intune-custom-assignment.png)
+
+## Using Custom OMA-URI with AppLocker CSP
+
+If you need to deploy your policies to clients running older versions of Windows 10, use Custom OMA-URI to leverage the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp):
+
+<!--TODO: confirm if these steps are correct-->
+1. Convert the policy to binary format using the ConvertFrom-CIPolicy cmdlet. The binary policy may be signed or unsigned.
+2. In the Intune portal, navigate to Device configuration, then Profiles, then create a profile.
+3. Name your policy, set Platform to Windows 10 and later, and change profile type to Custom (OMA-URI). Add a row and use the following:
+
+    - OMA-URI: ./Vendor/MSFT/AppLocker/EnterpriseDataProtection/_Grouping_/EXE/Policy
+    - Data type: Base64
+    - Certificate file: upload your binary format policy file
+
+4. Set Scope and Applicability Rules, then save your policy.
+5. Finally, assign your policy to the appropriate groups.
+
diff --git a/windows/security/threat-protection/windows-defender-application-control/images/policy-id.png b/windows/security/threat-protection/windows-defender-application-control/images/policy-id.png
new file mode 100644
index 0000000000000000000000000000000000000000..12ec2b924f6a78fd0a7774e86331562aa7f08f45
GIT binary patch
literal 20687
zcmaI7c|26{`!`IIEF~49P=xG-l6CAt$P(F0WX;Z4XOv{izAGmCPDCTij5YhduVWiK
zlVyxq%-o~zeZQXH^W4AZ_lI%L=bZU$=Q{7}eZ8-1B46lgT%lv9qoAO;qWMhKfP#X`
zf_yxC`4aiFW=-WA`5&d1frc_g<=~wy^2tSeB^@OSit0Fe!W(MxIj#FMQ!fgNtL^81
zlwEGcwiFaEY&BJtjQp(j7QkQbZ20q^7BQP9^O{aF_SHC`-mB_*g)S>bKDhRDO4$AD
zW^r*~&}HP$Kj8}$dAsWYS8*z14;3wy8TYS-SFc1U4(G{UPPekJXcawi)mV&(K03a<
zE(oKN6cN6hSnd1tVPUv!O|@oEl<L)z?o{D2RPZ9Eq7(`;@i9RYaG+1uiy9kB7Xx<o
zN--sv3aEBo>I5%&))W-o6P}Hhqu@4CKB~&8v^2E#zt+tu04Il93-zcD&iY>iMK{|8
z(SJuFAMY+*_;>W+^8elRY>0A-bOI*!8Ik^T)2?v_RV5gK6*$`mlYB~p&}GNdBUK~d
zBg9!Y0W-Y%_7HK1B2*GE65$$KL#bd@H&GHIK=VICEfgdpf%Tw?y-^5hL;H9Wa4L6p
zn54JaZe6m)YJ<ae!4t=5;DmJ0Jz}#bntktgi7J!;78{m85KIED{Od!O3lvW8l5wFD
zN+hx#lZbmmn+Zb*H8_De^7W31_%tr;G%Zwwh@raLq<~|#1YzWHG?3=dMKId`;<*J-
z$g2LF83%WkO*rAIDn5*zO;mwW6fnPswt!8<eH1a4xFSa6hI;cXT`(^c4I?3OG{?X7
zP&t?<m1BWYPc~;`cD(m+KC{=xe6n5Vzu%s68~*GEe!I%PV1-i^V?&KP>o~!DHQ_au
zxl@^lJTH?o@P_@*UuDM)u2!M~3+A21&u@@taU30*Snnvb@_J_te99>P<8T$@#|gf4
z*Nwa~cra<>ct#$QJGXzzu;7d5ICdmrV&}FdW%uL9vgcfj<X6tjT^mDPapRo07%`BN
z7~AT$w2YSzU=JSf?g#VHz^tq2eokOzcCKQ73f;%M<ngA1>+N<nQD;_nH)}#gvRNl^
z)WdPlDW@6%q<B|2_FY53nT+MawXwP@GqZIbG3LKrhwEZ)ds`9$&;Iz}@VBKle->0)
ziO){JVT!e+YaFwB-pf@qtkf=(zDG5rgm!OqzqIoFMe<1Tv4BnGAJn1oGD|B;;%o2)
zz0ENwLbS*n=}oi8L|XKmd%uF3>wrVYs`h47Ak8~JkF6JgaTa{DFB3h6st`IrQp1;^
zQR-_ZLnD}a^Q`RMRL*_w&0n}vGfzJ@`*(43DV3wYQIEF*Pol({)dx^BAL16*d8LAz
zddfCn8~GEamDWJ{=W+AFnO4ze)()H=INcHIfH+;a@FMi6{b**Yqv(~pb$@N&e)@^H
zYhmCdy4h>$_$ztp6y~99-uI?IDm~+HKU@1Vv{fk&9oB&3RDZcP_YHZxcNu>C$RnB+
z>iRxnYc}Re0BQTu0^vZ+arMuYX75jBU=cwQUb92~J~!9F6t$MC%k>W}eMMXQJPnY)
zN#R@D0?e=E>-EZ)b1Mnf4bM!}n(U!gJuDT0`-x!8FUz@w<G)j}!wW@2QOOat-?(KC
z>%u!5pD^`*yBCl==BrwcO}^~Ash?tefRq1ip}-lGJa%CA4AW997w{r~Ct?~AxcN6}
z<xGQX9K!s&waSh?a`35;<cV5&=$H5Mr^Q6MD%8gXk+H@F4K-Ml1q}s7$mPL-zE89i
zzpBP5r@+4tK3uMMEsRrZ@eu+*eeip=8^2^X4I6x-&40PFkQNDBbDM_HMXf*-{?0=1
zMpnR<d#O31YUef5b>&atnEj2mgtDp4(#vco9_20jpmfd|5@&N)i~#W9r;Z$CRpg*V
zV|P*rsuqo|wPa+fk7!vlO3JIy=oCu2{El;iayk@m>;Bfwq#33)b%8SRUTvKKUD4|P
z>)F-AZat7O)bHSlp5=GUH%4~+iZu;%w@1=5I^)ky!^T67(Ya>)vWBW4`T5<AYVgmH
zQv&t7etL&d4#~~GT2C~-XaNk`euqQyTk3DEvxso!xU0k&_^HGg`K?~EMEF4#5!2sg
zwIJQ8RSs#JyN>!F0B1Fo^-^1Q2brQ4&o7JHJgs<{wz)EKcD%!QxPws*d0XqiT)iL{
z*|P3DNIS{ZALjS>8ppmr#g#dbjLo<4mwjmvrU#xcx~mHbge32$B^wXOQ)^*a0>A4c
zJ!e&9GN7@z%>{a1U=XQropOqEA<^fk$gSwBTXU9c1A5GRtf<p_=e<ositFOf@XzpL
z#UT2rf@tsM?Dpe)(~-0k481Lej==|G=?%RM`8E{MOUj`4b&hqaX!twJ)*xv9;}rd}
z!O!@jk#Dqd)g1G3I{tb3zE<}cN|(1znR(AO;8cHK+@V&ob3GxBSUwjse4H)&{W47j
zYRkvs2IY=CCVuz30Ad4h(P}ENsK?d4F<}48S3dF*LUe9ER=o64^nqDv$j+HH=sA>-
ziQBANFv?|I1Vcav7}Que7ePMwexWt!FJ&;{2x5p~<+>Jp?A1_Rtpr>gk9oh`;C*mm
zVby!*r$>l)9R7}RG0m1f_Icv|1%3#?)BNMw-CN=?1LyTA6EO=PD-6u?He;qoR3)dv
z{a@I-95O*Ey3(QVToN0(3N_>ho_qKo-`$&YyPBD!AhhUiMwnN6xX(nHyf5<rGBCQc
zWc*l0N33rMrU8`wx-J^K{rj=i`r}zKA{BWlS$|3-RG*tOk&3GU(={_ntmoKUpx?I*
zgEf^~f5smKN^K&5AZ19y79X46f{~!UN$lw&ue5KDpU2Piu2Z%u=wfgj@fb*Q#^S=<
z&b$KFzml|wSLSG;n^`%5*#vg^-56cUbDL}>yWRq%Z)3i7n`o-w(xEy0SjrpKyydh^
z!jX!3mS$70xu4&7Oh?H&9Y9x4goLqf8f;V@m-&&_Aad%AF+@fjvkTYddh$&a0bwEZ
zF7nj>Tp7i+E99>j#2H*Zzd}JV^FMj=|HirhUrpVnCIp(6|4fI1;^sw4)_?sfD*ZQ2
z1{W>dMhOx_!xDdv_qdvLj!zgj=Z1p5p6a35@TewgD1cO$jeL{en)Itlb*=pgdOheF
z4)LwX{;3yz4_r96*D%vFbzS1$0HFyrVa{T~$gg6<^kT(Zah#2iO=8z(oYg7M3Ltu8
zf!Lvf+k22*i!`NV><RzSXAkBKIAv-G>TFDu8p_Ji;AF{=9ezuH-q#PW9PMRS9}-n9
zreB%~HnW)TWzTsp7W!|TyIjE+Egp%8)M#fepj{V>$2a<?2ch7<si348$5k*~#eP#f
zm}I`<wH(ZZ-<Yxf*_Wr)MIb<Z6gIt^w?J0trB&<+sGhBNfw+r#IqNkK!Gn{o?#Zic
z?7nRBj~$ddd|2YwHweITANzUE67XBtAb_K`Q1v(Jqd-|8)j6*W+2glsDG)ks7-hFk
zV@a8J%PLUuCA;DKPH4-X$51zua(`Jw5e@Oh`whm;^2@3O&Rp7r5RKi+kjP-Bq)*6D
zDGsrqBO!03toq-3slN|fxFY;-$fPsvI53@k=>Mv**$>RlK}C(1H3fVU1(RMjgSpW+
z0<xMI?agem{P%~>j=zSVjHW=1l(Y6fQ7(5SHQvvz&U?&MZaJgveWKxH=|<WV9-%rr
z(KueO%X~UrTOeYu4vK!Of*@6TxcuA2sEIKNi)u6hipUjuXNQ%wzc55+XYXoFBifYJ
zY@O5PW3~@27rc;=8@3iYZ=EN!cowIRW@56HZfr`sdRE956yZZ?eak)1#2N7FlHOnt
z7Du;r>siOmqkA9JLHncul{>s6b1QJDYR64>9yJcV{X{>cNcH_LbCb;%6PB!9=8M7m
zVNz8S9j%3_4d2+X98aJ8n^&jcCR?S(CgVVqCqhKK@ft7<e|0N}z!z*+1p?^JSHusF
z#w`*OPD%HoViS~Oi<)=m+(v&3+02BWqL~Bmd-*;{0cYve76TIPd4CTnurwAJ@CVNC
z64Ks0&s*kx6M_R?Vw?i;G!@EbAFgkm`DBM(|6m{#*UG;LQ%=Jud^dadG~%}~Vt@@O
zbRS0q!iIDVoXkN9U4|loCygQv+-b-ulg;@u?%YT-lWc>upMAO}8YywNZk_Wcic3Wy
zES2F7$_he9A`2Y4&x0AiF9m07TnW1SD-ZHv1q0I#pWlDS$vDy;w~55-YTT-Wn|RA)
zCk!#q3^}8hbGo*Kj)QS5RY#2`o0LUiLWr|v*Ra3=*BHu?E<<0<n;*V63&UZa>snVA
zXvdzJ51x!tnZU~8t^l0V+N;k2h~im^q?75wzo;Q3YfUE;T&TtvbOSDM9y5hLmT}T=
zJX6<%f3ht9ZvPL9$j$!+AzH7VT+?X^+5dFj)erwQ2@CBiSgG~Dut5>d2_^s!7+9Z)
zFPXX29slpB#H7wlsfGHwy1>5;_&YN_Jq$))B4gTLhW`P1aF^>R9erz63lh`$(vAbM
zrVx&oJE>#$k?=63A4d*1M&XhIN4lKsM{aS%QK+ON7uTbh!KgYmgZE&3JaPmcXHGm_
ze;u5vjy>IW^q%}mHInKu`l`~1op&fVa!c%la6aXS56DoVB3U<I;0jfVNhvM9g*4x~
zlWE4X!?NQxaV#6J>7OoqR%A2cZc6I0<pq9pXo3=uuge-nzhC9z5v4LJsxf_}JF9Ta
zA5OT!$gRV@nNfV>vCMYkgF<A<J$bRKG}<rC9;NO`Mr_~s^XvMU^)B`t9$vp7vjdCP
ztMJAF<~){(Voiw>6bQxQTi_8Zh|6jnO_^3i`bP4VsaEWZ>u?Oa+104>e`R^RUev)U
zUJV)Jc6T21Gk?Slg&Vp|tbR?qTJcMSolE<MZHAw8ZUWW5rwWaF#B7;Otbh)VXHe|$
zGv&vJ<lx{AI>3@d9e;t5o~vqt`Q?_VX^g7|{Koj!6XAmlGi|tww;FYC@PJue<+R0=
zQ$*cggpE}hp90TfS>5rWt&jh&aEnSlg9NLhH(|ngCn~PiKcQm$2x5<qJI<#etM;~B
zUv$sBWy+;Mt5>+a;H&sAnI_I#O=*VD7T0pf+atQVADuyS7NwvdaMUFl{%FU2J#6g*
z=`^#iiwhySb>wEPLlmF99f-&AuD&fCL+Lb1W5>F;P!;nf@2C4N!2@SDn+};peS!kC
zxhN<U6P>3j!*uoJ(a92F15o}xoVc|$<#n_AwWHe&&cihenM~>nBfoYPlvE6B=N;oG
z%C|Sf>(vSbwgWk!+KK5>67%=;AKd__I{GxITq)C`k3NGYUeVF%lU?B-m_umucgjA_
zoSaLuTq#C+`#Z&qm+Ydfct>AlvKcR|8$livQHM9a{cX8DE@?06)d7rL6E(3bjjNwS
zNg5Y#H@-!b4-UI)47g3qs;3E)jvnnx{^+tSf0L+Tp2~zj?UDZd%quAONMng5-ZM+x
z%nA1GoA|eH<T%$$`f<V5A$uCEK+_8^h?+-fRCi73HqP_+3Agv<KdH(t5sXBEl2jY|
zPEN+44|?9$svp<XNI$j%c07a~MH^>~Su%G%`I}CDu^2wW?dU};<JE0jcp<1^=E?4;
z#3RM#;`9l##i7XW&e@?Q8K#+83>j`00Tx@bsm_pcI*!%%x0$9!dkUx5^cT?Dz(|QF
zX3~5YI!-S5uQs#S?P}qMDcPA)hF<>EGg>+ls1O@fHZPxx7;gL6VWw>o64tB#)5bbS
zx+rlstN(kI1Ba<Pi-W~QW~{5!!a?L97v2xrHkOi1%C#6e{e_6$JU$>sVm0>Aj3d+a
zYVV8O-ya@S^l$BXm?$JL$~g3o`WR#bN`;(EnUbHBnO>S7UKte2WY|?5uN&>dk+Dqt
zVQ86pUJglln7W7iLZy$Hg~JX!DI!Y9<d3q`M-{^(&xc_FW9Gj(KIK$<)MWCbIsC1u
zLBTP`a=`u0`ycySIAtl>4O3nRO4aAuBP`SUx~?iLjhS9?jqa8F))3}EU+Z4CV`O=&
zD0V?G*ZiJm!pW(sSy3Ic#P<Wu6cUfE+{fgfbRGoc;<XnDDJZo){T+mAt7L<tdF~DL
zuiNgP6#O46e~l=AvpU9hR#^h>{bC@iOTx0#;-R7;PnjswI2rD44L$;LeEGf8tRQ=@
zQK!yHr}Q1|v%`my>Z_@))l2)ICZGC4&ZJQDb4hdD37^L*gk6$h{WTYbzs_ICrI9Yy
zxxMh*F5W1w_!fU7F>a{WEcN=v5Q(|B)=#Xyuav>q2%}7%mvimwKlFtonqP(KVfr+I
zY|}i;1aAL^Sl7uVvYhn8{4`YfBH2y|5*9UWW4Q?d(oNJFfE^}w`v`v|?y^Upv0bHF
zoo^Q3rCFp#%(t$J%k$0sH|})5F4sZd@Lyo$;^zD$QrD|L6I|hBJAWP6*x&4I2l*yy
z39|>P{(cd9eb!F-3fJOE?d6jk)M{SirdnMw8OHY&w&nC5^m$qh0G~taGb!yT6OzY1
z{^_coH3Hur@BSd~8y%B(G$aSo=C2PEe_Qru9;>#rv8&ZEw=zkqN=fm$D2lG~nzvHo
zX^6G~u*QG*<2dCFljOC#Y+c^e7V?G@EFa7p)bDbRD*|68GOOuJr!s>PaYcN~Q9eJl
zCJN!mF!R5=2+YXbvVe-vxAI-KzFtbnd2<5o)`lFjQt?<@PFfsC`hC5#4L3Vo=ynhC
znBv;+i2yu6;e#k78<})y-ETr)hLv-VvUmRiI*Nlc!fFqa&4qq+!~GvS#8|lbrxdnd
z!W8$Hw90++wk3en=z6U8jlbE`CqL~f_Ic-wKKF;WYOgcWlW>PMAX<vBRTh5f=?FIA
zzY_XRs>9t%PUpVj^^+%0j;)(ZjD^Ns;rgRuZ&<ZQ+Nddh)7`FBQNXO7Rlg?RMKMhz
zvv&rw??RCD;}%9gmUD9R+FmJ5`TQaU<fr}6HoRsI4hA&b{75D8pTL5Gn(UYVU4L=y
zKe8Fce`$(WxFEXPWsR0(Kb<hbOC+tGHLot!v<`KcLpXG*UB*wKFmJrcUE+aL^?R(!
z#5zLuqadrSJvi5etPL(9guP%iZ#L4i%IjC5TN^_h!65P*`*-`%(h9vt#x{@0wr}HL
zGMdKRSp+y^T%kF^z<QEXVpr!<R*0A}eG*LSZMWS5Fh_sx!|8>5xVDiIDWjja`i;Ne
z>k9+Bx_xKSU7>I1BIhN3pO!jF$9YRD>-?}^m(yeU&K!oX>4<o#ImRX`m`YDxOPlA*
z>PL&(<Mvc;S<=!O#l8-l-bcb!%HBu+>GIu)Q*t{w5DLIQ+F+g8u8T2$N1i5wz=cZQ
zOyQJbvY+?I?;oCn9!b(Z7bS{8@DA<|j?T##yhlt~_Q1?5Q_*61hxcBl@dY-&<6>KQ
zuP!<Sj`qLPaTu7SeFBR$Xy7#5K1$LS)Db*uwcA6_85WAlp1UMVKL73kIPX7q7c6de
z+m`c?<`{Iewr<&Q933`6h%o-raTfg)Ci?RW?;7N{OYiE2j`a_Qlb|327dYgw>Rl%X
z;N3cho+(DmAN$}0ma_9c*Eg$oP^PW-#h2+rrX*N$mvzvOjl<hu!uUxO0zx=ULmPs|
zYlwD6W?AAl13^q{aiLyS;a|FLl1)Wug-aoJ+|gSkw{l{0Q;H!V`;}T6{*t=WM2EeT
zC5m5W;j@~hSGBQDd6!d!^z#9!sX512_jZ_+r`#ek#Soan)`{&&!qMrGF3w;Wn>U#=
zxv`eF_ylf@?}QlQ?{x1BAMX(EmF-lH_5-r46SiJ%C3Fo+g>8ge|2@SXbuEf*$Y*f*
z1|*GDZF+y+)gTaQ$&POkCX0XvV`pDYO8`0#Rxtzb?PV2caiRca7vkn|BvzNbJr+{^
z1J~4;b$X`#%Bo1@sXvAXbeq-&1F*y;9>L=do$2L4GQsLN`7LcNxPbTB=VEL%Hmx0N
z=yhZQr=)nOXg~OE%fG>Q&upp&*1z#EWRpeIKdr{1D8abnr|Ds(t%*F<aCxunw?*0V
zp3Ik+{RhzRKB+~|Ts3`7%k`ZH_qxR;AM4cJX}lwv<q{R38vRA*mY{bsuy1BsW?)dV
zhn>rCOIu}asHqt3F0{03o04f`z8F+KQhPS*G+fPz+Z{LCw_K*<pRQ_FjLrdu3rQA1
zA`kSIu_Hnr40~?{&DG{=XA>myJC5hJYNwW2e}gr<Oqf!h+QWc&ZSNXK{r0C1YWm9T
z0}s05APJA4S$n7XBi2~WBtTQl@M_u#o~;h7*=Mru?e7wa>G0T`MoPdd-&f-yPNdN_
zFbXMk<tL%^xMG;S%8maU;4!w`v`9&4#Vnx|NPZ7mSZ*@8SB!B3@>4!n-tl=_U;J+8
zR~z%C##~fMvbV9?#9-C)_TTc)YIU83Z19hUzW31i9_7z+S$^;kd?j#2XTUIY+sG|I
z2oT!B%&f1M6EHKkpmE@<CSFvo<W)YapZBp`5aMsALLl;TAztk`=WfsXP7N6T<}~1Y
zd)jFJQjL1z8U(~5r;g?LnvA{SLof&eyv0=gMM*{X!9SgGDdH02z+&EtO)7&B&>oJq
zPJtYHzvts#8fDauW>=b(jaH#KEfEb4ue(N|XeLVV3wcCxu;+P{X-e22rdU}c*t@>;
z+RN<xyy1CY11qd7%3SJFZ%}k$HkN_Vs~h9>Ld2poY7xMDa>^%eZoJ!r`KEbae}<JZ
zQ@SDBh4v&;5B&EQGS~&z#|2-)NNk<@A<xcq2jMPw2now?PP`v4MZ2Pon*(j=MMBcX
z<V7ByGEq>tm>h(@>vjzlVJ}I$foka$<(qtp6#xDTS-eX$cr18VdtRifs}iWBBKgEs
zzfpndNb%QYnIh+LtEWo*s=@b;o;l{`zNn1526cJ4Zf4{><!Ce3(7}-KCERP>n{8$C
zjy1img13;G&5vyaT(V2*bGh)Z5>Rd&-H-6;xM_mG`l;%U1Xvsl2*#(4VaylTwo1&c
z+K3yz#H~8QJE(WA?%r%|!@VCj1|c8s809x`y9K!v-Buz)El5CJzz7&+&ZFM4gc9ZD
z8<KdH8?gK(o>wSyWkn2-=G!5#Sa{js_~)CMDM(W=tZ{d1v^@!K)4`nPo0Q4Zz@5Z`
zNMW9<`_|aNEHk-8rzLF%{Q)}CGcn#hyPnh!pLY_;6@NTr`T6)jpla0n8NF^o;)&SA
zK}?586NgiIJyLA$aR0!#kIbywzXCcrA>Vqz`S~dOQ6jGxB<fDj;4UtMh-ZS6qzlB<
zgNXTfVqo@%0u~>`4HOFiEbei&!qa4TyrP%96myeE4S}Fwe^dBHF_?-aug63ehcU%8
z_tU$AW825Z0I_8PEydj2%ujo?^~@du4k?|WtDAF6J~samUEr`h+kCk9nTp~^;1c;Z
zitl%q=-vP^J&m`SC|Y#GkN7EeZ_aB?>|A`U{D0hUOw5%t6Sv`lYc3AU|H-iZcWJo)
zN2zmBZs~*%803z`TR*Uba1<Cg8U)$A*yTFy2Y+?4K4$zlYq-sos#69(4g>|&71h2!
zIk`f3J0{NY;9uhJhYz`fmpOTlb5GiGt32y<qv_x0&gvgTa^z0tx<Yq!{jVknQ+=V$
z^+?E&UwW-^bxwF}GUw7niCo4#;pyEyyl|FF;>1(F-mAU;B6JrHD*F2RkME%}Mn*B|
zEb@<6u2%Ho{@yKXC&$kHDHFddOlW~-E^WdiwkgFEmW3r$xQgego3>-Qf0`_nSg{X9
zVl}-!E3<!AW&q*eVQF7M3fQV)2aoEWBv;+E>H9avnjHmY+V)Ck1>2D!ju?o1Fj1^S
z|1QRF>;B`;#&^L_EBi8b4LU`*YgURCR;%IzQ(2Q{LRR(?nT-!>8$-i_)d#*>7~l)n
z;|dv!FEZWzawz`p<1y$d{zXRKIlUN08#`1&w3_;Nm}HhD!z0cz9HYQwXw^q`++I6T
z>5Uu0tz4*c9$V{I$8P@&B7+}=qE*zDdfUz_Euom$sz$>fbF4sGiN-(=yI)$aX(f}-
zvU-X3Mwu@K2N=p+9kVX!2e*~Td4^5x)f5&==hetd)|D^1MSi;I9tM4mW&+}~{zMgj
z3lJI{*k-r_948o8h&<s+R48h5F$xJUbTG}Ix_&faK5x@uxgt~Ra*;Vjda-i4q6R7s
zp?6O2B~;0&+nHtUzi3bNy2LYZ!qXS$7^yox2TK)7uF?_v_tft)v$*%j5|A=6wGG)?
z**ZRWGv0~st(N`$`&JEoGmoH`%%%AR<3G6CJa(F4KFFbxTyeWc8>CQxRx@*m_PPCd
zGpEF{x{fbPQn0XYvSzH58`CvJ`Vs?G*FEBHa~SL&J$GL#Ki^>Q3+?9`HyOli8BFEH
z%Bj;!iVC9Njb7q)#cLwFT18BZL%-y5=LEe6Vb6^{r0s&JyrR;bnLTZjhi41TlT!|A
zMy}YwMlXz&5sb?Dm?5NPVSYYJ*5v+PBgPXe%v0}U96FaPer03+f~4eQF`DRNspb^a
z12V!h39jW^7HzjZ^*NOmHf1y!dV1yg?ulVCm!^+exlVX3h&-z6zfmblzK3WtvRn(?
zu<*e<MX^`I8`Es`Re(jF{FqoUyDqfyj(V#Q_gzy+R{TQm+D}P+W?#^WI`nw$$*Hpc
ztF_8*Pl*=^N)Z^gqPF|4039rox3<1tratUR#Xsu^$(y#XKQ&EsjaJ`A4zp0q=#)yU
zNC;VQJt+-Pc`NB!R|4X$!tbegzg8t>e0Jq1VQ1dt-A`p6^{KGW%{8x#>rM^twTO1w
zlhHZ7Krj73#YgSZB?0yaA9q`C5JI0stma;#u8r%F8PFXs*<;koP1P$y?C~c<3U2st
zOWzE7nq2kqKQGSx+jZspcWa%->r@8@%gDmcN@elYXgGn)*gB8C^f*NT(es}t3e4OE
zZo7#&%?$hW^=vn2){Yex#Utgvx=noCl1P)9YK1UY4G?|+Q00aoK4I%unaA{5>QjlR
zqHe^GrY{yC#W|^qeT-aOh?5I1U@kNNaKWO{x1y?tOq-^xC<HxP(Ep;CAM$^{vm+-Q
zQHo?=M?oR|AGxp4tm4K0(G{mf!zjWo-=^a{zy5lM9D~fo13MJY&q6B5>5=mT3Pq*A
z3{y{xaI0K9a5BrU!t=v($i)fMzsaKE8ufo0z?d&y*XiYA6dfr>g*#JHJfR{9Q$dmf
zi2B~-jycx%$SHVuOA=_ST9a~0W+1loZd+E3W&Hv@Xujse_ptKjrvmHec|UEg4rLeU
zBbuy23krG!A3L81Dz$Qt^AUA>Ie(-;p$*`}yN@q~V|1O)XotqeP>2!)Cfb~a9^xi{
z^1acOgoC?t`Skn$8OMp7vE`iL|1`PHYovl8)RSC?8QuYNfF3AUR@ccUTfddAUIO-O
z{?uOA24qDi4~%ty1t*QMmK1K({8)Wk32=njxOFw|OOB?*ou27I!1`O!R$v2M4N}h?
z^cov~Nalh9aEQkoSEgC&M*ca-_1qb()J|HFbA%Lm1d|uNhdgA3pBBM!r>jC-V8VeO
zs0N6dLeItOyk9P@YdFl^v#6J_INhZOK~w5VQ^W6Nn*ACRvDywPZj|F)pLQA_#ZT`2
za>%zTG+2-7k*TPNc&v7|IL^AC|0p2s-4H6LI=sJ^-6Z+s`dK4aALSD*a8O3-)%`0a
z!ycXQ#dJo(OS!LcJAv>tX~zu<XxWrH=weQdgr43{RFqH9GiSGwICneu{Ug+9@i%bf
zyDclT6BG6!>yygWp~akE*(t_VcnvsOZCiIin}eSb{QL%Y#LI%1Ba9NedG(QEKIv$g
zynWEUq8`B2`T<E|dN1Jg#gMjr&-BR}c4+t;;K2b0qy@LSendQre2^z3b$nYsLWJu8
z4@n0{ZfPgLHIY(JNGnrZ__G@}7_m-_#CvSX9cErnJCQ?t%H(JdpJ~in+w3j(e_N?|
z@f9WtoQ;HQtHSvT!6J)z4Z`e`A0f_;;zUs^<SP}U^-OQ^Dd*VW<*!E;-85CoUL4in
z0XEN?7B3B`)T9b9qIb}zG+JwUxI0VT?o_3eG!s{XGr{p%7A0+{x%w%z@8@qJ_%hF+
zC<6`nYKkO+PtXZ<Ed{{E;XY2B3v}EhG#aHbH^^>nwla1G?9mlJLs>^f?X?E-nB@da
z><}YEwt)&NJAfwJwR<L>2qs>mB}EMEws%`eNa-=-*~tdCnR4!N{n<^d3I43vh>02Z
zL(5Yv^X#HJWv)2MCs&i{@;JB<(Q8T|@*}N1afgG}aF-nnm{bFXHz9@y7_w*%SJ0Nw
zA;--GkyB9%F7oSJh8sopp?o7dQeFw9XhE)1PLgu1wWu!Fk4rq8NVzmX)6mg*0PO4b
zJ<yye=s?t|0I@InaB2GZ5wEE@vJ2ua1<*$aV0*v8oMpGIY$aw?R(S%8k0kW(1?=#c
z!BJP)hi;V@Yo(a?9BOBx;wihsYfs;)B6sOABh{hYG-~b-&L-_unOAwtd?w2-Fc2|{
zv6Lo5__TTe^cJx6vBD*9`YZO&z(aF-{cw3nf<F%&Ur41`t)NG*GgN7ajsus5c5&a|
z1=|pL3&c<abYDFP?B9bsI|Ku~7T{|~r2o)@<gLSy9db(9<=%oT20RHCEEolxZKc7E
zhmOlWQi=MvmX2!Wt?uYD)shMH`!c1jwF-4udTNP6Zlg^^$=ItNs5UJ^NqEY!WAm3y
zk%xm*rW3KTM4P`vU^Gp{K{Ca0damhyWl58@D%vx$EilR3q3%67=>V79GEPmJzi>F|
zV;0nfs2J`5HmOxc(Ip$cNlhugEs1sG7JR9BM7_b5P!bpk@{<<-v7B0;16(X%%d7jm
zh>b8lwZ_WzgnBQDiH($dxhcxlPx*sXb?*(8sBYVnY!&T{Uj-AlKR*bE<h<2oRo2fr
zE5iIqMTLNV4cQ#&8I`M12gUT;`{ZW7i8jVIH16JP*1kcUyn1x{NuDZ268=!&gzOok
zlf}VFy>7O|d~@(FMy#Dk4TrGx>iMUapIn&n_^45OM7o|;49#oQajsX`lp;%a+UHh-
zU?vf)w^IyoYe|5Kg)7nY^=p=j!L4*xPrgf*?JuansAj9hdUv90hbzf}cJt+Mt2JE9
z5Q94+;O&jibO(8~I`(f@E&#^vI|m7y7syciFSD9VFek9?FX#u_wk3JjHr@%?FfmRX
zL<|F$0r_Dmj4BNb;!F%dZ>y$xe$s!VyS5n)X7ykt1MMh5>O|shnuEt$YeYyy<G@}{
z0sL4V&i&<YD9I2wyiz`MHsZdBVR-)h??%cHQLRyTVg?uqn&Yg0EjD6(DDlt{-5AU(
zPJ;c=FhZORkE5>XY&P9KyEig!^s7}sZpi&?*UIe4$B!)%su;Vkkm%wNJ|vMp75>2S
zNUD(VXI-xs%^yq}-Lvk-NN8i(GINppO{aGuRr4YI16b?P4^edaP42-F4dnQ?#d!Q|
zEs11FDoNI|zWHI2)B$F>Ne<Filsz|ij&dA^IEDwEo=p`jakMP*GN|9{w!f6g|B_nS
zdZ{Q77T8l?r$u7Ru>|A@2{UJ|%55=>J$FdEK9S{~)p)~c4-%~EjS!K{wVrc=lkVy)
zVD1eJvRmeZcD$BFSbpVWDNiK0A+$!_<z4#)QE;E=NV@g;ZoFjgP*1n)QILt{pk^f3
zwv^zUjpwB+-FBqw4Kx9lIIrRFDxlt{Z1V&gw4JOTqAD2G93>#j%XGxXT$kX_u`*Ob
z9r<FaM}Vjh@tV2P%Zj9|r^I_mJ<UumJ~dqKg-l62LJzB*0yjN9<Uhixz`z0+v15FO
z9lnOy`J+Sj(CW$07h8iQg7j4*r?KS<>v{#h-&5q;r|Bq|AF?;D@qVe_r2`xo38ts3
zKW^{-y_lg5yK7fh!;(~)^N1aqDakWBICLxC?P5j$sjg_4+^zkshLu1+^THgRG9nX~
zEl~N<oZ}m&u_-Lu6}Pa6@Yw9t@D2Mttu%w%Oc12(wys^Oc?<ceC!gYPWAu66fNY!p
z?EhJN0UV+lB6e?NbyU*qm+purmi+a4qHbsY{KS#~!|3_4ec8!nyAR!}eOj|PmR5ge
zgyk2U{;;&E^7dxK<}tbrM-ahPxoaMU;&iP0i5mvQ#6zjCuZhP$KzMvw0Ert0G3ed%
z`ujE}2~(STNT{Mp`Ly^+V6W{TPDxu6w)Cv8DNWAdcrl}=H%U)Ss)yWr_W1(3&GAyt
zMvL#HEU5G&fC+F7<`MM$#(V6yp~aSv2>-jLM(l<EQ5!nYlCBpkRD)RSd)qmO0vl)!
zyDba0=^o20L{thb@7jxw#}DmG`dis9L~I*(v`&i0g>2CON}pry$rg>KQ=oabf&v7F
zZ_^%yqS-koL~LJBWB<ZtQuG6NIAmHK&p2fL3@vx(MHA1qz@*BtenvntWyMUXjl8e*
z5ABq@;Y+%Hiv!8Yu#P?cb%@zw){x^(r3G2km~tHDhdZ63PFS&djUx+>xNYtXNdS-*
zj{su(q`_3!B%d=F%6j%J8V6dh1JiDRL84_viq!usqD@N`Faq`ziy?WF5QG8q|5FTv
z5WQ+G_wKW70{|Yd>F*=6uiQ5DC^EVj#9OKE$^~i;l7Ddo?dXhz_-kcWSsi#?vO7}A
ze*ZA*5|M*hPnl=ZO>BsD*mL1VkUQqqkl^W{T}m-?;FP!=<mnHYlb_nH_r7AGp=<7w
zQk%stk7-vnJU@z1&j;^VnbFe@-XsO-f52Y?zD$-VSPJmZXf`6gc_zb)kf{$$XZleb
zGBVZHuJq2KCGGwWQGh7<_u<|NtoW`rk?mQa?+g@@4DL_*^W2|R4n{-=PKunyfeD0o
zwDuiubq*e}3@Hd$>Iq^M0}v&R7Kpi?kvWe5>D4hVbc<e;3knwA!n47_^Ws7W{x0vP
zfr|`>*(9Xw%Djw9`ycFd*p5mA*_v*?fBRO2H1XA`PI>R-b}sQsV~-w}-%|Ccj?`J7
z=m<ae5{?V*jXeb4dDT)UUqWA6zujqZ8hz91V9A(?B4i-(@zP;ZYyWnw*ozt0CwLqM
zg_=qWwZFhG?d2zFZc-^$3?m<yyd;Im^j{@*UCQ&W;g8M_TA4XZ(1ro{Ipq0%2od_U
zD~sZa@=G#07rl(_0v-xKq;R43oCYdrJZWzKS(K;#W}&h|*?f!KJ;fYV!%bI}O>)W9
z*Pbo%=a0}F?R#s~|A{R^7%zx+(>L7wj}Y_!s((_tz=?Y$e?L}9maK^XpxJwn!q>@0
zE-!!WJeMC54Yt;Lxw7CG&pJqiqOAU|rq)4|FtD)yPuRdKef)^@!yf8Pa3~qj?Rr3M
zg1Y47nfaynL%q+Bzt}|rrUGC~+Up^t%g?5N+ie=Vu)~ObF4MdRS({@-J*rI`Gqff0
zZTa92utk1j=`aS|iH`0f>c#ZIqbZ1_bu~2U44+XM)PVxy2--66VgX0ez<b+1$P%ID
z@E%gklVkt_to{N>)(H=3R+uG~%BKZWk+Rd1h8Fiq1yEjo-^i1fSI|WAqk`$R;pw~L
z@vCTBir0<P<1C^?pJ14S4C~;qmWIcLxgq!EYO&J=V;#7}GqTX*Qe@sVPN_d7q3RK1
z7Jz72V2K&;lQ-&}a(u5=F0hU9oMd(Uz&>7F=lEts&NHa>CE&7?8zlS}V`FjUknW2t
z;REaXVyrIl_72e3%^@l^%RgXSa?R{>-!_j0TXMThAC{w<)khG2)HP@lxc%nxrWHod
zn4-^z{Za3xoXGZJ57xXe>>xIqe-wT_8?G5J2g)R@hRi*G`>KUg?0~Q&tMCEcHIT-<
zOPhP30E1T}c|fEaM`DkH1rDW3$WGRpfO`uEEAJ8uPC<pUfE-VwHFCxjF?EF~|ESF4
zOTPq1rCu}p`1xkwZ@p^iWL>JK%V~0V&Fy^zTapq$Aa4B<lk>`^$1c5eh!v6?V1qKZ
zpHustX!=~`r|O0)({-#YF})G9ZWy4iU`O~Ap6w4HL~A@9Qpj``Ycd*Sp7B|&<3|mP
zB`mcgYPQbNz~>jQ%uH<unahVfL)AX}o&os1=|fUgeB93561xG7`dnCOB)y^twajxY
zx==cbsDxZ|?$7PoE9wR`+DVot&PN9gG3JVkp=gB1#wpK?2Ujov0aD^v8jy&yGl!G#
zX=ixk8E732uAYLRO*5IcIJlx0St|9^1lMsFDSo6d++A9cP1$zc2wLkjH2JHFTp(Pu
zzQ5o~)0$KTgu!K_+(7G%N%K*!g&_xPkW%e%xO13pp4lY)OK(?pqZI?kwG^j3-cs=*
zRHnL*k9N(u(8w-*H}=&(?&r_`+u%itAT$w~CW*L56`xL*RQ@7i&H(CdU}UKtkyKfH
z$giwywpR>196loQ?&;aT%pVVrqpW!Gyq|6O=!E?6a_l63{ykDborVLW%We7oe|h>2
zBjTxeX!G~Khv7R(j%Ah*3W{H;He_PnR!Ju2H)c7?OzZU4?Mjm{AG`U{Ng8{iG_9f>
za)`Z}T)rb$IqUw?HQx+Ja+Sv&Fa0FotBOk;Njpo?8PCQd8iR_e6W!8c<3-JVImrbg
zh67-!B%w##!6Qn}*L_%LjWSlxxJ%PQQz#2m%5u4pzDJKXjaf|j*~xi^zW*@x9`iQ|
zDdp^S{h{x)GR2-Uvn0fgr^l5)?4e8Xa(V3hYAxb!pF@Umk?i<iOqsK>4|d!zRaES3
z7s627PgkagEEeXH(A7~*o}$$Uq05YLGYZiI087{I@*j3pPdl@??vv?wFf?hMm9LXn
zBmhn@Sa&nP#`HtHcjC^7cGKs%2^DN);|vd!Blt|eJ_X9bKEI5sov6|yBc;Y0%Csi>
zLcMAI1!cM5@nF_Fu)FE3#lxZ;2^E43+R^&$sg~kF5TIBw&YudOTOLaLQ=B~@VT%eN
z(Gon@zTL=OS3_?#HuLI~V^Xf0zN)^oBBIG1rCZvVQZTA1)4PzV{G@cBj%xzA9PZ#U
zPq!uBUGMpVS=!$BgCXU|r;1F#gQRt#ASGjDk;*E){t(3`-Guj#wuuBg?+<@u7klGX
z?r;^=v>Kka(j}0Yx1puGs*Y+Jf;QK2-!s`5K4-#x<VG&(Q0+E`+{>KuFG~EnCmJ-0
zZIu=!FzCz95iC@xB?T~mYJ!^PSNJ1x#1A&81Z?5cTuI6>h-q(J5T{GF!^gM}vVZ}!
z#^{HS8}Gh+-WfA)R-mMC0Z>z0ls1~Oe4vkQlHIa$*Lu01xUzDiy5aH;_MKfX?DgD{
z-*r}Na8y5i>Bd!uS7{aTvhK~=`{F!DdHx13?;cZ6UU?PJ3XDNRnC9(6>a~-)lLj9S
zd|EU$?wS(MgnhpHC4#v;s=`l1C$(geB_%p`M9pbS)h{|s#1Ry7_9bFatR1)e+%HVa
z=wTWC>bS>+-ZjEOO{f9TbNlP>U2A2G;!q2f4Ocfpa6$u@|7oua3EAbeRcLSTL7QBD
zJIcykuDpF6nSvS*PX_Qhg3@npMbkNq?t%eGv6sYm%YBf3vhN`l%)^IK_NjY)I~^A_
z-mTo4-bk;V;$nXAY2nL3JG#f&>z|?MDN&|@Zb3I>4RdRFL=|&W_pRKO8x-n+j=_1a
zHCH|^jP%JQ1s|Z)Ch7cZ>XkT+q~s^wKfkIwV(<K^DM{$?{$GpOqMZoTZ>EKp5C6`G
zHMJa454*l$N-B5v6H=`)zk=x5^E<L!lqWOllNw%E$}#3^`j0Yn(z!C6eWm!q8v;4&
zj|3sW>&#ItmOcw=;>;Y$>`9i0{Xmj!T5G*%rjqAZ-DsX2`QXSoy%g}9p`BOim~k?Z
zw#jmic$BzKgZ>IjKN~6_@FLxwv=X-7oSk6A&_uN$Ktb}{#!@>wKgv-AiPoT@+d7&j
zn?P#)xe4&+rScA<)tr1f3yQUk^X5iS5%e#hZ}g#)qhiz^&Eg7qsns3KnzZKOX%>s7
zIc9MDtXO@pShM^p)#5Q5xt6ZjEP|I?wI3xZd;pv9@qNS~<~-5x*yBsC!p4GI#n`6V
z`V*wH1c3Rsiwk?(k!GR%eX;)9{8<3a25{b<Op5odjTR+P2MnpK86Z+DMi@^lAsnp-
z7mY+Lrqzq5Kfs?DA|d+fO%T27!occ2jbt~Cc|tzQ?Nk0?LM=%XyAdG^?kEQc1ascQ
zCheV4!@(sdVtgn=H|uPkywOgh**1mt9R@K8P2><9J~H>C2bsnE=Z>4e|6W8j_J#>;
zwbx`<T07n!o-xHAvSRtaWnbamM<FkQS_=O5jLGM0(_gig-0cAx81n}O!k%tDX<{|@
z5r0zH(#dCgd(b{n)Zw}H_=Ucjc(VKqdwPGsqzV6^utnjbSh-dQZV!p3?*GR6N^Lak
z72Oa&s#@~t&M`9UQP_qwSYf|y8^SeDS_*i{-X>(!550<@yU_KysO3OY=pP?W$FB&G
zmNPPyPWJebTu1qj3>U+a-4M7l1emnGx)EM(t?SX%t-Y?J4C_LHEr<o$*7G>BTwy@0
z-bB-kv05m&l3tBsBm_v3rdx68_DeqgP-aXPLl4***NhdK4Bbh(XLELP_?zrhqF7l}
z?J};pf2io7oZ9K@!|}R^5bi|cD3?JE=4e;T*w1w`&8BlS6cMeKgYP~sQ1TkA><=O*
zwiu|E6^GwhlY4+xSLcwnb?VG=eDN`fAlk-h3i5B=0(imv0yY;bT5oZ4(zkQO(2<4l
z_#vLyJKZ;3JicFhd{ZtTik;#oOS)8)Q!KV5Sd9IHB^`qdXMG(;aLgNj%GW~i?XV+h
z@ntBkt%Op4Sa9rXg?BJnFc&3f9nS^z78*;sdt(1{`mvHDE`0wbqx9QhdWvbfT_rKC
z0!@$4WS%@d^F&~21pzcr3X$~}Yucxlekx|N^Hb6(|LsF1&1qt^qqlMY^30;-!MJn7
z+Hi9ni%+AaS+;mrk|)(8X`KMC>93@Knz5ppyqDDLVfl#c-GPouI07lZ+r(M0Yw93&
z+n5;CHJk>nOyAouI8mO2loC3)z%2ejH?W85y6T*TPhkcw#QXu$(?y^3ouR6r&H=r~
z^2`fe5Bb1tqg=vN9&<x}pzc@1@WNE2bjeF+gSw)(8}0BeWbz|7SPAV^TK&<^>rrZQ
z&i1_%y-CGH3ajNtoAbH$El#opSFNc%{+0Vc^!W{+T=g!^aH$6Zz2qXIIs88{e22{j
zsxFdM=n7TiL3=W$^!k{YGda@{78$JLCm4-qcQ$emRIHY=mM6CPaYCz}uU<=6saz>F
zoY6%L-xT@UcQEc4&r7^5S{C<Ae+LEhCu91jXKZ2_3FR$1*J8p`0E2LGkuP&d^<9$I
zGa_xm+y**rN75#UX5I0TSEpD2X{A^1@E}eeCO{2CoB$sU9K;Mjj<H-ZRCHb(_Yh}y
z$gd}XoW#2(J@=1%Lry*&7YG1g$22Emp7<VQyENeTQG1kz0nsQn3N_W6DaabUgjlU%
z@9LHtTgDk2qsdiZqwHkL%UoYir;og4QlBX~jhNmWcACpQs8+JLh}X}Nu8e<TKi}Aq
zE!$vPLSKWIm1JHC&<lL?$ga~qQum37Q~w;Rdo|3l`hrBTf;Rv5c%_bE6*^`yb%X0E
zGdc_F$UcI~=MikIf&G4NNONq?S6TeaS#s~b`X0Cu)CQEx{Us)7BVnPm>j$EDaB%81
zeDgfjmqbAFZ=Ko$V4Aj_GM_Q0d~15!gt&K5!ifo`ZZGK+OXl9(-?{Px5~PSIt03H=
z0AOTJPml{_$Iiku(VGc&twO-RPw#Z$ga;xH*@2v0XkOjLDRPSG?`_4Ff`-Ds3x`;k
zpp;U!sNSE>)_qZfN~oGhj;`H?guW%P?XTtHU$n&UD=?l1V$ZiFbi+arH;#6Xbwp=&
zdTW9qIaIl$HuI5{{acN{g3EuJX!EO0*nPVCG~Dndh1$C@CynOSdqS!=M@Lf);`++8
zoW+zlNe{OzypeT31y9C{<b(yig={CKd7xrcpNT>?87D*5pcPwrSfqEzT|rEaCYlS8
zPteRDjpUkvero<(Zf*T=A=99(ZeZYtd6lGim_@JN{E0-=Gd&anV0efQrRoB?uB*19
z?UE|R$iISpQB9e)D`Zu`yl=oX%F%Tn<!*jOCbi~j2W$R02WDCn)%FD@=(clT-!WRq
z^)oYOwcFt46TG;>Z75bopB6Z>O8<&ntmm5cP4{i*7_XX>afzfv`6R;e+64c6bkcbh
zb%LXVabK;>LeA%unzq|o3u;eZu0OT3`N@5@+^jUtVXP<B^kP2uUQMs{z4fy()<Efu
z+tr`dqAvP>**i<}x?mgjpuHL$ZJ{6<TyxzzFLmZ(d|I!5X=I|r>Kzw-D?U~1L{)zM
zUSCKngF`^PKj|Z~i`kPPaR>2WpfuQpTzGw5uz&qPrxzlL<<bU=bqA&LzU>qjAl=v~
zGnQd9yb?1~zcC*l535CX5kRMnuufNm7=f^K@xI;67vvSc(bS>(*LtbV`8zbw+`1c~
z_7>KO$DYBI6d|>AWIdWg=Io1-5tIX}TnJ&+yxjXdXhfn4scD%iC+LM!p1RH~70u3p
z|5#%F*xRn7T$q7eKdzMx)s8y-lJzb)eE2=(!v;Atlgs@CR<OrQ3nu?9-{1PcFztdQ
z@A1lusw>d|6NY|KvrG~ji#4)@C+^@vOf(_7(qxNn#JjsXhCcnyqdtv7y_YRLnCBWG
zBi1|mH%1&GcQe;TwSVP8Ase{7IB>)2?SUhP0dh4$&QN2=9mF$DEaWwr5Z80dsYq6h
z6&bS{EMF0UkXwU-jLQ1;<-rku{)j;PtY(ip-Lv%*lb#NFXn#o{RnK7}M7b>Pne3p3
zPd}pAT5FMp3PVzQlCA!``_`E|;T;v#OdBQ^);Lzs`TmsC(bXFPQ|`YD6E2|^R$M&u
z7Ar0g1p4=CzDg_j!E&Lft*!pHnH%$%_bK^T+!7!04AENJP>JUfw7~r|zCI&2uY$XU
z^p>~uKa`1nG3=t<Y#W0r$lfr$r$x8<YWGk-Rk!0;@dMu%+qxP1D*=~4*ZdXL%T!AD
z_<g|9n%1Rgd>9v`dlljr^b-jQ`plQl%Y!?I2MeP1qphSAlOwjrR+i7gq)LPMkl>XA
z{SA#ihX78QhunujFV|{<61amM8}-CJ6qZJA?4tSKBjWc7uK}w-gDh}OvYtODE9H^g
zMs;(H_Y@=X4)A3R-K0lw4|m@=P}T@OSTbO=WChwkH!8H1VgVi(fz-ch@nb(4J-}M%
zbbH;N5AI~E=r<7<wG7M6Zd`8ce#v<!Cuy8+od=S}gr@wN%Y*9O5!Jdn5x|7q)y*YC
zBvW70knt_cz;BHNnFo&xL4p#VUmHFq*9Xt=ik9H@ym6y@5WQ#ENI7CjtQ#km)g#Cd
z8JCtp(lWrc!B`y|5PTaXm(ha+kvjyY#xULIHOg+6j2><6+yhTya~_(P?sX-{J!rV?
zRCw6a8va;!am=iDCwxXk+@v1%bmbf=;?2(0;l|;B?wR7K*P<QN;%is)8=U9b+m~=`
zOh=eEYg9|rz6%kZK=V$bDQx5Zn#9csW__`4s~Kc(a;c#$!>{zGl}^Jl`1DdyRaaJC
z9jgwN2EoFK)k9Yk{y_1D6WivotP5P>r3Xz~hbKbb<!^fEs%8Xh6=a39JZt*#tOg*P
zIPmQ1*AD@o|Cm(A%E4w1yC9^Vaoob$s?T4{ob>@?S~AIy_DB=(b6o+S$5%NfW!I6E
z4EuuAxI?17>f*x+z-Rp4+&khn9c0`lIMWRN4klf%<gzG?+WF<&hUUc&kPBV^-l`M!
z&=JnAPX~&4tQ*T%>RWG4n&Iq1GQ|=%zLr-uN9nd7!Vtwioy;o2Tb*-P%&i=K)YMuq
z*)bbzeYi;xC|4boNCHb~<m1hu9=i#J61j+JK;Uh1vBcp3y-V-3dTnvg$==sTGZ6H8
zRkob}(p>oK3&<z)Z}*wMf(@dOd++BAyAMoOV!hJW4mSi$s`0IDP!uA(I9O-h9BhNt
z_jev-1c`2){-N!Gw;UdHrFA0pei0ZqOf^zbKt%)W;UFfP{t67`ZGn5WO<+p;E!1=F
z@>*AKLtZ|@w$FVbEH->}jP3JEfo)3ig5k~nLW^B!>enXcMXuIKcEK6&w-iPzAv<WK
z-Pv_t7SK|b#*a1*EsE)n^?mGd9ccwf?RXLQvay^YGJjmN`>)zBFZm1AHjOvi_-=FW
zqiujU$OKbs?Z}FUMx5GwzEdyOC4<y%PG*~7iY;~R=k<wW?dES^S(DjheOT0x=1g|;
zPiA==a^hGKcFldyZ{Oj4HQb(x;(zsV=J8N{eH<U#qo1v8iHHa#GgS6{$x_LLB+MXE
zsfnL`$u3c{Z>eU65kiEqR3l?ara@!P5Js|-VT@%E&mH}K&+~h|o?g%W>%Pu*&pG$p
zbHA_e_wzo=Qj664*Cw<9OOx>%3iUThd-iCY!Y8Ye=YZ{5{|u!|%zP^M2OAm)(lUc&
z*kUm3N`Ags$=oGCgNm|{RMX6d)!g2cU}gi3W_K5sfu8HbR0Ccnds1DMRh(IR=|cJ~
z&As}O4S;9N0rScFVaZ9}r^(wAFJ-l?ywX+m<cyRG--(Ba)oXx=<R2+9^=}{vD26Ky
z@%pqG)7e^J)lB7JHnHHzq^%}}SM?&x$dPvd4h<l|zLm$c+h{%UshM||Sa?aAV6@bW
zTi6yC;1mOjRjrGv`2Cj8xQMd{&_hvEq4-AooO$b_qYdWn&dN+U4}?q7e*+x4;2{L)
zybQrae=!e#8MYIvJa%znS>ZD3dvf6KPYxT}CaDr`D|KN89VR0r0MbwnQ=WMnmTk^#
zgUq`i#ocu9h3%!r8m71IXJFdVr%%ftl5d`}32Xv1xYb5?2TxD>i3&BLbENrR064#<
zzDZzfz)yD6EYo97juqpz^6u+!X%Cf@vH*Mn`!HF!S;q$oZ4<|1<$V%wDBkuPUW~r&
zAcw8&6rEM}%s3k!U{TlSkMo_F_upffargfk#}>~3U?2xNsx*^sx7JD(TX8)*GfGl{
z&Vl059Hnag6b~NY|J`30GPln&p6~IDKCjQE#JNX2!`mdLJQ>uu=*DTkuU4uI@bncM
z`NCCiwVt)OFwjNTu)n)?##lv_B2{YNKf+??F|=~e@#B8^c7w-ef)fL4@zKN0U-CXa
zavDWF&L!y^<%t`#JTA$SD;|1f)jpu`Yqk$Zg9(`bu#(Kl1CjUG#eayI5TL)MNI1d&
zJy+##L8mdE<i+x2B3Cq_EGv8v$1MVx0Ypsz!9vDI;CHw|RgJl#F2>w{E1!O|+^soa
zt05yfd!48~+;{UD_SnB*H}ViFVw=G3&6N7IylRu4i8cfziw6*Ub7L8m%dKX7y)o8h
z519@SV}~o>N@Wq@l3`X@P`PzE(lFtNb$srxY%X@k3Q+;hPJ^yJB;>0^G?=W&439x-
zf$fnBfxXFP9u5<Ublu(g2|Sd5`LCo)u`+hA5dd6|iTrh!EA@+H2Z6ZKzMlETo8*p(
zLMlE*&TB{POmE6EdjX=)J8vgMBt>!`tKP%oK@&V+m`e*#p<)vL*2e_k6%j=lA{kpq
z-Zl}Jb%X!ItNaFGVJ20yJjZOp&1PB?Hr*v54MF!8wP?}>j{PPf%LKUJ06gS;4b0DB
zvi67nh^+{^&$1u6o;*>Rj?3w|Ame3!dB?Qg>qybNN{o#^bzYjij^7%kF|wVPpwyF!
zY7k+Bp?lJT=LRcZQV$k&202?Sx?0WhL0a0<SA6Ef(9LU2VadIS#W<Y4(t|~}7doF$
zR8F3pySl-Vd~r<s`io3?uaH$*RIJb{{9-y^<o3}qR?t5GM@|~y4!cN$D{6e*L)d|t
zAywT@{`X?xBhbm_A&-zb_j_TyTGA9@;YachowBI!EjW{*7+RMgJj(f4$a#GJ*-0<@
zmQp>99obLqUC}ylVDejVNRHTCuJ9CrY(wwCSP>urGdjpZJ12kc*4EF#TA?ob-3>*v
zeKj_8x}L6EsX(y$r{LQ+oyG&_m30HJ;CHJC$?{<=e#hNJPay?zd|r5Gp@M*Jpp#S<
z!h-BG+yc>-y6}U(F<Xa{+Sh`A4(feAfuglWL0?BDrY>Sh-N7qCJ{6O|c=c|?g&GcA
z(+b^Tq};u!fo2n8!o>#h2}*iU`mpaf4SDwRsC;s-A-{OA0vW?f^K%wnZ27QyJ=rFK
z-ecpYwV`E1(lJ93RbSL3qx57I5Q(RLIwTM&7L3o6*Ah`+ts&Q~{qaP1v%0l-Fn*Iu
zLdZSq3xrHf2}(c(g_fGxLq<7MUA*s4lp-i)GH%jK8c-yvK>%Z+b1x+c-_-_B`w<^Q
zZ-J&LNSobSDDL%K9z<*r{kk+!7)7030o~QA;9di9tftjyGJfojs{KcJ7~w?fl1;;5
zMNkZL@dx}7Hn7?%G;(tTvNeS53xeU3e3xxQCh0aR2kr1#fwLo?%KW-cJR-%uJ1P?T
z6Bmnm9rAvhlzh?aSQt?K(`3@iuOVS<{-NDWicUFHKzB>!;l8LZs2ay(+_hBikZ7l)
zwsn`A`lH%RWLFDJ;4JSA?iB5}*6f-~S%NDQ=Tk+rH!p%QiuZ8pn+_U5qM9~!ikn&f
z4Au`S6tJLO334otvjG%fx0I1*Q@vrWjPI3j+zQ)SKNs?l&S=*mh;;a5N@u&L&|h&?
zV2G?myA|pLy`>JUUzgy0?}`8v>fXn|7!H?6V2^5qNGq`1aVya#wnMu;C`hYVY6;#5
zs*|2a4BY@R4(G!#tUl%=1%bFvhlH~(z2h(qcxE`zRED7R7SX-OuN>-cRld+YOVU%2
ztadzh_D|W8&&ky9SGeFTtJNJ0lQ5C`Nq@`BADz>v*qN$@+0o;*_jW425~Uo=G+cC7
zStay0s#2YOYMXct)R3tMeZ4G(YmTo?_w~N>S4^sWEV|*HK%7-geT0;9m1KL9X?`C@
z!w!3?1!1N7EB(du9t^g2YZ9b&NrIgm#AoPK&m3_X)l~N;ib5MDDw{BSx4r4<w&%<M
z=oxc`E=XepTm~M<ypx27dZ#%ByF$KVA>NrP3|OM~%>YU-9Z~41UGfa-C!$7Hu<S<{
zvH1=Yh4oTQ`JWS&Iqf*xPm{?J2Db4(!M;xX6pq2x1x@)|!|Qacr~0cmRfuXnq=OC=
zs<Xu|Z&a`5P_}VKNjIn5za{GsX!g<jeLH;G;CtsDPv6&xqJ(RW-2o3a7_D{pY89gs
z$JgcjrH&O=wx*nZHbs^bnB}MNGCq;Z(WdW6M{=h-zf=>d4lIO+P2^0^)Q1<+`ncO>
z$FLr(%R5NzKub$dICGm8pKF@yZQEab{!`v}zfHQgmXP{*?gHT3xCkaR(Haaynm4#q
zuM215i)rx7Ftq&Qj?k$TQ!79BjSTZ%8!dsM^*1jMyne4mp00ad?oo7Wd0UXa!5<D*
zAl#Ub7QY(h*eTb`k#FDN=sMy{LW&HIKt1ECEAA@rfmYFKqV%;VrpR4|eKuhG(VJ6`
zL8BQ{<b#GsA|$%ZGC2nOm5=E!sGtQX?JJAC?2(<(z&F;|G;(c$>*14)a>lpm83aOI
zHk^zyGh4BhGU3=Z2?tAVtKsV6xeN%t0;v<zs}it5BNs~R^w^(~!gC{13K4=UNL(J@
zty~^``$`>4=pz-)Q&QP)vy*z4ouWAh%N8{T-OQH8PFZF*ldI~JH9p^Srv+;%om|@9
z)B!hCOci&XS$q(@_O``Ouj|7%uWRQwJQ;u9fjN(Oxz9UUi+nV+hMOis-x+GxeR-a=
zAomnmpCjd1nqiZm6g&LkTm-^bHs%Cwl?dUUI-XIIa8h^O!aRIwdVi1ij;m0PDLPIv
z{OYe4<HAYP!>1H;+Xx*=(<mvJH#gQNjeD+?pTo4dgALfdr|OMgcM0B1|Cj9;C+P=i
z<;<Co>yQTHpQpRieU9jlRq#Gwj9Ox7>PIQI>X&gnBI4%xWaAH+l$NuoCh0eaOE!v%
z9=$#O+9$~0au=?0qFFQWdfi5qqT?4!T+?y9-fmB@x`t}F@od*}jP#vt&HR&VH`WKq
z)GV}^VGr-6(<n~Jt8R}Guy5(uw>h*RON|0FuseMk?HkuYiXl+2mchdFMcKx2DNvo-
zBPEBcJGMH)ZYR3QwP!EGzgLZg?hhWPx^|?jo1yZi`SgXYKhxX;WX@(A#aoL3l6Ke9
z0^nE)gsxpVERXX@kO6*3T*rD~{3<zSr=lMbOG}GGR!Qc-`ba_rV%ySCooLMPQlqEq
z0`WVJZII<)9U><J`%AGR%U}&qW!e|VxFjK>AfJyUSMP)iQ(37y&r2jR-#J$gOn^k6
zjO^>gvsf@c2Z3cQoNe>2Y$V*0uSS2Ya6%^W4jV-d;e2DD>E&N#n8phib1edwRKZKn
z`%@H<9MjyG{MO_{aQ%nPl9Dep2atx$a`Npz)J#tdug330AZGKq!(d!M1QrB3XJUD_
I+{h*R-=suB*8l(j

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-assignments.png b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-assignments.png
new file mode 100644
index 0000000000000000000000000000000000000000..c37d55910d2fd0e3ed0e695bcc7def75d90475c5
GIT binary patch
literal 29021
zcmaI72UJsA6fKG(A}XNLu2d^rKtPcqH8w0D9i$gUIwADXgIEw1P!W(4dJjbiBtQre
zQBWX+9v~z^ks2UCNJ2~U<9+Y_KgN6Gzl@P_a`xHTXV<mno@?%83$wd|M<tK)@bC!U
zzjxb;hlf{_hvz`Yk;B}S>O)E-?&UzJ)!mysbpz5%+?zw*H%xEv@HC_y+keEzy%z|&
z=Mc)nBh>Zxd!PqY`GkijX!HK<8#a-yt3&~J(K!}p!@NfG-$M5c6PxQILVSmALX=dF
z*pD9iQ*FCl#rF)zQj}c>t)^@>PMo6p@jV|uI(Ag{-K)YQO%I)Jo|t>^$Ksud#+gFr
zHqJsebP`Hjk<Se{)%b_yCkLL7^2*nV5Sh<in9yKF+Fs|@hiAE|4+pATVWebiG^bBX
zN16q>9pEO9K02haadPx;4#k87dBa4>|9++v{%z=W<MWk&Grb!=;`cYXRHHoXZ@Sf&
zX(?QA)+uJ^fE6~@GaJ4?+1a%`SpMSW)>^T(q_kVQ&_}7!=@Cpe%0`FTj_7l#b_$dX
ze_Gy*G}+78OJ~wc(<$J_&2Hp~i}$DRbizli5{<lyw6V}lAu(OTn5l!#X-7uN41be5
z!*9-J{)rRPVx!j0`lS$seb+=I5SA;<!;_#})OZ8i#sn|FxTvhT`8r>>B5K5fG@8Y(
zl_RgKK!-}-r`zFyZnmYh*fyBAPSJgX)%fvyfB~IJ7lv<K&f%#9c`;8Y<&cKfr~7;N
zFBdl4aGoKBhNq+MM>V!-X&p!j|8O`WB^dO#1FXdNy=%Lj<9z=uY|zakO#h5|w4@hk
z_L~88Eb(?zK3eA4Je+D-U8^UxIQnwUPkQdKCgOXUQdOW{%?F~@ourYEbMujbZTtSc
z6Tn^~y%47v*eD>n9Ib3hdy;d)eEf%y7l$rKVP9kZ?cb`d2tD}Y=I)6v^Uq`oTKom3
znl05p0fit2wT?Ow7JLl4EIwArTi|bABJY>+z#=qOw<d}rlnZWYxPyp*OPgx8qiq@k
z-E1s8Pz5f9U$(_h3hyFdb~CPoQ>Pw$59~|B>wb_>5=MT!O%?e^EHy{QVd2ilg*_pA
zQU~LcD-yo)3(;QddSyX+#SedPWQAe5AlC^jQrhvU_v&ubwp<X45;Dz@b7Xu(dnc2#
zj?Wpjt8uGcSz|qnSyr`8i{lqE#^zR+q3T}Nj*?b|yiiF|wc5wD<7E3aik%|zUBr$z
z1+c%GmN|0daxs<!==3%Er`b#`4cuf=+qe(wsr!4k9TiPhuC3x&IPBrnmy6Z8w&PX3
zhy%FZTY-0CT~GW9ryKA6)WU}LB}y*U3GI!JC>~2C3ap(caw<`{5;<6D94zRvdr#AG
zQ0WH<@c5XHp1swt4)X!~+I)_B=c|+Y6{c;EH~r@7kUA0j?|v#*lqpWo`(5`Il-`De
zj*`K+pXETMAa!91+wPfM|F`cbwWMbYK2|u$eK673otHZ$j_aLFkO7FifnF|bl++G5
zvpVf6U-<dy55Sn#MDz%zHYZ?u?U15YP*jwih|3&eB^KT~if~w;495uC^hdM}W;TZ&
zEK{dXoaz1CX*0r0pl3QUu=D)%&bpwPKUD=Deu%X}DwY@0t)0_a%cr1RZ+_mFwf36-
zNAApQ4}$LrON)Gc-zue#Np_}v;k;FQ6~t8B!H);A)^sXar#tz##g_&?WqyFV8k9v3
zKYaJ2<GycoG9ts9X^3s2gNU#w#4*Q3((T?}ovuR=%Z2pMkxWlJpW&CEZisQmQtA6)
z&GY<EbVT^JClk8OL@$?`+i5G@z)meyM-2BOV?BI@0!FHNRl>$ztjR5bGyJSe4*NaX
zBsaQ@u`4np_4o=XBfO-Re^3GW*9pzGG4&?dwcg$$aU-xE{Q^c<CIF9cL6nu3b&P3k
z2Tc4pY<Fd}>x$+L^SUVzn{clS$oUt!XZw_J;i0Pb_P-E9m*X5{Mor}NAvEoM$_I0+
zJ@NUnb?XYg3lnku+AV<hap}LBEV6g;tKrX5aL-%@+hb<E6W?W<@oY8RxpOEu`E{I|
zddHCJG^;=RsUWv`KPS-Mn5&iv^ge}o-}%Iw3M_X0u~9T@(yY3s8>pw_;mc^3Iv&7S
zohlh->1{RQ(E--HE}p!n38!YM)#cB2!!Qz~hq7?K;%r`owfQ$j{tUu}5Z!6^Iin(Z
zHC4PU9x-a~dg4*>7k4I%l_TSK^P0GE22G^C&pt@{E#!fzY3tJ0nVBmP_mh$ZBCj)R
z(=))edUJ40bD89G)W!>IuZ%=_ZapUw=8L=~{QGBI&EE9acW4g^Jnk5x>$A4I4-EKc
zXa<zMA!rVkyL1B9wSoAdRdufq1ohdl)3oNw6+)B2M52e?@8kPSkernlVf$*)SRc2G
z%W~X%ikbkouIlB94)Ikx>j~+I2t3iKzs;<?wil)|a#;9%=SLa2*%YVX#Mj0vPEnmd
zPX_dv1m(TS($a+&R<Wu&I`?a#RO<a2f&*`ilk&ri7y+(1Zds}EcD*iQkO6n8@68Gf
zbQ6>9r-lo_Z@iN6_UP$;-j|pcE3&l$S2nY2dM5vmuFixQ7V$f>ukJ^*adSWAq!_wZ
zFr+`!tL$0MEL1!G{OsGAGds_pch5G_noBioU2CZ5jpqzs8ChNtgZvAy7xn$CA&mDs
zJQo^4(ykKC$7WMdiX-%Xkug3jCBiGQlAPsxLvd`Sa>Ibsl6&+;H+8!X+v02Um|V+U
zy$P441|P(22v&r5%MD(DS#~|!t-ya@X>N9${0t0wYXXnh^`aScsB3Tgj$66RMVL5U
zbeX8TQF&3mO|0jnB~BhLtIu3TF>VL?Kg;_>94-CpXTP`@u1#hmxLywal+T-V)XZSo
z47}t)KaLghs`xjsY~`<`>$;QNfY?|Lu{*BkpS`MX%lPNf1|xXFH$7=@{-m%BpmI7+
zP*0^%`@B=+L0+cgN-;1cIp=_i{lX(6$LId!xP-_LQNo7Gyne`-((j40MWI_VJ^$|D
zwXl>yrQi9s^Bv!G?YQmR4O~lEXfbJ++)(FbS9oM}_m#Fqi~Z;4tE!6&%MD?8B91%3
zcuN1TE<ZukVzYtOEBNiE1-I9DN)r<4dq)C(yBmA|{jXw5=Kmco{BLN&B!<Ic^1ck%
z+|H_94F6j~rSh=h_6)B=Wkd0QaHO!#gwW{uMx^uGF`pwre{+m_`pU&`7bQFO9@aQ?
z^>2#RjVT0>khl0E;XjO`WK3xAxO>~;*7d(NJd;tnI@R3w?aCpI|MFT-tr1ZI{{y|$
zG^GL9*F=Aw_^%u8X)64~02rH?gu2dNbjt5t%CK`CdMPONIMWuiYXfF`q1T+HU@QNW
zHOnm@4>j}FZ*a<eoKfLZjb>^L+3=J1>=l30EbIn!jMiL=71s<9eYy0BwaQhP;uyLh
zdFny^^1xM9yhm<vR+>?DN@%iS_vtp;*doyCV%hFa`n^)!_lz|nMFaN{Z!Cfds1GdI
zZkQqun<2GA;nEwMX|+kR(f90J!ZXy>)u;1rPxw#PRj3A34gacWjj|jMupNO&kAs#c
z=!a#7OVU8YyCj({3k8(xP>e?((|7Rs_-<ydh!Zg~Ej`+t*j$*tytrpaECvYo7!$Ym
z4;evZKd>%+1gH74+hChl8`c@+ZOFJHabk3S?s;HjQ$eGbu-&g>C$V0aNL0>%OzCh^
zDIqsrVcEMfH{QDCUWd}n02X-&?uD_(*lH~f#XIco90l8IFFJ%KY{qlG)q#q1Dq_Y+
zI{chQC+Axq^dy|-F=-prM-I*4lsQEX+CX+JWlyNEMx_1WKM>g4tc9{gb%?Ra)v8lF
zJ?g}$1!xWc(m~7Wx1Zava&+VkC%9AtR#R=`?IF7hmf`-E%sTB)La<0X-f$oB0oWq?
z{uUZ`j2f&?T>^ntOVJ|4E$HFhomonF&(s7#4p6nS@XNleZA<SfC+gp2aAG`rKM?r3
z!R2w)evI=7-X)_TS-GymQrQdh8#Qkl?TLu{rkdI!Tt5(FOw`Q-WnwXc<y%Ojm}YQ&
zE_=uUfb*-?a}@+pOHCoeXjtHA3T%GK7SfUKIwoTZ*VrQ%{fd6ATX~^P2=dygz(Apu
zIgW9DrnnTE+@5BH$%v1q6`a~%85`Ej%<7E;rQvP(*YuKazlJIubyPB*SJ0am28Xe~
zPEx|BZfhH?LEI-Q8bq`yL(Ql$yo#K^+$DVcKT{+JVIaglEhh=*o;|7NRd^CW4Cgk4
z%};hU@unqg!XazQ)(GDvA#BHtO*m=Jr9Q@>gSP1wLoQ3|B1Ga>P;wj8^!pt#AyeOk
zn+NU0V*oLEGQ0j$Cs`|3(gC3`oqSMS#3ZHRr+&DRtI1XjoKSZcFA_&&)34E=r$z;k
zMqc573!zQaDQh|&vP+Fxp*1pfw+-6}lg#g}3q#B^<1rwbG8o-J`IibmMU5xyza}9U
zXIB{+cR>`lG~IHr;mLx@-q`r+kT_d&HtyCP^40L!I-CZkouaPD*qL1I!yta(Ty+Xw
zgv67SjWgKUEt`JCmd9wVmz!FCaZ{RY<uo@<a8VZ0B9t@bg8%d6ljlN%>ZbQ%@7-o<
zs}vm{BS%Nu&4d5!Pa31V^15B%#!SOD#dh@lV?C}VwwM?v6A&`IZRa$S!cgua+^*QB
z@8GIdc2uNea?JFwrg2>hKD3_Qy5JSxIQpVIIBuk5Sudi<>7kY_-T5)d+b{;n>2DW?
zYm)Uk?r#j}g^(+0sZ;g!I@+i}H}s~6cxp;@{bp4=bG(YIM;+;Y3BX*TDeH3X#?7rE
zj$vbFGqa*N#eK0o$3gxh@&;3Qy;RP2@Nz>z(n#HqTk}l-C2$jsyVLG}@%_DKXyP$;
zW_Ir(-2sN!ACPm~eKIMo{2_bypv+}oGq{z@mh<*gU93LOe%O*gPGDdCRpCsIeSNoo
z?lr<;d>5xsEp{!A)#N~NpPaC!Pp=R=Ag@GB7;^hrZt*(5AnU8mVH(1^WEWPl>;@q0
zQ&PsBM8#6hG4s?G(l$OmKb|yA=mukv%@%jEfhE)tLn0$hM59MVZ=DhvZrks%&GfJC
zi6=UeP5ldFdU6`22#W=5x_@q4_+9zEtUv1^TQMG_H{vRf$3<8Uui6!^EC=_cj>Rkk
z>=eQSi>Yh6g;_-AHByvI_^&FZskjSG<gd*IReLW?^O%?4GdtArQuV2u0OgG}@aV$X
z?mclA>XwMmC;l+b-ak>~-yJ;z-n*Y=9b!T%>;6uth`3+0>VWF$@C<Og7}<jpvX8sD
zU%<R=Jr^&pKH7j%OK`Ym2dn!zBy+0+W_wZUS(KDXQ}v!^@6RKFv-(zh@pjjis?Y8Q
z4uwWXm1H3;)c^_#CwhOh-icoGBzqGN-zSgZsOx+hV&$95Z}b&7o85PJ7YVSnv0h&O
zurH-LP)PNgz+;B*Ts`YH>O+Z1)}blBL|}8LKgmaU{0eEucGbDqI?SPXK?V)nXFXhA
zkQvUSTyms#WXY@K?b(HEQyW<NF;N*Na~LEtPR}%Snr0X@bA?HhQp4<1^79#a0vGo2
zj->@`RnrmRjx>!Ow}%+SK_(l!{q({2)*~$ms_m=iSWUD%_sL%Wt!dM==XGc2uc)sL
z0)+dAz+*1VI*pw)7f(bA#Pq_cs?2nnaLs+!m&p7`-QoiMHZwtm?U4x9MH_b28pOa9
z!!Zl>Y>BdSjmf-IORC^20uFc0N#vJXMxa6I?%DA8+u!9TR}IHZU~!&U^AYecgW_3H
z6H*mU8Q<NWP4me7Zf2^{;g%EM_=megfB9XGq6Wo{%3w>7bgQlAf*NHs&kqRp3Nj_U
zpnY$~Jb5MS!RvU?W9Y4OimnDdn+7Us8KJI>{aZ|YAl@FcNI}=TzGjl_=A&ovmK!my
z8O+)MG-B+r%{Q&Ni{vZNu*S8Pab*6tC>z$U;aF`4*%Voq+-&+JB)-lmuR3oK7rqsK
zF(f{@^tItJTb9GIif<5k^^Y{@S~T+7wVz)Sv)IL|GU^{A;_oiW$zN8Fl5%Ayy>1IT
zLgrsMJK}ct?Y^KIMQ%4$;CX+@om7Y2Bv;Z*h8V>K9_~Z9Z52hI`~!&aiF&%mN#5E!
z4Sr6p@5#qkV%kMxG5wkm5ahM66kqaA>JwS^YJ?QtgnUJKwMds$WxR0e{7$cy{=O8e
z4CUl)v;efeiO(%kuGhc^&7B~3NZIVK{mc4#=wlJ<mhaO*;Dm)BF^rP97@}<($)Z+I
zU|b)?x6`ySNo(6L?ie}yGlN>ust~AWZ~yML@-xqq1l2(k$VP^d+pX4~b?6(o>_X1H
z3s$w|78WAC>v#3V<Y^_)@$2b<nCtwIS@U_hZ4Hq#JBX#hbJ3U*r3m)9z$`RS*%8@y
zcgsWMHuSNqg<1Az2Y^ucp7A9a{YVR(0W)tvXF;02Jf=La^<FV{zn?vS07O@ap3tG1
zXCSu^nJ#;CPD#b3vga24(@5O~cBDAJ>K;gF`FJay4e{S6TnL4fq+{CK<CLqB>U3!o
zvnikhtk$PjUoJVkli=D!?aX224DDzz)k25xVpO#GR&*b%q?#IK<k_%n8s-LZxD0e|
z{E0TpMfl(O8g5J9Ely{(3UC6W+e2%BE9_s)(!Sq^qaOtv^L*J`OhH7A1#?!pmcf3d
zfced84kF)AMLxwVVGmuFGM`w~Ul(fa{o^e(+Uz@j15^^Fh8Oc4J+YVNi$d#wY5z(@
zxwY@BF26hNO!j&9+@HUVscy|%Z+i902ZH0f$<6>@P!baKy=r>*+<;=VPORB4Aof`$
z(DJCu>>c!enyO?-g--oxHNQ@QV_U!9F0#H>`7NA+1~|NrpPmzihV&{fZ_cVl|0085
z0%GQ%;AxL<Q@C=N#*@+G=$0>+KpF?`XPpgp6s;Scou_#KZfO|=0{E{WlsUUV8O*3I
zvyF|Dg-`Fl9srP<AC_MlNBoL`^eVb+%@*HYPF8&b=C1jre@bU=h6SYuHF9A8x?N%a
zt_%xbXP;UoBZ|W{2jk>l={}LQNL-2~o<^2kP>*BpEcD`V_(|`AS`#(2#=O=Q>&0zT
zdKcTbEoQ?NXuqEv^~vCT?8>XqEw!E<e;6d!!j+HtQ<{St&@3ox^43~D3nDzBg2Fbl
z?t*fC9JZocJ-I7euwo`Ay1H(2vsXurzz6J>r0Gn=-7ZlJkgV%*15GnKPT{4HsTWAJ
zkiN%bQr@k_jbl#XzjCabb;F?EzF|>>yB}?7-fhLA8~J%6?BmxwJLW80HHn-Mz_DO1
zX1Hg|&i-*(m>K<$uU>R<QuP)w=3SAHOQt{ZrCmQS+eZ-Hi$upY(K3lmzlz-ayL~`p
zJB^*SImdYB3%|j_r|GI;;|dh93jJHq=ub&2cIPOs3Y4mG7dSdbmwL8M+TwyD9B;S#
zPrJ)LSZ#GHD=NV<>P0EU!RFf)7X~isRwb=D#obF1n%r8b#JNT-0JD^X(ef^uVNG7`
z+po1m^<k>F>XoeXBaLTvv2pwGP*XJ};5{`1QQd-TJ7OJfbJMuneZ~0mYiLu>IJ996
zxD_4dF#R7I$TqtS$W66>k$izBhXU*Dm}-{xJz_0Rx|q>ARB|~h5vJ5r@sY<tPD5=@
zSprJ!jknX8!f|_yRVc=}drIC_og)A>zk|7|5j_^+^7&s=CS4HFzl#)5yIVj#i`B+l
zFF^{IzouGWgVv;~2>I92-lgxeQq1N7W=B<eCbb(cMVjGS@W@|ua}9$v1e@-`$)9Ta
zMNhG$`tmJ!CKe3A42M!+Bbue5*U0+{1L0BBIL|s{qHgteevg`ROrROMXtNjHW0sE%
z&QfM&S9asVjDGGbtg+_-mY!qboIVnD;wOjZ8gD%B{nc<9sV&UJ?JuA9mQK!sjJ+Gm
zVZ+>(pt3Tzh)?@D&u&uYS#j%DF6-x)I^^1f`)F>1Te3`F?5{3eX=DE|x3s0`M;%0k
zTVVF^sKGTCK+rgMyl)sRx-qR@a1q~6Ol-!>x2|<^#BKL&)^4Y}shq)ut@ug*ST0J8
zA=(Kp70U^--?tr4rp>s`g(jQLW!Q$1*m11BwRi}3cd)v97+XM%2M^ia(%6McZ1s4z
z`Md&LuMMbP-(@M@l8L#5pJMj*sZsZd6rl_~r`@$|2od8v6g@fnJRO2s4CjP|y$08E
z{jio*_L_Hw>AV8!>;4LbYq7D0mK6o{WB26+*^9?((E}1EZjV`#q8Z`dzFQ~)G&*nV
z-gakkdsE1q@q*lLAhGTHB{empd~<77C4{$%cDfB_v;sVbW9qYhou|fXFY(b5PN7XB
z37cypu5o0Pmo@IHM1F<Bbkb5U(JhAUyF1k7Meu$Mc;N7BZc!bi)0UqeZinf1?C?ns
z71A!%Ox=dX?niTho1d)wYAdQ|rK!AOoXyyO#cbNA`BfJ|h5e)8))_LrZ#wEG{tmfz
zyo@a;TZw~Smjl(hwhWTntXi4ZYD2HG&Z@+wz9(d{r0?Y44Z&Ph%Izfp9y){*Ioky<
zwgJ?+vM2HK0ll)ij(u4sc)`t-<{z@vL!A%YEIjJF^iM?S-dBK%K7i)8n)#=-m!YOH
zVK~U6w&>fd9&)>fUGTR?+=ApTzzYW7H$w*Xo^{dl!fxdp_S|C%l;2*4x2tnP7$SGK
ztg_^)(qrCsQulB87yJ;)Aoy!+IB&OI)vHR{ajSTM)K|I~sybBF-uQZefT@S*>?Jqv
zcIiDM#!UU(C#{ok0fMXQ#6vT;&c}mnwQOTqG<qB}Z*`-fHLx~6h%^$pGY93|kAAdh
zG7rAH;-BKmRI_W!XFab1M{i$Ka5*J(hD9){^QPQ|SggZ2tj)TN+vmojb)&a@_Cdr$
z7MRuPDo)hmyS1HFowi==!FO%0Y*KP`{Gz47dt<=hMJ5HJTQ_EKw_t{OBBA9sVw9(n
zDzwb@HXIMp8~A}e@b2q_pdehjwy%#d>w4BAn*ynv(-xfLW)3Nf+xRZgG|CgyzRw(!
z+)hP34%abpbH;yjIq<I9wPQzFa{EapyJZc~rrd?CDM?&duCv$1j!0M^@#Xobw%VtL
zx$r+CLyb4#1%E?C*Okuw&rs3u!I!Axf4LXMr2okdsQ|G#n%tLhKldEM0Dozkcf*VE
zf7zQeW&b1gbkFw?H@?Q@b|i27rDqd9-uaJj`ad2!HuGy55xAg^_RxR3=A6s!x7^*0
zM7q+y>>nydF6+Nje7S_qNQzq9X~)_<)y61^rH-+{hsLjhNigb&(frh~Y8&q3c=-f#
z{Y#sXW7Ap!>LDhW8@sq}S~XtSefTmmJHhLPKmbE#_oj+eh5ypL`Bv_Cs!o*_I?{u8
zp_8>mkZ9F;l;qlODY)_s<OpCzy~$mg-1Mf0_8z8y%Djj%_fqc(j+WA2EOS_U8X(&$
zAwK5YrNOV9k)^fxXV9a4!S2v`BKVoAFY%iJMnltQ*inMP$q={w46Cr}fz4_e?g}#F
z3rY&mb6yW6Xs3^iubQOfWXBk|!cBT(?kac2W*!b-sb|Zmjj$-hcHQc3fVN`T-xe%a
zAqwZS!AQLW54!P^%W7RHpU%qs9D`yMJb)J9pF%80Y{>?_pgFcReeQQ#vD*hXNWI#3
z0*M+KeCa^-|B;M?k5yEq&-ztf#TnQw=q?@iW%{W^{|*#fp0-*@$*!%vQt(XJmu+p{
z8*@8$>8H1t%&jOPQG;sbsff`+6sH_%IIRqg$kZ9g)(xg6Iih`1k0M*8GL<)G$Kqi0
z>5tmeb1KmRUXwFT+>J{)e40tG5dmm2b<N3Z`+`KKndTv_l!1qP@ZpU3hnZ8_p|s^v
z$L;CTespDg8Fk-O<gi<@7xH<|odZ1AHDTPgPTCU27E49ww7!AR#DCIU;=?QyyrZTz
zYX|&+K2r)#ajRc@cXsW*iA?#aV6{)1=2llleadC#FlVH<#-)zsB`hTNsSQnbUcz5C
zoosi=g*Ms7Fyf2B1wU=~wr=ePO(8XdHuVPLPZ}5C-SRbCy_r^OPLmY#rLvUH;v+CB
z-ZP6-&L>w!smZ$^9X=8-GYub;_ReC+O&5Ppud|_v5P^N^iyKy*n~=rijQQrQR&kou
zE^?viv*ho$>bm<j^(|D&xB->&LTW$*xBX&w&H$Gry9ulDMaUAOE%=d!<twjvT2rf1
zaHiGMZzMkh*>ZGP7HRnIRy!|GVYiKmh4tpf0U#NCkLU!IJUJK{@HrH?kU0g}u7tbP
zUPHlDgNr{@j(<|&49C(wPj5B$g}rx33HUi#oB^6TQdza@GJWxrn0d6d%Qm#iadWHL
z%U?u~wJd8OM;CS8?S(6S#=X|ww}iBJ=J!kG&_lLH9#^s1Zwe|01HkiwIG>$%xhjYh
z+28@F))26Z?jVp{)b2j+F%j%rV4F(yQ^o+1#(<WoOCQ-TIJMd(oLQ(K8v<TF2oLkw
zz%-xx6g91vZ>Y_~Qy5>J$z6OZo%s4|^>bCtg?A)ioD))k(!;+wFXhZlvP2idX}j1*
z9Es!6`zks~Y#1K+X!klDiRBgWG2AyJKBnkwwY%E?!62;WaM2`bRsiwx;$s*6#lsbI
z3n_{?qlhHJW=(!1X(h|hM%dumg#JT2+r%E&N2pRx{2S2QG#Qhy<iMy1Xgff+zJq$s
zTl&tQi8ACCJamOo(Z^kiI948TFXQwN(Nz^})UbeWn5mi5ob&8$&FIal9Z#pOYJ#2F
zN1CrHu_VsyWdr=)2&naTZSJ8S-!e^~;_<BMVsB;XEp~BW*cu_l>*vDYLzSpeKtwMI
z@4uC$(ie`~>7+}!y=@zwV=l&`R<&hq=`W=+wx^}-E4+J{cI8yVC#lh@qqeJG+PpP8
zAmuq4pYiTJ&piD`LtTAWVuF1rr-<64go^i5^n$_{93{QUXG|T`Vh6a1KDW_U>Tup0
zZ3#Egi2r2<R_+7mK{@K-NbB<`QYG{yiK#|Q)&ebj6<8*#wm_cAJG6O5+#g+7erN2J
zX2*HJWF>FJD?}J}hPJK;68`w;Ykr%Q4|5TlHs>1g7C!+$$qN2w*<u7hxT}XE``Y$(
zcLm`}74)v~M}w(MK9JHit(|w7s*&H@8MYAxeZ;~Z{0Cb1DV5LlcE>HK&&}bvZEljz
zj>t~!(_g!@qxUb;q8WnfxYzRCk{1@zW|RvC0ht6rXCu(H8<}<glq-K&%H%GoQwVD{
z(u9LSV6-!6RmTN=XSyc0zQbaQl_`s1oNJcD{D?ZyUI<R5osb^--5lGIADrKB+}t$S
zr!w~8U`&}y_?-5N?1qfvww-|&6SFHh_bFyrV?k1c^l9IlV^ywM(<U>8aFCmLQ4_fA
z?gq}`9~m$R8<_?9;+D`Fzvpws+6B`nQ*WmHV{f0yO}Ir}WXH>dO#&e!PN=eD^;%5&
zyz;1}+)}!EjL#r_VKQZFW#tFYTCI+`u8JM{j&oT=XU+2a^#!jIw*KNdmt5pM!a(cS
zJh%>3c>rHGCN;M|3fhMsb_uK96bFvz*iHDiIoRc4OkmpG9H={W6-!hbA*y{`bblt>
zwmbiRxt)1KP=?Vn6LX?Vf%C(b=`UVA`R;vNTj(vB?M0P2LCGROR`M2U2y|Fzbhf~?
z2DaC1+r^u^^_7@Ki2)O<U7wXN{rKL=5?*zw>%qjO$R3Z26kdYvbrcPd2Sy;0TSF-f
z-K6j<nCX>0gUbHkUO)kSl(52Cm0c5NL}l?)37?OJ`57@qczA5g3Uj8nr+dF#gs{P9
zAS_jFh5q@;MouoO7h83)Kws>#aMuA^m~`Z_NbZKCdw?~Z6mIn;|7WK};E_)g7YD;u
z{1KNw`&rq+YY)cBalSZ!YjQ*vmq&wd&G2a}PaV^q2;plpJL*P$c{f@o%A2!gs;zJ$
zl2+lZ7qwveZ&>K@P$4aI?QbxHD*|%3^#SeJAGS~Ly8vDB31ESOe#zx&DX4E<%-zd4
z-IfrmGs?t3g7W&0!?`rCnF?<Lz2g8Cp~JkwYX1_Yg`v(qbw|Wdak(d6>F4_J^BxQI
zUCtwqb!ua`FRYJ_G5%S4S_E&`hpj{<k<^$5seLGF(JF&KLd@XwKha+6*W%=m63qMV
z<AY(|sH<4)QS!@YPczaR6PXqG^9L5RzUfNPl3P0iXZKbDBHKYh7+RpfrFA0yonYFb
z=*i76IPQiv4%M@Ci}z%fo8T$VbR<3mIMX^9m5oApzG*di2?o^14NS}6*k3YLNCH`C
zi5DURp^W>O-Jf4F2hH|)Is1<;lR2`{fLuSnRJk^g)WNi^#_(N;7kc(nK@Yhu3^!NU
zDvvaS`WiA_`F^qBo8x@&X`H!rs0<sauxofR-mn9BKE7MIrGRUqt*U{=31s0TLc5=>
zwE^4nUMi6wq^mP(!~qe7cryjfY6?aqdvT*J!8&7gzH**=aK3$OGvOwr>&UUP;Yl4d
zG+1N_&HrQIy?B7<zhkep1GL{C3yTW6Y?f%;3<3o$ZH<@-s(zYEyb9(+ZAG@%8A#>l
zm8f48&5g16iP_n+`4uS^NgF%35WCCXMM|zvM6yV8LafMFF44E(5>xY{^|=N3-_1sx
z9E{ZxIlJ_JR(1~)f;p?O2Sw)jR^d7r#`MduV40lyiu@+*6$B+4A2v3+niz2phwIe_
zw@cQxJ4sB{0en+NYxYc|NoM2k_TGBMkr7GlRd%cHBJ{C(2!$&7sZJHVZ{JC{>@)zp
z_d{GIc0N2*%rv~ugGq5}*p);`RS{n1>_zzGyKZ!!P{~<pa@IsIi3_F>au&i-n`K8a
zunP5p+;Kl|srOrnYun?IrrH2JLjm!KGCuH0y*aSLeM4q<e0wQ66mDHTUONk2k5<7V
zf##-kwB8+9bL*eNm%H6`Z5=>CLtb1TR8qDLw7P{|naM0zNeLt`!khvZe>aUzF)6?6
zQP?VPat-HLTw&LqoKDDSlnZ7?t`Wm$T(E<1++LfDLh>nyPBwlgkJYL#h}0(TafA3u
zWmAcggxVE6>uT7romo(MV28J5vOFua1Rl^c^@ri(;&tkP9+n37#*{p|YIm)klokHa
zEg=-q5$tJ4bF4N3p-aY0Xjl)=Hr2goq<ip4;Iii%Xs{;8uVFQNys1Db=lq$kMP(t;
zP1znU!()Ok+p|&qL-F8b>RH+cGT&YwDC$Ac>DRdhtNPddI{m9RuWk2AtKGOO#BW|6
zevFxOb9k%>h4%f$k95}tfaP0<FE*n4>;4%uXRS0%&HtMA0!7hmX-9}Qw|0}{@;wye
z*lLX;!S~gcUXFC(Lv{rbX&<riRycX-+ZVp%4)6Sih10N@(R5Cnxm0=df&P<xpj-YK
zXh9j#cEN(muM7Bh=FLozz39}brlSVm@A_63A*Y|PovJYa%&5R63G}))eB1^vxVmas
z+H-1U`A?X~=7$k%m2}4L^wyxcYrGj?ap*dVlU<Rk3WU{b{v6)ULh3G5$^wS^aIEVF
zk}Kl?THtUQ5K}JiFiQ_vX&p!@k$?BOexWivENCIc|Mjn}5lNKE4L6-Dq|7U%tCX#g
zKlNv$IVGLx!;|M_hXL%3w8ka=_ZaC@fC8WYoU(=DnE2?#jOQ>wdud(5tvW*>NY!WD
z9y$>4=aBlIFyvR$M5MJYA@j6U`-HeOXk0^2&rzG^hoN*IzBZ=Gf@{xv&|z?T4V3Y~
z&gZ(%mwvuwsD}xsR$JDshHu{YT%0?^`{=K4(!+Y`3X6(+qQi8pl&}IkIvX_%rRHpO
z5V~2aA4gUiOz6l3@xyYis<P#|D{cWM1*7J2Z?C9?9aIW$H=b%cubX(SG~8$){qq2D
ztT)P(3at$Y{WNR@s`6Pni2nW7!Ef0N2J9JYFX2p`{zoY<p~$9QUn=0NU!>Qc@QJW;
z5fMyXMRjP$Barcew%e$P`Ge8L{92DgLQb{}ts3iftvqF>md#iGDajpv&XFZ@@7U`6
zRm)xGf@vY@p4x<3mp(OOE*`d${le3?U&Q>A|9Y9*VZh#o4I?x?|B7>(*xFD}F1yxS
z;rL)xOqQ}*Orf6aMVHfEa@N1{)0&saIKQt6*3ICk{6>C5`y2l61&-djs@}p_)okq<
zXUofIEE34$$dYsc!)lYA{~Y6;=0loVT#exyU~PjNVrTl*T8{dko2D{TlMcwAnWj!1
z-&v;yWX#qdKl`L}9;M@gUu!8%k(G(OvDl}(iipT9b(uEdU7<}9(w465)#g~bRYwJL
z&Nh<m;M-LgJqWbp@%1Q(AXDeFLp^cCJd540KUwbWJM2acLiI;p1#6Bm=O_N(@!6S$
z@?&RsVZ@H4!0aa#FAPh+qSUzYP}lU4&>oMpP;weQtA+g4b#nG%IhbLwVA#%u{Yyq<
z-t8i=>?qak^06iPpw?0Jd(-;C%Y-x#9kz>gn_sfPE6?@w1u?XrNcBD(z}z)gyNrtU
zZmGLOozI;2&x8sLJinQqb=Nh?lp=?887$TILOWxxCVU@pnnWmn5-5$|fJ;EL;fW6}
z@6AxTAZv0n@YZ)#3(i@yLohBi2z~uq>t374VeWn+6v9jlcrZe#lj@@)?0hr!rvswy
z8U?~ky0o$ub7JNf--8Iv8IJUP71a<-0-|WjIV5E*oAxU4JM2%cVb?-zGxafbRosB_
zC4h`3R!s`)iw7v`9#;La3|xEFx~2fB=0D$&Ku>rr8)s!gY*yL;U#XpmKgg5NdtbM*
zK}7{&`~9#A!$iv?&O8MR?|dy|m(J{#XR)BGW~2)u{gER#Vgfp9d*(S_8;2`w6?C!|
z)xBr>@9zH4zZHhwlzI<AuZ_9!V&P+%DvT>i6JJjdq>0nzDO1;~vL!YBV0{W~Cw@uS
zYJvKJk+eL1jV>8ZVL9Ia9>)FQAy7osumXK_f994c?bpcGa;XV+cIE&p=J%W*;fL7<
zMQ?yeYraYXR({<$HMG^{MoG)cVQ!XGX#8o9SO#py?2=|KX>xXnO8TP~S){#$J1@$A
z`BfVZ%#=Z3g@raQcjsFU<P%OYs0XuGj`DV^;0zTj(jCbD88RF4d{OYir4+^Jx`*r>
zq79z4n|74+@~m#X3nXQq#MHP3Ywd^!7YSuE*(CluwtiZTvd9My*Bq8~ZMLt{eMk?o
zj&s3r%(L+Ol)f+wH79yHGAlZJX5p8cK>(Xza=xy5TnDGbY269y2-L;2Hs;Zq3tpIn
zjf9r#v-|{GCdA35v|MlB&nj@{;)h((OR|L%GD0KabDX`5#(w^<scr%!!uw_Nnm)1d
zS9^%lCqElZfp6O$Ukw;SM7hSeV#j6?-{;Yl?KA?)BPM^RE;?uTFnRseL%SdVmsOa%
zATv5KE-DqdUxVB6JSYnAE>18ZEW*#bEq-}lGVo7sB!RG>$MDvri&NSC*jgp(Q@xgH
zJ>~5dnGYlv^z@Z)x_hUhx*qrH7N(IPZd5|k?B^WkL347<A6wwm&dar(m)if%yc0L{
z?g31Ae?R-0UgMK5uGzl?;-V1t_r3Amm&@!Dqp8ictCD!?LFnZAJ4U=u8a>-ghxynA
zu*8&%?tnk~SS_n|QeqKdL}}W7PYK^pL^b)0i<(CHLd}*V(6SEgW^dLu4?p6EvQm`C
z#-wKli{Kd}da-G!IF@>uochk(;kV;=&|4p`wl*jGHhKU?wXj1+D(0S)<yTJWk7a;6
zfsRdq4YIB5$IwRq_g<#i#aZLf(m*_*_&Y^>NmcEWsST|&r;QCXpgnsNKAv2#T$|M&
z$D*79>Y(82EME6^0p7P;MM&Q#&D|Qd+tW?G!=GJi>7D-bu~>son^Qu~OWI~Q^j=M!
zwjAf7L)R#b&L54<%-)(x)mqkG(?Rd8(1S5Cis-&H4eHo^$q&Ifse$Uuh<VuV%4^JG
ziZ6aK44gZKcYanO>bp^Twrys##4(Uups2P)v}WI(&EKg~1tY89ZgoNir-Kc`9Cr_(
z_lDh?pY$Z_HvA8iqkuJgI<IP%EF)#zv}&#L&)5hy8FyHb*XvSfrgz$+>l%1`!u{ts
z5LGt0p>>_rXbq8ytqY7?5+ydequ4fUkvX${MG~M<-&^^^MIC9BXGUZ|M6DK=&h)%M
zwDR!Qq7da9Ztx-a=4-5_TKwnW>BsC-Mns^dN3O+7M^nxcX~Soi`iI);Wcf67ElPi4
zq8=hjp49&$pDW~YsRCRRv$Ny5pr>eAf<i{P+6AaVWS#XM_VjK~DGn%G$cgT^An!~y
zm}Ifcq{7NWy!V~a#Kzfy<-KqRiq=|7@l4AHFKo=B_lu;D`I`43lGfPSS3Eplf?<wc
z0NC+*+l8kPP=u>T1KHZc+XkL~_#@s(@ES>al3|XG_RR<zIAOZGfXc~%+AI4Q>uOp<
zahY0?v&OEDMO~(<<71fEJ0LaodnG+*E?^vWyPsB7brjV8R?sm%elltR){~0cS^dCl
zq7F(7*x(p?0e@-TGx;8;M(xwM;y(jABWYmM4il0%jQLRB<#s4fjT#U+oZLnk*6JP5
zA5rB0OaDgtq4%;qojhELp9wDMsh_TQn;m!Om85+6RbnRbpRlj;UM*sDLJ_(u5k9q{
z{*bCw0dwlJhN^l+th^PBSUGgSgv`0E+}{XQ!A6+F3I9>lmzpI<CxSI1^iyPRd0=AU
z?e5<X8wz)v&U-NP{;7n`qX5(Q<<tA0*p#~awVIK?4+#d$)ycaP+LLpNb2W?9^=#qA
zirSPbp(mjjl4F^QKf`(X4;|5q{|40Q*~;VA+X6Y}XfeyDh%lPx(y!NQFN-y(=yiG3
z1!b-pX5<QB4{3@Z6}`V+*GcOl%=`X+E-|(&PMaVRC(rN&jI=8nEyu%S1T{NJS^E!j
zEEEEb-%?a^{u5p%gp3(;wfrCBzzn^C5KnInxXW;0F4B?MZ<r?3{sn7#n=AF7$b2P0
z;P-tUmB4g7R9a8TRMeT$3Vt01Cw%ab+ge>NT+R7yXrZ^)(K5DHSdV&Y`9wxrS@+Vb
z<}?8AiSEL0X*IXyhE*dSqgwu4o`AxL=gXklPCR0G^I2!;h8&aPMlR3PnQsT*Hr$sm
z&8`HxvP04zA>=g5k}{JV>sNH{){@U*Q-aZAQ19C<CqYtDdCv!Cy_#QHLblst@f826
zs>OIN_s?bfGLjD-eGLe4bg5gNZX725SYbqnYv^@%@7)}z_8aSs+t(7F2z4?$9<SZ~
zEz{A^T=Lov{o4}2(AP*Y6+76Cj-+r}p`mA#u*l*ejCq$KIji=33+P^6TwY->7G;#?
zYit=5%EIe!kOOE6exEaQ-3OfauwFY9`F}q>P88wp0IO!Nz`Z}G%9_2icwb9!%&7*R
z7$mkIPBREz*9t{@#r<|~M%;J-xL5fnD)Z!2w{%5Mh-om@bW#8Js2nZYK#U0Dj`pZi
z^Qlo$Aequ0?bhz#K$?)!lT|oPKme^NnJRhsS~asltTwqOSE0R<6G(oPUl~(5ws{VC
zm7_dGx~0?Mm7snj^(0)VAaXAjeYfTJnnB0fADs@vA2QUD-u&0a)yI-+N>C5P#QcB=
z;rt{S?<WKJQVZq#$L|+-`$)N+@r_)t3}gjQY;LY`IaHqIdP!lwfMY2@&xUl~ZOjw6
zdiyx^KVA;@4I$M2FMUxq_D7(>1Pg{SHM?pIp4+mo+gIFiBn=-sn7Hz62V(j~q&7h2
zQ3E4+K-rN^ewD<&eS7@T&C6=yK0{U^iR!R><;&^_Y_2l#ls-B6nG>qj^I}~7d};g0
z>t>KGMUDF3;IgYX3cJmYtW&8jzmIR#E7c3>$yQh)Iw}PM`@Uh*CKq;QK4m}T1wBlg
zTXSQXZniyaUMAfltb7u#&+Z&yc~!jm2-%AafBtPkK^GTs9<~LKVoD2==EtrWMSOZ)
zVhg6f1Eb}&?;J}Nd7v+@A5mG>y|yr_{r&mPx>8(dRHf0s^BuO8n6G=>Fj7J^>|sUN
zop3nuXC~~fi=+nifvAO@mo;}1UXQa-_VBYv2^gF~Je*$909-lt&)-hecKn|Qo&MML
ze^W63uk%pD<24RlxBprd9xHKf1dKj9)$BjU)ggnq?>!Sf#QGZn`#+CQ{r{BqzfM>E
ze~+&TU2<)=&(#J+WHMJKXKT1s9+mJt(B*RYU19(ajX?lW2K1<52Xpx4VlBw5HSk!u
zsTBCl#CV+xELBFY&0o`d(OPbCb(Npk-0M3$qwE;G7qvFE@$0F!;W!D08GPQC+p3eC
z-4L5bQZsN~VsWL|!bkiPL?4bNbXV6F%C9QG==*{TKEGiojZ$k5L9U1tc>#g>lmwPK
zL>!{{n_U-eVID;O*$%?D%b2-`a=wVSjW~Op3%KsVlnS}wVaj1R1gi4ztX~it)!$$5
zT051ntQE0h4^~7xIVcI!dL~Jjdi*TMa8>f*_8E}e49BXeCn^#Y<F*kjF>23nou*CQ
z72wlyy?(X&u83*N{(}no(XrWdb3@A|1vyGP?dr5N&-H3!-O8%P&STf-E^fl-Qc6y1
z`hA4Q<6XeMU!M#34VNavT~8+FcqqUBQXb8lb1`R-Wwyi?%bDoGR@*YR(_pK44w4!6
z(=H_e*Wr;vFh5dpS#;cNZeXD4ROQ9150^(fZ;jPf<?``VYCRC;DXr{NMfLk;WMA=k
z36JM0+5LZiOE!a<qCZEq-HD)<%ev-#{-$zIFe0GefQ1W76qjnh?bN<;{o+AMsmt4I
zFVgS$+zDDcVkc*MN%!FaQ{r!7pXhiNWO~|1>qwLpB;_8?->Awd_Q6D`?)U-^Pq@ep
z!FOMmf$ko>IggHMxDOmv(H36T!Up=wZcqQVdBiJ4u)4b2Dt!K+l+@tyIKMX{gA<$I
z9DQ_sYN+v-Fo0Xa!jy8+H*`Peu<N12_Z3<%HfY!`bZRekTe=o!@bN4wB}$(89`!Uu
zy9_QEuwtLv_G4hTxpnJat1qroZMs%@@KJ&)E!@NJs$bL1loKZLr-%H08BC~U51O85
zVI?9^??=S?Cu>fhpKT5ql_t>p<tA?PYuJu2*vWrBT^a>p)Zq~G+jYvnWm)Ry&NMN9
zDjy@(Ut?<6P){M}E`<R~D3goxvU;x9M?PDY96Fe@t%YWnx?bA-=5kd_b=b}A-wz`R
zkF(-x^-LbSMufdF8I7*dHGacYOMQ<fOV1G{OxYCI?*%^JkC6~fzj-P#+}S&uATbfS
z67BM&=iNlG`rJjrT=h-hu3v)ea1fa{?2~|*c=Onb#hVvVpE1hYgQN=bnOgEze9%>o
zpT(_yfWrC}sFV7mO4)(PGcCBh1CHw>_Tl*B5O-^p11S~e5J6|;^*4RauLN$deb{V|
zvDt!ITyKf$K9Zu`N<>3&lszDHx`nCX1C?dNxAdH}LYqPX=P3?FWZ$RreA;ypPKJ?W
z0sG!rVV_+Fs=fC>${1r>YYL@3-H2FXVRcvYwEX;d-!gN3-r*ZZP$?w0wtKnLtEWUN
zQp<^&k)xivcz=Us!oXzo2t{p?IHGziP;c8g?(;XnI-bIOZq&@HFH>c=OO8ErfnYFC
zg>X=Ydn;FwqF*)!%qRi;EQJrQnAYO=e}Ec(^GC6=pRae7IP&K;CU^4tC&hiXOV*kc
zT-lt)PbY0$bkqR9>!7~ns{Ld%BAWJmsE14&5})RTTJ{|_)4ocu8XLQW*JtM6wl7{1
zzV889AY!zZM|xB<Ld|97NiP@;#gr?WZ+D+gR(Q2DNimL>F=qnZt?3EfKrw;loR$N|
zC@o$5A@xpo&l1B(OiEiAfOx5(E-((2`?<>#IpVrnW%JQ8TX&_w^j)as<u8^aTDo_s
z{#Pvp6QV00Cg#v7c)c6_T(NtF9D6-!;J7KVEj%<amxuzRoNP%9v7KHVbNDC_O!M!K
zsIB~VB`?(JBuRJEnbzF&q`=AQeXor66Sw5d9M;1c`|9Vye5IeXO1yMxc{*q0r$gMG
z1ireIt!*`**s{dj2yOlm*z!jcD>Vw3_QWEzj?);YtCR4plg($^`W&|Y$^G-B5_oMY
zX!1U9e4*(Y{Z1+>xj8P1sgXZHAAR1z+J!AGRrDMW_~2iZENeYtZq}7CwUigCP2nZ*
z2F!Y)A%RlbWX7o&lEk6OwZ|EDt-AY9@yDW>*W}Fjc{WCkEojTIdcUp3A>F+dI8nNa
zE8uEdD$m^-Hc@NU$$-~Csd_!?qNAf@wwynCFJ-z>vH^r)Xqv73!<aUfq(3x6W=5D^
zG@+dz&{U{ENrK3ajBAc2W*SRt_e+l)vQdcvTO-9&Z1-KUFJrD3uRLpG-NZ&Nz0kCM
z^M&xX&CWwFva?rBGqy7!$gZlG|D5BI0Ewn3uP$t^vBu{Dh|=fErwpU!tMs5S?y;|K
z`O~@H`m$mzJAB@^;LN+=ot_ileLAaV^1H=h7c1wTgFPd%zsR>Hl*b~DP3=)ZHcR<v
zU8Xa#?8)poENf;u2!EvlWq;AOO-P=5%m>!Z^$@H5y0dSu=Gg(HCL-rDnjsv+X1_<z
zUKVDaKJB-nihsrGoGJe85rB^&I8{5{3F=!_&a7@}5b(+4>G9}|K`l604t`h<jzeI)
zQ?t)5h&m!Hlw;ny3j{r=osPGN5sF`mbu$f%CVT{{8mt659H70ExiaHM^&e>yn!hpP
zLJyW*A$lf_@T~^3!fw3$dL;$e=}?hWaaY4(v?VhA;5KhAKWTdcTPsayRG*GGKx-TQ
z9$q&UVP7$0QL?!A*})|9W6Fcx=@Io_67HhNDPQ9KRKRBklvgv?QeQ7`<CWx=4J^xy
z56T$`_Q>%mGg6*yYSb92GBu`mmb<TuK~S50i7I!>qM55600CYeX@5=G(Y)BrpKDfh
zztPGDM8?N&k@iRxxnF^<zhvDz#nXc%J_k`=tx6&uqfiC#XP8uXW-V9B={H?z*&;PL
zY~Q0r$PTso_sdkB3_((v77MvP3y*tIRbju!5c98!$y*F<=%Mq2gb2<3_-2(4lgN9^
zvPX*pzBG~dg)60|G+5Oy!*s{m^Z)3#$NWrHyl-EStKr@`_-f6fjSO_S;_0z^;b7pT
zx#pQ_+q2tW(1zz5`ATr#_#b=@^==vXlzzgdz#V40fB!)Hmu|DXclPeHR6{%#=#Y$`
z`onR}Epog(vopxVZ)I<{cV|X2A61G^T3!(&jWnL4ER`Fv{`O$L#KfgNDkSf^SAs)*
zG<V*WcLQ=AE*DP3IJQu-r(8-0qMbsCz^t5vD-p_lOUvVBDU1%<&B@i?+7f76nB}(>
zZ{VJ*S0e0t5$zcE>tP<c=@|iGgROTcQSwt>{(~Mpsp0r@lZ`QJtvxQVcAydMAZ=cZ
z57A1ISFrfwMt&&z$?gf>P*7AYTf*LI-}f>(5Lr6$$FZ|9$N-TVb-){W0wkpdSiW{P
zLeGs|@%`z=qS<c@-;Gn`hGN|JIyHgkW&{sPihk#b81r*)enXX)8*j%WJ~Vq_CBao*
zOFgiI^`HsrC9)1U#(flk(4_$7Yr&iPx7fS!Gi=Ce1peSt(*o%ThJmc9+9g4aR`1$S
zfH45DJl`FG`wAV1TPI7|tYA1%%0Y{RXSrZBs2#SEnPY9HV}y5&0cJN`jhKfojZ{#$
zb|oTIsooPQJr|bsy8U6+s$LUzzy626=j712iPgTP)G-${QT5S4M3Jh?UNgka!;`Tl
zUjgjOY+kN=MS5HW3@P3$Ss^?cC{dqvWB4ZNY}_f5DIWOl0{WAWkb#K=TvQtG02&3F
zd;sYWbezgq>9fgxS!A5{^FVbPYdn^4?h(pyG8@f^4IJ)N!&0(NlFdDKFg^0WsIdE2
z5HGqB9TVa?0$BwPza;#p)E1kVmp8<v?0?1z3-X+yk49Q}cx%H&`0PnG16q?+P_?$j
zbKc@jrA_*7*(uEIBna&R2=&U7Atd|*eEvi|<&*bbD)3jh_X87?=JkU~l|UIw!Zk{*
zW6RUKqMU6BR67V2@ol+c{?&0uC0(=G<IJgO@9GAD_C)*=-}SXWJjCK|@ks#zM?~fH
zC+R}T$)rua7-(IG_5ah}cgDlj^=lI$LByR%2!cG3=q1YNEd>#6q8l|)#tcRuA%c)5
zT0*o@qm14ej54VvdUS&!qJ&|HGJ1LUB=`NC=bZC9?K$V;>x(vft+m(M>stSE{jV*j
z%({V;rco9SWr6Gicd&ji>CjJp%YtCRb10X&e4&qKV{%ckwO_w~UJwwG`1Zg&=Xx}Y
z3-6<iyU;|LvCGr?v*X3)l2ABw4|0CYeA`M8>C%V;@yixl<UZOX-n}|zUf^QoP`h#Y
z`31Vwn`4357y<{O$tWgKN!?h)c8V{g+D5c#^_syS)2^BkY8(%F8F}y~ruUb1IuP&M
zXoE1RFGPGx-$~u)Yj=3Wr+<0jfdjrx53tP{Pss8<WEDL;<ORH*d@g4AQi=1Q)w^}X
zzM`VLIgh3!oOQ#EImU)wwsI2R2rJJ|i2H;;Zw0V-)^B*U_jXDPG-wPy&G%wupt5Ii
zboTT_>}YFu(~!bIlabmOwy$w^^QYo0htA>SqwXuT?=Ok(Dh#!J&vU}{qrIL5YHx&(
zm2JJ`7UfsUt|a!(bca#-fEV-omfmssH}vraZ{LgNQ692kuBPn*%>IR%?kmJ*vAhw^
zp$X%hugS@y_OT5ndotPhy^;O%Ms*X%LBc{4J!XE8Mr5fHa%sK{aL#hexL}2q4$dSy
z4F`}}Wa9hxN45Et((QWo-{_To6^JSv4&DYk;5!Czp#oo!@}mCFY9MDszfv8$7(<ZS
z9w+bv&A^p^am;{UHSXvJZpzSr!U;XVZ)f98z;u`V2vot0Zx1xUbOXjzs$=Lhy~Cfb
z<iEN2FBkIPJAJ>}{^$NJE^c4nK|^|7>pENnK-e;*s}lbhK5I)y1GWPgmJ}0r1`y@o
zamGVn_+8n*ZtFkgSf*|TzjYdmby+>}yf$#_t~>`YHX68AZD%m@+wFIZ&dyCf;MA?4
zsX2ypZzI%hhEJT9AMD#4O#yTALCK~kE8tFA4)z(X&$RbY*01hSY!~kGfTZHo9|g|q
zHd}aur)`Np5LBio&7j~y*4*ds;V9gc50BcerVz#D@O(6B{L*EQ1N?K)W<v9_ZDE0i
zLtmdP`kf6`S_Lc!_>^u!szus~WSQ$7NoQbSEjo%vd>MKHc4lW0$u|@heS+95Dtf^r
z_o<QLY(l+e?PV)tI$HfMq&anE2N-qeL88cuF()BSzI*$IzT~CY8mE=l(oX$mOa5DB
zPvTT4dL6IV=&EjprkSYRsFsE)Qm-R5=7yn$<sX%Ov`e<XDsnL2XH4n*NzIg-pqJ>_
z=1t7r=dSk6eE(t=7v%*>%q)hntvPbLF}3Cv=HnL7_ECL-3>|tVxlI|BkOyvyv6hk*
z*W-m{#tfsaVjJBHgplc*Djy!34XDW}@H5eYb?B?jM9G4$VV#YLdwEN}$(cd+!7`@3
z-RY#AZw6aiB7l#mZFF6K;eC$M+Gh?Yqev~mf?gfLd6y{Z)J>klzS6&)p-0Jx>+&-=
z)i0_MKEAQ4Z{0Z|_t2t@Y52)ep?I>4z9m0H+p_630psb$x#w07v;yD9m=>(E<)&cV
z2nx}{`MkIXexvKja`;D%LY9I~I@NOwi=rvYx}<Z{N;FU2%uq}qeeZDx;UAKV)SJfC
zHJ%&_8Ob}^1ZN!Evi;+Zv2r7@V3!)Q=H9UN>wP;b6yNF7!f%$Mzjxa7a)H$2_jmkE
zpVwEuyHm=n#nzq<^zx$eF}O@1#^(l?pb#pkZmct2>bAh~*WAzxXt%j~&#!0ecyZpO
z&iUMugvGSye-nJcDRsj;JU0&H3^Mbi0!UVS9230TW7m{Nan~tj<`JdqwPbr@`tZiB
zT6j>lamK5t(*n6(bV<ogp@LQ)z4O~(SA>&uU=1JjV)DV$GR<Z8Q@HHro$)5Ns=;2Q
zQ}hZ~QOd=|&!T01tQ^;o`$I%hfiARNIDo90w}TB=T&&)#cRi7?m4)ko_|{clu<4yR
zcvpvWs$2C7u$py#ek;MeQ1>DrH=!$1(D2sPfd}+h*LMv9Z+UTdXlpz^{3&AxIKSir
zn4|2Z-24~PIk?j*HaMZgs&M??A^3`Je55;bTvB48-gKnle&GK1!4#l)g}Ju%ILH+{
z8v2DnM?gr_B0s^4?g~vMq0$v;jSAWPIFE2TTy?K(cktD$c9^}4t>0NR>`!h$Aa9!l
z%+SI$r;536ybtHda@<h2+v!5O#<2(>mj}L>Mw_Z+M_5+Ub}>YIAk7LIA*-_s7}T8#
zzo3GI7KFz~B-w1+<3{f+R7Ymgc*3CW0!=97jS1Lis8A5@`TW^?c22vh>J0aTftb38
zPLGM7qS(r@!sUsG_OJCR@p-E$uUXG-zP$o<iYjwplkLO2dXjyD+vFU4KlhHx(@!P%
z@_i+DaE<qe<E6g%9!J*2qE*G|K@cMJ_$9S55hd-9<LZ}Yei#@V%qKl&aS56p(-X-U
zZxh#jQ_8O`D#-DibOGbsv@)fNRk3SdHRLi<zKkD8W80<ELE>a;yn791#Ygkc41-t?
z)q?z!T31|3f&||&w$D#Cd54$~8qBNpc-Z#jJ!Qi1?cPc04)dqFP9@0qR!BUTbu~53
zC!e6nA_31;Nv0k0SzyMXhFuWn$viK~6_av7x#Ep=$r}MII20ORjwmzkFZR5x+;6$+
zSlY>Wlqak3(FcfKTpJPch1~v7l|Pqy>8fCp$5Xmchv8{+M7n?w37+xd#x!(EfqPwj
z?j%jo2h2+YmIE>8NmWHzgg$+|Y|AzCotDBgGOf{(dp_L8ZPs1Ve%ttNMZ704P?sv_
zXYJuQzWW$nKIX1e*SV*Avc;CJ(XPvLmg0RMLw**%w0Uk~ahFFKDJnA%SOZa9sowz*
zuqrp4i#u1vhiu73Jdl0FdGeFqQ9t(aAp)~7P*O$Y3v#n}Agvw7ah-g^=e=K*kE)WM
ze8su{z4L2JN7E2bDqo{0gb<ir7j2$@zP8k7xiXgSl1__6fvHiI*3<KYcNJ_?Cit%D
zwWrL@4KqHJg$?SEuy9w3|G}u2&>E|T+*dCS9`SClR{=#RIdKPq1kMX_ofDvphr8*8
z;_97WpR_>d$2eq%^ogko9qYJ<F&WKewGy`lvS>q5CKuAU)IKpNEobw)R=qq3`E(6t
znZ7Nm>1iFgo1RlR3>qrIHO4des+l$@BVA`)r^@WFmXo6{n&&c*2JUAHJi$o$iI4t}
z;KrOb1@rm=k=mF9I5S+up$bJhTw+I!9O*$*>=`toE2k%!@UFQYp}IP@wgVp<)7>0V
z0#9)C<^gO$`r^N@j&k^$cXsF?2^JO+X8FF2CT*nzHet<{N;X5wJhWufZ{8B~qmbhp
z+9w!s3|#(1P9vAp(!QtBMCpzJFQ`caAO#cU@Fx8p3r*<gYxar|@8jT=5}QUdV8MKc
z;Ra5zK%z><r|VYTUOrE*x)Ew&u?2>^(BHO(4H`{p^VYNYUR5g6q2ywOO1FMTM#Hz-
zHW-eeu(g>oE}XMPeI!sLcX+a^%C4Pz<$}Pe_Sk-Uxx`WIFz^VN9|viunwkS@D`&O<
zdj(}m{w)ZSCHFro$@s4-HX!djlV}I{U5Cp|@i9C^&_M2aQL}>U;S9@wb_m5-U(FxT
z<Di_Q)_o}0e*NDD&VeJ~KMcEzw`HNJhQu4^zT{)_qMt;$9TI`h(_}fDSm}1vD87EH
zt21$2-zSNB*k_>uetmpGf>REcU8G*bT(^h`0#Vj@ntA~!ClCVHiUOCRg$FE*rOm6E
zd_Zo=jmszfO?`}dRM>VeTn!+>8p~(t?b55jb{K^{;18-dcU19FQhS>w8Riz(1e#ch
zlcCc+a|>LA=2QVOuVH|I&}^np>|uaeAnKVRZR3_AojhnaXjgn`;p5O_a_0@r%%&db
zuW54kJL|}}Teg(CgmGtmBH)kT;Ky@_$g5k(RrlXHKiVbEeP#Cc&T{ZhL;o9N<U7_-
z2mAG?Go*WAuX+7cxEM2jNNRQ-r_q2HV5C3<|J1CH3t@9eRc?09J_~w>@uB$6)u~IL
z5|q8tq?c}J2|A_pfdF1j36NY9cCA`Qvc8sbc|s8UA{@`?IG%{Qs9XV^#e$iEUYsJ(
z>NN&rW#3nGEs56ezB<=9vzLDTq_(UC?C#+r@dByWPqiHN`=4a+gC>xwkuPCx{*`I4
z1_bk+mb0Ah#tDxu3VahrTEWw5I$4rwE-LHV_N%b;ZH35dkU{2=+1V(tXbccUZ=LgA
z%W2GPSe%e!6WF$bB)WvP@hLh)I7e+@A}0O1cs=SFTl8k~yt;#zBV2qw9oEbMMx(z8
zP&xMD*>(OZ6AKHM`!5@Fuo)>dPWo>d<&@~dBf}IKyQ0`VGNVr0T(#S(wO`Z&`=*d%
z617)kz9m~#xs=Hk;C5>`OIKLq<_-d|jBM7r!LVbDu%)!~5L?H-1G@H}So^TVd#td7
ztP^2l=MLU|;+GSOs5yL#&zmHy{QzNZ4y-;JjY8!S>QY(sXcD2MRK=obOAKunShZvf
zG^W_fG|N(Tos}w2<#!##0J4>@5R1NGg0cCukl`E_tv4p_7IPNv7tv_AX`*=3!#m8T
zQ>$!&ixlkK@lp`_w7pLnN_fEhuCgWod#F+u-WqdylVh>J=N4#@-NoycNu@#Rgg?h#
zR3e+M!uQ$6H1;e{qBDOqGA!;k*#kFBtc#Z5wr?MHk280Fny6Cvd^p8nA5lY4F6fyb
zbHFIj0{E2V2xhzZ1?QH=4RVa?uX-mPP%QWE<Z(2Em3x|Wo$|;)VRx{x`{UFVF{?w$
zgS`s`V`5NzB9SPZywHB3PRxY;XD0BN++Y7r5Ag_#fBw9|rfwPK>OBm5%rUsJlhCgu
zy&_RJzR1lk$p_FC@*!4mxZ&fq8|(5(LLM^@&O1kgqZlsJ;K!ZCZ7U4O9w8HC-Z?)&
zaqL6JDc~EiC9P^t|NXe~O$W>Gv%@Sr1Dn?VX8@N{Mwn~hwreYtp)o1XNr{bZMuw9H
zEDv<fV9ieOSQ^J*A}uQRhUPeNr}R(RGYw4GL?!XP1>*fRr5gRsKZO)JAZvGO+LVz%
zunQBe*lPH3+A~ov<o2TSDe!<3Ffk67G{d<jw}utk$ln>Vy1fKWzF7S^IVY{mjFRo)
zd}DNW88vr$m-Y15*rb(VZ8oCWMQG!4d7*oh6eywBd4M(SahxKu!l@uyt1C!@Zdf&U
zs#^*Rvu-1!RAp3J0ju_+GE6||<iB$8MpvEMj)wtgM2dey21@C!r-B@wc^spKqCtfR
zp)FMBc7P42sWX~9R=#Lik%~fusA<UqHFlm&fcpnF<msWJy~e=}U8)!M?|ng?=t9eu
zpoYfdSy;+^??;;=&Zt5F7V*piOf;mzQ6@ODRC2IGJ)|Q5u<$881l82SVexc7q?wO=
z{_by&lO7b(^T<^7ur6GBw-yPAVQM_8%Ja-$KheF?#kVwPqTUJ=EZ((BBvV;0S-jQa
zvJdNcJcr>7|9J`EKb$w0=*4=UEc44c_-uH)SK^n@jJo5dz+TS>h+OAF>UAYccQu}J
zV@O}$-ZaRt!2}e`hs>7%T<9xrw%*6s81T}3s&c#`Pbu);_~VpX;H_NJ$<SSw`@Ky1
zOVee?Xgn`2j@6a3OWH1#C9II^CXpERp}5m<wWG^fI9v!=*PqABC)YhQWMRgA<mhQC
zzxdwvi}<a!x01w*G%u=vU1%+Rn@-nOW=hA@@9T)7XwCTXzZqbudAS@Q{T6ylKU2--
z=JV5~*D5M$qlwFhdn^7vF+A8z+5#ClN!v>-^*T8x-puz54&q9B%JuAJZm%Dz*i3QB
zyS9F*5?90|xa1zy>joF{@{@y|8k-cw?;u>k4>Ct6N^UmGo2u9&>4+@Asz6aQ!=)CL
z+2ik8nO!nM4g+j_do>Zul{dl0WF}bwaeW6SVA2>z#RSm}CDEhSavG4ISjm$*Mwy3P
z^@zvpjprp&u9>hxRsL{mOOerF4(2-bV0VK%my$Zcif|OOlr<-x*f8bxCszN?h1pc6
z4`uzJ9AMt>KcJw_>euVGuR~&A244-VqNO2KtsUbIVb-@f=~8m;Bs}c;4TuoM#5Tgp
zL~vw%J<}M2W;ljIk;{(V?wlL0)u3~{&$XUfQ*Oz0;%|el5$s*$tjZi>#fK0v?)^>*
zwuL}uSlG+Sz6s=Z4`0b{`sWbs^P_h+Ds^WE7KM7zTn#{U3$9i24iI@e#VP%%t(X~D
zz|ECW^!5BVBJ1<oyBqz6#PQp5xUSc+Y2?$%WKl`L>7rvwwtxGeN;cRrBS3}5Q-u+!
zx(?AC{Q@f~94ZjF>3(yyO$nN&Um-dIR&DC;GUKCg%bG{JnN<JI6d6Rm#7W?`DF$M@
zkL4PiqE={Wa+yNx*Wb~x4zz`~0y%5K{^5yHz|k|qRU7SX0n5%$U{Ca)v|VtkLlPnK
zb#UoceG|l#SeIWmS6xExB|}wrQG*`O3gc_7!`SH#$?Dkn)?{nk*;&d)`+n)QyL(99
zl5UtH3VkEGM|RO5vwA);^?@HJaGD3DX7|t*7`iRul}bZg3b_C9?e~Np=+q5fQT&yy
z$-1R40G8FY4UZy+$pL3Ys(gZrJ?=sJr|-4cPv!C#Mn;-W<Tk<|-T`7+McvG9yg@(T
zD{+3c0BrSiEafYGl2h@`6<YX2Q$s3uq1SXPdf%!WNtE0{r&`(QX-Hj1ah?>aa7&Zc
zGtjX$oGnQ!xt|I(3Lai<kGe4PeGCsfuq;e_5h_FtKPWpr{(c5^zE^r?Y>UW2L0qzH
zu+=q+QiHB8O20RZd9#vn^U^ib4U3!2PF9*q4;)OIHkw+Io>uyC_ITW>I^yRh#61Jo
zP9;?pRfEq495r}KKRxG5p8i`aI3N=<axyP0@MgE^*y+U?ZY&**Mmm%(RX<g3@b`-7
z7<yze<fmmb2xexN2hEBi5SEy6gnyMzn^0S77R-`g_KTL}X*O`@DF&JA^e9=|GXVr+
z{clq4G38gUcxTQJWh(aT?GO<!UIX!pb6y=K^V13W*;q5UjRNEtsdR*H&7Gs>v_Y}X
z>~>?QU;j^fI=zY+4=JfBJdhpv<_&d8{dNkPVeeU`#&0_;(}-iNzteQ^9RB*@-0C7F
zB%~WGe&MIeWB@R3Kc*`%%24dF@@AaiHJqdQw{P#m4JIO2TKFzVc{H!XdDMawe%@&_
zfHs2of@fx~N~phbHR#WPUz<f;j1})-(vv`%^T_q!qGu;1hSWYkZnHe}K3a7X@tB-%
zns@kI+`*LeLo4GNcp6~1OiK)w>?x^}C4fV2w+Nki0`9n39gjqO{mG{8Yg?>s=8_%y
z2@CrSr(GyI?UibNrw0AiZdpA;ze84{5}k6Py;xMi7{!RlO)FRh*pWc6)QJCj*E3ds
z(#Ke&>og`EVc_0AR5AYH1!o^q>x>Iz`I_A|$9BP|$~l^ejeC3T#S*<(=>g$lu<NgA
zY3QBe*IDRA`CZb72|C|i`Mn0kTG59^%8H@N)yXn2jZc>j#q^hD1!dPQfYPE<1_lKx
z-kUWp1niiB3=ir+%xE9GBnCs+LeS39LUWDo)RRx-HuH$uT^)<{DFk`@d$E%Dc7=rU
zo=IMQ{-PbXKj~)#%fPpeo7ftC86HLNTje;rA~wT2<{fOY1rEhB<IS=3+<JQ8{O^v~
zH?)Nwfb<|~q%x<`%qOFMO_L>{q7GH-L7D@)+0AwAH9Od=^rsL*tY_y;aJk{A(njQB
z^CLT<gD0WbIymV#Xi;sXj7Qtx>w;i#p~Mf2Zx|{;V4HCCnNbP1YCeGFyw2iTGH3>_
z22N4i!yT*9MsjE>zzibAS3i{Ne`;RW|1^B8L2*!WAxnS)I8|ou^wgqyP$@41h(?SW
zhW2bKcpY(!x)NC!-~+(de_41B;|r;Y7fyd1=<-9GPbLpY%_>NIH3EA5AJ^{xb#N#8
zf_=VyNeZ;zk+4zrj}NZ$O|^X(l4<p8Tp(cZ&h5&L>BG<WGE3k8$V8{Os`oZFs{5}|
zhnt1I$}`Z^Kn~SHs@QZHDBk6$gU{#stN#`s04o<g(u*d?nAJ5GDR;Y-Dckz}3i#&M
z0LqV}oSsR=GoQCM;Zt*uNE7>xWaYJ|69h`bGWk(rzqbQjT6!jr7sk~ef?Y>NJ@uCx
z_6vmYse3l0`ZQJ3j_?f}s+Z3njW$?nfCxLi_+RS`*k-S=MR|F1@!{I(2p3UgaM?!r
z@nV1m@=C_*-J1kH<%P{*jKJ{A>Q%3UV9IS9oRS?gQH**gw?zsnWzw6S!cv6I)24Gd
z&C`pyB^7M^B@e*3M?TLH%ex@rSYtx`ZswQ;PAb5(b~WKg-aQ9Dd<AItz=4}+JzVU+
z;0l%V@3)!C5_E2HKd8SEvSxbEDzu5btG-!ZK2F>m#1Br2v-(>_8qX;^J95-T@AlU<
zO>f8Y<@2(AqNuNjP~@9S?e=5aaQ&rX6SdR@pqLn4?@AqGRd}rXvHV$aB^&+4oy%D=
z25NWHdlU#=2{JOHWj!$_m9@?}b3L!0+4UNb%Pxp?S=xK62nb#H+rdFj`tFDhPz^Ub
zr#-qoavqDI+!FVxOU?eFe`yLD_EM+soRyku?xEZVzT3BwQZyWF4SuVYt)D&k9+n^O
zbi`Rim<$>BXOW8OT|N;=&dK*{mgp-#a#%~3@Q<(oYD{UsnLq--y07Y9XQlLTjYrV~
zI=`ZG18&w?1g;`ca(x_<PImk_@A@Ng@jkAETO~kc#6#P`aNL{VgCBffxU2e>6ZudY
zA9{|Tx80dlM0eUjeN!xPM4lD4N^&u3tERl96ZFPE%H{m;&Tv3yBN9%P)`&G$UKWLE
zxC*8iGA6Llef(I$`K3U)cPuKS3+?y%mdu+3_c|!wwABX!$22<@v9m9d_)6oYn_i%`
z8i-%g5DrQ693G8?gt&PSHNZfj#_m-x%A;G7yQtvJ9(U|c0;})M!#$L7mG<PK_p?S#
zr;(vIb(Bp>NiVvvInqLj`qCnUGvB7We@TAcnZs3))wKh7@$7WAy?hmTxU#6*CGpFj
zO-COGVN3-)2oe<K{K~)@1x>;akeOD$FHq57lgZ;(cjs&I&MqKRDJA)S10DRRSFcO7
z-w0Ss$v~^c4wZR)2hN)AXv_WJ`&&;<=9QZ8^<pc+^cBg8-_7d+DjZ0;8tTsMk$}BT
zZA^R1=c{^?Un#9j`Jt?j!1?XAK31YQTeateo(-UKK38e;RibY)t)R7=mwkB%^l&6K
z@GB?wtfYEh9q%>TKGKn2ooiVD9r@cnX{+>vUbErz*!5bE9YLlSKfH;nqC3v&x=Scv
z&O&#uEJ#j9B`P015=^eF&icIeZp{Y%5Q3HAhNL^@8y#j+cBNz@rxfr>9ze0qv}P?p
z5|5zW<lB)(XgCl;@kqnsR5_C2WM)>~k^J*t0<yQy3{Duu!<RTbY`1C}?;ou6FZ+L>
z!T(}{zFW<nI04dlq)AmHiQxcA|CtbE|L^7W{vj(T{eOX+|A8pVU%>j${TmW@UH@@w
zZk}*gt`t4O?1i~ptJu}IR}5AA14YU|*--iTG?{SM!W20{X<uQgHMHza5x#5NBTKpR
zf%+hS1JoM?L`6HaKrQSkXS>o(3&zK-{Z$z`r)$J2^rof9{isd+EX+tmo#B5|3}XTf
zz3Ch*`C!e$Jy-USsa3&du<0D!%L|*F2h+3tIVilfTm2N9Niaj{MN7V6!b3$$p&5+n
zQ4jo-c2q&mdWP#LM-ByQn|@{>KXvZhdks?(E?0e^h1dL(tI|P9EC$|aVR`i|jd!`<
z+u|4v_8q*?U2)E%RY6vSCk0-zoLqG!7V*`&C2gOX#JKaLm=?tb+6`p%2?Jkzs5j&}
z{yQ{gXqMPd-$f3T6O)eeJeFS4h8^qZzL0xHK*O>@;$p*$f$Za#Hecp*#n@hzM4W`T
z7u9zI5t~~$>Y@AXftmYt{cBmtXhv0ScoR8LtN$eM=THdv(e-F)S(jUhOw7y)pq*uD
zVzV?uH27C&5Bp4U8WHEJQy8H{9Y<~={1klr62EPdq;jNXa2a~GK73aOU+fy}1O@rf
z33_CQ!V9T@s3D@uJaT4}hLrwS{uemwHAqE6zXf;--2Z#xI{(FU1ffQ9McsGSW~pS}
zp&V^ifU)xTST!&VBXgtcETIE`ZkE4<e*U>UcX48t^U+jJ!X2Pp8n6vjRLJ`3!_B2$
zbYBmUv)%IDcv6mSn6*;C=5wX{W;Zf?v#|JAng3h}{4}phL4Ia1q#P$}mGW??zTsC}
z4}nAum#j;cl}EE_co|N|)nJ7*hkki1T1U4(`I!HC;6oaB?gRpM#D}%_&+dcN)(WdL
zR%@S;h;tj#g(PBE*n4frEmC3A*}D4nDiG+8uLExWz`GjO4L5>BtHr5(h%PKcU583~
z6SrRa%|VsZn>u9-dUHiblXT>8q$=44g-go&c%2;^kXpPMJN1IWuLo}1Kc`53pEcZ7
z#6NbG(gWUweLOXRd=4=n1Z+0I<EMA%8|a_hxO+_t2E54vaDtXFw!c08R>wu;mZ2_p
zPS~%^b+7DsrRx?bj;ES#KNz5Ztfm^ifHFVbKmdBucogTmRjnDx4x6<)GU}kSN~e4$
zX2Rf8L(;IlmYW6vwQaoU@eh`$MYV4nQEda;WjpT^(*VZ|Bz@thBWs806w338(KRTl
zO6!!7?@6<`VPi#6!Qv4Zi^$NY(^Qu~(dk&sMd3+TeI`9qWUGQW^Ni@QE6jTrn{o+e
zAh@L<K=>wxKYm53PTVkRy5Z_yW0DzztPgJZ%Hvh4LV`5<6Fr3Ei&P6Dz*&G}b<MMG
z&mt4>toBbbsK{-n$l={TSB%ZVzt_*dLTkjg>c&H3e8SUDIYGzryh+ipyrIwH>y9qt
zCMychRB=x>BlC*(s2d6&n+v=TBXA*)G*Ft4k#{4{4WY|Of4n?Bj<7N?F9G1jw>qKp
zUPHeuexVDb-S7SUGpzUL@GM99gbVWf;|Rz!!fN6H-<Zg`WjW`@G*iv*c&Z^B1J&_Y
zUvJ4r6DLO9r2&WWkMmjeM9d9hWn!D_E8y%yrxc(aiFamCM-J<V0)EqeU<Xro0sF}r
zT}7|f$#YS6=St2@Ekg~Gs*CP?djPcf&P!q;s}(cgyEI{($70~`1J7_@_)_!B$DNxB
zwm`gXHGJ7`J>`2nHS2XXRs^ZX)*KSS#N_q_e7)JrsleFmZP3kt@7{o#LPLqYYW4Ub
zVzo|x|5wwi0t;Da_c08-clTlfI;5+sknvE$9){4>c8t{790+2opLv2|?Dm{vWDtC6
zGwr8Zy~p9YcE{sLuggoj`Hfw9W_n5|v2{t^^;YE`j{*Vvu<C;h%4xE+jjLSGf9y5a
zlxtzc=uq0n`iKURi<z7bV-J4K5-F)BluT!;iOdew<_)-|jXPB^6WI#!2{f<E4Pw^b
z()-?_Kx=Yh?{mYi+!rtlM&^BN^yA1ecP`%peGx=oTNjo75jq-gqDzGtYUEPE_KGT+
zn)j!Px%%HblmDYP+x&A^7hNqNglxOyouv-J1h~T~3G=oL)rU2O8!|+-BUK*NsbU0T
zhdpMwP)jf!ASEfV|Gh*5xS~+BFcB4gf|az8pE<NB*=07D0isq-0KwY~fNR3Q!Zkl+
z<uRDG=+TGjZ^ZruV7$f-jTJ!^Z!Mx@gGeRNpwhR2b&Ab;MS=d+0E{gH(Bu!gVjJvU
z&{-Kf8$dPd@i^egFSV@JvYHSbO35Vqu1WVOXvUYh*a;AVsQncnfM=LnEvP=wMheVr
z*x~6D`#MaDs*c}(;e0*8C}J%zaOaSnt&TpA8jiB;QK@!1)k{enA^XVcKjq4Vt+m!`
zzZ{X!H$Zl}=U5@Kho)_RmGW7{EeB&<dM}p-E!x2Y?2D^yoAzY%#m6B6fN<3p;c`xa
zYhM7W4K1N<{Mh5d_RTx3j_{!2ef!|mlU-a3thRa;Kokkqkr-`Es1Va?rWzHm%B`JX
z-j!{s@L0!V`HJZ#OYTVk*+x;|QbdD$z<0Y}{f+?rI$OE6pfZ-{lJR@7tS+N#;!Z|g
z44|PqrK0@<MpR(Y@T%kHay%8s=qf8;lP;XfDVn?*Y3fmPDms-^Ech^)(eW%nGO=ix
z+TwsAFhh+1^?I<-%Fx|oWVB0_9f1F9cU|2$B+D1gUyM;Y7P=D(SDzw~H`<Hkjev;P
z)&)6&1l08P_9}Ibk6$Gobna!KkPlsp0{(V0y^5(;0J|IK2Pp(V2*E2w`<PsnAUV5@
zFR8b|-LSzX!mRV29epYu&bN<}hDM+CSNFlDnVKH^wVnQm^94It!Ih9Jg?$Y9jf#Wf
zH^a3Y>G1{iic}gBkUMm~5$bYyNeE!MFoS}P{A2?@F_zs2&<Sjyt6z~}iQuc>9uo*w
z0S1<(rmIu{8^e@BYSgsz7VLa{itJkJo!WcS(P>~nDSB3DQvT;e_ocZ6C-~5d`vIB+
z<Mjk(alsn9am()eFU>tL%NZp<qnru;u2rp~{X}H0);0v5jRC!H|2qh50|`zbW`F@e
zK=S{C!2bpWUj0kd9+**(z=9MA!`yL#`{m&Fm;CNPK>V-BKefLjx5!_fnc*bt?SOH>
zRYb3pLr+@>Z|@=j#dXpJj%kEUXUE!Qw7W3_Z45jD9&M{?=V(lmd5Mhr*usochSy60
zo8A_^svXm$ytdD@gempU0E>rz{gaF$aK$eZ=i_r$^KwxJ_%w_Yf#_<#Ab+>vX|=5U
zxxqI=<<Jtdi*=gWzp=vm*xN9vmc%S6XG6m%tghRmKSR|!lMRaA#08%@50(fe*7)qk
zyz^13F|W}X0RgjhxwkT1H+CK*XuJL3m6^lzip$?!^je{2tHAPChzD-H*_x1@A>6>)
zJ2PnWgDofuQeUe#+OqP>*p|rj3q*qQ&kKS9`rc)TSLesQ<1n<im7GE4M~U@6GWlo6
z+|z)U%9K|o`$2(Rrbdf*^H2^n|5h1($!AVEcHdgRgYm=(AZwpc?OpYfINdWK#^(Ep
zZQ44g2d~(|*gEISG{~vs-09xIc0_#{9F3o5AF;>HwadJ}pLlUy;b4^((DcaDD=N!E
zU-1Y-J4JuJBzQykYZ`2h_5iVUSJ~l}-u#s7XDKI{gZEMHPhY^BJxd0#(&GH*2W>c8
z*1zyNhcT@@_!VmYF<*15p`-G%(y$9Bm;9hV@eIDC<WEqF`F9r0@w&!0jJKrm{-(jV
zigoM7#Kn!LnTbouVRYN!rKcw}f>Y)1x{fPdZhU5nUM?aPot}y;)Cl;&)rO&=?->&q
zn=KJJs}AH%Xgo`RY5o(h)_Qg<-$op3M?PLlBGl+jpFMq6#kL}z3RX!b+QjpPZo0Rd
zd?>;fayl*fKM;G;0Mtu(M@79*2cdss${1sw&9Vc$FB1I57l8eCqtuIcytr}MqMbL#
zUN5^;<j_Yvv)`%5Mncr0N371yX5XFd*Lc9GK=KB7^-D2(Y0q8Q?(lfpXo4!puA$%i
zgH36B>a3W+kwU6o7uVg3yTK{je$YjPa%~McadxBarLCd$=D>Y@TTZpsw0pC)MW2+1
z3#Os}V6qg;>{`pnBJP&~?q=(V++i~ntVk~bu*x*~Pc4>MALQt4CkXXL&!OPnW~7hu
z->JvBf=u;f%$V%_ZmP+6ZhUHFk?7rtFH~UG`t_!oD?){dTvvL6SDj-*{?J7PADiT(
zyAn(F*gTsq70{A|e+O)D2WA690W6)wf6kHm=lI0`Csq<u{Gob4x!d-gmu&XbThP%o
LxK(z;KJ5PiiwZ|}

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-create-profile-name.png b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-create-profile-name.png
new file mode 100644
index 0000000000000000000000000000000000000000..e132440266091f6764af99ad7918c7471e54e28b
GIT binary patch
literal 44316
zcmb5V2T)U8_b-g16lo$zF9K4O-aDui^`VJK69`D}Rce5sC`Fox(u;zEO7B4kp%*Ek
zhnfHZg0v6<1PDnkKJWXVx%18a=6>Iv$>f}sefBw7Yn{E<{;l6id}92N;TqR93JMB_
z$B%TMQczINQczsBrlGo!JgqGNUwmB(diwAIMb#+JpNo?#ZugDuQ&7~V(Vf4zdT~zc
z|HwLsf`YO8@8?p#-*;yUii+CDy7!-j0d|&XBU#sp+WWAG>udV!Pwq1=-Mh^7=IhPx
zqI`<XpWLUPFv-+TM|?Q{)YO#X0V1AuD`CG|EQmOk-+(1JuD)8e^GWO!yZzq$$^Dk<
zD{m+UNkwiOIZJa(Ihr5l-WzH80hn^aT{q@bL)_4<FnJhwe`p<Wo%y1fcB!I!5Cc4u
z?0Y2<-+2VpvKdW5i3t}?tWyRovSrKR!1A}Buox9ww}6h)Tkt=PTBbwfKSzNS|3@MJ
zq@M0Y`}mp7E~t&`9YUGA*{O5epm7C*-|L=D*9jQ>BU)l<5|XVy1(2nl4K?Aeh;t0W
z+vH6>K?g2X1c-49#fJ#sE$vaVlJFgxkF3dk`6a!}KQYS@k*(THHtD8qm!{_<3(O)i
zxeY*HizLbcR<A0oEJ9|VC@j8YU7U?4@EzX*75o;xc+6sBff)+mI-I+9f9d(KhBjqC
z6X)iTc+@HKWPKXFx_K$8p>5Qcc)(S`t-;LcLuVu=vQT?iso3#2u>p#Am<IKzrJ3|*
zBkm4aNZ|DQL{_z;_J=BjrfLRjNZ=<_@I<kwH*B^;9rH)xn&3=ru`mqhtL-U?m9J$-
zH#-}rDA`M`cewwm>mM<{^D@40b|dUn_{1!;PD9&UOjK!LF}$Ia5!P;wGB8m8YV4yv
z<Fk_(&3HwJHRaVncBZ?w>y93(${i_GJIrl8e5t7-(br&W@wl`8s(;#U+RIN);Jy5k
zWrSd9dB76i8hg^`#(Fq_$-_jxNJu8A!YX>&V$rSM?_Z+^43w^XFqdqkuY=Cj7^UcW
zOnSEc`Xy@2(g|OeD^O!4PJIQ>L#Wly=sRlZYX(z~`Tit+pLgn!^JD!*)SQiA!P<c_
zv3%J$p(~1S`4WBuQ{NI|EBDVg#hmrs1$})}CBwC>Qr3QJ-mexYBjlA(OQZbas=lVh
z;GdFLl$3Fd%@xo;tt-H`+HdTm^6)-C+Q}X}MW*=KxEu}<fT%n2N@Z4B6XV!%9tiaK
z3qj(H*d?;{*O4q7Jp|ib`lTeoO1PQ<(WSp>4_l$o*GTft14Xu+3P^M?UKSkL231<T
zmFEwIn)36hs9i;;PT1&p4pkt^8NA|>Co;26`B5A^P!9&rP=@RG3GTA4W~nqgMN10T
z*$)BLzqb+_%qsKneYSgO^}}H;oq$fJG(CG+_d>Xp{bOn1N56#{g1Q8NG5>C+jzqP1
zPn}j%u@$IfXN)L!eH$^K`odFFxMlGG;TT<8v`$iLQm<OLH4Ax|jEX*8-u*e;f%0w5
zf9sFSZ59G2yEn-mbM1J<E__sLU2innzoPus7!z;Eya;)^P$9Q7=rF#>vv5?7*?*T?
zx*e<Pl=uFN(PZqSC{9lBPZvJ6SLfMID+S*ei|GUPu8UI!mkhHX-eJy)+QHr&IB_Ua
zs;Hji%C~R3+*0nGO7E-($mR-zgo784HNQ8_D^J^(2Y>jZ{>&ps@Ot#*A?n_<o#P>`
zC|<qaCluL18Qj9%hr<7QOGq7yd^oi6=G>fh#o6&5t+#EOd8>I`@l^rA{VC7JvXriv
z>Frv;n%Di2(o5ib(_uwQS2z@{pdm|*K<TEWQyGA<{MC|;z#fgK87J!g_y|ex^w3<A
zpVIDl>D8p4wm!rrr$1<*UPo#5!urPYlmg~^idW>wvdbK01fe=DPieO!L{=&*$pz?W
z%?})}ga$}FfLDv29nB@_qpaS2#uArw0)Eomf+y{AiKR7ONBYo^`D9aD*_@L+*psO|
z;hVJ&!RxQz<|&7%5BD!bEa)_+;~ltXd^*U9%ag>C&MnfK(33!YeuwGI0mU-G>!fcL
zl7ORvA1t-I1Jw$kF}?lM<U60uhr+b1(9-smlzlvv)EPP%4ZzQu+$n)gC|T=!3PVjp
z_gDw#QIbYhw}$MSS*izISKFgl#5A|vo!>z(ZL=u066*%xEBP)lCVxFyHvQ7^Fm9sJ
zcy!p=Us7GQbuC%p6U(>GlA~K_r%4FB71|xhoNebYb>=gls#tegIY72j62)J&2I|VV
zE#mLSyQD0Ofg~Fw+)xzx8|9ij3G_Z;OzjJ|Uw0$=PdtqY-<PF78nsw#m!(~;vx<Kq
z$gxms1IWvR+l$6pXg*1LaiPp2tGP^{+UQHi4%4~39E$(&iASlY@k<;Bw>97Y=tSl-
z)xMU1@~twRxlE=Rx=N#5-FtkR+T5!^ByzmNJLG9JMP{8qnWR1`bC-{f{LFl4DpY=X
zWgoZK9T>FFc|&7cYe52}x${a^r?+TJztU9&H}N@ju-LjuvmqB~O8Q-JcYi7Ns<_LX
zCo(%RChQekvS06T3_okJ3&eg=n@h6E+PC@9bCZp~>YC!KO9bz%8Gab)bO{Q`Az|$O
z99FYep1(6kn*NxFz}2<jvEG$zp>V1;&zF%+rDX^SE2@V&RA;&T)FBezn7r=i7k^@r
zf!;4t_W7s{rmcE>Tz?1dNp$Xb`P5{$|8=j|q1W@);4y#~J|vQ5Og2;Xds6gY743V^
zAnSI<jxs(a5hIc!tz#h`nx3+(PL28lXKjJ4tL+RgkU|mtA({P}JAwDRhP|4j4itAv
zt#?Cb9P&6X?Vh~)nRqDGwp{*PlcPy!+fu)NPfLuY)76FgP$6U~jEENrdhfN!B#BQ!
zGK;l5(CizsrQ4+dnE^o`@b!NeUDF+Bf8ugI<`!o4$8)2`Hu!U@DeZsMFG1TjG<N;+
zj<ndyQuh)S^A3NDg!}zOBwP5&iF;jZ+<=tkZj>r+6C3lD3Nmxhc-kCg!?e|q_2(5u
zuKVukqIt^ISVbU{E%l_=RccQ;F~!%vtePGsxI}f;JqMN7`OKI!U74)~s#{dfB{g6-
z!ikOJ*u}U64D(#_Qu8Q@U!hBi{q{uLs|EHGMBT#ivd^04?4_oXCx~W^4R;BS1)<M5
zfmYnPjex!-onh!@J%{??!Pvvm_Tg8MwxW43%$m;M$x11NGT?{zo|O7MIvRgVFG!-3
zp|-tIM8u5D?&<QlA_L}5sF$<PT-IL~a5gyR^SuJ^OhbP_)%^*pn7McrmxjtG^L&OV
zbP-vSnB60jNsm)O3cn9R&*hgOf--Q7<;-hyCo5VBH}y;|NxfJ!18tk3V5XPe$8W`z
z%i(Zo`&dPtR9Qs=0<}=sD=5ahNk>(JEVP;tRXg6sIMqgf&?0k99V_{jfDmDRu@=T)
ze8MR;gBjiHnxU(-%6|JH*=eE63X_EKerQTXC!^ycW?SnyW?B4hJE8euo@X|7anDxE
zJQY%|`y6jbjRfUuO(_^D(jg@fSH>m0y504)5PMp??>AQBKD(~!Px>>Dk?kLi9E7x8
zf2j=)C<@VSCqRrAL~NDCf4PPJ^@j8!`YHqavnS<^O4RV(=`uW^%};?gx*TxD<)`v)
zXGy^Pd)`uyyVv<6=_fwtGD}nUrS1JGXQr<*pStp~UO#zz+jr03fQ2V4M^_4N1=X}V
z;&*D}L(*H|MW{#0gZ*6^Hdwdif4j3u0vY**FU#Eg-dm?xTamVtzimBa^R&bUgtD@#
zD!P3@)fHJ(dkd#jHEyqbvB32l@TK=Jo!l214ixAb;cno4)xY4mP}!WG_UCEZJ2^fk
z7b1-mF~BaJZ}MB#H~lxu{Vz}LyJ5bZM*Af-m-&D<Us!jBO?^5Y2ekX7$FimUnHXva
zm&l~~xn9z`=%^VO;N9UxIGGtgRC|q%#q9r{b&}+tyg3q0OL!#vH?;G;JK^+ejW~@a
z%6v1zTbj8E#<m=7;&sSQ4L3|IXX6HbMa3BX^`ej89m5%wglmk-Yr~qM=)*TtH=6{m
zc?%l<{ZV%+hk>u)<dw(86=MIl*!DjGZ}FA&xx4%&|L7K6{U3pO<IlwVN~WS+{V)Fp
z%@<8IMsfDv@pW|>9sctiy1Hu=RR5oa@K9tF+Q-M|Eqwb(cu+$kC;r=Vz~4~v;;-)w
zH%1d9>|-PcUkq|EkqrKOqc67HO5WFN>!HW<kDl(^>+Gxi=UGfc(evPdl7y@hx~h@x
z|8`zO&$orw&*<99UG}~R@&D6m1AOM{^m<0WD9(P6^&S=a@BN-sRoXOrjtBY2j4bE=
z4G=DN2@zGh3(ZL!^IA1Zq#OUaPr4>Nl~=uiX8!I#=6|;j%*=Wlp5ET9vJKibslwn?
z1xP(`w-N5Ynkeddr#)n~NxOntiZ_Y+srgK&MKj|=NDUoFBx@!q^16QcjxIc)U*UPd
z{;UmcnD$`@Wr1S>i!)MhD1?7#cQH;@Ik`)k>PI;5)TtH=t>9>XQvciez2!n~^<zjY
zM>Fpch@<{c^1SQdf$+pj!Qxc3r>Eycv2)OS9~$<13nmMRHc3s6!zm>JlMbK0)edQc
z`6Bo4+xmB2^>1CeE6NpUGlNRR_B#;15zPVD0|J!xTcS>ijGG|8Ts6)&xhmA6B>1M<
z^M!c1RUx#Kbnz>;pPVX#cu*m{W{RcT<B!vdCSN0&s149z<jsqN-6-id3;kH+UQ?6^
z{n;<FYYCSgzXmtf_Iml~%bjnjs(=DCm?xRY|3|*Gw0Q*>f~6A=Q0<aHJ2fwDoG%}J
z9NxZL7JnMO*g)&1UB@sqCD!GWX0jhKSBdVNY{yrr=r=R6_HSBygJdSuLu7q<!<hP>
zNp~8Fey^ZdDIN02qULQi+t+S#xo}O?^-EG&28<^pDyBSKGONZ&zO7Wc<A8SdpW_8T
zcytQ!U`SfBY(Y4yT-123ju*7#s2IghIwM`mmutZJR2Lq9d0}Rf%)0|idg)!P8B(yq
z(TvU}VN0LwNId;>P<S#@Qtod9IXbr!ecR5@Xt8C8roj=uZ0zXl=dm|Cr1VCPf7>Uh
zAQqNpU_Aoy3M)-W&|CJtlw**T?-s2Ij}}Y8pV`nU?3Q8wHyu1VQ&NS1=U)D0TiMz~
zBJMvJJ8d#T))(&pn-04bZ9-5+LG4C$3%)_^N1@%J?FT;ig2mB?(0-Rv7cVM|-(*Da
zCN@#9kq8l=$c3&JuEUpe*Q<4FrF#_1z*ddOWB<wZ2DAPC+=AH_vu|kQF24!Cq%95^
zSy|aeRnE>jRrgfZdk_CvHFOKFqZ_q9@49;^{q&D1uGfpj_s-chCb(axwda}Sfk89L
z26;XY_9I1wSw+fjPxb_6+V>rMjOMG#f=mZ|R3F<$E*(Xi4KyfXe6F)=5&b7boPg8E
z*)v0JyKazXn08w2NGb6Jv`ANOH-n^ybgcErJqkPsR$8{NB7(P>)1eLpVVaXCbYB*P
zGQ!NR_!{ijGPB?KvVO&{Ief8{2kFI^@5Hs=uK6cS!ET(19D!_uRl*JSyof44PuBv*
zkHh!1YSfP9w3~JtrGyrNy}qEK^GE%XCr3@$rPMGlKBfpGr>M(_`r0<od|i}}$p$`_
zP;npZI*AXHTntHchC~OF_7~Vr5Og>I4K6(G<NQI6)p-|{gf`(yTd0LJh&1*Ed~{pY
zyP3b(j_lvB^+5H~ox@q`y}a14w&F(t>Qe1TG+a#4Omll=rAUOKOFZFRG8&|A>qz9E
znXweEC1I`>_^n5$l7JTL)#rRw0kP@YdlY-JMHxO%munkFnR3uyN#MR<3O*#E^CX(y
zsOk&xz2cPio|czb^iG~H7D21Umx&zTaPkb2h^%G~<DrBh1%vlh^-2}1Arx?vgLHDn
zIvBm8C@{&6oZu%Cw*OSbYsy73&O*~m2^nk=)W!s?9++xq#To^Z&w`UH;)!VLbkLBa
zQ+qG?8`(N+*2;IJTV*@5*OQBdg~jZNoafh(!EE;|{yQGHhXeLR1ea}-%XLq(3}dU_
zPmVTTmO?xz@mEjQU^P<x3U2*Syf<qvsC=wBI!38lYmY2wb$$*%Ia+>k)?jnCa?0N1
z(3s2S^TD3Ay8X;^%APgQ=4p=}zEQksMF5rbkAV>w!^<8mM@op<y>MKX{XBs_jZ&ZX
zaIr-J92KTaWbu4a;QN!w5b}#FQZ<nbxIjwm0Ds)db4!!Oprq`Okw<NQd{D>FchzME
z?P0|3&VGF!x_|&@bK`xWfPazI$C6Us3MWs1rDTBu1>AQ&#d2D<$)=jF53e(lNo-$d
zgM-o%QPl4JGPzFtL&x)<m`M=FW@s#eiLGA}ym%VF!^RHWKyiSP-f6YRg^2k0t+f45
zH-`viJ_~63YAZAEg`2)aL5vfwh6wB=;rM*s?aGh8(Gx#gQFhCF4gT!h$iD;EZn_xU
zP0&G8_h&%}MV97j5qX)XdNTvp-wTa?g<``9<PrG^=n;~-n#|x4=1#ki<cz&Ka!;AJ
zdA8kc9k??ck%Of34KUUxRweWchS^)MQ^V@dAU-GX$Fcr-*YZb@X_q`UDb9O@kMsUO
z+>J9a1<R-xI9^_GbZ37T6w_S<RX@uYyue4!H1;zjlozeFFBO6m9gr2#oAkC#=X_Ip
zh?FJ4kx<Pv(4dU<F6z-_YzCWSUTJ0YCJ0;Y1&Uo*><e=UzbQ)OV)31!MAJ#Nu#umC
zeZ4u&2NwA~ZC5ERsw~)BY2xJQ=y=U|{_*qMLfstALrGG*{ndPcM8w;T20rqkkzY@g
zU+X?7i|LikI`QNkO2$i%1+hPpu~wwjuI)OAt*6?YY`_xTXC=^HJwxJ#lW~Xr>s5AP
z=6P&3TuR;?O}<N>sv~L)_d4gK&bOBI?GafR?_TY7cFg<b@D$dz-G|HleR{9M^CZ!Y
z^Co@KGG*?WUMAPHlq|Nd8`X)U9rz~w?+ix_9^rTGRqgH1k0nrGuED+8{yNC9i>}s&
zkE-vN_22W0)|YT^3`*fs6U^Y<Ym;H>GbOtV@Ps@=bZOpJ#Rje6Jo@>J?x_~MbK&O5
znO=q<gnj<Z8dvsRn<Wpw5>$R3!}{y5*)#u|{XuER(HNp6Zx|O}<<|e#?DhS^w(sER
zkp})QUK<}`hRn>dx?ETbN4uM{@``HKS$-T((yTU~#2RKK&)vOGyy<DvErKnCs@^P0
zS$M0^vSY7|GC(Sz5$a$1yJq9Z^Pwf-+HXu`qhQgecMH4M2Lh8`gl2L?Fjhx<7=kGA
z#A_$eem`6_#s}IfA^9lP^_SiQhUiZ-+z{ZlN7HsdBzYih`f%(Z`g|ZM`v{hGgg;HZ
zlYJ5%8#3G;d87)Kg7R23KF{+zy1RTJ(R?>PF){IuOyY^E!gr-K?(lKZES1Tlo;I8Q
z7Z`GO#z|mEVx18#Sy3@>0>}9IKH<}IMsA!wS5`LxYk*yc8$`Z3x_f>NO7AJhc4v2~
zl^v!{)=1SRg&7v8O$QcstbvGY9;-v1y-MeLHW>YnZ9y~}1(Ki_jDUwY|NSOvnA0d-
za}m|*IGOX!C(i|tsas*0CP7&xr!3w^>1j*t$DsXG5BK(3>F!GSJ=?$u-?rOn_m`wJ
zqMw4yS+2L)h4gF9?=o2G+oXkm^{`miZ><Q=Ewq5P>id)#ZezoyTpEK3uQSdUPhduA
zxp_a%KG-5ahQ`rlqHG8`*1>j<PM0AK(PJo26DZ9ZgeWnP1&PER_Y5`>o|G>8$Q|q;
zhiZ8VR$45bld1RKsj$tsaED{H0OQ|I_}Ot`U`+C|%RDZej!#+GhnN!hI^#5$=%S0)
z6i3(}wd%#F-itB@u5@AJms=uAa=_DQgs<kv>6scQTw$o}NZ07z2-uF3^igA^Qd&J)
z*;wkF&CmTbP_-3r?4PsJCuCHwmfCm7s8yEG@SN(WrS11rQ#q-&uD9rCl{HPiDx6Lk
zBSQlk0g_zPhs(FijJn#^fsMg-T7EY?3+3V23!m_+Toy?yYjgo`w^iGIMJNKI_MB}4
z30C>%CkCr0kXKoJOn}r2>koeH$>~x0%s85+HV8^Tc!4dyV+i%kL#HUD7J@A!PZg7-
zWi$&C7JNXwOoqVYo%=2>!f{Oesdvmutwx=4BCEBphZ+XG*i%=>uB$KTIs`Y68!2bT
zHN0_2wc&jBfH%b30J7h_5<fLuz8w2m)(?pH^OrMWDpa2L=tR9J;~jR|GC7moji*a)
zli3!|OVkF4BB*VSosLglkphR;=lKX6P4K4V5FT93WX11B&Qt}TUbW=v?f9GRyBdu3
z-6Q-mBP;lqUs?SPQ}Iyh29MGg_JukG?Hyp}298glaaTUz%G3D0E(7t3(jU$MKl{Rw
zv;N2(r&Gf#DXqD+flk>`)$74M*lR^<JK!tH3sG(ylPTDcXvFLOsK-@gEe#tukD5=f
zl!nx0{}LrrLK(wDoMtOaufg$3hOpNduKDOWS9OYC=eB;hz+?NYPn`=b;ZT~|istF4
z<HRtJeT!sJNEzq?&h#IQI+j`V(h6BYsCT-=aWkn)cAd8B!0uF+gzbr*IPZlW?#!7P
zpc=7`WZ4g$mDTzS1M+rd`ni1hhLelUWNzsK4R(}Y<dVYDPYq^`A+C@tZYLAc6>;eK
z4RMn~fp$u%j^sH<5}bSg)LWIWf#)Iw$oNO#0v5Y!lBASKUYmGvK)w1Q1HUrrrhJ-f
z06E@?7}lQSA2_)%cGd42_HBI)?itvtvaZ7%yKu|$@SP7Qux72j`n0~C^=(<-L^^!o
zI#b0k?j$}I-ppBDIVP=ej^ns<5PcwO?NrZnG@s=}xG?Swvd5sZcfI$rLR3Ma=>mRz
zVL=8N0>GVgYM07IogQy}cH(*g(Y>VwJXNx-7o^R~UxTre=e)B5cAVxAG%gL;>;)4#
zJLO7S<l$^;ZKi0@l>ab>mKr&ke(^vd;aK}Ig|cJNCaKAI0|q>qI)?QygNYT<*<?da
zUm5D4Jf)ROic+L{1e4OXG-vlpT2uq!zKQ?UQEm@p=sEV95msGlMLUDUdct>uoU`G9
zB-L`^MQce}{0s^AR2+zw6*?30gn;TFs`V!@OZ^^<HFG|UKSE)Pq{2vu{BuR}vz>c%
zLCni5Qao_8ouS~ck&ongbsOyCY#+$-Z&X7NkuuM4a=Ibrc9X~Ng|mP$Gx;s$W8L2l
zsyr+8f@ax755DFiwll8zfI}nYGDelMwx;Vi(WRtcQG^;;)|Nl!>#5aAZa(_5tsH@6
z@e~b@9BK>c?#-5-u}IdH)l?azeKjd{vS5&{NydlWqx)$d4%b))6%8G@+OMh~v)jsX
z7ZFML6A3*(#^_FAQPgM>re`qA_H&B-#iqepc*uBkKJS6a;+NAL%hc|n*k*wv<)cl3
ziQc?4ed4E5>5<QJT`6wArCVWeuXXo70%X1W;Ab{A<x%(Z1ApJiob3MAam1ORUUqcF
zSdA+v?m3JF+%CFol9zI17yEWKNivL&+_rK&X?(so>uNeGk22{%nme#BkUni=x(Yzd
zI4vifi*(jL1GR~KT<nnQ<)G2M@@cVwVDS93^5?$a?fJ36hP`hSY(tN7e*{OFlKWXG
zQ$0?OxDq%;ce_Pn2?CQ@>}_^4{aTs3jnXB%ML+iYyUrtytW*FM<$e*~{j<Rn4(EgG
z_Wd2FI>`7}+vDv)`W1H;4=g70=gG&Is{|MjJXHvLv;7rSOP(pg&Q11hzdOvQo1ET$
zj-k#wO2f|fALLL(teV8;MdI}5@p8T7u(u|EoklAo1S3#RM7G0h_QURRsj>1?SCc0@
zhVG*mI^@>W=0UJ_k;^-e>zp1V&*gYu{XywbK)TL=Mk4qI7VN>}R{z>szCfD*p5yo^
zG6%t{k}ccd)uj0i%&GYHA?kD4(Y;g<_byVsvtQ`&BpZGwj5v&1fgyQ;#^F9Ik%qql
zBgSL{oz6aG$bi1^DY%g!e4w)($HUEW9RoVIHi;QH6eMKCWc<_tAhLJP;_tQvYjnyw
z#S_C$*VNO0{%$>~*ZxAn<d9C~-Imu(V#LeJ36&XUvX9RVjFf)=jrQsuNlHor!Y?00
zG-~VWuJ|k_@N3N`x01s&q@GyoQo|U}cd8^GwU}R#(s{<lY>hh2OAy;@0M-Z(ZK{hg
zn}#;C<2CDV77Y+4%o#6IvzH5@i3w`2%NrX%U4Tu_+tX#1%U!UkgqH^a?k#~aTmovd
zA<Jj>e)qS0Dmq23_2HD6P5W_I{|ADa3TYQv{V(uyaSZ7BH~pKC@O{@7fQbATI=g_!
zeE$b1yFjlj?d*8HYW~}8KGCQr@z<Tx@vI+>jpl@fiHX;WUNg6Zh4n`6|2t}}14}@$
z@4$)O$cfjLxqn4dA@nsD*95(n%%HFPcbxCL7f4ZXkbaEMmBs&bQM%~zAB>5ogCg%c
zw><oLJyqUc$@i$gs8X!gzo^vzmWaMr#!wSlZTnhSJhZ%4cRD$^n$2;3Q_H`_c2o68
zpyH`nLPEvMlpuT7T=>d#mj}mEzwl_9rtFbGKnQENL6$`CFIPpA%btK{R)fqc7B|o}
zm!kr)gG{N;r?~r|KU_Y)wsW(dQC;Bjs|f}%kW~cjSyqW5%U<ubPyEH<ve5xwb78>@
zk@nxb$Z>z}Ov*^E8!l#bFni!WsLROW@Ky&)FS1{bAE|&8{O=hh&A$W63WSlb(*|t}
zca{}J|Loft40nYUR`#jILx6b4kz7UI4~{qeNpeqNmpGK7xuT;n;#TdNsb9?4Rq=W=
z$-<$Ax*M3R<<@SImEvt!zk5K4ZD9Z4NoNE9a!=mRsmMfE+C7z1>g?lKmUNmtha&(+
z)qz9Ao+zU=``tD0{d#Eefch!*<bEuR--BYl;0tZaXDKr(+y9o{#Rhpz&(exjkS>Rs
zJS`DfC>rgPRh9l}e^%Z100Z@}Rr+#Gx$tAkX?Dsx82|l^dp>b*%s#<ctX)PP<u&sZ
zAykdmuX!PQAmmV{e=O}1*pWGulOLbRb?|AkH*OGFl6H$$1__{~cz#tj=;Gm{oguR_
zVM;Woyz6o=yM50aT9#+Nw}ik_5)wVaS+>Q2ltodJldmYL$1Z#;czZ_RuW#Mdc5!j>
zxfZ=p>;}7ln*5?m`UG(W&<Likgc9JN9O@8<?q>C)AoGcUfv7DfjmSSTw>?;Rr}Rdn
z(#-{`-PnHTPRjV5mdO~WiSy;Y<3~JAYJi?o^CNhUhr{0c^t+iL(vVu`G^xaO5sg*#
z+Nus6Gf;w!=j47CIWoZ*Li>6eNF+$wJJoyNlYJD4j+AN-igTY!tvNTg#a=HZ?Xyjl
z60ed^_g#sECo>NA2XDX<Rx}vsN#zACB2l=?s3*S2|23F`cq7d`vLbM}33cRFK9;Y*
z(;W-#pmtqN4+hqT+Bw=g>><m@FZ~a)KbKd)NN-y}_LpI)#JfVN?LY<)i8yp()#_MW
zrAsv}2hP0TWNy@C=fA|M!fczyrFhM)C`yTnp5t@M(2AL{svftJNk-$k&j%t?<k7Tc
z#PeoK_2#Hlx4`~eKTd5v+Jy+b(@xSc3i<0@P5ftnu+G^gX((UP_13mlwQzsQsCYQ(
z9N2b_b-hw(-M_NI6x!KZj-!TOGQ=Di*?7rHYtqi1U%AG2synhwKZNNCP)2pz0e0kG
zU%aQqSJ>ecz+G@g`knSNxYmKR1Y<j!9fX1jGMoH$2-fpaML|z!i*e`m&M1$qdM`~e
zHRF_!sj5c6s;-YpST4&4s?`4VZx?AWap#=I6XKGzW2;u;_w7e&oXy0i+HR4j0L2+k
zor`&cweln+aE4q4#;OI#{vyh1V4pj@fvlc_mUZZRf-UWn`R>9n!nP$#Ol&Wa0XVfb
z!v1u&hBrlo=Ooavqo!!NX#Qr$wMF&&8%7<FqVWB->5}n>!>DbcZ*#Hmy~0=6*rQQ%
z+bS&%jcBU9DCHXY+>Kz&>Poq&Q_T!E^-&a+(*fDM{Ku~pMO*-C?FGk}S<%B*x7|Ls
zmF=uYOUjZq;KwGm#W3X+MAl)jg2>cpZ<vprV;giHEDh{}oOmyli)CwAEm-*2(Xn-(
zKvutb=@!nk*+yK>a<3LXPHVe^*whs{;R{b1b!iCHMJP(|>W_5Gzt{L&#=%a|3a28m
zJxyw6<{xl!-f^onM!78}g|f83i;bmJ2KE>`8=sk(QO-?863>q2!90LE=R_qQjS*EH
z|3ACRj$jVY=m3GtY{bk+A^Q^<N$UdkwH6OK-^h?}fbNzx3!XdLOb-#)q8Jz!uxq_%
z=W`}Q{t!vD)>0o6U*B|JOUK5!>z&*>p#t1jF_^(w6f`SA{sU_mKyHt=@N>ae`VlMq
z9wa-xVx}7AZYXY>%=BPG@wh;(|I}*7Y%<&zMIDMV3^z7IKiE}YMo(Ubii;o<*fl&&
zJcm-_1K2;3&!w`IqL{8$bn8zILuK9h^AP-0lM%aB;j_&nn$)+Q`jA>lkrKQgUS^+J
zAevZG4ysRQBMN(_pNqPXh;uvP452U%{(T6iKcbmv%&I>4ETluK{`#?e>0HVu7@I>b
z7Lbm+4eP?4e~L*+P<xUOWY(rHgMpvE86OEdF4~wcG}&K7_D&D(a|evH#Q$ic$<^+T
za!c#YQPxgOYo<U+|Kfw&gS4L3a4s~6Q$W{2B-*Ozz!b89r34U@X54jEj}F`0UJKql
z+fENUc8G*J3TzbK>EpMl+^~7AE>f77S7aN<#}cG_>e$YI+=&iGZcV;TS-rgZ^)Y;9
z{36*n@FTD=Nrum6A6sJS(3O3e__`IT;+*6HQ@wA$@g`{P7a(mXKu1=}hMt>+%DBr#
zkbJgn(jO3E?A@dpznG}qx!RfKu%RdV1;00P0(MplB$fKX0?Lx=r1NecLtkDV9S4YW
zqs}}yWeGc=(VjneZ@shiITfRdePh^zMgLLW(pyd?U@Z;WvZZsLnN-N5g^lephF(iL
z^y+Zp#_52^#;sQMEAWZGxu4PveHQ<qGS|*Yp5WiQhT~Kgt3%Qamjd3kuxqRRk^6XF
zCOQh%C+8O=yM!ISqs^AmPII$QvRUtsCS+K-r`9xEuC`?LB45E*`Z$#ucTMvN4Y&yp
zWmHS!+3D`tcG-(f%Y$<z=Fm5UWj&jauR(>@Z*Whc0dvL4K|P$0-$erEPbQAC!!~Rs
z4tMlmk5}8|aJP3N9jNNa=P9`*ydmu|>QZ;RTGff%*xuI*{x~x)nYH{JM@Ua-hX>`@
z3AP06{ZlQTH}uy4ls;o><)8?;Yg};_9xxG{wu<6?=;)c6O)kcEWTrLZ`?FsQe|d#-
zBge{{K&fper5`p$*Y$RBkJ5r9cpD-LqANa3^iwM?08+KdYn~b{ef$$!7$V)1hJCu7
z$x(u;3UD89B>*Eh+7cofiN?vKA+c3ALn~tQpKO0U+RVsMjZrwl5{>FH60cF)<a%|H
zbE|R|bu+fnk~Rv--{_sD>$PfZ-oGN7oYZFGJy`}s{^}L4GHMfLwMa^Tizr`j13#zd
ze1L0@Je2VJFs#0!kKyKi<{Gn(2=@rgx$QR*Am5fYjd^<N$Z*YMY)14>RAF;S^>0=s
ziMDz5N13WmKHkA)!EmL6*Z|Ps%vL=O5aI>@$-Zc@SCD?&-swGl>uu?$S)1*GtirF5
zzNz^3XE~1IRhhU4!{u`HtHF)L3?-9_;46J<Irubbzt8x0XyP_@UB~Pw5Ed~-NcmlF
z3#hZ97D6^m^o86q+F^Gh??!b4QTKAR$ACjN5i?4)6&h6@po*Koks3ImFNLykUHSlW
zNsKR3(q`l4tESMkf%JKQmCDLWL}n%%hD0PlMn*;uORb?mZf<T!aB#3^>WSLXI0y*B
z2KI!4S_k3pt8XTC;IeL_&OdGxl=-|?!_&8Qd7Y{JX8IcXGvDu|8p5AwiqcRxhX)!q
z?<OWSw7u$!|1ODc_i^MrwN?OWy@mKKevje{7-s>rngG`7oK(=gfq=SM<H1?H$64yl
zWK7y^j9yyhQITZ`1Ow3-QigFy+S0RCyX2!kL;%aq&v-G<C!+})C82Gl)l6Sz2>k(p
z;pCRl&|y8!SAHx)NGRjNZ?{cC*!wVIjGYQB?;^|k1Av6b)dCz(wa-kN+JnB6qgIpO
z<IfO22x-K5<MZnKj=*U(j((*(gTTe)enUb(C~^Xw10!(vl+sVYPy3W3PcxB;`g0qY
z;`f*@n_5o#r<NLiYM)zYBH#z*@&8VGUNzqypA5o!;G%%O61uhO;gO5fM8<6DkL;in
zJ@{(oj3ZXwFG-ksweR6xcgqW)qL2PrH7R+{30RIb534>fz=qz6R>BzPOH{q2*O4ND
zz;+}JDA7aW?8&+2aaeNZq~*DE)vq%^TU}(Um?Uj?+z<BiO`~Un*WT2VVzhHxEfkmP
zk5}lD)b|P-SCm(e4T#&aXAOpsrcU=6bWIWonL;9Fy;LhL5T$N%dYF+Jo5rSD-uU!8
zMBGRbHkr3sfKNb#tZZZ2CrKZ0!y{eY!IAomvxqkZ^Bw7%(&Eb&kXLBupp{+Na^06c
z0^lo)Z=6P@!|wCS@WZcO8wvG=98r$UhrayHB~Q!SwJtRSfK8b!ci#meA13WrkUDj8
zJ-Z~$U^u>U8-^$%Z-sXF_{XKVpu!CFH*?H=?I<#R^N7;XJc95Lyro9{t7j{iVUM)L
z$>Dki;E48A+b@C^@4Ly%`kX(a=iaAW{MKl9T(s?o9nUj&<R7v->5t)S$uMqbIFmZR
zei0*`&44$_EBfR?wz6$e8*irO%lc+sL2^r5EHf-wn>f724begz^t<m~${k_9RTH<o
zkmRZSRC{8$(z$&#2_=si%`k#&F?IHmF(JEPKTt$EN!2|~Oxvkjf7^VG&QG2FDo(r0
zvaT3{m!Yrs;CXNnKr!)Ncc4T`wE|je&iDCYPQAzM*a4^2I!r}*z_@!<gmcPlixEka
zPbiJytcyvOF{dntPAi7^+-<49J0XK;+^14$ayxiMVgDbEgAEN^xoaoqgDu(76X`0R
zhx8h@CAr<Z$TB;z7qd@x`3&p7*0KnI^b;)oz5Wc4Hp{6L<N4ymxEGrrliN4SKi=kO
z{==Ef=U9d~<tYS8DU1-Xwev3nE%r6x=@IN@#~#rbhBhhcI1~L`4Q8HMrd?Kf4Qi(6
zZI~k99#udov%Y-{k7ie&Am<D2k?yk5S46**i<Kl9H!-Cy39$JZt{rzIDjiqnq>5Gz
z2gn`oV!L$**fz(yc~lk(lo`sXy?=R+YF@iD>H7fNrMM|C%-xJ2i>_Vqi=<D+t=4=I
z0A6<z^#nfI>H6%KLW-KM)Ko)ij<0-oot>{#)mPK}otL)e^h-av16&{EPs|UudIn|Y
zAC;vZ{tY&~5)GN>=g-$*JcDmDHmrmu-ZPEv6CrMyYk<0MA1)qf{Zp0q+VmmAy@<|o
z2liVR8}M|s+Z}zIIpFZPlb=;~F;_uS{YfK_v$6F<I#RQO1gdSpV-+c>4My|WOBI<!
zdU4M+dvZxv-1(+)8#qF|DT>6#H_97J>BY9X5#-xr5FuRQyA=2S`PRlK#RxY?q148f
zY$N)Gyu)8DA*#`WQms36?_ZJzEA;(y?c!Y%Ih-x4=94G3f-^m$GNRvlD~{wla|TSG
zbH1Z18hbt3kmt7gOw+R2i=xk%DGF&Hk^>%tyK<!DDBIp9RrShOM+vTOqd)h;RoN5n
zr0WLlsq?YuT$li7!bmgoK+p8JQwyDVOH1XE*93?+VHm#J@gS}Ha_m4Fe~+X|0)A{?
zeSdyFZGQr3;E%4TmtA?J2;rUap_z-dvM$-ZUrWb38{1vK-wGx3f|SeJUMk97KFY3I
z_mk{E8tnDFZNIy9E1s8XyBZ$+oFOm<W^s=k!OO=L*=+t5X7zzPOY3P0uMK<|31eGr
zi&n=zek>vtdFv_O<6=WG`X`&h#uhOGJ`M~JFiToph4*GHuY+f*bodQWGP^e_<8Pfu
z?UB2_KS@mup98+wJB&aXfcl6Bz|b+_Y!Ut<@nRpy&TV=gkW#eiFA8X2()e!Ci%;H8
z;SnNhm@8p~X7IM~<oX-%X7n<d?cJ-}`JYsUyLu}IUs1Z7#$ub9sE47eX<X&X3$~{M
znVfloO(=dQ_uwEOxqvO}c_dTPUR*eS0PxP9xPY_zra#CT(%C35{(9$UoRJv8xzgo=
z)l=@VaeF8sYsnt+wiQ<Rx>eWk<3}wf@-HJrQ@*U!$@TbXg44+n<tt6ip~BDnK$8?2
z%KE^Dpn)tp@qIVzr~(B_Wf(m>;9<aCp32R6QB1esBJW9O_b*Fw9NI@a%=F{#p{lfn
zXzIA1fi;0<57c>h#%<q0OuIr|Q6giZ{bNOk{FtGLh`I#ny|18DH4S>SsZ2q9wzhO`
zEnH~xgUM!&-QSTRIAVidG66(r4!xSso~I3@IFr(#%Q0JRqDFZwDs1|FfjaF$Ht;0<
zwnH?b5zt9(C&zF$`Da1kCv5h4q(w=@2uAZp1}ISZF5fT1)Gr||TPg1^pd!kbPhupi
z1fnAq*H~I}^YUc(f0bjMg0VL$A1kv7;lZ~RERk;?>s;*HdbPV@(IK)TOzJFny_0~5
z2_L3aDxbNQlg{@qZO`kAUTidstE_wwtx^4>vPMElxi{xV1wh4s3Z)|-U6R6$p)~j~
zT@tOe3Q-puy8P*+yQu85vJ#3mz+5(B-q444BL18rs61~R_*)YUvRL~imahWvd)~5&
zAJB*@4J)uO{wMD`b>G#yg`JI@>?k*O`;_=KlG<sct%!7TuDw2jqs7G4@%isRVT?}e
z!#;A6GsNsHDS$VQWwm%{HZ72xpD_H;0u_^+mXGbAWYXP{T%@T>diU;`F&e*r7|{Mv
z(e?fB>6|j_Z;Ow2-G{g<RwI&mRG*r}5<bJe2R%8&EUg9s5|r&_@o0agy<CtYRiXi5
zt3|ux{Y$K>89G}a!?#a;V@8@1*1w+P*g5}je}Le4_=}tQPjg=ax_zbIpWOD6xhDr^
zpxxd3N5|iBL&%DEBbL3^yKFSv=hLCnITShMvykf6Lu&ve=1j_*z2U~L({}csIp<dw
zP3;FFIKC$N<fuwsEz^$Qgn6>SdcqIDKZEKQXObt$$<@F=7mG^|#}QT7#youhsg1+Z
zOLXQ5W%W5FN#k4SayWMNCH-lqEfIhQ?mg59eGzHY<->%CL46p;L}BgZ&aT)V^tj&U
z%}N3-1~(m3>JW5soL)U%@Pf^}Qb<}g5U?h?QjEJipL<aj)0?%mGi(|H+24X}GU9X9
z#&1?cWHj!*m}xCX5QZ7bBGR_2@qnbSBm~MBGDmnfqv+#~sl2pScj^XQDs@?MLj#Ls
zL)lv+U*Uh6rQwd@5l`MK{~!k-%&H>>2+{X2zb;~EWcZ_D<pFW2oQBf~Cbencw9YHd
z@qd~i2}yFE{E!~?pUt)BJeY0Ie`v}99hDJwpS%y0+tM)wUz^l_kW~>6Ew)a9+=Y0A
z%nvA{+Xr(WVTMDFMOb9vtd9iw+ITZhGy6C1VstRs5fr7dRr1GzzSAhYc4pP|f!1kA
z+3!T7)(B>0;czLA&|_E|6Qre&d#tk|O+$JZ2ap?$1aP1=)yX-Z`F`}~>thfcn-EiA
z<ST2N(WnV2Kcc*Hn2DxwRAKtsE-3#f{Elu<U5N&|_a&eXF**k5`Nn|2qwQAJLx<q)
zE2mU`mD6oN?lu@w=5awc5J+8+i-~g5$p-Z3n2gS!9!%Yb9KpGQ6GIUMj18WneTBiV
zJ%GeY*x}jj@x*C1gjV7U;;Rlml~?EWhL8I~x+?sDvr(4uHR?^jtIpioPTg9KkOjU&
z_~->7bCzIKUsE{puG)h7Xj@u;!R`n<=4LehI<x7+z(I0P7Bh3O(1DY522Dfb%X^5b
zvHu-V%pe~#i|{R&lm{y<Hn?B)Z1?JUs9jVMcnGX=ne<aF%D0zt>u<~N{Asv#Ef+hX
zNDLTc8By6D_p4b$Gd9`Yx<F7p;~Bj!2&Gd1xq&8wsi>W*JAGsgaZFReI|G=D|6eS<
zfck<g`VYqjp)!^w*hqX&ouymfc;;+$Y)`UCgF{DT>Fw6W?XNI`_`!{1lFP-ATkkH=
zZqqKBXbDUIcLb+j-@A_tv}n7r!icke?R}<n0HBG9(ilPm1#XzN1(o&I=l+Gw83ivW
zrXOWq^AFw3Up>v1Qd5a@BVOf?YNTy_2EBxUsMqY3WIcI#YISIV`&$SW%(k<Z{GEGi
zxFA0VQ<e#XW<DMjy<jRm8Xl_8kpGLcZ#}w59uynvQT6D5=xofPFBB5~D=v<Gdy#Zl
zdg4~mnMytLZ?Tx^Lq`Us|58CI|3dZuHr1HFd4eyaW4h<r?T-fx`6>ceb&l^!VNk9t
z{}NiaX#OSzzQpo6xJiGf{nH@<aK2?P8&u5oFa7i#|HU6#8tY`N5uQ7>diY4|7yH?v
ziebvXWA`#qdKdeCm%s9#oQ55Py6S&9tN$<6Y5&KPwf~C{ytTE}=9!)Fi?$lRZE&&Q
zbocNWe~Ljsrg{F&Sg?v`fjeAdjHX7iW4&@1c~m}Mo!y?P)cNP1cezOkVo#!?qFP6p
z7n;1E>P(sQh95d8UPN`8wTb^_=cfPfs=D-l(%=6dp(*>(s5)l3yt;iNE_7%1O9~4!
zXIScmiw5#ts7mS)Kn!&Dr;I~2@N3A*`NewSe!&NRDp(|>W!q|h!6V*XKbw9R!&<R9
zV&s`Hud~;`*C1^NxX-|1%I;vRf{Z5Yw$q`#sv%0ttJcvwE}lL<(-Z#>fL>46&Qt+S
zqkeRBw5#^edtrh^R{<mwA;<X9JCFwGR143)DkykszRW>~(L_x>f!90vCDEKKIlZtG
zYM*b{cCcA*P_6dvKo#wDEKO2<+2?6*UieK@)jFj0QlW!1WKSxNOAzDpZCPhibe5c_
zL&tJD;56>DY8w{_?Z|YLKH_i))spLoCY+_K1ike8#8O}a$Mjl*$k!I=`hVtEx%IIi
z6Yl-GiIY}mEZOs^A<C{)fHs>a2Z)bqonn?454uz*vecOyjTDNc!?6;WANh)2nMzu2
zqdcr^Y>pi<m*&AM4%D+6Cf8MAgF$b2sb*<+O0-dnUA-NNEnz#=-KNoqrPZJK;6>Hb
z3#KI^gTwS#ri!C#!zbRIa>su}FC}T;eIsC|RV@EROyB&YlLh;`5`;CxhVHr(ZJmq1
zWGsvzr9qYT_1L^+{5@emWVzi%OsymcV{%H0a2vsgVYgN|#&Az|;}iTFj{^BqdBVVK
z$^E?-1w>y}lVWO{SKnT(Um2F#=IQ_3dUdvqI`2E3DsEW5G532vKggCFifJc2dG_q<
z^fP8=ERR5CuRK(RA6@A7RU0Lw*sCh%4xxorn3qr&%x;LXp=_C-NRzhLIZ_9~I0jDJ
z@<F>%%dp6eJJ|~3kDx3s^zp*6o}9Kr6sA-Q>ALI}#gHRyX(pY+{VtLiPO+cqosC*q
zMfuv)^AZIy-i*=Y_=U*MM%Ev9+VU-x*t3S7(=CZ+6eC=*g~SCx+c2bD<f@hb(#;09
zBDFhBc<H}B8^=DT%W90*dN|Ob%!J7|eb+14G4*r~d(wAG)0$x&Ukz1Z7K-~ZZhUXX
zc}_TXT0v+ogS|_Bzb{;Rm4$iJ<A)>b%u6(lO@h)uYUM_Rgzt|h1go!CX`k(qVJ1ze
z;~x*tUT?b(g!>gmu)afFgWnMKFNzE-;sy<-ZcrCi*SfA-C3AhzAH3~eH1m?gCh~W-
zx`nztA9f|JEhZChcZ2!y(h(1KylAg4ck!u)qc5H2d7$l=>9wEF(P@RfDRr&{cG!dJ
z7$tZZ_4GeOuJHEUeOy2_{S^H7I;PJt^3{ZGI$2aGg2~J{=JV0mhnCDGU(NMnPFx;t
z{k(I#<adp2ygR%;D57~kB+NHTR%Vu4mAl?h@h65Y*R$JoG(Py-GyjxN;kFD=b$)qs
z)wgo5KNv-hpt$nF8A@GN?I!u|4EO@;{p**BB9Y?F#E`bvp9E)F7yc|<+Q_70Bh1gb
zt#YUu`FhRQKKx$0Ss-w{Qij|$cQRFR;*xqp?G?G;+BgyjjK!O5YK<k;EVw-Y<0s%G
zd=X;e7B=cA%(w$>$=y63YC+Jc(Pp|L37Q)L4<8V{(k>~Pvb)&c<6cu?PXBUIle*>v
zUW3e7{D}=FG&n07i4Y!!MZLkZ7bSUhA>1WikBP?E59Rt)-f5(Nj(ei^&z0}beej%N
zXg;%LVkb6i_&cq%8ha9*-YtpC#}5%;ZuF||+NZ>G^}~?a<8>?9%J@fV>s6f?!&eQ{
z5miweBImwFRen*?+CS;x9-R%|jC{YeLL6;iO&NIS`G4KS8pv+IX4DVse&#orv>yqp
z47)!a_X*73^Uc&&CjJKd0*I1iS^h0Q)p8?&4kJAItnwR=vi;ZvS=x|={U9jjMx#{G
z)H$DkWI3-ZyR$lr?ShK065G_G^kpM+mLKzJP#YCWPyn*p57-+XhJtV0>TiIt4O@hd
zrZ1?kWEXl$M7X8y-7HNE`(DilVy!lWc3Pr5AtQCxQJW-M1a%z^A&PAe!g@loIa+oq
z#k)r8&OfY+56PK#TB`v1)A990w#eF#^jGu0Ea~w?CLVTG@~u%{y`VHumaZ3pXka#c
z{6K2S4nS*&B<ZkB+vBm45%6O2#}e@o{ldDsH()HfYa9Vu)+JQCiMI|dBRYO&+;16Z
zeR}m<w<yXmz~jtMa+N1ld{1UXJ^Uw)BYc^A$X&r!)#5VT>Ex#6%Hl=HctO()=e&F%
zf)seY)yx0xPHjT4rg~1bMRy5RB_!#T>2mXVHJJ}C|E}jPuDE&rx_?5FPYF+D=F?=D
z1v^5ZF|!kwTb2{A9;Z5>G=S)GVye=+F6edmOwz#{YBs>HV@U8`v%bC}h^U=+3#f52
z5vSr|26C{rJPu#hI#t}0z3QCaq-wRVmC(?(1RQ*3JV21va+Z(45rzz@X6lOw76#+A
zi)Ezw&GhUeXmb~?`83QnvStaN1A0cY7%Jqp6hmjpMYx-bySLw-Hgcb~#<KGHH#;%=
z@byn%RH}LdpP`BBI_vJ`h@nhL&#Ku<dyB;1{|HHTM||Sv->#L2gOAPl<bd`%f-8G~
zg(8Z=A7%mYvcXt<PvB4{B>uboyUkmx;jhuOTkWNc+P2%mi+73cR!oxCMj4N#ygW|)
zlb^=cni`ciicE%!5g)kF)y>SpZ`*jq@uo(prZaRWuuOlhG*v<H2Z)DU0;%j;!#1s#
zEPZbOo#d>!RJnW=-C-%F0+u7Z{A*jzBkK%SC9mU^%)d6L)7OnSkFfwp8fhLF;`{VX
zYuS5vR7N`NEq?AW%B;*5)+!!ZIFD59JYFmW6}9<qTUA7$e9S7_rVu_&Hl$@pRt1M<
zB{lV&zP}_MbzY>qzztj`NPG^7Uh_U*B;F#uCJ42W^&OsdOm3_K`BcO%9q0MAC(hNo
zC1KRa%AMJ=PX0^5@Rju}dkfWCkAt>&E<;@li_A<B5&V6AMM<gLkS{;{URDdhM<&rP
zoeKh!d1BF!-!Z`>zjG7Xx0Ms_Jbgol;sC%++DgIh+8c*v{=diC-A@GD1+J#EgcUA_
zzaFrbdt{f4cPgK_X*`u@QC<p9LOw~WKih<X_m<?(jd~hgXIExFvfP||oMTSm<9gHZ
z;q$(KfHOFU4EFJ)n%my~FM^qUf@_yd4*|{EKU(;+Szem>WU=$81lyv`>%vd8y&N&K
zrXi_p=cqRY>Gi)QbNQM>^SULGEeM0UPj8&B%pHWIf&g=$ufqMv-p+=+!*gezTBMDf
zR65P(hbN}@Lj>JO`Tcl}v6V|r-UoMhqYlUC?d8L<-iB$@Rdz-yA>Z3%rg>2z-7D&k
zF7HlAI|xDhA|h)^9Qms=Xj|xxro!P(_K|tLhWm!vc9ni#=}_P8;m$<%RmG(-i<Rsz
zDi-Z=T5rFb{p(?ZXomiqmP3TE=5Ee$jj&bDh0j1aV|6^;M=f5}yY__Pj2E6YCDISs
zRjPOLeXuQNdUryeot6^52}wH%&m4KHmlJ-bIM?L5-u4puU$nhtSRB!|EgC`sBm@Y7
zK=1^Dgy7H+JOmBy?$EfqYj6+l1cGaT#@*eaad&r@S55Zbcb{|5z4zSjy;naHKIrc1
zs#<HVF~=NpEc%^|>$@R1?3rcaTT9d1S4o_%r1#o2PzAfd^PW?~dt7=VoPy#uyu7<Y
zJK92KOxo+6!YkzvJI8HB1C}AXx)y5$t);-MxPADTlO925HFiUfo&ZsEr`w#Db~Cm8
z!!!$y^CAM_u7K-<YuFcSsw%A1<xcmz_p{s&oPn}3mhOG{RjE(8H~u6cPG_~k?~;W2
z*LOA;oNfVq8;%@U*gs0MIv3hT7Otg>KOD0(o<b42_2PRc^4H3r_klOX$P?RqoEErT
zZ^gbWlsTEwrz(<P(kw%DTJ2pUT+*-7r*!Waq{QJ95^xVwoRSx9BZ`etUo({|WxKa}
z`Gbu;0veEQ9i<vXZb`Q59)}tQ4cP-X6-{qDF1qebg53hV=nD*=?F)t=-9B?0X6CDx
ztG`}Bb8jEs#_HYU?sj)|^M9pXu2@rKLwD?S-%Px)FFh$mN{$q3;I%cuYGsfIRw41t
z;DwdQmzIC1*$GAyh67KH7e#H?Tm&MvhlIpN+1N@=RPqpa@(GiE^<Nk#`5}*EZgkBD
zhMbKNQDZqX?(kV6=q<dgcPzU;<3-~#SD2xd{wgtWL<(Q0L@b$d#AkD0mSI??N>(v2
z9K1JifM<5VJVU$SxFEvN6$801Rcg4ZUKz${E-6;3OIcOv+B_7S5g(VGT~OAfGQ&BG
zF~46NbUfXF<K4Vr!H-ptY~4GLZM=P6IcpV!TSmrCalJ<C9)L*XBDr?iZCJ`k;#dq;
z=?dygI0$WTE09UkAnQRMKzU~r+>1Pl!W&^LOk_EHOE^Jf%_a`bGj4M^*lP(;-V3iw
zb3;QB6JRZU<+v9A+#URr9?ha4hUk=y%c_BPXu~GDSZ%RI0~yT2jB%GfxU~)Og7SwN
zKi`CiA}H-+yIMGXHH{VDk3`|^-!ZE!8k^!jxeAQAo$MW(p3cjJM?_7_%zXaOMC>z{
zLkiOU?hyyifW<MsR(3-}gW86_sY(kcH#1vlw#D~(^EptrpaEw9IyhjAY386Sqm?rw
zfeiy%EZ^ijSQWmszZ!+uICk%wF9-56);HFuC8{Q3*IVc&!Xs?Y2@I`Wd#~sR)x6jq
zM^;d^<nQ8)I!<@IzrCv3Ob?P3-wkCYMOMP_#Lb8?yhCsyzaM`G5uWBRt5O|H_$Drk
z-EYLDVcnxPIX;Hn-O*l@WVg#V>XWV8r_=BrGE~k}AV_t=!>r}4c*NE4+-rhA<U%T+
znzr;z`40k<t3rm+fanD{5ZOpVhT$7!OACmabo&`_xqcfjfV|K5RRMUrC}z&dOTLz^
z#31wFUh_MGx0T|2D4kIXA_?NTrp282oZ*74g9o+qLv%9s_YNI<-Jc+73^LInrx#|i
zI^uj*3uKm_pNjCnCw;4<cgfFk^HnpZvb64e4{lec>q9y<b1W@!nTp8_2u*J%e@%cm
z*KgjhS&TZFlo*lZy{MxLJ!Ny9Gnx^X5YVu+EH=-!jF|gvuV^DINgapuEFl!fNQF^g
z4Cj!e`Q%vy!IVgqsl*Z=CP+!gRD5pS6&rQ@=^h*>TJ!Ek<G7neI1j{yrs^ZSF)Nz)
z&Sp0eSum0L?oU^ZmjT7R@FtGKw}-80#`RBnaVb{*u*+nNj}x|%JXEw_gV(3yP!!FJ
z>LaiNuQffg)VB9q&Uz(J)HLvQRFjo$P*)S7ubCudG;O8dbuPB)rfJ1rarK=k>dj*3
zs!=2wg#e?kNKm$zB=FeZ)vE84rx>5l*>c`oWg%bk>p=`48}u1HgWv70V*KT_PbTbg
z++cKd$>P{pa{EWic}bCaGsf}HoVD1`S@UM@#b@L*oqLePU9r1G5Lzr7RZ~p;JuY^C
zbJ$$OO6hk4m9wqURrC3)l>0awCH7IM>&u@X*q=&|jy*ThsKo2U6(eOi<tg1_lb(={
zXGa|AF<?lL%R}|?T94qwxHyv|_aQfq6zA5fcTZk*O<W)FFAohm{rdjW_IH-=#kW+S
z87P5`#+sAM@DTR?V!qxKCT3o&X1cil#tQ-f69Pv-E-xEvBzAuo=Xsnw-uQl2@(a?O
zlXTQy_73H}1TG8NVx59fbTv-o`WzC696WoYYHX|-10l&tfJhbk0W^6$-@R`?Om)^i
zq;rZIz$UIy#mgqgK$GP-ESiixh+$OD3%m<B4^VY{quF~yR=dDoCeD2Js?MMDT>(v2
z02_7+`B)cE>&Y{K=8<x?b)fyHP*n~6zhY}VR_gsRq;74Z0TC+&*JRKa0+U_-B>x(A
zK^W=w3X!piEWM5N@tvieFj1*C(2{LBJdX?58l@M7Ui=TP>i>po`O9zpANiZ6wYOt*
z=(ZRD{U~E>oF4-)L>_=*p+Kb)_0y+MMl{6fUjeR!z$$dI+>k`QuwV?<Pfhv;Mti*m
zzOqqJ=*yB+8uyoxBaDl7<oWo(S8i(pl)GwO1Ig?&QMh<`5P(p^DY#q5gEewTh5sA%
z_INp@<q%`&@>X_g$85E=<xXMc@{%7>haZt!P8M(`Tl~kS^r#ZRbYh4XZD}(jOh8NP
z1FRc5$$EhG@^n<<Xi_IEw;Es<*$^J@p|H?``$N6Fwd+Ygi!qOFv3h;^Exk_1VpgJA
zOA4p6VkAI#5(NG|_iu1-jMnAhl5#17^SKEJKtmW6lqvazrMjZnvX2`m{^<i~CqxVw
zkGBl8A1eTAKDE|~LKVog5qqh?jXz1Kqz;x{Q4`)ESI9>2=@A<UP{QPx0@r8@FJRIC
zKGDAh7e}`;;8l@^Mv&HqMnI}+QTEBr-ZNg{*&2oM9$*1CpR{UyT@SR1jV}xI#v5NA
zg}E1?IM>g6e2gVxG6-i5@u!#sR3&Vy_(un5+)ZOd$ypsO&KGm`^tRiwAS{FNJUQhj
z_ufReU)SQ8%sXOLu1RcXH9zJS{O0i<mOu$Y!nZA^ZDR-ZN>yqTsJ4o?rKK2+)Px<*
z8WRP&u$r<aT!(einet3U-7FaFE(C*%sd@U@uzgc=VjK5YvX8DC&#oG6Q956EpKHwp
ziV5MSub-{q(P~e;V=$i!Bs(QyQB~1UI`0h00<T@Wj%_-dHm02+E84TN_Utiafvz{u
zD9C3UNQk$Wm({)R#s{#d)EYHJK3CvNR`ZRa_cfp0T`Uy)dazor=lmM*1QrD&<S7nS
zW_Wkt@yUgz?mpQAVEP0bciEWxJKrViy8G*w=ncNg7f1Pu!w-T^d*@fJ?N#)tNQBU{
z)~mdU8*&)|&Amo$hH;mJrogvNxzkoF<xi^q?1Nm&Pd-BWo(r8lPtS7XXJwCt`sDJk
z^nV_?TCrayf$X>X27vJrPp5v^?lcHIEVYVqW5qph$a0_4nWQnD9(6FAv*>l)yC6W9
zf?~%$alUXXwu^A-{Ha#8Qm9sSk#PXAxp1zv-1{8ja9dVyBu>1IBw%5RT8hS;Lhhea
zze-Z0TUfKZE6R1Fj4*Abh%mv=&mYGC7LIc+zacquLC-<e2!gKNLE${l*$Qs-o^)is
z8Wn_Sx=>FTCI<(siI2nU_m?caqwyLQ&_LAHW<9ZylAp7RJH8I`sA^=!q%#*{ZGPIj
z7t2Q2YM*EOv)7Hp7xJkz7+pvVq)rkyXWUVuHqAtDwwvnV*t*9K1QuEvxN{wd^I@XB
z{Zh~#qD9jVicm;@p+k2W_LcdyyCG@%<qOn2c9HOYAkablj&65?Xljt`XD$7(M0=Hu
zaWqAaht=%FI{U9P?-lb6$Km(VaA%+)s6*=QFJ(L^jDNclWN_YiA`y{ng}K=snI)cq
zqCa^}t~7SARUfnSd(603bp@#H&VW1J7J!Lv8;Uqd3)*cr*4S@ufTwO?GVJ;lXDdDE
zQ75Nzu@nQvxC&PB;fO_clrxIT!6-$}I;cJ10@+x=V)dTZGpK^PBdIu$4pU3qM>n6_
zLe;YGAkH?i$!@uk^hJ#?r9tp?17mR05;PC=<-$w0L`!Fo);qCW+6Q#vM(L`AtqP+z
z;A?pMDN&a~#j6f;X!=44^AD)$Gz~lRO{jkko&`YeTHU~Ll$U>3eOHO_duu->j+x;F
ze55Me)#u9HR=oU~=~uFi7PeQ?2*Mmj(tcfhxzL~yQIIg7)RLo@|8y&5l^F)QWCQx4
zrXfxV>et2wE5!*UV30bwyH+H3)U2T!IeGU^fAYGl;G6N>DcfH`D>-+N5rddy)mu|<
zPxO#&QWg^so5v<^!Umzjs)0wnNo#`#vJT1I^)$2UQHx%|Ts60@@>Hps(bhW$;qaxN
zr<7ux?^#yUIO0M4e95r&b4)%IFnKGHeWh|^^fl5z^axsx%6=yJ?!F)Keyf9XTD#h^
z)S4;!fqwO_a|wn0>}l|fVbmGr#4qacYIwS$1?7cngXFAaqtM^{nllf^1*SSDhZQEV
z1T(IJd}An8ZT#5^D3vo}aw<|JG%4P9>*a7?bok!ran$0}o<s6f8`~97cv1<6JFn#&
zX)v>xH4Ph7)+pp0E#79OYZ-C@7%MKTdWq+|0K?0?wI4Q^EL1*Ri3NL<d`6j7NQ0DL
zZJp@vBji0Am0}pNPFCw0z=ge0JIWEJW16|gAz<AnbmmksrA|TkrPlg35MqI*DHz%Y
z)-!4lGc)m{LZ9dn6a?fqG;r;2AZ<yU>^BowyJvRX>UM%luk35RcW8vUij3z<KBK<|
zEN-OytjZCbZ|31AX=z5hM~Arl46r*8sj|8;Reosr1eV&YiYj22>cvlW6&7K{mRQkY
zkK5i?q{+Pn3k}B8&?Kz27gRNg<)1<g`l*IvhUGHSUMs%O4hY(<qg#uciv9%6DEKB9
z>nPu2Y!pR1(tAQhi6~87;hlrL0%K;<D=4X`bS+HvH(rjpGPXplF9D0GT`0n2J*ss;
zkdC>~8|Y8md_x8h$ZtY^>J4@(M5tA9W~X1dV60d%LPh=qO&O`<pX4CoLN=ksLz<L)
zBk$SK4>Z=lionn5O+5?hrA>P2k!7;j-)=!ZLxK$UzOj-cN@6dku+ba6eexPI9IN4m
zBcojJ1fjLXOd)qjc~7k0ov^c^4qMG6%v4S+01O|T0e2n%kJfn)U-;qs#Dvg|%D3!f
zx<fkrnF~5oC)rt@c5qqEmkM1~S$$&m%2&#nl5)>`tjhR9f8jpw7RVM9uoh!q>Y*?D
zG-{8&*PMRLq`MJx2Bm3RYqzU<;*n$gmqD<aD3O_x0h)yLmkc~yZIw0fUt@PRcjv?#
z{fV=i@FzJ9kg_HL)lWlR7(D7q#3atfDRKH~I6oUlB$_tNiV0eJ7tk~Qv~>Rsy0Plp
z?Xl4@Q3h?d`B<wZ)NRIKFE6(=8j%{A(zXQD(4>$T^sE9?7FfzZ1Jj<XXhEyW!Nj~C
zp(jeWxM>G>%{A8Zir0xK&{%vcJ0>&+?+Q84(`&UU#RHuEO$mb4&x}kjGl6tfB)R5e
z40^d9j~&`nieGjJ?m<47ZuvHrcSFHgHYyn|=fN}+WRYGJwDAI1BZ#*a8o8NGr*k@h
z6Tk7xsP`8E!f}<`l9NlFU0Bbb3EHjK9M<iYLIg>_t+YQnPl(ZYG>+@hP}XOD0CASu
z&r`{^;0?hS?`E<fgN<HowdX+>)8?JUzV*IHffk8&rz<S3TCFP9p-MTAjg95}I=ltt
zI7uv*A|9cW2-pbGE(4V7%R!7NO}0GjBgle_w?e*pz;!ngfP|BMR^Td@_DK_^&bv_o
z$Z>o~BI$7cKG=ANpAlV2IO@qv)5$X_?X8?AKr0l5R6BJObCkS!XP{XBW~>c`?*;d(
z$gqQUWWDq+-^>5;+DF?VO!Zj+vTc6}zy*rQ+JAqQk^unqzlW{Df9SRXZVPa9!To>y
zONy^=k5y@^_<AnSiX%SUuge9PNCddY0cU#p7f(tOM(J*PmT-g9+A_#0rR3DHdPahV
z7tge}b~EJ6oZs!>)R?9Gd=-&O{>=%fNWXkUxKi4^g+COYwK9M(;h%T!p_RJMUMW)c
zQ1{EO>`8}s#gh`xk^zhGUmR+Sv%keEgzagPjMcs^R?jFbEE{Q_k@cl&ot=(5U-Xqc
z_IoAK-p?pds@a7o)vRD4DOWQZEB<Q6);@)3eRW#v_~sen$lDJeEL5IC89UBMh|}$K
z9(|qElx=wkN+G!W(z-@GHViM*Sm0tI^U>Adt`RR2mgCqS%Rk{p#OhAI>H-u>;#fVw
z)7F0^ZF#JI+?16`<@K|SX8F!}N9W#8J5&>nKR=N@EIu(8A?5o{AtWxK7U6zhN_7(U
z{7(@PIywaV@osH1<gLH;FJZ)<S|^*Uo+2)h&s+bM#zxSNe9Zr)us2C1*e2>1am?Z<
zg?<qwt2IsFs3+jnVHCh9!vEd`Dy#bJ^6LKWU|&px8+9Ll7WSar%(6h91Lqa5$DfyG
z)V%!*6OUIHVC+$^(}@}kG!y|`$}6GL_>m-5>oHYWez+$Yvu2EtEEf|bT$nXY%Q=pe
znY^N;^!Yv()FptitBXDqh+l8&q!^zWeJ<9Xf9x`|JTjd(W2s}3fGazj6?|R*yBsxD
z_+6kNiLamHNLFFKurC6T?5#i(n53d&&N@tEV1y_`uJ6QnSRo`xWm!eomz7b~?4TB%
zzKudX3YB$HPwx2%I4OE<&kD=Mn4HWB?5S`AZ_2Min53;geN$9_t_;eG1VJn3?C@ay
zP*$+P&E`KL%T^LlF;T$5i8!j0yE)J|ap0MvZ=|3u_r~>LEiczWNeR+JXOw*B=_bct
zg}aM1UF!y{31pVYCERzXGKB$E1<lM<s#TIV?8XyRdk4)K7kM}h8EC9w-eFfjr9EBz
ztDSBZ%WzEn599tG<DlV^F?R_&8wROq$zU6q6B~sO+Al{SS<6O>RvWZK-tOZCwZxi6
z1=EedSuojS6)La;y#XR!2hg`SWGymGa_tn9(YfEd6b3ldItqtJP_Z-6cj-xrL>x?F
z`@Jebj+kC&Ks!GkBN%^-Ieq=lRa8`lftEQS=%oGmgZ^(xCWj!P`S3xH#WleZZ9ExZ
zSC+Bhm6D1$SC}yAbuJ4z9aqpWyrPe|pdgJU>2%SM;zjL=BpDa}hmxaRQ1z)vhBe~~
zmobh-uU5PQ(6vnJNPEuxa5cz08>Hq_S1>&^ZDh|CBfp+rFjSRISrt&}$l;I>JSBJX
zDT0A&+Gl4pL|+7f{^Ih}Mg(N1h$;%F-X2%Vy~$;r2!8BZwtKCuJd&p4yL|88Q%YsO
zjeWviWzC4g*PFErBxI>Et5qgs_sc=F9fX<+a%p`<ByXmE3EHw^`E+z@ISMnJ-V~Ql
zA0l9e$YEfbvgx8_%5z5cco5|<8I7!QFic+b+~mm~BrAs{6GqAY&V#=Ge*Z2Uj5^6r
zr-nooKFa0(BGr%T(XA5*$?-r)HhD?|w5o!sA)*2sdOuAlX*y>xRRvcCjB0R$mEW$v
zebSB`JRmmP)yKqt5Of@_s(|^StFXPtpQj%0Dl-dJwtSwmzc)a0x)K#OZ-DIFU|HIm
z+BkP~WTad?QrFsYYAW95;qJn?`E16#k-%?J`8aK0VMpoJ2;BrjX`z58Qp4v~1ZX_P
z8P+fHvrC*JP-Vf33l{WPv8KOWvN`z{98ED|jcYnpx<7f!>kgFHyBC$`t>^X^*;E-1
zE&4lKOY=R&1uempFZcHA&m(v$Os>^l=uUA==To9}ud&{fEh}RHAOm)6Q^LMocW6JM
z!y???ym6<Ou^8Dp77$)}JPUResq$Y{^WSI9=WdNtC`43c{~pTf_<}K2Jx&p)|6_<y
zRxbYK1e*kgrFGkTl@X1y0R}}h-9|1xwdCEg!J>9Qdg_EhJlMJ;wehC%i3;=cSh3c%
zm6{~vBHR7j%tQICElv|Wv7$A`KchkPP-wzT$Zfi+EcQp^QGMdhijFU3<#6o~rMv=N
z*=Gwcl9d8|mzB|V{g9DP!M)bFX_XW#Zb+}MtbX-XQwYHQ9IsoN5X3I$kiwRgN57n3
zM|*s#QC+I)Q|eP%rRUcLWdkD#zP+e}%l3n|@2@BdsT^%-p6>Z(?$QO<qyohO5N3*7
zqF0LY<77%diyxYt^pA?d1S!;Y5oMN2CZ>dLZ!^hWJ8fK~eI&uLHLRw<NY!!Y0wh&1
zI>!Pgx)D~j%x#W=Kn2W~3ErxT#Ai|(Xj+JkU9EM=<AV?7w4Jej)v;kuO&O``n0+9Y
z_H`PlKQC~^J{BG;TLB+KPD_*o=<J!|B4Wv7KyyZKZaJKzAN#T~3#*<@mU=VdY|^My
z6tn`ZmcmS<5y?B|Wcy08q1&^&Y0AbK@H`Q?ff4FzPc-abd{e4+vUAC#%8`8D%iQaq
z=Ay>~vif{xh%9Zq<h<!I;phF}cn({$mJ4xU!xS^4iV2-O-J9fBf<HEk=GG~HmrxOJ
zgguRX&-xO-dK595c4=`y)xiWBKSEcg8TxB-?Dt}*z45vpCb*T#diy=E>dD<Re1a-O
zS*>tmw6BTj#hxv|Ipn{P@((p4ZZPd714K}KQHn4c=fewZ%?;k#gBtv-n?GO~)3=(n
zBD#ylv)O=Al0XZ>r1E>yKca0<W;jCpsg4L?jNRe#M9>#>DP1$s!H8yC&`8jR5okg$
zrN-zzryQEon)N<p_HZ}GGE59!RICp|wso!9#f0M$TjKL5xoY<Zm?;9;M?COgmE|`<
zpg%Bv@N0t5T)`75tYUPECQ|9;p8OtFJxN)-t>LoV+dV0ltp>xQRV$pE$GFt~114z;
zZ!;jC{~nj%zrh$s7WgvJANZS3CqOA~ljTV+JCnsCk}@JoCa1s$1zN)<S30v602t;3
z)Obpr25f=s%UY^iy#En!@c@7;Cy|bmNJZpYrwR5e|D+Ze(t{oUO*qyi4S+11L(U~y
zJu6@c<&7EW%SC5%YkkOgmLgs@@S^nKRmDw7{lN!dtUTg73eU~vAi}O^J0{J+_orSX
z;&)w7(S%?2hO2D(C^*|JH7jo{>ck@53=Aoqe?YfI`1__KS!_+R{O1IVJZiRV(sM>p
z(;heB{<o^?S6>y0x8DFJi(`@w_xe1}!_(7&Kw235j{a##NQlt)?^4$7o#d%5fOf0P
zFp^A6n)gUbLxbqTnoqYhtL$|y3V)8sz*EY8kWWW>W|u;<xLgXd68M@90D@`bbkmH3
zsp_i1<z7}YjsRHvn31NO7^odh8~aJrv`P9Qs6{T0Qr(zp-A5_)R9gpU$7)Y87Cnxr
zs?exWc0G+F|H&~}*VNcBt8dWjkAK&XN=&T_twpXE^9$=oX;7vK!F{|1;k+}8*!Lt#
z8nj}VJLq%gh8W&I20pK2nP*6EmdzAYCTU+?TisjSNJekWgwl1gX)eS;1N`5-fN7N4
z0-iW`rDed-kteg+{B*!m6ZAL--LJ$tyJ?F;&#3|M`Z0Fn8G=waT)6Gz8;(Y1bq|lP
z)0K6C&wLm?pIfQpypz+t>4`qsf~zF&yLJHbH(kBJ*ZoDRh2>xEz&{q`-#$ZlR^8!-
zjQXVYptZ^MjoDNhG%6Bo5nqWkDl!h(ZjoH?A!F63dxBL8?U{;+%(ySJr-+PMHJ+E^
z$YPLkFrx#8_~~s?k6}}HYBr2h0>KOUmPcC8kkqP|vJLa|uanx7pzwU(wNoJH#vGJe
z3Ug+&k__cP_F*g&TkE;9lKL&EOxC<s3u*ddQvG4K*T1fC85F!_<th~vjjl2&I87cA
zr!KQ1(15NgvZok!ZmO~9WH=*hI=|7pL(sn?NHX##R8Qlzls-Vg1LOKl47)pApq4$i
z9d5^U#z#`s*E*m^CD6;CYEI_EG#T;5Q31QN46<DY`FT&l)l<xnaJ#jcXyf*xV8u$1
za>V&}6J4>AhGYitRieBgX7OI+tdN+3cSVwu>&=B^uEP9znuJK){Ad8hv%g7(rr9cO
zA)j)yXwZCX;nOq=IGx`fp9tDf?o~|c)HA-96fpJk$NQK3&1a!q&?1)`E8eMS^qmTU
z&m&v`JaQ@Xebbf6(ez`!oyIpGr@kxwE=_W}v*=Vla8=#M);$_l=L`4;>-_~iPB!b;
z`zcitO5^B!DZ0@GmpV!b(aJ(K`IEsD1p=d!e69Q~xN^N^pE#uygq=$^2S>+;a@8`V
zH3WZ2fw39f!XaDaS@P2LO5C-)kh1LGbiTM-itF}HH&hj$Oq9gy-8S#bvkstad+n?B
zQ?DulVB-)7GQuwLnK`fWQ2VLQ(isY$bmx7yk~gKtEf>!%0LL(=RWXZz7HoeJvzPeF
zH6BcGa~>+qIvvU;>k-*Jk4X)FX)9=cX$3zO3&>RkKHqX#k~C6ak3a98E|2eep+S<&
zs$e`|UZAsh8y~0gs{X2+|HeSSl9r%7_ick|U=~%j`og_p?^orufEDGG(WVUp3{r}7
zV(~Gb5^PK2!0drxpfDp_y0Np$hDmB-4)v^e!a!#Y`D>Jm`5aAH4=b%^PHZs1zlP?q
zCc&rsovU&Rnxu5@l&r^b6A$=!lmvW{!v2XQ)|Qx<I4)`O^XJd8*XRUPk0vFUj}q69
z=udY?Itiib<VkSw2%4Rt1aR&byHnnYX1CP|-u|cvj~~6nI?Fe^0IzL;7~WCNLC?oG
zC--|%Sy)VLoMt&&G~P=mlodfq$tf%!wi@y!E6wgV)8r$)%FuCTCPudv^Fw_Xj3J)z
zj@i^?I>^<Jz*EkcB@H^<xwta8{iji%TdsxYcpV=fWPlXPb|F>Jkys`6YT-PKnden%
zSYy$|V|J5n*0)5qTpGiM4B6VsDH7++JU~Z%jBPa3*kIzG^9_uM$Tz<NF5d<<bSzKd
z0D7^F0gXWYtT0KPh_1AYYzOHOIE+KThq_RWVEGJsm5|01cAWfmvo`pR94ewKW%rgi
zyJ(51cawZc0B2BlIi|U>`t`@if5aVbX$?Xh-sfv4Z`&Qz1MU?P*Nx51%7Pa^bsw(j
zudW4v86~wv3wlmyTY>!;l3T8`^kj>scSTYPYazM=k%rI)c%uNt?ldQo3bT3t%tl1F
z8*8PLS^4}w+oLbuF)D{VdIKx@%U~RBbq$=cU|dj9RyyculL?0?m-}k}R>0Ow`E*SE
z84;_?FuFAD+gqv`DiW{b_~+wYg=5*&LWTU0B(<M#&M^fbXtvyX%!kjX2$sa#nhX{+
zK${bmtOCen#A_>S9ZMt4^kY0!J;S^XUcvR6Sbdb(Wc>F{zaV`-bXBGD64*}Q<mqw9
z^r6Jj3{l|i47e76#w}peN-6On4gp4M>i%Z!zt~ER*X4hUd0Z;AW41a>aNft(@PAEG
z^<ZM9(*FrpYB*~YU;UXeTs6hpH}lG(SJX7#YL$tq{ghuj0jUB0H}=g2>GrobxdBzL
zQVt$26dW9`zff1jtYn9Aya6p-vGereG9q=JjuQ>Obp{Z0ndwQ@%Q$jOt*vD|O<Cb$
zw^bKi*}lWIZp|BE4xhq{Ugo8Uo)ZaVMKcJ}vODT6?`N3-g#cuh1wU&rI^T<&j0Au8
z<8E>zAkI?!X`^i#@UvU6Wfi^9>CKv^Y_f~(YJyftsAz}>|3E2$e4W;g_lK)+#FfI1
z*@UZjmD3OWQ<aQV0`I-CsHs%i%lLG8ackYOR*N;YpuYkAGI5+Ky{*+5X4KOXq(Zy=
zdTI9*A4gSzq~4)OUdMDjHy>d{<}9r;k2sI8WADF2Vp7>34|-!fD<X6;tm2`}dEYP6
zJ^)@plqt;P@+ue`G2uAdi+@ZI2tyxi!*H2!8t-JmEBG8GSEvQjqo;&ju;eG_bAXNq
zwbu-c*!edgCmur(CikS8k{f>p%pme>E-yLLUYEIyMyxK6I17ZCeUnxFvlqN8!I%8C
zHRgaGsFypep8&=f1%)w?iS;p-ElE@5-P`0O(~vx+3OPE{w>E;>Zffy;pb0=c<0t{g
z>QaskOJWpOEIbPBzf~}4@R#hnP@U2E&{KM=71ul{r)DMO#>5!)8j7{ZH84}fckacY
zGl<AF2#IWDZN~?)yXTrGK<l{pY=)}BwnH2@!kXWb6L`;L2ahHA_0}yusg($89eZ<R
zgGzI|l?}%kLfdec?Qoo}L_bek*yBhieRgUP9Dn#pp8jz!o^9!6W$!u5{~2>`^8sBg
zgR#06u5`)H4+0#VMXz!4Vh=tmU~1(~G%J}5)IWSuJsXpd!?28a>O`X8=uNibvl~X0
zlKYrs1oSP551?Yzw=zDs&Q|A<Fs1L4qO-Bq-mZZ*p(hp~ton}no1<O+jInp<1h0TL
z5?GL-d83ID5rqU-QSR)Xj~gg<&{`{$ftUWQ{gJoiP%nHV<rnE`rScdSr1U#J%fp~C
zaQvH}(|^6O(Bty<pI+&aG1z>+8Yuy+0nZbe41eMVrt$$^@93mtT!=89lmk}(XRAs=
zDsem#<+Iz~*>QxWWiPz}{0<Bt;DC8d{r%~`3A2G0|1VxiQ=H~IV>(~wczJs=I3BlP
zn4RoPtx}QJ&_K8YE$#%`B*ri`&v&QdfNla@lJxVO+*~Q%rS7o$h`%Z3f97kBos%|@
zfD3j8iV+HGwr`bxX6O9*TJJ=rwKG6wg5GV?mr^V#FQ3)npTqg)LzCOX9a@R|gBu8o
zfYm*Wkkev9Nk0$R*y-IPS?aT4f^pOuxk$j+&ag*F|AJj2E_fnx@F@F_%(xfdn3~CC
z37kr$SqPiyWR;Z2LV;SoFmR&)Mj(l8mvFZpQF+KEO)kV%K(5QWI$R-B03%TK;#HJ`
zmtVjem3%0kg~)g4*u<cTpxZw9D!|F@BkZkT2(UC+_KcgG#)+0E!GkNabG;VdcZ5Z!
zq`XaMDwc|B_oc1*c^ikUpMNB$p<<Mxq*)hX9H-#_G>?5gHcs_jIDk!#fDJ*8vtwoa
zcVszc{o)B9xkH$faJZIw_K!e$9aiq+q_4p8Jg4CIY!Xo!&<yN&-r&(2%ziXsb9usy
zKaE|;EASL!uydrCC7(4TI&>M~f%Er#4-@9cGCLm%beEYbmb}yc0nSV98MD3O2<;Va
z2_}F{W)!g)(&oZZB?nkAn|UK4wNKxq9&d*5GOi|znZtAThUyp2m8xD`{XPa9E+|eR
zsp+J#>;(N8<jej6`YVSYTF2j*Mk!Hx?W#t-O`uKVr07N}tk3JQ{?Mulk&Z@G@KvQL
zpWq)b9%H_W{X+vyn5)}{<lTal?}-q-vJ7{!vf?H>lgtO#ZC9BSJ6*L^H3|i2kij_<
zZi_+%xUAc|4GRmzPo+R3;`_J6tMair5nH@E7mh!#KBNljq`M5>kO^El()WlDHrrG(
zdv_$KhIzcyl0mU=V(mG%)z-Z3t5tQ>M!EYoXf3~EK9BZm170KEZsP}CF^nV`i*BQC
zn*VcNygAp1bmvRc9?+TU;dZwmFfy6_=YFSi9KVT>{GfZF54Fmps7FMAM>$hnWh~s=
zO3pbtJ~?Qc?cuGF9DjV(elqH)ZE=UpPtSsBZ6*VV7zzb${sw^HNpI_xpO(XlblpUV
zrG41RS%xAf5L;wbB3jDPm*MzwU-53)mY-G<t7v4WK|>r}=dKjD3;BwqWV+7JFumtF
zQRR4lo#)Hb9=+KItb5SGZ?|QZls<iKkt!0WO5tDon&(#Ge|<vC-MYWk<>`PjL)7t<
zTLa+M({EJ;c%QW?ea%!=7s+gBn&0Qpw?%!an?NJYYe`+YTA`GJv8#~^O!1uj0Kn?a
zdB=UY>|*rGX$ic+8L$#nFM{`q@y+M$X&cOMaSIQ%HAL!Y(()yx$Y>7N^LoGREz3V&
zV0cZNFNs}j)u4*GhN!_MucZzrS=UrmVnf0xgX;5%h3~gxJ5z>BwRlduaK2%};u(5S
zRA7+eg53{{Ted9Qmkx911+-GT2p8fl-+8YC8#!e|Qw!?terErE4Q{|)MM@>NryMa>
zFybk|lH6E*vMtCek^FA_Wx&!&x+RHwE)t)0PsDEiTjsJGmv*ax7oFQDM)oO@UQlku
zMVoxAr=AWCFphe^`RK__cqa1F^|{>X?#z!P-s0A=2o{5@<AWR$+SVn(-R26h1I@vE
zd2}1&Nc<?@KMkK-jOqi@CqB~SJRhgTi|-ns_Lk?7lk+T{HA$Stv{upscA5zQ&kGey
zbZ!O7lS5-E>OeD%of~+G7Tbq#a6A<S_45nMZQaceZsIgTyx^~5CUJw2wEkzBQjWN#
zC!NG%$PM5Uynfb>6kvr^U&((yJ<J?!cCaCBCn^7fO-?|w6}$FCwcs($`_NL)1zUun
z%Rs4eeXRSPUDw5za;158M<gc#w~q*Cgq~cS*V-1TOWF><6EG%sEcPJsyl-DqWh2`C
zSXX<Qkv?tkbX!R&Xx3!saGJ{jLdzlxZ1JWI;SyKF$4gSxNIw)n+4V8Z2y5vyw$~ip
zccp}OPaB`yuvRHqRSibs>5S${kw4w7VR96Y;O+^y%9l@P?y(mAxPSYcLR^9Slz+8t
zL;B$P>`vjc(!LAJndA*^(sMc6s*{Mh9T<sZOAUl|M@Pr1i+Sgxpw#)`i5T9)1&Dh`
z%iG45B3Cg7%PY0%%X?12#lsYG?NkzwESn>dR;kIh0aL~pjX#i64z6#@F*j3vZWC2v
z2jgfU(jM^0Mb{ArOPYBou7~hNgKI8IDQQ28?m4S`scztlFrA(Yu9P=NK`L4^B^ek~
z_rth4`RM*5pPGuVux5dcksal^(sQAcWIFBJI@vWJ8&!FQWV6`;0^iY85v5TocaHGZ
zW-#7HwZXF@nbQrDlfRe2X<3bUGb=ODddOQe=8I;z*ZI)EicC|Uw$`Ne<u=@S*tjcq
zy1W7d+rEJ;k_I3_(mv$K3pQpm^s-1Sa)w>|fFbhiVCqM1x8t}wM>0gDH5QK|#*w6(
zN{)a&x3oMo0DoV$z;q`up!yhH=-8oTkGx&;g3DbDQqbLCu&b#Xg7afkkTBP3g?xGA
z6C<ACc*os@R~@a&EhAzZy{kII25~mW6nC-6`Sn{hF`Jt~l2WMoifyD+%IKnV3S`ca
z2B15#<#X1&E;J5VoA1wH(4YnvD8#S^M{;wpV-vZZMFHp;4L_ijB{SW=(Yhqll3Q6+
ztnI>yt37d$GZ$Ea3;#iUt#_!GS5yQJ>L3dQzw_+q5cvK3cTV;4N)0x5Ys}mY01KA<
zYKF!N5a(*o35M<y&bBPy&BsOm>eyV2fV2J}jpu;;-Cp*Q7X!49Qp7>V9;TPe>}cW~
z6Co`v->5Vi@Kq{Iq-1PduTKH1=u7}eR0#iglK6%Ies@0@Cb^Sx05p{tQk_7p_o(wp
zE&F4Y5>s7uzZq5y6+TBAc-+IK>*aq1sQ&xV>;LChR@Hgo+VMF$vd%m0Q11fP=h?}2
z2{D!6UM!%pZs7iK*~z^u$bB6VBf&TDGqud1>wgKO05bk>*=xxG#cobv$HHJ+_cX-;
z%gBz%_Zq&w#IfnfBH4!RT0A-QV!>Ub|2yB@6kufrK+4DXvgm+vZhn9I<Xl&^pu>iG
znY3beDop-JnB4XJsoPn;M(!uR)!%$M&G*~+#dMlYPx?|g@n8i<fl&P1HU5=8#z9$L
zJ{!6cn1v}t9V#$cZr}@*E#|7_J`ApXQ;){od$Y<6)V+0H*+cd+_?Un$(<IvoC1p)&
zcs-@aJD8<IbWOwJU;#b8c=-tdA0XrjI0^d<kh&h$Qcnw<W&37e48@!h0D=06o9sf}
zK4hpBT>ZqrHUNr7PErZE0<}p+4X#lX>w~Fb#>MsW`SmemqH!MB8ZPvCtM4RUF!XJ_
z*3kVpNb9)lt~1He?}hcn&gThz3J1j}Dqgcp?0F!awQs8KlKF{#U&T65ZJO5;beID4
zS*MFr@57zn%NNHa!Jw5phJra5_vKF|=dV#ny4HsxG}X@-_4=Axe2|X-@#*sY%|RF?
z>o){w_gWWyGB2*QLS7o1BHM^DvguO;oG%l^oN6IIQP8&YMkBW6GmgkY5BiSrnLch7
z2gGNhP*k`M!k&jd_Qext^Porwl$k+<KRh|8^xM?!(0dv;#$a4Zca+Eif-X9Z>MmRg
zjk5Np1d2j3o^gvuh!tv!<9T(xgE!_Rdu2RXPJ|jv7SmBhW}_Zkd`_)6bRORmB&&Cb
zhAqB}z1<KP7)WO{Mp1~Mf-pS-xcd>v1&YO8=sKZhB|hb{cjMY^`BTo6rm4P}-6O+*
zvBt_OlrN9NoOD(9EH%}uQ!M??1To3})vwftChI^~oQVx4R(Gr($-+CNJZPV<(uKth
zsb=l&fVFmo<MXcrHk*Exg)=(!gjRSNH}@qPT&oW6db^0+$^*<+u``t#Heh(<1PBCk
zFKHVVpkA#isFx!ZJUU0(z@`q$rB3+?waE-+5h`k-{0+$Qx|qM^wn4HetQ4ua8ehPA
z8|gIz_HTdW1u|F`nyLn0b(8rjLD~(5jH+-YndAp6KSKl6fIFiuoAvfR>-)gB*cm=e
zPg&LOEy77@Mkq_qpkp2V*#3Z=(}<#oKW5FREWYY8U+ApfZIZz|i}jC2jx%F|b1$&D
z=&kdD>ji(bw$@FGjf5a-n?B9*245^&B~mrG85AftwDRQ)u4MQqHTE6XjIy=q=ZJw%
zzrd5Jqq?J8!mGH2p~Pd9GY8n{!Fq7fc`n73W9x|MXz~+TK`YwxrIVGNW}NAF_ehm4
zN<M73Dbb~#&w9pVWAvq}9m;Zl&gKdgs~IW_0vKHw(-NiR0^-1L)ILOl+G?H^Iy5q<
zm*jWEdu@=bG06MJ`T!188JP#eY@6$OB6NFR%KyY{NspM#PnFORdk`q=B1^I`FhY81
z02X)>s3p+K=gO*jTu*#|Q>-N#yYsm-1h_TEe?~46vK*h=Hy|O1ax*DflQfPsicT`X
zKi-<!NPuEO)GrOVWIw3OAe}l=V*2E?G#|Nq*C_i;nRQJFH3w228BpEs37Jg!`7LS<
z>%;08`l6<by7r~X%*!P5)1)`50!$m_27J@B>w6_6i5b~iCQS$(4V)D_A1?GU7l<l)
z6QAl+rww$&$u{lhMsiQ)l+Nlz$g4e4>=bbApr-i@HkKXe2^~N+?1^-qinTDN77G@)
zqK#*<ce-fF6|#IEOV}jMXo3ba0;OE=5G8sZWgEX$g_xMoA%8-1k?LnVu;QAa_0c;N
z7U_&Ca@mP5TQlz?O<HiM$<L8(^?_#cqKTlYf{2)U|6WaYz~MR%Gx6}?yZya%y?_jI
zc|WA?S9w~WLQvsTVG@s*`77MCrVl1F0qaT2W32u6b!ywx-;xush88>f%HBY>a<eq2
zgqdb^8VQG8-6yFIkSjP9Wm9~2UC@P$;c8#?^xsGpWymbNfF&vs%UGJd>r18Q(~DCz
zc(vzSka2Ko!RS5VT)y8q^o3K%&ns<m&Jq%)18EJ@$YIgJvQn(-DLd?LJ8YKoHQ&<D
zt&|J<-#FyuL0@?Cj>D<g;f_tc|8-#uC4k*QC8X238+Aa}gVT7TAV=CH-C3gM1Uv1E
z+H<jrTgc?_xH=x&<;h6VU_~;;z^BmU(Uv{z`fRgmu`Y&%1Cuv${pSC=7V3kJ$#SEy
zfG4#yVs0AU9%{R_dC@s2m-m5s1OVj7VYK3C;?g}ZV{%pXK@m}JI<HLO8TAVqs;Nak
zaD@=CQ0I*r6)oHt;hCi}NK+5Hm3EM^rU`skFPELMf0F?^fdN5pO-EPEx;jKTx#OSI
z->Tt=qqJ%^9#No}&_~am(U{V54;~c1jW)Mm`{L&a_ah>-hJz47I!%uWUDXK#!N_#%
zb<R&-Lmr`d<(gzxv`{B%JNcn%GJJAw+ERhCY4=96sMM)V?ioGL9jvRQ^or~`V02yt
zHPDJyeoIswzpb!z-kl&>KM4EE@U<9*ES*}xdfC6;=RYy5Xl4T<IO&^C_}z?~i{^{o
zhmigUH<a4Eg|_{{dBJ?78f$VC@0%QT<-IdC{Um=bPE;9@a-S-PBT%DtE^cBI?)y8!
zCaMJv&kLn(?62d>C|;mDsZTJ__!`^H$*l@jxcJ2eCk-}8hKF25Fl<qX7akT$$b!KG
z{C{>=zf&_}uu4I#fS~2C8&1v61}q|_<d)WgdP~w&CJVr<OqEI59klPBFH6tmiGfUR
zeI0{9#og3(2S=)NXojFO=ZrI<gB2RP8<^PxhUYi@=T(KrZEjS9h9!>c<x;!_0wB|=
z6pK#sgo7};-k>LH=Nt!(3v6-)T0>|YT8XIu?3dDCKkhj<M!nfB8yuR>V?hJF?t|p0
z?<`tZG0Kk;4shv@Cf%k>Oqd&7R%rT!2+~7j3Rd~`0bH2=0yT&IFJ*L<SmXp5G!hZ{
zj~G*s87&q99h<W8v<`Hc9T(N~oFH)^HVboUi>-i5wo2aF*<oMB2ik6;a+a;o&b!G|
z3pkwwvn*FSewnE-5*90EXAUwmUHfXNSAVDG;hTHmZ5)Va&xO?$x?|$}ZD;mW(1m|N
z7^c}|i>*2*ra{@CgGbZL)ShV5`jD%+O);U4fgX`jPPjZX#8=N4-oJ-oI|qzw3UPpJ
z+guci0$Nt0;{H*KsDl2p<;E8Av91h!>i-QFw>VwnNCIp%KK2~uCc>2!<i8vkwgtrh
zmtp@e_g(y3cmkr!zi-<Jo#@A_H=0BTWMvFox0^cuGaz+my%4`WM8r|%LTBCR%0M&*
zFsVbmx(48o!vCKhl)wMeaVYcz_9QTUS3r{~2h1x&W8IsaM^t0GT(8a$owQCoR+iYd
zY)+He2p;YZ+{cq(5Dz%i`~XSPMajq0_%Hpjs08-7;nyUmx6RKtS<Z+-Fj5*gq@W|f
zo+R$>X>SWdnfb!}SS)AKK2+_Afu@z}SrG*T&N#Mb1^?8H7Fc`jvcp&{;`A@u;ZJIn
zo=px6d$Uq^oo1dKLC1}(5|h0VnayFvq+xMG&^?<uToL7he_@b$)24UD!124d3rFIA
ze!^v-vqyd7cs^;XXABl-j1X3q@_#S$%vPCFqTSqmlE6q(L1#Q0gHEp;_t8EG0FNX9
zc$|-En%)5>Nro@J&44R$S4sf+Mz`Lm@A&0T^)JwDkU5c;VOU&VEjZFx!+NJF!Gg6|
zN@QQ7qehi|0{m=!r`TL_=V(16E-Pz?8^7x|b@{tX-d&u<*d7Dp2phLi0wG7SBgZBv
z<cvNcBmZ|{rxB}!39PpN_g0Zs08&AK#u;?uY&vH?82)*>YfYP0U9E&?*T<?<wLOY`
zln}UzwZMhbNN^FQ-g=jc<FK^h6mGxo!+5ks>0VWN8T~vi+?CMlvyTF|6<3j})Q?PM
z>MOy^OqG8jE4-uAs&Bdmo_RdaicdV;yS9$~ypvcJ3qY-IFBNbg7Z-jNov1VyL=IBV
zT80_wvnFm`K=;=@?=+Me&fdAg&j(s^rq6KweNb&!fStNV5H_`Xz2oHz;|K5Vo%!|`
z<VhZoorxs~6x-PI99zRJSImAQ(P8Zq`jh!Qug2kxC24dMqvpz2ZK-*(aLGyLWNwZ+
z77ll0gqH+|evRE<WpG2R2P1g3dQh}91T-6vt`D%`^39V!9^rP_R5#>!chUr2yr8x}
z4YBtJXMml=`VDTE-C#R?wZ`xLwOiVr1&GlDdRw!KVnJGy*(!9vDTw;|Y$yBq1jCTH
zu&}iCmk)2vH2887=#2Zr$yX{<^GuSwk=<*a6dO<{em+{2D6=Ty`ruzp#aL@qI2o-K
zeZUuPc;RG9Vw~>UUkA}!8V-d1<DuEA142yj$)W4^{Z6yS9d;+a!I-c6rS~h<RCYZ5
zWXBrjd%yw7(9_Pj&}~(Mr}_9tQ|J(LW2i<>nglb3yENZqKBsNf_P5%i;=QNe9!vbN
z(^>3lzP?$<hZWga(4h%Ff}hoA1Rp2em?JBpCQ)hS3o#-Et=6B|C3l7TCDz@H?`8qa
zVQ)5?g@*s->&<85KbiHYvq99x%8a^Yx*1y)@*;Pi+-}mu4wRG`kGPkv17#IEq0PO;
z9m_1>ws*f~pP={9&DGXlo~Qceeh-u1tT9~6)0$d!?)xEe)UtD(Z^SKRz&jk^cJE+H
zWJ>@e-WT6|Di#J`y&FAllVpGFKKU9T2sk_ehwT$!StYqSZ~3=nb!=p3khTe^JCtu7
z&+o*lyYb(AR&yEldB<fE$BfU3-gK2<h$aOp^aOPSw(Z<!ES9L7-O6ZBxe4@%PJxP%
z;AQJeovUsK{y8c9hS{&@;GED#SsZ0QO{`>}cFMyu-^FO;e#k(^QBXB79S+EhM~gax
z4?!avvtHayjiH_=sopbgXfm|Rp34x|v9l<-XTHNQn47D$;UM{Q=^H|ZDQs8=GQz^^
z9a^rPkeVx}vdZ0s1`BAf<-++qt*D6b`*+TAOC|5Q$;lkh+f;|1Pe$TaQ7*qH&=i(p
z6AyIuELkj8hrOj_WHLHhPMqo+K62*+5cD0r_K)*;(MQoyP(kLvH&Z9Jy!=tgEo%O(
z7+Uxx-LcHIbWy&k``h!8Ug|-^rV*F%Xl``K_xek>um@IPk)yC|UnAU=1vcGsoBg7Z
z;IfTIzgNI`R8|KtiQ`V3IR(`;an^VpnOR0FtK~qr8bm(&l&B}89~}vgF5IdRu&4Cn
zcw1FhKi`s9E@dKVR;VGtpb)1D*^%^G!?b32eHO~6idKZ2=eg~rTg4#ES4BM;ox7(0
zo|cyP)>NMnwk-$ow%zh{kOSS6PL(J_2_c6;IBi(cpG&*??-eOyCpA+{iEM@cDyj?G
zn%QX<LS99c^@OYB8qMMb!l6?n9?a4FqqJVql6F%x*QGJ-v263cz6uVO)eBOU;X-ne
z+nBPAhG3*uPVMH<lf-3_`J3H?In|E{(6Mgt0JVUV((}AUplifvRS(g(TzM#2J-Aw+
z0uTrBm8jN^5b<wd1*9pVR>?%rc&*fUJYknzWf+ZMOcv{geI^BL%a_f?VXqkmOuarn
zPZPocN*&n632Vas@ZL(tDRg(Y0C%h1nm0kWHhbfJea(}T;Pshl*Xg}{tx&=E$4U4G
zR>;dK_kb2DRj?C@e72T~$z=N|LIa3Rq}wKNs$MRKh!5a@iiF_^3RzXcQGPxGT1(h}
z0smWI0I+=Mr0F!C07jum`3p`s{<_%#lZw^jv4<7->HpZ|`(M9uu$c^~`7g0frn(#l
z;1UyOizP69M`=e)^#&@e04E2(tJa@*q`D{ej^!f;_d9x#wKr0AAHM-I!GNH@Tpp}t
z&y5Sw`J83BHo3QLf%?l(jbQIVA`?Ema|q7^Ne8j@uIc8ujt7hggXs&8+WuBr1rM5I
zKohBMHy`Cqop8kZja{1|<vN2b4(9zQ4)<lXQk6#p(f`;vdJJSEM6OR=sBSVj{$m{;
zQC3`E_8*OaOuuY1O+Ub%7tluy5R2w>C!BVBGua)}B4~taaG&5w2|?BU3{u-?=}a;q
zWK1U&U3Y73_kZ7!Zm~?LX+ArSwv#Z>vJW5MaGGi!_EoM`Pa{x`EfDYaBHZaS(4^Cc
ztMYgPVm1e08R;ck0!;UtCtMp}2uZk3pgo)nU^kQ-Yp^GV>c<4WXU7KnkRB?GIZ6IR
zS8i2{-uUKQ%~nZ?R`jY`)j+H`37SKCL93%yM5<JwJipe1QLKriA+WiFP@D)DWGO_y
z=cUn^k7;M1eXOQ=SggrSnQ_AcDA11}G5d7)j+**XZ$rG$x7uAAo(%0~B$kHA{h1Xx
z3RF6k&@Y#C8X%af$JZ2pYj@_={pDI_AGsF9h4`uJoT3xNxWA2QsFk=Z4#EuKaw@?H
zg)wz-{5oeYwN|_V?^%#@#$sY~F$H!`EWnfXW)8$2G|#ZQz%lDLm0(@27^lw>#$%VU
zdei^<USSz<cB#L4zATrJ$Ytx*4pBbk+M49*|6-~^BzgdPMQ+OGQJi{19>c8^Y$!<Z
zb>TNJ#4$<ECy)VMc0le!p)(ubyL`mQy3}iHp}%!0Kd4-s!V^qdIxjhZ<XDr8v!Wi?
z26vS|exr}+919HS&rBK-KN}ZTz{+93p}hvsrxR7&hMd0cjqZ&-!y)*9OWp_|V`tLz
z7#(a8Z&lPN$VuQg7AuUDk}NEZ_$%H+Dti>~H6*NkT`vWi!cfTAaX$n3KFi_#A?##D
zGNLmFK&WJ@-6IdAbu<>Df&~r#oHA=58QzKuI!v^F@aCx(%)_5k&~WvU;J%X;0Z{nQ
z7(2k+FsmXJ5XMm`%J-*3vL+a)eWav5Cw`9&KpOp<=r3i;?Um_jm{HWTm={;R0a9{a
zf}&ToP}@-R8|-M3e!H81WkI)d&IPlU=irBq>XTT3=y$rX^%US4W1UL`QIk9zm3l2Y
zHkGCw4t|r+YqdP1R<r6Rt=g-YDPNUEsi-q&Rbnn=PEa$3lmjYwY)RAIY)~XkTi-F0
zVrOh~ud}2aX~sO#+O!qWIEQ;(IJneP;;iO+Wi^hac0<pDXGBtc2YDN(UkjKAm)Rev
zbDWLIINYpZhu39@uRUrcNE@nbttRq2pUi#%b6L3`DkNFRvSHDv=8UUzA2z|qG3tlL
zOsjiSdr4|w7-RqJwH|sc8=0h}{K;z*NR^!qrV%*93sFZo*#1X_#r}&QEmZV;wQwE1
zH+F;RGUX3&S9YMb{}B5r-;1ukS4ic22^0Bg&@Kz8+bQGpOmZZldI8P-%djT@)BGad
zxd=nb%Cb@JK^M&Tu<7Hoa@@n*WBD=FdJiCDpjns3`5{fp6Pg<hHMkFTr@9+X7}+^p
zowjni&aOP%wkRMF$cTdDVebX3V3H14wU7t|f7Q_;k(QPoQ$3Q=&<Hz7IM<$cXZf{t
z=w?AQjt6j8(lU2|JL@S3MT3JqLu}*4mHObf%!weki}&uYDEN$ct7a4m+Dd_LdG9yL
zx4U+2j|;g}dm+LMUAe@Ylq(lb8ja1P%+&faB@wHt+-m;*?*tt(UM;1n%xKx(-<Z*h
z^YdG$X>sW`Z$gySkB95&4sPi`d|$5&aw&$c8&&d^90MXmfB$6|@!h6#v$VjS7|fyv
zo+O)4x5rmX+z_S_6!(6pp5-I>&Wzr8IwC@Uc8mO{#@!{K8!YJ7_5ZZ@ok3A`+qMJ+
z13?r)iPA)g%4dUQ5d<V7NhC|oN`@v05(EJSBuYz=h9=XJqbMLbL(}A(8w4b$yBfZ8
zZm3hQUfp|tydQ7>*;IFRvG>}0%{As+V~m*)Rv}cv@n@GmE2nj90x{LPMLZe1k7^nm
zRZBhKM(*>=%Y)8_)tao$s(r^wZFYzRgTD%IR}!<{Zd!>qoIub;(seyfcugCwpR_Y+
zSFFoxRQsxcqT1KL3A+Quy|&ahcJY#g<Jx;C4cgubk4Ld8s2*+*KQ!MJwyQR7+vUhJ
zppF_8gxd6tGywrPd@Ts(Nv2xc+;8ZA3GbVqyrH_s3^9Av(Ib>eBW}|^Yo97bG;2nZ
z!i$RF>g=CZy%@8EfYwPX$YO5updp{-_}?+GkH%3|yl-?NpwXs$tEgZ1o!-pTi?JQk
zJf%I3LKLIgUk^&}m!j{5*?+;k(=Hdm%AY0G0?3b4hrd})#n7lPK`52Mps%hMhc<=Q
zo8N>KFhOkZYmg04)V<u5tCovw&G{j^-|v5MKYK+=&C5qk^;ZC7?*XFC;E=GD1kTnJ
z&VJ`YyDkWMeZ?Q_F748Ml>Vy#2yjm9-XBBThb!rDWAhTXJkrY(q16$JlFN5*Kc9fb
zx4OW`MZGGoTpR1=DhlUN5l^qZ<g#pa;Uu=-b-x~HaHu_+qOF7Spn1wNk|nM7ah7Fj
z1xU1^E*plsnkUUy3@lt}(zs%)@aGM>)gF-<&Ahud2|3=8rO|hFXuq%{ZkbN9Cvj^N
z=*%AmV>dg5vt<PI9fGhn2H1Wqy_&6wCfxHv+Qu+S$6fcyHx*p)yUqx(&hjf1k%-w#
zqS9T_XLAp8K@eR!fqmWX_nZF1ukp4&rSfB<L3rhdlrCOF-w2<2QC~?-54*fEQuaSC
zpDoJ5Q$<+=jZ4+|epxaZNjUr|z-2NqA%F>_7EBAZrVJtzVHk;ycqY`Doy{RtS>RC)
zJeE{s6R3>a4D!PfT`e44R;pcZ%i73sB$n-AZs->;gcr=(4Qmz~>ezNvFw=U^&C#6w
zhEo^?g8Frp9mxw`AT(6-Gli}z&c>JC--C`e^R;f5+`9Bxu+m!|{P+Hw<<%(b;E>9<
z=hB)wEp*u6pjL5lu~9<^g{7^nG|n%VOB}SgAs72|jjY&n%4#XBlDV%x<~LQ>T0`WY
z=*WEed?^Z8GlDn&Tw0DB`zD;=LKPML4fxO9?klJyBPD#MX%E>-F*U~rF5<WK&Nkbf
zfQK<aVyQ$`Tv>pH)8-ZZ+TM(^D**WPfN%a$HoD)+y?y#9l@({BA}!5w?~Gmtp74Lq
zO!(me-Kxjd{M1&Lgtmzf*uSJHwZ)`~NjQNvTn}GO`Xv(J_6on5cRVwZ?q~1<w6(??
z=fDu24jtkzw|@%19yN{`@`nbKH|A3;St<+N;9*amQCP1#t$mS*i$l0HMQB9&=r@b|
zFU2CoDjCHeoj2Ihw`ZM>tX4Hj&f+re&0i^m749-vN^ZT;f)3vP$Ijz<AqEmE8GLa_
z>F~w9SKGl4T`^k^-FEr)dMmH1yY?H6l-iZA<X83U^>h;&Yd>lQ`KFTnH^msw8jcQ)
zblfO`<No3Yyu(K}Ia)BWSH8?d;Yn|mg2}%JNgbxSG|L%H?>|4-Hiudi_o|Ifu77RO
zO$hQg9TY#yS}A(!`<U=|){c2BZ@&4>Bo@_eb41BgF}h^QAVwjpC`ublemj5OHog5B
zh3P_CZsCQKP+M|&{>L`uIh%UT_q5%#=juN(#YIDB-aw}u4bo#r>)yLm(CEY_P5|h~
zdbWT9OCpM0JYAwer4Alz?(TEyl8il&4DJ&w{VN0~+xUM%aE+9+X850mkN7|N=XIQ6
zm5|EFa$+!mWR{Yyg<9@K1*`_iaLv>-Zu&+i&5#v18O4<qT=k`mQv-|o%t!rXzkbT)
zTspX^If<1qN6=kS&qq*k9T$m!I0X(DW&rzxx%F>-*s0xDp*vWsD}H+n8_@d>KhA^v
z)?$u$iUV7Ed1G;Tg6OlrB*TVsYExxmUd_G|GiN^1{~)Q2{~KRfzwTRMX!vfxjleRS
zi8t|olP(wjoibDVptyu0oqQr-7JgXloRz3Dj3dgNfhw})OC42|GEYiu*$mhqwq30+
zX3a;Sv!yxVrF`1tC^G}r4|CF8^V0f#V7Gj7-}MGB$Dv?na@~XMhC64JN@3u>v|3#)
zItp8_snvM)%pZl~H(VYmD-f7C(ZYz1RxI0i)H$PUd+i>K4O$~{j1~lqjt!eZNWz>|
zVMIYd+-^#?yp174tsbM`v%VbT%7LVi7|<hg8kq_IF~V2pH%srr8Fw}dHX4r^Y`L(&
zm|C#Um8n9Mm=qt{0-@y1qm*=xbzrE;d=<dJp`D2VW?OB7DdmID#c$tSwzoZW?C4rh
zmhn&~{DM?6O$8k#%a;&I_l~nyRNYJyTd}L{D!02OR(i&Wt{*rP;F6T(N+2NYtOyw0
zY^y4C_-$!BRC|L5aR*kgpkBQ{8g2bPWH=jvkRc6RsB5gp1-K0l+xid+=6{L@kNVN*
znJPq0{O*L3rEoRlsO)yreedXgjXF^M_g4Bz-PQRBWExgKi#|k-v^{36#vU{(5VZ!%
z*<Ctf>Jp#0W+kll^5d7Wh=({WFKaegUcET~(mmV#!Yd-<Fi@l7-OTv9UX~*SIBd~M
z4J*sbg*#zHBnLj}v2k9`eC;B>igHo=*y+2H#&*1pHsS2VXGDiam0+SF;Fse*6-fPi
zt!ka<Yip}Klo*)CfZfZCID=5+f?>$O@r-WXijD@^Y<uJA=NFVj#eHP<mGr|gx`SS{
zW&Wlyxf&HwiEghi^Xutw{AI86ZnFn}-jUEjzvp7D{nJTL&AI(Jm$?mDLNJhN%JV6s
zAPpWH`M(4y94zrA%p%I|**r1<)-rW?bC3^Y{QQgxHJ_THaPDhQZv2^a<O1|T+biuq
z>+&zH0yqQhSm7zbO5wIFLdeKKWxqew^u}wQFmLy$Q@Bmn;23C?Vkc*<?T6K2`O!xg
zvPT2?K_xZ!oKo|xexS!D^1{_kO?1%9jUxz!T$#3Ig=gkFnXPS01N7R)8(iS)zYUg%
zG&0tJ70|8y&UOq*?z))boUn=mgSh_19Q(yjLp?H?R<~@VD<V*wXu1c%F#Y|{$B=#`
zJBKs|l8n17VVuR+@~bANLfQ5A+Ag`dr1>%~lBjj~oT;4`Jewzi#Q@r<HJ2E$ELXr4
zV2cs0zTP}NQ+M`LTHGB?nUcD;Hjvn^dwgwu{T$eS^d9f>uORUom&~%dA-1@Q;|(1K
zWw*YX&I6~-tMmI(8`+|m1RWUC(c(Zvps%$93jf8}wz9lpc&^LJQa=Mq_WfCEw}e;S
zZB>Nj=N{%{r;#kx&QB3x6h-OHUcAN1_^9O<1i{!G3D#UXxo_6H+r<{_R6%rI&COYH
zu)u|HIw2$5<S)(q!PEq#Q}OQtE*KwrOF!Q<X5m4Ke&h~Vbs>;n75@WJa5hnpMfN|`
z{oeygQPHng%PfH6J>zpGy*0(PEg)kR5vtmsPr47LboaeGnsd)M&SXZz=(j)<1BPD&
z6nk8l-l+yC?PP-`g@3|1S@-t9R>?czD`%aKf0%%l25Rg~>pcRed-Z3`DUPE5IWVx*
zu9vlz6FhCbvGE<Yva#e=rAc;gvzcYoZ9}d-zD|B_vAQvO;2K5AO&lWFXjs5)mz{}A
zaijL1*z%94NeXj5EP$o?*DY730{J8yBN`l(f)V2Z$9ugU)^cw1mye4N3*1(%)P%nK
zF_SgEHG$0}^U-QX*lRW2fl~5-H8lz(?J^(3<Q?wvm!wnzIVSKI(25>zT-pqo4h9B!
zYNCH@Z|U;tW9btU`m{%qHdH8_leT8dNh&)$_#0)2YH+ymH}Mrx<nxw9>+>rWmZKvr
zG@G<lHng)DeD<n#pt>llwe7LpYr@#XoS3ow<}Qt&;`8&<QMuc$^>a}zp9|)5I3<Gw
zl%QO@%^Tb?I0qZZM1G!!CY-acIG3$hFOExPmIk6kP0&h~D06<V$ub1v0s6ozNRP54
zwZ>J`fd5J_r)IbtS*t~C$cK?T{)>-|-h9?d2t#pGw1=j6Bg?K=$N|5aW<Jt)lNTw9
zwZEp-XFU~+)l?^Jy@^aMr_#ACP(aJCe_;}Eg%jro62G6r6*Y?(cl=TdR_g&HTT>%m
zg1HJ#X&05?OGQP^)JvgOS2t4wu?ZMRR(_+rFC|?N$Uv-x?wabTSNMz6U8)!mDByal
z9O){Cd-Fm<7L6Pqe6KyMp2D~K@w(=fT~mr*^@y?v5p$&CmFDQX)@wy_>H$USN;M_(
zgY#s)!@ty{jIEn^l462qaP|Ymrf~SXXATt0{leb_otNcZu_D*h&&GUtb=s4>bXDwV
z1^Z^#2pwt)b@*e7_aZ1%;9^oXvaFz`gitI%dk!p<zb2&hY@RVh5W5V3Fm+g2-)HtA
zFD{IG%X>!poehxA{r0N5OdWGf3xsDhnlC?`=|Yl|fg90}xe<b>)ydUlJ{rQ!*_jH{
zS|Jt0V#P;8mUSnx?4IqI6c*d=WKaXLrfd&$fEEHskwql(8)`;u2eh0B7?N2@u$hr6
zTMfjV>!af}u#J9ol__kT;iJt6;q$s=%-;3F=)ai0QH}?_><_&&f_?yFyC?RT+z7ae
zH1o7=^4;jh#3w7Z^8|T=SmUJjo`5BX-vYu8{?C~r5sh0aq#jvVO@TbIY1<3)RbM=|
z9rXp8cA@v1h03UNpHjTffJ>GL3M=SEM|WU>avII2u-EUuaYcBH+>yTMRCuKnJa;v>
z$<0>R4zkxby}kxHZxx8D!J0}cE|*uI9@K`(zHB<u<dj|Df#(KQUiV1V4(TVVLM(nn
z+-OAnjRTZ^{HsLA2Sln3{XT>C!*#X?^yB1f>7Fy7KZ<p>VTW6IEn+In!XgF8fQqM@
zXDztOB`$b`$!Q<wUi_j!)>P4mMB6$D5u1!uk?&)$Ax=1^XqtRG$b{sdqu#lLF71Op
zJ${lC4*i=^k!yiKV08H@e;wBUKrc(N??sw(#IObKMOhBTO--I+p^nyDZ_O^U6VK*V
z*g$x1`<gz2D}oj!&1}<g2A+2ja9<{^-SzLBG9EVXyp+9D_Xn?mfbo9h-cd*B84fSI
zpWmup7SlZ3^L_r8qrnUn`6>V4oVBTrwNG5zQM;Ff4&pS}F9rQ4=8jZS)+Tk>>%39}
zG1mH{tNxz_O~?F^j@kXywYnBBhlsE){^<Jb(MyNx=(<u&?7bDp1%`l6oM@TvmAb1I
zCf+5c;^H3>SJminCFAAc=K=KEC}JSxqhwZMUrvnW*6|;Xl=yzX3T-t*s#_~-wO#q4
zxE86Cw03L%vuB^ve9mT++6OHp`W3Kj^FlD_nFE5{aDTdy=9AmKP6+0`bWX;e%<ZI<
zfhfTg%UrmFc0SctfcItcD$DxQq@<3w+uqBvx=VkLCyUAXw1cw}Q?kLKkdjR5EE<@h
zEGa~e2UK&>NXilQdwh!DEfU?3CweFGrS<fU!dZ?Tk9Q^_&2?i<>UitT+>7w$B+H26
z-#w~<44n28?*}Nv3SAS(E07~?ENQ;7n8Q5!XEA~Ymk`+f*NO?yUjnD7;SaO!e)K6<
zZkj<pB<1|Lv+EqvtwdgHcE>;~m4HvkkT>+P&*hvS)dVT-ZzvvCeoR0HB6jAit&4gY
zi*%eaAvLZUROMFqF3M!@WiPoeH!S{{bSZ)i);|}l5HmJJKPYH=W7mBl&c?j#)IU%+
zZj!%Y_9!hSf~^B&_s~3*W}nMInZn&i&i^q}w#pF1w5%MQv+92>vS8)r7uvN~ls=ZQ
zfh8hK3-cjzTfJ+fAiL1R8E(3(2s?CCsCkm5-q)U2LAd8HM^5!AlS#yvySLcSkSJ*i
zp1%Io)m};?ZH%hQ<>Si{MpTn7pDbcB;<taxFXn7Xh504rHEQra$ZOz+>F4dPdWM>B
zCOL=23;o0w+LqqXrzY5A?j>5mv<4x9Bf{0C1x3XmhiNbcIm}H@iK5PMU{PPO%g~?E
zvi%9a&OHzCvPwvIk_X4_LS#swQ>81{rSe{DGJxtT&R2eZaVq54ke=6%9KP1?1GYNS
zq;c{#;m^7C$_epruws!KLL2NhywPS(FVm4lRK;59MsOv~^g+eyYk!%MqRgae&nQ~_
zX`!n5k-5h)lEpNn5W=H#<FdSe8kZSOJngiVa(6xCdtUBxIa%uyHBxI><*@z<=?Zu2
zl|4!3US}!T&Q<V!u=1ZlL78xxz|@}+zjnT+Ybc9`7&W7Fhcc{r2}N$UbN`(Q`H~Mu
zF;r{XK${2o6=+rUY`B5yo8tM>zUy2oJWCTEUniQ0UwiW1{~ex0-mr6B$r+D+*I_;m
z&=kAN(5a;@MGjJ{D@HY^!1c`SGeO%cpe9$$bDr0uOvh`n9tT44M8UK8iz@EyBOp^P
zU%G!jSy3Q!QjYld0uVBf`n;Laf69-%nw2{lJQtbhEVqC3^-{aYB9M2dc;LxE&OxSb
zBCQ;a?+DmX1io)K!XDJXvI+_!56`N+ABzCPS~zBPc6C0<p$S)@{^_UjkA>uUfKq=T
z%VSajwS@+nRm*cSwkQ}g{YwCThq8meq@}0+_gXSdUpHDGtI~#P&HJ7n8s_SJlbKuI
zcdRZg6}a>Fb_z$25RFln&%xEBdB!l+!+pm;>l2JWgGi;GJ-cq;gH<}(J2hxrXw$ab
zmkJ`e+-z9xmBa~*Z*d35eehF3?07&JJ4s`AeL$hpf-;VCF;eF6>o=3^6nrZ<O=aBx
zxCuwcx~`9hGZ7w6S87n#4iDzahXixZR`9D%tEESTx$U2Wr<hB04iKNcso)%@v3&ii
z?sQpl;IvO%<GJ0txwAeI3AB1v`$f_Cc~|rO8t~5YZIDjo0|y#nGP-Vm%cm#Uv8plw
z?#!0g%q@s%yJ)}#=c_hg=6O=9tAtx;z#)8zjvSysuOZ`L<HhdOp)v<XA~L!xC~+JR
zL<aaAA6P*#>9Uc7i67i>jC3#PxJTAAOi;F{dbqpHWq+;)02dawkefN1M{Uom*>FV?
z5Ebb`nIuXrz<c&1*dIzJsh)d)(bFRuv$KJWQw?x%T%gLLSqCOTrV0M0Do=?}*1$;w
zp^f7?cQKO5Cfaw;OJ&4oQYN78!l+b{u{~So<C~Qes^I6{Kp|_{QEx_Cx;m?P^2wC6
zlms>Bjp1(@#+FjxJE7G6vdyO_tCkpHB+N{AmlS`mHTw@K9+j~+(0mafEMm1FWw}4J
z&G(jC(?nU&H|uq+$<l3#qIQGM(WJ{&aQ!maZQyq7t<*re3Ae#Wd;OlQ$CjVIxKc|z
zl11MsjpXYJ^LsAnM~hstR*eoSV%mL`6fh&#_vAaD|L;~m>X?;hZ-uv|{GJ2~s+E=g
z$084~bGIqzkSr!C?2s%a@gf%o%=!+=Z<<O@+~C)S386ne9Oj1m)m?9Xsj?s)L@(m{
zeGAK`r@G_tS;W^$<DDeXl7KOG1=qN)?HfdGkl*mvO}?oX3$EXTRqG}gi?)riASL%L
zENC-%_3B1(d}-k()b0gVTem-ILnGYZ<D|Qc6Ku0qU}|5iuj<|RMx4S|hY(yqD*fqo
zv6+QAs;QdB1qAHEf4%P|4ys32RTx4~S<EJXepN3jUSG;$JTMV0^%g}<h+VNbIo(-f
zFYefiAl&P+8aB1*qjJ-w&TLnbL19!!?I~z6W`$Dq2DcvGyY#1bXf^6{qGTkKtopQp
zV{!hrv61j&ue-CwKZisE?tTk~q8_0xG!3c-#|CxmjB9(EDWHy<o^lVM#2MY0myQn?
zuhpZwwvOPDyNwR!uxYo`<EQN|r)geCGU&*eH8&p`2L>efOo?~6Qz0Yt!l9|&(w7$^
zWqO6V<_~u#rM1deFGm*K{+vars?d2mIX{`)2g26HJ5Qn$-1!<j?uWqJ?X%B<Ub`E)
zDNICXuI$Hy>v(=U=#pXo`y*xIuv=wo67S>cHWaHdTjj<yL-`mCW>vq|I@#Y@S4ZdF
z+}zwE78{<Ck+Hb4($;AW4-5<}Kb*|Db=X%oUH^@*X+s+x`7@ZzR2JPauK$9T=A@-6
z(0!`ncy2c`HfS)F!~6?p?=WeVamP`yU0j;4c5wzqc&W-Y=+CJ=mk%>uias<W)IA+t
zMc&X=cbfK!G$uHttE=l5wvMl<tS&b<(05vQ;(bw>Z=tcmu0%!C%aF$mcz7KHQGTSV
zpU5aAoaPmeR<VXn9dWf04M{uMR4=_eMXz8UL^Mrd`qBrM==Ie&wApRT5%(Bwv<Q7N
zNm%OHJn3cIHPn?aj9F8F4SuuYog=nbK#yg6>Z1m7F?Ff*Ev4Jto8fl(qnVU5fy>7>
zUy}OPXh!TuXzM}+1-!KJ{A!fG6TMh#3a7ol`%9u>if=7Og74(8Ek3^Dn{n0dr1Ab<
zr^4fjjF8A)ICh0ujqU|`RK~_*z!R!K!|wB*-V;%Ub$po!>zVo(k3{M{6w`bkZJ}bZ
zGKc=0WIH!ZVs%R?j49tB@}u?o0bAhh<u6|be6y}*>Xvz@9|&aHC4uTSHF3VS=Qed$
zlc^H^FP@QPdhgs)?}Nj=KNJ%;@r(*63g5)a2Zv<V40SO)|Kg;7&_%6w)P^M;>ASef
zvN~{6Dwj0v>EdD5^@k>}9$tPkkg<m_S$&zysBl70m%D>P>qW~Ka4DPZayL%Q%S>+$
z-}-al6j|pcBxBAtGwc~P_IPHiZ}{C)IenP2bxx@RBDJGM9}(J8yZfyWcI3=LQH9X=
z!1}b8;^R5r!KbxEKG6Fj?8134!P!u=VA!@JAa#9bdEQ8+pD(X0V;H)&^;Kc-rU|D~
zT!zhkq3%Lw!(?Y<?JAbpZs(}_+Htw{>F-w%-cHjh!GWPQ^D<Jrl$y&!kJ>cR_2N7G
z_KM~s<nIH1GOH<GcU>AbB_Ua8+<n&GWh+?juycepsG<+|b#LZ68T^kw%@7;%mf&nS
z4j9A0#~|2GaNxx|Ala1>5AS?BvUCkwfxMMO7jodG4~ujj-%_QN-SjNaK`o%$!^Tfa
zMtb&+Y353*Fm{A^mc9f6-Hx)64B_jwJ2mCLlb>u={$epMv?p^lXvDe%+z5MZW^ZYC
zX<K9M{WOa+8E`%`cHe6$@0BRo8Fe%+EP)sXY@B==LZNoRR2H@Ev-x6RHtxKA$f~Q)
z`n%dy;_1j{9T(nrgT9i)2#O0kZ_j7v_EddN5ejv^t*xzRWQ0~hL7@kYj!Pb(v-<cg
zN4ucuR7)$p*o$MniWtSbFYZxxjZd^p;;<O@wM|Qjw4lkeQ!y^5lJYnVTe{|2Rhp#r
z;`wvS1BVNE#eaznJyOVc(#fk=el2rCh&qgK*8(=8VI|6YQ<f$um=LcU`N!xdLob=w
z5bVjYlUNL|M@i~0ZE^uv9D^-hGduVWVno=%Vnp~zT&e*d56_7B(hwdVULoNHTW}h}
zClCOqRXluJaB}tYBL%1bfBe5Q0`&9apt&d99wR$+{}82(hvz4@uB_5kF>ri%`qBPW
z)NwYzR&eza?(r?&dWv`8vLjFl@j1j4nedr0P9ZOYXZ?s>r`f;+I<2+ak@Up^eCT3U
z0B(?e%3h@_xCc~3Y$j^SfimG3Z7Yboal^WhQ$n4eb6#-4k{7rSo<32Q&VOv=|8LIa
B_80&F

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png
new file mode 100644
index 0000000000000000000000000000000000000000..360e07f63fa27bfe51781933e4d05406f122da79
GIT binary patch
literal 78906
zcma&N2~?6@)IVyYuUT5z=vZ&1nVFTEIUtsmnNvB>ROU!Zi8BJ0l}&1cBMxXP=7{r*
zWR{i#4k#!NWTvQyqzEVoTzcQ{{qFzXweDJXuf=-SKAiJBo3o#@&u{<E=EY5Gvt2vn
zcSuM`>@vT8#a2RMdx?a^X4GHX#Vtj@ykO$XCaA61Wr=cv;=EYd>U+uRl7vKMqV&d{
zZDL*O!F3m?goI4{pU<XF$j5sU5~2e0E0^peJQpXVqV0zTB2jn@wtvT8fet1~SLHr`
zxFc0&(fv26?uGg*$Bd1DZLtE9<CS+1i+Zg8MxE<@xhny+H@1RBQ}m9%kGneM)PmeL
zAKJImd|T;X<-2y+-#RXWEuDw@_THm<+9=13!<NF9&TEG+`4aTac>@-qo5e=`D-;tw
zuGW8wME}BHj+_3|a(Z`{{%=Q<jHAwfe#$=*bK!ly3eKJ;vqh}V#hfvqU-5oDm-nkL
z`^T(=#BR6VW|g97@=*Xg@mP?IgoMf12cP}op8aimK5mxKd9vPf7Of=K8Qa=Ui7z>^
z$8K(u@H=U2DDDcoT=8d~|CPXJxBra$S16Y65UaLXhC9V-&K6fLLwo$Fgv8!db{w+F
zRHDDJ=g_bj3=AYmOB#njDd=2*$g~7&Wa=f!35Nb0tKdJ!OjeVXVyQ_}Y5`55gg6fH
zk~TBkc&w*#!j1oSX)L(H!(9^d+9{q{SQ#5t1i~(brKcEi%i*45DD}Qw2csQ{X57lS
zU3SLM4a>v5;3D0d)&H5=@1K_QwVHYu_29@yO|c<lnaw+!YbioQ+7y{F<yZ8(sD7e=
zk|0%g8o#K+Sikc!%ku2EU$we&_gtdCOW+o^+xyte`O*%n_9d}sMC;1Vv6t%a^}~`S
zjfXPhJjp{aj^Fgsu_z8IH|%z8S=y&0{jjlepq(jC6nCH$*?uO&oEunFTbKb2ob}%|
z^pDpJ8ajqbd9;k$Qv#w7Y>ldd$REnxqT@BF&kNBq7?+GGe~faFFwmB(IN30F&k6^F
zG?(6)*(PBb^J%N}4s?_SI83>U^*Q}^Tv0O7QMaV0G80npxsW<2%?A#($pS04JnF_j
zM0p7JyU8>`>x|_V(~XO<N{iZU`=O_I$vrrC$wcmB)YK=*bBTc#)mx0E-|Mo3<i7)M
zrBgyNE$s(}M>=bC(}UAlWUP}Of8=X1z<XBv5y)$tfgM4*-N=h|h>yP}9B;}Q%Pa9s
zbo~C8c8GH$5aGb3G$PQp4}}jj*D`e*!1#BLL)%%a<*Em8xjSI39Cd)UO9p<<DB>jY
zUfg*F+mW^{_5wlQDHj$0WhLFNG1{#7oz3y^^Q$Oc7}l%x@hS*zJ%7tLlLCBGzc_$j
zFmpn<py}i>0+=b&Qscn4K8$@4$T$6d=7VDfdh%G-#M=a}B!#V4(&Kf_{|XMs3;fn%
zLc3J4!^D^Dxy8|wg%lVM_sZC(-8O;ka*Wh1ZuyajKB(wgAv7tGjO}S;ql&e?=RnRg
z)>7U9TKkO|LzWrm7r!_r+N9k^Nv(c02%mLzZe|G_W!KWz68t%REf@AmC8baMCDcn<
z*X=`Xdfo2^?Ak~&T-07W?s0dsgVHVDZo`}2kL}HYVVfOPFFJ*H@AhC2_S!_bs+<@z
zRhxTPbF%YKpi=6RL&993cm(3eP49de{b7PzwSRNQ`vy~3*g{)j{r16G$917o2^_+)
z1#Olt%g3u))BPT`$+Cr0SFmrN^^9GCFzP(jnnOP+g?7YZ(U{g}mb>fOo^cWqHIRA$
zw|wG>Ck(u|U#HSXc>^*cfanzpRs!s=mPC3zR`j7b$UUZNxW?+IV%#z4Q*w(h4w{^M
zbjt2kZx3?#38D<4ls4_dgTE{Y7RAX^u%T}CXLXx;D$fdFCtUNohjwajx?FwV!at;<
z>&g*@_muiXdsaeHX4JdE3B|tQgK)?1OlRW6!%oRA4N7i4$FpQ%2;;tpwzV#<-6#*Q
zz1UGHj%y~JcTghj55w8#H<ch;m$kxAUxF}5Ud^z13t|U7_&q@>r*$d+K<KY6N{bUV
zv41%pJ;0ZrFL<&bb>ZG5=3*7dW@)|vYo$>BC@iqNEb8~wZ6Kg()`SggGT5{5l8+}S
zM&kgTz2>{C8WbnVU341L3ELuJ!XH%L;)pr$u4vCa+rQf$$Ewr>$vs5OrajdI(dvCV
zk6IlT`iGZ>rU_fcL8xEGHXSqH;%cs%b~nH!9g)(KGG#g1YovPCYcp8YZy05H^SozS
zb<HJQX{7OkPS?)GWdURQ=e8qOpZbO}chLIkx4b9OKb}Zbfjc&4`bfxvmqFJ3kF`#f
zHZ}`SHG98#Ct4{FXkByh9wP3{!G8zj&1y9#+j1_AT<BT7{XTZ8duxV#NP+CFiGnt)
zwGgxMQ&ZvoWIqc6SSA#PR^n4e3?HJ-g=9!1)ynG2-w#w<9C?zg@##$L;`9L{&uhQV
zS!^`)?-U1S6P;cD+ka=p#yRk=JT1pZzs!(Z=x8R>F--TL3B!Fu#ZimjOgxNLSI9}2
zXPszj$TPmIN|BZ<G+=(Ldy%8t9=vcC7WrP(vVGxoJ?G=f10ei6B1gpwfVt4+CScdf
z$u`gz3TmKvdQ+qy?AEypZ3D2FR?gE)=RK79G<FyGB3=2wh@Ro0<#!?FwVCo&9u}ru
za(0_%xFn@WcOIBZtd(C(A)f8Vg?!M(hi3LJb2!acxovyt^2-GNOyN)yeJ6l<F7?&l
zlPyBQUm&w-?zx(xOE5l!Z7~;dv0M2jRcmXX)p4SIo^B%CXm7eo&S4V?4-4@MIO~XZ
z!1&{M$6XaL`a=`vDM4i#*;i)$tyN?0Zq~$LPbBK&{kOnIJBf-a#E?4$q1jdygJ(O3
zGex-qn~E(?j7L&iQ890%FtxM#x??)E{FWoAM&aw<#zmi5I3Ja`3D>|xz4{JvDJtwn
zo-K@PJ9BjSiC%c>q|;&Eb-G4k)8WeWPp|Obarr7ta#T1ful_*3^57L1O76|WlyjGk
zgr^%$I`lrjRGh&;96i4&&jL1fNehydc+qabgEP6`P-j_7WwhNooinF#)i9~K`&U}d
zo8*IqK54|QIip-z`#p>i`<8{2@A-mL_1eI}pM}wn>YjWtIHRKPT{HLv?+lrw+Bh!X
z_LUMx9i8z)Sk`T>&Hi3IFl0$V;X~gGT)v*HpVLU9CPR{kc^2p4b}x;`FuqORA!U>k
z4t^UwZ|^^%PQcNpj;R!rP&QsYI-uK~cxABi^c!})=<SxUoNq3DaXgya0P<~Ge-vY7
zIDqv^<rKrc@O~<P3!pVJ4%evG{{`g|j+cw&cE(K_d~^kmpC-Q%_+O8_Yf-u}+4%f4
zNQ=!7<W6!4Gj7dn+OaJmOBFWrF|{B;Z)07}qVX5}wH8*8WNE2CNa2jb(!*BR7q>I+
zEs^cqc4TWF6ZV+DM%pA`CEW?S&Dg@IC#7G&2&dnEG=<5`{dfQoplzvgaN1sRU>sB3
z)SkXFd?3HW5_Z5qsV>ADBPw(P1M3pwI>F`r(!4a26#RiV`sF_9`m)=$xCefhwoezf
zx@zC_P7CC3sZ%|)U-{$t4>K7ElIsq*<I^$jGeoV$4dGAqAfz?gcKO%jV0rigc0fBK
z25~Ro9D}0rk$tbV;aBoHUI&@~Rd(&M>C$;!<mf?nyxaEpwM@CR!~Mi1?c!N02%xr!
zTzcfKcSb&bhgBIST&8HK6iJ1-LQtD`DrVfAPe<E5W9#J`NxcenpRC&AbZzMNVX;T$
zzicfDK4VQr#U}?Pv~Mj=0q~r9(=umgkIyAdS%3Nw2~yEF<IoF^ZCTaDiq~o_#S7(J
zy@J-W+P+<R7Ma6Mj1X*1zhh_j6*dxdjviT!Zr%5Bcn~DVxWmd3nGR=PJbN>*uwLQ%
zi+x_WfiBwXr!Q@vwH4lwOiY78k?TsT62G<r<ST%?)NM?^x`!vNJY6$s<|qzT+?jRP
z=SOy^lPZJe;T0q~zWl>2_eqgla!6IIAN%w{@j|}E(R$FDX9+FuyplG(o(tU>f2@}0
zdtJo^qnbn{+h0f8VLDQ>xK*cQRff<L^Rlh`IMXKK=#B=gq%V5>k{H{59{T3b_+et2
zwvw(&;T?3mdYm{uA<d7y^sM|ovn?^?ckJ|1+OfOi;n`MYIY$MeJdaEmGUt@1+#}7e
zTQff=I{fX*8yWC**vD-R8R6mU&*)}p?=m(|jkZ1|D>}bBUcvq)kZBh6UFF-0zpm)l
z;R6xFQID^sQF8V($8=N9pHV7na(lLQ%heaB$M%KAp9c#Zn2ne6W$j(PNepELycq2S
zNY+g{SYLl|=GH)>#md3BvEl2CRY4ymQtUfFBjU~<Vi+*0e8EbXuDZ#JH>{G~zqY4v
ztSFbaQ(<QHE$aj8%|y9J$l5NzEWlY0zMA$aMoK4>LM5Lbjf(>Q{xo@5#;B)$gf5j%
zo$krFaQe{6zpzvL{&AJ>V_9Er)fR}&(!(WxujIB#$D|n3vnKD>ggW^~%U@3-heFL#
zwDK<y+$8ObHr=RI=zK7%%OC#9-_4aT8gA9|%H%e5KYgJMDHUjsJ=fKwJWRY7Xu8aE
z<|kc?ZY%rl-K#eOPWqKJ6{K1I_6B`IYoy-6`OV^|Y`r1o;%`;a-9?~;gh!IU>Qb?k
zU{Uo)OKTLR>wbx%>g_#c&r*xly~NmymG&bhwP)@10DRGBsmVZYt}!4QXod4l%<$rE
zf>FC<5vk{BV^nfV(b0PeCG&m7n&~+%Zrh7@%KcU}JQ>0G3XTf)6Nw(gWlp6;Gj3L&
zlGnO;55DOEs?D&}Y_kJ`a=Gk0a#44J>~^C5wWCW!#m8;#fR1&geBkY0Y!&YWtNud!
z=%-T0pAIJkY;T+07yErxB+jd1o@qZS9#a|5X(Vb@fN!R^7Fj-6c;)ZAU`A~n5svw(
z$qY8O!~FZ)2(tB-AY+1Qn8xTOX??4P^#GG}pYF}Ikc8-*Slls{Sw2nnc^X;j?iE?f
zFV2vpmC?l?G5()}Y;yeD`_He{?N?qsyGdEgWblokQtXw7S2d6|p`9nuMY&<Wua|j9
zpX|Sq1%Onf*jp@_;>g#pOQ;@FeBJDx#+%(Wf$s-vkXp&jiD9E~>qV?~l*&-+Zz}Ye
z68%Zqth}zJoS<we!=yO0RK7-8Lc-vj+?>DGqf=fh6>^MEFWx_HlW5<HvDCLhJK8-n
z)H|yB(VORX{!uBXpX%slxYnlD1fjRRf%-p=PzV=|`JY;jQxDTTMO@75RCFptW4IHU
zb?3a-3d@3#Lq3mAwY!_Dj`*g5yLB`VYu=vOMrxry;H(LcZu&HP4efAixcJj5OXnx_
zlojA;zIs!`<i%ony3I<F5Tr&r)^VPedH?a{+)L+)q9n3blG5pbPgT3fpj4FVE^4Hc
zHPF_RQudYUync+gJs_gMSBCVs?*wH7qy=@RlheG!+gePTaNQ^H$j#7>qBa%f0x_6Y
z*6ZDJVdzn6*ce<zKNGXw(;iJsOrDokzu0?+hIi25gVQJOr?an)F{s~VHX_=~``JSQ
z)#S&Q)>`&l+KG-LE5z5H;i@CoS|mLwd4NKhRb2-6(rsk+xEBL?q~hN-^x}nwFy`cp
zcIG<w<H{A0@pf9EIMR{jnDWb#l5pLzpJxuLPPR<(r-0O4Vl>&y1i(LJn{DI&r2;`=
z{Up5kk>UZ<xYn2l<#(?PU(oJ}3b`TLUMeXOL+IXGY)QS!I3eD3gh`hDU-JFD&$n&W
zPApQtw|V=YJa1y_ZMW?gDeq78;Yv2^O;#{?+6?IZw3G=;=!^ECvbtC&&-fZ&?BM`O
zQBP<^U3_A$)XlokPXk+*Ej0nq!1OAytB{ITtx`ABjpQ=VfB)4h`so{j)`eK)`Z(<L
z6kY$0=8Lh5T<LeYIc7iucGeEL-?u}mVQb1^#YL}EEqKi8rdIzTA`;?uFy!y<jvu=F
zFRD7?9rsvCM14kWUPXzBcLb+Cbl8<COVNSdbaJuhBVlDU-={IE4tw~DIQAX?BHpXY
z;DmCk8CiQ>2c{fwCnwj7H>CeCjTkqi-p($tgA3?JjP147hd=5xT7AVGk3T%AantTZ
zOWiBYdjQyC9JAw5z05O$g7TN&MM#|I`UZSEt`wR5lQXmL0=B4auixX|Q+;Q#^M+s~
zL5ZZX+t2UYpU@Y_S$w^S{g&dqj)U&0jeeF)1_=@Ar&XD~0795sh|1|*jn{f2xsPKX
zro7q>nXC}}1)vUa038oyeLW5eT0UVqU8yrctVe_uH}*)-)veiznDkG-eS|%gMme!l
zf`oL5aW_FJ{jG{{lSIGr76*h7Bhe|dVSju4xSYw^O`D1MH;45$p-4Wiloerz#iUW$
z*R9T${lA`WQ5m_U4o&bnN9?H_Yv4Z@)Sm!vKk+$}$dw-e*+b7?GJ?V*dsR_h&TFe~
zVSyS@Wh<+a$Np+#o!yq&-ki-C&BJ~cgNdHS(75KBf3o!F?OlT9lAt#<yHf;}@@-L0
za<5u23|`4%%B8N6T9CO$Pil!DD}o+uc3KQd0`)u&Hpb^TcaIFleO$7o+N^FK3;*Il
zdY7GkUytgG8tUG8C3_rxE*8T{!frgPCM4FZC7`}hY-1%qQdU*GlaD#YUanKxeKHSX
zn1aGDl6gayj&_zF?L6V?B2M?3nnJ0@?Mg2Rt7f6g2d`Zy2A-->Q#~7O0?*s3X^=pu
zkd42?fhFqr*stDp^h%>d_aQ%?BW`q7ZL5p5)}+gdLgFNHSpLjMr-&P9|GSzkhfSt`
zNOm$PmsB6z7NUF@J=D5MSvwi1kyXX?DEQf^cK}%RjW40P=!MVYQ<w{H$VngcJu%lD
z3fy3S<@Qvb$4uhL#y$fPk4{0eIx?{O|MF`F4ZOz=bH^tsWon5#Ljtg&_E~pS<hv<c
zN$P@1Y0>a;)syV1NtFweWG9ER3mNhtUp^~lO-$6ymF|_Yj}-jALL}8fj8vU<mpD#~
zIhSF7Ii`EnZB!8#DV~@PE7)HW6SuQ`i7M$u+mbF+q<Vn;#Xv;|ZVxi-+gd_ex_D1-
z&-3fEYiV8)8KI>;%jd~yPI-N+x4cn8ZQ7`g(#X3<r(*x%;l%u%m|D`=E@thrlBFEe
zW9&+QBt#x!>OMNK^dqj5al{Gs1LBGWY%QUb9M0p7w5i+ieP;#O(M$X7z-1sUwU0gt
zZWfZRd%bz1Rie7QAL&I|7upRF@8ggZnd>Mo?}T)zm2||gYe}N!V+Zk)HIXzEvw{7G
zwu<Ri6WBnnKw8}Ruhba))8k*oPy0^~i5Qvk*@?t|SiyE*Nio{7`IpU9a$heuH451(
zal9wmC#_G+NXBsfHU~x(5tRNABmau)e%(L!_*eRU{(thIrvKk;<zNP+)g^pm?cwn7
z@OM7_L_6^QT3r0^hyOi8;>fMAiZ1Evk!`2icPdOqtbzXbo1CI|lL$V;q_^1b`(Glu
zl#2Mr{Ex{0J)adm`QmWt`OhMG;hq1QC2}g?O~Sbo26EBozf)JysVxr^k%#{GTfdk2
zNC6!b>UsN=QDn;<q<DM&AL+L@udS^O75+%lTU6oxfg=ASD2qWD6X!(RR@idy3-AA)
zc%9UIE)|I<Z2hotNnKRY3H-yy{wq3h`KEC)qqjc(KH^}y*@0~ZVJagx9%hA-T*3le
znEpbM;+r#8!|!edIl7HC+MwaTDnhz^YuAA`qz8J<d0-qA^)W1BDNm|V*}DH-*sWQa
z;KjZBS%)$N8>!c#!_!*Bs|+F90Z8l%nGa9<4$`*8lk1rAWiW<u(K=d?eC<BMmHH|w
z&z2hUk3Id9CzSMq^9d@MJ4E2Mxc0Bvoa}O~Xs2W4O65%SPoL4dGxcR-5WEM7Pa!8|
zW-iVi|Ge0}X#(hz6QBk7-YZ=VMe~5GZxI6o4*8*d_;{^ZvueRY82^$JoYr9p%rAZ1
z#;eMZ^Wb0Xv@$4MN}GNX79~Wvt+D$ZDV^-;zwpYaD9ta19h!J*Jj^O0vr4pR6>g7X
z-^MYw?HbM|;06q6C4$V<x{E?Ku48;&oSwl~-k$O(zu3L)3k8BiMCk8Ay7aDIL?=RU
z1=7ro)VjvJm-WC+Q!_6e2zA67FxkM2%&jL3#1`Xltr{G2531-u{KtrER3Nc;#~w&i
zdRXL0qe3C*i~GTUro>Nr;@!J<_iXEfCjJ&aljXBo_8Ir0-@PjxirJ{M)Ej>gE6|v7
z@{ByOu<ER?UX<E_vn!$E<N|qSya{xo|9A|i9&gRNJ`7>oE~vM)@Ca5PXyt&+X-p;&
zgg_=uYJ?DHaI4kLVgADI0UFateI?4TWGH*`*ao?sB;7pkTS6VkKFK<f@>69xWs=#^
zs@fE4n7^*a7(SL4CkZ-8Wfq_gL|D}nLaDB_5<pg}BS6S($&-denVP3Id)IeUof4nm
zs23KXBv-B`b9K0$s{f&IWBr_MsenT>6Wt$CaYpud`Epq0Ncwqdm7C3a!>yTsVb*(-
zfQ?#k0RT_b)PlQF5&rPaou8X%H9@XkOjygj59OjDm=23#0`veOb%+#WU@p|;@3+^F
z?|pIQpG#4w?VzMe^lhj3fa~$a5xQlMCy89?Nrwe)9N2S2E4iH|TJ7&{T0G(FT!?Vg
zie~Q92Zn{xa4q%9h~FN8wZX0M_3IP4<RMyHJ4cbT<_GIv$xRUkB_i&MKDQJGC5(g#
zQck;kc>VhIR^*ArBpa`M;9RxAYJ5M)9A9;(zT6QKAIYg`#xHZ>8$)*}7iawDjQI&>
zi_`Z;_ZX?prm|%ZW|w0dyarOWy+<L*W69AUI>?HZiIsspInM<TIb1k=!ZZ9e6uRPu
zijLC`swU@E2skQnhv@#(&;_8`1!%M$XH|(cH*>y|H~YRfa?!hQzk7M%%XX4N<WleX
zU1QWa`t$IzF9wsU)NsHR0Ay;6e?JpE22`%I!WtbV-#0BscPyd-m3!nXK_vHqZr|C&
z@Yn72`)RJvSy47u+CAk6!YA(Jqj#0!u5_y~$1}J&S3q)iW-3@4otRyHPLExGwQTL$
zb3qxg3r;-+9h#;-C%g6Z&D}iLtr9_9C77BT`wG@$L$I7NWS+_~o3+Z7HCA4)obd!d
zdM7I-G!S@tLg8Z2)CYIN9WcNZ!Rv%zz%#TowUUeO?B_x>@{*}`ubon?>j=F#6263i
zSD-yr&H}>miD#gom}zma_Cl;w*n&n*Lh5)JNr5?)35AZ-d@~a9O7|~3jb~+YB{f6?
zSd~E~&L%0hrQ`yXd*+9D!XIoYKHJ**2<0$fd*s9ZWBAs4eIOg*k`*ju)KINt1$mAB
zJlQeJwxm*4Wu=#2iKr^dNXeL|E|vg|YAoQMOTK;d*Z6X^iAZ$xnuFk1QX8Qr63+g8
zjOkZzs5ww`yKOUoGvXyBx-qiY{jEriUaTY<gqR}O@awPij?XK28Sk&cS8@fGf<=3X
zGSwKQXYzdy>zPWSY12|}kn4=K;R?`nwf5uKZ!Iz?T-bNpBYDW8zNZ=khkX<-s^CB1
zo0t0UA%>L{Wq^95#zSY1EJS_AKJE9~>kU|{sWT`PR#D~`5lsta$D(=wot0he+H>$)
zc2?q+Zov8qUKe2r<SVKMFDZzvAng&kz6fn;FONG((~QP-H!BUOTqbzUJ$x0JzyR}(
z2{<!0+epK2=!FmY2Twbh+O=~uJl7Y19m1&*^5sP`>_gEV><d%Z`aCQmY^qR9)!5cd
z?{41MWyswXY4s$j{YEk|VZO>RmQ~-oe#1yt6e*RW6=Kw-yKj0;Z-ae+uWg`{zQV0C
zK9-k6Mc@S^;gj+leQ<eYr{{%rv||-JyEIjn3_BwxVrn*iM}|Roslo@G?<nA>4CTxN
z@3yZJ_1=|E&o&<rs4vvYA&l=vUyDo8+Hl{R2;bl`NeG*B{`JZ*XWliRs(0G>qks+P
zZ<V8hvF}Zb1#b3{zn&*J`$rD8hy55a>|k5T+Ju#9P-`aeI2UBYf-efa7#~*-86E`=
zjL@@d3gLkr4!m{)--fXz`4jPaUndx+eZ%hFtJ04DH|G2sdTfdB1Uc=gEmG{66Dh`|
zMCQlA7u$p(CfscpJoam!>bz4by7-<Rv&1PAGioR^|KgJoAePvfnLp|i9RT!20fd#s
z)C(*e)+~GtlNI&ujEzBQ=c4~Ei&#lnQZutvA=Gts$Y%YZ>U^gHRrVLIYRY56SNU$1
zyfHTQGgn~8E9QRc#rNH!#fN3KO#iTXahja84-xbs`RLnyU_fA`^>o3-ne#KUiXd%}
zihyg+Y>84QHA21#J3P$<w3c%;&0ySjJDa+cU1%-Gl|Z63dT>J{dfMuwm{4cJ;Z*MA
zsvv7%R?3P)k1_#yZ}%im@sqEw?=@$8NXNs=w%L8gzNiNdz8Y9Dwf*(*xrgvsCjVKB
zs^t#NICy;P3>sLKSq5$0Ytsw!{8^9^g<DTBZGnPQ@rAZth-=TZ$T5AR^|JH1$GM^M
z56{R8n`ANlFqFQ0DH1fb1RlTV!6L^Gat7j(eNqGyV^Js0maUg(eS=OZwO^UU%QY(h
zEZhz!w63Hn56*O1);)W#U6vcSI-)VTs#desIf!-akxdB~BEfY^4{qFxO3E+eJ*2!a
zSiYjxYwnthq^>)JNB!cpM$rO#TbZ|L20(Cr2i`dlUG1a{yKbHeI>Vp@_SM5uLn3{u
znw9_CZ2ob)mH8gH<5zj^%3d3DTU#y7CPa<###3MxX4IV21ZU+p;cv*C3AY^PU<-RI
z^dRtQpEWPRT*4`M)2DnKZ@^6$Nw-l!tmP^r*6w6I>^R)?<FWJyf*k7cm`!?El@D_*
zHH9*R0DV<x@*j9Qo7y+!y($~Wgsm9~TOvA(@Jqa}-;0B}0+^wIr8BekOii>J(M_tK
zd{$b>Ao$;F4L?1dT!Qz>gkJ&o>W@S^YY>dT3!X-;A-)=LUo1gdLUlNqWIatvl$-|%
z*lXUbxAc%p%-`br_IHzfGji&COVDGcRd|+CpmKHe@662V+*DGJLQc}Bn%|)rEwdMe
zJ{LK<2L$YF=YZefyCzy$a;!tBeXTa0o{QkdJG9oL*cZS3(Sz6N?pHwdspLVLM&-~7
z?JH23seLRu9n&)TxfA~V48A`5_b+PD1Em*mf-9NaZI+~iLGuj+HD?YJtz>Z<ZvmP-
zy0N3aVBI>s1%^t+um?$R<lV$k%u=2BF3Y=9aX^0?mM&#TJ$;Z)kplU)Eb}l|4HG9<
z9T7H_gF$kujX(Et6$|FxX}nu~<L37LOa|drz)R%e_r4RaRCNGG>Hcyxa|N=Ds@596
z$92ZPu;2HC;abH}^}3nCFUqe+T~B08mUSu{m}v)HAJ*3(xzd<YWgdH475@iz{By~_
zrlz&qdu@xIYNYm4np$QLp0~1phTO6upiqEf$1fDPVO7fV@V^ILnvTw5>r9Daq>@ur
zbv_Hhn>P?`u<{6Uy4&igAYfWb{!@iXqK1O7V81W&OatT1d0w2?#=B9V%@J(&^u0h4
zmt%~^<V%Lp!yuCwW$N!=Xk}x_2jb_>X=`vdRNj)H&nUr0Mn3HFMs0SlBsR%Rt~*0J
zR%OdO@snw^)=hi`sFKx1+QY)DZjjegJPc!`@SGt(!0a~AhL{<_in9dIf}2|R1zQvT
z^4!AFp*}c*O;13MgO7I5aoIx+<S&If0iW)aP3#FoWo*pI{1TJKv3+n;Pq{nO=4K9T
zpG+?Zt+r$RCEAtI^5k_Vuje-gHf<G+dzvWuPF-Xc^?)|;&EHT4{58h&k?R=_5O(ox
z-ze99wa1LI(xc4gF;f{j9m+^E<O=EF+srEar%c+I3jOOLJ}P?3#TC}oEYJD@Yg>mC
zrwe{bOVS-hjjzHPPq5mP5##>s7G(VbtP5>l^Wat8X~jHGT-2!lYk=oIBQw>T`#$>5
z%&afj(KD2@qlxbzYbB)Y>YHBWg7=W98g^Emy&X$K-KB_j|JJYu_TxfkI?4AFSqGY+
zD?%5ue=2G#*ZseIe!|e%`-#nOX>^KTl~CKF^E(rJm=>L{V!Y;<W1iWmVw5vO+ZwyM
zEt0MfPOfd^{y5q83vmDNxw}sUB|rRFUv7|)k5-O@*7SQL=VPt`-{-p(Zjaq3jC|Za
zH3KN_48JJLc+83@5>D^4#HhBJMU5i*hgPQ*vP(sa`wk^k-k;Mcw3Kb&bGxcVgDYt)
zUgwxF6Sdk^-P}&_2h12WV?&iTEU1$McG?7)SvS$w5iRDp-aRDU#q3yL<f8vu?`pC_
z+GGXvJ}q4_yrGSJMcb3eK0(K)b-Rh4T7k=_RU%vR)I@XuB47jj)2``G07w)0!y8Uk
zITT6P)O^@kCi)<Tr!#sjQ)@Kif$1N|Pdp{KQ7a(=*8X(YrIs&9tL=7ky7vUMj6(lT
zHA=);ml^y9bWj_1xf}0=jxzpT8N}9g@f93&Hp8K-#qY#=OrJkZ%Z#39VnCFUDO-l9
z9f#jYeZAzZ)D4dsPZg~_3$HyvXhkqG3P+i2i^&zM@WQ9Z!Ds@Kq%Ui2P@GC#EO=X(
zHWlTmq54%nTev(z{JZ`Ry7N;AGT<pUsgvxt{=}`8m6y1B>j-10OfCi7JMEK=_3y~k
z<V``8Wlyu#!VAHT4zA$ikLIVoTmF^Bsik6vGiUVtUnu1Slevr&ZS?U{2;udoMiJ$;
zJ_SLvq8JbQuQ0*dgaO$?(M?*<8VX?j|Hw<`i!xXO0PhP1^DXYk+x5d##WFLS_0(&E
zMenTJ1@jQ3wHA`dl{j@@X}LqYCpPb(><GP*2#J*)`B~7_b%TGWyW!#V2kXSt%iTl}
zFq33qz=yh?J;F1}odMY45n~!m<udbN-h~}hGvCRG&Ut{Ku)dEJrF;mASqh6izRR!`
zvtiDgvIS2{-Zi?YZL#%Pdtqez6n#DEfcr?Nu%KDJJ=q+7Il%Udr;S?{F)_2Mc}%gk
zI?+=&<8qXygJ|S|XGc~1yVc>zd%j6iv2)_s&R2jb#Uri00uKrqxKdrO(yHwky+uW}
zEci=A*1pqTa~p5Tcl`8Goa}-AeUNoOB8tA&*?QnEesa11)1vy0U~H-a66ptuK#*p~
zsFUU{OJR9`UM0v6F)jgLUMK*egHN7?z&j`NQ-GjlyY8&i2<&%f^39rQY7N<KE#kWT
zS(CoFR1vbktbGz<O1{%|h!5o~E5+&FvBcjlJ8cNR;o=qLzn(CM2CJU1F|<g`hC35+
z!D;Yef8NC<_Oud~ym%yakHLf$NmtaHMTmSbxJlixA+Zvh^_#UP60zaELko>G67s|8
zt%XLdK8>o;+8T?BCp738ay8NMaxq;Ed~ZP%KP2nHXQ?n(ZPu-lmbPg(>gw-%PiDR6
z;_xYmiwi&oH1#33Gio(cB_OG}b$$$4mdYgjML?gkquqbonm)s^Nj`r=t`wPP+rs`o
za@iMG0)lzJ-rFoJLYB*$n%>-!c)rxD$9_7NxIn`jnS!9zF?G<J)b)8o`AC6_>x1Hq
zZAT0y@nS+%%)%LZkxN%z$q($X5Ywx&wQG;UYrn2e&xp(Z3^xDQhyOlAOnU`5Zu&^}
z5;dEq-VZl>4Yek!Q5R_m5`m1I^7ZeA^15i0gUQAJhQJQ~p%(uWSBop!G5;wNCSdbo
zX)rg@N8%q7{<QbI{{4T@e<t8uap}c>Qj?yaWf*SzzqNT15`mA!Lqm4Vmi6RMcP5S@
zf$P8I7^Br@$IKE!XyRdWQ4MC|hhOhmnrI%z!NOq;ZuLPoZrrGniy>VS8)9I@`temn
zh8+@@j`b%$Ox!9V@#Z2FeQznX<&Fp>p_zDle~fh-Qf><0_~&k2|K81VO%}G%F5#;D
zhc11|J@QOJTrC)LWa+KA&(CRul%Lx_q~*V6|3f&=>1^Pmr<~4;n`Hj!w$KTX>#zI6
z^oBI#id&z50f=h~OrpoNHU-B0L&^R-nzFO4Scd+Q18@|d^1(FJ)y;8d*2==tTYCHa
zSgm<WMk%$_x<WNLtSn=bgo){u_4}J7a%y#dz<LwhIw`CKTxeXzpHj{o92j?dcmPgm
zF#-`gGCxetT0Aqy*$niv%7<>Wn(BxTt`RxQhxO*u1pu8XI(bf`y}-+HQXh@R^r6}C
z<Yv|;rLT{-Nw0pE)@tyoOpl!HNuN%rHEkiUE8ZH8-G)L;-e%MH8y%ooY4yiCn2kq9
zx5V94W%KGt9k1gTNlKs)nuUDHTwiX&!gnUTBg?l*=uG#~Gue>zFbttP7w&BH^=UIg
zE(~j3C9bI0ubsgP>a+oGCH>8~fkR48*@d}<7lAj=7ID?RbOQaK8k$M}tllO;u`g^i
zt5Sroz<96u`WJBLR0zGrchF-J5=WYZ0zP<Qs7UIBHUv6v$-OS2Shly+pow|T109xP
zj0~;J9$l_W$c(6Zwo~6qO$p|PH5QoxII`g#j<(H$#8YXAZ0p9lY0`zLrqv)^punnm
zUf-b<=LTltt@CWG2ENG^$f>;^-tBuKr@djJxI_m!+tZ*YKe?-8b)Gnp$tlpBq;rfy
zON3C@mzdK*zHck?#@Kx9PU1I>puxO8d^tBN&Ff*6wb4plHgZ+f<6Ll>kD&6}x#?SG
zDnsxRFQYG%6-iA5K`CKoZn{b230XG_WyWF~+smfEypMC{g9rT=*mvTy)mtxn6^<7(
z;y-4Fgz)crq#0Z#3zj2sJf=-E9pDlLi_0F}XfkyAdDm0Bc8uNmc;0}S1m3?g|IJrg
zqNa%OAo175;!Y;s>5&Z$reaS=7<7^{|4d<su2*NmaCM(?#?AAr3#kNX;?_^Zm9}C^
zFdP~EEM>`{Sguc4t{kxp;{E>ZMrjU5%OE10wSd1p;(1Ai5RFmM8YG06*GFf_Y=9dR
zfx)f%S=x7N1mp`m13-9#bsW0cy45|$^sL_L5+`gzWZu-o?S1?9`E|TL928_Yc#Ro4
zCaSm@4z$aQRcSuVxLnqSN4{<4e;FJ6eh@tHj6CkOoFao<LtQxC<g7*yENfj+IQ5dV
zZ>~o>6q69Z?yCB<MH8<{7k+dKX|e`R^gjO(#)e1ryRzpGy5H_q2f##m6ozHM{_3Ss
zFavAOU!A2MRL2#D)cm|Am|cEm%q|{YK#QD_wZ>Q;XgS6cMpiVdo~&P80xPV(e<+$F
zq&B3HdxV|rj11*r)|5&@be)7r#=>vz^=!&;Q{Van(l$a|wQ^vuEbStS2~`l+45e6$
zC-F$m*H{O)6nE^q`hx8FSF7aS@P(Cg0`Ccav$g%gO!$J?!R9=PrW$8Gd8MiCv0MYR
zrbP%2dbVb+$c)|oJvO%U1MRkza4IiqRn6D+SaQ=mt>oAiTU_6OzRyZtc#+P=QPO~#
zLoi>%ma@-k{dLB{Tt{S7g}Yg3Q~5?OB%~nn2xt5TfOJjvOH?*Aeir$4r_wOTV^^7H
zJxDapFgn@1ra;ua7;(!bF1QNOc%)rvi$sWz(z^0@JAR?0L(p9ZC*d{xL*vZasxsru
zX+H|>g7`$nDr-tv%H*cBWJ&e_d^Yz3VJLBlmrGa%+<T=u0{j*>ys>;^7c=V@-Guuw
zK>0hlCJC|NO_5^`+r;)YU#OwJ&*RrDCx~{=YhbwQw0VkI3kE}47;~IVdz#EiTS8CO
zSQ&F1Bjb-Ml|^1zC)$n+9iob;x54X@CHw04k`ml>Np5`^$bmBLIK#2}uC((kN5PC$
zxN*B4lY;^-bWLGIZy}N>cLP^e1Hu^k+WH(nXqFCt+2KqdnG3zoJOi9Y_^t{M6QaY=
zYQo@)@4W(s5Sz=6Y+TFp8o#Zxh&$s5y6TCjkj>Ad)Gy0;M0(D_C|FCqt9O{&lBGLG
zh=QyHd}C;1Ih%cOxP*E;D?BhlWha6EL16p~DOv!yYeNLDddA2ZHV6Dr0#9$!+a;Jy
zd{8G5d@tdes02dV_$ZlINDwT^>I};pG({D3{r$m#wm{i-&>4v)0%YTq^YRj@TEr&m
zHnMxsxggIcl=EfofxumMq(<7QZupS{t>q-Bvzd&(sp<Az!Q1zSrCe+1e9()1SyP*>
zH?Jr9iT8}6C!Ny{rFXyy>o1|bBV_U11{*6e$va_@^}vdgXiZ@s9iBKtH>%gtgu-Wm
z^P>Lhw7yw4-%|x3E#K@ZqW$mu(6Uj%lQq7gHav6PnAYoS*L5E-?n!yRIpzZC9P_PF
z?J2iL3eU*E!^tPB1X^8Q12zVR_qE@`*DDr9^*6;m1oka5?eS!e*V32Wv!3&gy{pEC
zmejO$n`>q1Sq;wUF-QP?1spngn@Y1E2|vkXEo+m3)3b;A=!L#%>%e134j7N`&*pxn
zvMxzVnAn9Z!j4NIG!;rIw{op!Gd|Bd&6UVymOg1&Re(=-0RwD)<c{A8#Is)+@T=|$
z%E<TNd=xmOw-lNm7(V~9(uIfP#<n1n0)(L=G$%9aZE%m#D99GiMUy>JJ#tixyp)Ht
zFy@XzZ@F>82BGCTd4w)s)=HWiVAL<X@&#dj;@N}0Aa3jAo<V&Irn&r3N$IC+KQD4J
z5y5R&o7QWqli$O0pRprsbioG}K3IIH4Hv#cu;Mk?oj<Ib#zd$c<PB4m0>lIbQFq2@
zhDy0p=Jiq+fmOdu9YA>}um5dF{}eoX6_ZK!Bl%TJzVKf`Y}V{S<_#PTIxEljbV|(Y
z+c23fbT0%38D5&M?gi_*f#w7s!cajkKTk^YY#MqHS`9vf{+zW8Futr>&AqHS8~Cx$
z{Y{`1zo}zR34kQ;mpA+y#Bsa(oWc8gB6Y5u+c!+sQpCt5E)Jlc9-KFnZpBJh-B?|2
z)aUU=)fVPpZl&BIh@W|8Lm$vH__8v{065{)e7a|zHvf0CRijfa5}ze^x1U_){n;To
z9GI_Zol@Xf!i4qnuB<h+X2==NRX4Am0R#vDg09n9U;$hC`P1?ew&HrXt$^nO&Y@X)
z`(CKg9?eFz{?;=PU7<&PTq{z|G;r5Owi*W%GCBI9!O*C=T6_3}yENI77=r`XJm`v`
zX`dzNLMg}TOmDegNlTU<_q2c(Y<SHEJ=Z;6)bZZH`xz9j7|D;^@9QlIOl4z8p4y&v
z2g+~t#^L^8o|CjiZq2>f(}G#_(&_REeBa=R#!GgOP<wShj1L-cfiU`)xD(<+NhPN8
z_v&W*aD5d*SFmwr7OF2foSyqzmZtPd*L!h43D7e(SRtJ(VC>BDOvk<|hmU6+{aClb
zC*cM!mldtw#Hl({(ZK{_=Lv0HjSW-GrVq#<H?%L+*iEjy)uK;j<Mo-dTyK!dF`O5i
zT+?bA{|(t8yz_0&Je>nDV_;t1-W}9E9rY=}Y&gK~X{uXE{EW{rf8N5uUNMBsQ8!ow
z?2Xy2N%c)$PJchtsbqO&IJVDk4W~ta;E}Z;JUhYrTy=%&>6~i=TCVUMZFLN%!t0mL
zOypZ#J$T&=J*;Js9e!ZZ(A>fkVb_d4v#ZArkrye?s}nYKtahNw8y$sxTEO;f4;qNp
z6P~wjTWM<1io3ZV-FjITU*!R|5{my1Q&V*Ppfd=NE%1IZUiPJK+Gfy3l&hyvdOpRt
zYyw+4kgS#=`T7>c5F2%~ZztYKOQnuexg?7!*KG1msTJe_l3VAP1cOor5XawNc1}Zo
z<%y84XR|OjpWZZZYAlpySfVd7up=~wdii_+1*7f&A2|+UK|m#=h@0Yb>QE@9aeFIy
zn5MEnqcmL0e>HxFV!zPhh(<Kt(94K35=U%bcOjII`?1tGZ_5xZP&Ah6Qvfbb<&j_E
zHtr=a^+e@Y=K-Os?7I^Ur;W~f6eaow4R(`S3T*JDg^NDCgoS}I<-v8?`<3<hFn*YT
zbmdKHq)OD?)Wgr|`NqqewI_!2;tUV<{#NwRt1eva!nw}i)N!1gB~Q3Lz}H73tjD)r
z+0B2FnFR_OYmvN*-MB?}Rd=mjK;?2m4MXPC4cHcVl7?D#Sxad6LdLFmhr@YTqPBxV
z%}JIHTj$c3&!^*!*qQzELA79ZtUgKKhF>5QcBv*)m<(`jB)fJ2;vr>`YLrj8NVep;
z)0ur*sjT^k*7E99{4Mc{XyJ6FHxUJ=rQB6Ww3RJ3P58ak;KCKAp4DZ92Uj?4<xpBn
zYOcGC1sc1-+Yub$PiP;75B&<ynCMfbqu}t`pI=UF%IRM4<6du8aZ~3LM+HY;6kTNu
zMI){vcdkDu9~KF@iDk?ygXvV5Ep`z>;aNhLkO<hFh~Z*Q*I@VywmR9)ju|l^5Z*I3
zyfDv?m3OQ!ZtY`GL^wyMw7%;1*ddft7~LNV@_}dT3*3~3>0kA_T5ES~ol+))#uG0$
zcSQDyfnG9beGT;M9)w60-52OXpJ4`$9+!~l#k2#=Ht+rr`q-f}VO}o$>>e{BvXt6m
zKKx>7tz1pHDnqpx{^R_viVXJ$gX!dStkEDC+h`?|g(x3n>j}z#7<Q#!xMnKJCDM=!
z8&PGPoUs(s)6Loari5!DqcJ}&yd$&_gm=9IzXZu>lnbc?8~UxSF4kG)Ob@TtvMc_~
z4ZkMDMuz^4U5md|lSdgoaI;s4hy?6~&qXL9NN*&ILKZR&3Qt=NDDtIh&LWcokq%2?
z*hkDz_Ti9@2YlS^&R*(Za(y}3qSnlt7cC!MtPQ}3U|macm+eGm_{^n@Mw&iKbc~jI
zwGXh8&#(BR?LhXN$8lGO8qwj$<O@N0%x$D|?x3y**&m}f9uCz-T#gPoz5B+CpK{QK
zpL5uBCy$`yU%C_PacYbs9ZP0Ra<!vym`n%(OI)p-zB4gxv<r%843swB-K@8J{d|k+
zZn*j*AA3`_6aM6$u452<u@gvlK2S-Y9Sm3<4BHQHY?V8hF^^t|qk{&3LIk$eaOybQ
zXywCF)8c*jGKpdRX+cDqzr=DcUn#r+&4B9^k-vr;SRKVRfo`3u&>fv8Pv%%`Y2M#r
zEM#ZfDFu)*=L^lhF?-00pg1=*#IjqH!Q#~Tk16Y9tS$>*x-lav#9=riFG%dkGzk@n
z5L+ddvVWX%m~mz-@OWi}E*jJrp3LkF78Mp|W*idyFgxf%ed10M^v#T>HXJ)c<rbph
zTKa2(`7g^&r`39u%q`*QF%dUuUYa=WDzMG1cVx|sy8;T$7F7Z=OZ>HaB*`H5xMTGf
zFt2+$c_DKBZ%x$Q<lor7?}SNVOLnDkjt%~2NkGSqb#dn8qQuev6ND8?<#n!`_E42(
zc+f4bsR~)kCw7I$#e1nB?~4Ecei&f2-}LQ#Gi`)uC3n63nl+L8isWa*Wa-j*W2^N0
zto<i9bsDGOl8M!!u$n-lRS$i)7t^oX+O+J;jn&{CN;|X-OhG#)%zgQ{NV(8!;Ffha
z*iH76@dfgq_v(mf*R!H3rAf|%=Am!gCf=%OHY+M%VCOF4E8g_y(^-P_zJRqJ!v#kD
zbrs~Vt!KB(R;X-VXIm<1@t1q?lXiaefLPrllreATz{;hEC8qk;fC-lYIU7iD*B&cI
zn4tH{)2QscJ-+%bQ&9-^4UY*biap6^uMKGO+JDkYV^=giI5W5VkBz6qErszsq8L6|
zH0jG(;ni{|7=vKDt@+gh)U(=*&#ZT2r%S2$$yXc#ecKq}xx7(JuvONA@kXj=OE|_F
z!MX&WW?^j3hTqL&5B+!n4e|Y&L5jkc3rPcI4a+pwzz?@3_3=OAZcUQQYUWA;UhKGm
z)>qfDJ&1rupsBuB6!X8KLgf$}Y0AQ-t?VdT->Ft!^e+B=U;z!NitWB8F}Gmw3-GRT
z=I8_?`XYUn^%&i2PMcWVcraUQ=peuLK<KQZuXk>MX|eGWjtt1*8P@~Dc6d*?ULAK)
z4{eb<#6o<0*j8gvI-ch$stKjqHs8Y3;<4`0xo29|GzJIQ=SQ&usvYGH{9Rw#ft{0^
zBw{+|E5wY%-!=CuijkNqD{bp2>!(0a#)J4QWk6H2X|4>{!hz(SI$!lWM0ggwz-oeL
z`*RjT1V5I^t4J`@aaq=v{<-qp<Exd5ONB$FC&wBVqtna2?7vm=^P_OtHW{$0BHF{T
zFE^9DI?;_>dSzri7VcNF4&%*R3I9IOpCs7odVOuzv%(3gpUw*IjD495jwZ7`vsg>`
zpf(K8*TSu>Ds?G6w1kn|3tyFc(1%ir`dalq2iUkUZ#cMR-6p)bq`9}{EFmkj)>0{*
z0)q^^{Mgo<7bVmK*7K7W(%<HqSKhS&;7iBpWx7i6n~CGAF-!2P1}t7lNUov&;DIuJ
z-ujDBo2(GZ?p=p}+7!+oug;<X7pBy3b8$qS(usZ9sf#{$lw!A!9=(optW&S58(spI
zj1v^^-c250FJjL@9T$+atkXC+ezpghpB_-ov0uq7@fNji%moRw^Sg!)%d0H61{Gj4
z<(e<JYCPY$rZfl>1xo?|??dOa_8Y7%DGS(bn?1(4fIxLZ|A}RT>sw;Zd}yCM=2BP6
z&-3W6qnQ^zg<p^z@E2$C!nF#!R|azcr5(+qMe!}Sf;YNRWTjQbmuqj#O*W&)_><2Y
zs%?iI`Gl^f+TftSqO7}aKC5-B?K8rbWn}lGbsP@A=a-0n?F4^Yb*uG2A~`PL4hx;$
zAWt!#)NwRx74KF>Pct?xV$*^60pWhp7#EZ)MRi}&@tV<hElE{wal}V`R!Y1R!aL4C
z>c+qU2i`G+*mGtz>;zctcVz^z=C<#A2?9Q$hBm7&Sv;!dyl>d7^D*e<wL<W_>OF#c
zFUCsW(Z7)lL$K9v*TTjz)HTH8@DTo9!Ou(880}<z|0nMcchC8YvD5_4O&aHubsrMI
zfCN>mBxM_Up*r-_<Nt{%G0u92vN`a)feLQZog!<#uR~v;w9!`mCV{f%`g_Bll*-T&
z_8H%EvNmTnvQv_U&fiIX435Vht0pDGS?Oe(t~W}CFb<w=C+d4##{F^v@9MQ{b!g}{
z%k50WxhdEEqe>h=$@=@&q8Y8>?No5W60yS#Uyh}2ymWXSGO+@rzIIEHqOK)`x+gBQ
zeHde-bXT(=U;Izg)*Zr3x^*OL0;ryh3Azn`HKJ9@ba(;j)LFDVLlkYinh6;Q&GVry
zW=l_BPfigz<xYeIYzV7gXE#+mcp6;RevAJ}7bUuG+U{T&0uh!)QG(>O=6Y)rzs>sy
zwGF=8Z&N@%!k`9dJJ_r@r`*kInUz%f)Jc!mPu;bT8rzN^P*nI)y2qOM4m%N<vC%A?
zJyt(Ycte9@{rMy~AyWV0M*_d2uXdq6b=2+@Xb1S(L5Zfc1bE_Vi=#M?;1P=9chJ4C
zTIO;z-|X*NQL}5tqU@t;osRO4s~-{2LT2;JP+6$WTKu5Pv5*AT(Y&$C#`j1I;oK*Z
z$$R$;pfKAGOFnCHR3!Aj9<RZI_chj{ieIxP6dnsf1EpAJWVlfQXuRIjjM!SNg~~D#
zyy6wtLXs0j?jm%k%?NA7g6+TsYlw-Q2C-3FkDv}PtBYy+>#m{)<<{CteZ~)J2|`OP
zw(-{xPeW&cHSaZ{_2(JJ#-}X(6lrAf3@5g4hvvpc(G9dv2~IQAM_t&kw`vHAb!)%f
zf^omU#0j6nyf*JzCxq+3e;yai4%>{`30mTOqkf#Ssv+qLx~Q%e9v{(X@V07hpckhO
zAUq2(HuZIPc&+l~c53d0yI$CPUBqF9Jkhm_Gu`Q!w=}I9LrG(OZdfn2{@jWb3ds*=
zOz#_S9qrWCofg&)vufNYSVZZpU_Eo~MYaCT;u^fYtnKa76Mp*+9B9&Kn3+z}3F}?n
zVZCBrg)saVOJ0Y0@V)Xo+pPI)<oJb4g)(R#JUX2lYYxI+)pZo6r@#MIn;D+Mx?*M+
z)YYG_2+meXwh-WpMC-ll2Dcz|;bGr^wHih6`uq(bo8{_<Q_qSJYBmMd;gtqw!-_Ff
zR?^Ep;4L!{(!>cZIGi;EshIGOWO^2YyFRO}hV>DX_@AOQ|DxBQ{5;nk(z}gRX%K)*
z_k0k4=9RWcyC9sR`<?fHG4|f!aJ66Cup~+lBoTy!R1t%yqj!mjC{ackJ&ZO=qW6{}
zks!(pMkhv0K^R0Q61@+j6A^Xv8vWan`+nZ%`M%%x9Pj?m!Hiw5eXX_5^IYc&hO71s
z8=6mC)+!FuGB<6QUGRR_i{CLLAFk&z_f_ujcJ3Z5s+m>qIUCdHmL14y9UG?|vG2jw
z2Jl;b3!(6ta7yQkYn?=T&z{2Z<t>|>`a?0B*Ljad^>PDuYCXyiDV$1OirW?xW=XRq
zdwJ4)Q(8;gTTHB5DB-H`AU{PzO+tR#yx~HbCa$k<1ACm4+>1w`f-ZJl&3BOMob5;&
zsCnuwc5SnUt9B1pXBS&;-c`A0#aEkK6C|v8`_$a9^rl>|XijG|^Iq^{(X3#}wq=8&
zZSyhLV996_SYj4B0nw0nKkm)q&g5RhMOUk{AZ14HDx4ljnkB=Q?SPdEK4^z;u7CKz
zl=S-TdimIK@^SWr(GD2h*ne(kV^M}k^jw(j*r{grJQ675^?~<W#EG_Rs~ut1*P%Jn
zHp7QZ$$`o74hV9=bWzb3;vJ7M0CZ<ejTBnFKx?I<o;Y@9=sXOLqP(vAjt1NQ0$rbQ
zkC>0i-5haEg-dMx@UYyE+AQy>5Lz)Gd$QtwcjJdUR-7M|*%KJ;(3ZV3m*&sa|1SL~
zY@O@(+j~W`Qf7w7R;lZqa>jDz$HfLn`5c!CXaVHd^R--m!R)35+-#gOwQu8%dB7&q
z@NZS7B-K5w)S&267o(5t+4~EF$cK36(d>s72ZWjrJ0U?ooo?531w3SO*~`%i{;a=)
z3sBwnzYTB9Vi@*&sHzOUyk|F>XC^3{QALjzskJGs)$KZjfAD<I)lFZCeC07Sa!GSs
zJA;bfqDFR^;dN7Gk9{!5s=35uli%XxisRQuz5XP4;bvYid`5-5Rb0q8)wwrZ=CS?I
zgwX02Iqu#CavqQjB$ow~+-qeeR-ajK9w^M^vp0DB>>1daMMPs3ZsoT0^bE*lV;E}t
z%Q_DU<9@a|hiS&1Va7o(Floj=sJWp}y4(prl0b)t<FaOw!+sV)E1s3ab!(nfw0rHA
ziSzF!J}9y~dHC71>Ffb&mpsuyJKrVrt%ql8^_nK3y0(U8%OP=k)VN|e>Z1Io{l%!X
z1)|>U!Lt|UK6OLk%+XcOOAX|`!h}jDNSD1*7|nX0s{koBk5pB{G&h`%tW+pc`*uBW
ztJbA&po=q0`*>vOV9Zo^Hpomuel^T%Y(B8Y2X>g>DTfc=9+@2tsEO>82&%j<RTEVI
z)J$|HbE05i+IS$xbE)R{r=!BP$TvYb9PJg1L0^t|1yC`#xTvKbQNG7peYLe&`)PbV
z63Wnd&X1eMZ1$@P>7@#B%jL5U)xw*~({cw{Tn7fl;1GHWPF*1Q`>jtZ45#~k4pMs>
zC<#YyOyX!(OqSY{pNFRvFUNJtm4^qWZvrxE(!7GNDY?Nlo<ExnSGK>SAwQqEZIm83
zleWOOBbOW7&6Gs_?qHM)PsZ(|7-|oZorjwyq}ik`<1KrH*5w_6LoXEs@F0#Z_j>NJ
z)jAHGQ}EmLfN9Yk_1cck=6;&h;hS*gI1jXqW#s2;b;<8LDd&}nuemmC&HwI-p?LYY
zX#B~-sFm0W-0sz`3_%O@J{COaKAgT9LV7yhs39G6@Fg`W>1axR_x}F&60tev)>t_O
z;mX5-g%O^P?!$+<3;DtF*~d;_nSPw2`23e}{bE+>mFK^+ywH;!4rti>@Fo)b1&=78
z=6rwrPFAn>kg_bAmwVU39&f=;pLCA^huI1FO3|(CWxp0*&*7I=Ac)b^>VKJTFlXQ8
zA+R?#I;bi0mv+u*yME$t168xgNeQgjj2K|+&mP{^QApk2y0TSAe`T|Qbw!rp@3(TE
z3Ir(G)wyVZkG_5p$j~V$-ez}!GMsh(JL&vCylc+=ak}~YaRNKQU3cF%S>f&5J6wKK
zx{wC{+DJb@ezo-qbk3H<=aJgsN|qa#OT#a}`TpL*JraQ{5}&orUTz}!b9nFr1n|RB
z3o`xK{yCZNm9B0}76o77%b(HIO9d<Dt^8B9<)0~6RNB1)U}xLyT3IVNwSSB^t20!)
z=9S@2PT(fcbrf=kL+FY0>T8*z;99Xki5ky$+uD~4J||rI^dnZu#r8_kwIkDP&waeI
zU+H+Zj3*vgl3XlWgIWH=>yzs7G@8I}m@T4|b=o=UiT#A#VBWK^(o4Tj>yrdpkVS>p
z^@dnw6zs7Y$WkZggJ?%;?XqQI4fg#0+2fjfB8oG!l@cPnGjb`%HQyy<KUI(JoY4B5
zXMsCppQSX#V}Hy#JNfMhZ}O40ehqK34gdOEX<LP9pRIKJ#rv&#i_80tB2>Zk{?Y9l
zm!o$*^LN_JR}$(>R@Q>3oPsVa?)MiaEmMEYI=bl7%?&C<R@;WjxD3?>*UBqcRmnMR
zb6<AY_#GU%=u&oJ{{nA7HOZ$Qy0pKay6iJovABeqvPVoD408Z1oI5G7XF?&^+5Sgk
z1zWjo#ao$jZ^joz@!Y|y_E^tjq58d9>*L=|71t6AA6Pxdt8#o)T6_BF47KCxM499c
zmwe_9_t8G`K}CNs6R~c;#=nZga&37MxYQ7>D1f^c>(5w26;8-@4;J7}s2#p?lfHnR
zjz_LdTQyIVsV%>FJ70tp?YgNPR4-GHYD((=#dfvXZDZy0%on0djcZ-q;Y`!_-XpxU
z<>BY4$1_Tub*H@QoVrW44lWMPGQg=wPoKXpiy-3)o>f$uW#8Dp0Qv2QU;8@Gao}5g
z0OoMT!^aeN5(ZzLDfu2~U+j9U2rq{(S^@7$P|~$;=c3%=gqtg*hG+MmxBsRERA$&i
za+$p)dgB&H^v=|^W2ToJP7_d;!O#o=l;yJM=;EjLXn&l4w5M%Q!HoX5z!r*$z&7Q>
z?qH@V{z?0~LtT}XKUd!Q^5n{sXw{PH`mRU|*@rbIKi?2~N;Yu*+|&>t|G0A_TxlI7
zvJ00;y59M+OGYJgcgCu7c1d={s^bVxBesg-&oxdtbmRJE>J~|z?;ezw+&q<X>I~Wc
z@<rS!NTFAHvYkU+(0w-R>U+icfpGf8`GHHg{)w@0=nMST#&2q%^Gi_n?zC|F+6^V#
zS`w--r@cZ{sN;|!J};ijW=#7qFrCCIxpQW}ibLCE<@xdj+^_F(Ki!f~i79+APEf;h
zmx%+OMxI`EAX4C?YK~{Meck?&z%$JdJ+a5?s5^SFDo0*KX@;(Onus;C*+(?Vw(t7?
zNcehZb^6?^na3t&2V<SZaCe7yt&E8@(r3hkgq&tLK0c;Pu{g|s{9``Scnn&m$+^!~
zZ3P>z4NCoW)LQn;PmSi{g{Mmo#opq)S3NAQu?^hz;s=BrGQvS&^2a+eD#?Tqzi2uV
zqppEk#|`rM_k-=3G=ZW!FOTki@4LD)#zg7p8(j-@CQjTm+PVJXAW#R`GdzPO6z;k;
znccbmi?Z>e^@O*vgqW*wLx-ou#r>c>tDR@SRVmt?xN)Hxe$#Rgy7Go>t_VFTYMhcN
zm=%@RBkm*zF{W4$srURif+NQ^(|6jeh&JyxoNPWcGL04-o=NpHt+(26YFwJaSUNwg
z7nvxfFV%Qr)F#t;1|gHW^bmWB<t8cU{sqr!ueb=UU?$f=rnpfHA(OXu08#8AhHjaF
zgPXB2Hod7cWgs2Yq-cNCk;`(<=ySu2V{OAlGzH$-Or|+66jrKN_<)%%8@w}1*|@y9
zb&aLo5KczP?7;WH3HDBe{fod_G&n9SMh-q56$Jn00{Z_b=I+NX@GlEdc&N=d|5XLe
z4}P{jQAH74C*&iqO7*4!EpHj{Nv^zGLLE1Gx}#ZvqUU*~*OKneGJxAZWa8%L&I4pZ
z+ZJ&Y1X)1q1bitVOWH0l%rsFUb5vs3LxIRc5pv?OB^v|=n&i&E1sF(*kZ(Ycus8YZ
z(RK0}Kn(CdoYnrfj>67V8S<zV#oULg&W38nZ<<Y$cT#<RzFocwe2p2?-#|nr;gc)8
zSMs^!{O<Ddws1)VYo6|2kHrbz1LQ^?_DA7DcQ|Fd+Jnv)|GzF2XluWIa)CFEs0cSu
zrvQ=D-{b%K{Qf^N?%!|tr#<uUkN;b1<s(e-mj;UN8%brtaZ%S4Tyg<v$$Xr)d{0f_
zzL?uDHSc@C4a|S#e>-Die@iN7`8<V(i^5>q6k|!s|4(*s68|~5n4SXv`zDY_cm&-s
z>gQm3b}B=lgyhdz55(-AbJzbpPYOUsb@I@FG@zya1x<-n19jvTiB7GC*9^q=B+-(m
z-|4(h7EcD*A<h!g9~j)X+z%fU{_}~8ViGOt)5~g2Mcyms0!D?3S0r5e7W%Oz&LiR{
zS~Ej4PXvgMZ|Mgj>7<!+&JhYWg6z8?4tJW#1tSgDs)L(3#$9KP%a))qqFT(2cJK#-
z)w|;?Lk35Y!*fw5>MQ^WKt1JA1B1rYTS%+-`MOeBvrOGJk1sO6%hnJl-oZ#NxCyv+
zrbwaW11sq0=)^qco=6y?gsoq*3Yt67;DOR*Vdf;;F?)!m#+Hr-V2^4q*pW+e(>}uu
z@TuD@&Id;U-k4nV$H7IW2gpBto#zW(a`a<)rwxsGzjKrx<-cS0#55afnLNnJGAg!>
zY>eWB)1YPVblvV^kQmJvDz+ouzJ7A1DFzG%W**1YsDP%6mEwpzi08OK?UP1S_-I}}
zj^9kzvoh$Sd3CFub!c8Fi-uIFuLP!!%fjW@6P=8Ln&Sm{SYGP)xFO&E?OV(kYaZc8
zOjq1O7D@974sp^Z<Yz62<V@#&a}_QO$dA<!;FqA9^@Lj@*x*^gDA%LzEz&2Stg^H@
zaM^O@3ee(sZO>Yhxe6r$i;$TS+DP;bozaz-IPi<qZRj=~>3p!<r?HvyRyeH2wz^ZK
z=eGs3K?Ia2e0Q(nVA^RH8WSm~@>}>ZA*E)kKXC_z90P1dhARzLiWd<5aPaRe`X!sa
z{0K44SMQ1m<n3z@#c1XRv2qPAL?nJ>Q9p$nKJKrAIy>sQ&t+z>U8|Xph=LZ|I(7w9
z&sx;h!F9VSKf84A@p}hud)d9FDh6&JAXzL>1>JofrhmsC@?>$QDK-;E3gAw1XE}WC
z7a3s~sp|=lv>FkKWy-r$x(=4m*jR&(2x-^d(M!|02q_|_xI~0!z5W1L#411+x46^b
zd7XC{i`t;&^WCx{w#EZw&;&LEt&SjVRreZ-enw+-=h42J$+X)Q1@EMJ=B`}$md9(L
z1j~2hqrZ8E-|GkW0~z{iPoq42DBIzy%fV*&oEF$wuHuE8yb7)Uil!~T!=`0YUI(0W
zPsMAL8LTt-9Q!R1d77Te>GEEYpg1jA=MSlDR_mIe&WQf2Kb~}?$qjLq+Exp-?bWLK
z2Z%;}IdYV8Ki5;JPu5=8LQUNh`PTVtcEYCsX^`WXCh>f|A7!VRzgF;PNp>^dew<9!
zIM=G)hMSb-k>P^ZEM%#}RPp^WxGI>hEk5eKaVsPTb6OOQ{nVH0qFvm`hKlr`8n2p$
zLVhMAQ*xZ}@9i_6t&D%GwL{ghc00vB<gG3Ot#W)aF4J{*@SwL-F>0*U*2{pP_UJVd
z0;s)gAZpzMIF%v#5+RctN`l4tKT`s75d98G`>}=Gv%Fmj%gp{}_*|*B4=IM9MkAVc
zfP$cWqrja|R@%#XrW-+UEL?b56X-Es5M*_{#q?0Le6@72<CII4aJSRMODghcyZviN
zqrqy@6N|=ixtY%TzN&T9sg%4NNN>JefwbtKB_U1tRi(?q>vs$Re`gNV^oC)+b+~?^
zo6hwiKl)tRPiN<-!F{pNZ}Jt}=#7k|my}OZ>-s+7^mC|AKLHOL$DsS{KZ6?h)6KIi
zr*W3g_@vsRmW`zHQJzra7_71IX}y@AI6kh*ZR8G$Uflii@GmQ);y~M^H?~LbRgpJz
zgj+d4Rd4INZ7<CtWu|Vlq0m>z4(1o;>@_kLh&-D_$o#vps}yFBuo7nyzqEwTP$aB8
zFFwco30kO?!0(0H64l%RBbmRb_g6udE2{J_<I4ZEn$I=IBFcuuU`XcSD#KmV99%o2
z_!%R^I~LJK48L5(J3cngRAp^FfT5_)xo*2I4VRp3XEM}c;WjyF$QPD8M}po^t9oZQ
z&a}+Sau<a7)mg+RaOWH4$3;)0h91X@Xdo>z!f6MRBQU1!dMU#u+hlx&8X`$6gXd$5
z3cMCXd;!i`9M%g(GX`=%UJp7((Cf!8=L>2XTZ@L~UBb8LGgjsDw-t^z(WxZ6^IJf&
zMwKm=o@BfjG`Vv4kew1kL71{ce0OGic31(DXuvWcFjgulYmr^wu*Q(+7GjD#9=R`_
zH~d9b)x!AXF@{97Y+4}D2l0a?xr;RI%g-7T!;e^6EiRQ*+^<_4DlW0@Kz)$Mpf!@7
z&icDlE{RuO<6|B?jncdR#`?6LL!MX2E#G+NX4<6!5OPy7rO81=u#F-1cALH`UHK88
z*B#T5+;Ptb);s0X*lI*dt}+>HPcs#u$%QPy=zC=v>VdrU!XrT{FD;i^;}66T&R#Fn
z)>=8<naJRUWPduNt}*nz<{QAY-t@&spXO|7G+ZV&jL?q>(*W6w>OP}^@!|}{n3eV1
zqKTLwc+g`))G?p~RJl#Ukik#K80u}Qf?Wfx&Ms{L*%FWr^}zV`l4=+98<i`4>n@cg
z;jh9ZDr_N*MIzHk8*0>IM8DX;NsP2<xd?>J>mSP%hz}7hq9qulpaqxC2%Wu%#2Y<x
zNS>*L+fxbOGIz7~>sle4vTG<>{(-CmI>@hF%KV*6#N`~e`)}<<gwp&-{g*>gI(HJ|
z@VIlLHG1HqVZ9qD?75?1MBBxJ9MW}msF8kN*iR0bFXrrL3r}&rqgAU8^l`mz`5=QX
zgr{ZiI^I3}REEkrN>%a?M!_kA*8U$L1rXX;mt%$n^<K0BUPg6}i-VuNo;j}nYVi`_
zI}NdaW09_hx#raMyy@q26tb;ANQtE&Nu8)2o9CQ}Em92m{)@$4e^8cm4r*&Fba<QP
zy>5x2d-Dv=-!9WNO#_Y}7g5#x906aCpN;<6S9vek_-l9|Oe9b_XHh@1k_jzXk%Ay8
zdgY0m$XGS9EotaYe|oj;^F}qHKDD2fZ{m$1$%qWRKbLjPivv2fjQz89a(YT>Jg(kR
z+uDw)=I9M}st(0`n;@fX2lCAp#;Ys+Hs`Ep3MxIxtY>Y`*!wQkocQz#)E|Tmi4}{w
zj7rKdToKn0wd*|RfC93X4DQiq4GezULv|1o6ZkP0oUg$Z3L;!3R+&{?ntR+Lq-g{V
zzPX2`6L(0kp?MOf#6#59^}8R*Wj7Xj6fc4-4;1w!7wSgEvsA=<Be6hUBX<YVi*$$j
z>xVVGB0oo1Itz=M8|$){Y#U9refabn7THO*6Eqru=Nn!kzPE(FRqv&v)z56G+&-9Y
zRZG>51W}v<66x;AHSA>P^+mRD0jHJmY7jp^K?Yn4Xss7(U(Y{$I@K8Ib-qnjY<>L{
z#oQY}n=f5U!Z?R)X9u_dQPVMXMN`pVsRNV&&j2o7><aU<=fT2uxo<&?^SHWHuHVL{
zm(c7HZ>CcOZ$D3<7aDnEDleu`m2zh{L6|rTJ#Ml@rL78%d~$mgZD((6Mh=`riP}Y>
zwbS#%!oog;^u1>nCHSm8l?efRF6c}AabXxfMXoebg2k|21l*84l!3H7Lu&BU)m+;T
zJA5-03r={AHSmz-V?#ffQoLoXPWI0*^_<+wY_5I!M?gSM?(TU;8B9}W0D7z!q@F^7
zXj;r2^LX%VXh8?kVU&-wbJR|%xuId%YQ3(po@nc%k$ypp_AKx=W-KKI;bK#4DIXsm
z!U3Zo-xD0j_DRiM3lN48&mNzW+W{*F@!l=1fl}t=JlcJCvq1*@T?(3%iYL%XG(d`7
za^kC>&=>PT&das-d$1SBW7Q$tMSCB-mOET#c85*9Ywz#E;pL%K7Ymm5+X`qo%d&kZ
z!L_)_bxVf))m9TPO;PXRZ$E!_L!n+vVy=ER6w5XH%fy4-jWOYHT64`Lk?)-DiN5Vs
zfA)@24F!Xlrm*CBEZ_j+0Cb0h+yOSG*v(Iz+rvs35ve!oF*@}02$PHEl^D}I<A_wm
zLX^LwO%n#^Il@U*V9HjMKclN>nh`rnDLt>*sav{^5D^xmnB`4R&N?87<dP71#z^Z9
zyD%?LSnHOfyPS{qoKIirF(}^RI%2q_#tjn7eongolD57rECw@%GRuMHUGzptMY%80
zxpWdLDw;drF>%RW?qNgBXM?I(SvXVvB<U0s_!GArF^DDtgh2NthNi7@JO=iiOVCP?
zZQ&=|RD)K0iw#YLfuotF8Jb$R@U@Pz*+Z%?C8$xDyFSM)`%9g>4=g;l)pHVIDq#j%
z-TBRMMY*gh1}l6MeEjA|QUY@yy+-lvSr#bq@aMq!kxK6Z8GQvHMx5L>VACy%U1-<t
zGHEX8;`I!txZcN9I{QUMbG9!dkGM9~wB)fkC>*%n!ZTdvnywmkb-uGdR-^lqVm2ll
z++vBw_wrZ1jt;K5|2h?V|IP=(klFL!J|DZMU;K2v1%s7hB>YcZ7aiks57;i+bpX*X
zraO#xb@io1jM~~r9Zqd&(hHgpc2nJcA^Ts6ci6K_xTF{qm~-k@w)SB}LV1aXh}l<c
z=G`e$?gXGNk^r2?qH>m2Vkih=X_XXnAk>DGF8_b4vG>EP$0|JO51QE&+u&=K5O`G#
z#hejpzdCd2+PB0YlrBM}Qd;DV&7L;s@-%gr@(YkxhMip|<{`^qa4Jf3GBj!RM|2FC
zIy~!nYf-Tfznb-4r20_a*EbnSqC=af5P2dN>=)?`UbzUmRVz&re@05!pe_h>y-9OD
ztyfU9hXIPH(W|-aih5Iy+lxakQTj$k_QzXYfS&ka@AjW^o0I0>8dA)-XkA^iGKe=*
zb1g{`VhdA?^9=IZ@Z?TX7w#DL)tuc$6zD$kD|EfX1Hs;{zK?w>zMFu<EpC30PkX=q
zU>DPz$|CwZ{xgnWT>+|Nv@a%XgXUPmsSVuqrx6w7E4%s8w_yfw%UUn*Iqj!fq?%)B
zZ#O8P6w-$R!<F|w0i}()TE;@@h)eMqqm9`vZ}-2;fr4=91Z}<=yFn;FNqp*qGGaw?
ziYiuz<%7^G7!O{k1q8Vc;a2bJq@(vJum3dI1H#@-h9FI{GzzX7(2-CP-<KZpaf>yx
z+_26pGDK7E^o+Oske5~}X#cUPm~Jq>hnJPfVv|q%@*dU?!klxl?&pUmFN={s@eW2O
z=#2;ryCmCEBmmwfRP?Na9f!UedLegCGC62XK>6Mlc~<KWbOJ0~U3=>Didb?$2St|V
zE3xN;LTG9PtwvHvKY+|E{pkDE61N0305UELPR@TYcXq|Un0t3<|0hYFAm;G3{}iD9
z-iVB?6SpmoyVLH~wnr)Gqjll}{O9?<zf<%l&D4W7x`hdq7l{+i-@3Jq+GZ;PQNQ<Z
zKG(H>c&xPD(4Kgh(FfF&u5zLBkgRt#_kyLe<I9u4HRmRq_<P*;NOq_}$H~JpA@^bY
z?kF+3+o%7bAQZz%+kpm2ihUU4`tV4viCeq6Iwj(ja@zyI))J+TU*qV|1a*IMED#N5
ze$t}<$Yro#p+nlu3#5tQfN(7So|ws3z~k->&etFeP2+N_?7L*F^V^(8_}&E%rjDkd
z^j~)exby27*kb+M(|)p*yxO5PYi%?%uwPFq9uwXJu9+bCO1l=IOKP%%g9Ao8ly2^A
zE~4RGhwoVfxAY~Np8xLNUp~)~?VVn;{Dk;VcN_4zVS^DMmzPzaM?gYRnqaa42>(fK
zn7ug$k+X=izYup$0DDi@uLZPAzMABD*FTfh_A%eUF7}L6VDd{!%==%LLqU%hJxkJN
z_*LA@Gu`+MFp*wVX5Fd5soB*fh-JW>YDv2%omL;*n3>&F@~hnYA0&mNfRhqi6fYp?
z^OF*-3d;croDaeDbVi8fG-AfAk=lYi7)1i;@~C=eQMQah6c*S~4SqQqysy*$C`pcJ
z>U&8iR>|fxBSdIX(Q^knNYae&I2ON(<X6dh8V}YtGR9y0ovf2$viv@rAMV)RPprBr
zt-$<gZ<F@W1G4w@WKY^|qBQH4d>CC~bn6e}6LRn4(hG>Xfg|*lNeo6+27$-@I@i&P
z*GIJQS>(iy8mr6J5VZJ~fRf`zsF2~_CqGo}MxLvg4g#J((w;H4sOlL55=~XqZp4`)
ze00G7r|ihiipS}|-r&(+6uIY@_kPBM#hDY;ds-J46pL@RiNqod=SCzR?_w@avyuk-
zu1mkDE)o2ql6hADpLd4hVh>{&q~>}Qtwv7H@TsU@I$GCrPpbKzFv%OeXP$HAwp8&;
zsKxT@vGWGU6trr8?|cd0@2kwWcf{!PS}fsz$+FB;)Js~#g->Ha2(!8V_=vGStL)bE
znaaDoS^}R=Y6Ray$ag+CzsnNg>uMBE#Fkg$$(4LlEa)9UX!7hW>7vMj(cJJdwhC*;
zf7d)k$o-Oc02uR)7pOY&uSk7Pt{N%7XM3Kfjxo)rgAxhX33>%u*E_A*mt!=w9(MPF
zCUv7;R|UtdC!(#C?nMZMRiihi(ZU~e-yLzo>_NZFQeFk@?SL-)!#M$djK0$INHc$|
z$azZ@JG;}muGhw|oHaU`Eb;dcyDtNH(`9JZh-?H3OmZg&Vb>AY3Ti>V9fRekF6)W%
zRjc*8Y<Os440Nt5PKz5Ru#;+afvmeBTVX4ok6O=Vcjhz6?8(o5b2mp-eEV9Mlx>wR
zmUU^fKW*K?iTxr=8BX}iDFx<uy4lUV618^=^g>z0av&x3s#`$w<ensT|D1^0{#k<|
zrDPA@?u1yYJ$%v8{Y^s_r`~(Kc|f?;On=mQ=}&&#-DK>Yp^)<)<}#r%E{%)71$#wh
ze-Ub^&kmij2yRt}8PdQ-hfbwNSPC@(21fd-49j9Q=iWwGkmi8mxm?4cX4pKmF5N*@
z2!Eg3;T4@L_xaRxS|ixUP99*chT@A&!y$oe$e*zQGxxzhAsE+3fIGMMsNgt3YZiRC
z6cb+3nvgcUmL~IOwRh`q_a`k#3;Y_GjbES{aUT`-pqh4%BRCoeg`B-l99>~B?`Syb
zqx}zvdB|LBP*nq`<C%FCeTkupa9vl2DMpyVm)%JX#fAMq!ci2*^pg9A>>9cxtinXK
zQYES(eB3)68b)hysJV9l+xt52Vu1D0mPrrL-KPmOW{Z?>>439W?{9jBqoV%e=RoLq
zJXYy#7|kWOcx}#`OcGeN4*b)Ei_+Hod<U9a>EUi}<Scak5&-5Z`u8I1F@QBCDSCVy
zf0cnW6E~sL8v*rJzZ?d+7Y1Rdm%G@#D_~a9$9X!W(|Nqgclk*hfX5R6144UhFeoiC
z>mb5|1>%aPRqT5Q<aHTx4waS&htsR>!>}+7kyE*8d;QTC{ng8To9#BvM?Yz|pLOIn
z^uA#}eJam~2nCEE4XU>f8io({EH$e(O;eYtk(j*zrDD~Zg4{GevlqJi7)-02WUle<
zYz2Moc9p@QoKN>2x}yHB%yD3<7ix2loZg#J<LX#jW)k?&aX8^2Hb>b2s2Rjw(i)UB
zo-w7ce~jNU2YeFkO_n}(fjpeh*Z4LbBq{=hoZ{Eseb7{@3JCl;HgLt^P^Q|`p+dB!
z4+%Q_NecqzV{mG;`R>28?AY=lR=gQFUIqjJFTHAbQiGNg5X0W-;tI#8@sTwNh{H#;
z?<wBu0*p$o11TrLf%M>3|ISwJyla8+(8^M`UhqUNQQmdBlBmD+QM6;bhA}B*AjhJ&
z+(Mk}9cEk%6#~{FaG0_Df!8w_Oy$sJo8?`O8-Ld2$s~_>VRWsWfE+$L7BJwYa=B)}
zf(X~2I@g#=f>55;NHE9gc>S8Y9l2M<{Kl_BUH!01A*0VQ@77pd|DzY+PX!)xhdZ0&
zH3M5g6EW&rPoXsqQ8gT5iG`P>UjsHrjsSqq0i>d-uNkhOlSJ(tzelkA;Y<|wRsZ-m
z+It>)&c6Z7MHzFw;sGYu5PWNI!4bgvmvqW!?r=M}l*<fX*EAL{t@ht>tPi6a{_;E<
z$ZPS=Bc%>qX>t`nt*LKp>_Ah{E(=^HkWKsq1Okd;o5sLc8^Pg^U6{=qm`eTDtu3AD
zO)IdPA268&hTbVn-fP3H?tO}7O%BSV{+2{~u#bx!(e6J|vLM|*)YM*4=$JQb72DeB
zYtvP;(AOdcTg;I)$W!>Xv>i`|in*teeiQS>p#F0s2y7U+Y=9UxR}A7}UTo2SD>Gx?
zbvT1sXSLU-PjChLn^6kEHMZ@ElQS<XmP$tm0N^4M@~Sgj9-xG%fYbC~5a0kREK>I_
z*EfLu&;wf2^V8&@+`|PQSxNwx_jFgL=x6J2FHWRtO2(FpB50gIBC*zE2F8R(94rdY
z=qFoT!@W&N!xF1~aR<h?Cd$q{3Dk-+4<6%9nD+*qf9CeWkW1zb?6jd*je-&Esj>Fl
zJP6Ji_)t1jh^KPs0xp6_eKi+A@<krUn;7K6*j>ykdw?clFq||9#sKui;*6y4YXu*O
zk<q6cDzEKNvT;Uf`Y;GZ#py7J;(#JBe<gh2pOa7S!!6v0N*MJk9u4aXnB2e&od>>O
zb+w5SN2i(xWJxKD94y)zIyGYjCPp265?`j9A;x1OzQXzI<&W0y<gh{D?&guj)kRMD
z_IASuelaDH`T}(E^#ainW9GePcEBcs_VGoIiWm=FnBH+E4u5jJc5{GJ;JV#jjz}mb
zQzg7YN~<{JaBr(Pu4&T&HWLUSCSzAUSl=qt$$dm=ChL#cRf#k)cx=2sGi<Q^n%X8R
zPN7Wm>L9uZzmE@9;!wydgN&cykaUQR-It6riR5j%a^`Ckb4cm^Lb^GQxxXTl?&q*}
zU6=3bc<gi4wpsLD1$;X#31SC_X?;$4G>uB;MU*R5Nn2!K&^}oreDCy~XAQAJ{izvr
z(`;%vcNEU6t#4?S>3Ztqi10v19(NLFDnzD->qX$uct?xO5uBbev_@B1ny`+q<TnJE
z2fW-_SlE*zMZ{--6~h~S{>th8`;6gS7GrhhnT2fm{SJ$Cm2l5b+OAt(53@y2;hi(v
zz?CYPJgJZIkCIx&LW|{FQ1L_5p`f<RhVZ^z?}J-Fm_%Ls%eN`==;TAV=Rwdp>hRd&
zc)aEH#~6Kx<)B{v10Y+@V|%Y|p!%8(Swv!Kj=tmJ=VorD_JhB4)mfdrtu@}HsFm%*
zI(~%mS62L3UzU12ty3nwj8m9yi#iu!f|1UbvHH0phos_jYh_w00;-u2&CnMjepc&M
zF(blLZCFVOVB?<twR@dQ(c-|rySF5%Ns-0d8_)6PF66GlcZVV#-WE7xcXM}9h4PX|
z?koMLbjCHju>cXri8CZPtJ0&t+x|E3-2-CooEd7Dqee6Sfh}L!Y1TiKUGD`(1Lie+
zTLuk7eH+ootAt}pTH5F@z>+@s8n8QxJH&zAER$uN^&<76J~&H)zf}2hqG?rJ12f5D
z<l!0Y`t&vL*JDM4Nk?wG3G`;iq{F~Vk^r5Y(f`*&n8L#d{GAHalFDM=+m#<<gBo{F
z9>8KZcAmpd8{8?-XifR_^9wkiBU@F5?;=CMgAv<?Fk7HZ90=SQn~jpvC=Qtf1QuqM
z2BNm@&zibfsKRsusqHf`TTC)f+||OFwql4sQ)z!WAsUlyf8)ezqA_LtbKP~%QSrSG
zUo0N1+U|Zue$H(&iUybQzM$2p7OvB{QlJ#hIL9DbKc<=<|Hz<bUWWW3h0em(TFb(O
zh8pFt>=szXVRW>9g|xTL)Jsu`<rUQ&uI=A!f(b}y8I+G&RhqsaOgP<M*faUU3h3Y8
zL;&FzI5Jd34&`$aXEv*BkK;3q%TK`b@k%{Oy)zhPnI%h|-y&d;pthJBO9g(tJjp7w
z*l5(5dXMPXT%=TN*G2lTaycS(r5xA`7lUvbmh@%_g-^tXEiL95Glg-krxj?%yN{Hn
zz@3bnM%0Ym87d?XxUnd_?_SE+1mT~!CMT@+y5z(`J%>i7=E`o{787KLz2K2~d^@gI
z+qG;+x!Bx-7<!|FMVhRZWD{n=TAZ@wiZv`=h&<IQM)kHb2&i^Zf0kUvWAf0g7EWcA
zz&(ZE(xIdo*Pnuqc=?JUoVxDnE)&{Gp}w(q{7z-Mb!@H2p1>W@w$bJ%jYW<u5WlvM
z_K*yoyuFWD`#z9&`E8g1Yu>O)o(Q2(P0Lqh<SGHikNxu+XWdKw(vLNSx5RQo3oVt@
z+=J24pg226hybAR%qnH6h%L<MtSgRp`=kn{39IKUNU94_{L#cFNyq&8J@<^?sC-^0
z$6Ws1+l4lc_jgMtlUZwO&bTfzMTJu#HI7YerTj<DA3jT8+8P9xjiMkf-}s03Xrv$j
zlc~rzHNp)%vkJm4TL3Zya%*#bNOQ<~{u~{?1^%@wL45WBE#IpSwnQGW;9`ZZu#T8A
zDanqv>`A*SXRLHKijY)DdO>Zsaa*1VbE{uPcPv=~hgN;F5#Oy)ha;uV$*<3`Kc&gt
z+gT~d)5~=PsBf<{TH7Sw?pF``SQo4%5Z)P$E^xuii^BcMDL49^um<VBY_@1=K@aHe
zF<<hOGcdpY!A2627ZA!lA$~yQ58dJ%wB6yE?ynOGMN`0s(F-c|ih94d`NMHjKTK|3
z4>+`1lK`HbdMqyar?mHF3hCP`^hf^@RRa>9?viKGeZ3l*_|uV?D6adbp$)w`kHN0v
zvflg^D&S;-=2V#G*icyDV=2V@l$vDBn0-{<D;vOrTs2u7VxmW5TwI~KK=nI8SaUf^
z9-CFbQ+1A}6fqQNI5Z+2if*vmMg1H(2^nKBrjhAU*L50(-s^Bn#f+<+@{+_xc$K5a
zZ~j~h{D-X(<u=%ix1-_iKulJ=3eCsolY#E1?BQ>#2EgI}O*dgiF8?n<3lLeQWlwSe
ziu*sg@^UWVlt<urnlA#pB88V;&_3<oBz=6;as!N}@Cc&BhUAC-<IQ7VIH<XCO0Dlk
zt~Smud0ZyL*<=U)!9lmX11MNi>HqHbfVM7FUcEG#$>ZUn2J=f83{*@s;8ai24_*Q~
z3%afTbpiqgXYm-viHIWR(cSW8z+$rdU$im0soy!NLl|4CB9l(chhzYai$;3D`rGZL
zk=&SD4=db(6Yvliy>%*e0(c5zHz?*tXF8H+|F4xJCzd}zrZJMmt_a+ezsDaT=f6ML
zi>4|Vm3WuCHAd^zt9n;uqAE_3!N12-$4Se6RhIYHa%rvd<Y<Dn^P5XseX=2L|Na35
zfnbnl4F0*-KV0OQ9LH+sa2WO+)eXIX&2-mybS`^VBs2a*)9nBFb_<sTiH5|v_TC!E
zRVOd^MpV0)8!_Ngeo&U7<0J$|%G%BG&9wKXC~H%;e&LLk^H)@z&p9*-22{jVeMuT3
z<&+s3tB~XEy6l|!v)JnjmtOaMT_@EF+oX{q+WrL>02P*VuU&sPFB|+NhA;~ewGC5{
zun#0ThoTHCUDD?%eZ<E<J$6l)!LK{Q%$!&Y6JfTFdHDmk?gWz^JFd)V6)jc-M&BcB
zxatz<bn53v04)UG;s<5Q>rV4|%HH^#r*P=}V&?XN(&PxZExFFXzBshfrS@^fkU&C7
z#a69_ivTT!z4J=-PFl@Q^~$_p@b0^0;)DK6@Ta=5Gswy*hW@^3lMAy|@P+Q#>NC|f
z!_4O7lRMg7PIy$Pt`g2Sw5L~WS3p=Z7r+C|vy_XG!+O70NK=~aMi>;?;%?IvT?KPV
zyTy|treAEg|5ewRm_?l@dn><IS}1Tmg$!0EZ))5uNxxZoC2;q`z{JmZA`0I6oz$tn
z6jMe|QBib~N9yYK-e(#3Vw{iq`PSgbbPZRun@E$SaI_Y^M3dyauUKsA9@p;6q`9<P
z@A0sjYotrcyIkqb4_~I>CI1!LN2tq3Xv_F6Ph_%@QwMvi)I$>C<-Oap9Oouf=X@EF
z+=&O%p1EZW^kvm4JL~1Z)VNxg(J9vHt66KqWAKwHniSnO&dj*s%8{e5X|hhAwwHxf
zAW-QxxVS4CY4E60<7KO}NcZwotA_gs(H;2+S>mIA>ovo3V6=f8=1CAE(>;^eo$DL#
zMLVC^+M<JYDktU*Yxf|1G$>p1I4IOlr(|JaAw?gFjcqpwSWO35B9d1E?91PKujDT?
z>vjDuw}k_2S*ondAGNNRMFZknXL~>`MW;SG`D_{*Z;`pV>5*px8FbT(H<>|}K_AR7
z9am%IQg_}Pmy?bWnDuLgCn^N1>Z9Ufpp7<jewZlr$M9Y(U7XfnX>9eS7w=;>E#zxP
zQHwFX7n+B@dEI&YHmI56CN{fAWS7GI7&l~|PR2S!ud1R6pv7_`eqRoGIXwd^yJ;cS
z<EZ;3#bS;|uTb@+p-R@Ep-EF;&{;gog*_ozf~|HR$JNyL!1X^=*o#TNg}11cUpUhd
ze6*3ieSim9Ct==cWMtMEx^r*)()DG1){7s$H!imSE!^UkJA|vZ-G~6c>(i0wob$`j
zNQJwVFk39n+M{7S=%wNq=R+2ZcGncI-S+Gpv((k`v=8Z$Tj5T!DsgT15Ay`n4x&rf
zA696{f|Peb@MTjLq-`72WX`SQj<N9&sgcjClxzv9lwM&k#ue*kBFF&+W1f8Y6c3mk
zcayKh&fDJGmi7#i+2rcn{gQ$K>63+!QBDXdY+Vk=r~{IV{Wz5DiPQ+v7PvI$Y?{yF
zpHt1}LO33NeU5n6TgWY`8v6NWjMu?c;EfwtvTlVg?~p(Ck*7<P=iXd6Tbz8CP`V#y
zc}@RH!bHAV9vfW!J=C1yyaN)6n8w^x;K4l-(vHNa`j%W-u<78?A!pqT&b1vPwk?Kd
z@AC2v8(&UQ_$@R_$sz*z*^ewNOYZ#{`l8g9>*?M#8^885nj0UA<<vSwLSNG@5eh;j
zXY&H`b=PyU9A^(m2v{-|zirZ`X{=iRcF7Zbmd^6+$EzI1XnU5dFrrF9(yyuxt?L~X
zMXfl8<c+W77cX50_+3w%WS&ZlI5?fxCy>CI03YIzURp>QslUymc;TKDxMNQNw;j2a
zW(k^(|DC1f_2E|8lUKIeLep4v98vT!dy6kftgWQ^GrmV!kGt8asly?9cmOWfARo=b
zH$c_-utUrJ96chz^myOzX~m3xg~h(~iE$i7$V@M&9%EM4<&pfmxc79P4_UmNC6_-A
z@@2s<(#TuoS=vM!!%-h)GEItSr59`rty?L27oLPKn~$v%5iRkEPEruQRrGPfzYPM*
z`yw_-)89Qb;d$DM<fSQ)|3n2`**EOczf{pD05|X0^7~dMOL6<QbyBOFHTW|ES5@_6
zYSLcwaSoe+$F=J`@c6fUAK4r-E7gipCp#@_)OK0sLF;#H`3Yxe5SiMoGO0dH{39I=
z?Z5PgtmxhEEy!t`KWU4N;gJdYC7_3z6&Gan8|!1UIcu(B>;B;FK=<20m(6M7JM~mI
zsC$VjL+Z9iCmaL99~0v_*s&slPb@x&GzX>9I1WpJi{0!VNWB1m2i>JL=i7E;;bXzI
zGegPfdZqWV8i2BxVmxgmh(IVC@SEGco4{-+)>L@3v-Q%WXUC&<+pF_W!0E_-^#XF|
z(<M^Xgh81qVxn6LwAD359ef&?@WXp~vgjp#ByHxG)G2|4%H<Ca!p)XO%zb>r$Rz{J
zp96pw?ldH3#C!WjtNfX{brB@uy9;AsfXfdncU@at5d6K(5DPdU1$BjSHnTj>cUrDW
zE5>0GfAipx6x2c!vG_sN(d}U4lD%|i>Wu2OpVasH=d+(`D874V?%xV2CQ1|MBP8X#
zy6c^lJDq0)9dWHL2A$sc!4;+>^sES>9bav&`@&k&C6Y7PSw<|RmbY$oBXM=#&#5Z+
z4<{^*6`u#Hc1s&d)EQF(u|uT&Oh^00X=FK5N{8N*sv8$7mnQkchOSJ3Ko5(g63wiV
zSKw@mSchG-%mvEIXw;WeF|Uix+|^{^rXWHd%vUxu%QVmRDPoPv)!gaTl^tuSq%=2@
zY6=eq-j?%UbkMygn_(rPlOPXzqSD#Lh{oQhGQ%l+MAM5?87+bb?2DKKEp`UJcnr<9
zeE0vma})!rUkc|IXU4*hw|@)u`X+J)th(-K6OEQtHVz)tG!0IF7v5`KkXC>Ec<EB7
zN8@qzN?;c!T**s8pQTm6eLpV3J<Ty<mbxop>}3ky(<BZSHXd`PJC{cbk$i>u!WMe5
zQI|u7%BVlo(zczDooZbM1~QBWCCgG>-Cwgdn`>Tv?ef1|d966&B0~TE%1SHz^t}KS
zanr8K_G&7HdSQ~%yRnoE&*9?YENX1n{&}oxbyTK+Iay0DWVf}<8q%4hbr3k_Fbp1C
zK@j6DDOTpU9N)R0h;=FKD?UnZxNA_%)m2#_uPFqLYBfc15_!@CvI6(F9ey>(ESoNc
z&R<q|u<HP`stuC}Y_}Qic!20n3Ljh!a5(@;NEmW+BS4sOT$PR8cx#rUvzIib?(XQH
zddshPB>cl6eUNJqyb5i^thdf`Haus4X6bahN*mybH=-4kVCweP&CPA`KxU<ixLkOA
zd{}#&J8`(|ePKg9(mUv|%6*A>O4gX|1?P{mLLCIE{PaT45#puikv?QCKGBY^<pUo)
z&5YTQmDQ{3lml?bHK$JKtckowg}^VA+rY|5P-HceL(KlD^6*hg<>;`O5?b~Beg)w{
z4bNbK-K)sTf)&*2Kt)rfmvVlj+IB_2_s?C<8A3hd=~Wv}`O&X15qn4dL4@QDF1OJt
zxP0e+#X*5K{Asgi95yRUeR|(Q!R$b8tl%(ZV;egKq|f#^i*#o844RP6xf5<66Il!&
zxaYYtZYJlqS(rSwOv0OF@Vfr>#AJ-75w_>wP$bHJ30V8iwl(g*;u%Ae6jT2(|06uj
z{n>aWS7-T)6E(MJJ%;21w7CI8tjEbfVeI_wq@XY(0sJtKMBQ0it$_bX@zzY)$q)bg
zP&rR(3B?3kF8i9j1*~lIqO#<y8S^YKG&Cg}E9tYE0cc(`o=-InISdwBp`_f=1~{Y1
zKl=<J_{4T|PFIA0%g=u-e(Eg6-0hh=#(ATh^TXTAV_1Ntwg)6b&}zSuQs)u0od5P5
z2Ai)7gXM5miENxKs3o&^+r}jx^Sa(=745c$x`IfYj+cpRzV4X{z&N20wbW&<JhTxs
z9ux^GR8`MOB_00y+M(M%VIg@ahWui!TM>bg;QQ^*;O*y<w19+t@wIB51@RV(I7!8&
ze$@DGe6P+aTQU19lBt79Fn3ZAn^dD-yny5lfa~RI^#f`duyx}(37$UZvN1IGW8~l|
zeh)1G!p-2z09w%C_G^~?RlXae!W7Tqk;scDrmFT<Cuii76>l*a^(6ws!b;`V2c*#I
zHNCA1m)`I^0QS`ERuA4vG1)|$KBMIJ9(DL#n+jv?POTi{7scWasXr)lbKvNbn;2ss
z!Ms91eua)5D6m%~=KDLgN-3?hNhWg^R#wO64>wS9{-wz;PMUl|@<S|Hy20Il#q}A7
zZU5@GE9L-NcsDCR<^zlF8n2XgGJg6oT?AyxmfgWY_b98`mI@x>P7skXaj;tZjPm5m
zS$qXeG|LNndW=HpH1bblbRo|Tf+qrZhDtC8fczZGtB3w#%_th3#P-HAEX%!Z2^GfN
zPyq9W5|b>+_rdcy7w^6^Hq>o*JCX9l1_Nlt&JB0nUQ@V(4AD4TFey-?sV;pso%Q^5
z;$R!N?YT%mQ!C~7WWQ0_j`DjlZ&qYfnN=pVO$^_|`40SOKi-d4I@6`%e$`^4WZJZ8
ze2e1}8M<Lnd7;4iU3JafSza-P%_{K`ZUzbl0IWS(E#0U3)Tp?%KD1Ke=_1AsfQ%Rt
zo4<&=8_Lg2i5X;H?{?|?syvOn^is~AKjE!6%r2*5Dve|4GYCG`Vm#E_>Uo3gc<&Fk
zC-9!-UGcx>RZUl~h&y#hu<(rvKdcQp9KBIjp!%H(0fHu4Rr9++K8tRu-#byO8n2NV
zN~0{LIOo+1&IMO<%z(-7_>(EZ%w&4<te}Q+>X1;HRdkZ3#DqFpaNs>`+$YH`koe-T
z>UBcHQ|Igq5yNtwHsbv|U(DI?jdnM`hDmBd6QVieAN6#8{qY&ghaiD@3oqRI(Ptks
z@Xq@l_T9&W6l&^$i&9>i@-;^yGU;*;`mIX5tj*vCLH+zI0r9*73OtKOudDB!{<;B=
zUr04117aCf>Ne;|qoJ}w8-)kM$@>W$oQg$+a;<IVs`oI`v$QzQd_b?RuIJcJ6FvzH
zLM3#|e%tKNk6`D=80R8dk(@M-JBwcb5mjZ@{&XD_B=W_lUo;hen6tGVUIO%Fcz+7I
zQ%LnvXuu8SAITGaqFk70aA02Tfb744?6%H}l-w|+w(yBshmhdnhM^S+U>Qh^JZLb-
z%q?vlRivQPdI1Mx&yh{lii~joiZTGB{7jQg;x~Rh>g3aRd37vTnfm6g`>$EUcDTT=
z-#l>r3Yj^PbQlPvYvdJwa1I8jw6#i-%bg#4A9+S?lME`XDJm`kFbi;mbT$Navlh@+
zH`9b}tF$XFfp!v>jyNven+>%>?o-GbYfXb(RRA`)U%XIP?lW5G$l^E`doz^71l_2A
z^AwiN+^3%NbXa>y%FKgojUQk@TvTO`;QXC5-M3f>C;Eiy2kZGULrkwa*$RH#6`l}b
zeuo{^Fl^pCP%^Vib)S7L9?Gh#m5|4fgsi<Q6b()=5rrXTTt35fX83ZGFpKw*x6B0|
z@BEJ6kA5Km9v4&auBp2Xzm_dVWbF;eOm#rE>Az*8VEVO7f^<o}@iW&{%*jfluzfLb
zr4n~zK&gF8HNva<TYR@)LzG$H#(8n=X1{8<)ZVV>f}ndA*bh!9{<^bki?{_yw~(;%
zsWhWqu48g7L!x4TuJ&9mw)e%M@aZ|}zYslz^o0%bdc+)<vt30p*!f+E<q~F4b5*M2
z&WReBOA<Xebre1`nNsw!q!8^>QX9J=j^!7y;9W~=hW-a3`Q;g?)&><9aMR2XE-xhp
zDJ{!q&^Z0l0UPrqhd^RwB42#1J2E+)?9Z79OW}~Th2|MxzI93{=Sp=%?w&ctg1HKD
z)Z9QR(hKJDs1&;e)`OYV)*NN26MsA}DKeBU80b#Wv)63&Gj~MZonCbn%|hl_IcF<^
zJa_bNbQFJ2W{srv0ETUPmAH@Meo-~3pacnLmThYTHQ80~caRlmdb+UO3;wye!sJMZ
z!LjF)3BSXqW`d0S)pBE%S{y~@+KU_KZAe$9!FoW#?*P+5((@G`4xLAj!#i~3CG-#v
z=*I@4Af&7Cyf@d(zO|O22LoZo1#clF--yxAwk2iad(n3RIf*?@Jq9474A3GL!(Mf%
zeaneOF1j5zyb0x;m>zT^uJ-dER7f#54p*hSK_SV#d4n)tCts}lAjend+85~(tO(*_
zwgG~94y0SMU)b}gAGAK8_Vx$mDfO>=$9FB_3nC<IO}mU{<b1qDvl4+gLBbg`_de{8
z=ha&b=mKJy?T$6<w25MfrvS}0N0~6NxT8KKDPL#i!BYjv9V#!8#{q#RIW!hLXx2Ex
z<Q{(OYOShA+vHYukAYciYFtY0SJPl230y(>-RVsmetun8DDn7%uUrm`s=t}Z3RN<G
zAdmCSDosupm|f)zjqrWm@H_@)^S0iJ_)pagE7f;egBsIVUzuR@grFl{Gl3n96-gZG
zv}!-D-j^#-H3|;Cfhrn5TSLwm-`cxhZ5}q@svd-D6|ZcnzCqslCd0(#U#(*<>ZO;Q
z6jL&%-0F1NOa^lKEJ=EymXrcDp~}Xb3B>hZngt%T!?);rPp7ZUgkRi-KP7>%i(6F7
zDBCH%o%zY7SIdbn6j>;4wfNlvMrtOH{TE)$%1nXLS$Px}KibrRF|<ZHFgllvJzL7T
zs`yl+DKW0=T#&;(0Rf1XR+J3MV?5#gf0Sonrw_=fWhdhiLxB0Tvs%x?QTh0lnBf$M
z2wrZB`g_0JA*}1?3jw%_P7EVGC|t7(^KI=^o+xO2vGMU9UEt-px2AVu9WZ>v<J(eY
z{0rg-*wO(wS3aqu7xNK<V%er33UyEbAUu&#*UYmY!Xe{@OLg7*bRx)3rZ5HMer8j2
zsYF1R+Rs!f@v9QyTj<<j!Qod;wN77L(%ZKu%(S&M@Z?v+Ml+lwaSzV!zh%C9*9khf
z*A53nh0H>97Ip-;z1g?A<ChD#Z~c~rwEJFti@XJW*6bhswlwO}694;>^d9u?>+Gu%
zCe6ER38Dd4)&^Miul{a2oF=f*vrI!DIaRNrjk9SBBuKvN1tUC@TYImqQ^WnD3eq=f
z%&h_`6PNDuy5BEvub47}f8Lg96`6P6ij08yHFGiuDSSO!WzJb|J!wmzU`~-P-+5x@
zrKO}Cig{f-0Pf5;tLy{J<G1E|8W<(L$fOQhStzYy+byI1>i|UlI>L+CGxTS_U%IfP
zW)_~O1VinM*7GtKifEqFN|PPRhp~+FUzbk!#`WX1oQ6d_rb8!9*`KMG_^v7gx6xfG
zBDB1Q@9Nx+mT7Aay1atd14W1kY}N-1N_P<6xV`SM9zgQb@)gL8L2D$Xx&+dh?S(ta
zoIA0!W)ELdwpx{%2!R$))hZ-TE!zF~@?g=f%3-|pu;J+cA@04Sn)<r6QKYDV=uZ(5
z5IZQL35fKfh$3Aep-JyuDWOI{#D<_q4G@ad6nf|#1eD$a(iIFX^xpYaP~Z2QbMHCd
z8RPzO*B_1{JA3c7SD9;;XFhXzhi;Dlb;ZT*-6xxQ>+elSDvK9hekf}kq{T;1pR?N<
zV<m}}?F=oh_2#R1OZu-psK~18BS!u3ViY@ddgY;aD>bt3eu!d$n4Q6U!JX%E>Z1jm
zc3z0qbtEExTsP?m`s41hbA*+-=-_+rA)b9RCcE#b0_h3Q&cTQ4wh9NiAX5+6o~{gY
z#qAKrkNqhzF%JF{M@0JPhLF3N1KDzz5p$xq!_fhipPnkTj`<UUac=g5h2Nr>U5#T!
zs+^>L`jCdTT)wxu$`4OmAw)ZuY}F7RG@s&6C~JqiJfB}Ya<FbTSLG|Fq)@VJ@pLjs
zG)=ZSkrhO7C_0uMi+>)K+L_JAWM&o|WEoZrv|UpVe46$s7cV<#l>~sQ)BBv?!;>rs
zs$nrBbpt705*~SxT+Pr&X+pjsc}&(vI}8$RKD8T0u|IjcZ!BRbMkRO-b5rU;zC8<i
zfMqHQQa{gs6SjCc-kNv|;gxzU#$u&d<@wP8Y8CB)whQhuDx(Vfd+$YfS-ay*kX=5L
zHPQ^02NBt4!=myvZKm6XCPdqt++sfmi5k642sqBtOsN9#A}Tb6=FJAOm5q2<2%ph+
zy4R=lrXgIU!Snb}oXD84*$dVAVzhu=R{#B`C!+;0O(++s{@hSx#MKy9<@?SNbd;o9
zcgxTFV=UowTg{nKGd}SwM~++H5XLGm)(a_&3pLs#M#)%{@d<d#K~B3KkyfMpoAyI7
z?%hB0Z*y(sRD{TJh2egBKtI;@O+ITfcF;;Y{u%_ZH4DN`+nLQ`D-M$KM2?DDoV?|a
zQ4zm&tNcRSb^viDyBk?prS^_fMG<z1(Qm+2mMYmnqRH71Iadw+>YN+G)ghW@){?Xb
z{4cv>G?)wkodFYcn62@OaOY;<&|9e9dBeKT!#4axdwa1lf-*Y2myR_l`AOgN+@_Yb
z)AYh14wZxg*pFl~;-KaBw@aeA%k9pMAbxw9z3ZnnlmAKf!n9)HVCCQ>fV1GqKBslb
zuJhw@t&g+-Wb%HuM(|Sph&0#oyN(-T{g43e-aFnKu!KE*IXfP9FS%nU88n=&ueUIz
z`&b?{a_Aq#)|hjg%3GJgIcrmcNcHV%i8rU4IXsm8sXGNY$y%K&HH%*Fm5WnFQO@x2
zaRR~Z%gR}73yYq$c1sM_daZ>bG2gDSmEuk~I+RFLjytQ7&qb#>{xu6~K9P_TuCw&H
z__KY!S{|ov-S{u+TGIl)?@y^CI>?Cc!Pgr{DG!m*<oB@hi8<xZuy!mkQn+%WfVfF7
z+P1E;W$ilXGSRfd6nVv(lud-8*qU$~>IM5hkH(!O^ibOw6Y^W7zlGiAO8syWd0aE$
z2<!KBe_}p+m%qr6#n6DRKdWYLG104z{u4XqaqB*HWPa?K6C{3a)AMiI@Iv;KFcB%S
z2yj+`mPp?WkP$kq#r3gADP;S4RRJP(Vik9`>!qO<m9X*0viAmVHi-=?ilGswbzX;E
zY6PKX;6=%sl)_0rwu9-C*ku%Uio{7nmchqjj=V2umF<4f`&?_|S?qrPzA9_BbfqUF
z_8H+J;$#^KKqsWfD>%>8ZH%^a^<61yv4HzRS04pNK5UF8_XRY+1_eNaI$!uPRVm7r
z4Cp)0+R$Ttczm8Mz;Y*2aUY(PD{k)}P5uPG4?SFDzZ18dDi>g&gf_?xAO5#EmwWW+
z(G19{-|M?h_G>`P<a6jy%;Z?6Ut}X0K8QS4OwqvvfEeO3FQ9YhY9OwLhc=Af#osvf
zYXDD}3GcFEy2{W~tW0^R^OJj;=mM@#JdLn(JPc<glm7-<2OUs#WrLh4WgjsHLB}Vk
zK@~CR1+k>SmrndXl5)*6GkBgl_CrJ+=mHF2pD6U?<SU)^_#uD(NWo67(QN%}8iL`|
z)O)U2p)woM?j}Bu*X$Y4ktVtXtZ=qMpArDPaf(<boNoJ0Sb$5D14M(~Mfh$BCym2v
zc7-#CemdvJ<!3GC?KF$$7K`E|VJ&%oB7?Fw!9msm0WK6WHYk@$1Z1Q}=<24-l!_B{
z(PVX7AX)!625F_2z?)zALlt?Lb#tRiT%X(J9Tezmtsw2DfXWKCAF%N<<e|e(HaV3U
zt*fTfU)QXMiGVyyujdBE5Dwc*@;GI3ki#*M2$tjn3>g+=6aQ&A?!ARY6R$3lP%#G-
z12L69G_F4fI(pm`Q|i}4yM?kT`xRWwmITR4Y~Kydb;DNZGN+$+HvKL897-N(ZpAik
zXsGELNXyjX-)8)Wdnzo+!Yy#XCT20n`g6O(K)d4$e)%mXM|l1_7)-7FKaT>2oWKfF
zIvHn2xi0G&V=5Cr+E@a>&FUI6QFxBo`ju1uvT0Uw?hICp32Xo7gZ?37S@7cBzEBV`
z6GZGuT3Evz1D90}G#pj8p4fTK^VlgO0KljMAX;dK*LZBd%_xTs<}}Zoe7ziXh|&cQ
zx=K!pD*TwMY>|YL)YWx^C^c)p8}>2!M234+@W3)a%Iol!vZgP0K9<-zv+5Qxt(vcq
z_yGq%)StTVCl22++VmI`jD%t{1dD^A`8bEt?y-o!Pp<_i;5(o7zW&ugPf%P)O-*h3
z_U&0?Oq<>O{N~a)TpT_dEln<_Ggzc{SWM?$5QeMwOE?OG(~p!@0flTjSbrD88T$8j
zs@p%}2<i`0%5>3mER*HD^=DS5$zRy3Nu2b5*4J<7Za_r)TFjP9%yzRHw<f#8-k*!s
z)L`-X9TnQM^Hible=B<^gTO|3@VOmAkr@IYjR3(2cAo6yMsJp$)O!BpTopwJ3rc$F
ztijW{esQTiEs=C$hZWOdWgTm`e{EH8Lsf~IP3?gabU82pWHV1aF~oXwpKS7-T$*-N
z{S6ELON=q)XE?Zf&L5Qai9tVJ8`-}$f8MX{J(yK;WB>j?(nlc3%NevO(cg~8nvn|c
z0#N1EVW{{qsBzK@{Em35_KRd48iT{(1GFv4asNcAKet&Q*uFzuCS<sBbLiJGW=gv2
zy>V`J+le}!_7)N%?sVI7>s8A_U$_OE)&GJEVonoK89plt<S{7KTA65dX{4xrtfz;G
zi@V^Cn;s}#S>)9(ES3YWR}nI)rFPGl9@xH!?q^a9U*;Y<t^K$lJZd(?L%EuqKqhkR
zMnpSQ!}6_jGg(5l25~hl)7mxVF%((0vX(uFpjGr#jyHJ$jjye}$G{?ZAE2?|E*-kN
z+i@Cu#@;K4B1*sY4B-ET&kdx4N=(>?A1<zcFenAdshdCP{UQOx8Dt09AIjbJ49$^i
z5$zFzN^w60Nm%=yYR&h4p|m<6p>}OTvcKPvqS@?N-lrg80S+Vok2=85s_e==Q2ui;
z>+O?5WhCT0G_%$4E~SM6;i_f>8Rxkg`K<tMgLI0r)shsb4{lGz-c+P$Syci|V*9Mn
zv~R%0w%z~DY#T4QA`KMA{|r7A@&n@os?R6>=4`Mi>3y0Tn~(@-2r_lhZg56~FvL(;
zk>Dts-KJ;sXyQr4jY%691EllZkB<>f4^vEA>|o=}7X2U`4jh8^j5$8gw_W-9amL8Q
zT*OjRCLcy?;>(z9^DCl@W_SW@!akoYMqhMGavmq1(qj3SC-Ak*QyNztHm9DKOXIh%
zSe2~XCez`5z6f5YwiDIoo{C`roeciHMiZ$NBJY$Hpamm!>pWHA$=A7^kot8^xBPj4
zAeCe_xBFUd(o)WW9jb-}V<0Zj^BET-vOahH@B$(fQG<8Rgyg32yOMM{thn??@Rv1%
zAdfk70<)TEXTSSjlqk4o+(^%ZG(Q$qyA`04J7*A@NxQD>T`;yma{V^uFrXp+P)=Ak
zP`?QMG*8Ir>YZ~s7HFpcikOzwFze@{p>Kdk%l|pk5$eC-#?v;6Zpm`sl%Z1Dxz1q$
z`To@?<y8wC1bAGO@J;uzw!JnM1Gp((=7B?0CY}u298BxGV0=^43=--W;d%Z|79Vs4
z<^U);V0v-5RGGKuWNkS))z@}RyuR2sUzaF8YrF8S3_rpiVzc19_v>xY+8g#zFQ_+0
zL)iX}5L$qfIjgrkrYyss2A@N0jv7>H?`6&rOi(d&DWov|+fA=SKdoDUJkcd0Pf+4J
zJ^_g16AVZZy6&^apqwfJr;o<#=E_0SCJ1dHouhR+y=gG*Q78h|njmAeG3=fI*hyL`
zUy1A#!RPc^qXp{N<)TE)qaPFp-0|hjSR7Ej((S1Av<qN+mX`N~3zQjdqD2+`Ak_@_
zTAQ64&Au1!!l%d3y<W<^I5xZ?83r;CZ&2-_a!?N$RBzpHH|I4_or5HDAls7wcD<fK
z$I~A}Mh1d3c1J$HEHW<{Xo;Fa!pR!TO!hGT_v~MtUz55&dOD<WRX0KP@PaByxfnVk
zKi#?yR9ZynymG#sd7$bCOMu7*q$Vl~m!O(y%DF32MZ@sey_^o}LJG5mS2u<(f0RmN
zYTvZI%iGqqO=GAI7UnsH`VoAl$TvGTC$k!5UX{w$Z$_Zp)}pQL90I0x{Zx0nY|hPc
zw2Ym%jORV(QOSpOLvd5<wrVOEzIanbo0#1)l_-ybx*3}te#?HqG=c4Bzi_PM>KF}f
zR~Q3aT8n?Btog3W6i110vX5{WFwYdW6rZI}-W=4{hse<f{o;`+Dv$T93*;qDv?_8x
zesrJFZyLf{08wvfX}SvKr*8|*#VMC?ApNI-GRBk{%d>)A1yL7kkOgq1bq^_xQI1DL
zEn>{+vK<1m8ZskpKab->jF}Eg4q`U|sE8g>kjSal&CwfCc;lberBmK_W{_^^7?DN>
zRt6L%Xzk^l=q<zHWCN08U;M!;<&&aE^e+lxl`l`f4RU&Hydr?KJoqGx8`-L@=Zck*
ze)0|KjVqwCw&|pV?aML=KR<G)8G$LAx-W?5>2QsYy)(&$r>QU}I-FD;jf=A4WjtZY
zG3fwL>#s@PTzN%raOb9o9;2UbGbJgQ$L#y_`^xSfr>I{4g;6@W!(^=5E=aUf=eI~s
z&G;Z-dy^LpX6(A07T(Ru@@CM&UA!-9CQp|Qj2|tzXQx0DV8qza-qQsU8C0k+G{k+y
zjo0EJQYN3}*_^cE9W`zCLLpf7GH95%axm#LM719$d{Qa+oF7%kncXAYn%z;dOnx4J
z9J?JFw(p?opV)e-jaSNkzG7RQ&2PsP7WVGj0UDeStk5?<vZV@^9+ag)6Io=-N~B~M
zbKc>uFrC@W>sCxJ)bjAv$@*o|^=>pftatdw(a;92c2<Kb<2dKfZjyu)R&{|UOFR2u
zUW#BM4NjTYm=a1c_J?;%mi}f!Y)VRaL{paGxnAna9k1?4XRf`wnA2Z2#%I(Dk<q+{
zR`i~o3f0uNonHQkft@VtuNY*C#=Dn1ui^v9q>GsT)P0JsJ4{xOqIgEmC8t5n>}2b?
z*!=F8QNp~}XRoN!Tn4#D<gG=4_j_-VMq6dAax{i>-&BO-_-z@ZZV!6f+fD?PJpGwi
zpMr^LxWP;>eETimIsrG3K`AnNJALCzJr+83XF;T7@s7b5mO~f__qgIuw2DYQ9mjp#
z4cFYF%%dzAlW&GkaVDlwt)`T2y4|dgf!ff~^=U?VypPv>x+^tC#3^3lC`CwDmj?0I
zuVOQm$%1j;{|i|1kGF2r9SgTua3=2FFD-EmiAg6^R_KMUnArvHTOK*$N)0lQivAr3
zR@cz@1deUX17YC*N+wfEklR31l8fs~z1mdQiwT>q-+O+a4`@&n16+Rwhr-$&Km*ad
zhJyhrw@aSt=V#Ib-g977{eA-Y*II~o#EQwUZ7x4y4=2%ci=1KuQr-_uxU#BJm{6p0
z7uU7zGBJPw?2*h@^Q~BsH(2ZF8;XmRO91dq+fHMkcpv?XY^9yr1uCBAhrL<PilT!z
zpa>$Wd74qJGdlZJU-Wd{Fu04HSOru>R}aZIKmq+zfpHA1S%;uQRr7b({wG$m|0TWK
zU+yvT1OE%M^iW0p|Mx|Bha6il{{X@IB6!{-z(LEuV3(Ski2F{OD5%8j>}L#P`#?yG
z+!E0zFG^+r<`C<l;%9KyJND6*ZE<KOZdfrnCp|IW8en0;3HI#8qnhx{hA$ChFl=PS
z<Ne~^h8Jvj=`}AY0D)DsI_2h~uQt~VT_3%cUFCSncXj`Yoktbw5E(c{@mq7Yp(nyl
ze|jN*GXZ<uPSVCS*S0pjpfK7(pbmt)%-RW8|5p+HL>FsR3{<zsrn%Pv?)A&dW*XN(
zgBytD6&b}GIDP5&nnPR7#z5`T5%O$RGNY)&xUO~4f7QaZ$mxQ=sGVkSYX=8i2|VUS
zh8U<e3%2AG1it`i9|GFZCH|9Kn(zb77mBS0k*`21+8?G6N(Oe;-Dfj@$wI9EMHa$t
z00@;tU7PAzlOS`Rgx1A=oqzP`o9zbLdoZP|aLpha)bi}^<SeVcCkcnc47#BsCU0|`
zHw<ewVr;e%yk%AITr@2!#4Fi;ol$|_Kn-U}#}BGRs#Kc2HHZbI4B`usMmNn`<>s}>
zGbdYC@L%ZOm<R%Q6Ua13FarZr80H}w({Cq9u(py1ME!Q&4%(3*L(7^>g7ceigq(g4
zKmd1CC;{%k^^C)y74%KTfDn%k6;@Pfz-^}jo?|mL8{ze9Tg&dIQawD(m)RPQ7Wyz`
zNkM-jmZDpkH$rG0S4UlRFZSeLzO+YS*Onc-IWS#ax<Un$G66)Ls>`nI&$Drc*cxU7
z>l@wfzm*oM|Hu*NWuE5am<9>L6!gnTiK%(|>pj@l)83C!c5F>sHdVRZ-4>sfA0`O>
z4EVEj#^JGEhI2PoM0#&~TNEyrjKDwL?u`8*+&9VT-N~BYy12%Y+cXoUqx<5FZu)5_
z_Pb<FZKC~@L%|p7Y{1ks79!RnX=w-s(A6jNB5nX^VRIUhe5+UGkH`so!*97P2XdZ)
zCQH4&!(99aiX1zsW9O_K?^5x=8Wq3vFeWdJ=7m=L={}>m35L#FjEqVZhAu<MSKnDW
zn@wyrQ61?Y43e8t7}eO!ClAfwfihNf;ul&CWFqu#ZtNwHj;-hnJ%8<^MR>c)<L7!v
z{c#Ae5R@;e#UJK-Sq=o*t(gLo1L*L!c9JP7Qr#_vIGYdvS#HAdXcQQfVf6whNEq6)
znXJSK-ERX?pIS;FY9K4@CMn1WrnYCXq-2kJE8($dtkCV-0P-lW+CE+*0d{OK&$18u
z#A`5aBGfTG&H7fh4{7X#1HXHi8CTNME3^5wI(^BxGOvDHPMBwQr?F%4L;~aXdZ%aA
zcHmy0%pswh^#X3e3oyDpY52qF_5@I;4A)F4-{Lj^;Y&YN=g7Q*uD;KS!kIm*TRmC;
zQ_MeF`Y9sR<Q4F}v=r?FL#sgX36rp%mXR)7@)gqUyE(17kQ|!X;aHCweIV)&jI)qz
zP~}OtW@2x*bs-SArfGm7V(MO5pJoYlQGgC@o+Yn;irnkzkXH8htqy$cjz{_H=Z|77
zQn-W_6B~Pqmt!cD^I{i*(m9$2%1O6{)6UT9R4mrg0}@J5`?wU|ZAAdoZC2Vf)m;r%
zp9#2k-8?^jVTJh%4(Sv}c;I0HWE8D6>9-r>`c2*BE?~QmmboBBC6d`(mDIMUgjK^?
zHHinl-W!zXE!=+W9WYmOKUmZl{QT-=4E;ImRlMownIk2*T8tLhJ0)4_BQM_3XB9A6
z_m$4PJBnjsmN(>%#ON^RP|_Ve;4Zvu?N;{kChZjsyNZ9V8h)KSh_h-FT4^!26nw;q
ze6+lWZ}iNXEK!cX)$+lm&6OziOeKR&wrHo)V_@t_n7$Q0H$%C|FLZdH93d$kdk5-M
zlfN_%Pm9gFF?#xVY{RkABSW~wNN7LECBjjXZb-B8<~H^If^OK%&U0*M^%0GyFGy8D
zZom4i0kno;OM+TN)mdWZPvI1q?Q$i2(G6;YNwM?qV=X!E{(7dkHslh#Gr(<7ep$5{
zQz+Uu(X$noW_6->jI)$IPSP{)`N7WU>)^+308CcaEOlrvg+$O6f^KyzS=^5HU8kmC
zkKW)HC6P$O8v6R!(o%6K42JPN*oSk2HINn9uJ8y}suQr{sFCx!?CyqjJKPC(ld*QQ
zbd)|zsF`_cR_Z5juyPT?GcCK^hD6ADQt5ED=tCSoVXP*}aXl^5sbg8GE{dUa@*>K+
zo3RE_`@y0i;+<Po=om@~@5YN3y3@_@BSPD7`ju7~r%IRSBx;gR#7v7<5C3(J@+n9=
zb_@a?`IMBBa{o^X`%snxpx?4AD{jrv2dUgI$$2-GWKF~ReY?Wc31xan_izGjy0WoF
zDJ2gNkE_0}Je>YGsEPd#><C(3hbFOZJP1%}_%&?42aK&BMQb6K3%V>@fL8UVxk`a&
z{%r~@wg0}7a>C^I#E`FQy!s7SI{YP9Sm%$N?nfK@JHFkQdb8b)j#P^R#`@9yb@!n@
zbAhS`WpsA7yOM)LCddr{na^lYMR_n2+**20`Woo_^{jt?V0dU~lH+h`Np>2AwYLK+
zY;XN-qgzd4O;c-Yz7mD2+YUEm_4Q=$bSW}__EYcw^J50^Y_cn<x9>7h$aH_kfMogK
zXkqfp#2d))w%<**2@J^J|6H~>PWA%+ZXX5z+W}BMb^`mZ!1%|Op1QqNZ2hcv@I~ID
zd;`65?;6Cvo;-JrXaZe&u_7#Rm5IxDmDS+Zv%uQObE9eWLoYGvLGbym&$ZQKAsqkU
z<qflob}5ToQ$D^?$8w(sijSe!G=~K9C@H&Y-tp9*{>XmTxCmo9c`5x<u)a@?R*B)j
zO(Ir#XZB38$BG_ta<#yP{R3MygU@3z7rNOqY9$v@9s#Zkd=-V=TpJU%)0=}mpI@2D
zvgzcS24<BnH*r#NGio8{<|{S~%fJdaY<_8}m2B0ur&-GeFDcJyA|Kdj&FeXw<h)Zq
zP+lmT%-04_m&^2=bzP!U!SjY)EjxCbw}_HAQaLEC0&erhx1vfoO7|j$`!mhs5*JCQ
zRGTH@oXjow*KnyV+KR%J$<ps_$0D3MAGCI!%}&+%snyE2XypAeXIx&a5jGSQ{h7Uc
zD8OID8U?qT_OS9?H0JbKDO@Wm1qhI@kuD1Q{r&v|1$Np))lKx6c+UwIl>3M$oa;~5
zDO8jK1hCtX#!GEyt1`MC*WLEq6pe`N7ftrbR-}LMtrf%CpPAa6VpN*>sljGAIH~$8
z-ZDmC{GnQ`o9b5T9b1%v)%`4^xU&1B1xZ0RO9gEbT$7uSk9R81iY7RBuQodnp*R{5
z#h|%;&iA(Pg_k=`S|I5@NvRp8nuW4YdGf)rjW*ut*IMC(;g@sc(fyiu+eri~X(+ni
zE{<4e)G$V)ZEG`+@OS8Y-_?+?DaSRsl^HWuW|>mv;U7^Y&jc3g@0M87bs5*xTc1q#
zq9%NLo?qk!Fz>GQ&mU0{J$rF#lgWCW-(k^2&jzjKk9k*M`t}~_0uZF)B&py&X1-E2
zv%bpn$35c4C!^*WE*d32cx2(fZnV=B*Kh1R!Jci=)U3$n=JZ|UhAT*$v|GMv^pz1_
z@jz)oUQ&g<o4<q7v9M2>$2<CgO|pH%<Ra>lc$~FA$Z;jh@ga-9V}1J}>r1G{dVR9}
zEofF=*E3efypu*9x!Lwb4W;z4+}fNQ?|28i*uGGIaBApiA}oH}3nv}b<@~s`&fW7F
zB?PrBtyw8;v`d?fdlK>epBA&MK8D%P$KNA}ZuwTFKb5pJH?9^=uy@1hryRXgBj*c)
zI=MEfusic*9}*9BXwZ)iTbt7`nt-G+-hpU|T6n5eY29FE9)j~i-Vspwf-u81;Kkpw
z6jG%I5{#H^H$|;>#wsA}lc;19O73p?5kyz;zCcV&P2mr^TmA-j6QgPr>Wik!*d7L!
z{&Fe%-Gx_{mp~WJ5AD;cIGQNDTKz=>lb4sL{wo#zU`iiynvTk`MR}Utr70eN!0WA^
zN+b3za`=l?ZR)UI>D8Vgw1<Bc^rOK7o8~uz1^Uk|OG>Rvb7D*<+X-E4Q8z_woh=(i
z1b;@NRJ6cu=siQDmcMzL7m8adsg01?Hh#g2jVWb*8|2&4(0F&!oD!RtC-~y89G1me
z+!md6?HWc*vd6fu@WQib!56$>Qxf(LuHsP5J$It~ZmLUsC+5e!{Moz2;=!%-YkkNq
zXDM-k9;V^%-YTRU2VRT=aoHtyRNav1<aF(=My+=l**<}sA)^_OO&aL~rMFBbSy0m&
z3pYxy`A8Iva6q0}HP|e*B^;y5fBLg8OvWn2Im%vnpyK$_0^35gKWS_Jj1{qXXLaDJ
zOYhH(>#l0o+K(CN=06v?UcJjIlv-Ii!dp;KfWcxl0W2D1-#QfmX*s2*vB$zS9(j<f
zNw)HAipNQC$o27hTM3H_b(0$xqRjhgAG$<Ius$#!Ko@FiXng+T<Zt@=RUHI`hO{*)
z@D;1Hz}99tl-LgZgoIFK9j3V;9<WYw>$inQUP3vwmV0l^5qbxEk7NCM6vG?=PW*Rc
zhshVP-C}u!aGRm&*gE~M(?HLvz0pxA!`zwV@?S2r+MSNz`IdD`cH6c)2cw;B=mo&}
z{bCd!6_qxo@ZFX6hdDmr-CRCpYPGyruS<gl{WsW|@;!#O<GhZzK4)RD{4#teuj=zX
zUk^tVIGkqBP#6p&b#+;9{a|B#+9n2nL`wBq1XTKduHiH73KK^6Zj^Cf2IsU_?*99B
zk6b;kq}sN6%NH0X?SzZx6t_?t1hYDQErU;~uTCT3X>;M>;TeBwo(KvGl53u95Y7T}
zXq7q;-aUohzX}4Gm)TRdg*04hF;(+=*{EZ)@3*agSWJ?z@T^==x@CJ~HKKSBpHwy9
z<+WjsTDjo$La}HcYQ!$CRf6P_<_F%FM=d!sMGM%UJLxn5X+b+{u141k4(2qq_Loi%
z7tc$TT_0+sr*rN4JUovV3(<DczlNjK2om^xz;bCCltLwh)uRmHNd2P|s6@uu(hQ8u
zV>e62!TT1qDF$u6`pJ5!se~pr+qN|ygs_md9KX=r2wg(g3MEBin8)~n3Ge5^U6(>O
zW%<aU9ro;qY<9eUJ*X_zL!Y<;UPYeVl$IL_TG)2&dk&$MF|pWU_C237#{*-AS=0q<
zQ)V_+wGmLGxA4WtcxI4g{HCg&P}5FwC7LlkZhG!e!ly6dvvXFZGSNMGEXtbOfr9<g
zZ@uTTg{tTk&0~s6P=`r5Wu=TYJ*Q^A!Rr`to}qV@Dx1rh5QKMBuhVey%#754?F1V;
zPA^qoZVmULm$KRQfEjl!X9Q0-Xv?iM3m7Y>zVK~2>oj9@3<tcwGvK!4UBlb<W^#ky
zv2-_$|L2cUwwzaIXgNV6dxUdVU|fc#^k})g@g;VT_Tbm%hN@3vAJz{v@QiXX;G0!M
z5LT${Bv0hbIA8woIt?<>7Q4SqNP_S9&oE}v^lDSNnNJ|+T8g#&UA8cTEs)T|L6w+}
zeyM*CS>5zrmnk#)obJUU>2yO1)Zfoet@Ns-bxT1R8n5+jxK?kCs%E=&c^h?FOvb{L
z5~jjtlu^dZNjihkM8wgiVaczTIOR7<g9Bk=>T(s-&9j%1C92e<muk7(`CR$l#*v5I
zU@i2e9!&VPeu5^yU)zV@n&d|>BPk_MBw;&6&oRo&|D1B6+b8Dr=x6EMKJu1)y?5r9
zAE3i!bm*8%_KZd){;}{K&-PmI%RYH<UWfMZsUw$0mA21oIwDjnD8yxcE3UGNyKYh0
zq$={H8zpM(^=<T6TXS{ezcF8zA8vT;P`I*kOzAOo(E*8XPV(clofMH#_hBLunn(kC
zF$u`9tok^4fq<d?trGf$i~f8$qwemhe}Kt8DQtEZ`3%>l9p54fgAZqQM5__J3vKOe
z+*%xlhy)3$=3b|Wd>dJ}U&T5{kR>HEF4c|)BeYFHpEOH$e})rLLB8T6B~%n0XcR(m
z5RY>vOB=FmzfG<((HG6NwzlSo&dh`YPYS36K&bNdEd#oOY~QCpl3|A)tF=waTJu`q
zj*@>L2zuMcNNV4F&x}oFhRi;>Z0)s|oiJGP<v$9E+<oCk%m0m(0P`UGI%<aB6zrg`
z#~7JwZdo}Pu!P+oO`d`}4*F^Xw2od73(O%yqi)KuCXs6=C3&bX^5#Kt146iQX~x0s
zB~;e7lL5#p(4JX9+;5VVn`aeTEWKBos8xA+|MS8EKT0Hg8pf2a;Jc1?oc))jAxm1N
zcRLcz^PeUX{22V5#AHt!(W6}pNmTl3ee2phrR=fDnVLEv(hob#v10_IqVQY&8TjZq
z3qNd-ixfyF@w51Pv#MxJ*-+=L&vVB@c(}M8|0&5~VQ!uQ7!2mIToeNrO_=;n@)L~6
z6b32Rep@9WIdlrVrT?L_#s6S4u;0c(dSCcYk|@)a%iVK1#k1+(q3Vg;_qy3z<|C>)
zN37xt$nMPF%|MRrHI(S(YI<3VF2Ziry2N1kUOl~IN9hYOFRw|y%+lrSWq7xyOBD@b
zMT0#fVttJVWrGN*-TAWl)lfM?+v*W_z;N=rfi)`4i)|QA?}N`fH+Q?Fq>k%f(xI_X
z>x86_$OpnJ13c%V+^3gzUGN8it&YtYtB3DlO9vGrS%;tk@<XPE1}fO9XM-Mc8I?f`
z+goT#S7JA(=ms+r`trE)<YAl3C3dK9!%C|LR>LoDjJxeI&+v7GzZEzm*o~PfQ&Of+
zFNh&IZjAbmt3CO7K_JD$zldkKoQh-j!WoHmjt^3wYmJynGSSLd%oX?DSiZfzFgWj@
z-c!g<MxHZ+MeuNSKP@5>+M!cNHMDKfl*7BoUY(#u<Uil2Vf``XO)U}<AWF~7aI&W}
z8a;V5b4AZ>SfWj=E#k3U=Il2>4<$y^)+5RbFEkL|8jO*w6Z<+J?8Ox=z+|_g$K~5|
zYm$fZ-Xyzdx|_(hT)~$Rhw_z{eDU#5KOF_kv=21`zYuIvlK;IV^_yqu0=wRK%>yIu
z9S5XSlwretP{i@&i~RZz*3<Kpt^34q<C|Kd79q<8uvoK~Qja~?lyildRSC0{Xgp8N
z{xSN8);PFbaukfID#NYKvpsqi6%j6DWxH5j*OtrDcqbDb($?atuZ8SdS(Tm_JRFFR
z`=1g0UE$U{hp)ev<Vx(4HX#hKy%_%4YG9|wk36S!WlIb(r?ng&6(N2woS8aak+qrC
z(>1K|DDj|%`mAkJ9A$+4&={OX$36zSC08IC<1(A9*3$FQ_W&pXGQVLuT~QnLiq{XK
z_`o;bn-;BSbYKs>XR`y|7175YuU{L0`NEVThJ?XYvsOkaTMftA`y%DvUK(aMYM!IJ
z)j{*)d(MRM>GcTo7gf&j?}t6Vyysz*vAI=c{WfkRYJ1zO=)V3#Fo@x+Hz_o(@iyS-
z#^J~!eNZB#)}hn9*x=Z?_g(c#7dK-p%Ruq%+CF#VB|0hABIat1z_p$zDdprim;TML
zV+C2pA?1d9k{n7GX@egZ*k?+FM3$)ph5Y#p-Ct4Bp+@#zE1`iO-~FC5j^~f6aumT*
znUM}2uDCzCR(g^L1+?41h8#uZq;r|bWFI5um&`nxE!EuK%Pq3ixA%QiPNXTem9(5s
z|1?|{A!DnPJU;m$ERv>di!Hsr#>IXl_i$y%dI=eQ-rSnpGs15wnJW-mHOWf^ytP*8
z)r!g6!r-N|z_@qhA<PP^Sv%jdC(8km4A(XxJtn>5m*uY>jA{SB`<7&#x2mL<(vmA0
z^sF}1k5Ejf;_+I4{5-%7avDZ~m#W1SH?2*5;V!tnQTb*m4Jfg$rq6?swanx)GFN;a
zP=0DWAiNcs^9>fB^A$E#p`y@ee+ebCAisiI#(-dy%uA@iS$<I?mp*Yun$FV8*Kw3x
zZ?}Xk=?+ER%S9Gig^LT=Fzal?w;~HFJ4T=z^>(@zbS6w4`@k#W>Onq=d`?q=f<(1e
z*Ds6h8pV2akE}3Z?+-TUPx#VMq<knEeI6SLm8AnZ^weTYwt(j5p`Q7&T|w5_!zdP%
zN8y?%SxMX5@$3e|*|Zko)B*_rT{8lws<`9=KjJ?;zC2rHH+z2)fNwU2Je$e4>}ylV
z&Qz?lN#KDV`G$N(S%Co<+Y9{o`=r_x>S~l&o6XP0Zgij_lHWvz+p~^!z1b*uyP>=l
zB=b?QdxB*pt-@{JL3wFrxr&lP!wImy2iG2U;nHCjR_t2NF7UrRJmjaBSkU&(*StIv
zP`O@+aXN!|&G=puLZd`N=YY&cmpkVv?GS@rR$vCqHG4<ycJEU(#olR;LXO~V!pe9l
z63w<2>rN#XW?Th~xDR7rK^LkHMD|Sfyf&C9-V5dDt<E|5HX>Bc9T=U_T$2a>Y}wLB
zuiF(Ib)atX4F&@0H~KAtH}!Q-!>+V?7$H5{HO&RuBR6d0`B&lq+oW#LIbP=tFc-3>
z1GjP8bBrHIFYX3J#Ku}hfpX*P+FDbm+B3V|gsl2GGA9p$OfiS9K?RZNMHVhg9i}3-
z>I%s7RSr*vyrD=PDz!qFQ0cC$(E~%Li}-v5f3FOKP{e&6?Lz*WbUnU{Y|Px)vD6=T
z5OYgZHC>JVfgv4BW+?6E8G57VpV~@x6;YRjI^{5j-3&V@Syqd+YNp4MU0CF!+|QEE
zwY>j9OH>y%lwwyo2v|E1334!Q6ZvtPV@@ck`xkmUJ*gkFy|Mr;@5?%AM#Y6ne`Y!O
zO?xWNurpGP;JzJ6B0dzswhZ$p&a^uz1j4IEx+-NB!rz9dvU;R8AnH;caQ=v~r9!8*
zV|CZ&hH(YHk!>ZCPoE#$#%Jpv6F<tR?pY4JMw!ZBAIq*3*!+Rfjh(E_D)=D%`M^qP
z^~bk?ozf9Wk56r4?d!+BFGz}Pig_$1SC=OgIVAPjlFU&u9sSvz&Rmn_D?Lg?%p!YP
zp9r0UQd(F9il}@+GQ(I7r$8GAxVl^rI61>Q%yTLmD4}Lk4)Yb5B7PHpED}6wB<Y-L
z+84H{nel)$n*Bzv6<z)zI#;4LlpwlJYd@$|F?i*dO`9i2%IMRg0zzeGVI}X<8Of9|
zYm;!9jL#Ni&9C{7%d)HXQH6@kbIaW{^<v^V_Y0V({tj5zTemN0F{*aG<vmdt<6`($
zaG0vp?L=$jdPRzr`vV)PSNO?O+2z$_KT7Mv-vgm=YA=t_hd1^b?(4E%P@Q{sPC<BJ
z{o35Xv~rojs#tRnmDvLpi|nc_%m^Z47?;z;{8D(b+?0;6vDDU@gixE|b<f~Uk>Y=|
zd=G8CGLmOrytS=~|2Zu*2R#3>lMnv9g>g^IW6N`<V1Z+BI9_ufcm7IP{@kx1f=Kb)
z!dlvNW;?)p2j&lnz<QgZlQu(4NdmYS=dNlOs-HdiAHJVcYZc3GVC~apn$cM7?}HLH
zObw(Le^ob3sb8%_n+HN=$|0IE<=gjB`w<sQw;Flv&w%O$9scH`mr_1$v_HQ(^w&{x
zl7jNnURe$BNYt;Ma#H+nywRDHQV;jXq%<uDBsC4uX!NsYY<49^KImLO>lpW@A_`MA
zmF6zfmZL;jD7D355$}cTsfg9m&raCidA+^Ypf;xmroHV(upTUe)cJOj^uph;M5P|C
zvchCnQ%zR&P&6H;<O*R*{1xVtW8QmfeZzC)b0#rg$OM{V-E7JwidN<3J5UH{m;4<2
znmt`N>H>-H(oj{bAW1svqy#aD6`iGe03Ux_>e=uJvN<3y4+`K>plaUytRoaT8M%wA
z)Iu2f4A8;J@tt-O?les?7a|HIGbuk_=Z4`rK(wLX+}Pp;B!9SKW5g~B+)6=V%Eh{i
z6qJc_gd6&92DiJ;PBzZuC8v{`UIluY5kC}UZyqSTuKFk~;tvgY?$N&l+3t@D?-%OT
z7Sm;QCO}J@v>%+B;#gx%?9>j9M4qr8SGjR@VEt`x=a88&NB`Op3O_CH9hCd+sTcG^
z)ezoV%oxq@6H-`gknfqfTIa8OLZ|x`A*Pj^g^Rs9MDE+qelX~z59^7K=oVfM_h8~*
zEOcr5!bB%rp67Nh7C}WC9`<qD!5k?KpPjV_48Pot#zY!uyX4CIHi-qvvcu@yKdnqg
zk*e*YircH!7I!X$mR6--dOj()XLcaTzOr$UTvg@uc0^amaL1@bR(uwBP<|KVwmywY
zI?YU@XDqLsIUF0`rKv{K^r{Gxf+@oPL^BA6fw7u4AFV_TEDhK>8b=&8f#%-HW>06?
zPlTA%>pe}zf42)RSeb;h#D9iLEOhGtuPv)p|5cGCjjiN9Yex{@awsw&JDVAl5`nv0
za5~CzuVNfO->~9VGjZDAYj~^IRq42^{Sqa&ZxH0S)6aS!Cw_Q1Q4!hJq8$?9Wi^vA
zev&lU*VajMu*;7*XlmTX&6`_TB5tx1?ez`#5o7lHld}?UvVf;ccJe0;41EgQw1MeS
zEmTH>r4WnJ;f_?u_Z5>jybdd#k`6Z5`ONPJIiAUX;q>vcH0l>w)jn4nkBDdg7yqx{
zW~J9JkLktEt{StHWVV#?Ql<2`jCa?VNx^%g-TS2%5bAwOvGYg{#D1V_3T#`n4w<Dr
zA<*``^-TJXWKoc8_F(muw#ZfsQX3s%94>WU<$G>c*FU2*d9PkZ8WD|t4qC1HG0xos
zd$&Kj8nR{rh072JzD@k~9PilWVJn{yZ`+p3Q_$RgEt6BaP`Ps)Lted!G;QLpd9Iu1
z(UO{8Kkp;pQ`URS`yAVZ8DGt%`Fn_`t`#TY*gm6!5hd|en?&yFjWVURHdnXuY-d5}
zEy1(9n=T0rdAH4fO?&l`?kuWl9Gqh~PP~v`wTeNTbvvSe)ZVO#7K8bp-1~O1xqtqP
z(<@5+I|q1)%bA7vkx{-=qmxk7{4R*sxWa5Y7>tdGpoHkexs6;a;Bqb)CA*w+Gq1|i
zr+uc;p%`1D1VkBE|IDmE>Y?;0JZ}5fdGxjpB4^=x#oqIP{pY`=_A=L<ysGvQ2%leO
zgc-!NlUtX6a!<!%39EF|N6Z)^f>GL%P)JuM8e@24=Du(7T5ER%vj0;~lh_2-=^OhQ
z><sVTLK)IlE7%+7zLw=K9Xe>ikb7iMM9x3FKi#Wn-*f}*Me;>~!nLwiJwR%Z9S=VL
zb}I9Qj19Wh1ltL(j~L|1DL*1|uTE8R#XQl;dU(U|P_kgY_0NCT92GX$&h)(Zv+fB^
zA$P3F%uS&Co`N(Msek|&l^HCP&UJ0FjU+9R2K}|J(n@6={L)wC`q%%9Q~2BNIA>z=
zN~PdZ)pn3)VY&8-4-!-$NtoK2OmHvyK#Wvt>ngCi7#V^M4RKRkzar(aDaaJXgc*F+
zC=uj+Gaq9pBRTn)p#>qwAQht7z+#k9IdNaAOliCS)rP&w^E9Q(ear~{u2adk(8j7E
zk<25kQi7TXJ3V*m+wfjC)l>AT+6cFptgRP2@)x`9Wi*fnb}#Za8wCvxQ2SZ=1`)of
z1rN(h?p;Ss1hUDqZqAv(>RLl%a|XsjmR!4MBEIV~y?nvJ-y*m?+46Y)Q}7*8!7E)1
zdXrfKBuf9t)5i<oO5^3SO-Hr-ZEHz4fTqYqb}`BhDy>;vXN0N5ir2RtVGrB5Ab*ZO
zZaJP`$Usvw`PxHUyi1?z@UzCMLDtU_8!KUJiEZi=HkT9{dlef+iK}Y(wJ;a_c=G-X
zY*ZyGe)Ay_Rjwx9-~Th^#PrK~%vR!u{jCFUZHaxjsQTk*9g`4W&tIz|Ze#N*1OMFE
z6G-Y3Q5(usxpUija_xo`@y_78jBA!3nZB#~=4Dpw4kBUDJuKB)S+h#t%ixV^VPpJ*
za|&f_2A6>QAfr6dw$Uy-^)ZMqH(w_EV6DB;`|t1T1h!Rshg=O}R`+bzcBzAm%j`?5
zGbgO0L&WwqEiOQ>u^UW=>!BZ3XvR&?GpIgG`_TGPbvCPAMheQ0c#`eQ6)e2(FLNO;
z=t*c&s1uvW1&F$(vD~x)|I1~1d?aM?4(23{w&8G^Z)LaIDf`7NW(E0pwePvg?tvqo
z+cVkE`_MD@q29bD${*KSWgGnnW$q;Pn(4<`<VgdhcBlFV7s`_Xs}C?-tbGr)|HBx<
zacl>RNBd**B}&M`mhB@QLVo4zd9MQ>L~<Xqc<zRY8|iWK`*}khVz^_PXrt{^n%XH8
zPKx27P4DCZR&9o4&oF%%CJS8c9g<5Ah`)oZvTUM5nXnbL!BmIWUQ^YT{L|y7yr#o2
z$^;+ha@$kv+3oxBXo%I;F{kxzEK{Rh@6TbIbL6rO*H8WSK2ylj75fvS+-F7@*GUAq
zhtuPGMx92ZVg|<)^H)uDL+(8Hc|R|?ZZQ0`i4XDVvE2rkg()9kC4hoyQ6s(wPVkcy
zDP3Js;&XWZK{2w}tZrZ&ag)RPeuea=T2;=5XR?MB=mx2J%dx3u;Pq3J=^VV@@sSS^
zQo(dI^iSL!jd`cWOF`Mz($wX5WVFN2r7c%UuYJ_X2hu=B^C>(8^Zq3oI(4Fa@@AgL
zxE7drrNgkhtO78GK(5@buZeQ~q4hd_6U1x&(^vzW2`nA<|IcCi2LW}eRI;zlft{#f
zWV8@DFrY^u5YTyf8hbk%MfzY=U3o!2wY0QSY&6rqizS*Z$0vU^jptgC^aQ3{78>0d
zdQEts#4a6hemdEK?~=W0O-7FXZhqlc$Q}LN{wE*-i1(PQ10t#2fD7rS{|@VbXkyGA
zw|6Kian1#?cRUkF!S=8XALMjQ3@f{sMlz}l4)PGU3Xi7b2l17DRXrk0s#tE~hC>8)
zPg2$%8rlEzAkIX$FxR*4IkU)a3nV-v*KC{ANam<g+hnJHnan2px91f91E8Zj%?yTE
zt=WOoQPiS*W^CY?wcWjjbW=&Ns(;6(-s}F^+#;$G8$JS-(8ezw0<x3U(NNh**=Aq>
zl3VrT<=xA3`*kz}dqXtaMw-1wiB&kZ^Ed5|&G_z<e2U7~X1Ba%MtsUZRKS||uLro=
zM6V6yu}zKgXxQi>y~oBa8>~sYlxt?WHW9_Snz^h(y1(g~MI^Yy4bubc>$yK0gu=Ku
zz#{sfC-xU)5rki^8V;|uf$Iu%f1c}i+hqowZVQMcKm;*IY2bs{#E+T)x80@2L5}Ix
zA#9kc__wwK)yuw$*E29Tu#_JSRV&oZDi08dQEoFntr0Ywz2nGV)JV!{#!AVpUt!zR
zYQ8f^VRH^0iFaAWT{FnUqp1jE;xLxX*(DBsG1mpVMXN=57ix?|I_X=X+#(ef6<vQ+
z`y1;P+9M4Hmv(=i^6gL&88)A!?Aw@>InX`W{BU3$_0_<s(5|f@c24DO12r<cd|5H)
zq>w`-a&FJfJ2iDfWZ7pF;DvHX_qLG&W)G6POo+jq8~lKwalL3eQycD+@;vJO<M`o}
z`fbA$Y*uMgWKd5ZpCcQ>trME;rphnDCN~<C)g^Co<BWxj%gFo#OO*S*zo2--5#<Vh
z#OLW$mj^pDEQpZ&FZ1KrLGIj;PW;yuhwbOooAY<GU2d16_s;aEp}=Z9oahu<exGmc
z?R_9bJIsG!aPVNa{a`BKlynDIdfca8{|GUe1w+Ih$%tIOQGd7=M4BSh)rrbCVxTCO
zHZjMg`)wk`ApXh@P&OHmxLgvsU%ojOWOh_&dY)YWizDiZ>0}DvN7D!NT0Is~29{9@
zo}QkVjEtx0j3sc!;}({dr5u761Xm>BvmM=PGIPBqO;rawRb?`L2aBf;{=xO_mU}lo
zx}Edp9Db|4?+K}DpH#(}Nx1ZB;e+pP^3KJ5;Fi$@ffj>-(<lu6F+~aA9gK92(vwTG
zoh$qoda4C7-(Zy!1#|}Xdo;b8!c_?3xenc!m$Tj*e%o>L5}}4SnzncorFD~jrS`o=
zVzQ*ICo#~xZ-#Z6gHV)A-m{y;Cw6xyj<A2_vA*!5xTa0PVt#$*X%ki>QnS8N``+5c
zMRu#YSSWll?LPg~y)}DC=raEaYBO4_mnK{MKw@$F$FFzh-v5DIU1qp{6sm26D3IP=
zlq)OT^VyzGpZB~jl(XF+Qkit@qKE85cDHZ|Cqv&gtWim`er;UT)|vJp?hmv$WqNGy
zYbupv(6^jW!<%apu}-Dgp)0Lx>w`{qAop2(Z?$_k=Q<%oY~nmQ<!-o?W1Y#&#s(cC
zwf_BwxA{Fxrhd_klF{}j38%=|99vMcV7}Z4XD8wo?MFE4J7qB=XcD?rQZ^ayJ*zQI
z9^`>kw}D~z(M(2F(YvEtZSJ#YQexYsca*7)p6H0G+9f_PiP#dGyQM0nRMG5i{Q<?W
zQZooy7|teUV!f;&`K5Y>zsx8@L^k@TwZwHYXIdBoj;Lniq%nM4p@QDtO22rz{NGtW
zYLTwUL*FMLRHJ0F1l^|mR?2?))!yUR>=R?2z<TXyde!^R&AIYpMusw}kchKzMbz29
zr|P>@C3WH>xUq#^?2~8pOnLw&HTY>F^x?%$U@4<7?M*#|2YuNJfOOBrG`?iXJc(02
zN?y7Z4Uw~nO)JaI{3LS0ablFwd|Pa!R9drG_KujZi1&o_W?A)0w$dwqs$-@8<5Qi<
zjC8n`5;o52r59*0cTinjT}KLw5&iCaGi09PGJ}+_b{ntt)1qw_DnuG@nRJ5XPHMZ+
z<SWzK9wnCjb!W5LXunG;-qZ1t&tlC>z0!K`gwm_snEB%IkbIXbmPp;cUge^s2`j)*
zc+G2nYjSNH6bcvaLR!U7hisWYzgSj|SeTKutmJ#&s~tBu@Rfw&>ya|nDe|c4Rr2qZ
zV>Y-wP~_lI<YmHu@_IcJGJrCK2A=#%|CF*u%dP&35d~pz%RnPjE?18Mxrg1k*(1t*
z))5LVwu#99G82(1jXbvM=n{a=*toGA(~4l3eex)6`Js5TDg5pfBh1O%{Z0JWUcJtF
zw=Z{SQQ2iVt^X3FA7wHG$%XS|>vl9G^d6mC3G~F7zPRq<_`r?|3y^Szu_8{ri$Cku
z2JEtJzPvd-U#>fHA@pv<)^dv(Wo7SCn7<<hs_VWwLEUIv)$-z{9c+Qll?ai96PyYH
zydKJ=E8S~xv^41|u@gtHO>C<qnugf*BFCIe!cX{acP9+-?I?c_S1?{%YP>{RX_wJ<
zbj;c@j7h96*G@ahs2=^#%!2Ph*^V@4tzCinJs#hGCItMQT<#gU$Q;a#?yHE5cqDsQ
zUG$o|QY75hgVuyXp-kl;WVXJk4Z)rmZuqAu)hJlXFyfFa?>3~}<R@5!7rH@tx;jd3
zvM6`6j4d?3*9(NEU2`Naxxyl1oeBUqhF}5Td|-n;$1XkUx8hnH6z}>rlNsP#Xq|-c
zBBE8qJFLv_>vU=}2hS!`8TNS%qGZbKXHNI>8eZ~^@=A;7#kMVL$LXmY7t}zUw9gyd
z*5|c=RLOb~GB^ALSE?KX7^@)c82F3}o5mV^T{Q6>2H~|Ko2GiZk>p*fxlz{k?2I`j
zSJ6o;ah~J(yP3^r&W!J`?v*ZMi*~a5hm4Fi{7qDfD7{dciPD7ip&>7-%<>`eI}tZs
zo@$P()|d6g-*4}89C`2;Q>l?rS!oFHKX5(-a%I&wY4C!uurRr_I-5GmW9;obmX<<U
zr}IKuL4Zug^0CvFLoB|=!q0a-%F>WAwvUM|+7%nGN;gDd8*T0I2{St^z$pZqm-Yx9
z`G8#4JB8$%Z(&~GJRxYb85=3jdEJIPjf7`5^65leQZaTL@to`z&h;FJA&r}Mm5~(9
z)LNXoOCPkEg52j`^;>~rJdW&O%lX<#F}@K_cY81LD$<76;+_fPKnzK+QE0MPYr~)O
z$Kty1xZPg2%wCwc;nGNYmNf_<Y)>VB80u9qB>SDf=CdlaQA!8(mv-W3N2^9rBD~o0
zjXoYBQu#br_vppBo9(?E%nur%=^*wY%kFc<lm}~x?TTe9H~w-I27iCENcf|Tn^5rw
z!3w_3ZNsxV6NTrOu_xV{t@OF)Ld1<V3KR_y-C~$J{H$}x_)+!KFUVhn+5T9zS2H8a
z{QT!Qv|fYPDNL5xkICOm{6IJuyIeIN^i@!Z=yogmqs~U7tI>C>r>niDCiiwiTC#iB
z8P=Z{uWjpjLMzb2$I3hSUKMW)*sg7H9{Vd7>5%-EH<Y7)gp`;?=MZ;S+D{dZy@7qI
z$K&5ZTbPR`hE6bYM)w+7zK@DrrsQUf$6wD7RBjG8+8tw_kFx31YXR`a{)wNjFBK{=
zGJhQ#I|jAf3T>BxEo7hUNz6|8!4uR@t!1cS0Z#rX+9YKPMl7~`-CR!t33GmU34v!5
z+$z%us%I-|de3D3g1Zh+A!PR0(_p)PtP0+(_l^1<;M}Ay6usRIjv$vlc{odSM&0XE
zc2gZmHCC<o7{Q-ieU<CN?iI|Y@@AALyKS3ht?m)->%Vamp4j*blFe#?gH7F{w_w6u
z<*Kr}t)6=Q87Bk4Osp1=cM9_)V0CZdLua&r|MK2~(dRJtU08M@ADRyBrI{V6b&T?A
z-w}r*UdJKRnBnNGUq_qyMz33~6q+?=&Ul-qo&3JqFjvbj#NFlrjb!`bF-*Nq=vxtr
zKwh$zI(PhyAn}QHqP%u89~C1LabI-fX@JlkhR^i_W0}6xU{}*{AO61GsZ6oaUx#)y
zP_7gNR%kM(E!(MK6G3ps6Ue&<n)Udv0!bgXmPJ|aMl@2xHb%Uif?hzt;@Dox_GK@!
z6JgXrI_Q0&PaUI%P7vZAZd`0E&Yt^5QgtLYML7OrdXKF;rcvg31T8|D{vtn4V7PM&
zDZaluDN{Ds5Tn{tRJq1mL=2_H08-Q+M=4YUCN0|fsqY!mbGfjmMTF9Nng%`%?Q_iP
z-@OnGb2ZE{Piqy-Z^K)A0X-yOSkJ3vjhu?y7PvBR^-F3cdapOjfb`0?_4EQlabl-4
z^gd9RS+rQv=pQoX#Vnz(A}uUYTf<T7s;%A8O4~LI^z9^qc0!+%?@l><_WRGXLa3LC
zm<2JD@rxE~xxA5>lW0A}3xfliwKlD^K8tv^<0VRL`A5`~_hRejviOYxR+#Ls5aYEI
ze29%~*^uuM@eKY$k-8iMzfRc>CAQLMU{)vQsb<CtAS<iR^D4MS&fdLTpcy2pa1ff_
z_nPxu)OWfi>e7~!sKz*M!{MAgIO7w`g{Z~sRds)O5ZtSf-Lj3M48EoRHFM#>)(s2!
ztpQtKnrL2gJ&qfIWXv2NnnJ%#Y(fYJRrKANSkP;uzDGWcMo%yfL~rTlTb7Vi{@LtK
z*zYlLd>*eX;+nP=+P8cY7L*t{P~wu#mT{d`i)Er*xml1A;x(>}ToE3wM4F~aEoBY6
za#+s@ta+A~wu;x;+v$mWZZwAb?)CY)HGX^7P?lin>$D>S?1^~<;AZ$gw7q9olUv&@
ziXb2&q9P(laalk?M7nfrpwgs-k`NG(8ajmD?b1|w?=6tf34|shAT6OKp#@Zg(2)|5
zzMsHyz29~A_rBjg=UjXK$Yml=ne!?0p5q>4+`AGP2}A2Z@CC==?Aam>oGLa7gjN|3
z27ikDWvA;TP^?=<M#fQ1P`9hX$cj*zOaH9)7d^<=FC&`iNAkWvTf@DMHO#A8yKK3D
zUIw&WjlYkj?%SWRaQB!;uIsyzkE4q}Snb_qv!_SccDV~zL-7r}N#k~HfX5#9#oMV-
zX01q96RvQB$+;hk2wITS@$klhjWtD0b`y@ERAo|={<CcpCXeUm>&BRK-o^i=9k$Ij
ze@V2b-ZUN7@W~LexGCw)MoVG9HS<^_3Stf3j?PUbJB_s4*fa;yuJkf4jTG?5KeZih
z?l7vjv-<kzIS0tDT#D#-U%O-n-*p(JXvU|&xh6oN$(~(wiC|O|%C{FYil^!8XwOTv
z$^+x5nIOOSw_4UHj$7TRq9VQhz1;<U;E{u>0qiGsc6Qt0f$JV8r{k$uM!a>0yw=#N
zWv)hO#@|p}carotp+`(0#r@;9CC2t@ne+F%3Tr+0JT$hezX6#Jk)Pv%`~DlI@p-;a
zEE{&D)jJcXs;4tU*E)oX2Wx_)(`2;r)_8yme6hpNa*8?MuXt%em|(EQjwz-S$ll}_
zR!$V30C5WMLM;?0)&QS4>{V>VdvW0%jOP-s{emr6FJXKJATYt(l-2Yq#sxHN+ZFGK
zh6tu#R*Q@U#jyK8E>n0e=yBfr!2n{qz3RI~Q8~n&0d}mHaFJu}LX`(AB8+I_t07Xq
zrt|t3;-l~{5zGW5D42p(`^Bydiys#+_zkuAoDazM^0TwQEQs}=1p*gIfqc8byxF@U
zg6?-`ddnV<xD)eV4rhPZ+H4K{AX0vOaGj5<=4n)l=!p80mZBN(Vr8_#TrK9Y)?C52
z9SH^3&^5JU%NYAkq;0?6`mbhJ=?gR5PA1<TZX4{IYWUwSSv9(>`Z%e>KD0;~CcJdp
zT4NRLa>Pa$OkHeNAoT)OfPAPd9Tht<fdLTRV~<Wj2`w>*{;qd-4c6D*dURtX$(^5e
zA6?AS;k;+CYnyUBPleBdNqO7GwiEHpZUbN|2t@N+=(F_hgfmO(B)KQaS>Xe1lAseF
zWVABS4VK}b(P@$HRW-FbY`li38EbmlYz<c9JWjLKUWlcGU~GW-tkE;tg7KrR<*u{)
zlg&=BpP9<LO6`KoFN~~!!~@Y)qyO^yAdve$XfrJ@^txFP=9{g*rQH`j9cpHAvOqL0
zv+wIPyTjy!f$p*F>?L8oZ9CNzQ@6RIn)m|r3RtgQ`}tBo_><kfP>YY;dGm0BLvAo=
zC?FxZphjh{=ar%LvzZ%t1pk<-z4F`{u94)quF&Hta1U7_RiAA$4a#fl!@~og4}l`X
zh4S|#_P^W8swJ(J#hprU+_j(MM}M)AiE+QT*P@U*k_a2H+5PJ9?q5jPvqzC7b|Zn)
zHv{`~I*!*P%Lg{Xp3LP6)KRtr^YD-Cr_LG$re8Iv{%ckJ>7>2Bwrw2En<-T7{ynW7
zkIEE)sBqBIZEgF@?D|8Lr2`#}p5)H3?mu2UrG0PjL8Q8zP(=W^)cw`aggR8uD|Rfv
z3!{SFN?Dgq)OxSm$dp;P6=?K<ZJxn-e|G<ZeBOvu_yCSP)IfXWzT^ZZknp^d_fp9p
zEbhvUtR}O(sKqSSF|;nv*S+x>)&6(zQjXXoHn9NvV0VIjLei}jj+p{pGkvX^iWCVs
zywCr{wETYs);$DZ8UWYp(N4hKrW%~P74&`_7ofs+Ip5<!3l2&8jBT02#duHoA~a5L
z01y=@hpx@y)%Gddk`@2z$BS6daBi)N@BqJ@0MK9Qz0m1jtTrjRV8h-rAc3Fm05G`E
z2>(H;!Mff!4&g#s{(i&}nvXeG0mAAFV0C394kQt&&{t4Z48RzD@duMV0>E_#uua8D
z5)G}5xH}V&FF$BD0O==4Dh|&7{L|r_MnjVc@E3Zl)TM)zQvK_1*01qpMnL|#JE(ts
z=de^Ku>HfM!1wIS|CF=6@($qY=$!ti^l;+k|8jL`Fd<V%K>}$$i79pp0R1MK${ZUY
z5D+MoW=u@X?091%iP}@xBZ_r4kT3hMDUnt61aiA?LzlaTMtB5wK`$06M*$|&E&^~8
zLHB#gjw|=w@SRq&)&6s$Hs^q0cqAS;)_Ce)XLEJoGorqc7pdE@Hu;2eGktv+jzk-<
zhMgFY`_VdsowHGRU)S+x7-)LbZO`i0r_VL6S+bb8<y7tOI&Jj`Nyp_+)7L%{TG*vT
zu9X)nEfN5=NoNX?B@vH9{Sj9IDrq$UD(Pn-&Po#%QLNJ4dWHe+?e&6~FPZ{P-kaHg
z{Ne95a|z&k)w9ly^C@XH#`o(9vd^{_yKn?srOXgSdhQC9bcYY0HQumfX;^^Q2aKHZ
zBvC}-7wRal0+p<Hi}?oLJl*{;B5P8uoj3YTa<i;0plL{8zWOwrzu+aH`8#aN)*txI
zKyOWymL7+{9hn9q>3boh-w9>@JK|j2=M3vnY5uVK)?rFxy+=&L62s$N30PG5E)Li4
ztpt=7XLdqb&Nk>f4Z->L{F7FQH=ONYC&`1JkN0O51B+Fp5UVaTT&+~<%VC2yf0)q3
zXY}9fVf1gC-YsvKJ9n_~O_ks(M=<$H&(079X3-ljb#eogwkiWMtk?W*(a35w{?1~0
zN2`K0%3j?gJDA3^KSyqx2L8;k1kNU*yf{T|fYoswZua}L&aQgsT3VB=Nbexbl-Pga
z;i1d`IJk`nKuhz@3aJ8(FI?l<>3F$y8<vg0aTRK92O6XW>~3o&q-(9V6>h=eWae(V
zphZV=RSoeXrsR5)OwW0HJ;%91KmTqlKS*a*Q7imavyXo;!#3u~&fbK_LH2~&KO1Q_
z0nHP!*q>>EYZLl0Ro@sud8~MA|ArjgYHPt%#Sw&3F1kFoX}2)}B}19p+JRY6h71~J
z9FzFX@Ynn|>Ofl?rqaE$`31^C3F<+X0+9K-2g8dVN6rh1FhIbEci)w7h)IC|%^cf}
zK2ahx+!O?<sIe~}UVUHS5)+%WUArSFw<Ov*@@=br!+llwohiI-0^M74L|MRt1Vs-O
z1TFb5`I@z`!Mv@1r8t?MT^~ND&Jk$pXB*V;bt{4k!#ByG$K1Bo8_UOG(>YJ8AijHp
zqKK;H!cclR@=UWuG&g-P?sVs;J+#m)z1J7d>ne(j=FfF!s#(o(ki9LQ(9a*<{J8!i
z!jw{+aV}q7gYrK2iO%)eU^#;!+pM&e=Fb&hDcTYUwu5^jJwZL+#ZyT^;-;#MOm0|z
z?g!Y2NQuwfNfsO@N^Y!dH3gi|u|-0vc!T<&Ig_4|J)x_~8*aaOX3wC{(e!<}w;Je}
zM@ua{^^#qyXmZAGEZi+*a@39CMR(FlZxG+?^WuHwz`1?8-Nk0^dWbU;D3RQ@m||?j
zjS%sfoc=m9?m9&)T+kJGE^NkvfAszAJE!Dq>s<0M9II%`8LeWWPf04^*l*Bi{GA4S
zPMWH*Bv}f&zAl)}GfLtmvhuPb`Rb+~J8XoT;a!2}KT_(3+uYs<_wv9lLDTptB;UB6
z?wverqY~;!lfQb6cG5gR2m)HrZ-(huBmRM3uOB$gM98o{B9hXjaC(?@4OaQ=fbvAU
zh3FHOKGx`zqcjzvphA6mH3Qx8p7f86eA?}drne{Gcr*syhf}1kKQ6<GZzI;D>z;-R
zij-hny$fCmZ<?m;FFDOnI<(*}i*Fa#U9rf&E<*wGtyr+07uuWe)k|%D8ldK>ME_8;
z#X9NKSVzavrwtBUyEe~@FDU8~>$z;nv}OqgXx+%iYg<IzaXeqmp6bRHR=A@SdYU|^
zbXZ7ES)Q)d_8B(RXYab)k~a(~6+_WQCFLK*gg_en$~!t@8EJ2z=M;-OKS4fY-qqT9
zKdpg;XuPrabVa|wTsToVdK@k({q3Av*tPBL2oCwz*Ior|-`!nDH-;N^ZAFjxzvdnE
zO^N+tS95L>+^xV;+4^oe5ogaw(CaK}gj|l!nj>s2x*68*ZC!d%kFN2^V5j&W+usC)
z+C|8=qQ_(<^6YF%U(dxTt(ty^vwEDW5!)YUHRUhg$QPU32;3X=mlQ56(~@arDN=tj
z=@4gS2EusVA)1yyRyv;)rVlx|Of<rJ>k*mKpW1tg$LF)fNlPg*9qkFIJoVe9>#_@y
z(5}g!HW4azFGw9;b{JyHH~IS8=CMw7S=`W#N;2KtRDFK(HDUA^#=^_SlpMI4n{>9D
z+bLVhn{*Z%Wz}-br)qDb(C5eg16K7e*K$Q3c}f4&brbZJ4#OwC#gqcF>A)M&bw{YA
z%5F#YhY4Ca*7MRj-!<}6``kD7VrrmrCq0w8UN&0GOz`S7)@Fr2U|*^a-%xxJph%Nm
zm{i`Op%P*quE7rTmY>-nC)*lLvLZe&-F3zD;dLo(YaY4wrzUxC+;Rv(2)k|77E3FF
zc&j2xIx2x_Zw)gmJ_#o0k)5ix?;PH+XWKUuLlX4P2THqI4p$J?*=}Dn*zMr$^RJR5
zKs@EsIq0H}Se>|mo(#7oO&H|9u1iVv85?SY)!+v~olCJ(2~WGsBCH`yHIy-h&oYzK
z*7ow-qs-wAU&U9gytlj__mda!aOwMB;H4<|hMeGB+?)rG7d}2<c<mE^l)lU=-Lo>p
zH($0;NO3Ve3F0{&%&}{hP3`cu;%{n)Lm^_K&6@OIxRL}3E4kToX>Jrv+sJgmE2os{
zPg>=r>=*sMql5<GOSbni<JP%Xke7?fxIC2}{vEOCbSx}7y{J=>yW_YK<O>=e-Dz@X
zvv%e0U*We-<`pdOOqxJUVj!zOr4Yw`dI`2_zdKZROn>H>KCx7Qr}55udPXn)&NMFc
zPLt4?U@*=R-IcOk(6!ow3Eo<Y62}L~Xs?bj(oEY8!@3aeJ8q~3p63Wh$=CRW^5;!K
z9s71*z1_X=NG^I%uAK6p3}wYy?4sAV2jSHtN+<Qwg>Eajo2FapW}_chN|R;1!$TNG
z#e@bz5Z_=O%NTZdIuTD>@!M@47eJd4_7P<6zx0WLrST$*yoNreJ`A9n<T0EmX?YWz
z-cm<ER}ds}!D4E=Qb_nzm!DF2&39O?QH(h8D1dfEb32Dxg};%~H%i{9dbvbL<9^ja
z!79cSvnxXk5JqHYDQ(wc3=Cv-P0q6)&jGl+*Y}rFN-P(vK_~y5xjSXR-E$|SmW0|?
zcS%wiDvih#g$^bJ36<=gaX1cVw+1uM$RZ^vH#QU3rOGX1X7-$3tTukDv2S=l*R|ZL
za0QAcq^9X|NvpmSgtq3tn?cG+2o!A^&BOdVvq3T$H}|{z8c*+@nGX<o;-s{l8dGDT
zHRO1%`HQy`WLc3$*<dAZwZSZp_VD(1%ic|MbND$p>p#2P%WFA+zwP!tL$A5`rd~50
zhtzR|*lfhLtfueS%HT*vuW=y5ULB>S(5+dS3J~KT`}@~J>|ijEfk9qJ$79OU__!kw
zN%mA`1F}hN?GL#cDdyy$h;}Nm#XGla^{0ZV6(%=VMKxl;hKx#~CWNhE59xB}8Y@lv
z>129818ft_s}ZM0g`x*BGsk}sAWnc}e?)12x-HRjf?H0&!OyH*1u8a*rQaE^<Qpt-
z9&#$~3*6fZkc*RNY;?^~-0qO3w9IhOpSzuwHagmI6ciE0=fHeJJeg>*w=M`o-2;c5
z8_560xsiPhG7uK&C++g~Re$%CAn^bNAXB253NOKPOAwO7mx>Te9?>UL74=M$SKvIG
z9Tz2^aZlc0IjVn?yc%r=*5ldTAi8&{?yDKnUz9w+^M~~TXymkhhWIalG4X?5Z)`Qj
z#0*bED)UC7m?KmvnNz(8AaJh`XEWrHU7+=MF|V@I>HtA;#fZJ>F~=wPg-}7blAp2y
zVvHdAx&!`WyI9l;;64FOnY<jkcs?~NnY)-8rw6SQkqs*K<Gvt)g}^%rmbjVUo_lI-
zjk^`A7?rlT-8iw0-6p7YmFUQsf3&+a7iS{&=IPLr0|ncuL|Z4Ng~M=@_wU=3dYJ#f
zdN{PPi2LxtERW`*u~;A_9`kRVD`Ei{LQqh!ucAPAp1ViX8{i9x;-bA%>&Ttz#DRh7
zuOGM;Mk{rdc4u(*RMpDE`$<(r@79AO0O1IgkABcTrT<qthI*0*-7%VlCKxgXanlj_
zg9A|;AgKEr>mUXKx{D!}ZyIjoVSu<t^ZppnEuPeUk+6b8#RXN_d&cY!G@?AIVEVy~
zTHVQkWu`6J36?M}kdTltJ5-)`l26e-j`ppnk~HAH*b7tz`n@^xLnZ8d1~qYlJ<{Eb
z(<0xK4mvnTK=GT*gg7S*&fXXgG?gCrE0<%X3A%Gg?go}<8s2yCK;11$?f9-{r2NXU
zV0M~|fK20XTjiu>Mi8XR-X$(3E{@Ic2u;YJtPoAb_5MV_(Lo-NmF9@}x8FQM;|_Z9
zH(Ww9-1WWrH6>4Jw;lUZJUHe$Fvo}g*(XW}RsC5L7{Us^KbQ6Bb3s}m;29nJvv*AO
z*C50$U12ZAf7QyN!M`G9BYsjy@-hxfJAG+>>8PpE(D#7TzXJj%yL%q*FO~J88Bwsw
z6O#{6YR4KcOmO=9{>DWZ$d2Kj5byro)1H@`&kM%)_clBP*@N)`3rZ7Kk{y6RMti%`
zXUds{&#@x~k^Jjvw6dH|;;Y-fv9^7`9)YXcx^9!bR!=$9_Sc{ubyf)2^L#XGMrNcX
zIW(kYJsSO4@i$AJCg|ytN!Fs_5url;xv;n5UmE=xPdPq!OsN5HzdivXe=XlA%<R&n
zb<WW;1U1}cV@xe(t`l>4*|C7oyKeF=xh-UTruS{b>Pj4ai$^DciCaJhet4Hj7(7#s
zDf@)52N-;sJxI~S2QT0YXYI|*AUa`EP+NLJ0?1ojUu9{leZjS}ki4$B(jwhMKR=Xd
zu+G~1WV=Ud&;Mxv$7s=Cvbt=%Yq2tkep8TDxho|O@0~~;oI@TN-z$F~S87wPAH#f#
z6~#$gk!--JRz+c6#p(uOxffcmEhz<BWvloATKs&j#``rJi+wOTI?Ls2wKqZUocc#A
zCn~&pHzd4c6pAI?qKg65nFX1HeK;JF=iKYhRlCmc;ctQ7`Z=Na$DpT`-}U=RM5K1@
z^6|N0+pqV>rL65f-=Fa)U&K0axvpA~5F>OWva8mb@y{BcawA9h>K+z*K|@K`HNreD
z(%2R+FFj|$;Kvt6kQb7XXZ)v<R^^_B2x@QySdqH$vJ+M!HpfjpYj5_Q^5kp$<z_!B
z3@uvK$aefvrP`@4vs4)8E~~=Ilj%?xD+4<*zP(hJcYKdCdK$<2@h@QU?r(XZ7_?M+
z8I^Y}X483js<I<Z9Mt|cD^Vx^y4&#zM{(Q3x83xt)HFd(NYYFvI<V1k?`qw4@rXv}
z(Z*e{f9-CcOSAq)=r@C^L6Kn6rg*eNgK1YM5WW>M>*Biaxm)RLK9!^42`b*Mi*IE0
zI}>owiKMDT?ykXd^}?!@>*&Yjj{A1Vin;Y0kV*R?^-`=fC)^W0<$uECvJChh?idMI
zvZ1u1Fo_HEh~hN^eLohC2Y2&$C1tisnn916WU1Eg9SL<}o{M$LM1LlY4J~Sq`vjKf
zl<a2mlp7`yAJ@oev{<%)PZhOYZ$L43^40TK`~3(Rp(RhCZm`bj_sEd}lMma4(B5Kz
zAPTf}p`j9;LR@u?%LZ6l%`-8Or0AEczl82ga!5ippF>mVgDT>r)j3j(3S6VENz85B
zQT3hL<iSfx*-XxgkH%_yi}TNh0Ry5B`mhr1|0>0OIiMm=g0q}zsWWB`nA-gKO_yyh
ze7^C1;%eB!JEz>y`M#q%(kQ%P@!Tg#x9qD1TbRBPWRB(KyQB?o(tOSKqtI^Gyc@h^
zZgIPPU;2(2n1F>CnMXEYZ}BSFEOI&OYVC9KdS|ju%u$agn^|a^f~jfS+Hpj?)Tz0o
ztesDX4q(b0Xw^<fX%cJ`tp4-aOxG^E>jhA?DHy<fthH(cQ@CbYnWk;(9Dg~+TwuSl
zwS932SBDfCOfnujp}}nq0Vlw%HQy7j4II7Hy@(JYZ1QJ0+TdahvP1c8`yL#xOm<5t
z2z@o=ySOL6IoAJdZ|5RPf~oL?$nWL5LKh6F0#mL$PLup7X#QR6vYni8!Rzr^*G-iC
zhngi2%7VhH!&2-vRp>r6mLziiT?*j&kwVGweJ-47Jn0KU7)uV7bZFOos`|*)c;)QF
z2gwk?+9l*p^hk)^#u<O<vIhnpO5`^=$5Ry#E}^nPm34yShIHI5BvRrIYa%M%v0KM7
z6s+&igIx5w!aBUzoP37h$E>{d3*K1eohfK_(x60Jt!td|LIpgDg!8Y8+U;VTm7B1F
z#L1<8VCm_Sl^csO@+>s5y<^~iaECT8{3v#P^GXk;^V`{M8<YSq^w;vwu<6>MbNGvj
z9`?Vs-IWM<>$*hBd4SR2s20u$;FSu9p0Qd2EL>)0Kx2dYxxV#6l`aF~VEFPm>-})9
z$|)v#F;ox6bT;<QZl-f25YD|bTug2LXzc5ltM=)_6>@T3G|=_vE%mRKA!R!<*iB4K
zf<uSI<sY&~B)b0xs(L|w{=@!U%~Chzwx0^BA6n#fr@a3kgzbYY(ffd|&8pZ<|Bnd?
z1*r<YvjCq3urQLqy*Yh(?MJA{uuQr)cxzRBYrUHbgXi!|)c18fFMIvcr@Ow?R89+e
z6SL$tFQogH$dWdqFa{O|LM>2{xpkid@+Z8Od~-ZAyp~yF)?5TSj0_hU@_)zI+eZo(
z&995q$k^4N?k(ZhJc*9!cZ^vmUlpAfauXE(`e6i;K0<rr;>!78g7Np`90@m%<(yf%
zxF|`-Gm`lrbPb?44F3VT9<t?*w2JG)EN|uCm3@@tNJAvq)b@){w(4}RgZ~1Q<_O=m
zf@ke9Rkihubp9WPC!2Nwec@j06Z#I}+7<$u;Lud@Rl-PcrzSO3_uGh57OicRX~wI_
zRnP0^q2HrF-3E<IQtV?}hbO1b^S@b%SdJ<ieJUN4D;eu+oYw`F(+nj=xyHuDJf2YL
zK^*59rVve+_L#xcDgU6&{G}zXpLlccW}gsRgpDP?PuItTZV+6GS%yXYm?p7SJ&Yn-
zU{3ixkwMCsUew^0_j&>-u-u*(wnqs7gzV07_Se_lfzXRaSvp8rj7t3$#hoS5^s!tF
zB4k`pu3%77O3@mwD0(dCIG10Uc!8i~midm7PjtxO6qyrH)6=>2xQX}p<+CEycjj8V
zujJp&>#6m0au_Omd5)S+q_!Xcl5a6<jq&OB=qDOmnxJ3O6$9#RVD7`8ZRyAayK!IS
zISs@|hwThrrdd!t6_3^PC@{!>Am=$#`Sj6UgAirLdr$wM+7FKcKz{}2KZBsG3j{wE
zHS_ii&kpl0%3lFSrA=PY)C4(i6<{p)SW$gef%=!z0Beo-vps4-=kLSO+@)^H6apj*
z4w~{M;QJMxJBKqB4b4SuATay*?q4QM+|=){{`K9MljWow3k|Z&ruPyBsO~^|F8Kc+
z)R%M`^Ml;m5+#p-r#2n|#pZq1=L-Om$4E{$5h$D`2Mh#8_D=+yd%!0HKH9$>K8G(r
z?ErgnW6=RH<xw_>)hE#?N-Nys<g8K;#NJ#u|CobSzx7*-VCCwEu1XdYZkU6bLf#B#
zf69LDlNocC2shH<PzXzUtc1NV0a);Du~KF+Ouje!x4t#%fS0<iDvjC-;byQ&Sp3$4
zTMR7jKE{2M7rOf8eh%rXf^>Z|{quueq`M_KZ`aG_ED_gOC)(zIikE?IFS>5Pzr}Zs
z5=Xyhk%(PQ<Ag7nui@W`S{1&ufcNAzK*4um{YK*eRxNJKFVej~rNBWlI=!!jd977J
zTF8C9_ov;cWFH&M_W5C!;Z$d78(;BoRwSOTlTW|cBBGDPDr|tu@}17xP|COPaVHk-
z8)k-`nAvWuhNJ~9zns0m6&)AnumRAyd9;DhET@*znqJ-vxjGrqFZq0|XYu?{#K=M_
z(ekOGfmaS#evp{*)EW9^r33{qn%24s(cRzP=s($ma~_ve5yTG*WW!otVigHBlMH=`
zc<5A1L#|<4#961>)(y)VnK4UNHCEGerT%q3mk7wp(8Ig@<F|_B@_~g=9BBM$>rwFu
zd&zvPFvZa&PN<})s!CIU&$EaGAja-`fUaiufgD!&&CpAe%Q>Nvy%k@|pbSz)d`rll
zA5Gqvnb9YnA-;<;a$75~)F&o}PbnogI}NjzJ^Y)u+~B&YO4As1r_u7Z#YPiM7jyYz
zN*oUv@kwqoo;>wcxTi*L?}uEj)+p>9+`jQQ`TRn|T0$*J1}k9;e(IfW2GOPbCQ91u
zm^${I1WIyK+eIeLPB{okasNIahzBT12$D7Qf5^znqZ6ZhGC>E5oV|xfxW*cQc=T{#
zKDE{so8?5Cwulxk7+JxBW2q;i<%8P73QusEl}7`V>jwdCRdtE@LIg*gm(1{~Yd(s-
zS|R^rz9t;XZG294(NOs0h?Jgz{M(c)fgR&!f~rE^?~mSLJ-($XrL27Wyf4RBdvJG(
zCU0&ebM1G%fcY8kZ>lP6cx{Ncie4bHZTn0>btil>_roxm$<|&Z6WdwdtB=0>DQy1q
zV;?rka^8!=mMLG~x)TANwOCJB8p+b;k=eSVoquva_fCVXIWG<glnT2qvs68@{a}Rn
zrgGG-*IUJT&c^-Tamn#{K8lKr=PKg^P0|Cq%vldB+>pWDJST$phA5#jVX_xh;8MS+
z(7hS_E@Y%_m_y@Hl4xNfjyOBpr$z_;rQn(8I4mk$B-b=r;|8~#0W0*{YzmUH1kTRJ
zIK5vSDwiLK8PAcPOTEJi3x8CoUXLXdPWikY$l+3QP)%2Bv_XE(OaWZytlMmb&#fk!
z^Nfg$d6X`OrkrHk0Ml)_XgjBruTS|VAE?fO)iQVeR)7XeS|DOV>+8U>f>w{q6y-&#
z?D`9~QP-|z1$bEb&h&)V6LeODcGHY$sjmuGA!k%}3=xZ$t^E?C1ko)=+riccex3Sa
zlv?ino`FToGNVI)bo%ti_^q<}3e%q}#xV-!b2T10WgH9*10qJUV+5XSL{!m}mJUm7
zO*sC?%f8R~ZAfRVQUz|bg!wIhubcaAVy#u%M8`4~9}UUYo_f}ei6@^`6OTMi#%NTF
zRnCKJabCj0OgAF2o{@eVBVW7Q`v@;RNa?^uUz?Qr#Cg*JPEI<rHx`B#;M^Sr%I3~n
zv^FsI2J)LjVQbXu-YSb5RH}7oXLvmRv1;ThDw%J(OUVRTSS&ReQ183RaylcZeEfGm
zWj?AUc*X{PO>LVvC_AN8*dNHvNwYco#=Gur_kO8+VAf<QuJ+pOdH@ip5nR&@$q79!
z!qy|pc}~Rj{x;R2si2ehp(go-B1;x|{oO|t<i^LM@|Vinj7K7~UdL*0&cZt=jn|_(
z0<z|c8%(Uu2*&}-j>RFawN}TLF6T>=Sp2#Iar$lDHPV3O@d)nRN&SjRGe2aOagE?@
z1D|HKNRQEMdD9Kg+>N^YA1M&|<#n~S!R0F0%9g)5KB~w6@I`1-GoiWraaL(posUm8
zJF+m@wWPzr5(Mw5Kp_ZC2s<8E6IKvk-}hNNN{3B}uZk|J>`nS*z#qo8Q%rc|63c~2
zwWp6`?QDOIZ0N**1|JCpuIt%OK7Mc`qRcOa;7y5+ma#q+&g9WSdGqLG>q%k{GHHQh
zf3Cvb@{70Ry&vTG;vr9Uoz2g0Xu8JeHhAfq-+aLq)U>_vCs|0!`{p<@<%qv^Tk@=O
z4aoy%l;xY=R)Lsg=1ef!_KbFWG+Z@L_U(d&!@FWfpW6`67N(w8%3|8Ru@&GkqL&ch
zwu{GXp_GQb3+JV`!rL>9*=3zSY5KS}Ae)v@r5Sg^Wc7;7izCW*eTbS2n{#jAb)TJV
zf2}LYN^-XNtQgt;LTh|v+l`kQ=e?n@{VaN6*F43kXi`xWD_%OmP(9)psH5c=+0b2!
z4Y#Wpt!Evvcx^ND**{H-n9wT%9U;mW_P6aTi|S{kWIr-w&+(P-f2T^cF)n)c<%L|6
z<1ApXW)5%UI6L&CK(BWEJ(hB&2r$fzT-d@2jc71u*^qfxM=xPcgq?*o0#ifuw1>u9
z1Ffu$8Igm)3wW)5%xn{F%ZI2);}Lh-DDyM179`h@2p5w`#XT?UEiZCq9!73teU_wV
zWGXwfnDWN2#t7efCdS^qU(ouIL`_Hg3O#hQ9IlGJoLJk7^)(mXc;UafG;sr0W%eXM
zvr5qK`n^X+HD#{gU;dhISkb`fSC$U=DHQ?2UE$j*U2{?!Me?fRb&FG(?zZQnd>i>n
zk*`-`qEd1mMKaDZ!Rt9--e<nt-mq$H>uz8aMP2{kGwOTpH>bw5e9A(78fl<YCrxq5
zuCZ7$l*xE(*Wy;CE!c4S?5SG7G{Y4u4`n?0B6Fy0cS&|Gv(nD~UaoIrrp*zxiS51$
zZlE85aRu{@qzZ&~J!7hImZwPLFj2N07JN?Nz8c5k_Wa9uZM_{8*jT->^cQ;%LiBCu
zegY6vJJMNrPQ0m@Vd!y}+$g!ZdQ}rg@{V%vuAWAEr6w&h2dNW%JXZRa6RRfpHP%?B
z^)OzgspZhE%{dXMytZ^o?Zb>4)~_8g;^y^>z1@I?@ioe;`|b-IbE9GTPzG>!b#DF-
z2adUh!I@hc_^j8J7pqZvp&VcArVc~U9{Ie<b%R!NT0w3@lLLs7!HGs79y6wxgTVmQ
z1k#i-gyv`|qI4pMxj-O;k^0L&fifzZ3<)$3AQinYIImtvDKL9Scxp5M<7I=$PYve3
ztcxu_nBv;Ni$%+=zd0L>o^w%1<auey5tgpRbH^|Kh&(;8<EHn(=(p0tb(eeZ9*NH{
ztAFBHQu`gta~YK}Bv=k53ExP|mixi*xWV@sri6LSX~eF50fQZ<m=sNRPX;>qO(;sv
zjZVBV(yB;%dz*MREA_WhR;dKp8oj`d-7nQ-t>O|>k8@uV{7@u#3;S^fycCJqy19R{
zbk4@F?n{lC{;g@zrY9rt6tWWTMI;OyWm~&9;-IlUjvaU^>1YfpQgY-ga`Ltf4NR*T
zP>mb6ymzUe-F$F+)NmQ9;U0DVXCd+WaxLqPft}jq+Mn<XUX2nBEy0H5I4KK#D8?^x
z(R-roDbbA?JH}QEda^j=Ga*)-gpnt?FZ$5GvcTwdULeekCar`}egZX9(u})F4JQ4(
zC-G?;UnGYoE;K(%%%w~aUl7LKQ3NL-d7aZrv3jPCHq%12LbH0#>xkks1fg@u>P0jt
zPU2bFD$}|Ja}r0no!_s9qo2$8XNTM(&l*c>g8>2OVWcC|5KT0Nzb@1>7*Dt8z6}Ca
zuJIFEJ=#^E7+Y<8v-g6_=(6nWpaq_+mNyI7%~$xohU|Dn@GggwERJGmM)N-zEL;@}
zFXZq3rK-HSc>b<c7@yOL%$*@mo55HJS9sD{Sj}nf3F}qog~3vO`4ghSMm5B(yz6_*
zZ|5t2Cb^`4ZhjY=oK@zU8K`PmlvD^au!3dyhRH?iIzrw{ObnvD+TI8Z%67=abVKNn
zzM0%|pOmaX3Arj`PDELUu|)P9wOYeY|1&Zu-4JiB3OA>>@s#_U3CGx6G(>0LZi{oN
zl>_fqou?=AmKmoQTbWnR1_*t>RWL72Wc>VGDL_qY3-aYY@^b5PV%G1Q-GS@wyMrvZ
z9iOCmUfve5Kaz(nEZz^lYkhW7o=x5{o%z##6+EV00(BP!*9Pj4@IJbKM-Q_z+j?Dn
zIVxju<#=&}@e*p8Pl@!qtw=U~xfHBO&pwCR9uM~+egE86^e!oQGP$6?`EGgB!Z>X)
z-J_(Ej{5>`Xn{e0Xi2R+<nvttwyNKRm-L#wvD?NN`HBX!n)27CU-lX(HT+1-3|2Xv
zZFTf9`&Wdyv4I=vx|e<VXkcn7uCy0(ZR4u@*V~jADP)iC`hkQ<50S$dJh8wNYlPU$
z23NAMY)z-zKAMca2hwB;GXPE2@gh)!420I&BT$Uy*L+Wi@dI%p%gvqdA)GJ)HKQnA
zbW`(5g~cw|v~z7Z6JqhbBj?!@2(E?I-&ZUxHTouCgz1R<&dV4hh_nGS+NwRxApTR)
zC{fzvnE~trv{X{3OmD(L`OGmPuyaH%$f)HB3o9vECB&>XeR;U(Mog08X*NZV{x+Lk
zxaxOa@tuI}8se!3MU$xe5hE|GOkrof)blHi<7{-voSWrIT>S5A?qHT?-+a5)b2VkA
z6=n2psc&~=``UZH`-PXcmM_)rhR&b6mH1TIgF@NL+L|U!QTmB53^%TRm`Ef%!zxto
zpp?^pMAs&Jv+Tt>e3+c5#0c&Lx2EkCrK(@yRA-#3WA$2c<8INK9qJDpy$>sx8b)n9
zluX9*gT3IE05=T&w8pJ+HdWev=v#|ul9ZCPf|izXc?WUf;=z+dvlB4`|ERdX<AxuQ
z>#w2*MNar2+DaAh3xg8_3%B#Qed}~1;B9Ex?Xcojd!w9>Vlg9+;y9D?%yUpI46M1v
zg)t`SVji#fCG8~3G~ISbOlx)6b0d}~{Exf}+|-E)<AF7cSQNctMLwC{-uo19WG3^#
zHbF2XIDsjU*23;8ik@tP3HN<g`0C~w+|>Ffjxhh#*>>JsxXYx#rhcbI(Sx?_4V*M5
z1)J+BsLF|)@o>zq;^%r_J@IUF2|dZ}W;eL~v;{n-Q;MyxS#l{{3|>k!$Ft2@ODuY;
zY!1PzjJWM%*kQ8m$BPM*ODdecU)>*ZICx9EeA#d+_sKYypRyzNEHc8dt<ZU$>6Hxs
zJX6?4^!v}7TP|WDy!-K>Qf$8n!KK?vlQ9+V7ntr!@l){qM4U8zk`Pcn1%>WeY=rbz
zgFr`D$JR@i+>Egl(ngWy{&J+`;7!{YYQ$6U7PWuoo?*<D8aK2mKvIKZ>fRE}562!l
zC@Qe7gMP(e`Rt(ruolis^UK7s24;#VDimGTEZAJr#Rse>a4GKV$*v?I3K8z+=vVQ=
zg_pv46!qAfZqg{^3Vk}x!lOuVc#xUFOeg%p-l+eh(}<dzgrwnX&il4?A~c;KP5qkB
zT=ns>a#rQ}Bd;Sv2QpXRT9S;VjXO-vBLdra`c$OZM9rQ<r&2#MrGYPwiJF^i$adFz
zgubdF?pE{1h@1eJsxeEv3X19w6lHc9+B^}Z$6KUCSb6rwWzl7P!sZ9*xs4KADeAh4
zLTP}?M5=Xk8tLpU;dqJPZB6HtbI<NxY+GnuB;98y6cfY_{QkCQbt`L*^j-kWQyP(1
zHa@+zZCOiX#-D~{O!>mAlLXK}_JEx5$%VO5(vXphUJK|Y9oOh><nanc*%B!1hp96c
z0OXP*F5m}zpUEsO_~ZC9l2i;z7Zdl3lG&K*rQ02<@CDB#;`c^r(&<()MMeL{<p2LL
zRSHNJ(307FZVgDwfV5{;RtP|zCF}RQ1Ul?THN^uoR}0B&csItG&vPiEHVHE`y+|4m
zzT8|hZWZo^BgHXLoC%zjaKI0>Intdx%}m<7iq^vK`%d8&-QR4|1|m8_zS9R`3!bco
zVh5s-$Adm<GX@cW)OpYM&Hc|*@+)w=n6bY<G3IvGs7w5TVa!g6V4qW(A2=`B^<zrt
zQfZF#eWpV7NE_JN?`&6L`|pPLfW(GB06I<o0u=cYFR2;IAiy+~;ZW9psmN}-#BLB>
z2DeH(KcW3#usqMWcu&imbOZo-*6smj8O^KvFMAK2Pd^J@<UG_FyemO00DjFhJ@9|K
z=h?4jc<IJX4LPD8Rm4cmdMfwPtK|H{Ii=AFilv(C?Ke6~yafIQBuk5EKQ<k57Ho`S
zk`I1k0JsAuar+!9ROpa~1~3<VMosGjMhKq~gxA!qc>ma+DuWZ<`?b#a0HGhxg}*go
zfRX~fp_Ew{JU*Zl##cP*Ci3Kabtj1!Y;n`g)a`Yohp9MYAf!BS)t7~DhrLz+Fr;{M
za3EmE@1-K<h5%9$Z!u%6Qjtj;cTO!I7?rBJ(WA8#_@r%Z8fCO!dY_ZCZzIqJt+@Y#
z880m{J?b_?%M0LRMH<bB6XYm5z=ZMsAqITEUjVJlnHHG4#URcf&uLwF2kuzl8Cq)`
zY*|?em))$kSV#q~RTf~}EjWBJ8}M&5KLm4nllLfYG0R4kiU?r6h$wU~*?NDHS2kNP
zk6SDU1IE8bfF^GgBV_YaIVm2vK@`{|w`|g2NCpQ2n^YO0PrOOiOx5F&P8XhI7;c{)
zsq|i5;Bv4I??pR##L{<kaC&<bL=KTX#(BeMzxId4WXSF$F;G|4^60Vi<kORN6OKz9
z4yKn0u7wZCoK48AUKUQ|NcWz$Q?#43b&>n5NdZ5?(R3=&0P8$9bIQ#jc+Lq+iFZiC
zNI}wytJ~U>GGe+BjDOZpK@~0?#1+uSjDYOk3w56H)uTMtCR)=47FxHPgxk2sb=z)t
z0_&-xaJkv@?8#$ayg+o0y+r{cvn>JT!_w7{@GilcO$?9k<v4h}6>@r2hCWIB^*wjA
zpo0mma+C%ez=rFYjk!SE-#hyxqQhWF)(S=7lvZU>rXod76^@NYnDXA0L2|v=|ArI1
zwYKlC66aSLvT9scg(`xh_>*n(`oF${z^x~bYOIVIZVc<sty}uehdeXI1t3#rNc-Ot
zpGA~gC-AeRWq<pt_sXAKe|9)q!wx&1XHV~cUgEzQ_iYPuxtyc1G1H*Y_tj+~jw@%j
zTA5s;+R4vC`~^V|d&6*I!s0T~h3f3v3)uor@i!61mUJQK;Wp2uyx{ZK4RTUWtPoGn
zd1bw}`&xz6)M#Zu8Vf@ux~}l`MkYwlU$UiiTpQVLksSx(O!H)G^EMV|w7+GJe#066
zq{n0xN$}#>YlqT%6=#RP8P9XF(IE>}v=Y-hK%L2QoPE8hJfS~2KV|T3Y9uY3m1Kuc
zpYU0C?<{qcxzl#LSd}lZPTaq4by$}aDWg*Fv!O$X)2#AU6<2n&s#q7UuOw)MCtqbc
z?;I)>7gNx6u2?{+A8DFz(D=r2y-TqvMpzyN3vwJX&h0j7F%UKwnu5&lt;ZX@#NxPJ
zKM5y2Cv%OmPOrH}!>w{U{Fz=b84IErbdz#lzSKNYI(LjmL}dHKLh-fo&K!lw7+G<l
zHf&|oH7JQ*qCrHXGb#z>FqEYL8KtgW*@X-WTt8ni6_O~X2PdBrj#<Cazff$P4KY9s
zbYpbUDs?#yfeJ2|J)kIG2#KL}ak#YbkCO_}``vk`{O|qEhyo{P2*}^26^TIf-N}oO
z)z1Zi0BBX;U?wWEa3HHn1%$_YEL~#=>woCbH;hi6K@((kFXP=W=M`4?Ex?E6L;zy3
zCg;ZcEfUYMoK&B^2jS-@t{PYj6yF%I>u`8P!8&?kEZZn`IdZRX{bO^E&e$(9akV+#
z%}dU)KCbSh8@3TLXm9N1C^YwKBHL{PYsEGa>-3JwctAP!7<Gln;TZGyO5yP^wPzT@
z2;#fhb(MKpE<O<#$9VP=D(bfeJfP%FocMQYXzB9+GD>&`NiGN-sCL0KIFO|7->ZMt
z(x{a<Ty7sDn4)&lotg7`0?{p(Uw-<fmT2o8W-frU;2uF;9p*`hT8)Q6ng4m;-c2hG
zyjPjVtq1jg9w9lQN0~3Mh)}wtI;0QEeE?!5SGKvd)gnu_{ATo0+<(0FSZbw(E+Z@N
z;2>h*$*9_lx7VzdQCl+)6!xQ20_RRD{4$Sd(Ep~s6rgIk>q^qsGzg!`(_r;N=H3-9
z2s_6k-KCqTsD-KRx&rD?k!ciDkZ5~lprx<`FiU?`2X6*+Xxu(eC!6`{ye6BF6+<h-
zN*HgVb9{yMP`2`u5_rDUHl*=z^<>eEOsv^DL7IQXi54srE8G8k&Uuzwv3<M}8ojCx
z?CT~CdJwbzRRWcGiu>2~>;e>}FPv$y0;$917*3!SP9Oq)XP{?7s9WAcvdw&sB>C)J
z$Yjp-f8Gf%b={cPS~3LjQWDcy&vUQF=q7JIe@#090?8D=Mij#HXW9I9Ksjt;v!rtd
zz0jNss7`Gx9QGXg6QDy%nyYt0c<CXJp#O!$`3s$G7dk;(qJGh>(0%(Cb!G7~iMq0o
z8b!#VQwo&zPaz|w+d}8pMam$bY(kC<{dzQv5C;v_1#Bgrnrpb?YTTbVubv|Fy-C^Y
zM>J!KHw&j7<k_Yd5~YIc`68|_WcNJBU3ANXWRG1Y#DI}Z?>^S&{PL-q(Y#<^bJY=p
zr%wOCObH|$gt<NYu5SVLP4#p|cq|}KD7R60KHMX^qzDB~QiNMaX`9@nA?5be`4s<F
z0}FH!#x6`HS|Qsd*SGE|XWr`$m9KN{A_#y*YS7@oFq&y}xh_^eSYPLIT$hd#dNMj;
zDNj_|Pk7)XBBw1T@WhRgUDF6#lgi}x%)i1?vzcNF2l9iXW<CoKuh^(WuD`sMCF%Y(
zphiZwLe`w8xajWobF&C0U)l+Ut6!M4!AV-c>h>KxHJ~&C*19m<2o~S{-u^2ATt7~H
zVA8`Y3;`7|N!M~D1CKXt)5PqEhT3&<vXd!N+%ZB*O7A#|%9@aTf!fdf=e^j$L)^Xs
zhuJ()c{Pxw>gm7LF0i%pOJM6qf3vK4Yw6a%3Exp%;&&~ZP`~B*jRl#*<=FAMiHi}s
z>^AJ6DvxZbaAtVRM(m?P*SpZYgw24<Tl8c|fH4jrGHyCje5V!3@meztueW9vyV2E9
zR$6F^ZBzDN(u@$Agfdr^)RAzg<)!B!PRpUh^P~G#GuTItU)iY3oBmYGME5-V4WA5I
z^9#t4dfCzLs1bjYu2uDK)mg7k_U@_N37<Lc-1tgDvrv898(bflq~Fr`Et<=J`}z0p
zDXRg<VX6Dlsu$D|?Q=|gk%G>q5Q_s6m}X9staKaSPekWe8|Oh=n(6mcqvhFuQ@HFZ
z;H>rT-8%_~*|Tzt?&^mDt!1jf(xzBHV7?&hnyn(|xiIi=sex4{<4qj4KQ)x_|HpB5
zeJ8rQp9Yf%Fzzg?^s5AE9;@)sfB~Cl<=5nW=B(=n)IOj<z@PNG8EB;$@i0lMF<Vzt
zrXAa|G1zy38XQi40zTcn_8M;`9x(5e4e75ur#j)Ss-M=c^f!cWes#(>9oL;V_H(LR
zZXB-LRiGw#WV!xBCfI=wc#?upmwS3e4jw4#$9r1abNW<IR=|1l(@1i`m20LMZ|RDA
zvnEgXce6W<8@AbWFB^~5AB&-XI~uLe2RKw6w)EX>14GbGCV@Sye=wwSI61mP5E@PO
zdWD%YpUEyg;J10s0EYBnPm7Ot<^OCKB=JEX@RSD#VSJJxT@`j4XjwmE{yMmFl}Q6z
zwc38BaO?`7$o3EI4ugUY8__>$ej3>ifN=9&rME+{3N)GLm=&SnyxoJJaEFa)hYZK%
zI>qH5$kot!UR(-#gfULly<Qq9H&&M6-{5~Kl8^HeeO!`0$iQyKk;>1|ObLZA-5=kJ
zSWzvu^(#6yDdM2_sOg#vx=lvI4cTC!g59o}o0nm%H8@eRwi1iZZuzIz%3|4ChLavg
zY?|Ze&A9OSLZ3)ru+-;;GfR~KYp-#gVf?)2GU0)45&cBmL$}n@?Jm8D+PWv9U3CUH
zfKT;ZsTJ@#W#Vg&LbeyC_RiB@ALn+$8<TEZB%eJo(Lw2JB>}_IHB?p#mu8^NS#spg
z$urP+i_uW$zg4RZwlB6_t_ErhB)k7Z#PS36B_;jgOVC{5cla#WPoM4~((6egC<ezq
z{0=>G&SpLO^QY_!R*!O;sKXTc`KSezF7=Q~my$CAh)=fxLgLln2eEEpro$!IK3IIw
zy?xihvblOic({7R^XBPM(ZWR@@@P`HPeH<KH;9EyTLKL7q#N#7`gr59OwGE9IK#O=
z*Y_b3U}n)mX|N`2HZyGYLqC^}m+-_d{+>edSVJz6@=86tSJ(lY{!i7$j_DGPFUqe(
zd@e|YmO#|*b=RFSIAwQd@?5`c;V<%H#YmssML?VR_nw0W01<A7!%TD`ci=?kd;s=L
zpg~Y=WiJe@xASIXMNqo>UL9O}ty{Z6cSB4h`?`pJsd!Cs*HGz2RsU|WjpUs~?=b$O
zt&=`al!mGy7O&gF5!^$G^Bz1lwY=`QKy=4CJpqI4%luj;oFBqzuz6fzwzC!>1buoe
zxGYEuw(ZS);Ir1NN;P#pY#M5zB^@jfuF9K&1HWAMP&CZZ5D&HV(1r^{%!HEg@x@b4
z(6c}xwAnEiK_l0kg_Wf{F*2ddc}H6dTx&0l7QKlDb<3;7+e76M7oF?g3jI_uaWn|2
z1(o?GCw3uDpy4r`&9hSMa%876At(95Zda?!>i~5~O1OI7gClJGTGW?>bI%s*bVp;K
zy)`{{iU`nwiUE!2znCze#kjaVWc_1`d%i4RkhJS&vy-UMt%KVljUzSdbS|hWWPy0*
zz64iO`7mb9uWFj`R5nasmF53n82D`ObpQXr_x`sa2C&@hakUk*0&(ayJh<S=VKdNj
z6f|uNFjSDjkgA@~hs#mmy>#j`;_Nk(r<k9R%u!!CFznVv(WC#ci0;F~N;<+sE5%hx
z*qoq=g2okU#S5eOFwx?mh}Q?^-qcI<{um&Yw-Nu>W>j{JjoZ-BnkUoW*YFKc+(bDE
zusTl%3eskFiZmKW320TR{du5{QTamrhxWSEE#3mN@q729hiL(-%ob1(Km6OD82E2x
zH{bvdxk3Qc;-D$JQU5;?xG4Ynshs*JiS*3p{;LQV`58gZwZ3+_Id%p&l+zn+xBPUx
zD))rR{0)r(x5QLY(x#I+K-GzWG|DVBg|f+EAO@kh+UptHV!zWG$#p07L-O$JKy6TG
zonk6_bI{xwY}xb^PLais2KVkghY;l4H0YK435-<^HiKEd?olg07>tD}$%}O}#>jC+
zgBp)V*=li1y^>n$_Lt6!9Wi>fl3K0eJ1>c`>@{__{-{~&zI>nL?)Z(@aUVA>19)ml
z6CV9hw$o$>15dsE#flvrIT5JOszRTJC;#BqbptmJji|A~l(ks7oKTMGa9>CL>8{Ln
zd^IdvfY7SA<<>9K-`r0q{7Y;N<6h$zN3wg4<xlzZ#MAJo{)>}yFL~4jW7TtEn3TD8
z{jqc)P9w6v@@YCgiYRGnQ?7&bzl*Ulp6>cwyUfgUS^B;H1J+JpK$@DLyW_ewa&%6U
zF1&&#SrY)Y{|<SUN2$bgOhc|>B3Is%v_`(PbmxoY&2`UC;=nE-7sgWM!ljEzr%N4?
zP@p!!Vfz*Zs8vlXCPqWzN%N8mG8&EZW*U&QwS^6X>ZjZi#;UC&7ZRQ7-4mn<x&?b>
z6UOXbF|juZ_xowP<~}>^dewgZ07-ZA+-Z5Gbh?Yef>CMc5<2e2>)qtIqdw%;&DO!p
zT;wsGTPMloL@Z8QFS+T)mI<V`7VQIZ7g@@Pr^moTD_k4X^8${p2V!I9Y|!FfC)_qm
zws{Hi8^aL3ujUpBgaC&P6H)<?g0J#6bir!Mm93ZFp0GKyHkyKYv|$5scFt3i3>c13
zjtl4o`?V8?=lazANpw@Q^XJe<-J(%=Ho4rF@R#v&o-uA#TGs|@zg;Aiw;g?OB)9O(
zowx4(HghIt>spPwp_B74@)`DX46XG}AKJ>vc0lotznlEbY5mF66vOE=X2U+kFMCgt
z+^r4y+`G#s_$N0pMYZ#0wemWP#t!3d;i+HCp(9s)9=iFLf}!4{1cMJvh99rwEZ(t`
z;MOnNCd3l|xgTU>!Wg2~vy(Z;zq&hd*hxOaj9!q}23IP8i2=bkSNF=k!Za+`8`Z%}
zX_5K3u%-&DI<8R`zq#%edTW^0z{LFmfos7Q4D{HIx3G1a+Tu#>^KQJ3@V(vcfJKd-
zQRDpzwCoOV!g2+_U5tVX8}WSAjgFevq~dFB5uW3jP_?>+VEq+L(*GrZS8;n@ycS@h
zRkQ*XW2NQr6o6o0Sr&EznoE)5X6h2TEvH}2#;Gs!nfBvX=WDl?A{f~@^@n=e!-@xf
z8=n3v+%0Sd>=?=Ea?+()^0iT#XOxFJGc-%c(E6uLB9uXBNhH*qQRVF`P&lfWS8ZeP
z*R@-G+W`+`JVv((1Is}_SN>ZJR<P!8h?QDb>p+R330JTcx5DRiZcL|2-(>c<&LNlo
z?t9-PSZTowD&<xBnEiazBk9SZE&j(u_3{fUf2V7|RpqK1q`z)74zE=Sc8MPyDyOJ8
zCl@KlPfTj&z|x!}L~nYW0@$hc#~M}8MVwA^&RFkl9}VBz6^cu5VHIt1%7wRy)dD{P
zZmdN9g-_m|eCs)$D0?W#1#UWJWhyZh;uxCWX!D^_tyU$oQvR`9?p1I}l2W?G>i(RH
z?tyhJ;K}+Az#Iz#&|sR2LpDY)2VKc_cm=1ybC6yIX_9*e8ZmJcl$+Gh$xEnM{^xy9
zbFuPR;hFbxp0!**!YbWoR$fiPjRqIhJ4K2M6?I3O>O-LC4{z3r7(ktK$q+cP%)g3e
z&vbbieuw_^#=orpCOXWy-Lwtx)bpkCH%|ex(7}U~9vXTgmpa`j`yQA8Q#*Fc_!8Aj
zV&RYQC!Klq^`rLV3FdfU5<A86Hz=aa!NIA1HB0hrFfai;{A24#6Y^b0EJTp?;77oi
z;@}`O#_cB%^0}JDz_<GV{C@Z&Fq{1cKVNDj!9^o`<^LX?bq+9kEQbN-0?q|s?Xa*D
zz`%U}xLMft-{A5EUS{~+js1>8tBVR->7ZW49_?#q-~Ce#_k7s@2cP1Dwb|il{D+Fq
z{8R@1k@S0F|Dm4q|6!_UV|-r-Lf0dyo+Q<+dE^b5Y7?jX_WRIX17OW}kQEVSKP<(T
z1<33!72UNyVD&QR*O5a@jzd#6@7C9tex`$JsHL)%;{cyo8*&g9Hr18z2M7l`6EyG#
zTLixRCzs~`w)YojTBlJCBNg2S`nZm$6)Rgx6<#bV*rCpr=HcjIi(G}pvY{NAv#>>u
zVB-<+vm(uCaeht+)}^vpUYXnOpCl5v&Nc2m1zZ0ygblP{GIc@$&)1(ig24GC<@Z=b
zy|VfGUOC~{Cth0|UE-~0Azja`W2Ir0RSvak7V~x1UH_}K>x^o0+qMz00-|(16dQ;L
zN)>5>APQ1M>4DHf=ta7Kp$e#oh*E<<M0!U_qy|JO(u*X7rql>XkrwH92gG~sdE<G`
zEBTQzl97DLUVH7mzqQs}bHaLyrt<1j-AiOYg?_=m^@`pCigxC7{RdFA<XkboYhUdZ
zI6y_5E_7MApJdy;l0jlJ77jn+bzx{v=J%OfKV<0F**`$1om(@%x2hJiohV>l>>KWH
zWvg45P&Qb8BPQmZjkUOGZ;IA>8AUkMfxhA|>|^~<3l!=1g~i0F9wSN5uwfMmEig-k
z>|4`Aw{FR2SWOa|D|8Hk`y(RTXvcr5ID(-ugtael-3V7h<&&lubO-p=##dh(O-pf0
zQ#(bId%p#Fg%-_(R6f|Rtcuik@44XYDLVx-os3(ET{*x1{$X#<*u%86YH<sCL42GB
z(=U42`Z01)rp4mHE5mC)L6gO~lRA98Qo5QxJTNnLd`_sRdZFk%n^RuzeNoMZGejin
zpf-|R?@<}%L)7>3jDU%sUT`^#ETQWPR=H3%ulA6EN-8<YJI6K*sp=~;&i5z$UldMR
z{fo4C!-z4rN}X-n7`xgrNo9$6d$}=2B=TYO<=c76A}0-=p6F+0V(QMUH3LoMKTqkN
zFzcfXuWBCsAxI5%z3OOcMowU^NL9+veyADHZ20XmT;45SdxPb?X|7swLZCI0A+<*1
z-fEHf$*=WgDH?o6d80MA2f1-QOVa3l0j6z6QMv$r=!j<;FRWuKywos9S_GkVVnxf*
ztMGsXB-HfTW1;tp2{GcmRU@7PzWhVws1x5^nmTig*ECjH6sb*?IE%^kbRCa>0T4yY
zXW%RPDya1ma#{Y$o|_o?QST}9SSxUz`5#aaHQ%t1`ph8IA~S}mm9!WlAD5MNS7LI6
zO^%*>x+^Nf{1wPljqBt~47sk8+>d;9`=hv<*a6ER+RDQYT%3q#^GMvKzOLEmI)%2?
zzSx!h{zC0ahp@Ie>Gb%qc1{X(|NC$qg`d$~`2paXi?ctuMM6Z`b?i^7$Qq9CkyUf!
z7Qg0^%db^PFf)%3<+e#4{S;S0beMnr+UHU~QRK_=vb(V*DW-DRv0~(#h~i3IKS_!P
zJI=bIA1TQo6B1ny$`KU>*S(GIbY`&)>dGQ4mjm+3^;Z;^4mSI~+r|V2F<ow%!(F6p
zm;{nSxDoT#0c1nNv?U4kQi2rg@$ldqBmAF1fp*5&G;dRc3)Ky>Pkupe+}x*p$FG*M
zOu@C#L~5ay3gV2@RhdF|-?i_hYjcf@z8kHZg(~t*fDh5GlV|R_bu6~N+3&_hNzM14
z)@rr&Q44p=(H|XiSY)T!+b1vHc`4d;8Va|x0+3M?-2fK?u{qE=>NybCHrbu!hLZBh
zyrF8F`Q0U<L`euA6PYP}t}c^~qXzWGYHMkYT&CHmYEX>_^oc|s(Dq9)B?vNkQ0-BM
zMzV{GAqF%!#$gq=^p;U<GD&<A;cFZHrCXY2fuoGKib%4guWvrmhve&Ps~^ojg_n?)
zHCEv1US}M{Grptd<%{<2mbq|AGl+uFYl6`Pm_B>+++w|&*jP4z)@w`<GYTynj2BC3
zr}J2f?+|yLa$25N=yQrh`98_w)%|qs`XO=E1HmCYUqbO1bULE$!K4&Y+rig@b!zpc
z&k=Erxy>A<&;W8T7V7Lfy$+iJ*b>7HaxE*BIKb!4b}=@lC;4Qp&Quz+!d!3ZnIN_(
zCha;|)?kxy4s)u*Sz{j0SwT%;82#~#>~&&`41KTxO$gt)GvaMS)?cfy!EbUKXEyM?
zj#B8%I>aqpV8fRoyi<GjE1G@HVNe%cJg#$JdQ<QE^94O~U)KY+H4=IrxlQ<kpD!t1
z186Q*yDymQX--}A>8q#E(jK%YM0B2t@4YpUW1La&!!oQ^?GdJL|C5^-&tj~i`&%oj
zH%Oz&q_iJ_*SrPBID7p*&=f$OpENY+G+|``GkQwhijBYbV`E<LB;=`hCp+D8_y<Ni
z4uo@4%x+UeBz)hG>Gl+7wTC?wqw_s$&N`8Kv~U5k@<_4zfsF^(q{z|0C^yYbx;U>y
zS&xdsZ%4o8k>RvsUMv>LfBF8EYj%vP0j6!QfrHSv&d1wf9%+v490!V8Y{KeUpkH~{
z{IxZ&ME&a7PC-eHwR%7Yri?1>5T3c#eGXsxQkxkk*-;V}UH8O`XG3T#US#ki*6*a!
zabm4gMe=88-}c6$Cs@;xs!cSytdgQ+wRG_G80STs^^+5G59Ymna4Z!sxP6UGff;Z(
z0Jypz`b{`5LWbTdfKG{Omkv!!dl6suk0-$)4(g}gRoT~5+v`Lx#r+M+OJsR>HkLk%
z9Ufw9RdWM2N&jRoEIW!>L99Ht`eY|vQt;l=jnHKC@w>3H*Yd<L)Mf6DlYA|g^f^0U
zgKlZCR3cdQ#F(|V^})g7kZX|1Uw+Q{ynOau<c~nZAa9=%&Q5wv$2W4QohO|$Dm{wy
z#Yy1;m&hTF8aRrHmQz(Ix6%$RY*Fgdol*1L<^0A}!hDvX8{oyI5nOBJYD*M?+x<X1
zZl9ge;*C_Hu5CKlcy=i|`y^Xz-0T^_G@T&|y6s#!v%k~(Y6trP{^m#JUGV9S09^Q4
z=mp=x@PsNMGuYd42H{J1{X`43<tIk!u6G2)k1u|9Y?K&_EFiyogegxoOYnC2Jp90m
z0jN3Ib81P{9^%S+WWwsl*~x4Y6pYn}V$@yoVP}`2E>nWd8MWt^Fw=a5Q!1z8FYhVk
zWyi1W!c>or@n)Cv524y4VxMMZq8t8c6``pz@x|}8Dke5oeG#^R;=;N!ZJcr==TZxf
zZ2RJiy?8<R^ud{dR(Nd;G_FGac|$ri6uPV>%~Dt~&d?%?d&Dl)SlOo<&vMPZt1)zK
z_<m55=2L4i>~X<rT`TW5_CJb^!&=UuuC}zFcaB+Z>5}lHL#@?agbDL>Cuiu_-ML!f
z5aOE@!&)=GS9p#yE^nEqyGrODENAuD#s-@OGLp>um}v2+A+T=lq1$v}UKjIdEY3^y
za4dgV((|-9B<H=^D^i4Aqpf(9REk0E1$)!($b6#z!B4z23hBZwW2%&jLelTp6#%E+
zL~@9>5Y--Z=)^PAs8iskPbP6*$>c@0#j&!xAuN)cwjXg{^;Go~e~~FX`|2s+;mx=Z
zZm<V^P8bfwh}uELJq};dX5AqgfE>?Uk`}z8z%W&P2+}tC>zD+EK*Y`#27LLc@c&v~
z<iAcCB-#3-i`mkyQi@o{?<plHgZ?4Up+x)g{9%9u+5!;OYHdk)K7Dd~{piDjg9-jy
z(nV;{2@5U<@xz-o?PLaj%fIm-G1*5T@EiyPp2xUGE-?p&fQ(xTB^dYzoEzKG1q32M
z2DH_^XN!V_;I-YEA7*`uC=w%oH#)$VXi^<<Ch1;B%Za!=+{y$?kajtj{rmE5t<X(l
zHqGx_!kv;gfLc>EpX**qd9B>9!5c@J9s74Q*D0P=M*UIHWvoeu^5u`C6<q(1aoJ&E
z_d>voe1zZDg4D}wCA*BO;921OrYF*?-(gg1^ZkjKP3zl)9l8t%ggO>&V~W)=l2QuX
z8|R#hrS*PMl?7V=@hFb)bEG3PGItsTIx-5~k!P;{J1AyfM#;EkV9&GXr*gYT+yKl(
zQ5`8qCqC#aA9ETAl;X*}H+Z}mX32V#TLtq;_VdS`Vm0v0vp;()>NQf#UtzV(&(+x*
zBFY~8VGG^7I?mH(&phI0{I+|qp?ebX<@6rwOlE}~a+T#bvzZM^L?P>mi*DiX%b01W
zSr*rAwpE$HHG%V^lT}mQg$<*fou^VnWURAXL&p=Rp`8;Ghoo@rdICQ8VzGB&`_D(F
z?cL32ne?LBeOU+5e)}9YcIHY|Y01)tr1)I`Zp9U*n)SmOwPf;44e~Inp1Ihe3gamd
zRc`$Vc%n8R<&9Mi%GA&oypq}0U=ZCfb+*7flapu@n6t)?h_4!P>b-3_sF5z2f6+1t
zfh}n(ZSI+{J8G2~bj=L6FZ!r%ll=jVhQd^`9~-$Fi}yPH=`CEYkDQJC(@O5`|Exh5
zZZ|g)%rVLrS}#cjT21WFz`zlX9dJ_Vu2QkO4Qv80oigC{4$tpuI9OI*(=oihlN$kl
z^9h3hatqEI4l^%(6n{F`FiqoeM5^g4yEnX>Y%1IcK0;fh8#h7X?u@^q;n`EZSc~}O
zK6Zp>KXoa2KvneJUX!qa7*Vgve{U&rz)aKKiZuNWV^pwa>%rq;^po;=@}m+S)Ogv;
z%A+)-p5wL&W2JCC83(f44ZWd&`?2Jzl5iqT1-a_1hteO-YDRBW&xt9Amo++TC2BNg
zF$i!}YK-E@+_Tt}*43!?F9n^Dwi9v2@U%|^LRl&ntK;V8mi14Wmu+oqTt}3`+^2go
zS7$b(azRZu+MA+uG4lN8#Jhc5MJgRNdIAGN+6clE-I2pe9PfafjN4+Du5DASkh`*3
z2YLN#cR4w53;Vb|-T!U6L#a)&nd6gC8RY89pN#&yG{SZZG{>|5JB3u~=7up55d2t`
zkdl0jZeCtaNl*}mAs4%jiC8>NP@$c<-YYZ%i2DD2>y<MQ9Ngcdu2Ric#PLtIJ_scD
z{m<SHihX`r$4{pbpf3P5Aw-T+#@Vu+sOGic1L;cX;KeilpUdZXaGJtd%Y-sD6AGK2
zDA&)RM2;rnCiqej=gw<Jd4U|NeA9Ux0({KsGUbo}4?h;+Wi9m9^^0~Ad2#_}qm=G*
zu$%u>t%bDF8VNGzf_Ko%JHCrL3)MhSRxoNO4S_yduF*h~0hs=`2zJ^I{?DgpOWxUt
zBEJlsls3kQiLGpItXB5h?}B_Rv?WZg;NRj9q@I=#E+4i<uH&=xNBow+9X2I<rTEwE
z)gaP-$ahiJcns6xnG34psAKalx+VZcRQkQaCPKGmtNx6%FCAUWlK%}Vx0200kPq|5
zn;0Dm+t8F@FA)fX0Lt%amO!01a;v}{DS+i<CCXlX_~|yaFaMTqHsGIt^E}PUrMs^Q
zP_J2;5<|hd7&lCoN21J|Fd{zt)a(Qf0vWnHMy@1a2u8M~9(5q2B$zWN&sWWdUI&)n
z*6+T(txUahz_APvcm}cuWsHr!CyLBJjzeeR2JUN%x#RFKk^_m!(HF>3Cwfg-tD!`J
zfL20<H#s<nl40&)-SW}3V=kLRG07Lq!2E16S^@g7H?zL>LqKi3!i;i7&-|Cx^R%e*
zkP2kqW+@N}Pg{3ioDp@K(2^p!tLh=BvN&bD?gwc@dVYF+%=^FGa6BY;DZe6Asdm2^
zQ!6u#(zlFJoTh;&H4SGcwz&~tmSCO$1DhJifd>JfalJcWy!Mwt@@(X*mycWJr^S*4
z=DJ{xZx77f+zm1F`X(MuNi4eOO~n@QK^rNC+D3c>{LRb-|GzMA{jo_nGvHdJ>)1n+
zS?-i&xM2;Elh@g(tP{1x^Mk?MP*Jhg-;?rqVRQFOsrsWl`>A7qRUpcW>R0pRO#=P}
DTq2(@

literal 0
HcmV?d00001


From 5bc2b8ec7bc15a97a852b57c8555cc4720f37c3e Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 19 Dec 2019 15:28:37 -0800
Subject: [PATCH 010/247] 1643831-windowsdocs-configmgr-rebrand_LK

---
 .../ltsc/whats-new-windows-10-2015.md         | 597 +++++++++---------
 1 file changed, 299 insertions(+), 298 deletions(-)

diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index b2e5edb37f..80c78d4413 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -1,298 +1,299 @@
----
-title: What's new in Windows 10 Enterprise 2015 LTSC
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-description: New and updated IT Pro content about new features in Windows 10 Enterprise 2015 LTSC (also known as Windows 10 Enterprise 2015 LTSB).
-keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 Enterprise 2015 LTSC"]
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.localizationpriority: low
-ms.topic: article
----
-
-# What's new in Windows 10 Enterprise 2015 LTSC
-
-**Applies to**
--   Windows 10 Enterprise 2015 LTSC
-
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise 2015 LTSC (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](index.md).
-
->[!NOTE]
->Features in Windows 10 Enterprise 2015 LTSC are equivalent to [Windows 10, version 1507](../whats-new-windows-10-version-1507-and-1511.md).
-
-## Deployment
-
-### Provisioning devices using Windows Imaging and Configuration Designer (ICD)
-
-With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image. Using Windows Provisioning, an IT administrator can easily specify the configuration and settings required to enroll devices into management using a wizard-driven user interface, and then apply this configuration to target devices in a matter of minutes. It is best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers.
-
-[Learn more about provisioning in Windows 10](/windows/configuration/provisioning-packages/provisioning-packages)
-
-## Security
-
-### Applocker
-
-Applocker was available for Windows 8.1, and is improved with Windows 10. See [Requirements to use AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md) for a list of operating system requirements.
-
-Enhancements to Applocker in Windows 10 include:
-
--   A new parameter was added to the [New-AppLockerPolicy](https://technet.microsoft.com/library/hh847211.aspx) Windows PowerShell cmdlet that lets you choose whether executable and DLL rule collections apply to non-interactive processes. To enable this, set the **ServiceEnforcement** to **Enabled**.
--   A new [AppLocker](https://msdn.microsoft.com/library/windows/hardware/dn920019.aspx) configuration service provider was add to allow you to enable AppLocker rules by using an MDM server.
--   You can manage Windows 10 Mobile devices by using the new [AppLocker CSP](https://msdn.microsoft.com/library/windows/hardware/dn920019.aspx).
-
-[Learn how to manage AppLocker within your organization](/windows/device-security/applocker/applocker-overview).
-
-### Bitlocker
-
-Enhancements to Applocker in Windows 10 include:
-
--   **Encrypt and recover your device with Azure Active Directory**. In addition to using a Microsoft Account, automatic [Device Encryption](https://technet.microsoft.com/itpro/windows/keep-secure/windows-10-security-guide#device-encryption) can now encrypt your devices that are joined to an Azure Active Directory domain. When the device is encrypted, the BitLocker recovery key is automatically escrowed to Azure Active Directory. This will make it easier to recover your BitLocker key online.
--   **DMA port protection**. You can use the [DataProtection/AllowDirectMemoryAccess](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#dataprotection-allowdirectmemoryaccess) MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
--   **New Group Policy for configuring pre-boot recovery**. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the [Configure pre-boot recovery message and URL](https://technet.microsoft.com/itpro/windows/keep-secure/bitlocker-group-policy-settings#bkmk-configurepreboot) section in "BitLocker Group Policy settings."
-
-[Learn how to deploy and manage BitLocker within your organization](/windows/device-security/bitlocker/bitlocker-overview).
-
-### Certificate management
-
-For Windows 10-based devices, you can use your MDM server to directly deploy client authentication certificates using Personal Information Exchange (PFX), in addition to enrolling using Simple Certificate Enrollment Protocol (SCEP), including certificates to enable Windows Hello for Business in your enterprise. You'll be able to use MDM to enroll, renew, and delete certificates. As in Windows Phone 8.1, you can use the [Certificates app](https://go.microsoft.com/fwlink/p/?LinkId=615824) to review the details of certificates on your device. [Learn how to install digital certificates on Windows 10 Mobile.](/windows/access-protection/installing-digital-certificates-on-windows-10-mobile)
-
-### Microsoft Passport
-
-In Windows 10, [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN.
-
-Microsoft Passport lets users authenticate to a Microsoft account, an Active Directory account, a Microsoft Azure Active Directory (AD) account, or non-Microsoft service that supports Fast ID Online (FIDO) authentication. After an initial two-step verification during Microsoft Passport enrollment, a Microsoft Passport is set up on the user's device and the user sets a gesture, which can be Windows Hello or a PIN. The user provides the gesture to verify identity; Windows then uses Microsoft Passport to authenticate users and help them to access protected resources and services.
-
-### Security auditing
-
-In Windows 10, security auditing has added some improvements:
--   [New audit subcategories](#bkmk-auditsubcat)
--   [More info added to existing audit events](#bkmk-moreinfo)
-
-#### <a href="" id="bkmk-auditsubcat"></a>New audit subcategories
-
-In Windows 10, two new audit subcategories were added to the Advanced Audit Policy Configuration to provide greater granularity in audit events:
--   [Audit Group Membership](/windows/device-security/auditing/audit-group-membership) Found in the Logon/Logoff audit category, the Audit Group Membership subcategory allows you to audit the group membership information in a user's logon token. Events in this subcategory are generated when group memberships are enumerated or queried on the PC where the logon session was created. For an interactive logon, the security audit event is generated on the PC that the user logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the PC hosting the resource.
-    When this setting is configured, one or more security audit events are generated for each successful logon. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information cannot fit in a single security audit event.
--   [Audit PNP Activity](/windows/device-security/auditing/audit-pnp-activity) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
-    Only Success audits are recorded for this category. If you do not configure this policy setting, no audit event is generated when an external device is detected by plug and play.
-    A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs are included in the event.
-
-#### <a href="" id="bkmk-moreinfo"></a>More info added to existing audit events
-
-With Windows 10, version 1507, we've added more info to existing audit events to make it easier for you to put together a full audit trail and come away with the information you need to protect your enterprise. Improvements were made to the following audit events:
--   [Changed the kernel default audit policy](#bkmk-kdal)
--   [Added a default process SACL to LSASS.exe](#bkmk-lsass)
--   [Added new fields in the logon event](#bkmk-logon)
--   [Added new fields in the process creation event](#bkmk-logon)
--   [Added new Security Account Manager events](#bkmk-sam)
--   [Added new BCD events](#bkmk-bcd)
--   [Added new PNP events](#bkmk-pnp)
-
-#### <a href="" id="bkmk-kdal"></a>Changed the kernel default audit policy
-
-In previous releases, the kernel depended on the Local Security Authority (LSA) to retrieve info in some of its events. In Windows 10, the process creation events audit policy is automatically enabled until an actual audit policy is received from LSA. This results in better auditing of services that may start before LSA starts.
-
-#### <a href="" id="bkmk-lsass"></a>Added a default process SACL to LSASS.exe
-
-In Windows 10, a default process SACL was added to LSASS.exe to log processes attempting to access LSASS.exe. The SACL is L"S:(AU;SAFA;0x0010;;;WD)". You can enable this under **Advanced Audit Policy Configuration\\Object Access\\Audit Kernel Object**.
-This can help identify attacks that steal credentials from the memory of a process.
-
-#### <a href="" id="bkmk-logon"></a>New fields in the logon event
-
-The logon event ID 4624 has been updated to include more verbose information to make them easier to analyze. The following fields have been added to event 4624:
-1.  **MachineLogon** String: yes or no
-    If the account that logged into the PC is a computer account, this field will be yes. Otherwise, the field is no.
-2.  **ElevatedToken** String: yes or no
-    If the account that logged into the PC is an administrative logon, this field will be yes. Otherwise, the field is no. Additionally, if this is part of a split token, the linked login ID (LSAP\_LOGON\_SESSION) will also be shown.
-3.  **TargetOutboundUserName** String
-    **TargetOutboundUserDomain** String
-    The username and domain of the identity that was created by the LogonUser method for outbound traffic.
-4.  **VirtualAccount** String: yes or no
-    If the account that logged into the PC is a virtual account, this field will be yes. Otherwise, the field is no.
-5.  **GroupMembership** String
-    A list of all of the groups in the user's token.
-6.  **RestrictedAdminMode** String: yes or no
-    If the user logs into the PC in restricted admin mode with Remote Desktop, this field will be yes.
-    For more info on restricted admin mode, see [Restricted Admin mode for RDP](http://blogs.technet.com/b/kfalde/archive/2013/08/14/restricted-admin-mode-for-rdp-in-windows-8-1-2012-r2.aspx).
-
-#### <a href="" id="bkmk-process"></a>New fields in the process creation event
-
-The logon event ID 4688 has been updated to include more verbose information to make them easier to analyze. The following fields have been added to event 4688:
-1.  **TargetUserSid** String
-    The SID of the target principal.
-2.  **TargetUserName** String
-    The account name of the target user.
-3.  **TargetDomainName** String
-    The domain of the target user..
-4.  **TargetLogonId** String
-    The logon ID of the target user.
-5.  **ParentProcessName** String
-    The name of the creator process.
-6.  **ParentProcessId** String
-    A pointer to the actual parent process if it's different from the creator process.
-
-#### <a href="" id="bkmk-sam"></a>New Security Account Manager events
-
-In Windows 10, new SAM events were added to cover SAM APIs that perform read/query operations. In previous versions of Windows, only write operations were audited. The new events are event ID 4798 and event ID 4799. The following APIs are now audited:
--   SamrEnumerateGroupsInDomain
--   SamrEnumerateUsersInDomain
--   SamrEnumerateAliasesInDomain
--   SamrGetAliasMembership
--   SamrLookupNamesInDomain
--   SamrLookupIdsInDomain
--   SamrQueryInformationUser
--   SamrQueryInformationGroup
--   SamrQueryInformationUserAlias
--   SamrGetMembersInGroup
--   SamrGetMembersInAlias
--   SamrGetUserDomainPasswordInformation
-
-#### <a href="" id="bkmk-bcd"></a>New BCD events
-
-Event ID 4826 has been added to track the following changes to the Boot Configuration Database (BCD):
--   DEP/NEX settings
--   Test signing
--   PCAT SB simulation
--   Debug
--   Boot debug
--   Integrity Services
--   Disable Winload debugging menu
-
-#### <a href="" id="bkmk-pnp"></a>New PNP events
-
-Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
-
-[Learn how to manage your security audit policies within your organization](/windows/device-security/auditing/security-auditing-overview).
-
-### Trusted Platform Module
-
-#### New TPM features in Windows 10
-
-The following sections describe the new and changed functionality in the TPM for Windows 10:
--   [Device health attestation](#bkmk-dha)
--   [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) support
--   [Device Guard](/windows/device-security/device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies) support
--   [Credential Guard](/windows/access-protection/credential-guard/credential-guard) support
-
-### <a href="" id="bkmk-dha"></a>Device health attestation
-
-Device health attestation enables enterprises to establish trust based on hardware and software components of a managed device. With device health attestation, you can configure an MDM server to query a health attestation service that will allow or deny a managed device access to a secure resource.
-Some things that you can check on the device are:
--   Is Data Execution Prevention supported and enabled?
--   Is BitLocker Drive Encryption supported and enabled?
--   Is SecureBoot supported and enabled?
-
-> **Note**  The device must be running Windows 10 and it must support at least TPM 2.0.
-
-[Learn how to deploy and manage TPM within your organization](/windows/device-security/tpm//trusted-platform-module-overview).
-
-### User Account Control
-
-User Account Control (UAC) helps prevent malware from damaging a computer and helps organizations deploy a better-managed desktop environment.
-
-You should not turn off UAC because this is not a supported scenario for devices running Windows 10. If you do turn off UAC, all Univeral Windows Platform apps stop working. You must always set the **HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableLUA** registry value to 1. If you need to provide auto elevation for programmatic access or installation, you could set the **HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ConsentPromptBehaviorAdmin** registry value to 0, which is the same as setting the UAC slider Never Notify. This is not recommended for devices running Windows 10.
-
-For more info about how manage UAC, see [UAC Group Policy Settings and Registry Key Settings](/windows/access-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings).
-
-In Windows 10, User Account Control has added some improvements:
-
--   **Integration with the Antimalware Scan Interface (AMSI)**. The [AMSI](https://msdn.microsoft.com/library/windows/desktop/dn889587.aspx) scans all UAC elevation requests for malware. If malware is detected, the admin privilege is blocked.
-
-[Learn how to manage User Account Control within your organization](/windows/access-protection/user-account-control/user-account-control-overview).
-
-### VPN profile options
-
-Windows 10 provides a set of VPN features that both increase enterprise security and provide an improved user experience, including:
-
-- Always-on auto connection behavior
-- App=triggered VPN
-- VPN traffic filters
-- Lock down VPN
-- Integration with Microsoft Passport for Work
-
-[Learn more about the VPN options in Windows 10.](/windows/access-protection/vpn/vpn-profile-options)
-
-
-## Management
-
-Windows 10 provides mobile device management (MDM) capabilities for PCs, laptops, tablets, and phones that enable enterprise-level management of corporate-owned and personal devices.
-
-### MDM support
-
-MDM policies for Windows 10 align with the policies supported in Windows 8.1 and are expanded to address even more enterprise scenarios, such as managing multiple users who have Microsoft Azure Active Directory (Azure AD) accounts, full control over the Microsoft Store, VPN configuration, and more.
-
-MDM support in Windows 10 is based on [Open Mobile Alliance (OMA)](https://go.microsoft.com/fwlink/p/?LinkId=533885) Device Management (DM) protocol 1.2.1 specification.
-
-Corporate-owned devices can be enrolled automatically for enterprises using Azure AD. [Reference for Mobile device management for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=533172)
-
-### Unenrollment
-
-When a person leaves your organization and you unenroll the user account or device from management, the enterprise-controlled configurations and apps are removed from the device. You can unenroll the device remotely or the person can unenroll by manually removing the account from the device.
-
-When a personal device is unenrolled, the user's data and apps are untouched, while enterprise information such as certificates, VPN profiles, and enterprise apps are removed.
-
-### Infrastructure
-
-Enterprises have the following identity and management choices.
-
-| Area | Choices |
-|---|---|
-| Identity   | Active Directory; Azure AD         |
-| Grouping   | Domain join; Workgroup; Azure AD join    |
-| Device management | Group Policy; System Center Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
-
- > **Note**  
-With the release of Windows Server 2012 R2, Network Access Protection (NAP) was deprecated and the NAP client has now been removed in Windows 10. For more information about support lifecycles, see [Microsoft Support Lifecycle](https://go.microsoft.com/fwlink/p/?LinkID=613512).
-
- 
-### Device lockdown
-
-
-Do you need a computer that can only do one thing? For example:
-
--   A device in the lobby that customers can use to view your product catalog.
--   A portable device that drivers can use to check a route on a map.
--   A device that a temporary worker uses to enter data.
-
-You can configure a persistent locked down state to [create a kiosk-type device](https://technet.microsoft.com/itpro/windows/manage/set-up-a-device-for-anyone-to-use). When the locked-down account is logged on, the device displays only the app that you select.
-
-You can also [configure a lockdown state](https://technet.microsoft.com/itpro/windows/manage/lock-down-windows-10-to-specific-apps) that takes effect when a given user account logs on. The lockdown restricts the user to only the apps that you specify.
-
-Lockdown settings can also be configured for device look and feel, such as a theme or a [custom layout on the Start screen](https://technet.microsoft.com/itpro/windows/manage/windows-10-start-layout-options-and-policies).
-
-### Customized Start layout
-
-A standard, customized Start layout can be useful on devices that are common to multiple users and devices that are locked down for specialized purposes. Starting in Windows 10, version 1511, administrators can configure a *partial* Start layout, which applies specified tile groups while allowing users to create and customize their own tile groups. Learn how to [customize and export Start layout](/windows/configuration/customize-and-export-start-layout).
-
-Administrators can also use mobile device management (MDM) or Group Policy to disable the use of [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight).
-
-## Updates
-
-Windows Update for Business enables information technology administrators to keep the Windows 10-based devices in their organization always up to date with the latest security defenses and Windows features by directly connecting these systems to Microsoft’s Windows Update service.
-
-By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279), Windows Update for Business is an easily established and implemented system which enables organizations and administrators to exercise control on how their Windows 10-based devices are updated, by allowing:
-
--   **Deployment and validation groups**; where administrators can specify which devices go first in an update wave, and which devices will come later (to ensure any quality bars are met).
-
--   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
-
--   **Use with existing tools** such as System Center Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
-
-Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [System Center Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
-
-
-Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).
-
-For more information about updating Windows 10, see [Windows 10 servicing options for updates and upgrades](/windows/deployment/update/waas-servicing-strategy-windows-10-updates).
-
-## Microsoft Edge
-
-Microsoft Edge is not available in the LTSC release of Windows 10.
-
-## See Also
-
-[Windows 10 Enterprise LTSC](index.md): A description of the LTSC servicing channel with links to information about each release.
-
+---
+title: What's new in Windows 10 Enterprise 2015 LTSC
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+description: New and updated IT Pro content about new features in Windows 10 Enterprise 2015 LTSC (also known as Windows 10 Enterprise 2015 LTSB).
+keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 Enterprise 2015 LTSC"]
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.localizationpriority: low
+ms.topic: article
+---
+
+# What's new in Windows 10 Enterprise 2015 LTSC
+
+**Applies to**
+-   Windows 10 Enterprise 2015 LTSC
+
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise 2015 LTSC (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](index.md).
+
+>[!NOTE]
+>Features in Windows 10 Enterprise 2015 LTSC are equivalent to [Windows 10, version 1507](../whats-new-windows-10-version-1507-and-1511.md).
+
+## Deployment
+
+### Provisioning devices using Windows Imaging and Configuration Designer (ICD)
+
+With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image. Using Windows Provisioning, an IT administrator can easily specify the configuration and settings required to enroll devices into management using a wizard-driven user interface, and then apply this configuration to target devices in a matter of minutes. It is best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers.
+
+[Learn more about provisioning in Windows 10](/windows/configuration/provisioning-packages/provisioning-packages)
+
+## Security
+
+### Applocker
+
+Applocker was available for Windows 8.1, and is improved with Windows 10. See [Requirements to use AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md) for a list of operating system requirements.
+
+Enhancements to Applocker in Windows 10 include:
+
+-   A new parameter was added to the [New-AppLockerPolicy](https://technet.microsoft.com/library/hh847211.aspx) Windows PowerShell cmdlet that lets you choose whether executable and DLL rule collections apply to non-interactive processes. To enable this, set the **ServiceEnforcement** to **Enabled**.
+-   A new [AppLocker](https://msdn.microsoft.com/library/windows/hardware/dn920019.aspx) configuration service provider was add to allow you to enable AppLocker rules by using an MDM server.
+-   You can manage Windows 10 Mobile devices by using the new [AppLocker CSP](https://msdn.microsoft.com/library/windows/hardware/dn920019.aspx).
+
+[Learn how to manage AppLocker within your organization](/windows/device-security/applocker/applocker-overview).
+
+### Bitlocker
+
+Enhancements to Applocker in Windows 10 include:
+
+-   **Encrypt and recover your device with Azure Active Directory**. In addition to using a Microsoft Account, automatic [Device Encryption](https://technet.microsoft.com/itpro/windows/keep-secure/windows-10-security-guide#device-encryption) can now encrypt your devices that are joined to an Azure Active Directory domain. When the device is encrypted, the BitLocker recovery key is automatically escrowed to Azure Active Directory. This will make it easier to recover your BitLocker key online.
+-   **DMA port protection**. You can use the [DataProtection/AllowDirectMemoryAccess](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#dataprotection-allowdirectmemoryaccess) MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
+-   **New Group Policy for configuring pre-boot recovery**. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the [Configure pre-boot recovery message and URL](https://technet.microsoft.com/itpro/windows/keep-secure/bitlocker-group-policy-settings#bkmk-configurepreboot) section in "BitLocker Group Policy settings."
+
+[Learn how to deploy and manage BitLocker within your organization](/windows/device-security/bitlocker/bitlocker-overview).
+
+### Certificate management
+
+For Windows 10-based devices, you can use your MDM server to directly deploy client authentication certificates using Personal Information Exchange (PFX), in addition to enrolling using Simple Certificate Enrollment Protocol (SCEP), including certificates to enable Windows Hello for Business in your enterprise. You'll be able to use MDM to enroll, renew, and delete certificates. As in Windows Phone 8.1, you can use the [Certificates app](https://go.microsoft.com/fwlink/p/?LinkId=615824) to review the details of certificates on your device. [Learn how to install digital certificates on Windows 10 Mobile.](/windows/access-protection/installing-digital-certificates-on-windows-10-mobile)
+
+### Microsoft Passport
+
+In Windows 10, [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN.
+
+Microsoft Passport lets users authenticate to a Microsoft account, an Active Directory account, a Microsoft Azure Active Directory (AD) account, or non-Microsoft service that supports Fast ID Online (FIDO) authentication. After an initial two-step verification during Microsoft Passport enrollment, a Microsoft Passport is set up on the user's device and the user sets a gesture, which can be Windows Hello or a PIN. The user provides the gesture to verify identity; Windows then uses Microsoft Passport to authenticate users and help them to access protected resources and services.
+
+### Security auditing
+
+In Windows 10, security auditing has added some improvements:
+-   [New audit subcategories](#bkmk-auditsubcat)
+-   [More info added to existing audit events](#bkmk-moreinfo)
+
+#### <a href="" id="bkmk-auditsubcat"></a>New audit subcategories
+
+In Windows 10, two new audit subcategories were added to the Advanced Audit Policy Configuration to provide greater granularity in audit events:
+-   [Audit Group Membership](/windows/device-security/auditing/audit-group-membership) Found in the Logon/Logoff audit category, the Audit Group Membership subcategory allows you to audit the group membership information in a user's logon token. Events in this subcategory are generated when group memberships are enumerated or queried on the PC where the logon session was created. For an interactive logon, the security audit event is generated on the PC that the user logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the PC hosting the resource.
+    When this setting is configured, one or more security audit events are generated for each successful logon. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information cannot fit in a single security audit event.
+-   [Audit PNP Activity](/windows/device-security/auditing/audit-pnp-activity) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
+    Only Success audits are recorded for this category. If you do not configure this policy setting, no audit event is generated when an external device is detected by plug and play.
+    A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs are included in the event.
+
+#### <a href="" id="bkmk-moreinfo"></a>More info added to existing audit events
+
+With Windows 10, version 1507, we've added more info to existing audit events to make it easier for you to put together a full audit trail and come away with the information you need to protect your enterprise. Improvements were made to the following audit events:
+-   [Changed the kernel default audit policy](#bkmk-kdal)
+-   [Added a default process SACL to LSASS.exe](#bkmk-lsass)
+-   [Added new fields in the logon event](#bkmk-logon)
+-   [Added new fields in the process creation event](#bkmk-logon)
+-   [Added new Security Account Manager events](#bkmk-sam)
+-   [Added new BCD events](#bkmk-bcd)
+-   [Added new PNP events](#bkmk-pnp)
+
+#### <a href="" id="bkmk-kdal"></a>Changed the kernel default audit policy
+
+In previous releases, the kernel depended on the Local Security Authority (LSA) to retrieve info in some of its events. In Windows 10, the process creation events audit policy is automatically enabled until an actual audit policy is received from LSA. This results in better auditing of services that may start before LSA starts.
+
+#### <a href="" id="bkmk-lsass"></a>Added a default process SACL to LSASS.exe
+
+In Windows 10, a default process SACL was added to LSASS.exe to log processes attempting to access LSASS.exe. The SACL is L"S:(AU;SAFA;0x0010;;;WD)". You can enable this under **Advanced Audit Policy Configuration\\Object Access\\Audit Kernel Object**.
+This can help identify attacks that steal credentials from the memory of a process.
+
+#### <a href="" id="bkmk-logon"></a>New fields in the logon event
+
+The logon event ID 4624 has been updated to include more verbose information to make them easier to analyze. The following fields have been added to event 4624:
+1.  **MachineLogon** String: yes or no
+    If the account that logged into the PC is a computer account, this field will be yes. Otherwise, the field is no.
+2.  **ElevatedToken** String: yes or no
+    If the account that logged into the PC is an administrative logon, this field will be yes. Otherwise, the field is no. Additionally, if this is part of a split token, the linked login ID (LSAP\_LOGON\_SESSION) will also be shown.
+3.  **TargetOutboundUserName** String
+    **TargetOutboundUserDomain** String
+    The username and domain of the identity that was created by the LogonUser method for outbound traffic.
+4.  **VirtualAccount** String: yes or no
+    If the account that logged into the PC is a virtual account, this field will be yes. Otherwise, the field is no.
+5.  **GroupMembership** String
+    A list of all of the groups in the user's token.
+6.  **RestrictedAdminMode** String: yes or no
+    If the user logs into the PC in restricted admin mode with Remote Desktop, this field will be yes.
+    For more info on restricted admin mode, see [Restricted Admin mode for RDP](http://blogs.technet.com/b/kfalde/archive/2013/08/14/restricted-admin-mode-for-rdp-in-windows-8-1-2012-r2.aspx).
+
+#### <a href="" id="bkmk-process"></a>New fields in the process creation event
+
+The logon event ID 4688 has been updated to include more verbose information to make them easier to analyze. The following fields have been added to event 4688:
+1.  **TargetUserSid** String
+    The SID of the target principal.
+2.  **TargetUserName** String
+    The account name of the target user.
+3.  **TargetDomainName** String
+    The domain of the target user..
+4.  **TargetLogonId** String
+    The logon ID of the target user.
+5.  **ParentProcessName** String
+    The name of the creator process.
+6.  **ParentProcessId** String
+    A pointer to the actual parent process if it's different from the creator process.
+
+#### <a href="" id="bkmk-sam"></a>New Security Account Manager events
+
+In Windows 10, new SAM events were added to cover SAM APIs that perform read/query operations. In previous versions of Windows, only write operations were audited. The new events are event ID 4798 and event ID 4799. The following APIs are now audited:
+-   SamrEnumerateGroupsInDomain
+-   SamrEnumerateUsersInDomain
+-   SamrEnumerateAliasesInDomain
+-   SamrGetAliasMembership
+-   SamrLookupNamesInDomain
+-   SamrLookupIdsInDomain
+-   SamrQueryInformationUser
+-   SamrQueryInformationGroup
+-   SamrQueryInformationUserAlias
+-   SamrGetMembersInGroup
+-   SamrGetMembersInAlias
+-   SamrGetUserDomainPasswordInformation
+
+#### <a href="" id="bkmk-bcd"></a>New BCD events
+
+Event ID 4826 has been added to track the following changes to the Boot Configuration Database (BCD):
+-   DEP/NEX settings
+-   Test signing
+-   PCAT SB simulation
+-   Debug
+-   Boot debug
+-   Integrity Services
+-   Disable Winload debugging menu
+
+#### <a href="" id="bkmk-pnp"></a>New PNP events
+
+Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
+
+[Learn how to manage your security audit policies within your organization](/windows/device-security/auditing/security-auditing-overview).
+
+### Trusted Platform Module
+
+#### New TPM features in Windows 10
+
+The following sections describe the new and changed functionality in the TPM for Windows 10:
+-   [Device health attestation](#bkmk-dha)
+-   [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) support
+-   [Device Guard](/windows/device-security/device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies) support
+-   [Credential Guard](/windows/access-protection/credential-guard/credential-guard) support
+
+### <a href="" id="bkmk-dha"></a>Device health attestation
+
+Device health attestation enables enterprises to establish trust based on hardware and software components of a managed device. With device health attestation, you can configure an MDM server to query a health attestation service that will allow or deny a managed device access to a secure resource.
+Some things that you can check on the device are:
+-   Is Data Execution Prevention supported and enabled?
+-   Is BitLocker Drive Encryption supported and enabled?
+-   Is SecureBoot supported and enabled?
+
+> **Note**  The device must be running Windows 10 and it must support at least TPM 2.0.
+
+[Learn how to deploy and manage TPM within your organization](/windows/device-security/tpm//trusted-platform-module-overview).
+
+### User Account Control
+
+User Account Control (UAC) helps prevent malware from damaging a computer and helps organizations deploy a better-managed desktop environment.
+
+You should not turn off UAC because this is not a supported scenario for devices running Windows 10. If you do turn off UAC, all Univeral Windows Platform apps stop working. You must always set the **HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableLUA** registry value to 1. If you need to provide auto elevation for programmatic access or installation, you could set the **HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ConsentPromptBehaviorAdmin** registry value to 0, which is the same as setting the UAC slider Never Notify. This is not recommended for devices running Windows 10.
+
+For more info about how manage UAC, see [UAC Group Policy Settings and Registry Key Settings](/windows/access-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings).
+
+In Windows 10, User Account Control has added some improvements:
+
+-   **Integration with the Antimalware Scan Interface (AMSI)**. The [AMSI](https://msdn.microsoft.com/library/windows/desktop/dn889587.aspx) scans all UAC elevation requests for malware. If malware is detected, the admin privilege is blocked.
+
+[Learn how to manage User Account Control within your organization](/windows/access-protection/user-account-control/user-account-control-overview).
+
+### VPN profile options
+
+Windows 10 provides a set of VPN features that both increase enterprise security and provide an improved user experience, including:
+
+- Always-on auto connection behavior
+- App=triggered VPN
+- VPN traffic filters
+- Lock down VPN
+- Integration with Microsoft Passport for Work
+
+[Learn more about the VPN options in Windows 10.](/windows/access-protection/vpn/vpn-profile-options)
+
+
+## Management
+
+Windows 10 provides mobile device management (MDM) capabilities for PCs, laptops, tablets, and phones that enable enterprise-level management of corporate-owned and personal devices.
+
+### MDM support
+
+MDM policies for Windows 10 align with the policies supported in Windows 8.1 and are expanded to address even more enterprise scenarios, such as managing multiple users who have Microsoft Azure Active Directory (Azure AD) accounts, full control over the Microsoft Store, VPN configuration, and more.
+
+MDM support in Windows 10 is based on [Open Mobile Alliance (OMA)](https://go.microsoft.com/fwlink/p/?LinkId=533885) Device Management (DM) protocol 1.2.1 specification.
+
+Corporate-owned devices can be enrolled automatically for enterprises using Azure AD. [Reference for Mobile device management for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=533172)
+
+### Unenrollment
+
+When a person leaves your organization and you unenroll the user account or device from management, the enterprise-controlled configurations and apps are removed from the device. You can unenroll the device remotely or the person can unenroll by manually removing the account from the device.
+
+When a personal device is unenrolled, the user's data and apps are untouched, while enterprise information such as certificates, VPN profiles, and enterprise apps are removed.
+
+### Infrastructure
+
+Enterprises have the following identity and management choices.
+
+| Area | Choices |
+|---|---|
+| Identity   | Active Directory; Azure AD         |
+| Grouping   | Domain join; Workgroup; Azure AD join    |
+| Device management | Group Policy; Microsoft Endpoint Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
+
+ > **Note**  
+With the release of Windows Server 2012 R2, Network Access Protection (NAP) was deprecated and the NAP client has now been removed in Windows 10. For more information about support lifecycles, see [Microsoft Support Lifecycle](https://go.microsoft.com/fwlink/p/?LinkID=613512).
+
+ 
+### Device lockdown
+
+
+Do you need a computer that can only do one thing? For example:
+
+-   A device in the lobby that customers can use to view your product catalog.
+-   A portable device that drivers can use to check a route on a map.
+-   A device that a temporary worker uses to enter data.
+
+You can configure a persistent locked down state to [create a kiosk-type device](https://technet.microsoft.com/itpro/windows/manage/set-up-a-device-for-anyone-to-use). When the locked-down account is logged on, the device displays only the app that you select.
+
+You can also [configure a lockdown state](https://technet.microsoft.com/itpro/windows/manage/lock-down-windows-10-to-specific-apps) that takes effect when a given user account logs on. The lockdown restricts the user to only the apps that you specify.
+
+Lockdown settings can also be configured for device look and feel, such as a theme or a [custom layout on the Start screen](https://technet.microsoft.com/itpro/windows/manage/windows-10-start-layout-options-and-policies).
+
+### Customized Start layout
+
+A standard, customized Start layout can be useful on devices that are common to multiple users and devices that are locked down for specialized purposes. Starting in Windows 10, version 1511, administrators can configure a *partial* Start layout, which applies specified tile groups while allowing users to create and customize their own tile groups. Learn how to [customize and export Start layout](/windows/configuration/customize-and-export-start-layout).
+
+Administrators can also use mobile device management (MDM) or Group Policy to disable the use of [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight).
+
+## Updates
+
+Windows Update for Business enables information technology administrators to keep the Windows 10-based devices in their organization always up to date with the latest security defenses and Windows features by directly connecting these systems to Microsoft’s Windows Update service.
+
+By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279), Windows Update for Business is an easily established and implemented system which enables organizations and administrators to exercise control on how their Windows 10-based devices are updated, by allowing:
+
+-   **Deployment and validation groups**; where administrators can specify which devices go first in an update wave, and which devices will come later (to ensure any quality bars are met).
+
+-   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
+
+-   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
+
+Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
+
+
+Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).
+
+For more information about updating Windows 10, see [Windows 10 servicing options for updates and upgrades](/windows/deployment/update/waas-servicing-strategy-windows-10-updates).
+
+## Microsoft Edge
+
+Microsoft Edge is not available in the LTSC release of Windows 10.
+
+## See Also
+
+[Windows 10 Enterprise LTSC](index.md): A description of the LTSC servicing channel with links to information about each release.
+

From f27bc3752460cb5b466ef5042d0a5428e68bd8f3 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 19 Dec 2019 17:36:15 -0800
Subject: [PATCH 011/247] scorecard terminology corrections

---
 .../ltsc/whats-new-windows-10-2015.md          | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 80c78d4413..3749ad2dce 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -60,11 +60,11 @@ Enhancements to Applocker in Windows 10 include:
 
 For Windows 10-based devices, you can use your MDM server to directly deploy client authentication certificates using Personal Information Exchange (PFX), in addition to enrolling using Simple Certificate Enrollment Protocol (SCEP), including certificates to enable Windows Hello for Business in your enterprise. You'll be able to use MDM to enroll, renew, and delete certificates. As in Windows Phone 8.1, you can use the [Certificates app](https://go.microsoft.com/fwlink/p/?LinkId=615824) to review the details of certificates on your device. [Learn how to install digital certificates on Windows 10 Mobile.](/windows/access-protection/installing-digital-certificates-on-windows-10-mobile)
 
-### Microsoft Passport
+### Windows Live ID
 
-In Windows 10, [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN.
+In Windows 10, [Windows Live ID service](/windows/access-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN.
 
-Microsoft Passport lets users authenticate to a Microsoft account, an Active Directory account, a Microsoft Azure Active Directory (AD) account, or non-Microsoft service that supports Fast ID Online (FIDO) authentication. After an initial two-step verification during Microsoft Passport enrollment, a Microsoft Passport is set up on the user's device and the user sets a gesture, which can be Windows Hello or a PIN. The user provides the gesture to verify identity; Windows then uses Microsoft Passport to authenticate users and help them to access protected resources and services.
+Windows Live ID service lets users authenticate to a Microsoft account, an Active Directory account, a Microsoft Azure Active Directory (AD) account, or non-Microsoft service that supports Fast ID Online (FIDO) authentication. After an initial two-step verification during Windows Live ID service enrollment, a Windows Live ID service is set up on the user's device and the user sets a gesture, which can be Windows Hello or a PIN. The user provides the gesture to verify identity; Windows then uses Windows Live ID service to authenticate users and help them to access protected resources and services.
 
 ### Security auditing
 
@@ -117,7 +117,7 @@ The logon event ID 4624 has been updated to include more verbose information to
     A list of all of the groups in the user's token.
 6.  **RestrictedAdminMode** String: yes or no
     If the user logs into the PC in restricted admin mode with Remote Desktop, this field will be yes.
-    For more info on restricted admin mode, see [Restricted Admin mode for RDP](http://blogs.technet.com/b/kfalde/archive/2013/08/14/restricted-admin-mode-for-rdp-in-windows-8-1-2012-r2.aspx).
+    For more info on restricted admin mode, see [Restricted Admin mode for RDP](https://blogs.technet.com/b/kfalde/archive/2013/08/14/restricted-admin-mode-for-rdp-in-windows-8-1-2012-r2.aspx).
 
 #### <a href="" id="bkmk-process"></a>New fields in the process creation event
 
@@ -174,7 +174,7 @@ Event ID 6416 has been added to track when an external device is detected throug
 
 The following sections describe the new and changed functionality in the TPM for Windows 10:
 -   [Device health attestation](#bkmk-dha)
--   [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) support
+-   [Windows Live ID](/windows/access-protection/hello-for-business/hello-identity-verification) support
 -   [Device Guard](/windows/device-security/device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies) support
 -   [Credential Guard](/windows/access-protection/credential-guard/credential-guard) support
 
@@ -212,7 +212,7 @@ Windows 10 provides a set of VPN features that both increase enterprise security
 - App=triggered VPN
 - VPN traffic filters
 - Lock down VPN
-- Integration with Microsoft Passport for Work
+- Integration with Windows Live ID for Work
 
 [Learn more about the VPN options in Windows 10.](/windows/access-protection/vpn/vpn-profile-options)
 
@@ -264,9 +264,9 @@ You can also [configure a lockdown state](https://technet.microsoft.com/itpro/wi
 
 Lockdown settings can also be configured for device look and feel, such as a theme or a [custom layout on the Start screen](https://technet.microsoft.com/itpro/windows/manage/windows-10-start-layout-options-and-policies).
 
-### Customized Start layout
+### Start layout
 
-A standard, customized Start layout can be useful on devices that are common to multiple users and devices that are locked down for specialized purposes. Starting in Windows 10, version 1511, administrators can configure a *partial* Start layout, which applies specified tile groups while allowing users to create and customize their own tile groups. Learn how to [customize and export Start layout](/windows/configuration/customize-and-export-start-layout).
+A standard Start layout can be useful on devices that are common to multiple users and devices that are locked down for specialized purposes. Starting in Windows 10, version 1511, administrators can configure a *partial* Start layout, which applies specified tile groups while allowing users to create and customize their own tile groups. Learn how to [customize and export Start layout](/windows/configuration/customize-and-export-start-layout).
 
 Administrators can also use mobile device management (MDM) or Group Policy to disable the use of [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight).
 
@@ -280,7 +280,7 @@ By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279
 
 -   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
 
--   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
+-   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility + Security E3](https://go.microsoft.com/fwlink/p/?LinkId=699281).
 
 Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
 

From 8548ff01cff59d13e58a59e4cdd06beedd289945 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 20 Dec 2019 14:47:14 -0800
Subject: [PATCH 012/247] thirty files config mgr rebrand

---
 ...hell-cmdlets-windows-defender-antivirus.md |   4 +-
 .../use-wmi-windows-defender-antivirus.md     |   2 +-
 ...d-protection-windows-defender-antivirus.md |  12 +-
 ...indows-defender-antivirus-compatibility.md |   2 +-
 .../windows-defender-offline.md               |   4 +-
 ...rt-windows-defender-application-control.md |  12 +-
 ...s-defender-application-control-policies.md |   2 +-
 .../select-types-of-rules-to-create.md        |   2 +-
 .../types-of-devices.md                       |   2 +-
 ...ication-control-policy-design-decisions.md |   2 +-
 ...control-with-intelligent-security-graph.md |   2 +-
 ...lication-control-with-managed-installer.md |   6 +-
 .../reqs-wd-app-guard.md                      |   2 +-
 .../wd-app-guard-overview.md                  |   4 +-
 .../wdsc-device-performance-health.md         |   2 +-
 .../wdsc-hide-notifications.md                |   2 +-
 .../windows-defender-security-center.md       |   4 +-
 ...sed-root-of-trust-helps-protect-windows.md |   2 +-
 ...sed-root-of-trust-helps-protect-windows.md |   2 +-
 .../windows-security-baselines.md             |   4 +-
 .../get-support-for-security-baselines.md     |   2 +-
 .../windows-security-baselines.md             |   4 +-
 .../ltsc/whats-new-windows-10-2015.md         |  24 +-
 .../ltsc/whats-new-windows-10-2016.md         | 357 +++++++++---------
 .../ltsc/whats-new-windows-10-2019.md         |   4 +-
 ...ts-new-windows-10-version-1507-and-1511.md |  12 +-
 .../whats-new-windows-10-version-1703.md      |   2 +-
 .../whats-new-windows-10-version-1803.md      |   2 +-
 .../whats-new-windows-10-version-1903.md      |   2 +-
 .../whats-new-windows-10-version-1909.md      |   2 +-
 30 files changed, 243 insertions(+), 242 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
index 326511d75c..45180f8c80 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
@@ -30,9 +30,9 @@ For a list of the cmdlets and their functions and available parameters, see the
 PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. 
 
 > [!NOTE]
-> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [System Center Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx), [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), or [Windows Defender Antivirus Group Policy ADMX templates](https://support.microsoft.com/kb/927367).
+> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx), [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), or [Windows Defender Antivirus Group Policy ADMX templates](https://support.microsoft.com/kb/927367).
 
-Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, System Center Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. 
+Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. 
 
 You can [configure which settings can be overridden locally with local policy overrides](configure-local-policy-overrides-windows-defender-antivirus.md).
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
index 0e88dfd58b..bac24170b6 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
@@ -31,7 +31,7 @@ Windows Defender Antivirus has a number of specific WMI classes that can be used
 
 The [MSDN Windows Defender WMIv2 Provider reference library](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx) lists the available WMI classes for Windows Defender Antivirus, and includes example scripts.
 
-Changes made with WMI will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, System Center Configuration Manager, or Microsoft Intune can overwrite changes made with WMI. 
+Changes made with WMI will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with WMI. 
 
 You can [configure which settings can be overridden locally  with local policy overrides](configure-local-policy-overrides-windows-defender-antivirus.md).
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index e1d2d9c8e9..f05dbf11e6 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -60,10 +60,10 @@ Organizations running Windows 10 E5, version 1803 can also take advantage of eme
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 
-The following table describes the differences in cloud-delivered protection between recent versions of Windows and System Center Configuration Manager.
+The following table describes the differences in cloud-delivered protection between recent versions of Windows and Microsoft Endpoint Configuration Manager.
 
 
-Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center Configuration Manager 2012 | System Center Configuration Manager (Current Branch) | Microsoft Intune
+Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center Configuration Manager 2012 | Microsoft Endpoint Configuration Manager (Current Branch) | Microsoft Intune
 ---|---|---|---|---|---|---
 Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service
 Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version
@@ -76,8 +76,8 @@ You can also [configure Windows Defender AV to automatically receive new protect
 
  Topic | Description 
 ---|---
-[Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | You can enable cloud-delivered protection with System Center Configuration Manager, Group Policy, Microsoft Intune, and PowerShell cmdlets.
-[Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and System Center Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
+[Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | You can enable cloud-delivered protection with Microsoft Endpoint Configuration Manager, Group Policy, Microsoft Intune, and PowerShell cmdlets.
+[Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and Microsoft Endpoint Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
 [Configure and validate network connections for Windows Defender Antivirus](configure-network-connections-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection.
-[Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence . You can enable and configure it with System Center Configuration Manager and Group Policy.
-[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with System Center Configuration Manager and Group Policy.
+[Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence. You can enable and configure it with Microsoft Endpoint Configuration Manager and Group Policy.
+[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running withMicrosoft Endpoint Configuration Manager and Group Policy.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
index 369ebfe876..64efaa5752 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
@@ -57,7 +57,7 @@ See the [Windows Defender Antivirus on Windows Server 2016](windows-defender-ant
 >[!IMPORTANT]
 >Windows Defender AV is only available on endpoints running Windows 10 or Windows Server 2016.  
 >  
->In Windows 8.1 and Windows Server 2012, enterprise-level endpoint antivirus protection is offered as [System Center Endpoint Protection](https://technet.microsoft.com/library/hh508760.aspx), which is managed through System Center Configuration Manager.  
+>In Windows 8.1 and Windows Server 2012, enterprise-level endpoint antivirus protection is offered as [System Center Endpoint Protection](https://technet.microsoft.com/library/hh508760.aspx), which is managed through Microsoft Endpoint Configuration Manager.  
 >  
 >Windows Defender is also offered for [consumer devices on Windows 8.1 and Windows Server 2012](https://technet.microsoft.com/library/dn344918#BKMK_WindowsDefender), although it does not provide enterprise-level management (or an interface on Windows Server 2012 Server Core installations). 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
index 4187645c2e..45d2f577d4 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
@@ -57,7 +57,7 @@ See the [Manage Windows Defender Antivirus Security intelligence  updates](manag
 
 In Windows 10, version 1607, you can manually force an offline scan. Alternatively, if Windows Defender determines that Windows Defender Offline needs to run, it will prompt the user on the endpoint. 
 
-The need to perform an offline scan will also be revealed in System Center Configuration Manager if you're using it to manage your endpoints.
+The need to perform an offline scan will also be revealed in Microsoft Endpoint Configuration Manager if you're using it to manage your endpoints.
 
 The prompt can occur via a notification, similar to the following:
 
@@ -71,7 +71,7 @@ In Configuration Manager, you can identify the status of endpoints by navigating
 
 Windows Defender Offline scans are indicated under **Malware remediation status** as **Offline scan required**.
 
-![System Center Configuration Manager indicating a Windows Defender Offline scan is required](images/defender/sccm-wdo.png)
+![Microsoft Endpoint Configuration Manager indicating a Windows Defender Offline scan is required](images/defender/sccm-wdo.png)
 
 ## Configure notifications
 <a name="manage-notifications"></a>
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md
index 765289825b..1accae5758 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md
@@ -143,7 +143,7 @@ To sign the existing catalog file, copy each of the following commands into an e
 
 5. Copy the catalog file to C:\\Windows\\System32\\catroot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}.
 
-   For testing purposes, you can manually copy signed catalog files to their intended folder. For large-scale implementations, to copy the appropriate catalog files to all desired computers, we recommend that you use Group Policy File Preferences or an enterprise systems management product such as System Center Configuration Manager. Doing this also simplifies the management of catalog versions.
+   For testing purposes, you can manually copy signed catalog files to their intended folder. For large-scale implementations, to copy the appropriate catalog files to all desired computers, we recommend that you use Group Policy File Preferences or an enterprise systems management product such as Microsoft Endpoint Configuration Manager. Doing this also simplifies the management of catalog versions.
 
 ## Add a catalog signing certificate to a Windows Defender Application Control policy
 
@@ -217,9 +217,9 @@ To simplify the management of catalog files, you can use Group Policy preference
 
 Before you begin testing the deployed catalog file, make sure that the catalog signing certificate has been added to an appropriate WDAC policy.
 
-## Deploy catalog files with System Center Configuration Manager
+## Deploy catalog files with Microsoft Endpoint Configuration Manager
 
-As an alternative to Group Policy, you can use System Center Configuration Manager to deploy catalog files to the managed computers in your environment. This approach can simplify the deployment and management of multiple catalog files as well as provide reporting around which catalog each client or collection has deployed. In addition to the deployment of these files, System Center Configuration Manager can also be used to inventory the currently deployed catalog files for reporting and compliance purposes. Complete the following steps to create a new deployment package for catalog files:
+As an alternative to Group Policy, you can use Microsoft Endpoint Configuration Manager to deploy catalog files to the managed computers in your environment. This approach can simplify the deployment and management of multiple catalog files as well as provide reporting around which catalog each client or collection has deployed. In addition to the deployment of these files, Microsoft Endpoint Configuration Manager can also be used to inventory the currently deployed catalog files for reporting and compliance purposes. Complete the following steps to create a new deployment package for catalog files:
 
 >[!NOTE]
 >The following example uses a network share named \\\\Shares\\CatalogShare as a source for the catalog files. If you have collection specific catalog files, or prefer to deploy them individually, use whichever folder structure works best for your organization.
@@ -292,9 +292,9 @@ After you create the deployment package, deploy it to a collection so that the c
 
 Before you begin testing the deployed catalog file, make sure that the catalog signing certificate has been added to an appropriate WDAC policy,.
 
-## Inventory catalog files with System Center Configuration Manager
+## Inventory catalog files with Microsoft Endpoint Configuration Manager
 
-When catalog files have been deployed to the computers within your environment, whether by using Group Policy or System Center Configuration Manager, you can inventory them with the software inventory feature of System Center Configuration Manager. The following process walks you through the enablement of software inventory to discover catalog files on your managed systems through the creation and deployment of a new client settings policy.
+When catalog files have been deployed to the computers within your environment, whether by using Group Policy or Microsoft Endpoint Configuration Manager, you can inventory them with the software inventory feature of Microsoft Endpoint Configuration Manager. The following process walks you through the enablement of software inventory to discover catalog files on your managed systems through the creation and deployment of a new client settings policy.
 
 >[!NOTE]
 >A standard naming convention for your catalog files will significantly simplify the catalog file software inventory process. In this example, *-Contoso* has been added to all catalog file names.
@@ -332,7 +332,7 @@ When catalog files have been deployed to the computers within your environment,
 
 9.  Now that you have created the client settings policy, right-click the new policy, click **Deploy**, and then choose the collection on which you would like to inventory the catalog files.
 
-At the time of the next software inventory cycle, when the targeted clients receive the new client settings policy, you will be able to view the inventoried files in the built-in System Center Configuration Manager reports or Resource Explorer. To view the inventoried files on a client within Resource Explorer, complete the following steps:
+At the time of the next software inventory cycle, when the targeted clients receive the new client settings policy, you will be able to view the inventoried files in the built-in Microsoft Endpoint Configuration Manager reports or Resource Explorer. To view the inventoried files on a client within Resource Explorer, complete the following steps:
 
 1.  Open the Configuration Manager console, and select the Assets and Compliance workspace.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md
index ef6e327975..6054e9f6bd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md
@@ -27,7 +27,7 @@ ms.date: 05/03/2018
 Because each computer running Windows 10 can have only one WDAC policy, you will occasionally need to merge two or more policies. For example, after a WDAC policy is created and audited, you might want to merge audit events from another WDAC policy.
 
 > [!NOTE]
-> Because only one SiPolicy.p7b file can be active on a system, the last management authority to write the policy wins. If there was already a policy deployed by using Group Policy and then amanaged installer using System Center Configuration Manager (SCCM) targeted the same device, the SCCM policy would overwrite the SiPolicy.p7b file.
+> Because only one SiPolicy.p7b file can be active on a system, the last management authority to write the policy wins. If there was already a policy deployed by using Group Policy and then a managed installer using Microsoft Endpoint Configuration Manager targeted the same device, the Configuration Manager policy would overwrite the SiPolicy.p7b file.
 
 To merge two WDAC policies, complete the following steps in an elevated Windows PowerShell session:
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 9633a7cf60..33582e68a9 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -62,7 +62,7 @@ You can set several rule options within a WDAC policy. Table 1 describes each ru
 | **10 Enabled:Boot Audit on Failure** | Used when the WDAC policy is in enforcement mode. When a driver fails during startup, the WDAC policy will be placed in audit mode so that Windows will load. Administrators can validate the reason for the failure in the CodeIntegrity event log. |
 | **11 Disabled:Script Enforcement** | This option disables script enforcement options. Unsigned PowerShell scripts and interactive PowerShell are no longer restricted to [Constrained Language Mode](https://docs.microsoft.com/powershell/module/microsoft.powershell.core/about/about_language_modes). NOTE: This option is only supported with the Windows 10 May 2019 Update (1903) and higher. Using it on earlier versions of Windows 10 is not supported and may have unintended results. |
 | **12 Required:Enforce Store Applications** | If this rule option is enabled, WDAC policies will also apply to Universal Windows applications. |
-| **13 Enabled:Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as System Center Configuration Manager, that has been defined as a managed installer. |
+| **13 Enabled:Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Endpoint Configuration Manager, that has been defined as a managed installer. |
 | **14 Enabled:Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by Microsoft’s Intelligent Security Graph (ISG). |
 | **15 Enabled:Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, WDAC sets an extended file attribute that indicates that the file was authorized to run. This option will cause WDAC to periodically re-validate the reputation for files that were authorized by the ISG.| 
 | **16 Enabled:Update Policy No Reboot** | Use this option to allow future WDAC policy updates to apply without requiring a system reboot. |
diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
index d6e8fa89a5..cc4ad5d2e3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
@@ -43,7 +43,7 @@ Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the
 Lamna uses [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) (MEM) in hybrid mode with both Configuration Manager (MEMCM) and Intune. Although they use MEM to deploy many applications, Lamna has always had very relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender Advanced Threat Protection](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (MDATP) for better endpoint detection and response.
 
 > [!NOTE]
-> Microsoft Endpoint Configuration Manager was previously known as System Center Configuration Manager (SCCM) 
+> Microsoft Endpoint Configuration Manager was previously known as Microsoft Endpoint Configuration Manager (SCCM) 
 
 Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an application control policy. In response, Lamna's executive board has authorized a number of new security IT responses, including tightening policies for application use and introducing application control.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index 87a4942ff4..6b431212ee 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -48,7 +48,7 @@ The first step is to define the desired "circle-of-trust" for your WDAC policies
 
 For example, the DefaultWindows policy, which can be found under %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies, establishes a "circle-of-trust" that allows Windows, 3rd-party hardware and software kernel drivers, and applications from the Microsoft Store.
 
-Microsoft Endpoint Configuration Manager (previously known as System Center Configuration Manager (SCCM)), uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow SCCM and its dependencies, sets the managed installer policy rule, and additionally configures SCCM as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the SCCM administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for SCCM's native WDAC integration.
+Microsoft Endpoint Configuration Manager (previously known as Microsoft Endpoint Configuration Manager (SCCM)), uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow SCCM and its dependencies, sets the managed installer policy rule, and additionally configures SCCM as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the SCCM administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for SCCM's native WDAC integration.
 
 The following questions can help you plan your WDAC deployment and determine the right "circle-of-trust" for your policies. They are not in priority or sequential order and are not meant to be an exhaustive set of design considerations.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
index 22df45d2a2..1990f0a738 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -38,7 +38,7 @@ After that initial download and installation, the WDAC component will check for
 The reputation data on the client is rechecked periodically and enterprises can also specify that any cached reputation results are flushed on reboot.    
 
 >[!NOTE]
->Admins needs to ensure that there is a WDAC policy in place to allow the system to boot and run any other authorized applications that may not be classified as being known good by the Intelligent Security Graph, for example custom line-of-business (LOB) apps. Since the Intelligent Security Graph is powered by global prevalence data, internal LOB apps may not be recognized as being known good. Other mechanisms like managed installer and explicit rules will help cover internal applications. Both System Center Configuration Manager (SCCM) and Microsoft Intune can be used to create and push a WDAC policy to your client machines.  
+>Admins needs to ensure that there is a WDAC policy in place to allow the system to boot and run any other authorized applications that may not be classified as being known good by the Intelligent Security Graph, for example custom line-of-business (LOB) apps. Since the Intelligent Security Graph is powered by global prevalence data, internal LOB apps may not be recognized as being known good. Other mechanisms like managed installer and explicit rules will help cover internal applications. Both Microsoft Endpoint Configuration Manager (SCCM) and Microsoft Intune can be used to create and push a WDAC policy to your client machines.  
 
 Other examples of WDAC policies are available in C:\Windows\schemas\CodeIntegrity\ExamplePolicies and can help authorize Windows OS components, WHQL signed drivers and all Store apps. Admins can reference and customize them as needed for their Windows Defender Application Control deployment or [create a custom WDAC policy](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy). 
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md
index e22de90c86..c3a6983cd6 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md
@@ -1,6 +1,6 @@
 ---
 title: Authorize apps deployed with a WDAC managed installer (Windows 10)
-description: Explains how you can use a managed installer to automatically authorize applications deployed and installed by a designated software distribution solution, such as System Center Configuration Manager. 
+description: Explains how you can use a managed installer to automatically authorize applications deployed and installed by a designated software distribution solution, such as Microsoft Endpoint Configuration Manager. 
 keywords: whitelisting, security, malware
 ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
 ms.prod: w10
@@ -28,7 +28,7 @@ ms.date: 06/13/2018
 Creating and maintaining application execution control policies has always been challenging, and finding ways to address this issue has been a frequently-cited request for customers of AppLocker and Windows Defender Application Control (WDAC). 
 This is especially true for enterprises with large, ever changing software catalogs. 
 
-Windows 10, version 1703 (also known as the Windows 10 Creators Update) provides a new option, known as a managed installer, that allows IT administrators to automatically authorize applications deployed and installed by a designated software distribution solution, such as System Center Configuration Manager. 
+Windows 10, version 1703 (also known as the Windows 10 Creators Update) provides a new option, known as a managed installer, that allows IT administrators to automatically authorize applications deployed and installed by a designated software distribution solution, such as Microsoft Endpoint Configuration Manager. 
 A managed installer helps an IT admin balance security and manageability requirements when employing application execution control policies by providing an option that does not require specifying explicit rules for software that is being managed through a software distribution solution.
 
 ## How does a managed installer work?
@@ -159,7 +159,7 @@ Specify `-mionly` if you will not use the Intelligent Security Graph (ISG).
 ## Security considerations with managed installer
 
 Since managed installer is a heuristic-based mechanism, it does not provide the same security guarantees that explicit allow or deny rules do. 
-It is best suited for deployment to systems where each user is configured as a standard user and where all software is deployed and installed by a software distribution solution, such as System Center Configuration Manager. 
+It is best suited for deployment to systems where each user is configured as a standard user and where all software is deployed and installed by a software distribution solution, such as  Microsoft Endpoint Configuration Manager. 
 
 Users with administrator privileges or malware running as an administrator user on the system may be able to circumvent the intent of Windows Defender Application Control when the managed installer option is allowed. 
 If the authorized managed installer process performs installations in the context of a user with standard privileges, then it is possible that standard users or malware running as standard user may be able to circumvent the intent of Windows Defender Application Control. 
diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
index 9496c86d29..e514735967 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
@@ -41,4 +41,4 @@ Your environment needs the following software to run Windows Defender Applicatio
 |--------|-----------|
 |Operating system|Windows 10 Enterprise edition, version 1709 or higher<br>Windows 10 Professional edition, version 1803 or higher<br>Windows 10 Professional for Workstations edition, version 1803 or higher<br>Windows 10 Professional Education edition version 1803 or higher<br>Windows 10 Education edition, version 1903 or higher<br>Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. |
 |Browser|Microsoft Edge and Internet Explorer|
-|Management system<br> (only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)<br><br>**-OR-**<br><br>[System Center Configuration Manager](https://docs.microsoft.com/sccm/)<br><br>**-OR-**<br><br>[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)<br><br>**-OR-**<br><br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.|
+|Management system<br> (only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)<br><br>**-OR-**<br><br>[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/)<br><br>**-OR-**<br><br>[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)<br><br>**-OR-**<br><br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.|
diff --git a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md b/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
index aa8c80886a..390bee5992 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
@@ -32,9 +32,9 @@ If an employee goes to an untrusted site through either Microsoft Edge or Intern
 
 Application Guard has been created to target several types of systems:
 
-- **Enterprise desktops.** These desktops are domain-joined and managed by your organization. Configuration management is primarily done through System Center Configuration Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wired, corporate network.
+- **Enterprise desktops.** These desktops are domain-joined and managed by your organization. Configuration management is primarily done through Microsoft Endpoint Configuration Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wired, corporate network.
 
-- **Enterprise mobile laptops.** These laptops are domain-joined and managed by your organization. Configuration management is primarily done through System Center Configuration Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wireless, corporate network.
+- **Enterprise mobile laptops.** These laptops are domain-joined and managed by your organization. Configuration management is primarily done through Microsoft Endpoint Configuration Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wireless, corporate network.
 
 - **Bring your own device (BYOD) mobile laptops.** These personally-owned laptops are not domain-joined, but are managed by your organization through tools, such as Microsoft Intune. The employee is typically an admin on the device and uses a high-bandwidth wireless corporate network while at work and a comparable personal network while at home.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
index 2669eb3ab6..16cf8c2443 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
@@ -24,7 +24,7 @@ manager: dansimp
 - Windows 10, version 1703 and later
 
 
-The **Device performance & health** section contains information about hardware, devices, and drivers related to the machine. IT administrators and IT pros should reference the appropriate documentation library for the issues they are seeing, such as the [configure the Load and unload device drivers security policy setting](https://docs.microsoft.com/windows/device-security/security-policy-settings/load-and-unload-device-drivers) and how to [deploy drivers during Windows 10 deployment using System Center Configuration Manager](https://docs.microsoft.com/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager).
+The **Device performance & health** section contains information about hardware, devices, and drivers related to the machine. IT administrators and IT pros should reference the appropriate documentation library for the issues they are seeing, such as the [configure the Load and unload device drivers security policy setting](https://docs.microsoft.com/windows/device-security/security-policy-settings/load-and-unload-device-drivers) and how to [deploy drivers during Windows 10 deployment using Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager).
 
 The [Windows 10 IT pro troubleshooting topic](https://docs.microsoft.com/windows/client-management/windows-10-support-solutions), and the main [Windows 10 documentation library](https://docs.microsoft.com/windows/windows-10/) can also be helpful for resolving issues.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
index 875fd5bfae..b8a43788fb 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
@@ -47,7 +47,7 @@ You can only use Group Policy to change these settings.
 
 ## Use Group Policy to hide non-critical notifications
 
-You can hide notifications that describe regular events related to the health and security of the machine. These are notifications that do not require an action from the machine's user. It can be useful to hide these notifications if you find they are too numerours or you have other status reporting on a larger scale (such as Update Compliance or System Center Configuration Manager reporting).
+You can hide notifications that describe regular events related to the health and security of the machine. These are notifications that do not require an action from the machine's user. It can be useful to hide these notifications if you find they are too numerours or you have other status reporting on a larger scale (such as Update Compliance or Microsoft Endpoint Configuration Manager reporting).
 
 This can only be done in Group Policy.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
index af8816db71..4938625700 100644
--- a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
+++ b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
@@ -72,7 +72,7 @@ You can find more information about each section, including options for configur
     ![Screen shot of Windows Settings showing the different areas available in the Windows Security](images/settings-windows-defender-security-center-areas.png)
 
 > [!NOTE]
-> Settings configured with management tools, such as Group Policy, Microsoft Intune, or System Center Configuration Manager, will generally take precedence over the settings in the Windows Security. See the topics for each of the sections for links to configuring the associated features or products.
+> Settings configured with management tools, such as Group Policy, Microsoft Intune, or Microsoft Endpoint Configuration Manager, will generally take precedence over the settings in the Windows Security. See the topics for each of the sections for links to configuring the associated features or products.
 
 ## How the Windows Security app works with Windows security features
 
@@ -98,7 +98,7 @@ The Windows Security app operates as a separate app or process from each of the
 
 It acts as a collector or single place to see the status and perform some configuration for each of the features.
 
-Disabling any of the individual features (through Group Policy or other management tools, such as System Center Configuration Manager) will prevent that feature from reporting its status in the Windows Security app. The Windows Security app itself will still run and show status for the other security features.
+Disabling any of the individual features (through Group Policy or other management tools, such as Microsoft Endpoint Configuration Manager) will prevent that feature from reporting its status in the Windows Security app. The Windows Security app itself will still run and show status for the other security features.
 
 > [!IMPORTANT]
 > Individually disabling any of the services will not disable the other services or the Windows Security app.
diff --git a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
index a7def9d5fd..cba2a4eb17 100644
--- a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
+++ b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
@@ -82,5 +82,5 @@ As Windows 10 boots, a series of integrity measurements are taken by Windows Def
 
 ![Boot time integrity](images/windows-defender-system-guard-boot-time-integrity.png)
 
-After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or System Center Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
+After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or Microsoft Endpoint Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
 
diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md
index d91fbb98a5..a17ad45ab9 100644
--- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md
+++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md
@@ -83,5 +83,5 @@ As Windows 10 boots, a series of integrity measurements are taken by Windows Def
 
 ![Boot time integrity](images/windows-defender-system-guard-boot-time-integrity.png)
 
-After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or System Center Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
+After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or Microsoft Endpoint Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
 
diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 30b70df2a4..34077fff4c 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -51,7 +51,7 @@ In modern organizations, the security threat landscape is constantly evolving, a
 
 You can use security baselines to: 
 -   Ensure that user and device configuration settings are compliant with the baseline. 
--   Set configuration settings. For example, you can use Group Policy, System Center Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline. 
+-   Set configuration settings. For example, you can use Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline. 
 
 ## Where can I get the security baselines? 
 
@@ -73,7 +73,7 @@ You may also be interested in this msdn channel 9 video:
 
 ## See Also
 
--   [System Center Configuration Manager (SCCM)](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
+-   [Microsoft Endpoint Configuration Manager (SCCM)](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
 -   [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
 -   [Configuration Management for Nano Server](https://blogs.technet.microsoft.com/grouppolicy/2016/05/09/configuration-management-on-servers/)
 -   [Microsoft Security Guidance Blog](https://blogs.technet.microsoft.com/secguide/)
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
index 6ef956ed10..175026482e 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
@@ -40,7 +40,7 @@ The toolkit supports formats created by the Windows GPO backup feature (.pol, .i
 
 Not yet. PowerShell-based DSC is rapidly gaining popularity, and more DSC tools are coming online to convert GPOs and DSC and to validate system configuration. We are currently developing a tool to provide customers with these features.
 
-**Does SCT support the creation of System Center Configuration Manager (SCCM) DCM packs?**
+**Does SCT support the creation of Microsoft Endpoint Configuration Manager (SCCM) DCM packs?**
 
 No. A potential alternative is Desired State Configuration (DSC), a feature of the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=40855). A tool that supports conversion of GPO backups to DSC format can be found [here](https://github.com/Microsoft/BaselineManagement).
 
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index 723c0bfe49..29c80c909e 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -51,7 +51,7 @@ In modern organizations, the security threat landscape is constantly evolving, a
 
 You can use security baselines to: 
 -   Ensure that user and device configuration settings are compliant with the baseline. 
--   Set configuration settings. For example, you can use Group Policy, System Center Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline. 
+-   Set configuration settings. For example, you can use Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline. 
 
 ## Where can I get the security baselines? 
 
@@ -73,7 +73,7 @@ You may also be interested in this msdn channel 9 video:
 
 ## See Also
 
--   [System Center Configuration Manager (SCCM)](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
+-   [Microsoft Endpoint Configuration Manager (SCCM)](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
 -   [Azure Monitor](https://docs.microsoft.com/azure/azure-monitor/)
 -   [Microsoft Security Guidance Blog](https://blogs.technet.microsoft.com/secguide/)
 -   [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 3749ad2dce..3453b80131 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -34,11 +34,11 @@ With Windows 10, you can create provisioning packages that let you quickly and e
 
 ## Security
 
-### Applocker
+### AppLocker
 
-Applocker was available for Windows 8.1, and is improved with Windows 10. See [Requirements to use AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md) for a list of operating system requirements.
+AppLocker was available for Windows 8.1, and is improved with Windows 10. See [Requirements to use AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md) for a list of operating system requirements.
 
-Enhancements to Applocker in Windows 10 include:
+Enhancements to AppLocker in Windows 10 include:
 
 -   A new parameter was added to the [New-AppLockerPolicy](https://technet.microsoft.com/library/hh847211.aspx) Windows PowerShell cmdlet that lets you choose whether executable and DLL rule collections apply to non-interactive processes. To enable this, set the **ServiceEnforcement** to **Enabled**.
 -   A new [AppLocker](https://msdn.microsoft.com/library/windows/hardware/dn920019.aspx) configuration service provider was add to allow you to enable AppLocker rules by using an MDM server.
@@ -46,9 +46,9 @@ Enhancements to Applocker in Windows 10 include:
 
 [Learn how to manage AppLocker within your organization](/windows/device-security/applocker/applocker-overview).
 
-### Bitlocker
+### BitLocker
 
-Enhancements to Applocker in Windows 10 include:
+Enhancements to AppLocker in Windows 10 include:
 
 -   **Encrypt and recover your device with Azure Active Directory**. In addition to using a Microsoft Account, automatic [Device Encryption](https://technet.microsoft.com/itpro/windows/keep-secure/windows-10-security-guide#device-encryption) can now encrypt your devices that are joined to an Azure Active Directory domain. When the device is encrypted, the BitLocker recovery key is automatically escrowed to Azure Active Directory. This will make it easier to recover your BitLocker key online.
 -   **DMA port protection**. You can use the [DataProtection/AllowDirectMemoryAccess](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#dataprotection-allowdirectmemoryaccess) MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
@@ -60,11 +60,11 @@ Enhancements to Applocker in Windows 10 include:
 
 For Windows 10-based devices, you can use your MDM server to directly deploy client authentication certificates using Personal Information Exchange (PFX), in addition to enrolling using Simple Certificate Enrollment Protocol (SCEP), including certificates to enable Windows Hello for Business in your enterprise. You'll be able to use MDM to enroll, renew, and delete certificates. As in Windows Phone 8.1, you can use the [Certificates app](https://go.microsoft.com/fwlink/p/?LinkId=615824) to review the details of certificates on your device. [Learn how to install digital certificates on Windows 10 Mobile.](/windows/access-protection/installing-digital-certificates-on-windows-10-mobile)
 
-### Windows Live ID
+### Microsoft Passport
 
-In Windows 10, [Windows Live ID service](/windows/access-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN.
+In Windows 10, [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN.
 
-Windows Live ID service lets users authenticate to a Microsoft account, an Active Directory account, a Microsoft Azure Active Directory (AD) account, or non-Microsoft service that supports Fast ID Online (FIDO) authentication. After an initial two-step verification during Windows Live ID service enrollment, a Windows Live ID service is set up on the user's device and the user sets a gesture, which can be Windows Hello or a PIN. The user provides the gesture to verify identity; Windows then uses Windows Live ID service to authenticate users and help them to access protected resources and services.
+Microsoft Passport lets users authenticate to a Microsoft account, an Active Directory account, a Microsoft Azure Active Directory (AD) account, or non-Microsoft service that supports Fast ID Online (FIDO) authentication. After an initial two-step verification during Microsoft Passport enrollment, a Microsoft Passport is set up on the user's device and the user sets a gesture, which can be Windows Hello or a PIN. The user provides the gesture to verify identity; Windows then uses Microsoft Passport to authenticate users and help them to access protected resources and services.
 
 ### Security auditing
 
@@ -174,7 +174,7 @@ Event ID 6416 has been added to track when an external device is detected throug
 
 The following sections describe the new and changed functionality in the TPM for Windows 10:
 -   [Device health attestation](#bkmk-dha)
--   [Windows Live ID](/windows/access-protection/hello-for-business/hello-identity-verification) support
+-   [Microsoft Passport](/windows/access-protection/hello-for-business/hello-identity-verification) support
 -   [Device Guard](/windows/device-security/device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies) support
 -   [Credential Guard](/windows/access-protection/credential-guard/credential-guard) support
 
@@ -212,7 +212,7 @@ Windows 10 provides a set of VPN features that both increase enterprise security
 - App=triggered VPN
 - VPN traffic filters
 - Lock down VPN
-- Integration with Windows Live ID for Work
+- Integration with Microsoft Passport for Work
 
 [Learn more about the VPN options in Windows 10.](/windows/access-protection/vpn/vpn-profile-options)
 
@@ -270,7 +270,7 @@ A standard Start layout can be useful on devices that are common to multiple use
 
 Administrators can also use mobile device management (MDM) or Group Policy to disable the use of [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight).
 
-## Updates
+## Updates 
 
 Windows Update for Business enables information technology administrators to keep the Windows 10-based devices in their organization always up to date with the latest security defenses and Windows features by directly connecting these systems to Microsoft’s Windows Update service.
 
@@ -280,7 +280,7 @@ By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279
 
 -   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
 
--   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility + Security E3](https://go.microsoft.com/fwlink/p/?LinkId=699281).
+-   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
 
 Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2016.md b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
index 683b980e8f..727cc608be 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2016.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
@@ -1,178 +1,179 @@
----
-title: What's new in Windows 10 Enterprise 2016 LTSC
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-description: New and updated IT Pro content about new features in Windows 10 Enterprise 2016 LTSC (also known as Windows 10 Enterprise 2016 LTSB).
-keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 Enterprise 2016 LTSC"]
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.localizationpriority: low
-ms.topic: article
----
-
-# What's new in Windows 10 Enterprise 2016 LTSC
-
-**Applies to**
--   Windows 10 Enterprise 2016 LTSC
-
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise 2016 LTSC (LTSB), compared to Windows 10 Enterprise 2015 LTSC (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](index.md).
-
->[!NOTE]
->Features in Windows 10 Enterprise 2016 LTSC are equivalent to Windows 10, version 1607.
-
-## Deployment
-
-### Windows Imaging and Configuration Designer (ICD)
-
-In previous versions of the Windows 10 Assessment and Deployment Kit (ADK), you had to install additional features for Windows ICD to run. Starting in this version of Windows 10, you can install just the configuration designer component independent of the rest of the imaging components. [Install the ADK.](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit)
-
-Windows ICD now includes simplified workflows for creating provisioning packages:
-
-- [Simple provisioning to set up common settings for Active Directory-joined devices](/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment)
-- [Advanced provisioning to deploy certificates and apps](/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates)
-- [School provisioning to set up classroom devices for Active Directory](https://technet.microsoft.com/edu/windows/set-up-students-pcs-to-join-domain)
-
-[Learn more about using provisioning packages in Windows 10.](/windows/configuration/provisioning-packages/provisioning-packages)
-
-### Windows Upgrade Readiness
-
->[!IMPORTANT]
->Upgrade Readiness will not allow you to assess an upgrade to an LTSC release (LTSC builds are not available as target versions). However, you can enroll devices running LTSC to plan for an upgrade to a semi-annual channel release.
-
-Microsoft developed Upgrade Readiness in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Upgrade Readiness was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
-
-With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft.
-
-Use Upgrade Readiness to get:
-
-- A visual workflow that guides you from pilot to production
-- Detailed computer and application inventory
-- Powerful computer level search and drill-downs
-- Guidance and insights into application and driver compatibility issues, with suggested fixes
-- Data driven application rationalization tools
-- Application usage information, allowing targeted validation; workflow to track validation progress and decisions
-- Data export to commonly used software deployment tools
-
-The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are upgrade-ready.
-
-[Learn more about planning and managing Windows upgrades with Windows Upgrade Readiness.](/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness)
-
-## Security
-
-### Credential Guard and Device Guard
-
-Isolated User Mode is now included with Hyper-V so you don't have to install it separately.
-
-### Windows Hello for Business
-
-When Windows 10 first shipped, it included Microsoft Passport and Windows Hello, which worked together to provide multi-factor authentication. To simplify deployment and improve supportability, Microsoft has combined these technologies into a single solution under the Windows Hello name in this version of Windows 10. Customers who have already deployed Microsoft Passport for Work will not experience any change in functionality. Customers who have yet to evaluate Windows Hello will find it easier to deploy due to simplified policies, documentation, and semantics.
-
-Additional changes for Windows Hello in Windows 10 Enterprise 2016 LTSC:
-
-- Personal (Microsoft account) and corporate (Active Directory or Azure AD) accounts use a single container for keys.
-- Group Policy settings for managing Windows Hello for Business are now available for both **User Configuration** and **Computer Configuration**.
-- Beginning in this version of Windows 10, Windows Hello as a convenience PIN is disabled by default on all domain-joined computers. To enable a convenience PIN, enable the Group Policy setting **Turn on convenience PIN sign-in**. 
-<!--- Users can use Windows Phone with Windows Hello to sign in to a PC, connect to VPN, and sign in to Office 365 in a browser.-->
-
-[Learn more about Windows Hello for Business.](/windows/access-protection/hello-for-business/hello-identity-verification)
-
-### Bitlocker
-
-#### New Bitlocker features
-
-- **XTS-AES encryption algorithm**. BitLocker now supports the XTS-AES encryption algorithm. XTS-AES provides additional protection from a class of attacks on encryption that rely on manipulating cipher text to cause predictable changes in plain text. BitLocker supports both 128-bit and 256-bit XTS-AES keys.
-  It provides the following benefits:
-  - The algorithm is FIPS-compliant.
-  - Easy to administer. You can use the BitLocker Wizard, manage-bde, Group Policy, MDM policy, Windows PowerShell, or WMI to manage it on devices in your organization.
-    >**Note:**  Drives encrypted with XTS-AES will not be accessible on older version of Windows. This is only recommended for fixed and operating system drives. Removable drives should continue to use the AES-CBC 128-bit or AES-CBC 256-bit algorithms.
-
-### Security auditing
-
-#### New Security auditing features
-
--   The [WindowsSecurityAuditing](https://go.microsoft.com/fwlink/p/?LinkId=690517) and [Reporting](https://go.microsoft.com/fwlink/p/?LinkId=690525) configuration service providers allow you to add security audit policies to mobile devices.
-
-### Trusted Platform Module
-
-#### New TPM features
-
--   Key Storage Providers (KSPs) and srvcrypt support elliptical curve cryptography (ECC).
-
-### Windows Information Protection (WIP), formerly known as enterprise data protection (EDP)
-
-With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage.
-
-Windows Information Protection (WIP) helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps.
-
-- [Create a Windows Information Protection (WIP) policy](https://technet.microsoft.com/itpro/windows/keep-secure/overview-create-wip-policy)
-- [General guidance and best practices for Windows Information Protection (WIP)](https://technet.microsoft.com/itpro/windows/keep-secure/guidance-and-best-practices-wip)
-
-[Learn more about Windows Information Protection (WIP)](https://technet.microsoft.com/itpro/windows/keep-secure/protect-enterprise-data-using-wip)
-
-### Windows Defender
-
-Several new features and management options have been added to Windows Defender in this version of Windows 10.
-
-- [Windows Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media.
-- [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus) to configure options and run scans.
-- [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware.
-- [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus) to see more information about threat detections and removal.
-- [Run a Windows Defender scan from the command line](/windows/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus).
-- [Detect and block Potentially Unwanted Applications with Windows Defender](/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus) during download and install times.
-
-### Windows Defender Advanced Threat Protection (ATP)
-
-With the growing threat from more sophisticated targeted attacks, a new security solution is imperative in securing an increasingly complex network ecosystem. Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service, built into Windows 10 that enables enterprise customers detect, investigate, and respond to advanced threats on their networks.
-
-[Learn more about Windows Defender Advanced Threat Protection (ATP)](/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection).
-
-### VPN security
-
-- The VPN client can integrate with the Conditional Access Framework, a cloud-based policy engine built into Azure Active Directory, to provide a device compliance option for remote clients.
-- The VPN client can integrate with Windows Information Protection (WIP) policy to provide additional security. [Learn more about Windows Information Protection](/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip), previously known as Enterprise Data Protection.
-- New VPNv2 configuration service provider (CSP) adds configuration settings. For details, see [What's new in MDM enrollment and management](https://msdn.microsoft.com/library/windows/hardware/mt299056%28v=vs.85%29.aspx#whatsnew_1607)
-- Microsoft Intune: *VPN Profile (Windows 10 Desktop and Mobile and later)* policy template includes support for native VPN plug-ins.
-
-## Management
-
-### Use Remote Desktop Connection for PCs joined to Azure Active Directory
-
-From its release, Windows 10 has supported remote connections to PCs that are joined to Active Directory. Starting in this version of Windows 10, you can also connect to a remote PC that is joined to Azure Active Directory (Azure AD). [Learn about the requirements and supported configurations.](/windows/client-management/connect-to-remote-aadj-pc)
-
-### Taskbar configuration
-
-Enterprise administrators can add and remove pinned apps from the taskbar. Users can pin apps, unpin apps, and change the order of pinned apps on the taskbar after the enterprise configuration is applied. [Learn how to configure the taskbar.](/windows/configuration/windows-10-start-layout-options-and-policies)
-
-### Mobile device management and configuration service providers (CSPs)
-
-Numerous settings have been added to the Windows 10 CSPs to expand MDM capabilities for managing devices. To learn more about the specific changes in MDM policies for this version of Windows 10, see [What's new in MDM enrollment and management](https://msdn.microsoft.com/library/windows/hardware/mt299056%28v=vs.85%29.aspx#whatsnew_1607).
-
-### Shared PC mode
-
-This version of Windows 10, introduces shared PC mode, which optimizes Windows 10 for shared use scenarios, such as touchdown spaces in an enterprise and temporary customer use in retail. You can apply shared PC mode to Windows 10 Pro, Education, and Enterprise. [Learn how to set up a shared or guest PC.](/windows/configuration/set-up-shared-or-guest-pc)
-
-### Application Virtualization (App-V) for Windows 10
-
-Application Virtualization (App-V) enables organizations to deliver Win32 applications to users as virtual applications. Virtual applications are installed on centrally managed servers and delivered to users as a service – in real time and on as as-needed basis. Users launch virtual applications from familiar access points, including the Microsoft Store, and interact with them as if they were installed locally.
-
-With the release of this version of Windows 10, App-V is included with the Windows 10 for Enterprise edition. If you are new to Windows 10 and App-V or if you're upgrading from a previous version of App-V, you’ll need to download, activate, and install server- and client-side components to start delivering virtual applications to users. 
-
-[Learn how to deliver virtual applications with App-V.](/windows/application-management/app-v/appv-getting-started)
-
-### User Experience Virtualization (UE-V) for Windows 10
-
-Many users customize their settings for Windows and for specific applications. Customizable Windows settings include Microsoft Store appearance, language, background picture, font size, and accent colors. Customizable application settings include language, appearance, behavior, and user interface options. 
-
-With User Experience Virtualization (UE-V), you can capture user-customized Windows and application settings and store them on a centrally managed network file share. When users log on, their personalized settings are applied to their work session, regardless of which device or virtual desktop infrastructure (VDI) sessions they log on to.
-
-With the release of this version of Windows 10, UE-V is included with the Windows 10 for Enterprise edition. If you are new to Windows 10 and UE-V or upgrading from a previous version of UE-V, you’ll need to download, activate, and install server- and client-side components to start synchronizing user-customized settings across devices. 
-
-[Learn how to synchronize user-customized settings with UE-V.](/windows/configuration/ue-v/uev-for-windows)
-
-## See Also
-
-[Windows 10 Enterprise LTSC](index.md): A description of the LTSC servicing channel with links to information about each release.
-
+---
+title: What's new in Windows 10 Enterprise 2016 LTSC
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+description: New and updated IT Pro content about new features in Windows 10 Enterprise 2016 LTSC (also known as Windows 10 Enterprise 2016 LTSB).
+keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 Enterprise 2016 LTSC"]
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.localizationpriority: low
+ms.topic: article
+---
+
+# What's new in Windows 10 Enterprise 2016 LTSC
+
+**Applies to**
+-   Windows 10 Enterprise 2016 LTSC
+
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10 Enterprise 2016 LTSC (LTSB), compared to Windows 10 Enterprise 2015 LTSC (LTSB). For a brief description of the LTSC servicing channel, see [Windows 10 Enterprise LTSC](index.md).
+
+>[!NOTE]
+>Features in Windows 10 Enterprise 2016 LTSC are equivalent to Windows 10, version 1607.
+
+## Deployment
+
+### Windows Imaging and Configuration Designer (ICD)
+
+In previous versions of the Windows 10 Assessment and Deployment Kit (ADK), you had to install additional features for Windows ICD to run. Starting in this version of Windows 10, you can install just the configuration designer component independent of the rest of the imaging components. [Install the ADK.](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit)
+
+Windows ICD now includes simplified workflows for creating provisioning packages:
+
+- [Simple provisioning to set up common settings for Active Directory-joined devices](/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment)
+- [Advanced provisioning to deploy certificates and apps](/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates)
+- [School provisioning to set up classroom devices for Active Directory](https://technet.microsoft.com/edu/windows/set-up-students-pcs-to-join-domain)
+
+[Learn more about using provisioning packages in Windows 10.](/windows/configuration/provisioning-packages/provisioning-packages)
+
+### Windows Upgrade Readiness
+
+>[!IMPORTANT]
+>Upgrade Readiness will not allow you to assess an upgrade to an LTSC release (LTSC builds are not available as target versions). However, you can enroll devices running LTSC to plan for an upgrade to a semi-annual channel release.
+
+Microsoft developed Upgrade Readiness in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Upgrade Readiness was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
+
+With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft.
+
+Use Upgrade Readiness to get:
+
+- A visual workflow that guides you from pilot to production
+- Detailed computer and application inventory
+- Powerful computer level search and drill-downs
+- Guidance and insights into application and driver compatibility issues, with suggested fixes
+- Data driven application rationalization tools
+- Application usage information, allowing targeted validation; workflow to track validation progress and decisions
+- Data export to commonly used software deployment tools
+
+The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are upgrade-ready.
+
+[Learn more about planning and managing Windows upgrades with Windows Upgrade Readiness.](/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness)
+
+## Security
+
+### Credential Guard and Device Guard
+
+Isolated User Mode is now included with Hyper-V so you don't have to install it separately.
+
+### Windows Hello for Business
+
+When Windows 10 first shipped, it included Microsoft Passport and Windows Hello, which worked together to provide multi-factor authentication. To simplify deployment and improve supportability, Microsoft has combined these technologies into a single solution under the Windows Hello name in this version of Windows 10. Customers who have already deployed Microsoft Passport for Work will not experience any change in functionality. Customers who have yet to evaluate Windows Hello will find it easier to deploy due to simplified policies, documentation, and semantics.
+
+Additional changes for Windows Hello in Windows 10 Enterprise 2016 LTSC:
+
+- Personal (Microsoft account) and corporate (Active Directory or Azure AD) accounts use a single container for keys.
+- Group Policy settings for managing Windows Hello for Business are now available for both **User Configuration** and **Computer Configuration**.
+- Beginning in this version of Windows 10, Windows Hello as a convenience PIN is disabled by default on all domain-joined computers. To enable a convenience PIN, enable the Group Policy setting **Turn on convenience PIN sign-in**. 
+<!--- Users can use Windows Phone with Windows Hello to sign in to a PC, connect to VPN, and sign in to Office 365 in a browser.-->
+
+[Learn more about Windows Hello for Business.](/windows/access-protection/hello-for-business/hello-identity-verification)
+
+### BitLocker
+
+#### New BitLocker features
+
+- **XTS-AES encryption algorithm**. BitLocker now supports the XTS-AES encryption algorithm. XTS-AES provides additional protection from a class of attacks on encryption that rely on manipulating cipher text to cause predictable changes in plain text. BitLocker supports both 128-bit and 256-bit XTS-AES keys.
+  It provides the following benefits:
+  - The algorithm is FIPS-compliant.
+  - Easy to administer. You can use the BitLocker Wizard, manage-bde, Group Policy, MDM policy, Windows PowerShell, or WMI to manage it on devices in your organization.
+    >**Note:**  Drives encrypted with XTS-AES will not be accessible on older version of Windows. This is only recommended for fixed and operating system drives. Removable drives should continue to use the AES-CBC 128-bit or AES-CBC 256-bit algorithms.
+
+### Security auditing
+
+#### New Security auditing features
+
+-   The [WindowsSecurityAuditing](https://go.microsoft.com/fwlink/p/?LinkId=690517) and [Reporting](https://go.microsoft.com/fwlink/p/?LinkId=690525) configuration service providers allow you to add security audit policies to mobile devices.
+
+### Trusted Platform Module
+
+#### New TPM features
+
+-   Key Storage Providers (KSPs) and srvcrypt support elliptical curve cryptography (ECC).
+
+### Windows Information Protection (WIP), formerly known as enterprise data protection (EDP)
+
+With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage.
+
+Windows Information Protection (WIP) helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps.
+
+- [Create a Windows Information Protection (WIP) policy](https://technet.microsoft.com/itpro/windows/keep-secure/overview-create-wip-policy)
+- [General guidance and best practices for Windows Information Protection (WIP)](https://technet.microsoft.com/itpro/windows/keep-secure/guidance-and-best-practices-wip)
+
+[Learn more about Windows Information Protection (WIP)](https://technet.microsoft.com/itpro/windows/keep-secure/protect-enterprise-data-using-wip)
+
+### Windows Defender
+
+Several new features and management options have been added to Windows Defender in this version of Windows 10.
+
+- [Windows Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media.
+- [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus) to configure options and run scans.
+- [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware.
+- [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus) to see more information about threat detections and removal.
+- [Run a Windows Defender scan from the command line](/windows/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus).
+- [Detect and block Potentially Unwanted Applications with Windows Defender](/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus) during download and install times.
+
+### Windows Defender Advanced Threat Protection (ATP)
+
+With the growing threat from more sophisticated targeted attacks, a new security solution is imperative in securing an increasingly complex network ecosystem. Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service, built into Windows 10 that enables enterprise customers detect, investigate, and respond to advanced threats on their networks.
+
+[Learn more about Windows Defender Advanced Threat Protection (ATP)](/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection).
+
+### VPN security
+
+- The VPN client can integrate with the Conditional Access Framework, a cloud-based policy engine built into Azure Active Directory, to provide a device compliance option for remote clients.
+- The VPN client can integrate with Windows Information Protection (WIP) policy to provide additional security. [Learn more about Windows Information Protection](/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip), previously known as Enterprise Data Protection.
+- New VPNv2 configuration service provider (CSP) adds configuration settings. For details, see [What's new in MDM enrollment and management](https://msdn.microsoft.com/library/windows/hardware/mt299056%28v=vs.85%29.aspx#whatsnew_1607)
+- Microsoft Intune: *VPN Profile (Windows 10 Desktop and Mobile and later)* policy template includes support for native VPN plug-ins.
+
+## Management
+
+### Use Remote Desktop Connection for PCs joined to Azure Active Directory
+
+From its release, Windows 10 has supported remote connections to PCs that are joined to Active Directory. Starting in this version of Windows 10, you can also connect to a remote PC that is joined to Azure Active Directory (Azure AD). [Learn about the requirements and supported configurations.](/windows/client-management/connect-to-remote-aadj-pc)
+
+### Taskbar configuration
+
+Enterprise administrators can add and remove pinned apps from the taskbar. Users can pin apps, unpin apps, and change the order of pinned apps on the taskbar after the enterprise configuration is applied. [Learn how to configure the taskbar.](/windows/configuration/windows-10-start-layout-options-and-policies)
+
+### Mobile device management and configuration service providers (CSPs)
+
+Numerous settings have been added to the Windows 10 CSPs to expand MDM capabilities for managing devices. To learn more about the specific changes in MDM policies for this version of Windows 10, see [What's new in MDM enrollment and management](https://msdn.microsoft.com/library/windows/hardware/mt299056%28v=vs.85%29.aspx#whatsnew_1607).
+
+### Shared PC mode
+
+This version of Windows 10, introduces shared PC mode, which optimizes Windows 10 for shared use scenarios, such as touchdown spaces in an enterprise and temporary customer use in retail. You can apply shared PC mode to Windows 10 Pro, Education, and Enterprise. [Learn how to set up a shared or guest PC.](/windows/configuration/set-up-shared-or-guest-pc)
+
+### Application Virtualization (App-V) for Windows 10
+
+Application Virtualization (App-V) enables organizations to deliver Win32 applications to users as virtual applications. Virtual applications are installed on centrally managed servers and delivered to users as a service – in real time and on as as-needed basis. Users launch virtual applications from familiar access points, including the Microsoft Store, and interact with them as if they were installed locally.
+
+With the release of this version of Windows 10, App-V is included with the Windows 10 for Enterprise edition. If you are new to Windows 10 and App-V or if you're upgrading from a previous version of App-V, you’ll need to download, activate, and install server- and client-side components to start delivering virtual applications to users. 
+
+[Learn how to deliver virtual applications with App-V.](/windows/application-management/app-v/appv-getting-started)
+
+### User Experience Virtualization (UE-V) for Windows 10
+
+Many users customize their settings for Windows and for specific applications. Customizable Windows settings include Microsoft Store appearance, language, background picture, font size, and accent colors. Customizable application settings include language, appearance, behavior, and user interface options. 
+
+With User Experience Virtualization (UE-V), you can capture user-customized Windows and application settings and store them on a centrally managed network file share. When users log on, their personalized settings are applied to their work session, regardless of which device or virtual desktop infrastructure (VDI) sessions they log on to.
+
+With the release of this version of Windows 10, UE-V is included with the Windows 10 for Enterprise edition. If you are new to Windows 10 and UE-V or upgrading from a previous version of UE-V, you’ll need to download, activate, and install server- and client-side components to start synchronizing user-customized settings across devices. 
+
+[Learn how to synchronize user-customized settings with UE-V.](/windows/configuration/ue-v/uev-for-windows)
+
+## See Also
+
+[Windows 10 Enterprise LTSC](index.md): A description of the LTSC servicing channel with links to information about each release.
+
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index 4c6f69c1a2..2eb8961b72 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -417,7 +417,7 @@ If you wish to take advantage of [Kiosk capabilities in Edge](https://docs.micro
 
 ### Co-management
 
-Intune and System Center Configuration Manager policies have been added to enable hyrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
+Intune and Microsoft Endpoint Configuration Manager policies have been added to enable hyrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
 
 For more information, see [What's New in MDM enrollment and management](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1803)
 
@@ -482,7 +482,7 @@ You can now register your Azure AD domains to the Windows Insider Program. For m
 
 ### Optimize update delivery
 
-With changes delivered in Windows 10 Enterprise 2019 LTSC, [Express updates](/windows/deployment/update/waas-optimize-windows-10-updates#express-update-delivery) are now fully supported with System Center Configuration Manager, starting with version 1702 of Configuration Manager, as well as with other third-party updating and management products that [implement this new functionality](https://technet.microsoft.com/windows-server-docs/management/windows-server-update-services/deploy/express-update-delivery-isv-support). This is in addition to current Express support on Windows Update, Windows Update for Business and WSUS.
+With changes delivered in Windows 10 Enterprise 2019 LTSC, [Express updates](/windows/deployment/update/waas-optimize-windows-10-updates#express-update-delivery) are now fully supported with Microsoft Endpoint Configuration Manager, starting with version 1702 of Configuration Manager, as well as with other third-party updating and management products that [implement this new functionality](https://technet.microsoft.com/windows-server-docs/management/windows-server-update-services/deploy/express-update-delivery-isv-support). This is in addition to current Express support on Windows Update, Windows Update for Business and WSUS.
 
 >[!NOTE]
 > The above changes can be made available to Windows 10, version 1607, by installing the April 2017 cumulative update.
diff --git a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
index 7cfd7c2c0d..c688e4952a 100644
--- a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
+++ b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
@@ -42,9 +42,9 @@ With Windows 10, you can create provisioning packages that let you quickly and e
 
 [Learn how to manage AppLocker within your organization](/windows/device-security/applocker/applocker-overview).
 
-### Bitlocker
+### BitLocker
 
-#### New Bitlocker features in Windows 10, version 1511
+#### New BitLocker features in Windows 10, version 1511
 
 - **XTS-AES encryption algorithm**. BitLocker now supports the XTS-AES encryption algorithm. XTS-AES provides additional protection from a class of attacks on encryption that rely on manipulating cipher text to cause predictable changes in plain text. BitLocker supports both 128-bit and 256-bit XTS-AES keys.
   It provides the following benefits:
@@ -52,7 +52,7 @@ With Windows 10, you can create provisioning packages that let you quickly and e
   - Easy to administer. You can use the BitLocker Wizard, manage-bde, Group Policy, MDM policy, Windows PowerShell, or WMI to manage it on devices in your organization.
     >**Note:**  Drives encrypted with XTS-AES will not be accessible on older version of Windows. This is only recommended for fixed and operating system drives. Removable drives should continue to use the AES-CBC 128-bit or AES-CBC 256-bit algorithms.
 
-#### New Bitlocker features in Windows 10, version 1507
+#### New BitLocker features in Windows 10, version 1507
 
 <!-- The link in the first bullet below will need to be refreshed Jan/Feb 2017. -->
 
@@ -278,7 +278,7 @@ Enterprises have the following identity and management choices.
 |---|---|
 | Identity   | Active Directory; Azure AD         |
 | Grouping   | Domain join; Workgroup; Azure AD join    |
-| Device management | Group Policy; System Center Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
+| Device management | Group Policy; Microsoft Endpoint Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
 
 >[!NOTE]  
 >With the release of Windows Server 2012 R2, Network Access Protection (NAP) was deprecated and the NAP client has now been removed in Windows 10. For more information about support lifecycles, see [Microsoft Support Lifecycle](https://go.microsoft.com/fwlink/p/?LinkID=613512).
@@ -325,9 +325,9 @@ By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279
 
 -   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
 
--   **Use with existing tools** such as System Center Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
+-   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
 
-Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [System Center Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
+Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
 
 
 Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).
diff --git a/windows/whats-new/whats-new-windows-10-version-1703.md b/windows/whats-new/whats-new-windows-10-version-1703.md
index 71c7f06847..1a4c0d57c0 100644
--- a/windows/whats-new/whats-new-windows-10-version-1703.md
+++ b/windows/whats-new/whats-new-windows-10-version-1703.md
@@ -195,7 +195,7 @@ We recently added the option to download Windows 10 Insider Preview builds using
 
 ### Optimize update delivery
 
-With changes delivered in Windows 10, version 1703, [Express updates](/windows/deployment/update/waas-optimize-windows-10-updates#express-update-delivery) are now fully supported with System Center Configuration Manager, starting with version 1702 of Configuration Manager, as well as with other third-party updating and management products that [implement this new functionality](https://technet.microsoft.com/windows-server-docs/management/windows-server-update-services/deploy/express-update-delivery-isv-support). This is in addition to current Express support on Windows Update, Windows Update for Business and WSUS.
+With changes delivered in Windows 10, version 1703, [Express updates](/windows/deployment/update/waas-optimize-windows-10-updates#express-update-delivery) are now fully supported with Microsoft Endpoint Configuration Manager, starting with version 1702 of Configuration Manager, as well as with other third-party updating and management products that [implement this new functionality](https://technet.microsoft.com/windows-server-docs/management/windows-server-update-services/deploy/express-update-delivery-isv-support). This is in addition to current Express support on Windows Update, Windows Update for Business and WSUS.
 
 >[!NOTE]
 > The above changes can be made available to Windows 10, version 1607, by installing the April 2017 cumulative update.
diff --git a/windows/whats-new/whats-new-windows-10-version-1803.md b/windows/whats-new/whats-new-windows-10-version-1803.md
index e13290b34f..051d5d4b6e 100644
--- a/windows/whats-new/whats-new-windows-10-version-1803.md
+++ b/windows/whats-new/whats-new-windows-10-version-1803.md
@@ -134,7 +134,7 @@ Portions of the work done during the offline phases of a Windows update have bee
 
 ### Co-management
 
-**Intune** and **System Center Configuration Manager** policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
+**Intune** and **Microsoft Endpoint Configuration Manager** policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
 
 For more information, see [What's New in MDM enrollment and management](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1803)
 
diff --git a/windows/whats-new/whats-new-windows-10-version-1903.md b/windows/whats-new/whats-new-windows-10-version-1903.md
index 45feb23e75..f13c8d694c 100644
--- a/windows/whats-new/whats-new-windows-10-version-1903.md
+++ b/windows/whats-new/whats-new-windows-10-version-1903.md
@@ -53,7 +53,7 @@ SetupDiag is a command-line tool that can help diagnose why a Windows 10 update
 
 ## Servicing
 
-- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with System Center Configuration Manager content coming soon! 
+- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with Microsoft Endpoint Configuration Manager content coming soon! 
 - [**Automatic Restart Sign-on (ARSO)**](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#automatic-restart-and-sign-on-arso-for-enterprises-build-18305): Windows will automatically logon as the user and lock their device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed.  
 - [**Windows Update for Business**](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523): There will now be a single, common start date for phased deployments (no more SAC-T designation). In addition, there will a new notification and reboot scheduling experience for end users, the ability to enforce update installation and reboot deadlines, and the ability to provide end user control over reboots for a specific time period. 
 - **Update rollback improvements**: You can now automatically recover from startup failures by removing updates if the startup failure was introduced after the installation of recent driver or quality updates. When a device is unable to start up properly after the recent installation of Quality of driver updates, Windows will now automatically uninstall the updates to get the device back up and running normally.
diff --git a/windows/whats-new/whats-new-windows-10-version-1909.md b/windows/whats-new/whats-new-windows-10-version-1909.md
index a9384caf8b..89e6ad37a5 100644
--- a/windows/whats-new/whats-new-windows-10-version-1909.md
+++ b/windows/whats-new/whats-new-windows-10-version-1909.md
@@ -32,7 +32,7 @@ If you are updating from an older version of Windows 10 (version 1809 or earlier
 
 ### Windows Server Update Services (WSUS)
 
-Pre-release Windows 10 feature updates are now available to IT administrators using WSUS. System Center Configuration Manager version 1906 or later is required. For more information, see [Publishing pre-release Windows 10 feature updates to WSUS](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Publishing-pre-release-Windows-10-feature-updates-to-WSUS/ba-p/845054).
+Pre-release Windows 10 feature updates are now available to IT administrators using WSUS. Microsoft Endpoint Configuration Manager version 1906 or later is required. For more information, see [Publishing pre-release Windows 10 feature updates to WSUS](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Publishing-pre-release-Windows-10-feature-updates-to-WSUS/ba-p/845054).
 
 The Windows 10, version 1909 enablement package will be available on WSUS as [KB4517245](https://support.microsoft.com/kb/4517245), which can be deployed on existing deployments of Windows 10, version 1903. 
 

From c6a5dadd2fea0c1d2f70dfc1132d8ff54a99b90b Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 20 Dec 2019 18:40:05 -0800
Subject: [PATCH 013/247] fifteen files for system config rebrand

---
 ...ially-unwanted-apps-windows-defender-antivirus.md | 10 +++++-----
 ...le-cloud-protection-windows-defender-antivirus.md |  4 ++--
 ...event-based-updates-windows-defender-antivirus.md |  4 ++--
 ...-outdated-endpoints-windows-defender-antivirus.md |  4 ++--
 ...ion-update-schedule-windows-defender-antivirus.md |  2 +-
 ...-protection-updates-windows-defender-antivirus.md | 10 +++++-----
 ...e-updates-baselines-windows-defender-antivirus.md |  2 +-
 ...es-to-security-settings-with-tamper-protection.md |  6 +++---
 .../report-monitor-windows-defender-antivirus.md     |  2 +-
 ...review-scan-results-windows-defender-antivirus.md |  2 +-
 .../run-scan-windows-defender-antivirus.md           |  2 +-
 ...uled-catch-up-scans-windows-defender-antivirus.md |  2 +-
 ...ud-protection-level-windows-defender-antivirus.md |  4 ++--
 ...tune-config-manager-windows-defender-antivirus.md |  6 +++---
 ...ft-cloud-protection-windows-defender-antivirus.md | 12 ++++++------
 15 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
index 0013143d29..43e244ba36 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
@@ -79,7 +79,7 @@ The notification will appear in the usual [quarantine list within the Windows Se
 
 #### Configure PUA protection in Windows Defender Antivirus
 
-You can enable PUA protection with Microsoft Intune, System Center Configuration Manager, Group Policy, or via PowerShell cmdlets.
+You can enable PUA protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, or via PowerShell cmdlets.
 
 You can also use the PUA audit mode to detect PUAs without blocking them. The detections will be captured in the Windows event log.
 
@@ -94,14 +94,14 @@ See [Configure device restriction settings in Microsoft Intune](https://docs.mic
 
 ##### Use Configuration Manager to configure PUA protection
 
-PUA protection is enabled by default in the System Center Configuration Manager (Current Branch), starting with  version 1606.
+PUA protection is enabled by default in the Microsoft Endpoint Configuration Manager (Current Branch), starting with  version 1606.
 
-See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring System Center Configuration Manager (Current Branch).
+See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring Microsoft Endpoint Configuration Manager (Current Branch).
 
 For Configuration Manager 2012, see [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA).
 
 > [!NOTE]
-> PUA events blocked by Windows Defender Antivirus are reported in the Windows Event Viewer and not in System Center Configuration Manager.
+> PUA events blocked by Windows Defender Antivirus are reported in the Windows Event Viewer and not in Microsoft Endpoint Configuration Manager.
 
 ##### Use Group Policy to configure PUA protection
 
@@ -133,7 +133,7 @@ See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use
 
 #### View PUA events
 
-PUA events are reported in the Windows Event Viewer, but not in System Center Configuration Manager or in Intune.
+PUA events are reported in the Windows Event Viewer, but not in Microsoft Endpoint Configuration Manager or in Intune.
 
 You can turn on email notifications to receive mail about PUA detections.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
index 328b3fc5a0..6d7e496eec 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
@@ -28,7 +28,7 @@ ms.custom: nextgen
 Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 
-You can enable or disable Windows Defender Antivirus cloud-delivered protection with Microsoft Intune, System Center Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
+You can enable or disable Windows Defender Antivirus cloud-delivered protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
 
 See [Use Microsoft cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for an overview of Windows Defender Antivirus cloud-delivered protection.
 
@@ -62,7 +62,7 @@ For more information about Intune device profiles, including how to create and c
 
 **Use Configuration Manager to enable cloud-delivered protection:**
 
-See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring System Center Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 **Use Group Policy to enable cloud-delivered protection:**
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
index c238f05823..20d523d368 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
@@ -27,11 +27,11 @@ Windows Defender Antivirus allows you to determine if updates should (or should
 
 ## Check for protection updates before running a scan
 
-You can use System Center Configuration Manager, Group Policy, PowerShell cmdlets, and WMI to force Windows Defender Antivirus to check and download protection updates before running a scheduled scan.
+You can use Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, and WMI to force Windows Defender Antivirus to check and download protection updates before running a scheduled scan.
 
 ### Use Configuration Manager to check for protection updates before running a scan
 
-1. On your System Center Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
+1. On your Microsoft Endpoint Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
 
 2. Go to the **Scheduled scans** section and set **Check for the latest security intelligence updates before running a scan** to **Yes**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
index fabe399119..9a6e186de0 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
@@ -35,7 +35,7 @@ If Windows Defender Antivirus did not download protection updates for a specifie
 
 ### Use Configuration Manager to configure catch-up protection updates
 
-1.  On your System Center Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
+1.  On your Microsoft Endpoint Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
 
 2.  Go to the **Security intelligence updates** section and configure the following settings:
 
@@ -164,7 +164,7 @@ See the following for more information and allowed parameters:
 
 ### Use Configuration Manager to configure catch-up scans
 
-1.  On your System Center Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
+1.  On your Microsoft Endpoint Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
 
 2.  Go to the **Scheduled scans** section and **Force a scan of the selected scan type if client computer is offline...** to **Yes**. 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
index 0185b12a58..c67fd41aa8 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
@@ -36,7 +36,7 @@ You can also randomize the times when each endpoint checks and downloads protect
 
 ## Use Configuration Manager to schedule protection updates
 
-1.  On your System Center Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
+1.  On your Microsoft Endpoint Configuration Manager console, open the antimalware policy you want to change (click **Assets and Compliance** in the navigation pane on the left, then expand the tree to **Overview** > **Endpoint Protection** > **Antimalware Policies**)
 
 2.  Go to the **Security intelligence updates** section.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
index f76c49cd91..e84e13a57e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
@@ -52,11 +52,11 @@ There are five locations where you can specify where an endpoint should obtain u
 
 - [Microsoft Update](https://support.microsoft.com/help/12373/windows-update-faq)
 - [Windows Server Update Service](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus)
-- [System Center Configuration Manager](https://docs.microsoft.com/sccm/core/servers/manage/updates)
+- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/servers/manage/updates)
 - [Network file share](https://docs.microsoft.com/windows-server/storage/nfs/nfs-overview)
 - [Security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware](https://www.microsoft.com/en-us/wdsi/defenderupdates) (Your policy and registry might have this listed as Microsoft Malware Protection Center (MMPC) security intelligence, its former name.)
 
-To ensure the best level of protection, Microsoft Update allows for rapid releases, which means smaller downloads on a frequent basis. The Windows Server Update Service, System Center Configuration Manager, and Microsoft security intelligence updates sources deliver less frequent updates. Thus, the delta can be larger, resulting in larger downloads. 
+To ensure the best level of protection, Microsoft Update allows for rapid releases, which means smaller downloads on a frequent basis. The Windows Server Update Service, Microsoft Endpoint Configuration Manager, and Microsoft security intelligence updates sources deliver less frequent updates. Thus, the delta can be larger, resulting in larger downloads. 
 
 > [!IMPORTANT]
 > If you have set [Microsoft Malware Protection Center Security intelligence page](https://www.microsoft.com/security/portal/definitions/adl.aspx) (MMPC) updates as a fallback source after Windows Server Update Service or Microsoft Update, updates are only downloaded from security intelligence updates when the current update is considered out-of-date. (By default, this is 14 consecutive days of not being able to apply updates from the Windows Server Update Service or Microsoft Update services).
@@ -70,11 +70,11 @@ Each source has typical scenarios that depend on how your network is configured,
 |Windows Server Update Service | You are using Windows Server Update Service to manage updates for your network.|
 |Microsoft Update | You want your endpoints to connect directly to Microsoft Update. This can be useful for endpoints that irregularly connect to your enterprise network, or if you do not use Windows Server Update Service to manage your updates.|
 |File share | You have non-Internet-connected devices (such as VMs). You can use your Internet-connected VM host to download the updates to a network share, from which the VMs can obtain the updates. See the [VDI deployment guide](deployment-vdi-windows-defender-antivirus.md) for how file shares can be used in virtual desktop infrastructure (VDI) environments.|
-|System Center Configuration Manager | You are using System Center Configuration Manager to update your endpoints.|
+|Microsoft Endpoint Configuration Manager | You are using Microsoft Endpoint Configuration Manager to update your endpoints.|
 |Security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware (formerly referred to as MMPC) |[Make sure your devices are updated to support SHA-2](https://support.microsoft.com/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus). Microsoft Defender Antivirus Security intelligence updates are delivered through Windows Update, and starting Monday October 21, 2019 security intelligence updates will be SHA-2 signed exclusively. <br/>Download the latest protection updates because of a recent infection or to help provision a strong, base image for [VDI deployment](deployment-vdi-windows-defender-antivirus.md). This option should generally be used only as a final fallback source, and not the primary source. It will only be used if updates cannot be downloaded from Windows Server Update Service or Microsoft Update for [a specified number of days](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus#set-the-number-of-days-before-protection-is-reported-as-out-of-date).|
 
 
-You can manage the order in which update sources are used with Group Policy, System Center Configuration Manager, PowerShell cmdlets, and WMI.
+You can manage the order in which update sources are used with Group Policy, Microsoft Endpoint Configuration Manager, PowerShell cmdlets, and WMI.
 
 > [!IMPORTANT]
 > If you set Windows Server Update Service as a download location, you must approve the updates, regardless of the management tool you use to specify the location. You can set up an automatic approval rule with Windows Server Update Service, which might be useful as updates arrive at least once a day. To learn more, see [synchronize endpoint protection updates in standalone Windows Server Update Service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus).
@@ -113,7 +113,7 @@ The procedures in this article first describe how to set the order, and then how
 
 ## Use Configuration Manager to manage the update location
 
-See [Configure Security intelligence Updates for Endpoint Protection](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-definition-updates) for details on configuring System Center Configuration Manager (current branch).
+See [Configure Security intelligence Updates for Endpoint Protection](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-definition-updates) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 
 ## Use PowerShell cmdlets to manage the update location
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
index 775068abed..40bc802e34 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
@@ -40,7 +40,7 @@ The cloud-delivered protection is always on and requires an active connection to
 
 Windows Defender Antivirus requires [monthly updates](https://support.microsoft.com/help/4052623/update-for-windows-defender-antimalware-platform) (known as "engine updates" and "platform updates"), and will receive major feature updates alongside Windows 10 releases.
 
-You can manage the distribution of updates through Windows Server Update Service (WSUS), with [System Center Configuration Manager](https://docs.microsoft.com/sccm/sum/understand/software-updates-introduction), or in the normal manner that you deploy Microsoft and Windows updates to endpoints in your network.
+You can manage the distribution of updates through Windows Server Update Service (WSUS), with [ Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/sum/understand/software-updates-introduction), or in the normal manner that you deploy Microsoft and Windows updates to endpoints in your network.
 
 ## In this section
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 817ec8cbb1..c9f0ee3311 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -141,15 +141,15 @@ Value DisableRealtimeMonitoring = 0
 
 Configuring Tamper Protection in Intune can be targeted to your entire organization as well as to devices and user groups with Intune.
 
-### Can I configure Tamper Protection in System Center Configuration Manager?
+### Can I configure Tamper Protection in Microsoft Endpoint Configuration Manager?
 
-Currently we do not have support to manage Tamper Protection through System Center Configuration Manager.
+Currently we do not have support to manage Tamper Protection through Microsoft Endpoint Configuration Manager.
 
 ### I have the Windows E3 enrollment. Can I use configuring Tamper Protection in Intune?
 
 Currently, configuring Tamper Protection in Intune is only available for customers who have [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
 
-### What happens if I try to change Microsoft Defender ATP settings in Intune, System Center Configuration Manager, and Windows Management Instrumentation when Tamper Protection is enabled on a device?
+### What happens if I try to change Microsoft Defender ATP settings in Intune, Microsoft Endpoint Configuration Manager, and Windows Management Instrumentation when Tamper Protection is enabled on a device?
 
 You won’t be able to change the features that are protected by Tamper Protection; those change requests are ignored.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
index 16f606bbae..b454b8490d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-With Windows Defender Antivirus, you have several options for reviewing protection status and alerts. You can use System Center Configuration Manager to [monitor Windows Defender Antivirus](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts). Or, you can monitor protection using [Microsoft Intune](https://docs.microsoft.com/intune/introduction-intune).  
+With Windows Defender Antivirus, you have several options for reviewing protection status and alerts. You can use Microsoft Endpoint Configuration Manager to [monitor Windows Defender Antivirus](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts). Or, you can monitor protection using [Microsoft Intune](https://docs.microsoft.com/intune/introduction-intune).  
 
 Microsoft Operations Management Suite has an [Update Compliance add-in](/windows/deployment/update/update-compliance-get-started) that reports on key Windows Defender Antivirus issues, including protection updates and real-time protection settings.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
index 78fed4d5d4..7e8c703d2d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Review the results of Windows Defender AV scans 
-description: Review the results of scans using System Center Configuration Manager, Microsoft Intune, or the Windows Security app
+description: Review the results of scans using Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app
 keywords: scan results, remediation, full scan, quick scan
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
diff --git a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
index 66db88455e..4db84ce762 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
@@ -41,7 +41,7 @@ A full scan can be useful on endpoints that have encountered a malware threat to
 
 ## Use Configuration Manager to run a scan
 
-See [Antimalware and firewall tasks: How to perform an on-demand scan](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-firewall#how-to-perform-an-on-demand-scan-of-computers) for details on using System Center Configuration Manager (current branch) to run a scan.
+See [Antimalware and firewall tasks: How to perform an on-demand scan](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-firewall#how-to-perform-an-on-demand-scan-of-computers) for details on using Microsoft Endpoint Configuration Manager (current branch) to run a scan.
 
 ## Use the mpcmdrun.exe command-line utility to run a scan
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
index e49771c6ae..82c22fd0a3 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
@@ -31,7 +31,7 @@ In addition to always-on real-time protection and [on-demand](run-scan-windows-d
 
 You can configure the type of scan, when the scan should occur, and if the scan should occur after a [protection update](manage-protection-updates-windows-defender-antivirus.md) or if the endpoint is being used. You can also specify when special scans to complete remediation should occur.
 
-This topic describes how to configure scheduled scans with Group Policy, PowerShell cmdlets, and WMI. You can also configure schedules scans with [System Center Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scheduled-scans-settings) or [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+This topic describes how to configure scheduled scans with Group Policy, PowerShell cmdlets, and WMI. You can also configure schedules scans with [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scheduled-scans-settings) or [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
 
 To configure the Group Policy settings described in this topic:
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
index e6b6bf10d0..0480d91f4e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.custom: nextgen
 
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-You can specify the level of cloud-protection offered by Windows Defender Antivirus with Group Policy and System Center Configuration Manager.
+You can specify the level of cloud-protection offered by Windows Defender Antivirus with Group Policy and Microsoft Endpoint Configuration Manager.
 
 >[!NOTE]
 >The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
@@ -47,7 +47,7 @@ For more information about Intune device profiles, including how to create and c
 
 ## Use Configuration Manager to specify the level of cloud-delivered protection
 
-See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring System Center Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 ## Use Group Policy to specify the level of cloud-delivered protection
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md
index 6ed604307a..df5a122dda 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Configure Windows Defender Antivirus with Configuration Manager and Intune
-description: Use System Center Configuration Manager and Microsoft Intune to configure Windows Defender AV and Endpoint Protection
+description: Use Microsoft Endpoint Configuration Manager and Microsoft Intune to configure Windows Defender AV and Endpoint Protection
 keywords: scep, intune, endpoint protection, configuration
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
@@ -17,13 +17,13 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Use System Center Configuration Manager and Microsoft Intune to configure and manage Windows Defender Antivirus
+# Use Microsoft Endpoint Configuration Manager and Microsoft Intune to configure and manage Windows Defender Antivirus
 
 **Applies to:**
 
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-If you are using System Center Configuration Manager or Microsoft Intune to manage the endpoints on your network, you can also use them to manage Windows Defender Antivirus scans.
+If you are using Microsoft Endpoint Configuration Manager or Microsoft Intune to manage the endpoints on your network, you can also use them to manage Windows Defender Antivirus scans.
 
 In some cases, the protection will be labeled as Endpoint Protection, although the engine is the same as that used by Windows Defender Antivirus.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index e1d2d9c8e9..c263d97a41 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -60,10 +60,10 @@ Organizations running Windows 10 E5, version 1803 can also take advantage of eme
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 
-The following table describes the differences in cloud-delivered protection between recent versions of Windows and System Center Configuration Manager.
+The following table describes the differences in cloud-delivered protection between recent versions of Windows and Microsoft Endpoint Configuration Manager.
 
 
-Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center Configuration Manager 2012 | System Center Configuration Manager (Current Branch) | Microsoft Intune
+Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center Configuration Manager 2012 | Microsoft Endpoint Configuration Manager (Current Branch) | Microsoft Intune
 ---|---|---|---|---|---|---
 Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service
 Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version
@@ -76,8 +76,8 @@ You can also [configure Windows Defender AV to automatically receive new protect
 
  Topic | Description 
 ---|---
-[Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | You can enable cloud-delivered protection with System Center Configuration Manager, Group Policy, Microsoft Intune, and PowerShell cmdlets.
-[Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and System Center Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
+[Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | You can enable cloud-delivered protection with Microsoft Endpoint Configuration Manager, Group Policy, Microsoft Intune, and PowerShell cmdlets.
+[Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and Microsoft Endpoint Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
 [Configure and validate network connections for Windows Defender Antivirus](configure-network-connections-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection.
-[Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence . You can enable and configure it with System Center Configuration Manager and Group Policy.
-[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with System Center Configuration Manager and Group Policy.
+[Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence . You can enable and configure it with Microsoft Endpoint Configuration Manager and Group Policy.
+[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with Microsoft Endpoint Configuration Manager and Group Policy.

From 96f2accf27e11730caf9f7016ed12ce46cc3d487 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 21 Dec 2019 05:58:13 -0800
Subject: [PATCH 014/247] adding updated files to PR

---
 ...types-windows-defender-antivirus - Copy.md | 104 +++++
 ...sight-windows-defender-antivirus - Copy.md | 166 ++++++++
 ...sions-windows-defender-antivirus - Copy.md | 366 ++++++++++++++++++
 ...tions-windows-defender-antivirus - Copy.md | 130 +++++++
 ...tions-windows-defender-antivirus - Copy.md | 106 +++++
 ...sions-windows-defender-antivirus - Copy.md | 199 ++++++++++
 ...ation-windows-defender-antivirus - Copy.md |  72 ++++
 ...dows-defender-antivirus-features - Copy.md |  49 +++
 ...scans-windows-defender-antivirus - Copy.md |  37 ++
 ...eport-windows-defender-antivirus - Copy.md |  85 ++++
 ...eploy-windows-defender-antivirus - Copy.md |  38 ++
 ...-apps-windows-defender-antivirus - Copy.md | 149 +++++++
 ...ction-windows-defender-antivirus - Copy.md | 143 +++++++
 13 files changed, 1644 insertions(+)
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..1ec92d64e6
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,104 @@
+---
+title: Configure scanning options for Windows Defender AV
+description: You can configure Windows Defender AV to scan email storage files, back-up or reparse points, network files, and archived files (such as .zip files).
+keywords: advanced scans, scanning, email, archive, zip, rar, archive, reparse scanning
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 10/25/2018
+ms.reviewer: 
+manager: dansimp
+
+---
+
+# Configure Windows Defender Antivirus scanning options
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+**Use Microsoft Intune to configure scanning options**
+
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
+
+<a id="ref1"></a>
+
+**Use Configuration Manager to configure scanning options:**
+
+See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+
+**Use Group Policy to configure scanning options**
+
+To configure the Group Policy settings described in the following table:
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
+
+4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
+
+Description | Location and setting | Default setting (if not configured) | PowerShell `Set-MpPreference` parameter or WMI property for `MSFT_MpPreference` class
+---|---|---|---
+See [Email scanning limitations](#ref1)) below | Scan > Turn on e-mail scanning | Disabled | `-DisableEmailScanning`
+Scan [reparse points](https://msdn.microsoft.com/library/windows/desktop/aa365503.aspx) | Scan > Turn on reparse point scanning | Disabled | Not available
+Scan mapped network drives | Scan > Run full scan on mapped network drives | Disabled | `-DisableScanningMappedNetworkDrivesForFullScan`
+ Scan archive files (such as .zip or .rar files). The [extensions exclusion list](configure-extension-file-exclusions-windows-defender-antivirus.md) will take precedence over this setting. | Scan > Scan archive files | Enabled | `-DisableArchiveScanning`
+Scan files on the network | Scan > Scan network files | Disabled | `-DisableScanningNetworkFiles`
+Scan packed executables | Scan > Scan packed executables | Enabled | Not available
+Scan removable drives during full scans only | Scan > Scan removable drives | Disabled | `-DisableRemovableDriveScanning`
+Specify the level of subfolders within an archive folder to scan | Scan > Specify the maximum depth to scan archive files | 0 | Not available
+ Specify the maximum CPU load (as a percentage) during a scan. Note: This is not a hard limit but rather a guidance for the scanning engine to not exceed this maximum on average. | Scan > Specify the maximum percentage of CPU utilization during a scan | 50 |  `-ScanAvgCPULoadFactor`
+ Specify the maximum size (in kilobytes) of archive files that should be scanned. The default, **0**, applies no limit | Scan > Specify the maximum size of archive files to be scanned | No limit | Not available
+ Configure low CPU priority for scheduled scans | Scan > Configure low CPU priority for scheduled scans | Disabled | Not available
+ 
+>[!NOTE]
+>If real-time protection is enabled, files are scanned before they are accessed and executed. The scanning scope includes all files, including those on mounted removable devices such as USB drives.
+
+**Use PowerShell to configure scanning options**
+
+See [Manage Windows Defender Antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
+
+**Use WMI to configure scanning options**
+
+For using WMI classes, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx).
+
+### Email scanning limitations
+
+We recommend using [always-on real-time protection](configure-real-time-protection-windows-defender-antivirus.md) to protect against email-based malware.
+
+Always-on protection scans emails as they arrive and as they are manipulated, just like normal files in the operating system. This provides the strongest form of protection and is the recommended setting for scanning emails.
+
+You can also use this Group Policy to enable scanning of older email files used by Outlook 2003 and older during on-demand and scheduled scans. Embedded objects within an email file (such as attachments and archived files) are also scanned. The following file format types can be scanned and remediated:
+
+- DBX
+- MBX
+- MIME
+
+PST files used by Outlook 2003 or older (where the archive type is set to non-unicode) can also be scanned, but Windows Defender cannot remediate threats detected inside PST files. This is another reason why we recommend using [always-on real-time protection](configure-real-time-protection-windows-defender-antivirus.md) to protect against email-based malware.
+
+If Windows Defender Antivirus detects a threat inside an email, it will show you the following information to assist you in identifying the compromised email, so you can remediate the threat:
+
+- Email subject
+- Attachment name
+
+>[!WARNING]
+>There are some risks associated with scanning some Microsoft Outlook files and email messages. You can read about tips and risks associated with scanning Outlook files and email messages in the following articles:
+>
+> - [Scanning Outlook files in Outlook 2013](https://technet.microsoft.com/library/dn769141.aspx#bkmk-1)
+> - [Scanning email messages in Outlook 2013](https://technet.microsoft.com/library/dn769141.aspx#bkmk-2)
+
+## Related topics
+
+- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Configure and run on-demand Windows Defender Antivirus scans](run-scan-windows-defender-antivirus.md)
+- [Configure scheduled Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..1fb5ff7d26
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,166 @@
+---
+title: Enable Block at First Sight to detect malware in seconds
+description: Enable the Block at First sight feature to detect and block malware within seconds, and validate that it is configured correctly.
+keywords: scan, BAFS, malware, first seen, first sight, cloud, defender
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.reviewer: 
+manager: dansimp
+ms.custom: nextgen
+---
+
+# Enable block at first sight
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Block at first sight is a feature of next-generation protection that provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are also enabled. In most cases, these prerequisite settings are also enabled by default, so the feature is running without any intervention. 
+
+You can [specify how long the file should be prevented from running](configure-cloud-block-timeout-period-windows-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information) when a file is blocked. You can change the company name, contact information, and message URL.
+
+>[!TIP]
+>Visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
+
+## How it works
+
+When Windows Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or clean.
+
+Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
+![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
+
+In Windows 10, version 1803, block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
+
+Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
+
+If the cloud backend is unable to make a determination, Windows Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs additional analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or safe.
+
+In many cases, this process can reduce the response time for new malware from hours to seconds.
+
+## Confirm and validate that block at first sight is enabled
+
+Block at first sight requires a number of settings to be configured correctly or it will not work. These settings are enabled by default in most enterprise Windows Defender Antivirus deployments.
+
+### Confirm block at first sight is enabled with Intune
+
+1. In Intune, navigate to **Device configuration - Profiles > *Profile name* > Device restrictions > Windows Defender Antivirus**.
+
+   > [!NOTE]
+   > The profile you select must be a Device Restriction profile type, not an Endpoint Protection profile type.
+
+2. Verify these settings are configured as follows:
+
+   - **Cloud-delivered protection**: **Enable**
+   - **File Blocking Level**: **High**
+   - **Time extension for file scanning by the cloud**: **50**
+   - **Prompt users before sample submission**: **Send all data without prompting**
+
+   ![Intune config](images/defender/intune-block-at-first-sight.png)
+
+   > [!WARNING]
+   > Setting the file blocking level to **High** will apply a strong level of detection. In the unlikely event that it causes a false positive detection of legitimate files, use the option to [restore the quarantined files](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus).
+
+For more information about configuring Windows Defender Antivirus device restrictions in Intune, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+
+For a list of Windows Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus).
+
+### Enable block at first sight with SCCM
+
+1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
+
+2. Click **Home** > **Create Antimalware Policy**.
+
+3. Enter a name and a description, and add these settings:
+   - **Real time protection**
+   - **Advanced**
+   - **Cloud Protection Service**
+
+4. In the left column, click **Real time protection**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
+   ![Enable real-time protection](images/defender/sccm-real-time-protection.png)
+
+5. Click **Advanced**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
+   ![Enable Advanced settings](images/defender/sccm-advanced-settings.png)
+
+6. Click **Cloud Protection Service**, set **Cloud Protection Service membership type** to **Advanced membership**, set **Level for blocking malicious files** to **High**, and set **Allow extended cloud check to block and scan suspicious files for up to (seconds)** to **50** seconds.
+   ![Enable Cloud Protection Service](images/defender/sccm-cloud-protection-service.png)
+
+7. Click **OK** to create the policy.
+
+
+### Confirm block at first sight is enabled with Group Policy
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree to **Windows components** > **Windows Defender Antivirus** > **MAPS**, configure the following Group Policies, and then click **OK**:
+
+   -  Double-click **Join Microsoft MAPS** and ensure the option is set to **Enabled**. Click **OK**.
+
+   - Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either **Send safe samples (1)** or **Send all samples (3)**.
+
+    > [!WARNING]
+    > Setting to **Always prompt (0)** will lower the protection state of the device. Setting to **Never send (2)** means block at first sight will not function.
+
+4. In the **Group Policy Management Editor**, expand the tree to **Windows components** > **Windows Defender Antivirus** > **Real-time Protection**:
+
+    1. Double-click **Scan all downloaded files and attachments** and ensure the option is set to **Enabled**, and then click **OK**.
+
+    2. Double-click **Turn off real-time protection** and ensure the option is set to **Disabled**, and then click **OK**.
+
+If you had to change any of the settings, you should re-deploy the Group Policy Object across your network to ensure all endpoints are covered.
+
+### Confirm block at first sight is enabled with the Windows Security app
+
+You can confirm that block at first sight is enabled in Windows Settings.
+
+Block at first sight is automatically enabled as long as **Cloud-based protection** and **Automatic sample submission** are both turned on.
+
+### Confirm Block at First Sight is enabled on individual clients
+
+1. Open the Windows Security app by clicking the shield icon in the task bar.
+
+2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Manage Settings** under **Virus & threat protection settings**:
+
+   ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
+
+3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
+
+> [!NOTE]
+> If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
+
+### Validate block at first sight is working
+
+You can validate that the feature is working by following the steps outlined in [Validate connections between your network and the cloud](configure-network-connections-windows-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud).
+
+## Disable block at first sight
+
+> [!WARNING]
+> Disabling block at first sight will lower the protection state of the endpoint and your network.
+
+You may choose to disable block at first sight if you want to retain the prerequisite settings without using block at first sight protection. You might wish to do this if you are experiencing latency issues or you want to test the feature's impact on your network.
+
+### Disable block at first sight with Group Policy
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and then click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree through **Windows components** > **Windows Defender Antivirus** > **MAPS**.
+
+4. Double-click **Configure the 'Block at First Sight' feature** and set the option to **Disabled**.
+
+    > [!NOTE]
+    > Disabling block at first sight will not disable or alter the prerequisite group policies.
+
+## Related topics
+
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..6ab53e6c67
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,366 @@
+---
+title: Configure and validate exclusions based on extension, name, or location
+description: Exclude files from Windows Defender Antivirus scans based on their file extension, file name, or location.
+keywords: exclusions, files, extension, file type, folder name, file name, scans
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 12/10/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Configure and validate exclusions based on file extension and folder location
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+> [!IMPORTANT]
+> Windows Defender Antivirus exclusions don't apply to other Microsoft Defender ATP capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender ATP [custom indicators](../microsoft-defender-atp/manage-indicators.md).
+
+## Exclusion lists
+
+You can exclude certain files from Windows Defender Antivirus scans by modifying exclusion lists. **Generally, you shouldn't need to apply exclusions**. Windows Defender Antivirus includes a number of automatic exclusions based on known operating system behaviors and typical management files, such as those used in enterprise management, database management, and other enterprise scenarios and situations.
+
+> [!NOTE]
+> Automatic exclusions apply only to Windows Server 2016 and above. The default antimalware policy we deploy at Microsoft doesn't set any exclusions by default.
+
+This topic describes how to configure exclusion lists for the files and folders.
+
+Exclusion | Examples | Exclusion list
+---|---|---
+Any file with a specific extension | All files with the `.test` extension, anywhere on the machine | Extension exclusions
+Any file under a specific folder | All files under the `c:\test\sample` folder | File and folder exclusions
+A specific file in a specific folder | The file `c:\sample\sample.test` only | File and folder exclusions
+A specific process | The executable file `c:\test\process.exe` | File and folder exclusions
+
+Exclusion lists have the following characteristics:
+
+- Folder exclusions will apply to all files and folders under that folder, unless the subfolder is a reparse point. Reparse point subfolders must be excluded separately.
+- File extensions will apply to any file name with the defined extension if a path or folder is not defined.
+
+>[!IMPORTANT]
+>The use of wildcards such as the asterisk (\*) will alter how the exclusion rules are interpreted. See the [Use wildcards in the file name and folder path or extension exclusion lists](#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists) section for important information about how wildcards work.
+>
+>You cannot exclude mapped network drives. You must specify the actual network path.
+>
+>Folders that are reparse points that are created after the Windows Defender Antivirus service starts and that have been added to the exclusion list will not be included. You must restart the service (by restarting Windows) for new reparse points to be recognized as a valid exclusion target.
+
+To exclude files opened by a specific process, see [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md).
+
+The exclusions apply to [scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md), [on-demand scans](run-scan-windows-defender-antivirus.md), and [real-time protection](configure-real-time-protection-windows-defender-antivirus.md).
+
+>[!IMPORTANT]
+>Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
+>
+>Changes made in the Windows Security app **will not show** in the Group Policy lists.
+
+By default, local changes made to the lists (by users with administrator privileges, including changes made with PowerShell and WMI) will be merged with the lists as defined (and deployed) by Group Policy, Configuration Manager, or Intune. The Group Policy lists will take precedence when there are conflicts.
+
+You can [configure how locally and globally defined exclusions lists are merged](configure-local-policy-overrides-windows-defender-antivirus.md#merge-lists) to allow local changes to override managed deployment settings.
+
+## Configure the list of exclusions based on folder name or file extension
+
+### Use Intune to configure file name, folder, or file extension exclusions
+
+See the following articles:
+- [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure)
+- [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus)
+
+### Use Configuration Manager to configure file name, folder, or file extension exclusions
+
+See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+
+### Use Group Policy to configure folder or file extension exclusions
+
+>[!NOTE]
+>If you specify a fully qualified path to a file, then only that file is excluded. If a folder is defined in the exclusion, then all files and subdirectories under that folder are excluded.
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
+
+4. Double-click the **Path Exclusions** setting and add the exclusions:
+
+    1. Set the option to **Enabled**. 
+    2. Under the **Options** section, click **Show...**.
+    3. Enter each folder on its own line under the **Value name** column. If you are entering a file, ensure you enter a fully qualified path to the file, including the drive letter, folder path, filename, and extension. Enter **0** in the **Value** column.
+
+5. Click **OK**.
+
+    ![The Group Policy setting for file and folder exclusions](images/defender/wdav-path-exclusions.png)
+
+6. Double-click the **Extension Exclusions** setting and add the exclusions:
+
+    1. Set the option to **Enabled**.
+    2. Under the **Options** section, click **Show...**.
+    3. Enter each file extension on its own line under the **Value name** column.  Enter **0** in the **Value** column.
+
+7. Click **OK**.
+
+    ![The Group Policy setting for extension exclusions](images/defender/wdav-extension-exclusions.png)
+
+<a id="ps"></a>
+
+### Use PowerShell cmdlets to configure file name, folder, or file extension exclusions
+
+Using PowerShell to add or remove exclusions for files based on the extension, location, or file name requires using a combination of three cmdlets and the appropriate exclusion list parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender).
+
+The format for the cmdlets is:
+
+```PowerShell
+<cmdlet> -<exclusion list> "<item>"
+```
+
+The following are allowed as the \<cmdlet>:
+
+Configuration action | PowerShell cmdlet
+---|---
+Create or overwrite the list | `Set-MpPreference`
+Add to the list | `Add-MpPreference`
+Remove item from the list | `Remove-MpPreference`
+
+The following are allowed as the \<exclusion list>:
+
+Exclusion type | PowerShell parameter
+---|---
+All files with a specified file extension | `-ExclusionExtension`
+All files under a folder (including files in subdirectories), or a specific file | `-ExclusionPath`
+
+>[!IMPORTANT]
+>If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
+
+For example, the following code snippet would cause Windows Defender AV scans to exclude any file with the `.test` file extension:
+
+```PowerShell
+Add-MpPreference -ExclusionExtension ".test"
+```
+
+For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
+
+### Use Windows Management Instruction (WMI) to configure file name, folder, or file extension exclusions
+
+Use the [**Set**, **Add**, and **Remove** methods of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class for the following properties:
+
+```WMI
+ExclusionExtension
+ExclusionPath
+```
+
+The use of **Set**, **Add**, and **Remove** is analogous to their counterparts in PowerShell: `Set-MpPreference`, `Add-MpPreference`, and `Remove-MpPreference`.
+
+For more information, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx).
+
+<a id="man-tools"></a>
+
+### Use the Windows Security app to configure file name, folder, or file extension exclusions
+
+See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
+
+<a id="wildcards"></a>
+## Use wildcards in the file name and folder path or extension exclusion lists
+
+You can use the asterisk `*`, question mark `?`, or environment variables (such as `%ALLUSERSPROFILE%`) as wildcards when defining items in the file name or folder path exclusion list. The way in which these wildcards are interpreted differs from their usual usage in other apps and languages. Make sure to read this section to understand their specific limitations.
+
+>[!IMPORTANT]
+>There are key limitations and usage scenarios for these wildcards:
+>
+>- Environment variable usage is limited to machine variables and those applicable to processes running as an NT AUTHORITY\SYSTEM account.
+>- You cannot use a wildcard in place of a drive letter.
+>- An asterisk `*` in a folder exclusion will stand in place for a single folder. Use multiple instances of `\*\` to indicate multiple nested folders with unspecified names.
+
+The following table describes how the wildcards can be used and provides some examples.
+<table>
+    <tr>
+        <th>Wildcard</th>
+        <th>Use in file name and file extension exclusions</th>
+        <th>Use in folder exclusions</th>
+        <th>Example use</th>
+        <th>Example matches</th>
+    </tr>
+    <tr>
+        <td><b>*</b> (asterisk)</td>
+        <td>Replaces any number of characters. <br />Only applies to files in the last folder defined in the argument. </td>
+        <td>Replaces a single folder. <br />Use multiple <b>*</b> with folder slashes <b>\</b> to indicate multiple, nested folders. </br>After matching the number of wild carded and named folders, all subfolders will also be included.</td>
+        <td>
+            <ol>
+                <li>C:\MyData\<b>*</b>.txt</li>
+                <li>C:\somepath\<b>*</b>\Data</li>
+                <li>C:\Serv\<b>*</b>\<b>*</b>\Backup
+            </ol>
+        </td>
+        <td>
+            <ol>
+                <li>C:\MyData\<b>notes</b>.txt</li>
+                <li>Any file in:
+                    <ul>
+                        <li>C:\somepath\<b>Archives</b>\Data and its subfolders</li>
+                        <li>C:\somepath\<b>Authorized</b>\Data and its subfolders</li>
+                    </ul>
+                <li>Any file in:
+                <ul>
+                    <li>C:\Serv\<b>Primary</b>\<b>Denied</b>\Backup and its subfolders</li>
+                    <li>C:\Serv\<b>Secondary</b>\<b>Allowed</b>\Backup and its subfolders</li>
+                </ul>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <b>?</b> (question mark)
+        </td>
+        <td>
+            Replaces a single character. <br />
+            Only applies to files in the last folder defined in the argument.
+        </td>
+        <td>
+            Replaces a single character in a folder name. </br>
+            After matching the number of wild carded and named folders, all subfolders will also be included.
+        </td>
+        <td>
+            <ol>
+                <li>C:\MyData\my<b>?</b>.zip</li>
+                <li>C:\somepath\<b>?</b>\Data</li>
+                <li>C:\somepath\test0<b>?</b>\Data</li>
+            </ol>
+        </td>
+        <td>
+            <ol>
+                <li>C:\MyData\my<b>1</b>.zip</li>
+                <li>Any file in C:\somepath\<b>P</b>\Data and its subfolders</li>
+                <li>Any file in C:\somepath\test0<b>1</b>\Data and its subfolders</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Environment variables</td>
+        <td>The defined variable will be populated as a path when the exclusion is evaluated.</td>
+        <td>Same as file and extension use. </td>
+        <td>
+            <ol>
+                <li><b>%ALLUSERSPROFILE%</b>\CustomLogFiles</li>
+            </ol> 
+        </td>
+        <td>
+            <ol>
+                <li><b>C:\ProgramData</b>\CustomLogFiles\Folder1\file1.txt</li>
+            </ol>
+        </td>
+    </tr>
+</table>
+
+>[!IMPORTANT]
+>If you mix a file exclusion argument with a folder exclusion argument, the rules will stop at the file argument match in the matched folder, and will not look for file matches in any subfolders.
+>
+>For example, you can exclude all files that start with "date" in the folders `c:\data\final\marked` and `c:\data\review\marked` by using the rule argument <b>c:\data\\\*\marked\date*.\*</b>.
+>
+>This argument, however, will not match any files in **subfolders** under `c:\data\final\marked` or `c:\data\review\marked`.
+
+<a id="review"></a>
+
+## Review the list of exclusions
+
+You can retrieve the items in the exclusion list using one of the following methods:
+- [Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
+- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
+- MpCmdRun
+- PowerShell
+- [Windows Security app](windows-defender-security-center-antivirus.md#exclusions)
+
+>[!IMPORTANT]
+>Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
+>
+>Changes made in the Windows Security app **will not show** in the Group Policy lists.
+
+If you use PowerShell, you can retrieve the list in two ways:
+
+- Retrieve the status of all Windows Defender Antivirus preferences. Each of the lists will be displayed on separate lines, but the items within each list will be combined into the same line.
+- Write the status of all preferences to a variable, and use that variable to only call the specific list you are interested in. Each use of `Add-MpPreference` is written to a new line.
+
+### Validate the exclusion list by using MpCmdRun
+
+To check exclusions with the dedicated [command-line tool mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus?branch=v-anbic-wdav-new-mpcmdrun-options), use the following command:
+
+```DOS
+MpCmdRun.exe -CheckExclusion -path <path>
+```
+
+>[!NOTE]
+>Checking exclusions with MpCmdRun requires Windows Defender Antivirus CAMP version 4.18.1812.3 (released in December 2018) or later.
+
+### Review the list of exclusions alongside all other Windows Defender Antivirus preferences by using PowerShell
+
+Use the following cmdlet:
+
+```PowerShell
+Get-MpPreference
+```
+
+In the following example, the items contained in the `ExclusionExtension` list are highlighted:
+
+![PowerShell output for Get-MpPreference showing the exclusion list alongside other preferences](images/defender/wdav-powershell-get-exclusions-all.png)
+
+For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
+
+### Retrieve a specific exclusions list by using PowerShell
+
+Use the following code snippet (enter each line as a separate command); replace **WDAVprefs** with whatever label you want to name the variable:
+
+```PowerShell
+$WDAVprefs = Get-MpPreference
+$WDAVprefs.ExclusionExtension
+$WDAVprefs.ExclusionPath
+```
+
+In the following example, the list is split into new lines for each use of the `Add-MpPreference` cmdlet:
+
+![PowerShell output showing only the entries in the exclusion list](images/defender/wdav-powershell-get-exclusions-variable.png)
+
+For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
+
+<a id="validate"></a>
+
+## Validate exclusions lists with the EICAR test file
+
+You can validate that your exclusion lists are working by using PowerShell with either the `Invoke-WebRequest` cmdlet or the .NET WebClient class to download a test file.
+
+In the following PowerShell snippet, replace *test.txt* with a file that conforms to your exclusion rules. For example, if you have excluded the `.testing` extension, replace `test.txt` with `test.testing`. If you are testing a path, ensure you run the cmdlet within that path.
+
+```PowerShell
+Invoke-WebRequest "http://www.eicar.org/download/eicar.com.txt" -OutFile "test.txt"
+```
+
+If Windows Defender Antivirus reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm the contents are the same as what is described on the [EICAR test file website](http://www.eicar.org/86-0-Intended-use.html).
+
+You can also use the following PowerShell code, which calls the .NET WebClient class to download the test file - as with the `Invoke-WebRequest` cmdlet; replace *c:\test.txt* with a file that conforms to the rule you are validating:
+
+```PowerShell
+$client = new-object System.Net.WebClient
+$client.DownloadFile("http://www.eicar.org/download/eicar.com.txt","c:\test.txt")
+```
+
+If you do not have Internet access, you can create your own EICAR test file by writing the EICAR string to a new text file with the following PowerShell command:
+
+```PowerShell
+[io.file]::WriteAllText("test.txt",'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*')
+```
+
+You can also copy the string into a blank text file and attempt to save it with the file name or in the folder you are attempting to exclude.
+
+## Related topics
+
+- [Configure and validate exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md)
+- [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md)
+- [Configure Windows Defender Antivirus exclusions on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
+- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..39f0cb02b4
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,130 @@
+---
+title: Configure and validate Windows Defender Antivirus network connections
+description: Configure and test your connection to the Windows Defender Antivirus cloud protection service.
+keywords: antivirus, windows defender antivirus, antimalware, security, defender, cloud, aggressiveness, protection level
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 10/08/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Configure and validate Windows Defender Antivirus network connections
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+To ensure Windows Defender Antivirus cloud-delivered protection works properly, you need to configure your network to allow connections between your endpoints and certain Microsoft servers.
+
+This article lists the connections that must be allowed, such as by using firewall rules, and provides instructions for validating your connection. Configuring your protection properly helps ensure that you receive the best value from your cloud-delivered protection services.
+
+See the blog post [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) for some details about network connectivity.
+
+>[!TIP]
+>You can also visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
+>
+>- Cloud-delivered protection
+>- Fast learning (including block at first sight)
+>- Potentially unwanted application blocking
+
+## Allow connections to the Windows Defender Antivirus cloud service
+
+The Windows Defender Antivirus cloud service provides fast, strong protection for your endpoints. Enabling the cloud-delivered protection service is optional, however it is highly recommended because it provides important protection against malware on your endpoints and across your network.
+
+>[!NOTE]
+>The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
+
+See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) for details on enabling the service with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
+
+After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
+
+Because your protection is a cloud service, computers must have access to the internet and reach the ATP machine learning services. Do not exclude the URL `*.blob.core.windows.net` from any kind of network inspection. The table below lists the services and their associated URLs. Make sure that there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL `*.blob.core.windows.net`). Below mention URLs are using port 443 for communication.
+
+
+| **Service**| **Description** |**URL** |
+| :--: | :-- | :-- |
+| Windows Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)|Used by Windows Defender Antivirus to provide cloud-delivered protection|`*.wdcp.microsoft.com` <br/> `*.wdcpalt.microsoft.com` <br/> `*.wd.microsoft.com`|
+| Microsoft Update Service (MU)|	Security intelligence and product updates	|`*.update.microsoft.com`|
+|Security intelligence updates Alternate Download Location (ADL)|	Alternate location for Windows Defender Antivirus Security intelligence updates if the installed Security intelligence is out of date (7 or more days behind)|	`*.download.microsoft.com`|
+| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission	| `ussus1eastprod.blob.core.windows.net` <br/>    `ussus1westprod.blob.core.windows.net` <br/>    `usseu1northprod.blob.core.windows.net` <br/>    `usseu1westprod.blob.core.windows.net` <br/>    `ussuk1southprod.blob.core.windows.net` <br/>    `ussuk1westprod.blob.core.windows.net` <br/>    `ussas1eastprod.blob.core.windows.net` <br/>    `ussas1southeastprod.blob.core.windows.net` <br/>    `ussau1eastprod.blob.core.windows.net` <br/>    `ussau1southeastprod.blob.core.windows.net` |
+| Certificate Revocation List (CRL)|Used by Windows when creating the SSL connection to MAPS for updating the CRL	| `https://www.microsoft.com/pkiops/crl/` <br/> `https://www.microsoft.com/pkiops/certs` <br/>   `https://crl.microsoft.com/pki/crl/products` <br/> `https://www.microsoft.com/pki/certs` |
+| Symbol Store|Used by Windows Defender Antivirus to restore certain critical files during remediation flows	| `https://msdl.microsoft.com/download/symbols` |
+| Universal Telemetry Client| Used by Windows to send client diagnostic data; Windows Defender Antivirus uses this for product quality monitoring purposes	| This update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints:   `vortex-win.data.microsoft.com` <br/>   `settings-win.data.microsoft.com`|
+
+## Validate connections between your network and the cloud
+
+After whitelisting the URLs listed above, you can test if you are connected to the Windows Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you are fully protected.
+
+**Use the cmdline tool to validate cloud-delivered protection:**
+
+Use the following argument with the Windows Defender Antivirus command-line utility (`mpcmdrun.exe`) to verify that your network can communicate with the Windows Defender Antivirus cloud service:
+
+```DOS
+"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -ValidateMapsConnection
+```
+
+> [!NOTE]
+> You need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. This command will only work on Windows 10, version 1703 or higher.
+
+For more information, see [Manage Windows Defender Antivirus with the mpcmdrun.exe commandline tool](command-line-arguments-windows-defender-antivirus.md).
+
+**Attempt to download a fake malware file from Microsoft:**
+
+You can download a sample file that Windows Defender Antivirus will detect and block if you are properly connected to the cloud.
+
+Download the file by visiting the following link:
+- https://aka.ms/ioavtest
+
+>[!NOTE]
+>This file is not an actual piece of malware. It is a fake file that is designed to test if you are properly connected to the cloud.
+
+If you are properly connected, you will see a warning Windows Defender Antivirus notification:
+
+![Windows Defender Antivirus notification informing the user that malware was found](images/defender/wdav-malware-detected.png)
+
+If you are using Microsoft Edge, you'll also see a notification message:
+
+![Microsoft Edge informing the user that malware was found](images/defender/wdav-bafs-edge.png)
+
+A similar message occurs if you are using Internet Explorer:
+
+![Windows Defender Antivirus notification informing the user that malware was found](images/defender/wdav-bafs-ie.png)
+
+You will also see a detection under **Quarantined threats** in the **Scan history** section in the Windows Security app:
+
+1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
+
+2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Scan history** label:
+
+    ![Screenshot of the Scan history label in the Windows Security app](images/defender/wdav-history-wdsc.png)
+
+3. Under the **Quarantined threats** section, click the **See full history** label to see the detected fake malware:
+
+    ![Screenshot of quarantined items in the Windows Security app](images/defender/wdav-quarantined-history-wdsc.png)
+
+>[!NOTE]
+>Versions of Windows 10 before version 1703 have a different user interface. See [Windows Defender Antivirus in the Windows Security app](windows-defender-security-center-antivirus.md).
+
+The Windows event log will also show [Windows Defender client event ID 2050](troubleshoot-windows-defender-antivirus.md).
+
+>[!IMPORTANT]
+>You will not be able to use a proxy auto-config (.pac) file to test network connections to these URLs. You will need to verify your proxy servers and any network filtering tools manually to ensure connectivity.
+
+## Related articles
+
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+
+- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)
+
+- [Run an Windows Defender Antivirus scan from the command line](command-line-arguments-windows-defender-antivirus.md) and [Command line arguments](command-line-arguments-windows-defender-antivirus.md)
+
+- [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..03afa1681f
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,106 @@
+---
+title: Configure Windows Defender Antivirus notifications
+description: Configure and customize Windows Defender Antivirus notifications.
+keywords: notifications, defender, antivirus, endpoint, management, admin
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 09/03/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Configure the notifications that appear on endpoints
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+In Windows 10, application notifications about malware detection and remediation are more robust, consistent, and concise.
+
+Notifications appear on endpoints when manually triggered and scheduled scans are completed and threats are detected. These notifications also appear in the **Notification Center**, and a summary of scans and threat detections appear at regular time intervals.
+
+You can also configure how standard notifications appear on endpoints, such as notifications for reboot or when a threat has been detected and remediated.
+
+## Configure the additional notifications that appear on endpoints
+
+You can configure the display of additional notifications, such as recent threat detection summaries, in the [Windows Security app](windows-defender-security-center-antivirus.md) and with Group Policy.
+
+> [!NOTE]
+> In Windows 10, version 1607 the feature was called **Enhanced notifications** and could be configured under **Windows Settings** > **Update & security** > **Windows Defender**. In Group Policy settings in all versions of Windows 10, it is called **Enhanced notifications**.
+
+> [!IMPORTANT]
+> Disabling additional notifications will not disable critical notifications, such as threat detection and remediation alerts.
+
+**Use the Windows Security app to disable additional notifications:**
+
+1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
+
+2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
+
+    ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
+
+3. Scroll to the **Notifications** section and click **Change notification settings**.
+
+4. Slide the switch to **Off** or **On** to disable or enable additional notifications.
+
+**Use Group Policy to disable additional notifications:**
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
+
+3. Click **Administrative templates**.
+
+4. Expand the tree to **Windows components > Windows Defender Antivirus > Reporting**.
+
+5. Double-click **Turn off enhanced notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
+
+## Configure standard notifications on endpoints
+
+You can use Group Policy to:
+
+- Display additional, customized text on endpoints when the user needs to perform an action
+- Hide all notifications on endpoints
+- Hide reboot notifications on endpoints
+
+Hiding notifications can be useful in situations where you can't hide the entire Windows Defender Antivirus interface. See [Prevent users from seeing or interacting with the Windows Defender Antivirus user interface](prevent-end-user-interaction-windows-defender-antivirus.md) for more information.
+
+> [!NOTE]
+> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Endpoint Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
+
+See [Customize the Windows Security app for your organization](../windows-defender-security-center/windows-defender-security-center.md) for instructions to add custom contact information to the notifications that users see on their machines.
+
+**Use Group Policy to hide notifications:**
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**. 
+
+4. Double-click **Suppress all notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
+
+**Use Group Policy to hide reboot notifications:**
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
+
+3. Click **Administrative templates**.
+
+4. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
+
+5. Double-click **Suppresses reboot notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
+
+## Related topics
+
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..79e9d90a7b
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,199 @@
+---
+title: Configure exclusions for files opened by specific processes
+description: You can exclude files from scans if they have been opened by a specific process.
+keywords: Windows Defender Antivirus, process, exclusion, files, scans
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 12/10/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Configure exclusions for files opened by processes
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+You can exclude files that have been opened by specific processes from Windows Defender Antivirus scans.
+
+This topic describes how to configure exclusion lists for the following:
+
+<a id="examples"></a>
+
+Exclusion | Example
+---|---
+Any file on the machine that is opened by any process with a specific file name | Specifying "test.exe" would exclude files opened by: <ul><li>c:\sample\test.exe</li><li>d:\internal\files\test.exe</li></ul>  
+Any file on the machine that is opened by any process under a specific folder | Specifying "c:\test\sample\\*" would exclude files opened by:<ul><li>c:\test\sample\test.exe</li><li>c:\test\sample\test2.exe</li><li>c:\test\sample\utility.exe</li></ul> 
+Any file on the machine that is opened by a specific process in a specific folder | Specifying "c:\test\process.exe" would exclude files only opened by c:\test\process.exe
+
+When you add a process to the process exclusion list, Windows Defender Antivirus won't scan files opened by that process, no matter where the files are located. The process itself, however, will be scanned unless it has also been added to the [file exclusion list](configure-extension-file-exclusions-windows-defender-antivirus.md).
+
+The exclusions only apply to [always-on real-time protection and monitoring](configure-real-time-protection-windows-defender-antivirus.md). They don't apply to scheduled or on-demand scans.
+
+Changes made with Group Policy to the exclusion lists **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions). However, changes made in the Windows Security app **will not show** in the Group Policy lists.
+
+You can add, remove, and review the lists for exclusions in [Group Policy](#gp), [Microsoft Endpoint Configuration Manager, Microsoft Intune, and with the Windows Security app](#man-tools), and you can [use wildcards](#wildcards) to further customize the lists.
+
+You can also [use PowerShell cmdlets and WMI to configure the exclusion lists](#ps), including [reviewing](#review) your lists.
+
+By default, local changes made to the lists (by users with administrator privileges; this includes changes made with PowerShell and WMI) will be merged with the lists as defined (and deployed) by Group Policy, Configuration Manager, or Intune. The Group Policy lists will take precedence in the case of conflicts.
+
+You can [configure how locally and globally defined exclusions lists are merged](configure-local-policy-overrides-windows-defender-antivirus.md#merge-lists) to allow local changes to override managed deployment settings.
+
+## Configure the list of exclusions for files opened by specified processes
+
+<a id="gp"></a>
+
+### Use Microsoft Intune to exclude files that have been opened by specified processes from scans
+
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
+
+### Use Microsoft Endpoint Configuration Manager to exclude files that have been opened by specified processes from scans
+
+See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+
+### Use Group Policy to exclude files that have been opened by specified processes from scans
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
+
+4. Double-click **Process Exclusions** and add the exclusions:
+
+    1. Set the option to **Enabled**.
+    2. Under the **Options** section, click **Show...**.
+    3. Enter each process on its own line under the **Value name** column. See the [example table](#examples) for the different types of process exclusions.  Enter **0** in the **Value** column for all processes.
+
+5. Click **OK**.
+
+![The Group Policy setting for specifying process exclusions](images/defender/wdav-process-exclusions.png)
+
+<a id="ps"></a>
+
+### Use PowerShell cmdlets to exclude files that have been opened by specified processes from scans
+
+Using PowerShell to add or remove exclusions for files that have been opened by processes requires using a combination of three cmdlets with the `-ExclusionProcess` parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender).
+
+The format for the cmdlets is:
+
+```PowerShell
+<cmdlet> -ExclusionProcess "<item>"
+```
+
+The following are allowed as the \<cmdlet>:
+
+Configuration action | PowerShell cmdlet
+---|---
+Create or overwrite the list | `Set-MpPreference`
+Add to the list | `Add-MpPreference`
+Remove items from the list | `Remove-MpPreference`
+
+>[!IMPORTANT]
+>If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
+
+For example, the following code snippet would cause Windows Defender AV scans to exclude any file that is opened by the specified process:
+
+```PowerShell
+Add-MpPreference -ExclusionProcess "c:\internal\test.exe"
+```
+
+See [Manage antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-Windows Defender Antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
+
+### Use Windows Management Instruction (WMI) to exclude files that have been opened by specified processes from scans
+
+Use the [**Set**, **Add**, and **Remove** methods of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class for the following properties:
+
+```WMI
+ExclusionProcess
+```
+
+The use of **Set**, **Add**, and **Remove** is analogous to their counterparts in PowerShell: `Set-MpPreference`, `Add-MpPreference`, and `Remove-MpPreference`.
+
+See the following for more information and allowed parameters:
+
+- [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx)
+
+<a id="man-tools"></a>
+
+### Use the Windows Security app to exclude files that have been opened by specified processes from scans
+
+See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
+
+<a id="wildcards"></a>
+
+## Use wildcards in the process exclusion list
+
+The use of wildcards in the process exclusion list is different from their use in other exclusion lists.
+
+In particular, you cannot use the question mark ? wildcard, and the asterisk \* wildcard can only be used at the end of a complete path. You can still use environment variables (such as %ALLUSERSPROFILE%) as wildcards when defining items in the process exclusion list.
+
+The following table describes how the wildcards can be used in the process exclusion list:
+
+Wildcard | Use | Example use | Example matches
+---|---|---|---
+\* (asterisk) | Replaces any number of characters | <ul><li>C:\MyData\\*</li></ul> | <ul><li>Any file opened by C:\MyData\file.exe</li></ul>
+? (question mark) | Not available | \- | \-
+Environment variables | The defined variable will be populated as a path when the exclusion is evaluated |  <ul><li>%ALLUSERSPROFILE%\CustomLogFiles\file.exe</li></ul> | <ul><li>Any file opened by C:\ProgramData\CustomLogFiles\file.exe</li></ul>
+
+<a id="review"></a>
+
+## Review the list of exclusions
+
+You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
+
+If you use PowerShell, you can retrieve the list in two ways:
+
+- Retrieve the status of all Windows Defender Antivirus preferences. Each of the lists will be displayed on separate lines, but the items within each list will be combined into the same line.
+- Write the status of all preferences to a variable, and use that variable to only call the specific list you are interested in. Each use of `Add-MpPreference` is written to a new line.
+
+### Validate the exclusion list by using MpCmdRun
+
+To check exclusions with the dedicated [command-line tool mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus?branch=v-anbic-wdav-new-mpcmdrun-options), use the following command:
+
+```DOS
+MpCmdRun.exe -CheckExclusion -path <path>
+```
+
+>[!NOTE]
+>Checking exclusions with MpCmdRun requires Windows Defender Antivirus CAMP version 4.18.1812.3 (released in December 2018) or later.
+
+
+### Review the list of exclusions alongside all other Windows Defender Antivirus preferences by using PowerShell
+
+Use the following cmdlet:
+
+```PowerShell
+Get-MpPreference
+```
+
+See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
+
+### Retrieve a specific exclusions list by using PowerShell
+
+Use the following code snippet (enter each line as a separate command); replace **WDAVprefs** with whatever label you want to name the variable:
+
+```PowerShell
+$WDAVprefs = Get-MpPreference
+$WDAVprefs.ExclusionProcess
+```
+
+See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
+
+## Related articles
+
+- [Configure and validate exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md)
+- [Configure and validate exclusions based on file name, extension, and folder location](configure-extension-file-exclusions-windows-defender-antivirus.md)
+- [Configure Windows Defender Antivirus exclusions on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
+- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..7b22fa2f60
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,72 @@
+---
+title: Remediate and resolve infections detected by Windows Defender Antivirus
+description: Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
+keywords: remediation, fix, remove, threats, quarantine, scan, restore
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 09/03/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Configure remediation for Windows Defender Antivirus scans
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
+
+This topic describes how to configure these settings with Group Policy, but you can also use [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+
+You can also use the [`Set-MpPreference` PowerShell cmdlet](https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference) or [`MSFT_MpPreference` WMI class](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx) to configure these settings.
+
+## Configure remediation options
+
+You can configure how remediation works with the Group Policy settings described in this section.
+
+To configure these settings:
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
+
+4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
+
+Location | Setting | Description | Default setting (if not configured)
+---|---|---|---
+Scan | Create a system restore point | A system restore point will be created each day before cleaning or scanning is attempted | Disabled
+Scan | Turn on removal of items from scan history folder | Specify how many days items should be kept in the scan history | 30 days
+Root | Turn off routine remediation | You can specify whether Windows Defender Antivirus automatically remediates threats, or if it should ask the endpoint user what to do. | Disabled (threats are remediated automatically)
+Quarantine | Configure removal of items from Quarantine folder | Specify how many days items should be kept in quarantine before being removed | Never removed
+Threats | Specify threat alert levels at which default action should not be taken when detected | Every threat that is detected by Windows Defender Antivirus is assigned a threat level (low, medium, high, or severe). You can use this setting to define how all threats for each of the threat levels should be remediated (quarantined, removed, or ignored) | Not applicable
+Threats | Specify threats upon which default action should not be taken when detected | Specify how specific threats (using their threat ID) should be remediated. You can specify whether the specific threat should be quarantined, removed, or ignored | Not applicable
+
+> [!IMPORTANT]
+> Windows Defender Antivirus detects and remediates files based on many factors. Sometimes, completing a remediation requires a reboot. Even if the detection is later determined to be a false positive, the reboot must be completed to ensure all additional remediation steps have been completed.
+> </p>
+> If you are certain Windows Defender Antivirus quarantined a file based on a false positive, you can restore the file from quarantine after the device reboots. See [Restore quarantined files in Windows Defender Antivirus](restore-quarantined-files-windows-defender-antivirus.md).
+> </p>
+> To avoid this problem in the future, you can exclude files from the scans. See [Configure and validate exclusions for Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md).
+
+Also see [Configure remediation-required scheduled full Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md#remed) for more remediation-related settings.
+
+## Related topics
+
+- [Configure Windows Defender Antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md)
+- [Configure scheduled Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
+- [Configure and run on-demand Windows Defender Antivirus scans](run-scan-windows-defender-antivirus.md)
+- [Configure the notifications that appear on endpoints](configure-notifications-windows-defender-antivirus.md)
+- [Configure end-user Windows Defender Antivirus interaction](configure-end-user-interaction-windows-defender-antivirus.md)
+- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md
new file mode 100644
index 0000000000..3532148261
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md	
@@ -0,0 +1,49 @@
+---
+title: Configure Windows Defender Antivirus features
+description: You can configure Windows Defender Antivirus features with Intune, Microsoft Endpoint Configuration Manager, Group Policy, and PowerShell.
+keywords: Windows Defender Antivirus, antimalware, security, defender, configure, configuration, Config Manager, Microsoft Endpoint Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 09/03/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Configure Windows Defender Antivirus features
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+You can configure Windows Defender Antivirus with a number of tools, including:
+
+- Microsoft Intune
+- Microsoft Endpoint Configuration Manager
+- Group Policy
+- PowerShell cmdlets
+- Windows Management Instrumentation (WMI)
+
+The following broad categories of features can be configured:
+
+- Cloud-delivered protection
+- Always-on real-time protection, including behavioral, heuristic, and machine-learning-based protection
+- How end-users interact with the client on individual endpoints
+
+The topics in this section describe how to perform key tasks when configuring Windows Defender Antivirus. Each topic includes instructions for the applicable configuration tool (or tools).
+
+You can also review the [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) topic for an overview of each tool and links to further help.
+
+## In this section
+Topic | Description
+:---|:---
+[Utilize Microsoft cloud-provided Windows Defender Antivirus protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) | Cloud-delivered protection provides an advanced level of fast, robust antivirus detection
+[Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)|Enable behavior-based, heuristic, and real-time antivirus protection
+[Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)|Configure how end-users interact with Windows Defender Antivirus, what notifications they see, and whether they can override settings
diff --git a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..b0b2030e32
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,37 @@
+---
+title: Run and customize scheduled and on-demand scans
+description: Customize and initiate Windows Defender Antivirus scans on endpoints across your network.
+keywords: scan, schedule, customize, exclusions, exclude files, remediation, scan results, quarantine, remove threat, quick scan, full scan, Windows Defender Antivirus
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 09/03/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Windows Defender Antivirus scans.
+
+## In this section
+
+Topic | Description
+---|---
+[Configure and validate file, folder, and process-opened file exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
+[Configure Windows Defender Antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md) | You can configure Windows Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
+[Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) | Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
+[Configure scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
+[Configure and run scans](run-scan-windows-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
+[Review scan results](review-scan-results-windows-defender-antivirus.md) | Review the results of scans using  Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..295d507e65
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,85 @@
+---
+title: Deploy, manage, and report on Windows Defender Antivirus
+description: You can deploy and manage Windows Defender Antivirus with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, or WMI
+keywords: deploy, manage, update, protection, windows defender antivirus
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 09/03/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Deploy, manage, and report on Windows Defender Antivirus
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+You can deploy, manage, and report on Windows Defender Antivirus in a number of ways.
+
+Because the Windows Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
+
+However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
+
+You'll also see additional links for:
+
+- Managing Windows Defender Antivirus protection, including managing product and protection updates
+- Reporting on Windows Defender Antivirus protection
+
+> [!IMPORTANT]
+> In most cases, Windows 10 will disable Windows Defender Antivirus if it finds another antivirus product that is running and up-to-date. You must disable or uninstall third-party antivirus products before Windows Defender Antivirus will function. If you re-enable or install third-party antivirus products, then Windows 10 automatically disables Windows Defender Antivirus.
+
+Tool|Deployment options (<a href="#fn2" id="ref2">2</a>)|Management options (network-wide configuration and policy or baseline deployment) ([3](#fn3))|Reporting options  
+---|---|---|---  
+Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management)  
+Microsoft Endpoint Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
+Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
+PowerShell|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
+Windows Management Instrumentation|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
+Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
+
+1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
+  
+2.	<span id="fn2" />In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date ([except on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)). Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers. [(Return to table)](#ref2)
+
+3. <span id="fn3" />Configuration of features and protection, including configuring product and protection updates, are further described in the [Configure Windows Defender Antivirus features](configure-notifications-windows-defender-antivirus.md) section in this library. [(Return to table)](#ref2)
+
+[Endpoint Protection point site system role]: https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-site-role
+[default and customized antimalware policies]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies
+[client management]:  https://docs.microsoft.com/sccm/core/clients/manage/manage-clients
+[enable Endpoint Protection with custom client settings]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-configure-client
+[Configuration Manager Monitoring workspace]:  https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection 
+[email alerts]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts
+[Deploy the Microsoft Intune client to endpoints]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune
+[custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection
+ [custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection 
+[manage tasks]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#choose-management-tasks-for-endpoint-protection
+[Monitor endpoint protection in the Microsoft Intune administration console]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#monitor-endpoint-protection
+[Set method of the MSFT_MpPreference class]:  https://msdn.microsoft.com/library/dn439474 
+[Update method of the MSFT_MpSignature class]:  https://msdn.microsoft.com/library/dn439474
+[MSFT_MpComputerStatus]:  https://msdn.microsoft.com/library/dn455321 
+[Windows Defender WMIv2 Provider]: https://msdn.microsoft.com/library/dn439477
+[Set-MpPreference]:  https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference.md
+[Update-MpSignature]: https://technet.microsoft.com/itpro/powershell/windows/defender/update-mpsignature
+[Get- cmdlets available in the Defender module]: https://technet.microsoft.com/itpro/powershell/windows/defender/index
+[Configure update options for Windows Defender Antivirus]: manage-updates-baselines-windows-defender-antivirus.md
+[Configure Windows Defender features]: configure-windows-defender-antivirus-features.md
+[Group Policies to determine if any settings or policies are not applied]: https://technet.microsoft.com/library/cc771389.aspx
+[Possibly infected devices]: https://docs.microsoft.com/azure/active-directory/active-directory-reporting-sign-ins-from-possibly-infected-devices
+[Windows Defender Antivirus events]: troubleshoot-windows-defender-antivirus.md
+
+## In this section
+
+Topic | Description
+---|---
+[Deploy and enable Windows Defender Antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with Microsoft Endpoint Configuration Manager, Microsoft Intune, or Group Policy Objects.
+[Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating Security intelligence (protection updates). You can update Security intelligence in a number of ways, using Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, and WMI.
+[Monitor and report on Windows Defender Antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use Microsoft Intune, Microsoft Endpoint Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..6f8dd3363b
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,38 @@
+---
+title: Deploy and enable Windows Defender Antivirus 
+description: Deploy Windows Defender Antivirus for protection of your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or WMI.
+keywords: deploy, enable, Windows Defender Antivirus
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+ms.date: 09/03/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Deploy and enable Windows Defender Antivirus
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Depending on the management tool you are using, you may need to specifically enable or configure Windows Defender Antivirus protection.
+
+See the table in [Deploy, manage, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md#ref2) for instructions on how to enable protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management Instruction (WMI).
+
+Some scenarios require additional guidance on how to successfully deploy or configure Windows Defender Antivirus protection, such as Virtual Desktop Infrastructure (VDI) environments.
+
+The remaining topic in this section provides end-to-end advice and best practices for [setting up Windows Defender Antivirus on virtual machines (VMs) in a VDI or Remote Desktop Services (RDS) environment](deployment-vdi-windows-defender-antivirus.md).
+
+## Related topics
+
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Deploy, manage updates, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md)
+- [Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..43e244ba36
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,149 @@
+---
+title: Block potentially unwanted applications with Windows Defender Antivirus
+description: Enable the potentially unwanted application (PUA) antivirus feature to block unwanted software such as adware.
+keywords: pua, enable, unwanted software, unwanted apps, adware, browser toolbar, detect, block, Windows Defender Antivirus
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: detect
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.custom: nextgen
+audience: ITPro
+ms.date: 10/02/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Detect and block potentially unwanted applications
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge)
+
+Potentially unwanted applications are not considered viruses, malware, or other types of threats, but they might perform actions on endpoints which adversely affect endpoint performance or use. _PUA_ can also refer to an application that has a poor reputation, as assessed by Microsoft Defender ATP, due to certain kinds of undesirable behavior.
+
+For example:
+
+* **Advertising software:** Software that displays advertisements or promotions, including software that inserts advertisements to webpages.
+* **Bundling software:** Software that offers to install other software that is not digitally signed by the same entity. Also, software that offers to install other software that qualify as PUA.
+* **Evasion software:** Software that actively tries to evade detection by security products, including software that behaves differently in the presence of security products.
+
+For more examples and a discussion of the criteria we use to label applications for special attention from security features, see [How Microsoft identifies malware and potentially unwanted applications](../intelligence/criteria.md).
+
+Potentially unwanted applications can increase the risk of your network being infected with actual malware, make malware infections harder to identify, or waste IT resources in cleaning them up.
+
+## How it works
+
+### Microsoft Edge
+
+The next major version of Microsoft Edge, which is Chromium-based, blocks potentially unwanted application downloads and associated resource URLs. This feature is provided via [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md).
+
+#### Enable PUA protection in Chromium-based Microsoft Edge
+
+Although potentially unwanted application protection in Microsoft Edge (Chromium-based) is off by default, it can easily be turned on from within the browser.
+
+1. From the tool bar, select **Settings and more** > **Settings**
+1. Select **Privacy and services**
+1. Under the **Services** section, you can toggle **Potentially unwanted app blocking** on or off
+
+> [!TIP]
+> If you are running Microsoft Edge (Chromium-based), you can safely explore the URL-blocking feature of PUA protection by testing it out on one of our Windows Defender SmartScreen [demo pages](https://demo.smartscreen.msft.net/).
+
+#### Blocking URLs with Windows Defender SmartScreen
+
+In Chromium-based Edge with PUA protection turned on, Windows Defender SmartScreen will protect you from PUA-associated URLs.
+
+Admins can  [configure](https://docs.microsoft.com/DeployEdge/configure-microsoft-edge) how Microsoft Edge and Windows Defender SmartScreen work together to protect groups of users from PUA-associated URLs. There are several group policy [settings](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreen-settings) explicitly for Windows
+Defender SmartScreen available, including [one for blocking PUA](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreenpuaenabled). In addition, admins can
+[configure Windows Defender SmartScreen](https://docs.microsoft.com/microsoft-edge/deploy/available-policies?source=docs#configure-windows-defender-smartscreen) as a whole, using group policy settings to turn Windows Defender SmartScreen on or off.
+
+Although Microsoft Defender ATP has its own block list, based upon a data set managed by Microsoft, you can customize this list based on your own threat intelligence. If you [create and manage indicators](../microsoft-defender-atp/manage-indicators.md#create-indicators-for-ips-and-urlsdomains-preview) in the Microsoft Defender ATP portal, Windows Defender SmartScreen will respect the new settings.
+
+### Windows Defender Antivirus
+
+The potentially unwanted application (PUA) protection feature in Windows Defender Antivirus can detect and block PUAs on endpoints in your network.
+
+> [!NOTE]
+> This feature is only available in Windows 10.
+
+Windows Defender Antivirus blocks detected PUA files, and any attempts to download, move, run, or install them. Blocked PUA files are then moved to quarantine.
+
+When a PUA is detected on an endpoint, Windows Defender Antivirus sends a notification to the user ([unless notifications have been disabled](configure-notifications-windows-defender-antivirus.md)) in the same format as other threat detections. The notification will be prefaced with _PUA:_ to indicate its content.
+
+The notification will appear in the usual [quarantine list within the Windows Security app](windows-defender-security-center-antivirus.md#detection-history).
+
+#### Configure PUA protection in Windows Defender Antivirus
+
+You can enable PUA protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, or via PowerShell cmdlets.
+
+You can also use the PUA audit mode to detect PUAs without blocking them. The detections will be captured in the Windows event log.
+
+> [!TIP]
+> You can visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com/Page/UrlRep) to confirm that the feature is working, and see it in action.
+
+PUA audit mode is useful if your company is conducting an internal software security compliance check and you'd like to avoid any false positives.
+
+##### Use Intune to configure PUA protection
+
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
+
+##### Use Configuration Manager to configure PUA protection
+
+PUA protection is enabled by default in the Microsoft Endpoint Configuration Manager (Current Branch), starting with  version 1606.
+
+See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring Microsoft Endpoint Configuration Manager (Current Branch).
+
+For Configuration Manager 2012, see [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA).
+
+> [!NOTE]
+> PUA events blocked by Windows Defender Antivirus are reported in the Windows Event Viewer and not in Microsoft Endpoint Configuration Manager.
+
+##### Use Group Policy to configure PUA protection
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and select **Edit**.
+
+2. In the **Group Policy Management Editor**, go to **Computer configuration** and select **Administrative templates**.
+
+3. Expand the tree to **Windows components > Windows Defender Antivirus**.
+
+4. Double-click **Configure protection for potentially unwanted applications**.
+
+5. Select **Enabled** to enable PUA protection.
+
+6. In **Options**, select **Block** to block potentially unwanted applications, or select **Audit Mode** to test how the setting will work in your environment. Select **OK**.
+
+##### Use PowerShell cmdlets to configure PUA protection
+
+Use the following cmdlet:
+
+```PowerShell
+Set-MpPreference -PUAProtection
+```
+
+Setting the value for this cmdlet to `Enabled` will turn the feature on if it has been disabled.
+
+Setting `AuditMode` will detect PUAs without blocking them.
+
+See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
+
+#### View PUA events
+
+PUA events are reported in the Windows Event Viewer, but not in Microsoft Endpoint Configuration Manager or in Intune.
+
+You can turn on email notifications to receive mail about PUA detections.
+
+See [Troubleshoot event IDs](troubleshoot-windows-defender-antivirus.md) for details on viewing Windows Defender Antivirus events. PUA events are recorded under event ID **1160**.
+
+#### Allow-listing apps
+
+Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be allow-listed. See [How to Configure Endpoint Protection in Configuration Manager](https://docs.microsoft.com/previous-versions/system-center/system-center-2012-R2/hh508770(v=technet.10)#to-exclude-specific-files-or-folders) for information on allowing files which are currently blocked by PUA protection in Windows Defender Antivirus.
+
+## Related articles
+
+- [Next-generation protection](windows-defender-antivirus-in-windows-10.md)
+- [Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md
new file mode 100644
index 0000000000..6d7e496eec
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md	
@@ -0,0 +1,143 @@
+---
+title: Enable cloud-delivered protection in Windows Defender Antivirus
+description: Enable cloud-delivered protection to benefit from fast and advanced protection features.
+keywords: windows defender antivirus, antimalware, security, cloud, block at first sight
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: denisebmsft
+ms.author: deniseb
+ms.reviewer: 
+manager: dansimp
+ms.custom: nextgen
+---
+
+# Enable cloud-delivered protection
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+>[!NOTE]
+>The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
+
+Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
+![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
+
+You can enable or disable Windows Defender Antivirus cloud-delivered protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
+
+See [Use Microsoft cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for an overview of Windows Defender Antivirus cloud-delivered protection.
+
+There are specific network-connectivity requirements to ensure your endpoints can connect to the cloud-delivered protection service. See [Configure and validate network connections](configure-network-connections-windows-defender-antivirus.md) for more details.
+
+>[!NOTE]
+>In Windows 10, there is no difference between the **Basic** and **Advanced** options described in this topic. This is a legacy distinction and choosing either setting will result in the same level of cloud-delivered protection. There is no difference in the type or amount of information that is shared. See the [Microsoft Privacy Statement](https://go.microsoft.com/fwlink/?linkid=521839) for more information on what we collect.
+
+**Use Intune to enable cloud-delivered protection**
+
+1. Sign in to the [Azure portal](https://portal.azure.com).
+2. Select **All services > Intune**.
+3. In the **Intune** pane, select **Device configuration > Profiles**, and then select the **Device restrictions** profile type you want to configure. If you haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+4. Select **Properties**, select **Settings: Configure**, and then select **Windows Defender Antivirus**.
+5. On the **Cloud-delivered protection** switch, select **Enable**.
+6. In the **Prompt users before sample submission** dropdown, select **Send all data without prompting**. 
+7. In the **Submit samples consent** dropdown, select one of the following:
+
+    - **Send safe samples automatically**
+    - **Send all samples automatically**
+
+        >[!NOTE]
+        >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
+
+        > [!WARNING]
+        > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
+
+8. Click **OK** to exit the **Windows Defender Antivirus** settings pane, click **OK** to exit the **Device restrictions** pane, and then click **Save** to save the changes to your **Device restrictions** profile.
+
+For more information about Intune device profiles, including how to create and configure their settings, see [What are Microsoft Intune device profiles?](https://docs.microsoft.com/intune/device-profiles)
+
+**Use Configuration Manager to enable cloud-delivered protection:**
+
+See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+
+**Use Group Policy to enable cloud-delivered protection:**
+
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
+
+3. Click **Administrative templates**.
+
+4. Expand the tree to **Windows components > Windows Defender Antivirus > MAPS**
+
+5. Double-click **Join Microsoft MAPS** and ensure the option is enabled and set to **Basic MAPS** or **Advanced MAPS**. Click **OK**.
+
+6. Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either of the following:
+
+    1. **Send safe samples** (1)
+    2. **Send all samples** (3)
+
+        >[!NOTE]
+        >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
+
+        > [!WARNING]
+        > Setting to 0 (Always Prompt) will lower the protection state of the device. Setting to 2 (Never send) means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
+
+7. Click **OK**.
+
+**Use PowerShell cmdlets to enable cloud-delivered protection:**
+
+Use the following cmdlets to enable cloud-delivered protection:
+
+```PowerShell
+Set-MpPreference -MAPSReporting Advanced
+Set-MpPreference -SubmitSamplesConsent AlwaysPrompt
+```
+
+>[!NOTE]
+>You can also set -SubmitSamplesConsent to `None`. Setting it to `Never` will lower the protection state of the device, and setting it to 2 means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
+
+See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md)  and [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
+
+**Use Windows Management Instruction (WMI) to enable cloud-delivered protection:**
+
+Use the [**Set** method of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn439474(v=vs.85).aspx) class for the following properties:
+
+```WMI
+MAPSReporting 
+SubmitSamplesConsent
+```
+
+See the following for more information and allowed parameters:
+- [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx)
+
+**Enable cloud-delivered protection on individual clients with the Windows Security app**
+
+> [!NOTE]
+> If the **Configure local setting override for reporting Microsoft MAPS** Group Policy setting is set to **Disabled**, then the **Cloud-based protection** setting in Windows Settings will be greyed-out and unavailable. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
+
+1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
+
+2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
+
+    ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
+
+3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
+
+>[!NOTE]
+>If automatic sample submission has been configured with Group Policy then the setting will be greyed-out and unavailable.
+
+## Related topics
+
+- [Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md)
+- [Configure block at first sight](configure-block-at-first-sight-windows-defender-antivirus.md)
+- [Use PowerShell cmdlets to manage Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md)
+- [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)]
+- [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx)
+- [Utilize Microsoft cloud-delivered protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
+- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
+- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From d239a9a2977246a7c86e54749ae92d59bb4ac6c2 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 26 Dec 2019 13:20:04 -0800
Subject: [PATCH 015/247] thirty files for system center rebranding to msft
 endpoint

---
 .../configure-endpoints.md                     |  6 +++---
 .../configure-server-endpoints.md              |  2 +-
 .../controlled-folders.md                      |  2 +-
 .../enable-attack-surface-reduction.md         |  4 ++--
 .../enable-controlled-folders.md               |  4 ++--
 .../enable-exploit-protection.md               |  6 +++---
 .../enable-network-protection.md               |  4 ++--
 .../evaluate-controlled-folder-access.md       |  2 +-
 .../microsoft-defender-atp/management-apis.md  |  2 +-
 .../minimum-requirements.md                    |  2 +-
 .../next-gen-threat-and-vuln-mgt.md            |  6 +++---
 .../offboard-machines.md                       |  2 +-
 .../threat-and-vuln-mgt-scenarios.md           |  2 +-
 .../troubleshoot-onboarding.md                 | 10 +++++-----
 .../tvm-dashboard-insights.md                  |  2 +-
 .../microsoft-defender-atp/tvm-remediation.md  |  2 +-
 .../tvm-security-recommendation.md             |  4 ++--
 ...g-the-health-of-windows-10-based-devices.md |  2 +-
 ...ent-reference-windows-defender-antivirus.md |  4 ++--
 ...ed-scan-types-windows-defender-antivirus.md |  2 +-
 ...t-first-sight-windows-defender-antivirus.md |  2 +-
 ...le-exclusions-windows-defender-antivirus.md |  4 ++--
 ...k-connections-windows-defender-antivirus.md |  2 +-
 ...notifications-windows-defender-antivirus.md |  2 +-
 ...le-exclusions-windows-defender-antivirus.md |  8 ++++----
 ...e-remediation-windows-defender-antivirus.md |  2 +-
 ...gure-windows-defender-antivirus-features.md |  6 +++---
 ...mediate-scans-windows-defender-antivirus.md |  2 +-
 ...manage-report-windows-defender-antivirus.md | 18 +++++++++---------
 .../deploy-windows-defender-antivirus.md       |  4 ++--
 30 files changed, 60 insertions(+), 60 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
index bff2f62710..8c9156855a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
@@ -1,7 +1,7 @@
 ---
 title: Onboarding tools and methods for Windows 10 machines
 description: Onboard Windows 10 machines so that they can send sensor data to the Microsoft Defender ATP sensor
-keywords: Onboard Windows 10 machines, group policy, system center configuration manager, mobile device management, local script, gp, sccm, mdm, intune
+keywords: Onboard Windows 10 machines, group policy, endpoint configuration manager, mobile device management, local script, gp, sccm, mdm, intune
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
@@ -31,7 +31,7 @@ Machines in your organization must be configured so that the Microsoft Defender
 The following deployment tools and methods are supported:
 
 - Group Policy
-- System Center Configuration Manager
+- Microsoft Endpoint Configuration Manager
 - Mobile Device Management (including Microsoft Intune)
 - Local script
 
@@ -39,7 +39,7 @@ The following deployment tools and methods are supported:
 Topic | Description
 :---|:---
 [Onboard Windows 10 machines using Group Policy](configure-endpoints-gp.md) | Use Group Policy to deploy the configuration package on machines.
-[Onboard Windows 10 machines using System Center Configuration Manager](configure-endpoints-sccm.md) | You can use either use System Center Configuration Manager (current branch) version 1606 or System Center Configuration Manager(current branch) version 1602 or earlier to deploy the configuration package on machines.
+[Onboard Windows 10 machines using Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) | You can use either use Microsoft Endpoint Configuration Manager (current branch) version 1606 or Microsoft Endpoint Configuration Manager (current branch) version 1602 or earlier to deploy the configuration package on machines.
 [Onboard Windows 10 machines using Mobile Device Management tools](configure-endpoints-mdm.md) | Use Mobile Device Management tools or Microsoft Intune to deploy the configuration package on machine.
 [Onboard Windows 10 machines using a local script](configure-endpoints-script.md) | Learn how to use the local script to deploy the configuration package on endpoints.
 [Onboard non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi.md) | Learn how to use the configuration package to configure VDI machines.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
index 08b54bfbe4..a7ba0b85ef 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
@@ -129,7 +129,7 @@ Once completed, you should see onboarded servers in the portal within an hour.
 To onboard Windows Server, version 1803 or Windows Server 2019, please refer to the supported methods and versions below.
 
 > [!NOTE]
-> The Onboarding package for Windows Server 2019 through System Center Configuration Manager currently ships a script. For more information on how to deploy scripts in System Center Configuration Manager, see [Packages and programs in Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/packages-and-programs).
+> The Onboarding package for Windows Server 2019 through Microsoft Endpoint Configuration Manager currently ships a script. For more information on how to deploy scripts in Microsoft Endpoint Configuration Manager, see [Packages and programs in Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/packages-and-programs).
 
 Supported tools include:
 - Local script
diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
index b751dd036f..2575fc6499 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
@@ -25,7 +25,7 @@ ms.custom: asr
 
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. It protects your data by checking against a list of known, trusted apps. Controlled folder access is supported on Windows Server 2019 as well as Windows 10 clients. It can be turned on via the Windows Security App, or from the System Center Configuration Manager (SCCM) and Intune, for managed devices. Controlled folder access works best with [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into controlled folder access events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
+Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. It protects your data by checking against a list of known, trusted apps. Controlled folder access is supported on Windows Server 2019 as well as Windows 10 clients. It can be turned on via the Windows Security App, or from the Microsoft Endpoint Configuration Manager and Intune, for managed devices. Controlled folder access works best with [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into controlled folder access events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
 
 Controlled folder access works by only allowing apps to access protected folders if the app is included on a list of trusted software. If an app isn't on the list, Controlled folder access will block it from making changes to files inside protected folders.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 80c8e25156..74618f9e83 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -33,7 +33,7 @@ You can enable attack surface reduction rules by using any of these methods:
 
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [System Center Configuration Manager (SCCM)](#sccm)
+* [Microsoft Endpoint Configuration Manager](#sccm)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
@@ -101,7 +101,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 
 ## SCCM
 
-1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
+1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 1. Click **Home** > **Create Exploit Guard Policy**.
 1. Enter a name and a description, click **Attack Surface Reduction**, and click **Next**.
 1. Choose which rules will block or audit actions and click **Next**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 40cbdce038..fa3b8c47bf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -30,7 +30,7 @@ You can enable controlled folder access by using any of these methods:
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [System Center Configuration Manager (SCCM)](#sccm)
+* [Microsoft Endpoint Configuration Manager](#sccm)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
@@ -80,7 +80,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
 
 ## SCCM
 
-1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
+1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 2. Click **Home** > **Create Exploit Guard Policy**.
 3. Enter a name and a description, click **Controlled folder access**, and click **Next**.
 4. Choose whether block or audit changes, allow other apps, or add other folders, and click **Next**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 0f325b3497..5c0bfb97a3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -34,7 +34,7 @@ You can enable each mitigation separately by using any of these methods:
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [System Center Configuration Manager (SCCM)](#sccm)
+* [Microsoft Endpoint Configuration Manager](#sccm)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
@@ -128,9 +128,9 @@ CFG will be enabled for *miles.exe*.
 
 Use the [./Vendor/MSFT/Policy/Config/ExploitGuard/ExploitProtectionSettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-exploitguard) configuration service provider (CSP) to enable or disable exploit protection mitigations or to use audit mode.
 
-## SCCM
+## Microsoft Endpoint Configuration Manager
 
-1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
+1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 1. Click **Home** > **Create Exploit Guard Policy**.
 1. Enter a name and a description, click **Exploit protection**, and click **Next**.
 1. Browse to the location of the exploit protection XML file and click **Next**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
index 7f23be0e27..bea514cd5c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
@@ -30,7 +30,7 @@ You can enable network protection by using any of these methods:
 
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [System Center Configuration Manager (SCCM)](#sccm)
+* [Microsoft Endpoint Configuration Manager](#sccm)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
@@ -51,7 +51,7 @@ Use the [./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection](https://d
 
 ## SCCM
 
-1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
+1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 1. Click **Home** > **Create Exploit Guard Policy**.
 1. Enter a name and a description, click **Network protection**, and click **Next**.
 1. Choose whether to block or audit access to suspicious domains and click **Next**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
index 5f8fc8a0da..da28a46770 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
@@ -46,7 +46,7 @@ Set-MpPreference -EnableControlledFolderAccess AuditMode
 
 > [!TIP]
 > If you want to fully audit how controlled folder access will work in your organization, you'll need to use a management tool to deploy this setting to machines in your network(s).
-You can also use Group Policy, Intune, MDM, or System Center Configuration Manager to configure and deploy the setting, as described in the main [controlled folder access topic](controlled-folders.md).
+You can also use Group Policy, Intune, MDM, or Microsoft Endpoint Configuration Manager to configure and deploy the setting, as described in the main [controlled folder access topic](controlled-folders.md).
 
 ## Review controlled folder access events in Windows Event Viewer
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index 30bbd5efe4..5ec46afedd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -29,7 +29,7 @@ Microsoft Defender ATP supports a wide variety of options to ensure that custome
 
 Acknowledging that customer environments and structures can vary, Microsoft Defender ATP was created with flexibility and granular control to fit varying customer requirements. 
 
-Machine onboarding is fully integrated into System Center Configuration Manager and Microsoft Intune for client machines and Azure Security Center for server machines, providing complete end-to-end experience of configuration, deployment, and monitoring. In addition, Microsoft Defender ATP supports Group Policy and other third-party tools used for machines management.
+Machine onboarding is fully integrated into Microsoft Endpoint Configuration Manager and Microsoft Intune for client machines and Azure Security Center for server machines, providing complete end-to-end experience of configuration, deployment, and monitoring. In addition, Microsoft Defender ATP supports Group Policy and other third-party tools used for machines management.
 
 Microsoft Defender ATP provides fine-grained control over what users with access to the portal can see and do through the flexibility of role-based access control (RBAC). The RBAC model supports all flavors of security teams structure:
 - Globally distributed organizations and security teams
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index aaf95f6065..aaf2910af8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -180,7 +180,7 @@ For more information, see [Windows Defender Antivirus compatibility](../windows-
 ## Windows Defender Antivirus Early Launch Antimalware (ELAM) driver is enabled
 If you're running Windows Defender Antivirus as the primary antimalware product on your machines, the Microsoft Defender ATP agent will successfully onboard.
 
-If you're running a third-party antimalware client and use Mobile Device Management solutions or System Center Configuration Manager (current branch) version 1606, you'll need to ensure that the Windows Defender Antivirus ELAM driver is enabled. For more information, see [Ensure that Windows Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy).
+If you're running a third-party antimalware client and use Mobile Device Management solutions or Microsoft Endpoint Configuration Manager (current branch) version 1606, you'll need to ensure that the Windows Defender Antivirus ELAM driver is enabled. For more information, see [Ensure that Windows Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy).
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
index 98d455063a..4e86aca1f8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
@@ -30,12 +30,12 @@ It helps organizations discover vulnerabilities and misconfigurations in real-ti
 ## Next-generation capabilities 
 Threat & Vulnerability Management is built-in, real-time, cloud-powered, fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledgebase.  
 
-It is the first solution in the industry to bridge the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM).
+It is the first solution in the industry to bridge the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft Microsoft Endpoint Configuration Manager.
 
 It provides the following solutions to frequently-cited gaps across security operations, security administration, and IT administration workflows and communication. 
 - Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
 - Linked machine vulnerability and security configuration assessment data in the context of exposure discovery
-- Built-in remediation processes through Microsoft Intune and Microsoft System Center Configuration Manager 
+- Built-in remediation processes through Microsoft Intune and Microsoft Endpoint Configuration Manager 
 
 ### Real-time discovery
  
@@ -55,7 +55,7 @@ Threat & Vulnerability Management helps customers prioritize and focus on those
 ### Seamless remediation
  
 Microsoft Defender ATP’s Threat & Vulnerability Management allows security administrators and IT administrators to collaborate seamlessly to remediate issues.
-- Remediation requests to IT. Through Microsoft Defender ATP’s integration with Microsoft Intune and System Center Configuration Manager (SCCM), security administrators can create a remediation task in Microsoft Intune from the Security recommendation pages. We plan to expand this capability to other IT security management platforms. 
+- Remediation requests to IT. Through Microsoft Defender ATP’s integration with Microsoft Intune and Microsoft Endpoint Configuration Manager, security administrators can create a remediation task in Microsoft Intune from the Security recommendation pages. We plan to expand this capability to other IT security management platforms. 
 - Alternate mitigations. Threat & Vulnerability Management provides insights on additional mitigations, such as configuration changes that can reduce risk associated with software vulnerabilities.
 - Real-time remediation status. Microsoft Defender ATP provides real-time monitoring of the status and progress of remediation activities across the organization.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
index 7d9e52a115..ea9ee7efc8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
@@ -34,7 +34,7 @@ Follow the corresponding instructions depending on your preferred deployment met
 ## Offboard Windows 10 machines
 - [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script)
 - [Offboard machines using Group Policy](configure-endpoints-gp.md#offboard-machines-using-group-policy)
-- [Offboard machines using System Center Configuration Manager](configure-endpoints-sccm.md#offboard-machines-using-system-center-configuration-manager)
+- [Offboard machines using Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md#offboard-machines-using-system-center-configuration-manager)
 - [Offboard machines using Mobile Device Management tools](configure-endpoints-mdm.md#offboard-and-monitor-machines-using-mobile-device-management-tools)
 
 ## Offboard Servers
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index 13b98ef44d..85a326840f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -42,7 +42,7 @@ Ensure that your machines:
 > RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
 > 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
 
-- Are onboarded to Microsoft Intune and System Center Configuration Manager (SCCM). If you are use SCCM, update your console to the latest May version 1905
+- Are onboarded to Microsoft Intune and  Microsoft Endpoint Configuration Manager. If you are using Configuration Manager, update your console to the latest version.
 - Have at least one security recommendation that can be viewed in the machine page
 - Are tagged or marked as co-managed
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
index 53233130eb..1dbb422ba5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
@@ -40,15 +40,15 @@ If you have completed the onboarding process and don't see machines in the [Mach
 
 If the script completes successfully, see [Troubleshoot onboarding issues on the machines](#troubleshoot-onboarding-issues-on-the-machine) for additional errors that might occur.
 
-### Troubleshoot onboarding issues when deploying with System Center Configuration Manager
-When onboarding machines using the following versions of System Center Configuration Manager:
+### Troubleshoot onboarding issues when deploying with Microsoft Endpoint Configuration Manager
+When onboarding machines using the following versions of Microsoft Endpoint Configuration Manager:
 - System Center 2012 Configuration Manager
 - System Center 2012 R2 Configuration Manager
-- System Center Configuration Manager (current branch) version 1511
-- System Center Configuration Manager (current branch) version 1602
+- Microsoft Endpoint Configuration Manager (current branch) version 1511
+- Microsoft Endpoint Configuration Manager (current branch) version 1602
 
 
-Deployment with the above-mentioned versions of System Center Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console.
+Deployment with the above-mentioned versions of Microsoft Endpoint Center Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console.
 
 If the deployment fails, you can check the output of the script on the machines.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index 07bd73d2d2..ad666ba5b3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -26,7 +26,7 @@ ms.topic: conceptual
 Threat & Vulnerability Management is a component of Microsoft Defender ATP, and provides both security administrators and security operations teams with unique value, including:
 - Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
 - Invaluable machine vulnerability context during incident investigations
-- Built-in remediation processes through Microsoft Intune and Microsoft System Center Configuration Manager (SCCM)  
+- Built-in remediation processes through Microsoft Intune and Microsoft Microsoft Endpoint Configuration Manager (SCCM)  
   
 You can use the Threat & Vulnerability Management capability in [Microsoft Defender Security Center](https://securitycenter.windows.com/) to:
 - View exposure and configuration scores side-by-side with top security recommendations, software vulnerability, remediation activities, and exposed machines
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 1d7a8392e8..bc7f405cb4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -1,6 +1,6 @@
 ---
 title: Remediation and exception
-description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations or filing exceptions provided there are compensation controls. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). 
+description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations or filing exceptions provided there are compensation controls. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft Endpoint Configuration Manager. 
 keywords: microsoft defender atp tvm remediation, mdatp tvm, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
index 186b46eb57..b7a682c886 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
@@ -25,9 +25,9 @@ ms.date: 04/11/2019
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-The cybersecurity weaknesses identified in your organization are mapped to actionable security recommendations and prioritized by their impact on the security recommendation list. Prioritized recommendation helps shorten the mean time to mitigate or remediate vulnerabilities and drive compliance.
+The cyber security weaknesses identified in your organization are mapped to actionable security recommendations and prioritized by their impact on the security recommendation list. Prioritized recommendation helps shorten the mean time to mitigate or remediate vulnerabilities and drive compliance.
 
-Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment. 
+Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and Microsoft Endpoint Configuration Manager. It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collects information from your environment. 
 
 ## The basis of the security recommendation
 Each machine in the organization is scored based on three important factors: threat, likelihood to be breached, and value, to help customers to focus on the right things at the right time.
diff --git a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index 1f3bb33e56..d726f7ff56 100644
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -279,7 +279,7 @@ SAWs are computers that are built to help significantly reduce the risk of compr
 
 To protect high-value assets, SAWs are used to make secure connections to those assets.
 
-Similarly, on corporate fully-managed workstations, where applications are installed by using a distribution tool like System Center Configuration Manager, Intune, or any third-party device management, then Device Guard is very applicable. In that type of scenario, the organization has a good idea of the software that an average user is running.
+Similarly, on corporate fully-managed workstations, where applications are installed by using a distribution tool like Microsoft Endpoint Configuration Manager, Intune, or any third-party device management, then Device Guard is very applicable. In that type of scenario, the organization has a good idea of the software that an average user is running.
 
 It could be challenging to use Device Guard on corporate, lightly-managed workstations where the user is typically allowed to install software on their own. When an organization offers great flexibility, it’s quite difficult to run Device Guard in enforcement mode. Nevertheless, Device Guard can be run in Audit mode, and in that case, the event log will contain a record of any binaries that violated the Device Guard policy. When Device Guard is used in Audit mode, organizations can get rich data about drivers and applications that users install and run.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
index 7bee1e3696..0f08b94b0f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
@@ -26,7 +26,7 @@ manager: dansimp
 You can manage and configure Windows Defender Antivirus with the following tools:
 
 - Microsoft Intune
-- System Center Configuration Manager
+- Microsoft Endpoint Configuration Manager
 - Group Policy
 - PowerShell cmdlets
 - Windows Management Instrumentation (WMI)
@@ -38,7 +38,7 @@ The topics in this section provide further information, links, and resources for
 
 Topic | Description
 ---|---
-[Manage Windows Defender Antivirus with Microsoft Intune and System Center Configuration Manager](use-intune-config-manager-windows-defender-antivirus.md)|Information about using Intune and System Center Configuration Manager to deploy, manage, report, and configure Windows Defender Antivirus
+[Manage Windows Defender Antivirus with Microsoft Intune and Microsoft Endpoint Configuration Manager](use-intune-config-manager-windows-defender-antivirus.md)|Information about using Intune and Microsoft Endpoint Configuration Manager to deploy, manage, report, and configure Windows Defender Antivirus
 [Manage Windows Defender Antivirus with Group Policy settings](use-group-policy-windows-defender-antivirus.md)|List of all Group Policy settings located in ADMX templates
 [Manage Windows Defender Antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-antivirus.md)|Instructions for using PowerShell cmdlets to manage Windows Defender Antivirus, plus links to documentation for all cmdlets and allowed parameters
 [Manage Windows Defender Antivirus with Windows Management Instrumentation (WMI)](use-wmi-windows-defender-antivirus.md)| Instructions for using WMI to manage Windows Defender Antivirus, plus links to documentation for the WMIv2 APIs (including all classes, methods, and properties)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
index 5d969e79a9..1ec92d64e6 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
@@ -32,7 +32,7 @@ See [Configure device restriction settings in Microsoft Intune](https://docs.mic
 
 **Use Configuration Manager to configure scanning options:**
 
-See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring System Center Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 **Use Group Policy to configure scanning options**
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
index 47b2f1d42a..1fb5ff7d26 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
@@ -73,7 +73,7 @@ For a list of Windows Defender Antivirus device restrictions in Intune, see [Dev
 
 ### Enable block at first sight with SCCM
 
-1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
+1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
 
 2. Click **Home** > **Create Antimalware Policy**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
index a1020bef6f..6ab53e6c67 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
@@ -77,7 +77,7 @@ See the following articles:
 
 ### Use Configuration Manager to configure file name, folder, or file extension exclusions
 
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring System Center Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 ### Use Group Policy to configure folder or file extension exclusions
 
@@ -272,7 +272,7 @@ The following table describes how the wildcards can be used and provides some ex
 
 You can retrieve the items in the exclusion list using one of the following methods:
 - [Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
-- [System Center Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
+- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
 - MpCmdRun
 - PowerShell
 - [Windows Security app](windows-defender-security-center-antivirus.md#exclusions)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
index 0bd81387b5..39f0cb02b4 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
@@ -43,7 +43,7 @@ The Windows Defender Antivirus cloud service provides fast, strong protection fo
 >[!NOTE]
 >The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
 
-See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) for details on enabling the service with Intune, System Center Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
+See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) for details on enabling the service with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
 
 After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
index 6bd6aeb7b2..03afa1681f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
@@ -74,7 +74,7 @@ You can use Group Policy to:
 Hiding notifications can be useful in situations where you can't hide the entire Windows Defender Antivirus interface. See [Prevent users from seeing or interacting with the Windows Defender Antivirus user interface](prevent-end-user-interaction-windows-defender-antivirus.md) for more information.
 
 > [!NOTE]
-> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [System Center Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
+> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Endpoint Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
 
 See [Customize the Windows Security app for your organization](../windows-defender-security-center/windows-defender-security-center.md) for instructions to add custom contact information to the notifications that users see on their machines.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
index 36714d75c3..79e9d90a7b 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
@@ -41,7 +41,7 @@ The exclusions only apply to [always-on real-time protection and monitoring](con
 
 Changes made with Group Policy to the exclusion lists **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions). However, changes made in the Windows Security app **will not show** in the Group Policy lists.
 
-You can add, remove, and review the lists for exclusions in [Group Policy](#gp), [System Center Configuration Manager, Microsoft Intune, and with the Windows Security app](#man-tools), and you can [use wildcards](#wildcards) to further customize the lists.
+You can add, remove, and review the lists for exclusions in [Group Policy](#gp), [Microsoft Endpoint Configuration Manager, Microsoft Intune, and with the Windows Security app](#man-tools), and you can [use wildcards](#wildcards) to further customize the lists.
 
 You can also [use PowerShell cmdlets and WMI to configure the exclusion lists](#ps), including [reviewing](#review) your lists.
 
@@ -57,9 +57,9 @@ You can [configure how locally and globally defined exclusions lists are merged]
 
 See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
 
-### Use System Center Configuration Manager to exclude files that have been opened by specified processes from scans
+### Use Microsoft Endpoint Configuration Manager to exclude files that have been opened by specified processes from scans
 
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring System Center Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 ### Use Group Policy to exclude files that have been opened by specified processes from scans
 
@@ -150,7 +150,7 @@ Environment variables | The defined variable will be populated as a path when th
 
 ## Review the list of exclusions
 
-You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [System Center Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
+You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
 
 If you use PowerShell, you can retrieve the list in two ways:
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
index 9702fdb478..7b22fa2f60 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
@@ -25,7 +25,7 @@ manager: dansimp
 
 When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
 
-This topic describes how to configure these settings with Group Policy, but you can also use [System Center Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+This topic describes how to configure these settings with Group Policy, but you can also use [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
 
 You can also use the [`Set-MpPreference` PowerShell cmdlet](https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference) or [`MSFT_MpPreference` WMI class](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx) to configure these settings.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
index d771955c80..3532148261 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
@@ -1,7 +1,7 @@
 ---
 title: Configure Windows Defender Antivirus features
-description: You can configure Windows Defender Antivirus features with Intune, System Center Configuration Manager, Group Policy, and PowerShell.
-keywords: Windows Defender Antivirus, antimalware, security, defender, configure, configuration, Config Manager, System Center Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
+description: You can configure Windows Defender Antivirus features with Intune, Microsoft Endpoint Configuration Manager, Group Policy, and PowerShell.
+keywords: Windows Defender Antivirus, antimalware, security, defender, configure, configuration, Config Manager, Microsoft Endpoint Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@@ -26,7 +26,7 @@ manager: dansimp
 You can configure Windows Defender Antivirus with a number of tools, including:
 
 - Microsoft Intune
-- System Center Configuration Manager
+- Microsoft Endpoint Configuration Manager
 - Group Policy
 - PowerShell cmdlets
 - Windows Management Instrumentation (WMI)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
index 4e5666fd45..b0b2030e32 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
@@ -34,4 +34,4 @@ Topic | Description
 [Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) | Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
 [Configure scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
 [Configure and run scans](run-scan-windows-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
-[Review scan results](review-scan-results-windows-defender-antivirus.md) | Review the results of scans using  System Center Configuration Manager, Microsoft Intune, or the Windows Security app
+[Review scan results](review-scan-results-windows-defender-antivirus.md) | Review the results of scans using  Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
index ad4a8eee3e..295d507e65 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Deploy, manage, and report on Windows Defender Antivirus
-description: You can deploy and manage Windows Defender Antivirus with Intune, System Center Configuration Manager, Group Policy, PowerShell, or WMI
+description: You can deploy and manage Windows Defender Antivirus with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, or WMI
 keywords: deploy, manage, update, protection, windows defender antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
@@ -27,7 +27,7 @@ You can deploy, manage, and report on Windows Defender Antivirus in a number of
 
 Because the Windows Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
 
-However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, System Center Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
+However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
 
 You'll also see additional links for:
 
@@ -40,13 +40,13 @@ You'll also see additional links for:
 Tool|Deployment options (<a href="#fn2" id="ref2">2</a>)|Management options (network-wide configuration and policy or baseline deployment) ([3](#fn3))|Reporting options  
 ---|---|---|---  
 Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management)  
-System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
+Microsoft Endpoint Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
 Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
-PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
-Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
+PowerShell|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
+Windows Management Instrumentation|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
 Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
 
-1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between System Center Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and System Center Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
+1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
   
 2.	<span id="fn2" />In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date ([except on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)). Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers. [(Return to table)](#ref2)
 
@@ -80,6 +80,6 @@ Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by
 
 Topic | Description
 ---|---
-[Deploy and enable Windows Defender Antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with System Center Configuration Manager, Microsoft Intune, or Group Policy Objects.
-[Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating Security intelligence (protection updates). You can update Security intelligence in a number of ways, using System Center Configuration Manager, Group Policy, PowerShell, and WMI.
-[Monitor and report on Windows Defender Antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use Microsoft Intune, System Center Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.
+[Deploy and enable Windows Defender Antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with Microsoft Endpoint Configuration Manager, Microsoft Intune, or Group Policy Objects.
+[Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating Security intelligence (protection updates). You can update Security intelligence in a number of ways, using Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, and WMI.
+[Monitor and report on Windows Defender Antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use Microsoft Intune, Microsoft Endpoint Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
index 9f668be613..6f8dd3363b 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Deploy and enable Windows Defender Antivirus 
-description: Deploy Windows Defender Antivirus for protection of your endpoints with Microsoft Intune, System Center Configuration Manager, Group Policy, PowerShell cmdlets, or WMI.
+description: Deploy Windows Defender Antivirus for protection of your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or WMI.
 keywords: deploy, enable, Windows Defender Antivirus
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
@@ -25,7 +25,7 @@ manager: dansimp
 
 Depending on the management tool you are using, you may need to specifically enable or configure Windows Defender Antivirus protection.
 
-See the table in [Deploy, manage, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md#ref2) for instructions on how to enable protection with Microsoft Intune, System Center Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management Instruction (WMI).
+See the table in [Deploy, manage, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md#ref2) for instructions on how to enable protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management Instruction (WMI).
 
 Some scenarios require additional guidance on how to successfully deploy or configure Windows Defender Antivirus protection, such as Virtual Desktop Infrastructure (VDI) environments.
 

From 825422fb5829ebf880a67e51ad9b61878eddd509 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 27 Dec 2019 04:49:53 -0800
Subject: [PATCH 016/247] Rebrand System Center to Microsoft Endpoint _ Five

git status
git commit -m Rebrand System Center to Microsoft Endpoint _ Five
---
 .../update/windows-analytics-get-started.md   |    4 +-
 .../update/windows-analytics-overview.md      |    2 +-
 windows/deployment/update/wufb-autoupdate.md  |    2 +-
 .../deployment/update/wufb-managedrivers.md   |    2 +-
 ...windows-upgrades-with-upgrade-readiness.md |   95 +-
 .../upgrade/resolution-procedures.md          |    4 +-
 .../upgrade-readiness-deploy-windows.md       |    2 +-
 .../upgrade/upgrade-readiness-get-started.md  |    2 +-
 .../upgrade/upgrade-readiness-requirements.md |    4 +-
 ...with-system-center-configuraton-manager.md |   10 +-
 .../upgrade/windows-10-edition-upgrades.md    |  501 ++--
 .../usmt/usmt-common-migration-scenarios.md   |  309 +--
 .../usmt/usmt-test-your-migration.md          |  107 +-
 .../configure-client-computers-vamt.md        |  189 +-
 .../windows-10-deployment-posters.md          |    6 +-
 .../windows-10-deployment-scenarios.md        |  552 ++--
 .../windows-10-enterprise-e3-overview.md      |  518 ++--
 windows/deployment/windows-10-media.md        |    2 +-
 windows/deployment/windows-10-poc-mdt.md      | 1312 +++++-----
 .../windows-10-poc-sc-config-mgr.md           | 2164 ++++++++--------
 windows/deployment/windows-10-poc.md          | 2214 +++++++++--------
 .../windows-autopilot/add-devices.md          |    4 +-
 .../windows-autopilot/autopilot-faq.md        |    4 +-
 .../windows-autopilot/deployment-process.md   |    4 +-
 .../windows-autopilot/existing-devices.md     |    2 +-
 .../windows-autopilot/windows-autopilot.md    |    2 +-
 ...ndows-diagnostic-events-and-fields-1703.md |    4 +-
 ...ndows-diagnostic-events-and-fields-1709.md |    2 +-
 ...ndows-diagnostic-events-and-fields-1803.md |    2 +-
 ...ndows-diagnostic-events-and-fields-1809.md |    4 +-
 30 files changed, 4022 insertions(+), 4007 deletions(-)

diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md
index 18a4d35cd9..5a35460bf7 100644
--- a/windows/deployment/update/windows-analytics-get-started.md
+++ b/windows/deployment/update/windows-analytics-get-started.md
@@ -96,7 +96,7 @@ If your organization uses proxy server authentication for outbound traffic, use
 
 ## Deploy the compatibility update and related updates
 
-The compatibility update scans your devices and enables application usage tracking. If you don’t already have these updates installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as System Center Configuration Manager.
+The compatibility update scans your devices and enables application usage tracking. If you don’t already have these updates installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as Microsoft Endpoint Configuration Manager.
 
 | **Operating System** | **Updates** |
 |----------------------|-----------------------------------------------------------------------------|
@@ -172,7 +172,7 @@ When you run the deployment script, it initiates a full scan. The daily schedule
 
 ### Distribute the deployment script at scale
 
-Use a software distribution system such as System Center Configuration Manager to distribute the Upgrade Readiness deployment script at scale. For more information, see [Upgrade Readiness deployment script](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-deployment-script). For information on how to deploy PowerShell scripts by using Windows Intune, see [Manage PowerShell scripts in Intune for Windows 10 devices](https://docs.microsoft.com/intune/intune-management-extension).
+Use a software distribution system such as Microsoft Endpoint Configuration Manager to distribute the Upgrade Readiness deployment script at scale. For more information, see [Upgrade Readiness deployment script](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-deployment-script). For information on how to deploy PowerShell scripts by using Windows Intune, see [Manage PowerShell scripts in Intune for Windows 10 devices](https://docs.microsoft.com/intune/intune-management-extension).
 
 ### Distributing policies at scale
 
diff --git a/windows/deployment/update/windows-analytics-overview.md b/windows/deployment/update/windows-analytics-overview.md
index 5d63af3e36..54503af57c 100644
--- a/windows/deployment/update/windows-analytics-overview.md
+++ b/windows/deployment/update/windows-analytics-overview.md
@@ -46,7 +46,7 @@ Use Upgrade Readiness to get:
 - Guidance and insights into application and driver compatibility issues, with suggested fixes
 - Data-driven application rationalization tools
 - Application usage information, allowing targeted validation; workflow to track validation progress and decisions
-- Data export to commonly used software deployment tools, including System Center Configuration Manager 
+- Data export to commonly used software deployment tools, including Microsoft Endpoint Configuration Manager 
 
 To get started with any of these solutions, visit the links for instructions to add it to Azure Portal.
 
diff --git a/windows/deployment/update/wufb-autoupdate.md b/windows/deployment/update/wufb-autoupdate.md
index 828c0bf6b7..f4d794c2b8 100644
--- a/windows/deployment/update/wufb-autoupdate.md
+++ b/windows/deployment/update/wufb-autoupdate.md
@@ -27,7 +27,7 @@ Automatic Update governs the "behind the scenes" download and installation proce
 |-|-|
 |Configure Automatic Updates|Governs the installation activity that happens in the background. This allows you to configure the installation to happen during the [maintenance window](https://docs.microsoft.com/sccm/core/clients/manage/collections/use-maintenance-windows). Also, you can specify an installation time where the device will also try to install the latest packages. You can also pick a certain day and or week.|
 |Automatic Update Detection Frequency|Lets you set the scan frequency the device will use to connect to Windows Update to see if there is any available content. Default is 22 hours, but you can increase or decrease the frequency. Keep in mind a desktop computer may need to scan less frequently than laptops, which can have intermittent internet connection.|
-|Specify Intranet Microsoft Update Service Location|Used for Windows Server Update Services or System Center Configuration Manager users who want to install custom packages that are not offered through Windows Update.|
+|Specify Intranet Microsoft Update Service Location|Used for Windows Server Update Services or Microsoft Endpoint Configuration Manager users who want to install custom packages that are not offered through Windows Update.|
 |Do not connect to any Windows Update Internet locations <br>Required for Dual Scan|Prevents access to Windows Update.|
 
 ## Suggested configuration
diff --git a/windows/deployment/update/wufb-managedrivers.md b/windows/deployment/update/wufb-managedrivers.md
index 0fe22b0935..e451d7751a 100644
--- a/windows/deployment/update/wufb-managedrivers.md
+++ b/windows/deployment/update/wufb-managedrivers.md
@@ -41,7 +41,7 @@ You can use an on-premises catalog, like WSUS, to deploy 3rd Party patches and u
 
 |Policy| Description |
 |-|-|
-|Specify Intranet Microsoft Update Service Location| Used for WSUS/System Center Configuration Manager customers who want to install custom packages that are not offered through Windows Update.|
+|Specify Intranet Microsoft Update Service Location| Used for WSUS/Microsoft Endpoint Configuration Manager customers who want to install custom packages that are not offered through Windows Update.|
 
 ### Suggested configuration 
 
diff --git a/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md b/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
index 078074ba23..bcfd0a6ac4 100644
--- a/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
+++ b/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
@@ -1,47 +1,48 @@
----
-title: Manage Windows upgrades with Upgrade Readiness (Windows 10)
-description: Provides an overview of the process of managing Windows upgrades with Upgrade Readiness.
-ms.prod: w10
-audience: itpro
author: greg-lindsay
-ms.date: 04/25/2017
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.topic: article
----
-
-# Manage Windows upgrades with Upgrade Readiness
-
-Upgrading to new operating systems has traditionally been a challenging, complex, and slow process for many enterprises. Discovering applications and drivers and then testing them for potential compatibility issues have been among the biggest pain points.
-
-With the release of Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released. Windows Upgrade Readiness not only supports upgrade management from Windows 7, Windows 8.1 to Windows 10, but also Windows 10 upgrades in the [Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview) model.  
-
-Microsoft developed Upgrade Readiness in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Upgrade Readiness was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
-
-With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft.
-
-Use Upgrade Readiness to get:
-
--   A visual workflow that guides you from pilot to production
--   Detailed computer and application inventory
--   Powerful computer level search and drill-downs
--   Guidance and insights into application and driver compatibility issues, with suggested fixes
--   Data driven application rationalization tools
--   Application usage information, allowing targeted validation; workflow to track validation progress and decisions
--   Data export to commonly used software deployment tools, including System Center Configuration Manager
-
-The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
-
-**Important**  For system, application, and driver data to be shared with Microsoft, you must configure user computers to send data. For information about what diagnostic data Microsoft collects and how that data is used and protected by Microsoft, see:
-
-- [Configure Windows diagnostic data in your organization](/windows/configuration/configure-windows-diagnostic-data-in-your-organization)
-- [Manage connections from Windows operating system components to Microsoft services](/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services)
-- [Windows 7, Windows 8, and Windows 8.1 appraiser diagnostic data events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)
-
-## **Related topics**
-
-[Upgrade Readiness architecture](upgrade-readiness-architecture.md)<br>
-[Upgrade Readiness requirements](upgrade-readiness-requirements.md)<br>
-[Upgrade Readiness release notes](upgrade-readiness-requirements.md#important-information-about-this-release)<br>
-[Get started with Upgrade Readiness](upgrade-readiness-get-started.md)<br>
-[Use Upgrade Readiness to manage Windows upgrades](use-upgrade-readiness-to-manage-windows-upgrades.md)
+---
+title: Manage Windows upgrades with Upgrade Readiness (Windows 10)
+description: Provides an overview of the process of managing Windows upgrades with Upgrade Readiness.
+ms.prod: w10
+audience: itpro
+author: greg-lindsay
+ms.date: 04/25/2017
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.topic: article
+---
+
+# Manage Windows upgrades with Upgrade Readiness
+
+Upgrading to new operating systems has traditionally been a challenging, complex, and slow process for many enterprises. Discovering applications and drivers and then testing them for potential compatibility issues have been among the biggest pain points.
+
+With the release of Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released. Windows Upgrade Readiness not only supports upgrade management from Windows 7, Windows 8.1 to Windows 10, but also Windows 10 upgrades in the [Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview) model.  
+
+Microsoft developed Upgrade Readiness in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Upgrade Readiness was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
+
+With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft.
+
+Use Upgrade Readiness to get:
+
+-   A visual workflow that guides you from pilot to production
+-   Detailed computer and application inventory
+-   Powerful computer level search and drill-downs
+-   Guidance and insights into application and driver compatibility issues, with suggested fixes
+-   Data driven application rationalization tools
+-   Application usage information, allowing targeted validation; workflow to track validation progress and decisions
+-   Data export to commonly used software deployment tools, including Microsoft Endpoint Configuration Manager
+
+The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
+
+**Important**  For system, application, and driver data to be shared with Microsoft, you must configure user computers to send data. For information about what diagnostic data Microsoft collects and how that data is used and protected by Microsoft, see:
+
+- [Configure Windows diagnostic data in your organization](/windows/configuration/configure-windows-diagnostic-data-in-your-organization)
+- [Manage connections from Windows operating system components to Microsoft services](/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services)
+- [Windows 7, Windows 8, and Windows 8.1 appraiser diagnostic data events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)
+
+## **Related topics**
+
+[Upgrade Readiness architecture](upgrade-readiness-architecture.md)<br>
+[Upgrade Readiness requirements](upgrade-readiness-requirements.md)<br>
+[Upgrade Readiness release notes](upgrade-readiness-requirements.md#important-information-about-this-release)<br>
+[Get started with Upgrade Readiness](upgrade-readiness-get-started.md)<br>
+[Use Upgrade Readiness to manage Windows upgrades](use-upgrade-readiness-to-manage-windows-upgrades.md)
diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 7b336767e8..c988b29eff 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -610,7 +610,7 @@ Download and run the media creation tool. See <a href="https://www.microsoft.com
 
 <tr>
 <td>0x80240FFF </td>
-<td>Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with System Center Configuration Manager. If you enable update synchronization before you install <a href="https://support.microsoft.com/help/3095113/">hotfix 3095113</a>, WSUS doesn&#39;t recognize the Upgrades classification and instead treats the upgrade like a regular update.</td>
+<td>Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with Microsoft Endpoint Configuration Manager. If you enable update synchronization before you install <a href="https://support.microsoft.com/help/3095113/">hotfix 3095113</a>, WSUS doesn&#39;t recognize the Upgrades classification and instead treats the upgrade like a regular update.</td>
 <td> You can prevent this by installing <a href="https://blogs.technet.microsoft.com/wsus/2015/12/03/important-update-for-wsus-4-0-kb-3095113/">hotfix 3095113</a> before you enable update synchronization. However, if you have already run into this problem, do the following:
 <ol>
 <li>Disable the Upgrades classification.</li>
@@ -625,7 +625,7 @@ For detailed information on how to run these steps check out <a href="https://bl
 
 <tr>
 <td>0x8007007E</td>
-<td>Occurs when update synchronization fails because you do not have <a href="https://support.microsoft.com/help/3095113/">hotfix 3095113</a> installed before you enable update synchronization. Specifically, the CopyToCache operation fails on clients that have already downloaded the upgrade because Windows Server Update Services has bad metadata related to the upgrade. It can occur when you are using standalone Windows Server Update Services or when WSUS is integrated with System Center Configuration Manager.</td>
+<td>Occurs when update synchronization fails because you do not have <a href="https://support.microsoft.com/help/3095113/">hotfix 3095113</a> installed before you enable update synchronization. Specifically, the CopyToCache operation fails on clients that have already downloaded the upgrade because Windows Server Update Services has bad metadata related to the upgrade. It can occur when you are using standalone Windows Server Update Services or when WSUS is integrated with Microsoft Endpoint Configuration Manager.</td>
 <td> Use the following steps to repair Windows Server Update Services. You must run these steps on each WSUS server that synched metadata before you installed the hotfix.
 <ol>
 <li>Stop the Windows Update service. Sign in as a user with administrative privileges, and then do the following:
diff --git a/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md b/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md
index 7ae486f5d3..fa371c6122 100644
--- a/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md
+++ b/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md
@@ -43,7 +43,7 @@ Select **Export computers** for more details, including computer name, manufactu
 
 ## Computer groups
 
-Computer groups allow you to segment your environment by creating device groups based on log search results, or by importing groups from Active Directory, WSUS or System Center Configuration Manager. Computer groups are an OMS feature. For more information, see [Computer groups in OMS](https://blogs.technet.microsoft.com/msoms/2016/04/04/computer-groups-in-oms/).
+Computer groups allow you to segment your environment by creating device groups based on log search results, or by importing groups from Active Directory, WSUS or Microsoft Endpoint Configuration Manager. Computer groups are an OMS feature. For more information, see [Computer groups in OMS](https://blogs.technet.microsoft.com/msoms/2016/04/04/computer-groups-in-oms/).
 
 Query based computer groups are recommended in the initial release of this feature. A feature known as **Configuration Manager Upgrade Readiness Connector** is anticipated in a future release that will enable synchronization of **ConfigMgr Collections** with computer groups in OMS.
 
diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md
index 0e4b6350ae..ea1383f381 100644
--- a/windows/deployment/upgrade/upgrade-readiness-get-started.md
+++ b/windows/deployment/upgrade/upgrade-readiness-get-started.md
@@ -29,7 +29,7 @@ Before you begin, consider reviewing the following helpful information:<BR>
     - [Upgrade Readiness requirements](upgrade-readiness-requirements.md): Provides detailed requirements to use Upgrade Readiness.<BR>
     - [Upgrade Readiness blog](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/bg-p/WindowsAnalyticsBlog): Contains announcements of new features and provides helpful tips for using Upgrade Readiness.
 
->If you are using System Center Configuration Manager, also check out information about how to integrate Upgrade Readiness with Configuration Manager: [Integrate Upgrade Readiness with System Center Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
+>If you are using Microsoft Endpoint Configuration Manager, also check out information about how to integrate Upgrade Readiness with Configuration Manager: [Integrate Upgrade Readiness with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
 
 When you are ready to begin using Upgrade Readiness, perform the following steps:
 
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
index b200bd292e..63790211b8 100644
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md
@@ -55,9 +55,9 @@ If you are not using Azure Portal or Azure Log Analytics, go to [Log Analytics](
 >[!IMPORTANT]
 >You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work or School account when you sign in to Azure Portal. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in Azure Portal. You also need an Azure subscription to link to your Azure Portal workspace. The account you used to create the workspace must have administrator permissions on the Azure subscription in order to link the workspace to the Azure account. Once the link has been established, you can revoke the administrator permissions.
 
-## System Center Configuration Manager integration
+## Microsoft Endpoint Configuration Manager integration
 
-Upgrade Readiness can be integrated with your installation of Configuration Manager. For more information, see [Integrate Upgrade Readiness with System Center Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
+Upgrade Readiness can be integrated with your installation of Configuration Manager. For more information, see [Integrate Upgrade Readiness with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
 
 
 
diff --git a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
index c6118f8f14..07cdb2d8da 100644
--- a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
+++ b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
@@ -1,6 +1,6 @@
 ---
 title: Perform in-place upgrade to Windows 10 via Configuration Manager
-description: In-place upgrades make upgrading Windows 7, Windows 8, and Windows 8.1 to Windows 10 easy -- you can even automate the whole process with a SCCM task sequence.
+description: In-place upgrades make upgrading Windows 7, Windows 8, and Windows 8.1 to Windows 10 easy -- you can even automate the whole process with a Microsoft Endpoint Configuration Manager task sequence.
 ms.assetid: F8DF6191-0DB0-4EF5-A9B1-6A11D5DE4878
 ms.reviewer: 
 manager: laurawi
@@ -21,7 +21,7 @@ ms.topic: article
 
 -   Windows 10
 
-The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process.
+The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Endpoint Configuration Manager task sequence to completely automate the process.
 
 ## Proof-of-concept environment
 
@@ -111,10 +111,10 @@ Figure 2. Upgrade from Windows 7 to Windows 10 Enterprise x64 with a task sequ
 
 After the task sequence finishes, the computer will be fully upgraded to Windows 10.
 
-## Upgrade to Windows 10 with System Center Configuration Manager Current Branch
+## Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager Current Branch
 
 
-With System Center Configuration Manager Current Branch, new built-in functionality makes it easier to upgrade to Windows 10.
+With Microsoft Endpoint Configuration Manager Current Branch, new built-in functionality makes it easier to upgrade to Windows 10.
 
 **Note**  
 For more details about Configuration Manager Current Branch, see the [Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](https://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released.
@@ -147,7 +147,7 @@ Figure 3. The Configuration Manager upgrade task sequence.
 
 ### Create a device collection
 
-After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the next version of System Center Configuration Manager client installed.
+After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the next version of Microsoft Endpoint Configuration Manager client installed.
 
 1.  On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings:
     -   General
diff --git a/windows/deployment/upgrade/windows-10-edition-upgrades.md b/windows/deployment/upgrade/windows-10-edition-upgrades.md
index d683bd63b3..f0ed48723b 100644
--- a/windows/deployment/upgrade/windows-10-edition-upgrades.md
+++ b/windows/deployment/upgrade/windows-10-edition-upgrades.md
@@ -1,250 +1,251 @@
----
-title: Windows 10 edition upgrade (Windows 10)
-description: With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported.
-ms.assetid: A7642E90-A3E7-4A25-8044-C4E402DC462A
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: mobile
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows 10 edition upgrade
-
-**Applies to**
-
--   Windows 10
--   Windows 10 Mobile
-
-With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](https://go.microsoft.com/fwlink/p/?LinkID=690882). For a comprehensive list of all possible upgrade paths to Windows 10, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md). Downgrading the edition of Windows is discussed in the [License expiration](#license-expiration) section on this page.
-
-For a list of operating systems that qualify for the Windows 10 Pro Upgrade or Windows 10 Enterprise Upgrade through Microsoft Volume Licensing, see [Windows 10 Qualifying Operating Systems](https://download.microsoft.com/download/2/d/1/2d14fe17-66c2-4d4c-af73-e122930b60f6/Windows10-QOS.pdf).
-
-The following table shows the methods and paths available to change the edition of Windows 10 that is running on your computer. **Note**: The reboot requirement for upgrading from Pro to Enterprise was removed in version 1607.
-
-Note: Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](https://docs.microsoft.com/sccm/compliance/deploy-use/upgrade-windows-version) in System Center Configuration Manager.
-
-![not supported](../images/x_blk.png) (X) = not supported</br>
-![supported, reboot required](../images/check_grn.png) (green checkmark) = supported, reboot required</br>
-![supported, no reboot](../images/check_blu.png) (blue checkmark) = supported, no reboot required<br>
-
-<!-- OLD TABLE and key
-X = unsupported <BR>
-&#x2714; (green) = supported; reboot required<BR>
-&#x2714; (blue) = supported; no reboot required
-
-|Method |Home > Pro |Home > Education |Pro > Education |Pro > Enterprise |Ent > Education |Mobile > Mobile Enterprise |
-|-------|-----------|-----------------|----------------|-----------------|----------------|--------|
-| Using mobile device management (MDM) |![unsupported](../images/x_blk.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |
-| Using a provisioning package |![unsupported](../images/x_blk.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |
-| Using a command-line tool |![unsupported](../images/x_blk.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |![supported](../images/check_grn.png) |![unsupported](../images/x_blk.png) |
-| Entering a product key manually |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |![supported](../images/check_grn.png) |![unsupported](../images/x_blk.png) |
-| Purchasing a license from the Microsoft Store |![supported](../images/check_grn.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |
--->
-
-| Edition upgrade | Using mobile device management (MDM) | Using a provisioning package | Using a command-line tool | Using Microsoft Store for Business or PC | Entering a product key manually | Purchasing a license from the Microsoft Store |
-|-----------------| ------------------------------------ | --------------------------- | ------------------------- | -------------------------------------- | ----------------------------------- | --------------------------------------------- |
-| **Home > Pro** | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) |
-| **Home > Pro for Workstations** | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) |
-| **Home > Pro Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
-| **Home > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
-| **Pro > Pro for Workstations** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(MSfB) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) |
-| **Pro > Pro Education** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
-| **Pro > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
-| **Pro > Enterprise** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(1703 - PC)<br>(1709 - MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
-| **Pro for Workstations > Pro Education** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
-| **Pro for Workstations > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
-| **Pro for Workstations > Enterprise** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(1703 - PC)<br>(1709 - MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
-| **Pro Education > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
-| **Enterprise > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
-| **Mobile > Mobile Enterprise** | ![supported, no reboot](../images/check_blu.png) |![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) |
-
-> [!NOTE]
-> - For information about upgrade paths in Windows 10 in S mode (for Pro or Education), check out [Windows 10 Pro/Enterprise in S mode](../windows-10-pro-in-s-mode.md)
-> - Each desktop edition in the table also has an N and KN SKU. These editions have had media-related functionality removed. Devices with N or KN SKUs installed can be upgraded to corresponding N or KN SKUs using the same methods.
-> <br>
-> - Due to [naming changes](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes) the term LTSB might still be displayed in some products. This name will change to LTSC with subsequent feature updates.
-
-## Upgrade using mobile device management (MDM)
-- To upgrade desktop editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithProductKey** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](https://go.microsoft.com/fwlink/p/?LinkID=690907).
-
-- To upgrade mobile editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithLicense** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](https://go.microsoft.com/fwlink/p/?LinkID=690907).
-
-## Upgrade using a provisioning package
-Use Windows Configuration Designer to create a provisioning package to upgrade a desktop edition or mobile edition of Windows 10. To get started, [install Windows Configuration Designer from the Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22).
-
-- To create a provisioning package for upgrading desktop editions of Windows 10, go to **Runtime settings &gt; EditionUpgrade &gt; UpgradeEditionWithProductKey** in the **Available customizations** panel in Windows ICD and enter the product key for the upgraded edition.
-
-- To create a provisioning package for upgrading mobile editions of Windows 10, go to **Runtime settings &gt; EditionUpgrade &gt; UpgradeEditionWithLicense** in the **Available customizations** panel in Windows ICD and enter the product key for the upgraded edition.
-
-For more info about Windows Configuration Designer, see these topics:
-- [Create a provisioining package for Windows 10](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-create-package)
-- [Apply a provisioning package](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-apply-package)
-
-
-## Upgrade using a command-line tool
-You can run the changepk.exe command-line tool to upgrade devices to a supported edition of Windows 10:
-
-`changepk.exe /ProductKey <enter your new product key here>`
-
-You can also upgrade using slmgr.vbs and a [KMS client setup key](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj612867(v%3dws.11)).  For example, the following command will upgrade to Windows 10 Enterprise.
-
-`Cscript.exe c:\windows\system32\slmgr.vbs /ipk NPPR9-FWDCX-D2C8J-H872K-2YT43`
-
-
-## Upgrade by manually entering a product key
-If you are upgrading only a few devices, you may want to enter a product key for the upgraded edition manually.
-
-**To manually enter a product key**
-
-1.  From either the Start menu or the Start screen, type 'Activation' and click on the Activation shortcut.
-
-2.  Click **Change product key**.
-
-3.  Enter your product key.
-
-4.  Follow the on-screen instructions.
-
-## Upgrade by purchasing a license from the Microsoft Store
-If you do not have a product key, you can upgrade your edition of Windows 10 through the Microsoft Store.
-
-**To upgrade through the Microsoft Store**
-
-1.  From either the **Start** menu or the **Start** screen, type 'Activation' and click on the Activation shortcut.
-
-2.  Click **Go to Store**.
-
-3.  Follow the on-screen instructions.
-
-    **Note**<br>If you are a Windows 10 Home N or Windows 10 Home KN user and have trouble finding your applicable upgrade in the Microsoft Store, click [here](ms-windows-store://windowsupgrade/).
-
-## License expiration
-
-Volume license customers whose license has expired will need to change the edition of Windows 10 to an edition with an active license. Switching to a downgraded edition of Windows 10 is possible using the same methods that were used to perform an edition upgrade. If the downgrade path is supported, then your apps and settings can be migrated from the current edition. If a path is not supported, then a clean install is required.
-
-Downgrading from any edition of Windows 10 to Windows 7, 8, or 8.1 by entering a different product key is not supported.  You also cannot downgrade from a later version to an earlier version of the same edition (Ex: Windows 10 Pro 1709 to 1703) unless the rollback process is used. This topic does not discuss version downgrades.
-
-Note: If you are using [Windows 10 Enterprise Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation) and a license expires, devices will automatically revert to the original edition when the grace period expires.
-
-### Scenario example
-
-Downgrading from Enterprise
-- Original edition: **Professional OEM**
-- Upgrade edition: **Enterprise**
-- Valid downgrade paths: **Pro, Pro for Workstations, Pro Education, Education**
-
-You can move directly from Enterprise to any valid destination edition. In this example, downgrading to Pro for Workstations, Pro Education, or Education requires an additional activation key to supersede the firmware-embedded Pro key. In all cases, you must comply with [Microsoft License Terms](https://www.microsoft.com/useterms). If you are a volume license customer, refer to the [Microsoft Volume Licensing Reference Guide](https://www.microsoft.com/download/details.aspx?id=11091).
-
-### Supported Windows 10 downgrade paths
-
-✔ = Supported downgrade path<br>
-&nbsp;S&nbsp; = Supported; Not considered a downgrade or an upgrade<br>
-[blank] = Not supported or not a downgrade<br>
-
-<br>
-<table border="0" cellpadding="1">
-    <tr>
-        <td colspan="10" align="center">Destination edition</td>
-    </tr>
-    <tr>
-        <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
-        <td></td>
-        <td>Home</td>
-        <td>Pro</td>
-        <td>Pro for Workstations</td>
-        <td>Pro Education</td>
-        <td>Education</td>
-        <td>Enterprise LTSC</td>
-        <td>Enterprise</td>
-    </tr>
-    <tr>
-        <td rowspan="9" nowrap="nowrap" valign="middle">Starting edition</td>
-    </tr>
-    <tr>
-        <td>Home</td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-    </tr>
-    <tr>
-        <td>Pro</td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-    </tr>
-    <tr>
-        <td>Pro for Workstations</td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-    </tr>
-    <tr>
-        <td>Pro Education</td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-        <td></td>
-    </tr>
-    <tr>
-        <td>Education</td>
-        <td></td>
-        <td align="center">✔</td>
-        <td align="center">✔</td>
-        <td align="center">✔</td>
-        <td></td>
-        <td></td>
-        <td>S</td>
-    </tr>
-    <tr>
-        <td>Enterprise LTSC</td>
-        <td></td>
-        <td align="center"></td>
-        <td align="center"></td>
-        <td align="center"></td>
-        <td align="center"></td>
-        <td></td>
-        <td></td>
-    </tr>
-    <tr>
-        <td>Enterprise</td>
-        <td></td>
-        <td align="center">✔</td>
-        <td align="center">✔</td>
-        <td align="center">✔</td>
-        <td align="center">S</td>
-        <td></td>
-        <td></td>
-    </tr>
-</table>
-
-> **Windows 10 LTSC/LTSB**: Due to [naming changes](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes), product versions that display Windows 10 LTSB will be replaced with Windows 10 LTSC in subsequent feature updates. The term LTSC is used here to refer to all long term servicing versions.
-> 
-> **Windows N/KN**: Windows "N" and "KN" SKUs follow the same rules shown above.
-
-Some slightly more complex scenarios are not represented by the table above. For example, you can perform an upgrade from Pro to Pro for Workstation on a computer with an embedded Pro key using a Pro for Workstation license key, and then later downgrade this computer back to Pro with the firmware-embedded key. The downgrade is allowed but only because the pre-installed OS is Pro.
-
-## Related topics
-
-[Windows 10 upgrade paths](https://docs.microsoft.com/windows/deployment/upgrade/windows-10-upgrade-paths)<br>
-[Windows 10 volume license media](https://docs.microsoft.com/windows/deployment/windows-10-media)<br>
-[Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation)
+---
+title: Windows 10 edition upgrade (Windows 10)
+description: With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported.
+ms.assetid: A7642E90-A3E7-4A25-8044-C4E402DC462A
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.pagetype: mobile
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows 10 edition upgrade
+
+**Applies to**
+
+-   Windows 10
+-   Windows 10 Mobile
+
+With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](https://go.microsoft.com/fwlink/p/?LinkID=690882). For a comprehensive list of all possible upgrade paths to Windows 10, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md). Downgrading the edition of Windows is discussed in the [License expiration](#license-expiration) section on this page.
+
+For a list of operating systems that qualify for the Windows 10 Pro Upgrade or Windows 10 Enterprise Upgrade through Microsoft Volume Licensing, see [Windows 10 Qualifying Operating Systems](https://download.microsoft.com/download/2/d/1/2d14fe17-66c2-4d4c-af73-e122930b60f6/Windows10-QOS.pdf).
+
+The following table shows the methods and paths available to change the edition of Windows 10 that is running on your computer. **Note**: The reboot requirement for upgrading from Pro to Enterprise was removed in version 1607.
+
+Note: Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](https://docs.microsoft.com/sccm/compliance/deploy-use/upgrade-windows-version) in Microsoft Endpoint Configuration Manager.
+
+![not supported](../images/x_blk.png) (X) = not supported</br>
+![supported, reboot required](../images/check_grn.png) (green checkmark) = supported, reboot required</br>
+![supported, no reboot](../images/check_blu.png) (blue checkmark) = supported, no reboot required<br>
+
+<!-- OLD TABLE and key
+X = unsupported <BR>
+&#x2714; (green) = supported; reboot required<BR>
+&#x2714; (blue) = supported; no reboot required
+
+|Method |Home > Pro |Home > Education |Pro > Education |Pro > Enterprise |Ent > Education |Mobile > Mobile Enterprise |
+|-------|-----------|-----------------|----------------|-----------------|----------------|--------|
+| Using mobile device management (MDM) |![unsupported](../images/x_blk.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |
+| Using a provisioning package |![unsupported](../images/x_blk.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |
+| Using a command-line tool |![unsupported](../images/x_blk.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |![supported](../images/check_grn.png) |![unsupported](../images/x_blk.png) |
+| Entering a product key manually |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_grn.png) |![supported](../images/check_blu.png) |![supported](../images/check_grn.png) |![unsupported](../images/x_blk.png) |
+| Purchasing a license from the Microsoft Store |![supported](../images/check_grn.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |![unsupported](../images/x_blk.png) |
+-->
+
+| Edition upgrade | Using mobile device management (MDM) | Using a provisioning package | Using a command-line tool | Using Microsoft Store for Business or PC | Entering a product key manually | Purchasing a license from the Microsoft Store |
+|-----------------| ------------------------------------ | --------------------------- | ------------------------- | -------------------------------------- | ----------------------------------- | --------------------------------------------- |
+| **Home > Pro** | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) |
+| **Home > Pro for Workstations** | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) |
+| **Home > Pro Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
+| **Home > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
+| **Pro > Pro for Workstations** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(MSfB) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) |
+| **Pro > Pro Education** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
+| **Pro > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
+| **Pro > Enterprise** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(1703 - PC)<br>(1709 - MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
+| **Pro for Workstations > Pro Education** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
+| **Pro for Workstations > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
+| **Pro for Workstations > Enterprise** | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) | ![supported, no reboot](../images/check_blu.png) <br>(1703 - PC)<br>(1709 - MSfB) | ![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) |
+| **Pro Education > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
+| **Enterprise > Education** | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) | ![supported, reboot required](../images/check_grn.png) <br>(MSfB) | ![supported, reboot required](../images/check_grn.png) | ![not supported](../images/x_blk.png) |
+| **Mobile > Mobile Enterprise** | ![supported, no reboot](../images/check_blu.png) |![supported, no reboot](../images/check_blu.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) | ![not supported](../images/x_blk.png) |
+
+> [!NOTE]
+> - For information about upgrade paths in Windows 10 in S mode (for Pro or Education), check out [Windows 10 Pro/Enterprise in S mode](../windows-10-pro-in-s-mode.md)
+> - Each desktop edition in the table also has an N and KN SKU. These editions have had media-related functionality removed. Devices with N or KN SKUs installed can be upgraded to corresponding N or KN SKUs using the same methods.
+> <br>
+> - Due to [naming changes](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes) the term LTSB might still be displayed in some products. This name will change to LTSC with subsequent feature updates.
+
+## Upgrade using mobile device management (MDM)
+- To upgrade desktop editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithProductKey** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](https://go.microsoft.com/fwlink/p/?LinkID=690907).
+
+- To upgrade mobile editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithLicense** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](https://go.microsoft.com/fwlink/p/?LinkID=690907).
+
+## Upgrade using a provisioning package
+Use Windows Configuration Designer to create a provisioning package to upgrade a desktop edition or mobile edition of Windows 10. To get started, [install Windows Configuration Designer from the Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22).
+
+- To create a provisioning package for upgrading desktop editions of Windows 10, go to **Runtime settings &gt; EditionUpgrade &gt; UpgradeEditionWithProductKey** in the **Available customizations** panel in Windows ICD and enter the product key for the upgraded edition.
+
+- To create a provisioning package for upgrading mobile editions of Windows 10, go to **Runtime settings &gt; EditionUpgrade &gt; UpgradeEditionWithLicense** in the **Available customizations** panel in Windows ICD and enter the product key for the upgraded edition.
+
+For more info about Windows Configuration Designer, see these topics:
+- [Create a provisioining package for Windows 10](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-create-package)
+- [Apply a provisioning package](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-apply-package)
+
+
+## Upgrade using a command-line tool
+You can run the changepk.exe command-line tool to upgrade devices to a supported edition of Windows 10:
+
+`changepk.exe /ProductKey <enter your new product key here>`
+
+You can also upgrade using slmgr.vbs and a [KMS client setup key](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj612867(v%3dws.11)).  For example, the following command will upgrade to Windows 10 Enterprise.
+
+`Cscript.exe c:\windows\system32\slmgr.vbs /ipk NPPR9-FWDCX-D2C8J-H872K-2YT43`
+
+
+## Upgrade by manually entering a product key
+If you are upgrading only a few devices, you may want to enter a product key for the upgraded edition manually.
+
+**To manually enter a product key**
+
+1.  From either the Start menu or the Start screen, type 'Activation' and click on the Activation shortcut.
+
+2.  Click **Change product key**.
+
+3.  Enter your product key.
+
+4.  Follow the on-screen instructions.
+
+## Upgrade by purchasing a license from the Microsoft Store
+If you do not have a product key, you can upgrade your edition of Windows 10 through the Microsoft Store.
+
+**To upgrade through the Microsoft Store**
+
+1.  From either the **Start** menu or the **Start** screen, type 'Activation' and click on the Activation shortcut.
+
+2.  Click **Go to Store**.
+
+3.  Follow the on-screen instructions.
+
+    **Note**<br>If you are a Windows 10 Home N or Windows 10 Home KN user and have trouble finding your applicable upgrade in the Microsoft Store, click [here](ms-windows-store://windowsupgrade/).
+
+## License expiration
+
+Volume license customers whose license has expired will need to change the edition of Windows 10 to an edition with an active license. Switching to a downgraded edition of Windows 10 is possible using the same methods that were used to perform an edition upgrade. If the downgrade path is supported, then your apps and settings can be migrated from the current edition. If a path is not supported, then a clean install is required.
+
+Downgrading from any edition of Windows 10 to Windows 7, 8, or 8.1 by entering a different product key is not supported.  You also cannot downgrade from a later version to an earlier version of the same edition (Ex: Windows 10 Pro 1709 to 1703) unless the rollback process is used. This topic does not discuss version downgrades.
+
+Note: If you are using [Windows 10 Enterprise Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation) and a license expires, devices will automatically revert to the original edition when the grace period expires.
+
+### Scenario example
+
+Downgrading from Enterprise
+- Original edition: **Professional OEM**
+- Upgrade edition: **Enterprise**
+- Valid downgrade paths: **Pro, Pro for Workstations, Pro Education, Education**
+
+You can move directly from Enterprise to any valid destination edition. In this example, downgrading to Pro for Workstations, Pro Education, or Education requires an additional activation key to supersede the firmware-embedded Pro key. In all cases, you must comply with [Microsoft License Terms](https://www.microsoft.com/useterms). If you are a volume license customer, refer to the [Microsoft Volume Licensing Reference Guide](https://www.microsoft.com/download/details.aspx?id=11091).
+
+### Supported Windows 10 downgrade paths
+
+✔ = Supported downgrade path<br>
+&nbsp;S&nbsp; = Supported; Not considered a downgrade or an upgrade<br>
+[blank] = Not supported or not a downgrade<br>
+
+<br>
+<table border="0" cellpadding="1">
+    <tr>
+        <td colspan="10" align="center">Destination edition</td>
+    </tr>
+    <tr>
+        <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+        <td></td>
+        <td>Home</td>
+        <td>Pro</td>
+        <td>Pro for Workstations</td>
+        <td>Pro Education</td>
+        <td>Education</td>
+        <td>Enterprise LTSC</td>
+        <td>Enterprise</td>
+    </tr>
+    <tr>
+        <td rowspan="9" nowrap="nowrap" valign="middle">Starting edition</td>
+    </tr>
+    <tr>
+        <td>Home</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Pro</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Pro for Workstations</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Pro Education</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Education</td>
+        <td></td>
+        <td align="center">✔</td>
+        <td align="center">✔</td>
+        <td align="center">✔</td>
+        <td></td>
+        <td></td>
+        <td>S</td>
+    </tr>
+    <tr>
+        <td>Enterprise LTSC</td>
+        <td></td>
+        <td align="center"></td>
+        <td align="center"></td>
+        <td align="center"></td>
+        <td align="center"></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Enterprise</td>
+        <td></td>
+        <td align="center">✔</td>
+        <td align="center">✔</td>
+        <td align="center">✔</td>
+        <td align="center">S</td>
+        <td></td>
+        <td></td>
+    </tr>
+</table>
+
+> **Windows 10 LTSC/LTSB**: Due to [naming changes](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes), product versions that display Windows 10 LTSB will be replaced with Windows 10 LTSC in subsequent feature updates. The term LTSC is used here to refer to all long term servicing versions.
+> 
+> **Windows N/KN**: Windows "N" and "KN" SKUs follow the same rules shown above.
+
+Some slightly more complex scenarios are not represented by the table above. For example, you can perform an upgrade from Pro to Pro for Workstation on a computer with an embedded Pro key using a Pro for Workstation license key, and then later downgrade this computer back to Pro with the firmware-embedded key. The downgrade is allowed but only because the pre-installed OS is Pro.
+
+## Related topics
+
+[Windows 10 upgrade paths](https://docs.microsoft.com/windows/deployment/upgrade/windows-10-upgrade-paths)<br>
+[Windows 10 volume license media](https://docs.microsoft.com/windows/deployment/windows-10-media)<br>
+[Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation)
diff --git a/windows/deployment/usmt/usmt-common-migration-scenarios.md b/windows/deployment/usmt/usmt-common-migration-scenarios.md
index bfc3a1013c..adbd9fbc55 100644
--- a/windows/deployment/usmt/usmt-common-migration-scenarios.md
+++ b/windows/deployment/usmt/usmt-common-migration-scenarios.md
@@ -1,154 +1,155 @@
----
-title: Common Migration Scenarios (Windows 10)
-description: Common Migration Scenarios
-ms.assetid: 1d8170d5-e775-4963-b7a5-b55e8987c1e4
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Common Migration Scenarios
-
-
-You use the User State Migration Tool (USMT) 10.0 when hardware and/or operating system upgrades are planned for a large number of computers. USMT manages the migration of an end-user's digital identity by capturing the user's operating-system settings, application settings, and personal files from a source computer and reinstalling them on a destination computer after the upgrade has occurred.
-
-One common scenario when only the operating system, and not the hardware, is being upgraded is referred to as *PC refresh*. A second common scenario is known as *PC replacement*, where one piece of hardware is being replaced, typically by newer hardware and a newer operating system.
-
-## In This Topic
-
-
-[PC Refresh](#bkmk-pcrefresh)
-
-[Scenario One: PC-refresh offline using Windows PE and a hard-link migration store](#bkmk-onepcrefresh)
-
-[Scenario Two: PC-refresh using a compressed migration store](#bkmk-twopcrefresh)
-
-[Scenario Three: PC-refresh using a hard-link migration store](#bkmk-threepcrefresh)
-
-[Scenario Four: PC-refresh using Windows.old folder and a hard-link migration store](#bkmk-fourpcrefresh)
-
-[PC Replacement](#bkmk-pcreplace)
-
-[Scenario One: Offline migration using Windows PE and an external migration store](#bkmk-onepcreplace)
-
-[Scenario Two: Manual network migration](#bkmk-twopcreplace)
-
-[Scenario Three: Managed network migration](#bkmk-threepcreplace)
-
-## <a href="" id="bkmk-pcrefresh"></a>PC-Refresh
-
-
-The following diagram shows a PC-refresh migration, also known as a computer refresh migration. First, the administrator migrates the user state from a source computer to an intermediate store. After installing the operating system, the administrator migrates the user state back to the source computer.
-
- 
-
-![usmt pc refresh scenario](images/dep-win8-l-usmt-pcrefresh.jpg)
-
- 
-
-### <a href="" id="bkmk-onepcrefresh"></a>Scenario One: PC-refresh offline using Windows PE and a hard-link migration store
-
-A company has just received funds to update the operating system on all of its computers in the accounting department to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, the update is being handled completely offline, without a network connection. An administrator uses Windows Preinstallation Environment (WinPE) and a hard-link migration store to save each user state to their respective computer.
-
-1.  On each computer, the administrator boots the machine into WinPE and runs the ScanState command-line tool, specifying the **/hardlink /nocompress** command-line options. ScanState saves the user state to a hard-link migration store on each computer, improving performance by minimizing network traffic as well as minimizing migration failures on computers with very limited space available on the hard drive.
-
-2.  On each computer, the administrator installs the company’s standard operating environment (SOE) which includes Windows 10 and other company applications.
-
-3.  The administrator runs the LoadState command-line tool on each computer. LoadState restores each user state back to each computer.
-
-### <a href="" id="bkmk-twopcrefresh"></a>Scenario Two: PC-refresh using a compressed migration store
-
-A company has just received funds to update the operating system on all of its computers to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses a compressed migration store to save the user states to a server.
-
-1.  The administrator runs the ScanState command-line tool on each computer. ScanState saves each user state to a server.
-
-2.  On each computer, the administrator installs the company's standard SOE which includes Windows 10 and other company applications.
-
-3.  The administrator runs the LoadState command-line tool on each source computer, and LoadState restores each user state back to the computer.
-
-### <a href="" id="bkmk-threepcrefresh"></a>Scenario Three: PC-refresh using a hard-link migration store
-
-A company has just received funds to update the operating system on all of its computers to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses a hard-link migration store to save each user state to their respective computer.
-
-1.  The administrator runs the ScanState command-line tool on each computer, specifying the **/hardlink /nocompress** command-line options. ScanState saves the user state to a hard-link migration store on each computer, improving performance by minimizing network traffic as well as minimizing migration failures on computers with very limited space available on the hard drive.
-
-2.  On each computer, the administrator installs the company's SOE which includes Windows 10 and other company applications.
-
-3.  The administrator runs the LoadState command-line tool on each computer. LoadState restores each user state back on each computer.
-
-### <a href="" id="bkmk-fourpcrefresh"></a>Scenario Four: PC-refresh using Windows.old folder and a hard-link migration store
-
-A company has decided to update the operating system on all of its computers to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses Windows.old and a hard-link migration store to save each user state to their respective computer.
-
-1.  The administrator clean installs Windows 10 on each computer, making sure that the Windows.old directory is created by installing Windows 10 without formatting or repartitioning and by selecting a partition that contains the previous version of Windows.
-
-2.  On each computer, the administrator installs the company’s SOE which includes company applications.
-
-3.  The administrator runs the ScanState and LoadState command-line tools successively on each computer while specifying the **/hardlink /nocompress** command-line options.
-
-## <a href="" id="bkmk-pcreplace"></a>PC-Replacement
-
-
-The following diagram shows a PC-replacement migration. First, the administrator migrates the user state from the source computer to an intermediate store. After installing the operating system on the destination computer, the administrator migrates the user state from the store to the destination computer.
-
- 
-
-![usmt pc replace scenario](images/dep-win8-l-usmt-pcreplace.jpg)
-
- 
-
-### <a href="" id="bkmk-onepcreplace"></a>Scenario One: Offline migration using WinPE and an external migration store
-
-A company is allocating 20 new computers to users in the accounting department. The users each have a source computer with their files and settings. In this scenario, migration is being handled completely offline, without a network connection.
-
-1.  On each source computer, an administrator boots the machine into WinPE and runs ScanState to collect the user state to either a server or an external hard disk.
-
-2.  On each new computer, the administrator installs the company's SOE which includes Windows 10 and other company applications.
-
-3.  On each of the new computers, the administrator runs the LoadState tool, restoring each user state from the migration store to one of the new computers.
-
-### <a href="" id="bkmk-twopcreplace"></a>Scenario Two: Manual network migration
-
-A company receives 50 new laptops for their managers and needs to reallocate 50 older laptops to new employees. In this scenario, an administrator runs the ScanState tool from the cmd prompt on each computer to collect the user states and save them to a server in a compressed migration store.
-
-1.  The administrator runs the ScanState tool on each of the manager’s old laptops, and saves each user state to a server.
-
-2.  On the new laptops, the administrator installs the company's SOE, which includes Windows 10 and other company applications.
-
-3.  The administrator runs the LoadState tool on the new laptops to migrate the managers’ user states to the appropriate computer. The new laptops are now ready for the managers to use.
-
-4.  On the old computers, the administrator installs the company’s SOE, which includes Windows 10, Microsoft Office, and other company applications. The old computers are now ready for the new employees to use.
-
-### <a href="" id="bkmk-threepcreplace"></a>Scenario Three: Managed network migration
-
-A company is allocating 20 new computers to users in the accounting department. The users each have a source computer that contains their files and settings. An administrator uses a management technology such as a logon script or a batch file to run ScanState on each source computer to collect the user states and save them to a server in a compressed migration store.
-
-1.  On each source computer, the administrator runs the ScanState tool using Microsoft System Center Configuration Manager (SCCM), Microsoft Deployment Toolkit (MDT), a logon script, a batch file, or a non-Microsoft management technology. ScanState collects the user state from each source computer and then saves it to a server.
-
-2.  On each new computer, the administrator installs the company's SOE, which includes Windows 10 and other company applications.
-
-3.  On each of the new computers, the administrator runs the LoadState tool using System Center Configuration Manager, a logon script, a batch file, or a non-Microsoft management technology. LoadState migrates each user state from the migration store to one of the new computers.
-
-## Related topics
-
-
-[Plan Your Migration](usmt-plan-your-migration.md)
-
-[Choose a Migration Store Type](usmt-choose-migration-store-type.md)
-
-[Offline Migration Reference](offline-migration-reference.md)
-
- 
-
- 
-
-
-
-
-
+---
+title: Common Migration Scenarios (Windows 10)
+description: Common Migration Scenarios
+ms.assetid: 1d8170d5-e775-4963-b7a5-b55e8987c1e4
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Common Migration Scenarios
+
+
+You use the User State Migration Tool (USMT) 10.0 when hardware and/or operating system upgrades are planned for a large number of computers. USMT manages the migration of an end-user's digital identity by capturing the user's operating-system settings, application settings, and personal files from a source computer and reinstalling them on a destination computer after the upgrade has occurred.
+
+One common scenario when only the operating system, and not the hardware, is being upgraded is referred to as *PC refresh*. A second common scenario is known as *PC replacement*, where one piece of hardware is being replaced, typically by newer hardware and a newer operating system.
+
+## In This Topic
+
+
+[PC Refresh](#bkmk-pcrefresh)
+
+[Scenario One: PC-refresh offline using Windows PE and a hard-link migration store](#bkmk-onepcrefresh)
+
+[Scenario Two: PC-refresh using a compressed migration store](#bkmk-twopcrefresh)
+
+[Scenario Three: PC-refresh using a hard-link migration store](#bkmk-threepcrefresh)
+
+[Scenario Four: PC-refresh using Windows.old folder and a hard-link migration store](#bkmk-fourpcrefresh)
+
+[PC Replacement](#bkmk-pcreplace)
+
+[Scenario One: Offline migration using Windows PE and an external migration store](#bkmk-onepcreplace)
+
+[Scenario Two: Manual network migration](#bkmk-twopcreplace)
+
+[Scenario Three: Managed network migration](#bkmk-threepcreplace)
+
+## <a href="" id="bkmk-pcrefresh"></a>PC-Refresh
+
+
+The following diagram shows a PC-refresh migration, also known as a computer refresh migration. First, the administrator migrates the user state from a source computer to an intermediate store. After installing the operating system, the administrator migrates the user state back to the source computer.
+
+ 
+
+![usmt pc refresh scenario](images/dep-win8-l-usmt-pcrefresh.jpg)
+
+ 
+
+### <a href="" id="bkmk-onepcrefresh"></a>Scenario One: PC-refresh offline using Windows PE and a hard-link migration store
+
+A company has just received funds to update the operating system on all of its computers in the accounting department to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, the update is being handled completely offline, without a network connection. An administrator uses Windows Preinstallation Environment (WinPE) and a hard-link migration store to save each user state to their respective computer.
+
+1.  On each computer, the administrator boots the machine into WinPE and runs the ScanState command-line tool, specifying the **/hardlink /nocompress** command-line options. ScanState saves the user state to a hard-link migration store on each computer, improving performance by minimizing network traffic as well as minimizing migration failures on computers with very limited space available on the hard drive.
+
+2.  On each computer, the administrator installs the company’s standard operating environment (SOE) which includes Windows 10 and other company applications.
+
+3.  The administrator runs the LoadState command-line tool on each computer. LoadState restores each user state back to each computer.
+
+### <a href="" id="bkmk-twopcrefresh"></a>Scenario Two: PC-refresh using a compressed migration store
+
+A company has just received funds to update the operating system on all of its computers to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses a compressed migration store to save the user states to a server.
+
+1.  The administrator runs the ScanState command-line tool on each computer. ScanState saves each user state to a server.
+
+2.  On each computer, the administrator installs the company's standard SOE which includes Windows 10 and other company applications.
+
+3.  The administrator runs the LoadState command-line tool on each source computer, and LoadState restores each user state back to the computer.
+
+### <a href="" id="bkmk-threepcrefresh"></a>Scenario Three: PC-refresh using a hard-link migration store
+
+A company has just received funds to update the operating system on all of its computers to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses a hard-link migration store to save each user state to their respective computer.
+
+1.  The administrator runs the ScanState command-line tool on each computer, specifying the **/hardlink /nocompress** command-line options. ScanState saves the user state to a hard-link migration store on each computer, improving performance by minimizing network traffic as well as minimizing migration failures on computers with very limited space available on the hard drive.
+
+2.  On each computer, the administrator installs the company's SOE which includes Windows 10 and other company applications.
+
+3.  The administrator runs the LoadState command-line tool on each computer. LoadState restores each user state back on each computer.
+
+### <a href="" id="bkmk-fourpcrefresh"></a>Scenario Four: PC-refresh using Windows.old folder and a hard-link migration store
+
+A company has decided to update the operating system on all of its computers to Windows 10. Each employee will keep the same computer, but the operating system on each computer will be updated. In this scenario, an administrator uses Windows.old and a hard-link migration store to save each user state to their respective computer.
+
+1.  The administrator clean installs Windows 10 on each computer, making sure that the Windows.old directory is created by installing Windows 10 without formatting or repartitioning and by selecting a partition that contains the previous version of Windows.
+
+2.  On each computer, the administrator installs the company’s SOE which includes company applications.
+
+3.  The administrator runs the ScanState and LoadState command-line tools successively on each computer while specifying the **/hardlink /nocompress** command-line options.
+
+## <a href="" id="bkmk-pcreplace"></a>PC-Replacement
+
+
+The following diagram shows a PC-replacement migration. First, the administrator migrates the user state from the source computer to an intermediate store. After installing the operating system on the destination computer, the administrator migrates the user state from the store to the destination computer.
+
+ 
+
+![usmt pc replace scenario](images/dep-win8-l-usmt-pcreplace.jpg)
+
+ 
+
+### <a href="" id="bkmk-onepcreplace"></a>Scenario One: Offline migration using WinPE and an external migration store
+
+A company is allocating 20 new computers to users in the accounting department. The users each have a source computer with their files and settings. In this scenario, migration is being handled completely offline, without a network connection.
+
+1.  On each source computer, an administrator boots the machine into WinPE and runs ScanState to collect the user state to either a server or an external hard disk.
+
+2.  On each new computer, the administrator installs the company's SOE which includes Windows 10 and other company applications.
+
+3.  On each of the new computers, the administrator runs the LoadState tool, restoring each user state from the migration store to one of the new computers.
+
+### <a href="" id="bkmk-twopcreplace"></a>Scenario Two: Manual network migration
+
+A company receives 50 new laptops for their managers and needs to reallocate 50 older laptops to new employees. In this scenario, an administrator runs the ScanState tool from the cmd prompt on each computer to collect the user states and save them to a server in a compressed migration store.
+
+1.  The administrator runs the ScanState tool on each of the manager’s old laptops, and saves each user state to a server.
+
+2.  On the new laptops, the administrator installs the company's SOE, which includes Windows 10 and other company applications.
+
+3.  The administrator runs the LoadState tool on the new laptops to migrate the managers’ user states to the appropriate computer. The new laptops are now ready for the managers to use.
+
+4.  On the old computers, the administrator installs the company’s SOE, which includes Windows 10, Microsoft Office, and other company applications. The old computers are now ready for the new employees to use.
+
+### <a href="" id="bkmk-threepcreplace"></a>Scenario Three: Managed network migration
+
+A company is allocating 20 new computers to users in the accounting department. The users each have a source computer that contains their files and settings. An administrator uses a management technology such as a logon script or a batch file to run ScanState on each source computer to collect the user states and save them to a server in a compressed migration store.
+
+1.  On each source computer, the administrator runs the ScanState tool using Microsoft Microsoft Endpoint Configuration Manager, Microsoft Deployment Toolkit (MDT), a logon script, a batch file, or a non-Microsoft management technology. ScanState collects the user state from each source computer and then saves it to a server.
+
+2.  On each new computer, the administrator installs the company's SOE, which includes Windows 10 and other company applications.
+
+3.  On each of the new computers, the administrator runs the LoadState tool using Microsoft Endpoint Configuration Manager, a logon script, a batch file, or a non-Microsoft management technology. LoadState migrates each user state from the migration store to one of the new computers.
+
+## Related topics
+
+
+[Plan Your Migration](usmt-plan-your-migration.md)
+
+[Choose a Migration Store Type](usmt-choose-migration-store-type.md)
+
+[Offline Migration Reference](offline-migration-reference.md)
+
+ 
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/usmt/usmt-test-your-migration.md b/windows/deployment/usmt/usmt-test-your-migration.md
index 7c4185278b..533b7f5286 100644
--- a/windows/deployment/usmt/usmt-test-your-migration.md
+++ b/windows/deployment/usmt/usmt-test-your-migration.md
@@ -1,53 +1,54 @@
----
-title: Test Your Migration (Windows 10)
-description: Test Your Migration
-ms.assetid: 754af276-8386-4eac-8079-3d1e45964a0d
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Test Your Migration
-
-
-Always test your migration plan in a controlled laboratory setting before you deploy it to your entire organization. In your test environment, you need at least one computer for each type of operating system from which you are migrating data.
-
-After you have thoroughly tested the entire migration process on a single computer running each of your source operating systems, conduct a pilot migration with a small group of users. After migrating a few typical user states to the intermediate store, note the space required and adjust your initial calculations accordingly. For details about estimating the space needed for your migration, see [Estimate Migration Store Size](usmt-estimate-migration-store-size.md). You might also need to adjust the registry-setting and file-location information in your migration-rule files. If you make changes, test the migration again. Then verify that all data and settings have migrated as expected. A pilot migration also gives you an opportunity to test your space estimates for the intermediate store.
-
-If your test migration encounters any errors, examine the ScanState and LoadState logs to obtain the exact User State Migration Tool (USMT) 10.0 return code and associated error messages or Windows application programming interface (API) error message. For more information about USMT return codes and error messages, see [Return Codes](usmt-return-codes.md). You can also obtain more information about a Windows API error message by typing **net helpmsg** and the error message number on the command line.
-
-In most cases, the ScanState and LoadState logs indicate why a USMT migration is failing. We recommend that you use the **/v**<em>:5</em> option when testing your migration. This verbosity level can be adjusted in a production migration. Reducing the verbosity level might make it more difficult to diagnose failures that are encountered during production migrations. You can use a higher verbosity level if you want the log files output to go to a debugger.
-
-**Note**  
-Running the ScanState and LoadState tools with the **/v**<em>:5</em> option creates a detailed log file. Although this option makes the log file large, it is helpful in determining where migration errors occurred.
-
- 
-
-After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft® System Center Configuration Manager (SCCM), or a non-Microsoft management technology. For more information, see [Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=140246).
-
-**Note**  
-For testing purposes, you can create an uncompressed store using the **/hardlink /nocompress** option. When compression is disabled, the ScanState tool saves the files and settings to a hidden folder named "File" at *StorePath*\\USMT. You can use the uncompressed store to view what USMT has stored or to troubleshoot a problem, or you can run an antivirus utility against the files. Additionally, you can also use the **/listfiles** command-line option and the diagnostic log to list the files that were gathered and to troubleshoot problems with your migration.
-
- 
-
-## Related topics
-
-
-[Plan Your Migration](usmt-plan-your-migration.md)
-
-[Log Files](usmt-log-files.md)
-
- 
-
- 
-
-
-
-
-
+---
+title: Test Your Migration (Windows 10)
+description: Test Your Migration
+ms.assetid: 754af276-8386-4eac-8079-3d1e45964a0d
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Test Your Migration
+
+
+Always test your migration plan in a controlled laboratory setting before you deploy it to your entire organization. In your test environment, you need at least one computer for each type of operating system from which you are migrating data.
+
+After you have thoroughly tested the entire migration process on a single computer running each of your source operating systems, conduct a pilot migration with a small group of users. After migrating a few typical user states to the intermediate store, note the space required and adjust your initial calculations accordingly. For details about estimating the space needed for your migration, see [Estimate Migration Store Size](usmt-estimate-migration-store-size.md). You might also need to adjust the registry-setting and file-location information in your migration-rule files. If you make changes, test the migration again. Then verify that all data and settings have migrated as expected. A pilot migration also gives you an opportunity to test your space estimates for the intermediate store.
+
+If your test migration encounters any errors, examine the ScanState and LoadState logs to obtain the exact User State Migration Tool (USMT) 10.0 return code and associated error messages or Windows application programming interface (API) error message. For more information about USMT return codes and error messages, see [Return Codes](usmt-return-codes.md). You can also obtain more information about a Windows API error message by typing **net helpmsg** and the error message number on the command line.
+
+In most cases, the ScanState and LoadState logs indicate why a USMT migration is failing. We recommend that you use the **/v**<em>:5</em> option when testing your migration. This verbosity level can be adjusted in a production migration. Reducing the verbosity level might make it more difficult to diagnose failures that are encountered during production migrations. You can use a higher verbosity level if you want the log files output to go to a debugger.
+
+**Note**  
+Running the ScanState and LoadState tools with the **/v**<em>:5</em> option creates a detailed log file. Although this option makes the log file large, it is helpful in determining where migration errors occurred.
+
+ 
+
+After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft Endpoint Configuration Manager, or a non-Microsoft management technology. For more information, see [Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=140246).
+
+**Note**  
+For testing purposes, you can create an uncompressed store using the **/hardlink /nocompress** option. When compression is disabled, the ScanState tool saves the files and settings to a hidden folder named "File" at *StorePath*\\USMT. You can use the uncompressed store to view what USMT has stored or to troubleshoot a problem, or you can run an antivirus utility against the files. Additionally, you can also use the **/listfiles** command-line option and the diagnostic log to list the files that were gathered and to troubleshoot problems with your migration.
+
+ 
+
+## Related topics
+
+
+[Plan Your Migration](usmt-plan-your-migration.md)
+
+[Log Files](usmt-log-files.md)
+
+ 
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/volume-activation/configure-client-computers-vamt.md b/windows/deployment/volume-activation/configure-client-computers-vamt.md
index 9cd6a07136..6b80a72d89 100644
--- a/windows/deployment/volume-activation/configure-client-computers-vamt.md
+++ b/windows/deployment/volume-activation/configure-client-computers-vamt.md
@@ -1,94 +1,95 @@
----
-title: Configure Client Computers (Windows 10)
-description: Configure Client Computers
-ms.assetid: a48176c9-b05c-4dd5-a9ef-83073e2370fc
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: activation
-audience: itpro
author: greg-lindsay
-ms.date: 04/25/2017
-ms.topic: article
----
-
-# Configure Client Computers
-
-To enable the Volume Activation Management Tool (VAMT) to function correctly, certain configuration changes are required on all client computers:
-
--   An exception must be set in the client computer's firewall.
--   A registry key must be created and set properly, for computers in a workgroup; otherwise, Windows® User Account Control (UAC) will not allow remote administrative operations.
-
-Organizations where the VAMT will be widely used may benefit from making these changes inside the master image for Windows.
-
-**Important**  
-This procedure only applies to clients running Windows Vista or later. For clients running Windows XP Service Pack 1, see [Connecting Through Windows Firewall](https://go.microsoft.com/fwlink/p/?LinkId=182933).
-
-## Configuring the Windows Firewall to allow VAMT access
-
-Enable the VAMT to access client computers using the **Windows Firewall** Control Panel:
-1.  Open Control Panel and double-click **System and Security**.
-2.  Click **Windows Firewall**.
-3.  Click **Allow a program or feature through Windows Firewall**.
-4.  Click the **Change settings** option.
-5.  Select the **Windows Management Instrumentation (WMI)** checkbox.
-6.  Click **OK**.
-
-    **Warning**  
-    By default, Windows Firewall Exceptions only apply to traffic originating on the local subnet. To expand the exception to apply to multiple subnets, you need to change the exception settings in the Windows Firewall with Advanced Security, as described below.
-
-## Configure Windows Firewall to allow VAMT access across multiple subnets
-
-Enable the VAMT to access client computers across multiple subnets using the **Windows Firewall with Advanced Security** Control Panel:
-
-![VAMT Firewall configuration for multiple subnets](images/dep-win8-l-vamt-firewallconfigurationformultiplesubnets.gif)
-
-1.  Open the Control Panel and double-click **Administrative Tools**.
-2.  Click **Windows Firewall with Advanced Security**.
-3.  Make your changes for each of the following three WMI items, for the applicable Network Profile (Domain, Public, Private):
-    -   Windows Management Instrumentation (ASync-In)
-    -   Windows Management Instrumentation (DCOM-In)
-    -   Windows Management Instrumentation (WMI-In)
-
-4. In the **Windows Firewall with Advanced Security** dialog box, select **Inbound Rules** from the left-hand panel.
-        
-5. Right-click the desired rule and select **Properties** to open the **Properties** dialog box.
-        
-    - On the **General** tab, select the **Allow the connection** checkbox.
-    - On the **Scope** tab, change the Remote IP Address setting from "Local Subnet" (default) to allow the specific access you need.
-    - On the **Advanced** tab, verify selection of all profiles that are applicable to the network (Domain or Private/Public).
-
-In certain scenarios, only a limited set of TCP/IP ports are allowed through a hardware firewall. Administrators must ensure that WMI (which relies on RPC over TCP/IP) is allowed through these types of firewalls. By default, the WMI port is a dynamically allocated random port above 1024. The following Microsoft knowledge article discusses how administrators can limit the range of dynamically-allocated ports. This is useful if, for example, the hardware firewall only allows traffic in a certain range of ports.
-For more info, see [How to configure RPC dynamic port allocation to work with firewalls](https://go.microsoft.com/fwlink/p/?LinkId=182911).
-
-## Create a registry value for the VAMT to access workgroup-joined computer
-
-**Caution**  
-This section contains information about how to modify the registry. Make sure to back up the registry before you modify it; in addition, ensure that you know how to restore the registry, if a problem occurs. For more information about how to back up, restore, and modify the registry, see [Windows registry information for advanced users](https://go.microsoft.com/fwlink/p/?LinkId=182912).
-
-On the client computer, create the following registry key using regedit.exe.
-
-1.  Navigate to `HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system`
-2.  Enter the following details:
-    **Value Name: LocalAccountTokenFilterPolicy**
-    **Type: DWORD**
-    **Value Data: 1**
-    **Note**  
-    To discover VAMT-manageable Windows computers in workgroups, you must enable network discovery on each client.
-
-## Deployment options
-
-There are several options for organizations to configure the WMI firewall exception for computers:
--   **Image.** Add the configurations to the master Windows image deployed to all clients.
--   **Group Policy.** If the clients are part of a domain, then all clients can be configured using Group Policy. The Group Policy setting for the WMI firewall exception is found in GPMC.MSC at: **Computer Configuration\\Windows Settings\\Security Settings\\Windows Firewall with Advanced Security\\Windows Firewall with Advanced Security\\Inbound Rules**.
--   **Script.** Execute a script using Microsoft System Center Configuration Manager or a third-party remote script execution facility.
--   **Manual.** Configure the WMI firewall exception individually on each client.
-The above configurations will open an additional port through the Windows Firewall on target computers and should be performed on computers that are protected by a network firewall. In order to allow VAMT to query the up-to-date licensing status, the WMI exception must be maintained. We recommend administrators consult their network security policies and make clear decisions when creating the WMI exception.
-
-## Related topics
-
-- [Install and Configure VAMT](install-configure-vamt.md)
- 
- 
+---
+title: Configure Client Computers (Windows 10)
+description: Configure Client Computers
+ms.assetid: a48176c9-b05c-4dd5-a9ef-83073e2370fc
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: activation
+audience: itpro
+author: greg-lindsay
+ms.date: 04/25/2017
+ms.topic: article
+---
+
+# Configure Client Computers
+
+To enable the Volume Activation Management Tool (VAMT) to function correctly, certain configuration changes are required on all client computers:
+
+-   An exception must be set in the client computer's firewall.
+-   A registry key must be created and set properly, for computers in a workgroup; otherwise, Windows® User Account Control (UAC) will not allow remote administrative operations.
+
+Organizations where the VAMT will be widely used may benefit from making these changes inside the master image for Windows.
+
+**Important**  
+This procedure only applies to clients running Windows Vista or later. For clients running Windows XP Service Pack 1, see [Connecting Through Windows Firewall](https://go.microsoft.com/fwlink/p/?LinkId=182933).
+
+## Configuring the Windows Firewall to allow VAMT access
+
+Enable the VAMT to access client computers using the **Windows Firewall** Control Panel:
+1.  Open Control Panel and double-click **System and Security**.
+2.  Click **Windows Firewall**.
+3.  Click **Allow a program or feature through Windows Firewall**.
+4.  Click the **Change settings** option.
+5.  Select the **Windows Management Instrumentation (WMI)** checkbox.
+6.  Click **OK**.
+
+    **Warning**  
+    By default, Windows Firewall Exceptions only apply to traffic originating on the local subnet. To expand the exception to apply to multiple subnets, you need to change the exception settings in the Windows Firewall with Advanced Security, as described below.
+
+## Configure Windows Firewall to allow VAMT access across multiple subnets
+
+Enable the VAMT to access client computers across multiple subnets using the **Windows Firewall with Advanced Security** Control Panel:
+
+![VAMT Firewall configuration for multiple subnets](images/dep-win8-l-vamt-firewallconfigurationformultiplesubnets.gif)
+
+1.  Open the Control Panel and double-click **Administrative Tools**.
+2.  Click **Windows Firewall with Advanced Security**.
+3.  Make your changes for each of the following three WMI items, for the applicable Network Profile (Domain, Public, Private):
+    -   Windows Management Instrumentation (ASync-In)
+    -   Windows Management Instrumentation (DCOM-In)
+    -   Windows Management Instrumentation (WMI-In)
+
+4. In the **Windows Firewall with Advanced Security** dialog box, select **Inbound Rules** from the left-hand panel.
+        
+5. Right-click the desired rule and select **Properties** to open the **Properties** dialog box.
+        
+    - On the **General** tab, select the **Allow the connection** checkbox.
+    - On the **Scope** tab, change the Remote IP Address setting from "Local Subnet" (default) to allow the specific access you need.
+    - On the **Advanced** tab, verify selection of all profiles that are applicable to the network (Domain or Private/Public).
+
+In certain scenarios, only a limited set of TCP/IP ports are allowed through a hardware firewall. Administrators must ensure that WMI (which relies on RPC over TCP/IP) is allowed through these types of firewalls. By default, the WMI port is a dynamically allocated random port above 1024. The following Microsoft knowledge article discusses how administrators can limit the range of dynamically-allocated ports. This is useful if, for example, the hardware firewall only allows traffic in a certain range of ports.
+For more info, see [How to configure RPC dynamic port allocation to work with firewalls](https://go.microsoft.com/fwlink/p/?LinkId=182911).
+
+## Create a registry value for the VAMT to access workgroup-joined computer
+
+**Caution**  
+This section contains information about how to modify the registry. Make sure to back up the registry before you modify it; in addition, ensure that you know how to restore the registry, if a problem occurs. For more information about how to back up, restore, and modify the registry, see [Windows registry information for advanced users](https://go.microsoft.com/fwlink/p/?LinkId=182912).
+
+On the client computer, create the following registry key using regedit.exe.
+
+1.  Navigate to `HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system`
+2.  Enter the following details:
+    **Value Name: LocalAccountTokenFilterPolicy**
+    **Type: DWORD**
+    **Value Data: 1**
+    **Note**  
+    To discover VAMT-manageable Windows computers in workgroups, you must enable network discovery on each client.
+
+## Deployment options
+
+There are several options for organizations to configure the WMI firewall exception for computers:
+-   **Image.** Add the configurations to the master Windows image deployed to all clients.
+-   **Group Policy.** If the clients are part of a domain, then all clients can be configured using Group Policy. The Group Policy setting for the WMI firewall exception is found in GPMC.MSC at: **Computer Configuration\\Windows Settings\\Security Settings\\Windows Firewall with Advanced Security\\Windows Firewall with Advanced Security\\Inbound Rules**.
+-   **Script.** Execute a script using Microsoft Endpoint Configuration Manager or a third-party remote script execution facility.
+-   **Manual.** Configure the WMI firewall exception individually on each client.
+The above configurations will open an additional port through the Windows Firewall on target computers and should be performed on computers that are protected by a network firewall. In order to allow VAMT to query the up-to-date licensing status, the WMI exception must be maintained. We recommend administrators consult their network security policies and make clear decisions when creating the WMI exception.
+
+## Related topics
+
+- [Install and Configure VAMT](install-configure-vamt.md)
+ 
+ 
diff --git a/windows/deployment/windows-10-deployment-posters.md b/windows/deployment/windows-10-deployment-posters.md
index f36dea21ef..b37a3cf91f 100644
--- a/windows/deployment/windows-10-deployment-posters.md
+++ b/windows/deployment/windows-10-deployment-posters.md
@@ -1,6 +1,6 @@
 ---
 title: Windows 10 deployment process posters
-description: View and download Windows 10 deployment process flows for System Center Configuration Manager and Windows Autopilot.
+description: View and download Windows 10 deployment process flows for Microsoft Endpoint Configuration Manager and Windows Autopilot.
 ms.reviewer: 
 manager: laurawi
 ms.audience: itpro
@@ -21,7 +21,7 @@ ms.topic: article
 **Applies to**
 -   Windows 10
 
-The following posters step through various options for deploying Windows 10 with Windows Autopilot or System Center Configuration Manager.  
+The following posters step through various options for deploying Windows 10 with Windows Autopilot or Microsoft Endpoint Configuration Manager.  
 
 ## Deploy Windows 10 with Autopilot
 
@@ -29,7 +29,7 @@ The Windows Autopilot poster is two pages in portrait mode (11x17). Click the im
 
 [![Deploy Windows 10 with Autopilot](./media/windows10-autopilot-flowchart.png)](./media/Windows10AutopilotFlowchart.pdf)
 
-## Deploy Windows 10 with System Center Configuration Manager
+## Deploy Windows 10 with Microsoft Endpoint Configuration Manager
 
 The Configuration Manager poster is one page in landscape mode (17x11). Click the image to view a PDF in your browser. You can also download this poster in [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/deployment/media/Windows10DeploymentConfigManager.pdf) or [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/deployment/media/Windows10DeploymentConfigManager.vsdx) format.
 
diff --git a/windows/deployment/windows-10-deployment-scenarios.md b/windows/deployment/windows-10-deployment-scenarios.md
index 26151664de..c702953e33 100644
--- a/windows/deployment/windows-10-deployment-scenarios.md
+++ b/windows/deployment/windows-10-deployment-scenarios.md
@@ -1,275 +1,277 @@
----
-title: Windows 10 deployment scenarios (Windows 10)
-description: To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider.
-ms.assetid: 7A29D546-52CC-482C-8870-8123C7DC04B5
-ms.reviewer: 
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-keywords: upgrade, in-place, configuration, deploy
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.date: 11/06/2018
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows 10 deployment scenarios
-
-**Applies to**
--   Windows 10
-
-To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider. Choosing among these scenarios, and understanding the capabilities and limitations of each, is a key task.
-
-The following table summarizes various Windows 10 deployment scenarios. The scenarios are each assigned to one of three categories. 
-- Modern deployment methods are recommended unless you have a specific need to use a different procedure. These methods are supported with existing tools such as Microsoft Deployment Toolkit (MDT) and System Center Configuration Manager. These methods are discussed in detail on the [Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home).
-- Dynamic deployment methods enable you to configure applications and settings for specific use cases. 
-- Traditional deployment methods use existing tools to deploy operating system images.<br>&nbsp;
-
-<table border="0">
-  <tr><td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>Category</b></td>
-     <td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>Scenario</b></td>
-     <td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>Description</b></td>
-     <td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>More information</b></td></tr>
-  <tr><td align='center' valign='middle' style='width:16%; border:1;' rowspan="2">Modern</td>
-    <td align="center">
-
-[Windows Autopilot](#windows-autopilot)</td>
-    <td align="center" style="width:16%; border:1;"> 
-      Customize the out-of-box-experience (OOBE) for your organization, and deploy a new system with apps and settings already configured.
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-<a href="https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot">Overview of Windows Autopilot</a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;"> 
-
-[In-place upgrade](#in-place-upgrade)
-
- </td>
-    <td align="center" style="width:16%; border:1;"> 
-      Use Windows Setup to update your OS and migrate apps and settings. Rollback data is saved in Windows.old.
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-<a href="https://docs.microsoft.com/windows/deployment/upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit">Perform an in-place upgrade to Windows 10 with MDT</a><br><a href="https://docs.microsoft.com/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager">Perform an in-place upgrade to Windows 10 using Configuration Manager</a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;" rowspan="3"> 
-      Dynamic
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-
-[Subscription Activation](#windows-10-subscription-activation)
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-      Switch from Windows 10 Pro to Enterprise when a subscribed user signs in. 
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-<a href="https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation">Windows 10 Subscription Activation</a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;"> 
-
- [AAD / MDM](#dynamic-provisioning)
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-      The device is automatically joined to AAD and configured by MDM.
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-<a href="https://docs.microsoft.com/windows/client-management/mdm/azure-active-directory-integration-with-mdm">Azure Active Directory integration with MDM</a>
-    </td>
-   </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;"> 
-
-   [Provisioning packages](#dynamic-provisioning)
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-      Using the Windows Imaging and Configuration Designer tool, create provisioning packages that can be applied to devices.
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-<a href="https://docs.microsoft.com/windows/configuration/configure-devices-without-mdm">Configure devices without MDM</a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;" rowspan="3"> 
-      Traditional
-    </td>
-    <td align="center" style="width:16%; border:1;">
-
-   [Bare metal](#new-computer)
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-      Deploy a new device, or wipe an existing device and deploy with a fresh image. 
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
- <a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt">Deploy a Windows 10 image using MDT</a><br><a href="https://docs.microsoft.com/sccm/osd/deploy-use/install-new-windows-version-new-computer-bare-metal">Install a new version of Windows on a new computer with System Center Configuration Manager</a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;"> 
-
-   [Refresh](#computer-refresh)
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-      Also called wipe and load. Redeploy a device by saving the user state, wiping the disk, then restoring the user state. 
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
- <a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10">Refresh a Windows 7 computer with Windows 10</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager">Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center" style="width:16%; border:1;"> 
-
-  [Replace](#computer-replace)
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
-      Replace an existing device with a new one by saving the user state on the old device and then restoring it to the new device.
-    </td>
-    <td align="center" style="width:16%; border:1;"> 
- <a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer">Replace a Windows 7 computer with a Windows 10 computer</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager">Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
-    </td>
-  </tr>
-</table>
-
-<br>&nbsp;
-
-
->[!IMPORTANT]
->The Windows Autopilot and Subscription Activation scenarios require that the beginning OS be Windows 10 version 1703, or later.<br>
->Except for clean install scenarios such as traditional bare metal and Windows Autopilot, all the methods described can optionally migrate apps and settings to the new OS. 
-
-## Modern deployment methods
-
-Modern deployment methods embrace both traditional on-prem and cloud services to deliver a simple, streamlined, cost effective deployment experience.
-
-### Windows Autopilot
-
-Windows Autopilot is a new suite of capabilities designed to simplify and modernize the deployment and management of new Windows 10 PCs. Windows Autopilot enables IT professionals to customize the Out of Box Experience (OOBE) for Windows 10 PCs and provide end users with a fully configured new Windows 10 device after just a few clicks. There are no images to deploy, no drivers to inject, and no infrastructure to manage. Users can go through the deployment process independently, without the need consult their IT administrator.
-
-For more information about Windows Autopilot, see [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-10-auto-pilot) and [Modernizing Windows deployment with Windows Autopilot](https://blogs.technet.microsoft.com/windowsitpro/2017/06/29/modernizing-windows-deployment-with-windows-autopilot/).
-
-### In-place upgrade
-
-For existing computers running Windows 7, Windows 8, or Windows 8.1, the recommended path for organizations deploying Windows 10 leverages the Windows installation program (Setup.exe) to perform an in-place upgrade, which automatically preserves all data, settings, applications, and drivers from the existing operating system version. This requires the least IT effort, because there is no need for any complex deployment infrastructure.
-
-Although consumer PCs will be upgraded using Windows Update, organizations want more control over the process. This is accomplished by leveraging tools like System Center Configuration Manager or the Microsoft Deployment Toolkit to completely automate the upgrade process through simple task sequences.
-
-The in-place upgrade process is designed to be extremely reliable, with the ability to automatically roll back to the previous operating system if any issues are encountered during the deployment process, without any IT staff involvement. Rolling back manually can also be done by leveraging the automatically-created recovery information (stored in the Windows.old folder), in case any issues are encountered after the upgrade is finished. The upgrade process is also typically faster than traditional deployments, because applications do not need to be reinstalled as part of the process.
-
-Because existing applications are preserved through the process, the upgrade process uses the standard Windows installation media image (Install.wim); custom images are not needed and cannot be used because the upgrade process is unable to deal with conflicts between apps in the old and new operating system. (For example, Contoso Timecard 1.0 in Windows 7 and Contoso Timecard 3.0 in the Windows 10 image.)
-
-Scenarios that support in-place upgrade with some additional procedures include changing from BIOS to UEFI boot mode and upgrade of devices that use non-Microsoft disk encryption software.
-
-- **Legacy BIOS to UEFI booting**: To perform an in-place upgrade on a UEFI-capable system that currently boots using legacy BIOS, first perform the in-place upgrade to Windows 10, maintaining the legacy BIOS boot mode. Windows 10 does not require UEFI, so it will work fine to upgrade a system using legacy BIOS emulation. After the upgrade, if you wish to enable Windows 10 features that require UEFI (such as Secure Boot), you can convert the system disk to a format that supports UEFI boot using the [MBR2GPT](https://docs.microsoft.com/windows/deployment/mbr-to-gpt) tool. Note: [UEFI specification](http://www.uefi.org/specifications) requires GPT disk layout. After the disk has been converted, you must also configure the firmware to boot in UEFI mode.
-
--   **Non-Microsoft disk encryption software**: While devices encrypted with BitLocker can easily be upgraded, more work is necessary for non-Microsoft disk encryption tools. Some ISVs will provide instructions on how to integrate their software into the in-place upgrade process. Check with your ISV to see if they have instructions. The following articles provide details on how to provision encryption drivers for use during Windows Setup via the ReflectDrivers setting:
-    - [Windows Setup Automation Overview](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-automation-overview)
-    - [Windows Setup Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options)
-
-There are some situations where you cannot use in-place upgrade; in these situations, you can use traditional deployment (wipe-and-load) instead. Examples of these situations include:
-
--   Changing from Windows 7, Windows 8, or Windows 8.1 x86 to Windows 10 x64. The upgrade process cannot change from a 32-bit operating system to a 64-bit operating system, because of possible complications with installed applications and drivers.
--   Windows To Go and Boot from VHD installations. The upgrade process is unable to upgrade these installations. Instead, new installations would need to be performed.
--   Updating existing images. While it might be tempting to try to upgrade existing Windows 7, Windows 8, or Windows 8.1 images to Windows 10 by installing the old image, upgrading it, and then recapturing the new Windows 10 image, this is not supported – preparing an upgraded OS for imaging (using Sysprep.exe) is not supported and will not work when it detects the upgraded OS.
--   Dual-boot and multi-boot systems. The upgrade process is designed for devices running a single OS; if using dual-boot or multi-boot systems with multiple operating systems (not leveraging virtual machines for the second and subsequent operating systems), additional care should be taken.
-
-
-## Dynamic provisioning
-
-For new PCs, organizations have historically replaced the version of Windows included on the device with their own custom Windows image, because this was often faster and easier than leveraging the preinstalled version. But this is an added expense due to the time and effort required. With the new dynamic provisioning capabilities and tools provided with Windows 10, it is now possible to avoid this.
-
-The goal of dynamic provisioning is to take a new PC out of the box, turn it on, and transform it into a productive organization device, with minimal time and effort. The types of transformations that are available include:
-
-### Windows 10 Subscription Activation<A ID="windows-10-subscription-activation"></A>
-
-Windows 10 Subscription Activation is a modern deployment method that enables you to change the SKU from Pro to Enterprise with no keys and no reboots. For more information about Subscription Activation, see [Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation).
-
-
-### Azure Active Directory (AAD) join with automatic mobile device management (MDM) enrollment
-
-In this scenario, the organization member just needs to provide their work or school user ID and password; the device can then be automatically joined to Azure Active Directory and enrolled in a mobile device management (MDM) solution with no additional user interaction. Once done, the MDM solution can finish configuring the device as needed. For more information, see [Azure Active Directory integration with MDM](https://docs.microsoft.com/windows/client-management/mdm/azure-active-directory-integration-with-mdm).
-
-### Provisioning package configuration
-
-Using the [Windows Imaging and Configuration Designer (ICD)](https://go.microsoft.com/fwlink/p/?LinkId=619358), IT administrators can create a self-contained package that contains all of the configuration, settings, and apps that need to be applied to a machine. These packages can then be deployed to new PCs through a variety of means, typically by IT professionals. For more information, see [Configure devices without MDM](/windows/configuration/configure-devices-without-mdm).
-
-These scenarios can be used to enable “choose your own device” (CYOD) programs where the organization’s users can pick their own PC and not be restricted to a small list of approved or certified models (programs that are difficult to implement using traditional deployment scenarios).
-
-While the initial Windows 10 release includes a variety of provisioning settings and deployment mechanisms, these will continue to be enhanced and extended based on feedback from organizations. As with all Windows features, organizations can submit suggestions for additional features through the Windows Feedback app or through their Microsoft Support contacts.
-
-## Traditional deployment: 
-
-New versions of Windows have typically been deployed by organizations using an image-based process built on top of tools provided in the [Windows Assessment and Deployment Kit](windows-adk-scenarios-for-it-pros.md), Windows Deployment Services, the [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md), and [System Center Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md).
-
-With the release of Windows 10, all of these tools are being updated to fully support Windows 10. Although newer scenarios such as in-place upgrade and dynamic provisioning may reduce the need for traditional deployment capabilities in some organizations, these traditional methods remain important and will continue to be available to organizations that need them.
-
-The traditional deployment scenario can be divided into different sub-scenarios. These are explained in detail in the following sections, but the following provides a brief summary:
-
--   **New computer.** A bare-metal deployment of a new machine.
-
--   **Computer refresh.** A reinstall of the same machine (with user-state migration and an optional full Windows Imaging (WIM) image backup).
-
--   **Computer replace.** A replacement of the old machine with a new machine (with user-state migration and an optional full WIM image backup).
-
-### New computer
-
-Also called a "bare metal" deployment. This scenario occurs when you have a blank machine you need to deploy, or an existing machine you want to wipe and redeploy without needing to preserve any existing data. The setup starts from a boot media, using CD, USB, ISO, or Pre-Boot Execution Environment (PXE). You can also generate a full offline media that includes all the files needed for a client deployment, allowing you to deploy without having to connect to a central deployment share. The target can be a physical computer, a virtual machine, or a Virtual Hard Disk (VHD) running on a physical computer (boot from VHD).
-
-The deployment process for the new machine scenario is as follows:
-
-1.  Start the setup from boot media (CD, USB, ISO, or PXE).
-
-2.  Wipe the hard disk clean and create new volume(s).
-
-3.  Install the operating system image.
-
-4.  Install other applications (as part of the task sequence).
-
-After taking these steps, the computer is ready for use.
-
-### Computer refresh
-
-A refresh is sometimes called wipe-and-load. The process is normally initiated in the running operating system. User data and settings are backed up and restored later as part of the deployment process. The target can be the same as for the new computer scenario.
-
-The deployment process for the wipe-and-load scenario is as follows:
-
-1.  Start the setup on a running operating system.
-
-2.  Save the user state locally.
-
-3.  Wipe the hard disk clean (except for the folder containing the backup).
-
-4.  Install the operating system image.
-
-5.  Install other applications.
-
-6.  Restore the user state.
-
-After taking these steps, the machine is ready for use.
-
-### Computer replace
-
-A computer replace is similar to the refresh scenario. However, since we are replacing the machine, we divide this scenario into two main tasks: backup of the old client and bare-metal deployment of the new client. As with the refresh scenario, user data and settings are backed up and restored.
-
-The deployment process for the replace scenario is as follows:
-
-1.  Save the user state (data and settings) on the server through a backup job on the running operating system.
-
-2.  Deploy the new computer as a bare-metal deployment.
-
-    **Note**<br>In some situations, you can use the replace scenario even if the target is the same machine. For example, you can use replace if you want to modify the disk layout from the master boot record (MBR) to the GUID partition table (GPT), which will allow you to take advantage of the Unified Extensible Firmware Interface (UEFI) functionality. You can also use replace if the disk needs to be repartitioned since user data needs to be transferred off the disk.
-
-## Related topics
-
-- [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
-- [Upgrade to Windows 10 with System Center Configuration Manager](upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md)
-- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=620230)
-- [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
-- [Windows setup technical reference](https://go.microsoft.com/fwlink/p/?LinkId=619357)
-- [Windows Imaging and Configuration Designer](https://go.microsoft.com/fwlink/p/?LinkId=619358)
-- [UEFI firmware](https://go.microsoft.com/fwlink/p/?LinkId=619359)
+---
+title: Windows 10 deployment scenarios (Windows 10)
+description: To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider.
+ms.assetid: 7A29D546-52CC-482C-8870-8123C7DC04B5
+ms.reviewer: 
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+keywords: upgrade, in-place, configuration, deploy
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.date: 11/06/2018
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows 10 deployment scenarios
+
+**Applies to**
+-   Windows 10
+
+To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider. Choosing among these scenarios, and understanding the capabilities and limitations of each, is a key task.
+
+The following table summarizes various Windows 10 deployment scenarios. The scenarios are each assigned to one of three categories. 
+- Modern deployment methods are recommended unless you have a specific need to use a different procedure. These methods are supported with existing tools such as Microsoft Deployment Toolkit (MDT) and Microsoft Endpoint Configuration Manager. These methods are discussed in detail on the [Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home).
+- Dynamic deployment methods enable you to configure applications and settings for specific use cases. 
+- Traditional deployment methods use existing tools to deploy operating system images.<br>&nbsp;
+
+<table border="0">
+  <tr><td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>Category</b></td>
+     <td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>Scenario</b></td>
+     <td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>Description</b></td>
+     <td align="center" style="width:16%; border:1;" bgcolor='#a0e4fa'><b>More information</b></td></tr>
+  <tr><td align='center' valign='middle' style='width:16%; border:1;' rowspan="2">Modern</td>
+    <td align="center">
+
+[Windows Autopilot](#windows-autopilot)</td>
+    <td align="center" style="width:16%; border:1;"> 
+      Customize the out-of-box-experience (OOBE) for your organization, and deploy a new system with apps and settings already configured.
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+<a href="https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot">Overview of Windows Autopilot</a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;"> 
+
+[In-place upgrade](#in-place-upgrade)
+
+ </td>
+    <td align="center" style="width:16%; border:1;"> 
+      Use Windows Setup to update your OS and migrate apps and settings. Rollback data is saved in Windows.old.
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+<a href="https://docs.microsoft.com/windows/deployment/upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit">Perform an in-place upgrade to Windows 10 with MDT</a><br><a href="https://docs.microsoft.com/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager">Perform an in-place upgrade to Windows 10 using Configuration Manager</a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;" rowspan="3"> 
+      Dynamic
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+
+[Subscription Activation](#windows-10-subscription-activation)
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+      Switch from Windows 10 Pro to Enterprise when a subscribed user signs in. 
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+<a href="https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation">Windows 10 Subscription Activation</a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;"> 
+
+ [AAD / MDM](#dynamic-provisioning)
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+      The device is automatically joined to AAD and configured by MDM.
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+<a href="https://docs.microsoft.com/windows/client-management/mdm/azure-active-directory-integration-with-mdm">Azure Active Directory integration with MDM</a>
+    </td>
+   </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;"> 
+
+   [Provisioning packages](#dynamic-provisioning)
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+      Using the Windows Imaging and Configuration Designer tool, create provisioning packages that can be applied to devices.
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+<a href="https://docs.microsoft.com/windows/configuration/configure-devices-without-mdm">Configure devices without MDM</a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;" rowspan="3"> 
+      Traditional
+    </td>
+    <td align="center" style="width:16%; border:1;">
+
+   [Bare metal](#new-computer)
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+      Deploy a new device, or wipe an existing device and deploy with a fresh image. 
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+ <a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt">Deploy a Windows 10 image using MDT</a><br><a href="https://docs.microsoft.com/sccm/osd/deploy-use/install-new-windows-version-new-computer-bare-metal">Install a new version of Windows on a new computer with Microsoft Endpoint Configuration Manager</a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;"> 
+
+   [Refresh](#computer-refresh)
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+      Also called wipe and load. Redeploy a device by saving the user state, wiping the disk, then restoring the user state. 
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+ <a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10">Refresh a Windows 7 computer with Windows 10</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager">Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center" style="width:16%; border:1;"> 
+
+  [Replace](#computer-replace)
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+      Replace an existing device with a new one by saving the user state on the old device and then restoring it to the new device.
+    </td>
+    <td align="center" style="width:16%; border:1;"> 
+ <a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer">Replace a Windows 7 computer with a Windows 10 computer</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager">Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
+    </td>
+  </tr>
+</table>
+
+<br>&nbsp;
+
+
+>[!IMPORTANT]
+>The Windows Autopilot and Subscription Activation scenarios require that the beginning OS be Windows 10 version 1703, or later.<br>
+>Except for clean install scenarios such as traditional bare metal and Windows Autopilot, all the methods described can optionally migrate apps and settings to the new OS. 
+
+## Modern deployment methods
+
+Modern deployment methods embrace both traditional on-prem and cloud services to deliver a simple, streamlined, cost effective deployment experience.
+
+### Windows Autopilot
+
+Windows Autopilot is a new suite of capabilities designed to simplify and modernize the deployment and management of new Windows 10 PCs. Windows Autopilot enables IT professionals to customize the Out of Box Experience (OOBE) for Windows 10 PCs and provide end users with a fully configured new Windows 10 device after just a few clicks. There are no images to deploy, no drivers to inject, and no infrastructure to manage. Users can go through the deployment process independently, without the need consult their IT administrator.
+
+For more information about Windows Autopilot, see [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-10-auto-pilot) and [Modernizing Windows deployment with Windows Autopilot](https://blogs.technet.microsoft.com/windowsitpro/2017/06/29/modernizing-windows-deployment-with-windows-autopilot/).
+
+### In-place upgrade
+
+For existing computers running Windows 7, Windows 8, or Windows 8.1, the recommended path for organizations deploying Windows 10 leverages the Windows installation program (Setup.exe) to perform an in-place upgrade, which automatically preserves all data, settings, applications, and drivers from the existing operating system version. This requires the least IT effort, because there is no need for any complex deployment infrastructure.
+
+Although consumer PCs will be upgraded using Windows Update, organizations want more control over the process. This is accomplished by leveraging tools like Microsoft Endpoint Configuration Manager or the Microsoft Deployment Toolkit to completely automate the upgrade process through simple task sequences.
+
+The in-place upgrade process is designed to be extremely reliable, with the ability to automatically roll back to the previous operating system if any issues are encountered during the deployment process, without any IT staff involvement. Rolling back manually can also be done by leveraging the automatically-created recovery information (stored in the Windows.old folder), in case any issues are encountered after the upgrade is finished. The upgrade process is also typically faster than traditional deployments, because applications do not need to be reinstalled as part of the process.
+
+Because existing applications are preserved through the process, the upgrade process uses the standard Windows installation media image (Install.wim); custom images are not needed and cannot be used because the upgrade process is unable to deal with conflicts between apps in the old and new operating system. (For example, Contoso Timecard 1.0 in Windows 7 and Contoso Timecard 3.0 in the Windows 10 image.)
+
+Scenarios that support in-place upgrade with some additional procedures include changing from BIOS to UEFI boot mode and upgrade of devices that use non-Microsoft disk encryption software.
+
+- **Legacy BIOS to UEFI booting**: To perform an in-place upgrade on a UEFI-capable system that currently boots using legacy BIOS, first perform the in-place upgrade to Windows 10, maintaining the legacy BIOS boot mode. Windows 10 does not require UEFI, so it will work fine to upgrade a system using legacy BIOS emulation. After the upgrade, if you wish to enable Windows 10 features that require UEFI (such as Secure Boot), you can convert the system disk to a format that supports UEFI boot using the [MBR2GPT](https://docs.microsoft.com/windows/deployment/mbr-to-gpt) tool. Note: [UEFI specification](http://www.uefi.org/specifications) requires GPT disk layout. After the disk has been converted, you must also configure the firmware to boot in UEFI mode.
+
+-   **Non-Microsoft disk encryption software**: While devices encrypted with BitLocker can easily be upgraded, more work is necessary for non-Microsoft disk encryption tools. Some ISVs will provide instructions on how to integrate their software into the in-place upgrade process. Check with your ISV to see if they have instructions. The following articles provide details on how to provision encryption drivers for use during Windows Setup via the ReflectDrivers setting:
+    - [Windows Setup Automation Overview](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-automation-overview)
+    - [Windows Setup Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options)
+
+There are some situations where you cannot use in-place upgrade; in these situations, you can use traditional deployment (wipe-and-load) instead. Examples of these situations include:
+
+-   Changing from Windows 7, Windows 8, or Windows 8.1 x86 to Windows 10 x64. The upgrade process cannot change from a 32-bit operating system to a 64-bit operating system, because of possible complications with installed applications and drivers.
+-   Windows To Go and Boot from VHD installations. The upgrade process is unable to upgrade these installations. Instead, new installations would need to be performed.
+-   Updating existing images. While it might be tempting to try to upgrade existing Windows 7, Windows 8, or Windows 8.1 images to Windows 10 by installing the old image, upgrading it, and then recapturing the new Windows 10 image, this is not supported – preparing an upgraded OS for imaging (using Sysprep.exe) is not supported and will not work when it detects the upgraded OS.
+-   Dual-boot and multi-boot systems. The upgrade process is designed for devices running a single OS; if using dual-boot or multi-boot systems with multiple operating systems (not leveraging virtual machines for the second and subsequent operating systems), additional care should be taken.
+
+
+## Dynamic provisioning
+
+For new PCs, organizations have historically replaced the version of Windows included on the device with their own custom Windows image, because this was often faster and easier than leveraging the preinstalled version. But this is an added expense due to the time and effort required. With the new dynamic provisioning capabilities and tools provided with Windows 10, it is now possible to avoid this.
+
+The goal of dynamic provisioning is to take a new PC out of the box, turn it on, and transform it into a productive organization device, with minimal time and effort. The types of transformations that are available include:
+
+### Windows 10 Subscription Activation<A ID="windows-10-subscription-activation"></A>
+
+Windows 10 Subscription Activation is a modern deployment method that enables you to change the SKU from Pro to Enterprise with no keys and no reboots. For more information about Subscription Activation, see [Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation).
+
+
+### Azure Active Directory (AAD) join with automatic mobile device management (MDM) enrollment
+
+In this scenario, the organization member just needs to provide their work or school user ID and password; the device can then be automatically joined to Azure Active Directory and enrolled in a mobile device management (MDM) solution with no additional user interaction. Once done, the MDM solution can finish configuring the device as needed. For more information, see [Azure Active Directory integration with MDM](https://docs.microsoft.com/windows/client-management/mdm/azure-active-directory-integration-with-mdm).
+
+### Provisioning package configuration
+
+Using the [Windows Imaging and Configuration Designer (ICD)](https://go.microsoft.com/fwlink/p/?LinkId=619358), IT administrators can create a self-contained package that contains all of the configuration, settings, and apps that need to be applied to a machine. These packages can then be deployed to new PCs through a variety of means, typically by IT professionals. For more information, see [Configure devices without MDM](/windows/configuration/configure-devices-without-mdm).
+
+These scenarios can be used to enable “choose your own device” (CYOD) programs where the organization’s users can pick their own PC and not be restricted to a small list of approved or certified models (programs that are difficult to implement using traditional deployment scenarios).
+
+While the initial Windows 10 release includes a variety of provisioning settings and deployment mechanisms, these will continue to be enhanced and extended based on feedback from organizations. As with all Windows features, organizations can submit suggestions for additional features through the Windows Feedback app or through their Microsoft Support contacts.
+
+## Traditional deployment: 
+
+New versions of Windows have typically been deployed by organizations using an image-based process built on top of tools provided in the [Windows Assessment and Deployment Kit](windows-adk-scenarios-for-it-pros.md), Windows Deployment Services, the [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md), and [Microsoft Endpoint Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md).
+
+With the release of Windows 10, all of these tools are being updated to fully support Windows 10. Although newer scenarios such as in-place upgrade and dynamic provisioning may reduce the need for traditional deployment capabilities in some organizations, these traditional methods remain important and will continue to be available to organizations that need them.
+
+The traditional deployment scenario can be divided into different sub-scenarios. These are explained in detail in the following sections, but the following provides a brief summary:
+
+-   **New computer.** A bare-metal deployment of a new machine.
+
+-   **Computer refresh.** A reinstall of the same machine (with user-state migration and an optional full Windows Imaging (WIM) image backup).
+
+-   **Computer replace.** A replacement of the old machine with a new machine (with user-state migration and an optional full WIM image backup).
+
+### New computer
+
+Also called a "bare metal" deployment. This scenario occurs when you have a blank machine you need to deploy, or an existing machine you want to wipe and redeploy without needing to preserve any existing data. The setup starts from a boot media, using CD, USB, ISO, or Pre-Boot Execution Environment (PXE). You can also generate a full offline media that includes all the files needed for a client deployment, allowing you to deploy without having to connect to a central deployment share. The target can be a physical computer, a virtual machine, or a Virtual Hard Disk (VHD) running on a physical computer (boot from VHD).
+
+The deployment process for the new machine scenario is as follows:
+
+1.  Start the setup from boot media (CD, USB, ISO, or PXE).
+
+2.  Wipe the hard disk clean and create new volume(s).
+
+3.  Install the operating system image.
+
+4.  Install other applications (as part of the task sequence).
+
+After taking these steps, the computer is ready for use.
+
+### Computer refresh
+
+A refresh is sometimes called wipe-and-load. The process is normally initiated in the running operating system. User data and settings are backed up and restored later as part of the deployment process. The target can be the same as for the new computer scenario.
+
+The deployment process for the wipe-and-load scenario is as follows:
+
+1.  Start the setup on a running operating system.
+
+2.  Save the user state locally.
+
+3.  Wipe the hard disk clean (except for the folder containing the backup).
+
+4.  Install the operating system image.
+
+5.  Install other applications.
+
+6.  Restore the user state.
+
+After taking these steps, the machine is ready for use.
+
+### Computer replace
+
+A computer replace is similar to the refresh scenario. However, since we are replacing the machine, we divide this scenario into two main tasks: backup of the old client and bare-metal deployment of the new client. As with the refresh scenario, user data and settings are backed up and restored.
+
+The deployment process for the replace scenario is as follows:
+
+1.  Save the user state (data and settings) on the server through a backup job on the running operating system.
+
+2.  Deploy the new computer as a bare-metal deployment.
+
+    **Note**<br>In some situations, you can use the replace scenario even if the target is the same machine. For example, you can use replace if you want to modify the disk layout from the master boot record (MBR) to the GUID partition table (GPT), which will allow you to take advantage of the Unified Extensible Firmware Interface (UEFI) functionality. You can also use replace if the disk needs to be repartitioned since user data needs to be transferred off the disk.
+
+## Related topics
+
+- [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
+- [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md)
+- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=620230)
+- [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
+- [Windows setup technical reference](https://go.microsoft.com/fwlink/p/?LinkId=619357)
+- [Windows Imaging and Configuration Designer](https://go.microsoft.com/fwlink/p/?LinkId=619358)
+- [UEFI firmware](https://go.microsoft.com/fwlink/p/?LinkId=619359)
diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md
index e241930c1e..e4cadbe165 100644
--- a/windows/deployment/windows-10-enterprise-e3-overview.md
+++ b/windows/deployment/windows-10-enterprise-e3-overview.md
@@ -1,258 +1,260 @@
----
-title: Windows 10 Enterprise E3 in CSP
-description: Describes Windows 10 Enterprise E3, an offering that delivers, by subscription, the features of Windows 10 Enterprise edition.
-keywords: upgrade, update, task sequence, deploy
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: mdt
-ms.date: 08/24/2017
-ms.reviewer: 
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-audience: itpro
author: greg-lindsay
-ms.collection: M365-modern-desktop
-ms.topic: article
----
-
-# Windows 10 Enterprise E3 in CSP
-
-Windows 10 Enterprise E3 launched in the Cloud Solution Provider (CSP) channel on September 1, 2016. Windows 10 Enterprise E3 in CSP is a new offering that delivers, by subscription, exclusive features reserved for Windows 10 Enterprise edition. This offering is available through the Cloud Solution Provider (CSP) channel via the Partner Center as an online service. Windows 10 Enterprise E3 in CSP provides a flexible, per-user subscription for small- and medium-sized organizations (from one to hundreds of users). To take advantage of this offering, you must have the following:
-
--   Windows 10 Pro, version 1607 (Windows 10 Anniversary Update) or later, installed and activated, on the devices to be upgraded
--   Azure Active Directory (Azure AD) available for identity management
-
-Starting with Windows 10, version 1607 (Windows 10 Anniversary Update), you can move from Windows 10 Pro to Windows 10 Enterprise more easily than ever before—no keys and no reboots. After one of your users enters the Azure AD credentials associated with a Windows 10 Enterprise E3 license, the operating system turns from Windows 10 Pro to Windows 10 Enterprise and all the appropriate Windows 10 Enterprise features are unlocked. When a subscription license expires or is transferred to another user, the Windows 10 Enterprise device seamlessly steps back down to Windows 10 Pro.
-
-Previously, only organizations with a Microsoft Volume Licensing Agreement could deploy Windows 10 Enterprise to their users. Now, with Windows 10 Enterprise E3 in CSP, small- and medium-sized organizations can more easily take advantage of Windows 10 Enterprise features.
-
-When you purchase Windows 10 Enterprise E3 via a partner, you get the following benefits:
-
--   **Windows 10 Enterprise edition**. Devices currently running Windows 10 Pro, version 1607 can get Windows 10 Enterprise Current Branch (CB) or Current Branch for Business (CBB). This benefit does not include Long Term Service Branch (LTSB).
-
--   **Support from one to hundreds of users**. Although the Windows 10 Enterprise E3 in CSP program does not have a limitation on the number of licenses an organization can have, the program is designed for small- and medium-sized organizations.
-
--   **Deploy on up to five devices**. For each user covered by the license, you can deploy Windows 10 Enterprise edition on up to five devices.
-
--   **Roll back to Windows 10 Pro at any time**. When a user’s subscription expires or is transferred to another user, the Windows 10 Enterprise device reverts seamlessly to Windows 10 Pro edition (after a grace period of up to 90 days).
-
--   **Monthly, per-user pricing model**. This makes Windows 10 Enterprise E3 affordable for any organization.
-
--   **Move licenses between users**. Licenses can be quickly and easily reallocated from one user to another user, allowing you to optimize your licensing investment against changing needs.
-
-How does the Windows 10 Enterprise E3 in CSP program compare with Microsoft Volume Licensing Agreements and Software Assurance?
-
--   [Microsoft Volume Licensing](https://www.microsoft.com/licensing/default.aspx) programs are broader in scope, providing organizations with access to licensing for all Microsoft products.
-
--   [Software Assurance](https://www.microsoft.com/Licensing/licensing-programs/software-assurance-default.aspx) provides organizations with the following categories of benefits:
-
-    -   **Deployment and management**. These benefits include planning services, Microsoft Desktop Optimization (MDOP), Windows Virtual Desktop Access Rights, Windows-To-Go Rights, Windows Roaming Use Rights, Windows Thin PC, Windows RT Companion VDA Rights, and other benefits.
-
-    -   **Training**. These benefits include training vouchers, online e-learning, and a home use program.
-
-    -   **Support**. These benefits include 24x7 problem resolution support, backup capabilities for disaster recovery, System Center Global Service Monitor, and a passive secondary instance of SQL Server.
-
-    -   **Specialized**. These benefits include step-up licensing availability (which enables you to migrate software from an earlier edition to a higher-level edition) and to spread license and Software Assurance payments across three equal, annual sums.
-
-    In addition, in Windows 10 Enterprise E3 in CSP, a partner can manage your licenses for you. With Software Assurance, you, the customer, manage your own licenses.
-
-In summary, the Windows 10 Enterprise E3 in CSP program is an upgrade offering that provides small- and medium-sized organizations easier, more flexible access to the benefits of Windows 10 Enterprise edition, whereas Microsoft Volume Licensing programs and Software Assurance are broader in scope and provide benefits beyond access to Windows 10 Enterprise edition.
-
-## Compare Windows 10 Pro and Enterprise editions
-
-Windows 10 Enterprise edition has a number of features that are unavailable in Windows 10 Pro. Table 1 lists the Windows 10 Enterprise features not found in Windows 10 Pro. Many of these features are security-related, whereas others enable finer-grained device management.
-
-*Table 1. Windows 10 Enterprise features not found in Windows 10 Pro*
-
-<table>
-<colgroup>
-<col width="20%" />
-<col width="80%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Feature</th>
-<th align="left">Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Credential Guard<strong><em></strong></p></td>
-<td align="left"><p>This feature uses virtualization-based security to help protect security secrets (for example, NTLM password hashes, Kerberos Ticket Granting Tickets) so that only privileged system software can access them. This helps prevent Pass-the-Hash or Pass-the-Ticket attacks.</p>
-<p>Credential Guard has the following features:</p>
-<ul>
-<li><p><strong>Hardware-level security</strong>.&nbsp;&nbsp;Credential Guard uses hardware platform security features (such as Secure Boot and virtualization) to help protect derived domain credentials and other secrets.</p></li>
-<li><p><strong>Virtualization-based security</strong>.&nbsp;&nbsp;Windows services that access derived domain credentials and other secrets run in a virtualized, protected environment that is isolated.</p></li>
-<li><p><strong>Improved protection against persistent threats</strong>.&nbsp;&nbsp;Credential Guard works with other technologies (e.g., Device Guard) to help provide further protection against attacks, no matter how persistent.</p></li>
-<li><p><strong>Improved manageability</strong>.&nbsp;&nbsp;Credential Guard can be managed through Group Policy, Windows Management Instrumentation (WMI), or Windows PowerShell.</p></li>
-</ul>
-<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/keep-secure/credential-guard" data-raw-source="[Protect derived domain credentials with Credential Guard](https://technet.microsoft.com/itpro/windows/keep-secure/credential-guard)">Protect derived domain credentials with Credential Guard</a>.</p>
-<p></em> <i>Credential Guard requires UEFI 2.3.1 or greater with Trusted Boot; Virtualization Extensions such as Intel VT-x, AMD-V, and SLAT must be enabled; x64 version of Windows; IOMMU, such as Intel VT-d, AMD-Vi; BIOS Lockdown; TPM 2.0 recommended for device health attestation (will use software if TPM 2.0 not present)</i></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Device Guard</p></td>
-<td align="left"><p>This feature is a combination of hardware and software security features that allows only trusted applications to run on a device. Even if an attacker manages to get control of the Windows kernel, he or she will be much less likely to run executable code. Device Guard can use virtualization-based security (VBS) in Windows 10 Enterprise edition to isolate the Code Integrity service from the Windows kernel itself. With VBS, even if malware gains access to the kernel, the effects can be severely limited, because the hypervisor can prevent the malware from executing code.</p>
-<p>Device Guard does the following:</p>
-<ul>
-<li><p>Helps protect against malware</p></li>
-<li><p>Helps protect the Windows system core from vulnerability and zero-day exploits</p></li>
-<li><p>Allows only trusted apps to run</p></li>
-</ul>
-<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies" data-raw-source="[Introduction to Device Guard](https://technet.microsoft.com/itpro/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies)">Introduction to Device Guard</a>.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>AppLocker management</p></td>
-<td align="left"><p>This feature helps IT pros determine which applications and files users can run on a device (also known as “whitelisting”). The applications and files that can be managed include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.</p>
-<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview" data-raw-source="[AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview)">AppLocker</a>.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Application Virtualization (App-V)</p></td>
-<td align="left"><p>This feature makes applications available to end users without installing the applications directly on users’ devices. App-V transforms applications into centrally managed services that are never installed and don&#39;t conflict with other applications. This feature also helps ensure that applications are kept current with the latest security updates.</p>
-<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/manage/appv-getting-started" data-raw-source="[Getting Started with App-V for Windows 10](https://technet.microsoft.com/itpro/windows/manage/appv-getting-started)">Getting Started with App-V for Windows 10</a>.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>User Experience Virtualization (UE-V)</p></td>
-<td align="left"><p>With this feature, you can capture user-customized Windows and application settings and store them on a centrally managed network file share. When users log on, their personalized settings are applied to their work session, regardless of which device or virtual desktop infrastructure (VDI) sessions they log on to.</p>
-<p>UE-V provides the ability to do the following:</p>
-<ul>
-<li><p>Specify which application and Windows settings synchronize across user devices</p></li>
-<li><p>Deliver the settings anytime and anywhere users work throughout the enterprise</p></li>
-<li><p>Create custom templates for your third-party or line-of-business applications</p></li>
-<li><p>Recover settings after hardware replacement or upgrade, or after re-imaging a virtual machine to its initial state</p></li>
-</ul>
-<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/manage/uev-for-windows" data-raw-source="[User Experience Virtualization (UE-V) for Windows 10 overview](https://technet.microsoft.com/itpro/windows/manage/uev-for-windows)">User Experience Virtualization (UE-V) for Windows 10 overview</a>.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Managed User Experience</p></td>
-<td align="left"><p>This feature helps customize and lock down a Windows device’s user interface to restrict it to a specific task. For example, you can configure a device for a controlled scenario such as a kiosk or classroom device. The user experience would be automatically reset once a user signs off. You can also restrict access to services including Cortana or the Windows Store, and manage Start layout options, such as:</p>
-<ul>
-<li><p>Removing and preventing access to the Shut Down, Restart, Sleep, and Hibernate commands</p></li>
-<li><p>Removing Log Off (the User tile) from the Start menu</p></li>
-<li><p>Removing frequent programs from the Start menu</p></li>
-<li><p>Removing the All Programs list from the Start menu</p></li>
-<li><p>Preventing users from customizing their Start screen</p></li>
-<li><p>Forcing Start menu to be either full-screen size or menu size</p></li>
-<li><p>Preventing changes to Taskbar and Start menu settings</p></li>
-</ul>
-</tr>
-</tbody>
-</table>
-
-## Deployment of Windows 10 Enterprise E3 licenses
-
-See [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md).
-
-## Deploy Windows 10 Enterprise features
-
-Now that you have Windows 10 Enterprise edition running on devices, how do you take advantage of the Enterprise edition features and capabilities? What are the next steps that need to be taken for each of the features discussed in [Table 1](#compare-windows10-pro-and-enterprise-editions)?
-
-The following sections provide you with the high-level tasks that need to be performed in your environment to help users take advantage of the Windows 10 Enterprise edition features.
-
-### Credential Guard\*
-
-You can implement Credential Guard on Windows 10 Enterprise devices by turning on Credential Guard on these devices. Credential Guard uses Windows 10 virtualization-based security features (Hyper-V features) that must be enabled on each device before you can turn on Credential Guard. You can turn on Credential Guard by using one of the following methods:
-
--   **Automated**. You can automatically turn on Credential Guard for one or more devices by using Group Policy. The Group Policy settings automatically add the virtualization-based security features and configure the Credential Guard registry settings on managed devices.
-
--   **Manual**. You can manually turn on Credential Guard by doing the following:
-
-    -   Add the virtualization-based security features by using Programs and Features or Deployment Image Servicing and Management (DISM).
-
-    -   Configure Credential Guard registry settings by using the Registry Editor or the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
-
-    You can automate these manual steps by using a management tool such as System Center Configuration Manager.
-
-For more information about implementing Credential Guard, see the following resources:
-
--   [Protect derived domain credentials with Credential Guard](https://technet.microsoft.com/itpro/windows/keep-secure/credential-guard)
--   [PC OEM requirements for Device Guard and Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514(v=vs.85).aspx)
--   [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337)
-
-\* *Requires UEFI 2.3.1 or greater with Trusted Boot; Virtualization Extensions such as Intel VT-x, AMD-V, and SLAT must be enabled; x64 version of Windows; IOMMU, such as Intel VT-d, AMD-Vi; BIOS Lockdown; TPM 2.0 recommended for device health attestation (will use software if TPM 2.0 not present)*
-
-### Device Guard
-
-Now that the devices have Windows 10 Enterprise, you can implement Device Guard on the Windows 10 Enterprise devices by performing the following steps:
-
-1.  **Optionally, create a signing certificate for code integrity policies**. As you deploy code integrity policies, you might need to sign catalog files or code integrity policies internally. To do this, you will either need a publicly issued code signing certificate (that you purchase) or an internal certificate authority (CA). If you choose to use an internal CA, you will need to create a code signing certificate.
-
-2.  **Create code integrity policies from “golden” computers**. When you have identified departments or roles that use distinctive or partly distinctive sets of hardware and software, you can set up “golden” computers containing that software and hardware. In this respect, creating and managing code integrity policies to align with the needs of roles or departments can be similar to managing corporate images. From each “golden” computer, you can create a code integrity policy and decide how to manage that policy. You can merge code integrity policies to create a broader policy or a master policy, or you can manage and deploy each policy individually.
-
-3.  **Audit the code integrity policy and capture information about applications that are outside the policy**. We recommend that you use “audit mode” to carefully test each code integrity policy before you enforce it. With audit mode, no application is blocked—the policy just logs an event whenever an application outside the policy is started. Later, you can expand the policy to allow these applications, as needed.
-
-4.  **Create a “catalog file” for unsigned line-of-business (LOB) applications**. Use the Package Inspector tool to create and sign a catalog file for your unsigned LOB applications. In later steps, you can merge the catalog file's signature into your code integrity policy so that applications in the catalog will be allowed by the policy.
-
-5.  **Capture needed policy information from the event log, and merge information into the existing policy as needed**. After a code integrity policy has been running for a time in audit mode, the event log will contain information about applications that are outside the policy. To expand the policy so that it allows for these applications, use Windows PowerShell commands to capture the needed policy information from the event log, and then merge that information into the existing policy. You can merge code integrity policies from other sources also, for flexibility in how you create your final code integrity policies.
-
-6.  **Deploy code integrity policies and catalog files**. After you confirm that you have completed all the preceding steps, you can begin deploying catalog files and taking code integrity policies out of audit mode. We strongly recommend that you begin this process with a test group of users. This provides a final quality-control validation before you deploy the catalog files and code integrity policies more broadly.
-
-7.  **Enable desired hardware security features**. Hardware-based security features—also called virtualization-based security (VBS) features—strengthen the protections offered by code integrity policies.
-
-For more information about implementing Device Guard, see:
-
-- [Planning and getting started on the Device Guard deployment process](https://technet.microsoft.com/itpro/windows/keep-secure/planning-and-getting-started-on-the-device-guard-deployment-process)
-- [Device Guard deployment guide](https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide)
-
-### AppLocker management
-
-You can manage AppLocker in Windows 10 Enterprise by using Group Policy. Group Policy requires that the you have AD DS and that the Windows 10 Enterprise devices are joined to the your AD DS domain. You can create AppLocker rules by using Group Policy, and then target those rules to the appropriate devices.
-
-For more information about AppLocker management by using Group Policy, see [AppLocker deployment guide](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-policies-deployment-guide).
-
-### App-V
-
-App-V requires an App-V server infrastructure to support App-V clients. The primary App-V components that the you must have are as follows:
-
--   **App-V server**. The App-V server provides App-V management, virtualized app publishing, app streaming, and reporting services. Each of these services can be run on one server or can be run individually on multiple servers. For example, you could have multiple streaming servers. App-V clients contact App-V servers to determine which apps are published to the user or device, and then run the virtualized app from the server.
-
--   **App-V sequencer**. The App-V sequencer is a typical client device that is used to sequence (capture) apps and prepare them for hosting from the App-V server. You install apps on the App-V sequencer, and the App-V sequencer software determines the files and registry settings that are changed during app installation. Then the sequencer captures these settings to create a virtualized app.
-
--   **App-V client**. The App-V client must be enabled on any client device on which apps will be run from the App-V server. These will be the Windows 10 Enterprise E3 devices.
-
-For more information about implementing the App-V server, App-V sequencer, and App-V client, see the following resources:
-
--   [Getting Started with App-V for Windows 10](https://technet.microsoft.com/itpro/windows/manage/appv-getting-started)
--   [Deploying the App-V server](https://technet.microsoft.com/itpro/windows/manage/appv-deploying-the-appv-server)
--   [Deploying the App-V Sequencer and Configuring the Client](https://technet.microsoft.com/itpro/windows/manage/appv-deploying-the-appv-sequencer-and-client)
-
-### UE-V
-UE-V requires server- and client-side components that you you’ll need to download, activate, and install. These components include:
-
-- **UE-V service**. The UE-V service (when enabled on devices) monitors registered applications and Windows for any settings changes, then synchronizes those settings between devices.
-
-- **Settings packages**. Settings packages created by the UE-V service store application settings and Windows settings. Settings packages are built, locally stored, and copied to the settings storage location.
-
-- **Settings storage location**. This location is a standard network share that your users can access. The UE-V service verifies the location and creates a hidden system folder in which to store and retrieve user settings.
-
-- **Settings location templates**. Settings location templates are XML files that UE-V uses to monitor and synchronize desktop application settings and Windows desktop settings between user computers. By default, some settings location templates are included in UE-V. You can also create, edit, or validate custom settings location templates by using the UE-V template generator. Settings location templates are not required for Windows applications.
-
-- **Universal Windows applications list**. UE-V determines which Windows applications are enabled for settings synchronization using a managed list of applications. By default, this list includes most Windows applications.
-
-For more information about deploying UE-V, see the following resources:
-
-- [User Experience Virtualization (UE-V) for Windows 10 overview](https://technet.microsoft.com/itpro/windows/manage/uev-for-windows)
-- [Get Started with UE-V](https://technet.microsoft.com/itpro/windows/manage/uev-getting-started)
-- [Prepare a UE-V Deployment](https://technet.microsoft.com/itpro/windows/manage/uev-prepare-for-deployment)
-
-### Managed User Experience
-
-The Managed User Experience feature is a set of Windows 10 Enterprise edition features and corresponding settings that you can use to manage user experience. Table 2 describes the Managed User Experience settings (by category), which are only available in Windows 10 Enterprise edition. The management methods used to configure each feature depend on the feature. Some features are configured by using Group Policy, while others are configured by using Windows PowerShell, Deployment Image Servicing and Management (DISM), or other command-line tools. For the Group Policy settings, you must have AD DS with the Windows 10 Enterprise devices joined to your AD DS domain.
-
-*Table 2. Managed User Experience features*
-
-| Feature          | Description     |
-|------------------|-----------------|
-| Start layout customization | You can deploy a customized Start layout to users in a domain. No reimaging is required, and the Start layout can be updated simply by overwriting the .xml file that contains the layout. This enables you to customize Start layouts for different departments or organizations, with minimal management overhead.<br>For more information on these settings, see [Customize Windows 10 Start and taskbar with Group Policy](https://technet.microsoft.com/itpro/windows/manage/customize-windows-10-start-screens-by-using-group-policy). |
-| Unbranded boot             | You can suppress Windows elements that appear when Windows starts or resumes and can suppress the crash screen when Windows encounters an error from which it cannot recover.<br>For more information on these settings, see [Unbranded Boot](https://msdn.microsoft.com/library/windows/hardware/mt571997(v=vs.85).aspx).       |
-| Custom logon               | You can use the Custom Logon feature to suppress Windows 10 UI elements that relate to the Welcome screen and shutdown screen. For example, you can suppress all elements of the Welcome screen UI and provide a custom logon UI. You can also suppress the Blocked Shutdown Resolver (BSDR) screen and automatically end applications while the OS waits for applications to close before a shutdown.<br>For more information on these settings, see [Custom Logon](https://msdn.microsoft.com/library/windows/hardware/mt571990(v=vs.85).aspx).                        |
-| Shell launcher             | Enables Assigned Access to run only a classic Windows app via Shell Launcher to replace the shell.<br>For more information on these settings, see [Shell Launcher](https://msdn.microsoft.com/library/windows/hardware/mt571994(v=vs.85).aspx).     |
-| Keyboard filter            | You can use Keyboard Filter to suppress undesirable key presses or key combinations. Normally, users can use certain Windows key combinations like Ctrl+Alt+Delete or Ctrl+Shift+Tab to control a device by locking the screen or using Task Manager to close a running application. This is not desirable on devices intended for a dedicated purpose.<br>For more information on these settings, see [Keyboard Filter](https://msdn.microsoft.com/library/windows/hardware/mt587088(v=vs.85).aspx).    |
-| Unified write filter       | You can use Unified Write Filter (UWF) on your device to help protect your physical storage media, including most standard writable storage types that are supported by Windows, such as physical hard disks, solid-state drives, internal USB devices, external SATA devices, and so on. You can also use UWF to make read-only media appear to the OS as a writable volume.<br>For more information on these settings, see [Unified Write Filter](https://msdn.microsoft.com/library/windows/hardware/mt572001(v=vs.85).aspx).    |
-
-## Related topics
-
-[Windows 10 Enterprise Subscription Activation](windows-10-subscription-activation.md)
-<BR>[Connect domain-joined devices to Azure AD for Windows 10 experiences](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-devices-group-policy/)
-<BR>[Compare Windows 10 editions](https://www.microsoft.com/WindowsForBusiness/Compare)
-<BR>[Windows for business](https://www.microsoft.com/windowsforbusiness/default.aspx)
+---
+title: Windows 10 Enterprise E3 in CSP
+description: Describes Windows 10 Enterprise E3, an offering that delivers, by subscription, the features of Windows 10 Enterprise edition.
+keywords: upgrade, update, task sequence, deploy
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.pagetype: mdt
+ms.date: 08/24/2017
+ms.reviewer: 
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+audience: itpro
+author: greg-lindsay
+ms.collection: M365-modern-desktop
+ms.topic: article
+---
+
+# Windows 10 Enterprise E3 in CSP
+
+Windows 10 Enterprise E3 launched in the Cloud Solution Provider (CSP) channel on September 1, 2016. Windows 10 Enterprise E3 in CSP is a new offering that delivers, by subscription, exclusive features reserved for Windows 10 Enterprise edition. This offering is available through the Cloud Solution Provider (CSP) channel via the Partner Center as an online service. Windows 10 Enterprise E3 in CSP provides a flexible, per-user subscription for small- and medium-sized organizations (from one to hundreds of users). To take advantage of this offering, you must have the following:
+
+-   Windows 10 Pro, version 1607 (Windows 10 Anniversary Update) or later, installed and activated, on the devices to be upgraded
+-   Azure Active Directory (Azure AD) available for identity management
+
+Starting with Windows 10, version 1607 (Windows 10 Anniversary Update), you can move from Windows 10 Pro to Windows 10 Enterprise more easily than ever before—no keys and no reboots. After one of your users enters the Azure AD credentials associated with a Windows 10 Enterprise E3 license, the operating system turns from Windows 10 Pro to Windows 10 Enterprise and all the appropriate Windows 10 Enterprise features are unlocked. When a subscription license expires or is transferred to another user, the Windows 10 Enterprise device seamlessly steps back down to Windows 10 Pro.
+
+Previously, only organizations with a Microsoft Volume Licensing Agreement could deploy Windows 10 Enterprise to their users. Now, with Windows 10 Enterprise E3 in CSP, small- and medium-sized organizations can more easily take advantage of Windows 10 Enterprise features.
+
+When you purchase Windows 10 Enterprise E3 via a partner, you get the following benefits:
+
+-   **Windows 10 Enterprise edition**. Devices currently running Windows 10 Pro, version 1607 can get Windows 10 Enterprise Current Branch (CB) or Current Branch for Business (CBB). This benefit does not include Long Term Service Branch (LTSB).
+
+-   **Support from one to hundreds of users**. Although the Windows 10 Enterprise E3 in CSP program does not have a limitation on the number of licenses an organization can have, the program is designed for small- and medium-sized organizations.
+
+-   **Deploy on up to five devices**. For each user covered by the license, you can deploy Windows 10 Enterprise edition on up to five devices.
+
+-   **Roll back to Windows 10 Pro at any time**. When a user’s subscription expires or is transferred to another user, the Windows 10 Enterprise device reverts seamlessly to Windows 10 Pro edition (after a grace period of up to 90 days).
+
+-   **Monthly, per-user pricing model**. This makes Windows 10 Enterprise E3 affordable for any organization.
+
+-   **Move licenses between users**. Licenses can be quickly and easily reallocated from one user to another user, allowing you to optimize your licensing investment against changing needs.
+
+How does the Windows 10 Enterprise E3 in CSP program compare with Microsoft Volume Licensing Agreements and Software Assurance?
+
+-   [Microsoft Volume Licensing](https://www.microsoft.com/licensing/default.aspx) programs are broader in scope, providing organizations with access to licensing for all Microsoft products.
+
+-   [Software Assurance](https://www.microsoft.com/Licensing/licensing-programs/software-assurance-default.aspx) provides organizations with the following categories of benefits:
+
+    -   **Deployment and management**. These benefits include planning services, Microsoft Desktop Optimization (MDOP), Windows Virtual Desktop Access Rights, Windows-To-Go Rights, Windows Roaming Use Rights, Windows Thin PC, Windows RT Companion VDA Rights, and other benefits.
+
+    -   **Training**. These benefits include training vouchers, online e-learning, and a home use program.
+
+    -   **Support**. These benefits include 24x7 problem resolution support, backup capabilities for disaster recovery, System Center Global Service Monitor, and a passive secondary instance of SQL Server.
+
+    -   **Specialized**. These benefits include step-up licensing availability (which enables you to migrate software from an earlier edition to a higher-level edition) and to spread license and Software Assurance payments across three equal, annual sums.
+
+    In addition, in Windows 10 Enterprise E3 in CSP, a partner can manage your licenses for you. With Software Assurance, you, the customer, manage your own licenses.
+
+In summary, the Windows 10 Enterprise E3 in CSP program is an upgrade offering that provides small- and medium-sized organizations easier, more flexible access to the benefits of Windows 10 Enterprise edition, whereas Microsoft Volume Licensing programs and Software Assurance are broader in scope and provide benefits beyond access to Windows 10 Enterprise edition.
+
+## Compare Windows 10 Pro and Enterprise editions
+
+Windows 10 Enterprise edition has a number of features that are unavailable in Windows 10 Pro. Table 1 lists the Windows 10 Enterprise features not found in Windows 10 Pro. Many of these features are security-related, whereas others enable finer-grained device management.
+
+*Table 1. Windows 10 Enterprise features not found in Windows 10 Pro*
+
+<table>
+<colgroup>
+<col width="20%" />
+<col width="80%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th align="left">Feature</th>
+<th align="left">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td align="left"><p>Credential Guard<strong><em></strong></p></td>
+<td align="left"><p>This feature uses virtualization-based security to help protect security secrets (for example, NTLM password hashes, Kerberos Ticket Granting Tickets) so that only privileged system software can access them. This helps prevent Pass-the-Hash or Pass-the-Ticket attacks.</p>
+<p>Credential Guard has the following features:</p>
+<ul>
+<li><p><strong>Hardware-level security</strong>.&nbsp;&nbsp;Credential Guard uses hardware platform security features (such as Secure Boot and virtualization) to help protect derived domain credentials and other secrets.</p></li>
+<li><p><strong>Virtualization-based security</strong>.&nbsp;&nbsp;Windows services that access derived domain credentials and other secrets run in a virtualized, protected environment that is isolated.</p></li>
+<li><p><strong>Improved protection against persistent threats</strong>.&nbsp;&nbsp;Credential Guard works with other technologies (e.g., Device Guard) to help provide further protection against attacks, no matter how persistent.</p></li>
+<li><p><strong>Improved manageability</strong>.&nbsp;&nbsp;Credential Guard can be managed through Group Policy, Windows Management Instrumentation (WMI), or Windows PowerShell.</p></li>
+</ul>
+<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/keep-secure/credential-guard" data-raw-source="[Protect derived domain credentials with Credential Guard](https://technet.microsoft.com/itpro/windows/keep-secure/credential-guard)">Protect derived domain credentials with Credential Guard</a>.</p>
+<p></em> <i>Credential Guard requires UEFI 2.3.1 or greater with Trusted Boot; Virtualization Extensions such as Intel VT-x, AMD-V, and SLAT must be enabled; x64 version of Windows; IOMMU, such as Intel VT-d, AMD-Vi; BIOS Lockdown; TPM 2.0 recommended for device health attestation (will use software if TPM 2.0 not present)</i></p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>Device Guard</p></td>
+<td align="left"><p>This feature is a combination of hardware and software security features that allows only trusted applications to run on a device. Even if an attacker manages to get control of the Windows kernel, he or she will be much less likely to run executable code. Device Guard can use virtualization-based security (VBS) in Windows 10 Enterprise edition to isolate the Code Integrity service from the Windows kernel itself. With VBS, even if malware gains access to the kernel, the effects can be severely limited, because the hypervisor can prevent the malware from executing code.</p>
+<p>Device Guard does the following:</p>
+<ul>
+<li><p>Helps protect against malware</p></li>
+<li><p>Helps protect the Windows system core from vulnerability and zero-day exploits</p></li>
+<li><p>Allows only trusted apps to run</p></li>
+</ul>
+<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies" data-raw-source="[Introduction to Device Guard](https://technet.microsoft.com/itpro/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies)">Introduction to Device Guard</a>.</p></td>
+</tr>
+<tr class="odd">
+<td align="left"><p>AppLocker management</p></td>
+<td align="left"><p>This feature helps IT pros determine which applications and files users can run on a device (also known as “whitelisting”). The applications and files that can be managed include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.</p>
+<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview" data-raw-source="[AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview)">AppLocker</a>.</p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>Application Virtualization (App-V)</p></td>
+<td align="left"><p>This feature makes applications available to end users without installing the applications directly on users’ devices. App-V transforms applications into centrally managed services that are never installed and don&#39;t conflict with other applications. This feature also helps ensure that applications are kept current with the latest security updates.</p>
+<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/manage/appv-getting-started" data-raw-source="[Getting Started with App-V for Windows 10](https://technet.microsoft.com/itpro/windows/manage/appv-getting-started)">Getting Started with App-V for Windows 10</a>.</p></td>
+</tr>
+<tr class="odd">
+<td align="left"><p>User Experience Virtualization (UE-V)</p></td>
+<td align="left"><p>With this feature, you can capture user-customized Windows and application settings and store them on a centrally managed network file share. When users log on, their personalized settings are applied to their work session, regardless of which device or virtual desktop infrastructure (VDI) sessions they log on to.</p>
+<p>UE-V provides the ability to do the following:</p>
+<ul>
+<li><p>Specify which application and Windows settings synchronize across user devices</p></li>
+<li><p>Deliver the settings anytime and anywhere users work throughout the enterprise</p></li>
+<li><p>Create custom templates for your third-party or line-of-business applications</p></li>
+<li><p>Recover settings after hardware replacement or upgrade, or after re-imaging a virtual machine to its initial state</p></li>
+</ul>
+<p>For more information, see <a href="https://technet.microsoft.com/itpro/windows/manage/uev-for-windows" data-raw-source="[User Experience Virtualization (UE-V) for Windows 10 overview](https://technet.microsoft.com/itpro/windows/manage/uev-for-windows)">User Experience Virtualization (UE-V) for Windows 10 overview</a>.</p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>Managed User Experience</p></td>
+<td align="left"><p>This feature helps customize and lock down a Windows device’s user interface to restrict it to a specific task. For example, you can configure a device for a controlled scenario such as a kiosk or classroom device. The user experience would be automatically reset once a user signs off. You can also restrict access to services including Cortana or the Windows Store, and manage Start layout options, such as:</p>
+<ul>
+<li><p>Removing and preventing access to the Shut Down, Restart, Sleep, and Hibernate commands</p></li>
+<li><p>Removing Log Off (the User tile) from the Start menu</p></li>
+<li><p>Removing frequent programs from the Start menu</p></li>
+<li><p>Removing the All Programs list from the Start menu</p></li>
+<li><p>Preventing users from customizing their Start screen</p></li>
+<li><p>Forcing Start menu to be either full-screen size or menu size</p></li>
+<li><p>Preventing changes to Taskbar and Start menu settings</p></li>
+</ul>
+</tr>
+</tbody>
+</table>
+
+## Deployment of Windows 10 Enterprise E3 licenses
+
+See [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md).
+
+## Deploy Windows 10 Enterprise features
+
+Now that you have Windows 10 Enterprise edition running on devices, how do you take advantage of the Enterprise edition features and capabilities? What are the next steps that need to be taken for each of the features discussed in [Table 1](#compare-windows10-pro-and-enterprise-editions)?
+
+The following sections provide you with the high-level tasks that need to be performed in your environment to help users take advantage of the Windows 10 Enterprise edition features.
+
+### Credential Guard\*
+
+You can implement Credential Guard on Windows 10 Enterprise devices by turning on Credential Guard on these devices. Credential Guard uses Windows 10 virtualization-based security features (Hyper-V features) that must be enabled on each device before you can turn on Credential Guard. You can turn on Credential Guard by using one of the following methods:
+
+-   **Automated**. You can automatically turn on Credential Guard for one or more devices by using Group Policy. The Group Policy settings automatically add the virtualization-based security features and configure the Credential Guard registry settings on managed devices.
+
+-   **Manual**. You can manually turn on Credential Guard by doing the following:
+
+    -   Add the virtualization-based security features by using Programs and Features or Deployment Image Servicing and Management (DISM).
+
+    -   Configure Credential Guard registry settings by using the Registry Editor or the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
+
+    You can automate these manual steps by using a management tool such as Microsoft Endpoint Configuration Manager.
+
+For more information about implementing Credential Guard, see the following resources:
+
+-   [Protect derived domain credentials with Credential Guard](https://technet.microsoft.com/itpro/windows/keep-secure/credential-guard)
+-   [PC OEM requirements for Device Guard and Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514(v=vs.85).aspx)
+-   [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337)
+
+\* *Requires UEFI 2.3.1 or greater with Trusted Boot; Virtualization Extensions such as Intel VT-x, AMD-V, and SLAT must be enabled; x64 version of Windows; IOMMU, such as Intel VT-d, AMD-Vi; BIOS Lockdown; TPM 2.0 recommended for device health attestation (will use software if TPM 2.0 not present)*
+
+### Device Guard
+
+Now that the devices have Windows 10 Enterprise, you can implement Device Guard on the Windows 10 Enterprise devices by performing the following steps:
+
+1.  **Optionally, create a signing certificate for code integrity policies**. As you deploy code integrity policies, you might need to sign catalog files or code integrity policies internally. To do this, you will either need a publicly issued code signing certificate (that you purchase) or an internal certificate authority (CA). If you choose to use an internal CA, you will need to create a code signing certificate.
+
+2.  **Create code integrity policies from “golden” computers**. When you have identified departments or roles that use distinctive or partly distinctive sets of hardware and software, you can set up “golden” computers containing that software and hardware. In this respect, creating and managing code integrity policies to align with the needs of roles or departments can be similar to managing corporate images. From each “golden” computer, you can create a code integrity policy and decide how to manage that policy. You can merge code integrity policies to create a broader policy or a master policy, or you can manage and deploy each policy individually.
+
+3.  **Audit the code integrity policy and capture information about applications that are outside the policy**. We recommend that you use “audit mode” to carefully test each code integrity policy before you enforce it. With audit mode, no application is blocked—the policy just logs an event whenever an application outside the policy is started. Later, you can expand the policy to allow these applications, as needed.
+
+4.  **Create a “catalog file” for unsigned line-of-business (LOB) applications**. Use the Package Inspector tool to create and sign a catalog file for your unsigned LOB applications. In later steps, you can merge the catalog file's signature into your code integrity policy so that applications in the catalog will be allowed by the policy.
+
+5.  **Capture needed policy information from the event log, and merge information into the existing policy as needed**. After a code integrity policy has been running for a time in audit mode, the event log will contain information about applications that are outside the policy. To expand the policy so that it allows for these applications, use Windows PowerShell commands to capture the needed policy information from the event log, and then merge that information into the existing policy. You can merge code integrity policies from other sources also, for flexibility in how you create your final code integrity policies.
+
+6.  **Deploy code integrity policies and catalog files**. After you confirm that you have completed all the preceding steps, you can begin deploying catalog files and taking code integrity policies out of audit mode. We strongly recommend that you begin this process with a test group of users. This provides a final quality-control validation before you deploy the catalog files and code integrity policies more broadly.
+
+7.  **Enable desired hardware security features**. Hardware-based security features—also called virtualization-based security (VBS) features—strengthen the protections offered by code integrity policies.
+
+For more information about implementing Device Guard, see:
+
+- [Planning and getting started on the Device Guard deployment process](https://technet.microsoft.com/itpro/windows/keep-secure/planning-and-getting-started-on-the-device-guard-deployment-process)
+- [Device Guard deployment guide](https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide)
+
+### AppLocker management
+
+You can manage AppLocker in Windows 10 Enterprise by using Group Policy. Group Policy requires that the you have AD DS and that the Windows 10 Enterprise devices are joined to the your AD DS domain. You can create AppLocker rules by using Group Policy, and then target those rules to the appropriate devices.
+
+For more information about AppLocker management by using Group Policy, see [AppLocker deployment guide](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-policies-deployment-guide).
+
+### App-V
+
+App-V requires an App-V server infrastructure to support App-V clients. The primary App-V components that the you must have are as follows:
+
+-   **App-V server**. The App-V server provides App-V management, virtualized app publishing, app streaming, and reporting services. Each of these services can be run on one server or can be run individually on multiple servers. For example, you could have multiple streaming servers. App-V clients contact App-V servers to determine which apps are published to the user or device, and then run the virtualized app from the server.
+
+-   **App-V sequencer**. The App-V sequencer is a typical client device that is used to sequence (capture) apps and prepare them for hosting from the App-V server. You install apps on the App-V sequencer, and the App-V sequencer software determines the files and registry settings that are changed during app installation. Then the sequencer captures these settings to create a virtualized app.
+
+-   **App-V client**. The App-V client must be enabled on any client device on which apps will be run from the App-V server. These will be the Windows 10 Enterprise E3 devices.
+
+For more information about implementing the App-V server, App-V sequencer, and App-V client, see the following resources:
+
+-   [Getting Started with App-V for Windows 10](https://technet.microsoft.com/itpro/windows/manage/appv-getting-started)
+-   [Deploying the App-V server](https://technet.microsoft.com/itpro/windows/manage/appv-deploying-the-appv-server)
+-   [Deploying the App-V Sequencer and Configuring the Client](https://technet.microsoft.com/itpro/windows/manage/appv-deploying-the-appv-sequencer-and-client)
+
+### UE-V
+UE-V requires server- and client-side components that you you’ll need to download, activate, and install. These components include:
+
+- **UE-V service**. The UE-V service (when enabled on devices) monitors registered applications and Windows for any settings changes, then synchronizes those settings between devices.
+
+- **Settings packages**. Settings packages created by the UE-V service store application settings and Windows settings. Settings packages are built, locally stored, and copied to the settings storage location.
+
+- **Settings storage location**. This location is a standard network share that your users can access. The UE-V service verifies the location and creates a hidden system folder in which to store and retrieve user settings.
+
+- **Settings location templates**. Settings location templates are XML files that UE-V uses to monitor and synchronize desktop application settings and Windows desktop settings between user computers. By default, some settings location templates are included in UE-V. You can also create, edit, or validate custom settings location templates by using the UE-V template generator. Settings location templates are not required for Windows applications.
+
+- **Universal Windows applications list**. UE-V determines which Windows applications are enabled for settings synchronization using a managed list of applications. By default, this list includes most Windows applications.
+
+For more information about deploying UE-V, see the following resources:
+
+- [User Experience Virtualization (UE-V) for Windows 10 overview](https://technet.microsoft.com/itpro/windows/manage/uev-for-windows)
+- [Get Started with UE-V](https://technet.microsoft.com/itpro/windows/manage/uev-getting-started)
+- [Prepare a UE-V Deployment](https://technet.microsoft.com/itpro/windows/manage/uev-prepare-for-deployment)
+
+### Managed User Experience
+
+The Managed User Experience feature is a set of Windows 10 Enterprise edition features and corresponding settings that you can use to manage user experience. Table 2 describes the Managed User Experience settings (by category), which are only available in Windows 10 Enterprise edition. The management methods used to configure each feature depend on the feature. Some features are configured by using Group Policy, while others are configured by using Windows PowerShell, Deployment Image Servicing and Management (DISM), or other command-line tools. For the Group Policy settings, you must have AD DS with the Windows 10 Enterprise devices joined to your AD DS domain.
+
+*Table 2. Managed User Experience features*
+
+| Feature          | Description     |
+|------------------|-----------------|
+| Start layout customization | You can deploy a customized Start layout to users in a domain. No reimaging is required, and the Start layout can be updated simply by overwriting the .xml file that contains the layout. This enables you to customize Start layouts for different departments or organizations, with minimal management overhead.<br>For more information on these settings, see [Customize Windows 10 Start and taskbar with Group Policy](https://technet.microsoft.com/itpro/windows/manage/customize-windows-10-start-screens-by-using-group-policy). |
+| Unbranded boot             | You can suppress Windows elements that appear when Windows starts or resumes and can suppress the crash screen when Windows encounters an error from which it cannot recover.<br>For more information on these settings, see [Unbranded Boot](https://msdn.microsoft.com/library/windows/hardware/mt571997(v=vs.85).aspx).       |
+| Custom logon               | You can use the Custom Logon feature to suppress Windows 10 UI elements that relate to the Welcome screen and shutdown screen. For example, you can suppress all elements of the Welcome screen UI and provide a custom logon UI. You can also suppress the Blocked Shutdown Resolver (BSDR) screen and automatically end applications while the OS waits for applications to close before a shutdown.<br>For more information on these settings, see [Custom Logon](https://msdn.microsoft.com/library/windows/hardware/mt571990(v=vs.85).aspx).                        |
+| Shell launcher             | Enables Assigned Access to run only a classic Windows app via Shell Launcher to replace the shell.<br>For more information on these settings, see [Shell Launcher](https://msdn.microsoft.com/library/windows/hardware/mt571994(v=vs.85).aspx).     |
+| Keyboard filter            | You can use Keyboard Filter to suppress undesirable key presses or key combinations. Normally, users can use certain Windows key combinations like Ctrl+Alt+Delete or Ctrl+Shift+Tab to control a device by locking the screen or using Task Manager to close a running application. This is not desirable on devices intended for a dedicated purpose.<br>For more information on these settings, see [Keyboard Filter](https://msdn.microsoft.com/library/windows/hardware/mt587088(v=vs.85).aspx).    |
+| Unified write filter       | You can use Unified Write Filter (UWF) on your device to help protect your physical storage media, including most standard writable storage types that are supported by Windows, such as physical hard disks, solid-state drives, internal USB devices, external SATA devices, and so on. You can also use UWF to make read-only media appear to the OS as a writable volume.<br>For more information on these settings, see [Unified Write Filter](https://msdn.microsoft.com/library/windows/hardware/mt572001(v=vs.85).aspx).    |
+
+## Related topics
+
+[Windows 10 Enterprise Subscription Activation](windows-10-subscription-activation.md)
+<BR>[Connect domain-joined devices to Azure AD for Windows 10 experiences](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-devices-group-policy/)
+<BR>[Compare Windows 10 editions](https://www.microsoft.com/WindowsForBusiness/Compare)
+<BR>[Windows for business](https://www.microsoft.com/windowsforbusiness/default.aspx)
diff --git a/windows/deployment/windows-10-media.md b/windows/deployment/windows-10-media.md
index 2b435c0edc..24743735e8 100644
--- a/windows/deployment/windows-10-media.md
+++ b/windows/deployment/windows-10-media.md
@@ -44,7 +44,7 @@ For ISOs that you download from the VLSC or Visual Studio Subscriptions, you can
 
 ![Images](images/table01.png)
 
-When using the contents of these ISOs with tools such as the Microsoft Deployment Toolkit or System Center Configuration Manager, make sure you select the appropriate image index in any task sequences that you create or update.
+When using the contents of these ISOs with tools such as the Microsoft Deployment Toolkit or Microsoft Endpoint Configuration Manager, make sure you select the appropriate image index in any task sequences that you create or update.
 
 For packages published to Windows Server Update Services (WSUS), you’ll also notice the change because, instead of having separate packages for each Windows edition, there will be just one package:
 
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index 87eea0e845..dc74d56ad8 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -1,655 +1,657 @@
----
-title: Step by step - Deploy Windows 10 in a test lab using MDT
-description: Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit (MDT)
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-keywords: deployment, automate, tools, configure, mdt
-ms.localizationpriority: medium
-ms.date: 10/11/2017
-ms.reviewer: 
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-
-# Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit
-
-**Applies to**
-
--   Windows 10
-
-**Important**: This guide leverages the proof of concept (PoC) environment configured using procedures in the following guide: 
-- [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)
-
-Please complete all steps in the prerequisite guide before starting this guide. This guide requires about 5 hours to complete, but can require less time or more time depending on the speed of the Hyper-V host. After completing the current guide, also see the companion guide:
-- [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md)
-
-The PoC environment is a virtual network running on Hyper-V with three virtual machines (VMs):
-- **DC1**: A contoso.com domain controller, DNS server, and DHCP server.
-- **SRV1**: A dual-homed contoso.com domain member server, DNS server, and default gateway providing NAT service for the PoC network.
-- **PC1**: A contoso.com member computer running Windows 7, Windows 8, or Windows 8.1 that has been shadow-copied from a physical computer on your corporate network.
-
->This guide uses the Hyper-V server role. If you do not complete all steps in a single session, consider using [checkpoints](https://technet.microsoft.com/library/dn818483.aspx) and [saved states](https://technet.microsoft.com/library/ee247418.aspx) to pause, resume, or restart your work.
-
-## In this guide
-
-This guide provides instructions to install and configure the Microsoft Deployment Toolkit (MDT) to deploy a Windows 10 image.
-
-Topics and procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
-
-<br>
-
-<div style='font-size:9.0pt'>
-
-<table border="1" cellspacing="0" cellpadding="0">
-<tr><td BGCOLOR="#a0e4fa"><B>Topic</B><td BGCOLOR="#a0e4fa"><B>Description</B><td BGCOLOR="#a0e4fa"><B>Time</B>
-
-<tr><td><a href="#about-mdt" data-raw-source="[About MDT](#about-mdt)">About MDT</a><td>A high-level overview of the Microsoft Deployment Toolkit (MDT).<td>Informational
-<tr><td><a href="#install-mdt" data-raw-source="[Install MDT](#install-mdt)">Install MDT</a><td>Download and install MDT.<td>40 minutes
-<tr><td><a href="#create-a-deployment-share-and-reference-image" data-raw-source="[Create a deployment share and reference image](#create-a-deployment-share-and-reference-image)">Create a deployment share and reference image</a><td>A reference image is created to serve as the template for deploying new images.<td>90 minutes
-<tr><td><a href="#deploy-a-windows-10-image-using-mdt" data-raw-source="[Deploy a Windows 10 image using MDT](#deploy-a-windows-10-image-using-mdt)">Deploy a Windows 10 image using MDT</a><td>The reference image is deployed in the PoC environment.<td>60 minutes
-<tr><td><a href="#refresh-a-computer-with-windows-10" data-raw-source="[Refresh a computer with Windows 10](#refresh-a-computer-with-windows-10)">Refresh a computer with Windows 10</a><td>Export user data from an existing client computer, wipe the computer, install a new operating system, and then restore user data and settings.<td>60 minutes
-<tr><td><a href="#replace-a-computer-with-windows-10" data-raw-source="[Replace a computer with Windows 10](#replace-a-computer-with-windows-10)">Replace a computer with Windows 10</a><td>Back up an existing client computer, then restore this backup to a new computer.<td>60 minutes
-<tr><td><a href="#troubleshooting-logs-events-and-utilities" data-raw-source="[Troubleshooting logs, events, and utilities](#troubleshooting-logs-events-and-utilities)">Troubleshooting logs, events, and utilities</a><td>Log locations and troubleshooting hints.<td>Informational
-</TABLE>
-
-</div>
-
-## About MDT
-
-MDT performs deployments by using the Lite Touch Installation (LTI), Zero Touch Installation (ZTI), and User-Driven Installation (UDI) deployment methods. 
-- LTI is the deployment method used in the current guide, requiring only MDT and performed with a minimum amount of user interaction.
-- ZTI is fully automated, requiring no user interaction and is performed using MDT and System Center Configuration Manager. After completing the steps in the current guide, see [Step by step: Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md) to use the ZTI deployment method in the PoC environment.
-- UDI requires manual intervention to respond to installation prompts such as machine name, password and language settings. UDI requires MDT and System Center Configuration Manager. 
-
-## Install MDT
-
-1. On SRV1, temporarily disable IE Enhanced Security Configuration for Administrators by typing the following commands at an elevated Windows PowerShell prompt:
-
-    ```
-    $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
-    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0
-    Stop-Process -Name Explorer
-    ```
-2. Download and install the 64-bit version of [Microsoft Deployment Toolkit (MDT)](https://www.microsoft.com/download/details.aspx?id=54259) on SRV1 using the default options. As of the writing of this guide, the latest version of MDT was 8443.
-
-3. Download and install the latest [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) on SRV1 using the default installation settings. The current version is the ADK for Windows 10, version 1703. Installation might require several minutes to acquire all components.
-
-3. If desired, re-enable IE Enhanced Security Configuration:
-
-    ```
-    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 1
-    Stop-Process -Name Explorer
-    ```
-
-## Create a deployment share and reference image
-
-A reference image serves as the foundation for Windows 10 devices in your organization.
-
-1. In [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md), the Windows 10 Enterprise .iso file was saved to the c:\VHD directory as **c:\VHD\w10-enterprise.iso**. The first step in creating a deployment share is to mount this file on SRV1.  To mount the Windows 10 Enterprise DVD on SRV1, open an elevated Windows PowerShell prompt on the Hyper-V host computer and type the following command:
-
-    ```
-    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\w10-enterprise.iso
-    ```
-2. On SRV1, verify that the Windows Enterprise installation DVD is mounted as drive letter D.
-
-3. The Windows 10 Enterprise installation files will be used to create a deployment share on SRV1 using the MDT deployment workbench. To open the deployment workbench, click **Start**, type **deployment**, and then click **Deployment Workbench**.
-
-4. To enable quick access to the application, right-click **Deployment Workbench** on the taskbar and then click **Pin this program to the taskbar**.
-
-5. In the Deployment Workbench console, right-click **Deployment Shares** and select **New Deployment Share**.
-
-6. Use the following settings for the New Deployment Share Wizard:
-    - Deployment share path: **C:\MDTBuildLab**<BR>
-    - Share name: **MDTBuildLab$**<BR>
-    - Deployment share description: **MDT build lab**<BR>
-    - Options: click **Next** to accept the default<BR>
-    - Summary: click **Next**<BR>
-    - Progress: settings will be applied<BR>
-    - Confirmation: click **Finish**
-
-
-7. Expand the **Deployment Shares** node, and then expand **MDT build lab**.
-
-8. Right-click the **Operating Systems** node, and then click **New Folder**. Name the new folder **Windows 10**. Complete the wizard using default values and click **Finish**.
-
-9. Right-click the **Windows 10** folder created in the previous step, and then click **Import Operating System**.
-
-10. Use the following settings for the Import Operating System Wizard: 
-    - OS Type: **Full set of source files**<BR>
-    - Source: **D:\\** <BR>
-    - Destination: **W10Ent_x64**<BR>
-    - Summary: click **Next**
-    - Progress: wait for files to be copied
-    - Confirmation: click **Finish**
-
-    >For purposes of this test lab, we will only add the prerequisite .NET Framework feature. Commerical applications (ex: Microsoft Office) will not be added to the deployment share. For information about adding applications, see the [Add applications](https://technet.microsoft.com/itpro/windows/deploy/create-a-windows-10-reference-image#sec03) section of the [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md) topic in the TechNet library.
-
-11. The next step is to create a task sequence to reference the operating system that was imported. To create a task sequence, right-click the **Task Sequences** node and then click **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
-    - Task sequence ID: **REFW10X64-001**<BR>
-    - Task sequence name: **Windows 10 Enterprise x64 Default Image** <BR>
-    - Task sequence comments: **Reference Build**<BR>
-    - Template: **Standard Client Task Sequence**
-    - Select OS: click **Windows 10 Enterprise Evaluation in W10Ent_x64 install.wim**
-    - Specify Product Key: **Do not specify a product key at this time**
-    - Full Name: **Contoso**
-    - Organization: **Contoso**
-    - Internet Explorer home page: **http://www.contoso.com**
-    - Admin Password: **Do not specify an Administrator password at this time**
-    - Summary: click **Next**
-    - Confirmation: click **Finish**
-
-
-12. Edit the task sequence to add the Microsoft NET Framework 3.5, which is required by many applications. To edit the task sequence, double-click **Windows 10 Enterprise x64 Default Image** that was created in the previous step.
-
-13. Click the **Task Sequence** tab. Under **State Restore** click **Tatto** to highlight it, then click **Add** and choose **New Group**.
-
-14. On the Properties tab of the group that was created in the previous step, change the Name from **New Group** to **Custom Tasks (Pre-Windows Update)** and then click **Apply**. Click another location in the window to see the name change.
-
-15. Click the **Custom Tasks (Pre-Windows Update)** group again, click **Add**, point to **Roles**, and then click **Install Roles and Features**.
-
-16. Under **Select the roles and features that should be installed**, select **.NET Framework 3.5 (includes .NET 2.0 and 3.0)** and then click **Apply**.
-
-17. Enable Windows Update in the task sequence by clicking the **Windows Update (Post-Application Installation)** step, clicking the **Options** tab, and clearing the **Disable this step** checkbox.
-    
-    >Note: Since we are not installing applications in this test lab, there is no need to enable the Windows Update Pre-Application Installation step. However, you should enable this step if you are also installing applications.
-
-18. Click **OK** to complete editing the task sequence.
-
-19. The next step is to configure the MDT deployment share rules. To configure rules in the Deployment Workbench, right-click **MDT build lab (C:\MDTBuildLab)** and click **Properties**, and then click the **Rules** tab.
-
-20. Replace the default rules with the following text:
-
-    ```
-    [Settings]
-    Priority=Default
-
-    [Default]
-    _SMSTSORGNAME=Contoso
-    UserDataLocation=NONE
-    DoCapture=YES
-    OSInstall=Y
-    AdminPassword=pass@word1
-    TimeZoneName=Pacific Standard Time
-    OSDComputername=#Left("PC-%SerialNumber%",7)#
-    JoinWorkgroup=WORKGROUP
-    HideShell=YES
-    FinishAction=SHUTDOWN
-    DoNotCreateExtraPartition=YES
-    ApplyGPOPack=NO
-    SkipAdminPassword=YES
-    SkipProductKey=YES
-    SkipComputerName=YES
-    SkipDomainMembership=YES
-    SkipUserData=YES
-    SkipLocaleSelection=YES
-    SkipTaskSequence=NO
-    SkipTimeZone=YES
-    SkipApplications=YES
-    SkipBitLocker=YES
-    SkipSummary=YES
-    SkipRoles=YES
-    SkipCapture=NO
-    SkipFinalSummary=NO
-    ```
-
-21. Click **Apply** and then click **Edit Bootstrap.ini**. Replace the contents of the Bootstrap.ini file with the following text, and save the file:
-
-    ```
-    [Settings]
-    Priority=Default
-
-    [Default]
-    DeployRoot=\\SRV1\MDTBuildLab$
-    UserDomain=CONTOSO
-    UserID=MDT_BA
-    UserPassword=pass@word1
-    SkipBDDWelcome=YES
-    ```
-
-22. Click **OK** to complete the configuration of the deployment share.
-
-23. Right-click **MDT build lab (C:\MDTBuildLab)** and then click **Update Deployment Share**.
-
-24. Accept all default values in the Update Deployment Share Wizard by clicking **Next** twice.  The update process will take 5 to 10 minutes. When it has completed, click **Finish**.
-
-25. Copy **c:\MDTBuildLab\Boot\LiteTouchPE_x86.iso** on SRV1 to the **c:\VHD** directory on the Hyper-V host computer. Note that in MDT, the x86 boot image can deploy both x86 and x64 operating systems, except on computers based on Unified Extensible Firmware Interface (UEFI).
-
-    >Hint: To copy the file, right-click the **LiteTouchPE_x86.iso** file and click **Copy** on SRV1, then open the **c:\VHD** folder on the Hyper-V host, right-click inside the folder and click **Paste**.
-
-26. Open a Windows PowerShell prompt on the Hyper-V host computer and type the following commands:
-
-    <div style='font-size:8.0pt'>
-    <pre style="overflow-y: visible">
-
-    New-VM REFW10X64-001 -SwitchName poc-internal -NewVHDPath "c:\VHD\REFW10X64-001.vhdx" -NewVHDSizeBytes 60GB
-    Set-VMMemory REFW10X64-001 -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 1024MB -Buffer 20
-    Set-VMDvdDrive REFW10X64-001 -Path c:\VHD\LiteTouchPE_x86.iso
-    Start-VM REFW10X64-001
-    vmconnect localhost REFW10X64-001
-	</pre>
-    </div>
-    
-    The VM will require a few minutes to prepare devices and boot from the LiteTouchPE_x86.iso file. 
-
-27. In the Windows Deployment Wizard, select **Windows 10 Enterprise x64 Default Image**, and then click **Next**.
-
-28. Accept the default values on the Capture Image page, and click **Next**. Operating system installation will complete after 5 to 10 minutes, and then the VM will reboot automatically. Allow the system to boot normally (do not press a key). The process is fully automated.
-
-	Additional system restarts will occur to complete updating and preparing the operating system. Setup will complete the following procedures:
-
-	- Install the Windows 10 Enterprise operating system.
-	- Install added applications, roles, and features.
-	- Update the operating system using Windows Update (or WSUS if optionally specified).
-	- Stage Windows PE on the local disk.
-	- Run System Preparation (Sysprep) and reboot into Windows PE.
-	- Capture the installation to a Windows Imaging (WIM) file.
-	- Turn off the virtual machine.<BR><BR>
-
-    This step requires from 30 minutes to 2 hours, depending on the speed of the Hyper-V host. After some time, you will have a Windows 10 Enterprise x64 image that is fully patched and has run through Sysprep. The image is located in the C:\MDTBuildLab\Captures folder on your deployment server (SRV1). The file name is **REFW10X64-001.wim**.
-
-## Deploy a Windows 10 image using MDT
-
-This procedure will demonstrate how to deploy the reference image to the PoC environment using MDT.
-
-1. On SRV1, open the MDT Deployment Workbench console, right-click **Deployment Shares**, and then click **New Deployment Share**. Use the following values in the New Deployment Share Wizard:
-     - **Deployment share path**: C:\MDTProd
-     - **Share name**: MDTProd$
-     - **Deployment share description**: MDT Production
-     - **Options**: accept the default
-
-
-2. Click **Next**, verify the new deployment share was added successfully, then click **Finish**.
-
-3. In the Deployment Workbench console, expand the MDT Production deployment share, right-click **Operating Systems**, and then click **New Folder**. Name the new folder **Windows 10** and complete the wizard using default values.
-
-4. Right-click the **Windows 10** folder created in the previous step, and then click **Import Operating System**.
-
-5. On the **OS Type** page, choose **Custom image file** and then click **Next**.
-
-6. On the Image page, browse to the **C:\MDTBuildLab\Captures\REFW10X64-001.wim** file created in the previous procedure, click **Open**, and then click **Next**.
-
-7. On the Setup page, select **Copy Windows 7, Windows Server 2008 R2, or later setup files from the specified path**. 
-
-8. Under **Setup source directory**, browse to **C:\MDTBuildLab\Operating Systems\W10Ent_x64** click **OK** and then click **Next**.
-
-9. On the Destination page, accept the default Destination directory name of **REFW10X64-001**, click **Next** twice, wait for the import process to complete, and then click **Finish**.
-
-10. In the **Operating Systems** > **Windows 10** node, double-click the operating system that was added to view its properties. Change the operating system name to **Windows 10 Enterprise x64 Custom Image** and then click **OK**. See the following example:
-
-    ![custom image](images/image.png)
-
-
-### Create the deployment task sequence
-
-1. Using the Deployment Workbench, right-click **Task Sequences** under the **MDT Production** node, click **New Folder** and create a folder with the name: **Windows 10**.
-
-2. Right-click the **Windows 10** folder created in the previous step, and then click **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
-    - Task sequence ID: W10-X64-001
-    - Task sequence name: Windows 10 Enterprise x64 Custom Image
-    - Task sequence comments: Production Image
-    - Select Template: Standard Client Task Sequence
-    - Select OS: Windows 10 Enterprise x64 Custom Image
-    - Specify Product Key: Do not specify a product key at this time
-    - Full Name: Contoso
-    - Organization: Contoso
-    - Internet Explorer home page: http://www.contoso.com
-    - Admin Password: pass@word1 
-    
-### Configure the MDT production deployment share
-
-1. On SRV1, open an elevated Windows PowerShell prompt and type the following commands:
-
-    ```
-    copy-item "C:\Program Files\Microsoft Deployment Toolkit\Templates\Bootstrap.ini" C:\MDTProd\Control\Bootstrap.ini -Force
-    copy-item "C:\Program Files\Microsoft Deployment Toolkit\Templates\CustomSettings.ini" C:\MDTProd\Control\CustomSettings.ini -Force
-    ``` 
-2. In the Deployment Workbench console on SRV1, right-click the **MDT Production** deployment share and then click **Properties**.
-
-3. Click the **Rules** tab and replace the rules with the following text (don't click OK yet):
-
-    ```
-    [Settings]
-    Priority=Default
-    
-    [Default]
-    _SMSTSORGNAME=Contoso
-    OSInstall=YES
-    UserDataLocation=AUTO
-    TimeZoneName=Pacific Standard Time
-    OSDComputername=#Left("PC-%SerialNumber%",7)#
-    AdminPassword=pass@word1
-    JoinDomain=contoso.com
-    DomainAdmin=administrator
-    DomainAdminDomain=CONTOSO
-    DomainAdminPassword=pass@word1
-    ScanStateArgs=/ue:*\* /ui:CONTOSO\*
-    USMTMigFiles001=MigApp.xml
-    USMTMigFiles002=MigUser.xml
-    HideShell=YES
-    ApplyGPOPack=NO
-    SkipAppsOnUpgrade=NO
-    SkipAdminPassword=YES
-    SkipProductKey=YES
-    SkipComputerName=YES
-    SkipDomainMembership=YES
-    SkipUserData=YES
-    SkipLocaleSelection=YES
-    SkipTaskSequence=NO
-    SkipTimeZone=YES
-    SkipApplications=NO
-    SkipBitLocker=YES
-    SkipSummary=YES
-    SkipCapture=YES
-    SkipFinalSummary=NO
-    EventService=http://SRV1:9800
-    ```
-    **Note**: The contents of the Rules tab are added to c:\MDTProd\Control\CustomSettings.ini.
-    
-    >In this example a **MachineObjectOU** entry is not provided. Normally this entry describes the specific OU where new client computer objects are created in Active Directory. However, for the purposes of this test lab clients are added to the default computers OU, which requires that this parameter be unspecified.
-
-    If desired, edit the follow line to include or exclude other users when migrating settings. Currently, the command is set to user exclude (ue) all users except for CONTOSO users specified by the user include option (ui):
-    
-    ```
-    ScanStateArgs=/ue:*\* /ui:CONTOSO\*
-    ```
-
-    For example, to migrate **all** users on the computer, replace this line with the following:
-
-    ```
-    ScanStateArgs=/all
-    ```   
-
-    For more information, see [ScanState Syntax](https://technet.microsoft.com/library/cc749015.aspx).
-
-4. Click **Edit Bootstap.ini** and replace text in the file with the following text:
-
-    ```
-    [Settings]
-    Priority=Default
-    
-    [Default]
-    DeployRoot=\\SRV1\MDTProd$
-    UserDomain=CONTOSO
-    UserID=MDT_BA
-    UserPassword=pass@word1
-    SkipBDDWelcome=YES
-    ```
-5. Click **OK** when finished. 
-
-### Update the deployment share
-
-1. Right-click the **MDT Production** deployment share and then click **Update Deployment Share**.
-
-2. Use the default options for the Update Deployment Share Wizard. The update process requires 5 to 10 minutes to complete.
-
-3. Click **Finish** when the update is complete.
-
-### Enable deployment monitoring
-
-1. In the Deployment Workbench console, right-click **MDT Production** and then click **Properties**.
-
-2. On the **Monitoring** tab, select the **Enable monitoring for this deployment share** checkbox, and then click **OK**.
-
-3. Verify the monitoring service is working as expected by opening the following link on SRV1 in Internet Explorer: [http://localhost:9800/MDTMonitorEvent/](http://localhost:9800/MDTMonitorEvent/). If you do not see "**You have created a service**" at the top of the page, see [Troubleshooting MDT 2012 Monitoring](https://blogs.technet.microsoft.com/mniehaus/2012/05/10/troubleshooting-mdt-2012-monitoring/).
-
-4. Close Internet Explorer.
-
-### Configure Windows Deployment Services
-
-1. Initialize Windows Deployment Services (WDS) by typing the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    WDSUTIL /Verbose /Progress /Initialize-Server /Server:SRV1 /RemInst:"C:\RemoteInstall"
-    WDSUTIL /Set-Server /AnswerClients:All
-    ```
-
-2. Click **Start**, type **Windows Deployment**, and then click **Windows Deployment Services**.
-
-3. In the Windows Deployment Services console, expand **Servers**, expand **SRV1.contoso.com**, right-click **Boot Images**, and then click **Add Boot Image**.
-
-4. Browse to the **C:\MDTProd\Boot\LiteTouchPE_x64.wim** file, click **Open**, click **Next**, and accept the defaults in the Add Image Wizard. Click **Finish** to complete adding a boot image.
-
-### Deploy the client image
-
-1. Before using WDS to deploy a client image, you must temporarily disable the external network adapter on SRV1. This is just an artifact of the lab environment. In a typical deployment environment WDS would not be installed on the default gateway. 
-
-    >**Note**: Do not disable the *internal* network interface. To quickly view IP addresses and interface names configured on the VM, type **Get-NetIPAddress | ft interfacealias, ipaddress**
-    
-    Assuming the external interface is named "Ethernet 2", to disable the *external* interface on SRV1, open a Windows PowerShell prompt on SRV1 and type the following command:
-
-    ```
-    Disable-NetAdapter "Ethernet 2" -Confirm:$false
-    ```
-
-    >Wait until the disable-netadapter command completes before proceeding.
-
-
-2. Next, switch to the Hyper-V host and open an elevated Windows PowerShell prompt. Create a generation 2 VM on the Hyper-V host that will load its OS using PXE. To create this VM, type the following commands at an elevated Windows PowerShell prompt:
-
-    ```
-    New-VM –Name "PC2" –NewVHDPath "c:\vhd\pc2.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
-    Set-VMMemory -VMName "PC2" -DynamicMemoryEnabled $true -MinimumBytes 720MB -MaximumBytes 2048MB -Buffer 20
-    ```
-
-    >Dynamic memory is configured on the VM to conserve resources. However, this can cause memory allocation to be reduced past what is required to install an operating system. If this happens, reset the VM and begin the OS installation task sequence immediately. This ensures the VM memory allocation is not decreased too much while it is idle.
-
-3. Start the new VM and connect to it:
-
-    ```
-    Start-VM PC2
-    vmconnect localhost PC2
-    ```
-4. When prompted, hit ENTER to start the network boot process.
-
-5. In the Windows Deployment Wizard, choose the **Windows 10 Enterprise x64 Custom Image** and then click **Next**.
-
-6. After MDT lite touch installation has started, be sure to re-enable the external network adapter on SRV1. This is needed so the client can use Windows Update after operating system installation is complete.To re-enable the external network interface, open an elevated Windows PowerShell prompt on SRV1 and type the following command:
-
-    ```
-    Enable-NetAdapter "Ethernet 2"
-    ```
-7. On SRV1, in the Deployment Workbench console, click on **Monitoring** and view the status of installation. Right-click **Monitoring** and click **Refresh** if no data is displayed.
-8. OS installation requires about 10 minutes. When the installation is complete, the system will reboot automatically, configure devices, and install updates, requiring another 10-20 minutes.  When the new client computer is finished updating, click **Finish**. You will be automatically signed in to the local computer as administrator.
-    
-    ![finish](images/deploy-finish.png)
-
-
-This completes the demonstration of how to deploy a reference image to the network. To conserve resources, turn off the PC2 VM before starting the next section.
-
-## Refresh a computer with Windows 10
-
-This section will demonstrate how to export user data from an existing client computer, wipe the computer, install a new operating system, and then restore user data and settings. The scenario will use PC1, a computer that was cloned from a physical device to a VM, as described in [Step by step guide: Deploy Windows 10 in a test lab](windows-10-poc.md). 
-
-1. If the PC1 VM is not already running, then start and connect to it:
-    
-    ```
-    Start-VM PC1
-    vmconnect localhost PC1
-    ```
-
-2. Switch back to the Hyper-V host and create a checkpoint for the PC1 VM so that it can easily be reverted to its current state for troubleshooting purposes and to perform additional scenarios.  Checkpoints are also known as snapshots. To create a checkpoint for the PC1 VM, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    ```
-    Checkpoint-VM -Name PC1 -SnapshotName BeginState
-    ```
-
-3. Sign on to PC1 using the CONTOSO\Administrator account.
-
-    >Specify **contoso\administrator** as the user name to ensure you do not sign on using the local administrator account. You must sign in with this account so that you have access to the deployment share.
-
-4. Open an elevated command prompt on PC1 and type the following:
-
-    ```
-    cscript \\SRV1\MDTProd$\Scripts\Litetouch.vbs
-    ```
-
-    **Note**: Litetouch.vbs must be able to create the C:\MININT directory on the local computer.
-
-5. Choose the **Windows 10 Enterprise x64 Custom Image** and then click **Next**.
-
-6. Choose **Do not back up the existing computer** and click **Next**.
-
-    **Note**: The USMT will still back up the computer.
-
-7. Lite Touch Installation will perform the following actions:
-   - Back up user settings and data using USMT.
-   - Install the Windows 10 Enterprise X64 operating system.
-   - Update the operating system via Windows Update.
-   - Restore user settings and data using USMT.
-
-     You can review the progress of installation on SRV1 by clicking on the **Monitoring** node in the deployment workbench. When OS installation is complete, the computer will restart, set up devices, and configure settings.
-
-8. Sign in with the CONTOSO\Administrator account and verify that all CONTOSO domain user accounts and data have been migrated to the new operating system, or other user accounts as specified [previously](#configure-the-mdt-production-deployment-share).
-
-9. Create another checkpoint for the PC1 VM so that you can review results of the computer refresh later. To create a checkpoint, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    ```
-    Checkpoint-VM -Name PC1 -SnapshotName RefreshState
-    ```
-
-10. Restore the PC1 VM to it's previous state in preparation for the replace procedure. To restore a checkpoint, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    ```
-    Restore-VMSnapshot -VMName PC1 -Name BeginState -Confirm:$false
-    Start-VM PC1
-    vmconnect localhost PC1
-    ```
-    
-11. Sign in to PC1 using the contoso\administrator account.
-
-## Replace a computer with Windows 10
-
-At a high level, the computer replace process consists of:<BR>
-- A special replace task sequence that runs the USMT backup and an optional full Window Imaging (WIM) backup.<BR>
-- A standard OS deployment on a new computer. At the end of the deployment, the USMT backup from the old computer is restored.
-
-### Create a backup-only task sequence
-
-1. On SRV1, in the deployment workbench console, right-click the MDT Production deployment share, click **Properties**, click the **Rules** tab, and change the line **SkipUserData=YES** to **SkipUserData=NO**.
-2. Click **OK**, right-click **MDT Production**, click **Update Deployment Share** and accept the default options in the wizard to update the share.
-3. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    New-Item -Path C:\MigData -ItemType directory
-    New-SmbShare -Name MigData$ -Path C:\MigData -ChangeAccess EVERYONE
-    icacls C:\MigData /grant '"contoso\administrator":(OI)(CI)(M)'
-    ```
-4. On SRV1 in the deployment workbench, under **MDT Production**, right-click the **Task Sequences** node, and click **New Folder**.
-5. Name the new folder **Other**, and complete the wizard using default options.
-6. Right-click the **Other** folder and then click **New Task Sequence**. Use the following values in the wizard:
-    - **Task sequence ID**: REPLACE-001
-    - **Task sequence name**: Backup Only Task Sequence
-    - **Task sequence comments**: Run USMT to back up user data and settings
-    - **Template**: Standard Client Replace Task Sequence (note: this is not the default template)
-7. Accept defaults for the rest of the wizard and then click **Finish**. The replace task sequence will skip OS selection and settings.
-8. Open the new task sequence that was created and review it. Note the type of capture and backup tasks that are present. Click **OK** when you are finished reviewing the task sequence.
-
-### Run the backup-only task sequence
-
-1. If you are not already signed on to PC1 as **contoso\administrator**, sign in using this account. To verify the currently signed in account, type the following command at an elevated command prompt:
-
-    ```
-    whoami
-    ```
-2. To ensure a clean environment before running the backup task sequence, type the following at an elevated Windows PowerShell prompt on PC1:
-
-    ```
-    Remove-Item c:\minint -recurse
-    Remove-Item c:\_SMSTaskSequence -recurse
-    Restart-Computer
-    ```
-3. Sign in to PC1 using the contoso\administrator account, and then type the following at an elevated command prompt:
-
-    ```
-    cscript \\SRV1\MDTProd$\Scripts\Litetouch.vbs
-    ```
-4. Complete the deployment wizard using the following:
-    - **Task Sequence**: Backup Only Task Sequence
-    - **User Data**: Specify a location: **\\\\SRV1\MigData$\PC1**
-    - **Computer Backup**: Do not back up the existing computer.
-5. While the task sequence is running on PC1, open the deployment workbench console on SRV1 and click the **Monitoring* node. Press F5 to refresh the console, and view the status of current tasks.  
-6. On PC1, verify that **The user state capture was completed successfully** is displayed, and click **Finish** when the capture is complete.
-7. On SRV1, verify that the file **USMT.MIG** was created in the **C:\MigData\PC1\USMT** directory. See the following example:
-
-    ```
-    PS C:\> dir C:\MigData\PC1\USMT
-
-        Directory: C:\MigData\PC1\USMT
-
-    Mode                LastWriteTime     Length Name
-    ----                -------------     ------ ----
-    -a---          9/6/2016  11:34 AM   14248685 USMT.MIG
-    ```
-   ### Deploy PC3 
-
-8. On the Hyper-V host, type the following commands at an elevated Windows PowerShell prompt:
-
-    ```
-    New-VM –Name "PC3" –NewVHDPath "c:\vhd\pc3.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
-    Set-VMMemory -VMName "PC3" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes 2048MB -Buffer 20
-    ```
-9. Temporarily disable the external network adapter on SRV1 again, so that we can successfully boot PC3 from WDS. To disable the adapter, type the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    Disable-NetAdapter "Ethernet 2" -Confirm:$false
-    ```
-
-    >As mentioned previously, ensure that you disable the **external** network adapter, and wait for the command to complete before proceeding.
-
-
-10. Start and connect to PC3 by typing the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-     ```
-     Start-VM PC3
-     vmconnect localhost PC3
-     ```
-
-11. When prompted, press ENTER for network boot.
-
-12. On PC3, use the following settings for the Windows Deployment Wizard:
-     - **Task Sequence**: Windows 10 Enterprise x64 Custom Image
-     - **Move Data and Settings**: Do not move user data and settings
-     - **User Data (Restore)**: Specify a location: **\\\\SRV1\MigData$\PC1**
-
-13. When OS installation has started on PC1, re-enable the external network adapter on SRV1 by typing the following command on SRV1:
-
-     ```
-     Enable-NetAdapter "Ethernet 2"
-     ```
-14. Setup will install the Windows 10 Enterprise operating system, update via Windows Update, and restore the user settings and data from PC1.
-
-15. When PC3 has completed installing the OS, sign in to PC3 using the contoso\administrator account. When the PC completes updating, click **Finish**.
-
-16. Verify that settings have been migrated from PC1. This completes demonstration of the replace procedure.
-
-17. Shut down PC3 in preparation for the [next](windows-10-poc-sc-config-mgr.md) procedure.
-
-## Troubleshooting logs, events, and utilities
-
-Deployment logs are available on the client computer in the following locations:
-- Before the image is applied: X:\MININT\SMSOSD\OSDLOGS
-- After the system drive has been formatted: C:\MININT\SMSOSD\OSDLOGS
-- After deployment: %WINDIR%\TEMP\DeploymentLogs
-
-You can review WDS events in Event Viewer at: **Applications and Services Logs > Microsoft > Windows > Deployment-Services-Diagnostics**. By default, only the **Admin** and **Operational** logs are enabled. To enable other logs, right-click the log and then click **Enable Log**.
-
-Tools for viewing log files, and to assist with troubleshooting are available in the [System Center 2012 R2 Configuration Manager Toolkit](https://www.microsoft.com/download/details.aspx?id=50012)
-
-Also see [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) for detailed troubleshooting information.
-
-## Related Topics
-
-[Microsoft Deployment Toolkit](https://technet.microsoft.com/windows/dn475741)<BR>
-[Prepare for deployment with MDT](deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
-
- 
-
-
-
-
-
+---
+title: Step by step - Deploy Windows 10 in a test lab using MDT
+description: Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit (MDT)
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+keywords: deployment, automate, tools, configure, mdt
+ms.localizationpriority: medium
+ms.date: 10/11/2017
+ms.reviewer: 
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+
+# Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit
+
+**Applies to**
+
+-   Windows 10
+
+**Important**: This guide leverages the proof of concept (PoC) environment configured using procedures in the following guide: 
+- [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)
+
+Please complete all steps in the prerequisite guide before starting this guide. This guide requires about 5 hours to complete, but can require less time or more time depending on the speed of the Hyper-V host. After completing the current guide, also see the companion guide:
+- [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)
+
+The PoC environment is a virtual network running on Hyper-V with three virtual machines (VMs):
+- **DC1**: A contoso.com domain controller, DNS server, and DHCP server.
+- **SRV1**: A dual-homed contoso.com domain member server, DNS server, and default gateway providing NAT service for the PoC network.
+- **PC1**: A contoso.com member computer running Windows 7, Windows 8, or Windows 8.1 that has been shadow-copied from a physical computer on your corporate network.
+
+>This guide uses the Hyper-V server role. If you do not complete all steps in a single session, consider using [checkpoints](https://technet.microsoft.com/library/dn818483.aspx) and [saved states](https://technet.microsoft.com/library/ee247418.aspx) to pause, resume, or restart your work.
+
+## In this guide
+
+This guide provides instructions to install and configure the Microsoft Deployment Toolkit (MDT) to deploy a Windows 10 image.
+
+Topics and procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
+
+<br>
+
+<div style='font-size:9.0pt'>
+
+<table border="1" cellspacing="0" cellpadding="0">
+<tr><td BGCOLOR="#a0e4fa"><B>Topic</B><td BGCOLOR="#a0e4fa"><B>Description</B><td BGCOLOR="#a0e4fa"><B>Time</B>
+
+<tr><td><a href="#about-mdt" data-raw-source="[About MDT](#about-mdt)">About MDT</a><td>A high-level overview of the Microsoft Deployment Toolkit (MDT).<td>Informational
+<tr><td><a href="#install-mdt" data-raw-source="[Install MDT](#install-mdt)">Install MDT</a><td>Download and install MDT.<td>40 minutes
+<tr><td><a href="#create-a-deployment-share-and-reference-image" data-raw-source="[Create a deployment share and reference image](#create-a-deployment-share-and-reference-image)">Create a deployment share and reference image</a><td>A reference image is created to serve as the template for deploying new images.<td>90 minutes
+<tr><td><a href="#deploy-a-windows-10-image-using-mdt" data-raw-source="[Deploy a Windows 10 image using MDT](#deploy-a-windows-10-image-using-mdt)">Deploy a Windows 10 image using MDT</a><td>The reference image is deployed in the PoC environment.<td>60 minutes
+<tr><td><a href="#refresh-a-computer-with-windows-10" data-raw-source="[Refresh a computer with Windows 10](#refresh-a-computer-with-windows-10)">Refresh a computer with Windows 10</a><td>Export user data from an existing client computer, wipe the computer, install a new operating system, and then restore user data and settings.<td>60 minutes
+<tr><td><a href="#replace-a-computer-with-windows-10" data-raw-source="[Replace a computer with Windows 10](#replace-a-computer-with-windows-10)">Replace a computer with Windows 10</a><td>Back up an existing client computer, then restore this backup to a new computer.<td>60 minutes
+<tr><td><a href="#troubleshooting-logs-events-and-utilities" data-raw-source="[Troubleshooting logs, events, and utilities](#troubleshooting-logs-events-and-utilities)">Troubleshooting logs, events, and utilities</a><td>Log locations and troubleshooting hints.<td>Informational
+</TABLE>
+
+</div>
+
+## About MDT
+
+MDT performs deployments by using the Lite Touch Installation (LTI), Zero Touch Installation (ZTI), and User-Driven Installation (UDI) deployment methods. 
+- LTI is the deployment method used in the current guide, requiring only MDT and performed with a minimum amount of user interaction.
+- ZTI is fully automated, requiring no user interaction and is performed using MDT and Microsoft Endpoint Configuration Manager. After completing the steps in the current guide, see [Step by step: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) to use the ZTI deployment method in the PoC environment.
+- UDI requires manual intervention to respond to installation prompts such as machine name, password and language settings. UDI requires MDT and Microsoft Endpoint Configuration Manager. 
+
+## Install MDT
+
+1. On SRV1, temporarily disable IE Enhanced Security Configuration for Administrators by typing the following commands at an elevated Windows PowerShell prompt:
+
+    ```
+    $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
+    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0
+    Stop-Process -Name Explorer
+    ```
+2. Download and install the 64-bit version of [Microsoft Deployment Toolkit (MDT)](https://www.microsoft.com/download/details.aspx?id=54259) on SRV1 using the default options. As of the writing of this guide, the latest version of MDT was 8443.
+
+3. Download and install the latest [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) on SRV1 using the default installation settings. The current version is the ADK for Windows 10, version 1703. Installation might require several minutes to acquire all components.
+
+3. If desired, re-enable IE Enhanced Security Configuration:
+
+    ```
+    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 1
+    Stop-Process -Name Explorer
+    ```
+
+## Create a deployment share and reference image
+
+A reference image serves as the foundation for Windows 10 devices in your organization.
+
+1. In [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md), the Windows 10 Enterprise .iso file was saved to the c:\VHD directory as **c:\VHD\w10-enterprise.iso**. The first step in creating a deployment share is to mount this file on SRV1.  To mount the Windows 10 Enterprise DVD on SRV1, open an elevated Windows PowerShell prompt on the Hyper-V host computer and type the following command:
+
+    ```
+    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\w10-enterprise.iso
+    ```
+2. On SRV1, verify that the Windows Enterprise installation DVD is mounted as drive letter D.
+
+3. The Windows 10 Enterprise installation files will be used to create a deployment share on SRV1 using the MDT deployment workbench. To open the deployment workbench, click **Start**, type **deployment**, and then click **Deployment Workbench**.
+
+4. To enable quick access to the application, right-click **Deployment Workbench** on the taskbar and then click **Pin this program to the taskbar**.
+
+5. In the Deployment Workbench console, right-click **Deployment Shares** and select **New Deployment Share**.
+
+6. Use the following settings for the New Deployment Share Wizard:
+    - Deployment share path: **C:\MDTBuildLab**<BR>
+    - Share name: **MDTBuildLab$**<BR>
+    - Deployment share description: **MDT build lab**<BR>
+    - Options: click **Next** to accept the default<BR>
+    - Summary: click **Next**<BR>
+    - Progress: settings will be applied<BR>
+    - Confirmation: click **Finish**
+
+
+7. Expand the **Deployment Shares** node, and then expand **MDT build lab**.
+
+8. Right-click the **Operating Systems** node, and then click **New Folder**. Name the new folder **Windows 10**. Complete the wizard using default values and click **Finish**.
+
+9. Right-click the **Windows 10** folder created in the previous step, and then click **Import Operating System**.
+
+10. Use the following settings for the Import Operating System Wizard: 
+    - OS Type: **Full set of source files**<BR>
+    - Source: **D:\\** <BR>
+    - Destination: **W10Ent_x64**<BR>
+    - Summary: click **Next**
+    - Progress: wait for files to be copied
+    - Confirmation: click **Finish**
+
+    >For purposes of this test lab, we will only add the prerequisite .NET Framework feature. Commerical applications (ex: Microsoft Office) will not be added to the deployment share. For information about adding applications, see the [Add applications](https://technet.microsoft.com/itpro/windows/deploy/create-a-windows-10-reference-image#sec03) section of the [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md) topic in the TechNet library.
+
+11. The next step is to create a task sequence to reference the operating system that was imported. To create a task sequence, right-click the **Task Sequences** node and then click **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
+    - Task sequence ID: **REFW10X64-001**<BR>
+    - Task sequence name: **Windows 10 Enterprise x64 Default Image** <BR>
+    - Task sequence comments: **Reference Build**<BR>
+    - Template: **Standard Client Task Sequence**
+    - Select OS: click **Windows 10 Enterprise Evaluation in W10Ent_x64 install.wim**
+    - Specify Product Key: **Do not specify a product key at this time**
+    - Full Name: **Contoso**
+    - Organization: **Contoso**
+    - Internet Explorer home page: **http://www.contoso.com**
+    - Admin Password: **Do not specify an Administrator password at this time**
+    - Summary: click **Next**
+    - Confirmation: click **Finish**
+
+
+12. Edit the task sequence to add the Microsoft NET Framework 3.5, which is required by many applications. To edit the task sequence, double-click **Windows 10 Enterprise x64 Default Image** that was created in the previous step.
+
+13. Click the **Task Sequence** tab. Under **State Restore** click **Tatto** to highlight it, then click **Add** and choose **New Group**.
+
+14. On the Properties tab of the group that was created in the previous step, change the Name from **New Group** to **Custom Tasks (Pre-Windows Update)** and then click **Apply**. Click another location in the window to see the name change.
+
+15. Click the **Custom Tasks (Pre-Windows Update)** group again, click **Add**, point to **Roles**, and then click **Install Roles and Features**.
+
+16. Under **Select the roles and features that should be installed**, select **.NET Framework 3.5 (includes .NET 2.0 and 3.0)** and then click **Apply**.
+
+17. Enable Windows Update in the task sequence by clicking the **Windows Update (Post-Application Installation)** step, clicking the **Options** tab, and clearing the **Disable this step** checkbox.
+    
+    >Note: Since we are not installing applications in this test lab, there is no need to enable the Windows Update Pre-Application Installation step. However, you should enable this step if you are also installing applications.
+
+18. Click **OK** to complete editing the task sequence.
+
+19. The next step is to configure the MDT deployment share rules. To configure rules in the Deployment Workbench, right-click **MDT build lab (C:\MDTBuildLab)** and click **Properties**, and then click the **Rules** tab.
+
+20. Replace the default rules with the following text:
+
+    ```
+    [Settings]
+    Priority=Default
+
+    [Default]
+    _SMSTSORGNAME=Contoso
+    UserDataLocation=NONE
+    DoCapture=YES
+    OSInstall=Y
+    AdminPassword=pass@word1
+    TimeZoneName=Pacific Standard Time
+    OSDComputername=#Left("PC-%SerialNumber%",7)#
+    JoinWorkgroup=WORKGROUP
+    HideShell=YES
+    FinishAction=SHUTDOWN
+    DoNotCreateExtraPartition=YES
+    ApplyGPOPack=NO
+    SkipAdminPassword=YES
+    SkipProductKey=YES
+    SkipComputerName=YES
+    SkipDomainMembership=YES
+    SkipUserData=YES
+    SkipLocaleSelection=YES
+    SkipTaskSequence=NO
+    SkipTimeZone=YES
+    SkipApplications=YES
+    SkipBitLocker=YES
+    SkipSummary=YES
+    SkipRoles=YES
+    SkipCapture=NO
+    SkipFinalSummary=NO
+    ```
+
+21. Click **Apply** and then click **Edit Bootstrap.ini**. Replace the contents of the Bootstrap.ini file with the following text, and save the file:
+
+    ```
+    [Settings]
+    Priority=Default
+
+    [Default]
+    DeployRoot=\\SRV1\MDTBuildLab$
+    UserDomain=CONTOSO
+    UserID=MDT_BA
+    UserPassword=pass@word1
+    SkipBDDWelcome=YES
+    ```
+
+22. Click **OK** to complete the configuration of the deployment share.
+
+23. Right-click **MDT build lab (C:\MDTBuildLab)** and then click **Update Deployment Share**.
+
+24. Accept all default values in the Update Deployment Share Wizard by clicking **Next** twice.  The update process will take 5 to 10 minutes. When it has completed, click **Finish**.
+
+25. Copy **c:\MDTBuildLab\Boot\LiteTouchPE_x86.iso** on SRV1 to the **c:\VHD** directory on the Hyper-V host computer. Note that in MDT, the x86 boot image can deploy both x86 and x64 operating systems, except on computers based on Unified Extensible Firmware Interface (UEFI).
+
+    >Hint: To copy the file, right-click the **LiteTouchPE_x86.iso** file and click **Copy** on SRV1, then open the **c:\VHD** folder on the Hyper-V host, right-click inside the folder and click **Paste**.
+
+26. Open a Windows PowerShell prompt on the Hyper-V host computer and type the following commands:
+
+    <div style='font-size:8.0pt'>
+    <pre style="overflow-y: visible">
+
+    New-VM REFW10X64-001 -SwitchName poc-internal -NewVHDPath "c:\VHD\REFW10X64-001.vhdx" -NewVHDSizeBytes 60GB
+    Set-VMMemory REFW10X64-001 -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 1024MB -Buffer 20
+    Set-VMDvdDrive REFW10X64-001 -Path c:\VHD\LiteTouchPE_x86.iso
+    Start-VM REFW10X64-001
+    vmconnect localhost REFW10X64-001
+	</pre>
+    </div>
+    
+    The VM will require a few minutes to prepare devices and boot from the LiteTouchPE_x86.iso file. 
+
+27. In the Windows Deployment Wizard, select **Windows 10 Enterprise x64 Default Image**, and then click **Next**.
+
+28. Accept the default values on the Capture Image page, and click **Next**. Operating system installation will complete after 5 to 10 minutes, and then the VM will reboot automatically. Allow the system to boot normally (do not press a key). The process is fully automated.
+
+	Additional system restarts will occur to complete updating and preparing the operating system. Setup will complete the following procedures:
+
+	- Install the Windows 10 Enterprise operating system.
+	- Install added applications, roles, and features.
+	- Update the operating system using Windows Update (or WSUS if optionally specified).
+	- Stage Windows PE on the local disk.
+	- Run System Preparation (Sysprep) and reboot into Windows PE.
+	- Capture the installation to a Windows Imaging (WIM) file.
+	- Turn off the virtual machine.<BR><BR>
+
+    This step requires from 30 minutes to 2 hours, depending on the speed of the Hyper-V host. After some time, you will have a Windows 10 Enterprise x64 image that is fully patched and has run through Sysprep. The image is located in the C:\MDTBuildLab\Captures folder on your deployment server (SRV1). The file name is **REFW10X64-001.wim**.
+
+## Deploy a Windows 10 image using MDT
+
+This procedure will demonstrate how to deploy the reference image to the PoC environment using MDT.
+
+1. On SRV1, open the MDT Deployment Workbench console, right-click **Deployment Shares**, and then click **New Deployment Share**. Use the following values in the New Deployment Share Wizard:
+     - **Deployment share path**: C:\MDTProd
+     - **Share name**: MDTProd$
+     - **Deployment share description**: MDT Production
+     - **Options**: accept the default
+
+
+2. Click **Next**, verify the new deployment share was added successfully, then click **Finish**.
+
+3. In the Deployment Workbench console, expand the MDT Production deployment share, right-click **Operating Systems**, and then click **New Folder**. Name the new folder **Windows 10** and complete the wizard using default values.
+
+4. Right-click the **Windows 10** folder created in the previous step, and then click **Import Operating System**.
+
+5. On the **OS Type** page, choose **Custom image file** and then click **Next**.
+
+6. On the Image page, browse to the **C:\MDTBuildLab\Captures\REFW10X64-001.wim** file created in the previous procedure, click **Open**, and then click **Next**.
+
+7. On the Setup page, select **Copy Windows 7, Windows Server 2008 R2, or later setup files from the specified path**. 
+
+8. Under **Setup source directory**, browse to **C:\MDTBuildLab\Operating Systems\W10Ent_x64** click **OK** and then click **Next**.
+
+9. On the Destination page, accept the default Destination directory name of **REFW10X64-001**, click **Next** twice, wait for the import process to complete, and then click **Finish**.
+
+10. In the **Operating Systems** > **Windows 10** node, double-click the operating system that was added to view its properties. Change the operating system name to **Windows 10 Enterprise x64 Custom Image** and then click **OK**. See the following example:
+
+    ![custom image](images/image.png)
+
+
+### Create the deployment task sequence
+
+1. Using the Deployment Workbench, right-click **Task Sequences** under the **MDT Production** node, click **New Folder** and create a folder with the name: **Windows 10**.
+
+2. Right-click the **Windows 10** folder created in the previous step, and then click **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
+    - Task sequence ID: W10-X64-001
+    - Task sequence name: Windows 10 Enterprise x64 Custom Image
+    - Task sequence comments: Production Image
+    - Select Template: Standard Client Task Sequence
+    - Select OS: Windows 10 Enterprise x64 Custom Image
+    - Specify Product Key: Do not specify a product key at this time
+    - Full Name: Contoso
+    - Organization: Contoso
+    - Internet Explorer home page: http://www.contoso.com
+    - Admin Password: pass@word1 
+    
+### Configure the MDT production deployment share
+
+1. On SRV1, open an elevated Windows PowerShell prompt and type the following commands:
+
+    ```
+    copy-item "C:\Program Files\Microsoft Deployment Toolkit\Templates\Bootstrap.ini" C:\MDTProd\Control\Bootstrap.ini -Force
+    copy-item "C:\Program Files\Microsoft Deployment Toolkit\Templates\CustomSettings.ini" C:\MDTProd\Control\CustomSettings.ini -Force
+    ``` 
+2. In the Deployment Workbench console on SRV1, right-click the **MDT Production** deployment share and then click **Properties**.
+
+3. Click the **Rules** tab and replace the rules with the following text (don't click OK yet):
+
+    ```
+    [Settings]
+    Priority=Default
+    
+    [Default]
+    _SMSTSORGNAME=Contoso
+    OSInstall=YES
+    UserDataLocation=AUTO
+    TimeZoneName=Pacific Standard Time
+    OSDComputername=#Left("PC-%SerialNumber%",7)#
+    AdminPassword=pass@word1
+    JoinDomain=contoso.com
+    DomainAdmin=administrator
+    DomainAdminDomain=CONTOSO
+    DomainAdminPassword=pass@word1
+    ScanStateArgs=/ue:*\* /ui:CONTOSO\*
+    USMTMigFiles001=MigApp.xml
+    USMTMigFiles002=MigUser.xml
+    HideShell=YES
+    ApplyGPOPack=NO
+    SkipAppsOnUpgrade=NO
+    SkipAdminPassword=YES
+    SkipProductKey=YES
+    SkipComputerName=YES
+    SkipDomainMembership=YES
+    SkipUserData=YES
+    SkipLocaleSelection=YES
+    SkipTaskSequence=NO
+    SkipTimeZone=YES
+    SkipApplications=NO
+    SkipBitLocker=YES
+    SkipSummary=YES
+    SkipCapture=YES
+    SkipFinalSummary=NO
+    EventService=http://SRV1:9800
+    ```
+    **Note**: The contents of the Rules tab are added to c:\MDTProd\Control\CustomSettings.ini.
+    
+    >In this example a **MachineObjectOU** entry is not provided. Normally this entry describes the specific OU where new client computer objects are created in Active Directory. However, for the purposes of this test lab clients are added to the default computers OU, which requires that this parameter be unspecified.
+
+    If desired, edit the follow line to include or exclude other users when migrating settings. Currently, the command is set to user exclude (ue) all users except for CONTOSO users specified by the user include option (ui):
+    
+    ```
+    ScanStateArgs=/ue:*\* /ui:CONTOSO\*
+    ```
+
+    For example, to migrate **all** users on the computer, replace this line with the following:
+
+    ```
+    ScanStateArgs=/all
+    ```   
+
+    For more information, see [ScanState Syntax](https://technet.microsoft.com/library/cc749015.aspx).
+
+4. Click **Edit Bootstap.ini** and replace text in the file with the following text:
+
+    ```
+    [Settings]
+    Priority=Default
+    
+    [Default]
+    DeployRoot=\\SRV1\MDTProd$
+    UserDomain=CONTOSO
+    UserID=MDT_BA
+    UserPassword=pass@word1
+    SkipBDDWelcome=YES
+    ```
+5. Click **OK** when finished. 
+
+### Update the deployment share
+
+1. Right-click the **MDT Production** deployment share and then click **Update Deployment Share**.
+
+2. Use the default options for the Update Deployment Share Wizard. The update process requires 5 to 10 minutes to complete.
+
+3. Click **Finish** when the update is complete.
+
+### Enable deployment monitoring
+
+1. In the Deployment Workbench console, right-click **MDT Production** and then click **Properties**.
+
+2. On the **Monitoring** tab, select the **Enable monitoring for this deployment share** checkbox, and then click **OK**.
+
+3. Verify the monitoring service is working as expected by opening the following link on SRV1 in Internet Explorer: [http://localhost:9800/MDTMonitorEvent/](http://localhost:9800/MDTMonitorEvent/). If you do not see "**You have created a service**" at the top of the page, see [Troubleshooting MDT 2012 Monitoring](https://blogs.technet.microsoft.com/mniehaus/2012/05/10/troubleshooting-mdt-2012-monitoring/).
+
+4. Close Internet Explorer.
+
+### Configure Windows Deployment Services
+
+1. Initialize Windows Deployment Services (WDS) by typing the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    WDSUTIL /Verbose /Progress /Initialize-Server /Server:SRV1 /RemInst:"C:\RemoteInstall"
+    WDSUTIL /Set-Server /AnswerClients:All
+    ```
+
+2. Click **Start**, type **Windows Deployment**, and then click **Windows Deployment Services**.
+
+3. In the Windows Deployment Services console, expand **Servers**, expand **SRV1.contoso.com**, right-click **Boot Images**, and then click **Add Boot Image**.
+
+4. Browse to the **C:\MDTProd\Boot\LiteTouchPE_x64.wim** file, click **Open**, click **Next**, and accept the defaults in the Add Image Wizard. Click **Finish** to complete adding a boot image.
+
+### Deploy the client image
+
+1. Before using WDS to deploy a client image, you must temporarily disable the external network adapter on SRV1. This is just an artifact of the lab environment. In a typical deployment environment WDS would not be installed on the default gateway. 
+
+    >**Note**: Do not disable the *internal* network interface. To quickly view IP addresses and interface names configured on the VM, type **Get-NetIPAddress | ft interfacealias, ipaddress**
+    
+    Assuming the external interface is named "Ethernet 2", to disable the *external* interface on SRV1, open a Windows PowerShell prompt on SRV1 and type the following command:
+
+    ```
+    Disable-NetAdapter "Ethernet 2" -Confirm:$false
+    ```
+
+    >Wait until the disable-netadapter command completes before proceeding.
+
+
+2. Next, switch to the Hyper-V host and open an elevated Windows PowerShell prompt. Create a generation 2 VM on the Hyper-V host that will load its OS using PXE. To create this VM, type the following commands at an elevated Windows PowerShell prompt:
+
+    ```
+    New-VM –Name "PC2" –NewVHDPath "c:\vhd\pc2.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
+    Set-VMMemory -VMName "PC2" -DynamicMemoryEnabled $true -MinimumBytes 720MB -MaximumBytes 2048MB -Buffer 20
+    ```
+
+    >Dynamic memory is configured on the VM to conserve resources. However, this can cause memory allocation to be reduced past what is required to install an operating system. If this happens, reset the VM and begin the OS installation task sequence immediately. This ensures the VM memory allocation is not decreased too much while it is idle.
+
+3. Start the new VM and connect to it:
+
+    ```
+    Start-VM PC2
+    vmconnect localhost PC2
+    ```
+4. When prompted, hit ENTER to start the network boot process.
+
+5. In the Windows Deployment Wizard, choose the **Windows 10 Enterprise x64 Custom Image** and then click **Next**.
+
+6. After MDT lite touch installation has started, be sure to re-enable the external network adapter on SRV1. This is needed so the client can use Windows Update after operating system installation is complete.To re-enable the external network interface, open an elevated Windows PowerShell prompt on SRV1 and type the following command:
+
+    ```
+    Enable-NetAdapter "Ethernet 2"
+    ```
+7. On SRV1, in the Deployment Workbench console, click on **Monitoring** and view the status of installation. Right-click **Monitoring** and click **Refresh** if no data is displayed.
+8. OS installation requires about 10 minutes. When the installation is complete, the system will reboot automatically, configure devices, and install updates, requiring another 10-20 minutes.  When the new client computer is finished updating, click **Finish**. You will be automatically signed in to the local computer as administrator.
+    
+    ![finish](images/deploy-finish.png)
+
+
+This completes the demonstration of how to deploy a reference image to the network. To conserve resources, turn off the PC2 VM before starting the next section.
+
+## Refresh a computer with Windows 10
+
+This section will demonstrate how to export user data from an existing client computer, wipe the computer, install a new operating system, and then restore user data and settings. The scenario will use PC1, a computer that was cloned from a physical device to a VM, as described in [Step by step guide: Deploy Windows 10 in a test lab](windows-10-poc.md). 
+
+1. If the PC1 VM is not already running, then start and connect to it:
+    
+    ```
+    Start-VM PC1
+    vmconnect localhost PC1
+    ```
+
+2. Switch back to the Hyper-V host and create a checkpoint for the PC1 VM so that it can easily be reverted to its current state for troubleshooting purposes and to perform additional scenarios.  Checkpoints are also known as snapshots. To create a checkpoint for the PC1 VM, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    ```
+    Checkpoint-VM -Name PC1 -SnapshotName BeginState
+    ```
+
+3. Sign on to PC1 using the CONTOSO\Administrator account.
+
+    >Specify **contoso\administrator** as the user name to ensure you do not sign on using the local administrator account. You must sign in with this account so that you have access to the deployment share.
+
+4. Open an elevated command prompt on PC1 and type the following:
+
+    ```
+    cscript \\SRV1\MDTProd$\Scripts\Litetouch.vbs
+    ```
+
+    **Note**: Litetouch.vbs must be able to create the C:\MININT directory on the local computer.
+
+5. Choose the **Windows 10 Enterprise x64 Custom Image** and then click **Next**.
+
+6. Choose **Do not back up the existing computer** and click **Next**.
+
+    **Note**: The USMT will still back up the computer.
+
+7. Lite Touch Installation will perform the following actions:
+   - Back up user settings and data using USMT.
+   - Install the Windows 10 Enterprise X64 operating system.
+   - Update the operating system via Windows Update.
+   - Restore user settings and data using USMT.
+
+     You can review the progress of installation on SRV1 by clicking on the **Monitoring** node in the deployment workbench. When OS installation is complete, the computer will restart, set up devices, and configure settings.
+
+8. Sign in with the CONTOSO\Administrator account and verify that all CONTOSO domain user accounts and data have been migrated to the new operating system, or other user accounts as specified [previously](#configure-the-mdt-production-deployment-share).
+
+9. Create another checkpoint for the PC1 VM so that you can review results of the computer refresh later. To create a checkpoint, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    ```
+    Checkpoint-VM -Name PC1 -SnapshotName RefreshState
+    ```
+
+10. Restore the PC1 VM to it's previous state in preparation for the replace procedure. To restore a checkpoint, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    ```
+    Restore-VMSnapshot -VMName PC1 -Name BeginState -Confirm:$false
+    Start-VM PC1
+    vmconnect localhost PC1
+    ```
+    
+11. Sign in to PC1 using the contoso\administrator account.
+
+## Replace a computer with Windows 10
+
+At a high level, the computer replace process consists of:<BR>
+- A special replace task sequence that runs the USMT backup and an optional full Window Imaging (WIM) backup.<BR>
+- A standard OS deployment on a new computer. At the end of the deployment, the USMT backup from the old computer is restored.
+
+### Create a backup-only task sequence
+
+1. On SRV1, in the deployment workbench console, right-click the MDT Production deployment share, click **Properties**, click the **Rules** tab, and change the line **SkipUserData=YES** to **SkipUserData=NO**.
+2. Click **OK**, right-click **MDT Production**, click **Update Deployment Share** and accept the default options in the wizard to update the share.
+3. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    New-Item -Path C:\MigData -ItemType directory
+    New-SmbShare -Name MigData$ -Path C:\MigData -ChangeAccess EVERYONE
+    icacls C:\MigData /grant '"contoso\administrator":(OI)(CI)(M)'
+    ```
+4. On SRV1 in the deployment workbench, under **MDT Production**, right-click the **Task Sequences** node, and click **New Folder**.
+5. Name the new folder **Other**, and complete the wizard using default options.
+6. Right-click the **Other** folder and then click **New Task Sequence**. Use the following values in the wizard:
+    - **Task sequence ID**: REPLACE-001
+    - **Task sequence name**: Backup Only Task Sequence
+    - **Task sequence comments**: Run USMT to back up user data and settings
+    - **Template**: Standard Client Replace Task Sequence (note: this is not the default template)
+7. Accept defaults for the rest of the wizard and then click **Finish**. The replace task sequence will skip OS selection and settings.
+8. Open the new task sequence that was created and review it. Note the type of capture and backup tasks that are present. Click **OK** when you are finished reviewing the task sequence.
+
+### Run the backup-only task sequence
+
+1. If you are not already signed on to PC1 as **contoso\administrator**, sign in using this account. To verify the currently signed in account, type the following command at an elevated command prompt:
+
+    ```
+    whoami
+    ```
+2. To ensure a clean environment before running the backup task sequence, type the following at an elevated Windows PowerShell prompt on PC1:
+
+    ```
+    Remove-Item c:\minint -recurse
+    Remove-Item c:\_SMSTaskSequence -recurse
+    Restart-Computer
+    ```
+3. Sign in to PC1 using the contoso\administrator account, and then type the following at an elevated command prompt:
+
+    ```
+    cscript \\SRV1\MDTProd$\Scripts\Litetouch.vbs
+    ```
+4. Complete the deployment wizard using the following:
+    - **Task Sequence**: Backup Only Task Sequence
+    - **User Data**: Specify a location: **\\\\SRV1\MigData$\PC1**
+    - **Computer Backup**: Do not back up the existing computer.
+5. While the task sequence is running on PC1, open the deployment workbench console on SRV1 and click the **Monitoring* node. Press F5 to refresh the console, and view the status of current tasks.  
+6. On PC1, verify that **The user state capture was completed successfully** is displayed, and click **Finish** when the capture is complete.
+7. On SRV1, verify that the file **USMT.MIG** was created in the **C:\MigData\PC1\USMT** directory. See the following example:
+
+    ```
+    PS C:\> dir C:\MigData\PC1\USMT
+
+        Directory: C:\MigData\PC1\USMT
+
+    Mode                LastWriteTime     Length Name
+    ----                -------------     ------ ----
+    -a---          9/6/2016  11:34 AM   14248685 USMT.MIG
+    ```
+   ### Deploy PC3 
+
+8. On the Hyper-V host, type the following commands at an elevated Windows PowerShell prompt:
+
+    ```
+    New-VM –Name "PC3" –NewVHDPath "c:\vhd\pc3.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
+    Set-VMMemory -VMName "PC3" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes 2048MB -Buffer 20
+    ```
+9. Temporarily disable the external network adapter on SRV1 again, so that we can successfully boot PC3 from WDS. To disable the adapter, type the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    Disable-NetAdapter "Ethernet 2" -Confirm:$false
+    ```
+
+    >As mentioned previously, ensure that you disable the **external** network adapter, and wait for the command to complete before proceeding.
+
+
+10. Start and connect to PC3 by typing the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+     ```
+     Start-VM PC3
+     vmconnect localhost PC3
+     ```
+
+11. When prompted, press ENTER for network boot.
+
+12. On PC3, use the following settings for the Windows Deployment Wizard:
+     - **Task Sequence**: Windows 10 Enterprise x64 Custom Image
+     - **Move Data and Settings**: Do not move user data and settings
+     - **User Data (Restore)**: Specify a location: **\\\\SRV1\MigData$\PC1**
+
+13. When OS installation has started on PC1, re-enable the external network adapter on SRV1 by typing the following command on SRV1:
+
+     ```
+     Enable-NetAdapter "Ethernet 2"
+     ```
+14. Setup will install the Windows 10 Enterprise operating system, update via Windows Update, and restore the user settings and data from PC1.
+
+15. When PC3 has completed installing the OS, sign in to PC3 using the contoso\administrator account. When the PC completes updating, click **Finish**.
+
+16. Verify that settings have been migrated from PC1. This completes demonstration of the replace procedure.
+
+17. Shut down PC3 in preparation for the [next](windows-10-poc-sc-config-mgr.md) procedure.
+
+## Troubleshooting logs, events, and utilities
+
+Deployment logs are available on the client computer in the following locations:
+- Before the image is applied: X:\MININT\SMSOSD\OSDLOGS
+- After the system drive has been formatted: C:\MININT\SMSOSD\OSDLOGS
+- After deployment: %WINDIR%\TEMP\DeploymentLogs
+
+You can review WDS events in Event Viewer at: **Applications and Services Logs > Microsoft > Windows > Deployment-Services-Diagnostics**. By default, only the **Admin** and **Operational** logs are enabled. To enable other logs, right-click the log and then click **Enable Log**.
+
+Tools for viewing log files, and to assist with troubleshooting are available in the [System Center 2012 R2 Configuration Manager Toolkit](https://www.microsoft.com/download/details.aspx?id=50012)
+
+Also see [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) for detailed troubleshooting information.
+
+## Related Topics
+
+[Microsoft Deployment Toolkit](https://technet.microsoft.com/windows/dn475741)<BR>
+[Prepare for deployment with MDT](deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/windows-10-poc-sc-config-mgr.md b/windows/deployment/windows-10-poc-sc-config-mgr.md
index 929b097d58..96ff61fc93 100644
--- a/windows/deployment/windows-10-poc-sc-config-mgr.md
+++ b/windows/deployment/windows-10-poc-sc-config-mgr.md
@@ -1,1081 +1,1083 @@
----
-title: Step by step - Deploy Windows 10 using System Center Configuration Manager
-description: Deploy Windows 10 in a test lab using System Center Configuration Manager
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-keywords: deployment, automate, tools, configure, sccm
-ms.localizationpriority: medium
-ms.date: 10/11/2017
-ms.reviewer: 
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Deploy Windows 10 in a test lab using System Center Configuration Manager
-
-**Applies to**
-
--   Windows 10
-
-**Important**: This guide leverages the proof of concept (PoC) environment, and some settings that are configured in the following guides:
-- [Step by step guide: Deploy Windows 10 in a test lab](windows-10-poc.md)
-- [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md)
-
-Please complete all steps in these guides before attempting the procedures in this guide. If you wish to skip the Windows 10 deployment procedures in the MDT guide and move directly to this guide, you must at least install MDT and the Windows ADK before performing procedures in this guide. All steps in the first guide are required before attempting the procedures in this guide.
-
-The PoC environment is a virtual network running on Hyper-V with three virtual machines (VMs):
-- **DC1**: A contoso.com domain controller, DNS server, and DHCP server.
-- **SRV1**: A dual-homed contoso.com domain member server, DNS server, and default gateway providing NAT service for the PoC network.
-- **PC1**: A contoso.com member computer running Windows 7, Windows 8, or Windows 8.1 that has been cloned from a physical computer on your corporate network for testing purposes.
-This guide leverages the Hyper-V server role to perform procedures. If you do not complete all steps in a single session, consider using [checkpoints](https://technet.microsoft.com/library/dn818483.aspx) and [saved states](https://technet.microsoft.com/library/ee247418.aspx) to pause, resume, or restart your work.
-
->Multiple features and services are installed on SRV1 in this guide. This is not a typical installation, and is only done to set up a lab environment with a bare minimum of resources. However, if less than 4 GB of RAM is allocated to SRV1 in the Hyper-V console, some procedures will be extremely slow to complete. If resources are limited on the Hyper-V host, consider reducing RAM allocation on DC1 and PC1, and then increasing the RAM allocation on SRV1. You can adjust RAM allocation for a VM by right-clicking the VM in the Hyper-V Manager console, clicking **Settings**, clicking **Memory**, and modifying the value next to **Maximum RAM**.
-
-## In this guide
-
-This guide provides end-to-end instructions to install and configure System Center Configuration Manager, and use it to deploy a Windows 10 image. Depending on the speed of your Hyper-V host, the procedures in this guide will require 6-10 hours to complete.
-
-Topics and procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
-
-<br>
-
-<div style='font-size:9.0pt'>
-<table border="1" cellspacing="0" cellpadding="0">
-<tr><td BGCOLOR="#a0e4fa"><b>Topic</b><td BGCOLOR="#a0e4fa"><b>Description</b><td BGCOLOR="#a0e4fa"><b>Time</b>
-
-<tr><td><a href="#install-prerequisites" data-raw-source="[Install prerequisites](#install-prerequisites)">Install prerequisites</a><td>Install prerequisite Windows Server roles and features, download, install and configure SQL Server, configure firewall rules, and install the Windows ADK.<td>60 minutes
-<tr><td><a href="#install-system-center-configuration-manager" data-raw-source="[Install System Center Configuration Manager](#install-system-center-configuration-manager)">Install System Center Configuration Manager</a><td>Download System Center Configuration Manager, configure prerequisites, and install the package.<td>45 minutes
-<tr><td><a href="#download-mdop-and-install-dart" data-raw-source="[Download MDOP and install DaRT](#download-mdop-and-install-dart)">Download MDOP and install DaRT</a><td>Download the Microsoft Desktop Optimization Pack 2015 and install DaRT 10.<td>15 minutes
-<tr><td><a href="#prepare-for-zero-touch-installation" data-raw-source="[Prepare for Zero Touch installation](#prepare-for-zero-touch-installation)">Prepare for Zero Touch installation</a><td>Prerequisite procedures to support Zero Touch installation.<td>60 minutes
-<tr><td><a href="#create-a-boot-image-for-configuration-manager" data-raw-source="[Create a boot image for Configuration Manager](#create-a-boot-image-for-configuration-manager)">Create a boot image for Configuration Manager</a><td>Use the MDT wizard to create the boot image in Configuration Manager.<td>20 minutes
-<tr><td><a href="#create-a-windows-10-reference-image" data-raw-source="[Create a Windows 10 reference image](#create-a-windows-10-reference-image)">Create a Windows 10 reference image</a><td>This procedure can be skipped if it was done previously, otherwise instructions are provided to create a reference image.<td>0-60 minutes
-<tr><td><a href="#add-a-windows-10-operating-system-image" data-raw-source="[Add a Windows 10 operating system image](#add-a-windows-10-operating-system-image)">Add a Windows 10 operating system image</a><td>Add a Windows 10 operating system image and distribute it.<td>10 minutes<tr><td><a href="#create-a-task-sequence" data-raw-source="[Create a task sequence](#create-a-task-sequence)">Create a task sequence</a><td>Create a Configuration Manager task sequence with MDT integration using the MDT wizard<td>15 minutes
-<tr><td><a href="#finalize-the-operating-system-configuration" data-raw-source="[Finalize the operating system configuration](#finalize-the-operating-system-configuration)">Finalize the operating system configuration</a><td>Enable monitoring, configure rules, and distribute content.<td>30 minutes
-<tr><td><a href="#deploy-windows-10-using-pxe-and-configuration-manager" data-raw-source="[Deploy Windows 10 using PXE and Configuration Manager](#deploy-windows-10-using-pxe-and-configuration-manager)">Deploy Windows 10 using PXE and Configuration Manager</a><td>Deploy Windows 10 using Configuration Manager deployment packages and task sequences.<td>60 minutes
-<tr><td><a href="#replace-a-client-with-windows-10-using-configuration-manager" data-raw-source="[Replace a client with Windows 10 using Configuration Manager](#replace-a-client-with-windows-10-using-configuration-manager)">Replace a client with Windows 10 using Configuration Manager</a><td>Replace a client computer with Windows 10 using Configuration Manager.<td>90 minutes
-<tr><td><a href="#refresh-a-client-with-windows-10-using-configuration-manager" data-raw-source="[Refresh a client with Windows 10 using Configuration Manager](#refresh-a-client-with-windows-10-using-configuration-manager)">Refresh a client with Windows 10 using Configuration Manager</a><td>Use a task sequence to refresh a client with Windows 10 using Configuration Manager and MDT<td>90 minutes
-
-</table>
-
-</div>
-
-## Install prerequisites
-1. Before installing System Center Configuration Manager, we must install prerequisite services and features. Type the following command at an elevated Windows PowerShell prompt on SRV1: 
-
-    ```
-    Install-WindowsFeature Web-Windows-Auth,Web-ISAPI-Ext,Web-Metabase,Web-WMI,BITS,RDC,NET-Framework-Features,Web-Asp-Net,Web-Asp-Net45,NET-HTTP-Activation,NET-Non-HTTP-Activ
-    ```
-
-    >If the request to add features fails, retry the installation by typing the command again.
-
-2. Download [SQL Server 2014 SP2](https://www.microsoft.com/evalcenter/evaluate-sql-server-2014-sp2) from the Microsoft Evaluation Center as an .ISO file on the Hyper-V host computer. Save the file to the **C:\VHD** directory.
-3. When you have downloaded the file **SQLServer2014SP2-FullSlipstream-x64-ENU.iso** and placed it in the C:\VHD directory, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host: 
-
-    ```
-    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\SQLServer2014SP2-FullSlipstream-x64-ENU.iso
-    ```
-
-    This command mounts the .ISO file to drive D on SRV1.
-
-4. Type the following command at an elevated Windows PowerShell prompt on SRV1 to install SQL Server:
-
-    ```
-    D:\setup.exe /q /ACTION=Install /ERRORREPORTING="False" /FEATURES=SQLENGINE,RS,IS,SSMS,TOOLS,ADV_SSMS,CONN /INSTANCENAME=MSSQLSERVER /INSTANCEDIR="C:\Program Files\Microsoft SQL Server" /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /SQLSVCSTARTUPTYPE=Automatic /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCSTARTUPTYPE=Automatic /RSSVCACCOUNT="NT AUTHORITY\System" /RSSVCSTARTUPTYPE=Automatic /ISSVCACCOUNT="NT AUTHORITY\System" /ISSVCSTARTUPTYPE=Disabled /ASCOLLATION="Latin1_General_CI_AS" /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS" /TCPENABLED="1" /NPENABLED="1" /IAcceptSQLServerLicenseTerms
-    ```
-    Installation will take several minutes. When installation is complete, the following output will be displayed:
-
-    ```
-    Microsoft (R) SQL Server 2014 12.00.5000.00
-    Copyright (c) Microsoft Corporation.  All rights reserved.
-    
-    Microsoft (R) .NET Framework CasPol 2.0.50727.7905
-    Copyright (c) Microsoft Corporation.  All rights reserved.
-    
-    Success
-    Microsoft (R) .NET Framework CasPol 2.0.50727.7905
-    Copyright (c) Microsoft Corporation.  All rights reserved.
-    
-    Success
-    One or more affected files have operations pending.
-    You should restart your computer to complete this process.
-    PS C:\>
-    ```
-5. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    New-NetFirewallRule -DisplayName “SQL Server” -Direction Inbound –Protocol TCP –LocalPort 1433 -Action allow
-    New-NetFirewallRule -DisplayName “SQL Admin Connection” -Direction Inbound –Protocol TCP –LocalPort 1434 -Action allow
-    New-NetFirewallRule -DisplayName “SQL Database Management” -Direction Inbound –Protocol UDP –LocalPort 1434 -Action allow
-    New-NetFirewallRule -DisplayName “SQL Service Broker” -Direction Inbound –Protocol TCP –LocalPort 4022 -Action allow
-    New-NetFirewallRule -DisplayName “SQL Debugger/RPC” -Direction Inbound –Protocol TCP –LocalPort 135 -Action allow
-    ```
-
-7. Download and install the latest [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) on SRV1 using the default installation settings. The current version is the ADK for Windows 10, version 1703. Installation might require several minutes to acquire all components.   
-
-## Install System Center Configuration Manager
-
-1. On SRV1, temporarily disable IE Enhanced Security Configuration for Administrators by typing the following commands at an elevated Windows PowerShell prompt:
-
-    ```
-    $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
-    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0
-    Stop-Process -Name Explorer
-    ```
-
-2. Download [System Center Configuration Manager and Endpoint Protection](https://www.microsoft.com/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection) on SRV1 (download the executable file anywhere on SRV1), double-click the file, enter **C:\configmgr** for **Unzip to folder**, and click **Unzip**. The C:\configmgr directory will be automatically created. Click **OK** and then close the **WinZip Self-Extractor** dialog box when finished.
-
-3. Before starting the installation, verify that WMI is working on SRV1. See the following examples. Verify that **Running** is displayed under **Status** and **True** is displayed next to **TcpTestSucceeded**:
-
-    ```
-    Get-Service Winmgmt
-
-    Status   Name               DisplayName
-    ------   ----               -----------
-    Running  Winmgmt            Windows Management Instrumentation
-
-    Test-NetConnection -ComputerName 192.168.0.2 -Port 135 -InformationLevel Detailed
-
-    ComputerName             : 192.168.0.2
-    RemoteAddress            : 192.168.0.2
-    RemotePort               : 135
-    AllNameResolutionResults :
-    MatchingIPsecRules       :
-    NetworkIsolationContext  : Internet
-    InterfaceAlias           : Ethernet
-    SourceAddress            : 192.168.0.2
-    NetRoute (NextHop)       : 0.0.0.0
-    PingSucceeded            : True
-    PingReplyDetails (RTT)   : 0 ms
-    TcpTestSucceeded         : True
-    ```
-    You can also verify WMI using the WMI console by typing **wmimgmt.msc**, right-clicking **WMI Control (Local)** in the console tree, and then clicking **Properties**.
-
-    If the WMI service is not started, attempt to start it or reboot the computer.  If WMI is running but errors are present, see [WMIDiag](https://blogs.technet.microsoft.com/askperf/2015/05/12/wmidiag-2-2-is-here/) for troubleshooting information.
-
-4. To extend the Active Directory schema, type the following command at an elevated Windows PowerShell prompt:
-
-    ```
-    cmd /c C:\configmgr\SMSSETUP\BIN\X64\extadsch.exe
-    ```
-
-5. Temporarily switch to the DC1 VM, and type the following command at an elevated command prompt on DC1:
-
-    ```
-    adsiedit.msc
-    ```
-
-6. Right-click **ADSI Edit**, click **Connect to**, select **Default (Domain or server that you logged in to)** under **Computer** and then click **OK**.
-7. Expand **Default naming context**>**DC=contoso,DC=com**, and then in the console tree right-click **CN=System**, point to **New**, and then click **Object**.
-8. Click **container** and then click **Next**.
-9. Next to **Value**, type **System Management**, click **Next**, and then click **Finish**.
-10. Right-click **CN=system Management** and then click **Properties**.
-11. On the **Security** tab, click **Add**, click **Object Types**, select **Computers**, and click **OK**.
-12. Under **Enter the object names to select**, type **SRV1** and click **OK**.
-13. The **SRV1** computer account will be highlighted, select **Allow** next to **Full control**.
-14. Click **Advanced**, click **SRV1 (CONTOSO\SRV1$)** and click **Edit**.
-15. Next to **Applies to**, choose **This object and all descendant objects**, and then click **OK** three times.
-16. Close the ADSI Edit console and switch back to SRV1.
-17. To start Configuration Manager installation, type the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    cmd /c C:\configmgr\SMSSETUP\BIN\X64\Setup.exe
-    ```
-18. Provide the following in the System Center Configuration Manager Setup Wizard:
-    - **Before You Begin**: Read the text and click *Next*.
-    - **Getting Started**: Choose **Install a Configuration Manager primary site** and select the **Use typical installation options for a stand-alone primary site** checkbox.
-        - Click **Yes** in response to the popup window.
-    - **Product Key**: Choose **Install the evaluation edition of this Product**.
-    - **Microsoft Software License Terms**: Read the terms and then select the **I accept these license terms** checkbox.
-    - **Prerequisite Licenses**: Review license terms and select all three checkboxes on the page.
-    - **Prerequisite Downloads**: Choose **Download required files** and enter **c:\windows\temp** next to **Path**. 
-    - **Site and Installation Settings**: Site code: **PS1**, Site name: **Contoso**.
-        - use default settings for all other options
-    - **Usage Data**: Read the text and click **Next**.
-    - **Service Connection Point Setup**: Accept the default settings (SRV1.contoso.com is automatically added under Select a server to use).
-    - **Settings Summary**: Review settings and click **Next**.
-    - **Prerequisite Check**: No failures should be listed. Ignore any warnings and click **Begin Install**.
-
-    >There should be at most three warnings present: WSUS on site server, configuration for SQL Server memory usage, and SQL Server process memory allocation. These warnings can safely be ignored in this test environment.
-
-    Depending on the speed of the Hyper-V host and resources allocated to SRV1, installation can require approximately one hour. Click **Close** when installation is complete. 
-
-19. If desired, re-enable IE Enhanced Security Configuration at this time on SRV1:
-
-    ```
-    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 1
-    Stop-Process -Name Explorer
-    ```
-
-## Download MDOP and install DaRT
-
->[!IMPORTANT]
->This step requires an MSDN subscription or volume licence agreement. For more information, see [Ready for Windows 10: MDOP 2015 and more tools are now available](https://blogs.technet.microsoft.com/windowsitpro/2015/08/17/ready-for-windows-10-mdop-2015-and-more-tools-are-now-available/).
->If your organization qualifies and does not already have an MSDN subscription, you can obtain a [free MSDN subscription with BizSpark](https://blogs.msdn.microsoft.com/zainnab/2011/03/14/bizspark-free-msdn-subscription-for-start-up-companies/).
-
-1. Download the [Microsoft Desktop Optimization Pack 2015](https://msdn.microsoft.com/subscriptions/downloads/#ProductFamilyId=597) to the Hyper-V host using an MSDN subscription. Download the .ISO file (mu_microsoft_desktop_optimization_pack_2015_x86_x64_dvd_5975282.iso, 2.79 GB) to the C:\VHD directory on the Hyper-V host.
-
-2. Type the following command at an elevated Windows PowerShell prompt on the Hyper-V host to mount the MDOP file on SRV1:
-
-    ```
-    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\mu_microsoft_desktop_optimization_pack_2015_x86_x64_dvd_5975282.iso
-    ```
-3. Type the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    cmd /c "D:\DaRT\DaRT 10\Installers\en-us\x64\MSDaRT100.msi"
-    ```
-4. Install DaRT 10 using default settings.
-5. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    Copy-Item "C:\Program Files\Microsoft DaRT\v10\Toolsx64.cab" -Destination "C:\Program Files\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x64"
-    Copy-Item "C:\Program Files\Microsoft DaRT\v10\Toolsx86.cab" -Destination "C:\Program Files\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x86"
-    ```
-
-## Prepare for Zero Touch installation
-
-This section contains several procedures to support Zero Touch installation with System Center Configuration Manager.
-
-### Create a folder structure
-
-1. Type the following commands at a Windows PowerShell prompt on SRV1:
-
-    ```
-    New-Item -ItemType Directory -Path "C:\Sources\OSD\Boot"
-    New-Item -ItemType Directory -Path "C:\Sources\OSD\OS"
-    New-Item -ItemType Directory -Path "C:\Sources\OSD\Settings"
-    New-Item -ItemType Directory -Path "C:\Sources\OSD\Branding"
-    New-Item -ItemType Directory -Path "C:\Sources\OSD\MDT"
-    New-Item -ItemType Directory -Path "C:\Logs"
-    New-SmbShare -Name Sources$ -Path C:\Sources -ChangeAccess EVERYONE
-    New-SmbShare -Name Logs$ -Path C:\Logs -ChangeAccess EVERYONE
-    ```
-
-### Enable MDT ConfigMgr integration
-
-1. On SRV1, click **Start**, type **configmgr**, and then click **Configure ConfigMgr Integration**.
-2. Type **PS1** next to **Site code**, and then click **Next**.
-3. Verify **The process completed successfully** is displayed, and then click **Finish**.
-
-### Configure client settings
-
-1. On SRV1, click **Start**, type **configuration manager**, right-click **Configuration Manager Console**, and then click **Pin to Taskbar**.
-2. Click **Desktop**, and then launch the Configuration Manager console from the taskbar.
-3. If the console notifies you that an update is available, click **OK**. It is not necessary to install updates to complete this lab.
-4. In the console tree, open the **Administration** workspace (in the lower left corner) and click **Client Settings**.
-5. In the display pane, double-click **Default Client Settings**.
-6. Click **Computer Agent**, next to **Organization name displayed in Software Center** type **Contoso**, and then click **OK**.
-
-### Configure the network access account
-
-1. In the Administration workspace, expand **Site Configuration** and click **Sites**.
-2. On the **Home** ribbon at the top of the console window, click **Configure Site Components** and then click **Software Distribution**.
-3. On the **Network Access Account** tab, choose **Specify the account that accesses network locations**.
-4. Click the yellow starburst and then click **New Account**.
-5. Click **Browse** and then under **Enter the object name to select**, type **CM_NAA** and click **OK**.
-6. Next to **Password** and **Confirm Password**, type <strong>pass@word1</strong>, and then click **OK** twice.
-
-### Configure a boundary group
-
-1. In the Administration workspace, expand **Hierarchy Configuration**, right-click **Boundaries** and then click **Create Boundary**.
-2. Next to **Description**, type **PS1**, next to **Type** choose **Active Directory Site**, and then click **Browse**.
-3. Choose **Default-First-Site-Name** and then click **OK** twice.
-4. In the Administration workspace, right-click **Boundary Groups** and then click **Create Boundary Group**.
-5. Next to **Name**, type **PS1 Site Assignment and Content Location**, click **Add**, select the **Default-First-Site-Name** boundary and then click **OK**.
-6. On the **References** tab in the **Create Boundary Group** window select the **Use this boundary group for site assignment** checkbox.
-7. Click **Add**, select the **\\\SRV1.contoso.com** checkbox, and then click **OK** twice.
-
-### Add the state migration point role
-
-1. In the Administration workspace, expand **Site Configuration**, click **Sites**, and then in on the **Home** ribbon at the top of the console click **Add Site System Roles**.
-2. In the Add site System Roles Wizard, click **Next** twice and then on the Specify roles for this server page, select the **State migration point** checkbox.
-3. Click **Next**, click the yellow starburst, type **C:\MigData** for the **Storage folder**, and click **OK**.
-4. Click **Next**, and then verify under **Boundary groups** that **PS1 Site Assignment and Content Location** is displayed.
-5. Click **Next** twice and then click **Close**.
-
-### Enable PXE on the distribution point
-
->[!IMPORTANT]
->Before enabling PXE in Configuration Manager, ensure that any previous installation of WDS does not cause conflicts. Configuration Manager will automatically configure the WDS service to manage PXE requests. To disable a previous installation, if it exists, type the following commands at an elevated Windows PowerShell prompt on SRV1:
-
-```
-WDSUTIL /Set-Server /AnswerClients:None
-```
-
-1. Determine the MAC address of the internal network adapter on SRV1. To determine this, type the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    (Get-NetAdapter "Ethernet").MacAddress
-    ```
-    >If the internal network adapter, assigned an IP address of 192.168.0.2, is not named "Ethernet" then replace the name "Ethernet" in the previous command with the name of this network adapter. You can review the names of network adapters and the IP addresses assigned to them by typing **ipconfig**.
-
-2. In the System Center Configuration Manager console, in the **Administration** workspace, click **Distribution Points**.
-3. In the display pane, right-click **SRV1.CONTOSO.COM** and then click **Properties**.
-4. On the PXE tab, select the following settings:
-   - **Enable PXE support for clients**. Click **Yes** in the popup that appears.
-   - **Allow this distribution point to respond to incoming PXE requests**
-   - **Enable unknown computer support**. Click **OK** in the popup that appears.
-   - **Require a password when computers use PXE**
-   - **Password** and **Confirm password**: pass@word1
-   - **Respond to PXE requests on specific network interfaces**: Click the yellow starburst and then enter the MAC address determined in the first step of this procedure.
-
-     See the following example:
-
-     <img src="images/sccm-pxe.png" alt="Config Mgr PXE"/>
-
-5. Click **OK**.
-6. Wait for a minute, then type the following command at an elevated Windows PowerShell prompt on SRV1, and verify that the files displayed are present:
-
-    ```
-    cmd /c dir /b C:\RemoteInstall\SMSBoot\x64
-
-    abortpxe.com
-    bootmgfw.efi
-    bootmgr.exe
-    pxeboot.com
-    pxeboot.n12
-    wdsmgfw.efi
-    wdsnbp.com
-    ```
-    >If these files are not present in the C:\RemoteInstall directory, verify that the REMINST share is configured as C:\RemoteInstall. You can view the properties of this share by typing "net share REMINST" at a command prompt. If the share path is set to a different value, then replace C:\RemoteInstall with your REMINST share path. 
-    >You can also type the following command at an elevated Windows PowerShell prompt to open the Configuration Manager Trace Log Tool. In the tool, click **File**, click **Open**, and then open the **distmgr.log** file. If errors are present, they will be highlighted in red:
-
-    ```
-    Invoke-Item 'C:\Program Files\Microsoft Configuration Manager\tools\cmtrace.exe'
-    ```
-
-    The log file will updated continuously while Configuration Manager is running. Wait for Configuration Manager to repair any issues that are present, and periodically re-check that the files are present in the REMINST share location. Close the Configuration Manager Trace Log Tool when done. You will see the following line in distmgr.log that indicates the REMINST share is being populated with necessary files:
-
-    Running: WDSUTIL.exe /Initialize-Server /REMINST:"C:\RemoteInstall"
-
-    Once the files are present in the REMINST share location, you can close the cmtrace tool.
-
-### Create a branding image file 
-
-1. If you have a bitmap (.BMP) image for suitable use as a branding image, copy it to the C:\Sources\OSD\Branding folder on SRV1. Otherwise, use the following step to copy a simple branding image.
-2. Type the following command at an elevated Windows PowerShell prompt:
-
-    ```
-    copy "C:\ProgramData\Microsoft\User Account Pictures\user.bmp" "C:\Sources\OSD\Branding\contoso.bmp"
-    ```
-    >You can open C:\Sources\OSD\Branding\contoso.bmp in MSPaint.exe if desired to customize this image.
-
-
-### Create a boot image for Configuration Manager 
-
-1. In the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Boot Images**, and then click **Create Boot Image using MDT**.
-2. On the Package Source page, under **Package source folder to be created (UNC Path):**, type **\\\SRV1\Sources$\OSD\Boot\Zero Touch WinPE x64**, and then click **Next**.
-    - The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later.
-3. On the General Settings page, type **Zero Touch WinPE x64** next to **Name**, and click **Next**.
-4. On the Options page, under **Platform** choose **x64**, and click **Next**.
-5. On the Components page, in addition to the default selection of **Microsoft Data Access Components (MDAC/ADO) support**, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** checkbox, and click **Next**.
-6. On the Customization page, select the **Use a custom background bitmap file** checkbox, and under **UNC path**, type or browse to **\\\SRV1\Sources$\OSD\Branding\contoso.bmp**, and then click **Next** twice. It will take a few minutes to generate the boot image.
-7. Click **Finish**.
-8. In the console display pane, right-click the **Zero Touch WinPE x64** boot image, and then click **Distribute Content**.
-9. In the Distribute Content Wizard, click **Next**, click **Add** and select **Distribution Point**, select the **SRV1.CONTOSO.COM** checkbox, click **OK**, click **Next** twice, and then click **Close**.
-10. Use the CMTrace application to view the **distmgr.log** file again and verify that the boot image has been distributed. To open CMTrace, type the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    Invoke-Item 'C:\Program Files\Microsoft Configuration Manager\tools\cmtrace.exe'
-    ```
-    
-    In the trace tool, click **Tools** on the menu and choose **Find**. Search for "**STATMSG: ID=2301**". For example:
-
-    ```
-    STATMSG: ID=2301 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_DISTRIBUTION_MANAGER" SYS=SRV1.CONTOSO.COM SITE=PS1 PID=924 TID=1424 GMTDATE=Tue Oct 09 22:36:30.986 2018 ISTR0="Zero Touch WinPE x64" ISTR1="PS10000A" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=1 AID0=400 AVAL0="PS10000A"	SMS_DISTRIBUTION_MANAGER	10/9/2018 3:36:30 PM	1424 (0x0590)
-    ```
-
-11. You can also review status by clicking the **Zero Touch WinPE x64** image, and then clicking **Content Status** under **Related Objects** in the bottom right-hand corner of the console, or by entering **\Monitoring\Overview\Distribution Status\Content Status** on the location bar in the console. Double-click **Zero Touch WinPE x64** under **Content Status** in the console tree and verify that a status of **Successfully distributed content** is displayed on the **Success** tab.
-12. Next, in the **Software Library** workspace, double-click **Zero Touch WinPE x64** and then click the **Data Source** tab.
-13. Select the **Deploy this boot image from the PXE-enabled distribution point** checkbox, and click **OK**.
-14. Review the distmgr.log file again for "**STATMSG: ID=2301**" and verify that there are three folders under **C:\RemoteInstall\SMSImages** with boot images. See the following example:
-
-    ```
-    cmd /c dir /s /b C:\RemoteInstall\SMSImages
-
-    C:\RemoteInstall\SMSImages\PS100004
-    C:\RemoteInstall\SMSImages\PS100005
-    C:\RemoteInstall\SMSImages\PS100006
-    C:\RemoteInstall\SMSImages\PS100004\boot.PS100004.wim
-    C:\RemoteInstall\SMSImages\PS100005\boot.PS100005.wim
-    C:\RemoteInstall\SMSImages\PS100006\WinPE.PS100006.wim
-    ```
-
-    >The first two images (*.wim files) are default boot images. The third is the new boot image with DaRT.
-
-### Create a Windows 10 reference image
-
-If you have already completed steps in [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) then you have already created a Windows 10 reference image. In this case, skip to the next procedure in this guide: [Add a Windows 10 operating system image](#add-a-windows-10-operating-system-image). If you have not yet created a Windows 10 reference image, complete the steps in this section.
-
-1. In [Step by step guide: Deploy Windows 10 in a test lab](windows-10-poc.md) the Windows 10 Enterprise .iso file was saved to the c:\VHD directory as **c:\VHD\w10-enterprise.iso**. The first step in creating a deployment share is to mount this file on SRV1.  To mount the Windows 10 Enterprise DVD on SRV1, open an elevated Windows PowerShell prompt on the Hyper-V host computer and type the following command:
-
-    ```
-    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\w10-enterprise.iso
-    ```
-2. Verify that the Windows Enterprise installation DVD is mounted on SRV1 as drive letter D.
-
-3. The Windows 10 Enterprise installation files will be used to create a deployment share on SRV1 using the MDT deployment workbench. To open the deployment workbench, click **Start**, type **deployment**, and then click **Deployment Workbench**.
-
-4. In the Deployment Workbench console, right-click **Deployment Shares** and select **New Deployment Share**.
-
-5. Use the following settings for the New Deployment Share Wizard:
-    - Deployment share path: **C:\MDTBuildLab**<br>
-    - Share name: **MDTBuildLab$**<br>
-    - Deployment share description: **MDT build lab**<br>
-    - Options: click **Next** to accept the default<br>
-    - Summary: click **Next**<br>
-    - Progress: settings will be applied<br>
-    - Confirmation: click **Finish**
-
-6. Expand the **Deployment Shares** node, and then expand **MDT build lab**.
-
-7. Right-click the **Operating Systems** node, and then click **New Folder**. Name the new folder **Windows 10**. Complete the wizard using default values and click **Finish**.
-
-7. Right-click the **Windows 10** folder created in the previous step, and then click **Import Operating System**.
-
-8. Use the following settings for the Import Operating System Wizard: 
-    - OS Type: **Full set of source files**<br>
-    - Source: **D:\\** <br>
-    - Destination: **W10Ent_x64**<br>
-    - Summary: click **Next**
-    - Confirmation: click **Finish**
-
-9. For purposes of this test lab, we will not add applications, such as Microsoft Office, to the deployment share. For information about adding applications, see the [Add applications](deploy-windows-mdt/create-a-windows-10-reference-image.md#sec03) section of the [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md) topic in the TechNet library.
-
-10. The next step is to create a task sequence to reference the operating system that was imported. To create a task sequence, right-click the **Task Sequences** node under **MDT Build Lab** and then click **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
-    - Task sequence ID: **REFW10X64-001**<br>
-    - Task sequence name: **Windows 10 Enterprise x64 Default Image** <br>
-    - Task sequence comments: **Reference Build**<br>
-    - Template: **Standard Client Task Sequence**
-    - Select OS: click **Windows 10 Enterprise Evaluation in W10Ent_x64 install.wim**
-    - Specify Product Key: **Do not specify a product key at this time**
-    - Full Name: **Contoso**
-    - Organization: **Contoso**
-    - Internet Explorer home page: **http://www.contoso.com**
-    - Admin Password: **Do not specify an Administrator password at this time**
-    - Summary: click **Next**
-    - Confirmation: click **Finish**
-
-11. Edit the task sequence to add the Microsoft NET Framework 3.5, which is required by many applications. To edit the task sequence, double-click **Windows 10 Enterprise x64 Default Image** that was created in the previous step.
-
-12. Click the **Task Sequence** tab. Under **State Restore** click **Tatto** to highlight it, then click **Add** and choose **New Group**. A new group will be added under Tattoo.
-
-13. On the Properties tab of the group that was created in the previous step, change the Name from New Group to **Custom Tasks (Pre-Windows Update)** and then click **Apply**. To see the name change, click **Tattoo**, then click the new group again.
-
-14. Click the **Custom Tasks (Pre-Windows Update)** group again, click **Add**, point to **Roles**, and then click **Install Roles and Features**. 
-
-15. Under **Select the roles and features that should be installed**, select **.NET Framework 3.5 (includes .NET 2.0 and 3.0)** and then click **Apply**.
-
-16. Enable Windows Update in the task sequence by clicking the **Windows Update (Post-Application Installation)** step, clicking the **Options** tab, and clearing the **Disable this step** checkbox.
-    >Note: Since we are not installing applications in this test lab, there is no need to enable the Windows Update Pre-Application Installation step. However, you should enable this step if you are also installing applications.
-
-17. Click **OK** to complete editing the task sequence.
-
-18. The next step is to configure the MDT deployment share rules. To configure rules in the Deployment Workbench, right-click MDT build lab (C:\MDTBuildLab) and click **Properties**, and then click the **Rules** tab.
-
-19. Replace the default rules with the following text:
-
-    ```
-    [Settings]
-    Priority=Default
-
-    [Default]
-    _SMSTSORGNAME=Contoso
-    UserDataLocation=NONE
-    DoCapture=YES
-    OSInstall=Y
-    AdminPassword=pass@word1
-    TimeZoneName=Pacific Standard TimeZoneName
-    OSDComputername=#Left("PC-%SerialNumber%",7)#
-    JoinWorkgroup=WORKGROUP
-    HideShell=YES
-    FinishAction=SHUTDOWN
-    DoNotCreateExtraPartition=YES
-    ApplyGPOPack=NO
-    SkipAdminPassword=YES
-    SkipProductKey=YES
-    SkipComputerName=YES
-    SkipDomainMembership=YES
-    SkipUserData=YES
-    SkipLocaleSelection=YES
-    SkipTaskSequence=NO
-    SkipTimeZone=YES
-    SkipApplications=YES
-    SkipBitLocker=YES
-    SkipSummary=YES
-    SkipRoles=YES
-    SkipCapture=NO
-    SkipFinalSummary=NO
-    ```
-
-20. Click **Apply** and then click **Edit Bootstrap.ini**. Replace the contents of the Bootstrap.ini file with the following text, and save the file:
-
-    ```
-    [Settings]
-    Priority=Default
-
-    [Default]
-    DeployRoot=\\SRV1\MDTBuildLab$
-    UserDomain=CONTOSO
-    UserID=MDT_BA
-    UserPassword=pass@word1
-    SkipBDDWelcome=YES
-    ```
-
-21. Click **OK** to complete the configuration of the deployment share.
-
-22. Right-click **MDT build lab (C:\MDTBuildLab)** and then click **Update Deployment Share**.
-
-23. Accept all default values in the Update Deployment Share Wizard by clicking **Next**.  The update process will take 5 to 10 minutes. When it has completed, click **Finish**.
-
-24. Copy **c:\MDTBuildLab\Boot\LiteTouchPE_x86.iso** on SRV1 to the **c:\VHD** directory on the Hyper-V host computer. Note that in MDT, the x86 boot image can deploy both x86 and x64 operating systems, except on computers based on Unified Extensible Firmware Interface (UEFI).
-
-    >Hint: Top copy the file, right-click the **LiteTouchPE_x86.iso** file and click **Copy** on SRV1, then open the **c:\VHD** folder on the Hyper-V host, right-click inside the folder and click **Paste**. 
-
-25. Open a Windows PowerShell prompt on the Hyper-V host computer and type the following commands:
-
-    ```
-    New-VM –Name REFW10X64-001 -SwitchName poc-internal -NewVHDPath "c:\VHD\REFW10X64-001.vhdx" -NewVHDSizeBytes 60GB 
-    Set-VMMemory -VMName REFW10X64-001 -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 1024MB -Buffer 20
-    Set-VMDvdDrive -VMName REFW10X64-001 -Path c:\VHD\LiteTouchPE_x86.iso
-    Start-VM REFW10X64-001
-    vmconnect localhost REFW10X64-001
-    ```
-26. In the Windows Deployment Wizard, select **Windows 10 Enterprise x64 Default Image**, and then click **Next**.
-
-27. Accept the default values on the Capture Image page, and click **Next**. Operating system installation will complete after 5 to 10 minutes and then the VM will reboot automatically. Allow the system to boot normally (do not press a key). The process is fully automated.
-
-    Additional system restarts will occur to complete updating and preparing the operating system. Setup will complete the following procedures:
-
-    - Install the Windows 10 Enterprise operating system.
-    - Install added applications, roles, and features.
-    - Update the operating system using Windows Update (or WSUS if optionally specified).
-    - Stage Windows PE on the local disk.
-    - Run System Preparation (Sysprep) and reboot into Windows PE.
-    - Capture the installation to a Windows Imaging (WIM) file.
-    - Turn off the virtual machine.
-
-    This step requires from 30 minutes to 2 hours, depending on the speed of the Hyper-V host and your network's download speed. After some time, you will have a Windows 10 Enterprise x64 image that is fully patched and has run through Sysprep. The image is located in the C:\MDTBuildLab\Captures folder on SRV1. The file name is **REFW10X64-001.wim**. 
-
-### Add a Windows 10 operating system image
-
-1. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    New-Item -ItemType Directory -Path "C:\Sources\OSD\OS\Windows 10 Enterprise x64"
-    cmd /c copy /z "C:\MDTBuildLab\Captures\REFW10X64-001.wim" "C:\Sources\OSD\OS\Windows 10 Enterprise x64"
-    ```
-
-2. In the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Operating System Images**, and then click **Add Operating System Image**.
-
-3. On the Data Source page, under **Path:**, type or browse to **\\\SRV1\Sources$\OSD\OS\Windows 10 Enterprise x64\REFW10X64-001.wim**, and click **Next**.
-
-4. On the General page, next to **Name:**, type **Windows 10 Enterprise x64**, click **Next** twice, and then click **Close**.
-
-5. Distribute the operating system image to the SRV1 distribution point by right-clicking the **Windows 10 Enterprise x64** operating system image and then clicking **Distribute Content**.
-
-6. In the Distribute Content Wizard, click **Next**, click **Add**, click **Distribution Point**, add the **SRV1.CONTOSO.COM** distribution point, click **OK**, click **Next** twice and then click **Close**.
-
-7. Enter **\Monitoring\Overview\Distribution Status\Content Status** on the location bar (be sure there is no space at the end of the location or you will get an error), click **Windows 10 Enterprise x64**, and monitor the status of content distribution until it is successful and no longer in progress. Refresh the view with the F5 key or by right-clicking **Windows 10 Enterprise x64** and clicking **Refresh**. Processing of the image on the site server can take several minutes.
-
-    >If content distribution is not successful, verify that sufficient disk space is available.
-
-### Create a task sequence
-
->Complete this section slowly. There are a large number of similar settings from which to choose.
-
-1. In the Configuration Manager console, in the **Software Library** workspace expand **Operating Systems**, right-click **Task Sequences**, and then click **Create MDT Task Sequence**.
-
-2. On the Choose Template page, select the **Client Task Sequence** template and click **Next**.
-
-3. On the General page, type **Windows 10 Enterprise x64** under **Task sequence name:** and then click **Next**.
-
-4. On the Details page, enter the following settings:
-   - Join a domain: **contoso.com**
-   - Account: click **Set**
-     - User name: **contoso\CM_JD**
-     - Password: <strong>pass@word1</strong>
-     - Confirm password: <strong>pass@word1</strong>
-     - Click **OK**
-   - Windows Settings
-       - User name: **Contoso**
-       - Organization name: **Contoso**
-       - Product key: \<blank\>
-   - Administrator Account: **Enable the account and specify the local administrator password**
-     - Password: <strong>pass@word1</strong>
-     - Confirm password: <strong>pass@word1</strong>
-   - Click **Next**
- 
-5. On the Capture Settings page, accept the default settings and click **Next**.
-
-6. On the Boot Image page, browse and select the **Zero Touch WinPE x64** boot image package, click **OK**, and then click **Next**.
-
-7. On the MDT Package page, select **Create a new Microsoft Deployment Toolkit Files package**, under **Package source folder to be created (UNC Path):**, type **\\\SRV1\Sources$\OSD\MDT\MDT** (MDT is repeated here, not a typo), and then click **Next**.
-
-8. On the MDT Details page, next to **Name:** type **MDT** and then click **Next**.
-
-9. On the OS Image page, browse and select the **Windows 10 Enterprise x64** package, click **OK**, and then click **Next**.
-
-10. On the Deployment Method page, accept the default settings for **Zero Touch Installation** and click **Next**.
-
-11. On the Client Package page, browse and select the **Microsoft Corporation Configuration Manager Client package**, click **OK**, and then click **Next**.
-
-12. On the USMT Package page, browse and select the **Microsoft Corporation User State Migration Tool for Windows 10.0.14393.0** package, click **OK**, and then click **Next**.
-
-13. On the Settings Package page, select **Create a new settings package**, and under **Package source folder to be created (UNC Path):**, type **\\\SRV1\Sources$\OSD\Settings\Windows 10 x64 Settings**, and then click **Next**.
-
-14. On the Settings Details page, next to **Name:**, type **Windows 10 x64 Settings**, and click **Next**.
-
-15. On the Sysprep Package page, click **Next** twice.
-
-16. On the Confirmation page, click **Finish**.
-
-### Edit the task sequence
-
-1. In the Configuration Manager console, in the **Software Library** workspace, click **Task Sequences**, right-click **Windows 10 Enterprise x64**, and then click **Edit**.
-
-2. Scroll down to the **Install** group and click the **Set Variable for Drive Letter** action.
-
-3. Change the Value under **OSDPreserveDriveLetter** from **False** to **True**, and then click **Apply**.
-
-4. In the **State Restore** group, click the **Set Status 5** action, click **Add** in the upper left corner, point to **User State**, and click **Request State Store**. This adds a new action immediately after **Set Status 5**.
-
-5. Configure the **Request State Store** action that was just added with the following settings:<br>
-    - Request state storage location to: **Restore state from another computer**<br>
-    - Select the **If computer account fails to connect to state store, use the Network Access account** checkbox.<br>
-    - Options tab: Select the **Continue on error** checkbox.<br>
-    - Add Condition: **Task Sequence Variable**:<br>
-        - Variable: **USMTLOCAL** <br>
-        - Condition: **not equals**<br>
-        - Value: **True**<br>
-        - Click **OK**.<br>
-    - Click **Apply**<br>.
-
-6. In the **State Restore** group, click **Restore User State**, click **Add**, point to **User State**, and click **Release State Store**.
-
-7. Configure the **Release State Store** action that was just added with the following settings:<br>
-    - Options tab: Select the **Continue on error** checkbox.<br>
-    - Add Condition: **Task Sequence Variable**:<br>
-        - Variable: **USMTLOCAL** <br>
-        - Condition: **not equals**<br>
-        - Value: **True**<br>
-        - Click **OK**.<br>
-    - Click **OK**<br>.
-
-
-### Finalize the operating system configuration
-
->If you completed all procedures in [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) then the MDT deployment share is already present on SRV1.  In this case, skip the first four steps below and begin with step 5 to edit CustomSettings.ini.
-
-1. In the MDT deployment workbench on SRV1, right-click **Deployment Shares** and then click **New Deployment Share**.
-
-2. Use the following settings for the New Deployment Share Wizard:
-    - Deployment share path: **C:\MDTProduction**<br>
-    - Share name: **MDTProduction$**<br>
-    - Deployment share description: **MDT Production**<br>
-    - Options: click **Next** to accept the default<br>
-    - Summary: click **Next**<br>
-    - Progress: settings will be applied<br>
-    - Confirmation: click **Finish**
-
-3. Right-click the **MDT Production** deployment share, and click **Properties**. 
-
-4. Click the **Monitoring** tab, select the **Enable monitoring for this deployment share** checkbox, and then click **OK**.
-
-5. Type the following command at an elevated Windows PowerShell prompt on SRV1:
-
-    ```
-    notepad "C:\Sources\OSD\Settings\Windows 10 x64 Settings\CustomSettings.ini"
-    ```
-6. Replace the contents of the file with the following text, and then save the file:
-
-    ```
-    [Settings]
-    Priority=Default
-    Properties=OSDMigrateConfigFiles,OSDMigrateMode
-    
-    [Default]
-    DoCapture=NO
-    ComputerBackupLocation=NONE
-    OSDMigrateMode=Advanced
-    OSDMigrateAdditionalCaptureOptions=/ue:*\* /ui:CONTOSO\*
-    OSDMigrateConfigFiles=Miguser.xml,Migapp.xml
-    SLSHARE=\\SRV1\Logs$
-    EventService=http://SRV1:9800
-    ApplyGPOPack=NO
-    ```
-
-    >As noted previously, if you wish to migrate accounts other than those in the Contoso domain, then change the OSDMigrateAdditionalCaptureOptions option. For example, the following option will capture settings from all user accounts:
-
-    ```
-    OSDMigrateAdditionalCaptureOptions=/all
-    ```
-
-
-7. Return to the Configuration Manager console, and in the Software Library workspace, expand **Application Management**, click **Packages**, right-click **Windows 10 x64 Settings**, and then click **Update Distribution Points**. Click **OK** in the popup that appears.
-
-8. In the Software Library workspace, expand **Operating Systems**, click **Task Sequences**, right-click **Windows 10 Enterprise x64**, and then click **Distribute Content**.
-
-9. In the Distribute Content Wizard, click **Next** twice, click **Add**, click **Distribution Point**, select the **SRV1.CONTOSO.COM** distribution point, click **OK**, click **Next** twice and then click **Close**.
-
-10. Enter **\Monitoring\Overview\Distribution Status\Content Status\Windows 10 Enterprise x64** on the location bar, double-click **Windows 10 Enterprise x64**, and monitor the status of content distribution until it is successful and no longer in progress. Refresh the view with the F5 key or by right-clicking **Windows 10 Enterprise x64** and clicking **Refresh**.
-
-### Create a deployment for the task sequence
-
-1. In the Software Library workspace, expand **Operating Systems**, click **Task Sequences**, right-click **Windows 10 Enterprise x64**, and then click **Deploy**. 
-
-2. On the General page, next to **Collection**, click **Browse**, select the **All Unknown Computers** collection, click **OK**, and then click **Next**.
-
-3. On the Deployment Settings page, use the following settings:<br>
-    - Purpose: **Available**<br>
-    - Make available to the following: **Only media and PXE**<br>
-    - Click **Next**.<br>
-4. Click **Next** five times to accept defaults on the Scheduling, User Experience, Alerts, and Distribution Points pages.
-
-5. Click **Close**.
-
-## Deploy Windows 10 using PXE and Configuration Manager
-
-In this first deployment scenario, we will deploy Windows 10 using PXE. This scenario creates a new computer that does not have any migrated users or settings.
-
-1. Type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    ```
-    New-VM –Name "PC4" –NewVHDPath "c:\vhd\pc4.vhdx" -NewVHDSizeBytes 40GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
-    Set-VMMemory -VMName "PC4" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes 2048MB -Buffer 20
-    Start-VM PC4
-    vmconnect localhost PC4
-    ```
-
-2. Press ENTER when prompted to start the network boot service.
-
-3. In the Task Sequence Wizard, provide the password: <strong>pass@word1</strong>, and then click **Next**.
-
-4. Before you click **Next** in the Task Sequence Wizard, press the **F8** key. A command prompt will open.
-
-5. At the command prompt, type **explorer.exe** and review the Windows PE file structure. 
-
-6. The smsts.log file is critical for troubleshooting any installation problems that might be encountered. Depending on the deployment phase, the smsts.log file is created in different locations:
-   - X:\windows\temp\SMSTSLog\smsts.log before disks are formatted.
-   - x:\smstslog\smsts.log after disks are formatted.
-   - c:\_SMSTaskSequence\Logs\Smstslog\smsts.log before the System Center Configuration Manager client is installed.
-   - c:\windows\ccm\logs\Smstslog\smsts.log after the System Center Configuration Manager client is installed.
-   - c:\windows\ccm\logs\smsts.log when the task sequence is complete.
-
-     Note: If a reboot is pending on the client, the reboot will be blocked as long as the command window is open.
-
-7. In the explorer window, click **Tools** and then click **Map Network Drive**.
-
-8. Do not map a network drive at this time. If you need to save the smsts.log file, you can use this method to save the file to a location on SRV1.
-
-9. Close the Map Network Drive window, the Explorer window, and the command prompt.
-
-10. The **Windows 10 Enterprise x64** task sequence is selected in the Task Sequenc Wizard. Click **Next** to continue with the deployment.
-
-11. The task sequence will require several minutes to complete. You can monitor progress of the task sequence using the MDT Deployment Workbench under Deployment Shares > MDTProduction > Monitoring. The task sequence will:
-    - Install Windows 10
-    - Install the Configuration Manager client and hotfix
-    - Join the computer to the contoso.com domain
-    - Install any applications that were specified in the reference image
-
-
-12. When Windows 10 installation has completed, sign in to PC4 using the **contoso\administrator** account.
-
-13. Right-click **Start**, click **Run**, type **control appwiz.cpl**, press ENTER, click **Turn Windows features on or off**, and verify that **.NET Framework 3.5 (includes .NET 2.0 and 3.0)** is installed. This is a feature included in the reference image.
-
-14. Shut down the PC4 VM.
-
->Note: The following two procedures 1) Replace a client with Windows 10 and 2) Refresh a client with Windows 10 have been exchanged in their order in this guide compared to the previous version. This is to avoid having to restore Hyper-V checkpoints to have access to PC1 before the OS is upgraded. If this is your first time going through this guide, you won't notice any change, but if you have tried the guide previously then this change should make it simpler to complete.
-
-## Replace a client with Windows 10 using Configuration Manager
-
->Before starting this section, you can delete computer objects from Active Directory that were created as part of previous deployment procedures. Use the Active Directory Users and Computers console on DC1 to remove stale entries under contoso.com\Computers, but do not delete the computer account (hostname) for PC1. There should be at least two computer accounts present in the contoso.com\Computers container: one for SRV1, and one for the hostname of PC1. It is not required to delete the stale entries, this is only done to remove clutter.
-
-![contoso.com\Computers](images/poc-computers.png)
-
-In the replace procedure, PC1 will not be migrated to a new operating system. It is simplest to perform this procedure before performing the refresh procedure. After refreshing PC1, the operating system will be new. The next (replace) procedure does not install a new operating system on PC1 but rather performs a side-by-side migration of PC1 and another computer (PC4), to copy users and settings from PC1 to the new computer.
-
-### Create a replace task sequence
-
-1. On SRV1, in the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and then click **Create MDT Task Sequence**.
-
-2. On the Choose Template page, select **Client Replace Task Sequence** and click **Next**.
-
-3. On the General page, type the following:
-    - Task sequence name: **Replace Task Sequence**
-    - Task sequence comments: **USMT backup only**
-
-4. Click **Next**, and on the Boot Image page, browse and select the **Zero Touch WinPE x64** boot image package. Click **OK** and then click **Next** to continue.
-5. On the MDT Package page, browse and select the **MDT** package. Click **OK** and then click **Next** to continue.
-6. On the USMT Package page, browse and select the **Microsoft Corporation User State Migration Tool for Windows** package. Click **OK** and then click **Next** to continue.
-7. On the Settings Package page, browse and select the **Windows 10 x64 Settings** package. Click **OK** and then click **Next** to continue.
-8. On the Summary page, review the details and then click **Next**.
-9. On the Confirmation page, click **Finish**.
-
->If an error is displayed at this stage it can be caused by a corrupt MDT integration. To repair it, close the Configuration Manager console, remove MDT integration, and then restore MDT integration.
-
-### Deploy PC4
-
-Create a VM named PC4 to receive the applications and settings from PC1. This VM represents a new computer that will replace PC1. To create this VM, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-```
-New-VM –Name "PC4" –NewVHDPath "c:\vhd\pc4.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
-Set-VMMemory -VMName "PC4" -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 2048MB -Buffer 20
-Set-VMNetworkAdapter -VMName PC4 -StaticMacAddress 00-15-5D-83-26-FF
-```
-
->Hyper-V enables us to define a static MAC address on PC4. In a real-world scenario you must determine the MAC address of the new computer.
-
-### Install the Configuration Manager client on PC1
-
-1. Verify that the PC1 VM is running and in its original state, which was saved as a checkpoint and then restored in [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md).
-
-2. If a PC1 checkpoint has not already been saved, then save a checkpoint by typing the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    ```
-    Checkpoint-VM -Name PC1 -SnapshotName BeginState
-    ```
-
-3. On SRV1, in the Configuration Manager console, in the Administration workspace, expand **Hierarchy Configuration** and click on **Discovery Methods**.
-4. Double-click **Active Directory System Discovery** and on the **General** tab select the **Enable Active Directory System Discovery** checkbox.
-5. Click the yellow starburst, click **Browse**, select **contoso\Computers**, and then click **OK** three times.
-6. When a popup dialog box asks if you want to run full discovery, click **Yes**. 
-7. In the Assets and Compliance workspace, click **Devices** and verify that the computer account names for SRV1 and PC1 are displayed. See the following example (GREGLIN-PC1 is the computer account name of PC1 in this example):
-
-    ![assets](images/sccm-assets.png)
-
-    >If you do not see the computer account for PC1, try clicking the **Refresh** button in the upper right corner of the console.
-    
-    The **Client** column indicates that the Configuration Manager client is not currently installed. This procedure will be carried out next.
-
-8. Sign in to PC1 using the contoso\administrator account and type the following at an elevated command prompt to remove any pre-existing client configuration, if it exists. Note: this command requires an elevated command prompt not an elevated Windows PowerShell prompt:
-
-    ```
-    sc stop ccmsetup
-    "\\SRV1\c$\Program Files\Microsoft Configuration Manager\Client\CCMSetup.exe" /Uninstall
-    ```
-    >If PC1 still has Configuration Manager registry settings that were applied by Group Policy, startup scripts, or other policies in its previous domain, these might not all be removed by CCMSetup /Uninstall and can cause problems with installation or registration of the client in its new environment. It might be necessary to manually remove these settings if they are present. For more information, see [Manual removal of the SCCM client](https://blogs.technet.microsoft.com/michaelgriswold/2013/01/02/manual-removal-of-the-sccm-client/).
-
-9. On PC1, temporarily stop Windows Update from queuing items for download and clear all BITS jobs from the queue:
-
-    ```
-    net stop wuauserv
-    net stop BITS
-    ```
-
-    Verify that both services were stopped successfully, then type the following at an elevated command prompt:
-
-    ```
-    del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
-    net start BITS
-    bitsadmin /list /allusers
-    ```
-
-    Verify that BITSAdmin displays 0 jobs. 
-
-10. To install the Configuration Manager client as a standalone process, type the following at an elevated command prompt:
-
-    ```
-    "\\SRV1\c$\Program Files\Microsoft Configuration Manager\Client\CCMSetup.exe" /mp:SRV1.contoso.com /logon SMSSITECODE=PS1
-    ```
-11. On PC1, using file explorer, open the **C:\Windows\ccmsetup** directory. During client installation, files will be downloaded here. 
-12. Installation progress will be captured in the file: **c:\windows\ccmsetup\logs\ccmsetup.log**. You can periodically open this file in notepad, or you can type the following command at an elevated Windows PowerShell prompt to monitor installation progress:
-
-    ```
-    Get-Content -Path c:\windows\ccmsetup\logs\ccmsetup.log -Wait
-    ```
-    
-    Installation might require several minutes, and display of the log file will appear to hang while some applications are installed. This is normal. When setup is complete, verify that **CcmSetup is existing with return code 0** is displayed on the last line of the ccmsetup.log file and then press **CTRL-C** to break out of the Get-Content operation (if you are viewing the log in Windows PowerShell the last line will be wrapped). A return code of 0 indicates that installation was successful and you should now see a directory created at **C:\Windows\CCM** that contains files used in registration of the client with its site.
-
-13. On PC1, open the Configuration Manager control panel applet by typing the following command:
-
-    ```
-    control smscfgrc
-    ```
-
-14. Click the **Site** tab, click **Configure Settings**, and click **Find Site**. The client will report that it has found the PS1 site. See the following example:
-
-    ![site](images/sccm-site.png)
-
-    If the client is not able to find the PS1 site, review any error messages that are displayed in **C:\Windows\CCM\Logs\ClientIDManagerStartup.log** and **LocationServices.log**. A common reason the site code is not located is because a previous configuration exists. For example, if a previous site code is configured at **HKLM\SOFTWARE\Microsoft\SMS\Mobile Client\GPRequestedSiteAssignmentCode** this must be deleted or updated.
-
-15. On SRV1, in the Assets and Compliance workspace, click **Device Collections** and then double-click **All Desktop and Server Clients**. This node will be added under **Devices**.
-
-16. Click **All Desktop and Server Clients** and verify that the computer account for PC1 is displayed here with **Yes** and **Active** in the **Client** and **Client Activity** columns, respectively. You might have to refresh the view and wait few minutes for the client to appear here.  See the following example:
-
-    ![client](images/sccm-client.png)
-
-    >It might take several minutes for the client to fully register with the site and complete a client check. When it is complete you will see a green check mark over the client icon as shown above. To refresh the client, click it and then press **F5** or right-click the client and click **Refresh**.
-
-### Create a device collection and deployment
-
-1. On SRV1, in the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections** and then click **Create Device Collection**.
-
-2. Use the following settings in the **Create Device Collection Wizard**:
-    - General > Name: **Install Windows 10 Enterprise x64**<br>
-    - General > Limiting collection: **All Systems**<br>
-    - Membership Rules > Add Rule: **Direct Rule**<br>
-    - The **Create Direct Membership Rule Wizard** opens, click **Next**<br>
-    - Search for Resources > Resource class: **System Resource**<br>
-    - Search for Resources > Attribute name: **Name**<br>
-    - Search for Resources > Value: **%**<br>
-    - Select Resources > Value: Select the computername associated with the PC1 VM<br>
-    - Click **Next** twice and then click **Close** in both windows (Next, Next, Close, then Next, Next, Close)
-
-3. Double-click the Install Windows 10 Enterprise x64 device collection and verify that the PC1 computer account is displayed.
-
-4. In the Software Library workspace, expand **Operating Systems**, click **Task Sequences**, right-click **Windows 10 Enterprise x64** and then click **Deploy**.
-
-5. Use the following settings in the Deploy Software wizard:
-    - General > Collection: Click Browse and select **Install Windows 10 Enterprise x64**<br>
-    - Deployment Settings > Purpose: **Available**<br>
-    - Deployment Settings > Make available to the following: **Configuration Manager clients, media and PXE**<br>
-    - Scheduling > Click **Next**<br>
-    - User Experience > Click **Next**<br>
-    - Alerts > Click **Next**<br>
-    - Distribution Points > Click **Next**<br>
-    - Summary > Click **Next**<br>
-    - Verify that the wizard completed successfully and then click **Close**
-
-
-### Associate PC4 with PC1
-
-1. On SRV1 in the Configuration Manager console, in the Assets and Compliance workspace, right-click **Devices** and then click **Import Computer Information**.
-
-2. On the Select Source page, choose **Import single computer** and click **Next**.
-
-3. On the Single Computer page, use the following settings:
-    - Computer Name: **PC4**
-    - MAC Address: **00:15:5D:83:26:FF**
-    - Source Computer: \<type the hostname of PC1, or click **Search** twice, click the hostname, and click **OK**\>
-
-4. Click **Next**, and on the User Accounts page choose **Capture and restore specified user accounts**, then click the yellow starburst next to **User accounts to migrate**.
-
-5. Click **Browse** and then under Enter the object name to select type **user1** and click OK twice.
-
-6. Click the yellow starburst again and repeat the previous step to add the **contoso\administrator** account.
-
-7. Click **Next** twice, and on the Choose Target Collection page, choose **Add computers to the following collection**, click **Browse**, choose **Install Windows 10 Enterprise x64**, click **OK**, click **Next** twice, and then click **Close**.
-
-8. In the Assets and Compliance workspace, click **User State Migration** and review the computer association in the display pane. The source computer will be the computername of PC1 (GREGLIN-PC1 in this example), the destination computer will be **PC4**, and the migration type will be **side-by-side**.
-
-9. Right-click the association in the display pane and then click **Specify User Accounts**. You can add or remove user account here. Click **OK**.
-
-10. Right-click the association in the display pane and then click **View Recovery Information**. Note that a recovery key has been assigned, but a user state store location has not. Click **Close**.
-
-11. Click **Device Collections** and then double-click **Install Windows 10 Enterprise x64**. Verify that **PC4** is displayed in the collection. You might have to update and refresh the collection, or wait a few minutes, but do not proceed until PC4 is available. See the following example:
-
-    ![collection](images/sccm-collection.png)
-
-### Create a device collection for PC1
-
-1. On SRV1, in the Configuration Manager console, in the Assets and Compliance workspace, right-click **Device Collections** and then click **Create Device Collection**.
-
-2. Use the following settings in the **Create Device Collection Wizard**:
-    - General > Name: **USMT Backup (Replace)**<br>
-    - General > Limiting collection: **All Systems**<br>
-    - Membership Rules > Add Rule: **Direct Rule**<br>
-    - The **Create Direct Membership Rule Wizard** opens, click **Next**<br>
-    - Search for Resources > Resource class: **System Resource**<br>
-    - Search for Resources > Attribute name: **Name**<br>
-    - Search for Resources > Value: **%**<br>
-    - Select Resources > Value: Select the computername associated with the PC1 VM (GREGLIN-PC1 in this example).<br>
-    - Click **Next** twice and then click **Close** in both windows.
-
-3. Click **Device Collections** and then double-click **USMT Backup (Replace)**. Verify that the computer name/hostname associated with PC1 is displayed in the collection. Do not proceed until this name is displayed.  
-
-### Create a new deployment
-
-In the Configuration Manager console, in the Software Library workspace under Operating Systems, click **Task Sequences**, right-click **Replace Task Sequence**, click **Deploy**, and use the following settings:
-- General > Collection: **USMT Backup (Replace)**<br>
-- Deployment Settings > Purpose: **Available**<br>
-- Deployment Settings > Make available to the following: **Only Configuration Manager Clients**<br>
-- Scheduling: Click **Next**<br>
-- User Experience: Click **Next**<br>
-- Alerts: Click **Next**<br>
-- Distribution Points: Click **Next**<br>
-- Click **Next** and then click **Close**.
-
-### Verify the backup
-
-1. On PC1, open the Configuration Manager control panel applet by typing the following command:
-
-    ```
-    control smscfgrc
-    ```
-2. On the **Actions** tab, click **Machine Policy Retrieval & Evaluation Cycle**, click **Run Now**, click **OK**, and then click **OK** again. This is one method that can be used to run a task sequence in addition to the Client Notification method that will be demonstrated in the computer refresh procedure.
-
-3. Type the following at an elevated command prompt to open the Software Center:
-
-    ```
-    C:\Windows\CCM\SCClient.exe
-    ```
-
-4. In the Software Center , click **Available Software** and then select the **Replace Task Sequence** checkbox. See the following example:
-
-    ![software](images/sccm-software-cntr.png)
-
-    >If you do not see any available software, try running step #2 again to start the Machine Policy Retrieval & Evaluation Cycle. You should see an alert that new software is available.
-
-5. Click **INSTALL SELECTED** and then click **INSTALL OPERATING SYSTEM**.
-6. Allow the **Replace Task Sequence** to complete, then verify that the C:\MigData folder on SRV1 contains the USMT backup.
-
-### Deploy the new computer
-
-1. Start PC4 and press ENTER for a network boot when prompted. To start PC4, type the following commands at an elevated Windows Powershell prompt on the Hyper-V host:
-
-    ```
-    Start-VM PC4
-    vmconnect localhost PC4
-    ```
-2. In the **Welcome to the Task Sequence Wizard**, enter <strong>pass@word1</strong> and click **Next**.
-3. Choose the **Windows 10 Enterprise X64** image.
-4. Setup will install the operating system using the Windows 10 Enterprise x64 reference image, install the configuration manager client, join PC4 to the domain, and restore users and settings from PC1.
-5. Save checkpoints for all VMs if you wish to review their status at a later date. This is not required (checkpoints do take up space on the Hyper-V host). Note: the next procedure will install a new OS on PC1 update its status in Configuration Manager and in Active Directory as a Windows 10 device, so you cannot return to a previous checkpoint only on the PC1 VM without a conflict. Therefore, if you do create a checkpoint, you should do this for all VMs.
-
-    To save a checkpoint for all VMs, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    ```
-    Checkpoint-VM -Name DC1 -SnapshotName cm-refresh
-    Checkpoint-VM -Name SRV1 -SnapshotName cm-refresh
-    Checkpoint-VM -Name PC1 -SnapshotName cm-refresh
-    ```
-
-## Refresh a client with Windows 10 using Configuration Manager
-
-
-### Initiate the computer refresh
-
-1. On SRV1, in the Assets and Compliance workspace, click **Device Collections** and then double-click **Install Windows 10 Enterprise x64**.
-2. Right-click the computer account for PC1, point to **Client Notification**, click **Download Computer Policy**, and click **OK** in the popup dialog box.
-3. On PC1, in the notification area, click **New software is available** and then click **Open Software Center**.
-4. In the Software Center, click **Operating Systems**, click **Windows 10 Enterprise x64**, click **Install** and then click **INSTALL OPERATING SYSTEM**. See the following example:
-
-    ![installOS](images/sccm-install-os.png)
-
-    The computer will restart several times during the installation process. Installation includes downloading updates, reinstalling the Configuration Manager Client Agent, and restoring the user state. You can view status of the installation in the Configuration Manager console by accessing the Monitoring workspace, clicking **Deployments**, and then double-clicking the deployment associated with the **Install Windows 10 Enterprise x64** collection. Under **Asset Details**, right-click the device and then click **More Details**. Click the **Status** tab to see a list of tasks that have been performed.  See the following example:
-
-    ![asset](images/sccm-asset.png)   
-    
-    You can also monitor progress of the installation by using the MDT deployment workbench and viewing the **Monitoring** node under **Deployment Shares\MDT Production**. 
-    
-    When installation has completed, sign in using the contoso\administrator account or the contoso\user1 account and verify that applications and settings have been successfully backed up and restored to your new Windows 10 Enterprise operating system.
-
-    ![post-refresh](images/sccm-post-refresh.png) 
-
-
-
-## Related Topics
-
-[System Center 2012 Configuration Manager Survival Guide](https://social.technet.microsoft.com/wiki/contents/articles/7075.system-center-2012-configuration-manager-survival-guide.aspx#Step-by-Step_Guides)
-
- 
-
-
-
-
-
+---
+title: Step by step - Deploy Windows 10 using Microsoft Endpoint Configuration Manager
+description: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+keywords: deployment, automate, tools, configure, sccm
+ms.localizationpriority: medium
+ms.date: 10/11/2017
+ms.reviewer: 
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager
+
+**Applies to**
+
+-   Windows 10
+
+**Important**: This guide leverages the proof of concept (PoC) environment, and some settings that are configured in the following guides:
+- [Step by step guide: Deploy Windows 10 in a test lab](windows-10-poc.md)
+- [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md)
+
+Please complete all steps in these guides before attempting the procedures in this guide. If you wish to skip the Windows 10 deployment procedures in the MDT guide and move directly to this guide, you must at least install MDT and the Windows ADK before performing procedures in this guide. All steps in the first guide are required before attempting the procedures in this guide.
+
+The PoC environment is a virtual network running on Hyper-V with three virtual machines (VMs):
+- **DC1**: A contoso.com domain controller, DNS server, and DHCP server.
+- **SRV1**: A dual-homed contoso.com domain member server, DNS server, and default gateway providing NAT service for the PoC network.
+- **PC1**: A contoso.com member computer running Windows 7, Windows 8, or Windows 8.1 that has been cloned from a physical computer on your corporate network for testing purposes.
+This guide leverages the Hyper-V server role to perform procedures. If you do not complete all steps in a single session, consider using [checkpoints](https://technet.microsoft.com/library/dn818483.aspx) and [saved states](https://technet.microsoft.com/library/ee247418.aspx) to pause, resume, or restart your work.
+
+>Multiple features and services are installed on SRV1 in this guide. This is not a typical installation, and is only done to set up a lab environment with a bare minimum of resources. However, if less than 4 GB of RAM is allocated to SRV1 in the Hyper-V console, some procedures will be extremely slow to complete. If resources are limited on the Hyper-V host, consider reducing RAM allocation on DC1 and PC1, and then increasing the RAM allocation on SRV1. You can adjust RAM allocation for a VM by right-clicking the VM in the Hyper-V Manager console, clicking **Settings**, clicking **Memory**, and modifying the value next to **Maximum RAM**.
+
+## In this guide
+
+This guide provides end-to-end instructions to install and configure Microsoft Endpoint Configuration Manager, and use it to deploy a Windows 10 image. Depending on the speed of your Hyper-V host, the procedures in this guide will require 6-10 hours to complete.
+
+Topics and procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
+
+<br>
+
+<div style='font-size:9.0pt'>
+<table border="1" cellspacing="0" cellpadding="0">
+<tr><td BGCOLOR="#a0e4fa"><b>Topic</b><td BGCOLOR="#a0e4fa"><b>Description</b><td BGCOLOR="#a0e4fa"><b>Time</b>
+
+<tr><td><a href="#install-prerequisites" data-raw-source="[Install prerequisites](#install-prerequisites)">Install prerequisites</a><td>Install prerequisite Windows Server roles and features, download, install and configure SQL Server, configure firewall rules, and install the Windows ADK.<td>60 minutes
+<tr><td><a href="#install-system-center-configuration-manager" data-raw-source="[Install Microsoft Endpoint Configuration Manager](#install-system-center-configuration-manager)">Install Microsoft Endpoint Configuration Manager</a><td>Download Microsoft Endpoint Configuration Manager, configure prerequisites, and install the package.<td>45 minutes
+<tr><td><a href="#download-mdop-and-install-dart" data-raw-source="[Download MDOP and install DaRT](#download-mdop-and-install-dart)">Download MDOP and install DaRT</a><td>Download the Microsoft Desktop Optimization Pack 2015 and install DaRT 10.<td>15 minutes
+<tr><td><a href="#prepare-for-zero-touch-installation" data-raw-source="[Prepare for Zero Touch installation](#prepare-for-zero-touch-installation)">Prepare for Zero Touch installation</a><td>Prerequisite procedures to support Zero Touch installation.<td>60 minutes
+<tr><td><a href="#create-a-boot-image-for-configuration-manager" data-raw-source="[Create a boot image for Configuration Manager](#create-a-boot-image-for-configuration-manager)">Create a boot image for Configuration Manager</a><td>Use the MDT wizard to create the boot image in Configuration Manager.<td>20 minutes
+<tr><td><a href="#create-a-windows-10-reference-image" data-raw-source="[Create a Windows 10 reference image](#create-a-windows-10-reference-image)">Create a Windows 10 reference image</a><td>This procedure can be skipped if it was done previously, otherwise instructions are provided to create a reference image.<td>0-60 minutes
+<tr><td><a href="#add-a-windows-10-operating-system-image" data-raw-source="[Add a Windows 10 operating system image](#add-a-windows-10-operating-system-image)">Add a Windows 10 operating system image</a><td>Add a Windows 10 operating system image and distribute it.<td>10 minutes<tr><td><a href="#create-a-task-sequence" data-raw-source="[Create a task sequence](#create-a-task-sequence)">Create a task sequence</a><td>Create a Configuration Manager task sequence with MDT integration using the MDT wizard<td>15 minutes
+<tr><td><a href="#finalize-the-operating-system-configuration" data-raw-source="[Finalize the operating system configuration](#finalize-the-operating-system-configuration)">Finalize the operating system configuration</a><td>Enable monitoring, configure rules, and distribute content.<td>30 minutes
+<tr><td><a href="#deploy-windows-10-using-pxe-and-configuration-manager" data-raw-source="[Deploy Windows 10 using PXE and Configuration Manager](#deploy-windows-10-using-pxe-and-configuration-manager)">Deploy Windows 10 using PXE and Configuration Manager</a><td>Deploy Windows 10 using Configuration Manager deployment packages and task sequences.<td>60 minutes
+<tr><td><a href="#replace-a-client-with-windows-10-using-configuration-manager" data-raw-source="[Replace a client with Windows 10 using Configuration Manager](#replace-a-client-with-windows-10-using-configuration-manager)">Replace a client with Windows 10 using Configuration Manager</a><td>Replace a client computer with Windows 10 using Configuration Manager.<td>90 minutes
+<tr><td><a href="#refresh-a-client-with-windows-10-using-configuration-manager" data-raw-source="[Refresh a client with Windows 10 using Configuration Manager](#refresh-a-client-with-windows-10-using-configuration-manager)">Refresh a client with Windows 10 using Configuration Manager</a><td>Use a task sequence to refresh a client with Windows 10 using Configuration Manager and MDT<td>90 minutes
+
+</table>
+
+</div>
+
+## Install prerequisites
+1. Before installing Microsoft Endpoint Configuration Manager, we must install prerequisite services and features. Type the following command at an elevated Windows PowerShell prompt on SRV1: 
+
+    ```
+    Install-WindowsFeature Web-Windows-Auth,Web-ISAPI-Ext,Web-Metabase,Web-WMI,BITS,RDC,NET-Framework-Features,Web-Asp-Net,Web-Asp-Net45,NET-HTTP-Activation,NET-Non-HTTP-Activ
+    ```
+
+    >If the request to add features fails, retry the installation by typing the command again.
+
+2. Download [SQL Server 2014 SP2](https://www.microsoft.com/evalcenter/evaluate-sql-server-2014-sp2) from the Microsoft Evaluation Center as an .ISO file on the Hyper-V host computer. Save the file to the **C:\VHD** directory.
+3. When you have downloaded the file **SQLServer2014SP2-FullSlipstream-x64-ENU.iso** and placed it in the C:\VHD directory, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host: 
+
+    ```
+    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\SQLServer2014SP2-FullSlipstream-x64-ENU.iso
+    ```
+
+    This command mounts the .ISO file to drive D on SRV1.
+
+4. Type the following command at an elevated Windows PowerShell prompt on SRV1 to install SQL Server:
+
+    ```
+    D:\setup.exe /q /ACTION=Install /ERRORREPORTING="False" /FEATURES=SQLENGINE,RS,IS,SSMS,TOOLS,ADV_SSMS,CONN /INSTANCENAME=MSSQLSERVER /INSTANCEDIR="C:\Program Files\Microsoft SQL Server" /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /SQLSVCSTARTUPTYPE=Automatic /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCSTARTUPTYPE=Automatic /RSSVCACCOUNT="NT AUTHORITY\System" /RSSVCSTARTUPTYPE=Automatic /ISSVCACCOUNT="NT AUTHORITY\System" /ISSVCSTARTUPTYPE=Disabled /ASCOLLATION="Latin1_General_CI_AS" /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS" /TCPENABLED="1" /NPENABLED="1" /IAcceptSQLServerLicenseTerms
+    ```
+    Installation will take several minutes. When installation is complete, the following output will be displayed:
+
+    ```
+    Microsoft (R) SQL Server 2014 12.00.5000.00
+    Copyright (c) Microsoft Corporation.  All rights reserved.
+    
+    Microsoft (R) .NET Framework CasPol 2.0.50727.7905
+    Copyright (c) Microsoft Corporation.  All rights reserved.
+    
+    Success
+    Microsoft (R) .NET Framework CasPol 2.0.50727.7905
+    Copyright (c) Microsoft Corporation.  All rights reserved.
+    
+    Success
+    One or more affected files have operations pending.
+    You should restart your computer to complete this process.
+    PS C:\>
+    ```
+5. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    New-NetFirewallRule -DisplayName “SQL Server” -Direction Inbound –Protocol TCP –LocalPort 1433 -Action allow
+    New-NetFirewallRule -DisplayName “SQL Admin Connection” -Direction Inbound –Protocol TCP –LocalPort 1434 -Action allow
+    New-NetFirewallRule -DisplayName “SQL Database Management” -Direction Inbound –Protocol UDP –LocalPort 1434 -Action allow
+    New-NetFirewallRule -DisplayName “SQL Service Broker” -Direction Inbound –Protocol TCP –LocalPort 4022 -Action allow
+    New-NetFirewallRule -DisplayName “SQL Debugger/RPC” -Direction Inbound –Protocol TCP –LocalPort 135 -Action allow
+    ```
+
+7. Download and install the latest [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) on SRV1 using the default installation settings. The current version is the ADK for Windows 10, version 1703. Installation might require several minutes to acquire all components.   
+
+## Install Microsoft Endpoint Configuration Manager
+
+1. On SRV1, temporarily disable IE Enhanced Security Configuration for Administrators by typing the following commands at an elevated Windows PowerShell prompt:
+
+    ```
+    $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
+    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0
+    Stop-Process -Name Explorer
+    ```
+
+2. Download [Microsoft Endpoint Configuration Manager and Endpoint Protection](https://www.microsoft.com/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection) on SRV1 (download the executable file anywhere on SRV1), double-click the file, enter **C:\configmgr** for **Unzip to folder**, and click **Unzip**. The C:\configmgr directory will be automatically created. Click **OK** and then close the **WinZip Self-Extractor** dialog box when finished.
+
+3. Before starting the installation, verify that WMI is working on SRV1. See the following examples. Verify that **Running** is displayed under **Status** and **True** is displayed next to **TcpTestSucceeded**:
+
+    ```
+    Get-Service Winmgmt
+
+    Status   Name               DisplayName
+    ------   ----               -----------
+    Running  Winmgmt            Windows Management Instrumentation
+
+    Test-NetConnection -ComputerName 192.168.0.2 -Port 135 -InformationLevel Detailed
+
+    ComputerName             : 192.168.0.2
+    RemoteAddress            : 192.168.0.2
+    RemotePort               : 135
+    AllNameResolutionResults :
+    MatchingIPsecRules       :
+    NetworkIsolationContext  : Internet
+    InterfaceAlias           : Ethernet
+    SourceAddress            : 192.168.0.2
+    NetRoute (NextHop)       : 0.0.0.0
+    PingSucceeded            : True
+    PingReplyDetails (RTT)   : 0 ms
+    TcpTestSucceeded         : True
+    ```
+    You can also verify WMI using the WMI console by typing **wmimgmt.msc**, right-clicking **WMI Control (Local)** in the console tree, and then clicking **Properties**.
+
+    If the WMI service is not started, attempt to start it or reboot the computer.  If WMI is running but errors are present, see [WMIDiag](https://blogs.technet.microsoft.com/askperf/2015/05/12/wmidiag-2-2-is-here/) for troubleshooting information.
+
+4. To extend the Active Directory schema, type the following command at an elevated Windows PowerShell prompt:
+
+    ```
+    cmd /c C:\configmgr\SMSSETUP\BIN\X64\extadsch.exe
+    ```
+
+5. Temporarily switch to the DC1 VM, and type the following command at an elevated command prompt on DC1:
+
+    ```
+    adsiedit.msc
+    ```
+
+6. Right-click **ADSI Edit**, click **Connect to**, select **Default (Domain or server that you logged in to)** under **Computer** and then click **OK**.
+7. Expand **Default naming context**>**DC=contoso,DC=com**, and then in the console tree right-click **CN=System**, point to **New**, and then click **Object**.
+8. Click **container** and then click **Next**.
+9. Next to **Value**, type **System Management**, click **Next**, and then click **Finish**.
+10. Right-click **CN=system Management** and then click **Properties**.
+11. On the **Security** tab, click **Add**, click **Object Types**, select **Computers**, and click **OK**.
+12. Under **Enter the object names to select**, type **SRV1** and click **OK**.
+13. The **SRV1** computer account will be highlighted, select **Allow** next to **Full control**.
+14. Click **Advanced**, click **SRV1 (CONTOSO\SRV1$)** and click **Edit**.
+15. Next to **Applies to**, choose **This object and all descendant objects**, and then click **OK** three times.
+16. Close the ADSI Edit console and switch back to SRV1.
+17. To start Configuration Manager installation, type the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    cmd /c C:\configmgr\SMSSETUP\BIN\X64\Setup.exe
+    ```
+18. Provide the following in the Microsoft Endpoint Configuration Manager Setup Wizard:
+    - **Before You Begin**: Read the text and click *Next*.
+    - **Getting Started**: Choose **Install a Configuration Manager primary site** and select the **Use typical installation options for a stand-alone primary site** checkbox.
+        - Click **Yes** in response to the popup window.
+    - **Product Key**: Choose **Install the evaluation edition of this Product**.
+    - **Microsoft Software License Terms**: Read the terms and then select the **I accept these license terms** checkbox.
+    - **Prerequisite Licenses**: Review license terms and select all three checkboxes on the page.
+    - **Prerequisite Downloads**: Choose **Download required files** and enter **c:\windows\temp** next to **Path**. 
+    - **Site and Installation Settings**: Site code: **PS1**, Site name: **Contoso**.
+        - use default settings for all other options
+    - **Usage Data**: Read the text and click **Next**.
+    - **Service Connection Point Setup**: Accept the default settings (SRV1.contoso.com is automatically added under Select a server to use).
+    - **Settings Summary**: Review settings and click **Next**.
+    - **Prerequisite Check**: No failures should be listed. Ignore any warnings and click **Begin Install**.
+
+    >There should be at most three warnings present: WSUS on site server, configuration for SQL Server memory usage, and SQL Server process memory allocation. These warnings can safely be ignored in this test environment.
+
+    Depending on the speed of the Hyper-V host and resources allocated to SRV1, installation can require approximately one hour. Click **Close** when installation is complete. 
+
+19. If desired, re-enable IE Enhanced Security Configuration at this time on SRV1:
+
+    ```
+    Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 1
+    Stop-Process -Name Explorer
+    ```
+
+## Download MDOP and install DaRT
+
+>[!IMPORTANT]
+>This step requires an MSDN subscription or volume licence agreement. For more information, see [Ready for Windows 10: MDOP 2015 and more tools are now available](https://blogs.technet.microsoft.com/windowsitpro/2015/08/17/ready-for-windows-10-mdop-2015-and-more-tools-are-now-available/).
+>If your organization qualifies and does not already have an MSDN subscription, you can obtain a [free MSDN subscription with BizSpark](https://blogs.msdn.microsoft.com/zainnab/2011/03/14/bizspark-free-msdn-subscription-for-start-up-companies/).
+
+1. Download the [Microsoft Desktop Optimization Pack 2015](https://msdn.microsoft.com/subscriptions/downloads/#ProductFamilyId=597) to the Hyper-V host using an MSDN subscription. Download the .ISO file (mu_microsoft_desktop_optimization_pack_2015_x86_x64_dvd_5975282.iso, 2.79 GB) to the C:\VHD directory on the Hyper-V host.
+
+2. Type the following command at an elevated Windows PowerShell prompt on the Hyper-V host to mount the MDOP file on SRV1:
+
+    ```
+    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\mu_microsoft_desktop_optimization_pack_2015_x86_x64_dvd_5975282.iso
+    ```
+3. Type the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    cmd /c "D:\DaRT\DaRT 10\Installers\en-us\x64\MSDaRT100.msi"
+    ```
+4. Install DaRT 10 using default settings.
+5. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    Copy-Item "C:\Program Files\Microsoft DaRT\v10\Toolsx64.cab" -Destination "C:\Program Files\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x64"
+    Copy-Item "C:\Program Files\Microsoft DaRT\v10\Toolsx86.cab" -Destination "C:\Program Files\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x86"
+    ```
+
+## Prepare for Zero Touch installation
+
+This section contains several procedures to support Zero Touch installation with Microsoft Endpoint Configuration Manager.
+
+### Create a folder structure
+
+1. Type the following commands at a Windows PowerShell prompt on SRV1:
+
+    ```
+    New-Item -ItemType Directory -Path "C:\Sources\OSD\Boot"
+    New-Item -ItemType Directory -Path "C:\Sources\OSD\OS"
+    New-Item -ItemType Directory -Path "C:\Sources\OSD\Settings"
+    New-Item -ItemType Directory -Path "C:\Sources\OSD\Branding"
+    New-Item -ItemType Directory -Path "C:\Sources\OSD\MDT"
+    New-Item -ItemType Directory -Path "C:\Logs"
+    New-SmbShare -Name Sources$ -Path C:\Sources -ChangeAccess EVERYONE
+    New-SmbShare -Name Logs$ -Path C:\Logs -ChangeAccess EVERYONE
+    ```
+
+### Enable MDT ConfigMgr integration
+
+1. On SRV1, click **Start**, type **configmgr**, and then click **Configure ConfigMgr Integration**.
+2. Type **PS1** next to **Site code**, and then click **Next**.
+3. Verify **The process completed successfully** is displayed, and then click **Finish**.
+
+### Configure client settings
+
+1. On SRV1, click **Start**, type **configuration manager**, right-click **Configuration Manager Console**, and then click **Pin to Taskbar**.
+2. Click **Desktop**, and then launch the Configuration Manager console from the taskbar.
+3. If the console notifies you that an update is available, click **OK**. It is not necessary to install updates to complete this lab.
+4. In the console tree, open the **Administration** workspace (in the lower left corner) and click **Client Settings**.
+5. In the display pane, double-click **Default Client Settings**.
+6. Click **Computer Agent**, next to **Organization name displayed in Software Center** type **Contoso**, and then click **OK**.
+
+### Configure the network access account
+
+1. In the Administration workspace, expand **Site Configuration** and click **Sites**.
+2. On the **Home** ribbon at the top of the console window, click **Configure Site Components** and then click **Software Distribution**.
+3. On the **Network Access Account** tab, choose **Specify the account that accesses network locations**.
+4. Click the yellow starburst and then click **New Account**.
+5. Click **Browse** and then under **Enter the object name to select**, type **CM_NAA** and click **OK**.
+6. Next to **Password** and **Confirm Password**, type <strong>pass@word1</strong>, and then click **OK** twice.
+
+### Configure a boundary group
+
+1. In the Administration workspace, expand **Hierarchy Configuration**, right-click **Boundaries** and then click **Create Boundary**.
+2. Next to **Description**, type **PS1**, next to **Type** choose **Active Directory Site**, and then click **Browse**.
+3. Choose **Default-First-Site-Name** and then click **OK** twice.
+4. In the Administration workspace, right-click **Boundary Groups** and then click **Create Boundary Group**.
+5. Next to **Name**, type **PS1 Site Assignment and Content Location**, click **Add**, select the **Default-First-Site-Name** boundary and then click **OK**.
+6. On the **References** tab in the **Create Boundary Group** window select the **Use this boundary group for site assignment** checkbox.
+7. Click **Add**, select the **\\\SRV1.contoso.com** checkbox, and then click **OK** twice.
+
+### Add the state migration point role
+
+1. In the Administration workspace, expand **Site Configuration**, click **Sites**, and then in on the **Home** ribbon at the top of the console click **Add Site System Roles**.
+2. In the Add site System Roles Wizard, click **Next** twice and then on the Specify roles for this server page, select the **State migration point** checkbox.
+3. Click **Next**, click the yellow starburst, type **C:\MigData** for the **Storage folder**, and click **OK**.
+4. Click **Next**, and then verify under **Boundary groups** that **PS1 Site Assignment and Content Location** is displayed.
+5. Click **Next** twice and then click **Close**.
+
+### Enable PXE on the distribution point
+
+>[!IMPORTANT]
+>Before enabling PXE in Configuration Manager, ensure that any previous installation of WDS does not cause conflicts. Configuration Manager will automatically configure the WDS service to manage PXE requests. To disable a previous installation, if it exists, type the following commands at an elevated Windows PowerShell prompt on SRV1:
+
+```
+WDSUTIL /Set-Server /AnswerClients:None
+```
+
+1. Determine the MAC address of the internal network adapter on SRV1. To determine this, type the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    (Get-NetAdapter "Ethernet").MacAddress
+    ```
+    >If the internal network adapter, assigned an IP address of 192.168.0.2, is not named "Ethernet" then replace the name "Ethernet" in the previous command with the name of this network adapter. You can review the names of network adapters and the IP addresses assigned to them by typing **ipconfig**.
+
+2. In the Microsoft Endpoint Configuration Manager console, in the **Administration** workspace, click **Distribution Points**.
+3. In the display pane, right-click **SRV1.CONTOSO.COM** and then click **Properties**.
+4. On the PXE tab, select the following settings:
+   - **Enable PXE support for clients**. Click **Yes** in the popup that appears.
+   - **Allow this distribution point to respond to incoming PXE requests**
+   - **Enable unknown computer support**. Click **OK** in the popup that appears.
+   - **Require a password when computers use PXE**
+   - **Password** and **Confirm password**: pass@word1
+   - **Respond to PXE requests on specific network interfaces**: Click the yellow starburst and then enter the MAC address determined in the first step of this procedure.
+
+     See the following example:
+
+     <img src="images/sccm-pxe.png" alt="Config Mgr PXE"/>
+
+5. Click **OK**.
+6. Wait for a minute, then type the following command at an elevated Windows PowerShell prompt on SRV1, and verify that the files displayed are present:
+
+    ```
+    cmd /c dir /b C:\RemoteInstall\SMSBoot\x64
+
+    abortpxe.com
+    bootmgfw.efi
+    bootmgr.exe
+    pxeboot.com
+    pxeboot.n12
+    wdsmgfw.efi
+    wdsnbp.com
+    ```
+    >If these files are not present in the C:\RemoteInstall directory, verify that the REMINST share is configured as C:\RemoteInstall. You can view the properties of this share by typing "net share REMINST" at a command prompt. If the share path is set to a different value, then replace C:\RemoteInstall with your REMINST share path. 
+    >You can also type the following command at an elevated Windows PowerShell prompt to open the Configuration Manager Trace Log Tool. In the tool, click **File**, click **Open**, and then open the **distmgr.log** file. If errors are present, they will be highlighted in red:
+
+    ```
+    Invoke-Item 'C:\Program Files\Microsoft Configuration Manager\tools\cmtrace.exe'
+    ```
+
+    The log file will updated continuously while Configuration Manager is running. Wait for Configuration Manager to repair any issues that are present, and periodically re-check that the files are present in the REMINST share location. Close the Configuration Manager Trace Log Tool when done. You will see the following line in distmgr.log that indicates the REMINST share is being populated with necessary files:
+
+    Running: WDSUTIL.exe /Initialize-Server /REMINST:"C:\RemoteInstall"
+
+    Once the files are present in the REMINST share location, you can close the cmtrace tool.
+
+### Create a branding image file 
+
+1. If you have a bitmap (.BMP) image for suitable use as a branding image, copy it to the C:\Sources\OSD\Branding folder on SRV1. Otherwise, use the following step to copy a simple branding image.
+2. Type the following command at an elevated Windows PowerShell prompt:
+
+    ```
+    copy "C:\ProgramData\Microsoft\User Account Pictures\user.bmp" "C:\Sources\OSD\Branding\contoso.bmp"
+    ```
+    >You can open C:\Sources\OSD\Branding\contoso.bmp in MSPaint.exe if desired to customize this image.
+
+
+### Create a boot image for Configuration Manager 
+
+1. In the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Boot Images**, and then click **Create Boot Image using MDT**.
+2. On the Package Source page, under **Package source folder to be created (UNC Path):**, type **\\\SRV1\Sources$\OSD\Boot\Zero Touch WinPE x64**, and then click **Next**.
+    - The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later.
+3. On the General Settings page, type **Zero Touch WinPE x64** next to **Name**, and click **Next**.
+4. On the Options page, under **Platform** choose **x64**, and click **Next**.
+5. On the Components page, in addition to the default selection of **Microsoft Data Access Components (MDAC/ADO) support**, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** checkbox, and click **Next**.
+6. On the Customization page, select the **Use a custom background bitmap file** checkbox, and under **UNC path**, type or browse to **\\\SRV1\Sources$\OSD\Branding\contoso.bmp**, and then click **Next** twice. It will take a few minutes to generate the boot image.
+7. Click **Finish**.
+8. In the console display pane, right-click the **Zero Touch WinPE x64** boot image, and then click **Distribute Content**.
+9. In the Distribute Content Wizard, click **Next**, click **Add** and select **Distribution Point**, select the **SRV1.CONTOSO.COM** checkbox, click **OK**, click **Next** twice, and then click **Close**.
+10. Use the CMTrace application to view the **distmgr.log** file again and verify that the boot image has been distributed. To open CMTrace, type the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    Invoke-Item 'C:\Program Files\Microsoft Configuration Manager\tools\cmtrace.exe'
+    ```
+    
+    In the trace tool, click **Tools** on the menu and choose **Find**. Search for "**STATMSG: ID=2301**". For example:
+
+    ```
+    STATMSG: ID=2301 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_DISTRIBUTION_MANAGER" SYS=SRV1.CONTOSO.COM SITE=PS1 PID=924 TID=1424 GMTDATE=Tue Oct 09 22:36:30.986 2018 ISTR0="Zero Touch WinPE x64" ISTR1="PS10000A" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=1 AID0=400 AVAL0="PS10000A"	SMS_DISTRIBUTION_MANAGER	10/9/2018 3:36:30 PM	1424 (0x0590)
+    ```
+
+11. You can also review status by clicking the **Zero Touch WinPE x64** image, and then clicking **Content Status** under **Related Objects** in the bottom right-hand corner of the console, or by entering **\Monitoring\Overview\Distribution Status\Content Status** on the location bar in the console. Double-click **Zero Touch WinPE x64** under **Content Status** in the console tree and verify that a status of **Successfully distributed content** is displayed on the **Success** tab.
+12. Next, in the **Software Library** workspace, double-click **Zero Touch WinPE x64** and then click the **Data Source** tab.
+13. Select the **Deploy this boot image from the PXE-enabled distribution point** checkbox, and click **OK**.
+14. Review the distmgr.log file again for "**STATMSG: ID=2301**" and verify that there are three folders under **C:\RemoteInstall\SMSImages** with boot images. See the following example:
+
+    ```
+    cmd /c dir /s /b C:\RemoteInstall\SMSImages
+
+    C:\RemoteInstall\SMSImages\PS100004
+    C:\RemoteInstall\SMSImages\PS100005
+    C:\RemoteInstall\SMSImages\PS100006
+    C:\RemoteInstall\SMSImages\PS100004\boot.PS100004.wim
+    C:\RemoteInstall\SMSImages\PS100005\boot.PS100005.wim
+    C:\RemoteInstall\SMSImages\PS100006\WinPE.PS100006.wim
+    ```
+
+    >The first two images (*.wim files) are default boot images. The third is the new boot image with DaRT.
+
+### Create a Windows 10 reference image
+
+If you have already completed steps in [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) then you have already created a Windows 10 reference image. In this case, skip to the next procedure in this guide: [Add a Windows 10 operating system image](#add-a-windows-10-operating-system-image). If you have not yet created a Windows 10 reference image, complete the steps in this section.
+
+1. In [Step by step guide: Deploy Windows 10 in a test lab](windows-10-poc.md) the Windows 10 Enterprise .iso file was saved to the c:\VHD directory as **c:\VHD\w10-enterprise.iso**. The first step in creating a deployment share is to mount this file on SRV1.  To mount the Windows 10 Enterprise DVD on SRV1, open an elevated Windows PowerShell prompt on the Hyper-V host computer and type the following command:
+
+    ```
+    Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\w10-enterprise.iso
+    ```
+2. Verify that the Windows Enterprise installation DVD is mounted on SRV1 as drive letter D.
+
+3. The Windows 10 Enterprise installation files will be used to create a deployment share on SRV1 using the MDT deployment workbench. To open the deployment workbench, click **Start**, type **deployment**, and then click **Deployment Workbench**.
+
+4. In the Deployment Workbench console, right-click **Deployment Shares** and select **New Deployment Share**.
+
+5. Use the following settings for the New Deployment Share Wizard:
+    - Deployment share path: **C:\MDTBuildLab**<br>
+    - Share name: **MDTBuildLab$**<br>
+    - Deployment share description: **MDT build lab**<br>
+    - Options: click **Next** to accept the default<br>
+    - Summary: click **Next**<br>
+    - Progress: settings will be applied<br>
+    - Confirmation: click **Finish**
+
+6. Expand the **Deployment Shares** node, and then expand **MDT build lab**.
+
+7. Right-click the **Operating Systems** node, and then click **New Folder**. Name the new folder **Windows 10**. Complete the wizard using default values and click **Finish**.
+
+7. Right-click the **Windows 10** folder created in the previous step, and then click **Import Operating System**.
+
+8. Use the following settings for the Import Operating System Wizard: 
+    - OS Type: **Full set of source files**<br>
+    - Source: **D:\\** <br>
+    - Destination: **W10Ent_x64**<br>
+    - Summary: click **Next**
+    - Confirmation: click **Finish**
+
+9. For purposes of this test lab, we will not add applications, such as Microsoft Office, to the deployment share. For information about adding applications, see the [Add applications](deploy-windows-mdt/create-a-windows-10-reference-image.md#sec03) section of the [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md) topic in the TechNet library.
+
+10. The next step is to create a task sequence to reference the operating system that was imported. To create a task sequence, right-click the **Task Sequences** node under **MDT Build Lab** and then click **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
+    - Task sequence ID: **REFW10X64-001**<br>
+    - Task sequence name: **Windows 10 Enterprise x64 Default Image** <br>
+    - Task sequence comments: **Reference Build**<br>
+    - Template: **Standard Client Task Sequence**
+    - Select OS: click **Windows 10 Enterprise Evaluation in W10Ent_x64 install.wim**
+    - Specify Product Key: **Do not specify a product key at this time**
+    - Full Name: **Contoso**
+    - Organization: **Contoso**
+    - Internet Explorer home page: **http://www.contoso.com**
+    - Admin Password: **Do not specify an Administrator password at this time**
+    - Summary: click **Next**
+    - Confirmation: click **Finish**
+
+11. Edit the task sequence to add the Microsoft NET Framework 3.5, which is required by many applications. To edit the task sequence, double-click **Windows 10 Enterprise x64 Default Image** that was created in the previous step.
+
+12. Click the **Task Sequence** tab. Under **State Restore** click **Tatto** to highlight it, then click **Add** and choose **New Group**. A new group will be added under Tattoo.
+
+13. On the Properties tab of the group that was created in the previous step, change the Name from New Group to **Custom Tasks (Pre-Windows Update)** and then click **Apply**. To see the name change, click **Tattoo**, then click the new group again.
+
+14. Click the **Custom Tasks (Pre-Windows Update)** group again, click **Add**, point to **Roles**, and then click **Install Roles and Features**. 
+
+15. Under **Select the roles and features that should be installed**, select **.NET Framework 3.5 (includes .NET 2.0 and 3.0)** and then click **Apply**.
+
+16. Enable Windows Update in the task sequence by clicking the **Windows Update (Post-Application Installation)** step, clicking the **Options** tab, and clearing the **Disable this step** checkbox.
+    >Note: Since we are not installing applications in this test lab, there is no need to enable the Windows Update Pre-Application Installation step. However, you should enable this step if you are also installing applications.
+
+17. Click **OK** to complete editing the task sequence.
+
+18. The next step is to configure the MDT deployment share rules. To configure rules in the Deployment Workbench, right-click MDT build lab (C:\MDTBuildLab) and click **Properties**, and then click the **Rules** tab.
+
+19. Replace the default rules with the following text:
+
+    ```
+    [Settings]
+    Priority=Default
+
+    [Default]
+    _SMSTSORGNAME=Contoso
+    UserDataLocation=NONE
+    DoCapture=YES
+    OSInstall=Y
+    AdminPassword=pass@word1
+    TimeZoneName=Pacific Standard TimeZoneName
+    OSDComputername=#Left("PC-%SerialNumber%",7)#
+    JoinWorkgroup=WORKGROUP
+    HideShell=YES
+    FinishAction=SHUTDOWN
+    DoNotCreateExtraPartition=YES
+    ApplyGPOPack=NO
+    SkipAdminPassword=YES
+    SkipProductKey=YES
+    SkipComputerName=YES
+    SkipDomainMembership=YES
+    SkipUserData=YES
+    SkipLocaleSelection=YES
+    SkipTaskSequence=NO
+    SkipTimeZone=YES
+    SkipApplications=YES
+    SkipBitLocker=YES
+    SkipSummary=YES
+    SkipRoles=YES
+    SkipCapture=NO
+    SkipFinalSummary=NO
+    ```
+
+20. Click **Apply** and then click **Edit Bootstrap.ini**. Replace the contents of the Bootstrap.ini file with the following text, and save the file:
+
+    ```
+    [Settings]
+    Priority=Default
+
+    [Default]
+    DeployRoot=\\SRV1\MDTBuildLab$
+    UserDomain=CONTOSO
+    UserID=MDT_BA
+    UserPassword=pass@word1
+    SkipBDDWelcome=YES
+    ```
+
+21. Click **OK** to complete the configuration of the deployment share.
+
+22. Right-click **MDT build lab (C:\MDTBuildLab)** and then click **Update Deployment Share**.
+
+23. Accept all default values in the Update Deployment Share Wizard by clicking **Next**.  The update process will take 5 to 10 minutes. When it has completed, click **Finish**.
+
+24. Copy **c:\MDTBuildLab\Boot\LiteTouchPE_x86.iso** on SRV1 to the **c:\VHD** directory on the Hyper-V host computer. Note that in MDT, the x86 boot image can deploy both x86 and x64 operating systems, except on computers based on Unified Extensible Firmware Interface (UEFI).
+
+    >Hint: Top copy the file, right-click the **LiteTouchPE_x86.iso** file and click **Copy** on SRV1, then open the **c:\VHD** folder on the Hyper-V host, right-click inside the folder and click **Paste**. 
+
+25. Open a Windows PowerShell prompt on the Hyper-V host computer and type the following commands:
+
+    ```
+    New-VM –Name REFW10X64-001 -SwitchName poc-internal -NewVHDPath "c:\VHD\REFW10X64-001.vhdx" -NewVHDSizeBytes 60GB 
+    Set-VMMemory -VMName REFW10X64-001 -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 1024MB -Buffer 20
+    Set-VMDvdDrive -VMName REFW10X64-001 -Path c:\VHD\LiteTouchPE_x86.iso
+    Start-VM REFW10X64-001
+    vmconnect localhost REFW10X64-001
+    ```
+26. In the Windows Deployment Wizard, select **Windows 10 Enterprise x64 Default Image**, and then click **Next**.
+
+27. Accept the default values on the Capture Image page, and click **Next**. Operating system installation will complete after 5 to 10 minutes and then the VM will reboot automatically. Allow the system to boot normally (do not press a key). The process is fully automated.
+
+    Additional system restarts will occur to complete updating and preparing the operating system. Setup will complete the following procedures:
+
+    - Install the Windows 10 Enterprise operating system.
+    - Install added applications, roles, and features.
+    - Update the operating system using Windows Update (or WSUS if optionally specified).
+    - Stage Windows PE on the local disk.
+    - Run System Preparation (Sysprep) and reboot into Windows PE.
+    - Capture the installation to a Windows Imaging (WIM) file.
+    - Turn off the virtual machine.
+
+    This step requires from 30 minutes to 2 hours, depending on the speed of the Hyper-V host and your network's download speed. After some time, you will have a Windows 10 Enterprise x64 image that is fully patched and has run through Sysprep. The image is located in the C:\MDTBuildLab\Captures folder on SRV1. The file name is **REFW10X64-001.wim**. 
+
+### Add a Windows 10 operating system image
+
+1. Type the following commands at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    New-Item -ItemType Directory -Path "C:\Sources\OSD\OS\Windows 10 Enterprise x64"
+    cmd /c copy /z "C:\MDTBuildLab\Captures\REFW10X64-001.wim" "C:\Sources\OSD\OS\Windows 10 Enterprise x64"
+    ```
+
+2. In the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Operating System Images**, and then click **Add Operating System Image**.
+
+3. On the Data Source page, under **Path:**, type or browse to **\\\SRV1\Sources$\OSD\OS\Windows 10 Enterprise x64\REFW10X64-001.wim**, and click **Next**.
+
+4. On the General page, next to **Name:**, type **Windows 10 Enterprise x64**, click **Next** twice, and then click **Close**.
+
+5. Distribute the operating system image to the SRV1 distribution point by right-clicking the **Windows 10 Enterprise x64** operating system image and then clicking **Distribute Content**.
+
+6. In the Distribute Content Wizard, click **Next**, click **Add**, click **Distribution Point**, add the **SRV1.CONTOSO.COM** distribution point, click **OK**, click **Next** twice and then click **Close**.
+
+7. Enter **\Monitoring\Overview\Distribution Status\Content Status** on the location bar (be sure there is no space at the end of the location or you will get an error), click **Windows 10 Enterprise x64**, and monitor the status of content distribution until it is successful and no longer in progress. Refresh the view with the F5 key or by right-clicking **Windows 10 Enterprise x64** and clicking **Refresh**. Processing of the image on the site server can take several minutes.
+
+    >If content distribution is not successful, verify that sufficient disk space is available.
+
+### Create a task sequence
+
+>Complete this section slowly. There are a large number of similar settings from which to choose.
+
+1. In the Configuration Manager console, in the **Software Library** workspace expand **Operating Systems**, right-click **Task Sequences**, and then click **Create MDT Task Sequence**.
+
+2. On the Choose Template page, select the **Client Task Sequence** template and click **Next**.
+
+3. On the General page, type **Windows 10 Enterprise x64** under **Task sequence name:** and then click **Next**.
+
+4. On the Details page, enter the following settings:
+   - Join a domain: **contoso.com**
+   - Account: click **Set**
+     - User name: **contoso\CM_JD**
+     - Password: <strong>pass@word1</strong>
+     - Confirm password: <strong>pass@word1</strong>
+     - Click **OK**
+   - Windows Settings
+       - User name: **Contoso**
+       - Organization name: **Contoso**
+       - Product key: \<blank\>
+   - Administrator Account: **Enable the account and specify the local administrator password**
+     - Password: <strong>pass@word1</strong>
+     - Confirm password: <strong>pass@word1</strong>
+   - Click **Next**
+ 
+5. On the Capture Settings page, accept the default settings and click **Next**.
+
+6. On the Boot Image page, browse and select the **Zero Touch WinPE x64** boot image package, click **OK**, and then click **Next**.
+
+7. On the MDT Package page, select **Create a new Microsoft Deployment Toolkit Files package**, under **Package source folder to be created (UNC Path):**, type **\\\SRV1\Sources$\OSD\MDT\MDT** (MDT is repeated here, not a typo), and then click **Next**.
+
+8. On the MDT Details page, next to **Name:** type **MDT** and then click **Next**.
+
+9. On the OS Image page, browse and select the **Windows 10 Enterprise x64** package, click **OK**, and then click **Next**.
+
+10. On the Deployment Method page, accept the default settings for **Zero Touch Installation** and click **Next**.
+
+11. On the Client Package page, browse and select the **Microsoft Corporation Configuration Manager Client package**, click **OK**, and then click **Next**.
+
+12. On the USMT Package page, browse and select the **Microsoft Corporation User State Migration Tool for Windows 10.0.14393.0** package, click **OK**, and then click **Next**.
+
+13. On the Settings Package page, select **Create a new settings package**, and under **Package source folder to be created (UNC Path):**, type **\\\SRV1\Sources$\OSD\Settings\Windows 10 x64 Settings**, and then click **Next**.
+
+14. On the Settings Details page, next to **Name:**, type **Windows 10 x64 Settings**, and click **Next**.
+
+15. On the Sysprep Package page, click **Next** twice.
+
+16. On the Confirmation page, click **Finish**.
+
+### Edit the task sequence
+
+1. In the Configuration Manager console, in the **Software Library** workspace, click **Task Sequences**, right-click **Windows 10 Enterprise x64**, and then click **Edit**.
+
+2. Scroll down to the **Install** group and click the **Set Variable for Drive Letter** action.
+
+3. Change the Value under **OSDPreserveDriveLetter** from **False** to **True**, and then click **Apply**.
+
+4. In the **State Restore** group, click the **Set Status 5** action, click **Add** in the upper left corner, point to **User State**, and click **Request State Store**. This adds a new action immediately after **Set Status 5**.
+
+5. Configure the **Request State Store** action that was just added with the following settings:<br>
+    - Request state storage location to: **Restore state from another computer**<br>
+    - Select the **If computer account fails to connect to state store, use the Network Access account** checkbox.<br>
+    - Options tab: Select the **Continue on error** checkbox.<br>
+    - Add Condition: **Task Sequence Variable**:<br>
+        - Variable: **USMTLOCAL** <br>
+        - Condition: **not equals**<br>
+        - Value: **True**<br>
+        - Click **OK**.<br>
+    - Click **Apply**<br>.
+
+6. In the **State Restore** group, click **Restore User State**, click **Add**, point to **User State**, and click **Release State Store**.
+
+7. Configure the **Release State Store** action that was just added with the following settings:<br>
+    - Options tab: Select the **Continue on error** checkbox.<br>
+    - Add Condition: **Task Sequence Variable**:<br>
+        - Variable: **USMTLOCAL** <br>
+        - Condition: **not equals**<br>
+        - Value: **True**<br>
+        - Click **OK**.<br>
+    - Click **OK**<br>.
+
+
+### Finalize the operating system configuration
+
+>If you completed all procedures in [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) then the MDT deployment share is already present on SRV1.  In this case, skip the first four steps below and begin with step 5 to edit CustomSettings.ini.
+
+1. In the MDT deployment workbench on SRV1, right-click **Deployment Shares** and then click **New Deployment Share**.
+
+2. Use the following settings for the New Deployment Share Wizard:
+    - Deployment share path: **C:\MDTProduction**<br>
+    - Share name: **MDTProduction$**<br>
+    - Deployment share description: **MDT Production**<br>
+    - Options: click **Next** to accept the default<br>
+    - Summary: click **Next**<br>
+    - Progress: settings will be applied<br>
+    - Confirmation: click **Finish**
+
+3. Right-click the **MDT Production** deployment share, and click **Properties**. 
+
+4. Click the **Monitoring** tab, select the **Enable monitoring for this deployment share** checkbox, and then click **OK**.
+
+5. Type the following command at an elevated Windows PowerShell prompt on SRV1:
+
+    ```
+    notepad "C:\Sources\OSD\Settings\Windows 10 x64 Settings\CustomSettings.ini"
+    ```
+6. Replace the contents of the file with the following text, and then save the file:
+
+    ```
+    [Settings]
+    Priority=Default
+    Properties=OSDMigrateConfigFiles,OSDMigrateMode
+    
+    [Default]
+    DoCapture=NO
+    ComputerBackupLocation=NONE
+    OSDMigrateMode=Advanced
+    OSDMigrateAdditionalCaptureOptions=/ue:*\* /ui:CONTOSO\*
+    OSDMigrateConfigFiles=Miguser.xml,Migapp.xml
+    SLSHARE=\\SRV1\Logs$
+    EventService=http://SRV1:9800
+    ApplyGPOPack=NO
+    ```
+
+    >As noted previously, if you wish to migrate accounts other than those in the Contoso domain, then change the OSDMigrateAdditionalCaptureOptions option. For example, the following option will capture settings from all user accounts:
+
+    ```
+    OSDMigrateAdditionalCaptureOptions=/all
+    ```
+
+
+7. Return to the Configuration Manager console, and in the Software Library workspace, expand **Application Management**, click **Packages**, right-click **Windows 10 x64 Settings**, and then click **Update Distribution Points**. Click **OK** in the popup that appears.
+
+8. In the Software Library workspace, expand **Operating Systems**, click **Task Sequences**, right-click **Windows 10 Enterprise x64**, and then click **Distribute Content**.
+
+9. In the Distribute Content Wizard, click **Next** twice, click **Add**, click **Distribution Point**, select the **SRV1.CONTOSO.COM** distribution point, click **OK**, click **Next** twice and then click **Close**.
+
+10. Enter **\Monitoring\Overview\Distribution Status\Content Status\Windows 10 Enterprise x64** on the location bar, double-click **Windows 10 Enterprise x64**, and monitor the status of content distribution until it is successful and no longer in progress. Refresh the view with the F5 key or by right-clicking **Windows 10 Enterprise x64** and clicking **Refresh**.
+
+### Create a deployment for the task sequence
+
+1. In the Software Library workspace, expand **Operating Systems**, click **Task Sequences**, right-click **Windows 10 Enterprise x64**, and then click **Deploy**. 
+
+2. On the General page, next to **Collection**, click **Browse**, select the **All Unknown Computers** collection, click **OK**, and then click **Next**.
+
+3. On the Deployment Settings page, use the following settings:<br>
+    - Purpose: **Available**<br>
+    - Make available to the following: **Only media and PXE**<br>
+    - Click **Next**.<br>
+4. Click **Next** five times to accept defaults on the Scheduling, User Experience, Alerts, and Distribution Points pages.
+
+5. Click **Close**.
+
+## Deploy Windows 10 using PXE and Configuration Manager
+
+In this first deployment scenario, we will deploy Windows 10 using PXE. This scenario creates a new computer that does not have any migrated users or settings.
+
+1. Type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    ```
+    New-VM –Name "PC4" –NewVHDPath "c:\vhd\pc4.vhdx" -NewVHDSizeBytes 40GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
+    Set-VMMemory -VMName "PC4" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes 2048MB -Buffer 20
+    Start-VM PC4
+    vmconnect localhost PC4
+    ```
+
+2. Press ENTER when prompted to start the network boot service.
+
+3. In the Task Sequence Wizard, provide the password: <strong>pass@word1</strong>, and then click **Next**.
+
+4. Before you click **Next** in the Task Sequence Wizard, press the **F8** key. A command prompt will open.
+
+5. At the command prompt, type **explorer.exe** and review the Windows PE file structure. 
+
+6. The smsts.log file is critical for troubleshooting any installation problems that might be encountered. Depending on the deployment phase, the smsts.log file is created in different locations:
+   - X:\windows\temp\SMSTSLog\smsts.log before disks are formatted.
+   - x:\smstslog\smsts.log after disks are formatted.
+   - c:\_SMSTaskSequence\Logs\Smstslog\smsts.log before the Microsoft Endpoint Configuration Manager client is installed.
+   - c:\windows\ccm\logs\Smstslog\smsts.log after the Microsoft Endpoint Configuration Manager client is installed.
+   - c:\windows\ccm\logs\smsts.log when the task sequence is complete.
+
+     Note: If a reboot is pending on the client, the reboot will be blocked as long as the command window is open.
+
+7. In the explorer window, click **Tools** and then click **Map Network Drive**.
+
+8. Do not map a network drive at this time. If you need to save the smsts.log file, you can use this method to save the file to a location on SRV1.
+
+9. Close the Map Network Drive window, the Explorer window, and the command prompt.
+
+10. The **Windows 10 Enterprise x64** task sequence is selected in the Task Sequenc Wizard. Click **Next** to continue with the deployment.
+
+11. The task sequence will require several minutes to complete. You can monitor progress of the task sequence using the MDT Deployment Workbench under Deployment Shares > MDTProduction > Monitoring. The task sequence will:
+    - Install Windows 10
+    - Install the Configuration Manager client and hotfix
+    - Join the computer to the contoso.com domain
+    - Install any applications that were specified in the reference image
+
+
+12. When Windows 10 installation has completed, sign in to PC4 using the **contoso\administrator** account.
+
+13. Right-click **Start**, click **Run**, type **control appwiz.cpl**, press ENTER, click **Turn Windows features on or off**, and verify that **.NET Framework 3.5 (includes .NET 2.0 and 3.0)** is installed. This is a feature included in the reference image.
+
+14. Shut down the PC4 VM.
+
+>Note: The following two procedures 1) Replace a client with Windows 10 and 2) Refresh a client with Windows 10 have been exchanged in their order in this guide compared to the previous version. This is to avoid having to restore Hyper-V checkpoints to have access to PC1 before the OS is upgraded. If this is your first time going through this guide, you won't notice any change, but if you have tried the guide previously then this change should make it simpler to complete.
+
+## Replace a client with Windows 10 using Configuration Manager
+
+>Before starting this section, you can delete computer objects from Active Directory that were created as part of previous deployment procedures. Use the Active Directory Users and Computers console on DC1 to remove stale entries under contoso.com\Computers, but do not delete the computer account (hostname) for PC1. There should be at least two computer accounts present in the contoso.com\Computers container: one for SRV1, and one for the hostname of PC1. It is not required to delete the stale entries, this is only done to remove clutter.
+
+![contoso.com\Computers](images/poc-computers.png)
+
+In the replace procedure, PC1 will not be migrated to a new operating system. It is simplest to perform this procedure before performing the refresh procedure. After refreshing PC1, the operating system will be new. The next (replace) procedure does not install a new operating system on PC1 but rather performs a side-by-side migration of PC1 and another computer (PC4), to copy users and settings from PC1 to the new computer.
+
+### Create a replace task sequence
+
+1. On SRV1, in the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and then click **Create MDT Task Sequence**.
+
+2. On the Choose Template page, select **Client Replace Task Sequence** and click **Next**.
+
+3. On the General page, type the following:
+    - Task sequence name: **Replace Task Sequence**
+    - Task sequence comments: **USMT backup only**
+
+4. Click **Next**, and on the Boot Image page, browse and select the **Zero Touch WinPE x64** boot image package. Click **OK** and then click **Next** to continue.
+5. On the MDT Package page, browse and select the **MDT** package. Click **OK** and then click **Next** to continue.
+6. On the USMT Package page, browse and select the **Microsoft Corporation User State Migration Tool for Windows** package. Click **OK** and then click **Next** to continue.
+7. On the Settings Package page, browse and select the **Windows 10 x64 Settings** package. Click **OK** and then click **Next** to continue.
+8. On the Summary page, review the details and then click **Next**.
+9. On the Confirmation page, click **Finish**.
+
+>If an error is displayed at this stage it can be caused by a corrupt MDT integration. To repair it, close the Configuration Manager console, remove MDT integration, and then restore MDT integration.
+
+### Deploy PC4
+
+Create a VM named PC4 to receive the applications and settings from PC1. This VM represents a new computer that will replace PC1. To create this VM, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+```
+New-VM –Name "PC4" –NewVHDPath "c:\vhd\pc4.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
+Set-VMMemory -VMName "PC4" -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 2048MB -Buffer 20
+Set-VMNetworkAdapter -VMName PC4 -StaticMacAddress 00-15-5D-83-26-FF
+```
+
+>Hyper-V enables us to define a static MAC address on PC4. In a real-world scenario you must determine the MAC address of the new computer.
+
+### Install the Configuration Manager client on PC1
+
+1. Verify that the PC1 VM is running and in its original state, which was saved as a checkpoint and then restored in [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md).
+
+2. If a PC1 checkpoint has not already been saved, then save a checkpoint by typing the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    ```
+    Checkpoint-VM -Name PC1 -SnapshotName BeginState
+    ```
+
+3. On SRV1, in the Configuration Manager console, in the Administration workspace, expand **Hierarchy Configuration** and click on **Discovery Methods**.
+4. Double-click **Active Directory System Discovery** and on the **General** tab select the **Enable Active Directory System Discovery** checkbox.
+5. Click the yellow starburst, click **Browse**, select **contoso\Computers**, and then click **OK** three times.
+6. When a popup dialog box asks if you want to run full discovery, click **Yes**. 
+7. In the Assets and Compliance workspace, click **Devices** and verify that the computer account names for SRV1 and PC1 are displayed. See the following example (GREGLIN-PC1 is the computer account name of PC1 in this example):
+
+    ![assets](images/sccm-assets.png)
+
+    >If you do not see the computer account for PC1, try clicking the **Refresh** button in the upper right corner of the console.
+    
+    The **Client** column indicates that the Configuration Manager client is not currently installed. This procedure will be carried out next.
+
+8. Sign in to PC1 using the contoso\administrator account and type the following at an elevated command prompt to remove any pre-existing client configuration, if it exists. Note: this command requires an elevated command prompt not an elevated Windows PowerShell prompt:
+
+    ```
+    sc stop ccmsetup
+    "\\SRV1\c$\Program Files\Microsoft Configuration Manager\Client\CCMSetup.exe" /Uninstall
+    ```
+    >If PC1 still has Configuration Manager registry settings that were applied by Group Policy, startup scripts, or other policies in its previous domain, these might not all be removed by CCMSetup /Uninstall and can cause problems with installation or registration of the client in its new environment. It might be necessary to manually remove these settings if they are present. For more information, see [Manual removal of the SCCM client](https://blogs.technet.microsoft.com/michaelgriswold/2013/01/02/manual-removal-of-the-sccm-client/).
+
+9. On PC1, temporarily stop Windows Update from queuing items for download and clear all BITS jobs from the queue:
+
+    ```
+    net stop wuauserv
+    net stop BITS
+    ```
+
+    Verify that both services were stopped successfully, then type the following at an elevated command prompt:
+
+    ```
+    del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
+    net start BITS
+    bitsadmin /list /allusers
+    ```
+
+    Verify that BITSAdmin displays 0 jobs. 
+
+10. To install the Configuration Manager client as a standalone process, type the following at an elevated command prompt:
+
+    ```
+    "\\SRV1\c$\Program Files\Microsoft Configuration Manager\Client\CCMSetup.exe" /mp:SRV1.contoso.com /logon SMSSITECODE=PS1
+    ```
+11. On PC1, using file explorer, open the **C:\Windows\ccmsetup** directory. During client installation, files will be downloaded here. 
+12. Installation progress will be captured in the file: **c:\windows\ccmsetup\logs\ccmsetup.log**. You can periodically open this file in notepad, or you can type the following command at an elevated Windows PowerShell prompt to monitor installation progress:
+
+    ```
+    Get-Content -Path c:\windows\ccmsetup\logs\ccmsetup.log -Wait
+    ```
+    
+    Installation might require several minutes, and display of the log file will appear to hang while some applications are installed. This is normal. When setup is complete, verify that **CcmSetup is existing with return code 0** is displayed on the last line of the ccmsetup.log file and then press **CTRL-C** to break out of the Get-Content operation (if you are viewing the log in Windows PowerShell the last line will be wrapped). A return code of 0 indicates that installation was successful and you should now see a directory created at **C:\Windows\CCM** that contains files used in registration of the client with its site.
+
+13. On PC1, open the Configuration Manager control panel applet by typing the following command:
+
+    ```
+    control smscfgrc
+    ```
+
+14. Click the **Site** tab, click **Configure Settings**, and click **Find Site**. The client will report that it has found the PS1 site. See the following example:
+
+    ![site](images/sccm-site.png)
+
+    If the client is not able to find the PS1 site, review any error messages that are displayed in **C:\Windows\CCM\Logs\ClientIDManagerStartup.log** and **LocationServices.log**. A common reason the site code is not located is because a previous configuration exists. For example, if a previous site code is configured at **HKLM\SOFTWARE\Microsoft\SMS\Mobile Client\GPRequestedSiteAssignmentCode** this must be deleted or updated.
+
+15. On SRV1, in the Assets and Compliance workspace, click **Device Collections** and then double-click **All Desktop and Server Clients**. This node will be added under **Devices**.
+
+16. Click **All Desktop and Server Clients** and verify that the computer account for PC1 is displayed here with **Yes** and **Active** in the **Client** and **Client Activity** columns, respectively. You might have to refresh the view and wait few minutes for the client to appear here.  See the following example:
+
+    ![client](images/sccm-client.png)
+
+    >It might take several minutes for the client to fully register with the site and complete a client check. When it is complete you will see a green check mark over the client icon as shown above. To refresh the client, click it and then press **F5** or right-click the client and click **Refresh**.
+
+### Create a device collection and deployment
+
+1. On SRV1, in the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections** and then click **Create Device Collection**.
+
+2. Use the following settings in the **Create Device Collection Wizard**:
+    - General > Name: **Install Windows 10 Enterprise x64**<br>
+    - General > Limiting collection: **All Systems**<br>
+    - Membership Rules > Add Rule: **Direct Rule**<br>
+    - The **Create Direct Membership Rule Wizard** opens, click **Next**<br>
+    - Search for Resources > Resource class: **System Resource**<br>
+    - Search for Resources > Attribute name: **Name**<br>
+    - Search for Resources > Value: **%**<br>
+    - Select Resources > Value: Select the computername associated with the PC1 VM<br>
+    - Click **Next** twice and then click **Close** in both windows (Next, Next, Close, then Next, Next, Close)
+
+3. Double-click the Install Windows 10 Enterprise x64 device collection and verify that the PC1 computer account is displayed.
+
+4. In the Software Library workspace, expand **Operating Systems**, click **Task Sequences**, right-click **Windows 10 Enterprise x64** and then click **Deploy**.
+
+5. Use the following settings in the Deploy Software wizard:
+    - General > Collection: Click Browse and select **Install Windows 10 Enterprise x64**<br>
+    - Deployment Settings > Purpose: **Available**<br>
+    - Deployment Settings > Make available to the following: **Configuration Manager clients, media and PXE**<br>
+    - Scheduling > Click **Next**<br>
+    - User Experience > Click **Next**<br>
+    - Alerts > Click **Next**<br>
+    - Distribution Points > Click **Next**<br>
+    - Summary > Click **Next**<br>
+    - Verify that the wizard completed successfully and then click **Close**
+
+
+### Associate PC4 with PC1
+
+1. On SRV1 in the Configuration Manager console, in the Assets and Compliance workspace, right-click **Devices** and then click **Import Computer Information**.
+
+2. On the Select Source page, choose **Import single computer** and click **Next**.
+
+3. On the Single Computer page, use the following settings:
+    - Computer Name: **PC4**
+    - MAC Address: **00:15:5D:83:26:FF**
+    - Source Computer: \<type the hostname of PC1, or click **Search** twice, click the hostname, and click **OK**\>
+
+4. Click **Next**, and on the User Accounts page choose **Capture and restore specified user accounts**, then click the yellow starburst next to **User accounts to migrate**.
+
+5. Click **Browse** and then under Enter the object name to select type **user1** and click OK twice.
+
+6. Click the yellow starburst again and repeat the previous step to add the **contoso\administrator** account.
+
+7. Click **Next** twice, and on the Choose Target Collection page, choose **Add computers to the following collection**, click **Browse**, choose **Install Windows 10 Enterprise x64**, click **OK**, click **Next** twice, and then click **Close**.
+
+8. In the Assets and Compliance workspace, click **User State Migration** and review the computer association in the display pane. The source computer will be the computername of PC1 (GREGLIN-PC1 in this example), the destination computer will be **PC4**, and the migration type will be **side-by-side**.
+
+9. Right-click the association in the display pane and then click **Specify User Accounts**. You can add or remove user account here. Click **OK**.
+
+10. Right-click the association in the display pane and then click **View Recovery Information**. Note that a recovery key has been assigned, but a user state store location has not. Click **Close**.
+
+11. Click **Device Collections** and then double-click **Install Windows 10 Enterprise x64**. Verify that **PC4** is displayed in the collection. You might have to update and refresh the collection, or wait a few minutes, but do not proceed until PC4 is available. See the following example:
+
+    ![collection](images/sccm-collection.png)
+
+### Create a device collection for PC1
+
+1. On SRV1, in the Configuration Manager console, in the Assets and Compliance workspace, right-click **Device Collections** and then click **Create Device Collection**.
+
+2. Use the following settings in the **Create Device Collection Wizard**:
+    - General > Name: **USMT Backup (Replace)**<br>
+    - General > Limiting collection: **All Systems**<br>
+    - Membership Rules > Add Rule: **Direct Rule**<br>
+    - The **Create Direct Membership Rule Wizard** opens, click **Next**<br>
+    - Search for Resources > Resource class: **System Resource**<br>
+    - Search for Resources > Attribute name: **Name**<br>
+    - Search for Resources > Value: **%**<br>
+    - Select Resources > Value: Select the computername associated with the PC1 VM (GREGLIN-PC1 in this example).<br>
+    - Click **Next** twice and then click **Close** in both windows.
+
+3. Click **Device Collections** and then double-click **USMT Backup (Replace)**. Verify that the computer name/hostname associated with PC1 is displayed in the collection. Do not proceed until this name is displayed.  
+
+### Create a new deployment
+
+In the Configuration Manager console, in the Software Library workspace under Operating Systems, click **Task Sequences**, right-click **Replace Task Sequence**, click **Deploy**, and use the following settings:
+- General > Collection: **USMT Backup (Replace)**<br>
+- Deployment Settings > Purpose: **Available**<br>
+- Deployment Settings > Make available to the following: **Only Configuration Manager Clients**<br>
+- Scheduling: Click **Next**<br>
+- User Experience: Click **Next**<br>
+- Alerts: Click **Next**<br>
+- Distribution Points: Click **Next**<br>
+- Click **Next** and then click **Close**.
+
+### Verify the backup
+
+1. On PC1, open the Configuration Manager control panel applet by typing the following command:
+
+    ```
+    control smscfgrc
+    ```
+2. On the **Actions** tab, click **Machine Policy Retrieval & Evaluation Cycle**, click **Run Now**, click **OK**, and then click **OK** again. This is one method that can be used to run a task sequence in addition to the Client Notification method that will be demonstrated in the computer refresh procedure.
+
+3. Type the following at an elevated command prompt to open the Software Center:
+
+    ```
+    C:\Windows\CCM\SCClient.exe
+    ```
+
+4. In the Software Center , click **Available Software** and then select the **Replace Task Sequence** checkbox. See the following example:
+
+    ![software](images/sccm-software-cntr.png)
+
+    >If you do not see any available software, try running step #2 again to start the Machine Policy Retrieval & Evaluation Cycle. You should see an alert that new software is available.
+
+5. Click **INSTALL SELECTED** and then click **INSTALL OPERATING SYSTEM**.
+6. Allow the **Replace Task Sequence** to complete, then verify that the C:\MigData folder on SRV1 contains the USMT backup.
+
+### Deploy the new computer
+
+1. Start PC4 and press ENTER for a network boot when prompted. To start PC4, type the following commands at an elevated Windows Powershell prompt on the Hyper-V host:
+
+    ```
+    Start-VM PC4
+    vmconnect localhost PC4
+    ```
+2. In the **Welcome to the Task Sequence Wizard**, enter <strong>pass@word1</strong> and click **Next**.
+3. Choose the **Windows 10 Enterprise X64** image.
+4. Setup will install the operating system using the Windows 10 Enterprise x64 reference image, install the configuration manager client, join PC4 to the domain, and restore users and settings from PC1.
+5. Save checkpoints for all VMs if you wish to review their status at a later date. This is not required (checkpoints do take up space on the Hyper-V host). Note: the next procedure will install a new OS on PC1 update its status in Configuration Manager and in Active Directory as a Windows 10 device, so you cannot return to a previous checkpoint only on the PC1 VM without a conflict. Therefore, if you do create a checkpoint, you should do this for all VMs.
+
+    To save a checkpoint for all VMs, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    ```
+    Checkpoint-VM -Name DC1 -SnapshotName cm-refresh
+    Checkpoint-VM -Name SRV1 -SnapshotName cm-refresh
+    Checkpoint-VM -Name PC1 -SnapshotName cm-refresh
+    ```
+
+## Refresh a client with Windows 10 using Configuration Manager
+
+
+### Initiate the computer refresh
+
+1. On SRV1, in the Assets and Compliance workspace, click **Device Collections** and then double-click **Install Windows 10 Enterprise x64**.
+2. Right-click the computer account for PC1, point to **Client Notification**, click **Download Computer Policy**, and click **OK** in the popup dialog box.
+3. On PC1, in the notification area, click **New software is available** and then click **Open Software Center**.
+4. In the Software Center, click **Operating Systems**, click **Windows 10 Enterprise x64**, click **Install** and then click **INSTALL OPERATING SYSTEM**. See the following example:
+
+    ![installOS](images/sccm-install-os.png)
+
+    The computer will restart several times during the installation process. Installation includes downloading updates, reinstalling the Configuration Manager Client Agent, and restoring the user state. You can view status of the installation in the Configuration Manager console by accessing the Monitoring workspace, clicking **Deployments**, and then double-clicking the deployment associated with the **Install Windows 10 Enterprise x64** collection. Under **Asset Details**, right-click the device and then click **More Details**. Click the **Status** tab to see a list of tasks that have been performed.  See the following example:
+
+    ![asset](images/sccm-asset.png)   
+    
+    You can also monitor progress of the installation by using the MDT deployment workbench and viewing the **Monitoring** node under **Deployment Shares\MDT Production**. 
+    
+    When installation has completed, sign in using the contoso\administrator account or the contoso\user1 account and verify that applications and settings have been successfully backed up and restored to your new Windows 10 Enterprise operating system.
+
+    ![post-refresh](images/sccm-post-refresh.png) 
+
+
+
+## Related Topics
+
+[System Center 2012 Configuration Manager Survival Guide](https://social.technet.microsoft.com/wiki/contents/articles/7075.system-center-2012-configuration-manager-survival-guide.aspx#Step-by-Step_Guides)
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/windows-10-poc.md b/windows/deployment/windows-10-poc.md
index 7a4fb81ed7..a7ede5de94 100644
--- a/windows/deployment/windows-10-poc.md
+++ b/windows/deployment/windows-10-poc.md
@@ -1,1106 +1,1108 @@
----
-title: Configure a test lab to deploy Windows 10
-ms.reviewer: 
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-description: Concepts and procedures for deploying Windows 10 in a proof of concept lab environment.
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-keywords: deployment, automate, tools, configure, mdt, sccm
-ms.localizationpriority: medium
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Step by step guide: Configure a test lab to deploy Windows 10
-
-**Applies to**
-
--   Windows 10
-
-This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, see the following Windows 10 PoC deployment guides:
-
-- [Step by step: Deploy Windows 10 in a test lab using MDT](windows-10-poc-mdt.md)<BR>
-- [Step by step: Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md)<BR>
-
-The PoC deployment guides are intended to provide a demonstration of Windows 10 deployment tools and processes for IT professionals that are not familiar with these tools, and those that are interested in setting up a proof of concept environment. The instructions in this guide should not be used in a production setting, and are not meant to replace the instructions found in production deployment guidance.
-
-Approximately 3 hours are required to configure the PoC environment. You will need a Hyper-V capable computer running Windows 8.1 or later with at least 16GB of RAM. Detailed [requirements](#hardware-and-software-requirements) are provided below. You will also need to have a [Microsoft account](https://www.microsoft.com/account) to use for downloading evaluation software.
-
-Windows PowerShell commands are provided to set up the PoC environment quickly. You do not need to be an expert in Windows PowerShell to complete the steps in the guide, however you are required to customize some commands to your environment.
-
-> Instructions to "type" Windows PowerShell commands provided in this guide can be followed literally by typing the commands, but the preferred method is to copy and paste these commands.
-> 
-> A Windows PowerShell window can be used to run all commands in this guide. However, when commands are specified for a command prompt, you must either type CMD at the Windows PowerShell prompt to enter the command prompt, or preface the command with "cmd /c", or if desired you can escape special characters in the command using the back-tick character (`). In most cases, the simplest thing is to type cmd and enter a command prompt, type the necessary commands, then type "exit" to return to Windows PowerShell.
-
-Hyper-V is installed, configured and used extensively in this guide. If you are not familiar with Hyper-V, review the [terminology](#appendix-b-terminology-used-in-this-guide) used in this guide before starting.
-
-## In this guide
-
-This guide contains instructions for three general procedures: Install Hyper-V, configure Hyper-V, and configure VMs. If you already have a computer running Hyper-V, you can use this computer and skip the first procedure. In this case, your virtual switch settings must be modified to match those used in this guide, or the steps in this guide can be modified to use your existing Hyper-V settings.
-
-After completing the instructions in this guide, you will have a PoC environment that enables you to test Windows 10 deployment procedures by following instructions in companion guides that are written to use the PoC environment. Links are provided to download trial versions of Windows Server 2012, Windows 10 Enterprise, and all deployment tools necessary to complete the lab.
-
-Topics and procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
-
-<br>
-
-<div style='font-size:9.0pt'>
-
-<table border="1" cellspacing="0" cellpadding="0">
-<tr><TD BGCOLOR="#a0e4fa"><B>Topic</B></td><TD BGCOLOR="#a0e4fa"><B>Description</B></td><TD BGCOLOR="#a0e4fa"><B>Time</B></td></tr>
-<tr><td><a href="#hardware-and-software-requirements" data-raw-source="[Hardware and software requirements](#hardware-and-software-requirements)">Hardware and software requirements</a><td>Prerequisites to complete this guide.<td>Informational
-<tr><td><a href="#lab-setup" data-raw-source="[Lab setup](#lab-setup)">Lab setup</a><td>A description and diagram of the PoC environment.<td>Informational
-<tr><td><a href="#configure-the-poc-environment" data-raw-source="[Configure the PoC environment](#configure-the-poc-environment)">Configure the PoC environment</a><td>Parent topic for procedures.<td>Informational
-<tr><td><a href="#verify-support-and-install-hyper-v" data-raw-source="[Verify support and install Hyper-V](#verify-support-and-install-hyper-v)">Verify support and install Hyper-V</a><td>Verify that installation of Hyper-V is supported, and install the Hyper-V server role.<td>10 minutes
-<tr><td><a href="#download-vhd-and-iso-files" data-raw-source="[Download VHD and ISO files](#download-vhd-and-iso-files)">Download VHD and ISO files</a><td>Download evaluation versions of Windows Server 2012 R2 and Windows 10 and prepare these files to be used on the Hyper-V host.<td>30 minutes
-<tr><td><a href="#convert-pc-to-vm" data-raw-source="[Convert PC to VM](#convert-pc-to-vm)">Convert PC to VM</a><td>Convert a physical computer on your network to a VM hosted in Hyper-V.<td>30 minutes
-<tr><td><a href="#resize-vhd" data-raw-source="[Resize VHD](#resize-vhd)">Resize VHD</a><td>Increase the storage capacity for one of the Windows Server VMs.<td>5 minutes
-<tr><td><a href="#configure-hyper-v" data-raw-source="[Configure Hyper-V](#configure-hyper-v)">Configure Hyper-V</a><td>Create virtual switches, determine available RAM for virtual machines, and add virtual machines.<td>15 minutes
-<tr><td><a href="#configure-vms" data-raw-source="[Configure service and user accounts](#configure-vms)">Configure service and user accounts</a><td>Start virtual machines and configure all services and settings.<td>60 minutes
-<tr><td><a href="#configure-vms" data-raw-source="[Configure VMs](#configure-vms)">Configure VMs</a><td>Start virtual machines and configure all services and settings.<td>60 minutes
-<tr><td><a href="#appendix-a-verify-the-configuration" data-raw-source="[Appendix A: Verify the configuration](#appendix-a-verify-the-configuration)">Appendix A: Verify the configuration</a><td>Verify and troubleshoot network connectivity and services in the PoC environment.<td>30 minutes
-<tr><td><a href="#appendix-b-terminology-used-in-this-guide" data-raw-source="[Appendix B: Terminology in this guide](#appendix-b-terminology-used-in-this-guide)">Appendix B: Terminology in this guide</a><td>Terms used in this guide.<td>Informational
-</table>
-</div>
-
-## Hardware and software requirements
-
-One computer that meets the hardware and software specifications below is required to complete the guide; A second computer is recommended to validate the upgrade process.
-
-- **Computer 1**: the computer you will use to run Hyper-V and host virtual machines. This computer should have 16 GB or more of installed RAM and a multi-core processor.
-- **Computer 2**: a client computer from your corporate network. It is shadow-copied to create a VM that can be added to the PoC environment, enabling you to test a mirror image of a computer on your network. If you do not have a computer to use for this simulation, you can download an evaluation VHD and use it to represent this computer. Subsequent guides use this computer to simulate Windows 10 replace and refresh scenarios, so the VM is required even if you cannot create this VM using computer 2.
-
-Harware requirements are displayed below:
-
-<div style='font-size:9.0pt'>
-
-<table border="1" cellspacing="0" cellpadding="0">
-    <tr>
-        <td></td>
-        <td BGCOLOR="#a0e4fa"><strong>Computer 1</strong> (required)</td>
-        <td BGCOLOR="#a0e4fa"><strong>Computer 2</strong> (recommended)</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Role</strong></td>
-        <td>Hyper-V host</td>
-        <td>Client computer</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Description</strong></td>
-        <td>This computer will run Hyper-V, the Hyper-V management tools, and the Hyper-V Windows PowerShell module.</td>
-        <td>This computer is a Windows 7 or Windows 8/8.1 client on your corporate network that will be converted to a VM to demonstrate the upgrade process.</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>OS</strong></td>
-        <td>Windows 8.1/10 or Windows Server 2012/2012 R2/2016<b>*</b></td>
-        <td>Windows 7 or a later</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Edition</strong></td>
-        <td>Enterprise, Professional, or Education</td>
-        <td>Any</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Architecture</strong></td>
-        <td>64-bit</td>
-        <td>Any<BR><I>Note: Retaining applications and settings requires that architecture (32 or 64-bit) is the same before and after the upgrade.</I></td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>RAM</strong></td>
-        <td>8 GB RAM (16 GB recommended) to test Windows 10 deployment with MDT.
-        <BR>16 GB RAM to test Windows 10 deployment with System Center Configuration Manager.</td>
-        <td>Any</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Disk</strong></td>
-        <td>200 GB available hard disk space, any format.</td>
-        <td>Any size, MBR formatted.</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>CPU</strong></td>
-        <td>SLAT-Capable CPU</td>
-        <td>Any</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Network</strong></td>
-        <td>Internet connection</td>
-        <td>Any</td>
-    </tr>
-</table>
-
-
-<B>\*</B><I>The Hyper-V server role can also be installed on a computer running Windows Server 2008 R2. However, the Windows PowerShell module for Hyper-V is not available on Windows Server 2008 R2, therefore you cannot use many of the steps provided in this guide to configure Hyper-V. To manage Hyper-V on Windows Server 2008 R2, you can use Hyper-V WMI, or you can use the Hyper-V Manager console. Providing all steps in this guide as Hyper-V WMI or as 2008 R2 Hyper-V Manager procedures is beyond the scope of the guide.</I>
-<BR>
-<BR>The Hyper-V role cannot be installed on Windows 7 or earlier versions of Windows.
-
-</div>
-
-## Lab setup
-
-The lab architecture is summarized in the following diagram:
-
-![PoC](images/poc.png)
-
-- Computer 1 is configured to host four VMs on a private, PoC network.
-    - Two VMs are running Windows Server 2012 R2 with required network services and tools installed.
-    - Two VMs are client systems: One VM is intended to mirror a host on your corporate network (computer 2) and one VM is running Windows 10 Enterprise to demonstrate the hardware replacement scenario.
-
->If you have an existing Hyper-V host, you can use this host and skip the Hyper-V installation section in this guide.
-
-<I>The two Windows Server VMs can be combined into a single VM to conserve RAM and disk space if required. However, instructions in this guide assume two server systems are used. Using two servers enables Active Directory Domain Services and DHCP to be installed on a server that is not directly connected to the corporate network. This mitigates the risk of clients on the corporate network receiving DHCP leases from the PoC network (i.e. "rogue" DHCP), and limits NETBIOS service broadcasts.</I>
-
-## Configure the PoC environment
-
->**Hint**: Before you begin, ensure that Windows PowerShell is pinned to the taskbar for easy access. If the Hyper-V host is running Windows Server then Windows PowerShell is automatically pinned to the taskbar. To pin Windows PowerShell to the taskbar on Windows 8.1 or Windows 10: Click **Start**, type **power**, right click **Windows PowerShell**, and then click **Pin to taskbar**. After Windows PowerShell is pinned to the taskbar, you can open an elevated Windows PowerShell prompt by right-clicking the icon on the taskbar and then clicking **Run as Administrator**.
-
-### Procedures in this section
-
-[Verify support and install Hyper-V](#verify-support-and-install-hyper-v)<BR>
-[Download VHD and ISO files](#download-vhd-and-iso-files)<BR>
-[Convert PC to VM](#convert-pc-to-vm)<BR>
-[Resize VHD](#resize-vhd)<BR>
-[Configure Hyper-V](#configure-hyper-v)<BR>
-[Configure VMs](#configure-vms)<BR>
-
-### Verify support and install Hyper-V
-
-Starting with Windows 8, the host computer’s microprocessor must support second level address translation (SLAT) to install Hyper-V. See [Hyper-V: List of SLAT-Capable CPUs for Hosts](https://social.technet.microsoft.com/wiki/contents/articles/1401.hyper-v-list-of-slat-capable-cpus-for-hosts.aspx) for more information.
-
-1. To verify your computer supports SLAT, open an administrator command prompt,  type **systeminfo**, press ENTER, and review the section displayed at the bottom of the output, next to Hyper-V Requirements. See the following example:
-
-    <pre style="overflow-y: visible">
-    C:\>systeminfo
-
-    ...
-    Hyper-V Requirements:      VM Monitor Mode Extensions: Yes
-                               Virtualization Enabled In Firmware: Yes
-                               Second Level Address Translation: Yes
-                               Data Execution Prevention Available: Yes
-    </pre>
-
-    In this example, the computer supports SLAT and Hyper-V.
-
-    If one or more requirements are evaluated as **No** then the computer does not support installing Hyper-V.  However, if only the virtualization setting is incompatible, you might be able to enable virtualization in the BIOS and change the **Virtualization Enabled In Firmware** setting from **No** to **Yes**. The location of this setting will depend on the manufacturer and BIOS version, but is typically found associated with the BIOS security settings.
-
-    You can also identify Hyper-V support using [tools](https://blogs.msdn.microsoft.com/taylorb/2008/06/19/hyper-v-will-my-computer-run-hyper-v-detecting-intel-vt-and-amd-v/) provided by the processor manufacturer, the [msinfo32](https://technet.microsoft.com/library/cc731397.aspx) tool, or you can download the [coreinfo](https://technet.microsoft.com/sysinternals/cc835722) utility and run it, as shown in the following example:
-
-    <pre style="overflow-y: visible">
-    C:\>coreinfo -v
-
-    Coreinfo v3.31 - Dump information on system CPU and memory topology
-    Copyright (C) 2008-2014 Mark Russinovich
-    Sysinternals - www.sysinternals.com
-
-    Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
-    Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
-    Microcode signature: 0000001B
-    HYPERVISOR      -       Hypervisor is present
-    VMX             *       Supports Intel hardware-assisted virtualization
-    EPT             *       Supports Intel extended page tables (SLAT)
-    </pre>
-
-    Note: A 64-bit operating system is required to run Hyper-V.
-
-2. The Hyper-V feature is not installed by default. To install it, open an elevated Windows PowerShell window and type the following command:
-
-    <pre style="overflow-y: visible">Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V –All</pre>
-
-    This command works on all operating systems that support Hyper-V, but on Windows Server operating systems you must type an additional command to add the Hyper-V Windows PowerShell module and the Hyper-V Manager console. This command will also install Hyper-V if it isn't already installed, so if desired you can just type the following command on Windows Server 2012 or 2016 instead of using the Enable-WindowsOptionalFeature command:
-
-    <pre style="overflow-y: visible">Install-WindowsFeature -Name Hyper-V -IncludeManagementTools</pre>
-
-    When you are prompted to restart the computer, choose **Yes**. The computer might restart more than once. After installation is complete, you can open Hyper-V Manager by typing **virtmgmt.msc** at an elevated command prompt.
-
-    >Alternatively, you can install Hyper-V using the Control Panel in Windows under **Turn Windows features on or off** for a client operating system, or using Server Manager's **Add Roles and Features Wizard** on a server operating system, as shown below:
-
-    ![hyper-v feature](images/hyper-v-feature.png)
-
-    ![hyper-v](images/svr_mgr2.png)
-
-    <P>If you choose to install Hyper-V using Server Manager, accept all default selections. Also be sure to install both items under <strong>Role Administration Tools\Hyper-V Management Tools</strong>.
-
-### Download VHD and ISO files
-
-When you have completed installation of Hyper-V on the host computer, begin configuration of Hyper-V by downloading VHD and ISO files to the Hyper-V host. These files will be used to create the VMs used in the lab. Before you can download VHD and ISO files, you will need to register and sign in to the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter/) using your Microsoft account.
-
-1. Create a directory on your Hyper-V host named **C:\VHD** and download a single [Windows Server 2012 R2 VHD](https://www.microsoft.com/evalcenter/evaluate-windows-server-2012-r2) from the TechNet Evaluation Center to the **C:\VHD** directory.
-
-    **Important**: This guide assumes that VHDs are stored in the **C:\VHD** directory on the Hyper-V host. If you use a different directory to store VHDs, you must adjust steps in this guide appropriately.
-
-    After completing registration you will be able to download the 7.47 GB Windows Server 2012 R2 evaluation VHD. An example of the download offering is shown below.
-
-    <TABLE BORDER="1">
-    <tr><td> <img src="images/download_vhd.png" alt="VHD"/> </TD></TR>
-    </TABLE>
-
-2. Download the file to the **C:\VHD** directory. When the download is complete, rename the VHD file that you downloaded to **2012R2-poc-1.vhd**. This is done to make the filename simple to recognize and type.
-3. Copy the VHD to a second file also in the **C:\VHD** directory and name this VHD **2012R2-poc-2.vhd**.
-4. Download the [Windows 10 Enterprise ISO](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) from the TechNet Evaluation Center to the **C:\VHD** directory on your Hyper-V host.
-
-    >During registration, you must specify the type, version, and language of installation media to download. In this example, a Windows 10 Enterprise, 64 bit, English ISO is chosen. You can choose a different version if desired. **Note: The evaluation version of Windows 10 does not support in-place upgrade**.
-
-5. Rename the ISO file that you downloaded to **w10-enterprise.iso**. Again, this is done so that the filename is simple to type and recognize. After completing registration you will be able to download the 3.63 GB Windows 10 Enterprise evaluation ISO.
-
-After completing these steps, you will have three files in the **C:\VHD** directory: **2012R2-poc-1.vhd**, **2012R2-poc-2.vhd**, **w10-enterprise.iso**.
-
-The following displays the procedures described in this section, both before and after downloading files:
-
-<pre style="overflow-y: visible">
-C:>mkdir VHD
-C:>cd VHD
-C:\VHD&gt;ren 9600*.vhd 2012R2-poc-1.vhd
-C:\VHD&gt;copy 2012R2-poc-1.vhd 2012R2-poc-2.vhd
-   1 file(s) copied.
-C:\VHD ren *.iso w10-enterprise.iso
-C:\VHD&gt;dir /B
-2012R2-poc-1.vhd
-2012R2-poc-2.vhd
-w10-enterprise.iso
-</pre>
-
-### Convert PC to VM
-
->Important: Do not attempt to use the VM resulting from the following procedure as a reference image. Also, to avoid conflicts with existing clients, do not start the VM outside the PoC network.
-
-<TABLE BORDER="2"><tr><td>
-If you do not have a PC available to convert to VM, perform the following steps to download an evaluation VM:
-<BR>
-<OL>
-<LI>Open the <a href="https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/" data-raw-source="[Download virtual machines](https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/)">Download virtual machines</a> page.
-<LI>Under <strong>Virtual machine</strong>, choose <strong>IE11 on Win7</strong>.
-<LI>Under <strong>Select platform</strong> choose <strong>HyperV (Windows)</strong>.
-<LI>Click <strong>Download .zip</strong>. The download is 3.31 GB.
-<LI>Extract the zip file. Three directories are created.
-<LI>Open the <strong>Virtual Hard Disks</strong> directory and then copy <strong>IE11 - Win7.vhd</strong> to the <strong>C:\VHD</strong> directory.
-<LI>Rename <strong>IE11 - Win7.vhd</strong> to <strong>w7.vhd</strong> (do not rename the file to w7.vhdx).
-<LI>In step 5 of the <a href="#configure-hyper-v" data-raw-source="[Configure Hyper-V](#configure-hyper-v)">Configure Hyper-V</a> section, replace the VHD file name <strong>w7.vhdx</strong> with <strong>w7.vhd</strong>.
-</OL>
-</TABLE>
-
-If you have a PC available to convert to VM (computer 2):
-
-1. Sign in on computer 2 using an account with Administrator privileges.
-
->Important: the account used in this step must have local administrator privileges. You can use a local computer account, or a domain account with administrative rights if domain policy allows the use of cached credentials. After converting the computer to a VM, you must be able to sign in on this VM with administrator rights while the VM is disconnected from the corporate network.
-
-2. [Determine the VM generation and partition type](#determine-the-vm-generation-and-partition-type) that is required.
-3. Based on the VM generation and partition type, perform one of the following procedures: [Prepare a generation 1 VM](#prepare-a-generation-1-vm), [Prepare a generation 2 VM](#prepare-a-generation-2-vm), or [prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk).
-
-#### Determine the VM generation and partition type
-
-When creating a VM in Hyper-V, you must specify either generation 1 or generation 2. The following table describes requirements for these two types of VMs.
-
-<div style='font-size:9.0pt'>
-
-<table border="1" cellspacing="0" cellpadding="0">
-    <tr>
-        <td></td>
-        <td>Architecture</td>
-        <td>Operating system</td>
-        <td>Partition style</td>
-    </tr>
-    <tr>
-        <td>Generation 1</td>
-        <td>32-bit or 64-bit</td>
-        <td>Windows 7 or later</td>
-        <td>MBR</td>
-    </tr>
-    <tr>
-        <td>Generation 2</td>
-        <td>64-bit</td>
-        <td>Windows 8 or later</td>
-        <td>MBR or GPT</td>
-    </tr>
-</table>
-
-</div>
-
-If the PC is running a 32-bit OS or the OS is Windows 7, it must be converted to a generation 1 VM. Otherwise, it can be converted to a generation 2 VM.
-
-- To determine the OS and architecture of a PC, type **systeminfo** at a command prompt and review the output next to **OS Name** and **System Type**.
-- To determine the partition style, open a Windows PowerShell prompt on the PC and type the following command:
-
-<pre style="overflow-y: visible">
-Get-WmiObject -Class Win32_DiskPartition | Select-Object -Property SystemName,Caption,Type
-</pre>
-
-If the **Type** column does not indicate GPT, then the disk partition format is MBR ("Installable File System" = MBR). In the following example, the disk is GPT:
-
-<pre style="overflow-y: visible">
-PS C:> Get-WmiObject -Class Win32_DiskPartition | Select-Object -Property SystemName,Caption,Type
-
-SystemName                           Caption                                 Type
-----------                           -------                                 ----
-USER-PC1                             Disk #0, Partition #0                   GPT: System
-USER-PC1                             Disk #0, Partition #1                   GPT: Basic Data
-</pre>
-
-On a computer running Windows 8 or later, you can also type **Get-Disk** at a Windows PowerShell prompt to discover the partition style. The default output of this cmdlet displays the partition style for all attached disks. Both commands are displayed below. In this example, the client computer is running Windows 8.1 and uses a GPT style partition format:
-
-<pre style="overflow-y: visible">
-PS C:> Get-WmiObject -Class Win32_DiskPartition | Select-Object -Property SystemName,Caption,Type
-
-SystemName                            Caption                               Type
-----------                            -------                               ----
-PC-X1                                 Disk #0, Partition #0                 GPT: Unknown
-PC-X1                                 Disk #0, Partition #1                 GPT: System
-PC-X1                                 Disk #0, Partition #2                 GPT: Basic Data
-PC-X1                                 Disk #0, Partition #3                 GPT: Basic Data
-PC-X1                                 Disk #0, Partition #4                 GPT: Basic Data
-
-PS C:> Get-Disk
-
-Number Friendly Name                  OperationalStatus                     Total Size Partition Style
------- -------------                  -----------------                     ---------- ---------------
-0      INTEL SSDSCMMW240A3L           Online                                223.57 GB GPT
-</pre>
-
-<span id="determine-vm-generation"/>
-
-**Choosing a VM generation**
-
-The following table displays the Hyper-V VM generation to choose based on the OS, architecture, and partition style. Links to procedures to create the corresponding VMs are included.
-
-<div style='font-size:9.0pt'>
-
-<table border="1" cellspacing="0" cellpadding="0">
-    <tr>
-        <td>OS</td>
-        <td>Partition style</td>
-        <td>Architecture</td>
-        <td>VM generation</td>
-        <td>Procedure</td>
-    </tr>
-    <tr>
-        <td rowspan="4">Windows 7</td>
-        <td rowspan="2">MBR</td>
-        <td>32</td>
-        <td>1</td>
-        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
-    </tr>
-    <tr>
-        <td>64</td>
-        <td>1</td>
-        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
-    </tr>
-    <tr>
-        <td rowspan="2">GPT</td>
-        <td>32</td>
-        <td>N/A</td>
-        <td>N/A</td>
-    </tr>
-    <tr>
-        <td>64</td>
-        <td>1</td>
-        <td><a href="#prepare-a-generation-1-vm-from-a-gpt-disk" data-raw-source="[Prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk)">Prepare a generation 1 VM from a GPT disk</a></td>
-    </tr>
-    <tr>
-        <td rowspan="4">Windows 8 or later</td>
-        <td rowspan="2">MBR</td>
-        <td>32</td>
-        <td>1</td>
-        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
-    </tr>
-    <tr>
-        <td>64</td>
-        <td>1, 2</td>
-        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
-    </tr>
-    <tr>
-        <td rowspan="2">GPT</td>
-        <td>32</td>
-        <td>1</td>
-        <td><a href="#prepare-a-generation-1-vm-from-a-gpt-disk" data-raw-source="[Prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk)">Prepare a generation 1 VM from a GPT disk</a></td>
-    </tr>
-    <tr>
-        <td>64</td>
-        <td>2</td>
-        <td><a href="#prepare-a-generation-2-vm" data-raw-source="[Prepare a generation 2 VM](#prepare-a-generation-2-vm)">Prepare a generation 2 VM</a></td>
-    </tr>
-</table>
-
-</div>
-
-Notes:<BR>
-<UL>
-<LI>If the PC is running Windows 7, it can only be converted and hosted in Hyper-V as a generation 1 VM. This Hyper-V requirement means that if the Windows 7 PC is also using a GPT partition style, the OS disk can be shadow copied, but a new system partition must be created. In this case, see <a href="#prepare-a-generation-1-vm-from-a-gpt-disk" data-raw-source="[Prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk)">Prepare a generation 1 VM from a GPT disk</a>.
-<LI>If the PC is running Windows 8 or later and uses the GPT partition style, you can capture the disk image and create a generation 2 VM. To do this, you must temporarily mount the EFI system partition which is accomplished using the <strong>mountvol</strong> command. In this case, see <a href="#prepare-a-generation-2-vm" data-raw-source="[Prepare a generation 2 VM](#prepare-a-generation-2-vm)">Prepare a generation 2 VM</a>.
-<LI>If the PC is using an MBR partition style, you can convert the disk to VHD and use it to create a generation 1 VM. If you use the Disk2VHD tool described in this guide, it is not necessary to mount the MBR system partition, but it is still necessary to capture it. In this case, see <a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a>.
-</UL>
-
-#### Prepare a generation 1 VM
-
-1. Download the [Disk2vhd utility](https://technet.microsoft.com/library/ee656415.aspx), extract the .zip file and copy **disk2vhd.exe** to a flash drive or other location that is accessible from the computer you wish to convert.
-
-    >You might experience timeouts if you attempt to run Disk2vhd from a network share, or specify a network share for the destination. To avoid timeouts, use local, portable media such as a USB drive.
-
-2. On the computer you wish to convert, double-click the disk2vhd utility to start the graphical user interface.
-3. Select the checkboxes next to the **C:\\** and the **system reserved** (BIOS/MBR) volumes. The system volume is not assigned a drive letter, but will be displayed in the Disk2VHD tool with a volume label similar to **\\?\Volume{**. See the following example. **Important**: You must include the system volume in order to create a bootable VHD. If this volume is not displayed in the disk2vhd tool, then the computer is likely to be using the GPT partition style. For more information, see [Determine VM generation](#determine-vm-generation).
-4. Specify a location to save the resulting VHD or VHDX file (F:\VHD\w7.vhdx in the following example) and click **Create**. See the following example:
-
-    ![disk2vhd](images/disk2vhd.png)
-
-    >Disk2vhd can save VHDs to local hard drives, even if they are the same as the volumes being converted. Performance is better however when the VHD is saved on a disk different than those being converted, such as a flash drive.
-
-5. When the Disk2vhd utility has completed converting the source computer to a VHD, copy the VHDX file (w7.vhdx) to your Hyper-V host in the C:\VHD directory. There should now be four files in this directory:
-
-    <pre style="overflow-y: visible">
-    C:\vhd>dir /B
-    2012R2-poc-1.vhd
-    2012R2-poc-2.vhd
-    w10-enterprise.iso
-    w7.VHDX
-    </pre>
-
-#### Prepare a generation 2 VM
-
-1. Download the [Disk2vhd utility](https://technet.microsoft.com/library/ee656415.aspx), extract the .zip file and copy **disk2vhd.exe** to a flash drive or other location that is accessible from the computer you wish to convert.
-
-    >You might experience timeouts if you attempt to run Disk2vhd from a network share, or specify a network share for the destination. To avoid timeouts, use local, portable media such as a USB drive.
-
-2. On the computer you wish to convert, open an elevated command prompt and type the following command:
-
-    <pre style="overflow-y: visible">mountvol s: /s</pre>
-
-    This command temporarily assigns a drive letter of S to the system volume and mounts it. If the letter S is already assigned to a different volume on the computer, then choose one that is available (ex: mountvol z: /s).
-
-3. On the computer you wish to convert, double-click the disk2vhd utility to start the graphical user interface.
-4. Select the checkboxes next to the **C:\\** and the **S:\\** volumes, and clear the **Use Volume Shadow Copy checkbox**. Volume shadow copy will not work if the EFI system partition is selected.
-
-    **Important**: You must include the EFI system partition in order to create a bootable VHD. The Windows RE tools partition (shown below) is not required, but it can also be converted if desired.
-
-5. Specify a location to save the resulting VHD or VHDX file (F:\VHD\PC1.vhdx in the following example) and click **Create**. See the following example:
-
-    ![disk2vhd](images/disk2vhd-gen2.png)
-
-    >Disk2vhd can save VHDs to local hard drives, even if they are the same as the volumes being converted. Performance is better however when the VHD is saved on a disk different than those being converted, such as a flash drive.
-
-6. When the Disk2vhd utility has completed converting the source computer to a VHD, copy the VHDX file (PC1.vhdx) to your Hyper-V host in the C:\VHD directory. There should now be four files in this directory:
-
-    <pre style="overflow-y: visible">
-    C:\vhd>dir /B
-    2012R2-poc-1.vhd
-    2012R2-poc-2.vhd
-    w10-enterprise.iso
-    PC1.VHDX
-    </pre>
-
-#### Prepare a generation 1 VM from a GPT disk
-
-1. Download the [Disk2vhd utility](https://technet.microsoft.com/library/ee656415.aspx), extract the .zip file and copy **disk2vhd.exe** to a flash drive or other location that is accessible from the computer you wish to convert.
-
-    >You might experience timeouts if you attempt to run Disk2vhd from a network share, or specify a network share for the destination. To avoid timeouts, use local, portable media such as a USB drive.
-
-2. On the computer you wish to convert, double-click the disk2vhd utility to start the graphical user interface.
-3. Select the checkbox next to the **C:\\** volume and clear the checkbox next to **Use Vhdx**. Note: the system volume is not copied in this scenario, it will be added later.
-4. Specify a location to save the resulting VHD file (F:\VHD\w7.vhd in the following example) and click **Create**. See the following example:
-
-    ![disk2vhd](images/disk2vhd4.png)
-
-    >Disk2vhd can save VHDs to local hard drives, even if they are the same as the volumes being converted. Performance is better however when the VHD is saved on a disk different than those being converted, such as a flash drive.
-
-5. When the Disk2vhd utility has completed converting the source computer to a VHD, copy the VHD file (w7.vhd) to your Hyper-V host in the C:\VHD directory. There should now be four files in this directory:
-
-    <pre style="overflow-y: visible">
-    C:\vhd>dir /B
-    2012R2-poc-1.vhd
-    2012R2-poc-2.vhd
-    w10-enterprise.iso
-    w7.VHD
-    </pre>
-
-    >In its current state, the w7.VHD file is not bootable. The VHD will be used to create a bootable VM later in the [Configure Hyper-V](#configure-hyper-v) section.
-
-### Resize VHD
-
-<HR size="4">
-<strong><I>Enhanced session mode</I></strong>
-
-**Important**: Before proceeding, verify that you can take advantage of [enhanced session mode](https://technet.microsoft.com/windows-server-docs/compute/hyper-v/learn-more/Use-local-resources-on-Hyper-V-virtual-machine-with-VMConnect) when completing instructions in this guide. Enhanced session mode enables you to copy and paste the commands from the Hyper-V host to VMs, between VMs, and between RDP sessions. After copying some text, you can paste into a Windows PowerShell window by simply right-clicking. Before right-clicking, do not left click other locations as this can empty the clipboard. You can also copy and paste <U>files</U> directly from one computer to another by right-clicking and selecting copy on one computer, then right-clicking and selecting paste on another computer.
-
-To ensure that enhanced session mode is enabled on the Hyper-V host, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-<pre style="overflow-y: visible">Set-VMhost -EnableEnhancedSessionMode $TRUE</pre>
-
->If enhanced session mode was not previously enabled, close any existing virtual machine connections and re-open them to enable access to enhanced session mode. As mentioned previously: instructions to "type" commands provided in this guide can be typed, but the preferred method is to copy and paste these commands. Most of the commands to this point in the guide have been brief, but many commands in sections below are longer and more complex.
-
-<HR size="4">
-
-The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to 100GB to support installing imaging tools and storing OS images.
-
-1. To add available space for the partition, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
-
-    <pre style="overflow-y: visible">
-    Resize-VHD –Path c:\VHD\2012R2-poc-2.vhd –SizeBytes 100GB
-    $x = (Mount-VHD –Path c:\VHD\2012R2-poc-2.vhd -passthru | Get-Disk | Get-Partition | Get-Volume).DriveLetter
-    Resize-Partition -DriveLetter $x -Size (Get-PartitionSupportedSize -DriveLetter $x).SizeMax
-    </pre>
-
-2. Verify that the mounted VHD drive is resized to 100 GB, and then dismount the drive:
-
-    <pre style="overflow-y: visible">
-    Get-Volume -DriveLetter $x
-    Dismount-VHD –Path c:\VHD\2012R2-poc-2.vhd</pre>
-
-### Configure Hyper-V
-
-1. Open an elevated Windows PowerShell window and type the following command to create two virtual switches named "poc-internal" and "poc-external":
-
-    >If the Hyper-V host already has an external virtual switch bound to a physical NIC, do not attempt to add a second external virtual switch. Attempting to add a second external switch will result in an error indicating that the NIC is **already bound to the Microsoft Virtual Switch protocol.** In this case, choose one of the following options:<BR>
-    &nbsp;&nbsp;&nbsp;A) Remove the existing external virtual switch, then add the poc-external switch<BR>
-    &nbsp;&nbsp;&nbsp;B) Rename the existing external switch to "poc-external"<BR>
-    &nbsp;&nbsp;&nbsp;C) Replace each instance of "poc-external" used in this guide with the name of your existing external virtual switch<BR>
-    If you choose B) or C), then do not run the second command below.
-
-    <pre style="overflow-y: visible">
-    New-VMSwitch -Name poc-internal -SwitchType Internal -Notes "PoC Network"
-    New-VMSwitch -Name poc-external -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name -Notes "PoC External"
-    </pre>
-
-    **Note**: The second command above will temporarily interrupt network connectivity on the Hyper-V host.
-
-    >Since an external virtual switch is associated to a physical network adapter on the Hyper-V host, this adapter must be specified when adding the virtual switch. The previous commands automate this by filtering for active non-virtual ethernet adapters using the Get-NetAdapter cmdlet ($_.Status -eq "Up" -and !$_.Virtual). If your Hyper-V host is dual-homed with multiple active ethernet adapters, this automation will not work, and the second command above will fail. In this case, you must edit the command used to add the "poc-external" virtual switch by inserting the appropriate NetAdapterName. The NetAdapterName value corresponds to the name of the network interface you wish to use. For example, if the network interface you use on the Hyper-V host to connect to the Internet is named "Ethernet 2" then type the following command to create an external virtual switch: New-VMSwitch -Name poc-external -NetAdapterName "Ethernet 2" -Notes "PoC External"
-
-2. At the elevated Windows PowerShell prompt, type the following command to determine the megabytes of RAM that are currently available on the Hyper-V host:
-
-    <pre style="overflow-y: visible">
-    (Get-VMHostNumaNode).MemoryAvailable
-    </pre>
-
-    This command will display the megabytes of RAM available for VMs. On a Hyper-V host computer with 16 GB of physical RAM installed, 10,000 MB of RAM or greater should be available if the computer is not also running other applications. On a computer with 8 GB of physical RAM installed, at least 4000 MB should be available. If the computer has less RAM available than this, try closing applications to free up more memory.
-
-3. Determine the available memory for VMs by dividing the available RAM by 4.  For example:
-
-    <pre style="overflow-y: visible">
-    (Get-VMHostNumaNode).MemoryAvailable/4
-    2775.5
-    </pre>
-
-    In this example, VMs can use a maximum of 2700 MB of RAM each, to run four VMs simultaneously.
-
-4. At the elevated Windows PowerShell prompt, type the following command to create two new VMs. Other VMs will be added later.
-    >**Important**: Replace the value of 2700MB for $maxRAM in the first command below with the RAM value that you calculated in the previous step.
-
-    <pre style="overflow-y: visible">
-    $maxRAM = 2700MB
-    New-VM -Name "DC1" -VHDPath c:\vhd\2012R2-poc-1.vhd -SwitchName poc-internal
-    Set-VMMemory -VMName "DC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
-    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName DC1
-    New-VM -Name "SRV1" -VHDPath c:\vhd\2012R2-poc-2.vhd -SwitchName poc-internal
-    Add-VMNetworkAdapter -VMName "SRV1" -SwitchName "poc-external"
-    Set-VMMemory -VMName "SRV1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 80
-    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName SRV1
-    </pre>
-
-    **Note**: The RAM values assigned to VMs in this step are not permanent, and can be easily increased or decreased later if needed to address performance issues.
-
-5. Using the same elevated Windows PowerShell prompt that was used in the previous step, type one of the following sets of commands, depending on the type of VM that was prepared in the [Determine VM generation](#determine-vm-generation) section, either generation 1, generation 2, or generation 1 with GPT.
-
-    To create a generation 1 VM (using c:\vhd\w7.vhdx):
-
-    <pre style="overflow-y: visible">
-    New-VM -Name "PC1" -VHDPath c:\vhd\w7.vhdx -SwitchName poc-internal
-    Set-VMMemory -VMName "PC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
-    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName PC1
-    </pre>
-
-    To create a generation 2 VM (using c:\vhd\PC1.vhdx):
-
-    <pre style="overflow-y: visible">
-    New-VM -Name "PC1" -Generation 2 -VHDPath c:\vhd\PC1.vhdx -SwitchName poc-internal
-    Set-VMMemory -VMName "PC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
-    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName PC1
-    </pre>
-
-    To create a generation 1 VM from a GPT disk (using c:\vhd\w7.vhd):
-
-    >Note: The following procedure is more complex because it includes steps to convert the OS partition from GPT to MBR format. Steps are included to create a temporary VHD and attach it to the VM, the OS image is saved to this drive, the OS drive is then reformatted to MBR, the OS image restored, and the temporary drive is removed.
-
-    First, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host to create a temporary VHD that will be used to save the OS image. Do not forget to include a pipe (|) at the end of the first five commands:
-
-    <pre style="overflow-y: visible">
-    New-VHD -Path c:\vhd\d.vhd -SizeBytes 1TB |
-    Mount-VHD -Passthru |
-    Get-Disk -Number {$_.DiskNumber} |
-    Initialize-Disk -PartitionStyle MBR -PassThru |
-    New-Partition -UseMaximumSize |
-    Format-Volume -Confirm:$false -FileSystem NTFS -force
-    Dismount-VHD -Path c:\vhd\d.vhd
-    </pre>
-
-    Next, create the PC1 VM with two attached VHDs, and boot to DVD ($maxram must be defined previously using the same Windows PowerShell promt):
-
-    <pre style="overflow-y: visible">
-    New-VM -Name "PC1" -VHDPath c:\vhd\w7.vhd -SwitchName poc-internal
-    Add-VMHardDiskDrive -VMName PC1 -Path c:\vhd\d.vhd
-    Set-VMDvdDrive -VMName PC1 -Path c:\vhd\w10-enterprise.iso
-    Set-VMMemory -VMName "PC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
-    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName PC1
-    Start-VM PC1
-    vmconnect localhost PC1
-    </pre>
-
-    The VM will automatically boot into Windows Setup. In the PC1 window:
-
-   1. Click **Next**.
-   2. Click **Repair your computer**.
-   3. Click **Troubleshoot**.
-   4. Click **Command Prompt**.
-   5. Type the following command to save an image of the OS drive:
-
-      <pre style="overflow-y: visible">
-      dism /Capture-Image /ImageFile:D:\c.wim /CaptureDir:C:\ /Name:Drive-C
-      </pre>
-
-   6. Wait for the OS image to complete saving, and then type the following commands to convert the C: drive to MBR:
-
-      <pre style="overflow-y: visible">
-      diskpart
-      select disk 0
-      clean
-      convert MBR
-      create partition primary size=100
-      format fs=ntfs quick
-      active
-      create partition primary
-      format fs=ntfs quick label=OS
-      assign letter=c
-      exit
-      </pre>
-
-   7. Type the following commands to restore the OS image and boot files:
-
-      <pre style="overflow-y: visible">
-      dism /Apply-Image /ImageFile:D:\c.wim /Index:1 /ApplyDir:C:\
-      bcdboot c:\windows
-      exit
-      </pre>
-
-   8. Click **Continue** and verify the VM boots successfully (do not boot from DVD).
-   9. Click **Ctrl+Alt+Del**, and then in the bottom right corner, click **Shut down**.
-   10. Type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host to remove the temporary disks and drives from PC1:
-
-       <pre style="overflow-y: visible">
-       Remove-VMHardDiskDrive -VMName PC1 -ControllerType IDE -ControllerNumber 0 -ControllerLocation 1
-       Set-VMDvdDrive -VMName PC1 -Path $null
-       </pre>
-
-### Configure VMs
-
-1. At an elevated Windows PowerShell prompt on the Hyper-V host, start the first Windows Server VM and connect to it by typing the following commands:
-
-    <pre style="overflow-y: visible">
-    Start-VM DC1
-    vmconnect localhost DC1
-    </pre>
-
-2. Click **Next** to accept the default settings, read the license terms and click **I accept**, provide an administrator password of <strong>pass@word1</strong>, and click **Finish**.
-3. Click **Ctrl+Alt+Del** in the upper left corner of the virtual machine connection window, and then sign in to DC1 using the Administrator account.
-4. Right-click **Start**, point to **Shut down or sign out**, and click **Sign out**. The VM connection will reset and a new connection dialog box will appear enabling you to choose a custom display configuration. Select a desktop size, click **Connect** and sign in again with the local Administrator account. Note: Signing in this way ensures that [enhanced session mode](https://technet.microsoft.com/windows-server-docs/compute/hyper-v/learn-more/Use-local-resources-on-Hyper-V-virtual-machine-with-VMConnect) is enabled. It is only necessary to do this the first time you sign in to a new VM.
-5. If DC1 is configured as described in this guide, it will currently be assigned an APIPA address, have a randomly generated hostname, and a single network adapter named "Ethernet." Open an elevated Windows PowerShell prompt on DC1 and type or paste the following commands to provide a new hostname and configure a static IP address and gateway:
-
-    <pre style="overflow-y: visible">
-    Rename-Computer DC1
-    New-NetIPAddress –InterfaceAlias Ethernet –IPAddress 192.168.0.1 –PrefixLength 24 -DefaultGateway 192.168.0.2
-    Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses 192.168.0.1,192.168.0.2
-    </pre>
-
-   > The default gateway at 192.168.0.2 will be configured later in this guide.
-   > 
-   > Note: A list of available tasks for an app will be populated the first time you run it on the taskbar. Because these tasks aren't available until the App has been run, you will not see the **Run as Administrator** task until you have left-clicked Windows PowerShell for the first time. In this newly created VM, you will need to left-click Windows PowerShell one time, and then you can right-click and choose Run as Administrator to open an elevated Windows PowerShell prompt.
-
-6. Install the Active Directory Domain Services role by typing the following command at an elevated Windows PowerShell prompt:
-
-    <pre style="overflow-y: visible">
-    Install-WindowsFeature -Name AD-Domain-Services -IncludeAllSubFeature -IncludeManagementTools
-    </pre>
-
-7. Before promoting DC1 to a Domain Controller, you must reboot so that the name change in step 3 above takes effect. To restart the computer, type the following command at an elevated Windows PowerShell prompt:
-
-    <pre style="overflow-y: visible">
-    Restart-Computer
-    </pre>
-
-8. When DC1 has rebooted, sign in again and open an elevated Windows PowerShell prompt. Now you can promote the server to be a domain controller. The directory services restore mode password must be entered as a secure string. Type the following commands at the elevated Windows PowerShell prompt:
-
-    <pre style="overflow-y: visible">
-    $pass = "pass@word1" | ConvertTo-SecureString -AsPlainText -Force
-    Install-ADDSForest -DomainName contoso.com -InstallDns -SafeModeAdministratorPassword $pass -Force
-    </pre>
-
-    Ignore any warnings that are displayed. The computer will automatically reboot upon completion.
-
-9. When the reboot has completed, reconnect to DC1, sign in using the CONTOSO\Administrator account, open an elevated Windows PowerShell prompt, and use the following commands to add a reverse lookup zone for the PoC network, add the DHCP Server role, authorize DHCP in Active Directory, and suppress the post-DHCP-install alert:
-
-    <pre style="overflow-y: visible">
-    Add-DnsServerPrimaryZone -NetworkID "192.168.0.0/24" -ReplicationScope Forest
-    Add-WindowsFeature -Name DHCP -IncludeManagementTools
-    netsh dhcp add securitygroups
-    Restart-Service DHCPServer
-    Add-DhcpServerInDC  dc1.contoso.com  192.168.0.1
-    Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2
-    </pre>
-
-10. Next, add a DHCP scope and set option values:
-
-    <pre style="overflow-y: visible">
-    Add-DhcpServerv4Scope -Name "PoC Scope" -StartRange 192.168.0.100 -EndRange 192.168.0.199 -SubnetMask 255.255.255.0 -Description "Windows 10 PoC" -State Active
-    Set-DhcpServerv4OptionValue -ScopeId 192.168.0.0 -DnsDomain contoso.com -Router 192.168.0.2 -DnsServer 192.168.0.1,192.168.0.2 -Force
-    </pre>
-
-    >The -Force option is necessary when adding scope options to skip validation of 192.168.0.2 as a DNS server because we have not configured it yet. The scope should immediately begin issuing leases on the PoC network. The first DHCP lease that will be issued is to vEthernet interface on the Hyper-V host, which is a member of the internal network. You can verify this by using the command: Get-DhcpServerv4Lease -ScopeId 192.168.0.0.
-
-11. The DNS server role will also be installed on the member server, SRV1, at 192.168.0.2 so that we can forward DNS queries from DC1 to SRV1 to resolve Internet names without having to configure a forwarder outside the PoC network. Since the IP address of SRV1 already exists on DC1's network adapter, it will be automatically added during the DCPROMO process. To verify this server-level DNS forwarder on DC1, type the following command at an elevated Windows PowerShell prompt on DC1:
-
-    <pre style="overflow-y: visible">
-    Get-DnsServerForwarder
-    </pre>
-
-    The following output should be displayed:
-
-    <pre style="overflow-y: visible">
-    UseRootHint        : True
-    Timeout(s)         : 3
-    EnableReordering   : True
-    IPAddress          : 192.168.0.2
-    ReorderedIPAddress : 192.168.0.2
-    </pre>
-
-    If this output is not displayed, you can use the following command to add SRV1 as a forwarder:
-
-    <pre style="overflow-y: visible">
-    Add-DnsServerForwarder -IPAddress 192.168.0.2
-    </pre>
-
-    **Configure service and user accounts**
-
-    Windows 10 deployment with MDT and System Center Configuration Manager requires specific accounts to perform some actions. Service accounts will be created to use for these tasks. A user account is also added in the contoso.com domain that can be used for testing purposes. In the test lab environment, passwords are set to never expire.
-
-    >To keep this test lab relatively simple, we will not create a custom OU structure and set permissions. Required permissions are enabled by adding accounts to the Domain Admins group. To configure these settings in a production environment, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
-    On DC1, open an elevated Windows PowerShell prompt and type the following commands:
-
-    <pre style="overflow-y: visible">
-    New-ADUser -Name User1 -UserPrincipalName user1 -Description "User account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
-    New-ADUser -Name MDT_BA -UserPrincipalName MDT_BA -Description "MDT Build Account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
-    New-ADUser -Name CM_JD -UserPrincipalName CM_JD -Description "Configuration Manager Join Domain Account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
-    New-ADUser -Name CM_NAA -UserPrincipalName CM_NAA -Description "Configuration Manager Network Access Account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
-    Add-ADGroupMember "Domain Admins" MDT_BA,CM_JD,CM_NAA
-    Set-ADUser -Identity user1 -PasswordNeverExpires $true
-    Set-ADUser -Identity administrator -PasswordNeverExpires $true
-    Set-ADUser -Identity MDT_BA -PasswordNeverExpires $true
-    Set-ADUser -Identity CM_JD -PasswordNeverExpires $true
-    Set-ADUser -Identity CM_NAA -PasswordNeverExpires $true
-    </pre>
-
-12. Minimize the DC1 VM window but **do not stop** the VM.
-
-    Next, the client VM will be started and joined to the contoso.com domain. This is done before adding a gateway to the PoC network so that there is no danger of duplicate DNS registrations for the physical client and its cloned VM in the corporate domain.
-
-13. If the PC1 VM is not started yet, using an elevated Windows PowerShell prompt on the Hyper-V host, start the client VM (PC1), and connect to it:
-
-    <pre style="overflow-y: visible">
-    Start-VM PC1
-    vmconnect localhost PC1
-    </pre>
-
-14. Sign in to PC1 using an account that has local administrator rights.
-
-    >PC1 will be disconnected from its current domain, so you cannot use a domain account to sign on unless these credentials are cached and the use of cached credentials is permitted by Group Policy. If cached credentials are available and permitted, you can use these credentials to sign in. Otherwise, use an existing local administrator account.
-
-15. After signing in, the operating system detects that it is running in a new environment. New drivers will be automatically installed, including the network adapter driver. The network adapter driver must be updated before you can proceed, so that you will be able to join the contoso.com domain. Depending on the resources allocated to PC1, installing the network adapter driver might take a few minutes. You can monitor device driver installation by clicking **Show hidden icons** in the notification area.
-
-    ![PoC](images/installing-drivers.png)
-
-    >If the client was configured with a static address, you must change this to a dynamic one so that it can obtain a DHCP lease.
-
-16. When the new network adapter driver has completed installation, you will receive an alert to set a network location for the contoso.com network. Select **Work network** and then click **Close**. When you receive an alert that a restart is required, click **Restart Later**.
-
-17. Open an elevated Windows PowerShell prompt on PC1 and verify that the client VM has received a DHCP lease and can communicate with the consoto.com domain controller.
-
-    To open Windows PowerShell on Windows 7, click **Start**, and search for "**power**." Right-click **Windows PowerShell** and then click **Pin to Taskbar** so that it is simpler to use Windows Powershell during this lab. Click **Windows PowerShell** on the taskbar, and then type **ipconfig** at the prompt to see the client's current IP address. Also type **ping dc1.contoso.com** and **nltest /dsgetdc:contoso.com** to verify that it can reach the domain controller. See the following examples of a successful network connection:
-
-    ```
-    ipconfig
-
-    Windows IP Configuration
-
-    Ethernet adapter Local Area Connection 3:
-        Connection-specific DNS Suffix  . : contoso.com
-        Link-local IPv6 Address . . . . . : fe80::64c2:4d2a:7403:6e02%18
-        Ipv4 Address. . . . . . . . . . . : 192.168.0.101
-        Subnet Mask . . . . . . . . . . . : 255.255.255.0
-        Default Gateway . . . . . . . . . : 192.168.0.2
-
-    ping dc1.contoso.com
-
-    Pinging dc1.contoso.com [192.168.0.1] with 32 bytes of data:
-    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
-    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
-    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
-    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
-
-    nltest /dsgetdc:contoso.com
-               DC: \\DC1
-          Address: \\192.168.0.1
-         Dom Guid: fdbd0643-d664-411b-aea0-fe343d7670a8
-         Dom Name: CONTOSO
-      Forest Name: contoso.com
-     Dc Site Name: Default-First-Site-Name
-    Our Site Name: Default-First-Site-Name
-            Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_FOREST CLOSE_SITE FULL_SECRET WS 0xC000
-    ```
-
-    >If PC1 is running Windows 7, enhanced session mode might not be available, which means that you cannot copy and paste commands from the Hyper-V host to a Windows PowerShell prompt on PC1. However, it is possible to use integration services to copy a file from the Hyper-V host to a VM. The next procedure demonstrates this. If the Copy-VMFile command fails, then type the commands below at an elevated Windows PowerShell prompt on PC1 instead of saving them to a script to run remotely. If PC1 is running Windows 8 or a later operating system, you can use enhanced session mode to copy and paste these commands instead of typing them.
-
-18. Minimize the PC1 window and switch to the Hyper-V host computer. Open an elevated Windows PowerShell ISE window on the Hyper-V host (right-click Windows PowerShell and then click **Run ISE as Administrator**) and type the following commands in the (upper) script editor pane:
-
-    <pre style="overflow-y: visible">
-    (Get-WmiObject Win32_ComputerSystem).UnjoinDomainOrWorkgroup($null,$null,0)
-    $pass = "pass@word1" | ConvertTo-SecureString -AsPlainText -Force
-    $user = "contoso\administrator"
-    $cred = New-Object System.Management.Automation.PSCredential($user,$pass)
-    Add-Computer -DomainName contoso.com -Credential $cred
-    Restart-Computer
-    </pre>
-
-    >If you do not see the script pane, click **View** and verify **Show Script Pane Top** is enabled. Click **File** and then click **New**.
-
-    See the following example:
-
-    ![ISE](images/ISE.png)
-
-19. Click **File**, click **Save As**, and save the commands as **c:\VHD\pc1.ps1** on the Hyper-V host.
-20. In the (lower) terminal input window, type the following commands to enable Guest Service Interface on PC1 and then use this service to copy the script to PC1:
-
-    <pre style="overflow-y: visible">
-    Enable-VMIntegrationService -VMName PC1 -Name "Guest Service Interface"
-    Copy-VMFile "PC1" –SourcePath "C:\VHD\pc1.ps1"  –DestinationPath "C:\pc1.ps1" –CreateFullPath –FileSource Host
-    </pre>
-
-    >In order for this command to work properly, PC1 must be running the vmicguestinterface (Hyper-V Guest Service Interface) service. If this service is not enabled in this step, then the copy-VMFile command will fail. In this case, you can try updating integration services on the VM by mounting the Hyper-V Integration Services Setup (vmguest.iso), which is located in C:\Windows\System32 on Windows Server 2012 and 2012 R2 operating systems that are running the Hyper-V role service.
-
-    If the copy-vmfile command does not work and you cannot properly enable or upgrade integration services on PC1, then create the file c:\pc1.ps1 on the VM by typing the commands into this file manually. The copy-vmfile command is only used in this procedure as a demonstration of automation methods that can be used in a Hyper-V environment when enhanced session mode is not available. After typing the script file manually, be sure to save the file as a Windows PowerShell script file with the .ps1 extension and not as a text (.txt) file.
-
-21. On PC1, type the following commands at an elevated Windows PowerShell prompt:
-
-    <pre style="overflow-y: visible">
-    Get-Content c:\pc1.ps1 | powershell.exe -noprofile -
-    </pre>
-
-    >The commands in this script might take a few moments to complete. If an error is displayed, check that you typed the command correctly, paying close attention to spaces. PC1 is removed from its domain in this step while not connected to the corporate network so as to ensure the computer object in the corporate domain is unaffected. PC1 is also not renamed to "PC1" in system properties so that it maintains some of its mirrored identity. However, if desired you can also rename the computer.
-
-22. Upon completion of the script, PC1 will automatically restart. When it has restarted, sign in to the contoso.com domain using the **Switch User** option, with the **user1** account you created in step 11 of this section.
-    >**Important**: The settings that will be used later to migrate user data specifically select only accounts that belong to the CONTOSO domain. However, this can be changed to migrate all user accounts, or only other specified accounts. If you wish to test migration of user data and settings with accounts other than those in the CONTOSO domain, you must specify these accounts or domains when you configure the value of **ScanStateArgs** in the MDT test lab guide. This value is specifically called out when you get to that step. If you wish to only migrate CONTOSO accounts, then you can log in with the user1 account or the administrator account at this time and modify some of the files and settings for later use in migration testing.
-23. Minimize the PC1 window but do not turn it off while the second Windows Server 2012 R2 VM (SRV1) is configured. This verifies that the Hyper-V host has enough resources to run all VMs simultaneously. Next, SRV1 will be started, joined to the contoso.com domain, and configured with RRAS and DNS services.
-24. On the Hyper-V host computer, at an elevated Windows PowerShell prompt, type the following commands:
-
-    <pre style="overflow-y: visible">
-    Start-VM SRV1
-    vmconnect localhost SRV1
-    </pre>
-
-25. Accept the default settings, read license terms and accept them, provide an administrator password of <strong>pass@word1</strong>, and click **Finish**. When you are prompted about finding PCs, devices, and content on the network, click **Yes**.
-26. Sign in to SRV1 using the local administrator account. In the same way that was done on DC1, sign out of SRV1 and then sign in again to enable enhanced session mode. This will enable you to copy and paste Windows PowerShell commands from the Hyper-V host to the VM.
-27. Open an elevated Windows PowerShell prompt on SRV1 and type the following commands:
-
-    <pre style="overflow-y: visible">
-    Rename-Computer SRV1
-    New-NetIPAddress –InterfaceAlias Ethernet –IPAddress 192.168.0.2 –PrefixLength 24
-    Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses 192.168.0.1,192.168.0.2
-    Restart-Computer
-    </pre>
-
-    >[!IMPORTANT]
-    >Verify that you are configuring the correct interface in this step. The commands in this step assume that the poc-internal interface on SRV1 is named "Ethernet."  If you are unsure how to check the interface, see step #30 below for instructions and tips on how to verify and modify the interface name.
-
-28. Wait for the computer to restart, sign in again, then type the following commands at an elevated Windows PowerShell prompt:
-
-    <pre style="overflow-y: visible">
-    $pass = "pass@word1" | ConvertTo-SecureString -AsPlainText -Force
-    $user = "contoso\administrator"
-    $cred = New-Object System.Management.Automation.PSCredential($user,$pass)
-    Add-Computer -DomainName contoso.com -Credential $cred
-    Restart-Computer
-    </pre>
-
-29. Sign in to the contoso.com domain on SRV1 using the domain administrator account (enter contoso\administrator as the user), open an elevated Windows PowerShell prompt, and type the following commands:
-
-    <pre style="overflow-y: visible">
-    Install-WindowsFeature -Name DNS -IncludeManagementTools
-    Install-WindowsFeature -Name WDS -IncludeManagementTools
-    Install-WindowsFeature -Name Routing -IncludeManagementTools
-    </pre>
-
-30. Before configuring the routing service that was just installed, verify that network interfaces were added to SRV1 in the right order, resulting in an interface alias of "Ethernet" for the private interface, and an interface alias of "Ethernet 2" for the public interface. Also verify that the external interface has a valid external DHCP IP address lease.
-
-    To view a list of interfaces, associated interface aliases, and IP addresses on SRV1, type the following Windows PowerShell command. Example output of the command is also shown below:
-
-    <pre style="overflow-y: visible">
-    Get-NetAdapter | ? status -eq ‘up’ | Get-NetIPAddress -AddressFamily IPv4 | ft IPAddress, InterfaceAlias
-
-    IPAddress                                                                  InterfaceAlias
-    ---------                                                                  --------------
-    10.137.130.118                                                             Ethernet 2
-    192.168.0.2                                                                Ethernet
-    </pre>
-
-    In this example, the poc-internal network interface at 192.168.0.2 is associated with the "Ethernet" interface and the Internet-facing poc-external interface is associated with the "Ethernet 2" interface. If your interfaces are different, you must adjust the commands provided in the next step appropriately to configure routing services. Also note that if the "Ethernet 2" interface has an IP address in the 192.168.0.100-105 range then it likely is getting a DHCP lease from DC1 instead of your corporate network. If this is the case, you can try removing and re-adding the second network interface from the SRV1 VM through its Hyper-V settings.
-
-    >[!TIP]
-    >Sometimes a computer will have hidden, disconnected interfaces that prevent you from naming a network adapter. When you attempt to rename an adapter, you will receive an error that the adapter name already exists. These disconnected devices can be viewed in device manager by clicking **View** and then clicking **Show hidden devices**. The disconnected device can then be uninstalled, enabling you to reuse the adapter name.
-
-
-31. To configure SRV1 with routing capability for the PoC network, type or paste the following commands at an elevated Windows PowerShell prompt on SRV1:
-
-    <pre style="overflow-y: visible">
-    Install-RemoteAccess -VpnType Vpn
-    cmd /c netsh routing ip nat install
-    cmd /c netsh routing ip nat add interface name="Ethernet 2" mode=FULL
-    cmd /c netsh routing ip nat add interface name="Ethernet" mode=PRIVATE
-    cmd /c netsh routing ip nat add interface name="Internal" mode=PRIVATE
-    </pre>
-
-32. The DNS service on SRV1 also needs to resolve hosts in the contoso.com domain. This can be accomplished with a conditional forwarder. Open an elevated Windows PowerShell prompt on SRV1 and type the following command:
-
-    <pre style="overflow-y: visible">
-    Add-DnsServerConditionalForwarderZone -Name contoso.com -MasterServers 192.168.0.1
-    </pre>
-
-33. In most cases, this completes configuration of the PoC network. However, if your corporate network has a firewall that filters queries from local DNS servers, you will also need to configure a server-level DNS forwarder on SRV1 to resolve Internet names. To test whether or not DNS is working without this forwarder, try to reach a name on the Internet from DC1 or PC1, which are only using DNS services on the PoC network. You can test DNS with the ping command, for example:
-
-    <pre style="overflow-y: visible">
-    ping www.microsoft.com
-    </pre>
-
-    If you see "Ping request could not find host www.microsoft.com" on PC1 and DC1, but not on SRV1, then you will need to configure a server-level DNS forwarder on SRV1. To do this, open an elevated Windows PowerShell prompt on SRV1 and type the following command.
-
-    **Note**: This command also assumes that "Ethernet 2" is the external-facing network adapter on SRV1. If the external adapter has a different name, replace "Ethernet 2" in the command below with that name:
-
-    <pre style="overflow-y: visible">
-    Add-DnsServerForwarder -IPAddress (Get-DnsClientServerAddress -InterfaceAlias "Ethernet 2").ServerAddresses
-    </pre>
-
-34. If DNS and routing are both working correctly, you will see the following on DC1 and PC1 (the IP address might be different, but that is OK):
-
-    <pre style="overflow-y: visible">
-    PS C:\> ping www.microsoft.com
-
-    Pinging e2847.dspb.akamaiedge.net [23.222.146.170] with 32 bytes of data:
-    Reply from 23.222.146.170: bytes=32 time=3ms TTL=51
-    Reply from 23.222.146.170: bytes=32 time=2ms TTL=51
-    Reply from 23.222.146.170: bytes=32 time=2ms TTL=51
-    Reply from 23.222.146.170: bytes=32 time=1ms TTL=51
-
-    Ping statistics for 23.222.146.170:
-        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
-    Approximate round trip times in milli-seconds:
-        Minimum = 1ms, Maximum = 3ms, Average = 2ms
-    </pre>
-
-35. Verify that all three VMs can reach each other, and the Internet. See [Appendix A: Verify the configuration](#appendix-a-verify-the-configuration) for more information.
-36. Lastly, because the client computer has different hardware after copying it to a VM, its Windows activation will be invalidated and you might receive a message that you must activate Windows in 3 days.  To extend this period to 30 days, type the following commands at an elevated Windows PowerShell prompt on PC1:
-
-    <pre style="overflow-y: visible">
-    runas /noprofile /env /user:administrator@contoso.com "cmd /c slmgr -rearm"
-    Restart-Computer
-    </pre>
-
-This completes configuration of the starting PoC environment. Additional services and tools are installed in subsequent guides.
-
-## Appendix A: Verify the configuration
-
-Use the following procedures to verify that the PoC environment is configured properly and working as expected.
-
-1. On DC1, open an elevated Windows PowerShell prompt and type the following commands:
-
-    <pre style="overflow-y: visible">
-    Get-Service NTDS,DNS,DHCP
-    DCDiag -a
-    Get-DnsServerResourceRecord -ZoneName contoso.com -RRType A
-    Get-DnsServerForwarder
-    Resolve-DnsName -Server dc1.contoso.com -Name www.microsoft.com
-    Get-DhcpServerInDC
-    Get-DhcpServerv4Statistics
-    ipconfig /all
-    </pre>
-
-    **Get-Service** displays a status of "Running" for all three services.<BR>
-    **DCDiag** displays "passed test" for all tests.<BR>
-    **Get-DnsServerResourceRecord** displays the correct DNS address records for DC1, SRV1, and the computername of PC1. Additional address records for the zone apex (@), DomainDnsZones, and ForestDnsZones will also be registered.<BR>
-    **Get-DnsServerForwarder** displays a single forwarder of 192.168.0.2.<BR>
-    **Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
-    **Get-DhcpServerInDC** displays 192.168.0.1, dc1.contoso.com.<BR>
-    **Get-DhcpServerv4Statistics** displays 1 scope with 2 addresses in use (these belong to PC1 and the Hyper-V host).<BR>
-    **ipconfig** displays a primary DNS suffix and suffix search list of contoso.com, IP address of 192.168.0.1, subnet mask of 255.255.255.0, default gateway of 192.168.0.2, and DNS server addresses of 192.168.0.1 and 192.168.0.2.
-
-2. On SRV1, open an elevated Windows PowerShell prompt and type the following commands:
-
-    <pre style="overflow-y: visible">
-    Get-Service DNS,RemoteAccess
-    Get-DnsServerForwarder
-    Resolve-DnsName -Server dc1.contoso.com -Name www.microsoft.com
-    ipconfig /all
-    netsh int ipv4 show address
-    </pre>
-
-    **Get-Service** displays a status of "Running" for both services.<BR>
-    **Get-DnsServerForwarder** either displays no forwarders, or displays a list of forwarders you are required to use so that SRV1 can resolve Internet names.<BR>
-    **Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
-    **ipconfig** displays a primary DNS suffix of contoso.com. The suffix search list contains contoso.com and your corporate domain. Two ethernet adapters are shown: Ethernet adapter "Ethernet" has an IP addresses of 192.168.0.2, subnet mask of 255.255.255.0, no default gateway, and DNS server addresses of 192.168.0.1 and 192.168.0.2. Ethernet adapter "Ethernet 2" has an IP address, subnet mask, and default gateway configured by DHCP on your corporate network.<BR>
-    **netsh** displays three interfaces on the computer: interface "Ethernet 2" with DHCP enabled = Yes and IP address assigned by your corporate network, interface "Ethernet" with DHCP enabled = No and IP address of 192.168.0.2, and interface "Loopback Pseudo-Interface 1" with IP address of 127.0.0.1.
-
-3. On PC1, open an elevated Windows PowerShell prompt and type the following commands:
-
-    <pre style="overflow-y: visible">
-    whoami
-    hostname
-    nslookup www.microsoft.com
-    ping -n 1 dc1.contoso.com
-    tracert www.microsoft.com
-    </pre>
-
-    **whoami** displays the current user context, for example in an elevated Windows PowerShell prompt, contoso\administrator is displayed.<BR>
-    **hostname** displays the name of the local computer, for example W7PC-001.<BR>
-    **nslookup** displays the DNS server used for the query, and the results of the query. For example, server dc1.contoso.com, address 192.168.0.1, Name e2847.dspb.akamaiedge.net.<BR>
-    **ping** displays if the source can resolve the target name, and whether or not the target responds to ICMP. If it cannot be resolved, "..could not find host" will be diplayed and if the target is found and also responds to ICMP, you will see "Reply from" and the IP address of the target.<BR>
-    **tracert** displays the path to reach the destination, for example srv1.contoso.com [192.168.0.2] followed by a list of hosts and IP addresses corresponding to subsequent routing nodes between the source and the destination.
-
-
-## Appendix B: Terminology used in this guide
-
-<P>&nbsp;
-
-<div style='font-size:9.0pt'>
-
-<table border="1" cellspacing="0" cellpadding="0">
-<tr><TD BGCOLOR="#a0e4fa"><B>Term</B><TD BGCOLOR="#a0e4fa"><B>Definition</B>
-<tr><td>GPT<td>GUID partition table (GPT) is an updated hard-disk formatting scheme that enables the use of newer hardware. GPT is one of the partition formats that can be chosen when first initializing a hard drive, prior to creating and formatting partitions.
-<tr><td>Hyper-V<td>Hyper-V is a server role introduced with Windows Server 2008 that lets you create a virtualized computing environment. Hyper-V can also be installed as a Windows feature on Windows client operating systems, starting with Windows 8.
-<tr><td>Hyper-V host<td>The computer where Hyper-V is installed.
-<tr><td>Hyper-V Manager<td>The user-interface console used to view and configure Hyper-V.
-<tr><td>MBR<td>Master Boot Record (MBR) is a legacy hard-disk formatting scheme that limits support for newer hardware. MBR is one of the partition formats that can be chosen when first initializing a hard drive, prior to creating and formatting partitions. MBR is in the process of being replaced by the GPT partition format.
-<tr><td>Proof of concept (PoC)<td>Confirmation that a process or idea works as intended. A PoC is carried out in a test environment to learn about and verify a process.
-<tr><td>Shadow copy<td>A copy or &quot;snapshot&quot; of a computer at a point in time, created by the Volume Shadow Copy Service (VSS), typically for backup purposes.
-<tr><td>Virtual machine (VM)<td>A VM is a virtual computer with its own operating system, running on the Hyper-V host.
-<tr><td>Virtual switch<td>A virtual network connection used to connect VMs to each other and to physical network adapters on the Hyper-V host.
-<tr><td>VM snapshot<td>A point in time image of a VM that includes its disk, memory and device state. It can be used to return a virtual machine to a former state corresponding to the time the snapshot was taken.
-</TABLE>
-
-</div>
-
-## Related Topics
-
-
-[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
- 
-
- 
-
-
-
-
-
+---
+title: Configure a test lab to deploy Windows 10
+ms.reviewer: 
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+description: Concepts and procedures for deploying Windows 10 in a proof of concept lab environment.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+keywords: deployment, automate, tools, configure, mdt, sccm
+ms.localizationpriority: medium
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Step by step guide: Configure a test lab to deploy Windows 10
+
+**Applies to**
+
+-   Windows 10
+
+This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, see the following Windows 10 PoC deployment guides:
+
+- [Step by step: Deploy Windows 10 in a test lab using MDT](windows-10-poc-mdt.md)<BR>
+- [Step by step: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)<BR>
+
+The PoC deployment guides are intended to provide a demonstration of Windows 10 deployment tools and processes for IT professionals that are not familiar with these tools, and those that are interested in setting up a proof of concept environment. The instructions in this guide should not be used in a production setting, and are not meant to replace the instructions found in production deployment guidance.
+
+Approximately 3 hours are required to configure the PoC environment. You will need a Hyper-V capable computer running Windows 8.1 or later with at least 16GB of RAM. Detailed [requirements](#hardware-and-software-requirements) are provided below. You will also need to have a [Microsoft account](https://www.microsoft.com/account) to use for downloading evaluation software.
+
+Windows PowerShell commands are provided to set up the PoC environment quickly. You do not need to be an expert in Windows PowerShell to complete the steps in the guide, however you are required to customize some commands to your environment.
+
+> Instructions to "type" Windows PowerShell commands provided in this guide can be followed literally by typing the commands, but the preferred method is to copy and paste these commands.
+> 
+> A Windows PowerShell window can be used to run all commands in this guide. However, when commands are specified for a command prompt, you must either type CMD at the Windows PowerShell prompt to enter the command prompt, or preface the command with "cmd /c", or if desired you can escape special characters in the command using the back-tick character (`). In most cases, the simplest thing is to type cmd and enter a command prompt, type the necessary commands, then type "exit" to return to Windows PowerShell.
+
+Hyper-V is installed, configured and used extensively in this guide. If you are not familiar with Hyper-V, review the [terminology](#appendix-b-terminology-used-in-this-guide) used in this guide before starting.
+
+## In this guide
+
+This guide contains instructions for three general procedures: Install Hyper-V, configure Hyper-V, and configure VMs. If you already have a computer running Hyper-V, you can use this computer and skip the first procedure. In this case, your virtual switch settings must be modified to match those used in this guide, or the steps in this guide can be modified to use your existing Hyper-V settings.
+
+After completing the instructions in this guide, you will have a PoC environment that enables you to test Windows 10 deployment procedures by following instructions in companion guides that are written to use the PoC environment. Links are provided to download trial versions of Windows Server 2012, Windows 10 Enterprise, and all deployment tools necessary to complete the lab.
+
+Topics and procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
+
+<br>
+
+<div style='font-size:9.0pt'>
+
+<table border="1" cellspacing="0" cellpadding="0">
+<tr><TD BGCOLOR="#a0e4fa"><B>Topic</B></td><TD BGCOLOR="#a0e4fa"><B>Description</B></td><TD BGCOLOR="#a0e4fa"><B>Time</B></td></tr>
+<tr><td><a href="#hardware-and-software-requirements" data-raw-source="[Hardware and software requirements](#hardware-and-software-requirements)">Hardware and software requirements</a><td>Prerequisites to complete this guide.<td>Informational
+<tr><td><a href="#lab-setup" data-raw-source="[Lab setup](#lab-setup)">Lab setup</a><td>A description and diagram of the PoC environment.<td>Informational
+<tr><td><a href="#configure-the-poc-environment" data-raw-source="[Configure the PoC environment](#configure-the-poc-environment)">Configure the PoC environment</a><td>Parent topic for procedures.<td>Informational
+<tr><td><a href="#verify-support-and-install-hyper-v" data-raw-source="[Verify support and install Hyper-V](#verify-support-and-install-hyper-v)">Verify support and install Hyper-V</a><td>Verify that installation of Hyper-V is supported, and install the Hyper-V server role.<td>10 minutes
+<tr><td><a href="#download-vhd-and-iso-files" data-raw-source="[Download VHD and ISO files](#download-vhd-and-iso-files)">Download VHD and ISO files</a><td>Download evaluation versions of Windows Server 2012 R2 and Windows 10 and prepare these files to be used on the Hyper-V host.<td>30 minutes
+<tr><td><a href="#convert-pc-to-vm" data-raw-source="[Convert PC to VM](#convert-pc-to-vm)">Convert PC to VM</a><td>Convert a physical computer on your network to a VM hosted in Hyper-V.<td>30 minutes
+<tr><td><a href="#resize-vhd" data-raw-source="[Resize VHD](#resize-vhd)">Resize VHD</a><td>Increase the storage capacity for one of the Windows Server VMs.<td>5 minutes
+<tr><td><a href="#configure-hyper-v" data-raw-source="[Configure Hyper-V](#configure-hyper-v)">Configure Hyper-V</a><td>Create virtual switches, determine available RAM for virtual machines, and add virtual machines.<td>15 minutes
+<tr><td><a href="#configure-vms" data-raw-source="[Configure service and user accounts](#configure-vms)">Configure service and user accounts</a><td>Start virtual machines and configure all services and settings.<td>60 minutes
+<tr><td><a href="#configure-vms" data-raw-source="[Configure VMs](#configure-vms)">Configure VMs</a><td>Start virtual machines and configure all services and settings.<td>60 minutes
+<tr><td><a href="#appendix-a-verify-the-configuration" data-raw-source="[Appendix A: Verify the configuration](#appendix-a-verify-the-configuration)">Appendix A: Verify the configuration</a><td>Verify and troubleshoot network connectivity and services in the PoC environment.<td>30 minutes
+<tr><td><a href="#appendix-b-terminology-used-in-this-guide" data-raw-source="[Appendix B: Terminology in this guide](#appendix-b-terminology-used-in-this-guide)">Appendix B: Terminology in this guide</a><td>Terms used in this guide.<td>Informational
+</table>
+</div>
+
+## Hardware and software requirements
+
+One computer that meets the hardware and software specifications below is required to complete the guide; A second computer is recommended to validate the upgrade process.
+
+- **Computer 1**: the computer you will use to run Hyper-V and host virtual machines. This computer should have 16 GB or more of installed RAM and a multi-core processor.
+- **Computer 2**: a client computer from your corporate network. It is shadow-copied to create a VM that can be added to the PoC environment, enabling you to test a mirror image of a computer on your network. If you do not have a computer to use for this simulation, you can download an evaluation VHD and use it to represent this computer. Subsequent guides use this computer to simulate Windows 10 replace and refresh scenarios, so the VM is required even if you cannot create this VM using computer 2.
+
+Harware requirements are displayed below:
+
+<div style='font-size:9.0pt'>
+
+<table border="1" cellspacing="0" cellpadding="0">
+    <tr>
+        <td></td>
+        <td BGCOLOR="#a0e4fa"><strong>Computer 1</strong> (required)</td>
+        <td BGCOLOR="#a0e4fa"><strong>Computer 2</strong> (recommended)</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>Role</strong></td>
+        <td>Hyper-V host</td>
+        <td>Client computer</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>Description</strong></td>
+        <td>This computer will run Hyper-V, the Hyper-V management tools, and the Hyper-V Windows PowerShell module.</td>
+        <td>This computer is a Windows 7 or Windows 8/8.1 client on your corporate network that will be converted to a VM to demonstrate the upgrade process.</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>OS</strong></td>
+        <td>Windows 8.1/10 or Windows Server 2012/2012 R2/2016<b>*</b></td>
+        <td>Windows 7 or a later</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>Edition</strong></td>
+        <td>Enterprise, Professional, or Education</td>
+        <td>Any</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>Architecture</strong></td>
+        <td>64-bit</td>
+        <td>Any<BR><I>Note: Retaining applications and settings requires that architecture (32 or 64-bit) is the same before and after the upgrade.</I></td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>RAM</strong></td>
+        <td>8 GB RAM (16 GB recommended) to test Windows 10 deployment with MDT.
+        <BR>16 GB RAM to test Windows 10 deployment with Microsoft Endpoint Configuration Manager.</td>
+        <td>Any</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>Disk</strong></td>
+        <td>200 GB available hard disk space, any format.</td>
+        <td>Any size, MBR formatted.</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>CPU</strong></td>
+        <td>SLAT-Capable CPU</td>
+        <td>Any</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa"><strong>Network</strong></td>
+        <td>Internet connection</td>
+        <td>Any</td>
+    </tr>
+</table>
+
+
+<B>\*</B><I>The Hyper-V server role can also be installed on a computer running Windows Server 2008 R2. However, the Windows PowerShell module for Hyper-V is not available on Windows Server 2008 R2, therefore you cannot use many of the steps provided in this guide to configure Hyper-V. To manage Hyper-V on Windows Server 2008 R2, you can use Hyper-V WMI, or you can use the Hyper-V Manager console. Providing all steps in this guide as Hyper-V WMI or as 2008 R2 Hyper-V Manager procedures is beyond the scope of the guide.</I>
+<BR>
+<BR>The Hyper-V role cannot be installed on Windows 7 or earlier versions of Windows.
+
+</div>
+
+## Lab setup
+
+The lab architecture is summarized in the following diagram:
+
+![PoC](images/poc.png)
+
+- Computer 1 is configured to host four VMs on a private, PoC network.
+    - Two VMs are running Windows Server 2012 R2 with required network services and tools installed.
+    - Two VMs are client systems: One VM is intended to mirror a host on your corporate network (computer 2) and one VM is running Windows 10 Enterprise to demonstrate the hardware replacement scenario.
+
+>If you have an existing Hyper-V host, you can use this host and skip the Hyper-V installation section in this guide.
+
+<I>The two Windows Server VMs can be combined into a single VM to conserve RAM and disk space if required. However, instructions in this guide assume two server systems are used. Using two servers enables Active Directory Domain Services and DHCP to be installed on a server that is not directly connected to the corporate network. This mitigates the risk of clients on the corporate network receiving DHCP leases from the PoC network (i.e. "rogue" DHCP), and limits NETBIOS service broadcasts.</I>
+
+## Configure the PoC environment
+
+>**Hint**: Before you begin, ensure that Windows PowerShell is pinned to the taskbar for easy access. If the Hyper-V host is running Windows Server then Windows PowerShell is automatically pinned to the taskbar. To pin Windows PowerShell to the taskbar on Windows 8.1 or Windows 10: Click **Start**, type **power**, right click **Windows PowerShell**, and then click **Pin to taskbar**. After Windows PowerShell is pinned to the taskbar, you can open an elevated Windows PowerShell prompt by right-clicking the icon on the taskbar and then clicking **Run as Administrator**.
+
+### Procedures in this section
+
+[Verify support and install Hyper-V](#verify-support-and-install-hyper-v)<BR>
+[Download VHD and ISO files](#download-vhd-and-iso-files)<BR>
+[Convert PC to VM](#convert-pc-to-vm)<BR>
+[Resize VHD](#resize-vhd)<BR>
+[Configure Hyper-V](#configure-hyper-v)<BR>
+[Configure VMs](#configure-vms)<BR>
+
+### Verify support and install Hyper-V
+
+Starting with Windows 8, the host computer’s microprocessor must support second level address translation (SLAT) to install Hyper-V. See [Hyper-V: List of SLAT-Capable CPUs for Hosts](https://social.technet.microsoft.com/wiki/contents/articles/1401.hyper-v-list-of-slat-capable-cpus-for-hosts.aspx) for more information.
+
+1. To verify your computer supports SLAT, open an administrator command prompt,  type **systeminfo**, press ENTER, and review the section displayed at the bottom of the output, next to Hyper-V Requirements. See the following example:
+
+    <pre style="overflow-y: visible">
+    C:\>systeminfo
+
+    ...
+    Hyper-V Requirements:      VM Monitor Mode Extensions: Yes
+                               Virtualization Enabled In Firmware: Yes
+                               Second Level Address Translation: Yes
+                               Data Execution Prevention Available: Yes
+    </pre>
+
+    In this example, the computer supports SLAT and Hyper-V.
+
+    If one or more requirements are evaluated as **No** then the computer does not support installing Hyper-V.  However, if only the virtualization setting is incompatible, you might be able to enable virtualization in the BIOS and change the **Virtualization Enabled In Firmware** setting from **No** to **Yes**. The location of this setting will depend on the manufacturer and BIOS version, but is typically found associated with the BIOS security settings.
+
+    You can also identify Hyper-V support using [tools](https://blogs.msdn.microsoft.com/taylorb/2008/06/19/hyper-v-will-my-computer-run-hyper-v-detecting-intel-vt-and-amd-v/) provided by the processor manufacturer, the [msinfo32](https://technet.microsoft.com/library/cc731397.aspx) tool, or you can download the [coreinfo](https://technet.microsoft.com/sysinternals/cc835722) utility and run it, as shown in the following example:
+
+    <pre style="overflow-y: visible">
+    C:\>coreinfo -v
+
+    Coreinfo v3.31 - Dump information on system CPU and memory topology
+    Copyright (C) 2008-2014 Mark Russinovich
+    Sysinternals - www.sysinternals.com
+
+    Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
+    Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
+    Microcode signature: 0000001B
+    HYPERVISOR      -       Hypervisor is present
+    VMX             *       Supports Intel hardware-assisted virtualization
+    EPT             *       Supports Intel extended page tables (SLAT)
+    </pre>
+
+    Note: A 64-bit operating system is required to run Hyper-V.
+
+2. The Hyper-V feature is not installed by default. To install it, open an elevated Windows PowerShell window and type the following command:
+
+    <pre style="overflow-y: visible">Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V –All</pre>
+
+    This command works on all operating systems that support Hyper-V, but on Windows Server operating systems you must type an additional command to add the Hyper-V Windows PowerShell module and the Hyper-V Manager console. This command will also install Hyper-V if it isn't already installed, so if desired you can just type the following command on Windows Server 2012 or 2016 instead of using the Enable-WindowsOptionalFeature command:
+
+    <pre style="overflow-y: visible">Install-WindowsFeature -Name Hyper-V -IncludeManagementTools</pre>
+
+    When you are prompted to restart the computer, choose **Yes**. The computer might restart more than once. After installation is complete, you can open Hyper-V Manager by typing **virtmgmt.msc** at an elevated command prompt.
+
+    >Alternatively, you can install Hyper-V using the Control Panel in Windows under **Turn Windows features on or off** for a client operating system, or using Server Manager's **Add Roles and Features Wizard** on a server operating system, as shown below:
+
+    ![hyper-v feature](images/hyper-v-feature.png)
+
+    ![hyper-v](images/svr_mgr2.png)
+
+    <P>If you choose to install Hyper-V using Server Manager, accept all default selections. Also be sure to install both items under <strong>Role Administration Tools\Hyper-V Management Tools</strong>.
+
+### Download VHD and ISO files
+
+When you have completed installation of Hyper-V on the host computer, begin configuration of Hyper-V by downloading VHD and ISO files to the Hyper-V host. These files will be used to create the VMs used in the lab. Before you can download VHD and ISO files, you will need to register and sign in to the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter/) using your Microsoft account.
+
+1. Create a directory on your Hyper-V host named **C:\VHD** and download a single [Windows Server 2012 R2 VHD](https://www.microsoft.com/evalcenter/evaluate-windows-server-2012-r2) from the TechNet Evaluation Center to the **C:\VHD** directory.
+
+    **Important**: This guide assumes that VHDs are stored in the **C:\VHD** directory on the Hyper-V host. If you use a different directory to store VHDs, you must adjust steps in this guide appropriately.
+
+    After completing registration you will be able to download the 7.47 GB Windows Server 2012 R2 evaluation VHD. An example of the download offering is shown below.
+
+    <TABLE BORDER="1">
+    <tr><td> <img src="images/download_vhd.png" alt="VHD"/> </TD></TR>
+    </TABLE>
+
+2. Download the file to the **C:\VHD** directory. When the download is complete, rename the VHD file that you downloaded to **2012R2-poc-1.vhd**. This is done to make the filename simple to recognize and type.
+3. Copy the VHD to a second file also in the **C:\VHD** directory and name this VHD **2012R2-poc-2.vhd**.
+4. Download the [Windows 10 Enterprise ISO](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) from the TechNet Evaluation Center to the **C:\VHD** directory on your Hyper-V host.
+
+    >During registration, you must specify the type, version, and language of installation media to download. In this example, a Windows 10 Enterprise, 64 bit, English ISO is chosen. You can choose a different version if desired. **Note: The evaluation version of Windows 10 does not support in-place upgrade**.
+
+5. Rename the ISO file that you downloaded to **w10-enterprise.iso**. Again, this is done so that the filename is simple to type and recognize. After completing registration you will be able to download the 3.63 GB Windows 10 Enterprise evaluation ISO.
+
+After completing these steps, you will have three files in the **C:\VHD** directory: **2012R2-poc-1.vhd**, **2012R2-poc-2.vhd**, **w10-enterprise.iso**.
+
+The following displays the procedures described in this section, both before and after downloading files:
+
+<pre style="overflow-y: visible">
+C:>mkdir VHD
+C:>cd VHD
+C:\VHD&gt;ren 9600*.vhd 2012R2-poc-1.vhd
+C:\VHD&gt;copy 2012R2-poc-1.vhd 2012R2-poc-2.vhd
+   1 file(s) copied.
+C:\VHD ren *.iso w10-enterprise.iso
+C:\VHD&gt;dir /B
+2012R2-poc-1.vhd
+2012R2-poc-2.vhd
+w10-enterprise.iso
+</pre>
+
+### Convert PC to VM
+
+>Important: Do not attempt to use the VM resulting from the following procedure as a reference image. Also, to avoid conflicts with existing clients, do not start the VM outside the PoC network.
+
+<TABLE BORDER="2"><tr><td>
+If you do not have a PC available to convert to VM, perform the following steps to download an evaluation VM:
+<BR>
+<OL>
+<LI>Open the <a href="https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/" data-raw-source="[Download virtual machines](https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/)">Download virtual machines</a> page.
+<LI>Under <strong>Virtual machine</strong>, choose <strong>IE11 on Win7</strong>.
+<LI>Under <strong>Select platform</strong> choose <strong>HyperV (Windows)</strong>.
+<LI>Click <strong>Download .zip</strong>. The download is 3.31 GB.
+<LI>Extract the zip file. Three directories are created.
+<LI>Open the <strong>Virtual Hard Disks</strong> directory and then copy <strong>IE11 - Win7.vhd</strong> to the <strong>C:\VHD</strong> directory.
+<LI>Rename <strong>IE11 - Win7.vhd</strong> to <strong>w7.vhd</strong> (do not rename the file to w7.vhdx).
+<LI>In step 5 of the <a href="#configure-hyper-v" data-raw-source="[Configure Hyper-V](#configure-hyper-v)">Configure Hyper-V</a> section, replace the VHD file name <strong>w7.vhdx</strong> with <strong>w7.vhd</strong>.
+</OL>
+</TABLE>
+
+If you have a PC available to convert to VM (computer 2):
+
+1. Sign in on computer 2 using an account with Administrator privileges.
+
+>Important: the account used in this step must have local administrator privileges. You can use a local computer account, or a domain account with administrative rights if domain policy allows the use of cached credentials. After converting the computer to a VM, you must be able to sign in on this VM with administrator rights while the VM is disconnected from the corporate network.
+
+2. [Determine the VM generation and partition type](#determine-the-vm-generation-and-partition-type) that is required.
+3. Based on the VM generation and partition type, perform one of the following procedures: [Prepare a generation 1 VM](#prepare-a-generation-1-vm), [Prepare a generation 2 VM](#prepare-a-generation-2-vm), or [prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk).
+
+#### Determine the VM generation and partition type
+
+When creating a VM in Hyper-V, you must specify either generation 1 or generation 2. The following table describes requirements for these two types of VMs.
+
+<div style='font-size:9.0pt'>
+
+<table border="1" cellspacing="0" cellpadding="0">
+    <tr>
+        <td></td>
+        <td>Architecture</td>
+        <td>Operating system</td>
+        <td>Partition style</td>
+    </tr>
+    <tr>
+        <td>Generation 1</td>
+        <td>32-bit or 64-bit</td>
+        <td>Windows 7 or later</td>
+        <td>MBR</td>
+    </tr>
+    <tr>
+        <td>Generation 2</td>
+        <td>64-bit</td>
+        <td>Windows 8 or later</td>
+        <td>MBR or GPT</td>
+    </tr>
+</table>
+
+</div>
+
+If the PC is running a 32-bit OS or the OS is Windows 7, it must be converted to a generation 1 VM. Otherwise, it can be converted to a generation 2 VM.
+
+- To determine the OS and architecture of a PC, type **systeminfo** at a command prompt and review the output next to **OS Name** and **System Type**.
+- To determine the partition style, open a Windows PowerShell prompt on the PC and type the following command:
+
+<pre style="overflow-y: visible">
+Get-WmiObject -Class Win32_DiskPartition | Select-Object -Property SystemName,Caption,Type
+</pre>
+
+If the **Type** column does not indicate GPT, then the disk partition format is MBR ("Installable File System" = MBR). In the following example, the disk is GPT:
+
+<pre style="overflow-y: visible">
+PS C:> Get-WmiObject -Class Win32_DiskPartition | Select-Object -Property SystemName,Caption,Type
+
+SystemName                           Caption                                 Type
+----------                           -------                                 ----
+USER-PC1                             Disk #0, Partition #0                   GPT: System
+USER-PC1                             Disk #0, Partition #1                   GPT: Basic Data
+</pre>
+
+On a computer running Windows 8 or later, you can also type **Get-Disk** at a Windows PowerShell prompt to discover the partition style. The default output of this cmdlet displays the partition style for all attached disks. Both commands are displayed below. In this example, the client computer is running Windows 8.1 and uses a GPT style partition format:
+
+<pre style="overflow-y: visible">
+PS C:> Get-WmiObject -Class Win32_DiskPartition | Select-Object -Property SystemName,Caption,Type
+
+SystemName                            Caption                               Type
+----------                            -------                               ----
+PC-X1                                 Disk #0, Partition #0                 GPT: Unknown
+PC-X1                                 Disk #0, Partition #1                 GPT: System
+PC-X1                                 Disk #0, Partition #2                 GPT: Basic Data
+PC-X1                                 Disk #0, Partition #3                 GPT: Basic Data
+PC-X1                                 Disk #0, Partition #4                 GPT: Basic Data
+
+PS C:> Get-Disk
+
+Number Friendly Name                  OperationalStatus                     Total Size Partition Style
+------ -------------                  -----------------                     ---------- ---------------
+0      INTEL SSDSCMMW240A3L           Online                                223.57 GB GPT
+</pre>
+
+<span id="determine-vm-generation"/>
+
+**Choosing a VM generation**
+
+The following table displays the Hyper-V VM generation to choose based on the OS, architecture, and partition style. Links to procedures to create the corresponding VMs are included.
+
+<div style='font-size:9.0pt'>
+
+<table border="1" cellspacing="0" cellpadding="0">
+    <tr>
+        <td>OS</td>
+        <td>Partition style</td>
+        <td>Architecture</td>
+        <td>VM generation</td>
+        <td>Procedure</td>
+    </tr>
+    <tr>
+        <td rowspan="4">Windows 7</td>
+        <td rowspan="2">MBR</td>
+        <td>32</td>
+        <td>1</td>
+        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
+    </tr>
+    <tr>
+        <td>64</td>
+        <td>1</td>
+        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
+    </tr>
+    <tr>
+        <td rowspan="2">GPT</td>
+        <td>32</td>
+        <td>N/A</td>
+        <td>N/A</td>
+    </tr>
+    <tr>
+        <td>64</td>
+        <td>1</td>
+        <td><a href="#prepare-a-generation-1-vm-from-a-gpt-disk" data-raw-source="[Prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk)">Prepare a generation 1 VM from a GPT disk</a></td>
+    </tr>
+    <tr>
+        <td rowspan="4">Windows 8 or later</td>
+        <td rowspan="2">MBR</td>
+        <td>32</td>
+        <td>1</td>
+        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
+    </tr>
+    <tr>
+        <td>64</td>
+        <td>1, 2</td>
+        <td><a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a></td>
+    </tr>
+    <tr>
+        <td rowspan="2">GPT</td>
+        <td>32</td>
+        <td>1</td>
+        <td><a href="#prepare-a-generation-1-vm-from-a-gpt-disk" data-raw-source="[Prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk)">Prepare a generation 1 VM from a GPT disk</a></td>
+    </tr>
+    <tr>
+        <td>64</td>
+        <td>2</td>
+        <td><a href="#prepare-a-generation-2-vm" data-raw-source="[Prepare a generation 2 VM](#prepare-a-generation-2-vm)">Prepare a generation 2 VM</a></td>
+    </tr>
+</table>
+
+</div>
+
+Notes:<BR>
+<UL>
+<LI>If the PC is running Windows 7, it can only be converted and hosted in Hyper-V as a generation 1 VM. This Hyper-V requirement means that if the Windows 7 PC is also using a GPT partition style, the OS disk can be shadow copied, but a new system partition must be created. In this case, see <a href="#prepare-a-generation-1-vm-from-a-gpt-disk" data-raw-source="[Prepare a generation 1 VM from a GPT disk](#prepare-a-generation-1-vm-from-a-gpt-disk)">Prepare a generation 1 VM from a GPT disk</a>.
+<LI>If the PC is running Windows 8 or later and uses the GPT partition style, you can capture the disk image and create a generation 2 VM. To do this, you must temporarily mount the EFI system partition which is accomplished using the <strong>mountvol</strong> command. In this case, see <a href="#prepare-a-generation-2-vm" data-raw-source="[Prepare a generation 2 VM](#prepare-a-generation-2-vm)">Prepare a generation 2 VM</a>.
+<LI>If the PC is using an MBR partition style, you can convert the disk to VHD and use it to create a generation 1 VM. If you use the Disk2VHD tool described in this guide, it is not necessary to mount the MBR system partition, but it is still necessary to capture it. In this case, see <a href="#prepare-a-generation-1-vm" data-raw-source="[Prepare a generation 1 VM](#prepare-a-generation-1-vm)">Prepare a generation 1 VM</a>.
+</UL>
+
+#### Prepare a generation 1 VM
+
+1. Download the [Disk2vhd utility](https://technet.microsoft.com/library/ee656415.aspx), extract the .zip file and copy **disk2vhd.exe** to a flash drive or other location that is accessible from the computer you wish to convert.
+
+    >You might experience timeouts if you attempt to run Disk2vhd from a network share, or specify a network share for the destination. To avoid timeouts, use local, portable media such as a USB drive.
+
+2. On the computer you wish to convert, double-click the disk2vhd utility to start the graphical user interface.
+3. Select the checkboxes next to the **C:\\** and the **system reserved** (BIOS/MBR) volumes. The system volume is not assigned a drive letter, but will be displayed in the Disk2VHD tool with a volume label similar to **\\?\Volume{**. See the following example. **Important**: You must include the system volume in order to create a bootable VHD. If this volume is not displayed in the disk2vhd tool, then the computer is likely to be using the GPT partition style. For more information, see [Determine VM generation](#determine-vm-generation).
+4. Specify a location to save the resulting VHD or VHDX file (F:\VHD\w7.vhdx in the following example) and click **Create**. See the following example:
+
+    ![disk2vhd](images/disk2vhd.png)
+
+    >Disk2vhd can save VHDs to local hard drives, even if they are the same as the volumes being converted. Performance is better however when the VHD is saved on a disk different than those being converted, such as a flash drive.
+
+5. When the Disk2vhd utility has completed converting the source computer to a VHD, copy the VHDX file (w7.vhdx) to your Hyper-V host in the C:\VHD directory. There should now be four files in this directory:
+
+    <pre style="overflow-y: visible">
+    C:\vhd>dir /B
+    2012R2-poc-1.vhd
+    2012R2-poc-2.vhd
+    w10-enterprise.iso
+    w7.VHDX
+    </pre>
+
+#### Prepare a generation 2 VM
+
+1. Download the [Disk2vhd utility](https://technet.microsoft.com/library/ee656415.aspx), extract the .zip file and copy **disk2vhd.exe** to a flash drive or other location that is accessible from the computer you wish to convert.
+
+    >You might experience timeouts if you attempt to run Disk2vhd from a network share, or specify a network share for the destination. To avoid timeouts, use local, portable media such as a USB drive.
+
+2. On the computer you wish to convert, open an elevated command prompt and type the following command:
+
+    <pre style="overflow-y: visible">mountvol s: /s</pre>
+
+    This command temporarily assigns a drive letter of S to the system volume and mounts it. If the letter S is already assigned to a different volume on the computer, then choose one that is available (ex: mountvol z: /s).
+
+3. On the computer you wish to convert, double-click the disk2vhd utility to start the graphical user interface.
+4. Select the checkboxes next to the **C:\\** and the **S:\\** volumes, and clear the **Use Volume Shadow Copy checkbox**. Volume shadow copy will not work if the EFI system partition is selected.
+
+    **Important**: You must include the EFI system partition in order to create a bootable VHD. The Windows RE tools partition (shown below) is not required, but it can also be converted if desired.
+
+5. Specify a location to save the resulting VHD or VHDX file (F:\VHD\PC1.vhdx in the following example) and click **Create**. See the following example:
+
+    ![disk2vhd](images/disk2vhd-gen2.png)
+
+    >Disk2vhd can save VHDs to local hard drives, even if they are the same as the volumes being converted. Performance is better however when the VHD is saved on a disk different than those being converted, such as a flash drive.
+
+6. When the Disk2vhd utility has completed converting the source computer to a VHD, copy the VHDX file (PC1.vhdx) to your Hyper-V host in the C:\VHD directory. There should now be four files in this directory:
+
+    <pre style="overflow-y: visible">
+    C:\vhd>dir /B
+    2012R2-poc-1.vhd
+    2012R2-poc-2.vhd
+    w10-enterprise.iso
+    PC1.VHDX
+    </pre>
+
+#### Prepare a generation 1 VM from a GPT disk
+
+1. Download the [Disk2vhd utility](https://technet.microsoft.com/library/ee656415.aspx), extract the .zip file and copy **disk2vhd.exe** to a flash drive or other location that is accessible from the computer you wish to convert.
+
+    >You might experience timeouts if you attempt to run Disk2vhd from a network share, or specify a network share for the destination. To avoid timeouts, use local, portable media such as a USB drive.
+
+2. On the computer you wish to convert, double-click the disk2vhd utility to start the graphical user interface.
+3. Select the checkbox next to the **C:\\** volume and clear the checkbox next to **Use Vhdx**. Note: the system volume is not copied in this scenario, it will be added later.
+4. Specify a location to save the resulting VHD file (F:\VHD\w7.vhd in the following example) and click **Create**. See the following example:
+
+    ![disk2vhd](images/disk2vhd4.png)
+
+    >Disk2vhd can save VHDs to local hard drives, even if they are the same as the volumes being converted. Performance is better however when the VHD is saved on a disk different than those being converted, such as a flash drive.
+
+5. When the Disk2vhd utility has completed converting the source computer to a VHD, copy the VHD file (w7.vhd) to your Hyper-V host in the C:\VHD directory. There should now be four files in this directory:
+
+    <pre style="overflow-y: visible">
+    C:\vhd>dir /B
+    2012R2-poc-1.vhd
+    2012R2-poc-2.vhd
+    w10-enterprise.iso
+    w7.VHD
+    </pre>
+
+    >In its current state, the w7.VHD file is not bootable. The VHD will be used to create a bootable VM later in the [Configure Hyper-V](#configure-hyper-v) section.
+
+### Resize VHD
+
+<HR size="4">
+<strong><I>Enhanced session mode</I></strong>
+
+**Important**: Before proceeding, verify that you can take advantage of [enhanced session mode](https://technet.microsoft.com/windows-server-docs/compute/hyper-v/learn-more/Use-local-resources-on-Hyper-V-virtual-machine-with-VMConnect) when completing instructions in this guide. Enhanced session mode enables you to copy and paste the commands from the Hyper-V host to VMs, between VMs, and between RDP sessions. After copying some text, you can paste into a Windows PowerShell window by simply right-clicking. Before right-clicking, do not left click other locations as this can empty the clipboard. You can also copy and paste <U>files</U> directly from one computer to another by right-clicking and selecting copy on one computer, then right-clicking and selecting paste on another computer.
+
+To ensure that enhanced session mode is enabled on the Hyper-V host, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+<pre style="overflow-y: visible">Set-VMhost -EnableEnhancedSessionMode $TRUE</pre>
+
+>If enhanced session mode was not previously enabled, close any existing virtual machine connections and re-open them to enable access to enhanced session mode. As mentioned previously: instructions to "type" commands provided in this guide can be typed, but the preferred method is to copy and paste these commands. Most of the commands to this point in the guide have been brief, but many commands in sections below are longer and more complex.
+
+<HR size="4">
+
+The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to 100GB to support installing imaging tools and storing OS images.
+
+1. To add available space for the partition, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host:
+
+    <pre style="overflow-y: visible">
+    Resize-VHD –Path c:\VHD\2012R2-poc-2.vhd –SizeBytes 100GB
+    $x = (Mount-VHD –Path c:\VHD\2012R2-poc-2.vhd -passthru | Get-Disk | Get-Partition | Get-Volume).DriveLetter
+    Resize-Partition -DriveLetter $x -Size (Get-PartitionSupportedSize -DriveLetter $x).SizeMax
+    </pre>
+
+2. Verify that the mounted VHD drive is resized to 100 GB, and then dismount the drive:
+
+    <pre style="overflow-y: visible">
+    Get-Volume -DriveLetter $x
+    Dismount-VHD –Path c:\VHD\2012R2-poc-2.vhd</pre>
+
+### Configure Hyper-V
+
+1. Open an elevated Windows PowerShell window and type the following command to create two virtual switches named "poc-internal" and "poc-external":
+
+    >If the Hyper-V host already has an external virtual switch bound to a physical NIC, do not attempt to add a second external virtual switch. Attempting to add a second external switch will result in an error indicating that the NIC is **already bound to the Microsoft Virtual Switch protocol.** In this case, choose one of the following options:<BR>
+    &nbsp;&nbsp;&nbsp;A) Remove the existing external virtual switch, then add the poc-external switch<BR>
+    &nbsp;&nbsp;&nbsp;B) Rename the existing external switch to "poc-external"<BR>
+    &nbsp;&nbsp;&nbsp;C) Replace each instance of "poc-external" used in this guide with the name of your existing external virtual switch<BR>
+    If you choose B) or C), then do not run the second command below.
+
+    <pre style="overflow-y: visible">
+    New-VMSwitch -Name poc-internal -SwitchType Internal -Notes "PoC Network"
+    New-VMSwitch -Name poc-external -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name -Notes "PoC External"
+    </pre>
+
+    **Note**: The second command above will temporarily interrupt network connectivity on the Hyper-V host.
+
+    >Since an external virtual switch is associated to a physical network adapter on the Hyper-V host, this adapter must be specified when adding the virtual switch. The previous commands automate this by filtering for active non-virtual ethernet adapters using the Get-NetAdapter cmdlet ($_.Status -eq "Up" -and !$_.Virtual). If your Hyper-V host is dual-homed with multiple active ethernet adapters, this automation will not work, and the second command above will fail. In this case, you must edit the command used to add the "poc-external" virtual switch by inserting the appropriate NetAdapterName. The NetAdapterName value corresponds to the name of the network interface you wish to use. For example, if the network interface you use on the Hyper-V host to connect to the Internet is named "Ethernet 2" then type the following command to create an external virtual switch: New-VMSwitch -Name poc-external -NetAdapterName "Ethernet 2" -Notes "PoC External"
+
+2. At the elevated Windows PowerShell prompt, type the following command to determine the megabytes of RAM that are currently available on the Hyper-V host:
+
+    <pre style="overflow-y: visible">
+    (Get-VMHostNumaNode).MemoryAvailable
+    </pre>
+
+    This command will display the megabytes of RAM available for VMs. On a Hyper-V host computer with 16 GB of physical RAM installed, 10,000 MB of RAM or greater should be available if the computer is not also running other applications. On a computer with 8 GB of physical RAM installed, at least 4000 MB should be available. If the computer has less RAM available than this, try closing applications to free up more memory.
+
+3. Determine the available memory for VMs by dividing the available RAM by 4.  For example:
+
+    <pre style="overflow-y: visible">
+    (Get-VMHostNumaNode).MemoryAvailable/4
+    2775.5
+    </pre>
+
+    In this example, VMs can use a maximum of 2700 MB of RAM each, to run four VMs simultaneously.
+
+4. At the elevated Windows PowerShell prompt, type the following command to create two new VMs. Other VMs will be added later.
+    >**Important**: Replace the value of 2700MB for $maxRAM in the first command below with the RAM value that you calculated in the previous step.
+
+    <pre style="overflow-y: visible">
+    $maxRAM = 2700MB
+    New-VM -Name "DC1" -VHDPath c:\vhd\2012R2-poc-1.vhd -SwitchName poc-internal
+    Set-VMMemory -VMName "DC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
+    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName DC1
+    New-VM -Name "SRV1" -VHDPath c:\vhd\2012R2-poc-2.vhd -SwitchName poc-internal
+    Add-VMNetworkAdapter -VMName "SRV1" -SwitchName "poc-external"
+    Set-VMMemory -VMName "SRV1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 80
+    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName SRV1
+    </pre>
+
+    **Note**: The RAM values assigned to VMs in this step are not permanent, and can be easily increased or decreased later if needed to address performance issues.
+
+5. Using the same elevated Windows PowerShell prompt that was used in the previous step, type one of the following sets of commands, depending on the type of VM that was prepared in the [Determine VM generation](#determine-vm-generation) section, either generation 1, generation 2, or generation 1 with GPT.
+
+    To create a generation 1 VM (using c:\vhd\w7.vhdx):
+
+    <pre style="overflow-y: visible">
+    New-VM -Name "PC1" -VHDPath c:\vhd\w7.vhdx -SwitchName poc-internal
+    Set-VMMemory -VMName "PC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
+    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName PC1
+    </pre>
+
+    To create a generation 2 VM (using c:\vhd\PC1.vhdx):
+
+    <pre style="overflow-y: visible">
+    New-VM -Name "PC1" -Generation 2 -VHDPath c:\vhd\PC1.vhdx -SwitchName poc-internal
+    Set-VMMemory -VMName "PC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
+    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName PC1
+    </pre>
+
+    To create a generation 1 VM from a GPT disk (using c:\vhd\w7.vhd):
+
+    >Note: The following procedure is more complex because it includes steps to convert the OS partition from GPT to MBR format. Steps are included to create a temporary VHD and attach it to the VM, the OS image is saved to this drive, the OS drive is then reformatted to MBR, the OS image restored, and the temporary drive is removed.
+
+    First, type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host to create a temporary VHD that will be used to save the OS image. Do not forget to include a pipe (|) at the end of the first five commands:
+
+    <pre style="overflow-y: visible">
+    New-VHD -Path c:\vhd\d.vhd -SizeBytes 1TB |
+    Mount-VHD -Passthru |
+    Get-Disk -Number {$_.DiskNumber} |
+    Initialize-Disk -PartitionStyle MBR -PassThru |
+    New-Partition -UseMaximumSize |
+    Format-Volume -Confirm:$false -FileSystem NTFS -force
+    Dismount-VHD -Path c:\vhd\d.vhd
+    </pre>
+
+    Next, create the PC1 VM with two attached VHDs, and boot to DVD ($maxram must be defined previously using the same Windows PowerShell promt):
+
+    <pre style="overflow-y: visible">
+    New-VM -Name "PC1" -VHDPath c:\vhd\w7.vhd -SwitchName poc-internal
+    Add-VMHardDiskDrive -VMName PC1 -Path c:\vhd\d.vhd
+    Set-VMDvdDrive -VMName PC1 -Path c:\vhd\w10-enterprise.iso
+    Set-VMMemory -VMName "PC1" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes $maxRAM -Buffer 20
+    Enable-VMIntegrationService -Name "Guest Service Interface" -VMName PC1
+    Start-VM PC1
+    vmconnect localhost PC1
+    </pre>
+
+    The VM will automatically boot into Windows Setup. In the PC1 window:
+
+   1. Click **Next**.
+   2. Click **Repair your computer**.
+   3. Click **Troubleshoot**.
+   4. Click **Command Prompt**.
+   5. Type the following command to save an image of the OS drive:
+
+      <pre style="overflow-y: visible">
+      dism /Capture-Image /ImageFile:D:\c.wim /CaptureDir:C:\ /Name:Drive-C
+      </pre>
+
+   6. Wait for the OS image to complete saving, and then type the following commands to convert the C: drive to MBR:
+
+      <pre style="overflow-y: visible">
+      diskpart
+      select disk 0
+      clean
+      convert MBR
+      create partition primary size=100
+      format fs=ntfs quick
+      active
+      create partition primary
+      format fs=ntfs quick label=OS
+      assign letter=c
+      exit
+      </pre>
+
+   7. Type the following commands to restore the OS image and boot files:
+
+      <pre style="overflow-y: visible">
+      dism /Apply-Image /ImageFile:D:\c.wim /Index:1 /ApplyDir:C:\
+      bcdboot c:\windows
+      exit
+      </pre>
+
+   8. Click **Continue** and verify the VM boots successfully (do not boot from DVD).
+   9. Click **Ctrl+Alt+Del**, and then in the bottom right corner, click **Shut down**.
+   10. Type the following commands at an elevated Windows PowerShell prompt on the Hyper-V host to remove the temporary disks and drives from PC1:
+
+       <pre style="overflow-y: visible">
+       Remove-VMHardDiskDrive -VMName PC1 -ControllerType IDE -ControllerNumber 0 -ControllerLocation 1
+       Set-VMDvdDrive -VMName PC1 -Path $null
+       </pre>
+
+### Configure VMs
+
+1. At an elevated Windows PowerShell prompt on the Hyper-V host, start the first Windows Server VM and connect to it by typing the following commands:
+
+    <pre style="overflow-y: visible">
+    Start-VM DC1
+    vmconnect localhost DC1
+    </pre>
+
+2. Click **Next** to accept the default settings, read the license terms and click **I accept**, provide an administrator password of <strong>pass@word1</strong>, and click **Finish**.
+3. Click **Ctrl+Alt+Del** in the upper left corner of the virtual machine connection window, and then sign in to DC1 using the Administrator account.
+4. Right-click **Start**, point to **Shut down or sign out**, and click **Sign out**. The VM connection will reset and a new connection dialog box will appear enabling you to choose a custom display configuration. Select a desktop size, click **Connect** and sign in again with the local Administrator account. Note: Signing in this way ensures that [enhanced session mode](https://technet.microsoft.com/windows-server-docs/compute/hyper-v/learn-more/Use-local-resources-on-Hyper-V-virtual-machine-with-VMConnect) is enabled. It is only necessary to do this the first time you sign in to a new VM.
+5. If DC1 is configured as described in this guide, it will currently be assigned an APIPA address, have a randomly generated hostname, and a single network adapter named "Ethernet." Open an elevated Windows PowerShell prompt on DC1 and type or paste the following commands to provide a new hostname and configure a static IP address and gateway:
+
+    <pre style="overflow-y: visible">
+    Rename-Computer DC1
+    New-NetIPAddress –InterfaceAlias Ethernet –IPAddress 192.168.0.1 –PrefixLength 24 -DefaultGateway 192.168.0.2
+    Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses 192.168.0.1,192.168.0.2
+    </pre>
+
+   > The default gateway at 192.168.0.2 will be configured later in this guide.
+   > 
+   > Note: A list of available tasks for an app will be populated the first time you run it on the taskbar. Because these tasks aren't available until the App has been run, you will not see the **Run as Administrator** task until you have left-clicked Windows PowerShell for the first time. In this newly created VM, you will need to left-click Windows PowerShell one time, and then you can right-click and choose Run as Administrator to open an elevated Windows PowerShell prompt.
+
+6. Install the Active Directory Domain Services role by typing the following command at an elevated Windows PowerShell prompt:
+
+    <pre style="overflow-y: visible">
+    Install-WindowsFeature -Name AD-Domain-Services -IncludeAllSubFeature -IncludeManagementTools
+    </pre>
+
+7. Before promoting DC1 to a Domain Controller, you must reboot so that the name change in step 3 above takes effect. To restart the computer, type the following command at an elevated Windows PowerShell prompt:
+
+    <pre style="overflow-y: visible">
+    Restart-Computer
+    </pre>
+
+8. When DC1 has rebooted, sign in again and open an elevated Windows PowerShell prompt. Now you can promote the server to be a domain controller. The directory services restore mode password must be entered as a secure string. Type the following commands at the elevated Windows PowerShell prompt:
+
+    <pre style="overflow-y: visible">
+    $pass = "pass@word1" | ConvertTo-SecureString -AsPlainText -Force
+    Install-ADDSForest -DomainName contoso.com -InstallDns -SafeModeAdministratorPassword $pass -Force
+    </pre>
+
+    Ignore any warnings that are displayed. The computer will automatically reboot upon completion.
+
+9. When the reboot has completed, reconnect to DC1, sign in using the CONTOSO\Administrator account, open an elevated Windows PowerShell prompt, and use the following commands to add a reverse lookup zone for the PoC network, add the DHCP Server role, authorize DHCP in Active Directory, and suppress the post-DHCP-install alert:
+
+    <pre style="overflow-y: visible">
+    Add-DnsServerPrimaryZone -NetworkID "192.168.0.0/24" -ReplicationScope Forest
+    Add-WindowsFeature -Name DHCP -IncludeManagementTools
+    netsh dhcp add securitygroups
+    Restart-Service DHCPServer
+    Add-DhcpServerInDC  dc1.contoso.com  192.168.0.1
+    Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2
+    </pre>
+
+10. Next, add a DHCP scope and set option values:
+
+    <pre style="overflow-y: visible">
+    Add-DhcpServerv4Scope -Name "PoC Scope" -StartRange 192.168.0.100 -EndRange 192.168.0.199 -SubnetMask 255.255.255.0 -Description "Windows 10 PoC" -State Active
+    Set-DhcpServerv4OptionValue -ScopeId 192.168.0.0 -DnsDomain contoso.com -Router 192.168.0.2 -DnsServer 192.168.0.1,192.168.0.2 -Force
+    </pre>
+
+    >The -Force option is necessary when adding scope options to skip validation of 192.168.0.2 as a DNS server because we have not configured it yet. The scope should immediately begin issuing leases on the PoC network. The first DHCP lease that will be issued is to vEthernet interface on the Hyper-V host, which is a member of the internal network. You can verify this by using the command: Get-DhcpServerv4Lease -ScopeId 192.168.0.0.
+
+11. The DNS server role will also be installed on the member server, SRV1, at 192.168.0.2 so that we can forward DNS queries from DC1 to SRV1 to resolve Internet names without having to configure a forwarder outside the PoC network. Since the IP address of SRV1 already exists on DC1's network adapter, it will be automatically added during the DCPROMO process. To verify this server-level DNS forwarder on DC1, type the following command at an elevated Windows PowerShell prompt on DC1:
+
+    <pre style="overflow-y: visible">
+    Get-DnsServerForwarder
+    </pre>
+
+    The following output should be displayed:
+
+    <pre style="overflow-y: visible">
+    UseRootHint        : True
+    Timeout(s)         : 3
+    EnableReordering   : True
+    IPAddress          : 192.168.0.2
+    ReorderedIPAddress : 192.168.0.2
+    </pre>
+
+    If this output is not displayed, you can use the following command to add SRV1 as a forwarder:
+
+    <pre style="overflow-y: visible">
+    Add-DnsServerForwarder -IPAddress 192.168.0.2
+    </pre>
+
+    **Configure service and user accounts**
+
+    Windows 10 deployment with MDT and Microsoft Endpoint Configuration Manager requires specific accounts to perform some actions. Service accounts will be created to use for these tasks. A user account is also added in the contoso.com domain that can be used for testing purposes. In the test lab environment, passwords are set to never expire.
+
+    >To keep this test lab relatively simple, we will not create a custom OU structure and set permissions. Required permissions are enabled by adding accounts to the Domain Admins group. To configure these settings in a production environment, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+    On DC1, open an elevated Windows PowerShell prompt and type the following commands:
+
+    <pre style="overflow-y: visible">
+    New-ADUser -Name User1 -UserPrincipalName user1 -Description "User account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
+    New-ADUser -Name MDT_BA -UserPrincipalName MDT_BA -Description "MDT Build Account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
+    New-ADUser -Name CM_JD -UserPrincipalName CM_JD -Description "Configuration Manager Join Domain Account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
+    New-ADUser -Name CM_NAA -UserPrincipalName CM_NAA -Description "Configuration Manager Network Access Account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -Enabled $true
+    Add-ADGroupMember "Domain Admins" MDT_BA,CM_JD,CM_NAA
+    Set-ADUser -Identity user1 -PasswordNeverExpires $true
+    Set-ADUser -Identity administrator -PasswordNeverExpires $true
+    Set-ADUser -Identity MDT_BA -PasswordNeverExpires $true
+    Set-ADUser -Identity CM_JD -PasswordNeverExpires $true
+    Set-ADUser -Identity CM_NAA -PasswordNeverExpires $true
+    </pre>
+
+12. Minimize the DC1 VM window but **do not stop** the VM.
+
+    Next, the client VM will be started and joined to the contoso.com domain. This is done before adding a gateway to the PoC network so that there is no danger of duplicate DNS registrations for the physical client and its cloned VM in the corporate domain.
+
+13. If the PC1 VM is not started yet, using an elevated Windows PowerShell prompt on the Hyper-V host, start the client VM (PC1), and connect to it:
+
+    <pre style="overflow-y: visible">
+    Start-VM PC1
+    vmconnect localhost PC1
+    </pre>
+
+14. Sign in to PC1 using an account that has local administrator rights.
+
+    >PC1 will be disconnected from its current domain, so you cannot use a domain account to sign on unless these credentials are cached and the use of cached credentials is permitted by Group Policy. If cached credentials are available and permitted, you can use these credentials to sign in. Otherwise, use an existing local administrator account.
+
+15. After signing in, the operating system detects that it is running in a new environment. New drivers will be automatically installed, including the network adapter driver. The network adapter driver must be updated before you can proceed, so that you will be able to join the contoso.com domain. Depending on the resources allocated to PC1, installing the network adapter driver might take a few minutes. You can monitor device driver installation by clicking **Show hidden icons** in the notification area.
+
+    ![PoC](images/installing-drivers.png)
+
+    >If the client was configured with a static address, you must change this to a dynamic one so that it can obtain a DHCP lease.
+
+16. When the new network adapter driver has completed installation, you will receive an alert to set a network location for the contoso.com network. Select **Work network** and then click **Close**. When you receive an alert that a restart is required, click **Restart Later**.
+
+17. Open an elevated Windows PowerShell prompt on PC1 and verify that the client VM has received a DHCP lease and can communicate with the consoto.com domain controller.
+
+    To open Windows PowerShell on Windows 7, click **Start**, and search for "**power**." Right-click **Windows PowerShell** and then click **Pin to Taskbar** so that it is simpler to use Windows Powershell during this lab. Click **Windows PowerShell** on the taskbar, and then type **ipconfig** at the prompt to see the client's current IP address. Also type **ping dc1.contoso.com** and **nltest /dsgetdc:contoso.com** to verify that it can reach the domain controller. See the following examples of a successful network connection:
+
+    ```
+    ipconfig
+
+    Windows IP Configuration
+
+    Ethernet adapter Local Area Connection 3:
+        Connection-specific DNS Suffix  . : contoso.com
+        Link-local IPv6 Address . . . . . : fe80::64c2:4d2a:7403:6e02%18
+        Ipv4 Address. . . . . . . . . . . : 192.168.0.101
+        Subnet Mask . . . . . . . . . . . : 255.255.255.0
+        Default Gateway . . . . . . . . . : 192.168.0.2
+
+    ping dc1.contoso.com
+
+    Pinging dc1.contoso.com [192.168.0.1] with 32 bytes of data:
+    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
+    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
+    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
+    Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
+
+    nltest /dsgetdc:contoso.com
+               DC: \\DC1
+          Address: \\192.168.0.1
+         Dom Guid: fdbd0643-d664-411b-aea0-fe343d7670a8
+         Dom Name: CONTOSO
+      Forest Name: contoso.com
+     Dc Site Name: Default-First-Site-Name
+    Our Site Name: Default-First-Site-Name
+            Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_FOREST CLOSE_SITE FULL_SECRET WS 0xC000
+    ```
+
+    >If PC1 is running Windows 7, enhanced session mode might not be available, which means that you cannot copy and paste commands from the Hyper-V host to a Windows PowerShell prompt on PC1. However, it is possible to use integration services to copy a file from the Hyper-V host to a VM. The next procedure demonstrates this. If the Copy-VMFile command fails, then type the commands below at an elevated Windows PowerShell prompt on PC1 instead of saving them to a script to run remotely. If PC1 is running Windows 8 or a later operating system, you can use enhanced session mode to copy and paste these commands instead of typing them.
+
+18. Minimize the PC1 window and switch to the Hyper-V host computer. Open an elevated Windows PowerShell ISE window on the Hyper-V host (right-click Windows PowerShell and then click **Run ISE as Administrator**) and type the following commands in the (upper) script editor pane:
+
+    <pre style="overflow-y: visible">
+    (Get-WmiObject Win32_ComputerSystem).UnjoinDomainOrWorkgroup($null,$null,0)
+    $pass = "pass@word1" | ConvertTo-SecureString -AsPlainText -Force
+    $user = "contoso\administrator"
+    $cred = New-Object System.Management.Automation.PSCredential($user,$pass)
+    Add-Computer -DomainName contoso.com -Credential $cred
+    Restart-Computer
+    </pre>
+
+    >If you do not see the script pane, click **View** and verify **Show Script Pane Top** is enabled. Click **File** and then click **New**.
+
+    See the following example:
+
+    ![ISE](images/ISE.png)
+
+19. Click **File**, click **Save As**, and save the commands as **c:\VHD\pc1.ps1** on the Hyper-V host.
+20. In the (lower) terminal input window, type the following commands to enable Guest Service Interface on PC1 and then use this service to copy the script to PC1:
+
+    <pre style="overflow-y: visible">
+    Enable-VMIntegrationService -VMName PC1 -Name "Guest Service Interface"
+    Copy-VMFile "PC1" –SourcePath "C:\VHD\pc1.ps1"  –DestinationPath "C:\pc1.ps1" –CreateFullPath –FileSource Host
+    </pre>
+
+    >In order for this command to work properly, PC1 must be running the vmicguestinterface (Hyper-V Guest Service Interface) service. If this service is not enabled in this step, then the copy-VMFile command will fail. In this case, you can try updating integration services on the VM by mounting the Hyper-V Integration Services Setup (vmguest.iso), which is located in C:\Windows\System32 on Windows Server 2012 and 2012 R2 operating systems that are running the Hyper-V role service.
+
+    If the copy-vmfile command does not work and you cannot properly enable or upgrade integration services on PC1, then create the file c:\pc1.ps1 on the VM by typing the commands into this file manually. The copy-vmfile command is only used in this procedure as a demonstration of automation methods that can be used in a Hyper-V environment when enhanced session mode is not available. After typing the script file manually, be sure to save the file as a Windows PowerShell script file with the .ps1 extension and not as a text (.txt) file.
+
+21. On PC1, type the following commands at an elevated Windows PowerShell prompt:
+
+    <pre style="overflow-y: visible">
+    Get-Content c:\pc1.ps1 | powershell.exe -noprofile -
+    </pre>
+
+    >The commands in this script might take a few moments to complete. If an error is displayed, check that you typed the command correctly, paying close attention to spaces. PC1 is removed from its domain in this step while not connected to the corporate network so as to ensure the computer object in the corporate domain is unaffected. PC1 is also not renamed to "PC1" in system properties so that it maintains some of its mirrored identity. However, if desired you can also rename the computer.
+
+22. Upon completion of the script, PC1 will automatically restart. When it has restarted, sign in to the contoso.com domain using the **Switch User** option, with the **user1** account you created in step 11 of this section.
+    >**Important**: The settings that will be used later to migrate user data specifically select only accounts that belong to the CONTOSO domain. However, this can be changed to migrate all user accounts, or only other specified accounts. If you wish to test migration of user data and settings with accounts other than those in the CONTOSO domain, you must specify these accounts or domains when you configure the value of **ScanStateArgs** in the MDT test lab guide. This value is specifically called out when you get to that step. If you wish to only migrate CONTOSO accounts, then you can log in with the user1 account or the administrator account at this time and modify some of the files and settings for later use in migration testing.
+23. Minimize the PC1 window but do not turn it off while the second Windows Server 2012 R2 VM (SRV1) is configured. This verifies that the Hyper-V host has enough resources to run all VMs simultaneously. Next, SRV1 will be started, joined to the contoso.com domain, and configured with RRAS and DNS services.
+24. On the Hyper-V host computer, at an elevated Windows PowerShell prompt, type the following commands:
+
+    <pre style="overflow-y: visible">
+    Start-VM SRV1
+    vmconnect localhost SRV1
+    </pre>
+
+25. Accept the default settings, read license terms and accept them, provide an administrator password of <strong>pass@word1</strong>, and click **Finish**. When you are prompted about finding PCs, devices, and content on the network, click **Yes**.
+26. Sign in to SRV1 using the local administrator account. In the same way that was done on DC1, sign out of SRV1 and then sign in again to enable enhanced session mode. This will enable you to copy and paste Windows PowerShell commands from the Hyper-V host to the VM.
+27. Open an elevated Windows PowerShell prompt on SRV1 and type the following commands:
+
+    <pre style="overflow-y: visible">
+    Rename-Computer SRV1
+    New-NetIPAddress –InterfaceAlias Ethernet –IPAddress 192.168.0.2 –PrefixLength 24
+    Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses 192.168.0.1,192.168.0.2
+    Restart-Computer
+    </pre>
+
+    >[!IMPORTANT]
+    >Verify that you are configuring the correct interface in this step. The commands in this step assume that the poc-internal interface on SRV1 is named "Ethernet."  If you are unsure how to check the interface, see step #30 below for instructions and tips on how to verify and modify the interface name.
+
+28. Wait for the computer to restart, sign in again, then type the following commands at an elevated Windows PowerShell prompt:
+
+    <pre style="overflow-y: visible">
+    $pass = "pass@word1" | ConvertTo-SecureString -AsPlainText -Force
+    $user = "contoso\administrator"
+    $cred = New-Object System.Management.Automation.PSCredential($user,$pass)
+    Add-Computer -DomainName contoso.com -Credential $cred
+    Restart-Computer
+    </pre>
+
+29. Sign in to the contoso.com domain on SRV1 using the domain administrator account (enter contoso\administrator as the user), open an elevated Windows PowerShell prompt, and type the following commands:
+
+    <pre style="overflow-y: visible">
+    Install-WindowsFeature -Name DNS -IncludeManagementTools
+    Install-WindowsFeature -Name WDS -IncludeManagementTools
+    Install-WindowsFeature -Name Routing -IncludeManagementTools
+    </pre>
+
+30. Before configuring the routing service that was just installed, verify that network interfaces were added to SRV1 in the right order, resulting in an interface alias of "Ethernet" for the private interface, and an interface alias of "Ethernet 2" for the public interface. Also verify that the external interface has a valid external DHCP IP address lease.
+
+    To view a list of interfaces, associated interface aliases, and IP addresses on SRV1, type the following Windows PowerShell command. Example output of the command is also shown below:
+
+    <pre style="overflow-y: visible">
+    Get-NetAdapter | ? status -eq ‘up’ | Get-NetIPAddress -AddressFamily IPv4 | ft IPAddress, InterfaceAlias
+
+    IPAddress                                                                  InterfaceAlias
+    ---------                                                                  --------------
+    10.137.130.118                                                             Ethernet 2
+    192.168.0.2                                                                Ethernet
+    </pre>
+
+    In this example, the poc-internal network interface at 192.168.0.2 is associated with the "Ethernet" interface and the Internet-facing poc-external interface is associated with the "Ethernet 2" interface. If your interfaces are different, you must adjust the commands provided in the next step appropriately to configure routing services. Also note that if the "Ethernet 2" interface has an IP address in the 192.168.0.100-105 range then it likely is getting a DHCP lease from DC1 instead of your corporate network. If this is the case, you can try removing and re-adding the second network interface from the SRV1 VM through its Hyper-V settings.
+
+    >[!TIP]
+    >Sometimes a computer will have hidden, disconnected interfaces that prevent you from naming a network adapter. When you attempt to rename an adapter, you will receive an error that the adapter name already exists. These disconnected devices can be viewed in device manager by clicking **View** and then clicking **Show hidden devices**. The disconnected device can then be uninstalled, enabling you to reuse the adapter name.
+
+
+31. To configure SRV1 with routing capability for the PoC network, type or paste the following commands at an elevated Windows PowerShell prompt on SRV1:
+
+    <pre style="overflow-y: visible">
+    Install-RemoteAccess -VpnType Vpn
+    cmd /c netsh routing ip nat install
+    cmd /c netsh routing ip nat add interface name="Ethernet 2" mode=FULL
+    cmd /c netsh routing ip nat add interface name="Ethernet" mode=PRIVATE
+    cmd /c netsh routing ip nat add interface name="Internal" mode=PRIVATE
+    </pre>
+
+32. The DNS service on SRV1 also needs to resolve hosts in the contoso.com domain. This can be accomplished with a conditional forwarder. Open an elevated Windows PowerShell prompt on SRV1 and type the following command:
+
+    <pre style="overflow-y: visible">
+    Add-DnsServerConditionalForwarderZone -Name contoso.com -MasterServers 192.168.0.1
+    </pre>
+
+33. In most cases, this completes configuration of the PoC network. However, if your corporate network has a firewall that filters queries from local DNS servers, you will also need to configure a server-level DNS forwarder on SRV1 to resolve Internet names. To test whether or not DNS is working without this forwarder, try to reach a name on the Internet from DC1 or PC1, which are only using DNS services on the PoC network. You can test DNS with the ping command, for example:
+
+    <pre style="overflow-y: visible">
+    ping www.microsoft.com
+    </pre>
+
+    If you see "Ping request could not find host www.microsoft.com" on PC1 and DC1, but not on SRV1, then you will need to configure a server-level DNS forwarder on SRV1. To do this, open an elevated Windows PowerShell prompt on SRV1 and type the following command.
+
+    **Note**: This command also assumes that "Ethernet 2" is the external-facing network adapter on SRV1. If the external adapter has a different name, replace "Ethernet 2" in the command below with that name:
+
+    <pre style="overflow-y: visible">
+    Add-DnsServerForwarder -IPAddress (Get-DnsClientServerAddress -InterfaceAlias "Ethernet 2").ServerAddresses
+    </pre>
+
+34. If DNS and routing are both working correctly, you will see the following on DC1 and PC1 (the IP address might be different, but that is OK):
+
+    <pre style="overflow-y: visible">
+    PS C:\> ping www.microsoft.com
+
+    Pinging e2847.dspb.akamaiedge.net [23.222.146.170] with 32 bytes of data:
+    Reply from 23.222.146.170: bytes=32 time=3ms TTL=51
+    Reply from 23.222.146.170: bytes=32 time=2ms TTL=51
+    Reply from 23.222.146.170: bytes=32 time=2ms TTL=51
+    Reply from 23.222.146.170: bytes=32 time=1ms TTL=51
+
+    Ping statistics for 23.222.146.170:
+        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
+    Approximate round trip times in milli-seconds:
+        Minimum = 1ms, Maximum = 3ms, Average = 2ms
+    </pre>
+
+35. Verify that all three VMs can reach each other, and the Internet. See [Appendix A: Verify the configuration](#appendix-a-verify-the-configuration) for more information.
+36. Lastly, because the client computer has different hardware after copying it to a VM, its Windows activation will be invalidated and you might receive a message that you must activate Windows in 3 days.  To extend this period to 30 days, type the following commands at an elevated Windows PowerShell prompt on PC1:
+
+    <pre style="overflow-y: visible">
+    runas /noprofile /env /user:administrator@contoso.com "cmd /c slmgr -rearm"
+    Restart-Computer
+    </pre>
+
+This completes configuration of the starting PoC environment. Additional services and tools are installed in subsequent guides.
+
+## Appendix A: Verify the configuration
+
+Use the following procedures to verify that the PoC environment is configured properly and working as expected.
+
+1. On DC1, open an elevated Windows PowerShell prompt and type the following commands:
+
+    <pre style="overflow-y: visible">
+    Get-Service NTDS,DNS,DHCP
+    DCDiag -a
+    Get-DnsServerResourceRecord -ZoneName contoso.com -RRType A
+    Get-DnsServerForwarder
+    Resolve-DnsName -Server dc1.contoso.com -Name www.microsoft.com
+    Get-DhcpServerInDC
+    Get-DhcpServerv4Statistics
+    ipconfig /all
+    </pre>
+
+    **Get-Service** displays a status of "Running" for all three services.<BR>
+    **DCDiag** displays "passed test" for all tests.<BR>
+    **Get-DnsServerResourceRecord** displays the correct DNS address records for DC1, SRV1, and the computername of PC1. Additional address records for the zone apex (@), DomainDnsZones, and ForestDnsZones will also be registered.<BR>
+    **Get-DnsServerForwarder** displays a single forwarder of 192.168.0.2.<BR>
+    **Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
+    **Get-DhcpServerInDC** displays 192.168.0.1, dc1.contoso.com.<BR>
+    **Get-DhcpServerv4Statistics** displays 1 scope with 2 addresses in use (these belong to PC1 and the Hyper-V host).<BR>
+    **ipconfig** displays a primary DNS suffix and suffix search list of contoso.com, IP address of 192.168.0.1, subnet mask of 255.255.255.0, default gateway of 192.168.0.2, and DNS server addresses of 192.168.0.1 and 192.168.0.2.
+
+2. On SRV1, open an elevated Windows PowerShell prompt and type the following commands:
+
+    <pre style="overflow-y: visible">
+    Get-Service DNS,RemoteAccess
+    Get-DnsServerForwarder
+    Resolve-DnsName -Server dc1.contoso.com -Name www.microsoft.com
+    ipconfig /all
+    netsh int ipv4 show address
+    </pre>
+
+    **Get-Service** displays a status of "Running" for both services.<BR>
+    **Get-DnsServerForwarder** either displays no forwarders, or displays a list of forwarders you are required to use so that SRV1 can resolve Internet names.<BR>
+    **Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
+    **ipconfig** displays a primary DNS suffix of contoso.com. The suffix search list contains contoso.com and your corporate domain. Two ethernet adapters are shown: Ethernet adapter "Ethernet" has an IP addresses of 192.168.0.2, subnet mask of 255.255.255.0, no default gateway, and DNS server addresses of 192.168.0.1 and 192.168.0.2. Ethernet adapter "Ethernet 2" has an IP address, subnet mask, and default gateway configured by DHCP on your corporate network.<BR>
+    **netsh** displays three interfaces on the computer: interface "Ethernet 2" with DHCP enabled = Yes and IP address assigned by your corporate network, interface "Ethernet" with DHCP enabled = No and IP address of 192.168.0.2, and interface "Loopback Pseudo-Interface 1" with IP address of 127.0.0.1.
+
+3. On PC1, open an elevated Windows PowerShell prompt and type the following commands:
+
+    <pre style="overflow-y: visible">
+    whoami
+    hostname
+    nslookup www.microsoft.com
+    ping -n 1 dc1.contoso.com
+    tracert www.microsoft.com
+    </pre>
+
+    **whoami** displays the current user context, for example in an elevated Windows PowerShell prompt, contoso\administrator is displayed.<BR>
+    **hostname** displays the name of the local computer, for example W7PC-001.<BR>
+    **nslookup** displays the DNS server used for the query, and the results of the query. For example, server dc1.contoso.com, address 192.168.0.1, Name e2847.dspb.akamaiedge.net.<BR>
+    **ping** displays if the source can resolve the target name, and whether or not the target responds to ICMP. If it cannot be resolved, "..could not find host" will be diplayed and if the target is found and also responds to ICMP, you will see "Reply from" and the IP address of the target.<BR>
+    **tracert** displays the path to reach the destination, for example srv1.contoso.com [192.168.0.2] followed by a list of hosts and IP addresses corresponding to subsequent routing nodes between the source and the destination.
+
+
+## Appendix B: Terminology used in this guide
+
+<P>&nbsp;
+
+<div style='font-size:9.0pt'>
+
+<table border="1" cellspacing="0" cellpadding="0">
+<tr><TD BGCOLOR="#a0e4fa"><B>Term</B><TD BGCOLOR="#a0e4fa"><B>Definition</B>
+<tr><td>GPT<td>GUID partition table (GPT) is an updated hard-disk formatting scheme that enables the use of newer hardware. GPT is one of the partition formats that can be chosen when first initializing a hard drive, prior to creating and formatting partitions.
+<tr><td>Hyper-V<td>Hyper-V is a server role introduced with Windows Server 2008 that lets you create a virtualized computing environment. Hyper-V can also be installed as a Windows feature on Windows client operating systems, starting with Windows 8.
+<tr><td>Hyper-V host<td>The computer where Hyper-V is installed.
+<tr><td>Hyper-V Manager<td>The user-interface console used to view and configure Hyper-V.
+<tr><td>MBR<td>Master Boot Record (MBR) is a legacy hard-disk formatting scheme that limits support for newer hardware. MBR is one of the partition formats that can be chosen when first initializing a hard drive, prior to creating and formatting partitions. MBR is in the process of being replaced by the GPT partition format.
+<tr><td>Proof of concept (PoC)<td>Confirmation that a process or idea works as intended. A PoC is carried out in a test environment to learn about and verify a process.
+<tr><td>Shadow copy<td>A copy or &quot;snapshot&quot; of a computer at a point in time, created by the Volume Shadow Copy Service (VSS), typically for backup purposes.
+<tr><td>Virtual machine (VM)<td>A VM is a virtual computer with its own operating system, running on the Hyper-V host.
+<tr><td>Virtual switch<td>A virtual network connection used to connect VMs to each other and to physical network adapters on the Hyper-V host.
+<tr><td>VM snapshot<td>A point in time image of a VM that includes its disk, memory and device state. It can be used to return a virtual machine to a former state corresponding to the time the snapshot was taken.
+</TABLE>
+
+</div>
+
+## Related Topics
+
+
+[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
+ 
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index 096ebe1151..79467873cf 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -59,9 +59,9 @@ The hardware ID, also commonly referred to as a hardware hash, contains several
 
 Note that the hardware hash also contains details about when it was generated, so it will change each time it is generated. When the Windows Autopilot deployment service attempts to match a device, it considers changes like that, as well as more substantial changes such as a new hard drive, and is still able to match successfully. But substantial changes to the hardware, such as a motherboard replacement, would not match, so a new hash would need to be generated and uploaded.
 
-### Collecting the hardware ID from existing devices using System Center Configuration Manager
+### Collecting the hardware ID from existing devices using Microsoft Endpoint Configuration Manager
 
-Starting with System Center Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
+Starting with Microsoft Endpoint Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
 
 ### Collecting the hardware ID from existing devices using PowerShell
 
diff --git a/windows/deployment/windows-autopilot/autopilot-faq.md b/windows/deployment/windows-autopilot/autopilot-faq.md
index e2ac992f75..ec6615c435 100644
--- a/windows/deployment/windows-autopilot/autopilot-faq.md
+++ b/windows/deployment/windows-autopilot/autopilot-faq.md
@@ -111,8 +111,8 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 | --- | --- |
 | Must we use Intune for our MDM?  |  No, any MDM will work with Autopilot, but others probably won’t have the same full suite of Windows Autopilot features as Intune.  You’ll get the best experience from Intune. |
 | Can Intune support Win32 app preinstalls?  | Yes.  Starting with the Windows 10 October Update (version 1809), Intune supports Win32 apps using .msi (and .msix) wrappers.  |
-| What is co-management?  | Co-management is when you use a combination of a cloud MDM tool (Intune) and an on-premises configuration tool like System Center Configuration Manager (SCCM). You only need to use SCCM if Intune can’t support what you want to do with your profile.  If you choose to co-manage using Intune + SCCM, you do it by including an SCCM agent in your Intune profile.  When that profile is pushed to the device, the device will see the SCCM agent and go out to SCCM to pull down any additional profile settings. |
-| Must we use SCCM for Windows Autopilot  |  No.  Co-management (described above) is optional. |
+| What is co-management?  | Co-management is when you use a combination of a cloud MDM tool (Intune) and an on-premises configuration tool like Microsoft Endpoint Configuration Manager. You only need to use the Configuration Manager if Intune can’t support what you want to do with your profile.  If you choose to co-manage using Intune + Configuration Manager, you do it by including a Configuration Manager agent in your Intune profile. When that profile is pushed to the device, the device will see the Configuration Manager agent and go out to the Configuration Manager to pull down any additional profile settings. |
+| Must we use Microsoft Endpoint Configuration Manager for Windows Autopilot  |  No.  Co-management (described above) is optional. |
 
 
 ## Features
diff --git a/windows/deployment/windows-autopilot/deployment-process.md b/windows/deployment/windows-autopilot/deployment-process.md
index 3a8781ce86..5959c898e3 100644
--- a/windows/deployment/windows-autopilot/deployment-process.md
+++ b/windows/deployment/windows-autopilot/deployment-process.md
@@ -1,6 +1,6 @@
 ---
 title: Windows 10 deployment process posters
-description: View and download Windows 10 deployment process flows for System Center Configuration Manager and Windows Autopilot.
+description: View and download Windows 10 deployment process flows for Microsoft Endpoint Configuration Manager and Windows Autopilot.
 ms.reviewer: 
 manager: laurawi
 ms.audience: itpro
@@ -24,4 +24,4 @@ Windows Autopilot deployment processes are summarized in the poster below. The p
 
 [![Deploy Windows 10 with Autopilot](../media/windows10-autopilot-flowchart.png)](../media/Windows10AutopilotFlowchart.pdf)
 
-**Note**: The Windows Autopilot for existing devices process is included in the [System Center Configuration Manager deployment poster](../windows-10-deployment-posters.md#deploy-windows-10-with-system-center-configuration-manager).
\ No newline at end of file
+**Note**: The Windows Autopilot for existing devices process is included in the [Microsoft Endpoint Configuration Manager deployment poster](../windows-10-deployment-posters.md#deploy-windows-10-with-system-center-configuration-manager).
\ No newline at end of file
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index 9f4cdcfc25..0ff41a1fac 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -29,7 +29,7 @@ This topic describes how to convert Windows 7 or Windows 8.1 domain-joined compu
 
 ## Prerequisites
 
-- System Center Configuration Manager Current Branch (1806) OR System Center Configuration Manager Technical Preview (1808)
+- Microsoft Endpoint Configuration Manager Current Branch (1806) OR Microsoft Endpoint Configuration Manager Technical Preview (1808)
 - The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
     - Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
 - Assigned Microsoft Intune Licenses
diff --git a/windows/deployment/windows-autopilot/windows-autopilot.md b/windows/deployment/windows-autopilot/windows-autopilot.md
index 7079e66d14..9965c972ae 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot.md
@@ -31,7 +31,7 @@ Windows Autopilot is designed to simplify all parts of the lifecycle of Windows
 
 When initially deploying new Windows devices, Windows Autopilot leverages the OEM-optimized version of Windows 10 that is preinstalled on the device, saving organizations the effort of having to maintain custom images and drivers for every model of device being used. Instead of re-imaging the device, your existing Windows 10 installation can be transformed into a “business-ready” state, applying settings and policies, installing apps, and even changing the edition of Windows 10 being used (e.g. from Windows 10 Pro to Windows 10 Enterprise) to support advanced features.
 
-Once deployed, Windows 10 devices can be managed by tools such as Microsoft Intune, Windows Update for Business, System Center Configuration Manager, and other similar tools. Windows Autopilot can also be used to re-purpose a device by leveraging Windows Autopilot Reset to quickly prepare a device for a new user, or in break/fix scenarios to enable a device to quickly be brought back to a business-ready state.
+Once deployed, Windows 10 devices can be managed by tools such as Microsoft Intune, Windows Update for Business, Microsoft Endpoint Configuration Manager, and other similar tools. Windows Autopilot can also be used to re-purpose a device by leveraging Windows Autopilot Reset to quickly prepare a device for a new user, or in break/fix scenarios to enable a device to quickly be brought back to a business-ready state.
 
 Windows Autopilot enables you to:
 * Automatically join devices to Azure Active Directory (Azure AD) or Active Directory (via Hybrid Azure AD Join).  See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
index 555eb005b1..be242459bd 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
@@ -1322,7 +1322,7 @@ The following fields are available:
 - **IsEDPEnabled**  Represents if Enterprise data protected on the device.
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
-- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise System Center Configuration Manager (SCCM) environment.
+- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise Microsoft Endpoint Configuration Manager environment.
 - **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
 - **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier.
 
@@ -3025,7 +3025,7 @@ The following fields are available:
 - **RemediationNoisyHammerUserLoggedInAdmin**  TRUE if there is the user currently logged in is an Admin.
 - **RemediationShellDeviceManaged**  TRUE if the device is WSUS managed or Windows Updated disabled.
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by Microsoft Endpoint Configuration Manager.
 - **RemediationShellDeviceZeroExhaust**  TRUE if the device has opted out of Windows Updates completely.
 - **RemediationTargetMachine**  Indicates whether the device is a target of the specified fix.
 - **RemediationTaskHealthAutochkProxy**  True/False based on the health of the AutochkProxy task.
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
index 1cecae9cf2..6e6d0dcf38 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
@@ -3212,7 +3212,7 @@ The following fields are available:
 - **RemediationNoisyHammerUserLoggedInAdmin**  TRUE if there is the user currently logged in is an Admin.
 - **RemediationShellDeviceManaged**  TRUE if the device is WSUS managed or Windows Updated disabled.
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by Microsoft Endpoint Configuration Manager.
 - **RemediationShellDeviceZeroExhaust**  TRUE if the device has opted out of Windows Updates completely.
 - **RemediationTargetMachine**  Indicates whether the device is a target of the specified fix.
 - **RemediationTaskHealthAutochkProxy**  True/False based on the health of the AutochkProxy task.
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
index 94306ce392..0ae8c27e36 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
@@ -4302,7 +4302,7 @@ The following fields are available:
 - **RemediationNoisyHammerUserLoggedInAdmin**  TRUE if there is the user currently logged in is an Admin.
 - **RemediationShellDeviceManaged**  TRUE if the device is WSUS managed or Windows Updated disabled.
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by Microsoft Endpoint Configuration Manager.
 - **RemediationShellDeviceZeroExhaust**  TRUE if the device has opted out of Windows Updates completely.
 - **RemediationTargetMachine**  Indicates whether the device is a target of the specified fix.
 - **RemediationTaskHealthAutochkProxy**  True/False based on the health of the AutochkProxy task.
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
index 65bf5e307f..012c377306 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@@ -2914,7 +2914,7 @@ The following fields are available:
 - **IsDeviceNetworkMetered**  Indicates whether the device is connected to a metered network.
 - **IsDeviceOobeBlocked**  Indicates whether user approval is required to install updates on the device.
 - **IsDeviceRequireUpdateApproval**  Indicates whether user approval is required to install updates on the device.
-- **IsDeviceSccmManaged**  Indicates whether the device is running the Microsoft SCCM (System Center Configuration Manager) to keep the operating system and applications up to date.
+- **IsDeviceSccmManaged**  Indicates whether the device is running the Microsoft Endpoint Configuration Manager) to keep the operating system and applications up to date.
 - **IsDeviceUninstallActive**  Indicates whether the OS (operating system) on the device was recently updated.
 - **IsDeviceUpdateNotificationLevel**  Indicates whether the device has a set policy to control update notifications.
 - **IsDeviceUpdateServiceManaged**  Indicates whether the device uses WSUS (Windows Server Update Services).
@@ -4950,7 +4950,7 @@ The following fields are available:
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
 - **RemediationShellDeviceProSku**  Indicates whether a Windows 10 Professional edition is detected.
 - **RemediationShellDeviceQualityUpdatesPaused**  Indicates whether Quality Updates are paused on the device.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by Microsoft Endpoint Configuration Manager.
 - **RemediationShellDeviceSedimentMutexInUse**  Indicates whether the Sediment Pack mutual exclusion object (mutex) is in use.
 - **RemediationShellDeviceSetupMutexInUse**  Indicates whether device setup is in progress.
 - **RemediationShellDeviceWuRegistryBlocked**  Indicates whether the Windows Update is blocked on the device via the registry.

From 8455c11d969faf5c2b44a45b2426401b6140d84a Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 27 Dec 2019 05:58:30 -0800
Subject: [PATCH 017/247] Rebrand System Center to Msft Endpoint _ Six

---
 windows/deployment/mbr-to-gpt.md              | 914 +++++++++---------
 .../planning/act-technical-reference.md       |  97 +-
 ...oyment-considerations-for-windows-to-go.md |   2 +-
 ...are-your-organization-for-windows-to-go.md |   2 +-
 .../windows-10-deprecated-features.md         |   2 +-
 .../windows-10-enterprise-faq-itpro.md        | 270 +++---
 .../windows-10-infrastructure-requirements.md |   6 +-
 ...indows-to-go-frequently-asked-questions.md |   2 +-
 .../planning/windows-to-go-overview.md        |   2 +-
 windows/deployment/update/PSFxWhitepaper.md   |   2 +-
 .../update/feature-update-mission-critical.md |   2 +-
 windows/deployment/update/index.md            |   4 +-
 windows/deployment/update/waas-branchcache.md |   4 +-
 .../deployment/update/waas-configure-wufb.md  |   4 +-
 .../update/waas-delivery-optimization.md      |   4 +-
 ...aas-deployment-rings-windows-10-updates.md |   2 +-
 .../deployment/update/waas-integrate-wufb.md  |   8 +-
 ...as-manage-updates-configuration-manager.md |  24 +-
 .../update/waas-manage-updates-wsus.md        |   6 +-
 .../update/waas-manage-updates-wufb.md        |   4 +-
 .../deployment/update/waas-mobile-updates.md  |   2 +-
 .../waas-optimize-windows-10-updates.md       |  10 +-
 windows/deployment/update/waas-overview.md    |   8 +-
 windows/deployment/update/waas-quick-start.md |   2 +-
 ...s-servicing-channels-windows-10-updates.md |   2 +-
 .../update/waas-servicing-differences.md      |   2 +-
 ...s-servicing-strategy-windows-10-updates.md |   4 +-
 .../update/waas-wufb-group-policy.md          |   2 +-
 windows/deployment/update/waas-wufb-intune.md |   2 +-
 .../windows-analytics-FAQ-troubleshooting.md  |   4 +-
 30 files changed, 702 insertions(+), 697 deletions(-)

diff --git a/windows/deployment/mbr-to-gpt.md b/windows/deployment/mbr-to-gpt.md
index b4ff72ee14..bce6a639b2 100644
--- a/windows/deployment/mbr-to-gpt.md
+++ b/windows/deployment/mbr-to-gpt.md
@@ -1,456 +1,458 @@
----
-title: MBR2GPT
-description: How to use the MBR2GPT tool to convert MBR partitions to GPT
-keywords: deploy, troubleshoot, windows, 10, upgrade, partition, mbr, gpt
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
-ms.date: 02/13/2018
-ms.reviewer: 
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-ms.localizationpriority: medium
-ms.topic: article
----
-
-# MBR2GPT.EXE
-
-**Applies to**
--   Windows 10
-
-## Summary
-
-**MBR2GPT.EXE** converts a disk from the Master Boot Record (MBR) to the GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. The tool is designed to be run from a Windows Preinstallation Environment (Windows PE) command prompt, but can also be run from the full Windows 10 operating system (OS) by using the **/allowFullOS** option. 
-
->MBR2GPT.EXE is located in the **Windows\\System32** directory on a computer running Windows 10 version 1703 (also known as the Creator's Update) or later.
->The tool is available in both the full OS environment and Windows PE. To use this tool in a deployment task sequence with Configuration Manager or Microsoft Deployment Toolkit (MDT), you must first update the Windows PE image (winpe.wim, boot.wim) with the [Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit) 1703, or a later version.
-
-See the following video for a detailed description and demonstration of MBR2GPT.
-
-<iframe width="560" height="315" align="center" src="https://www.youtube-nocookie.com/embed/hfJep4hmg9o" frameborder="0" allowfullscreen></iframe>
-
-You can use MBR2GPT to: 
-
-- Convert any attached MBR-formatted system disk to the GPT partition format. You cannot use the tool to convert non-system disks from MBR to GPT.
-- Convert an MBR disk with BitLocker-encrypted volumes as long as protection has been suspended. To resume BitLocker after conversion, you will need to delete the existing protectors and recreate them.
-- Convert operating system disks that have earlier versions of Windows 10 installed, such as versions 1507, 1511, and 1607. However, you must run the tool while booted into Windows 10 version 1703 or later, and perform an offline conversion.
-- Convert an operating system disk from MBR to GPT using Configuration Manager or MDT provided that your task sequence uses Windows PE version 1703 or later.
-
-Offline conversion of system disks with earlier versions of Windows installed, such as Windows 7, 8, or 8.1 are not officially supported. The recommended method to convert these disks is to upgrade the operating system to Windows 10 first, then perform the MBR to GPT conversion.
-
->[!IMPORTANT]
->After the disk has been converted to GPT partition style, the firmware must be reconfigured to boot in UEFI mode. <BR>Make sure that your device supports UEFI before attempting to convert the disk.
-
-## Disk Prerequisites
-
-Before any change to the disk is made, MBR2GPT validates the layout and geometry of the selected disk to ensure that:
-- The disk is currently using MBR
-- There is enough space not occupied by partitions to store the primary and secondary GPTs:
-  - 16KB + 2 sectors at the front of the disk
-  - 16KB + 1 sector at the end of the disk
-- There are at most 3 primary partitions in the MBR partition table
-- One of the partitions is set as active and is the system partition
-- The disk does not have any extended/logical partition
-- The BCD store on the system partition contains a default OS entry pointing to an OS partition
-- The volume IDs can be retrieved for each volume which has a drive letter assigned
-- All partitions on the disk are of MBR types recognized by Windows or has a mapping specified using the /map command-line option
-
-If any of these checks fails, the conversion will not proceed and an error will be returned.
-
-## Syntax
-
-<table style="font-family:consolas;font-size:12px" >
-<TR><TD>MBR2GPT /validate|convert [/disk:&lt;diskNumber>] [/logs:&lt;logDirectory>] [/map:&lt;source>=&lt;destination>] [/allowFullOS]
-</TABLE>
-
-### Options
-
-| Option | Description |
-|----|-------------|
-|/validate| Instructs MBR2GPT.exe to perform only the disk validation steps and report whether the disk is eligible for conversion. |
-|/convert| Instructs MBR2GPT.exe to perform the disk validation and to proceed with the conversion if all validation tests pass. |
-|/disk:\<diskNumber\>| Specifies the disk number of the disk to be converted to GPT. If not specified, the system disk is used. The mechanism used is the same as that used by the diskpart.exe tool **SELECT DISK SYSTEM** command.|
-|/logs:\<logDirectory\>| Specifies the directory where MBR2GPT.exe logs should be written. If not specified, **%windir%** is used. If specified, the directory must already exist, it will not be automatically created or overwritten.|
-|/map:\<source\>=\<destination\>| Specifies additional partition type mappings between MBR and GPT. The MBR partition number is specified in decimal notation, not hexidecimal. The GPT GUID can contain brackets, for example: **/map:42={af9b60a0-1431-4f62-bc68-3311714a69ad}**. Multiple /map options can be specified if multiple mappings are required. |
-|/allowFullOS| By default, MBR2GPT.exe is blocked unless it is run from Windows PE. This option overrides this block and enables disk conversion while running in the full Windows environment. <br>**Note**: Since the existing MBR system partition is in use while running the full Windows environment, it cannot be reused. In this case, a new ESP is created by shrinking the OS partition.|
-
-## Examples
-
-### Validation example
-
-In the following example, disk 0 is validated for conversion. Errors and warnings are logged to the default location, **%windir%**.
-
-```
-X:\>mbr2gpt /validate /disk:0
-MBR2GPT: Attempting to validate disk 0
-MBR2GPT: Retrieving layout of disk
-MBR2GPT: Validating layout, disk sector size is: 512
-MBR2GPT: Validation completed successfully
-```
-
-### Conversion example
-
-In the following example:
-
-1. Using DiskPart, the current disk partition layout is displayed prior to conversion - three partitions are present on the MBR disk (disk 0): a system reserved partition, a Windows partition, and a recovery partition. A DVD-ROM is also present as volume 0.
-2. The OS volume is selected, partitions are listed, and partition details are displayed for the OS partition. The [MBR partition type](https://msdn.microsoft.com/library/windows/desktop/aa363990.aspx) is **07** corresponding to the installable file system (IFS) type. 
-2. The MBR2GPT tool is used to convert disk 0.
-3. The DiskPart tool displays that disk 0 is now using the GPT format.
-4. The new disk layout is displayed - four partitions are present on the GPT disk: three are identical to the previous partitions and one is the new EFI system partition (volume 3).
-5. The OS volume is selected again, and detail displays that it has been converted to the [GPT partition type](https://msdn.microsoft.com/library/windows/desktop/aa365449.aspx) of **ebd0a0a2-b9e5-4433-87c0-68b6b72699c7** corresponding to the **PARTITION_BASIC_DATA_GUID** type. 
-
->As noted in the output from the MBR2GPT tool, you must make changes to the computer firmware so that the new EFI system partition will boot properly.
-
-```
-X:\>DiskPart
-
-Microsoft DiskPart version 10.0.15048.0
-
-Copyright (C) Microsoft Corporation.
-On computer: MININT-K71F13N
-
-DISKPART> list volume
-
-  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
-  ----------  ---  -----------  -----  ----------  -------  ---------  --------
-  Volume 0     F   CENA_X64FRE  UDF    DVD-ROM     4027 MB  Healthy
-  Volume 1     C   System Rese  NTFS   Partition    499 MB  Healthy
-  Volume 2     D   Windows      NTFS   Partition     58 GB  Healthy
-  Volume 3     E   Recovery     NTFS   Partition    612 MB  Healthy    Hidden
-
-DISKPART> select volume 2
-
-Volume 2 is the selected volume.
-
-DISKPART> list partition
-
-  Partition ###  Type              Size     Offset
-  -------------  ----------------  -------  -------
-  Partition 1    Primary            499 MB  1024 KB
-* Partition 2    Primary             58 GB   500 MB
-  Partition 3    Recovery           612 MB    59 GB
-
-DISKPART> detail partition
-
-Partition 2
-Type  : 07
-Hidden: No
-Active: No
-Offset in Bytes: 524288000
-
-  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
-  ----------  ---  -----------  -----  ----------  -------  ---------  --------
-* Volume 2     D   Windows      NTFS   Partition     58 GB  Healthy
-
-DISKPART> exit
-
-Leaving DiskPart...
-
-X:\>mbr2gpt /convert /disk:0
-
-MBR2GPT will now attempt to convert disk 0.
-If conversion is successful the disk can only be booted in GPT mode.
-These changes cannot be undone!
-
-MBR2GPT: Attempting to convert disk 0
-MBR2GPT: Retrieving layout of disk
-MBR2GPT: Validating layout, disk sector size is: 512 bytes
-MBR2GPT: Trying to shrink the system partition
-MBR2GPT: Trying to shrink the OS partition
-MBR2GPT: Creating the EFI system partition
-MBR2GPT: Installing the new boot files
-MBR2GPT: Performing the layout conversion
-MBR2GPT: Migrating default boot entry
-MBR2GPT: Adding recovery boot entry
-MBR2GPT: Fixing drive letter mapping
-MBR2GPT: Conversion completed successfully
-MBR2GPT: Before the new system can boot properly you need to switch the firmware to boot to UEFI mode!
-
-X:\>DiskPart
-
-Microsoft DiskPart version 10.0.15048.0
-
-Copyright (C) Microsoft Corporation.
-On computer: MININT-K71F13N
-
-DISKPART> list disk
-
-  Disk ###  Status         Size     Free     Dyn  Gpt
-  --------  -------------  -------  -------  ---  ---
-  Disk 0    Online           60 GB      0 B        *
-
-DISKPART> select disk 0
-
-Disk 0 is now the selected disk.
-
-DISKPART> list volume
-
-  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
-  ----------  ---  -----------  -----  ----------  -------  ---------  --------
-  Volume 0     F   CENA_X64FRE  UDF    DVD-ROM     4027 MB  Healthy
-  Volume 1     D   Windows      NTFS   Partition     58 GB  Healthy
-  Volume 2     C   System Rese  NTFS   Partition    499 MB  Healthy    Hidden
-  Volume 3                      FAT32  Partition    100 MB  Healthy    Hidden
-  Volume 4     E   Recovery     NTFS   Partition    612 MB  Healthy    Hidden
-
-DISKPART> select volume 1
-
-Volume 1 is the selected volume.
-
-DISKPART> list partition
-
-  Partition ###  Type              Size     Offset
-  -------------  ----------------  -------  -------
-  Partition 1    Recovery           499 MB  1024 KB
-* Partition 2    Primary             58 GB   500 MB
-  Partition 4    System             100 MB    59 GB
-  Partition 3    Recovery           612 MB    59 GB
-
-DISKPART> detail partition
-
-Partition 2
-Type    : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
-Hidden  : No
-Required: No
-Attrib  : 0000000000000000
-Offset in Bytes: 524288000
-
-  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
-  ----------  ---  -----------  -----  ----------  -------  ---------  --------
-* Volume 1     D   Windows      NTFS   Partition     58 GB  Healthy
-```
-
-## Specifications
-
-### Disk conversion workflow
-
-The following steps illustrate high-level phases of the MBR-to-GPT conversion process:
-
-1. Disk validation is performed.
-2. The disk is repartitioned to create an EFI system partition (ESP) if one does not already exist.
-3. UEFI boot files are installed to the ESP.
-4. GPT metatdata and layout information is applied.
-5. The boot configuration data (BCD) store is updated.
-6. Drive letter assignments are restored.
-
-### Creating an EFI system partition
-
-For Windows to remain bootable after the conversion, an EFI system partition (ESP) must be in place. MBR2GPT creates the ESP using the following rules:
-
-1. The existing MBR system partition is reused if it meets these requirements:<br>
-  a. It is not also the OS or Windows Recovery Environment partition.<br>
-  b. It is at least 100MB (or 260MB for 4K sector size disks) in size.<br>
-  c. It is less than or equal to 1GB in size. This is a safety precaution to ensure it is not a data partition.<br>
-  d. The conversion is not being performed from the full OS. In this case, the existing MBR system partition is in use and cannot be repurposed.
-2. If the existing MBR system partition cannot be reused, a new ESP is created by shrinking the OS partition. This new partition has a size of 100MB (or 260MB for 4K sector size disks) and is formatted FAT32.
-
-If the existing MBR system partition is not reused for the ESP, it is no longer used by the boot process after the conversion. Other partitions are not modified.
-
->[!IMPORTANT]
->If the existing MBR system partition is not reused for the ESP, it might be assigned a drive letter. If you do not wish to use this small partition, you must manually hide the drive letter.
-
-### Partition type mapping and partition attributes
-
-Since GPT partitions use a different set of type IDs than MBR partitions, each partition on the converted disk must be assigned a new type ID. The partition type mapping follows these rules:
-
-1. The ESP is always set to partition type PARTITION_SYSTEM_GUID (c12a7328-f81f-11d2-ba4b-00a0c93ec93b).
-2. If an MBR partition is of a type that matches one of the entries specified in the /map switch, the specified GPT partition type ID is used.
-3. If the MBR partition is of type 0x27, the partition is converted to a GPT partition of type PARTITION_MSFT_RECOVERY_GUID (de94bba4-06d1-4d40-a16a-bfd50179d6ac).
-4. All other MBR partitions recognized by Windows are converted to GPT partitions of type PARTITION_BASIC_DATA_GUID (ebd0a0a2-b9e5-4433-87c0-68b6b72699c7).
-
-In addition to applying the correct partition types, partitions of type PARTITION_MSFT_RECOVERY_GUID also have the following GPT attributes set:
-- GPT_ATTRIBUTE_PLATFORM_REQUIRED (0x0000000000000001)
-- GPT_BASIC_DATA_ATTRIBUTE_NO_DRIVE_LETTER (0x8000000000000000)
-
-For more information about partition types, see:
-- [GPT partition types](https://msdn.microsoft.com/library/windows/desktop/aa365449.aspx)
-- [MBR partition types](https://msdn.microsoft.com/library/windows/desktop/aa363990.aspx)
-
-
-### Persisting drive letter assignments
-
-The conversion tool will attempt to remap all drive letter assignment information contained in the registry that correspond to the volumes of the converted disk. If a drive letter assignment cannot be restored, an error will be displayed at the console and in the log, so that you can manually perform the correct assignment of the drive letter. **Important**: this code runs after the layout conversion has taken place, so the operation cannot be undone at this stage. 
-
-The conversion tool will obtain volume unique ID data before and after the layout conversion, organizing this information into a lookup table. It will then iterate through all the entries in **HKLM\SYSTEM\MountedDevices**, and for each entry do the following:
-
-1. Check if the unique ID corresponds to any of the unique IDs for any of the volumes that are part of the converted disk.
-2. If found, set the value to be the new unique ID, obtained after the layout conversion.
-3. If the new unique ID cannot be set and the value name starts with \DosDevices, issue a console and log warning about the need for manual intervention in properly restoring the drive letter assignment.
-
-## Troubleshooting
-
-The tool will display status information in its output. Both validation and conversion are clear if any errors are encountered. For example, if one or more partitions do not translate properly, this is displayed and the conversion not performed. To view more detail about any errors that are encountered, see the associated [log files](#logs).
-
-### Logs
-
-Four log files are created by the MBR2GPT tool:
-
-- diagerr.xml
-- diagwrn.xml
-- setupact.log
-- setuperr.log
-
-These files contain errors and warnings encountered during disk validation and conversion. Information in these files can be helpful in diagnosing problems with the tool. The setupact.log and setuperr.log files will have the most detailed information about disk layouts, processes, and other information pertaining to disk validation and conversion. Note: The setupact*.log files are different than the Windows Setup files that are found in the %Windir%\Panther directory.
-
-The default location for all these log files in Windows PE is **%windir%**.
-
-### Interactive help
-
-To view a list of options available when using the tool, type **mbr2gpt /?** 
-
-The following text is displayed:
-
-```
-
-C:\> mbr2gpt /?
-
-Converts a disk from MBR to GPT partitioning without modifying or deleting data on the disk.
-
-MBR2GPT.exe /validate|convert [/disk:<diskNumber>] [/logs:<logDirectory>] [/map:<source>=<destination>] [/allowFullOS]
-
-Where:
-
- /validate
-         - Validates that the selected disk can be converted
-           without performing the actual conversion.
-
- /convert
-         - Validates that the selected disk can be converted
-           and performs the actual conversion.
-
- /disk:<diskNumber>
-         - Specifies the disk number of the disk to be processed.
-           If not specified, the system disk is processed.
-
- /logs:<logDirectory>
-         - Specifies the directory for logging. By default logs
-           are created in the %windir% directory.
-
- /map:<source>=<destination>
-         - Specifies the GPT partition type to be used for a
-           given MBR partition type not recognized by Windows.
-           Multiple /map switches are allowed.
-
- /allowFullOS
-         - Allows the tool to be used from the full Windows
-           environment. By default, this tool can only be used
-           from the Windows Preinstallation Environment.
-```
-
-### Return codes
-
-MBR2GPT has the following associated return codes:
-
-| Return code | Description |
-|----|-------------|
-|0| Conversion completed successfully.|
-|1| Conversion was canceled by the user.|
-|2| Conversion failed due to an internal error.|
-|3| Conversion failed due to an initialization error.|
-|4| Conversion failed due to invalid command-line parameters. |
-|5| Conversion failed due to error reading the geometry and layout of the selected disk.|
-|6| Conversion failed because one or more volumes on the disk is encrypted.|
-|7| Conversion failed because the geometry and layout of the selected disk do not meet requirements.|
-|8| Conversion failed due to error while creating the EFI system partition.|
-|9| Conversion failed due to error installing boot files.|
-|10| Conversion failed due to error while applying GPT layout.|
-|100| Conversion to GPT layout succeeded, but some boot configuration data entries could not be restored.|
-
-
-### Determining the partition type
-
-You can type the following command at a Windows PowerShell prompt to display the disk number and partition type. Example output is also shown:
-
-
-```
-PS C:\> Get-Disk | ft -Auto
-
-Number Friendly Name      Serial Number        HealthStatus OperationalStatus Total Size Partition Style
------- -------------      -------------        ------------ ----------------- ---------- ---------------
-0      MTFDDAK256MAM-1K1  13050928F47C         Healthy      Online             238.47 GB MBR
-1      ST1000DM003-1ER162 Z4Y3GD8F             Healthy      Online             931.51 GB GPT
-```
-
-You can also view the partition type of a disk by opening the Disk Management tool, right-clicking the disk number, clicking **Properties**, and then clicking the **Volumes** tab. See the following example:
-
-![Volumes](images/mbr2gpt-volume.PNG)
-
-
-If Windows PowerShell and Disk Management are not available, such as when you are using Windows PE, you can determine the partition type at a command prompt with the DiskPart tool. To determine the partition style from a command line, type **diskpart** and then type **list disk**. See the following example:
-
-```
-X:\>DiskPart
-
-Microsoft DiskPart version 10.0.15048.0
-
-Copyright (C) Microsoft Corporation.
-On computer: MININT-K71F13N
-
-DISKPART> list disk
-
-  Disk ###  Status         Size     Free     Dyn  Gpt
-  --------  -------------  -------  -------  ---  ---
-  Disk 0    Online          238 GB      0 B
-  Disk 1    Online          931 GB      0 B        *
-```
-
-In this example, Disk 0 is formatted with the MBR partition style, and Disk 1 is formatted using GPT.
-
-
-## Known issue 
-
-### MBR2GPT.exe cannot run in Windows PE
-
-When you start a Windows 10, version 1903-based computer in the Windows Preinstallation Environment (Windows PE), you encounter the following issues:
-
-**Issue 1** When you run the MBR2GPT.exe command, the process exits without converting the drive.
-
-**Issue 2** When you manually run the MBR2GPT.exe command in a Command Prompt window, there is no output from the tool.
-
-**Issue 3** When MBR2GPT.exe runs inside an imaging process such as a System Center Configuration Manager task sequence, an MDT task sequence, or by using a script, you receive the following exit code: 0xC0000135/3221225781.
-
-#### Cause
-
-This issue occurs because in Windows 10, version 1903 and later versions, MBR2GPT.exe requires access to the ReAgent.dll file. However, this dll file and its associated libraries are currently not included in the Windows PE boot image for Windows 10, version 1903 and later.
-
-#### Workaround
-
-To fix this issue, mount the Windows PE image (WIM), copy the missing file from the [Windows 10, version 1903 Assessment and Development Kit (ADK)](https://go.microsoft.com/fwlink/?linkid=2086042) source, and then commit the changes to the WIM. To do this, follow these steps:
-
-1. Mount the Windows PE WIM to a path (for example, C:\WinPE_Mount). For more information about how to mount WIM files, see [Mount an image](https://docs.microsoft.com/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#mount-an-image).
-
-2. Copy the ReAgent files and the ReAgent localization files from the Window 10, version 1903 ADK source folder to the mounted WIM.
-
-   For example, if the ADK is installed to the default location of C:\Program Files (x86)\Windows Kits\10 and the Windows PE image is mounted to C:\WinPE_Mount, run the following commands from an elevated Command Prompt window:
-   
-   **Command 1:**
-   ```cmd
-   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\ReAgent*.*" "C:\WinPE_Mount\Windows\System32"
-   ```
-   This command copies three files:
-
-   * ReAgent.admx
-   * ReAgent.dll
-   * ReAgent.xml
-   
-   **Command 2:**
-   ```cmd
-   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\En-Us\ReAgent*.*" "C:\WinPE_Mount\Windows\System32\En-Us"
-   ```   
-   This command copies two files:
-   * ReAgent.adml
-   * ReAgent.dll.mui
-
-   > [!NOTE]
-   > If you aren't using an English version of Windows, replace "En-Us" in the path with the appropriate string that represents the system language.
-   
-3. After you copy all the files, commit the changes and unmount the Windows PE WIM. MBR2GPT.exe now functions as expected in Windows PE. For information about how to unmount WIM files while committing changes, see [Unmounting an image](https://docs.microsoft.com/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#unmounting-an-image).
- 
-
-## Related topics
-
-[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-<BR>[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
-<BR>[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
+---
+title: MBR2GPT
+description: How to use the MBR2GPT tool to convert MBR partitions to GPT
+keywords: deploy, troubleshoot, windows, 10, upgrade, partition, mbr, gpt
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+audience: itpro
+author: greg-lindsay
+ms.date: 02/13/2018
+ms.reviewer: 
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+ms.localizationpriority: medium
+ms.topic: article
+---
+
+# MBR2GPT.EXE
+
+**Applies to**
+-   Windows 10
+
+## Summary
+
+**MBR2GPT.EXE** converts a disk from the Master Boot Record (MBR) to the GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. The tool is designed to be run from a Windows Preinstallation Environment (Windows PE) command prompt, but can also be run from the full Windows 10 operating system (OS) by using the **/allowFullOS** option. 
+
+>MBR2GPT.EXE is located in the **Windows\\System32** directory on a computer running Windows 10 version 1703 (also known as the Creator's Update) or later.
+>The tool is available in both the full OS environment and Windows PE. To use this tool in a deployment task sequence with Configuration Manager or Microsoft Deployment Toolkit (MDT), you must first update the Windows PE image (winpe.wim, boot.wim) with the [Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit) 1703, or a later version.
+
+See the following video for a detailed description and demonstration of MBR2GPT.
+
+<iframe width="560" height="315" align="center" src="https://www.youtube-nocookie.com/embed/hfJep4hmg9o" frameborder="0" allowfullscreen></iframe>
+
+You can use MBR2GPT to: 
+
+- Convert any attached MBR-formatted system disk to the GPT partition format. You cannot use the tool to convert non-system disks from MBR to GPT.
+- Convert an MBR disk with BitLocker-encrypted volumes as long as protection has been suspended. To resume BitLocker after conversion, you will need to delete the existing protectors and recreate them.
+- Convert operating system disks that have earlier versions of Windows 10 installed, such as versions 1507, 1511, and 1607. However, you must run the tool while booted into Windows 10 version 1703 or later, and perform an offline conversion.
+- Convert an operating system disk from MBR to GPT using Configuration Manager or MDT provided that your task sequence uses Windows PE version 1703 or later.
+
+Offline conversion of system disks with earlier versions of Windows installed, such as Windows 7, 8, or 8.1 are not officially supported. The recommended method to convert these disks is to upgrade the operating system to Windows 10 first, then perform the MBR to GPT conversion.
+
+>[!IMPORTANT]
+>After the disk has been converted to GPT partition style, the firmware must be reconfigured to boot in UEFI mode. <BR>Make sure that your device supports UEFI before attempting to convert the disk.
+
+## Disk Prerequisites
+
+Before any change to the disk is made, MBR2GPT validates the layout and geometry of the selected disk to ensure that:
+- The disk is currently using MBR
+- There is enough space not occupied by partitions to store the primary and secondary GPTs:
+  - 16KB + 2 sectors at the front of the disk
+  - 16KB + 1 sector at the end of the disk
+- There are at most 3 primary partitions in the MBR partition table
+- One of the partitions is set as active and is the system partition
+- The disk does not have any extended/logical partition
+- The BCD store on the system partition contains a default OS entry pointing to an OS partition
+- The volume IDs can be retrieved for each volume which has a drive letter assigned
+- All partitions on the disk are of MBR types recognized by Windows or has a mapping specified using the /map command-line option
+
+If any of these checks fails, the conversion will not proceed and an error will be returned.
+
+## Syntax
+
+<table style="font-family:consolas;font-size:12px" >
+<TR><TD>MBR2GPT /validate|convert [/disk:&lt;diskNumber>] [/logs:&lt;logDirectory>] [/map:&lt;source>=&lt;destination>] [/allowFullOS]
+</TABLE>
+
+### Options
+
+| Option | Description |
+|----|-------------|
+|/validate| Instructs MBR2GPT.exe to perform only the disk validation steps and report whether the disk is eligible for conversion. |
+|/convert| Instructs MBR2GPT.exe to perform the disk validation and to proceed with the conversion if all validation tests pass. |
+|/disk:\<diskNumber\>| Specifies the disk number of the disk to be converted to GPT. If not specified, the system disk is used. The mechanism used is the same as that used by the diskpart.exe tool **SELECT DISK SYSTEM** command.|
+|/logs:\<logDirectory\>| Specifies the directory where MBR2GPT.exe logs should be written. If not specified, **%windir%** is used. If specified, the directory must already exist, it will not be automatically created or overwritten.|
+|/map:\<source\>=\<destination\>| Specifies additional partition type mappings between MBR and GPT. The MBR partition number is specified in decimal notation, not hexidecimal. The GPT GUID can contain brackets, for example: **/map:42={af9b60a0-1431-4f62-bc68-3311714a69ad}**. Multiple /map options can be specified if multiple mappings are required. |
+|/allowFullOS| By default, MBR2GPT.exe is blocked unless it is run from Windows PE. This option overrides this block and enables disk conversion while running in the full Windows environment. <br>**Note**: Since the existing MBR system partition is in use while running the full Windows environment, it cannot be reused. In this case, a new ESP is created by shrinking the OS partition.|
+
+## Examples
+
+### Validation example
+
+In the following example, disk 0 is validated for conversion. Errors and warnings are logged to the default location, **%windir%**.
+
+```
+X:\>mbr2gpt /validate /disk:0
+MBR2GPT: Attempting to validate disk 0
+MBR2GPT: Retrieving layout of disk
+MBR2GPT: Validating layout, disk sector size is: 512
+MBR2GPT: Validation completed successfully
+```
+
+### Conversion example
+
+In the following example:
+
+1. Using DiskPart, the current disk partition layout is displayed prior to conversion - three partitions are present on the MBR disk (disk 0): a system reserved partition, a Windows partition, and a recovery partition. A DVD-ROM is also present as volume 0.
+2. The OS volume is selected, partitions are listed, and partition details are displayed for the OS partition. The [MBR partition type](https://msdn.microsoft.com/library/windows/desktop/aa363990.aspx) is **07** corresponding to the installable file system (IFS) type. 
+2. The MBR2GPT tool is used to convert disk 0.
+3. The DiskPart tool displays that disk 0 is now using the GPT format.
+4. The new disk layout is displayed - four partitions are present on the GPT disk: three are identical to the previous partitions and one is the new EFI system partition (volume 3).
+5. The OS volume is selected again, and detail displays that it has been converted to the [GPT partition type](https://msdn.microsoft.com/library/windows/desktop/aa365449.aspx) of **ebd0a0a2-b9e5-4433-87c0-68b6b72699c7** corresponding to the **PARTITION_BASIC_DATA_GUID** type. 
+
+>As noted in the output from the MBR2GPT tool, you must make changes to the computer firmware so that the new EFI system partition will boot properly.
+
+```
+X:\>DiskPart
+
+Microsoft DiskPart version 10.0.15048.0
+
+Copyright (C) Microsoft Corporation.
+On computer: MININT-K71F13N
+
+DISKPART> list volume
+
+  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
+  ----------  ---  -----------  -----  ----------  -------  ---------  --------
+  Volume 0     F   CENA_X64FRE  UDF    DVD-ROM     4027 MB  Healthy
+  Volume 1     C   System Rese  NTFS   Partition    499 MB  Healthy
+  Volume 2     D   Windows      NTFS   Partition     58 GB  Healthy
+  Volume 3     E   Recovery     NTFS   Partition    612 MB  Healthy    Hidden
+
+DISKPART> select volume 2
+
+Volume 2 is the selected volume.
+
+DISKPART> list partition
+
+  Partition ###  Type              Size     Offset
+  -------------  ----------------  -------  -------
+  Partition 1    Primary            499 MB  1024 KB
+* Partition 2    Primary             58 GB   500 MB
+  Partition 3    Recovery           612 MB    59 GB
+
+DISKPART> detail partition
+
+Partition 2
+Type  : 07
+Hidden: No
+Active: No
+Offset in Bytes: 524288000
+
+  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
+  ----------  ---  -----------  -----  ----------  -------  ---------  --------
+* Volume 2     D   Windows      NTFS   Partition     58 GB  Healthy
+
+DISKPART> exit
+
+Leaving DiskPart...
+
+X:\>mbr2gpt /convert /disk:0
+
+MBR2GPT will now attempt to convert disk 0.
+If conversion is successful the disk can only be booted in GPT mode.
+These changes cannot be undone!
+
+MBR2GPT: Attempting to convert disk 0
+MBR2GPT: Retrieving layout of disk
+MBR2GPT: Validating layout, disk sector size is: 512 bytes
+MBR2GPT: Trying to shrink the system partition
+MBR2GPT: Trying to shrink the OS partition
+MBR2GPT: Creating the EFI system partition
+MBR2GPT: Installing the new boot files
+MBR2GPT: Performing the layout conversion
+MBR2GPT: Migrating default boot entry
+MBR2GPT: Adding recovery boot entry
+MBR2GPT: Fixing drive letter mapping
+MBR2GPT: Conversion completed successfully
+MBR2GPT: Before the new system can boot properly you need to switch the firmware to boot to UEFI mode!
+
+X:\>DiskPart
+
+Microsoft DiskPart version 10.0.15048.0
+
+Copyright (C) Microsoft Corporation.
+On computer: MININT-K71F13N
+
+DISKPART> list disk
+
+  Disk ###  Status         Size     Free     Dyn  Gpt
+  --------  -------------  -------  -------  ---  ---
+  Disk 0    Online           60 GB      0 B        *
+
+DISKPART> select disk 0
+
+Disk 0 is now the selected disk.
+
+DISKPART> list volume
+
+  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
+  ----------  ---  -----------  -----  ----------  -------  ---------  --------
+  Volume 0     F   CENA_X64FRE  UDF    DVD-ROM     4027 MB  Healthy
+  Volume 1     D   Windows      NTFS   Partition     58 GB  Healthy
+  Volume 2     C   System Rese  NTFS   Partition    499 MB  Healthy    Hidden
+  Volume 3                      FAT32  Partition    100 MB  Healthy    Hidden
+  Volume 4     E   Recovery     NTFS   Partition    612 MB  Healthy    Hidden
+
+DISKPART> select volume 1
+
+Volume 1 is the selected volume.
+
+DISKPART> list partition
+
+  Partition ###  Type              Size     Offset
+  -------------  ----------------  -------  -------
+  Partition 1    Recovery           499 MB  1024 KB
+* Partition 2    Primary             58 GB   500 MB
+  Partition 4    System             100 MB    59 GB
+  Partition 3    Recovery           612 MB    59 GB
+
+DISKPART> detail partition
+
+Partition 2
+Type    : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
+Hidden  : No
+Required: No
+Attrib  : 0000000000000000
+Offset in Bytes: 524288000
+
+  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
+  ----------  ---  -----------  -----  ----------  -------  ---------  --------
+* Volume 1     D   Windows      NTFS   Partition     58 GB  Healthy
+```
+
+## Specifications
+
+### Disk conversion workflow
+
+The following steps illustrate high-level phases of the MBR-to-GPT conversion process:
+
+1. Disk validation is performed.
+2. The disk is repartitioned to create an EFI system partition (ESP) if one does not already exist.
+3. UEFI boot files are installed to the ESP.
+4. GPT metatdata and layout information is applied.
+5. The boot configuration data (BCD) store is updated.
+6. Drive letter assignments are restored.
+
+### Creating an EFI system partition
+
+For Windows to remain bootable after the conversion, an EFI system partition (ESP) must be in place. MBR2GPT creates the ESP using the following rules:
+
+1. The existing MBR system partition is reused if it meets these requirements:<br>
+  a. It is not also the OS or Windows Recovery Environment partition.<br>
+  b. It is at least 100MB (or 260MB for 4K sector size disks) in size.<br>
+  c. It is less than or equal to 1GB in size. This is a safety precaution to ensure it is not a data partition.<br>
+  d. The conversion is not being performed from the full OS. In this case, the existing MBR system partition is in use and cannot be repurposed.
+2. If the existing MBR system partition cannot be reused, a new ESP is created by shrinking the OS partition. This new partition has a size of 100MB (or 260MB for 4K sector size disks) and is formatted FAT32.
+
+If the existing MBR system partition is not reused for the ESP, it is no longer used by the boot process after the conversion. Other partitions are not modified.
+
+>[!IMPORTANT]
+>If the existing MBR system partition is not reused for the ESP, it might be assigned a drive letter. If you do not wish to use this small partition, you must manually hide the drive letter.
+
+### Partition type mapping and partition attributes
+
+Since GPT partitions use a different set of type IDs than MBR partitions, each partition on the converted disk must be assigned a new type ID. The partition type mapping follows these rules:
+
+1. The ESP is always set to partition type PARTITION_SYSTEM_GUID (c12a7328-f81f-11d2-ba4b-00a0c93ec93b).
+2. If an MBR partition is of a type that matches one of the entries specified in the /map switch, the specified GPT partition type ID is used.
+3. If the MBR partition is of type 0x27, the partition is converted to a GPT partition of type PARTITION_MSFT_RECOVERY_GUID (de94bba4-06d1-4d40-a16a-bfd50179d6ac).
+4. All other MBR partitions recognized by Windows are converted to GPT partitions of type PARTITION_BASIC_DATA_GUID (ebd0a0a2-b9e5-4433-87c0-68b6b72699c7).
+
+In addition to applying the correct partition types, partitions of type PARTITION_MSFT_RECOVERY_GUID also have the following GPT attributes set:
+- GPT_ATTRIBUTE_PLATFORM_REQUIRED (0x0000000000000001)
+- GPT_BASIC_DATA_ATTRIBUTE_NO_DRIVE_LETTER (0x8000000000000000)
+
+For more information about partition types, see:
+- [GPT partition types](https://msdn.microsoft.com/library/windows/desktop/aa365449.aspx)
+- [MBR partition types](https://msdn.microsoft.com/library/windows/desktop/aa363990.aspx)
+
+
+### Persisting drive letter assignments
+
+The conversion tool will attempt to remap all drive letter assignment information contained in the registry that correspond to the volumes of the converted disk. If a drive letter assignment cannot be restored, an error will be displayed at the console and in the log, so that you can manually perform the correct assignment of the drive letter. **Important**: this code runs after the layout conversion has taken place, so the operation cannot be undone at this stage. 
+
+The conversion tool will obtain volume unique ID data before and after the layout conversion, organizing this information into a lookup table. It will then iterate through all the entries in **HKLM\SYSTEM\MountedDevices**, and for each entry do the following:
+
+1. Check if the unique ID corresponds to any of the unique IDs for any of the volumes that are part of the converted disk.
+2. If found, set the value to be the new unique ID, obtained after the layout conversion.
+3. If the new unique ID cannot be set and the value name starts with \DosDevices, issue a console and log warning about the need for manual intervention in properly restoring the drive letter assignment.
+
+## Troubleshooting
+
+The tool will display status information in its output. Both validation and conversion are clear if any errors are encountered. For example, if one or more partitions do not translate properly, this is displayed and the conversion not performed. To view more detail about any errors that are encountered, see the associated [log files](#logs).
+
+### Logs
+
+Four log files are created by the MBR2GPT tool:
+
+- diagerr.xml
+- diagwrn.xml
+- setupact.log
+- setuperr.log
+
+These files contain errors and warnings encountered during disk validation and conversion. Information in these files can be helpful in diagnosing problems with the tool. The setupact.log and setuperr.log files will have the most detailed information about disk layouts, processes, and other information pertaining to disk validation and conversion. Note: The setupact*.log files are different than the Windows Setup files that are found in the %Windir%\Panther directory.
+
+The default location for all these log files in Windows PE is **%windir%**.
+
+### Interactive help
+
+To view a list of options available when using the tool, type **mbr2gpt /?** 
+
+The following text is displayed:
+
+```
+
+C:\> mbr2gpt /?
+
+Converts a disk from MBR to GPT partitioning without modifying or deleting data on the disk.
+
+MBR2GPT.exe /validate|convert [/disk:<diskNumber>] [/logs:<logDirectory>] [/map:<source>=<destination>] [/allowFullOS]
+
+Where:
+
+ /validate
+         - Validates that the selected disk can be converted
+           without performing the actual conversion.
+
+ /convert
+         - Validates that the selected disk can be converted
+           and performs the actual conversion.
+
+ /disk:<diskNumber>
+         - Specifies the disk number of the disk to be processed.
+           If not specified, the system disk is processed.
+
+ /logs:<logDirectory>
+         - Specifies the directory for logging. By default logs
+           are created in the %windir% directory.
+
+ /map:<source>=<destination>
+         - Specifies the GPT partition type to be used for a
+           given MBR partition type not recognized by Windows.
+           Multiple /map switches are allowed.
+
+ /allowFullOS
+         - Allows the tool to be used from the full Windows
+           environment. By default, this tool can only be used
+           from the Windows Preinstallation Environment.
+```
+
+### Return codes
+
+MBR2GPT has the following associated return codes:
+
+| Return code | Description |
+|----|-------------|
+|0| Conversion completed successfully.|
+|1| Conversion was canceled by the user.|
+|2| Conversion failed due to an internal error.|
+|3| Conversion failed due to an initialization error.|
+|4| Conversion failed due to invalid command-line parameters. |
+|5| Conversion failed due to error reading the geometry and layout of the selected disk.|
+|6| Conversion failed because one or more volumes on the disk is encrypted.|
+|7| Conversion failed because the geometry and layout of the selected disk do not meet requirements.|
+|8| Conversion failed due to error while creating the EFI system partition.|
+|9| Conversion failed due to error installing boot files.|
+|10| Conversion failed due to error while applying GPT layout.|
+|100| Conversion to GPT layout succeeded, but some boot configuration data entries could not be restored.|
+
+
+### Determining the partition type
+
+You can type the following command at a Windows PowerShell prompt to display the disk number and partition type. Example output is also shown:
+
+
+```
+PS C:\> Get-Disk | ft -Auto
+
+Number Friendly Name      Serial Number        HealthStatus OperationalStatus Total Size Partition Style
+------ -------------      -------------        ------------ ----------------- ---------- ---------------
+0      MTFDDAK256MAM-1K1  13050928F47C         Healthy      Online             238.47 GB MBR
+1      ST1000DM003-1ER162 Z4Y3GD8F             Healthy      Online             931.51 GB GPT
+```
+
+You can also view the partition type of a disk by opening the Disk Management tool, right-clicking the disk number, clicking **Properties**, and then clicking the **Volumes** tab. See the following example:
+
+![Volumes](images/mbr2gpt-volume.PNG)
+
+
+If Windows PowerShell and Disk Management are not available, such as when you are using Windows PE, you can determine the partition type at a command prompt with the DiskPart tool. To determine the partition style from a command line, type **diskpart** and then type **list disk**. See the following example:
+
+```
+X:\>DiskPart
+
+Microsoft DiskPart version 10.0.15048.0
+
+Copyright (C) Microsoft Corporation.
+On computer: MININT-K71F13N
+
+DISKPART> list disk
+
+  Disk ###  Status         Size     Free     Dyn  Gpt
+  --------  -------------  -------  -------  ---  ---
+  Disk 0    Online          238 GB      0 B
+  Disk 1    Online          931 GB      0 B        *
+```
+
+In this example, Disk 0 is formatted with the MBR partition style, and Disk 1 is formatted using GPT.
+
+
+## Known issue 
+
+### MBR2GPT.exe cannot run in Windows PE
+
+When you start a Windows 10, version 1903-based computer in the Windows Preinstallation Environment (Windows PE), you encounter the following issues:
+
+**Issue 1** When you run the MBR2GPT.exe command, the process exits without converting the drive.
+
+**Issue 2** When you manually run the MBR2GPT.exe command in a Command Prompt window, there is no output from the tool.
+
+**Issue 3** When MBR2GPT.exe runs inside an imaging process such as a Microsoft Endpoint Configuration Manager task sequence, an MDT task sequence, or by using a script, you receive the following exit code: 0xC0000135/3221225781.
+
+#### Cause
+
+This issue occurs because in Windows 10, version 1903 and later versions, MBR2GPT.exe requires access to the ReAgent.dll file. However, this dll file and its associated libraries are currently not included in the Windows PE boot image for Windows 10, version 1903 and later.
+
+#### Workaround
+
+To fix this issue, mount the Windows PE image (WIM), copy the missing file from the [Windows 10, version 1903 Assessment and Development Kit (ADK)](https://go.microsoft.com/fwlink/?linkid=2086042) source, and then commit the changes to the WIM. To do this, follow these steps:
+
+1. Mount the Windows PE WIM to a path (for example, C:\WinPE_Mount). For more information about how to mount WIM files, see [Mount an image](https://docs.microsoft.com/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#mount-an-image).
+
+2. Copy the ReAgent files and the ReAgent localization files from the Window 10, version 1903 ADK source folder to the mounted WIM.
+
+   For example, if the ADK is installed to the default location of C:\Program Files (x86)\Windows Kits\10 and the Windows PE image is mounted to C:\WinPE_Mount, run the following commands from an elevated Command Prompt window:
+   
+   **Command 1:**
+   ```cmd
+   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\ReAgent*.*" "C:\WinPE_Mount\Windows\System32"
+   ```
+   This command copies three files:
+
+   * ReAgent.admx
+   * ReAgent.dll
+   * ReAgent.xml
+   
+   **Command 2:**
+   ```cmd
+   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\En-Us\ReAgent*.*" "C:\WinPE_Mount\Windows\System32\En-Us"
+   ```   
+   This command copies two files:
+   * ReAgent.adml
+   * ReAgent.dll.mui
+
+   > [!NOTE]
+   > If you aren't using an English version of Windows, replace "En-Us" in the path with the appropriate string that represents the system language.
+   
+3. After you copy all the files, commit the changes and unmount the Windows PE WIM. MBR2GPT.exe now functions as expected in Windows PE. For information about how to unmount WIM files while committing changes, see [Unmounting an image](https://docs.microsoft.com/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#unmounting-an-image).
+ 
+
+## Related topics
+
+[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
+<BR>[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
+<BR>[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
diff --git a/windows/deployment/planning/act-technical-reference.md b/windows/deployment/planning/act-technical-reference.md
index b40be1932a..b9181ca45d 100644
--- a/windows/deployment/planning/act-technical-reference.md
+++ b/windows/deployment/planning/act-technical-reference.md
@@ -1,48 +1,49 @@
----
-title: Application Compatibility Toolkit (ACT) Technical Reference (Windows 10)
-description: The Microsoft® Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system.
-ms.assetid: d90d38b2-2718-4481-90eb-4480719627ba
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Application Compatibility Toolkit (ACT) Technical Reference
-
-
-**Applies to**
-- Windows 10, version 1607
- 
->[!IMPORTANT]
->We've replaced the majority of functionality included in the Application Compatibility Toolkit (ACT) with [Windows Analytics](../update/windows-analytics-overview.md), a solution in the Microsoft Operations Management Suite. Windows Analytics gives enterprises the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released.
- 
-Microsoft developed Windows Analytics in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Windows Analytics was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
- 
-With Windows diagnostic data enabled, Windows Analytics collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft. 
- 
-Use Windows Analytics to get:
-- A visual workflow that guides you from pilot to production
-- Detailed computer and application inventory
-- Powerful computer level search and drill-downs 
-- Guidance and insights into application and driver compatibility issues, with suggested fixes 
-- Data driven application rationalization tools
-- Application usage information, allowing targeted validation; workflow to track validation progress and decisions
-- Data export to commonly used software deployment tools, including System Center Configuration Manager
-
-The Windows Analytics workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
-
-At the same time, we've kept the Standard User Analyzer tool, which helps you test your apps and to monitor API calls for potential compatibility issues, and the Compatibility Administrator, which helps you to resolve potential compatibility issues.
-
-## In this section
-
-|Topic |Description |
-|------|------------|
-|[Standard User Analyzer (SUA) User's Guide](sua-users-guide.md) |The Standard User Analyzer (SUA) helps you test your applications and monitor API calls to detect compatibility issues related to the User Account Control (UAC) feature in Windows. |
-|[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) |The Compatibility Administrator tool helps you resolve potential application-compatibility issues before deploying a new version of Windows to your organization. |
-|[Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md) |You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions. |
+---
+title: Application Compatibility Toolkit (ACT) Technical Reference (Windows 10)
+description: The Microsoft® Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system.
+ms.assetid: d90d38b2-2718-4481-90eb-4480719627ba
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Application Compatibility Toolkit (ACT) Technical Reference
+
+
+**Applies to**
+- Windows 10, version 1607
+ 
+>[!IMPORTANT]
+>We've replaced the majority of functionality included in the Application Compatibility Toolkit (ACT) with [Windows Analytics](../update/windows-analytics-overview.md), a solution in the Microsoft Operations Management Suite. Windows Analytics gives enterprises the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released.
+ 
+Microsoft developed Windows Analytics in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Windows Analytics was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
+ 
+With Windows diagnostic data enabled, Windows Analytics collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft. 
+ 
+Use Windows Analytics to get:
+- A visual workflow that guides you from pilot to production
+- Detailed computer and application inventory
+- Powerful computer level search and drill-downs 
+- Guidance and insights into application and driver compatibility issues, with suggested fixes 
+- Data driven application rationalization tools
+- Application usage information, allowing targeted validation; workflow to track validation progress and decisions
+- Data export to commonly used software deployment tools, including Microsoft Endpoint Configuration Manager
+
+The Windows Analytics workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
+
+At the same time, we've kept the Standard User Analyzer tool, which helps you test your apps and to monitor API calls for potential compatibility issues, and the Compatibility Administrator, which helps you to resolve potential compatibility issues.
+
+## In this section
+
+|Topic |Description |
+|------|------------|
+|[Standard User Analyzer (SUA) User's Guide](sua-users-guide.md) |The Standard User Analyzer (SUA) helps you test your applications and monitor API calls to detect compatibility issues related to the User Account Control (UAC) feature in Windows. |
+|[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) |The Compatibility Administrator tool helps you resolve potential application-compatibility issues before deploying a new version of Windows to your organization. |
+|[Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md) |You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions. |
diff --git a/windows/deployment/planning/deployment-considerations-for-windows-to-go.md b/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
index 022ac067c8..26f0cb8b74 100644
--- a/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
+++ b/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
@@ -60,7 +60,7 @@ DirectAccess can be used to ensure that the user can login with their domain cre
 
 ### <a href="" id="wtg-imagedep"></a>Image deployment and drive provisioning considerations
 
-The Image Deployment process can be accomplished either by a centralized IT process for your organization or by individual users creating their own Windows To Go workspaces. You must have local Administrator access and access to a Windows 10 Enterprise or Windows 10 Education image to create a Windows To Go workspace, or you must be using System Center Configuration Manager 2012 Service Pack 1 or later to distribute Windows To Go workspaces to users. The image deployment process takes a blank USB drive and a Windows 10 Enterprise image (WIM) and turns it into a Windows To Go drive.
+The Image Deployment process can be accomplished either by a centralized IT process for your organization or by individual users creating their own Windows To Go workspaces. You must have local Administrator access and access to a Windows 10 Enterprise or Windows 10 Education image to create a Windows To Go workspace, or you must be using Microsoft Endpoint Configuration Manager 2012 Service Pack 1 or later to distribute Windows To Go workspaces to users. The image deployment process takes a blank USB drive and a Windows 10 Enterprise image (WIM) and turns it into a Windows To Go drive.
 
 ![windows to go image deployment](images/wtg-image-deployment.gif)
 
diff --git a/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md b/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md
index 6c41d9922c..08cbf28585 100644
--- a/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md
+++ b/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md
@@ -55,7 +55,7 @@ The following scenarios are examples of situations in which Windows To Go worksp
 
 -   **Managed free seating.** The employee is issued a Windows To Go drive that is then used with the host computer assigned to that employee for a given session (this could be a vehicle, workspace, or standalone laptop). When the employee leaves the session, the next time they return they use the same USB flash drive but use a different host computer.
 
--   **Work from home.** In this situation, the Windows To Go drive can be provisioned for employees using various methods including System Center Configuration Manager or other deployment tools and then distributed to employees. The employee is instructed to boot the Windows To Go drive initially at work, which caches the employee’s credentials on the Windows To Go workspace and allows the initial data synchronization between the enterprise network and the Windows To Go workspace. The user can then bring the Windows To Go drive home where it can be used with their home computer, with or without enterprise network connectivity.
+-   **Work from home.** In this situation, the Windows To Go drive can be provisioned for employees using various methods including Microsoft Endpoint Configuration Manager or other deployment tools and then distributed to employees. The employee is instructed to boot the Windows To Go drive initially at work, which caches the employee’s credentials on the Windows To Go workspace and allows the initial data synchronization between the enterprise network and the Windows To Go workspace. The user can then bring the Windows To Go drive home where it can be used with their home computer, with or without enterprise network connectivity.
 
 -   **Travel lightly.** In this situation you have employees who are moving from site to site, but who always will have access to a compatible host computer on site. Using Windows To Go workspaces allows them to travel without the need to pack their PC.
 
diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md
index 72439c1132..4b2d75eae6 100644
--- a/windows/deployment/planning/windows-10-deprecated-features.md
+++ b/windows/deployment/planning/windows-10-deprecated-features.md
@@ -57,7 +57,7 @@ The features described below are no longer being actively developed, and might b
 |Trusted Platform Module (TPM) Owner Password Management |This functionality within TPM.msc will be migrated to a new user interface.| 1709 |
 |Trusted Platform Module (TPM): TPM.msc and TPM Remote Management  | To be replaced by a new user interface in a future release. | 1709 |
 |Trusted Platform Module (TPM) Remote Management |This functionality within TPM.msc will be migrated to a new user interface. | 1709 |
-|Windows Hello for Business deployment that uses System Center Configuration Manager   |Windows Server 2016 Active Directory Federation Services – Registration Authority (ADFS RA) deployment is simpler and provides a better user experience and a more deterministic certificate enrollment experience. | 1709 |
+|Windows Hello for Business deployment that uses Microsoft Endpoint Configuration Manager   |Windows Server 2016 Active Directory Federation Services – Registration Authority (ADFS RA) deployment is simpler and provides a better user experience and a more deterministic certificate enrollment experience. | 1709 |
 |Windows PowerShell 2.0  | Applications and components should be migrated to PowerShell 5.0+. | 1709 |
 |Apndatabase.xml | Apndatabase.xml is being replaced by the COSA database. Therefore, some constructs will no longer function. This includes Hardware ID, incoming SMS messaging rules in mobile apps, a list of privileged apps in mobile apps, autoconnect order, APN parser, and CDMAProvider ID. | 1703 |
 |Tile Data Layer | The [Tile Data Layer](https://docs.microsoft.com/windows/configuration/start-layout-troubleshoot#symptom-start-menu-issues-with-tile-data-layer-corruption) database stopped development in Windows 10, version 1703. | 1703 |
diff --git a/windows/deployment/planning/windows-10-enterprise-faq-itpro.md b/windows/deployment/planning/windows-10-enterprise-faq-itpro.md
index 8716d1b086..764b8d1ca5 100644
--- a/windows/deployment/planning/windows-10-enterprise-faq-itpro.md
+++ b/windows/deployment/planning/windows-10-enterprise-faq-itpro.md
@@ -1,134 +1,136 @@
----
-title: Windows 10 Enterprise FAQ for IT pros (Windows 10)
-description: Get answers to common questions around compatibility, installation, and support for Windows 10 Enterprise.
-keywords: Windows 10 Enterprise, download, system requirements, drivers, appcompat, manage updates, Windows as a service, servicing channels, deployment tools
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 08/18/2017
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows 10 Enterprise: FAQ for IT professionals
-
-Get answers to common questions around compatibility, installation, and support for Windows 10 Enterprise.
-
-## Download and requirements
-
-### Where can I download Windows 10 Enterprise?
-
-If you have Windows volume licenses with Software Assurance, or if you have purchased licenses for Windows 10 Enterprise volume licenses, you can download 32-bit and 64-bit versions of Windows 10 Enterprise from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx). If you do not have current Software Assurance for Windows and would like to purchase volume licenses for Windows 10 Enterprise, contact your preferred Microsoft Reseller or see [How to purchase through Volume Licensing](https://www.microsoft.com/Licensing/how-to-buy/how-to-buy.aspx).
-
-### What are the system requirements?
-
-For details, see [Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752).
-
-### What are the hardware requirements for Windows 10?
-
-Most computers that are compatible with Windows 8.1 will be compatible with Windows 10. You may need to install updated drivers in Windows 10 for your devices to properly function. See [Windows 10 specifications](https://www.microsoft.com/windows/windows-10-specifications) for more information.
-
-### Can I evaluate Windows 10 Enterprise?
-
-Yes, a 90-day evaluation of Windows 10 Enterprise is available through the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise). The evaluation is available in Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), and Spanish (Spain, International Sort). We highly recommend that organizations make use of the Windows 10 Enterprise 90-day Evaluation to try out deployment and management scenarios, test compatibility with hardware and applications, and to get hands on experience with Windows 10 Enterprise features.
-
-## Drivers and compatibility
-
-### Where can I find drivers for my devices for Windows 10 Enterprise?
-
-For many devices, drivers will be automatically installed in Windows 10 and there will be no need for additional action.
-- For some devices, Windows 10 may be unable to install drivers that are required for operation. If your device drivers are not automatically installed, visit the manufacturer’s support website for your device to download and manually install the drivers. If Windows 10 drivers are not available, the most up-to-date drivers for Windows 8.1 will often work in Windows 10.
-- For some devices, the manufacturer may provide more up-to-date drivers or drivers that enable additional functionality than the drivers installed by Windows 10. Always follow the recommendations of the device manufacturer for optimal performance and stability.
-- Some computer manufacturers provide packs of drivers for easy implementation in management and deployment solutions like the Microsoft Deployment Toolkit (MDT) or Microsoft System Center Configuration Manager. These driver packs contain all of the drivers needed for each device and can greatly simplify the process of deploying Windows to a new make or model of computer. Driver packs for some common manufacturers include:
-    - [HP driver pack](http://www8.hp.com/us/en/ads/clientmanagement/drivers-pack.html)
-    - [Dell driver packs for enterprise client OS deployment](http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-command-deploy-driver-packs-for-enterprise-client-os-deployment)
-    - [Lenovo Configuration Manager and MDT package index](https://support.lenovo.com/us/en/documents/ht074984)
-    - [Panasonic Driver Pack for Enterprise](http://pc-dl.panasonic.co.jp/itn/drivers/driver_packages.html)
-
-### Where can I find out if an application or device is compatible with Windows 10?
-
-Many existing Win32 and Win64 applications already run reliably on Windows 10 without any changes. You can also expect strong compatibility and support for Web apps and devices. The [Ready for Windows](https://www.readyforwindows.com/) website lists software solutions that are supported and in use for Windows 10. You can find additional guidance to help with application compatibility at [Windows 10 application compatibility](https://technet.microsoft.com/windows/mt703793) on the Windows IT Center.
-
-### Is there an easy way to assess if my organization’s devices are ready to upgrade to Windows 10?
-
-[Windows Analytics Upgrade Readiness](https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics) (formerly known as Upgrade Analytics) provides powerful insights and recommendations about the computers, applications, and drivers in your organization, at no extra cost and without additional infrastructure requirements. This new service guides you through your upgrade and feature update projects using a workflow based on Microsoft recommended practices. Up-to-date inventory data allows you to balance cost and risk in your upgrade projects. You can find additional product information at [Windows Analytics](https://www.microsoft.com/WindowsForBusiness/Windows-Analytics).
-
-## Administration and deployment
-
-### Which deployment tools support Windows 10?
-
-Updated versions of Microsoft deployment tools, including MDT, Configuration Manager, and the Windows Assessment and Deployment Kit (Windows ADK) have been released to support Windows 10.
-- [MDT](https://www.microsoft.com/mdt) is Microsoft’s recommended collection of tools, processes, and guidance for automating desktop and server deployment.
-- Configuration Manager simplifies the deployment and management of Windows 10. If you are not currently using Configuration Manager, you can download a free 180-day trial of [System Center Configuration Manager and Endpoint Protection (current branch)](https://www.microsoft.com/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection) from the TechNet Evaluation Center.
-- The [Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit#winADK) has tools that allow you to customize Windows images for large-scale deployment, and test system quality and performance. You can download the latest version of the Windows ADK for Windows 10 from the Hardware Dev Center.
-
-### Can I upgrade computers from Windows 7 or Windows 8.1 without deploying a new image?
-
-Computers running Windows 7 or Windows 8.1 can be upgraded directly to Windows 10 through the in-place upgrade process without a need to reimage the device using MDT and/or Configuration Manager. For more information, see [Upgrade to Windows 10 with System Center Configuration Manager](https://technet.microsoft.com/itpro/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager) or [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit).
-
-### Can I upgrade from Windows 7 Enterprise or Windows 8.1 Enterprise to Windows 10 Enterprise for free?
-
-If you have Windows 7 Enterprise or Windows 8.1 Enterprise and current Windows 10 Enterprise E3 or E5 subscription, you are entitled to the upgrade to Windows 10 Enterprise through the rights of Software Assurance. You can find your product keys and installation media at the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx).
-
-For devices that are licensed under a volume license agreement for Windows that does not include Software Assurance, new licenses will be required to upgrade these devices to Windows 10.
-
-## Managing updates
-
-### What is Windows as a service?
-
-The Windows 10 operating system introduces a new way to build, deploy, and service Windows: Windows as a service. Microsoft has reimagined each part of the process, to simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers. These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time. For more information, see [Overview of Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview).
-
-### How is servicing different with Windows as a service?
-
-Traditional Windows servicing has included several release types: major revisions (e.g., the Windows 8.1, Windows 8, and Windows 7 operating systems), service packs, and monthly updates. With Windows 10, there are two release types: feature updates that add new functionality two to three times per year, and quality updates that provide security and reliability fixes at least once a month.
-
-### What are the servicing channels?
-
-To align with the new method of delivering feature updates and quality updates in Windows 10, Microsoft introduced the concept of servicing channels to allow customers to designate how aggressively their individual devices are updated. For example, an organization may have test devices that the IT department can update with new features as soon as possible, and then specialized devices that require a longer feature update cycle to ensure continuity. With that in mind, Microsoft offers two servicing channels for Windows 10: Semi-Annual Channel, and Long-Term Servicing Channel (LTSC). For details about the versions in each servicing channel, see [Windows 10 release information](https://technet.microsoft.com/windows/release-info.aspx). For more information on each channel, see [servicing channels](/windows/deployment/update/waas-overview#servicing-channels).
-
-### What tools can I use to manage Windows as a service updates?
-
-There are many tools are available. You can choose from these:
-- Windows Update
-- Windows Update for Business
-- Windows Server Update Services
-- System Center Configuration Manager
-
-For more information on pros and cons for these tools, see [Servicing Tools](/windows/deployment/update/waas-overview#servicing-tools).
-
-## User experience
-
-### Where can I find information about new features and changes in Windows 10 Enterprise?
-
-For an overview of the new enterprise features in Windows 10 Enterprise, see [What's new in Windows 10](https://technet.microsoft.com/itpro/windows/whats-new/index) and [What's new in Windows 10, version 1703](/windows/whats-new/whats-new-windows-10-version-1703) in the Docs library.
-
-Another place to track the latest information about new features of interest to IT professionals is the [Windows for IT Pros blog](https://blogs.technet.microsoft.com/windowsitpro/). Here you’ll find announcements of new features, information on updates to the Windows servicing model, and details about the latest resources to help you more easily deploy and manage Windows 10.
-
-To find out which version of Windows 10 is right for your organization, you can also [compare Windows editions](https://www.microsoft.com/WindowsForBusiness/Compare).
-
-### How will people in my organization adjust to using Windows 10 Enterprise after upgrading from Windows 7 or Windows 8.1?
-
-Windows 10 combines the best aspects of the user experience from Windows 8.1 and Windows 7 to make using Windows simple and straightforward. Users of Windows 7 will find the Start menu in the same location as they always have. In the same place, users of Windows 8.1 will find the live tiles from their Start screen, accessible by the Start button in the same way as they were accessed in Windows 8.1. To help you make the transition a seamless one, download the [Windows 10 Adoption Planning Kit](https://info.microsoft.com/Windows10AdoptionPlanningKit) and see our [end user readiness](https://technet.microsoft.com/windows/dn621092) resources.
-
-### How does Windows 10 help people work with applications and data across a variety of devices?
-
-The desktop experience in Windows 10 has been improved to provide a better experience for people that use a traditional mouse and keyboard. Key changes include:
-- Start menu is a launching point for access to apps.
-- Universal apps now open in windows instead of full screen.
-- [Multitasking is improved with adjustable Snap](http://blogs.windows.com/bloggingwindows/2015/06/04/arrange-your-windows-in-a-snap/), which allows you to have more than two windows side-by-side on the same screen and to customize how those windows are arranged.
-- Tablet Mode to simplify using Windows with a finger or pen by using touch input.
-
-## Help and support
-
-### Where can I ask a question about Windows 10?
-
-Use the following resources for additional information about Windows 10.
-- If you are an IT professional or if you have a question about administering, managing, or deploying Windows 10 in your organization or business, visit the [Windows 10 IT Professional forums](https://social.technet.microsoft.com/forums/home?category=windows10itpro) on TechNet.
-- If you are an end user or if you have a question about using Windows 10, visit the [Windows 10 forums on Microsoft Community](https://answers.microsoft.com/windows/forum/windows_10).
-- If you are a developer or if you have a question about making apps for Windows 10, visit the [Windows Desktop Development forums](https://social.msdn.microsoft.com/forums/en-us/home?category=windowsdesktopdev) or [Windows and Windows phone apps forums](https://social.msdn.microsoft.com/forums/en-us/home?category=windowsapps) on MSDN.
-- If you have a question about Internet Explorer, visit the [Internet Explorer forums](https://social.technet.microsoft.com/forums/ie/en-us/home) on TechNet.
+---
+title: Windows 10 Enterprise FAQ for IT pros (Windows 10)
+description: Get answers to common questions around compatibility, installation, and support for Windows 10 Enterprise.
+keywords: Windows 10 Enterprise, download, system requirements, drivers, appcompat, manage updates, Windows as a service, servicing channels, deployment tools
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 08/18/2017
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows 10 Enterprise: FAQ for IT professionals
+
+Get answers to common questions around compatibility, installation, and support for Windows 10 Enterprise.
+
+## Download and requirements
+
+### Where can I download Windows 10 Enterprise?
+
+If you have Windows volume licenses with Software Assurance, or if you have purchased licenses for Windows 10 Enterprise volume licenses, you can download 32-bit and 64-bit versions of Windows 10 Enterprise from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx). If you do not have current Software Assurance for Windows and would like to purchase volume licenses for Windows 10 Enterprise, contact your preferred Microsoft Reseller or see [How to purchase through Volume Licensing](https://www.microsoft.com/Licensing/how-to-buy/how-to-buy.aspx).
+
+### What are the system requirements?
+
+For details, see [Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752).
+
+### What are the hardware requirements for Windows 10?
+
+Most computers that are compatible with Windows 8.1 will be compatible with Windows 10. You may need to install updated drivers in Windows 10 for your devices to properly function. See [Windows 10 specifications](https://www.microsoft.com/windows/windows-10-specifications) for more information.
+
+### Can I evaluate Windows 10 Enterprise?
+
+Yes, a 90-day evaluation of Windows 10 Enterprise is available through the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise). The evaluation is available in Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), and Spanish (Spain, International Sort). We highly recommend that organizations make use of the Windows 10 Enterprise 90-day Evaluation to try out deployment and management scenarios, test compatibility with hardware and applications, and to get hands on experience with Windows 10 Enterprise features.
+
+## Drivers and compatibility
+
+### Where can I find drivers for my devices for Windows 10 Enterprise?
+
+For many devices, drivers will be automatically installed in Windows 10 and there will be no need for additional action.
+- For some devices, Windows 10 may be unable to install drivers that are required for operation. If your device drivers are not automatically installed, visit the manufacturer’s support website for your device to download and manually install the drivers. If Windows 10 drivers are not available, the most up-to-date drivers for Windows 8.1 will often work in Windows 10.
+- For some devices, the manufacturer may provide more up-to-date drivers or drivers that enable additional functionality than the drivers installed by Windows 10. Always follow the recommendations of the device manufacturer for optimal performance and stability.
+- Some computer manufacturers provide packs of drivers for easy implementation in management and deployment solutions like the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager. These driver packs contain all of the drivers needed for each device and can greatly simplify the process of deploying Windows to a new make or model of computer. Driver packs for some common manufacturers include:
+    - [HP driver pack](http://www8.hp.com/us/en/ads/clientmanagement/drivers-pack.html)
+    - [Dell driver packs for enterprise client OS deployment](http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-command-deploy-driver-packs-for-enterprise-client-os-deployment)
+    - [Lenovo Configuration Manager and MDT package index](https://support.lenovo.com/us/en/documents/ht074984)
+    - [Panasonic Driver Pack for Enterprise](http://pc-dl.panasonic.co.jp/itn/drivers/driver_packages.html)
+
+### Where can I find out if an application or device is compatible with Windows 10?
+
+Many existing Win32 and Win64 applications already run reliably on Windows 10 without any changes. You can also expect strong compatibility and support for Web apps and devices. The [Ready for Windows](https://www.readyforwindows.com/) website lists software solutions that are supported and in use for Windows 10. You can find additional guidance to help with application compatibility at [Windows 10 application compatibility](https://technet.microsoft.com/windows/mt703793) on the Windows IT Center.
+
+### Is there an easy way to assess if my organization’s devices are ready to upgrade to Windows 10?
+
+[Windows Analytics Upgrade Readiness](https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics) (formerly known as Upgrade Analytics) provides powerful insights and recommendations about the computers, applications, and drivers in your organization, at no extra cost and without additional infrastructure requirements. This new service guides you through your upgrade and feature update projects using a workflow based on Microsoft recommended practices. Up-to-date inventory data allows you to balance cost and risk in your upgrade projects. You can find additional product information at [Windows Analytics](https://www.microsoft.com/WindowsForBusiness/Windows-Analytics).
+
+## Administration and deployment
+
+### Which deployment tools support Windows 10?
+
+Updated versions of Microsoft deployment tools, including MDT, Configuration Manager, and the Windows Assessment and Deployment Kit (Windows ADK) have been released to support Windows 10.
+- [MDT](https://www.microsoft.com/mdt) is Microsoft’s recommended collection of tools, processes, and guidance for automating desktop and server deployment.
+- Configuration Manager simplifies the deployment and management of Windows 10. If you are not currently using Configuration Manager, you can download a free 180-day trial of [Microsoft Endpoint Configuration Manager and Endpoint Protection (current branch)](https://www.microsoft.com/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection) from the TechNet Evaluation Center.
+- The [Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit#winADK) has tools that allow you to customize Windows images for large-scale deployment, and test system quality and performance. You can download the latest version of the Windows ADK for Windows 10 from the Hardware Dev Center.
+
+### Can I upgrade computers from Windows 7 or Windows 8.1 without deploying a new image?
+
+Computers running Windows 7 or Windows 8.1 can be upgraded directly to Windows 10 through the in-place upgrade process without a need to reimage the device using MDT and/or Configuration Manager. For more information, see [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/itpro/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager) or [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit).
+
+### Can I upgrade from Windows 7 Enterprise or Windows 8.1 Enterprise to Windows 10 Enterprise for free?
+
+If you have Windows 7 Enterprise or Windows 8.1 Enterprise and current Windows 10 Enterprise E3 or E5 subscription, you are entitled to the upgrade to Windows 10 Enterprise through the rights of Software Assurance. You can find your product keys and installation media at the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx).
+
+For devices that are licensed under a volume license agreement for Windows that does not include Software Assurance, new licenses will be required to upgrade these devices to Windows 10.
+
+## Managing updates
+
+### What is Windows as a service?
+
+The Windows 10 operating system introduces a new way to build, deploy, and service Windows: Windows as a service. Microsoft has reimagined each part of the process, to simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers. These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time. For more information, see [Overview of Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview).
+
+### How is servicing different with Windows as a service?
+
+Traditional Windows servicing has included several release types: major revisions (e.g., the Windows 8.1, Windows 8, and Windows 7 operating systems), service packs, and monthly updates. With Windows 10, there are two release types: feature updates that add new functionality two to three times per year, and quality updates that provide security and reliability fixes at least once a month.
+
+### What are the servicing channels?
+
+To align with the new method of delivering feature updates and quality updates in Windows 10, Microsoft introduced the concept of servicing channels to allow customers to designate how aggressively their individual devices are updated. For example, an organization may have test devices that the IT department can update with new features as soon as possible, and then specialized devices that require a longer feature update cycle to ensure continuity. With that in mind, Microsoft offers two servicing channels for Windows 10: Semi-Annual Channel, and Long-Term Servicing Channel (LTSC). For details about the versions in each servicing channel, see [Windows 10 release information](https://technet.microsoft.com/windows/release-info.aspx). For more information on each channel, see [servicing channels](/windows/deployment/update/waas-overview#servicing-channels).
+
+### What tools can I use to manage Windows as a service updates?
+
+There are many tools are available. You can choose from these:
+- Windows Update
+- Windows Update for Business
+- Windows Server Update Services
+- Microsoft Endpoint Configuration Manager
+
+For more information on pros and cons for these tools, see [Servicing Tools](/windows/deployment/update/waas-overview#servicing-tools).
+
+## User experience
+
+### Where can I find information about new features and changes in Windows 10 Enterprise?
+
+For an overview of the new enterprise features in Windows 10 Enterprise, see [What's new in Windows 10](https://technet.microsoft.com/itpro/windows/whats-new/index) and [What's new in Windows 10, version 1703](/windows/whats-new/whats-new-windows-10-version-1703) in the Docs library.
+
+Another place to track the latest information about new features of interest to IT professionals is the [Windows for IT Pros blog](https://blogs.technet.microsoft.com/windowsitpro/). Here you’ll find announcements of new features, information on updates to the Windows servicing model, and details about the latest resources to help you more easily deploy and manage Windows 10.
+
+To find out which version of Windows 10 is right for your organization, you can also [compare Windows editions](https://www.microsoft.com/WindowsForBusiness/Compare).
+
+### How will people in my organization adjust to using Windows 10 Enterprise after upgrading from Windows 7 or Windows 8.1?
+
+Windows 10 combines the best aspects of the user experience from Windows 8.1 and Windows 7 to make using Windows simple and straightforward. Users of Windows 7 will find the Start menu in the same location as they always have. In the same place, users of Windows 8.1 will find the live tiles from their Start screen, accessible by the Start button in the same way as they were accessed in Windows 8.1. To help you make the transition a seamless one, download the [Windows 10 Adoption Planning Kit](https://info.microsoft.com/Windows10AdoptionPlanningKit) and see our [end user readiness](https://technet.microsoft.com/windows/dn621092) resources.
+
+### How does Windows 10 help people work with applications and data across a variety of devices?
+
+The desktop experience in Windows 10 has been improved to provide a better experience for people that use a traditional mouse and keyboard. Key changes include:
+- Start menu is a launching point for access to apps.
+- Universal apps now open in windows instead of full screen.
+- [Multitasking is improved with adjustable Snap](http://blogs.windows.com/bloggingwindows/2015/06/04/arrange-your-windows-in-a-snap/), which allows you to have more than two windows side-by-side on the same screen and to customize how those windows are arranged.
+- Tablet Mode to simplify using Windows with a finger or pen by using touch input.
+
+## Help and support
+
+### Where can I ask a question about Windows 10?
+
+Use the following resources for additional information about Windows 10.
+- If you are an IT professional or if you have a question about administering, managing, or deploying Windows 10 in your organization or business, visit the [Windows 10 IT Professional forums](https://social.technet.microsoft.com/forums/home?category=windows10itpro) on TechNet.
+- If you are an end user or if you have a question about using Windows 10, visit the [Windows 10 forums on Microsoft Community](https://answers.microsoft.com/windows/forum/windows_10).
+- If you are a developer or if you have a question about making apps for Windows 10, visit the [Windows Desktop Development forums](https://social.msdn.microsoft.com/forums/en-us/home?category=windowsdesktopdev) or [Windows and Windows phone apps forums](https://social.msdn.microsoft.com/forums/en-us/home?category=windowsapps) on MSDN.
+- If you have a question about Internet Explorer, visit the [Internet Explorer forums](https://social.technet.microsoft.com/forums/ie/en-us/home) on TechNet.
diff --git a/windows/deployment/planning/windows-10-infrastructure-requirements.md b/windows/deployment/planning/windows-10-infrastructure-requirements.md
index 03fd161f35..3b851ad2ca 100644
--- a/windows/deployment/planning/windows-10-infrastructure-requirements.md
+++ b/windows/deployment/planning/windows-10-infrastructure-requirements.md
@@ -40,7 +40,7 @@ Significant enhancements in the ADK for Windows 10 include new runtime provisio
 
 Microsoft Deployment Toolkit 2013 Update 1, available for download [here](https://go.microsoft.com/fwlink/p/?LinkId=625079), has also been updated to support Windows 10 and the new ADK; older versions do not support Windows 10. New in this release is task sequence support for Windows 10 in-place upgrades.
 
-For System Center Configuration Manager, Windows 10 support is offered with various releases:
+For Microsoft Endpoint Configuration Manager, Windows 10 support is offered with various releases:
 
 | Release                                     | Windows 10 management? | Windows 10 deployment?                         |
 |---------------------------------------------|------------------------|------------------------------------------------|
@@ -50,7 +50,7 @@ For System Center Configuration Manager, Windows 10 support is offered with var
 
 
 > [!NOTE]
-> Configuration Manager 2012 supports Windows 10 version 1507 (build 10.0.10240) and 1511 (build 10.0.10586) for the lifecycle of these builds. Future releases of Windows 10 CB/CBB are not supported With Configuration Manager 2012, and will require System Center Configuration Manager current branch for supported management. 
+> Configuration Manager 2012 supports Windows 10 version 1507 (build 10.0.10240) and 1511 (build 10.0.10586) for the lifecycle of these builds. Future releases of Windows 10 CB/CBB are not supported With Configuration Manager 2012, and will require Microsoft Endpoint Configuration Manager current branch for supported management. 
  
 
 For more details about System Center Configuration Manager support for Windows 10, see [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](../deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md).
@@ -58,7 +58,7 @@ For more details about System Center Configuration Manager support for Windows 
 ## Management tools
 
 
-In addition to System Center Configuration Manager, Windows 10 also leverages other tools for management. For Windows Server and Active Directory, existing supported versions are fully supported for Windows 10. New Group Policy templates will be needed to configure new settings available in Windows 10; these templates are available in the Windows 10 media images, and are available as a separate download [here](https://go.microsoft.com/fwlink/p/?LinkId=625081). See [Group Policy settings reference](https://go.microsoft.com/fwlink/p/?LinkId=625082) for a list of the new and modified policy settings. If you are using a central policy store, follow the steps outlined [here](https://go.microsoft.com/fwlink/p/?LinkId=625083) to update the ADMX files stored in that central store.
+In addition to Microsoft Endpoint Configuration Manager, Windows 10 also leverages other tools for management. For Windows Server and Active Directory, existing supported versions are fully supported for Windows 10. New Group Policy templates will be needed to configure new settings available in Windows 10; these templates are available in the Windows 10 media images, and are available as a separate download [here](https://go.microsoft.com/fwlink/p/?LinkId=625081). See [Group Policy settings reference](https://go.microsoft.com/fwlink/p/?LinkId=625082) for a list of the new and modified policy settings. If you are using a central policy store, follow the steps outlined [here](https://go.microsoft.com/fwlink/p/?LinkId=625083) to update the ADMX files stored in that central store.
 
 No new Active Directory schema updates or specific functional levels are currently required for core Windows 10 product functionality, although subsequent upgrades could require these to support new features.
 
diff --git a/windows/deployment/planning/windows-to-go-frequently-asked-questions.md b/windows/deployment/planning/windows-to-go-frequently-asked-questions.md
index 40c4c03e81..77f7cfe31a 100644
--- a/windows/deployment/planning/windows-to-go-frequently-asked-questions.md
+++ b/windows/deployment/planning/windows-to-go-frequently-asked-questions.md
@@ -165,7 +165,7 @@ Yes, if the user has administrator permissions they can self-provision a Windows
 ## <a href="" id="wtg-faq-mng"></a>How can Windows To Go be managed in an organization?
 
 
-Windows To Go can be deployed and managed like a traditional desktop PC using standard Windows enterprise software distribution tools like System Center Configuration Manager. Computer and user settings for Windows To Go workspaces can be managed using Group Policy setting also in the same manner that you manage Group Policy settings for other PCs in your organization. Windows To Go workspaces can be configured to connect to the organizational resources remotely using DirectAccess or a virtual private network connection so that they can connect securely to your network.
+Windows To Go can be deployed and managed like a traditional desktop PC using standard Windows enterprise software distribution tools like Microsoft Endpoint Configuration Manager. Computer and user settings for Windows To Go workspaces can be managed using Group Policy setting also in the same manner that you manage Group Policy settings for other PCs in your organization. Windows To Go workspaces can be configured to connect to the organizational resources remotely using DirectAccess or a virtual private network connection so that they can connect securely to your network.
 
 ## <a href="" id="wtf-faq-startup"></a>How do I make my computer boot from USB?
 
diff --git a/windows/deployment/planning/windows-to-go-overview.md b/windows/deployment/planning/windows-to-go-overview.md
index ba83d6224b..dcab3997b1 100644
--- a/windows/deployment/planning/windows-to-go-overview.md
+++ b/windows/deployment/planning/windows-to-go-overview.md
@@ -56,7 +56,7 @@ The applications that you want to use from the Windows To Go workspace should be
 
 ## <a href="" id="wtg-prep-intro"></a>Prepare for Windows To Go
 
-Enterprises install Windows on a large group of computers either by using configuration management software (such as System Center Configuration Manager), or by using standard Windows deployment tools such as DiskPart and the Deployment Image Servicing and Management (DISM) tool.
+Enterprises install Windows on a large group of computers either by using configuration management software (such as Microsoft Endpoint Configuration Manager), or by using standard Windows deployment tools such as DiskPart and the Deployment Image Servicing and Management (DISM) tool.
 
 These same tools can be used to provision Windows To Go drive, just as you would if you were planning for provisioning a new class of mobile PCs. You can use the [Windows Assessment and Deployment Kit](https://go.microsoft.com/fwlink/p/?LinkId=526803) to review deployment tools available.
 
diff --git a/windows/deployment/update/PSFxWhitepaper.md b/windows/deployment/update/PSFxWhitepaper.md
index c46b4cc2da..8f73fcdfd0 100644
--- a/windows/deployment/update/PSFxWhitepaper.md
+++ b/windows/deployment/update/PSFxWhitepaper.md
@@ -72,7 +72,7 @@ numerous advantages:
 
 Historically, download sizes of Windows 10 quality updates (Windows 10, version 1803 and older supported versions of Windows 10) are optimized by using express download. Express download is optimized such that updating Windows 10 systems will download the minimum number of bytes. This is achieved by generating differentials for every updated file based on selected historical base revisions of the same file + its base or RTM version.
 
-For example, if the October monthly quality update has updated Notepad.exe, differentials for Notepad.exe file changes from September to October, August to October, July to October, June to October, and from the original feature release to October are generated. All these differentials are stored in a Patch Storage File (PSF, also referred to as “express download files”) and hosted or cached on Windows Update or other update management or distribution servers (for example, Windows Server Update Services (WSUS), System Center Configuration Manager, or a non-Microsoft update management or distribution server that supports express updates). A device leveraging express updates uses network protocol to determine optimal differentials, then downloads only what is needed from the update distribution endpoints.
+For example, if the October monthly quality update has updated Notepad.exe, differentials for Notepad.exe file changes from September to October, August to October, July to October, June to October, and from the original feature release to October are generated. All these differentials are stored in a Patch Storage File (PSF, also referred to as “express download files”) and hosted or cached on Windows Update or other update management or distribution servers (for example, Windows Server Update Services (WSUS), Microsoft Endpoint Configuration Manager, or a non-Microsoft update management or distribution server that supports express updates). A device leveraging express updates uses network protocol to determine optimal differentials, then downloads only what is needed from the update distribution endpoints.
 
 The flip side of express download is that the size of PSF files can be very large depending on the number of historical baselines against which differentials were calculated. Downloading and caching large PSF files to on-premises or remote update distribution servers is problematic for most organizations, hence they are unable to leverage express updates to keep their fleet of devices running Windows 10 up to date. Secondly, due to the complexity of generating differentials and size of the express files that need to be cached on update distribution servers, it is only feasible to generate express download files for the most common baselines, thus express updates are only applicable to selected baselines. Finally, calculation of optimal differentials is expensive in terms of system memory utilization, especially for low-cost systems, impacting their ability to download and apply an update seamlessly.
 
diff --git a/windows/deployment/update/feature-update-mission-critical.md b/windows/deployment/update/feature-update-mission-critical.md
index 37ed550405..7e35245a09 100644
--- a/windows/deployment/update/feature-update-mission-critical.md
+++ b/windows/deployment/update/feature-update-mission-critical.md
@@ -19,7 +19,7 @@ ms.topic: article
 
 **Applies to**: Windows 10
 
-Managing an environment with devices that provide mission critical services 24 hours a day, 7 days a week, can present challenges in keeping these devices current with Windows 10 feature updates. The processes that you use to keep regular devices current with Windows 10 feature updates, often aren’t the most effective to service mission critical devices. This whitepaper will focus on the recommended approach of using the System Center Configuration Manager (current branch) software updates feature to deploy Windows 10 semi-annual feature updates. 
+Managing an environment with devices that provide mission critical services 24 hours a day, 7 days a week, can present challenges in keeping these devices current with Windows 10 feature updates. The processes that you use to keep regular devices current with Windows 10 feature updates, often aren’t the most effective to service mission critical devices. This whitepaper will focus on the recommended approach of using the Microsoft Endpoint Configuration Manager (current branch) software updates feature to deploy Windows 10 semi-annual feature updates. 
 
 For simplicity, we will outline the steps to deploy a feature update manually. If you prefer an automated approach, please see [Using Windows 10 servicing plans to deploy Windows 10 feature updates](waas-manage-updates-configuration-manager.md#use-windows-10-servicing-plans-to-deploy-windows-10-feature-updates). 
 
diff --git a/windows/deployment/update/index.md b/windows/deployment/update/index.md
index d08ff458c4..a81d83a38c 100644
--- a/windows/deployment/update/index.md
+++ b/windows/deployment/update/index.md
@@ -41,12 +41,12 @@ Windows as a service provides a new way to think about building, deploying, and
 | [Deploy updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](waas-mobile-updates.md) | Explains updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile. |
 | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md) | Explains how to use Windows Update for Business to manage when devices receive updates directly from Windows Update. Includes walkthroughs for configuring Windows Update for Business using Group Policy and Microsoft Intune.  |
 | [Deploy Windows 10 updates using Windows Server Update Services (WSUS)](waas-manage-updates-wsus.md) | Explains how to use WSUS to manage Windows 10 updates. |
-| [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) | Explains how to use Configuration Manager to manage Windows 10 updates.  |
+| [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) | Explains how to use Configuration Manager to manage Windows 10 updates.  |
 | [Manage device restarts after updates](waas-restart.md) | Explains how to manage update related device restarts. |
 | [Manage additional Windows Update settings](waas-wu-settings.md) | Provides details about settings available to control and configure Windows Update |
 | [Windows Insider Program for Business](waas-windows-insider-for-business.md) | Explains how the Windows Insider Program for Business works and how to become an insider. |
 
 >[!TIP]
->Windows servicing is changing, but for disaster recovery scenarios and bare-metal deployments of Windows 10, you still can use traditional imaging software such as System Center Configuration Manager or the Microsoft Deployment Toolkit. Using these tools to deploy Windows 10 images is similar to deploying previous versions of Windows.
+>Windows servicing is changing, but for disaster recovery scenarios and bare-metal deployments of Windows 10, you still can use traditional imaging software such as Microsoft Endpoint Configuration Manager or the Microsoft Deployment Toolkit. Using these tools to deploy Windows 10 images is similar to deploying previous versions of Windows.
 >With each release of a new feature update for CB, Microsoft makes available new .iso files for use in updating your custom images. Each Windows 10 build has a finite servicing lifetime, so it’s important that images stay up to date with the latest build. For detailed information about how to deploy Windows 10 to bare-metal machines or to upgrade to Windows 10 from previous builds of Windows, see [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](../deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md). Additionally, Windows 10 clients can move from any supported version of Windows 10 (i.e. Version 1511) to the latest version directly (i.e 1709).
 
diff --git a/windows/deployment/update/waas-branchcache.md b/windows/deployment/update/waas-branchcache.md
index aee88e8e01..6bb0bf7519 100644
--- a/windows/deployment/update/waas-branchcache.md
+++ b/windows/deployment/update/waas-branchcache.md
@@ -20,7 +20,7 @@ ms.topic: article
 
 > **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq) 
 
-BranchCache is a bandwidth-optimization feature that has been available since the Windows Server 2008 R2 and Windows 7 operating systems. Each client has a cache and acts as an alternate source for content that devices on its own network request. Windows Server Update Services (WSUS) and System Center Configuration Manager can use BranchCache to optimize network bandwidth during update deployment, and it’s easy to configure for either of them. BranchCache has two operating modes: Distributed Cache mode and Hosted Cache mode. 
+BranchCache is a bandwidth-optimization feature that has been available since the Windows Server 2008 R2 and Windows 7 operating systems. Each client has a cache and acts as an alternate source for content that devices on its own network request. Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager can use BranchCache to optimize network bandwidth during update deployment, and it’s easy to configure for either of them. BranchCache has two operating modes: Distributed Cache mode and Hosted Cache mode. 
 
 - Distributed Cache mode operates like the [Delivery Optimization](waas-delivery-optimization.md) feature in Windows 10: each client contains a cached version of the BranchCache-enabled files it requests and acts as a distributed cache for other clients requesting that same file. 
 
@@ -39,7 +39,7 @@ In Windows 10, version 1607, the Windows Update Agent uses Delivery Optimization
 
 ## Configure servers for BranchCache
 
-You can use WSUS and Configuration Manager with BranchCache in Distributed Cache mode. BranchCache in Distributed Cache mode is easy to configure for both WSUS and System Center Configuration Manager. 
+You can use WSUS and Configuration Manager with BranchCache in Distributed Cache mode. BranchCache in Distributed Cache mode is easy to configure for both WSUS and Microsoft Endpoint Configuration Manager. 
 
 For a step-by-step guide to configuring BranchCache on Windows Server devices, see the [BranchCache Deployment Guide (Windows Server 2012)](https://technet.microsoft.com/library/jj572990) or [BranchCache Deployment Guide (Windows Server 2016)](https://technet.microsoft.com/windows-server-docs/networking/branchcache/deploy/branchcache-deployment-guide).
 
diff --git a/windows/deployment/update/waas-configure-wufb.md b/windows/deployment/update/waas-configure-wufb.md
index 81adf9756d..b22f954ccc 100644
--- a/windows/deployment/update/waas-configure-wufb.md
+++ b/windows/deployment/update/waas-configure-wufb.md
@@ -190,7 +190,7 @@ Starting with Windows 10, version 1709, you can set policies to manage preview b
 The **Manage preview builds** setting gives administrators control over enabling or disabling preview build installation on a device. You can also decide to stop preview builds once the release is public.
 * Group Policy: **Computer Configuration/Administrative Templates/Windows Components/Windows Update/Windows Update for Business** - *Manage preview builds*
 * MDM: **Update/ManagePreviewBuilds**
-* System Center Configuration Manager: **Enable dual scan, manage through Windows Update for Business policy**
+* Microsoft Endpoint Configuration Manager: **Enable dual scan, manage through Windows Update for Business policy**
 
 >[!IMPORTANT]
 >This policy replaces the "Toggle user control over Insider builds" policy under that is only supported up to Windows 10, version 1703. You can find the older policy here:
@@ -273,5 +273,5 @@ When a device running a newer version sees an update available on Windows Update
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
diff --git a/windows/deployment/update/waas-delivery-optimization.md b/windows/deployment/update/waas-delivery-optimization.md
index 6d7bf33b2a..9de80024c2 100644
--- a/windows/deployment/update/waas-delivery-optimization.md
+++ b/windows/deployment/update/waas-delivery-optimization.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 > **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq) 
 
-Windows updates, upgrades, and applications can contain packages with very large files. Downloading and distributing updates can consume quite a bit of network resources on the devices receiving them. You can use Delivery Optimization to reduce bandwidth consumption by sharing the work of downloading these packages among multiple devices in your deployment. Delivery Optimization can accomplish this because it is a self-organizing distributed cache that allows clients to download those packages from alternate sources (such as other peers on the network) in addition to the traditional Internet-based servers. You can use Delivery Optimization in conjunction with Windows Update, Windows Server Update Services (WSUS), Windows Update for Business, or System Center Configuration Manager (when installation of Express Updates is enabled).  
+Windows updates, upgrades, and applications can contain packages with very large files. Downloading and distributing updates can consume quite a bit of network resources on the devices receiving them. You can use Delivery Optimization to reduce bandwidth consumption by sharing the work of downloading these packages among multiple devices in your deployment. Delivery Optimization can accomplish this because it is a self-organizing distributed cache that allows clients to download those packages from alternate sources (such as other peers on the network) in addition to the traditional Internet-based servers. You can use Delivery Optimization in conjunction with Windows Update, Windows Server Update Services (WSUS), Windows Update for Business, or Microsoft Endpoint Configuration Manager (when installation of Express Updates is enabled).  
 
 Delivery Optimization is a cloud-managed solution. Access to the Delivery Optimization cloud services is a requirement. This means that in order to use the peer-to-peer functionality of Delivery Optimization, devices must have access to the internet.
 
@@ -190,5 +190,5 @@ If you suspect this is the problem, try a Telnet test between two devices on the
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
diff --git a/windows/deployment/update/waas-deployment-rings-windows-10-updates.md b/windows/deployment/update/waas-deployment-rings-windows-10-updates.md
index d5eab1b3c4..5888c1f3a1 100644
--- a/windows/deployment/update/waas-deployment-rings-windows-10-updates.md
+++ b/windows/deployment/update/waas-deployment-rings-windows-10-updates.md
@@ -56,7 +56,7 @@ As Table 1 shows, each combination of servicing channel and deployment group is
 | ![done](images/checklistdone.png) | Build deployment rings for Windows 10 updates (this topic) |
 | ![to do](images/checklistbox.gif) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![to do](images/checklistbox.gif) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 ## Related topics
 
diff --git a/windows/deployment/update/waas-integrate-wufb.md b/windows/deployment/update/waas-integrate-wufb.md
index 4d5f0b31bc..9d8afa433e 100644
--- a/windows/deployment/update/waas-integrate-wufb.md
+++ b/windows/deployment/update/waas-integrate-wufb.md
@@ -1,6 +1,6 @@
 ---
 title: Integrate Windows Update for Business (Windows 10)
-description: Use Windows Update for Business deployments with management tools such as Windows Server Update Services (WSUS) and System Center Configuration Manager.
+description: Use Windows Update for Business deployments with management tools such as Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.
 ms.prod: w10
 ms.mktglfcycl: manage
 author: jaimeo
@@ -21,7 +21,7 @@ ms.topic: article
 
 > **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq) 
 
-You can integrate Windows Update for Business deployments with existing management tools such as Windows Server Update Services (WSUS) and System Center Configuration Manager.
+You can integrate Windows Update for Business deployments with existing management tools such as Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.
 
 ## Integrate Windows Update for Business with Windows Server Update Services
 
@@ -85,7 +85,7 @@ In this example, the deferral behavior for updates to Office and other non-Windo
 >[!NOTE]
 > Because the admin enabled **Update/AllowMUUpdateService**, placing the content on WSUS was not needed for the particular device, as the device will always receive Microsoft Update content from Microsoft when configured in this manner.
 
-## Integrate Windows Update for Business with System Center Configuration Manager
+## Integrate Windows Update for Business with Microsoft Endpoint Configuration Manager
 
 For Windows 10, version 1607, organizations already managing their systems with a Configuration Manager solution can also have their devices configured for Windows Update for Business (i.e. setting deferral policies on those devices). Such devices will be visible in the Configuration Manager console, however they will appear with a detection state of **Unknown**.
 
@@ -109,6 +109,6 @@ For more information, see [Integration with Windows Update for Business in Windo
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
 
diff --git a/windows/deployment/update/waas-manage-updates-configuration-manager.md b/windows/deployment/update/waas-manage-updates-configuration-manager.md
index 1ebdd76767..69abb40e2f 100644
--- a/windows/deployment/update/waas-manage-updates-configuration-manager.md
+++ b/windows/deployment/update/waas-manage-updates-configuration-manager.md
@@ -1,6 +1,6 @@
 ---
-title: Deploy Windows 10 updates via System Center Configuration Manager
-description: System Center Configuration Manager provides maximum control over quality and feature updates for Windows 10.
+title: Deploy Windows 10 updates via Microsoft Endpoint Configuration Manager
+description: Microsoft Endpoint Configuration Manager provides maximum control over quality and feature updates for Windows 10.
 ms.prod: w10
 ms.mktglfcycl: manage
 author: jaimeo
@@ -11,7 +11,7 @@ manager: laurawi
 ms.topic: article
 ---
 
-# Deploy Windows 10 updates using System Center Configuration Manager
+# Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager
 
 
 **Applies to**
@@ -25,21 +25,21 @@ ms.topic: article
 >Due to [naming changes](waas-overview.md#naming-changes), older terms like CB and CBB might still be displayed in some of our products, such as in Group Policy. If you encounter these terms, "CB" refers to the Semi-Annual Channel (Targeted)--which is no longer used--while "CBB" refers to the Semi-Annual Channel.
 
 
-System Center Configuration Manager provides maximum control over quality and feature updates for Windows 10. Unlike other servicing tools, Configuration Manager has capabilities that extend beyond servicing, such as application deployment, antivirus management, software metering, and reporting, and provides a secondary deployment method for LTSB clients. Configuration Manager can effectively control bandwidth usage and content distribution through a combination of BranchCache and distribution points. Microsoft encourages organizations currently using Configuration Manager for Windows update management to continue doing so for Windows 10 client computers.
+Microsoft Endpoint Configuration Manager provides maximum control over quality and feature updates for Windows 10. Unlike other servicing tools, Configuration Manager has capabilities that extend beyond servicing, such as application deployment, antivirus management, software metering, and reporting, and provides a secondary deployment method for LTSB clients. Configuration Manager can effectively control bandwidth usage and content distribution through a combination of BranchCache and distribution points. Microsoft encourages organizations currently using Configuration Manager for Windows update management to continue doing so for Windows 10 client computers.
 
 You can use Configuration Manager to service Windows 10 devices in two ways. The first option is to use Windows 10 Servicing Plans to deploy Windows 10 feature updates automatically based on specific criteria, similar to an Automatic Deployment Rule for software updates. The second option is to use a task sequence to deploy feature updates, along with anything else in the installation. 
 
 >[!NOTE]
->This topic focuses on updating and upgrading Windows 10 after it has already been deployed. To use Configuration Manager to upgrade your systems from the Windows 8.1, Windows 8, or Windows 7 operating system, see [Upgrade to Windows 10 with System Center Configuration Manager](https://technet.microsoft.com/itpro/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager).
+>This topic focuses on updating and upgrading Windows 10 after it has already been deployed. To use Configuration Manager to upgrade your systems from the Windows 8.1, Windows 8, or Windows 7 operating system, see [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/itpro/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager).
 
 ## Windows 10 servicing dashboard
 
-The Windows 10 servicing dashboard gives you a quick-reference view of your active servicing plans, compliance for servicing plan deployment, and other key information about Windows 10 servicing. For details about what each tile on the servicing dashboard represents, see [Manage Windows as a service using System Center Configuration Manager](https://technet.microsoft.com/library/mt627931.aspx).
+The Windows 10 servicing dashboard gives you a quick-reference view of your active servicing plans, compliance for servicing plan deployment, and other key information about Windows 10 servicing. For details about what each tile on the servicing dashboard represents, see [Manage Windows as a service using Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627931.aspx).
 
 For the Windows 10 servicing dashboard to display information, you must adhere to the following requirements: 
 
 - **Heartbeat discovery**. Enable heartbeat discovery for the site receiving Windows 10 servicing information. Configuration for heartbeat discovery can be found in Administration\Overview\Hierarchy Configuration\Discovery Methods.
-- **Windows Server Update Service (WSUS)**. System Center Configuration Manager must have the Software update point site system role added and configured to receive updates from a WSUS 4.0 server with the hotfix KB3095113 installed.
+- **Windows Server Update Service (WSUS)**. Microsoft Endpoint Configuration Manager must have the Software update point site system role added and configured to receive updates from a WSUS 4.0 server with the hotfix KB3095113 installed.
 - **Service connection point**. Add the Service connection point site system role in Online, persistent connection mode.
 - **Upgrade classification**. Select **Upgrade** from the list of synchronized software update classifications.
 
@@ -143,7 +143,7 @@ After you have updated the membership, this new collection will contain all mana
 
 ## Use Windows 10 servicing plans to deploy Windows 10 feature updates
 
-There are two ways to deploy Windows 10 feature updates with System Center Configuration Manager. The first is to use servicing plans, which provide an automated method to update devices consistently in their respective deployment rings, similar to Automatic Deployment Rules for software updates. 
+There are two ways to deploy Windows 10 feature updates with Microsoft Endpoint Configuration Manager. The first is to use servicing plans, which provide an automated method to update devices consistently in their respective deployment rings, similar to Automatic Deployment Rules for software updates. 
 
 **To configure Windows feature updates for CBB clients in the Ring 4 Broad business users deployment ring using a servicing plan**
 
@@ -160,7 +160,7 @@ There are two ways to deploy Windows 10 feature updates with System Center Confi
     >
     >![This is a high-risk deployment](images/waas-sccm-fig9.png) 
     >
-    >For details about how to manage the settings for high-risk deployments in Configuration Manager, see [Settings to manage high-risk deployments for System Center Configuration Manager](https://technet.microsoft.com/library/mt621992.aspx).
+    >For details about how to manage the settings for high-risk deployments in Configuration Manager, see [Settings to manage high-risk deployments for Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt621992.aspx).
 
 5. On the **Deployment Ring** page, select the **Business Ready (Current Branch for Business)** readiness state, leave the delay at **0 days**, and then click **Next**.
 
@@ -214,7 +214,7 @@ Each time Microsoft releases a new Windows 10 build, it releases a new .iso file
     In this example, the Windows 10 Enterprise 1607 installation media is deployed to \\contoso-cm01\Sources\Operating Systems\Windows 10 Enterprise\Windows 10 Enterprise - Version 1607.
     
     >[!NOTE]
-    >System Center Configuration Manager version 1606 is required to manage machines running Windows 10, version 1607.
+    >Microsoft Endpoint Configuration Manager version 1606 is required to manage machines running Windows 10, version 1607.
     
 4. On the **General** page, in the **Name** field, type the name of the folder (**Windows 10 Enterprise - Version 1607** in this example). Set the **Version** to **1607**, and then click **Next**.
 
@@ -303,11 +303,11 @@ With the task sequence created, you’re ready to deploy it. If you’re using t
 | ![done](images/checklistdone.png) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![done](images/checklistdone.png) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or Deploy Windows 10 updates using System Center Configuration Manager (this topic) |
+| ![done](images/checklistdone.png) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager (this topic) |
 
 ## See also
 
-[Manage Windows as a service using System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/manage-windows-as-a-service)
+[Manage Windows as a service using Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/manage-windows-as-a-service)
 
 
 ## Related topics
diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md
index e24cc6ff0b..61db3462a7 100644
--- a/windows/deployment/update/waas-manage-updates-wsus.md
+++ b/windows/deployment/update/waas-manage-updates-wsus.md
@@ -24,7 +24,7 @@ ms.topic: article
 >Due to [naming changes](waas-overview.md#naming-changes), older terms like CB and CBB might still be displayed in some of our products, such as in Group Policy or the registry. If you encounter these terms, "CB" refers to the Semi-Annual Channel (Targeted)--which is no longer used--while "CBB" refers to the Semi-Annual Channel.
 
 
-WSUS is a Windows Server role available in the Windows Server operating systems. It provides a single hub for Windows updates within an organization. WSUS allows companies not only to defer updates but also to selectively approve them, choose when they’re delivered, and determine which individual devices or groups of devices receive them. WSUS provides additional control over Windows Update for Business but does not provide all the scheduling options and deployment flexibility that System Center Configuration Manager provides.
+WSUS is a Windows Server role available in the Windows Server operating systems. It provides a single hub for Windows updates within an organization. WSUS allows companies not only to defer updates but also to selectively approve them, choose when they’re delivered, and determine which individual devices or groups of devices receive them. WSUS provides additional control over Windows Update for Business but does not provide all the scheduling options and deployment flexibility that Microsoft Endpoint Configuration Manager provides.
 
 When you choose WSUS as your source for Windows updates, you use Group Policy to point Windows 10 client devices to the WSUS server for their updates. From there, updates are periodically downloaded to the WSUS server and managed, approved, and deployed through the WSUS administration console or Group Policy, streamlining enterprise update management. If you’re currently using WSUS to manage Windows updates in your environment, you can continue to do so in Windows 10. 
 
@@ -331,7 +331,7 @@ Now that you have the **All Windows 10 Upgrades** view, complete the following s
 | ![done](images/checklistdone.png) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![done](images/checklistdone.png) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or Deploy Windows 10 updates using Windows Server Update Services (this topic)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![done](images/checklistdone.png) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or Deploy Windows 10 updates using Windows Server Update Services (this topic)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 
 
@@ -351,5 +351,5 @@ Now that you have the **All Windows 10 Upgrades** view, complete the following s
 - [Integrate Windows Update for Business with management solutions](waas-integrate-wufb.md)
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
diff --git a/windows/deployment/update/waas-manage-updates-wufb.md b/windows/deployment/update/waas-manage-updates-wufb.md
index 479877ca3a..2486006471 100644
--- a/windows/deployment/update/waas-manage-updates-wufb.md
+++ b/windows/deployment/update/waas-manage-updates-wufb.md
@@ -118,7 +118,7 @@ For more information about Update Compliance, see [Monitor Windows Updates using
 | ![done](images/checklistdone.png) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![done](images/checklistdone.png) | Deploy updates using Windows Update for Business (this topic) </br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![done](images/checklistdone.png) | Deploy updates using Windows Update for Business (this topic) </br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 ## Related topics
 - [Update Windows 10 in the enterprise](index.md)
@@ -135,7 +135,7 @@ For more information about Update Compliance, see [Monitor Windows Updates using
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
 
 
diff --git a/windows/deployment/update/waas-mobile-updates.md b/windows/deployment/update/waas-mobile-updates.md
index c0d1218ade..abb64e0561 100644
--- a/windows/deployment/update/waas-mobile-updates.md
+++ b/windows/deployment/update/waas-mobile-updates.md
@@ -70,7 +70,7 @@ Only the following Windows Update for Business policies are supported for Window
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
 
 
diff --git a/windows/deployment/update/waas-optimize-windows-10-updates.md b/windows/deployment/update/waas-optimize-windows-10-updates.md
index 7eda1ffad1..7cc93640af 100644
--- a/windows/deployment/update/waas-optimize-windows-10-updates.md
+++ b/windows/deployment/update/waas-optimize-windows-10-updates.md
@@ -33,7 +33,7 @@ Two methods of peer-to-peer content distribution are available in Windows 10.
     >[!NOTE]
     >Full BranchCache functionality is supported in Windows 10 Enterprise and Education; Windows 10 Pro supports some BranchCache functionality, including BITS transfers used for servicing operations.
 
-    Windows Server Update Services (WSUS) and System Center Configuration Manager can use BranchCache to allow peers to source content from each other versus always having to contact a server. Using BranchCache, files are cached on each individual client, and other clients can retrieve them as needed. This approach distributes the cache rather than having a single point of retrieval, saving a significant amount of bandwidth while drastically reducing the time that it takes for clients to receive the requested content.
+    Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager can use BranchCache to allow peers to source content from each other versus always having to contact a server. Using BranchCache, files are cached on each individual client, and other clients can retrieve them as needed. This approach distributes the cache rather than having a single point of retrieval, saving a significant amount of bandwidth while drastically reducing the time that it takes for clients to receive the requested content.
 
 </br></br>
 
@@ -43,9 +43,9 @@ Two methods of peer-to-peer content distribution are available in Windows 10.
 | BranchCache | ![no](images/crossmark.png) | ![no](images/crossmark.png) |![yes](images/checkmark.png) | ![yes](images/checkmark.png) |
 
 > [!NOTE]
-> System Center Configuration Manager has an additional feature called Client Peer Cache that allows peer-to-peer content sharing between clients you use System Center Configuration Manager to manage, in the same Configuration Manager boundary Group. For more information, see [Client Peer Cache](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/client-peer-cache).
+> Microsoft Endpoint Configuration Manager has an additional feature called Client Peer Cache that allows peer-to-peer content sharing between clients you use Microsoft Endpoint Configuration Manager to manage, in the same Configuration Manager boundary Group. For more information, see [Client Peer Cache](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/client-peer-cache).
 >
-> In addition to Client Peer Cache, similar functionality is available in the Windows Preinstallation Environment (Windows PE) for imaging-related content. Using this technology, clients imaging with System Center Configuration Manager task sequences can source operating system images, driver packages, boot images, packages, and programs from peers instead of distribution points. For detailed information about how Windows PE Peer Cache works and how to configure it, see [Prepare Windows PE peer cache to reduce WAN traffic in System Center Configuration Manager](https://docs.microsoft.com/configmgr/osd/get-started/prepare-windows-pe-peer-cache-to-reduce-wan-traffic).
+> In addition to Client Peer Cache, similar functionality is available in the Windows Preinstallation Environment (Windows PE) for imaging-related content. Using this technology, clients imaging with Microsoft Endpoint Configuration Manager task sequences can source operating system images, driver packages, boot images, packages, and programs from peers instead of distribution points. For detailed information about how Windows PE Peer Cache works and how to configure it, see [Prepare Windows PE peer cache to reduce WAN traffic in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/get-started/prepare-windows-pe-peer-cache-to-reduce-wan-traffic).
 
 ## Express update delivery
 
@@ -55,7 +55,7 @@ Windows 10 quality update downloads can be large because every package contains
 > Express update delivery applies to quality update downloads. Starting with Windows 10, version 1709, Express update delivery also applies to feature update downloads for clients connected to Windows Update and Windows Update for Business.
 
 ### How Microsoft supports Express
-- **Express on System Center Configuration Manager** starting with version 1702 of Configuration Manager and Windows 10, version 1703 or later, or Windows 10, version 1607 with the April 2017 cumulative update.
+- **Express on Microsoft Endpoint Configuration Manager** starting with version 1702 of Configuration Manager and Windows 10, version 1703 or later, or Windows 10, version 1607 with the April 2017 cumulative update.
 - **Express on WSUS Standalone**
 
   Express update delivery is available on [all support versions of WSUS](https://technet.microsoft.com/library/cc708456(v=ws.10).aspx).
@@ -93,7 +93,7 @@ At this point, the download is complete and the update is ready to be installed.
 | ![done](images/checklistdone.png) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | Optimize update delivery for Windows 10 updates (this topic) |
-| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 
 ## Related topics
diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 4f6bf5db20..ff07ad3cbe 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -112,7 +112,7 @@ The concept of servicing channels is new, but organizations can use the same man
 
 In the Semi-Annual servicing channel, feature updates are available as soon as Microsoft releases them. Windows 10, version 1511, had few servicing tool options to delay feature updates, limiting the use of the Semi-Annual servicing channel. Starting with Windows 10, version 1607, more servicing tools that can delay feature updates for up to 365 days are available. This servicing model is ideal for pilot deployments and testing of Windows 10 feature updates and for users such as developers who need to work with the latest features immediately. Once the latest release has gone through pilot deployment and testing, you will be able to choose the timing at which it goes into broad deployment.
 
-When Microsoft officially releases a feature update for Windows 10, it is made available to any device not configured to defer feature updates so that those devices can immediately install it. Organizations that use Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager, or Windows Update for Business, however, can defer feature updates to selective devices by withholding their approval and deployment. In this scenario, the content available for the Semi-Annual Channel will be available but not necessarily immediately mandatory, depending on the policy of the management system. For more details about Windows 10 servicing tools, see [Servicing tools](#servicing-tools).
+When Microsoft officially releases a feature update for Windows 10, it is made available to any device not configured to defer feature updates so that those devices can immediately install it. Organizations that use Windows Server Update Services (WSUS), Microsoft Endpoint Configuration Manager, or Windows Update for Business, however, can defer feature updates to selective devices by withholding their approval and deployment. In this scenario, the content available for the Semi-Annual Channel will be available but not necessarily immediately mandatory, depending on the policy of the management system. For more details about Windows 10 servicing tools, see [Servicing tools](#servicing-tools).
 
 
 Organizations are expected to initiate targeted deployment on Semi-Annual Channel releases.  All customers, independent software vendors (ISVs), and partners should use this time for testing and piloting within their environments. After 2-4 months, we will transition to broad deployment and encourage customers and partners to expand and accelerate the deployment of the release. For customers using Windows Update for Business, the Semi-Annual Channel provides three months of additional total deployment time before being required to update to the next release.
@@ -163,9 +163,9 @@ There are many tools with which IT pros can service Windows as a service. Each o
 - **Windows Update (stand-alone)** provides limited control over feature updates, with IT pros manually configuring the device to be in the Semi-Annual Channel. Organizations can target which devices defer updates by selecting the Defer upgrades check box in Start\Settings\Update & Security\Advanced Options on a Windows 10 device.
 - **Windows Update for Business** is the second option for servicing Windows as a service. This servicing tool includes control over update deferment and provides centralized management using Group Policy. Windows Update for Business can be used to defer updates by up to 365 days, depending on the version. These deployment options are available to clients in the Semi-Annual Channel. In addition to being able to use Group Policy to manage Windows Update for Business, either option can be configured without requiring any on-premises infrastructure by using Intune.
 - **Windows Server Update Services (WSUS)** provides extensive control over Windows 10 updates and is natively available in the Windows Server operating system. In addition to the ability to defer updates, organizations can add an approval layer for updates and choose to deploy them to specific computers or groups of computers whenever ready. 
-- **System Center Configuration Manager** provides the greatest control over servicing Windows as a service. IT pros can defer updates, approve them, and have multiple options for targeting deployments and managing bandwidth usage and deployment times. 
+- **Microsoft Endpoint Configuration Manager** provides the greatest control over servicing Windows as a service. IT pros can defer updates, approve them, and have multiple options for targeting deployments and managing bandwidth usage and deployment times. 
 
-With all these options, which an organization chooses depends on the resources, staff, and expertise its IT organization already has. For example, if IT already uses System Center Configuration Manager to manage Windows updates, it can continue to use it. Similarly, if IT is using WSUS, it can continue to use that. For a consolidated look at the benefits of each tool, see Table 1.
+With all these options, which an organization chooses depends on the resources, staff, and expertise its IT organization already has. For example, if IT already uses Microsoft Endpoint Configuration Manager to manage Windows updates, it can continue to use it. Similarly, if IT is using WSUS, it can continue to use that. For a consolidated look at the benefits of each tool, see Table 1.
 
 **Table 1**
 
@@ -190,7 +190,7 @@ With all these options, which an organization chooses depends on the resources,
 | ![to do](images/checklistbox.gif) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![to do](images/checklistbox.gif) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![to do](images/checklistbox.gif) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 
 
diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index b2f7bf1b6a..7e0bf21538 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -48,7 +48,7 @@ See [Assign devices to servicing channels for Windows 10 updates](waas-servicing
 
 ## Staying up to date
 
-The process for keeping Windows 10 up to date involves deploying a feature update, at an appropriate time after its release. A variety of management and update tools such as Windows Update, Windows Update for Business, Windows Server Update Services, System Center Configuration Manager, and third-party products) can be used to help with this process. [Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-get-started), a free tool to streamline Windows upgrade projects, is another important tool to help.
+The process for keeping Windows 10 up to date involves deploying a feature update, at an appropriate time after its release. A variety of management and update tools such as Windows Update, Windows Update for Business, Windows Server Update Services, Microsoft Endpoint Configuration Manager, and third-party products) can be used to help with this process. [Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-get-started), a free tool to streamline Windows upgrade projects, is another important tool to help.
 
 Because app compatibility, both for desktop apps and web apps, is outstanding with Windows 10, extensive advanced testing isn’t required. Instead, only business-critical apps need to be tested, with the remaining apps validated through a series of pilot deployment rings. Once these pilot deployments have validated most apps, broad deployment can begin.
 
diff --git a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
index 2f891c98c0..2eae42de3a 100644
--- a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
@@ -178,7 +178,7 @@ By enabling the Group Policy setting under **Computer Configuration\Administrati
 | ![done](images/checklistdone.png) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![done](images/checklistdone.png) | Assign devices to servicing channels for Windows 10 updates (this topic) |
 | ![to do](images/checklistbox.gif) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 ## Related topics
 
diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md
index 66ffdd5dd6..d55a28a5c1 100644
--- a/windows/deployment/update/waas-servicing-differences.md
+++ b/windows/deployment/update/waas-servicing-differences.md
@@ -87,7 +87,7 @@ Moving to the cumulative model for legacy OS versions continues to improve predi
 Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program.
 
 > [!NOTE]
-> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as System Center Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10.
+> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as Microsoft Endpoint Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10.
 
 > [!NOTE]
 > Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates.
diff --git a/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md b/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
index 66702a34a3..e82f2eebde 100644
--- a/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
@@ -32,7 +32,7 @@ Windows 10 spreads the traditional deployment effort of a Windows upgrade, which
 - **Identify excluded devices.** For some organizations, special-purpose devices such as those used to control factory or medical equipment or run ATMs require a stricter, less frequent feature update cycle than the Semi-annual Channel can offer. For those machines, you must install Windows 10 Enterprise LTSB to avoid feature updates for up to 10 years. Identify these devices, and separate them from the phased deployment and servicing cycles to help remove confusion for your administrators and ensure that devices are handled correctly. 
 - **Recruit volunteers.** The purpose of testing a deployment is to receive feedback. One effective way to recruit pilot users is to request volunteers. When doing so, clearly state that you’re looking for feedback rather than people to just “try it out” and that there could be occasional issues involved with accepting feature updates right away. With Windows as a service, the expectation is that there should be few issues, but if an issue does arise, you want testers to let you know as soon as possible. When considering whom to recruit for pilot groups, be sure to include members who provide the broadest set of applications and devices to validate the largest number of apps and devices possible.
 - **Update Group Policy.** Each feature update includes new group policies to manage new features. If you use Group Policy to manage devices, the Group Policy Admin for the Active Directory domain will need to download a .admx package and copy it to their [Central Store](https://support.microsoft.com/help/929841/how-to-create-the-central-store-for-group-policy-administrative-templa) (or to the [PolicyDefinitions](https://msdn.microsoft.com/library/bb530196.aspx) directory in the SYSVOL of a domain controller if not using a Central Store). Always manage new group polices from the version of Windows 10 they shipped with by using the Remote Server Administration Tools. The ADMX download package is created at the end of each development cycle and then posted for download. To find the ADMX download package for a given Windows build, search for “ADMX download for Windows build xxxx”. For details about Group Policy management, see [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra)
-- **Choose a servicing tool.** Decide which product you’ll use to manage the Windows updates in your environment. If you’re currently using Windows Server Update Services (WSUS) or System Center Configuration Manager to manage your Windows updates, you can continue using those products to manage Windows 10 updates. Alternatively, you can use Windows Update for Business. In addition to which product you’ll use, consider how you’ll deliver the updates. With Windows 10, multiple peer-to-peer options are available to make update distribution faster. For a comparison of tools, see [Servicing tools](waas-overview.md#servicing-tools).
+- **Choose a servicing tool.** Decide which product you’ll use to manage the Windows updates in your environment. If you’re currently using Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager to manage your Windows updates, you can continue using those products to manage Windows 10 updates. Alternatively, you can use Windows Update for Business. In addition to which product you’ll use, consider how you’ll deliver the updates. With Windows 10, multiple peer-to-peer options are available to make update distribution faster. For a comparison of tools, see [Servicing tools](waas-overview.md#servicing-tools).
 - **Prioritize applications.** First, create an application portfolio. This list should include everything installed in your organization and any webpages your organization hosts. Next, prioritize this list to identify those that are the most business critical. Because the expectation is that application compatibility with Windows 10 will be high, only the most business critical applications should be tested before the pilot phase; everything else can be tested afterwards. For more information about identifying compatibility issues withe applications, see [Manage Windows upgrades with Upgrade Analytics](../upgrade/manage-windows-upgrades-with-upgrade-readiness.md). 
 
 >[!NOTE]
@@ -56,7 +56,7 @@ Each time Microsoft releases a Windows 10 feature update, the IT department shou
 | ![to do](images/checklistbox.gif) | [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md) |
 | ![to do](images/checklistbox.gif) | [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md) |
 | ![to do](images/checklistbox.gif) | [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md) |
-| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md) |
+| ![to do](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)</br>or [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md) |
 
 
 ## Related topics
diff --git a/windows/deployment/update/waas-wufb-group-policy.md b/windows/deployment/update/waas-wufb-group-policy.md
index 8b7d1bcfd2..5119f6f5be 100644
--- a/windows/deployment/update/waas-wufb-group-policy.md
+++ b/windows/deployment/update/waas-wufb-group-policy.md
@@ -138,7 +138,7 @@ We recommend that you set up a ring to receive preview builds by joining the Win
 - [Integrate Windows Update for Business with management solutions](waas-integrate-wufb.md)
 - [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
 
 
diff --git a/windows/deployment/update/waas-wufb-intune.md b/windows/deployment/update/waas-wufb-intune.md
index 71296b4265..30af2075e1 100644
--- a/windows/deployment/update/waas-wufb-intune.md
+++ b/windows/deployment/update/waas-wufb-intune.md
@@ -282,7 +282,7 @@ You have now configured the **Ring 4 Broad business users** deployment ring to r
 - [Integrate Windows Update for Business with management solutions](waas-integrate-wufb.md)
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
 - [Deploy Windows 10 updates using Windows Server Update Services](waas-manage-updates-wsus.md)
-- [Deploy Windows 10 updates using System Center Configuration Manager](waas-manage-updates-configuration-manager.md)
+- [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](waas-manage-updates-configuration-manager.md)
 - [Manage device restarts after updates](waas-restart.md)
 
 
diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
index 5898646433..390875d11b 100644
--- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
+++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
@@ -73,7 +73,7 @@ If devices are not showing up as expected, find a representative device and foll
 5. Check the output of the script in the command window and/or log **UA_dateTime_machineName.txt** to ensure that all steps were completed successfully.
 6. If you are still seeing errors you can't diagnose, then consider open a support case with Microsoft Support through your regular channel and provide this information.
 
-If you want to check a large number of devices, you should run the latest script at scale from your management tool of choice (for example, System Center Configuration Manager) and check the results centrally.
+If you want to check a large number of devices, you should run the latest script at scale from your management tool of choice (for example, Microsoft Endpoint Configuration Manager) and check the results centrally.
 
 If you think the issue might be related to a network proxy, check "Enable data sharing" section of the [Enrolling devices in Windows Analytics](windows-analytics-get-started.md) topic. Also see [Understanding connectivity scenarios and the deployment script](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) on the Windows Analytics blog.
 
@@ -285,7 +285,7 @@ Note that different Azure Log Analytics plans have different data retention peri
 
 
 ### Why do SCCM and Upgrade Readiness show different counts of devices that are ready to upgrade?
-System Center Configuration Manager (SCCM) considers a device ready to upgrade if *no installed app* has an upgrade decision of “not ready” (that is, they are all "ready" or "in progress"), while Upgrade Readiness considers a device ready to upgrade only if *all* installed apps are marked “ready”.
+Microsoft Endpoint Configuration Manager considers a device ready to upgrade if *no installed app* has an upgrade decision of “not ready” (that is, they are all "ready" or "in progress"), while Upgrade Readiness considers a device ready to upgrade only if *all* installed apps are marked “ready”.
 
 Currently, you can choose the criteria you wish to use:
 - To use the SCCM criteria, create the collection of devices ready to upgrade within the SCCM console (using the analytics connector).

From 9906750fa0124069be45944d4799c8e007e5440a Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 27 Dec 2019 17:01:18 -0800
Subject: [PATCH 018/247] Rebrand System Center to Msft Endpoint - Seven

---
 ...ollment-using-windows-provisioning-tool.md |   2 +-
 ...dded-8-1-handheld-devices-to-windows-10.md |  24 +-
 .../mdm/mdm-enrollment-of-windows-devices.md  |   2 +-
 .../client-management/mdm/policy-ddf-file.md  |   8 +-
 .../windows-10-mobile-and-mdm.md              |   4 +-
 windows/configuration/TOC.md                  |   2 +-
 .../cortana-at-work-overview.md               |   2 +-
 .../cortana-at-work-voice-commands.md         |   2 +-
 ...can-use-configuration-service-providers.md |   2 +-
 .../provisioning-create-package.md            |   2 +-
 .../provisioning-packages.md                  |   4 +-
 ...ith-system-center-configuration-manager.md |   8 +-
 .../ue-v/uev-deploy-required-features.md      |   4 +-
 .../uev-deploy-uev-for-custom-applications.md |   2 +-
 .../ue-v/uev-manage-configurations.md         |   4 +-
 .../ue-v/uev-prepare-for-deployment.md        |   6 +-
 windows/deployment/TOC.md                     |   4 +-
 .../change-history-for-deploy-windows-10.md   | 321 ++++++------
 windows/deployment/deploy-m365.md             | 157 +++---
 windows/deployment/deploy-whats-new.md        |   4 +-
 ...ystem-image-using-configuration-manager.md | 151 +++---
 ...-windows-pe-using-configuration-manager.md |   4 +-
 ...e-boot-image-with-configuration-manager.md | 235 ++++-----
 ...-windows-10-using-configuration-manager.md |   8 +-
 ...-10-using-pxe-and-configuration-manager.md | 153 +++---
 ...em-center-2012-r2-configuration-manager.md | 229 ++++-----
 ...0-deployment-with-configuration-manager.md |   6 +-
 ...0-deployment-with-configuration-manager.md |   8 +-
 ...f-windows-10-with-configuration-manager.md |   8 +-
 ...-windows-10-using-configuration-manager.md |   8 +-
 ...-windows-10-using-configuration-manager.md | 481 +++++++++---------
 windows/deployment/deploy.md                  |   4 +-
 32 files changed, 933 insertions(+), 926 deletions(-)

diff --git a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
index c5b559cf50..182e1020aa 100644
--- a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
+++ b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
@@ -35,7 +35,7 @@ On the desktop and mobile devices, you can use an enrollment certificate or enro
 > [!NOTE]
 > -   Bulk-join is not supported in Azure Active Directory Join.
 > -   Bulk enrollment does not work in Intune standalone environment.
-> -   Bulk enrollment works in System Center Configuration Manager (SCCM) + Intune hybrid environment where the ppkg is generated from the SCCM console.
+> -   Bulk enrollment works in Microsoft Endpoint Configuration Manager + Intune hybrid environment where the ppkg is generated from the SCCM console.
 > -   To change bulk enrollment settings, login to **AAD**, then **Devices**, and then click **Device Settings**. Change the number under **Maximum number of devices per user**.
 
 ## What you need
diff --git a/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md b/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
index e05ab31e6f..7544b5297b 100644
--- a/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
+++ b/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
@@ -15,7 +15,7 @@ ms.date: 06/26/2017
 # Enable offline upgrades to Windows 10 for Windows Embedded 8.1 Handheld devices
 
 
-Like any Windows devices, Windows 10 Mobile devices use Microsoft Update by default to download updates over the Internet. However, in some enterprise environments, devices may not be able to access the Internet to retrieve their updates. Because of network restrictions or other enterprise policies, devices must download their updates from an internal location. This document describes how to enable offline updates using System Center Configuration Manager.
+Like any Windows devices, Windows 10 Mobile devices use Microsoft Update by default to download updates over the Internet. However, in some enterprise environments, devices may not be able to access the Internet to retrieve their updates. Because of network restrictions or other enterprise policies, devices must download their updates from an internal location. This document describes how to enable offline updates using Microsoft Endpoint Configuration Manager.
 
 Here is a table of update path to Windows 10 Mobile.
 
@@ -79,7 +79,7 @@ Down the road, after the upgrade to Windows 10 is complete, if you decide to pus
 **Requirements:**
 
 -   The test device must be same as the other production devices that are receiving the updates.
--   Your test device must be enrolled with System Center Configuration Manager.
+-   Your test device must be enrolled with Microsoft Endpoint Configuration Manager.
 -   Your device can connect to the Internet.
 -   Your device must have an SD card with at least 0.5 GB of free space.
 -   Ensure that the settings app and PhoneUpdate applet are available via Assigned Access.
@@ -93,7 +93,7 @@ The following diagram is a high-level overview of the process.
 
 Define the baseline update set that will be applied to other devices. Use a device that is running the most recent image as the test device.
 
-Trigger the device to check for updates either manually or using System Center Configuration Manager.
+Trigger the device to check for updates either manually or using Microsoft Endpoint Configuration Manager.
 
 **Manually**
 
@@ -104,7 +104,7 @@ Trigger the device to check for updates either manually or using System Center C
 > **Note**  There is a bug in all OS versions up to GDR2 where the CSP will not set the assigned value. There is no way to change or set this until GDR2 is deployed onto the device.
 
 
-**Using System Center Configuration Manager**
+**Using Microsoft Endpoint Configuration Manager**
 
 1.  Remotely trigger a scan of the test device by deploying a Trigger Scan Configuration Baseline.
 
@@ -132,16 +132,16 @@ There are two ways to retrieve this file from the device; one pre-GDR1 and one p
 
 1.  Create a Configuration Item using ConfigMgr to look at the registry entry ./Vendor/MSFT/EnterpriseExt/DeviceUpdate/ApprovedUpdatesXml.
 
-    > **Note**  In System Center Configuration Manager, you may see an error about exceeding the file limit when using ApprovedUpdatesXml. However, the process still completes even if the file is large.
+    > **Note**  In Microsoft Endpoint Configuration Manager, you may see an error about exceeding the file limit when using ApprovedUpdatesXml. However, the process still completes even if the file is large.
 
     If the XML file is greater than 32K you can also use ./Vendor/MSFT/FileSystem/&lt;*filename*&gt;.
 2.  Set a baseline for this Configuration Item with a “dummy” value (such as zzz), and ensure that you do not remediate it.
 
     The dummy value is not be set; it is only used for comparison.
-3.  After the report XML is sent to the device, System Center Configuration Manager displays a compliance log that contains the report information. The log can contain significant amount of data.
+3.  After the report XML is sent to the device, Microsoft Endpoint Configuration Manager displays a compliance log that contains the report information. The log can contain significant amount of data.
 4.  Parse this log for the report XML content.
 
-For a step-by-step walkthrough, see [How to retrieve a device update report using System Center Configuration Manager logs](#how-to-retrieve-a-device-update-report-using-system-center-configuration-manager-logs).
+For a step-by-step walkthrough, see [How to retrieve a device update report using Microsoft Endpoint Configuration Manager logs](#how-to-retrieve-a-device-update-report-using-system-center-configuration-manager-logs).
 
 **Post-GDR1: Retrieve the report xml file using an SD card**
 
@@ -252,7 +252,7 @@ Now that the other "production" or "in-store" devices have the necessary informa
 
 ### Use this process for unmanaged devices
 
-If the update policy of the device is not managed or restricted by System Center Configuration Manager, an update process can be initiated on the device in one of the following ways:
+If the update policy of the device is not managed or restricted by Microsoft Endpoint Configuration Manager, an update process can be initiated on the device in one of the following ways:
 
 -   Initiated by a periodic scan that the device automatically performs.
 -   Initiated manually through **Settings** -&gt; **Phone Update** -&gt; **Check for Updates**.
@@ -261,14 +261,14 @@ If the update policy of the device is not managed or restricted by System Center
 
 If the update policy of the device is managed or restricted by MDM, an update process can be initiated on the device in one of the following ways:
 
--   Trigger the device to scan for updates through System Center Configuration Manager.
+-   Trigger the device to scan for updates through Microsoft Endpoint Configuration Manager.
 
     Ensure that the trigger scan has successfully executed, and then remove the trigger scan configuration baseline.
 
     > **Note**  Ensure that the PhoneUpdateRestriction Policy is set to a value of 0, to ensure that the device will not perform an automatic scan.
 
 
--   Trigger the device to scan as part of a Maintenance Window defined by the IT Admin in System Center Configuration Manager.
+-   Trigger the device to scan as part of a Maintenance Window defined by the IT Admin in Microsoft Endpoint Configuration Manager.
 
 After the installation of updates is completed, the IT Admin can use the DUReport generated in the production devices to determine if the device successfully installed the list of updates. If the device did not, error codes are provided in the DUReport.xml. To retrieve the device update report from a device, perform the same steps defined in [Step 2](#step2).
 
@@ -456,7 +456,7 @@ DownloadFiles $inputFile $downloadCache $localCacheURL
 ```
 
 <a href="" id="how-to-retrieve"></a>
-## How to retrieve a device update report using System Center Configuration Manager logs
+## How to retrieve a device update report using Microsoft Endpoint Configuration Manager logs
 
 Use this procedure for pre-GDR1 devices.
 
@@ -465,7 +465,7 @@ Use this procedure for pre-GDR1 devices.
 1.  Trigger a device scan. Go to **Settings** -&gt; **Phone Update** -&gt; **Check for Updates**.
 
     Since the DUReport settings have not been remedied, you should see a non-compliance.
-2.  In System Center Configuration Manager under **Assets and Compliance** &gt; **Compliance Settings**, right-click on **Configuration Items**.
+2.  In Microsoft Endpoint Configuration Manager under **Assets and Compliance** &gt; **Compliance Settings**, right-click on **Configuration Items**.
 3.  Select **Create Configuration Item**.
 
     ![device update using sccm](images/windowsembedded-update5.png)
diff --git a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
index 08bae9914c..d6d47fa107 100644
--- a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
+++ b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
@@ -279,7 +279,7 @@ There are a few instances where your device may not be able to connect to work,
 |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
 | Your device is already connected to your organization’s cloud.                                                                                                                             | Your device is already connected to either Azure AD, a work or school account, or an AD domain.     |
 | We could not find your identity in your organization’s cloud.                                                                                                                              | The username you entered was not found on your Azure AD tenant.                                     |
-| Your device is already being managed by an organization.                                                                                                                                   | Your device is either already managed by MDM or System Center Configuration Manager.                |
+| Your device is already being managed by an organization.                                                                                                                                   | Your device is either already managed by MDM or Microsoft Endpoint Configuration Manager.                |
 | You don’t have the right privileges to perform this operation. Please talk to your admin.                                                                                                  | You cannot enroll your device into MDM as a standard user. You must be on an administrator account. |
 | We couldn’t auto-discover a management endpoint matching the username entered. Please check your username and try again. If you know the URL to your management endpoint, please enter it. | You need to provide the server URL for your MDM or check the spelling of the username you entered.  |
 
diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
index a5298bf190..5cea02dabc 100644
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
@@ -1660,7 +1660,7 @@ Related Documents:
 - Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
@@ -11037,7 +11037,7 @@ Related Documents:
 - Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
@@ -23035,7 +23035,7 @@ Related Documents:
 - Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
@@ -51689,7 +51689,7 @@ Related Documents:
 - Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
diff --git a/windows/client-management/windows-10-mobile-and-mdm.md b/windows/client-management/windows-10-mobile-and-mdm.md
index 47a439de72..81a57e3657 100644
--- a/windows/client-management/windows-10-mobile-and-mdm.md
+++ b/windows/client-management/windows-10-mobile-and-mdm.md
@@ -37,7 +37,7 @@ Windows 10 supports end-to-end device lifecycle management to give companies con
 ## Deploy
 
 Windows 10 Mobile has a built-in device management client to deploy, configure, maintain, and support smartphones. Common to all editions of the Windows 10 operating system, including desktop, mobile, and Internet of Things (IoT), this client provides a single interface through which Mobile Device Management (MDM) solutions can manage any device that runs Windows 10. Because the MDM client integrates with identity management, the effort required to manage devices throughout the lifecycle is greatly reduced.
-Windows 10 includes comprehensive MDM capabilities that can be managed by Microsoft management solutions, such as Microsoft Intune or System Center Configuration Manager, as well as many third-party MDM solutions. There is no need to install an additional, custom MDM app to enroll devices and bring them under MDM control. All MDM system vendors have equal access to Windows 10 Mobile device management application programming interfaces (APIs), giving IT organizations the freedom to select whichever system best fits their management requirements, whether Microsoft Intune or a third-party MDM product. For more information about Windows 10 Mobile device management APIs, see [Mobile device management](https://go.microsoft.com/fwlink/p/?LinkId=734050).
+Windows 10 includes comprehensive MDM capabilities that can be managed by Microsoft management solutions, such as Microsoft Intune or Microsoft Endpoint Configuration Manager, as well as many third-party MDM solutions. There is no need to install an additional, custom MDM app to enroll devices and bring them under MDM control. All MDM system vendors have equal access to Windows 10 Mobile device management application programming interfaces (APIs), giving IT organizations the freedom to select whichever system best fits their management requirements, whether Microsoft Intune or a third-party MDM product. For more information about Windows 10 Mobile device management APIs, see [Mobile device management](https://go.microsoft.com/fwlink/p/?LinkId=734050).
 
 ### <a href="" id="deployment-scenarios"></a>Deployment scenarios
 
@@ -187,7 +187,7 @@ Azure AD is a cloud-based directory service that provides identity and access ma
 
 **Mobile Device Management**
 Microsoft [Intune](https://www.microsoft.com/server-cloud/products/microsoft-intune/overview.aspx), part of the Enterprise Mobility + Security, is a cloud-based MDM system that manages devices off premises. Like Office 365, Intune uses Azure AD for identity management so employees use the same credentials to enroll devices in Intune that they use to sign into Office 365. Intune supports devices that run other operating systems, such as iOS and Android, to provide a complete MDM solution.
-You can also integrate Intune with Configuration Manager to gain a single console for managing all devices in the cloud and on premises, mobile or PC. For more information, see [Manage Mobile Devices with Configuration Manager and Microsoft Intune](https://technet.microsoft.com/library/jj884158.aspx). For guidance on choosing between a stand-alone Intune installation and Intune integrated with System Center Configuration Manager, see Choose between Intune by itself or integrating Intune with System Center Configuration Manager.
+You can also integrate Intune with Configuration Manager to gain a single console for managing all devices in the cloud and on premises, mobile or PC. For more information, see [Manage Mobile Devices with Configuration Manager and Microsoft Intune](https://technet.microsoft.com/library/jj884158.aspx). For guidance on choosing between a stand-alone Intune installation and Intune integrated with Microsoft Endpoint Configuration Manager, see Choose between Intune by itself or integrating Intune with Configuration Manager.
 Multiple MDM systems support Windows 10 and most support personal and corporate device deployment scenarios. MDM providers that support Windows 10 Mobile currently include: AirWatch, Citrix, MobileIron, SOTI, Blackberry and others. Most industry-leading MDM vendors already support integration with Azure AD. You can find the MDM vendors that support Azure AD in [Azure Marketplace](https://azure.microsoft.com/marketplace/). If your organization doesn’t use Azure AD, the user must use an MSA during OOBE before enrolling the device in your MDM using a corporate account.
 
 >**Note:** Although not covered in this guide, you can use Exchange ActiveSync (EAS) to manage mobile devices instead of using a full-featured MDM system. EAS is available in Microsoft Exchange Server 2010 or later and Office 365.
diff --git a/windows/configuration/TOC.md b/windows/configuration/TOC.md
index c0ad05a8bd..7428624219 100644
--- a/windows/configuration/TOC.md
+++ b/windows/configuration/TOC.md
@@ -141,7 +141,7 @@
 ### [Administering UE-V](ue-v/uev-administering-uev.md)
 #### [Manage Configurations for UE-V](ue-v/uev-manage-configurations.md)
 ##### [Configuring UE-V with Group Policy Objects](ue-v/uev-configuring-uev-with-group-policy-objects.md)
-##### [Configuring UE-V with System Center Configuration Manager](ue-v/uev-configuring-uev-with-system-center-configuration-manager.md)
+##### [Configuring UE-V with Microsoft Endpoint Configuration Manager](ue-v/uev-configuring-uev-with-system-center-configuration-manager.md)
 ##### [Administering UE-V with Windows PowerShell and WMI](ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md)
 ###### [Managing the UE-V Service and Packages with Windows PowerShell and WMI](ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md)
 ###### [Managing UE-V Settings Location Templates Using Windows PowerShell and WMI](ue-v/uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md)
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-overview.md b/windows/configuration/cortana-at-work/cortana-at-work-overview.md
index cca8151178..48199e5b25 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-overview.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-overview.md
@@ -45,7 +45,7 @@ Cortana requires the following hardware and software to successfully run the inc
 |Client operating system |<ul><li>**Desktop:** Windows 10, version 1703</li><li>**Mobile:** Windows 10 Mobile, version 1703 (with limited functionality)</li> |
 |Azure Active Directory (Azure AD) |While all employees signing into Cortana need an Azure AD account; an Azure AD premium tenant isn’t required. |
 |Additional policies (Group Policy and Mobile Device Management (MDM)) |There is a rich set of policies that can be used to manage various aspects of Cortana. Most of these policies will limit the abilities of Cortana, but won't turn Cortana off.<p>For example:<p>If you turn **Location** off, Cortana won't be able to provide location-based reminders, such as reminding you to visit the mail room when you get to work.<p>If you turn **Speech** off, your employees won't be able to use “Hello Cortana” for hands free usage or voice commands to easily ask for help. |
-|Windows Information Protection (WIP) (optional) |If you want to secure the calendar, email, and contact info provided to Cortana on a device, you can use WIP. For more info about WIP, see [Protect your enterprise data using Windows Information Protection (WIP)](/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip)<p>If you decide to use WIP, you must also have a management solution. This can be Microsoft Intune, Microsoft System Center Configuration Manager (version 1606 or later), or your current company-wide 3rd party mobile device management (MDM) solution.|
+|Windows Information Protection (WIP) (optional) |If you want to secure the calendar, email, and contact info provided to Cortana on a device, you can use WIP. For more info about WIP, see [Protect your enterprise data using Windows Information Protection (WIP)](/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip)<p>If you decide to use WIP, you must also have a management solution. This can be Microsoft Intune, Microsoft Endpoint Configuration Manager (version 1606 or later), or your current company-wide 3rd party mobile device management (MDM) solution.|
 
 ## Signing in using Azure AD
 Your organization must have an Azure AD tenant and your employees’ devices must all be Azure AD-joined for Cortana to work properly. For info about what an Azure AD tenant is, how to get your devices joined, and other Azure AD maintenance info, see [What is an Azure AD directory?](https://msdn.microsoft.com/library/azure/jj573650.aspx)
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md b/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md
index 825037d62d..9ae00ff891 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md
@@ -36,7 +36,7 @@ To enable voice commands in Cortana
 
     - **Start Cortana removing focus from your app, using specific voice-enabled statements.** [Activate a background app in Cortana using voice commands](https://docs.microsoft.com/cortana/voice-commands/launch-a-background-app-with-voice-commands-in-cortana).
 
-2.	**Install the VCD file on employees' devices**. You can use System Center Configuration Manager or Microsoft Intune to deploy and install the VCD file on your employees' devices, the same way you deploy and install any other package in your organization.
+2.	**Install the VCD file on employees' devices**. You can use Microsoft Endpoint Configuration Manager or Microsoft Intune to deploy and install the VCD file on your employees' devices, the same way you deploy and install any other package in your organization.
 
 ## Test scenario: Use voice commands in a Microsoft Store app
 While these aren't line-of-business apps, we've worked to make sure to implement a VCD file, allowing you to test how the functionality works with Cortana in your organization.
diff --git a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
index be16f1f393..641af623c3 100644
--- a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
+++ b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
@@ -42,7 +42,7 @@ CSPs are behind many of the management tasks and policies for Windows 10, both i
 
 ![how intune maps to csp](../images/policytocsp.png)
 
-CSPs receive configuration policies in the XML-based SyncML format, pushed from an MDM-compliant management server, such as Microsoft Intune. Traditional enterprise management systems, such as System Center Configuration Manager, can also target CSPs, by using a client-side WMI-to-CSP bridge.
+CSPs receive configuration policies in the XML-based SyncML format, pushed from an MDM-compliant management server, such as Microsoft Intune. Traditional enterprise management systems, such as Microsoft Endpoint Configuration Manager, can also target CSPs, by using a client-side WMI-to-CSP bridge.
 
 ### Synchronization Markup Language (SyncML)
 
diff --git a/windows/configuration/provisioning-packages/provisioning-create-package.md b/windows/configuration/provisioning-packages/provisioning-create-package.md
index 3f608dd8ee..3689adcee6 100644
--- a/windows/configuration/provisioning-packages/provisioning-create-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-create-package.md
@@ -148,7 +148,7 @@ For details on each specific setting, see [Windows Provisioning settings referen
 
 - Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](https://go.microsoft.com/fwlink/p/?LinkId=615922)
 
-- [How to bulk-enroll devices with On-premises Mobile Device Management in System Center Configuration Manager](https://docs.microsoft.com/sccm/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
+- [How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
 
 ## Related topics
 
diff --git a/windows/configuration/provisioning-packages/provisioning-packages.md b/windows/configuration/provisioning-packages/provisioning-packages.md
index b67d2c9fa7..8899cc5501 100644
--- a/windows/configuration/provisioning-packages/provisioning-packages.md
+++ b/windows/configuration/provisioning-packages/provisioning-packages.md
@@ -112,7 +112,7 @@ The following table provides some examples of settings that you can configure us
 |          Start menu customization          |                                           Start menu layout, application pinning                                            |
 |                   Other                    |                     Home and lock screen wallpaper, computer name, domain join, DNS settings, and so on                     |
 
-\* Using a provisioning package for auto-enrollment to System Center Configuration Manager or Configuration Manager/Intune hybrid is not supported. Use the Configuration Manager console to enroll devices.
+\* Using a provisioning package for auto-enrollment to Microsoft Endpoint Configuration Manager or Configuration Manager/Intune hybrid is not supported. Use the Configuration Manager console to enroll devices.
 
 
 For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( https://go.microsoft.com/fwlink/p/?LinkId=619012).
@@ -136,7 +136,7 @@ Windows ICD in Windows 10, version 1607, supported the following scenarios for I
 
 * **Mobile device enrollment into management** - Enables IT administrators to purchase off-the-shelf retail Windows 10 Mobile devices and enroll them into mobile device management (MDM) before handing them to end-users in the organization. IT administrators can use Windows ICD to specify the management end-point and apply the configuration on target devices by connecting them to a Windows PC (tethered deployment) or through an SD card. Supported management end-points include: 
 
-    * System Center Configuration Manager and Microsoft Intune hybrid (certificate-based enrollment) 
+    * Microsoft Endpoint Configuration Manager and Microsoft Intune hybrid (certificate-based enrollment) 
     * AirWatch (password-string based enrollment) 
     * Mobile Iron (password-string based enrollment) 
     * Other MDMs (cert-based enrollment) 
diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
index 0d078ba82b..f8aaf3bc5a 100644
--- a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
+++ b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
@@ -1,6 +1,6 @@
 ---
-title: Configuring UE-V with System Center Configuration Manager
-description: Configuring UE-V with System Center Configuration Manager 
+title: Configuring UE-V with Microsoft Endpoint Configuration Manager
+description: Configuring UE-V with Microsoft Endpoint Configuration Manager 
 author: dansimp
 ms.pagetype: mdop, virtualization
 ms.mktglfcycl: deploy
@@ -14,12 +14,12 @@ ms.topic: article
 ---
 
 
-# Configuring UE-V with System Center Configuration Manager 
+# Configuring UE-V with Microsoft Endpoint Configuration Manager 
 
 **Applies to**
 -   Windows 10, version 1607
 
-After you deploy User Experience Virtualization (UE-V) and its required features, you can start to configure it to meet your organization's need. The UE-V Configuration Pack provides a way for administrators to use the Compliance Settings feature of System Center Configuration Manager (2012 SP1 or later) to apply consistent configurations across sites where UE-V and Configuration Manager are installed.
+After you deploy User Experience Virtualization (UE-V) and its required features, you can start to configure it to meet your organization's need. The UE-V Configuration Pack provides a way for administrators to use the Compliance Settings feature of Microsoft Endpoint Configuration Manager (2012 SP1 or later) to apply consistent configurations across sites where UE-V and Configuration Manager are installed.
 
 ## UE-V Configuration Pack supported features
 
diff --git a/windows/configuration/ue-v/uev-deploy-required-features.md b/windows/configuration/ue-v/uev-deploy-required-features.md
index 926765cff2..cda337c5d6 100644
--- a/windows/configuration/ue-v/uev-deploy-required-features.md
+++ b/windows/configuration/ue-v/uev-deploy-required-features.md
@@ -52,7 +52,7 @@ The settings storage location is defined by setting the SettingsStoragePath conf
 
 -   Through [Group Policy](uev-configuring-uev-with-group-policy-objects.md) settings
 
--   With the [System Center Configuration Pack](uev-configuring-uev-with-system-center-configuration-manager.md) for UE-V
+-   With the [Microsoft Endpoint Configuration Pack](uev-configuring-uev-with-system-center-configuration-manager.md) for UE-V
 
 -   With [Windows PowerShell or Windows Management Instrumentation (WMI)](uev-administering-uev-with-windows-powershell-and-wmi.md)
 
@@ -117,7 +117,7 @@ You can configure UE-V before, during, or after you enable the UE-V service on u
 
     Windows Server 2012 and Windows Server 2012 R2
 
--   [**Configuration Manager**](uev-configuring-uev-with-system-center-configuration-manager.md) The UE-V Configuration Pack lets you use the Compliance Settings feature of System Center Configuration Manager to apply consistent configurations across sites where UE-V and Configuration Manager are installed.
+-   [**Configuration Manager**](uev-configuring-uev-with-system-center-configuration-manager.md) The UE-V Configuration Pack lets you use the Compliance Settings feature of Microsoft Endpoint Configuration Manager to apply consistent configurations across sites where UE-V and Configuration Manager are installed.
 
 -   [**Windows PowerShell and WMI**](uev-administering-uev-with-windows-powershell-and-wmi.md) You can use scripted commands for Windows PowerShell and Windows Management Instrumentation (WMI) to modify the configuration of the UE-V service.
 
diff --git a/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md b/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md
index edb70df39e..918e018c48 100644
--- a/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md
+++ b/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md
@@ -222,7 +222,7 @@ After you create a settings location template with the UE-V template generator,
 
 You can deploy settings location templates using of these methods:
 
--   An electronic software distribution (ESD) system such as System Center Configuration Manager
+-   An electronic software distribution (ESD) system such as Microsoft Endpoint Configuration Manager
 
 -   Group Policy preferences
 
diff --git a/windows/configuration/ue-v/uev-manage-configurations.md b/windows/configuration/ue-v/uev-manage-configurations.md
index dddea0457c..acad942ea1 100644
--- a/windows/configuration/ue-v/uev-manage-configurations.md
+++ b/windows/configuration/ue-v/uev-manage-configurations.md
@@ -27,11 +27,11 @@ You can use Group Policy Objects to modify the settings that define how UE-V syn
 
 [Configuring UE-V with Group Policy Objects](uev-configuring-uev-with-group-policy-objects.md)
 
-## Configuring UE-V with System Center Configuration Manager
+## Configuring UE-V with Microsoft Endpoint Configuration Manager
 
 You can use System Center Configuration Manager to manage the UE-V service by using the UE-V Configuration Pack.
 
-[Configuring UE-V with System Center Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md)
+[Configuring UE-V with Microsoft Endpoint Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md)
 
 ## Administering UE-V with PowerShell and WMI
 
diff --git a/windows/configuration/ue-v/uev-prepare-for-deployment.md b/windows/configuration/ue-v/uev-prepare-for-deployment.md
index 7e2ed82e70..c56e5b4661 100644
--- a/windows/configuration/ue-v/uev-prepare-for-deployment.md
+++ b/windows/configuration/ue-v/uev-prepare-for-deployment.md
@@ -267,9 +267,9 @@ For more information, see the [Windows Application List](uev-managing-settings-l
 
 If you are deploying UE-V to synchronize settings for custom applications, you’ll use the UE-V template generator to create custom settings location templates for those desktop applications. After you create and test a custom settings location template in a test environment, you can deploy the settings location templates to user devices.
 
-Custom settings location templates must be deployed with an existing deployment infrastructure, such as an enterprise software distribution method, including System Center Configuration Manager, with preferences, or by configuring a UE-V settings template catalog. Templates that are deployed with Configuration Manager or Group Policy must be registered using UE-V WMI or Windows PowerShell.
+Custom settings location templates must be deployed with an existing deployment infrastructure, such as an enterprise software distribution method, including Microsoft Endpoint Configuration Manager, with preferences, or by configuring a UE-V settings template catalog. Templates that are deployed with Configuration Manager or Group Policy must be registered using UE-V WMI or Windows PowerShell.
 
-For more information about custom settings location templates, see [Deploy UE-V with custom applications](uev-deploy-uev-for-custom-applications.md). For more information about using UE-V with Configuration Manager, see [Configuring UE-V with System Center Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md).
+For more information about custom settings location templates, see [Deploy UE-V with custom applications](uev-deploy-uev-for-custom-applications.md). For more information about using UE-V with Configuration Manager, see [Configuring UE-V with Microsoft Endpoint Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md).
 
 ### Prevent unintentional user settings configuration
 
@@ -362,7 +362,7 @@ The UE-V service synchronizes user settings for devices that are not always conn
 
 Enable this configuration using one of these methods:
 
-- After you enable the UE-V service, use the Settings Management feature in System Center Configuration Manager or the UE-V ADMX templates (installed with Windows 10, version 1607) to push the SyncMethod = None configuration.
+- After you enable the UE-V service, use the Settings Management feature in Microsoft Endpoint Configuration Manager or the UE-V ADMX templates (installed with Windows 10, version 1607) to push the SyncMethod = None configuration.
 
 - Use Windows PowerShell or Windows Management Instrumentation (WMI) to set the SyncMethod = None configuration.
 
diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md
index 2e88d65395..3e09a3f04b 100644
--- a/windows/deployment/TOC.md
+++ b/windows/deployment/TOC.md
@@ -35,7 +35,7 @@
 
 ### [Windows 10 deployment test lab](windows-10-poc.md)
 #### [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md)
-#### [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md)
+#### [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)
 
 ### [Plan for Windows 10 deployment](planning/index.md)
 #### [Windows 10 Enterprise FAQ for IT Pros](planning/windows-10-enterprise-faq-itpro.md)
@@ -267,7 +267,7 @@
 ### Use Windows Server Update Services
 #### [Deploy Windows 10 updates using Windows Server Update Services](update/waas-manage-updates-wsus.md)
 #### [Enable FoD and language pack updates in Windows Update](update/fod-and-lang-packs.md)
-### [Deploy Windows 10 updates using System Center Configuration Manager](update/waas-manage-updates-configuration-manager.md)
+### [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](update/waas-manage-updates-configuration-manager.md)
 ### [Manage device restarts after updates](update/waas-restart.md)
 ### [Manage additional Windows Update settings](update/waas-wu-settings.md)
 ### [Determine the source of Windows updates](update/windows-update-sources.md)
diff --git a/windows/deployment/change-history-for-deploy-windows-10.md b/windows/deployment/change-history-for-deploy-windows-10.md
index e6a2e1664a..2389ae314a 100644
--- a/windows/deployment/change-history-for-deploy-windows-10.md
+++ b/windows/deployment/change-history-for-deploy-windows-10.md
@@ -1,160 +1,161 @@
----
-title: Change history for Deploy Windows 10 (Windows 10)
-description: This topic lists new and updated topics in the Deploy Windows 10 documentation for Windows 10 and Windows 10 Mobile.
-ms.assetid: 19C50373-6B25-4F5C-A6EF-643D36904349
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Change history for Deploy Windows 10
-This topic lists new and updated topics in the [Deploy Windows 10](https://docs.microsoft.com/windows/deployment) documentation for [Windows 10 and Windows 10 Mobile](/windows/windows-10).
-
-## April 2018
-
-New or changed topic | Description
---- | ---
-[Install VAMT](volume-activation/install-vamt.md) | Updated the instructions and link for SQL Server Express.
-
-## November 2017
-
-New or changed topic | Description
--- | ---
- [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md)  | Added warning that you should not use **SkipMachineOOBE** or **SkipUserOOBE** in your Unattend.xml.
-
-## RELEASE: Windows 10, version 1709
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | Updated the edition upgrade table to include all other Windows 10 editions previously not on the list and the supported upgrade methods for upgrade path. |
-| [Fonts missing after upgrading to Windows 10](windows-10-missing-fonts.md)| New article about the set of fonts that have moved from being included in the default installation image to being included in Optional Features. This article includes the steps for adding these optional font features.|
-
-## July 2017
-| New or changed topic | Description |
-|----------------------|-------------|
-| The table of contents for deployment topics was reorganized.
-
-## June 2017
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Overview of Windows Autopilot](windows-autopilot/windows-autopilot.md) | New |
-
-## April 2017
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md) | Updated: The "refresh" and "replace" procedures were swapped in order so that it would not be necessary to save and restore VMs. Also a missing step was added to include the State migration point role. | 
-| [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)| Updated with minor fixes. |
-| [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md)| Updated child topics under this node to include new feature and user interface changes. |
-| [Get started with Upgrade Readiness](upgrade/upgrade-readiness-get-started.md)| Added a table summarizing connection scenarios under the Enable data sharing topic. |
-
-
-## RELEASE: Windows 10, version 1703
-The topics in this library have been updated for Windows 10, version 1703 (also known as the Creators Update). The provisioning topics have been moved to [Configure Windows 10](/windows/configuration/index).
-
-
-## March 2017
-| New or changed topic | Description |
-|----------------------|-------------|
-| [What's new in Windows 10 deployment](deploy-whats-new.md) | New | 
-| [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md) | Topic moved under [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) in the table of contents and title adjusted to clarify in-place upgrade. | 
-| [Upgrade to Windows 10 with System Center Configuration Manager](upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md) | Topic moved under [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) in the table of contents and title adjusted to clarify in-place upgrade. | 
-| [Convert MBR partition to GPT](mbr-to-gpt.md) | New | 
-
-## February 2017
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) | Multiple topics updated, name changed from Upgrade Analytics to Upgrade Readiness, and other content updates. | 
-| [USMT Requirements](usmt/usmt-requirements.md) | Updated: Vista support removed and other minor changes | 
-| [Get started with Upgrade Analytics](upgrade/upgrade-readiness-get-started.md) | Updated structure and content | 
-| [Upgrade Analytics deployment script](upgrade/upgrade-readiness-deployment-script.md) | Added as a separate page from get started | 
-| [Use Upgrade Analytics to manage Windows upgrades](upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md) | Updated with links to new content and information about the target OS setting |
-| [Upgrade Analytics - Upgrade overview](upgrade/upgrade-readiness-upgrade-overview.md) | New | 
-| [Upgrade Analytics - Step 1: Identify important apps](upgrade/upgrade-readiness-identify-apps.md) | Updated topic title and content | 
-| [Upgrade Analytics - Step 2: Resolve app and driver issues](upgrade/upgrade-readiness-resolve-issues.md) | New | 
-| [Upgrade Analytics - Step 3: Deploy Windows](upgrade/upgrade-readiness-deploy-windows.md) | New | 
-| [Upgrade Analytics - Additional insights](upgrade/upgrade-readiness-additional-insights.md) | New | 
-
-
-## January 2017
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md) | New | 
-| [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) | New | 
-| [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md) | New | 
-| [Apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-apply-package) | New (previously published in other topics) | 
-| [Create a provisioning package for Windows 10](/windows/configuration/provisioning-packages/provisioning-create-package) | New (previously published in Hardware Dev Center on MSDN) | 
-| [Create a provisioning package with multivariant settings](/windows/configuration/provisioning-packages/provisioning-multivariant) | New (previously published in Hardware Dev Center on MSDN) | 
-| [How provisioning works in Windows 10](/windows/configuration/provisioning-packages/provisioning-how-it-works) | New (previously published in Hardware Dev Center on MSDN) | 
-| [Install Windows Imaging and Configuration Designer](/windows/configuration/provisioning-packages/provisioning-install-icd) | New (previously published in Hardware Dev Center on MSDN) |
-| [NFC-based device provisioning](/windows/configuration/mobile-devices/provisioning-nfc) | New (previously published in Hardware Dev Center on MSDN) | 
-| [Settings changed when you uninstall a provisioning package](/windows/configuration/provisioning-packages/provisioning-uninstall-package) | New (previously published in Hardware Dev Center on MSDN) | 
-| [Use a script to install a desktop app in provisioning packages](/windows/configuration/provisioning-packages/provisioning-script-to-install-app) | New (previously published in Hardware Dev Center on MSDN) |
-| [Windows ICD command-line interface (reference)](/windows/configuration/provisioning-packages/provisioning-command-line) | New (previously published in Hardware Dev Center on MSDN) |
-| [Get started with Upgrade Analytics](upgrade/upgrade-readiness-get-started.md) | Updated exit code table with suggested fixes, and added link to the Upgrade Analytics blog | 
-| [Provision PCs with common settings for initial deployment (simple provisioning)](/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment) | Instructions for applying the provisioning package moved to [Apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-apply-package) |
-| [Provision PCs with apps and certificates for initial deployments (advanced provisioning)](/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates) | Instructions for applying the provisioning package moved to [Apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-apply-package) |
-
-
-## October 2016
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) | New | 
-
-## September 2016
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Windows 10 Enterprise E3 in CSP Overview](windows-10-enterprise-e3-overview.md) | New | 
-| [Get started with Upgrade Analytics](upgrade/upgrade-readiness-get-started.md) | Updated with prerequisites for site discovery |
-| [Resolve application and driver issues](upgrade/upgrade-readiness-resolve-issues.md) | Updated with app status info for Ready For Windows |
-| [Review site discovery](upgrade/upgrade-readiness-additional-insights.md) | New |
-
-## RELEASE: Windows 10, version 1607
-
-The topics in this library have been updated for Windows 10, version 1607 (also known as the Anniversary Update). The following new topics have been added: 
-
-- [Provisioning packages for Windows 10](/windows/configuration/provisioning-packages/provisioning-packages.md)
-- [Provision PCs with apps and certificates for initial deployment](/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates.md)
-- [Provision PCs with common settings for initial deployment](/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md)
-
-## August 2016
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | Updated with reboot requirements | 
-
-## July 2016
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Manage Windows upgrades with Upgrade Analytics](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) | New |
-
-## June 2016
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) | New |
-| [User State Migration Tool Technical Reference](usmt/usmt-technical-reference.md) | Updated support statement for Office 2016 |
-| [Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) | New |
-
-## May 2016
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management](upgrade/upgrade-windows-phone-8-1-to-10.md) | New |
-
-## December 2015
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Activate using Key Management Service](volume-activation/activate-using-key-management-service-vamt.md) | Updated |
-| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | Updated |
-
-## November 2015
-| New or changed topic | Description |
-|----------------------|-------------|
-| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | New |
-
-## Related topics
-- [Change history for Plan for Windows 10 deployment](/windows/deployment/planning/change-history-for-plan-for-windows-10-deployment)
-- [Change history for Access Protection](/windows/access-protection/change-history-for-access-protection)
-- [Change history for Device Security](/windows/device-security/change-history-for-device-security)
-- [Change history for Threat Protection](/windows/threat-protection/change-history-for-threat-protection)
+---
+title: Change history for Deploy Windows 10 (Windows 10)
+description: This topic lists new and updated topics in the Deploy Windows 10 documentation for Windows 10 and Windows 10 Mobile.
+ms.assetid: 19C50373-6B25-4F5C-A6EF-643D36904349
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Change history for Deploy Windows 10
+This topic lists new and updated topics in the [Deploy Windows 10](https://docs.microsoft.com/windows/deployment) documentation for [Windows 10 and Windows 10 Mobile](/windows/windows-10).
+
+## April 2018
+
+New or changed topic | Description
+--- | ---
+[Install VAMT](volume-activation/install-vamt.md) | Updated the instructions and link for SQL Server Express.
+
+## November 2017
+
+New or changed topic | Description
+-- | ---
+ [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md)  | Added warning that you should not use **SkipMachineOOBE** or **SkipUserOOBE** in your Unattend.xml.
+
+## RELEASE: Windows 10, version 1709
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | Updated the edition upgrade table to include all other Windows 10 editions previously not on the list and the supported upgrade methods for upgrade path. |
+| [Fonts missing after upgrading to Windows 10](windows-10-missing-fonts.md)| New article about the set of fonts that have moved from being included in the default installation image to being included in Optional Features. This article includes the steps for adding these optional font features.|
+
+## July 2017
+| New or changed topic | Description |
+|----------------------|-------------|
+| The table of contents for deployment topics was reorganized.
+
+## June 2017
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Overview of Windows Autopilot](windows-autopilot/windows-autopilot.md) | New |
+
+## April 2017
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) | Updated: The "refresh" and "replace" procedures were swapped in order so that it would not be necessary to save and restore VMs. Also a missing step was added to include the State migration point role. | 
+| [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)| Updated with minor fixes. |
+| [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md)| Updated child topics under this node to include new feature and user interface changes. |
+| [Get started with Upgrade Readiness](upgrade/upgrade-readiness-get-started.md)| Added a table summarizing connection scenarios under the Enable data sharing topic. |
+
+
+## RELEASE: Windows 10, version 1703
+The topics in this library have been updated for Windows 10, version 1703 (also known as the Creators Update). The provisioning topics have been moved to [Configure Windows 10](/windows/configuration/index).
+
+
+## March 2017
+| New or changed topic | Description |
+|----------------------|-------------|
+| [What's new in Windows 10 deployment](deploy-whats-new.md) | New | 
+| [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md) | Topic moved under [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) in the table of contents and title adjusted to clarify in-place upgrade. | 
+| [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md) | Topic moved under [Deploy Windows 10 with Microsoft Endpoint Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) in the table of contents and title adjusted to clarify in-place upgrade. | 
+| [Convert MBR partition to GPT](mbr-to-gpt.md) | New | 
+
+## February 2017
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) | Multiple topics updated, name changed from Upgrade Analytics to Upgrade Readiness, and other content updates. | 
+| [USMT Requirements](usmt/usmt-requirements.md) | Updated: Vista support removed and other minor changes | 
+| [Get started with Upgrade Analytics](upgrade/upgrade-readiness-get-started.md) | Updated structure and content | 
+| [Upgrade Analytics deployment script](upgrade/upgrade-readiness-deployment-script.md) | Added as a separate page from get started | 
+| [Use Upgrade Analytics to manage Windows upgrades](upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md) | Updated with links to new content and information about the target OS setting |
+| [Upgrade Analytics - Upgrade overview](upgrade/upgrade-readiness-upgrade-overview.md) | New | 
+| [Upgrade Analytics - Step 1: Identify important apps](upgrade/upgrade-readiness-identify-apps.md) | Updated topic title and content | 
+| [Upgrade Analytics - Step 2: Resolve app and driver issues](upgrade/upgrade-readiness-resolve-issues.md) | New | 
+| [Upgrade Analytics - Step 3: Deploy Windows](upgrade/upgrade-readiness-deploy-windows.md) | New | 
+| [Upgrade Analytics - Additional insights](upgrade/upgrade-readiness-additional-insights.md) | New | 
+
+
+## January 2017
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md) | New | 
+| [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) | New | 
+| [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) | New | 
+| [Apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-apply-package) | New (previously published in other topics) | 
+| [Create a provisioning package for Windows 10](/windows/configuration/provisioning-packages/provisioning-create-package) | New (previously published in Hardware Dev Center on MSDN) | 
+| [Create a provisioning package with multivariant settings](/windows/configuration/provisioning-packages/provisioning-multivariant) | New (previously published in Hardware Dev Center on MSDN) | 
+| [How provisioning works in Windows 10](/windows/configuration/provisioning-packages/provisioning-how-it-works) | New (previously published in Hardware Dev Center on MSDN) | 
+| [Install Windows Imaging and Configuration Designer](/windows/configuration/provisioning-packages/provisioning-install-icd) | New (previously published in Hardware Dev Center on MSDN) |
+| [NFC-based device provisioning](/windows/configuration/mobile-devices/provisioning-nfc) | New (previously published in Hardware Dev Center on MSDN) | 
+| [Settings changed when you uninstall a provisioning package](/windows/configuration/provisioning-packages/provisioning-uninstall-package) | New (previously published in Hardware Dev Center on MSDN) | 
+| [Use a script to install a desktop app in provisioning packages](/windows/configuration/provisioning-packages/provisioning-script-to-install-app) | New (previously published in Hardware Dev Center on MSDN) |
+| [Windows ICD command-line interface (reference)](/windows/configuration/provisioning-packages/provisioning-command-line) | New (previously published in Hardware Dev Center on MSDN) |
+| [Get started with Upgrade Analytics](upgrade/upgrade-readiness-get-started.md) | Updated exit code table with suggested fixes, and added link to the Upgrade Analytics blog | 
+| [Provision PCs with common settings for initial deployment (simple provisioning)](/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment) | Instructions for applying the provisioning package moved to [Apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-apply-package) |
+| [Provision PCs with apps and certificates for initial deployments (advanced provisioning)](/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates) | Instructions for applying the provisioning package moved to [Apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-apply-package) |
+
+
+## October 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) | New | 
+
+## September 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Windows 10 Enterprise E3 in CSP Overview](windows-10-enterprise-e3-overview.md) | New | 
+| [Get started with Upgrade Analytics](upgrade/upgrade-readiness-get-started.md) | Updated with prerequisites for site discovery |
+| [Resolve application and driver issues](upgrade/upgrade-readiness-resolve-issues.md) | Updated with app status info for Ready For Windows |
+| [Review site discovery](upgrade/upgrade-readiness-additional-insights.md) | New |
+
+## RELEASE: Windows 10, version 1607
+
+The topics in this library have been updated for Windows 10, version 1607 (also known as the Anniversary Update). The following new topics have been added: 
+
+- [Provisioning packages for Windows 10](/windows/configuration/provisioning-packages/provisioning-packages.md)
+- [Provision PCs with apps and certificates for initial deployment](/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates.md)
+- [Provision PCs with common settings for initial deployment](/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md)
+
+## August 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | Updated with reboot requirements | 
+
+## July 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Manage Windows upgrades with Upgrade Analytics](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) | New |
+
+## June 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) | New |
+| [User State Migration Tool Technical Reference](usmt/usmt-technical-reference.md) | Updated support statement for Office 2016 |
+| [Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) | New |
+
+## May 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management](upgrade/upgrade-windows-phone-8-1-to-10.md) | New |
+
+## December 2015
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Activate using Key Management Service](volume-activation/activate-using-key-management-service-vamt.md) | Updated |
+| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | Updated |
+
+## November 2015
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) | New |
+
+## Related topics
+- [Change history for Plan for Windows 10 deployment](/windows/deployment/planning/change-history-for-plan-for-windows-10-deployment)
+- [Change history for Access Protection](/windows/access-protection/change-history-for-access-protection)
+- [Change history for Device Security](/windows/device-security/change-history-for-device-security)
+- [Change history for Threat Protection](/windows/threat-protection/change-history-for-threat-protection)
diff --git a/windows/deployment/deploy-m365.md b/windows/deployment/deploy-m365.md
index 1ec460b74e..750119724d 100644
--- a/windows/deployment/deploy-m365.md
+++ b/windows/deployment/deploy-m365.md
@@ -1,78 +1,79 @@
----
-title: Deploy Windows 10 with Microsoft 365
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-description: Concepts about deploying Windows 10 for M365
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-keywords: deployment, automate, tools, configure, mdt, sccm, M365
-ms.localizationpriority: medium
-audience: itpro
author: greg-lindsay
-ms.topic: article
-ms.collection: M365-modern-desktop
----
-
-# Deploy Windows 10 with Microsoft 365
-
-**Applies to**
-
--   Windows 10
-
-This topic provides a brief overview of Microsoft 365 and describes how to use a free 90-day trial account to review some of the benefits of Microsoft 365.
-
-[Microsoft 365](https://www.microsoft.com/microsoft-365) is a new offering from Microsoft that combines [Windows 10](https://www.microsoft.com/windows/features) with [Office 365](https://products.office.com/business/explore-office-365-for-business), and [Enterprise Mobility and Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) (EMS). See the [M365 Enterprise poster](#m365-enterprise-poster) for an overview.
-
-For Windows 10 deployment, Microsoft 365 includes a fantastic deployment advisor that can walk you through the entire process of deploying Windows 10. The wizard supports multiple Windows 10 deployment methods, including:
-
-- Windows Autopilot
-- In-place upgrade
-- Deploying Windows 10 upgrade with Intune
-- Deploying Windows 10 upgrade with System Center Configuration Manager
-- Deploying a computer refresh with System Center Configuration Manager
-
-## Free trial account
-
-**If you already have a Microsoft services subscription account and access to the Microsoft 365 Admin Center**
-
-From the [Microsoft 365 Admin Center](https://portal.office.com), go to Billing and then Purchase services.
-In the Enterprise Suites section of the service offerings, you will find Microsoft 365 E3 and Microsoft 365 E5 tiles.
-There are "Start Free Trial" options available for your selection by hovering your mouse over the tiles.
-
-**If you do not already have a Microsoft services subscription**
-
-You can check out the Microsoft 365 deployment advisor and other resources for free! Just follow the steps below. 
-
->[!NOTE]
->If you have not run a setup guide before, you will see the **Prepare your environment** guide first. This is to make sure you have basics covered like domain verification and a method for adding users. At the end of the "Prepare your environment" guide, there will be a **Ready to continue** button that sends you to the original guide that was selected.
-
-1. [Obtain a free M365 trial](https://docs.microsoft.com/office365/admin/try-or-buy-microsoft-365).
-2. Check out the [Microsoft 365 deployment advisor](https://portal.office.com/onboarding/Microsoft365DeploymentAdvisor#/).
-3. Also check out the [Windows Analytics deployment advisor](https://portal.office.com/onboarding/WindowsAnalyticsDeploymentAdvisor#/). This advisor will walk you through deploying [Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness), [Update Compliance](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), and [Device Health](https://docs.microsoft.com/windows/deployment/update/device-health-monitor). 
-
-That's all there is to it! 
-
-Examples of these two deployment advisors are shown below.
-
-- [Microsoft 365 deployment advisor example](#microsoft-365-deployment-advisor-example)
-- [Windows Analytics deployment advisor example](#windows-analytics-deployment-advisor-example)
-
-## Microsoft 365 deployment advisor example
-![Microsoft 365 deployment advisor](images/m365da.png)
-
-## Windows Analytics deployment advisor example
-
-
-## M365 Enterprise poster
-
-[![M365 Enterprise poster](images/m365e.png)](https://aka.ms/m365eposter)
-
-## Related Topics
-
-[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)<br>
-[Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home)
-
-
-
+---
+title: Deploy Windows 10 with Microsoft 365
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+description: Concepts about deploying Windows 10 for M365
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+keywords: deployment, automate, tools, configure, mdt, sccm, M365
+ms.localizationpriority: medium
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+ms.collection: M365-modern-desktop
+---
+
+# Deploy Windows 10 with Microsoft 365
+
+**Applies to**
+
+-   Windows 10
+
+This topic provides a brief overview of Microsoft 365 and describes how to use a free 90-day trial account to review some of the benefits of Microsoft 365.
+
+[Microsoft 365](https://www.microsoft.com/microsoft-365) is a new offering from Microsoft that combines [Windows 10](https://www.microsoft.com/windows/features) with [Office 365](https://products.office.com/business/explore-office-365-for-business), and [Enterprise Mobility and Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) (EMS). See the [M365 Enterprise poster](#m365-enterprise-poster) for an overview.
+
+For Windows 10 deployment, Microsoft 365 includes a fantastic deployment advisor that can walk you through the entire process of deploying Windows 10. The wizard supports multiple Windows 10 deployment methods, including:
+
+- Windows Autopilot
+- In-place upgrade
+- Deploying Windows 10 upgrade with Intune
+- Deploying Windows 10 upgrade with Microsoft Endpoint Configuration Manager
+- Deploying a computer refresh with Microsoft Endpoint Configuration Manager
+
+## Free trial account
+
+**If you already have a Microsoft services subscription account and access to the Microsoft 365 Admin Center**
+
+From the [Microsoft 365 Admin Center](https://portal.office.com), go to Billing and then Purchase services.
+In the Enterprise Suites section of the service offerings, you will find Microsoft 365 E3 and Microsoft 365 E5 tiles.
+There are "Start Free Trial" options available for your selection by hovering your mouse over the tiles.
+
+**If you do not already have a Microsoft services subscription**
+
+You can check out the Microsoft 365 deployment advisor and other resources for free! Just follow the steps below. 
+
+>[!NOTE]
+>If you have not run a setup guide before, you will see the **Prepare your environment** guide first. This is to make sure you have basics covered like domain verification and a method for adding users. At the end of the "Prepare your environment" guide, there will be a **Ready to continue** button that sends you to the original guide that was selected.
+
+1. [Obtain a free M365 trial](https://docs.microsoft.com/office365/admin/try-or-buy-microsoft-365).
+2. Check out the [Microsoft 365 deployment advisor](https://portal.office.com/onboarding/Microsoft365DeploymentAdvisor#/).
+3. Also check out the [Windows Analytics deployment advisor](https://portal.office.com/onboarding/WindowsAnalyticsDeploymentAdvisor#/). This advisor will walk you through deploying [Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness), [Update Compliance](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), and [Device Health](https://docs.microsoft.com/windows/deployment/update/device-health-monitor). 
+
+That's all there is to it! 
+
+Examples of these two deployment advisors are shown below.
+
+- [Microsoft 365 deployment advisor example](#microsoft-365-deployment-advisor-example)
+- [Windows Analytics deployment advisor example](#windows-analytics-deployment-advisor-example)
+
+## Microsoft 365 deployment advisor example
+![Microsoft 365 deployment advisor](images/m365da.png)
+
+## Windows Analytics deployment advisor example
+
+
+## M365 Enterprise poster
+
+[![M365 Enterprise poster](images/m365e.png)](https://aka.ms/m365eposter)
+
+## Related Topics
+
+[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)<br>
+[Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home)
+
+
+
diff --git a/windows/deployment/deploy-whats-new.md b/windows/deployment/deploy-whats-new.md
index e512fb6f51..0ee0a6d5b3 100644
--- a/windows/deployment/deploy-whats-new.md
+++ b/windows/deployment/deploy-whats-new.md
@@ -49,7 +49,7 @@ See [Deploy Windows 10 with Microsoft 365](deploy-m365.md) for an overview, whic
 
 ## Windows 10 servicing and support
 
-- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with System Center Configuration Manager content coming soon! 
+- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with Microsoft Endpoint Configuration Manager content coming soon! 
 - [**Automatic Restart Sign-on (ARSO)**](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#automatic-restart-and-sign-on-arso-for-enterprises-build-18305): Windows will automatically logon as the user and lock their device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed.  
 - [**Windows Update for Business**](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523): There will now be a single, common start date for phased deployments (no more SAC-T designation). In addition, there will a new notification and reboot scheduling experience for end users, the ability to enforce update installation and reboot deadlines, and the ability to provide end user control over reboots for a specific time period. 
 - **Update rollback improvements**: You can now automatically recover from startup failures by removing updates if the startup failure was introduced after the installation of recent driver or quality updates. When a device is unable to start up properly after the recent installation of Quality of driver updates, Windows will now automatically uninstall the updates to get the device back up and running normally.
@@ -157,7 +157,7 @@ For more information, see the following guides:
 
 - [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)
 - [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md)
-- [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md)
+- [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)
 
 
 ## Troubleshooting guidance
diff --git a/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md
index cb8f13a66b..6ac06fb09b 100644
--- a/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md
@@ -1,75 +1,76 @@
----
-title: Add a Windows 10 operating system image using Configuration Manager (Windows 10)
-description: Operating system images are typically the production image used for deployment throughout the organization.
-ms.assetid: 77f769cc-1a47-4f36-8082-201cd77b8d3b
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-keywords: image, deploy, distribute
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Add a Windows 10 operating system image using Configuration Manager
-
-
-**Applies to**
-
--   Windows 10 versions 1507, 1511
-
->[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
-
-Operating system images are typically the production image used for deployment throughout the organization. This topic shows you how to add a Windows 10 operating system image created with Microsoft System Center 2012 R2 Configuration Manager, and how to distribute the image to a distribution point.
-
-For the purposes of this topic, we will use CM01, a machine running Windows Server 2012 R2 Standard, as the distribution point. CM01 is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). Our image is named REFW10-X64-001.wim. For details on building this image, please see [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md).
-
-1.  Using File Explorer, in the **E:\\Sources\\OSD\\OS** folder, create a subfolder named **Windows 10 Enterprise x64 RTM**.
-
-2.  Copy the REFW10-X64-001.wim file to the **E:\\Sources\\OSD\\OS\\Windows 10 Enterprise x64 RTM** folder.
-
-    ![figure 17](../images/fig17-win10image.png)
-
-    Figure 17. The Windows 10 image copied to the Sources folder structure.
-
-3.  Using the Configuration Manager Console, in the Software Library workspace, right-click **Operating System Images**, and select **Add Operating System Image**.
-
-4.  On the **Data Source** page, in the **Path:** text box, browse to \\\\CM01\\Sources$\\OSD\\OS\\Windows 10 Enterprise x64 RTM\\REFW10-X64-001.wim and click **Next**.
-
-5.  On the **General** page, assign the name Windows 10 Enterprise x64 RTM and click **Next** twice, and then click **Close**.
-
-6.  Distribute the operating system image to the CM01 distribution point by right-clicking the Windows 10 Enterprise x64 RTM operating system image and selecting **Distribute Content**.
-
-7.  In the Distribute Content Wizard, add the CM01 distribution point.
-
-8.  View the content status for the Windows 10 Enterprise x64 RTM package. Do not continue until the distribution is completed. You also can review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for the **STATMSG: ID=2301** line.
-
-    ![figure 18](../images/fig18-distwindows.png)
-
-    Figure 18. The distributed Windows 10 Enterprise x64 RTM package.
-
-## Related topics
-
-
-[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
-
-[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
-[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
-
-[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
-
-[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
-
-[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
-
-[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
-
-[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
-[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+---
+title: Add a Windows 10 operating system image using Configuration Manager (Windows 10)
+description: Operating system images are typically the production image used for deployment throughout the organization.
+ms.assetid: 77f769cc-1a47-4f36-8082-201cd77b8d3b
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+keywords: image, deploy, distribute
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Add a Windows 10 operating system image using Configuration Manager
+
+
+**Applies to**
+
+-   Windows 10 versions 1507, 1511
+
+>[!IMPORTANT]
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+
+Operating system images are typically the production image used for deployment throughout the organization. This topic shows you how to add a Windows 10 operating system image created with Microsoft Endpoint Configuration Manager, and how to distribute the image to a distribution point.
+
+For the purposes of this topic, we will use CM01, a machine running Windows Server 2012 R2 Standard, as the distribution point. CM01 is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). Our image is named REFW10-X64-001.wim. For details on building this image, please see [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md).
+
+1.  Using File Explorer, in the **E:\\Sources\\OSD\\OS** folder, create a subfolder named **Windows 10 Enterprise x64 RTM**.
+
+2.  Copy the REFW10-X64-001.wim file to the **E:\\Sources\\OSD\\OS\\Windows 10 Enterprise x64 RTM** folder.
+
+    ![figure 17](../images/fig17-win10image.png)
+
+    Figure 17. The Windows 10 image copied to the Sources folder structure.
+
+3.  Using the Configuration Manager Console, in the Software Library workspace, right-click **Operating System Images**, and select **Add Operating System Image**.
+
+4.  On the **Data Source** page, in the **Path:** text box, browse to \\\\CM01\\Sources$\\OSD\\OS\\Windows 10 Enterprise x64 RTM\\REFW10-X64-001.wim and click **Next**.
+
+5.  On the **General** page, assign the name Windows 10 Enterprise x64 RTM and click **Next** twice, and then click **Close**.
+
+6.  Distribute the operating system image to the CM01 distribution point by right-clicking the Windows 10 Enterprise x64 RTM operating system image and selecting **Distribute Content**.
+
+7.  In the Distribute Content Wizard, add the CM01 distribution point.
+
+8.  View the content status for the Windows 10 Enterprise x64 RTM package. Do not continue until the distribution is completed. You also can review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for the **STATMSG: ID=2301** line.
+
+    ![figure 18](../images/fig18-distwindows.png)
+
+    Figure 18. The distributed Windows 10 Enterprise x64 RTM package.
+
+## Related topics
+
+
+[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
+
+[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
+
+[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+
+[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+
+[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
+
+[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
+
+[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
diff --git a/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
index 19e35e39b3..eccb9f8b03 100644
--- a/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
@@ -24,8 +24,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
 
 In this topic, you will learn how to configure the Windows Preinstallation Environment (Windows PE) to include the network drivers required to connect to the deployment share and the storage drivers required to see the local storage on machines. Even though the Windows PE boot image and the Windows 10 operating system contain many out-of-the-box drivers, it is likely you will have to add new or updated drivers to support all your hardware. In this section, you import drivers for both Windows PE and the full Windows 10 operating system.
 
diff --git a/windows/deployment/deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
index 34a005a021..dc55808a67 100644
--- a/windows/deployment/deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
@@ -1,117 +1,118 @@
----
-title: Create a custom Windows PE boot image with Configuration Manager (Windows 10)
-description: In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features.
-ms.assetid: b9e96974-324d-4fa4-b0ce-33cfc49c4809
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-keywords: tool, customize, deploy, boot image
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Create a custom Windows PE boot image with Configuration Manager
-
-
-**Applies to**
-
--   Windows 10 versions 1507, 1511
-
->[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
-
-In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This topic shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
-
-For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. Both are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
-
-## <a href="" id="sec01"></a>Add DaRT 10 files and prepare to brand the boot image
-
-
-The steps below outline the process for adding DaRT 10 installation files to the MDT installation directory. You also copy a custom background image to be used later. We assume you have downloaded Microsoft Desktop Optimization Pack (MDOP) 2015 and copied the x64 version of MSDaRT10.msi to the C:\\Setup\\DaRT 10 folder. We also assume you have created a custom background image and saved it in C:\\Setup\\Branding on CM01. In this section, we use a custom background image named ContosoBackground.bmp.
-
-1.  Install DaRT 10 (C:\\Setup\\DaRT 10\\MSDaRT10.msi) using the default settings.
-
-2.  Using File Explorer, navigate to the **C:\\Program Files\\Microsoft DaRT\\v10** folder.
-
-3.  Copy the Toolsx64.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x64** folder.
-
-4.  Copy the Toolsx86.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x86** folder.
-
-5.  Using File Explorer, navigate to the **C:\\Setup** folder.
-
-6.  Copy the **Branding** folder to **E:\\Sources\\OSD**.
-
-## <a href="" id="sec02"></a>Create a boot image for Configuration Manager using the MDT wizard
-
-
-By using the MDT wizard to create the boot image in Configuration Manager, you gain additional options for adding components and features to the boot image. In this section, you create a boot image for Configuration Manager using the MDT wizard.
-
-1.  Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Boot Images**, and select **Create Boot Image using MDT**.
-
-2.  On the **Package Source** page, in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Boot\\Zero Touch WinPE x64** and click **Next**.
-
-    >[!NOTE]
-    >The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later by the wizard.
-
-3.  On the **General Settings** page, assign the name **Zero Touch WinPE x64** and click **Next**.
-
-4.  On the **Options** page, select the **x64** platform, and click **Next**.
-
-5.  On the **Components** page, in addition to the default selected **Microsoft Data Access Components (MDAC/ADO)** support, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box.
-
-    ![Add the DaRT component to the Configuration Manager boot image](../images/mdt-06-fig16.png "Add the DaRT component to the Configuration Manager boot image")
-
-    Figure 15. Add the DaRT component to the Configuration Manager boot image.
-
-6.  On the **Customization** page, select the **Use a custom background bitmap file** check box, and in the **UNC path:** text box, browse to **\\\\CM01\\Sources$\\OSD\\Branding\\ ContosoBackground.bmp**. Then click **Next** twice.
-
-    >[!NOTE]
-    >It will take a few minutes to generate the boot image.
-
-7.  Distribute the boot image to the CM01 distribution point by selecting the **Boot images** node, right-clicking the **Zero Touch WinPE x64** boot image, and selecting **Distribute Content**.
-
-8.  In the Distribute Content Wizard, add the CM01 distribution point, and complete the wizard.
-
-9.  Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file. Do not continue until you can see that the boot image is distributed. Look for the line that reads STATMSG: ID=2301. You also can view Content Status in the Configuration Manager Console by selecting **the Zero Touch WinPE x86** boot image.
-
-    ![Content status for the Zero Touch WinPE x64 boot image](../images/fig16-contentstatus.png "Content status for the Zero Touch WinPE x64 boot image")
-
-    Figure 16. Content status for the Zero Touch WinPE x64 boot image
-
-10. Using the Configuration Manager Console, right-click the **Zero Touch WinPE x64** boot image and select **Properties**.
-
-11. In the **Data Source** tab, select the **Deploy this boot image from the PXE-enabled distribution point** check box, and click **OK**.
-
-12. Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for this text: Expanding PS10000B to E:\\RemoteInstall\\SMSImages.
-
-13. Review the **E:\\RemoteInstall\\SMSImages** folder. You should see three folders containing boot images. Two are from the default boot images, and the third folder (PS10000B) is from your new boot image with DaRT.
-
-## Related topics
-
-
-[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
-
-[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
-[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
-
-[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
-
-[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
-
-[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
-
-[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
-
-[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
-[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
- 
-
- 
+---
+title: Create a custom Windows PE boot image with Configuration Manager (Windows 10)
+description: In Microsoft Endpoint Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features.
+ms.assetid: b9e96974-324d-4fa4-b0ce-33cfc49c4809
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+keywords: tool, customize, deploy, boot image
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Create a custom Windows PE boot image with Configuration Manager
+
+
+**Applies to**
+
+-   Windows 10 versions 1507, 1511
+
+>[!IMPORTANT]
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+
+In Microsoft Microsoft Endpoint Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This topic shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
+
+For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. Both are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
+
+## <a href="" id="sec01"></a>Add DaRT 10 files and prepare to brand the boot image
+
+
+The steps below outline the process for adding DaRT 10 installation files to the MDT installation directory. You also copy a custom background image to be used later. We assume you have downloaded Microsoft Desktop Optimization Pack (MDOP) 2015 and copied the x64 version of MSDaRT10.msi to the C:\\Setup\\DaRT 10 folder. We also assume you have created a custom background image and saved it in C:\\Setup\\Branding on CM01. In this section, we use a custom background image named ContosoBackground.bmp.
+
+1.  Install DaRT 10 (C:\\Setup\\DaRT 10\\MSDaRT10.msi) using the default settings.
+
+2.  Using File Explorer, navigate to the **C:\\Program Files\\Microsoft DaRT\\v10** folder.
+
+3.  Copy the Toolsx64.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x64** folder.
+
+4.  Copy the Toolsx86.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x86** folder.
+
+5.  Using File Explorer, navigate to the **C:\\Setup** folder.
+
+6.  Copy the **Branding** folder to **E:\\Sources\\OSD**.
+
+## <a href="" id="sec02"></a>Create a boot image for Configuration Manager using the MDT wizard
+
+
+By using the MDT wizard to create the boot image in Configuration Manager, you gain additional options for adding components and features to the boot image. In this section, you create a boot image for Configuration Manager using the MDT wizard.
+
+1.  Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Boot Images**, and select **Create Boot Image using MDT**.
+
+2.  On the **Package Source** page, in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Boot\\Zero Touch WinPE x64** and click **Next**.
+
+    >[!NOTE]
+    >The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later by the wizard.
+
+3.  On the **General Settings** page, assign the name **Zero Touch WinPE x64** and click **Next**.
+
+4.  On the **Options** page, select the **x64** platform, and click **Next**.
+
+5.  On the **Components** page, in addition to the default selected **Microsoft Data Access Components (MDAC/ADO)** support, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box.
+
+    ![Add the DaRT component to the Configuration Manager boot image](../images/mdt-06-fig16.png "Add the DaRT component to the Configuration Manager boot image")
+
+    Figure 15. Add the DaRT component to the Configuration Manager boot image.
+
+6.  On the **Customization** page, select the **Use a custom background bitmap file** check box, and in the **UNC path:** text box, browse to **\\\\CM01\\Sources$\\OSD\\Branding\\ ContosoBackground.bmp**. Then click **Next** twice.
+
+    >[!NOTE]
+    >It will take a few minutes to generate the boot image.
+
+7.  Distribute the boot image to the CM01 distribution point by selecting the **Boot images** node, right-clicking the **Zero Touch WinPE x64** boot image, and selecting **Distribute Content**.
+
+8.  In the Distribute Content Wizard, add the CM01 distribution point, and complete the wizard.
+
+9.  Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file. Do not continue until you can see that the boot image is distributed. Look for the line that reads STATMSG: ID=2301. You also can view Content Status in the Configuration Manager Console by selecting **the Zero Touch WinPE x86** boot image.
+
+    ![Content status for the Zero Touch WinPE x64 boot image](../images/fig16-contentstatus.png "Content status for the Zero Touch WinPE x64 boot image")
+
+    Figure 16. Content status for the Zero Touch WinPE x64 boot image
+
+10. Using the Configuration Manager Console, right-click the **Zero Touch WinPE x64** boot image and select **Properties**.
+
+11. In the **Data Source** tab, select the **Deploy this boot image from the PXE-enabled distribution point** check box, and click **OK**.
+
+12. Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for this text: Expanding PS10000B to E:\\RemoteInstall\\SMSImages.
+
+13. Review the **E:\\RemoteInstall\\SMSImages** folder. You should see three folders containing boot images. Two are from the default boot images, and the third folder (PS10000B) is from your new boot image with DaRT.
+
+## Related topics
+
+
+[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
+
+[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
+
+[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+
+[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+
+[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
+
+[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
+
+[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+ 
+
+ 
diff --git a/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
index 19ffe1ae2a..8d21f1a46f 100644
--- a/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
@@ -1,6 +1,6 @@
 ---
 title: Create an app to deploy with Windows 10 using Configuration Manager
-description: Microsoft System Center 2012 R2 Configuration Manager supports deploying applications as part of the Windows 10 deployment process.
+description: Microsoft Microsoft Endpoint Configuration Manager supports deploying applications as part of the Windows 10 deployment process.
 ms.assetid: 2dfb2f39-1597-4999-b4ec-b063e8a8c90c
 ms.reviewer: 
 manager: laurawi
@@ -23,10 +23,10 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for  Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
 
-Microsoft System Center 2012 R2 Configuration Manager supports deploying applications as part of the Windows 10 deployment process. In this section, you create an application in System Center 2012 R2 Configuration Manager that you later configure the task sequence to use.
+Microsoft Endpoint Configuration Manager supports deploying applications as part of the Windows 10 deployment process. In this section, you create an application in Microsoft Endpoint Configuration Manager that you later configure the task sequence to use.
 
 For the purposes of this topic, we will use CM01, a machine running Windows Server 2012 R2 Standard that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
diff --git a/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md b/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md
index 71be4f7e4b..97c53aa86f 100644
--- a/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md
@@ -1,76 +1,77 @@
----
-title: Deploy Windows 10 using PXE and Configuration Manager (Windows 10)
-description: In this topic, you will learn how to deploy Windows 10 using Microsoft System Center 2012 R2 Configuration Manager deployment packages and task sequences.
-ms.assetid: fb93f514-5b30-4f4b-99dc-58e6860009fa
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-keywords: deployment, image, UEFI, task sequence
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Deploy Windows 10 using PXE and Configuration Manager
-
-
-**Applies to**
-
--   Windows 10 versions 1507, 1511
-
->[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
-
-In this topic, you will learn how to deploy Windows 10 using Microsoft System Center 2012 R2 Configuration Manager deployment packages and task sequences. This topic will walk you through the process of deploying the Windows 10 Enterprise image to a Unified Extensible Firmware Interface (UEFI) machine named PC0001.
-
-For the purposes of this topic, we will use two additional machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. DC01, CM01, and PC0001 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
-
-1.  Start the PC0001 machine. At the Pre-Boot Execution Environment (PXE) boot menu, press **Enter** to allow it to PXE boot.
-
-    ![figure 31](../images/mdt-06-fig36.png)
-
-    Figure 31. PXE booting PC0001.
-
-2.  On the **Welcome to the Task Sequence Wizard** page, type in the password **Passw0rd!** and click **Next**.
-
-3.  On the **Select a task sequence to run** page, select **Windows 10 Enterprise x64 RTM** and click **Next**.
-
-4.  On the **Edit Task Sequence Variables** page, double-click the **OSDComputerName** variable, and in the **Value** field, type **PC0001** and click **OK**. Then click **Next**.
-
-![figure 32](../images/mdt-06-fig37.png)
-
-Figure 32. Typing in the computer name.
-
-## Related topics
-
-
-[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
-
-[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
-[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
-
-[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
-
-[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
-
-[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
-
-[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
-
-[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
-[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
- 
-
- 
-
-
-
-
-
+---
+title: Deploy Windows 10 using PXE and Configuration Manager (Windows 10)
+description: In this topic, you will learn how to deploy Windows 10 using Microsoft Endpoint Configuration Manager deployment packages and task sequences.
+ms.assetid: fb93f514-5b30-4f4b-99dc-58e6860009fa
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+keywords: deployment, image, UEFI, task sequence
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Deploy Windows 10 using PXE and Configuration Manager
+
+
+**Applies to**
+
+-   Windows 10 versions 1507, 1511
+
+>[!IMPORTANT]
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+
+In this topic, you will learn how to deploy Windows 10 using Microsoft Endpoint Configuration Manager deployment packages and task sequences. This topic will walk you through the process of deploying the Windows 10 Enterprise image to a Unified Extensible Firmware Interface (UEFI) machine named PC0001.
+
+For the purposes of this topic, we will use two additional machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. DC01, CM01, and PC0001 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
+
+1.  Start the PC0001 machine. At the Pre-Boot Execution Environment (PXE) boot menu, press **Enter** to allow it to PXE boot.
+
+    ![figure 31](../images/mdt-06-fig36.png)
+
+    Figure 31. PXE booting PC0001.
+
+2.  On the **Welcome to the Task Sequence Wizard** page, type in the password **Passw0rd!** and click **Next**.
+
+3.  On the **Select a task sequence to run** page, select **Windows 10 Enterprise x64 RTM** and click **Next**.
+
+4.  On the **Edit Task Sequence Variables** page, double-click the **OSDComputerName** variable, and in the **Value** field, type **PC0001** and click **OK**. Then click **Next**.
+
+![figure 32](../images/mdt-06-fig37.png)
+
+Figure 32. Typing in the computer name.
+
+## Related topics
+
+
+[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
+
+[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
+
+[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
+
+[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+
+[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+
+[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
+
+[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+ 
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md b/windows/deployment/deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md
index b933315e49..06c696d2c7 100644
--- a/windows/deployment/deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md
@@ -1,114 +1,115 @@
----
-title: Deploy Windows 10 with System Center 2012 R2 Configuration Manager (Windows 10)
-description: If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10.
-ms.assetid: eacd7b7b-dde0-423d-97cd-29bde9e8b363
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-keywords: deployment, custom, boot
-ms.prod: w10
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Deploy Windows 10 with System Center 2012 R2 Configuration Manager
-
-
-**Applies to**
-
--   Windows 10 versions 1507, 1511
-
->[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems).
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
-
-If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT).
-
-For the purposes of this topic, we will use four machines: DC01, CM01, PC0003, and PC0004. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 standard. PC0003 and PC0004 are machines with Windows 7 SP1, on which Windows 10 will be deployed via both refresh and replace scenarios. In addition to these four ready-made machines, you could also include a few blank virtual machines to be used for bare-metal deployments. DC01, CM01, PC003, and PC0004 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
-
-![figure 1](../images/mdt-06-fig01.png)
-
-Figure 1. The machines used in this topic.
-
-## In this section
-
-
--   [Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
-
--   [Prepare for Zero Touch Installation of Windows with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
--   [Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
-
--   [Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
-
--   [Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
-
--   [Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
-
--   [Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
-
--   [Finalize the operating system configuration for Windows 10 deployment with Configuration Manager](finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md)
-
--   [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
-
--   [Monitor the Windows 10 deployment with Configuration Manager](monitor-windows-10-deployment-with-configuration-manager.md)
-
--   [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
--   [Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
-## Components of Configuration Manager operating system deployment
-
-
-Operating system deployment with Configuration Manager is part of the normal software distribution infrastructure, but there are additional components. For example, operating system deployment in Configuration Manager may use the State Migration Point role, which is not used by normal application deployment in Configuration Manager. This section describes the Configuration Manager components involved with the deployment of an operating system, such as Windows 10.
-
--   **State migration point (SMP).** The state migration point is used to store user state migration data during computer replace scenarios.
-
--   **Distribution point (DP).** The distribution point is used to store all packages in Configuration Manager, including the operating system deployment-related packages.
-
--   **Software update point (SUP).** The software update point, which is normally used to deploy updates to existing machines, also can be used to update an operating system as part of the deployment process. You also can use offline servicing to update the image directly on the Configuration Manager server.
-
--   **Reporting services point.** The reporting services point can be used to monitor the operating system deployment process.
-
--   **Boot images.** Boot images are the Windows Preinstallation Environment (Windows PE) images Configuration Manager uses to start the deployment.
-
--   **Operating system images.** The operating system image package contains only one file, the custom .wim image. This is typically the production deployment image.
-
--   **Operating system installers.** The operating system installers were originally added to create reference images using Configuration Manager. Instead, we recommend that you use MDT Lite Touch to create your reference images. For more information on how to create a reference image, see [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md).
-
--   **Drivers.** Like MDT Lite Touch, Configuration Manager also provides a repository (catalog) of managed device drivers.
-
--   **Task sequences.** The task sequences in Configuration Manager look and feel pretty much like the sequences in MDT Lite Touch, and they are used for the same purpose. However, in Configuration Manager the task sequence is delivered to the clients as a policy via the Management Point (MP). MDT provides additional task sequence templates to Configuration Manager.
-
-    **Note**  Configuration Manager SP1 along with the Windows Assessment and Deployment Kit (ADK) for Windows 10 are required to support management and deployment of Windows 10.
-
-     
-
-## See also
-
-
--   [Microsoft Deployment Toolkit downloads and resources](https://go.microsoft.com/fwlink/p/?LinkId=618117)
-
--   [Windows deployment tools](../windows-deployment-scenarios-and-tools.md)
-
--   [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
-
--   [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](../upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
-
--   [Deploy Windows To Go in your organization](../deploy-windows-to-go.md)
-
--   [Sideload Windows Store apps](https://technet.microsoft.com/library/dn613831.aspx)
-
--   [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803)
-
- 
-
- 
-
-
-
-
-
+---
+title: Deploy Windows 10 with Microsoft Endpoint Configuration Manager (Windows 10)
+description: If you have Microsoft Endpoint Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10.
+ms.assetid: eacd7b7b-dde0-423d-97cd-29bde9e8b363
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+keywords: deployment, custom, boot
+ms.prod: w10
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Deploy Windows 10 with Microsoft Endpoint Configuration Manager
+
+
+**Applies to**
+
+-   Windows 10 versions 1507, 1511
+
+>[!IMPORTANT]
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems).
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+
+If you have Microsoft Endpoint Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT).
+
+For the purposes of this topic, we will use four machines: DC01, CM01, PC0003, and PC0004. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 standard. PC0003 and PC0004 are machines with Windows 7 SP1, on which Windows 10 will be deployed via both refresh and replace scenarios. In addition to these four ready-made machines, you could also include a few blank virtual machines to be used for bare-metal deployments. DC01, CM01, PC003, and PC0004 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
+
+![figure 1](../images/mdt-06-fig01.png)
+
+Figure 1. The machines used in this topic.
+
+## In this section
+
+
+-   [Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
+
+-   [Prepare for Zero Touch Installation of Windows with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+-   [Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
+
+-   [Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
+
+-   [Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+
+-   [Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+
+-   [Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
+
+-   [Finalize the operating system configuration for Windows 10 deployment with Configuration Manager](finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md)
+
+-   [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
+
+-   [Monitor the Windows 10 deployment with Configuration Manager](monitor-windows-10-deployment-with-configuration-manager.md)
+
+-   [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+-   [Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+## Components of Configuration Manager operating system deployment
+
+
+Operating system deployment with Configuration Manager is part of the normal software distribution infrastructure, but there are additional components. For example, operating system deployment in Configuration Manager may use the State Migration Point role, which is not used by normal application deployment in Configuration Manager. This section describes the Configuration Manager components involved with the deployment of an operating system, such as Windows 10.
+
+-   **State migration point (SMP).** The state migration point is used to store user state migration data during computer replace scenarios.
+
+-   **Distribution point (DP).** The distribution point is used to store all packages in Configuration Manager, including the operating system deployment-related packages.
+
+-   **Software update point (SUP).** The software update point, which is normally used to deploy updates to existing machines, also can be used to update an operating system as part of the deployment process. You also can use offline servicing to update the image directly on the Configuration Manager server.
+
+-   **Reporting services point.** The reporting services point can be used to monitor the operating system deployment process.
+
+-   **Boot images.** Boot images are the Windows Preinstallation Environment (Windows PE) images Configuration Manager uses to start the deployment.
+
+-   **Operating system images.** The operating system image package contains only one file, the custom .wim image. This is typically the production deployment image.
+
+-   **Operating system installers.** The operating system installers were originally added to create reference images using Configuration Manager. Instead, we recommend that you use MDT Lite Touch to create your reference images. For more information on how to create a reference image, see [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md).
+
+-   **Drivers.** Like MDT Lite Touch, Configuration Manager also provides a repository (catalog) of managed device drivers.
+
+-   **Task sequences.** The task sequences in Configuration Manager look and feel pretty much like the sequences in MDT Lite Touch, and they are used for the same purpose. However, in Configuration Manager the task sequence is delivered to the clients as a policy via the Management Point (MP). MDT provides additional task sequence templates to Configuration Manager.
+
+    **Note**  Configuration Manager SP1 along with the Windows Assessment and Deployment Kit (ADK) for Windows 10 are required to support management and deployment of Windows 10.
+
+     
+
+## See also
+
+
+-   [Microsoft Deployment Toolkit downloads and resources](https://go.microsoft.com/fwlink/p/?LinkId=618117)
+
+-   [Windows deployment tools](../windows-deployment-scenarios-and-tools.md)
+
+-   [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
+
+-   [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](../upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
+
+-   [Deploy Windows To Go in your organization](../deploy-windows-to-go.md)
+
+-   [Sideload Windows Store apps](https://technet.microsoft.com/library/dn613831.aspx)
+
+-   [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803)
+
+ 
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md
index bad7159496..12fea06c8f 100644
--- a/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md
@@ -23,10 +23,10 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
 
-This topic walks you through the steps to finalize the configuration of your Windows 10 operating deployment, which includes enablement of the optional Microsoft Deployment Toolkit (MDT) monitoring for Microsoft System Center 2012 R2 Configuration Manager, logs folder creation, rules configuration, content distribution, and deployment of the previously created task sequence.
+This topic walks you through the steps to finalize the configuration of your Windows 10 operating deployment, which includes enablement of the optional Microsoft Deployment Toolkit (MDT) monitoring for Microsoft Endpoint Configuration Manager, logs folder creation, rules configuration, content distribution, and deployment of the previously created task sequence.
 
 For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. Both are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
diff --git a/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md
index e09b542e0e..bea24fb1c9 100644
--- a/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md
@@ -23,14 +23,14 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
 
-In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft System Center 2012 R2 Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. You will also use the Deployment Workbench to access the computer remotely via the Microsoft Diagnostics and Recovery Toolkit (DaRT) Remote Connection feature.
+In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft Endpoint Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. You will also use the Deployment Workbench to access the computer remotely via the Microsoft Diagnostics and Recovery Toolkit (DaRT) Remote Connection feature.
 
 For the purposes of this topic, we will use four machines: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. PC0001 is a Unified Extensible Firmware Interface (UEFI) machine to which Windows 10 Enterprise has been deployed. DC01, CM01, and PC0001 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
-To monitor an operating system deployment conducted through System Center 2012 R2 Configuration Manager, you will use the Deployment Workbench in MDT as follows:
+To monitor an operating system deployment conducted through  Microsoft Endpoint Configuration Manager, you will use the Deployment Workbench in MDT as follows:
 
 1.  On CM01, using the Deployment Workbench, expand **MDT Production**, and use the **Monitoring** node to view the deployment process (press **F5** to refresh).
 
diff --git a/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
index 2951abbc45..1e8f2eb90b 100644
--- a/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
@@ -23,10 +23,10 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
 
-This topic will walk you through the process of integrating Microsoft System Center 2012 R2 Configuration Manager SP1 with Microsoft Deployment Toolkit (MDT) 2013 Update 2, as well as the other preparations needed to deploying Windows 10 via Zero Touch Installation. Additional preparations include the installation of hotfixes as well as activities that speed up the Pre-Boot Execution Environment (PXE).
+This topic will walk you through the process of integrating Microsoft Endpoint Configuration Manager SP1 with Microsoft Deployment Toolkit (MDT) 2013 Update 2, as well as the other preparations needed to deploying Windows 10 via Zero Touch Installation. Additional preparations include the installation of hotfixes as well as activities that speed up the Pre-Boot Execution Environment (PXE).
 
 ## Prerequisites
 
@@ -45,7 +45,7 @@ In this topic, you will use an existing Configuration Manager server structure t
 
 -   A Configuration Manager console folder structure for packages has been created.
 
--   System Center 2012 R2 Configuration Manager SP1 and any additional Windows 10 prerequisites are installed.
+-   Microsoft Endpoint Configuration Manager and any additional Windows 10 prerequisites are installed.
 
 For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. DC01 and CM01 are both members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
diff --git a/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md
index f807d3f0e8..b88c225cd4 100644
--- a/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md
@@ -23,12 +23,12 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
 
-This topic will show you how to use a previously created task sequence to refresh a Windows 7 SP1 client with Windows 10 using Microsoft System Center 2012 R2 Configuration Manager and Microsoft Deployment Toolkit (MDT) 2013 Update 2. When refreshing a machine to a later version, it appears as an upgrade to the end user, but technically it is not an in-place upgrade. A computer refresh also involves taking care of user data and settings from the old installation and making sure to restore those at the end of the installation. For more information, see [Refresh a Windows 7 computer with Windows 10](../deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10.md).
+This topic will show you how to use a previously created task sequence to refresh a Windows 7 SP1 client with Windows 10 using Microsoft Endpoint Configuration Manager and Microsoft Deployment Toolkit (MDT) 2013 Update 2. When refreshing a machine to a later version, it appears as an upgrade to the end user, but technically it is not an in-place upgrade. A computer refresh also involves taking care of user data and settings from the old installation and making sure to restore those at the end of the installation. For more information, see [Refresh a Windows 7 computer with Windows 10](../deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10.md).
 
-A computer refresh with System Center 2012 R2 Configuration Manager works the same as it does with MDT Lite Touch installation. Configuration Manager also uses the User State Migration Tool (USMT) from the Windows Assessment and Deployment Kit (Windows ADK) 10 in the background. A computer refresh with Configuration Manager involves the following steps:
+A computer refresh with Microsoft Endpoint Configuration Manager works the same as it does with MDT Lite Touch installation. Configuration Manager also uses the User State Migration Tool (USMT) from the Windows Assessment and Deployment Kit (Windows ADK) 10 in the background. A computer refresh with Configuration Manager involves the following steps:
 
 1.  Data and settings are backed up locally in a backup folder.
 
diff --git a/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
index 45d77e1fa1..4f12606f4d 100644
--- a/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
@@ -1,240 +1,241 @@
----
-title: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager (Windows 10)
-description: In this topic, you will learn how to replacing a Windows 7 SP1 computer using Microsoft System Center 2012 R2 Configuration Manager.
-ms.assetid: 3c8a2d53-8f08-475f-923a-bca79ca8ac36
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-keywords: upgrade, install, installation, replace computer, setup
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager
-
-
-**Applies to**
-
--   Windows 10 versions 1507, 1511
-
->[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
-
-In this topic, you will learn how to replace a Windows 7 SP1 computer using Microsoft System Center 2012 R2 Configuration Manager. This process is similar to refreshing a computer, but since you are replacing the machine, you have to run the backup job separately from the deployment of Windows 10.
-
-For the purposes of this topic, we will use three machines: DC01, CM01, and PC0004. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. PC0004 is a machine with Windows 7 SP1 that will be replaced with a new machine running Windows 10. DC01, CM01, and PC0004 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
-
-In this topic, you will create a backup-only task sequence that you run on PC0004, the machine you are replacing. For more information, see [Replace a Windows 7 computer with a Windows 10 computer](../deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md).
-
-## <a href="" id="sec01"></a>Create a replace task sequence
-
-
-1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**.
-
-2. On the **Choose Template** page, select the **Client Replace Task Sequence** template and click **Next**.
-
-3. On the **General** page, assign the following settings and click **Next**:
-
-   * Task sequence name: Replace Task Sequence
-
-   * Task sequence comments: USMT backup only
-
-4. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then click **Next**.
-
-5. On the **MDT Package** page, browse and select the **OSD / MDT** package. Then click **Next**.
-
-6. On the **USMT Package** page, browse and select the O**SD / Microsoft Corporation User State Migration Tool for Windows 8 10.0.10240.16384** package. Then click **Next**.
-
-7. On the **Settings Package** page, browse and select the **OSD / Windows 10 x64 Settings** package. Then click **Next**.
-
-8. On the **Summary** page, review the details and then click **Next**.
-
-9. On the **Confirmation** page, click **Finish**.
-
-10. Review the Replace Task Sequence. 
-    >[!NOTE]
-    >This task sequence has many fewer actions than the normal client task sequence. If it doesn't seem different, make sure you selected the Client Replace Task Sequence template when creating the task sequence.
-
-![The back-up only task sequence](../images/mdt-06-fig42.png "The back-up only task sequence")
-
-Figure 34. The backup-only task sequence (named Replace Task Sequence).
-
-## <a href="" id="sec02"></a>Associate the new machine with the old computer
-
-
-This section walks you through the process of associating a blank machine, PC0006, with an old machine, PC0004, for the purpose of replacing PC0004 with PC0006. PC0006 can be either a physical or virtual machine.
-
-1.  Make a note of the PC0006 machine's MAC Address. (If PC0006 is a virtual machine, you can see the MAC Address in the virtual machine settings.) In our example, the PC0006 MAC Address is 00:15:5D:0A:6A:96.
-
-2.  Using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Devices**, and then select **Import Computer Information**.
-
-3.  On the **Select Source** page, select **Import single computer** and click **Next**.
-
-4.  On the **Single Computer** page, use the following settings and then click **Next**:
-
-    * Computer Name: PC0006
-
-    * MAC Address: &lt;the mac address from step 1&gt;
-
-    * Source Computer: PC0004
-
-    ![Create the computer association](../images/mdt-06-fig43.png "Create the computer association")
-
-    Figure 35. Creating the computer association between PC0004 and PC0006.
-
-5.  On the **User Accounts** page, select **Capture and restore all user accounts** and click **Next**.
-
-6.  On the **Data Preview** page, click **Next**.
-
-7.  On the **Choose Target Collection** page, select the **Install Windows 10 Enterprise x64** collection and click **Next**.
-
-8.  On the **Summary** page, click **Next**, and then click **Close**.
-
-9.  Select the **User State Migration** node and review the computer association in the right pane.
-
-10. Right-click the **PC0004/PC0006** association and select **View Recovery Information**. Note that a recovery key has been assigned already, but a user state store location has not.
-
-11. Review the Install Windows 10 Enterprise x64 collection. Do not continue until you see the PC0006 machine in the collection. You might have to update and refresh the collection again.
-
-## <a href="" id="sec03"></a>Create a device collection and add the PC0004 computer
-
-
-1.  On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings.
-
-    * General
-
-    * Name: USMT Backup (Replace)
-
-    * Limited Collection: All Systems
-
-    * Membership rules:
-
-    * Direct rule
-
-    * Resource Class: System Resource
-
-    * Attribute Name: Name
-
-    * Value: PC0004
-
-    * Select **Resources**
-
-    * Select **PC0004**
-
-2.  Review the USMT Backup (Replace) collection. Do not continue until you see the PC0004 machine in the collection.
-
-## <a href="" id="sec04"></a>Create a new deployment
-
-
-Using the Configuration Manager console, in the Software Library workspace, select **Task Sequences**, right-click **Replace Task Sequence**, and then select **Deploy**. Use the following settings:
-
--   General
-
-    -   Collection: USMT Backup (Replace)
-
--   Deployment Settings
-
-    -   Purpose: Available
-
-    -   Make available to the following: Only Configuration Manager Clients
-
--   Scheduling
-
-    -   &lt;default&gt;
-
--   User Experience
-
-    -   &lt;default&gt;
-
--   Alerts
-
-    -   &lt;default&gt;
-
--   Distribution Points
-
-    -   &lt;default&gt;
-
-## <a href="" id="sec05"></a>Verify the backup
-
-
-This section assumes that you have a machine named PC0004 with the Configuration Manager 2012 client installed.
-
-1.  Start the PC0004 machine, and using the Control Panel, start the Configuration Manager applet.
-
-2.  In the **Actions** tab, select the **Machine Policy Retrieval & Evaluation Cycle**, select **Run Now**, and click **OK**.
-
-    >[!NOTE]
-    >You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md).
-
-3.  Using the Software Center, select the **Replace Task Sequence** deployment and click **INSTALL**.
-
-4.  In the **Software Center** dialog box, click **INSTALL OPERATING SYSTEM**.
-
-5.  Allow the Replace Task Sequence to complete. It should only take about five minutes.
-
-6.  On CM01, in the **D:\\MigData** folder, verify that a folder was created containing the USMT backup.
-
-7.  Using the Configuration Manager console, in the Asset and Compliance workspace, select the **User State Migration** node, right-click the **PC0004/PC0006** association, and select **View Recovery Information**. Note that the object now also has a user state store location.
-
-    >[!NOTE]
-    >It may take a few minutes for the user state store location to be populated.
-
- 
-
-## <a href="" id="sec06"></a>Deploy the new computer
-
-
-1.  Start the PC0006 virtual machine, press **F12** to Pre-Boot Execution Environment (PXE) boot when prompted. Allow it to boot Windows Preinstallation Environment (Windows PE), and then complete the deployment wizard using the following settings:
-
-    * Password: P@ssw0rd
-
-    * Select a task sequence to execute on this computer: Windows 10 Enterprise x64 Custom Image
-
-2.  The setup now starts and does the following:
-
-    * Installs the Windows 10 operating system
-
-    * Installs the Configuration Manager client
-
-    * Joins it to the domain
-
-    * Installs the applications
-
-    * Restores the PC0004 backup
-
-When the process is complete, you will have a new Windows 10 machine in your domain with user data and settings restored.
-
-## Related topics
-
-
-[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
-
-[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
-[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
-
-[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
-
-[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
-
-[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
-
-[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
-
-[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
-
-[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
- 
-
- 
-
-
-
-
-
+---
+title: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager (Windows 10)
+description: In this topic, you will learn how to replacing a Windows 7 SP1 computer using Microsoft Endpoint Configuration Manager.
+ms.assetid: 3c8a2d53-8f08-475f-923a-bca79ca8ac36
+ms.reviewer: 
+manager: laurawi
+ms.author: greglin
+keywords: upgrade, install, installation, replace computer, setup
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager
+
+
+**Applies to**
+
+-   Windows 10 versions 1507, 1511
+
+>[!IMPORTANT]
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+
+In this topic, you will learn how to replace a Windows 7 SP1 computer using Microsoft Endpoint Configuration Manager. This process is similar to refreshing a computer, but since you are replacing the machine, you have to run the backup job separately from the deployment of Windows 10.
+
+For the purposes of this topic, we will use three machines: DC01, CM01, and PC0004. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. PC0004 is a machine with Windows 7 SP1 that will be replaced with a new machine running Windows 10. DC01, CM01, and PC0004 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
+
+In this topic, you will create a backup-only task sequence that you run on PC0004, the machine you are replacing. For more information, see [Replace a Windows 7 computer with a Windows 10 computer](../deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md).
+
+## <a href="" id="sec01"></a>Create a replace task sequence
+
+
+1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**.
+
+2. On the **Choose Template** page, select the **Client Replace Task Sequence** template and click **Next**.
+
+3. On the **General** page, assign the following settings and click **Next**:
+
+   * Task sequence name: Replace Task Sequence
+
+   * Task sequence comments: USMT backup only
+
+4. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then click **Next**.
+
+5. On the **MDT Package** page, browse and select the **OSD / MDT** package. Then click **Next**.
+
+6. On the **USMT Package** page, browse and select the O**SD / Microsoft Corporation User State Migration Tool for Windows 8 10.0.10240.16384** package. Then click **Next**.
+
+7. On the **Settings Package** page, browse and select the **OSD / Windows 10 x64 Settings** package. Then click **Next**.
+
+8. On the **Summary** page, review the details and then click **Next**.
+
+9. On the **Confirmation** page, click **Finish**.
+
+10. Review the Replace Task Sequence. 
+    >[!NOTE]
+    >This task sequence has many fewer actions than the normal client task sequence. If it doesn't seem different, make sure you selected the Client Replace Task Sequence template when creating the task sequence.
+
+![The back-up only task sequence](../images/mdt-06-fig42.png "The back-up only task sequence")
+
+Figure 34. The backup-only task sequence (named Replace Task Sequence).
+
+## <a href="" id="sec02"></a>Associate the new machine with the old computer
+
+
+This section walks you through the process of associating a blank machine, PC0006, with an old machine, PC0004, for the purpose of replacing PC0004 with PC0006. PC0006 can be either a physical or virtual machine.
+
+1.  Make a note of the PC0006 machine's MAC Address. (If PC0006 is a virtual machine, you can see the MAC Address in the virtual machine settings.) In our example, the PC0006 MAC Address is 00:15:5D:0A:6A:96.
+
+2.  Using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Devices**, and then select **Import Computer Information**.
+
+3.  On the **Select Source** page, select **Import single computer** and click **Next**.
+
+4.  On the **Single Computer** page, use the following settings and then click **Next**:
+
+    * Computer Name: PC0006
+
+    * MAC Address: &lt;the mac address from step 1&gt;
+
+    * Source Computer: PC0004
+
+    ![Create the computer association](../images/mdt-06-fig43.png "Create the computer association")
+
+    Figure 35. Creating the computer association between PC0004 and PC0006.
+
+5.  On the **User Accounts** page, select **Capture and restore all user accounts** and click **Next**.
+
+6.  On the **Data Preview** page, click **Next**.
+
+7.  On the **Choose Target Collection** page, select the **Install Windows 10 Enterprise x64** collection and click **Next**.
+
+8.  On the **Summary** page, click **Next**, and then click **Close**.
+
+9.  Select the **User State Migration** node and review the computer association in the right pane.
+
+10. Right-click the **PC0004/PC0006** association and select **View Recovery Information**. Note that a recovery key has been assigned already, but a user state store location has not.
+
+11. Review the Install Windows 10 Enterprise x64 collection. Do not continue until you see the PC0006 machine in the collection. You might have to update and refresh the collection again.
+
+## <a href="" id="sec03"></a>Create a device collection and add the PC0004 computer
+
+
+1.  On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings.
+
+    * General
+
+    * Name: USMT Backup (Replace)
+
+    * Limited Collection: All Systems
+
+    * Membership rules:
+
+    * Direct rule
+
+    * Resource Class: System Resource
+
+    * Attribute Name: Name
+
+    * Value: PC0004
+
+    * Select **Resources**
+
+    * Select **PC0004**
+
+2.  Review the USMT Backup (Replace) collection. Do not continue until you see the PC0004 machine in the collection.
+
+## <a href="" id="sec04"></a>Create a new deployment
+
+
+Using the Configuration Manager console, in the Software Library workspace, select **Task Sequences**, right-click **Replace Task Sequence**, and then select **Deploy**. Use the following settings:
+
+-   General
+
+    -   Collection: USMT Backup (Replace)
+
+-   Deployment Settings
+
+    -   Purpose: Available
+
+    -   Make available to the following: Only Configuration Manager Clients
+
+-   Scheduling
+
+    -   &lt;default&gt;
+
+-   User Experience
+
+    -   &lt;default&gt;
+
+-   Alerts
+
+    -   &lt;default&gt;
+
+-   Distribution Points
+
+    -   &lt;default&gt;
+
+## <a href="" id="sec05"></a>Verify the backup
+
+
+This section assumes that you have a machine named PC0004 with the Configuration Manager 2012 client installed.
+
+1.  Start the PC0004 machine, and using the Control Panel, start the Configuration Manager applet.
+
+2.  In the **Actions** tab, select the **Machine Policy Retrieval & Evaluation Cycle**, select **Run Now**, and click **OK**.
+
+    >[!NOTE]
+    >You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md).
+
+3.  Using the Software Center, select the **Replace Task Sequence** deployment and click **INSTALL**.
+
+4.  In the **Software Center** dialog box, click **INSTALL OPERATING SYSTEM**.
+
+5.  Allow the Replace Task Sequence to complete. It should only take about five minutes.
+
+6.  On CM01, in the **D:\\MigData** folder, verify that a folder was created containing the USMT backup.
+
+7.  Using the Configuration Manager console, in the Asset and Compliance workspace, select the **User State Migration** node, right-click the **PC0004/PC0006** association, and select **View Recovery Information**. Note that the object now also has a user state store location.
+
+    >[!NOTE]
+    >It may take a few minutes for the user state store location to be populated.
+
+ 
+
+## <a href="" id="sec06"></a>Deploy the new computer
+
+
+1.  Start the PC0006 virtual machine, press **F12** to Pre-Boot Execution Environment (PXE) boot when prompted. Allow it to boot Windows Preinstallation Environment (Windows PE), and then complete the deployment wizard using the following settings:
+
+    * Password: P@ssw0rd
+
+    * Select a task sequence to execute on this computer: Windows 10 Enterprise x64 Custom Image
+
+2.  The setup now starts and does the following:
+
+    * Installs the Windows 10 operating system
+
+    * Installs the Configuration Manager client
+
+    * Joins it to the domain
+
+    * Installs the applications
+
+    * Restores the PC0004 backup
+
+When the process is complete, you will have a new Windows 10 machine in your domain with user data and settings restored.
+
+## Related topics
+
+
+[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
+
+[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
+
+[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
+
+[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+
+[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+
+[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
+
+[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
+
+[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+ 
+
+ 
+
+
+
+
+
diff --git a/windows/deployment/deploy.md b/windows/deployment/deploy.md
index e9b3ec607d..ee22704919 100644
--- a/windows/deployment/deploy.md
+++ b/windows/deployment/deploy.md
@@ -28,10 +28,10 @@ Windows 10 upgrade options are discussed and information is provided about plann
 |[Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) |This topic provides information about support for upgrading from one edition of Windows 10 to another. |
 |[Windows 10 volume license media](windows-10-media.md) |This topic provides information about updates to volume licensing media in the current version of Windows 10. |
 |[Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) |With Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft. The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded. | 
-|[Windows 10 deployment test lab](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, additional guides are provided to  deploy Windows 10 in the test lab using [Microsoft Deployment Toolkit](windows-10-poc-mdt.md) or [System Center Configuration Manager](windows-10-poc-sc-config-mgr.md). |
+|[Windows 10 deployment test lab](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, additional guides are provided to  deploy Windows 10 in the test lab using [Microsoft Deployment Toolkit](windows-10-poc-mdt.md) or [Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md). |
 |[Plan for Windows 10 deployment](planning/index.md) | This section describes Windows 10 deployment considerations and provides information to assist in Windows 10 deployment planning. |
 |[Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) |This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT). |
-|[Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or. |
+|[Deploy Windows 10 with Microsoft EndpointConfiguration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft Endpoint Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or. |
 |[Windows 10 deployment tools](windows-10-deployment-tools-reference.md) |Learn about available tools to deploy Windows 10, such as the Windows ADK, DISM, USMT, WDS, MDT, Windows PE and more. |
 |[How to install fonts that are missing after upgrading to Windows 10](windows-10-missing-fonts.md)|Windows 10 introduced changes to the fonts that are included in the image by default. Learn how to install additional fonts from **Optional features** after you install Windows 10 or upgrade from a previous version.|
 

From addf69f3ef78b6dbd95544b24e8c19963e63edf6 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 31 Dec 2019 16:34:16 -0800
Subject: [PATCH 019/247] Rebrand System Center to Msft Endpoint - Ten

---
 devices/surface/TOC.md                         |  2 +-
 devices/surface/change-history-for-surface.md  |  4 ++--
 ...-and-system-center-configuration-manager.md | 18 +++++++++---------
 ...stomize-the-oobe-for-surface-deployments.md |  2 +-
 ...face-app-with-windows-store-for-business.md |  2 +-
 .../surface-system-sku-reference.md            |  2 +-
 ...p-fast-and-cisco-leap-on-surface-devices.md |  2 +-
 ...-and-configure-surface-devices-with-semm.md |  4 ++--
 ...t-adapters-and-surface-device-deployment.md |  2 +-
 ...nage-surface-driver-and-firmware-updates.md | 12 ++++++------
 ...p-by-step-surface-deployment-accelerator.md |  2 +-
 ...evice-compatibility-with-windows-10-ltsc.md |  2 +-
 .../surface-diagnostic-toolkit-command-line.md |  2 +-
 .../surface/surface-dock-firmware-update.md    |  2 +-
 .../surface-enterprise-management-mode.md      |  4 ++--
 .../surface/surface-system-sku-reference.md    |  2 +-
 ...tion-manager-to-manage-devices-with-semm.md |  2 +-
 .../surface/wake-on-lan-for-surface-devices.md |  6 +++---
 .../windows/chromebook-migration-guide.md      |  4 ++--
 .../windows/deploy-windows-10-in-a-school.md   |  2 +-
 education/windows/take-a-test-multiple-pcs.md  |  2 +-
 education/windows/take-tests-in-windows-10.md  |  2 +-
 ...-microsoft-application-virtualization-45.md |  2 +-
 mdop/appv-v4/app-v-upgrade-checklist.md        |  2 +-
 .../appv-v4/determine-your-streaming-method.md |  2 +-
 ...are-distribution-based-scenario-overview.md |  2 +-
 .../overview-of-application-virtualization.md  |  2 +-
 ...or-the-application-virtualization-system.md |  2 +-
 ...ing-for-migration-from-previous-versions.md |  2 +-
 ...ibution-as-a-package-management-solution.md |  2 +-
 30 files changed, 49 insertions(+), 49 deletions(-)

diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md
index bc26815d56..1da5ccd9f1 100644
--- a/devices/surface/TOC.md
+++ b/devices/surface/TOC.md
@@ -55,7 +55,7 @@
 ### [Surface Enterprise Management Mode](surface-enterprise-management-mode.md)
 ### [Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md)
 ### [Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md)
-### [Use System Center Configuration Manager to manage devices with SEMM](use-system-center-configuration-manager-to-manage-devices-with-semm.md)
+### [Use Microsoft Endpoint Configuration Manager to manage devices with SEMM](use-system-center-configuration-manager-to-manage-devices-with-semm.md)
 ### [Surface Data Eraser](microsoft-surface-data-eraser.md)
 
 ## Troubleshoot
diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md
index ebbb3fc3b5..e675ca245a 100644
--- a/devices/surface/change-history-for-surface.md
+++ b/devices/surface/change-history-for-surface.md
@@ -167,7 +167,7 @@ New or changed topic | Description
 |New or changed topic | Description |
 | --- | --- |
 |[Surface Enterprise Management Mode](surface-enterprise-management-mode.md) | Added procedure for viewing certificate thumbprint. |
-|[Use System Center Configuration Manager to manage devices with SEMM](use-system-center-configuration-manager-to-manage-devices-with-semm.md) | New |
+|[Use Microsoft Endpoint Configuration Manager to manage devices with SEMM](use-system-center-configuration-manager-to-manage-devices-with-semm.md) | New |
 
 
 
@@ -175,7 +175,7 @@ New or changed topic | Description
 
 | New or changed topic | Description |
 | --- | --- |
-| [Considerations for Surface and System Center Configuration Manager](considerations-for-surface-and-system-center-configuration-manager.md) | New |
+| [Considerations for Surface and Microsoft Endpoint Configuration Manager](considerations-for-surface-and-system-center-configuration-manager.md) | New |
 | [Long-term servicing branch for Surface devices](ltsb-for-surface.md) | New |
 
 
diff --git a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
index 2513abc0f9..1abd2b9751 100644
--- a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
+++ b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
@@ -16,25 +16,25 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Considerations for Surface and System Center Configuration Manager
+# Considerations for Surface and Microsoft Endpoint Configuration Manager
 
-Fundamentally, management and deployment of Surface devices with System Center Configuration Manager is the same as the management and deployment of any other PC. Like any other PC, a deployment to Surface devices includes importing drivers, importing a Windows image, preparing a deployment task sequence, and then deploying the task sequence to a collection. After deployment, Surface devices are like any other Windows client; to publish apps, settings, and policies, you use the same process as you would use for any other device.
+Fundamentally, management and deployment of Surface devices with Microsoft Endpoint Configuration Manager is the same as the management and deployment of any other PC. Like any other PC, a deployment to Surface devices includes importing drivers, importing a Windows image, preparing a deployment task sequence, and then deploying the task sequence to a collection. After deployment, Surface devices are like any other Windows client; to publish apps, settings, and policies, you use the same process as you would use for any other device.
 
-You can find more information about how to use Configuration Manager to deploy and manage devices in the [Documentation for System Center Configuration Manager](https://docs.microsoft.com/sccm/index).
+You can find more information about how to use Configuration Manager to deploy and manage devices in the [Documentation for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/index).
 
 Although the deployment and management of Surface devices is fundamentally the same as any other PC, there are some scenarios that may require additional considerations or steps. This article provides descriptions and guidance for these scenarios. The solutions documented in this article may apply to other devices and manufacturers as well.
 
 > [!NOTE]
-> For management of Surface devices it is recommended that you use the Current Branch of System Center Configuration Manager.
+> For management of Surface devices it is recommended that you use the Current Branch of Microsoft Endpoint Configuration Manager.
 
 ## Updating Surface device drivers and firmware
 
 
-For devices that recieve updates through Windows Update, drivers for Surface components (and even firmware updates) are applied automatically as part of the Windows Update process. For devices with managed updates, such as those updated through Windows Server Update Services (WSUS) or System Center Configuration Manager, see [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates/).
+For devices that recieve updates through Windows Update, drivers for Surface components (and even firmware updates) are applied automatically as part of the Windows Update process. For devices with managed updates, such as those updated through Windows Server Update Services (WSUS) or Configuration Manager, see [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates/).
 
 
 > [!NOTE]
-> Surface device drivers and firmware are signed with SHA-256, which is not natively supported by Windows Server 2008 R2. A workaround is available for Configuration Manager environments running on Windows Server 2008 R2. For more information, see [Can't import drivers into System Center Configuration Manager (KB3025419)](https://support.microsoft.com/kb/3025419).
+> Surface device drivers and firmware are signed with SHA-256, which is not natively supported by Windows Server 2008 R2. A workaround is available for Configuration Manager environments running on Windows Server 2008 R2. For more information, see [Can't import drivers into Microsoft Endpoint Configuration Manager (KB3025419)](https://support.microsoft.com/kb/3025419).
 
 ## Surface Ethernet adapters and Configuration Manager deployment
 
@@ -42,9 +42,9 @@ The default mechanism that Configuration Manager uses to identify devices during
 
 To ensure that Surface devices using the same Ethernet adapter are identified as unique devices during deployment, you can instruct Configuration Manager to identify devices using another method. This other method could be the MAC address of the wireless network adapter or the System Universal Unique Identifier (System UUID). You can specify that Configuration Manager use other identification methods with the following options:
 
-* Add an exclusion for the MAC addresses of Surface Ethernet adapters, which forces Configuration Manager to overlook the MAC address in preference of the System UUID, as documented in the [Reusing the same NIC for multiple PXE initiated deployments in System Center Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/) blog post.
+* Add an exclusion for the MAC addresses of Surface Ethernet adapters, which forces Configuration Manager to overlook the MAC address in preference of the System UUID, as documented in the [Reusing the same NIC for multiple PXE initiated deployments in SMicrosoft Endpoint Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/) blog post.
 
-* Prestage devices by System UUID as documented in the [Reusing the same NIC for multiple PXE initiated deployments in System Center Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/) blog post.
+* Prestage devices by System UUID as documented in the [Reusing the same NIC for multiple PXE initiated deployments in Microsoft Endpoint Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/) blog post.
 
 * Use a script to identify a newly deployed Surface device by the MAC address of its wireless adapter, as documented in the [How to Use The Same External Ethernet Adapter For Multiple SCCM OSD](https://blogs.technet.microsoft.com/askpfeplat/2014/07/27/how-to-use-the-same-external-ethernet-adapter-for-multiple-sccm-osd/) blog post.
 
@@ -60,7 +60,7 @@ With the release of Microsoft Store for Business, Surface app is no longer avail
 
 If your organization uses prestaged media to pre-load deployment resources on to machines prior to deployment with Configuration Manager, the nature of Surface devices as UEFI devices may require you to take additional steps. Specifically, a native UEFI environment requires that you create multiple partitions on the boot disk of the system. If you are following along with the [documentation for prestaged media](https://technet.microsoft.com/library/79465d90-4831-4872-96c2-2062d80f5583?f=255&MSPPError=-2147217396#BKMK_CreatePrestagedMedia), the instructions provide for only single partition boot disks and therefore will fail when applied to Surface devices.
 
-Instructions for applying prestaged media to UEFI devices, such as Surface devices, can be found in the [How to apply Task Sequence Prestaged Media on multi-partitioned disks for BIOS or UEFI PCs in System Center Configuration Manager](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2014/04/02/how-to-apply-task-sequence-prestaged-media-on-multi-partitioned-disks-for-bios-or-uefi-pcs-in-system-center-configuration-manager/) blog post.
+Instructions for applying prestaged media to UEFI devices, such as Surface devices, can be found in the [How to apply Task Sequence Prestaged Media on multi-partitioned disks for BIOS or UEFI PCs in Microsoft Endpoint Configuration Manager](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2014/04/02/how-to-apply-task-sequence-prestaged-media-on-multi-partitioned-disks-for-bios-or-uefi-pcs-in-system-center-configuration-manager/) blog post.
 
 ## Licensing conflicts with OEM Activation 3.0
 
diff --git a/devices/surface/customize-the-oobe-for-surface-deployments.md b/devices/surface/customize-the-oobe-for-surface-deployments.md
index efc6802f8f..46c321367b 100644
--- a/devices/surface/customize-the-oobe-for-surface-deployments.md
+++ b/devices/surface/customize-the-oobe-for-surface-deployments.md
@@ -34,7 +34,7 @@ In some scenarios, you may want to provide complete automation to ensure that at
 This article provides a summary of the scenarios where a deployment might require additional steps. It also provides the required information to ensure that the desired experience is achieved on any newly deployed Surface device. This article is intended for administrators who are familiar with the deployment process, as well as concepts such as answer files and [reference images](https://technet.microsoft.com/itpro/windows/deploy/create-a-windows-10-reference-image).
 
 >[!NOTE]
->Although the OOBE phase of setup is still run during a deployment with an automated deployment solution such as the [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=618117) or System Center Configuration Manager Operating System Deployment (OSD), it is automated by the settings supplied in the Deployment Wizard and task sequence. For more information see:<br/>
+>Although the OOBE phase of setup is still run during a deployment with an automated deployment solution such as the [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=618117) or Microsoft Endpoint Configuration Manager Operating System Deployment (OSD), it is automated by the settings supplied in the Deployment Wizard and task sequence. For more information see:<br/>
 >- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit)
 >- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](https://technet.microsoft.com/itpro/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager)
 
diff --git a/devices/surface/deploy-surface-app-with-windows-store-for-business.md b/devices/surface/deploy-surface-app-with-windows-store-for-business.md
index 7c3f3bd079..a03f6e46fa 100644
--- a/devices/surface/deploy-surface-app-with-windows-store-for-business.md
+++ b/devices/surface/deploy-surface-app-with-windows-store-for-business.md
@@ -101,7 +101,7 @@ After you add an app to the Microsoft Store for Business account in Offline mode
 
     *Figure 4. Download the AppxBundle package for an app*
 5. Click **Download**. The AppxBundle package will be downloaded. Make sure you note the path of the downloaded file because you’ll need that later in this article.
-6. Click either the **Encoded license** or **Unencoded license** option. Use the Encoded license option with management tools like System Center Configuration Manager or when you use Windows Configuration Designer to create a provisioning package. Select the Unencoded license option when you use Deployment Image Servicing and Management (DISM) or deployment solutions based on imaging, including the Microsoft Deployment Toolkit (MDT).
+6. Click either the **Encoded license** or **Unencoded license** option. Use the Encoded license option with management tools like Microsoft Endpoint Configuration Manager or when you use Windows Configuration Designer to create a provisioning package. Select the Unencoded license option when you use Deployment Image Servicing and Management (DISM) or deployment solutions based on imaging, including the Microsoft Deployment Toolkit (MDT).
 7. Click **Generate** to generate and download the license for the app. Make sure you note the path of the license file because you’ll need that later in this article.
 
 >[!NOTE]
diff --git a/devices/surface/documentation/surface-system-sku-reference.md b/devices/surface/documentation/surface-system-sku-reference.md
index c0aa8460a0..55a45cdd43 100644
--- a/devices/surface/documentation/surface-system-sku-reference.md
+++ b/devices/surface/documentation/surface-system-sku-reference.md
@@ -43,7 +43,7 @@ You can also find the System SKU and System Model for a device in System Informa
 - Click **Start** >  **MSInfo32**.  
 
 ### WMI
-You can use System SKU variables in a Task Sequence WMI Condition in the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager. For example: 
+You can use System SKU variables in a Task Sequence WMI Condition in the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager. For example: 
 
     - WMI Namespace – Root\WMI
     - WQL Query – SELECT * FROM MS_SystemInformation WHERE SystemSKU = "Surface_Pro_1796"
diff --git a/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md b/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
index 580498d41a..49e1bc555b 100644
--- a/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
+++ b/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
@@ -23,7 +23,7 @@ Find out how to enable support for PEAP, EAP-FAST, or Cisco LEAP protocols on yo
 
 If you use PEAP, EAP-FAST, or Cisco LEAP in your enterprise network, you probably already know that these three wireless authentication protocols are not supported by Surface devices out of the box. Some users may discover this when they attempt to connect to your wireless network; others may discover it when they are unable to gain access to resources inside the network, like file shares and internal sites. For more information, see [Extensible Authentication Protocol](https://technet.microsoft.com/network/bb643147).
 
-You can add support for each protocol by executing a small MSI package from a USB stick or from a file share. For organizations that want to enable EAP support on their Surface devices, the MSI package format supports deployment with many management and deployment tools, like the Microsoft Deployment Toolkit (MDT) and System Center Configuration Manager.
+You can add support for each protocol by executing a small MSI package from a USB stick or from a file share. For organizations that want to enable EAP support on their Surface devices, the MSI package format supports deployment with many management and deployment tools, like the Microsoft Deployment Toolkit (MDT) and Microsoft Endpoint Configuration Manager.
 
 ## <a href="" id="download-peap--eap-fast--or-cisco-leap-installation-files--"></a>Download PEAP, EAP-FAST, or Cisco LEAP installation files
 
diff --git a/devices/surface/enroll-and-configure-surface-devices-with-semm.md b/devices/surface/enroll-and-configure-surface-devices-with-semm.md
index e8a0143aab..50ecb3cb35 100644
--- a/devices/surface/enroll-and-configure-surface-devices-with-semm.md
+++ b/devices/surface/enroll-and-configure-surface-devices-with-semm.md
@@ -137,9 +137,9 @@ You can also verify that the device is enrolled in SEMM in Surface UEFI – whil
 
 ## Configure Surface UEFI settings with SEMM
 
-After a device is enrolled in SEMM, you can run Surface UEFI configuration packages signed with the same SEMM certificate to apply new Surface UEFI settings. These settings are applied automatically the next time the device boots, without any interaction from the user. You can use application deployment solutions like System Center Configuration Manager to deploy Surface UEFI configuration packages to Surface devices to change or manage the settings in Surface UEFI.
+After a device is enrolled in SEMM, you can run Surface UEFI configuration packages signed with the same SEMM certificate to apply new Surface UEFI settings. These settings are applied automatically the next time the device boots, without any interaction from the user. You can use application deployment solutions like Microsoft Endpoint Configuration Manager to deploy Surface UEFI configuration packages to Surface devices to change or manage the settings in Surface UEFI.
 
-For more information about how to deploy Windows Installer (.msi) files with Configuration Manager, see [Deploy and manage applications with System Center Configuration Manager](https://technet.microsoft.com/library/mt627959).
+For more information about how to deploy Windows Installer (.msi) files with Configuration Manager, see [Deploy and manage applications with Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627959).
 
 If you have secured Surface UEFI with a password, users without the password who attempt to boot to Surface UEFI will only have the **PC information**, **About**, **Enterprise management**, and **Exit** pages displayed to them.
 
diff --git a/devices/surface/ethernet-adapters-and-surface-device-deployment.md b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
index 1b1216cd8d..f280b2ff62 100644
--- a/devices/surface/ethernet-adapters-and-surface-device-deployment.md
+++ b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
@@ -29,7 +29,7 @@ Network deployment to Surface devices can pose some unique challenges for system
 
 Before you can address the concerns of how you will boot to your deployment environment or how devices will be recognized by your deployment solution, you have to use a wired network adapter.
 
-The primary concern when selecting an Ethernet adapter is how that adapter will boot your Surface device from the network. If you are pre-staging clients with Windows Deployment Services (WDS) or if you are using System Center Configuration Manager, you may also want to consider whether the removable Ethernet adapters will be dedicated to a specific Surface device or shared among multiple devices. See the [Manage MAC addresses with removable Ethernet adapters](#manage-mac-addresses) section of this article for more information on potential conflicts with shared adapters.
+The primary concern when selecting an Ethernet adapter is how that adapter will boot your Surface device from the network. If you are pre-staging clients with Windows Deployment Services (WDS) or if you are using Microsoft Endpoint Configuration Manager, you may also want to consider whether the removable Ethernet adapters will be dedicated to a specific Surface device or shared among multiple devices. See the [Manage MAC addresses with removable Ethernet adapters](#manage-mac-addresses) section of this article for more information on potential conflicts with shared adapters.
 
 Booting from the network (PXE boot) is only supported when you use an Ethernet adapter or docking station from Microsoft. To boot from the network, the chipset in the Ethernet adapter or dock must be detected and configured as a boot device in the firmware of the Surface device. Microsoft Ethernet adapters, such as the Surface Ethernet Adapter and the [Surface Dock](https://www.microsoft.com/surface/accessories/surface-dock) use a chipset that is compatible with the Surface firmware.
 
diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index 7f470ab3ac..d1148f52ce 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -39,27 +39,27 @@ For details about Group Policy for client configuration of WSUS or Windows Updat
 
 ### Windows Installer Package
 
-Surface driver and firmware updates are packaged as Windows Installer (MSI) files. To deploy these Windows Installer packages, you can use application deployment utilities such as the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager. Such solutions provide the means for administrators to test and review updates before deploying them, and to centralize deployment. For each device, it is important to select the correct MSI file for the device and its operating system. For more information see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+Surface driver and firmware updates are packaged as Windows Installer (MSI) files. To deploy these Windows Installer packages, you can use application deployment utilities such as the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager. Such solutions provide the means for administrators to test and review updates before deploying them, and to centralize deployment. For each device, it is important to select the correct MSI file for the device and its operating system. For more information see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
 
-For instructions on how to deploy updates by using Endpoint Configuration Manager (formerly System Center Configuration Manager), refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
+For instructions on how to deploy updates by using Microsoft Endpoint Configuration Manager (formerly System Center Configuration Manager), refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
 
 > [!NOTE]
 > You can deploy applications separately from an operating system deployment through MDT by using a Post OS Installation task sequence.
 
-### Microsoft System Center Configuration Manager
+### Microsoft Endpoint Configuration Manager
 
-Starting in Microsoft System Center Configuration Manager version 1710, you can synchronize and deploy Microsoft Surface firmware and driver updates by using the Configuration Manager client. The process resembles that for deploying regular updates. For additional information, see KB 4098906, [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager).
+Starting in Microsoft Endpoint Configuration Manager version 1710, you can synchronize and deploy Microsoft Surface firmware and driver updates by using the Configuration Manager client. The process resembles that for deploying regular updates. For additional information, see KB 4098906, [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager).
 
 ## Considerations when deploying updates and operating systems together
 
-The process of deploying firmware updates during an operating system deployment is straightforward. You can import the firmware and driver pack into either System Center Configuration Manager or MDT, and use them to deploy a fully updated environment to a target Surface device, complete with firmware. For a complete step-by-step guide to using MDT to deploy Windows to a Surface device, see [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](deploy-windows-10-to-surface-devices-with-mdt.md).
+The process of deploying firmware updates during an operating system deployment is straightforward. You can import the firmware and driver pack into either Configuration Manager or MDT, and use them to deploy a fully updated environment to a target Surface device, complete with firmware. For a complete step-by-step guide to using MDT to deploy Windows to a Surface device, see [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](deploy-windows-10-to-surface-devices-with-mdt.md).
 
 > [!IMPORTANT]
 > Select the correct MSI file for each specific device and its operating system. For more information, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
 
 **WindowsPE and Surface firmware and drivers**
 
-System Center Configuration Manager and MDT both use the Windows Preinstallation Environment (WindowsPE) during the deployment process. WindowsPE only supports a limited set of basic drivers such as those for network adapters and storage controllers. Drivers for Windows components that are not part of WindowsPE might produce errors. As a best practice, you can prevent such errors by configuring the deployment process to use only the required drivers during the WindowsPE phase.
+Configuration Manager and MDT both use the Windows Preinstallation Environment (WindowsPE) during the deployment process. WindowsPE only supports a limited set of basic drivers such as those for network adapters and storage controllers. Drivers for Windows components that are not part of WindowsPE might produce errors. As a best practice, you can prevent such errors by configuring the deployment process to use only the required drivers during the WindowsPE phase.
 
 ## Supported devices
 Downloadable MSI files are available for Surface devices from Surface Pro 2 and later. Information about MSI files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release. 
diff --git a/devices/surface/step-by-step-surface-deployment-accelerator.md b/devices/surface/step-by-step-surface-deployment-accelerator.md
index 488bd63a15..04d78253ee 100644
--- a/devices/surface/step-by-step-surface-deployment-accelerator.md
+++ b/devices/surface/step-by-step-surface-deployment-accelerator.md
@@ -328,7 +328,7 @@ The **2 – Create Windows Reference Image** task sequence is used to perform a
 Like the **1 – Deploy Microsoft Surface** task sequence, the **2 – Create Windows Reference Image** task sequence performs a deployment of the unaltered Windows image directly from the installation media. Creation of a reference image should always be performed on a virtual machine. Using a virtual machine as your reference system helps to ensure that the resulting image is compatible with different hardware configurations.
 
 >[!NOTE]
->Using a virtual machine when you create a reference image for Windows deployment is a recommended practice for performing Windows deployments with Microsoft deployment tools including the Microsoft Deployment Toolkit and System Center Configuration Manager. These Microsoft deployment technologies use the hardware agnostic images produced from a virtual machine and a collection of managed drivers to deploy to different configurations of hardware. For more information, see [Deploy a Windows 10 image using MDT 2013 Update 2](https://technet.microsoft.com/itpro/windows/deploy/deploy-a-windows-10-image-using-mdt).
+>Using a virtual machine when you create a reference image for Windows deployment is a recommended practice for performing Windows deployments with Microsoft deployment tools including the Microsoft Deployment Toolkit and Microsoft Endpoint Configuration Manager. These Microsoft deployment technologies use the hardware agnostic images produced from a virtual machine and a collection of managed drivers to deploy to different configurations of hardware. For more information, see [Deploy a Windows 10 image using MDT 2013 Update 2](https://technet.microsoft.com/itpro/windows/deploy/deploy-a-windows-10-image-using-mdt).
 
 In addition to the information required by the **1 – Deploy Microsoft Surface** task sequence, you will also be prompted to capture an image when you run this task sequence on your reference virtual machine. The **Location** and **File name** fields are automatically populated with the proper information for your deployment share. All that you need to do is select the **Capture an image of this reference computer** option when you are prompted on the **Capture Image** page of the Windows Deployment Wizard.
 
diff --git a/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md b/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md
index 51e39c27a3..d57966b6cf 100644
--- a/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md
+++ b/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md
@@ -61,4 +61,4 @@ Before you choose to use Windows 10 Enterprise LTSC edition on Surface devices,
 
 Surface devices running Windows 10 Enterprise LTSC edition will not receive new features. In many cases these features are requested by customers to improve the usability and capabilities of Surface hardware. For example, new improvements for High DPI applications in Windows 10, version 1703. Customers that use Surface devices in the LTSC configuration will not see the improvements until they either update to a new Windows 10 Enterprise LTSC release or upgrade to a version of Windows 10 with support for the SAC servicing option.
 
-Devices can be changed from Windows 10 Enterprise LTSC to a more recent version of Windows 10 Enterprise, with support for the SAC servicing option, without the loss of user data by performing an upgrade installation. You can also perform an upgrade installation on multiple devices by leveraging the Upgrade Task Sequence Templates available in the Microsoft Deployment Toolkit (MDT) and System Center Configuration Manager. For more information, see [Upgrade Surface devices to Windows 10 with Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/surface/upgrade-surface-devices-to-windows-10-with-mdt).
+Devices can be changed from Windows 10 Enterprise LTSC to a more recent version of Windows 10 Enterprise, with support for the SAC servicing option, without the loss of user data by performing an upgrade installation. You can also perform an upgrade installation on multiple devices by leveraging the Upgrade Task Sequence Templates available in the Microsoft Deployment Toolkit (MDT) and Microsoft Endpoint Configuration Manager. For more information, see [Upgrade Surface devices to Windows 10 with Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/surface/upgrade-surface-devices-to-windows-10-with-mdt).
diff --git a/devices/surface/surface-diagnostic-toolkit-command-line.md b/devices/surface/surface-diagnostic-toolkit-command-line.md
index f1e3460df4..6ea9d9ac55 100644
--- a/devices/surface/surface-diagnostic-toolkit-command-line.md
+++ b/devices/surface/surface-diagnostic-toolkit-command-line.md
@@ -43,7 +43,7 @@ Command | Notes
 
 
 >[!NOTE]
->To run the SDT app console remotely on target devices, you can use a configuration management tool such as System Center Configuration Manager. Alternatively, you can create a .zip file containing the console app and appropriate console commands and deploy per your organization’s software distribution processes. 
+>To run the SDT app console remotely on target devices, you can use a configuration management tool such as Microsoft Endpoint Configuration Manager. Alternatively, you can create a .zip file containing the console app and appropriate console commands and deploy per your organization’s software distribution processes. 
 
 ## Running Best Practice Analyzer 
 
diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md
index 104b12b126..ade342c416 100644
--- a/devices/surface/surface-dock-firmware-update.md
+++ b/devices/surface/surface-dock-firmware-update.md
@@ -43,7 +43,7 @@ If preferred, you can manually complete the update as follows:
 
 ## Network deployment
 
-You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firmware Update to multiple devices across your network. When using System Center Configuration Manager or other deployment tool, enter the following syntax to ensure the installation is silent:
+You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firmware Update to multiple devices across your network. When using Microsoft Endpoint Configuration Manager or other deployment tool, enter the following syntax to ensure the installation is silent:
 
 - **Msiexec.exe /i <name of msi> /quiet /norestart** 
 
diff --git a/devices/surface/surface-enterprise-management-mode.md b/devices/surface/surface-enterprise-management-mode.md
index 81b911bb6f..52e193b6dd 100644
--- a/devices/surface/surface-enterprise-management-mode.md
+++ b/devices/surface/surface-enterprise-management-mode.md
@@ -25,7 +25,7 @@ Microsoft Surface Enterprise Management Mode (SEMM) is a feature of Surface devi
 
 When Surface devices are configured by SEMM and secured with the SEMM certificate, they are considered *enrolled* in SEMM. When the SEMM certificate is removed and control of UEFI settings is returned to the user of the device, the Surface device is considered *unenrolled* in SEMM.
 
-There are two administrative options you can use to manage SEMM and enrolled Surface devices – a standalone tool or integration with System Center Configuration Manager. The SEMM standalone tool, called the Microsoft Surface UEFI Configurator, is described in this article. For more information about how to manage SEMM with System Center Configuration Manager, see [Use System Center Configuration Manager to manage devices with SEMM](https://technet.microsoft.com/itpro/surface/use-system-center-configuration-manager-to-manage-devices-with-semm).
+There are two administrative options you can use to manage SEMM and enrolled Surface devices – a standalone tool or integration with Microsoft Endpoint Configuration Manager. The SEMM standalone tool, called the Microsoft Surface UEFI Configurator, is described in this article. For more information about how to manage SEMM with Microsoft Endpoint Configuration Manager, see [Use Microsoft Endpoint Configuration Manager to manage devices with SEMM](https://technet.microsoft.com/itpro/surface/use-system-center-configuration-manager-to-manage-devices-with-semm).
 
 
 ## Microsoft Surface UEFI Configurator
@@ -124,7 +124,7 @@ These characters are the last two characters of the certificate thumbprint and s
 >6. **All** or **Properties Only** must be selected in the **Show** drop-down menu.
 >7. Select the field **Thumbprint**.
 
-To enroll a Surface device in SEMM or to apply the UEFI configuration from a configuration package, all you need to do is run the .msi file with administrative privileges on the intended Surface device. You can use application deployment or operating system deployment technologies such as [System Center Configuration Manager](https://technet.microsoft.com/library/mt346023) or the [Microsoft Deployment Toolkit](https://technet.microsoft.com/windows/dn475741). When you enroll a device in SEMM you must be present to confirm the enrollment on the device. User interaction is not required when you apply a configuration to devices that are already enrolled in SEMM.
+To enroll a Surface device in SEMM or to apply the UEFI configuration from a configuration package, all you need to do is run the .msi file with administrative privileges on the intended Surface device. You can use application deployment or operating system deployment technologies such as [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt346023) or the [Microsoft Deployment Toolkit](https://technet.microsoft.com/windows/dn475741). When you enroll a device in SEMM you must be present to confirm the enrollment on the device. User interaction is not required when you apply a configuration to devices that are already enrolled in SEMM.
 
 For a step-by-step walkthrough of how to enroll a Surface device in SEMM or apply a Surface UEFI configuration with SEMM, see [Enroll and configure Surface devices with SEMM](https://technet.microsoft.com/itpro/surface/enroll-and-configure-surface-devices-with-semm).
 
diff --git a/devices/surface/surface-system-sku-reference.md b/devices/surface/surface-system-sku-reference.md
index cb201c332e..dbcb9648b0 100644
--- a/devices/surface/surface-system-sku-reference.md
+++ b/devices/surface/surface-system-sku-reference.md
@@ -66,7 +66,7 @@ You can also find the System SKU and System Model for a device in **System Infor
 1. Select **System Information**.
 
 **Using the SKU in a task sequence WMI condition**  
-You can use the System SKU information in the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager as part of a task sequence WMI condition.
+You can use the System SKU information in the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager as part of a task sequence WMI condition.
 
  ``` powershell  
     - WMI Namespace – Root\WMI
diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
index 09000265e6..8cfc7949fc 100644
--- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
+++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
@@ -20,7 +20,7 @@ ms.audience: itpro
 
 The Microsoft Surface Enterprise Management Mode (SEMM) feature of Surface UEFI devices lets administrators manage and help secure the configuration of Surface UEFI settings. For most organizations, this process is accomplished by creating Windows Installer (.msi) packages with the Microsoft Surface UEFI Configurator tool. These packages are then run or deployed to the client Surface devices to enroll the devices in SEMM and to update the Surface UEFI settings configuration.
 
-For organizations with Endpoint Configuration Manager (formerly known as System Center Configuration Manager or SCCM), there is an alternative to using the Microsoft Surface UEFI Configurator .msi process to deploy and administer SEMM. Microsoft Surface UEFI Manager is a lightweight installer that makes required assemblies for SEMM management available on a device. By installing these assemblies with Microsoft Surface UEFI Manager on a managed client, SEMM can be administered by Configuration Manager with PowerShell scripts, deployed as applications. With this process, SEMM management is performed within Configuration Manager, which eliminates the need for the external Microsoft Surface UEFI Configurator tool.
+For organizations with Microsoft Endpoint Configuration Manager (formerly known as System Center Configuration Manager or SCCM), there is an alternative to using the Microsoft Surface UEFI Configurator .msi process to deploy and administer SEMM. Microsoft Surface UEFI Manager is a lightweight installer that makes required assemblies for SEMM management available on a device. By installing these assemblies with Microsoft Surface UEFI Manager on a managed client, SEMM can be administered by Configuration Manager with PowerShell scripts, deployed as applications. With this process, SEMM management is performed within Configuration Manager, which eliminates the need for the external Microsoft Surface UEFI Configurator tool.
 
 > [!Note]
 > Although the process described in this article may work with earlier versions of Endpoint Configuration Manager or with other third-party management solutions, management of SEMM with Microsoft Surface UEFI Manager and PowerShell is supported only with the Current Branch of Endpoint Configuration Manager.
diff --git a/devices/surface/wake-on-lan-for-surface-devices.md b/devices/surface/wake-on-lan-for-surface-devices.md
index 00ad750ca8..53ff389c02 100644
--- a/devices/surface/wake-on-lan-for-surface-devices.md
+++ b/devices/surface/wake-on-lan-for-surface-devices.md
@@ -18,7 +18,7 @@ ms.audience: itpro
 
 # Wake On LAN for Surface devices
 
-Surface devices that run Windows 10, version 1607 (also known as Windows 10 Anniversary Update) or later and use a Surface Ethernet adapter to connect to a wired network, are capable of Wake On LAN (WOL) from Connected Standby. With WOL, you can remotely wake up devices to perform management or maintenance tasks or enable management solutions (such as System Center Configuration Manager) automatically. For example, you can deploy applications to Surface devices left docked with a Surface Dock or Surface Pro 3 Docking Station by using System Center Configuration Manager during a window in the middle of the night, when the office is empty.
+Surface devices that run Windows 10, version 1607 (also known as Windows 10 Anniversary Update) or later and use a Surface Ethernet adapter to connect to a wired network, are capable of Wake On LAN (WOL) from Connected Standby. With WOL, you can remotely wake up devices to perform management or maintenance tasks or enable management solutions (such as Microsoft Endpoint Configuration Manager) automatically. For example, you can deploy applications to Surface devices left docked with a Surface Dock or Surface Pro 3 Docking Station by using Microsoft Endpoint Configuration Manager during a window in the middle of the night, when the office is empty.
 
 >[!NOTE]
 >Surface devices must be connected to AC power and in Connected Standby (Sleep) to support WOL. WOL is not possible from devices that are in hibernation or powered off.
@@ -51,7 +51,7 @@ The following devices are supported for WOL:
 
 To enable WOL support on Surface devices, a specific driver for the Surface Ethernet adapter is required. This driver is not included in the standard driver and firmware pack for Surface devices – you must download and install it separately. You can download the Surface WOL driver (SurfaceWOL.msi) from the [Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) page in the Microsoft Download Center.
 
-You can run this Microsoft Windows Installer (.msi) file on a Surface device to install the Surface WOL driver, or you can distribute it to Surface devices with an application deployment solution, such as System Center Configuration Manager. To include the Surface WOL driver during deployment, you can install the .msi file as an application during the deployment process. You can also extract the Surface WOL driver files to include them in the deployment process. For example, you can include them in your Microsoft Deployment Toolkit (MDT) deployment share. You can read more about Surface deployment with MDT in [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/surface/deploy-windows-10-to-surface-devices-with-mdt).
+You can run this Microsoft Windows Installer (.msi) file on a Surface device to install the Surface WOL driver, or you can distribute it to Surface devices with an application deployment solution, such as Microsoft Endpoint Configuration Manager. To include the Surface WOL driver during deployment, you can install the .msi file as an application during the deployment process. You can also extract the Surface WOL driver files to include them in the deployment process. For example, you can include them in your Microsoft Deployment Toolkit (MDT) deployment share. You can read more about Surface deployment with MDT in [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://technet.microsoft.com/itpro/surface/deploy-windows-10-to-surface-devices-with-mdt).
 
 > [!NOTE]
 > During the installation of SurfaceWOL.msi, the following registry key is set to a value of 1, which allows easy identification of systems where the WOL driver has been installed. If you chose to extract and install these drivers separately during deployment, this registry key will not be configured and must be configured manually or with a script.
@@ -89,7 +89,7 @@ The Surface WOL driver conforms to the WOL standard, whereby the device is woken
 >[!NOTE]
 >To send a magic packet and wake up a device by using WOL, you must know the MAC address of the target device and Ethernet adapter. Because the magic packet does not use the IP network protocol, it is not possible to use the IP address or DNS name of the device.
 
-Many management solutions, such as System Center Configuration Manager, provide built-in support for WOL. There are also many solutions, including Microsoft Store apps, PowerShell modules, third-party applications, and third-party management solutions that allow you to send a magic packet to wake up a device. For example, you can use the [Wake On LAN PowerShell module](https://gallery.technet.microsoft.com/scriptcenter/Wake-On-Lan-815424c4) from the TechNet Script Center. 
+Many management solutions, such as Configuration Manager, provide built-in support for WOL. There are also many solutions, including Microsoft Store apps, PowerShell modules, third-party applications, and third-party management solutions that allow you to send a magic packet to wake up a device. For example, you can use the [Wake On LAN PowerShell module](https://gallery.technet.microsoft.com/scriptcenter/Wake-On-Lan-815424c4) from the TechNet Script Center. 
 
 >[!NOTE]
 >After a device has been woken up with a magic packet, the device will return to sleep if an application is not actively preventing sleep on the system or if the AllowSystemRequiredPowerRequests registry key is not configured to 1, which allows applications to prevent sleep. See the [WOL driver](#wol-driver) section of this article for more information about this registry key.
diff --git a/education/windows/chromebook-migration-guide.md b/education/windows/chromebook-migration-guide.md
index 051954b11f..cbbdb3502b 100644
--- a/education/windows/chromebook-migration-guide.md
+++ b/education/windows/chromebook-migration-guide.md
@@ -457,7 +457,7 @@ Table 5. Select on-premises AD DS, Azure AD, or hybrid
 <td align="left">X</td>
 </tr>
 <tr class="odd">
-<td align="left">Use System Center 2012 R2 Configuration Manager for management</td>
+<td align="left">Use Microsoft Endpoint Configuration Manager for management</td>
 <td align="left">X</td>
 <td align="left"></td>
 <td align="left">X</td>
@@ -493,7 +493,7 @@ You may ask the question, “Why plan for device, user, and app management befor
 
 Also, planning management before deployment is essential to being ready to support the devices as you deploy them. You want to have your management processes and technology in place when the first teachers, facility, or students start using their new Windows device.
 
-Table 6 is a decision matrix that lists the device, user, and app management products and technologies and the features supported by each product or technology. The primary device, user, and app management products and technologies include Group Policy, System Center Configuration Manager, Intune, and the Microsoft Deployment Toolkit (MDT). Use this decision matrix to help you select the right combination of products and technologies for your plan.
+Table 6 is a decision matrix that lists the device, user, and app management products and technologies and the features supported by each product or technology. The primary device, user, and app management products and technologies include Group Policy, Microsoft Endpoint Configuration Manager, Intune, and the Microsoft Deployment Toolkit (MDT). Use this decision matrix to help you select the right combination of products and technologies for your plan.
 
 Table 6. Device, user, and app management products and technologies
 
diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md
index 5fd1f4093a..f582026716 100644
--- a/education/windows/deploy-windows-10-in-a-school.md
+++ b/education/windows/deploy-windows-10-in-a-school.md
@@ -88,7 +88,7 @@ Now that you have the plan (blueprint) for your classroom, you’re ready to lea
 
 The primary tool you will use to deploy Windows 10 in your school is MDT, which uses Windows ADK components to make deployment easier. You could just use the Windows ADK to perform your deployment, but MDT simplifies the process by providing an intuitive, wizard-driven user interface (UI).
 
-You can use MDT as a stand-alone tool or integrate it with Microsoft System Center Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with System Center Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as System Center Configuration Manager) but result in fully automated deployments.
+You can use MDT as a stand-alone tool or integrate it with Microsoft Endpoint Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as Configuration Manager) but result in fully automated deployments.
 
 MDT includes the Deployment Workbench—a console from which you can manage the deployment of Windows 10 and your apps. You configure the deployment process in the Deployment Workbench, including the management of operating systems, device drivers, apps and migration of user settings on existing devices. 
 
diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md
index c49e6ea21f..c326ec1cba 100644
--- a/education/windows/take-a-test-multiple-pcs.md
+++ b/education/windows/take-a-test-multiple-pcs.md
@@ -28,7 +28,7 @@ Follow the guidance in this topic to set up Take a Test on multiple PCs.
 To configure a dedicated test account on multiple PCs, select any of the following methods:
 - [Provisioning package created through the Set up School PCs app](#set-up-a-test-account-in-the-set-up-school-pcs-app)
 - [Configuration in Intune for Education](#set-up-a-test-account-in-intune-for-education)
-- [Mobile device management (MDM) or Microsoft System Center Configuration Manager](#set-up-a-test-account-in-mdm-or-configuration-manager)
+- [Mobile device management (MDM) or Microsoft Endpoint Configuration Manager](#set-up-a-test-account-in-mdm-or-configuration-manager)
 - [Provisioning package created through Windows Configuration Designer](#set-up-a-test-account-through-windows-configuration-designer)
 - [Group Policy to deploy a scheduled task that runs a Powershell script](https://docs.microsoft.com/education/windows/take-a-test-multiple-pcs#create-a-scheduled-task-in-group-policy) 
 
diff --git a/education/windows/take-tests-in-windows-10.md b/education/windows/take-tests-in-windows-10.md
index 4ff027e388..fed3ff8374 100644
--- a/education/windows/take-tests-in-windows-10.md
+++ b/education/windows/take-tests-in-windows-10.md
@@ -48,7 +48,7 @@ There are several ways to configure devices for assessments. You can:
   - **For multiple PCs**
     
       You can use any of these methods:
-    - Mobile device management (MDM) or Microsoft System Center Configuration Manager
+    - Mobile device management (MDM) or Microsoft Endpoint Configuration Manager
     - A provisioning package created in Windows Configuration Designer
     - Group Policy to deploy a scheduled task that runs a Powershell script
 
diff --git a/mdop/appv-v4/about-microsoft-application-virtualization-45.md b/mdop/appv-v4/about-microsoft-application-virtualization-45.md
index 827934974f..b28454f7f9 100644
--- a/mdop/appv-v4/about-microsoft-application-virtualization-45.md
+++ b/mdop/appv-v4/about-microsoft-application-virtualization-45.md
@@ -27,7 +27,7 @@ Formerly known as SoftGrid Application Virtualization, Microsoft Application Vir
 
     2.  Application Virtualization Streaming Server, a lightweight version which also ships as part of the Microsoft Desktop Optimization Pack and Microsoft Application Virtualization for Remote Desktop Services packages, offers application streaming including package and active upgrades without the Active Directory Domain Services and database overheads, and enables administrators to deploy to existing servers or add streaming to Electronic Software Delivery (ESD) systems.
 
-    3.  Standalone mode enables virtual applications to run without streaming and is interoperable with Microsoft Systems Management Server and System Center Configuration Manager 2007 and third-party ESD systems.
+    3.  Standalone mode enables virtual applications to run without streaming and is interoperable with Microsoft Systems Management Server and Microsoft Endpoint Configuration Manager and third-party ESD systems.
 
 -   Globalization: The product is localized across 11 languages, includes support for foreign language applications that use special characters, and supports foreign language Active Directory and servers and runtime locale detection.
 
diff --git a/mdop/appv-v4/app-v-upgrade-checklist.md b/mdop/appv-v4/app-v-upgrade-checklist.md
index 942fa32de6..b81818e567 100644
--- a/mdop/appv-v4/app-v-upgrade-checklist.md
+++ b/mdop/appv-v4/app-v-upgrade-checklist.md
@@ -69,7 +69,7 @@ Before trying to upgrade to Microsoft Application Virtualization (App-V) 4.5 or
 
 -   Any virtual application packages sequenced in version 4.2 will not have to be sequenced again for use with version 4.5. However, you should consider upgrading the virtual packages to the Microsoft Application Virtualization 4.5 format if you want to apply default access control lists (ACLs) or generate a Windows Installer file. This is a simple process and requires only that the existing virtual application package be opened and saved with the App-V 4.5 Sequencer. This can be automated by using the App-VSequencer command-line interface. For more information, see [How to Create or Upgrade Virtual Applications Using the App-V Sequencer](how-to-create-or-upgrade-virtual-applications-using--the-app-v-sequencer.md)
 
--   One of the features of the 4.5 Sequencer is the ability to create Windows Installer (.msi) files as control points for virtual application package interoperability with electronic software distribution (ESD) systems, such as Microsoft System Center Configuration Manager 2007. Previous Windows Installer files created with the MSI tool for Application Virtualization that were installed on a App-V 4.1 or 4.2 client that is subsequently upgraded to App-V 4.5 will continue to work, although they cannot be installed on the App-V 4.5 client. However, they cannot be removed or upgraded unless they are upgraded in the App-V 4.5 Sequencer. The original App-V package earlier than 4.5 has to be opened in the App-V 4.5 Sequencer and then saved as a Windows Installer File.
+-   One of the features of the 4.5 Sequencer is the ability to create Windows Installer (.msi) files as control points for virtual application package interoperability with electronic software distribution (ESD) systems, such as Microsoft Endpoint Configuration Manager. Previous Windows Installer files created with the MSI tool for Application Virtualization that were installed on a App-V 4.1 or 4.2 client that is subsequently upgraded to App-V 4.5 will continue to work, although they cannot be installed on the App-V 4.5 client. However, they cannot be removed or upgraded unless they are upgraded in the App-V 4.5 Sequencer. The original App-V package earlier than 4.5 has to be opened in the App-V 4.5 Sequencer and then saved as a Windows Installer File.
 
     **Note**  
     If the App-V 4.2 Client has already been upgraded to App-V 4.5, it is possible to script a workaround to preserve the version 4.2 packages on version 4.5 clients and allow them to be managed. This script must copy two files, msvcp71.dll and msvcr71.dll, to the App-V installation folder and set the following registry key values under the registry key:\[HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\SoftGrid\\4.5\\Client\\Configuration\]:
diff --git a/mdop/appv-v4/determine-your-streaming-method.md b/mdop/appv-v4/determine-your-streaming-method.md
index eac83fa0c2..0033aa3003 100644
--- a/mdop/appv-v4/determine-your-streaming-method.md
+++ b/mdop/appv-v4/determine-your-streaming-method.md
@@ -24,7 +24,7 @@ The first time that a user double-clicks the icon that has been placed on a comp
 
  
 
-The streaming source location is usually a server that is accessible by the user’s computer; however, some electronic distribution systems, such as Microsoft System Center Configuration Manager, can distribute the SFT file to the user’s computer and then stream the virtual application package locally from that computer’s cache.
+The streaming source location is usually a server that is accessible by the user’s computer; however, some electronic distribution systems, such as Microsoft Endpoint Configuration Manager, can distribute the SFT file to the user’s computer and then stream the virtual application package locally from that computer’s cache.
 
 **Note**  
 A streaming source location for virtual packages can be set up on a computer that is not a server. This is especially useful in a small branch office that has no server.
diff --git a/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md b/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md
index 6173dbdd7a..ebdfacc6c9 100644
--- a/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md
+++ b/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md
@@ -20,7 +20,7 @@ ms.date: 08/30/2016
 If you plan to use an electronic software distribution (ESD) solution to deploy virtual applications, it is important to understand the factors that go into and are affected by that decision. This topic describes the benefits of using an ESD-based scenario and provides information about the publishing and package streaming methods that you will need to consider as you proceed with your deployment.
 
 **Important**  
-Whichever ESD solution you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or later, see the System Center Configuration Manager documentation at <https://go.microsoft.com/fwlink/?LinkId=66999>.
+Whichever ESD solution you use, you must be familiar with the requirements of your particular solution. If you are using Microsoft Endpoint Configuration Manager, see the Configuration Manager documentation at <https://go.microsoft.com/fwlink/?LinkId=66999>.
 
  
 
diff --git a/mdop/appv-v4/overview-of-application-virtualization.md b/mdop/appv-v4/overview-of-application-virtualization.md
index e5ebe91ee2..356e53e996 100644
--- a/mdop/appv-v4/overview-of-application-virtualization.md
+++ b/mdop/appv-v4/overview-of-application-virtualization.md
@@ -21,7 +21,7 @@ Microsoft Application Virtualization (App-V) can make applications available to
 
 The App-V client is the feature that lets the end user interact with the applications after they have been published to the computer. The client manages the virtual environment in which the virtualized applications run on each computer. After the client has been installed on a computer, the applications must be made available to the computer through a process known as *publishing*, which enables the end user to run the virtual applications. The publishing process copies the virtual application icons and shortcuts to the computer—typically on the Windows desktop or on the **Start** menu—and also copies the package definition and file type association information to the computer. Publishing also makes the application package content available to the end user’s computer.
 
-The virtual application package content can be copied onto one or more Application Virtualization servers so that it can be streamed down to the clients on demand and cached locally. File servers and Web servers can also be used as streaming servers, or the content can be copied directly to the end user’s computer—for example, if you are using an electronic software distribution system, such as Microsoft System Center Configuration Manager 2007. In a multi-server implementation, maintaining the package content and keeping it up to date on all the streaming servers requires a comprehensive package management solution. Depending on the size of your organization, you might need to have many virtual applications available to end users located all over the world. Managing the packages to ensure that the appropriate applications are available to all users where and when they need access to them is therefore an important requirement.
+The virtual application package content can be copied onto one or more Application Virtualization servers so that it can be streamed down to the clients on demand and cached locally. File servers and Web servers can also be used as streaming servers, or the content can be copied directly to the end user’s computer—for example, if you are using an electronic software distribution system, such as Microsoft Endpoint Configuration Manager. In a multi-server implementation, maintaining the package content and keeping it up to date on all the streaming servers requires a comprehensive package management solution. Depending on the size of your organization, you might need to have many virtual applications available to end users located all over the world. Managing the packages to ensure that the appropriate applications are available to all users where and when they need access to them is therefore an important requirement.
 
 ## Microsoft Application Virtualization System Features
 
diff --git a/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md b/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md
index e1cbb3ac00..a3718091a0 100644
--- a/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md
+++ b/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md
@@ -21,7 +21,7 @@ Microsoft Application Virtualization Management provides the capability to make
 
 The Application Virtualization Client is the Application Virtualization system component that enables the end user to interact with the applications after they have been published to the computer. The client manages the virtual environment in which the virtualized applications run on each computer. After the client has been installed on a computer, the applications must be made available to the computer through a process known as *publishing*, which enables the end user to run the virtual applications. The publishing process places the virtual application icons and shortcuts on the computer—typically on the Windows desktop or on the **Start** menu—and also places the package definition and file type association information on the computer. Publishing also makes the application package content available to the end user’s computer.
 
-The virtual application package content can be placed on one or more Application Virtualization servers so that it can be streamed down to the clients on demand and cached locally. File servers and Web servers can also be used as streaming servers, or the content can be placed directly on the end user’s computer—for example, if you are using an electronic software distribution system, such as Microsoft System Center Configuration Manager 2007. In a multi-server implementation, maintaining the package content and keeping it up to date on all the streaming servers requires a comprehensive package management solution. Depending on the size of your organization, you might need to have many virtual applications accessible to end users located all over the world. Managing the packages to ensure that the right applications are available to all users where and when they need access to them is therefore an essential requirement.
+The virtual application package content can be placed on one or more Application Virtualization servers so that it can be streamed down to the clients on demand and cached locally. File servers and Web servers can also be used as streaming servers, or the content can be placed directly on the end user’s computer—for example, if you are using an electronic software distribution system, such as Microsoft Endpoint Configuration Manager. In a multi-server implementation, maintaining the package content and keeping it up to date on all the streaming servers requires a comprehensive package management solution. Depending on the size of your organization, you might need to have many virtual applications accessible to end users located all over the world. Managing the packages to ensure that the right applications are available to all users where and when they need access to them is therefore an essential requirement.
 
 The Application Virtualization Planning and Deployment Guide provides information to help you better understand and deploy the Microsoft Application Virtualization application and its components. It also provides step-by-step procedures for implementing the key deployment scenarios.
 
diff --git a/mdop/appv-v4/planning-for-migration-from-previous-versions.md b/mdop/appv-v4/planning-for-migration-from-previous-versions.md
index c324bac3d4..2e96c0f008 100644
--- a/mdop/appv-v4/planning-for-migration-from-previous-versions.md
+++ b/mdop/appv-v4/planning-for-migration-from-previous-versions.md
@@ -186,7 +186,7 @@ The following table lists which client versions will run packages created by usi
 ## Additional Migration Considerations
 
 
-One of the features of the App-V 4.5 Sequencer is the ability to create Windows Installer files (.msi) as control points for virtual application package interoperability with electronic software distribution (ESD) systems such as Microsoft System Center Configuration Manager. Previous Windows Installer files created with the .msi tool for Application Virtualization that were installed on a App-V 4.1 or 4.2 Client that is subsequently upgraded to 4.5 continue to work, although they cannot be installed on the 4.5 Client. However, they cannot be removed or upgraded unless they are upgraded in the 4.5 Sequencer. The original pre-4.5 virtual application package would need to be opened in the 4.5 Sequencer and then saved as a Windows Installer File.
+One of the features of the App-V 4.5 Sequencer is the ability to create Windows Installer files (.msi) as control points for virtual application package interoperability with electronic software distribution (ESD) systems such as Microsoft Endpoint Configuration Manager. Previous Windows Installer files created with the .msi tool for Application Virtualization that were installed on a App-V 4.1 or 4.2 Client that is subsequently upgraded to 4.5 continue to work, although they cannot be installed on the 4.5 Client. However, they cannot be removed or upgraded unless they are upgraded in the 4.5 Sequencer. The original pre-4.5 virtual application package would need to be opened in the 4.5 Sequencer and then saved as a Windows Installer File.
 
 **Note**  
 If the App-V 4.2 Client has already been upgraded to 4.5, it is possible to use script as a workaround to preserve the 4.2 packages on 4.5 clients and allow them to be managed. This script must copy two files, msvcp71.dll and msvcr71.dll, to the App-V installation folder and set the following registry key values under the registry key \[HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\SoftGrid\\4.5\\Client\\Configuration\]:
diff --git a/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md b/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md
index af5b7a4cfc..7106bf01e0 100644
--- a/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md
+++ b/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md
@@ -19,7 +19,7 @@ ms.date: 06/16/2016
 
 In Application Virtualization, after you have sequenced and tested a package, you need to deploy the virtual application package to the target computers. To accomplish this, you will need to determine where to put the package content and how to deliver it to the end user computers. An efficient, effective electronic software distribution–based deployment plan will help you avoid the situation where large numbers of end users computers need to retrieve the package content over slow network connections.
 
-If you currently have an electronic software distribution (ESD) system in daily operation, you can use it to handle all necessary management tasks in Application Virtualization. This means that you can effectively use your existing infrastructure to the best advantage, without the need to add new servers and application software or incur the additional administrative overhead that these would require. Ideally, if you have System Center Configuration Manager 2007 R2 deployed and operational, you will find that Configuration Manager has built-in capability for performing the Application Virtualization management tasks.
+If you currently have an electronic software distribution (ESD) system in daily operation, you can use it to handle all necessary management tasks in Application Virtualization. This means that you can effectively use your existing infrastructure to the best advantage, without the need to add new servers and application software or incur the additional administrative overhead that these would require. Ideally, if you have Microsoft Endpoint Configuration Manager deployed and operational, you will find that Configuration Manager has built-in capability for performing the Application Virtualization management tasks.
 
 For in-depth information about performing an ESD-based deployment, [Electronic Software Distribution-Based Scenario](electronic-software-distribution-based-scenario.md).
 

From 8fcf02d9e22904c64aac0549a09d76c3731bf0c6 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 31 Dec 2019 18:02:32 -0800
Subject: [PATCH 020/247] Rebrand System Center to Endpoint two files 135
 changes

---
 ...anage-settings-with-mdm-for-surface-hub.md |  26 +--
 .../deploy-windows-10-in-a-school-district.md | 162 +++++++++---------
 2 files changed, 94 insertions(+), 94 deletions(-)

diff --git a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
index 91d561934c..81037717a5 100644
--- a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
+++ b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
@@ -19,8 +19,8 @@ ms.localizationpriority: medium
 Surface Hub and other Windows 10 devices allow IT administrators to manage settings and policies using a mobile device management (MDM) provider. A built-in management component communicates with the management server, so there is no need to install additional clients on the device. For more information, see [Windows 10 mobile device management](https://msdn.microsoft.com/library/windows/hardware/dn914769.aspx).
 
 Surface Hub has been validated with Microsoft’s first-party MDM providers:
-- On-premises MDM with System Center Configuration Manager (beginning in version 1602)
-- Hybrid MDM with System Center Configuration Manager and Microsoft Intune
+- On-premises MDM with Microsoft Endpoint Configuration Manager (beginning in version 1602)
+- Hybrid MDM with Microsoft Endpoint Configuration Manager and Microsoft Intune
 - Microsoft Intune standalone
 
 You can also manage Surface Hubs using any third-party MDM provider that can communicate with Windows 10 using the MDM protocol.
@@ -32,7 +32,7 @@ You can enroll your Surface Hubs using bulk, manual, or automatic enrollment.
 **To configure bulk enrollment**
 - Surface Hub supports the [Provisioning CSP](https://msdn.microsoft.com/library/windows/hardware/mt203665.aspx) for bulk enrollment into MDM. For more information, see [Windows 10 bulk enrollment](https://msdn.microsoft.com/library/windows/hardware/mt613115.aspx).<br>
 --OR--
-- If you have an on-premises System Center Configuration Manager infrastructure, see [How to bulk enroll devices with On-premises Mobile Device Management in System Center Configuration Manager](https://technet.microsoft.com/library/mt627898.aspx).
+- If you have an on-premises Microsoft Endpoint Configuration Manager infrastructure, see [How to bulk enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627898.aspx).
 
 ### Manual enrollment
 **To configure manual enrollment**
@@ -52,11 +52,11 @@ Then, when devices are setup during First-run, pick the option to join to Azure
 
 ## Manage Surface Hub settings with MDM
 
-You can use MDM to manage some [Surface Hub CSP settings](#supported-surface-hub-csp-settings), and some [Windows 10 settings](#supported-windows-10-settings). Depending on the MDM provider that you use, you may set these settings using a built-in user interface, or by deploying custom SyncML. Microsoft Intune and System Center Configuration Manager provide built-in experiences to help create policy templates for Surface Hub. Refer to documentation from your MDM provider to learn how to create and deploy SyncML.
+You can use MDM to manage some [Surface Hub CSP settings](#supported-surface-hub-csp-settings), and some [Windows 10 settings](#supported-windows-10-settings). Depending on the MDM provider that you use, you may set these settings using a built-in user interface, or by deploying custom SyncML. Microsoft Intune and Microsoft Endpoint Configuration Manager provide built-in experiences to help create policy templates for Surface Hub. Refer to documentation from your MDM provider to learn how to create and deploy SyncML.
 
 ### Supported Surface Hub CSP settings
 
-You can configure the Surface Hub settings in the following table using MDM. The table identifies if the setting is supported with Microsoft Intune, System Center Configuration Manager, or SyncML.
+You can configure the Surface Hub settings in the following table using MDM. The table identifies if the setting is supported with Microsoft Intune, SMicrosoft Endpoint Configuration Manager, or SyncML.
 
 For more information, see [SurfaceHub configuration service provider](https://msdn.microsoft.com/library/windows/hardware/mt608323). 
 
@@ -92,7 +92,7 @@ For more information, see [SurfaceHub configuration service provider](https://ms
 
 In addition to Surface Hub-specific settings, there are numerous settings common to all Windows 10 devices. These settings are defined in the [Configuration service provider reference](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference). 
 
-The following tables include info on Windows 10 settings that have been validated with Surface Hub. There is a table with settings for these areas: security, browser, Windows Updates, Windows Defender, remote reboot, certificates, and logs. Each table identifies if the setting is supported with Microsoft Intune, System Center Configuration Manager, or SyncML.
+The following tables include info on Windows 10 settings that have been validated with Surface Hub. There is a table with settings for these areas: security, browser, Windows Updates, Windows Defender, remote reboot, certificates, and logs. Each table identifies if the setting is supported with Microsoft Intune, Microsoft Endpoint Configuration Manager, or SyncML.
 
 #### Security settings
 
@@ -160,10 +160,10 @@ The following tables include info on Windows 10 settings that have been validate
 
 |             Setting             |                           Details                            |                                           CSP reference                                            |                                                         Supported with<br>Intune?                                                          |                                                                  Supported with<br>Configuration Manager?                                                                  | Supported with<br>SyncML\*? |
 |---------------------------------|--------------------------------------------------------------|----------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------|
-| Install trusted CA certificates | Use to deploy trusted root and intermediate CA certificates. | [RootCATrustedCertificates CSP](https://msdn.microsoft.com/library/windows/hardware/dn904970.aspx) | Yes. <br> See [Configure Intune certificate profiles](https://docs.microsoft.com/intune/deploy-use/configure-intune-certificate-profiles). | Yes. <br> See [How to create certificate profiles in System Center Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/create-certificate-profiles). |             Yes             |
+| Install trusted CA certificates | Use to deploy trusted root and intermediate CA certificates. | [RootCATrustedCertificates CSP](https://msdn.microsoft.com/library/windows/hardware/dn904970.aspx) | Yes. <br> See [Configure Intune certificate profiles](https://docs.microsoft.com/intune/deploy-use/configure-intune-certificate-profiles). | Yes. <br> See [How to create certificate profiles in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/create-certificate-profiles). |             Yes             |
 
 <!--
-| Install client certificates  | Use to deploy Personal Information Exchange (.pfx, .p12) certificates. | [ClientCertificateInstall CSP](https://msdn.microsoft.com/library/windows/hardware/dn920023.aspx) | Yes. <br> See [How to Create and Deploy PFX Certificate Profiles in Intune Standalone](https://blogs.technet.microsoft.com/karanrustagi/2016/03/16/want-to-push-a-certificate-to-device-but-cant-use-ndes-continue-reading/). | Yes. <br> See [How to create PFX certificate profiles in System Center Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/create-pfx-certificate-profiles). | Yes |
+| Install client certificates  | Use to deploy Personal Information Exchange (.pfx, .p12) certificates. | [ClientCertificateInstall CSP](https://msdn.microsoft.com/library/windows/hardware/dn920023.aspx) | Yes. <br> See [How to Create and Deploy PFX Certificate Profiles in Intune Standalone](https://blogs.technet.microsoft.com/karanrustagi/2016/03/16/want-to-push-a-certificate-to-device-but-cant-use-ndes-continue-reading/). | Yes. <br> See [How to create PFX certificate profiles in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/create-pfx-certificate-profiles). | Yes |
 -->
 \*Settings supported with SyncML can also be configured in a Windows Configuration Designer provisioning package.
 
@@ -202,7 +202,7 @@ The following tables include info on Windows 10 settings that have been validate
 \*Settings supported with SyncML can also be configured in a Windows Configuration Designer provisioning package.
 
 ### Generate OMA URIs for settings 
-You need to use a setting’s OMA URI to create a custom policy in Intune, or a custom setting in System Center Configuration Manager.
+You need to use a setting’s OMA URI to create a custom policy in Intune, or a custom setting in Microsoft Endpoint Configuration Manager.
 
 **To generate the OMA URI for any setting in the CSP documentation**
 1. In the CSP documentation, identify the root node of the CSP. Generally, this looks like `./Vendor/MSFT/<name of CSP>` <br>
@@ -226,11 +226,11 @@ You can use Microsoft Intune to manage Surface Hub settings. For custom settings
 
 
 <span id="example-sccm">
-## Example: Manage Surface Hub settings with System Center Configuration Manager
-System Center Configuration Manager supports managing modern devices that do not require the Configuration Manager client to manage them, including Surface Hub. If you already use System Center Configuration Manager to manage other devices in your organization, you can continue to use the Configuration Manager console as your single location for managing Surface Hubs.
+## Example: Manage Surface Hub settings with  Microsoft Endpoint Configuration Manager
+Configuration Manager supports managing modern devices that do not require the Configuration Manager client to manage them, including Surface Hub. If you already use Configuration Manager to manage other devices in your organization, you can continue to use the Configuration Manager console as your single location for managing Surface Hubs.
 
 > [!NOTE]
-> These instructions are based on the current branch of System Center Configuration Manager.
+> These instructions are based on the current branch of Configuration Manager.
 
 **To create a configuration item for Surface Hub settings**
 
@@ -265,7 +265,7 @@ System Center Configuration Manager supports managing modern devices that do not
 18. When you're done, on the **Browse Settings** dialog, click **Close**.
 19. Complete the wizard. <br> You can view the new configuration item in the **Configuration Items** node of the **Assets and Compliance** workspace.
 
-For more information, see [Create configuration items for Windows 8.1 and Windows 10 devices managed without the System Center Configuration Manager client](https://docs.microsoft.com/sccm/compliance/deploy-use/create-configuration-items-for-windows-8.1-and-windows-10-devices-managed-without-the-client).
+For more information, see [Create configuration items for Windows 8.1 and Windows 10 devices managed without the Microsoft Endpoint Configuration Manager client](https://docs.microsoft.com/sccm/compliance/deploy-use/create-configuration-items-for-windows-8.1-and-windows-10-devices-managed-without-the-client).
 
 ## Related topics
 
diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 35146fcace..025f95676c 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1,6 +1,6 @@
 ---
 title: Deploy Windows 10 in a school district (Windows 10)
-description: Learn how to deploy Windows 10 in a school district. Integrate the school environment with Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD), use System Center Configuration Manager, Intune, and Group Policy to manage devices.
+description: Learn how to deploy Windows 10 in a school district. Integrate the school environment with Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD), use Microsoft Endpoint Configuration Manager, Intune, and Group Policy to manage devices.
 keywords: configure, tools, device, school district, deploy Windows 10
 ms.prod: w10
 ms.mktglfcycl: plan
@@ -20,7 +20,7 @@ manager: dansimp
 - Windows 10
 
 
-This guide shows you how to deploy the Windows 10 operating system in a school district. You learn how to deploy Windows 10 in classrooms; integrate the school environment with Microsoft Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD); and deploy Windows 10 and your apps to new devices or upgrade existing devices to Windows 10. This guide also describes how to use Microsoft System Center Configuration Manager, Microsoft Intune, and Group Policy to manage devices. Finally, the guide discusses common, ongoing maintenance tasks that you will perform after initial deployment as well as the automated tools and built-in features of the operating system.
+This guide shows you how to deploy the Windows 10 operating system in a school district. You learn how to deploy Windows 10 in classrooms; integrate the school environment with Microsoft Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD); and deploy Windows 10 and your apps to new devices or upgrade existing devices to Windows 10. This guide also describes how to use Microsoft Endpoint Configuration Manager, Microsoft Intune, and Group Policy to manage devices. Finally, the guide discusses common, ongoing maintenance tasks that you will perform after initial deployment as well as the automated tools and built-in features of the operating system.
 
 ## Prepare for district deployment
 
@@ -99,9 +99,9 @@ Now that you have the plan (blueprint) for your district and individual schools
 
 The primary tool you will use to deploy Windows 10 in your school is MDT, which uses Windows ADK components to make deployment easier. You could just use the Windows ADK to perform your deployment, but MDT simplifies the process by providing an intuitive, wizard-driven user interface (UI).
 
-You can use MDT as a stand-alone tool or integrate it with System Center Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with System Center Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as System Center Configuration Manager) but result in fully automated deployments.
+You can use MDT as a stand-alone tool or integrate it with Microsoft Endpoint Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with  Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as Configuration Manager) but result in fully automated deployments.
 
-This guide focuses on LTI deployments to deploy the reference device. You can use ZTI deployments with System Center Configuration Manager or LTI deployments to deploy the reference images to your faculty and student devices. If you want to only use MDT, see [Deploy Windows 10 in a school](https://technet.microsoft.com/edu/windows/deploy-windows-10-in-a-school).
+This guide focuses on LTI deployments to deploy the reference device. You can use ZTI deployments with Configuration Manager or LTI deployments to deploy the reference images to your faculty and student devices. If you want to only use MDT, see [Deploy Windows 10 in a school](https://technet.microsoft.com/edu/windows/deploy-windows-10-in-a-school).
 
 MDT includes the Deployment Workbench, a console from which you can manage the deployment of Windows 10 and your apps. You configure the deployment process in the Deployment Workbench, including the management of operating systems, device drivers, apps, and migration of user settings on existing devices.
 
@@ -109,11 +109,11 @@ LTI performs deployment from a *deployment share* — a network-shared folder on
 
 The focus of MDT is deployment, so you also need tools that help you manage your Windows 10 devices and apps. You can manage Windows 10 devices and apps with Intune, the Compliance Management feature in Office 365, or Group Policy in AD DS. You can use any combination of these tools based on your school requirements.
 
-ZTI performs fully automated deployments using System Center Configuration Manager and MDT. Although you could use System Center Configuration Manager by itself, using System Center Configuration Manager with MDT provides an easier process for deploying operating systems. MDT works with the operating system deployment feature in System Center Configuration Manager.
+ZTI performs fully automated deployments using Configuration Manager and MDT. Although you could use Configuration Manager by itself, using Configuration Manager with MDT provides an easier process for deploying operating systems. MDT works with the operating system deployment feature in Configuration Manager.
 
 The configuration process requires the following devices:
 
-* **Admin device.** This is the device you use for your day-to-day job functions. It’s also the one you use to create and manage the Windows 10 and app deployment process. You install the Windows ADK, MDT, and the System Center Configuration Manager Console on this device.
+* **Admin device.** This is the device you use for your day-to-day job functions. It’s also the one you use to create and manage the Windows 10 and app deployment process. You install the Windows ADK, MDT, and the Configuration Manager Console on this device.
 * **Reference devices.** These are the devices that you will use as a template for the faculty and student devices. You install Windows 10 and Windows desktop apps on these devices, and then capture an image (.wim file) of the devices.
   You will have a reference device for each type of device in your district. For example, if your district has Surface, HP Stream, Dell Inspiron, and Lenovo Yoga devices, then you would have a reference device for each model. For more information about approved Windows 10 devices, see [Explore devices](https://www.microsoft.com/windows/view-all).
 * **Faculty and staff devices.** These are the devices that the teachers, faculty, and staff use for their day-to-day job functions. You use the admin device to deploy (or upgrade) Windows 10 and apps to these devices.
@@ -133,7 +133,7 @@ The high-level process for deploying and configuring devices within individual c
 
 6. On the reference devices, deploy Windows 10 and the Windows desktop apps on the device, and then capture the reference image from the devices.
 
-7. Import the captured reference images into MDT or System Center Configuration Manager.
+7. Import the captured reference images into MDT or Microsoft Endpoint Configuration Manager.
 
 8. On the student and faculty devices, deploy Windows 10 to new or existing devices, or upgrade eligible devices to Windows 10.
 
@@ -160,9 +160,9 @@ Before you select the deployment and management methods, you need to review the
 |Scenario feature |Cloud-centric|On-premises and cloud|
 |---|---|---|
 |Identity management | Azure AD (stand-alone or integrated with on-premises AD DS)  |  AD DS integrated with Azure AD |
-|Windows 10 deployment   | MDT only  |  System Center Configuration Manager with MDT |
+|Windows 10 deployment   | MDT only  |  Microsoft Endpoint Configuration Manager with MDT |
 |Configuration setting management  | Intune  |  Group Policy<br/><br/>Intune|
-|App and update management |  Intune |System Center Configuration Manager<br/><br/>Intune|
+|App and update management |  Intune |Microsoft Endpoint Configuration Manager<br/><br/>Intune|
 
 *Table 1. Deployment and management scenarios*
 
@@ -174,14 +174,14 @@ These scenarios assume the need to support:
 Some constraints exist in these scenarios. As you select the deployment and management methods for your device, keep the following constraints in mind:
 
 * You can use Group Policy or Intune to manage configuration settings on a device but not both.
-* You can use System Center Configuration Manager or Intune to manage apps and updates on a device but not both.
+* You can use Microsoft Endpoint Configuration Manager or Intune to manage apps and updates on a device but not both.
 * You cannot manage multiple users on a device with Intune if the device is AD DS domain joined.
 
 Use the cloud-centric scenario and on-premises and cloud scenario as a guide for your district. You may need to customize these scenarios, however, based on your district. As you go through the [Select the deployment methods](#select-the-deployment-methods), [Select the configuration setting management methods](#select-the-configuration-setting-management-methods), and the [Select the app and update management products](#select-the-app-and-update-management-products) sections, remember these scenarios and use them as the basis for your district.
 
 ### Select the deployment methods
 
-To deploy Windows 10 and your apps, you can use MDT by itself or System Center Configuration Manager and MDT together. For a district, there are a few ways to deploy Windows 10 to devices. Table 2 lists the methods that this guide describes and recommends. Use this information to determine which combination of deployment methods is right for your institution.
+To deploy Windows 10 and your apps, you can use MDT by itself or Microsoft Endpoint Configuration Manager and MDT together. For a district, there are a few ways to deploy Windows 10 to devices. Table 2 lists the methods that this guide describes and recommends. Use this information to determine which combination of deployment methods is right for your institution.
 
 <table>
 <colgroup>
@@ -230,8 +230,8 @@ Select this method when you:</p>
 </tr>
 
 <tr>
-<td valign="top">System Center Configuration Manager</td>
-<td><p>System Center Configuration Manager is an on-premises solution that supports operating system management throughout the entire operating system life cycle. You can use System Center Configuration Manager to deploy and upgrade Windows 10. In addition, you can manage Windows desktop and Microsoft Store apps and software updates as well as provide antivirus and antimalware protection.<br/><br/>
+<td valign="top">Microsoft Endpoint Configuration Manager</td>
+<td><p>Configuration Manager is an on-premises solution that supports operating system management throughout the entire operating system life cycle. You can use Configuration Manager to deploy and upgrade Windows 10. In addition, you can manage Windows desktop and Microsoft Store apps and software updates as well as provide antivirus and antimalware protection.<br/><br/>
 Select this method when you:</p>
 <ul>
 <li>Want to deploy Windows 10 to institution-owned devices that are domain joined (personal devices are typically not domain joined).</li>
@@ -249,7 +249,7 @@ Select this method when you:</p>
 </ul>
 <p>The disadvantages of this method are that it:</p>
 <ul>
-<li>Carries an additional cost for System Center Configuration Manager server licenses (if the institution does not have System Center Configuration Manager already).</li>
+<li>Carries an additional cost for Microsoft Endpoint Configuration Manager server licenses (if the institution does not have Configuration Manager already).</li>
 <li>Can deploy Windows 10 only to domain-joined (institution-owned devices).</li>
 <li>Requires an AD DS infrastructure (if the institution does not have AD DS already).</li>
 </ul>
@@ -265,7 +265,7 @@ Record the deployment methods you selected in Table 3.
 |Selection | Deployment method|
 |--------- | -----------------|
 |   |MDT by itself |
-|   |System Center Configuration Manager and MDT|
+|   |Microsoft Endpoint Configuration Manager and MDT|
 
 *Table 3. Deployment methods selected*
 
@@ -320,7 +320,7 @@ Select this method when you:</p>
 <tr>
 <td valign="top">Intune</td>
 <td><p>Intune is a cloud-based management system that allows you to specify configuration settings for Windows 10, previous versions of Windows, and other operating systems (such as iOS or Android). Intune is a subscription-based cloud service that integrates with Office 365 and Azure AD.<br/><br/>
-Intune is the cloud-based management system described in this guide, but you can use other MDM providers. If you use an MDM provider other than Intune, integration with System Center Configuration Manager is unavailable.<br/><br/>
+Intune is the cloud-based management system described in this guide, but you can use other MDM providers. If you use an MDM provider other than Intune, integration with Configuration Manager is unavailable.<br/><br/>
 Select this method when you:</p>
 
 <ul>
@@ -364,7 +364,7 @@ Record the configuration setting management methods you selected in Table 5. Alt
 
 #### Select the app and update management products
 
-For a district, there are many ways to manage apps and software updates. Table 6 lists the products that this guide describes and recommends. Although you could manage updates by using [Windows Updates or Windows Server Update Services (WSUS)](https://technet.microsoft.com/windowsserver/bb332157.aspx), you still need to use System Center Configuration Manager or Intune to manage apps. Therefore, it only makes sense to use one or both of these tools for update management.
+For a district, there are many ways to manage apps and software updates. Table 6 lists the products that this guide describes and recommends. Although you could manage updates by using [Windows Updates or Windows Server Update Services (WSUS)](https://technet.microsoft.com/windowsserver/bb332157.aspx), you still need to Configuration Manager or Intune to manage apps. Therefore, it only makes sense to use one or both of these tools for update management.
 
 Use the information in Table 6 to determine which combination of app and update management products is right for your district.
 
@@ -382,10 +382,10 @@ Use the information in Table 6 to determine which combination of app and update
 <tbody>
 
 <tr>
-<td valign="top">System Center Configuration Manager</td>
-<td><p>System Center Configuration Manager is an on-premises solution that allows you to specify configuration settings for Windows 10; previous versions of Windows; and other operating systems, such as iOS or Android, through integration with Intune.<br/><br/>System Center Configuration Manager supports application management throughout the entire application life cycle. You can deploy, upgrade, manage multiple versions, and retire applications by using System Center Configuration Manager. You can also manage Windows desktop and Microsoft Store applications.<br/><br/>Select this method when you:</p>
+<td valign="top">Microsoft Endpoint Configuration Manager</td>
+<td><p>Configuration Manager is an on-premises solution that allows you to specify configuration settings for Windows 10; previous versions of Windows; and other operating systems, such as iOS or Android, through integration with Intune.<br/><br/>Configuration Manager supports application management throughout the entire application life cycle. You can deploy, upgrade, manage multiple versions, and retire applications by using Configuration Manager. You can also manage Windows desktop and Microsoft Store applications.<br/><br/>Select this method when you:</p>
 <ul>
-<li>Selected System Center Configuration Manager to deploy Windows 10.</li>
+<li>Selected Configuration Manager to deploy Windows 10.</li>
 <li>Want to manage institution-owned devices that are domain joined (personally owned devices are typically not domain joined).</li>
 <li>Want to manage AD DS domain-joined devices.</li>
 <li>Have an existing AD DS infrastructure.</li>
@@ -404,7 +404,7 @@ Use the information in Table 6 to determine which combination of app and update
 </ul>
 <p>The disadvantages of this method are that it:</p>
 <ul>
-<li>Carries an additional cost for System Center Configuration Manager server licenses (if the institution does not have System Center Configuration Manager already).</li>
+<li>Carries an additional cost for Configuration Manager server licenses (if the institution does not have Configuration Manager already).</li>
 <li>Carries an additional cost for Windows Server licenses and the corresponding server hardware.</li>
 <li>Can only manage domain-joined (institution-owned devices).</li>
 <li>Requires an AD DS infrastructure (if the institution does not have AD DS already).</li>
@@ -441,12 +441,12 @@ Select this method when you:</p>
 </tr>
 
 <tr>
-<td valign="top">System Center Configuration Manager and Intune (hybrid)</td>
-<td><p>System Center Configuration Manager and Intune together extend System Center Configuration Manager from an on-premises management system for domain-joined devices to a solution that can manage devices regardless of their location and connectivity options. This hybrid option provides the benefits of both System Center Configuration Manager and Intune.<br/><br/>
-System Center Configuration Manager and Intune in the hybrid configuration allow you to support application management throughout the entire application life cycle. You can deploy, upgrade, manage multiple versions, and retire applications by using System Center Configuration Manager, and you can manage Windows desktop and Microsoft Store applications for both institution-owned and personal devices.<br/><br/>
+<td valign="top">Microsoft Endpoint Configuration Manager and Intune (hybrid)</td>
+<td><p>Configuration Manager and Intune together extend Configuration Manager from an on-premises management system for domain-joined devices to a solution that can manage devices regardless of their location and connectivity options. This hybrid option provides the benefits of both Configuration Manager and Intune.<br/><br/>
+Configuration Manager and Intune in the hybrid configuration allow you to support application management throughout the entire application life cycle. You can deploy, upgrade, manage multiple versions, and retire applications by using Configuration Manager, and you can manage Windows desktop and Microsoft Store applications for both institution-owned and personal devices.<br/><br/>
 Select this method when you:</p>
 <ul>
-<li>Selected System Center Configuration Manager to deploy Windows 10.</li>
+<li>Selected Microsoft Endpoint Configuration Manager to deploy Windows 10.</li>
 <li>Want to manage institution-owned and personal devices (does not require that the device be domain joined).</li>
 <li>Want to manage domain-joined devices.</li>
 <li>Want to manage Azure AD domain-joined devices.</li>
@@ -466,7 +466,7 @@ Select this method when you:</p>
 </ul>
 <p>The disadvantages of this method are that it:</p>
 <ul>
-<li>Carries an additional cost for System Center Configuration Manager server licenses (if the institution does not have System Center Configuration Manager already).</li>
+<li>Carries an additional cost for Configuration Manager server licenses (if the institution does not have Configuration Manager already).</li>
 <li>Carries an additional cost for Windows Server licenses and the corresponding server hardware.</li>
 <li>Carries an additional cost for Intune subscription licenses.</li>
 <li>Requires an AD DS infrastructure (if the institution does not have AD DS already).</li>
@@ -483,9 +483,9 @@ Record the app and update management methods that you selected in Table 7.
 
 |Selection | Management method|
 |----------|------------------|
-|   |System Center Configuration Manager by itself|
+|   |Microsoft Endpoint Configuration Manager by itself|
 |   |Intune by itself|
-|   |System Center Configuration Manager and Intune (hybrid mode)|
+|   |Microsoft Endpoint Configuration Manager and Intune (hybrid mode)|
 
 *Table 7. App and update management methods selected*
 
@@ -526,19 +526,19 @@ For more information about how to create a deployment share, see [Step 3-1: Crea
 
 ### Install the Configuration Manager console
 
->**Note**&nbsp;&nbsp;If you selected System Center Configuration Manager to deploy Windows 10 or manage your devices (in the [Select the deployment methods](#select-the-deployment-methods) and [Select the configuration setting management methods](#select-the-configuration-setting-management-methods) sections, respectively), perform the steps in this section. Otherwise, skip this section and continue to the next.
+>**Note**&nbsp;&nbsp;If you selected Microsoft Endpoint Configuration Manager to deploy Windows 10 or manage your devices (in the [Select the deployment methods](#select-the-deployment-methods) and [Select the configuration setting management methods](#select-the-configuration-setting-management-methods) sections, respectively), perform the steps in this section. Otherwise, skip this section and continue to the next.
 
-You can use System Center Configuration Manager to manage Windows 10 deployments, Windows desktop apps, Microsoft Store apps, and software updates. To manage System Center Configuration Manager, you use the Configuration Manager console. You must install the Configuration Manager console on every device you use to manage System Center Configuration Manager (specifically, the admin device). The Configuration Manager console is automatically installed when you install System Center Configuration Manager primary site servers.
+You can use Configuration Manager to manage Windows 10 deployments, Windows desktop apps, Microsoft Store apps, and software updates. To manage Configuration Manager, you use the Configuration Manager console. You must install the Configuration Manager console on every device you use to manage Configuration Manager (specifically, the admin device). The Configuration Manager console is automatically installed when you install Configuration Manager primary site servers.
 
-For more information about how to install the Configuration Manager console, see [Install System Center Configuration Manager consoles](https://technet.microsoft.com/library/mt590197.aspx#bkmk_InstallConsole).
+For more information about how to install the Configuration Manager console, see [Install Microsoft Endpoint Configuration Manager consoles](https://technet.microsoft.com/library/mt590197.aspx#bkmk_InstallConsole).
 
 ### Configure MDT integration with the Configuration Manager console
 
->**Note**&nbsp;&nbsp;If you selected MDT only to deploy Windows 10 and your apps (and not System Center Configuration Manager) in the [Select the deployment methods](#select-the-deployment-methods) section, then skip this section and continue to the next.
+>**Note**&nbsp;&nbsp;If you selected MDT only to deploy Windows 10 and your apps (and not Microsoft Endpoint Configuration Manager) in the [Select the deployment methods](#select-the-deployment-methods) section, then skip this section and continue to the next.
 
-You can use MDT with System Center Configuration Manager to make ZTI operating system deployment easier. To configure MDT integration with System Center Configuration Manager, run the Configure ConfigMgr Integration Wizard. This wizard is installed when you install MDT.
+You can use MDT with Configuration Manager to make ZTI operating system deployment easier. To configure MDT integration with Configuration Manager, run the Configure ConfigMgr Integration Wizard. This wizard is installed when you install MDT.
 
-In addition to the admin device, run the Configure ConfigMgr Integration Wizard on each device that runs the Configuration Manager console to ensure that all Configuration Manager console installation can use the power of MDT–System Center Configuration Manager integration.
+In addition to the admin device, run the Configure ConfigMgr Integration Wizard on each device that runs the Configuration Manager console to ensure that all Configuration Manager console installation can use the power of MDT–Configuration Manager integration.
 
 For more information, see [Enable Configuration Manager Console Integration for Configuration Manager](https://technet.microsoft.com/library/dn759415.aspx#EnableConfigurationManagerConsoleIntegrationforConfigurationManager).
 
@@ -1077,7 +1077,7 @@ At the end of this section, you should know the Windows 10 editions and processo
 
 ## Prepare for deployment
 
-Before you can deploy Windows 10 and your apps to devices, you need to prepare your MDT environment, Windows Deployment Services, and System Center Configuration Manager (if you selected it to do operating system deployment in the [Select the deployment methods](#select-the-deployment-methods) section). In this section, you ensure that the deployment methods you selected in the [Select the deployment methods](#select-the-deployment-methods) section have the necessary Windows 10 editions and versions, Windows desktop apps, Microsoft Store apps, and device drivers.
+Before you can deploy Windows 10 and your apps to devices, you need to prepare your MDT environment, Windows Deployment Services, and Microsoft Endpoint Configuration Manager (if you selected it to do operating system deployment in the [Select the deployment methods](#select-the-deployment-methods) section). In this section, you ensure that the deployment methods you selected in the [Select the deployment methods](#select-the-deployment-methods) section have the necessary Windows 10 editions and versions, Windows desktop apps, Microsoft Store apps, and device drivers.
 
 ### Configure the MDT deployment share
 
@@ -1120,7 +1120,7 @@ Import device drivers for each device in your institution. For more information
 <li>For apps that are not offline licensed, obtain the .appx files from the app software vendor directly.</li>
 </ul>
 <br/>If you are unable to obtain the .appx files from the app software vendor, then you or the students will need to install the apps on the student devices directly from Microsoft Store or Microsoft Store for Business.<br/><br/>
-If you have Intune or System Center Configuration Manager, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the <a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a> and <a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using System Center Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using System Center Configuration Manager</a> sections. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.<br/><br/>
+If you have Intune or Microsoft Endpoint Configuration Manager, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the <a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a> and <a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a> sections. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.<br/><br/>
 In addition, you must prepare your environment for sideloading Microsoft Store apps. For more information about how to:<br/><br/>
 <ul>
 <li>Prepare your environment for sideloading, see <a href="https://technet.microsoft.com/windows/jj874388.aspx" data-raw-source="[Try it out: sideload Microsoft Store apps](https://technet.microsoft.com/windows/jj874388.aspx)">Try it out: sideload Microsoft Store apps</a>.</li>
@@ -1171,38 +1171,38 @@ For more information about how to update a deployment share, see <a href="https:
 
 *Table 16. Tasks to configure the MDT deployment share*
 
-### Configure System Center Configuration Manager
+### Configure Microsoft Endpoint Configuration Manager
 
->**Note**&nbsp;&nbsp;If you have already configured your System Center Configuration Manager infrastructure to support the operating system deployment feature or if you selected to deploy Windows 10 by using MDT only, then skip this section and continue to the next section.
+>**Note**&nbsp;&nbsp;If you have already configured your Microsoft Endpoint Configuration Manager infrastructure to support the operating system deployment feature or if you selected to deploy Windows 10 by using MDT only, then skip this section and continue to the next section.
 
-Before you can use System Center Configuration Manager to deploy Windows 10 and manage your apps and devices, you must configure System Center Configuration Manager to support the operating system deployment feature. If you don’t have an existing System Center Configuration Manager infrastructure, you will need to deploy a new infrastructure.
+Before you can use Configuration Manager to deploy Windows 10 and manage your apps and devices, you must configure Configuration Manager to support the operating system deployment feature. If you don’t have an existing Configuration Manager infrastructure, you will need to deploy a new infrastructure.
 
-Deploying a new System Center Configuration Manager infrastructure is beyond the scope of this guide, but the following resources can help you deploy a new System Center Configuration Manager infrastructure:
+Deploying a new Configuration Manager infrastructure is beyond the scope of this guide, but the following resources can help you deploy a new Configuration Manager infrastructure:
 
-* [Get ready for System Center Configuration Manager](https://technet.microsoft.com/library/mt608540.aspx)
-* [Start using System Center Configuration Manager](https://technet.microsoft.com/library/mt608544.aspx)
+* [Get ready for Configuration Manager](https://technet.microsoft.com/library/mt608540.aspx)
+* [Start using Configuration Manager](https://technet.microsoft.com/library/mt608544.aspx)
 
 
-#### To configure an existing System Center Configuration Manager infrastructure for operating system deployment
+#### To configure an existing Microsoft Endpoint Configuration Manager infrastructure for operating system deployment
 
 1. Perform any necessary infrastructure remediation.
 
-    Ensure that your existing infrastructure can support the operating system deployment feature. For more information, see [Infrastructure requirements for operating system deployment in System Center Configuration Manager](https://technet.microsoft.com/library/mt627936.aspx).
+    Ensure that your existing infrastructure can support the operating system deployment feature. For more information, see [Infrastructure requirements for operating system deployment in Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627936.aspx).
 2. Add the Windows PE boot images, Windows 10 operating systems, and other content.
 
     You need to add the Windows PE boot images, Windows 10 operating system images, and other deployment content that you will use to deploy Windows 10 with ZTI. To add this content, use the Create MDT Task Sequence Wizard.
 
-    You can add this content by using System Center Configuration Manager only (without MDT), but the Create MDT Task Sequence Wizard is the preferred method because the wizard prompts you for all the deployment content you need for a task sequence and provides a much more intuitive user experience. For more information, see [Create ZTI Task Sequences Using the Create MDT Task Sequence Wizard in Configuration Manager](https://technet.microsoft.com/library/dn759415.aspx#CreateZTITaskSequencesUsingtheCreateMDTTaskSequenceWizardinConfigurationManager).
+    You can add this content by using Microsoft Endpoint Configuration Manager only (without MDT), but the Create MDT Task Sequence Wizard is the preferred method because the wizard prompts you for all the deployment content you need for a task sequence and provides a much more intuitive user experience. For more information, see [Create ZTI Task Sequences Using the Create MDT Task Sequence Wizard in Configuration Manager](https://technet.microsoft.com/library/dn759415.aspx#CreateZTITaskSequencesUsingtheCreateMDTTaskSequenceWizardinConfigurationManager).
 3. Add device drivers.
 
     You must add device drivers for the different device types in your district. For example, if you have a mixture of Surface, HP Stream, Dell Inspiron, and Lenovo Yoga devices, then you must have the device drivers for each device.
 
-    Create a System Center Configuration Manager driver package for each device type in your district. For more information, see [Manage drivers in System Center Configuration Manager](https://technet.microsoft.com/library/mt627934.aspx).
+    Create a Microsoft Endpoint Configuration Manager driver package for each device type in your district. For more information, see [Manage drivers in Configuration Manager](https://technet.microsoft.com/library/mt627934.aspx).
 4. Add Windows apps.
 
     Install the Windows apps (Windows desktop and Microsoft Store apps) that you want to deploy after the task sequence deploys your customized image (a thick, reference image that include Windows 10 and your core Windows desktop apps). These apps are in addition to the apps included in your reference image. You can only deploy Microsoft Store apps after you deploy Windows 10 because you cannot capture Microsoft Store apps in a reference image. Microsoft Store apps target users, not devices.
 
-    Create a System Center Configuration Manager application for each Windows desktop or Microsoft Store app that you want to deploy after you apply the reference image to a device. For more information, see [Deploy and manage applications with System Center Configuration Manager](https://technet.microsoft.com/library/mt627959.aspx).
+    Create a Configuration Manager application for each Windows desktop or Microsoft Store app that you want to deploy after you apply the reference image to a device. For more information, see [Deploy and manage applications with Configuration Manager](https://technet.microsoft.com/library/mt627959.aspx).
 
 ### Configure Window Deployment Services for MDT
 
@@ -1226,13 +1226,13 @@ You can use Windows Deployment Services in conjunction with MDT to automatically
 
     For more information about how to perform this step, see [Add LTI Boot Images to Windows Deployment Services](https://technet.microsoft.com/library/dn759415.aspx#AddLTIBootImagestoWindowsDeploymentServices).
 
-### Configure Window Deployment Services for System Center Configuration Manager
+### Configure Window Deployment Services for Microsoft Endpoint Configuration Manager
 
->**Note**&nbsp;&nbsp;If you have already configured your System Center Configuration Manager infrastructure to support PXE boot or selected to deploy Windows 10 by using MDT only, then skip this section and continue to the next.
+>**Note**&nbsp;&nbsp;If you have already configured your Microsoft Endpoint Configuration Manager infrastructure to support PXE boot or selected to deploy Windows 10 by using MDT only, then skip this section and continue to the next.
 
-You can use Windows Deployment Services in conjunction with System Center Configuration to automatically initiate boot images on target devices. These boot images are Windows PE images that you use to boot the target devices, and then initiate Windows 10, app, and device driver deployment.
+You can use Windows Deployment Services in conjunction with Configuration Manager to automatically initiate boot images on target devices. These boot images are Windows PE images that you use to boot the target devices, and then initiate Windows 10, app, and device driver deployment.
 
-#### To configure Windows Deployment Services for System Center Configuration Manager
+#### To configure Windows Deployment Services for Microsoft Configuration Manager
 
 1. Set up and configure Windows Deployment Services.
 
@@ -1243,29 +1243,29 @@ You can use Windows Deployment Services in conjunction with System Center Config
     * The Windows Deployment Services Help file, included in Windows Deployment Services
     * [Windows Deployment Services Getting Started Guide for Windows Server 2012](https://technet.microsoft.com/library/jj648426.aspx)
 
-2. Configure a distribution point to accept PXE requests in System Center Configuration Manager.
+2. Configure a distribution point to accept PXE requests in Configuration Manager.
 
     To support PXE boot requests, you install the PXE service point site system role. Then, you must configure one or more distribution points to respond to PXE boot request.
-    For more information about how to perform this step, see [Install site system roles for System Center Configuration Manager](https://technet.microsoft.com/library/mt704036.aspx), [Use PXE to deploy Windows over the network with System Center Configuration Manager](https://technet.microsoft.com/library/mt627940.aspx), and [Configuring distribution points to accept PXE requests](https://technet.microsoft.com/library/mt627944.aspx#BKMK_PXEDistributionPoint).
+    For more information about how to perform this step, see [Install site system roles for Configuration Manager](https://technet.microsoft.com/library/mt704036.aspx), [Use PXE to deploy Windows over the network with Configuration Manager](https://technet.microsoft.com/library/mt627940.aspx), and [Configuring distribution points to accept PXE requests](https://technet.microsoft.com/library/mt627944.aspx#BKMK_PXEDistributionPoint).
 3. Configure the appropriate boot images (Windows PE images) to deploy from the PXE-enabled distribution point.
 
     Before a device can start a boot image from a PXE-enabled distribution point, you must change the properties of the boot image to enable PXE booting. Typically, you create this boot image when you created your MDT task sequence in the Configuration Manager console.
 
-    For more information about how to perform this step, see [Configure a boot image to deploy from a PXE-enabled distribution point](https://technet.microsoft.com/library/mt627946.aspx#BKMK_BootImagePXE) and [Manage boot images with System Center Configuration Manager](https://technet.microsoft.com/library/mt627946.aspx).
+    For more information about how to perform this step, see [Configure a boot image to deploy from a PXE-enabled distribution point](https://technet.microsoft.com/library/mt627946.aspx#BKMK_BootImagePXE) and [Manage boot images with Configuration Manager](https://technet.microsoft.com/library/mt627946.aspx).
 
 #### Summary
 
-Your MDT deployment share and System Center Configuration Manager are now ready for deployment. Windows Deployment Services is ready to initiate the LTI or ZTI deployment process. You have set up and configured Windows Deployment Services for MDT and for System Center Configuration Manager. You have also ensured that your boot images are available to Windows Deployment Services (for LTI) or the distribution points (for ZTI and System Center Configuration Manager). Now, you’re ready to capture the reference images for the different devices you have in your district.
+Your MDT deployment share and Microsoft Endpoint Configuration Manager are now ready for deployment. Windows Deployment Services is ready to initiate the LTI or ZTI deployment process. You have set up and configured Windows Deployment Services for MDT and for Configuration Manager. You have also ensured that your boot images are available to Windows Deployment Services (for LTI) or the distribution points (for ZTI and Configuration Manager). Now, you’re ready to capture the reference images for the different devices you have in your district.
 
 ## Capture the reference image
 
 The reference device is a device that you use as the template for all the other devices in your district. On this device, you install any Windows desktop apps the classroom needs. For example, install the Windows desktop apps for Office 365 ProPlus if you selected that student license plan.
 
-After you deploy Windows 10 and the desktop apps to the reference device, you capture an image of the device (the reference image). You import the reference image to an MDT deployment share or into System Center Configuration Manager. Finally, you create a task sequence to deploy the reference image to faculty and student devices.
+After you deploy Windows 10 and the desktop apps to the reference device, you capture an image of the device (the reference image). You import the reference image to an MDT deployment share or into Configuration Manager. Finally, you create a task sequence to deploy the reference image to faculty and student devices.
 
 You will capture multiple reference images, one for each type of device that you have in your organization. You perform the steps in this section for each image (device) that you have in your district. Use LTI in MDT to automate the deployment and capture of the reference image.
 
->**Note**&nbsp;&nbsp;You can use LTI in MDT or System Center Configuration Manager to automate the deployment and capture of the reference image, but this guide only discusses how to use LTI in MDT to capture the reference image.
+>**Note**&nbsp;&nbsp;You can use LTI in MDT or Configuration Manager to automate the deployment and capture of the reference image, but this guide only discusses how to use LTI in MDT to capture the reference image.
 
 ### Customize the MDT deployment share
 
@@ -1317,14 +1317,14 @@ In most instances, deployments occur without incident. Only in rare occasions do
 
 ### Import reference image
 
-After you have captured the reference image (.wim file), import the image into the MDT deployment share or into System Center Configuration Manager (depending on which method you selected to perform Windows 10 deployments). You will deploy the reference image to the student and faculty devices in your district.
+After you have captured the reference image (.wim file), import the image into the MDT deployment share or into Configuration Manager (depending on which method you selected to perform Windows 10 deployments). You will deploy the reference image to the student and faculty devices in your district.
 
 Both the Deployment Workbench and the Configuration Manager console have wizards that help you import the reference image. After you import the reference image, you need to create a task sequence that will deploy the reference image.
 
 For more information about how to import the reference image into:
 
 * An MDT deployment share, see [Import a Previously Captured Image of a Reference Computer](https://technet.microsoft.com/library/dn759415.aspx#ImportaPreviouslyCapturedImageofaReferenceComputer).
-* System Center Configuration Manager, see [Manage operating system images with System Center Configuration Manager](https://technet.microsoft.com/library/mt627939.aspx) and [Customize operating system images with System Center Configuration Manager](https://technet.microsoft.com/library/mt627938.aspx).
+* Microsoft Endpoint Configuration Manager, see [Manage operating system images with Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627939.aspx) and [Customize operating system images with Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627938.aspx).
 
 ### Create a task sequence to deploy the reference image
 
@@ -1335,22 +1335,22 @@ As you might expect, both the Deployment Workbench and the Configuration Manager
 For more information about how to create a task sequence in the:
 
 * Deployment Workbench for a deployment share, see [Create a New Task Sequence in the Deployment Workbench](https://technet.microsoft.com/library/dn759415.aspx#CreateaNewTaskSequenceintheDeploymentWorkbench).
-* Configuration Manager console, see [Create a task sequence to install an operating system in System Center Configuration Manager](https://technet.microsoft.com/library/mt627927.aspx).
+* Configuration Manager console, see [Create a task sequence to install an operating system in Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627927.aspx).
 
 #### Summary
-In this section, you customized the MDT deployment share to deploy Windows 10 and desktop apps to one or more reference devices by creating and customizing MDT applications, device drivers, and applications. Next, you ran the task sequence, which deploys Windows 10, deploys your apps, deploys the appropriate device drivers, and captures an image of the reference device. Then, you imported the captured reference image into a deployment share or System Center Configuration Manager. Finally, you created a task sequence to deploy your captured reference image to faculty and student devices. At this point in the process, you’re ready to deploy Windows 10 and your apps to your devices.
+In this section, you customized the MDT deployment share to deploy Windows 10 and desktop apps to one or more reference devices by creating and customizing MDT applications, device drivers, and applications. Next, you ran the task sequence, which deploys Windows 10, deploys your apps, deploys the appropriate device drivers, and captures an image of the reference device. Then, you imported the captured reference image into a deployment share or Microsoft Endpoint Configuration Manager. Finally, you created a task sequence to deploy your captured reference image to faculty and student devices. At this point in the process, you’re ready to deploy Windows 10 and your apps to your devices.
 
 ## Prepare for device management
 
 Before you deploy Windows 10 in your district, you must prepare for device management. You will deploy Windows 10 in a configuration that complies with your requirements, but you want to help ensure that your deployments remain compliant.
 
-You also want to deploy apps and software updates after you deploy Windows 10. You need to manage apps and updates by using System Center Configuration Manager, Intune, or a combination of both (hybrid model).
+You also want to deploy apps and software updates after you deploy Windows 10. You need to manage apps and updates by using Configuration Manager, Intune, or a combination of both (hybrid model).
 
 ### Select Microsoft-recommended settings
 
 Microsoft has several recommended settings for educational institutions. Table 17 lists them, provides a brief description of why you need to configure them, and recommends methods for configuring the settings. Review the settings in Table 17 and evaluate their relevancy to your institution.
 
->**Note**&nbsp;&nbsp;The settings for Intune in Table 17 also apply to the System Center Configuration Manager and Intune management (hybrid) method.
+>**Note**&nbsp;&nbsp;The settings for Intune in Table 17 also apply to the Configuration Manager and Intune management (hybrid) method.
 
 Use the information in Table 17 to help you determine whether you need to configure the setting and which method you will use to do so. At the end, you will have a list of settings that you want to apply to the Windows 10 devices and know which management method you will use to configure the settings.
 
@@ -1499,7 +1499,7 @@ For more information about Intune, see [Microsoft Intune Documentation](https://
 
 ### Deploy and manage apps by using Intune
 
-If you selected to deploy and manage apps by using System Center Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Deploy and manage apps by using System Center Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager) section.
+If you selected to deploy and manage apps by using Microsoft Endpoint Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager) section.
 
 You can use Intune to deploy Microsoft Store and Windows desktop apps. Intune provides improved control over which users receive specific apps. In addition, Intune allows you to deploy apps to companion devices (such as Windows 10 Mobile, iOS, or Android devices). Finally, Intune helps you manage app security and features, such as mobile application management policies that let you manage apps on devices that are not enrolled in Intune or that another solution manages.
 
@@ -1511,21 +1511,21 @@ For more information about how to configure Intune to manage your apps, see the
 - [Protect apps and data with Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/protect-apps-and-data-with-microsoft-intune)
 - [Help protect your data with full or selective wipe using Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/use-remote-wipe-to-help-protect-data-using-microsoft-intune)
 
-### Deploy and manage apps by using System Center Configuration Manager
+### Deploy and manage apps by using Microsoft Endpoint Configuration Manager
 
-You can use System Center Configuration Manager to deploy Microsoft Store and Windows desktop apps. System Center Configuration Manager allows you to create a System Center Configuration Manager application that you can use to deploy apps to different devices (such as Windows 10 desktop, Windows 10 Mobile, iOS, or Android devices) by using *deployment types*. You can think of a System Center Configuration Manager application as a box. You can think of deployment types as one or more sets of installation files and installation instructions within that box.
+You can use  Microsoft Endpoint Configuration Manager to deploy Microsoft Store and Windows desktop apps. Configuration Manager allows you to create a Configuration Manager application that you can use to deploy apps to different devices (such as Windows 10 desktop, Windows 10 Mobile, iOS, or Android devices) by using *deployment types*. You can think of a Configuration Manager application as a box. You can think of deployment types as one or more sets of installation files and installation instructions within that box.
 
 For example, you could create a Skype application that contains a deployment type for Windows 10 desktop, Windows 10 Mobile, iOS, and Android. You can deploy the one application to multiple device types.
 
->**Note**&nbsp;&nbsp;When you configure System Center Configuration Manager and Intune in a hybrid model, you deploy apps by using System Center Configuration manager as described in this section.
+>**Note**&nbsp;&nbsp;When you configure Configuration Manager and Intune in a hybrid model, you deploy apps by using Configuration Manager as described in this section.
 
-System Center Configuration Manager helps you manage apps by monitoring app installation. You can determine how many of your devices have a specific app installed. Finally, you can allow users to install apps at their discretion or make apps mandatory.
+Configuration Manager helps you manage apps by monitoring app installation. You can determine how many of your devices have a specific app installed. Finally, you can allow users to install apps at their discretion or make apps mandatory.
 
-For more information about how to configure System Center Configuration Manager to deploy and manage your apps, see [Deploy and manage applications with System Center Configuration Manager](https://technet.microsoft.com/library/mt627959.aspx).
+For more information about how to configure Configuration Manager to deploy and manage your apps, see [Deploy and manage applications with Configuration Manager](https://technet.microsoft.com/library/mt627959.aspx).
 
 ### Manage updates by using Intune
 
-If you selected to manage updates by using System Center Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Manage updates by using System Center Configuration Manager](#manage-updates-by-using-system-center-configuration-manager) section.
+If you selected to manage updates by using Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Manage updates by using Configuration Manager](#manage-updates-by-using-system-center-configuration-manager) section.
 
 To help ensure that your users have the most current features and security protection, keep Windows 10 and your apps current with updates. To configure Windows 10 and app updates, use the **Updates** workspace in Intune.
 
@@ -1536,19 +1536,19 @@ For more information about how to configure Intune to manage updates and malware
 - [Keep Windows PCs up to date with software updates in Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/keep-windows-pcs-up-to-date-with-software-updates-in-microsoft-intune)
 - [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
 
-### Manage updates by using System Center Configuration Manager
+### Manage updates by using Microsoft Endpoint Configuration Manager
 
-To ensure that your users have the most current features and security protection, use the software updates feature in System Center Configuration Manager to manage updates. The software updates feature works in conjunction with WSUS to manage updates for Windows 10 devices.
+To ensure that your users have the most current features and security protection, use the software updates feature in Configuration Manager to manage updates. The software updates feature works in conjunction with WSUS to manage updates for Windows 10 devices.
 
 You configure the software updates feature to manage updates for specific versions of Windows and apps. Then, the software updates feature obtains the updates from Windows Updates by using the WSUS server in your environment. This integration provides greater granularity of control over updates and more specific targeting of updates to users and devices (compared to WSUS alone or Intune alone), which allows you to ensure that the right user or device gets the right updates.
 
->**Note**&nbsp;&nbsp;When you configure System Center Configuration Manager and Intune in a hybrid model, you  use System Center Configuration manager to manage updates as described in this section.
+>**Note**&nbsp;&nbsp;When you configure Configuration Manager and Intune in a hybrid model, you  use Configuration manager to manage updates as described in this section.
 
-For more information about how to configure System Center Configuration Manager to manage Windows 10 and app updates, see [Deploy and manage software updates in System Center Configuration Manager](https://technet.microsoft.com/library/mt634340.aspx).
+For more information about how to configure Configuration Manager to manage Windows 10 and app updates, see [Deploy and manage software updates in Configuration Manager](https://technet.microsoft.com/library/mt634340.aspx).
 
 #### Summary
 
-In this section, you prepared your institution for device management. You identified the configuration settings that you want to use to manage your users and devices. You configured Group Policy or Intune to manage these configuration settings. You configured Intune or System Center Configuration Manager to manage your apps. Finally, you configured Intune or System Center Configuration Manager to manage software updates for Windows 10 and your apps.
+In this section, you prepared your institution for device management. You identified the configuration settings that you want to use to manage your users and devices. You configured Group Policy or Intune to manage these configuration settings. You configured Intune or Microsoft Endpoint Configuration Manager to manage your apps. Finally, you configured Intune or Microsoft Endpoint Configuration Manager to manage software updates for Windows 10 and your apps.
 
 ## Deploy Windows 10 to devices
 
@@ -1561,8 +1561,8 @@ Prior to deployment of Windows 10, complete the tasks in Table 18. Most of these
 |Task|   |
 |----|----|
 |1. |Ensure that the target devices have sufficient system resources to run Windows 10.|
-|2. |Identify the necessary devices drivers, and then import them into the MDT deployment share or System Center Configuration Manager.|
-|3. |For each Microsoft Store and Windows desktop app, create an MDT application or System Center Configuration Manager application.|
+|2. |Identify the necessary devices drivers, and then import them into the MDT deployment share or Microsoft Endpoint Configuration Manager.|
+|3. |For each Microsoft Store and Windows desktop app, create an MDT application or Configuration Manager application.|
 |4. |Notify the students and faculty about the deployment.|
 
 *Table 18. Deployment preparation checklist*
@@ -1692,7 +1692,7 @@ For more information about completing this task, see the “How do I find and re
 For more information, see:
 <ul>
 <li><a href="#manage-updates-by-using-intune" data-raw-source="[Manage updates by using Intune](#manage-updates-by-using-intune)">Manage updates by using Intune</a></li>
-<li><a href="#manage-updates-by-using-system-center-configuration-manager" data-raw-source="[Manage updates by using System Center Configuration Manager](#manage-updates-by-using-system-center-configuration-manager)">Manage updates by using System Center Configuration Manager</a></li>
+<li><a href="#manage-updates-by-using-system-center-configuration-manager" data-raw-source="[Manage updates by using Microsoft Endpoint Configuration Manager](#manage-updates-by-using-system-center-configuration-manager)">Manage updates by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td>x</td>
@@ -1728,7 +1728,7 @@ For more information about completing this task, see the following resources:
 For more information, see:
 <ul>
 <li><a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a></li>
-<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using System Center Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using System Center Configuration Manager</a></li>
+<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td></td>
@@ -1739,10 +1739,10 @@ For more information, see:
 <tr>
 <td>Install new or update existing Microsoft Store apps used in the curriculum.<br/><br/>
 Microsoft Store apps are automatically updated from Microsoft Store. The menu bar in the Microsoft Store app shows whether any Microsoft Store app updates are available for download.<br/><br/>
-You can also deploy Microsoft Store apps directly to devices by using Intune, System Center Configuration Manager, or both in a hybrid configuration. For more information, see:
+You can also deploy Microsoft Store apps directly to devices by using Intune, Microsoft Endpoint Configuration Manager, or both in a hybrid configuration. For more information, see:
 <ul>
 <li><a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a></li>
-<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using System Center Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using System Center Configuration Manager</a></li>
+<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td></td>

From d71cca8254f6be86ec1e5a612362708ade1848db Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 14:04:33 -0800
Subject: [PATCH 021/247] Added new TVM API topics

---
 .../get-all-recommendations.md                | 104 ++++++++++++++++++
 .../get-all-vulnerabilities.md                |  92 ++++++++++++++++
 .../get-machines-by-software.md               |  89 +++++++++++++++
 .../get-machines-by-vulnerability.md          |  88 +++++++++++++++
 .../get-recommendation-by-id.md               |  93 ++++++++++++++++
 .../get-recommendation-machines.md            |  81 ++++++++++++++
 .../get-recommendation-software.md            |  81 ++++++++++++++
 .../get-recommendation-vulnerabilities.md     |  90 +++++++++++++++
 .../get-software-by-id.md                     |  83 ++++++++++++++
 .../get-software-ver-distribution.md          |  86 +++++++++++++++
 .../microsoft-defender-atp/get-software.md    |  84 ++++++++++++++
 .../get-vuln-by-software.md                   |  93 ++++++++++++++++
 .../get-vulnerability-by-id.md                |  86 +++++++++++++++
 13 files changed, 1150 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-software.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
new file mode 100644
index 0000000000..34c6863e7d
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -0,0 +1,104 @@
+---
+title: List all recommendations
+description: Retrieves a list of all security recommendations affecting the organization.
+keywords: apis, graph api, supported apis, get, security recommendations, mdatp tvm api, threat and vulnerability management, threat and vulnerability management api 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List all recommendations
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a list of all security recommendations affecting the organization.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
+Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
+
+## HTTP request
+```
+GET /api/recommendations
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the list of security recommendations in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/recommendations
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations",
+    "value": [
+        {
+            "id": "va-_-microsoft-_-windows_10",
+            "productName": "windows_10",
+            "recommendationName": "Update Windows 10",
+            "weaknesses": 397,
+            "vendor": "microsoft",
+            "recommendedVersion": "",
+            "recommendationCategory": "Application",
+            "subCategory": "",
+            "severityScore": 0,
+            "publicExploit": true,
+            "activeAlert": false,
+            "associatedThreats": [
+                "3098b8ef-23b1-46b3-aed4-499e1928f9ed",
+                "40c189d5-0330-4654-a816-e48c2b7f9c4b",
+                "4b0c9702-9b6c-4ca2-9d02-1556869f56f8",
+                "e8fc2121-3cf3-4dd2-9ea0-87d7e1d2b29d",
+                "94b6e94b-0c1d-4817-ac06-c3b8639be3ab"
+            ],
+            "remediationType": "Update",
+            "status": "Active",
+            "configScoreImpact": 0,
+            "exposureImpact": 7.674418604651163,
+            "totalMachineCount": 37,
+            "exposedMachinesCount": 7,
+            "nonProductivityImpactedAssets": 0,
+            "relatedComponent": "Windows 10"
+        },
+…
+}
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
new file mode 100644
index 0000000000..01869cd89b
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -0,0 +1,92 @@
+---
+title: Get all vulnerabilities
+description: Retrieves a list of all the vulnerabilities affecting the organization
+keywords: apis, graph api, supported apis, get, vulnerability information, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get all vulnerabilities
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a list of all the vulnerabilities affecting the organization.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
+Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
+
+## HTTP request
+```
+GET /api/vulnerabilities
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the list of vulnerabilities in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Vulnerabilities
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Vulnerabilities",
+    "value": [
+        {
+            "id": "CVE-2019-0608",
+            "name": "CVE-2019-0608",
+            "description": "A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it.In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message, and then convince the user to interact with content on the website.The update addresses the vulnerability by correcting how Microsoft Browsers parses HTTP responses.",
+            "severity": "Medium",
+            "cvssV3": 4.3,
+            "exposedMachines": 4,
+            "publishedOn": "2019-10-08T00:00:00Z",
+            "updatedOn": "2019-12-16T16:20:00Z",
+            "publicExploit": false,
+            "exploitVerified": false,
+            "exploitInKit": false,
+            "exploitTypes": [],
+            "exploitUris": []
+        },
+        {
+..
+}
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
new file mode 100644
index 0000000000..dd922cae08
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -0,0 +1,89 @@
+---
+title: List machines by software
+description: Retrieve a list of machines that has this software installed.
+keywords: apis, graph api, supported apis, get, list machines, machines list, list machines by software, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List machines by software
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieve a list of machines that has this software installed
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |   Permission  |   Permission display name
+:---|:---|:---
+Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
+Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
+
+## HTTP request
+```
+GET /api/Software/{Id}/machineReferences 
+```
+
+## Request headers
+
+| Name        | Type | Description
+|:--------------|:-------|:--------------|
+| Authorization | String | Bearer {token}.**Required**.
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK and a list of machines with the software installed in the body. 
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/machineReferences
+```
+
+**Response**
+
+Here is an example of the response.
+
+```json
+
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#MachineReferences",
+    "value": [
+        {
+            "id": "7c7e1896fa39efb0a32a2cf421d837af1b9bf762",
+            "computerDnsName": "dave_desktop",
+            "osPlatform": "Windows10",
+            "rbacGroupId": 9
+        },
+        {
+            "id": "7d5cc2e7c305e4a0a290392abf6707f9888fda0d",
+            "computerDnsName": "jane_PC",
+            "osPlatform": "Windows10",
+            "rbacGroupId": 9
+        },
+…
+}
+```
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
new file mode 100644
index 0000000000..37a235d516
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@@ -0,0 +1,88 @@
+---
+title: List machines by vulnerability
+description: Retrieves a list of machines affected by a vulnerability.
+keywords: apis, graph api, supported apis, get, machines list, vulnerable machines, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List machines by vulnerability
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a list of machines affected by a vulnerability.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
+Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
+
+## HTTP request
+```
+GET /api/vulnerabilities/{cveId}/machineReferences
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the vulnerability information in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/vulnerabilities/CVE-2019-0608/machineReferences
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineReferences",
+    "value": [
+        {
+            "id": "235a2e6278c63fcf85bab9c370396972c58843de",
+            "computerDnsName": "h1mkn_PC",
+            "osPlatform": "Windows10",
+            "rbacGroupId": 1268
+        },
+        {
+            "id": "afb3f807d1a185ac66668f493af028385bfca184",
+            "computerDnsName": "chat_Desk ",
+            "osPlatform": "Windows10",
+            "rbacGroupId": 410
+        }
+    ]
+ }
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
new file mode 100644
index 0000000000..86f7eef853
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@@ -0,0 +1,93 @@
+---
+title: Get recommendation by Id
+description: Retrieves a security recommendation by its ID.
+keywords: apis, graph api, supported apis, get, security recommendation, security recommendation by ID, threat and vulnerability management, threat and vulnerability management api 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get recommendation by ID
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a security recommendation by its ID.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
+Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
+
+## HTTP request
+```
+GET /api/recommendations/{id}
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the security recommendations in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome
+```
+
+**Response**
+
+Here is an example of the response.
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations/$entity",
+    "id": "va-_-google-_-chrome",
+    "productName": "chrome",
+    "recommendationName": "Update Chrome",
+    "weaknesses": 38,
+    "vendor": "google",
+    "recommendedVersion": "",
+    "recommendationCategory": "Application",
+    "subCategory": "",
+    "severityScore": 0,
+    "publicExploit": false,
+    "activeAlert": false,
+    "associatedThreats": [],
+    "remediationType": "Update",
+    "status": "Active",
+    "configScoreImpact": 0,
+    "exposureImpact": 3.9441860465116285,
+    "totalMachineCount": 6,
+    "exposedMachinesCount": 5,
+    "nonProductivityImpactedAssets": 0,
+    "relatedComponent": "Chrome"
+}
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
new file mode 100644
index 0000000000..772dc4e34b
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -0,0 +1,81 @@
+---
+title: Get recommendation machines
+description: Retrieves a list of machines associated with the security recommendation. 
+keywords: apis, graph api, supported apis, get, security recommendation for vulnerable machines, threat and vulnerability management, threat and vulnerability management api 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get recommendation machines
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a list of machines associated with the security recommendation.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
+Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
+
+## HTTP request
+```
+GET /api/recommendations/{id}/machineReferences
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the list of machines associated with the security recommendation.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome/machineReferences
+```
+
+**Response**
+
+Here is an example of the response.
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineReferences",
+    "value": [
+        {
+            "id": "e058770379bc199a9c179ce52a23e16fd44fd2ee",
+            "computerDnsName": "niw_pc",
+            "osPlatform": "Windows10",
+            "rbacGroupId": 2154
+        },
+…
+}
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
new file mode 100644
index 0000000000..4032adfef3
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@@ -0,0 +1,81 @@
+---
+title: Get recommendation software
+description: Retrieves a security recommendation related to a specific software.
+keywords: apis, graph api, supported apis, get, security recommendation, security recommendation for software, threat and vulnerability management, threat and vulnerability management api 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get recommendation software
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a security recommendation related to a specific software.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
+Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
+
+## HTTP request
+```
+GET /api/recommendations/{id}/software
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the software associated with the security recommendations in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome/software 
+```
+
+**Response**
+
+Here is an example of the response.
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Analytics.Contracts.PublicAPI.PublicProductDto",
+    "id": "google-_-chrome",
+    "name": "chrome",
+    "vendor": "google",
+    "weaknesses": 38,
+    "publicExploit": false,
+    "activeAlert": false,
+    "exposedMachines": 5,
+    "impactScore": 3.94418621
+}
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
new file mode 100644
index 0000000000..954479aad6
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@@ -0,0 +1,90 @@
+---
+title: Get recommendation vulnerabilities
+description: Retrieves a list of vulnerabilities associated with the security recommendation.
+keywords: apis, graph api, supported apis, get, list of vulnerabilities, security recommendation, security recommendation for vulnerabilities, threat and vulnerability management, threat and vulnerability management api 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get recommendation vulnerabilities
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a list of vulnerabilities associated with the security recommendation.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
+Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
+
+## HTTP request
+```
+GET /api/recommendations/{id}/vulnerabilities
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK, with the list of vulnerabilities associated with the security recommendation.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome/vulnerabilities
+```
+
+**Response**
+
+Here is an example of the response.
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
+    "value": [
+        {
+            "id": "CVE-2019-13748",
+            "name": "CVE-2019-13748",
+            "description": "Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
+            "severity": "Medium",
+            "cvssV3": 6.5,
+            "exposedMachines": 0,
+            "publishedOn": "2019-12-10T00:00:00Z",
+            "updatedOn": "2019-12-16T12:15:00Z",
+            "publicExploit": false,
+            "exploitVerified": false,
+            "exploitInKit": false,
+            "exploitTypes": [],
+            "exploitUris": []
+        },
+…
+}
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
new file mode 100644
index 0000000000..663bac6747
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
@@ -0,0 +1,83 @@
+---
+title: Get software by Id
+description: Retrieves a list of exposure scores by machine group.
+keywords: apis, graph api, supported apis, get, software, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get software by Id
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves software details by ID
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |   Permission  |   Permission display name
+:---|:---|:---
+Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
+Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
+
+## HTTP request
+```
+GET /api/Software/{Id}
+```
+
+## Request headers
+
+| Name        | Type | Description
+|:--------------|:-------|:--------------|
+| Authorization | String | Bearer {token}.**Required**.
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the specified software data in the body. 
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge
+```
+
+**Response**
+
+Here is an example of the response.
+
+```json
+
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Software/$entity",
+    "id": "microsoft-_-edge",
+    "name": "edge",
+    "vendor": "microsoft",
+    "weaknesses": 467,
+    "publicExploit": true,
+    "activeAlert": false,
+    "exposedMachines": 172,
+    "impactScore": 2.39947438
+}
+```
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
new file mode 100644
index 0000000000..39a3275bf2
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -0,0 +1,86 @@
+---
+title: List software version distribution 
+description: Retrieves a list of your organization's software version distribution 
+keywords: apis, graph api, supported apis, get, software version distribution, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List software version distribution 
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a list of your organization's software version distribution 
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |   Permission  |   Permission display name
+:---|:---|:---
+Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
+Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
+
+## HTTP request
+```
+GET /api/Software/{Id}/distributions
+```
+
+## Request headers
+
+| Name        | Type | Description
+|:--------------|:-------|:--------------|
+| Authorization | String | Bearer {token}.**Required**.
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with a list of software distributions data in the body. 
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/distributions
+```
+
+**Response**
+
+Here is an example of the response.
+
+```json
+
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Distributions",
+    "value": [
+        {
+            "version": "11.0.17134.1039",
+            "installations": 1,
+            "vulnerabilities": 11
+        },
+        {
+            "version": "11.0.18363.535",
+            "installations": 750,
+            "vulnerabilities": 0
+        },
+…
+}
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
new file mode 100644
index 0000000000..67bfa09292
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -0,0 +1,84 @@
+---
+title: List software
+description: Retrieves a list of software inventory
+keywords: apis, graph api, supported apis, get, list, file, information, software inventory, threat & vulnerability management api, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List software inventory API
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves the organization software inventory
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |Software.Read.All |	'Read Threat and Vulnerability Management Software information'
+Delegated (work or school account) | Software.Read |	'Read Threat and Vulnerability Management Software information'
+
+## HTTP request
+```
+GET /api/Software
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the software inventory in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Software
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Software",
+    "value": [
+        {
+            "id": "microsoft-_-edge",
+            "name": "edge",
+            "vendor": "microsoft",
+            "weaknesses": 467,
+            "publicExploit": true,
+            "activeAlert": false,
+            "exposedMachines": 172,
+            "impactScore": 2.39947438
+        },
+….
+}
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
new file mode 100644
index 0000000000..6984c10ec6
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@@ -0,0 +1,93 @@
+---
+title: List vulnerabilities by software
+description: Retrieve a list of vulnerabilities in the installed software. 
+keywords: apis, graph api, supported apis, get, vulnerabilities list, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List vulnerabilities by software
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieve a list of vulnerabilities in the installed software. 
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |   Permission  |   Permission display name
+:---|:---|:---
+Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
+Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
+
+## HTTP request
+```
+GET /api/Software/{Id}/vulnerabilities
+```
+
+## Request headers
+
+| Name        | Type | Description
+|:--------------|:-------|:--------------|
+| Authorization | String | Bearer {token}.**Required**.
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with a a list of vulnerabilities exposed by the specified software. 
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/vulnerabilities 
+```
+
+**Response**
+
+Here is an example of the response.
+
+```json
+
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
+    "value": [
+        {
+            "id": "CVE-2017-0140",
+            "name": "CVE-2017-0140",
+            "description": "A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.The security update addresses the vulnerability by modifying how affected Microsoft Edge handles different-origin requests.",
+            "severity": "Medium",
+            "cvssV3": 4.2,
+            "exposedMachines": 1,
+            "publishedOn": "2017-03-14T00:00:00Z",
+            "updatedOn": "2019-10-03T00:03:00Z",
+            "publicExploit": false,
+            "exploitVerified": false,
+            "exploitInKit": false,
+            "exploitTypes": [],
+            "exploitUris": []
+        },
+
+…
+}
+```
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
new file mode 100644
index 0000000000..f87c04ae43
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@@ -0,0 +1,86 @@
+---
+title: Get vulnerability by Id
+description: Retrieves vulnerability information by its ID.
+keywords: apis, graph api, supported apis, get, vulnerability information, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get vulnerability by ID
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves vulnerability information by its ID.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application | Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
+Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
+
+## HTTP request
+```
+GET /api/vulnerabilities/{cveId}
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the vulnerability information in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/Vulnerabilities/CVE-2019-0608
+```
+
+**Response**
+
+Here is an example of the response.
+
+```
+Content-type: json
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Vulnerabilities/$entity",
+    "id": "CVE-2019-0608",
+    "name": "CVE-2019-0608",
+    "description": "A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it.In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message, and then convince the user to interact with content on the website.The update addresses the vulnerability by correcting how Microsoft Browsers parses HTTP responses.",
+    "severity": "Medium",
+    "cvssV3": 4.3,
+    "exposedMachines": 4,
+    "publishedOn": "2019-10-08T00:00:00Z",
+    "updatedOn": "2019-12-16T16:20:00Z",
+    "publicExploit": false,
+    "exploitVerified": false,
+    "exploitInKit": false,
+    "exploitTypes": [],
+    "exploitUris": []
+}
+```

From 0218a6ca9fe3f9ed025fac09d1ccf367e047ca8a Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 14:51:26 -0800
Subject: [PATCH 022/247] Added TVM API

---
 .../threat-protection/microsoft-defender-atp/preview.md         | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index c06d033182..b5bc9edc17 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -43,6 +43,8 @@ Turn on the preview experience setting to be among the first to try upcoming fea
 ## Preview features
 The following features are included in the preview release:
 
+- [Threat & Vulnerability Management API support](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list) <BR>Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and machine vulnerability inventory, software version distribution, machine vulnerability information, security recommandation information.
+ 
  - [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os) <BR>Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019.
 
  - [Threat & Vulnerability Management role-based access controls](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group) <BR> You can now use the new permissions to allow maximum flexibility to create SecOps-oriented roles, Threat & Vulnerability Management-oriented roles, or hybrid roles so only authorized users are accessing specific data to do their task. You can also achieve even further granularity by specifying whether a Threat & Vulnerability Management role can only view vulnerability-related data, or can create and manage remediation and exceptions.

From 2f0a51cdd0b644c2f906ba30d92e03a72be08888 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 14:53:17 -0800
Subject: [PATCH 023/247] Added TVM API updates

---
 .../microsoft-defender-atp/exposed-apis-list.md               | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
index c91de23386..8c836888bb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
@@ -57,6 +57,10 @@ Machines | Run API calls such as get machines, get machines by ID, information a
 Machine Actions | Run API call such as Isolation, Run anti-virus scan and more.
 Indicators | Run API call such as create Indicator, get Indicators and delete Indicators.
 Users | Run API calls such as get user related alerts and user related machines.
+Score | Run API calls such as get exposure score or get device secure score.
+Software | Run API calls such as list vulnerabilities by software.
+Vulnerability | Run API calls such as list machines by vulnerability.
+Recommendation | Run API calls such as Get recommendation by Id.
 
 ## Related topic
 - [Microsoft Defender ATP APIs](apis-intro.md)

From 3e3f11677650c357e737dea21639ad9b7f40177f Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:14:52 -0800
Subject: [PATCH 024/247] Added TVM API updates

---
 .../threat-protection/microsoft-defender-atp/machine.md       | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index a4227c1113..9c68f4125d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -28,6 +28,9 @@ Method|Return Type |Description
 [Get machine](get-machine-by-id.md) | [machine](machine.md) | Get a [machine](machine.md) by its identity.
 [Get logged on users](get-machine-log-on-users.md) | [user](user.md) collection | Get the set of [User](user.md) that logged on to the [machine](machine.md).
 [Get related alerts](get-machine-related-alerts.md) | [alert](alerts.md) collection | Get the set of [alert](alerts.md) entities that were raised on the [machine](machine.md).
+[Get installed software](get-installed-software.md) | [Software](software.md) collection | Retrieves a list of software inventory in your organization.
+[Get discovered vulnerabilities](get-discovered-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
+[Get security recommendations](get-security-recommendation.md) | [Recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 
@@ -50,3 +53,4 @@ rbacGroupName | String | RBAC Group Name.
 riskScore | Nullable Enum | Risk score as evaluated by Microsoft Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.
 aadDeviceId | Nullable Guid | AAD Device ID (when [machine](machine.md) is Aad Joined).
 machineTags | String collection | Set of [machine](machine.md) tags.
+exposureLevel | Nullable Enum | Exposure level as evaluated by Microsoft Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.

From c3e3a1371041006e50653c3b157b5636724e84cb Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:15:29 -0800
Subject: [PATCH 025/247] Added pre rel statement

---
 .../security/threat-protection/microsoft-defender-atp/machine.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index 9c68f4125d..304e43abbd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -20,6 +20,7 @@ ms.topic: article
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
+[!include[Prerelease information](../../includes/prerelease.md)]
 
 ## Methods
 Method|Return Type |Description

From 4555f820e4f70b9ee3b4449e5f0f8be938582f09 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:30:35 -0800
Subject: [PATCH 026/247] Added new topics for TVM API

---
 .../get-device-secure-score.md                | 85 +++++++++++++++++
 .../get-exposure-score.md                     | 91 ++++++++++++++++++
 .../get-machine-group-exposure-score.md       | 94 +++++++++++++++++++
 .../microsoft-defender-atp/recommendation.md  | 57 +++++++++++
 .../microsoft-defender-atp/score.md           | 75 +++++++++++++++
 .../microsoft-defender-atp/software.md        | 45 +++++++++
 .../microsoft-defender-atp/vulnerability.md   | 48 ++++++++++
 7 files changed, 495 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/recommendation.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/score.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/software.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/vulnerability.md

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
new file mode 100644
index 0000000000..7a81fe0182
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -0,0 +1,85 @@
+---
+title: Get Device Secure score
+description: Retrieves the organizational device secure score.
+keywords: apis, graph api, supported apis, get, alerts, recent
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get Device Secure score
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+Retrieves the organizational device secure score.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	Score.Read.Alll |	'Read Threat and Vulnerability Management score'
+Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability Management score'
+
+## HTTP request
+```
+GET /api/configurationScore
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK, with the with device secure score data in the response body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/configurationScore
+```
+
+[!include[Improve request performance](improve-request-performance.md)]
+
+
+**Response**
+
+Here is an example of the response.
+
+>[!NOTE]
+>The response list shown here may be truncated for brevity. 
+
+
+```json
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ConfigurationScore/$entity",
+    "time": "2019-12-03T09:15:58.1665846Z",
+    "score": 340,
+    "rbacGroupId": null
+}
+```
+
+## Related topics
+- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
new file mode 100644
index 0000000000..2ce5adf1e0
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -0,0 +1,91 @@
+---
+title: Get exposure score
+description: Retrieves the organizational exposure score.
+keywords: apis, graph api, supported apis, get, exposure score, organizational exposure score
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get exposure score
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+Retrieves the organizational exposure score.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	Score.Read.All |	'Read Threat and Vulnerability Management score'
+Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability Management score'
+
+
+## HTTP request
+```
+GET /api/exposureScore
+```
+
+## Optional query parameters
+Method supports $top, $select, $filter, $expand and $skip query parameters.
+<br>$expand is available on Files, IPs and Domains. e.g. $expand=files,domains
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK, with the exposure data in the response body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/exposureScore
+```
+
+[!include[Improve request performance](improve-request-performance.md)]
+
+
+**Response**
+
+Here is an example of the response.
+
+>[!NOTE]
+>The response list shown here may be truncated for brevity. 
+
+
+```json
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore/$entity",
+    "time": "2019-12-03T07:23:53.280499Z",
+    "score": 33.491554051195706,
+    "rbacGroupId": null
+}
+
+```
+
+## Related topics
+- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
new file mode 100644
index 0000000000..42995a2265
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@@ -0,0 +1,94 @@
+---
+title: List exposure score by machine group
+description: Retrieves a list of exposure scores by machine group.
+keywords: apis, graph api, supported apis, get, exposure score, machine group, machine group exposure score
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List exposure score by machine group
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Retrieves a collection of alerts related to a given domain address.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |   Permission  |   Permission display name
+:---|:---|:---
+Application | Score.Read.All | 'Read Threat and Vulnerability Management score'
+Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability Management score'
+
+## HTTP request
+```
+GET /api/exposureScore/ByMachineGroups
+```
+
+## Request headers
+
+| Name        | Type | Description
+|:--------------|:-------|:--------------|
+| Authorization | String | Bearer {token}.**Required**.
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK, with a list of exposure score per machine group data in the response body. 
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/exposureScore/ByMachineGroups
+```
+
+**Response**
+
+Here is an example of the response.
+
+```json
+
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore",
+    "value": [
+        {
+            "time": "2019-12-03T09:51:28.214338Z",
+            "score": 41.38041766305988,
+            "rbacGroupId": 10
+        },
+        {
+            "time": "2019-12-03T09:51:28.2143399Z",
+            "score": 37.403726933165366,
+            "rbacGroupId": 11
+        },
+        {
+            "time": "2019-12-03T09:51:28.2143407Z",
+            "score": 26.390921344426033,
+            "rbacGroupId": 9
+        },
+        {
+            "time": "2019-12-03T09:51:28.2143414Z",
+            "score": 23.58823563070858,
+            "rbacGroupId": 5
+        }
+    ]
+}
+```
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
new file mode 100644
index 0000000000..c9dfd44b5f
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -0,0 +1,57 @@
+---
+title: Recommendation methods and properties
+description: Retrieves top recent alerts.
+keywords: apis, graph api, supported apis, get, alerts, recent
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Recommendation resource type
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+## Methods
+Method |Return Type |Description
+:---|:---|:---
+[List all recommendations](get-all-recommendations.md) | Recommendation collection | 
+[Get recommendation by Id](get-recommendation-by-id.md) | Recommendation | 
+[Get recommendation software](get-recommendation-software.md)| [Software](software.md) |
+[Get recommendation machines](get-recommendation-machines.md)|MachineRef collection | 
+[Get recommendation vulnerabilities](get-recommendation-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection |  
+
+
+## Properties
+Property |	Type	|	Description
+:---|:---|:---
+id | String | 
+productName | String | 
+recommendationName | String | 
+Weaknesses | Long | 
+Vendor | String | 
+recommendedVersion | String | 
+recommendationCategory | String | 
+subCategory | String | 
+severityScore | Double | 
+publicExploit | Boolean | 
+activeAlert | Boolean | 
+associatedThreats | String collection | 
+remediationType | String | 
+Status | String | Enum
+configScoreImpact | Double | 
+exposureImpacte | Double| 
+totalMachineCount | Long | 
+exposedMachinesCount | Long | 
+nonProductivityImpactedAssets | Long | 
+relatedComponent | String |  
diff --git a/windows/security/threat-protection/microsoft-defender-atp/score.md b/windows/security/threat-protection/microsoft-defender-atp/score.md
new file mode 100644
index 0000000000..06f002a203
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/score.md
@@ -0,0 +1,75 @@
+---
+title: Score methods and properties
+description: Retrieves your organization's exposure score, device secure score, and exposure score by machine group
+keywords: apis, graph api, supported apis, score, exposure score, device secure score, exposure score by machine group
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Score resource type
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+## Methods
+Method |Return Type |Description
+:---|:---|:---
+[Get exposure score](get-exposure-score.md) | [Score](score.md) | Get the organizational exposure score.
+[Get device secure score](get-device-secure-score.md) | [Score](score.md) | Get the organizational device secure score.
+[List exposure score by machine group](get-machine-group-exposure-score.md)| [Score](score.md) | List scores by machine group.
+
+
+## Properties
+Property |	Type	|	Description
+:---|:---|:---
+Score | Double | The current score.
+Time | DateTime | The date and time in which the call for this API was made.
+RbacGroupId | Nullable Int | RBAC Group ID.
+
+
+### Response example for getting machine groups score:
+
+```
+GET https://api.securitycenter.windows.com/api/exposureScore/byMachineGroups
+```
+
+```json
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore",
+    "value": [
+        {
+            "time": "2019-12-03T07:26:49.9376328Z",
+            "score": 41.38041766305988,
+            "rbacGroupId": 10
+        },
+        {
+            "time": "2019-12-03T07:26:49.9376375Z",
+            "score": 23.58823563070858,
+            "rbacGroupId": 5
+        },
+        {
+            "time": "2019-12-03T07:26:49.9376382Z",
+            "score": 37.403726933165366,
+            "rbacGroupId": 11
+        },
+        {
+            "time": "2019-12-03T07:26:49.9376388Z",
+            "score": 26.323200116475423,
+            "rbacGroupId": 9
+        }
+    ]
+}
+ 
+
+```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
new file mode 100644
index 0000000000..36aba64d20
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -0,0 +1,45 @@
+---
+title: Software methods and properties
+description: Retrieves top recent alerts.
+keywords: apis, graph api, supported apis, get, alerts, recent
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Software resource type
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+## Methods
+Method |Return Type |Description
+:---|:---|:---
+[List software](get-software.md) | Software collection | List the organizational software inventory.
+[Get software by Id](get-software-by-id.md) | Software | Get a specific software by its software ID.
+[List software version distribution](get-software-ver-distribution.md)| Distribution collection | List software version distribution by software ID.
+[List machines by software](get-machines-by-software.md)| MachineRef collection | Retrieve a list of machines that are associated with the software ID.
+[List vulnerabilities by software](get-vuln-by-software.md) | [Vulnerability](vulnerability.md) collection | Retrieve a list of vulnerabilities associated with the software ID.
+
+## Properties
+Property |	Type	|	Description
+:---|:---|:---
+id | String | 
+Name | String | 
+Vendor | String | 
+Weaknesses | Long | 
+publicExploit | Boolean | 
+activeAlert | Boolean | 
+exposedMachines | Long | 
+impactScore | Double | 
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
new file mode 100644
index 0000000000..3be61d9006
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -0,0 +1,48 @@
+---
+title: Vulnerability methods and properties
+description: Retrieves vulnerability information
+keywords: apis, graph api, supported apis, get, vulnerability
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Vulnerability resource type
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+## Methods
+Method |Return Type |Description
+:---|:---|:---
+[Get all vulnerabilities](get-all-vulnerabilities.md) | Vulnerability collection | 
+[Get vulnerability by Id](get-vulnerability-by-id.md) | Vulnerability | 
+[List machines by vulnerability](get-machines-by-vulnerability.md)| MachineRef collection | Retrieve a list of machines that are associated with the vulnerability ID 
+
+
+## Properties
+Property |	Type	|	Description
+:---|:---|:---
+id | String | 
+Name | String | 
+Description | String | 
+Severity | String | 
+cvssV3 | Double | 
+exposedMachines | Long | 
+publishedOn | DateTime | 
+updatedOn | DateTime | 
+publicExploit | Boolean | 
+exploitVerified | Boolean | 
+exploitInKit | Boolean | 
+exploitTypes | String collection | 
+exploitUris | String collection | 

From 50f256b8ff4452751800c2765d732d9d72462ebc Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:47:18 -0800
Subject: [PATCH 027/247] Update get-device-secure-score.md

---
 .../microsoft-defender-atp/get-device-secure-score.md        | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index 7a81fe0182..d2f1bb53f5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -61,9 +61,6 @@ Here is an example of the request.
 GET https://api.securitycenter.windows.com/api/configurationScore
 ```
 
-[!include[Improve request performance](improve-request-performance.md)]
-
-
 **Response**
 
 Here is an example of the response.
@@ -82,4 +79,4 @@ Here is an example of the response.
 ```
 
 ## Related topics
-- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
\ No newline at end of file
+- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)

From 3ca2208e18c820f3d4a17169a5e5e2c3d8c845dd Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:47:58 -0800
Subject: [PATCH 028/247] Update get-exposure-score.md

---
 .../microsoft-defender-atp/get-exposure-score.md               | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index 2ce5adf1e0..b71e4ee8ec 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -66,9 +66,6 @@ Here is an example of the request.
 GET https://api.securitycenter.windows.com/api/exposureScore
 ```
 
-[!include[Improve request performance](improve-request-performance.md)]
-
-
 **Response**
 
 Here is an example of the response.

From f6c235d9a57adfbe729be5f1b0a1766beec6b689 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:54:44 -0800
Subject: [PATCH 029/247] Update machine.md

---
 .../threat-protection/microsoft-defender-atp/machine.md     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index 304e43abbd..99a215e8c1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -29,9 +29,9 @@ Method|Return Type |Description
 [Get machine](get-machine-by-id.md) | [machine](machine.md) | Get a [machine](machine.md) by its identity.
 [Get logged on users](get-machine-log-on-users.md) | [user](user.md) collection | Get the set of [User](user.md) that logged on to the [machine](machine.md).
 [Get related alerts](get-machine-related-alerts.md) | [alert](alerts.md) collection | Get the set of [alert](alerts.md) entities that were raised on the [machine](machine.md).
-[Get installed software](get-installed-software.md) | [Software](software.md) collection | Retrieves a list of software inventory in your organization.
-[Get discovered vulnerabilities](get-discovered-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
-[Get security recommendations](get-security-recommendation.md) | [Recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
+[Get installed software](get-software.md) | [Software](software.md) collection | Retrieves a list of software inventory in your organization.
+[Get discovered vulnerabilities](get-all-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
+[Get security recommendations](get-all-recommendation.md) | [Recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 

From 7cb440f17418effaa820a15a90cc10732c5b18c8 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 15:58:02 -0800
Subject: [PATCH 030/247] Added descriptions

---
 .../threat-protection/microsoft-defender-atp/vulnerability.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
index 3be61d9006..f024339c3e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -25,8 +25,8 @@ ms.topic: article
 ## Methods
 Method |Return Type |Description
 :---|:---|:---
-[Get all vulnerabilities](get-all-vulnerabilities.md) | Vulnerability collection | 
-[Get vulnerability by Id](get-vulnerability-by-id.md) | Vulnerability | 
+[Get all vulnerabilities](get-all-vulnerabilities.md) | Vulnerability collection | Retrieves a list of all the vulnerabilities affecting the organization
+[Get vulnerability by Id](get-vulnerability-by-id.md) | Vulnerability | Retrieves vulnerability information by its ID
 [List machines by vulnerability](get-machines-by-vulnerability.md)| MachineRef collection | Retrieve a list of machines that are associated with the vulnerability ID 
 
 

From d030104010b31f5ce85f03043acaee902fe1f3bd Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:00:26 -0800
Subject: [PATCH 031/247] Added descriptions

---
 .../microsoft-defender-atp/recommendation.md           | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index c9dfd44b5f..ea8cfbf381 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -25,11 +25,11 @@ ms.topic: article
 ## Methods
 Method |Return Type |Description
 :---|:---|:---
-[List all recommendations](get-all-recommendations.md) | Recommendation collection | 
-[Get recommendation by Id](get-recommendation-by-id.md) | Recommendation | 
-[Get recommendation software](get-recommendation-software.md)| [Software](software.md) |
-[Get recommendation machines](get-recommendation-machines.md)|MachineRef collection | 
-[Get recommendation vulnerabilities](get-recommendation-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection |  
+[List all recommendations](get-all-recommendations.md) | Recommendation collection | Retrieves a list of all security recommendations affecting the organization
+[Get recommendation by Id](get-recommendation-by-id.md) | Recommendation | Retrieves a security recommendation by its ID
+[Get recommendation software](get-recommendation-software.md)| [Software](software.md) | Retrieves a security recommendation related to a specific software
+[Get recommendation machines](get-recommendation-machines.md)|MachineRef collection | Retrieves a list of machines associated with the security recommendation
+[Get recommendation vulnerabilities](get-recommendation-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection | Retrieves a list of vulnerabilities associated with the security recommendation
 
 
 ## Properties

From 85fe93712636fca7b17cf9e1354d39f636335eaf Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:01:53 -0800
Subject: [PATCH 032/247] Update recommendation.md

---
 .../threat-protection/microsoft-defender-atp/recommendation.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index ea8cfbf381..2e38f54fca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -48,7 +48,7 @@ publicExploit | Boolean |
 activeAlert | Boolean | 
 associatedThreats | String collection | 
 remediationType | String | 
-Status | String | Enum
+Status | Enum | Recommendation exception status. Possible values are: “Active” and “Exception”
 configScoreImpact | Double | 
 exposureImpacte | Double| 
 totalMachineCount | Long | 

From 9f7a62f14ba66223605a1eb4b11886c49305e4d4 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:06:25 -0800
Subject: [PATCH 033/247] Update get-exposure-score.md

---
 .../microsoft-defender-atp/get-exposure-score.md              | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index b71e4ee8ec..fadf3a064a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -38,10 +38,6 @@ Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability
 GET /api/exposureScore
 ```
 
-## Optional query parameters
-Method supports $top, $select, $filter, $expand and $skip query parameters.
-<br>$expand is available on Files, IPs and Domains. e.g. $expand=files,domains
-
 ## Request headers
 
 Name | Type | Description

From f20f1097c0e04d4205b66422f8d740b8288bf093 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Tue, 7 Jan 2020 16:15:14 -0800
Subject: [PATCH 034/247] new topic

---
 .../web-content-filtering.md                  | 206 ++++++++++++++++++
 1 file changed, 206 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
new file mode 100644
index 0000000000..b1eede6e12
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -0,0 +1,206 @@
+---
+title: Monitoring web browsing security in Microsoft Defender ATP
+description: Use web protection in Microsoft Defender ATP to monitor web browsing security
+keywords: web protection, web threat protection, web browsing, monitoring, reports, cards, domain list, security, phishing, malware, exploit, websites, network protection, Edge, Internet Explorer, Chrome, Firefox, web browser 
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: lomayor
+author: lomayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+ms.date: 08/30/2019
+---
+
+# Web content filtering configuration & reporting
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
+
+Web content filtering enables you to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic due to compliance regulations, bandwidth usage, or other concerns.
+
+You can configure policies across your machine groups to block certain categories, effectively preventing users within specified machine groups from accessing URLs within that category. If a category is not blocked, all your users will be able to access the URLs without disruption, but web content filtering will continue to gather access statistics that you can use to understand web usage and inform future policy decisions.
+
+Web content filtering is available on most major web browsers, with blocks performed by SmartScreen (Edge) and Network Protection (Internet Explorer, Chrome, Firefox, and all other browsers). See the prerequisites section for more information about browser support.
+
+To summarize the benefits:
+
+- Users are prevented from accessing websites in blocked categories, whether they are browsing on-premises or away
+- You can conveniently deploy varied policies to various sets of users using the machine groups defined in the Microsoft Defender ATP role-based access control settings
+- You can access web reports in the same central location, with visibility over actual blocks and web usage
+
+## Prerequisites
+
+Before trying out this feature, make sure you have the following:
+•	Windows E5 license
+•	Access to Microsoft Defender Security Center portal
+•	 Machines running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update (for Network Protection on Internet Explorer, Edge, Chrome, or Firefox)
+•	Machines running Windows 10 May 2019 Update (version 1903) or later (for a better user experience from SmartScreen on Edge). Note that if SmartScreen is not turned on, Network Protection will take over the blocking.
+•	A valid license with a partner data provider. For details on how to acquire a license, please read the section below.
+Partner licensing
+In order to give customers access to various sources of web content categorization data, we are very excited to partner with data providers for this feature. We’ve chosen Cyren as our first partner, who we’ve worked with closely to build an integrated solution. Here’s a brief description of what they do:
+ 
+About Cyren 
+More than 1.3 billion users around the world rely on Cyren's 100% cloud security solutions to protect them against cyberattacks and data loss every day. Powered by the world's largest security cloud, Cyren (NASDAQ: CYRN) delivers fast time-to-protection with award-winning email security, cloud sandboxing and DNS filtering services for business, and threat intelligence solutions for service providers and security vendors like Microsoft, Google and Check Point. 
+About Cyren and Threat Intelligence Service for Microsoft Defender ATP
+CYREN’S URL FILTERING (URLF) INCLUDES 70 CATEGORIES, PROVIDING PARTNERS WITH THE ABILITY TO BUILD POWERFUL AND ADVANCED WEB SECURITY APPLICATIONS.
+The broad range of categories enables numerous applications: Protecting users browsing the web from threats such as malware and phishing sites; Ensuring employee productivity; Consumer services such as parental control. Cyren’s comprehensive categories provide the necessary flexibility for any implementation requirement.
+Cyren's web content classification technology is integrated by design into Microsoft Defender ATP to enable web filtering and auditing capabilities.
+Learn more at https://www.cyren.com/oem
+
+
+Signing up for a Cyren License
+Cyren is offering a 60-day free trial for all MDATP customers. To sign up, please follow the steps below from the portal.
+1.	Go to Reports > Web protection from the side nav
+ 
+2. Click the "connect to a partner" button below
+  
+3.Go through the flow from the flyout to register and connect your Cyren account. Note: a user with AAD app admin/global admin permissions is required to complete these steps
+
+
+Data handling
+For this feature, we will follow whichever region you have elected to use as part of your Microsoft Defender ATP data handling settings. Your data will not leave the data center in that region. In addition, your data will not be shared with any third-parties, including our data providers. However, we may send them aggregate data (across users and organizations) to help them improve their feeds.
+ 
+Turn on web content filtering
+From the left-hand navigation menu, select Settings. Under the section General, choose Advanced Features. Scroll down until you see the entry for Web content filtering. Switch the toggle to On, then hit the Save preferences button.
+ 
+ Configure web content filtering policies
+Web content filtering policies specify which site categories are blocked on which machine groups. To manage the policies, go to Settings > Rules > Web content filtering.
+ 
+Web content filtering settings page
+Use the filter to locate policies that contain certain blocked categories or are applied to specific machine groups. For more information on categories, see the appendix.
+Create a policy
+To add a new policy:
+1.	Click Add policy on the Web content filtering page in Settings.
+2.	Specify a name. 
+3.	Select the categories to block. Use the expand icon to fully expand each parent category and select specific web content categories.
+ 
+Selecting blocked categories during policy creation
+4.	Specify the policy scope. Select the machine groups to specify where to apply the policy. Only machines in the selected machine groups will be prevented from accessing websites in the selected categories.
+5.	Review the summary and save the policy. The policy may take up to 15 minutes to apply to your selected machines. 
+
+Note: If you are removing a policy or changing machine groups at the same time, this might cause a delay in policy deployment.
+Information worker UX
+The standard blocking experience is provided by Network Protection, which provides a system-level toast notifying the user of a blocked connection.
+For a more user-friendly experience, consider user SmartScreen on Edge, which will show the following page when blocked:
+View summary cards and reports
+ 
+Select Reports > Web protection to view the web protection reports page. The following cards provide summary information about web content filtering:
+•	Web activity by category
+•	Web content filtering summary
+For the Web activity by category card, you can view data from the following periods:
+•	Last 30 days
+•	Last 3 months
+•	Last 6 months
+Web activity by category card
+This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization.  
+Click a category name to view more information about that particular category.
+Note: In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
+Web content filtering summary card
+This card displays the distribution of blocked access attempts across the different parent web content categories. Click a colored slice to view more information about a specific parent web category.
+View report details
+The Report details page contains reports in separate tabs providing extensive statistical data about web content categories, website domains, and machine groups.
+ 
+Report details page
+Use the time range filter at the top left of the page to select a time period:
+•	1 day
+•	1 week
+•	30 days
+•	3 months
+•	6 months
+You can also use the filters on the right to filter for specific machine groups or content categories. 
+Select a row to open a flyout pane with even more information about the selected item.
+Web categories
+This report lists the web content categories that have had access attempts in your organization. 
+ 
+List of accessed web categories
+You can filter on the following:
+•	Parent category
+•	Machine group
+•	Whether the access attempt was allowed or blocked
+Clicking on a specific category will open a summary flyout. In the flyout, you will see:
+•	A graph showing the change in access attempts over your chosen time period
+•	Top ten domains in that category in terms of total access attempts. Click a domain to view more information about that domain.
+•	Top ten machines in terms of total access attempts to websites in that category. Click a machine to view more information about that machine.
+•	Policies that block websites in that category. Click Manage to view and edit the details of a policy.
+ 
+Domains
+This report lists the web domains that have been accessed or blocked in your organization.
+ 
+List of accessed website domains
+You can filter on the following:
+•	Parent category
+•	Machine group the event occurred on
+•	Whether the access attempt was allowed or blocked
+Click a specific domain to view detailed information about that domain.
+Machine groups
+This report lists all the machine groups that have generated web activity in your organization.
+ 
+Clicking on a specific machine group will open a summary flyout. In the flyout, you will see:
+•	A graph showing the change in access attempts over your chosen time period
+•	Top ten domains accessed by the selected machine group. Click a domain to view more information about that domain.
+•	Top ten machines in that machine group in terms of total access attempts. Click a machine to view more information about that machine.
+•	Top ten web content categories accessed by machines in the selected group.
+FAQ
+Q: Why am I seeing the following error when trying to connect to Cyren?
+ 
+A: You need to be logged in to an AAD account with either App administrator or Global Administrator privileges. Your IT admin would most likely either have these permissions and/or be able to grant them to you.
+Q: What exactly are the permissions the app is asking for?
+ 
+A:           i) ‘Sign in and read user profile’ allows Cyren to read your tenant info from your MDATP account, such as your tenant ID, which will be tied to your Cyren license.
+ii) ‘Read and Write Integration settings’ exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the MDATP portal.
+Appendix
+Categories
+We have grouped individual web content categories from the data provider into parent categories, making it easier for you to block and monitor closely related categories. Below is a list of categories we currently support, with their descriptions provided by Cyren.
+Adult content
+•	Cults - Sites relating to non-traditional religious practice typically known as "cults," that is, considered to be false, unorthodox, extremist, or coercive, with members often living under the direction of a charismatic leader. 
+•	Gambling - Sites that offer or are related to online gambling, lottery, casinos and betting agencies involving chance.
+•	Nudity - Sites that contain full or partial nudity that are not necessarily overtly sexual in intent. Includes sites that advertise or sell lingerie, intimate apparel, or swimwear.
+•	Pornography/Sexually Explicit - Sites that contain explicit sexual content. Includes adult products such as sex toys, CD-ROMs, and videos, adult services such as videoconferencing, escort services, and strip clubs, erotic stories and textual descriptions of sexual acts.
+•	Sex Education - Sites relating to sex education, including subjects such as respect for partner, abortion, gay and lesbian lifestyle, contraceptives, sexually transmitted diseases, and pregnancy. 
+•	Tasteless - Sites with offensive or tasteless content, including profanity.
+•	Violence - Sites that contain images or text depicting or advocating physical assault against humans, animals, or institutions. Sites of a particularly gruesome nature. Sites that contain profanity. 
+High bandwidth
+•	Download Sites - Sites that contain downloadable software, whether shareware, freeware, or for a charge. Includes some peer-to-peer sites.
+•	Image Sharing - Sites that host digital photographs and images, online photo albums and digital photo exchanges.
+•	Peer-to-Peer - Sites that enable direct exchange of files between users without dependence on a central server. 
+•	Streaming Media & Downloads - Sites that deliver streaming content, such as Internet radio, Internet TV or MP3 and live or archived media download sites. Includes fan sites, or official sites run by musicians, bands, or record labels. 
+Legal liability
+•	Child Abuse Images - Sites that portray or discuss children in sexual or other abusive acts.
+•	Criminal Activity - Sites that offer advice on how to commit illegal or criminal activities, or to avoid detection. These can include how to commit murder, build bombs, pick locks, etc. Also includes sites with information about illegal manipulation of electronic devices, hacking, fraud and illegal distribution of software. 
+•	Hacking - Sites that promote or give advice about how to gain unauthorized access to proprietary computer systems, for the purpose of stealing information, perpetrating fraud, creating viruses, or committing other illegal activity related to theft of digital inform.
+•	Hate & Intolerance - Sites that promote a supremacist political agenda, encouraging oppression of people or groups of people based on their race, religion, gender, age, disability, sexual orientation or nationality. 
+•	Illegal Drugs - Sites with information on the purchase, manufacture, and use of illegal or recreational drugs and their paraphernalia, and misuse of prescription drugs and other compounds.
+•	Illegal Software - Sites that illegally distribute software or copyrighted materials such as movies or music, software cracks, illicit serial numbers, illegal license key generators. 
+•	School Cheating - Sites that promote unethical practices such as cheating or plagiarism by providing test answers, written essays, research papers, or term papers. 
+•	Self-Harm – Sites that promote actions that are relating to harming oneself, such as suicide, anorexia, bulimia, etc.
+•	Weapons - Sites that depict, sell, review or describe guns and weapons, including for sport.
+Leisure
+•	Chat - Sites that enable web-based exchange of real-time messages through chat services or chat rooms. 
+•	Games - Sites relating to computer or other games, information about game producers, or how to obtain cheat codes. Game-related publication sites. 
+•	Instant Messaging - Sites that enable logging in to instant messaging services such as ICQ, AOL Instant Messenger, IRC, MSN, Jabber, Yahoo Messenger, and the like. 
+•	Professional Networking - Sites that enable professional networking for online communities.
+•	Social Networking - Sites that enable social networking for online communities of various topics, for friendship, or/and dating. 
+•	Web-based Email - Sites that enables users to send and receive email through a web-accessible email account.
+Uncategorized
+•	Unknown – Sites that are not yet assigned a category
+Limitations and known issues in this preview
+1.	Unassigned machines will have incorrect data shown within the report
+In the Report details > Machine groups pivot, you may see a row with a blank Machine Group field. This group contains your unassigned machines in the interim before they get put into your specified group. The report for this row may not contain an accurate count of machines or access counts.
+
+2.	The data in our reports may not be congruent with other data on the site
+We currently do not support real-time data processing for this feature, so you may see inconsistencies between the data in our reports and the URL entity page.
+
+
+
+## Related topics
+- [Web protection overview](web-protection-overview.md)
+- [Respond to web threats](web-protection-response.md)

From 0199891df647a35242eb2d4e92d409afc278f0af Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Tue, 7 Jan 2020 16:21:57 -0800
Subject: [PATCH 035/247] formatting updates

---
 .../web-content-filtering.md                  | 69 +++++++++++--------
 1 file changed, 41 insertions(+), 28 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index b1eede6e12..0a2c4e5b42 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -40,58 +40,71 @@ To summarize the benefits:
 ## Prerequisites
 
 Before trying out this feature, make sure you have the following:
-•	Windows E5 license
-•	Access to Microsoft Defender Security Center portal
-•	 Machines running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update (for Network Protection on Internet Explorer, Edge, Chrome, or Firefox)
-•	Machines running Windows 10 May 2019 Update (version 1903) or later (for a better user experience from SmartScreen on Edge). Note that if SmartScreen is not turned on, Network Protection will take over the blocking.
-•	A valid license with a partner data provider. For details on how to acquire a license, please read the section below.
-Partner licensing
+
+- Windows E5 license
+- Access to Microsoft Defender Security Center portal
+- Machines running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update (for Network Protection on Internet Explorer, Edge, Chrome, or Firefox)
+- Machines running Windows 10 May 2019 Update (version 1903) or later (for a better user experience from SmartScreen on Edge). Note that if SmartScreen is not turned on, Network Protection will take over the blocking.
+- A valid license with a partner data provider. For details on how to acquire a license, please read the section below.
+
+## Partner licensing
+
 In order to give customers access to various sources of web content categorization data, we are very excited to partner with data providers for this feature. We’ve chosen Cyren as our first partner, who we’ve worked with closely to build an integrated solution. Here’s a brief description of what they do:
  
-About Cyren 
-More than 1.3 billion users around the world rely on Cyren's 100% cloud security solutions to protect them against cyberattacks and data loss every day. Powered by the world's largest security cloud, Cyren (NASDAQ: CYRN) delivers fast time-to-protection with award-winning email security, cloud sandboxing and DNS filtering services for business, and threat intelligence solutions for service providers and security vendors like Microsoft, Google and Check Point. 
-About Cyren and Threat Intelligence Service for Microsoft Defender ATP
+### About Cyren 
+
+More than 1.3 billion users around the world rely on Cyren's 100% cloud security solutions to protect them against cyberattacks and data loss every day. Powered by the world's largest security cloud, Cyren (NASDAQ: CYRN) delivers fast time-to-protection with award-winning email security, cloud sandboxing and DNS filtering services for business, and threat intelligence solutions for service providers and security vendors like Microsoft, Google and Check Point.
+
+### About Cyren and Threat Intelligence Service for Microsoft Defender ATP
+
 CYREN’S URL FILTERING (URLF) INCLUDES 70 CATEGORIES, PROVIDING PARTNERS WITH THE ABILITY TO BUILD POWERFUL AND ADVANCED WEB SECURITY APPLICATIONS.
+
 The broad range of categories enables numerous applications: Protecting users browsing the web from threats such as malware and phishing sites; Ensuring employee productivity; Consumer services such as parental control. Cyren’s comprehensive categories provide the necessary flexibility for any implementation requirement.
+
 Cyren's web content classification technology is integrated by design into Microsoft Defender ATP to enable web filtering and auditing capabilities.
+
 Learn more at https://www.cyren.com/oem
 
+### Signing up for a Cyren License
 
-Signing up for a Cyren License
 Cyren is offering a 60-day free trial for all MDATP customers. To sign up, please follow the steps below from the portal.
+
 1.	Go to Reports > Web protection from the side nav
- 
-2. Click the "connect to a partner" button below
-  
-3.Go through the flow from the flyout to register and connect your Cyren account. Note: a user with AAD app admin/global admin permissions is required to complete these steps
+2. Click the "connect to a partner" button
+3. Go through the flow from the flyout to register and connect your Cyren account. Note: a user with AAD app admin/global admin permissions is required to complete these steps
 
+## Data handling
 
-Data handling
 For this feature, we will follow whichever region you have elected to use as part of your Microsoft Defender ATP data handling settings. Your data will not leave the data center in that region. In addition, your data will not be shared with any third-parties, including our data providers. However, we may send them aggregate data (across users and organizations) to help them improve their feeds.
- 
-Turn on web content filtering
+
+## Turn on web content filtering
+
 From the left-hand navigation menu, select Settings. Under the section General, choose Advanced Features. Scroll down until you see the entry for Web content filtering. Switch the toggle to On, then hit the Save preferences button.
- 
- Configure web content filtering policies
+
+## Configure web content filtering policies
+
 Web content filtering policies specify which site categories are blocked on which machine groups. To manage the policies, go to Settings > Rules > Web content filtering.
- 
-Web content filtering settings page
+
 Use the filter to locate policies that contain certain blocked categories or are applied to specific machine groups. For more information on categories, see the appendix.
-Create a policy
+
+### Create a policy
+
 To add a new policy:
-1.	Click Add policy on the Web content filtering page in Settings.
-2.	Specify a name. 
+
+1.	Click **Add policy** on the **Web content filtering** page in **Settings**.
+2.	Specify a name.
 3.	Select the categories to block. Use the expand icon to fully expand each parent category and select specific web content categories.
- 
-Selecting blocked categories during policy creation
 4.	Specify the policy scope. Select the machine groups to specify where to apply the policy. Only machines in the selected machine groups will be prevented from accessing websites in the selected categories.
 5.	Review the summary and save the policy. The policy may take up to 15 minutes to apply to your selected machines. 
 
 Note: If you are removing a policy or changing machine groups at the same time, this might cause a delay in policy deployment.
-Information worker UX
+
+## Information worker UX
+
 The standard blocking experience is provided by Network Protection, which provides a system-level toast notifying the user of a blocked connection.
 For a more user-friendly experience, consider user SmartScreen on Edge, which will show the following page when blocked:
-View summary cards and reports
+
+## View summary cards and reports
  
 Select Reports > Web protection to view the web protection reports page. The following cards provide summary information about web content filtering:
 •	Web activity by category

From c6210ba9ef8a75be5cba467926fd670ada08ca4a Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:23:43 -0800
Subject: [PATCH 036/247] Added TVM API topics

---
 windows/security/threat-protection/TOC.md | 28 +++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index a483760fe8..e754cac2b3 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -435,6 +435,34 @@
 ####### [Get user related alerts](microsoft-defender-atp/get-user-related-alerts.md)
 ####### [Get user related machines](microsoft-defender-atp/get-user-related-machines.md)
 
+###### [Score]()
+####### [Score methods and properties](microsoft-defender-atp/score.md)
+####### [List exposure score by machine group](microsoft-defender-atp/get-machine-group-exposure-score.md)
+####### [Get exposure score](microsoft-defender-atp/get-exposure-score.md)
+####### [Get device secure score](microsoft-defender-atp/get-device-secure-score.md)
+
+###### [Software]()
+####### [Software methods and properties](microsoft-defender-atp/software.md)
+####### [List software](get-software.md)
+####### [Get software by Id](get-software-by-id.md)
+####### [List software version distribution](get-software-ver-distribution.md)
+####### [List machines by software](get-machines-by-software.md)
+####### [List vulnerabilities by software](get-vuln-by-software.md)
+
+###### [Vulnerability]()
+####### [Vulnerability methods and properties](microsoft-defender-atp/vulnerability.md)
+####### [Get all vulnerabilities](get-all-vulnerabilities.md)
+####### [Get vulnerability by Id](get-vulnerability-by-id.md)
+####### [List machines by vulnerability](get-machines-by-vulnerability.md)
+
+###### [Recommendation]()
+####### [Recommendation methods and properties](microsoft-defender-atp/recommendation.md)
+####### [List all recommendations](get-all-recommendations.md)
+####### [Get recommendation by Id](get-recommendation-by-id.md)
+####### [Get recommendation by software](get-recommendation-software.md)
+####### [Get recommendation by machines](get-recommendation-machines.md)
+####### [Get recommendation by vulnerabilities](get-recommendation-vulnerabilities.md)
+
 ##### [How to use APIs - Samples]()
 ###### [Microsoft Flow](microsoft-defender-atp/api-microsoft-flow.md)
 ###### [Power BI](microsoft-defender-atp/api-power-bi.md)

From 9ce89bfd00b09866c447fb98304751ecc86f6cba Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:34:24 -0800
Subject: [PATCH 037/247] Update machine.md

---
 .../threat-protection/microsoft-defender-atp/machine.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index 99a215e8c1..5ae61b0e70 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -31,7 +31,7 @@ Method|Return Type |Description
 [Get related alerts](get-machine-related-alerts.md) | [alert](alerts.md) collection | Get the set of [alert](alerts.md) entities that were raised on the [machine](machine.md).
 [Get installed software](get-software.md) | [Software](software.md) collection | Retrieves a list of software inventory in your organization.
 [Get discovered vulnerabilities](get-all-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
-[Get security recommendations](get-all-recommendation.md) | [Recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
+[Get security recommendations](get-all-recommendations.md) | [Recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 

From 576d40493fc63dda1a05f074d0983f09fd96446d Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:35:01 -0800
Subject: [PATCH 038/247] Update machine.md

---
 .../threat-protection/microsoft-defender-atp/machine.md     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index 5ae61b0e70..a488cd488b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -29,9 +29,9 @@ Method|Return Type |Description
 [Get machine](get-machine-by-id.md) | [machine](machine.md) | Get a [machine](machine.md) by its identity.
 [Get logged on users](get-machine-log-on-users.md) | [user](user.md) collection | Get the set of [User](user.md) that logged on to the [machine](machine.md).
 [Get related alerts](get-machine-related-alerts.md) | [alert](alerts.md) collection | Get the set of [alert](alerts.md) entities that were raised on the [machine](machine.md).
-[Get installed software](get-software.md) | [Software](software.md) collection | Retrieves a list of software inventory in your organization.
-[Get discovered vulnerabilities](get-all-vulnerabilities.md) | [Vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
-[Get security recommendations](get-all-recommendations.md) | [Recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
+[Get installed software](get-software.md) | [software](software.md) collection | Retrieves a list of software inventory in your organization.
+[Get discovered vulnerabilities](get-all-vulnerabilities.md) | [vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
+[Get security recommendations](get-all-recommendations.md) | [recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 

From d7de8b4d66cbd49980bd4dfe4b095ce41be237e8 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:35:49 -0800
Subject: [PATCH 039/247] Added pre rel info

---
 .../threat-protection/microsoft-defender-atp/software.md        | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
index 36aba64d20..5d4dd015b2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 ## Methods
 Method |Return Type |Description
 :---|:---|:---

From fb05538330bcadabacbe2ed30abc4854133b88c6 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:36:34 -0800
Subject: [PATCH 040/247] Added pre rel info

---
 .../threat-protection/microsoft-defender-atp/vulnerability.md   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
index f024339c3e..1ab9f93f8a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 ## Methods
 Method |Return Type |Description
 :---|:---|:---

From 66291fb62ada8b1c4c8e3a6f628cd580b77d1f54 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:37:03 -0800
Subject: [PATCH 041/247] Added pre rel info

---
 .../threat-protection/microsoft-defender-atp/recommendation.md  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index 2e38f54fca..b5169fbe69 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 ## Methods
 Method |Return Type |Description
 :---|:---|:---

From bb15be19a76bebd5c0724a0c2237ca2c49adc353 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 7 Jan 2020 16:42:16 -0800
Subject: [PATCH 042/247] Updated file paths for TVM API topics

---
 windows/security/threat-protection/TOC.md | 26 +++++++++++------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index e754cac2b3..1d0ce5d117 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -443,25 +443,25 @@
 
 ###### [Software]()
 ####### [Software methods and properties](microsoft-defender-atp/software.md)
-####### [List software](get-software.md)
-####### [Get software by Id](get-software-by-id.md)
-####### [List software version distribution](get-software-ver-distribution.md)
-####### [List machines by software](get-machines-by-software.md)
-####### [List vulnerabilities by software](get-vuln-by-software.md)
+####### [List software](microsoft-defender-atp/get-software.md)
+####### [Get software by Id](microsoft-defender-atp/get-software-by-id.md)
+####### [List software version distribution](microsoft-defender-atp/get-software-ver-distribution.md)
+####### [List machines by software](microsoft-defender-atp/get-machines-by-software.md)
+####### [List vulnerabilities by software](microsoft-defender-atp/get-vuln-by-software.md)
 
 ###### [Vulnerability]()
 ####### [Vulnerability methods and properties](microsoft-defender-atp/vulnerability.md)
-####### [Get all vulnerabilities](get-all-vulnerabilities.md)
-####### [Get vulnerability by Id](get-vulnerability-by-id.md)
-####### [List machines by vulnerability](get-machines-by-vulnerability.md)
+####### [Get all vulnerabilities](microsoft-defender-atp/get-all-vulnerabilities.md)
+####### [Get vulnerability by Id](microsoft-defender-atp/get-vulnerability-by-id.md)
+####### [List machines by vulnerability](microsoft-defender-atp/get-machines-by-vulnerability.md)
 
 ###### [Recommendation]()
 ####### [Recommendation methods and properties](microsoft-defender-atp/recommendation.md)
-####### [List all recommendations](get-all-recommendations.md)
-####### [Get recommendation by Id](get-recommendation-by-id.md)
-####### [Get recommendation by software](get-recommendation-software.md)
-####### [Get recommendation by machines](get-recommendation-machines.md)
-####### [Get recommendation by vulnerabilities](get-recommendation-vulnerabilities.md)
+####### [List all recommendations](microsoft-defender-atp/get-all-recommendations.md)
+####### [Get recommendation by Id](microsoft-defender-atp/get-recommendation-by-id.md)
+####### [Get recommendation by software](microsoft-defender-atp/get-recommendation-software.md)
+####### [Get recommendation by machines](microsoft-defender-atp/get-recommendation-machines.md)
+####### [Get recommendation by vulnerabilities](microsoft-defender-atp/get-recommendation-vulnerabilities.md)
 
 ##### [How to use APIs - Samples]()
 ###### [Microsoft Flow](microsoft-defender-atp/api-microsoft-flow.md)

From 5cc7e54be6b33b743d81c048d2c736afeebde260 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 7 Jan 2020 16:44:49 -0800
Subject: [PATCH 043/247] Scorecard corrections in seven files

---
 ...efender-application-control-policy-design-decisions.md | 4 ++--
 .../wdsc-device-performance-health.md                     | 2 +-
 .../wdsc-hide-notifications.md                            | 2 +-
 .../windows-defender-security-center.md                   | 8 ++++----
 .../threat-protection/windows-security-baselines.md       | 2 +-
 .../get-support-for-security-baselines.md                 | 4 ++--
 .../windows-security-baselines.md                         | 2 +-
 7 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index 6b431212ee..2734953d67 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -62,7 +62,7 @@ Organizations with well-defined, centrally-managed app management and deployment
 | - | - |
 | All apps are centrally managed and deployed using endpoint management tools like [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for application control. WDAC options like [managed installer](use-windows-defender-application-control-with-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. |
 | Some apps are centrally managed and deployed, but teams can install additional apps for their members. | [Supplemental policies](deploy-multiple-windows-defender-application-control-policies.md) can be used to allow team-specific exceptions to your core organization-wide WDAC policy. Alternatively, teams can leverage managed installers to install their team-specific apps or admin-only file path rules can be used to allow apps installed by admin users. |
-| Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | WDAC can integrate with Microsoft's [Intelligent Security Graph](use-windows-defender-application-control-with-intelligent-security-graph.md) (the same source of intelligence that powers Windows Defender Antivirus and SmartScreen) to allow only apps and binaries that have positive reputation. |
+| Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | WDAC can integrate with Microsoft's [Intelligent Security Graph](use-windows-defender-application-control-with-intelligent-security-graph.md) (the same source of intelligence that powers Windows Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. |
 | Users and teams are free to download and install apps without restriction. | WDAC policies can be deployed in audit mode to gain insight into the apps and binaries running in your organization without impacting user and team productivity.|
 
 ### Are internally-developed line-of-business (LOB) apps and apps developed by 3rd parties digitally signed?
@@ -72,7 +72,7 @@ Traditional Win32 apps on Windows can run without being digitally signed. This p
 | Possible answers | Design considerations |
 | - | - |
 | All apps used in your organization must be signed. | Organizations that enforce [codesigning](use-code-signing-to-simplify-application-control-for-classic-windows-applications.md) for all executable code are best-positioned to protect their Windows computers from malicious code execution. WDAC rules can be created to authorize apps and binaries from the organization's internal development teams and from trusted independent software vendors (ISV). |
-| Apps used in your organization do not need to meet any codesigning requirements. | Organizations can  [use built-in Windows 10 tools](deploy-catalog-files-to-support-windows-defender-application-control.md) to add organization-specific app catalog signatures to existing apps as a part of the app deployment process which can be used to authorize code execution. Solutions like Microsoft Endpoint Manager offer multiple ways to distribute signed app catalogs. | 
+| Apps used in your organization do not need to meet any codesigning requirements. | Organizations can  [use built-in Windows 10 tools](deploy-catalog-files-to-support-windows-defender-application-control.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process which can be used to authorize code execution. Solutions like Microsoft Endpoint Manager offer multiple ways to distribute signed App Catalogs. | 
  
 ### Are there specific groups in your organization that need customized application control policies?
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
index 16cf8c2443..2ce382c919 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
@@ -34,7 +34,7 @@ In Windows 10, version 1709 and later, the section can be hidden from users of t
 
 ## Hide the Device performance & health section
 
-You can choose to hide the entire section by using Group Policy. The section will not appear on the home page of the Windows Security app, and its icon will not be shown on the navigiation bar on the side of the app.
+You can choose to hide the entire section by using Group Policy. The section will not appear on the home page of the Windows Security app, and its icon will not be shown on the navigation bar on the side of the app.
 
 This can only be done in Group Policy.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
index b8a43788fb..27bf7e7c31 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
@@ -47,7 +47,7 @@ You can only use Group Policy to change these settings.
 
 ## Use Group Policy to hide non-critical notifications
 
-You can hide notifications that describe regular events related to the health and security of the machine. These are notifications that do not require an action from the machine's user. It can be useful to hide these notifications if you find they are too numerours or you have other status reporting on a larger scale (such as Update Compliance or Microsoft Endpoint Configuration Manager reporting).
+You can hide notifications that describe regular events related to the health and security of the machine. These are notifications that do not require an action from the machine's user. It can be useful to hide these notifications if you find they are too numerous or you have other status reporting on a larger scale (such as Update Compliance or Microsoft Endpoint Configuration Manager reporting).
 
 This can only be done in Group Policy.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
index 4938625700..56b6759416 100644
--- a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
+++ b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
@@ -33,7 +33,7 @@ In Windows 10, version 1709 and later, the app also shows information from third
 
 In Windows 10, version 1803, the app has two new areas, **Account protection** and **Device security**.
 
-![Screen shot of the Windows Security app showing that the device is protected and five icons for each of the features](images/security-center-home.png)
+![Screenshot of the Windows Security app showing that the device is protected and five icons for each of the features](images/security-center-home.png)
 
 > [!NOTE]
 > The Windows Security app is a client interface on Windows 10, version 1703 and later. It is not the Microsoft Defender Security Center web portal console that is used to review and manage [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection).
@@ -63,13 +63,13 @@ You can find more information about each section, including options for configur
 
 - Click the icon in the notification area on the taskbar.
 
-    ![Screen shot of the icon for the Windows Security app on the Windows task bar](images/security-center-taskbar.png)
+    ![Screenshot of the icon for the Windows Security app on the Windows task bar](images/security-center-taskbar.png)
 - Search the Start menu for **Windows Security**.
 
-    ![Screen shot of the Start menu showing the results of a search for the Windows Security app, the first option with a large shield symbol is selected](images/security-center-start-menu.png)
+    ![Screenshot of the Start menu showing the results of a search for the Windows Security app, the first option with a large shield symbol is selected](images/security-center-start-menu.png)
 - Open an area from Windows **Settings**.
 
-    ![Screen shot of Windows Settings showing the different areas available in the Windows Security](images/settings-windows-defender-security-center-areas.png)
+    ![Screenshot of Windows Settings showing the different areas available in the Windows Security](images/settings-windows-defender-security-center-areas.png)
 
 > [!NOTE]
 > Settings configured with management tools, such as Group Policy, Microsoft Intune, or Microsoft Endpoint Configuration Manager, will generally take precedence over the settings in the Windows Security. See the topics for each of the sections for links to configuring the associated features or products.
diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index ad7b000f8c..5aff586c57 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -45,7 +45,7 @@ Security baselines are an essential benefit to customers because they bring toge
 
 For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of these 4,800 settings, only some are security-related. Although Microsoft provides extensive guidance on different security features, exploring each one can take a long time. You would have to determine the security impact of each setting on your own. Then, you would still need to determine  the appropriate value for each setting. 
 
-In modern organizations, the security threat landscape is constantly evolving, and IT pros and policy-makers must keep up with security threats and make required changes to Windows security settings to help mitigate these threats. To enable faster deployments and make managing Windows easier, Microsoft provides customers with security baselines that are available in consumable formats, such as Group Policy Objects backups.
+In modern organizations, the security threat landscape is constantly evolving, and IT pros and policy-makers must keep up with security threats and make required changes to Windows security settings to help mitigate these threats. To enable faster deployments and make managing Windows easier, Microsoft provides customers with security baselines that are available in consumable formats, such as Group Policy Objects Backups.
 
 ## How can you use security baselines? 
 
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
index 9898a9588b..b4b57d20ae 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
@@ -19,7 +19,7 @@ ms.reviewer:
 
 **What is the Microsoft Security Compliance Manager (SCM)?**
 
-The Security Compliance Manager (SCM) is now retired and is no longer supported. The reason is that SCM was an incredibly complex and large program that needed to be updated for every Windows release. It has been replaced by the Security Compliance Toolkit (SCT). To provide a better service for our customers, we have moved to SCT with which we can publish baselines through the Microsoft Download Center in a lightweight .zip file that contains GPO backups, GPO reports, Excel spreadsheets, WMI filters, and scripts to apply the settings to local policy.
+The Security Compliance Manager (SCM) is now retired and is no longer supported. The reason is that SCM was an incredibly complex and large program that needed to be updated for every Windows release. It has been replaced by the Security Compliance Toolkit (SCT). To provide a better service for our customers, we have moved to SCT with which we can publish baselines through the Microsoft Download Center in a lightweight .zip file that contains GPO Backups, GPO reports, Excel spreadsheets, WMI filters, and scripts to apply the settings to local policy.
 
 More information about this change can be found on the [Microsoft Security Guidance blog](https://blogs.technet.microsoft.com/secguide/2017/06/15/security-compliance-manager-scm-retired-new-tools-and-procedures/).
 
@@ -42,7 +42,7 @@ Not yet. PowerShell-based DSC is rapidly gaining popularity, and more DSC tools
 
 **Does SCT support the creation of Microsoft Endpoint Configuration Manager (SCCM) DCM packs?**
 
-No. A potential alternative is Desired State Configuration (DSC), a feature of the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=40855). A tool that supports conversion of GPO backups to DSC format can be found [here](https://github.com/Microsoft/BaselineManagement).
+No. A potential alternative is Desired State Configuration (DSC), a feature of the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=40855). A tool that supports conversion of GPO Backups to DSC format can be found [here](https://github.com/Microsoft/BaselineManagement).
 
 **Does SCT support the creation of Security Content Automation Protocol (SCAP)-format policies?**
 
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index c39f7df6fd..08675f0f03 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -45,7 +45,7 @@ Security baselines are an essential benefit to customers because they bring toge
 
 For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of these 4,800 settings, only some are security-related. Although Microsoft provides extensive guidance on different security features, exploring each one can take a long time. You would have to determine the security impact of each setting on your own. Then, you would still need to determine  the appropriate value for each setting. 
 
-In modern organizations, the security threat landscape is constantly evolving, and IT pros and policy-makers must keep up with security threats and make required changes to Windows security settings to help mitigate these threats. To enable faster deployments and make managing Windows easier, Microsoft provides customers with security baselines that are available in consumable formats, such as Group Policy Objects backups.
+In modern organizations, the security threat landscape is constantly evolving, and IT pros and policy-makers must keep up with security threats and make required changes to Windows security settings to help mitigate these threats. To enable faster deployments and make managing Windows easier, Microsoft provides customers with security baselines that are available in consumable formats, such as Group Policy Objects Backups.
 
 ## How can you use security baselines? 
 

From 11e09a543c94c199032751bddb8d41dd98ba0026 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 8 Jan 2020 14:48:27 -0800
Subject: [PATCH 044/247] Update software.md

---
 .../threat-protection/microsoft-defender-atp/software.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
index 5d4dd015b2..48647a6c93 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -36,7 +36,7 @@ Method |Return Type |Description
 ## Properties
 Property |	Type	|	Description
 :---|:---|:---
-id | String | 
+id | String | Software ID
 Name | String | 
 Vendor | String | 
 Weaknesses | Long | 

From 6b5e4db65b6da8fef453e7fb56f5e167a724a088 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Wed, 8 Jan 2020 15:38:24 -0800
Subject: [PATCH 045/247] formatting

---
 .../web-content-filtering.md                  | 179 +++++++++---------
 1 file changed, 86 insertions(+), 93 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index 0a2c4e5b42..f075fbd3cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -104,57 +104,37 @@ Note: If you are removing a policy or changing machine groups at the same time,
 The standard blocking experience is provided by Network Protection, which provides a system-level toast notifying the user of a blocked connection.
 For a more user-friendly experience, consider user SmartScreen on Edge, which will show the following page when blocked:
 
-## View summary cards and reports
- 
-Select Reports > Web protection to view the web protection reports page. The following cards provide summary information about web content filtering:
-•	Web activity by category
-•	Web content filtering summary
-For the Web activity by category card, you can view data from the following periods:
-•	Last 30 days
-•	Last 3 months
-•	Last 6 months
-Web activity by category card
-This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization.  
+## Web content filtering cards and details
+
+Select **Reports > Web protection** to view cards with information about web content filtering and web threat protection. The following cards provide summary information about web content filtering.
+
+### Web activity by category card
+
+This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization from last 30 days, 3 months, or 6 months.  
+
 Click a category name to view more information about that particular category.
+
 Note: In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
-Web content filtering summary card
+
+### Web content filtering summary card
+
 This card displays the distribution of blocked access attempts across the different parent web content categories. Click a colored slice to view more information about a specific parent web category.
-View report details
-The Report details page contains reports in separate tabs providing extensive statistical data about web content categories, website domains, and machine groups.
- 
-Report details page
-Use the time range filter at the top left of the page to select a time period:
-•	1 day
-•	1 week
-•	30 days
-•	3 months
-•	6 months
-You can also use the filters on the right to filter for specific machine groups or content categories. 
-Select a row to open a flyout pane with even more information about the selected item.
-Web categories
-This report lists the web content categories that have had access attempts in your organization. 
- 
-List of accessed web categories
-You can filter on the following:
-•	Parent category
-•	Machine group
-•	Whether the access attempt was allowed or blocked
-Clicking on a specific category will open a summary flyout. In the flyout, you will see:
-•	A graph showing the change in access attempts over your chosen time period
-•	Top ten domains in that category in terms of total access attempts. Click a domain to view more information about that domain.
-•	Top ten machines in terms of total access attempts to websites in that category. Click a machine to view more information about that machine.
-•	Policies that block websites in that category. Click Manage to view and edit the details of a policy.
- 
-Domains
-This report lists the web domains that have been accessed or blocked in your organization.
- 
-List of accessed website domains
-You can filter on the following:
-•	Parent category
-•	Machine group the event occurred on
-•	Whether the access attempt was allowed or blocked
-Click a specific domain to view detailed information about that domain.
-Machine groups
+
+### View card details
+
+You can access the Report details for each card by selecting a rowThe Report details page contains reports in separate tabs providing extensive statistical data about web content categories, website domains, and machine groups.
+
+Use the time range filter at the top left of the page to select a time period. You can also filter the information or customize the columns. Select a row to open a flyout pane with even more information about the selected item.
+
+
+- **Web categories**: Lists the web content categories that have had access attempts in your organization. Select a specific category to open a summary flyout.
+
+- **Domains**: Lists the web domains that have been accessed or blocked in your organization. Select a specific domain to view detailed information about that domain.
+
+This report 
+
+#### Machine groups
+
 This report lists all the machine groups that have generated web activity in your organization.
  
 Clicking on a specific machine group will open a summary flyout. In the flyout, you will see:
@@ -162,58 +142,71 @@ Clicking on a specific machine group will open a summary flyout. In the flyout,
 •	Top ten domains accessed by the selected machine group. Click a domain to view more information about that domain.
 •	Top ten machines in that machine group in terms of total access attempts. Click a machine to view more information about that machine.
 •	Top ten web content categories accessed by machines in the selected group.
-FAQ
-Q: Why am I seeing the following error when trying to connect to Cyren?
+
+## FAQ
+
+### Why am I seeing the error "Need admin approval" when trying to connect to Cyren?
+
+You need to be logged in to an AAD account with either App administrator or Global Administrator privileges. Your IT admin would most likely either have these permissions and/or be able to grant them to you.
+
+### What exactly are the permissions the app is asking for?
  
-A: You need to be logged in to an AAD account with either App administrator or Global Administrator privileges. Your IT admin would most likely either have these permissions and/or be able to grant them to you.
-Q: What exactly are the permissions the app is asking for?
- 
-A:           i) ‘Sign in and read user profile’ allows Cyren to read your tenant info from your MDATP account, such as your tenant ID, which will be tied to your Cyren license.
-ii) ‘Read and Write Integration settings’ exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the MDATP portal.
-Appendix
-Categories
+‘Sign in and read user profile’ allows Cyren to read your tenant info from your MDATP account, such as your tenant ID, which will be tied to your Cyren license.
+
+‘Read and Write Integration settings’ exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the MDATP portal.
+
+## Categories
+
 We have grouped individual web content categories from the data provider into parent categories, making it easier for you to block and monitor closely related categories. Below is a list of categories we currently support, with their descriptions provided by Cyren.
-Adult content
-•	Cults - Sites relating to non-traditional religious practice typically known as "cults," that is, considered to be false, unorthodox, extremist, or coercive, with members often living under the direction of a charismatic leader. 
-•	Gambling - Sites that offer or are related to online gambling, lottery, casinos and betting agencies involving chance.
-•	Nudity - Sites that contain full or partial nudity that are not necessarily overtly sexual in intent. Includes sites that advertise or sell lingerie, intimate apparel, or swimwear.
-•	Pornography/Sexually Explicit - Sites that contain explicit sexual content. Includes adult products such as sex toys, CD-ROMs, and videos, adult services such as videoconferencing, escort services, and strip clubs, erotic stories and textual descriptions of sexual acts.
-•	Sex Education - Sites relating to sex education, including subjects such as respect for partner, abortion, gay and lesbian lifestyle, contraceptives, sexually transmitted diseases, and pregnancy. 
-•	Tasteless - Sites with offensive or tasteless content, including profanity.
-•	Violence - Sites that contain images or text depicting or advocating physical assault against humans, animals, or institutions. Sites of a particularly gruesome nature. Sites that contain profanity. 
-High bandwidth
-•	Download Sites - Sites that contain downloadable software, whether shareware, freeware, or for a charge. Includes some peer-to-peer sites.
-•	Image Sharing - Sites that host digital photographs and images, online photo albums and digital photo exchanges.
-•	Peer-to-Peer - Sites that enable direct exchange of files between users without dependence on a central server. 
-•	Streaming Media & Downloads - Sites that deliver streaming content, such as Internet radio, Internet TV or MP3 and live or archived media download sites. Includes fan sites, or official sites run by musicians, bands, or record labels. 
-Legal liability
-•	Child Abuse Images - Sites that portray or discuss children in sexual or other abusive acts.
-•	Criminal Activity - Sites that offer advice on how to commit illegal or criminal activities, or to avoid detection. These can include how to commit murder, build bombs, pick locks, etc. Also includes sites with information about illegal manipulation of electronic devices, hacking, fraud and illegal distribution of software. 
-•	Hacking - Sites that promote or give advice about how to gain unauthorized access to proprietary computer systems, for the purpose of stealing information, perpetrating fraud, creating viruses, or committing other illegal activity related to theft of digital inform.
-•	Hate & Intolerance - Sites that promote a supremacist political agenda, encouraging oppression of people or groups of people based on their race, religion, gender, age, disability, sexual orientation or nationality. 
-•	Illegal Drugs - Sites with information on the purchase, manufacture, and use of illegal or recreational drugs and their paraphernalia, and misuse of prescription drugs and other compounds.
-•	Illegal Software - Sites that illegally distribute software or copyrighted materials such as movies or music, software cracks, illicit serial numbers, illegal license key generators. 
-•	School Cheating - Sites that promote unethical practices such as cheating or plagiarism by providing test answers, written essays, research papers, or term papers. 
-•	Self-Harm – Sites that promote actions that are relating to harming oneself, such as suicide, anorexia, bulimia, etc.
-•	Weapons - Sites that depict, sell, review or describe guns and weapons, including for sport.
+
+### Adult content
+
+-	Cults - Sites relating to non-traditional religious practice typically known as "cults," that is, considered to be false, unorthodox, extremist, or coercive, with members often living under the direction of a charismatic leader.
+-	Gambling - Sites that offer or are related to online gambling, lottery, casinos and betting agencies involving chance.
+-	Nudity - Sites that contain full or partial nudity that are not necessarily overtly sexual in intent. Includes sites that advertise or sell lingerie, intimate apparel, or swimwear.
+-	Pornography/Sexually Explicit - Sites that contain explicit sexual content. Includes adult products such as sex toys, CD-ROMs, and videos, adult services such as videoconferencing, escort services, and strip clubs, erotic stories and textual descriptions of sexual acts.
+-	Sex Education - Sites relating to sex education, including subjects such as respect for partner, abortion, gay and lesbian lifestyle, contraceptives, sexually transmitted diseases, and pregnancy.
+-	Tasteless - Sites with offensive or tasteless content, including profanity.
+-	Violence - Sites that contain images or text depicting or advocating physical assault against humans, animals, or institutions. Sites of a particularly gruesome nature. Sites that contain profanity.
+
+### High bandwidth
+
+-	Download Sites - Sites that contain downloadable software, whether shareware, freeware, or for a charge. Includes some peer-to-peer sites.
+-	Image Sharing - Sites that host digital photographs and images, online photo albums and digital photo exchanges.
+-	Peer-to-Peer - Sites that enable direct exchange of files between users without dependence on a central server.
+-	Streaming Media & Downloads - Sites that deliver streaming content, such as Internet radio, Internet TV or MP3 and live or archived media download sites. Includes fan sites, or official sites run by musicians, bands, or record labels.
+
+### Legal liability
+
+- Child Abuse Images - Sites that portray or discuss children in sexual or other abusive acts.
+- Criminal Activity - Sites that offer advice on how to commit illegal or criminal activities, or to avoid detection. These can include how to commit murder, build bombs, pick locks, etc. Also includes sites with information about illegal manipulation of electronic devices, hacking, fraud and illegal distribution of software.
+- Hacking - Sites that promote or give advice about how to gain unauthorized access to proprietary computer systems, for the purpose of stealing information, perpetrating fraud, creating viruses, or committing other illegal activity related to theft of digital inform.
+- Hate & Intolerance - Sites that promote a supremacist political agenda, encouraging oppression of people or groups of people based on their race, religion, gender, age, disability, sexual orientation or nationality.
+- Illegal Drugs - Sites with information on the purchase, manufacture, and use of illegal or recreational drugs and their paraphernalia, and misuse of prescription drugs and other compounds.
+- Illegal Software - Sites that illegally distribute software or copyrighted materials such as movies or music, software cracks, illicit serial numbers, illegal license key generators.
+- School Cheating - Sites that promote unethical practices such as cheating or plagiarism by providing test answers, written essays, research papers, or term papers.
+- Self-Harm – Sites that promote actions that are relating to harming oneself, such as suicide, anorexia, bulimia, etc.
+- Weapons - Sites that depict, sell, review or describe guns and weapons, including for sport.
 Leisure
-•	Chat - Sites that enable web-based exchange of real-time messages through chat services or chat rooms. 
-•	Games - Sites relating to computer or other games, information about game producers, or how to obtain cheat codes. Game-related publication sites. 
-•	Instant Messaging - Sites that enable logging in to instant messaging services such as ICQ, AOL Instant Messenger, IRC, MSN, Jabber, Yahoo Messenger, and the like. 
-•	Professional Networking - Sites that enable professional networking for online communities.
-•	Social Networking - Sites that enable social networking for online communities of various topics, for friendship, or/and dating. 
-•	Web-based Email - Sites that enables users to send and receive email through a web-accessible email account.
-Uncategorized
-•	Unknown – Sites that are not yet assigned a category
-Limitations and known issues in this preview
-1.	Unassigned machines will have incorrect data shown within the report
+- Chat - Sites that enable web-based exchange of real-time messages through chat services or chat rooms.
+- Games - Sites relating to computer or other games, information about game producers, or how to obtain cheat codes. Game-related publication sites.
+- Instant Messaging - Sites that enable logging in to instant messaging services such as ICQ, AOL Instant Messenger, IRC, MSN, Jabber, Yahoo Messenger, and the like.
+- Professional Networking - Sites that enable professional networking for online communities.
+- Social Networking - Sites that enable social networking for online communities of various topics, for friendship, or/and dating.
+- Web-based Email - Sites that enables users to send and receive email through a web-accessible email account.
+
+### Uncategorized
+
+- Unknown – Sites that are not yet assigned a category
+
+## Limitations and known issues in this preview
+
+1. Unassigned machines will have incorrect data shown within the report
 In the Report details > Machine groups pivot, you may see a row with a blank Machine Group field. This group contains your unassigned machines in the interim before they get put into your specified group. The report for this row may not contain an accurate count of machines or access counts.
 
-2.	The data in our reports may not be congruent with other data on the site
+2. The data in our reports may not be congruent with other data on the site
 We currently do not support real-time data processing for this feature, so you may see inconsistencies between the data in our reports and the URL entity page.
 
-
-
 ## Related topics
 - [Web protection overview](web-protection-overview.md)
 - [Respond to web threats](web-protection-response.md)

From 12ef63d839cc3bcebc8465af4988aeaed51ce67b Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Wed, 8 Jan 2020 16:13:14 -0800
Subject: [PATCH 046/247] update wording

---
 .../web-content-filtering.md                  | 189 +++++++-----------
 1 file changed, 68 insertions(+), 121 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index f075fbd3cd..e0dc5419a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -1,6 +1,6 @@
 ---
-title: Monitoring web browsing security in Microsoft Defender ATP
-description: Use web protection in Microsoft Defender ATP to monitor web browsing security
+title: Web content filtering
+description: Use web content filtering in Microsoft Defender ATP to track and regulate access to websites based on their content categories.
 keywords: web protection, web threat protection, web browsing, monitoring, reports, cards, domain list, security, phishing, malware, exploit, websites, network protection, Edge, Internet Explorer, Chrome, Firefox, web browser 
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -8,140 +8,130 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: lomayor
-author: lomayor
+ms.author: ellevin
+author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 08/30/2019
 ---
 
-# Web content filtering configuration & reporting
+# Web content filtering
 
 >[!IMPORTANT]
 >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
 
-Web content filtering enables you to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic due to compliance regulations, bandwidth usage, or other concerns.
+Web content filtering enables your organization to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic due to compliance regulations, bandwidth usage, or other concerns.
 
-You can configure policies across your machine groups to block certain categories, effectively preventing users within specified machine groups from accessing URLs within that category. If a category is not blocked, all your users will be able to access the URLs without disruption, but web content filtering will continue to gather access statistics that you can use to understand web usage and inform future policy decisions.
+You can configure policies across your machine groups to block certain categories, effectively preventing users within specified machine groups from accessing URLs within that category. If a category is not blocked, all your users will be able to access the URLs without disruption. However, web content filtering will continue to gather access statistics that you can use to understand web usage and inform future policy decisions.
 
 Web content filtering is available on most major web browsers, with blocks performed by SmartScreen (Edge) and Network Protection (Internet Explorer, Chrome, Firefox, and all other browsers). See the prerequisites section for more information about browser support.
 
 To summarize the benefits:
 
 - Users are prevented from accessing websites in blocked categories, whether they are browsing on-premises or away
-- You can conveniently deploy varied policies to various sets of users using the machine groups defined in the Microsoft Defender ATP role-based access control settings
+- You can conveniently deploy varied policies to various sets of users using the machine groups defined in the [Microsoft Defender ATP role-based access control settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/rbac)
 - You can access web reports in the same central location, with visibility over actual blocks and web usage
 
+## User experience
+
+The standard blocking experience is provided by Network Protection, which provides a system-level toast notifying the user of a blocked connection.
+For a more user-friendly experience, consider user SmartScreen on Edge
+
 ## Prerequisites
 
 Before trying out this feature, make sure you have the following:
 
-- Windows E5 license
+- Windows 10 Enterprise E5 license
 - Access to Microsoft Defender Security Center portal
 - Machines running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update (for Network Protection on Internet Explorer, Edge, Chrome, or Firefox)
 - Machines running Windows 10 May 2019 Update (version 1903) or later (for a better user experience from SmartScreen on Edge). Note that if SmartScreen is not turned on, Network Protection will take over the blocking.
-- A valid license with a partner data provider. For details on how to acquire a license, please read the section below.
-
-## Partner licensing
-
-In order to give customers access to various sources of web content categorization data, we are very excited to partner with data providers for this feature. We’ve chosen Cyren as our first partner, who we’ve worked with closely to build an integrated solution. Here’s a brief description of what they do:
- 
-### About Cyren 
-
-More than 1.3 billion users around the world rely on Cyren's 100% cloud security solutions to protect them against cyberattacks and data loss every day. Powered by the world's largest security cloud, Cyren (NASDAQ: CYRN) delivers fast time-to-protection with award-winning email security, cloud sandboxing and DNS filtering services for business, and threat intelligence solutions for service providers and security vendors like Microsoft, Google and Check Point.
-
-### About Cyren and Threat Intelligence Service for Microsoft Defender ATP
-
-CYREN’S URL FILTERING (URLF) INCLUDES 70 CATEGORIES, PROVIDING PARTNERS WITH THE ABILITY TO BUILD POWERFUL AND ADVANCED WEB SECURITY APPLICATIONS.
-
-The broad range of categories enables numerous applications: Protecting users browsing the web from threats such as malware and phishing sites; Ensuring employee productivity; Consumer services such as parental control. Cyren’s comprehensive categories provide the necessary flexibility for any implementation requirement.
-
-Cyren's web content classification technology is integrated by design into Microsoft Defender ATP to enable web filtering and auditing capabilities.
-
-Learn more at https://www.cyren.com/oem
-
-### Signing up for a Cyren License
-
-Cyren is offering a 60-day free trial for all MDATP customers. To sign up, please follow the steps below from the portal.
-
-1.	Go to Reports > Web protection from the side nav
-2. Click the "connect to a partner" button
-3. Go through the flow from the flyout to register and connect your Cyren account. Note: a user with AAD app admin/global admin permissions is required to complete these steps
+- A valid license with a partner data provider.
 
 ## Data handling
 
-For this feature, we will follow whichever region you have elected to use as part of your Microsoft Defender ATP data handling settings. Your data will not leave the data center in that region. In addition, your data will not be shared with any third-parties, including our data providers. However, we may send them aggregate data (across users and organizations) to help them improve their feeds.
+For this feature, we will follow whichever region you have elected to use as part of your [Microsoft Defender ATP data handling settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy). Your data will not leave the data center in that region. In addition, your data will not be shared with any third-parties, including our data providers. However, we may send them aggregate data (across users and organizations) to help them improve their feeds.
+
+## Partner licensing
+
+In order to give customers access to various sources of web content categorization data, we are very excited to partner with data providers for this feature. We’ve chosen [Cyren](https://www.cyren.com/threat-intelligence) as our first partner, who we’ve worked with closely to build an integrated solution.
+
+### About Cyren and Threat Intelligence Service for Microsoft Defender ATP
+
+Cyren’s URL filtering includes 70 categories, providing partners with the ability to build powerful and advanced web security applications. Cyren’s comprehensive categories provide the necessary flexibility for any implementation requirement.
+
+The broad range of categories enables numerous applications:
+
+- Protecting users browsing the web from threats such as malware and phishing sites
+- Ensuring employee productivity
+- Consumer services such as parental control
+
+Cyren's web content classification technology is integrated by design into Microsoft Defender ATP to enable web filtering and auditing capabilities.
+
+Learn more at https://www.cyren.com/products/url-filtering.
+
+### Signing up for a Cyren License
+
+Cyren is offering a 60-day free trial for all Microsoft Defender ATP customers. To sign up, please follow the steps below from the portal. 
+
+>[!NOTE]
+>A user with AAD app admin/global admin permissions is required to complete these steps.
+
+1. Go to **Reports > Web protection** from the side navigation
+2. Select the **Connect to a partner** button
+3. Go through the flow from the flyout to register and connect your Cyren account
 
 ## Turn on web content filtering
 
-From the left-hand navigation menu, select Settings. Under the section General, choose Advanced Features. Scroll down until you see the entry for Web content filtering. Switch the toggle to On, then hit the Save preferences button.
+From the left-hand navigation menu, select **Settings > General > Advanced Features**. Scroll down until you see the entry for **Web content filtering**. Switch the toggle to **On** and **Save preferences**.
 
-## Configure web content filtering policies
+### Configure web content filtering policies
 
-Web content filtering policies specify which site categories are blocked on which machine groups. To manage the policies, go to Settings > Rules > Web content filtering.
+Web content filtering policies specify which site categories are blocked on which machine groups. To manage the policies, go to **Settings > Rules > Web content filtering**.
 
-Use the filter to locate policies that contain certain blocked categories or are applied to specific machine groups. For more information on categories, see the appendix.
+Use the filter to locate policies that contain certain blocked categories or are applied to specific machine groups.
 
 ### Create a policy
 
 To add a new policy:
 
-1.	Click **Add policy** on the **Web content filtering** page in **Settings**.
-2.	Specify a name.
-3.	Select the categories to block. Use the expand icon to fully expand each parent category and select specific web content categories.
-4.	Specify the policy scope. Select the machine groups to specify where to apply the policy. Only machines in the selected machine groups will be prevented from accessing websites in the selected categories.
-5.	Review the summary and save the policy. The policy may take up to 15 minutes to apply to your selected machines. 
+1. Select **Add policy** on the **Web content filtering** page in **Settings**.
+2. Specify a name.
+3. Select the categories to block. Use the expand icon to fully expand each parent category and select specific web content categories.
+4. Specify the policy scope. Select the machine groups to specify where to apply the policy. Only machines in the selected machine groups will be prevented from accessing websites in the selected categories.
+5. Review the summary and save the policy. The policy may take up to 15 minutes to apply to your selected machines.
 
-Note: If you are removing a policy or changing machine groups at the same time, this might cause a delay in policy deployment.
-
-## Information worker UX
-
-The standard blocking experience is provided by Network Protection, which provides a system-level toast notifying the user of a blocked connection.
-For a more user-friendly experience, consider user SmartScreen on Edge, which will show the following page when blocked:
+>[!NOTE]
+>If you are removing a policy or changing machine groups at the same time, this might cause a delay in policy deployment.
 
 ## Web content filtering cards and details
 
 Select **Reports > Web protection** to view cards with information about web content filtering and web threat protection. The following cards provide summary information about web content filtering.
 
-### Web activity by category card
+### Web activity by category
 
-This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization from last 30 days, 3 months, or 6 months.  
+This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization from last 30 days, 3 months, or 6 months. Select a category name to view more information about that particular category.
 
-Click a category name to view more information about that particular category.
-
-Note: In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
+In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
 
 ### Web content filtering summary card
 
-This card displays the distribution of blocked access attempts across the different parent web content categories. Click a colored slice to view more information about a specific parent web category.
+This card displays the distribution of blocked access attempts across the different parent web content categories. Select one of the colored bars to view more information about a specific parent web category.
 
 ### View card details
 
-You can access the Report details for each card by selecting a rowThe Report details page contains reports in separate tabs providing extensive statistical data about web content categories, website domains, and machine groups.
-
-Use the time range filter at the top left of the page to select a time period. You can also filter the information or customize the columns. Select a row to open a flyout pane with even more information about the selected item.
-
+You can access the **Report details** for each card by selecting a table row or colored bar from the chart in the card. The report details page for each card contains extensive statistical data about web content categories, website domains, and machine groups.
 
 - **Web categories**: Lists the web content categories that have had access attempts in your organization. Select a specific category to open a summary flyout.
 
 - **Domains**: Lists the web domains that have been accessed or blocked in your organization. Select a specific domain to view detailed information about that domain.
 
-This report 
+- **Machine groups**: Lists all the machine groups that have generated web activity in your organization
 
-#### Machine groups
-
-This report lists all the machine groups that have generated web activity in your organization.
- 
-Clicking on a specific machine group will open a summary flyout. In the flyout, you will see:
-•	A graph showing the change in access attempts over your chosen time period
-•	Top ten domains accessed by the selected machine group. Click a domain to view more information about that domain.
-•	Top ten machines in that machine group in terms of total access attempts. Click a machine to view more information about that machine.
-•	Top ten web content categories accessed by machines in the selected group.
+Use the time range filter at the top left of the page to select a time period. You can also filter the information or customize the columns. Select a row to open a flyout pane with even more information about the selected item.
 
 ## FAQ
 
@@ -150,63 +140,20 @@ Clicking on a specific machine group will open a summary flyout. In the flyout,
 You need to be logged in to an AAD account with either App administrator or Global Administrator privileges. Your IT admin would most likely either have these permissions and/or be able to grant them to you.
 
 ### What exactly are the permissions the app is asking for?
- 
-‘Sign in and read user profile’ allows Cyren to read your tenant info from your MDATP account, such as your tenant ID, which will be tied to your Cyren license.
 
-‘Read and Write Integration settings’ exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the MDATP portal.
+"Sign in and read user profile" allows Cyren to read your tenant info from your MDATP account, such as your tenant ID, which will be tied to your Cyren license.
 
-## Categories
-
-We have grouped individual web content categories from the data provider into parent categories, making it easier for you to block and monitor closely related categories. Below is a list of categories we currently support, with their descriptions provided by Cyren.
-
-### Adult content
-
--	Cults - Sites relating to non-traditional religious practice typically known as "cults," that is, considered to be false, unorthodox, extremist, or coercive, with members often living under the direction of a charismatic leader.
--	Gambling - Sites that offer or are related to online gambling, lottery, casinos and betting agencies involving chance.
--	Nudity - Sites that contain full or partial nudity that are not necessarily overtly sexual in intent. Includes sites that advertise or sell lingerie, intimate apparel, or swimwear.
--	Pornography/Sexually Explicit - Sites that contain explicit sexual content. Includes adult products such as sex toys, CD-ROMs, and videos, adult services such as videoconferencing, escort services, and strip clubs, erotic stories and textual descriptions of sexual acts.
--	Sex Education - Sites relating to sex education, including subjects such as respect for partner, abortion, gay and lesbian lifestyle, contraceptives, sexually transmitted diseases, and pregnancy.
--	Tasteless - Sites with offensive or tasteless content, including profanity.
--	Violence - Sites that contain images or text depicting or advocating physical assault against humans, animals, or institutions. Sites of a particularly gruesome nature. Sites that contain profanity.
-
-### High bandwidth
-
--	Download Sites - Sites that contain downloadable software, whether shareware, freeware, or for a charge. Includes some peer-to-peer sites.
--	Image Sharing - Sites that host digital photographs and images, online photo albums and digital photo exchanges.
--	Peer-to-Peer - Sites that enable direct exchange of files between users without dependence on a central server.
--	Streaming Media & Downloads - Sites that deliver streaming content, such as Internet radio, Internet TV or MP3 and live or archived media download sites. Includes fan sites, or official sites run by musicians, bands, or record labels.
-
-### Legal liability
-
-- Child Abuse Images - Sites that portray or discuss children in sexual or other abusive acts.
-- Criminal Activity - Sites that offer advice on how to commit illegal or criminal activities, or to avoid detection. These can include how to commit murder, build bombs, pick locks, etc. Also includes sites with information about illegal manipulation of electronic devices, hacking, fraud and illegal distribution of software.
-- Hacking - Sites that promote or give advice about how to gain unauthorized access to proprietary computer systems, for the purpose of stealing information, perpetrating fraud, creating viruses, or committing other illegal activity related to theft of digital inform.
-- Hate & Intolerance - Sites that promote a supremacist political agenda, encouraging oppression of people or groups of people based on their race, religion, gender, age, disability, sexual orientation or nationality.
-- Illegal Drugs - Sites with information on the purchase, manufacture, and use of illegal or recreational drugs and their paraphernalia, and misuse of prescription drugs and other compounds.
-- Illegal Software - Sites that illegally distribute software or copyrighted materials such as movies or music, software cracks, illicit serial numbers, illegal license key generators.
-- School Cheating - Sites that promote unethical practices such as cheating or plagiarism by providing test answers, written essays, research papers, or term papers.
-- Self-Harm – Sites that promote actions that are relating to harming oneself, such as suicide, anorexia, bulimia, etc.
-- Weapons - Sites that depict, sell, review or describe guns and weapons, including for sport.
-Leisure
-- Chat - Sites that enable web-based exchange of real-time messages through chat services or chat rooms.
-- Games - Sites relating to computer or other games, information about game producers, or how to obtain cheat codes. Game-related publication sites.
-- Instant Messaging - Sites that enable logging in to instant messaging services such as ICQ, AOL Instant Messenger, IRC, MSN, Jabber, Yahoo Messenger, and the like.
-- Professional Networking - Sites that enable professional networking for online communities.
-- Social Networking - Sites that enable social networking for online communities of various topics, for friendship, or/and dating.
-- Web-based Email - Sites that enables users to send and receive email through a web-accessible email account.
-
-### Uncategorized
-
-- Unknown – Sites that are not yet assigned a category
+"Read and Write Integration settings" exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the Microsoft Defender ATP portal.
 
 ## Limitations and known issues in this preview
 
-1. Unassigned machines will have incorrect data shown within the report
+- Unassigned machines will have incorrect data shown within the report
 In the Report details > Machine groups pivot, you may see a row with a blank Machine Group field. This group contains your unassigned machines in the interim before they get put into your specified group. The report for this row may not contain an accurate count of machines or access counts.
 
-2. The data in our reports may not be congruent with other data on the site
+- The data in our reports may not be congruent with other data on the site
 We currently do not support real-time data processing for this feature, so you may see inconsistencies between the data in our reports and the URL entity page.
 
 ## Related topics
+
 - [Web protection overview](web-protection-overview.md)
 - [Respond to web threats](web-protection-response.md)

From ba961edf755fc519603f7372697ab04d0f3d18c9 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 10 Jan 2020 09:38:17 -0800
Subject: [PATCH 047/247] minor corrections

---
 .../microsoft-defender-atp/enable-exploit-protection.md  | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 43c483fac3..8a0f7c6f60 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -123,21 +123,12 @@ Use the [./Vendor/MSFT/Policy/Config/ExploitGuard/ExploitProtectionSettings](htt
 
 ## Microsoft Endpoint Configuration Manager
 
-<<<<<<< HEAD
 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 1. Click **Home** > **Create Exploit Guard Policy**.
 1. Enter a name and a description, click **Exploit protection**, and click **Next**.
 1. Browse to the location of the exploit protection XML file and click **Next**.
 1. Review the settings and click **Next** to create the policy.
 1. After the policy is created, click **Close**.
-=======
-1. In System Center Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
-2. Click **Home** > **Create Exploit Guard Policy**.
-3. Enter a name and a description, click **Exploit protection**, and click **Next**.
-4. Browse to the location of the exploit protection XML file and click **Next**.
-5. Review the settings and click **Next** to create the policy.
-6. After the policy is created, click **Close**.
->>>>>>> a305467be1226f80e3aaae3889666145ecce4421
 
 ## Group Policy
 

From b0bce3a9eb4ab14d03c3688f9872ce9bfba04357 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 10 Jan 2020 12:11:52 -0800
Subject: [PATCH 048/247] corrections in three files more pending

---
 ...ize-microsoft-cloud-protection-windows-defender-antivirus.md | 2 +-
 .../windows-defender-application-control/types-of-devices.md    | 2 +-
 ...dows-defender-application-control-policy-design-decisions.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index f05dbf11e6..b62c159a74 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -80,4 +80,4 @@ You can also [configure Windows Defender AV to automatically receive new protect
 [Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and Microsoft Endpoint Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
 [Configure and validate network connections for Windows Defender Antivirus](configure-network-connections-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection.
 [Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence. You can enable and configure it with Microsoft Endpoint Configuration Manager and Group Policy.
-[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running withMicrosoft Endpoint Configuration Manager and Group Policy.
+[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with Microsoft Endpoint Configuration Manager and Group Policy.
diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
index 892957a7e0..24af43bc7a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
@@ -43,7 +43,7 @@ Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the
 Lamna uses [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) (MEM) in hybrid mode with both Configuration Manager (MEMCM) and Intune. Although they use MEM to deploy many applications, Lamna has always had very relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender Advanced Threat Protection](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (MDATP) for better endpoint detection and response.
 
 > [!NOTE]
-> Microsoft Endpoint Configuration Manager was previously known as Microsoft Endpoint Configuration Manager (SCCM) 
+> Microsoft Endpoint Configuration Manager was previously known as Microsoft Endpoint Configuration Manager. 
 
 Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an application control policy. In response, Lamna's executive board has authorized a number of new security IT responses, including tightening policies for application use and introducing application control.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index 2734953d67..e853a94851 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -48,7 +48,7 @@ The first step is to define the desired "circle-of-trust" for your WDAC policies
 
 For example, the DefaultWindows policy, which can be found under %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies, establishes a "circle-of-trust" that allows Windows, 3rd-party hardware and software kernel drivers, and applications from the Microsoft Store.
 
-Microsoft Endpoint Configuration Manager (previously known as Microsoft Endpoint Configuration Manager (SCCM)), uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow SCCM and its dependencies, sets the managed installer policy rule, and additionally configures SCCM as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the SCCM administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for SCCM's native WDAC integration.
+Microsoft Endpoint Configuration Manager (previously known as Microsoft Endpoint Configuration Manager, uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for Configuration Manager's native WDAC integration.
 
 The following questions can help you plan your WDAC deployment and determine the right "circle-of-trust" for your policies. They are not in priority or sequential order and are not meant to be an exhaustive set of design considerations.
 

From c949953fe6be2bd7c8898e3dee1926bef966e4e1 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 10 Jan 2020 17:38:54 -0800
Subject: [PATCH 049/247] fixed eight change requests Jan 10

---
 .../use-powershell-cmdlets-windows-defender-antivirus.md      | 2 +-
 ...e-microsoft-cloud-protection-windows-defender-antivirus.md | 2 +-
 ...der-application-control-with-intelligent-security-graph.md | 4 ++--
 .../windows-defender-application-guard/reqs-wd-app-guard.md   | 2 +-
 .../get-support-for-security-baselines.md                     | 2 +-
 .../windows-security-baselines.md                             | 2 +-
 windows/whats-new/ltsc/whats-new-windows-10-2015.md           | 2 +-
 .../whats-new/whats-new-windows-10-version-1507-and-1511.md   | 4 ++--
 8 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
index 45180f8c80..80c59d0658 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
@@ -30,7 +30,7 @@ For a list of the cmdlets and their functions and available parameters, see the
 PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. 
 
 > [!NOTE]
-> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx), [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), or [Windows Defender Antivirus Group Policy ADMX templates](https://support.microsoft.com/kb/927367).
+> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr), [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), or [Windows Defender Antivirus Group Policy ADMX templates](https://support.microsoft.com/kb/927367).
 
 Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index b62c159a74..4bdce1e5be 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -63,7 +63,7 @@ Organizations running Windows 10 E5, version 1803 can also take advantage of eme
 The following table describes the differences in cloud-delivered protection between recent versions of Windows and Microsoft Endpoint Configuration Manager.
 
 
-Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center Configuration Manager 2012 | Microsoft Endpoint Configuration Manager (Current Branch) | Microsoft Intune
+Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center 2012 Configuration Manager | Microsoft Endpoint Configuration Manager (Current Branch) | Microsoft Intune
 ---|---|---|---|---|---|---
 Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service
 Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
index 1990f0a738..d516a6f73a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -38,7 +38,7 @@ After that initial download and installation, the WDAC component will check for
 The reputation data on the client is rechecked periodically and enterprises can also specify that any cached reputation results are flushed on reboot.    
 
 >[!NOTE]
->Admins needs to ensure that there is a WDAC policy in place to allow the system to boot and run any other authorized applications that may not be classified as being known good by the Intelligent Security Graph, for example custom line-of-business (LOB) apps. Since the Intelligent Security Graph is powered by global prevalence data, internal LOB apps may not be recognized as being known good. Other mechanisms like managed installer and explicit rules will help cover internal applications. Both Microsoft Endpoint Configuration Manager (SCCM) and Microsoft Intune can be used to create and push a WDAC policy to your client machines.  
+>Admins needs to ensure that there is a WDAC policy in place to allow the system to boot and run any other authorized applications that may not be classified as being known good by the Intelligent Security Graph, for example custom line-of-business (LOB) apps. Since the Intelligent Security Graph is powered by global prevalence data, internal LOB apps may not be recognized as being known good. Other mechanisms like managed installer and explicit rules will help cover internal applications. Both Microsoft Endpoint Configuration Manager and Microsoft Intune can be used to create and push a WDAC policy to your client machines.  
 
 Other examples of WDAC policies are available in C:\Windows\schemas\CodeIntegrity\ExamplePolicies and can help authorize Windows OS components, WHQL signed drivers and all Store apps. Admins can reference and customize them as needed for their Windows Defender Application Control deployment or [create a custom WDAC policy](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy). 
 
@@ -87,7 +87,7 @@ In order for the heuristics used by the ISG to function properly, a number of co
 appidtel start
 ```
 
-For WDAC policies deployed over MDM using the AppLocker CSP this step is not required as the CSP will enable the necessary components. ISG enabled through the SCCM WDAC UX will not need this step but if custom policies are being deployed outside of the WDAC UX through SCCM then this step is required.   
+For WDAC policies deployed over MDM using the AppLocker CSP this step is not required as the CSP will enable the necessary components. ISG enabled through the Configuration Manager WDAC UX will not need this step but if custom policies are being deployed outside of the WDAC UX through Configuration Manager then this step is required.   
 
 ## Security considerations with the Intelligent Security Graph 
 
diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
index e514735967..c8d5d6ec1c 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
@@ -41,4 +41,4 @@ Your environment needs the following software to run Windows Defender Applicatio
 |--------|-----------|
 |Operating system|Windows 10 Enterprise edition, version 1709 or higher<br>Windows 10 Professional edition, version 1803 or higher<br>Windows 10 Professional for Workstations edition, version 1803 or higher<br>Windows 10 Professional Education edition version 1803 or higher<br>Windows 10 Education edition, version 1903 or higher<br>Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. |
 |Browser|Microsoft Edge and Internet Explorer|
-|Management system<br> (only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)<br><br>**-OR-**<br><br>[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/)<br><br>**-OR-**<br><br>[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)<br><br>**-OR-**<br><br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.|
+|Management system<br> (only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)<br><br>**-OR-**<br><br>[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)<br><br>**-OR-**<br><br>[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)<br><br>**-OR-**<br><br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.|
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
index b4b57d20ae..81d06744df 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
@@ -40,7 +40,7 @@ The toolkit supports formats created by the Windows GPO backup feature (.pol, .i
 
 Not yet. PowerShell-based DSC is rapidly gaining popularity, and more DSC tools are coming online to convert GPOs and DSC and to validate system configuration. We are currently developing a tool to provide customers with these features.
 
-**Does SCT support the creation of Microsoft Endpoint Configuration Manager (SCCM) DCM packs?**
+**Does SCT support the creation of Microsoft Endpoint Configuration Manager DCM packs?**
 
 No. A potential alternative is Desired State Configuration (DSC), a feature of the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=40855). A tool that supports conversion of GPO Backups to DSC format can be found [here](https://github.com/Microsoft/BaselineManagement).
 
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index 08675f0f03..c5be88f4ea 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -73,7 +73,7 @@ You may also be interested in this msdn channel 9 video:
 
 ## See Also
 
--   [Microsoft Endpoint Configuration Manager (SCCM)](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
+-   [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)
 -   [Azure Monitor](https://docs.microsoft.com/azure/azure-monitor/)
 -   [Microsoft Security Guidance Blog](https://blogs.technet.microsoft.com/secguide/)
 -   [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 3453b80131..0eec41245a 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -282,7 +282,7 @@ By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279
 
 -   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
 
-Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
+Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr).
 
 
 Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).
diff --git a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
index 62fd42ba64..e49c027a4d 100644
--- a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
+++ b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
@@ -326,9 +326,9 @@ By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279
 
 -   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
 
--   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
+-   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://docs.microsoft.com/enterprise-mobility-security).
 
-Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/gg682129.aspx).
+Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr).
 
 
 Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).

From 4f3e1cc7ff1d7866b3fb653d98cafa34187af7c3 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 11 Jan 2020 07:11:34 -0800
Subject: [PATCH 050/247] removed another SCCM from security baselines

---
 .../security/threat-protection/windows-security-baselines.md    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 5aff586c57..48bfb00d06 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -73,7 +73,7 @@ You may also be interested in this msdn channel 9 video:
 
 ## See Also
 
--   [Microsoft Endpoint Configuration Manager (SCCM)](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
+-   [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
 -   [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
 -   [Configuration Management for Nano Server](https://blogs.technet.microsoft.com/grouppolicy/2016/05/09/configuration-management-on-servers/)
 -   [Microsoft Security Guidance Blog](https://blogs.technet.microsoft.com/secguide/)

From 8862a7f49bbbe8e3649dfcaf85d0e5b8f9776b2e Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 11 Jan 2020 14:34:18 -0800
Subject: [PATCH 051/247] link updates _ removing sccm

---
 .../configure-server-endpoints.md                  |  2 +-
 .../microsoft-defender-atp/controlled-folders.md   |  2 +-
 .../enable-attack-surface-reduction.md             | 10 +++++-----
 .../enable-controlled-folders.md                   |  4 ++--
 .../enable-exploit-protection.md                   |  2 +-
 .../enable-network-protection.md                   |  4 ++--
 .../microsoft-defender-atp/minimum-requirements.md |  2 +-
 .../next-gen-threat-and-vuln-mgt.md                |  2 +-
 .../troubleshoot-onboarding.md                     |  4 ++--
 .../tvm-dashboard-insights.md                      |  2 +-
 ...agement-reference-windows-defender-antivirus.md |  2 +-
 ...vanced-scan-types-windows-defender-antivirus.md |  2 +-
 ...ck-at-first-sight-windows-defender-antivirus.md |  2 +-
 ...n-file-exclusions-windows-defender-antivirus.md |  4 ++--
 ...ure-notifications-windows-defender-antivirus.md |  2 +-
 ...d-file-exclusions-windows-defender-antivirus.md |  4 ++--
 ...igure-remediation-windows-defender-antivirus.md |  2 +-
 ...loy-manage-report-windows-defender-antivirus.md | 14 +++++++-------
 18 files changed, 33 insertions(+), 33 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
index a7ba0b85ef..f6e320c931 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
@@ -129,7 +129,7 @@ Once completed, you should see onboarded servers in the portal within an hour.
 To onboard Windows Server, version 1803 or Windows Server 2019, please refer to the supported methods and versions below.
 
 > [!NOTE]
-> The Onboarding package for Windows Server 2019 through Microsoft Endpoint Configuration Manager currently ships a script. For more information on how to deploy scripts in Microsoft Endpoint Configuration Manager, see [Packages and programs in Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/packages-and-programs).
+> The Onboarding package for Windows Server 2019 through Microsoft Endpoint Configuration Manager currently ships a script. For more information on how to deploy scripts in Microsoft Endpoint Configuration Manager, see [Packages and programs in Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/packages-and-programs).
 
 Supported tools include:
 - Local script
diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
index 6ec499472d..9cb8182798 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
@@ -31,7 +31,7 @@ Controlled folder access works by only allowing apps to access protected folders
 
 Apps are added to the trusted list based upon their prevalence and reputation. Apps that are highly prevalent throughout your organization, and that have never displayed any malicious behavior, are deemed trustworthy and automatically added to the list.
 
-Apps can also be manually added to the trusted list via SCCM and Intune. Additional actions, such as [adding a file indicator](../microsoft-defender-atp/respond-file-alerts.md#add-indicator-to-block-or-allow-a-file) for the app, can be performed from the Security Center Console.
+Apps can also be manually added to the trusted list via Configuration Manager and Intune. Additional actions, such as [adding a file indicator](../microsoft-defender-atp/respond-file-alerts.md#add-indicator-to-block-or-allow-a-file) for the app, can be performed from the Security Center Console.
 
 Controlled folder access is especially useful in helping to protect your documents and information from [ransomware](https://www.microsoft.com/wdsi/threats/ransomware) that can attempt to encrypt your files and hold them hostage.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 74618f9e83..a650504eab 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -33,11 +33,11 @@ You can enable attack surface reduction rules by using any of these methods:
 
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager](#sccm)
+* [Microsoft Endpoint Configuration Manager]
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
-Enterprise-level management such as Intune or SCCM is recommended. Enterprise-level management will overwrite any conflicting Group Policy or PowerShell settings on startup.
+Enterprise-level management such as Intune or Microsoft Endpoint Configuration Manager is recommended. Enterprise-level management will overwrite any conflicting Group Policy or PowerShell settings on startup.
 
 ## Exclude files and folders from ASR rules
 
@@ -99,7 +99,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 > [!NOTE]
 > Be sure to enter OMA-URI values without spaces.
 
-## SCCM
+## Microsoft Endpoint Configuration Manager
 
 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 1. Click **Home** > **Create Exploit Guard Policy**.
@@ -111,7 +111,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 ## Group Policy
 
 > [!WARNING]
-> If you manage your computers and devices with Intune, SCCM, or other enterprise-level management platform, the management software will overwrite any conflicting Group Policy settings on startup.
+> If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting Group Policy settings on startup.
 
 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
@@ -134,7 +134,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 ## PowerShell
 
 >[!WARNING]
->If you manage your computers and devices with Intune, SCCM, or other enterprise-level management platform, the management software will overwrite any conflicting PowerShell settings on startup.
+>If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting PowerShell settings on startup.
 
 1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index fa3b8c47bf..540db7cb84 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -30,7 +30,7 @@ You can enable controlled folder access by using any of these methods:
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager](#sccm)
+* [Microsoft Endpoint Configuration Manager]
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
@@ -78,7 +78,7 @@ For more information about disabling local list merging, see [Prevent or allow u
 
 Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-controlledfolderaccessprotectedfolders) configuration service provider (CSP) to allow apps to make changes to protected folders.
 
-## SCCM
+## Microsoft Endpoint Configuration Manager
 
 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 2. Click **Home** > **Create Exploit Guard Policy**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 8a0f7c6f60..44116db422 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -35,7 +35,7 @@ You can enable each mitigation separately by using any of these methods:
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager](#sccm)
+* [Microsoft Endpoint Configuration Manager]
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
index bea514cd5c..56e3f35e81 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
@@ -30,7 +30,7 @@ You can enable network protection by using any of these methods:
 
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager](#sccm)
+* [Microsoft Endpoint Configuration Manager]
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
@@ -49,7 +49,7 @@ You can enable network protection by using any of these methods:
 
 Use the [./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-enablenetworkprotection) configuration service provider (CSP) to enable or disable network protection or enable audit mode.
 
-## SCCM
+## Microsoft Endpoint Configuration Manager
 
 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **Windows Defender Exploit Guard**.
 1. Click **Home** > **Create Exploit Guard Policy**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index aaf2910af8..402f18bcd8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -1,6 +1,6 @@
 ---
 title: Minimum requirements for Microsoft Defender ATP
-description: Understand the licensing requirements and requirements for onboarding machines to the sercvie
+description: Understand the licensing requirements and requirements for onboarding machines to the service
 keywords: minimum requirements, licensing, comparison table
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
index 4e86aca1f8..0dc41dc647 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
@@ -35,7 +35,7 @@ It is the first solution in the industry to bridge the gap between security admi
 It provides the following solutions to frequently-cited gaps across security operations, security administration, and IT administration workflows and communication. 
 - Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
 - Linked machine vulnerability and security configuration assessment data in the context of exposure discovery
-- Built-in remediation processes through Microsoft Intune and Microsoft Endpoint Configuration Manager 
+- Built-in remediation processes through Microsoft Intune and Configuration Manager 
 
 ### Real-time discovery
  
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
index 1dbb422ba5..128ffc542f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
@@ -41,14 +41,14 @@ If you have completed the onboarding process and don't see machines in the [Mach
 If the script completes successfully, see [Troubleshoot onboarding issues on the machines](#troubleshoot-onboarding-issues-on-the-machine) for additional errors that might occur.
 
 ### Troubleshoot onboarding issues when deploying with Microsoft Endpoint Configuration Manager
-When onboarding machines using the following versions of Microsoft Endpoint Configuration Manager:
+When onboarding machines using the following versions of Configuration Manager:
 - System Center 2012 Configuration Manager
 - System Center 2012 R2 Configuration Manager
 - Microsoft Endpoint Configuration Manager (current branch) version 1511
 - Microsoft Endpoint Configuration Manager (current branch) version 1602
 
 
-Deployment with the above-mentioned versions of Microsoft Endpoint Center Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console.
+Deployment with the above-mentioned versions of Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console.
 
 If the deployment fails, you can check the output of the script on the machines.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index 94d3a880fa..f8501a5e6d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -26,7 +26,7 @@ ms.topic: conceptual
 Threat & Vulnerability Management is a component of Microsoft Defender ATP, and provides both security administrators and security operations teams with unique value, including:
 - Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
 - Invaluable machine vulnerability context during incident investigations
-- Built-in remediation processes through Microsoft Intune and Microsoft Microsoft Endpoint Configuration Manager (SCCM)  
+- Built-in remediation processes through Microsoft Intune and Microsoft Endpoint Configuration Manager  
   
 You can use the Threat & Vulnerability Management capability in [Microsoft Defender Security Center](https://securitycenter.windows.com/) to:
 - View exposure and configuration scores side-by-side with top security recommendations, software vulnerability, remediation activities, and exposed machines
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
index 0f08b94b0f..510190f2ed 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
@@ -38,7 +38,7 @@ The topics in this section provide further information, links, and resources for
 
 Topic | Description
 ---|---
-[Manage Windows Defender Antivirus with Microsoft Intune and Microsoft Endpoint Configuration Manager](use-intune-config-manager-windows-defender-antivirus.md)|Information about using Intune and Microsoft Endpoint Configuration Manager to deploy, manage, report, and configure Windows Defender Antivirus
+[Manage Windows Defender Antivirus with Microsoft Intune and Microsoft Endpoint Configuration Manager](use-intune-config-manager-windows-defender-antivirus.md)|Information about using Intune and Configuration Manager to deploy, manage, report, and configure Windows Defender Antivirus
 [Manage Windows Defender Antivirus with Group Policy settings](use-group-policy-windows-defender-antivirus.md)|List of all Group Policy settings located in ADMX templates
 [Manage Windows Defender Antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-antivirus.md)|Instructions for using PowerShell cmdlets to manage Windows Defender Antivirus, plus links to documentation for all cmdlets and allowed parameters
 [Manage Windows Defender Antivirus with Windows Management Instrumentation (WMI)](use-wmi-windows-defender-antivirus.md)| Instructions for using WMI to manage Windows Defender Antivirus, plus links to documentation for the WMIv2 APIs (including all classes, methods, and properties)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
index 1ec92d64e6..78424ffdac 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
@@ -32,7 +32,7 @@ See [Configure device restriction settings in Microsoft Intune](https://docs.mic
 
 **Use Configuration Manager to configure scanning options:**
 
-See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 **Use Group Policy to configure scanning options**
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
index 1fb5ff7d26..97287da999 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
@@ -71,7 +71,7 @@ For more information about configuring Windows Defender Antivirus device restric
 
 For a list of Windows Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus).
 
-### Enable block at first sight with SCCM
+### Enable block at first sight with Microsoft Endpoint Configuration Manager
 
 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
index 6ab53e6c67..9a1559d85e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
@@ -77,7 +77,7 @@ See the following articles:
 
 ### Use Configuration Manager to configure file name, folder, or file extension exclusions
 
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 ### Use Group Policy to configure folder or file extension exclusions
 
@@ -272,7 +272,7 @@ The following table describes how the wildcards can be used and provides some ex
 
 You can retrieve the items in the exclusion list using one of the following methods:
 - [Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
-- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
+- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
 - MpCmdRun
 - PowerShell
 - [Windows Security app](windows-defender-security-center-antivirus.md#exclusions)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
index 03afa1681f..686871aec0 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
@@ -74,7 +74,7 @@ You can use Group Policy to:
 Hiding notifications can be useful in situations where you can't hide the entire Windows Defender Antivirus interface. See [Prevent users from seeing or interacting with the Windows Defender Antivirus user interface](prevent-end-user-interaction-windows-defender-antivirus.md) for more information.
 
 > [!NOTE]
-> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Endpoint Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
+> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Endpoint Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection).
 
 See [Customize the Windows Security app for your organization](../windows-defender-security-center/windows-defender-security-center.md) for instructions to add custom contact information to the notifications that users see on their machines.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
index 79e9d90a7b..7835908e14 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
@@ -59,7 +59,7 @@ See [Configure device restriction settings in Microsoft Intune](https://docs.mic
 
 ### Use Microsoft Endpoint Configuration Manager to exclude files that have been opened by specified processes from scans
 
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 ### Use Group Policy to exclude files that have been opened by specified processes from scans
 
@@ -150,7 +150,7 @@ Environment variables | The defined variable will be populated as a path when th
 
 ## Review the list of exclusions
 
-You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
+You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
 
 If you use PowerShell, you can retrieve the list in two ways:
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
index 7b22fa2f60..c0c4318e7b 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
@@ -25,7 +25,7 @@ manager: dansimp
 
 When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
 
-This topic describes how to configure these settings with Group Policy, but you can also use [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+This topic describes how to configure these settings with Group Policy, but you can also use [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
 
 You can also use the [`Set-MpPreference` PowerShell cmdlet](https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference) or [`MSFT_MpPreference` WMI class](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx) to configure these settings.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
index 295d507e65..4e7ec5971c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
@@ -46,18 +46,18 @@ PowerShell|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, o
 Windows Management Instrumentation|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
 Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
 
-1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
+1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center 2012 Configuration Manager. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
   
 2.	<span id="fn2" />In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date ([except on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)). Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers. [(Return to table)](#ref2)
 
 3. <span id="fn3" />Configuration of features and protection, including configuring product and protection updates, are further described in the [Configure Windows Defender Antivirus features](configure-notifications-windows-defender-antivirus.md) section in this library. [(Return to table)](#ref2)
 
-[Endpoint Protection point site system role]: https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-site-role
-[default and customized antimalware policies]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies
-[client management]:  https://docs.microsoft.com/sccm/core/clients/manage/manage-clients
-[enable Endpoint Protection with custom client settings]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-configure-client
-[Configuration Manager Monitoring workspace]:  https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection 
-[email alerts]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts
+[Endpoint Protection point site system role]: https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-protection-site-role
+[default and customized antimalware policies]:  https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies
+[client management]:  https://docs.microsoft.com/configmgr/core/clients/manage/manage-clients
+[enable Endpoint Protection with custom client settings]:  https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-protection-configure-client
+[Configuration Manager Monitoring workspace]:  https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection 
+[email alerts]:  https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-configure-alerts
 [Deploy the Microsoft Intune client to endpoints]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune
 [custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection
  [custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection 

From 6d436cf14e99dc0186db10154a79fbb7ce54341d Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 11 Jan 2020 20:16:24 -0800
Subject: [PATCH 052/247] typo correction

---
 ...dows-defender-application-control-policy-design-decisions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index e853a94851..1463f7ff50 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -48,7 +48,7 @@ The first step is to define the desired "circle-of-trust" for your WDAC policies
 
 For example, the DefaultWindows policy, which can be found under %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies, establishes a "circle-of-trust" that allows Windows, 3rd-party hardware and software kernel drivers, and applications from the Microsoft Store.
 
-Microsoft Endpoint Configuration Manager (previously known as Microsoft Endpoint Configuration Manager, uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for Configuration Manager's native WDAC integration.
+Microsoft Endpoint Configuration Manager (previously known as System Center Configuration Manager,) uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for Configuration Manager's native WDAC integration.
 
 The following questions can help you plan your WDAC deployment and determine the right "circle-of-trust" for your policies. They are not in priority or sequential order and are not meant to be an exhaustive set of design considerations.
 

From 5059b48e12e6a9aae1d22d82d9721e3f6575b21b Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sun, 12 Jan 2020 07:28:39 -0800
Subject: [PATCH 053/247] corrections in three files

---
 .../windows-defender-application-control/types-of-devices.md    | 2 +-
 ...dows-defender-application-control-policy-design-decisions.md | 2 +-
 windows/whats-new/ltsc/whats-new-windows-10-2015.md             | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
index 24af43bc7a..db845a4507 100644
--- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
@@ -43,7 +43,7 @@ Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the
 Lamna uses [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) (MEM) in hybrid mode with both Configuration Manager (MEMCM) and Intune. Although they use MEM to deploy many applications, Lamna has always had very relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender Advanced Threat Protection](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (MDATP) for better endpoint detection and response.
 
 > [!NOTE]
-> Microsoft Endpoint Configuration Manager was previously known as Microsoft Endpoint Configuration Manager. 
+> Microsoft Endpoint Configuration Manager was previously known as System Center Configuration Manager. 
 
 Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an application control policy. In response, Lamna's executive board has authorized a number of new security IT responses, including tightening policies for application use and introducing application control.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index 1463f7ff50..04a21aa98f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -48,7 +48,7 @@ The first step is to define the desired "circle-of-trust" for your WDAC policies
 
 For example, the DefaultWindows policy, which can be found under %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies, establishes a "circle-of-trust" that allows Windows, 3rd-party hardware and software kernel drivers, and applications from the Microsoft Store.
 
-Microsoft Endpoint Configuration Manager (previously known as System Center Configuration Manager,) uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for Configuration Manager's native WDAC integration.
+Microsoft Endpoint Configuration Manager, previously known as System Center Configuration Manager, uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator which adds rules for any apps found in the specified paths on the managed endpoint. This establishes the "circle-of-trust" for Configuration Manager's native WDAC integration.
 
 The following questions can help you plan your WDAC deployment and determine the right "circle-of-trust" for your policies. They are not in priority or sequential order and are not meant to be an exhaustive set of design considerations.
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 0eec41245a..aace786788 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -280,7 +280,7 @@ By using [Group Policy Objects](https://go.microsoft.com/fwlink/p/?LinkId=699279
 
 -   **Peer-to-peer delivery**, which administrators can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
 
--   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://go.microsoft.com/fwlink/p/?LinkId=699281).
+-   **Use with existing tools** such as Microsoft Endpoint Configuration Manager and the [Enterprise Mobility Suite](https://docs.microsoft.com/enterprise-mobility-security).
 
 Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, as well as provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](https://technet.microsoft.com/library/hh852345.aspx) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr).
 

From 25a6e35d312ff480ed1a539b60891584884647a9 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sun, 12 Jan 2020 08:06:13 -0800
Subject: [PATCH 054/247] scorecard spelling correction

---
 .../threat-protection/microsoft-defender-atp/management-apis.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index 5ec46afedd..a2c3304742 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -34,7 +34,7 @@ Machine onboarding is fully integrated into Microsoft Endpoint Configuration Man
 Microsoft Defender ATP provides fine-grained control over what users with access to the portal can see and do through the flexibility of role-based access control (RBAC). The RBAC model supports all flavors of security teams structure:
 - Globally distributed organizations and security teams
 - Tiered model security operations teams
-- Fully segregated devisions with single centralized global security operations teams 
+- Fully segregated divisions with single centralized global security operations teams 
 
 The Microsoft Defender ATP solution is built on top of an integration-ready platform:
 - It supports integration with a number of security information and event management (SIEM) solutions and also exposes APIs to fully support pulling all the alerts and detection information into any SIEM solution. 

From b26bca20f18a1626e2dbffd3205a185a28a09135 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 13 Jan 2020 14:19:01 -0800
Subject: [PATCH 055/247] update docs and add images

---
 .../images/web-activity-by-category.png       | Bin 0 -> 49774 bytes
 .../images/web-content-filtering-summary.png  | Bin 0 -> 34263 bytes
 .../images/web-protection-report-details.png  | Bin 0 -> 74232 bytes
 .../images/web-protection-reports.png         | Bin 0 -> 139107 bytes
 .../images/web-protection.png                 | Bin 0 -> 144909 bytes
 .../web-content-filtering.md                  |  34 ++++++++++--------
 6 files changed, 20 insertions(+), 14 deletions(-)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-activity-by-category.png
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-content-filtering-summary.png
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-protection-report-details.png
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-protection-reports.png
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-protection.png

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-activity-by-category.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-activity-by-category.png
new file mode 100644
index 0000000000000000000000000000000000000000..8c4e86272a2e3088b5edc21fff467d1c34592ec6
GIT binary patch
literal 49774
zcmd42cRZVI827DJv{9W@QRTi{yJ!)LT5VCQMq=;UF^h;Dqv~!IZ3(q%2O+VyP_)%j
zTM|38_KF=sc&|Rs^FHrC@4xT(!zYqYlIzTQp4V|6$M5$&-WWXBWCL-77#JAXw4OaR
zVqjn_XJ9yMe4ZJ2<-tPdzre#8KO@b@47k2q%fOR!E^2ye3=EZttjG3D!1D_}&&>T8
z7;Xss{X3&&ba#`1p@UKDsTwrUW^Ib)SZ|N7YwI#CHF^JIP3%yGCbtIn_{VNhwyL;y
zuDN;dK!eZY(C_}eP-typSW|o#YBAJDK~9s&@+ym;$@n%hUA!-mRNd7}`5dy*=n~p5
zPwq!#UE{jV2wa+h|GPHr^z7gNu2`M}hRwhbF?uKP@2D8Q-fkEB`^dk4-sa5Te=0RM
z|NcmZ|CFLk|30d&U2XXvAAONH!}0fpD<S_6e8sdgPs{VnhwT_+><i9%FHe=z<7$=K
zz=OFYeUGo3v$BhHs`#Bdo!RNFC^6G<JayV(xTwwJlupf7sdaVZbGLQRb|?S+t*Z8-
zRWp0JEPVcvx;t?aHI&w)zU-#<@mhE6lh}Q)&ph4@(<diK-ls`ypZQd#!=@KL#;q4+
zhi?~oP1o>!SKexf=h~@==T_<_p3q89wP=EmPFtoB6uhkO*YigU8Q#Yw3=DQU70$if
zihCmv&o2>YPLdCTc6#NoPv2bIApidTM(A@zH%hEo`*nlprPcH7Pd_k~cLfUdnOJ%{
z*@kY#gdMGekSok&oSA)g7_H>!sJdUd$3&6VuW~x7$%mXfQU3kk9gkSv03W2cM2e*C
z#@S!(^<-z{$zhQSVGVhDlual$@9Fla&mxpqchyaVhnyzu8kgEk1x&$BOE>7vM;pyY
zkX{akN3%@d!*J`?Yp{GdG_;GEp<+vf0m6@txYx)2s@84zyQoRoQj`=uq?1i<luAZY
z`ae7qFSQ9-2P;x1{j6`h0MlE)iffjbKem)&a%^O30ukA3+-wSjMqNTE_<CR!LQY0T
zlAS4Sr{RcuxR!10qd$o%$NIAPhs^6p`d+Hi@n$En(xI#1Xl25?t#-A%ZF*&-<j;P|
z_C{}pTz$~aLgCc5FP*k0>rTAqPAp41YEAJQ(h?f;>sML~R}qyY@#^u&xV|^WS`frd
zcLG+4y{*UFI>>~lrzc0{@xc1gTNg;+O<eOv6?~O==*OP$FRP6hwAhY?*Z=**`)_=b
z`$b+Ab4ddGz`&Z?IA%oc&L6GUlh@+<RS-zi5{q7Kl<54)wAHT+ITCoCewb=|ERyD5
z(f{zz#Sr?Q+}hhZ&z;&Susg9PwW#d{iR_b)5`lcrhSm8m8}Z2c7h}z~uqsSH3lwA-
zBE+Mm((h=zt56Q36=bPpD<W{fmBM95n)_R~yTv5lhtZac*58WZDhQ>fM}AI5%)XNi
zFC{t~Nj4#kZOsAeuzuwukD<fLpo5jt@-m%NiTz*F{RfcWYE!*7fwM7I&FNT++U`QP
zIo-<scU;nIYt{XAI+A#q`EcvX7cpYVtCNk@tg4ijo#&i9V7H;K&i$X)`%%(Nahx`R
zx$6yo6866^UT*kf)*2dwpbu`>NJO?+A)vE`ZWiIIMC=rJ9k^`3=?e9R<nwpyyNXTw
z%ZjxyLRAT*s7bX2d3r*ucIki2W*2uaa4KjqYyCfM)Fj#V9=(H5z`RTCh+*~YSE5#R
zURIg(+${R=@gt>$w^*=zz8mGIcAtUa%lFMAO4~%7Wa}s6AD=HV3CK<PCuN1xmWdVi
zPgV(~sqx(4Zi1`G6E1Xm+-zrTv&BWGpR@$2*T5z#7dNZ;Lio4PawqEdlS2z$ilg<s
zY$2;e!xx+IL#HF!YB^oxC!W4PA;Dnk6Ez3@4?g!nvngGV=|k5ozjvov0btmO59vHp
z(B2B6+5~Gc_UVDcBz4bQ;Y@av384U^VbxaR{xkZr^3vJwnzw`Q<_ap5ld|F@nts?I
z>G0+iOz9+8FLDE-uQYEVAiBxMGLI3ztrT2ixzQ^}UbE;aHZiC0g{(cuko8PgacSo;
z-^47GYx2UAkB*WAbgcMD5qXD+DzqQ0Hq?rw=dd}nIL+1Y@%7&Rwu8wjnM;am_b2=k
zm5xgm0+ItFXzfIddFRRq&QmGG%0VaP-t(YbQ=c-5)j(O=>XV7NNx!u*m(N;9zjI+>
z;5+!us9%&-#6+$8s@Joh;SfDvzP)R@_uKy7b(iWq#-ykUe|EnU+iX?jC_0cLiz$cI
zhQs6;^=R;N7`ZiUQaNZ9TR-W&5<(0AwBN<s`MUA2R@W2aUxBf^Usz{qwb5GbI{4Uq
zG^aIV@o=%Ld7+Zl+yy2z@C1CCc5hPd?@`qi{l+uUmOZgQbCap}VohJnVTLG2wv5{g
zlk@={r2CiBi2e4Y={Gli<vZ1T3{Dot&CKa6jy|&)%1P*&(@L^RANJiXpKhb?TW*9^
zIba0&DS>k53%SHCce3CMT+{0I$@H6UvYchr3xoSGJa=|Lx^=J{kL5gX^u`n}AX_B<
z+ys|_-+L2r%LdQ$-h2!>KEi*3cLz0_L!XZRN|T;y!<;eXELHWSq?eDUFAo=WwWi6)
z^0DxRRvgJaOZ_SQKK)Tp6>FgAAqw*2IfuVcrcV?eh@b%zp7o8~eJumWqPGl`6|!*d
zzy|g0_3QN4GaR<&NGXQ9^8?|@_%X)7A;YuoC54gYmQMr$Ye^!sU{Gbk$da=PU`gfP
zo@fk5$&xLe)Ku(KP?4U-X}&4Sak<pBd95lg?2ur3fo?;1YNojJ-<^aCZm@e(P>Q%U
ztc@0Z-Azci0mXRf(Lmi^MyqHsm#jzeYITX~(!i6;wRoz;B4%O2HmDHK2QoQ(dc0FV
z<=5{@&9V(Y9IKlS<}roI_{?DUf%iK13}}kXPKHsRk={YuY?puBu@;Fv8`GDiFrMMv
zGTWb~rRT?ScN$L0!bz5oCwVt}x^cb}zG?bm40+0E<@RpLZ=FRP0sO*%;k--ob64uI
z+CTWh4<c2-N&Dvav1-xG)B8@g8d{QD#VXO`n7I9Rdz;53@06+5GJ?`ZV7*NoCo&UT
z@-bcJp4CCFI|vBna3riR<(|z8Ud5Vv5ePc?2*x5Aan!?`?`3K`pU|BCn3L#zve|h#
zpcg!aCF{ur9nC%wGp|ZkoZY3qHAoLx8`SjNoSB%as$CyHRoF_F7zx!>b5ZCLlyo!L
znU;0Unercwm*{m10_E+6FTMZg#Olp%mZjJ2nX{&aX+wqeFPHUJ>0jv736yD_pW8hy
zRKnC+7-Db5c%R&MYQF4QzbEkwKIx);r~Qz_fOfn)tdG@3VFLa`{y7`*TRY7ibzI8)
zBu#Md6gE-kS?8rCI$)9{>xA*QCWdzZVgj?TI5baqH8*ys5}p+w#iy8>g^8fb4a8$W
z2f(qakAw+2v6mW`F5nKE+U7N4vS8miJ>oWY>ZgO<yT8cQhZQ{fKwCzyC>AUGW5Nup
zzuWQaF)f50?f0&%mR>A_CH*#NzImHno9f|NT4yc^UWAH$afCLM(yw?7r@4GyhSh&G
zHgg>ZHn?4?ZFu9vX}WFumn41VG=d|f>j~Jfix-g@LauVsk+bzzVF|k!O(yt4J5gnn
z7dFHPa@{VUL$`l=WuZvA3t5QimwJ{QbH!1jX^zV}wQn(%@i^0lL=4e#wVdJ_0#!6K
zi%duep>9l7??W*2oJ88vrzr$E4ChqR+E%jERH*vUjMCAxu{0`Xi<w`c-RZW4jfoad
zxD{nh)<gjDWBXLC!qPyUyJcgY=}c^3+7TK5^?0l(`w-Hr421lwf!NytpVpfxtzMsf
z+Dx5hQV(nWQHdp)@Xfs?PQqufS7;M{^EZ3Q+LqAT*y8tzc$=9#itDRCws+|4sPm{X
zWO&EZ5V!H3{qeOiVkyF#v-r_`RskRKxKhOh7Rwv_NiY4;SP0%OQJMDX$g`FjAonE|
z?TmUS{18vCo0zN{DK;Gbo`{@w?h7V3|H^c7xE(YyWj4YYI5&luaGF+so&enM8^{^8
z`pG+qzsgDyhV*Ju5K{k1)XWNwj>~#RN8Mv``nfhEP!&1-twNu?IvK)bm9G&W&=zEr
zuMyx_s4Wqpb>kNDcuRBRtT{nvWbo_f?t`uVu^3M4x&7Mx#(g~VrV&F?7>>un{usS~
z^y9-FtM^6d`O8YX75GD<rFok<ZgTo0b0Ixjg*N&}c71-?t64}l({ZZ2@q3tTui|Tv
z=&-zOkXE#Jkem+c>2kwmE`^aoM*Q~#-c)!;>~e>)+tA&N`}R?m<d7EKqy<xM(0=X^
z5jYFqqZT@#N1?-d^ff$narBN&1&&oC%OMdS!=Qa<HpjHBuobV}xpD_9bC%)TScQG(
z<P1M(j(vcQOX_Rwd!vfNkhj7QoBt#zT5aa=>qMs)+kTR=RYPOlhS3`qW#fr{eezvQ
zmEAQgk(xHb(#10yW)zEC2F$i3-+5%mAER^rD#Li?`gBw4HbR$fWC6&NW6pJA<XArq
zzNi1L+mo-v$NZ1ilE_uRg<o53wUKq|U~Np;us7xkw5^<|2(mM7&T~Qn=Rl*$B@f;4
z>=nl1qvK(HmGyM6ghkB{CgDM~oMdn4j!rKLXRTPD?Y|bXyEF^Coew=9y7i5-S*Czq
z9+p#6sA?W|!3jti5qjMmBR%nQ(@R4mz$#eJM-}ti(wT~M(_R4i8`d%*9Tu=MB4SDY
z)`D~JN){r%B)x>>a23v&FFpklT<c!TfsYcpwV{|2h-W@<1F`SUKAKO4SkZKEn7J#j
z%W?2C)grVLK@2<B|BGF|HT1=3T%u5)o)WIf$nHiK(#cnER9-evpdIh@TTkEPKEDu?
zl56*%*jTb`HG$~;^P_-7%BWZK`lO7tr2nz;`D<*Wdp5)Hu%9||?=solHZe)YYADw^
zJ0@$8qYBOSL#d~6ugCqw=h{rQd0CtDRgzN|^3qKWRqw;Qp;V<Q|0rH`mha@tuI8*_
z@<DLWi;%GR@rl}1;|;qvFhPAqY$c(@uS}64&M3KwNjp`-6N`^CI@~@wfJmjje1WHJ
zP`p!+NgU6LM`r0%vfqW7rq%L#`th}gc<4}WbSfY1WUDKCrp~GT_|QD@_K;SMU3+Lf
zg?&==M{i=4jgN7@GaD80@F6i^8I6v!h-PMkq|~Sb*&^38+v#MPh28oQ5i1#hEd5z^
z_FKn6FHk!DA_R&)9GQWFHndZI=?>BKvJN8Ai`kU)MpxUn3qZWB<Ge+ge=dxLcx``V
zuH~(^$(m2lt9Irby&#mi6b{+Jyw9CNtxq93Yc7Eb)T7}g40l_Uw7aw!DM4JZ<sT;>
z_9?7-n2vMZo^wxB+6OAU(z}_qdF1p}CtVrty)B{48GWXR-#YZKBWKma^iV-26~4f>
zY5wK<{vXqboEcTd0^tb5B*i`HjE67tj7yBZ_2zS5XUgb)h+)_}_>+hrnQ)v#>%`P>
z`>40SI$PkgiMd$VWVEcDnlvf(0b~T!v0kYne>b$XYDt9i+GwT3dqYn<sKU{+AP&N9
zw^morq^1YUCpXS*!(JChSu%-?Cyr;=Px{7{D(Mohc|aN$KZjVYr_pBInkVYLDQ9~a
z@sH5VjfUTC*b7Q1IU8xfB(|(xE<UVn8$lYxY#MeK36C0L3-{ahBkOFDr9N|<l9Zfu
z@pTA6_04|eQ1ZURSe4Th<<jj(qf<!)l0|z(O1=!HgBc(7CoLPU8@v4sB*k&ed~_#A
z^;vrz$S>JDaY#Xgt(f5%mOF}GCX)+?8sI$NnA~*B7=ap#-;yaGsz^XFpEsKMRK_4E
znH;+^kQ=SoRvU^<f|bHgO7m3Dn3@@u>pzE<<Z3f>_%0zN8s|QSUN$LR&BR?$_>7TH
z>1fyx-Wb?2j!fLw^GR?Yd#mSbQKu|<16<x+T)F_2@vSfkuC3n|ePHBS3Uj``U`~r^
z7RK;prz?vll?$?L;}MUG?=<G^FZ4?K(hs6c^OLxnu0M|4vPBBWLgY6i7^|mz{BzGU
zM`{<DCuloEVLQOeHM$I~P@4mme<PdPUz`>|Sv&}t9B9TC)rO&~sL58t>+XZnc0hF<
z#yKF|KxqASIZVGDC6PWmV^*673WPS~WCS%Ol!WTmWuzoT?!N(D^f$csjtsr<F`-fW
z+of$*d80vfwWE#YqHJHi?*!7$c8>&n`JOcp)3v)qN3SR~2?w7s()x6E@xC~a#84)8
z9cwqoW3~I!C5zS1Lz?1F5)z_eB)D3dG$NtdN6WyW91hWvVPHpqZgeEZUPnyrZd{&y
zDfd*(yn(3Ru3k0%U(0}$aZmnHMoQ5a13k#m-l_|b&tO$do&UjZM62Zniw?ps4L6kv
z>Z-k$BF^gOpO|0`tJL5_W11L4<L}Vkr=5%ku2~#&p96otF`s(>bmBUjFRH)W`+Kvn
zE1!tZ<>3=ky<Av)bP5tQ1Z~K*6H8|?yplubE(|N;{+Ux@4lTwVwd|Kf{hC}t7!PA2
z)Q==`Y6?288!rg+i5{AF`4_9&FztYhqRAimv2GzFsnThgL@hVl#mJVc%P^tfce)Lz
zto<xd2z!LcrsVm;`RYD}o~*<(S$y3NqDo@x8XWVqyZH;<3VjN;>=~}s##i$EQGD8d
zO$)*d#2h^}bse>GMUWLrR_1IobLbG9KgUVzw6$NEN0gSg8&pNl;sa8ax3K5%p%VWm
zcg~B=3@{7No-34_$HyDn<ws_*Z?W_vm8yn5;1(cINP+5;$nnGJHznyMj^$IwcJ&p)
z4eLXN)wN!PA-3RrXTf=@gm+P9@LLs4LEiVq;r!61-MX0Y!Am44#<oyG5HkzW%Z9;s
zGJY_wEC!7jY6_j}g7uX;z%voE_nr;MKtZ$&TO=w7VodJ)D8EL@;d2|_Ngwr$W*(dH
z#ycres^WO==`M@>-7zbyHO_j@?a!)eax$!betZ+d*1io^3carD+?zP2^F69{*06iB
z*u-oR^|`!^^*!^uAvR;C^X>A?4Byglo}kCjonq%m&==@V&UkXp#4C&ZVoEM;zT~?$
zb=Ps~;r5f57?2IB9U>kdb)N8gne13=-$;1uY7H4gfW4wOPSyTFev+E}xskiPcE?aW
z7nazm7fXObBW)huG`OEnd<JX6IAJ0b5^A#9`Jam9u*spIw~eVU_QKu`Q6X?AqfOkn
zFyTubAYCcdL%^XR{-Kh)gA|w&^m-}zLL1Z|hnvFBHjm&P&h2KvCx=IO@N(D{FBrM0
zx7$g{W0Q*AYPL%-Eg)(P@uikY1nz)8OR#L&z(!O24#CkfvSg?XHjP@y?{ao1(@#!l
z#Br(lIThY1%ucll{+U%Cl<Q|!yU$HkzjH~b^jvp8Tob&?O*f0-!TcmHb^e5zqsY(I
zg9d%tb=BB|HZgG+n1QinfvWpS%P&K{&M<RudW8lDk;#}YG;#}iro&LvyEtqd5I0y0
zm~Sea9y?F7<%JEUrmrk$2+d_97pAu?-e}}cVe|`W5Bt*hFiLVKK|GHf|H}$mFh8+M
zW6wD!P<o0zmF&MDAvbO+s!j;Mz)TLJOi``$Z0W&!teO1K-(}nihIaY$m_uB+ejCrN
z(qr0$&Ve?dN7H+AWZdY;Rli9xj8?Gl&&oUHLm=lQ&(C&hn(f>W_t2y;XX9E5)SO=U
zf<PqfQE&L0$+_tHa@*_=?#`l<*>ZBQ=QicxVTemBXK_65(l3@8h*(@>WBB#~#?Jn(
z#6*q$5T$0~Y}tPkiWbSam?~uhyHTuWo^0+3XkM)>O&1`_s%Z!?3&H#Ht%n19mkE1T
zy|K|}68!aus-kLf`A}cX1(VlS;JYBfJn<|eEd<{i*w~1NF&8XMAL@?&@(gwPj8lTK
zPC>|<vxq6vkw;K!Mh81?xi`_@olvWf3eqRa$Z~+|O)7G8Y>@7@nD08Z@0W)tD<O$0
zCk?EQAMqocil5}lS3lu$h}K{%Mh|88%7P7)uI;s2aQq%N&pvrht+F_$HRrG=Qy4w4
zzmy5}bIn3%7h&Xe(ZwVouG-K6T8UOQPH&v-IbQQ}HEkn_-+$exqSQSN<_$m2yYqOF
z+LZ5Sex##E`YR40#92v>aVgjj1V4+q6dt-wI0vvx&XsaQ2hZbSnBsF*|3E#lc7-41
z5+%Nuw<%AcB#bu~#vBsa3N<kz5C|thmq`e!K*Z6(mLh=47V5o2KS9REN^}^4>Y_gW
zSOH^%F2VpE`b|D3roU5-#aUL}<c+3+fagcc84k2yKG=Pv0#KYf);0HdiOMBw)L|`B
zuw=vY8@Ec@5<ypMPU2GUz3k0#Ct*BUXu#DyLjp5)>-X!QM}*;%WG3b6`P)jypAP=`
ziZRp`2z*@u3yO}s`gAp^?9h`x*aJwaj92inwzQJ)pM&&D*FjAQv&$1sB<rad^&V65
zjBpmGPO3N@%bwTU>YK;9^%9=w7g-r)iXw`!5%$o_REC^};T-MDD#sP8<>-sqw3nFI
zUpQzQQV!j!%ZD+rZv`iodEq79n;f!CA>0GcqG{*26oK?<snkTmTv~zfqND<x#a-jN
zvzR#t=M#~}&RBwRpy$v#1?`{msBBCrK*{vJ^c(SuEJn%byW)8wE95!YmZmg6_K|R_
zFmGNx<DuA>w>RpF^2ktIWB9~icrYN>T32g>`}=fKZ*gFRm4r79_><N+aOyoh3Ja)&
z<|u<bJmF-pjr+~Rq6M@CvXBC;4Hgw1tV+JDRbL@cp0^mepUCWFbYc~>kRyrHP)WE!
z{Q73UP{ZFu*$7N%H2iE7ZNDr(%q?Qg=<KGVIltJHj~;?;V|Q%ZD~B|yW^5MUgOooi
z37M@HJwEp>JV;*7&uFf_w3ylW3`QaoWCYEt4-t;I%2t=pxKCRf!`ZG~MTrW?=o_%%
zm@7V9?WFi}PV@5{@S|5km72lYTqlNz#9zV6XzeR}Ts!}{=aq5K<|k;EFKC@H7#LAw
znf(CBqGWsS0}amGdt)sQqXT7Mo~;(S(QH&FM6*MyzJiOM$L`zjt$?itq)!@MtQp{I
zm2m44Jq18SUk*1-l+cznvZ_dgCuKbf`Z$5$-W8s@*7N00qLOoYt3r=weZq&c=q|pH
zkubC~X7*!a)G?Y_x!AfW!QDBu2V38u_HH*Mc-foq`*qmid{vpC9_R`M@8UnyDqNDF
z2k3=$hMZ>xPXZUSe%b#9lQZQhF6)W+nfBOtKF^)Bp0*xM&e*2g`l}86N%dbdj!U=9
zjuGa#;WmTTSD}CX9J0@4dL5_M3Th5gWbgp3<QIiRfu44zi8-Mm1ZH7X$n_WCSP10t
zp8Q2AI41JK22+e4m4%~K^a(FE7y8<gdV_F&Q6}KE#ch$cTtk&4Fu_;@dWfxP*|@{x
zxH6sJTHd7T9u#cjQ1z>HskLB66)e-egihLeo+{P4f+)6A7z?wck`8wko6#jdHxfZ*
z`Rr@O<~19Hc0`Rns!`uW73*-l*VMI5#LmQr%j-<h@r$Y%YwDz<_<XXYNs|GDI5`LB
z-O&!x=4cQeh3weV6JTL}-IA_!_2~Zu@^R7HNDFG-55$t$iq(0RXWAs~Xwl5U-3ln_
z)$eC|-Nsi6BMbdAjo^wst8h&w2bg-UHXqx?RESgTZ?N&x65pqhUY{(EmdA4!mOwvP
zJ2fuYfQ=~aHc@QFDaMgzpR|jUi;bo7FE$0(1s0eK?3-XMo8#U^aVY8RtyTBc5V4kH
zB}JJYsaBKYdWl172OG^4tYLmq*_K<8c{FWrt)%F)jM6I9vpzq1;Z+Io;Z0rb-WMY-
z+fmNFWlxU8^zwT&mggGKn)(PI_F{MZZU`ICNWG4vXOd5}{O&*}P`E_ZI`{S=R?)AL
zGFGO0pOQoN2&PltRL?wXDl}8Lq}?#yW@;6lcGUYb_oMUrA7(b5apE+a^)UR*aK6d5
zc2_;JE!?YlZ>Vypaxh-A5HZVRs}>Fc&rUVL5oE(z)g-}1=XGy7-q&g2$t+m-gVaCc
zE())?J+y=xXbwV(C;w{;ZULst%bk@5#LDOccjWHcU}t>6twM@S^UPT}D}0KdQ*(e<
zxaV-=V&;0CVLMGAwdUu}H`|yqusp0xK0T+4efgz2Lq(&3ph#%8v3)J<TxSrY(~o3B
zRtSG_I*6%S?YrdUuLtH8?1j3`Fu~}vy%8{p?}>brv)}m{vF`XN=XmPo2t?nB!|3f<
zbtX1$0(gl#=^atOmLEneJ?v~-1ugRh-L-FKTwcqMh++W88vEHZJs4-6AMTKe&^xHF
z^~5w9YRDHAG0mZ(T$%pkp40$$4bsaV`+8PKtvc$x+f!oNwI9c6@`a7e>qLzUI(@0V
zs7I<~9j-Ja_dCjX2WE|gnsq5@r-d?&4svVjLCBhfcVZ0ZA;E+Pmp~@l%?Zmx51=Zp
z;+DPH;G3v$X(5<4&Uu)dNxtbsVKMo;e}YKw4JHm;aieDygBJEo=VA*{e{l+p?qI`e
z?gkgE#wX;S=n-Nc<~+U@?}}|tS|MUr6Rbsp@EgKE2#q&*pWfqwXFy9Yep8;^ft<n`
zMIRZ_ez;GAQAToZx(olJXSC^NwcDV7cW?Fj?C1@uKkv0eF`&NexuSe_j4nvcD6Y38
zg%Cf{ew-Abi;p(k#Vu<5xscWa>b1@*omHnNEDbI`UdAvnimIbBuE-f{Av?2>VSOJp
z9C-sQKI%YKvci@~YyhQw+uj<Xhe;VD0v&edt(ZZ;BaKzA#y>3m$Sd&NGxjzi@9Li@
zZgtOmZHzK~R~qpGC4rB3Pc5HcHWY5UdV7stcg?Y3*Yv{E3)*k=Ig?~PC3*v*S?iRV
zywWL~oryk2>l5Clfp3ZnO1~*C<@~xPE%HbFG@6O8p`Qc#*|)pIO+eNfYP)@{xbASM
zN20d656BpzM9hrh=jT&x?M)G@DK#SkZEb&L0P;lOkv^xzy3Ul$-ot_<d|Wwm*}#KA
zSy(n;U&gPu4EGWDFr`-2W2r^>xs-h6UNt@B^ZzNQue`{+rpDCKeXb;?Jzj3lFYRU_
zpY@fFHtde-YN7M6O6V#6h^^3^lwBMa;!bXj4teOW%JrcHf^OiMO`DGSC)g&&4KHJc
zlH!346{y~1`29RF)6lM1RR`=%Qw&_@E(^&$tM9b1*NB5-UK(N}ac$kIC8wzyMHm4^
zz{#9!Q}c|!4d4&nlxci*l=Kt=PB!&?jq7P5VwiMg0$GLc57A8yZ!vvoqPj8M5r?Ef
zz~XGS*&H`l#&IX;Zp$UP5f5{7DJDT~29f$Gw<&~wKYovBITdaYt}#&_js?xs@If1R
z-hnWl+Ae%dHN4$&?`}Tm@Jvm=S!!$fsZNLPQhRY8G4d6f_{LDR7(FKM8BH`-i%%C2
zEEQ)PZYoy6N{x-Xh#Hu%N)Z&64>P!LX|0xrf1eF;+~nc*G@Hm()oyQ&G7r;ik33<M
zTI_Zxd9BrD-Sy<ms|0*X?n!uegnL^SWqvuie)z<&)j0ah@<Xvt19t*}BTOVe?AkA}
z?g`ghmz*|HDuy=tK{pE7m<IYE?Yv{XmrSgE#KZ{VH-?}ijF#^Lne27rn{Ht!(+ju%
z+!>F>yfhvTR!Wkc{AF@v5ZOqyZGTVHlI+cYe2MKfdRz{h+Gkkk#*yxR8XNtf)?|1~
zr|vUNx9tOD+<@C4J|`s?U8Q|W!`hiQ2@2a5r!Xk!*CfEKbA#Z$26|zEhfLPljvv=c
zBeq|`N^<_7AJrr@Ce){&tUScX8q?qTy@mKs5|Fm1D+<?IWtk<jnz>^XTxByi;F|O@
z_#<#4DE6bcB`G<_;Q6w3e=Sk|W+tmbe{%S)>%WABA`C~LG$o43@o;`ITY9|KGsCc2
zWACD*Jq;2^L?86(t?!LhOJht*G6$QCOD|Fu7WBm}ru82Ene^-HdpJL*!8P4W%my)R
zEjZOc-(~O4JJm_G=-Pd!?X5~X|N8V{5b&Gj@PG@<_2+wh&!&_Ym(7>?lz*D0gWHWY
zP@=|@p*B9LFUOoxodVTfS!#Srt?XYKF4F%l(Y*G1AwvO<0sLf}1?f)Kvr;V=VXryQ
zH#&tx+PzM-??0H0<vVV?7L@j^KEZ-ymxX`VHu2dXu%*4Z5Ys^}uT!}YJp=nHfC<D^
zYJ%<FjLIroPw}T3eo7VTa~-d7`(D{~J7bn9?qr0`IfN=DSxwnDtmw7jUnGjjdADr6
zK1w*zOC@R^LEG{vFkAN!Bf9f}T*m~CKJQdD^&nv=eEaO3dTWc;1UkXgHfw8-Wb5+i
z<lv8&t+;vB*K9@UtljkqQg0F6=NpG<Lr|?s{?1!Y8K+Eu7xGf#mh)O$V7q5ocP}5C
z$~RQC+c;E09A<4jmY14`^Fjt6rJIu91ka;PCo8FEU69&>g)W8InMu~+U|3k^Vk%K*
zf&(=iyiz^WP`EuELUEc{G_+8W41{-C9%&uv9I1?Lvo<OJoU1AKzX+ci+!J~@ZPD*F
z)#Ma<ywx>^)BJg^hlGIOcY_YNlQ-Z(qYIff=|cBf+V+Bcl!m--ps&%gsf-c%Mn$FN
zD=X=omz)3eJz~3<Y@6|0PEG)2Kz`YEpGPjBENi0R4dC%B=E~rTAMNZ8%eoGzk{lat
zPfyIT02}m70~~9!FkX9N$fj)%KDthrEG{YIywZ@~mRIp0obk)|T0>e(Uf=+~hQsaf
zAK*O$>Bab~PrcrfC(UGDR4}{Kz`F+S;D3S+a$~LdOBQbIJuj;_JZlO@^2m9Wt-9k}
zMy@rSW$?W&!}(X*2Z4Q<B98wJj0s8cti>2tF$)ewsKs+<tsyOBWWRZPd8|;&xQW2F
z95Z+MY`+MWCnc1Il*Qjx>JGz&e>vp3A||PEk#A#vCx+8e`EHwf+zs=5eny7(Z)r0n
zr-if?w<~%K|1n0HI<lQFj6^9QmS2R?Y)t3Cet#!L7971Xz9&lckY(e}X&0!$3uTAC
zo${mLy=JQNBz|7n-w8ijccIfRSBT+Ub(ZBB_yyPm3)Dh`0TYC|!3{7rbCrIdWdOZZ
z{)>zGKqrD{V>p|-(swCjvXX>Qy^!=AOPI}>IhOyE9&?qw2)yzCWoqnyvuoPN00hEy
zLjF4hhOb6%IK)h@{4Z(^`}B3!DbL^6Bh2#p|Np?c{qIr#e@fi_-;5$X+NmdHjH^hl
z4rW~Hh^OtZJNysojOD#Bz}`)VABi{Tm`kVH;5<luHzaM=kZ-@(BI$rD8a}#0QXKrt
ztUP&ru?~O`zMaY-1)pcW_ra|cy1l$g-DB){`}>xjvjhG4q>mCq#IZ=#41995a!leE
zuR=|ItviY4=ST%yEaFnZ>#<g9w^;dspJP3Mo+ttl?Ak)x*6Y=E05jWPWRU#~7!{K=
zfF7b!TsG(cROC`W?OPoNz-k*xQhMnR2Q}W^^lAg(Jp}G#9>;lE=^zL2ppYlG7-S3M
z;R(Lt3=DJX0FxKX_p-sWmSA$ytSi=f_&ppjVNb0Cbd=3M?(PWa+-T;;I=0eQ#E!zI
z6i%(tZ#gd4W9z5Kkt`mMx+ByX3BV{iS^;Y1l-H4fF+Q>7xo2}+i9K4EJLQegb92bb
zw_;^r2r_hRU!4v~t&hH>@B^8;%p)0SjSsFpl^6s7M+a6;iCwaQMV)^Med~yF()`pG
zxmSB?ik6!2bkXDuOFq5CwAEbSPYzq;HBEZx)E##MopS`hzzV=*p8~#ZCi?PrUo4)E
zc#q#7?>Tjk24ta*{{aMA=QR|m_n~@83xOWPW9XL8`G+VH+0bSdFm{3SFLs<xom$jq
zV(<`o`+w0~#|WO#t;59=+czVbX1%YI3?aWL$b)udeLLWo+uI_uZnl_=y6{anBr4Gn
zKN10Y&%8On)0*!tc<-}}TVBt7e#Bp_W=g^5J(cp$Mi>ChU;)p&imAr3sk&djs|ilo
zh@u0N_+0`vJt=`-lM*w=B&%qm|F5y`ROu~$&SyexP(t_SQ;GNqLO{n>*F>SGM5WN@
zz|1Wn20K<LFr}v_R29XgFJIG54__>EYI&!S!<#!=k5|M_t^XyAN+g~u$%~+tmbdPb
zos7Peec?K+4?QIPg-F-Q$kV+dero~k<O+;&={Q7R#nW%Gw?1S8Pr9UX>~jh^H&O<~
z+7#JU0%>g>F<t47Teer+XvjZZW`3z3mnoJ}-n%ur;FK|>q{%8eMLx9e<^EfWTDO@o
zd`T(&5oKz)V-5bpW|^LMVYA~hr}Lh*vF+GUp-yufV|F;L<dnor4yzwe35oPHE4(Ax
z_=W3lXsS3A9-1+x+fd2gD!^tl7Bh8nKU;=YiBq<iYm+8@H43xoP(E6dCh0!Br(l+J
zcK*qwUJu-bzaJe9P5$u={LcFygPoZPFCNE!pjy=b=})rm1dzW(Dme{nR@u=Mu)OxU
zR8;fU%U596fdP$#TeH(WXIO68A=vor=X+8Sl-hB`6ud}je<^<he=BTvP<Aaru^P-n
zY|#NEL*Q0+{VU<nKf9U}N=X&c{R+bg^5`nmy|kM>?qLdu6<0A++-}jQtl)9C0Dzlp
z2y*GmbkkRo?^8ZGa3Eb=egEWAWfC{IN^nuO(mG&@aH?@4VuoDIs`u=UgRCX#r#NEk
zX-vi#=+Ea0%Xby&@1)B-#;UxUmbT6U2wWv~I*c?OMCFwmC8UGhCtc({DZu@=#v3iM
zG5DlW#1xkqe>13FQPAFk%q8tSI#L4hn4S#61(^m~*HQw;-Gq=EYf*o80h)N+y&S(n
zw4~?22pG@Qn#Qj{dWLL1TsX5oG*WURXH*{N8U#x?*{(@l2jIRMfD92X{W*4WM4{|Q
z?%M)1W77T~?K=I0N87@ZyqD_tro+Pl*l@BArgU`qrX2thYb3Y{j;E_`XUH;Ibd6Qp
z`Xwe=R0X~yR!$RikSw<Xb9hau4@pJ3M-Sx2`}Wr-gxJqp19T@5dj!64q}jU{vbVC#
z9D3odA~kQZb~50|F7?Llqs|jL?GPe8<?|;#V1I0JPEmZJ<`;)pYvqH>iCXEnONwQA
z?i*RS25k0i*8P(Z%Ggf7inrfl-^)8TrF(C2ngG?7m-TWX?eO+}k5{S0u6IGBK>TPu
z;;R6rq48=>S0b`cY31o^nG9)ZE(r@?jRRm#=`LQgws3sdX8T!+!eKIg)jF}p>*s=w
zdQaAaKO7nKaSzI|^<1l@f=Z2TAAqiw8djq{t9xa=f~72C0h#@WHOurKE)IZ@ep#2-
zChn6@8A{Ez?kn~vGLNG>8ZIr|Z6hr@4&han<X9E)g3TrcO{Z^h`uO1eO|lbgtO^BR
z9w*oY+WU5s4cqr4&d{&p4&@ueHm^_~1^<{z>dXsDP_3F5JI!7HvHFmyWGD@=@kz}$
zvi&w119A}7DIKl1m#D@$r+pLN6B9N~2Sd#p%x;etGlxdxr}3(bI#opv=KOJ-b2N4<
zA)C*#z1YMd7Xr)}i$WZ`6ERMR#9L|Gh@`=7n@^9%dXT+7DDIDa`)5W&+1+|e(<!&%
z(ESg{e7y*`8mo)X<x;aj45`@uFV?4`9tKYlx>!<<?iviQXj*<My&ODxm=jrVQSH3g
zeCBpkT;r1Wl&VDAn$#*{INnX=W>{_gZByGY)ZV%uHVh~u%;kiwpJ^s?&pUNnj2$2D
zOx7G5I6G_?Xa&@zzG*~<AP^remDiuWFOCE_xa<3c`-TAOUPZ)OG<~rR%ZPgS;Z;3C
z_4K4pV*9_`V<U!rV2_U->h=5ej}m&N&tL0Y9bY>}OAHJh8wMNDrx1xXe+_TBCObUJ
zJWHAG<nE`%gXrwu^cq+msB8g9sIoVy<^!z*3g=eu0*8Cy1gB?t!z56exyRwZNLmN8
zKL@JwwXH6`9*cf|+Iw}5yPl%?c^6anOEfNq?ZnGnOQ<~|ZXs7ngs!6(3qlXW)@FX3
zpY3U(7ktp_Y~3TSSO1VN3tuLyYg_}kZi-d<MPY|qypf>}1}cpy;uZzErjo4(FNS0q
zE7=|C$zGCe$5N|+f!do6mKJM(1dq4?jBsKWso;$gb+S5!Hu=lVMx!PMfm1#ncw)X<
zhRnVt*EeoE*4KLQo0Su);&Vz5_^Z=dM#1CyQs3cNf{BY<McH2UY}|7=$#$yxVk|Ds
zx;dbdwPi;$TWCU4!L%G-S8qMpRIAvvdptj5MQ95??O>H0we)UXMspN)G$}7qPYga?
zdNiY2x;&NNsZ32MjLH<oQjUZC=!motZH!vy>lo#OBw9DI)Rv5_j~vph+AV+l{ql`_
zz+NAsA|^cLPOXFeakcp0Zwr=n{o4k2Iq@|q8OK(a!}m5WXDK48(2L;8f1WTmAE`am
zbCuT?YI-hAsS1YgcU>>c^HWkG39WluBmC)u@PEzt3iao&`fn&7d|`CE9EEo8V7xr(
zz4+O$t{KM^S^BEJTxYTG!o(%J9Y{fYsc<#-Iu)aql3aP=-rGn2YBDOV104w)90Tz)
z!}`iw<TU!i)M#g|rSFn`tia?&<iRY<>PtOD$o`lMU8F>WQQBkay$9ExusEa^*>r%;
z+cR2tB3ITj#PoM9t20_61TrhNV)qA|;LA!p`uVyEx0OVf*_0&xhXL~Tqcx${z3$J|
z!u7_j*F0-slEXL9@Ic@em}HX(?Yun9rY|=S@KwFpA1!<)|DK=8J**H7eef#^p88ou
zpccqaCpOwBHW`X?52RB}ne;NcJ;;H7*n*zlkvD8l1VwawRLYPa+xfJ2vLks-^O`C1
zzb&T(4*vS|x{iIKrFY|u%B_P}BGyxXvRDq~O<A9)5%rgA0Y!Q}U!AAP>TbSMG5_K>
zPTOZ(=N7-Y+bmebNR$xGf!bMPY8^{;P5r40zXVh6y^dd40WzD(HBfcUMx&v@==zG+
znA9LZHD|DK%M940DNkirxp92oYviZKb`*pJuaCoz5ou7?(n_&Be@}ydygz+MKeRig
z(-AS6;0T!K6)c!Q5ej*I9LpE}-iK@y*=SKZ2Ti)kkr~^R$PNuJXIaJjpH7VL4y9~M
z09^*niYmTI6OFjNpxqA-#-h}-Vw<Lynvzy-5f5|hpl7_iqTHiIS$vy|+D=bGy!cjb
zv)b)I=i1$?#&5BWvs*occS8IsBD~&mFNv6I1poZ_Z93+@^iupKVnN39Z=IqvioYR!
zVxw8^!4CuJO0-_a_>X2vfF#&*s3s!n97=HEY2keEWJIxuLDjg8;dkBM!kufkm^nk4
zUj8gLH!r-C=$~kRp&XH%K0i`w+8?~P;hC>N{$mqH+ph(2hytm;5&C)8<GK^_=~^;G
zzfx?x4lZ{ptT*fuoQ1G~OiUx0$^T0J3GJ$|zaYm>Pe>nJL3lULn<%bTbRO$V>3DD)
z$4J|FhsdotPL!=1h=*3-Y4MY{<8%6rOF!Ie_~mx$7Pir{lVGJ&pmI2Oog~x54@#GX
z_dPm2K6n*|3(5dDe*q^Bhm)j6?&>c~PrdsD3dcb8JTM$#venu@Axepde-f3uwJF*?
zvmaj$3jcEIPTnFHrjTnsy&Gy6vhrCYwA|B9BV~f}^L|%^D@Z(HCVzfkGJ*gbl_s3N
z&wYXo$YN`c8G1WpWq)oNqh{o6v}lNNA1tkQ9=l_MHu29I2`bx>hqXr?UJ!Rp4*wi@
z{4#Yqzb0&4^Jhxo#qA$gJFR!dzC<1FOa;GMwkQxhZil~|$x$Qj9`97A?{Y3w>ItZj
zTz*pMxy5xQz9`YLsHamr`7u|6Gp%cw558X4ui+iK*=R;87_Wsj!xeYRs*g)}ZutRD
z!zzyCWy3w@-9}#<byx+eupx?Oxn|QPWW@|4kck4An^{a4b&ov%T%5&-388jd(D?R0
zX;C)ifWimUBZW^fCfE62HbJCT$k`y3EF&LFDUhP~v}$?BSypgY&^tcK)T2RF$ZF9p
zS7zt(<S=R@JA9?YgLIDYo`u?+z^f=wma&2De?<5Hylu<yHu2xfHqoqspVCjmPp1$Y
z6vA{H==@obKgZ?@x-fm@{#59QkX9bhz3@8U`OO*dpETOg>+pL`uKV~6h1D=mzEa4d
z8MSF;r4;Mg9B^_g&ADygqQf^y9_{NC@)rj7I^NkI{i8n$wDU{=I{7TJDN>tZ$4CJ;
z)B`w^_a>N5-%0mXq@wX2NrG+vg9{G1*s})o{m>oi#+;v!FYSFW8jz-=Og)w=6s_(<
zN=?M6Mrg;msr<=!r5r&x=(~Chb8kj{g;==<Wr}^J(ak;`-M<U-TP~Cs&dWI6v5C0d
z`m!{;oAI*p91XdGAdn&S_Z@Ae7yDkc>3@_`SfOxDEdZ@812$VxUx6l$#`P?jAm7K%
zk2u6bR+2@4VpW?n*s=H3o207!?3AL5j-NhDKUyzzJ82$CP8qMK*p>H&Pbpnm+>@KG
z0eYU=Ph}85P*e$8j2J?GqWve<nHO$7PO<n7#I)c0_^4R_lESA4k3Mczrx`D?x0t41
zaKUxxz02>VML#a_pA!;C=Y^H>&jN6Dvx5qNh+wsnc8>Ms&U3z-cZQT_OZg3>@yP>o
zCX1w{kPUeMkCCl%+qOuy7I;obpAUbzTCivnnjA#3-Y-ba9ckP>xbAShj}lS0PUG>a
zarqq9m(`VS%SEbijmJmTy6U|P*N?G>;Qb&+&w7j?8rF9@{FMMW`LT)gS4TbP@}{PY
zRm4pzPJQJ=_GY3Yh5g`}{q2e3D64FNHfn6%xFFL60b@!fJ6W_G{CU+OVOTx6so;JH
zsu;?}X@V?jy<9%0DFtGU3Sq>i)!J+X7J}4_SIXVx9H8_A{a;y%k(8E}Sdf0lF5VwB
z`gHLR1i<FkEy~=No?KS)kaq6#J!Hi1Qa@?l?hWva@22cw9N%1<mbWF_1ipMb6+#Ky
z7%vZr7)se_2im}%HQaDTwj6$6ZDd9$P@z}QAw_jhdb}qO{7;A3pgCNb2#bXg5r{R7
zZJ2ICHl>ZommM9MyJW2+)6<9W7XQ9l4h348+RdqoN}OiY{tA+9HeSn8h(TCE{dS8W
z>tmGt1(+V{46EFP{L)NxwRX61Qu+XeaFhVEN+PV>vZ>7TTtw<;uXb=;dd#6J_T@b3
z@v=9n=5^SH)35yee`1%vPgJ|;Psl+PN;8~FiCDa@>I+*Q&kW{^+NsR!AeU$ATuC<g
z^4^r(0R{o?(SNM+Fz@;SMkpCOXGOn55Yk{=U#rr2q2;BPPFzC&6@6(GDYuCCuE>Az
zDvyjJu8vGEkGeN^LZ2YU=2IsEY|vsA0D{_RQJCp<(&V=C`d05Gd}D|()zHb9;~Hcd
ze8$zk4R(cNy(n|ZOe~3W&BZC8V_8Nh=7TIMH}2B2+(=8C@F0uvGiIV88<m=m^%`Gg
z_m(Mpu1o*`-SosICI8MATZy9~r}F~bb}TVQJQ-5?-TX{PI*akJhWsuawZk^IeY~jd
zp}7jjOv%DsT{=s2q}^G}*w7ax`=AR$5VtW5%3X@PfE0~)uM1bvW-^QCk?T{S_=gQe
zh#JoB7`I!<440B2ujMBNo=%|s?pxf)P*~i2fJPzs>FW|f5%acR@wqvq#i(gMPzJ0t
zAKcjVIhJHdYV_$5HN?7BbtH877o=`*jK1#8k`^l6w5(C-Bnh(_{q0txQGAR1WnG@X
z;JoQc`l43fcy?oxu7PwvzD(F&1nMNQtjno2Zb{<2OX2zcd)29}0h1z?Xv<;WRc{P@
z@WG`zb*iIhH0WuEOrY77^X{R{9PF=_Tc=9=QeW*2S1G_Z);6f}hFGtIhi>LYnZB@&
zJ=IG}y92L|)ogbDSJ)Nce$`Ey{`QQMxOD!%rY|i0Zc`5ZO4n)l6^#R+Cqsa@OskhS
zIxbC_B%ELm``6E?li36dL%m96Ub}F#Rg~Ql7q)%Eo5z!<fsZ$OT@YOR)yUPUJN)1u
z{702_R+L5TGV|bE3)(I9T%6Qn3>Rd$Dqwwl{IB*6#+X(EI=Feyjo#|L9`o8@V_a{5
zks<PjPkXfM?$;${T!=@ON4`4l@MV1SOWg7Pgohs7_(f(};|S2LI$xNWPe+WE046xn
z9`qFh)w+0=QQLCx;`1uy&-U6~@y}t&>)+FG9nUgE*+|bi>@jp=s|sKg;q>cZS;;rH
zwcVcI`TRO2yZ2W3?VS(PjTXy4*xElNINaYH2hfov3*&P}V0kf^f>3_`Bg%5&9i{JL
zx{J%?4F160ewv%zJuuIu;X@m|1;N8jSmA9ENJVB-OYK&`lD&Ck=@P{?$#k&xk;RX^
zj-SQerlG4RggsRz0ec0q(ViMK*Q{nipKc2__*6U~V|645qV+56=pw|Sp3euuoE&~q
z_8KcTF30G_+!<7bMoTkA>ee`+MljZjmQBJQpoKoqp|8kPtvgp(dMi-G5h+pK{4=Y!
zlO*DUd9ZNfS<jj)B9b6qyb<>xJrGb^y=L-u(lb|a7xtb%YG?B;5d3LRzIQ4}3PDc&
zN$3eE9}X&d+y@=ONIYsl7ZaclB{>HUu?vGG!n`qE3RgYznbB`;R%OI9`F`r0u&QoV
z83Op$YxScKt^<N7(b$ZD<;OQR>M_5(Y8>hLi7Hi;)>GwKbS}mCy!B1EVLwG(hij+p
zMB7^0unPLKfJ;QA+InC2X%nNr@DncV%K^53CG&5ubWG)UfxULe?PPkER6#LXXI#UX
z1Zsb#RC>QP3R*|3pF(R|;B5l3hbH3_%0}9^3<T}_@z+?c3`zNdXvvLZO0hf$FVG!N
z7@m-P&pe`>-$bubvT5_I9IX(>nOyRd6-;4EEo13-Hqj6|e&oy~MEI9Uwq5wEf=V>M
zX-A9>59Il>z@_c#aPBgRqO&QPOULKW#vPB#_S%Vz)d}b@s`Zu<bx1My2_tK3*5stY
zJ-fEB>*X94MC7T{=QdE;?x!5b5r5l!e>p(MlEb{*MZ`T;!}Z6!L<)nrBe1Z!4}zd;
z(YU)9I*5f`o<s14EMX~T=dw0Wd+`YF=jJh+-fK9%XLYGd%+&ct)2k9YMdK5G-b1_%
zQ~qkU-@dtdJ{zaT>AvI96EJ$hGj%kW|K8Z18^t%o#aR25n=MK-EjYXMy&CxIA<FB2
zE|PBmKnpwL?M2VPqlI4qOZKaz4xGd4QuDL2wccZF=#{3=E#IZwI>h1Ek3SoJEdQI$
zgL*F1JR_8!5hLX=ct%@hAd1Fm?W@JpOk44Cqk_kiWlh+!qDGM0qpzw85czC!EECX?
z`h(dA4pm^|%MkJBMG3rB@f(>LOZ@Ht5zf{qRiK7_X)sW*%MspJc>8MZc$rUicvv`4
z<{eQYI+7s0A3#CDdn=xD!K81FOiFo?pJgzW%u{bJ$v{87{Y}eEJ$hm|NFgacsO0n9
z{Besz<0;>V{0*Lx1a*6e9Uop<!lK~^F_`p#!{!xVe^FFJ)W|1hZSN#nP^Y^3;ul`T
z#U9zF*8S>q$<nqR!c>!a=Uu%cxfI9#6TqMw7jE=n${jS+MbegqNRt0rJx(oivj-+8
z{a0_Aw9xFo*w#yf;ZF^l{_6)QTpl~2dQ(iS!{XDz#@P&e{;9aSvw7Hm3p3UD$o|EA
zP7Pei`+qjC-kDNm<^GcEmnwlP*EUQYakoP`9?8&#&i^;KV0Z>RrKeF?p)FS;oaI>`
z_CmZ=n{Iq9^Ox<kp2~QO){*!mDZt@}_c-*uyyFi8xdUi(fT`fRCOQJ5r|Gxa#gkI@
zEgF;#wPW9PVFkTQRvY^9;S8YxBX8Yc-lj}8<06WqnBVE7*yNRK-VPi2tA3tZZsqOB
zjq4lN#;X(-JDK?G_R8^q9;j2_`slDS1+LT=MS9Cfl`zL^$*xptND&;g-)gIs_cP&D
z*abN5#~%GG{T9>2xio$I_MnMggZ{&<uLZS1>T0#YE9G1pE+r|JARJgj)eOLnv4CoO
z(!BdLqd=!ht>bOF1?d%w$Vjj?VrtJTLYnOsfu8O@scO$5TA=dQ*Zyc_^_SNR!=|Fs
zZTD%IiSf?|Cx;ib%Do3uX<>|`#~wAJcfqS{EV<puzo>lj*B|B?6?(|kxh6R<-O-_6
z^jD2GdX=$Ke0kvHNXU5(m3B$RLa0qf+p9_~A^FXJ%0f`^^X2_qLqW0eRFkv_fZ`S*
zIfv68jZ4mrHo>iPuHytQk}~J-j_Dmz;bZOs?Dy0c397n{SZ}jN-;g7u=jQhe@4M@9
zXbUPd(d{ZPb*Y+>!$X~_H?ul#+sp%`(;qch4L}h4BE7;8rb_NKvpZ1O(;ip8yh+-Y
zhJe`r!Q6XBHNCa#-V{LrQP&bwK#GMfph!oWE<rj<@381yN~k6%2-pDW(ve<64<!Ty
zR1}0z6ChMYS_nZQv=H*nto=OuJ!g#b;T_|g{qFOP;Sf!k|2gM<-`DlKydT|;blH!(
zdyU}c^O{v)$7cB{>tofUh3Mz56fH9)X%~(AzN7lDv-?Xe)R+`Tj-A%c-(@hoQg|d`
zry%iilyJnvmhAcjOkj|4q4_cQt%)aOw&FE~CPccp3FbvHT8Xx;oNqZW^%8IJff}1<
z9q%XEncn2&`)W3hQm?t$)1CAAqQZ6U{FNYpIAGdJB2l-|?2Jr;MG+?Z^@`JOVEo({
z&Lm?9Jbk4362p16klMHAt{urfr{fAsn>Z!E)mr>|Ts2>yao0`<NBNmC#fE(y#o8w$
z@b|mlnqOJ1WTZ(Qm-8~=<j<-}&yL6E)hzGRKb7dyWV18XEt<}HDv96^&7674fQvrc
z4|CGREGb;RF4j6RyyMtDqD5X5IUi(x2K~$ACZ%WTYg@v{3cZ7Jq}Fue`zw>AJ=>7E
zHNNIQgLg*yoOvix!rV`;hu<DwU~8F|6ItB*t2>u3yMVqnnZ#yUM9+Jdv2m4I4R#bb
z#f*O7T8nB(TvhhMeDl^oN*j-GE0J1qHVA#r6wT%{{R-|M$JCpqD%|tx4eum9zQOVQ
z46oA1+2_V1gYBFCeZtO<Q-@;NdDcDYdbk`^B8<*@ChlIVvTStiWUL9|(402megdEk
z-t?W)J=_wvTSj=s{(w3UF-Sc)rIsN#6K5*hw+QVV)=gQD7Sutnsa_S%3>y1h+8~NC
zq@0$uFni~@8>I3em@?W{ewUxL_gYytJKpX#5V<y?4%e%nd+Ahq`3`0^H?ZdCL6^B&
zW=Fh|tky&VyYO(umb;?WPSzIKm7_WSo>x~<>q-S0?|QIw>|geWl!@0*n6@K41xk*l
z{rhqoO5#CBNV%^ww|!2NKYP1}E#*8bn`|YS@8D9O!#pe5s^r?ATH9vf8zV(ph<fIr
zCy-;6gQb+?)SmMy!QA6gPyB|%Map46;^mJ-@9UBSsEmKISvA>jazPVo*k-#R_Q+nO
zd>ornN`+;W8RG8i#gN%d!prmYKID%t&(EBiqmwh_kq9-7)fkL0)}HV)mDim3Qd-yz
zO_pu0B+Tmd4szYkBnA$t_R%KHd!bxcQ9A-Y@rR+G*Ww9a<YvGfbbpO28q8AKW&L1D
z5o><>Y{o+O(B@-<w{2PP45=!U1JQZVT}!X=)$8)%4gg*;(<PkuxC6iP=jny>61gVl
zn}>3hk%U0pB%)?EavpkIrfA%Vd@RxCJ}=v~dUubUVIQ0+eqh3a7cI+MMki@!rqNT#
zQ}-|0xnGMti=IX^o}BY6%ME`8AxwWlKJyV-Gaqcy3_Cq0y@}f6lMnE%N|%_~l~eAj
zfHsNzN@Dv;o0!341@+|n<T7l$-SQ!&)>O7E*~abcyp=q)OQqA%9d~MFyFk;4L<Cj&
zGIRFGQTSg&z}bwK)|y^1R5?h^mMZ9*S}HkrzcBIJ!|ineqZb!0tzC-M%Fa~`bT!lW
z)8J1^@wJ*Uk^6MG_C#$^nOMlxev+?sUiY3GZurW*hS9gj7?B*B0GIvI`4F1q_?n(<
zGB$|lTb38lfGewjw^gzz*ZBXazRTG>IueYxDjtDCV5@gVzN~O(D%)5TLo4pStLsrh
z#6X}!M9P)w^3kfprZ_ffZ1us2N|sOo9{o$0V`I8<^YVz<t#&ZxpDNi@eUA?hYI1$4
zDyM}$KFz8DnMs@b9gu%U<eVRH2O_qO_9|#&39|WHyTmGMtP*779q9?VCul+AB^1(Z
zD1*^>Ohv6%!h;6}<%Kz}a|p_IncdzHiQj}i>W%e{T(wy1+yz*Y!~D`xvQa}syXJ}+
z>}o4!Z32vjH#-%M+kPQbwY}Ksvg6_}bX0~p8K83pD&{Laor~mWp8CG~+F9l*Zf*;K
zAhL6rSB;kMb1|X#o@~*}uRFD040ib|sBttPH502FsnzU0aup4AOIsWLz{_o>%9VB#
z|M^{Yv7%)~ht6y>G<>ZTw$&Y1%=xiAGkAxqs4%+|7CBM*ZR8q653Pj1u~*$KBFklL
zKj5HNb>aFHV{h}|N`!oaJE2WvtTIVFnxL}u_Fe-M^bpp%mOFa4FCjNs((qb@C#BhU
z<VVdLzr;Kh<I=_+6AO>q@2Jyrs2b3Mwq0IL()xV8Sc?+7>u1Mb_P)uaVl;NS&nnL0
z@nsjGo<yA&yAkX_HAK<~Qr^Bg+tga&T}d*&t);ReqeDM6S#RiEa)pv>J*b(p6vTdd
z*Q3D;K59YqB2OMC`7#!6+ZK`6kA}kv8S>rZmw-Tfowx7fLi5c;A4i*fwt&b}9H!x>
z8m<Z-jFiR;9?<(lHuQ=9yx*|=_0JjMpd4&1ny*gei=M1SQj`@_%R$Mu5oNH5zIrLu
zj&1A@EfXDg!E4<40<F|a!4xa5zpNEFON<Q^1wE7|V8h3!HoM!2l^+!K$dB|tGPak6
ztPYP1@{|(2a8X{lcC4|l1MC@J(7sWfCegnwn&v&<brxm&O4F?Wzau<LWqxly)Mm_d
zmJ!fYIH$8rYj4t~^k11N=WIjMD!j**A7xB^5udm^4<kDu%fq&d<v*Hmh=@BF+@}ac
z*yEI~?NgmOR#zPl*G@MSg^_nqLq35@cplWPmxmRz0r(G>6H_qMQW&LS_G!qpha2wJ
zD2INtd`Kd9ZVj_AXZ(YTgE4*KnD-*1uBi$3UB?vEY5QZ%cL{PQ&xn+>yL~h*I8Ug$
zH0-ysa_7{NpoA~z22h#|Yg-FzLN-bIVG^(U2T0Dw{did;`Y+`pd#!<DY9{-%0q_)S
zDC_p*1q?|M^t03-mYB~*lb)=)Kjj<#pxti3@qF}2%J$Fz7GkC0Dzl#ia3K~`3><Ke
zTuJ0n03KUQ6+&uOd;sFLVx6=7YPKO1(iAJ~bu#N|-`2(0R3?c+Qu|zXnWys;CeDTO
zm!a<x4qhaM2upN4C>=MOqe$QHJg5Gv<zck>Y-ox~ukpqD9DtNLM7@g2Gtux-M<3EK
z3o{Q=z(6AidV{flXDtc_L}Am=Jv9gUnNVZ+V4O}U{qsED{jGO#H1U6<XIjvY(MI{c
z1l|?TV;S`au!=B~5UJa;#|JC3A`PC&oSnDUTuUDAG!1F^Jo7E|!66!vsHYF)-w52R
zn(p_VMI!%@IIAE)(V`b=Ea{HqNR8dgMC_>(En;q8oi_6ctm_neamuZn1XbDSFelE*
zxvcAI>mE1fCEhuFm#rmO-@O})wI4JL<n~d}lmGCH@#IviaDIdCbd&aE+@X2%Wt#Lm
z|195~>n`tg9`^f9&tP@88BfkGBgCgVF%7<*2N&e87D>lfu!aN_WhFbWxHNT@TxSb1
z9WJ1+V-=I~@Hd_`!IuRdcWh@(vq^QjtAy_aL35+=Nvm1Ks>QiVkl<^N<N>3Cs(lnw
z`^+kmseCbruakK$Vjil^|7m=N?E;y^|8{3)G^}V_YlRB*)dOa97ev50{|=n<GvJ&T
zLsbqNCFZ;wg{bT2u|+c&`Iuwj=55f6rxMnJwey-K*W<XLoz<IvFtw>No0OMJ-ff=~
zLjiBTH*M=xgO)<=CYz4k^1{-2wD05ykJO`%UWso!Bz9U|`XR8C#`^bW>kk8>ovg@}
z!8ojL-;LRkSP}}U6(7)NzotCXf3>x&N<e3CY@~=NYDD#<`(<|Z+MP<eb57g^?*q#c
zSfX#NxlZi0<54_LbL1QJbaIj0?-9By1}yrkoR0xJi9Nex%S*R3BCMsVHej%mQS20I
zj4hl+mA<&)p_kpWqfz&GZjGBtN{?L!uRRl|6KHFh4;QzdC-%7azd15SeFc=OKN-vw
zb!1mXKdaHxT?zdpRCa|x8;s|%yz_2yQ(?ZF7(MKCrDwcYRt>$vNauabA+UDK<Hu*g
zIpy(?1_Q$Mu`-7o`)1i6owCWzta(L1O?Eb7>)FYfqJW<9B}*sM@=O)F;=7HG-T^e^
z9E33XDZaDfSc4N_ti<@tMrL<*ZaApimQso;IBeYkLk29itN@x$N0)sve&&w*f&i{`
zM{XCJA32p_FR6Q}-gYnH{k=Gsh$B|k#3(F1;~{cni}Niwa=Lw&!k9`bJt(V1_kB}W
z%V{Gn#u0$l`@+&KF4y*WE9;Dls?3Ym%+8BKC+SX=BWekp8DwI^HFdG@#RXYgZYFC+
zHBBuF^HY&5_9BasQ?0$5tz%YA-rCDR6MBI&+_P!^NcHoX`}b;Ud^^^J<fCMsi9Zc8
z+J2>PK(PVuEihY-Aeg;<d>OkZ>n>EiNCJj9qbj?ic0ePWPf+-NN}7-EX>p-!ttX-~
zqL1mKokJY2S(2|1&$EU!n!3s^Z?^$R=d(AD`DD(UUFkU{^E-fF4UBd*g+D4$PrPuV
z?&p<%GX)1@{~K9?{|jZ~e*@9*|KzLq`+UbS0DlDg<1uo7?>~-YeRKeZS77db#jI=Y
zWw2dJAOVQo0>*AjOK$+?Ttm7<mNk$ZZ*)cwn}K$3geK5pWZr23%V2EqqSjYTicC^o
zy#E`>>7W}ydJM*;9q#dl%7e>8xp+ejC7||N7(#Es#J_ajFzC}*GhQ=UGhGYTErt%a
z_~m=A7+>bNF0rP32v4V{Q-3J>dw~R$nFt_tYBb<gZg<elL@bo(UH-icM3*f%X7(mf
zK3RbaPc`Y&MVy&+T0lN(dk6<$a)!zaPZ@o_48J#n<^T3oqKVl!LIkBvY|a1TaA)V0
zo&?l8rYf6~SG<8cx6B$$w5_T0;bcHusQI-P4=%D}vmIj3Hm6Hoo7URRDn(E)$kTX`
z`eDEBn{Q7wn)}f>Lq~?J*uwj4HGrQ4@Q7HPXj#s8Ls{}le&hxM$2=uJ&{Yq}gtNhu
z{#w+O?^Ug3F9%<G+O2%cbP5ThUND_DZ~?RMU@COa5{yV{0)C1ekAK&V38s)qjpWV9
z4?se=Y<S<U8c6K;TB$IgfYQXM6t|x8%!ky>ajc}ksNi1JL^P}2g;&|u1g(u83&;35
z&0eIZvrf2L69%P_umIUJ<}>WmG6lpdUc5@dO|;43F>l!3>?g^wr1MOP#13*oM#Ui}
z|B=k`A>NOsM+GB?S->ew)dnAinm2YfxVfff>T^CTM`Zq!-!DNeS!Ks<Pc-aK_XW~a
zIgio5LT2yJiG=1VI+aq62BeNt3mfY<Ujt&HRuXe<et6~(<5`8_N|OptAdB28`-k@V
zR{s9nifKtlBqgmy1KhMmR!539mNbPeYqDgkX>7UBUw?x^mRa@wXWzC1SNZ(I;r01j
zPJFvCqEuvpo@Z$YsOEguMoZuaql#|%E*W;ypJ61JR<z!U=rZ>(z@_wocw&QV^Hkve
z&8lr9zwvz5eRf$&6S8<8K%296y*X?Yx^Tq@2RH_8gm8f5nORxCcr>ajWtpuj89bKa
zv)$k_FeBH5`W~=nM_ref*`nd=TqvD(hsu+s3oWww3HL1;<|pRupB%TTX$5$Cs74;&
z!B028#u;|+Eq72m)wI5=Qdf%-XLj9HNfDhu1BeLtsS`P*r&!~by6c}3h^_~SIfF|(
zf|Gd;AH*o>%!ot(L2mHwDof1t?doQynQQWQ{gq65DId=#;$kk!1OjJ<{TK>aV~3i~
zzZU7S4G@`)15(HveFrJp2qNIz;Y(!XgE!9m-sF_9CTp!|H1IK65j&x92-$#K8nNdq
zil(nYreEZpxj$fPJU@pDcOeC;;lJIUIeOMn941?zCNQXVvVBBJT%W0{gb)Gj-aeGW
z886S?6>1dIcH=IUX)tT5BW!yHAyRW@bzTbJe$)AjLyKY2sLJx!;^~ZJ@3ymd9!Hwh
zI8_oo$@5`kpBDS(xhyS@;G_MON2R^aE9wpC(KhDm=ZgncZ=Hr+YuOfffbWJFdEDE+
zkCmGB(%26PY?oiXJls}5IGxU^&-ir|1vg%oEAldc2_olKRXI_y%mF%5?I+ici@n_U
z?cP%a4&^6ZYZ^Btrepnp&>G6O3ph+|POAI6xS5XbV^%5g3Ft2%3l1PlzmxX_Mwnol
zDFjG~7Yym?1dPEFZSKh4Xc6yfMs9Z8wl2Mr22|%0v^EXHGald8k?CgSs498KIOF~C
z?*S=FoAm8lV0k&^hv!39-%g!AXd2_jtv)OQ*f>7zEX(~#wnCbET*AI{=9s*vX3gK<
z5&8S;pLqX4Su+6B0>W2EOhuq@%Z50vc`#k{O{E<w7Hl1l!C4s#Hdk0MdEttj=Z*@d
z)!zxMh5kD;kyPj|pu|l9Z4KT|8nVvOVy9(N>3lElOe2hPh%>Y^x-hq_vOC$UPh4iw
zE{r7cfSYI27+T>PevdRdf4Bj-oI%?{MFm7q`OOeLRVnbS5CGZx1F^X`Piaez0IPqN
z&IX9{o2@}(g0bVxqf7##k#iotwKBONA@!ma$m45bTM{=r@RG=d9yXs{uUgB#GlcUA
zZtXPD8*=dwZ`-)$Mc!$)4W9a>kNpK(eSdP+!3^*{gVz>+112dLFZ-ZSgd^Z#lKZx|
z5Iu+38=9U+b$na)^NQ5<+8L|ufcUPIu#j4+toIc5lqnq_GzXibKipFDFeb0jOZnt1
z^6Ii9Ap3u4wd&2a);pyzXRaNRYr6>DC;1*jzeVh9IMU=kpd=f#?(#yN{&_VLuE)wf
zZ4>ZP+<SGrtq~_5L1@mfjkL9wdaLWV^Uwzeoa4(3rwQA3sBk0!_@;yqyV&Mqn=sw&
zb-b8HR#!W2!mLz}OJ08s+(r#{X%s6zk9k7m2YUFzTFgbEG8A#{$q#m(pEYh{rTVj~
zkDg^SoG9V1S=q&9G<Qdzw7xA>4qXON)=dEPddl$yeG46rvCZ5En!`z;yK*PMJ4SsX
zv*j|T)gq}WKct&|t+bdj*2l`XO~}g&_s;mo{9`@fNfGG!9l-wO^~?|>ZwN1SL8-jy
zJ+v^WaOdjgWy2p<=hAT~$1e-G8lbh6tjV*e%|pg&jXfQ$VXem;BQQugl0SA)CoLg}
ziQgDSC)pKL6XyKwQk8jECoX++&QC<e9ombn4jO&Esok!&rpnoAzRGt2NTo%U7eAgy
zIfTX_h5o82&|X7<4kj|JD4<=6Z!LEZ`~?U$$KA1HcMVDGaB4<5g}lfBi020jvs<s;
zT+DH~1N7uv&0Z7z?m>@w-}Lc8Wt<4W8&&oaKv~P)fUb?pc=baSr|%zGxbWDBsgv{g
zMmOY|Q+{Yqesa>U0koQ12f*5L(Kx?qg4=t{XFFAXbO0Ci6R;^AkH2}tay}2OKo~cs
zdHC?1MF$Lk)b_R9sw4m$42A<14bCqCLo#G+sCBiF?RLj$?a%EH{87bM3eb^qK@V;4
z2o2ny7rd>3!sa$OVV2*}NY2#jW7dAC%wNFZc0iPtusibqEGjJDzr}DiQm51bO7gSV
zB8RUL)wghqYu&KQknb#9;Md^U>2OFFC4B@CZl%Nb*3%YUV3Z0jF1ybni<6%DUMjez
zw(Cw4m1)Q0dUnH02%pK}_m+KEr^1=XV&@?l5#U-e?`GqF;Nq(WYxB;`zVHrgG+b`E
zVVVf1{R6lBHYc8qK5!Ryvk6*c;tH9$b>m9BC~r)QFqe;gi?6v`PQ=g@SAHZohGdZ)
zrTPS6pA3Z5xg#^$yt^c$+?g!-;H=dyIAH%AeexF3L$=4yyuU~G#$VC7rXzmHPB9a(
z*n4bsdT3(RPxGhXpfH)21rxTvg=`?;|F{<GhQoe6v63?C5vq0)Ux@x3&y$g67WJcC
zrWr7b<@J9De(S}hcw5z-k++GoO~B?m&rcjY_RgK2f|nddOgClB+zLOeC_Adi9C+bt
zEO2Pqj(zGJ6_hC^Q4+y-qECPRwa%WEz#+_cFLw2S@3J{B@UU!`xjH`qcNZ?dE>b$~
z>@x=nuBA)*2i86kGWLiNZ4%UhIogV*N*X`T)6WOe$7EQzb};JHiM}fjbak-P@^%F|
z5<d9D_h^~K>&ikE2-7uCl5HAhE$`TkrSMwQ(Y<O~HZ7@N$;FQ6T~fv*C>^?QGcaRM
zXfyge*RAd~;kG7z3}=Bln<@vczK@$;Cz`oU6uZmJf-_+nh&l;#uVIFQ&0=5UB_jdW
z)7QD5nVtK(grI7R_W3;?M;g02Hw-8O#uZJ^*L3Xr5UlpxvuU21{NxIQTqmD-n&8a^
zI0XU_K(UgU!Sbt&gHI~OrFJOGMZ&td0r(g)TFZI|Qk^F*>jKk~4{(F;&HFs=X1dr;
zI8|j)U#J{hIjD;{lIEKDGyW1Rqe`~z*XL~SF3R4X+SemJ*)#D5s*1Q<Ga+4+>fl@@
zprp-jgPakG59Jb}=C%bj5fHdTVzTjAH_+70PTNk+ol#m9i1Z8&)6X7lCw*dxe(Ygy
zR%<qk0iD@q%`dgRXOzEX$tX%)86;Xe+E*>*8r$7`+bsFIL#ET=_zALjuw;svvC5{c
zVWM{aLu5u4!e?FAcvf-dsBl>u-Kg$Z99FX}Kahdrnp5PS#R3QAHvHmzn^jSej8etJ
zo-nSBYXmjh+fn$W^cwCfwr6{q?G6-|6-OXLY^65(KRA7GE)z0k*A(~@R1omoB_H#B
ztIDoK<;_s##pmZ|i<)Kjtzjh*V1taxJ9*G{VJX;80q~AkRwCXqcL?BQbJ<PGjk+c5
z$yW+U^O0Q?pIJZrZ&R`)&9X>nz{7#&?dRT9UkMh1hXoSZlI;Q>1;_CMvRX>GtrUX}
zxgCbTJ(yyy6Q>icqs9+=Hz{MGkB0D>ZYL<y(LJPHW5;hmzPx=e`NH(}P1z9c;jYM0
zJ<m_Q;;u+8vD-!s&Y~HX`{Lu~x|#G$>A<(}&MT`D<_Yd2x`;O}>WNdQ+?IOIDDTu2
z=ku<+*rm0x?4kRmd?I9So~pKN{OqDS{+GevqwL)IangCKpA>|2SB%Fe`T168MPE?y
zG=GIR-sRP}w*jRWj)eP}&6him7l%Yj^<FCZmcLsi4O=@=+uu~lvH$?uHPol{Qw&-X
zZc_~<yIc3phH=eS!tG7BDs8JuRn%Y|fE?c<N!VC-VVK}B7~5%Om5pFKS+6)k=j^Fj
zwV*5?rk%|?*-t>VP<^ANacQEDr*Y^3g(?p>3vEAY#x4WNA^%JAr`I($Z2|Bw`&8*<
zV6ktcO3Lz<x#(t0-|D-Zf+@;k&020AT7Qk*=@4S+vjGxcGY3R~OL$QZU(i<fv3+I~
zG}W8BcKLx&Ew(7<XpzZrIs>4tP0Ru(gP2x&!Sx|e=EaDNZAur-J15HTAufe|+9C30
z8_<%Y>T)*ON1Co^aK9*(k}xOVvpqk~{u7)T?W#yG%+cF(tIIJA#wAxc4=Za4!1LuV
zrB6Prs-3;Vq%Ea5qN)hr^hW^A(DTyX{2P|vH?Od&Z-<{{NtLpnvz{+HpLM2cOM?i$
zzY`%U40HmXMJH+td2Bwtio?}8hFB2iu+sxlhK;njpTwAPKii|RHm*vdBM((bwReDy
zh`?=P3SHPhw>S{s<=g*Yrd&(WPP-zZ7ZH}(xO$t^L`hURESFU!m>?+#josd}^VT(4
z&DGX>UdhaV#yAcpdf8M^5|o!InGs5Im22F=eYptFpJMWlUrD=H5?=5P_#mcAjref4
zfsN01i__)Zgs{9$vsM4m3CesjDhig&nj?kUk>1Oh0bVDxBv7ni(Z*b*1!iiT6Nj5k
zV?%SW0mYjGUeh-$8~(cMqwhExm^P-EZ}PTjHW(LCOE?k@D{~QfI*WX=OLx7xZnOg?
zHIpGZC2nco>6|>#s@+bOs_nZYA4%O#Y_Z3*{(SBgIQB=*+4Z>GR|!eWU%le%mVR=-
zy%^)qxAfEM+!w;!TQQ%%Jm|y;CrM0s%6@R($KX~q@39{?6ISA2!1&z5NR$Mnkn_80
zfVBZrqKkbFk$e#TRUe3jA>F9M_ny@COH~VZpOrBTAC2BpsCalSTiGoE?{#CK>v;Nt
z<k4_^M$#tiB%QaVoYfZhFnh(<u$4B~cAC#!d}L63R-Hd==?|P|RgL%P(%0RscUsjz
zOc9K+bVHuL=lIB@4OW(#@lt}7TV|ybxD4`8;ZwR}b_f{d<YY;Pt!pzXJ7lUM%r7DB
zj1OAM?(H8kiUZ;<H^HRP>qp*`QNGYE4eWFCXq<?^R|&e))xV^zblBFM%_eqQi4g46
zn4wBq(}#Nl!wrb3a2~)8H5<*Kv1<*ed0`k!ImhpR0sp!3Y|~J#QhUKQ;c35VH$_>m
z*>@g|b(9}2Z??~WI}!Dxz$rVWM`wGwPlpYZGLJ`{;N}|A*fp_NPIjYg=X8Bc`;`qN
zzjB)@*sfhZ2}OV{d<j`scoR;4|4J=3s;6+|B@wk^cX1dc?G!r;-4hwx{x-2>9!<BL
zk(Wk;_VTFyU96uYGX+N>5}UoJ`o+vEzO$ZW1dmGF!?&R2GFV;O8~zz^cslV6=*L&o
zVVA>}lHeZA?KfU%?#}_Z_smlRI=btPBhls$m;XjeAJi^B^k~xLs`>76w~!(lIG|8g
zDD?he|0SuTt$SEK2oV)HbV7WrDXqme40tmKytSmxTQ+;jw!C@DP<+Ik(Z=H0av?H@
z^6OsMdy*;jGibNBO~*{tq7lvSVIH2CQlb8bN-*w<M;d*bqFE2)DoR&&#?X(OMXzZk
zJWjmC>h{)@@x7`8xF%WV9d3y-R=N6dPc$WGyc~5eR%G&vyBuC#b;T%fz~t3cAK%j_
z`GN{0_7c((EK{YI7looLPV{N?nUSxgb(DrN#e7{2EuX6M^pYznR9N<8DJ(^K=4E1C
zf3)$&EgXs4!}6<DD=Q)9w}<Uv+D8((ZW=Wf(rvbkuU@g9PbqnQWXHzpIhd#x?&04y
z0XJ5Dude>An4$lOH7^Z*j9t6{U>GKJTwip<Sr}$JhF^5I%Yk8hQ<0Y&r_|FSec!$N
zklx{Pg6BbD>0)iyul8I(!SsNDqsTiGm~BnRYJ~gZ11YZygHp1(96H%p*&YQ{S&cld
zdw;r^FENS#ypZ0P3#sMA<U_6sYW$(j@?Y|SvQzzrgf!_Zi`@@6WDN7}h%UCp#H@j;
zF@Q1Q4UasA-7fi}Rf~J6ku2T%`3j*C!Moir?ohssu}~<fT(F;MYjP30UT|UsUv1JE
z&QSN886e7Ff_YA9Sf%pXDTg%rTFau+s;`kQpT$|8)qtD_2GYj8hxtvbzov$Cqm_wG
zDHODFtfK56ruGKx47ZmT<7~Kxv>i(a;}_pKi6Nt&|3a%|pWAY$q7J94;M&f<<MK@~
z00Eu^VI2dCyMjZySy*+0LKxI>J)+v{OHrcg_pG2e(Q}vrXC7lmzHKUn7>Oy+xQ7)c
zgJ^@VW3u=Ax|x#a{D<2vsPNBiF+2xs^s&M7Hj(0?^!c8DL(Z&OoJbGH6|4ls{v>f5
zag6`eu;qu@XS@^o9UvjXsuQ<3pQ9EDgG(p{GzJrDH-DMY=jMmo81G+N5=51Y$7ShI
z5Bm5KszKF(g%?hPaE}0{Cp3GjXDC^rC8BUC*nS*htN)yn0}b;*h;Nt_oTgJ3yPq{+
z(dzy_7u@AbPiA@<rAKUX5t#T|CSxwzIH*N%p)N>RFIOF;OS{ns>s8N?6V`c}Pbcop
zkls9)_`DRCl|ovd>Xp!<gf(@B*N)sp`(eJ#ItLbMypXv{fbPu#U+Qj_exA%%>h)#;
z_hC9Ibl9`rYRlV%&pdv0i5Dcq8dPih>k!1@?g^Xnt}JHy5!G?Oc^J-Tlj~VUd1g!A
zvnt5=(c#?N?r7Vs+7Hs@U;mJ&d!3=ZK1cA(-a6X$oy$JC6VhF_>@&XV967Y(j+&5a
zfKkHdl+GeRr*>XH1iCeJXUrvh=kYNJY8k4@J~Xw5n3^NIBdEYdtiNXRZnWY4_H!Rv
zqYU1bm9;N={@p9-fm~z|1RdxNEQ3hmT!gLF2=Vmg&?@mGkylM^w?qQNwX@~me*R?f
z+MqsNvL-p8{o;%D(2{%T%b43rkUV=R$<%k=o!^6wSA}Z&J8PMS$d|X(k9Yg_Zc%!(
zk{zSe(z*Yqb?f6KTc9_vT!AMH9O!4a(|5|n7Ah^b3)#XBIDJ3lpCRCoPKC=^;mZ|y
z{8bD+CPBVy3ad|Am$No~`SFl3efe-QMHBn#JuI62+JmYoKU+VZ@eOmvOb;HJ)wj#o
zFT;*uZOj~LwjooWcBjgsaA>KHtthh3#JQE9Rz~lFa>x8sA5$4O=Rjdko>eK*nsSW$
zsrtcMtPkL+SnnV1uKfTAMP8L~8>g=0b~$T_$o4hB=c+6*eM+s9uN@Mt@iPd@$F#3n
z6?E3Fhhz__JPbfeRlcm#<cr*>*P1=mdmjSwi@f=0TLjA!&@SI-7?2FnFOy*auJzd!
zoleds)vXWFQ=0Mm8C5aJ{l70hU3<SfiwtQ5566ISM@2qwg!kW?;<ntU%kie>Q@~m<
z^OUEO$#a=$Dmw0Tv&pp+T5G>910$ioAORIY(h-p`bcvK23w?d@TSY}SL*KKOx%I3u
zJ1{i1D{XZ@?06+D1-^?~+-Hw5y9T%|(t--3*hqL72(GgVkSzX?H5_9+0LXMldnxL)
zN{4-P>vJzjSvuXZ(iL3ToNlwzA^XH%L7SsfhdU@q`{qsV8`|{MtegOMyzE-&RQyK`
z4tQ1g!#(uyrO-B?H6Kv&_=S)yn|%610nDJv64wEP#>RK9<Tdf}6nEO6P2~FFvXlUk
z#p;Onw`SaUI9g-<uy`=O+vSj=5ekfk_7^|6Q$^J~4$`e{3EE0QdJ&{f49UrM8{|m%
z5a)tTv2geWBgU==c4Hlw_gd&Y+R)C@Q0j-O+va6??mEl?=-{E(0~G^4J_xzvI+U}>
ztlJKTrALAsHDIAxZMtOG`-aTQ&d6??&;vW8`83cvd81Lg-|7nlpInC7G=8>C+<6rF
z39tfsrx89G=bo&FLrD{}phjTZXg0Tp;0iS2g7QFuKoY>Wf_{;Rn5S7KzL~*-GfMCG
zuJ-U71<+k}WZks~y($98T5;P<0W+O78-3Vz73drV<3Bvx%-O)TBwjq7h!`{Q+Bh6r
zKjcpL4IlY60<nx~NL1Tx6*oGPivI%(T<h*3Xw}t%Xu{Jw8@)4|ua(l<;p_EgtZ%oC
z3)tx<15&@7YVn_DsPL%s<R>Dj^n0t9IL^4dGqJe!_tI=VfB7l8Iu8-H-ylGw-St@P
z4x5@E7v0nHLSoJdI=Z*d4_U+?o6ci{tQG0$5H_?pFoz=J8hkde!)msxt`(=q>7)eG
zssGZXMTyCAv%^a?5HfFZK-K3+tLe`uUhia_rl<QJO-mH>mI;4@={>9BZm6m_1b4?_
zBs-UqpVNN?ydIa={B{384$ei6{|o2xUl~I7e{y8^e;eE7|JMoVEQ3DCa{Ety43oM8
z5QAabA>w;dV958q$l_!zfD<&+C^HeF3XD&kAKA*wKm&IHwE*|2#ySuRR@o=B`r0rF
zKz2|e&xB?x`*lXF5y?a(n#M#z{~<LV?#e1XnjP`s>HewFnJo|i#&z4x#rF12`{HLF
zO54-Hi&$Gab^n$rSsqm|W~2pq`3&VKZfdgAiQVA7vmab#hiX^(y;=kwCFO&BXC?AR
zV6|1V=P`0H1!0MU`+#&jkp#H`)mnf;eB%;IrGWk6n1jx`fwmulbOWavtCrm|@OBDX
zr>-)4>tOmMX1v8_QgsI7Nnx#1{##*NwiI6Y1pC>oKcA>6<*O?HD~Kt=W8I`G!kc$b
zb*kWIcgIMntyQo=7q8LSk^}FK&P1O?3!z^-C_lDEu-yjLLpF|-_cofpAYtVWO!s$i
zD{FA`AZ41PUH0o4DP0qM>DnTYkDTb@GGGij&66G!mb`xH3M}YoK7y#?6=0X*EemgB
z8I7|0I_fCHu8CfI+|G*5#<lT(E88gx%H3$`#h04<dfc+e*dnP%;^ob1tbVGprKjB(
z)Dl##-BGp7c(Dq5<!fkwJ<ozsnb;FN<XMDhBjAgabDT$Z`{C#2guf;jHxLr|ip)z5
zLk8Gk%2T(J9H2#g?*+&j13Hk|LHsd2okPl3k<ZKDGE@A+e~d||OWLj*ewA_T+2*RT
zZtmX)Y<p>-%t(9#l%zk8&#Z25?d@bP6UXbLtzF+Ok8~Uws1LBEOLgBdtuh%p?1Z%#
z=6lTonnqL3YE$_F@-SEZro<7?pSE_D5VqQ`V=(n}(OenIZCGYY=RfupJA?(Ply)5j
zV2;OE7SYKy_v+Bwja`CD5*?8}WC;tqP%F?crd-f_T}lralr8rM*dqCVaTY&wx6&1S
zr`ED<>2Y^WAcwhdP5Obkm6@-HRae@^5vFOY<10pRDx@e1!cwc%@Kad%WXgzN%nD07
zzbf`GV)Gpd`J28ot=02vm@6Hdi+Jq@(#uUX=!IFWAD<H-RA#bxhn-a^>{^<Gb@J@_
zLbB4-uLp7x7Nwm$-nus>I((8nbJ-gBukWL_<Vp@}a(2%G(Mi9n`F3S;z=UrwKx0fa
zq)OUO1MpX}(T{-dFG=25+mJ@uxIaI64Q$*47$PC&YYO3Ae;Ogx*nm`KVK&wayz~<k
zp5X$3IUphRvvS<{Z&)}0c1zIMXbBMmuAA@Y;pz3k1S@4y)7VC~Upmr5Ou{@qd3hql
zgr{IRsT-j?d@}SX@W*+b)ktvW!8_ZnF;5O*iF_)v^CJY-F+X?pYA_iWaJ0`IFHa&%
zyxip<4<dBcb{$Rw55E%G8oza%vqumjDrjM;U#=wv5E-rV(o1B{4TtR5@@9jR>q~x?
zXclv-+4T;?CVq%_6eVHM*mtFIG-=dSfjtL6Otg_VYyz~ipLdpK`3+|AZ-7j>$3%!^
zB0trp$M02V5iwSD&{IXS>*!VWJSIdYKmEPS&lqMDTfT1hL8X_j!N90rY>W21IbpYQ
zqN<^@3||k|zNR^s3xU36lj;~A%pW3M&-IFeORS?Wdq?jM(873*C)&%u?$<-`?dZP-
zFn&uy;VP#RQg$IXZM)t({n44XYELPJYj@uoZTC>~id@ms*t;jjG^GYkH}6lXp{AM*
z6&a4KSxU2^y(Hg{i;rXP^$d1Il^ScDyEGZn1*LRJGikh%u360PI-V=*QDy0#ltgZ>
zA5O;-z%6id-u-P(f_v92fMb6+qqu+W;!UQ^eu1%iv?^!A^26oQM<qI&Q1yKAqRT@@
zUY+hjVpGBQ*W@|&`GbZvj#HPKd>38aoj%{md0U|`G)t+0h%8cCwuh9Fd(Rv?)$2MQ
zm)<Dw!K#Mh2jwZEnS~zend&agy<7(Z3#S;Yy<xutRO7Nc)~$9%3hz%Xzbw@#vCY-$
zmVJP|#iZ8VcKL#SicTY|Lr-^syQ=Nk0HwZU?O=&70}Va;PNt799p_<Wr+zcG*&2?b
zgxsN!cx}wM>^t*4=Gl|KueK8*IkbRFR{oyCK4Tp3nX8Q5Pr^(ufiga7gCE=+5P$P`
zh#7OhOorH`479(Dua(xqG;)<8K_%2It;DY{FvHq1Kgt~pHSCAgL_#aNDi3Qe2>O`E
zuyWcg8*phb8TQkO->dnSBK=U~9H;Y9>NA$Zu~@7*-riz|r+@YNZKH?%-#mFa+)wri
zT1BMlwUd=|A#WYR!jf);4#Uo3TTA-iUCk?ecHfbO^<!)tAF9afVWql+utpuvi7yr4
zDt}jiNn|nbFDa%39^>JbM^W2%j=sEiu-%&utW90<^j!&P2R?VYs$Da(dVU<az;g=Z
zu~f0`M@J0>MI%>9>V4WV=NB1_QBe#JSrEvZoS$J2N(9I!>7K^>H1gN2)obxXGOxLa
z70Gh8u}Gu(PoKza+!CMRXs#2z_g*hQ3bfra+J$;S5JrJnX1V*hl1Cx3;;`+Smc|+{
znR2vt6XME^GW2zKp>hhZ@1u7KJ#+I1H9ucG(nokEn!J5$>?8SI)RGXU;h_jL0bK)I
z!Vx<L4_V-BVyAV26TGV-Eb@E$5IbgkR>}-qIIK;myg9zKLO`RrivYxHD_-i`>)QgY
zug}D$p5c@<QTqMmIm6hNF18~Gp<ECKiR{;R+>A3}b)wSI8I2=ejKmh1IB}&WuU!9P
zA@X2`gF`@c`xij-AccDSQ<=GnGVJq~b@qBSQaxFEWS=W)%jM6NdA48rGT?V2>Zz3c
z+9uIm-(A3hs%|jAwyZCFY9b(NdAjoFuym1r;~##W%N0LrqS6YB84@~jc<4FxL={H%
zdO5C(&&G%@j2)yJs5jjD>1G><%v)OFuErN1rk94>WJM{1`VJF+g^MX^z2TgS!NUrK
z@&roQeV6CUK=X~XncaUq#2n3o;2{>enxpv0_3q%&==;;rhnEEL_h>+=W%2EI84HG7
z)4U<mBX&^2#B%}NNGZDxg(^9@bK~dcmR#=i;7hIkR4Kfo*HxQUBoJ75KvIFKm3`3T
z;+c@E;0kVyOii!d(`f8_yll`sKXTf-;hP0mic`U!%1tVZl**qT0-W*=dgT|cOq%(`
zA%uA~0tuqVWjBqCZxx%J1PsRqmPN%Lp0aNxc_TTm#xSN9$VsblxVzU~tFaGNNe%8D
zyeqisr4qVDVCjzO%*gN&c~KyA^U1N0wRx_S5*kF;Bsb?@SI7q+PH}|(3%f)Jh2`)Q
zNOwHzo-g_Z^J@Sfmb0$lkr`h6@bR5w-fQ5DoGY5glK#S7ykWR4j7;YYQhSkp9<_O4
z8JzS5<vzRJRayR`fgC$O9|~0h_@*|wL#XImTGk6uWA2^Xqh2^4UE~`*JEmtD7~#Vk
zy&@9!vhe;V&!bH!H6B3Zp#Q~Y)sJNR=)5+mn-ydF%!<S<d(<Xf5e6h*+-{`AiKD~3
z&V1|G`-1~AQU0y-*lKgPHle{qfh+rZ-N8-hD%iCzZ#?n@3Ldyc;*nq|89nfv30DE}
z7%42l!Ee@}e;B@jXlT~mfNF6KKQ>0rxGTz5VjmaDXr276@e5>r36UxvvX0)}dUSXy
z-)U`F@ti?4tAa28o$K~cyZczNiO?9btWGO`#p<0_?Ahe#ZF8ykC}h3W33pzTs<NlD
zWe|Oc{^2o_*f6w`0~bynlGPYsld><Wn*V8Q9EC13$V?_>?q)JHcH~eUHM&N({70qF
z0?K){R~gK_i#qt*uOZ=KWkh0n8Q!U`!vx#VGkLZGj*MxG1XofW!JUrFRKEfX<M?iX
z#In_om3|&0@ntosqW5!gmfXbiiVs4k5{&Ltq#J8gv!Y*p=Vqe&u<ZMKWBb)$O4d|`
zcCZ07cw1L?snSKKEb)esg?kUEu<Gc$#b5DG*p*+9S=ANFO2@*g!+z0xS-U5hS-*oc
z<!_jHb^X64cA8A_7;p;)(y@#G{DykP{NJrz_OQeH(t8>W>9zAkQ$nvs;Yb2t5!`+d
zvOdqfV+k(vlgT41{|b-(zpId|rO`o=MwI>DkYjsrnLoABfa3!{J?$u1{?`k>Z?^qU
z@ucqf{@;J}Ul4%(zfpUNCoTS>GC!5T<WpTI1<}=YWvWM?@{^Hl33DT#bL{7I{7ivl
zBeLuG_iJ|U(5f1ngPMpg=u`ucVER?n5j!_gH>ihRNXo9pE^fMc6G~xb2U<;^nfYg0
z{9%)>gE?!*2D@$Pw>-xm;D_HE_cQ=)@Am{yx<9Fvuy%{*Kc0qB-B19=Buy3fFrMD<
z66UMRRTHE}73@?uqU$x|4R*_fSeHGpa1<}dFS6|RrOjTM%4rGSuP?ydf#@-qs5Pt7
zlfAcE?Q#sb#lBWWnq{pnG(o7a3{S#41^=jA|8OU3gm<QzAhGEUC>$qe+5#z}bg!bV
zIQu6v<1zrDMsM5WIO@?krSS1tMP|6P7v^-;!y-+y;kMocWh)SBLjW?4kY_av#!PTl
zy_P9gp1sj|0B3RD-N4Rt(dG-}i=diQn5vG#o(1Tv1hr!YnkZ}+AV$f?^a3iL$GFbj
zA-I{W@S)8%r)J<{E$V}@=S20-V|`8f&E!wI)t(dU$EkYcO=N8v$Ul`haDGW4t>kaE
zw-j9*7b>C)S$<<)?J?#mSw|}_edV$jNI){SE$w={8bpP80|5%+?@z4Ml+fWrS|j+-
z28V+kAGk$&{@N<b5CxpUTXHnb+&s_g1jnvy-v&`*yPYz+`%<~n*q%yA8US*(mUdNY
z>))r}oSw(Hvgx&m+D-@0JB3&u5Lov@GNoNME=mpSYsv!BS>9i2Al}``+efY&4`!zB
z+ZVsJyv~wuLG6mU)q>#Y$Uo15SlL9>_NKC(db;8zUH`(TkmWa-yMeFt{2zkBPnv#~
z%m_i*!Rc$wZu3nq+libI0Aw@sCH{tYd1k-1b^#4>n^kn0wrurO6xIh(4?MuKi$svX
z+xBz4q-!E*ztK<)(iPalBHSJZR@AGaL7~uGdB40gG0V{e(7*z=%TijzIJ|<FZpqZ3
zxi-cUUs>8YAGwE$haTP9J6_b{3#?t1u$~&e(&EPEVEoXb(t#AkmW|vqN1$c^bv`BQ
zLL&6L|HY56mhfiC=6E+#-=VqwOWJ?-dhlu}jU5XD|K{pFC#rA;$^_@MDii;~jSJA7
zBsHyIweU=oax8me3Qz75vw8bb!+_0)Y(0Z$g_7GJQkE+~0Z%LBt()B6%YyoxvixGP
zm!kM+%wZVtDiJ`qX-NqeZYR<*jD0g5LBeO8%A$*rR7XK(b{ViGV4A%yW~)W!S!-I<
zfqWTB2(H=(8`328`AwLD*W-&LN}kZ>IjcyYxMg-~=Pnh*d^<~6%Y@{6sKlM&`o8OL
z(cV?%I&rbZ*N2AULlNg|^RsIU7(M9MbWF)s@0#I`TKs`}cWcUzF--**WC4hPo!O(k
z9Vct4QOEo=>!xFeS9-O88RI>VroW-3k)*u4s$ezPcwgwo0}!DLF|^w&SE<kH<)4Dp
zPY!;YRXh^BI9yrlks4J7<jHQvWd`-2RQjSh2W>H}eK_lj`stc|{5vQT-eZgkXGh}U
zi*tVCbpU;i2FK<{&G^nf8eklql!F2CF22BLGoX}lK!uZn@!^|o`rd@vOmrBBY%O83
zK3WCf`OI22{eAQ7?CQwdhHAJp!t~VA*OUgPy5E>=zwr4s^bm+==aCL7=Y@UzL(+m*
zKG+*`WTjP8OADqY47Yn_|ApTN74S6B4qJiD^jSZ9*eA~2LwsXR2+__LRTMzBCE<`j
zK8UG_2$7Ez_al?CK}cuIKN?NOS5^(+fvSeE8?$?ao)ZL@lFBqwLUlRXt4Xbj!Fr;-
zv@mM|KvQvwD>D8};p_Z7Z)B<?NvfA_f^$M(Q||Qw1ms%Mq(hU>PV%kJiSIugb7V65
zr^;ri6a)@p1u~ep`0S|cO@m?ea?~97O#SY~%{tD*toIpJMBkY$w1C7t%c%xs3!u>K
zP_IqrrHL;tgOGEKwOqi`DKEg23MNALK<G;DGRBl>4YURzAN$VELbP4MVT#Ju!aYoz
z?nQaD;!2*^URd`A01NpPbv*qII&2}^C!6edCf`_}JQJ{u0fHc3KvJWr4F})-(lHyZ
zfQ%n{qMDDV&(t6h+F<whFfP-p2Yg&9d<$6Z9zfN)z5BC8&g1)E^7aC`^Rwaje}wU7
z_1_mam1!Z^Wc`V1zZTo>{0f%hYgS|{j%N5GeMa(#TbA%DK1(8$l+9a(_D*HMx#dHr
z0XWn~{?d5Asd%HO`#;+NsQD_t;%EW)tsoXtKbDcTfnyTN;h|J*WyNH8(RO_1Kh#h{
zOkHL9{;^cwu~7kSWBV*mpm=Ovo@-ARGwr8de`tU!((`O&lYAVB4g>mqKMOqOBJ!yW
zZBbg2JSTiW=YRn2hNQC6(!Kz_Y`H=1+$RmZ++n^;oq&wqj2{Q(HTj#Y#~JZeA_I?Z
z>u$4%r)@O1nF_P;%oFoxWqD}s6WI|PZDmMR59jZ74jkWK#hLDud7p!pdbOeYT}bi&
zbP!)bx7s%bq<|7$%I3D2EZ3P-ar2>s3Y#grOjVV|%v#o6Oc?R3+SNugDZTl#Crz`H
zqgwy1#`$qgCSaOxDlk#SoA~=Dfz6LUMvDM~zERaPa}i{soJgZBmo+Nf)GBfN0JP8m
zdf`80L)~tsSSi`i3ApK49>3b$L}%>nftX*&51;=W@7zS#R$N`fi>=RBa+{I#*+sTY
z_F@l7Jneg|4zdfNLvtcpL39#e5ZrR128h1->k*|@haHvaX4lTXKAwosKM78*Gp`_9
z+;?!M%`6#+w(D0yS(zVL)j7a=US#1h6j$ZVx@h1}*gZ}SwQBLrWpmh*%vTv^8}Nxh
z>`KE~mrTiAn^fxtXBMJqU2km`7_ps%K1xB2hnNnwGXC>2i>ER4@w+0)o$$hihI@TO
zn@Sh%2)U()*dl+XKV#8YOVZ+XnXO%0)4YPYV~Y%GIArH(*U0RNTJ9NfYp*<44UJ0(
zCZdXF_c-@=I{~XV#tGac{2x^pol?O;<~rKo%ilpexDh4Uv2_>QLW-B4e{iYpK_;@x
zX)efsJ}-;4_TUQ1;YP!Rne`M9k5mcBaZMm9V}pdHq7S>M6m-6oLKI}i74Kt{Kkh6=
zvNh#5D`<V>gHLM?7EQLoK4qBP66tO^(=Op*R6!^APOH{^L9DwW8CvQP{PD{}#bahV
zI&~XP{DLVunDV=-b|YENXXdHyi1~`7Edh`z2=Q2Zv}Z!)!$8xb3gZ0=p<f{OWuGW#
zR711W_;np6PZpcf*K7XPi(^35Jle6=cg?U3uK!KmaC&`F%D{d1atR^n6Teh2Rnz18
z_Y(Ujj$~q_dOxhOP1LgRdD^rXIV2i#1pGuBdo;yuOqq$OUw&A(BKVN#IB*N5&r11X
zjMrZ11b;Xtla0@(fhOZbKft5+NuElj8AaHmc4ivU&Jk}0qL|pcG1ZyJNOrMM`sp*u
z8xBCfqj`7CnkmLJE9cCF>L!p??V{Bpkr1>#7y;A(RRElb8<6Vq26ojwHEpn~#f9QR
zqX20O)47Ea)|35as76Y)-c#!1!y67F3)X(+1NJ!n9<KITx+kW5ZFfNYww-qQEM}hn
z$<{Mkd=0n|2G95l<G=_V^+5r$bq2f(hXJE?p+ss(ePOrWCK5RI`|Io$yR&*YK6I`z
znR9XBYk~<%2rzPNPg2egU)PQZo0cK_Q6ha8Qp)mR{X%!t=D20tSDCMP0$dv|Y$bPA
znxojm1ig|6#dO*p)cAmWpa>9#;r;DhoUOpop!~r3W$IFj;4aXNPG!2~x<te=3qK;%
zMrltJiw#)=&Q0*7W86W$Ynj%^>R$}rDy&*XLRCV)fjB2H+6da@p2Q3Nb_?$MXnQb6
zu~&uR0Xou_=rcB>7`QP69;ddzl}TU@Z3LpTn*}Ktzqy$<7X0N0h|S7+3UEAtVPSsD
zX<`?k=ufwZo3&caL&Z$$0J>^CFZ{PQV64>6`0sBt8v1;EvFQ7uR8u%Vxz7Ig4pLBe
z8oU5E;K_*fnk&D1N<~aK)cX|p_<%2{z9wv<(RL!k7|p5A+1j6HS76m_B^v<*h>dv%
z;C9Z=6SgOUU4ra`fjPLauXu`*a<GhN`=6M3zhhXas@-%Q%(8W;MIBZ`h;zVLmhA;S
zv~$zqgA}WoZ>~>Nxq(4+J(t}A4rwk0{?R3h2_yGvxjE6R#-2(q`2vLq@k3U6nVa+Q
z@V&U7INS;j(^)6~Qp3n8fDmw}p~`{G|9E%*ykV=`+=b`6ezdvs0r0*6&w#J|*;OJF
zB~!MWJ2wpIJ~5rpljN=Fvm05Pvpx$oEz^jSmS&u9*X*w0L-D*bOx3ov?ftZ&Kdn0p
z&b1R+e=vei!MglUu0=#1_z6TxoI?Y9EA5B>jXLexzul4l&dm5Pm=U7><l>_e?~-UW
zOC)&31vgVgjXzV_=n!}AU-*v^Dk%B?TeCX;zrSli={q3O<LL`E>R{ciz{m#ON`iMu
zi`b%}#GU`Km{k)r2D~0?8ra~B^5*KC)c;h?F048w)Suy1#>wHlf6S>Je(9C-TGrbO
z`OhksUcwDbDlqTw3Db(<V-v9c_rX{7^l}HnJ69I^cbf{XFe*3nL-6r<&-oLzgVs$=
z*AkWb^RsM~G*))jq;Q2X{Ot~AnxKHSULL`ek9^&v0E5!cQd!R+orErM3pl4`?cKNt
zo?@#XV+M`?RBcPMfM4%TyT1eA$X?k}BBsP@LTqzhLA;v4egqz9IR`L}o2e+GfU(%|
zcn)ozI;4QAm#{{B%TI3n-r)C#VI_o@GGw^h+fJS73g<Ux)#GdxyJ;#>ZFgurwv+iS
zkCH{+dwcIJgbECO9KxTJLiOd}jjm)FZZoR4&)FU$_3d(|^vtR2P)9Owliuhh`)PHB
zJr>KVeZFU3d2oEVZAb<cvoQ>wh0DBcN2C6_$ld~HmxuvkG7AeN2~(*R#xx%$MRanK
z76MOewb3~Iw4ufEcn4U6RBr$+$E-}xaTpa0pJ;}6Q5)w_*e-uKboR4yet)XykEj`E
zuvIwzzXj>7>6@=m0PEaG<NaILU-kdMQy|dO41ZQw4mGW7^Zcm;+)SOA<?m*jB^nup
zW^k)DX2|+<i81EM`VVd+pLIBxoakpSXR+Y_U1c@{iPt|d?`U>V<Q#!y81=uJFtSD*
z&9&SLYoLrA2q*DBevJaa>fpY*E0$2x`_YmyD|nc`ArE=qiRIZQ(?z)us@>FXz}~2X
zKCQlw|DWs1&i||{CBi=lu`d<TKkdQP+WUdMwY1rLWCm(S^XUR+^`!j#lN2Ya)kNMK
z5cFf<8<adzY1yk3yx{<j?p-zg`B$9tt;@Clwno+i)agfRP_)|desA8Ebn!*I;cqo%
z%M*KMaGN!BlIR_Wr1UXVgnSEZ8vg!X>~){NFKt8v1Wk@Cu^dSp!dwp-DU6}n>0EGe
zl`JTr+yY?x*WQe`JmvsS{1+lHhNrH=Z(dcKe2v=b8lMryzr0(9q5d9_Yy_1zni|9?
zQM*|W*(j+no;{QSb?#vPhJpvVS*^J?U>YW1S>shue%Q%8Uftq`o<jh?iMdnOt0+6B
zI@X|Q0h8uh^AMzv_y^Mu%8osuRiUBxFMdqmgV5q$=4eHyT@f$XXgN-fcf^(xmuMO|
zTcwZ&&`1Bue1_W@ySwHDOmOdKgMP##TnEn{=e&ebNaj3p-sLoZC16@;N*RZi3<T}c
zsQJJUeQeW428S@_2SAK%^Ty5I`lb|y|5eeFLo@QpS#2_cbdAI}Tu!8QY)g`z!xSna
zq$Q8y+b+8H1!cASw!6g|xMh7-haH3e1{nl2L*MK*t!WS#LO`dro#lJ7K#vb5nQk5=
zNBbfN3DJqF$6tK^pYpyls>!xn6I4V&^tB)Y0xALm0xDIiiik83Y0^ch2}S7;nxLZc
z0!k4DAu3Hu2+~5YD$;8RBvh3e0w@qV%zk|5n|032`7yI*tvR!1{G(=tkmt#r``-K7
zSK&Q(!kRBuqB@GlzvD7JljF!V<{=_fI@*GTrgJF{DEllyD7%~G_eZZN<lI#wRh(zH
zCF3jdlXQ~gzd!+ciV#3V8xX*Wyg$8KaS$u25BaJyx#dqVSkiycKx<Hf7J|2sUQ5Pj
zek6xhT~BFe`S9>kmMN*`>*RXY<@hESt6pjLHjQ&~`dL?wF%>n(OAy@K9Pe6Tg666k
zW=;6ns8*FE57_0t2aibq1Oahz22i3A;?0u-eAbBQ0vwl^bURI3Yf?214>H`89rB6c
z@!t65HDw!LdcvqE98vwiG5%Hg*P}rneHH3JS~yrv<P<q{b}`)@qYqJ%fu0a?noBO{
zyEPp~B)*p|F|w}R3+;rVN_-Jypdt#@jZzsO`WyS4<)VOr3q_G!XQnpnS_e`jtA2;H
z1k-E5z2<hJmc-JI-wHW_o4bXVYmxF2;bN>u?pUe0AhFW(BeWSqt(>oayk$^;)ILI5
zulinsj4o7KAmx%NC}^s;$&=tpync(4K|4N;)0I2+>i1Z4d5tGw(5oQd*86_Ld!Rdb
zb<{GigYPwcxCdWtX6ds&44T1pkpoQo`ZmT4s9a~J0S$O3*Z}QdVNw9SH1~w&!#tLV
zV~)pQ?HVVl&CA=h)aPb8WW_7DN1*mwf!8|-diX$Fk!}Pcz3s#9L0HIZgm3J{Ak7aV
zhFPYShp8rjtZWF|Au`c0UcZmHEtewJpIr}JVgzRutT7nIkvH~l9r*$l^{$M340emZ
zPP6rO1%*<8w;5qpHmGU$1a`OuX@j>d#$}+-qf~*d`#SW11BC<hTFxQAk6x1R9HlF2
zel5UoyfsOUQZ^FGWQ4a2K-8ONFv`tI&|yl>N>ZMlOc_|WIdWa}UDf1=@x4@0W?r9n
zNr7KEx5_IzmlrpKdo4mqA78D--yDe$Gjl=q;oJcDmH@zLiWtM|N1K6o)>t)LuvQPc
zuUC}px7>xo15ro+K&fX#NcSQyekH=RZE9g)lJnWHf58BgTw`)f2@IequvL#&Yo%`4
z*n0QX2E}LEG)50)$FlD4ZavEj{;7Kz?~ioU?_UV1GTgg)h5fY1YeO7<&Bc;DerUO?
z5MSLiwC|khVPVQE;U8PXJ%Gv#wkvP9NK*$v_&-pX2V&hJqRSJW5gJ};xvyS%eNl2b
z5XZ3xaf@V~%r1#XS%;dM5bLti4O%1g_2$dk%%bX}<OZ<$59tx8+Y3KFrbM<CyM~S^
z_643uG9_KICRSDbTBGjWDKs^Qnd70cJgJK+^0oe*`e-XN{HVCcP8p(WUk5Sgi6bZ6
z3Xz&km;n{6bxvDV>K<KzL-=#2-NA~ias5_JB<jv(YiojUeKbtk@_u2tGgxbE^(@Bz
z4(YMEY;Va_YvXdnW<TeJKIG7+uCFbt1exuW*hvAQMQpnk8|edFEy=SQSHR=l*SWP^
zy}hdMo^JP)#fvCp6ku9yxmCoit;tB(VJ5w8h*gkgw#>Krgtp5W|C;%+*GGMB0eYVy
z>@B&j{y=a5#d)$FF``lVg0^1HzdpW+tBp0a8u*Ik?~YQ*)$q}d++iM}o%7!sY>^u0
z;rA))$yNA+Pl<6Sxc*!jdw?bX*5ZZe(b}-@ms<S@WR$1`L$jheuyM)&C~kZbb<FXw
zkWMiOe;t}%;c~#E{&5#pOk({~fH5&_3EcJFsF`G<>VBoqL<7+mf2fP0OswX(UjPz~
zqhj1xPsgopC8kI8eM80>$rTQK&BtyF)8fZT%PgnX_8hO2ioPEk(m$`re=SmT&yAh6
zPwPA18A(-FWy}rBPs;2-!0w#CD%POpxCey^HsIHnTV~5<bmbIOTbW1yt!<0Wj*pdk
zET=f&$f0hRE)R_jO0{~AFfyB_X~rEw`5U55UTh_<4l+;IXN@<RN-RB4YHIe$9`^z>
zh9cGd7e6!Mz?QKnFDs(;*;-H5n@`t7B5%=X%&f}u!_Myn$!2;5$Qa3~caLQNO2pr3
z@W+5dCBBM|sym^DN>_k9Z5q;!3#;9$d$e~i|Mqj<mnng`2EL#xbw6w&^_>{V%JkZ_
z!9F>#>=O0$a6ld?sVSrC$E|@bTHtD&b6+QPXM;iR3{yRp0%jo7yCWN?4qp85&b+k(
z3*pzW&_1gl7Q3BS1Lf9KHRTc&H$DUizjxg|7%Rg2Qr=^!3L_66g{2;S+N(rY(9*cL
z?ab8n+480Ky|3hcF||kHlBgzN<i+5MPz-Tg14EDq$9>+v1R=H)EvG+;Uv{V5qxO30
zc&x+OEuoWylBiZ}^;<0Y8o23+qm@orx+HI~%!MNKa;9)HGYwzSwWO+3d_d|&OnN(X
zz7fGWjBj_aL-&e<fG<MwMWs_h@9h5edmDj5OH|L?B1m`~2c7ZYY{k9TNuIs^P!jYs
z&|`F!AGA*e(27V%wYepPT#gL$F8oQ9Og5u7;)(BCxtfkx`GIL5XZiexaj!-J=Yh#u
zHI1n1slZlg8PBF8fcK^7Br7&1SloZe#(P1^I(87r2gB`TCI@YAqQO7p6Xx0<-mMc)
z#T-}*=WTh92FwqY&yl6Us4AeNLJhKI1S!m@GV|5fO|viM;vzrV*cMYjv+N#g$5bp(
zS)-7l{_|0$)y%hY^-}fiebrQPj;q;xImrutBbOT!c}NhAA@4nVSJKk=3!+lKDGKE(
z!@CvHmj_+ApT`>I+_na^tN3e#uJ`5R$VJ}y@qS!dXF5Dfz3TY1$~+(PSl+L{D$*gN
z-B1Q(8Z+Q-;kEPdpUzcAJb^9j?Co>Iv(;c!ax3k*p<>R5L>bp1Ma<~q#@V?<*HR*?
zH)je#r(iiK!u<msY?9Je-#z+xqHABgRp3;59BA!sD32XMcl}hPfR1)h3VCwPS2cv_
zi=;oU{b$m2{~v6A^S-Pt4DT!d`G%d|6IQ*V@8(_GsX%_c&}=q^(_GPKap|mkEaUNw
z)>~mK3U-(_AQDE#s`vPUTFR`tyCW5+&je-lr$i|_71*_T1d&`jYLLBsljk<fS!Mp2
z=*AfKd0PdE04TYk2cvFYrgt>-oRjTV{E)34j8yCPnQyOAB_z%y!C4KEdEh4#Njn6N
zyi{)2%2hs5#XO)Dgf_j@90V8&PA%MMS1zpDzLP!?uP=<Lq5a8@GTyW1K`g;yYB(0#
znU?xyFuPA*l?t+6o9Wi2)gOQjGL1fqnIkvF4MT>2@HvaZc~!WWBNV$tXXLdLlw*(}
zwQXLosh))?eem~GU=SmIT}UQV#4+Uo><)(2co!O4ueZ$7%hycQ*u@p@M3!g3+@SY>
zKP7(fFNbZI#3G|yN+e(ex*DnDb&~cKcXbkF+#f<B<fR9yt>~*izGhI6o)+N&1JyU$
z17#Kdp;!7NyAo8gv%?00+Q(dx-3b|NVWS-ryV7vlZ!XZoIR*qJVcd-Fm_MDsx|1RJ
zZa7TGuefCgh&=}bWYbQZKIu8?T!uh+d>_n=eq}hlBlo~Klt>)PIx73I(XiWETHR=y
zboho`Cl;bg->ra=R`AoeC@a?TUc<}jyY-rIMh2~q8<c;QNV|4+d0p?6T0sV#L3k%j
zDF%k>oyB;9c7X2X8SiXkvxyr#Ijvv76O|<a8K{Jd3Hn$-j$7pdozk0YVU}%J@PwFY
zK|#jLh<y*7^B`r&0r+9>PMImkD+?3t1)%pRnVVX77BB7l<CGIt8c3K9$_^~iYgF!@
zdyCBC%RDk6pTf+mt>3;sExz~xr-6od0OOG===#+3sB1kj_Xevk5}%9IKz`gh?)xbF
zVczh=X=GA%xy8K$D!*T2rt}n0b~$sxPkEH4UFH(H{<MV3CF8J<d>%Y{utH?TA2z1m
z6#D~|41Zs4d5_m1OmAl0RSo8@^8FlE{-f=027vqNkOZbl-~|MGwQCWh?64EE=^FW$
z*J1g$mA5AOA!ALa*nib+eQtQ$sgjV(WMRd?6rV#c%7dZxz7>Et+CBdgSPDa`wHO(W
zwr40KPv_3%D*Dz?K-6HtHLl)jKl~KDt1q?iuEb3Xzg>&svJKrmXh*UL3jNa<wUthg
zA?3$8Bgwn?!H=(GSeifDlP2Ljcj|57%r#1N9i}2(jMwkRjJ~G_`El0uF&m}7?Kl0H
zG9`R2qa-kMn-}RIj3dJs+Th(1(@nV#Fz>dYaxH3Xf;|C(c;pJ>En)k2i>l=WOd{8D
z?t7GqSGxyMD&S~K#@uANYS@5FfZuYHQ7D&`I%Gw<TS)$h%Qh-g{`9vLMDsq+1`69I
zv_vy;Q{6aJ5z1xP=pg|a8%3n4Pyl5$9gGZ$dz*KS{{%Wf9-Mikpb1*ZzswEB+5xo9
zxz@@BI=!7pY-gg;Z7S=#k-C50rt^31idin@E+vr+-)1A3yFbq;Y&_+k>Ag&_O~h{p
zn}OXPvK<BR(wMpbnU9rTPCU|s08{FT0rOcCyn*ypdnAI<Xt_^5R|UP|xje{E0}Eiy
zRi9_h&9R>jQ;F`IxA5h;cq(f)LqVQFuDQU;OJb92JI*LxrcqreaUzRVxoX1wk`}}X
zL!Bt;-+7b&>T~aefAqCjrpPNmDzj71Bqq8F(k5InGoQk?Bd)TXZI}C@&HZ2X+Gxy|
zF~m>J8ElA{_TO!e6SYSo{lLoNGKu5TC=7XmuVId$aA-YEX}?b>JBs(D!}5><Sz4iY
z&*w@!EynHVUD%*X`e#B((U$WjsO(#GWMl;9T6bZT+eFVYsw{))nAetUzW(7+usk7y
zCuJcsuYU)f5)>r+d+uJ8^7L+F5$(sHsu)<JP-gg?qULMao`&Z#?P|D$<%C$Yi8*re
zYxg^jU+iBFo%`7TAV2*ptj-6;{mgh29W(NfnG7}atHtv&zVA;IYsO{C+#fk%EGfUf
z)DQkSR)h8|f<apsG44Z%8=Mi&a;&=9!a5fbW-vI3%dC$WO1}nI7_X>!PL-`vC!GNH
z)6;R!$4O7?t+V?3U>1Vdm>JcvI*h@Dy$CUM8gIv9Z*pf()VC!oQG(*jL;mZFMQRTI
z{IxCaWssfuFhUB2=iPZ8Qb8Y)jLe*EF*L(Ax`=Tb;u8W`+Fmn|R&tzh8B2DSgKk>J
zX8td<PnSk9fKcVOfzV)rH4tg0rJ&8N8^M66eul=0Kowbbe1e<b(SzU@NJMEocnR@%
z_UPqW<y_k|&-X#{0Nq_W1eBWWpr)4j5oe4zE#-S!GQgpfQ5r0}lH`kkvR^aGFUg&i
zph93T!2TgX4Y4ShSLN7q%_>gRxcE7{Xc@Uh-ZQd@W!)eTzAg>PfoqPC`ATwXNb)L7
zR>GLV##C@^BVsomC9;8dK_<FZS?fk}+e_NF6@n4NCtf8#Q^1=CCi0P)Q`N^|NPrd8
z4XjPq#k#-<CUI$o2wU-OnE$UklWWnIy+A}_U?|=taDfH$`6Tjh29|!i;eRM}H#fjF
z5_#zE|D{@}KYTQC1E4mQZzC7Nq6*BTjcS<6>D&A>`e1nc*sdPAgy6pa6GIWD5a|Bk
zjGy`6yKzsSL5Xh)r>oN{$!c96Uh%IJK7&ueH4#nBGWzuFu+WPBt!~8x<Key9Z+?FO
zuZY4&j#FzuxxfL$I-6GA{eHM}ZpwRSWAP~Tb&D4Uc${m3w;Uz7pRzLj?JVwM3j&_I
zfBclBJE3HI`(pxr#~D9B?l)l~K>OZ{bN)O(3YEz>>;aXP8oTzu)*$1GkLh&skW%I+
z7&IhGqb$Q;LW4j6elQd<M8v<nI%T+fZrlbL5g+8AD~9H)7QlL%t~AWxKY7l16^TJp
zfZg%An{L}|iX(eEb$#BuD;R$BdA0fHrxqH8uzk=^qP8~)L+~upg9aW~TY>}{90ukQ
z`O}FTFwm(f`0)?N&bhbcO)j64e8^UQt*At(*ydWZL~n*SK4)&))${Sw=UY!KYu7Rl
z<gR@mx*uR=R^*npZj9B%Zso5lu5tTiZi^$OSmBplc$g0pyoUmTkcdVXp?dS=i_m6R
zG=>8B_=>yJJPg7qKQ&@<8cQciYM)6tbQZKL{y-gSm#chG%ozX2<@Nis23j3!Lg{L#
zEq?Jr%wysH6E{9MmyC@k(!j^Cw0&vr_4xxC$IS)H0@l1|`h@aZu}=5XZ9=LVYVX`^
zekJC<o*7gfIJ;16Y(D!c#TNub`IPO<R~MbhQb;KI3`A+e4d8A^*a%D9QhA?-R&#13
zgjjaWReBd9^8}@hZ}(=QOPwfTxIh>&W^@^@BAIRirK~EuX0?`ic46XMs=M1z#YHdD
z{7dd}bbr$(Xm46&D1F4i+y~S=<5D*hY8Nt3TA!<0&NXwHw+Pq*sjEE`0q*;kMyN*Y
zY;5{iCA5oql`wtEW6hL~_w_l(cuUKUWgPI`8WHcepc@4MVGpwIV(x1lqCVA(a{|ZB
z-ePC7L`C2HLEnbFRL0SNhm3m<JA<s401T}T#3zsY8R3lZ{TX*>zIA}aajIdFv&*^)
zxK9zh(oN0gDtEyg3#($EUcJ4B1aT@$_`IETHdY`2vj^Pzx_9rdD7tx#bqF%UbF8Yj
zdYf2{(h><O2qUc7#>&|+%cuwtQ8KiW@if8_gX;A*1*38!X9aLe-^i@_>e+TtXQ2A9
z;NRZcf+;l*etrM)FVgCkf&1l@kYS(`rkzzhB(0N+P(5D=v%F=0{X|&KIp6^|#kzrK
zQ`im`k6UYEP@_P}Q8BA#HV2EPa?xswQLq+dIHO$rbi@;6E#j|11uj!QyT*-hjsPxK
zA~Crr&?*WLUIMsP^U2PcxmG#iD}Fy;0uNyBb0c=y5ObI44HT}DcV|t``Q83fKLg*C
ze1ys6Iei?h)2=e?w+v&dcC7uvc<aK12$z6X?ED1+2W9hs;z+N4^>7;6SfScP60zkq
z13D$#!#9%leZ3SX8dFRPt*85jJB3ue%|P`d8UjEOd&OiJ4v)4hL%a(@vcg!w48RD?
z(ZJT}IjxMEYm{QgwtlBJ#7Vka)F@{@gzR1U!~Ja>On<Q~PUb8}4EeLTnhbP;<NfnL
zTO6SGx$6Rq4Av$D5Rs6fZCKYolzGj&@w<Ra)kil>+`_hI>e9^^8|if#IW5L})*mfu
zoJPu5y<C`Zl)3c@@vI-PJumJi!Ag8k2$e^cufOe@N46<0fm@02h+~Gy>)+OuASg4Y
zX4z#o@S2fsAf8ecEa^R`?`PwRe`h$|N2+3RFi8X-*nolGB;0x{c%8;}x=h*@g18+W
z^xP!#R+@Qh8cN16k+T>M$^Oy_8I9M~02jMp4gd<yp_r9k_R#^Ge827)9fAGB_ylFx
zl7BF<n&MH!eEaE#5gLw*aP}8MWhC$T!uUmk7V&lNrZa9^-2O6_NO9%+iSi{b8tXi5
zj-ybp{Prlazb&Pi_6-nVlzdKtHPUoC6dbT*fAQ}M)j8Y$R;aphHo-e<UE(uLmo{m|
z^6pIumeQ<EMjaH=NpMgN+xJO}V*cGSfxcv{w%y0ZGzsATOC<<L_xiy`q9CrF5Fh(J
zP{mX~humS|HPjzO_%rcf_MvP-i^Aa>p}h(murm^pJTCG%KT?<B1PO^huWPx!%jqmC
zms02`X&jm`(~lpci_dMxd2=1pYz^#wpWa+P_o<wX(@*`%!cUKn!#GqFv0ZvV5mM*h
zm5@)NEJ>TiZ8t8C9U;wK=-1kmB<{LDSmsHGLxMas)}2lKi^)Ru$v&^0M>6NA!`mCq
zY+N#h;ud9PcL*N?zy+rF>w#Bb1Na<P=D)R1N+S&RYQ7Q~tENa9oV$N3<(iCl+i|lh
z|I);CyO*pSfeuAr{VLs1lb(J@4=1)bW4z?broS*`pc5)x6U|Z+EiL@YSu@^?F>^dz
zQ$}nWJ!h_0FuJiP;Vd#P{L?TfzfUU`vE5!D-p<jC6Um*kT}<10Go8V?5->QoWmSp+
zb2{g)R1F#b&({;>9P=$O&U|P{6gQ*?Y8A<<Y3PI?_Clms-~Y~B$bLyyCw^@sYqy`M
z#C-$F?;pG%n~x0f*{-bP?cQ@llGpa;fjoXuL$|qya(faEP|r(QbAc@#U*<*E5~w<V
z89Ha6ob{8o6NWx^3g^x_`t(>4V^OBBQ9kvT^Fwqa9vx334;&f_nhxjgklL%Ouj3N9
z6G1d|oMCYh#Pq>VOl5thAhrGGK8k0&g}L*y@d!FQd&DF+kIf{+F@Hh`SR%fcjZ30(
z*2=biQ}J8nAKsf<MZ}t?xv^7#8wf^zy&HL7w?#WINbu*7$Ih_L6!w_C+HK6T947YE
zW;1jrVzWuaVcw!eD*Tp2Fq;u18bl~)A2Vd{>j}9e$r-WZxFVMj`dlhdFkhMN9w&b`
zu612T`;q$~;d?C?Wg#u5-3o01bM<+L5nON8y$q)S%h1c|A!EX4dgTkzB;`?Asq04q
zz-;o;gCb;actA`sKJqgH1e(R_4QFl=wVHq<$Z?Zc1U^M%Adw9e)*yu7cBS>dx5dHF
zwYqF8pOGmJQeg`>t6Y*)(i}3sN*#AXn=LuKvsug`XX<C1o?*s8l#0@HNGsWMdPSer
zMIz{Dk4nXuI(Ql+>;VSS49Sl2+_mb{w51?VU*D1Ik;g8I*w$pWOLx3X&fvo77~bdH
z_b8Qw3w6;dXAr#YGJosbTPF)CrHT!RBrXX`*}Pp(J>-9MldY2UJK7m~gG&R>M{Bcr
zHQd{kQVJ@Mp8e(&?U%#xBKg5r&e_#;i!zU5M8meDhugKH)|7yXGd!G`&<#=A4G}$*
zA}tQ?K!`y_lGqRHD!LdKqtSrYzjZ!$Qp~LO-mr4Oz`L8KUQxUxpJww!oJ?U}oS0cJ
zKvi;x`Rfdr8h%2&0CDJHWfJ*h81Hm@+;zqeD1{;#nb~wgJV}9qP{f@nMFp@~3}XvM
z=!lO>*{=X_u9UQExzAXcptQT^s*jaK%+_lTIrJmz)<4}&Bf|Jbtaf*FPf`&NaV$Fc
z9mIYXCAv)8qXSoJb7_MJQq(|9AA-s+SHkHIG_UUMq0k^_Ds6B0AS|s!B}_5W!rXwe
zK!t=HD&SMQzYypYq(2EifAiADsU4qE;?9=7=X{`dla`kJi(IA3yzEb&9W3t$M^9T>
zKZ@_nr-n6mfiAiQ1P2r^+)yw>97q1jR)#dyA!o=iFuKw`5z_UsPRWm6SiQB;?B~b0
z`L@*k(C+YCY=&?e4K7$1?zwrpH4ct;2B$zxn<HbYO0tsSN5u;1Gzx}sSjVeNLugh1
zrIn^1nBTvvlt;f}11GQ4sFQ#Css5Suilga3oGk95INf8X_cvfeLT<Jab{H=O7)G3f
z7lovN`2<0>X(^Y1+u0`BuV}_kH?I&30A~cxQyPGa-bH<n`^{l<1<h5MUHw7CSzXe;
zrLf6RgmRgg#|C&U8I`~vk$F&eHT$MDAGZgEHruK24U5ppLD52MkcN0P9V9?lOQO7G
zX&8!nhG2s|mi$#K8}69z&xD-X-YySby7Hkjj9XTDuuXp539&gJkop<5yK}m$GzPIx
z^#aeG-omNXeLWz(VmM*^FS$}myD0ph;ROAEo`UtSAN^ly(^i5o%Z$8+amx=jbi*z&
zu)jE}>7Xp3_To^2R)ehG!Gk931~-o$jn8M<b=|{4nC1G-y*e)s{dIM(z*REq-ZQpV
z2~8}IK3s8NWZyM)_0HV(&!KZM`xuYJE6i`M3<yb1B$v9+K3W+Ve(Q#O&?NqUx?%IE
ze`XN(E1lxS=syytTi!_0`QZrz`xqG+;a?>S8`h(LG+n`okFEc-pa0_zE7kqEMKw!%
zz|`bFdiDRLCj@IbZH{wK5f=pdt6i}c$a-ZSWv_1j{w4hMSt$b;<2c1{EUQIv^0%uj
zzdf!JI3UiLi{1TIyj?|f?r&a!iFPbOt5PTGO~P0p{OrcB4fzVxovh7EV$Z_O?!?=q
zKfD$ivHLhfNkWio|0yf~U!|KZ)egF}cMnGw`*tt{Q@E7ygl|A$J1uCJP@&}Z$ae-`
zSI7J6i`J{_;2KOjRI`0#&%W3fYiu^w13Pw{fK{t?(9-oFTh6n+&)haX?=9a|gX<~z
z6?*9QiJL~b+Id>=E=B|&88hS^5iz))Jk_URBq*5Rn@6gDBSCeN&F|}y5V~>wa}DDZ
zp4d<|?riUWVDK${>bQAQ_<9uS)YyH^=c}3P@e<oA1u8!<lj#fIuoyNvc{nYLNDzZi
z=OmO9UJl1gf?AlzmQzM#`?u<?q8s8?RZgU;?=$@c7u?6yfA?S&UYD^=li~vd)|+1P
ztIu$qVm`q8!df*<lWHWU!?Ov^o&o-`rN@?Y_;{-gwb#{VDq5iHqjjjZySIdS$q7*I
zNYgq4S`%bme$-3(+1Huk6(L&avQhWAYxY-hdTz4T%-f6k?h`kBe~zBRx`!;uK`#?8
z6Qvv-xbf}j<=?PbQ>43WHgeLnlbzZybt}K@s(H<<=FavN+PCvAB%6+-0r-BJnx39e
zrl}$!*1b&H^s7RXa^v7P_e<w?l##FDxNqTe7isIyFRG8&Wdgh?g&s1uGYOjD+Q|QK
za(;7J=-bH2dK*;BzJem(9NgX)B$jHf`~3X4pk^`C)M}&9g`Wph^3bWB+phkrV}ib}
zEq$U(@=E9-<EWQHy1c%tae?V<U$kPcyJ}?{;aaIA*W0d<)C!|z*MXArN&~PIS7H>(
zCYI_}S$n^H56cf&_nP7xvO0B&f2=1{|Im4d7wl&V<f5+AbAzJLSjHR>(uuwn!PVUN
z;K$F1TGww%YO@;Hf~-oxgQ2HvNVyijyR?ENJ+G+NYj-5_9_Hteu#{S=tE;p5Nl8fs
ziNmc77YpCH%JUZ>&K>H2+<yF0y7rs1{7<R{PM%z9eNeVFCXw&A#Bt&N2m_*u&{pys
zZ{ZX@d*D3dd{CBAoSq)y9VPoLDk|Q4n3Lx2*^`=jdWyWHCOZFBtK3WX^>XhIS4y#t
zrT_bIr@p+}T;DIYqS|c{5pjU*n_90{Y^+i7bY9ml&)H*ShmJW#PC0enYtZ<?%ols8
z_sdeZu98@(+t>xq>h)QLDPlp!%wU1>?tRA`$d<YOzI*3}b(Po84pCWmIqS!_CFyWu
z=+gpvdMRl>zrOz_XTR+IvWYXBI!3@2J5%0ZS&z0zsswb7d<;?_9o;GLQJb^eK--~b
zzTAH`|E#fK@B2niTy=nujR;#Cm$s6lT)^zA_^rH~C(Ey%PPKf>Ih121Xc5k96-DhR
zo?cHsF7FTz-@2731^Eg=LBZ>nwipf<CrG2kbrm};fuLb6e$4o+RWh%PbVuYfUjB?5
z$*~87bYEIlVzfecv!!`b!)#u#8%aOPn(5Cs;Yet2J}vqeAz<Tyeug(z`L|8j{(PtY
zTNnLT@-mIz-&HH9(Ytf!vhc0cr+f2Go;-OAs89t~VPfJY6}JVewlA+?JZJhEcNK%2
zsIjg@PG1*iR&E3s=*gG(DiLToq$l3bDS^}G;nPt(3U(yzluC_z4c8Kvla%j00b8*z
z6$IX(rXI&zmDkvw!53u%XtH$Cu9@NLVU|cU+o6ipe8+|Obc?E=?N}=mDf1qDOl!U_
zge&%h*+GGlD@^*jl=FTbv85e+D%K$zt_~j^%eTan1IIZJ)0fPX%F0R%;Ztmxz*h^g
z)o-qcX{n$o<=*&A=7D`&M~c)9FlX>GyL=kjc*f_l`zn{o0>+B-mv|&YMwz1yawabh
zFGQyDq+4DScpjg}=iBWy`ND>WPRa1r)zG+jS~yI9rqaay$x(&+CrjHB>QTI{7tEov
zDe2_lvCM`+fgi8?&u`Z8Ph<Cr@Ix^b2Q0|ieGP{4Ql72T#I8-eQfdfKm49dW(9vEs
z*V%zm+M)9exdxfhQ%RnY@$57W3((0Hq6SSxjB}mh(}nLn{<+4+^$kj`*1zmBT<V`h
zq}nzcMYpoFM+OHoNIpVPc`uCwoYB(_aNEu4SPR*kmpogw?&3S0nW5AEtBprtrb`MF
z6N9@mWYT2H*tHOltA=?tjFqcJ-BZQOpcMAsez@{dows$-R~k0V$lKWM+EB+zRg<Dp
zAe#s-?vU-qZuMLZ2@MsHq3dH$&MhyRqoSr7^@V8mCf)C{-Hp^EkGuH!dQRf^pA^^o
zkZQq?mM>hz50+^bO-px$?Wb~FgN3^_8Mz-1{s1vGHJ8>+5@w8ini3_jQ%mmRrrsu_
zhG8Fv0GuE9H7X<+g%t-bcJA}t<ij^&6+B+ZhOx!O#>Q$_zN<oXFZuTE%NKz2k*UAV
zh+qA%q&nTW;k(d9Nmr_qKVTq{FP&qTYF+5i`GH;_r4Sw6GH;PVkmILq65WXmRN)f;
zc|$9A={1wjU)#<z8inHRxr=z1_aA>j*DYL-S07xgs<6L-m8sOaF_>Ls5;_NiUR#x&
zF8g`JIzWif9Xd@N!V74oM?|lPd03y}p<|RhCfz#ks@WR!C|K6V;KSO=i9`32CZ;bU
zU3!hxs;3X}e){`yLQ^vTy64g<)QX7tinx2{8}=j);Dg!w){+ky<-9nh_FS{!22bm`
zK5ANJ0a<H3hkZnGBEru_qWX9K-jEDj@G|Ibt~cHykyuj}rB@d?&edZAI^BERiGInN
z%yF-PlSyvRZGXZ>9fNWE*kg`zyXjB8KhVdBrPWn!db0NW=ZnbuHV#Uiot|W>T+VKD
zT}rLT;ANz4bKLHdi1lX^HuBA>=4VSamEgCs<)l#v5}V;k+++JpfKf89PEc#7c49B!
zYp5M3{TiaS-#V5|MRdF;Wawg>j!Y^#PX7Ju*?CWnuMN#Tj_2(x9TH`tG!VqYl=Mmo
z<0a`KqdTi;xo}O106Ug1Tal9c+TWX#<Xlg2)7<r-_KCE};}_3%c6O#WWO!0rDwWCm
zX>V}g#NO`S)B0v-&Mkcjb5b69#Ln%>0jjfu;?$|@W%DohPb|IV$j)9txn|JGs5zX3
z=};C?)owO(BCDFLpJkg|7)Fvjjb7=Adm-5+k(6(;J!NhlwqToR|Azi^t9JxisQcN-
z=M$W^aEahNZ1<#N?E}H3^Kmq|@!pLeDA9})O=Jp>j)|c~w|H!2<|dmpv%Fd!G8+)r
z`5|gf{eI)3o8=ocwPWb#tu(D>!tkt&s(pc5l%X-k+hczY{!WH!kY`DL20AJH6&3B_
zLUm1h@A36-&fjQMmPt*Mq=P~skG#_giuJn>OYUE1*KuW>?P^nBD)x8p-r94cV^PhR
z(aR+wrs~+OD<S*1>AlinE2tG3MZ(-JK#G5}h)jh`Tx{lJYiz^p3!>^w{URj48LyBJ
z*S^@$eKW^-a;P$lgqb|0*WwF($W{}+9{q3!lXm-4@$}T}1^Miq3LdrCsqT9%sH!*-
zqe3m$0jOtOkLo7Kcs`%fYkA&gva~On%VDWlf^)1`{JH11h0+51v1s-3rMJ^WoDjM<
z=Oz1I(Fzxilqd)yzdK%<RTILL20(7Uo9zcAUm(5Zy=v0L*S1es3q623GxbuQT;yms
zn>~{hqky3|-0IHK$Ds_%7r#2ry=-fx4VFj67KfBb$OqjHJ4Brmx~EXM>`iQnqf2gX
zpfx*Bso4w-++GlPsHzfWh{Z?atJb>28C~A)Zk+t|1C#)s)#4th%lfT-iCLpvCVMmp
zvSCs4WjGz9w?E_)pIBQtce=IzU}j=^gXNs~<X8NqKmM1}VkvJssT4M+5{t+n)0u`q
z^@(hhoaRuX)6wguj!e8fLmAeBE|=d{KsE3|(iC(dSWEYNOT1}qr_KT|@|WpLQh$cK
zhN`M+tD<fa+N8|mMN6VAX@J|Xp7^+jH9EG?LV0shU-+Jd!*tzszx8Lj%5R+g{M^UC
z31^dXWR`u1l={hzYIREC%V>daKWz_(yrJ*5TN|rx{cCd|ns)ofLXkgESm^m6t1?~Q
zO3K$N|6)5-VHzHb#}2cY6$O4fdn<KpZK&)Je!od?GFdBL;tf5@50h&0<~HR6VeG-t
z#IDl(FX8d$CJu3M2xVqwx(%^Vux2Okdl<wXC)5!pCgO<pX<oAf)|K>yMfYy^E=(Ix
zoxcotsbjR3w07Bdw;N*OJ+I%pbSdx|6j4`2Q>`jII`<j(N}PPMkM}GS?oO_1Se$rP
z8m(6?r+0hXZ$W`bd8D1J*gp`GQRaC$aAW1!;xGr?;$TXYRhV&_b(%(Zdb;eDFtXt3
z)8En~xOL8SUt&LhrVc%uTGlzAwRo)6OiGr~bF@zGu)MUC(VpBB5nQq|qggNzi<Y&r
zG^ucSX=wkR{hPRk&k939yX1&4TQYgUXLjSFXlmdo@Cb+6WBCGctu;|L9>njBS%#vv
zx$N^YE`4`sq7s|+>xsS}+OFuE8e^=A2*wn4K0env2fQV8SHGeK!Yk{t-P*?bI`5?$
z%XzgOKm1Cy{)%LPrR*U~=^EXH#fP5a)SopEH^(bE#MWBS-DVq7E*tNDHpMj$T=@uA
z>gnEoTNSHD6b@7D`d&v66?T2n7t&XsDg`dNNtO}L?&!k=1@By^p$d~}lhNY#VJn&X
zbWbL`KYi={^(L==cXJUJQ8PjyKg3a<Q_2LzP@xvmDA#NcbT0c=4hlHyMpyX$zTROt
zo`m#~!PO@!hSELG&>HyKFQ}q}+M8<OQHGJ-uw%G`Dkb{!qpJ|~Y)3v$cAu~TnY>+X
z*1LCI7XVsy$7&)^owt8vtg<{v7;b`|+qOGB!cN*MjrHW?$4Y0Nc`@279O6z*$n$Ej
z2LTg=Ke-KWjgh~DssDOF{U2>y3GY80`iLKNhW{Tt!R^#Gqg=`{F|Hc9KSDzdwHsG+
IuiOdwF9jZ&J^%m!

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-content-filtering-summary.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-content-filtering-summary.png
new file mode 100644
index 0000000000000000000000000000000000000000..c6c86c4c3be8ecc66b5c1bdd2956a74ea79d91a5
GIT binary patch
literal 34263
zcmdqJWl$Vn^!JHFaDqF81PE@y-Ccsag#f`JxVu{j1a}C*B{+jS1a}$SWzfN4o8NzT
zUq3IN-KyQLqNthbnd!dw^gZ(ZoExdCEQ5hcf(iozgCQp?`56WVz6k~fmI(z3c;`Tk
zk`DL>>+)Gf9Hw%N>;QOyU@4{~1_M(QkM?Ma2)usdD68uN14HoP^$%9=^ZPRxm{40e
zNihu%qmxx+4?Immq;>cb`jT6H7(_g=A_WMQJbocP19_o&Ua-8{pQ*wd26Dt?aO)KV
z6&2O2xVk7#BJFO++K^&u)-i3X_4|>Vi(?75y2Y$!m%TBeMy33<vFtaVOco5(@BTaF
z2j7N=gy@L8#rf~}U=UgH5*hK|@s<mzN%Fq~507a5e@;+SH3?AopEtz<VOjp?Lx_m~
z+fNJ?c-NW5<50Q%FG(L<s;%<;c&T!v*+O1v(EM)tw@OlJ6{vKeQ0B(|eklrn#9}mc
z()s?%`Y5aMrHP#XyKEQ+IfFoh!>@z{>?6(p?lY=t^L^)&Pd5UF#<$sW>W(L9#`Pid
zFBZce?rXj>YtuVP@jLg|M{^GLX`J2-&+TGQjoa}e&(%gnA=`(uWmAm~l*GIy0gqSH
zDnA%BzuiGPu<x#a8GpI0Hsx>|B}x;pjJrNvM)PzGd(%s&lul106Z=!a|H<MhEFyw_
zgV+DLt?lt*WU4?0>nQowa;rb~2ff<6Cy~5VVc(YR;baBUo~^Qw>R8DdYGt^U%-!vl
zqsrFp{mBC7!x_1wS$*X!!H?nok81wHKDUld;1*II`@v^Q=+U@t-PdGfN*`7K_N3J|
zPj$D`1?trnx8%NPLfxu<3<Q6h`O0KByXC>t)z)%t8u#r%Q{DP+$?p}i4Z<)<S)vJ8
zQ&_$}OcyFK-d*e@$xwJoUZlU!1S4Ty!MPtUP|ta}LE0behm3P`?QJ&1LqFU--RO5v
zzsp}n6e9`xgkX103|EhYK_a_5n)b=D=OxGIBJ%P10Wv2bX!>)aam|mh3It7`bDH|C
z!b<6Tl{kL0HiZ3GiU6G^SHdLx=7;|=m-l8Q-IwJCyScJ<>hU;I9_9GHWrvQ6g7eMj
zTcQQyRyQSD<xF}A=q7vqFTd;IPoKy0fzM5jrb_BFkv6lXAJ%+tvepVvULGJKz*xj;
zlxZowP~@n$e7C;a&2YGSScUuOex{cr?E79NTkyWw!vXlMo!&@X;1Zu6ARQduP}?WJ
zHcE^21Zs)xi=B}<0W<APgr<Y3qNEsN&ciW^+l>IgQjoF8f1(kx?2n@a`QPmjJ}p9T
z*8E2%X=JYURy;4{f4rBw+7loSdR}z-I`VjTd9~McH7@cp*gGyVPj$2V@8xyyPnKNo
z2EH7lt5_!3F4kIyg?}0PF*K0#J#mLoOFj?|@v1(8Ou$XiI}o^13((ukYCC*Jt)JIN
zJhDl}N@;r$5vQspF_@&>ioiH*yMOT88_T+wQCAs)ajDR2b}m9{t^4}#2dz^2;9{L+
zg?p&@hs$Wz_6d3G!<j$Vds-EGL-WS|C)ZDSWNbewEJji;X0?rVt9r3g85$fn#7|@+
z2h%t$xm479u^)0>e#<8_OjVmo<Q#ZiY|Gg-*-Yk#BK-+Q#+q9w`8HcxYro2WWQZdn
zs#_q9A(!|rG=@^dDBe7s%lhwQ*Pf}qZQxIVeVuNb+efeKL+iA;VkOci$~E`(0886&
zh}dFy$48y&TqfOG$>3|iGDiRl#-<aq2gd#7VeRF8*&D0%{h9&_SYkhLt9uou_P-w=
zqG^ZYD+zwBDZYETKdQR8-HNx#RRmTdJi>{RR;$VU>M##~D#wGR`m(l*VaCs;8Xxb@
zdax|E2NRb#!{mSCdWnW%l9z(0Q3}s_N(AGGIi=ko;0lo1Gjv_GJJ5?cuCdYDvr+x}
zaMl8N6fQ2uMf9sY8a*$+Voc$5Cb(Pe4`&OtLKEIijHYq^zRozi*c-31K!EEaH1<(D
zoU33=qE(ve7<hR`2t~1-q>0XU^`RU7@dlUHN|n#^;!8ZmiRegH`X`%VV38?uJ(|-i
zrY6efb17C9k#sypUzt1-{5C`Xw3034eON+zrMz`F^GDrcvDRWvz+43w7NXNM8X3%|
zyNRw~{=K;{tw2gBga_7M{-a?_OnZaFi?9;ga$<qZRrimN>a=pn97WgP_Sp>Izuny-
zU`jAXC1iL{*|uhcNg=p?X%+xO;;#<U`;;{u-51yXd{`EMN`xMrWyT>NdzhCK2=Rr0
z+;?uzx8?-I4SD^+Wb28an?Fm%-`KH-!iC}RnzGZh{dU<?PNz+xRsLCPA%Enz;gDHD
zqvP|(DzUrv`_NloFi4;0N&m)7k&xBs>ekPPBHO&x)<fhOvtwW{Tkx(7^Qo_){mSeO
z@kB?5UmV7=Zt1o{t;3p;FZi$AR`rP+1t(phLZ3FnzBjCY^muj0Gzg=80djfG$4%y~
z@h-uB0jtoo?yFKyk-#$&a6)hB*NM)+`)9S{0N6eDnwx)M!nU{|n~tH@TM8fKDMA-F
z5C*(cF(bt-u|&i9;w_Vp_Lu6D1y*#70n2rWqwQ~{43askZMzIRC?s=j2b}XSgGVlF
zss4&@3`bDL>m61M8N2u;0<_++^{nS}=7A^lm{<u-0Bfu5FCn%BY;?!K(XAj8%Pvck
zQ+Wp$VzICNmP?HxuX|Q#i2x*5wa-oakAa-`y~xqLw*QUa15{7WwcDl5{)HJw%~pH|
zdbgJ|pBJHArd>7nGMN-~V9+35oGDW^9)-`i`IKObN--{Y8T0J0r{LiD&#2lY5J`$C
zQ3jl65A8-{9h|GsFLGFGUs5MQX`{qIDG|9VH5W+!s4g82Cy=Mu#b!F=!Y)5YAln=q
zC(q^cUMXE8XF1#N-uk27-;#cMB0IE_f;=27iL{Yltd!h(xG!6L4Tu=@HA00#%5VmQ
znIG!}AJ2N6H-F~{?rxaza=aC^nJfR%Aqwj|?xfECG@>_y{3aBJD0?hH>{KB|(O-J!
z`+6rV34Lz<(~8UZ5Uz?~We*J4^TBSh-M6)U{GdPfh{NlO{wX7x@a3oXsa$D=3dsBB
z$GAw&x|$OdG5ITkjzk#x++8<Oogc8We>>Z@U6rExTp;aAEMlLDDS%?AdQjY6rCFB3
zVfyG%wHA&l0H^gg_q}qa4!rXt2Em&6Zpik~5ARVa=`z)Z<3(4nq!}a4)0e42sp#GN
zr+_v1Z1?@Myi5Ui<s5;N<yI9vE(aF<2HQk$h*If*Nq@`%huQ5}HBtbwx*&bp=uq%q
z_?WH%OOcB+niddvy;m;h+1i(N-Qk@0R^T|gquOC%AVL_~n&0kFqmB|X<Sx*`>4~)V
z@b?&8uQ2Vq(T%u4B9g$`A5Zx^aP#_TUNFp2a(lVnrl|RiJ-d&v)8>0UY$}gOvwrk=
zh^Ud3YDYVg<*g4Mo}2K~7(()M=bq_ujWH2PTwC0ebYOT;Urrlo+8ynn&2n+Y(18Cw
zy97*}mPond>Q0i%-&u@M(kaW6^iLP(GFhOp>89@otOu)QjWNW&j9BLWB6qhmfP<_*
z?P0-<Ftg&nAR-{_>1oDN|E-ufE`0QR4>OMaf)|Rr#}ek!98V3*I@Ue;g1rv`>U4fz
z)KNPb@0moCso(7}$h%|SG{o~#TKFa-;w`2|=VWj|Hug`%)cCo-*3*vaxvIjZw`2@P
zO~sqOC1;C5<f)er`vvje?trNuX7({s{C6Tr92ds-9j;J5dD!a{-tcmp=jAuuos;yF
zFlkkE;=ebD^TS3UuRHWO8U>o41*ts8HY_wGE|by0)IXt{IVfNO_fs<N8=_=`EBU@~
zBl$gXtr8wH<C<{~lYM$=T(96GvZ*fcs|T}YO=~>DHd?N;jOVgn(V3=%$aJ3V{4x%k
zWp)&tD9|j|VfQuqtxWElBan5%7Z1JJbeT}!t-ujVu!|Y38y98-+~lmC8+ft%&9x+Y
zffQAUGLu8w4(pY2{@y&uaEz~R!QNKn8R;R|s6Q1o%y9*nTf!9Oc43j?2IK+T<AoZ2
zaeROO*4!2GYFh_)#bg0q=>Dhvy(MzllKG9g$<&((39JJfZoz@0h==0<-iBV?fQOJj
zxxzL<s-s<kk6Wfknu$WK?niPj2E~dO+es>i-kFz<ID-_8UQy0FqxdOest3|oDxs)V
zgWXcm7KeWiF0Og%TqoZ>Vrbbvk4#>o43?m%?u};ADg0vo<uG57geCBO0`*MM<y}D#
z84g1A(>-+dWF)5}U^H7uMypDfu}rHfQ7-9s2x8_wh(ypMfxv9GY@RK&Q%~2HCHIKO
zb_NpsQT?}7d>U!c;_oRD3t{(I`z?<;%6K7Ys^8wOQpS}~(a6t4r!6|!#C)l1Pa5?E
z<undWuZ*BGv82far-3-qGSE)yGQT_6=Sk>!pzX5{t5^97;^=TPW1-YYO0DzkH{ZWp
zge*FZr}}m%0gd2N2Ntb@zhbcbuFtX}trZ{HPMh~AeE(s%RENhC<v|c1nT6r~!+p;Q
zp%@QDlY1s>)ex(XIW|zI{utITyXCqZwznukU6Y(~Npo-R;3S+J1>I9~iLBS-F-Ye|
z67qV!3{6?o&fx`UmbF(_Rq54pl&gwTWD0uz*bQ~w8BX(Q{e0Qoa!tBjKVRx)sJTLF
z(3Y^~RCz_oCVI&aCG~vy$Fp{|*o2K@u<|>VieQ<?zYETg40F#$Cdo4CL+kkVfJI9c
zZ_3~iudySwyM&SFdLXhQg<cV4AjnLo91YPZ982UU5VZ|QC6|3!yudGhJ0bb<b*mqP
zKW8B907bo6dHQC-v(fMYdf#fH@XJaffmCa~QoS+TcBxHj8j(4AvCblCrTKDS>iz*D
z)Oa0E3AJh2Wk+mo4WP>pv0Lv9Y{`8SB!uAm^l&rZFOBep7Xk~rk}DR>)hS997OKOh
zf`QM~itfJ^%k$;=@op*l;;^jhTW)j|h&&SkZk_@mKq?Ba#^?<OoTIPI6Y@MgkK%~<
z;xVIa{l-!Np92c_WJHuG%0pOQSjmLIh_?P0>yUanRm)D-Zv%1UbH=MdzGCBeUgu|7
zR#yWzTl_Ipgdnb4+nDcBk<tsPL07$*k~2zQ)9zuzR8N;1Rf36bx;0BEO-ks%^X0mn
zN_1ooK%i~x&9>_IcrK%^;-zqjJw<69&=zV!;zGIs<QnrEM<|bZ3cpy=e}`dFR>s~2
zAnA@88?<@Ud_P`L6G83~&){*OuxGKzT_z%)iF8_VTEUKKq3-PGJD*ZuJ#d{9N=KWZ
z4yF*f(lcwVQG#ZEo(WA50U@q=P)=dQD!Q>!UC;#emLMD{^M+Rw5kS%IaMwa1UHS5|
z-VUBz+>Ha2gEBI4WRus{D_v$(XT&J<C*ZqO2KQ=TWTo=Jdk<&zarmEvyw6tjPRQ3D
zar0{J2pl^!44X`yeQ#ooWICe;_Zwt(JYSxDmu#Xbj2?t|op5g9-X8Xz<9fZ#Lng%L
zV$yAse8D876;Mlb?2E#m59xP*e2m_Egw?3kum4tojE9|&%xWx#O30FrY@HK7CqT-u
zzuf3B4gWGZK$#)R_16^>>u=C{F05Vyw!x;P=vibZ`k8N4dldUQzUx|tVJq#*o6x5!
z!`8SJAQ`?F^oEjsF86SHy4(Jf<d>yNf6PWrj%c8Zd%M_$#c|Gv&v-E21k<dq!k}IG
zj<royd@UZ0G%SW@H4*1zZt)hKxtFLR_HTtYg!$xC<Hju>gN9BpYi5ix{V0yr;=r`=
zC!4vc6#7RDy|&UeJ*mruyGueYkuFp9l6B!0l!bIIJ6bG}i-`8P8yZM{UN0rD@iD=f
zWaQg$JGu)EApiH}W<h{^FyAvRG$ghehJpU^icMdV4~P7_^HKh{Y*OWS8iJJOwF?)2
z`4%#62e$)vcX<TCw%yzedknQ>(XB1a9<Z9Y2lCjiXHr@#cNWPoLEUN->Q$C)83$OF
z3;Uhn<WF{XSgE3d{(%z^X;V9_9cdbD24`OA2ZfZ2MK~qNH@LeMrtL(#?fF5m0ma50
zetM?$j3+4XutiPO2od;*z~P<_m%INsEi~<YvAm416Y`xS!>TuTy<#Xn#yp-84%-_f
z;W$!7I3qPRVVW-y4ChBkYE4Q~37GYwR5YoiaYzL#BM5PR9i3<iXzZ8upF){OxDwy+
zJvAy*%HX!v{f7KNbP<7xguo#yQ@Hm#$FCHW!0r?q^|3%Ee$I$@^i8i{$K{v+iO*Ly
zS4F1L;9(J}gdPLw8M(dDw1P|AbH75uUCt$p7v-iDDk^aZ-Rtx8G%#)@+V!2%pdg{R
zL<DAv$P@J-qTkd9VwvMxJpXz0NxCy;T#Q007=Z$M9y82+4?k~gP=-Ubd|)b39TGr>
zAzaefYMPONJRuu0iQ~pkqhdme(`0VEk|n=DhaTN0`=*W1lV|`nnuNOPYEBjxWrhaq
zdt)fnaelWzd*!wDm?PkBzd$diZ|k5UIYAnQ$;TD4?tM64MY+?btTvXX*m*9A#nmg>
z9PEKGKo~17OZq@IU`gW^y<d0k?T-F-8hD<hr0|8R1E{kWYU;is<HY3669~0YK=|A=
z(3D4UB;)DBKAL&JKiVskTs2YO12JUrSY92ah5WCnBqT9RtrOSoL(pmTTU1={jncuE
zO)MQc8rmQllXE2GmF(zf>cWyX0c!Z|QGEU(vNUM=qRel)e^Ap5+oh)$6RUujC?V9i
zK{5d^jT=e{-DpDA-9%wX+p6N4%N=B7Bj^a7nA0Ou6h-w19Tsz&a!wowKiVAiVrHW!
z50)^DM&PDZXYyUGkLP|NbmW(i3Imyct0p5hak-DVgkBLFEdE6qdBD^C5v$k6P~z5|
zqYEpxkHy#~pLRE)!T!beP?<=9Og&HyTl##QsZM5i`XrYk_*Zk>7yKS{1FrUUYIwJd
z9b)Ef7paupGXJf*OKRHwEbt}m5+2gG$E&^F@3$cc<fg^S)Ft}A8@TLeRHx?%5mrxA
zWPg4{@i`|aDvlG!pD2iy=HjBygHw>~LWB*iBZK>Cj$)R16aWLqvv-XR8_{SKE4t1(
zsUO0Dk`um;(__-=dPFc6fKjqX6;MqI_H}Zo!)+iJ`iAmT_0CO;>73Imr;Qn5TZJUg
zk|0@|Yej&NyqlW_n?)^Oa^Wv^=W`Rh>5O&09$!3$EDgeqvaJ6VZ~pljg;<0rCI%JC
z;L7|P1XNjVo<edj?yQ1Rw#_%L=!Jh8ZHh_T356O^zGYsEZGYgZ&fS6qC15ApT_GR(
zTZPC_+4vJKcw#&RHy42=|0)eW@M4+tgkjuw;M(VHk*S6Ll?cWT;@b0KQwwZ6wnrGa
z3-p4y;Jm2Rx3!PwAtH(0in&B|Rkvj%QAnuDhx5d=z}&=8<f{`vD9}HpniB(e4qxaL
zqV5D><izr8E&a8w(C)r;S9bai1a@fqfqjvYT5ro^Vosfo-*fz0MGf)Jf9D~IMX!f>
zOp$-QSUUnLHp4)nP@R+-pUT+X?z1y!6QZbx+e{6Bcj_-SSo4PX3ZvN|<f2GY%Wb|-
zSM%j_KW#H;^!jP`V-+<tsUYy9Y+I31^RJO1A+b4|(C+?I>&h>v><$mH;jM{Vr>&64
z`njDPf7A->_sY&?^RvaFsY5i+olwwxTXVCHCQsLzlAT?-Zb3`i!<c{<Mc;>Q-%NOR
z*oV+7cX6!F-$LGlq*dC<?Y{T>6FvytL}~#pU_t>Z_nt>XE;cHY{ztz~M~k0AMC3SG
zrXrGfB6)COqKHDNL_rZ$7(zt*$ztOug^FpP_r%Szsl3|R6h9S{V5l`vcS?Q01__~X
zO_YVbfUZlW<}w29t`YsCKcTXH9y&#F6fauQ=i5^uf%PJtL^~lXjxqg%f|Lad4@bdu
zXr9U>JWVl#w?>uKHv13zia*?9b1CYccGs+B1LCV>Cl(NI#C)~QZ8aeZv5CqSM<7mg
zEre+&Tn?l#^ohR=>_@oDT=t|dUEasyBH0RjwBdotON1B79b`ly0!3P7!1Pq(RObbc
z@bQoiAoldHVpHC78q85znRHqyqGQRNMF~bz_-uRL)I>&~IQ6j0q?uyHN(+lW>$ZIV
zlU)_q$rl5DfpokWX@7>!rBWt4BRgSgxk|&Mc=gtl);5CmW_EnU%rooGX}No?1EPZn
zg=+Ra`>;0+*Fwj{T*oT<7>0D1i9=a-UC8*Hbr|dUvat+9iBEaP)gpu)U*IoxGiFDn
zw#loo(D`D~m6yu2X>yq2<Uy;4UegFf?HnXt29&j4CGWf_*WbH0yzj$fihw2N6sCzK
z`2<bpuKzY0$EG72F~Jdv#%E&R(D>93FX6QnwW_y^5jJA<IPyXuijLDycG{<qa;WNk
z_0w$7XPzY|<WngEJbI`EOuQ5(0h7V|OG2ifc@p7r6-)K?;ex9Bku`f(=9*S9_MK;6
zw*9ZZEm&aTAR=EWQkh6V5O$OE-^QZyopxEN^uTBgtMc_=OESF=Mzsq?#m{f!jmJGi
zFIhL=|JdH@4gvEU<HK@=F)YW{G#Qyo#t60a{)+JWsb(#sf(D1_Pipg|L?h}z9yXXi
z725%S)lTgpjvR`CZ*|2@tt#mlkBNaU6?@R^Hb${ka@OchVI76q-e}s?Zeqm)_ZH##
zme@KnoAc`HJ=$7yM+UcDI+6gGB9+v>gJ;6->es4wJca(%a1iK%rI_&U?IL$x9V*Bh
zB_NZAZsLeMW8S<MZ-Fv1iO4JV67vpEC;{9Hg?a>I64_FQsTA0Xd+`7U*NBTD|17!~
z8bD-0%-`bpxWZ^CQ@_&H9COvpcK1j9_cz_$IP<eb9b~%v@&3Jj>BlX+->@tkpS;Xq
zFW<8NBuW#^Du^aa9<$vQqOYE>GX7nmaWLxrxwvf>)dI^#lC{!z>JGlFwMCzCEbGD0
zP508bju-VC4?-m|X9(toq)kMX7O%lf^*7ezwMJHhuDIyI?A1IMx~W1X+&M;a@)y1^
zx1iO{@B6A&tRA+`1j<erLTO`jZd^VK5(72-_TL%l*<mHdV0)HVJ$Ji9FE@5`Z{abd
zQn#XvknzH9(Y^OmSDT!!hw+nG?a4_IT<MfO!2JyEwUFRgBW>?4jLv4fSy771g9*nl
zmz&P6U@t*be5Uur<u2(FLC6F_>AX()V>uE<*q8E?(*a1#?x7gTOe<?R?na$H9G!x?
z8mQ(ZaN<neAqOAacCcVS2EksPdXm<LgW0&Cchk6g6yL}bMW<2l?Gg6(o26iavp+CV
z?PPleuU`VS+j+1fQ-81#y~dciIeC1<A<wPwm5Jw3;00pN9))r&)o9Ki(*Q{Cimsx$
z1pmMEPYU6VX7o*s*`mf1XF-nv>j+(Ojp21XED3h#cyR)7nxlx)_v`-U)nt<sTDBq=
zja6W=nc#EX{gR7DF<RBrOPGV;&_dN;GFd~}q%oRVs~G&}Z>HWdY8G4~34s&EK!j)>
z8^S9(uoTfg&A;WvHHOL2NBYm4Gha}06M5P`!K{;sZ$-Gs2V*RUhavU)1!iWb;Q+Rf
zOGhBagsQE<J;`yKs`;_e^jeE-22iOE1Xs%!Ydz6JMG@DGGA$P-sP%Z4yU^h%(8)VN
zcB|M-@nr0R$HLWCk(q+lwV2`3<IZtp*)AL_Q5|PN1iY!OJXY%g)x+HFxK$guVjJ(I
zu6&7*0+(SI%lNhmvjyDaK2i~U3yAX;ld5+`VODV04L!?-+<1IZJx0^htmzm#LCD<J
z5nF7Jx6@d66OubceX<|5iTOiq_$>dU_qcV4vT5h1%eC+}Bh!1tCQWRD%-TkbJ9s+M
zQ)9B_t>-K@WF#^AxW3fM#?zb9GDdyRaY`cPXrEI>8!k9%71NF+S`3h^$qd}o*Ni{q
zcHmm6wfGw*F3+)LpI^7=u+2if7_qwM((xBI&p&wF(gLG)f)FpSJxnyk{q-**={Gtv
z#hBKE!<hFz5#ZY!gHTa6*$jv!AZ)fcE>tHrp+*i$%_OAQf+nVl8ZE0Bn@vUqD>CD?
zRjwj1G@+_{op4d$FvNn|sQVQ4T<efrjA<b@Lc$$-Vb*+pbT}#m?EM2Vi-nxw<_=Z9
zenDA;6>#O7CNPA<6&F4DnjnJu)=fe*gnFT5X4yZOOA2Paf(CH_i6$^J!5*a)CxAcP
zc$4Iqxl@Mf#4eTguy2r%h?_J`w2@u4q$5`i36?sHVat2M``8x2u?GrIAbg25y`S(>
zeS+hwtg)f9Y2b*YHaI^RY}MIyq})Cn5`xk*KdBSiSM8Xo>gI`S)g0W<8PhNN8=j!f
zg~yhU+DIZCu2_kR$gO+A^(Q&ey?uOB46_r(da+!RRyKRuQW#iIV<Kx}Dl{gZfZ|G!
zI&t#QtmlndqmdAEgzEW#uXUM5<$FLAN&YpGoP6&vJ3YVZnCtg&;{H*+_^$@Nv5|cH
zRsLw^UD3K<DUrgdf$KbJCf>=~izpT<+;<;B;R21JUxlVUNT!4Ydk<%KtZ6sv4^f1S
zr7oyW<1@R=dg<uvYj6_a+-pQerk<d?%c94TokHEZ;&e}J!A7e^`3_1nB~72AAdM<5
zCBkj58p$`H@k(#lO40W`bkdkdtphQ{%tZ>xKkW@$`*qhN1VeCfJqzTvq|+N@;XR7X
zqzu6n1Dgf${73BK?V`^fC$kLB`va-1gZJ?GLH8IWRy$Vbn^Nh<)u2J#!GciKaHQ=-
zv87F;LFn_k&b#qV&WR}KC}$pXLKCyHusV*|lFyl+w-EQva7tn_qt?Ee!W%KL&m9*i
z!JQq8@F6OQ#O0PoK*m=rO>L@hTB!JKbX!m~H%Wd3J@1CzK00)wDI#0Saup_-TVpp9
zn<;+)9=6Jm?>pw7tKW$j_}*8JOBfLDtJhMTez1J&k60L-z)y21senu*1EeBy2n0G6
z-1!GA3&IA-Y#~GtcfTs`ZI$ffdSxJpUc{z1*=Ht^$JsZbR8?{5<|i71^tb0Bqa<5f
zlC!ip8cJbDB6?21pD0^?XEDja3GgNzi|LS<fP_4yb67+{m6t$TC52m@XZ&$lxN#V}
z`Ch>{{EcrUlATsou~Dc{+;6^bej4qQ#1aTXpxf3aGjDCjpS8OpjHBMQ*s5cnAwjd+
z5TFUdBtW0+KO8$f8Q=>S40A#E<mS$WMUwCaA*vC{?FsJH`0_&RdAI^h1Xgx%hDpgJ
z9w9c$br={Qb^ef|3F9;C%~)>XBIun`VfQ!h8r_bPD(>~}WA@68T>{#K%VcNBBMxaS
zsWM=~@9Gv^xK$&i94bf&B&x&F*WY(Chpe#S;oea7J!z}y_C4)PkcNp9UE<=vv<h7e
z7I=A6j*5VsKYYL7ghOAkA!tOqK=$%2PV2_G5tORJM*U7^%e1@AB)bZcz{1;A-Q?TV
zG@%fcOdF?6F4IUPpjDMl-+UJuP3EQD_53_vsx@oGFlr&}d-#(Z6`e#-hZG|pHLcdP
zK>Bl?7PB2$r<7X9vW$Y7A`mBeZ!Cdsc~j&d7~~`Iz9)~90~gj+VEz!~*!M&XanX!%
zlirX|@rkAz&)w{mIyFDg$+&bHkwa%XUceJuP`O_$eyolmXr_y`JKvXUM06qrU3L{)
za<cecF_-DeRUZ=<{qYoexwR_|X65A?Pleu*ea6c%5lb=xJy=b|ZMk2rWwfX`v;{sq
zNk3(JE@kE{)`pEqY=9gh-?GH?6LZ_9Vs^L)vvFZ13yxw*R;Bnp5U!*nTrN0feK&eI
z<16`M&ceW8M&uXi-M^V4OhjOXl_Pl<C9PSG5wJXBa?1gRpjAeetj|^&>UWSr`W(eZ
z&HLQ=v^fzq3~DNxC>g@8H=l@>qWjX%cu-8<1ydn3a&$SGpnvLbH;G$0s_Lk8MYyrN
z&5-6cxS8~bF~K;9F<m*$CAAKYVr(bG__=@3MJ9wkS?{3o7FX5X_RAp^%3ro|?6t)*
zZPtJAI@H8s3|^^i|F94cU~at?FJJiv3R1xPZv{}Ny7iIH8<Jsh>6rMR`;n2ZM7?Qr
z=yK=VAc@wDbFz8wLko_!6OSheV&<9A#u?poVRt8XmAHc0@^<Rb=MtqlIU`<BZo|5R
zg^efYLTHIq3#8CRXh2a;oC8nIyn)3eu<LQ^_6+#j38gVMN&JLhDqFBWR^%ogPXk>P
zP6@c|5>6?x*)WhP5PN{0e2Pub8hkmu`_l*yr)WzW$J&6lhc$=Pc`l=u7vntUeuD%m
zLXn&tiCgAc+{wQT%r<Nl`;g!~KtUd4zIWnsE^1=ivzBiT=Q4ic0{gO+qR4ym4sFi7
zcaih=KTmN<r<02{|M0(d)BNvMP7SC5+^5E<Xu<h>Ttp)MlO4%tD*yI`SW+Ins<&$5
zQy_2mnPZT!Vjt6Xj{ox;_T)Zn^*l^=d_7-~NmmdxEj`*|ql2;RSSH^!=Q_Z_pd0|y
zjqK@4^R=&v(6vUyAD_@v6ETsV1Auj)1`H9^^L8Wr+E*cksm2c%JX@wMp*TTwaWTRg
zE_l`nf4@jug32!DIS4>V<?fy>PFrF2G!3)huj-StPv^h>G=-%`*+sm0yyC2WDHbO&
zgImPLg$Y050c=8<b{&;Hc`o6dR8&YNuT!_zbqb)KhqeK5N4hjrIG&8}b0Z@MDYxxJ
zN7u`9H<U{0T<BK6@Dp@k-krarrx_w!1qOK^vAap|r>)D~pykAyI|MZ*05{Foi%^)Z
zRea$965z^76;)UZ|IUW*<I6fV{baOIZ=)UY#_YR*Vs#~?o?OIFu<%dw*NwU}?`?J4
zJ%^5`uOJ$Y+~s{VaPZBh!-`g=!JmQW?ohNj#=L}_#KvQn@i)tnC$8DX3oOUK^d*-g
z*A@r<{jytb2vq>w@*04eTzSxBB^b&2JLFKVo}AO>|LtZ6YFifr!r+Cm2D|03)Z9-7
zp4+iccenb+SdU;`q&xl7g$J@pc!-m8F^`|aFPYo1rUVpN`(b*_2b%m60gtnQzxK28
zEH9Vw4GW7BV;|j2?Bz4&D*n<T2_2q30DxDb1Cewjn6Uguj8RT1nOOw&Dp86}5E8i&
zG3n-}Km@&C#3l8xr2E^^q_o?+J^u0qqgmGX?<EO!IujU}V8S-Gp~K5~0&G$yQ@!J^
z5x1lc?L+G+5%i*|%TZJ{2F=dwBr9)m`d*>2n&ZJqnie*VntZ7ut$!pf6B?ivSFZiO
zcjT#rF;cwryQY0-ZJy3Y-A1Ve!F*pVhJV)k0aV#@XPX(5ba1G3eq9(cj+z00n&CxP
z6G_zblpVmSVF@~Ru&BQPRLy>nx(>SCanpIrAVMD|lQXQ&eg&W$weS)<U`R@CQ!-%&
zOO;fc;M!-+yeg86)4*l%WCs7ot!?DaH%P~lw7}WjoUXcRKJSBJyGh5oKIEtN!u<Ll
z?kxx|oF4Z-vhDvZ+U<Xtp9__=9M8mTX4Q2*`uIQWomzJx>}dzjOI`N=Mer$-tQRXL
zFL}xT52p8%%?b1WIZp3?`O5$Qdm>nRAfED9RFy^oVAA12{O+gkwX2Nk!D4uvfI20z
zSbrpN0ItaR$*j)L)Byshmqh?+3JD1r-2InP=vDvi{(kvi`cNP|a(M?PzT(~WQoRj_
z^`_+NOLr)$+{<&$5Ww<PtkL?g`<4S(<Kelk$MH(@^u669hXZ)UaXD%pu-g4G>^)c(
z1^~0mNn!munvlY*@1fDas9jou@2JtMMopK$-|BN$d$kWXB;om1i2roCH?H4-a|bxz
zZ2(Ae-X6p`n5!?ld#P@3_kG|#xVBaSNWZmf&+0T0hir6G?wO?*8$AkNVbh?MHqU7<
z<X7YSAn8Q1P65!CdX4r)LTLN!i%q7%G8PZpLrHqDGE$FE(37ABXC*vs>^4kdL7m<4
z981t9Ih@eVo!j=H8Xv&&T{AUh^11ZiAEdw|`z4I{zt{=U0JLU)2)#1=%Fam2P}ucR
zg(Z%Dt6RnQ(;2m~ECEZ9I9~HB{0M+jU)BR)IqZ*hj%GvPX$U7KIDPNA4rXeC9|53d
z&LJPEC*~KEp_x$YPNED&qU~bc2<NyUV<ax!k5^uj!uy#0s4*|wleR$cycc(_uCwo|
zy|)mcuJlD#e|%8TlJk3cn&W(BN97|nugMHX&-I#20x@l9qXt#zlx15R?6yNU`-)71
z?@2U16gKC*7_>9d$iyT7iPCJ|J<5bic8nk7pg5NFx-N@^$Nn7}A#)0lG!2jH*1dN>
z6{Jn|mG-(mEr4a+9yb;Rq-}bGiKF<1rC+HUJG0tFcCBtC3u`Vapa1BVrEuBK$O3?&
z87TO5fqI+Ii{%JuIb!*v(Oj#T!!FTayGkq2v0M~iG?Fqx>d<BiI!duyZX8-8<Cab2
zb$@Py-kS?sh<|_T$5?D}EgML9+V4Kw=CoAS9~Tz_IFHY@U*vFSR?R_g8GzFJ4>}bJ
z3=b#aI0{bb+Al+9Puy%ZHLUCy4*-fuu3HDyUu?68{_F74UMQQ`eb4-#A!q=GP%M`r
z-F|;h3J`c1U&b<}P62N8h$ml2DmH^Fxm>qSuPTHeus3Ibi8&(1xkHl(d2wY<|H)<j
zxp_eFzlAqQEfc8;5aC%=gzpNknc9#kJVdj74nH30(wBc5#!vnqESa7oax9yV{0E2T
zEuywP@@U%eWI-#Fp|g!zCa~BKPnh=XeAHe)!XO|zTyBgXO%q!7`tV(L_iTgaz54Db
z;Gh9#{gKk|to@p4hR(1>HkqMHZ(Mw1j+#aqy)ioyk4a<DM@9sr-!7HL=XhT&jmIIo
z+^|)ea4wL`dP=t4=dS4Uj{FZ!OBT7zg*qYFn^N1!M<I~ikCUB?ot>?Ck;$7%Baq%#
zzq`;^gysUM{SLo^B(F?FX_aPjIHhOreRN5y^G+1Nfa(&k>M@05lA|x%kIIdvFlYQ^
zG1N2qqcdr4Y}XXO54BtV(igQ;3qZWp9etV7qkBx6rGI~Z)Yl^9yg(|m*h*1VcDpy`
z^*8!Dmi|$JfOT%X54t^+A#*tQhY=B#09`@G;qJpb^MTl30Ad5&rYR9C)Eo%vYF+j)
z4V8#`_7mq`1zZNL(rwqgq7pIz^nWrm<GwemmQSHK-_MHto{*;UEfkK@90GlcLH`!8
zj2~P86!-8l0!j>tJZ<mo_x%3+$d`rHW<5;{Ja+zHMi**+Flz7ns`>7S=qqlkIaG68
zA1|)$=X-;n-FnY9IIO26k5=>Ac2*;Lzb^(otRvMbO)^tvCa@}J@=`OVu>JyK)L|gv
zv>IEU_=DmGF8N#(C78qc8?*jqZ^7(boXKam{g;E3I@ot1ui!nvoaGcay)q9O=Jf{Q
zt2w+*2GeL3lJ{3C3ILN_SbMi38ixTGX<sGpNmnd7139u{=*Y*|H;y=k_wW+gE&vcM
zgciE-ujBE)?3xMBE7aY0Pq!wJ5{vwz35zx;C&!Qf^#tmf8v!jnkjHuc)xoMlsiwC&
zA$KjKb3l&TVz*s<i|a`~<a%I{)3Q)0W3DCY3P2XB@ELf0ZmVNR_&x*tc-akV9K-R}
zYlS1~4bf7gjU_{CnP3BHvW(BOWzO~Va3L;32EZx&IQ;4lX!;)k)cERFA0cARm+-z3
z-`G=%6h(FMny{VlfyZy9sT!DO+r>8B4u|gBb9T3?&*f|@O-?i*%FFamWv<Jx2eE6h
z#GHCYReGB3ce^$n9k_QD=HXZ%3IV2unRZ`+O7v4H+e{f5ph_ra<nk(2Q0S9IXYdq=
zki0MT#H*rarB+dTe00h2j}B{Dc)M(&p!f?5Wx{E!?c7UKi1OxSx$MBA?y|qU>g%21
z*g9`6&J6j=J6XHQT1_3t=;g1jTw-VX0QZ~SE0lk7)&1fT_tYb9{|f8+_h!HlCdY-M
z5vB%Q&>bbKhN2Q&ECuf?>?)@9AohkEijgqr?l(IMIG*JW__9?QHE-gO70e2&WVbCT
zz@TV2c7Urop7nBM5b*N?;qPr&KTDpa33)>&P^(x=uC4+9=KTpS^g9KQefjrKf#SK*
zFnJd(CS5+(tEI^Rf6od~=6Ua;zz{#*2g#PTY6pn$DywBx5-vkB=U2rWuVc7+yJc?A
zo2*8Qmv-MdMzAU6{q+fBGy(I>Q#^`&@TG2tU&}%=D{rL%@rpVyg#M4`;ppVtTn3(R
z4b}b?@PY>=1{KC&{=M-R@O$LN2r`$j{l&~~C`=~gr2+Q7A=hpF8hb52+F8@Z?kqme
zF&E%*H7Rq=N5FkN{kyT;phi3gh&<K0aaiFD5DYnsRpyN_=+GHiZk+j!()_b!lcckK
zPx+2?OMv`EH+*YJIr~vFE_FC*nRVB9Eb0hSEbg&;MSPSd+aE*h>Or3C?tYxgP62{J
z38;B{b%sN8rS@Cd(Dz^1FkjfQ)RzJ1$x;t2klD>sm}|7Js5;58B20}LyM0*B8skR4
zse{BGuGo_{*Z^>?DTs(0y{5OOd(Df~nb-Z)AWg*IuTYFU%+9Ri*!!>70~43B&%=q{
z6Vu8RA_kRGI``~GhdrOm?#$X^yiCRT!}Yvz(Tn9%x0fyKT4?fjnK%;WCuH;l@lZ7V
zjyD*Bj^#9ES2T_Q^R--k)p>r2wCu2kOCSNMv2#6|MRQl600=oK)N(v=^<Js>c-(fP
zI&W9^_m`ohk&M~WP+!_9)?)iu++^R#ic71b6lO1$zQ3ZEB^c^3Y#K|xrzRba?bIDq
zYwI^PuHIz}O!`!`BghC_zDfZH6@l++$D;?030a4MZVSONU$S6syJdL*gsRY%bb~D6
zvs91${FsD!E=?RL0}=M!j^$ZHC+$`NjQPCB4$G0%xSa|9{^nO#FtVpcjOzKf)t1;o
zR7XFyFsxQ>vwpTM08G*y7xzXw_6~kmQr8^LnIr5fKb8%`U;p|qMd|sb<K<wSsJrFM
zK}B;;$$Qu5eVT)bnj}0H14+t?<-du=|I&3KDD|hy4n3>CW|%E24LB@M1@FE>$<p}k
zTA1|P#UX}=4ZaTz0bZu;nGQ=ce>NC$Q{BUsx&9efvmJv=fR>gCPaC<UFt9R`5R<Xr
zd8kYucByt1^+*bH5;14{M2BJR_q6YjNg9Jb&(q9BVQ-MFY!5&QqO{5|KHoH~?FWis
zp@kLFRQm#D-@?yDXRs`%kSJhUe=8PIB=1{{q<o{Ore-7k<P`%(s|TtF7gGu!irlNf
zUaUH#4MO?ZtoqH)J6|UArP3*k{W<mFx!m<~oe*Q00`77bxJTt&_gw#*T=UjPQ-9j2
zvDJm7Zd<gtw5K##k-cxblQ_Vv{<}mucs{2y{4%}E>~&NC5JbZ+l~*Vlxt@5~^eg}#
z72d`Vy4{Svzu{d=FxINn`;g42UE@b8U{+=uIdlQLM=#CS6pl@kDz!Bo7E9VAjI|v9
zG<0P^dt}(Y;X=r&`}S0@e`V#DF$*O(2l9$KXRd2T!^NRZl{GNyK-sOZVCc71HPAAZ
zf4kLy)P%yJS8w}~)6&lx^cFRlQo}Ke`S4l%!w2m#gSk3Y6g~fklk(@7J3H^2)7czY
zw4_|^kuW|ZH<h5)AHjDZ6r{5UfCcu{sK(JCWPJ{j`5@QWr*WSZN5+>g)YG2(`zRPo
z_)N!+<mOlsG9S$f`U3pQf&1Z1#hqQ^Vuyc+j0rL{pW&2(XGIwazvFmOVvno99r!K7
z`#KERb)b8O8H@jvG72oJL9mMNI(i;$YgNN?s8RFdly%)7!Q>RNpXJ4uZyo%B)JvJC
z+}J?~O|w?x<4^*1FyH~9Z_w=c$OSz_y~%vVNVu&Q=xq}z$X<Z>Arwt9(V^1t@`=wq
zYC$kQSM!Lw<re#bV?7m#W3?-zWLs^N_<8Kp-ply_<u9PN@0IC3q{KJVCWQu~bh3^3
zSNnl>BwT@37F=r){cPLwDR1vL=*qx3j#m`i`8?x&R3YpAc`{nqI)85;f3#I<E7Dic
zZY*@&HqWI;Xx@eDb@2BZ5SmIB%;@(79C*+gbKfxd0gDLGgD~Qy;S7HcAhP_KqhY9j
zg=R2ZF8$a7DX6NMKNm(6%BOwKfe+HVYNNsycD?@z^hSIeO<hCNe!i25qZB9>S*|uw
zIQabGgG2TTMSQUmi9Q6ywae$FNFf_Uro8X!bNJ^>LVuDoYaBsAc|TIfeXPTXpztmb
zJ{y)6+HrW~5W-yg7KiI?6GX-!U-C`-a2W>v1OQFzj@vtphr0FDI65exUf%st%8vNh
zktI|n@iU9<i-0j$a3e0udsYWQ1Bdxbuz9#<N0zFSTZeR>*`;9jUHl{7EJyFJlI_Vg
z{|BY9%;ryT5!evG`t728!Fi1})D6P~5wDg_T%62HUHvb4q;7))o9H8#1<-6_^c~^R
zZn+*U!~H142F2?rYl2Oy`SXWA>a8iGIU=m(;n_gIz4;5sBPPqvueFVb9!{3SN#Vkm
zH54<sboFNo)Y<#k%+TrF#Iaz51eyHIZp?&}*bAWOLJ!9krqOg2Q6vm&17yh#=-0iE
zMosoXYoZMP%8A$D56V9l_S)$bD1@;=K8qdl1aO=;*m4L^FoQeT<01R|!IZ8@X!u6R
zscGqH-lYA4JI__>a!<E;_ZscfD!!Ay)SS!l(Sp#0mB}Rn1h2-Ef;u7E-l2j=ZKwcz
zv4R^fvf*mQd!h29mz|StiTVE=f&!*YbqSbQ*i)l9QIlJ)FnNKE6vMP~X$77ba3^zj
zTUYfxAP>o>O%=J~TkYLr0!#PzhdzL|fWeI>yN0}^$y5iYT%=U!$;DF$^<X5&qH2(>
zHllT7^CMI=;U_$;5@Dt>XflA13o$_69#!6fAFmvHr9=5ze$aKej^vBxb?;aFAjf_F
z)HM=IN*1QjC?nZr;DenM%U$z<-$LOF95ZDb1~I1OWPV>a290sc_edF<V%#tR|65b!
z12Z^XV>I2xGSMxl)^qvWSHI#!qYQ80z!+&}ues)zBM0(wkSYrW|MP97LRS;^-Hkb3
z_CIQ1Yrfo`-Eh|N=;I^9==qt2rnuqmp(1(a&14qbXZy}OH=JM9ij3FqvFZAlz@Kp#
z$a_;-$z0|;`FQv^zznT8tEdQ|zEdMcfA8om5`x8Zx6GCJA@$-x2`r&6PxyUd3&Qc6
z(K&w4a^u!Kim^?%zx;3RVn0qYzxvMb_i~E5J0ui7R|{%N870G+AL?ctCOWrVoRo<8
zoI}R*`kN?BE6;*LqrVI$<h9TfX*s%0dvDk;eR<9A^Ou>&;0&0?I3F?=DSE!JBmdQg
zfc2ar4!{IACqb%<-Eg17F)3#DQ2eHKUDiMURz6|R#Oz6PKWV8qLA9^nd=%PUFH(Ul
zk_H$V@1c&Wxvqy(UJ(%6qewbIw0;9Pq+a7HWl4GS-kNFZ-c*solV0^3>z($Fv$!mQ
zHZ9C^PyGfjmbbxCA9m~e2pp0(fySGVWgd<ERTm)Y=ijawhMpu4NvK0EYy(8Gv?ZhU
z`m~=<6>PI*&fkzot@JoKv3T1U@OwkcefIQ(c#C_r7U9@+g$1EH!;U=}>@U~*lQeU6
zC9j=XKN&QKy$Dbn;nKP7zJ*v&5qxCSYHLC#;+54ZH~0u?yR>hrrLDb21fE9vQ-BbQ
zo^xhm+R-Sts&OnU=*I&_W5TA*?cY+h5#nB^9=ceMFTPz<#Y7}-qZe0ZBQhL9w5I_`
zW<QpQ!$Y;H*_;~z+H@`T1vVPW5JSX5NOqZYewok}+!N%od^x^{ZY2vK_jiBQx(=d=
zISY-~gelgLOHwye#I5iGzN-impX%f}0|vtz&u6vJ;n04k*Pi}q#OuQhfKxy&+pF2B
zrJ};Si~4}FRnKZGfy7i@Ygm=}2jk<iM)S)x|CfW(<qVzyd#rze?iq_Xm&vB>Gm`Sp
z$oqbi)BolJ_jtkWd!W$!<Jo$=E#AfRs${a|HWA~2+iD$#8Qx67Hia1&#C7lUCuP|T
zATAy1#~{7R{JUXUju{`i`L5NUjYNaw(>F2}hcO_IcWiv$&5y$i$y!5fs%+D!Eo}bU
zJ3dMOnqh>)p2mw%T<n8FcSe4tQ8mgo;j3rG1Le6hejgT&eH^zn78D`WvAf2Sa+qCx
zi_ru%|FDVS+X@P#2dJnrKp|bAM8PH(YL~S!WC^(cm@JSvfS0Jv_+(T1P_w9Uwu(>d
zP)#(<Sk?9pz^7)A{oGg+f<&)@<o}cGnKtxz@w(xoy|MpO{m+l;KmvB3K2xTx{la=K
z?nKOGWwIbHTtc?#uqs6O+II7U6;!w!+0o|*J(;FkAv<EIYTtEX(O2wb)>^rllMHQl
zDhT`BsBHJgs3N^`A=cdRdFNsS3XgxT{qK1rdlXvJGw#r4q<Pq(sRBsyJV#kI@OMYl
z^HFuOJu2SNpCq$oN5Uo<Z-Ydk{|!H!%Z;(u<R!OYK(dFzFNUH$%nLfG-N{n@oP)WH
zZSwz&f0<?#0ZV7UuQSjTMO`G{Ug(K}^=MFKPtLb#39%20Audv0^#X#NCU=LI@q5qm
z$~Z{3r*WM$21fQ|XT9r@mTt?J$nTK3e+95e%an_F1V8~TO2CO=okHNympy*r>U$VE
z|IFBK+Zt_<@m{sno}ht7`!N_sqqg?zwLu~=+jh0<5%)$A1CwBo{6tfY`8B&~x5r|Q
zZ>vlw%R7|LYVupMtJ3wroYimhmE>n+lA}D8#vOs+{9e*4x6@b7sp@xyW8yo0<5|PV
z`bK>JBS79D;j*RQQ3~bb&U21=uy4t`h<dQ0;B#I;kjevvFJRdwkup>O`5%^m+bv&%
z*Yt|GL)K?OgQa(CCd)NgJe4xOm}Um3UyRL;1fv{)HkG~Wwz_fhLNq7_8g(Ae^qT_!
z`k2Jeut4kmau+Zg>y%^S;9_**LW1>3hVt{S>87#q;W>^}fOf@9jhCe-94l!T0-}So
zUp8>JEEMS3vUWT=|Ft&-j8~GKaSU!{xl8D3AuN}$t18Kxq7tJqTJ{nsP;#muqT(fN
z&`2MW8Ty+f(lJ5ta8?9reIIT>TE{TSG8!nPTvjE4lDTZi^~N3Jg<mW5HW=~~yKX*x
zThVE8Jv!BPU;<Cq+wfRV6<Ysn_=J7?SX$L_I$zW2U89u6?+#5HvkxrR)Bvit1A7&6
zZ_{6`W~|^A=_dFI=sWV^W`PYG^Ropf(ZyRjMoM#|cg0sOu;`oB`iN3Rfp>6dWTZV>
z^GZ4g$+@nYNj0k}x`2^_OMe?+(rniXT?$qLZtq+|6}f4@W-yz%74S-cjf1G7s!Vt@
z?!0f>H0cmJ)qg9^YjOi3;s@(;Pf$SAd*M1jtKo24@wh8g(7x2`?RkEi79{`|9GOHb
zpT=R)!(h4~ywdpE=(7#FNk8hQQw!Z_J5emMg=X?il`k#>g<OJo7)+OqQVmbd#>G|6
zz)rXxLd)?qMj>y%(ud>n(ak*|P<s{4uY{5rwBtTo@G(q0gxcB9mevnc<T#SmT8^7S
zAGAK;EnnRqIlMMmZ9m<JOazSTZuI$WkK`Dq^Eglg1Y`m#z7ZgOdM6k=+58X-Mz*2a
zMwfI{{9G(=EfoC%xB4p;@TW9aT394pI$k#iTZyy_^Zh`pHn2>5%ITkD7<N)?cr_m?
z!o8hQUE|Olv^`7HhjZ`D4nQ@W7TjZ1RQsb@*6>=Qnn1=NqX+clB)xi@BW|yeXkKZZ
z#Jgx#OL;=v+~1BE19Y!GmT?l$g(W_>Xx+Ylm){ibin`QbUD4xUmnzJ@fY85>Nc&o7
zk3e+AV!=@p56r76)2g^Yv8P6srqn^(e68xL^}cTU(8s}~7e4DzBmTG1yK+;DAGbe#
zei?z!l*s;o!(!7mRpj+d@c}?Ml&nFAwU4J*b+xcUsCaEz1s~xDGJ4tGK-TtLrPgVc
zGWv(!*}YnMR}ipsgc_3zQqyy(T3s>AeJ{S(YjOASzppt*(Lz0)sxPZV8Uy4-z%#NP
zcYSylWuYSq^sy(^`Ybvx{<SUuaM<^@vK;o4$-+<5KUj^8JU2q${$O-JwOTC=2R^m0
z-2eXpJ@0>~DmDZZ)e5C9Zwh7NPo1w1HIHUfYk)TGp$xjlX9$*$Kd@WCc7@mVHXxw>
zHHsyNx^Li2Kb)XJ-#l>J?yDZ*qvFNkUoc!SUA(G=i6;$+P2SMs#Ld3w*X&?K<mJ&E
zB>&TKG=qm{s`CVB5C43gjCyZGhrn~IzqeIHs31F@EwsHoWL)9Cx_RUROaU+nDa&uy
z!N9f@T2*=<7HhvI0ir_&>XY0N&&G!P|GiDcN|4s$P!ipc<<ot?E<{1`KPlU0`L#bE
z*ag8?b`9}zPvLhQxfuvKCjYc%fFh~o`cMwo65(2{&`M4BuVW%tiLo*CWZ4G9X#d)-
z{Mzt$ce|ys4fclA8x@)0simc>QpLZkdN=+K@+y-q+A9P^Q(LquifRL_j$GEglWvE7
z7SPlWl*VZQX)Fm)m~^UEf^yxiOJ^_k`l9C;-;4u@^B2Hb($YVTdwsZ1(9&<PXUAVu
zpJT+MERs*w`#;)y>$j-F_U%_1Nfqe^2|)=Zq@@J`DWyR=L_oSnK|n-8x;qsZy1P4-
zW(FjN9$<i>**DMgec!$Rf&IhY$2&iH=pbumt#z;KzRu5iUR%?SOaKgskd(ZtN>E7>
zeY@9s<DYajY+vtx)o`qqok*sUbSufmjxEODK{p~>VjhK(4T9Q=_jX+eH+jFw-50Oe
zzCXUbb(++(zk-%wtStIJq6g+fpze9+)i}(uc%jx}LKwVXIj@a81?Qx4XTBBgt;p%a
z91r%b+o-+8hD~w#A=xfpxgpahZx7k%2kL<%|FM2<*)>c=@jkrTbyE}U1K-Wi^<rFI
z3<jYPB_3Zp;7cy|wTtzum4E5{&PPHT^`83?k4?@2py#nJQ>*_-ZYbFr&?V2sQm#aR
zt1srt3Ie{{#WJ+H!y4!xmUzIDwL-5jcQ{%m>&r$!{KQ)2=(*A?h#~NZ<9-`!JDIOA
zg9`ZgQlCjRO6V2qWr>S)3dm-mr&(O?Bz2qL8BOOiZ8B_d?f2GM1s1RWM7+@am7V<U
zlqDnjWUf9#$OOKbu4TtqiF*v6sOrR$Vw7<10-t+GOFnrnBgnkz(~80wQff4Pzi;9m
zFyT&nO#FKLdeQ&l!rdNT+8X&G^Z{G+qtF=LQOuC#O{)9v3m8xCp4~fp%5rkHZfJk^
zW}cAGsL4~qYABJ1d?11JH4<b1*q-BH_7Zzx&j<D5A#0~y22EgxbP@CsS+ySzgyHq3
zRF1$ol55=Da5xF_M1E(VeHdIHo+#FvEIaDH_Dm5DN3*<{>&1jiId^^IRHbc0K;|l~
zbtQXlR(c~*eZ6~E#piRsD?s+fFxfr5Bs<x&7j}R8%8(t1_XB~o_i;RV2edE5Xn|fk
z`E;jZEDgDHB%3Zbx9sTj#Cr6a-O$U<k#~S+wH4SgY(#nVtN5NciVnU`X`PR(AhBdP
z#DayON$L1rUf281{ztH7lT(6$sDKZL7s%T59!YG-N^f|Kw_`Kg8}Wm$x6VHrqHH|M
z=K4^wke-Fpn<VRJc9Bz7TFf1W@<c07-d4nl$4NGeU!Sf3|G)IvL9gr~;9UAc7~P`=
z-u?m!FnX))c#MCP>A83Tn;ZYkazJ^7U3GPnh#JJ4bf0?#g+2TU{<P@<0(#V2=IbZ5
z?XSmgK1>%q9hJODEjDRYt8rN5D$>l4zGi>LrCk>F2b@9fxI&8+q|5q1o^&Y6MKkvm
zbB-#`b{?fkw5Z#5UrwY%J_cfdoI5wO=nr#QD<a+Jk>Uy6;n>YJ2OK%e3VI;VFHYkh
zavKljzNR??#_wFquyue$h2=*Zy)lMdxhbVS3Qgs2Hy=0aUM+3hn?Sny0DEq3)LDcJ
zVzhtJ1O7Bk>Ri|OxBgq_^`Rn{zfn9cKt$|r-iPI@rYMugIGpZmPUe4D`;#PepIX8$
zb|_g;Ye1*)eZZICXbB&8y&C(ZopXnT5svP19ACtd?W79R82^sg?-t{?3_eHvXFw=g
z^Q!##IcwWU@=P~hH7(yOORusv&!Q+g-^^P!((9LY(UG5xtIcFXb<sVO>Cs>Bxh8H!
zhaa?J3Yz&Uk4GgElp_1@k|oN;2LqX6;tm^7IVZYSe?H)CDfD`n5i{FFai0zeR;G7c
zZ%d24W@)us5}p`8@j|U1pEiADHv#aL@<7VxaS;T0oYQK|ws7fd(C~Z&s>JgK=;$XI
zQ3w$I`+sNH@;c=xgtLKY8g_^u)OP0sEd~bG;YQ$NhS&$|jz5K72yIXKaZjs?GD`aD
z`d_bE509Q5BBpUaceC$~sarBqnv5-#10}|bXVL{^EI9Q?v;7v}YhS4xmH0hL)^c|K
z;nvw!wp-bX1`5yND@LLcc~-J@WCAz3B7L%c=&aUf+9656Hak~2jcaEnQ0i>tnx_nX
zu~6@F*x$=&>wj6L<M>qgj`S+vuyQ}tmPXI}@*Z+bc+A)AJ_C6Hs+2yGg?>-G(R*yv
zs?<}UD=EP-<*3X1;T<#{>|Rv|YXWcxw=VqJJ$Ou73_-EP3c2yqgFS0^9@ejByVBaM
zZjw0*{HS2;IN1=lU_D}x`+7||PW9X<IyB==6fjlrZyp-vT5=6M+VN3zk)#v#eAT)g
zE)0|V9rlA>Y|4HR5-sMDUiORz!TgS2(rF3Lt5RQ(%)W)qW6>`m9*OXmD)6e23DQ}G
z<p020-PK@KRBrY6W0URqaX8Y5d^PL5Cg7R&%&VfGqd>*`;e<2cj(BMO7Dz&fN;2^;
z!f-yIG#>NYk5{~0^rtfrz|Cwbeb?OZ7`44o4z#q-O{WvDQ$y6i<0mRj!e#DH*1wVB
zr023=>&V-s%~z}=W8wqYXlC}pO5=J<u);HYIU@-8$zN^98K|g}X+j+qqtwzwg8}8$
z?JfA{``Vx^m(DLL=lvyVpy4T!Fp_xX$(%*qUFkJ|e%-KM5fgPk<@-;X(r;$w{6l&G
zA4>WyS<mOaPLP?a`AFs<wKHlvmg(O|t<wNp-@Lhov(K2Z@QCpF<Lp4%6(sP=HJRVf
z`_);335kgF>bGO%LO_S?9-v`NPovmh(dPb~1a}VOp;;)U4A>!1@3{clpkVsr5s1vm
zV@8aoRi+13Oxgpp^b~ikG3q2usOfsv`pR`4EHQS?G_Y=|8zL|CqK6E~1bX1SJ14mP
zcdV6B$lj)J`>hG#84#<EtHFchrWVkYUD~d)*JlXE?OJAL_7~&kbkrujBmLNe$?%0U
zkBuni<%r0lrV#tND*jy8qG)D9iYH~p#B19wsUztUw3?L)$5GOOxLek<QEDSssGj+H
z3k2&<&c#epW)HH-ETePAAARNtESyomfcdq`ahhjm0TmA^C(St7DO&q_;hFrBGuJwj
zp+Q3G`ZVYG7v%P`_h~IBX0QAEvHNW4s|#Yy*-}=>erD-s%WbMzI!eOZm6TsPwPk%<
zymQo(c=L<+J!-MEa@CQF{#_u^lgu{R#;hBq7^yX*M&_B>?^PKe8|Ba0{y;4|x;V^~
zLBR@l_wl=8n?6`GeEY+FdQu?IypmltpdDCc2_g&v72q`M)&BE=2Xx$qg!b;~#Rjzz
z{*)856dDW%))zm8qj2{sdNK~<Kmqu#_62?R4`Y2I3?9(<Ix(9YLw%X@J6i3*9x{@9
zW0q85S&it}>@P@<214M6$k?JsdeC4Q$G}R&VZBPyBlDggnjoTMx2W9oex|P%svpo4
z3=W=j+E8Oz%6rZ-P=g}Pye{qJ>fR1UVFyD}S{}RC@#6K5lpa(w7jL|kLB0nL%(dfb
zI6hhgM9gUU^wc=Q*%3yab<NVGE1i+zW)g&PJ-$NThCC+M1{vlT02s=a;Hb8nI;`KN
z%5QNWrYX{@EnO8pYo{c#ya9P{xn|wUb1N2|h!&tWIiJ+RT|JA2GX&%$`Qr4q^)@yz
z=vHRjK|Ii|*KPSG3CJimM&JD}pga1~Coh}e;se+5)bnxI3ZKawmKYJzU+?@DS%=eA
z(76_a@v16gS%^|8zUVeT$?WNxXp#6A=w{-NwO1f>Zq8h1a+NtXMr~tFftPMZcJON0
zL#+=>D_=zjUa2OzIq~*p$|^(5>u~+Av1?-jRTMmo{3-iw8`TtgKh64-+6(<yi$uOB
zcC^BIP5EgIaM@EV7k&o~dE0s`bSdT`pSL$JSnp~dKYL|P)&wx3mdE|WB4(W}|58;z
zoD|*lL0JpM_(2~KiDCsT(_)O+DIaTUD<|-*{PaJq*De2d*g?n!KE&{HF#gTQiHEHI
zQ6u;7T3meG^V%DKYy!$yz?V+mL7#?_IfGb+{si7uMI5}&aQ;6eaWWo3tX!b3AQkby
zOjH5f0ok|p@w2xlIqL10&#X`E=^4C-`4NN|n=7TvsrW>IEMibXuf~WTjXu_MM#iZU
zxx7Z^9e!6P!?dzbk-~8J5`g2TYl%>!ck7;Py&)l{%E7YrIqfrTcQUlb3ViBHn-OE;
zfAtre$GSwvPZozx`fd#=YM(}^5K7u~f_fvh?ZfwV|Fqm(RPMa};o~DgN3~?6T;LZm
zPbV?YrO%gku#2AUw-OQD42h8;1N_0FG8VSq%)c}DC%!%(S4=zhuerv?<j1)Xa~pU_
zE$m(_8HEds`9J5Xx8;hWuliUcH^wYhkqi<Ig8*~cxWA$BSBw3XjHsw-A-b8}#yvyv
ze*Y?!<jz+VW_wF*4-0KT!XW#NRey4~cQ;u8B~iD8-2kNu^S&^AmXC;blA4dG=JmA0
zGL7DjORoqVen!P_<~dVOKkF6ThWdiXP?dh>-t9|r!VEGhL@gwry&&o91U}}+_)r}`
zRa*6t45@;73hG?`h`?rs&!{h6zY^bsxsU?HDkme<blu@a4}M+R&NC6vlrhF~YYJ|o
zn%@uMX0+%}e#_u@q;X3I*+Z-<={Y}m`^{-N3L@SFGJqWx8xd&vu{gCYh-g2$hb_X*
zc#{1p@#buBH0z6oYo_8|i5H3HLe76|ppigr_tdU>z@fG}ezE*j9>PM<kUEy)8Y$@b
zOmvJJY~`GG56-Ks-#pf8s3KyN974iO9G!^9QeytKKQu)x00NR7J2Vkab6@-41^PyX
zGP*rgY=~MOsyY~7BEI+9Yu1+{Ae>|3H2vl-f;V-VA^G9s4m@nNQ}HAJ<BQ_f>6Pzz
zH0n$h0$u#_j&p6&fonsXW8e7$FpmVz$Tsp-xAj6vwNG|LEdFi@R+u9^Kwco7RwzV8
zQs_%fbD3V|y@$f~Gkw_GjDs~L^SM^xTLC^>W^v8}3UY7%Jqo=Vxw-#I_yG<kE2gIS
zX(j;ko2}^)bTk8Fw9vDKQD5tM(8?I$P|SISLAKC<o|g2uZ7&LrE{~TOco557iHu%;
zTEyN0TlZ<-WxA3jVv1QA*vD&_PX($m?GUUBuPbZeQ@h8M6I6&jK(l!+N{Mr67iJ=l
z(Z1EQmWQm7-Vvux9pxQ93*ZO}ly|37XI|DYVz_`jL^qOsn<nFHO91S>{+fdiR%=ev
zZ<Ti_!@S>n@&soI+Rh0qfQpYsRL-fhhj{$g4=l{L+9xrv7;VZ=2Pb`T+#b1cJ&Eox
z?RVuyEts~o0FSd{5(aQW5%6#EVE!%A>g9xMJ}xh+;;82iHN4z5o7wv9uwg6BcHrN8
zPs(u$YQhWl+6h^m!Gld_gt_LuYC!8TG9sThrn<Xh{>3j6pJJfi2J?ZBO(m}<BPPDj
z7Y4^j@LP0|5#q$<e)3@yal9>;nmun4GsAY@k3T*tK2ITK-J);wJb1HP<hN=HC-=eD
zI)#zYi*2DE$8gAdJ;FK^plD7O14t_{?3i@Qy!`#H^iReLYc6BNhX-V@E*|Jzzx3}x
zh{v)B6dr*atgK8ONN}6~Ojs2n@Dr|2>H|kdJ|5Q9`i9`trplT_jfshCat1O`<WUK|
zKNxZd-AW9rl@)$aJw_(Kq}0M^fGo7$VT|grdH515y7sCQi_mIz%-nZz6y^ho!1E8m
z!A!HI`u4Jxaguwk7Ge_r#OT*%we5<6?cWM{U0&YX`$z@cNB>~89RBA@2uiaxHFS>r
z;Jb!_4P3GpA|YJa6Jg)Ogxzt*h%so^13*jr#e#3?OfbV8B0)FVptH6wSTu<e>r@Vi
z5AamJH{}45KQs*?5$)ZdIWV7cY?8G+<k3oUl_jMK#xN_*tX<A5{DHi>_E7?xg1Y)@
z2Pp>8N7U&fnJB)rW+VKU_rA^i=e%&*R3aYT=3-tW3EvGV;0TPRUxRANHdrJ9gt?6y
zL*2Hg``LQ^Jp)~3-cTzrcoJINV={Mm?A;KB`%}p=U?Di1X1i$+AR2PNv+%y~(8QdR
zQZda|SWlC;U!`%=8bnzy?1+cJ+>06ZUR#`DaX(=c^Zt{&JW2EFECrc*?@qPt{5ud_
z$ek9pEuIffO8v!s;ym0RL?E5*v55CkqT$K2>N~QwtYRU|6{x@N*Bv-6YL_fQ1eAyP
zB=;Y(zHmpq&1VT8Cu5iu!T011P>S7j=(F~5N0z4tec$n%S!1Qi%@)0ph}!k&;5!5X
zRJ@A~9to4|jJvay^XIoTAwZuWEM<2D`oOIQlU37&;yfMsu!+eJ8U0VCxkZJDzQ}(5
zY+zP5+xY+xY%Dh-TsehI<b5VDDe3g;?eY{eKWCtKW>=0|;`lA6bSkTQ=Yo-PZ2|In
ze2NbUlV<oHQSre??uPw+QA;bmn!~=)C8<d9khQM8OyNn{Dv{mT#aCl`ZROUp^=&8V
zSu`B^6F@l1pcJ}FM!9cJm@uI9HI%OGrk+G9;0!Hx?M9a&>lQ<yB3abWEdI>%`5kl<
z5wrNVn;GE;-}}52&!k2b|2^oJ{m(q+6Zqnt0GRc{6!sba&%55N0e2_~FP`Yvsrys`
zsqF%doHST^Z%S_sb(T|(e^ONYyWKDTK0c0&&mTi+duOsoSEJfXNFlEdi5;QR;WRPf
z1xeEp&UM9G%4LN4WG%@$U2v_FFj;CrwyqprX*Kc(CbjU7;1bj_uQGIui#UmCg#Mge
zBo5kTu)gq!k~&zdv;KXtAe~-~dOFg|A|JL{wp<M_J?^7?p=g!jGMW)A>}%a0o#)CU
z7_iqz!|5dXq7|^RM#esSesM**FLnTungCTfTT?Ul72bo|J7Uq)jxik#Pn!gZk%D}I
zry$I*COxR*U@Vx`MSLM#_|&U2_*hhh4jF30U-AvR;)=6&!Rz1hjl>glGD^x;6UK78
zOfrYXTrB--$u{r(G4(g*VE^s7f_nKlc3z!{X_ibDcK|zoWQjp-e@{5AYdIBm+eThn
zv(>m(;Dyvk(sM<bAt`Ku0=4u%@t0Mg`s%(H)^mA;dUKu@LVCjq`bmG~JqHqBj<!hU
z_}%CuBxo^E?R>&i&5(`7PlqSMp1Vu!ve8d{gwD)*T(w*XOI*$RHoHbS?AA(P2FKO^
z>}1(Kpz>8KJm8XA(r=i>Ja(d70TsQf6k`Dh(Q}`pZ!Auo%8l}>I4zoa0}L6<#NNK@
zn~Fg+Zc0bdrh<mpmN$!+Z@7_(DWL-|yjxqIk=x`F2XCA0F&IbUV|JaP){}M@AET32
zf*FcTJA?ayLs4MUT{YeBWVTE|mKWg_LvpHiWRs0|_czi^qx{OM^^=t54yku7utenb
z5_OV~+kBA^yeA;_K7ew;k(_)Dbc6<{*_{lV?eZ2bNl{O4rhK|i0LB?ecj40;K}}{#
zW7cBzd#c3M6}auZVF!z-A^*Qn6B9~wC?}`fwTd;@UorQ+C|j)pAluJZdr-SDwI=e*
zDnwA(o=7zN?wjH*I&hev+vP=b0iaItL^l)ttOq#udJeiIjnB8E`%%4?A^jX9cze6&
z3H>*>s$A)-j|KFYmiCkiO5$g$F;lf)tr2dH=yse7!IUepqkr}2cH$fwCq~1e@t%`~
zQ*<yxW&L^+y^!m-^*BJ01RXDUUD*2yAKpLgO)&Az+T70&IeB4%OG=ZAR_gwzuG`hO
z{-(tR$$BUed~V$6uS&_NeC26Zjx0$zKj=M1S*c_=j7&GL>n`Tmh6kmdL#9lW<9JFe
zah4!Yy1u@g<$;_ewm~5`*K@B!pOM@&4w4J|l3bslMmhQ-cEvgl56|7UU8@KWIS(mD
zTA@~cc?dCY2Y|ReL9LJc?M6jKj5rVIBz-^Y#P<d9*V*Ah2{-k{89_&zla00gfe;&3
ztO$8c7ZuH9)Ti|!UdyuzOJ}r%$8D$Ba=kdI;{CNa{b4vxMJhb(GUO<Q&%cRIz;aDu
z-7zYGBdNln<MeKW=Ha$uQx<|;PW#$>kadO~Qp<>zMb71g-SvdpihS0fXH|?Cdxned
z3b%{8l?7`}K*FuAApyCTcEv71rf^-{-GJp?_I;U1k^pjTeLhEm&XN2#8SIp*@~tXK
z75YW8-K5Q4I#46QFa0XJ7;V4msJ2202)sM@lfd0So-W|a6U^6g(|$ptGTZ)I1-GtI
zrR-15N3oL2tbZ4IcN5jW*o~Ea5%_T8UN>L;Ug}<y<3gDRcbIO{NjIg*MCSdt4QT7R
zzE54*11>Je&qbcD;I}FVEg~*fDFkrMG~sUpP8;eA3x`cbUC0~L*1Hrfv7i>Q3p!W?
z5~O<bw*Ycl?~&)0BNki(21D+nv8*AauK_DiT>%=g6J;V5pEFCGmRXWd3~KGC1f-!f
zTq`FBn7OPDd5_l1o*34>v>Hu+3e@-UbP4UmpNvjJ_wHpCkTeUpSdES^Z9-dlwsxh}
zMXCcK+N-R}vbo)YWIuAUBQtG*OTR(%<N^s{;!SEY*QsI+2&Py#!M@4qrRWT6g;y&2
z1b}91i5Etz3yOTHgEdl|OZcX_s5x#_5>;%$=e0oMbU@$dv8VXBlDO{aFr3{<?vC(>
zsVAyp*cyy}mp@^c10zUSm;C4X233P$GW>f5D(O#JFAu{QD&2SIw(q@5fsVSbll~BR
zX^tHnf&eZA@1u?7`wIb}Q#UX9?@Rhiv6rfGqH(zO`2Gi8n-lqyzL5gPjVA_52kHdP
z&04@((J?^<5AV5~io~zGXMcTt;pk0UtYhpY|L%#&a<$<nmvpF43p_`n{?+TDZ64ji
zOpD=U)mp;lq8Gt^h}T1(d}ngs_Nt|=rFy{uwjn-H^ld=<hXAMEuUw&rEK->V_oRJ6
z$01i~g?(<!qVoj7tKJst6H;}bpt-CL1aC09j|nKWxcWm;o;x!w!>dT%Bj0+suOskh
z<T}T3&Dq!z3bf%sYHu7|etas?<Ab!E^s$DIy&P|N`@yR#a-17n$`2uIqCV@cuau`H
z3?AD7ROWZB54Di**AuWQS_~cg(BgT(LjBA&5jPFIS?&|t2t^W*VV6Q+2E{p_e?CsU
zxxF7ACfq8o8b8|TOo_01_f63O-v4>`e**V$uu<lK^~@t3x>y8mo@;ovyvyczbBcDc
zt_I@xR^93ryp7|3c<%|-+sv2JB4^u5)B;YKrLe_D9mlK1%=W;wP7?b12mIizixh?y
z-@zjdyaF(Noc_mQ!^zji2Gn72V3}?Iw}^^m_@BRHAs`_7KX3e>uP16_Cux%Tu~uG9
zdQXX*mbJmH91dO@e0Pfs{+>VHE5rNWrqci4e}9kubL9_c7nKy;UasJEm+b#sQ~&SX
zN&nA_FI|KdJ-C-sP-3l-z`e3^s6TE$_58c4&&}m)Z-0n-DXa;g>Vjx?B^E}B3_WM@
zqs(IhjiGaNkLqmGsp8qys{D3b;h^!Uk{1seutwQmSJuBcuAP7X2}s7*u{+F4`XwQc
zy!rCLPyGSWxS9ZTGnWW!$W@9_UhW8D)2pzU0?S`Zx8CP@(+<r|F_gi!-XA~R=C4P#
zM-|6E%q9=Dtn;>N4b~1@Z}g#Zs)vnx(X(s>%Cj7rdeD2_#oIbJad(Y$`t!R(igmI}
zKh;iX{;Mwj&w=zb^gFw0x`6+WxlDD+Ht&(zS=H@f+}i6Z+;>6S75szWZuRsdkW>4g
zqxkgg*?(`t+rcFMb>7FnjyA@P^aUVqcns^_H!B}39<21{{o^LLfHl=maetYwcPRja
zM#S_pq%FdVD!N7zPNja8Jq7sR1fGAysMGbbVUGwsS(F1%h7<lXSwn6IP!zGXTYqCr
zWkbN{dBU8xo5m7VL5KX5VbaIl_gq5)fjQg>J1ngAdnpodh`mODqFHnpmw01_Iba(*
z%~`uSLLQ6Zpn@&r>T~6GklnOcoYZ7kT1+SDJL4V4>Azo4G2r|yKrd5TO2ZyCb!Vx^
z_qD6_d(u+Iy=JuWE!<!+vw!~(d<6zjO?%KhXf>>JGM>m+<!JQStuPLk0#W}=yK^-^
z7aLdLHS(+ANdzi4Uto`wO|5Z&l_J9(b>q88feIK0!rfkh{AgXM95Kb%tqT|~(H`r>
z3}qT+LU!RmP@DtzV>vi=)LUjAYzc0u1;Nn&18cBvq@UJFzWL^B`uX(%NkCSKK}{ba
zn=+89EG>uU1f4f0*tTmAIsrG~y8I&rSk#S`s2mpRnEwM#pa3}WX~o@-SHoV^W&H=h
z(%+zjHGHGhp&A}s*ww#vO5&w>6>ik-$N^vezbueGF$nfkxu9?YG8zMTs6jy+88~?V
zyU@TE4>0zCr@|79?a(Z6f11{KFcHRP@$%-{dHK?7o4%HU=+hg0#W$?_uW0{3UK3FC
z@dgo+N26gr!uH0-axM~0S0mR9;ylJpoEe~<lp$ibT5>^iUfFzi@%rjw4YX0Ch^U{v
z0^==K>k-fTx8D91Xl|BHet-HQeCw}(YFS(R59-Ng5>%*-ajujL`z{&~kg6HNA18EM
zC)0#|!2}4Mv)dk~L4MUW{WYVMf2tzs806-P!$8P!s_E-WB-#{iHF~X3YSd`e%pEI%
zz`x1qZZT@CNv7QO{o-rU=}-PtQ#YPRj|FgFahhx<6RmFR(ie>YOQne~;4h|{-+ed<
z_bJ$a8-HiSG?#wj-sWVT1}nYsx1%td7T$@QK=k}}`C<I^b=hdv?d%+Q_{}GhdK9ha
zU?&({apVbYe9~#X+|+fU;r<cUq$DFFQ|ti`5TFupdOu^$N?h}C-s(!|;Yb{?UE9=O
z^fE$pflhPHW!#kbUx)2O02}0};F!1^N8JcJEKt46XO&Qlpt`@OJG&-40(t56c@*WI
z8pSgM5&OtGck_PDu^#h;-^q9d7}cJ(UZ4M--rfZLAPX?W$8@drYSxA`T&a)y)OVGh
z12TfgLFZw(0+<0WqO;lN=9a_4lr+jurOQoW8#L8sXU<n@CK>hiv(F?TX8&5M?<#2z
zayxoK{Tkh!Pj>XS>95yFS8WX`HT;)FL$~uTX7Du8E(wU41W@EFL&;mVUYw?C<R~bw
zDU)|fwz?EVEQ?Yu*shfpG>npoLH-FkMglaV*ZgaGGrhaFDPtM$42N*;)0+G9-+jZq
z@lSr@?`_<n#F#_?6}ZLE`*nLjkVRclpMb-J9O!Uz(2M$Vg7$4Cj5__gM5J8IeS=94
z<aJ|U;SPi_`g1}|&c)`qpN1q7UJ9E)o&pcDFvqdr*>nTxN7owRtkYXd?b>(pXkimc
zuZ^sbBbdi6Ere{D-xM?gIlg#Y_(_!(Kbd8Nl_&F6EoUbzpSkwE&xrd`2=K@}*X=2z
ztz=Bvx#Y0fK8>6_)p?=&u+I#XirNfYe@dSM)w@~1=i=j4BbeYb5WX$k5#aIgA8Rma
z0+<!E<@?LH*+=OH18X(OIz#YcR`IsKkDlEf%L<&hsr0|Ki4TXd8T)Ej4JQ|6Sej6Q
z**Vb77+#3K*H%$MF5LRcjrO(`-P$VzR^6Adn<YP`6n0hJ^q#VR6vHWlph7?PQ{z8q
zew17TEWgjZEQ++D8lB2e--+tilv<CCOq;pIb0MP)i)=3IPY!3TGlKGNGNrMqS^h<C
zPnQk?G+4FUB3;BI+16h+NyuXV{pQER43vwy9$4gJF2Q`5e6z#!c<Hr4ow0%8*#4MK
zL7C-BjvtIrbcbBa)}Q*yOOSA|{#-P9U_o-*C`<jP_r<Q&t>e8&BPZWqXyT3+ED0B!
z`dTnTMiwg_PDidZQ{$F$>2g-F1GasNIrq6_IMh<3QtO@dpkG5i_SV#VoYZGf`6+XL
zw98E|<~A|9HJcNXDh2uN+g%^w!hn#<6n~knF#GvgNAMLR7-wO>*zi`r%6_x_1`dW8
z9hWYFF&zQseC|6`wzJvwxqNF7N3Hc`s?4FT`XzB(p<E<r<E(Zk7*B{#j?j@cF}mcK
zUzFl~NhdAq$41`rBZn!@pZ24ey<4CcCm>W$`{<`)4tMqkZ3itibM1#T;R|b610Pg~
zxh%FQMw7RP(>S9Jw>Vsi$KD5C>QveAOPqi{Cl~_d_vp#Tt6|1Eihm8?wpmMKIBz};
zIqhOMjlvrkx9~EO&+l!?arSDY=crY^Z^xvzFC~O+$>EXEjctzxfJVOE-|6GVgEO0N
zwtvc`>l76B-@b9H98~trM;!o1ol?bWf1bl)!(0}|4C&73oZyG*h_9}khPmI4w*J0G
z!@VR;Q)vD`q4P5U(Riu@B!Q=lkUx6cVR9a>pBt@??er=<%YQIDf5**8^#CM8&`W3l
zGJy@H8Z?>!<b*-sfFABHYPd}(0Njt^o0(7fPJqh!eOy|23jhr%HNF8GY*sOM|AKkk
z@mbhc%&?lwwvHAy<=9sygK=WDxAUuvxxW@Z$$VRhQe*__TSlD`orU8$$1;qQ<f*Iq
zFBSH0CE0BkYziDgideuz3`(FEa-d#;FD=H}Fn|!s+b5?*?Q?Z3e1x={`o)H9x^S5J
z$5goC3noW3NL^i!MkN??6#=)Aw{m2<gqsQFQ^P`}o6NR7o(r?Q|4W+p?LUQozm0L*
zZi&kPjemF`%*jw3%+Jzrk@ixj{L&_5;k!<KCBd^)w|}xZsU!Ie;#k1O6GeK3gdBEL
zKJOS7{1J+5p3E{6K@IXABQ$b)6Pb|os;@7l-Y+q^IAr{Rdj*0+<EkX46+C=(6HY5+
zgEPbkd@#{I(J*r^`kd8UKSQe<5+<u(?NG87j%s>sKhh6avAi|9L)?)`(B|6oV0qD-
zs?Fi+4o+xQNBF3Gi{eruh;#VZSHb<{RUmKcsSLN$E36$-$$1@`+nqXyuwcO(_OhI8
zn~F`5R|(p{(+Ym!<3W1ksmlPl`~<$}v}0w@!av!FeCf{MXJft`HMRD$&d*#o_=v00
zB<x>Ie;Qf2#EZr2o8+WbSC}cg=|{d{IPn^}G6CJg={uY=*qWtFR7-|7W?ZYUJaSv1
z=I;k%MPh(a)6Q5r-D_o7Se30lXJ_u%s92Z<+gtMeg-(ihCw>gWF|7dp;7TAa>3AD9
zD`|EL2TOwjNQ`3zpqu|}rH@BlRaZ6Oh)UK^K^{@LP~w?^G4lq!sD0t3-)8iWjD0U%
zKO(Q{oO%Wpbx<(jl?K)E{5$`){irnIg;kxq43nGGpU~TkC^!5+v}KH^4km6a3*}~~
z`=;m3V7$X$-%w-^0wVb-de!sViyHJ1r`l6}|7tDnR6NMAmD0>pW@{X(*K2hD_*gwN
zvxRi}bGdm>qWF2?87wsUgp*sn^}0+JF9{5iyW0gBLz|_PGwGZkZ3<rPqFZjR@g`v6
zX4zTa9<+!FwRLx6OW0Ws#K!?rZUlflG5Jnh+I3~HbX-|=mVkIsqN0jrixx2Qt=L+_
zr2`xH7-%1Fl47Pw4$bU*R-RWKvGREz_H(T1Deea<KjxXSF{<&wX;+H@>0HX26P6tl
z1WsQ{?Fb~Q?!g>pcnzJ(RDly5rRVj{2D0x`Zq}{(*-)m&ezrKyt3ViD%ufB>swzG7
z-Szl`$gpT1ssiCUrxncfUPFsdS#JJl^GFHy?(Y;avUsGy20Pph@RX>mfKwp7cM{iE
zFrKE>64cYuU`8Q96MyYz{Abg1w%2hL=|O1a?(gRev=fY8*l~$rU<6+?4Zn7eu}{e_
zMJ&~SU7>=cW<Khh@(j2~_VLf=SA2O}$Rs2=3DXc976Y+LKG^#V^D&$0u^^qJA5e1?
zCqUY|bFmq_9?Eg_{A6#DmVz!#Fav#2?*ba=zny1O84EvS_(vM+9$8(EVr#=@&ZIuh
zRq5+FJMj90EI&=%JYcn;y(~eY(!IHwPqK~b_7&@n2!y`Ga{r_cbY3%_QXmk<CMQj4
z8-5&qM&x_FHV83*c164##Va&!4lY_M01CxGsz{|jiFZ0?n(;mST&V#(fk%Ef%?Q3#
z`uW;z|JC7?QSY^p6-Tci(=ysAXo8hvD_Loi^LOQIC&Ju4O1-qgipR9Kkud<)sx!yg
z)7EH}mL+yhE0Ymcn9RhZK@`Q*djFCt3n!Dx$b=vF&^iX^36^5qrmEp`S+g=rinZQ7
z)k<2TBaXW_E`$K%3In~f!Q~{sc5!-OzAkrRc(^vaqQU=EyX<pKZnovn^gW%buV!&3
zO{BuQiWo~ot~soolhhq=^RpY9@3ymPF~eIvHrDV-?JosR{m!a=*Uq;FCL07F69lBO
zgT3Sdjew+$Bx}%$i$el;{!1zUokWt~t|TU|VfK)H8m^01fl}8;sbm`^!bg(Z&q12L
z@0yvRD+!~>4*yN>SsULY`;5jz@<pU--<W4WyyuaSm(P;NwLn>_gp0!D$t<FSl(4H?
zBHOr^4&-U;)R%D+UFS=Ado!FoI0f5<xm96-cP|FXv011r`9IES)7$AS?pQ<LNd0{e
zTNL~JeuTl_>a~3h5_YkN;)F&O@TQ0-vVE|LEF?P_H42q(uo{eC%o)eA+&5qM8$}E~
z9!>N;%Mqj`v<+i0N`+9tcEZzco+rJ;(qdh>WyE)l?rP_&BpvH7f4u@Y>Zbr+=+*sK
z_0GfEr;w{-%BL%uiEVAf;bcGnl3gJ@WO!HEliC$bytR!5y}FznooY0D!-T-X3_dcZ
zQFa=Uv<~2Qw6s@|g)$8gBls-oIK+94FL9vZ_#On1LGIY6R3u@+p?%oVQccq7`?Y%^
z>6R+JZ6d2BBwsE=f*A_}@kloK(SJXOTn6~bpKYy{q|+pg^<0zZ^VBNQ2-|LHl&;V?
zo$Mr)iL8v^t>c(Gh~($Jl$-z2gKa{b<Z4}Sj%8Stn&niBQ1kMU6M#OT%nc@{?N?;<
zD@L{0O%;}+Fr0pt`G{q6eQc;=KvxECI5^6DekVf2-I>j^7eGg7m6;v>&MGC1JrVUF
z!>IL>EC_vaBtZ3w>pL%A&Sr2-h-V=`)n3j?t7<Q^_=4FAnx%#!P%lDK^rg(VJv6(8
zjkvTUQ81PF|D5qwCu45<$C_VBi&@CXHX{dUxjtRDl_7B7-6^+QQy!kI-u^R{bpm6G
za=}}IWfl<I#)+R@O>zJ1^wrn)<nyI&uDYG1BJ!ax2j3sP3ok$r_}?HhDBW}`dEKwy
z9K0vUkap5OZM<pcigNCTJ5SvGq6ad&HakQT3B9g*+~^O+DlC7$s2_FBL|_Fsz|0wH
z$+qxs!+_Gn+`oo9pROS?ERir|-uo<>yA3M6{E=#(_mF4b>$6EEj-;T({Ayp;NgXkZ
zE=*SkfU7X?7#p(esJ<uaqncJ0Iiu4w+HW8s_^daA;jd}m-(PR1@6)T*;Vzx}P2`15
z`*n31*Roc8WDmGq`R|E8Tvb9UZSf1Yoqe-6X7kr6a<)wRUns-}5MuPS&rDy%-qAPs
z`@LYM9C;F#rG;iwkQ6_)EDQI)C>d#WI!8F4$|w9I8|qYY)_G8WI^FH$qMNp3?hDgC
z^le9uRZ>jiG&YA9E+9sBMNE49>kyQhL(<z9$DUIuAx+<5fsHEZaxgjh4}f<R?fQ5f
zfb;CrghiUi+j{4?vNQkj`!+P0*0gc6&2Z%3-LCy=x>3X!+;a4%tdB?eyN)l6B(LJ1
zB)RFjSb&J7Y|H!IKMG^Hzt9DOjsNY;P0Nk4<!6r9m}xh<w;V|=M!SXm_e~UrrPu%@
z^+WknU}q8K!sryoaEY5Nfaq6PqZaXFqvTwP<w?&#o{DL}@O}=)WsrHq=OOwdk#6nl
zZ_10jQKA|a7Xi};7aO^hnI2xNg+E1e>%mORhBs<6B-n^TEbn<m@l@6x(AZ!o&C2N8
zj39Oz*Zk@w3UDhD;S7FtPF+4IPMDR&b4rq8`w%ix4n7JhFtq{g#KFR40ekoLh>g8g
zShB;3KG&c=!6Y6H`@m2tyt9agP5xyc?*!P|{i_s3mE>HNIAuhJC-(+lE^fy5SM#8E
zy;>Zdr0^~$X0!}JOD5k5W$=z!-#xAc-M8bE7gXl*vPUX)%Yv6Ys>xOQBB2C^Pwto1
z&CY+T`e8$xGcb+T+z?kaoZ&C%CqDBY-J5B)#0wr>xmYZ_L!iG<{)%{nc2%m_Gi6>o
zf58Qx^_TiNE0^tOQ=3GcuylPQYB{DL7p$Fby@<pL%vQxn2f5Df@r$35S6Ws#5&f20
z_gy;o>&<&R;bCG*4`QHLoP>J<;CZJZg8O2RiYrtkdL&&~yYDJ3km0R{2&0okhu<P7
zcIaid`G+Lg<zjjHS08fUm~~MH2bIFhjFn?Kvs@I&o?)9NCVUq`;}<rytLwymq<X;c
zc2p9bdg9Oe=KO)pbs25o0=QA+^VA;Bwk)|_5@Svlb`<siSJZ%qn1`L;h=F9M;GG=W
zF(&FHFpZ^;cU{~WNtlU+E!z>gHv_itGG8unTs1ES-f~L>ldo7W;E}jc`;NnKbugkA
z3^Q-Qs5a-?BBFn0VT31>`RZ*~ZG6~$!Bd++`}39%@eAEM>G9x<DtieQpK}_Puid=r
zpSqPhU&#(lJ_WNDORWGJ;{f)Vd|x+Gpsf|@ivcTv0j?JjyA175coaNap?Q0Yngt~E
zxIt&tKc$iK0Bbn<7x31x*~s&b3xqG06fjQd-!G^f`Qq*k$@cg})n;RUAqZBgH;^h1
z*QFz%v{-PQUJMK%WM|M=+xB_v%0os$FLUhz+rx;0{%kcTqflut@k;HbLv&UZX;nr4
zkXK0^dw~!S?t5NGtl}!iMl3K&!BvbQx^D9C-P@B(y&<1&U;RsZuB!Ws4ERw}VTlA%
zG-Ff#jZ-TNvid{U>mQ(TuZg&O_YY4czpuLA%{2_&;=i3a82KI-3E-3B7a#CRj(ii3
z|2~PVPndZVi{?a^mny0}{XsP@NDz*siukd;*Wfs9I~E@2LnitsW^DE|PG;FwnOLi7
z-UgUry4@m5SwW-?ELm>t1xjR6)3^cOPE(}rEttv;{N>hJmFjf|ot!Y`G<;U>bjY>W
zBBjS{nD6&S(f1(V!5dv3eV#a;<Ep{)gJB;x%*#})<rxBRqVMizEl?}VT)`CA1R-qO
zq@_OiE7DkcPT6nKP4E`K=~ay#VuG##BSni9e|U+}HCMbubL<G&r}nS$W)B?_t{Wb4
zsL>_Ri@AG>Gdw5%xRB2DvB8zbb*Tnh>gqBE_uc=ZI6^N#nLTNYi7iogni-Pidv-X7
z^^F4R0rxWS7y80YkdxCJk&J1UZ4YlTGAJy2z~@~8I=hn1C4|9KFu&17eJT>_XL1jc
zAe_Djl0?mSE`08k6pc{m+5>+NtyY9_!;|L_(Z|Bs^`27_?DW41-f&Yh?x&Bczg$l5
zK*LhBf4zn7xscoCig{a<otuX~;I(UyJnH1*Cc-&ii6r!P6sl4{Z_oGUeqe517G3wA
z36st|Sndgj2#$4?6<-vO?o30W;-&!z6oNOANz7#CVjTb0z0urS=pudh31^MhB>U_K
zf;~J&l`IrU)==eE@*7g}0<)ZtJeQ3f#A=XZt%{_b07W=5`+?)+)Ko5o7?#IH|Lc6J
zzQ^x{>*YC-tF&Hy*L(2GG~AQbo+_o;kBTc2>2z4V`$EcUIJIaq;=>vY**d)pFB<M9
zhfA2ByH=X`sIDFH48!Xl`vLR$>!OLg&K6eoR$=yqOEd`DJgK{Me&H<<8imLsik1vR
z$j~{|?UL!|aBF*ZBSfqdWJfL$B~PT&rGH-xC7BEyS`JpFwhixDgX}y)m8IYdAC_+}
z{yN$d@L?E5Y|v>6P~mMDx?cr?W}S_>a!Sp|YTu4+{C9k-l=GnsQH{|Hc?cQ@j2LEf
zh33eTW{LZ8me;xM!#56guf-?cgD9oBmtTY4Eo_GG>I1D9chhbA&)**IHuN$>eckcB
z0Ar$17m~o^c!e2<C#ON(hC7GkwOX6-*47iEkgt~oH}h+PkN6SGQzi2jU>M*WkSP|H
zeD?7zZp;TDQoBDP9=tW_@<!RY{cC&wjvr|_!>7rH2)q7i)a9p1x`-~gQC$3B;s!;D
z7m-@JXptAu+7ZA3kIq9rl%S}V#GJxnK?P!`7r_7n98Z!!i){@ux%AzK)@e8j)5(7&
zc~`u30gB@+IRk<0FERI@swj|s9u=rQ7|S#VIFS{E!>*I<U0ydLpmz88B-xLSLFFJ*
z(Ku{}CP)Oi(Jl{@?{o(Ci%w$N@VhpzB0}eDn2gHqn9CsuNA!w2t|mh>Tr~<nj#D3X
zj1|7;`fwTtm@WNGkaygGKoqfst8ct~sg@#?CN#GME2ruSJA>DS4}%oRBhiRp=*vUA
z35HDp>k+ybK^fPBCM|X*#iVt|MN+8Pww%rC*=Vf6jQ;|ZAv|t|0wH)eeC@@Xa^5;h
z(foYF=U-N9+12T6O0gixcNUY3@8^-%jgn#a`+1|M493ZMjSW#)G&DPS3NIut_gUx4
z0tE~}UdvPx?~RLIEe<@WwYSW9!RkIdWaN&$@IWY#Jhu4dsRi2qu<qjEl<&!?BtT=!
zJlBVGwfS5`&vGM>^G2uKItn+G_u4{DGrp;TS$AX06jUPtKH=G8ZT;Z`oa@3Yd|UI-
z44C;K<<Y(O{9)Z;6r0UtyRDtgJ!Q`M#LWcFL;WJaFl8h{3eoxP{!!vU((?vu+vqxU
z<V2x+rGGC*XCgQLcj>#amx~_=9DL(>IakZt<hzyQno8f>5q@0ewIf)rUk|8$&5iwv
zY{BFc*aOdTeQzT#39l38_7CwHu4mp|M%`V>b3u&xObJ%4pZ>efx_<fQ@Pg5oDG-lX
zsJFbCXHEmAf2SSHzN8U!D8@m`X_ap;HYONzs$<BiJL=e}+dx1Z<0`NE7#)H)w=;xs
zYkQ^u_+FGSwDc+i=L@~ZwIlSaY;1Wx#|#Bo{H&_lGqHvUucK5lBvnP-H{MT(7p($f
zq?Pt*^Z4?%kGTwhryuz&bFlr58D}&@d!DyZ`h4eEz%@Pn_VbzZD*onlEtG*!`|=YC
zvXE~bcib}b8HL?zd0u7PkVs3z6a^0^X3UxoQYK>}&G~|Z@gjgcR%+w!=0tT$kuUv(
z0SF9xP8>`^{U9E<j<huYOM+Zm2`gVQ8G`hkuX~5D;gj^Bi|C8V{Sc&V{lU>Bb(Ko*
zb(V}#EzCfl+1@(9PZ+zp&SW2CtGESeAML!rTB?gbEkAPB;eoG3wLW0;dG%m%+vE+4
zchtU<Y!H>D64M%Za%Uc}WScKFwKNPK3Y8e>A-~gu;s=25xh`MFnF6;-gCS-q237W1
zwF=++y*hsy<wSXW^1v*%Sgd&ap}D08_lf31GB>i^aKE%4_*?ffPPX!hEekoA$GWR2
z=0AV<cx?B#bMYM)SCo5Qfy5R=T>>hRA7Xn|s$DeEFbZ}Nv6XcnNxXdvRMV_5D|5Xg
zUGQ`F5XEG}NzV;NMPd<*zBAI0kXE-!wB<yXk~fT*ueYV?UA0}+<cH+|oQ6A0;PKde
zjf|D>0S_kE!gVPhv9dAF6Ssw#^5n>$j^*_3W#6khcBjjJopZW0x237<>~=Rh6(lZQ
zcZF_v6l!$D|Cg08LSfx{LE1Kgfs&e}+{V{DLk7s0dvgQW0UO<pGlf5ox#Y=%UCiXh
zL2uXsj4oZQjm%oA1mnTI5NRG&iZ#HrGWA=oeKR5rM0!7jX9<&sjb<j`p?X92v^RFU
z{xA*s<!*HD+hErwhJ~d|5cuo1ZNhSu+zLfC%FI85A0ag*Sp;f@Te7?gkECqu*!y%|
ziuQIE0lf+<U>7fxLGA*n(M|G^_u-B${==rSMA~3Y^JFd8cXI5?oG;{(zHJC~u<!@s
z6938g)JV3ViAjDA0Nnog;S><vYZB+a3!gp<m20;LiEPgt7G9(!q|E9MVuq>A{vJ8G
ztV$S}%qf&6eX+OoS$-#9E$uc(W@;Ih$gA9rF{uZf@=xoX5z#-WpKl#oZcmjo^u23v
zwat42_xIlB$$sApfE@7a?Y8Q0FyD19v_djUr)+sU0{=ojai`Ac-wEcFJlm~>TYw<I
zh6*T{UbUW<@Ki?)7>y+CyY;@)5TP7^wg7t8@>{|-nPD{L_IG(e4(Lzd;vS5kpLc_a
zzUO~EWCS(LQ~pZm^#F(LmL<A<J$(4$|EnxZC>fiw#nr3-evVkD^8fugKKI>VM3;`o
UXRY>pz5`xL@@jIWGVcTaFCHpYsQ>@~

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-protection-report-details.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-protection-report-details.png
new file mode 100644
index 0000000000000000000000000000000000000000..bba1d35a384c397dcdf6b8fda2deb53869838ddf
GIT binary patch
literal 74232
zcmeGEXH=70^f!uPMN~i(M5$X4X$mU6D@Y5S(5ry7&`an=P^2gz(nA*rB?-NkAkw6_
z6nd2!APOV_LOJaBJ-fZ<e7WP^aX<Z^F*2U4jO1B!%{BXPu0(5VDpOx)x=uksL9MFt
zN|%D-nkxmx#iVOj&p)xG*;+rpUGUOXmZvBiV%az!T(*Cy@sfg~GXBP~)s^!xmAi_u
z7X`&#u0LNFRCOQzqM$e{RDJbQ&(C6O_Qq>^bl%x-%gY>J^&T6A>-Fm%t$B#trdPX`
zd-WHf!t5sU+UvfKy4?}}T!RZ#;lsPd7fo)Aa@^7byx?!=e`xUFvLe+hwS|;^T?Q%)
zkI40VVaN7%!>&GJ&AnGIGOv@o@WS?Nfy9CI$t&rWL(zxCX*d4MnH(Ar;b-Rr{e8Ko
z98&!~prCjQ{Iu}r`u@6JB;A_%>;0eisN3Pp{~qheyI=a(_z%FJJo@|6W;V6Q#RyPc
z=+8vh%{%6+cx~0m>A%5fxfPbjR+n{%Bc|L$-)rydh3^C)P;l1B6PUMQ>ZHMN#A=Pz
z3?G`v`k%+$dO%)0W8f@ctfSw&gs-wI-S>DHk5j7!nFUk%cjDNZw|#pu2;-)E7rYQo
z&kQe_La2-A{zLDpZ)`eN2W2GzUj2SoI$2F<P%@Vw84S5T|CvWSpQAOc@}+_@jb1Gs
zwY?;Do1<O}FhP8p>=1ygdGo$?IMjr8ScL_Ny{uJFr(Hy7LOg(OT??6iD=9txbzl+%
zRravJ`47J>Q3&6>mTAyQHmQD}W!*)#2wS7qP8C9bLSMxv2_c)p=Q_?<TFalo*yc!8
zF%O7R`T2gh>yvXPM6zsk>!S<64ZXTvM=f_LIH}my-KIP{WWikKM6B8*tL;Ps!G4e-
z`xHi)O@(on+Q<7J{eb^#D;BCl>t~ptb6JA{_X_bl2D?mnVZM*T-a1X(MkAiN*>hEz
zz%K=P!_(xJ@qmfNFxfs_^H2*^Td*briaWl<egf@XY3a6jUNGR;N7^D(yt{bfc`}DZ
z(b2y$dTyN+AVq$sbhA<dziipV(fIr*&Cz^I6xyG)=#md+6Ij!?dUD^Y*30v?dDzR(
zT}-Dw?86~}O?SB;CI}o3RcpK1HHgeG2d&R2D<H5xkF<oU!C5H}HPG7+%A#4n{Q4AU
zz1bX)^+E8t6f1ZHpZC)g>^IzRay<Otbkl0=EBM0VmoZ;2CmPovWTi^I^eNI<cKo^1
zbXD>k0hE$FZ=@WO?-(-8Hg`}9v{%V#D<cOyEGatMRd2YbSYnZL&u=T}Oz2;%$`#n2
zMjRK^fm{qa9A#g(P`#O0LQ9!@hO#`3Q^-Yp6gCHnpxsK752m4fz0wPU0gjN}amEcc
zOYywMtD1Gh3=!_PpBs%-@81u>JE1*D9Mpru=z#fRwyHSQa;Ax=TO^$qtiPLN@*`7P
z%nzT=furkV4VbUKhxKw+$YeL|V#`Q3zU+@AP4nT31G0TA?HmAK#Ndk?YG*|HR+lW_
z`D}gV7n5y(8;r&TEg~~(;htaX>(;ro_hgw&tAKWzulEKiXLRn1m)w@+MIY5NbKLV-
z{zbQvGq2}M`dFR9E*`7WG$VkmFbk;z|C|Jf;CR>A(cF<)ObSPydu)WhA?y*gU2n*X
zXyY~-y15Dk=1cpprq}r5gY7CTm^A$U#VPmOD|n0r5FU3%&l;95t*3ufIV}Wu=LVv7
z+OUt`TEOg_6i&6O0X+2?87KLDk)g%kVYOze%s+`4bNQRkEV4<x!|TAwt4@sqHt%Yj
z>TBy81Bly;=}TOGk_k`4=V6Cj?F!xvC=BD)HQ($(be*~FFE01a7>*Tz&AgvEk>cD^
zZ|-P^>T}QGt@Nl!6WDh8cOBf1q;F5^@vh|*74(NXKVjtKTBO8Sr#czkhHN}=QWeFe
zX1Q%%UyeNK+5Ets&M+PCI^xEzl2mnCfRz)Qer#D5qORr41h-eV1l1WW^=wWGZxk|G
zVpHwz{B6f5D8NvCQ!WWw!eD@kB4nKFWk>A~F@2?PJhY1s4>dLxO<RB^dW;RfHXj)B
z1EnvhB1^Q7QyQ~%_#w1uIJne!w9(o<@om-F;@{F)bo>J%?oibYME2tM`*fe;JeN)^
z0*8v(H19z@J3s#jXI75e#8tT=R-DZz@wd(Wk>+Jq5@+(%JHC04bV4ZWGcfu)t)Qz7
zz@l*Kz#uHiC-&HyIZiF`W{T*EKJ$q@+hR~-fb}<FeygH4RL_F@gJJw`$oTBa`axi^
zq2Z)qVOjKru%sv!$>Q?(bWazSY75^VNf-WEYc19@SE<l#WIweu{rY#RJL>3+5TGrp
z^L{kPmI_-o9rtk&rH42tz|UU^^CM79T*WHBlg=@>V^8*Q2hwvVx~*B89iGl-`}jGh
z<*V-di(k!6xi9PLr|k)Idgxu{*`ni@UIRt4eTdu7xZah+T15qU)NPuIjV1*agqJDw
zX9H4Z>-y*vIBvMo<AFWOa*}zrMwKP7yU61=@u+PkFe$dPQtNEuA=l}{&MXG3QZ(O)
z9AF^eo=@&l8(ZQIDI;aY_+)Cz;C0+DJ~U42RK)!##r`U6q4ENf*Eq8xDy5{aH9vme
zCj~u3c{T9jBgH+G5aHR$&-A_~i{L-RlXMgDgnBfP@T;F4Ezshzl`Goj-0Dhjh5gGf
ze)}EM7MSos08lPz{^L|1ViW&@j^*Bjq|{G6-nkMvmaK6RF2~9baw}&GjVfLPP4)qw
zub8adcwj_UdMs*d>P5{Wp?-L7FM5oWWs=LdHhd41;)|n&Zodb+deuRwMPVn|gg&A;
z$F--A?>}pPK4C=|uDR*h=dyU|N#0!Be(g<rzJzJ14C=dNam3)rcf}6Wv|AvB6iWjA
zy(*8*UAKKIQsBMAap6HX;V-4w_G}-ezKqImV%92e+GG1e;H~i|$L~|H0zzQLQip8r
z*B<lKM|qP4!=!a~Oni=6P-aJh5qK`0YnC`L@Yc~-fb|5jgSRsXg5W-+hxPD=RCvv(
zF%O6{{l>0~;v(H<Ve91qs?nQh^!QM`=;OpDncVge((B|BD-cTMEJ0GE9;EYgk^0V*
zpYcWjPc1_KUnXVYpbN*=wjp2kOW?!@MtZwCRLlYtD%dy~Al8$4+)L@*eteCu4b7yw
zVl=%9c@b4Ubj8zOfhMa5_ioKR8SG<RH0N|~maDP(eb4NgQcOM_Th*UztVKHZM)gUS
z{cv`Yzk^trTEQae#%`E)o3_%;jjWM*uz^8sj-E1>5?54Jh-A~X6=L8S4nxFb*p=R8
zx9^Oh?$g2p2g%dHO`5>tDQS)S`sH2G#6TWZph#bUpj%dluRd#7;o)$g+97ig=ZDT9
z@^(E#ws~G~cD*7M*OOYYC!Je@Qofrh$JHWkub59%Ecx+=XXqYP!_Cy~L1glnLYoWz
zljQH0nC2q|Gvy~Lr(t_z+FPSfw_Zo&PhScELoFRT?6kzJmCEh`SFQ&Y9Lj_sLZyE}
zvbWeJCl*m{Qm<O?1|B7y1;AsoXP?&f2|qp!$6X^djr2_92VK7MGA=Uo-ZDmw@XmcS
zLnU6S3nJ`j4fsdL-!4~y>+X~m-v$*k#t0XwHSGuG?NEtvbhkDC8G^OVGTD9?<R*&C
zl|}4mf}nd@$zI-$x|#4ZQU!_Nl&3ZTdMLoUE%u~0cx+kb3(9K=cQm$DZV;RAkpvoc
z#VJpV>dP~ut2#J*qz0C5q}-F+3W&XZ399y6J<)S|J9+UlJMpa06&RMSQj1F~KDWbC
zaXrQwC<2B_X|A{^kNO`<zeVq=PbQ%1?PYGd<k}UQh}f8Xi+WHSRB%?fYr$(US7cWU
zS7+arD8OeXdj?k(splj~@Mi~0^?QGVW2Vk+eIj%AxJw4x_%dwpSWpg>pW_E8dMgvI
z{3QT-s^410e~D`tnm%hG2hbBd+W=-d>R!cdzNLF9fWAj2Ow#g<GA~34f4&U>FH+0@
zEAn+;tx(4P(pa$)%pQH5T~}n+?pV0aOFklu?)!v|PoVaCju88auDb1V#4B*J{OwZ!
zu{am-`n#o9t)tV)L@W23*Gtu*^l4vuQekI5FF(zm)gIq}G>AT#dc}(?uQDZ!ez4V@
z63Htv_4v+nXmU32x>xSAr?h;8*fp1bF(>^z76`5=eEPa%9{9NvmmM(Qy&lyzZKlvR
z@&S<&PaHPXZBsjjDmWIl%b2WF4)sYi)hLf3Ll7VleSkiBKVCz3Ny{Xi@a^;aHqfOz
z-HLLR7R?*wQ%1I>w}<y1oo4=_Trb-610JX+Gh`rP9+Up4P#KJ<=(NnAhO;M!B`wq6
zn)B0Qrur966z(P^E6XRhWk~DF0j@>HvyE!3Ipj!bi72<EJ+l#{vhT*FYLnJ@;kG{1
z1EL;R8%AxGZN!aiNb`HQ<FpOsVgi-QDf#4j?!><C3;<9kV*2c92Ucg4-l1ZFrC<C*
z+T(RwWq)Ijl<Qwr?<`XJOG9lH?cPc3a8=)3P!?M!3U9Crp7uK87jkvvWCQHJT99Zz
zijS9|X6B*}zBBhHYdHMN{Jb3p4Ajqum|FEc_*-`owUeGfvOfY0L!)rTS9-I5OI)1H
zi@FeCooFm_o83=C>nK8$FI_v*I8msucLJn5U93lFbq#!E`A#mq_*^43UdXV^Bo;`W
zC{0wvHwV0{bs?Q=^y;4`c83R2l%1a%;q2uugGt{w-GV@0mlWEJkudQ}1nHX50@XXf
zi~sB|MeR-3Eo=_k*{i1CfRn1$+9t0e*Iqf(J*Aq_`2E`5>@&;Y%s0d<C9(}3SKY&z
z12<(qdwh7%@Go!vqR=F6*ggBpQ5P@o5WKr~WL9<18(HlcCs6BiKs+(!MdJho630SR
z|IHPOSC6ac#C)=0hD|w6bu2k;ZZoiBqWx+Vvt?ObkuhDq%d59^V*jGESkKGd#wMW~
z33SD14ivVY=CEystX>wA4vW1AOHy&*l)wDnuiLm^DpvdNXWsvhOq5Q{9q?@FAGiB<
zd^C(X#124E?#MBRdWGzLW;$-`*GGob(#T}w#Z-l+w_Yop#D$6#9=-bydE(TplY|7M
zDIq*Am`K}2Tra9Vb9!$*B-^vqwGsaRGEFbL2dC1rSZ4m!mc2ry%CQ7|)~FC4QtF|;
z-k#AJ{HkQ&f*@L)K(o;Tl|1fICd^K)jFDDWDVE{Y@T1`bYi21j9}Rm_9Gi$#M^vSy
z4J$j#RSBN~lvVv8pYniY&tAwMA`T9Wu&Sx$8vcguyiOyqh=dks;>UQ(yZJO$wr6XZ
zPFc9g?BGbaq=po3Ig0u6IWOq`m5RGdN~X8RrhSO@HfTQ6&hHN?s}?vdv4#jI)3BpP
zTU}WX*UeccEqGXEtmDe~9ub{I*rW|AFO6k=?#a6%q=ytWl{C0NAddT*Q>?QDmc)Jk
z=>4W&O0o*^f?=LjG*IEA<IF4SJ6}*0USB4yjR*!orqKMe`q>f~G$4pc7&X~;4_dt>
zP{~&gnJGRvQVVW#%mTW_!ketgG`jCZx53WyJ$z?4r_uv#YId-_h<1L#nO;Ynx%W>z
z`(~8BeOI1amO0^B!|3a=0@eG_o0;CROd`+!RhSSDW*LGw0l;u8P7%Nsth;`uWWwoc
zaXZ(xx4}p8EJEU0k<#zz7)Ok}^4uUSggz!;8SL#_IdrrbkNS1i1+yX#N!Epy#|3Xu
z@lK2vbrQGM-b-!S#5vCv=jR+-5;*;htRa~&B^fg8_qRpR!MG-9VKetCaX81^t`?EO
z<g>o@>89s?s9a54-0Oj;57gkH?PUh1NIo-G#L*P&r75n+c&KSXdB~rodfMP!no=z4
z0BXr!M~c;K_Ws4pI$b?}$K7${g}r4ctafJg^6R*u{cOVC=e?$GM_&m!Tw?Wr*1r_U
zJw{|JEw?(<qxnww0n#CnW++sJa&4ykU0a*wid!3$6W{hE_$*68vL&YKlH~DN5bNYA
z(t60PtouBd?C3A^RI01!xLX-~RpLS%UhFhJ?%2ian*&S2LCBsZ*kR`lYbLmyMuzY<
zZfmBr8q!npd$3JspiyH`C!xB?OF|rne7mB(x-8k`l_A05X>UFvUm5JC+wnddbC@0S
z?Am{8C<@D7sP(mARK;xQI@#rlWG10TXeCm{{0E5{v;Hf`u2kBskgt^4rDM4ABxiF$
z2ndGndx<nOWHHT)VyNCva0UoFjK7?3JFDySs@B&b3hu@HV4cPhYxvKoliT*1&h@l~
zk0yn8HT-Uj<J15PLt}n(oz#QdXDdHa2nN%n3{KF4)yKG?(9#K<n}^bl`0RgbRDWC_
zl5A@n0v+1uv%s_uGs@T3&s=<=G9G$*>l3Ltu%(fg!vXK(f?L$)rGp}Yu6~Y&SyCJK
zyDa1;N^oS7C)m4udeT=uj@1k5URm_8QjzKLZ(kn(WGL9(V#RZw#olzlxc1|-34HMW
zavRQ}mmB2g@7o2v=>vsGWc?qMoQqgdTDL|4o~C5U(o$79K23)E8%<Dy@8&dbTN0D7
z_r<%<D(!J(UoU;6=rol%OS}^HG<7I&Ur{8h)=cB9!C>uEzz8T5s5S8u77EGdz~;_|
z7VD7C;ATw({dYO1k+a8Bl@{*%cy@{W<l<wgtl;ezU61A+vb=1(UYscZyEyljr&#<T
z_S`IaL)D`XUkY(M=y3DJZTvX9yYcJGycA5?$5sE3xj%Ee2M6B^Ev^<gOdkS`zocFg
z&{6MDl5DasLZ(Z~GxX4jOH{e!BLla)`fLfhth{^`M3iWwm4weL<vJ5W>k+rU(V8ET
zP+w}5$~HvLS9IyW((|&b4FKNSYmJGPP&=2`k}%jiw<9`UC3|!CJnJC|EF2pr6Y(Qq
zR!Vxst>1gAe=0s^5&vVz<;WGCqjx%$lUbs=#cLjS(sAUU**70z9(gL>>e(AKFlj)3
zASTV%M^k*9g(U>Hn{2e$Nx~HQORQM0SZO~0KZ#gW7@~iq?CWOO@tzGN?FY9GoXu4-
zFW33gPAyw4GfZ>qgXo<sbWD2~!>_G4{JtAZT3hpW7=6q-1cBw}Z0qE+op=+!Ee<6K
z)}j}RvQRvgZVO|DMMFnAPF}CJ&*j<R5R&Tct(<q~v4r`5#R3pF5f;_fQk>r`>luDy
z?Nc_?YbV4^<CN^tMMUaQm$#Tav(K@KD`Q8_*BHzrf-HJY3586wEP2(GGXh=NE<~kA
zb$AVs=kT2i{Sv<Fx*h!?u5sct3=Bg*{#ZHNi-`-aTWe6pi=&y;A;P>JNnwd)I{8Y_
z%m3J$BHF;D=)|Q79sB*5e0IEU7bCggo$Xk?C2pc86r13SEj>mU{%ON89z6p$IOuJj
z#9A|qSL6v@>>6!jR8>ZjwmyEAiBKDuj4f1{U;i;Likm2Emf<x1Q^&Xs0ue_{=03?x
z-YTDwhuu^;ddw+N(K-XP0wa~7AyAt@ACt8P{?`)LE>h<Pr@Bqa$9yfTJVuZtl^@0e
z4unQjlK0YP<L84AG3BQlmu<F4=gxI#=l?dGY1cpU{yT!ZMKkkD2q>w#^@sfOqjQ6y
zey&llC9<b}607#Pn~4wo8Kq>8gG1L$!NEl_ZvAnb#~vxxLyjEA+hdFG^rx(~62`>A
zNkhmLF-c-q2y1``6d6h;fTo=&#ZXTN1drLJ_*kpv)|wUU6hyX8B}tUoj&J&C1BZsS
z1|-%@wq<*!><P<xZb55vTZA?#IozH9$Qo*)fKp5o_-suSEy2mI?VR&c@~BsUH9%BB
zS$4{qh><(@f*$`3eYE+BDvXhLrN8F0w-#MxtOqXdM}ypTn5!8RUU&X0H==mUWA%TG
z{}cOB+~WFAh(+=B{r?Y(`xLLJ+W$+;|4jbBHSB-b{+Ffs|6brwVc{FkVxoUPewUJ*
zhM=H873jgbxz=L@h|e`)#Eii+VvKOl#+{=-0k{8kWgebmIYk#pmXAt(VfSjAoRg|Z
zX|WXN@p6NLni6S@!92k6Ae<vPWALwEP@I)%s=DXDnfzluivAhaw$G(bd9`A92gWk`
zl@vbJ+T^a8+DBr`%D-eM<vt~zSu|idsA~~TFh1e|zRUh8E6bXU6dn4+rae2RCPsZy
z`$(o4kU>gHH@s+{(h6fA&(t8Em_xtXv!j->vbX;`D`%Ng%ohz~CojEUCA`W7+E+em
zjDD%Fdy$}}w1i0!iGV&XByN4RgWjYdXr<3g&yO?TfNqGDw0aMo2=)h$Z2glgx+_VF
z01InyUz3KQaA%jt@Gid#redIoP+gltC70;^70MX>224^iJgLkB`e__%mFzr-IUYR`
z0r~%=%RVZ)yEZCr%y}mMvKO<>?7N|YXb_B`7;_Y;v!$%X>wz8TI$2&PA%e}ssIw3p
z-<iSqx274E8Hhk2W9bj)qxw6AvJSIn7iPy1CHkP!11WZN1@XU&)o@p!+RQe&4@qka
z`AC!DsWFq`r6*zc!6o9lZ<;kVjoZ+85YS+a9_(n}C+@<aE~kvRebsTRTH<IkYSNFX
zblbln<QcG$%vXc&hyb|Qh%VKj2}AyUCROmh-PI5B3@u0%Qjw1~T*4smuG8+HTda=?
z`?H+oSsId9Y2+V>6lFded{s>g@g5nmpBtq#og2O3+i5t5`)5y}nmX<Zfc0m($o1}}
z@Z6_L;;t)*fjxRDZk~4DBnQQpZ^{K`YEVf94XB+}0)=*Hmj!*f=_A20uML4}#i{0X
z#TB%5F2~;wq$r99-kovCOoKmw!oM&~HK3DVdyZkA7{3?~nPymXQSo;X)1RU%zpmFl
zYxcYz^I$g0g+koClkarscT*Q!wUO_%nfISf7SGSDTKK@^tFxO0h0Cuvmq`S8<htiq
zY4~f;>orPdB-cvt9iWmr4r?X^S)MEPnlooSr^vi&Ema!)h1Yb34AA%o?ERMh6Lm!l
zrEVSog;XV-%UtrZ)q77PQ_Qf~iXK>Nz3e^GPJeRB$mpcy!f77u?2NfNB>nkYA@w}F
z!gKj2Sn~X{N^QZc?+YL3u_B7SQ1}XSZQ<0GV&3(;8P@akT&E3{P5Uf1qAGh>w^1u#
zS)bhg11^$=UM6p(=WD~b=XmDAxo8)LJ9m~JBLr}Wm-%b__R53{37}w|;;s2ubZ%3b
z*hG;r)0@rsX#ZDN?5byJx!i0)OHp&1sJ`YlM3bc$ApSAGw(0?m@b&$u^0}9NyK$bL
zxki)Y$|dAsX|jpAXn&K*BI{|*3u7;C5DI*{9i=n<s#(yE*9oX9f~|UGT(5_Ok`?T#
zxug)uZq4?;oow!LWmE|}?f*eQ!gp(Zq?9y<b=!+Xd{h`HeO7q;k=<CZp{b>mNeQq@
ze=RsY1bf&yl>a(l<@9AghZ;|&QJW#3vFH!dRN6+eZz=$Ogdl%A^BNcR_}o1-n9xk)
zhKI0X7H#jKoAphpk7i3k@QE8v$)UC}cMV~yP<o5WZ0dlO%4mSvb|HV$Lvc0hw)UgJ
zq^`bspk3Vc@^#)}r>&JT?6J~;c!h$SG&wiKE0b`Q{|v4IyDL)`7)gTx%ka(bLG+r3
z4ozyo<$dvxcQBo!De-xya=&wRt*vu2fva*J@r+Jl)e<o#YgJ&MmC6$+?>r0t6O23F
z2ft*9rJ8ihDw=hB*XmN4@>6e(Wq!hf9I_{2Qu-CU>NMtXc8V*^_@If(#KzRr&#*AU
z<BoEhaK3mOL8m?YMW)wVmW9nhco9?Z*fix#pQUR(uRiu*lh|A&YD`L!p#MvDa*+~+
z?bNlnuk?6tZb*5{AX-{<u1SY~U~l7ni22W|5K*;tf%B5c#~Y<oH|SyR2wuLIyyn}6
zk-s!5tGY=BJvjty@w_dc8*pX+2^aecFL|<ZbN=_mTGoV;CAWdNC>Dd?H}X-$?*dHT
z^Fg+eCG});<63zAUF47PpKnr4xZ=m)jJtYUff&3&`;@wdCa%n&Y!1>=m!j23dgG*r
z)nwY&hF<sa7flZG7WbxDcv1O06s=nJvDxW|d391Frj6A=O>{E&nU2D3)81rh9b+jF
zduG%G;}r;4&9oN4@-=$cjvt@j_hDlDN038QljW8!K5~~{CqC^+;K108y0ZND)J2$m
zD?sl!MSl&iWQ_GkT7F)om)JOQ-N73eoM3_%&Kf=3`Y^}MM=+P3Q%Ei0p~WyoEV?1<
zWE`<Y-XiTFqWfbwo8t(RM6)N8u6-J=`tki55=rk|5s+s_*uuE+JN;g@<AUls$k0g9
z@@z!2Zr}!lY?(sNouo_fY)sWciS)h`acpODksS@__gPP-B(HBWkBOX=q$bw~M*>bP
z4C{Kzyz-#&4KEF8v!MFTAaZf5nc^@FhC1IK7mFxdeHonIM<WpdTyrQ96+Ead+pzyr
zc%;sShs9lLP2ACey>M_UckJ3lzEgmhAj<8CIQr{TM1W0V=vi{F%e>J24W`%T<r0Tr
zxmwM`G7*SSQ|fJ4V~Br0JJ!v0y<~A1FD~+u%FU9yXtS(mOSBP@UHr4TNU06ZYWH_p
z{zdQ|pw+V#;8%A|M(}-nv{|Q2lOmZ-#l5e6=0*T)yL=a}n`uYCHD2I4WMFH7HOSA@
zRtmSf>pFVb@>b_?nL6Qgl4r8qVCJUFjF@Wl5RKeC{dxj&R>VKiI8`mW11M5#!*B0m
zX$4IY;3sOV-4=5$5k;o0URDX8%zxmgtgSLQg-D0McN~o|PRpp@Q>TCptd1t)>@g-L
zIXR5d6iiSWVDngBdSC~-hYRZelDsBU?-LE!&VcWf-GC>T|Fp<KFoc#!3mVG^<^M6f
zIp1wJn<KOIK|da-iPj~(*=C+myb~O}YTIhBsLeioAs+cIX~Vay%#|}40y^SYs$<b^
zzmYz55Me)ff_XJ)xy;LbGo#=^>g3uAT74FOucULq(S!KLQDy0t?V*63a^Xx`=^MA4
zmSkJB@qJm9Aiw-w=tDle_z4=ftiqQkkNA27Z_@d>lJ#01DZ}Qgh6ks`xP92dNE5P%
zdn|T0(<N~v05OUgF*eYtU@*VsDmFYbf0~nii_jfAx=FjnTNq(1mmZhI<2H0THY-d2
zzOLgrrW~4CPK7lPn;R;ziKp=}@4i};nN+E%MO$olIrg0*L`c|Njp%2vjPJ+XsE;^I
zxh81<;=|VR0$i~uWB%zzUD#a7O`1+3q*QL0sTe~&a8>S{gbqgkKGpl>xDc7L47g}2
zzro-%Ne^!!0Q2d;P``^=z52;j*Ss}u7_&Z?N6R;i7txsBH)umbHG_*<GrW@4ZkSD&
zF&!PNH5GZmjcI?*7Xd5_+I#|3v9oPZ!0T@t`1go_Rq)<A(m8U@&+#2mlK*$pX&ekS
z#mmfk6|`S_!IZ<-yL`^iz2Xr9@rkyxZY!6qHQ>ie5VZfNg;Q1$ReQsZpI*IlsJ51P
zhvj**hlrO*MPW58rWJD-P!_4|-0#Ols+^kZG?8d9%rGq1Nhl9h*q`NY<VI1Rk|GH^
zVWd~dq<Azz3toMiNidtGIA1i9PVU1-#FJ&j-OJTGH~~!Xc2WmHtq~2KhKu^QwIM{o
zbvq?x2yk7sD*=2e>N0IZss6o{_Ak@>Lgw{(W?B+{pTPq&J>`Z#-r)Di7z`uoKW?35
z$){pyj2y7*Pno2$Yv$9fCZ;38h_;1Caigt`3?YJIK8BB3@2*Kb+F=yp7d;){+O2m3
zcNMro*_>1lZPqcaK@GcUKdl@YqBXOG_&gOv@vxX}W1CDHP^p-8&SQiM0i9}+u$pOV
z-IWI4#xzG%2-aJ73-S$HdKj>$rUzdTH5m8>^Ic8k%<^1nC}c1_bqpYo%lYcwAj&3o
zjQ4n|E!MDZnwCMj1U~W8#zN~w_f))5SE2r6a7OTh0}{9a$Noq0ljvmwy)By2q;gp^
zqlCL_G6H4R-!rVHa2A`snS5qq!#BOMo?sdgey^>%?pAM>*R9cw{^l;3za*=5qRXed
z)fD*zKEbxMdIZ`Vh@o#gRrPz0n#_4+=~8YKpyj#Z`>D3UHCv~0spE6bd*J3r!yW@~
z)%C5%%N8f!ovA&4Hpgh)uz;ue<*$hcZupS;VzlDZPTJ#wOe)Wl3%+<(WUjSoG4P48
z<?jZ|tTwZ|M^g6Fc>ehNL8OV8mzr67d~^KIC=aA|!Ci5NLVvQZerei;q55RFx6BLg
zYiIwtJci!_Szd&n5Ky(@H`oy&haZp}Q`2wo-6ht?x3yY_v==eVr^}LE@y!fQ*TavR
z-`IAE<8im`^qqw=aNpwwnE9uZyiL2d>J=<;<-TyZ-$c2V^ha=6-qF;q`Qqa?B(id8
zQKUI|ZQaH)(bk5)$v<8#0B+q;Z)aJtynbozv|?yu(XdWGh-q`z7=Jd0KN)H}3y)#V
z+nJ4;n{KiX>UqDB+V-UQAcB;}jPRl!_Z?a*t!UsFD5CjG3jf&D+}7i*8;WMKjxou|
z57*L|oDX|4)i9HUS2tj63!}Jwo3fWo-kZeLzfYrCtf*szj9z$r=g6o0xu<+@RWwu8
z#GcdPP!waihPHLF&V?miVVg<a!gR5L%A$y3D`I3zm$BzG*iK8=^M~cW8#M0Snxmru
z1TW1|BIY^SXR<Z+i68+HYse?KKIr6f(lw~F6VFdG0@yiXcKhhK<)@3&tA%9pb)>VP
z@9#nlnMHx$7wEzJaAO+S>!Ew|Dvz>HYmb(Cth&n`5^@uU*FYOj$C<f|A-~>evTAtI
zP2AO*K1c9Jlk8IC^j7=s+o3++9)wh*+&1qB)>ob9n2nsj!^~X#ZROK&&Xq$?2%`zt
zWuWTjQi><YN6Hdn)A^mB^m=ZI8CLUi^LW*{$#XIc4VBmd@)L87l?w-l(8%CMh<~;H
z`|G6LUM6p2Wdd7Hp}f$NYK=>X4}9zc4UO4Vl8!Yt$LZVpWS^JPaFjk7r3_>3`sz(s
zhMdOPA78QW{CFjwo_$kczAADjM@(Op_~T~ESARh#uU{4PFMW{JF9WkAdy1Wk>Hc66
z)+b*867-a4VTEjYxF?3A;grFg;eJz&Xn&n`9bpvwovXihI&}XznbvjW&YtHbXxlZ%
zm5WcLM-+e-#s#CZCj6Lv<1IzQjq`f$xlK-$^*4?m-V5<+5cZzqm>uWe4-|8e(*~wI
z9vcz0QvmmU6b{|B-pl%VU)83MATTd+G=cqDXB;3f`)SDYm+cd??fbxdO*3IYs2{pX
zRICREF7CH)4aG_c3GZ`MpBk6d1zY!Vw-0H+2BIG5?v{7+@D8YOfo{PtSyJotvwv3&
zC~AE+-!aEF^Bigd4eCVieu%Pg{xcud+@9om8Z;uI!`VvPmoqq?!WR}P&+u4OF;>SD
zyFiJJFgYp^n@IS2pBDX8Lp4KKgT;-lHT6yDYgo~}?2_s{W9kkOzZAP!X9ED64sog}
znr~uhCo7LiMqWvjFDtc}%FFIR{)&W_J@(hz)>m8}Lc+MYU%)7F<PV)yg*k|>2yRpb
z8s@?4LJW!(cH$bg<Kx!LEvh@7zAg4rXr~0Z9orl`+PP?FtAW-YU95jD($37YDXOr?
z4xnNE6#W5+!Sk9JDa?9^#f@GD8uZ>}AVYtNM=X62SxlZi+UzK_E2R(QOMbBFX?325
zm}djx{AfO=?4C%~cm<ABjjPj*6*Ml9<FVtDxFnHA%Yzc-xSf$wIf$b?eR<$%GsF?#
z%t(z&^A;j>wI@$i%mQx;hD$y{P`+6|eOP_IKZpP+9&3+33_mjZvzL=bPH0hPMNBoA
zZ=Y^*WuSM(40wIpjH%XMH#W_s=7r6TyrAC-vZ;(wpA;dERsdTLgrl)(RP{&Uf{RHj
zt;Jk9{(Y5V@z^vFE>=J2h!u(C53sKWXdJ%knwM5GcLK<DcEfsVp>WnIB8iDptY^Eq
zs!tn`eCx(vw&t7TPt<u)SACWoz|Np{o{#Fd6TiBT>jD7=0Br8!O(tK%-KRjzSn10c
z1as~8Pf@uU%`mlJi3F0D@HiPF)#IQo1uRqQ8Jbgm&1Isa9o+I@OtMhC@Fo!#iRglQ
zf4wdI>`CL1d&FpiY0L+2QGV0<AKTmYProP^@m79_p{4)HJD#-6b}t{ro{<cxQPG)d
zg|a*v0h)5TA%4|zEg~NPWQXDJ(dtyub55)?A3CNQR_SmwzwY_Z-{X2U)?4(07e_*t
z0LnH_U1wCyTk;;lh9Enz#FEKEM@ae_2HBDh08ecj5QAIMr8c1&W(H=;oXx1p3C!l_
zBzS?S#^8sib!(tJ|Fm+Pn_=5EC0BRwrWIf%z^R`GNW=MEvT${CwymC5&A<6#Pbu$o
zi-kXwC2;y_;d^F=2S(L%OzX|@q7Gg<8W-N0f^mdV7NAw6Xp6~x?fX-0?|2Ob>zrt*
zg;z!Z$!AJsy!Du3R3Dw@cM#^Kxm3F6Y2cL4Zq=O!=0BVIlHj<|;tzS|nlGGENg*k7
zeovGG;~@-xZPVLvb^35--RiR5T@7eO!ygU>kr!8FY_j)#G<8z>Xrq~7YQxW<W+Ez!
zb7m4E3ZC<?=Di<UaD~n<1s-JkxQsZkSqZxagz>6ISnA6ase-K2HdN&uRyU0#V!I<<
zEt@sfW10dx?umGo<lDR6QZu0D<m}{?$Xk8J5>p@014#H_W(tNtelfv-SYcp_L6F`!
z>WPRK{>Sq|aq7+clkd6KG7bF+MAn18B<HRRoQ(w*rf%I+?wM5~_(|UI1nH%pF<a>b
z-Z3K&tma6}Qt;G4OZt?ZVVqqdShweAbl;5kW+IpBecXO~iu}CpFCy-!Bg?Qi8pOgg
z#!m~~EW?)OEPX|_b_mHwa`Bc_uhoh~$<*&AoXwRZMGHroEG8d(m2}ZS+;HvQ)jlN7
zUf`5&s4suU<(P{eVp5=#t=zn2dH7mZ{Fbg_c|ZEWZXa&$lyz#Addzz>ub-2;xbrmk
zgX|=1$ydEnRSxXp)`zaz+&`(*FD=*7b<aP3kxq0C)ykOnGai<fGEG#XH824QQm6gS
zmRR};nsdr66B|F{IrEqm_J&wYHW{v57XNGCzBxYPYo|UD*WnG;XnYePdK3>?Ja1t$
z1Cjb(zss?snhkD`KQDI;w4Bvl;uF|Eb@dI`Z88Y%+?rd-dZgIbRG4gSZ4I)x&7EOr
z<b%3Z;ouj?`zluvc8x6@Yw%>wa?txFKM=0t+ZYafs-N`ZB#)QRnAN<N`3uL6HNHH`
zRD`ue_79-YSzVHYC-xRrq;rf9v3vSsZrQg`ZDwl6e0xh57LYt$taail{QMk(|KI^&
zkp=RfJ_qvJ0eelWh54QVuh_|$SZCB3V5PFhV;bur`1hVG_MgUu*gvo%UYAcxX~ZPS
z6~>pXf6?B1{ykOp3o*!Go1UqX+R1}m#3^s&omUcwBmmT-Y&5|N7>~AqSH#}<Yg`g*
zFyV(RyR7fEPC3Uk6-1b%Em2LkHSZ2Lyt^SHjRGU8_DA=F_Ly3^No!Ce%08m=$QRy?
zrZVO5+lhgW-$pEPVzjbl16Mv0x}mI7jcfEY_)&O0bcnf-_^3q(>6M&)&*R-~GSq3T
z8m6Z=zAyRLmQWC0d51H5mZ-_OJ<QjZ$l%XsJms{zxpCJn>GIh^&lC$o5U4M*o(FFX
zjAPdOn82+~f^1|?tx#UvCYOe2*m(SOUrCacb1ID56DXRwkHLf2zhRtZJk?CiN5Ee_
zGoN^Diu*wg&VoM$T^fF6yjL*4nNT@b5pJ3ev_uUF+3ml*8-vg&dpvO(x=BBLpd+Q+
zwio;MYYL;1v`MeyvO~$PJv9bgvMg*5P5{tCw(HJ&;E+H{@V1;fC;kAj!|u8HVJ3Q8
zTFIFI?#5}xGC%qFMZ%oXQ;iPti5d2UB=7R*+uz+zn~gkI#0uVbzC=2z?_%zz={yGL
zRbZs7yYF%NQj;!E$sHsho^-7y9APd#AtV)8ML$r+{Yv#*Qy&bfN>P(Dd;-lYZf7JP
zE8U3xaOnt?!<&6md0=>XbTd4vD6_;ke2ndy#}g+L$;kWGos#7WP$R+f*64C}fT%6V
z8enSv`Kd}`>U55{+v|Lz>FP&3h2|%c%fyX%P>t_FjLaUPVSIJ7i^N`-;EVFyK-b+J
zPeCnwV=VQ7aw#`@b38~AdUjLCl#wv<B(Kbtx_<@yl)iUJ(RaP9&@LeR5v%vfY&;(h
z?W<SOsLk$dR0QYh-;dl_7C9O+MU(BpqH`*5OuBI?ly^7E{U-yCc0yv@Hd?Fu^^b;v
zPN0^h&~ik`=7Yb);;loBiMzt=7ZD8EEa)5_s0<xE`*zpGY-h6IPmd=u3_N+qt|sQ+
zz3v{GW`FUIv9xS+`KynYmcD4HdJ>pRs7RW{v(Kd~huECi4?4G*&0nQ92CaE*Ht26<
zaB}FEv1crKI6=kdgQzB_c37#n<hgR3#kg=s*}h+Y-#e>QF?Xf<lanEfVhMx(=Pgl_
zMvb$+IcQo!$vp032cN$aQi-cx7uKl*sfC_WiUu)xk5rro0`d%sdv>_kTbx&gU5q74
z+Z9_~vFlPjDA(WYc?*}5gIi3IJxkkDM;gXsdW;rtVu(qswLv}>P4&-f#+n?ny3{q}
zyh3s@&|>puSk?!qfq;XKak&8Yn>M!U1J|MT-tMw~3XE|r-D$KS653Lw9$!ELl0Rnf
z)rHx6wT=uF7VIk%zC(NoST3MQMJp-W!wG$|oYXiD|GPqu5*oeX%JVY1LtSStx&E-?
z9Mz}>u=NJtfzdwq)<oR`KJJ|>{{D7UQWq`rU|(U<z=f}8aiSrAb^cBH6JON=1tS(r
zN;m`baqPy-Xp$yMHke_<jIp_n#|_5oyHgg&%`)Tg7;9SseY`?{V9iS>4&TnGR-bG-
zP0e-)HF7yj7b^f3Ta&0XDaPRWw_C>dc$Ar2PYeW6MIrH`Zm&BE4SH>o4^vnxB{VKF
zhgc_euP5LJ71rJ{3vVA%Cy%?|LkJ>gk_u=^s1t{afyjd*UUY$()O9Zn<0fRH<$`J@
zX#A89m@+rj)RDwtg*L5ePbw@Rx@eSSH~lE=SJyd|s^L5ckEkv(%FuXLFoE#|KVKR4
zS%1~m7uO%>63{^pUVciwAK@WCeM0KP-F>1VMU6`0nuLtOp0`x~isb<Q-R)Ow`Ssq6
z16)9+C#@=pq*Hla%%59QRU2S<78&|Lc<1X+DGh(8xH{)uW<<VQ%<Yc%x0txSu_{1;
z%vO1SyOiW6-2-cj6&@z^A&0VYynm0&y^^1uO#x}rmXmIZ#5d*cD?ux1p7JK1vB3UU
z-;>k6(x3k{t0Yr!0HCpTdXUB2qoE5JzQcaljuz?i)l9!(khxGJd^)~I4_amSqK{oG
zTKto#ahE*H(+eM@9#V?JLmChFuRH63N`G3$8nzhoTgsZ=kh`gVvGcTNWmhSYC}2`J
zm~iz9M~ztEJ0GRzwY_0xt-D`HgMl!6>^Bc-6JHHtR?nQGAfMnEZJa)y5APe0Xqr4z
zn;qXUTJuhT#3g2dDQ$TUEYoa^u`q{kQii*4?7~`YTz_t^@Tec^G?nj8SHobQ$MK)f
zk%Bn@Fs|+@Lgd$wR1jxM5_U!9AHW986VpyzVl40L-$TXo*enl?)A;<r^>dRik-ozT
zDj?HZJ_P*j#Js}V#*t^q7!e!%zhYIp$MIj3g%5qNl#Xw8W1^XaTA`A&eN1vn>2^<c
z!h{QJp7MkL@Y=s;yZwycie+v;s(WTFHm$&6AQntFT~Wha@XR-W?2A;28;<$oDcuBn
zG>KZ*Gwt|=Sw>$17l>uHz^k--UuZ=nQN({TT2bt_Yxa7xrCK&?$un+kOT-Z8ZSKZ-
zT)q6@(c~3S#&aEG_H(8q$94=g>%V=-5f$6a_QrGC*FU!}OPZEbIrooO=eAgrmu+Q!
zJL@FtNNE1B-xG1Ppa!$e!u0Ro$B0!ZZ@JX-NHjDHYK}ggUw_~v%xjZO#L!=(D#eOe
z=WYtuk1lbv$#Eh_7!%$+2BAz;#r!z=FgXArHdN{G0N~z=>DtDkq6p=)DH7}IjW&82
zf?q5_so-w#tw2rNd-h%l&5*#a=T&mqGD8{&IuQ=9NqP1Osu2vl^|#AHaqCdKuJ=R(
zerwA8wu<w_Kz1uSqm<4&k0DFs*u54JiCyWc*zw%XO^aEh-hBH*wr`BmDDz%l+mebV
zy6Z>}*g`}!q+v`-UWss>4WNG(2`92VV?Ji(F<6b7JFkr}>#B|)kM<hCHUXK0P-CVs
z-=ybq*H2*ETuzT*XR(R;uQ7Mnv+^En5A;zvL6gXKyn`7JjHF-9Qc8bq(du|*jO4kw
z74Iq}d^Yq8Tdr@mlHdKE(Xe=dx%&1OH3hcJH#>#5Z41GMXFa=mx*DaczZkpv4rgx-
z2FyGEA}tFK4giFJ2d}hqz^=y2YmqErg+6O^(TUS|!n76Z+zM|NT^MzaQCHD?J}x5-
zP0NnWM4!@@+9W5PzWp))3DjvCdv4%p59TysnSp&>iN{5YfkGBorypWU_h?Q$F;|m6
zTsKMD9^t2@!R-4E*c?BS5f(Wqy+zxd!RHT0YkIM*;MK=9d<U?r!{4P(<!<S@W#|Mr
zI8bUemI*g#BU;Df9byg8qda#JXHMZtb<g-I#T<?%98GG4UU4irG|srGj|=t)q>!up
zEO|KLqGF)^TX&W!ajjhD!_HH%UH1$3V5eg;%t?pyHyC_8Kb!2o9H&V&tovO%i8;Bm
zG?8C8b-cxTMEKh3SzBVI7bm%7@#SmHeL)z{OzRuUx7p@@xH%;Tn%mCC{^gm^aenoP
zuB80$t-1A6r+wr=G@FeD8L$^Z*Q<b)9|Wv_jW!)DwF&p69fW)Qq##*#gMPd{ME(kA
z^;`FI2`${m6&u*~8}7vN8MW#7uht&`tBH<XulL@}XtnR(1Bd<qY6jbtG_{DoN)$8Z
z_h3!-v?={!&L~bMGL&l*Z(IrCeDDyY^fLPqSgL)Z`y6)l{(Z|<ia)VNxF12~Xsr3U
z3++;%3mlY4ZcMKCjPM*doLKts1l`Rz{{54-ZmzO*lT+0>STUw$!1H8)UbuaWPG-wp
z#bU+uN}Zx*Z>y{+|EaF?MX?mu#3XX+eL$J(e!?XQrs>MI)j&&>fTGP+?tU~1X+cJ<
zw5J289hR*ahVB<6{hoUrKUmnA0Zf`fa}6g~mTSa`mJI{Ls3-<_iYv-K7O|{XTxY|T
zqbT>jW9<oh-L(>Zb8jp+?oSy#>unl)3G!#VKr%`rkN7-4YCUiCs0HlJm<Raf^Fj3_
zGWd?CnUR7xK$zWZl@2RAt8sY;)A{-2aqxZSOi$fzNg0{kMqpVqxzKxdzrg=^t{^9b
zbd-M~-(<^NO2c=)tq&i_^%veSuds=i<sVxm)q~bThA-{7<1NomH-8Y^O-g*Ep6t{m
z{G?JD?>J`m8w)MQDcVbs`+QbFgQl+fO1J;Q9}a%s?5iKbo{Jqyvu*Sqq;3Nd65P6d
ztQjb_#^dJXxDrL<;)))>5dtfCYQFNnkP6zJvS$|;mo1V?GqQJy5VU=(E9x83N3E}B
zd5c~~hGVzs810u$3CAziHhNB9$T-)Mm1HZ=`Cm>?DoMR2mO|%er6u{pXm+$$C%k2<
z(Sil%!A_Z~482>~$5|iW^VGd%HqhlytRWe=bNOQnZC?`UHTx`CX(f=HGwz$yYClV>
z$X7cgQHRYB5Rg#rfHh-D<zwc5BFe^8*lv!&jV~51Z3pw^8q;Ql1qFV!q8A>ViB4Jv
zYM^uMsr7JIv%!BUz}usTkEYtGU9t)VsP3F7aTS}t$bB8ae=fOrUP2a(fEMD7`T2W0
zjI`$TbD^?Nlokg=3+V5q2%^)5^cC*vvz2nYj&{;<ir}8K`CM@l)4g%_T#Hi*)o#Rm
zp`BWa=jqEqi*u#rd=5(&;MD8|rhvLSdeQsn-;`o3fmMi*d%$2had_Q~klG%bCa`C3
z019eIrPlGiqfSMSjNM7TBLdoozkQ(~exBTGuYMFtzD+cvh51dsiDhMf8SEicW1HiP
zihofn5wG%&IZkqibi_U*F2myHuCSsANraSf*#&&UY<%2bYhJ#jRL4VhuiR-3tP?d9
zoBCi_4f7tZ_7bTHMt@d(;ojkDqg%Q9DJz#ts^gQxYbT5;>Fl@8?3h5fDvzvj{szg`
zK_5(zutv)gF33C&$u*m!Q<fJ`SolC=aw3V^#A=TN&~;^htTbC-3M^&HS~km+Gr|IX
zmXtJ|E<r9`msKWh#`Zh{nGoZyLAxr+zjOw(W=yT{HB<X9ix*TrLxYPz8~K;eeqd_S
zk?J+q_l%RRf47j{(iqL+>%ufPUp<t2x0CU;)8zf7+fCHZxZ+XS<{Z~uCLrb#O8hZx
zW5mn|$Wv+K=+p6tPOzTmyk2a2l{Wu%(#FWV;rp8|?@^Bwh2|e)Qnv0hO^Q`|3V%Gu
zL)m0s-tel!!ImPxcc!kDR7%oV7SEDBYk$op0FbEZc49FHMna}hk6F%xzkX^&iPa&o
zG~J(EQ|=y7#5#N2LvZJ<#H(odP1V@?yvd`^aQdao5ZWLw1b4!W27(Ocp>ye9<E)fo
z-DkytjXS|pX(B)yS7Kn+AW{JOq!DvcAz0ot@?mguzCDa^I4|Xq`pD2?O-nvf)Vart
zjZQ-KB#tLK7F*m*J`86HWVChotyyg?-0GZmT0vwzIV82ApJ07H_n*C+EohwbZ319v
z4-ss}yG_?IvW(Ab=ydnkn(TWeZDk|@SW{Ah{hOO=La9@hfv}yk;JVW$AG>psr@Kys
zZ6})pyn6GS&Q|9@^WBE|g(YTL0l1XrqRj{_mfvYtHDqM&p#|x&Ws#gw@H84r6Ik<Q
zjwxUzT7y70y<>3Vx-HrI*@|RJDMHGQ41Ur?82_Q1x>4T0J@R3at>h{KeDc#afJ{(?
zct)akh=akT2!vw>%@DYeds*T{0&fnZg;BXofW|2`BprT+gE2Cq$V~}zDRp4BWl@`~
z2S~Xlik)0$5g1acL~P@0BHjK=gTGP5oJKK=d+008Tze)$NrB4ki(*cQyZ(2QM6uAI
z82aDF)llI7UprN!ODfWy|3&Ygcg+V%|2kar|LOl+{7)<FU%Y(F^FK|%|C<;8(**pN
zO#Htz0l%2#@q#%36J~7fSpWLk`5hIt(0!`k1XBwyTYqk<Xm<w$Q}>TA1RboOhh9cy
zwI3Y#gIzMgTJhthCw7-MUnHy=%`^D68h|h`E2JTZ<lVoY^{uV;h+*be1kY7mvW#6u
z&hBv!BA9rpO<T~Pe3sTK_|j3Zaj<S&>(HKgzt83lcszWZS7}UdJ2AlYY+A2Zl@)#_
z6YG-YvQv4hANVRzQ%1|^`_7q!=^zy3cah(W|L=*;8$8b^a`0~q@UFTcRg+h|=~jyO
z3oYbz8Cm_h;KAzSFbyKxI}tS9B}_GyZSiez?v%B@;1OqWjhY=fVCd{_TnM)9{KRPh
z^HETq?8H(Vd_2i~Lz8F0`<`On;oC-oj5W|}wd%#26%W0VOYw(){xwZ|Qa*g;g^bIr
zm=>*rtLQ((yl@~mm(r&SXc46khR;kZ`?9`ZX<RIvTpEjOw>angLQNM=WxA$bN3ud5
z!knarALZ@{W4|><94#DL^$oAz8C|C>mQq!ffeS`B22?^q1cP0|Qi>zN@X3GXpePCp
zxI6QC%9nZlvQW*D%(nQZ^X^2oMq`dDA~9h7d0;R>blcs>FX`0fozGOnsbPu2CHusD
z?{RAlrcvc+;y#tkk;8!vtVYPMf~NdDLuz^b)fI4lg!-VdjEtY`JL}wnMW0M5(t`Zj
zasr{C_4BUk*brl+s%hU$Up?{cQElp^8(MD312MG{o8t$4-!LR){f%RIoyO2R-DSIk
ze)Q09dMQ&myiB!zz6YVdEREBbr?i#Y?*`sUUUg~Kcbj@2F~uUx8ha*8zcS5;6CfY3
z?PU=ovc7T@TizxY;-axW#RF$k5F0*n_ofu?1a`Ajm))DKoN=t<)9Ed1NHSlr3-nS|
zJ)_J@D4ZmjdQ_HJ{prSUStM@+U+RL+3u!FpuQ`vo;gWLCql6#xoT&X*MVcYabC54@
z2;}LPq||u(n%II*Qc2Erm!p18-3!BZnaC5g+=JUmt@B`Fss7n?_&n!~N8bAYMD^gA
zWWbcwycBZSZA9jdPMdxSwm-ATa{gdGwf%%;GeEDd|8eccKL=tKgmv)Y%%ITZG8gL;
z>9nH3X6X#)^VGqi$Qta@X0-`AQ#xs<o~rDr*5bp)acC_p{$J$1XH?VO_AZJI6a`d7
zl&Yd4AfVD~RH`7ocM+w9CP*hlq=SGUMLI|?A@rU^L_t6ZJrGJjq!U65frKO{?tT8R
z?tMSr`{AB(@(ISsNb*~Atu^O-=6s%+YHebsHrZ>mxAAP|UO?l{zW3;7In~uvp(5_S
z5&>aQV@&x|75!ofo#K_M4Ok4UG}N-cmxe1ppOH9tw8(ugGR&)5-OFvW03+X^szR$o
z(*S&+6J#RkL4|R`aFhLd)hXO6&?H86_Wo0pjZdRS6TEU2k(DQv#gNnQ-7?c<ZC{?)
zM>Ok>t4-~LC^V`gOP=~0=*zpx3>u152(za^M_9*6cejhwkAfOi2^7>bE%Rhr;1__V
z6nJ8TfbifEQ6sNL`uM<~(jN<C5E+mo@;E#clOA{7l)Uppw@tVOJw;Jnw{$Zyp+N;#
zLnVT&6R+Mcs)bE4TUA+Xc)<@nLF7$IY*op~x34w|PkU+dJqU)e0i~4-ZdzswQn23L
z&iWV1D`iF-*cOw(1gpY)^UC=Jd*DE`qG!V1R1QE3bt>$*MuW3zRZ{3I|Bl{6PYFn$
zEPfw8PU4}ke8n<s|JGBIvigyEbtose6ha?gPXrCU9Xyr<S<f1hOahCv?Dk9YuJ6h`
z4(RY5*gxE>u6pD#@tIZp3LIEIyC=6F4!3VYq0d<*PB!jbsi0!>j9wV5C=XIE^H-nu
z06<1AnRTCH5PH1T?(^#NYk>QH|Csl9<NM0pmH|+tj8FT|{w4J6NTL^TUYbh61S*u%
zTUFI<w)L*t<Bt^x`~yeLoin7q<z$jwDW~|@LL0Grid=WcmV7t5Q>50)wISaA`V1BA
zN}Mt6B;SACYXI*!!dJ=qT@{7)XOX?4oX|?t@)||1dxe5oURk{kDN=})aKKw5Uny49
zxAa)T4v7z53Y!%Jpdc%P+_6LnBB+r%!PC*3LLKEcuT_h|;w{LB{oVuX*|!3dan~JP
zNVdJ^cGyh3MI79#oyR{oUF_`}?uTY6?oCAvNf60+4M~>oZPWJLQeEZ&fvVS{w}N`5
z`cZ{ay+yxsT)gj|LmPMB_-cQ;f*~c{D=PN^Y&)6%<4+CnfbXW+ByOdFA;6S0W4^N$
zi(UoDMz|jKp%dZi;29UdQ%KMtr^~YD)!u2ds)IA4tNoa%WwM0=?0Hp$^^37~$5i9V
zg7jqbW%nkN6A~k6hg{SOL*;t)Qq!6<gWp<#v1>{plP6AW-NFHQaKmY3_jkkJr2V@5
ztpBy_+(bPImuGm4LblfAT1VhUB=s=1q0nk>e+q&E4#^@S@%zcb9k>tHosO4+cci}K
z+o=*_xOsMEfq=l8WO1V=651BF{$@J_ca<rd<XAd}8?j+jMCwC&>(N=kY9A%d$(*lq
zC3!s}4NPX+QjUdvDj9D0DvOg^W)`;<NH{navVM3d0-FQBTcsW~te^P8eqCjdy6?z6
z@<8(BjLx`suKZXl?y^u*>zjCgR~iO_AbnTFv<#@<&zD~I@*ONW@Y`ICa(z#XaKj{B
zn0=;^=m{a{^r{oqg(_G!ncM$z#OZmIQ&N{I4unWDMMqi|3Vg=Nu4DG3rWGhoP%dp=
zV=L@x5Q%UJ7^)zvG;Gw`UIu$47+@D7rqzR2V(4AWl)Yta6&QG1|4y$cW59Q`MZqvs
z-vC#`WDcBjZIb;4!)@w%{OBxkfqAA*b%f4lWW1`dwEaS_HDyz@U+l_U5v)U}f<Af@
zmk`LOn9Ch5l%04NoxlwZVV7y+(rTM2zhKoLgQ8e2RyLe%TFa3m56le9;+dHmkS~#f
zu3MakUtbMfA^Ru?ecm?W64oEs^@$}pP0%5RI5I4YW(Q8wtK`gSxm3!})M|0g64oP&
zA!BF+Vy#B^5d(AyfaAWhb1%tKo2w*=l|C`Tn)`qbc6iGN)6&p}j{Ma>HqI0M47HgN
zdV;3Z_6WPzuJ)4CqV4V5lX%tAYq2laZ)hQL`2tO+!dc44%tho}=J$hZwRH2`kr|=K
zRzb%fUxQPS7;Z}7my#ulC`iiW@Or!fO+cyYdfoyETYAh0`Q@s>?PS4auOPzfUmJ;f
zUmB2s(9Ct#Cs+O{v(QQRk9E#PjEYkPm#;U@PTnTym9;z8%~l(KX!YKg|K;vbY~XK~
z>0?ULq&7a1gN*GznRQapXb4PmxDhY4iTlk@Fcg_xJswZ5v;8Vj#MwSZwXz~KtFm*+
znJ0>hkt}gtLo217f+>C;^2E--RiS^H3TF0Rc=P!m#O?)EE;I(luM-Ur)nNrS*}JFf
z-J7z^ZY9Z<Ds92(A&VN-X9My0>kgVlaFa5SH!VMAZ(H;!mNhE~gzf{O4HJkST(#Pc
zBif(|!|g874>6&%CH%{iFRBPK@hlc7ZtrJy!X?KOd|Z_PTkey_+Iv42KFfXgeiFC+
zW(`ZDDm=zJX(gcpR6VvG9`jkx4&5mx)U7k;Xy0s=ceSVthnLAZbGUXUD4co+MG_rb
zsmX!^hC+!}X@dEjv8+DP$|uPPl&cP@-n5fk<^EkVa?alsYp9UB&{o2?tUpza>g7D`
zw3*J)ouk^NNXRRD@lQPUM(hdfoLlMQ;@VIT(f^)KrtcHESsN$FYuyCD-77;<*%~=9
zJ}E%8L~?a)LjeEDNVdWQN`d%J{CQ1iqmk!1qh!!^2cN{);JmtQrm<>4pi7Jq7p=m<
z8sPkSkU?U(p<fWu92szg^3%Hd^XjVt$s3Bfs!I-|-`0t`*oIV|v<cyOni7mkfLLJF
z<|;3=j=;W}(mm`w(_d%w>m*<;cQ^r?sQma{l!wM8r+D(UHk+y>)P%v9U#iE*GcMjh
z=L;3H68ocEw?FH-^JE38&U{Cj{<`XIM-5n9G~q70`9|v31DaFYLory4`xgr`4k}d{
z7hiFu-EZ(ldf|?djFV^Cm}OiKtU?DCvUeLw?6>KqH+N3?{Ix)8<a2Jc>f#5iT0&sM
zp*yhN-?innp1aj-R~;&N0++7+66$%@#CgiOV&bNm6?T=8OUpYy{dS=fYD%0qaNj5`
zbD{qdxAmgn?m6RmgC$9W!mn+=q}J8*>>*>blyroa+?SI~y;7p%tT@vYn|+IyF!)nM
z;O7A9UP!C_&ytG79G%MGXWHex?w!2k5)Ev72!gi(|L#r_LP_rJzzlO{^I7a;hK4G)
zn~5GGj<!5J)Q46EO7$pnw^d93Q#1fKKcA)-2z3`7QP@9$SBS+Q06UnfSTq`fvGj=5
zTh1SgUr^l~Vlr8IY&-A#j<_8^T2DM^TDovs+psSr0L{!OkGp#K%v{0WaWlQ#uEw)T
zLq$}}Ao!zzLVJ66d&|q96oE%US$d+{FNg`P3+d&zlblS-%QqWxKI`3#U(Tu0!i47#
zyGP*V1+T<;@1f3kOw1P^y?YlRas1pr%dE@3=H$_tv;QJ*cMiNutsGuL7McbIFe61G
zePvU!q0nJ^xqCxYLGLXs%!P_7)a=^3hl$h@6}08j<Qgp+?CY)A*}}bq9hGAi25JfQ
zTL~@N_ghd#kFK)-Tmu~EUi#RkEd7`|fA3rOtdwUqL)Ob&T*`;oC{l>I-;`gqdWChF
zeR(o+zr1#mw%!I-v;AT(l_<O?5~fINLBg*iShl_NOm4}!g3Y{gKsqleu3+yF>lzZi
zHbi6Rl)dxyeZgB8`zF88)b>lJP4TIMVE?M+e2+<MEFO?s%snbG%X)aQ^la<3<dDf;
zvVzsOd$2jFwMR!|InO#{E&AyJMYttF1hd+*NAZ`^2cI4%dh%rpF8aOREXW^E2qJ7N
zpV5AsdO||b$~;L%`z&OaN7nP%ihu%_Z87;CpZ7uiM%jz?voD|6@2OqhrZ*5Q35~Yg
z)!fjFl+RCnc-!MrzWL0EeR-Oo?S0m*Qs>Z}StdoP5xBGJ*;i;ooi7sqSmB{nc@vEe
z)uw@xtO<4t*2#qMo`9aqF#al+-Mi0?b|N=Zdi%1Ug_^jaY+Dg&4KI<;Y26*XMOuEA
zG^ShgrWUqnoe~%dm+Ut3T&;U4wURN~p}{F@io%l`Qa5VWRwaz6Gg2-tox|o$@{&eR
zj4ftFX_XF;K{l$y3@0|%;i`S`$-ktc5-kiA6JJ3<e0~JzcDjEbWaqA`ZK8La-Sk9;
zYLX^8j1@xJWepxH2PpPK5lVd6yl)Om((V?i>Q-0^;~Z*V1u^a|<u@=R6Wm3gBDI<?
zkTAos|Hv8te9U|0#4&FSX(C8rcS3n)v?*aTpu13l*=?NFgfP4%PzTvfhsqcX<JTPs
z8smWp&G3DLo-Fws0gVXJTD7**94+~~eh%VqZt-=Uil?vkZmjB?$je8Xhz%<V`>Psm
zf%B}(jTVMqTFuHD>=|zPSJtgHZH7;+t=-kOJaQceWg@P>)qQtW;rY;Ugja3VON7%n
zkSu}v+~boy@_NQ#;O5<kF@#R`&wG()ihnum4Q0KV3j;wM0*j;0@c)20GQ{sx0<YAd
zr$^xX8LL39d}6cyR*U~}JsLhb$@!(mnpa#wXJ{%mTi``Gr`4bSVrlL%%$#Z{b89(5
zpdz=mi`4zVWp>rjMWK@XXg-EkruQ(8r+D}RzDWs>3^Z9AFTLezSqNCkad`0fso0Pb
zLDWyXQ{=E@ddjy{e7xw_UJG%zGQ=6n*~9lPmVRy3BzHuCyfD^24apu~2N<Z$B)uxg
zT6xrF8?f1OU!!(*gok?}<;WB7_dG<^_pBnnX2}%3tu3%`tkSYb4ifM@GeDITwHNe!
zK_X!2#*BMI(Q1c&g>azvKKR|x+1TKUUuS>Zr))Gr&58x2Y>LJ)SPwLO_u<*~X<no8
zj24b7KJgz<AK*1dYPowY;JWER-wKssKXM1@P2&>_t6*1P%A#oFfJ1)jue35HFpwI<
z8iZq|rBpPW=O^Osd!San;%TuN)uWm405PSESsFiwZ#v^SY$-=JXwXH6bKXC16O{Wq
z*LupQ=PMZ|onUZJLeur*g$GFwhJok4eZ|0NYPLtn9(d}$q}Q7?F^L~Hn5>em{Wp!N
z+9rdJ+$C?8gV!#+=H1t`#;6aV;JnA7^N&%q%HD8vf=Z<%p}r)69oS5eE=hpE#Yrb7
z=Sx(QFu$$(i13m7)ApDHcO5Ma%d(hR5&Y+<eqI$Q{_?z6`UAJ{a8|`g!>?xyGr6#*
zO<c%5emZT7e^(Hz%K5so9^?N~w0j6L0IN-Z-kwCLruX@lZj_oeaSM+u`Cm2n92B&X
z)O`{r`35XjWRCC&O`eVX{7=P&P8WH8T6!U<#5I9wTmoc}BKf+yZhEvSEx7KxutYRU
zfo1j%?xYyqfH+N{^kpL+5fYQLR<L^5x%Xw}>mP{d4Kboje?VMKvq2^>#Jb12gh@`*
z$jvpzb@Guy6~d^~jkEM1HK&s<D?KJhV{l8w{+o~!?aAeI`}>{i?-~78!~XY6m+imQ
zA8gD2A$8K;@qaWBob+2`L~Uk*El}&s)<>z*hCdlH9i7KgnMp^SX6}TO#+z<6LX*^A
zs#SCY@=sI#)H&#A3LJRn|EhHGzx!LC?f+_x4(e=2+`lBhPxenbkLwBjJ~M1qT~1@c
zb=NiIu^%Bf>X^B5Z}iu|S^gyuo*U3WBdbzC;Bq1#k^B#Zh)&sn%;@&<+BY_xaQ{m!
zG?#Fi^ae`Pi7<n5H}wi;$IG*bo=G(9Y@w9g&YPFN1aQUuWwXz#pMp<GneQ8VCgHtM
zo9|hE#Lil89R2Xcc?Z)^Aguil_4P41&Tf*~#{0O`sY^QS{R}_G7%Z0l1<T$PA|H(6
z2dxS8e+&1`{VH=XC=xe8!W9aSEFsVbWYt7Z_9suCj8jzB%i~+C-J5nGyj7aoeG`8&
zF*>>fDMKW!@qIU!V4Ng*2RD;<U#hWc<RV_z(<ZH<*0kl3L5!d3!WEjTx57HJSVN3^
zncG_IoL#3D>SB^Z1}hcC@O1g2WmCg}PPG1Basvb-&hJ<IB24CXDP&-jo8lejWK+5z
zKlS+OeSM`iE_)(JVB3f`NqVF)YMp5eH|z8&s81SFesO$zXAkFnb^p$lSc&QO;<aQM
z`_?Sy^>d0{=0{TwXo;Xiqk-Jw^&j{1ORCREDI~P;zJ(^**bqlYO~&>RYGb=+X2#2d
z@Q1VvVQ|y~JXLOqobyp09}pzC>w-t?0Xvk_iY05Ch<n;wy9OWT)>(=2k7=E?k99;B
z^%fON8$l^#PE&_MvKhl)HqLSqT+0>}G>*qw4lNR<ezbP8L*pSU4}6Lmd}$1}umQH;
zw7ZQOBT$@I(3gprlw0<pgpXln#!RX`y)mzRtn46mWDL@U#Z5^)yslC<bgB;WyvTjV
z4T=dgFK_IBKI`R^Z$_xY5*}fF*6JH&$a+0qmd{{0t{qSokjr<k?e&7sUVAxeTFaL|
zVfsl2x$ErE0Y(?i)A_T=B@pt}ILUDQ>Q9jHeoY6eceO7Mh~3lCrAAz=)tV*ozrYx}
z?KZZd;pN3trACEc<STDMmY-!Z3CxPi95{EJ|H+v)<2DoGI3Lhqj5O^$f)koD7@<Uw
zIs-vR3A<Kxr-=jl?76wR?F8jH7*}gTD30Hv8K}1y#BB>#v&L5i?wi0=A1z}Q)DR0d
z+|-0gf9fjIG?{@5QX8xK=*GI>lTRb{%ke-dbu8LEaDgUs-fPna-)Z_nfSOpt#rM|y
z>fjnQ5XkZ0c$LEkE8OQEgOp3p>*Is)<C(shC^Stpe+0==hpx_xz|e~hXI+R*`4@k8
zEBDha>l2{$?N*0Azjd&X1Py(Ph~O}~nGC6u2-0JrA*nWzMkO<fRDqXS3zdqer5)D4
zx1pRglFYUly((oBP?=X1l4;1;VmnqbgTo{Ky7B~WV1=f+>)nP~xzo?^j>Sb2Vn$HI
zc(-<&l;Gif5Jkq;S=wQQctYHo24sHi$z9lbcb@ft=XWd*0Dbh1JJE#mws3ulTWE>z
zew9E^01p|gnm@<eeTD(8I@#X>c=JuWY4mzockrpF2A4X>Sh<A92zZleZhnZpLak3m
z+4~2><V~*%Enk*;3d(qdqK+vstgwG-5WGdh_k(U~k1u!gA6PdIjJCRCcTJPb`W>$<
znNOgE4$S@F$l(*J*eyJ2x>vFO8_Q`+LamxyS-@;DV1)hDG+#f%3u%m;=InlO`C1<4
z9|ZP|n4!WsH}!231_cimM*Dgn{As_>8}fHdSX#^vp$uA?&w-N$J;zvB6_SYimBhSS
zuiT7Iw%JvSV4l?zX3%j@GwgR?oW%OP|6^v@n3(kF`BAv8?dgQ2wMo>PC}2LJAzsp8
zteKF`r21Wv@uCxg!3NQK;iqi9GcY^$7o|A^=;#z2tw4^qXiF$jFxnK*`R=$fwmKkD
z738k7^*N9w_dvn<?YZk!vAc&dITUYV9}cbN0ghB)$yJ|nQe?F~!7qVL*aEd<Zt*FF
zv1TC+`)P|*qQ9aDU2P43ek;{IcEQW7gJ4&PtySXOH&ih?F58hW!@CPxU{W4?g!og)
za3~MBI=!X%eOIxaIar$O$Yb<s&u7u;xk_M7gzu9<wqu&ST1W!d0@C}*fm+&FxKI{D
zvuByBN9hgPh6B2&8PTNZ`-q9ZvH7e>SRpWa`C6=u$c-gahrOip=8X*lrOp%it%^G_
z^%xjm{8O9*j?<*G^mZcSEAAgHhDNj`;s`DE1s>ns_wIZhu!&!HPCl<uNjZlB1<wmP
z^T@ALg+C}^6C>P&=K~bz46Z|pE-xGGC1ci!T6KyJDb8?2zq<4j*D<t9*^Qq*0cuD0
z2*l<&TBGX(?<#3y$~D_=(YqA(fpA!6Xq9Wi6z=B_XXvzw&8z<C1yG%+YPhQHSkSA^
zBUu7~;MOiY0=WtA1B0}i|K2Jlzkv}k?ihltUkXFgv4V?XhyAYt)hWW^#A~A$@2M!`
zlPqm{p9C5b2GNb+lub__9!=2$^!ew+q_sj(Mi&I;;=OQ{=E$BBePyzn4zC>qT2pfB
z{;_yLmNgw_9o_td9b#353+jya*!g=G-;&>;!=kbh<#&Ahf(@-{+W%{rd5H#Vb36@d
z4^JNwg&&RhovcyQt>&#_NyESvEfcOu%wQT%Z?;9DopdnIUF%9Xx9P<<1Nw1QrA~-N
zKhnaUUfO)*_qE#4tNWk}!S$?xf+e~jH_?z0<$n$YU1@m^z0?tJL?omAM?K~Z+XJPe
zrDg{~X5@)o^{_0B&LeuTHzJXzhja-hu5~zYg1F%S=BjvxlIa-l^3|D+iU?UgX`F}i
z6wX;jS7(aF7dxj+5!X5!aN1^hA3FSa-MW@{li{Sbc5-@S7tfgvo}w?lP}wQ009c;S
z-~iLvuvziUR@Eo!X`;0_-yK8t^JOh@7p8N&hX$5TEXlHvZPc4)75NH!qwZcOs1X%A
zMmi3}2*G&m+25PqDKKkGN21`BAsDvbo9zxt2ncl?!z;ZngkPn>I`|3O^pfKxThYxq
zted|76Ij#D{V;M5<(y>z`HNkaHh6lID!=uply&31MT`4X!jWK!UX6dTzFB4X1^Q!;
z$+ue^0#et&e6S_L88OIPvFr!|hBLui8)vGYj?i$8h<oxZuKlGf$K*TM!DC}r<%P9e
zM;kGqAEVM^TABs|drH`-u=J`9v0Lh=FE9wnkLcd@4{RJmQ3&M@zpfCv*Rvy+C@i}P
zZO|Zj?`4O(wN)O%;b++Wsz62RXwzM?{}FaCsH-#b_;G^Tf#U7C`Rs@uo2|o0uUbVw
zN+k~F8%k<la&jt%(Q14=7}zRz!yU0NiEbP3Q@E?mldFV|Iyn=^4gSN=m#w*bbjqLq
zfo$S6rq{Y}D^|dD*X#vW2gfR%q0$$^u_*r)TOf0c#e_EaWqPBW#U~W}A!yyjYWbb|
zdp+_V<2dPQ|B4<SL^Cee@_gAL_DJRIkt)-j;jG}1a>dfU9Cr`De6Ln9NN>`Gg}16a
z)oa_C)`f>}&aF!aqAyT)>yT1bn}s~~Gb{45S0Q;C*-Pz_ir}mfPMSMX(K&^HF6Zwg
zPnCmBkfE#JRnMI62@5Gk{6Z<wV%M#_XR-aPj8Wn@hb<LI=Ad@R8gHHuz8e!E8AtD&
z#`p6g4;x@=N>PaZ9Q2Et2nHQ7JFD(F0p;U<yq`z_7b%qD!#F}yQAS`7DdRi(svlq~
z>!H@L;mqcqg%*hql<PNRcl`7*(2HEEd4+79IphQWaGP~{Sw)8?J07$y_Q3zyv(rCp
zBv9*B7h*%<$PD1zFWmx1Qv$}|5qbG#c9WQv)<cXL{@vb5v$tvs)c}hWY-wmP!#_K3
zK=(e|WrHf;4F>Q)=dV4L>m{%61PFHcuej-eUg<<(JP5Ga1O<gK_l$F-5PO<}z8Mrp
zZY&XjdU!|F)57j67o?q)7T0Oz&V3~lhq|K3;>w=)_NG(lQ`u=w30|cNFj@&evVPVJ
zZ_*Igfm@VW+E2g+d#r}%t(uqbC(JaqgxInn6d5;Jkn4P9Qq`D>9L*>KQzydBJ$s&3
z@%pgz`bpXpHG{!Mh&0<8kloO4Rm4QWR&EDxS+~svN=*9{6vNA_s0#ASjymjyPNq@t
z(?7w`$qkZgt+?=Lpiv;0revNl2Q)X3Q`%rTI5%345&A-lM)^ys8Uuy`TtAcb<1&zw
z`V088hW?@iJ-5&Ph6<6@1kg!Tg?<!eXQm<t)IpvnSsoC;TjUpKy+Qx!yR~4<Zh3Cf
zEatx90pFSaSywu`Ph}MCl((|_h0`j(vx%@j2{|2Isl#cvEP;(O#x96{nHj#iMEeOU
zsjw`g_tKx_pVk{A_cX<`t6GTzB(8v|3@8#EW}r<w`iC=1`!3zw|BxA_&1x#v_;Zc^
z|GlT}xuol~u5IsMYepv>{#@`bP5SQ7>y1HF8Ep{PpV$ARx9D$(g0{3$aPktTfvm!}
zuU|`hT9z{!GX56PrlZ40a8KVM|MaT!Av(RX?K3|m^-=H-Xh%o)UjwcF&u;YlYH0fO
z>YufvyH@^tby9-2Tg+mo0baZ#R$yYLncRKqcArefH0g1jv7E4oOWEz^9N@UK>fc(z
zYq2NX*e<2s5xK5cWpB^9<-XJ$$_b4dPvN}Su+imX-?u&4;90s8=rZhe;_uN~r3{SA
z`{Q2`A5&P9iH=oWmQKd!f4%WkwaKF(&A-W+tXDYbzc#m*QtThji;cWvAy!}WJn3S;
z{Wbk=&gp|qUg*kfX0G1CyKeyx7N6HO_$c=HKMWOP22SsEd#~#ZNLm0R|57-8BWrX|
zLG=T|CjSX4NB!O0n;jm`LNA`G!9q8C1L;W3<R+Km+RMw1c#Cg>HBAkghMq`D#@5`)
zqI%#4mvI`iOTYdSZ(8{Q`l)cc%z%pme!5Ssj3Df<5qt~f9NFih(0_jV^BLLMxd?0<
zHBg0?%fYuIMC)rdUd<3k7S6g({Kumk_;}daw}H&>A1EJZy7imwJiSoC;>P6%PK`Kv
zPUF(ns~VM=@uTAhH@r3|gFO{g3}XjVRvzmaw~2WEc0H4PCJWb4PKWf|KPEgsD`m6#
zIphR?bx@I#+Ec54v99!610Hi$WjY9=K<fLre7QbCWWAhwaqB4g87JMqJqPOEWwP6(
zBlp0SVv?ugeT&YDzQL~TYk#3qd8(6$wZgL^&2uMHwK*Dw4KM5GFJZ*YP8kbq&&Q#6
zdQaYJ+SYUuce#sdU=?3gMLJ%&)kiOI`?l)+rWdr}WV==^u)3-Hoc?%;edgllh(nG*
zP2UFZ{cokNKkxLTUw`&(S3pMy%R!9B0upHQP@ASq8ZPUT>?6iA?&+nK36&_)E{wn@
zcu;I=M!=ht7>@^3XmdPh(j6GGx#T#0dL%yA8+8Zg)9GtHg3YOR3HaLXu<~;70iq6|
zTe-1XFiLjF0S(B&+3Z)61er_y7Wp_9<+_d6lI6{0C~;zV0{q8bqPI0n?T5Z~oV#s8
z<Hb*~R9(~%f`u9PefaCK?9pCxckjvb{b0;U-U&|oL$q^liEmq)!rPc-^0e$$aB)|$
zUp#GeNyGImQ!|v{K|3*FAa!aZ-gNR2xA-@689!aBtaERvSYm|KCvJ50-*=8KUm)WJ
z%nG~x<bg*imQ=rI@1z<+lS0SNa|Hv#?cHh_U$KfW<S0w*x>T_;P#zd_2gZ*b;Te+s
za5SE>=i7@2Gf3QK=diy>k-Ut79nn8t>xyI#+MRm@d5d3iM=OM<MdT3-mjT@n{h2&1
zW!8g|ObtA|%hXa?5OMb`-VYqR6t@YzisLn|i05WA(XXs*YjylpXBO~_y{vcIE8Y@i
zKIO}HX9TVI>ZR`c&o;3qbpnr4&q(?1ZLCWwv4U-jy(d3F^sMBZ29^9<^Pt|$23@5K
z?CBXFv(6XCQKoxaVFj{9+Q!A+Oc$|U8&gjphMzhyAC-de4$f_|{>1!#+eO$tJ(z_z
ziZ8PgUJ2wK82N7VLwA1Oc<r@QmWE>Q@I)1#1bC89qeaGGvsmPo#nepZ0|=HCvTkR+
zy!<(%N8|9@T{hlrE+C2~^&DgGD#1{yTUY7Tfb0WpU(>23`VPm5umLQ%uAD9(LhN<%
zcCGbL51(Q(g)hhu(`%RCjb-7f4>)zxoEhCmBL^em{=PCwg=RAr{B;%Ys>~q0B*zjj
zE(+)3MirJ0h0Te-PHHv#7N-WAR;EYC71>8~_~TA8J=x>Ju1Ss43?Mem$|Dfu^X@jn
z=u@+;W<#4_fhXpNk=v{f+p?DaTO;83fmv_a#Vg;(LvmWsIS#ySDw75m<t@}$hSri@
zTwgW1n+$x&!KMrCeu+GZF7iV!SZ&r@*TE;yiKSP)Zr>SNtvF$9WtZF{q|NHt=!h2+
z6Q7^=H;4I@>1RvY(<U)kh6i?-GMTwF<W1dNq<A$+qL){)mLC^UCKP|ZspaK)F-B__
zDmqZALp*Ep0pvPkMF)QcE>#RF){6)O@_tE7^#{HL>N^D5HFgz4jHxLW@>75xLr-b7
zFXON)RyW<Tr!o%m%N9E0Zp$0y6}hL6!`)%C%;)e8L?MS9dsC47Li!jQtNo$ROF3)+
zg<o*ELm~GB+#KGD;70oe)y7n1(JtaFcgasx;b+}P)Bbzq<&NU~-_P!GA=TNvi)%PC
zuhHcG{RL%y3TXEKayA%g<~h}y?%E_|CdQ-jp(5X*0y5cPCo#l)Ecu6t_M@$+t9If`
z_BcCgm&VhpFM9bTwg;3khqv~`r%;!Hxh007Cwg1lqwG`EqZ0;DVQ$66I$p_#l?^q!
z%1o=vzS^!y65pNdiWwDmT*}LJCy~EQ0j%P?lUFs|<|jEmmxEW&`q;j;pXQY2hyflb
z_g6EJC+ZFT;d*!1zGvHsmu3s(rj=5BRKME8mapJiEU=qyjmy|_bZifcj&3<F%TfbA
z<mEAsA@~=UI!%~DHgb90Mpdb0?&#(hT@RuyLt~SPQ>QyQDfw~KcJ;U)_E}uoehWRo
zy`8nk<dMl89al4QOcm$>F`tR^@4Ab3X^kb>Uhujh-L;Di84fot_9q`z_-jOe_|1kh
zX7|;nk{%eH_lY_S$Zc)-CL>~&-G1zNu5^pYZt^~eRX$5a$Z9Uv?Vv_8r}>R0<cRdG
zZ6+W={WgbynW8Em_Kj*&dIt63<CmYmIXg6xz1EezqoeiSxjPkI@56GB1A{_RuH{|^
z7O*y}>-jqTiaFno$4skamlrx)dgANBm)AV3kg3CKZ$H0Rm-{g2(ZJXO`=vfcFD{4U
zGGN^Kc1$PNm*>;fg^Lh&2dB}O?Emr(<_r5_vhiv+f6rUed$oVao}pjFo6Sr9uiYX$
z`ZT(e|IRnS%3K(IIm_#2*+PFt@Z^=rWKO1vo2S1xPy4?!X2*@Mm2}@(Y=6FZ<d)pp
zL}Nfnj(HEy-9&#VIzyw-Dhrr5`@NO_P<e7StN4k|!03<jn*EP5?j4Ji9hTnd^N#r@
zu(%qBHmNogqxT)n*P>l=!^Yh1$fPMQJ>b~ySxnbX{w?;tW*S}V7CltDcuV$3CFiz{
zyt-L##Oc=u(QQ8ORng%PR*8l14Bqr^tLYvC=^NZT$?{*~?hgGZN`AFlPsG_ck;L{-
zGo8vf8XR8Z9iUDW#cN;Jnevr61-Ru2UJ+<9KS-c@JZMhA51xFPqFyFSyEx|*T`rWo
zAUQnY$0K~--VQVUf^Q?6BMU|R(Y2idhHMV1^k#6Csfrg?)1J^K@NFRx7wMbYkYM{5
zwc}N(%;9a;C8m~5;#$4vDiFyS_}HOBh@EBVsDc0d#u>KRYxN=b{v(Ew8wk4Ee+gAp
z@PM`lyhJu2Y8l>!)Bdv{+j{k}kCV~b_XCxE@xga2zS$gbgAd-spneSV31zov3U)FI
znUp?DsQcz=dMb9=zZkzIbB(}5jTX%)vwQA~jAEn8>%P=DM<^jZ?Mco1#qhH-*FWRP
zBXv6Xdguwx2NKAfh?{On`T;r9^Eao@(nzmAFMeaPC{OQ{zaLA7O-dO@63rgy>|SP2
z(PO?O<mE46_fdSa>XKKy7*D_9wp31k;|bjI9pvVwWVA-jI_j<##p=<++!hFhb`Ot;
zYW2*2xt`iAz3ePN5<Qh-o9@n-jDI>eCcCKU&0uNr&D+FREURapHJfznT6<00ApMsc
ze}_x)T*d>S<<c>vtkZXkGIMgzbt5ix$(YoVlRB!=*?T~F@!-^nx3{K06vQRm7Sg`e
zo2jUtEh4XW|Ni})#jLZV0xv%``sEe{b~5&kzyGSe2C{O;HwG79wwycj`hd&014KI-
zy{1}}nY;Y~j+I1=yk7WtTj5OFTBc{=LeYR9uVB0T`_?J%xPeCVA=4ffd!VWm^7J`Z
zIUhp1jwiqOhK$)MjnQ{0A5wxIc+qC^I(>(FW<4+Ia(g+oJlFKXt=8_62$R2K#8}3~
zmou}*uB;4B8%lNJ{;$E_YZFfjd<@wiZUMUW)?Qf2VPt&z4Wn6|J)C}tX{KD}XQQ#v
zxkc;t<;bou6xK{IT61LBK{X>$?y;9uX7Q!A>Y%9BOq8#V`dHW5<Ir&df>SEm+GPex
z@F#jbH}{S6??BJGM$i<O82HL)<GFM$pdXt4O$8fG?9%WL$hE)KDzVZLt#SCu4rq|2
z&y$gVz3rlSr-F{a{&!AW34@;}XiC{0;r6rX<;s}T%&*q`T+6%UVdi3_$pR&sv}byQ
z%5DUIuaSObI}4%g6_O^B`r~}XWpLc02A2TJL?+-DJUT;KLCxmYyP@{>$HLr}S0x;M
z7H&e|QYzdF(}JdLR-^%-3vAfa`qOO)revC5O|YfL!XLPsY;xDT#Vf~?;5u69#xK^O
z_i1C2mBy;yx%_lonZ$LJ%GJc5Jk&gOv%*S9ymO7kl_uo7%9_$bscucM&c`mu^QDKq
z%q{R95aQt}`?^~RuOE0t0$7w$KkQ40ch^4|8UBei4{$HHjD#pwljdWk<ANs25q@RE
z=#L9uoTT(MrH~`v-9%D?UW_52HLZXaz1@iH4JUi&!A}KUdoD#^zU5FXiTU2M`!bO9
z7x-|QC1siUxaBjhqYO5<VTMzu(5BTYU@F?Bg5kfiZKF$16NWw_bcWyeiQKc0pLW+8
z?Ye9q7`w^g6iM&%64=!rY8ZragYdY$z0mexjOwsEww=P35mYC1$MhIo$UnJd1s|`-
z_#8jAyV7s3%{|%;@uPAy|1x`{;Ri3I1W<zS?~`P{iTI(v&s=vg{)}7m^10z75W6D@
z*I3cF`yqv+Nk;~eSsCXVQQBu4nEdWOeDw+4wd4;Mr=`RHzNMmCe>$`Y9j1GYu6_Zb
z;qFnjfULr=5%&Cah6@<s{~EU8U8qcguN3ygdZlDG8GZ=Vh=kv3qYd`H^6F0|f(E{D
z{%6ttjltW$f<`*J|94}u|G!2R{?)$l_s>@z>u^U%6pfhtUh$&;f<XRbq_;GLOWtoV
zS^LL)C}t&6IQYdl4L6Ga&skM;S<nAIp)_#o|K718H-EPP{W~9*)^5}2lW<Tfn?1m|
zkCr}q2M3tv3xTIi2{xeoi{=u>Pv6O$r@fVbW3D5#`1NyU-Xm3j%QjyfJ>A3C|AX8~
zAKOP%wr_Qq^inL+b2d==+@kVR?865Kp9vYY`(6z#d5O1e0`pma51;=W{rl)hf4FC)
zafLT%D`eOmVa34Ab<g7W@5$O^=2fhG@_}cx0$TOJLVLQWl=UI`0b#Wy`&QPNTwlF6
z#uk>eZ|6<ad+FHe^Q2BSV7_>qI4{GrHyvmrbDf2bU#Ac(GL`E@k|z1lmGI;~qBZqA
zEOGVdWHz221gN+*O}T7uQM%1a!MZin(71c_TeyD8Ks7>+CXO~|@fegw_qoTOYW0oU
z_TBnGO=#}x1Q^*wh2y9#Kau`4ypx)PM>Ju>sc;A{{9wP-T7+m$u$g(R#o<p$Uz{U!
ziy!tQvq6n@&kOaeL<du0k$VW6pk<d61FvTRX+UDtPB3DUI?gcnHH=7l3o~R_q@kq`
z$sTBWsbJzrZn^*NW#UesX#eE|5NY3OY8(<kB@-%+)aJXX2c{<0{zVxQK>Nl~z`MO;
zSwR4oSxc~WB7~*!l58J0f|$}3$88|Wv*t&&U4KChWy453ByaWEFcU!Ri|%(l8ntpM
zTTbk=Tl5Y<B1Co0@NnU6_%ZN+!_(~ETz_dkOAIu3cR8FuX{3_&H`_L4g>mjA<U94_
zv57qFT2lb3c3Pvn1q3|!-6e6r$uD&iJ7x)R8U9TBFHS*IfICAFM}<pRyb;43_79kZ
z<H1w{nCj4YvKBCfqsdO0$u)GDVR94XcS<>=+*}&z93tirq7#cr<Xd==!5<E^U3P8I
ziF3NTlYJkc@A?BNWg#CE(<sC8Qd1Lg`XJ#kiMMv+o*JR>X5A?|dCD#TidxK;lf&@R
zofqB*7{_sVNA~viYPZeN>*iX4@Dc+`1yDG#*X7s%SEm~yo7BcL(TaO7+r${O@*<&m
zdrC?X1wbe~Z}dB=^sn3x!o$o?3<ObSw?wn4p}cqG0#&{v7ARPEuos1rIa&}oc|5Ob
zk_vHRxVZtQnm2nKqrzxYDRgzR8#|b$ZUI^fd%tt+mvRV@^|K<YbAyS|lY%x;ojhfo
zec-4ak7&C#H&W9utXpL#v#<lY4V|JmK?4bg)TQ?`IW{x*HF!aL`2qYkoLf^{9o`Yd
zI6mrbO@dXEkLyEjNs`1q5Y|1Zx#hk;h4*6*1lun?o(U#Z3z9qCHx{1Kri{8+_DL_3
zI*n(RM=u{;-KJV^xz(l3;n;A%jRjcu0XSj<nM|H+LY&yZ9S;P1^SPe{i*8w+$f9f{
ze%%01?=MrcFRayFI%>gFT_)ReyXR2hM5d)V9J4#OwGa0!XqLPWbmK@amm04e>KrMS
znSx<r$3X1IN@B<l<&pqOZvns#0z&v;_wtbg3_!x~-=9TVmm*m_K0ThnNPyC&+6g5v
z+K$g6`=1WZwsPOXjJ*Z0N|0Ng<C<*jsP)tz)zl63wVW$ENCsT4O@4eGKxfv60Rg49
zoC2%DpmktkQy)nN&!{M>2>l#=2&HnYgo$nFd4^6R-j6BNv}H)TIyd^A1T$l6339zc
z2Oo98A|x>XNib@H)Sl~(^NlBvM5lo+9bkvk6y|L(sFeJ$etL^K)yD28u-2NefUsi^
ze|SDhlQG)<*|qc6%=75Oo;m;Q;Ma09Ki-S488!S#c}9QbmC-|k7SoJ8zq1dnoj7;l
z^m#Tz-D9WN+OP2pY2@sZa}P!9ynK+8UJF?>yZ$5&Ujm>`tj_Br>_^Zt0deqrssU&+
z4L6+#{zZrbkhc>yC692j#OW0TUKw*jqm|{dByGClo7bu19dVb1&09TVDQh=CW<mG{
z6KrK2ve5^NZqbjW#AZI`;+K#YFb?Pk3+&xm=z7PU2CX=mJ<28FS*X>MZ9Gy6440{M
zXcK+kvvLRvuy&eMsI}XrV5l&~E5Q9}FXZIWDVAm*n~PSvmr^1P%$Aq>k<~BzOeV-)
z%dNdP0;~kVa<3<<C*-}8WGpqTplY{pL08*{?7Aj!V8CSDu6XV-GO2Buc(@`F$02hA
z18l{?1FgI-YK_!6hyo|7ZQ;%*iLb1N+H#KR=abb*316P+4+gJ=6E1LvB^l0|?8$HM
zj+2Jlr$JWedZz`N?kmH=MVzx{7=h#3t|KO0_GQczl#KAjiV+nT2r>xK!xPVg5ljg7
z71$31>QeZuiE12&(?~JWV|VC51A;`5jLUtnNT{hQ-lJ^eTfHH#7P_jm7X8%XITpKC
zL3-=On*w{*E6cvBn<Qor@zq^T6Sn=8p-!@emMV3CeUTzJj#%G9P`5(nz9<HE*5d@9
zRUNL@$xl*FB!^K6Ap0pXJ1YEaplF&Q99i_K8W-QA$Z%wYApY1Ynr2OTBI+Vbwgw+A
zrp>g2+Q8Ytpd|7DDuo&h9zDVzR^U^91~mq^4b<$fQIMf(r>1td!IifCd{*UjDII4T
zoXwU8va!+Kye#HBj+oI`?YyryuGDkYY#uJpkUn5o@R=Szzn)PcS{iTlQD;XTaGO?b
zuB*ehIwrm{25Q@4kP?bVJQbMPhbphWoZ&Y$-UP$fx0OkWigIi}5+d#`A#;}nm7O_2
zK5K8UDWGsALr8-siwEY0k4VpIahGX6H~j`Al#_`=JW8&oq@1Hw!^q|_+uGKd=j76n
z1i^5b*Y~=q_YBR<pk{UUhpifeNBG5&T=}7nd-z0d<}l?|wbI^!L)Mm^P7$l;48v8;
zKVv42>P5`?$$6TR0RN?QL>q7EJZtlOSiLoJcRk0~CWrj!uCR{H^G<Qz?3?4jtt8lO
z?kgjb7y8BI+SI1SiJvN6OYwBW*}>v#k$D<rnt~)JKi)(`3~k%M)S@s=pHf2gI|7;B
zUwwV?yNy8M2W7@sBH5fuNfWk6b<Z7v<Jw|&Nts}q3kuZoiYjKFB5j<|{D-L_!X57E
zkw=Ok<V9Hb3hegPQ$V(Ah*3pqVCA9J_DF7*^;zB2phZEed|t{sov&bcID)W_Dcgr_
zu|<c2_5);X3vid`581q_$C9>F`1f!Y{6>2?!+c9<HDSjP@$Y@{k}Q*lS)a#6l?C&n
zcE3O|2*810_P0Y9vi6J}_HZT_&5%oxa(uFZp(?oOxR56X+)Qsd9us8YE*VkepkOON
z1|iH;|ErhD@5Z7nLB%9YOj(c!5P`?(nMY`Av%h|-!x*3~h(Q|l7+jYGSno0-bdE1R
zp^D(IF5f~Y?BR?^Ayg^s>c@BtVsEl6Hsq7*#Z8)QR(CNYn&B{x=CB@EnKMWou`5y+
zg@cS5S-e-Sl`(Uy&Lsxlj6oYi%@<owZ}Drs-qK{~_~MMJVwG!N%YLoj*~}Yb>pYUC
zL;iR-s_OVopHWQnJ>n3%Vokv#hSgaN0uzT?9|Dd6MWU7pux#W971)bd9l#Nv!RWWA
z&6P#)u!?stZTn6N-oVPCBabMBWS{Yk$r|1d`V+w%Giv%En`lL-v>)`?gGgqLL!s!e
zCUY0KlhKK7EMXX^co_6Rs}aGL0=5|nRPi&DJ;bj5N@Lzx1!?mapDj4y*UD(Qj)T6T
zkH2iwq7i!hQY**3fU&%^ja{t-GA`N>5IE)<`k1ra=e*)8!%;GWdY4JgVBW*W&ACLw
z***iZVp_}>xLhiJ`QaWRpd8c9N*-Vl8gKv>WZ2ZyaTwQ-#=(v@TmwK7+9aVyu1%^s
zU<{sxdJkN!V89;OCDa&W?o2LAzK`F_@jy3ed(Ge3zJ3~9DRKd1PbAA6S*NZo*Fww9
zE}c@~Pr)rSCYQ-R{N!fwW~UgW*4;oRzaS-|#RtIM>Z;v6XAMT}3{GJ~kGg0<VY&$I
zSbpO5V|=+WQNy>{SIk_y5|;OcOZE*b{EODnF;VbC6w7?rE2j|_NwNnkLOvx?GragL
zv?PK*CrEJfjfdIr8CUY>eG@^awzXbJQqG;@y-E;tgI!UgM3|;X+6#bi0wG12w&=qN
z6zux1+N!tAymJbRqXt%`e62PS&?*tF`42O}TQdSqfKgJ>xSEy5%4Z8({=9~q0Gm-?
zaV=zrL^1;?A{-hftjWtQJ?Dle@l{HbSai>mGh4U2GN*ge*lmLDJN6q42KqY*ZL}>6
zQMm3PaSP-D`3^<-JsZ-P&1_8qfONyL-)jXB>Ds$S-tX4po$Lo3w1N&lRz5qY+j3`g
zYgkjX<wFPK>UxvSCrk#T_a1hn+p2Vtuo^SGs7|{8@d0~^D{YzAK8M68&lhk=0Gng&
zd(EH3Yq5o4KGK594@DpkCEIi14<y~uzp93r!P|yWO1Essz!2!y>w+bhMFK4^&6o4&
z$@(pI-iTgNF06`S^yPiecq{I#&|<UGLRS#ffv{=S0h8}pD!>o3VZ*bp-~rWy&6#yL
z7jK;C;pZXaX>$EdoRG>l+P#$i`n`z>%V9+co?Ff8bGT;z?Ta&**ES?=!`C)rY~QSH
zaYD94=0estvMa_Dff0_gvbK;=?6*}8#yh|s#ZJ5_mLqpf@so()>rbjCr})da^k|#*
zP83C<ET|c$qc{dGDGSPF1*L{j;{@OTs&G;l#BeV<f|!$+2-}7Li%$4X(Ou4&ma1$p
z8ny8@5L2)1HCs&uJ%^J0Hno9rptg$7uXGYvt-dkk)eaM8oNX%X*S#=jDMVD!s~PU_
zLmYy!bXDP|;25E8ICYIc<FB#Ews2vq&fF0t-W_q*!YJrH`n_pIhA3&}KY21Wz6}xG
zXdN3K^+n_hCqP4n@1Nt>j1IL=6F-0i<2Xb}OMN_%eZ9T8l)aK>(Ey9a_Ghg8+EH2s
zp-@5a$I`H@Wz8EA&^&{l7e((1W-3dyijq5DS3d#a1&(3M%A=U8oZva*2J1p_%<R_s
z6LELEMCoGW6!~?T<<Mr|Dh2e7k+5hr#q(XfY@;N)kO<emf{hd`%2}E7zk-u^Xs?er
zLWAphi8yHr?W+jhLxGQ8BgV)cW`0;N!NaPGBXZD@Z^k_kLeJvhMO|vaVl<jHJL<Bq
z5(y}M?qaZrZqA;&9!aGZx1}g95inXhq4)_Y1DY+Hu{mQo=-~cQdvxWRr*ymC;O}6e
zyl17Y0OwrsZ<lb03x{V!?lXaS!rAs`YO0YTZ(FZ3X?nK~6BToM9e@wa%<QeSE9@((
zTwM|ft}mL7^5XjuM>nT-5SUsZ?U2Ni9;8Up!F2jF6#CZ2Anc@faWNEYtv#OPwPjBy
zjYX2b9>(iU!6T}o(J@uT<QJpTi&!-xbG~GpQ1nk88zI{15T<$fVJlV3wR~O>Qjz2W
z4|XJ<8Keb#QEksHuzafTUK7TaA-&~JrTUA_&8%So*4@0X-~Bd@?CFZonw}N45@P*0
zyB+|;2DX`JzOm|03|S^kj~y$rh6OMne=M+Yt@qXUK3?m#{^VbtyID6N+o!-kv_91C
z-m++nT3T(;N|znGl}HYXILGsA$!ZX|Q=f$kT9%UpQ`#?r{TT$y4fjWsX)ZwE-BN)^
zC@xce@(Ir@@Xe1xvYLqw5HR{kASHwehvcvhK784P(D+0)u4-L#_FX?@4GdOneJf~Q
zY)mQvOl~X}u}-=o<;6aJ`PsGV`~t@Bn9Bwp)LA$RL13uCo-P60bK`+Zdb6w{KN+bO
zT8m<LTA{06+6dvGNiTtwIw_65VMQ9iznFOz4Sw@;2g40AE%>(`S21l>@A11=Q`<z(
zaZCR2mRX^hQ;(6zr5p7XEXl+h3><!@T0U|sz?CD02$CN|j(;irq6%}iDgHu#J|AR$
zT`2r}(ok@zpfM3v4${Rvf(0&9wK9L(P;i5E7>I*s;z(bIHWk@)C+;1Ytsqz;5mU4W
zRnJB3vdf<*Nm*GEwe_<WfZ_8}x940Nd(i9=^3H0`KabH&J3epO0eW$TyIBY;S}l8_
zGsK?GwjD*smH^P>Qn<%J_wdHcZP0Jh$sM4Kj7$eCNhaBA(0QzkQ(lmh#LM}7Il-Du
zUZXfP?x0V6-C7hkw9M%+VHCQYfzP%h;DNR_{lI~uIaQlXOmH&U+uT>~B9xx4P)vmU
z{aI^<anI7Q>{hW*=Ia|0=94EME_Ma}Pyg7Zs&C<_2_)$jr|g7)QRo>j7<^u|QFz&F
zYX7Ij{;NTHy6=`Jr5?P|_FU^ld+=ton#072eCG_PU2B<J?YqI}>*-3L(!3Mxm(yNv
zegcQ=-ZQm}OnS65l=3|NSn&iy!iJ>RZG>E4zm#9zwcLp9nZkB$w7Gf>9;Z`h`Tfy|
z8w%5iV&ZK>-tb%41l`w3jqbUMlFq+Qb1K-MEAk4_h#_$N`{U`PHQ<I*8Cf#}8JEgL
zlM}Fuw^-0SQp_h4j?t~&Sof%!Q~cj=q^11xi@$!IBxo$@4m_$bDskH?b=d&BL}dd4
zQt-r1#0Js$kzEbVNDvbGXun_sI?}3E{%WI1E%Iov3$p1-a61TZIBkB6j*XX1>Yop#
z{n7jPVB)+RlLvArEBs*hJ_FM!zhynnwbmx%1}2FgbrqqTRWtWq)@9xukjuml2}n((
zuxF)6X+`p)QxHel!jt>2?mbeTCI-1d0X}V3-0}nluN%8mzY5`&UE?-M()2U#f!bYg
zK&V!*OU12pIXc6Dzkty<uZ{4R)(3GMB!5I7ge)~W_@%X_yJPSMTq&g~hsQ3>Y7o^W
z9E{|kR_n})r#05uQ6-QO)V;@T+dWNh1z2TXOl{(TCfWy?MgS8eY}!0X;7ZE+ZrWyJ
zh3G*U6Lr_ZxQ)EnA#3R@46p$1ssUa?8AguL{d~ziz&8D-r&F*!D=TZxx`(S*#<5{-
zl!+%Lj-0?$v#SQJwFV!gSz!bn@4geXJaWlt;3Z3C5*IwSp4Vx)&7hW=cwd6E$7g=>
zT_s_Mu9vqCO>NF>odsT~j{xP!VT8PvfhJGu%n%#T8kF+Sl5iILE24F-(|`;#^zw{5
zKt{%q9ieDq>Bb8^EN5z`visQMpIQD`mjuX7-L}}=SzZ=FI1h3i_)V?v`+w+4^rojf
z{g)ZvJdmV1<Zo);P|~palspP<Lbux>>rlw%$=j+*oI6FV5Yo!f_>=kfk>lv)M_v<a
z07xw}HSJD);(E4L<9^)q)Nb%c(faFSXI$wX>i=z)2jf4#=n`%v=F?CudV`c~WG;Ag
zGniDd|6yIEp=)T6Cc|0hP0gKl;tiZ_q}O@{ADNN`@i+4tHMF+KcTc%bc2^yvdoTD`
z-S^?u|9zykw>}t0YnUciL8t*=6`KZp?Cah>zG2fKi`N$Kn{;;P7d-B{v^p-`oT-EN
z+SmzhvCHLgJ+XNZ3)2obL8t$Bi{1CvxfQz~5EF6Bw>GQ3v6yIs`?P{r0Gqe9NnQN(
zgo}se4J&}|&DN?E7;MhCZKK@_yLMsM1<!d?nlA6&-_NU&AMUL=XrxKW56#w>@YB!>
zDr?N1bWbIdMF~?;aA7Qj4N;drxr}C^AE@j9B}I2l;O}QE@@OTm{4eU>JQ~XX?;oF(
z)CdWwY-zJaB}>_(D6*SI7*Z55_Az!MgwTc}d$t)&c4jakNs@gx*|M9l8w}?6n)m1a
z+;{hVf6wpt*Y9`E?>eVCr!zCxb-k|F^?W{GkLCHAjvzQh2uW2OKR;WOWyw0P;+VL*
z{((49Q{hpe;1KWxPEEE>g01a`yyEyvop8EAcJCK+72V3#+^WUb&jg&fY%|qRZn96{
z=kLm)y%nWqHpuP2$%9v8m{ji=RB^=uWvgYuj%wyME*4E9n+tVXK_TbV|B@iy_AMj7
zTlABqdcH;apT(WmYh`sD)s<XWJr6p9sydd(()mimcd3tt%KxA@+F9!+GWv<V@%aNn
zN{48}a;hcb)bdc2ouMM`Fy!dpn!#85%sl3vL?cUfH=gWYs6hYv`~m%&qJGM9g1(ik
zTQh!hNT~(~R^(QE0pZ!rd>3M89Hvvzg$VC?aauKKW|OhmHnh?GMQD&Jb*PPsmaAUm
zAkWc8iZ?1=mQ&b5?Ds)j|K_Sbq&3URIrN^MH(9mywfjYqTP#W_*p^p^Nr5OjI8yq3
zZ#&$ucb<?sv>H2%r2f%Ew|!(muFqRl{A$P^XlT1wY&inWz7(mDjBH2tndW>G8k%FS
z^P^Y)*pSB$f1@uu%dH2VN}78HfvmJBe3YpC&)xqZCSLy|i!njc{P^QWztL#F*(m>!
zEkHCq?{3la6l6O_W5?V>x&Ou11(m8dvO&}?T)$BHw`BH<;otKZ0!jP$Z*t>bF<MmQ
zui5!OqczA+Zht@K|G$1c=*X+p#Y+ruf?w%heqc5H>B`p!Rd$v%=7(}(b(0ii?ehGN
zUkd0(?nknE@2>ZeGgt%v40biAYlJ&)E}2WLk1#r_s?93;^*ioF`j^kOeoV_+Q{G*(
zLQ;0A2V-LlXg&VEO<^~?_%~<H64s}z&L>|`2xwuwbl}m7-O0Cs^35u=g_5*?J)6_+
zHaA@~L>7li!PZe}ZzmM)NU3ao4%qdfp1A#uMSX{u>0){yE|wiSKkAaPzm2)$#$y4G
z-nwa%E!){34{xzwKH>I?Jf4^R`+g;RwzSGu4F%g--Xc-JCB_Yu`=<{0&#Qi(ZL4(-
z-!sO;<kxEMT1T=>wXvFw!>$)bl4NO41nQo*ob8;)(Dq7i<)YhmfH%$AsU#*@u}PO}
zk3yTtjCwc`=-r^Z@g;bxXfbP>Qn^tjy8*ngC68j2d&~YcA#L82vO8_gF+21Xmi4sl
zb@e)LCh&RCUrs$aVEn;<sg9*QkX}1#xSe;uB%7p)E@V5YAY*r9;#)L1LL{|VM`~8E
z^xa2wK8=GM#R0ptraj3r<WTPgy^lv(_X+RvaPzl68(XH!m$w`2gS?ZgS)ADwIrY&f
z?T3|jzOdo7A1uTjnFuD+MEa|`{g1kizEscdQZZ<c+f~apEQ?mnr?vl9Sppq#hMG3o
zlC$6_jnrGv`=X8=MaDU4vX<fQzap5$V{nEI%$GM7M}%lU2T%GDRj{P{lwSRk$<S7(
zQ{<Aw-?6IXp^<XUk)3RRZoiZQ)1r&iijgdeH>49@yjX4BEKY-nCeAoFuT&cx0)wA-
zXMXfsXO@m**SBcTR@vQ!%83|OvsMyuJV!O!VL!CQd-VbqL5N94|K<ojUJ@l$+Yi8R
zTi=a^!)68_W=2=niIsKRYc&dXH*S<Bm)1nO@qAJp`?>Fc$-TV?gWowD$ZtbZ4-{ze
zZ!f%3G|a}vqRyB6{CGvu^UU1}9}9vfQa(B?J4e3Em-2xtNt5Nf$lXfP!6TJYv#?)k
z7do2L>I)ZGq@yv&i~aB6Vg@~O+9h+Et5<)09&(~1t3ofV-4`?CfXwE7UaU4UwH1Qo
zb*acZ^d`%B4tr7kO)Fw017tQnfTjaMkz!<mc1Oepm)<pDuXiJ*dB)^o!2!xwUwS~_
zS5#(()V*$=Z+y<xV@|Sq$dtv0jp(FwDH)SE;fsT1njV7VIfigaGa=RF#jplA`!adV
z$?_{s%d0kk1i%MAs)cG>?oHgSd9GyVGXeL<$e(WDZe<Le9@y!o<Q!I26_1;(AL@>B
z(qijC-hcI0@9BwQ#qnM0NClO;$RT*%(n&g^_sK3ERoA~$PnVOqNsm7zgj{WTQTyvA
z{V@c>6Qw7GJyQLn&f)eaBtXDLesD+5b!K5}s1)Cg`%5YGISE{46N&JI(3C-Y+I6i1
z_Tx#4_v3}<2~%j>Hp}vd1I0`@&jX!3?hdIXxV~L{vM<G(a)mzidbYktuDY`jZ^#Wj
zGWX||N{L?@oJXeA3Zux~QJd>uymeA?Sf=S9FT#$_;~(a~Z66~5pS<R~J)7m4>JI7D
z5g+kJNmqUTp#m|=gb-B}1O4ux9r|-$J9HHYVo5AJ;H5KI{)7U7W3a-}yDr6hYVn3n
zz?|iuvCyde8zBefe1DM&X;I4)&QY)l1730T-9)?0rkAc0etmojH%742aq*<HioM7%
ze7nJ+uc@Vd5i6>@v$1l>?U(&BX5UO(CF&ylnYC(1YHO0523B|qk$=8(dUol`n|XT1
zn$j2m{jY@qC%+q|lnJ`?N9?tXX-w4nx2IBU8r-bhH~-WIO3rOG;BtDsO(?}>yGH4=
zn$i3pXlH#ezO|Oq{#23!ajO+6=e@G%xEIXwkQ`x2RA-5DqqF<?C+bzq_ZGD9UTgR8
zA#W#bp?F$LE@QrQ79t4!tC7W$0KU^lRjf|^LRI*%Z70nx78c%*R38ddqpW^KPh_rt
zNG3?>?5*(jQMO(+{zh+nLv3Xe6ZV|8X%Tzm8Rx>nKqaJNjV3JRFr0ay)}N46ek&^e
z25Y2->SHcg$P%2%-r(d0OagvkAyMsodIN&%laFmkJa0;%NA1|8)--ni<Q!BJId*J0
zqEI@fHfD(y78u|)kf>FvySlX6>(6FA)|Y`?o=S2)_-LhfJ<Q6|IY}Pr28W$DYg=07
zLb9Gtp0z11d>}Q;^HqU!O5ZDD3X9?M-4NWeuv?1e3i0(mCHvII3cFEedf4Z*@l1(1
z;?m~ZI?L$c-EkL6;7*d(1t@%INt-aIX}u=U8c3~npL#hwGE9u1`E~7Gb7?=?ClHx^
z5;P&fMs{VjY!xl5(!EuAr`o*`=luq3Rf~v9>z{^F%NDm6d;CNW{4>>L3zZ~jkPo>x
zb`JswP&Y}Y3@lChZ-FQV$@S_~sO-qr<s-~tu%tWwup3Jvl~L*<gus5VcUy#a@)079
za=o|Ap~Cc)##-eNGjD$h7EWk_1`fNm6u7n_d-LxP%UGMi3rf24?{|f<^F7AG3yQmH
zQDzo|`ZG}3=lU5Jjv>$mu}r6-_h-J=Z1!~)!z6&NZSCWgM@`JJMw#n9+Yuuh9Q3WW
z-ik$7(Z)@j)xJZa;@mOIU0Z!Z?EH2Lp*Kn`$B>xyUM1E{B5ZRJ_6{kQXj#Xti;Lui
zmW!$#OUdcRAcmgyU;qyAGhEfFdO6$l_U+X^IfECX7duKb`U;3idjZ>u;-(qUt8<-=
zT_aVRt*1P-DU~iX3W+f6p4p<_EcQNa|F5}XwaE)OzH8qF{gz_u`p<4Gcn^7;Z}_Bm
zfiPRR&@+UvHR-?c*y{MbwvM#7IB_Z^HRp4KSdO2BoF)9??3ePvnh+Kaye;V?ZSPM`
z2P}5X9_lNgkS9^A>K1tBF0Q4*KG_3ivi2Y-r#+OtmgXer0ioxKq`J(D;KwzFa&EQ6
zJJIY;1uj|MyJ$sm>M2}5VwH8+M00Su)Or3Ud^63nk}2FSuxGDknp_baKTQ49?%#3v
zGK@TaPEI;{gPF|L(RP7ZzSxaEF`^``oAH$IcSk;cO#kPcZ&Gc@91Y9VzK5~&=MYeS
z`keKV-6^(hN2oqmN>l0VRni`&t>j)6(P8RWO`8*b_OZNPY6zG?khBM5r-@5^K-`cv
zu0ty{^1H=mDEl(w;5Cnjie_<YH<*~ACS#}XiuAxb($h`{W#?JpYOyIt3(pBh*M2~s
z>F#O{lvKs@!;VGVyLbCs2cG6V$Cw5gYFgL0PeYkxoKps2wTVw;^3(b<r)k<eZ)Vmd
zzP=W{d6eypodUBA_uiq^p_*$(r1*@dLdl9K4{Hv(^V9F6H(co{-Ka?RZQgF>*gfRT
z$cw3o5b>1qXXT;r_R>8RHY2P&>l+r@G+5>^QH}%@C1Uf*bdtA7m#kjbOjQT*`ikha
zv|1FZ(bB6uE^wPO=_UI$;?7D7C8&fL2_FmDx4+Px+JJ%K1m#Kh$-mqxRMuX-{81m)
zz*>8;G%zK;Z|tM{u)pD#44<;OtpG3VxoXuSY-e}QN4H2Msk}#7ZxS_AH72n!;y*2b
zwhdE1UaQ;E%|lc9!<o(X6N-G^r%?fYVS>Hasx0*~ezIlQK^f*`e&cn0{Ut^MznI+J
z>D#?DR#E9Mx+6G7B`zJ#58RnJ32*-9K*ATWs&CCHB~CYRsM@fo?)57JKnr&h<fKdl
zs$q3x>$g7@K@~9SM#6J`sd|iDud(a1wBD|*@LE1gq0K4!jueHl@qJ54LN_ku6nz1p
z#WnRNeUk!lzkRVpMs)+>F&|`+zu9v##cM^Zk0&%30(H6gYu7Cisw<>?825G+s+5~_
z1ZH`NBLctB4pNEcjtu71>lf+=vcx*@^F@QobTe)7j$)(qqtDd&=LA3PQi;43l00vg
z5M`UQ+}ome`qfqqsS*JvxB0Tw>6RuuU*Y{r^lX#$GyJ~|4AjRW?7pA5E6f>s%V^7&
zR}LxTmGSu{huda*c(&nY6HBC@X-+A<#`YL9%eNRlA;MrA2j++&F<|!rW{2A(*Sw;z
zrvQG*?v9={6hSgK>7X3x-hC#n`yBVKox|Bm+{~H_R(GgtUczo5ua><a3gbAFR+*By
ze+sI<DaU-Hdn)9lHFKzf5sctTHvN1cH@}p_f*!>;?E6l<ThxV9iW9f150{hZ{-a@+
zarAwls^P3X?040p&I9t62yT0;y<Ynqo_T*L#NZ0I39>;k5hnkpgQ^MpB?@IeHk6F=
zv}gw+!B3jjbRnxwWzUW`;?}eErvz5V<xhikM`Ijk9h<&L*J7$-A8PE%lZ}OksO0fH
z>0rHa+{hBnFC;$QcJ`e2h>HJk#IAkUlds<#ws`JjJUywERDQ>cFD%>+ey%Yq@+34o
zxAS=_b>TXi<<Z-&5m!UXh#6w+Il+#zAgP`&Q!BcdsJvUsinj1rZmjFi)aSX!{l|b;
z4C<bn#0`_`7=iDWV|A?sn345y2CuGnH#R>%T+yU`OTw`;txi6;C`$)^bz9=Ryrb!K
z;UN5|Mw~pipka^(5)#86dM#jYHGmRO=@VPeS6f<r5QgbET<ikpggS37i>oej^t!gQ
zf4E>cYRE0xjXuBEdiL!<<8+F#d~xad5m%RaHZIxEpdYRm<w=^x-ntc1i#eLrcE!qD
zmsWsj+?vMtX!T%Vhc=lY29Qws9cQ&&umukci(hO3Q&-d%i19>MUK!T0wWXT&9bOn;
z5)Q9Vq5r%Zh^_!=^sB|^fwv6X9hQ3pe;8#H8XpsLR2X5qEe)L&HAzp?bPYM(QRt||
ztf2SQ>&@;QT>ktK^vx}dNG&1pa*Z79=MpsWUbkSO=QzR4kbr-02!@O^4-v=F9j^^L
z$~_Vzp!o27YRyb@dgmuwF{SjQp@pCOVC!?8pFY8bvR4#5(hw}eBYvy8=p_r59#pU?
zz1J^6ni<yJF4IwH?J<5A(E|}x6u*w^TxBMwD$K^^KV*OP%i|23CuyU4_g?!Ok)Ef<
zYWUk(VB4Brm^^pB*Icv6!?@H!a$xij2kgp^a0%|y-ROQ7bm+Dv7GpTpb|&=d@r&;h
za5}^kW#6V0>|$1em1`Csc<G@z29sU-mr#h@qke#|&8-Brz%t+}c}^UBq3!9W^dptu
zs?^T<*(&_Kn#fuM!grG*Ar2Kf(%!ryn*8Tdw37)m(@Cit_9N<2?TONJ*`v?#n=cBD
z#fQ3Cj5FeH9jl>;?(VLk?;dAA94@(L2A!C$0BayWdVq;o1DfM36fSC$9x3FLZ0%Dx
z#mR2H8Prm2+cG@br$xrdWcaI(CD;gazx!!FvR9t$_Ct&URo|WA5wPg(3CWs#wzWD8
z3wyKpv~if|z9#+<k#~YDo^=_#&b#mXVz+%MDP)jdL+0iJZXn+*XtN1CP+k3b6(NMF
z)d|1pkGY^&ckr}xs`vPEQ?QnI23*8Jh}~*3-`~48UlDQAg4l*3m%*)2)XCW#`kY=o
zYB5Ei6!IbKQPZ!Doz=D`75&}m*uu?eHCgG#rqn>|Wc}Sl<=z~_^ac&MT&cK~%C}n4
z&<sBRZA)_4W&hvLB~<NS=$###(?7NL(JshfL^#l$_S{c+a>>2n8OW=zQUmC-=rrnR
zs-R0n?LYf5i)VxNcJ=n0gy;R(g-R(yj}>#0nW$Gs{{5?cQz0ipVaO$qV@isIa8|zD
zmblN2QJ^vEd>?_Pa9xo7+{{hd*9fk0y`Ks4$xA{Cj_*n6ks2qGa!pt$D=!{t47O~W
z@vLJ8Ji-gVKnaxdcmo^eaXRtsUVzHi(TdsSCOA6w?eeo|5y8M=Qlur$5^cRRqKJ>a
zIh5y~6C<T`MH*d`ffMFzT}*V?t~#o{ITD*9Z~J4h;Qs2=4V{$V{@a!2HNRZiHQHbg
zzQ$6ydrfPe#*zDLm8EjsI`6QN$5iP9l5hm(xxFIRT!@G$lj22ep6#Q|mQ~pAlKP3x
ze{%MJ-Os}2N=2PdFWfZVOm`OZjD1I%kVf-7Cz=_S-jy^DDO54}Qg4;#^+Rmr2PrnH
z7p84!87}T`g0)mG)Zrev*B^IE;laq-TDF|y%!7&}BRNmYp7sQbt!#2RCTfbj+xN%t
zvi1mSXRq)E{ABE@t8$c^eXDJ%ynKrUqt3&HpT&$XG-VsgYjt=-KHL=XD-#m^`YCXA
zo4<2f--8J099V7=e1sq(TBTHKe6$+|qA~qf?$^ED2T{}PT5fcSlMvnndDLL}A5uVH
zM`1w8^XL0fL&4++v7QO(Ts;5?aqHpdK6B#A!%y>O8gcB|casx8n@23UE72{IKk_DT
zvWM^QhJ|C4a_63<{%U*jv){EhTQ}*!kF%?><?~;wn3x#qF_PPi4efKfh9p7Da{)Dr
z5;3FR?24QkAX@#t^Ppq?gtSfW?p$`#iY{NA<NfBrGF>3(iE@(Y*nko}cR!zycgkn|
z>XoS3V^rUwT}sZtEd#xgr*QaE`NbC_o@1lBt5Z+D*3>RZ%g}|Zx<t5kshQrpp7jTk
z<d7I_B4>b8MxVfL#njfi2`qML(}tXZ#9_{NkaIr2wBjIMx<$Vr`mu1PC$74~sEtun
zfFr2*^;=^F1e4&uS&@AZ12+(_4^gtD$RT{9wKjE}kXu)&d(~=28E@ME^(9D9rxt*q
z4GeiiDqr^^veInioPXPtIrJ47>nqFJ?K5}<c;TO+GTrdnoI>U9)^I%SKfcH~V@Aff
z=J_-y>2BNGrHaQ<TQ@3BsC9@|7Cqcr8GU`fY_12Px;>{a^dH}F@h|`m1Ovkk81&eR
zaP;ScY^VA`b({|bc{l!ZKYKMFhHE=F_b){G^aR6fY+}-Q*omKO`0rMPqoO_wMNNNw
z6r7142}K_I3$X{6nfX0j?r%sQ=*$g|vH!16ojx^q^e>tK{Fd!SLpzOP_Gu{PzpMv5
zmU?=6E;t+ZN&ZqZ)ZD>XkQS@<v#=ka8fgLS_`i<-*HPd5;qJ`Tmb;A0`7a1O_r(9<
z!q6sv-ItoZSV2_SVJ8SgJBh=|ak#RBlpS37-&#=oH?|QB;QuXt{o~7A4^~n_Lc$5`
zL0rE3M?|%VN8(;TQ1@`&z3-|_-&vLOm@%NOrqcOK`2|w_H$Iq8wFPWk^<D3QhunjF
zzxx+<9wfci>KxD&u-PCqxHX;XY(?MhL!2Iaqa#%`Lf@lqfWPG5V;-6n+eGLl$+fD0
zA5WW{x#qQ$MsjacF1Kz7D?L;RQM>auJpaR>!ifZ?iC{^VPQswhr5c;nsaAI~dc?m1
zNy7J#SRf{re_ul8pZAYqTzlm3=tZYX#GPW~Kyf259xPDkD+$C>5Ge3cFg=wm8`?T9
z5V=UC2Q1w!K@OGQ$KETjIC}G0?A|WTyvAqUu{BZFsao7Pmo*-ovpYt0Z?j+Nx9_5|
zyk-5W*F?0uWBv2PP70_oX}`^-{*@h%vsy78vA*kblfCnUpaHzT>TY-0`Ha3|`>qRp
zjS*9M)1^+N!O(ku-s-Cqu?Tv70j&&}Dq>FIo}Oz-xP)$tV`e>Wnyi2tc9*$C)a|Cs
z$^sQQxyUuKX=HDs!msDLrPmnq{7{9nqwn1h(v7+aGi7!pO7*H9t&SsL^qa#ju6jiq
zzTSXKI!9Af0w}xZd_e_%S}#TE`g?`g6gpvKS88M)VxX{=lIBlSrElrCzp?!L)zj)o
zAnw>=&B`zY+}oGo>;i7jm_nrjb|!=fkkH_R6HT!dhMAg^tlEAX15cz}t~~k0?@J}2
z5on3THUaeTn7S~Hx>y15&W>98?&45)o^gQ{F<|4D;^Kj}UnS^8OFn6v7s@N&&wBn4
z%c(3Maw4>{B?d;Hl3f6iwOD9(M$74AFdtO=Bl@@ZM%E?&=CWI2AD5a`_d0%EpXMh}
zfBOOydarz5P;=i4@V-{s%Q+3t#DhnLB5X}1k#kgc^9m4zUS?%(zgHmm_0&+h^i@fx
zWb7WulRVy<mk-{mI~-~Zfb|*m<Aaui>;nS>8{kV~$BRuXoRSfK%Z+kqiUqB=qSjV7
zQO33INUNgu(DWP@SN?223m%!d?$n$AL3#Nrm(xif#Mn~UO*;Fjkt+8m)WJP4lLnfE
z0{QRSZ;Sz^9@N_l`6a*H0(l`>TC~BLj!e>?FR*&#*m{Nh<<WBCo;|m>K^`I<4uCx~
zII2Dt8MwEaDs^ay;jP#h4dF0riI*gQc#={iKjL@Q>v0MZjH}eoq9<*FyvOYTKFNCX
z=ld%SuoZ)fi$Lq+@{BoD@c1Rm1*SvR7@KsL`X6x;h_Wc~q}!y<rK1d7(gSw4H;8l^
z(GxsC!Ym9i4hOapRx`hKtQ87rh;d3s;ecdTdA-|M>P0%{B$&aayKVHH*rcgXZ}o~n
z5jCX2q5KD9you^|==ShYHp{LT0MD-&kDA9DgvS?nhMwns*I(^j(weF|!hB_C!w7Qg
z8D{|z^Tf{At`_Pq%AbMq-rJfcD~@c%nDgqlnD87yhRhcde(7e~myvlT&1}HhrR2la
zC)sOg0~9BWZou=d&ni&)edj_Cs5wDq_~<nraYG{Ljgg&(@aIMUMPH{8Sm;NOBhG(E
zj2Ncm;Xp9^EfP+O&*CmWS3dw%FSYOb7Nfk;|KLY;kVe#TNsANeJTmp%pDXva=Mk0a
zG9%}8;wvB2*(M+!%R2OWkTDA#MUS-5Rw7qn0}aMJ5rWD-mG(D<IVJV2Lx6jysyxH2
z-0{QwitS8$I;AYn{8g@Vz-p3I{<!@XMqL<c@x1Q}Cu%VR*;nQO=M7$JX;<P|@S;>r
z4|^KCS0B>DffwR;QD5HYmxAH;G;tZXLHnF4im^<z-EZilT<8xFk`booE^ecbB5CXb
z3YBSLdS{~cR50bPOQSakOZBX84_ZOEb+47CJ4Ks_-M&%qKZf8(d;a|ri$2jNe)pHG
zHg^+cnwgotMe{uo`REdyq=|@7+WPZ$W8R8BD21OnqX_DM<nL;4CyRGX$7_d<8unWQ
z3W8FL*ESse!U5%cfj2e``eJ<h96$Fmx0mQerPnXS^>bOd?1##c7Y#Vq8+olNUBbmp
za~<A*DBj0>+bGK*0u!pVv(zAUZp<pD99LeV_h+sQGtULv01IiA@8h=!K87wDICCDw
zjGoIFle}XNtZ4r;9mEhj1h=@M{3WQ99bv{9t9@ZRN#gYWv_Bc?Y&FElVEF8b-+y<7
zc_$3}U_d=Nm-q+75I55ET#1+qx`~y`P-(l5cwxhSH6GD!*%x?aF-%<u3*l{i$5{31
zuNGcYQHkdGOs-rYRrG*qX6q%-)gMo=^vR1BP?URr2Bot3W~L0|%cDR4=HgAGdnUUY
zff}gjV)to1UvgQWMPrN<0&hwlEDOnlaKnq+!xCb~*#1t?CygqEW0g1FvpNj>F4k<Q
z(pObC%5eUz(Z;A3s(Z_^g;BAJl*)z_pE)tUD-WN~uY5%h7@k1Y7-H{9qOC}wqHCN2
z+)%L=DTVs^G^tzlJ<3Y3Kkau+P$L;mu*W~&kKs?*1918Bt+7(w?yLx>o`O3WeVFAY
z0rbcDA2&(aek;u)btS90r?lSp(!fK;llzMrP_|szktb^<`45S`*eeIwy$E|`WjyNA
zAh;rqzQU!S9qg|mAF@A#+j08uw{v|9EbPc&p@gEsqU%!o`<gWa>xq{!;vFFRp)*$6
z0{7f4Hq{Vs^G%EDLyu{zTZiAYK60s=UEvO9ow@;(w83IR0h{Sqsf<D$6Ql+=#%rxZ
zi?n;Q6sfX3lR5gjs_+i@Z=Q?s7w?Z-rh-7fIB+&rX`F)n5rIG7Au|{JO+N>D6$EGW
zh%w-Oo>}>?!w4X3JVa#7tYf0MS~Yl#6Xl&LgT@TFp0-CNF5*45z>Ux0_3eQP<??Yg
z*H5Pgmpa9&Z~Ud#5EX%8Od^<>0+yq!`lIE4&xqgInUW`p85yX>$@x$z$SB@Ro^=ON
z%^8I^yP2afW;?VII(zoTQ&wz`b~cx#-e2+Cbb*JS;e@?w_X?FUflUDS4T=<EN9so0
zZU|!|$w1+2vt3P^v4TimORsdS!ZBEZnQUL&Pk=TImqJx8T2!{fO4=Qa`_*w3#yNWb
zypRV0tPiNRY)09lOw>zO=&f+JLXY3;a!9g6l<GZYHJ-6)PrKpSd_JKcFsQRrnUnSi
zf3&Pwn7G%cIS{DbhIHa?aZAs(r)%W@fCi1<CwLYlyZ^c_7AmJC^xGiF5xm<s92zzL
z9tkZ*mLOA!^cn&^Ty>`o7XDt^Hd1jbRXmglyik9FSwQqh!xJ1*px5rEC=H;5jQF9K
zMIWTUO$CgVyD$q|gx^++Rk_vPN`lmbjzWZ@d6ioh_F=lW=;e-F!?P87jMs~iJPY51
zs*BHkJ3rU|D7K98QaaiG4xl0XS|d4BL=BcVCt`;{s7GF^UJ7Q712ODdt4;{@ZR*a~
z;}=aw_12#5JW2JRiXR~c(jP>g1yOQ3yT=Q*-!SfFvLbp=w$I{GAlOWdBpszbbQ@<b
zoWKyHN<Cmov*8ZIk4H)vu_L{F=tj8<pbBF*6Hm!+VD6FmuN8^-`~M+KOD{H1%Y@@B
zJzFFzDlzApgGJA0Ej588F;y>wAE#rjcAs88sCGfoWi*IDs&vgH=raE$7=zgG!vqFE
z8d(yJ#T$K)LnacKtl*0YFuMux<cdI^!_(&2!`cr91v6Gw;0Tg&8!frCkm@|u4@9Ko
z>772}hOI;2=SYFKJTi<AoD7QOyB&(Lzx(l8hgsQETQGxNN%1q#%~$|+JJqb;V^p=|
zL7lhwh!4uX<u#x(D)i-r4H{6d%xNA}n>6?s$#+2BsMKpYv)pd%Op-JT(*uALJINIL
zs?~nlFG~=RK7ne^70i%(i8#95)=~opvcEmOw;XBC_r_OZc2j|I9jEUS#{<j$2qbOB
z`rpuTYx2L|l7in(>Ro<U9gwCo{zXe@fK04vO-%XS{ST8bJG4^I>e=+^a2+rgv(;M5
zkGNq4tTMxV^Hn}Q`St!WgD8x}0Tv1Gaeaiut4x2!ygHG>7!&TW(St_I>XgN3!eZ@E
zycA+iog2UvZZNrkjgr*+O)&ywFqPP{FDi4WY^EVx8+kl???1Uu-`g#C(w1Ud%n#v#
zXU&P*?ryL5X0M}35t}!=3zrk6v_;lv8?zHk+z<n9g<K_@CAFb4_a{JJ3YMS<pxst=
zFz>2$^&5jb?B?D<(JV7Db(wFxoyhLxPuhm+GL@jV)qC6Q1cwch=i=__aN2_=W$I7Y
zi9bSguW!IyLk4zT`QP!EXyyyF()!a;ys8iT*!XYSF>XmMPjTYqRmUIi#L7|g_qxg!
z7=?4VpwD+uNZosE9oce;I4tP^)*n)*)$R7HiFe9Xy3Xb0m;uP4|Cjt~s*<wD%qvE%
zOB$*1O(3uh0WKFguoCP~^rxjUf4I#fOG#CfzlYp^RN!>&<W$ljOGvK4T8hjb{Tu!*
z+!`8%AXT6p-|rCa6uo_r0$6o@_xV=h5Bb#3IjMUR`($jC$omI*cLJ_Z!M-h5)TZo=
zrcLJuFr(tZnDQ%|w6bC3omuxsWOs*rK+4_F5flij-fT+vD)0iBSxRbX6v75Yaj~*3
zkBqCC8vJCPsp+{rn=_<U_av_VH2IgpP}%<PN*#-sfOe`yM8F6eM?@`+Ni@-hD0?1H
z-`ZtJj3&<_L--WLa8j3h3(Tj*?VghdN}3oVk=8_c^gedx>-F4IcI|1;B*G6sZguQ{
z!5m!sz;AlcKz!#}@$0i;Ln17yhs|QItqll+DUK(o--k;_X}8k$_v3pW1@gFOU_SyI
zf>UF$ZQa?^S7%46@NP5xRV70rr5s3qZ!D|iz7OZ(Fnn1sq(-V3hw9ENgj;hK<!Vmp
zjLjQ$f$0=q%XX&I#=9$FNe@ThvNIKBGjhX)H&RJ+Zh1Nhg%-(BZewertZV=SGd+Ki
zj2_fle;=d@p8VFGq0zA1hhgGRa)UMdr&^OPN>GVHAF2C?N?kKq-Mnf~X|;fLs8_=(
z0=t=>=42uxrG(6&m>Q*{PO9wm_WMcUm$Wvv=W#5LR&VBXq&0P1j$GV3uY~ZZ@uNxy
z+?Ej%`%!-T9A2uUZ?ehZ`j~BK4y*GcT|TzyPsND(mVJ=4jE-j8^=aIGn^VW^hc<qi
z4tNQa_SVf)e**^rtIDFK|0EB!(wFK;HTAGUp5k2xBB=Zhd7?e2%vsHXer95+L`&*?
z5m(({c;Ui8OKAKtg#DpUCBYb{caO`WS?Fs)td5&p1)&3YB(|r(yl<`-JFP;*+$(q}
zaqkZ^3rhVquUR+Nsx8HD<uE8@qpn?HwYlu?+=K4QSW2DD@dvw+vIb>{E>vVQeb85}
z=??I_L+uZ}v;C5RQa?)V1GD4WHbCRY2s#m-;TaTTljzJxIeL_3+9Gk$>6XX_dT|g5
zinEf57{y;@V&^`CFlS!w7g{i~bP0{s7VJ3v1+4HLXWE6OE@#ZjyyTbtu}vjpe;;EL
z$nC5ytje}>v_ud*ON2vM8bkR(yczH9(a%J6ZMS_;R(xMSy!LO;ZC7i`TQsaNXQ@8-
z_1T57;l8|OZ0c@~gHSs$&_YywNPTsq%l=i-qi>Z%_2<kI0;*an@5Y`T`rg)si>;T*
zbg#%M_sw*ci!4j+UOJa_%~gGP<V+lyi94b2yY4-4BWeTb=uDGS<$^;cZC|U1St4Sh
z9x#Mk1!h&9%BmL7^0alxt340tt@5G3q?J3LZ9EKU{iBM}cC{FM(UZm3qnH`xoBm#V
zOW}y%<EK|=u6nevCb?6w$6ZB&9sW>w!`<nth^vqf8EOBT=OcI4w_LY);0Gm{yQW+B
zuTD22#BkG31-JFE5`nO)M?kP9)t<iFg+|_lTdF<YHY>wb`785m7ZiLx-y;_^E&-kx
zUfMX}F%VI(nXSldev6>24hkiJfcm8)uD6bj`I3i`>aakh`XMM{<||SBspyfVg}EN5
zkGTrrOeZAG{;aoPFF#X<FvL0}+zY30cD{I=SvZ9X%)Fq8<0^fRaJz$Mh%t~I8KJIq
z!S&UZwoz<+8^qp9*NL=7i!V3kX<sK|StPwz`$p|a+>wXSoSD$G3@~){7wwtvMKdj8
z3e;G%{qp05%Knv7GWV&D@+BUfQb`J7@pt9y&G{a3Fl(?@^X&SFKb4<X?J%xHaDHoy
z7?P_yajshBm{Z#?%Iihv*FQY>MQX5Qqw2K~$8t?RX=`FkY>L~T6SvzFJZg4UQV%{d
zssKr%{85twWvh=qeh}?~$(`SKdUXq%-Mt%vs}~-F@@IrND)fVfY(T3}-QFL}yt+`_
z5>UU-#YQF&^xEFm5}%LIJDzt&sE*Ah<0edA8#@?Q>pOQ~t}XEQrK~oN(0KoW^`+)B
z%J32QUG!t}TZdHhN4z^T>U}l9xRvYwC1~Cv;o`^3Ow!>hz6>{;x_O?(JGC;lv;})&
zH+sS@O?xCglXwZpsa)1R0S_IFw_aquq3%dD&I%VW-0T<1!tHi#>^axN*i2IP3ye3=
znw(M6o!BpAjrqdKcAQ%?PQCQyWx5ZPRp_IKkp}gY>gH%j|HMtiH!qcbPK2dQe};Le
z80cs*CFmPa1I_Hik<-YW@c@c<&U8)LyI`iT%jd+v8whN0y*uadh@gzlJB9*k?5X`G
z&9~zshd)~<`|?le$IL|@z%^W-{`%u?HpXmyuD9sX^r&G+-+r~JPTEV{+*Q9#Nl((3
z8@)jBQ)gPDSx1Y;t1W|7))U9o?6V_QYbkEiKTr0SJXt(LRNV&=uVoBo=3tmgh>0db
zc*0tPrAe={(6n}#ZEWtu-m3OUv<T@+)t5FtU93wO#)*G>?G-G~NY*pBH?YvP{?K=R
zAJzAA{*NzKW;yXu-pdGEduc3k;Deq$<pYrkBAyAzsTUkZn?bi^UI2z)^#d;QsPD+Y
zJl@bS^dQ}<*=p}0nMhZ5=-MU}r86j_Bb>+C{cehtj)pK}EI3mV!t5#}Fx<!3MV{Yk
zVDU*wS)9%)ykE~<YA~u!J|#qca}&`tQ#K>J<!#sQ(CffUl+3V>%xItQ^IV$e6g-A1
z%fN`9H|z&9RJ<cjZEw`$jKZr=`?bZH1t=<6xfnQB5FMvs$QV7SReC;`wL%9^0MT$V
zI?1`Jr@XdWcEeJ5PD(FbT41L)?kA?xuv6+jkUYRE=QQnMLx%znhO+p7vulqqO@7t$
zr1j^?F1Nr-eKD|Di5E;^iScdc)7(0118s4?rA}m1V?V>Kyc-eZMGXta&=`CG)2sm=
zZE#K4aPzdq^|SYH9YUds0~(0O*vBZ>pc(5+al+lV?s%w7G>yc&oj${V^n)A<!)lrf
z4NdI>WIe$(WeU4>$-K56Kwd%V!0zMPBgwsBy1Sq{(c8?S5ysAzEq)yt9?mPJUHOqV
z{VN)!Wo(q^$eVU;t`FyIoUPY}4#Mk?U_->lXVcy)29c^t2*--f?Th)GQOFYXGl$Ds
z9Ck@DMB-y3)oNix<d-tFy85ZwI$veT2&OhY=mUqRD0jI$Rq?eGtW)s&xu&UrOZU9j
zm3=29#>BY2uThC6v_6(jUB+0M42eS5-=@BO`v_<#StOhD)WgMFw(QIFDS+RmdY_*=
zbEEXq{#-v3>*Cp2-3dJN0fX(eE$rgA?HK;-#rAEf*6GWPa^W^@G)$efmM?~3wzayf
zF##hz1j%h<I8nB+mF1$0o-jwKa(&O`H+Op3nt)yln*Z(fcc4+^k}}@MZ52JS-e*+-
zVDm~fb@6@2LeFr=7`Uj<D_o-1<`&;7p7ahyvKGLtjmUt4j|6X^$!z#MsGK4cg%ib5
zh_tlO=c%~2Ib+xtYnhv%Lr`7jSM6d!$kAG(j_{WHhJM$Hf`E{Nl=#ahq@$Vi@NWX!
zhMbutz1OzPE1VEma~vp=Yy@GXN=)nFEF)y5XerooU=Hg_%G(s?Ke~oM=S6V`8r`dy
zJLm}NB+{BhyrjEuV?D+ba@%?PWA8M|%c{@!Ip%wr6G;v*S@%4K#Xzy-R~J3(UjkI5
zoBUv(B2f{0p<#ynbq3E=wfI}L5)z7W1OX_0w4Sx9>p8)YGZb`#d!a5AYS_p=ay}~O
zRfxJUGs^$Xi(WKsgAD3;%&T-rB<{rc{-Y{K$MO{42XBg>Q+b|FvElyX1sWW%7@x}y
z3J<;nsCW>?CK3pC9ra8aXU@ZhL8{hdi9w;-_Onhk!CFnr+-&pdl*`Q0f`N{%wJU{|
zT^DqbV0ls`aY$Cbm2mkMf&=p54vo$gt9o4N$113+h6^qU6;Oq0<h^`i+naF`z8mA(
zw@l0g6g|tQQv+3c(Y5rQETW%{0*rLxcTo&#^YOsFA%mGq{5v|_$JR8w6#S*~)J;mG
zxKR}uPH>r;Z>w9(Hpl%1X>B$g{;2(@*z7i0d1o##i~4To!zTNeTt&!9Q2pc{%0=o4
z@Iq=?X&#X0?l#~R1{`5NP@T(Jq4`xR(}Kd(`Nx88l{{{>kUx{D8RHViuN2DDEubY6
zblLOg33FnA|I&9yAcB=zZ~^k}NbccROVVW@Be+B=X*IMp*9w*QOCS#u%<ork8iGaJ
zX7SWhR@~dgV;2A^Z=M5SNb|lz(n<j#KCf?vVA3H2wR|ZkE8aWRH@`W7B{VU26qnvb
zK0zjYo>7Rui5X(Pt;ut#`<7Y;b|1>+etN_bPl%#t^%T3P$O<4@2FrGFu3fX&74FY*
zXwF|(t^GtGU9k`53j|Vr_X#WvJN1qC(?8iaSBZ?p)gJTZXipPY$^7;*S}|`OAX|;!
z^xwM>NFH6STY8cE;v!Te%7iv0HZxP()GlDR;~p(YSSk4Q$U#o??8z4$^jE>In6J5i
zkUABVsT23ezk)a@&of@R6>omn0F*lKGV>d%f@$`;`wk>m3SEC{QcJnYt@00>eD!XU
zN(1xBjGfhnZXPYb6A$|{?*~A%&7*HIWrk<9@R27ozI=Z-JgwPq1`L4-TjrBCOV6%o
z`LE&@qH59)zkaWTyr^g2r6IVKq#0!pBJOCY%8o+^UhEy`aZB{24v!A<WJO#(Z^~2_
z<-yvvv3CJ9^T<gh(Ly(^%`!1=X~!9Z7RqaZiUk{TKma&vR86)?xlYE`7V(iGLlpk6
zBW?V9bMs+J+|TrnA@{I)q)|>_xIvG8*#`pfgeE#E@+E_N{P&05{zdmjat(if@!v_v
zP9WC$_s77$|C@xg`G0Z+ri1_i3AKRUz7e>RnwGWsG?3il2}?@6N5)#jvO#7?L7Q=k
zCn!uQay-=y|3&eF$H4U$9t%!B`8R$1Y9HXp9Upyr=~@8^TKgLjyzPGd`gN(#3@OP_
zm3z)E1Mm9=lDfiQzoy3Qy5nl)reR1Ps%RsXJM{fx7-)c3BzE`_kf<@(_<tX{kU1E=
z7(v=NFuy^5x{>v$IJmbPpa%23pRF|<!15J9FI|>^czW=Y6Z7Lr;GQ4+g9hw+cR{33
zJqfD>);mrLx<Zpp`ykqXd)U%Gij}(FYDp}ozoqw2n5&l416;42Fun#G@&avY82xcJ
z;&6VA3^6rO>1m&+eg%4qH8LxMzB-d(;0+iQ^#1eO)JtO(Xuy5*Bg1pH>}w^>N)MSq
zAX(4;;-?H^>eHh`FA09uSEZjh@iwtyBw$ESVfGvxsZqOL;9ND-XX)EY(iBke`2GuA
zEWmN6%K*y)8`}gxA`&&%&Cnq9geul^|6wq^{u6v7|N9(z+NTB$c#gn+7{sx`hF&qG
zYEH&}N6%_c$VBH%!*G@)#_-D5e9OaVmOc#+=7+xM27sa+FvA@D`>C9Ky0ZR=bQIRv
z9(E2JoKDg6T>Om$eYXtT-M$_c0e&yVGlSXSMr#T0T;#=6PBTG71^#A@rQe`l4m6AS
zHR9#5PLf1di*_@GbT&htmw=6I0+_osm@g4*0Gq}+1THu7hKNOJ!emVl4d{gN{rq#9
z%n$?o-(;%opC#VMf&Sz)q#x}SismWH`&+c2J*=La!AK)~X0zm;cIWyva0D!c_>q!7
zX~Sf@cOwI9nfN=T?t#bfH%({|RzDWanq*Re9ek%$D(p<$Ehj{Kz8%jayaQ9P31iD0
zw<u)`M7&a8(zn1=0V{@oPe4f8%dMqv+Z8HhB%wH^(&fcK`Vg~tcX9+?_Rc5Zl>o9C
zz9GQZCDrD3Oa7S6Np&(WcPs)mJD%}FRt)#~uC(#T6`lY5LACn||LHJSW>KZrQ_Sh<
zKuc#-27pR<dgdT}0@rlUZUSKVDAK1=yAII)Lq9zlfVRC-gazro*5-^`QNwE;({>7M
zfPi%+rGLWnL)20jgziu@pFDoZ1o-_xV*iiBz)X8SW6XoyiC+@xq{Lt*H`Af~kf30o
zcew!<`}fCymC%qXj;T+l7##xU+5v_!@ZZPj)C8-50mgIyh#D)H<hIZL3RJJ|iTl9C
zX7yll;H}`q!f}F#PY^Xuo*XRqU(@Th1Y@r7z+8j*JpS8eng)7*KlT5Izyk`p>wjMv
zsEPkS{JKHp#^Q)G36Cnt&(A-`kr+G0@{ddZ-{S-cGP;+k$z~4d0x+*|{UIs1EznZv
z@7~^N?*!a`Uh&*nZZZc&Xq58IR$^PnXP@<_4n3GSprMeoyOW%f2|xoNE&7ihs%odM
zFAeaPuf>IIY_<sH$m9=f<@vi_^O6Rq4SHGrppL1pCeo=TX;CUWBm8>Iluvex+&-5z
z&SB9ohH@`TYUgzgh?qBYp32muQ~(A$Ez3;@<$E_tp=Wzz_7UKftpCAmA#w0^oZzFD
z^1z3xDTI>tF%gc1Vtx8*C_v7Yst&OGt-U7stl}IQK1IpLfZB!=@Xm|RLqJoDHkFcQ
zViLDQpL=~dpdFHMQw%vy+9o&jy}WY@B4BH>+-*{uw$`N|a%EBjQL{iI$a|T%3bd}@
zO+Ye@&a}K34GZQ*ngz-`olx1irwG(CmzlX^PVYe8ePkEsIH}a`Ngh5~${1%Y_`Udn
zw!z*~XMXx*+W9IW**vEa2NPK@6X~`B|6jmTq3HE4M<-#G{F^r2$o8lyx?-E{lxb5;
zGD(KM*>tt=Yl%>W-@wSjksO|0)9Ou5g45_}#gqU7nC?Nx2Jk2>K>(;M2wt8dO-1`o
zBN;xax+Baoy@dz|1~|n4!Q^N5PPVok$`<!eu;?T)RO}AJm9FhZ%jDlR5|s%7VMhd>
zQrnUp01bY`ENHxI-?+I`ZNw;Z5cJmK9bkEKtd)r7InHWTm5+@>^|(pni?93el-TV-
zlee~jjQpVVYaH|o(c7l@0xG5~r2x7Y?J=BC;<!Y0s2Y0H`J{Ppy4N%+UNR*9&%J!p
z$2qA1cv;8p@BU86KysPs3k~Ecs^QXyoXfWfCBHn$5NZ9=@tCliBXH&D33onG<>mkf
z&A_v6uaCXD9)HQo3Cz?A01*@1O*xd;3@%?#MfIdh!FF5#PiqE*RhQ-3%8^6)Fzmf8
z{JOz;4qcq^eON5WkoUW?b&=ptFR-@uOGB|t<Ah^}apt8%yse5#mR<AS)?+9tscBPq
z$H(Y?+sx|v$Iox1SRv;?+a{d^sUlrIc|bO;F)&6cJ6SY6GIdX;kPV`(!SE3R<+<B~
zlWKWObua%<Q1n*e0Gd$#;c9kcsC+$31N_h4wb;(Oio;w^6%1d+YR3*(hnIcXKc%M7
zbz^oY&^-yYF#I8K^}F4DF%yz#!Bf8NeDBS%@CBf%Ld9K$X0#=P0C)X(x9E#(ST2Ku
z1VPRwk+Js1d(6(My!G!%ZaS_ySIZJEmY=>@!tpbew-h28Q6J#oG+5g4Etan9II^>R
zo<#oj;pz&r666zaD9dpv3p*f2Di()f`maxaoKWB2p%x-)kv95;A#Pb3YjA2`18bCk
z%eR`NPh6>oLF@;LZ5^+pNvH(#3Y*eeM)v<*<J;7$gNW(|C~!12J*MKfPfO_C9T_Or
zgEBmT49Nvu{;JGX$va!CBnRrV$ogJmYgUwM=6d@z(p*)9x@aTfIOO&qI?jmTDWC|T
zs9-H-W3+IG6s$Y`1)kfm@64Ee&-thsxk2&^+#Y92Z6yidqu5yNlG0lg>KLMr5j-TG
z@d(O;Rm)KEB=h`mUS^VJ%X>N0)6PCl1X@*y$ab!$FMl$3H!H!?Z9aR}Xn+!MiteXs
zRU_A`HBqKAHYt+moUv|^Ona6q*UAS8T1nggkmKTeXJYl(1^IKG<>U`V#X#@so3A*t
z`<t*h@Fcy>EH0Hd`J<i(Pidi#3PV}FbXSH5)^^1_E%B}f>?iNQ7Xxc3eUC(fx8!5*
z-ZSWl?#wS=W(b_0vC;1vy>cmI>zIZExZQ#vnqTD5CxwLrdHU8LF3+)0-YR>D&4n80
z=Oc=1zta}8`Q-9h%~td-OW5QsmIx@Kpl18H;o?NuOZd$uSHwHUQV*?@09Eq=EAr%I
z|BZpd!7$O$(>n1NT`N-R*%<nVbS7rOYCuR2_7^=0(b7s)KMB2KS5qpL5)kDv+u2A;
zz3!e(5Ks;9vw-{w<8yMs`LFzG-m2%uOr<0z3n={<k^*Qss^<<g^Gj&`W#jC-5uyDk
zEaV%gB35dg<8AIkUV)C6j1_wQp*E#eYTEhh$!S8eZqJpgT@3Se;s)F)<$Jq@5v*rl
z=<P|2z5?b<Idbu&M7|zbp^keiZ(9o#vE$hzH4YW63<N&I4y3Us|5z_CWNhWp68^DX
zhOtMpnu&gG2lh_a`9WM@AmMJTyH&W#x$f5Q-wiYKy;rXe``DjCQCD_{Icy}SLpW3p
zO~v!NwfkV-G=sYjzE=W53BlgH^t+<)r^%-$*XMg;CE@d;``r?REVVkGRS_uouBl62
zUv!5UTH~LbW*b0AKI~ucB*VU*LZEU`dM{bw3<KL-yfo(1*EvU$W2Tf9sf)#bE(N-h
z)!r3;?|~f-IAnGB6HUB^qQ7&qr8Z1Q=Yse$#&xXFY-b0MKC>x8l!NL2g7sf5Fkt=8
zJD-C+X5DHLz+$t|&m<l#3s807Q)Gy)a4?!#{$1r)VrwVyz^PqDgGE(x)ycY1D;lam
zj|IUG+5ZXbqaf=m5`{<1-gKdDb~mE#4Yj+=a`@-;#1S#WMOUcuIZOhBs{VbN@9bH`
zMf`<&spCs`Y#@zrGotLiPrUvk_h5%$txL}iG9TgoX<FrGYw`ZZzS!;c`KDk2YfP`9
zrAdT3uS^BN59}gx`f^W)Vq7<mhE7YotX}@cw}tmT?97!1RE5bvmQwgs%bHX!>XNSZ
zA|@*|kHCf0K(>5-bCDGS7@c%38XSQt!(QMll;+Ih+5+N2T=YrBU+c4zvs(%SIG0<M
z>W$rE#=t$vmcn$Dtmtt_a5Bd}vrFP`x;)wLg)k3PcjvQCLjN{qC}CkiP%1a$XsGCn
z3zg)a@6hMu+R{7W#B1@O?O;~Io9m#IbXOgoV^DAafDh7)PLy4EH|#pLK_Z~<0}75|
zB`%trD^fp`(hF{5)oA!1-|g=x^K#RXT6h)t&C5M@=*ySCc72b_B<BbT`xN~4p5FZu
zYFv*S!iD#?pp!Gb9Zvd4s=Z^sJO4Zue{RXv;z=w1s=ZykmH&*64(NCV>WRFel4;~n
z(S$73552P9|0t?j5F(vQe5y@S<z7$QNU0csQYJf^9d?gSF>H*Oj$CowknQD>RgZ_)
zB&e#uAjEYZgEutmky|4f_dI2|i^O1!2910I@ADY|+#9X79;yXB`9AFr$h-Z_s`z$F
z)sq-(Wab7V*&vEHPhSP3-eM`Humg`8=aPo}2q!*N@_BenZTt3dAA_T3%}zc9AePkK
zv_%R}g!(b4MlSZ<&F)(fmYKcEoMjHx*{o4|xCf09BHyh3yn7LR9BT11QMLt%1x03m
z8p;CiVSjm&^WTwN+GfT8eoMn--x*+t5?SG~u>(4$cDLua)609bMZ%DsZNwXcTd(YH
zMVW}197Ti!i9?lVsOZfxc4h&S>u2xoV}{X1FUn*<LR7x?6(Z*APh=po0>0?cdhN?s
zTdO(TqPt`gbEe1%*wYal8eRb@0D9+3$`Lh4PrEIRd69uR53B(%So^rY;$m}X813<d
zg1$mz8bnv-PzE`7^zhN_{kIi@7-r!Jf%keQ-+H?C*=G4Qz>Cq>razkApD}>}4+RDD
z^&h;Lr|>_?hr)VI!<n?r$YG&cmCY>gxljFdv8tYo{!)^LAin38r?*Arq*~6Ye`^S1
zkAXewdJ-9ChdQF0nmexhj?Qn?6RnXd$Vj$>3`-B+wEpo>!h!v-u9wm!^0TB`cLF%l
zc4k*Ccv*R-&w%Dq;p!X!KXQvZUB54cp$^;t;sMe3#SgJBo*hF8xo<9wJ=dtz;f09i
zm2x<}&|6bo{$pIodIa{$AgBQyn8CHF@ERwjoFTmbI>@TS?tUlK>zI}A`5M~aZwMcG
z3M$z?wz=}m%3}o~R&af5u29iZe&Su#T<9I~Q~o8d=TDvI_b?c}X?;{^XXyr8SrkW=
z=<PSRy;4$`cp}P)xh-#R@)$xV`kK0S*3lc>?+slJ-i{+OAtsY{pV<exC~ykAqJUNd
z%9jHzEvRC*U^QkabWb|G8}OM`^>9&r{G(#U4p=vpFRlqj{098{qrY{WHYe99HS^{<
z$;YX`_d{-5js3$~p4~agEvVo*_a_V#UEi4F8HQ4ZD7nD?ZT1bFhm4XL*mfO^YXx#`
zJRX{kXq3@u+HWC0QpIcMHs4|_dDa=j*#v4t$FcfQ(6w&o`4|&3M|a~3DfM^8de_fe
zC!ERHxcR0mAv?HN$7E8S=Q`A^DOlW-I}R6rLtX?D6aVs%lNSc#LLaUwq`h;Yirj)3
zd_R2>_R<cBb*sdW&dcw#u$4>?3%rz6#PFv_o(=dgc4O#_nf)1Um@>DMK^7;oK(}tB
z_#@GGuW7F-g8+|x@F^|wWLEm;LPVs*sU-+B<C5op=PrUu{x^3KG6cAbv6c9|rA62&
zkBn9pxkFB;yZDo60+#S)$^b#ct~t}-Q|-_S$PD5Zs7x6QlDnxFX<pz&!f)a49PWxR
zhsDqTRvuFBRjFESl_&SWEnQ=KdLr$t4!*i>velY;VoF}p!1ZSh-Lmg|VvH(h?t#uE
zsrooOd9f6{j$wu1oZc;yo-;fB#@DPT8Ae4Vm5b>VSUq>4sP_A_arOvVYK<?l`OWzo
zI!erHK*#P3Wc*Q~21-QADco$N1U_ZZ6UcOcZtjN8tk{o@{RY=<Ok5fWGviUD0w$JP
zs7C2LdmG$#NrcJ;ixPdwbY^Z!<3{v9{ZrzVt(NQIUqsnQY+s1SIR36~M!nAX96rbg
z3{HdGx$P|39M8DREl@>9@0MC%aQaWAB8;>YXQZuBnyCGLuXbB;zqNwPPIH}pq@TKp
z2P`;XMtgH>n<>xjbBZ3nfRfi`uXm<*dO<&|qKA#r|5tNo9uM{U|NT)(4I+({y;8O;
z$x=cTiON0{hJ><HjC~7ZE3{bJ?AgXLNR|<zNLp;!$yWA#-`($zb2?w={@v?8_v4;F
zPJf)5VdgWR>$+ac^SyXh^{~DPGvzA>@7w=49<6&#IlIzEs<757JP{TwmGSE;tA@Gh
zLyR`1_5(C63c;Ie^_gS}O&3QUBbzo6CXHXp?ws~KdGQ|ZV};YN4(;ZnCx|<IwfONY
zXH9Td!z;RzuVA~DlSP%NTVP|ob2p9MeX46DJ71z54YO!9c6172dEum0506iiUBw0I
zL%k_YQvP%t6BQhUdP(!Hgz_-?7oz63Bz`(4&W|*G!S0#P>#TghRJ;mGi$j5KY4e9h
zGXI|5PfXa{`MC~3a^@Vnq)lgGA^tK}J%6uv&2c#C2$jrfC{s}5S94$!le2|;J$s?t
z&rWQw;r+hncQz*2Q;yzfIbw>HtC)>{pzz>eavs|p8Kbp#wmj1GOJtE;M@>PxYhZrP
z1tD~vGo?U_Q$fPu!6XYMxOrLqN>$H#5Y>RTHCskM%D@$ice@fRsv`wlJl1!{c&3U=
zm!wH&-}KaPdWbDDbpNpK<c2np+Gy=7ym{$ajr{1Bs4^e5*&pu!s|)vy=Xsmwr<aW3
zq6?EDS9hIQJrWc6Q^Ei$Dn053yx_CghTz6&OkO|*wF9bblPZ{?%{45O+$)+(Cp4Qv
zdf7&=2iQhhzoo?q#0~{7n~cYl_WyKTwVjPF#5(a4cPA0mm}@^D<9uV)n*AL~q!eaF
zpu&Yb&i{OC8HICfQ(f|;F+pK{)D!|CY5561{y4B*%oFscoClPO4-XkhyUu09wsBx1
zvihDcneQ;1(OEdalddf^huX;qJAa+pA%Rth^*EK&NiTw{As{>!XPT+|wnoxnh+a<!
z-a4-Y&d*z^SWD?O(UI@+<CU5DkFBJeJX>&1zdN*bIk5eg^S@C)F}s1{G-vB{hIY;v
z;ArmR5_rxCyZ+!|Itgp-b4yJg*{+m_0Cu-&he&5}-1|DC54W1Qkf9ChD~nF!%#*_|
zUO;2%QJ3Oqb%qjXS0;~p9GbyYsoW3QQ-vpF8CB%1O|9@hIvPYYffI`4qOaYjh4H(+
z2e3z6mTJB7;c#3PBcwY42W0#4-rszzr|$OcVu~DUf2&vbLK4eg-_1)Nf56}7I%0eF
zPc@R7j|KZq?YTCtX^;wM&MDcNQRhdNp6+)Xa~2quO9rL6390eERH-e>y+dj(H<MPR
zN(KA9Jfv)0qM&FRj!X9a)EdaO;G%WH0NRUg-u`_C`^8Laezi*Fzsr7}PJC29cf$oh
zE}yb`!aQYmKF=7@3C$t74-e^dpuFWB9{ZM-$-tU4R-DQKIMZsvUfHwiVv=|TdTH@w
zqnXJQ$4g}Q%2vJ}IUGR8;dnp5$7~I(EF6|vwU<`9h3>_r*#|1z_2$J6!+kqwncbb`
zYU}OA!i2lC1_>#uRb|Oj^f4)Pntq?)M43Ckza(bJ9<5tDG}=NRW2+QJiFy*TnrwHb
zFg6mSRu{A(jJ3J^!&J#Z7aIy`1Al5udEPU1W!++Mg^zr{c!d7jo%#v|Kv(^^-g8W{
zWXB$~JkQC#sQCBqAC>!BK_Svc<}=reGM?~1p3maSnmZKU8={;Fs0FLng%2IpnLoO=
z@&V#VI`<z;**|&f=ILH|k6^I)s53v?yohuWdoE%2a-KA1W6QisTyjx}HLP>InwK%O
zVE%KBW_8?euef!)mX0+SxfGGMkVo9DFaNfV)Q8o*)p1Upb{}Z7UMSp6BfcT;cz)LY
zb`HNX3Kg1#sJ?oHJdKEja@x2vPY5@+o(29RTN$;loEDpN9k!2k8t!nyd<*p`=y-UG
zs=w;Fr0W#11JeT48T&HP@du+j{?Uu$M0redOg=wx$5~<S)VU*C@a<!T_a7!t7>W9&
zjbiXdjU=y4zph_@UI_lQ%d5kpMP6KBMhINeZVS5vTyEDEbs&+Wzd32}mxf;_z-yvX
z-vu{fVFd0!|NJ#0sKnmE#53iz<bO@J{{I*$7l#=Ks5@j$Z{N6a<2bu0$2U6Id2QFR
zlQO_7f{7HmuuL1~P)QrkQlL!4x9Q=syypg<8IM6)y8sv>Om20vVzCX-$11#~Gt-)H
z{SpGYHQFQtwmi%=rC3AlJQ-b~Ohct53;y;h!ZHY{<8X_+X08h@A?ky>1W+Q|>8PBv
zNem2iL7rqiB@UUda<V&9^|vaVQO}WZHv2zsz1pe&@I%=NT)XMmtr8W(@?l-vm8p<2
zLigemgzs^bp*#X95Cm=puM4ux@^#Fr6y7eg14SM3vpjs6jlZJ|ZBF0*YWGEe_(Y~G
zBekz8PR@6%oQmUQeRl>ArUB^(jek6#`fz=Htve4&I}^=Un)k)^o&8VbyHb6dA&N>$
z$`fQhQK;^)O9FB2I8Xm~PKE68ge>e2wg8`<MrbD!Q`5@b*HZFLaGCNcE&T~<*N?8P
z$>U0qXlK4~S!l7-q$BBzYLrz;;_MIm3M0;LoRR~Jxj_&)S^ZEF$eK2#o-c;-r)Ft{
zoZuE%-YVq^jRCyXa6?jax{i><wS<;OHI6$U{j2B~@k(Vw74qZxHeD8ct&<NH_+=ke
zLqEz22`iWn*2YdIhxqe7sh^D!GGuovjV!k7tth1T*+ES_m}}czTKGFv#J_^U2vTKl
zS!@c+vDtMF=v%Ll)4im^nWZ>8dFT%6n^n}#zOw(G1FP-%XB8RB5qw$W(6I=lb}*C9
zW96uu0@d~otUv{@EbbPV799r#Ze+sJQ#W}44@H(%q`p*ahHHWaR%cOCtn10~D}8)P
zQX5PCHZPZ!hwu+s&*oOgA4V}!Z~HdJF=*1uac?$xC>6e>r#!No<`BJ9u+E#?*Cc*w
zn(m?8hpD=(Ft@Cm6-k=%r!(crwu7~^l9DNpmB59G+|!X~{uHSJ=FICXUFZr<btPOl
zlCaG8DnU)Y@Z~|u6IG#XEK)U%5QJxHn5tzIm>qjl>$vz~9Gz|E`I(#m_q8pd?46!a
zeIDpwIgtW-<WFfU5TNfLXe8q;7bSE-JSj!<p&F>R{m`5tybk*(B#%jPr9a!BoJ{}~
zY#03izbaRPBM1AIA&O?Qg=D`nh0oBe0wX^IL8M~s9{jwTs0&69gz@JR9I@Z&4G&-J
z4NHX&pK@_V)Z#}qLDZdIfuz(Mh!od=B~E<d?;}({=;rzE0$2Ub0K-e_@;i^V!#Dxw
zTcsnMsD|xtBWFmOuHWRsG09Z2yd37TT5Cco#$eAZg^!j(EXP4wQyxhA@t|$|ikYS{
z)oN<Tu7)*Dn3w8i4X7X5bakgkyhtRXT%1j~z+GBF;ImB?QFLgFnKVd>Yth311xVR$
zGEm<7-!B^XMDy|yU5dnaOPoGraflm7fF1aqk`p7Zjtw&DDhL<H)?a^fJA~TWY#IKK
zV>zwi-HW3Mdf0Dj=TI1?ZEtAYlVI)0z+mk%9)Z&I$Ju81U?f{lIEvWb?p+Tt0XvR-
zCS#QHWJ*U5W=4^(PIncj;>4|5d-!a*Miwe(vF91SbyJ;3d2jb2gLvzD_^<dOcTT*f
z#zA+TV@62xr2u_yNl-r_LN+f{x1~>w(*(YGS#D2-1+I)9ND{=(y@Fd!8`4<@cMLy{
zew=69{WIUHt<Q&v67SnL_;_gELOM?-C>(opw``^S_UypN+&6D<rVpSJU6k$5V<HS)
zqjVrhy6Lyy{`SK3>4|G-_UF`rbFjAurq?CQhSy3N4Am6`YFrd=0=`iar2Ws*f_wx4
zxN0qZchd%c)68Q>+_I^mJ(<2lb2A*|HFq-cOk*6ED}_9JCsxs{L1ygGwk)B3>1Rla
zB;n6OJKHx>N(S>JV+Y#%>%V_GjNmgVm)vxkc)JVQ+L7s)`eG;B;-$U^zG=!WU=eg?
zMkax^vM&oMVPxTK3VU}m@u&-5Xhfuco3eFB7U7$+!V2|>dEh!XwEtzwZi28s&0&VC
z`&F^xP^}!U!1PY&K6%TXz*z%g?a&1t&*$hkFgK);wC_#gG3ZGR@wp7y)@AAyTz|G(
zcA(~e!;<BbmaLa?p1R2*?V5Ma+)$rb6X$X@R;HxRPWHxO37c2x8*w)k3%@X+WN!g=
z!LEQs!p5N>Ew1mM%>_!WrgW)~+G$4RNNC?a*U|w^gS>qs74lsK`gWi<{Hsu93ekhd
zkUaj5m)7W%t8H<wdBNw_>Ckv>0bKUo0s|9t95S8w*e4*N=j}k%?AU(!V$$@ULL0TU
z_d~!HDKi<<u4~GPmqPUMVer1{!kZ0nQCN`jK#+a_p;NW0+<V<qbX1G~INsi9A#QH&
zLLHHSd;4@VCGozB;7h;qvCG|x@1Xhqliq=~^naO@*=AVF?yg>5WLlWqWZ%dB*DG=2
z=)t6g3#JR{Bp}@yYhc8VL+z~mS?=$sVyGC&U0I$Pee=ICZI9b8Ww$Lcu39y{JPXJE
zb5r$-j!;F(En4hm$@{2@&}55^s(bF|TMnwUY_#2pZTr=IEjR?uCuL+uTj0tTE?aE;
zwIhg7huJp{eR|yQ8RPcQNxEb`9Ws@hWfO6JG(XzijX+sLIJ{mW)u!_65GGKh_mp+1
zllwg-X9oX1?r3ZN<mqDDbt>`ow#D%}ubSkMDg<pQ?e=pYJ6o^s;d@BQN7#Dh>K2P~
z_0##79N763FXZ%Bb<CK0J@AOtzHU6-r#MEw?>n}{ET+E|2S&-7KHbkKfy^{uN|^G!
zz!)`OE%;QK9<T$Y#SmjpDwckM9KBSfmct?4z8IG@(_Z4HV<)sub6D~Rw0K%9nlldP
z^_VsM<HFt>B<ZR+nBF@|iTll3TJfAe^8VVYPVNXwHd*bz5?>90_^OUX!v%B)HU-9f
z4+D6IEsr%`?bAYw!5cUZ1Fz8jmFLRvg8I~rq%G4mlpqD0J&zN!9*jJC3hS9LSI9f~
z$gyH&^=vt#P&nnYzqPrF(%Sc}_RO(~5jhl(V089MTP-OF_k69tb5iKQiO!fgZ{6JV
zSNJJ6s9`y_j1_meBTX<wc|NDUTkDdfn#bRu-C~bhH9v;)=YMA|lW(I$g8rhih9Fed
z;t_utO?K#wc6PT%k-aZHTPOkt?Z#-cwQuB);nS+|p>Q)0GNX9(Ij{CS+^Witp-huf
z!Loo@#VHdLyNifcY298}zcAL;&#nrA0e`x(CIi>u<1G=vWUakA!1UrN?V^Kf7V|^t
z27xPpZ7p;mCMY_vlQ}#~BbjJJ<)aRaHz&nSd+H}BA9eNEILpj{KbFvvxKQG@NXGM<
z>1H}PGt&kcsPYBp>Q8sHt1|uE?b+FS%Gl~lBvS^YyKR^SE_QHAs%}aqj7|(5*kDOn
zc|pBefH~+Xu;nv$PjzEQ4;XkRET7P=ZA#ZJLQKX->=+aX+9{M_U%y*8MPf<X(vFn(
zp6$y%POiDZ{l(z|89GLeK*S)6<LcL-yU<=d`L3URXGF*a6+_bMd~486e2E=US|>h=
z=qw&RKuEWCPQu~)%g;;q>|jBkQXIA)wQMRKm>3N<@WPYmt_;tnSv2wGBhuFOSaY!3
za$V;~+kjJH1hrN5vC}lN12Yuar(ygC62lFi(K`TN8Aipb-4d@I$0Z$MGTE-MuWYR3
z(X4aUz%<p5;<IkgyE`s<Ba5@@Sx*10u1u+Sc8?MF&he;zmu{-t1H|+Ld`#hVy$hm6
zG?%Wld65@j@Z2Y#U6Ok_aNjpKCg*KlVZ>$jbI>5Q#Dc4v??9#1CB^7e?V$UKG<eoF
zL*7_s4G$(a+9NzNS{6xB!KrMAVFmy(<E%WtM3S<*iXDrsHCWRGbw<<Yzkl!A=h@bq
zWxLjG1maWkyXC_+C88n34EHh*w}MyD9^`zcXHYFS%C>L18o@H;m40Cn(D{-IeF&?f
zpbdY6T(2ue|6|)vF8*)ZZ*#Hv-JQV=T;$qsp)9uJDZXDfyx;f>2)(0!c*^NK0J;_j
z$5UvdVt=?NB(;eNc48mIb`vA`yJp3NydvD?Mk(TEc!v1ypr-T6tXz!Vh@DSV=nU$C
zC|_%D=jNH~Ay+Y3`MnXhn`k|_v8E|sNQENcxvh`9)iL}QZIgBlr1RojClC}Du20yS
zY_4N#o22HV9e)M(PMo$jp0E|Al+5#5xi=Ahk4hwJQX}n5lM8b9j1#G@?(tW7Mnd=*
zJ42zI9@jKhDWI2O+nwI|*-MpsjPX*P(#%xQJSZN;s7j#NzRVtxdlnmz+%hZw1$$Yp
z7e(0htF0+L6ELW-OZ(PoylezHi9z@TAG^Td!4BYp@J_tt8><7vX)$n9b87Y_OkHq}
zaaD12q|+&>Af@o^i7#&y*L-#hB1+2_Xwoj57U`;H+Co&gFEaB}yI{KvCF0uQuHTs*
zxF&bSKsNDTpwb2PJ)eYh!rpdCWhUmQFO82KUn#&Oc^v?cj{S7<`(Y^@EwN<;VNUCx
zIle|duwEi&D{zrSc|2ujqhxP?F>9UN;EgvESD9Z->2R#fJdHBkXuNrK<i~t@C>yD0
z&=4%x&Y)z(_?cUT?6!V{cVp@Lc-(PSIi0hkZ!UJpNr75<QZ1SP1?&qg@uN-lVfSl(
zz3H69PnN94h^2CDmR#oce{*jW^oXlZQ-M*3K>hxhc9hzcsoEuEL`uBXIHYWd!;*vp
zc3>@9{xa`g^C{t`5~*>E2E@OeJ0k@SliiOFuem8LPP9Q|E|Is*_8NSYS|<-5?wsQO
z%J^ze01VO7=U)8aAY#b9ihm-d+&FSp^0OiR`LLmP_@g)@lvkg0yT=tRqy9upoZ6!c
z_k+!ZWdX@>TFd$<YiFJ0GT#9MkRbKlj7YPupE3`mn>{9KMW(l8wvcKL8*RMB9AvH+
z2LprPxMta$KiOIICVC;W(F#DKIyUC7lIx|!Y|Hd1l`1w3KGte7UaROhRbQ4QjI~g2
zdID|@=Fq#nv!ngPr4@>vZItUJ>t$l$4^>=8Q1=pizeBFUKJ0^o><yiL;$V5pJpfkH
z_q(;cXtp8kmfZ$Oe`N)&(_HTsL}%+l!2LdnBfpxgU;%T@akhRA_-H{d=}?@fj}zg`
zk~iXCI?Cr9|0rkkVSV<k<$DrKBZtsNfEN{TZr<NJS#9)!MB>5^HD1(CQf_JudVQ&U
z(TtFdGTB|Cdh)t(Z5AMJ3856MY=rgZU3LybhpqvS=p;XX`bXb^M94{s=s=8Ki!t%q
z=w#LI=ppT><Mjsy>Y?EEbUCQKGWN_O_uA8XXKd(DXPR-RYaU>b`p6`;Gx8L4_|JFi
z3Fm8CLX`gV5y&%83W#pnEuKpFWD%xu{U&Uwj7f@Jju7kk;sFd9=rVlSYpV#+u!nn-
z`JPn>$z=5T?rYzN_Fd`;ptD#SPyQY3!xiK=IDC9n;@HTH{N{-djMp{xub;En7$H~A
zdfA4v;Rv8B80eI?Z5GZ`r5vcI`w2jccBJx$kJZo`xuZq(u4L;%PpTu7tz6F|t=34U
z>Hp4nYB+LBY0Z7E)Zv2=Ddh)j6AFEZ*3QS%$nmu?b`dn^9malqrUi%9p|{V3(Hem=
zPE3}xFUx#zciJ1or$kYGawWw5PaDgy2Nh?6Udi0sGjy+MpgHR;U{x4FN&4^!eADN=
z$9!0jGyo*lNUg%2Yt~At#3)Am?;KbusxkvWp=BFMR*&$5nh!pnL0$G@`5ulvJXUM<
zuY>oaV^Yz6UTpty-C8()dV1F72Wh_u)WFhpONaRE8#$p6aSBtTRyJUvsdn-HV;{cT
z;r<n5N8T(GIkxc7mHE+*@U+JMeJYkijf*2UgPkRNGNv~y7N6`oQxQyNM>WKzzp77r
znx64=1pA#-Iuq;$aF>`t8->X$#JWU5P4Ak4*3NDe-_DXdw(gYYqScz6<n}on*}{49
zn>U4MagF3(;r5U5+E^|m-b<(z#753`9XE^ZgvNeO?VG`7nL(SkLOU;ewWrK`EQBf@
zxYd0J-|h7Y3v6mrp*6h&@9Ukup8C`}{fT3;;!7ploclL!9CBjLDp}Co$|^>#x#OQ~
z>1zWM1)#^l@_8`t^(Dx*rE8v1>`w_1l+f?}NP1~Ng$hr4IL4R6!+_PC`jLG1MKUMl
zw`2RUM$UboQ}pS<^Zb!?>AF$Bv|-NC8%*35s#?Pd!o<0FQ;TIt5K5Z~xRv%1NZ#tK
zrC;bv9Pvhpf*P0wH8*hba4&Z-j%<7kkVWg+$YF0V6pf6;7FnkdS&%(fUZlR9m+hu4
z<MG6upJG|pJ~|%k=fkh>(XP8tQQHzF8SOpq&^Pp-+L6dbqRv@GRh69)(F<&BKN=!7
zj8@j*@b?$cmZCwA4<Nr!w7M=woI8RU$+v_~(RlJpo6zElpN1|ZK@GSD$=JocFMd*D
zsMAC#IZI&l<l+Y*+rrPxqD%g(>lxFq5dPY8kktbn&-0LBpF42Kuq!?Oq`E2KqtfYy
zsx|F~cmXA^89SwVWdKZByWGxr#i*ZAN)2TMYJ3*;BjM<3o#hNW*(2D`<bAy9XoeU%
z+)3R$;UxNp`7VVlho-w8oYc$zN;`725{$8G&;@>x8}<g=MeAlkb-7kRnK249^;QTh
z=`#r>G5)NZVdSju79+>36c8s|)kGxiI)U1FSBJU=_6!Fc&&J7C^@j<BQs4Fyvu^m|
zIM%wqc$+B}6XU#=Q|QqN=o<H;tr8V)C(xR6k*aq@^kVR74$h}TXfNFG<Q2KqT0{J?
zkDqUv1cyPWTQYV<%q>GT@j^gAmX#T{)cv7{y0U_V7KNZXW8u_ZT@GQIMyF0>UP7s$
zhG;Zw0z`iX02e}bI=l*2q0~LD3uESRe$GS0Sb-$f*=CWv3=@a@)u7^8eGJ?W_j47M
z&=Sbiz^0vtEkdR+e&irxKXJFVkPJEU2C&hGAR)$*VvbIj2J!!k1YNYgPSi0Ot?2-_
ziMzA&?!vzk9tb&xQM1Heo&?<Q_!iW204mxY*qc-R4=Sj{;g`Sb#E<4k^^w1!A$$a?
zN9iI7^K^|fA3B-?%o(ts)vg=Q6S4WnoK^`RxJPdNLeQJyzdiQ^d^q!ucV*#bQOtKT
zzRXrVO*e=<9kfx*lVviR=5<;#dF|&5F<bV$IANmmse2!%uBU0!+E3Q5E@t}Hp|ANB
zpJ>hLfBSlUx^$sE-O+l}veUu!dxW%G<vygN^nKl_=S#)Ujh7vrOMqrCnx^C(aYbD|
z&$pA~=O_HzX=v6x_%T?fV$<dRC36C8dY+?Xa7ei-;VV@&*Gk5Zh>Z>O#?avDM|(rh
zFB}?O8Mknp9&XZP{%)gH8TuI=Lj$pGUGueO0N1{+*BORMqX))D+7rCWEHhw{BKLwV
zC=M0q@M82~5r@?DZ2B0*)k&{ftm71;kPHM3B@E9Sls`fM%05R3A*%ATF^sQ1w#=;A
zW3d;;6*BXW=*Acn`!IWY5?A7_wVJik`e62gzK(!r8?%;a0*n$a*HYXe;prBTuDhgs
zoR|=A!EBK0SigqE=ddkPUw$lT&4<E(27ZmVA;Ou);7HkxrqQb^nM=>x9)0I=X>g<X
zrLa-LD0(-6+OVF9y+Vg}#54Eq%HvVeuB$&H<mMFZmTE3~5qfQHV(F=G`VBH+>)`G4
zs&A+d%2Ek!Se2bCd2d+G8pA~OORY`e{A3$9Abby@S7>SC9590gC%kJe;@lAJ-Cw>d
zeaS|)q7i1;G-e4%t^-k~Ke;h3zab8fWfC4iS6#`oam`qePZ(vwZT?LOMC;$_W(=7;
zs8E2UT%ld5OEM_wbQjxz1;Bn*`G-fap-RGCRL@^i&mJXfHJJiH1(`bWI~%%Ge?5kk
zyRhN@7tc~<YDbgH6B`l_YyciVzdlhhDz%s{dagw(Sv7WoJRaC^??;m&R2BQlvw`JJ
zI9C+vNT-s#oR)@}90etTN|a;s9h}tKPN>FM0StyW`<fgf$M{oKWc&i?M;%Mk{l=q7
zE{NO@*#7cX%jSFCuA`Z)YYfw0h9Edl%=pa`$X_}0^VWSS)3wxPj@BduKLR7yM+EnT
z=0o}Zm|@4m!>2o?xX7LIqmilCdf{Uz``Hy%+AL3^l)b&hzQH<OO-tz8{fNT7K(bfx
z=AT~@g=xKBXcvF&xybQ@taX_?XyB%t1E3x<#Gmhw^$4fjr(_$4T?F*1V!hN>aZX)~
zO!8{KgJAJ39vLu|JF=G}oL)e$cW;Rdfww~I@do5i_kim8geNY3JnsD^^Tq|q!B_Tu
z`6)bgIS|ojqS<T9j|x0mNb!0<e(!;agO?1v*6}Twp=49uR6VvoKb6|@NyF04?=UaZ
z5;H8RgynUwyHHLAO0!?!ZkjnM=`vw3R`5-d$o(`gTw1_(@@Gjt7$0%R!!BUz(Hy-k
zdIuRObufKu&k}*!1ng5T7%z4C7%>%)<W^hF?!UicXULcTQRVJxP0QgTkZc?!e{OE>
zt&8B(=ri#o^!V<eS4heZh>aZ}{SH4~5@Sg!5zqe$v94XleY|y#uil`%f^k+irNy?^
zxdvZgMVBBPN$K6*Cg9ka%QK2034Xn@UQoj!R^juXN=zTn%$fmw`O0pO(|HZGo+DSg
zLh@iA07tmN3mh+0;SNlDNSO0k!kqaHAfmtUH(Z3@o6=a*3HXdK0x_1)a%n=tU4l1=
z=!KHSY*Q#Xck&9`^#yU0i7cgP`J>Q{wvqV>NX)q3dniQ`#vzISD4lD%`dHYnQQf4I
zJUqE}y%(5%?4i2$L}^aa9s5}818?R2iBN@JTD(&?Y)fvQL~(8J%~h)rcf<=`1xcPh
z?^lZQLA0n}@$wYdRm`Ir3Ze#b^pqDWBDgSGYHx#b<LU@JHyQHXfmmzsPM&np2p#kt
zl56-Ph6%ynz)rjy@q<Oo0`rj4``31d^Dq%V+MGrG6jGi=HH?U!fLlC<KEvaE7sg%{
z_f)=CdI~^fK3wX{2*klMJF8K7kx_VUO_T(Jd>eRHo&6019}W`ddIhd$zrPg9dRQtr
zB~Ez>pJ7na?m9nWiUe=O%p17O1lT#gU)HV!tm<-5dS3i^BM9YWC5lH3+wD|lP46QJ
zfpw@k^Ch(w&l$v+x)H`Mt*^uG`L2SVSk>!Gi58Ut-$l@_Cq?~Ge+(>x5yvVJUA+Yx
z9BYV-nP2Fzb)tBj8;5^+%J@>}s8%I4KKe<Z?P8-Nz)pVKXltCZ>yd3?d%za~r{lB=
z|NN-P^zogjwCex8aQ^uGU&6UV5T8_P0%72k$BKi_aJ<yeTb`-7k^M=G?$svHz8X1B
zREDBzU>u{Y>An9nM*k%_CyfCT-Hv+_<IXb?H)tvI+Z@iz`EVYw1e#!-j}Ihl%JFAm
z2aV#yZZGI*EYvG<0LyG#KZ<K>yE|xhJ^SW;mI|$DV}yqWMApdEdzVe)v%i5spkE+r
zC4^GgUJ<*@&sdTk?(q6i72^5AcLl9GlK}~v_5xcDsS8KZR;et{5yC9w;D?V=rvCbW
z=Jfv`a)AHm{Wv2egV3P;s%JMY>Ca6L`Sbr&+yDFD{JV^nWCq$Tn6wfw-I;GXZrRKe
z<^5G*n?uE8DrWH`8$6EoQjgVOqzeW|?l%bP`OibS?bIh$V*sPRYeGgCA%!wlTIz!*
zv$ZpI+u(cea}f3?+ehnNzF2xC652VG0w`~XfB8+n{<Wh7Bs5{0Ik(NG*m`M`LWHHO
zt*vbp=txSK9&uFYA~~1xM^4Q`CSkk^mho>8EM{~Y^8hZDBUFXRa*M~MG9%NM{XQv1
zC7RE(qEb)(>uzz?C<rm~;1@-@FB95Fg6*7-DwhX+k3Oddt3#K)C|pT=hxDYNQuGFL
zqm|zPPdI@Ddb#w!gY9jG(2kkV6y8_2zk}6k=<^5zF!}29Tkt+QT9erT2bl@bJI9I6
z;r4{TEpn#_;dh`%7RMKY8DI{r$@0W^BdkxkRrA5yy<Qt5?W=9yNOMT|JrttY^R^N%
z|ExMF6CMJ`)=~$pSxAF33Shpf$sT)*Y#D%UWC6VpT3zJ{aO&@3#ia<BFzmws?uEbD
zXr@b0slXM0tpMxkpHCEJ!imju2DB;=8*XU7wZOu~5ljo)pu6P{O(3W^PBd^Bsw=-{
z$lMjlL&K0Ps0Zg6jNT>Zp{8^lVMdgR%=Ww9ZkBV78Ei7{XL{);61c8ng(k?Of=pQu
z6icVpN$m)4$nvhwHNB$KbgZ5%a3hzixr7>JBJ!_i&{*mNFU$ceq2-Zy2J=eI8z{OU
z&bNPke%kkx3$iHn7}TeY1n{u#Kt&whzJ^_dpZYUCA{XxGaY@cdSsF^Jjwg2|)F}We
z4goimV_fdtyQi_we#zzgO9=>_F`%k<{e4Tie2hwFwIZ_gULCvFa(}qL*tzp>h4xXY
zB4(l5FtS2J_~0h^uDNivQDzR1rNCm;Z+QRFhmzU~0-1opLx6=)lF5KfN!F79zPm#k
z;NBX~Hob!wrwx?M@L|-6%VzB8NT9d!nteNfliB*^FY}YiHpn=K-Y_e$n|u!<A5E%0
z(QE#YUjF)l)#=V?!oKq^H={gOVui+@W%PWmoSSR(dYitw5K60O;C$qe@r0*yXQsqv
z4Rj*ag_|M7@K^tlh2%mQUalWRo{;Co<70~8HEMT)y(+=<UF}RCay=v08(iVW{n%3%
zo6d;JJcnJ%$K)3KJJ64Y`V3vwi}|s((>A5Z{wa(RqZBcaVsjmXn*P#|jcm^(DZFbq
zk$KCW?aTkh3hK4PGnqh>|1Ch?+Kxv#0Q=bAOW<Mv?Hjm&c4Y=?*croIqh<(iiEO?^
z1r5c`WZZCSzb4UTMav=vttarP5-msFVs8u<cV`#St#O+voh)vf&hH6+I#wvebiN2-
z*>#owyzlGZ3Mg@wya9EdeiC#=mT|?ERSGFOYQ_-dy%Afg(~%W@&U)bMu((~%%|#Dg
zqY!ARU5}N~nO<jxH%1|0;*9c#KV$^;;d-Y&fLL|_;yF|4=?OW@`m`s1ua3Pifn}QQ
zjNSV#h(#fY_FxuDH9O<QtgiCJ+<6EX{qhW)q-H<z9QI=!2UKMg%yw2L@2o87bbne*
z={<ufSvgbBSnWz;7ID65^=^XOZL>isS1WlZ-_Gbg%}uMGv2`01CNKW#SX%53W6->A
z3>C`=NEG+n114?icprx$gG3fGm*bB`Br};`w(!F80O7RC`E`d?p46=A&i28Kt{Zm_
zw4+4y=iCHhzsa^4m+j>97b;z<h<?}TG_qxM??hEw!G#~U=SA#Y|7$O0p6>jDQU)Zm
zK@K7umMqrVBQTipoXW7Oh?wp?^TZI2&6lmBTP%*V_LnMVX8Th5J<t))7sCGTGq#P>
zL8iR`g1O(A9`0zs{i_yR_Mcj;!^%S!7!6p|eP54@#yUJ)g@^aYT~OL!g%EjM+N}cQ
zj&%LuG7@nIop<gBPbw`|^vQH$F`0`OHW#Zsr%{~truudlapwBS7Y4rA`Cv;UUbV4r
zdqP4Z4TonsY|0kCM@zOx3JA4=b=O%~3PU;suYDBaUelN6z8W_F3UT|ESB5KQADe5Y
zw3|xjTEk7Z8Pb?G%w_CBeujxLEYYMGCIf?9m*Hj47bcD7o-b^j$y1Iet=#!KloCcW
zj6i9~x<;yp^Ob79SaiO<GcI_B{PyHGomnbWkC__%Ro|4jO4zQNZ#DY93POL+(LID2
zZWC|Xqkr2t`4i0n#9mt{@|@Lg=giQ^I?P;j9h1*qi2u7;SV@TSzN&_l2~+c@Z%j<`
zM#S2vmB~FOwpw-NH;w#lN!&*=1g*i0Upmha#1Nk1{7B0i?pXH<!FN*$B6|sNN}g*2
z=l+<31e#T0%t^K~zF!R5f;k@o=%SqK+yN$o649&D?kq%DJ00^Z8^8S@CtfO2lb`e3
zOdve4f`N%PFOVsy-_2s2b|~QPrk1!&7)$H)BQu*|`5LZ3d95^ZShvp|&RMRFu`i%@
z_8Sx$*)aLr&12H5QleGOHM$s3Rl#!c-sJgL#q6}qqIR?O4nT#vjUbL$VjmjRE_M_+
zHCp0KVK!rtVU2AbM3ZwI@rxpG0E4WT^DV83Jl!lqp~Jx9vns*d8fuzV2K32za(&$V
zESe>D#Ia!}Pru&POfqwEtP^hllK~1BDu&*7TNi{B@D_P#Zn~FDz(%BsATdXN+qLG{
z9G5o&$p$!H+3WmT@oiwP&?y@&-KV>H;Cy}7zKX5`W-|4@?aWLQ#L8M*nA0?|{32?A
zmok$I75MXkg9wBz^W~`3iiWo+e6v`pRP{uEw(sj<{Nazx(NN%OuwY5>xJ0o`b?|Ee
zpt!`6_{3Mfue@J#$s&e#(+QRJDeLsz=r&gjJruL*wyM$cDSfN6$K#h(3iT~nQwaaz
z9#OxqFZZN^p*b-k;)U`2qh!bNgHj^rCf{)s(pUX8n~*v~ui!fYf^hVd$Fr7(RjFyO
znym>GbXtIPyiXTSr<S+71PeLEy;QNHo-pUoN>^GZ9*v!81;nT&e^z=HxgCPB{S%{N
zG;HEuv7u+i^-?O|j*5-E_1}3IeedDnbAmP{7(w;AkE9l;)@6V{Y}4WLf)wjy)UVm4
zvelu3qmianhh>Rk*x~+)lWER(zZ@LxSR}S~H<V3W0|Z3b{iT*n&QL=|^~;JK4D@W?
z&3j{uZ+DOHyP7`g^Or^EJf%uk`1*~|IhW<%=V_~6+tkJsz>?k4IZN8Cq@6%HZ8=1m
zdoFTUpwUK4$}Ay1>B$Zk#<y(mfK@>iM-kd;2jadd=<F7apo}C>y^2`<2ep^je(4#p
zc?qpX#_Gri5nFlkGA1)tCYZDMk|qmQVn)kOTgK|Ib}|?DC^EGp)Yn;^Rd0%xHW)dF
zp%wwn-tDL77fQbQjy5kHT0<I&xVfBeSfO60JfyWr4fdg<2%Jc7Kn8S@(KH*=5F<I@
zn4+%r!f@Sn-gtHqBV|^fU^>O4ig<6x3`U>GKJ&S6OBzm|rNoN;jxZ(&$Jq~=D7!F^
zo<3wGXqdEgfoZySjv66GNA3OV?CBu+0?h<e$Y2XMBl@?zVOTRDI2OCTx}{YxqSFZ-
zG!aid-;bbXOrzGh9Pu|3vZ$rl)S4rFX-n_ks=L(;!~25u{d51t+FNN{4N}oha|_rq
zJ;h?OWSc(=N1vSKu61Bo0r&YWwA(D6PCR3!c9qUwQui@HsVQ;6b<Nx)E>H1bq=`rs
z78>ZEICnO==I)A3Ms1=`DV?P*;j|XMzb+*J;-SQxS{aV3T6?HvS7yteV+o4ACLBL4
zTwOI6yL9>~!UY%3!4f|gkyB0^okur&pF%YZyL<t67qQcj(bNxEd(<cckiz#{^L3m=
zr<37^rzax@0T{v*tGVmr#~D3B(%P2?RG118BhIQz%<LSfw9`$ee!LB=QY^mDYxPd2
z&Qar;eEgFq8haGI8ihGbrsv4_eU>!p_`1hPm+QbgoB<;UjZNK^=SdUwtA>(|rbX^9
z34u$M@IJZ=rkGQcn|o6<54Nt(%_mEKqT%;ioLE?eVUUjj+TKoWABr!)ZmaHn*J{G{
zBmuoR_AUL^&~Q$>m_e-A={r~Xr|eITApqfPELqhQoNw@BKX`3oTL{$W9LErt-f_rZ
zw6{*eKBPev(ia->6Cy~kX;kt9)ft%EEqdtXE28||c;hGNFPI=hkY?*1sdQQM*loFH
z&C*gxs_0rG=f|b#f;Q+_>nl)Giq4TeqWB3RLN$(jHhYp%87QT^vk?W(vv{3xujf#s
z#PmicM>#WzzbAl}P2VDk`vGEqJtf{+lD(9>u4g)k4K<kDTmMua?E(8f0cQvKLI!%Z
z=UnGLXQ=&x)Ix=v66aIDbenMPx3tr8rr3KLb!rajpDbFIoVr~;!45kEXtNTfoUU2_
z5c0mYDsjz!7HW^8czwP^ktdZgBI5;}_Y>HeprHB}0q|EOEOkBZCP2utF38IvLx3k7
zA$o$$BAW1&RA=HZb{bbHst6<t7kN$SyE*qB)nPL>m{`v?>DO#iDP6goU}K!;saxBi
zQ8y}RULaOYv$B5``d?Oe?9|9S4wUayh|mDzQ$1YThvN?2$1Zh9N;!iIK4=fvU}dTP
zc&n6~9?IBWw_2Tg%GkIo(QkPDDD-hl3jESkjoC8z$B1`08<%!AwNq8(g&_b0z~BOP
z;khDKBFn=5LK?PXYVL57cRXqL;Ld=JH&<4p$m1G;XY~bCd}TgK5nfKdI{N|txbJ+U
zgB!3dCuY?e`BRr*@Ob|$bu}j%!@YvL8pptMZp;a;h2fx{OVzL-7C?ES6)3nIdB1`j
zbK*bM*U%CLbD-bXqdv_Rf|7%&7r6HoRQwuAHj29W7N*dReJQ*~&lX$b*l_0B8)W|6
zY$x33M;nszQi%ZrDa-!mMY=L^J3o!g&LTW+;_VFGA`wS|(KAmJ;Kut3IVy~R_8P)}
zG0nx|Ct=IOP=yW58yMc$g|~hZxUdQ4O(ou!A!(5sySBH?kcWN-h-<|fg|eovy;j?)
z@`M66*XEnxT%1H?`Eaf|XJ7ZpXbTpj(wbKs756_36;9D-ok*(9K&+-tdxcnE#9VHK
z(lK;nk!%z)t~%=_SN-H*0EcHa>}uy;cl%O=)2xEnE9*+k1M2La<ZIE)Ob4AE=Pg<Y
zm$#xR*e7P7HI>Hs@JXavMnJEv9zvynuM6if>A6T(|LF1!wfP62ShOKYF4!~5S^gZY
z6Q9OKr*=G>awg~ky3MSuO<KPvA$vN_iu;-qQ1CiuwZ=bcHa+Fl^t1&?HJz@q3a&qu
zSOaX}J|fYqsP}1qwL8(dmvrc%0d1=97x0KkhdL3D=)9Go+c>s3e^bmxQhKl^rsNh?
z;yi0~cnLB!b7P^qbD)ZQq?vPzAX_r@{&|+S>&=aKtuhk<fG8$Eip&aZ2T8GXk)QUd
zmjv%YX3a{DZrszVVdC$XHst4v)LObL1tbsfLpavmcZ=L;BC#49E^7>9q4e}b<Iw1U
zo(-N6KUb8|T}upAkcg9QGurx^scy+qjiEbsL#hJb8+@dwAmP9a(vdl3{Hf@`yb=01
zkKd_VA1^Z<t+W4dWCuZ9R8aRwg=!1rs>F{wv7;T#44{eodTewI(49R2v1N4PCv^*X
z7FcU*PZulZk0w{nj%K0c6Y$edN~%o8VdP;3<SQQ*3SP<cMBDm>u!`~Js{~bz;#XXl
z#0@msR2V#AirRX|-UC+cd1=~Z2J1UEOMA;Ko!yRiu-D@oEVac#<vU=s++PnZDPXyk
zmpnQ9hgY=&+}(YwXL@WTU~Z6&=3_t-o8+5NMCCp@Y4Q)VjgKAC(vUt+h;j!O%~uM?
z+73{MGmuHySK8F(BS5Gj*9iED|9KtwQ}IAKZTLBCaUFfKjmi(aQrX7(mCR8F>=c3n
za$*sOO=$<<E9NH}xq(~u&!cB3E*%qojv$KMt=$&J_Ug`jg&i?4)J`~SNy24o0q>tJ
zYy`j{%ie$NQv2OcY;X_x`{5n@5W!dhlZvdo4JzfGr%~_Af&k?arbk2472n9dQ4mxR
znHsS4Fsl*8m)o~XVu+9O&oiO^Z<M_BaP_S`v)$a^GTLuqH0w281IWbaHyuPpP)*ML
z^SrXmGrc|_{7?xXiT!QKgqe8R3kuiiP^p32RW=??Smt2bT>!Yot#B$vqT^t$gtKi^
zeBinN#qv{A@+;O+Upx*?rko=;qWJ5FkzN!0`cC~n=7Y$xd&B6Qg8HH)?)|#_Qp_?E
z=5I7zJ75qwkmRy5Xz3~~q+C1QXjXSG1`@D-jZFClF_X%dn#4pouBH5zFOClqJSQbT
z_|i-|@k_*zV-p#b`fB?R9Pt%eGo9n$vvmmryl)f^2q#lHW!8jke@Y?EDXVs59!5Fl
zHr#o0p%=<6uF{B@-s0d3Nc?m<E8;kI9dhvAzkmHI90nPBvWlM*nW-`g3<@juEeFB6
zUDO7LxmULWn?XMD=twshpG2j}8t>vc>DK+`fU49f@ytkm7_MP{(xDFlWi7yrtY&DQ
z3?$Ew9!wTLFLd7QWl(bo^lv6go9#g;M@9}vT+98<_Zn)MA6p%mU&DNhiG#Agw+peU
zCV!;HWA=<faE`Em8D(_3GXRG%;(4eBDtug11_DC*1Z$3iZ;B)3VGKENH&+6N<~h^?
z=D{_zVb>Lc5kO>~!1zbLJ`BCEIZc$k{4915Qry-Oopu-NECjEg@?3Lv@*4R1d}3=*
zjRjbsp>83B>CxA}11|DdfRW)(oe>!62Bu60;Dm6OFXmZm-RF{uHuIP#Q)tO-HwfT^
z<8zPLqt0{!4z#%?^UZpKYjH>wT`*iNT-Mi22F;hca!C%PRdd9KM5;0ZE_nvJ=Q%cz
z0bore!*0TrgoN7pSsI=4sX56x*EP#I%yo4_nAWmgV6!>UCgsvAn@>xUpd42Oe2Ii1
zZHf>CKJ_Was|&@)vF$RIJ)UT%@a)3Q5#5io6oCjx046TW?Z&4)iHP{U8*lyuO?eK4
ztzXHDweuGXzdQou>#jxg;D@7#lv<$fDos4vS1i2WnwnBaBT1PHR;^sP0emFr=EWe&
z;Fo=62fyhxKFE*oIo94>e-rxJ54P#ykNh$8Y6L3E{b-FRk7PxA_KVqco?*JGmJ|rb
z_+q22qFBXStF{LGk-k_Kb{M<EKz#`#rmwEefPc)8tjvriaJfpOT~V?}x4*$OztYcP
z6!~Co?;*fL4f!y`XHTQ6IhcM6)10K7z<1cdVIBQ4g?I}ivFl030}Lr{e$L(WshN|2
zfjaR4s+x8ClZn2zzz|oqzA0s1UUja1lM}BIGxf>{`egyvXr#&V%<u9N=X$k^(0v#~
znpR&fV{T0W2b+nD_;r8sV1|B?2(Z%PTt>D$H!Kye3gr_M+-qmJFTF(+8|5RE>hCXl
zF|B)4tgTR_x^MsHn%C%f9+Gi))>o5j5*935yEh8PdxfC1#$&6W_5)w<9@z=y=b`w3
z&dig4>^;c~z55Bw6%oRi7{oZIzWA3co4CA0@7rvMdy3TZO9WMG5oOa?(M7Ztamgu<
zRm}ca8O8JL+G=_vXJrd&fVFtS#%*z=iC@q=-ZcHnVGi&58Aidw;#Su)zL5-}G~Q*5
zin!8jgiqC~Li15UisSD`c)+&2z|-l!^8&?Bmn)O9y%A4t&X18@Dtb=mx*SEIFy4rP
z_VAMICou14LNp6yan7md=nWqqt$#-ay||Z`C<t2~^H)k1OoLi=A1IO!-PT`}(c%4C
zzL7xXec5TeSLg%vdBXu{1o|8bicBiIPqtN0+NV02Y;o8q$l#4%fhKr&2W$*U5V;mK
z>)X6UCQV&>)-2W;eKld6Xq`ahA|7Oj;qac@W(Ec)GHkbqu9)LQU-6cQ)Lf;Y@__@=
zlmD_d8M;ps&bg$}E8azlsB*W6x`@}WQ{)SCa~!~U|MTv^GWMr*GXfsQ7}C1oJ4d*V
z1ma*3hI?+y+iD=jf@FSKb^E2L@p^=Ao5scGCbqX^18%MLgd2!a|3S~T#57E5W)Coc
zUzcQbO00b-_xR^U<0}5U$}>XCO|i*B#B9LQYHj;n5nA=O*M+C}FLOGL7B;=rQghPI
SUps-kf|7!YeAb1VKK~6=v-v0h

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-protection-reports.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-protection-reports.png
new file mode 100644
index 0000000000000000000000000000000000000000..58fd25399450ef5aa202a29f4e7420a65a8edaa7
GIT binary patch
literal 139107
zcmY&<1yoy2w{{gRP~4#ecXw-XE$)&6#WlEw;z5JE6mN@rC|2AFR@{QSyZ(Il-tT?a
zpEb$K$y#U6%sx9a`+4>=;i{iyG0;fRUc7jLAulJT{^G^!@)s{&k)j|y|FY-a`TY6f
zrHi_(#EbF~vYqFPH<q82KfQQS1x3F%dHZ~g>LjP<^5O*{_J7_l2k6ekU%YrKl$ZLX
z>1n*5_4eCT&s@k@eQisFKgO)lk0w(4T-NTokJcxvhpn)t|9f?=?z8Rn+$?k7SfCC{
zY`hA&%-W#p|0>eo?7}7A`UaSC1i9<B#P?Z!IQ2WW9^twcTjak+%(EX4H!K4V8kQ0B
zj;-$3m!ydKFooYf>uHDcwH?bEY|>t%zN}lk7442~aV`%Tu5#=J2^ZHLk9Trg`db%A
zJ>;L&@T8yHO-+GH&JxQ+VZurAdyl7<OTUMU>Aq}H;bc|=q&*ywgC_i|5F~?>Wh7FB
zkv&tk7dt5q{pSdJ9NI*492$lDH}N!|S@y!;u;Ks5+J9Q2KOh{3maA)PtEXjIIq(hY
z@wg(p$?oJ&idm)(UbXxn7$prJ&fQ`A885+V|J5ngrw;l!RW7C254o{@HRTKudH>t)
zGdx$r>5p@s?vdGBuK|xoPmfqC;t#dh<tHI^B2V{csUlw0vh@*8e%0;n3s~95i!n5<
z!Y7&+8*-=MPikHLhwsaojQ<(dV<U}{+{0F>MgjPwn~*`b^20C9pMk&K_VO%-(;2jW
z;Z>UthED#}pq7uP@#vz)E7vGeI_cBKE=MJ$?0WbRfOwz%qme{joPh;ZJVc7+MTl)j
zS5*hEiA1sL^N1DhVZ!zuvKF4jr~ULfnua15lNzDdmy83Q9b)4a;YaD(&#o>uyZa~{
zIq(>F^mFQ$7J8PDTgRV(*N*xAPmkLZ#aQ~aRsr`nXVhM&>kSvVhW>~ULI=X~aFRo5
zLmZ#Vy+d=~g}DYSl_}krf}<w@fR{18`dA_`xb#m}5a+Y!X~A~ISuA>71@Z|<N6lxL
zOFl=UHNIDi9{5-}{*QuU59b;ad?yDwiO9pu70sp;UXeZ+%n^C_q=@SfKhtu<#?dM>
zS!(sWi@mT`zq|CpZU>EKXT36gUQaKt#pEe+?sDydN3D3G%f8>86Ms`y!mmyNpg<{4
zeJ-VrC|o-CE@os?RC^OC<-zf^xQj3M<ffF&mt7_Tmi2tuZZ+hThsO;rmf5RtUs2F1
zvj)rRQSe<0kEmD1y{I**xQAiya;>7BFMafkQ`H`Y>BJd}s8?4;8-2{82Qv^W8-~f3
z%}lOxTlHA}P=ye+UQBM4hrhn+?s2QUGo3h1oM`VkSsy-~ck8)IWaML)z6mp_z!ejc
z9J`&h%t6hGlv_L1fY+an$x>38^+ff>QoR<tS;wU|T|+Nsz{1J)sAzi>il<ZFo%!Wi
zZoRSm4vxxy5^{5v3YxQDATbl%LOk@d^F7RuC;J)BU9^2uo-S<~=i7N|=cKT_e9SJ6
z%f>Oee3$LDi8ynuE~XUnt?mcQF|r-5nLsIXB>LlN(Vqh?^yO<LA`_c##s*gHW@pNj
z%z!fE79sUQ1^kTvco&s~@?)UPo#U9QRb_AP*h?BaSCsJG1IfT!oEYfqyTf=6AM=MF
zEKoqz5m*G#q|vqKPGeJx3)cj)bnv!iy2_sfe@*Q}!9vsd#FR>74WLoHkGd9*rZ)%1
z)2Mv-6ki~h%D@;eUz{VwluaYgC6XoZQ`2yj&Rc!exksCXp0hYdFYYUj@oHLRVrXFH
zSSC_!676Q!=RdMZYlcKD(1M%E2^A`@2t3c*e#@b^sk-AlUL09c@-&aQo<cjgo|`|v
zI_HV8-etKG#hfTp5d5TEqxpP`r%vmS4HqBexf!Zo+4;D?Hi3F`U7MJ)Lz8%qL%aI6
z&$|*+Wvva~5=>76OwIzOIsyVfxbl9uie&WUvnh~^8vEE8LroR&3z~Sk<OGFPF5~@D
z{=q-a-UFFZtIqy;!OrhsIXiT|3dt&IwYYL5sOCU`pabegst98*9qPQ^ZWk%;$cfvy
zo6v{szHuaV%uvOzXXeJvr3s>p2Mj@=rBOM%%aeuJ`wiWUOU}_8AhBX_L3Ot3T<Bdq
z1PDkDORc|}3_4N16ZD!r`=~~t<7u2=S%~Fz)Z$_8bkF$wufh$YHf+=sd)$`%dX4b$
zeKPX)Jw1`VK2LxaMvL`Wj(^T^GFtf^R5}l{Fp!dE8E*ynir-1iO_eT347z63ipATr
zrPZ%LaGp6k0G#^mLtRqfsBqUedf-#ePC=0Pol<@GasjLPwbW_7*Qr2;uP8^^`~bam
zS8~?L*ZD3J3Odmu_Q&jVM`qm4$}%O=QK&VSAAOEb`)S(g3~Y#=FU#jkhoHSlIR655
zgo|OO^I7KFDXukpeRnTq6>HWS92%pWQE)#G>Y>{7<!Gy<0$ccQWKz~cJt~?WR(pFa
z1>i(-Jx*jELT0kW6JoSx+Qd(^h*XGm+WG#>Hhe8=ne3XGN~K>nH7|I_IVw#c#_1+M
z6+}H@E}V9bO9VRK=T@P%#)0pJfL6OgK%O-aK$wc?G2Kz;>R%mTCo-ik1WWvWJGVn*
z+2^VyY~b#w1<G&iFL`c&L*ob7Ax}MPcT+;i`DU}++Jaq-S8$m2m(A$+ccUiv%`wDM
zi%;*NOXQqH2wL|NN`X_$K}iQHX*fgS`#PSP5PqS3*~?tyxT1&8&9m-=U=mNFin@i!
z#4-=6-j#>zABzMu)|GEj(+_1kitb`zV-z$to-e|EvBI5<Lg|;Dv~a-VhCCzP(s6wk
z!PhG_wN~mCoW^Hf6OfbwfIcqd`wfeq_GE?eYsc&B54M;0edim~a?ep2(WfkDlFWgM
zLknV?=|asRd`Z2^&)6XSh4y`}G>FN>A)KHeN+`h2NB!6ZPi!~tl9#R(3sd;Z^j*Hj
z;(9#@ethbmL#QTA)eXauk=olk@((S#u*r2xD6*O>#bDC;@ojp^X@DYwa5}Bkjvl<L
zcW?MZ;Pz@8vXJH<+sxRU!;vQp8V{CZBJ?s%)(ED2OA<mN%v*yO(C2->d{&Wf{IKb~
zvK;3u41h{RcSHe_@|Lk}v|SbS<5eWEZ^SM7gJhyJzAF#XF&KWp%2uX(wVW8ukE~0t
z(&Ray{K;-yDRZbG<>MTWe8-c*jAgXI=MTLfO!B@uli~cii*8Uo-&*yQpJSX&fOi_a
z5$dLKl&h5F+e!Z%Wu92=Jty)L<(LwDjg8?)nrl8m@IyNnpk6FzVzGf+Iiik)X0gQa
z#S6zfhF02!Yf4yN;(n_QzS3BrLY-SmAJ0V__wc!81`~6ndu`p3okH3x^9JspjW2m2
zCiZmiUUl1O8r(%ssR09r9gX`ln|7cnqM=2gqv@UI&Th8OTmx#w2*)gM)~V$cIXXsH
z3jCQditJPHAUWx?#<JgpI+9drdURxx+q-ZPxBc{ZKLOvwyp}(LZg%K%&~p^@GDV1?
zH-d^-+0|8<c)#lRW1KEf7?YE%QQR{?i{_?Yc0LQn;+FH|d~Ba#1|T~TMPCp^I7*qi
z)d|XUcnhYQ&eP*RxDKds7ztN7UVeJyU)s~X;qL$ySsL}ogq!c1_Q*GcG~!;ZJb55=
znK|h}@vDu5@znmUz)_e9^<;$xI{v^z=+zR~s7EvNi&M|9lcE#Z*c0uDL@@^aS^*}V
z@~BsD(N;E6jNgOy)0!ddBb0$=byA*>At|xkI-fOv>Auur){)x5>E4*Tm75#7(S_p6
zc=UK=E95y9rmiD{DF`Z>PnnkdpI%ebP|^*ZEqW~Z{ZMUgeVp6#z%M5&X@a6!hA>04
ztD(racWkzup%}w=<@W*!M(#&Ti~9{G^7Hlf!?tQlM<Y<~Zv1k$`tR2THM-vT*KX&=
zc$AIk%p<a^DO5hOKaU7ln#n>U5->mL9Tduq+R@|G#tJB7$}J?wZTp;-cl^bU4v#JV
zs%&^F9Fv{|<~D_x#EV>zdB4jD=xn-L*@KIBPVaD2XT3vXkinrVVu<$X7>5SN?uncn
zfe}QYp2$l+|4@}E{^ds$Gx`{r-;NWA8fa^<<D&QR=ZjN&lj<i!BA4PANjE_hd}htw
zV=BqfCLpjmd2Sx}(A`)e2}xs%<zt;fVccrS6K>nQFuN?zGB|eabal|tWdC~SdUL+E
z+J1hd9U`RR@1Ow#g^pu4=YX>bG%Q9W{eZy9AKKXF3iv%P@Q7_56IzN8=4s`oMw2@c
z<~z|2t*O~o8Cd#A$Bu~lb#o{g@!85-?DCs4!cVOgZEgcS91?c7fh|EjBXlZDIUJx>
znp&%+SLTXI5@o;s9#552^oB-9yBIVQiBn}KUeG7dO6KNC$7v(k7VTT~TxjcVA`T}X
zi!t@pD5x}HOXLwB&^XYhkJ=Q&pyIb5w8{L=5qDLuqB}a+%+`9b%e7IQcThSFBu0w7
zm|LJHh_GrliEiwYk$7JVij7v<m8c&le@^}G<EXvGH<hwvVd`CAnny~F$=?G$$an*k
z3SLpFEm~k|i{W=GVVfekRu8%zO>gb&THYE^8t{7%hYQ;o!j_YJd)#&}J~bm)4=<_P
zQsDVWgHLXA>~ZuSpRtj}sXWTbt~d88O!rJJ5n3>&1{g0UC;v1qJzhW(+0SP6o)|X)
zZLgb+lwn~%Jj*F~&z&Dl3}j%P>#)?Yj9_ylJCeevDZk56n$v#njqBm0_H7t+c*60d
z_sLA;EN4qK-{JM-4=rTt32^irKwuz|Dcmw)wrU$FEw!h}s9LCxF<G(vV!7}M69_&b
zMtg|Ive)NJ0Y3=ij)=v0Tl(UcV+Dyb8;W1AyguLkJBXqqJU?*3XFo^uX^>baVunK0
zJGD13gV)x=LhoR$LwlQm-FSh_2OM{O3FYS9Tx(}T=sOCF?Yq5e8)=Ma@Y(OZGrG#{
zt7Z0VT6=lzItR_M%;}X~tX~WNO&SYpr=Tfm!&Tv*i7LQopi;|U^epO$*F~i3GJT=g
z;o%Mx*@>qD{uG+2vZn~eIDjNBv8OA5FO)5Y^jgv9`5k2D;9|XZIlduSK>y)=A7zpf
zsj5{5y=odUJnEC~6yOJgdc$Yn!(r?-OzPNjff<3%Om#OH5%;*zl`8~KVis0Ndc*+w
zoiz5}J$NijhvRe~8-y<(A2v|}W+&M5yp@5aMr~;3gGrJTbY+#`Mg7TNM#PNjLK~*V
zv1?m^?ddvl<9jTOaa>QyfeFXa7n%$j3qu5FEj8oLFSl^bF7MIV0lg}3D<A$)34X*t
zBmwY^mCw=>D;UrS86z~87>_44p4zdN%@c&yV^8s9Z{HEGcen_ZvYY?W*l$=?g-N+7
zWs6Z-w>_%Qv7?R`-{F`KBuZ}D=^d{p^vCvWv91qiycXZOBL>R*&?vJ2j8_S->o_ci
zjZhqOcr5Pv>B-t}R?*p4QeM4Po^x#5TWDYDk7c#hPGr_V(&Mt|7IyTb4$6kdUjL-=
zyxduryE8&6_?&=4>32$8ZQdVrFTT~8aTIy-xa!l-&Ds-{6Tv9z14t=|qn%dql;0h2
zT~0aom&?Ia@jOiQD!gp}o-3)UFxMy2%0hmbAb&$NnBa*BS-;*X7Gcn+=V^VsWTx@s
z;#~5&WBn?Zg4vCZFPYmxdu$VtDEB03p_Cy=*dpZiC*!CYN}r<;N~Xu9kdY{Hd%knh
zg{vYz+a?i1HcqELq62i>g~xnWqmcD{jQ7uXDwK0#N40ERy>*dCtPqrI>-t@6Z1rXC
z$ksq#Q#HU$MbIYT(pLIaHkRCs@7m-uv~R7%y!RnExJ!@(Xq2b?)dBzYNiXF|Czkk!
ztaGhp@Lib~oUg2l`_&X~m=`DuAatMuB+5NI;NOWAbRqcKcPuLQu-|FGU2fVmUi@S{
zaN8LEY{OdFSX@D1D(FFEF#RyY(abVzvEw46VnX2&m|p7%zW;FXsBl{FjaF$QIn3Ow
zsZz-fx1QCq)LxiVY2mnDtX_HC@2+mPNPJLUoOG&(+C58=G{)NL4iw;KYVeRLUV&XI
zGVQ$CXYqyw&V2@}e4gov(ZoO-?tDty?QV(HiUC%ceqC@w1NX_vf(tzN8Dm+vhg06%
zKDdP4kq>DEgvYOhe}(6LosHO@ETa#_B9AcT;v0#j68(L(9TD)_J3j>y#A7^i&GN`|
zgt6AbvevX(H~=tb+R7L7?asB&(Dr;tnzX>7YV~YGo{+y?*I>~5En+iO&isI|tfCY+
z`y5A>#%=LY61Y55|J#-%TQ)=sCMEz@f%W)l3iw>^S8*2~_I^8fSCVD45uaE0DF~?{
zT$>FUgCw{onlz&~n9<PDNAnsJq3@4u?C_hs!ecIEE8V_bF}h*(V5;fFG(XF;zTdrh
z$~s{m7*b4P*NuB|xtjJ{_*m&d*)tDeL1WYW@Vt$tnfqdfC~9|9j<Jpw0)^M%37@)_
z{l|(XKAvxjqA6~&bu<9|BX7&*zVAD>0fw2aIY1pm?{*hSFZTY*7AXlz<z98HcArJt
z6w48do3Q-$I10Ty5Hh>mZ<Lvt`k`jTBuE@h!vFCwbM_<`@>7qyD9<GYb9<_Vxkx!9
z#Ibca%KIYSY%m#Pvmtn{ZZ8;vl>fWQ+MF|}^(#q^`H0^4A1Kq8o(R1W2|CWB;Hh5*
z$csXC1fWb(jiS#1jt}1BpUx!@gxpRP<8WrYwo!yUY{M(s?q3=Sxy8r)BEG#OjuLzA
zz4CW@xwFH|mcwB|x7K$4RZTKW2O-cm5IO-4YUHNN)!Iwm=JsT%KbVC=#h;{*SZ6t%
z*I!)U@^xK@uSpN#%e230GkJQnw;IdzC>WO~Rfo|9H0anw5es9R^(y~q;CgRDp6w+>
z{JYjMOia`#*K07Dh{uj$$?r(iCB<xM!OLpy2R7Q1K3R9<l<XZQ>q&uYpfTf8*S9#y
zINn~U)qGV(q6g|g5^GRY<5{j_1)?vLmsCb2HEPGtJNHZLJrNt=vN*>-sa`%9vn(Uu
zc$jJP1aI@nuP2H~6wI>Z+nHvf-0_+JlZ42_KKhTNdEJ4(<k1<|rUOxo*N?qNY89VZ
zS<*#u%Sd^97aA4E8nw{B!f#4YPR+NOdl4;ItsiHdlQ_WVUwG^$UzqjANG1;nj@Bu%
z+s#yB|NW)aE_~E#e(LPu6mcqmI2YH3wR&V&J<y};M7)V0jbLm#=(*LS+9N18Z0KM*
zQfZ81wY8w`BTCMT;=oL?Zo5@a1`>^3{UrpFjDs0FPWK$8YQgM&3Ut^(tLz<J5v&os
z5q+70)fw!xr?^i*zl)@RdAzE7Iry}7TSOT&TJdGNr~v_^hCAo3U>v=QL&4plEw)HA
zBh{<(8uk;7>}I)~5ym4GFXyyVmo#c0?M{!Kacbxc8MAg{EtG!?o`WUWJ>^H!aVBgX
zxeR6wb(Fe4HO&2Pp3Z{&mgp@_h)xfsKgWfc;7%{cf{Ly~J^nN~XmhA?uHLedD6G=>
zomnTBX!*REw0P)Xyr9`WOQC&^EWUwG$LT5AU<yA}&}09m-zCbv?_ngW0ZnJ)vmNkp
zgAi!aH)@i~VS=NO$iTQZofF3n6yx6Gu^b_DIorE}lOK9GWrr%hIpV3v_1ik!=C}G0
zMOB=yT$B8a-mrUA(xW(WWg=6_L+!+iJl+&VwXCXK9dhJI$!EWhlULgrDm5QT#AeOl
zm$n(9cydTv3)?9;{T!X{w!2mXZ{w+Px=)4I0E}(5N}^cOxW1cqM-*ipPO+WqAZ}M~
zYPid#Bk;nnm^&_Z|8fH{>cN@jg#z|8Lc!p}$|$(U*PBBw$K!=FHAJu*Uw&6GuI@Tv
z%qz);l?KFo<-R5g+WCCokl&QqVTfvCP9?I+v{88Qum?I$F>3b_D$Thl2<l<z6;CS}
z&SgH<;;)rhs!fokf3tdbKFjI5kH@(lQt5Q*Tkv%0Gnwnes`UcDL{qwf&He-kA2J#5
zf=9|7L?cE2$~bstTJt?}96T?@RR-lV-;fKt^8qVu7GQC%m}{|@d+dL%=!9#nX#-10
zvtwQ3)%x6ao(biW2(>57d|8anC;5Eeo4*Z2Le2u?&4&w%2;rA39_7G@T>l14&l5ec
zD*{y{O#s#A@6Tuo_43wn7&;-V#D)U?XoVx?J4!*c9KQ#03wEPWM=sxh%-IOjjnnQQ
zIt@%h^?M=F^V3vjm%gbYU@GUqm94bm?2pq_L29k)*0u58ZjQ?fwX>v-{vkhI2mpSe
zM;tcmo=Q1_FOxRDsATfZE+jFim5OY_Gh*<vmxUEFRX>x739;^38+(yokn(j*rg0w|
z?8Nuc1w{n;c;qWbZUXQ~ziiC$TCwd#7A%liabor-<f93>+QiVuKM?*@Zw?5^M*<j(
zyt7&?NB*S)n!7ttX^qFVeWUK>mFxZ>^COcUx>Ku=Sb@4sS9ZKK?`Tp<28AwpQ}Zpd
z2)aO=$b)o%^7am2oqCcUD_YJti$+qT56S1g>nEY5a{KeyOqSDj)bWu_ms?X{kKAdX
zDv=873x#7z7u3u4xaJ_9jFqC_D(aZbtT;Ho)J(+mXG`a|ja+I$>IWTc?hIv#;BA1m
zmgx+`@s;sJ@FKNYoG2R@17XV%5)Dop`*c@&RlNduYK>BpdYq}xC5yf+W_st1zHmFe
z>eVgZo4B3csJ=8&<Z6o%0DwDa7JeONCQaE*AHoqrl7okM$J}O-Dd=M15|&m|iB}nw
z!K+v_^ZPv-Sy9SKuTp%^)i}GQ^zG63YJ!Til|K_g>_Osmz;?I&^ej#@IY|*stmw+`
z_WYXBgTnVD4Pp&vslqS!DinE(w$5*w<OgmKY=cxjqU{tmH#%=XvKq~WzYg@>Zg8kZ
zRXwC)J?H^DPPs5URo9)7W~M?8+CA-bZfopVs5`6tbdh^%%-Qt|V&yY#-cLbi)*cvE
z#oAzBv(WA{;V6#TW+L>0YXi4k^oID|7~;A&8rk<hj7r3wsr^V!v!1jx?Gb^K*SyN<
zJe(@{>cM)SE_>yyvL%>x8imC0Pju9Je4o5d^{{c|)xN8uuHOh&oZF61o8OFZQ#?f;
zH&Jb_<)WUnhf(HPPZVwHZ}FS#;|BSMG%R^xZ7^v|pC<ksiaLvAZ-vkR0*w{dg0^z*
zu+RwEzApWYW-phf#0MYW>ml^>q)@397(X8DGf6W#em-t4*4+@YH1P5jcHREc(HO$K
zb~fj^7R?U^!kl|9!rFVse21ld7d_Zp_gV<cQjDbLvXPH-M?EjhzmirW%kMgT479kD
zf}ur+gvv_6C~mT#+_WEaPm@M%o$#C4d)$w|aT4)*0(Pf<26-$!p$!tUJ+mvXZR+g8
zoz1~Ak=piSl@8`-AV7~FKpyRUe~hqj@X@s1_HSue{XvF&r(m>pgTw206e2{7>IEMk
zZrwP|ci$wksA)=l7O%A%>kCF8L(+My!y}SN`o2)TmVuH*qyW89my4dTC1tR}u1aE@
zlugBs6Z%l5TaD({Zi=%kZ!~=FzWczl8Gye9kT56!ue@Fj$XTk%ciB$a%^pwP<$M{b
zHos;Y<Y&;TrbuQ>i%kDJnCqMNn?e5<%F@lTZ4@Op<uW)+JJ?g5XK#%3udUXnBek{B
zAKG3CvI^KX`Sfrp8DiK_Ixi))ESALVDZXmG^V_dOT>&47mC^-p;38`x+HnjBT)FtZ
zGg>~C;wzWjj?@~bmo}5XVqQ17|7p-xPGr*{p;bu188hxc(E+#SnCQV5W=rxF8<NM9
z;qv6m?U3-!SkW!0)l?ob+LL-;u+P?7#aP7?!`ZcCi;S`=t-sjX)8*arcSU%Bm1+au
z9N$mqR>G_qJE$OmR1lo_F1?i>Fn#NP{1+>g&qqw3uQUkFTrp2`R{i?AMn$bfA3yP$
zw+*|Tm>cg;A}96nZV50Cl)wfs6#w*VlJd*V-0=2TOWI^H(LhQCL(uHd_FtFSt}^p+
zJ`ZZq8-{_kp*B!YlEk0q6hf2Pm@%G#Y+sC-rPQeo+NckbM##RDZr6p4R#;?pL?alh
zBk-7leZ@DVH>1*G5qFePkd6F~oz@$fDejEZ;}ca`2LG?YlxM};>*O1ydNm|t>B_f$
zXgU#7&)`H^%HAP?e(=knJXNaEDyaS<1qkK^iQO&Sd`!6cePjugyE!FN8}?<SU_?O=
ze_=i=D7S9M5mJ%`s_VEoQxTJNXGA|6W;Nxkfk>D8Gan?6QOlfpzhUgA3nA?0pZH2z
z#j2|kp>*fT8^U-ta+iP$H4#tno>`MpOTT2cq)P%ZIHwUnU$4zweN1z22coC)eIc<!
z_KC97hXO<#E`3+yFIe>QJWF-!_$54zPu1-3%LiKIGOy*ag&kLRih=I~F6c=5uXmb`
zS|!gmhliPw@Bf3BTCJsYeNT=)OK`8vRq8QomgtfC{dScKSh$I0m36PRS$;h{S1VOh
z#2S0i#C{a%^l<bf3Y{u5pmtnpwh-y<M*-{dED89($eFD8u5h7$eY~b}Qg`l1*7T%f
zw<LSi63K7u^LAq(DdBOP_-I*qw8Y8pf0l+?t1(@KO*gYN<Fe1jT8BtcZPI-oVTkQ?
zxsh3SS#&3{4w}B0sehPL%X12mCHL1EdE9OBTcR@m2jzs}zELoDJpWSYR)&4M&SJxA
z($suxpUxY{d^5S-CQ_B@<*!R1WveBSk#~xRVHO(xFI|iWBz}Ui3o;U(-EYw)e5>d?
z=Rlt`>Qdcmw4HH3sLX*rF(_T~-OZ%DnJR-LnDf`{Nw+2OSd)i;VukKPL6WcsSSf=O
zyX~Hd&}M3%NZ29sCYVb&n9P);$^C#Ou!uB*kQG8aL6;#6_vJBLfXR>Rt^e7|@ed0(
z>;2F@*niS*35<wM4|o*<POhd+s6P7$aT*4`*PxGTR}sAN)Db&BoPE9c+anCB!!%i{
zHP5pNB?f;iiXuMQNCB=!H!O9oYL%Rr)l+u;Fi&olS)B%+MpO-kmkL%xwtbK_=s*@X
zw%F<NqxCvK&0p#iv?Y^WQS$k5ye>$Z<%r1Wc@Kn(Jbb!=6A9}e%yGO>(w&&4nVDX7
ztb>+j8B`_16^A_=UPwkfM9o0_^}|%DIdfEwh&&Q!8i!>Mk0u-NnX$T{tu}{SP~cOD
z+ThK}A$O%LbNi+c&(<WyUXn7I@`^KQ{Rr6DO93cOQI7r6^60OC^lt^hTYJ6*#5k4B
ze}8#f?-1^>{uO*H&Nx<XhE)n|c_n?iAyF+Qa_HQQOV@$hpDmMx<i_c~FNepf`SG+L
za)0CBV`=UGartG?=y!Ks;#fc0*JU}!1GW`;+QYjHda&3=y*SZ5_EbI-7WLwr7pw+u
z0gf$9o)>jkv`eb42jc@nZ0iXwYZuc?(m6}7)ta=8ibZjRx6=JGrPL_+Js)w<rmvQv
z)P}=hA&-s6qRMA(i%`L{Th!KMaAY9l2&Aq_<X=U+AUpQwN>H$7`(7!s>*1dJ{`kS8
zk0vl;H4u8~EEC@mg*b%(AAP-~Q}OXYNd~u@?=~0J%AY>GN(S&Thm=6#eQ{!LxDKMk
zE#99beSTw0ATOM7^AXq5kWn8sgarfSj$O9wpR<HwpB%E94r27ox-#&0rNDYL+}%X&
z#Ns~TY|IpNhOiC-I{MOR3uiXq50#iK)9m7eA7#RG9_L*FWNkQV-R{?uDBJH$!>;={
zDDg*<n2WK?d}#!MOF0GP&KW#45wLaP-z?PgfnFQ$Gh%hREa<E$drZK1fAGHBl_(K2
z&P)Uz&7O8@Qu>|eR#mW&&WF3@e}|8_7G&vZj|ffVfX);i@xGP9vBuf#6sZl3dhgY~
zZ6(~1m>GF#AkYQH>?G@v9qCkS)eCAyN|E7$5!!y5x{Yt)FVPzWWn7HY&Mv`PNT;ud
z;osho@(qbRGt@qVSvz_Tg?l31siVGUL8}!$aAP7)s}~A*j4`FNHQzI$!o4pJf&${F
z=PPbfIcI_1nllMlgBu$gtY#fkGD=PvYu-4(=H;N198WIdfy9z;`gMEXeQ(e#=tgvU
zlHF{lr2=x!GVF!hO~ps?_%Zx6uiMX_YYL95`p@f*6+Bxs+KTpGPNO%5d^rEl#on}R
z5|h?wqsx}=*nj|Dd1jp7PGQR9pWd|HBZ<p?aH^XSQDYdnbU>Ue=audUE=;i~*VmUO
zw?9AN<#@gi-*do4cpC=qvE3K9Bk3JV1@?qV!<N!PZs<DHUxUxN<gO1I0Gl-Ta#3z+
z<Ao>t-0+pcl$P~i`w0GJZ}c1RNYGL16G?wI7_CqtS?0>2WvsdoQhLPw-Kxs8=OcI7
z)8myO9=ov;)A9(<3w#mrP9<KrjP>lVq^_H#djU`yS7CQWkQZvJRb1XCvfB-UzLi;#
z_i4Wdo+mS$ZZ%dN()c1(j6Dk4P2_ek-YpV1q{25{p#xVkauIKP(`#9i#!q@J%Q?xY
zQN(kU?_Alx%*sl)aWMIl`k74m@am56>}BylQpw6N|1yWYs??>1;d2!X-Ac7B`=??H
zQmcAQa*@mN<z;}QB(N6Of3v;9&F}1@!TCFLMw2T`Scu2r3~_bofv_vbky7Ph8kaeb
zxfSh!TD_f~nW5nJ>f*b4+1cuim9?{oT4}G7J%%i4+@F%K`}h3rSzgn&4tAew6nnib
zR7~MCf7mUl-KM!Ha#D&t*9$iwMz>Jzy{jm47viGufIA+yW^xHKY5xq)Zt)(d+7AuA
zApKC6g4L?>l%)~MXRlUa?AHvq*jQmT654uLfPPigE_5~*6uY0%c5qF+Pi2S7XYiF3
z?%NN^Kh4=zq?y5?+_UwN`F6&EH6*y%rQ%WBQ|r4T@urZie32)*Yfn2vaWuY1GK@P>
zaKUf{ay|CL45g~>X^Y0vPyuZ1?uX%46n!`S+8DGg--hz8aG8JE*K9oRVFg3}@f_n}
zR=n_OB)s#%@H7ei&`cn-_?tP!JKHrbQE*qdALGN!6BosuRZ%BYXl!|8#hK%-n-B=;
zTNkd#$>@zG&c0(A3bN)Fo3Qi^HPJV$wzEUluwbM-vzXOYIcz|nc5<qOBE~~4#ooca
zIp3X`X20unMLjdooeDXD4SREl3?>;5+@wuX)zmiFPpcRLrNNpUZQ*;rM|3~eV_T+p
znkChgT-yHCuAC#**P#CtQi4N?2Oi;iiAKN@oX%^T2E_zfL_kr_8m<mzHlW$!hsSsx
zb+*$zwLdk+T8)Ic56Q$$^1LQbd*6w#$`d2^r1VgBZ%V#wZ-uz`XZibr9#NtcvHP$t
zj~8Vl(vezQEqvz-<jp3+Tx62W%<;=Hp?OZxcObgU5MPgZF}fl1NCMU&&dt3Tyg~wp
zGhs>JC*H#-<_k0^yZET<k!%R*en(i4N~gyLt?%T+ht^%U_t7cYy~v`NYr`Wxqpsb8
zUw0eO!*?T8@e%1=9$489mGa3==6CLh-JxpraA7E#MzgvdE$&z!8XZB><GO~5_f$f<
zo-P5GUUjjO83$%Ja3JyL$*LmzU@Oh$iLOr^xAC(Yt?=5e`5{x_tP+@44K;R>7ysq4
zmNI&>hIKzLvqd;e6l%UAE#Y6zO<r=_I9%!8Up>>zfI}QcSf?BWzF!a=log*!>lsdt
zl*ka@9&#({c8XGg4U5FnDq5UciWI@^54Xg6YB-c5oHlziUJm6v8gd!k*2F|v4qBg?
z5oL(`OJyOlJy+!u2>1TD>bi%T8$NEI`!ilYodFBv9)yJ44q}kpY*xkP&2t!`iP7Q{
z2{S(}$LVu8+&p)>Q-%hw<iCph*CctRoq7-aF}q4!?-v+Kc`Qw_w@eP(uxy&;1I6S|
z7)KE{7(D~<kS#&~zIoB_kNjxU*G|u@ok01-m+EMSCD_AH%dE!*_qEH0J;OOS{wZij
zq(mwRHe4ty?%^5H1hWRshZZyB^+l3GXO<y#^9#M6eD6X4A@&QNe5~aLYPM@G)@PgJ
z<?}ptL>U#rY=Z;$3wH}3yJpzq6x6<_K63a8cWX@@iUSH^9vsQQn6263;KyRnEYo$1
z)b2>rtLHz^^PR3bJ?e>(hpk7;efD<BFe7Q5@2|=gz6S=ZMptk+@kK&E=#*&xHS}>W
zB>`rNqxYsX(+Mm^I6mccCo@0G;QG?I>3?aL*-(&gNWHlu6-L^eId*VcxrQF}L$6hv
z#aN8}E_kVF1lvzJZjL*lQL(<M%}+~ro@*EUkH=BWaNH$1L`ndo3@UxvwL>j_H36FD
z=Pzo_&e~HE+G1iuVyQbPLX8bh_&B^X0behsspW(0<@EhYv&)+>!%6LAO_vWmbC;a&
zi$`pp$uG#8Xcd53r=RDz2Pw|8n5N@m)F`CnEH%(2Pv4IAAiUo#g1QMDX+YQ#?O~ZZ
zPf6=^*Si?A2lwO?&5&6*U$l10S{-i5;fT3tuy)!p-Wo3&wkJ&?%vp2~D{jLuyJ}o}
zpy11bJ+c%Fvo;+rx%bv7UWt{vOf{L$$83+)@Gp7NMtgN#B|B|kyh7cIu+6oqt2sVA
zXK@#Hcmxf$n=il)Ii6YEPEuaSwugG|nTDWUf!Bxr%pgm{#u0aCbowUOI|EMhloM=z
zHWN=~Bzr@T--ne`(5~SyKuqtLLsMt34qpbni3sTudFbBMa&mhFaBs_4-^8L}@owMS
z*Q=XwDYV99LD6H@aqx&U4P@?>^;-~Hrcv3GWnb5kq#}7Dqw)O6^K=)?GVVCF!-eVc
zX7U%EwmL8F;s|@AmBbHI_rQNns}`C=_rHcWEqE}C4@#MIqQ>66ly>!f>}r7?trf|i
zMWlH>lpOyYxUOG(G;CwdTu+;$cWW+?KS*<PziX-=er(#O23^hDv)%Amn}VYhyGlOQ
zhJTvErTcw0Gdgl|0u<vK($f-qt7tOd*5FjAx{;8#0H<wW^i)h?Bln>=rvH58shPTZ
zLEs~ucqsL1Srnk)L4pHe*x<@N!o;o=j_vbEflTFhfKdHk$deq(0D5d|pURJ5rv)zP
zItGnR_QGJpB^wCLq%6mWczU^fnbmON;l#e_VexJ)G<=V6+1-~Mf?@fv=8ym*5An%)
zj)CV3gEoV(KW;cc!9|lH^_8fGl+2kY?3aV~6fQ2EfhI#x<KBt(+3Rxi1=5%Gt%u&+
zhKBoMO;5%q_#2@1?A~UB5m`hT#|JXav$0u!;T)f?x0GhI+E%&<leeb6uuhPugKpC>
zZ8+(Y!@Ses!y(MjdGpWVbBGc0V>G$0VXk3rVcJeau(vM4{a9pu?-pn7A;OdmZ5gne
zIj8f;CipF>ICl66`9xa+JiOR<{ZdHL=v|EJMp(nbv8egd7iaN{d<KFmLG0y%fP*7e
z_oo(^0oj%Nf}j7}jL;0&BWUejZB=n_6?1JV2Fs)QDaohMqwVbXvdH%7?D^u2(_-|+
z)(oxx<9(Gx(yOV5rIL`l9k`qD{9L7pB=$~4R}ubER7r+Z^yP<el<8oMD*%WZ`=>-;
z&-uKG+y{vy?h;fIa-KY16Um-=$NM$3X&4mk31pWkdq<-N#uAJ(-)TPEJ>42ciJS+j
zB?_;QTZyH21#nW5f{%<^UGm<GSy*<zoqj^Io4CGzdUr(~{S@M}@$_NvvaNu8`Q%=>
zG2a)od%4tfw2(CYTsjw_+oymrK1*XW5X^~h(Fu6O{UkprnAn6czb(Np$+WIpO@b2D
zw7C_#^hVhlB5dB2963-M<MPafyipctQlM&@zoxg7LwFN~e--_SqQ_R2+T!1lgt&o}
zk_7ZZ=b>p?AzFxE4F2R|@oT=6AJX*1SQTm0tg%|5DzI`9u`Umhr_Za*`5DCtC%>C;
z&y-{Cj$`uj7zV`O`rty3B+n!v_Y$>!c&UISiDbo*9`&wMNmE~uRPM4%RHclbtd1n^
zqK2yF=C<_Omu)yKfwicX>Ws$HseClZaUVVN+TCevEA_fc_apJkkz-4HxM&`}bzFqc
zQ{rC^wGxYH3^aVtLB@?iB%t{k{;fNT@f^qxaIrI`#EQ9ak+L-vED9e2)tNYKjhy3c
zEJq*Q<4b$pL;g?Tj0^PdBR%rXNd{)K>*WQfY4M8tt?xxD;4`PQH=OyP96G*%0d<<!
z)DUl?uYF2E9IxD=5G}D+EIgN`8TO&Gky4of_OL<R&-X*EuRW`Km}vYezR~Ra#`dQL
ztd;H^;Qyb-{8?uHcq0<W^Yi9!!jsRTpvcwo6JS<DWl`%`UtmqhYn%pZhmW}Z`d|(j
z)S%e^?L$oI4y^VbJW=2H>3NvHaDBx6)b64VE6(wwfQ#JuU$<Fi6SP?#KdUjc{#V8R
zpB~<-R>oUqgKzoBo?s?fw7@mF1R-7vrJTdKGJqlQ9w5GY8jsv`XxtOFc$LEr?nd8<
z$Omn`)U9@6BN)mFOG8gFISdTZ74je<7|w_eIom=<|HnAq1}4E!2Gm?JxdRS|QyWOb
z=&nA8+;yY>Y(5^yI5HX8CysZ;a{wU4RlDPkeN=*!Iw?L2#-C;M8pWUg_e)bllh;|1
zrE+jdiVDdBd$UI2pI%2#lcieDJOj!1*c36N$0&M8)O3@SY9{Rvyf(QLjeojNY{Did
zKlq<{Tqp$G$wUwykCBR{irNDlWMmaAr~ulIADBe?Ak&azRcebh=EVOK<v&aFbscca
zmwvW5(J%e4W2@o4&x2N99d20anIx`xk53+yVe<0hHZQetP-p&ox-{7?#;AX9@7mx)
z>?Yk}EU>G4w*~Sqfe9xpM!3?tAYY<UF{Hlga!61EM4v;r{J-Y_7$TfKp1ZtPo4E^V
zXdrwROehbf3zGAj<-I4yF8b%V0E0gX{=fGOP!AuW=}=NqKC9vB+(i$;j*ds3S3jNp
zeY%IpS9s-kr9agRB?b~1hvNafY{tgMReOgpCc}RY4J6*RKbt|*Xb^CNm;Qb@Tqy3)
z`X>Z$mK%$m>H_PGTfB+*?1+%CD57#D!+N;B_Pu{cCh)#cAt?gCimx0^=f5W-@HW6s
zDu@AM&4}q|3FOP0(+$a`X0JGL|3}^Js|gixD*L%wy3!FC(?3(c%2<97zzwkteMcN+
zRVY`eTQ>?-h0V?Ck*b80{Nqz+@$1EBG1Ay`F)-JpGc@#BL(n_^Lyfwo!1F)r%zv$k
zpd2z9GD<PZwOy~G-(RmmH{(o3TJ>RBj2d*l=VP+BKPvw*dHV5MlDoXl=C8!l<HK07
z3Z>+7s~?8p(PC3WT3nrp{er9-OeQ#tWOZH^#=cPVWQ?FdRx;|4cvrtv|M}4EzcWsh
z&GJFhc_hQE;;u04>3;l*IlTy?EOLsDc*j2od&SCj-e9su%|nCI{wbi!l)aS$ie4(I
zYjtdIFQF^jL;)1}*HH9w7KpYxl2EqBV%Wi_;%`efvrf4#mF=3C5`u&r-{j3td|R2y
zaDQLG-vdIOX3lKvvR5gGeo*St9Q=xfNBT+mf6k{+K0kRHtzVj(wjIwTsN^&BReeUi
zH4Z;@s{mXULsn9Il779snGg<iREaO&#U-M*@d9L?An$|UAg{`dVqjPL-s^PPz^+3e
zzz>$12k#0{1Oo<9PS7zL1I%PG5q${B7)VlW)HXNlv=ze=C@`_|yTELUn0|;GUCCd?
zlOAZ9@oM(ZHBRUTB)(c!Dwq^OE}zQ?ZdjcYd8<LEB1DHp8v2O0jjgUizku;%`z#p2
z3pA|hr(-R$pDG-R+6#yG7E%|G4ds9rEH5M5qHzr{|M3&@&~v~>j3qK^0G><1NaY6c
z&vo_hFuxxiTEQBLC_gd)<!m|P(O^Gs)4eHHKy}`Gd>mTSW1*tY6wxMY761Vrlw6ZB
z2qxB_bhk(j({rgeOE9WeY$%A_X>9COC`1+8CKup9yB{1U$zj*W5sa+Z?1b$fuj8s)
z2@#le4E`YP1nb%;WqAmCPYd8@5h2ROuBITPdv${((Iw8sAa#lv@7F*vU+7f3%Bgf3
znRwqRA%RUJ!3Cgs(H>w4qLu4{trJq^iKutghf{lnhEsO`z>dX9xglw19aKf_q@8$&
zI|kkv;5EdGcaOiEt978AYp{*fC{|ItlmE@quue$s{(3B)zS|{sl9vb2!I<)%>LMJ?
z?GzIe8vhWdZh0%8mg>J?_HUqnyEa1H>UfQI@ahLAF$ljg7K1Y352j&BhlF&0pnC&b
z_jp6A_!zkGc5wANjT_MAuxfG5>$*RQa?o^+A3(qe(2+7I5H|%l5~-08;IQRQQ&Qhu
zeOz98kmf+57P+MZ0CrSf(kn*jV0&WY#Q|0r!1>gYU!O2g=>vI%@Hhd6K|ziyGP)m3
zrC^~DD-07|Y9u4*p~7#@u{a392^pZ{Lgs5h!4b57&Btt~XBedwmGO0m?Kf<wNxWlf
z;yiZ6kVbGxmzftJ9|nDuyn)(TAH6r)^z`1a6&p?MTEOG}nK{;bR-hJA;Pt6HOd%`^
zYE3-9V>j@30HRf)G4T&-@z0C_(JUeLNf5Q^dm<A1E^o~rwJHBDTND6jol^_(rxTLk
zmwrCE0Tt}!H^||tuifqS!sE@sk^vIkRlbWzU6A9`HeUiao21TrTILVws=+odVkqZ=
zTACVGcmI|EX!3{m*M0<ua#lWlxd#3YE)%|7S;-BunBwLFD0F30>u2>w24S!GzqN#u
z$vXYvB@=Tdn!nud!U&hGA_Y9xcV{OAJP<5wh62zQpJ$FBNpX|h;Au~%$}wl16&#QP
zrxF3Y(g_R#c^+v`mKwe%zr$=_S}VqOeTcx0xc@Tw_<&sLvHa4o4ZJ8qLC$EJCLyHR
zwb$MmR_XCX(Z9t~ZY&b^sl{idL4Bjjecr*a(UaoSG~3G1P67%_9?VTl)oo*!mn`v=
zV!naAJzyG}gg7X+66IQv7@jF=c`8`#h>WTDI{<I3ItQvNn>MTe?`|X_LSc&_!Tp>|
z5|K5}m+u`-BH(<F=OEMjWp^fbd!~?duE8dTD!=FDSlmpjm+0<fX;f$L=atnB#qIef
zVUnq`fF6v!T)neRfGYGwTssjr3~P6)9133iou@bG{=>Kq3F&+rkavyL5#_nTQVi+o
z`+%JzJX)zHdcHe`dN9`@IqZEg3ez^<UueWfaE|Hnm~rXX+k~(g3Fq5qBn$X%zo>Vd
z58ND1|1O^(W3|vnsJy4$`@3$>sePH!Ec8mY)ex8~ceA@qw|djjs38FMq@1g>j=sGh
z{SFQa-Jbl(J(4YCVxf+8C=MZD)z8m%e0|Ml^R3EE=F3f9;}7F{nraJp$nEgF=~-x<
zZj&$eb1^tNpZ@c}OK8V0{6V$iZ1!|T;`GUqm|Hhnlfla@nU57lRd~EMQ?gKshf(PP
z!#ZE$^ZmbsgypvxdX`%)2LGRLeGuLnD9zxv(WLzC5r6mI6OerS4A9+T(~Y{}rpwc6
z`kZIr_@(2T(`u}Mu{`o)rl6USKA(LQH+@X|@)L=EgKgMl*6&o}X@uYJJUN8v49o)K
zm83+KWUxijIBn&Z9fh;<VlO5BDCjhj=~Z?agJ$#lTa4}SGs2P1qX8{fYa_}seZJo4
zQ74v6LChO}wr|g*XvUSXiX0eYce*>a{Wa)d4&N}v8A{6cqO~;|blO4t2H8-mq$r8Q
zd(LhF5+S4d$L$<<Y@tS$-!QJ09oQJ?elTZt-iLsJFL3nh?V>TWezzZ;nj0q9mK&W&
ze(iG`O5@V*vLw%J@ivn35zuDM4r9_{TATS<BjB_7Zg=um04FZp+HGA447|f4<YpD-
zjX@&sRc?Aw9nyE_!l{(ag_Zj_T?P8<oXDg_V$1LF$&+T8(tQaYeFghBU3fv^^BlE3
z9-5M)B_59FJK`_yF6}=prq_Yak3swMEpLa@`8rSXo1~TM|5Uc;4>uKE>`uxQ^VwI~
zjhV6-Rll<rc9m&l(n7EU9L~QlZ39d>_GLZ*OdSG&Zw?m=UkkY&MgMVXB_)kWg}msJ
zx{Y*N4BWl2H9KlIf<%SO6!5Grl_{zgs!L}I`Cy}4L`h8)4P$#szPTJ`C^fEoRcE8!
z8@?txy!O0QVhi}WQri4255p(rr+Q9!?bCJIgJ&a^^et7$q=WReIKMkOvKTkNK__67
zIoo6%&9lZW)oXmG^=m4&8G5o~b!O$PDHV(I_X|rVALet`)BbmbV-`0=OK~$#KS@Er
z<?)qvxna1F`jg`H>tUbz%qlUjdm@EorpVWKmtV3_rU(9#tZttSe*DVwirx5Q=WS~$
zr)74nY^`;hCp7%Od(FV>RZ1#DN0|__%^|%XMr{-_F*{*&%KFqRHZShkGC!TkU~qb$
zf1E7Q!evf&kg+<(&@9n>IqXMj;`G$MJ@5EI$n7XR4wnwFeJg$T<M<Ca=zV_$nyeHR
z56ipPK35;-*+jA5Qv@9My~i$_mOj2Qn?6+jvE0mwnIrP;J-AXncq!LtP_;#0i%fVY
zEQC8O-v_#cg0{KVotrA|7?TFNI1}DVt9#ddlMtrX2BsbYR^g~oO^^N7Gmpxtdk<g)
z-LHT(D>Mnp4C+4Sv_6bBsfeHN&!VH#WYMB;<;o0u3wRykNYE~SAN>*>h6I^u4hYfc
z`CgAQt#~gmF)UZAuY}Oo3ofDDgy)16DU)=H({xN86xFU3qHn3y8@}D2t0yK+X8l<9
zyUgiyh*$3Qhm}Cebbg1ZG#7#oEJ8@R>JE1k!v9TX8L)zSwPB~P<<$U&`PT_-afq2Z
zTl#@S<{;;!fiI(@RVY}fLH>WV&JU+hX%z{%kHRR#y<V!tnOOa8W|YAo4ejF?`7V>5
z6M%|>$ww(dGS&u#^d@g|8u1M$mFTR@f5((jP7QvK4ME6o+(lBnOB8ANu28l+(`?3_
zXXXH4x}_^pCNs6*sW3$CY9=-t(~tr|P;^Er9p+#ZNleMTQ)M_}OdYj@k4D0(#oDj;
zXPR_&*P+S7zf4Yt1UJ83X9-4HVC<QVb-Y#o{K$jlk3)|~MfGW>&656?W+{Z#pn+PZ
zBUD;CgB_h(2oGIgO+TNmd<o^bo`uUy!2Zz<yWA3<-BYi;r&i;QPbLP^A7JJ*%d0Y3
z)Ytr_ifO4r-ZN)@rdH#?O(yO~%r6bQ1&TnE0j`$A*^#3^GDcK3yF8Ts0fQ9pq0d0Z
z=@Lqb9)I!7l6}`M)4!&&bzlKD5v!@)d!>=4a{J-5KBI=(opI8afG$%9nKa_T2*9Mp
zNGct`8FzCiE#$zU;e!whS&+|Fd&SMEX$OpRrrMnQ7IQmjfVX7znSX~s61^c`VldHp
zD4pk;ERiD!m_xP8=Ds}qzR(r$f60{09`;kCD1sxpXR<$Gtjt9xIP{G$@U+Dj`x)+j
zoan)*avx^0(`_R-n0M{?)+&ij^!{64-wW5ng;&EF{O#pgKA??Nw|C@RGa|;#b~~na
zNvA_;qPRX+hca@iFK#`KAUzj0Up9X6>egF`CYLQjR=$(YRN7!iJl--}j2M68E{2=+
zuhIgP23IFff{xo<N$d@HWF|JtDlHC><UNROv??NUgKhy#lazx5!!mzK+(4^CZ?W4s
zQDEy~$*mV0mYYh!GOs?F+<(*(>6Q2|Ox$>R;)$*k09}Y59sTkw3PNX{_h@Hq8w40q
zzbE#7-HUl3Jz+6iX|<uxZ8mTv^!mQSr2W3pYPz0RzuwA1EZOzG&!h|DWYqfQWe+B0
zXjQ&!uKD2R_E;0L`{8^@Wgp7f-$e%Oa{kW1Z;&th^Gy@J2Oj6!RohE-r22JM)?K!8
z??Y_xrpok~SKZJg0)sNE(ZE}9(~j$^&6DLA@;S4)#59=GV>Nb=+8BSO{}Ugh4l{O5
z5NPZu9kMtG2&PYSj(^_C5&LNq7Ms_<mKl|Z#nFaom$eUs&D!JfVIb-kpQax;Y-Zl`
z*iNC%*B^9U+RqR9RD-uZe*mltJ!b|H*qySuZhM#8lU3Z$=XC<U*%E@dxln`~>_0xW
zcRD?;^8U0X3akLO2V+ZCSwA4X36rHxt(p86hI>Kose^4(A=)_D*lepzI8?s;TJ_YD
zLGQ`215vQEe6e_V0OP*+GZ3TjK`e}r6Xte+1+{dPG-QQl%q0H*k@ePLQMOUr?;|Lk
z(v2X}-61GQNeL=BbW080pwg{$cPU*%H_XsT$Iv6)9YgF}pYQ$NXYc)=$H9Pe-&d`5
zu5<k^h^@0>F~$@RVVH5IyerM>z~v{IO8-MH0qgO{^3l}%(t^@~75c$wN}y*FA5Ji_
z1+V9w_@wM>BGn1Uo=U#GW#W($U|Jgs#Ksi9m;3eBBT@KyGO~NvudQS-Wtp7tSB{TQ
z@_AzAtyk6ce03mpf<Tuv<{+Wj(w8VK{P-r(E-{IrAMcgp<J0z^BfG!e$)*Q0D69pA
z1dFwk4K`>nZxC|a|L0MYZ_B~w7Z=gJFxaNh7MUUSNu?#Io0W(4P51TKGeZ4pTG=n8
zq#V1(8;e8lPNRz%K~bL*uBxOpdvpbYD3@JHa>%TE3kevk0~JB+AX8~sYPrX&zrz^G
z#oee!vMyx=p0G<T^|Z*AYP1A9vN|TW5l#=m;)JD!%zCN_i$^#t0^@}xB2nU``K2Lc
z?WZDVcGmCC!hc1@R#%qi#JVSA*at@?3NTP4UZ?RX=!HoIIR=K#D+F9AQbZY%jeR;H
zc}C5Job}6L_@uJLpv!2M<yo(JI~#lx{eR^O{5U`o2%q@yL!)zWaF9{X0dv+nO!K5N
zu!Kr}Qa#l3)(qZ)uGFx6vmC@i=;tGmNN&7&EQ}&N5^3|nDx1*t*)!sL;?IQcorEC=
zJ|?`^vkjTx<Lh2Bt!$o{i%?xX;lvn2P&8={MfZ)z&YRVNtdkrC*Pb#A*SXChu8HLu
zZt0$y(hwzG;@jx<2|uXXRjb>F|Je!~vw+uMCoKr1&K^L^nR&`W>HA-jSp4PntAtj>
z4sx~78|RAzzv#YZ_80eMuJxf&>>x&&+fJARtM2e#KDgPaZb8pS%u_e#EyK&f<uG||
zd9_83!ss<J8d8R?1e65n>Ej5Jtm^%xQI8QxEX^*v5IvJAEWNc)djHAbUj~)byMM}8
z*nYx&C;&7Yo&il;1mUEd!4i$mh+$!a5Uro_3URtUCHTkRMSdTWly4jxb%r)+`;VG-
z6N3+q9J4(lGE@YtJu&iT5qVu_MYD*}qoeNzlJkSUnpR6udY(OlcE<YFy=2otoE2p?
z?;Yd=<<yf;98Koj9+&AgXv_kzj{&fdsy2s@VR8>id2HKN3M{=>?f>p+#su;WUfuGK
zi()X;xgF^8PduM+7kS~5luUN#v(}6?xuOeLPd-M-$3VY5@;#oiq+^^K9A&K2dfQ_1
zxb#$^Dy9P#LDvR$wV*c*8(pT6#M8t`wPVz9AVgwRE6VqzVMrq1ON@x;w+E;QORiz7
ztzqvnKw2QmnPSkJAW^uzKRc+Ao2|_k&0c(g3&dp0QJ?fb?~i!>wPQ1wWOW;nq4B0f
zSmRyoO-t~}$4^Gn=}*Wd%*egYcLGLe#Byx=W49Jt#nH~U!_=gF(0{yVlBW!_v@kRU
zUOvW5J#G1aw8DGGg%=>hW5VNYMAV0+iWS+znd5bQ9o|n}R*@7^DCavf&=9(|n8P-u
zn9RkdypI!!TXO~cJJZD|S@GOq9x8;E(2xJo>rUF8L%=Hg`%&?d6)O)dORv74O!1m5
z5S&rXV$%7a2!)g0kq|LQ%jX5FysLhr6G<bA<?HRzDelmMav0BD@}DnuAnuN#MaRue
zSZ;j;`l+Sfq)QW-1Kyt@1WXZ>Vy^ZPbvDy0A#{AJGhcgoZJ^3$hf}z8Eq7=w8ZFPe
z1QY%@$0uHIb4mlN$gFPf`^a8B#3Jc8M}v5bZ>=I}c`<bOEjyA7eZCCoRIe^xO1*~T
z>GQe{e5kcvBCjYq9;f(^!1)CzdZz5D!SgR(pL~$?*dKQ1b?W0e+npn_mO?(|ZcnCu
z@I8<P<_qrBCqbUB^P;_!?@)G84etViF)DZH`7{5I+W#}lWUpa_@(nl1S>3!!S(6GW
zY$R>S3-PnvMKU1q0Qy+wj_jHakM;Wb$OX(q*gpPbF-eFaD-!scB$Y?R4tj`QcKlzp
z_ujFGu>42VkxQI}r;`uBXt5g4$Mm{9hyujh9KHJTzBFO(mSKmsn+3uUaMpj{i~qWN
zP>HbrgrF=I076-9y<F;+r}GWfGEgMi1-9qh{|Lg3bhpn|-+mcLnffEY0Rkg5X2A}U
zQ2gHkLvLpXm5I1wf8^pksI>p^U#&M_nWWsG<bP9JmVvuhe`n3fCDFmNHs79u7^)5X
z`@a$JZQi@T%C3Y&my9_pn1WqQhR__+I7%`drI$S~pe(k4=f2+@hrwV?z|5&;(4JIe
zgjkHaTKk*bIX$TV&o2j<Q>+n2MX%&rMd1-WfRAIi@pz3HUn+&G1lL)IMq$Prl`bnj
z4x?9&U=Zz*seHC{E73#p(=m)Y`fpZqN%!~b4#)(4jq92U*OFI&+QX>ic^D?KKCpu*
zLf~gb#p_-^JZ&mzp1P|${lfMJTx&!n_G=M&f4<4Uo&3KK_>0G66hqSz!Y|!p`QZb3
zS8rAi8H~P5kZsLv)r((DI+XCi>NrARmscIsuHT@My%b3tz&tA-`%rx45)u*f|9vj%
zF4^={d3PB?8rtWN8J_<Zi_Vbvy4(30V;#{_&7B@7%Ad0k{p~!o5_}x-#-o@+HZ=G#
z(sa3PQN(41UOIsFZ61)~5~ho|fdV<Y6%9}jK~J8TY;L$VfG-~BGCtq`WuzF;#sAb;
zBlF!{Ax2cV%LzULQiNlnmx$9{5CrGgq;dUwq^y6*{yRN9S>90x%e|pErlg_$oJM#r
z;(tKCBUm1yFCRlM!iVzc(TwBWJjvr_j8|3)1Ssa>9S@Xvd&?m~*rbSo0(Lp&%$Lq6
zcJNy1ZH<B|uPHGO!zOB`@Q2{)f<dFx!eM|yB=G$4rfSx!5~ypH*R^yY+7tSB<Jg#(
zvPSPPzM4@`yU0KSz>L3^e_Qqf=EwHHR;Tr+_6nXX+B)br`t5#GwlFQVzx(Hb)Zb7f
zJ_JST+i%kH&;~TA_B@vNWfDSkqJb;L3VZW)sHo^?-SPcIReICN%iRD^XNw%eEC4{z
zKn}5+i!SctAxyj1ZuJtS6gui1+OAP=wy+z@631r@j_LT-Df7l7c=e=rko=_+@r~Qz
zSGIz1qvHh%?Itj7liPMA6N8I<Bt=X>NQ}u%?T@GS4gEHA<GmP|ZG_@*N){8h%YzIN
zzuV#z^H!H_l#9K&AZ)S`*a#LtF=7cnSqWnV`K}-kuYg^e5hWh(wg{I$atm?{afJYF
z<-kXdS4qp&fhPGT!t(V`A9^xtED0!y0*0xCjry`50jk$b=uB|ic~o*bpC{jZ?WYjz
z&ATDx%_yoFUb`K$$+C}B{Ds4>f}BXeS1YeeL2W3gH<wAb3`1V6Vy;!L2r+>l`V=)q
zk+9o2{&#u0f-bvDM4WK9SEFsHzka-D20GITRnml@se&aYbf|dPuC&-2dpi(2y-N2(
zd)wtU5}>NbQ`0Gi_*<{Rj}hrg$eo0T0%4M&?7(CNV`FKN!g|ne)~yFh1K)Md{I>^8
z`JZFl-(qHI+`jJ^WG}$bJk;x&Qu@1|oUkP=sO*<a6ZVgc79z2F8*7-~<xV;z3;41@
zLPcyRnwZ3D9k7?t&VeRw%Cqf7BG=u?uD;dov3zwIVAfCOJ8zsR0vZc7FzKKxUr@)2
zjZtx^#K>PZxf6XCSKLz-NaWW4nkx9ybZTI|Sg(e19`Y%=Fp4VoQ^LU3R0;DRvBacT
z$!Os!Y_`fqc;0<4(yJ{Byq+r6#lS#F{gi7>fcX3O)eS<Ek$<uheN5??63u<i|6MZo
z&i|f6jJcD8RQ<jNy-GipI|dDY9L=XW(7R{eS}p!W^>RCmU?VA6nZTEN>X=Gxu*BUB
zXKtjI)?8b9TE4^pTGsfxzbycnJU3O2ZrvyIv%_Vw?hxG96`6~?PCYz~AaVB{qiOg3
zg=l+yantUbx))2UGU&<@!7n|)QWtwm)=Qr2h_=m<Od&emCXX@vyPFH?8LkZFg%tk6
z9JLDC7sHLtmWY$}h+_R_Qq6LMh$uZsjw@1?T+|H(C7_#tnDSXD7#CmoTBqt$VkRu~
zT;2H30`v6fVFbOWSiLd%DR3oeV_$nX{wSl#wWp&q0KgaE3?)mV=E>v8AJS%w<#{uI
zDAuN|Xxm^!(foIpgykF|OdD@m#;4emhUAmK2A~Y@y^sp-aRpRx(`C{1khDGd*e&<t
zF3(fEpCqw9`AOEtyart&$`RI&6?KKUH=F_J!LMflzv^trKrJqquRA*%-1OIiWyz(x
zy3G5z@s@9zDuejTHXKckV=4^(9yAO7YgvxxZh<yaUbwubO9CzjOOFP%I1(Op<DN#3
z=b$2aJYK0qlJgRn!lF8mbS+FKm*&7p`|rW#j}iU~d2TTBZRr`oOE_^Q4on2}l-+{!
ztmZJoi7trgjy&s_9J)s)g{2lg_vCbQ?RS`IXk;V-oYZ)!RZwaMp@WZYN|7O9C-$O^
zS!%cF@0k(6Y_Phsj=-34n)+nAa`b4{8(fbG1|&7*ObJXauIp!fw`dllnO_ZBo7V#H
zmxW@myuJU8neM4I|7l9HXZf^ve^6QF;TJGPGZH0Uy4dE)k2a?My_(Z+V^I%Fi?Gox
z%~=1~cA;S#FoFEpSsG;;ZbGll6f@Ac^N%{Y+Y@@TfmGG^(ygawp{H2g^gH+AC;(+(
z?~)GSao!+y*;yd1X#Y<6qa}7X@=xA#qHX-f$|DrLT#s6c<j3E?X$5v)P3048yW%1W
zj-rTa#3rQ|5THiDR9;U&%fK6xI>0)_F_nvXmGE<Y7(Mmh_ZdUOpqwY0y@U&Z%Od`L
z8!|vSof7FRBKhO{xHzuC#oH)N8Zpzg+LT%M6%5s^<L+x`KMYKqj)m<B9+O!kpM(qS
zeC6xdYo3XHI?M5_?mxj6t>c?yxv*EQRR89o>tpoMVAnUy$AnkNvP0ig(z}qD-eN~0
z$E`kfpag0%5~-LhW-r2)#2t_n#~hLr`T<}Wgprgl{cjqp9{-ThjHR^}w?QJ2HGrPt
zyxzOAn#beU^>`>*h{7}k|8)uU{5ag5Ennd~gJwe$;^+S>Mgr=yKPK{DJ5@|7te>)t
z`zJl35qIsXG!9U2QFz^Q94_pmajeueqRie~BL4rWuOCv(Oj@t3XUu<NC?H$%K;X6@
z55yHx_(WSC(-9U$E42DTrjFnLrz(DXxZn-_c%-<Gc>TCEi3~smtYdtnJ0@C-koo^b
zXSd^(0gNBQ>N|9_{d`64MgIH1$nGqH^4lNO^0gY3PqXA-HJrd!4+H;3YbV)_i}yX2
zMYN>HNq=)FT4MYewEIV^H#1k_fi?}#lrgk`VTeZ`>K2~A{2G8!_XU_E1KqEKcC(<1
z+W+TBhAnf0qV}<|8=ur8IR9qT3u+%4?yVQl#D@sj0{=|a0n`n*u`8ZPH&C)=DJ~Av
zCse@65FgUnUH>H}16(JUx(f;pe*8>?h2XU?3IWICCyNAM|D?X_kDR+_>9F^|^Dfa+
zoo82F@I0So4XOD+RSc{+2^{;mS9#rL6r_~4w)FcG0R+`CW#IK#xm4WVPLvs$pl<}c
zYk%i-2d2;k%%qnQ*WKr0*AGEj)-x;3`u^7ZPZ%DL?B}Givin~5MYE*WviY8jR%w-z
zHBgc92^vVaD`6Yv#4p$I<Ie)ePbOa}Bv=1(5duZZWw$qm-O%GenApavf~v0jW3OSw
zxPJ}`TFQD``W)YCq5h$kdz!APkoILt?E3A)fXQ1Gt)#5u%~6EM(S;Wn@a-Xpo{h82
zROr9{{2=(_O}+pvI^I{x{f88C>u&NI7o_*RAatLM4rlWjw9Y=1yCs*!pTs*uY-VSF
zW<F!4(&@oiZ{pw$)mUHiaIIn|1E{;3HXR%lxgyV-UKD+slJ$G=mPYTY@<umpw0q#s
z@OsuZ05NLujbZzz7bH>Os2RUIhucT1JNunX@2;E6CC`w}fi~pQGBWv&<%k<V%2ki9
zip~L(7(cmo*E(2L{?@P>H2X0rtGE2#IUPrufXUxUdf<9XfVsYFSdp#yP~BLL-bthP
z4aWDUnu!~M(M|FafG_Bd1UC3xU!+2JlM*3FX8yPY@u22XN^<PN0@9|ft_g<EXJu1;
zVR&8<0bXw|$5(BT^Jv@XgVkE0rerlb4z^uB66`6na6{uzZ685&oF1r4PH69lY)1a|
z95v$~B%0F`60SmD94~75aU3~3EjN(%=@O)U2zdeO9-b*hK|#s?Ql9qq*Ec9QSS@Jx
zVax2FV1+l%JTKgqhUV#|cgWe!lj7DhAz6f>IA$hYH1@%mZm;$+3sp0kkZT^I15->&
zZgLlL>iLcKG!Oo<HLaYEu5auQL-wdwcU~c#5ongL?uMJC@HHCdvluXNaRr5VL_|a&
z)c6C7pDgOZOl+X3Kh`LkNc~)uT-<zBq+THV@v3QORSX(3Gz-6_kqhNKG5P$c7*ngM
z0e;*7ck4%st8$EtdSOvy+5aHnH~o;cD#GDtVVA2TMe(g?0Y|<z#c^F3?@r?NAviO`
zf``ZwI)#%5{4efOG$Cs(O_8>tt*@Wo<=pn(JeX38)3Qr0R2KTH*_CP6UTkJ@g02C*
zDec0-ps-?d9P`vllyo4<)v^BXw_Lmf$9x8>Fro<HYCKm9if4^wO!&svJLn-Q`?e){
z9J~L0{?`~XOGBEfw~o7<#|mr?+%0$R7&Fb}_VxY?t^p)1YeTj{1pD)rmjG5U`S(0o
znkx0yn*BuYxwFFqt-nAEuBATUN+k-|A`hPg`o&&|X+R1V*JEUi!*$*}tlC?PsU}jt
zf_23NFHi_^z1W~Ts=0S@oO$5bnS8m!b>O)p=|B9Q&?4iGu0pVg&I~7jIX$hxT3br&
zQf%=sD9izHwKm6a9Y9=#Y;ThZP`nN5rFN;f{0P4mEvXtI4j^~(T?;mgV!QIRA6IuS
zn&E!J)4k`L!q^>YsXn>E!V14ddU`}^kkc=;OP!I8j)%?_59+|bbddhou!G9<1;|LF
zByD?)HZY_kj>r0R_$a$;aChO-W_VlkwI12baw`B7<vBQSSg<kl(I#7#RPy0sU|^U=
zyXWkhg2T}dTal~-3FU#hAAja(t`8Jz{&>pv@keyH;7*R&52vf&clfKE4AU?;6%Z}9
zj)z*2Xx!R$olnzvmS>5%Vr`CO#PO($IB(!^8MIh+WxVvBzN-1I_~8TbNTy`Kx>C}b
z?q{hkCi{k-u;|!YM%l_Bd4{(QT*$)FjHn5+k%;UFLSwS1;!qYMDL#$g869Vh`_O}$
z>p45B%yr9`dqS%a09=ZM`!v*U>-uw*E#KcEt4w;a_#3K_4Yj)mwG2U9TkrOks~#z7
z+Qnbs$(t!-ls`7;9WajoukAhgQU6}kWEbi>{iS`k*6W-tJrT0O8=81mh|ACzFC?(N
z{4<F&#16Z8xz&CR_T_vnmJD5|-k#=SA8vVTJMXs0Wk*G%ciF7(1B^9W^d{S=`-SV?
z>E1c?bUq!v0NHE>rKzirG!DDdE82=2TpCrlUrJu!6B~dw1zpc~K2D4_RjA+a;?y_B
zm^($rO<d0ICWEuii)wspgOFA$$uGM3@a`xw&8ufb>M^AxiHQ&x5SHzvyga5-jH0b%
zqsL1}acwXuA^k)t9-d!;b>^!OPO1rW!`_SEO?Av5C-{a<QfW<Dee>u_QxK9?c6Ffo
z7g}W-NXqN1_y;?JPSmNVw!MrUZh?SC&9-{i|A?{UcBXEm<+3BE{mK|}X)-rXf`N4`
zpZ}YJ3)W3D4WXK-w1XB5hZqAiQO8ErJwK{Mq-`oBeZ&*IOKl;NM!GB<9iHf+{wy>!
z5=g*Brpt9=UV2+GCfgSWwk~SI`J5ID9VYU!IMX--a4j#JcVPwMb|w>urn0msn|cJa
z-kbrjWjd#~zVOH(xO7#RjcG=rd+X2nLMkf#Aj@W{3vQR9d%^%$EP8nKruozYbTQ}#
zKQIMtbTf7HlyhRAnu}Z@Kzxxwa2(S?GX%d%VW;HchWT!1!EoB@zGOLn^tol*be8eL
z{s7N{<)FnxrIN5ctop93>wG=wJ-z&eVWrP1rHkDn?S86|Y{?6iv0`g%0bBSJ{!I?)
zFCeLBQ%e1-83Wh`450TKwQaGK{l52w@<GEinq8=b(SQP$?Hl6eB)#ye)ys7ZNJ*U;
zAT~1qYa=F+r(QJ?w`4lkB}_xaWsgPr8EQ?MvdnmNXy=k$GXVPlQA@f#PVpZIW3tf-
z%Z`gn&;9t=PTPuHx<FZ?n1gOrY_K1-FF>)KDI&=Tpx{EYko%Y>7ZG&3uO1Y5AwswZ
zh@cKIF&sehc78!cSI)50<Do|Ianx^1Id3QfZk6|u=d?p<!lPIGxZb(&mW-no0yDi^
zQEy(aS7h;J3mBbz1QC&#y<_|^^*U)$4xQGN&9}B~%H4@6@XfoCJisW+5U&+hyy;j}
zmB^=vJSqV2s++?u4I@tCA~Yyf=Nqw(wjTEUYIx;n0DEaLi915uz;4I7yOIO)($;T!
zxlp#ffea`=#-t)V2b_KPW~;Otz{a*&WY!L7Rfh5R49YhQ+dl~?IDK>Wq?}JgF7_7#
zz>R1gsL`7(FE1B&TjT()^4IIrP1EswMG?=F=MekF@a>5r)4QAVji%K)m)k4Hp%i}D
z8Izx%-;1H1Frq5!i5C+^;Qo^;!zG9v)eE&u+j6CYn&@o;19vhmPzTTf|EtDQZ9;3#
zs|v(HGze|6^PH=HpMEf3r*}itSk5?ic;s~fyU1X#JnZ0#<En66>NC;z;E!0hkmL|Q
zHM<um<zPo@K=#9kn3a9E<-aI7!d%0}mTuE|P5-1#c96yBYn|kSJQk2=+(rGeU-x{S
zjpNmkF)<ftcA@XLBk(}g){O9JVjoW3T7u@eK~dq~E!CTf9ttdpT<KppcV~=G^1rhf
zmW!z(Gv0Va)_T^S)jbWibBIZ)(~(GolycAw4w`n~r&_}i!*{mA(6Hf&_iCAB3!|=u
zoz4!E#p+d?IHz^K&5O~IINepI=sYg7??6o+xa^5x;Kf$M3#GX(&p3vjz`E-yoCOFN
zo;aA;8Qj|HGqMr~ud?oIBw*cLP)oDu7J(CPc+9zWNnp&_-GJ(6u+;&H1z{@%3uC#M
zYBAVz^@h8$9Eq7`4eds(dhB!RL59w@sl|2mDm{)(CLVaATifPhN<od|v+~}p&QcTg
zGZn*eN(M!>gl@T^_qE(fT>5<1bP^uF&UA2KzN8y4uUS3-zRT}FPh2GB+%<nvg<Fhj
zwVO=4&t>P)?svxn_<|>dI2iZoT>sgxs@t5-TF+TDrO|1V3Bfa-ueE-mpBNzYRrqD2
z-`*@Q5wJyN^;GxNi7KbLno%brbFj4}8PX4n*2w4m1(uW((5wwSXeIj%p-MkA5Dx~P
zWHe1@a$~noRya{+U`(Jmsi$32#`9<W#h?NSw}YkN>h-sPWGu~hG#B(~>ZkEouB>*O
zkEmQUbr`?|HQui#VL2PDAQx~F309$wV6;?Cfqm{q`TDEG*OGWZ>s8MUhgp9bcE-(F
z$B{Z?l_iYJ7T!Q%Di<YWef)-8*gl=&*Kzh~;Od2kaZ;%kiy<xGtK~;(8)W_hDC)e-
zQ%9@a!(la^rxt)Q8Ut_`2nM{S+yczfso0-$FGJ}3UI8xS;V@y>oey!6r!RePYJZFO
z<6sHd&VB}f=y@MYG&k~p2lW%BFf*xr!s`;b`b{5i4KP7wag40M4oi_8fnW6BWqaT%
zCwVC+i=gbf+sc;xOsMo()Z9w|Gs;JPbBYpRJ_b4=RhW59dK7>)goaBc)U%gT!{fi?
zGv`kbK|0cXbsWd!Ynk1J9c!M!W8Cs%W`KlUMWT!Q`)~?B97h>2wpm3F15|uKu#>co
z`=VWG^kthoSv7|C<u@TaUFWKrve{{gLR+=z@2<4Me(Bcy2Dc@eWqjMi8RA+4KDf7Y
zS^sA%G4+=plO<G8?@iNcNt}D2nQg~sj;4WXHp)%gEugfs&k(Q{2_O??oLbBD>z*Rl
zz1FY&?_076x%M8cIv{q7FQ9L4J`lF=%0`yz*O2Pf+X>#u8oi>ArgOd_qjWEX30QTo
zekRXCi`(YKLGt3E&1zNov|O;D&9zr%<s#}VDufH=8HXsOE)w=4W|?`o3ws4hKNqgz
z5E1rKXgz#p*JvXVai3OuJog0D>_@?@whs*+KCQGF)$D&PmtI|Vaj<A}gKA$hYScO#
zGH&pzxcY9E6akA7_U($M5szH8l)!Shsli!*wFOyMAJ|*&zOkix`Kc?xkiPt5N#eHD
zoE8AwpTe>Ch%5!K^X7+2`Q1JSrhfoHNPqhv(RsEivAH#pAr>_*>n|6eTgRL2FHFq#
zfifT%zhet?!f|iNb12a{URY~3nz|v1*t_FG%Kf19Y*Z<~g3bgor&WXFi@Xrr@8vs$
z*U$8<H+I~oZKA-lekC3+m}HIk0?;sFH%{k`A&X@oAX1t0JPp{ykD;;K2DCh04{gIL
zLPKNd*|j#00~5qykqNa&hWw>l=xmAcY>Rb`sG7BZ3Yned=X7NH@FwqX-lAb6$-qrU
z2eV&z$LU5Xv#Pb75;GxqRKchw5uPK}k_*D7H#ny5Ixm*qtcZ$O3~BRYnCWsL12KtI
zXi}iPN@T;O!lQ!X5Xa2te{z=$60W^=(KbYK?A_$SqIV>xng3|j*~PxNvj0-EJNE=P
zFLi~DO})qPvF?UPvM)9)RXOdB4Jm7IN=-EpeB87yIC}qeh7$=Y?6%1`wxaSZ8(*sA
zHufxjKZ_6c8L=~1R)%4z7AomATOQIXrwfclhFBwuA8Fe!Eg*j5Bn`z~^WfRx?2gpx
z;75m~ko7X{P5{<_e(3u9!cr=v!UgkUv%9b_`=xqCCCA=`M_%l)Twg=x9Si)cbm|@N
zV2?x!*~D5P9gNNe;_uYluF^0c!>it~F>uX}c1iVRruBU{viCs-0Q7Vyv9=z!%usF3
zHZuF&vC_4~MgXn{-WaT+*el`+|Ixgz@y@}O&TFH`%bj68W2Wf88p0|XOO^rQGM-cK
zEt*#MShYE}Xyc1)>7chxJl?rxVdKd>Ug;R;Ey>U23IVPqITJJ8zO0J}@rx+xs9@I}
zqdTa|m87?u%MKiUU(D@QJsu6uE3WX=sgks~5&)+J-Ez+Ei2Fh|wZ)rvtkh}9`xaR0
z_0qc#JF^bg419jX)@lHYLH^_5{{FEx8RlB6MKs?VH|S_PF)uUaq2H+)0|~pP0BQ`-
zgOL(f;(cjvwb1ZvzTP1MuyPJyN|FNt7PN3!&+)2HopAGGl)Bjh5OE|Em3thoX;;~@
z0^QqRtpRD-Eoy+AORm;8ZQ5$4jZvB*onj^oRqUB_=5nRan9tSC^!FRQSBsP%dA*OZ
zCd>5SqcO?wnjO(o{H{%qfabX^-e@=b<+<RA7u>tP%ag<X;jgy+Mo1|wsk5Pq$T83z
zI%En}--4G=i9u|ltlt-9n-s8ZalwkLCxZFFOOYA{N|frlZ9cL;w9tV@qvc6X_XChc
z$B=4JbU={L^@(vksDqPIxEF(he6mEJto3)U-EujNAG<zQKroJ6tC%3KGxP&7E9e(>
zoCZ*vx*qsgzceHG<H!3;D=|jtm+sQmrB;Df7_1i?8o#&<gX>CWj8?}<v|FtsQe0bE
zQ4dW+@F-UYs9tMT7!b-d=)LJS0Sr?zI0!lAR0%>$*~fvhfu`Tj*abR@WYal_tDe#j
zvVL`M-wv?)JPXsX;!~ppQG&4^A0TXB;8NgnA(;SK`As<Sg(wF*4bq0vkV}VItWe%m
zA#dc2#f%~o)typfqgNnBa#;t5V71BqjuNm>8O|FQg-)Al*Vq#Z+3G%r`iHPG_r5?l
z9!WdOF%EY=#uYrZTnh9&v7kWbCMJZ~+Zy7%Wzp4U#v|1x#gm)OYR+I}qo&1O9SER9
zcYI%@EO!UQ)UA5Lrg;hgMMuTI@3m^H*Li+cS%f`brS(`fCfmnSwt!MmtI6UjidX$Q
zp}R9&xnT~tXWMhAh!<x`ZS^9Bqp5(;p55d&A8?J9;Gv!E#`KPF$YPVdCaaQN&#%bf
zw}D`+JYf)m(;uo`uP1ZJ$yPN3T{48~!|rj<x*Vwi>&PejUz6qfaGcnabtHwpm^-ZN
zNkk9Yb*isVYKY0VfJUIbJr&VQRZx4_@=V!#rpeW&M#2LuY%!V<YKVOw8AS!jetieH
z&dRc8hb*?1+q2TOCf>FC(NN^82ti_Jw7xUQuBRJv?{5u#m`HSw6EdZGxA)%1ezA$d
zb!VEmSrTj6@)odx#k}s<C>VQf3l^_h4hV^ap0Q56%LOq}oLvxoF;uXfP@rI6@4do|
zt5hFZ_Pe{uHcJ^#X4p>>Z=bA@SKFJfp;9p~tv0#`2@o|)$?pv3!O}K;y!t(1+CYp>
z{Atg@8b7JuBT-Gupvk2Zqgz$KNugZ;y%ik?`n6!NO2+mhu*X*EC#pY%wFr6KJhzBg
z)U9#L*j8h?D#d^Ze-Ldm%j&LT0TSCgJi8~%pSFaJI{x7g>uC!Rp0x6}vhiSybc=TT
z?1uO@yVlY1kMo3m=htg;Arp~}p$r>)pX1=;`2P215-)r5WqB1l`&^d<)?-mpg@agg
zMKg=^^NiLd6XUL{Us|EEcv&~IjC-Pfzlho;u2K$gi`ESiN)-xpi@oC<?7ypBu5Gj>
z3O3c(*1Gr++1)lh?~+yo=jFCRr3(iaXrG^)e66pq*J-=zQtC^()Dop2%~ei`Wk~iT
zS$*G!QMA@O*w<l6>36+OmaqJ*>*E?AnN{F;hk<>!_{#+r<f0VphG1mU1k_$6FTLF4
zmn7OlbJ96?Y1H$#xXC3=FoN-Df~B8C82|3W+?w<K99q)PVo*w~N-Y(n&ImIBJbNZQ
zRsx?3Oq9Lc_d`vYRl~B8PuPX+x~VBv>g<=^1lkDWBod{f<{SFok*K7GW~Kj<=uZ{0
z3H~urlw(wt3lK5sy~0;$L|ibsJXgca#9lz_oKh%f0SceRknU$JhR@BH_JN<yQxy%E
z&3N8Tr1wdDIr-ghiWWfJ3y`P?t3a4hzBZ<3#m3~kPJy9y(aFO8Ro6b4bX2xWEsZJW
zzxB;1SAfl%vfH0ujM^9d?Daz@>aRja7273$j0j5=nGCNeuwXoDm{lazFT$X=TD`ar
zgIla!Esnb*#qV3OUZ`dTJq_}Q9?Kvr%_q<(%qC?gNbP?4Zz*KTG`OsXH%4Ru4Rg-9
z&h)T|b{UvzvVbX`bgl^jAt{O>E3!)`&hfg-Grj~wWBNknO}AX#SiZF{;qMF;%kSJ3
z)J4XoxTrVy0;oii8^aMn(F|=a+v5!`OZa8JX-0w6qZYW7CP6rm&4H@&2_Vtfn-BI9
zWXrV)neIzu4WPbU-I}ivo_1J_=1~kTiU9J`>b&n3%U#X20xS}T!^-)#YKb=9cRO_=
zURM}GwsVn<N~F)Ed)}IPJa@B)M^BY#CKstjQ;U9{vPm?(|2n5#YnDk~MU*V!%5Xs^
z70$!^n|-Df>P7g-`wdRHK{a)=kVAK{>uwaU#r<^h1jdOf#}j&4y2B-nh7++O<9yzN
zXTKLM!}TaVZzjf)d2vU=b!3!``>yr|SqWGv%U0L*4Y9N@d|M8#?bqg<nJb;9p6<cx
ziEL)dh^w0P=S|B)=ScXDX06A~Q}-^dJVf7RZ>_|x7xJ37ai9iq9Cqn-4uh%FD>GOz
ztj~1(p*eKu%)~SHo1wk(Dh(%4yZC_XYHvW1lL*#mCz0)64o^7^S^Fma-8J8;%&@%;
zCpXw+VA7f)bti&zn_+W77N7&;?anw5!{4TPljt|QxX`9$N>P&xOhcKZ{4tmRxkKW}
zM7-dvG9DJ=Nax3&<F|kwz2+l`Yjd0Jc*a2Po#T-8r7xXTT(ev|;zg96$;1oG;B;%X
z3?bkopG-nH^)3YN!z+aS?h05)hYg>>>{F`rZQsuaaq;o2R~gZG_yNrp1G9QqN_cCO
zf}aB8nAQ5n!a9Rhl+<%H6h)!TK$YDTKpN7vlaze^$S$<DCMz{rtRoA3)Upa!5Bxcs
zTb;n;J|fMZxDth%DGX3k1!|^<EANo_9Y3c4U%$l@94db5My%WLm-1@aAJZ<91<jw5
z4kvuEuNX@fvv^ABz7vxnKAmF_&@@~B@DJsOVwUTAS(w}K^Hxa~1Bk#)6m{5wY`Ez`
zc!G(mgUQKN4nw6)uHVFli0g5<r~Qx*xkkCVXy=e<k?Lam;vBCO3|i6ybsX~2hUV97
z3`xVIGk9(H-VEtAk|H)aI^?R@0fDa9x;?^#%HeH0HOJj5p|gzp0m|kE+y2vuT$Svy
zyjOXgM$4bF8Y;UIOk(eFVD+{93-URN$WEv0YxRbceq6tYXKw<JMXKnKLl-_{gwC5`
zxCU*+T0N>~Nq#nGq2FhpL)>5xnhhxVY0f`?np3xJL^q05@{RKK^KmUwtRqCecenk5
zpu;eUQ(HU-U6+Upar0U&7OjZ3M^8@V1TT4CVyPF(KU4AU^Rcd{$TYT|Xc(#FAe(Te
zL$CMV>Y5sXXw()er#uBN)Z+3w-(!vvKm(d|rPCn8fKbM6`bM|@6MK{dR))Ac6mW%^
z^^|8+F)jJmg9QycaS5e)-4@8r1`}aJ^x)5@c1_&tX35;B1!cv$buYx+wt|DO6HVvF
z6Z#VP@#i7i^k1to$!DjcjS~cf%k+bG5(bQKdlXGd!%Y?;FOy%o)6Uo1e=!cYF`lh7
zt_rSe3RMf&%w#biOq4}N(;V5XN|Q_2vIK{9lzu4S!y8oW==NPZqK#+MrKQn@5IxM3
zi@9+G<2l5LMd>1%{ONDbcEW%@VJa(;>tvK58#O`%V=&&U{nP|rm%e{Qw;_F)LQm>G
z2@@DgP+E>$r@&AEh~W$9rhY0G30t-eOvq}o_E}<uL0B~3)@=0yJ!u&D+-{P3M*0d~
z@;zCil)3uu1BP#tt8^3)tJ=@w08K3<N}A=bV@CFW<vOC)5|2r`%z}sX8Xl9B%t#AU
zBy$j<F4S5RISXfbilP4M=VLjR&3Yt5@U+vEB+42gpPLiks-Ko<^(+60YF{s((;2<l
za3W#z<zA0i<2UyBibz!&Z=>O#D&+iL96vu+SfE*5<gc&X6}3ni&*%4B!HX%Nk<?K_
zDtbo4P}~i|dZ?YA$>oxMF?T>*%6sPQx4ljqG@Hk9g)0l|B^a9?9r^jHi+Q`V%f|_i
zD3!5rDHSN6^BLY`FN(XZ#*?#+%$6=SjNp8>{st`c&x|2>;bU<6H85r2Xfnf^Yfyfj
zLFBFu2dIf0Hk!dpHzUf55+Bpgl_&zkr-r8g;LktIG%q*AQa5lGh!vQf{>MouQMkbB
z1M9p;Q3|RrrQF4P4)$J_!O=Tvf_IPkIi;mW@}0iDG9J(|pYE4T9eng?5U@2jJo++I
za64FOzKa&-PU^fd+_NX@BV~!{w!akIEsxh5E+78s!u?`|?~tWNLI66HhDtIW#Q$R`
z0wwX<>DQ|~rPm5FBTesrJAIbU8+NUC?pb5x0O5{d#6n68>YlP`l^X4IFneCrVma`D
z|A8`_-CWYK?APJbh(TWUKV6p{suSj~k*L4AQSb=FslCAstZ-mF+nISP_*1B7UFqIx
zq74%bpFC`Oc-{!rA(vVr@F&CgeBCDi$!-B;`A^nm2_Uv(s(Ut)w(|`n!>JJIQCi>L
zV01-xxo{)eps!D`!#EGvE^63Fxl$ucWR*;M`6Q$LCPT-7q@Aj2z&RFH4>$)bKKII}
zU2pNk@S+>xz?>$ahx4rzK@r3RNQuY51w-K;w4V)L-sBl9%2{zjifU%7Jx@1Mi>gL4
zMI%1((IyMK=ZHdVwKDyEbi-<zs0k9e4GpGu!^pX!s^XwIM*SKLpqM;6<VdoVcQ8om
z^jF>}`B1t54QDexG&6&0EZ@^~FYb#?4W-~%p{w_YAMc*F;qK-t{D|F>`b2z^#1h7|
zJDnn-M!g6;fS>Ggrwjqd*M$1-9~*wYcW<t_2r#JuPATm++wYO9n?@@ukF4gaNrGdt
z0()(QvzPlEwOM_i7~1GHd$LRC<vO0n(rI$*89@sM%_N%N1wON+^301DW|@l_hiX)g
zOCJ3oo=3BPUpsa%hUT_2*&iygWV`N>1>mQ0!5JcsUuVDAXpAT@mdZy_KJ%Rts7k8+
z!OrXP8?2o6a&V}nT(=D+4jK)s?35YC6}f;Bf1^I+_g9rrZ<(Jnm`;I&evS3x5Z`AT
z9F|X-V;-li<f_%HRjhSYPCK@O>Ci1D=iP0vQw@a(ecR^s$Fe-w95#SpBc%&ru1miQ
zd`<m?4D0jsO|C-NK&-Fc7rYJn4Un$iggrH(pQh;k1$2-I*u6mcsmK`f?Gpn-c1EL~
zDynpj(ijq8u5YiXFgwhD$7LglTtyEUF@aBKY#5<EF@(*#mh>1I^0}j3L|EyySc&4%
zihMe_uwQ7vw9%~i9_JWB-9W`><b<Z%`Q?7L#qp)v!8~V|6&05Owm{4r&3ro<vss7B
z$(7@&F(aO?hY6rvW=9@+l<U`%rU^N8g~c%sA=wu;VxO!>+DyF_<h46-DP685(F#C)
zz93|~>`$&f<|DD2$~!JFE%9BOH1m}n#5VY$PHDEyJOJaM*XdCP@A_hcCzWQY0s2D+
zJwH{K6Zi;<J(fO%j&Br3ekLQ2w<1?5g?F$RuJq{3k+?fn^MxY0-)m7mYRj0z-lj5m
zrQf*|V7H`6x~(vo8R0x?cA5L#Y%%3zyFh>axG$Sk07u-cgWr8jBVEFE0Ebp2bX^<;
zv>8;biE~;|GD9$e|5M?{Sh(D@DBidCq(H=Z37=4dyB*uI(s4pe6fzRRj<+ZE++07{
zR9<xr@M&&*Es)|S?RrgxJ}kbjO|#HSR-~HVvx*u5KHecY{a(C?eu<brFPUw2rn;>#
zh<!Bcxcv{Q335cgfsoBSwCzXN$3@0NkKxn#qLu89yin72`34$>8NrH(m0tvp!>U4K
zj|3<m&D<5l<aJ;YJ#v%nGK`b#xUS~7v+wizc9v)Sop7UDY_IvYLSH@~MD<9k0ug=|
zLTtZh<Jro~o%n?Z_X4<(3uH;5gGQ+sZ0X4w?h)lghbxxkIHN;WXo_^14qIOlL-65l
z47R1xWn*Eqgs*)2Cyd=Z{(Sd7iK)WosoYwiI2|g(P?ou+#5|_teNU~n=5)|D;5L*x
zt^OLf4&2|RePEiQBW&M{D>%a$6AU(=V*yjMnCWl<AgViL<h~K|2#SghDrFxW@^hK`
zIb~AAwYrkyJIetHMdiQ?Oh<6<(~*QbTaHHf>V?oWPn*m{zr;xJq7|tnfkkI_ysj$H
z>XqyX9hTtqJwB0*sB*ug1tt0UN95Pb+D^Qv%9yEmveLJTun^xuv+U@WZHSg#6g#i_
zw61%)<d#hh2MQFcU7mi#OanvoM};W+$uCDeOaoBaCC3LJQ8*kNfvRGHPJM+l0o~Jq
z{~VF`SsAu0)iFB>L<q?+Z0jP=i9kny`N#yB9Id5*CkhKD3(-}Wit~>Gn9V*BBYxE^
z@hDt41Q8x@o;AzXUSkP9z7+-Pdz65)nDDjt+a140-WU6PZd=(nI5D)MT&~NE7hpl5
zw@5k>PpsV@zl>I=k8-HOO!usW+qh;Nl_^pZW=mSarj!&i{oz-|Kp}q~e?CjlMpMbK
z4g?*RuX10ewOwi>k^kK^&oXm@M}fbDv35xry}D8rhk=)LFCjwUT|e01IHL-RtKvrb
zUj(Ip`7P+Mj|!`3xxe;f-hYgw?Q*@K^Jxn8MMHiF&KoucEeUK~>Xm|99Rs!<5+tqi
zwjCgcv%#!2mPQ#?DADg_9QqnS&{6SxZc)FrhR6W!WU98I2ww_^>gp_niq?hW-l3K0
zo{h|zWn18Wr${NfVV;r1{Hss@EPW`XrB{w~`+P@>eA}h-0n2fzvY@q=zi23CTPN+c
zp4C1*QW3VX;Ix-Dr!|gNO+%LoIHVZP;?yL0`CWYCLyzo>3RGz{(19C^cvnS~keAq6
z);-#*18D17*H?mX_4?CHe6BxAFD1A|Ho^49!FJx%?Um%in}I4Gyws{)7786YSj+;K
zqNuzZ4m5+NgXZ<P9CY<B2jdv%scwWwOnoQw$?Pq{Q8Ug=En^%+H;hk>n{_SGSuFIy
z^8EX2tRaYe+ozJ!Yf2I1s1!`7uYZ)4*5G=&YpLQ9X#_Uk$|_K40KKp7ZRzVmQrORT
z52#C>HwSrqV4vx98n-<IqpF_Ezmbzy)XhBM=hl)ar@Ufj4|J_&uCP;rkaf?Uh+OmH
z>+o-Wj+4axwB%|e799iRrlmET&HD8-!TQ3R&CEb0f@@esLW|tHb=IY4VlU>~F4w@B
z^N1hZe<`xsw-B+goh<RvH!W_4(^iC1$Q~|H)-GPEGQ+j+*G%i4RjTMks4<P9gK!<@
z6BCh2K*aYa4wu7Qwzf8x3Tym8<Ggr-4m6i@B0`a_3lN^6JbF+@qSGoX6;1uVSVold
z;GA|ezi-`H29)$Id@$@qTcFwo(7yKa$yamz@!DpIJIB(98tW02n5;PW=N6+W;dnG+
z&!o{3pGu#sX{}l_KgZe69;~{hc3CvAXD);9Se%5#HRjVWZpPHKxDIXa8AU$X@CHlZ
zmp1d$^ebV>Q$6jpiEj41SEMFQQqpzWV9KEu|7|^(ws9N9YY9${?@aHEC3Psg++UpV
zQ3zJklT{Qejf$7MkNZW7EdHBc*~}PJw2YYe*UUAV;1E6?xiI$W;)<MMMshggz7;Vj
z$+SsRDztGle3<6Naqv4<*AJH#(<7yd>55kS^se#*%i^B6a->0s5{bXpU1+CAz;Wjh
zf5yMD=&F{rz4c9Ry=qpX6ajGsU~xyan0w3!XaOCvsR3|E?0YQ;ltrW&fGnRJ%8-=X
zvq&0lz>*ET)ID?*Sf7&_Jf(g}GSA?zC2olc1V`Du<I)i=+HGHS6ql3=ZY6X2$8@GN
zf}1nR`4F<pC2bFaW!@os-aUEtp**)TO=9fp@RQB)fn)LMsV<c-=B8zbBvGqTE5tJ7
zjAXH*PoCFUnOOW}BB>cBnkI}_|EiM|pP>n^v~f8&zgj4}yUp?xk(^#`y(mh5Y>EC{
zWy44PBO5VL?@jbCccHPIvA_ISba3n}(Qe00<}HogQoCh&`|vrU70;G3Cch@AnGAnM
zC(nL=l#vyL0J}3=M$DpG5-_cen4%Ab;6-JXI`>B>?8YWB7P6Qy(FQC;G>a@5N&4Rl
z0FnuptFygyvVaOLPRBd{u|?7>b`I_eat8SEf#p4D2|ia`rP$|h`?M&GMS1%*Qju4w
zc?Tz(b+Y$FOgQq1GwR2kJ^wp4i2c%6Y%;Ea4voNy6>61W29OqzOlL&Tu*(<KCyvk|
zndAjd+(;@!8NsGq8N0FYE;`4JRMJiuz<X|jlK3sCNnH%y-{1CA!DA{7-EIUW8@sYL
zaBy(tl5swGPRuSmkB$ZJafK@GAG?-5$YeRT(l`)ivpyy)G+>ZxH6R%$|NhpWF6)C_
zsT1;hilbogvo;yE_N&_rqD5Y_=~oMQhX<$94J2@Aqxa9M5wuYJDzI=Kqb%_NCbc6`
zj?+o-Vmvn6TRb7l@L^}^rw8^Uq}@c&=dAutVSP7?jPu86Fgk&13&`~CG1rH{E5}9W
zZ6zbiS3N>*d}j0YMF+q4z}&DqRZxIR4{=|&T{K*1u>ol>Di^nbTJZqJWK;RnRyyF<
zjl)0=#oTdRxVdwg`r$oEGir1J0yPPHEY)1Dji;}*hYa>23J$oqG&!(h!ohV#or?|4
zammC##z4V+g@L5%{Y4HveFJ`YNLx0i;9s-~e!<HxO>L9KR~?R><i1|8NQ>E9cEGq{
zN`6AKhEBGagZrLh>u#PDFfU#Qz0p~kdU1D&h=$p83COt4yy+Un>tw1&a^qfdWKTm#
zl5XS&vxRh_|BQ_ZoA<-EL?_*(MNJ9R<Nyay1Y&PWelLNkQYua|a%Sy;4dh7!XAT<@
z9NwK?FO~`AAMB5JNazpOY<oe*swCM-&SiY{riifIVkgP-_V`5N=K&$$AbtyetK;>o
zZj`;trmF<yGAx;7bthCiMBcDr$uC!QBoh?5DYmLFp#Y#cNWv<M!EXZP89DgSR()D@
zRQD7l2abw@*p;r)1KEwopC)z1vyadPm4JSoY}V#lT1QsaexWG#h^%6!+4R>VZ~{i7
zeogGScdiTUnTCL<2p_cRMUMex*`%)picz0|=2nLSqlsGY$sgVle}+K=l=|S&IdGze
zt+l3mZu=8SV|gQu|A4o;^ZLZmLWg4d7D=Q1^J>-9&qqL5KtSWhUL4`o9>_jnGN&K5
zz&6Pl2@sVnX%Ib*%?*w(d4jd&ubpiRP6MC1>ojwGi3GbspALn^pr*+`VO{7w2$Ap8
z4qHz7cCqnlhG;->qDP}hRUhPD;_s;6Em!+g6}pf`p~bF@@SaTcbE9({Ky*k(Rp=gB
zeE6XJysMxcdsC3h8rs*9AY};qnrxpC_7ZyF;Qt}HE1{-*gf9yFAn%=P&rd3<OJhu}
zuD1<`U$s&1H;osX2@S8LzC_X^<hjrcUOBDF4MIG9l9>4qduDl#3oOHGmRoi==G)ja
zYgM#IW6Ah}+EoymV))rF5BLjPH1Hug`uFy5)&bKIyP2OaH(&PLu;V|Of999XsM!z<
zb7((62Y|VBhNcwM@MqvVt{%?I{a*)_{$x2l1ywS%dcUji@fO+)Asvd{ZOiMn&8OFf
zS2gRV9!fsQ!;!L!R{p4~`FkNL$T7`1fS+XNlvO{FUDypa)pgHe@pEczMD|}zgk?2b
z<G?TH&*7KLC+<s8%nOOW&*y7eI7bke`>}P3{&C>DU5OzIEjFK}?aEnkT7Oz-E7dV@
z)#;lh+%yPBBd1akZ8?wQgcFgaRJ*P6g5U9)B0TV%!>&akv9r$CTU>juO&;~Vfgbbd
zI018d?rmJ<%#TLR#m!cN-3kew1-B5lP@%A{gs-uNF43cYi}(vb^*`3Etv2k8f4vFY
zagdIC`bBT1QuVO;0{C*6bb&JpJ>_Dt()H%lbNLfOd?K{s&fzqo-nT!)nl;>sdtoNh
zd9eXjyOEmbYu0X8|G;H})W$y!@*G;3kh)-{Uuuc+_(vE_XS4dr-|0(?rTSt`PDA-$
zFFEBry)f~2;KmB3+Akb&`hVKM2D*DxS$=|}0!YdsUy6a-cAV<1ef~7(G-l1hx-s?%
zdUw11J|yQR033iGE!DqmJHLK$jiK!TOxRF%kPfC$vf%u`AjZW2H~Rn;WViT8RoA)0
zjY!<TgvLwv2Kg0)vOf(;`QOhSWbKs#reL7i@$b)(^<wi(^Uq1j9f2m!zc9ypd&}P3
zI-vRPUw3f()ZIQ{X-5%orPO&k2a)nbAfhH2l;1b|-M`>s13magbNcTll^nc@`D4$%
zR~!kKwekM|=n8<tsmZ?t39vkcx&((yj^5t=RB8Ye%r}(J>S98*v^<3W{q50-ZTojE
ze?Gq`)vHrwwI73}^_MMq>EK$c<o^(9Qwmlw4P<}vBSs4=|3$iM6cH@9>wI~8ZKS$s
zj1e%_H31fFld*ZA|MTA`T;8F@1ln>=u`~cB@Z!5GH+TNqgr@)kp!Izl2a3>?-Rh#m
zK-W}o7}bTnBjU8k5LEiGxIl+_>ODe}wCgzG!oBb1GjiY_(x`XUuv!{1nx$uNVkT7u
z|MTZB)f^%C&tvkyuCTD?$lZI}`Qt{Z*kIi5i<adBzsc3tBJPa`S`;bKD(v>D2fpo_
z_f{f*9>@DREs5%C0wt^OIDJAAKEU=11@0cp1*OCmYvgc9-W>VnE2q4D^YgOo((t7t
z9bh%RyDfXkwYVGU5EdC3sb7!W+Pq+nR4SF~cFORBaM;^=VBall&k3xZMgUA_9#X31
zj2QUxL5-3gcR8F#h}&I)3bs#{)h?dto#xq4zvwut>81zNCU<C=VfTYw_j~HVpd<C+
zWN^uJ_<<`|nJ+j5SrYANC#Jl-zp%eK5`jujwFKR~S=_nu9x3cze~48DSxz_?jn+OW
zc-pmc90>FoIzl+--0W?eAhwC#38OR@{;Yqd-962p<HP!!MxYJW;iLyL<MLOvIeR?k
zdo+N`)YGCfaopK_NDqJw+(R`_Sg^H(b^w^7DK0<Ne5)D2L~nw0*DDDNam*Z&Cavd4
z4GuEhH7=XfH`dOAd+bCoCTh_Z_YYMkT4Ue`PP{Mi+<@-OfB<y-wZ89+g|;|@E~Dw9
z0f4b9<;d3Z2FB^W&_eOB(CEDJChD8WOu2!~Xa9eqX(hh`n4%Qddvad?=UJ<EKHfvN
zVt<EMMD)U#^ujzQ6<oJoeFs_GXxa}ctMRQ`RP$b0+Bm5YOLOzto^>J$epV|QXlw`4
zBMnBfj})3uAWOD;Tn}9A(&npUo7ZLh-Km>v4=NI4j%~e!RMKMLqg;mxF)D-5O^rW;
zaIj&OWEFQmO)>Lf$@)m+|KaMb!=h@Vwr`Q{?ilIrZs{(SE@_bNo)M%Q=@J0}l?Le&
z7(lwaySrh4cXNNw@qEYo{te6wv#)(!d#!bzzf;+H^SSZWi}c8Q*%#RufXrO=6P~VL
zJljx#wqsb+;=5v4Z=7c<;Q)CmxA{IG&IE`y=p3ePF+fR8Dm8FfVccwu1W!T2waDKW
z-Wly%4PPudv)2p%=hGBRwnX53DKAIbV7wihaT5VR>*0ro!}^r|ZNVk|l3ra_wgI(E
zgnLPGMx<*V4s9kw&`iJa&z&o1A<Rr)9_t4RGF%<ZNIgq{5XjW#y|N<J<4Elo8NmjW
z5&U*8eS8l7ys?^CJ(hi^s^Pvo6>DAL8-P*{rNN6*g_xr=H8zV2m;kDhNy4$FvG<<Q
zDpZ+0`X!|{!v+_q()<A}%FE3$nSE4`@=&Fq-B6uNpT=p*Eyzx~oa%jZyrfrS9ouMU
z*X3%esK^9#T%+B0C>96>k0du}3P)_H3glyX1bUCsIUHYKY(CI&3tG?x&~-|8aoJxx
zsOCy6B~LJC(Y8HDS=>YG`kvo`>MacFV9+{HnqVP^xBK8qSglpQS~jnDxgBfKo$iu}
zaF0wFM#orzg4(<)s|X9(!wm@MIZw!AHvwp=km9@FWcAd=3OFrBB+@Emat8rda&l>C
zjAM*p>_zUMa#CA#s{EyX`4LCl|4JSZ(kHMR>co(7V@UpZKr#)uCtVJ>80y{DGCMAS
z%jUI-L#el$1=LhJrFuax@y&6Kfz5S#t>*M~4$CnBE!J!;Uv9R|ol!oXJQ|4J__!Uj
zmoDJR5(g3m1~$azbtF^zHP#k0<x9JBHH-kuDjv9x$YuNiCGUHVVc9x|x$%hgGQ;{z
zkL@V4Cbz99ZUz8us#kB#&!CzeVf=7yF)@9VF5ym8=QI~XxlnK36GLkKy$bRSe!mT{
zrqhFvF03;I9p^32Hx8L63eqj_F+{;IpZB_GJ3#615fD}adP@o~rJU{IOhCJtYOyrW
zKidq!28=YpSN6IVJ9TA3Z1Rpd5voO^kYh0l2_KY&I;SpQ+!fI}N5P)>tM8|^G<Bx!
zV8Dbf=5&h;MVkR~95z;$1NEvuQe!DEO_zJca61!KQk3Xc2*7jRFC8?z7;Baac4wXS
zZ6ScRg+=AAz>;T$1jh`I+G?)Si|{v)?t!NLdwsE61tlJ(ceMjvYjr2!Uj{9?aw=O;
z*@E{QgMHV1sO#m?6u#uM(JNl-p+t%KdA%Eqr83x{PU&+_Twp-GQ%(ZV9kM8i;oU<u
zXJr2Ev>ekj6-``eeuhUO3Vu!fuKqV6OTNP#T7%DB{vmM?3A4a53VW1DR(-Nee?S)g
zN!C|^iv%661@19HTrw|s^7_)=?J`juQZ>jtl}09aA_IS7t~x~#>zQ)}Q7=h7lG-r1
z7%Pp_xbwF*tLyosT@5FTGPErwa91^Iuoqg3%2Ph6zh9^5u>I@(j?31$72hXKkhtHq
zl%7wz?AP;*N>yruPeUzqYLN<%Ii3ffY+8LRBAq9-Z$fYxyw;uj+9jlOf1HyMjNe!!
zgLt1Je7}MwqT}K`)+08axBUsM7k;%%os&(rgWRkJVr6)UDvyi)<lqmxsv9w;)|gMf
zoO_&ZUctxCgyo#{8eak=iKT9+T2Fh(E24eagSlzt&BtJJG|Dz>y&#C}?+?GIqDgf{
zqW%H|U^4(KEI+B$QjP~lh_f0$_nu*6_o+3V$4tz6IGZ`xQ!KUAAau@LvEE@J*t0}8
zf?6+Vh=zz!Ei*<2u-+fU8SAw;2wO+tZ01-->7vP^$x*$<VoN6qW$Wg6^c76WkN1v;
zuQ2UdrZnUNuUp1s2@uQlsCMYLN1wL4!6o&^{RL)fYQ{i_kNr3`!9uj`hl_G%MD9?Q
ziLKSoHTCc1jNHT0);)or1McOeTKlx5xQJn^cguv)+ZNN=cDv%0#8{L|;Xg;;I3!kA
z7&IZUrgADMx}a<W^fF;yYx5U@gXbl}bcKP1_0No*z9dGqZ(>;R$XI;7NG3Oe(w-$K
zGt}@%=9=wKvvt1cag@SQ00$*%ESB4Gm>gb=NUV_=yu_IQvX6*k4Wkj;zbtCyJwn>*
zO@@4{tk?V1E6jYQT0|?52Sl_~mhg$R3L4pUPQ#{GS%RgV+4}Djg;nG|_Li`5wGv6h
z8#vu;hGLxC9;tY@*@(zFco^RyR7U(F4|);;AEK0-w6fJPLrYCtT$U&Ak|PA>rREWr
z|A@P+er{AErxqynpV6U7aQ}F)O)2Dh{$}{W7{`?%m__>j`5%*#C{B%h{9la~tIp5V
zw6aDI9rfn?Kw3F|^YuvwfIh_a(LR*Z;~LJMi+^tp0j65v_A?wRi<<h9(O(|0qi|YS
zq}h==o~VWVVI){5D?!maoXXAJA0L)6Z-2SyeE5A79oVa`v>Y^UtrhXr&q$;V#HgOz
z)5x0Ux_K&bL7)?oJaEzp(B%RKXJ;?K#d0vDjq@pc^XK@;zY<OkPKqu#J+Y*b6m!+)
zqY+~bZrc4gt}^qFeAg=E*{wcvi%boqgmG_#CF3YWgMfL*#(j!AiJ$|{c=01vL62%L
zzg>wqP3aA#NR(!ryOU8GPfk|{{DaG0r_y4=IRf(C#^ze9P~bB5jz-SkJ=%vg5Jl9-
zsyr<*O`6W)I8b<Y29H_aS1Tdc^<=v&9Nfp~?GgDRHc9jCe0sNUr;(*4LILY^SpW34
zGuwAinW*WQaEjF_I`SToaaJLyT@P1(NA$rR9f9F4+vCFTZ$=Yd-Ks2r#9VL`3MGQ1
zsNLH1*I2f=c3u|AliIN}ak+$q-D=V{<>jF`%97tDS54VT`wdnUAxAKxJ5j!QsIt%1
zly0nTAO-NyjMq(J^G5i+(peLrc&B~MY25O8?meSLZxLoXw<lU^w2P?AE!T9EqG6MD
z4oU9gY`wpzfU^;&tAH7xbDFJm<xMR!`r=u=ImmQE=Pr<#9~Y0c&=H!$Zv`fBRP_fy
z+(o4}>J&Zsjl5h=ow6|*V(49rs=dSF4=%@-uBy3wM55luT=6@ayRLO9doFMP&gr0i
zaN^XjhN9?A$HS9scL`nYh?Wv$9?Vn-)^u3NHmE24NgetYni5U)@fel?xBzejoEKg_
z4-i)d4t**$-9y<Zpb@Z%v^8!Gpikw{vy?sP6uyXgTS#Ip?u((<i;B;X?sv3UM;R^G
za6H$Dj=nwA+v7<N)#HFV&3zM`i5&2@)dxozi~a++GeGIkJM>a=j1({$-NAiV3_&vP
z{x-xq+M;Dlz+y~Q%n`|iAB0ay$g);YX}3YPIhX<u9~Ms(L>PvT>}|2%F!t};Bcp0o
zt>!+%FE^bJ>lC7XB%YsUpqG2^yO$|t=6DK6i@h~)y~D=<1o{OZj`Q+#i7qyfbu9zH
z>0CaZfG-c1kw_u`Uai~@X%;zfPyX78UV4ZlNhGDj4Mhhtj+K6*4|rZKzHR)d#b#88
zp!R#3pvn-XmTXc!60e)f2})qpxEfyPNcP>R5$#>veY&U(5)nswcvG!?fqd=$?r1r!
zI)!-TR<zD{{m1*C+O-s9{I+3~3pW;<w{W-T4>yU|z1g-aHIh!ZrU?Sk@_K(gF>F^b
zQhraro$#X6T(9r6<=m3+UFTzn%ZlNlA5dx}|M>T_iFxyMp4J2rlTJQ?avF0qV4g5v
zSr-4PU&hl0gSl_s6-LZX-OV=I@n;H_e(Bf#ov&4sD&%sCQ+}HxS5a=PmG7aS%x(%N
zgM2N0XC8Xm_mG?ap>f`vm-xF3uPJW3#VTi==QOm6Nw-QwnSe9yzLwQuYnxrjdz)@w
zx8ieCTkM))2~s~0sA%U-{6^8i_D^FMPUs$f53OMs#!p5oj`!tazjc1cY#j(#thHqP
zOTSYXG^oSV<;;;gp<4REwx#vQmiv$M%yJC-ZU1Njkg8myN}9}}PZUi&)G^x;sP)EP
zs#L$0NNt`^;h-+3%Km}jkNp&eHr<hcqo~<)o`u^qK<_U;UOD{l86L<G*xLFcxblRc
zmRaBZqwoD_fr9rY(Z+O%zjrdb7LvrTcUf~f5-fwK@l7s;iN&8S#Fh!a|120aYW89W
zO774=(fa7q`55tLFEVPM)ln%5abGm#II1pRfO!YG4{1E`U*AMk-7e^=*)hMmj|GH(
znHfWt^T2Ga7ceReVz7qN%{96g&uNS)b1RJv!eN1$oBaB)4|Ldj*XdQN0!P4y;vNLi
zM4Vk?Umjc!N8w8KswjXHkJoA|hJE6@tC>l_<!oCnlvEq-?R0cJA#Wg>U6kx_O!YUm
znRk7Vn>b1#I#00{NIlA~F+hvPNo6aXT?|Y5x-&OXTxpDO@wHH;QVyfAouqo`-AEzL
zTV_>_0dO6ujl1wibIJ?}n@Z+54aFtSd*i=rGT}qu>6^c8kK3+HQHIk&R(TCOOP_jl
z|F3(I$*3To76+d)=I1Eu?tB#?S|o`u^J5JvZKvmBllISdg|C0l{0s_Ih^LK;uV2RK
zO|30S;I#qM8f6@+UD!JE4d+Tmqiqf3s~x1Ki&){cJu<Mf=rGwJ*aNn|A+^EIQ1p#7
zQ!wt>Jdtqq&fDB?frByjP0np{@lKCiE-ucN!<qO?eps@$E)jdrUxF*lRCB5ReG?FG
zy4s7UEmjBU%!`d^W~cw80Am@SG7(370Wwy;(VR4($0HBJq@?$<;y@#WA$CU*$Q5Hz
zCej*mVC+hg*z1;dox(kiH3qs{4kl1OKEy)jV^tC^c0ig<Zj=u5fv*zR;EL4Eo^(fB
z4D4_{^|?I`={!yr;TkOiuP60)IbYwD#J9_aPro3I1Na;?i4oC>yJk_7Mt`{z+ZAM|
z^IM1@Vedu{l0sxF;AE=oN1P_{J75DEb8?fl3i8bFD@<CsT_;^EM=oibyiQ{GfWqOS
z$dhEU6@481jR-z0F0HE9DVhD<t1?lKu4#6|Gy8J3pV~7sV)uscV62nB!*fLI^4|`t
zGU?aR$YYbUnN{bz4K+2e?Yy#?b(WX^7=|*Vx;K%5{pp<lhbj7|%urY?x7E0<<<K|8
znzXWx7$y7!Mnm<>JzkW8Fl@PFin*ANIouWu)s_Q60!O0e^Mk@d9v{<i%YDIv;S8}^
z>oe=2l|FkcgP8)jrUB>F`%`6%UJzjp<5muvWWM4?u9qIujk5=&*<~xHByGgd=U_==
ztk%$b&&U7cZh{okl_6@&`W0Hs`z5^J>bDAp4Q`U5l!#O_WtE!>Or2d_P}6a&q+wGL
zFc!jXoSG2GEGiCf0~DFAh>G6_CquG5l*MU&!xr2{W7+<Lb<YJy%IB{h!^<$!H-mG+
z>Mp0+Z54+)>>=!KSIg(aAEg6%O)i>FY3Mh3MX{X?Mb&uM46KO_k%P`a9oU>eC2#tr
zJ16N(@)t)OTn_mxM(v-Zvmqf!)Ii>Z*1AnUD*_L85xM*Oc{wB{p1&U#|3w(y@k$n{
zEqdCJ(i9#w<gTSN+*FmaeQBo5uB-gQ@n6v_1{BQ>D-S<WXPD+<2$~7;Nn`%4s_ahZ
z5k{qOginCe^!!Q<oAKnLV1VjAbM0RwJ_`PdVwF+^T2I&%Yl66fiE2*m+j|dG_PWRu
z-Enn~qxrdr8KkR&e7{<jY7?w7gIZ}oyFZvDv;uh+Ki?UN2eunP-t9)h^O38`<5SS#
zT=mAkJbWR@8iH~%OSoSfyDM#ipli3&5=O^Y(xk+l2i5deOVZcf0{lNe03pBHy&34m
zqwNq*0(MQb2k#@oJR=Nk7VWMpd%;TUE4P5OCqn|}4=Aw#<atIJXuAvkZ;&o2W0Yxr
zF4WouFA78Ccj5wFcK=}!uw~*88F)*PWU+|IJ|&4D8p%)mrq_JePliLq?t3VmmwRq;
zI6Ahw(hA}!e!x|@ruw|Hm&Bx1iUQ!D92~CJx)e@<j1#ll%Di-O_uq|G?dD5JKwU@B
zzBwF|>uw{L({!b&x(`@pB>67NzP#&3+qi6W|5~xJt&tPrVK-rRml@mOw}<yTnI+0A
z$G@M%f}{G!10MRIMJqQ=(ZZV@PPs~_B^CnK1Ql5b$f(tY=&D3p+RiQ-orh|@H`OW1
zF_+s_%*}d`$+2d7@O%BIF_ci16zIRT$3$8iok62&JmdLVg}L=Y*R@VU*-*qh<xn0s
zv4iiiw>w{(PQ-nnC|Yk`7a(6t^>EfGif+rtBGtO=^?PQEdlC$hP0Iwq5H(A@0uLA6
zM?(a4j9xmu&&s`LPb>F7UG^s{-uU*<B(U3n*$i3;@EKwRPa4|RX=(TiBR-ro0CTCI
zZ5w{xHl^vvx@1OHnMJhM0R&R#YqaImG}|;*#K_2yA#UTOpe47hLH=HcMQ<CPug~TS
z{WX`jHHf!!hzodC9i`FDl)V{39J^q~sQ(HZum76DfPJ2fl9IYeCB%Ld(E|@xx8c@V
zi1T&d$}<a#HXCavD{+rT_Ge#}H1nN2+K32@G{wAGrcQqMR3kvv&S9FxC&<NYWMNLj
zZF8+^*_W*qVoStkB!tcX>4QuvoBrU;)*TevhWak+B%re=!1Wo*3?vQ^nFgLA-ba52
z0vuj}2a_q`kz=J~eL{Sp{05d6`*$^ow1G%`jw`sx>J(By4zyOe1OKhDcr^IY@4HLe
zii^t)_`^?43jW_SfU6M&a2wi5aC9r^=yI3_X|qm$>}ndiRg=|UY68qg+p@UHk_Cay
z--N(!oM6^O;?QUvXy(uZpv7k*jFxrzi^x}ELXlBz*>y{bK3ZcaxY?HqAHBmNEs0w$
zSv2r@V_ZNGRzc#bTdBxBm?^pvFw5<KeW=&sgPY2h8DFZ;Q{b3JHQN+O&XUR&^G*)Z
zvFM9l=`zRC_dpkRc@h+}QY_aVBvYvg-H7b!t@Imv9q_oNyE|VZd40Sbi`I>vuhx6K
zO`GV;6Br(*W?;UYJxAjMkwQd+QW|OrISX7KioSYEdmOFwBTW9SiAW5SYdC)^CuiP-
zG6QN;XZ1X`ZHrEnbf)6_G&McgVBHU+wdORAM5PU<wb^!{X;QFQzvceN(wp=;n|FH;
za*LbOd;?uCWOcbbHHq1s!IykY2LWA8x$@V(Tz-d^hs#x@C8_M4--EtviuDC)SuiR;
z@gVUMhrP7^pJHEX9GKAi^W=(r<M89z20MHp773BFA{l7mujX_bhS+B=bT<1^gqEcH
zVjl+3Q!-esim=zy8tst|=}$*6g(!5VS6n@6+tj!`*+@e-kI&klhqo=yD@joWZWO6I
zYb+ge$V3+hT-z~0Al3hx;!n)~-x}>!2xaEOrL}5w#eMYidb_nh1&Ge9vPC>G5Ftb1
zK$;=hip^k%Gk7rO7(R?9n75qUY_=MViAHpfS+mVf=-+GE%@M^O9~s97LSLVWP)TKq
zbKe>Mu5eTSFGsZg4vc`z0c@$#dD5W?j2cvvzxBz(uR+k&AY-{*YnfkogbB1Z43i}*
zD2(bkX*?5Q@{wDZU5y3En(c0$umoCShLNmDqN{y?aE~P9eufZ+brg<9Ut+dW9{5wg
z0FO+-7Vh~#YJ6BKUBC(t%zlb~zJ1p>*mOKsODyhxDK)$}r&XXM_shoha#sN732ukW
z!3W#&mYegF;32|u2{EoaF9kKtzTxCOrhd)N+ekG2L|S_tASfGH4;*Iy{;vJInHUlB
z+l)x&e{EP-su0>gm7pKuc)Tc?2YH5bTZDIA-!)^__549BB>^6%D>ak=ZGl-sjK-0y
zSak@4TCsQ3DP?QqJrn5tIX3$Y5r8H@N8?7XW}&&<=HLT5gIYGq%0A&(+084X*5i28
zE@ax1k<dhT6`~JinrQa7zlZw@m`q{1mmo0;UCwL;l@*bn2K8_peT~H3XG$If+iJOC
zrjY(G<Ann>HsxYWrgdU<hjZbC14J~CpccJKKXHy6$sn&XgExk8V*hBa9LK5=VK9#L
zcumjUQ7Yj=cDL=pFTyoNAIBp)nBG^4c{waZ_LOCQ_sC!&87)RuCSZ@C361_&<q)&<
zfJI8~+=KcuBzw?(nV|gu9H#dXE?4T03~kB}lx=EhSa##5In&9f>M3XyK9RP8gCVS2
z-|s9)E||TQd3Uh#cAowO$*-W=&<Imj+VrG=ia)}bv`TQb#!#XOz6^{UXMOe-DY8Hy
zFF=p`oFvK3H8`<JzbCxq^?EFUH|~+IHA~O?hHXPA>8sScQ#Li!Y)RUG8FlaLnDiU7
zT=<zA25@>axJqY+6eGJhDU^*+M?9Cc;vWy&*iIC~7ht`C*1W?{%?-DmjT7xNPq)`g
zdrpNGoubbarZtqNBE#1?zAj5tfav7-^st4u4cNu0=xr*r&TY|jQ&s%Vf8szx9yY$N
zxZ*|^<8Z9=@bRH2$T3lgdAxeS0^H-c0*stS(sVZ3^Z_obo)p4<cxe@pZ}1QYIiJs`
zh`@);Vr&SEvMxCiL!1K&tLKH$+Z(DdVS#xIX*g&F+QpZEym2ZpSi$ui%6*%YR;h5k
zzF%7sAyCs0Ajg2VMpJIl`Nee$hIp8Kp4|>6+)=0K?VA7qnxvmu(?-@V$7)cTaf5k_
z<JJ%DBxS?gk%T&1I=gc17c^Xbu3M5h@!*~Wf54Dk*T(IbcYL!Yz4iOa-Z*+n_4}cP
zYur+^h{<A^(@8sLD{Sm{YyNf+rV#Zf?Tw?7c@z4bVj`NjV)Zny0FP5~ULHve@2UFF
z9hiBeFR6G?59)iwNI}ebYc>+p^<vH<(fl<K$_w<vL2<bfj8<rAGWaw!`r{kktZ~3Y
z;@e7}(DhDVNns=f7p3{L#Yh<;c1Hp#Qah?Oao=q*EUH=Owzm{4y}WdrVSl<LZqMKi
z-7q-6NyJ$ckF1A<#1lREzmE%l-ck|rJY<4xl28b{VGuvki3^84J*By>j)IL)TBv0(
z!P>WISd^l1T?%)emJgZn7x&|R7U4r0YXIx4W9p*V<@|fHpk7=-#A6^bmQrT1tI>Q~
z`<4IJzNc)IoqLa93)d#ZodcN89<OXZU6bmf>E=#W{2drr2ndNhsWf;uAOTQ1Qx(oB
zb-~x)I-}nI7=x>BVG1E#BgLh)Q&8#!F;muaj{<^14z?9X!rKXc7&Gy`e%Ihio%=GQ
zr?}q0A-nY{4m*;5KOqCPv;__e0E;KRm2i~xsPwoVekch6*++fl;ZjQ~hei_sP~eTe
zkKmHw6baB$^_LXUeYFEK1kVP96gar<A3ro`L9|HGcM1x~eV;eOCdH*!<J&|fVZ&ZL
zV`_Nn&0m?A(FfL&r+m{=RSpIVEEDq@NCPnw->tdW;kCKrv-f1mi?ejz`6P>C`Y#Ik
za38U%Y<I!IzZaOQ_MzxnxHW1z7zVJK74*m81LuqO<|Lj|Ys7`FoMH;6;f9M=n>u1=
z^Hagsb|v(cY>smj*<vUoxOL%1*wrg_Wv*g6V&CvWH2lXF`r>y|m1dQK0Tt?TqDxC1
zdrK<lzd43Q#hQoGp`p(NzqG(?t`N2P17UoP#CDjSL;J>A+Oz62M^3iV$mWJnl)!;g
z3UzrwZc_b5cFUb;`5${#!OTGR3oD80wAMoW_yt(3c5g31&+Wi-%t`->NK!d!=d;*D
zH|;iqbKkrGPVcbJbvS~tyv53=ZFIm-<`<jvs(vQa?tELo8MWb2e2oHr)rU)CV!FP6
zJEW@qi+G%gIjsX<F^2;-svPd8ICx6<2;*e>UR0yv_`65_$S%)i53e}Ni5gT9bdI6$
zEY;<2&xLGNjx2FfY5^LgPIA^%@37`JC3bdQR>~SY*lJ?eN|)vV3C&V_7oaY<f~<|f
zgz($TnJ6nKg~O!z!@R@gHX}|W@Nkv1$Ox&Cl52kA(hzlZ(TRnAi{PNuls)x1uk>~6
z<D;-p{6ZZ)D`AL{Kw`AqA^#c2V<MuFi%h#u;Y0inh|0$*m<~o}AqnboWRVX)$hb1K
zqYH#z-a^jSsXfl?H5uWhPaHJNsVomjxC!8i)T!mEhp~O3WGa0!<5s>78BA!7q>dS7
z8y0pj_D0P<P9q-lBul+(l&D#zU!ss2jeQDJveIb6I)bvqciu$~zpc(143EGiOQkgr
z>1|8S3%$n{KFzscZ+BP*0+xr6MTbyPHr_W2L|Wy-I9LMe2*?KZ#y6cy)$shQNY?4L
z5RQpMwZ^rA;xa)6!Csw%07@^WTa!}e*K%RoBKqt{SzvM;A5t?@?w%vb0;t?UZdH%W
zk{?N8$`%C7yTUNXZ<KQfB@DCvn=n5m7XbLVcWY$f?QBMJ$%rPHe;cEvgxs!>u#D0F
z_OVi<pc0;ufhnJ6%2)RZIVv{xw^+B)n}UL7=;KwsmeYo%GhP(@UB^zYVf!{I?vu?N
z7D0|%j!P4e|Aht@ha&WmI&YR1`EoN>GaD^gN}+*Q^dDSA4zndyDJYb+dx)PD<*fJL
zM#+Nl!9f10dU=G?@9z<R6%oFn2S4kteW+wBT!y2;lY=6KA*{g)2T)KpF&sjE_%^#(
zk=F$1v{VIzY;Dzf#t^<)`%*xcQ=)*o;f=wahDCEePu2JQyOH^?fTbTy3G{7NK#lhP
zM~mu(ykcczO+bY!{KhOgtrNKm&d$z`4H$5|^&Krb9&z{w#J!df$%L0>1mTgf5YvD(
zlB&;xV<J|c6hp#JZ-vgB`p*PF6pcqE#zs5c3_HImvR&-LS2c^DieQWEr*@wQh%1x=
zzBv;BXi-24_<^#*7`*}rqK{9Ec4XPHwn)Cb`hz{pR#{i@Qt~|N7k6H9z_i!MaH(P>
zzVy(_BnsT-O9QabD)@7LiZDtA4qB#FHlpF&aLfY%v%Y+Ky%ra44$~$&>1!I;aIU<j
z=J&g=T#(|F{0PZ|PH%4^#YXVs@8rmn@QBJQY}wJ+kF*Z9I0ZOxiFqgq0_kqMIMwP|
zAr&^N3O&DS67A+4RE5EvKe|``Zk%Mjvjqq<7{Ktp3-b&cr737=p>F*$W1{FAjG1iM
zAT06~)+zBB(}I|k&}Xx(S-2Qlqpj7R5L9lVstt;H9g2{!(EEI|4mexQfLE#N3oPbT
zdTnm>I_1Xk7sMRYOt)b_Hh%O1LX0OQ_JjWGA`l`qgxm}8TW<IEmu);KC(_h)4wv_4
zEVr*qCt(P!h~Q(@s)zIP`bGF)6Lk13!@^i03#oSJdhcYzqTgJ$`wjgNg`CkKC_M#z
zC0_Yu76=djdg$Rj1qlxpA{Rs<)wI%*bZ=y1Brr?RS-`Yr(|OhnG=h6<bC-bxfxiI=
zR#jhAdn^Ly;+%RrFjg4nAs^%WqK_&AAJnr&e1{iPB>gtusOO4MFW6LC@j@na_HlOO
z?csE*%r+P<IEYus(a`Xysk(Db)*H!VKL0(K^*()-T4BI^7nbgJ_E^lcwtk16F6m9`
zgb)^W3PhR$!|4AJR2^*W`dm!<itNOTMZVy^JoneV?|+^efA4r=1+eHMueA*?-;P(X
zP)k{x()|M#5P?(lRyfD{r@y4CSv;f*^~arn`GqTB*X08B-qBDHmAuNbkH%rH8ff%!
zKmi+Cj8J|;9!eHxu=hdT&}@xOeJN+p>$Q1)2s1he5mUxC21SZH=F$5I8r_9N-Ladf
z$YoA}7e^NF)Egg}fC>#c+o%F?QncHC*N1i?Gnt<DRW5yarFu1F_S5Cv9bb^EoQ4c2
z#C=ejy^lMy=iCPi)L@I^13jD~9Eqnep6|ZS^7A>SNt?7?54yl?<HWFFwYlu<pxN>C
z!lsPN@gEtlnn+*|24JK_>DBnw`FpCQ>RkxiMe$#Y%#!Z-tE~|-pzkcb-`I<C06<RG
z01Zpg5M}_M4uZjMVrYZjv*#kySAsNUu`fx5cpI?Q{fGv?K9nYl-nfiYf_Q>TARnjW
zQ=j|XI=vq2)uE*A8v&=K;O>F!7JVBu|IX_b0KeBLM3TCd0mv$T2`-oqW%8$sc>cCa
zdbT+ce^nxK?BUwJ6!=grJ_qP6=ZqQEt4|*5o$FeX(}ozxd+EF5@OxdO@PQaNXr#aM
z=MI67ekY3GgF{}SDiMrHy$;&VSK@=)AD=q9*?)knWQ)2q7@7SgfV;p4xepII-)Cps
z4G(5CTMZC>(AFjuPsstBYWj}4J_DDI&x{qq(hTS+C{)r?oajbLZM&MT?A01rbxP@U
z%xsRRYI0hN{KUPEX5)-&o4K8jUni%sLxa!XeJCw`i#1SG`oS*Cx!)B)cF@gbRW{^f
z00oT&+=YN^zh$XO&HN7t|Aa|jwZ2gsivGmKd#JYIuUgC{TwO+WzXFPb2NVS(PI@h2
zyYsHLsq2#7DD_9j-y@#uz_-s>%ubfZ#~{3(8CFAIe*biyI1{!30dKn+U2W~SPC*`#
z>czNTp?mY^|GKEW!>sAAJ*c#v`jkAFtHD$CHN=f2RfmmE%D@&S;SC<mYx-(B=^D=i
zYrIysuhVyQinV&0)i|*VS?NT0@jfI=TIwwMsH#7gV-6Tpd$cFqT&8}^-M04KkyJM?
zm$GqC!zDp*S#YHjGeV<@%<l);WL9;`Ok!cMfX$t)f*86Q2Px)r#Zf>q5Sg7#A;We>
z?nm?S>gsCS(5UPtU(`0@;M&U5XY&I7>@OqohG?!2_RZtcTY?xvMA>F7E>U9iG&bm3
zK`c`?Z@gJTK;o*MXvO%CTmc+?;tqmeQ;z`hW{~9vgB@Oq_;bce?NO;=XphY^Qpd>?
zYMht{<@Mt#_9)kJeMDVdM!@c+60Sz!djx$mcA6kIb`I{lbn#*wbk@}G))&^L290Pn
z)zwu%W^OJ@jjG!0<@j6AHxYyCnS6aX`eg_snfwDGW#^M<jXE_c#3^McCEusq6Ae?c
zI)!|@Q=qjqv3@B<%W`jZ%Z(f(?0LTZ75I8gnI&MMGNdz@RsZ>i2kGy62WhQ2vC@y^
z27fAF7Zz@XiRmUrR2Vg8Z}kSGrhVL+=V#(zml|878Jv#((s-eVq<YYSv^mToZPV=C
zSzzeux&GrOiay#4<_f)fhkNzw*Z-`GB$|$tLVQN`?Ci+PPwRdKgOh!o%X?kS&B=4c
zx_C2m;B%VDgB6M3lBbgj*QxeL1kl4h>(5y)1jir-AcCMXprpb3#^i&xjv0ENI%!{b
z4`zy9dwD+&F)pPeDUmQ<<oNyu;9XNJ`mL$oNW_|2L6gTO``#k@PM$vxK5so6ny?%5
zb2&IZCM&pvVYu@ow!aG$KiCm*<d3_#DFanOP={)=hKCVwnufi@Tc4s6Ho%-@$=3m?
zC>f=(8HK#VQ^nQBZ2*8<r1=ay(_?c%B*>d2$lG)tix51+)Z-59=Q7T=yQ-ku?Xr{A
zEXV}5FKt?41B22a>2h`GtWGn&)s~9lwHO|IHG_FMq0*LaLXM77ZSXI`9RP|~sL0xJ
zKIOGGyu><s3S}HUE0gT(I9dAqxbhIl7Xu?)Kcbv%wW&azV6A@)d&`1-U*-Ae({kRH
z{=;*N3}A|cQkR!R=7@gMNAe$3fyXr!C#V~gwY)i;v*>(xXJ@6oRqPSP$MVQR+s*oO
z*#T@>AtdK8RSr8+fNHM@>1vm8oB4Bc=$Q9j8(YggpbP|fcE4jYY{4M^EojzN#6GLv
zPE2U8``s;&Kb6z4yWw~IRIJX?OqppHj2$|ErOjmcXA~w;Jzkm{t5@Ygy0EHDK*;fy
z>w9>T)jpPu+xm~0|5*^Vf>B38k5&Z|{GOc^D|5-Y;tpdKxk{ysz_Ji>rP(8dUiFYW
zQF9YsHkS#mZ67$VUST%eTW1D3{VkhWjyTx!I#Qc#T(fRkiHKjGM~0kN*`Lki?ixe+
zNmM@GPBz~5j3BQcXkc~cXkh#uG0FX`=1-2R1RcDI7r{|LKJ`Fs8npagP%xB`*3(na
zv!tp>($2tiO+L!S$YgAsLkBYCwvZ<x;w=Ae5@DxA^DTyYoKog9yw%vZz+12@>2Zc>
zoHHRi6yBZK47>!Fbo{1EYZmSO=%xZfV^t$6C0w94nSd`pe!;YW$5(`X?{mvykGa4t
z5w3oUb0{3YQ-pnpg*~3X0A=UGh-!zuWKPTsn1`@JQUXq8r%Z;2OvZjei$drRw!$Es
zT8^#5Cmu_6OMNrec;%!v(%K{*we)17=a9Z^BMMa776^V^j6cQDV|#d*RQ$(hQS9%(
zeDLrlV|g5v3v{Fi)$uppNyPTS{*~93rP%VG)z+QDX_E3vbpLYG%<eBxOMBygHziol
zLTsojuvD#^{fXD@eIv7a<1dNAtYz>A$bFsf&M@V6XlPsU5+JPw{Ij-LT2Tu5w(lqb
zg%Qp{^LxiI$GjXzsfBh!!};A6m6CNkCnw8n1=l}kC`}}$7Vb4l(TkRK+-jKNWTW$o
z*7JG3q~AB9C||Y*-Ke7n)#n+N$dbd$qoSEypUP|NQZ7-^xEn$1;sldS`V7WQ5oY6D
z_FXGuo*u2x1pn;OVX7mvF+te5^TcZSdR-+x*516&kdW`7<Px42+s)zQ-o;LrvvUPu
zu4|fUCik|Kq+wCg+Lim;NLd1{uwPwgcp`j>c7lx1;?+Ve#y)p83laf!@-|}0jSnp?
z(*r}Ys#Z|@LK!bIf6w1y8`tL*KIusKGiR6m$;~fYmJ!FeXq#*6n$Dt2!D`}od||{v
z?h4EKd~a##(;d5DQt7htjiJi|zhI_gC&cTbwxKKycZLbMsOT*UrXw81@oxTHBrTt)
z@M(xps(ZFDYZZKAM52zE+}F|^!OE;qwLfzBLL?Xk5(FJ4<{Co5L|C786p~4`%LRSH
zq_zIkCq~qJ<>l<!p70?osUyH>M7N}pGI>e$_^Xs;X%$065^Y6+#8@~w12UW)&(e}E
zjO$kY@r&R7YSx!;ez(qf5!27zND2WjNi?-|W)J*7mmFFkvpn#hdR*P55)d(;gk4(n
z(MYnqF)K!+;k#`>>&1qvdt%dyL8Haxb}>Fo1uce0*q~{5J@M{|kM$23FLoiQJ4EC(
zQhC+tA3wXt=YP-d>buF`)8H{)fjKcDp4f1|WI4}+bID^MDc+lWDiQqlJ85n0LX|f}
zd>`9Y)%<=-;qfj{M#M!ceAm~EMXb>9SRjDBzF%PvJ-n&Xf5ywhGYl8aE1fvqT5x(^
zna!{fDOPQ0`%PC-k$fudMP6=ZfoYDOLzh|w=gZ#Fm|Uofqg$50?6RTO&|$P<t7GKc
zw1#8^u>cvl4@@=OPq+WA6@(;PUK=cq7h^x|&u6(jC^+{xLR{gU+K(!<Mx!H2mT{t6
zKH(>{b;o=<EtK#r>6pW!j#|Nj{pJ&O={K=^XUX;&%V7C4g>K6wu@>2n14Q>YxxA<Z
z7WPc%U0HL?e=LlNjukD*@(|htrXvB)6Wt=PSwc3O%jX@-0#RJ+ju4E?hsH4{bvA-C
zdb&C)M2P<0{A3BRzRGQtPH6o$qDt=BuD0%ts6|B=cK7ko0-r11FIs)Ni6qvE=H_qP
z-?BEeXA}`_!r8^3rZSf-hw;~@CtYM^E^r6R6YU>d(@5jZNPlI3upk%O0jkJeuRjrg
znN142ze?8(gjf+qGD%9+;46rxT)JBf4LMF?zrnj2r)x(uyl1fp{dKmIMUuG6qngsV
zSh%3hi-SfZ`*mp^h)?9pD=ZAM(hOVj^dDVZHj5~^Jj9~dG6ZWAq0J2QmfA5|Qc|*)
z-qK}eVFBb{Eg`>##1KzO;GD3QU>?sPu!?4>{5~mq>ujt|zg}7+bTK>J!X%OMg}&!y
z%Xe#xxL3I<CQfWv{+#8!FH?gZd2qGsexXKJI<vu9(ToMTAO>|mKh{Wg>pmaGyY}Wj
zakt&}LP9i5AI)HQfT!Rn7Sz=%;fEf1;Mf|~kjX9)f+WoQne1!#!Q|sy)Vg+haBH32
z*n&3Y<^*LlevHhjIIXPrr-!LK+>|f6L@an04En73eul&Ln3-Oy9}FJz{o5b*(A+~f
zQl0g#9Q(D~qlszl)ZQrKQK}T~yaWEo(Gbtr@JCw4%XJgu4h%rs$A7tW<As!bBDE$v
zbh~1&GG0{U&`-OgdE5RF+=Z4F3cNYD<%+c{hs`abk4{>sZq{SD>KY?MT`*zyyorkv
zL5I$Pik2uVLKRIDgW%AuE$eQr{2G*H@PniK@aJK|(G1jJ$_lIf0Jxl2?KUGEA3m`0
z*ibqwHNg|A0CcMsys!JMKT8e1z+hq<MSS}o-{#nTm$~)$_+8vW3eZ=bTUr#uqZa~f
zRADR%yPkadt@Ip8{HcTFULH2%DvT1A5|V2Xca;2bTgg~0F%eoRt2}oKgp{=5ccXJC
zX!Uho=)L1yN_P@5<bouz3i03b%!pIjIApY^KCziJA*37#lB}~p0AAUe5J-;yf``{1
z>65^8y5IYziGu;44p8T?s^YxmAaiX^1kU%Y@@_T3>y9hI%MOLwe!r!u+ey;^1k;Bk
z$=(`>59adYM!fkdC=h`&a96`+Cj6NM)ObaEyU~76;?!_$L01k^Fq1N=pf10sDqKj=
zb(|UFSF_kz$}O91VE1rNq+6#MknIE&N2WCy6p5YWU;4WGtsL*(Loe^?#U+bb(d0_{
z=H-jl`JiI8Wo+ub(9nPTzIcWVb*1A2gTQCi{q_@7srfugu4|OSLCGfMb*T3u^H1PQ
zl*d)dLH?eLFu}+HfPOo&g+s$8ISl@!gLN{J#soh&_hfgPv#}UQNPq3TU-H*{_wEzc
zIXSO21=jIOcs1gMmWhtFjvhZ%G}FP(fQP{6e?N4%k6LBVqDJ@WZmX-`Sz4*_-i<n&
z?`#o{J~H**2sFjZJRJrkF_d8pOm={2(hbJ6h5B>XCr)w=&zX5dDt?e;c^xvi8Y{jN
zr7A>^5({pr#JHm?o#S;M9BH&eoP3(h8vo(3>mrF87+O$+nT(tmkfRJN9<Ocg;GQ1%
zbRjz?EI|tCuDqN}Q|0w0G}_*{o`2jMS~Yex)XgHyk{J<+LKRZeF?I}MQ#m>HfcO;J
zw?#vo+pru!Ti(1UVzg3>eQ)F~e!u9)`*idCBqZ@L7QdPiZxmYvaiL6oULdaA<jw7X
zt~}zHJdT1^Pb!}9zb<CE989&wH;{dj>zt+?{^G(Cl&<f1iNmM}!n|a>x!~;2VwrdN
zs=g++sjIIg{E1LsOFyD2lcx>G_ob#xLZ?k-n?EZS#M6yUnkZ7^g{l@89276gT3%gz
zy6@w~6<^xf-X3kGsqJh?{ZWRboia6BlLh_b!QD@sOl!0Mq12%6wfj!$_sruBMpfu`
zCYi%RHL9?1&ETh>UKGD52-+gDbogue^`Y8~r6t+2C|A5ryw-znTsgW9gN-ce10Ohs
zNw>{5ddT=FBtjNjGOVxOGxi-k7=_ZGm*H;_wvCsanL_mzzSq8H6@BzDblrQM%w`Y;
z^br0H4E4Z#5r67cqgX}vYblPK{JXT3`ye?`<d!Iz601HytVGnIyJ!%k-7-Efk{jEI
z!8ke9C*s7Im=h(p6<rlz$Nb1?)ij+oaay7$K##7h)<CmRD_Um`S#tWiW3Fm(e<VzD
zB54C$rN|@|1wIZt)h1i$mEZb4xig(zD=y?g5E8EddZw4h*bkp+yM=J?LLT9)VaMTB
zr_W$2*5i9TH}DC>{QmhiFknOD8KvIHo875tn<!wtZozLRiZzdL^qY%>Y)9salB3v@
zeeg5K=ZGIsQt}Zl{bDyz?UIJ2rRB(&QZ&#9$@^<vJC~QwF(AXH|7SzPnXa5h$)GT~
ze4PHB_v&9bnZZBOzjI$tuzdfws{EBBaR4Z)k|qUKSA)82ojwU}dOoB&rt|yq06-*b
zAH%V+xll|x-zmD{EJ4RNN@YBTp;wWS%T25;02VGi_kLU>(r%$_{Ec~uPi-*sdV{m+
z3jjxovd0*b;5uc|9i=@B`6zikeFTIcPg~&XIuh40wj3DTY5ItWn_L@+Yu{&OW>vWZ
za<=KC-u|h941vd|YwO9QrPv&4W6G{_K}+o)daSj|N#mv3x+#hKTCzqrXogU2*W-EZ
zXq1b*6<bLU7wl9Hlc1@R)ciF-UTO7olO$H}jaXG>jepU$wBXn3Cj6=1QGRQFis9%t
z@&mJak%;?$*GY@xHLxj$Xuol7J!3E`?n-xhpri7=<!-rNC%+w*!Cr5dc;>u4dTyh%
z0N=>`YulIkcRzWg2b&r(pFVlSvNpMDZa5iv!U=S`MGyEhf_d9OUEaDwuG?rE`(9t*
zAbv77$-xf2LjUncr&61hnX3Q|<Y`KwgW>JsnM0R2t(I(*kaEPI{^X@b!s%BQkvQB>
zzQ~%Wt``c@1J3|TX<TJfZ>6a1??Ft9M8e}QUpG$09S^1Gm*RfU5vqMd213LY%TO*Z
zXJ;ErHe@5>p7}=p2=(}x3-hKOT@IozEVQ-zbiNp&$S3VBg-<Y&D-M#nQ3m>%%-Pvt
zB$rA2%XA9hUmzWk7G6A<S>K-<9!C;1PVsoHOf$-VB=3C@75U@@GIVm9Kc4U3)$Y}r
z&Dn>VRkT*0t@H22j;k{wGWs}UiCaGHmb=p(jvUFpUsEx)O8zL)f}h;#!6MfE(gS2n
zi~bqk^4Bob`HkJw$kJlOK}9oa{bGP90QrjZe!%R>c@9JdpH1Qe0j_D>w`~un%i&K5
z_|Ls3X4k#W-I<VQ1<U7==Sb@I=ZD*Vg(sYPlN;iOz4?Q)NZ`I0S@U5HrumhxNB6<{
z)!N%msWQ=NE1kDP<vP;E&t&wH!}7`5mo99Z4B6g&$r0`#?qW5JxhG$%!wzSl513>^
z?ME^7T%$3`%5X7ZyzTGtHQ3Uof2{8p^sAic(`65#Zlq+64f-S49=Ugsgpr}YM6St%
zq4_<v@yc?py3qKZ(#dT(L&-*O-+eK9Xg9iqBoARKyQ#^=9rq0BIP_V)?!R?5pvXbv
z+KL)j-in(0G}*q|YWCixH|<!qUDu==8+6CqcDeE#>rHhh9CZvMl7CzVQKvD%zDRcc
z1om$5l>(^K=4n0N^$~MswLozB^Mb^3vyKt}zwe^o@^zWl$)e9`Lhf@6D?J|s{vbA0
zTI_KAsjGcI62qSwDE!}{L0e=x5n>?9B`ZG}UM*?~q0|U_ho-Jh55~(sE3U_zai{Lj
z1?}*1{MQ6<+l%a>k5wX$Y*>!b2;9#dJINWlJ;SEzP|*<oa!}Du3VPbTx-DLih|MQ9
z?fTsQtPs<9l;pDqdE}<LpOEZq54^;7dEf{2U<xipV6S-KKi%WE<~C%446!{wP9_8a
z!H{SIN2T3=Z^Aw<lpD({bkj~?j=hu+rLsAh_s~i2lX)vVRC-*@-o%L9V)#W4-YUzn
zILWvMk^lBqR&9=_sDt8X#K0A*P-GB{d)eoVe(`B07n%#c^@DA!Jd^ie`4LOrcL;Kw
zhW4IT%s@y4mtYFFHSPCYPHo2`i(W@%yY5S6w+;HPM{>nz#keziMl0hXn(u4Tl6o-|
zo)(3L7MH_d>vuoPN_c-<%`*PNSODu5G#uS<1dr2BP>E4bICJU+&dqUoIIERdbX`9X
zj-QmNH|@=w$sF&AT$|Wk@AS<-oRop~=DA=+rh=^ju*xQ2VH}QkeF!x0hBOd?CHKtc
zxJp}BhL>%|Yp+&slBmK~hMg<yLo=9HbY|uaA$w=~l<js`hqb1rBA;x)k~%X*T_+<w
zX;>xpYWBImFdsImyn-b$_Vgs5P7&Gzo603IGN#)YZ#^A^q?=l&>Sx^Qy{4Dv_1}91
zx98~jw|{G`YZ5pD``Z^S+;vr*{rj`UA=uuG+0~>kYHTQ&aXnWBb`&BK!014yjj%0E
zvL-gq6Po5&2v*Z>#>IpVO>360wm<QqG}YT(H$Mzr{wayEoWK01X6^TA7<j-j5tih1
zpGcJp0z-mhN9Gq?H&szGril5TjE138xf%*az-G1%Rcf+jYh{9JBl9ke?hw_ii+Id>
zEc))$pTZ_I)_<*tMT#EZGJFFcYqy9xFdaYcd5=OyOKvC2X4W~Kp4?%3rpD2R_lqG5
zlJ{v1SNn!8{uL`M*|I9{X|2_ABRZU0<D_VpyAtEPlG#jRj{L8ELQ+P(c`|Y4l;Rjr
z1u%KErGgK&?L^izoiab5G}Vo^UKQBiRXLs8vo2%`V3g!ig_+KTr7&Y;Jo$J!ds;eQ
zST4bCrvJ=Lvx^6ir}CG9+T%=h@1|<6XazGeHRriXo1YE*>PkHvPaJ2blbc&_XvNtw
z`jb5C!Imf3UH6IQu?tOem$O_}&P(GbRtCo8akV#TWrwgcJ;=4m(O|A~R=Mg`5>?zv
zya!>bTC?ihz|wt^UDrkU0k%xhp#w><=gonkF(kc7*Tg{&Y@9LOep!|^RqG|dmH~WR
z`y~e<us?bD6|HE8X&u<O#Q9OrI3pF~?us|m>;$phG>Z}au6E?hRK3%9N;Bq4SRz%$
zRJ|7wZi;up6_pi)5G}ueI|4is+Y<qvLlO8ja%~bf>r!fGwo&C-?BCudNl8>)^Hi3F
z+2vexu;5Q#URz@}=WiHxy^IaHcbK;{_!(cndFau-kDew9G?iX<dSFX=893NsObP`^
zMIOY?tVG2xT?+bKhL3#w*Gzl1%SqJ{xbj3q^>D|@ZGGvZn!}CQ71kPi5^%+OJIOz@
zzA<yzF%;+|n@jH09UCYSmQ_I?bYxYGmiuQt^9`xhnt;He%vL|z2ey*83S1$vS@qx7
zYzxM?b3dO+cITa1&EFo@GKghz^%>6u*Vc=G+pBL53<R@~?N7q5Y`Xe4x7$;H@%3Fc
z4-A_WAKV>19`Bjy`DZ9cuVU*u?Va5&mD*jD`I7?#7yMFCNeOCAZT;HrGAK<g+Veu@
z8f^UB3Y$B9RGh)*DO{>>XYq%8b1*n+_0-U4o~m+sI)%-M?>#);Zd4Vus)rvsra##?
z-l-iF`9nzWuV7ZzW*fElP4$%`V9D$G{i3wIm8JW$6+=jd$Hb9?AG<>)%;~Ap!SBaL
z_)6|n{f$m9DC~G*g9vta`OxQaQeST-XCZ5J?YjG+iE;}0bTdAD{TB$M>-Z{sP~GgH
zw-cn!P=9IP-nPog7_E9QT?Cusa%e=|n*lF*Ky*0Y&z_e^+$LKnX6gklc#E#T_{)Ln
z`9tGR=oJIrs9{Arr6Blr<93|5Eed>c*_|}<NER;vvlt|igj;#qo;kgFKDC40#p-S}
zWmWW=n!3|EwH{l;&P<nsC8^6#+{Gj9Pein5HH-=g3)*ezVl4SkWSa*O<nbFL;x^;m
zcx=*HJ9zfhDRL)o8HK>29qOM;GqCphhfcmRQ*`X3f(1(su)Fr>{M!TXJvEBt?pr}%
zLI0d@P92h@hp5xJ{AFOj1|E$<`=v)e@s6ekPe+nHv-=aPBGZS&a@Gm#b|;1(2Mf1H
zwQ>yY;*Gzs#*cXRa?~lt&$5D7;xTELhL#@^slsXpl1(})EKVNH9=d8~#OLmgCKA7y
zl$_jHcsh`kW(|5ggKxVkE6rvfR7LP06nn>eUSQ+)tk~Y!zStS=ui9ST+ucUq80n%G
z{5|d3QQQ@&c^?-)O`PlrrXzBSk;i{K!Z$U)-RSo?5%gy%Ry}@lft?;0=+$37@OEb?
z`oaGH1MH8cYfwE}?yYFK;F1fv)82({!*S-pSz7%g{qf_q;2DfpV`IP+M&q>W&Mx7%
zq;NLY-h!&T;)n0l@FaiXc&OmZZUlL}x`p=ole+SIq<m>^{R+CXx=)CqRx)Q5#s8-N
zsqia(MaZH$B6<7DpVNcFgCET~Sajfa@$L-;25<W`ry|o_XC{tl)#D78qWirB%W6qN
zo^G3?@ga{J)dWM4aZf+xVpGASIL{G+?O%)Pp&pN_XWuZ#CoaHy)nEILzDT=1m>rE@
zvGFwCJ%Vwv)u|kfz<LiJ#^{aRvnz6!HKu1yfA|r&FR!Fa^(qOobSKUJI@=UnX{K-T
z_k+0=1M##kUTZvc$!><6j<3Z(eAp9CS@;Ef6q{gP+;+*rzL)XlOM9xYU+zsgU5WTA
zFqVMw&lp*Z0wE!bE?;i^D>6Ks8JrsOfKv3oU!|d@r+1CLpo#QEw?CWa<#qk&%-flx
zg#o4pSv98Y#`Vk=BjIR#{h3MZb7-n$<cU^=|3Al4BtGlQwsnQJ&Jt02pQk;g>K9B~
z{_^(Y{`65!&<+WH9QkQ~bZ%Eo)L^=@dE@E^7tF{***}!WG@=tu1ZCBqPPiU)uWOLh
z;}U_#Mxp<`zxF(#Q{|Ng>+=&)C94rHoyP1-lQE4zdfbk&dut5ex>qUD-qg4^igp`$
zNEl!{hTmyNV^yyd>6DDF{43@;OS!wwbpETjd;j+fQLdP0VT<@_Q0>Pu&hkHR)vCL`
z&)S@%*Y1NX-)ivrn$~!;U|(iqSKZ^gPY>B3nQoA+F5a1J474^ngkO4H84}k(_WwLo
z`BA!x<Nxo=LB(l<5EwAi;~VkQ+@MM%>zR|OA49a7!62kIK1BaIO5ApOSIjfX|3lVW
z2DHI!-NN<auEmNMEACdjcw36QI~4cO;ts_f3KWV3cPs81AUMSd!GZ-z;7gx#?sMPw
ze)9`{B{P%Rv)0;c?@81SAcaPh<13RKU2pwof<i5y<hBwA7!(XZU!)?-gWTL6qo!?;
z*fXIVP;ldgnDn%}6xD;R;0~INMme@ezg7z?d#)+$#s8eU;=z3k<yX;>?e5#38jj|2
z@&D7D*#8%a|KBBbVFQZ)$;JcEZjZ$iI;l4+cK;1!Z^=zd7=ubXzo(&Rx+G49+^}R7
z-Dr6n&w7v{9Nq@09?jySDlWlJmp>`LYNa~<K5aUi_I~}Sng)#C8)*?yOb;aZ-&5$v
z2UCBMh$wF_eN+E*Lg!{B?%&V(nUwPWlbnH~F8<N6bPS#gHb3L(8gGjZPa8o*`3VCz
zf8bdUREKQ*ZkfAm-JwGNQ`U^>14aDlj7P-(^CADPlSCwx`z&+U>CZoWDW)2vL=WVC
zrYLe*$@-zrfpZPf|BP?038i6MKa@UAXLpIECC8;DKa}s@?oSt~N1L7?6IBT7z8Bc|
z|82!T^O*0O8yjjLHQ#L0{<zOfSCJXS)2;iDp2SFh@LO!N48XpY!&SupJ%Vofxr)CZ
z4pWC=h%A@wVd5$s@N=3VK3JA4;)&?|+>Zxd`f9IbsdFt({H;KsB%j%E0aYO7f3JV-
zvWuw7o-5`rhbN7CAi5-)AKHZAWTj8#FJW(RsLKY6$0?>r&|YUA%3CM6^wm465fUQP
zdRY1fIL?u>A|w#V<z8>5)?if@wLFs{W|xylMccX<F#^DWxYDvndkZi`;Y_+DKlM%U
zIK%w-!Oz}<1$(xP6{O3J=_-dBBLo04?N!GeT+**`(G3K^+7_W8;&LdQ88l$N;niez
zi6~BS7Yro3T5|>`6+x|~i@7Qnlde4w#WW=Z5Ph8*umHQg-t|#sZpQ=z<Q{2Sw46hR
zQx(7lL^p!MbuRIt8##{NkUg0i(;Kz(fw#F+SH_9jw-B|{KmzcyNPC{tclF}mxS!U2
z<f@#_9wmxrQ1Q>`8*m1ht42yXwl)f-6ou1+jP$RM80OcE^g%sUCvY!;L~7uFV$J5Z
zQi{=eEc6m=9B*IMK@xC#(d_{?^m-CGUc`Cfxyjlgq-ZaO-_z>B2Ajxls{V4rb13lz
zkFdnr+zTmDSO&?swCY#GLsTcxMuVnnd;yAH=f?W0?sqD!CFab(4iWGmcT^k?kaY0o
zIl8>NNy?I>g23nBCfQaYH@yfQ^kzUwIOV89^W~Ct{SNmWx5t6^TP_4~^=H)|R<sbd
zuq<&yeH7>D%2p%2|AIVCYig)#g#dh`KudYHnTP~qiZn@8h|gq5?&f9qUbt}yb5{`J
zZUa2mVC;ap8`@NyNH7Nd%gg-wrFdS&+Y&cWjA96yOr3+K7KyCL)|4DnUJBOqLYYR7
zm?DXXRjcD?1(Gj`m%0D6z-&ax7)Z5zJwAXUU7%|{Yj>;2Q|OK9Otx#?amEF^FGg<<
zjaI7@Q&+7hp(5_`zo9bfA0ivu9F-kak3m-%G*mWZpC<v{3RCv&*G#HHGlRW#cSqH>
zM-e2m>jniVP;d*2z7)MW<S)|fr}t1ruz!o_uYcvTDXZb+3o==)3}8Yb>>zA~>MM-i
zRusPrv@h|yfkB~5ttc$9dektd3~q86zMx<2lH|;IE!ilBxJMiV{2n@hp(<bqpd#z|
zdDdI|yj(S?g6;XT^_l%vEu7@as8}_8U7SjQ(tgRFB2N;_o)dI%SB1Q(f!!T>IFGI#
z6lKlSz)_@dbYh^&UJ5*~jyfIXoH{w~fhhbRHdg~D0f-0QBYfwL?m;O0S$_-hz0%vb
zK0)qmhGWZ!%wME6VbhC?Jp>eUA+7+R+qzbPuD|$lPoel7)#|wjc{JS$Wp@Zb?oD3H
zn!{aeQhpd=&a+{>lcX1>GFDql8e^x@3g+JMP;#A*wUO{cdkq&~n78d|$!Z{n4vKeF
zRT}v&fmT7IQ$2ysy_d_Q_0_&407EIbwG!g5{uuv1e&EsuifYcC<PWgG2ded(3FP$#
zZeYj>VDGX2Rb5{HxFF5CQuZ-Ckrr6<C{AGBT*?RkY;Rmf*&44OrNPz#@5x+JN~@0;
z6kvDEVxDwGe8b6Y4eEl=ReRboVyQt5r{NpmrfL*=zMXEEt3j=~Ul8`Fv!0HZBw_=)
zRJ`bH-P`EtnP{_$fW5&5bnzT@VD}o!&*vF~Ppr18Egd{6Ixabf;%9c7PKK-2SDi;x
zH?BeE9!NM35>U~(sl+K$Zh!f#D@Ub^28FB)6WY2Q5T;PQR##Am@no3es8j+_wfxe#
zcdEmq4(?i4eE1B7%@6bh?QeUV-~w3vrXJ6sR!2wxJ8C1Yd*?bNRWJh=7kSQ_$RVQ>
z2dM9<&(xY~c-z6hGq`kT+MAdadT2Sa7G`?ns58LuF?KK=ur~N!K53flzz)a!RAX^L
zBY+4U!We`$Ac|My_hzhKp_Brh?iDjk=~;q_FaDFLI<Uzp8)$ltlBbXVl_)pv{Wa2-
z7n0xk2iyb}SQi*))h~DMO@`ot)+Z27T3}RAJ=sMaSt^AI+5f$D#IYr$9_6R8f~zt1
zcPl|vD=_|c{%TI@fD3EyKi|SnhkD~pPV<{iFRKEv!3J)s101~_$S+LllHb0(iBQcF
zG&^3AW;d#RmSZS|GPRMs#HHpbyRYo=G&9*!3~zvE0W4<l5sAaAbgOFck~4bPy0vtx
zF)CP#7*_bT8r=r8{^bOUt$7+Z4exP#m6+gg8C2QR_0h08lV4X35ai+Os@~Noa_?V4
zzgo3!tbTf@*feRuT;nvqYIL_c(_gim1PMR%?YV2o!`SO_R!2qmJXT<xqJl31pn(!H
z33&+L9|-F7;wM{ZnwmW<?%UB)SmLHVi}V&mclDadCOLE@Ry%qFv05)f_EIwAoH%xu
zclqPaMK@;Lg>**puaEm8t6<iuemRc?0`8&i=SY*8`CwzH)d_OQA}#JOstrB*7a{Fz
z5`rn@3?#$y9?o30x5r<*1U!QW-bo=Y6eQ(L?^VPe5J_RpO7Pt*XNhj-Dh8m$_gn--
z)la6^6xFAl;@i7F3)?a-|6Jie*%){jeo}v*RSw3}d$n}B##Z;?V>8Ya<hOWa>qij^
zo+8OOLXmV9`)dOg>JMLKNh2$1+g%dD8X;~O(JXmH|K8rUHU=~4?jIwe{NOdS2>XX`
zRa?1L>!HpoZZw@9lTD|`zXeZM>bm&X+k9J@ok%;0BFb0em;!@(V9Wo=j6c~5vQwLV
zRoszLj{ES7XNT*)vv)WJ%pWDo@}|EB(iLmW7ye$$EF?o9u=oz0_*u~}b5J<+Uub91
za@}`XoCTXMcOICe38dt8E8Ykt%^R!=ykyArMhFh&2orO*pC;?N5ZkJ*zx8Lq)9xnF
zRMtCcQu~KmZGR%U453RENgvLBMyW#Q{0Y4nD<}B9Uv^x{KHFS;afCg=A>m>;Gu<j$
zQ$Lr-zCki+#W#R%iRcJGkjXH#Ut$h%vY~`08i)2TQ`3EWtF@8k)cRc8*bnpg?%0d_
zy5k$_B`Bd67lAKvS02Pwa=Bh{c3iUqTbAg7X-iS%#9f^f*C??Il~?!W`L0DJ9d3hl
z^ztbgY(VAnThy{1vKUX4((tX9+9`h-Lk!r9rOMJh`#e_F_d9LiM-7n5WGWJ^mzzO*
zDvuPN^4fC@?|*JjYcm^Aa4n|1s^z(H7u={$^E$37fEf4T+S(gB-o#~kh$aSu8vi*c
zuNt@n`*lGN;C`ie|FEMLN;z>;x*yIrPZ@xw6>Q6)w47top!-JiaPG@DXOtyU4|Kp9
zC!~cM8O)pDC0t<hh?Lo6Jm{6%(ig9g5thvZ<cUug!9Sw-zx(z1uUjk=>eL@BiJ%4C
z?#G{Q;6AY2!%iNaKfUXUMZH!lDRCDl8H@rm^A3b0i0!%mT+A)r1-T#eLkS~2W#9iA
zXy<-e7seqcMkd3j_{pOz-k@K?97{$&rfo6MEBw7d8=kT(K6XF1r2TVO`BeIuSM)A(
zQRSVXa|adlK+>${vO`<SaO8QLs1Rxxd_)mhxO{}lm2_sgkvH@#J^PCrEE0+>xE5j$
z?09U9nB+A5{TpyS9S;aWb%-Et5pKB-G)8S-$8KR*wXf`dzafO9pqnWp<`L}8K@(*+
zrX=~d%JPG$%JnJ|mw+x}?Ko^b7gcv=cQL~8UpMobP9FNNxDFZ?7n({#pQU-C)t)fA
zSf-0OE>P^h4HTAtp|LgD&jeJIHf9XBVKRG{=<$n`NU?gNt#?0eFeXmIdEUp6hqt@+
zW?TaTXDTW|etr)YPsu}}wwV*vp=8glHkv)<CP68PSW<mnB(OhY|LVn?9Eh!i=F+4r
zc+&x4pz<cbI%yZTz)u9A_7bx3YyD*Rntg;>)`y193&Ufu`(x;qd`}D!v&@72%GBiE
zb2P`g%@rwxrs>S83dW}y%ubg}z^?rDSz1@jUS1$|yx3U;Z8hq}sDZ%yy}$zXJc+RC
z*2<oL_;6MTk`}#8OO15Txi6oz4$q0cTjd2Fy-zI7$(=fhM<I)iO>L8wv?IO>*@qAx
zjd^-<d>2L+9wg_TSt7&LK<=jHTdO~6KfEfMeF<ap$I$d2K_vzr2+)g}hkYY!W;6|P
z{tj(Cp`bzGx96D##J(?c{sf2(w0wPs*>NF;{z_S>(IvlRQ0>KRzkM8iShHPx$`eTm
z(Wz$lkJ<*}Pke)EOGLzVrUWZ_9=0U!pFUiuKUl0Bl|du#|8tO%qM7J;U_x|9=<Vmy
zB&;aPWzu`kO>SXanl!87Yt4FKrWm0`>^$(*x+MRnRIu)Wwb$4?5_(_^U?EXU^xnXI
zvyA(LY|3T%`s$oI8RI6mtPr<wPphq>dtuUf%-3Ml=p}x7c}G=hpCL^;=z`RH=S4ag
zjW>uBM+(6+p1V7-NH=c<kZ@AVc}dHr9(QCkFFF3^sp`7-m9aQ#Fm!AX8AM(>ZQ3zY
zlmz|N3k+%t-o}`Zq|UX$4hv5<O&l>_Qs^a4M>HQW9_U8)>@-ii=3}08@{!w<%y|dv
z92A*3a#-OWK#X=bX*hjxU1DFaQEh|-!)u&mw_NyK+bNqoDAty$i30?kW!5?Vv)mX)
z^hWEo#7F_>J+kVj&JIgqUV={DWnm;0MjxYv3DXL_&z6$70%!DyRDa2C^v(TR^?n44
zfF~|t!5Dy6H}isPa1`+iVk{2oXtFA{-}v+zcxD~gs|k31*9I)1i2FzP(2Df(FyBm|
zjPdt-VP@#7T=rO@>XYz-|D(+^XXAzgy~MUBg?E$E?ZFHz2bU!-m%S`=qlQ?zDnC%Z
zGBt+8Rnw3NZv)BD<af=Y-<C{BJGsO$X~_A>1G%^{1GyHvQDZ}?J3K^D_j=2P7Z$!{
zy(vTa5=bFRg)Fm!**z>aLr-!C0|M_}9N)DGs`m&!G;$sz$I9Pix5xC&QLJOj)%MM;
zc+c2JKo|dfT41eEOvMl;iKe0l-v2f1p$u+2Him3#h@&r`t5%$}6y+R-L=^Sp%qD^H
z^x{10s!WkjMdLSP2M0|jTMG|Am`C(0&J!GjYmB6|=*-v+=B-t4mia;s;%G-)xWC5)
z5s~PZ!UJ7hUFQ09o9)gHi7@=ZkZLEu`RCgXbcn4a@r;N14s+6R>4o24x%uRH@Mh*n
z^@GSH!;y7?y$e%o$73aH-%RzCE8gh_Aqq)SLZ$V^qMP9T+_*fDl&?^G-sgyQD*ccL
z?oKpq)r?q4inQ>i`Q!etX?q(Kd57`N>k>rk_uIqGaE+6VwJvD9FrgML{*KO|@Yl6(
zetFckY8$cP1hLAmk|<qNds|)uXX?t!72>J;Z!e+KGc#t##7+#9inf1Ka>GAa%1Ir%
zBfxHWHt4k7ogB9B+3wy46w+mfMl{POF{r`5-n?b9Kc!P4*9o$Cub&Vc!7RJ|3AHd}
zwdv9*BT)sI3o1mi*Gv{aB@vc0dza;}W>CEC@+3)p$o&gyG=DmkWEvkhiRbuz61S(r
z#s89qT#`^m8`UM-8UvQ2e$neC!H=~*{`F2$_zC=BRrF0}^Q%a*L9+b?rVhmJ>o*1}
zn`M=qSNe0f7y&Q+mK_5_gBE=#-<vbRAVbOdpl;Ok2yQfV^qZXe5u0XX8KR`3UPlAf
z8}!vBz={2IU(*E7C~IaG0qTbi6O{cm#oZ60RFQF<8>eF0MS}p$AeT{ZY`|4E#R(0&
zcb7ARdQMU3)prRAU??FR$oL&Lr_l_7+`JY7aq;{dbUqPeL`mQ@dBlE!tl7Xd2%Sb}
zB?^p=o;7ah*IYqdETW*u8I)jQs(<eO2b_{knI~Z%kyt&XX7Krnn{@ymv!C1LRE)@4
zQ(7xBq|;uN%&hPnmP98|TFv{TL=64o0J*BWv;yIY;c`e?pa{mDCnXnbfE<trQH0aO
zj8PQ6F@|CO*c~OdW|%M{?~#2pVKafSNH%=IIWwakPX+pS>|q_<c=t~8l=01KIf}f?
z{~WHU9(KfWi0(B_lJJYM^f<{J9^w-%$KL%tH`wa3aqrW-SMEF#!f5NrzAygp2a1pa
zbo+6w4YCKJUM^0hap$A!u(9Y`&4qi!_{;uSR2Ey^e^X$4Z_jllCi|TZ2M^=E`xjtD
z`3uj`pFwM#g(SjtdnU%crWQLB1He{a8Li7jmu%AkVcHL3BvH!u9*(MxyjSa^^<WZ+
z)BT<Mo%;e8dqoaE5_X5QXuVo5$$}i0)Iw3Yyo{-&xDIXV!-kQCD)a9^`xDSOsQd2b
zdj}1~6Qu+>Ba2Z~{&KBq{JIKs#FNpJQQxa#nGVQvTC$IZgBpZV^o#jMFM6G=kwX`E
zid{{&;!+}wIhMY~mR7A-y(h;_qK2y)i~1KtT4MN2B6wRK3}u=E{mb2IY(cFYFQ*<t
zBNsk5fD<x8Zg#n)bAGkN4aR{VAjw^F*;4|uWLs(nWXLO_fh)G(hzz!As_Bz(`S?%>
zF0)2D1ojhp4PA);E8m=iud9JQ5kg7aeFvCl>lCPUs<g;9*J@%Sq3sy|ePu%SkjPJ}
ztvb@L36eFk75N7YNtvumGKQN!Qgpcbj6jdHf4FS$zT1&r3G_4ef4HK(zGqhN3-0rh
z;7;zl6d%j^5Nk8!=R&0rVIDUzD)hbC&Y(4)4VZVgvUeKF>A#Wv=REI$vhys3v#`Ft
zk3ozQhnl{EB!j?RM2NIc(>JsFO?IVz<7>{YM{QTfGS+W`63-YH47*OAZI&gG%h2x7
zJ20WswKbYO`S!IXwY1*$tN=aq@R^~qdNE=o8F*O4rr~?WcIPghAwY>qQ3b37@^d&)
z-t)a@My?I8fm&~R6LVgR26{tU=f#uO-3=-7E-Y`4G#gu+js@5am#-~R=~!R`xMMC!
zlA@~vK4^dBfY6%EqwZ=$luo!iBb5e=2WhH+91hJv$By0ts6H+5L2Hz}veBd=g78T&
zHq^gUIhyKOTfVYZ4P4*>fi`fJZ+Vb6lSTHu)t*{l=PJLSi(!_%r@dj;z5Dz7Lc8GB
z(Ru)K1M`gjdewr}2zm@J_uR)_9<Vn(aU|pM;0&M$^MHr{u%`$!LEfI{4X+L`KjgkW
zl9px;+IX|nR)980=9Nzldq;F$%+dcxu;kA^?Y!d~`G<-;yis-)Nkcjb7eZqO*Y?##
zAqNqM_Iti^8mwuo7mE|EBHs^H3hXvKu};!r;|j49AO$pmS!W2UDrJgPNr|k$3;_-S
z!;F!s+c}g5Vp;^%y+$ScS#x+a*TWDwyJU1Vw|}E9cX4zdKkeqyc#S~D?-vB%uABk%
z(Gc70_A%Fgg6<4gMtZVb($??f;p_c{VQ=e894zmeN5)-9%N6+Wee;P1^QO^eRujCp
z>HdnJNL4S|hCy-j6}=#aoBy=_Otgx@Ny{F!KN4y@DA;u~j*AuQ@qmP*+Gxs+MKH0V
zEQlj{Os{-=THd^U%j8n2fXe6oWCQ2l|Dn|&Wu*>I?)+n%gLhc=l}Q2s>bb20aBN$t
zmZu$qPu>=V?|3P9ks^Grma0mi8lfppoQC#S+a)D_lG|3jBNlnbKzmFI;Q9qr?=JTb
zE?bfx(*oCyg2#4z??4`P6?RvNH_y$mJEu5iSDVNA`lyO?cx{stAOLEm+O-U6lz|r8
z2kHP;RX$wb3n6STvw|e4yE=^F$jv5{0m@R^m+aop-nt4oRAhgIghQ$!H2|dP^{RUw
zb*iy8TgkNd6I!a6<U?s5YI$h)qp+^j_(a4UyFNrd;<Xv<HL|(_qOe|8l-3q{=(s}C
zs!e0RrIoH{ILB&lZb%W<DNJsk<{&HPYSwldK27L=fWY+pI6DbJZ{C9smah?j3L~Zm
zEp3;P*^cpbNEB@}%Z0$EUDNmIW+%*07v~Kze-TmKz%<Q>uDp*Cfv+vBf;`T%{t}7z
z>UX6HKtEQ=40rXP>sbjbM*uI$i8LqYpcx+~TS-F0Xx`}~><=O!kbl`fG-L6)CH=$g
z1k*T;EZiNDjWg4GBY6myOfmfWkdqUyJ~_r{wQ;WD##LEHV!oacuFxs+C?4SW#me6U
zkGjqJ^~f13KDJvsBOAe33Cm#DDYt8PBy`nl-4U&12>P-g^_OLYy<ESU8V27`n92)Z
zLYI_ICUy@GkA+r8iUT;+yAU|X5fz%e(6@rz&`JtkVWH;^uMnrv>k>)Fcil>@IS=<L
z(;6Zc&Zb8Q7hRMB^dLfrIM$ju;{C~NSP@WMuUp5gqu3-m*CAJ2-$A3cQ^MSIab0QQ
zIvS!8$_88h2`z534kCW&SYM6Lok?^GY_+7#c1j263~yU~A4YyQ?L=Mdj1V}%LqKbm
zEF5B64c}&Xfu5M`?e%qkTa`c`d^q@L@2n=!notH$5!9H=)r!CIuJEzKeO$QpmXD-&
z!F9)pjq2dg_0~71ZFP?B{U+<zQw4%GgT@y*PB)5^Q4QzDaCc6~@M^rqPZ=kYR!Kue
z+(JP-ZKhz=cebB;O;!h!Y~q=!%SwqYV=Hw$i?G?KC{Y7Q#xA-P)*tKm#@R{6MVW24
zvEIbgocCZUSg5}3d0QE-`Cb@3bKxzTXQgP6_#C#4@a!-w#9Z_xV1iC)zy?bNJB(#I
z`VZ!9Y&m1)`t^XI1Xt(%rQd1JiT^SlSe8>fo5gS&blV69{NvcEB1j~XkxufRo|k%}
zJVW+;cTy*|G*}rQ`&3@}3m`qOZ(~Q-%kIJk=PQBzZe@&(py%h4{x(k4KA`H$7_Fe=
zM(0k0{)B!a-={9B1Z6vKpzpzd7@l$$$B%#Qt@g4ZT;)If4|OM>`ck?2Q8Di2$2e?S
zoHgkc2Y5=@00e7Fh|XH{i%sVS`GDeS^uSNd)=l4^g#QsWiexF1kwyekaV$BMRs=Sp
z1bu#06Tc6hXSILZz2-^^t0TT8CRD0y&eW8+g5f7_XLCn?OznE>ftO4V%owP0`=)`f
zJ<i#u9gno&oTl0e{Mc%v%*W9%t{mt&sx4BHwO$YIpc2R_Nm_F^w6~IOjYFP8FSHii
zi?cEkfac>W@4+=z&f&;9Fo2hE#-qZAH9OMD`Ro7qzX+;V*VJ>rXy4_->W^n=5BN|N
z4x+Mtpow##e0@QpvE?P5m$YBvIQHv1`7R^BYMk?DwGQ}v-Y(Vr35@%`fDl|o2p?(>
z_jD&brlsv*ZlJmrQoIDJ*Pll~XMQTb#YfrxGgmJE{-m3TP!Gra9`;El#9T63)Z-;o
z4!GM9&a!{nKrZDObTjE?&Yo@HYUZnjYXm=Nc-|%ckTlN7X*aKk!#;eBs)0@$*4mjl
z@;++nb@6sCJfS`9MliqJa0t0ilGrS>euKYpohoao%OQU?Iyn8J$~bONyr9V47e;~0
zlsqb>vYsgI{2CZkX+-Ri3^r_sNE6i@zXp*Ni(h^^{)c0xNnYH%580B5c=}Ai-mOY7
z`xeq_F6z#cpOt$ly|O%7*pxqS<Sry_qfJWxepqgu)n5>%xwh`HXV?q}`h7VO_u2yb
z9rxv|zxH9wATBz2czZR&h(hh+#J&VArJFXlbI32Q)N+<pVTZ)^_f7GcKFmb%^uvlC
zzxZQX9be+%y3&omoTr@X37@&;Q{5xG&dc>=PRmWVWb&+~b4O?(%fwMu*3d1-olm5(
z;@rDzxmaAw9~pvwUwcJy+1k(&NbPD;wcAcgWP7`jNCy_j-1wj7Q4?RnRwJD#*T5n7
zoH4y;o0Y}Q<}kd$fojDPpX_=L2#+uDKL%_%V31xb6C-}#O^HTWM;i8jcsCB8LA04X
zTE^{-roFS3Z0qDBUf_q1ymnjNG2C>mYljEdSW8LKY6d5pmmRp`AvDN+(-p75oaPf?
z)%UTr$g1zn0A#N7Ca`MN{Cy<?Wt7QlHX_##C1z%uovp>nkho@@8@|Cy2{`znBt@}1
zCJ=Uv=A%UPJ&p`@isSYI1)kZHIx+hEEN8m4%Ibp+@42{KdJaeFB;rsPl#&vbrkWh9
zIy>roR)Q0dTFR~e>Ki}tVEW?j{POnRlTM&=sn-viXHfL|oaG>R?qR^3dt22osOD)D
zJ|u=4oxxdABAC?`Bqy@z`}T{{e;pCo2G6FOi?|^L_+ZiFR?NvR7!#99dW7G}^{Y+~
zFjX@&w`ya;89?Q=eu?dWw|3`p(gCMNomDM^stRWV;wFsGex1+#j+hAdv_E%dVlAJ=
zO*4fu;H#QQt+}?}F6eB>8^r;#7piossaNq2G6m=l$}V+p1nca3h8fvdItR)u?Wc^B
zBVf6gz8RV|w{1ep-aOR2s(~)1#9{3s*c)1l)0<BSw3l&dfG592Iju~=smK^fTO3=S
zK26Kx2&nM4|E98vnug_=fyN!@YVABGk6c~PPLHZqL!DP|G*^7!RM%%YUVrZIXnx1o
z>i&H|q4RF_Wb<vJ0d!K`fU~l)$C|}TnrUBB?R7(NyZ#jJlD*$NEHX1oC)*DeW&99b
zUpA(Dg?>UIW@Ls;)N8+jZs_PYK3%1HCpRsB;pfY4r*#M`izb9R1rz}ti<qz)3O{>@
zv~0^>G9}unH9Qv;b|)~LQXhyI!zgYscv0Y)H>GuLBltuWAIlp+v^%MnC?cnY+(cC@
zANW1L>>qwF$b`!#y;dK(tD)ma+qg4sv{ZEC`u|uub_$${=cAw$CpgkqW4c!Tmz{pc
zbQwrz|GVy&T=rVj12M0nQ5`0>BAIi!`uIUn&=h$CxzCqbk&&|L{_o52GRJ(9L@=56
zwAwep4<fW2J&|IgM$9&6#*TBe?brLVW0OWXx4ZGjKZHik1^!$PTAOS|by)QV^7OQt
zwVe%>qtx}<eR2@11*)B55*F<u)i&?@O}oa5#BD=0Hh@EU<gA_j_=utR=F6%Az%nhr
zDd@rA*Zou?6CurmX4O*I9)KSY+k>N2(+OWIfY3aflLEG<e>CxLs(1voov2w=K2FaN
z$DBl-fz!o2`Emncx+<C6*!1!-J>p(IDBG&ndVuzomZ_X={<W|!lW<gj`rel((;oy+
zo;$PUbp6iBrkJ+S(J*s6$k1x`Sn)y=YHh<l=@28-2ur130Xm=3MKI~b81X&YRyT+R
zsH^o&c)XNylG#++9Bs5?UP#03XsKn$h@sCl*&~V0T<3NaCwf;Tj<L@ywIGpbm4Q4<
z|6?!LAS%zZ_I!*?HwHhTgcg5h-hgVMsNE>r|HTr$_s%e_PC^%JLwUDo^7``Rmz#+H
zbOM<B>ypVfC@pYNG@p?(bO|Um4y-WhAaSd;GTr=z|K`oe;MeYxO?$7E(6+8!sv&n~
zbfAJ36-sQk=jo1Qu(t8D!!_TnmlJA!cyrX@=<a0Za@?<OASZSid{=q*l<da$?EvnZ
zchK(wAOYzbGHLgCm>!&t|Gc<jU{sPK($W54Y=n(U#ZY+D7X@40{9k0@y5~n+E}y{2
zhiE!5#xEc5e__JcKl#>i(eLow%19r_-Rx9Z*J1F^JMSGGxrHcr!<<wiuh{?Ql%1`#
zdzn*B{_Z1EB|d^}xPC>vVO08mXDd@sQL{^a^VY7bbKyhBV@`1-R;LR%$9q2<cO%z1
zfY7+@{B51M4&b=+?wDHJz;8~=bX5MA*@fJPM9RY*PDjxba@9vgcCQ21Aeou!)Jy9z
zQpge$*>zo^_NGWyMVZW@@-f?z)$BhWS$VssjAM!~J}%mfWZ5p2`(9|JjV(W!H!tFk
zBkxT$`CSK^{_P4D9IQbVLZ=3#_fuJ~4qW1!2r>s&qHo8R|Nd&tWC{-p4!bBb8aqf>
zLJL^V6gCo_pC7&<Oclt(m-w*u)0&daM?$=UUZT8=USywpMx9czz>xbh=W^&q)t=dJ
z5O0E@FTZ>jH)-K5Nxs#hky}AMX?t!LTAnt(*nIPnJgX962F;+EfFP;PtirD&-eba<
zUV*Ck=8TiF{$<!2Ma#a!EPU0WYfO6uPX}V8^D&SzUSVo_HdKmpJKuMhy7*(>2U$GT
z4x&~A*{zV!+kpQX=Y~^QNdwAH!N-VKFR&=TwzrF|c<kkbWv?mL`g$p;hiH~p);8^5
z_G#YCA=Gc@ajm^pxz)~u+%$EpRSW{mKpU!S1U9yZzhk~Jl3i!PeyvZxdy?`lz0LuD
z;Tf~nEz|j?S`_DV)XH}KSaf@XnV0Z8A!K07be?{+Jy_Nq@u~g#9JbKV^3CH%Z_WD;
z`zV8`njn8C->`YW;3itbAeSFT<S~e_+6@Vid8U%ZxJWEaASOwGtde&}bi24p$P)Lr
z&b$2z%r&)JPnO^i+t1PrP*;2M>S*A52UWU|g@lp61)uAn_MbmMtG=Ljci-_w&cQ#{
z36nl@*`hDS&m^+*m!A9}q-{+4<s)ETuVKK%BdIbL)Y9^sZYI<2Zg8gX6B_=Z^0HYv
z*Dt(9!cn~V2(sG#vT+SLIqx5GoR7?0jyiD7@3$}0VNTEK9B(JmZRespqCcUG8MEv9
z|K{0HdC{&drNr9-3TKm}rG|7KOAIFU+!)k>Hk&C@d{IlmZ%0H8xHgqB;jL`GDnsSe
z=aq?_e=;=$X!BOidi|masaM+8-q5jGw*6znT#U`qtFJ!!8>s3>E*zOUB3ts!HOL3X
z)Rz|Z%VB18XsM>N-VUhoP1x4>b2a*;1kV%x@+SIjKdQGYplw42fz<b|iBt;J^bv?*
zOz!>Aj0JtrP>K4b!Y7%YKgjyH1I5@ufr2gExTJITT^|dobM>OZ54=YSf85x5FbKdV
ze#|47TAMq@alKRET{F-~N5r#h|Ni#5E^jd_Ej_P_^1-2dUheG%_QPKy`TgD!4;acX
z-JUNn$v!&7B;Yi{CDq`;*Z!%_*+KAY-4)Ln;mJ^@eQfc-NO8&LYbqmGYH0GY>y<T4
ziE|X(Ni68Gx|+h#tw?be((9A0GK<lR0-nY%egBPx!~cne^uX4@)9#nkRmPGRN6X*@
z9Yg)0<DE3)0eC08gIb;Vc(reiJ_Giis8S&l598T1Ia+>WBgy#q_`qmJ)TVa2NH&X_
zbn+A&D66eZ*;2?l1+V$IVAzpmi%l<kXJcnps@T$TMqszm7ZKIpV=SM|Kyf@NjA&(S
zgCPoUW9KUwY9G(rzYj;tOKg^3u%feQ(sO~@MVcK<xt<4YoT}x7DLt1ldlvAB4b)-N
zY*Iic&|mTJ`8b4C-(zC$<#7H@?3y_LI2mHZLF_KcREOJ(mu`I4R1?yo{DG6eS%zWW
z)`*1BY<1rO%Y5xZ(}AtG#@iE{j-x_-&Vz2K`f1GIe1lwBQoD^NuzlHmLAGcl1Y#uQ
z#~;>}5t{lUHM~~Z@4Tl!c`j7Fe(`a4?Xi_^xIR6ZWHp*k5(zCecBTjf;?qv_|9CW8
z_WR}%Q3$WO_uckqwsJ^9oPw4*6R^XsygD0=e8h7F0kD43z^~7>KYqVZ<0zWSX&hHk
z!A?X%lBpPht(~wiEG3fsqI@r0jR?n{UvOAa-VM)9p0hW<gxPejxFaSHq|C&?;&lt}
z`BMa{Q0lY6z!+2xHYO@LbU+A5JTyG48Oxu9gQn|5csLMF5O~H4qWEE{`0^Ro-HUdu
zn_sFKJRm#WdWtpy>H!LM3;Mt_rE@yEjD6`(oHzyUV6D@OQz9JZtB>w<W@<rJ;$L#B
zK;b2^+0k&LjBjB%mBl}7=H8Nnq72gSFI0;Tlx~E%X&^!@omj{BP>t0)7gj;Zin#TQ
zLT15L>mcL7sJS#-=s0IaPc_)cPZG97Lmm6syB+NHtLDux9tU=wN`B=J?DJZ!KXZe{
zW-9BULd})D{U_4?Ywy=TtNX_h+}cuRx-?LPGD|3|>DT#_-okW=YRZ;pzgm#4zHhwX
z<?+40&=6VuJUe-i-dZeqt}2Fdu|t|{CoIwcM}iy`sH&4__-ea?Y{xxq!{!*Eu$(_8
z(wQ`0ERbV!g8{wp>gANhsDS=22(yM*>s4A84a65^6gSL!ROgXb%0+V?UhOoD6SJ@X
zHC4v37@)&3h`8;oE$$#$<BZj+khDMPnh0@+U)+I+p_8{Lzw>{AhU;__Mj+nb3OZr*
z5uUyL?7IQ{_<<?cQ?#gB*J|5dd7^O+9yTB*3HxspZdCOS+ML2D+dS3!6kk=wD&CsP
z;-{H?Xh|A9ZOB%BMrghyJk6fnOzDj9#SqXw=Ce$SaH}P^yv~kMD5Sl$l-QD*+_o?@
zT{tD`43*4v*Qh=Q45?MOqFioTt?MdqfW~Rs;9d8@NWJHL6{;V`s-^(Dmj;fK=rV4k
z1;g0gn=dw#_*ei_kz(BPciPb-z}|Dh6p7I!OPeiNj|y!!S0cx*{yZ1DQ}V{3&hF7T
z6&bIIz?u)>RotO1ZI&f6T&IZ}Dd8N^TA|RGrDB_!QA%mS>;>HwJZhM+>U|I20@o#E
zbzxNkmwp^qX0TxS9f51E09}B9j4M6Zf$nL^VrJ0cb4c-BO6e&QqNJ`co6L!<%QdUm
z_72I>Oy7<T;hmwBxh&`)yB<?%hh@3w7&a11&HE)D(>1wV67FW0FaBDscG{YDT4Tni
z{qgBekxR^xL$b9An^!(H|3qV}#^IRhSzOfXy7SmKIZ7H+_2@sjUws6$`(K}LP6ql0
z=!i>Jv~keutIgLRH~M#QC8u(2q$J&9ApN1omEo|pQQi+tEsxQ!Xg}(O&Bgzkj4j1g
zgp?%Y;$&H6WE>&^p(>td=67<mBWEc&BU~94G^<llktc88dGu4y)114%va|thI)?*v
zL?L=Z6MuDS$Z(fCac68V%{(NEiso6${~=b}O2o0sqyhbx4%2LrY(Kmpsm+-hg2FA*
zZ^Cx^Ef<;r;usj1)w#Q<2MArRPdCg7Uu8sTOfg6iva7y2>;PJ_I(~cid&SRWM=pr3
z5Y3g2FwXtEK|hzX9pjp>KUV5wm27o%U!*OX2J_Th<cDU$?hkC^o?FHn3-TsEydB!-
zRd-?D;wZ<aI|4i(kF8w1K3?VAn;0i4QNGpHRP1ryTUE$2+kmZc-00xJd54BBFH~`B
zbyJO?!%tBUpT>UK=2A}^vEe+?vk$h~7&<2DOHRvoH)HR8bgBOfT7}DrJJ59ywnMe+
z@p?8CC)H2kS1{oOnO=MdSAaJ<I*jjddCU{<4}-`r9*q2?4X;o&c8bu_`em_Yguad;
zba%2!Wp&iZaqvK&>Y-s>t#$BBS`tI~cz&%>ri%u1QCCvnh^G>$8jkXrs$sS)x)%>x
zuR1QxY&F4djvUEq;hU%z^wxrz;@<XMZ07SuE{z0`J!sLs5ECZUElk^(Qj>VVPkh@L
zZBm_LDmzVX(pi9!=NLJuRiA{!#kWfDe*dz!$Y~*(d0_AD?8si11$|fzRV;-VX@mYN
zJdA|v1hf~yRQ^^PI}1NO_b<gsj50MJ?CLrj<(js9U?WSrbGHqiS_(&NslkWs)nXkc
z3ASh;j<Wg$m86B2Ptl1cDt?D}VN81@yYN=xCoWICzAOHGhZ}z6wjFA_l~j6-u)Qdm
zT)I1|$Uq7HckGzO$LYuKv_+5f@zCoFh1y;vy<nGOR&+?VJqtJQ{qQOUhjZQNI%8&!
zQ=KAiuEwXfRcqZ@Zz$efb5{WO0LmYi4b-W%8Kn8YSoT%gTc6FPtVWEx$ntNE1g=jO
zsN&3#Gbz8;>jo)hQ?jy@dkkG1c=Er<8CYU?x|&x#Z@E(h&T+3d4+uk;=pq@UONoof
zm}iI=vtVbF3TBGBjGOoa=32z&46}NRP%|MtZdm2Bsj67;GVq`~4@VLK@W@e|3`>Ko
zIR~2M#-T*%yA#kQ5)MH5d$;08gEyx=Rq1}9UKIGLrtODCsPOjPLrLuyZw1~~^K5^4
zA)h%Vs!{RpSX`7jR=%!F*!AN&CDnFvoQqLkYF7~x<yyu&C0p-FnYu(t>5cN@!VFa(
zL77X5MT=?6@+hX~H3Gd^7FvaK@9Vt--gAO;k1h2sitIPQmu;wg=Yc(2!?#1rk`$#I
z)f;WyeMa?ck)^e_ytEIc_LWg~P!#H#Rc^UijaAfnSW_w^O;ZimR@alG*J*@(?oeE!
z2-Xp@#zwg%$YOj8ABlo#<crwij%@@9Vg$eI$!SpDS_!8fni)y^7wZ^RY&mI^l<_v=
zw<?rcH{wAby)6XA%Cu#1+4hND1lkg$axU5QSpP_O{g9J+F>^689IV*1^bM&?1)&+8
zj7-R?OmbhitvzPK!Q2A!(AMxsy7fv#_s{q@V?H&?jbN11w7L|c#^ic9q}S{e2n>;|
z(CE)VhX4@oy+i?3B3dhlUDsFzq9IEjvHK6+)OO{bbu?Cn+=e2*hqs4kg-3NPGgBun
z_%eCm4dkdA%b|<C!4ohlZ*1WzN_fU>h#9)~ud7pz^DF1ImZ`Fl<eTG`JtzOYd*?#4
zVLCO8dhrG?JZ)to53VHg{iL<NrgD%z<bx@V(3jusp-qI3F}sSE;TFF5JccnTA6*Jw
zq`qX%&EyOHYT2I!JE&6lQDMSw_IQ_m;G(GUjol|l9G;J4Av1Qso4g)gD_?&J*fK<f
z5G7Y9UwiyD4s3R%TFhLo=K)KVPnIRrg3K9Sa<4%}`)r=nF-`Phc98{lWGS-l{M286
zZ1;&Zkd-E2eXk*wu=fHOOQR7}Mx%CGdP23tC@ylkxG(mqZ<h9k>}upQ<?0*;)svqm
zhFc<tNXU#}5);|Y^m>i=9Ep#jFp04e0)BsC!E@BW0P<i0^{l}e2Hlgr8TE^ApSn$Q
zEy!yMSOuwvYXt2aW-wqtoFLV$4F0R=14&UDUFDe!rL)oKj?p{8iqiA3j+&SI4=a4_
zu#3;^9E%}960IjlA4szCPJgiVPstZ$twK_Rb%I^%4j1Iij_v-R!qFP#steqoZczl+
zob3L2FAmK{Xa<BdVlgXH5(9%sF2tCB^U=TCr?7eMZZHGw?#p;Q&yhq%MPSv!q;h8!
zbWQ1?(@t3R;L46O$FDTJ0EOES$IMvGuyjc*oKDP+xpTmlX?QQyFNaY*=P7uPzF$47
z4P*bkqDVX@Lx8^o-HGoEPl>aAW{1h-|5N|ww0ky*wDH>+a}k4v2zv#}R?uG+$lBo!
zyL0(J;Aj|?3@c~M$<X>RNo36Y81SbJZf@JZ8G|2)m(AgF8EtG_obR0H@GW~1{cCJI
z2#YEvYUf;Vqh)YyVDqMYT((1Wg2ni=?FPf**hF%wO0%@AN1yMsT{#Y9TFgrhq9ukL
zdhKBJk#qMoW1;Wc{#lKB3e`Ii?#*$Bm}5~ws+Vn8KB}_(klnuQq;n^xcR~_b^OuaD
zB~{8ICKOFt`~rPx^GSt8Dh^kqB*o1G8~YQ8#Rn_&wQ6)%kA(<ikNaH3?vb78BDF-}
zP?2$UO2(w6?|6Lo6Q#c>%~UXj&%0MS$ZkAwi~_BQ?B)+;E23dMs;gnmJl`t(h!b<o
z+(d+jQ_x^O_&XXq=9^~G(L8U9U3O2O4^ivcjf^J1K6klJ%gq%qWOY5OualDX8_X2J
z3KXVrj5U=Q^;f#^8xEmud2%#Ht8+0&c;UtVBsiMQX!$a~*6aT)?|($D=k&k_7|p}C
z$-w*by=QrMht{wZ&Or1XOH38n>7f>izDZ)21^|1#;aHeU>qd6zLiKY;AKsE8*S7|`
zHN;g2Pco%5ZTgvvckJwEWt=X;TcR&kOWuD^^m;!2(OtSUqP)?tO1Bl8Q%oQ(Brr>x
z!HWE9g*2>@C(I+0E7*CB=J!yiF4=M*(-O`zm7JO<2~Y1Kj~+c-D9TEGzR9bks6qV%
zH)qPoh;wv>>;H5#H8YmwTSwmznu-oiDMy4vM3G@iS1jkV^q6QoDObA6f8gciI_+oq
zrQ4wp4*F!w@SgBO>lVgzu%|bshKB$7XQ6mlt*|}p7DS)GTS~?eE|TFy97mSAM5)+h
zWWYsrVfDpGc9E|r-K8|pY)KF21=neY%R-}7RY?z@H$=!dQs^l+WKI%U>b%2G6aPhn
zNX9rP=qzY%cjv1ShAp(i$=$b3P3mfXbMXbQG-t%&`MhW@zy5LK;opXWf2-EC%M8A3
z`ks#q$~5n!>Pv7rwL;`q?jx5!=p;<~7_pmgTSvP|8B|^)hcCiCB>D$_)Y6&@5Vl;7
zdTst>mN!|e*g<Pdlm!jnK}Z86_f(I^id20*3vg};N3moP@#(6|Hq0!=itFPRK42y#
zh}yEyQMrTQk?7wC+&Enl%fA$0a?i&{b(m^nqG0)xVl38o+E1ZD^O@ch(m4!uJlmQ{
zP~~zvS<VX(H+Ql4fC^;tPB@+DhlvbPx7fFpT+9U8EMmb`_oSf#nFa0TuMql?(<O7=
zbl#r?N8!4_#_S}iTg(I<`-YSwsmX3(qLg5O0JFSw<;j<R@MVzMUf5Iblh{(S+g&~f
zqc&35>n+R7)=NVs57nE~rDZ0-vD^>4Xt$=NG!cj5a<gOKb|ixA*{lBj8_v1BY$%T~
z8;rnVCh^0FZtATrD`OX5$rEHQd5j5R9!;;j?(Zq*J<saH<w(3uJ3sb6A)b7AyUela
zw$2`FxG7zYYJNAJWIjzW45je@TW5pWsd-(T<<x^RT6wE|L0$%&!j|tbp4Xkf7uzJK
zm(<Tz-t={mvn3YY*^VXjRt*!ZT#N<hQpQzqpHI6a6U&O8Ser<X<qb`zNEv9B1Rc!!
zw~=CR;6-kIC9NHAoQ~UlgkIQ4IisqNKPjWjpgVu-H0^*s5BH+0YSZVsXedoT^~BM`
zb<ZTlfpJ}KGWcX?WDyIUdqE;TQP3;KrUys2E)dBuNe=5o_%N}6qnX8f*~8r;g|<}s
zS{Fbbg-0KVLN&mJCmI@Dme&TeP8BkAMU4}!{N-7!#)<lMjA@gt)Zg3;hFD+D`DDY=
z=ftmKm%_^DdQyXP($hMKoW%vH>IOJ@*iLJ~KR!e@<2<%6aqiF&f%9`x?^g<(-RzxD
z&5_AGlnnl`xus+1RkGl;cT}pTR%BA{jTU~xI@iU2<Sf_4%$#p?@anMCNgC9N^Gtv7
zN@S5bs6zkf9XHz&$stHi&BHs<v+q}xpv4@NrhQ$5q@DYZ^gqpc{*Cmdt{)?yEj`$R
z2J!0th^p}@R3bw>a%N;PJC%-4hD15m!`yz(NiAW}eCgLGJ{s&y^m@Rg=F1ENmcF_9
z65D(R&fA;`7w0|meTurNqRLhV4ZUxKr99!#?D(D!%~sN5kvvevE+p%j@0UG%EFa4!
z#n?H~6Tu8@h%|<8-0MM~;`OYK0gwnS4G)5<rq;5Z4*~X$D2t0><d}IlZH`QJ$Dn9y
zwQavzjDH82v!q5$RDqs*!wZNS-NGtFE?3WxH=J#lVmS=wS{Obl(ra$GOe}6#K5<Dg
z>dRO7!^r_y(VGCaHktiu;80q@yl5tp954G4RNNy1wlxEwPeYul4bu0h>~a6}E6D!<
z*gvJ}aKB>xxW)Wg{9tt~=|?SJn{uL#QT<bAael%Rv8-5Al%9R~l}?4K9qndIt3b?)
zW1fAbPof$p+*6<s`7XgR<Xb6r*`3BhS@Gv<BS~7ia*?F1P~v`PRORd61cy*d;=e_;
zy7=0>i!<AG(KgJ1JKM>G^{tuoWY^Lp1MPyij!QU0zC6oOu|O-wT=*6#bB|HZn+!+Z
zVb}+;8f}4R(V#TYDa37tVHP3#0?NCP@q3$gXa8aB8Q-DpMbvAhs9$+fv_6-OAMW~T
z)LDPm;m32QUu7|f#xk^`dSVX|whEUz^;M_232o%Y|Nh9)_DOwv1W%iwBF6SKtEA^{
z7;>Nsk&;}E8dnO(<Dd61S?$RgqSA~Tb{_AZ{dUfMc|@S%=hrRVpWHOUwRuB#aknEo
zmeq(Ad$*(;r>6^IEpB=auJ@?)1aTG3AwtnAf9EQaXNRSmZ3Z$(o8;Il^5>d#4ECZi
zql6)UF5L%?@THH*4U|=4+&IrcT0hD|TW@U{&;6~GKrfX`6z*kLF0sE5$Z2Sq-6k-;
zf0nGaRKw?+@}}*ez=rh*Kh-kXqm<Y)08EM5H|3pAb=OEU&^RLg3%C%+=mY&O=*m3+
zXX{y3x87(NWcss{7dyZvNfS-WIbjA+{+O*9IY%s79RQ-`J9L)uvq$@$0EP!n@kr?Z
zQ-7XD?b2{dT7{*aikX5FC{{Ak)zF0p@qG}AE4h#^8vLszsTre6(>pf8DAdp$@g;z$
zYIE7rkN9`p!a3iV)|RfqWRr{0beI+K(JOG+e_VDOI+9%&P#3q0(sUQnRb{@0%4(`T
z;m^?CiCl5<wRyO3OjmQBzA(Zh3gVM3maW*fYFw(xu8&}{AvKPHTXiI0Nv)^%6VR&h
zbqu$52F{*%A9xAVyW?sIs<cHM%5jl5!U^e>A{AR{$zvh}Lpt$^#}4qiuT0dw&uyog
zR2vz^<hC<pIH@TKPshrCMc7inw&NAd-~;q5GfE#Ov-wndXqY3pZ3S;W>wlmQogE=R
znpD~zw~*&cwp^p)UY9&*Vjw>3K2r7G3w0Tys(S>}V&$!jOdnDs?MN6a9$9|+RHR!a
zMebF*h*`GyyYjBV-XEbe>5q+CYSnaJ=w%!q<7AvA3Th}mDg68tonN8GZ&ivty%C4r
zC?i&zh9VXW;3p_t&kQ}BW*mBD7*p{PGa(?3+gz5#b&#Wf0y{k2gV6w8$?>I@h~-cJ
zWwDII19kn{pKOC}?4`}^FUAC9_cPA&lZqM+hA(P>g21)l&dHeGYQegX+HSLyuTxkQ
zi!0e+V@YR>l%k5LXTm(kUVe=Kn)^Jb!oKt2XDRdzMLR%5-jc`$&HTdNt-8jniskJ&
zNN=x@QX=Awa0nK$rNND9Mkyyut9A}B_ec|OHj#jHjwI>uzBO}Gs8;Z+USo8Fa^nvh
ztLIFyLxX=hlg8DO!2od*PH_R$m6;o1>bz~XRLwJ%RYSrS)nq!@iWK^!zPT{4$JOI%
z`7P7g@{(>-EIH|)25MA&n#dF|>*or<&_r;F^??*;#Kk9hE~-ACgwK5f_vWOH$Et4m
zp+2V?j=e${1B1dODPM2#cXe?S9g}t+UtnPyDuu!i{Q_|8GlXagF1Q*$znTrqx_&PI
z%aG|+-B!q_3O`<&sr0hOaqGX0E!EyOUW`=s(3PMHySZgGcTvqO{<hOv`;8Ayk}KV)
z?s+^&p^x~W*Rb=k%ifmBGo*1A{nqk5gmPgmtSK)q$mL|autRE{GLes`OA6-;`gdNV
z(W=Wme8ENA9_3f>WPLcyUN!j2Gs_*4g)Q0*eo1u6Sh^y6$2UKq=)!yw>`t1I&k3=M
z!Qx%bBs#DbPNzot$LEAB`>+ruD1~=g$8bB{S}%x14AM^+b*2<^;cphP$kvh;WF4D}
z5WOK9SQ4g~eqc_jHif8ZB%oK;^Em9V4T(K3WlK^l$T{2JnM*CrXX$Ps+0iD<Mj39n
zPZw*3s0_nC(4UvoMnabLRcAU{PxBjXRekvgi;`#sPZ+<B>|4CSQcr{N=2;ckVi*#V
zVX8CZn^Vw^jpBc^RgyPH<9l8cc=xe_Wi<{WGdg`D2s#~@WH#@^ym>>}^du_{{A1_C
zSHcH3W2X!`$9@@S5>>tU?^Zuk=B9jKf34U!hYf5Ma+euXTg9*_xEzao=2#3pg5sD2
zIwmbHQ9IC1??<Jd{J6{}Pqkyp_06wuW#5N?3--Sf=}4nleOwUi*b?hx(a$gnC3PC~
zn^ctpt$F%d+RaW($lM*P79b!k5$<x+9zqTPbsz0ZKm}Ws+;EIXI)A~FLSxRJHg(Gk
zU+<f=U~bcWc1nqbkw$gB9&72BVmY`qM_T(FeV5lXStKXekc}LZqu8wfkEgQ=Xe-*<
zZHv3R7D{n<r?@*LxVyVcad&qs?(R_Bp*RGG;_gmwdd~T8o_JwrXX{*ReRGT&&F^}>
zKm7ug0&-vtG5C)_8b5y>iA}q>rM=h|Kejc@9qQ(KE3b?*<%vS3K%P%>mvsEWBUhU7
zCaXG>bARD`EL2h_%|uP#BEw}5wX!R6?8q|i9Tsabo;8=%>6F&ta6A3z!b<x0ip&nM
z&^b}3t9jTiKCS6QY29!m?71su+R6Jk&Wo*X;oZ#?P9_q*{p@`XIYNcP%YN*KRE0Uf
zHu(!{sBdG+<FS|@$=mcZip{*65z37g`u;EL3dKD;gvb%B0Eqp;mbJh}$i|mnaN-B-
zpIe1K?4=UM6(W>*_tS#eXR#$;cTmpO9Pye7PaQ3Qm=Ka8QZCGeXs(0N#g)Q&5zJwD
z5rg2oPnA2$1NtyJW#Pi@jSQEWlIN}8F6CqdFCjP8g_h-FWG&ov=zjCj>k3*`uId<b
z5t4M}FRjlw?Fa0E&dQD43^kMx41#@awwfC04T2-&4YiAmln9;HDBDw1lH~qGW2edh
z6!=iMp2BG;?8av%NOs2sP7Qm$v$3o2$~VlCLi~&#Uooo7wFs0B@T%dx8i@-^i<o16
zONNOR)xoqzK>g((!|kX&mLGWcZYVf28{wkOw&AU8N-xT}cdQ~w@7z?fj?I`Q=fRv_
zjK3&OR-0i@%a9-J&>a{5sJrGr4Bsp_u8@o@ad<0dH)Cjim0@Y|C)@Pqfeq3d9p1(@
zH<Ifmmm^^%)!dU&O7F&sI;a@|MG~*5xPEe7)0%A(`Z2wvASR-FP#jjyj;{XxN0IfH
zHR$>|re%ovc!LOIA3}_`89~-*@P+fZ9Vz5nwiW3~D|-MiNScGhmEy!)<+qG&8%;z>
z2g+Gh`N*`qD_lc#Q)0EB3RBQ@7+ynC;M^)-INgM(<$TJGEw8X}3%z8fQ&J3rh`@u^
z7@tt_&nA!fC;6dL`M)_`a|$Htm-S*S0ZqIm{?kK1dP<W1#v47Q<6AU=OFc`^eJjTr
zaYNb(P?O<FAJUgISd6oYsn`rGIm>!fBcpR!_--s<$BbkLn6<O}NA6D{I#5=G0sVeU
z-}}5dv`z4O5EGBx0u2U*D165E!g+Z5M89Hi5#^0D+a)_?Gz-R9c$tQpJH)c(<0sml
z$%;)SU+5QjD>i8*BFWQ0ylXS~&3!SCzp+KxmhnwaB9s{85ZeM|4T)M)=zVNr@yv86
z2i4Wv&(hU|8J`tzFCFM39;TU5h%LZt#sg)eTj3c4IL1d4?MHvtXgp3^lddlsHSw0X
za8-v>4Xy(T&OmNhQ(=&BuJPLr(dsI(rpnLQp4gUVAShd|C7Fg+0vWD@Sv1aRKobY+
zxYKfZ4T6EYJl&=jB`WlMDj5+Rt57zS6Iz@zGgq+Q$0StPPWn{_*E>7Pgp9UlTw1|N
ztXDFsTAU@h3a+x(N{e{9xZZ1G*Fm)2kKcy%__X(UDKfedK)v$QAj-qcpN~*+f69F^
z4z!Z+#7mB2Df!?BA(UN+P6jWKUzPctp(P&jhMHnVewjD0_^ybk#g|>Iw~<aEpNB(f
z+98dokxa-}27n@Kyna`>Cx;h@S7t!wiF&LVs}53_KDZguqzm1~9V<#`ni(#Mhg-(|
z{zfF(^ffxR=rj9;{Z6A7+}hIlP-aM$vS261a}pi1s|P+f%1&r6C;)9Q$bo#>l^$dG
z?!;oL!Gcg)-9J8OyQ1d`7v|QIZ|YzAJeK95jq%z_LWWKfmzlCQ6_qK)mDg>TV^-DT
z;u#4F4naYaO)RL;m#Y){jnLc^!nq}S$_CkJBdO?hvCwmOGjs=iR}14#GWb9fIOkCx
zQAx%om)0RUzkDp8`%;GG$>ke53?afqFR*Lu{>S6v-Sg(FK<|>mTv9i7N{>OdTwaxn
zm!m{FI1r<(F9Y3;wpa>zc6iUaaC*ramS^WL@%zc7kG<T7oA+8V56VTQG)O6r-knlg
zx=<)aAAjKM0*py+`6#S&1u)5`->Np6tB<eQF@{6#hn}w0+rotGVn%CL<VW&@T9@C`
zx1^1X@$!CoNku1KUW{J7f6S8Om(u?7KWbint+_7X@ypzP;X6?*K<Ru*A6>;3HkIaW
zt@oWU*Yf}$9M>WcdR?8lTGF=PDF`F!_!Ck2HpKI+tg+OTbc~9@C}7oeYXD<&4H=hj
zHDQ-NpdJpH1noTfnFhMLY><zKbRIzmB1V#r#c|LE$-|J|twzYeBXS&|?IC`!dr-=w
zQIMSt)$!HB%)*u^m`_@;X}8>m8W{<pewre7q1j;X=A1gCIXSol&G^O4*k+3;`dt6V
z^(B_!L3)UWj#A7N-D82@yt0j^a@<YeeL80ggfUEt(c2m#bHSF69GMv^&Bz?Sb-nLB
zBm22=jtdLpR4INAjPDJwgz~d*0!U_px5U$z`9}zYe0sCL(6H@RK*DJyi}M-)%YHSi
zRF6TV_wz)3DOoIIaT+E;<F9hh^o$Jj>}0U6Si9PEjAe%PE4wZJi4tDi6>;9DJVX}l
zmb<K^OfzZ$IpBGySJ&;ENAz)8Od`H)J+u2az-0Ashxl5(tvc}uC(+Oj2!%Z<x`_)K
z?ZTw{Scm4>oQF6ljmMaE*@lf)%6bGI`BYVVkbQ@B2^{jk;^QP53|yCyBhm>rv^Oz+
z%F@IW3jgDOBJ!`p|AY_yr_*>`z)2XcnNt~E=8JIzi`gvDK1SL9#l5EBa6E34aYUsI
zQ9$+}zznoFtic2irD;T=?sL&q-u|IN?kfm){UtBp>*s|_i|<n)T@B@y&);~g;{{3}
zFkzT}t+YlVOWb8ek<}g=4`w~%2^nxopPED;3q^@>TIAB$_L?h>Ua2Rfm6pk`d;n(x
zTM32d-GyIyOsMLrR$(L0()*RYIcGYSYo>u~4Tgv^=JwziD8ZdvR9hw+x&{g;i!7a(
zi(H?8Yo(kL`FdIQ(`9k~Ih8Sy;@pVX>RSD5{|RCX(OY5SqZeDTH0~VwwG6qGZt?Wj
zl?EVbEiOtl)7S?G*bQMsdJ!e-sByhU7sE-sq~KZiT;~_}JR3`T(9MTqy56IZZfe}Z
zk-%>iy@O_ysUB^@OJp2pKdfCVXQP9Y*)+zls(cEl%|Z*{vdv=1GQ}{>NXMO^Ph-p^
ze>s?kprn@LTBVW`WX~uf)fadk${TiRRgI`td{*T#Ls;&3oe)aW(CyO?%MiQ3IW{`4
z>Wo=S?QU*7ZtyCV$r|iHT#D1L%0lMb*Z`O1V9qVb9w;s%uGftH6a|LvecUkp#rS)#
z|2ITBi4v?m{xEB9Zfe5%*AH(lc#FTM*p?ho*{__Q#cA80@KsXbC|pRY?ZDQKHX9Fi
zlz9pb*0x(X#@RqDIOU7Q(66)C0%>ArhV-)T$hpUeMu`-oD`z(4*6IXE8i(W$f-?W`
z53TabbBQ@l=g$~L8hjBpqHr;5S<0#{#J806{o!dPJNJ^XMO(%L%nw85>3mICga<am
zJ>#Ml74{POLBTv&2l-Q<5;v1evoIqr;HWSI-~y*~EjHJpJ6vCtrJVrWMvM|Y+$6Pv
zf<#R3R(LSoDKVPu6ZK72OcjruhPJ+#GOf#B-RC)@^;AO+Wn`|3R-fB?%h0xH8HT}3
z?O|2xrR~{56`zAK;ipF`iCtLC@vF*)ArG^2jJu7F&&H@rMP<$KmArg)Ul&5Y+Q5ER
z=$e!XK#(lN&(d&GGnH||y@zq)Tgj%o27Ja7MAWqZB~NJRc?oJmRfWMec#0CoyHR6#
z`P=ZxUNAFk**`M~NSYe~^ve#xCCLa+^XEf>)EgVFYdtX7{f%J~ryp2YC6kP8^DFWu
zMx)gRv88$~Xd?@C_t!Kf`-QnS)#|auiCA58)OPT_QrK!?rjRGuixA)E89`p8_uQ=5
z?CXg-zg4><F7u!%^g)ijS(#*lq56m7F>>j+mLfM;xP9^GoBYBC=39Lb&vnFjP)K2F
zY0DS#{GjnB;t#wds{(9>TjVwxCEa-g-*g_<O7dxZ3;NNX0=CH51GG#+-g<v`%of`+
zN%bKV@DLOsDGaB;X$+^uQi8F!M4!hq(6v2MCQHB<wQlAs8M(<X5y8+~Rf!URMPc9X
zmt-|ENd(f_qOwGtaZN^3xnDI@w*v29wd)ezua{mVTtdYG(o#mkUUQx>B+^Y{-%Ik|
zR{a+G!I>6QgNcF28XMaqiE{vxy{Mcv+en&iwVbLo6`&Qiu8Qr)zAf>}!fa?P6csfH
zvc_lBpH{(tC2|>q7STV`1e`v%zgw_pJG<b%C5p*^m*OLE<Jgt5{kL8_)K|^GUDpjA
zU>55y=R-gK*0{A$lTSSm{!=P3MzKVwh7D(bjQP)(Qw64<VrQBPliGI<0{z}rXq(;e
zvpFf@OMovbz38(BRQ*JkyD!Msc(?uRWhOQ}8p@ulZ);626IbtIel~<skB9E_&FkI>
zTO|`EJ8DJ)%APO~pV^pBkB*psH|MgoKi?<AXn%ZoyqT4_XeMO2RQ2csmpNnQF2FN>
z*J5DW;7`P!UE19WhCUDkeIc*kn@88%&4kB!^YYbp5Gp}yWo-{Z@5^HC)u#95&OfG(
zo56gsjLtU%=h;H>bOCS9gQ+ZY$}b4>Zt>>d?n*z4V<I4L62yzq^AHsUiF#7KUMlb&
z;c~<_Fg}bVu1rkVrv@FD7{E<vuPM9zM2Ch&H9XjSPwy&5xn$Ukea+1XCjIcC-ppx0
ztHr7ApGREYE>0o5o{pSKZ?WP^W!wl#5noGSv-<|GB1rN&1ogI^;OKFeLDVJKMKpg<
zJy3Y>UBCAoHnWr4(Clq@>W}9ELoI++!@6q;!7M!K^2=o)yR=2d3tGR${-W@KIbxKV
zr#T**)nmbB;nY*#mFLskp6FGc&`FrR;2VnHU1P!1#Ut#t5Q!IIp1&QfpP(HXWmVZw
zqQKOOFu9+`)|?aTCMe@q85!c$-3(Q}*MM?WrBLK5pPRvGiR;r;Ns5PuD}GO}17i=D
zKT3~~I|&I5%?OyRcMVuHldGs6=?ayovP3j6rw9;b2_3mXLf@pg2x^VP6ze-$MTcau
zhS`i5$josK10#&3#nSUWMHrv%C=k`yi@#69oUN#ZWj1$8)4Lma9^=rbccX-8(lJ}_
z8p)ApM%M=&7z`3Z<Gtw!!hCSz+P_o6`ucNV+6(4}aQX2N`}zw&U-Ane2jymkE|U-j
zeDvZ+MO;n}Hxyc(t$AVT+M>s0SJbokZaz+RN!{S@ID6P=*QHnW6tfEr{Jb=3UR<F9
zW6u@5u(0E_K9dp(T+q}_%`QPw@xByw!?vKdh}#-+gw;D>oLB!oflfFXVh5`({Y!E(
zpudFTm<nXR{0!2Y8$Cxr#~yOb*6118SuM6247>eWlB=rpcMja5oo1YpSkp0!6T36?
zNV)gd=N<RyPix+YzW=NG+dWrapT8i8^i;}dip*Wk{&rT>g5PT}zM)7mjvz6gnS+sp
z*JU)lW7(q;xAUBU)RQ65`{~LMGn4_bFS15u1N|JnMK`1Xr?;{izL%Ez*WcXCs5LX3
zT_$IQE3SF7UGt&hm7y+a#T{A!1_p*u?k90ml6iBs1yvp?#pQ;ya`u1GgJ3c~YkL%m
z1r+$$#s~ulan<qbqYb7#bN!33ksfw9q34^<r~Ajy0w+g?JieC*_kyCzkUfeKF^m;7
z_+Ge_yiqX=puWESF0Zk2-w`rEgwHeaU;(20?c`!5tY|)0@;&KqWKi$3JG<cZ4EI%K
z?@&#vfA}_IA`nn72#o-}HoLwMOex|C@TywjZ9K+$yLYBd$OUD90tN4-A4}^NHr4+I
z#%OzGxJ;476GUxN`DH1DfDIsSRho@3VA&1F?|blV8`sQr3^$&a3tPN=uz0Yx*{k1`
zd8&DHy4-A7PDDUJpkNjDpNGWE7Bp3jTU1^6F?d1Px$AbCukH1sGa)4<1l-es`}ZmC
zuf@7u`#z4(srFX?)y}~6v7-M=!<U+qABf!H7wheq-@bh_s{?qPjNWbh-0YyekfM+|
z0*O3siuI!w*C$~{E=_-mZE7iq4LWHNg;i=cM@_ZcicHM3GO5;&Gqk3i^*>hWYN{jZ
zrD5zZa=y8K&&Gdxn6zx;q9S~po*wWGalWnwyU7hMMEDyVzUAu5u|5JgFUWa(y7Ms<
zr}U$|Lrr&_6}zKm-nX&WUH?uzUB^igNZVa{p9!qr|Dj%gA9nGv*P$Vq&<<RV#NEjm
zl4Y@3WsTNsCt_Oy7C5|8CSO($g?7W%HC`}3aDW$Y%8})5b1W!OI5~|^17PSu^@xp2
zH6!^q#U5VM5d7?oa9iV<VfF{f+po^!R||zQNSe)%(2MsP-G-!AfXm^?H->bUG7MjT
zK2pUG6Nuc8Rc0g~SAH{jy1`8B6z;mqPvZwnLyd7=F}B#RXo3V{`Nhb#MAQU)9luvZ
zZk88fK?5-wdab0;&ECvj&J23m-SE8{O^N#|f%b<}W*Me?VeM?!YGXP`I_+4ii|QJ!
zwuBF)yy2-!I0`Kwbc@R`CM`ul%P`T0(O-nBq1NQQCE2t<afR*G2}zY^n3CS!bXt6w
zzn4~{W53h!LfW#gMX#=owedk5ot%lJ$&r8W-xy=HGbdRi;D%q_iVe+~D%+YfKp6%#
zxKVM^Z-tJ}RcmDS;+w7#*0tCmqS)GtjTq)=5gOsi;O?1w(StzzO{})n=g3W%M`6dO
z@qX5&uzSlQ`{c}1b8ID>9(mA5wex|GImDB_&;#ctJ^>HY(ec`f+~7h9_iAY4LNtqp
zsV`L%vCrv(+vxYEWAb^yw-CxDXsTV}un5r-J*~CahU!*Uq886)n$X2z53QA9E$!9Z
z75}D6yR|GNxu>&NIYR!mhJ2w*O>TU>oK;?4bUhNb;AKemJ|T2n(oZ)t4~F@5(1MC$
zROh@lM7lX}p@C+<qs64i+3seJncw+G;@Qw+P;qX&!2@R4IHF9|Qz<_!5oP|j6F8qE
zeUko5p9f&u$*tl}g}*-pm+!5*+Cp>I)cKmb-O$2u5{oYg?51tUpaalz@Wu6`#~RX)
zfHpccbIDRm;k0qbaT)tltJmbab{x<;-7iJh=Ft_3$Glf%S#jYL{)C`KCv7+QbPc?U
zA>BpDVXSFoIsg?IYciQ3f$}*ql_ltyB|C`DQOcNeROlNk4dugUXS7WE;Sv~Z-B+`H
z9<zAxh<m4J2n07BHC6&RsSGC1gK~s*n5DX%Zadq3L1op|9LLRrVuzSVhZBhbcxK3Z
zPuHzX+iQ78ahHBZUwZsrwVyU|VT@Pbv{*z#-SIG~kO!8CwI@%1oUgSQ4KG+8@F3Sm
zLqu1GEYCMK)VJEzS`xw!7quk=s;w&NCuJDsnRYRYd-3*wo|f3lllr^lW1BeJ8eH?s
zJ;aid>v0E{?@UlVuf1qq+oDHZe;*yTpJ%@6bS`xjot>S1A4+tZ{Ideo(XknQt>-V1
z8!BK$hhLC|T`hmd>o2`in#nSekjo?|zpG&4EO~!@Fm%%se0TRckA>QpZpOOka6MI0
zRyG_5Iv$CKTK+}Y`Ze)*kQuY$zx{&-amaL6p;)<t7L%~%3s=b3#EwK;r^O0&n29u|
zkx*npIb9i->Xr%**XrjiJ^Inwo4GkqG=p|ax*zBd8+KZZ_7-5ocpSLGFU!Hfaln%r
z+aI4hSIkbEeRJcKWdCpSm>$=svTlQfez#nG@gE+HGmI&sPVnt&z~f=n{5osv4d!vn
zUr5jAT09z`4F>!+8>SL^9-G)bbYLGFpP3o)N*sH>JtRHdz7MS{D#BcAxfqN+?^Icd
z0TJWy$(P#J8;_s_*;2@zR&p7bs&k~)XoiK*EgO9_sHb<E@HpWxNiOZ0rZ<#9VB#=J
z8?p?iF%5GY(X$xN8ksO?M|Le%GPgPr<5X?^7+U1e=rLqlTCy2A;mA@}Yl6a_;4~T=
zkD;d5i_Bgv9?j(-_2e0%rqdjUAC{TaZzA$Uq+@PwBHELcVX^zH-1TFbg!0NyMH9co
zi8XPEJBs@$Esd!^@tZ7<RMoG{<`j)aGltY_FOrSMiE);k9l2cnz=%PLP!8W&46GWR
zprOiTqmVnEh_Z?*365Jm)%MRE*4%AXpkUXi%KD#m5YVa!32ZE|o~lkPOr>zLk+_Ay
zf57htyi;J!*Ch<=IzMcA#L#X(TkNGq`idp>qC_SB3H+`8MLOj+8~9rm(jsXsNv8bv
zd^}9t<S(sFSVKe_X*F7wn@cs??F5T-01P^%b}NphDm~*fAw0Zk_=8ttTizuEYvr*w
zHFX4v4fRPTDi{%tHB*kYU!nILWqPf%I<=Kr=6A~teyl@|<bZm{2+TQZ|I)q3v$|AQ
zKy#$0;k$Z$wm=mnz%&1ycTdlAl3(+$N!7P$`R*LWvh4SK;!}?)Ej`kplds(h^fnvW
zc`wTNfa(+YiXv=$W$7wIVl%L-^%>Srt%1SX$(zWkm2d{d<}ss>dAXX(hDhD4ztdQ<
zI-~0K_0XlPHnnCnhFDesct)`nE7Tp*#>!%%pjC3Xf*r9JRvR;N`35U}ikmxd>2ob@
zym^(=TJMslP>f<Ql8UXN+YA9lIenkLE7wp`0e7XXmTB~0xrU({PnArqbhnaB(59-G
z^F<z{6y{q9%JA5oRcr(@WUY?aZ$@IDHOlhT13kgj*C*LDdNIvoh^o~#?3|Zp_C`W6
zs1UK(vGq+*DBlf&6reGJr_E}YKeO>_HIdbZ%n^FN$1^B=mYm4eX0Qd6Q?}ZX0%a<|
zsRlH<o<pG5>3}$`;4+$uY}V*9AbYp~1r0^v7}9Js@d9*pZ9xSGbl#5_@(DPJ9Q|)S
zt`y;`1Gu{de=l`?{_YuH2Z4>c?slZXq<(%#0IW-vKSE-=yf@uF>H0e1EwOHs`(0*d
zqdOLMyyHIh632<(Rz_RcEf3_tBrDkadvE+h8H|dUY*HJxN3ZF$q#ui<yum}VIF0`L
zF;iKb4$-=i>SqIx6xxoy2N+*1qpaNl5cOAjMA=uq?7n~f3r-8RMAt<9rEXqcxo^(=
zzcf^WY`Rw3%%D^0HGU{e>$5YdkhC^LC%ZTM>PDTF=U6{xho^zw`$G`xe;UDCxnK6N
z3SOG-o2CoZqRDD5Vauj%TR2Cp4k-1y;|{ab67qZ`JN4An`H-DFT<pD>!QwFKiS+Yh
zBI5N*?FlC83^iv$-EQ~2ul#arG`SYBS!+iW-6H<MlMP&4J};PNZS0h%TR35BQp&&6
zDzp`!QKsDOaNLvFqttA%!LQ&}puNnjtuoc`$n@2QJ{9XoIYSIZB@Lx*N%$t4W{5xX
zm&1BFVVf)SX0^o?6Hr_Bt3zg*DP7VRhANPjt6165a?$U2u6T56YCpSjbZ{T+j7r)M
z!~~)%Bq+XiSD@&0yg#fV2c*3Bew_9iovqZD40vw`z+NrZ`YqaE_w2>;#rooUmtz2*
zRoe)*7tkw{=6-%RM3|CiATntwC~hY{xBZNvDa0GGM~5VnW>72Oec}oOE?YvDzQ@BA
zd_&{3P#9o&tznLZ5#<J9i>ZG9=)jWzS{27GpCdKun&CnW3kH9AcVRjE@(ye1rc}G}
zgj^VcT&}!LQJP}d;_5gjI%*@k(aO@JaB?zLPH8xDV|vr)Jv=|{zyOka5_b7*54(3f
zXN7-%A5#SwcG)PmCjWKk*6d2Qf<qw!*Bpj^0yi7$*y75nnA-zj;ednH(8JLcq_z?2
z0D+K`H<!LsWd`Ze^QG1b$D3BX(dJAhU5mcEDLla0W5*vCZOMKvVdRbbnxs%0SevU5
z3|!9G*d%R{H;ta(X-X)!5jc9bK1J8sAH&)_7WS20_WX6teV46q>p{BC#=g2do=rJz
z&Kl|=R^N)bjOX`uLjCs9`;G*B@7>z2U=j+b{J6!xd){2rXkz-5v()8$>ou978=m;=
zTvuqsLUnd4ZAGgjGgsf`1nG2$o1~*|=w?UacCj85$aAaQV?q=09op<LsSOL)P|uMj
zQg%XG4`}#uhaXy3qoWs~P6sq_bL0U{+2gV4@*<66ET?k5alzlHCpCiA_F&N~xef;-
ztbR5y)>hc+YO8~Tj>YMZ5<NNk>NGC_mm_(k6bjvP&3C;%8=K8~%;&}^rFsV%a7p}&
zHL+YPu_+{K99eo|VuJ0Dda$TzF)t_8y7hgUS>o|HX%F7k-!*rz=U!sZJI@RC(bwq{
z$xFWyJ>9Bh3ok4$A+z@qI1HryeNMEHqZUp)dyR<432%{tbKZPP#Ltn1@^Dh*p(<l^
zA}1tcl}(Ag^cNae!g9qpM>@MLL25!7HWp6&g57ro1)MP>bTgBg{(=&-quYDC*9=K_
zsIi)A3j%K;UXnL~L6R<n9MpG3jODF?S@XZd2?D3+ij;K*e&{WBs}hQO-dGXyM7EC?
z8)o0seySWMgsWLeX26vkaFd%@OD{EO3L0yaR0668gRhI~^G#}Kwx-tH(--&OT{~GE
z&#385xI>;Bl{@m0oDU`ks<M3&JGDeF4kj~#+MN$GZ}jT&v8JZvEo}I$^r+>s_|XyR
zQpv2x#j3st>vcQfb1qR|$gs_fPfv4}<l;~5cd084`MeCO2djPnSl^0msKlKQ4cXw2
zpWrd;vng8Y95^eiISt2~j?1bxgZW!rQ{v!UETvh@<g$YA)vb{W@`ia;vb6@$N)+>A
z8yZ+K!{!QRMs3!?14kZZcE<9&MYey5ZMo_~P+l)O%i?kW-}kM*wmse{Ym!1Q%Fg{)
zsD4*L6T51L-88?Uz7uzaXZgNTarx@2YIm|V=L}^L5ryS2n*`1cCXD_FsRsU}6cI6H
zDvO)`biY9`dUs!-r$$(d<1!E54{|cyEof+Yz?0lKl`*82$(%%Rg@2Zn$|F$0y{pbn
zj@Ct>xjq~UpA~|R^%juE3eGRPlURisvo4;0b3ta9<YW#kcBA(!g`2~y9DTa?ZXOmL
zpH2>lM;M%lI#JsyJF0`PozjuHlBImyg!wpBAFQ|jrjtgKW9(nyy0yjfp5!=LI{+(+
z>hHq;jWsky#2zDyl8@6QP;3h(vdhY*KIvc{-JiQVw2juVWL}jtjlwZzmx`$?O6Vob
z``Y{Ohp*0k2<cA6%m);h3Cf?k+?w&SSziz1d>e(-H#gB$JTb1+XvvnEG)b>j55q&@
zdk>3}fJMJ=(u3CMgjk;g<#xNokk0E#6e;Z?JArGs5lV0iVX#m(OZ1AU)a-`6R9h)#
zI0oSoT(p^vt&V@H_Q}9pmhK``dXCqR-p~9E>utKN{HZ&^_&P5{d<D-4oO;ScPNC=<
zDm!e`Y5n^tG=@leH!aRpy^<v>xZF)q;PTMWaTOyuUWrMw4e#~jq|Ri_NEGDc<b;Hd
z?m3^`N4V@dig6leEWw)nefkPx{jrs4m$0=r*52>Mbp5`(^m^m(BLNQ6O21(-p>BZ0
zBvW=s3SFwvWLrJORHc$0AP||bQhMdkm>^<1IfDmJa;~wZ0%IT)#V}Jgo{erTU6u}~
zC=kl+Y!IIMTfJVh7Y7P4D9loo$_Rh#-3x=In|&!jj-YW$Bh!S(^<uDZR;cd-_AgNk
z>Id0_fC~qT-=)@>=S45ty6TjtFqU-%z+n2#2t(YrV$R6z++rkMuYaP-SaTGM2djO-
zs<1`RT3ngJ4Q9ez27vRhbZMHi-_Wy^U)6<0SPt&2-OANXXZC`cXeFXct7Yc%X=rp}
zb|rXcwn;ES=kLb*JzhTEUP<@MgVRt@`hsHV+y^v8H`*tY=+-^C(&dRcVfXbkoFeI?
zX-&BBIW=BE2Uw+HC{^^Ou)<}ny5Eb2%xKl2E#R1O1hh!ex?pc-+yAFrwcch?s|9ii
zJK{8O&WXLbDT`A_Q&YTOH+-=YU@#x*I-0>VfM&cez7zGUVzLQYb0>=4+EwG9Rwp89
z5}d6CGpxYWRMNjsBU2BCw%C4e*CXJJEsA5u0#N5$%X|~&rx5c2wQm+q#=SA|-QQX;
zjy3)+G1P2f?*|Jk5tE5WrVC5JK3RCx*h}6q#P$R!KW8JAh&s~Q2;ZXd<rf?HHL7(G
z`3k7!bi+DJ!7?H1qg4s*O}^2bMPJ=8)ti2~<v!XVwL@sQJ@W>$o~1|P&5v*OKnPqC
zusL0{Z2he4%YrMAsq|Gx;~!n|J5}t)%GK<@1D0PnH9b?iYxbAlh=Nh_jC4JOQug-e
zm%5Xjsid3Tov)J0Eia#$@AK1W;BRxZ<b)0l6oM9I5tra=T@94^cLelH^yDlQ1jEx?
zW*Y8#;~Tf?%YC}jB<Sr0e|NOJ1fIjn^_B=mEek}fdqF0fW!Ytb|GF<!N%HINQu|N<
z&h4Et3@%1Pn;kPod>YA!Xq3I42TE>J`HpOtzDw+d*~j*&4m8x?Iv}3%hC;qR7{E$b
zDwM?xk!$oCR+D|pYPB6MvE{3?nW8;g?}kN;lvPr$Cz=4(e2cL8Rny&B@1aaH){oGL
z?L1P`&F!$A|GeZh@?cA?%}mPHSW;lH>En_>bCMCqwn1RNP)mA(WH1<+@`MjRRJ1R9
z)fggsWnqaQs;0j4X~cv0K((_P=Gn8cE?&%KcFt5o5~AK|--+I+OI5n<CMr^TX~}pb
zRZFc_Gi-`t=2q&rj7(&`{g$7o;KSvXJ={{RfVUiR<rddgTZKP)eJy?Ma2c?H<t>B=
z$)5&RG;d<~=mUDC>-dMBePMSs`sot=NFU^@)b9zrO+Abf@ULse6u&(rOQYy^afFVP
z-b5wgwHQ4~odORns~|Wy2<sxKbA@nuJUz=m8bP-7r{D9Dt(U8qE3*itVgoZ#>o&W#
z))(1E%xf!&CCANof0a==xJ(vtGe6J}kvtO;Wj=ETN<KI$po>Tzk|i_IO4`}wj#cUr
zg<C}YIMy3f98@nEtpXS}=YY%O-)OIy)!ItJA|5~fIPQ-ZuXJ1UEmha{U%YsQZp8$>
zo+ttMQ8_5WwK;7mcQ%CQT63YCpv`cx2*{~eX;ezp<*KC^jWq2kp6O_`!@IIG%0Nmn
znfKQ99>-2ETOv8nB{5R^c^DRUDIfgsnTM8q_24MSERI;$eWJ9j{@nVy4P3jP61{E-
zFDNcXuC&Kix6J~*W$}Ww@^a!Hez4>I2r0C_#tYJHhVi>_pG}Fg0DwU|@Yy*^?p0|u
z;;r&b%`Q@VYsyMplWs}tTK!+($EiUlxw^kJa6{yc%m0?^pjG>Rqtb6#-7Rf^3mlTi
zZP~qo!DP#)aJlOUH=iWh{W%Rho*fj24Bq@=1)<j4OVWvY(N~elu>$DDBu@Ckc@7GY
z@3fvRAA_YrCK6E$3{QD<hLQP>km>zgFg7NgO2Y2T@-3mSS1Q}DV<2kZWYk@;@SyNm
zNl^*wgIW>yCXI$aN^LH#?^3ZzY9L%w-yp*k2E^l_ZhYCZ0Vgi9(%6a8Y31H{?h(dd
zVN~DkMrhSy^8*D<#rL?n`eb^nJw<~)_<J4pn!7{)0PFH+CRkL?{0ghDAQ0ay_Ss;<
zSJ>w>cIU))*m@7RSJX3c<WogV)P!XVIU(_#gk=|Q9$#gl5?uR}G?aS(3JRXzKNWw<
zC$X)WA3LPIzoI(ycV{FG`&K1E5oBp|YgVy^WqFiFl|Ts4N&9EcU{5nDyPcuYD+}o+
z=tpge>fD#==`ejugln9JsOQccaBK?2fP;4BRzM1<L34Rh;UBwZ$NAzox5I(1x>X=W
zMIKE>bj}KU3ROhr!cr64;-(;G)D-oV!hr}Stc(yPpKkIFkL&VR!NUWm%~}`w?ZM=5
zMMbk5tR$z1&~;(jPcLbF6HRw<BQc_LnXh?|l!ZZiM${yKo(M#eEiG*=P5ggb2|k81
z3mL{1z0|mkH57Bt%}qBLbW#`<;2BXAo-C`wTFuBrjmwz+v{oG<ucq*QX(xV%u}b`K
zky7RV#g338Ee0taY($|*KcEqfS*MitTzyxEa%0$A!akS|ApTV*+Seh%8_nYSMMLAh
zHiGby2L}G&cZ)%qXMzEWkcuW75%D;V0Z#>gM}~cl+oX<zUB0dXQDqQ%Nj3i1Gz<j<
z@sZu0tK`?hZ12H)XJP3j`1w*d1NTUpS`b9-8_0UqTBY1GQm$ED_<nAPHEOs}&K`Fy
zEe-bF%r@Ch86+O~`5^DvfMm)r*+xjY<Mb0xO5<)qdBb9J?&pm2oR{eG9M7ffm>HP)
zQrxd*QG$B_UNx@cnQTz~*_|BC#!2g2e2%Z4YjxZGt~4x@r9ug0V}Hq1!*oVkO^t#}
zon60-_xh{!*IFNqu&NP-R7>XHV^<o7<*bd)av72H)0bFj7bz0|rst@;W7{IrLAC?_
z59a=%aXx>(j$AN>VK3*38(QsF35STWmABr2F0jO{wJ{H-bBud}eiO>srp&Ghb?>N;
zlwDdMOy>m!wnL9H(f*RbSg+~_Pk*Qd0ro}3G=jMyCpiIIc^AnDh}FqTG;BwVKVMU%
zWo)E!Hz~{mOMVDM0H*~8WV0k4<{c~UG98eAy0fx|m=};*ET^&pgcuSvx{YWW%oW5H
z3^|u<wZL=rx60jqU)SUYZC=MFX2ktI=qIx|HhlJ2J+2IHakTFD|E$Zf;|#_MWU+Ko
z<F-Tdl<DZltcKhww|L-#_&OZgc0SPpnIt_|eYym;<rOY6>wK+|53mjl??LL}PDW*0
zg0WVC{SP~}?tsoDHnjUVH;5ATkZjFHB`uw3^@-FXW+u|t(-R(H<btX;sP;yu_?)CL
zd^TstpXK=Njfh~^$4>T@rTHK%jrVOlMuwiEuTpl!;fdzLqsB`8AD1Dpl@kq^0$F<Z
zHjgNiNP2sAmHRvDOSMtvrM~paU3tWM(F;D#rX+WbIL2L3o-o^B`1KIa<~Qz5%hKRc
zh$u}y9VGO{r{XQ`Z!RkdQUQ84aA7FKgL6ZO^=6CUV(9c$UT`9sNtigKSbb)t-X-BG
zz6rWh+AD&2%q8u2^}MY(=htXileFtZX3Lbe_VUlKC>LDEN~wu9=^HQY)S<OL5!sn<
zb9p(08f-Ohv^udn8$OiW`D~x`tf2ufL`oRJeza1hq}D*Gz@JnZ<Ic&JCP$R-GHG+9
zY@WcC=&T*8JBHdxEEk43Vhntf)ktRdN*(-AK;FGg`TLMmnPwwJ4T7rcXFWE~CGm8x
zh=my=Xw5}RRL4Yl-w#o)h^gBA!wr9X!?kudK-pV=6>5sK%JJ-5=&~{>LXK)>vm*tz
z8m{uJxbnuZ!$u<z?x!3R$|_4QJ>pbKKP_e~G}+0~t656g>Q0|`U&%&fH63A3H_n?~
zpeq+;kn+0KrPYM;l6LShv#kbi@H2zn!N4t3Z}z>CA{C;x%Gr!8rK*%-<G<AX9AHOP
zcyOVn;{=3iZSTsYzguA|;U!vzB4`GP7{^V`R9_|&4NbRQ;LZO|dUJ{;l=Gk^*b5c*
zNX)#o8I321pqY(?lajn+p$*HY0X_4V_1D*$kv_X5(S1h`G3Jymm-N40Hxr+urc<$U
zp*%08v8X26smgfnp}ODAjgQbPI@OjGMM|#du{cI(oH5T43=e)rSlIFh-wX|<3p?@B
zagoZ>re@gxXu3D=3p8>r+>1Tep6bKkrBPZ-J#*(&n9i|iP;WFPwrV+nI^sxAO^Ja|
zGB?m0Be&TAL|K7s%gcv*Hk#A<%_suTtKncl^+u~kRh2cYN#^o?lTeX6&wXY)e~`px
z(q3eI2lVTkAf{sEM>9AfFCR$5SJ|AE8fyqTTb2ub^xz|J%#F7K2B@=v(S^Gza^`s)
zmR_9FkW?FI6mnb6fc~(>1wGzleq5y$b4Itbx}-Tae9<n!iJ&)q=3N5Hz6AvH_`&9o
zL5}ac<6bOzR&`8^^M&ZLd$Q4c_K7oO7+UCvNoa}5E@7HsTDtobxr==xlW%&K(a)&!
zjKeGnm8UG|Dhe+}_3@9#QBsBL;&#ZZWYS;AW<4yzW6#RILgaH@lG{7Y+s8=2i|UjY
zF^lPle-~dz>NAU+Qv4N8#G*`Yk=x@Zlo}lPtRnQKkU<4B#U7cTzC~>Ag(24)UMXEP
z%cD?2ZzF(+z&8ys7kgrdog7X_Q^aE(aIW)=JgXdUm*_@5L|%iwpZ4NaU-H^^Q^Su>
zJ-rvqVK@H0HnM!g<DMpZE=8{U4QFi0zBTj4M6Ynt8j4mGLq7$QPO>*A_sEXQ(R4+w
zGQ2swa(p4aae?jFej@P3W>-dct;Ooxw1QtgGg)$|+{Jp@>?FyQl5f9np>$4E7af?=
z&O{`{&lf_b+XB?1S_zG&Nld>no-bj49x742IvhC|0ISum)=gM-lKkS@GFep!0X_>X
z=j@9T^p4nu%T^uoy<nIMu*26Y6Ko%vlLhL$FZ&f{#!f`F$zat`N<@khr}Iv5Qw6wE
z(`FhA9xOlh41^-Hkv^Sz!}&fI*nb_DnW$?vYkU^8=x>8RSm-VokjQsCw8LzG@1T0J
z!@GrNo)#E)^bh=qeZ9Atkx}a@{gJ_?JT<(NlJ1@({TC`*<PYuBK(m`)lm~n0nWbvI
z@fuEY@+4PfC2w6pnFS-DM#r>AySz%r8juaB)iXu${yjr-yarbA@U#}1|1_J2snY7k
zm`G(3eVELkrp_Mdpcxt*Q)RXnW|`>yOe`;--e+Fa*giyLlBgXY6%>Z*2r(2v!Y3jh
z|L%JEXL3jZ>ON3{Pt+~`r$QD#_P{1#<n!%80dw!C;-;+*PsG=A5w&V?qT92Pg@F%N
zljj+a(~4e;uXB<Dc<=OJWPPo(7c`L(OWGm_9V3Jr*(M>a6~Y{0O&DPvKe*`9QvwMf
zS=d`kOvqWuc$kkTnxmZdj)59+YnMt88|(z?v6qbNVnStXR;<)_jRX2l;&>atK6TAe
zb^;{XExVVExc1rHzt_CqI+nE6U+qLoT(EjRN;{E7?deju%ITm)LD)p{Lzk;Jf7PCr
zl07WrFC0DodS0ieeNt1JhT5AyVzJqjmSr-M$6u+7rjhUU>>`4~6qNyf&U`C96Hkxn
zd}ganvy>)GpligHS;+OXD0T_A&bpjMR<ZoK;_{Th*udsGXsucz6NFo*Gu53&@&eRW
z@~n`9+5?&$v|-gS_}}`|#vG{9g_J!QU39x>`e#ri`F7-N^>%Z*4zQ;;Nbk#=8&cP@
zmRsJ%jMmN--AFyR?nuA69Xo*i9}#n>;innfH{j=@xFfZKuy#{Zf5n#M{AKa+?;sl0
zlJxl-vDl{ZR^Jh~TQ-rGGJP?C<m~Au$SgN750uk(Ga4R~lIT_X6EP@1q5~!2_hS`#
zMFr&Q>EI9;3f5Sx-TU<rrpTF&b|wfGC9`1(@Y3!5Sa&`%)Ksp@QfndzsHqKZfq>Nl
zDFe7s8NvuzJjYFtNQGb)vp7lCI$R5K&nGn1{Ad+@VSxZWv)lv*it?A|=<+JmbBXi`
zKk1;@9#63S8UqJFKN1l7Rio7q^9CXEw{YQ4Y(#sb6ERb(0@h>VL5>t|aDnx&O#wot
zc8%7DvMoEJQp^zq-wb|<?jGwM&jnDu46FCTm)OTA>!EAN<K1(Lgu#Vhjc>|-nyD`P
z;NSuJuG|0!m2(yr7Sb;@)GsO^<(XX>$Sb`Uw?eFhfRRT$vup)7>H=kgck7(jo+~5f
ze;nBI2yHhI#L<qAMCgx*S)Hy%4V^v0P`=Nz8Ra=rnKM1CD*1*R9HUXLrJX$gmZ?%$
zOwP#-87?t%xxtSVJEp=A|KXe3vSO)S0?^6+Kcrx`#_U@k`Z7{oQgu}OZbd{+NX(Ys
za*@lC*6~8Oi<rTAbN-#|2>P-!T?@(CAMO1bZ*ZqSikf-g`rC4i;B@thxo}B0;Q5qy
zvI9>1Il2tR$npDD*zqf8M@CFEXfvgP@K`_G{M89(&3=`)&URC8Lao>2bOdyar7Xbp
z!r$-Ldvwx|nGzH-KKcIvtdR!@Zb&YJi(%B#5pWR*BN#xwS*L$;88R>NFL)?_f{=_A
zx!X02tP7~xKnWWCv|z0k{2+&uAB=5ZA^;sAt26bO2LBlNpPtcd9lUxbJBB8UpTusU
z>#|e1y=B;;Z_+yIc;q!&j@V}v0lG9`$-&V(Gu3wtEkh2fm=}XH(~@V$w(q|ueu<r7
zIrvuRvy2FRSkx`0yYxg@i}jXDYwQvn9m(Z95OA55H2p`h!JRGpGcI7)OiQV$H{=YU
zql)H;ednePO>soX01F!?3nx$W^CC-Y?#$N?1s6{~#=@32umvf;d!6m2vp?Vd*wrtf
zh6Ba2S$%IV1iWLe*p}c160LRTy>0NvAt2roX<=f`crazppoHZtXgfN*(huVB<+N7l
zVXZpDg?{=JVCaiG(hnEX!7Xhescns@#dB<HX$ST<w294T_f78@6(n#+E|F}vo8P!Y
z7Z#623sn<^@$!Mt7y7(+etY8AA&Z6k!a;XR>G4VFXtS2i{4>4u?f8i7eHr-$9_&H!
z@=dn6^bGg0QP#Yi1FZF`wj7(oB}C}6KT#p%{0Cx<f{RTM*I&TM#%W5>I1Nj_lOLga
z4a>VWi+#jR^Ix48${{9!_t}%P;K;x2ur{A~ZMZHMDCP-L9cyGW?N$WVN%gw_b51z4
zrAv`EPIK9Gk=NmT-2JndaC2wducVb7zV4snqXQEb!6p(!4=`Nk-vS$U>z1E)oOUP^
zmZR%`{{09!e1se(V|^O;EVxfmgYB5-zgu8hxjyuX6TXzy5tn1A>3+}>)sT!K2m$j-
z-%fzN{Zm|9HUNWj9HY}q5gTlrH|YI;$A8;_CBZVAH*Yi<2KL`4EGj^5Z=rqA61@1Q
zioRUydv1NS)hh&^_$S>a1(Qam+zcgk{)6Zz0;|UU^J|>`Z6J-CVVBm3cFt>xV|lx#
z^P(Ts|4G!@|9%ljsQPCyQ5*cF7{E^X@&6urqa6_>(6NJY{y&qLsQvfaFE!*vq^~O@
zSKvGvLEg(kDYL<^Pm{R<gy7g3m*B^BT-K#du{lsT?v?NFpt>Z(DV1Xf#E4?!P0fGz
zg^|8Xltzq_El%?gGC}D#-y(~s*FTQ{5fLL+VBaTlirT|duE`Kp3}AJk7012z)+@<y
z3}IN0@2k=FuK=^ks|D~=*6mEA>wZc5Y1#iB*m&bb)`DOyf)*h*iMn<Yw#moKiv|ZZ
z*(~>dRQ+$Sg9buEiNi$5kk=27<0%t%r53(mASBf#w!w6uofNK)xwv#V{{GK()-P(D
zpU=W9lAG#?^!meN3mXV-c|ra-xA%_%m*m^ehj}BAsQd=ur%Zm=h~QP0L%~NLQ3s~M
z$jWauv{<rQDG?^DmXjA3cK<y=hzK#leFndyWpM-BBnHrfgUFzGd1F>{Ob9TfgXE5#
z|8tFS>;J~1_FLNAv>Wb^lF+%=Jq<z?4CmVN!30Z6?602o;`ZuCz)7n6RdD_LkoP=k
z&Pe3=O^sO?Wr3Ec4+DUmDfhqkfJo#pX}4p`AO}vA8PUKr^saJTn^kdhcQbNdO+Hx-
z#5&s1KQM{{W1tuhXLCzSraJIET7XnLR8d-|`5xH2QDLv`N<ELr)MYR^<M+@QTK92R
zDl{bY_f}{R+~ULW^FGi9oAPb2xw;zp+GG9yo|MAkdodxyr01U+?6YQ0-D}FhM{T(!
z6=3XUUHm_Pp`%m6AO<id1UID33+fK0G4my*)@O)l@(wI{fOTJYgoQyRu>t70QYWo5
z{n?RwAOy;zseQK_`X9T|LYk_^YoaQxe3P^M*1e-ps&a$YCW1~(>;G6UxYA-e=Xf4q
z<DP3_ozy9~i#b;R<0cJ8QQ#g6ytr=HV-J3kF@jIi|D5;S?JK+g<1;w!Mm%MBtcriF
z3G8uvuk3xH6IBCKu~00%ZpNsP^?dKu-v)%<g2-BN!LU#VuR(RQ1N7|q=!KLVkL)VX
z{%$*@sv6vW$DBRj0|;?hHm)>>vWa(A97wh1vD^M^d-l#kN@+-9;&B0R$&qV6&0Q|{
z&Jw(waTau|y*t(0ROtW=fX_*{@Z`X8AJs^niub<2{1U+F?WAofLwY=o#Rl#nR|+!^
zX6K$t;2{qGPr8sUzW>O1S0!6K<^tRE<3_3OOLN?Qz>)gkB4zw;C;twJ5VmSG?<S#x
zqcHLQW3rhgHja20q=UFwy(r*EHP7Vd9<g;-)9rCqZSJn4!V4fX{VChA81d+*IG#3a
zsfS;==XrZ}hR3KL6IR}9e9^Gn?YdX}eA{1dJD^jlqZmw;VOwp|0*35JoAK;u&fSjC
z-QsES<vm?0x=j4^MHzz0!<q7ozE0k~cRp)%sa9L*nZa5IL)i3Ryr3PMwFB;nEB#v4
zp9ZM}4IS2OTmQx1IfEA!wL-vG|I{yr!2~%mhpX?z1SrJcS#t*iAYo@c{-E_E6&37!
zK_RwcHXNFij^5z*dSV7w@DU0M5M>H3Y-bc0*W4Jh)VnWcG$f+zB*GNJe8Xw^z1)`r
zWB`nFaF1`uNrjBda5?Fz2)6_#i%q3&T+W)iV*`2#BYG6suRHPd2Qhv_lp84uV+%X$
z{<)NiSrGpBXiKHHF_YwQ<`~D&;~avFpLXPZ5(x%g>C@cvi^PazV-DoAQ1f_3o4grj
zFFUT}vms*9jzj4e9#jMQcI;5^8V<>Rg>toX7{)~7`r*g2WmOrEc!;7Cf61PK1Qt|f
z>*@#K60V)O&`)7z<Jvrah9+-=V(Q|jfUZD9ogc0Ej6-$~|Awf~#XZr8RLP`$jEdwV
zf~c=0{r%Zm-QvioUVILkvBwE)S6gvulJjb7ouW+L--w~L-`F;$q>_(PNY~WoaK|Iz
zW%&+&^nGJr80Rkse=jat&JiAVp98zPR;-H^ElU(ce0AWe`#$j=OZuv@_xGeevr1ky
zDgt?JGp9a{-zfQ$sPa&wMhl6}QN5aQji5f%@?KF-_o(`ozpO*;MQ3)g_=Hya@m2U#
zqNw4%^=9ow6R)RCBZ}*!ND4nM;+2UO*zl&Ki5TZEn{}jLfHu5m(UFSih{SY#i6Mw9
zI#JFxIuUcuZz>&la9C@zDwd7rABgFNQW#Fd&9cv_rymj*@RI(t^*cq6B%8nN`>GhH
zpQP+1o-j+hH;++I^hOyM)vLaqrFIT8wg6*h&4^SxjXcFW(H1;@x)G>vjQpN;#F_w9
z_k&K5SDFmzP?j!-8pNY`9$Fh1A?1RG6<drmXQ@w9uW1#UIf~71OJd5*{V)k8rnpZR
zYfto@11Uy+d*~b+<JmAd#>PZ=;Lgunxy-PDn!I1+8<6@d{FBV~aiJ#Gn}kb*hCP2A
zKu!V!AI;8ill7ay({j<BUX;dNoW?C6j8nRrmMP}1G^&<BB9a6%F_@9lg@`0N%{!Zw
z4_#*!XSCdQv)+PdX7v3=i(#bu(-#g5!Op;!6uj3gwAWc?QltCZ8`2UzwVCd-NsTh*
zfwKu7+|tgN`Pljs$m$$Yvq?jL`u-9>#qfH2CH*g|4+Q!#{wF8N9x*Hh4p_FjM7?qZ
zad82g-1d9-VE^N`QoQk}SJ!#cd4;`ZVo29oN2TN0<{jRW=-4pRgL?u}4gj4zc*P42
zd>3b}E{|x$?m|mDK}>yhQSs9`p7SWZ4mG9nGk+;brk;%IP+#fyJFLhXuHS0ZVoU0A
zn2n%2HVO<H3`Y-Q-mdmL;JV25d(ph}zIA15_o&ntnoLiay4r<<T5$M*jg9T`G=gfp
zoa@Eug(3q%D3*wwV6umhLArb{_8k(7(B(%8u}P7oy=`9;zUE4sFO{2ZwTR^ye^cGg
z@K<6uCx;UwNR6H@JnLmO<BbXqYU=bb%98FFNLSo}I94HDAMV5r<prCy@YkM4Vw;Ud
zSTdAI0*iqi1wpx-lD^PDt8gn9uTKl3A{OQZg<i~oHuS`{aAFu1h|Of?OKLU;2DQTM
zIM(JbtJ?!MPYE~*6}<SV3h#426_B~Y6*$>%*-&hn$Q1ZFG!a7z<+2{X1Zx7wj~;~4
z)c$*G8@=)%qkzM!XPtK#wBw%Dl1O)Q1Wv=k+Cj?JdxjWEI8c_Qhpl!%2AP8?L!rhE
zw2X@8lyp9KMz?dYL`5cirX6r2Cf1^AJ`ziO;0Yw9Bl3Pg{;Z_`OIqmlEAn{4k)fKs
zMhxUVvRR;Rt2b)I0A*2c+8@KMf}n8LbAqScZ2qJD96044!Olxn87uB}eMrG$|BtG#
zifU_XyFNY8LW{dYDemsp;<OYBw75Gh5CRl}x5Xg@cPmh=#ZtTk3y|PmToc^g34hM_
zUj6GLW9*BJ?6LM**>lZjK6Ab|_c=O!V)Aw?m8&Fft+ch4s`)e)S_+M`f90|m1;1m|
z&XInanwpAuz}(;JnVH2tyVxaoJuo&i?g*D@s%EaAZ?wJsy^bYCVsqI)YY-o*Y~PXd
z|1x$XPL&3g5&z;dDr&CBi6e^Cvor^*v1_~e7xc<*Ep|&hCJIeq(;z`3NtD1;d`91W
zrVRrRzaAFZj?wQ`&V!LG4;()G&!KN{N$r=bmhLL0EW72pG_ulhSRr0yiH4Bk7e<Q}
zhwsY5j~@@Q>t3u{CuatROQ>hiu;r|6g=5Xf=bUvciL*?zhprqK*eqP7{Go8s7kYoC
zfB3v_ucj9Ba#|f-bwupP0Z%uE;EgPIiW{k^cED@VsV?)t!=*#(fho5PB_R?s$z*FW
zrYzX!hFW*=%vjagl9?*$lC-pR+lh_08{t42<Zw;q55MFZV`H>0!^BvpH`MJ{5K=A5
zOxp0tSf{XZ0dd6UTh5{aA4Ltu&<_|wA-EGSyn)5;M&&6ae^t<19kpePL5=CC%yfMv
zKCM7FPxtL=Hs!9D9Giab6^AZ~M@D&!)333Mcl?fxY7%p;$3ppBX&IBr>1RYlL^G`c
zQb@AIpOgh?uNUL}g5A&IiodsyY;do@+p{r8eirRMGSn#oD;bkt5C}GI0RgqAw;6~A
zpCk!|5PxW~inZK3s5e<w7X7vSPNsc(w{V#API1Ney532#`Gti+5vQmB=I)n-{Iaxi
zK;eh~JJSg)Ep8rr)1C*2C<loj>@T&D^z5N!r8gUbnr}eohbTED`Uqhc*D~L@kLaiR
zz-jU5LI|tG=c>-M8J(Q8zuRAIp)qT474b7~bkBtvnDkkqTlQ##OukVgYJ&`jo^1@;
z<u?;OO6!Tp5-9t*6eV~P!!+OUz3B%nL!+yN(D`5nvd){!&T=`0JbNSdwYi$<zU0bT
z>ff^uhDz8VFOGfH;9zRz>+N{GS{pWI%ve0|Fz6CWF15PZ4g!bTitxG0aDsEYpIOEA
z5YVhH0TyEuix74@V8%VU(GKP5>_}SdODL{ldp1K9$nWzTD#bV(37pIn`Apw0{q+VO
za!+Hqtwg$;mRjIp$+|IQ^~Fu%)7a=Z7}o4n)AR%1A=Yr^+Da)@?(mxU*+$xLvOx_#
zyq_@~12sPT^qg{zQM-$mK{&}XN1WPu!x4r<eIJOqg6GFTXWUxHwvwZQ>`7$ejAdPe
z6|P`9rKc@EQ?~mjYP1r8+^^Fr;W6iY$HhWH)YY)jbocq1@Ai_M@gvIXKZ#sNZxeFG
z2q?JTA_h%rYa;#TVa-qM5a7<qXbNb+w4!U-T-Z~JT9Xhj;nEt?54+Q=N2~XP)AC|6
z2AQA8KXJbP4|-S^I_Xj@Wr{f!Hg9ut9gs0DSRobdB_ND4%8Wg8KhI|@TL=uez^{UJ
z8d%Hy>Hd0Ok)|2(!_Q3ojBDL-O5SG1V3qiT0(m1^V$ryLy9J?mP{(y%#Y->R4b#c#
zX}h5;32DvSTsdF*@$pfQuzQ5h`w!UYZgLi)G8^(~wb)p_7Pok<%@;bjo?f2X?XV1-
zYb;RP`#C?*>A@!X_kB?)E^ry+|32a6j#!FYeGAlSTCl>ZojFpPHB;P${C3OF@kLEE
zE@=0HX=}ya`ZCYL7>0FahusS{OtMG<!s5jzi%R^N)Z>}m#(y5$VD7FF%UBJDu*-=!
zqBiL?3^z@vyd&!aUrij22T)4}0nUCoE=S=tJN-6GI4)?_vBLPnSKkO&Y;M4gupAc+
zhu6k)A%J9>pp}E>r)tisog^Yv6|E}Gw!EA35fPv67WNRes}Ug#S46AS6Aq4W&{|@?
z?fjG}Bw0+vVNQInd^r+R-Tnoc?@w(|s@*LQ(cAwjd2!C3qdFAv8qB0HObU<a!ZTLl
zpjB{{-k=%jYzsQ?9U0Ov)FCU0qmRxSnm-=yX#CGN^s&R6G~3+<B5eA`lM^SW0(XGI
zJ!K8i2)qf(RujFdlOs-Vbu~^S!WSZ_<(*@nvK_pm7kKc-3V!!H+}J*9S3dAzp2XTG
znEBw(>6@+jMwaMH$w2|$?inarGeu_1w2=(W<&Zc-%?i*V`zb^Bi`(i;pGmDq5DK@#
z(rQS{lx<^;+IpcWF+<)>9@*&T*uzQ=c;&Eet4*&&7Mosa%^<kSXd@y!v+-tw+WLN@
zvbQfkj&7pV*3gG|e)Xd^y%;XvR26*g{Fg}T$ls>E<b-5}$F&5{5*7SJFa92Giv50^
zY@9dYq>VTT%K4s_YU6K6y-{QFHe2+u1_N<{54P#9szOvKrw;XV9|>ua#fmq|s#CXm
zX5iuLj1+czLf<03yH(7BHyVgt7n>PU89vs;*>%*s3f1cPsM&M{j>IWjt|z(<uhnbw
zrh7e8n&NRcFeKFRS~0{iRfLhXZ$Vk#xD#r}c-tTw(Mrc4HTAvCT?yIS<;X~RJdt6H
zRmevbju(r7Hnbtl>;VPV|4fwVlrTp>M+)}TJDhUv&DAsfGOB!~&{ss=?IXO{ycdtq
z&VY2q4MkY<x~^;3Wg%3<`Mj|DM8cM2yLm}_r*)_hzbIdmKaa7Ik(1>lghgoyOn@!F
zilV<GIzId|w1I~`b#`$PagU`IfKOGL$t<~bmL;<3X)}x2yq1jF7*w;wYKiwMy1*_I
zBJO9jduvVdZvE{1#_wLci&Nl{ut-=WTK;q4kMidw&xR~1oBJLv#W>~rk%ulbh50^#
zg+~V8QE1aDJrQcZ;l)ebhK1mc$e)Y11ugrEd_JKJyw9t)6UCc$vH~$BmkbL7JnG+q
zZcE}oyOoVVWXQb|I3qEZOl7$fU>QU(kS?gUev;aBi@6oy@s&I&f%Fu$V;)Bk)Av6L
zdd>+&<%g_)CIoFeoUzD1Q@JIE>$2QSr16`@ak1QT7@pYpuh+MgSxYBX)@L85RtM2h
z%+4&+oiX2BhA;@VpZx1+uZwyq&jKK!?SDe%AQL8h)B0-bw*Qy$ZxGML{$l8hq_fD7
z6O}-80gK)7Trp_nYk*dNsWqxw<Z6}V0103YAzpqs=%ST5v5>#Hs!lL__a$Hcgqu1g
z4VB52|NX$3Fv#io%_Tzw*&zg;ei)drZTf9{g3IoxhSj(U8?(S5ImkBb7!dKFyQ#S*
z^gicCiOi_=DMUkgM)`%b>sA0QVpA;p!l1;-W*(ADd%o1tn<YtSkwf_D@7B@RAnxAm
zaG6t@=e`%_gPe2|U*w#Y%<Fu7zQ^?r_p3j>&2lj)&H5lq)_l1XK$0x;l;)?*@yJjg
zGAc1t#DCDkbrF_*@BZ%?h>h!-W2SkLt?CW6K#675HeXsolOexV1eAj7#Gl8}Q5OmC
zc{5Wwq(X+i8KP)cADY@XhPu)%F`VSFR;WY}zOu0?Xr5aAa!APh?IhfR9ov`*jy+oV
z1+YeTa)u2u9O9d1#b-$k(bLq8^R~yu#X0JW#Mpn@ZOE0@hFi${3ev|jI<nBKn8;}L
zua(ncmgKOu^fUx914HvCh!Pe4eDg_cPl=4*b+4ldw)KkG@3GfVZ=uTs$1C%eB30Vc
zlM+-oSMWDh9IH+~q1G@OE6`IMybC8f630d2o}zfgZ;`=g!Z(S|ZO13Ipev{q@I;hg
zMDamh(xWi^fR<Q%uScvs=-(m@?Ts+#Gchl&)nb}u_DB41gONLWG!oLOLUQ-dVO$@4
zp#6qpX-^3^84-shVF|?Nh)r8*)K!Xb%JX|n68vBZQ#ew%LqQ`&Ku7Q7&)2Gt_9og9
zd$Y5kmD^=IIg?Ni_RhP{&?PIlRQo9t<*)$abOaVNTkD7lxC~C;|4!KsI*ZKcjh@L!
zR5|L^4Y40y2Aw&z|Hv<BI-FO6D?>i%%HK2o{#`rvkh*#NYxCCT$PBO&-ga1%tBtH?
zzLs$u%8EEtymABQCwwwIYf;w7$kRBQq-gKV`uXuJ1Wg4yM(jG<WZyi@-X0$DSMh(M
zJPdfayU*KHT=v~$z+?R5R1zS2>77A5F;<>CCu185M9@;WX?t`?&(BCdlC<`ue)WaC
zUxr{k$1Clf&LN-6Vyn(}M=XDH=iAVi0iA{)a%F+}{v%7jhRc6)5Nz6vd{qH$%*tHd
z#p)i<6p29tueq*V|2~6p``_5_M`nnenp9Af9s{H-`G8Y4vxRCiwN6UpsKVnLvuZTL
z%pIP7G9S2FoDN0BH6~<ad}%HWc<91|`XVJ6$qR>y$ITmDb53o5qbW_il%-!3l|oq3
znml`STfi-yovfhEMeGTpo8*_GMd)ZRt$j%`x{|7T;8139u=|fi5cl9)ise9t7q;lI
z95;>TtC4a#6KURyFNz`2r1e-?=yUE~lKe^xt%C!Hz7DtI?VcE8g2+n3%<#86<qC@y
z!@KPfhrJW^prF=rn!ZAgDuu<|8J=~Il6r%vPw%Y1kg6(S<)bv1M_)yQ-PFM|*<E<V
z)&m=E#`itxjvMFS8LLgPq3y!Ko#E`sKazbshO+)Df58biyGFe^KD^vh<X(SvDKhed
znC=@rN8mS%%!HmZUi0sdEi)o>NHCaCRaKQ%>Dy+5+iX}6N~&Txcyv(bHYRR}=9}en
zm{UGD)jYM%ZP#({_yjI@7{V>D=Gu0K!(x?F^CrAKTAL6h`#hqRC_fPP%y%I;QrZRY
z=pd2>zaW6r%6%#9^R6N?zxtMM<7srZ65y-%67?Wxjf^rqg}`MobY#j^SgcAANPOYC
z$R2@Fkyk+5!2WzBqL!DUXbFPQ_ef0tT`l)JCC$&pd%%$s*$nrKiiS|2r3fzNkDlM*
zs2t6j9a^tv#U0K4W&pIck|X70k5(D@ghToUjIlj^^k!ynE&U#wVAC?^9kRKIEyb5W
zXg9`V1#U>EJimDpX>i+DPD@>12Fn~d2F0bwL7<^OZ<>%rR4NNBbe`ECmo8jJd4}e>
z4*tpQVSD&))xE-o(&dZ1{C3J%nh|8nFGW=|BN|I`t_a_17OLEo6v`K}FDSk8%s7V!
zZb6<G`ps9j@80EvN-g;rXr74T;>xZw;As`S%P~0eMIJ-K9I(e&TSmD-ed}emCEFE6
z_}*-7PdN$2rk@yja{THMMnO{xtfJIcMf-bd<B1shPf#O`55cv3)8UtdI!@NAU`P3~
zvY&98{E)9z5S?xWB5QW$<@L}6C`t1PE^gGSIiDTErkhLE_H=^?pCm3d23YP;OFI3M
zwaTHSs+<Qo7(+@w8datlrlFzL+%h`5$bq(_oB}McL)1y>f86;l`4Nzb9M1@KuTij;
zv9IHiFpJ}+KsufBD<dv#SVYz$*@yJ%>cm$<|9;YYzZ_#ZhL<jYcf~~J^t@v$Qhio1
z7L`;cFz*AOR>Bt%f#MTARrl3sNr(pFK8`Ge6)N|RlyVF3lVcSz5lW9172K5dNxuJp
zku%xak*m?{PP=_s9(!(QBA7vEL_S?$IhnGtvK@KYfhJjI+b8LUZ*JPnb;WDmstDgU
zn>3+^TaNZ}HjidEvCi&%vB!x156<o%6Mzp)s!@5Ge``G<HXC;FF?m0Wa~=hrZMV$)
zc9DA$fY)sj$W$$01#!yH3hxHXGcL6~#=;E2yP&`tRO)(^)@#JR@90!plu0d1vLc3Y
zMCl=C>|BvGUROy1=c$$+$f1X?tP+rhNqM2xF6Ud(wXm75F%A`H9TGx!EG>ez^6+|&
zU-!rX+F#t$g-WHhhnWGI$p~opJCb^Y(5;tBRPcLFQ~L0*HW=f)?>;;dP}zZ4j3lG?
zz$LIu`V+Gl;B>v~>{i)z7hVfp9S9meQTF9i{?-b0#++VlB}*7%PRJ{akFzGr9}zf?
zbXVOk*~VI_`>X#>c$n^qoQVY6k!7^LbjA9cSYOW{ey{lXuP#0vB)P%O{I>bdeQE_e
zm&nrmAh1S0h>~ypPtb?EuWZ2>*B`8CzO<NOt6(fZ|5PO)TNu%_1OBCaOyvRIJPgI<
z*GKq6KAVfe%=U(2-&n#CmGf~y^Q{lxNvGfMq531U{GodAXE!Z+1|Pl!E#Z0e3Uv%d
zQPa@8P!J<vB^%rDyKsi;+7!In+H>xKFqw5v_0R>}V*O@1r;%2g3xagnKH0NFD=XHu
zvQc6`Drk&2_h)O(_Wnt~y0AXXv*;Zd5b2iaSe_m{h<GhC<d$puY1(dnV@NY9?$u8)
z(43BvUeHG$f5QyW>frj^O>nvO6iej4zV#u{QjEfOt+NS8;AlmcD;M4mjXMw%S5^uf
zk$Y-oYsjgh25v?Lf#;ObKG1}dpxcYgS;M8ejqVRRh9zt1F@G6+8BjZ14k?q91^UvD
zqWP|0JE+k?m=$8;70p6zS*OFur^ON`xT@~e8=h{%4(4{XH@mqID^l&(RNuP3B_<_>
zZ7aXu9Lx=k^DcxuK_S|gqMA>wI@sceQlt|%^a?Ob%z@mHzhb&0-71%halT5ojB-Bi
zJ-G%f*c}%b@o)1#&gS_c+aFvlZ&~xK>i!u*&L5o=HfLbA>`>+nXtb{-l51D;MaMMW
z<&x3|uqmNva?#QJ!*%Ul6U6%E4!@Gx+J+Nq!>pPnNtQ-e{+hkPbxCmBtb0buy{#Ys
zR^LS{)Fy8~-4KTgln2KvS%hMl4%?f1Uu&o|yYJiFudc)5LKa_&W77smyeOChkBDJ4
z)^t8@%Ov?-0UnnMzNo)OmXg~tT{WnBqvOfJOwhrs6Vz?~Q6SV&Y(vPHUB^kv|90*e
z(|_r)ym(nqRueWIqg)_OvLcQBFGRB_Y51&k1c%|?peN!LJ0e-C#PfM$!7-hjA`1aM
z&bR)DU2O_-V}B1tM@Be$G_vWY-_HA@jQy#np0Td&8EArN{qb&qu-3Pl3p6v0(*vw!
zOG_I%hmkD7&b@qxyzQ4ux3;+PtnJSyDiFpk{=X*s9yf9UsmMp!hcS43M)XB(K}h0S
z`&0DaU%<5}5=p?FKG-)!`mz2<(5;B>&i+2bmk%t#){eg0?2K5$8T?Bv%OX2;kDeBC
z<E<4u;K7nVcwK_>Z+!;`j%_+PkwGdDva|ECmNI5!f0WxRnv&?@hA6uRIl!Q(arcf7
zD5`I8G{pdTjZsuSN?tt-Ak7ZT2yPDk)mK!zD}51bXTaNCU(i5JhRShGk(b7KL$eBh
zUL{Vc-`*K~rWxR<a8K)~cpb+2qZ)Se!u@u>Rb3-nG6;fqm=AFfY6oY88N+T7znZRx
z1E5>s;V4|eSAL(v?IpfMq^a|VxQI9^o{PgS4!g!W{*lLAQ5fIAPnGF6;ToDdwIlMe
zb$fw~q{vS_F_)waOrhHoB{sXm79fXfa(OW?$tAPvKYo^=zVXc-Vuam8+hWotx_9t(
zCn2kkSwledkXNSq-b^#`DNSos*qWU&fA{CZs{IU~<<Q=t0jlhJT%m~#cVmFNbo&*G
zyx9;2b-!1Koy^T|H2>yMe&QQldpQ<xXg%G=hM&Cr%*p0j`#jWlG2UUovct`H0Zha|
zLW`RFYY^WW(B94Of`)C<*zA@NHSHd>9G`ruw%cj-g%8};Y;9B7JC+b!2WeF8<Mhf>
zhsunMblv`1>dNL*5*>+EI^R-3Suu7YKJTt&VQ@!A^6lKI2Q!XI74Oa{Do9IH_=uvi
z`d@1Y9KBL0xqcx~9^uzHND7eW27cgf`*-)Ww6rwaWb~+p)XO0Gmj<;^0Nt*Xn_9xv
zp;cfrogUfh3@0YY6)tkt95MRNDz3)bYLBvIi-yv*mz}G!A?EE`3(LX@!$99KBI0vh
zh^6uQ@$0J_CXtJaT;C<K5E**bPMhBkd6^b(H8q7VqQ$c79t9qxNm*Y1E905p+v`zb
za$lb5$H9VnJO6iA(q_{Vu*zgc#>5P%v~usj20t8^A4R{-Zdi#Gn#%m`+>$}l2m=mg
znxCZo^H3BaUyX5Xy}AtOppgJJ)R&cY%(%|6+y>*#MPR{;m|}91x`syfopY%scvf&J
zM@M&{BWtARiTe!qx%{``17=DpO54jS1!uXX7+4O!3h0ta-jz9bWgwGtPk$A_yP4ZW
zA6aMx_t(?UiBI@W3gngjL6Hrd*?hjkz`IHw8qCi@_G!Hk-D6~A@mR@9NhB?RjFO&1
zJq)lxFAC7)7wnCkuCf@vUb4-o9h+K=4n=+0Uud3}{&$;>Zl(cAu+1|T6&t6H{6Zk(
za;!<E5epy~){Im0HzYQlX8>;1G@9d<a}Vft++Qxmrwqyi+cfL(#%A<m6W)bfT{Dp{
z`VBmu;2hQ}m8Opkd*?0@F#yv7ma$kYRvul*fJb@?P>Ts$q#;+aZJ}`6(eW{Ugv8Sp
z-#rZrHx667Z#`OzQG<2n-o8`lvIiU2Yfq*;D`ApymvZMs0<T|nJ!XVn8X7{sJ!45(
zD4w<DHkDQz1V7JTsq|H(!gKCuHl=*lBZG&O8MfAk_pG?hHNEP6#XcTCmT{fQp{%9V
zCyKZ(`dva@|G^<D`kB;7(}{zq3zD1&C?Lou1rUBqrQET(w?j`qSX&q<VwOlNe~5!O
z^akRb;a8gGo7!xjfrS0Cu=o%PFLY%c4(Mt6P~+%`kl-IQ;gy$uUX+=F6c4!Ad!_Ek
zxkJwYRk<J;Xv!pI;ZyxXv#tD3;N2Z5&+y~??A0{le-86b{g}w#-R9^R+ozE38nSb6
zbxfy^uyGWXmoCGO%3IzLesWLqdqo<}h4h-kmnCCwH*eK9HRO0A{}-lN*6{mZxyHke
zCqUO1VOvs??^)NJpNmd-4W0gJz0c(q6nbT*(b!!Hw_%+Qq>dU<I!@aP<E+vrx%K2^
zZo#`o^jorqXlcr(@m{DPF8A0~!+PvqdXG)%#dj@Xt~}A{+~wS_OkXoX7>VEqx$}vM
zsb4KmQOWM7q9uQJ^j()P9xE#=7sm;9Bf?i>>sh`(H*z(b2Z~KBPELZy;s3I8a2BYz
zo{e=BX==Y#{qUh#+JPZl{6IZ5VfDwF^!EHmN}BaI7Lb^t$#2%cmnv+w#R`G583fnY
zNK!JE$eo)f-D+H!n<gqakiz=n$C-3}So0=Q`dxZ5UdY<c-%oE@j!m{QaCus4nSjy9
z+`S{|lEwY!rV+f`ms>N&TFd<ROfOsvZRWt`GrLsJrw>VQp3oP&Ep0Sc-4(v5{oOaB
z^pA$BEj%>A$oyM|w53qoNlWib9m}U#AAgZjGlAD8DZ5z)R40xd!y>Qx06&>!GRe8P
zbaUYL*zP-(oo%jj9f@Hl7nkT`i;ru*Hw&&y9x)P9YM{8|VsPMW7P(P4>X&d^+Z{7w
zK;3+Ta+0y4Ck-uSjNNwTQM!Q9v3DPBN_uMCWQF<JS&M`AM>Xe!YCjo+B5<yoTV+I3
zPd8%V`qAl0$I=pWH&UHdT%6R;&&1ieOrjxGwdRlMMNi%ySxCN}kP+vY&T#~f8y?``
zBrz3@GMG?2in}f-cr~-h;Zyr(e31O`Og2mbFL1qSxB?R$jj!VIMalE`?{|i#?wXwG
zcjLjpby61JzH}g1>gTm0z2G4cQMBsHm@stOK@>8IAuMceCJT)9*VV1oLW<Xg@+XI-
zji5dKK3nE_5FfK@I!ghTz;ViH*UBX^Nw!y4c!lPBw>5Re+aS4<*f(Q*3p^Y=uMo;1
zll?PJ?&V`k9u28*s0*$vS{9PS40NDfZtH0T0%fyf(oShRzME?Y+7*0q{&J8eZXx@H
z`s<Sr+`T7l`T<eO9DX?r_5t#gQmRF$wdW49`Fbnaf|1vf>O9H$fwXH*I6qnz&Hr%B
zN8IqjT5Uzz?ratOyZg`<d9R`eq#RFR1~}i%WS2iJGoR*sva<^<f0F)qw9LS@`R+%k
zA2TAXw}&k(`7>({sDe!doK%QSUTc3cU}X}~xa{Axkm<OXLq4l0lDDDk?M=x{_Kj*F
zolUH9bn94EHC!2}V-pocO9}bR#(J`hZP>#I<8d&D`>G6G@f|NB$V!fK?hw~1ERXWb
z#qx{DlI-HXF&XTOXpyHsJBA4Cc8E9_BN#U+Ec7E<n99qw%F2JH7DNFoy~oKa=$1`s
z=_uH6qX2K$7|b0AlPiCu)mG%A!KD1t4P#+Y0m4mMLAZ!<-4{i={Gr|J$QzD@vDkW&
zilU+T6|?7l?wauHYv#FU)ScpWR8Por_t#^nrRF*Jt<7i?C9F*#)PCLGkbUT%tf=nP
z`@!_2nkDrK7-ti`7BQH4u%8_-bdO{#{BM>s>Ah|HRWE)no8m5S7G>gvsEVDP>JP@?
zsh+K{0i<z!Vz8|x*N$UHr53-9PQKnl;I43&@n=ifK!dX8YyJXuFYSXFPeCFUp7feo
zaxfdiRG7~UPpF3WfH0S+m2`vKfDe}3`UKiu=Rl2q$hbMJ1xi|-GN2e*h7MyrmW)4o
zcgw!H7z7ye%CQIIc9|3oY^AqF*109@dwyKQx060EJW~6}5_I=e@!C61Y@S!IVtF-%
z5B_b-?%gAubE+6EA`GU2^saIy=$n!kre7Ps%Yom+l{sXBu`7pc;cAf$jT@bDz27(0
zmyOOqOUbpXIT8M>sDLlE-o7){mpz%^@Y{^kn(s{K4v!4aj27K|+s%e%4S|v8uZgh9
zO)p6M^yVk0tvJchrLWJ6Ol$;^56d`#6WC(Pg^(OhuC@x!vCeE2_YEGsKTiEv2+}$l
zR1k6y;2BNCwaoLUc2~kmk#=VY5aV?2?^$LI(8|l`U1?jUWRd9Ir;q6?{iAyNPVano
znkRaUU34~f?@}u@oJ?n8V|=v>3ttSC(&+S*Uyrh`?mZH^Fz7tB8hT)tACdVZ;-5qS
z*<Ddl{?_x9NZ8jKyo4AW&_dQ91<I8MsXZ8lXg&+KwY5D1oM+$rTxWA>p%(2St$8al
zn{u9l-UA@S@vIlP1}%Dc<a2VW;2B6Rxs*9M5IxY&Wss|N0~MCN-(E-hnAo&%;sWnm
ztQki@=u+S?7;<|#9=zxmAn*UiBV_N2OJ#q_7>JCVP+|)+U=+9@Q+l+zxd~9r_8zaw
z9h^R`4n4lm4Yzxvfn<^saDp^@eglkQZZHf&<^}Hp71SRv!?;`%z`d2BcaY<=Wf?~h
zoX#$Xp%jevTf#KZAw;sp3Kv*%k=K!>d5HN3|C;+ct=HxnPpM8Xqj$S;cQx^bc`>^?
zpM<>U8$#AzIQestxa+35oHCPKz$#-a<CP0C<c}Cb_Ka;ikH6HG$^%CHAY_t*5mwsh
zNH>!3{TAV<-L=sD{ITg5ok0Qnd2c`$>6M|_Z)L0iQo8?64Ew<`dHaA_OvBRv$g1I9
zKhFq=1}CKn!bU>?EC#n-DcGRrT!Kc1WhvfqUEn#L+kZa4JgIl#$qO?pc&E)gBNA#$
zRK+DfG7Ch&^X#NY0`gi$I~$B`7*d;b%#H7jvo&n;$Ett<RW{XhG4;^7kY_#JxFOk7
zZL`oWI3{iXO7zBe@0y{}g-5bF_UWcWdCg{{X?5Gp4h7PnMEkn`(yZCx3Y!`4j>;iH
zy?#7P&|@i0L06HV+HPdUu<2SiPzxKoO*ytk&s{kc2|f!)!M|-vzoa9|yJTdMN8*oo
zUEKBjJ1_ZcpHxZLKH5IyVdi4jwHMTVZaZ-}8@A6ivO8+vl;RaPcCN=wNkNg<{vn2I
zPsY6x1TQ(3*QMjDCSXcyIuX&F<7)fIgP-9dzBi*g)jnnZjZiCPx`j_BYngo8TGAWv
zj7LmdKwA{w^4fZhf7?rVX6~Ay+J9p`pQldB&^g_?h6iCyau)B>J{$oeH=27nr_3N}
zsPN(ae*-fM&o1*Rudz!;G}t^u1!C2uNz?gvYg|o-ZMTD$D%el=yW{wfZme^r!QEb|
zl9*ZE1Lm?F;OMB}WQ&bkTwiokWFJ~Lc~4EJ7=Fw9f8#+LDv5liwRZiyigNDNTsL&5
zyzswqGD0m^02+?krBarzrX2S#P8bepJ=2$$_(Tndf2&y@AW+nRU=_+Z#?77_OF@@!
z6B~~({Uk>h0f*>64DQ|Q>0VQx!<sxJ45JR4{Sm4B`9ymEH)L3p<?LCkfZ&V&n`CFy
zYxu|ff|EevH~*Un^QUg)esqAfq|*C|=-rfGRfrEp<`KWDn<yV{#|MrUl8W&OXTsx`
zgGgBLUj_MZXq$WO$6cLDJP6D$uf|U=g!S+(A?mpDJ0F_&o@qD3Su2+}ey<J)DLHkg
zM$A>QuzX@_j`?r&&r;ul$-@yTxJliqzInI9s{@%^>@)u054u>978O-$NW-XLZr#_Q
zhdU>%67<}SwKDzbF%0+NaNXc&FNp(mz0P$6Fc9o)583=^E@+c(?kOSIy7$oOkd6V|
z4R9=Xo@LgG-1lW(g$QMT8whW*#HP;3DVtYQqi#aIRLy7cc?ap;!j%i&absqW#AoW1
zZVYYyyVN!u6&&Ntt!;dk+$1YjmA(>U75vyyz!F?MP=Y>rIDJ5-3<z}=E1QR0ShXYP
zgcM(mj=gkUXrifxoeMH&V7M_KhJocrSmK1E`@G*v7X7pP1NKKKH|f*(O>c|-cacmL
zs8>+`bralV8MMCsLfKr%%h5c&?Mztk)`+#rK(L2HSyQM5g=c(!{V^;;6>H<Hh!peM
zSV=@O_pBS_=%Nyug3Z=`dR>8kVKE@~u5&(N<DB>7|97Enm_viQabvAoZadMx6C$53
zep3UQ^}fr0xPRy>PPd8(Y2JH%ha?G(BT=#l-`wEuXgLf7)6giy(}^)7usiu1UpOqO
zNx$kn>L>QjV`6Flzgw?+Q>V4*gZRAmABkIvB?W{UVWBPtEFE3(@-f+mO?VT``LX+!
z^CDgs{EQ2}xK>qGaoGSEwUN1GR+DAH|7L(jfZwF<LL>Uue@}puZ<qjhfAPV<<8Mkx
z&qFhc_ip5^l-(@f2&#vM+OD&(7!){VzIRNlYM_CWWy&zRJRf;PYIV2j+uo7#2BU_L
zmBbtAg6WJ70+{noka@J^P^9fuyUz#?=b?e}@FVqf<e%9anGhm-G|>B*>y_~)qB|OQ
z7;-Ns&;O_4VQrz$jwDA@&Qx`iQ;|f$U=}}*_9??|iZ%E<04z2V%cEYEPj-JaV;(yE
zP>uhP=L&7TkXJ#HhbxPat%8Ff+U6+#5_B}h$hDKfOlvYLbt!XPTypuE(5_3o$+F0<
ze5Vb)u)gnR`$S%1JECpYCrg?ciSF%Va(CEFxys{0enVa-)@@|?d5Dp_LaqVqqj_=)
z8H70&*e6Sivl&<}+>ZADn|cS?U0*2$3R3;+fBrWeJ#Q3(XJmQK6nGh+)NvOsWV`=I
z!uVmGW~RnnAx+RSjOBhs3D~oqo(1T@F2z(&!FKeHmU-l0hjs!Zk*)LSdf>df2fq7M
zm%#k1;LTxyP3bR}eTL&CM7?ccZ(jEwB@l$-pa=;s>|ToQHLkwcs9tmHP9V{hA?w25
zwR<Yj*idx=VxNkVc0oQFnLoiT`SR!~UH6wgVo_bA_TGOMs%%_#`)>SWhI&NIE0BF&
z!(Z{)a<LhjK3WDA`c{owwzNT>@-xd{A2pug%&+aFp0;i!d%5>%nQpLizH*o^7FBV7
zn)(e-EmNh6neY!s>)ES(Tw+44);Pt*q~V6KXYm~7J2u2`)tID3T>X~+NlKsRp!bf|
zR9Mh&o19$heNac>j6^F&M6~=km~5U*nf~i>sL3Ly_k(ZnT<rNYeYJ`U>}*K*h68@|
zu2j6)s^1Crs%dRGf%S~dP10<qr*CjWYvxmwL+0-5xsKf#-ss~B(8nG7W$DaZaM3&N
zVaf|%&DBE>Wm2QtBFWo285~hbkDTpf;7=<AYp|Cg7JCJV3T6Ul!MZA<I(^ct$E-jZ
zPKJ3T$o(lpiZJ9a<0ZS|X~NbpcaQd9lkI>a594R)EFk{ol@velt*m-_Af5#(D(V0n
zM=f%3GRco&&A3yg$!nP2+WsW`C-BtGoNjGfmr(0IGf>mDvb>#e<&3Y41P$<DOatcH
z1>|=ZVIpSLfm_Zb;5G#Lj_M0Sq9`h=?Ec{0bj+?DOH2r=o1Ou(o+_R6AnYcIjs>VN
zsMSue$<ikIzuehP^9ntqy6M5Z&Mh{I`(Q1{@s;dAF5q9UZ?egv>`G`kt>Dm#8tlde
zt>jQl|I##92!9h?4Lb=l558V++WS4=v0a>=m%w9CC7j>48k<RrENMl>c<Gu)%4GCU
z5yB(H$3~-otUQTcIPz%%ME?+d1!5hvwEwWuzh@<$ib|*<ZV5|?dUQykGRoE$mJMEW
zdl40-CTv!+LKlNWp%&Jix^4_*iF8t6y#6>xQIknKdS;gR(n}|YOop@EN6RwwzSZ`u
zTZSxYMrc;Fq`W$^Mm)xO0A0<tQ4Q_=E%&0!+qL^;>|d;TK?So&unG<`yy>FQ%v(&F
zU6yfAz41peBqwm|AFcK%ARDllFsUPkgN1rrPJWX2UW9!+oRCDTl|%4$*S?acVp}tN
z`&_uUylht5%_bxsH;)xGG@3!8#bjX%#@q7NwE8`w^WH|jxB1oBz{+>?kV33avX*~3
z>Fle9T$6V!zd5w_(;Hgow5sH0CBpJ$X?J!zUn)gcsF-iRq$dZ=4;lXUdoh?i{j+&#
z?GJQ1;mw?|HRD*~6}caKG+8O@WD46b)GH#S+;pQ7yCezoRHNE^qSei1(g>64o^5;c
zXMo8(-8F;HhTpa%Uj0if5G0tSPggp)|ISH%vrLqoUHb`N0K4sPnj~xoI^sDUG8ZPJ
zc>IG3GR!!yswAIw9FO@2u+*%nUn~$Y2_#Gdf^7kc0sT^)TW!#W={cLCUqFx7*W~do
zj28XeLkuZNEYaIXFRS$!|7xDduDt-RzpBnTR7odnY%QEv#pr0seX*3;z?V<Ukblyx
za}iUuxLAl6EhO=L+xt!P@Q_8c^b<|f$Zi&4i!Q+gMHc$CI6bId5-@!$K=Xt-?dH5W
zpxaVw!SaAar7A~{x^wJ7(@-Z}wDoL0;f$rRq}^Qp7xrbv^{PcR+Zz+L%grhx0U&O>
z`B+<=(5sUv+S9AbRwdq0pXz|Mvs4ejsxaxi8FqIP60^V?2zoJEDamP80WlJ6xtTqc
zmh&{7u4!z{IQsmP(koT-7yb_HPEB-!4$HI(cADLF18FL)rz4%wXtE+FttUh!n`!VF
zh%uNkTQr9hX;ULgu7i?Q=A@gO7>jsm#S#{wUT6h=R+MoAVb$4JZ<x%zM~cqAWb@4H
z{wshmCG>u;%6+HOHOe_WUeiJpgrl&PCY?(4_{wvUD@wc1!<*~6<{;;>I2I-q7PoE)
zhUBw*__B(gkSbcXGE>F9MNQ%ZIkLsrgBhWpZSU20K92lWSf;FC+3jmtyMN(sDU~Nn
zizmLpekN!XE6u;Sb!Zb{p{W($g$Y%ZUgFgWT|-lgxPMRSG>L^(yvOqVB&p{D`VHnS
ztrmszHfQ|+`!DxA5L`f=wC`v$)qR}!{8_TJFllKRdwXdqL3X3NiZxc__8fA$=B$np
zsVdC~86KibF1>a-T_-jx#x6_Tymk@DIz?jBAHUQ3YJ%BW7fmglm-_mmF|lvD3p})#
zZn4NT8VuH+oSMo8{-~^fJX`)$QwOX8hkCP@IDCh}a6d~FYrc(Ed97c#mK<|dr!C&d
zsL>8K5`?_@(VS+UOA3(?y%?|(%Spl_-f_|obeFOayN5icncaF4i$w+EYr9s3TH4Rv
zoT76V{z*pIW!oXDdzTE-KKzmVC!W-GIEJ{zAInw6yfyPhf4?LP!@cTK;wIc5BARJ&
zBY?$66cict`h`T!3|P`_sy$A6Ft)uq_>#hUeAANUv2~<~tAQ*;E~HQ@&|BHKj`kDA
zlNv=jkMEp)e=diUA6!T860T<JTm0qG*jG~2pBPV9j585=eDT*tw!wNkj7W7NnoOkj
zWZaLv^7!ePZF@sOdASLMPWJ^LmR`o^WCYgN{xsZ!I$iZOZKgMQUajY%6-0ZNye=)G
zqT|v*LB=f~sj6<#0O%*Ax*gaDv=3i2$XC??&T8^%Ts6K>VhXt$5<2SS`lN9p|EdU_
zC=y|>34ZKkso>#x#l?u$>Kh!Sgj4&`kFd?|_qIh3h#C_xaKektP~4*qD>k3(6bxZ7
zLO}Z^>z{7pyePhvJRrXFU-b@@-(|{h7*Lv)^Fez?(=;idu(XBZmlB3_z%qcM(jvEv
z7ppI&jJmlH1bVyx4zWBie3CpA20kr8S(pqv635n#PRv5^T>?x$R;5hGk}O$8Slu58
z_44wjX0T%=l}X~ycH#apv`o-K?-=9iWSR;dl{NcVd#f9J*H+PA23<1qxtVD(-#d!7
z4z?w0i|Y0xn*4W6t#5Zz<bUYO$$cVaW{#?}^DEg?z-zGWJblxhSuUxULD2WhM3M8H
z<U%Q|G%qXeY{Ays=lzSlG9}O2H$zFnKpw_+-5j<Od##e5q@}^Z>^79!Gg*#MXE!&5
zTjO%{Isg{O40J6cV1o%N?DScbG7yD3;*$(oEoCI&N^Vhtr=~Mxv3OQQK7``#URM>>
zulM86AI6DNg)aez%>*P$XQXXcC<5=#pF5YAS;U+av8A|DyWxdv&Eb9(fAuFD^7q`#
zLB=ShBjI4*AuFhR*AqtB8a%NQr7uY4OvpT-g`n|%-<_SEJzE6X^Oqe#9tT!nyu#<n
zml~jrTtm_!T}oxD9=XMR1_jQ&*UmrYhBVe^vvbm)%luANh=|ebcxo)S8Ybft7yM5b
zKEuI`)eQl**F(kJJZCKPoDQRy1C`?7c-+Za5Me%{e%2Be(-JTm1bZYTVDXLN!G}xn
z-c@2LXqO0fG5q>{I<+kV=hAxh_w*?5w5p|g;miPO-MN8=)#FcaY7fq=i>B7%XR*{n
zT^jk-Dn{+#TTb}&-}E$iG;(!eC_8&A{J}=(?qpL5+1c@uf<XBj9S<8T*)(Ra@yhe`
zB5?`o@70lAYHsO%1NdQH_1diV!eAljl8Kv}+hd2FRyV%1)C$XsimcuVQ89C*<@m=C
zT`uTzcI(^Ff!W}p$E8a5WGxq<f_)I1WAxX%!~A>vfi!+q6&0~Gfsm&Y`5B=l5J3@4
zE;sM5mujB{7OE6e2(U@ZLLnU*pQeg_HViLh9&D|S+iWw^4f<Vvo>`1-%hO3Qe9u~4
zLn}~;9GhN_{WJHGa%1zm4&#%?`S7_pQ~8IxQ_$I%Mq*wbaXM`qv&c7&p5ij@YI3_d
z0AT<CAl2U=qi1LtmX*c(-tc{P!#Jsg#NUD%VI%mb!CX&Y0N2N#yv4(*WodW2Klu{!
zviN^+lPv1v8HGrF{P^jeu|9;FHA9d!q2kjAzo(uAF{AvSnJ9yZoBhY;7r!Qr>rYBa
z+I?>)s88(~kKjEcYI^s<z-cEbJu{}R!d1LZ(&n$(fX8&JFRQd58FZ|(>H0>=c7MvE
zEV=2g{^nBKBSQR4R4$6uNGS>Z!s7wwa<zVXNkhegPVwIRG3F{gJ0T-2JSoY%ZmLmp
zSrqf!)Rg|+yNtM-8~U;2T7DPJoUm8EQl@4*?><;?`n#(GO?c={O-Ff%jmxoiDg~We
zG1E9qy(p9|#c)u>G2RC&tN6RSz}m{Hs_w$g&DFMmLuw>D)nbsK$2o=8#!D-yo!y^0
z-Rly_mUD0apFgqZ&>Oj>NpN@A^M#P*MbLdciJp;B<aob4J7;M@!yo3J@W;dFJkuN_
zsp*v83%MD9P^~h+{>yhA%nP4S<BVGz37+xxCs>(2pLQ<262NgzX-Ls*_c@PcUeDUl
zhqC&z%w=JNQB&e~`bEpFD!06OEkkyhQjDexnqa0?y4${ECM_vumgZs4TtdvuXrBDA
ziIZ?B`^BsL#)~b616I7=WWJeHEj{!0{Ilm`pI<pw;}n_W{q~QVp~-v;p6~Ct88;XD
z!#JwC-0k~j?t9P5XW9WIziY)DDk?PIewJX)lBE)AyLy2g9*03B*4qrCiUUpWvhu@G
zFxNn+4MkP!x(;qccu{@5o~voZOa>*tc@4gpqkOn0-R`z>Q}|?^<Nz&KSf$aPsjgEz
z*q1|;Sc2e{yVwP^sFon~UZG4-NW~@*JYb=)<@~XuR#zdSG%r~F<R>Kqd&AHA{q73R
z^mW-c2DfAUb|E%;f;&6E*3GN8nsBI6ImpwTT%S0lwQy9xV8(MsY<6igCo!HyTo9WP
z#asTofP-d=i}dc?i?4PJ=bGhZWx{rV)|tcC(5@ic_+LF23fGg#prh4o&DTROFaL1@
ztKG;Z&{BoXyEi`-5)7cb7F}|3`0;|H^q+GHD$q_M-Z6@guN#wQJ^Rh1$!Vucb5Kwm
z?Ntq)SYKaP2UU8wR#LVX6-GE1eJ^gKM2?dud@v3(gf3E{xWuI->E}mee^<elTp4zD
zd3!d5+dq0=j$fRpD+_(QzgUfbIAz#7Jym(@C$Pi!vGbB=?Z=PRlI1(P?8bfaY^g78
z2a?AsuX_$+f=KUAq10{YqI_BE{IZ&wcU85Vflzk|X8)~6V@?HE;<lv@pYDYbHWtQM
zYwkiURr@}}qx)RjzL0d<l+`O<UX%&Yda9UYK<+W(=4-tQlgYR^x{m@!!NJH<oAsad
zWmGDdF%6cL=4%2Gr%r++nLyH>S)Qit8znTf)X8p@K*$zx<}xFQ+hl=HY-RdNd7KmB
zKY%zV-!#z<S_AIQ?S@xWXv3~=Jo&Sf7zpwL=#POSM-*Ma|6CR>+aDCLl%RzQ@qeOJ
zksk!Yo6X@f&0g_!r4(3~eFR!p8(CYM53exMwb@Qef5&GpEXqq*n-}y<j5(Kcb>#JZ
z;HbV?^tzBhvZQ<*4Yg2bgMbyPeqG4!Z<f%g9M<G*83$#}-yt?Kgk(4jdT!tJucch0
zb>7-3eB8)GTv}CAKOTfV067mpoyTI0+g<p6@;*C4-Idm$&W+x2{MaA5TtZF>m>q53
z0?>=8zeuTAB3l3$is18XE8AgII&iB)X8|}+4^o~JvFi8Vi7q9hr4JttmSygWzzseg
zGrQ`k4vt`O|HFWH>5g>DZ-XpjR%H$1HA<Df_!_}t(@K0q!qh<5sT>({A=GL7CShg0
z&P_dfwDfyvZGfJyIP=G6gUF+edBA^kT32E5z|m}$1PB$)H5m65TkSwcRTx8+Z|=$D
zIe|+d4?(Que;peFmSBFyO&+WbZu3t7hoMc!5lZOkc1&?y5YOxGty7NId($av#{4EQ
zQUdBhDG1Zy<f-X=ol7#$ZZtBl8zCgQ5_)L`2ZY?dSvZ>xs0kQh-cx8I8nCqd`treg
z(0}JC$ZwyFd^u8A=^7s(U=`DvJ!M<9#Usdp6HB8IZuM|h3R-DHLLDd6<t1)ifczv_
z{1jXNYkK9p(WtPkvMUowx+x~bXR>n!tNZjM?R86SZSC<<UF7j-m%%aol;HU23<*6P
z)dSiFKphtS`2&I<Z781d8&=PL`BP%(dUX~g6O0Rh9cKaIist9h(rJ~wno$Uti7vXl
zG*47^EzNIYwurf0Z0EVW`~s=bXHCjycvG)RwN+8P>Uus;$Y>a%&D`585gQuE+fFP5
zTKsBST4e5R*Xpp#B{^<EK~lLB+=CEX$(`^f4@~v1qQ?W4enh8f{2CT~PAZw@1avO!
zo$<CvVxcpVBgf^0ZXY(@7o?~5gab*ZPenvP?-88&Dz^!wEaBm?Y0pJiALID~kV)YL
zH7nOWqV6GI$yt%L`N0bnj3&R&IG}*|)i|kTbqA_Go^%R=zTI7A=Pf;K90Wo9U`EWe
zA&ft)p4O}}h$rk)Po7gUa4eP}AvxJ5YJb6RB!<X@A3f!Tc#@EEi0vZ`!JOv*ha{dJ
z!cHMjiu}NnXuA20k^J~jJQ8}8+I$V@IM(>?+YD5L1);ahc652#`FYwZ-s)k51?qjB
z&0Sqd6GyxXGN4)tbYaD8O0~n65B}iIHvoD94q*_gUxr1m?;xd)@?X@1+P?+iU9L7T
zV50KxFG!5<5Ru&EzZ)IUobo~qew_<`Gi{%<XRhd7E(0<ooT9<UZ&rMrg)Av=PkYja
zl<UNf?z~1&_37z0!#Oe~Zy!B+goUg<=~lrmt_uVNn=8$w`5h-lOX_dCfZH4w0ZQ<@
z)}zwpJI30chLKzulG^-?@S`nmx>Ez-0HC@j%`M=anNj$NQn0S;9HDmhF|B2=+vC?U
z1Y=|7p+i;`h-BMc=hF-SebMgoM7oKDgoLnS<tZ!wZ3izlELYv_>wh2vyWYs&h&Yb^
zq=)6ydH>_od4NnDrEkr9W)Bbd5m-X_Yi4a;*WBlPyPeSZ4&)~OLCXU(OvwHKgLjZ%
z7qU0g_E>5WgrkUYC2}0G__A%l@-i?(3FE)da=cc1y0W_&|6gMSCbFcc=J%9emA41J
z&7;WU#_TF&_F+g^M~$<+{rWQ=0ktoOta~$O;j|S>cC+IgDE5?<OsBj~tg*|`Z#JRo
z)+S5vs#AVd>S;9=gp|CV30?pq_iafnUv}sL<j+Q1K`R)%aPgk(mK^q4o7GO^wmS*!
zR;v@NNfWr71T_-U{HWz(PYou`Wl*{lA1>4$a|f4~_gvmrcBalK9-dyfl5!=-k=bvP
zJ6f@5>=fcA{9FIov6;ere@lAlIpixXkkzA8g9J649TG2hfMHNBv=jaSp0(@?flA}*
z5|I5YtL)r;vxzD(1AJ>wc(}?SUGQFHIa(-8_qggHTL>P=wY^(XGtdyaSsWMAS6BXl
zH6S^E!XLa%H2I#|W@tz1=+p}HC?7BbzFe~WDhGfu=-Ft2(C3XF1C`TuUFq16;SGum
zsmsUWQVp+{eFz@8!{_Sxj*&|DPqG_byFUTizUJTErGsu4eWAhk{^q`mpRw-}F2$QI
zHuR6Z`9>0K*i6qdhSQA(-t0W~!V7I3PpW;P;o?H(sB}u}-oEdss)j6TeUtMlUE0Qz
z=tBxkZ~d;rNy`J~HtyBM`MHDx44WYmMHo+xCxDYk773hqJH48kzC-~xkJDAMiVipo
zp#|yzK|9cGWA5&B)th4tmd;WZSe!t9HJoUA5xfSLzq)os#)V)g3@h*cRr`>Njd0_a
zKfbEv9_;Td!j>dbSt?&?v=5kn%4I@A17`ylK3`hQaL7Vp-YC16G@DELqNC|ZIs--|
zXWL0?Hw366OK_r<$Ad2Rd&bpbfyi8g#Dt{q>GZ)aqL91dx)82BD;TBk;_W{tVq#EK
zcyp7k_saf$oRL+~-z|u0Zdm>w?3CmJAzK;V-ri*@h3~)}vRf(9Z_F2!RZpOnnn*K%
zATmzMGB(}P<lBvU5(hIjt9L~HYrA;}(?NizU_XN?dmO>oss=EACco<y*;W!T&>8e@
z&qYoV^k6|(ny38O$*d=YHbE)y9jkx@@#WIB)ZT0Z6-zJe^}H2^5zy8^m@Qe+V_+)<
zyEsTcJ|F>|{xz!EDbjVwX;+Eb(-{oj0p6V>vVo(w!irZ%Y}gXsxpZJRO{j{wi)a`s
zDNsenDf*s(@J!9sJj@Ss3TRx68ZoR+0?uM>m%JF#TI=wSpXwok`2&NAu}0&3cBgMa
z_vh0?ane;jsJG47?g2Xz5Zg66UP)4FUApZUv9RB`EO;A_ZL^NmU~ZzQ77TjSEMo$4
zp7Ulcy=3KG&7e!ZCRZ{7@D-}`V3s`<(pqomJx@G^0mEXTz)sQk?^Drz8V6nDM(J$T
z&y6(K#TPsuRHC#8!k5Wd7JR1{ubkKMKz@Dt3!dn=_#{s|2TM0s{xGm~C{}m%>b&iA
zYg`PYI)u68@wJ|ow6F9$_9E<T+i#dBTy41JGpY(}A9=OFcI+fCO0g~>u;Iux%GLdu
z1hbj01W%e??$*n<miK%R9}K}fR>jjmO)W2e*_XRSe<2;eb#FDi*(LzR3V9<JFIS65
zmLlV)B^QG4^N$kGwCsP(v{ZOkn6*D4(aq+)IC6s$`F4y5bu5sU2%YxxRX^w9>6^j7
zvHv5gQIHY%4uzE}DFW9|>D+;nzUaJw!=BLi!45vYB^47J;=HWm=Ldf_gBMPZR5afX
zbub7C!4IWFr2(vYnF`p#;~lvz+c)5%M9BXm>n)?AirV*K0|e>rknV06KpLb3q>&Dh
z9C}El5g58lNs$ieuAz~T&KbJ9<2^pl?_cZv0Bg;MnKkFEvuEG?O1!S-&g*C75>GDz
znh_F~M7pUd0v8uoW(hcP3r>wX;fl#8gx9`Giq70bqgg?O$|gMr0j*RuIawi_$wV#Z
z6Uw12E=p_>fBv;Zvg=*bW@nteNM`pVr1q^un=$dk%%u&&(8x<T=|5+3-j0oljgWjN
zR+j-q!@wY_c4xZBI_$K-R)<CH)cl$I8+m)ns}gW7!EXF03cbBqn_qd*oKT0kj-8RW
zoPqmc*v4Xlh#x+Vum>%h)k^g*5L~3iRuZ=h)PV)|9qMlK3J$`qGYZF>43Y=W<=%v`
zVR?B2(PXsO*#b7422IV!bHD1rE3H@GRr(FAy?M(C;Z6Q9PPe+>h`Aygv&&4mpZG5X
z-pmlMIO`e5hWZ?}zNAKr*hDXrc)aESQ#i_MfE#05P!}OXOSAP?;Uvp2=Y!t?oxVI1
zH8x{Jw0E3jyBQ3sG3S1K)2QIqt>uNDG?pHX@iQ*}3-WOVR5bKR=P~gsl8M3QZa(W_
zZZ%3918U!6Dc2NnZtg#eWo<yk<_Mp0bTp>dMFH{ganMz|)uivca3>4v_FJmUu6=#=
zRe&Py{ph(Af{adN3e?nT*4y=du}SlPbBeB6uqamLalyEAC*|Ars0BJ+m0=zo>rSzg
z=<3!w3QNJ+wgo~h2*7VI9d0Oumac^;hS=o#cx<mQXH2gSgF-W@K)%m}9(Q7{_q(+L
zeL^v6q#E}cXXAAP#yxPyJ4-5B8KL+oU!O;hjCidsH&<zf2iUk`5^?B-!?H8O?pw?O
zsX4h9c-htKvN#RivJ~{^Sh(e8P#X03CrfyFKF~qT198}VC}&^}vR=FsYH5XAosrXu
zv~MIE;t&y8Cr^Vz18Z>T%bZ#-k{gFAfa9-TwPG3|%Q(_q%`g?QKGq-OY`GugrSbO6
zZTq1!A=o{(qTBa9E0whlu=}L^C~id&|47Np*uoloqLlbyCLLy>sHXhQ_4rsus|pww
z3jBQS+GCX^um^}Ar?gSQ86gZ@pctkQ`q7LB_H5sM+?sdmdFnbAlYJxCH|hc5MZqMT
zdJU-R5n0E}^~7VS;H;Zr_HlhKXh9+1o^S+4D8msta(i`Ya}3A!Gwc01wo9jVag;rw
z(mqPh<-ou$BikJ1`C0;OabL+?i!SiYQoTj}?BHb`5$Fcc+MjpPPEG$czg*m^{B#m2
zZ^CA5_;uxeQ^?vVkKLqgad>z_(D%6Wo$V92rO8Vo86-*UE}-r8;WUl4u2^j!Ny)6e
zM16N6a&W>305`I(?GMOmJt>IAc*xa9{irsy3BC5?P=XuU0+SKucPZ>0t&>!8GCnBN
z0c}L>4+ls2BQ-pphtk72eAF60%u*kQDTejWUy1s>8eg6W_Bm=oK5Bm=f?ISu&o~H~
z!s=8vn{q$qN9UC_0~N3%QB2fF5UF_~i$3;5o!=zQQgAYOJ$b;*i252a2~s^t{fr6Z
zCAQ=#bKpauGlKf@8;9Z5YEY6BqN>>QM^)XtksvxzOZd&$NZ%b>@@kuyqu@~3>-l<2
z^69m@_N6Ftrv@r@Wy+t*^Lon^Kuq~OTKSX+n1hwzn-cOzRuD8w!DvU=3oF?}Qc#cx
z$f4u&zb|>}tZNPX6VO8D#OeKN<zalx`G_x4<Ks&3NKRW&hEoHPv9Ymr9Sa@Z%f`mW
z>!l-qJ4Iy`FQjZgb4DsZ`{YJC4ma$FL;q`UCzxu$19hpv9SdI1cA<?m+=}KWU+*7e
zbd5~Lb+64yzH!=~q#;gQ5(ENK<#AxZSM%F_%TczMNvVm#b?dZm?<p|JsWmjX|1IcY
z8v~4&E#>wB@38rfirqkXre*x(pkDV|oIl3v6EiQ%UAolA4hlE-^Y4Y6#Mo->ua!;o
zp;J8s0Q!XKg@_iy<-7@F%10Y0l`(inEB*4}WOYh`Ctyu;+$?1~`qq_(K}5cPm_z!T
zQ|H&0z+}{ZIlniI;iP4eps#sxU7GfZFw8!B>Z#AJLLt`VS#H5{K;wyb=}IH=K^bN$
z!>fbFMy~HCUPX{K+&N!4Gc2kmb=2=9b%TRwGB2L)x7xqg<`V!cOT)#qnDct2WVT5I
zN&T`5ldm5%y}%0jrgvh+m&vNa-tc&C7dyCN`70bw3#jXXbM}o`Fj81X8*S(P{n^-v
z>htC2n=Zc|?yks#n#{Uit*@`Y5fz<3-x9xCj2w>QZ@JmUTl9VSjT#Zo%Qd>{d6gc5
zBXQT`29h|C3JwiUZ$5F|8U_4eVk$Xh#;s(<6Eh49z5T?2@3zbyf%5{SK)`M~oX)kP
zR)~CVV7%eMsXmoBlU=Wt1ZGH9<%6)fo)i#z!&riJv-7&)uA&`wI<q2gtCgWY{dg`e
zMA8Zpdy<<H_?<du;;$PwR>zrshXI@^q^^-d*7S6+SXoQJIk6X4%SK->3(44xk3rTF
zjqm+kpEs;k%$P0IMPIKY)SbKC>*@HJ$+)=EBEzT~C>>OR(nJUB!{!I7e8%3jM*T_d
zi?3ps`WyDVHncyPmZi2RAG*V^GgfdY@vz=`GkyHwY)a{77XSzrDUs(DI9F5v$49#z
z)P|m<R*6FBMt;rjuEiNf>1jH1D2^A<A7wRJC?2Jo(#{$T_~e}*Hvz!sq#JW)C0u5?
zZNlp{ugupUE)$!azSnDE4Vzp6JVGir@FD<nTNpNf^$MA0bz9?p4Lg9FO++tceVw4@
zbYrI|N02X%hKA<)IzinTc=Bk4g=ay@9nvmmyuHRt7S<XFI9*&));DqEg^{Se>9UL-
zNBLF2s>h@3D}sQX);X;}>yi;(E`1i#Mka4nWyGzyGQ)}|3KQ2YeQ(!T@8$aD4tNVE
zm$k4nlM2dKF|0imfcPDs=Ul@%(V^b)%aH4m*`JlOvTnx@ctH=jd(Uh5Z_1mU@SD%8
z&Smg7hy94g(5l$k*og6NP>ua>tSFqsI0etONfVw}t>nzFmL0B3qDuDak8l?<qY@L{
z_;o&*k0z*_Jt{l>D09LoQ@v=o+q64bwo{HH!Kb-Av9_OYnFCFV+D)^AZq^g}sKzVw
zx#~D*`BAR`>vG}^`{1s@a7JKQzR3$ePXyq=lhA2v#*_NG23H4tOG)NXu$0B{e`=Pr
zxT{;5ZT4Y1yk2k@-u|tApXsI2YC|UBd*nwmxaYidVSXfN&nvWfgB2rSr(-cMgKc{8
z>&ki0Js|$vuqRtLUE4CV_c8MPq5NZWUn>zIT5m7rJi|OaLwVl1TSSTY=2?D=GGtF&
zD=t3GCb^Glwuxxw{(`8b(SuyHm$ZUygvT>ggifJL-X?3T#W{`HMrmurn@D}ci$cP`
zbDP9DgH-pbl3W$jN*cc0{gRKW>t&2ew_`<X{3U93>It(>%Q;%MmzQWVr@r~_;2irV
zthpH(`Nr#N>FW6STmjHxQSkKKjZaMlbIp`>=3y^|r4WtwxkZRM%(H(;oOwNm(Z#1O
z&M1$N0*Tpi-romln3zBt$40xmMA-h!Ek`zmN)PK_GcWr)F?a{Z9xnXGjFCK{w+4x$
zI8_)#X5Q1bus9fT8_v`9Y=@h~LY}|6fMFM%;Y*!ujS?V)MubIuvCb>Z?Uf$4Nm^-w
zk3&+D;a*Ncnovr7^DER%i3bcUN>F$)ki?LMa+NC+zNgH^*;T@}EUjf&l-9dmuPJ7j
zQF%ETg9$Fu>MUqA5>!QrkbR6(pppqDnXH{+AI`V~QTd$Pwlr)r^z`+Jap91~Q%ePi
z2|DRJWj_Ed@VJ_!!0ET0m}eYZSYbVyX`B4qHAmEc`$yRDX{Ea4!&GAT*4OJO94ka$
z^rr+nCjJf->_t~5YjGj!UIENaHG!jhpM%-J9jzk)Wt%iEC(+|x{LEsjR!G)yBg^R9
z`2J<@y|P($DDpxd>E*9@iiRe`lZlDmhP6$@Dw`Gm1{CkrRy)9Ad5ufK#;l;F%CZcx
zqB(2}V8udGP#y@HJv|}6{#y|c>8Ef%vcQ(rhFiUT*jv>@GMvSffA>S7^3z;N|L6!{
zMz%(r{iS|QTGmTm(H2?|x$@RgEl#-bOio?hJi^E)MkRo(N<&HSqLbXq|B+94c{Z31
z1!_8t&!>@^60*%40L&{gUTXeyEtgIWYp-fDp?pJ;#9V@Ecqx-7uY%e#m3|1n-urHN
z$A=ri*4==S+-?DlP)^|#Xm?r;hLcD-%=61wi!d$_5`xC65)h;aFf#tiV7r3i49088
z<ajf<K3o)}V$<a?NOOZgBW_dNhR{T-hhxHLm0F!Kti>DBgDhCOl@9f|mfu@`^g4^F
zi{;uysA{(b4*=$wZ0}nh8PgTW6=q@*@gT`#NR_tA&`HEP9~ajcJIW^SeBCrckA34z
ze)D7$YhS#Q`fAa$BF$ms-B?GnQ#;*`4T;Yx0%74e3}#I5-nMt@gt4vkWDJ?$iH*N_
z`toe?ZnZo0u1hmfXC~bf%lWkj1eyA|HyRKYCR>6t0|0}88|Hk%=mVFr`Df{?pL2lu
zNWK5c$Z|6u9yBJ=I|a+>w5Zucf4&q%6wz+fH&1vJ@U6}me4kE!yl;VR(QU&Pmz?>9
zi7J5NPJW*o<^~<|RrCC-Kuwy(5n#n~h{t>1lW_K4W9D;siQ!`?3T0Po{UaedAiqRt
zQmqulvHGRNWe52jL2#B)u=ARJAyEgMV^Kjqkrj#yzjP||LSc~W{YiLteo{mYZ?lat
zZ<_t)hk`Y5QHhDZIV$gAfVb@J{yN)hUt|B`ly`>UF40d({IveN2f$DK_k8&pys_|7
zWcF;-QO%4+)H@jIJkoXi{n!1L7l{JDf6Q=%&ixI6*6FN=pCE=a-Cqf#>T2uc)>fiw
zTM=$LG`1enoMWE8-1S{BBX06Gh&43&5|wGsPwgbIGnn79`|VvKVbb@OVMq<lQF1jE
zeMqTf4l)bD%Q(7=Pqw%gbiuLmtn7cV6)q2YWXvs1d`|@Uh3dQiN`47#B3s|Ej*xk8
zvwXQQGxIgR3y&oa>!J1K_Kt%TSf6O{#vHxaCP1C|TS1G3?_pgbu6Vq{N7Vw7tPhEa
zI^PxG$0D@5{Tp}+KP%7)t>l<FSa>fG3vLkNbTy=`l!*ymf~2HeySEgDj}jjuCBC_w
zX_)B7P>gH2TTs4Iq0%h+#(Iu{kxn`z)%Hi>)CvD#qUvXHu>j;Oy0xW2OmtpD?|nF;
z?0_T@NmZ3YI^9LXh~CQGBjWJ7b&9G1#pnIXd%9Q69or2Bjf82WBAW*dZdj?*E8m7L
z|0tR3PYI00IfEkvZ6=iL#Y9OqU6#|C>4n=X^~y0D%U|6{$4Z^M|E4o>8xayd?L(nt
z-wnRlkhthd)88E8INQj`+mj_mw%1jNyy-J>*CwoXJ<TlW&kZV^cd;C}_&dcSxqB#B
zJFQF0)c#EFFD5hVFzl2#yY~TG;?pw0$e5gSp@mnt^6Bl!Le3sJ`G)9_Lh*K6UWr!u
z7>G|x?9W2PDI5<h%vwOblxx!Vm2XV=y^-jme+#<6-vSp2UHE10?<&FqWCm*`Q*Alm
z<oRL*V*uW(97WgfcK=X$G$;6o^;2PYI_)(e%l{`3<{J-Zi@EW!@{7V;pQUTJomWAF
zaYC)=rG|qLAOxTKoxD3!`K&W(z~|3w8uS*QQ=&|a811b;hR}j9;}9$kWUuLA(ojMQ
zF_Go!?BOsA=Dp4g^Jw1WlT-xD(3aj%Lv2ExKYNOD*4=Gy`G;>D%Blo+G>ELJkl<vl
zRC5UZVwCy=A6H$8$th>@z1L*5$^2h6avB(Wj?=~w&eK<i{4CR)s)t(Qi&`4r5?}YU
zsOW;elij2?cFqbM>RcqsrB?GuJ+Atx-&(syZxH@v5xN>0*7L(HdRSLwORHcrvus=C
z5}cj$7HP}P6x6kYFC|6fN#-WXcDucfO$Gkq%xuH*GTJQjh8g+U$mVxs3j5B*w)lIQ
znVC^Q6?~W75$ED%y<ye;Z%=SbiTeKRn?)J%Pfo@18g<tg+U7#NPsK_1H)XR>C}$OV
z$OKC5!O{d2VIGA3{*77I!IF7R@tv`oM}4G|R^V`pZ*AT0p$out?(*mF_~*9N*tl%#
z<+Zn20JB@c0a)-;jaEsl9Nxg%&ZLdRCH*X{O1<)|a@h$tMMClKhxFO~b$V{73Tyf!
zoaEMBQ#Cd4<!A5ZgX+BB_G7l!3o;*&0jIzZX^~ooEbgn;mNR^d(|fX@=bm$&)MdWJ
zd^xFKnQT<L7lCLK?gHh8#4Wrn)9|c~{I!~vQH8#Z)TaW8O}cfsEO)a0Bin_AJ(?k{
z#(Kx=s-{)G#!_-gkq(ApJa}dbw-0#MZ#t!TY4iHSM_k`}dL^Psz8+s<Z8R%yjV7d=
zmRXRyS*KvC(*vX<SV{jLTIQOvAab-lxu5Q*71}WcmSqR+Id%G-wHj=SOdM_clxR}r
zZ2UN!rB(MzwpfGs;nrd7y2Q?;l~ve>_KdHcwN7cZBMIMHi@ePiCIlvv-q!k+z?Uf4
z>E!sneUVsrCg0$`PAOo@CD99;MwgyjpQ)MgA4UBpHABLgok?CyYM68#z%J!`$^%&J
z5!Ra_T(-HBB28s=582)ym>K!54J*4=`ef<LEn@sEVj}3vve&Y~H<aoy2}NNT7nF~Y
z3?atG1Dc%k3)}*Y8FJh6+Z&)AkmQ)T+m}|^TMwP)TSYmpruB94IYA*zP=!;<k9FdL
zH<={r`Zh{zU72&1XH=M>5o$k)BdZ3jNv_nBdquxNNgbi`kKEL+EsAR^pk+2<3Vn~b
zUejqpC=GbwH9eC>>b<!@P=`=Oe~Yg9mjm*{Bv5Z3_fvv4--E~Jho3_UH@xLqHal7|
z&P?P*k4DIr?P+`ZOz;v19cF?AWc=g???F9VX8f-W&{wM1A));wbZ282y)G(pQ3=ze
zRngAfYqJpp?R2mD?rYXw_&C2?)mv5C+*SmeNk|7mX(a^Fers!!IKPIh)xVdcKy21_
zO=Zdk_kDFBs#+_>wBT_XTXaAj<H52Ub$&T8vuR-o5>AU^n`+kz{fiOgP#krx%A+<P
zK(G9=2!8LQsjfCFG`hGQ>t|(nv~GF19sYhe?w%a{#b84e8WAD2TSagdB$Th6skr5R
zSxWjecaPf4w58fe7e;pyJ<F}d)R*vtmx7eCAtX3O!%N!*LVUJS0AzM6VWda$!Iw6<
zxHC18_%9<ws>yA_5F?T=1)U7bi)N3jI%}+vsFI>GD%6#{=t&|VyW>L0Feke#@za`_
z*nLekaXa(O7kwK7$!Te}*_djIQF1aCWwRK|URG4}c@Nce!B2K%Voe0QgZ+A2vJ|rz
z>Y>a8XvqJxs{Ay7%SYD;9Qf1a>2!z-mdK*jhPN^ZJVf+G1g^TS>#2OEZkr<*g%KCp
zvo!M&oxGN-RHRF!)?HbsOs3ch$N_|fSehBQW?9!Q#jc({mamSHz)6|;_RA>(p%M9i
zadhjx+EOM+8}tO!8NuG4M&ZMIXuucYy_o8Hq}Wkc0_Mr}gPdo-H$*r5{OT;MH(Bz6
zM)B0Fx29%_3wFlij-6g?r8_^0zy#Ivh+Qc~`4F3<Vn;u*MaJUN2%oo5h19xCPd>iQ
zqEOp}Q;1wQxnkKjt7Y>ALu9Wrsyx>kodVPW%h#TnzZjj%3BIm+rf9Z`Z0d=2&(EH`
zCJ_G`E#m7|X=X6RfY(mAt8n4HcxJdywPxmk02e&L0u4-?E+R_UGQA(IS~O;B!=Mt6
z^$pi!nRX<}s+ObL4(_X+iKo8%xmH+U&BSJ`YZFk~5M&Eq^<2Ee`-@xsxqmCEVSfTh
z%zAn}y8dUzLfx@S`Di^FaMirhTi^cRAY;tYn6=&WmnJM|^wgA!Y@)yZC0bgNWf9g0
zlNpMwP52eT=32M{eGpGz-<M1tcb9Ocko+X&yz3Smn<Yj2>-cX{DYXYk;0+h8l>Naf
zea#-LQMw*&S@R)CUrptOyL5wRe1qr#caeQ<+;<)`1bB~yZbyx*B|$zFHX&L=NnN)J
zwseCe)_h6OKdIn|aevyB%S^{#qtIvST;}HSj#J|kVqNr`SmDIz7uY|4`Vw5Dp5+gs
z*)$hRyJOiJHc_}M3WV*0$xQ|mfu42&KIWS<tkyGH0;a5g=J4~5l?XzHa(wjZLz1Lp
zQ_D~J(f_^Upx&?ag850bVTgg1?udq|91G&iUpywa&nZg8bECtV_AjhcJepsj{E?jH
zG8~X2`$R=YMg)In*lj+XQ-Q{TcU9^wk3N<abu?w(BFX}+phgo`_WX-)EV^r_Llr$6
zy1wKos*PkbMy_QLKB|>-n9$kd?M%C1#e_+{BPD<~h@VaC$LlDYG6{l{I#W(8XHwB!
z+0kM-qUXF=4&JD~L_pR_;kcHo5Mez2SL;#5-AX*Na=V}A>F!29>WNt8@?ynM23gF%
z`w_vjQyQ@bVam!RVHh<b@9yIzS0}~JLqy|s7mOSZ1gK?YG9$X_5~?htzSn$B(1%zL
z8!R02!HPw2N3+k=FEd9e#v_9V+Q2%NK3!Hk54)M<uSw%3#ZQC9?JQ>Ph8nFYMAG_<
z1OD?62e2g$$QkKFlOiJUJ;Jm>;8lv4eJFbN839T)tVcexn`h%_O?ELMBJ;MttqM60
z=Bof&gN&pd^h;_9xI%CKaG8El;wcn<Qu}4YE+R0pO$S(fgd<$lj6@bhH(YRON}s&v
zw68Co?qBZ-`9^Hz1W*CVj1>^vXC{PC^L7<!V@=%m0I}A0<bNer<L1>h1|-{|0W!$s
z)mS72Mq(h%1b7Mm@E;4?B<T!W#eH4us1xGJ$QwC3^@csUz3#=z-SX9cx)9o*?%GE%
z_G0|c>1r&m<CQr(bLAq3J$o7?*KCXkflvJ*tXye1K2Ob1{_jO<sW4a1#W%L{J_4HZ
zC-0r4e`p-QrCX=PL;zZenb;5U(*Oxd=+yoocnFvweE}t;*KsEbX55By#=itUzzfXV
z5ie&K@INoA;UEygTcEt<R16E;y3cwK3wT6b@Z9e>TxvdvG`W8P5Gv1Kym&Eux=L*9
z)fqc&ljBDu3BX<Lr=e#5{Z0+3W&^puCExw$>+<M>jl=h}0gqqP?uzqG(i7wQ#k>36
z_5grLejuo^9^vJ(hQrDO?h(`o043{Vt7r*4@>K{wByl3r`5&hn>Hpv9mfQfCtZ1@U
z{#~|j$#Fr7ap=n9W&Jfgl55y7Bmii@F$FXivkl-p$mWH~(}l?hp4r$@i<$&{khd)J
z+u4Rfs=4^DUT@*%d$GVc*TjUaeG`RI*1mzM*SAf0F!cKCrrPXSVIADj@oN^CxKvbt
zCZ$4%`RRXd73XL8=NgGUxy;t8b4$EKy{Z6(ZoYF%-{vdrC`wT>n<8xanJy}yX{V_Z
zk_~?W*?)FMh%k0fQvTUznk;Ehqy06jf6)cn8JuCXt_?WQGD!r<OnCqE=kP9w0t5RM
z3rKwpLJs50MwS6txuH(ZSA#l_Tuy^l96fXF3rgdh%$rasNlQvkOou8j9tyd0uFPC6
zE9_AiOy6Q%AB>v$b0v$eHcHJ6Ha<!Ty^?RE+)Wm2$oEZ|d$)+|;M^^$G0WI2{t-ii
z_<l4q{4bs4K$p`P=AZyCe~;5FR@Xs%U53*%FX7X1i4S5Y@WNEI(54OKvAeVG6f>u`
zY1g)D_sFBb#@>q>S@52Vk*lapMICG|BD&6mlF6IZmOFd23qkANzu_BC0iMv=)uTDI
zfEB=NP;KlHRc#SpR*^Km#z_ogpH~yHK`70dw(H^g>n=vEvB%u-9VJ*$^iFpt@3GWT
z7!tMXA4aW2u~{``RV4#&Irzm_IDf8Uv$r?pkiUc><eqSC9+M?H=dDCB{~Wr(SRsW`
zDef{nHjLTSQ?z{$Z;@j0r1CLSu$p4#ZOl|RIQ7%yM^2c|oG1i(vbY7|OmjVT-rddg
z+_gN#72Coyql{WHZCl~EOu3*Y5GMz>jj54~vv1jY8cjvphD~)Y#XO%Y!g!a~%~-Z>
z=EmqA$9uOfO8RkSJQvvDY+i2p7aybU<QplSvdB)2=Evth{sV!zKHZKu`CFitYz?K#
z56RM$XUq3sE%phgetob+ye>Q^*s73m7#0#_XcKsr{hh|8c_;t89|BX1JtwJV4jrgb
z3&1YTDcjn18AS?BsNP-ob>V&!T4ke0@%4v4kH^ct>l4E*=ZIx`^NQGZ36ZVj+ezp6
z<;MJx2RJD9p0q#oRpLdp3!{8Y{zY)5AMMKt><8MHLG1Oq=gjUDI2Nq8uA*OWY6KBU
z-M4=lNx{yG@m!SDGNJ`g+QT?eY^CMy2{l&PQBhGcT%ulo7Yd|lu%$^?Y6>EsCs`}U
zY`g$rkCDDNz8h%hGXl1&5DN7PWg+;64s=nF;69c!k%2dOU{v!%6BC*QL`3P}@DqLY
z!<x}P>ombX)`Jb84vWH+lkq6O>H~aQ#v6>YzS7`}i{|m!+2H54Ob(zmkyq8mwas-{
z9_+P<?`2#tN9dZGH;=w%8%?Eo*zIkTs!;}4efG^sVUhCg<kC{meWnpcxEi4Pj!Vf2
zIvvE5l?{Hw3wm+!8}sL{pK=h}kXe*@=PF|RghV0wo2x6g+;?zKkKalSu?Bc=S;9uh
zwhvN3FaAtuTJ86o)T#CK^t@XjR~0Xv^#Hf$=DxVOxv^de9UuIo>)a?C7VoL8jaglD
zx}N&@QmK3rCA8z4I0acDMs7(BibEM??h}>Hv|hLWEupjl3#Zbg`a}3Zp#UP<Z91gq
zH*gv*{wb>vmY*W3w**$!^8<c}d*_}V;K3gMoee|ilU8guGJ=%M4<b|dJ=oKjl|vw-
zXk*}KSM*icrh^q&YZzv2Oqh(l_@k5`ri&G#3?~(rME@{OEYS6BU|_ry%NRvH``&q1
zh|}IhQ%*N*|8{qgN#(Z*s)w$P*sXBMz`hb*uSTr$bMqIy$3wl0w+FFx=NO9Nu{B!Z
zCHp?2cs3J)1O3H`VCZ5WWS3xPv)3WKNZ8xlSxmGkKgVHVF1&)Nod5LUAwFi^%Em5B
z|6{x(7){Z*0E93it>e6SZ0>PKUCLT2q;gwa1SU{-=UoJjF3lp{3|`0#-QCD;sC3aE
zEt5rP+aYk_A+PzYqfi58@RJ&N9i5%IJr3qWrl)m+Lqg2Pvc>xc20BNx#4wA?%F5&n
z44P&ubp~ow!*!p(d-qP`!-v4YK<RUL_dIAYI}^5*72(hFvThr@={MpRB)gwW;*ydW
zYz?ERewCC|*-kPlnFQY6dRtmsr{C)nL(^)z0kSf5(cRtsdvUSxZaf>9e0;*!2yT;h
zeQ;0~?^HMt)MVv1G&D30w9Q|VXBY;zU@2!nEnvwG+qmK%bagxKj-LZbFmF1JQ1KA>
z&fBYI!C^pTkMI<Z_IyWarZ14c8aYDpMH$t_3KCbW0M_T>b**7IvaX^tr}go!a-ZA^
zkHC`tiu3d<{nhv!XC7Z29|y-stRD1%z7zt1D5|R~`1-c2&se%m{Q2|7%(hQ*8#mra
z(<t!S(;Fn@P%`+t_~q&8!2Nyp4?0PCg>^5|^kIMg=!Nz7lkCs^#^$*A&CJ0m`&ox`
zzE@CSsIg@q!;)CBbwTvc#MGDlVg9KPx)Ey4?==me7&|3KJI#fK)-;3K@-|ZzA3tUl
z(_IMPrUNk2H>Yo}rHl@u*y`zjUDgOKUKx>r3>aSkOM6T~ULOAEhfLoe3UTkLVBBnQ
zmY<LB?pw8Vo;ShY<ilU3tPkS1bSuRtW~V{F$C_GNTEC&ECrGnR`{ZOx9<gCs8z;P>
z=P@)isKGcYZSNL^Q&b*@Z_!ON$@FQ4rR)8&MxD{n$eb1`_~0o1K5~4HDL8$L9&dom
z#^_`B%b(@Ua-R)YPZ`wwTod#^_t;~|R~NO}lI(nk#B<m64(gij(grXG?(UKS!Mopo
z)*`v9Mq4YLeu*5_qpq&09-o@Ehey*>%t4VwtzQBHis0%AUYccTRtC`&WNhpUrGVex
zmHpq23ee^!d0t{dlDr2^Hhrr@pc0LV!yFfi-_)fYR9kD~dj6&r{{}Z$EkHQ_;O4(f
z%gS<~U{CIK4jmWC%igDSDy$N{Gw=g`6<=eIt#JS6DUbh-^y*dD%#5z$r{})DzLfxL
zYiVhj>fqwSd;joI<+S2YA+b-_BWR>}NVPv(g$@M5b`jBp*s`$9)>xsx@V$3_8*XZD
zj<)Q7M=2{8+I_bwArqxE5nf%*TZ*fxtO?`7eSdkdV1r6^(IX1$?KL}E7Uz|>?w0I8
z>6Gg1A7cw_H;J9vV176B4wsOUbAvj#zFr7eNR<Ik{(Peo*)<%P(W=%MPDJK)4re-U
z1Hy(3J!3dC{WugNzBn4VangF-ICvD$jxVO9O<_3X_|aL-S9H3Ah}q@8<7ofY1P7_>
z1cds*>nScT;+%K7AD@>#!STHy4xLg*-Kc0#-W-&ClTPyI_T+o<sj19OVo?O+_(~vm
zm8=Bz+nbv-!Ru=Zd1+~OD8)%<U76V0p6iG38pHAotO3}}c4cYH2j6gl@e||go4d}j
zD`r85MQBt$5`~D{GqF~zH}w23;>>7Jlle<#{37~iWsz?0I##YKr(7$l%Iv27pF3Ut
z{XwS~|7b<&xj$>R+u(QS5gZztU8(zTXcz1tPndp{Ed>9pRKif44a3iBaFGP|zlAyn
zzWk)V49~B5xw%n1KdQDUSEi=;-6Gb0mXyohR?)9p+R!Qo2l=&<$o~4Nk8wKx+b$$F
zG_|>u|GXt*xVeP?(fzmkwGqXam*&DA`%9Q6JRhu(L$)356y)?nBGd!Bo2o~Pi;D}@
z=)3iI(iGK2LUmY5nyS(MZV(<5ck9s5Cwt249|Z>^5fBq+)VjTTS71N$wj#Flxf_KO
z&jlwN=UW+vBw>;W=8|&hyu^>OhRl$nT&dG-8_Dyl?*<fsO`Ak4?G(0fUw%P;xR)o&
z1Rs>9!!Rm0_9*uoZ>?KxUUl6oC6<AorN8)lxOr&C7sU&!3XSyxM5XPq2iWhv7~%<r
zo*W8eiXL5hxVzEPaV+7u7K%8pK4Ya{=}WerQWQ&wkAJVPVLLy^p5Lglo0ght8CCN4
z<z438{!39*w_q<ncO|c&*x}7vYl02JHzGVl0)Im^`#32uv7{omCD`aN=SYh`ZE04w
z`1UX`&{h0=wli1UKRUqe*%hgb78_3yvl(gtb_slMU}RffP=4rvP|3H+@BckxF=%zS
zEqfwo<<{lJF>aQ3CZB7duWx&s`tTcaX3e+P;d(DMGc`rxVrOFkP{1K5^CWD*IEqJM
zA#9wW=!gqf>gqii#8aK`w}3&@NN4-|nQ6+TzgcEv`eIa7ftlIa`^NL6q#py<xah0v
zstxRAg#)E&EB(7u%q4dLm3>G@p2A4Ou&8q;qkbNx=^O>N(z@^~yv#I9@$2H&j*e$6
zK1H@N+E&rm82;vL3$ih=-adQ0Ktl6y5(nl1VjEr-`uPHLy2kLLvfq?I5TdNl9+=cM
zGPo2%1EM9#sdykDpDt4{^QWQhw!oq9Nm33uJ9Az0>ruBiOdq$f@nOR{T;XVwBDvf@
zlLkXbFVV&wKYt2Q_Kj90mq_5ZWoBpX8_hz=Hx|RN-53_QOGiqA)%l%s0puu$mXnX`
z7g-)wR%z5yoXtfFOKVFydS;bd8=T+fHlBxzj{7V&-z^Zds|X*Qy_tZomG5bmX>wQS
z!m3;sh=O4~H1E%;DM_IoRS#hgFV@IOUYOAAIFyYDv)(RO`Jn(}bo{4+UYwbiD6Ohb
z)mT%M4<wh^2MP1kz(T9z20%8UqzGvvB}OmL#8)AM`6ru{3h|s|c3A7a7B0R<?1A@K
z7GqG3S(-kViW#bFWF$DCv+?fb75rTbPf(W-l+O;mJ{yx1Qg-;%Am}t76?|>!+vqNK
z-z8nS_2)SfGD_!DtdJ(dN|5<8C6H~Ro&p}{@=d;mI+3R5dyJ^|7%uZ2exz4xdM;=l
z4hvAa<uDae_Lvi;*oJniAsttRl%6D6{`H^KP&6}6E*4qq&%Bq1i=k!Bp0x6)d)Xg-
zz#Vpyz7G$77=rEI_Up%zJbePcfL>oC{`fmtbl@>8neq6Bg}6}@hP`>)Z&ye%Bhw}k
z4vm&-6egoDGx?U+)x7K`{ZpncQhDUx|2GhXNa&fBacND;xl|*G61DAQa&$)2A!G(5
zDoFHtKnac%LQ4ypSj0F!o#(hk$9WmhF&sN-E9!e4z9X|aB0;yaL1~X*j!-KJq3=^r
zGS&bK(~kZ%J8DH0Z31Ml9yEGzU@x#}uXTVWM~4$`eN}GtI1>9ZGO;3Mrch-uqho1Z
zfCho~Ld!B@38*bHzg16so-EwlG(ZZwHXWId307fR?KcZRcvWE^L?PdWdz%So5gN0#
zOe^;9aG!?0Rsu~r=kz4;Cf5`LZd-}#h2Ojy5o~)h<cb+mYu5uj5f=DP-{X3mDVSJ>
z`}-3sMM=jrEn7z7!RbOksTnUhS*Raxxx$d}0h1*QQ~fhB%P64rLcVyGD!@e2H314m
zUl^;3h0&){95q@&=qFlsJlFei<GOi`L(!GQ?E8k{xtiC?%P?p`UU|8WeOSem0B%x}
z_GTyx>;qn9SJ#W{$d3_`>ilE#E(MrQmwn+tkJf9vW?I=Ry%*2|`Zq#iC~XQaa41MZ
zKZ<$eRlcFt)+P*(P{uR#AUVj*;RI6P+m^%Caqg(R2(11BB?a5u=@|xVhtwUH9D6tf
zZm75#<EVr$RA?1j!Gfs{Kd9fvzgr?ABupcpuT7{mu@`e6aZpuFs-@}bxwuFYMGhf@
z&(A642K3Cvb#;NN4DWDA)*~Gj>S;LzaV0dL8jjyzQ=Z7{_~Q<;{t5{Xdvl=2JMA<F
z4JV;FRluTQ;n8v1blL^;bCUq^)Zm^YX6gK+p8=PW4>))_yE#JK|KOZ&HOT)*?7|jf
zJ1cS~NB7yrM9D+=(-{`ak!XS`gnBWCgoe8S8K_ZsMNcC!x>&Z@w)M=Q`R)%(R)-hA
zBL6e~b9#NFwpy(yGfPYMK)T#GZKJ6EL@!IrB09yW)2}0jYivl-%FzcH<U=-8{Kl~O
z_z?TTAGMW8Yf_!4!uvsq4YH-)SK>6|Vk7KKO4yhfz+a3KIaO%eA(oqGt@&ir@1JF?
ze0OWo*Ij}4Cj-QGI27beq5C8*yfsyjJ)&Aq_pZMSR;cdzB>n4C7z7){>H43Xa=PJP
zEPuS=dui4}PEHZ7NK@Koj^ra7mbrm}hC$HfF&nE9|6$pRk%i&;29M3VVplS`Y`UGz
zczUvTu0oO^3L5F*8NbI68c+VsxCthO5PFn|9|!yUyjZhpG(f1dA5G|tNoKjnPV=+<
z`Njnj|9A<}mu}(PB$XIDZhXp=ltd9dslw~;$lrYfLM+g$px9D69(BU6{lifSc{!29
z=?+rQ4Y>z@{aPj8jznaQ!0E5o{+KnsGVcmGKa~04g%kKf`n`q$o$f?sVn%4VVgQ(4
z5Ksw=&o=sDi_VJ;$0W?)Ww9C?u1&}*|GJ?in2!6m+5|7N#1%fC%xlA>el&3Z2W9&Q
ztEd^>NH55c_f%!_l~E`+qJ?iY(1s#B>S93>*mH}EpRL6+GP3^CU0h)PWajMrvBZnT
z#2E4M7eO=km(y?WfUM!~Eu}r6`hmI{jCkEm<%OXZ+xiA4r|BxAdCg@#NBdF*hcf)4
zw(@aMc3f5#+r_6uo|-Nk18A0qJN5z7*<gy_^7~EnaK*=T@{Cv-dS3N?JwpZbbVKs|
z<-Zfye#~seI4&Q*uICf1Z*6|hm7Y)6Wp^(T*t+ZGoc@raOnUJX&jkXc>h}Mrt!iFr
zQEhDD#}=6zU}k2O9Xe5y$)9@#J-Ech-Ho`&d*5!9)ZL`HQd)sup>taTXsM9Roz4n|
zn{dfj1-E9I7Lx&qN*m4%oVK>E7DztF7;zVnZgP!F(`9xLgQgGi=F>Bn2I0)u)6}>N
zXv*t|{`yt$2wSi;3@Tri_y9<n{n?Wre~dP|L<oH;_AwUw9Psa49*8#sURMcc!+fQL
zH}K+!_e_L59wR=d%&<P)BA!iB(u5u+kM^8Zkjw3OzMlBGbah~N-X8>+w5LfsO*{P?
z`eyz@di9osR-YLvpgV$&pY_$8oLsnga`3P{&6nr?iqX)o^|2`pal`^Zz};pFLC&)y
zzdPJ@;xDy{7U8I`<vyG9VjYM*Tj^H7(BFt+MkM4{i7#Fy)qbROAlcrNk8Q^egx=Ed
zi6h^69`)eT7@OEHej%ahwcSZ$?jM3>w@TLrZ)1gj#lo#lW408b<Abp;EO8)7$cHyo
z#Og|pYyHHTSq<l=S(!VQB>S?RN+P3jg?0ma<3JNvI8Mic7^aD^v$rqhnVu3!`P!>U
zMrJmhwMJj8K))<yyI0611nh=v0}fF*E}U{$nCJ>#dWm497VHR#zz2qvm$`fIW##(P
z8M@hHtg3)tsCctvHsVy06V@JdTUBK>sbXPb!i^hLZ1Je|b>?8DoL)tcq$G7dBU4)Q
zfr>8MsQf2OX3?g398yB-Ll<fhm-mBlzIk1^G=3)98ce|Inc{h+;M-E^x<w@8eY2?H
z<rTbxJsl>*yU#9KA;iVSHMv6n+YMDDLrMWUgH<8aT$(=9tv6Z-;F8z>VDy}b+bFi)
zWnn9E2a*_;%URql5#M;J<}so5D>sjb=qNb_!{!?bbV;Uep<Ar<bEY#AHg$4A14ZYo
zdNeUW;=o!B_nj_S=|PBy8PDGjPX~**Z=hd<S`OLhEcx<rtt@oZuh%TS<Q>iSvZZ!^
z1Ib7^jOd5>>sW_7EebiEZy1K88K2@mebR%5q4;coOj4P>`JKc)dbHZJ;kA2~V(Qab
zuu<}WFul5Qp5D-!M-}C*C~wm7ydKJUXa5&rIc+=C&OfS42~MhbP-DKy+4(TN`Zx+{
zJIKDNrhHg@w=(CgVZW4Bop}#X2XOnhDQGctMao8v>Vc+5_Y)0gj&#xD_4Gs-TQ_}u
zuWIY+zAIB;kJ83}kN<MgE72FLWOIzgc9eap#!5-Bsem`w+}YASH{neI<hOh}+KxS=
z{ABAWUD0DpkZXS$-&9#%Dl}xdRY=c7j;E_@XgBC+>&UZKwmAZYsfssl>~p>r8sp*E
zGsnmx$u2KfOMEQ?uaR$2{-~}0b-u}<R!PLS8Jr?ap(57d1doVwi~~WS7iQ$MjE8(N
ztm6uMCpu>;%-woe?y{!?TV8WIn{t$=Wih4L^(`f%+;uUAp*29C(xbUp!<da;8p>Hg
zr2}Q(oSlMx+F70ArCeC7izDgu__*z<rT9;$LIkB_^1yA)icdjK!+NBZhiA>lkDA5_
zBGyKi#CKnIn&~n3X4qzMhNwxlg&>0U{29%EqhQB{@@>!KbGE^5Mp{}NJ0<jEg0)Hk
zXXOHCW=1}gKz`GvK$piE83KFOSSZtKi%)(ULgF_9?8E3N_Xh@RP7qqWnQ?eTMfMd2
z;&H%YK3#$(h6|re+(Rh}{{+;VNluq(J{jZbtJyb(V56lUf!O{i65d)Li||uWiR~{w
z8L4kqkLc#`i%NiGVLaJHl#Oj$6z6QG=fvj$&Vj=N{4Uj{=pT|r92PTwYn=XZPWJy2
zWnG$jl3*ZM*;d=qyx0$qoURs;p@B3>3wn9@g4oY&$gE$o?Uh0f-HrgS=Jd9kFI6Z~
ze@$CmCO#yJVnJ+EaC88a<(7S8Xhz{$Zvda=7hH6Nu?5{NYW^gqG8A8M{$@imIe)GL
zih=#23jzPM(9(^taNmVwujNg~XlLX0;fp{N79#de!|f*LJiIrZ#?k<^;I7U%Z|`l@
z#bqh_m4lI^QmqJL&@S23Smz%ei1H68LEuL>WUK1&!aN>phBSS}L3dvb=gAJRfulp)
zKaM`X$35{qPmvg6kUJhtnVDVb2lp`FVz$L{^3OCYS*k6CqP6M61?Mqgj}<<SUOY2L
z2MEa8FKv`6CaHojbng1HW$6kdPfvVS)G%IgO=3)oWG3P5JP34l9wnAM>m?Wv3byNR
zpv>y~HZoIK<6dQZAYv#4d>~pk$g0#;WiO5RV$9jczFtrw#v#KY)yB73-OR6%G7EZg
zEmK!B(IO}=_v5{h*YQ2(nWsMwzApNhAloSRPaiu&=6Pa(cBB2`p%k%4BHf#b1!e%D
zc=YAXas#)rKG|*7VyvMKBh+=}n+=7sj(pJtJ&z7(Z(YBf(8nGTckdOd1zHf!jw+|?
zO%_>(sGAv)!wy~d^s(8pPe9!c;_aN6^}sbR*04LmCO5V#$E~7up*FMI)gZ+2EML}^
z#8`BB%1A<&Yc?DL1*i*7kk@1AO-2qzPm*wo6-!^}!OH^_AVyK6V}Km6gM?<j20tip
z8ylPG_DN2L-}9XT8WgnNw67M`NdvO~<s?Y}Rdp7aQf8F!zhtL5=>JK+RAGjDZzSnL
zNhPxXbvpp>?!{0hDtplQFTpqP4__=&Nedj}Y{mfW(T#J|9Q3t`Y~>B`M7MWF9D3Aj
zw?CW!wzEOc^#5iSd1$i15A^|eLihVNlHLF8arZL;4=HnxaN>6E)5)Aif`7EC8jh~|
z>93x@U3fYSW&aQ!p3eW9?+o<VX&G%W2H3ajvz(_W!0cc;S8b(NZ5a_)pqxSmIcmK+
z25c4xv6UNWTAVgqluD1u{Xc}Rc_2gN^yB|rkYz7~1{fE)HcTEjOq}ly>JdPLT^Dx1
zwG5C(E6Gz+n)&qs2%-hL84F2IZ~sXjtVMVxjhK7>l0h;?3xD4MhW=$QUL8=8qvmp~
zRv~_jSr7@?rj15sQ%re6k=G{7f_#Q5hG7e>4m5T<_fR#uAZ$WxeZ`W;qmx;6O6s?K
zxBvq6p0zC1&m<Pj^4e2m%xqgU11>L4$JrIJ5X6`N9YdN@(3L&pFA{kRkfrecIJyRa
z%^n$Mef=vb!?Ec#;7e+wDZhlwphq;E`lPGag~0B0eqq{(T&6-?ht#T8v@W9T>M`<W
zy*P=_2wv=2`yTRT=Tm!_IsY`dL{Txw@ONv=Ha{zjl2E9E4(;r&+JCt?FO6}Cw0W2-
z9N)4hFPjw>%wDSRIwQ!K4vij#p^f<*`fT#u&Z5PT=0K{SKxb7a4%yjT_LN@3zM}<?
z0Ah0!w3Rxv()PcvKo|aQ;x>r-{uuzubpw1nR5e2|ZEpJMqWv*NU)pzoA>}`T8=Iq9
zcBmYaMv6U2rV;?s55R6D01=>$gPnmL!;&rA+h<l(83dY~ZOA?u930g6sLj-)eTvVM
zKP3L9Afe^5Q+(EG&|G+7T`6$C&4K*NLEqwlFFVN<Ia&2%Vp0-~xHu&c(EAfeSHVgu
zqc*!@$-e#JRTm;H4)oq;Jg!wmOX`r7h%FqBL!ybYuT+M-Cw44Ms*RF6&+>-IvxKf3
z$jGfHXPf?oxsqSjtF4iI|6f70|4DO=Zg|{QknC!5-*X0>yyWm(pk9eASJa{p!^m|+
z;9u~?=14}E$>V8CXut8Np5J+S-NTHqzP_%Nm6h0n%}r|rhV#PTzg84+p`owv<-_ue
ziwE-2QBk=qQ;<Tz+rr17y*|G_i-+7i3mp8U;J#ZyjB|8cGKzTUzMP*7p@D%NgIZ05
zA&}@(S;?)XqpXZhMoz9uJ|~flkn3>KW89N7qck)$#QX|}EIhhyv{X{mwO3Z+#Kpz^
z{Pj!P-@k2~DS~}(>hIr(`FYVizUds%LjT)>QQ#OdF<OX!>nO%48h>o8qzgcG6Yr^~
zkcYt7P0?!P<m7)Q_qKyh=I0kwycayDh%dTbQj<>_to&PaNWx&lkwP5OGBR<=$)WlA
z^gtZ)KyB36ttM=rt`0UG;isCLotpY-ly5kG)^!dA*aGi6AE#OVM~jdKUJhsL#hZyH
z7lQv28vs4P&c~}#Jun#gi=i#!prD|&g98WSKj%45H#tSaO=@W_H^EHhD$M{c-qYJl
z0|HTyl9CF0pZ}yW2AWx=!Qd)eIwgk>9}?qYV{riERmac}Is*ekp{t_57xeaDh+8$8
zL;rhOStJ1F2X`z`uf@Fv;5fdTAmkenMU`-AE4d#yt@acWzOy)zyYcRCzFOU~53q@d
zkorG=M2-IT*3BH0OMeu+trvWa{DwwwG@mYQWN?so{m@8^i$1-SZjT!TqW5z#n)lT^
zCt|kbmP56#+CKfV{fD^ohZ!mc7A~dL8zDBzf!7mQ<4)E(ST8m*bGF-Vyx8VLK-J<q
z#kPPoTkg|)ZiD=a+mA1qS($??u4pVNl=&WrxGecTo}v?f+}hY6<sEo5Z?B^EYAq}*
z>>3*z8%EMnXyNI2ygU&Jq*K7Mm?_W7J;N#9lA@`IKt(;43EWP<+jlCo3W%LOZ8B|~
z5*vDrfx&;*V(le<LI#@Ldk^f4sg(#0x&Mh8=Iei5iV3pmxmb_dA>5q%3rI_z12$En
zf2kfovlPj{%3DBaVr^|Md4DWZYScIpD;ckwaVSkw{^9T+IoL^4Ofyao7I$9#lBTgy
ztvkxkmx&Zw<C1AcM@kE!c}|N<J4YXP0Yn=Z#xsttGt&2<vs_5&sl1pt`xcv+{*?;M
zkB6`rf3F1{MO>gBi(5{_BE>z6r-<vQR$G%cRceCA<5wMY7*k-J%4mPYq<tB<+6qDW
zJjABzn+#(Z+j>b4XJKKnF8tlzuIr{5Guxm@KwwSBzt8*viY9U{^2MEenwFWDEbS&F
zJOV=@wOxocvIdu$68Y)7^Zpffu!$Gyu0h85{Ia!Mc5-51{NjsXB&6JiTnYy`0i$g1
zYX70%@tjY`c2RL2rP7YAVp7{0JDU>Y1ug-BrJIa+Jd##>OK}Iawv^P@ot58qGl~Is
zG`y??y$s0V;TTEI)YmuE@|rH0=k7p3xXMTR0AuohW$ZNr^uI8eG_0QzP+c!)jKhG{
z0uN(|y!5R2e}0Fo`u^h00x3BQo21hv6>amuXCqx1LQaC!pZ~G~4q6oJ>78hyWo|Gh
zJ$%qAhyIPxu2NVKUlx5~rWBn95ctWLBMs!?0xT-#&e|}QjXp5x@!Ea<9GuTca;liy
z<GiWCiNv&_#|lLXeZwn3+AGbEB8*5+35rUT{Xn!q`$s*zEKxaL?nNrVtW8v7Br8a7
z9<Z%*tuxcc!*R24!YsfMijh$=hFa*K?d(QMg;Q#?vEN_WOGfxwTZ^KhyT+NsM$b3B
zqfl1Gf$!1<zYlL2qsh10`cc|M)Hs*c{|+iAZ_fWB|AGE|?e#!EE9cu7pJxXX#A&2y
z%p9!pK|N!l$)UTU-ZZrb;gM0&Q{$%j->`mGSPZjCVuMdkLf^;BR&zCsNz^>x;p1D}
zMhTG#Ta1$9W;&=Ui!t^HP%sq8xp2tRiikWvIpN72Bin(|@=pn+KHB)V2>!Ig(^<BB
zqrVl6%$c<5-t$O1dM^5bnShw_{|(|61OFatn)ho{O69UQX!hVp<}!h9W&2>MOWfpx
zH%%ZLN%$w6Nbo_gOpg3KDTKOocgsFssT&eWAMbum!nB6zoC?fqI0zQy6aw2!Qw5tg
ztv9q45Js0dY#&f}d|97cm<&lS^gef^P_Sv%Vm!0ZUp!5<g=A(Vps(aT_7j@_U7iWL
z?UQ%=?U`F4!}%@SSf;B%C5<m)>*bV)d&jLHYUBR)r=&~I9|7MDITx`gob2#g1#|PX
z=2@He_IG5|J(+e{mE+Rlzs#mG^G7(Q&(Dufj6<LA4EYbl@J;%)x{O~%1Th}$Q#!xi
z@yyeL|DG25QIs(D-6OZHaR6s2d0Iyc<r3RT*g5B+TVf;G?4G8oJTt8T%CfZd@sq=b
zh(sQ{`@ZF(wcAkDSspnz#ARs9ys<QcKKY>sa2*6ev`E5kEC0>9j{gQzY#1_B{D1a@
zIp^gFw%*ZN7iGMmxf!dWWKwvO*NORABZb7#yBB+Dm(r==-zN?R>Sn-90>dMpIZW7w
zV)4;x(?+j(#KM9cPrMf8xw>VF+8U=_a~w)be@SbrVtRjkX{w8<B+N(Vf!)nv3FV^A
zopfn)t{z>i=I|Yzj_agp6Vab%6`&>}r68iLa=@!-{r$Q?4p~|_V-4?PGkvS!skuts
z__|nsL$%YWM$D+hg5-L#gbSa#h)^z<deuyDk=~N`?yMv1n~-Q`eu@zN?3m#4ws5xD
zzeU`){eOlf=NGW~4p(`jb~SdEjZ?F>sGa7O2hK-?<YRZN{@7U}`dV4n)~nK(BrP6~
zZ6&X|UYv$F3&&C;J=2f^N~TN7;{r8kr3T$sI%myUNjli+R$`scVGfH*s0ke~O!Hs~
zTkHR?F&<;Sz*Pcq>)vJ6L0`1^FWwi`#;h?o)sUgw;_C&^SsC3OQ)ga9NtwIsK6@U8
z@EWbj$bs}1ExYN3+Ri$4MYhllY0JC)0o+VsivN$Tua1kV?Yg#6I;2awLAn_UX+%Iu
zN=kC*PL*x}DJelxx`qY`>24UhVQ3g?82Ap}`n=EmzTY4C4?hprIp;dp-h1t}_Igs$
zNfY!Pv+1q~H<`jMOOY&v==;mRj78&C98Fv`)F%aV)wCKRFt>N!toGR{Jz-77kPe)(
zEcgR=X9vUT?!ADAxNq`#VM-UC?c;l2+sayl)&BdE0xJnLe^Uca!vs`M+&6p27n+{d
zrqtM)R$c0E*y(TGE$*i^EBv8b_Wd(c4)`^NS_m^UVVK+XyW0dc;J-_Ohr77o7~Dw}
zhn(B&9zPCE?{?jIDF2JbD6iXz&Ajdu{CnE|(;L=*l}vW!uK}=z>YvrwH~ouInbGb{
z_UD-&WBhj=g$ls^S;z9aC1f;x(XqA!6bkH5mp$aY_9DrIlI@R-NH&@);*66Alj40j
zKeD;DGyduddG6TNSb?J4cstm(Hjvzp@$Un%2fhnAfCaB7O3kPH7#61{y&9^v?Aas5
zP|Vkq`|kC~QEX<peQ%_dIkru7hPdFq3&f8Giie<nFRTigdnJ9Kx*eB;g;^^Vg3JsO
zNAI$~`Mmk^vTN5NsVOsZD(IB0mi@^F=NWjRZqA`!)=g70VcLvnkh7@2P3;!C(DgHJ
z#E+Exvl?yt`2<wqb~rSVdRb1lr0K|khLFpiE-_M`UYz=ZjKYresK-l4Y6~o?NAy`h
zWZ$Khe2cK0&b}7Zwem5#l4dQ|L`j31mr-aFU+*Lsvj?X0+PMLb9Cx1KlE|U=*E&EU
z=hy_S`5rucm;r$hY;A1?hlT=a=6x=1ZX61V$gf{X@F;L_3|oO7cQ}yJW|WtYoRB(;
zCBbipd~*mq(q0nC`WrRz{A%=(<bcyd3%+L0VVo|7*Tdoz2jb$U<#M#N8ZJuQJb;A6
z?I*N@i?iIr3YaIq)-yn<CPR-Qv)52xZD%d`JYhIc7xR<L+FvBqf}EXM7KBxM`5G!5
zta+Bbxbj(qCs+(6@RD=KhA?K@IG7$jkn|>IJTZ|7U`$c5u>2k#D<gw~ii(PEacge4
zw380Z|G8zD@X%JpmzM7r?cKtGx~>1NgG2bXQgAh6)PlYV0aR6ZIY24~*!Z^RQTx|H
z{stlYzWWP@whJzgcQ$!6fM6qU?7R5$E<i>=+ai(nbYwXyFYmVpONv@bF$d6^n!eA-
z`7tA_tjUjhj5hRIGir8+Y;|Mp``cEzN`Sb9p7FJE;C_geFTdB(%mGp}^DrnbMAkh1
znq-}85px(L;SLrFxr%0regD7!--Eb{!o$Nua~m5z+PI1zw52UAEr2^Mw;>>?e~gYU
z1<+>R0uI!^I=5sc$A5hhp~qY+9>4H4-}QU}3?pim<#in{;?C!>e8Yh`XTM_T6znGF
zT$jcZ5|*ZO)7ztb4({tZbkhY^3LPpB{M3Kk9v3R=b^cslKESSS_A$oe_TnOFsnz7|
z)K6+YCLA9?K{hx^2&B=$kE4Db#%t_AVF9b{wAQl+bgdE+WsaS%cIF#Nq1CoB3JSfl
zd$HJUew*g7j`GIobKmuVm63-Z&jlK=J5lB&^w&r}vmrvgC#R;&-|NVo7Zem=xUYpX
zcQbXfn(1#n;0o`&qWWA4*hZ4(|M($fANwMe7r-*a-gQ!j{;7-Kr|>Ut_kGhh42F#_
zTwu-moOw@`+H>oB!_^B7sxi^l`&;58V0QbWt}ELGC1RW_+k!9;Dr`-5&9!hVpj?|?
zr~so#_&3n!W<3*OMlB0@(lyZgtHlq+ehl<eR>>KI&vw>7>j71jSkwCn_;FP_4J!|N
zNJvNyz=u74&J!LF(ch8JYbl@_*P>9xEU6@^M1QPJPQugfEDNE{P8rXcuSKsZEJV-F
z&NjES<QlATNFS_nn5Zf(9qKDCPrndhUEvOQpYqWJ-s17yNRY<g)85bJ&(>6q(Zn6x
z_u2P!Gd$!fymZ2dZ#+Tuffw9#+{c=YqP#gkxOrdnY8_AKCW3s$nr@K$>CYMnaqX+P
zi-GYZU9t)?Mowh+kXI_NwLU0P6?Sh~bafB<l|*4t`zOZKJnFh&OXj2DU?8;TEHk$>
zmy)#$);^V|?(ndux8ss<W4WAd+l)D_#=`ujewnRQTp}h&;dDltVRK&2vK^v>n#ys?
zv_Ga5)JLH<)jaz(!9>o3^!>{}uj#*WEAe`#$dCeVD|y@=x}W@WUM!IP*$5pQ1gXzi
zJ;<;-hOlg_H$v-Z84Ykcy?Wp}?}MUIq8|bHEaNBWd*sWxW?*Y}7z?rQuJ!3FIHFzF
zdG=Qnbl_kIeN%h7z>I)9J8#B$v*Q&P6iKQX<9XD14vkMgJo`X8SH1?d*(yz8a&Jm}
zvAiAM6j*<s$UGX%5Gc?qv>AicM~`g?9muCaJ!8YE@}CHe=(J-&uih$5s|9KQIp$8a
zmJ<JS%$;l$VTj1IkBcpM(6KjPF<+g_fI3NS8~p^)%vMgJ`)vvwY%L|eNK&uU;m#V^
zY4Y>qe6v!cU#M3nxgg#x_AKJbW<urun<PIWQVNO~kjCmVmyRHf(Lm}W>9hVx`1sao
z^{tBz*zT$<^Uv8zyb(|n<E8I14Om)?up9u)ewK!trJzLK4Z&HbV>YciC#K^1JrA#|
zCFWTl*urz;OZ3}Oc7TfCht7h%elZ>uh;soFhf4nnsK4zAUWF96YrsPb?6&CC4icJm
z!$c8{2b*}@_DF*pe}?pwkm`Al`^vz4g<`}ghTHlU!|mw3D|m@7uR<6{R(30J*^Jj$
zH2)T7U;*qv&NZliN#YUMYh&U1e#LrUM-XMvFPLq!KcHB^a@)*6IjEq#LEmq#MNRiE
zM^zs5BKfTbxmZhp0cPO0PCOX@t_IpvmtxzGf3P&uNS#>f(my!q(6Q;<^A<i>`Vm$3
zzTeCZ2Intx-4MIljZX%24+E87lV+aC>K1Wos?-tzpmYkz?V2F&kNCs*9`@w^;s}%G
zqVNKezt8Q&zAqhw1!#mY^xxK@b5o>+?q7GhDpM6RjJ(2L?lB&$9{G`{YYpVm1C;+-
z7GTvCJAh}8gnS;{f7cVIiRz9d)O85?Jj}w;_63k1;d{A{HeYin*7hZt!oP$_>4FnO
zdwwwkf#~WMkhP+xuwN^C+@{>s{SL62!jJ2wGJfFRHF+bfmtwGN`D9aF^KnS(CzhPg
z;rfv*xw=#cHM=$Zgw)^_Ijy2i?%!&dKgtt87U>~GJ;2aC`}1`(%~cK`xaqgMRTj?I
zPvV?UzJHQ2(Q0Q~CQ%Dq-QQXkVZ|4V^SY+_v&9IxUw!_CgWxU;u}bf{6R4&6dogl!
znBwHhvdWzV*TQ;$2i6MlWSQJ1Kh9spi~T3o$f<PTrc#@o1Z4H~sP8+>Kdkl#CNJmZ
zDN>X@aN6;ug&47Q;9U65{2nWZv1}P3GU|rfX6^Ica1iR0hA_LAJixuXSy~n;6QnFP
zRaaIFfc`s7rwvLQwR9b*YQU)&axYRzLm*y>b-9P_rdxo84{RR1953L&YE*69y(uv3
zqjwcT`yF=e%q6rpnN7^HH~A}FmP=z!bkMU0#Ih%aJ8`VI?L%*0lp;49@~m)UQ^;3u
zZjiP(&NgP<3l(;zw0#xTE}F`dOY{ABi4)v%@cbfT>TXbR+EY?9vcr>&X3V-bZe)Tw
z?QvV@?=^B9Yjqjs$9lY#e-W9zqixE4PQK#Vf%H7+>vUYuf2v_kR1HBN^iDIr40$lo
zS#hnAemWIeR3EXDG>}$dvBL@ML`Hhtohg&f!jMA;z;0>*z^uwF{OoEiHcT4g?A0G>
zrV&j?(w(MkoWhosX^HjDN@9oYo7wxdfPb!~V#>Dn+~?J<we1;VO4H0#&$vUZ))bdt
zJunoNnY@7gzEQ7Oo((mvW?R(_U)sH`EJ1QXUdl+s>7(_<E(}E~Ga739MPM5Qq0nCZ
zWFqS><2IJOZJ0qq3g%Ro`VuanB4FLL?^>$8=MV~X;W-CwnVgCXEkhqC39Ud3N1@c-
z`oMm7{l{q=%GG_24<|Yy{o7%1lVlmRm7(eK%j%^xaD^dWQ7UjWh}&70x0YENVQbn;
zh0CU{)+l#ve;})qs&O8;-6MI51USe3hSgIKs;vXg4#!d6TS-|5Vb7JV(Jobq301Fr
z1Y#i2E@I3ux>i}1|E#sPvGKjOc6wD?S2rBcJB$JJMkCXfs|rVl*Xrs4;!JHZ105aG
zwDj~}>r&V^&9kzziBUQy65OMI0?v5=+r3+Wl$8bmuz_Hl6X6snAt9-x_oO<@u;Dl&
zb^y08fCL-+Lr;(V_cnl2Jj%YE1g>g5A9IwK?|I@daH`t8qn2anJJkTbxfL!*eIozP
zNCq7M*=I|NEBouCMtu}Jd-k@@LuFwipbj&-*yf*ah?Xr?baQt{X7W(qiDF;c%nGY+
zMkY&1s<ks_U<H_g4wJTxk|f$n7j}_W?CUa6-cPv(S~HPUW??lWQ<OqZj{&rO+2n*u
z;3wt7hwgc{*3aD&@DnnhH)E?yl(*7Q<KW|bjERZCdnFNoT{-7@_KZasip@I_k`>`!
z1c2k%!=FCg`;w55JYYf=GkhNfGtsWY!rD?=O(7Y3WJMxHVTjeFrVR2(kk~@N=^bS&
z4Na+Yr%P5=w$WSyDK;Ku5H(drs_5MMz{N%23ag+{?f@`&I&f-AYju5{nueyWG8LT7
zZr!YcMSC?oJRBIz%|3_%loJ3X4&aVmeSJK%Y2F35aZFKa>M)AS9xy$mX4RRIq$>Lb
zXG=Ug)tEh+Mby9p;%e3cuzvd+vU^<o>@py1ioz#tz`;rJ<KM9Pb;Quz9-2F8c+uDI
z242^Q=6J~$v6IeRB34CQ0;(n+zTP6jzVWu}GTn<XlD%>`a1@l+RaO`vu+JU_kii71
znCPXYsVWPa5!F~6UsjyMCx^ii;epM{cN&oQ7hO*nuP`Y;Mm_E(>SZcm?CfAm#vvxX
zZ(v}+!^87TOpK!5b)OIFjqrDqZwkVq<nw2J{u~=e!sl#nF6?^@r5PC(#i^vM6xlM~
zsNK6}{+R69pEUEbp_pxHyUEztxc<DP6I3sQcg$d7o#N><2d8jx740o1!rqHdzyswq
zG&n~fXqcFu0C|1jPiblC%(^-fzzKt!HcklW&v0?i0s8Bza8g3Tpu9ZB?>cE47y$qu
z+R?SMw(YlvpCaq+gDnd#2v1nn3MTy+{^R}CByxXQr#UIiR_~a#3BDmnU0!l)=IC(P
zLup!=do@^5<J~Q^GoSVWaSaolJ+`%7Y1%LPIk%t_Qs0c=+`E`ht~moO;JR<HIGnjI
zbRa?QSV2v){sqm1HchGeis+9nikE%pigQ`aVr%xMD^O%2$#9mRhKcG_FKWr(Yt5ut
zT-gZwQI2Yov$6QC1SAn)x4yAT%_Gp>_Xu|_E>7UtgMy6wZfrjGyYx?>b<PD;<$Vd<
zr73c>Oy55@*bB0)czAjm!%pW8gf_ztx&+8X79*bdg8a$hz-L514f@1L^^3NEP9laM
zyb$^+#>ihzY-?H@FS6#y$P^*>Ms7lGMozc(fv}+9^a*}~W^AeBdeR2bt53beS~1Xu
z29fU^+l=(|(ziH#Vrl6LrD-PaWZ$;N)pmyZ`NY1#&uSa354L(YnO(TQzu_?LVx65X
z1O1<=9N^Y@Jvq0{NlL>REDgg;<@wGrO5ebI(B(ZW<mP=5KoKh?b`h$GT<T1`?p0o@
z=ET^$TV^4NG*HmB08$0OD>bI#rEYy)9lHCfW0uY29SNj&fb1_CYChCx3CzZ`y|(#O
z{izjiqKs%2#;$&DpeBu7`=Y6_I9gRu2JP*|){H5+ZRGTFH1lu=iiwH6*JhPVOwto|
z!$zF#^S8$<7;6G)bKa&FFpTUzPBf>0!};T7<IFPOvsZ4OyR97@6Vy~pPdu@9WM0@|
z^MRqE%ST-PQvNhF44weIbc&X)XSx8C`bpF3s0l{gDT8HPm?3OWn4R0)bbb2WbV>Rg
zQ=F?50;j7XzCbx`MBNhU`{jv}F6DI>Rk5!gWBHp^)4$KmV7-eMC^cDhma3B5o#U`4
zu{d`b_Ls$}a<Hxs9I0{vYeyg2@=KPZMJ%yjmFd2y3mj2T>~~d`FO>p91xbN;D;s%U
zxb^Mxj}^Fci~-)ZPICBhbbMks&3w}V+7n4N1(rJD`k}F*U`(b24(aXfU2z|KoRNx@
z4Nf`#iw61-lH;`<YFIZLIY|uHz=T8ZD>{4F7am?-xVi8=yE}h|&bF$7T13hT&zt!8
zZ{G{>sxaV;F-Z9*8x=(nZ2jgib4rU}?H|XHn?(T|oCr%+iEZ~jZ<bpCaClKrT1j_#
z=F?3YeLGy4V_An^EXsDSR7xs^_@CR?EM6%r=rSN!8c3*qY_HTI*?fVGb@Prc=VleG
zi0tl6yj-br+w9z5S)we#z1U&lf(NC)yW~hA)||A!*1R1^nZmYgx$@QNP5U#D)k^En
zgJ(TGz4j-i9A20gnVH2c?l`zNvN4ACs9HHXDgM#V{7PtyW<AnK$p=lSTN~E0@aTzH
zKzMP`VfWvC`;?Z*wl5*_x}yO#*GCyxheaS%dnC-u3wB9(;A?P``8!v9$$B&C92V{c
z8$`1|V@Y1DVo(W&$%|Ye&z|pg+AfMy6<}Ql1H+CvSK%3yzUTPv2SJoZfbnSHe#aX<
z=Buc#>1O~;ro_#vQ!__IM)9KgL_R^_9z2fM+!icD8Ny8dQ9Oi3Cuhmbe)eg1n9f8?
zX#eQ?zI&um4=IihsYPPzLG(U7Mnu;)#8?gB>b(#TBuhY9e1GsT$@s{hwpg9*{MQ?*
z;$}~Zg*q3^Cg*<LtA)uvwOc>gTCFvX<AWklL_^lrS%v*%IY+6PCK<)mxTo7DXyI2I
z$b%f~>fpY}f#2Z4BG!EC7-bXNgVV;6uKOT2LM-HDkU+WEL%&K;Yqb9elf9_gg&FQ7
zRX*&)<L1~NtYgfO`$G)0BVe+-9gZnaaVN#?ar2tQDHOa|(%_|QZfT&q(uTUVcUbMo
zamy`bVUOK;;UpIV&q4RBdlE{yEq)g?17hL3L^zS%cwsf65g*V@i&C{3gzlU*K~T;b
zEAC@8RgtUx6aQ@7jgzAhn$|5So|4#vYQf_i7c0jBK3a%Y!$SS1{^K0}?{=vv3*Cn`
z+izIPFCT`~uQHCb_V}kiRv~vGwvjp&^1rLc>{SO)pvHxs=CX7Q^=g=BOnJvhKOv-Y
zU*j(NzLH!+!!=PmN)T`5kN7^|-ZPo1mh|O!btB>%1|WG3iqG7gJ09iZ>l*dWcw7$8
zvW<)etrzQ8{!ZI;XGcV-%NK?fl9!~FJMVZvQHDk*f+#AoPkOH>!|DyXGHW@RApz^A
z?GwS{8To>D>55mnw*CQZ7_YVep&*L?5%!;b)5}y+T^5pml~6PD96v5h9Z0S&`~YZq
zLeXh?Tif9G_tZ^8V4RBZbf_C5p0t+=DF_V(fOw#WB5}5|`cm`bcQPqeMg*H(h#d{M
zWv&8)4sWYS0AY3`IYs;UyY7=X9K81jrT$a*Y>@s7o(90_Xy7m#w<V(7Asq+&vTJ1j
z#l6W;2<VKi5Z5h=HX{k`H)egVm6^C-D{Si*Um4DE_iC@eYUpAQ_6_+67Ghf_KUKPe
zRZkb9uw0I=GmkyH7iJZh2sTXCV^5e)o1rXU>r9u*<1g^!hd;|b*VEk?m3;LzOpXJ%
zt!01mf*rS<zsTzCs(_$Dybuaiau9TR`$*vnUi-LU{5iFsAA5}{EIzi+c!-y}d_VJX
z{u+uW3JQWQ0$V%3K++*waq`!ic_~|t_lQkTK2kjUu<iW5v~B#)dX%6g+|)V~D@1gw
z<L!YKZP>{o{GRC_o|4IbuzbFd0y-_eD9)C5IBE3h)Q3Bio1KfF(byBl%)Sve7W<q8
z<1JCxJ>jQucg|2=KB;{~YfEJ%p+Eg`r*B^0BIq-;Y5p$L%`%nw7!4wTySM??x+|Be
z>Mo%>hb(8gj1|jbpOuWSiD?(As5EfJ6ThvEPz7FTFHL3t>*mFEpRB9t>qkaLV#cD3
zMm<@<7T8Gi)HDFaL}q`hZr0fzjo8`YSzTT0;Uo1HZPYzup0y@&hQk?I+2SRsitPZi
zB4R+te5))4gGED86|%``OV}A~u{u{IoL+271q1|S=+7wS7Z&pDmLgkWcO;erS~APZ
zaFUXeHerM@EOjK<<uhYrCS=bCn-0c8fSsjCJ9QZHAAsg>g%}DyJQTOE*a|V;i*-`D
zP*+z6bW}W@qI0`>j4aZo>b%=JQN|_J{B<5s&P^K`*&)OBj!qKQnYrPRo^pq=@iFS=
z(mT;*DqX#U1h_hE&R}tI@w<RVk#+(1OZ*#ZetxX$>$`z3Mz^-Mx4FROgCVb++=LW%
zqWY8hX{e}LHb1pj=HxuO<>wR^^Lg_RO-5YSS<*7lQBhOhi|8+6WG{IUw;9$M4h5vW
zC+$VrKB6PdzhD2mPSAf4RYrSqnF0FWv;wLE#e|rcPjmII$)&5SCV=4eDPZVvaC9W0
z=8eCcDOq;2c-I7<u&sCFaoyz%=c<jQ`2m%`e~{5alec+Zkt9H}z}$gG1$W8rh%N?v
z9(v)n3k}H1k^+>6fF|}qt>DGuCzvw2x*~kw8S9>&t}blq<S+oXAEg(D2}Cb#v6gYT
z(LAH4?~pYzq6QLJbazpJ&h+*x>9Cf8Utyoq?bu)W6EzK$kb_OFcDk4@X_9+`$q)O2
zw%9&`VtoMCU8v(-;cJ!u232nhO2OoI_`y=!fb}=*tX*jJ%3_OOpcEj%Bz71d8oC46
z>M-^w$VioPh#A}n8mW$!Dh~*^SK%8<==!yNDzhJzHp$9v+dsgu)@^QCB`3xUXu7r`
z6LYu|Bt=MT^6{g1SNA~Mwf8&#*AvDNT6Mj3bE`=~<Ee=BH``ErbNj;3wj)<#J<u^R
z`M^Jlig@|&z5Pn^+CVL&a_p&zsVT8)a?Druc3w<Q`zQ3T^!3w*@4^R(wQgY-qs-Pw
z-=}~3a=$?prRARKvCU2M3f4raSd-9p7AB@{k&<rhDS)a^P0x%jephU&(iF`oR@Lt3
zB%xkoDv^^jHO~}^j9;WtSc-7z&7ISonFw&q`sY>GgU{8UE1kNHxg{h%Vc3g$@Vsty
zSoA)440Kg6<Y;Pzoi?!now{iXHsbw!2&S@G$g8K$olO7<gi~nEu{cHi{rNYjX-aMD
zCok^%IvN`E8wJs+$!78Ijvw7?leN4cvwQh6U~3fZ<4=~Sq1`C|^<pG%N!mcktJ(te
zJl=<Jr1#R+E{9Xe;ip^C*~3pyfmz<}>|9*985xEWdFR%ad$PIciPNeBF)`op2?>(`
z@^gGeP|C|ydrQk7-LVxl;Rc$T42atG04ZG!9bH}Pc*Y7b>&^fP-Of*Dlv>LcZGF{m
zWyAtjrVVC2fFX6S6`kB7waEtm?340OE^=nNou7fDo;Yf&=4sq&tWlI45y1QES7Z%g
z388Cqi)=k|@8jWX67BRp`<CJ;xS_>BYSUZV`n+D5OJPJYH^{>JJm3*bWcs?)`$*|_
z8VWs^NGD6A^WWayZ9h{G+CGk}KoP6!kREx*OkFUxhabrmNmnyVnL2Sy7RAIDvEl9+
zxy2^F#tFibTq?s)YaV)+$^fN=D2tqR;-*!A*UNq{KAfWMKT8*px$U6>g!dw<8=*3j
z?$8a+K|H=$HR;YX^y4qXw9XA~5HaHbrAJAHyVo**kx@aHzlZ<t@M(>!3AAvve~01?
zTa~|zrCYcYs9|vFikX=sZ&NdXw4C|36Z8Ar@UP)ge7R<X5435nZ(}F#fA04-c8<~&
zi$FLeRsTY=|LXqU{(m3|cq>_)=}-o|6an9ZD>mjoA?eZo1n!r=aBi=@c%k#h6}}rC
zNHBtNC&Of>%pePI26X@TvYqk|ZVBP)oMnb`EWb`OfM=%5_%F=*o8AcVB&Spe?AKid
zEvDJqZVcL!|C1X4#?eW+W=*~&=%foc*Q9s`PaqcTs-?ElmqFgYd@9@3$=QLGW&De3
zEAeM%bEWpKNdR<0At50}k7OA&HN0&YOeT`ahN%KAJNxAb6|e#%J=-96dWJaD0voNO
ziR_H9fWR|DWI5<gHCa7f6cvt7tN#|!V2FZQ+khAssJiQ0rTx!U;o;kJQdxC$WQf_@
zp<!2Gn{<0A$7c2FTV<3GsSzp49ALoo(nddRQ}X1Q1<Fe-(Pe+_RF6<I;@gv7<y|K|
zYA5rb6Q%Iai83=j{tyHLNl8nS1gIt20=>qO(b0$_;)#U?zm5))2M-Z693V7KPL*X=
zCt?Zdqw%@vh>3Lq^b-Z7{~`p!Bm0$|2AsNUzH83k&I*jjx5&@8!>SpYo`^hMA;;~c
zgKtVHSbcBbdg17JUqZ5NczB*ubu<J`*(|@P5rdQ;4A|2=eM&$`#Vw4c)ZhPJXW=!2
zlwMcUW?3-=)xN9@Xj8`=7j<#4zXW^VZ*6V;oSx3%VIyT|m{FVbBGWeq379lK-MHs+
z_5CkV`S12|;0rE@FwoJldi<rNgoA{H<n^034*<oC*Y(AQ#4BTLO3Emp>rJIv+tnu$
zco6*T9EGeU6u%dv+i1E|2fDbiVwKfU_*CY;SDDp@1}&`=4IkgVWQa`%dr4!kvh2?s
zrQ}jWq{o{t@k?Fewq&!e*jpA!0uHN>UG`=k?MouCad1KbuD5y*D@Fcpdq8eQdy~M9
z;{z4W;b4Ve86$_7=|K+W&yY?u98ly6TSS+l@=H}C>Q8=>uT|9jf)fSW8R!*2Qs04o
zB0#tlaN7J#bum_Q`~7j^82;}F{^*t|kTnj4-qPN1T8Rwb8*p=T+wV+q($djU0T348
zW7yRrFJq*NE+H93&A=}iyiTQtwH_T46FRjiP;tT!*FyDLB{S1SA~B5-r%DH6I}xoT
zxDUugnN8S;LY{;G4i=OKh1y|y!l%y|8KrvQ_#+zrjrzjT@jmGFuDdT~WF}>m7}!Np
z>4dCh{O&~?XnjDUU_GN{9h2=n)G#qI{gz)w;XEGK)gvpJzeyt`^mgVeQ#&t3*<pzE
zLWBL!q{$B-?l`V|;4c0ju;D+kZz#KUrE8kHxWB)Ds?0bDyYrdk7nl8c3`$B$$#1eh
z09snVpbY>}Vy9yVlpZ`=-7s7ETp9KXH32m@+mxD_8kHQpE2|_I%}4n{-IVE*-&L8}
zpo{-Y{|rdR-H$Eefn>3)l&4}3ZfL~v7z<v=*(a@%hOWm;bFX}jPI|;qa$mK1g@!k^
z=D;a_QzZKd)9&V8Ygy$Rla1A9{2;8ukSC0ctnDv+IXvoxKhx00D^zfEaYx5$e(0Kd
zu)0e4?c2AXvpm6JVUlic0uHo|-s|e*T(`Kw|H;D$?28Ht04%U0{UZDERv$nBSdFRh
z(Jg=b=8biim7*eTXs9C)V<Y1y9vz2UsjFu*#X1K^M2gF+a&22$;oy;n9F)FT-7uvV
z7FO!gDR%GR73N1-!(R)0oRAPtB|`fq*oK6e<wy3cu9Fi*XW1BSz9xo|@ycs$ZBf-x
zwEJV;%~p5Vt4Wbw?1>0Jn-e+T+F38AShO~;0p~0%_m5{7HAAEOF-7h8G22_8?XC1p
zvTwUmM)y9g!~o;|fD<MovF~q%mzM|x)Ll}aA^~}d=N#5Yw6Eqw=Qej?xJToDcQvsB
z0|V^fA;u#M4DJUQEfQlMh@sK(h`Vy!Lkl$SWC=yb4mmyv{umhYZ<%D4%O&TEqj^%D
z>~vMxyUBYudcR%L`U=q(M}O59Sk&=H@&ASytiMAVFgN1Tq%w^?nQ_-q6kWlfY+=^V
zLBFn#SHS60mg-bOS|(-^utf8J1%v<TRsF)wi#B80J!PTx598wL%Px3IWgyYvHqdaP
z5lq-Ug}o9}S&MinYyGmj4L4{*cHYG5D3+%!CUC1S*WP~?L%wOR<*uCMJy*jR-s5=F
zQG(&`(?VI})^v&_EInpWGQFDY)IBPy1{x2;DJ`J<eu{^Y=HkEd<xfP_*i>DzU$w@Y
z9L162l%BF!=a!xsjYh*Uu4)Ut5~RvaLm+@*uRw?F(IBV%-w+LiXBsoVKlN_Zzoy)M
z`qNJN|I?@dDT~a2f6ZIt;!G}LAYn-ncDp|Pn>hdO5dD@^<=zHoXN{uU)EbEXX@8^t
ze|+^6{`5E}w5x6r1#%Hz&nwZtVf=S;p%`2c+GBzXgv!0e3#i&3Jq-G9(2E_2_v|iO
zX5+UBfa}54?%%W|5UA>b!XF6Tj061trw98_QgXZ91Q!19ySzoxJaX11xcg9}il&U?
z6%NB!YHg3pB*Mk^lja>4dN#f2nMGh`uw5p;zT=b#*z~}#h3MezG)bw}&9cAGmgRRI
z0SPXE?gEsQpzhv1wXIpRwAl^8gkIA~(Evjc+iJePoGRy~CXD00&WTjRG^3TW2*|65
zh=}*;?yq>Xyd4!pzr@FX6&j6Rj)&)97Eurd?JfrN*JuQZ$T0M!RUa}~)&scer<FAP
zNVUJIlQ^Y5pqX-j1ha&wzj$%S($X?KhK8D25g1Kv(u2#mSHZp0<osGyO-<=S1R^yW
z!>v$bO(7zdlz^tBq!jqMoIHN2Y>$uPcm+~ZLj))l*4?OE)fUF)fN43=Nl76<vkNFX
zl02YcQ!#HK3A>?TVcbhjbv34Sb#+23;hY@GxCOuWCfQA)R{dYO2F|Tqqw=G?uBiWS
zuokleu$usm4T~>3FqqY2O(!RwND9%=m>66hetsGO0ixTU#v#Bi>%T}zA!|6Du?mig
zl5uf?Q2n&9um}w25<4~m7_x7H0TxT<-&Qr>S}p@sVj|earkKhWaEpBjRDefEM~Y&!
zz$gLuV=SyrfC7K3T$mBTNyQx$D&x@7oWCOrFu!)q5E2p+;c1(?oS1_^*`GSZdFFoo
z^W%Mb40yL!9_4A#KM}L#aPU7h?`HV#4ycv0bCvxaK(>Hxfevu26cxj%-WVDh21i8j
zuGv|z$W5V8dVK&C7~J);xDa5>%FaUb!fKW6f*7|X2|m8*X|?SFmHT^Y78cE}LQ0pN
zsgF}N06z_dhFM6lr<m)ID1EE3q2XXH!GPqblS?Z~G6*y2Qb{VeeN;O$QdXMnFl&!d
zPfriPDfmrNxPQzt7@9%_dV3(Mo!#Bt0LJxviS~Mo#`ghU*&MLd|4+mR+FeFilw#KJ
zL4u<_NWj!uQeP0^4ro0j+qt;76lLtvX^&D}=Q+9kY0Xl+=gLjPsL~XT%`oIzYnm-a
z-><Ge%`B`WxqFxD0G~@&M>FEwpOLEMT2?kZTEqy*lT3mO`h!*@;ERf^Pk5oXPaP-#
zAH+$eRg8^=jo%MpPQVzg&7{~>WL@D((K)><$GQ?z>HtYP+!?XBjRWRDr{zD|hd-6X
zZ8t<NRF<f=GJ)GKg=uv}f8ddZx;pW4yBVi@T2`n@40kbY32hzl^L{qQoRi$lv^FJ?
zJC_!cl%)L_EkfEvDg}G$9@TdXa|^Hp;1?aEW>jjsU=zy#6OWM}(a_hoIWkLQO{TTY
z#M4BD%XLOL(}iSn|6((HyBqfPJe-AGIFOSa@wvBvIBE$n=KxY=UPHyfCeyDWQ!YS2
zu3Zwm{(AyF+6DNnoc^H~G9fH0oaEh4<?zWdU)k#feJ}~p2|N@DAa7wyeHeJ0=pWWe
zt0R&#+N#}7BNIua+Uq4GOsD5rJ?4ENC3AY_8dfn(54VkXsU+@f6Qb&iy{LEv5t)eH
zO*Stbh`}#VV-b1Z2o|X33-26@ntR*m*-?S$)48o6aYZ`C{sz_C{O2*oDS)_ZSPRwL
znw|)T{@QeeU>0JT*`T4KhT};t|1yc3@{*k;dbK8O*k|R`L?A*z&Zn|ixsml6D-E7K
z<@UX8x6G_&gY&rjV%qDLZ=Crv($r-~_0NfndW+ivf4~e6VyytFsanFcUpv%-8zl;n
z0Nc-=>XUK9|B3PR)b>?tI?I;7@=4=FDBOSR9s?c=pF$4}{zNF2+Xw~7TyY^@3K~TR
zQ&dHO{1vzyClITIuhU(Zg=kNe{Sij^oSS4m57D`dws&LPY-)mj`9xIyQY+L$)EV0(
zt%M-)Oy$YSJSE%i|NN#Pb*i)}SMyRA-7akROHW-=Zr8WR-a$)L7Eiz;)zp$Pouy1c
zE(=VyvLkEg7@K$QP|C<jiN8t8iK?8N=&dLwU}#m;?~C1!`d0KFnClN0b+<k?O7dfc
z7JhTEk>;L^X7K6ow`km)m~G%=zXM$z3)(gIOy$zb!RsgwQX+}(R$LvF)d3@{Nu|Sz
zN+MR=MTB-%o0MRc)9&FGtBGK;{OXgKonB{ZrKPG*;#+E?j1mJ1sl?N4_U@vBV1cTu
zvekB8hOMb;*50kb=wns>(G3y4%dGiVkjXDLGe4V55_i(g!_E!Y6PL40)e`$wJB@R2
zh_MP2aP;e+s>OfD)iHCNUtJ6ChvIZl=HJNHGQijo6rE{0KgROZfxxt3-B32*Zi5f-
zL~nzv;+timv=pL`;r}Q)KWqpnBe<!83+%Ik{NKM0q`SsuX5NlY(fQP#$xKTy@r+pp
z@=$&Avk+#Tr+@fKrt46|-LmY{9N1(d&wfFx<9!B$oK6oSM+OfZ%NfwDpW)=4$m%ny
z;-)7VY@IlhQ=$GH(hnd!&y-L2#x|rEhVFRyTcg(m4l(T7)p~HQ;>!G*i=sOFU`L0O
z-}|f=r`hOrS1ELy14@-&-=5%rk#Fcdi))+ZvqOps+o%k4hqtnUNu7i*xG57pn<aeN
z=i2=&5OWj4hidFtOUp6sx(TtK-fykbu@X{A(+CPRcFt2Qk+FX(8d`2SJU_!$w~OaM
zO*`0M6N3d~F+EYxM)s+hbbX<@G`lE7V8iG{yLf<rc}+|aZ)|ZNW&~YgV%XlI;=A4~
zjkPE|&`sZb(VEQ)8LmwCPjUrG1rD=;H>FF)^6Q&Pk#r$;Yf|5upAp}`;IuOhXjM<a
z(k$6@eSK+Fx*>Iurb9EEaLu(uU5Hjv)^c~a;G|J!pgvn)GBa6x!s3HBdtHoOLi>iZ
z<;nXaW4-+5yWMId!6yngr|@3em#vp;vmeOnvqa+Qrjxys<LmbKVbYR%7y#TQW%*i9
z&#x!cl83*lXJ6)skeF+d+<DOJoIAG3FwH>;Q|=m~gkIe~W5H5FgF46^k;1>$TXw?a
z+$ZKL2ZH)=x+lRTj#iph+lq#VyAI6_Ym}7jy_5r%XC(ky5Ess$&z2Bfn+yjS9l^QM
zGyROJP@=efO<L2HavtHv?c=&YcI9x1d$k>%aA<(V*0SrkAmw73YM)l`IWs&nZqb$Q
z{HfOT`ih4X`m1z!fHUBgKzCH~Y7Do-G7yuBV<^cT%O5V;$o;~oaYW!;Iql<IIYeRk
zEIB_0L8}O@qD&R){kt&Eo*3@RSRLC}x}2fj#kse!jnm5WA*b#w&jjz2T3p<p4new`
zJLZyL=WOiQo03M)s0eQ1ec|H5Mz+sc4?{CQLhmTWQah7>!}tuseHy98Bb)3y^C)8F
zr`$yH4AWxkt9K=MZDq*<#TE0dE{%k{macR~#aXnWnjug3&kEX;+v{oNGig;D(3$4D
zYd=5r^-kmVsD3N%U}VPBRDUfNHW)*OX*S?FAnY+{JJ2UgASSUn3;Ah$d<TtYI&RGM
z)z0@jO<NhyXCV(Y(DrmFLU(=mS>I&sx^OR@ioTo2B3s(ubrErzLYio9dL5Z0FjT)u
zgXV3BU9)*_fqaz>u8IiZwF{S#O$Yh=KdO<T5xw!dSPBpWRtxAQeQKZ23AEiwVw7M}
z^4rm8@L6r;*UDaoxSqm5zM1s5&u4~ojew!1?BVu2kLGi3K#!*Rq@f!N2=DXG0a1bX
zKDC3XSH=i0YowTlM*NP)lX|cInbPd+H9;VOgo3pfAz~-vHU=+eKR<j6W1;MU2k4Oa
z9!JHUA8}Y572Ld1GeDXuT~C*6PBb;Y7UHxuv{zuU>RrOay}JH>`f}G5V(i~5l68sq
z&`>zWLP@utSWKx!Q$B%!fR|e^dpb#*je||cU>Y(7F4Rd6pCg&PY8bp>&C8i^-Z)j7
zEAuuqx`Nou*A>;HO<+P9M)@GbzN)P^6Rk${J2b;y!+h^O)s9`wT6N)@!!$xZS2dB8
z!o_Vtk@-!<+Aymm?0HRsJ<EOylqO$}qNx?(RB~=#qZYq{YMRUHpVi%MxeGpz$Ii~a
zV}C++Kem#54E3q4>aIqTD`Q@0)>GchQ+i%cpAYXh%thPjt(<M$tSc%i`X5Hjh^r{q
zUDd31(td(TJ}!RxQf16WlSe!}5>!v2D=F;tv5$U`fLDaAxUdLTVc@B)d~@VGnRatP
zcl>hqVrt`rL+si#wb@jBsMvYsl2>n=vh;}$-|RW<OjOwbLz|)J&h=FR==)ytS$f5S
zZ6M5jNKX5Mmcbc*A7hP2vUMw1ye(PH)mxWx-dD<#^{I&S!51;R#V@Bj!aqu!Fs**A
zQ&U80XuemENhle(Hbg6rx8(yLRWubw#`8HtTy+jAc9l(8$xL`$R_X%6NHEaRw<KIk
z9*U)3d777=GE}6~>>b~?EvXj$x>-_E60ne~q-mBcU7}wGRj_atwaDn&8<db`uCnyC
zz1!1tHt5>yRt5<4JI5}&J}Jt^O*EgyB=`7c>!x4*D%r*oyYhv5Qu?SgBclmVx}(HO
zj>i)k@tllzLfLf%Y@y}(?I+~UuC5k6ty8nh4qBqRI(lW$esd!SX^j4euc^u9AJQ<2
zNw>o5gmuOi7DypfsDjttE=J}pedmzNwc*ptT++(QN`LQm-&5H6zLx=z*AD_slko!0
z@tK*7mXAJgr?ai?&0tHbWNT1bHO$QVPN6b5y;P_A!xmNFY0<R8*UJf8^ULYxTw&i6
zJbAB6KY5YkN_zeCEUpk?zR;0U_}0+S>l)jI+=in0_cznkY^DfP^X7-mSvLbduh>hr
zt@Xv-%G+JjVc#d6nyQqz39^u7ah2XSzdFqAo%JqW{sORGtm<f8gQ`WLoYM&cb@h1I
z#CZ*U?p_|G>6L4anRPS7yW=$M3&=(UdmgKQK-k^oy{cem)OMVv{;mGhQhyYn{N$96
zpjst>*7?TX7<?b@ZJV%Vs)D3WDjE%3j;&`}@wsg6m<WNv+InRlb`zj0Ah36n5#n{{
z1s@$Q_e|yDcJ)TaWcpLtT;!n<A|s+K%IbtDOe3YS@%lV1H5CK8pDA{7c+3fJJ}$Wy
zfDa<ie0?*0(HOVo68763Ov)TY9%53}r~*5^UVZohr_l9|iyg-PO@-uQjuK-30ykHc
zZ&(>tvEZhljGRfg9JCd)y_Wa%L9$$KEg%;x)3q=r>x8(Bmhuq0-HujP1wj3lo0djV
zRaF&Ww*pEB#0&m7SOnEJb0curB!F8MEH6u-;WS#>*l3uVM!e54+dmr=wNjSO-=&-8
zk-l&(hNZ9Xji#xgR537Uf?Q~oJu%m}jvF<dCuhL+imn}x)P3q+(5*SYRRnKNO!2BG
zq>pFtpA}S<>4DjHT@a3S?l9@cAK+EvLf%3K3+{*bN`q`u{x|w=(`H~Lb@LMCO%@iG
zq6iA7OV$_qrC=uYm(#=;Sf{YKgyw?GOzQeZPWADzg5p|n&Em)(4Vh!tInQ*PGcv>h
zhP$gXV#4Hc(M115o0z-2l_yy3SIOAcw80hVvMpUWOBvZqbJ^&N%(*_$G#CvC<uv#*
z9>*g2<HwK38Si&4)p>Qk?d(#Hjl+xyKFz3mK%~_1@$1GwS)(s6gw)>V)z!U4n;_t0
zW2~+o+ZyX8vob4VH)tvZ=BSn`%`b>i0Ko22#fmqpmo9Kcr<2WLJ8d(wTmZ6Y<2&y>
zaZdygMKt8HfpVHiM(7c9+?4KaHlaZ^%ysi1V}%)#F3M_qiHDmEeOuYc?9CCY*PUiD
zdUZ^xzC7()m^66BT_lExmG?QaVDnvZbsD^v#RuWx88SmCyFONLGTO}e0rYQo6bL;%
z)ZaQt1Lb#}sE<x6U*v{-FOQM8>Q`H1!<HE{he_5NNL8h!o4J69`_S}g_9t$$aeki6
zhEEb}>uIlRcM~Q{qJAJGJl$}=|0tKxgDj-&Zw_hRTv-Wes(_Kp%1>#><{VXyd#$Ky
z-Wv?SjBBz5(TW+A$*O<WX(CQ{N3BYB(OTfT+Svg{o@6>hg{7P%rQTk16joKv7<KOv
zK7ei8kHOTcp9@7H-Au4Ec|CJm6(a{-rHO@cUgzybCzXZk0knzzem+d&iAmnm#O)!V
zPuwa7%)5J|z7|JP&zS>Y6>%v{!@&`12@$3$a&kn?IG$dZSXfY^X&)nFnD^$&!qgN|
z2f+0cIx)4e*@L$5`a6Vrw5~;+Z4$}adEaS?%VZ3l**#iOqGfLx-zZpW2T{emuQXcP
z@by{wmUcOnZa(N+K6FWWlW=;4*f<&VJu4aGY%(#lhkk;UDm8hw^0{FPIjqViq9dd(
zfOhtel9K8Vj$Dd~qFo*@jzTJZi}Dz&pExznK)<SMY2~$kGJ>CB%<og8p+HFuc}Jlx
zr|V#3-*DSZY_f4n)oahlIP<~idq}y-Zv;C-jq&=g6_oO~<>ldxjfin)i`UNM_$0(N
zSsgP%RXmWb^D;8Dft5OQs?3b0iBC!uRV6Af&3eC7{`?|uHa0wA2^}TA>}*R7yEm61
z88kLOPogpOV<0X+Z!s$%#RV;lE=To(pjCmDY%O)5s%aDJV>R@Xoc$p&8k=15;JJ&t
z9lXjCEgqK4T)KFPa&uY&?;C6`Ubwm7hlfP%jB`_Z%WV`CU*H!l1fFyxBX*ilzc}vX
z$@liWQCrB0DR&^R+D%GJds75=l~haaVeWPI-jOHr%NOQeTKiR`#A^u#qu*U0%U4?p
zx$o=H;ujhfjUqvbMOkpKKB~C57<)!^)-4bIVzv1gIGLIcJ4mTc&TB4vtiAPOk-E7(
zp+b6)&w5%~M!pLf4OeP!_4VKMtcNt^o_lI~i&e*MzF98uRSz2!E4moGs?h);?-q$1
zi___!`}3J~v~?$67VWd^HxOx{Ag`6v#mLjH4tAND*oSK(WL~|B41kM8=u)VN`+Ri3
zqEu-)#H$mG$0+76)~n{URrOXXlD0-X3MvBg@pZmh-E!NLtE#FFLgZBr8JK{JSV3kj
zRU<QcdFvAduwx`iox}J&j|iaw*BQ8Q<=39`f-h}N6s@UM&g_Q+i*>dOuo*-Tj6k=b
zvOMJty(#n^m7_^1M`0G9_Bkb_Q*nA)0)D3d+EAq|RH0W=>s2wkxy?-Lc>pH4SbV|d
zIsx=Fc1g~!8k0iBUL`+5J3nHj`yjFQeM0lawiy1*X%It5am0_jlkg*JP+?&{=E`;g
zFhnEh`q+EA6Po_zph?7jS;~#8)!=$J;Q~HC&v*N6bkb?)Qhr>NS9$t!*X3mf@9!Yf
zpO(_yJYS(z#UxB^$yA#Gy1ul!JT$oQ7DZa6kE4ja7rO+Vl=vVNw#ky8Op+3BX*LE7
z0;KK0A;-m^9}nOo*$Pw#=d05UofKXoSMKIVPn_x>1_cIsB!4l0bUTMBb%l+OI;vEJ
z)Sn?bHFc4q-zRXBt=>e;4|DAF4yz#?;Vt)b;bS_vaARAtF@u!-m^IK`QbT?NO^~{d
zYViugtAZhkm0IqHBsEiDs?mE6;MiB|X(PYp#d!I~3yLAq{RA~$506*3?xE4mGcZ;0
z@a7>}-O<Q<4b_LC+XZeE->v}X<q~}j<qh|^x1M34M>|I(Xg_kDiZi7NQ7*?UsG2g%
z6+_zJJPvG9)p`9oE8t=cMW24BW&F||nf7Y8XoSIMtM@WB%1iQQm#``S=F+yQILdd2
zV_bv#=_Qcr22~~HGhv(>s1{Y_m*>n&91*W+9UPpQ^1ThVHn)7jfv>Oowd(a(<0Tta
zABo)f4ohBONcG{tyKV51`Z6#cI-o?1B1DQhJlQtA1Q)^Q`5bP4`~jvcb*_bpj=l+y
zXAB=sAUY)7^}yftN>t23d%*@ouZ{gmRx#hc5Xr9%__c$0yN1`1wYve8AJm_is=f|;
zpMHV(dVK<Ve)AeH{Zgjxu+{8KQqpi>gy(*Cn%&KOF)CU-MNK1;oM11ssDH8~a(k>h
zmg*hBw7}~6>h=&R0(=z}6z3JC*R(t{JCwJ6`G}Xu;A5Yl^IHTa*+}$?pk>+aDY7!B
zPW2+!L0#WPV{Jp;dHGG+jL;0c;~H6Ky;MEd1d2{5v6{5?2Opl*T!vaD-m$d}OhDaO
zCmRQnt*l1Rv#*-)kuXo^Q^i^hP3wC8>OzdTiFnKU2$mmtKT1D<3fFT;=IZRVAM!yS
zn)Nuf?3rEcWqq~kapKxYoOgo-TUsj~AH50$gWl~H=UWaP44KC1blF&eN8&z;llvTh
zKrQlS<9nYVQ}W~IC#&meBMdEpCYRl>5#DM<#*~r<?x)^Ao6m;!43K9O;Yc|Gtl}oU
z2bz}rp^KM94>UtF87-?>P>Y5S&CdJ^lr)gEoM(KM_P+hjbXEBcBlO-&P!#wDVHE6m
zK{#X3n_tENq?Jed1mtu1B$1t^B=3bOU(#tp+@;BsWLh)pcv}RD=FN72lbHBvT!VRB
zNprJ->z-mFbSXQA4M>-)^{WQDA5He}hEG5ycVU6jY(ruTLz#ee;N|EgpLc%KOW!w|
z*~?|X;9n{G<MqTk;kqyS@)kaZ-S@N#0x#>-_4I$JCV#=g3eU@}pS-7$w7qS`^Nz~S
z{2R!Bq+)}ahcm8pw>I|>%CD}cjicYX#ZuJ7Mv>;lJ1sfa-VTn?rzk)05cf`~W4%*l
z{;m|%P*~Y^Z#OR>H7ucy?Lpt$AxkW?uSLbh<5LkjOIgA*uXG0A+Es}yDB2WM_(-AX
zGfuSF#&0hkZ=7uNhdD21t42gB&S+U%co``o6CSbd&yOx&r946j8UrtR+MS06jMKvg
zQSnp6iqKL;U8cXqYZ9;~@-uRJ^QY*!d@E7NHVboF@0%XFxjs_a_oZYo(1xq4`BG*@
zMFm+KsKc>WjPV-JhTFacO#^(UgNl+N_jF)**4uO^ZO~ll#aFntZ7#ds4%R-Ujk(3>
za_Da7HNo0$7KC2|ss2-*eb6%JM4fK_l3R%kQAZ!;t)ym)tj!rr)p&2;f64gWO7jtG
z=~@8arOz_>=);<^bIZ&Q2gdx_WmD<$TWxjImL@IdxN*x8+mVw#CxPgZ)l@kQIF@;7
ziGd^}0)JecZ(!|5UcOq<L+yR61;S1nT{Ri2iaM|ea&1M4t!OE`ffq99a(WV2>a*%r
z{C;D-5D7i1kU=11+h&K?b9=*%x6N%al;55E?ENT!jX_6qS3OQw6+^mpe*6&l&Yk^o
zn{r3Z$mOlyebKK;O+^s2R06J&88O#aqG0%T{ZLkU#q@JwH&dQ)Q!A_Fx_S@rY!6r`
zu&5bKSycSm!muoI&sTv4qWlI5IXAXD=n0<juvVn+XzOi7c0cqT>C$}T?Irra)A#cH
z((O{-`eelLhM&>Hfb*s37Ilr-qd!?ysDzc%)iiw3QhZod^09(W6N!1kMUu-Tck)}s
z_dK=)s-$1}73hsKx+JCPW5<?9jI`|gXPfmv6;@85fv9SqT1s1Q;qS3`FFe0q6{NR!
zaU3tWyLr_cK#+>1*SKn+jFFu9oy%hv<eK6{pR{zC%Y`T!9x*~Nw!8*>jC;fQSy701
z-niBh9P;YjDrH1@<tF$rcFYZm?EC36LIra~=$)>O=uE`#bX$ArdWp0qSr+Z8cp@JN
z8HVqrzv&qSRP{CG5E3yly3|(z&<KdTw<z&C`SjV#_nJDQDbN#X(tJ<(5^HATk%DCT
zqRZ|eK1rgp*n@L#H_E^${^`E7sUGEq6|k7Cc-@eu3R{hm*6U-u%X7KUtw<et^n#6f
z6szgoLx>xqv7`~)Bs#E=zO#G0fY_%H(T+8sX!M=t@Z5lFv@Y0!!CI6hGcK3ipRPPC
zilA^lzUp09u}GhCM&Ie`0B6w3VO_v>RXxFMkwGll62emsM6BTw=iPS31m*X>If0%b
zj;`U}&Oci>lVWgFdxWzAPOV*1Nn~ze6nFQI+hvWrj<;{ud3V?j!cMfF93&T;K4flc
z%B#DsOm9-y?6shT2#LP>Znu|yVln#(A&BPJBn0zL^QNqcQaGuB-?1__Yd-d7+E#A%
zZuX_*ro8XVW$p}?Q|P@Gvjnx3L>2g^e3?tXiP-mR8f5FY;%=m9GN?L)bL;0?gCaYO
z4GlTN5sK6}pN_g`@qQHNp+lD@wIQ6R+|NopJ+1q$Y`sz%_q}*|>&O?<kq!%wZgg%M
zqmrXo91Sh2dnkn)I^j62pvwuW>lbwYl*TGP4I%9`HG!rBJ7-JHpNp;oXQqwckHzGH
zql!>`*A`?zpeu%jeLkN&k6Cij;wz7{05B?{PkLza&46vAh~lMXR*C;*j~!2fyPeT#
zb&a2EK1Ead&fsuqKx21P_jL+#?mP3$8AY+V&pM*8WEG)c;LR)GFNv6Y^(9EnR|Hd=
z65%y$KylR-@0-5cJ#mIWE}T^F7n*w^?P2?RaJ+9Xl}n|Nmwt29FMs6%02YF;1y1!R
zob*QVM^8P_+!j?4(-3oYx4T}x+BjR$?WpecyYz$ZWcIpbW&-c?1aVkWuRWXy`azl5
zi}VcjC?RNpbN&Ye+X6r^;3Bp<Vj3zR4%KCDwh^y+qTHJ!vTZe=Qhfh>x@an_;sc$p
zwqe-cKw(-qHAj5sjOti8B+8lZ{iP5<>GwAQyh|f=jjfwcnMFZX64bem<cl9Z6|od{
zWqvIN%+1{#4T54L`>x_VKu`bY?<Y{&Qvbf4ZJFBtjn6$L_`ZVm`-HeuVfzF#&Qc@L
zjU~_}OlaMjK(=Kd{U)FMM)G2rZ_bl;!M@8*3TF^Lwi<RFyDC4(!|qh9;(R+0+Ocbu
z<rxfo7<GCO)!Gd~yYnH{^u{yUH|q=K{mBUpwwhu*T^eGvVhgn5UIN`z-@Izpnn(Yv
zN$!n+`TyH(M-!It|1xJ%f#aSUQ)8;1Y<zup)6R)}^9y(F+qURv>+Yz?xGT@n+@jCj
zVq`eb*WG9Ry)q&;Y7YPLWpl0ggkm&-RsXB@m9bpw&NZ*TfBw~}pcxt!4RiNfuWtQm
z$-q!HN51&oIn{f1-+mOH0CuF3uPpA1tq%v=-}NgoOT2lt_ws9pSq_HB$n&hb_=FMY
z{7(rTU+4ez46*0?wee*0YrmH3-(w2SE(!8lt3EX*ntx$wVV&da)!7GcoyxNCY~8OZ
z!O$SPb(>VvV()e9+b;Z4Y0lpA>ectRayi@#4Az=f&ul8*e7qnfJD+3Svx5(IZQ3H!
z^!n~i%d@I!rq+`Klz_exHZaaTK3DUs+A>pfYvFl?-=@E-nsKL-`P<?je}A|Dopkq$
zN?-N+y$@!6`!K6^Wx<wHyLRmna$2+gz%TbF3=A6{i;2J4VJsgO`S<Cre?lu?NIqAW
zjA3NxXm*!fe$N+pe(8>=g1a8e-~KL%sQt?Dx<=H@L-p`+7NE|>Zz?8NDlD<9cu+U#
zp(sOxJnQ?DlZ{;uy?VX)$9o2b8=hr*Dz9ujDHz4bP*J{jd9yYH5Ip$X|9}g`=rC;p
z3n*OUSO?-aL@4iI0x^<$M-_~Q!yro!Z)FdDb(a4%;hwJj*Wmvy_TM+#FJ5%029ksy
zw14Y+@as<T`ImP;9o4UMjQ@FR`qj&qQxBGU&z>y_ic5yNgzq}RZd;EBzuBEzUH$vt
k*<j%4F9cn=zjVoe_LwP2h1nmt7J?Ley85}Sb4q9e0CduEp8x;=

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-protection.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-protection.png
new file mode 100644
index 0000000000000000000000000000000000000000..7b47ead343206e2ec1adda52bdee739ca5144527
GIT binary patch
literal 144909
zcmeFZXH-*b+ck<PA|Rp^Q4p{pO~9=JN=Hx>q)G28qEZriC?TOKh$tvkrAqIiCO`<0
zA_z$Dfe?^R2t5f90^dUS^X~ngbN-w$&U?o9<I5O87Heg#yI%La=A3uJ^>sDbS@~EQ
z7#P?e+}C)-z;KL_f#FESv7^9$R`YK00e=p8Jkq?wP~3TL0XR7FLQO}FfuS^tZTATi
zaLnR*-`s<N;k59<&!Gp8F0V2$>}NgDP&4weS;Di_8chkctl36mt{RL8J0-rnU~Zv*
zUo^HzV}wWC2xrfh_pHO@qV}!<_npDmbY}-OHgSuqJ?T4L)atp<ok|@)lhFg9omxzD
z^6eWQ@pDO^XOjpk+e+U}imXaIfv5lHrFw5ze2eWrN5J3f4B`JeVt96v^U%MJf1JMz
z)bhVxAJpz2`L6>8hVvmGj{WOU_2`9D|2hmje&^!94jInA(g^%eAHqEPSIfC6Fao>h
zca7(t^MM`A;SAsIm4Wf{(79yqrOiG)l(tlL6MT2AW#a5V*NNV$);gju?MtxR%T5HB
z1?+8$_*{A6G+0;)UBSrh?aieIDEnMd(o-TE?P9#g+`@`%F!DY}hZV2d)DDMo2rcjF
zrYhs_y*pFycKpBYn)Yo*{M1CZI!C3oH+}%0`j=g(q(#LKyk3iK0DUGnbsR;2J4u)n
z9uv&Uesvf#USL&S7AI<O(dXZ-QEMg4xKurt0$HtRM$_0%Uo8=WZ`A|$=u+8tE`QN=
zLhv(epH4+SYmJ^TaBPp4EU)&MtD$LW=-*+Kb;&=uMjo<7FP^Y#e#epxhP#&wWN9ZL
z*`#Z`=}Jo_jfHn3PG7G0uM#tex&rMm?2wbZwA#qQ0o;1+JFnEqFDIC^8`W8Urm7H5
zOIe*!)Y7rb+XtF*xsLNx?1#XP(MApxXArKU)YKN{RW22knn)5gDg2b|+514&Z}X*G
z|K08NnUEL%JSJ^oTKtr1(9cUzioM8jKPReL)}HaYipc&R4WZ3<k{mkzBurolyT4bS
zXP8stkXLAl>de+jJgs;=;Z54Be>YFbSD=0Fzh>oG`gWMZlWM$ZE4=TKp0cmScQQ^x
z+A#Ya8sWCzXw1mDO<Tc|&?|Lpf}f3xECz%x|5F-<K=v8=Q;!p@A>kYxY3J*-_U5L;
zgy1DiY^SSeUW@(VB8)#j{ndC{(qej9q}*riX`+I6F*@MeA!dDDfq!lj$nBndOg~+N
z1?WfjRnY>|{kJ?4!J7OQ<<E8e%>vzL+D1-ko_hk60}CyjW)Nn{<kY=*YqMJ&gu+8S
zsQ;QE-$LIOSyVr@c2xl_wi4=KP|F(6JYrS=0Y)9Mfs%L>6Y*vC?S+Opx|9J^+YuI#
zq{m87N(Bqo6|)2>>#>cw6lk$^0G(`7>*Gef_3*(FDj@)i+4>c+yv8m!_P8Ta&YPMs
zSY$aDee~XYKKoSv_3)0*H(GRt{08!k+rP*-&4$VhI~Gh=bA&K+AfGgbR@1D}kjfjK
zw;J)lSR;^tF@<uQY91*xFCVKI`zdFwLf?#WViQ(2$~S6V#!zicgVadZ?Ay5cZ@Xve
zq$rN;?GU9$pC^I}pMHNkSmkC{V2LUwRrKlBTghg^y1%M3(`FN0tgeURjA)?NXkkjP
zw)98=qHa-K`W$StXD~-kNWwVZXtk5vUx(dYkHBnnDuDO%1S$m6n@+HgxZ)ggs<Gje
ztmwPTRZ}PU6(G*ngsWHOuarSZ7KyT;FYg7FaFt<$+7*J15m$7+RMBIWPjcd91*CCE
zJr#QY^UfrP0+XV$BGfpp!;oe^noTcU*dB>|)?#*j8$`V(&<LYZyr|N3TTjumU!2D1
z!2BK9qhj|*fX)=!A3NvStu~lzaLL<$;mkjSvt;{+;ig}g615_PLwOi)y1LUM6yQna
z+TNZ^1yPnpmg^XY6qZUt1bilfr0$FN<>*B*%Vyl%4CHvY2%FS8@+4q)EsX68%5k7A
z1-e|l1qFgS(`}xuS`u<}%&9MnVOIiC`&1`Uwo+5j_j1aS^OM`-9$iY+UtGX1Z)??5
zE!PmO(gsm+jJ>w-?X1x&!kYe@J(^N4lcY%HP6*6kiq9{Wgd^tz_US0LGEK23s)wFQ
z&V3CNbmtLlpgklNo!>AvwVnxX$K|}f`+zf9!5axYuUE29<j|YJsfC<W2yq(-5~FQ#
z5+N_5`*y+AGpC(;(qFTmz1}3OoeP=)rmsg!ab%vtN^RfX?uMQm%uZ|xLTy3KA|Px5
zV9!F8)o+I(t-=XaQ~$)wZ?hRbC@_k0d^ra+3PM%BX5+;H!FO431w$P-$+*Yvt+EKb
zE9X$z?Ist4@imp&7xi5r#>ez04C?2mA{9E@V#T;>?Ua;M{I^_(5_d})Pk3NfP@`b<
z#K_gfB1Fo-N*%43?Wxl^FtbZzbmdzk<rhU0RMP~z{B)HtJXXdWF6?e6WgL1h5A|6Y
zVN~n8;q;wq2DIP2obzzE<6xn~OnU+fh?^ro1&KB^yf+~$$)%>>BLD~z#X9|h0|lnu
zhh7>V7PYRa0N!^MC4`#ludEQ@v<^_hpt{lsP<B_8bb3GB1w)R9V#JyIi>*hQ;<3Oa
zncy+6cnGqqdLMVKyVOpTwp8Br>j5K<Hz&m}-zj3gMzo~3jitxSfZtImRyCcTejbg}
zuh`d9-hL)$Ehp?hpAF;9e#?>XJV7-8rcn`4a>%c6ks9(zNn7GyUW-O38(@ZOTNJ4s
z0)rBR_icPeD^6IrkVb(@;49xp(s!LTH_!CB@`iI8p~Lc`!;~Y^sYHx?o$>AZfamEO
z1Esl>Dv`HmKfQ|k*CNcV<jcpW+OJ@a>E}5{7T(VY8g;$BrGDae6B$Rai&7f%0M^Y|
zVx?rOR%V#?XA!<Ts)t;et`mHw*r{g3uc~e%W%hVGm+@NP;%N-Ww?&z`B#+LcSyPSn
zqdZ$ifo8%(F12gT?7;;ErU-}{E$A?FGt@yO(WRzA{c!HnVDRF{@nUNQ(`=<L&(a*(
z_~Iw0qEsMJ1I><6^Aydnqc6MDg0xHYvkn^@=racT)l1wj`c^IUT=l_ee2td}&4T;t
z;0~$0OPSv}!-h5y!qH6q4yTdkqR$x7FMJ$}{}ELj5gCRAjXr17m3WDmK1w1UtgzED
z=;fOBBJbE}RwEWw1eY*ZZZa2BPo*={2+ymiqm3SDfrZ+-5}eYmZ|^nc{HJcyA2n+(
z$U#Oya&p%Fky_F70|f~Rr|<Hd@hqGs4<F#YKd+LtY2U|CCSh2Kfzo>zV*VOAb8nBf
zf`^ffPDIHRr?jy4zYRvQ7KY_HSI-i~t_kTfo_wFUd^n9y#5$<`<w+|F-rJUU)A)nY
zrl9Q!m9y_#iW!_&#xYz+!+2tcwid)kS5TLdx3jemnF${f%`KX_oPRTo{OGeklgC|B
z)&<5#1`|HhKR!Z6>=VAnT;U!w*7GL6q&{G948U|UXAIQwg{p!+i=HVI+(?%9az}76
z4cq#!eP^dQ*=P*iB^H14xhaYu=ReANYsq2ErXT$_m{8{)lGAc9Mip5m(j%m_YEtix
zX0LDaXK3y=J9-OP%7be>7osIuR4dLY<v=LP+tV@5jhz2!4+aL&n)Re(X=!!AwDhz}
zKQqm|+G@Y*2w*IQjIcWA*Vg1#)cF;KiOtWqD5^{Z9=5u@ckTU9vDV>Vhbu>2uo!64
zoAH&9EWV4X#*B}86an1iKkC*Z5F*C^=$p|@|3ITng+Se+s#^C>{&D|whLRj|?Pjm`
z)WDhMD52Erj|(QMD2e%pG`J)h{PTPbc!J_3Ewi0%dp1}FX|LGWP1Ew3ws~xLjg?;Z
zW<F^1GBpmV@gmmH<U?=1yZb4Wz54@C`UOd;+SNM=#|*fg3n4>p8Ask2ZJ4aT$65A=
zYF+$i-PhloxqV7i4aQ`kM1E}I@?3A`J51ky2mp_duX^ejx(AAeKi=EjUareg&GwUw
z80RNd7G6FaC(TP9(=!PkH@t=y5fnXB{Mc1|;iuuvlsdm&sMb-@W2{T5?rmaXhsRTJ
zIl%I}T!#ZK^kyx?ud_x2XhGg5_LKPSEx`@);($ju|APMN&U{7`gc>9KW;#Cd5>|>#
z9MUr*UwGIutHvxay{tK;){-0gsQa(;FH(H76;4OIeLt`)Z{z+2l`p<^<eV_$OVNL7
z#BkR(h3k+;kQdYWyGn>gr5>J}N!RV)q7g$R0MY^#VL(Ycq>5fcOfv3m&k1?ks%bNg
zHF94i*ISVp^o-<H+NfW6iwdH7qI<6Qea=~`9I{#Sb$auPN5Z6vwp|LqMf7&II;I9@
z4i#q1<V#U)JaY~*{G>i(x`BmVYwNzq1+`82)Y$X+bsub%bBnyFEf00mX*kO|e_#J9
zR^u<ZMtRX_Tcd+sS>pj`Xc!5r#U1`<;5pl@#~stpe)!pE!IeDDk#LEFI&UiGr$X`n
z<Tpms2zJ5JWd*l}wq}*L3La-6&Yhfv>S!ZuFji+blE9|cUdF4Dg{AAJ#a3q(aor}C
zS%jN>%4umWQA6v7>?|j<U%mEBKzv*7R9HEusP!=XxYo;)<oMqKlkT|<6IV9BglHh9
z`&zqw=V76OHV08Iwp2kD)5PwR+{y-bS`dC1UY@&o_`5B(U}ffiO8qv}|L!(-CKdC6
zr^!?rE<KikbsWfN3BgTj1fRX}yeTA&b#N!82S@<lP$4bNIX07{&gD9*qSS*$I$_wr
zsL&cMtNiM9FloUAHavX22>(xqIxB83FGHJ7X;wv((rxIA1BHpp5p4*XTXRN3_z}LL
zF;i}R4zTShRr@86#Y))DLe8jtf^~d>WsyZ?uM|3kD=yJ=!pqR$8>%E8G0DZP*d<{s
zE}Huo9hvaF<BRZEY96??ZC~QT`GM7wiH{5%z5l6JVuHU2qv#Jr?|ypeP{LL7Utst-
ziaLi<|3OIgR{7|9vA)8g&x*ll;E=zA$9tAk(Z@o9=vv)m`9UCfTj66B_4R{#0X)%M
zAe7ry4}5BF+2yKM?G^xL@vyisQ$6bLF%FqD&_>o~UsmP`y~Zoknm*Rk07})aQZd9Y
z4i@p(j#^1Wu>r9@=|~Cjw~x^OjFn;k8HH1-81jIVEqrG|gtpcqgx8_oRoXLTYNn37
z5K;iJ4j#tNoHmhzxRREJ43N@V*_iE2wwzEx_pvwRn{ETS6OUq<&m#?ZUR$7^)Q|As
z=DOepU?qA1WNZ-XhE_N)vw)}m>W`&Fm%0aN*nl8>zqOuO=-gO4e^CTs$T13ldEfC}
z1=f&}@0A~a0)XB)RrLR<l=a$V92LO43x1Rct!iL+j^Op~1(^#e4ncEtllc%=Tz^~$
zs}iJyzx;7Xs9Qh<?q3Ymo15O~Qqe0ItMfa+r7g>KgPJ@iS%W#nxQ}&)GkzC>ZGNN!
z%hd9kfu?}H0;wVfohl@rvr-^cOCGdzV4fHdOodTCqY-qAlccZDI0dw?gU4>sfW!n(
zuRX@0`L!unZrms1{`)N3SlmBJ)wfwOLO4UZ4Q&x44OGuw@l@KK*Q`kDI2285%{^D6
zciId{jSjNZH5=R{gKKQODH;Ouwv9Vt<2%DMBvF$ldTIi|+j_V4m@<U|cHK-rs@~KH
zatRAw9kz@54&4#SAfHqAuR<dj)`2zQ#rL;79#I>1K$3$3K*TtHNdBdQ2kSS@(F_}m
z--80KR}%8mu}xnmMF1SQuq?5l*2=J*$ME$l<1XBfP96d+4VU_+*n*Ll1YYBp{~5d2
zZG$c|<_^{Qtwi{dX@YdV>#FL^(;AordKKj$`vP*R03^^(qd<Z<nJt{IbwuaO&2VN<
zo?`&kg-$6=aT#y~2p<>ykQAAd3dae;w<cc&4GU|>n_=N}t0;E^nZWW+`Sv1HwQh<u
zKrw(ZWE0vB5g~WX2w{yLG`=%GQl0~p&lZdud67yAo@G*F;RCWnaP49+(vWx^z+SJ^
zJSw48N{;=xPhKRs-RsRfLLgdKbQzN5jBj-##l$pPnv=c99e`y#lMWQOUZSjT#{urA
z<1>6zubv_c!d1!YzJPxj0+Kl{lQ%y)Aek8@qyKcI>Z}CPaprBUchL!hmF+z`jXA1p
z3>e%dKm{fY+*zM_lW+r9bd%0JY~?$x8bnv33}5<Gc7f?0!FNsoO<P7!)w?oz8}nf-
zDjks>vZGZF09-C8Fq&vDbTVg+zsD}9I2_8(Kf7!T02f&x^ECac+IoDEv{Jw?I`X99
z6${dFK%8pU<zxv%kZXHg8HQ{FFcKTZpj&HAT%aExE=ZXbWwLhIj#l_@yYqTdl)lXX
z6TcjY9wU@d7omsdE&xa!1QJ!b{y<KVW$Zp&uHue7kV{TSvo~Pyjl}e~EUZYU`^-f-
zMgYBld4a%C+@rX9lzVnMzsR&JNm(KbiLG@&f>P6V5@3PeFgM<9Kl|6yS4sc@ur~8@
zn=k$jXol<B^R5)qU<(3aBP3YU(6^i7w<wmt@WC1G_`=w#TR#68Hd2$_{#5)Z>6nmR
zYoxl^JBTScqz*=_q4C=Kms)#t$SlLfC&@a4@&AmzxADL5HF(^Os#NL4pu)6TAs6dI
zbHHp42>Ir4k=3~qh!jjRN^w=DoND=k6pQRo;amW|K@on=1v#~Ty-q%iOlw|-6XPPR
zxv^-!go3wfvB3zq*<q%^M1U$_tYxhtB2rTa2RP2A%@BZDB(-)P%UvRL<M}({=i<OJ
z#!4;aZa+z@s%v#R`6pL_B)Ezyx~8UvCl;eSk)vP*IY~!g-hpek4^kv@u}gohfd%bu
zg+F_J8Uvb>TLaTguMw@kQ}0@d9?Wv+%Z9W|qB0*&oGfYqK27B0+q7ZAS6Y9`VVq~@
zm;H&1v;<Yg@!z>a(>vs9?9i>e1<ZfE{1z<Z8LMr*8g07YP_Ob)mR5DklP{^_x(D2v
zl-k9f-3sOW-Sd9QgAa)3{xq*hlIxw`(p|O;{EMHTo&c=dS2O~IFfNEkr)v4Y_~pP$
zxPKN#)gF`c>WAMjCIHLoF+qFsydJl+p2i^<`S}UMZd3bSk92B&LRoXGX%y)FzM!Cx
zHHI7~+FfR^J%qN2W4pQHnfq!t@X+BxQ-sZk`0<x}7LoBef-?Zl@$6&!!dR<i;j>&l
zXZ7gy%0kh?qCoLF1(yP3<L)60UTTlZ8Ucb~KGe3`FV|YJG8{LXUr_8$Om903WZoXD
z&h9uDAZXMiz6d$W{!9ISE-3Cuw5WkvJ(Ov%GHDr)K44B`K=UjZlplE!Z0)J|GP%)i
zOH-^>gE%qgy;R!rTmjNQ4p-seyD9qQj+zbflJ)DJ{~p}f*#mdkIM_cFax48a>=^R6
z&F=o|kfCJZ<Nq6CH*+{YPGXShzY$~4Bj5h}j{mc~^1q*S{n-DHg!cb=@V{E%|Mc<y
zw`$41nwH^zVpNv|)u9OBQD=0r5_Qa@p8L=9oTdI~JSBH6YJI|G!2Y2Fx#sQ9e||dk
zP*M?)F_0-r&=Cw3&-?HJxZ{fq1?Pkq8F?XB=?-0<VO+0_RBk@1v>GUBTc_wV;P)ka
zPTVwa(FQuU)-nn#WG)h>#m8;_1mi$SmOnGK<kZ8YTRmXx)CtSdr*{E9*to!C#L@)|
z3fSEaGges?Er9+Cm-Sw@B6fex@LKK_w!9v=?DQpN6p$VY)#y9O$Mtv6RrV6l$E%MM
zjQ-RjP?GJ>&Gnm{0n&bOzmB$qcbjtFoHw8hTH2B5)bYxE;{u#Ws=uSk{;tQWRym;Y
zi~@M=6nec)VhQ8jG6JCYCmA*Y9T>_&P8bdVenPc>a~+nfe^j#b;a<eSk<EoZ5}-vz
zCg4@(C)5iyqf!8kr+32G9C1KWk#^an-X*NN^v@g7fP8&Q{bWT=W+fB^WS{sApnW*S
z00HK=m=tRtrPO9tU1kp=7NL;8zDJ-P4rCS#y;H%Y?AZgSp4!)>s;Nlu4v<SY=g2xv
z55gAv^S~C@0T7%@UkTXvAQq7G328wX>K+Z8m~I4n-1O!Yr1`8);U<s@qWZ9Vfa+E@
zm|(M*9mOXj?qhnI-OzRFy}%eP_UCzkDX+A4n~5vdAq%oQtOC4#^;~b(%oRSV3j%(&
z>7+k&`S94^E5n1_ci86ffPh^eg$y@4qJO)jNxqR7da6^Q$a`g6>ZCNQUn;&L4?xGQ
zQVs)cew*{)0uw};@5U?+zyfx_|4Z4VZV@mhhj!{<E*^cGR`T&u){c4{Fr0GowR%9>
za6Hgo66>5tt|tO|oN=*LD`n(`i=0lZsDA0M$>lu`mA(1BE9vLAGNP28CsaB(#VGHO
zMJg0Wf~@_W0Ll+S!R}-DY8^3vGBrY$8+)k`chv!4!YXDv64BI35VRV|dXFT0aBWx<
zsTzV)Mw$RFYZt)cvTnT^1-95a0r=JvS>N?%3dE&s%3=Y+yfHMV30Iy#Dy0chV9ro?
zJ2mGz`U-joz9Y5`xspCag!!rb9)7CXe=DKU`l|FYZRtu5l`}4Y7>Nd`o4yo*y>}Am
z{rWJW8aG<p)ij&!MfUw~heMVCdZDD)x@I`hrS=H`X@U=A7s&PusAy6wr^<Iwz9!yl
zakxjP&!crqi*ZrR7CDykd-jz)Q745G5#Gj!G}^6dJU_>c<z<qp>?pn@gY0)STDvs1
ziR*NF9c@`buJBtidf5?CyIaQpR<-fuJD=r|37!$Lk%@AaRGdfG36v$cZY0J3mm9Hr
z^4`#isi!N(Pt`DfUPUHFUt}lCS&%P#(kGIiAIKCsNw->s`Ct03G}$1i<i(Lb!8131
zbhu3aNLXrMlR7s3F-3`rYnQ6odde^BX@+ZM@Jj|RT%iA%pPxfDe!sc@G!cX>&4`q5
zL*gN$kKc}rLsvk6fCRB8@e~pq3yPdaL1ihaH{Bl9KE#Y?49yOhSn`y^DEJm#<%P=%
zJM$LBNpLiT1h7>1s@(T(k369X1VdXLh8fs}T;UO?O>#O*>y65_;>1Tj>wGy9H3;yG
z^j`zVG+0<F9S7X0yjQIzqAyYa;=91OJYMJX`fC_(BI>0X1ADUT@RP7=(nmnU>7>)$
z7ZWJ7l?Xhna^?{8xrybu=0nV}s0hpKgyR!244Zx!j^EWe&-M585ZeW?ETuWo#Ue^j
ziBwqLiNv)GmQFSfQ9qfMscy{9Rf`{jfzch2xsXgChTwrQ$y<BTrQd09GEA_nCqr{2
zOvwMS?ZeN`Gi`B|M3<_1<4ZrnrP~qtM-MVzYQ}EKp)f(eTxfF6kc+W@W8e2mr=gmr
zL&m3G_92S~T)NLANs_@Y%0&;Qubq95rvr*(mG~hxUa5-KQnJe4)>NVYcHsmx=0>OM
zgF{g&d#{YcEAhsrwxrqQp}%N-500K^`O{I(Vt<x{z{}j9lu4U?q+b!1xL7g6!skU_
ziVLyLRE`3JjL`Q2H=38RSZtiQaochY4P0P~4I(nx>i277joVGYw*n8uI~~JS8w^0Q
zSvV9tMU`xClyjbHi<jhIfu%lNJEFEPYJ8!JT1P8fJT<TsR38Eg6M&T5=u+$hLWf}O
zQw*S7k2ww$I;6ta^9sIP14Qg$c|F&leG-Z=j=9HjNV;~lmL0YuR$#W~ns8Eou4;+|
zbb)m2Glu9tHTf3*>hCe9s<fCIu*W1<OviiU?ScF+pPz<x=qoRJ*2>;Ok+$}eL+|7l
zEcNLrBbk{wAX5aD?fw`kS6ed(0p@KeMn6mFDgnZ!%%?Av%RnZSj1JHk$X|B3s6dLX
z6j0gQG(=9IwYH^Cw2`4Vp8qU)(wI_OBa-sc<-LI2Vdmo{6cWxH=)@4yLepYrbEo0l
zui6ay*S~MA37L^_EmcoWH$cYRG!GOy%m!tYvi>8%IcIpPCDo_l^i{KywHK+J!iPWn
z3C9e`n|}-%s*DG+=v}O&JC$deIzz^8{nDnbHb#xXdWdj<vGqA`owXKqD?OiNUYtay
zt+1NvsysXdVZs?2aMmZ?_6XKA=hhDZ*cqS=qD=s1Mowpd`6hB7!FGCB0<kNtO!$1`
z1uoI9*(_v-T;%tj4{UL<rFk}k?7ux@dcbqBWPgECMl_&+;vAxB9xq92ENbjTFLAC6
zV1YaxN~#<hqhG5WU}+IrSys8Rdp7ZwL;3*1lt3AW0x=z6;&OaOoht`SOsd`ON4>Ey
zYiO|z2B*_i;CekU)cC(fqr-vTe$hpS_W(mYzL6bG2KdS{J&}j5K{OJoofQm)?Q9}h
zQen>l+8_iN8*qqj`E$w;Az&mab+*cV*QItl8?!$Sg-m}OD6|7~`SvdCa8JuQ(Ei>A
z0;B90%QnpcfBZqlWqgdOSw!c{GeF`hrepl8Eo}hrf>l-!K=R9&{qh6IpuFUs%m@CM
zJ?k}uPO^N5F>lq(Y+{keoaL|jt=E9+2q^w`z=B%?z?lxM6=Y&Zl1w`w5V@dspO=z#
zX9)rO?>h=2l(xFnk(Ns^;{v17{lVQi#x?X(ZNz&RQ4+e7CqmlY=t2RDra4ht+N)6@
z3666p_TJy(XdVUhU&kmV*(MwkWJld3CP+R=19+p+PjW3)E$U(Hl{@6cYFaOqG71{2
zavMxjJ4`jBs_e|$5l5-A=nE9(N;kN{f97~z?(cN(aYXh+4P&<pc0(6A3RohF$ifN3
z0IxM=L+$U=LkliZ@!kj$rfVmK#FvBBnh~eaei4eGR6)v*jHsH4tsftyM||g!c@dXg
z0SyfYi1dzt9G+vDl1;>f$4UnTT0<7HC{#i_z9#qQzF1DuQx}ZPpdV%F6bDj!<huRR
zLG0^9jXl+lzgij|bEW!Kpy@tU#R*s8u$td=Q%G2G3=XxGd-!cy%<!Q)yW(~e7vv$y
zF4)w5#G3#kjYF494+6$L>{{si_eJe9pizsBjW5iIAG-GY#vdQ|xM0mmc2Sj=?1<cu
z`3qsgvckyl$`=9Nqi$gWr0r8(=4fKE#D~ia2CG<)1gXpafvG2W{=8$-RToxVYl?vk
z447JC;og=s2r2k)uZ;fipC$x+IY7T+lz@N%$QxlJts=?X4-f2L3=H3zRsST}szGP3
zxu(7M^>}wMA`Vbbh|rm5fY&36<Kyou83G$L|8uE%>C@Nmp;T*y+&fJCJDY}(ao@R*
ze^36Bj|Tr2!_|Mw;{PXdhQG`Af46r1Iq~QB|9SBLsEh7@kEXs~YAj(|$hMqgkFT-9
zoI5B~;JZhKW~CE?tcQpG@X3}n!BvzGCKpxnV_bE+f6t=NR|i_<9vor{A)fgC5lQnW
zR?r`RojUK|AfU88`|S6PN`&8}c!mkZ9RHwV^+#Arn?NXKK0LB2GS<4sDl+r?qYvZf
zn-oTDr%(L-G|?m{jt5+aIFnz6xxg*VHvc-fiXky$zSV0hQ^9|uuOZ-L%6uggot>~-
zQ8I7$`?RcS5AoO}k!><D_4Hn1<g0LoNv>rL6o96hQ#tmT4z4*LqoG%U!Z}KKtMusX
z+Gd`vOZhP0?Dbp7`xbxEPv>h|u~KH-u{17MJVe~QP3QNS$J!LCZ9omz#%gPICiHq;
z)>O?O5h`znifc5fCsfV1`fO$Xt}nwU1<lA5xrqIU=>`x_o!cKBFOa+rB|Qnz2)w4E
zF8PYf{dalGwl=0$!*97q{b@gj%khNYwch=?`)=bpU@!$<*9|tUK6}iLv7xN1B!9QM
z>K;Pr^1~y?x_%OV{QO<K^V+vA*~+a2d@OfO+~)tg1<j<fLxN?(jF<iFJZFF3%6Z{Y
zvV_N8l2sW+>u;voIqy-jbdJY~WY3p@CC~nNNgr!B`MTGqEB$`h4=L<in}hJbjiZ4b
z>TMbf*VliazaP0VyZiM|B5+?4G1uu}dSs&M&j`Ajbct6H_nV41sD8@N?%&1u``7<Y
z4AbL?vV+tV5Xor~4doD$1r5IA>D>ooU|?-q!R~`?1ITejW~CQD{ihw?;4X3<vVoBU
zOz63nK;7Sh>SKd57(5E%C5zS;az+3Ue&%7vxtjU$N+;eSc#MeNiEOZ-3Bm@%p?K{F
z4q5$^K48Zk38XL0xC+n|xQ2s4Rn4q!*9Cfw;<AOIj)4$ZiX&jD4NQM9bk1|R(CH+T
z&Je#RUTsL|z9-P<!`In`l*jmF9G^w-N}tGPP=zEao>Hx!&Tty2VC!^w5^-9RHM^KP
zR^C;^H8+@0Q3j})M-9t&%l)gps@9HDcQu9JXCC5j#ka&OJ#9Kh?A?y<n9ZaC=D#u<
zB`A*H<=u&FXMc~`pQW^A%#a{-v*)qa<o${wOBYO~aRDUrAe~)C2wn<^CUv>bP$~fW
zr3P@rFq{wATMP55o_X$sU;M=m9<qj3b|fmu`Pe@NY-Jb$_xZ0#K#Zxz=H)u7dY(<F
z1ltQJj6K#<R6g(qGh3p-)~k!}wcF{t8xO#Vl_@FF+;J1G8#)5`8pmXpMW2lK&^b~C
z=b5;Y?Ztf?x0N2~sFhzh9&Ra=c-yY|=xBaRjLQC)q&5PRPO_(LeQ0@#bt>N<rvO-c
zVpe8zK_o=XyuwE4U4RN{d)m|o3#qF%Y>N;e1gPMpTs-oiMUe^u0g2I(E~E{eYAKwp
z3sz=Oe%uF!>>5o<g_l8Tc#x^B?_GZt3YIE}BJ_P7Qo6Ynv_&IRTSY=IE1vL7s@wd<
zwl*~0U1!~3S9@(XTr#0<BldW)6El6eu6?l3oJ%oA*dL^Zh=9My?*$Nr%zZz6`ZZ9Y
z$9!-Zpp|(G!VPmGDTYgEAX=R_oZmH6^JXG^OaTVeFwn-Q6;$?>Kb0-;eD`8x?Yp9P
zWEj9oMSwOd3#B+G%DLEFlZlX;_osIZE$<Z$Z>a1m67W<wjqVLdM)7gdw&QI=K98??
zO?9{K-)IbN9$ZLxtkpx^gRYDK*2J0z(r;kfGrXk%qN#2)<TYX3AYfcEpK5*&+GQ51
z!TP=1eSlN}9_Y=lxTW@cb~GS?NGc&fqkbJrfi}C?x5bwJx_x<pN7`o0A}Jt9X>~#!
z(sXJdI4=)W-XUvJY;_y;4)EP}o^FAw0Dfv8BECF~{aiNz@IZ7;#J$!F5@woNnTIB_
z3*PMB+an?-K3@f(d=!w39Km$A#Yz%!_j&m?6F0u|rV!4%@{k)gx<>YGd`EygFCe{J
z1iUMN%w|}LzFdaD+N8Rsk@Y`p*4KwPkMw30!wy6*+I%C&(%v4`UfX?OJ&YZO1C!h%
z5=}qBUnud@1XicHqR@~5<;{(SfE5hV6EJtjy;cwU<x<xvZ~CTJR+ql6%~*d(K*8{e
z9#Rkw_M$n@<Qv!DFn``eA&pggIL}!_AT7FUzbr>991Kat3Se)wA4akL*H-uTq^j-1
z1iW2a`o75Qk1$WQxVS0;sT-E^qmctQZ-B52=d?r*?QL|qd%uhFU$|?@e{SmaUwY0X
zp3A0^Ti#Ou)q$Tt2RvEY9k)H!zj0t6MXz*xQEHEGs_PRs$$tirWKKZO4x7z&GtHz9
zW9_@5e8wy7Zhi$qma`zY=)j5yUDDa&9@wvfy3p5Bl!(n@ofm&B1TPv#3u}o4eHAr1
z-7RnJI}^8@<YKtmq9;$B7_Ab$e1<y?mPfu%`P|+ycT0<Qhjw`vE-7&eYwK<iNf_FT
zcTN?tpfqo#{6y%a97~INnf!1cU{_@?l^w2#iS@-Ecm|Hs5!pr9K(WQ|*8}$a6*d6_
zyyrr1{Q<knZLhFYl~L&u5Q2A`!>?JQmX$z24$o?1;Cez~*OfRzlSRE_7J^@fK>ICh
zam`2qoSC*BA-$9*lIj|?(U2_|t)*CnaS<|ouiARjKv+Aj%%;=}Q$WCgVJp=rtTohH
zLBb&Y6_Ew2$oc6l4o1B`nB^pg4wyJ>zJgtWA8;F%$Y`NWsO9OaTLbr^`0TT^NY2(^
z64-lepli97CRp$&E1!6FueC*}dI&>ZzBS~r3lPp;B60?-+y#8!#%W7avtP-B*Y)JL
zxp|EMaUI1fc`Wk?hj8e_Ppc0aVs0=k)qT1?0tn=$2}vcwG$I09s7bX177gH1!f9be
z%HlwQkP6rnjoPO#`{=LG&fa*G`i?iEV<mTS01x&2xoB2JqA1|qzD_M9>T|YbhI8TP
zigAFk(M}gJ@E6*!HG26>GQW|S=sRD=Ma4ATBQ>EVFDDxwJD&D>xHZ+Kg7;z)cBZdy
zbO9qZ{3Zb&BQs_WkUL}E*MS~jy$2RQCT5e_WSjhA$Flr+M<I}*@*kmc5A(}9fBJ1M
z@!BZ}#K(U*UUGY9GE68Knm7pTAb4t+{g6daSoZnPGY8J^)tBwFAv3(zo(9*1(PRFR
z8JpvPxpVaUJ32H+FBMGRA&*X!7Y*6?OumKy%tVXrD8S^h$7fJqV<lpTuUbUTPCB5$
zRg<C4?Rx;Tz65aN66>uD2dkP$kBrlxJ9U7jk~Fhtw-i$Bwi2nlbH=;gXJ>O|?Da#v
z8A6tOR@)kzKkjT>yo(>jytpuRuWk?LG&0Uh0h+sJeXla=cJtzZ(qELX@ZmVR-rcF)
z<i5f@Kx{Xa$+hj0l#qX37r)&bAq`mCQx-#2^c@s2Erxoh-_PZ^(fbn@_GmOT`HYfZ
zEEG<{Rmx8G>5<+_NO`Xe?ckwZO32Hes|zx={(pT3S8qS3)(%d^#^{v+=HcsbgV88~
zT!&t?sWesoJvlYsG-!N(sl0It1o&i3s|xotJiDFtU-DP7*W_8lc$l$87RZ;@H@jAS
zLKmD78VOn3H*aT@!nP)vZ-Wb(pZD958m|S6RlJ0!Ky5Zagt}zdMu!~O*T(1EJ!{q8
zwRCbnaiuyZm3~TmBcBS8x;@3!vx{4PHlCAAl<mw1^%Bv2vMQV1Az<{TvSfx+LgyOA
zXyri8pGxUlJ^N%Q9WZBSI5h%xlO`SQ9FT{+V52)Ob<#Jl<MJ3}Cn#seNy*c2l(@mU
zr?_})aE+I~G)uX0f?;?!cel0;TJWmcFTvKk!&r7=k2dBF+pR_sSZ$IOfY^mecKsC&
zxx199Q9q5qemSjBog|=`NM1pS>ypt#T~iBN6z%DLvxxY|VuwXz#P!8G&uTwmk@Rga
znuLVhi@8w*?HV^hI#*A8CUZNRx+*wR@zfHK9o7RSUKhs}neC1POmFpJ=QufVL~n|L
zrm;7bjP5k$-jb)R)B<LSie-R40)KJgHFyBS*buEU?&%Q6GZF;6cUhLJOBM*QIk??C
zYDW;dG@0%2StQxNjD)mwNR%hH-zlhaRoz|(`@Au~@uC@S`iwq!tk31F@oGMo!i7<J
zweHT97slGFGz8sisA_$^htM)PwFXqV6kJM(^DBIECDu6&h^pfSUhIgl$V=pB9Q(+g
zwc@!7sg1d=a)p(7VrW$Niz&R@N)r`yk@%Db*drf7Chzi&>d1LR=8O&au1h2>eVuwj
zRVvGu2MOH1lA#rU)nP6Pnxb8^>Zy2+Q{gla@LlA3{*v)sznt(!A6x$bd^VlcP18uJ
zfgYNC+bKKI<jlqq&*R4L1$ec%zX;M&Ha53=UQ|1OzHWl?W2e@NGx%sV?0|PRhp9L)
zWcX_sli^Tm`9kgYRN?~ThdN%aZ7E7}o`-sJ)B;~nF;Av^SnEQP#6zCrkCGEZyS~S6
zrg;?0w+uoCj$TgoxQe-FOugxxfvk7g04xxk`-1)3$l|DZ`S4DXCtd^5xA|<>D{Qs8
zsuLDKBgs)=g&x})8>@4aNg^MUTW6jV6WkXk3(62A`n|#FwzTIOWLWV7yH50E@P?K@
zBk2GUh8+FX5*m;2Vp)k<z3s8NYpHI#2m`EqaoV%2iSl0g0)Xf2woTU|hVxuv4&|Ux
zWPQd};B+OMc-?9PTRnGjAAE%|1TdmUc%L7zRT8}I{w%Wo-ZzC`Z!Rsx8tS?QJ*5lk
zYScefLNIK^KO|)w2^4?~*9+@ij#-|&_4$N=d{tMO_x#te8U}3V_l6)EvygxHiCYs4
z2kh3h?_+ekr`YPo_MX*2MD4oPF8a<85BKVjjEeACA8G7vnL<l<jo-mOh;a-wM^X80
zFtBo-uSqKhtYJ0d`*6*LX-B}+4ED<yez2~_BR&k63a3PB^G{xL8hq$|9o}!CS?$m^
zJU?6-!hY`BHwxZG1w9=-Xp-I}J6QgL1JGAn<f>G&V`P|OUUco%w+WdkLpUpY1>Xy#
z9bU$&%&_>*h{ut}Hab0cdp!S|{59NaIod9b!iOBb>v_GPEKWU4SwJBW;=#OM<u)}o
z3|G#$y!4tk1@%NdtT`UtOCId4QC5EThV7oTWzA2in)#;%e6-#kBCr$XIjSf<qJT=p
z608|OV_U}+0KV1ggP90I9k9=JXxjafbAm+DdZW2?Z}k+d{G};WUjO~M-Y5dn-MWat
zO1T>I9uR1#G5;6|3BGJDJRqG|63w8%o+>%8z@l8P3$Puf&f1$)S)7a#GiczGb)1iv
zwBRiY$zG`TM47f9m;uLF%5fe5gs9MplNbe5xFy{W8)Zd%RXue*cZE9ic)#=9!d8%l
z!M=M9p(vlVmBDgN4ye<T+31aVOm5)r1he29A%&@NUlAmIsA~L@&X=Ug$d-YE{qocR
za{~JEDf=1#Bk{;im$r=A6-7mQ*vDCWPQI3^R^=TbrkD*WA)G5#|EhGIyaTxBT<~*?
zfNHFZ1~sO)*cs{4Ztzs%Nq|B+YLNZV9JTBSh24Xamll+x90RN`_pAY6X@zO!C;i1a
zh7w;x)t%}WVQ7XhMv0z)sEv%LS#2i56gyjN;_fZ_7pz}B!IuUq)`XJmh*be$JiG7X
z@2Bp}@D65Jnhx=sv*d~A6qhabuu)Q?8H#Hc`JDJ@$z>jSkLvrUE2MV3T{h>3@GIkh
zX}+3pySnn}-NEoTj9ILk`44xJ&OcZIw)Ooyy=&|q>}Rl#oR_n#e)^iN(8j}BVN?b3
zi`&mUNvl#M{lXdKNcJmQvW1!5WI+e<oOdk^W&0q0(oS8(HlI6<z{+z%{>NU#agLMY
zT?81dsGup0o<nfZn(ppq4-b|3bZyd5?m0bRzX%fK#U8f0s?Gt{AGj*F_qMWU^+jm)
zcx&ZTtZ7ta@`rqD&F}DlI>q%Y_BI?bcz{l|XGf<IushE4^wguRso}A2F}f@a`TZYs
zy^hc+iCZH_yrlrBNVBYT)I8disYk>(+7G%sO}(G?^%|T$W6C==bd7V|q;!r7<V5&=
zneQvp4WC4iSGD%!(=7&l)8%=#zN&kkxCO%9^zMWLdIq}bOmgG42OCqQ@q2yVH?hwy
z?j?cd`_zk`7g<2+nRuIL%lpB#lYaa>G{NvaXqLykZt2FEWJ4iWRbOviPt7Gl+>0;{
z!bGJ_&74(hr%tMmf8$05uuo~^5{JsPpM=<(+UFg(imuXrv5Cmh71tp(i^`g&NQFHg
z@Aui-bDe8~j}8=cv~oJ}vR`s>;>%<irBlfY#3VgAnUMG*j~5+s@`~!<>A9pnD6I%Z
z>Qq>EC5Y6B-g4;GAo3^XbQTGnx!FyJ=B+%jmYesc;@1LJJSFGD0TiuH?=P?=2=M3M
z$$S;EM_<uCQyY~MKr{o`zh6fO#5@aM{@|udb-R^jnbsa+aQ5q29}jQ)NOY^Zi2^G>
z&RJNLDI{FsvoYxsmRL)E_e+YE@)`z+R8qM<W=n+rYf6KjN~tmPeg&C6w?yZ+CvpOk
z!G232!SZ2!P%e<^X7w{rrP!8NPt7*@VFm1o#n5UE(JTDvlLe$Xbs2B1YECmlu%Pay
z(=(`dv(UPExu~62EL_nhiH2kMI)P0kR5|e+5_!|N*V9Xt-NiC}Xx7A2Xz{et6|!0T
zz<MLGz`=3FQ)%PpjpFx+s$Xv(YjtwMBDs22)?@UPZ~IiFj2C>vM0q*DDp#VSlFPSF
z98RYJMvh(CWZ&7(BQ}?IlzY8jBh1n%`@pU{>j{F$aUZfBcH2-u=&stw`$zO=F=es`
zdhZG-i!DrCE`Ndb`QqjKhwL%;;1MK!@-G8K4kq}~alm?lPkvPixMzo12I&xBUnk|;
zM15%t-I0PdwHZl^ed8x)4eOAR{k1)3Ct}|<VyLG=;^Y`VxADA<^OJb;NUblM_bF4}
zhhAlVGjXQX5t%7cSLUDgznQZwdD3+p6($HDPChO%Wy5=_!Sl(J=gyV@(!QIhI1@1(
z<Q=cjIvAebrlojVp{E}?=4~6`{ivwz@Ct@j3`IyWjCpQ!P?kI{6{@#H4pwWMqLm<J
z`7z5J%4b$|oh!!xi;1JA;ODq&1}GbARNaf44!;=N!smq=KVGtR7g_3Rs$=L^cFYk3
zoJ53=Z&_4YbRUK((_^)>&#Z4vftA4MA_N|Alq?5tI{{lu{mK@On6;lSiWpSut0-Oo
zBN!Punkjj8XO`b9?f3pj0L^zlDSoe~K-#o&DTw5^-yv4@&}_E}1z<RCkoL5tTXq!e
z)ODPH7Wvmh+R_$RB#PI@zqPUhR?6iEYKaw#vF>8B?$&?JnA}v*QDIx5)A-ajcu^+d
z-FVK-f|*NSHpri5<L{8^wSXIdNu@+qR!UvZ<xNr+V%?G0T3PVOAQxC7QfLiYC=f=Y
z#V!^pGqCsY?uO~(df0Lbw6iEokuslQLi*td{*r=L+zPuh6Fwm2yZ!DkgDh}!T`x><
zs*htX-qlW%_o1}tj`e}5zlH|vo-L=Lo<CXgo(J|{RSS_(kd-G1-}fZz_Cik#)_&j4
z7TjEkgpM*@@_PE!ZIHaOTRkU(qAd%Zk<J_cwaYf9xS@sRLZB&*=*{T(!MsNHQZI{_
zLxkaaz9i2wg+uM^Oc4Vah7TA93Whw@N(M^3_J}Km&t3!G@$Yo<Ce4vXLV9<FK_#zv
z0Q;wFu&hnA7)d%*$>G<FVmbH|i2zk!DwH<rQU}3el!SleKT`evHqJ^_n$NSR`<NrI
zaJb|AYdCd`_jpz}LEN<XSF~#LduR(t`x7qHBf-*o!B-_VIFg@EX)E9?h4t?AwvUyt
z%8$ohb)PXdMNb*FUJ1CzsU0tAy%>t@CerYu1bX(P=${o1wl!0Ksrb)?AQLK)En$k!
zTLdjzz;Ed(1TPdm*fevc0Fhmt_E}jwOvncC%DfH?Fx@38x5#%kK=8suv;Od^;Fsat
z&5ETn22pTf^MV#6$4z2z$GfvPtg_US?TmBv>yy>D-(JZ-F~Qkv*G06_Or@PF^*EhO
z9Cw>bULG@@`v$mk-RCl->sIgVD)bosQro97H+2<w73cYiIZPzj!dYzMtbvd%kIgqI
zzqdPPgduF=bGo!QgOjBgir>Hlo8Q6OlZknTcWdU%YEDvs5$wD=!HoCf4$#em^j0J4
zZp7WnBwnh~O(zQ1fYZHn<MlJWOuy}>g`7YJg&eK1Cys5GUWjsW4U&{w_v<{1e73*|
z-2}kJ_7<?qW~rD*2jHCeZ_MiO?@p+LcewPFXNo`PYE5ydJg<z|1NGc}oZRlcJSGeW
zmO?I-#80cZI{+M>Ta!;6a^sa!FPJWUz$H?BK?>-#bAWdFxNlX>oPM-h2iw8(j)<#t
zLI#3?CMb)WH4y{#V9Bg$;xC5*4-%F3psOI(8~n1Gbx`cg+yXUX@a|mI6XoGgeKOCm
z<E%T|WVkYAbn?rvOWMnAZ!)LJ;~uQ;=vOk}>xPbPXek?UJYzbQQE!!6lBVjEkHp2=
zMA1!_2v{tPkA^uju1x-P!X+yB$6J+`$@HB9>;6P#@f=yhpHuC_D^lbNlWPZIzi;n@
z1}IB#Qfu>=2;21Y<VShN1%pR1KQOL=w+t>83|2x&xRJJ2C+KAhKO3V-t<iL^A*Yy1
zZ}2<};7h9%Lh16kI<c>~z|sc(NV_F!LHyj1aq3x^R0feR>+ud?LP;Wam0aFAHy4J}
z0X`hnTjAQPD!;pvr>+wVM{9#;QKdZL8Vt!zi<uU@2+ya&;z7zz6lXbWC2*u-z8`YV
z>!Z<UF|CvOE274%XH@oJ-gi8Ig?mle*)D4A{uq9c6I|XiQOCF=PM?#`7X-Gemr_&a
z%L-m}{;*|v0E+SR-wtr500xO+q>;Obdyi_3XoihayoS&<P=s!-o)XCuMNj8y!&OFk
zQH>q-MDoo+rebxNM_(J%kSofxs_~->R!#4F*Lk`jyr?dvF6(2bDr2O$&za8Mq7El2
zZhP=nDT_hUNiCECrvW=P5wz|1L79P1$m)@CJ>|V7QhUTx+jX32HRilv*3><Fs^?$#
zZT%IF@*3SF0F=}y@C64GNXajxoPc+_O5_TkxI@<O6iar4kgh%HW@u@*m7&+x2J2z_
z(SuAr^r@70QmhY?wmv5YlzVi#A$U!fE8vHR*zRJCXFC&#@T(4H?AEus<=^67E+!ZP
zT-KwyXz*z0>!_CC?5^CsdSm|AL+ZTxMgw>HHj}VsH>D}JZBIF2YyF!KG2D&uTZ60&
z4loJOi}qnu=aYqoO#E?~T`O2>>((P$9WD@FKHrpmZ;4=PTVva<41B|eb(abqidLjd
z?b8+r)vDBwrG&d8slC_splRp134TtzV<sG4baYV~B?G`;jPe#Oo(o4bluq;X53Vu{
zIQ1V(d7xYWf+?yui=LrjCOH+KD39w%mNyII$BnXeMIEy-sDeb$Pxsyq)}1giF^|pt
z3*dytkp1~y6+97i-kGp_-7C45B7d~K;iZFBvJ5U!`PDH&``aQk7YKb%pRsKI2ujPD
zc6VxdPUaY5`&F37NpgcJhj;P~(Rr?H)d_%STV5tsZL}h=`xNNXMhup-M}cJ2E8s1^
z*ME2`8AT`)5ftL&2+dY+$z^;R)ug*86V<2d;%slYOCcj8j;uAZ+NBJ;FWe~XN-CDw
zdNSnsUX5kKINzic@VpF&H+LfF8}hT8u(XwXOwD)aoB<0=Da~f!cE<khvVa2fkW;MD
z#2hJkys8vEe%_D%v2<u4-@MOyKH_MohlIbNu<~cMRQ!BNn7m%?Qkm@XIW2dO$gGG2
z;Cox5(9#w*mBZe-^IpCWstnMJG(W)oB(>eZQIM8G*&CCQK8SPKME*TgAOV#QTaad0
zOeak8NYn%z-i7y5MDu>8wnr34%%2OGY+x$x$Vi_fSjZ)JIR(6yVA$L0)1!2t2xiIh
zEm^h22S$vvZ!fA8QJo;}Pwdop?94Svm@a0|4eg<^IG>X#IoS&YdpabXvaS<0j`)UR
z#InBe+d=uSPSn?DkhwRHGb?*_*pMcm=bQvK(U);{X6-E0Yf?+dHVHapVHD+3D_L25
z_~>!h(Tu=4(cz+JM#5gNhD=H6kKsnTp!l~0mBlQflrXJ235N;1Pgw6*k)b$T=n9|7
z9qd5=Y2dqWY_8d3p0z~J=E(BIAvmCb8F&dWS$lyl)`8ahrmWfzHd*2SS`zEz1xxES
z>L<H3pIsYT#8}jEKISxT5<TXaGe37rZWA6iYpOt-l!ob#GcR~(KhUZfG`dt3A1_||
z*rP<*uQq%k6X5X613r=bNd7V;2}>S@kDDTv@*f9UW3-waTEsJKJb&fIT!vj(m^KvY
zg<E+AY)pOEl<r=*tm5yU9iwKS9ua+fU43L_lFKwMW>jjc>|HNpdrj)DNH^<pTZf!i
z8&Wa>1)9p<M?Kfsy=-n9$(Ny<#Ux!ff5!<vUd``+VdkFCcF*GyoP}L~Xh(7kndzp_
z>fw<=<EcZA%1(O`MNV(oh5)>$3-|JW<M-IXdc9pp4zQ9@kMeR`e<n;c1#GV`g&!A>
zJEIIy6#iIfRo#}nE9c;zJ&F=v^Ty@9FC^f-g-N7IF#`>d!QQvSa#gEerLC>2*4w++
z^4Cju#&V5{v@9Jh`z3UE<4#19&|`wyoJxXhxJZR%ZoR6L!cSg)2KMf?nXC`%QCswE
zl&22V)u7PcQlTkU`JF_+9L;@@3LsA4v3alWVhXaRb%l#GmI#KncdU#LH9TO|vd~{|
zz{xn_eTd~Dr5VNsX=y`x5907OR8OV;6``%bN~Zvf_Aqp(Rm8bd&s@0GJ^fLGICNiq
z$vY;L`z7>y+_JZZ?&b=q#>)x6*W)sjv{cqE1+fd$g{-&cG{Jd6MBR6Q$mL{e>j6^q
ziGCaU>=>#X9L{+sx@Rr@F_v+Qk5zT<7#pu7ATH%pe|yI$7rsR=>|N_2jR`}}iLd_B
zdfoyLc_mDfM3Bi@<r{Ze(EzAyVZYJ6J*zvIwb4;ZPz;w4cP=N%vQTx>$sLlye-Wz;
zD}#bK6ki(W3r@Cu2BasZgvTGbD(lV2u>v=*LH1RgpxbdK2zW>Zyc}VkC=(z6ogCr?
zFqeJbcBnkpe3DkH^$x8=&KCXk7|-;ew;!M^{7OC?+r5Y1Tv+ydC3N~*YB@~yN$`Nu
z+N-VG;mu=08?%YaNgBe`M$bdy{^!6#wDCu0;oIb){<$}|!&5XD6piN!!bN?p>s_Vg
z=FH?@7zw|Ak#hEVvOJ_>b}spafc)5eO1p&hk}}%C(7TvWs?O}qt`^5ahNTGkD$O02
zz|eNy9+`AHJPA9SBB;!3>{0>{D?{uGt_xX32lm|xK%i3bkwrh7Bjmr!yKthBhe0G@
zuNtijX#l>pg9!K<xMg}$N?E_~crqBcaoGN{nhR!q6w1Z<sK>XI^GK}dhb3xga1m>b
zV_nb2OY$vKa&VFc^qfQ$f}k{cfo0d-pJTq^WkGP-w?YmrXkA+nqVR)gc)d0%%)16t
zkwKbuuoW{~iD6-Vn%uxiQWpv|d35L2kL4`+`2K9i(fQKcDGB+^*SLF!c9L*c<f37x
z`>ThTu}ZLF8Ed6qY+7*T7K8lDUm+$uAukm~IO!>Gd;iMRZOs4q;U)H-16*E~wG75;
z@$tct?gy2+#n>oV&%y*v9&%k!d4$r){4?oxBRj_dm6$M76zK5j`j9b2XR7<I%OuzM
zGtUdU4I=LoqqT4%xYH`LnC9BP|Ha*VhqK-Pf8VNAEk&zUEk&17iVmYjjM6G<kJywJ
zMNoUi>Qpt(T5Z*?JyI)1#B3>QkB}fXv0_CK;d<x%p6BoS9ru0R|J~Pd9rv9-9Ocl+
zXT8Vk^?W{_ZSHuSi$@!CyC+l{?TM7&sg|zZnqF6RC4A&2&X%Lc=iK@V#wp#Wf`_n`
z_43;c<*y<y+-VZ6od~S#X8Pd&n(!dOKW|}}x{4x>KKy1ImA4{l^DYaAd}tA*03Jb2
z?ZZd3{vWf<9xf}fLhbW2sIh0prmaqk6xV4ZS9Q`>^mtszyzs$$grJVG=Y#LOON-UT
zm)rgf6Y&NE9(%9Wr&m&fd`5tV_j!@2m7|E*i{v5;32pqe$FC2|obm${b99f-=u=hU
zi%fCfGk*SJ7OffP4cs{su-}%mlF(&gE1(omHOVlL>5*vR!(v%|g@5)DuF7%nnmY-l
z(ip@*l{goYFA#X=`3EY1B^XhLW!`*M`NX+obNI_!Z%r_w{jlI`*xRo=u->Z$2Gt*!
ze-~VB$o_uzC4Ys`?<{KvEnBap%`MPa#%*3pDTCO|!z@r<KB=61x6Z;_JeO}8&$Zf-
z_jTAORaQU=Ds8%zYy+LACmq8)6in9NRdH4b4Dq+@{vwMpyk-zj$D{GI#xngWfjv2K
znYY@QE6a8$xcFT8_<*}itDat0X0*Hwm~@JPcA7Bk^K*OkYF7Kf{JT1$#6aj<@%u}K
zWy=^V&fyg}#gyWWsb==r3v^A62tNCPp8s=s?aoyc5WQNEAcjU&`y0ZAk2(uKzzKci
zAMHIt1eLafJs;|3TPjNZw)!3;U0QBW)!bfWRucVZCS(6POi6p$(yqhBjar?LkDpI_
z9TX(_i|5F?Cfm*!h%_)V!hhW6`ReNX#0%#7nQiawJ4PKvlSa>qzs@}}<9Mx-)dS&E
z(ULr;EF@iFau=&0(-J8A#+7N@-_In+Ah0`-;Q&4uW-v&1J;zoJRxnY5IJh1@G{QKw
zDSRmq14OH<jrW#rrtw%<@hylx-rc<vfMrwf(aAc_5)h-+W2v{o2~Q;q>+y%X{R%e_
zug|a)N&9`Be&M^R0EWqCkv@f;zDWRAV_o=^ersQ#<keH4)9`j!<~yGn`Mm+HH99D3
zYMW1ZE$$x?rI8bnIyo-82%8l?vRrxc=!Y7I>W(g16a~Pbo;AUAb)cLm@q@HFL4&!U
z(SyJx(u#`k_RETWdB`@ozq>hVr9Cnq5!`K=@+;U{=#s&e?dZXH?m{Q6>6RQ6dXIh!
zkt9!*B{TeGRijvB`^5IBlljDLQlaUO+fJs0F+Ho_YL6hZrbx%<hXEwRr2)bXXo@c9
zy}{<|XV8|Ag`kgAWe$<%{NPK$;neB;2t8Sbl{`$r^(;}zz(eZRu)TfhlJ11q-S6Px
zTY2Dj_3yGp%=;ka!2RBLtK{q;4Wm5sUz&I?Okqh6z$aMADr{3`!<fa|y=6BG%f?)<
zAJ*{M93IT&2>2=`Ns=_U5B~HFyJqvOv_vJFOVA}heslA3zWU<~{NPg|lfrgJ$}&p3
z9q*Et3nR&DZc1<UG?$WUKkA)Uz_zex$&66VQbnn6b$hHRO7kbUKB=Ld4U4XP0dgYG
z;Q60O1#CZjgs)?iC{CRdEYWN{kT)%NOK0BS^;@bO8!oXmS6urbj6k|T{IL%?D?Mk^
zq~77}Qm_Z{iK;c-arxd}tL_Ed<Ch%)V9vWfPvTZHF#=;h?!@O{_5SVsSn#Y(<lPIE
z;aI@a8KQO444XghTnB5RkWWPl)S0u;BLG{oKd(1$BO}ni+xDh}Sfnz~&n3yfoI1NC
zw%S%-;<2;4Ifo)*0buU9zEquOcZuf}QZS-+s<`n~z}&^9K~%Jb|H$)VjDHXTf79^l
z@(}tR4T#1PE+vh$8V_0$A-g7g>QFKCYs!d@pojaQ&&!fi@7YIz+7V;GR9lX@YGl8b
ztVj@RDtARRWQgC!VMl>QI(>$NpD~W9YyAk_aGdztY6bjOqa4YOjq#S(LE)Wd4nckP
zbb4o|(OH87h}1xYv63vqnz)sSe&|8u!w$pI2k2h7>~$`j6}pE*+(_(YGPBT4MdJF)
z&rQz4MX6zNb&SDxt69Fyd+ogO#NE2cV=FVXAJ8ln?@7MX95z?L>~Jw-!mH{MTzB>;
zsCr8I9Pz*#Rr6d;zx`05Ra&<xWa^WQ9iY<nvwWi4G9M`=q}uOF>gk0>6*;ggKE1B&
z{N&*c(9j=T{B>)(1wAeL<gGUH7aL#NJjV}&d7iu6L=jshpP0q$PLpkly~Q)`C3@7;
z>DFkUlMES0t!&2%0+Y1LGiIee?Jgk{JeIG-n$^(h0&~b1GKyEC-6D=;5as${xxvWr
z7%bDj#zC(6Q%S5(uXpZ~TE2VoXQ;Lr82(I2s9AeKNvv^wAbOs<PDI_2X+Gy^#1`h$
z8W~ZUvq0kNw&XO<7zh|6W_ngi?brMzhMrNs?=NJZTf&p+jx_?Pol$d((O%9-K4o2E
zulHhDssFo$FjW^pHD%mnViEI&#iDFx$YH*xQ|`Io&tW@YJ>))Of_;R4<jBZ_;F8ki
zv<bYZMje(p*f~3TXKiS>(mbF*rTDNU)&(~Q^$k9s@b{+oeP2CE482nu>APw|CQkcx
znpLHrR5_xW{88xk_wm`30|@kmCBwmU>XLkAw}9q{!vMt06SNef{0W0Nq!S9!BPFSH
z$lkxuBy@&!E^szJaV#M2b?)WByNg~3{EbxYuNMwsX~7zXnu=(#=qTz9C~iij-sfO{
zI(kBPXfK~U4HRLHz-9O4_L=nCf(r=zBR=>}DEE1#`Zww=38^0~5!>I+;STcj%kK6(
zq_~dC607i!4WsWj8T96*El3fT5a_v8;fX9iL=-i_1nK#Of=24M6}~=M6tPX7($PWv
zc!4h%3zU72eW1p)2lHCH!kF`9p=W23*xHpIH~g|KE3qcc=Bm1mZboHP5}R%7S7IXq
zpP`?l=_N4ujtA5Og@N3~^2^=lg+L0^B5$uj^MkHldV;1vc!)BL1Av!y$F(M{KL42S
zUR|&Bm#$9FsBGdX*S4u&G}q`W)g@rY#H|y}&<A7WagS7zI*0H`5GC7Z^2hD2>OM%T
z-lrODra_w?lIm^389;)p10+Q?C4B!(fVOxwM7{g)%%0CPXa#A~1XeT~LG(={I*aIU
zCGP>IVio0Kc-^Z&y-zZic7l)AAIx!MY;RS1u5SQEkHy1~M9aWl?*WF*vsx!oXf-+A
zo+pq@F9;;reSEJoeIk$Ec~P31hZ9nN?$oKoc&N4$15@Uahtvcewq=8?NvbQG0^+u2
zzq_0dOYqEN&YxX*<R4R-G77r<bo@sJ4>&{`Mc<4WwO!X>e=I&$nTa?blWULS6iG};
zlGM09cyO|#QzlD;(gO7c2tSx=M(LrY){<$DA#?3QAbhF`G=2M4CF*agD73Z-o@^sy
zp&L&!wxPJCN?%_=Ms1+NX-Ky%ReE(?EtW|ImNy^2e<q9Mh2eF-s66`l!;`Ba3o~W{
zlS0Y7kdgCXJk_e=&?(ZBC?F>+(3{5I>-JRIzoN|RF}opQSLb3cDcvl;V;#8GzFdsj
z=0Z(`Z5BP;obv|Y$JL0*PeVl>f4GEs%oIrH^|Q%?PzyrK9P~6YEm!5;U7fg-2(Nx$
zzgNduJ^ANAmmzvd`uj4qS(ta#U&O0!_Po@=C<#;P^JO!9$m+Sv^WV10Hddva0Nvsv
z!14{u@ckC2b=)jEFxz>WsgdyCp6hp?SmoO%!;wxA2_<56PQ}&OqNRAK<x_w$np6Md
z&v;2^d_~s6t$HUTVmVujXN+OS6A1-MBnN1aZb!|nZRj++<5-t0`4Z(t*Phs#XQg3l
zr21u}=w$Qy^%e(NO5wet=N%E#t*^{6#b^!B-z=nK7cQ6`B4OC!SFadR@J#sk4@}su
zXPo+^H?+d}bJ?g0`T3OoKYLrNv)ctJY=_f2V150a`LSs*T+-mKg!zH^7_u|s8Kvy@
z42dSgDb+k&m0cR44h`2gON|Vc;BR0o;aTWA{+`SDcGya(Bn<Q`GhadN7<}RsbF2gL
z^5`OMM2aL3#uh=NUA();e12(P9_-&-&h8woPiIpQAC?*I8Skv0j+7e4Sj|((6F`eF
zCg-v`(AcTHi6*85txEm5$-<rW=dKmfGY|DU9e=s`ox=1uUmb}s)*rOX?{sPL6|4NP
zR-supf1G!HMFDrB<t(9o&+#jdA^NQ$tI+is6^JSEBULtVnzT|{ga{&j3vltk30#;e
z_;GUqF;OpgL@Asr?==~J^wn|GoG7Up5)@ZpP*4Aw>z#bPQ42O5lmv~Jj5y75Sfz%6
z2-6&~9Sas05CmSwl#?NfH_$o;!b^dBsN!+v8FqPk+=$8?c6NiX!#!_|9gkSa^yJ%Z
z%*fB~8&%i8yp7cAko0^M$6j8+!i7!4Tllm@O9ux`tzQwX%8gw+&Z6ZGTLX}(Us#HN
zWg(8T{jycB`B6>{v+x@U?FRiRlnf8Rs-+KlrmHHS@s}wU2kVJnUgLR-bouNP1oP$5
zVZYpi#Y-z;n`Tv;XcyqA>a>{`#A_eQ`_B3Y-!ikCuXLE~vY=Kck0UHe(xg?<KOV)j
zrA6{1^dZMba368604*9Wt4OTm(B^PX<ps)f>=EXsjMwr+mp%1Ys~{CMD6}1jDYgLq
zE51@Q+rt}#OO{I>He)rb5_Qv|pV&>s6}mf#8N<>+L0z`Y5i<FgxD3Ac)<^q{j$>dr
zAb%LPHtz6TFgAR1jNj40Y5`yQt=RAg-H$svAyxFYPnl}oygUAW!?r`Um0w$6C-DP)
z0MpOih64KKuQ_3arw1?dLz3sx{rH)79#(cE%B+eL7toWJOFyX@rV9;92bCh*nHkgv
zDVCv543NyNq$lBLCz%*5GhQ=QWCkVeQW5q3mtd~IF)wvX3U;H{y3Uo8KjXV&;%K41
zi^ByvL+>iUpdItyN#|i#t0>OH$|;n8TUg@^XJ_5ti1-9bWoLNm^P`HdhZuxkpX@fP
zTA?10SBhJy6tWLREjV_CSrZe$4(Ih;b~Jgoi&g$h{a8<1WjFGDigN^?ydvv|WMjb5
zl?RBt*v>{a`DgZ0utooeH*NRO!&(4YRO3w=gu3d89>(c&nIgu~u+Cs7=b^$ct3S85
zWmn5vBD>$)y9i{)l7ta8eUZJzYzh8no%KUzl}YK#eI%o$o{~(Qi=mJ&@V>)<R5(2O
zl8=W#i_Fd1#ry&qTEGo`^iib$80p4BPf2Y2t?H+Ui#)lDS7>f(?6OIj^U{<V>g=IP
z-22{nBo0u3J)A+Cu4MZQ47B}zfd1Ul!Cy@Ma#$pKw8G*I6Jt$8Vz=DAKNiP~+7vCG
zt%DYjGqiQc1hPIj$7KfPJl{WJc~VS+qOsZYrU?K;C4-I_yO$O1*#JjdjD?Sdtk1{5
zO%ev!#2-NK9)6i@wjiKK`$|2XZ&}p*<P8pdj|RZTlCy^!lGY6km!idZT9x0*xc~`h
z32F^N>RlhrhM7rObid2vQt31`Q9iP;nR$h-sSk#$eT-CK)^Gv4e>y?qTxL4vAnM>y
z;chqUN2;0o%MPO<;y9&nsCT558&i+(H2daSBnGq1vaM$W9)4tG@FCociVq%I{4_Kt
ze2f4QdWtWml2-A$Bs+r!_f+_HIQ52_t2s)AReC38nE38PN$~W6_fo+kL%hx5koPLK
z^XoT1Bh$l{{2YRfMO-*qAyB_3So5@auQyOtdO+V=Lh=XY&0twCM3y&%i_3vteF!Zo
zz>gehp-MtGLap#$OYoYN-b=vO?`soPpTpeuS4pgEWB~&Ipsq>zZqVUaU$xV6<u4`C
z@CQp)r3P)ob@hLW>*i|crO#m8_XFd;`;D#(46^_g880FupP4Ics%n^MlpH9uW-002
zhs!5rF_i9m!uTjfxf}hsUkQ1W%${-!m18D=%mLc$I2w$)_HM<Ry+|NsI{Nv#<58@4
zMJV<`y@!{%P(yC|t+;ROhCuMAlFaJaCCnA36S{qy0Y>#h<R4WzTkRFKvvw`ICgmD%
zcSI&zvG{O2>T(*Fn`Fpiw&{0S?&-CV>e(#_!%>O#c>am`??1Y$`=nd@$coV^Xmk4`
zhIe%sE>gKOCXZ!o!7)PKqCrnqu&el1KacqvR4sj!P!;GZs{}0fs*d4XBDryCKv0!R
zrZvA-_wiN%y*>AYQ26g{UsiWBvi%~?uVTY$x3Nn|(QTr8w<UU%tY_(fVw0XZO{RMH
zwF%gxLYV0qvZr3nPSWMjKbyRReF*VsZhS;~4LvO}8i6H$&=xpzSw^8(Tm%|_GVrq2
z{2RbA=`gZ0Kk^gI;4LDuh7DTXFD$tfEH<~xN7I$x*>UeRFy6BAon#<Gw^CGW5fNd(
z^N+>k3i!#u;`uaf>q+O9odNwDshGXGL@uEJ<*ykRMgW41NTNMHN=O(nk+Xo{b@IR8
zI|2C6CC@t&7@|vOvO5i`mF8ao=@Tqn(hnGBNB5hXV4st`+F62~^L_?tDFuSh%_3Dr
zy<iEg$ij-7B+b9e*LmS5GbHCVV;Hc@WEixItxS5bWz4A=5fpV+_ij{Oz`(kMfc%T;
z*+eVW>}M;%{Fipf^K%|^__M`*Kyf}VJv#odk49_S#kF%B*5Ez_AA+rdLI;LQ#iTAB
z7$ZH$KK-gkm{m<+y#6*_StrY?4po<Seeqf?^l(VlplmL#RZCWqq>5$f2xg}#Prd~Q
zMR;|7O+mW=;wep_&xBFsgMTl?y{-gWMHJ>qsyuuQ(DKft2L0lI7E-1n#74!@Rw+O$
z<4hdvRNy=xl)Nes>wxBxbgo(jWmY!JzmkU}_OU7*S~qHL!SJ<yo1+^|OBdkD33)FZ
z87p*$0kCCyF4iHrA66iU7Bl2ld5BY~RDl)m?!qFAft*LfbKKt|1NmDs>COB_m*|D{
zoFuFf>{7z241WgZhJW&Ssx#jWf3$1In!f`&LtLa+atFrZ8f@%)(1sMovVMhn`k5Z8
z;5g*Z_svF=RB(CE-(enBs&r_oES-kC?wq$sag{v`EQe=ytGf1*m@2(8=9x8u5Rh~I
zhc?2?Kj%0PK_!d4lcatx;ig#^<Zm=YLxOWJXicdn<vZ^r2`TM3Uf?bhYMFbz#H#4O
z^~HC&MAf3=nBggBOdXn%0?Nrr0;HctY%k+s(C+!LG~TxSKWX(0CSOOPOgh?x+K;nr
zfXq(@vk@09c!KsC)}xW(i|h7;WQn65=In}qHL^05Afg7$9M<;|bDd@B&Po0o?htZy
zYJPW<25|T8lAbrl<B0F0bAXjkQhV_!9x&Xc>S|lQFos0F`42IHjxO!QFz}D83}P%R
z$>V&k$tceX8u-r_(2$*7;^=w+Q$2A23ZRtq+<=kOXXrfG&S7$N>(^}~zP~@6bO-T1
z+)N1EG_+St%D!bl+SR}R{m&PW4)Nc={r{+i_?%gV`>&dbx+1egFKDnA@J49vBmGH^
z!X}RPWVyc&(5$rnV82;CPVnik2+n9cu-VVKOdVd8{qLvdx8c=>V5gy)`M>>=!=C`r
zMwtD`M#w*&&+h`jrs+-t-a1SF*SkJs=8QQJ!}yP1_A+D_z5T;*jq|^q)Ms@6UjDy-
z`2TXY$A9}n|66EP|9SuaMX1RCKmPE!r?f;6BM~!f0pdXHv&}Z3nwn1cYj;SB2n5N4
z9qXy=|9POl4U)XBHh^2F&<P_dDwsdvaF^-xqL)AXGh38aik$Rky>fnBRP7opG0FNa
z=zv^WEX(bFb~T*+>Q;48(7<2ZqwH|Lm=k~BU9@)%5oxnaKC#v*g&!Uet1ll@PecNG
zBdAdVDeLHjrME_+XvMFHU^ZS3cpLJXSlo%*!Q=ZAXCwt^fPLLeJdM*L{P|NE4QQLf
zD>G0GKGx??(!6lz_nIji5BG<*H#%0n*=b589sAF4K>MR<X|SPiy41k^5(($w-(Mx1
z?9K{k-HJ)s0J69}EeFrVyj9A7eL}inb{I08PKX2=Dyg^<uSMg*eATLUy8P3p=UVlG
z7xM&Qe*kPJ+13fwH@SGTkbQDdVjuW;umA#4MVKt5)OiL~&G?qTD-p9l=+{=Lu0Qaq
z+pn^!OXU@5CZ=KnGoN=g^Z(I@z01J}1O&$oWhznqw*iOMga}p`OPS9{GM6&VJSnl^
zE|o65Ffuz@vgQ(6YClkG>8s;~_iIZ{9c_eNm4O!1Az&Iwa#K*n2>0%1P(*5A;jg2U
zau@ak&30Ba%K7?CfMciEn}oYyk+>j7^0gfSc9lZ&5qG5ZWEjhkltAyaE?I(wc7l)w
z;l<I{Wn1ya8S^;8H;rqMUZ>mP#S9HJCeZdkthOn-MgUl7ooG{lPMkA1Khv%C!~-Ls
zVWSa^WHU@FSp4ZI?2C!!eOS`zgPmAy3&I-E>7dvNVv&I(XiVaHB983MsWQ+u&5>xe
z8WvtRT4kB}I&`6}IE(<P@u@rl5dKy<AygipQ5Px&Zx4EQlJXWxWR*r-PD)@?5y~oI
z$Z2`_&icfQ{FOC<87BWd!t^-2ds|Sy1ub<ZJ`Upq_7FB>0b6cF-4WmTXikwzRkDi<
zWM76KcOY2Q{r*h%NE+jD`vBJr7^XJvV{d^^>W)*zAK-HvhY%}QW{1U#5W$_ZCGhDN
zypvvr-0!zj>rbR9u0G_nwAM5fmH+&1sI7yrYY_MOPT<bH_1OYQMUi83q80B&yujCD
z(kaGxc)-r{#R||^h$b!h_!MiG!qXH2FD)1$T+kC7-0IsYToR5|+rKsF<iuKSmHNGJ
zsy$A%f~WLnQO`hl0l?+$gbD3(d~u%p^JOS^^5zT11h83lqM5g3@a_@G?i*^W5T@gn
z0i6<n6qh;-Zsjm2{cjZ-h?Ip3xKaVF8(3d8Y4-mQpE~aX)Ab`3hO~yFFbvbS1PuG<
zoSfMEaa8kLR<9!_krJyn7m5`FGp?M#R=D!9Wl%8at*MBi{6YS80;mhCn-<p&bjjMA
zCD0!-JrYX4tUIOnS%@o_D-4NegjD<i**8^`>a5up)uwer&EQ}@Q-?F7vz={=l;^uF
zO3_liNGIN}iS(;qD|5((g~q*On1gQ$u5}uvYb%0YAe95My?FvrkbuwDG&8H+@kxRN
zAVDw-)<D?8-$xegXID!cz64cELsCDmtCh>)x9e`9hahqmn?rZYZ)tC`MUNmbjtY*!
zj`eeI73@%6OT1Ru-#j<kMtI*5AbolLnj@B(wz}aGVBeRp^!jy}Jg<kwQh^Fnb=7kX
zvXq64d<D_7*59#yt%Mdea(PqGL1B@E0e3?XbN2Ub5D7p7(%8a8QGY-hk@NDtM@dq#
zb=oJoxKnOssq#p`8j|8soV#fmD2(%8Dte^~-bAst+~fwm!wEVDZi(w5Iqh`4icXe0
z<39la40|~w|LKVgB~yklAK*5h&`qFj<GV>njEvt`XsP>bctRH0kr$Y*n6s}V0R^{a
zMJvuahBG`YJ;jv>lp$611oiS2`5j)D%-d)!HO|FkUM>0)8j{ftZ{7n3GRDwlE&PZs
z?PMh&;1j#B!Ho*ulx$%g1u(8!tJ@qHw`+3e$k@fM6W80spMHHemv#N)=neXFTkD@$
z70Tbaa7ikwotR|eB=pToim6=y2LlGjd-h#!ZKDL8zJ^z9tjIIn5P)K&0rx8a%rLB-
z&hH0UaQH+WEL@8o23(@-!aqOwcQ>OImVs=|)9}RLO&bp+NZCsC1!WPUaVsm&a-`HF
z#_n@0d!q+HuwG36i~^j=F=@IqWo>cIq9X|Oi9^vg_p*Q+_R1cN$srj}%bpz5iMhk&
zVA!LrG_3;J_OJy}1;tX;e6nC~+;B&T>qHkbLq=@dO}D}oquWsQPDRx2#R!X)Y-@Pw
zr$zbSN&4<#xs^e_g<eIe^RM=qJ_<0KQ&MJ`x^845dw+!<CoTO-%uEVv6dED!emEv?
zeW|E4rhhZ<JNB*Ti_~2&=!?D4;~DV{Y2J^$E<N0xmKzBWx9DE-s@9EZwXHEQY+_SN
zo4Lr+7L!P%v#L;{D7LyN8T<{6(kTbTsCE|BL>GyWZh6Wd%fQJu6Mu~WBDyR1_M7Hj
zVCk3#5iNRo0dly%S>jQFc%}Nd707y@whl@Uv2?EezQ%@YdJ_?5k91~(?4$uh28JO^
zLd7PiH~{9j_lLCHJI3<s<)&uxGPqN{+V~#+0(`AP!ifDy^}Ki)#U_<7Qf62E^Gz<T
zN+9}T3_BhWT#F*qWz#0Rhi!I=Cnf^!3ilL*AlT9tvnMjM3v3jFb|-AMvP<@)?DEzO
zLfy1&51hutuZOZV%-#5G5mO%Q*%UNZff)t^X)8{1>3n?Gg;i;WN{$A$Xji_v-BOC_
zBYa(D>(O6KJMUTp{t$MXGGcvJgx8n$f%v$Lzv{cN?(+|t{9yR231`fUV&uQFwLI9t
zA2XBX^LiYiPLE~GcpXw~fpQ+=G^X8y-zC?}x<{)`WISDN`)>&Xo5^9=O*^Q$Up$Zh
z@KYpU^wFZO9Dot(qMYq^_r~lts4QMTb@gfqu;to0Sv_m}E@^_2L`FxrWt}SGi>IxO
zV{S^KR6^FL@jgeC8I}Uq2JnHGr4*jGdGs%#)2^EuX+e-@btlY}UNW>YvR;T;Qbf{E
zwY?RK@f=d4sHR*zaPE5@{w?7eVVRL%Z6-Sqe!r(+WzBXbKpJ8dQ|>yj^gSS&cm4I7
z+V&1Ndg%&8_R_9fMZ_p8M+|=Y&L6%2>E1gSuu9Q<4%x(JT5akyMSlv7Gmdi!*P$J7
z5~tx2->Ei%KGxE`cCT?7dyD387!?6)_)3{p9!|OT4KPMw0sDzZ?r-3S_4G&~`;l|6
z4b*lQe$b`RS99?yavaT2YBf;$<92(XTUiO)w0dThpQ}r88n02F=%dwW%rGKRhYHIk
z#Cb)tLfo8_Wz-6UX2gr@9fEq@cO6w%Vt*KP{N=f=Ok4V_Y_%~G`bsiw1x>C#(CX%V
z{Y;I+ae9=MWdb85#lNm!ftX9T)dNpN#`g%7R)c&M7B#Z(z@02xr-3B|qkgHz{P1RA
z_#x=4bYKqpOTnS`ul<c+kyKb*mvx`fSZ@g0oD-qNfPnxKh3?eUl|a}bmF>qTevRYN
zr2sa~J5mh&lYFl==nyjheGUNiMhy8kIoP!2^FrYYaQ`*u1W(J&_71VuRE(zW57nDT
z9?WZqd`;yHwursQg}S={ND~UahFu0za1h5dwD-x#+q3BFYBtSE<KE2ng_Gyg9l1-^
zGRjpi%*nuRY)e{9xqvTj<>Rvf=051!2a-W`mutOC-Q5Ymm$1i}dsN_3<k11JA0mD)
z6nI>LExlX-F!PG5rrc#`XJV&_u%RvIfQeA0Z9v34hUm)h>Xji#OirHv1;zJ^h{Z3L
z-xASZD)JkUpSvKn+`wt|<fP?a_Y7-3gA6&Givr)+fT&|Ce*`BZ;?LB(n2)UUf|HZd
zXIbuiPPH{!%EQR*{l4bi`-ZcMnonLr@G6j(%YaNRKeG1<x0k|xH8?Yw$~M_D@)C#9
z3VXjn_5E{Ek*5`|*zZQcgVVfPdQuRh!LXC5L5orPE3%qUTrDu8t0@G?q&$)%f2)9b
znCx$+OF9IN`wbCSQKMuUcjs=mUHplOG9riZDaNnOT&XWxjyFDK0O3Yg;dByQ3!9q@
z7~-n4fd1ao6qmM!(Vmk!RdLk`nP-oXoLR~F+T}blZN5|Mt)Q*>stN$v)umsDvK>=>
zH3o(>AAUd)ASSFFYeDFvwpXSbCsoefW@X%waIMJH8gJGUQI)E`@7*NaOT7(PFh2B|
zEB)Sku{X34gW-R%xjCi2NhP=H_Jfwt%eel{H;v@qY>dPTR&2s(pA6VqfF|9}{k}l2
zPn<5OAJ0|_`~)X|Du~Hf@v;sGnBw;@Mav*P?_Arv*gx$V1?dLKBN=K}O^ItI_W`nm
z?AQM{XguUk#^#rK+xdiyz5~rJXB#t^;V4AQZoGCmyytmG{Mf{|-qa;OChLQB)vn}I
z>WQK&L(TfX086io@qY0B<U8m2TfLYa>#`h=A3)VF=No6ZvEL~*{$sNX(i$nP;4!y{
z5jt@nEGYp%(8D}TMJuZ}*la5av<dB&uvujw&8^eWut$?DQAC8nm%;6S($ZpQsMx~R
zwe}8H6jffK@pcCgkH<V=7+R~2&RNEA%kCFeWeIV)0BQfLJ-&GCy26T-<G_;WME(S2
zKK911E(r`{TQCSENxbYf$uN)FoNxM`w!_Hxu~Ngd!n0$m5f4y;Sb*VifLgwM0|Z+y
zq(nFvlHRexv5}dG6;{T-2Ei?QUgRt4`K-Oe$9>+ijzqCaps#NIngT~cHhwpYwlzcP
zdaWQvQ|eE73rt%;fAskZ*211xCo5`ZMyM<H6Ff3UYgCdSYSGX`(eiumHRyX@=EDUX
zlTsi7!z-2Ku?d-&DB+6q;=?Cj?(!e(>ToZ}Dq}`yyd2sTcDc;iD4b6IL|)27+s;H?
z(99lR9g~dkX~I2Ucn^kA$8gWAAAY_<E5Q(J*{JheXi0j^VBGvjZ&)__%v56LSvt*r
z<E5u<Nae<7hn7W%_SGDH7t2t~`pC&U>m*D5E3faRaQuL_1r{j_nc6e#RImiW&*@;w
zbDwpr8=gMb1HXR4`5n0#YNZ)r<=iW0V2KygmO>kyJUN;6a>q{u0VT?hAo+9VnZFKo
zM%xoBH7PHL?=_c^c-0aW><s-HUEj?W#QuKPcB%~vZM*W7*F~Ye?w~9qX~<`yL8(!A
zsAFk8cYEkgw#u=?pvrH<;w+TElBl|Qdi+w?mBf3mk2*Es_e&7W$9ipF_8fhsf8#c7
z`WW6{kRyO8(7o{oExAy%YT|(~RCIpxheP+llo>}Q7-Siu+4a*jr^n}2=3()|hOE5L
zzsOTjzNZa?>%Y|m8PjX4kq;!8>}X>4)jGiv#goS~FoG9~6w}%0Z)BuR(LknvjH-5<
zzXV`md&Ywm{JiRPGarpGcPpeKF1xunoOl~RtQH_30eQK%g+DjyG^k4n1x&t~hjo3E
zZj2)_)lk`c1BnEm%FgKPA?L0$gn|JeMdS>~lPX|8tEbyQ4Hw|`!Tb)?ft(SU-mZhM
zP>5yFqQ}r6oO$Xy6tSkCw4+^-@<xs4RGjfAp!0^OY+=6%y%!`Xsa<LleEEPf(tl99
z8HI~orBTYBA#Dnbir=Tk@17N>4r(f_QZ+B;Ja13%=+3kjRP+O@nREU<f9JmH{5UUS
zZq2VA=QiC$NeXL{zx_==#8;yt4<ReKdkEIBZv5q0Ao|kVsdBaWod<w2P7N-LKN$`Q
zJzB>9xM0J)N(IF}o~hQYewVddHEtobOS*pCW6%&fqR^3uY6bM&3VFCo8ISj9Z#=So
zcP?qU?Bv-|k8uD6we=bEs^rd4JhJSKvEXLA?z24H)>S`2?}N7rUgPhM4+-iJNiNzh
zX|1s}Y%a-TPhtzh6q<Cb)=^x9D>l1|JNLE-XeDW~N0)Rfwj4c5<Htfplpu(~f>C`v
zQb_14XJAif&7OI}!yA`N<j1nH!;^FMA4ji3oa?D%pQTK?(oaORzSfHc8FuiK?bVkV
zekwN`Yt5E-bWpPuRFy#{yY8<r(junpXb0cIcAntPEYRD=0<GJaZEs*VgjfsqG@eoD
zZ-TdruhWs#$pdz@=u8@Tpfc4e0xnuEKiN?2dKBNL$m1&GS#>Aqn^C^`h>TZF8~@DG
zy`qq9SjqG+M&jVpnS`!n7=Sguj6TbwjTP(dy1grHSHY{TK#F7GDi8X6gr8box25Ma
zw0z0u&!WWQUxzf#`lv@&B(VUL&Ii;k=V169i4JBj0LF4PS!7p*CqcA+iizy{L4}OY
zwT-r{Y-W`m2J{EVO7E3VA|?;IExbsBs|O3cnS}wBE~|A8sleUa3Ky+ll{wz}(XSt_
zO4tPT=a3A3P!5$W_&0CDFFh?WENJnLFw>}ow+T1r6JaI*ndJijO|Z_do|x!MbH`^q
zj9AX$EAw|O7_Dc!-W`c<AzvP{N<Ee~UtnOtHxNJ^^O-)PQC(~iAiKIVJ@)W>5fa;;
zZz$WxC1t5_3oC^Wvh|pM&iCj}p$ppI1rR_=-l5jYfqQ&}guzc>2lUennlCz^!j5mR
zAS$VB_b=DUcP3SyNa@UYxehJ<Bb1r)aVWSUBov^==U21+7BkF(a74gI^9c=LFs0U=
zt*`=)C>Gx5yM!D*3!5iOl*xA^fWJ)&zizs%DK++tk=Hj3cO1^z1<3s@pH4T$6=rtF
zXw&x~Jr{a<^9}N*=F+$CPrg1|*r+B@J^!$A)l+?3bvCDyWO6}DG=SlKmqiVh18ROz
z!A>F?P9DR+8F#LSgvI5eQ6S&1s3=NqLlCvz!YZoP2q402dfVgBre+`@s7Ut4wsp>b
zwv8&eq1kmRrStCL{I2Na19n4YL0y|AU+y>&vmxL@e|;T1;UT9U{!`)q?HhYTv-E&G
zHcxNMRGWuc2~BUHWYc)@1;!;dYrlc~0v}{Hvnrfh=k|2y!Z=e?qKJOW7&L8b{_+mu
zJDv7P2K8H~8IIW>-o}lQYdq`taWOAySa|mp*9xl@iKSU4YA3>J7B<fJr$E5KH^V$V
z3E#Nq>z^X^qs-CEpr>>Qo`Rz`(bS$-8GVQO`!OG*PV(OalfTPzo0Y-|AEolt78I0i
z3u75DNZP2I`p{8i(qAT(tNvp-T4D4q^VjwP3SFJx3H0Fs<FV*choorfz0VW9Z^gfl
z|GBu-O2F)k!r*F1@B4ELrrTi2%ZRv5xrT%UAA)tNAY>O}7kuDX*9nq|#}a8dXi+Re
zC!KFO=C}nw5xUK+_pO`L8QH>%%--~nW48MN?&FdiHYWe%>$9BY-K>Rf)@u&R0n55K
z%rZjrpOrg|kFsQ~1GX@SdLND7`+@bJs=neQeK*bNXOxYRoD}b`!W>q^p-K!HK1?8=
z?-%K`yd(8Ay}I$v`n$sMNx&6f&dzJy>s9586<H_>$+5iWG_*%o#Lg6Fe3>b~D>aew
za$cWd-7rW&J!`rnL6}<(yM-L_Hp5AJZ<Z4|err8y9L@(lJvmdvWh@aztSjrlAuDd!
ziz6)|0X2F=pcRap_T6WAvHES9gO^6B-?@GADJ~~Bro@w=XI6WkbYWYUM)|GRFAuo7
z3-d7SKS6#i7CaHU-rd|XRp8+}+nx}?hB%#l<*a(#Z!Srt@^O&y&B8lt1*$fMU}6Jw
zmc3hYlw~*6cSDWDj~hT?gHoa8i9h3IKO%W0l3UVoi~B_+$A5BcHXcnA-?dH#Q7bTo
zT_qLMkO=MpL?X;Qcnl*B$tjt64n|v#U^KW<V6S-RdKC#^T5$$S#*1?8U&4APH};rT
zol?N#T@+B5(#gRp*CS+@zs%bKluZ^lxA>HmW@(1Ya0c#J{}M5a((AtEySlfBqHV2W
z;$HVvXxM|M=grlU_FnQz04g$QT9ZcRUhZvuTSZWO+7rW8>A7kH_AjueXD1AKtJmKy
z!3J_MV{13T(fq#kZvgv@B6_Wv9~lh5P86`=29Ry>^Zvf(o62mmf57UN2Yk{`bWyoR
zBEHW=s}4c%7p`!`<au8_UE0f$znkO6c3t0|-n0Mnp6yJU7USZP6_|d;>y^5IZLgmD
zJFz)|e{FcreX(aijK_RBn<0L1;974_6ahI{Bk$OTFU{sq&l%ImQB!JySRb@Mx#SUz
zdZpJh9r?WVcj*DByq-QrtCOw59&estj5S=J0{LYcRn$o{7ukjx@@EmW**5tA0L8XJ
zvEX>LWE2Rpg;XW->rTZue0^KA=C1$nx<&rJ8{v84$mbH*5fGI0EVBE4GjhZZUUACs
zitqXxPV)ye-0|Iil0E3?q<cP7Ch2O`H?&jbA->Ow<qli<;OFGp^;X_Hp6mz}$ix`2
zlD464hhRdVvW=w73ilvF>T^|z7<?cM1hl(FXSOloTITZ7JceI)-<WZ7UIQjq-&bkb
z?Rcj@FI}TSi_?1aVAK@l-FZXIBqeoQ-(BVYooDlUS)~kp@q%lh%YH1nukyx_X!Q!3
zho|dl`%D|sZL(=X_dGu`5ahr&X0qH=<S8~zFFmvh+<jgb@Cgwa*VIkCgCfgQo|$PI
z4(x#Ob)!7R2~*tBe<!!(usK{g{}wn++)-48X$sL|@PupXa82S(v-`@<4!IvQ0hA1c
zKf$yiR8OR&p1Zbq32hKaQuv>PfcB&c<UJKOiXxiKwi|{)lTe5k{#|4{BQ`uuj7ENl
zc6fKn?+=JHT%v!&7kGOdXhQ}kMhfp90?oLjZ(N;_VZqOU4`L=Y11(^d9b+SJK@pR$
z*t*o2di-kvk$(M7Z~WuaTJk-okAQ-)yqS(3I+#enbTj0^WAvv>oj!+xP5LL;g*PgX
zqIsWpv+}LdkNF>h#?r@5;;L^`*rfpHWOD&}XVi-1h<}^#$b(RV=9g1CF)KNk`rQ`p
z;<0lBL4Y*A^5toBn0;)-_S~WMzAvCr8iBDCgaQ~Nsp($JoH%=#Adbt>)5fiv6e60l
z)<zjC)p|)^77Y9iR5C7BTW*rRO}?ji+8TtUZ1=ok!={35U$&p4Hc5v~fAIAi<}!AZ
z>-DfY8g6j9yWf7A22oieU{qHSj@-Ro18b)zyQ7Deib`zHZqI2yZ1%n6v%lV$SqKlt
zB>U8;Uo{ODIRquua**A1?O-Gx=m0A~|BK%@E*LOc6Ck9SSjpgneP4zXA_0C2WkT4w
zrVCuO7C_SZaPXD(k`@HfFT!~|q8`O`J0teVFC?4{Dx-L0hQV%<kS!cCQaZ?A?BnW^
zx6uHYPE{19Tv5x~;lD4)WfFh{d6Q>pLFK_5xrSGj3?jKCO5^vS6W~Efscgwfof|^$
z>8jFNVrCI@^CQAy_1|nKEQoyK4rx4Qlndko4KY}95wy%74T4%;6d#QMx|Fh`4;mds
za<qw-E*DLq^~v03mN@OkK_*7K6%B1ArwX&8uM#vN>q@=2e>I=?&g4kg6qCP`iKz?d
zh?pzN2{1(g|D_$UIMMgY1UVTfv}?&t`hoxuhqWi}pu|va>xj@kZd~D*1!nJ%<bkxh
zr05~S&UAE{hMASk*&9!ORQzSR1J?RKl-Z=ked8XYXSHQX2IO(2ql`5#z=G3j)WWy-
zq3Ffd%_S3rr3Klt;*ep!a@d*&tkj{xRzcJru8d>h*w#xc<2hcMty;1x&x*_{yNr@;
z`@V;JuS$20?m6wQ;3_>%(pv&bsVyZpoKk#K5L9}jDTOH`GpA(16uu5~#m$vEcMQo#
z8a)NqsbMbqA8|s6c&<=`NHXdf^X*43mRFKMS_<&F4_K?O3cj~2vH3O8>))Gl5MSVY
zVGT+j%6>BA+y(T(TW*kuBG!Ihr>g)=6P-p=@=y8$ww9mA3nTcZE?YR_J-THPibExr
z!5|BCW_EpdHYCs*%f9Vu|25au>bmXL&UFGO;t(Sy)6+Z^>?j&Df2yz4mXQb^Ny(tW
z(ik@i$do~SlIt4*fAaTeR0`wHuN7f82_qmUY4pzL<()1T!}Gl|-}ma)23DoK7Zwug
zOKu)Xhv7Ob_`y1w?%DZ&^#OgJ6QPXQe&u&2(J7E3kV(6KIm_Q%*kKoxi)k9djY|go
zlqfl&fEaOI?O+k@W`@^>2;FNhOkOfvaIIQ@6tF!qKkCox)^G&iBiopnOfCCrD#kE}
z2bVPVQUlxDws+2I*H|9PTj!HrzzJEBa*~IDDm9k}Ei0($**V31+d6G2y^tg%w1Ev$
zcLDlMRG}sgxjsI*R{%;GUA}9kNOm2dJG)}W|9-SDum<dCj<W^bHlsMEtl+F%qva)k
z0>0@?c2-9E&DE-DEpC97DaO=oqjRPwb2Fn#flr|e<V|_wKw7~o`yu8^wH>rBSf)u3
z0bgUJA@o&Y5cT+o|NN4)CTjnKa3RRVXdJi&YS-m7XpWZrZd{<iF@p~k^FQq0qHJYq
zSh2h?jK{T<$|P69w;x3t1*R3(EV%QEno<QsP#}Qbg-_^Z&g}%y)eX@^(8BVjNQix7
z%e{i6mX8}!k=G2fZ}Df)Mg%(Ja<@?7mqlqs^*7%WUZwh-40AbI^`8hoMSp+;5B+zS
z^Y?H6pW|W2h{&9=1`KN&%erjrhIYy&IVX^jbXW$u1j9g>5O#Bf3LfjBovr@SC6MK9
zR^j{t2ppKRpXCtzEtg_n1afC#k)F6-W@6%Kc`_jFIQW@y;k71h;U4ni<wUPjuN4q}
z>5^-$7B11vB5L`>A8y=pKZ#P<znfsRqfc|=_<vH{=p(-c1nKWmqi2VzaQ)jOTYimk
z-+17|b&~no!Z`Rmh!kJC8B&2ipp1O6PnqQvKJ5z%4#tRacp;cvMU5q1PN^&n6`??f
z#(P!5Fa0vM;mA>EMQ1<Ma;e7ciiMh>K5_2baN2~l!Y2EB6=5O)uu!i07q=R$g{|sp
zQGD6dHIQCuO6G-3QLe^^VZ|N}){~QAhj6ME_)j>Cjga{J>4s~9fE^7i^0u@)mIsp&
zvJA+?zq({7%Yl42v3fc8Od@kpa4L}8zv#DHhqXs6_$Vs%-jVU?GDm?EZQb4?WxMBt
z1bem#U4QQ}FDcoXAI+ego3+Q<p~<~RH3Fe9^sb=X5)ugm>NBGZm6O7jwZ8jCg~oS$
z&K`1(aFG6y6rJM$dZC6Mx+_e2mFRtU%FJ~1tDAx+7>#nRRSgR4`m;4zvI}!~TkhF+
z(kOY1`Z_Uj@9$VQP-*y@GKN1K<*qLeb}xQ;OlxBO=jBXzeC)AxBM`mK=S%Hwc2Ca^
zG%GXgxGyb=a0h)W+}c|nDYGEFgm8+M745$1c<vMwR2ObZd~q=OoM2?2;eshJ>$c?G
z-8hcB9kfsJUQ=Q;>*SK4(YRNFaGn}Si(X{xLeLuJPo<MD&sN>D4&BpeV3ruO(k8+%
zt2I023;v5Qb?<`iu?6l%{?CbBTY)Dlr&G?m2q@Hsr9iVn@3_{z@QNx*-Xhh!!3`2q
zea3@i>r(fFPS%UnXyxs|3+k(P|GeHMF%gwvIjL4Vkb|nteroCd);QX~T8PtMw0323
zcImuj0{(bKL`p~JHYW#Rm9e`rF*p*d4rnq9nZDe+-LA%^-UA1H^Y?1y(2{b|YfgO@
zy#Jn}hPk&YAt&NDMWIOZ+MM#RZvc>6(xzYc<0Y}qesjLFvc$HvYQE{*{Y4DX#R&`O
zvn#D2u<jjSUER-Z5O6cAo?Bp#Ou^aX;m*T7>5XOF?F15&%gv`s-7oxFhw`TBqaPa1
z0&K6O;Ke5Wq`aT?Ll8%xVkkyez#L!wbxpP96){h+3R7o++6n5>1iR>5mWn|9Tho+J
z98IA(gL3)0O0-os=xoXRdiU#77B8p`)K#ZnF2MdGMx!WW)7b^f=(pT7tq$-HU)=Y^
zc>xko@j$IY9oS#Z%Lmtqkfb+{jC-EjvVTOuuyN2b(hlxXX@K2n^?ol}bd*^_oz&ho
zdW^;6WgCCdn1@g(0-jD+wnKJ+&^iz>0J_D)$;se(W)+U%tKKdCk4{(>bb(@y=GA$4
zIJSZ!NI&44UOY@$Pd(D9Onwe@jjIyX)TqCc4rnKP_*=}0(;14N=oP`9;@W2$kTS#p
zA_FyitU`qtK6A`$DP`r-`t?-97{d2hZEy0!Bl$q|P(!GB;S7rShjK5pM^q5xc&2k{
z-?nzY?`&q25}D-A8wPQoySxP>1L0H^E&IwnxY@Ma;SAfUe39)jA1ls=j&Pw<f`Z(<
z!RD04%GgA3c5A&?a5<y(y8hiDiEVMU00Re6P-D~#Mcf*=pfoYi`6q3%3?6XV7u>Oi
z7k+D^9KWV)wm#Y^%ifg&I;pwt)Op^V%ru32`Ppgd5B6i2{8JB~I8mEYUHLh7p7Uqe
z!VhY9*H_MVUXwW&j=Zu@Et6KS;A@JzkU?zFN_P1`Jgc^qTyX46TON-DAHVyqq+!$B
z<=T#}^%*({6pR-;clAa76J`d^o3%&9F9G`8*Og)?A#M$H0d_lOBVper=^TXoBf~U=
z;!|?V0hSxpdbEY`c*~!mLEMVrXT-0Aj?VoLVN77j+EC8c_3)_sQ><1+=5|DTR{_RF
zYm1j5iHr-bw^ny=!|Et`6xn(n@@ItP_@6Hj2&geUCW%x?p#Eh<|4<0)DzjbA=f0Sp
zn(D1dE=zc#6l52dmU+2Cds$5dHd!ybRjvK-Buh9F=uQ~hJSY&|b6Hrn6u@GRKVkS<
zXAN>oS9VuYJ%^`R?IIY#yzqB`9LJ3~SYDra2s13;JyUy+wDIq=NC#Y=fmcJ+eJSky
z+H5>EN;*PP1I!kiy3qy<n#}j^f5WE{veS@;idvAOLFItC!Y|%{+w{sF)9*1a?zBkn
z>!=;i3EkcG%wigUJ6p*@vWyQUXA!BxyAR(CY2!X8S(3sX>Ir3&8b5NlHZ49ZmVCjH
z^u#uv4W1MK6T<#(-|ZyV)hhy%S5zgXfXZ1_X%}F)Ve3=)G8T?c#ow^K0+*;@uec2!
zM&MAaI~#ZX`wMjy>}agWe;t8)QxDx6McV*j2N{>qs<<QlwR$=(<F$V4DWr_?g2i8^
z12+Y8j)joN;TTr=g^AbUoQuB-O4lYg4hTAKx6RMX#jC&s7o}HQ*`Pme*8~C8-<Wmk
zo?>--tZ-X;ZjWTu<OQ2noBZk9x(shrvU&|~+72v8jrIUH!j-=~v0nPWSL`1x<&g$U
zE@UAG?u?c}5wBZauQI6!a51T<aV05-g~&7Ki=JT_rAR)J+HC;^oiC)tu~z<snHzpL
zlD)SmtBI+>$Yk%)Hp5jN_YeouQsRGdWWW)IJb7?c@rbUqBZ#yFo3Mr)diys@p(2rA
z_*iA4d1P-CZR{p}4QpfiiQeD%{oOWQ^%cB&M6y#K!It;~dU3<yi))c8m_9&&c<U4x
z92aMcCj9QFE#OQL{Y#0rESGtmE>6y#`}OjdL>-!*%xU4PgbXP_KL6>_U0v_!TJa^=
z61N3r^cqUW_GUMM)H~r<wHzR`Qgd@=`(7q#U{4+}{zi}%u*qoV)aw(KVnXJYbs)RC
z_-f;ibY)sCUN!2;fwZ9dx%-%x-&eL$HFPQOkz$pe&O&~3HBN{&Z|Ce!TC$FZxnF;S
z(d1lkAqkohlKo=gzb<ab6II#?_(1@GyI-xRpbfWrcQ6b}9gAR{!YsZw+s2<*?j0N<
z!!R{4Z3QGbforC=L?_$<bsk^-?s$(JBjollNqif&2?{UOk`a2d#~BzUKEATdnXPcb
zkBeAsrO*bvkdhRP8v_$7--RtvBeBgjca_asj^$d5@FEg<DIX@k6QevT=@?L<u)mp~
zn|9@1t%WU)klIf<_lz{i6=-b)%W>cRq>pl8^4tC60B>H&UNJf7-q?AWez_{UG8#tw
z#c6e^Ryg8qtxnkM@ysg^*hQ?4fK)(#0qUi55?F+$Eo@RDvF1fUxdpbaw&&$cG}=v1
z^DY6IDHJWZd+pK|bT*<rzTjs8Z6p1k*RxVuBgvR^w9;#-bafHo0&c5tJgs^8cQ?sZ
zsQ$2Il*=aoE1#5d@OfU94~d9e>~HtR`?XrD+v#;r%ftOqie5oSi!s_??T%)5Gx28S
zP@gi6P$deEN5}9Tj{6{~WRh%S=9aTh+fk#b*G7%k8k}3Uh|YvQe(=-fnk5(S-%sB$
zMuQI&)1CpSw<_W6Mzy}{J0SnXX7$E_SgG*hzZpeB|5?Oee1IMrJo;rE;Hdt6{dj)u
zjP<?m<A=aF5}w#H1e^L9P778$->!4)-`@exL1(L-g!q5He|SXs=nTt0@BEle`QMZB
z-VEvdrNVKfkCrymc+P{&of`C&wj2km;N9I*T=#GP9ZF;Eq4ZCIemG<23fZ0MgOFQ3
zhCq4>vS+*-bs5y87-?$XKx<<dowK71QXhW)EWgUaFbi8H!8N>&?eS~yF&gGR{<Am!
z@euURT%8vat*|ax8niTvS9#oDW$j(u#8A7N^9*E3Hrm_KaLo~%hrDu4b2ESLb(hlQ
z!yB_5jQZ}#4pG!F*mPpOR<I2EcUv=~S!j!)_js&jP&Huh-&7L?fAIH(e=4FOBJBcv
z!OoznP-@rtb>wIGS?2FKav_~bb!WMf{qre7w3BrA$Unsv>xgtcJgBQw^O)sC85a4!
zE;yCObmXZJTk+jVZ3yXmq~E4yfrm2;DigTBvtInf7wCSM!8)ZBDAB5cfOtA+IMl6e
z-GR;4s%sxKsoaC9OM$yD>jM=aa>47}PIbL^=O@|cz!BEU`@>7gssw4$=K~-hUfDpx
zfPh$;RRyD3xv(v8cFbig1GoCZf5*$Q)xmFP0XbV<9R5~&Eo-tF!R)H7)h&=g>MO0I
zZsT54q-!k0=QziZDmcE`Xp{;<W5_6o!oKp(bEwhPsoa7p`KVGvMjJA2ObaRzh9bX-
z7*|=pB6X^5`93M{q+OntNB>@9n~!{lbriGo2MjomZU`um4oWT@DeNN%r3Zn9mj&Bo
zG>Ey3XH{7LdDh~~)+)r`7?cm4K^d`{AXF{N6lVEycUJWCLPuo5epMK#k>|6Y^!FsX
z96iqZv0m#4MRv7nY>!;uO_O2;*08g&GrUUm-#A&h8e~G#8n;C8oMlV7fs3Nak1uD1
z#nY6+*c3>6+)JXS%Isvtsfr}Ag7He?ifD+CsY~?g*r?P0T_fy?qx#ohGJES9JSG}l
zftr7XnS}KhS&sQP3YXGXPI?V4sZhEZ%i=$~0VR&HetZPmT)NkWyT3dKzuhUmgC~Kz
zGTG(-$b+q1H8K8<CMm9L^-s{=sc>>h5OuZ7YfU;C`Qcwt@Ck%d&4#<&d2v|cr`KD%
zq*hOvQF&&bXwyTX5+ZGNX{~?lp9ntZGv}NKbm*8y9hW^AC|@OEb7Av-CoLbbaLWuZ
zJd+rz%1J}fuZO?A>;No2W^C(-00KzcG%V1V>Zb`T%gz1rl6|_6w-^orNUPKAOzixu
zuk)bw`Bxk$@E-jRX8^=QrJ9+hBoxfPYfZ!aFNM8UovBiIew`i3Pc%(h@G@Ds(q*iS
z!4u?+JOhU3bka#gL3Sn3-<%ga7_;k6S;+=6mO=Hz@i8sAlH!0{Sl+SgIrI9uci#Z)
zWp`p0X8TQ!)41u|gjujFyF($FuBfhPuV6-h=M}N{27K4gNh(D@YRzDGdV9+67Utwh
z2Dsc@!Von49I#|2th&ksZiF0aohb^A*zDHE(w@hLmIwddj#vM$g4_^mAk36JLFafO
z%pt}obOJb7ML;o^)|rVvUaplg7hh=Zm+_o{{@Mz#IAJ%#S8A4uT~N%9a-N;4q0S7%
z%)kIKlhU75O(@uh=s$SlpYkr2u1Rl&v72$NdF56w(;3Qg8KPix;_T53+ASesMQPZ?
z<%56<IZbF<(CWA9#<-vRCI5rHw~UH%{lbTbPyrQn01-)vp#(%qdX(;vk`_TgN~A*u
z6Nc`V?(T*$20=Qcm5~PNl7{ylP|rEP^?rKS`{lpZ|M_rON0@o;-22+szV>}b#Pcg>
z6{JGXG>UdeY^bM7+mhfA?YS!Y(2m^`xEP<ph_87d>uk+5v8|FSi7jXN&l)fdIIByx
zdEZzN^`ahJpjA6I#kN92!>%uIhAJ)f#gBSbI-%GE+~yJ6GY<X!Mhh`XB}4tTL<7w1
zIm@r=1(}$A-4}eCI|ldM8V9SPurM`M!w<U&Bhp2dswhKG!CKa9`C*5NMY2EeKKHPl
z#|n#IHqW2Mg!hPTEO;qf8_iT+hYQ(|O$Tq7uJkyH77b2I-=ztjU;m_+osJ4K=Vg?z
zMd6iSii9UmN;e0;6`;ETIslP6^V>?&P3|VPiy6=2W!JLqWY6bb3o#O_zSdxwfAn;C
z|6>%J&N4XT`ho3#w5Pnw2Tp^Ak6zJSqp}ky(9=+Uu^`!hHI?+Q_>^e<*OG^ah-$t!
zYCvrvu5;tfbielT?61fjCojvXwqdA#Z=|xG%}qB!nm#2FS*Lau!W8o&L(VUf64Fyq
zZ=ZC#TM=A1K1_X%b%WMV{+Ry&0YD3I8fSawTuR)Fzce+Ib<@q(y@5PJvaL0z*_ocm
zlbxmT#|~g_o>8}G!9|8w&xCafSsu6Wd`eP^yA`TTnRTDuNDf-VYE%R-k^j6f)Z@Iv
zz21<J$R#@>z||a;mRzQy(~?(zfjOj4tb5bq|3xlp14<tX*`y3#lTbvch79gv2NPgp
z><@qidVu_M{`kN0Pt&`KXUIP_gdB>HrgJRPj2otoU*J7zko0hyB@NKLWi(kQQ^g)@
zLANs`<P@f*Da#K-#I$b7v`yzxSE$rGj_B-b?+a?iZs%$SKOLP9ztlTD`|jrW4IpT`
zSDH>#VQ=emRu-&Y^(DLxiRSdg!39Y<a%51B#uuuv<+bcb^34O;gGQG!O`|(YX5YD*
z7;KOHmVlby-KQ5Iyb9V4e@OS+rkV1JSJvbDkHZ~wCV4uC=<eiu8>Yh3alb$>Ztl8m
zf@+FNcxr1rxpdCcGh?4J+A9*U)JS5-IEZyBB^n}=To2ZM^z6~uetH|IPW<r4t7f8a
zJ~<+_?)SFm#yIp;EKtfzBUQoYd`Q&Z-${^7-cl2Oa$&#NU$4>;k!B+Tl!fFm14lM}
znM-HQ#<oU))P45o$$t4e-J+-SZXj<v|J++||K>rxcn~kFJ}UgL((pOutQIKEl?9a^
z|CJWj(*z4;I$B$@yqGgr4DJ*BB_dw*?E*>aBdKP^YHE!KlKmGzW|veE%VP0g{F_tT
zxGPKhUIl%w`cuOq**7h^bx_Mx7O1`4=4++ss<e$GtE6q|aYlkqxjL~=X}W{#GKU40
z(L3B~>)Er2laKIW8YMmxe&|ur$hMMnzs8MLM2pa=p$Jq-t^Mlt=;!nT8=D)>v{6Bv
zWAQFh_Q$BkLYjAN<{MU>ec8+9#8qopIomnRp_eKj&T+jVICUG<WR&Kl>Gm8Ya(tbM
z@%5|E<Fge8AT9f)k^=~yyUT68L_AQ3Bf*~%DVBrAzsZ9o5w?V<d9Qo(>HhB4R<pmY
zF6IT^xidvNTwKj**$qwstXDpuFdWSMN}s%@9wS&>i|D*~Q>2h*$K4hNa?KP#)wsC+
zsMKf*xNl2t6iW~c>0s|-HZgdL87OG0%|q1|JSc;C={2}lL?RC%C)A6v0yvuj7kil&
zxZX{~iyfr9>X66&i`C1jw@8!gmq)CKMCY(|9*`l&|Ig(1P(TE@kwH4p>r<|F5zWce
zLFk14q%yEy4*CDJ)X~&m7JsfUE12)e*OseXhE%6-Jb4d<j>pWC{yh+!*fGciU7-1g
z426UY-xj*^0|*Q%jt=*+cV@k0J^jeZe@!a`l<{46r=x9v9;|Y2YvJ7efBm+_nj)S6
zdxpp;xJ!KTXI>Gwz44zXWcT*%D?flF09$W8>Wzc<_olQze{<XD_g$@{wN4LQwzR82
zCIfAkr(INe+pMi-*1r^}*hk-x8(M(dZOVk4epXxN5_f|tU`jDh*F-4Z%+aRA(=KZi
z9`S|cf}})?xSjcNOOK+RVe6&q?1m+_BP-GMH`%#X$fKG{bp~co`3YlOH~q~@ZbmU-
zf8^IU80lyoMOO&wf#gOci`qv&axNMa8M{{dcl5E8bL`XK*PRC506MPQh4k-ZxF1<B
z4wZmg(3_hm?``whfNZb}xY+9+as^WsregH?_}lZig2dH(;I_-ZkN3++domp87dt6$
z+%*i_{%q&l${C-o4tZ-UrgO*Em0Oh`!m)qs-9bo(vktpobXtn6+MP{MTr=cO$!<73
zmA{{-J@S)~>+$!$%pu4#Ktc(Muh<w&lSW^ryYQD917F2*K~It%{!Ylr8YtM~ZFRii
zYj{>e19vsO`7n*<R^*+|CrahtO=Mxwz#nP>6w|>r1vnk$pXZFfq<3JxYvg_Fyx#rV
z{XFLSxg*?veyyr13qBWtuPTyFRP6lWc)0G;EoT3M7n98KrY?7z#)PwV;PXVj2G&Dx
zDXI5{#pLzdt>$*yx!WTi%|S0OdXQ5R5WFOKNv3+Y<i+A+f$6r`_QgiZ(z-7L5yvZT
zrGguoD5m&W!IgG>q~~rT@?R~pAY#NV$6eWkL?+!5{ii{Y<oOVSZX#TRbH1qOmq@gg
zsTiQdv48V2V2D4{UrCOvp2tZ~)n{WC3-|r^cQQh8bdj+%?`e7MW9I+$3y9KdNpGzQ
zJIsCDcl+^o4w^=x1_y!vY0d@kQ8i-^VNtj~5Uki>;lS?){wb88+Yfhig+a>7+H|57
zsrc`CvJe3u47CdkMB8PZ^F7*(lzfb`Gx_sb@bkJKc=gpeeNj>PG;;vazkXvu1wQ&9
zc@(l{H})Mpu96sZO!%L!zNNcDcYbFn8&cvotuAPv|DOgEKygap$qtAsh;H=w|Fr22
z_?<UOLWOWh4d){dCTwoPPVvMPp1vKPDU06%<-7ua!z}iQ;a@GfEkO^DBG?qs@I2|M
zO3dGE0{EluTa37-gqT(<tw5s7hn7K-k5z7+UW0u44Y8oL{;pZ)vJ+ae|Mi{T?V$uA
zQn=rVNsni~D^VRy&F>_I{JSTz<VeVa&vr6reBT^JwaQKYr=_)^rMF)cp7Y(ogApS>
zZvN+sK~1{ZLA-M)eD(-N+~s*c)gQ(E?-tEt$M4MICWKAIGC%NNAI+u(uVm@owpc4D
zNkOv5{=1tYIAHKXimGk;Hz7T=<_f02@JarVAK)ugX~C}}T-?1|kzGTl0<e=W_O1op
z%=q0+MXJO*up?&Ef3Jg|_vqnQH%8}iOs3n?*Za(s{yiZEpqnNis4w~3rFbJhB?WK~
z{;RcL-$;7j)GGIqA+$zSAwThqh5YY)+JKKg!x0wsCPD~xO8@Jl>C#|A&o4W_+|j~x
zqa**ba<k7NA;X=s;qX~B=;<3H`Tyx@2oVw@NY_1SOo`M`zHasJb)p4K6ET6~h{8d<
z6OX;?M9lwADR^zrDz>j?3K{>~*V|B>XOhL3;+=u@_&XwN6b>MD{pW$7{IW+kUKXru
z5+8Ad(*Mq>AtUZo2t4}Gni2Zg{m;k1PdKnAQz1VJn~`=~7Zvpd?E`Agf`9IQ+QYO#
zVRL$uG{ntE(wk~B^PDed3{&VZiQ<K1ukraJFpVLEjpCszj_DlIqo>vp-gx5*T{FH1
zttCTft4i}Q0sQ&LKEqJI*`f+22waHmvyok+_zTagiHh{U8?k-~4A*B&NzsnL!jp+r
z=0_8Vd$6;rbwjk`u{^pGT}BL{g0v$U5bs*a#(l+mlZCf1NqeG1Q)w;ReN5{erpSZK
zsKmoYgWncnN(>BB2uAtRW%hjqHbD=<?C8Xf>-&@DBwQ$4@lXpi8sa^|al9=yql*%!
zAcO46%iulTF*qGdZ%?q;h}p(AB6gxSz#v=Z*MOE>-_UC|DLp`)1AU~6EFBHHn!{3-
zk-nlv7wnpaf2+hC_1iN&qX1oL8ML(_bQ~K+gAtN<ToZtuElzEzy5C`+>c{_WKwqZO
zQ-#g&AQ<dqKFvlC)a$H93lmK4LY&nhO`xZ66B^#=+wPwAd1Y>>lu3P_;>Pb`YB2-z
zlnpPs%b)88Bk_)_H!nFm*&GP#&F(JKmNQ*$hMk2lN+J#oTV;|SDXgt@G)h=&Z0wV^
zoXg3?{o%rQ`Zenys1#%y+Lv7`XncWW2WG4ghY=}l)oxWl$jgMsRlyWGeLQT$NL9)N
zdB2WWv0?}fyBpoFh~K@^r_&zgO-1g1EM07VOkU7XLt0Rkf$Xr*6Yt{tZ9GESz<zpY
z>+U`GG8P&u`T-5eogdEYq0NlH(_MoiEf~G~vhG6kM1xF>8T4Y?dOWcT8lw86l~zc?
z1jTX7-q`1P#*X(!hQ(n48j}+J;OgPH1EGq?7c{)EkLUOi;`reNJc)s6XqJV9UHZ&v
zhu~tsR{5N95$%-z=$Q#8;*-W3DsdMIoOluKi-<Q+%HP1#4nTpHsAiW>maQN9C@tz)
zI<ZoF<smhn&OQP|<U!VAHiqdG>eZt2vj1lxz`;V;up2V~JC)CVC!Bjt{DM949d|7&
z*S$8_uL=Xrmkq=`CF_y-j7+aM$&BhMlmvN~pCLU(d%(Lau={th^I;_;jPQNch<ha?
zU)H(qP_4ym9C)E0hXMWgm#%mnnR*u8tOnA8ni71WCCezO*)Cq>%irDNWB}XfOf9uV
z;iI<W2>G|%XL2pfH5ZGF6shL;SdOxW&_Sr@Dy$T)IULBF$6ZIzJRMsFi0YlFV{;=)
zB<Z%e1g<D?B@_G6A;q_O0+OHGPhP9xgiL-M>w)ZP1mj<xGY}Pppz=<AeaHfsH~S9_
z%7J!G=*JgSuA3L)po7n;$Y`pP;HVQU-`4lrrU_+v&7OWx`LoOrC;9U0#71=cVbQ^o
zhwPWo!MHmQ=qxoLbkT0YyAAJ-Ka9O<(*E`t9e4Bcc@CaGYXczk7W>9tO-8U3kR4AO
zus%n%g&yO{Hcnv|Q*Dv9ghp*~!jv;yyE7&*kF`mB%o|zBxQ@HfkdPI6qef=3qHh)o
z^cl@#PtwTFRE|n`=GhsW9C`(M9_Aol=#w0}6=EU81bh&00+pf7UqUh$E_=cE@X+Tq
z*yg8?V1T5zi0Y$d!|OL+luP41^=z`qFa@u(s;Xr5NvzSJcM#|2hD?=}>Onsp=Jlos
z$n{9Svu3UM(b+sC8-B^C@=AzaJu325Vh<$2c;#mf?%(yI4=gtg!R8%F&%7eLiB`Es
z9ek?A^pSjT3y8ml6C{IylK=8v!A8z>_u@IZeCr$z9Qe@#uTL+a=Q#vQoITIFh<`vk
z<%GIs6Ka=abKumZJ<;`s+aCyQen1X=LYdjIju=~!EX<Mj(9XvEMs+QGz#<^u|JsjP
zm^+|2*>CV0y`4F82eGh$$yAGXzhH$bPou}x>$iO+Q%dz)SA_Vl;K37fT&H2kcK1QF
zl$D*~Yy`w`@A*$mZZI<Kd}GM!S8}BbQ+_S=$hGGJYm^`2hr;qdXG6mOj$jQEjG$Wm
zpd~*vC;bET%+0<YAoe|L06VgA=CgPGyr91JvjcY4+cSmmRZ13DB~xhcBfBevQ6uVy
zTGz-REjPxLpWB%uN{y3#j^;{V{yi_xE+8RpsTQAXnoySHBtFbyB*!GTxm9IT6}&)`
z)?mL1>fhpfP(Pk1C#%95B)_8XBbnE(Zy=zt8!wPJbhHuQZx2b+Gx;1O?NkkSMD>y^
z3baeFC0*|`LLyc=tC;BaYm^UD`2-5Df2SwI{G^n}x=9)G&al<?sz11C3JQ+%ku}a@
zXm?s%!2r*3My^XakmL9h`UQ>8=VN@O1VY4qqWbMsbv-C+-TW;FMX;IK>lTJ`gZANB
z4e2|{h?qO~KZwc1FASAp7!QUOU}sC;!3xn{$35s5VluG{wfG`wxPMXmvn!y}XvIrE
z6s&u1At5aAD_!M~57a#ISKqT&w>@PY^LUMXl!D4QXbcCKrzZE=M+-ug>sBU4@y_bc
z77JjuzCSwq`|w;*E-$QS4sG-Y%OT27n?E&a*Onr;N=iyme>+A5I))Udd(r6;e@kS^
z49R))84bVT+a9mO=V;gS`5hWll7ytpohoi?LUk0vh*c1pY=%~@Srm}+%%PR@83!Nw
zY~<1%cRJL|KTB6e2p$jA$pWkqa}p55?jw;etjY3pI3vT8cuEi(%j)H0QDEu4hh4CM
zLgXq>=lEo`#{QsT9?qVLRe?A5-9WrEE_xe$R+UMI4VX|8tO@1b{3-?AT^A+6gLAUh
zxfKUW`fZD7;x-VMWxPGVSwKVfe*f^iDZ@s5b!t0$?8fl|$)@t9_bX3MUomwJ^i$Dz
z|2ev9WDiz&;FwTzcHPh{`?E;DQqPx+6Jv$lgXxO{X^fSd+IqO&i`qwXZqVI_waCMG
zr^v7ygYnfRFNH5vgvz>(u+#VWa^MU%k0NOopGO4#oLwnSBekh6Kz=f+XX<%V_IG%3
z!E05En{Uhr?R}a(-G^d*Wol{So%|<0&0?uT@f+zM*LO#&Q3JTVPr$4#eM}0BZmn7Y
zUN>yKYAAcnZ{XXI;+5o7aWB?!)~@(#E&L^ztFk*AgNpg6E1ovmeD<~VX}B7<+5YSs
z0<eTws<*MbF+uSa(|VF1Wj_&bQ#nLVo)~rSV07_`3AJ1DL`CL;BA)kSwFjKj+X)uu
z*H%hy4EiJbI4i&Mz8ss!5y5<d^RGFNncu$dO|s|_5IC_f_?vtNI~G`(l++4=q9==&
zRIXEEH)cq1D$0`?v@lj@cH<I%PdS7SUp^fypN@^Z?)z!&mp?#43ZgKcuhI7q@pq~x
zAF9{S=D=*_KQziTqg+YEnL1i-qP*-(=;B{9GkY-rRP%ygKIv#>Fce>7GfNPfxK{f+
z(DAmGp@%2-j<;)C58GXM<X4|*p7Qx#n-bNWSFx|S@kHhfroJxXLjBh$$<`Gr&JuC*
zVJO5jxZ43hq5)wTr>+ADD+TcN@e)sG(I6h2M##JVbS1$XrWZoIm26BjoiIi{oT<H0
z&p>$V@1O#V<OY=8NP4j(q-C+B*m)Jiu=Lttqo6e2YBzp77Qg5SH?-0U4uU!4pf`HX
zNXB*093?6L7IU+)H_|3&zW*BkbD=&wy1K6kSCidAQSQ7fZX^E^n8iE*V{CtiH+1nJ
z^l8R5xO8i9+>%S-1S_rsC?^Ar-6}--^AF!Wpx%$G7L26w$^d4qA3dJKCEwI05O)ny
zdUv;hc|;a#bL5lz3@g8i9O!L@raFzp-&vpbfL+09xoWEmF{*PyqnyM^1T>OW=tJRI
z-{`(zxn%Ivcmp%8g*D^y2@UvDl<%&-C;TPyRl4J*>P;peqlYsWv{KADA2u389;7T5
zPBPY-HX;v4mpPey0&d$ood2bycqy58_j1eGxELsKyvSFFZ{rp|uPR?s6^zC7pT48T
z3#=S&U@Ls>Dz+4<GCx4wU|J>L5<*w-ovp_#aq0oI3J1n~I4tpnM;O}6$U*_qz0NjP
zfB$26B6mrVDHDKc{z$!hPX`~_kRCUr^x;W<ti&%*%#6GGeywWdh7_gC?UEpA(s$xu
zGo3u}O8P5wU1#>GYzi4LD$y;Ags`*gcTGpwp$3~3NIZjI;i(n;eD(^2zbIi%9>KTl
z!KzX}LW_f~%)zlYX-z2VmBN9HxKJnOH!#*76_-Te{JahX--q+;ol(+S1S)ch=T*z?
z%}>0sfL5Ry&b2=w(t}RzD{R5TIwmEO*@Ny#NqWub)>iok=HJo7(=F5`;$Bf^vo@9!
zzyQk4b070?hb%bKEVc$G-L{|qvMu*C>jTVIEmZ!&5lW(C^;53t4<>aH<8&lWa>h+m
zeUfBj(&LFA%gplg-IPk-!q~(q7{Eq0p7^2c(~OFyy~W*q-BCWjRM;oBdMX>Cur`(j
z?3jreqP4V7;I@5_yIza@pyy)~(!wTxuPEbNEM6$o&xwuQcBvYxuMtX1#0tSiO{d|n
z>Ep<AQ6t&Ayp>BYuHdXEC|~@6aXbfHa-ct!WN9%Ig2FSFyX+hL2cnIOqT;V6pGBww
zTchr|G{E1~UCquYvP1^Vw*m`d^B|YeJ5{ODE|L*K20&;iyac)Baci&51$I{Vm5T<^
z%7cTzX{)ka{8}pGiMg%~=>3PM(+GJ0xF6ih-xhcssP!seKU54QhdQWg$KC0+fgi-T
z+f5Aoz~tveP&wCt$r8VF55R<CCWwWY5S#q;==M;U?0j*&%~zq9&wXMRbarnOsyzRI
zhAZ^VyMGK%60lF+7@N>@yGSAsX`IAh6LHP$_e)!}7;#A<eYfm<-X?#5?$U`k)dNH5
zVikDy$CYnx*`zC?AJHWlDEYY@H2`pCp!-%OuW1Ca`#$KPYG-u2IAh?-V)QjX18yNA
zT?HK(JYOkbrwqPZVl)62zk-p^i`5~qexwln7r^m@7ZMCUxSsf{RFWL=$b^nuYQ~c;
zv`CB>xKY~)EGW~{`*KCw9~;R~B_1Sb)UVos!F6CkZ8JK|G!OyC$!}kvgK91?1xX;a
zU}I^r;=<P*#x{BUikinviYGhHHn~(J)b)1{O>aPPh+fCjz`5BV&thG~#^BqpY$DDa
z;IIl#u&q_-jgm@q8E^nA11wBj*sj;^gbm65z)*327XB*HvM2Bhn8CyzJ@2T?2D~ct
zWn+By#Vb8CwSxHj7c10EG=9H@jxv-$mF|Gr-4DC(+hY}4G#`&y4*oFIV0>{i=IZ-4
zfbm!b7l{ChLQLrcFftGYNnZQNGnUOgAv@n4kFM(dS^0JEW!*bthWKi-oN}h*UAJ(9
zyv`B3vtY|dr7Ah!vN!#;58d_p$4!8^9f!3taAQP=0vmY3IeU~d=E8Pi#EZpAqy-g7
zWEnE?;=<dxpu-y3dyk|6U3i`2dQ>;V?9jb~<2~>56PP#qBkInpAh5%Ix6N<w*fW^G
z5qMQoaM#UY$*NEJV08KM#0+%NAw5vG^fdN_I|D}58%x{)AS}oN@E(7!V9B{*mi-7S
z`-&5TEhOqqJb4iksOh!x1$wx3j%2@TOiKQ&;gbn#lEsBs8sm{Re%v_isRb3LJ&B3-
zgCDld@e4B=_4`PEzm-|W`qL4mI}ZjFzIjvh_^NR15U<W#3E0_ZcQ<EipozQ#=te&N
zupdFg@dR{IUf~yhU_+Uox5hw#iS1+RL`Plvvxz?By<!b{pYI92Wva=8@HMh3ZhNd%
zJbc5d-hEJSK7GzZJE;I;J<<FydGrM=fb%F*y7V_e6LL`&pXFAQvxfIjuMtHdxgZnR
z;gm@H+GVbZw&fzO<4j@MFXP%HVY0iE<Z-5FAuSqHqd8D_&vdXkiLsV+^kY=%{r5pc
zm-BR#=}C1Zhm?U49g9*g?{S9N+5%88+5#KKJ?-m**I?(Tna?A46ak)jCg&>eB%@wD
z_>jL9{Gmj8^)Ur3=x{Ck_2+=w+z?ax%@#p^KSa@@d%~{m7w4urYV))>q(0n%0C5y2
z8O@m4L9qNRzs8pEMIj!#YCR4%U|D5?-~ch+$#c>*_y;eEj*8CFJc(G`Vb1mG{m08j
z(<|Ng5A=TV+jFu|c!H_?-hm#WxO&~?4Tv?Ur-KdXLRZ9iN)o3NI_~4TlG%KF0H~eM
z=+GKk1=G%Ru(NTm1Zwz(vd(0lS<QBDczPzy<}}Wx%L^e;_5QXA@dL5=`Hy`@m7%i9
zqj&jRuQbxLicUN^*@En!jkw0;9s$VjlyhJjpwZ}5#le(`f7!@HBT4@Ubq$@!^chMV
zrTkKnMg$XhgUcfMF`_OAspl8eJHA@?`{>zWMlKSZ*4EZ3ppPU=>e6;{1E&Km7O;#|
zho4ZI<6n4n=<AwVk0M%;m6IZ>H(waOg4z?aj+lC2jRAIVK8cV-B-kiGic{yfFme`-
zTM-Z@8GVi;4(HO0Z>sgPto*&N3$-T@Y}SMpLhe_+@;zgb-?Ozjax4ymCV+iLG8jE)
z30=tq#^mI&uyKnexaIUygF?tL8*Rev5DSj6(+B4Ut%FlIMm&;TR{%l_UCBCSj)!G^
z`hpL4%aC}&i_B71w$>B+B#RE^q$>`Y$VVuy2!Jzz*UkYJSjJ>p0SgF2NLM_fkPh<2
zUp?*Em8^}29C>|Kr)I6wkFA1B)!K+Q3loF9)lO#u;I{SKSCZ{8jWZLDi$iK>FJ5N^
z6@rxpFDDw50s3c3!=>|g^9d*3yn~jm`I696x3mnXa#w?UUHT>_kX0g4MBr=lMl%!4
zlLat2EovVO-j1>yHEa*Ng1KS%wI2*kjEWIs0oZq@md_QT9sZm0_O=d<MnYsIlGAG?
z)G2R%x&g4Lq)*o+mFGPm9=BopKm`!v*(4SDb4DDE&Q|dz0Po39Gpm5jtl>HnufBFr
zQOT$-v<X`)2;1pwk-}2^MICIgfh&e5jBht-eVQWv9?hdPtsm@R@ZeWU*ABP#uge9T
z&H>zt)mPFR9FiAfiSujd(WN^4)^`o0dVB1jwq}Z32E*5##dLYH%E{(Rljdc+oPfFI
zXTZB7Bn5Z;KwgQT90C?hSofTRHR}<={n$ZC#=Y?TFX}LYk2e533MW!=6T5=%$JA}v
zCHYPM<)KKL(XEl+fV0%Qh+c!HtRz+iW3a#kMQRwZv9p`Ka~kBSnhh&0y)C%?%|Xc%
z+)p774mMN_c%9MA+}XR~vS?mdrj)#Jr2g&rg5F0zlhVZl8}#g@R{6n>;<okX^|pPv
zseMbB?S7E}8a1s9>pYjjot8e)uct^gWUFH7;I&27+~Ng1YD9NgKOyyS=2W*D@T=~A
zR9{JBMep8AEL+aAC{*h&O1;3lY0oM-qj+nu_Hg8ALz85-c233U3nr~Leh83}<<yZe
zzaSO?fZ1H%W@=E%N0BK6DcUPm6`ReLM-LgHd`WlBrYRrC=ZJ=2u5#@?c=;iD=kO@k
zziXC<e7aEWK7WO9_1?+BGmu!_=@%LNPs9RkJX#hcy#*a+T7G<ZW!9a1_t{z#`DjM$
z{&?Nbht>ka`3-@&(OJ5g-_}2i8S)KURXm^8W!>GBt78<dXqdbB;F?Zz)b&b3joNLS
z#Ys(t2CZRg2__N2o)`J%sgX1;@yPhe3hXca2KVNdn$4zVRJcnJZDYN^jEV$Ctuj0?
znO+5@$22#`xyJaX*BhJVh7)IbhpqazU7M`<R@aQWLY=p%ZX6lq+I8_uQCf4b8~jQ+
zC^mj!5O(CQHa}KX60FT}s9Umbwm#b=j6{6dcDB6AM${s&?P*>4s5VKV-vxth_-4h(
z_vh6+<j>7oZMZxiT#d4|FzNqVG@ZT=-ZMRB^(L`Foz1YmGvZiimv#7Q)}c~<+|P=i
z9`);E+A_O2t{kCLRh~)bnaU?a9(!;w_dj=7s=!k17sCN`{jEGY$rh&H$62i3=v@DB
zj#d`am_YU*elFE*eH&E^JUiQnh46#<^<XEvN`+)L!#d4-Dh8$sgc;1@bRXUkS7m(D
zI-1*6-~A;D;{^7Pb!^+3WHub|YNZEnU$t*i<#t$JQb?YKlQ4Khir>1&Chm%kD%A!I
za{A_uunnQ|?)PSeX>^tit1uY&Isk~uG7ePNK2t;8Cum{B%l4%aG#f@Fco(;}kGCS`
zg3B^2Is(ly7R-k;3fKW6Uf&iM0)#MkZ%;r7Mi$>9#`=lNZ^2KuDoFT3m2mHX>$s+K
zvJ%6BsD(!|TKJ|fC2~fRNQ3ygtwh}&@Ih~7O~)i3cy$;8x~wq;8&8>3tOstOtA5s2
zM#P&SjyVy>dH(3ALzwzEX|3AFxugXpp$&YfIkCe1S~gv)`<4zL&a0OzdnGVM2eV;3
zR9k7q+R#|U70G$rf*zh)QSeZ3JW?cyCa!z%vX0u$<f~%xy4?UcGitpN*@HWQVvkPj
z?tGm&`75q#;`p0_B1MY^z-griwRnp9&xXj<>k%f`i>-?fTE8={FOiZ|9im*&m_{FD
zXcD%|o|Y~rMk=|6uW~7+#c(zf95AXU9YiGug$J=yyQh&Bpdyj%7(_N3Yx0k#RCQ<b
zt=Lo>>3}HspyZ=!wmOIEz-QX7d+bO?@9Ou&`_nd1@7^-6S9M7i6X4z}g}GP-#el`M
zcMH>Lc`}(S)Xw37rT$(nLepto+zcvkVPfX5*Q7E`T}^gu%R_c9^}?%g01}GjicAu-
zGD*I{wp1?5HZ&_sX?Bh}u!-=Wgdx1GtxnP#*surHPgAHI+PO6;t}ORvD3Hg3Ti_a)
zOAV8C<bAYU$}P|7J3e&2a5xgjOGpPi1dNlyGjK<EGmJkg@TyTfIyUOWPHhav+|hm`
zN-g<e8DL37B#3f$1XgS(fGf+G$e;vWFbRV!Qdl#+D&lK4<X^Wd36E7~xbZj)hsYq`
z^MR)*qx3UXp^pJrdgpZ%^xG0XWfN*4v(cD=&S9JtdDx6;%-Ye?!=Q&hGHtW2tWcbK
zhUAQC19~_xzEhwED);*1ZjV@go9k)#Q`e3M4%1DOMJ0rwoIAt?e%f~2)J<$4y~#Q@
zt4I=`j_jjRM%$Bh8CgMbpM}CaUT2}6Or$yq%O(%fk<9WaO>~<=)|eW@Bpz`^ueJ*)
z1uR~6UpIp8x`!e0M2V5K9_BH3^vG5`D)DP!os9$AOEZtTG*W!J!azi*nE$Rv==%j-
zL%?xNfV>TfPgVnckCYK$#$F#0`yJMRWht~J2lk}{^`Xt(gF~%g!_)3S%G2u;u0wV+
zT;IzQT4OLL;0znNaq@=NB*|JRPLwSS+X)eQM>`jjt{@UQhFNhxl2t|se@tpHP1`Xa
zc_>afEq=^j2Mfcw`Hud*Qn2>`St748n<1(L-PkYCGQx@zHow1FP#T3~AFG!5NRq^D
zpOWLcq?MDfQ;u|+3e+F=+GQJZk)`*2%Onz8mJwRBO1e@Gkr`&GBlUoi#+=1FZD|3J
zCQiK$OA$a8E#<-rU6s20xQfg2Qm^nZc|QU(Jv?dn*caF(#eDO&Nb#p}NC&y;^q-yb
zq8qgU@wg~&J$NnN9@5=+Y;ICc^RBJ_AhgWpi*sR7eI|#Q07xtj%x!WarV@5$cRxfC
zNq}56p{P?RM^hDMRnPkM0QB2}24%nE0dDV={ryWh2_`bqKl$kl!`I^Pj9NTPvg_Yc
z%<scPd+AyHCasd0LJ7PRRLf^RtKZ&~){}4Vr{14r)@wz?;r|dT>O5S+JYy!wQvXT8
zn!Fy)tuB}{(}FX6Q)Gh!$r)p2f@pr%glY<caWclWtCjzH3@c1n_0?#6UWDusy0>Sr
zu}ur(6#MZqfii=>`_PzmIVt8dUFCrakEB<MZzNavv#wbV(Pd{WO4Yk(#R_cJn%zhf
zI@AsZK;u5_Z0|$qPy)acjArc+{1WVy=FTzQ{GGxs2P|y}&r4w%&JUt0{3XP(hDRaq
zXvMoU>)p#<XVn`|z^m{&zG0kt(viI+%cV@A>*rLW=eith01qwWPT<Iz02nK<aozm9
zTLzOxpt|Z!8-wz$pDAI#>>B(dF4TTS*JMt$ST%v|h2$HCZGP*Ab-KiDf>5~&{XtYY
z%oz1kO|!f9WgU$<!&@bp#~+<}A!I{dw3KF96AigCX1#x)sdp484|pa&A9C!62&Y!0
zIy&IXaUB<jb!uY+3=2gQS6Awpx(?sX&gDVDn7o;XLF}kmNlLS#p<brbh!7;%h8#kW
z=R=h*CHLX8h~_;A$LTHwf|iKxjX_4D4`B&O+Kr|<TfS_7xYYZ|V_21Ops_Ympf0#(
zNn!<+JRzt`CAxVK?ye(k^pVq*_+L3|cPPW#(_hw^AFo^o85CcX1Q&@+V<Kay8_6F@
zMmZ@MV~2Wb-IUqFuvK!qQT0UR+l<AapFBFFb0No4IC{BBK}5-Ec-bv3_n9^won2s7
z=BoLgIY=j72<AFvT(v5e>x_M*gXKX|n2*g&c*S{MAI(Y9zh$F#565PlIi_Js$-R<n
zGU7?FSReveB!s&Eq}TJaLjeYzV3@Ic^0EW<{-I0`p#PCCYF%Y6wnknN1LS*^+QA{u
zAC6b|8WPeX=<b|F?6fpT1@5gb%{WMrgOrFP`0c+u)b>T>iNQK0b6}Truvy2>XPsK(
za$Q5RjNMxhN;3ZM%UCj3e{Ii3eRu6XOnQS2F-3(u+G{{M5o~~5Va%Pu`LAq3O@4mB
zeN0~px@9lcGxc`eN4Y9v$K}VGi#*7=SQ8GXy9T2*#Mwk@+^b!Z`EA8P_$PCcZm!&b
z-PBO_;y+>{1FDIWCwUjU?KA)kCUg`ZLiZRohOeK?oqgDG4m6MvOWEiMH~DXi529n&
zt5(z=HSVqp`zTn?7ga`xrf!&P1um+VA89?d@I+T(X1+hM76&%1!!2k=4U16{V`Sx7
zM=a_RlAv@CzSvi329l<lXZ^gqx68P>`T$723Xrcn62k=KsCHWbpS*@OdY}4?#_KLR
z`FZjT2iT_jZQuE#KkN5C$S2l{`taqSrQ97Rix2N)6J6%#v1{zDNoF6b??cycuJ_A8
z-S<pLteBCp(BvzA+u|y??|$93&tK$XMeN)pF%NHL?KgjQ)_JH)T2<&$sc@RA@RfTi
zfw#Hi45#8%m^RVk)~wu2-aG3HnDnCRf{3}<Qb&U4@9KnTE!1Bfaj6P%xy*-PU8SZ|
zrQ=QMbF4o}e;p{dRN&LD%#lYf&Yq5`#a%{RI`iF;Laj;b@7<H+@>6wP)~qs8Y#??2
z^P%Zzz%>piOJ&AeD~FkI&8{?tiyHM#(a16>*IpgUCd}jQSJwDhrmKAFfDpzyrkiA4
z+A4uBGVhD+QBgJx?qYenHjq6=;a9G3HQ`B*s2@0(KYXT|NngeslYTbK(bX%^F{H?E
zJC~-TIq)T3`b6fL?&CLr&$(@1xN0}7caq>%vhd~H1^R`P2krnWTLd|}oxDM;TZtt<
z9p45%3y0yLkMvC^0GEzLJpy#UZgKkO7TlC(Y5A#9*2=H7V25K(nbIOit2@BBo~&0G
zRLqd#0BH@-sEk14UczuB5j)?|aRKV}cFQh7gBgH-er(}PX0R%yjBxqf8r>g5lezi2
zF2f?t#)fdX9Y`7;6H#U$Jwv%LJlsFbyqFKdV%F1KyMC4}ILJMnO#!3~&0mSe`5U0o
zMN__cXq41MyTMY+Mq+=w0-Ir@+Q<9N@j5=uTw*^w0UZl6_vx-HS3rF0b!@ptcC{p9
zfFzN(Q+jQC$P7Vw;{hOU)t_0Iv=U_W$p9GpSivHo^%8A(tIG;Vp)0z}T>oMY)B#s9
zB~XSp8jZ)rHB+hGpUmYp2UnEx&125()7Y3yoqczNemLZqJ|T^#3R1PhELEf{PPu`y
zzjcf7HqchLl+B@^50fh-RD^#$lLL$n)O`j@vae;xz|92bVG;Z(4yK%$L<Vu7eoy6~
z4_(0YYtSSoVKV^fl<Q+0ETI_i)$dY$H=|=V0Qy$#=D}}~K;IY<Tu7st?l`A3p=V~J
z*J>xVP#%mJqqO-F<X1drrPq3qtmr#iBuNr~Nf1o^*`^ardYRxCwFyJ$s`(_7mfB+l
zxPJA$kM|94rNGc~$!K)V=c-m+&AyH~Uq#>-{^%bql);+jBDE=YQui4c)-?Bh-0<{G
zEc89M#LhVdkeR9w+>ishw0bA)K%RBIxLA_f+olsh7M45HEwv<n)<~}+kxkr7oo%f8
zJKEw}IKJ`rhl#_kJo$1K(hpvr+M9geT3skfS^`U0b}q-?S}uLFder*0KFQG9Er){p
zldr{X8jj^!#DwG}t#@f*zk+B&{a@B;q7Z)<g8~R^+$1P{Uo`|PlCnvtdm*-N<qs={
zL%`VqCMG;~+x&HL)j(TRkpsxX;i!os#0nBCI_0Ry2dWAi#>YbVUyCf>b!1Exvs=q$
z5mZak8>y5snckBb@9w!1ftu`G+j6f#o>!W;uTtpQ(~G@xdwcTwyM<vkt;U;2)CfP0
zCh<?mZP}i)qeIYVfy(ngy6+Mdtw#K`#Ci67FWGqI1HU}u9a%<eh2L9l1KZ$?O*B~i
zAdhSPb`&AR{mrW~*L4>GJz8WUIai61@jDm53({iC&h_~27v)LmBcbk_2a?}j(qmKv
z%r|pWFII)ZyCjqX_AJfst&K52-#mTuI`Kf8UV6ll*Uv9{iG}_}GO&apZduwr<G(sA
zs2}7Xr1UXivu;~DE&XnvLX-Q10BG+*k9Qe`W4Cg^$E*93v$-p&Sa-9aKMU1z+B_fr
zM;gh?035NArxc%XxnYeOAR0?D7NM~`cL96##N-_<N+S#3;;xPIb6L+Ns6z@6+E{`M
zCDmP@IpN(&!!a$K%0Bi5JOLn;a9U}tc1?ry$@VwQd1xEc<RDU%j^!C2r!b|#6rpHV
z#Oej);b9$z8F_fNaTae6v8m|QkbNx1N!vL-CnS4CTX0v9vS~Z`yK=Fb?Rj?@R7^YX
zA3hLB66sa|Pp;&5X)lYz(q~{E%5L;T;X&$cMl+Wox0=ZjV1XOMDl5M}8%fwr4|I&#
zRA2%c<jSuH0B)CHxl;(`4H709Lw4v*KKp6CZP{s`;P`7!eT?2iM*d1v-^^UMsCLgN
z%P^jV03|3y__{}#otQ1P6k6En?);j|5J62RkS=GK-*F}76yWeKQW6H4#fKC6vzYpL
zY<!ITbiY|)GkWDuvY+=H7};ofVhW}s8yB9EPLz?CinEhN<aa?u69oh~qo!fmb|Na%
zyzeTlzG%MZ+<2MZ)Xg8O<<U%g3)?Va>#8h}DdOe6J&CFJ2y|PLcqA?72u|X;2awod
z)e|A&cVVgBS@^PA?jOHTSk>hMO)H9%jLWoZ_!ppA)SXx4DoGJV%ot{=1@d3A#JkvB
z$ppp(Ym9dEu^Aa|qWg~HH+h=Ei2&zN(@7rSbxL@8M}Z>0b**@k<*Tf=k4%<a2Z-NW
z8w=4-uE?AbS}}OE`Eo$@*{amUN_81B4dun0!c87uE$AkLx9ajx*ZcFWjkG#JpXejD
zlx8koZY|Q-!^YR24Ie8YS#i*`#Y`+1HY>S#5Kzc5Zhq5*?*5d}dtxwsDFIf3A&;vD
zq&@VTWic{T{G~^t2?O=jMB?6iR}=L`*(9;4-3ZzzikDVd`+mnm$-5y0-u2UZ&tJt+
z>ptQN2U?`cuR`_Ip+aA6<}K5dzKx6|YJVSB7aV_><GFHI?}<A$xe9CpQ1+QA5ju;v
zpe?F_lH+vqi%ec546OTzUd?9VxsQ7X<hEIl3igJe^|+$v<ezr^<aye*BHk}ukTp@E
z$7nr!elS$Az5H5>Fwhj2sU6f=xB5fRAKECe@Y=fjrfyY6oaB!iS1TSc9UW&CAwiZo
z@A^rF8L$=>pbU<#Xg;=g?1oO;N|D%Tag%0LJSz^B67Fhbp|wK6O&vBHWkmbciG}&`
zGRF1q=9OQ|*(!LruJQq$$l-}<MfwvKkEA^+H#yjXCLZN-+_i+lL8=Ev>_|!1w6Dp0
z##kyt;)wkSB*98L9~yYMY;9X8__rt0rDRDDhbbF9jSdV6KFNH7bj>yX2DoLjD<E%S
zomG}N2_^vk{6#-7?Dm__h6s^Y`*H5+wu(9^R;8B;zm>C|hmtJRAG}cZh`XbQUrWpQ
z;d@XOQ)qYiaj9A#kxFjjRl4`(5G5E^(@DE?Nw0TlTLsCn-w{QmH!Zv^H!Tw!KQw6j
z4jlo>)}BYYjIuNmGm9}q+F`5|IGD8>6<e1DKSWKe%txGSr})@n#P?Ro+}-;nY2x}z
zkZ=9O*-sd;%h<i4O4%e{1jBtTQTf|9^HM``R4>b`tU6jeKQJvLex4-Xv_r`#a!3Yj
z@MvFqTT&oMaq0Je$=rD9F?-*RDAX=XOQ{Q+uP1bTr0boj@oer`4uA+4zZ_R^qWQ$V
zt003IA^xn8V_wV)q(uw{qg10)11rPB(hAF%xc9+Mimv>6+mSRHt3^It#%oVW7!bPx
z-|wC%{a0s;6gIPp6azkvpJZZ~8z(AZoiZR95dR+-Oa)-@-Bm!9$p=-pMnNSobq_zr
z>rJ(7GXl*h$$|zXg8>kEdKH2$34xMqhI@AX_1~0U^g!Z_zJySsfu9GOtn2J#MVQAE
z_sHDS-H9OYi0QhQ;ClCj{I<oEaKB#yLc3BAm2$O>JlE;WT%K2l)b9N;N4UEMuG>Ek
z1JrPc6kLD$LqS|bLcS84)Q5Yg$>ZIVw4GVll~Xqd>F}0>kOoXV?<(xs)nBHttsT~g
zkQ;v2|7j#Dkzd!-W@H#}sJb3JtfDihN>U@0U<2bB0=se@MK<QZiZh|_0TIjV0|Y38
zbGI%6f&r_oQFz0&x$_3P`?wT&2-GQIpNfFt>zj!<mnW^}d$j5nc;#vwHrYcc`n-gr
z2_>vj-z?375A;ZP?$;K-Ub27ymgzF(bXIDhkQ|Vk#oYngHJ-5FMI_x3*fC}8CoYH_
zxMdHJyQ0iPhh9dAfJ$8_X8Em6moo^u0W*lFNVV^v*6({ZFePw*`6lZ9uR{=``yhKZ
zUp53s08IrGQAx~enmW2G<RPspiBWz6D~hCk2O!0gDH+gy<|SX2w%e>2&xoW05)crj
zb-`s!q5N55j8Y5E#Z08QMsj*<cHg_uJ!gz$v5F&UFaO9x)<|d4kRKoxTJR+Q_UWi7
z=+Pe*f|n1hVO38icDZ>%m*KFOpnC$Fj`#DfAsVo>naOcwUF`0tgIqjMQvUS@Iw11T
zaou`MB0!pkQ=Z?Oa!i6P1<9A=0t}{4OP7n#OQ|`)_OLc`zWvT9MQQs;!NM1wC7R)S
zyaABeV&i?qFjcHpAU$`Ma~bg#V3XV2L<-z#xTFbyP3(}BmnVUqf8pW|`Gr0G9Xuz^
zd+O*8S<-*jx+0wOGygCXD@J<#+2Emxk-eU!!-xgRY#jfrmdlvW=L4Wi@$8DaO|t(y
z<u$Xoxe2w2NVknQvZr4D?YGND<H(|2fX$-;Mi;PeJRc~g2UO8YREq){FYBnROn8;Q
zJdE~7_`d^aNVawP$=;Uk+WIk&O}dio3vcFfcbp+o0Lf^6dB@8OvR7K{H2ZMz{hCl_
zE0PH-xJ<AI8uMS-FCM=8tpiU7?u{tSnR8cQ;qioyg<GK80VVq`5cdaM1;UF_b=w|g
z)C68$mI{IBb0j+I*ivC$f#%}-s-NzauV>QxxFV?B0<okR3AsGhAGfOfrZD2GK{iv7
zup2F};`Uye9+V=;&JDBM<gA?_;8+D4)+1eJj5z~o?n&-`2!rCbc2DdJ)&H1;vYnW~
zrMUS1;or$82a{j?1emYgM68lS?@0m((&d2IR7oF*eef$W&FGrksc!$gnT=pi0nK}p
zoC5Z+k0hc<h(XNNWG1qe=e1xCc}rmSQyZi>01EokHXoN{07L8km^DthCysJ3!Em~1
zA<p#3S#)$X9-fhwO$wCy94V@9!m^(nLuM*+dmt0_8#ClD0p_1HD)b_;`l!&Z9DF+c
z5MFQ$DvJ(S+9ADwO$kes^Q;j3RKbm{SC|jbI4W=n4SNv{*o}&sRVENc0NzeRSr(D|
zs-<2<5%<Nq-3U|9kHD)L=HL*8hFB!ue3O!1sLE!*L%Xn76rUR>J1bvjk}e8MzI+~p
zwO4g2zAHMBm0xcGEfXD3*2L*#*%EGwd_}WZW3x>l9SZ6}0t6WM`lv`4j;kdhO8jg<
zFpoSh*FQ(z<`ur0^|$8fq~R7H41&YqMW3wYgv*1<)MhsGhd^xv6VV5COCI{e&UNcq
zc3aA0kzgQInEQf=t+DPKr@r{U%K}nxFDsLU;@K+>q(%VB5WwY%jDuvr24Swo=!7c)
zdZG($L6gBeW)P_l)!S1@%hb+soj(go6Nb@8#0~9VIlM`*G-}gv(k(W)VXx^2z!1jW
z(J=;Q_AmaLfrABV7=NFZ6p&{zcYZZ@sXNQeQ0ta-WB6#YKIww+vM*{~BDwhkbTN7-
z0LXV4dHDlbap@moBTEi+(j$O8b^Vpq)I5K@sbmBJhKR$=L$PevrGeZa5`e!z8X8{4
zE?VR69tkAV>T92uDkH>r?!B3<LkpXoPmU26J$?gtPKHom^M<mEv0NHyL3j+YluVT0
zkqD47o;>hJAp{U~#hSB)l9v`6rm;Dy_r6#2EhJV3-E=M?scPd#G)Qn!RBFF5ujd3u
z0`S_~l=pqUxLsgwxep3>Ov;18B)G0(4cQ$KzC?(ti$-`A_U163q}$e>I}U;P*XFt2
zJ%@FdIaZ+i1?IGy<T#?`QlCwZ7r?lD($H>vHh~Kwsu?X@0D{Ecs(l*u8s$2QZlN9j
zg0#c|GG4zTM=}!fRAZpO`&(%jC_@jqJi9WaEl*sytauZ#>Df0P668mIWFyoR*(tZY
zbgfOsM!FHp?IYHNfF!IZN{jR{uXp}^Y%;yV(%eMUzj0z~R52m^gnGYU-}L|rRHhs$
zOfl%JrC-H>x|@CX$wmXUUKdnwJu(%GYUkXtkuOa7gk>qn=#oGq6;l0YV((O&KU6;d
z<JR79(-e0d3GvqSTtz9$G=_JQ;<!IHnXAboIfLj<=!si#oYP(L+(;>jjxB2omqP3o
zJ{hxn=YCfPAHKk@TP4x4v^|AlT;F2UYvqW;zihDj2KdrNP;;_W;(Jvy7vs@nqeunB
zjS=Fmwa5jNFkdl52X;}W11ehSLOK-OSx!L#pU)O8S<e8B!g-Znis!rcWhu!x%Zi%k
zk1JR6UH*nPq@bNX^DR~HF7_nNe7!SzCzjaCV3~Tr9c_VCrbMmlttDo~2+nE($dmq&
zr@0ESGXv7d9*AdNA#go5fKQQox=muk+LMxK#l{>E)w)e9PwFYg!vxXw0m+TtnW=r7
zFShZ)iNzUYQjZ(%Khh2Dy}#s)|5LSIX2N=HXdM(}(HTjyF^Mp7bHG7#=U_1RcY>9W
zl92Zj!s}L!77d_midpND-AaZWWaLJQ-?p$euEF`dD|H=$Yg<qjetRI8D7c08%y7~5
z=2Sc%Vk7S}#v&DOZ8rfDx`L4xE*tEa9ULawD6DneUW5VWQy63u2pok~{kDbrqb4xH
z+wT&drC(M`UJt5F{i2OkpD4hWVrb}&Eue7gVJJzRWbi%mx$<a=hw}4Yg_zjidq*Oa
z0K!PPdHpwF24Eo^AjeVldrjy6qzd|FfLQV)`c39i%NjovARnaUjHmGgmd1W3-iJQw
zsM8Ll@m^FHD&M>5uH>F`uxhW@Y6~NzgYpBh-DSdM-RJeGTM<;x8?aJz4yLe-FeYgB
z(Jg!XV;(GMCc)e4v9$CXz_g;rW9{TOn}@-y=O!dvy9nQ{`u<&-Wh}gh>$JJuynyvm
z2YJvk(t^4-fJ}4~D#sSRb~}I^fz%P&5%)|hw(^AL)@?Ok4S9=2vzf(;xHOzaI|frq
zgioUSvniAf2>4oRpdiNqBwiNnEXel5Av6#oeu;oQkj|2|r^hHpb@!2vhQU-1>x5q9
zN)+uhx)dN^IJ(KaOMb;$)pVqLbDWhcW=L4`Vwf}_2fT<+8t45M5S`glfy4#al*czR
zD7&8S<V|f5NEOr;a*$;LH{^@x1IdwC0X4SIhA^yP>cIgH;UWl3hV!eB=QYjEn%Sbv
zw}6}c(k0iFS2d(=A`by|DA3ZoJ$uv{n=!}3VX{r^0&+lIZ;jjE?`%0yN7AD4bUWNS
z-8{VSZd}_(q3iIQPfRk;Wan5EC}mi@Dp1P*a{sSEe@l;TAz<>Y5;zRFkM_{T17?WW
zXKRh-3d#F-VVsUON4s%>Ak-_U>v&oz9}e;3pSLzK<yunR#um>q7&V%Q8I~$7ZolCR
zBL$j3HsD@Mm`ua53gP7D8<i0;#Kv#%+3HX@u|$rd@AYNKy)2=MA@OWkj3Cwkse%*D
zS@!2S^3&<GAZqkeb!-0&^=AU-m?<zqb80oTv|5E03e9cL5y=g6yaK{KGd=lLkT5Q9
zVBtpdK{u_JK)g4ieh)AqvQKB@+Cts|=NDNTe+h(p6R(cV(iSftF7s^AXkttAI)+u^
zuRUNpqBI#Ej+X<<Y3IB5z^aRZLIP92$hQ^I8Ur!?_=MggJQ9W~4UwcB8Wus*2vXWj
z6_T{fjOHSfLVx}tX<X5~@H}0;<VWII+#FTx+S3KSaJFe>Tid`>EUAXYB{0t7R0lvO
z3IsBMe9KlbW9doJY`m!!M61Dm>=FcsFmW~M$n|s5veV~+LFrgWV8#;DioacCg(AhU
ziVSXdC|7B$-87$RMw>Vk^D{v$ajBlVvh_s9(?s#jqCO)lpZXZ1Z>!K^#*W!**wNDc
z6!k;Xd9(+bxR=Ud7F<c*s7UV(>U=Ls)Sc22^On}5c=z!jTZB=vIp$(kJo$Wb5Y~AD
zNTcQ;UkR$sixFok=44gI8(>8s#0@}&K$WtuzV?EAL>(+G3!<@yeW7)ZM6fW(ljc9m
z{IiK9giZ+*N?k?1rWmND>1o2WV2;1t9ZA^E2StHq(e&Dq<Q?HdE8@fIzs7H(zm*-t
zHDmyi9P4@vaCwy%w`nIannt70XB3!uC%^+3r!9VT&im~9uckkI0)afp0!q+3;TOHH
zfNZTa$j?kML2<6Xbv~_J?fvu>0x2bygFvXlPFEB7uZ7!hZO!Swgvk6M$xr^DE*JoX
ze;zmuAkP1JyhZ+;DRug9ZvVYWejU`U{Og&z^52s|82;~ze{&uugY<vsQ2U-L{?H~!
z)uJsZQZkn_GBUEXvvwhN^n{aSG4&@uy!pXc^}q|!-!!`s>;G&pJEvlVx|RLovmU&n
zFFr<|cG0GVE6(w)e9bEi8BI8K_#ES1J6_zY-&IU!Xc5Cqu?yw8!W31b%B4>ZVx)fg
zMjkSmRZ(+*>a4}Eb~4~0%LOOxvFI)uQczT1uQ<~g3xc5*&M*3Ma!Bi8dn;BBn@7>$
zbc}mnhbn#QsjnD=V~R^x8uzsd0@#b{d&f>?$wYFzR{=P?87}8ABe0ViJUDx|%}?@C
zDWk>>|2Bz>jdPP*ZXsr=R{#s91o9ZYs|p8edm?atWE0A+9%*~AVQvG=B(Jm~xbhhK
zKIDdk>0Ecp%!OA*h(k@WgH?$WaqjQaJan52s=m>uNgFUuPft6`J;B~^bK#CL!tH2x
zb}?*k{<+U3N*Ll`&Bs7p_&M$T7`YOI+o*sk<-)JtrOd7~rsuzBIbnV+N7ouH92M*f
zK2xYY&H`or&TVay-r7dbHTg%ac_{8YO=c~snTf*+4%--lMNGneFSxkg2-f@Q9#w_x
z`g5{hylh7^!b!)4gtw0N?o1I!JC2KrZT0FmXFI<%pIl4gLNYGvv@;@MNnfKkrz;&&
z3c=B9At5eEh?$w$?S~)n=Ld_Dz?qYxKE1kD1)6+9r+XgmP(3@gZ`%5`t9|+tIFqSO
zS#WpCT{!0cu;)gH*?|IA8xZiBMDrH#bO|ZY(1_}4>Dlnrr5AT32uh53tQhFYFZpvd
zhG-kPHAP)7x-qI#6>Tf<-77n3;g;A&K;QJhsBMvu*w*^M=t_$_aDOYq<z72S=K$vY
zUgQMSO!YbQ&IY#-FF3$5q>HRqz}IQ?tnmcr**unna4F%h?t1<?&g`n1t}YvcjG@KE
zo={9r?SK*D`EcQVW(omk{Q^14k+nOv-*g<r8^lYKY|FrM`H1d9SJ^!CDTirV+<QZl
z2f7PyT+@8r`iP(3yuHq<L6SZ+SHa9IBfn3PqEt!F=ZN;Usc$S1R)_3txzwgNl2<k}
zd}3Cg$<&3Z&-XoK(EB(cC9ZJm8Yv26<kU0e(17)jx_RFpx@D^?*V-qD9R2!#n0wE#
zrnabE6t}&>wr!QF(o__bD#3t?(u-211XMtp0fhu4A)woeO79>|YJda<LJ5RyMS*~H
zNF*VN(nAc95&{X3vp~Od&wZZz+}|fZl$NYD=bCfOG2VBK@oF|G1RHaEug!o%bF0tp
zq$+B$&dn<4z}_9*my6`jg!p#Gv;h<L8FpbhZrGrepQq7%(R}T}k7pAWutBt~cfD>z
zrk<hu3w26Wni_GWU9uZ(2zCcLOV%h<awCNH;95pe){v-v22{@@yOeghQDXeTQdHW$
zX~qj=IiL5>nKbuNtptPApqx(R^Odu;!>84VbCtRs_)}dsMQ81fBOA|OE)uO3LlWv`
z9Ng_0jE0=@8#eb+2gYi$l%N*{Q}Qb1fyUfWmg3<K-O0BqI&|3RE`C36xyMj~+V_fP
zJBaH_bk|s39u6V%B0|FH;?kP;pT%$K3zL`$R^Uoxh~;(D@{MC9X;|zk=KOl9V@HMF
zrFZiOgpq~^f%JT;+fo8>$kSEPrc5D$KV0?6+wu#i8@))k>mIG4TN|u;w$B`~WsJx0
zkC?%K7C2V~L>^TiJ5qmtY^!~D7^yHd1Ik^5C=Wi!I5QX$fc0Ra<P^D2N^4eWNY{sy
zJmJ^VVL5g<R3v#(x*f9{oRXyPUFxA^>(!Ck@ph<6;ovU7RH>Xg6(8dgr~;+d;LQC>
z{pqK<-t*X6JCR)9GS()5&;TuD*L)CK&P7yI=!MOVNpf4kR$*NB>YIicyo-HfuaOkx
zf@(r7&?Bk7-~&`b;je+wRS9KUiEp?@<m03<`h^YpZ;rmQD?Up*FyrbYh+y&kjTxXy
z<u<Tjj!W&|)R^T#?VV+fSzCrLk2|KtT%+WD=xvd*hr<e{6|80ydM6`ihP=n)3?;N;
zdt)Ry?_Gg9_VJ%p-REP2xtCw`E{0$gLKo^N{roBl16k3-npnMuW>mNoMeS{sMGo)E
zLhtQOh!PVl>kEE09|94jYnv9CfswlGat;4-36wahT=*3ScO9(hBG4`j;_U;QW}p8Y
zuE+@sp!^uGxdDysr64&tM}OEY?}Q!KnQP=Domo4+*IdS%o`TbvGL8XRg&+o82>W*D
zbtycf5hGLE$sh7&9$HMb18h<XQqP<|Thf}wUruCtKy9Ft6QD)jEGcUc$0-XCIp{E!
z40Pw(@=NuNOL?5^R;2U=G$XW>H<O(YX|VS!!+@~w=~AaN4{U<T_3{vm<-=)g{34jU
zHeU0%))t(&szhJaALJ(r&zPsIII}~CfUaNJK`uoIrkL1z@pwW~ax$rYGFxSJ#6TK1
z$^`O1tr`<TQik`7ZuEZeFm9-h$k_3V&fl%rWMolaQi4BhAQ_#(w(Cf8nSm?{=YoV5
zgKSzu{IGhmUl?jVr~6RF7ynu3dXX~^>^AG%_z&>yDYw^@5uD`WLwlbJoXvv|N!wOW
zv31i25+~G_oYuIXY@w$@fxb)U0z`fOglfA6Lw}{e>bhbRt@P_l4}5~pC^9MVzPcE3
z{!NOht7B{GDCky#9@vIJ9E*|VBlG|zxcnzwgaC-lXRFe#>=qx^RWW-?$N)6YhOV4m
zo7leb^b!-nHt=J5=*1`0nip&zTZT9RwtrLK5K}V0{=g=6lqelooVC$*rNRQLtQEA?
zDd@xtWDKjnXz*tC%%mj`)CvE|Mwri(TY1wJ%>ms5VdD(yAu%{>jC+|ceR_Fb(@0zS
zFU>L06TNwZWh9uss+0&!y^zf31MSw+A9jQJ<+EW*mKmPew(jzSHRWvFCb71y3V#*c
zA5V@lOV3{AhA;hiG1n#^+ZL_EI0>aze=uhkM~N}JMK_+yhQ&cP&UK%c+{mRHvSD*u
zfx5Vx{y4pAhZB$3Jtpv!kkXjyu}PB|1*>91`TFKQ(?Q*o;p2`j+nwjwc=1#_nV6X-
zR`xSUPKwo*Z-734O;aQnFBo~P=J1V-RtPk(r-8Z^hUAy^d0?gb=IaK5peV6U`eX8N
zlo*;E37MvbCdQUgV>BwppqOc-H7T|?sFeH4t~+byLuzA|J&?gh61steq0j__U}$&p
zN`@OL))c3jaiu19M;uACUFYnz(lIQIFU39h7i)%38n@J@UtK@sf+JCKGg^RPiaobx
zptTqj12o#(3dB(*`q$)Rr5}9Wrylb2X8&>p%vsD*{0Io<V+1(;8?W>p@sSxiKBFTW
z`7;1?8`~tvDD46nCvHwi#e8Uyyqi5som$;4F6}wtI72J0eIp5vXYDbqnaJ=@znws+
zF7N2in^!@y*nX4QfcO_N^LWO5yh|(MpPG=MQv`CQsx{*-sk)g26*Z607<vX_pr$o}
zzeXcsPP^naO%?|>N@a5pM2mt3qL*G)18_!%k0CCyv;o1QHG82MDniK73C6S{PE&`_
z%>_tGFfd;e2{RvZNNcQQ(i(<sN5SZ2!wx3He7qk(*%qlRDAsVOm*;j;eOYuaaxFY@
zORo2dzjq{bnii-|=Mua)-ziq%sAzqZFym$_E3_=;Rs0GSUE_5e>MkahFz$8Yk@%_z
zD4!y+igN<gkCUDK&-V6i60}5~`8{Ephr#CIfD==y%BWJv{5RVY-Cbs=*C6f;?x@nz
ztkyV31IShCtk&9>!<K;5N^z!DrML_zE$B3UZ*`STJyi7d+XJ{#$bgZYt;-81^Nym`
zv$oh^jr#uDQ&Ub~Bw}TuH6Qw(K6158^6}+ym{gKp__uSx+v>CHXJU#yV!>UE&1S^N
ze$!vRU-=7x<|%EG{#akou!g0d-y1-X;A6P9rF3t1?X+K62G^Y)2otzLibz{|D7DRE
zk1kqnxt_7-+}SnxFMD-N_WvGG+u@8`-$AXgl1W&%Nx&}b6Rp8?GId|6chH17IMe<`
zCRxLpD4fyLSgDEmd7T#5M}2_i_jb*-h^x(jOz20eStb6+lMrkzvimQx6~V$SUyEP+
zypL1Z{Io&iWq+YzLNP6`qPZ+KlI4{sRuHux6m%6bO>2T@b!P9CME)$UiX`$G4HJUi
zR@n+T^%-6v2Qo9x@HqbV_>57Y&mPN{`0*5%PM+5+x7H#?zQTf!wEU-+GO%iK;6u&u
z9rNIe>^We!e>)?bYL@7n?Yu4$6B{@ic;HXT*Ibr(@>}2H0FU|~IAzO>>MP!vQUW~+
ztA{&H)Nu{OLUfa<&&?@ar54@q;4-%WB{Itf4J!PhzxtIR<1GCb0m^|d(nH!=Y=zK?
zqW%ZpB!w;>dt|h~x*Dh>s_U_@rMfQKD+i(ScTG8wfc}GSKO#uo_LRjzXtC+;jHd~h
zD6wepV*e1)R?)Byo@h1)3iVEGc>0$bDi)E+P^Pf-i%pLPj3s!o-gqX6)5X`_&O2F8
zh{s7{=`(x;rgg+6kl>{%AdIH4SApj0Ui(9i%*ly85&)p%#w%`fb@SE9Tz*KwlvBKL
zrZ(qjS5u*n_tz-pY|rPf$yLoVVDlBA8+-x>1g|s?N)5?ipA?frE!-e@XW^>~2wARx
z(oMXIDslL8dI^+1J+Hs~`2a2?8!yfUdah$zPz$=%8dN%V;S3v)WvMk9dE~}EN@RR~
zb`P-ohP5=WSx&C^H2ePi%sdF+4G0)&+2=g?@9}nQPgJ?>afNPc5ugD`IdbSD{2Y5!
zhSNCUm2vCG01gGG`EIWZ$h<fB&BGvT)kQB94tu87wDfLT8=^xp-KM%pDQwGjIuWjq
z1g|YzfGvRC5Tq{?HP7E@#z7b6bKr|ZcbOL1Si=s%GH(&z)X+B`BTvssBzpAq#;v-=
z=13SUU22Mwa|yV*sc@%b_r=xfFl@NV6wpMn{(n!M{K8k$tYXMyKIL`DzmV`*#iIN|
zMPK8LE+$5%e1_m-JO`&h0-pzTZKsk7WHK3DbURn&^bm`BXuj#D*o%TR-2>XT_yG7#
z7@ZsdOx@aChZ-)x8zm7+6R#OtHB40w-R9?A64Jz}Z=IQlXx*brg-K33aomO~iCWLG
z)-p}*deQVr_~9&C<WQy8Vs@0!E#gaZ(Sbp_arXs^uUzBWnlNzwW~dzJ7J2j|?c*>3
z8QNdZnwbO@`qP>a+ZF)v*+d@Off?x$vr5$`(ui=$U0MH*j3ru?<Dq~|`due=%lo}o
z4-;Z_dJS_7i~a9+=N+bt<DtBo@I2u+4Ug9JE;wJ8_s&#5kgyt4Pe9js7$$1MAczCE
z`{G#<T%)0$_$`gheB4<8GeR$)zA}DZDzkopj&nN^Z!%a|S!qL#5_za<GDW}g>lv`b
zy<azaj^*B-Lr38LKTtlvCCzI*apo}iS4Q~K7k-H8gdm_6?HatIZ{sZe-aPJA$Y<8C
zUW7Kv7FM@<l&Q9@Nf`BYWmF9acCsA&l>wnRQ-^4|sy11GDl7O|ldlNyL_mN6<k}@`
zdtX!qGPHm0&*dejrjmwrs}%pY2YyyB;A~+b^e15RuD_I|EdsRM#_Q<1o9q+X7KtDS
zmsaI(*o^c)px?$H9FqrahtD+*ENgGqS^vS9y3y~L`IzAwz~8FY8<XHH7_7&ifD%Ea
z`F@z&OwrrajdI*whXCYo{nhgcD0DhP{VkwkB4N9^Iv1$LY`bABqZmB#^@I8TKNY(e
z=UK$>f?btTP8e{u@<P-g44`$nWH%82C$RSoj^${z&Zc&GB*q#<Co(t3b;Ba9CnIf9
zt<U*kePQ?JW=SIO!Tod!JSS8rN_KSf4RnfM1FAtn#=&a?FXSR_@`e$;L8k?cGx{r{
zKbcoSfQYN_eVKp!F}M^UK1dDm#i4DB+k5g1%es8h{uJxtv`d==(`A*M8k$*ajEv=w
zR!abZN1j_h^1VoaGOW}xAh1y8W|#wn4wUNJzn05%V~H?X;hK=!0a!45cn+X()eZ>J
zTE0-2b3=(T)xp{=Z;r}u-nQqQs9_peuC(bba;CoW$8#wMdNB|gtNRU{43>)PUbt{X
z-P2@Hq`bOX-0BhZE`wcQFp=i*Gl3cwYk<P`TN}_<y89<ZfC#6>5RJs${~$?kTd`%P
z1CREn|JS8O`F**v)V~oxooR;EF6cQ3pis#<J6IijMJ+}<L0nSPgb^WxHWXy&GoS7}
z;0b8Wp7VnK9DMEyeL84<nkwe%@~>E2cZP7ueDZ^G7R)BPKniSV%Mxyyvj+hK(bZm9
z1}w887_o3}Tp(L!3R+jmdUNFbr=;W-yhY&Vxpbv+C@@Fr_rG7VC3}nm4r7Y3Y}jXM
zb2Ghp-aF#Hin@_qRpr`@QEQRJ^!${_o`S9rZRbTYf%dx=PSH|2T?!*p?BAf2Seqr_
zW#<EG0YMZ<Xu3vK#=q?UrpTDgdU6W{`imE0RP=7|Cn%r+t(bdGlRvxt7!D@VDeTbO
zZ;Ve6aaqVdem)5RD1vtSuL^h?qRlcghgze>a~E#*jJ9W9x0T|~@|z_L+SaS^l9NWO
z1DS6BsJi;NxgXfB>GYps=bvMB{Vp^&LoW?hRoiIgPN%n!q8oU<R<VEpH4XN1>hJeo
z6ZZ^Y&$qfmV&TI_J3y|WM}9aNDU$qyf`sW00%G9u+;~mWLs?GA`r-6*|1r^&euc0}
z>C;2s6OY!m!J@=iX8LOj0G=iYcM~9H()xwvzzV!uZ`GO4r<l(T{0~%GDHSDVX(8nb
z7x#c(x726foOBz^bE5y<#_Freqpy@BdaM3}9R)^g8LhiEjR4fy^X5;o8#`HVpY1&O
z3Lg_KFd8x8-Aw)aeydDqnt!2TvcHY=qXjKb1!>DI59dhAoh4#&kt-jTIcO4y;vPvb
zP5HBN;-r9WeTACd+YlP4QCuqSogGe|9U~=n_LN6+E;WAtcejOip*U~Xu{>ZJP_gz1
zrGgMEV5M;^we2^>Nlfc$PfJGS*R)PQD6RD^&exN2V!2L%p6WhY(DYO|jcXRyYXibc
z7v6;|hg(3Eu#)bj1Aj^w#5@6!;f$9d4s~5`0Ep+CDyGPr8!Knv7IR@_N5hs&w!U9y
z9hn}3>lOfHuyBS{l%XNhww)&<mEmbiGm++j9TGQb{^*Q;t^q7b4XsB?pEfO<6+iAn
zxxQfW`$n(EJ{dc{%1)SG>ThMwPtAwbvvw@-c=~K?1C~%IX?kJ9tchI;IKD4;r;qVF
zasTq>A~M;uq!xppF0CXfWqwoK>quMqaOt?;*L8b^tFqCP%K`icqu7Z}V~MbsXsXeO
zPuqh+!?$dazUA<yx#aA}75V)D5~vem`ftc^VAJx%Q6L2ezT&G)jCmjbc1Lc-q>*?D
zTVKFXmx27gzSt%9G2jNK-j@L_zBQYRiryKPOgqJbL=Oxlt%2^{Zox)XqZ1ZI8e4pZ
z*XM&**I#vt&@8{%g!`=ost^N{Eo<cfnsR~WQ5u<AzQ)F!W5>5ITg9dWT7MayT7|7|
zl)63V^eSsctz+d-vM7B*Y#*ifwUlmdjc^Ki$5Z9^Z5#^)dN7+%o$|c3WY_CJ=Z`c1
zdR-8U$uANHE5{<&mc5_o%>e&RmR40Qd>SHMy5bQ7n8q@1!wA6KPJAE%=kI`RXRz3_
zlUW}5HSrhvz*x7i@#NC+C)*`bin9@=<aoVD;qOSkc%uK@>lu+i>U!cW^&t^kGRm(l
z?s!o?bG2qbTm)b-<t^OyG2q^M`F1WN(!X!-(a+Jc9m%ct?oI50|G!!k@xF4}-e|v{
zZY-si?8^0eu(Ii_HDHh4L~=|D=4E}Hq$4kNI5kdr@7(regfA>pRgJO)8V6ndKdCYK
zzce+#WlMlUc$_R4@eN@7ceTp(fYQ3<e8AF?f1c7o`QMf+?zqwac?|yf>7ScC{r^w?
z3}o*3Z{_*M-ws@b)U)2JZrGulH$2!KaHYSl@7!Rtasvjkq+;M3Ute04w28Dr`iY(X
zy=fG#8wViDZ8tumRI4W26*v@Xl=Ia$nCDBD19=*)ppA`v3>A$wrs$n`q#xz>>Q$fY
z#f`T-YAk|#I=UN;_RMU2|KBUXi-@aC;bfm%{yn@B9UX^Kc=2yuHZHD|QJxC>?Jr4v
zxcP3qJCsrW1VD&<RorJ>7Vw(cG3;L7y7AVyj>bdmhguD%cQd(a>K~X~ox{<I8Vefe
zq{Aovcnv;lH7^hcHo1P$8!QwwP3&5~hewSg(}T_*Lk@ArUYEV}wmGWiS^cMzdZ(7W
zCY;s`v?M-VZ!>e6NunSg@PChv`B3E>;z2TZ%%4yv%!^<wZXx^`(n&jp_Ev(XJ<TvH
zO03<!k!Ry_Z5Xogt~l!il_Bg12lKRnmZW3EY2@s{W?feMbGcp7{^q~j*o6Q(dFsF>
zyHc~z(r>1!zu(xAph9N63Jv;6FhVp!_soFoe=4MIJi9hH3A&TS*~|Eb%!+Y7uqmlF
zfrEL2tl0SF$t`gECJpq<d`Zsl)BrpG_L>(U;M0S?WWL(4Ke=&=j*S|am-$M6=BNaH
ziYhy8x#fPz%Z+PakKXdA=-Qv<s-;!LInKHI$kVQ8;{wl~#)wk>{4%#k(~D;K<bNW@
zjpuu5@l+*c<E!8Q9FzFJl=vLk*xYYZZl1~iJ=8cyfKiX`k^aM{AH)~=AWc;E<zme)
z9D=P6=8}F{*_@@#rT*OC-Ttq)W#n`67+1vtpXt@lS$b{Qjq5uSROk$Kl34WraN(BB
z#p~WD9+lmvgkVaNHfDIvsq|GSl+w26&qLC*rWpbOFZ%Qk#%q^}WY=x$mpgV?(Gg2X
z4&Z({JMShBCP8;2ID|ScH<H)-Z^eS_gY^EbMSVm*=xC&{OwxCJ$J{T*U(N3=r4fEV
zfU(4}S0OiU#7Egek{XQYjqyqceu#;Q7EG^Rw&UzXtNza_ycU#s#TExHNZyfq=suym
z(M+#uV<?ZV)ZAma7u}h`ye)&Nj6RF`Lw`?`0rKwz5~5hIK7;u^AhGlCu`xsyz({6=
zLc;!MeP71_D_ce3uZQ)@1Bdgj{I(eX0uq@jBW==uhF-A#VZbULPOMiBXiNOP_+t~;
z?E~o=laNpbeCNh!C7FwH>ihl^dd^(AtH1G+os2i(>+FsojFR5)XD435wbXzI0L@<B
ze`CtOEnCl^y<^duYXg<+2xV^|H;=B^JEC;6KroE$=7)oezm3qr6VoKi*Sw930Ui%V
zr8xQj<m<(P*7vsO*zf(JH{BWCEZF!uH()PDuNZtn?9lI=;Qb}?I$-jtjXNBabg{k*
zBoq8Uum78f{K}ixt~~=p9}JsBYsjcCcS3v-|C|*#6<MU80O-h&-_w4{a-BN0$N~+z
zdY_PtZU@+z&TAg)1G*G)s_p8d$(%?ld?@>LEhFePBq56tDMIOnES=L8H3pBj%0*V2
zvugo}ynbb_V;l&rlays6hgG4n|HIK9)xUSMC3=0aFHZxmbCN0q-}Y8F7zj2m<@IWB
zha!8lU*5BKaykWQSeLzpjqIFo?qFqTv3Kjv7999}AJyf+>20yDRO?jf83o|fS~$ds
zN7=Y04}fb}xMAEr^5r$B&yO09IW##MBcn<btu;V0-mh?pmdf>vwU1AChWO6(YOIO)
zOi?>Pb$O&Jtb6Vt*wit-pYNZnyUroLtJE5(3Zwy+3@1AogWxmwQeUmexVu~HFBiBj
zR7Cz0UQCFozQ631O6pJ}dZq#=jBBC%u`I+iI%quEk*Zh{tG(aH<FU4+=j(gn)?#x{
zV%`^L4O2tzufj#~CJJ`~O@Gy#omx#W9_!a&@EQKy&a|^Z*GduhkNq77%t?E@O2s`a
z?kyIe6Wwc=5y;@)Z)i+3u>Ovv-tg{p)y`J<7$tR56O+B;{cMX=X4gywam^V}*$qrp
zN=i-b_^Ng{<DuKi;<Md{)4nZ_Q{24(LDfn?>9AvhL!%YedsC}{1|%0{wQ?xt2R5}_
zTz%sjPAV)4Hh@GB-K_xKwXpF)N`YgATL?OB+iPRFqcZNXtXS1JKx=$bChW(vNevK?
zqVR}3aXRa4?+=cfxeCyijz2cPT&fDUFI~_j@CU6{u4HwYP+TB6?vy-i2dvi6yodiz
z_<Tkl^O0k~YTTZx@QxqIftOU|?2X<l5E#qA?b_j~qz7+bX}=7UbEh?N=&Cabe!@B^
zM->j8AEPLp-{FS0h7IMtj`9X#NT4rPYE;&>S$rjp!dvv}NJ;;e&gWfR29RA(8mFe?
zq^SX|pmaMMfArj~M~(coEy0*^7zRgn4ia)g(_Xh&L7{-nJEl{|{Bicii#|$QK}5P~
z)-%wRf3Yr*R=DE1DJaIN+xi;Q77A}q`M#I~V?1$b9lAc*odQL3^J_e?=b;j4>VXA-
zWTF)|Q6A8!5I@=ktH#SS)4_U6k6E=tQS*=Y;mOsTVDi2btIwqZeAE}b!}XgP3FkyF
z<UBwAyS48D8{@T(0+<6QZO={OnxJfDWxl({PG_~VhJj$GYn-I7w>?sS`0M+jh+Axl
zF(8PC+-;2<Wv!;Dxd)`=06+l7q2BOr6979);jk1pq$QxAY42iYIoSyOtO2^yxt<Pk
z3pJDVwe$*-E`E1tc|D#E4}BQRF_ZuUJ-(mHP9hrpWx5Gn+vUQK>2Vu_qjyy|IdVgv
zxd|3ID!>IMcX5rmY!sA0o;*G9T)&`5Sz^j`3-vjWns%Z=^Rl(Y(tHKcqT$nUMN@*@
zVb$u|mq)?3$cLkDbM-=Jfc%x7&%l27X|$M5O&@S7ksoUULY5XIj5+OKH8f9^s+|Wt
zSTb|wH&l@!*}s?@JE*-a5czM-(e>tMD$+Cr^SI&jwsn|gMlWcr?T}kBnx<ZPqfGfP
zA4R-(_h%<IVv(rhu|ivVj1BJL){R>Ag%l=_NG+J7OG@6?Dm};9X4SA23JVLB$kBP}
zlba>LpZBnfDQZo>u0*$n0eyq4@0P4E^f(F)+#3It+@_8_dG2yD&XEhv5*_hRV$T8b
zmekt_!H#7Bwd8<HSti>YA@IVm2tuHUz)t|;j=qa8x-gMn##1we;Dw$i6Cpaxh`ALZ
zFwmlU$cr-rpLbLgx4t=FOJ5?2(x1N?tKWeO|CalBV!jJV*;pL*2n`lib?f^-zc4`i
z2O+7Kq#ZXUFxNV3cslQT{qi2cG7R-LaxKhW)J8BoJ3aZU51P-uB$sb{ZJ@9Qj(*o$
z623TOw>)XEc4IUIWew!-47XxzAw>&tUIdUQV~67wHb}7WjdQO$I-BxSr2^_0D~7)U
zG>n<FburS#eS`}AiWxmpH+yj>Dn{*YS5jsGzIRwunA(!bQd@W+Z}e6Ph|_SfCTaR8
z`~tf+IJ$e2*d_Dcn8ZXY5GiH9(VHW;BfiB(iHsgBY_DGXk1WTK(F@V+pjP{OM3_VZ
z&;ZY&T+Fz*Ynn+UqRYcn?z#ywtpX`R*6Qx`j(`fx32YxY#y{Wii9h|5qECZ|%Yj$b
zcV^xIaL&NKg?bszcjCw^m9OgwJg|(aS_YzQy5UMaUn6YJvq9nfr^gNg01qE2rI7v4
z0<y|AjOSYp#^5M!dQCYqx4M4jfQu111A=*P+u}C-EDDR{%T9#IZ2E5*Ii$X<-Xu{0
zuy>X4Rt(1`o;kt<hcd!mpo9IuoV4S{ncI$GgoW>*Tb<<w5ZpB(M;U;}VHnQA7;RM)
zI5684HE3^Nkq@Vf826v7EKlYvy6r@`Lp3(?BH&$5#HEiNP-=7!1mC3XtuE(m135n;
z*W=1<wGh7f-`aMop3C`>AFE$_BXW>(f7}i#O}$Y1z>r<#Tnrq-t)<jk3mP%_DR*Gi
z5z}aNZ<7dd{tz9xpxVzbWE$i3;e_dHw7*~t4{5JpbhbaTHZ?RWtd{d#KIR<J8)mQs
zi06Kd$m93>L$EYbFVEh+VgI`RkezvL*A<yfmS1R#-=|AS)s|NRDdH1XirB^n#9**_
zyj7bC{{prX7)@Y|moaTmb=D2`9mZlFAeL(QKgm&$6H1IzYc5nF$daBCAMFg@cL|Cc
zbf{btursSf^yhu;O90C2m%^2*PzdbJd-63)k7D<4QplO^OdX0{O9PyJH^sN5W$WR$
zYPG}RRreZ6N<lyaM$>aQ&!j>^&=-IGx2p1WbBUA4*%bK5K+pNb%vKfS<Mql-PZ;6-
zmOO_xCXnb9_Uq$z&-`fZlmk{5Zh%4=4A_F-wSmkp+P-}S51$3TyeP#qb#U@Jw4RgX
zq_&p6CYV<{CBDrI&`phpgbWQ1I}+_+CXtY$TE%`Do6u=s6<zsf?IyU9=rCPmnR9ny
zj&{E30DC};1o!|7FIrU!GOp+CJ!Uw1$P|Tv)(#oLWG`WM_>VkGZHnpQ)CLnHDye>D
zLxpG-vThB}_Htd3Lq{~(J3<Ec=#{V?5A0fihf>kC^%dHc4{M)UIprE|58+TP0d8)0
z1MC_cV_w*-$AFDm&hq3c1|%+A7uWlFuK#7;p<s+F+kd+8#glC^4ueO^*>03(D?KH$
z3tku(QB>6pvdsp}^b*p^sb<*EJPfc&W0mG==e-jivOH#pTzy?YLez6Q34Pa{7D9u1
z^}f3{5mwPO-ClY|zT&(`c7m}{Yz+7Hag96AW5V-d&GikhN$pp%UK@};AP94{*&~*F
zpB3w_b2Yi4pxtT^$hbkdE|$BootmjH%hNFk7ijaHL8HhewnTv1>L!dq0disLcB;a?
z{i2*QgU^8H2jIma*gHQ^%#6pGW^<GC;?Wb?%7c?;a2F`MRBOtgjqLA!N0|W+YJW~=
zsD+)>4D@O#!@?)Bjr9_>`XMhKlZ8IYRf&E;t^{8_%o;t_gg!b-I;5e-x!=3xK%nAT
zCrA#Zx4XE5$Iszc72*SnY%pqPk$h8n5k3M2#*3puO>qJK!R@Dt)0l5#^#vsm8=_t7
z1E{$E(k<KDi+!l8D)ZQgf*k)(Pj?no{yaU@C5!xdyM_XQQn%WX06eyf|A5<yy!%pV
z>y-agXi92IV&b;z-(J0b?e#)63Xz*__x*V*B}UY3Aabp4g8#Q^dl~{4Bldkdf_l6>
zf1e-9wOHE@FOiLyJ~fM&@Bt)WQl(J~aZB?ns*_pB7(n9qPIQ->7QFr7(W4dKe*doC
z&4kK|W|r)+ghk1)ixC#eOp3W4QSRZdP3aeA4-A1L-b}Hp0YzMx8S~+&s1)>&r|T9z
zyS4vz`A$u#d+(djYW@UQy_f8=?MN0$vVnuo1R6^ZxHt}iex|y2sY5Tg1k@KooH1B!
zaVXNq2jxKXuC8)Z!{e*7BYG}x&(MB1<}0n9NBfacR-q2v%Pz0NE|-gh+(=8hXs$z5
z1A0v$buCeK0mlrRlo7W1*%n)!SKhI5h}aFN+xk<{s`X2vuQi0ZSD!^k!2TwB{0jWs
zD@o;B1vKnfj}ee@q0Jg7PGCnMdJ%72+#FZcWzf@SEN>W_L@;rKPVBP&dVy<ccXIf~
z0;%J_<8~6d?Q*)!nPq$ed)0=AENJLbtsmRppI1)1$sL6pM%TpZt2*JiXjSUscTAa5
zu>7IvgW>1_ewYk}oDY>?bf-)=rJFIHBTN~}xbh0xw;Bm(a1Xp3`Zvq0mUEf5qZ)H8
zUEhKBqB_!=B^-n@E8K~aoP&~VbwVeqs3@SL&B!T!M{YWw`VkD|N>qJF3Ym^rTZUD+
zs-!vB_r@Rzu>!@W%afg%$}TM`xl-Tqj<gV$-k~+KP+hvSX0w(-6HeYFXf0E=;%8|5
zWHu_~S>Dwm>l`I{D+5S&_%!<AHNnoXsUI&aM?R`lGyy&H?L!^D0lQV%qctW`Y9#q8
zD#j&%V81xzE!Y2GEghT*?R}SHSyMB!AX=Fujtxy_r}pN{oj;7(<3CyFFcwM!-yo4=
ze%V@sJJ0mf5?JD7oWEn@tiHd)9iJ<Odk^#%TWZ8|4@SD9e>Mqa0S7a_(yt+8ww;A2
z8Y!<RJk(0~`8a=Q8vDUeg?eCAuc9edCUm%0`WL*nJ>Z47%vkyo2-tEtI3WJ}s*R+J
zNA)#W%MHN*B~ieUDVzQBW4}0%WTVJ&fDEc)&`of3b?=W)kt>F>kt3$MqJMXfxgU;B
z@W&F!;m-l($!<G_*3OZ-(O4a}84FM0-T!`hd-}E<*y3@BG3c)+5!zXXv-Oki=eULj
zLdL2vv%QA$HC@ANK|bGdJaR!kHVwszH<r^7X6aX~<uA3(TU)TSv!s~B);D3!MHZ`P
z*1TXZm*<86O-4(@Wd0jc;jG7aziCd!ZB;$^v}fvHV!M*pVh1hkbPAH)7L4n}KX6W8
z!|s0<-76s4a{(4buHH<;ANOzB-X$stTgwEvZk3gD*w?_-Zjt3a$E5JI79ulJfp2pL
z__mJYMh2PUorR5DA#s-JK^kho{yRl}%y3uPmTwfTUhyMhrC9I*>jl9!zd+;3_Wr#J
zU4R!r^*q(ko#uB^D;j<hjw!Dbf)9!Iz7rbGy@&HK8mnhZi7v3nJ|-bRu0M~QMAJt<
zH=TDlrx9ii?`4h(()~Lc$)ERIp6lIJs3iW7g&b@z4{ewR!k5y#NnA|O<rRLR3p0Q|
z<;`Eib|&3TVn<B5xl_=x$~wdMpAd|3E~C7?<1=Nn<MiWG3#hw@Ju0hjNv#h&>L&e}
zO$3NdCrWJ!1auYDr$F;)LmgTQ3Y1MZzAe0o0H<H-t_+oF6J&`1jy*koTkZ6>-T{9g
zM)RU7B*lp5!rya7YW?Xp>~?GY*{A4cH^7i|0EZ%UItTH_4`s`KMG}5ck{y27-&v$u
z!uwAI6zB?EGc<qYE0YY;L;C!myd!IgconZp-Hd5xl`P-d4Wci4cipR(cMBX`T_cJb
zK9ss)d0ne~gWN8}{Zh0z4D93bCPd&rNz8|8Iy(*`eCI?#g*oUNZE?%$K)~L)+a?~b
z`F6*=ew^%L0fw-Jd`75f*WL%|J(F~gZo+=(m04)1vPB7!TW^eqaqgtBpvp9(ud(_o
z|J{pJL&cb@5(diILb-=M1GDg<RX$TW6%tYJwC1z&PX6|^em>{A6^LUNqpuA3TaWJ9
zxUb%*$LECl1f;gPyRWK40BaYGk@vLm##C5MT7~ymeI7%UncwWe`$B*dk+3xKItXB3
z+W|bqb#&gB{!JKG-BrP}r93Y<3{e9Z|4IQleN8+|8=9fpPgSgDufmWec5Jim9h9pQ
zfvXo1`F4jnwPyOShkN1QK`(6;OQw+=dP8V*$o|!fr^BYg3ZY<u(*l8w@^@jT_q5U@
zMXPt^Lb#VHQA$4)YLzvMIEFN-YWnehkDG;{7%4+aX2d@zE(w;d<9keIW>w3}#mKz<
z)m1Uf8NWhjjSQTj3+wM+^G$2iGl3Lr7K}qCv~V)wE7DJ89LpWzfNUP!we`Q|4Un*j
z@7{ej?%x$iQH|=FAL~MKq$znKS7rV`F8B6D{=^o^ht4<#cUDq;w!-#WKeH7@`7GA-
z@eA*MP4hL<z3~0frl4QPUld%lH8>zxYSQCt$dDNtN2+_Ts5}EBc}eyo?9;Z+%LC#F
z@a`)raqU@!72Z1laOdNhve)`<Qu`Lp?8e!IXHE|tG^<+Rbr`+i5A<%Y-V8~+kmT@A
z>&K;9TOuUne20yxH$-VMpHo^xnC`i~d+1?)^w;#mBtvB-^H90IyyM<q-`<vtv*>%i
zdO0r#BITsn`>9vWT;|mcJ{rKZ-nBR#Kp1pt_pJ&NqjKz^*4|6MJPMz9KixvN20SBQ
z{bK&tH-V$>m)yS!PONp`opj(PiHTL~V=UMbfq~6+4ySpMPdgC&5LiRZWkTd!kL%t-
z5g#{Kap<_?4O^UjOMhWA0$o<ogl`c7)L&*<R}gFgPB47NTIJ0n^w#KYTS(rUA9l<7
z%)ke)1Go^L6hqlnnV+nMdF!VLseSCGN%lfy=Ev5rF4CZAXArwwHQ<{T*Pj*aH%`|=
zcnY$o^OHZ@&GUS{Twa6^@N@hk&2ehzG5D0viI0!B%ihE_(eb@TxfVw1CPjxl0~MY4
zXHjmLH_DEc@TaQWxDbS^{}U&Wyszfdh&8~?QmVdft@3T=W?7kfwm7{DPk@X*YBJ{R
z7&JP>4cX$Cue@)Hw1rB}g^HWej=VBAE0|x*^5P9Trb0*IW}yvAkJ(dV&f6*CZiT{O
zV>#4G`lt}jpP`pg4`{!k=<)QO4MMv)(g4Wg8+aWd!p;hL(?k853-w(qcGZbZw#8lc
zyn8?$tN>C#nhW^+8Q8;Z1CFs#k&!-`MyRM2UN83qr;Z%54MSAHG+5_o(+7-kZW%0p
z%_99WwmanufG1icJkN}{Y<#h2@!j)2JW+ca;Ie8zXAp#G<J6|S{5{j^1WVfaft9Vh
z3x?;3msvYrQD<^pX^;CBmB7G(wo`)YkQcGkBoO%mR>7?rC<LoC1@VjnjcfbU1lKC<
z;3+NSeG9VyJOcPWEMyN;ip29n$#9RhbP}+VW|4tKeouP4^JN5PY$oW?6D9aVW(D>z
zRKg_16nr6_rjM|B#MiCHmYZ(IM!aPqOJCETql=Pzn78n%8$5S`GgO$MpM$j>rz%N9
z*}9`|G`@mv1kej;s)?_f7{GDnIGCLWOM-I+K^bM7d{un*1`b0xa1{pjABhginnNd~
z_V*4zk7CZM?BA5+kcJE5^K{%Ze{k-G>l>cFl2_VZb9dbT83lgY-?(nN((ulO-K$sn
zUR5|0z-2FHDR)AKFFvIHm@Z5X4}9jV66U<m7JVAxMm?6x{Q=-q$yHq-+iiO<4t(9m
z<#{#!TM7!rIz0&7!!aS>UMfN@rnAZ^U8B|pS)QQ6&=|)#7{t?z;!lidNZYoX@AYmw
z?rt7;IB>FBlI`eJm}T1b%Q^DNUJLKq>>s&?lGC93`4UsV!l<TLnnm~N9;1UgU+<h|
zVa->K&qu60)c88m<MF)hyS%vjkB)k6){LQfgwXOIHD}MY^A&_H(B1lc(&lT|25FZJ
zYPGY0W}zq2#W$6}azgUYpQJ0{vl3a0l(9YB^rN;T2KyIo4tY@^wn`>I_ME7L*IL?v
zpvZj^M3$e@`<o}iNZqw?w^rH3FnTQTalqWA;EjHI3Jly-o(USUSH|l02n7n>EWa;C
zDzS{O;e<tpmP`+b)>e*~mFz^1y%ilXz=S(H4Zw?P!&n|X-RZ=DyHzxOfq+y|m{o)A
zqaNgv%4*u#KrYNz{U1et&zJhUo4LJ+QOZ!T_RV7h3B;((1lcllWq%@&3yj6ZcW{W&
zgWpEKnNvPw-_G^ccqk?9HyVSZl8c*kz?+Swpnbm5J@Di%6Zw;8oV^DVcWT~n(W~PL
zUIX|tdI#V*$oCJG!>vMt9w|MJJX#^;k9=BI;WyVvp4H4l)j~qir5cNzeit{?_#s>G
zH&^$|493hb8F)nI(rlr3TUky-De9_Nq4z(8`7YXB9|54&ZY8ceb}I}hHR52Rd<E4q
z*L;<O45?cZd<iziG6UKf00RH5TCWb@pmc6PtI!=H>6|mjeQvm2T$9;x_-$m9w6;&~
z8yTTRek>>1!FlNI=kGoZugG5#X*$DmCKpch-t0t6J3wpwqHi419@6{(Nu*^C2L(3R
z0sB&X{j7G4bB!DjnAwIN(=O^tu#(9;HC;}E<Hr&;l8`c~W5d$y(o=Oc`_w4gMyY8w
zisvt|vVTBaz!#k65W%hxhT;LuFUUDF++Mg`pSTay(ae4l<L}-FFJ)_oxmyg9^Vvpv
zQ*0NV^b*cZA0TKcx`*tESAc=pC%2K<y2)c)wC6gWvbR!c-zAkn=X!Eg6MQoBXvG_(
z3N1kJs6Lpe-oJV3`a%YQ5Y~5nPsU@;1kt+5#~~E8@b$qsW{*;T`{bciccoTwIVH7=
zqDFL_Z=qecxOHJ06ISLFdKwew?~UtX1$GUKepW4A?#GoLKW>Xnr~o?JbS_ZZo3Ls!
z=kxN~+fzFFyv)4{lO0P-!|_+QVbc6s8@dvUa}?=e>}lszP(_aRj&<xyDc-PZ8Q%6E
ztfs*cFT8#up4c+A`RrxlLHJ2Y=)*pvBU#)Bb4jGTZC{>iw}^?&C9d5clpB~a#)VFW
zWA0DI-UH{m22#S>B+Vm>Sv}BzwDX*_!AUYdK1N`)yGL$nFR6*w<y4Z49y>ll$Qm%K
z;MGQTOa#Qh2M<m=J7VX4p4P%9Bw__*r_%vKA1@M^41t~0FV5qlwVg@*oYBs&6n`Db
zOQmMFP{IUN>wrf+W{^2#NHU?N&#X3d4a^nHnMDw>Ba9?Tq_iGhf;HJwrPk=}J5Y$_
zylXx&-Bhyo3`<*l3NeWAGVI=RC8BTD$y(_;byJ!5Lw4wMrR{YZ9rT4w2qPYUR<si&
znHRG^SEj*@>Xz5cDK6E)CJ)@qu+V!#@5!Scg-BUC9MN7lvX0Xp*YNH-=bf1oK6k1w
z-`g4)n~_o3A1b9+OpJM%%Td72H1%5%I*(56?d=hiN2o#rd(nr0oe{S*8kypcZF26?
zXMZi_`dK=+DW=z`3_jQXOYD+=S=rju{#sl>PaNXf>1cFSfvvHRNfxdNl*L})Wk1c8
zX=jY_CT==f9v{3u6~n$7&^8sz!&FhH7JE@&G0NO)H2JqJF(&C>aeIARiAs_sc%TO;
zk7JIudTGkb2I_?JZ)rcRorkDVyOPUwY5I*B?>LuhpD6kG2xF~~x!vh8_!@KDS})Jn
z<)&Ni8~*bBVl#QA|EXA@my1dU$np^bJCA1f%z=mm*+*u2Gq@3KvO$)L<z$|DQ{9i@
zw{vqD-nad?*GcWXl?VdG!nY6R9fzrEXT`crPU}si<yC&%CiM-eP$y%m@|8jH-2*;S
z{lvv!avf$gGU<UQ%%lr(tb^_p=NoTzJ&MAtELEq-gobjUHf&KAURGXy^ES5e+3rY9
zZ<{H^gRB+26^y{T{u-o~uOwZd5ePxCZHQ;!szwCzarXe?s<=igqf3u(uJZ8`0G|6g
z5cMY$6p0RsF&99wV>uzJruH^AclPfdaIASi_5b+q@&p2B@1K3`dMX1YNPD_PCgq0l
zgPv_?FiY(FPsGIP<Q4^^_K|O<CHz)JC5Oz^Rxg*;vW9Tj#D-HU8C0iYgSR|XotX{f
zP+L)v%nLz!QrS(PyQrXXQ>oL{S4J!GJm<*Fx*wnIg0W=+qbt`1$TRj^3$@Xw16U@Z
zS%Y8n_}Tn-#GHOil9!p3MfE1HH(3?kUTf@{&JaZSRNzB!@JCG9y|nFprf_M>7ngk$
zlydz@xzI~#?+)w(6Db&sprE`-(^!4WTu!z{E_0qbaSlME`X86t?gQpY2lXiAQRGUm
z@!c(AGK&8VQXFC^Qd&1Iv11LNOIKaVx}lb-r1jTXQNu)NxYLSW<j0k*MOhvMo(-iQ
z$0(Ee46<R?PiCn}TwIDXg)xC(qZ4_50p*Lb>C9d&T$c6S1(J!187?O60CId&x{IvN
z0|jY{#|z5xcuuRLg60u-fSjD`Ggl)4u-qxz5gIp|;;vI$QOgiafFz^HH@AbLFKJRW
z*#)NxY1kxjD!}7oj%Nw-*W4)R-8kr#ZWviy8>3cWTWjJNlvP;B-oYZX8kLXxfQ=LX
zYRqran#A|<i?fnu_N-AosSg-E1?(2`6S!PIsuN5`_A(u@-S5$?#p?n|GrbDj*-x~H
zq-a+#>eu&=Ma{#QGK*ppAFK2luutaO8nr2X;cTm1MGvE(wvbkf9tQc9*1Wlws1+sV
z95(nh2q1I=GrFL_mZ)cKUI^j5=T<|CORe0%b#&<vkaSM1tuyf^{N^DU^=>wS&nU|%
za|>NLWvi5VoL~Kyy<_taHR2iVqbr~-Z>6R!iMhNFZqAp<R^KTj?t27ZuoZdhS@6LV
zD0PmV)r^JpwJJQW->r(^9?7wvkI>K!j%4)_OS|;%SN~gb=o*;)qux75D__;;3y9w3
z%YpUO|DwC1K<+=jd1q^X2sq5YC>Xs3<a%m;khROWAJ^3g01@VpKoIEPE>7JmaH1hM
zKWbZmRkNMz_9!zTG!pvmf5iw~Svp)cQ_LMtFV4{>NyJ1j+z26>LQcPR?0M6FVzBwC
zEwMVaJbJx5)jM$NaGH|u)FOrAVk+{TseDa1BzAqO<=gSzoM@4Ob@5!jK@H^HCA>jh
zf1yDe!P~)q2)Rhe7kO(X4!i8MnuvfEOZu5JiJ|oo+dBKmW><q+Z>vL$RW;n@QeBVo
z{kq`xQjpMq688#f!uCcdF1{<tMdXIJsEtk}fy@CLKblNJnxzJ)(C<3$8xa3{RXPLh
zPFr(lA_vD24af>h#pN)1+g9rL_<*7?e-nLxqRR1JudTzKz`AZu(oR$8pQP|cr*Gq}
zWf4<(cL^*g&T@M$NfXaWj5X#Hdg5-&#WTrH-ZHE{oPT)EvZWisw~;kWt`cS?a~3v%
z4z2-#+#S#=JW0&hc%*;JgRC+)+Cf*Do2&mYC4l00Etk^8mdwC3K~A5LxZ0&RH{@;W
z)c~zcwA8ku-!EyN72y>g46}Cb$L66X4!fsS#Y$t0{ZKaSWRIM%77O_IDep9WXvSIl
zevkISC;s^r#kM>AWQ075TP(%EKnG5<kR;pU9%vTm`|qC-t@NjiunlWT+ELJV#N$ck
zJ!$7hgO|^*WnS@B{~{IG=!ToAGR1SuSh>*vUEQaSG4P{X=vm{QShD{i&A-!e05;co
z_*0AN^7MiA{Z$vgBk{#8M<9mrvvo<hR5~62#wUWOK_4%tBDHE{T`7yR?PK7=4q8Nk
zX_i3OPb%vAAm1$$G4Pl2au{Uf6Oau*cu(0!^V!&Fop#34u`ViQEZq)>$p~ccVN(M)
z{3>Cm^alU5?l1X{yQusCeMSat?5*lgnDqIqTJF6-Q@aQW(9*5`Q`q@3*59)r>qa+m
z{i#b~qE-G+us>+MAYm#$HbEZ9APw%)r-h%FMh-uKI|S4Y2dM;4)M-n;kq&#DUdA1;
zwbD+$QE|5B+o!k5*zT~ku*nR*=Dly%br<5Ec+C|L>U{@r`vCn|eP)kGO#JTA?&Z|t
zgiH%PJaTc`_w)!=7Zd$AHSI=@)+pC{vVfwo%jj)LX}Y0%PIK?8cMeC~Q5<`XaH9BV
zjw(b>LjTtz>4<N~<{R<)T6&THJ=#=sn_Pwxir*F2qbpI<vHkl8C_CMl_<^ePHA5j%
z{X0b!k!$_;5`(*RX>VoX{9N$M0&WApY02Pi{<wf$p|STY>!)ExIFMO?Y(8BM@#~``
z7f1|=JTJtiD(O$f#p4+-zKG6GtxZ6T5t-&OCNF>*{e<UOJ(M*_!qfb&?q6b+sqE|4
zUF~GEqLBY6E%1UO!AE+}u7ti;gq}X(kb4FG^v4)sFXoUcWs2*w)hY6TuHfiG)zm6s
z0dBiDn5#aIJK@X}miR-oo;IcEr<SEDmYr?BI5_;6+LjkB6Ch+GD7>uFcL|NE>JV>I
z4%7Z6p?Rz@frM;-+VM5ikX9db8cuMe*TUrbX}k!_Q$R8rIY&?btsT2aOHr;BJ%wlh
zl3_ZVN-5~mBkeK<Xvy(~U?io%|5u+`1cdfU#*ozdM8!MUOB!Rywng+k4iRU+45s$v
z+wKEVZx!@!pE3dZaP{|Yf&sfR_D6H<g-@<P3x)CZtfCCT<QEY?QvIZx&RY%Sm-z2%
zE29#+({1vW;Op$Kf(xjXS>?Ca*-kWP?$0{=cML%wCe<w%w_XG~96^JsSj10Zg0uf7
z%1TE@3Y?9lBhte8D4uB6j`w{GV2HJ2BfWhqKdmPdQEykz%w+MKwBZ~3vW$7Sc@!S7
zx&l;U6t6Hv(ds#u*)t6@HJSCX<~===;MvayO7%qz+{UUaGGHlyVflRko;}+y$RC|Z
z2{mljBk?*c6ag7cTjREBSxg_gzaCLS*3nAW3{&{ziNlmVzt1}dKp<A#p4hXOxrwf+
z=Juieyb|bs;F-WnwRbrZ7u&04%V}g<I+y&KJjr%eOK&W;n9>xZMl5h6MYKi<9h@QX
za42|kn8y@bp>}tX*@gQRIhK9C$evY4<1G}0NBI4wjjfrX^ac)>+>nxqKPxZgWq;z4
zLldOt+V3qp@Q)1WbLd30#ZRAv|2Uz;z7zKSVZE9M1X)W)-{2Iw=jWIERQBv+5=Ht!
z%ZD6I6r|(B<|i^@xc=DH+C4|^-?Fbkod!8Fv?y*;1`oAUB}Vk3@6P2!e%#tuY%Pb3
z-GYkQEOF5!fWQd}Hfo5ubB<qDU)fnhYj;C(p<KngH&^x*N5`$RwT%+)H{uTt_MXSC
zw@t9N{op`-m}TYVDs{vP%(0ta<8@r>esoe5t3T>~;4Ey)fMY@V!I}nrPk>gEih}4o
zoiu2!_Z{DB3rV(C$-70f-IDI-%sN2HkF_uOY_%^|EU^Z>O?Phf66oUeRDP$^c0^HA
zw$p>Pt@2*U_WR|xJY-$gySMafN&m*3qLVw8HY*)HPDhy#zXvw5lr+?zU_0C+mj}NN
zKJ2QWOlOHTE`;%F0CET@R?W{314E3dJMwLhOhI{yR}}i8B_v6_IB#CL!b9xR?LN68
zfd|v2zF)4yI|mgK-CoKlGPp0pH@rE?3?Y7TeWqx?7^==GF~?q-QkUs+=@!3l@SNvd
zRmd|&&I$YPG4Se%ys9jKZ7%u*Z{Dl(tuU(lU2{5*%Vesev2{ol7r|QN{Fku$yz!ie
zBT<JK#vpd-`2}4-q{^4!G6x#Cu^r|zJ!xfsR2Rs)DI@1MRouuoO1~LdbrQnFui=7S
zYhUD7Xdo7*Bn`FiR(83*yBcH|?eG%!;TrP=QoOKx)XgA~pR}_!kaaGUW%u7O$Sk4)
zALu*YPiNS{^b~W>evj~v{a`D35~8e{o>$27SLQy!pIN?O^+i!?5U%}nG(oe`yJm_#
zC3q05f;ZZUY7*2G${HdrB8*u*JWQ)GDAxFPU!u6{<a?{jQ`6*_kZS+Y^1cn5peAF<
z#Wrxyd&h)}Rwd?u?20d<ZmUH3Z4y>P$KbH=p|DB!znR978gM5}zaOg7dj+rhB=(|B
z*TwlW2Z+Buz25)YXuPsRO-K3qLtoTfL86s5=O`7M$Jr$SQH}DvXZ3Kv89i!s<vOAq
z&T$ULf1wUgTH<|C4isXIOgP9lVHnvBo^ZAX)$wX*7BX(EVArMC$hHU}S1ytfx4eR=
zY%UQsJbVU1Xq(hRPC?dzMrRv5uXPM$REjW!@;dDLFjbmGF}bx~Hn9$X6I|VtuPmoP
z*=xW4n6`;a`%uBvt6wk&3O}qx4946cSgUg^_~c9gcnUd!L8<^{>b22Vd{+gr25avN
zpIVU97m<p}QB(LHco2ZuP<*6p81S@pgH5Zg=HxY5g%i%&>!o1LA;mb%d`nM!^8(M6
z?#!Cnfo~cvxiiCq(`ufNp&+bE7*$sDs4)>a4O(t~U@8UF7FU^<(!z&F*A0dLdWV>q
z{ioG5Qs*kiKU9uKwx*n2Rau;rBeq7k%=zEz?Kb!l$4pU$NUrCvdFXM6b+kQNCPRGt
zUmN9rP|kjMf{gJ`{kF=dd#6skSUP;8+_78s!+aN5d68e~1^k&%H{zl!d?5bA<;@b&
zXK%j$Pj#!<Si{3{<(h7N;ndA06<1h2qbYoO?%S#2w>G$oZl=*diH`SOr^fxB+1`sk
zhwj$%XJ@q4xT`=N)-XC8$V<`6HdmWjEtms*3vyjWN`LYSg9isvG~Gw%(PKgu2QLdt
zZ(@4RfEAf3GkCM2?)=#P)?)cVP&qV<%|;qnqxjYl0fZc^#(GY44hb|LV8{(Fpc>n9
zcC(s_?S?%PnTbFq@2arkeV2bj<lKi5hB2_i_=(dRbwEC;&@y6ejN&*$sDB;c0-2zP
z4u_cX9@eTAP-k#x&b$KgFrfhNewrk-nghJtVZ1qiaqM;I>IJ-NBi|I)l#xM>$6@~$
zdv6{NW&i#UYf(|sT}lWoND0}qE2QkQWu3~tuVWvStrE(bU1Z;vv5aLx5n}9v!PvLK
zV3@%ep11q{+~4Ino`0VIe#dh>*FVKLX0ExG_jR7H^R*N~EsG`XSPgOgC8le|c5eAi
zfOox8sTKvLrLtDeUpccrv(nlDr7BL~K(oWwr(s2=FDUAy$<pfmxX!Ac{;v{Gw(OP{
zRdlV?nji%dsk1BZ^C#U9xciARB_+_$54=;CIEN%Wp@NOPdyUx$q%!!%kOJrz@NH#s
zJz*U90H5c&V(KL6>`amxR2JsvfO$AXnLune(Ze7e?gj;@DVahN!Ph$-S&fQoVB4;X
zhG<{|3Q+SCjQ#V(9i4P-2!?FB9lZk8?jwCZc!}rS+Zji=)!Z$`&S7HsJMdlgCE62{
z#z3MnH6XhwX8$w2bj6TgB0Z^oscacnWJHo$|80V3gaCR)-F`u#IbbJ=+~E|~KU3E;
zD!cWL(EXXuCp3Ud`;z&2R#WG0_^_arL~Y+4ckAb@7hi;tj}~Q*EJDNWFZxIUXC~<d
z)%RwRO!uu)VIFOFfHWmANjO{|W!a0%c@*@rGFgORT=`SPtl{3W0iDEcEtA&x6W0FW
zv&bW;xgdpiozGCrdFRyM27ui5gI39GI0mY~aqy(UG0jLsXQl0pGbAB+TV3u@FD3TV
zC3dmP4FG|zyq+3eV0<oNd)W{4c8y#omSn$aYe*IwL{qWV9{CGtU_acw;lx}D?FmRF
z%Q8~-(CMzL8?RjfKT**B<(tVP`HM0?IZhnY1S)E*yk>GT3DS|*U6K+PHF<WyR59UO
zYp7Q9S*naLRqqO~S`|-;TKoc;c^sPQ4u7kNTvZBQV@~|7CEtT~Toz(%E2&?<e^kGj
zQy@-EGUR56HmI~rG(VME@BAb1lpFB@Q>vBA@6Tp`n0O$6QfwCV$9-^-uFHUH9j9-?
zSy)`1)MzzeSo`Yj0TJWmI`TTKV+d_*B$5ln2G)<nkoppCp8z*G^qUN3`(-YWA)k>x
z@mPs8us07H3puL1^M6Z?Gj7^&9z?6~eF3*|Zbw+3nJv}LBLNY)*1vTHflsDGM*`O1
z=(&$PCDs)np&;iB)fU7I!}cGGznk(v)A_HK<9jX;J*d(hbL9WC{eQ&l@Bh&+^ZuHi
zNX_3$2+iN|hda5agC1{^DY}g5C@a2BlmC(!J<|Y3OHldrIi<`6kG~HKt-%k7!fm-z
z|0*|pj%8t5w}1R&z<K;98J~Ggw}pVIq}=~d&dGmi{97FJpF`^nZ214j_J5MT;(zSc
z@BiPS@&Bb6rd()eSC_?LUif$5t*4s+WF|e6AN{V;hRl6C%N{%7i5W5mbL$YUYvCP$
z7Qqn|_2`Mm>X0@c=*<rRf15b`XTqn8S0wT-Z_Twxr>fY6Lz!c?_B`m?1;}NlcH$7{
z6d?Q=<V#-B=bgtmA>&S*U4`r<iVXiPuF_lr6xLS@f0+79u{|R93s8|PR!+swC2u;_
zuMIPkhT2!$z6%0YDKklWKktsk=FBgm-c6w^T&kY|NTCQQs{C$!FB7gN0sXVqp>Hdl
zpwpx=O<3y|fcrX*=^?<`k;q21GLVA33z*a*DAICnjH*E?yr>H>|38n7*ST3>Vf*@U
z_6zKys)xI?^uBfrRg><h3D08!dY+GZgp%xma~sM?OY7FLL&x@{&0T_2NN?TWX%E&7
zKyfhgDu~XaQcVn=eR}QHCxzS9Iu5`oL(p#cfsyjdLlRbSmN58%3W7?u$_nnr)Fc4r
z>FDLpOi1LjlWzlgukxj%+I^^)^Tm-G+t+s(1*X6|%OR>LuMficJNc0Zz;7@`20c=a
z`knFi)ckrqUXbQYWSbb)FXo2Oob}#nWj=7|161^5fe`>Ul8k}B$qOwluRHyJs|cA(
zhJ0y{xwy-<JHyqn8*84}j;;AFhy1aq^NgK9I#7{q3ke|X&|2NGGf41-j+Mm3#sfEE
zTLL;gp!4h%uHRs;#YdWSi!%8r1KaPk$&Gl}!QmrL_*3~Eg7ha2x0Hjk&^5Z4a>vNN
zJbU@~xEo4(KKP1y?5l^?crD&!A}6bs0t<1{kDyjJbwHS(Pk>a^+{Dc7SNFGJ0a5=c
z0GG9nnX+^ByGK>#-FvW#txle<_XDWUY0|!l6{a`>?g(S<hXre&^;wGk)|g%C*o)R>
z{78Z+Ge4TLC=2x%!wuT%o4SPfQJ~$T=an$>lQ5Er_}=%JxsmDCer0B=Et(w$uuNpw
zQ~}MB2b;(G_-Op)YkV(nA}PdVUfpDAE04~3H%pZ1>)&Rn@-M??+^Sk#lO1ZxIR_Vd
zB-cMrcw)QVO_x);5NuyGU%a^8&gPlYKv?%($SmjM5%#He!B4{G@&(MyXTEF9BXCX+
zJ5F>|*g*Qf3G>%)Ultl%l;yi|58pr#)n+o!H^u@tl%vKAQrnlr56T{I0i_iBlWG=S
zOGgr!Y@X~;{iS}r$q3Nr{utYdGhs<!$3I}xXWJs}qWh?T(*ZZV^lnDt6Ez#jpTEx^
z-C~Cwd^pzGFiF^dH7MEkoIOQ9j%;yy$O{326jy+jMN<X7Q;<G3eYch{5b$sYG{Wy|
z$~>ddzu!@xHwUcb>evj{#}XW-_p!ftdSwr5d*d$)zm~f~djm$78cGFqqq`<&W--w8
zUEVfSTUG4cY77pe42r#chl;=c-n-i|T<XH95o)hn$oS-o{)>U9&iwxI_LN#nZseG-
z`_jW@;Qi33J4e~2EdEI}Q=ww`=VUCKE8hMA<T)Hh?n|#!XgUaFexvH5whC~WjXX2o
z!v>T-{GP^j+4{-b$~6y62QamB{3rV?<MT2%6_{$s#kfnY{61M}6=0)6GvVu=Ff;SU
z=(2%Zw@9{8&3bjLb=Oxx?+V`R>SKa9#<70%A3v#OV3A6d%I=MEsDWn(&v_p)@)_SG
z*jphlmZITyHOyJ({6wtOBPt)pT%oDPc+|(beYN{_bj+5xbC&(qL_Jg_0SF9Ug}M);
zRTK2~j}No>`p9$z5W*c_4+9ux`Iwt+QSAIyDgKDnCQOOQ<l+!0p~4yYt4XSV)TF^0
z<-PIt>>NNT;tzfCy3ixg{=|VDgtx`gtbiWx^K@%yB3TM3T0Cst#ZSyCMIfw0ZjEm5
zaH*$QFKl|?i%IH|!2T=hGe8oHdr&1cjX+ws(6oOYR^)g#Ro@7k<*TtSXwk_){++b#
zEpsq+ipjf~+A_74Y*$3+Se~_&l-GA6G=(<hlth6wroVxIA`;v{b>0z9NQ&N>8)X4Q
zFt9@B3%eux(f(T>?#_L`qLF8qzRz}s-6hyKU?Sj;X3S3C>_S0dNs*69qtxc^EO9v4
zeLbr~gp99&46XSDz*5#vA^5%6aXlF}f12j9F@WYx>XuoRPIFKDGgfVJ-!XaTKO_a9
zW+Ks%Ko2s1tzH<e$;|;2Lhp{3H@AQZ2=wa{)&ilSGQ7H3WYpM_FBFey^prktg6#^q
z!=EP+zuoAA3~<MM^52~<fW5%ylF)6P2$>*XM-#|C>x`*B(rEkZfHw=2GMG~`tDOMb
z?o(RuSA!QfxKph5VP93z5p0#DaafH(E`on$cE_;GXMD+O&`d6Y9dH^F2}9udQiq0O
z&ET-~?-HVRlBQrO>t-emn9TtKtyoR=n1&8ldmfw9Isp;xh&RulB-oWUS~{s|AaHej
ziEOzMqq4S=7iIT$XRjXS0+JA}5$B+`iPV%umU!X`OQcBuBh@6~js{s^{G%3d9<V4r
zsiuo|$DXB^aSieKpt^K41M#N}#a{-`v|slIMMs=Zv2X$;#FOVhkNe`au1Q}~0(t!?
zfVh6j^yA9v?CxWQ2(8Bg=bqZXJawD)O>^k`z&8&ApDLCGzd0rRk=j&FZZMFp?8Spu
z%}<5(INs;Iyrg;WV@RGH!(+{It#=J%S<fC<k9B+O`GiI!p7LjLy{AWAT&S{M2<6tp
zWClD1Jt`N|e5p(4@YooxxcvxEl(c7VV^5N#XQcST*Q{B*IJrpZ%DUn+gw1yHD(Dr$
zktH@eZ0R}2G31RN#8UQc@-y@ZPdq<;j;hAM@lw6Hw^Y+7q7O+WGIJ;9VFT}rO_XYp
zUfoA;z*S{1vn9W(de(hj5PC(IC*>+|uFs(p>)~TL+;xsh1-K42X+-jI*%JS{gmjtK
zh5mS<<F=d!wn?t@ot8)ni9RiE7Zq@5=1-YVm`W4?%Y6ChR;J}4z1{f8;G}~X*;pn?
z7JG02s+sb4mz6o3V;`0Qd)YH6<)t@szZgv)TBS@*5@m_NZtqNK>^3f!Wn&EkuMs=b
zZ*qy>2=T|*w|gi@18>*8I$G)AaFWia$R((h-Q0h(np4|Q$wXo0T}1%0X`#4gQkX}-
z<bo-$0gC2Inqc@fUfQ;=Bh*Wk#CJ+3J~82&?BabH%|OQ+Lg(fFi2Q(s;djEj30e+Q
zzrK)acBdLgyWyhh=FfJeb#2>AlhRu)DkfrifB2BAf|A9PcgE-uWvl2KC;N#jPMHc?
zKMrTY`6?Jcmo^BBzc%nGIzLfjB7xcYQ-x|ry}@Nra(4Rtjp07fwiB^_kvwZx8l9GU
zZ&?l(8EkG1N^rjv0R*i|^N!1sd{;ReZn*b8ZmzsM{gavcyljdXzn9)^sctj`X3?}~
z*}4UoZohw<Cp{VP!1~~L7b?=E*92D6HCFBtngq=H(_%ut6Y5ED^jBO7&Ix#YZ59MB
zg-jq4!6}=JJm0l=@Vl)*7n#(T^>h@PDCO;XVBC*bd8CKT0wj$O()6Kp_0s;Twi0Rq
zeIblVo@Vnm6d$jemOCsR)F4OQo~Pf6lreJexz{_!DT;S4e6R&%s7V0Mf3Uol@3L$w
zH-86<YE3u8ii4?=+p5qm{{nym$}I}aw6-CrIQuVMi@t&q?UAy4<!$Kpa=ci;gyP~4
z-^$CUS_*jeiVfjY28Zr<jGueTu<}e3_z%1*fC&040*X6>>gQ1qUvy2owncuCo_a@V
z(k^IY8ZTTtKqqz~QgwlQ(DPf5Y--s3Qvovj<9&-LMMe*yQ*UsafT=pN2`Ukedk5ts
zBJryMKTa&591iWPM=~p5rrav=_RlUs{f!d59P;N*$d-G6azKDmTHiCi9ThNwePd*=
zRf`d|712T(j63n#Od#OPgUiOg5Ux09mB{cn1Ve;yxr)+JQ$%oXpLCkydB!uSPmPWf
zW>L~XR{NCdHn6&6h&RF{eb-hYvP+~dCFLk7LaFEnL6e&S``eyxFhhN&Jaxyn<M-$M
zm_R}$>X0YboGN{?RId6yeV)p>INZvV=hwMPX$dZ%K6EVo?^|>1k-@LvCtXm<ZL$fe
zHQGeu{%hk8(}%G4_6#d*$95o^e>xR!2i_<<I$@cc>Oq^vRJon(^k?fT&#KvkRJx>7
z3G9LIT4T*9C?Fl&jw1QEOn6mIjPHN>(f6x>&ydyRD>qd}GGYD6t&fi1=|7nGA+HX;
zRC_u)QXroAsiKuVV70u6PjEtlh{u-dP;o=X7Lv^vmHp8)qb~wA9=GXWc=1h=6K9}9
z1#hz`;(ohjv3T9KT1cVj$CK=aXVsD;<Fjqxlles^^=(pzyJj>L3CsKGv&xJ=#U{Mu
zn~Bg}zZd734rMd}pUt`O72wPrUY8OQ^;#V)(Cy-yvcI70sP!~JP&so0g|CQTIT)r3
zZEuq`yx+l*PPk(PoSdtege=`#x~0<JB^KOcyPC(yTBsp)=#_u7u=+90vr_fM%b%V*
zPL9{*pyTv89>_1&oh+hNj<@QNq1R=TKXi#H{*YE=-}TW^fei0+55g0A1xisLNt3?d
zc8uQe0Issh%5nFp&9-ufeUe1%u1WC-_!7@%%U}m@M`3H$1ln)d$qET-<+=9EOLZ&c
zU=#L@`|ILAUH<9r*028?|0Fd)f?m7N=?j<(I1Vb@r=sfQq3~()dcn|zznUvi>z53C
zWm#ya@Cds%4oBi{3mkr=`xyl;P3Zyq-dTRKc1*Ko$PWkDRYV)EAD%o4Bs4(+9U(@p
z7d-o}H#yx&S{Tp}<!BEeQAjlCu_P>b-HP3g68lriZ=@_1d45N7H?%p(3@N*K)=YT-
zf7itAE}1oZ59@&|wscIwYApNJZK(M2UWGU9*+)$l4v!0SWKlJgOm`WUV7`&04|?T^
zKJW(&`~O^NMV)H5f0P6qWQ}?vDetT}86DSi8vRGejE{C!hJ`>E+UT&3)hd>-NDdcV
zN$_jDg{$e2A^+s(Q)Ikg>px=hllzr`{fM&=WrAs8f=Q_RD|x+AgjsPwilN@iATj5f
z37NRot#Sn-DrDIsc;vUwWF$0@OXY&#%7Y<p4u#|ge9QKh*;?|dPZP3gw8~NS9y0cI
zaH`xHX4$`?<Iqp&k;F<p@+k7A?1-(pGgmqC8djalxlePWR<6qSv#pO>E@^*zyxVMJ
zie<H%&ZKww4caMf!~vO;yg!D^G0RnN=4m@~8Cb|&16Sbn%#8P0Ec}cn?&Yxb&ZD<y
z+mjGGE7YY=wKta1>hbEeA2LWwjY(mh&$_u06mCOEam}zS6LqDIiUi}{4Sm8wx7tX2
z5R33b)B(=GS8BPDzhO6exv$cyrAeLBPv+kH>^WwoZpeOnyx(6&hx(8>b0Y3cTvDDp
z5gQOtsS?55Tsc=E9UtAdIU5<4>{Rz_(%p5t?xC1F;Xz^}ajZ*<ba38sEZHeBzSxl3
zOl2E~m2Hv%YT9#c@j0`VXkGneF{}@!VTUNWuwqwIKAQsMe;`ZxY15)owR`It=qD?2
zxsP!xrRl`VGhpA3B5a(v9zYhllM|d{R51_L$$gm6jm?9fF&d+@gMFKYEDDC~dt4q3
zjf>PWSM!=+BW1gb=t6CXP|dhc@}9i2@zpnwkohfdZsirNt@x9<k)2g4=#ov8cU<!T
z>YxkI5XvpXmE%;CMRP~JW%mYygKyTd*`*kHw1%?m2dh1OF6ECc-#R>tzsnI565}2D
z=-^x>X>vIRS|P0zCAE?ljM8Go``?a?yoyw$i5n<yXHBSnnmG5Or(+2=ngaB9n|~>`
zQw*%qS&zn<Wo9CSQM{=^C8Mu%FJVIrO91(eGL5=pYn0}_kl5hlb&9I2Zh*9y>N)w>
zk)z(sEY01NSL}=ONZyN*MJ^jfKV|Q#KGcxf3@)B1e*I*%&i1nt?Y?vtjzI~jTe1p`
z8|}8U5x7celH}NC8Nz1@_+i@;Nz)Bp5qMzTz*S{EGBtH(Q$f$fSL$G+l~^8JiVwTc
zD1Jy*Mh8d95^EbB)t(Lz*U;EQnL#p?clJnK|MGj={6#|+6L;QRY@*iIC>v!`FEgKi
zLOQo18t0MstEXmCU6mG1DXhUJItJvfAe`oYYgwjCkVnuJjq3NdrT^~4U&bXXP+4T)
z;ftYM(?53zrIzjEbbiz^7YiW$t940aw3`yF>t0#Lc}?VVHxaSia91l}&cSiI5kXqA
z;m>q`U1&*S7Jl@z$`NL}VcQXcYf)rLDm^dRWTPz^C3`SUPrU5`Mq^@NZs6UbXsHv?
zWA1*d*q?l0n1J{a08~Dsfko%bRyE-THUay~Ii`(t-9L_Lp`w~OF8-s|6Ju~$X)itC
zgD4XPsj`w+D^yE6z)vNXi%9|j<cs<XTK&I3J^1>RZ=|gZ?xayr(kW6<Z*ICv=&{Id
zm8^3(25Iy$xr+SyX)FEc!Fv<ACRQn)(Wc2pUku5XjmY)uR#+19i1IP`)#v?GjRb-9
zvr;14tKJ4Jn=z^~?YfV+`E?8IZKCcrdV+6I-fS8G$<3_TwzJ#)Ab4z7Q7nBEu{`T|
zuqz@FYYnn8OrsSid}!LW4f;3ToA+2E!?@HUMb(nICck#&iiF#zx+>cZR67`f704*L
zxO%L!%D%5c$88yy1>Wko3m#C6Nk<^yzznSsB*Sw6<G(BF<al_nDC$88Ak||NiRGx1
zvbBXMm7U@xYnB`}-#cD<myH{M#rBoRML?Is7(<72H`k(<@eO887m|E+#F(a0j3V#?
z(#Pn!NZCU#w}nKju|<npXp}rWbP6wDSMA9@P>cy7Hm)~-2X6Hq1}lL<%{+O*#PgNy
zqB)sYDLBTPS<Ep-ORdCynV>0hz{*PicwYEj&ZSC=c(mf%o(LG}UR`2>`mHW;3_*u>
z55{yjE-~}|&Z_vL(E;|?rb6Nq7-K=l0I=rZ_0oHBF||h;-6LPcYvs9g2`dBZNwDw)
zJ|wZ8`*eh@t}C-0Ui-yaSf-GDR;c-^*pI)I*qEev_SU}pcScEUos(R08H7U&v;&Dv
zWW35t4^$Ul6eU#rfmb{e{N`up^gBch7XDxXTO+<Z6|@$xX_TuyHC!B25;i!NwN&$k
z817&A-oM`1<yRaHnsn@fXX7#Rfe6)7(H$!>N0@khu^GsTpuqA-IK!tjxiV0vY{!zV
zZ+rJ2mQrowoK!23sf39%v>6hA;1G^j{7z=KeO~lnzLFLBs|OA}QaPX)+k`6<r88go
zw?2&kxt%(3r=veeL~YfD9h)vO6uQQo%Lsq#>`{lS951C9`PNLRMljcpv`@>d493>+
zJv2G_HqSCU>A9!-6;r}azQ#mo7+dtiywJd`@H9LUbBW`;B%-5lGkIOTJ4wWhQE4a0
ziZj0ScTtC+g*qxR`Q@y^iEvdXb#AKM@QnZpj!EdvuJb^#k^Vr*8pNJ`x(V3XH^)0w
zGjMF%>D_-nTD81MGf!I7HoB`ynD}_rvbdtf%wk!Lj=P=B2tl+?Z6t|?u_ayqxoN|;
z{zk|B1TdLoIa$~P2JY#--y2U(lnnbaP*2AGoIaVxY&)2zWlL$<k}f&i2xF#sEK9xD
zbAW?%^NL}O3&cBAmuB?gJbvkC)F?d80R82RqA!48FGd#jeKV)=oPCU&M<4Lntr(5d
z@7~L+0UoxX?aPB4*mrU0pA~yFQW8WUkJOpws&~-wEGDFj2^XfL_P&HWd*ACVy>`nl
zf>~6#wk{J@xK^XVX1wh*^WpOOOj|CzsV^zGX$oo&tIn7s=y#2{w6m_6^=%%Ky7<FW
zA<_=%^Ly@LpCgQA=#R+QUo<9W+$V5(S&<csLv5L_5bVE)_sF{Tk_s02%nu`@C3M`7
z50)zN!Is^ZPtF%yog-pfLe5|5R2EqgRQtqjE^g(UCK0mVbRj+Leodo%7wPIsy(ZS?
z(DNJcGxh#CO_MIRatfVpxwqvcHnw<|ifTT>P|%eZzbuh!SL0ZYUu}WD&B30cjpf4W
zsnPheN~Bzo;wd*;n{cHKwp2#GX7jc8dxBFaHmVUl_Ldz+)(<MD_*aS_nKX=;o_b&J
zl!c8@p7TJmo8a7)TQ*7s7=D(RHX>j*4jsN@`G7jaw8bgu&P6ACqnFP9?<q3m4%}Ez
zO&6btL$tgXnSo*0F7iIadbF<JUvDPoB*8F#eRPRUM+S2R>U3)*ZJ<Z;sQJc=HuUnI
zeVBhT&h(>($yxWc{$Gbgb^XV8QlDVukAd!wx^>S_U$O`$Gg{bQbXe}sra2KMJ5<a<
z&$s;KS@)sjd53`o2&b{|P^8J{JtiC?&#-};JoYpH-EO_Fh#jlRZ~Ti&j@P%0y382+
z{e{*Ik7O-JjIluXX3k&4V12`R0=n?_?7EoHBn&NT1mO;6bh7T`*T(wSj~5x#4_jh*
z&P`imVu#qO6#?jwjHU2-=^55O_39pRxdJ69Fs6gm{M^OmP!s}+q(&(Zg!sWqiBEFC
zRm=R7Z_23J-iBQgac}eY9r|QK&zkuuZCe@B$Azl-9w88%@d-)znT+^*<8;?2Zfw?%
zIEzR$MW!m1=+eb~u$^;M#vIBB&~TwS;-6?{I3_z>j#3-4_t+Ab?d-f3S4qyJN2ln$
zd3*UnOJ<L@zK|KHB&tPHD9J)TYsYl%W7yorf9AsiXx3K+4D?(nQrmX-KlEhlz$?01
zh~@LF!(Q@qyc4fd*|%%<)K-1_@G(cdp>z%r2^E<NH=xo}OKnMri+$bWz#c}(RBvC(
zDORz#qT<1#`(nQRCw!MV?T$(9M%P^NRnE$Lva%<rMq*>-a%Fy*bomym%Z#SDzX*SK
z*SBE4=xlqWP(T!A0b1<5EEZWpY8&@NI&^g8VyOz?rh0?4ecBq1)|RH|_XWJ^Dm>?C
z*9+l~l+g1lmsL-^@x(rj6WNy3i+iMiG#iqbC@shRQ7pH6p=2V1u-n~m%2Ks%lKmCW
zqG+)aeZdcrpwqao-duUG>@$YM&VgoDi*zk>U0jhe$y?=DE#IC{a<&zT$ND<OQ`TUv
zh4BmQViV?ib6+oMUL$FOi!JbtP6<%s@ir`)vLMcC${wwB4byw&(Fmed>kn~tS(c;V
zndkrH=+{{`=fGm7+VW+tdfPomRYZATE(uO-QD$h+J+eU|H!|0byyo)yJfxzv`vW0`
z?q+?8TOw#;wc2kb>XyN%Oj~VP5DK)(RX5NVL66Lrqh8l5IcO$|@Rh(XK;hH2c7B_C
zjG}vOrP;o}Z-psLDx7%HN2d!7altv%B*Tc$?fV`BNXNnGcW?Jgbc*#Yhjp+<AfHBD
z3{OuMgzdZgnrU`BARM2?TD!E+bkAVJEgl2p#<Zm`Vp6<v@hiK2iLl$E{j)*4@m*&^
zyQUq({8cP)UDJ_TQSQZSAB+Z2x`Y86)2n;I@~$v^;1PhneAIYvTgX4JD%g{qPS?Qr
zcjq=p3|(lNewxfNMf$>DkZrnTej0n??2YSA?;x=ZCCsCB!(a96T>L9a4b8W&=nf@)
zHN<IiUR1KEo2kdo%$M5r=@hfY#eoT*K-#$%=V*V18M(KdQI4&h?WuorbR`C&K+_DG
z@vk5?tWbq>)iU$J`ZsWnsD9-cbDqo#Me;GT4n5OLci@})7Wl08gS0g16eqrc;_<}6
z2P!rN`RbsX{Si>eerDwC2cds?7kpDo9(b3pq8;x(vNBZIUD5mN4?ZB>;7JSK3^NP)
zo%g}RLN_<_d@>`%@0S1TVnL>d&Yx{Y3*y#te(-1c>0<Ad9}J>uPTtj;UkC-)w8&6_
zZaC@A;=!f*b4PoN{c6F5@nv>rBtP1+keetTi3V5tst|3(CiSly93R>1|EO@LbunJH
z?4u4KCwtq>bS(hZhG?;d^pHJ#C^YF7Leqa{vt6j^ncf;LvigJVYhXcj5`(T?t;hOT
z=hPs^oZ%wwJ^ArP(PvUN#DfQq*Maa2(Ip`-wN)YB)fy-eFlk2kA2mu~lZ9>Gu(8Tc
z0<_~wHQp0B#OS@8o$!ZjDwG}a8Nc}2i@al?6VJ=Yk;U>0%um`0i<pwTI(M+6{2pv!
z^*!9@5n8waS=86fl0+fT63|shk&VTI;vRffyFHY1e=%YYmZ)j~V?6F-Ecfe$Zp&JY
zX9R~;*!y1xER~wAF!n!#`P!h6Fp*-_Y@;;TF_|FTpYKKxK$1@K@&J}5%|Z#OMZt#H
ze%S;z4WF<zeLGqHc7vmm<t*)h9`+#Z^mK`0>W1_slNwo&p7aH2aq#VRYiP6N<z-J@
zotPsq$?E6gcw~sG$UFBLMO+e_!Plr9NHarG&q)&Q>>TX-CJpN~b2PX1))_f#^UfF7
z<LlawyVdHrPtMV`(e^nFTgn>`Btx41siLx6fp2H{X^TSgU_w<E*TUg$`%kW|9phP6
zYJsc4j3(b}sd6i!t4}n<_F+y)f`=(3tWn&-F#l%Na4Y?Ao{a?h!7B+w@0Jh|y17+q
zm8NcBr-xbPYsj{>XFH@$=Gy?Kj*U|W3+`HZr2Q)1`$ks4J<xJG^H0*<Ve*0FMV-oR
z&;{OufAV%)Y&$iqHAq52&Oc_1T3HlVg-sSN<W?HlkBW3=(5yXS)3?30wE_I7fO)+z
zn3TPGq8)@d@mUSKQm~09#_{56u+@}DfPlMhQ@J!Gl?gF2TlmBzY9m**>b#{^k{Ow;
zwp_ztqA+(SosiYgE55?+neM-zpNNP5nX#^~f<;bV8H)JuE^Vbv5mqL%ITuq+qo<Va
z)D_Q5m!{a|0huRzU!U}cU26nUI^wKIB&Awrae*5cw)?vM>1#iYQnq!1Z8VcbANPni
z*$ljBo-)psP=a6J?dppdPXKtgf605tGwfckW=NhAArBVqV~0o<qToSteZ6|Vk%UE&
zLmyI6JyXXH#c(y+t2+*L3QHe8B7hi=cD(HOENpPhp>#(Bd42oUCxCmo*|*@oRb<8|
z16wpu+3c+exc~l~f>7wkbIJZC$1B(*NiiY6M7oSiUq{Z1n*{ZIG^xbZAeSiq=_KW0
zQrF|Fx3=rK(AbduiK1an7(z6F0!PmxAr_^L#7IwRgJ%GdioW780Yy(4e8}@vU$MM}
ziNDWqiG+U4>(_mh_nlnM9Wus`K<Dn|#eH(2mo^6_&B0XMWn~X_&WXn0CzJnFFlu$m
zr!P^nQrOr0o%I>R54(M6Ai)Kp>4nnlJ%WrD`eNch;dZk^FxZJrV(`ov;~!7E`FVCl
zEdMNd6*rrw1ssYKez($NSg3rC&X%9gN)EgDy!HpcBe<CEo?L1vUEWl?G7Q{Y(u82-
z!}L8tk8dRwOShl#QcLYloucVxlo*R=gm^WV#PE4RyyveHdTU*p3p?)3Vn}0y`Jz*^
zg^lF(oX0`(08Zn*X6&{zRE>9vOSWbmLSsN9>m&pw29oOT<?KK$;v-G?BeV(CC7?lK
zp4kD{<5<wUVQ;|xgi<9|>r=Xxxq{=1_pD(p1e?AJ-NeC$9#U<8H^+p+3-<65yrqMD
z?KSyok!$V;I4NgS81$n_Xl>G=?Td!>bWx6zOKpRTk4en;7foyj%c3gdI?AicttDGw
z<AqPl4CT11{Cc9c-jGH_cOOGw@ykML&04Gph5?)s6V9!49^@O1O8Bd+*kc>jJrKw+
zlOD1^zQ3Hyu9AxJx4UOiURpts(jgG{|9Dh2iA_3Z)q%mUJuhFM-{8UWgy+On_PY|Y
z&@>4{e8OGzPxj>;S61909h^Peo|7LE>Kuy-$brVm(cKF-h6E#}iM6|kCCk+PWazec
z%9@p(%)IflI)BJQ)+=nt*&ClXSe_L>-Cmw(PxCzV{1Dlid$gwkto1@+XQ<>9vxY}9
zZTah8Z}Di`3sE8g{$%Qg#q1ZmcXf+l@OmNwvTuHFjED>u5=Hv(FiO0ZE1XPMgzYJy
zIf@z~?SBq9XpOuw!M>}4sV0(~3<d-xJXWm(Bp>ZJ`X9l}D%NvU2>tNySvZW%z+_nz
z#rI+T`o2=7l{38pd;`k6BK)ZKaf{PSN{KXRslgf@I^kc>t3vH+a_OZ-0aiTmK=g)y
z-`B=!-8~#>=oo?mc1d)myx*=B$KHTggBzj*)vC6POB)zD%U*TD!69nh_d?U_G74+*
zr;_I$=XJk(AJ#3}zbRk%<~`wg1f%(I?=>jz59uRJ<O>AfvDMoQWu_3r`29?xJD|!2
z6aU^IDyKDjwVK<x3#i$eo(;Q2L|yI?^kf#XjqT;AcdRIMsu<2qvA<|H*h@T-*K`s9
znoPtuT8z*0mneu6&Vyf+Mo19n<~<sCZ(LEv`2%}C83rA#O3NnwTvY)F%;7J-EUi{~
zwXSP-6Ttxf7hmS^NH_~}Sz4>i05`Z>_H?1ZR6ptH7vINz@u?rDuDlyXh-bKJCT=ee
zU?xX;LtJy+P-@RQdm|zMapfoZ<)DP9lYb^)ubNtp_S1npp>k}dVpp)?0^+Tp^;F<4
z!qokBO)O(oCdCI>@88`vDLp?jfT^kM8uqJ_IrKBEadZF}jO^kKVU@dJ5FrL}zX0DO
z<S)E$Wx?3M=}aV!cwe(bKHB>If|ve#rt4Oa0$=&l4$(uI5l<v+7A{gHg?4%~f!LXu
z{pTiGvg|x0bNZ|25rb{FtYJ?tu(N&YhR7@`d4EF<0V4>>>B^VsHUafhCw+}=DJaRB
znBwBqrG+K$#Z>mAPs5wVa+}nP=~iIMYh6FFKmH<-e8PO<lhjg%Pjh9<YN4Mj{f@!J
zbc);Mo-ZPHddYwi-YV?i(_lj1y|`N0BMg`Y)qA|P`J4q>-;)%Z`m&S~??gQsZ{o)o
zO47!&yK7RW44&)L@{Ja6z79)-kw)8PdK9Y{^Bnc+e>BQq$8pLRHKXOK(~I|F-DGHY
zV2M%30M9Cr1vUgzb|-x+SG^Yl5|$2_gsn5weuAD5z^3r@b3C>oJ*3fhC{=Wc$qe%C
z4rZ@PG(Z&i8JJ5oYoKXYuzuhjs!(EQpncHhJw}cLN6nC+1c<*l+xPBR|JGXC8?-0+
zAx+~lM0|4|lqbO}!)6@51X85pdQWB!WGbHbZN$}LL+*-7Hk&HtJ<!eBPmSqtlBYx>
z%8bN}4)<YD05*<zOBfD+QM&P$6i<U+wGs?R?x2!zTyG-txs8{%kF52<=ym0uFXnNn
zT`pPN@r9t>lfo8umhME2VB7NN5Ul%PC~xcraK2G2(a}(P*p-!%CSA~>1*Woz#<{UW
z|6r;kvGodpSciItImK^DU$uo6wGI|guocUj_aA<nYPCp!I3{xv`1xF+b6=D=PgDGu
zu}6p#$I$2764j+QtANWPy4cRwFKE&(TVtbL5c(}^v$1rIRZ6AganP9@fENR#f6!?M
zxT%>I7|f{Vc^~rln#5iDNwV?fubb-+rt)AI>aATPzNUE_Yd%)v<a7w4qAa4<@C^I4
zwA#1jLF9xAXY2ROSqKpGwun$DW6Y7&(^Dgxp9@u^vLmvWY3_1J%hK{5*BqKuK1<y-
zu>}#A6+ft~m`P)}R-o&|WkLWk=X>cT@_j5yp1N^oFS>(B-ez*!XR_j;sQ->%@Z1(q
zI*YoT@1b7uK_Yrhya4rRD2X<pNyL7Td(li9?b@S%tBIeWn}=_)yqjiy#v}mNzXuw+
zmOdvbB%JHHp1>_8iX#F<_1c$tnn@CCXD>&iEk@RA5&>D78YLK0bTSMwAUnR5k~J5Y
zhvk*jDYiXBhnPH^{FAUwFXEU2?7m9eK)9`0f`J~u#*2@10j*)nRH^b9yxG=rXD^Ts
zyVzW*uwOh{=f*ftVnTkUTJ>Z-;UVkUM)LLtR+SH=eOf60tps0g(8I`;-vgn=9VZjC
zx(_5f74+T4o17ySA5!b{0o<tjPL!1GsTzN-Ly$x45cFrIW)&n1Yhb<y5Mq*&1xOQ4
zc9i<5sCU-1Aoer)2*{(^6F+~B+!xorbkmj<o&tP`2e((ih=AXE-{f&^vg3Z(@_4q&
zL5txLC~Ae4Ss?S7Ni+dSko<Fui<xER?-7*RWi3wyPMe=|IHI{LEQE&0j>OA<<?C#h
z-Y$cw4Sbx$HtaoLXf8K%FmNpY6&fyL@?EdQc;6X-M<uDKve&I^TL&z(_xa<Jhd05r
zM?|-4<2JTqr}l+`ZG$P=J#sPtAjL_2W^E(E(Z<z}KZq1Sr_ZCeNp^ORXl2$|zr@Dm
z+ec<cG|S443+TrmH#g^t0irQs@idaz!Rh+`d`>%aE*b<sRR{B#e196jTpbd~rNo}<
zY`Rj8A%b?Sa?$zaEu!u%8G88Y^qr?)r(2a`_x<|pn9*<}G2g>ocWu(T?|ON<)uBI1
zw>30E8AiXn2X2?)lny<<MeD|qLy5W1^5BU$$Sj9QQple(?Ahb~xv6z7WS4IcA0DG_
z`}){wkDM$=zIz~@nVhkoW<Oe?`|uiI#J>UgG6MR>-q~vAL!KU_b?McermU%&CQp&z
zQY=(0<8)v<TR@9x*P?6GO^EWURK0vyFgD(HernQpy_(W)rHqb7<ZLSrZIg`B+_uSg
zN1c?Ye>gR4a`{qNnhrIY3dZ>wtLp2f+gM(hvH+m${>gC}`>$)ZD#&lbgQXBz4-;5w
z9igZG@`B0nwP_NL^XWJ$E^+83axWho?GsfnA_*s_7>zf?gmyz&)~a!o{nWhECn=%_
zMvFbfuWEM_)_UQgks_3MdW}-I>Eme~5|U+jt!qvq`vLx+ru%z;(oo^dT2$S_)HWn&
zAMF~nKVI-x0h}f_4%l>#yCb)wy<!{@`48=P-$%HXU!;1UBlBu!bT#RxZp-J($t@zY
zn%DgpPs;68Zzpq#zR!7;%)-#?`nXu_uce6_&e#*b)05iu(Hi`XyKf%0ef6i1F>=TG
z<bg9^@Qq=v=-X6fmfg$*Ff`=a#_1ssn@=ZEy}HsLv5z)QPU_`f-&9K;8{6TQYC3-m
z8Xj+ZH~*qyNfkunn{a%`lYnk9?1OR<Sp~T40_y1ZF`IVbEugf`DyX%m_9Ng9ZI`IZ
zHkaM@L2{7*eFO{Rr+dq383vVC^4GrJ`R{kN_)v19tWQzob;76pG8`e`$Vy#$2X#7`
z>eU_P9fNKwx5Hh&(}CUWCa2~?$rt4gGyPTi|Bj{8^jl)4QY-`>j+Q?H-{wGZ+I1h!
zP|XLw>rXHpn@9n39GPUXlmGoeb^q+X{&BSsCQTX_x^DCYCE`C)HoXA6DaCk=;DSc>
z&97;xl9Q5hoF)%A2vZ~F3n`JT4hy$j+dXgna}cO99`ybF@l;d>nRbEW;6NY05csF}
zKfnFw&)(kw%C`U70&hRL{a-(T|0o9kFNwg%b07Zas|<f#{`Zg{|C;;u|BBPmRQO-K
z^^EubJImy+TmOfB@Q<h4z^6I+xZJetNn!dl>IWEkq=j+y)IT7^ob}VFR9+Dao6mdJ
zzpE_8TMR0rjwS6L-nnK^<_oqazE+LPz<iQ*3-v}9S3#<)=3oCNK7LF(`Gik1(f+sS
zqwmX<n^!vdsSD~omhF$%H_IL$lsmrfj#u`KmH~qxx5{WdI}1T5|Euhg;PXM+yG*+s
z4-Yf;to>y`lQT~SglYQ=|0c#~=1hHm7t5T}xEFs6R*3^L^6ac|m5rO>L#X97|GI}>
z!CQ`-Gm4-b2m&b-(02k?6FM_Lb7Qv5%>215Dj&cOWdLI#ACRIR=6KZwUl(&<9viB1
zLW^3w0OwWC;P!u=p}>>2eVN&6Qoe3uRj)ww_m4Kk|6C_>H^(F7YMG#D`)xo{b~5$Z
zR2-PgyR+tA(w6Hxk*-t%928)NhtZrW_Co!R{vE^jjB&yRG`0bT0Y(#26TaiSI^FtV
zH6o)`B~FfFsgqeGiFK$$=^3>vlWp8u-7aK{sbMGJR%p3CE}k<=qo%@(NpO^IvAANI
zc12{ON^G)hR%b!I*4w4sLEmd~xl^lUpmwiz)8Al8#36UKdX%n%m}~x`dbx+wh0rH~
zSdQV<FAZCq?vyxSt7$wW*11CExiASGRaz|=Hva&xL*@hM)c}?j+`0yCA#PRZdB212
zt%R%BWO^vD5^r*svIslGi?z}l-&WNviusyUKParyWDq^Hd1u;8AxZ=Yr*5+Rdwyt9
z)GZ8UTBH*tHjCh~mFOms!b<;R6}YJ{00Y)Clk<5wxyjW4-V*HvopzSxPgc)1Y-vvB
z)d$@o&)|N0HI^GYL8^;ACaVWk4HLF_OCRFWmrIwr<M*Mm1<$WYqB=@d%V+m@aCRk#
zf&?2(wTa)sjAD3q-j_RTxTXM&B=e_HY!+#Lwoh8Bg3i!AxVoXU2iGNxlrIZ&*zp+=
zbYf<cxJ<NXX!(dy#id3~XX4=1UDSLNO)F?5(xJ%|m$%5At~}_IS5*IN*ywSidDj)O
zRFKr!#mdAZPp$42_gws`S{9VSA*lKn|M|vs#7|9c_4jevETvFcZc!7#{7%sUw+<43
za1tj-BNOUkUK@0xfy_Cxx{IxzSQuDlpP%k^AvFVrIq+7LxNi3ckk?nMc5v+W>2~aU
z?cu{JRi!P9S~=|=vF4b`?cJPa22NZiMfBBF#xBk<zDH;+>|t?~ZEU^Ggq8B{qo{q=
zX!{!JbPEf4vhjF@`-5daWs*TYH0|MZ{%-loWTC?+iE2^KV%#Stq1DBwg953aI&b=Y
zGWHmqZ!QGuSK_}*p^g_|=EIMCcM$h)y~=upYo=o!`SA*IGh@<o4c>U=WH%Hy++Ap6
zO)aKjKPe@n!7KmPXQ)N5Oh})0u5K#z-A`#BVikNCNMy0Wo3!_NK3~0fy~KFW?1_QR
z81Br4vJ;~~Y(MI9TrwrKdz`R(K5SgQFj}siJ7wTX8=e2O;+?s_fnDR(OFD8Q>4C2X
zeU^4LPliUGRqE0fS5KFb_P1AHRVuN!9V)O$x8fOaO_3&_(r(=ES*V?jtU)Q_mWWn@
zd@u81#n7w8<V35~tJqNcIaj_lz>Jtk(^(nJH>=UWEHB;2Gb}C`l_Vy~`h!)%!{ELf
z>v;*TgIPr!pa*fD4@PCFMy{EUyY$yMA%h*z;zf&&ChjTwWbpdVfD7xz;4om!k~qWe
z*)dnKR>#L<Gz}}6)qBplEW-nrjeRf^soUq<+TNCvv&Ago{vMXnv6!S`k>RSpCwX`*
zfRM}i_xW(uQ0L~LR&SBZY+LnHXTG-&8)eZs-xS}f>KBfV+T^CLdQnTdWsjj{#59Hw
z#I<UpwHNR*MR<LyMK+0NcjctF@*B+!VJQv$oaxg+dEQSy&_;`w6zKt*s-wl*4Q%VX
zy%Kg4urX167U?0ExlS&|#P}?tE+5V9q^Ni3kaNTZA3nu6hp!8{u-Vew$Pf^#IePjU
zeCDQ)+CZ&0;xrBC<=vL{!kCV7R?Z=p83j(eM~1T0Ev<`CFPN|sEXRB+F&1BKRas;o
z()BzFdShYBV0jW3`BqJlm$^3QV94QJbag-6@v>q%YTXS`nQyZH*9xKb*pa&a>a&RG
z2iMa+*-r1nBn#u6N*I1(z;qcDq}#x=_KUrd&{cJgjXJrscbl~4d(8r3d3Bp*Is|uN
zNVlwkHm1a$Hj!gGlD^o@OR~x#GP$HzkXK3H7o(O?@&T$epBI>oBS>QoH(+&XDv4}S
zV`6;VYbWtOrO_P5Pl8oaoC!M4FKI4!t6L{&dW;R{tuqUXS7&jbkneg9=QU)cF3O6W
zFmGPX+v%7y{_@1$H>aypuQsKMB2g-oJu5juw6|YTe%!rVh&jm#%{w1t+{1}(d5bvP
z>-k)UHwDxiA0z%#LIj@Fy!3(+<cS38nVCq*S@2!=c0c~4?=M^^$3`J#=U!-gXuCdc
z+L+pJ^Ax1BwYn4Is*_mQ;m#PW^CU1*i8Wz4FVUx4MQyk~m<rAB=bd?tJ@#2fMtwBR
zAa9^;eW7CbPPuG^_KZU9wT8<a2Qp;JH{U3>W}RhD6*-rx^eVpj=ijOu8=ODrwT97E
zwj-+LF}Z6Gf>mQayZ{$IyNT!Jm84rnKFA)sR6=HOpx<Q>TqgJH-v?b@Z$GuauxV+S
z-9ngJ>V5&`sJAuBKDsG|kWZanoX1sr_4^A42mPQCY6XH#j_jWyW_3LwNt1|eV{_)~
zsv@a8$q)7GrQ__o`si;LJTOkDBw7zF2(!G@-THX)>*%lo-(X$rC%b-Af>tGI<+2>6
za1(BauAUtnZ^Zs=jBHo!9POAJiHz>>SBCQ?KDc8v>PTLg0;W^&_8*Pqv%sJ);<-gW
zD&2jXwKv;NU&v)fMI60^mWs9h&cVUCWNixWxKU78{=Ml~({kN&el(p=lWnWPvy^q%
zmbFhue|97@iQ>_nkig04M|bw2$*b}QwU#5W>6|{3UQzTyd5o6O2JOf0WHJ8hm5(cA
z`UqcEb~kL0c1KD(aC~Q5?o9_Bp}pywJ|*)@lZ@&~?+q=#cD__wwMzc^1y>h)FX5aZ
z2pN&ImYx6}`$yAZ>|<*?LCYmqPbB2UsB?ieUX`d_0PPdpPRi-f-4(iraX_`@JbT!?
zRTa<*-!$>O6!Ll9&$G+5-SmFRha-SB&Fg~Ev^EdB)^k8@rON-eyu9BKnJO`Q1bXu4
z=SK4Ms!p1&LzNz9ILqlaE6K_MjM{&i%K6(p=b>s7OmI@JMWcN;nxBWa1`ztIx$2S<
z8L3x{v4rV`@}X6~9N0*h&7omr{35z)=wQ&wKPpYy?V|AAf&D@4wZn_-?1njZPaqgf
zom;|-?zeWVVRZEqgT?y%*R@-yX>?mhT`*H!RX18KR!+wIl%7vQ+^l4u(l2xSxiL+H
z$u``vwFN|OMDy1_7QTEIDvOh#oOyU;P<HbhlRx!xy59^<eYgKZ6L^79m9<UR5I=iy
za<$}*)$Zf#!2ZZiW|kc`c<2fL*@~Nq|AuyTP~%wn`>^Q@R*0U7E03l+KuI{XLP0|{
z+o&1M+G+?w9JCU1B(B|nU0fz`8_c{ABt<Y?!OFNizrBA0(29Pa`A>bH(W3q1shV2&
zzLJyI(k&0owShdYysM{QJbVTdvy-469V|k;3t34vnH6TIel1c`WHWlWZ#{aqMxyQ&
z#WF0P-+SnXheh`M{r61kZpQQ9xmK>$4!ApNc5fKJ`x6<THD9+jlp$9TANM?v&xkg!
zpzADk1!Y#A63df;w?_QsIi6V7Nc-X<li;AJ34TBz+y5uUMmO1ScjK>S1{QO}$n}wd
zj0!NM)qLU&=(Wi`oC0~*{B~>cm>P)G+nX$-X)2?x@GM=jDSRW<d{(hNJkkK^SLLWY
zNmHr;stE?qlsqZQ`~#!v2d427`a^@hgH8Q*bsvxGhiYl<j(E6$HN={|-XeWq+TLwP
z1kJEr$u}ynO4R0Rf0sqj#$8i4e&HG@>qJ+qAwH^30BNr6H5x&ag{Z5npz^00&8xE9
zDcET?tMrF;$Wzc|;3V&sd8`>~n<XR>p?}|k_balo4+L}zbOhpf^dsrx?(0?r)gC?j
z2|KH!Q=ltl-79C5ES`MxxXKRv$b<EzuL4$l|Fy~e-@B&@127nm;@F9+5+JAEM;*5)
zc%DxFm<=y!*&6M;$3(lc+V(z%jKwj--C9WZc?W5+xQY=g+t4zN^vUeb@g3Pvx=a~6
z*Lyr-?C8Ze-r8)kES*oh_txL<k9R3}%SQhD*>Zc@fGEK*=X}CmjN3V%YGL8o<J=0`
zihG}h&Dt&q?Zw@*Tqq)`wuaJaN1hcGP4JT2sCZN!psigOJ5Nebxj!=4@wdKTu=2Qo
zZVqyK_&0I*`0eFJ?=ya&;>!>QGzOuy?izb4qaZeR9el>Cf^HP>j((>UlD%cP)qQy&
zPwS30kaD~N;p2$ke$J~S!7j;3!-}|{)Xr5AaMW0pc=z8NWiZa8ZDWXxZ2uL0?JP<(
zpe{BpXUKPZa*I2CwrGUt^o{qx_4S5zkg+T&GcpT6Vm%KahYlN{!}({ssa5yv^w&q5
zoP^^lwI{WH<bsV-6iNzL6zuZv-++H_*0~Od$nC61CWB-L0k3$|T9&tY3;9E;O|ojW
ziT>!Sib>qUV$LQxc6bVP*W{?jvFX&=3lH5Edj!C9*A}}ttcBM<e~#UM_nS$msav;X
z{rr9xp++q#`3Cg6_wp~s?&IDHf^JCj+v@neSpdhy=eEn#q;<ptDUUy3XdK!l#wJ3D
z`JnZo%mgp8!(sWuB605XmrbkBL=fr(Ar<D&TN*Nlg_OP0_bdvb&*Aoc<n6=YWy?S3
zOef?Bv<byo&<!lUR0AQ{>jxdj?V`Oi&~Bq)uMb^j6M~RVl%2@2>b!~$^U;pZ&f*wZ
zSv8(Re}YBDMaQI#x;se$yIzroQF&&q2{@M=^wtFOuwq=sZJ>6ibMC-};4)zCJfD94
zXt(bY9K|{6?}^Joy@s*j+zd)>BtZ+fUnjWLHQe{8CW=yVx!8>C;m{34kPZmYBQJid
z@WvI_yy)Q{wfpygXY9s?D+Gd6Lx)q!+PO{4pPsJ)IH$6kub%Jp{tn(LNXtL4Rhn4O
zG*V1-v;-Qc?32%r(uD8HAf1Iq4TqBla(*om=CrTapFczUlVdh1VAyA<&{MMk>5nv6
zR1CkC2t1iEQrjDMh$1`lr8~?Z3+(TLrHe(}*1e_LhHWe!@ZJ-T8UN~8G7A6|XBU?-
zu%k^%Kk4m&fk*JG;Og9VQiJX(5BM_pF@t65K>C=oys>hoF4lm78o5ux+10dT`Drt4
z8Wsxo?CP_P09ifIBnQVFUt%nL1f*mi@!E7_C`0z*QVlWy?#?8?E?@H?Xlbt;H*(Mm
zmdX}9hZR@PxwnT|v+7>UtZ?aK6L<Yir<ybSE^fuLr4b@OFq_;4(a=95p}vEN3~0=;
zsh9}MUrM<|nmiT;pnt_@y;@rLU1eiuhxXuJ+K<<kr#=nB@Mpc5k100pxfAy#vKw@_
zpOAMkYxDzBsAXr57N4ccJNnC!l~2|oyj^QTM?yR?gu5}QKlZhxT5nFt&=+f-=ub$Q
znr-hQ?<FX#Eo>-XyFLD!41cSzdOH-{ukQp{^6XB;6`KwaZ4d9)0}HW-^9NNjpq-)v
zmd5{Vfp7Hq!1{7it5>0!MgNpw9BYA|h{-#-+#8<bo7wN!lX9{2mG4v>Fx8bNm-4P<
zJI!~ptF^1AzO(w!()HrAQnSSn@egP3+@EAgbc*k~H_h|2hV6ExYpK0w>)wgdPAX7)
zxMs_ZZ@g}`r$T9{_acPF_m`#&Y_#5fzmhDb@e*=RA<>5Q>WJ>mKj{gPbkz1DvNgtW
z$%r`3fYI~U9+b@rn&?Bg<}=%AYxl@%?dgV9U!}=GuT(#5$P5QiU(AYZR?W8u4{Ro>
za2aBI1gqT<X$7h)l~-T^VU$E>zWeyv2l*}?Mka<MAv*p(X=+Rg9q#NonJ`>ub3p0t
zY*vr=8fN2g$UjlQ?5W=4U2ra_W0a!UbXRJJ5w-yzFae{Qb%h6T_8YJ>PpQ*|zI3?6
zt5%c68Xnw@At(`e=d3Kbuq<`{{!jaS!5CF%Wkj0^5qz~+J}0_cBT9r1v-dA%7uc;|
zx6J%w$eCd%UM=p@rHhtJ<tGygnpe?d7cj?d*U?oTy^*8HlXv+>7_MD?<N|-h$ZyK<
zsUvN&bnknXMd5-o!l5hlqzmouq0#{7hg?Dh@Z{&0B(Z|py#-dQUhiq2)(2YEt};yN
zIS)}E9Ur%n`I$&r`2Fedv36U^6C8ug8KJoK5ziB{)T*uRRXkZbu5{PAc!IbS*IRYm
z)pv2Zj*7yl4WGM`i>+0VDm;?BUjItfr|t&-80r7w?meTL+S+hYKoLO^1rZe~TcwE7
zo6=Dfk=~`F^iY*vLbYr~K<PyYMMEd_4xy+>2SW%Dsz~U)1PCE_2DkhB?zm^%JI<do
z&bez09Ri7D&9&B?^L^f@NC_~To=HHQ`iXm9RA-<sqLTStsdoBSoD<%))QTSihJp_a
z#qPz9ZTG85S;=BIDpoTYrA5%>o!kE2=FKfB0Hz%s!5fIt>r{V3Jo8j+#7hb||7N5z
zwdjze4hs-iWBR(fYP1<nclxINM>QX#MzzqicHW!|%m<8I3cTl93acPLSfZ((@mWx7
zmQ6vR*{TEIv%Ah0EMO1_=n}@>dn=H-d*D{pO%D2n*I3sbIh5zNjjjM>m~*%^H3wRd
z{*=37BSyu0>E`=F5w!{i9qlHqnUr>d=#AfFpp#mbq!s*l>}0h~{xHF5<~e(fW$7t_
z*A8_92hd7NC&N?Y+bl3mN3Q6V+p1hxV#?CvPTawbEj!!1)d*90`54+N%XFwbbbl+B
z7Lu#PWja@4Z1xa+m8{)6I(P+U_|7$HuiYc6=hsn)3#Y1_l~kiWPWSWg#n$2NTvOh?
z6W3bxSWTd1pl*wPA&1aE^D>_A++UZfEDqvX&#QHF+b20By>$G(e_qU;=<=EdQ{Y{+
zm|SFP+N7->cJs;o&VgF{)VD8tK3Io9ZYW){E@kL^8(L5ID4)C5#I}eyKl_|Lj=C_c
z*0JwUOWlv__*|J1>_$q<w-Mya!>+C^|E%`}v(5gJx#Ugn!Us8@gH2z|W-CUyr*ix`
zgCUu?P9+Lu^((5C-8nbcgh5eL$uJubrlGAqJZrKjm6WS%Q9<JH+x;L?Sd-*fXw_CR
znm(Be+07Glw2-rbCs($<jw%kRKP2wQKcZ^)8bcN43&!}$<Cn@RE0-ItDdY4^stRhj
zH?np@Dpj!wkE$<i@$SVdHnv&FdC1IP>|3A2ucn2YR$epP%aefK{{B&&2_H!HuBYl*
zNgFHn+bHto!O@A_s?=29aSXb#cf$xnH@r4G%b2&3^q<o>ATMe_CsmxT7-y|$NBuan
z_Qb>c>SC`k>YE?*D&TB|%5Y+&GBu@{bI;x9idR{bI^(ER^PmOWJ2NJ>KS0gL>SUm9
zA%BSz<EdF$)abD}C~<?Abp<w#p5$jJH<x;qxf9~JBhQQ}*nL5(c|R?tCRVY!>y+og
z%vB@QL7?bDQiqMSP8>oSV+Py1tk<KhIIGuIQay7%4|bp@F>{D6J++;bG>?BEflY8|
z3C3CoB4zs1>cEQEeY>5TZ@#Ttv#sKlX&o@E`sYYNJpXWV4QOhH;8<cXBJ>W1ygFZ6
zxOa!O$e^6VNf$N@wn2dKlVSX8A+71zrgplN8ND9$yX&Y6^m-`0&J;=4G-#10hm^;|
zkxA#u@^RxJ=hqVn)g2_DQwN;uI@hkm7tl{lrBqLgW=`<HMBL90Eut6s>Nq^F%=w&c
zuz;Gq#+ccB=AIbyNGi$~G^?p@Dgbz)Z{4&Q_IONbrsvXVO*nlAfuOJ`?KHFucWLlz
zPPA_yM{KZ>=CXF4!EMr;vZ&rqS$e<;#kZ=DQ&d1EbMEY#?#K4d$UM?-l)^9%7!2Q*
zGH+F!&DloZ4q`KX`T$$Gyd=_j*LUcjD}N0|EQ0S=tcs`{N6G0>eJ3-}FYp_mC#^jE
zN=?X$zAGlbOz^g=cYLh}^Zzq;>9^y;l_<pf3!C0XQx3?Ny&|)5E3TqfJu5?QQRft~
z3N@W*8DOc#Wl#20zh<v&j&Z7PY#sB<U0qg7VfLoH2Koj1#RAOTy6Qjc<||g{aKA<-
zJo${{D_i+h!#aZ6&WrB^0geh7J~#m_SXGHi&`jDJ4b&4-ZwotBn>*|xKCz6b>v*K7
zXt*ej@}yTa6c~ZgHP-n4DT=Jo@_|Mu35W@Efj2f?f%yKfd+N(0^L1r?1oS{HM86K7
zACSOrV%z)GsUsZ-94igV$5-)2uy(myr$#C%kI@V()S47g<*p=lgEp*o>4tvj{oT!;
zLPThfi*X^ML*Q2Z89xh9M}!%6euIx64JOY2S`4wM)bQ>LY0ZOAA-r^lh{uhiX<11D
zn)A1{b>2w#61L`3-@nf=(Bk`gDDt0Kf>$7Ju)w@R&c|sGA?TY!x;$8D!oo3FWabE2
z(m^$vpUd&ePX0V`vAO)IViKjoUiznZX|jGpFKV4)ia}vw8y{HqMK4$9t6q`m9XY)`
zz4kLd53ilWvmITo?`n;B_Ky4E;EQxOQ*TD#^IcCoauXu|nC}9)OU8Q@l4>*X{X?aA
zaOo1{&(cE?YeB{WwT{P9^zFySsDrI9fbGoYf4iE1HwV)dkh`ysq~^ji5WlnAe{@#C
z8sEMpfL;SQthxU`Ys3FtT6#x)<UyLK?)_~phHZ;hpt=9qI#S`N9$^L<!5r;Ma=!l$
z2f80#yV_TBxHfr?!b!-*D{4}E$(``YF-#c@K+}mui$-Ce^7R@2)sPE+_BQ09`9HiL
zNj`=Dr5#uuhwcUa#jrM8;(qk&eZ-ToTF><-%Oe%=Zvx`Wi$|YE&sr5}^fXT|_bH!Y
z(G?Cp{XA=$XQU5*|DSg={?9hH^%SnXVyHT%l~!O}(LtsM%4~L_niIRDuqS#1kH&`l
zm(!#BsVCDdO<V6Vs9ZeRN14(CJTY91Vb7np+{taKp_=>ml@xSYb0)`cgPv`7m(l7l
znH1Uu`cfV0BEb+j!&pvx;enk8fga;#pce<iER}!G{wkN85E1vzH4>X`0@=Y<Cm0%=
z$*tpyVco;Pw#Kz*d7!=P;~mk9|4uH&zByWE$Mo_Iy0_+rQQXIPn~qsdYf*iVc8yQ;
zSB@;7&B$u13B?`W{?Dh{%hh^AQHs)#PTDR(lJO8Z25*i@%z>UL4s?*kKpEXGVONx#
zArQhj`lV)~BiMp421Di(SIs$YTLzP%3iX(*$ahYcnqX1WkevPLasgRCk0?Y+3U~de
zkaK>@18nBrr)eaQjB8;GDcMB1y9!!Y>19&Uedx#-Xi>f6?BlNocUk*vEcs>x2EtI)
zhY*p2H;iijlIFwGYN`v7>%I_@no_Ey#_s4T<Vqwxsrv0m+tl8>pe=1_LDJCqAhRE-
zJjM(`>??_=l6j8SDI2Brg#5n(%&Tp<Qn=B3?^i^x9+($~$1GF`HQ-LDFS=H-X8)CE
zN+f1uJje5Hjd_fmfUdlpn2n!RttfE2Q;VrcC8IRBo>VI`Bw^t`lcN5gO^y>Cv%opa
zuWy;*I!mr#<}YtfBiFU#YJ1<cv(!m}P^M5NV2mTFYo7WP^kPGO-IgAk0OSL|I??+M
z2wr?Pae2#E&YZY02i1$=_PXq;3c}!@lJWa>Tq^-=n2akSHWP^1DbCz9Nte+fHP8TL
z|722Z8A7kNH*MQ{*yIEp&%FGo+dzBxiHV#W_A?wqLw`B(?418(2%(z{cVy51sK}oW
zoads&vcsD`b|~9q;O!e2^1R<e)jNsX82$A<hh*(*$|J$UfCXs-a|GAJuK|c=mIz{+
z&f&P3@obyw;1q0H<?_h4*#-i89d;Z45~ChgS!d!@C&s{2FV6r1fThi67IHq8Yw!`&
zj$t15#5sdoW{KnxohsP_n4?Uq<_c{QbB{M`rd!p^fEKZ<dg##0<Kv<a2N@#qF{*S*
zQa4zyaUW67nn$JbJdwh^Vqmp>^%eKoch3F6VhV)aj~{Ip6Y0Q)mHI|>_~<bU$?HAI
zZ#7hmonA%D?cR&Hywi|tuKIw`vaIPno_*7>5E-p37SvEglyw=sZ4y8HsOr}8DdZKw
zx~1pRjiB-FwYU9r240GGyquu=Usu$LneUte<rV6-^Lhpf7L*GB7ho{wr`0n+G?uAf
zSbOOxLaq+rW_4aW#7vBsdUa<A84NlRsnm&jPNWFrUckr?9RO47bv&=n#Nif-=^Ghm
zl(CofT*!w5H;(n0M~k|e;=nFQ1SC^<3Vj<&uMZ_@fUmpBz2;A$ydwhCxbsSzRfMjx
zo>Ec;)Go~z&L&s^L6>ft)ca@)!Nt1WH-5Fl-Dd^XH_-JJ0wWszJG_7AKZ^`~!)L++
z8T$lwTsugPUo1gEwZxzCJbXNHtDvdK@lLU^oWU$9J7%T6{~3He(|2LW@M>g``TVX|
z+dDWd3?}t@yEZ6oE})Na1!^9!Kb*Zj{cr)ey=};-JW%wm>PhOlHf9$iEqLJm7@PUm
zSWWVZXp3e%BWYA)+gOB8*SRdF$aHL<U;`&%=r3A&<(ZGk_3G8y%qRAjWc|9TJhKuM
z`C>-rKR%?aCjC5AITCq}jYi$5o40Y0&u^*jL+FeVb++kHI+<K)$~NjqQzpEN7OMYA
zpxX^YItk($kwGG{(1x_Nsp&;TQw4v!VGmbGU_7CuLU}0R*yr`y@kic?0**wqRRoHV
zm2>lD9y$+RfG+fW)*X>w7v{FSAk@7nU*g=izqh!E*}=zLiB_p}q3gRbInQ(L1wK1x
zN$-`w!vYGBr?<q)aQA9Z9(t8#LAU)^y*9tAcm15{=~EmNa^7e1<Nf&Pb~XH`=?OKH
z@p0|X*e-Z>*<3~2>E>--JsO(3A<wxk*(c>Ct*V0InSy>OG8Nq`Xa@u0&=7k)(~38b
z@HcNw?7!QVrf&vYZz%H2mXZU!)TO2AxbxoFW4<6APe?Hp<=O|inbDk&K4qK#tv0_O
z35;T}oax_gTvAY>%nMnq#sQZJKrDG^)G2O3_xBAUTr#Vn?ytb*1?wFU+CF|zB~M;1
z5;K=_mrS3&4E;ien+yMnXwf<w0A13g91p0Otgg1Y-{x=BFT7M+xJDzNlymFX=5XvA
zJ=i(A$ozapeqHfRW*KkFRXv1_l~ueWxUABOz37b>a;-nOj-Su_7dNNq(0RFVxhY#A
zDw&Q!k_Q$Us*pFeAjxGhsON4Zo;cx4aNf+8C$<-bK}zyHgEi&%u4mX5Lv-yxomjo`
z&_H#>HHlNL^M?qt=@t|J4;67u3m<>e2p68=fKdrD0l-pCEG`v7O=!Om_>_7htCZ|G
z;2bG$0V!1Mt|h4doaGBRvskUuNgc^}vBeDHbUG<O;<HpQD%CJ4@BuHaO1rugq7{|x
z$DgX!q0j&F1;(O+(8`};FD*Xa@3#x1A6~l0b%M8Aa9%FvI!xr>^^w<+S>l{RvxWHT
zk|e9V%hHgJ*)b*UVpDa;Uh>MTtE0PjRGEroQFwBz!}H%bspI?ZP5(5b;2n}AW$lsC
zXxb2$hQnsiPI$v)LH8~8_=UD84i1@{8QXZr5(t*d$bFQ~FZY`hSUHv}-wyg8WJQ7H
z&4s!=07>hapfII5Z7h8ea6rwJm1pMSGm`hFmT7yXA!AC|PtXE*J*wa9X7KHqIK!Xq
z7kE#{*&xgfhbO&Yat%yC*JQBl9Yo4zl(Q>GDo0##;IQl93VhK!wYIm)coA@g;);8u
z5=6`<OszMDJw~6kVV|#6nSqBKU6V(em%BC^kon1vUw6JkznuZN+o<iD_65n}YkH%|
zcy%w&!SH(*qre)aHzO=BdH>ym1eY3QFi}c*uRJ~GP_#NnUK+D-Rr-r&X2*cy`_AF`
z;yzw7;*9jI#H*r#7N{wT++ON>J*E+~p7(TlW8j*(qL?_(iYw+0TaUzRjzAxw`?Q`(
z>FM<;4-`k9w7$mfac5mF%X_oDzh!8FMPhfnD{o1AEm+S^;qZ%s$oPfJ3W`wbg{@lE
zyIL$1BWI8dt01+W*PKZT;;*#0dJ1ezG}L_@i9f)wX+Htf7>Vz1TXgpFcFH>*w?$x;
z{R%EG<VH%vdSppH+QImb?ouZZwgL-R<hJ_mF-01&Ndh3ZEQ;uPIJR2Z?gMrI&~6tK
zkJv=Z&z|S?hEeDCpw;BA9X!`|_Kpjaj?!s}f1}nReo)gVx??&Pxugdq^<(|Bk&IVI
z1HO=)zFQl)<9gm8;WG|*ifot~EL5(M@exGb@!){YfA7Kc0)68$KlJ`&i4n5#SH_{^
z<0==kfX8)Sg}EiF>IA9c+}sN_yq1r7ZG<(Q<YNC81-(Qp`qiR5`^;-&$+-z6?2?eB
zrHnS{CtB(n?{_ometyKPTl0KoS1VVCOZsm@l+vj8(Qo4v-5dAMDdwlL-2BYlpwDD%
zCU*XjQ5RDR%l0+I;V&~h>%SkW2?q=~V;%FT111uMo6Dk&v7rCnUcE|E16&D6^X!`q
zRrUJ1l^aTLI2XpJiyyq!#saI3e~uJcMoO)sWx!sloCw5lRPArX-`#F6R0<<=F}Y>L
zn*pVrnHXSrR(iQy_b$iY0;@Un2a5mrpZ8O|Rs1ZTZy4v%$8ygCdi32-39j-`X6FAc
z(Eni@ajIUY`emy-=KZ(=7X-&cnYzn;ElyaKVm_^~<6fOIPIRsu5xE#<DzmY7)qU^X
zaC6z{=wMFc9e>0~vuJubEby@n`;~({qsraamTEg^92=wV%pAM|KUyO0EZ^N+EJk(j
zb0kn(l~&D!w52%Lj<LwxyI)CWFazhAWPqq2w<^sx&^M`o*i?={@&TLD(&``LS#ZQV
zrQlJgJi-}dfw^Pts6?~OMhBreaVZsg_n7FyMx`ybF#ovK`|y4k^hs^K_)VYq6m4a8
zh}3GC-P&p1<+jxz@ha1e0wW<i6(Mf_LP2}`LqDUK$xB*0fhPMkdo!<?y7%K$!-R*i
zrQ>gKU@ib}V;&|;q5;Fzsu83ZgH!Sv_q9X8)mh2LGBj2c6s#ry-Kacy`1_Ggzj9GH
zp!&|Ap0ZW(jU3R60D|CoOEs@@4gkM613oG9JH`9iR=L|Zcv1jGT;^g-YCu%(hL0M=
ztX#vmD!^uQ7}$+<y~DrUVTHBZXcF!clnC5$Ylm(ybj_7}!ylQZraSpDq{#31D>PTU
z<#yXJ-<oFGv;zJx#=gf;vCuQfUU#NA#+q<yAT}Xoq_(;7&UG56uI*9Nj_YcRseF?x
z%-5Cn;JvF)8G=7cyJ-7-4KTHduK%E3df#Zo6zNF8d4#=?Z<p9>pa(6)5Xt74r=Ne}
zonjGO1Bxz)BJx`t78(^>Dhhd_jCN;QCbjn}g)#2#H)8IRxjUPqn}UhJ4(sN{u)7`j
zGIv0tYrf{BQI4#bs33LfaJLx_-069yFX!YkAuja_&=C`<f&>1rRDv_JjDt|wnv$Tv
z76r4Zn5#z0g?fMmQBZu1`ooxtP-=D%SI>7jK6=(gM>6k{8K%o;fDkR-y%;~!+X*x1
z><>7=v~~`EOnDC+n-Sfa_rukQ`!p$_-671x(-`Yvl36L8M;&6VekEUKyKzm<&9p{-
zt%->H%wi#?9w{X<vn5vr8$D~@m{J8g)pz`=pqEz%#UUeVgQ8=?I^S)WS)Gv`4{Uyg
z^XbNg-E1pf+tS`t`wErV?cBs?06)UBayuep7>xmtA)k1z-ngZkC*X>Gp!VWCEM~q(
zQ*y{5kSOls+3I!ricnKms&t!}bVhEfKt27`c9b#f={Y0YjOTGV^YDiC2f3xsX6xjg
z2ZW<fk#29jl$X{`<w;t?TDK)=E>6bBEL8ufk1o{A!@Lc-nZ>0Ve?8VW&-u)%YLNUV
z>B`Z?+(t(_XuT?TTfOuHG4n9^Ga#^79Tcs13Ob2Eq$IHF1!{|=o@v7U%SDS&ko2na
zT!uhabWmL%x6|0jWNc8~nJ(apH6_D9yR*^(TjbnA*jWF=U+r-O-fdl=@@A^}C{VKP
zjF=s#-|YVC-Ye$_!4x@@*_dQ%WuD>0a90{p5p;W9>R81g=O<PGp~ZpR^9_@HIhnjG
z3u=D#PJ_ZOP|ufkIt&#*5xVanpiulPg=>9YTuipnLFj(FdcZOaK%`$Sf;Mt#Z2@lh
zL2`>E>k#dHsaZXL`k^A9_rYhAUZ=<p0SWrr*8T@KYG(5C{gM`++T=R$AVt1Lk}>lR
ziqBbi{9ON-$I2*IqfA9&Kk<j^Qtj<WA00-kp9Ngzw_DHrx-&$lT7~!uJ$!@3B+q^y
zIynE)-J@s_G{kdp1L%UPXn(NN-~1?S^~y{W`s#ka)SRfn;;%tXRQ~BJ7_cchBrcbN
zknbMXXp^z<oKbA0vz-M>;>u`xNR7Y_d!e$hcGCPV%I*!;p#N~QN<5~NnJr<uO&${E
zD48n#pktwqi(Q63KHHhxtp6~p0-sf?)L}Dxq=DLF)41*4RxW4dzWnp4d-|pWU_<}3
zS=rI-WtU})6qeQ4mQ8FgiCd|I_qEm8k2oPywl8JRM|;X=Y<q4#4~yjQpN%G*9ys9n
z5<e3uNyG><Yh38_Fy^QlyR2kGlV1JjNi071j#YYae9mBUpg+QF?4tqGPJ5^iUBHdM
zp<oXLtP95zG@CqL=jl7AxAvEUPOMGaUbCPqCStR@(1_?G#8rK#C}n}JU=CLuWHsSj
zMdf!Gs6DA5xhBcwUB9)A75wYF@6%1(`WO1KFNT~=@)t&H^LMOnf3JK#6Ln<#Cu#-i
zD@VL*-gIyK&c${+Bj)=8Z4>o1?&`g13BwLw*svV+q(=JKY^Fe@{jf0&SMTkSw!=WL
z&VJt+*uCiX#=-SlWMeY<G;vKXF<zs#{@YylcURFHa>ONF)KU2v1bowM!6v^jP)Wrr
z(!Or1CWSt(u=Wz*#7oR=a`7eB-Ep^pPxrE28!@1EVy^eZCaVuG5HaRh>8V8bwueU0
zD*M!dY~=Kg;ec=S{2lFw0#jV|L_Ui+_fo6c$Mzg^bzSn`GJCQ;Cc^gEO>Cak^Q0JT
z_HNbPVRE@++-MSs%fBuFEm|nk+d?Y$rqQ-F!cl&^SbnJ$eJ_f)r~ar)Y`Uo7S&*VU
zTgyDoahE!@fKTy_dUoT=LB++ND6wP-zFot#Bkm=_GCZs4ZIG44s2518y~2_+d|ro5
zP(v^D@0bFE3aSEu+nmW&#yOAc?VpWI22{2^l<OQZ%~8`^M7bId(?d?k<UK$NCQNHi
zA50r>UCQt+d|Yz%VvOkkA!fN%h+ld3J=I#H2VsP*SG(e4-0}3_e8GdH9Ct6ma+PEo
zJ1`$u&vI|7*gwaGzQZUNiRu?=X&z4X8flMYfZ3&p8rn`-eOcyVF$D~!G2zVQan{96
z1%hhJtcu*MQjrI{64zi(fPPPV<oweQ?R&rEBz2$+5881<eBslw=yGEX?uqVs`?^>q
z_{=Wt@%Bg#enS-4-lJ|zB0kZ=q*o}<v;2|WbR<&Q(WU3MqurXc)Vtw7Ayp1i>KsKX
z@u#S_0_fiH&f(&x7*b3`OKKI1j9aHz7pGVWKY<uULC>6bEtm7T53oXfR}6Xdfcl}B
z2EySotTyaq_+=I@tkrdxjkAD<+FmywAuQP{lI|D5G|BcF1Xf33%pJ`p%6MjD(NxF%
zhl@N9q2N&!Vr<qTZ+e*J%+SI|eM<!BqV3f5FnFgq29z$Vct%>QDwZD+qYQwKsWCC9
zYioFVzsx&qUmsuRb~32a`mT5)Q4Xblt)?J%&%H{9YgsAP6>I`tp4ZR_=jl?qeu6ng
zttVTpktWqNs<8C-xGr?X{-gP+UP0{Y1N1&-KNpT9q-OOhamm})4^B+5%L{j_CoGgP
zDLnflGP1n3PKe*8*|u1e>|H=b7;jInQiaof%k3S#i_uYI9#9*!bN2nD5Cvhnd3JK*
zq_^ab=P@(Iuni4DRy`N*`A%V-wAgIo63y&+1@xV)kqj4(#Z5;mt)%KtY%JwEpqHei
z>uelhxJWTPxTNg&NM@5@g{MK*5Y=LCZJB*uy|rDlil0ey#-AS6;#l4vWvP;Zdd&}Y
zJkV>Z)jF6qHNC4)?d9i-3&qbHfBh~#_i<&j<ZPQkMijpE0-7sWb2_W?e%Qp=so=L^
zfA$6<@$=mqdgrb6i}jmNqpx~EU8MKAq)m@`yTj#D^#>n)JUMaPaQKZQyCmAH&baGI
zAnKP5R}3-Z@{9Jtuhc51jE*4_BR_0hO_&z6Xpg*vypT_&{wPs<5_vWxOAi*b@_5^U
zEjBp)crXbF)^Q*xq`X;M(wv_%$HH5MSxntC^4F%XQI}3!l3+@yr&$G=FQvjXPN&j5
zMO)JAx81)&^E{^g*GJw{D?VOh$9VtZ#B%@al#a{qnFi%$YRqbh{)IOGJO^=b-zA&Q
z5w*>z{*KI6t5td^X(my~K`|urXMWcD=3!+axy$_Vdlfe_|NflI&st8CU0h+^)JIxL
zvhDUG-(xlPy2E@q(YF$RR_cZ*A(swTsICA7L&}H2ZbA+`vy7I{meJ$8bx^hKXEV+(
zpws8aKT6{+(Xwb1-}aE(M(16r>>-_E_r1F0wn%AL(?T;AANP>kJP=vY3}3$Vg&t{`
z<Ds-#cSybs1A1xP8wQ=8EsJ#EIuUTN-sTWio~%5u17Rx{(9Y~xeR~}}`xcBz1YJ&@
zRne{L>&b308|^*0YCUfPxTK3reS3ZIW_9)5g)hTBkj|#3WNVxZxhL)nvztt<CX?^&
zZrxRkV=^}j7?EAQ9zQ5>i~&9Aef}&WqZ~)aM*Z>P`9DKbe6Cz>ThITP4;faF%tX&3
zL(SUf#MP&(Sr>~qo{XJ#0ehIcG5BO;JQK5JcqZUJ*M<~u+d-#h66|W*i<~tsc&t_F
zN_Oab)n*jA96x}jFGCk{vz<6wyvg-{Q=u`No0zj6$DTGI5S;iyeYqknRoc6RFg(FA
zf;gfd8!opAnAMHg5D3a`3S`W}v1YI_0vPm2JrLoKc^bRCZpbSo*8*ey2}!IyPC>ej
z*`FE7_Ai|_S`-2u_w_~+G;bc^zTD1}_Ao~_|JNIiMpE;r?<`xTL<KJOU2?a9=<wmr
z+rcL@4D!c&CES{8-i|K3loK^Bw>MgFzu)$zHr%aw+^NHW(957<OCZMbCs<C?yhlMb
zvZZ-8J}gu}pDEl_rCcT(d?TFXOfS6*!sf`Jt&x?2d9(x%kv;Y<+|b+oq8s7U4F!!U
z+kyOoMhO&|)5>OSFEF~;jOAwpWo*IqZ~#+8xn|w0WAhpsm!r{=`BRDTp52~U#j7F|
zB`xkt2BHHBA)j(ro$>o*ep&Dx=AcI4D=&WR#F<Cc=L&Fjo>qonn(Ze2GT_0owj}*H
z81QIhq#G?2%c;cT&VKAuccKnlKuh!5xKEMACnMb>F5)3YDLXDH;;_H&y&AEM)(pWe
zK1J=>d~$frz;RCPLvsAgDv$ibv$#kWbdP)Ik3h3ZCnK5NTw;-Dl$6|t!w=bEzxc1h
z(dtR(vz#K4cl+#G-e*W+DN^G<TRmD~yCY)Ws@Ikl`4{!!m{cyVa8T4RIeUL?CyI?a
zqdc|3k!Nu9LSZ=M^36*v2-y^;01?RLars6uULT+FJ(lCTPU)U{?|V`;1D`(-))q;!
zV0UrD=8Nc-?H|s*jbw^Tk$!L;Rf@Lz5Sri;n4A#(Rt!84y$;mxD{k@Y&JF<HLZn&|
zm?XX{*G@m8TmT6;qRvlMeLsun7`?gaN-rg_bthT{f4cn>fqa!7?U?D#O`FjX#|kDS
zfka}qh*Y!m%3a#CloA@(KG`f8Yurm_Nwg(NH*O(aCjuq*l)z{kdXcS9vnjP?_zI00
zAkej;0t<@`Es}VFNtJ*c01gKShCaig4et#C>co5is30LJy=;07{7d0$DNroKfd@An
z<PNN7=zM<Ubr#R@M&c`!#^`?*J@^rFuW4`owLY%78If!gu8P_38F<o-7ta0&gYpmF
zeOBSnsv^&8j)d0r9Y`&ClpVI&fXd(5cXHh}#RX5@D?v|Pi`F|Ro@zbC_)yS`?qU9k
zDn^_0y8^M|j)RH7xl9;wL0~}YVLqrVfO!C@z%RB*2babJ4YhjOZ|-;#?iIin$U<O|
zdv3HT*U+Zyz*uA1L>`tr$xJ;{;cG>r9J;vCfLFkf>rnDhOq;X#-p%`@Ur`a2-`0`}
zBSi<7_`UIL%~c=L&&YitL%ih6ITPenEyGI-E$Q32*(a>D*q_xO8~WH!rmlm-DD(dB
z-^qAm4iWeXy3khN*ZtzyOZfE*+lDK;L4*bW0QaTEKr5Yajz>FFrV{~f;O%-qGEF{y
zLn8mb(k_2^<Y<5}=8%zC#3aZJ1ko=J7KSr8Vv5AYy>cBaXoBx1H(1B*ZPZmXmkm_r
zSa&_CBlZjoxpb0sw?L=PPqclLtMmD7u4&ElfE>NtXtpmz<*O^wN5l0#DPUFh{mJ(s
zK!%(I96pkhOO{v1vy_D-+(G+VQuV2H9(XQ5wss}$H!3%rpow#G#9>Q7#YRwb;;)gx
zv1XY7oQrJ=zdN#|mh9%HE;(-5c({L)P=DA=lM*gC?@~GL=SYw_@Ix_a2m$}y3Ay+h
zcU+>03;R<JOkPEP4Q^!I7Su}1o9KMQl)9BGPZrqpCd6C=quFS{)%<zys)9@P>d|La
zumyLT)|1*3yN86;?i!%kQH+wTND{S+Pw`Z-u_~Iy>2UMb6TQbrJnVsKef-BzQUZI0
zuDJ?D_yqwV5ioV^S#gW3AvHhqsy<jX1mr#Yk%A<s^U#`f*Fh96MJ2{O5_#AqN)kIp
zLtlyDaGRvW&1drrVSZI$;K=~=iUH61KS!`SyyZHT8jy7vaS%)z4@}A|n?o&^;AKAR
zng60bOy|=W;|1*Xx|eG2E#M9{$AkRcf309o^p<9i>;w0i>iNOttGcV{VWA~&#*+>s
z_wGf=CxV!U9yvqxATD~fB$;7u%3G$@eFH^i*nx4VH^C1D@9qL&J&@T#%xq7RvxanG
zA(X6+Q1C0yJo;z~4twT;hJOPl*fL;odH{0~X;kKY)lFQvL-S3Fj&P4cs`HuR<Oa%@
zTOhY&iT(I`>-jE2PK)mSx(igF04O2xVGiKtC%-A_c2abwRQ>JEME;LC#Y0I)zu;3s
z=eGOHhsSsS2l$b-9O+<l60P*;@*FC=$^j^W)}H`Rx#oP<oJ$0N&6+~wicW=|Ykf^)
z#aM%(IdjpH+#^p;?Hdr7PO?io1AnN2+FfLJc>u!gf&B>7STX_#5#FRK50obr*jXEW
z?f7b#W0SEvzj;$XpJK1_1gC}I-iX8u!k9D*!}gyU6KojrV&TlUYWu`U4M7*!z@#4?
z&pA)fy&B9O1Tuft@oGsT!vn*194XeE?Z!tl#{0`Eznf`J?^ivagA?;v8MbrQ9S5yb
z5zmDIVRZhg6KI-q`gk6r{zOKAI5hn?`9<9a{cXt<jPD<=b*l<C+PBT-8&^Qct|#gM
z;ZSezqZ!_FyyHCb@q(Im@~LV~AIRMRKYFt;PiC&`Kruf!F#6f{z|%R*KIPyArS{V=
zATmUv6%a;Hkj8KpehI+ZFYi>XN-HWjn2ER|J_1@FHF^~C6E+z?9}e;<{AGOXJp#Fp
zNCGiwJ0<&g%-ZbGGcUZE_lPY~G(&(=%45!ce|y=Ai8fx)!sW7<{aNW1l0zMBqS*Y5
zPjvGT%__q<IU`3Qdh81)?a_4&{;^RLDX_0ZL0w?imH1=?z%rG?wydlkU`tp?pZ7X!
z`j5uBL*r)hVJ+n`C&p%Y=7rPeZyR!&ElvYgygk9Rd5i4nL>3H~)&HUZLht*dm3KCA
zJ>noP$UGph$W+dU1jUBll}es)sqj{PY!2vp-N0PRweE>q1(Az<etmWZdifMD?dh9x
zgVvgHLsn6z(k{9COt&rvRWQE4f!_Cib3B1We6;!VRBy_+*BnnwPHSPP@b9iT({Ryt
zrHb<Suz(W^=B@S3coNRfr({MxQ3?u?%tdSO?vLS_$c{9rZGD0TKjrO(tCqkJxf`g+
zLxs&-6zVG1gDbMGQ&0~}Qd18wKXwJS(z)Bu&#M_~jd4luZm~Cbw@a!rhHmEht|q)$
zsx)zyMjYYunKh*l0FdR*<SxE+3zmn0v!Jb_)5;m7_%v7)bei3{*mLRPA$Yp4%NVdw
z$x-iO+71W!6%wh4bh|feEC&lN!F@L`*aF>3<-LZmg@ojzGoWuKtsQ-IibqOjl8)c?
z$UTcf2KJQgMOF3%<SU?p`1%@XK9euk4U{8X1<vmpY;Hmt8_62hp}BR4F_Q2(A(70R
zOkQrxnMbn(g6($q-_k2${>v2!Y&>+)_;>1AlXWQu#9uehP5{xi&!lPhY`%V|8$U^?
z$~?~(R*-vOz4-G*0&|5Nqy7m1)528^QY_vuxtML3UEqW7bsD7DW+8<v3J+ioCf+og
zYe{v?*Uu>^5|r5kzni*)xQlyd2MiM^KzvHrox0XLm2jkE4-!=~izR_j;bgIX(*PB3
z)=BTJ@pIQ+C26Ggl$o8FYk18*^1VlSKs}he43K$|!9PpHyi)&dJ55@=w{w4D-v44%
zmYhTD<%Z{Y#7?>pq^?pE>HnKsl_E_VSNuE#bEE_bQ2a|)-blr$*1}`f&nGf+Opd#W
z&v5um2BOyb?)|(6=tt$y!~AwA^(RT1JVlG~ci?&3nc-kh^FMs~{l#%k-6H+qyI`&%
ztW?1Y*GYh#5i0ymZt!*k_rfd*qyk1r&Lb?5(KM#&L9p?B0m|6poRDV<w8!!d5tXYc
zAbl=Z-yP+7lMK~6of(ZdP2z5gH(4NE*a?c`uM#sc5V(}*Wb`uRzmE*wSM-?L64JP5
zF^po8hE%2x;v;)y2?e?4P&=|@?sF(wQ%;}pBw5K%2qLqHPy*)l-{tVR_bImfIVy#d
zD>W<3do-k%tw}s42`?=K%87fgQ`UR+xfhTBx(Bmk5zDicV%O=uQbVY09y+-39$`#`
zbdV0*rAHK_h{=a^3l^SeadJ{pB?7<n%%Q%50tO+}2~b`^A0U9UcTKUQ9ib84ogC*!
zrlf22*RWn(v3<pAO8=U^ouc;K&sWjEC{FzM@#-h5gehrXg(C23Fze{H2lv}b$KV|9
zeP~flkapSjPkDS84&sM&Oz6SYZ}teH;}ojf10@^phsQhAowz9e-1-OZ0P2U_|D`!-
z9q40n;ORZn2Nb!xezsWCpaDO)2~YOf&bwc?kQ0L``Xm$AN^D-vW*qoz#Yw=<=3rO-
zpw9p7WhX<5W-EL$>4--k{FJFNVRA+A1ry~J(lfsMtWU@^sU&iWS)NLarP@{M&t!PI
z?qnjFS3VBRy0CG<q5Y9mgRQT|TowlNfh9$TLPaQX0cGCo)lUL7pXP{nBO;I(woFnp
zK0h~<8$*=$m^;h5<qg6BT@#X=#>5N9vj!>3i)tQLrjadu$@;-uPn{nxsP=2V!_~A7
zDn~OJRmji1!UwvEayLowgA0@`g~zJfPXFJIuOcr@DAzdZ9BnLiefjPWUk%Rx3xPY(
zML&*$h&O?5c=LhZ_8Ae<MUgM>E((thymLlQ)CQYGM$>)*{kF<i1W<4?;*tss>Zx!?
zq<TOdgY}gvJoYjAQL3N+!nbx=o9e}M)ze99T~&+dLc4(tJ@ddM7Kjn~vuUOET~&Cp
z3;f&s84rWV-=W}py9T8u9p0_PUj|q9=vx#WbZ;nLGM(9t`Tb?iTnnE0c}=gvpRGO!
zXj^;u`)8cma(I@x;NKl$r{@A6T7IWG>xsRrmw?~@{i0GOGG`hb=`vaWeCzku|Jxc3
z{lBuvj~Lks_sKR_|Bs?^*d5P(bZ$90bk8h8{z36dmB6rnraO!Q{>k9r^~znj_RBBo
zzkfWn8*=E@Cx39%E)Ran4DN9G-Wj=L|6u0UZ<K;t)>iK+5m`vWNB_xJUcNclQV?9i
z_i7W^TQbUknTol&66?YW{$;s&|Ej{_f&bYRq<r<W#x?h&w@4UH`O_TAQU|$BACQvL
z|Ghd_6#`rE94)QD=kY?&7zs?>;5IIyolqTm8qWU{f3XEfmj8fJ3h@t*f7jeS45K1l
zuEYk?NVAh)9sG7Bo5OJA6NS96f=I(`@%^=<CzT?->tzhZfi?Lh;O@JNX`gbmdqzV2
zfoq)@S021_Joo#@v2K`-Kt=_LKadM+YTcVD7yDn&kK)IHb31dRdCyL5(m!Kbti2~G
zJgV@|o#ixHbs}AHl%)0tGn06m!+K#V<#&0>xxM|I8`Jm4k3*erIO6wh%9j^_h*LTK
z`vV;P{U84-30h<F<PSE{6{d*PKQBtTLi?YMr^r87=jde=|BHRHIzE$#mE#BHxT?wj
zkQ#&4KAb$e@yFompML#TBS23?Kyocqh+CRmAOfM71ON~KEs0^zB_V5%+^3i)lZvMu
zPE`c*%FCHFemfx6aM_|sgEUrjR!d>{l+E7dL?N~0t><fb!eEV*s2cNg&vn4{Br&Ny
zS+bIB#EToI#K|9=tuLJ-9?Ja7bPJBi&0(VaL7mDhX0Y}c^<;B$Cn@^4R{bDC64!WX
zBIVgC)OFl=S5>Ietw$~!nD#b5ThH*_j0rWAsQ%fJ&j`=;?o;%t4?P5FcbcMZeU{RP
z!N(YcH05QR8@Uk;5@<byx$N__-&X+q-SiFI5`U4mO1>+5EaW68YAdaWe1>s|jyo(9
zP<*OU;{kT^(pz-fM3DpolGNZ#KN%@$c)mcN0zGKa7~s2hYh*z`zpM0fXQ<t0{{JrH
z>K#zFIN&c@v1t(9G<v73+abH60&#Sv5(4_1i2$JCb{1X(UfH4?y)aiAS-^heJw?`f
zIe=K{5&v-tJ|KCeh`m`P9*i(J?3D|en&vn)&ZkhAToJ0=ABY@VRR@;yVRlKsYd9h4
zUu)*%6Z?AKj3f>+hmHTbbq|>7m(=88;&9)uMHYt{Gt^H<o`b8-B8N!;Tc|)eFG1I*
zUT><+3ZyQlw*l(UX0~Nr=n7rqHBmtJ5T(B?R*W3(2;ZpIAp3rCDvh1Ykq&V~Z5FBc
zncarCp{_3)D?ktO5kW!wYWua`B2Z*qqUXJ8SU}adv2r0o-nsOYWduGOB@*BwHzo3e
zkU0oo>`MC-F?Am{u6h@*eTyKnneZODSPB4?W4PneQz<z!r$&v&nMn2CiW8IPOZ6!X
zv84Ev*Ix*`4EPxm$W=@Pt^UM7DB(+XlC+)1T3!h)6$f<dgHgF#22{?b!&=u42JOm*
z1w4fT?KgQuVi^`OZACX$E<Qn=dwpi_wGrS(tvz~U5qLOkx{mK$UQE_N5%luw_TF@N
z4cnzU#0!{Re#akZ5xDocW;@=b3wURR3EMboEY&(Td18`S%zfl8#*6^(0rd&eq7}Dh
znv>U9Mf|YiYD3or6Fm|7%U7O)nN^w))X86U8ZNLrI~2$vA6P#RT^6Tyl})$pHiich
z_r3Z6k4A!rF4h1jhYkfDjUPyej{uIgHKv<Bm#UU-h=5vXVAkfQJv~!mLs^J=$zpCF
zNdNVX#0BpI>(Vnt?>g^=D*6s57)M#pno7(*OWb+6^M(}2fAcL?a6W!|r-C(lc{9hx
z^<8g!z=xCXDXF862n+)`ACm4Y%1Q&8xdsYpVIk_h@`@rO3%-c>?H85`dX^x>EzF8$
z2$+P}c|5DJ@4t%5QuamxKa<@J0I@sNTKK8l)xuK$91}C{0VSU3k*!K(Cz3~9#P!>m
zhmy;H<=)*ydF&C_G2Wq~@B<!L@>!UHSRtV9v*{wn6-&Zb?l&hgo<f@1hi!pa=d-}|
zODPes2>=D5WEdb(04ym#L$~CZIw~UG(9wixP-dtz2i5vpO=;j4w!VimSsB`DDWtsp
z62hz?zU^8)&#@jzLidu8PupOy)9KtK<<Vz`0m(Ou>N~j4R9jOtjAz_y^T`ZuRNJE7
z0Ps)w*l~Mvfe=eDS7Gtwdt}JNBMjc$OusY@9>Kl>)0!W0UX4bzVuAM_B0xC+B4am!
zxp3E8=9^uxg+X!Ym1--Y%H5+lX5d=G=NXhyP%mZkb`OJ0dxQC@X?J+AXWJY~jRS;l
z$?0#h*6hB&wB12=M>5curQ{+STu6=+JXxP2Uw?}bClOZ-n-g0=I7MnVaQ?SBnhW|H
zcYlUYYWvkPn3UP7r<BjX0)g^L$ir>K=TLvTr3hBZo&eB#_L3qRHWg)ZA9IR4+=P*i
zM@ba=uQp)3q~khN1skkEkn}~F{2|lggOBb#wBN3G;AGCA{7D-L$VB<Wb-+bmNVc5o
z%lO>mtd7mNM}sP{YTGSu@Z09AxYE!|D%hP#h`t>gpXGadqzI&~$~+kcHl(kBHa@Ep
zDnjvw!eK7dduvWxB7O9;BgV3z1Ukxa@gnhahGq4c(O2}WBeQgRH*XhyqBQ#i7j<1R
zMU~Ck&=ThyhmBv)ra>hxS}h$g0|ozcGGI`5rZMhjkQke^CrAv{1y3ldRR5+ZSbKKw
zH!z-J2c=w{*_4f=aW;TpByO|>A*hyNfjhb6R5#jbbav2Etk5>uB<}T%62&((M9`T@
zNC38n$z%saFiEyojh4*6G&$x*H_QiOLWwS80wTKHnw3O?vNk=btXI2}lBpZuf78>Z
znN2f6$RG8)Et~N5DdnNT<6zlxUb%E<<jj8Nn#mDTR_w4;fgj(IGOYNX5V)x>RQaNa
zCFpU@53sz9Rc>vggGj9PPn{MiIeKn7j1bd@JQaYK%aWCopFGJly11l!HPEgy$8=Z@
z%=uqck?2~Fc}AI=&w%eUHvK0^9AyV)qf!q;nj4{n5&YkWi+j47vT+haCvVem1Qg$y
z{}khtemn0~HSdXZ46|j?cT=h+FyA=F@I<$7$!Or--YhDfEiEG*60j7=(DlH{Ll7+@
z0{knofgPYT&=s^PUwNj~@_Zl^BTw4v-L?C=`V@14ZZ{uo&vofG6SrFN8&zY&Y?T;p
z+sUSo8&Odk>2pk!=dT#JZxrSF1lfDtMSZ_alxwgE@uZGz6(2F{-W5VWW}s>G9&zB2
zmNN~PdyC8UC6qg%qYan$^(wFxSG1j}VN`g!N$F&ZZZk+SFkWd3+kprxPzG_)?v9p1
zmA{^Glb=$M)Bs#hfA=NfHtsIn!eeAe)W!dNgZV!;b`0N~(rv7-O+0UdSIDV2QfOot
zQ}c>Z?{8DPFO{^BotqPJ-6n}3fO+K1_L)4_M)T;zSTaM=a+=V}acGHP@hp@fP18$y
zoSzGF9aJNSTEd^SKG^ZBpqM-WxzM<*z0Ku{8A<}j*>@3U?rlYsN7mgsn@r0@>WZs5
zDVji4V<L3_s;8h=I~PkzD=UYsMx>cH09u)VL7aGVel8J@4Da5?Fo>u}$@d7Tb_Oh!
ztT*R>6WCm?8ZX^6l;2Cnbs^K9q!BSl#`p|>+J!t#v$^>b)qu^C>8T@6SlJ&}pEW+A
z_mZ+3wTkQIF9U|kJ4E9u6PL!}`0%VRLHw$#x>Vml7@t)(N@_e{Q!C}+vS#+o-|_h~
zFYBm0S{Cs?0Hu^$neCE=JZ9`kb;>>1#CH11srkeA<I~3Gdi1cpP5IK9%x!eK!0~dy
zD@YmrjA?+dl%Zq+GC+%{iDx4|%k7xxFUd`|36h;YUFWh-0+Hm&z$$-ucIpCqYwY(!
zkY9zhQbak9?Qb;>0?VYX#+8m6radk}yNfHUs$&%B#=*vcbc1UiA03GL4~!!twfV8~
zhX=%;FoqEUbSZFeT1M4;n%}aRt`NKuHwD52-nqsA0}1;;jXdJUw?zaNZx*nApUf~g
zJ+A#Tj6qHa<a>Dhm_9?HWnAsMnuGhkJ?ffl5_W3Hp&mlNNYLP)o2#%^58%m4&kBXg
zebqXzCo>sLj~r9#6*os@Gnu<qoLr=#W@9<<Ksofevz#CBZX9Q=Fq^_e$D!eqz$FMb
zC<-A27#jwSiKph9Eq9i80TWHTV;v)H$=?LSbBI~^mo~K;xj7s2AXe7-!U;3#*SX>p
zcNPoEmPo}O*u}YkA3j8vohp9Fh|^1a#;Y}9ke*o-zluP7%dHpP?z_h@EV2S7e<ALM
zoXy*BL$`rv8bg|MI-buBz%t-+G|J-=t(+_;`hh;h(S;mh5+f8bxA_ppT=bPOj<i@Z
z@qzB3?gi!S3nq<+z5%f`_hBc~Ig2N{8syaiZ5~;3PGqN0Oof+toF6(P$wId2q!nM~
z(2#N)IB0+j6Fkm+K6QzH<*tMiUe=3&-FY$!b-xFQ{)T=9TX*h&0zOtL9Y0uT*ehrF
zG#HmVNU77UJ4X9yWZdZ&SZvFq!DcKL0P=JLq>OJIU4u6wo5|obG1$;;BHQ5j0G9$`
z$1c|Is86w1f;KP#0CDW~$b3OR%t3vTgI#Z$^N#!^g?q=1>>;@sAkPUc&Rkps!PO(l
zS06oR5!dybdO6lL1VU|FFH1_;!N&fQfUR~-2qL>=Kr$9>h-#9!JAB@AhIz+05E%KF
zVzwp6eZqWyO}$oCXN5a1xJ!8mkv<AFb5ATL*Vz^tmpFciUZF2fvw9FEA?v^MH@{u{
zG7m{JXg_8T2hylL!TUjYyWWCrHr1D^39tN1(mTyVo;?~n-%|F64NF6co>k`Qd@Z*h
zZsC>=huqEmtN^acp$L++;_u#bhfSS0B=#qaYFcvgiZh~i$=~;<lCC4hY`I#Q!}rUm
zZyTG0R{fY4HVG`;*rNxO?b+@*_;V$7(%OFR)vtRjre`gXY6H?aX?KY4M7t_MeWA{%
zed?_-uBT*CZaD_XM8`h{jqd@QTi=q!h8^4sTb{%ly5{1b2O?JbRneJHU1DX0EgLyl
z4eD=S)~MZJDGbA9H|>MQuglJ`orSJ%X9qk88Hk%nKuJpHKi4ld4?81VQN24W4}-`N
zw@^A}7S{I&8?Tx%*y+*-5oSvzo{RidAO)G#>V&DcS%K4`mDdE+JLOk~jb@Svm(T18
z;BPM$cH&GiwzgBCE)m2t4QwqEf_4Hfin+aSm@42lWFAEZ_9<*yAYMiSlMQhoLWK=G
zSB>CYgBG36NaZxDKhzGrr-%A6Ma<kZomH-$VTi-OyR@22-i@;xzN}WJruf=JZL@tT
zPjP~l?%Vb}is!F%Y=KeP3wRAWwsOuqpDKs$awXW5j^C<E-spK1pT9~$J$;2}fU2F7
z9-Ix0m{0!by;ztIGg$=*oL#2R+qonhnzM~t=x)`{m$MneQmiJzGFR`T6%5V_U+MCs
zJw;az=gU{0AGU*uSB-h4_}<)sF1o@XY6NT+XKC_7j8xsWVNH$%^l`0-F8wMvqlv+C
z10f^AW0XVCLp`J12i1(S2i74@gEyG<qv<hMy$>j!4Y=MaT>PNSp49iTp5V;x;%6Qk
zkn7xE>o{UPlS<zJJSv2DE_yAdi)b@OT9{{Al6}S<5@rYWXW#X7dbCr}!6!gIx)H3E
z(UX1l-V7YP^|ixCnAm&Tsz9*8^A@r_hM|8fv56g;yUcm)5w}~&s(LqrSDh2&Sv!3Z
z1F;ltlao)yMNxg73O$MW8cjvW3qh<y*f_Dt#2lZe6E|*vz0ig;GoYmE9c${}4Eox0
z4L#}|5`bO<)jMYT2BQAy8QF4eA=|KQSej+saV?f(I*u6mZ*^z;)agC%Xyw}u!=lJL
z=O4Nefo532-KDbK2r2aF?yne4wT9a5E|B8s8rDJ9lNr^NUhgX!q>R0#CAm`@`i-tQ
z66kU_XA&%uSzT+}O@oM*?qA~!lh0jyFciGO6eVxI!2O<)!KDtGxZE0eU=@{Q;#xP>
zqpEVu0vcBzwD0;9Go065z^aKcbuZkTMfE0vZR@b2q9Z_ci!MpK6g1S__8PriN6uh!
zO2~5b8neWB)@fq16c(5?<!rLqWc}VXd^5cJrRDyq<=PuHQ@e03ethl(@swcw_ehi@
z9|wA8FaoWerHmCg<=U_<!K!8$;b$hl7pwNHtE4Tl4d(NsXri!c3^JP)Tnx$1A3gsa
z^IWMDy`e$egk7t9dJ-|wNLaQ50w+fBfP-+9(7i>AUNL>|q2{GhFkkUvMDRoInyfzT
zgvnzPxlgweg}q1+c?)Q_xEGSNm}K|!&DG3hf|!?@EXZuzX?#~JrN(8p*J)R>7r{Zw
z8UCv>@Y+f>O6G!ek)D^|N7_OZkkUFcoqQE_(FNaM(LngJgSp7+(;kQOzgxz%yuST#
zNyg1gE3dQd#A~tQ=`CYS`iY?w5C}B;PIFTW|9)hLoFWmW8^J1STVCVRL?L~cG2}M%
zB*NJjwC4!T(yFyJ0SmdbIGl-#FpI@=6({V2p~(+$f58E7*MY$Ph>__Oi3&o~>LR{v
zXzy@k%i9_M*LEnK07dY?`Q5FQS%b4$Ax22s0**PaEjgCH?gXljk7U+nbD!-CU|h4@
z_$Sonh;#ur*YbmNvL-?LS^OcpK_7}CV8P#DW)gCx?(+Ak%dN(d7Om9<oqUE62fMY&
z=JnEn+B2*YT`o~n`<a$iwNJHlULza%Sg1E!f5aK_xsY<=8|4|q_liD+7=}({3>WG0
zxo|x2yqPh<#1}5wbNd?Eu+&OrQ#a{tG6LUlu+fS8p(+?bGIzI$(Ts5Ccm4kUFYt(-
zk=^QhvGIK1?vLE;w97C9K%tJKU_xJg@K?^qmf2?#TY=);i01}BBdQmLSw8i~7iGlW
zN{=7Bzo{DkxcCm|InD^TZf{uWUL3udeIROI4!Kh=7tHfTAkbs|)2Z43hqSyJL~vlK
z4MD6yBm?}J8~Bv$l32aoamJ7dAfC9UYy;Y8XTk10!z=T~pnU1)YXbBENRNC~78_{)
zG7(zpzKgl0B~trzcHjGn8uectvz<(DhL0=0DSQnOxKiSipOB2daan@1r|P`GT4)MM
zmT)v!IFdw3M3|9wm086Ooti^^m{u1yT=EO6Bxum`-?_&~xh`Y7i*!4Ao)i^~>6V}8
zzHOwqYKYRaii^;*N|aY5%tX~K+h%L)giHj~e*}>UVE%+IS*Zs-bgKRKn$6bnV7DT*
z71x#ID3>NbK~6M4;mT2u(2<7xsldsvd+;e(fke9+!D0hyB{!39)4U5?*wuPAS4u?>
z*u9ETGm&x=?{2&HXxF7`>vA=8he4)NevD>G2&BK34V2S6CCMZBFl6nAp*(c^`Zmz8
z$R{=6N3a299=UrfbwBXN5@hDckTD5__Vh1ZF1Ji4!Y`aUUkqcy%6VRzlE#m2s-;?T
zWXGuN1#PsqNvQk;b5~_sQkliluB>q8odF@XvPYSZYqwZasxxfyp8;`V9SUgF9iG=r
zXQoy+Wp{>JK`wb7TQ=sh7;kQQsr~xXvIWeS5l7{=af@sX6{8!pzusFKbJ^vz8-s^7
ztqA*w6d23M>P6@BE*#>Or%$0RTKNR5gr1HAbH$wJYz*ojjL%vGJi$S4_lh|@FQ;#z
zpm@$ybSXdGDC5}QbYE(@d$wiMIX}bRzkeH={OD}osvtE(7Vl7AdOj|H9-8;8=y<tD
zi+CjSC<Y%s!4+Z>nNMkU!AAciT~}>-`LyvJH~yPST*9}L2G@GZ<Grd!uPomrK6uuC
z{N-aFivc+gN_#G@T}3Y*bjc?X{oz+p_t`9_1o-tN==!p6rZ`=fX4&$`P$St=F_#gS
z*I!2W`d)#@U)Sq_eC0Il(f$Dz8sSfai~}O~1_J3(2Odu6O9SX4l!C=fQ5#dI{j^Ct
z9YO+PW@4{Xl65C10)42vm+Gz`xA{QWFyf(}AqJAzs+NTKO;GtZp-?LpD}Zj6O@l0Z
z#$z5L*^WCFn}3g(1O06h=cVZ5Z#$Dc7rSM%mm!D$7jy3&*5nqi3jzu#h$xDP)UDE`
z6Oay;jYyZKbVYhqdJV;f1r+IBlrBU{=v@TqHDCxKDAEa`g#aPRtmt;1b7t<nbLW|7
z&NKM~4GH<ad}XcQdVg<0xDcv7)4wWCO)QZgYySGgbuF%TR>Fr8J^SP8Wkc8kc_nQc
zu}ctHgzjNrmk<IPAigWEMIpnEI(gZR8lBp9J!3^{ZXLZ$X$<n|SMys2(8vP?uFI;z
z{;D|}+2NZ-EIZ+H&}Kc)05n};d_-9)RjTZB@Sv-+Vab>ezg%JyN$^{_8C4eRd3;GQ
zd8@&r=9R5|D9La046WM!`c<Os%7-$R_A$29hH!H?hP!Lwk)CUNkZ*o0?|(iOR;Ogt
zBLktS=C%m2X3{yTn?x5yvicH7V3Me5^>Zs|;?^=E2L7e@5JzA$uoPgc9`yTCy9O=C
z8dv($3NQ+5WEbi7P}G@kdVWMn&^8`E!K0N}BaF7blH&O{InTqAYq5Frx!7vGI)3b}
zb~JD5J_%Rzf`!Y%+VEC%HI#@A__UBb+xfKjX7QRK<Xs-)gh$?5%U)Lu7cKyvGkaUy
z{Uxtz&o)pDRk;y4e75?pMw_1!KuH2#c+DvQyuQO;x#~EOa(BEV7Hc1;Eb*?9mS(BQ
z)+bEe#gN9BR;LT0WF~ecSas@Hki_W}<I0V)7$1c5fbaA^ugQ$8sT-}t<;AGSsY9V8
zH3Ym#jbj_%z-ZWbz0EiAO~Um%>{m>T7h{>v3#~l=E78{>>E%vbthBj4IcKKyZLd;Z
zZdjomoQ_h4h%zaqy-{zk?NBmPuA`e!=r>NZ=CIgXkH(z?>o|_aipcP*PbSQP)Zq1|
zVjK^aQNXz{kHIhGwf2zBEi6Y^*3!3II&9%DP8B(a&o#km*l0%#y&Hfmg&GH4L+hp0
zk6xk~eSH1SA_fL4<>6;~&dQ_Iq2}LTR(JR@RqH&FKcU0|6m1~P3|KaJoT=YmGhVly
zstEXYH-tD<kp7p&Q=#m@^Wl+#7By5lvyB|kxSPb#^thX!3I$~5v_zk<**%kKi!N_w
z`frU0Sluf{d@EM=oW7!6h_QWxcys`@!KC5n>r>R$CIIenT@w!n^a<mK5hViHdR9a1
zj3kFd6*{IUk;Zyq-&ghH{3_xaG|*6et4R3MQoW#|9VAm+G<ncc!L?r9mG~BqZK*R_
z@iIb9<T@}{nqEt$clc`}47O=*eso!XrfO7Q))v~-F(noFX$kp0<Y2zQg5_JrqTpUD
z?F6tn#oljl8Y2BApzN$%`7V8>-aPNaanpRG>q(qo#4Quq>HlQPNTZ<*+T|Vs5-A0f
ztKqG;+WhgHWjJ1huUUj%q%y}1@xzGoW<&b4D*Y1(-|5>`R$(=T^7Ud*3!6!%%+{Lr
z2sZN*R@$_|aXL4Idn-ovMQ$v)t_!{Om{FNn<B$=ryzl#R>9!9J&j?xK^=!*Av|6FF
zcp@B#RnW4vsf*aNrR<w?Nd-70dT<<d5DDcic>jo&e$%h78E9DZ;%T-gB^p-QRCERt
z-`s0fs&3b&ad>mAT>2MOUZMq*f6=QFr>tmqsT6CCz;|$WM9(qK;7Y1vivOMBJN$%L
zZcdmVjIyk(2ie5eTMFUxlH49f(d|&x-|*e^%ptkv)oKsab$QhSKSSBSEV3+Uz2jdQ
z{B6x8d{mQjxhypCw)ek;X$%x-Gw&Cyj1~mkule0ce1ruUV|9=Zq)y#!UYF~b%Fm%E
z8?EpaH4SUJM*MtwH9ZaDYXBsrhDgGB<VLt&4_Ne$#hR<B6lMouB-OnN=PtC6H(y}S
z8}z@O_?UXYkXVwpIjqGeFt!+AQfZ}E(ksL#v|}z>CeY++ddkgi;p*1#0SLW19y3M0
zA4c?&u&SFt7Q_MqWBV;sL2KoX^__?CH4br$`(9&8%MUfhuQ^_6<Al7x)Yw9|4z>o<
zPw6{5ioMni-g6)Z_ooREV#6&7mhCcQX`oj;H_c;v$EZ{q9ca!+iBnOUwhHm^qOPQ8
z(F*rxzrK&HKy!w!lNqa(Sp^tG6g8}Y+u4ZmkS^psdu{IrMK5|saP82fyAC`dULQ=3
ziVUyZEOsf?xO+LL@PiDZRUaYONaUHBpBud_-eq*9i0&!Vy@C?ekK=5oZ<y%N++;A!
z`|5pa_13sUqHe{-$ij^>ZfiGMBM2(f+h+-xa3{fp*p=L`<j~`V)NIkI;xPhI@=N3J
zq0%##zwgy|Jnnug<YeU*ZhR!Wt6TVJH)7I!Q`cm#WEF3Dxj4@U3ssN2+I1hSjpGH`
zpXuZqZEB^An=km+>O9^202-QqtfzO*t3Rh3r%H+oeB?@}X9;bB!D@hIxN#S#NZsen
zYJ<Z2b+&wILxf!K7@a;n(P(->bLG3Fq*di~X^Hx)kZeneN$)EQbMdQN54Of~f&@?!
zrCuhSLR?@qPnLmXCUHSnp$*n`7t_6pv4C0&61*=#T*stXjw@dD7jJ1-0SKRbq&1w#
z1Mw<bam5dkLB%_n(_(Sdd+bBYzPfqK3e{c7nGX78a}Iz8LJWiQDcd-0fSBC$Jm<D=
zp06v7Yf|VPBN<y)hG2g}o}J_IPhr_M2wf5g`8-VT2FwGUwg6Z-nQr-ti_g=|Uwxxv
zc7D`A9S(buL^$vnL{6k}hw0itw%G&y!^m!GY1zQ*xB<)NfkJsTIYdwF4fV^ZOIeSH
zA3Shqe9Z7*j@<LJd%ki|jkz;v%s)dlq+0L1h@0zCBZrS`f~O15h(qW5I30TuMilrz
zg8(|0@O6tjQ$}4Ikpf-iZt>p);C-pGs8BqHGWp=<<y63od_=Oa0f6OLb^g0DdMge(
zB{Lb3I4Q&l<*K_^QRgEp>Ht_Kz#HPeE=t4C6Gj%bD`-tI&{Sw~i;$YA39Yr=)Qy6I
z@pM7KrHrOwzR0eAP}P9_)2NCZtT4hhkT|8(FsEdM!$*JJXDK?XRh;&-yGN9RDWQ0$
ziEe@^_=(8fD>0|Snd$XSt~~B}@S`JUg9M`l^GbM4Y(`3^%e?iL!X&<6GrE<iBfpZs
z;&&(~iN~`Zq{{P_xjhvI_T8qb3s-xO20%|Hde0=;W<4656;=v=dYmV%dMTU|y45?4
zg_^Gghod}dkfaZk?w!Y-E2>5d(XrOzI=z=*&L{a<>+K9*(2(_h3-=Axit_7Scg2Q^
z(sqhB$^jk@c)VaP(V?L>KRtLfN)KPIkMswzi{B^!^^tPQ_RFuEn@<OgPog^D9b0Z~
z9E>QKLwCs`KI0(JFLuFKs-VWp2~$9@U9V}$`xw~>Afl8Pl64)^2aP{)$tbgJCBJ27
z@<R(Q*;#b_q&T1<*J5)uRwj$=wR`|(g`CR(J+#S543N6~yhla)Aecm{;f)NRKGUYM
zD(l@MFC$215#Ze}M~8#Rgz~v;`?8jB!z<Zq$ZwK`VY0zv&ZF->BdgQfE8J;6?dvNe
zpYw<|ypXIPN=m0A6>IuW+LGBMM|C9XzIkFEbNI`GeAWJg?XAH!?jC*MZl?#97}ert
z83Ai`{w>8HK?bv2_^2v7I!8sp|6?Kh7pf2V0fvGvpDVUl@8W?rW_Aj|ojEh@QF&PP
z+3lTqgov?wltvIWOA#rd;;XXroacoSPGWT&A*gs?C;O1=Uz#ZLq?@sQ_EEfotLzBP
zr#hduhw80GG^rS^hQj$WK6ewnKzbvR#aNkHs9+4u_q~`-mpa$fR{9^?#4_uKZ(b6x
z)Ccq@Bx6WrBNfK<tJ`VwdE`-umsT&2vcLP42}TLKJ<xZg@-MI9n<SXdmk2}@ru|G!
zFjWJTU$^K?0Ep@yxxZXaSG*tg&ZYgdE)JLugsL|@G^yNV3V%*ssp}-hFer32msoR*
z>B~FhCvmlFpBH6L>;`=Yw*}l*uT;8U&lBb9v5xS1{$`s7uz1FXZ%>#y6v^nB&F=wn
zLy~n?EJUlt!_+2NZ)y|nrSN#YT;d#uTHJeKPOWU!vh*h=RwJE{jsl*g0MYg+;~EK>
z;k2e2F2-Zwl{pw5l&p1;?!E>`XniZbj=USvp?3K*eCQW@LSyg4IkLnMXyP~B>Ie2A
zhpv?#DomsSE#{Vm={MC!yCp$e8MIsPZnZJu(q+l}6JOIroVq$mq~~I<EdILP7+7BV
zARL9QN&kG0Vr+D)y{LeUq;|uJyiJ5r12qU^=Xkdtrr_K@@bZ%VtTlD__+>k2<xJ(E
zJIh0Q1ZXEp5G~3|X~#;;2dzSfzvP2uA$5d;BvyZGcR!h)9Dg>Lu&4eD(E<Y3;qkBG
zAcs{K;fm;^kZf(a+y@?e=KCuVtU%U*B?|kkVlycSe*blByp%-a;uW8nNXE%D<4JW(
z57RFal{(2~^G~?E084$<!%{JD@!bPQ(4};2ZPk>2^WkIB+-IAnG8yXzzZc0*>mM|N
zIMcp&PX(*(IInkoj6&h`vpxR?mOhjkPqdQ%CG<&HUoI&SfiOosiUwK`)T|Et2Y`y+
z)n^KORb_kDZv35|^Q-w{2Jt<{>o;c9b{aWMW#6i&yXS6c&(YG{_%L6C59#1LZDpS0
z2}}y)Bk~6gUYXx&1(0O&31JQ>Z*dG1<aBl(`kLG73OJ-cMnyg)y`(Gn?l<y~U3h0f
zgh|*ngKm&qA?p%rgEJn*GwJU4a>_csWVxbb5zud}>8_CJYAdvYvw?KrxkgJ3Zr4}z
zJdMh5{TnTLiY53XzjKA)xapQf%kWhAc(4ofal@k_ANsHO`t%yQA#_6kYrgOsy;K)#
zQqaC;IAYtJW*jV6T!V>_ZCUFAcM;8Zpg8BGe-CeRjkjG{8`pFwI^1#JAxm7q$JtuW
zOF&InTeH{Cw@*x@oyXRqd8e+^g9(|@Wt7l5!}pn-Gbp6xkW*pEOt<Donx`zNQ|^c&
z`5V<d4eRPVIGefzq-!VO({oL|^hMOHkH8SOvLy&<B1f=o>Ytzw7QTn<F;Qge2H)dZ
ziH2K|^=DZXEPpZRgu|&Onr?}r&Wj8IS2d=f7k@M#daX=f3K${I4ad&PyVrtPc>5^x
z*Wz%dT#MkF>u2Rd4~v6Ju_wdz-b#ZOM)A8waM|e;6RBGiW5kDnBsUQa+F9LrA)16t
zp#K3>PKGh_CJeOcNn!KKZ^BhXXd&~HjX1S)UQf)!iCBd#Pz|I~BjPNJzfmH7lDIBF
z1bB<&zjbXbqzmfB>KCGqf&jo6*J>V`o^yZ5Y#NFisD1qW7hoPDRO9MGT*HkOy;m&l
z&+gBOJml_EwtVF~D|Gj&6hsD31$<vfHh;}{5FCPXh!Q3Hu8wt&7t?`M%AzMtY2xO_
z__-#|2Q*(E|HIm&$;tQzcC25KXHXhiY&j9SgQTPK2vFi0z)!hvaoD~uMo6AD|5`P<
zA+Y>T`Mt+3nC2$V(9f@`;{b)V=lM#DHBbdo8V#-KK(rWD>R0?By7}z>@~`QSzbTZs
zR8sh#rAL1lg4EiH=D(Yx_j{xNI~)GL5iN%A%_Rd{T$;io)u8`G{a-rlf0!&&CGw9(
z?2}>-VfwS6!EbV-ozK<(lO*du#DBkc&*JwR`E{y}yiWHe@Kj^o6^H#YJ_h8@u0-{p
zez^b4SM?l02kc_%F{>-TzN3k+rP*}UKPOpUkd5}?=dfSpDviurAWaniM~3wKc;p=U
z!_xfq{Qr`2^Zyqo<NvjJ?0<*A?;TKGrGvpV<!(6zfM?8|bi$ARlYGNgO0cflFF=Yl
zyDlB+*n8mhQ6Ip=dlRw-=_O_Loj`m>uyfBXXPx$%hst4oD?1Ry{!>$mK7HZ}tmScT
zh)KwI`2VJcZ_N4-)eSfQU%RJ6IVzLTg;Kqz3`?inPam{w7iKcWAO1vD6ee`PjdmJ7
zBW~pk_5nR}=V%iy)rsuFaQvM68q_;Oai;Z9->8AX5gW+-|4^m}mRL+hKoUchX1TD?
z2p_t6yFSMVQn_-xD4nPtM8WpIY4GAw>5YpbG~mjgB0U?hQPMFcm6UEFK82?|{<o#_
zJK7&J1E+HMtoRW*kI6nz(7^nIe`$?S8U7ZQ#NX6l>J|7&1YD0fRyQVqM9cD!;V8K`
zSyDkL>zm41<Fpbabn)G*DCs4Ux*VYP+3@_mlBfO|fIO~6q~Ka8(;29uw^ZGn|FdO%
zJ5a*rgRmt>aK75k+7}F08R60ueH?#=0{yqTmi1ZZDbUP4Y0LV`M^3Wl81P5}zGn4i
zv`mO|5otu|?)L}zVMN(Ju;k)-srTU;tsmD3)5;cVMe;sQtzzqqh_PV05^>dDjr8*r
zv2j|H5lNx$%&$jl{;ltT*Hfro@EMu!(NIl|Xj-M_#EsevIt?7l7u5qU3{<}%OaRg$
znGxpbMHNzkD*-|^@mxUU_q+Hvve8jZjHn*AJnA5wX?54L+|T3|t)Xr_{FgXt%ooUK
z&@Mo%cGhcBy-$G2%6CKH4TOkSYihB@sLfNwC`t6c)NAJdsMj2nZ9f02Ui-bP?kem`
zCpF;9RHGfhK;&d?e34ZH0GUQb4-iu;2ZC&XTMpMt>G_WN{(j(A%dXNp0D278%cPsP
zfUM+$p1k*L4N$rP4kJhU<xh5Pbjrtt&vXO&&^0%j<<HQ*6r+5XN=I!stW&%&e=vo_
z8e94KKeND6`0nAdm7S{VoPIhh3u|kXGXHZB!9QHakM$25u9Kn(7zHhe3medj*oDk?
zzUl|o&GF;)n6NlBHUtuPrO>n_smPWxGjk^fS*b2X6&(U^s8itWF07tI{0_NvpX!)?
zOUl4eTLqk#I2Abw8+%*$esagaU6MJL6p-I?O1Yp#re;dzqS`B7H>*M3<jG0$U8ZfZ
z8R&oFKz);7lmoni=DlF;yJ{Ey-PH(P)5U8M)BqQa@Ck{`Q~NU$Qr@i*cE!$AcY2nQ
zl8^|hyPg{kKtYqg(<VV=@X$XdT`ukQ5XI#iTYz80U`+c(VCt7f@kGm+7B1?Y>N;NR
zKnYMHgpPt}_`Li&z{l1twP;AY`x*BMMjVTZs6XtCAs^$~{XNoCcd93vDf0+_u{CZV
z!^-;GX-y1mTjvZS;zO<<r3K`_YBbB~_<FvSoq5YQD}V+XXD6CdTl?$!*SHe|sDITu
zG!w5hO06l*f_iDr4SyNNw}R0`50Io+-TwXFt(~`k-=sgFrvXXep`SOy2<n6bX2+j}
z!_`UTju=ULSc0$W>%m3@sTE}9GG|%QBm@9KSnN|1u^VnQ4w~r0wLlaFKWo?&?B{cL
zVxU?q5~!k(Nk{(O0wAtm5u&SY-VxFb6vf#!>~Fx#ar~%^7U6Edg=h?X6SfvgwOayr
zP_$DKNXGe;>AyT?9xbi$rQ85t+E-fYmgM3_Q``-m)w}uwvj1NAHT1I{MM~ME^c=WA
zawy<ptT0KYS-#imCw5}(=D!=J`F2*+_xvyKZ>pTrZ8PqiqRd&#A3$m=FAMJCtVDlc
zzBmuk=vcEjfq<EgtI7+wdF<3#Fgb(t=G67E!_*u&)PsGfHHBQA7ol4l1dQ4E?^-8R
zN!{CB-wlntS2cGgvCrSqbaz_k-|a?xWDiTw(+t34FhF6)#z4QH2fUN3v!ReBT#Fh|
zB~vM!%6bXeP_p9PW)cw(p?0hpaGAguB#oL|OjQKy`{+Nd)C2K}9=)`w%hT_lE&*fn
zrO7;>&^y40Zp5F<kecTv`tL?*Xl|PPFKsS=y^|d|0=&$D4Sh;aqFC2c;M9QB{9RA~
zdO5Y5FntK?`5OTF^_%}`D7oPWAa?c{rG_v7^Y-#+UN`O&`D;qlz<8>8UB=i!$F4M3
zI(t>RB1E?Uw3^D?;8!`jZ95nSgcETsTG3g_0h9AJ)4`($c);-a{)$!B9A7^|<+`_(
zq$h*!q+kLCsN7S*yr32c@tF%!_l)fVx}VnkYv+G|?LsN4yq6bxAnmgxkerg=#pe{Q
z%|w$0QV3;(w}mU+krj3~bAAB7&rD8L*8~<`bujDhsB8dskAY*yv+wihfCALQK5Rjq
zy!$?^xo&^C1O}#ajJq0f)p)CgLK@V~QbB^DY7)3!$fr;ztZ#rX{(Ixkvs~pc{wt;P
zKh4DZ)jjLG$LVb99_EGV(P|((n~7x&eVhd~3a5nht00dfpWo{dgMGVpHj}yAWIA`(
z^8%IF?p`;S)Ful)?LWNLo@cSqPD3fAgh+j(hpkjM0iY1)0_Knv)LMWG*5aAo#Rs&2
zQq`fiO7V3*3n^~^>X2SFn8z8oH@A@857rQ`y*)ERH$?#QXHK=sPo+i%0uDrF-EO>2
z|J|pMYS;>tu%_Av7O!5}PVZF`AAl=Kcd%DNmbh98(>vlk{xNkAg;7cem&svc>X%KI
z{Kr5`<FQeLzsD%0ex<KPsO6qxUxq_|i}L4}yt18OgyjWs)7><#yqWWDVrSq-hO3q~
z@|^~G{V8HW9~!~LLFgOSi>=Vx!-U{e0c@JY0K4yntihxK80=D@V;@zlIiR?}U3nEz
z3>ff?yn#7&3)3MU4<pDcLDfB$oF&&IF2t$ysO;>{&Sx&+(*C;YRozWpu4zdB32Hsv
zBra+y1HO+;Tr9NjU~kZ)FIIWYIXVJ_M#?|septBV|NVMff&gf{Lo0C<Zlv~v#kHUc
zPqY`kB?c2t6qj%DYm>F7nl@CLx(hR>8*@@`hIHjW2VmG3J1;w^)O)ZN(8An#agwU1
zkZ2e?mc_XRq_C-g((_l~FR$*_`9CW)!|x<7tVN|iHf<(VT6y(T^d1QZ<x|noBUSPF
z^bO~KfA{p;_tnY)Ih|xdc|?|H8h&LW9S|wS$@L(6F|-&?0&egrVzAnFIaTsyW%L^@
z?z<9oKksdA_MQU7TCQ>RO!nU7^afmW@4?>KxW8H&24ZgOLA?{pbjnN`4&EB5N!Lt2
zeBm;&Be{Vc4)!ObFnu4iC56V+0>)ZMyIOn@0Q8ABdpuQ8>&pN)4~mftr8HcA*fdrZ
z3Y?H<dxvub7fjDcHf_f%QW|}*p>m5GRW75eN=g=GX%iDfz(6P4xgS*x*cy{*@Bap{
zjY-{%%fm@6)dr(3XgCy9aao_ZodDlqBgl2A0)Bk5xoyJMOW!p-mj^}x`lk}KK{F`O
zQ4<aROWa^gx6cE~^;kD*T4*T9+-Vc*F3OM#17R=JoI{?Mke%|*B?ya!(}Q0B=q#u6
z*)jujDF$YpRH;i?cI;!#LyX@Dg393;p>Z&&(k?)um2)EFk10#mh<ml*lTtU<8jkip
zSjmJH+UpEL)c7U`2-E2f49CyD_AYZHH<dMxG;Zv#>~L!@6l90X0H8IaZaZG*2k~~a
zT6$I1_rVbpGO(6Jb9nNeTdP}Gdo-8<Yu@h(&o2x`2bEBQ%LY5HBq)N*GD!2!K(+1&
zNS+{I`=pBOd>nMD-yM+YfL)0k7PQn455Bxp1(xXb+v%YEQLJ1@0enBjK(pX9Tj<`G
zOBS_K;O5X|<hj4|&3+JELcK}izeY*`usx>U<b7Z$$L>Ph%uxJ4;1gE%!M-?8G7-S~
z8%4U=<k%&EIe^j6Bs93+Kr@*Bb5_`nt)jpoXC9FCc@7}cPzX?Uyxs$5yHVyh$Bi{V
zo7(~}S1{h4wPafa@1@8%WlT>W10CJIG>BNUhwI-qZI<{*%#I{f+P+KeEaxr@QPFGw
zFh=iF8P99x{aVqygvIb8PT64J`!ZML&s@4~2Uz^>!Clqnb1>|w(uSSE>i}FnRJM|B
zRKn)fw3n|~aFtQ^Zo9E#(23m%%2VERfFDM-yrO7!@v+LhI&s@LL}f8d>5N&aO{R=p
z_RX@c<XEUc^)W90hCR7zwI9`aV3;ZQnZK)CW*AQN$PD`ac;P~vxavfpz{j6gy3aS=
zBmUj3dh_LaoKZg|(OeMaF`}63Bk;V30(@OxW}*sG$)x=>Fcrx*$6Y6yt^iq2uAQ#y
z3;XP%3tH1|gvX=64eOf|x~`h}Y*@a?_Z(|f^^WZIZrQa)1XLBOwo`8r4aOniGk<iE
zOnQ;UAhqgZpxF;<)%{CLs-suRc(7yu1riRfbwac)2(1m6o&pOxy{#o7fi{i3HQ?$3
zL~)!dvi{)`C%=Oc0IsP;KWrRCKrhXMRZKa={jCv=*H?A&8^c3W1^j8Qxr3SMwarVl
zekQM`bVZ~HpwXDR0^>W)dQ0#<{v7Z;ufsJ<yF~8>V8Uuxb_KS^j1AJL?sRRHt1g(G
z`b{QTNj**%p1)t6OMMuIpo^}?utx0r>K^#CKWaS1A+G=qK4PQ`h%S=6!{;s}&+0^O
zf?F$J1!oiD;ky1&O6_3%s!wmff{<#p9C`lTRd*Uyu1N)^sTL)Nn^J;`nHQAI+q-E5
zH20kJC}h$|7BO{bPdfbI{n6ecW6(Sufm<H<SZV(aDt0;E15o-F9{D3#WlwUA6g8Y<
zJQ{a-^9IVqH{S%c{rV~w!{E)(&5f>&nNm7ysxpv|2-rZ9Hp=11ioBx`TQ2UYR%+JN
zz-&wxU!20A1Qu1JAgLFMq&n87?oY1#vJVyOWLOwe2@<_&wTObX1Z|bp^lt|^rGOGG
z9q4E1VM&LNnD$P<>aw4^E|nB{KzZOVK^&$>zHShrtRQLY>-*V$G7-zCd$$h^{*G()
zTLX{IHIl2F$enVdE5#-KNtR@2NC2JC^`Hgl0jE$z=OOw-DKrd*?`f~i-8jK+bkgvM
zqv6E$Id58po_8_l@6kj?NStLKyHEckQfunfiD!k<&&{Kdrc%$>2L+_*jviuqmMin=
zGG$NA*kH?7&o2P4JBZi{+A1~=Fg2gpGhwlA!ECA6GO0nT$E#YhghO<0t`ermr1hu9
z@xbnW9=g|?jU|GKb3_He`_`CeCof>-v}V)F?v8&%&d)@%R%`Rz{M&o(dM|03P*%R6
zx#fZ)0(!st+qvH40=?p)X6S6kss53?7P*p%Mwcv$jjE+dNZq9-W3#{2S?JKSopCiQ
zcRqQ);RyikD|fTz-FTAw7eG7()NcCh5AuQQ*Zs*t$(Qt$D8Vq7ech{pAr*;O=>fk~
ziVqSF?B;sxJ}y^?*yfUqWS&CfhNZ{-3UF?U^}K%lKP~d{!rtWcg)HVynbBsIT%V;(
zE+~)JM;rU_jh}3za|y;#2EA|Z`1bFj)fUqX+uuO3*$?JZcX;2;Evl?czYDqXR`6A{
z;w|HnbE2}bI~z~9gs37jM&p-3Bq&8eMC8Z87BQ8>tl4=Y&rgChC$ojlJ?}H5sUiWc
z#=U3?l3M-HL@;R4mfDhB>o^ts-ET$c!*4*>qq+J{>ZLOn{}?75*e!>E>2hzia&R>S
z@&LQ<jvL8)5thh;Yfdlh{^;SYDNX+X1^4p8aBy&>CyLpA!sUe!c;_eGy3$~wb7KBh
zr3`?Hou?gXi-_0f=xEu;v^X)a^17$Vx!iku_H+c7s-y0@OC6;qJZx340*(#$n3v=W
zE=&zWdCdRNk<jMWDqY~h>^|X?53Oa{>G1;NH-lbgC2?DNw$tFoYP##D&8_N}IucD|
zu`euc1<uVSukPv0wKFrO<>uygknt-ROopEsZf5i$6lGX<h86%#FbCqktCU%@1oo|4
zlO{@S8#J+`Pk7)!v>KKuoaWX3Xr-^*mQt^Gu)A#D;`;Z?Mp2PZjUFpzmFSh~^B7aD
zR6;c3oNpi1&p9+L)4ex&#|cr4p|_vwzVKEM?G958v+W(mUk=@UW*0m4%wjM{GrBJ?
znXDtFRR_u+0YA%l{roVa6HQ^rCO6Ouj@c4mYH#85<;!t17k|2|86+?`<&VNrPxP}j
zp8BW4-2y!5tGt2hksm%p9i6bYHS?@zw4XZ|%<O#C`}SDX0N{m=AD~)ZRlvXr-TQ;D
z4&|(VYex5_gqNg-uas)H3Da}q>O-<v?mLt?yf`EOZ0^8*%dzspk?FFK1s-B?j#swY
z!o{c#*LX`!8^~KM8~rs%N4kQSCq`@?c;iPnWve-*mlb5Doo$wNwi{7V?j3KCyl%TM
zZdqMHD?^_d##Fr|tJQTq>|NKp$-!`q7A@pvLq;h7_rH38o*`>d2u;<@u+jQy(bjuG
z#p?W?sFRlrV$N+E)n|+doSZo&aJtF^C4aW$93p2YI^R|C-9k-EqOTf={YjD=+`;nY
z>smQu%EBJEzK<FYKLLN&?U!o)X}^A@%;0bdq)NEK#=2F}5}5>BCuexKADvI<QD(58
z^HtqhMUKk3jbBQ+<!7`qtQLSB7e6aT`2G~tKb=wv-PP91mC#l4Uq1bkXQ*1wa&*|T
zX6-S~GjO7L0$yS!5z1lZeRs9&cIZv=E@;@dH<HFJ+fLgv9Orf(P^TO)5o*m!k56HK
zDzpR*SUueMQVlsJ;1C7`eQiS2bMeQZb;z#JY}s$ZHhHY8hVHRz?m<}tPTrO{IT2Na
zH1ck-?>a;)O}_`)b*_iniyw$}`7PSj6Ba!u5BHmjU9K*2Zyr=9_PI~i4(q?wcj$cp
zpI7iw8?x50TA~YKl4`hk2xFwhV=CYDQ1h!db{__9vObUeD=|KvZEFxpmOU#rQSX;N
zV_k9e3T-=yQiBOKvN-n=@$nUo@3O&zuqrq6RnIf8i88QpCH)<XAB8U8NiHF)<!>}`
zoqB2CEQodSuB!E9(uZt!cVv8Me>i+KJP0US58E?xo7{Fjeq1jAvWcjF%$CC~&>Y(D
z)~?Pa*<3qvDQL6X?qef_9UjOA$Ak?i7F<!_u&g<gPQ+0Re3pQFk@S15WOT^{s^bzE
zhC=_8lg=l|J2fq-TwaZB9|`;J=C8en2YIFJyI#FG=In5lbWg0P)ku7_6jhB>>$whh
zV!udmTPm|8#3IXmoN`0x5J%LoRUoP=ZM$12`yxD+=I0Ag0tg{yycX5=e%hmMURS%k
z(eaiIUHHsG%rIHfNZgw{Y<qZq2SxdOurl<{VeZ|%_Ah+o^?c3{EM)$b!t{}Ra3;r~
zf6AZ68c>e`E4a_qE&*DkTas4WvH)FNVCuhN{-pl2;U^4oy@mzU!3R)BP|W%tjE&Y$
zrjdCj13t|H_3gozMi5)<IGVp{@wqG8JF3)SMb0b9Due<CSoszb7T1@iKzaQzFmU6Z
z59l5<U~cRz6*OE(KQQ+;JbE;?TGn&jgjU{mWBgu7<EYD2p%Ic0PbjUeJ-Gb1=*!{k
z<^tTrll5jBf22e8;9lX@%o8Av6tW1^aIBNqg7+I7kI!_NxMRY6()F(n+`ae3w@S52
zg?34Ee8Jz|l{aV~$>u_%c9IgnsSPcMwjj5_^5nK60ezKKb&UH#$H|>0=WJ^QQRJ<f
zbMLj{^j#x=f`zdxtcBdtcDur{KRunxvvyd8(#|{|%SQojZQrx`1g?^Pv`|o?XX+QI
zhtV9KbtH#!TUzSZLoNeUmO1i`K$<m=bjmu~*+cxE?Tz-!cNxuZODHz>?lm}U$b8tV
z(Z;611VXY-rpYu|%Q#|10wdSfd>SOCHKQ3vcnixvAccQM_~JYDkO~I4!p>DC*!9Ck
zSR|%-AN3&|n6A2cH84M$edHB-K_q2ove?uSApUK)<sbyy#LvVDn~>5gbdl9qD476_
zDu1|dQ`-=+{E6~{#GZE4YgDj~7^U8bPug4mJVoy%w(_FFqckooLyKqDDtT`*-ww`K
z7!F$Bt4(bM52?H=LHflKQE<mJSMg#tK*&}DG#v6B>|!QW!#!`H`9er7Q!-Pb%ZqGF
z(56gIs8L+^DsEEDR)=RT9f7`~Ev1}LPW4d)7!9s1;kj=dc65Q;hk)Md%M3tg`i28;
zq2taPn(HMvcw=6_4yd!te?Fl3B160L>5Ng>%>@vvWF=)6u@pR6^yYIbv*ahuE%!pR
zQdg2PQ+%lfUYR%zTcRLf;r*ecZ}!*_L^~9;5LZJK^Lj<JOHWm~pvE&E_7t_<4#Fa}
z70~y?2`G$U)I1Xn4ooeL>)=Gk2xWa59jS97t88_0!BDs&7}-|B+Vza24R@%;T4QsV
zJq3f^osE@6*9Wk6_P8O)>q*^?bsSU1{Xc=_Svn(MV5?`%&IYiBs?@Yyc)XCUz|3(;
ziVrvG&=r82_E<1yvDVsJ38`~#`%4#+7zP8JW{=Xgg2Qa;$g3dpsJkWwSZOF55iK;W
z@v6<M$t`kX=4Dl*4@<S*c51ijz%Ok8;A?#Ee#GUjTBV*)4_8!v>C$fhA#|j$A!(Km
zbN3K_lGXY`T!J+;Tyc=TCMy6#DrsU|4j#eht@IgjDlJU;*w-8xs$QMSKo=N*x*=A1
zen1+?gBUH>;OdhwWTlf3+%pHa*pNFey`O;=5(#qt@|+#4Uis1p6mmerF%MWXW&JZN
za?N;TxY{;oE^%klcMQ=J&3bT2q;6(di?@8@Lz$jO$)Z=3h4zNS=oJ9QX;^Fh<Gaca
z6ZwWsTY!1;fE0(Z6w}x4#2xHTlkF(=GYt-x$_)ZVKP#~ruvXYzyT#6`yYH@l$ge`Y
zYJGHcRu48BGWp^08oEBMIc!i?L9cN*^pl6Bl)0<Y8A>=Fu@h22IH<0}0y{w5^r8L`
zXoHi%=oSidyi-Ow*TvWeVM=jKQ&1mruiXjh++LdRlMP0C9PHEt1J{PX(*qQ^kL-uf
zg2MCNRY`-xhuITC7T+=Ifl2{|+g4lA-5Sj%UwqU0Zm+Cv$AZ|j?EOPqNPu35UAJ-7
zRsxQC*em|l<Ag=b5fHk4Bh4V}g)QXaBeYgO>V1ep`h6Ln`D2wK1fe#oIz)v-$u*gn
z#k2hx(&((wo{QyU3ICkV5j<5sFN7uR`>pgn`~G<~eDPe}Le`#k%+0!7{6TMCa+;^L
zLFL5TGD)cFp?y{<p~TF$wWs+h6Hp!tf0pnIDfiq1#3=p<)9NWVXqBx6Y!vQ>tU7t&
zZPbcuJai^Uv+Z_WvTbnpY4)%QiK{473ue!e+!*9Q!1ckm{8X(Vo5dgOKmLru9Ly`k
zoDmu`jVjZ&PM<VOykK3a05}!6&jWXy@cOQa^kAq{`zPFohF{B~+WF1ti#`Ww<X7h)
zH;eyT6;^Cz%~uAF+VTPDuz<&oOJY~`%0OVpg|j7vy&?rE-EY0h+j`xFzXeR7x7^QP
zvr^(swtet8HE>if|G}(a+n6&G6K3->UmCL{_igb~+OHxG#OW3&#qJW^XHa>t?_fCY
z{Gh2G)x@D+AlWAE^zKL2AH1_xNqhA<gNh3&Ad0X+#dcY3hEZYa#LKxSZ1MW4_$s@P
zxxlj|)vYU5ykX}Yqw$Zu$%$si`RNV&(Wa1P;<NV=lx<E~k05-JX++E^FPRIlo5!ck
zzuajGNpFjmWa{kcZy-vb#C5qRk9!OTv=Gs*4PDfUK<-a$0g%Od1gw4&IV;9tI!f6+
z6>H!+X?;4!JmS*xw40Q@Qxu12SJjZLEE7wM$T~nAo;X<4s&wZU%LIL&6dYxS!H3Wo
zRILc5Z;=DYaJS=RX-yh&jTmEX<KVmcZCIso_sv(2gZ+sX&uHIdn}<bc1}*rbr^o8P
zeGJ@p@tJ*f%423kfPT?*HjVr<K5t$b!)aBj=U*bY{~=u{nJ1es1waI9DHd;{9xY^J
z1`i05Ssy?3=Z5iI_RdLF@M>PdKsBTwHB~H!7>`%17&0GEWfNI`UfXs1q3QezT_OsI
z3DfDB&rt6^gVh&1S4TO-_wPJTl3;2vaXwyrMWa4w>wW)6WMyAzjlRLyzPX}NkWu`X
z(ov_B{5ygNmnYYV;hU!_?Y^H6u_h9ZHBHEc`Gd(uz~aWy(XbinDyxf+Qdf7dDYoi2
zySNKl)_ZVh`%$68#-qkpJ`eRu)@ZZG0;wZK9qLL&G*GH-4$0Pz05{&fwi#*T=l=Ig
zZkL*?s98)lI4jEyQB49NJt!^F*|eJ@B@FoFpA2}P@mvQnB7pqBg9TY#`lZ^eCQ8}U
z&~5;6{)7Boxh!QGjViF5My|<a;Lfn8rhBH{r;LL)=iDt`u4Md&F#<|FiwZxt@;ksh
zNy<!L5BJM(H=_6txJ?6kU_@Mt*V@5G8~}dZ`nnqY1uV4ofHJEO7@9bj0T`ZIeEX*f
zAI%9NthG^1(hL=Se>-$(BrTrHc^J4xlk-<Fu8GiBTRxEn7AA*51|J{62e(_kH1zJO
z6u1LvSlF%qbbvHe1Ax8#8!DqEBIA$Q7}yVOpyTKRNP-?rc0h`%*3UmTTKnMCXpym#
z?7g2iwzh=Gy_as+zP<?lkml#He?ITEKs`etH#iv7#|hSdw?cgyarn>GPJKr6^};{J
z<gaHmueJUlL%*K$$Ng8{3-5pI8hAZI<-hV?g8nQ0Wb?=$e%7zg`gxL#*0mdu^qd%M
z0wX~!s3#>bxjEO{2MhxH0El;5S9(5cZ%a(~#Z^qh9GI8~vsBv>#;R;Qva5}&Bub4(
zd1_e6a=-VJ`cnhjvvMuMTZ#)YC~)llO>Y`7oxbAg?|&;eY5woK__G1)OjXYFAaHB_
z#~0v16?ZKE=k!b)M=HC4x;+T_=Fly=k?q3Uzp^@2H|mZd-<4wcP_z4;vH$CL^E5w@
z4y&s;Gi%+@_fuQpdibx7!>`Zghk(O4R^P=JGR8n&sb9#ZysBFnP}bGf*8X*FfA2tH
z$c@9ovuTw$Q1kfTKxAr+g}TzIPX#pZ&zRdDc&f2HAkN2KD272jp0=p56s0Y&dfASV
zUBTEtxnQ!*6L9Pr%5UTK`AUc0GqR4`!VT`F3uVeU-MUL*LZiX2G0k{v*1VW_^SvZ-
z%X7Na4$bd}Av=p2NP}Dzli+iG{^WEj#EaZ^{C(HUa#|1d*K6~@*xT}6bI4lLpl-U-
zmyedoQ@(pXgQQ8Iueu<O>EW=INmuZY2c^%E`LE*i!^slX_a<h?75ygV8a%$!Q1bQC
z`*t^G`wETTpW514nZUf{3h{UxRGB9My4DqA+&+EMj&1GN{gFV6An$}<^N1S;K0Hy1
zy)F&rFdL7!Fh75vh<a?Vty+gw=tdrOUGogV5;1QSK<D|)@~SO-4;|3?s;RRPxW}{!
zG45_T57j#FSq#p`sofiICROhdq~FJnuhd`mK7{7{^OZsA4q3cLgLr9M<@}E25s@_I
z)<}t<orjy2tk$N(z@+u<BCS@~PlIe}*|W+Ty_?Ae{54T%reJfe{s3`X+5q*G=>`H4
z_~X9spM-lc8uygi)(q&Tcw65B2)_^(^}Ha9DgUP#;JND-=x3hl8a2At3Xp)bw+3r$
zx|&xJ`5u;AnH6q=#vHUveZaZSp#NoRWnVO_`n{*~U^TKdn(ufpts`ch7PN(fV^Se2
z@}Ng5*0+Xkh*o?_3fD%$*OE&74qW$SxW>FjKE%|Ki3%z2%&lDX*G9e^EJR)Rw;EOO
zm~x)1QJ2_g;+v8h_I#iJXZWC@fxpuPX|+d*HJISujOh|{sl2H+Mm~49?S|H-bXcMD
zGg99|)KqGfC%TiNDPV1iQ@6-wa$wxUBK;Lki17lvbkfl_5b7gtdj1jHArP-}=5R#i
zz;b5w3mW=m_P&<=WgN1Db|Lr0^VOBk(~$v$rgzD<cVnF=$Mi>62xWES-2UJ0`di6)
z%;ew>+jj!bijgWW%(T16G@EWrzK7y$pKP?W{bbTBzVL6~9nI4^eslMzXD>$yoVW<U
z8o!8l!m-Nc8?eqRN!iM`lh)mM5PH^}wRpTzQ^6j-a*!dLJLhMFw@kEgW(-p?9yZso
zM$3k#yLQn$=k6`+zOVIR;ZNa<cb`sbG#JnxoH9_7c4$>Y5ORfG>^487yKj+Q$+l>k
zj(3xkWls%Ex>UG361c(qLPvgIMjHKYLoqbDlZ(p})A(c@E32eUhO?*b7VydIYaaXw
zMkfz`8~7@^V$3Pr&j>?4B-z;7m#r}PF?2(qq1hBhn)dg4&EhBEJ!YguZ(o-;TQEr}
z3!zCqal$i`h9w<yy|pY({doTPF+aW>{$`8ghNmdMcIkcvb->9`tO3!hLP%T@G15ME
z&vjko-;3LD>zwcT2<Fw2PN>q-yfI5K!Z+Y_0(7m;76my)1IBsChW0g0lU52C*yxQ*
zlJ|GaUz5o6%xp2tMefs8$ZE3_`4Wdm;Aad?zppVSoER##ta*ug@ubV|<ofpWg4L4I
zDi`Cer8NUFU)mgt1L*#2cAs?VtpI5wD=Vw-A+92Jgf;X|n6`Gz9m0Tx?Dlgpy@G+%
zhJEj;`p;<gU%UC*3vdJ+#c~&s<`Rp0Lts!}eJI=QINdV>`j9P_y~~EiD@B7Q-Oug8
zsW<dvQ99X*xMf@Kt9{>l%1As2krV(&hPh2NXO4M9=$tuH!+Qdcwi@#1@Di5?HnKOF
zez>Ji1MJXlHNtOYT6?TBU_0BDe(`f};d3x8(&LVMqYr%ypJi!i9u2`WsnH(ywm$sP
zwnd`ICESm82&|j>Nd(H6{1+Tmcq4d>8x$sO3HO<Xz`71yEtAvQ1gfssaU@XRR?cNp
zj^v-+0!uXz_Mp+tz~@eEO*l+=A?PsiVjLTwlY@Qti`J9l>4V;LU~&ceoW1tJV`C88
zFs561lW{#mYHk?6V}^=M5A&7z%I35vXIHrE*Z4_)6?4~@T~O3IQFaGRo=-}^9V@(8
zs<w<sCbt7?@S?fxL%k#r;4$81kYdLhyr`)RGFWwzE|njpkJX_u6c5wF3<s1%?`YD7
z!mrHm+AON?*661vCFIPc%lqBDXG2=d0G7gGPzPjORPn=ZcGtW7pugy!Z`(rN2`t1%
z#sU~Jo2J`}gZ6G1G0UsKAoJl1Y@BVh6@|p*E~TD$_p??SxNC;xNif`0ILaMG-+K2c
z&zZiveb+hIk&`6Px)3!=<CO`ToAQP;w!PH(ZdFb|{Gj-wZUYYP1?B!-X!uP5wX4Tw
zXytsrM-)`lsKrA-bgxN52hNvx(v$NfL~GEh9c@_*{{p6`v`UNprNX&h>SUaa%OMxW
zO{~^#%)YI62L+PG+|RJ{5mDbcSVf9oOJnJ%VhFf;?&%u@btqu3yrn~=8T69|Q`A(Y
z<1E-xWSz=9#9N2s-Yv;GPPVqB8>rXf(aSQyeP_8s1BgX@5ej-~_xD-Pp6GiJk>8&h
z@|06y$3oeQx+-0IP|yDCYRu91f4|b_9`t_FU_l#*g-^IE(AK$z(cqKmw$J4XFT&Ia
zpY`w!OP)9IB&q&|W?AA6<x_7Hc1JNrkc9XVk>3!+5a#qrPiknNTY$?sO)a3Cai6S8
zAYa^Qk{wWyEf1yMDSmG)u*SLjum8HbilbPKB`~^1i~23rnbbczLw%XWxNSOKHLoqi
z*usKr20OQd!(^Y`!J?cjs@xsayJ&lA%?z#EpaRVNs_@*LGe_6z2x>B4sdN9BC93*N
zI<?8z-rn9}XlQ81_yBgpj3Z0AkiF^XY!@ntGFEIm<`qn^RG%7|1^|u+?=EuCy(Xl&
zXfz)=Ig<M!it1G`&d6hWd_5V~b5tk!lDH-AWd-J|@u^-e>3bhak8;_xw1jSCU;mmi
z{C>5h*5O7mX}w0Pe~egq77*x|2gQoLr5t+3u2r;z6Nsn_-$@1nt|6a^Yl~-#E1vu+
zTVd|RgPX^{WBaR0zYl&%<e+2_iEo#-K(f5w)>)h6*=*YyZY<2A@|e28gE_s@>-Agn
zJ7NR=9jb&MJ*CP6o|qS)q8TqmUF7LCS?FJY+M>1h7t}%}4uU@S_UHFqPn1^h3Z!(1
zD_b?U&q*T6U!=jX<sM=mg%S%l=lD>%MBat8SCx`R1o++-PI^#<sCx_P^CRO_ONN-D
z4r-}d&p~zh+)+t|<usOTd-#VopBrGjvNgpcuSTz(<L5|tP};Y0oJZ-f@$2W|a)s>l
zi250I4E4-KOs@BcNutb2u>ok5$dS2GFEfyl6p=!wS7JkK@_5n&#+vFnSNb2P&sy#M
z(DAQl?h$bgz^6#dgG6*s^L3p_F?v)e)2hf(jW!L1Y`VKOXnE9>-$ds8a2KzEuK8<y
z+E1UJ@`kp0HdrRRZ5XzxYs2}NI+qmcEjEll_3KTLL-VdP6Vbv<J1#s*o|6(`PN4G`
z!=Eu;@)O#!w{Jq^%f|-&h{;ApWKz)U%?(&HegqGc#l9!D;r&*Q+At|>bZB8!t&MxG
z%>Zf%$zD8IBIZWqT3DN`BgL<xe%{}26cqke<SB95Dz-#sK`oOb3#wMcUB8vIl%c#&
z&b`ijYT*j1B52f+D{#Cz|E*r?XsyMl$qcf;1jqC6>tAi$-M-;)cWd=<S-eGoEqS{>
z7{AO^de2pjzKY~=N_{aawue-=u&pg>YcVmb+517XAb4QD8XR}MNk@-{jygwK?286i
zjIGU?1Z;Zt*_rzxd_!Tna|(?fcOR79;i+6#Y+kEh!8%cIqmwZ-(o5>)-}%tzCZN-%
zFZhiaBwr4HK0><8bJ^MOca0vA_P#Z#p3cxtuVt3qTU7MiJt(Zc^^U1ZMPRuLIv<X0
zA2b@Wj_fFuIC8LX)U#O#y1^_9T4^1=ewKy&;g|1dj(tgOk)S8D(->dT+~xc`g_+-t
zVm+g`(zsgDyGnF-3A2EW<Af+~EvGX~H003I<MLCXTR%VG{>C;8Bt~_7pB!rfE-=z-
z16OPF*Mor7;scMT)m<1fJ#+J?%Q|5owZcEG<X{+7rv6q{>gO(wE+F*U1}%GIOXKgD
zES)d2$|lCClRNy4W@@+2)Sy_xD4kqFf*!r4qXj4rtCsMl%rgS%G7AHBbR*=wVM6m>
zzZZi&<8Ie@OJ|jSqNYc-m{%|Y{t@d3A2Rkx2hm$^W5(5?(~Tb{DY<?{9~%fv84cJI
ziC=21uXmt1tPR-wViW9UO8UYy2<70wuR%&e9>>Bk=#sJ!s3kb;=h)b2@7==e^jP_k
z$Zp<u3L*GIu;yExWwFWR&-%tzzweXWoLo99*C$g(y)<=;_STWgh!0qh=W+h_{9<Yp
z-|bWMLt~Ig1Nc3}NCaj%Cn@g?gGq=ox5+Du<mM6w_vuEF6gF%jkZTip6738*jc6}-
z@!&uK`E8=Mow&xP2uLJJrw_LClv(wQ$9X=BUn{H&fltjuy}X;MHV8@NL-_j-=8c_;
zj4EGpHPY(F*Rf`^223Y>Iw^FLe>wEY;PnLe9;;#>-s=uG`Zu%$-a2PamU+{tgz{;_
zJuH%X90f&<nY@XF;>%T`9)wPU0)z3b7nPE0!4JEQ)dFHeK|rJs8ou1o<mkuBf^h>w
z^EnynQTc>{h|DoSU|NRCvJMhHjnrd70~Z%v&zni2d-K3evY^6eL7%JExHnS5aD~D2
z(h*}r9a?0uA-__hZlngbCMu-3sl>xX=UHOjY`$GnRErU<Do5ZzLI!{Fo-zQy*}C*m
z3&OPp{I>Ou>+Bk)-fE-e!z!-+=u)k#V3rev_?6k^N2QhBd*-T4lnKjn6Rjz`<J;5&
zmNpeI<kz{n<if2tYuu0X(iKE$|E>`6Ni(0Qq5GLiH&Fista<KXh>)2trN$1|9KIxS
zv54x38k0kds>P3^OMXmWFj<@Of7I(O`hf5SJ@Mn~e8%pGb&39z+c^AL&Ld8=R(mN`
zV<so}Z|`cswfb-R=F=w-+rIs;yXN-4A7_PRa`OqDSYaa|1R|N4%mbv9*)#d@E9#!B
z@M?%=z*LpT-Bh5ePkCx-dBm6ogAd^49fQ>irxZ=@EVEjdUJ{;xd5l$e?y0b6rt8Az
z(ji`1{(L4$W4iSNmL@GLsbhIQ+4`nYOLvi%bTk)C#8nql9{0ZFI&eHF5jFl1rITjF
zL01+BO>{}b*8W)2$*>Fad*RbB+CBIE%ZpPnGB=OZ0$joc1_5Jz=->ZP&c24g8aFFS
zk;|?o#AxQ9_49dR7t$?ob!>16^Js<i*32kpiHO3Sd-)pvDN%_`6~*%2CavNF@=FI_
z-^ZzD$=p3ZAno6_<%>SiakPVYFq6CU8K1g#e_zFNa)$?1!)RYrguhAuFgdAI0p&Aq
zf}dKrVzR=nq@bi##AX4`QR+OtD6~Ht8mC&e%r*uy;tfztoqsXv4$Y7$9_Jrx?<O&y
z`6iR{s+JhPmNrVLdZjPFaM2QJQwf^+dpBe5+}sQX%Lqm)<R*9N-;<L+^CpcUZkg5c
z^fhAwjjJ?2_Ypnz&|4Zhk>XwA??p9{?$`aCX7+_yCj<w<TTU2+`8_3wC3@SfZ`(B8
zsxCfJ0QINW`V7hO<Mz|fxZL#(&)Mv|6rVsWY3_k%OYHGW)U29B4(Mhpr;hU>9$yy)
zQCJnd#Wy!Ks~6NJa?2VnTdUkRo*(Jwasb9;JKTkjnbbM?*B+j(ja@ELv&uK_Hu>A6
z*<|2!AOXfX5%zb2d)XbW-f=%pKiGqXujUA%hG=4wBV0lt=!<qU_-bE)lo$L1PF&-B
zls%LGzNTz8bK!oZAU!-c>OIp<?b`7=%g(7fpZF+8*N06q{WVUx5h!X^UcQO%OHo5J
zNRuq^M#OhB^M}-lcclFJ@8p8A+ND9tyKT+et{<V#I+5#-k_&HtR0U6Bzl=ZhY?7C!
z%R6VI2P}l#cFzJ6f>ZKei?@_r$DBi&N%rr9vUm3eu_ZeO#3Jlw`sWF!Wl0Qup5MU1
zptT}(CYk^>kx5l}=KJ;i>nrA12kg~)hs&OK_G6(_qeZKAFbSnD^4{1^5qFVFkyRdu
zQPffJ+U0&0OM0cCUlqAxS)iwr5Cbay$?;R|y~7Ji0iJxmm;5q!F$ky0!3(jMr(z4<
z7Qb}PlvJTKqSXXwcNeTzhWFdM8H>u0mx;OfYt{y7U?OPH>(bAR5}7Lw=DQ&PhWm$D
zn0Yr-Jz;4Yq`nQE_(Rg(OiLR&!_gY|Bg!GX-<%$PI`o$MXgJ@p#Ek;A?+`To9>iJ?
zRk9OCEw%^c3cK;sO@q~2KjYJy&eZUF#N|IGiWtE8iXph>60E7+Fdm-yocWk2O%ZO7
z<h9bEB;l!g?(_+hw|kRMe5?AI`0MS9u|^u!qoGXai$#2ahqN;8qu${GbdX`c8=-EV
z1lU$=Th5jRV0CmmJ6-GO(eRuRiWM<0e2)~?y&WVvX`3lVA)Yhowd~R%o=EO7yKE;8
zjGYaKOhkRwN?r^^$NNt0jXf|?d|s)FOsF&2dSW@~ZF1Z*6I=-KgQ^8_O`ay<j{Rww
zzN#)m3pZ;Y%;~_4^L63yC4B1qFd6VcCu(4sLT?LYa{YMO-C;Y|372Yk%&pYMrsQ1W
zS=NYE;zkqhQ(;DT8W*OCY?z6h3VEjiD`0s4<qTJaq7ZWEp{#XfcKE)_W4tS>vW}V-
zu&Mn&TNosegnwPzIqy)_@NaUiV_#37IV1QaDvD0|S;%#nEajh1TpNqKH)}PWXud)O
zGIh_YPoHK1YpPJN6pxrH{LjcZO~-s1+F)XY34Ed}$G-q>1k)HkW`*2gRC3YP-`1LD
zXjKiY&(PQZ83X}}Lx<S4t+mt4#e}geKee@fJ0t);K?7~}sph^x5M!9bV#zO!aYSG7
zq=D_#FFuUFcKJuqf7v+r-Ty<#`GcKTch<;ElZd!Dw8Wf+NWd8!13gJuaf|AT?1d4)
z96ZwqP%@S_z;~FN0qRiv1ZW%Ng9cOnr%zJSr%#{$ra2`RkLdhohnC+LtA!Neul?FP
znq@9FTG6Kqzw%RPI*buctp9-gzhBn)e~X9z{+M4s|9gS>{|`58(nAIHL4RKgbU$pQ
z^7gUF%C4!0z4v_v5BAzl|Hqa!ZrcC=#O`BjIo(&I(;a3~AyoV7gvtM-y)O@kdi~!Y
zvZYX@PFYV$(LrGlF&w0_Z_TN()G3v*@5IblI>}MAP}WEq`^e5%1}!StVhjdj-x(3Z
zjN$u?rSrKy-|hNczw7$_^?Ux9Yi8d2^WL7<ec!M9^_`W(0-T<SbYBSH=l=%M7kdlF
zN<}C}c-<e&(?I%oYexxb89XD0UeQtVT#3Ear$Obg<X`b8$twkXGk%it4?=z+?|-^(
zNQaR7Q~jL^;uRgT&#nxFg=KMP>IZw=$cMJy{;CX62tI6Q6~0i+C;6&x+*z;tj@Fm?
z8y-nW80n+1dciO3g4zHG4sQaiUE;9>6+SH)Q;u>bptUDP;c+I(8r+s%26Aj`BPVDH
zPPoHPJ;g2}M#j|Dam<a*>Y`2?uUWPBbWj$Gm2-3?&BcKL1?s+=ynFTt>FVf&h`p~q
zdd2qcoZ0-RZ>;MXwC^!?R}NI=psi8MtWqL4jgX<CKS8l7QoBisZniv^P0>1_8m3?r
zbFYo{+eg;qA;mS3;RoUYE5#B%b+^2m{<g42&6qj{LuwhfFFR_W;!6$Ja6-kuH4T@_
zRoT!2ItC;JQ1Hfim_R=K=s2QUedWOF2!b-_So3Y@)U9qs@%n%IwnF=;_C4c7m3W{=
zhz|gH`z-o_1(6nk$PgjYC(wE-7&UhmWz_cgs76X6ZDP!T+#)Omu)v7qF|8DJmxOo~
zpTGGEBax-Bikn$yfhG0V(7z&Q&H+Bb1Q;kn7~cw8`V_aK$It8uZiAtmzE@mr6>reJ
z8B^_5JzN;OJVXQ!y0t%GqK?~$e1qJxy5_Rz2m|@7xp!x2SU?P5Ei;<2e$=AbbL!&o
z=)*SvP`;YhIXxyMXRzo<I21EW$xlIbni#CFEW8i^expHI0mF|}{{(J00UgP~B0!DI
zZ)ss67?hBJT&$!52INryNW2L%<)0sKOZ8}5D0$f+fqI{dVz?|)Z=64#NAmF);KH+#
zkhYq(3n*q%&k_pE4<7ppOnMy~ma?yHupEe-<|0Fhi{nj2At(Ss-|4rzo%F;%zqSGq
zb@F6?)oL3M43&k+WXZG*RE(otz&lCP5%JM9?s2hP0`*n6c(LuC71VMx;3&C<QCVZw
zFF1M*9TzH>;xuR~p-q!uzeF04^HQrzi7t#|k%tli1wfwlECz+~&L@DR56vfCsjDNb
zAo3}H@m?|R<3^GjnU3q!7+ZsA*mCBqprkP87|0aMxb^Ytm9e^Ti2~h4puGR#XsLvz
zzKK26RJBU$0m?C-#DK9$;adPU25^Gy{+O6poidxeVL0GsQ)}>S<^Kh{LHq#xyBm(z
z(85Hddt5race)BtJCAwx>6CP7fC^_1W1af&kNB#nT?Ox=+`8V@0m|;x+0_ww-*fVu
zrNVnDE9f!FK_^gURz4%i;@6ctm&Iqhl~dT)L3~&Y5MCk>i(SjL$qx818%Z`WXncU=
zloUQLc=DAt8=8}@A0dSNEQ!35L7R%b;OxFA^S$0Qb)Oiwn7~NJztJJbmnJc7`lF}<
zXQTc8eiV_rtHLT-`akH^PB<t?=Z+IQWGtdKp-~ri2E2-tSps>)-;F}97Hy?TKsgQm
zc4_=50Gn|yI%WLl*3gu7yk^N4I3A>GqtyQB19sEt!By;2ydNc4HYhP2R(mK*UX<w{
zFAEaN;Ik`3c^`c3Pz}^m_I>+v5%B&W<%tUXs`&|H(V%FFeX%Lf%kpAlECuy!t~LN@
zX4VrYs`6VL@@sRlhRe`ByzD$pKMc?1-W$}NE3~RpGTrX8Ked+rDqIY?YgUVM-t^q$
z`xrKc6(uq)J>>H<*TN=7&ML-d*S>J%MouLg%B_B-0H_Kv08#$gpbGgyY#sU4^kqNe
zW&_90stUdZ_<5`PU{mNYHz0jyf3IEoPNg?T8<tGjV(5c))Tffx?gXs9&+Y-lTX*x3
z8X$y-Psj1Lo?f-(n4zx>Uqd#T(b#y0az+8gkw3OU<kOaplt8zBjrXdISMzwve2JG(
z8;i^5O8KV`q4_#xJgL(2e$Eu}hYlx9p4PDfT;pyE;hN4(vvXpcOTxWyzIE^EPs%A2
zP91DO&Q%duwjtz%wbQQalVj~F({aZL74qya?Y_sLd=gY#kXn6A$G_wuR*}HGeeKy<
zthMK%BQ--qL%bAAL$*pkYAMz5(xtC>zs>{}VW;jh=bZ6juv2Uf_p@gpnZ^OhJgHh#
z;V$%O?29m&&lXE{5(Zd@Q+LFOdkOS9;9q54U+1=zoZka<+4;av#L^;k`UYj3PNuy<
zi~&lLEExpI$55H?j+obY4)++IwmgJtk@shdO53c7KeFEZ1@7MJ-wW#j*D7dxR1yP@
zpfew+e3c1!$b{Ei#n?IngG?Oq16(muh${*<c<<UJMa~JZ`>u$?W&?IVvONr@0k~4p
zz0iW;0LuL(B3#y+FZCwKTtHpB6k6Dwo?C_NLzi*%h~xhu!nIuh3lD)pVE|_*D^$}b
zX?;qV8kdjgj?A`;A@p(!IYh~jz5n{E-fUo=Zo3}aJP1v4_PvE44HXnz>tTE=xM4tk
zR9l>7DcHDA&VWp1A7#>)$|$5l+sC#kP01P!K<zo`+iPx&B6bNVSTa&k7m4W@>3BTH
z<B%|}?vdRtFC<1t_!oeEqD+@hCY>zM$=jpW(;2Whr^2e_f|X1GT~SY8)})xEsE-~b
zOAxqN<Z9P7wCub4(aI-YdZ)S2?I{)D4PCk?_#MB-Z*lM9BIRWZOBj8gw4n8Xzi@0Z
z&Z)J8=U${_zb?m1S68gBtol%#DC=tf+7WrOU5LUAWq-FzhK-ad>v!u+hR{1uKE){V
zdEU(U(j)dJPzV61kYs8>g{ThRixA$oIntOFCC;>lN7bE1fSAteW@I|#NCY*#zD5J4
zan8Xu2j)|hX#9(yIBkzqhzG#%Cx@QrONGprIwrCRB1XT*w0r%uVAJc%TvmH9cHN3=
zkZN`+@0vzWDd6`NvQpNq7{AeL5IFn+ce1#C1h=bwZ06}#Gu8G*1n>qFE^UE{rv<Fv
zXch%d?~A8IHzgyPj^r<BRh55>BMR|9dS4AZc~iF~D;bihE<EWEXJ*r9Ug=1&E8ol#
z6xqDoV-1dKk9NEn=iiRF3$0TG*%t6l!S_u{s4M}%-5(P=z*+HUQ{E@VKEeiljUl@f
zJ)`%L0+&8e@WxK<`Su(Cns+Tp0k)Xj9iaL_UnNUQm;e$0klfX9dpZ~wU;!rcv)$3=
zU4A|zLru*$vYpxvJMh`r%pXuIpUDc{x?_f6ew#DDx4i3MK98dVaDNxe#^`7JzmviI
zk1@$6W#9VPg?!cd$iEHi4!3NL=N@Eaw}{^XjyXTu|GCoU=c50wB|iUu!~gWaf4Yng
z%*b_H9;s4&^Jdg-Df>D|){D4KsX<}&8!s<=Z7z4D&;=1`40uSR>({UUdGh4Rw_)XQ
zshqrV{=nt+l=!t;uUkYqElj3+n)v+>B}O)SY~Z6kFE&+C9OL$^0=?98E!T5y%D3=v
z56<{BmsN2fNqliW_eB$Tq93PaA*q_`F;@S?Htb9)9hBWWzqnduXf%03g2S?q_U2i$
z3b#E|`}F<$&eZ;DAc9YUYWU9ZU~lFFvDU3xFlP1`{s;m%ZQ~pev~R1(J_$xZVl5FZ
zVp^xVZ=a`>bevlsLe#~~@M(@8D4M4qT^yBu6e^SXP@lTq_i&w=Sog>1Z!-Z2hkbfU
zU?<W{wdlQTD?J%s@B94?4obw|8osDNTH^f}JVpCZO8a`ds72|GgxenMO{!sXvr>4_
z#*4aNjue7)lA@qh&qYx7jLWjn50qR73Qule5SGA7q=)8#`)6X?Ehm*92*QJug1Sz#
z%n>*(%|yJ{e8hoP;h@pysODk0G9#71<(b{s)K`{Qj`$C9jsbf?u(^zEhiv)h7hNJt
zFOn}?clT<La<2$6Y$mEaOmS%SL+U5gRVVMYgjd4h*u4&3#`hXuAo4d<)3Qlw1Lf0o
z3ii+thS+1wj+id<D5pIBr7!X$gbVq6Pe(^=c+cHhJBg>eke(XTjc0bZ`)2G}(dXQ4
zUN*U&Ol5m(G<vY&Ma!tH$-;S+&j*QFHS2k7!P!T*9|@`ahgH#40XumamS$I25VVXO
zqYT8uw*Y5U*U?k-o%yJ)5}zksR#YSU%;uMKD@TilCT|;6`p$;Re0r1Juc7MJf1pYi
zmA06-h+DKz9*W7&bV~BHR_!PwKxK7V=sv_uc>5U+k)&pJQl^0|!u`F6{{-~Dn;oJ=
zb_Kvk0GE>3L5ZMxb&gQu99NFseXbU&*@taOU;R617SN{Y&QXQN6!>(T=NgDLvs#QV
zxOEqPaPBGooD}4F$m?#t-53aEl0EIymNl|DL#&KNr~Rh_2fYT$hu1;Tq6B*wBX`p0
zZcFhZqc^})7t}cFUOzWDHqp24h$nYu1`Ipj#wtE-^cfYIB}6@ndZI8DH>FlS{L8_Y
zFl78>d0-epYeV#szc}Au;USuhhIyk+(OsW;$FpTg?q^#U(n{M2(n_`|u5TB?%YJ?`
zgc)}Rg}+iZC*}pB)R~|`6ptIGV|gU<(~X1bI6){So5IA^7kH2=VZit{YcD~RUQcWG
zCS6SOO3V&gE#`C8oct2|JQf-F4fR~0_l&H(yovhQ<nq}ddFJBdEa!@rc4ppZpMV!?
z4*jwFjY+8iy&moqKk{L_GT6N`l3XL7I@)}wnL8D|qtH&}ny8y2-uM`ISq`x!=G${n
zUJ;BYvgh5qGQ#Uvz#;(jF466*&;1zKg#~=~EXaXLaN*Zl8ThpHP@dc$37ykCov(2D
z+)@lkXnDj6s*PA$w#6}n#1bb8zm{h0tRG1F5@euSs%i0#mKj|G#`5LTXoH8pI0Dhc
zwaeAZft4?Dwv}97RwL{j9}tm3i%t_>zA4wD7Q$E5VE`F13S!BYZ-H?9iNFsq<O?7x
zh9<&CFX+g^*A-oEt2m@*Pa{tj%3&_K#;bil@8#58&{1{DKIpSaiiV#_59G~jYP1Bb
z`QZ_$dVy9++!;Xo_##A)H*e|^qdPa@gVK7%WG4?A%wzm&qm5bVInHrW+ni)|A6#n^
zK4IyyXEcV-DV|jkotzc;#{rkHxq=?)GE{<nL#>B#qiM2A6AnRsv$`f-L9Bid6=>eJ
zj}gE8iX~}BG}gSH{d7Y8mMjMUq8ufh48zzDiz3V`f>?~X=j@o5LppxFR4O#1j$SN~
zM=p-4G8wWH>b?ZW#Ux>;HIm%Nz7)?D#Lf<-X|*mXPa7x+HS{K@0Nurj*fZ6pG{4g(
z-Cur`Ns~r_$zv%d(I>h+C<~v`x{P<I&~Y&Iw)doI%V8Y5@iqbNIbW>Qu4peh2KJ(z
z_K9ggR(C8ef{)C98v3xTQ^uYVB|bAXSe)?IRQSE+fT7L|0Mz-hF_?T=wswFym4xsc
zOxpn|Wbzm{K^ezAzLa-`sdxIgzZx!liZ^#+uzcehWwwm{?s|avfVRNA)3Z|w0Khip
z^?XSxb35vxEAU;IXTC9%>`O%N<?hx3C1AWp-(Ck{D=Us3SG8UBDwI2BeFd&-9=}kA
z?o$V@0zSUt9uA-!WPf4Ef>Ax?P#%JuI&#=xybIRis)@&~Ib9e^a*DlO@%>{&#6qrv
z>?@tm>QPu3nfeV}CynH{ft0Tqd73_{;WwxJ#$lsl${@yy^kCVL*5^FYm7TaBs6xW#
z6wK>->0iZ^Vqx&}#reElvi{S{(8L=#R0@k$R~-Lx!H4P6rjlifX#lPh(^7NLCx-Ha
z$E!BfYt);wzIfNPo^7Ql5+3T?n#Qm5UoLUBHV80<=0BI9xp|4YYF;HEqMzqT$@js1
z6ojjzQcnMxHRGfO#JQ9-&-@$Ql7t;Ov{{qQHTCSVY$O+U&rpeLpY(VgcHZ|+Uk{f{
zr0L?F{>%Y;+vQC)2q!|6^YR)uV`!P2Z#-VEZR~OZZkLqFvHyg19+LA9TX*eZ=MuAm
zfcCM6b*s*e7pyz2?I+?gJ2NQ7g(4k${jDCM?H#_PU{^=4dPlbw`p$IiH@YY{#mH*D
z9@qKW=>nU-J=SaXi<gz$?c;1G2d4H=gnXLB(JO;vxk@dUWMOzNn;Z%AZ??w<J(D6j
z_wzTa05PM9fc@>Ic#T_wibKuM_TVlrb>S7$68fP&u-4V5^F9`_PHBbSVtU6rCswA^
zGGyCVk2Wuj%!y2{^Pm5W-Rv{f{7#{9H!tZPh2u{gHPP%k*$c0ikajMKceFUyVwDHI
zM#Z(!J8JRN1Q~ZMBq70uk9#k%!&x2Yn>g0KHkfcT_Eqpp(~$j~eZA^yuWFz|Iou=J
zP*L<-ar9dSdC3uWJ)ghWQ+SVtw>&d#;>p3@v<lX1{}Dg-Jxk-k+e}CEtxFK~N^w**
zXGQ=SbyoH<)vG~S#C*J$vvuf#^(`sU5mHI|SbAT8iBJ9)Z(JW!!8Ty|uU)11Tf$w_
zU0Kh>NK1n_FJsdZ*d*?Wv&;kEP37jOGH!BJufd2WPD-g30TeUkFWr@X!Eoeh1`3;V
z-qXi&aoiPksV4&8UsxgSDU+1+{6bvBg}q-?J#ZOn81CdR&-12EQYYs$60j}xjg8B0
zuaQhAhE+R-2{WMS9f#e)mr^Jaurp0fFXsAp|I1~iyH?}C)M1k7O-1w{sh626m9=T1
z9#cxHq>=;eoKVZ9D~Llft*?9D^Kz^R)c1v<G_~QaskrvlOsCzvs}|>{p5nb<G6#~_
zGx4{qG&+)R^bwGuQ4xkc9y+Ipcpn{QB9`b~!vEN%34Ig$UWown#mpy?qZ4nwB3RQC
z-)Pa8HN8c%FMk!8dTmQXc}%xg8#<g4F=v~$`QBJjelOU4_6PneCsnEBZ}aX{FD&DR
z{FlqP#z3FQDZ$!|NpnV89d(XV`<>1<FQg5PWV{84%N1c~>(ja=Jhmxh6YJ+<xDZ52
zmg#LVr{gB~BtoaVBAmok`_PqFzg|bTj}VVHubT1ITakxC(<^dAQcNAvahXP|IoVbY
zAM-zCYd;gbbzr4Mf8b;vvnAF#rBr7(&n3tTnX-NhB-ILui2Ae>1%v56FT8cyy-63W
z=U%M-)^}#n!OPheE*Gt}?EmFnnT>_Jzhif`9jcfS(rYzjBSfr=y-m^#7Gy7UIa-5j
z_aOS%9QIfrv)Xz-sODoQm6|LM)6u~FEN$UHhT%P<MTd4eTQGgcU^Ezs<!0Qi%^%RS
zc3P;sdT;Jm+@8X}B>M5(%^u|r^0s)X*<B-elZMMWu~u~l%2Ifx=nc(O`C9Wr?efEp
znpM$AS@p!!Ka)~*lNJXPVtqsQr68YA6}d}%?dEa2?eqMJT7#5?17h7%r%AUmp&_c$
z)h5sOkiS=m+6kn_aI2!Q8PJKfKsUs&W3|M>aHOvUruTcq^c9Dz5o{Pxlvjz%vE*SU
zlc;hBk)~%$;k$@u{H>69Lqyoj&jF`iE|uW^Y#|GmrAE@Tej^K?^UvRu($YKY^|2e|
z@`HC}i|j#v+(eYtW1O;IS7jiuHTf;drVe@lxoh|69N&Vh+BY1$?dnOoK6Wo4NP(Zj
z!fPONZJBMJ#jcC%<+NZpD=pe?Cp35nblSq|@BU(=oPILvbD*64bOi5P{Wj0ybDG+h
zpB2^2)29_RZ<4e!c-2=JS=^)QzIRh`t{iJ#sZ86#n-P3^D|cyHWG+|YRPgJ7*Yr=(
zX|ooGKOMN!;Tv@X+Vk@EM$kl+*7wB}GMtDO)x7o4whV)|;=&py{|U=+o+W3_=He6u
zX>lX3og3|OnL+oc!b8Y7JO_l3<iwCAX9Q+1<hsPEQs?w28(PF4q>|+k1@sfEz{{V7
zDz$nX<|?Unh{UUnCi+dca^jsa7=7~mcbsiq7pNsedW@)U)qD*E0>X2rWKT@V*K-CI
zoh?<zpxqV81k-NM-709v*>;qAJJehlj1@Kd@ihlp=ei1R%wJ><Mwzc{sHne07TPlo
z5$~a-J=XbeS(c`)cUl<)<l_iU^qS5W0IoD&HHUK#&UT>hV0u^Ev`&2<>U3-uWK2Z$
z?Kcp0ZD1P_*h%#9)ML^Z%x_Mu@8E4=_E7trBaTynWRw=B|D4D*lLq^_54wMU1(|ct
z#5r<ST{XLiw-XE+3D;^lmqXlbuD(oYhW{Rdc)>;V%@L^Et@-})Kn8%09257Dz)2*!
zcA|53dutZ^F>*%%W<}z97R1}ze^n&~^H7<(wo2phO3(0F9sevKc&}n1ttY_MRy|)L
zXkO>&O4cIIC0bU(+VPtv(f6{!;m>2NbMeJqe&Xfn+jC+n+8I7sMlAV?6f!P*CTp+E
zJhk*9)U6~r_KicffE!`vB+nbBGsuY^E4_oTYX9T&KJ;w2RlB8m`#gH}Tk62zgC}rK
zFVR#NtH;f@rfAReTIP!Jm~*`Y%kT!HrYQzZI95nZ6@Ff7u7Fs5q0X@EoSflB{e;V6
zy{M~fH}edqJD^KIqoXfPdS4-(eblnTBA8x6vTKa%vVc$iGWkb@M*k5jd2fk`c1>Mb
zFq!}-$zp3@Z?oajx#8AvJQ!!YQ8RO&Rkb#_Ch9Xl^iMgD1A$|~=+{_<YLj?HqIAlH
zQqyo$A4~cd02zs9<-A=AqhX7S*YfP3GZX^s%nZ4#1>{qFL2t6q+Pc6!zrYbxP?!1b
zH>16roSeS<Xn)@<S?ays(!ZhfOv1l8_v!}v^zp!Ib#bR#_QV#^-W9{T16Ci0sV<77
zd^?ec*3GtkCMvpQ>%F4v&2zSaU*8qksYp2E{+QOl&7q=|4n=*fIp~Bd?<pQkml(-c
z(CWRTmEsp6!yE~_c4@iB`x|hx$&ujshzw`%L&~E2*H+K&P9N9cOt%h0L@4qGjeqH{
z4r~H$^oTbH<vY|r1+(ok0#>A9GCZ%Vc4fM<Sjz3!!<D1^H#6lR-}l-4j!I8x1a6UU
zQPc1@(*C-2-?J%d7zpxr>lDq_pXgo(yN{UQ9KX)+l<c*&d%LCBQcWzBM#_2>&$bcD
zUu%6OGL7Zwoo+lG*7xzJf7ujz`s^PS(?*?-+=N#kHzN*iG5U{<bTCWDW-Vc36|T~v
zKo(JuN$^aeli`%%rGk7$Li#~i%*?wIJB(RBTgSm|oHzCU6CSg(=eE#8$(Km#k>GGv
z@*e~uHC(2+`6aXQn>72p_9o01{9|Pn$Yem9N_Z&8u6C|#^GB*E;mIals%`r`hUf8=
z4wr!1=7b9$-R^9DF@rle@7ESMtt{$oHuG^S%jc65{m~3sVe3Z+^hq0vcKX=4&DkMn
z)vfK}cW7<vt5>zM;e7T%-~SQ=3Uasb1)9B-)~UqCW`()R&1FCeiy0wxCdG*@_3gYQ
zqvq|~R{pyZu42LWf;;NLMN`DZ_fto)x$@T5ZOk&ppX=4HiQ@u?h1itKZwAl1U$bLu
zf~VSc9)zr=;T}%ryD-Lnaay>)?m_g}&dF}`e90p@C^05KA%P|W85L_UBq=K}9JIU^
zvtk{VD3G<<vR`?7gsokSH0Ibx8@AES=77*xY7~gJ*6xjRUs(C;tL*zWG-Vf3j@{YL
z*bKfyd<xbrNnkt?M^o=LY<6yDOFb;}9juf|TR&y72L}IV-se1$Xm`p+!5m?8w_Eq!
z!`xxO%9WTa=g)4$hjMK{Hy>Qii+~97uRLRI90IxXsUB8*k^MpRwl-uaYgrExz6pUq
zApDYSl7ZV`$v#tSAvS(qJ0;IOONX{^+B)i=n=3K1fA6}3;>d18yutp+T>Z_d+aG4M
z9a$C9xHn<z0#cT;W>y<*-#3}U92=X*_$gPBkaBT*A4;Oqw^qQPIYqs>eGuA@E-dW}
zliHdfoBf4)XJ<lQ+q*q{++y#KZFVk1lxgBih(8r(zvac0dcK1D@Zjb~ATg2jzT97N
z+s~%0RS~nnBkIgOJ7^F{dH3xiU<hJgD3~WJxz6$$gmUU;$C^=Ab(o=r7#wGCeSO#r
zqrU!kjR{n_Pq5l<w(Y(OJ|bko;m)>^Iaph@%*k4HaMkdibl$njRE)p-Maa%<>Zg+S
z4uq}`!uec*@CdYpClbA+0rm~nKQ(GQI2-hfz)WQ@;l9;w$lPXHQgDzE|2$Y1sJ}Es
zFb&t+Toz(BoEFM7rzX#D-F8d1YME4S<~u5r^m9!m^#XH@i;(qGn@jNN<7+W07a=?O
zu9?umVA$@>Nx}E!MSrxY?AG4dhmxr6^YPSLnyvQiN&n5mf@DJPmJe=9pnwRrV$H>9
t`+>BzM<e@x<|ecL_+La&RoB06aQE;Gv>5&x63?3dqP~e9?)Ph<{{ac<a^3&{

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index e0dc5419a8..23afa588ed 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -48,8 +48,8 @@ Before trying out this feature, make sure you have the following:
 - Windows 10 Enterprise E5 license
 - Access to Microsoft Defender Security Center portal
 - Machines running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update (for Network Protection on Internet Explorer, Edge, Chrome, or Firefox)
-- Machines running Windows 10 May 2019 Update (version 1903) or later (for a better user experience from SmartScreen on Edge). Note that if SmartScreen is not turned on, Network Protection will take over the blocking.
-- A valid license with a partner data provider.
+- Machines running Windows 10 May 2019 Update (version 1903) or later (for a better user experience from SmartScreen on Edge). Note that if SmartScreen is not turned on, Network Protection will take over the blocking
+- A valid license with a partner data provider
 
 ## Data handling
 
@@ -73,6 +73,12 @@ Cyren's web content classification technology is integrated by design into Micro
 
 Learn more at https://www.cyren.com/products/url-filtering.
 
+### Cyren  permissions
+
+"Sign in and read user profile" allows Cyren to read your tenant info from your Microsoft Defender ATP account, such as your tenant ID, which will be tied to your Cyren license.
+
+"Read and Write Integration settings" exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the Microsoft Defender ATP portal.
+
 ### Signing up for a Cyren License
 
 Cyren is offering a 60-day free trial for all Microsoft Defender ATP customers. To sign up, please follow the steps below from the portal. 
@@ -111,20 +117,28 @@ To add a new policy:
 
 Select **Reports > Web protection** to view cards with information about web content filtering and web threat protection. The following cards provide summary information about web content filtering.
 
+![Image of all web protection cards](images/web-protection.png)
+
 ### Web activity by category
 
 This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization from last 30 days, 3 months, or 6 months. Select a category name to view more information about that particular category.
 
 In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
 
+![Image of all web protection cards](images/web-activity-by-category.png)
+
 ### Web content filtering summary card
 
 This card displays the distribution of blocked access attempts across the different parent web content categories. Select one of the colored bars to view more information about a specific parent web category.
 
+![Image of all web protection cards](images/web-content-filtering-summary.png)
+
 ### View card details
 
 You can access the **Report details** for each card by selecting a table row or colored bar from the chart in the card. The report details page for each card contains extensive statistical data about web content categories, website domains, and machine groups.
 
+![Image of web protection report details](images/web-protection-report-details.png)
+
 - **Web categories**: Lists the web content categories that have had access attempts in your organization. Select a specific category to open a summary flyout.
 
 - **Domains**: Lists the web domains that have been accessed or blocked in your organization. Select a specific domain to view detailed information about that domain.
@@ -133,25 +147,17 @@ You can access the **Report details** for each card by selecting a table row or
 
 Use the time range filter at the top left of the page to select a time period. You can also filter the information or customize the columns. Select a row to open a flyout pane with even more information about the selected item.
 
-## FAQ
+## Errors and issues
 
 ### Why am I seeing the error "Need admin approval" when trying to connect to Cyren?
 
 You need to be logged in to an AAD account with either App administrator or Global Administrator privileges. Your IT admin would most likely either have these permissions and/or be able to grant them to you.
 
-### What exactly are the permissions the app is asking for?
+### Limitations and known issues in this preview
 
-"Sign in and read user profile" allows Cyren to read your tenant info from your MDATP account, such as your tenant ID, which will be tied to your Cyren license.
+- Unassigned machines will have incorrect data shown within the report. In the Report details > Machine groups pivot, you may see a row with a blank Machine Group field. This group contains your unassigned machines in the interim before they get put into your specified group. The report for this row may not contain an accurate count of machines or access counts.
 
-"Read and Write Integration settings" exists under the WindowsDefenderATP scope within permissions. This line allows Cyren to add/modify/revoke Cyren license status on the Microsoft Defender ATP portal.
-
-## Limitations and known issues in this preview
-
-- Unassigned machines will have incorrect data shown within the report
-In the Report details > Machine groups pivot, you may see a row with a blank Machine Group field. This group contains your unassigned machines in the interim before they get put into your specified group. The report for this row may not contain an accurate count of machines or access counts.
-
-- The data in our reports may not be congruent with other data on the site
-We currently do not support real-time data processing for this feature, so you may see inconsistencies between the data in our reports and the URL entity page.
+- The data in our reports may not be congruent with other data on the site. We currently do not support real-time data processing for this feature, so you may see inconsistencies between the data in our reports and the URL entity page.
 
 ## Related topics
 

From b16afe7e9af0d3178b47fc1011541ea1c17f31b4 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 13 Jan 2020 15:55:49 -0800
Subject: [PATCH 056/247] update files and toc

---
 windows/security/threat-protection/TOC.md     |  9 +++--
 .../overview-attack-surface-reduction.md      |  3 +-
 .../web-content-filtering.md                  |  4 +-
 .../web-protection-overview.md                | 40 ++++++++++---------
 .../web-threat-protection.md                  | 37 +++++++++++++++++
 5 files changed, 66 insertions(+), 27 deletions(-)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 7e2204a44a..47154f79e0 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -32,10 +32,11 @@
 #### [Exploit protection](microsoft-defender-atp/exploit-protection.md)
 #### [Network protection](microsoft-defender-atp/network-protection.md)
 
-#### [Web protection]()
-##### [Web protection overview](microsoft-defender-atp/web-protection-overview.md)
-##### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
-##### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
+#### [Web protection](microsoft-defender-atp/web-protection-overview.md)
+##### [Web threat protection](web-threat-protection.md)
+###### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
+###### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
+##### [Web content filtering](web-content-filtering.md)
 
 #### [Controlled folder access](microsoft-defender-atp/controlled-folders.md)
 #### [Attack surface reduction](microsoft-defender-atp/attack-surface-reduction.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
index f67f450978..1247c43078 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
@@ -31,7 +31,8 @@ Reduce your attack surfaces by minimizing the places where your organization is
 |[Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) | Protect and maintain the integrity of a system as it starts and while it's running. Validate system integrity through local and remote attestation. And, use container isolation for Microsoft Edge to help guard against malicious websites. |
 |[Application control](../windows-defender-application-control/windows-defender-application-control.md) | Use application control so that your applications must earn trust in order to run. |
 |[Exploit protection](./exploit-protection.md) |Help protect operating systems and apps your organization uses from being exploited. Exploit protection also works with third-party antivirus solutions. |
-|[Network protection](./network-protection.md) |Extend protection to your network traffic and connectivity on your organization's devices. (Requires Windows Defender Antivirus) | 
+|[Network protection](./network-protection.md) |Extend protection to your network traffic and connectivity on your organization's devices. (Requires Windows Defender Antivirus) |
+|[Web protection](./web-protection-overview.md) |Secure your machines against web threats and help you regulate unwanted content.
 |[Controlled folder access](./controlled-folders.md) | Help prevent malicious or suspicious apps (including file-encrypting ransomware malware) from making changes to files in your key system folders (Requires Windows Defender Antivirus) |
 |[Attack surface reduction](./attack-surface-reduction.md) |Reduce vulnerabilities (attack surfaces) in your applications with intelligent rules that help stop malware. (Requires Windows Defender Antivirus) |
 |[Network firewall](../windows-firewall/windows-firewall-with-advanced-security.md) |Prevent unauthorized traffic from flowing to or from your organization's devices with two-way network traffic filtering. |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index 23afa588ed..181eb6c2a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
 
-Web content filtering enables your organization to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic due to compliance regulations, bandwidth usage, or other concerns.
+Web content filtering is part of [Web protection](web-protection-overview.md) in Microsoft Defender ATP. It enables your organization to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic due to compliance regulations, bandwidth usage, or other concerns.
 
 You can configure policies across your machine groups to block certain categories, effectively preventing users within specified machine groups from accessing URLs within that category. If a category is not blocked, all your users will be able to access the URLs without disruption. However, web content filtering will continue to gather access statistics that you can use to understand web usage and inform future policy decisions.
 
@@ -117,8 +117,6 @@ To add a new policy:
 
 Select **Reports > Web protection** to view cards with information about web content filtering and web threat protection. The following cards provide summary information about web content filtering.
 
-![Image of all web protection cards](images/web-protection.png)
-
 ### Web activity by category
 
 This card lists the parent web content categories with the largest percentage change in the number of access attempts, whether they have increased or decreased. You can use this card to understand drastic changes in web activity patterns in your organization from last 30 days, 3 months, or 6 months. Select a category name to view more information about that particular category.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
index 37f62a101c..fa838cc1dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
@@ -1,5 +1,5 @@
 ---
-title: Overview of web protection in Microsoft Defender ATP
+title: Web protection
 description: Learn about web protection in Microsoft Defender ATP and how it can protect your organization
 keywords: web protection, web threat protection, web browsing, security, phishing, malware, exploit, websites, network protection, Edge, Internet Explorer, Chrome, Firefox, web browser 
 search.product: eADQiWindows 10XVcnh
@@ -8,43 +8,45 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: lomayor
-author: lomayor
+ms.author: ellevin
+author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 08/30/2019
 ---
 
-# Protect your organization against web threats
+# Web protection
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
 
-Web protection in Microsoft Defender ATP uses [network protection](network-protection.md) to secure your machines against web threats. By integrating with Microsoft Edge and popular third-party browsers like Chrome and Firefox, web protection stops web threats without a web proxy and can protect machines while they are away or on premises. Web protection stops access to phishing sites, malware vectors, exploit sites, untrusted or low-reputation sites, as well as sites that you have blocked in your [custom indicator list](manage-indicators.md).
+Web protection in Microsoft Defender ATP lets you secure your machines against web threats and help you regulate unwanted content. You can find it in the Microsoft Defender Security Center by going to **Reports > Web protection**.
 
->[!Note]
->It can take up to an hour for machines to receive new customer indicators.
+![Image of all web protection cards](images/web-protection.png)
 
-With web protection, you also get:
+The cards are generally split into two categories: [web threat protection](web-threat-protection.md) and [web content filtering](web-content-filtering.md).
+
+## Web threat protection
+
+The cards that make up web threat protection are "Web threat detections over time," "Web threat summary," and Web activity summary."
+
+Web threat protection includes:
 - Comprehensive visibility into web threats affecting your organization
 - Investigation capabilities over web-related threat activity through alerts and comprehensive profiles of URLs and the machines that access these URLs
 - A full set of security features that track general access trends to malicious and unwanted websites
 
-## Prerequisites
-Web protection uses network protection to provide web browsing security on Microsoft Edge and third-party web browsers.
+## Web content filtering
 
-To turn on network protection on your machines:
-- Edit the Microsoft Defender ATP security baseline under **Web & Network Protection** to enable network protection before deploying or redeploying it. [Learn about reviewing and assigning the Microsoft Defender ATP security baseline](configure-machines-security-baseline.md#review-and-assign-the-microsoft-defender-atp-security-baseline)
-- Turn network protection on using Intune device configuration, SCCM, Group Policy, or your MDM solution. [Read more about enabling network protection](enable-network-protection.md)  
-
->[!Note]
->If you set network protection to **Audit only**, blocking will be unavailable. Also, you will be able to detect and log attempts to access malicious and unwanted websites on Microsoft Edge only.
+The cards that make up web content filtering are "Web activity by category" and "Web content filtering summary."
 
+Web content filtering includes:
+- Users are prevented from accessing websites in blocked categories, whether they are browsing on-premises or away
+- You can conveniently deploy varied policies to various sets of users using the machine groups defined in the [Microsoft Defender ATP role-based access control settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/rbac)
+- You can access web reports in the same central location, with visibility over actual blocks and web usage
 
 ## In this section
 Topic | Description
 :---|:---
-[Monitor web security](web-protection-monitoring.md) | Monitor attempts to access malicious and unwanted websites. 
-[Respond to web threats](web-protection-response.md) | Investigate and manage alerts related to malicious and unwanted websites. Understand how end users are notified whenever a web threat is blocked.
+[Web threat protection](web-threat-protection.md) | Stop access to phishing sites, malware vectors, exploit sites, untrusted or low-reputation sites, as well as sites that you have blocked.
+[Web content filtering](web-content-filtering.md) | Track and regulate access to websites based on their content categories.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
new file mode 100644
index 0000000000..8bf7647688
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
@@ -0,0 +1,37 @@
+---
+title: Protect your organization against web threats
+description: Learn about web protection in Microsoft Defender ATP and how it can protect your organization
+keywords: web protection, web threat protection, web browsing, security, phishing, malware, exploit, websites, network protection, Edge, Internet Explorer, Chrome, Firefox, web browser 
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: ellevin
+author: levinec
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Protect your organization against web threats
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
+
+Web threat protection is part of [Web protection](web-protection-overview.md) in Microsoft Defender ATP. It uses [network protection](network-protection.md) to secure your machines against web threats. By integrating with Microsoft Edge and popular third-party browsers like Chrome and Firefox, web threat protection stops web threats without a web proxy and can protect machines while they are away or on premises. Web threat protection stops access to phishing sites, malware vectors, exploit sites, untrusted or low-reputation sites, as well as sites that you have blocked in your [custom indicator list](manage-indicators.md).
+
+>[!Note]
+>It can take up to an hour for machines to receive new customer indicators.
+
+## Prerequisites
+Web protection uses network protection to provide web browsing security on Microsoft Edge and third-party web browsers.
+
+To turn on network protection on your machines:
+- Edit the Microsoft Defender ATP security baseline under **Web & Network Protection** to enable network protection before deploying or redeploying it. [Learn about reviewing and assigning the Microsoft Defender ATP security baseline](configure-machines-security-baseline.md#review-and-assign-the-microsoft-defender-atp-security-baseline)
+- Turn network protection on using Intune device configuration, SCCM, Group Policy, or your MDM solution. [Read more about enabling network protection](enable-network-protection.md)  
+
+>[!Note]
+>If you set network protection to **Audit only**, blocking will be unavailable. Also, you will be able to detect and log attempts to access malicious and unwanted websites on Microsoft Edge only.
\ No newline at end of file

From 24ec826bf44e0a7563f65c59f4d17f4be2cdb403 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 16:38:31 -0800
Subject: [PATCH 057/247] Added TVM API topics

---
 .../get-discovered-vulnerabilities.md         | 89 +++++++++++++++++
 .../get-installed-software.md                 | 85 ++++++++++++++++
 .../get-security-recommendations.md           | 97 +++++++++++++++++++
 3 files changed, 271 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
new file mode 100644
index 0000000000..bc067f116f
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -0,0 +1,89 @@
+---
+title: Get discovered vulnerabilities
+description: Retrieves a collection of discovered vulnerabilities related to a given machine ID.
+keywords: apis, graph api, supported apis, get, list, file, information, discovered vulnerabilities, threat & vulnerability management api, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get discovered vulnerabilities
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a collection of discovered vulnerabilities related to a given machine ID.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
+Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
+
+## HTTP request
+```
+GET /api/machines/{machineId}/vulnerabilities
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the discovered vulnerability information in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/machines/ ac233fa6208e1579620bf44207c4006ed7cc4501/vulnerabilities
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
+    "value": [
+        {
+            "id": "CVE-2019-1348",
+            "name": "CVE-2019-1348",
+            "description": "Git could allow a remote attacker to bypass security restrictions, caused by a flaw in the --export-marks option of git fast-import. By persuading a victim to import specially-crafted content, an attacker could exploit this vulnerability to overwrite arbitrary paths.",
+            "severity": "Medium",
+            "cvssV3": 4.3,
+            "exposedMachines": 1,
+            "publishedOn": "2019-12-13T00:00:00Z",
+            "updatedOn": "2019-12-13T00:00:00Z",
+            "publicExploit": false,
+            "exploitVerified": false,
+            "exploitInKit": false,
+            "exploitTypes": [],
+            "exploitUris": []
+        }
+}
+```
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
new file mode 100644
index 0000000000..171a32a275
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -0,0 +1,85 @@
+---
+title: Get installed software
+description: Retrieves a collection of installed software related to a given machine ID.
+keywords: apis, graph api, supported apis, get, list, file, information, software inventory, installed software per machine, threat & vulnerability management api, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get installed software
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a collection of installed software related to a given machine ID.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |Software.Read.All |	'Read Threat and Vulnerability Management Software information'
+Delegated (work or school account) | Software.Read |	'Read Threat and Vulnerability Management Software information'
+
+## HTTP request
+```
+GET /api/machines/{machineId}/software
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the installed software information in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/machines/ ac233fa6208e1579620bf44207c4006ed7cc4501/software
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+{
+"@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Software",
+"value": [
+        {
+"id": "microsoft-_-internet_explorer",
+"name": "internet_explorer",
+"vendor": "microsoft",
+"weaknesses": 67,
+"publicExploit": true,
+"activeAlert": false,
+"exposedMachines": 42115,
+"impactScore": 46.2037163
+        }
+    ]
+}
+```
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
new file mode 100644
index 0000000000..4256ba1c8c
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
@@ -0,0 +1,97 @@
+---
+title: Get security recommendations
+description: Retrieves a collection of security recommendations related to a given machine ID.
+keywords: apis, graph api, supported apis, get, list, file, information, security recommendation per machine, threat & vulnerability management api, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Get security recommendations
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Retrieves a collection of security recommendations related to a given machine ID.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application | SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
+Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
+
+## HTTP request
+```
+GET /api/machines/{machineId}/recommendations
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the security recommendations in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/machines/ac233fa6208e1579620bf44207c4006ed7cc4501/recommendations
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```
+{
+    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations",
+    "value": [
+        {
+            "id": "va-_-git-scm-_-git",
+            "productName": "git",
+            "recommendationName": "Update Git to version 2.24.1.2",
+            "weaknesses": 3,
+            "vendor": "git-scm",
+            "recommendedVersion": "2.24.1.2",
+            "recommendationCategory": "Application",
+            "subCategory": "",
+            "severityScore": 0,
+            "publicExploit": false,
+            "activeAlert": false,
+            "associatedThreats": [],
+            "remediationType": "Update",
+            "status": "Active",
+            "configScoreImpact": 0,
+            "exposureImpact": 0,
+            "totalMachineCount": 0,
+            "exposedMachinesCount": 1,
+            "nonProductivityImpactedAssets": 0,
+            "relatedComponent": "Git"
+        },
+…
+}
+```
\ No newline at end of file

From b3b2ea7db50fdc8f67b07ab2683a4545480bf6c0 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 16:42:05 -0800
Subject: [PATCH 058/247] Update machine.md

---
 .../threat-protection/microsoft-defender-atp/machine.md     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index a488cd488b..4bda3515a4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -29,9 +29,9 @@ Method|Return Type |Description
 [Get machine](get-machine-by-id.md) | [machine](machine.md) | Get a [machine](machine.md) by its identity.
 [Get logged on users](get-machine-log-on-users.md) | [user](user.md) collection | Get the set of [User](user.md) that logged on to the [machine](machine.md).
 [Get related alerts](get-machine-related-alerts.md) | [alert](alerts.md) collection | Get the set of [alert](alerts.md) entities that were raised on the [machine](machine.md).
-[Get installed software](get-software.md) | [software](software.md) collection | Retrieves a list of software inventory in your organization.
-[Get discovered vulnerabilities](get-all-vulnerabilities.md) | [vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
-[Get security recommendations](get-all-recommendations.md) | [recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
+[Get installed software](get-installed-software.md) | [software](software.md) collection | Retrieves a list of software inventory in your organization.
+[Get discovered vulnerabilities](get-discovered-vulnerabilities.md) | [vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
+[Get security recommendations](get-security-recommendations.md) | [recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 

From 41e94fd838c2db6d70ea66e0b1b35149ae130c8f Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 16:45:59 -0800
Subject: [PATCH 059/247] Update machine.md

---
 .../threat-protection/microsoft-defender-atp/machine.md     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index 4bda3515a4..8592e1cfde 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -29,9 +29,9 @@ Method|Return Type |Description
 [Get machine](get-machine-by-id.md) | [machine](machine.md) | Get a [machine](machine.md) by its identity.
 [Get logged on users](get-machine-log-on-users.md) | [user](user.md) collection | Get the set of [User](user.md) that logged on to the [machine](machine.md).
 [Get related alerts](get-machine-related-alerts.md) | [alert](alerts.md) collection | Get the set of [alert](alerts.md) entities that were raised on the [machine](machine.md).
-[Get installed software](get-installed-software.md) | [software](software.md) collection | Retrieves a list of software inventory in your organization.
-[Get discovered vulnerabilities](get-discovered-vulnerabilities.md) | [vulnerability](vulnerability.md) collection | Retrieves a list of all the vulnerabilities affecting the organization.
-[Get security recommendations](get-security-recommendations.md) | [recommendation](recommendation.md) collection | Retrieves a list of all security recommendations affecting the organization.
+[Get installed software](get-installed-software.md) | [software](software.md) collection | Retrieves a collection of installed software related to a given machine ID.
+[Get discovered vulnerabilities](get-discovered-vulnerabilities.md) | [vulnerability](vulnerability.md) collection | Retrieves a collection of discovered vulnerabilities related to a given machine ID.
+[Get security recommendations](get-security-recommendations.md) | [recommendation](recommendation.md) collection | Retrieves a collection of security recommendations related to a given machine ID.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 

From 9e04896db4c1ae623f234bd48ca59750455262e3 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 13 Jan 2020 16:46:00 -0800
Subject: [PATCH 060/247] link updates and added pic

---
 windows/security/threat-protection/TOC.md       |   4 ++--
 .../images/web-activity-summary.png             | Bin 0 -> 19413 bytes
 .../web-content-filtering.md                    |  14 +++++++++++---
 .../web-protection-overview.md                  |   5 +++--
 .../web-threat-protection.md                    |  10 +++++++++-
 5 files changed, 25 insertions(+), 8 deletions(-)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-activity-summary.png

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 47154f79e0..21b8325782 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -33,10 +33,10 @@
 #### [Network protection](microsoft-defender-atp/network-protection.md)
 
 #### [Web protection](microsoft-defender-atp/web-protection-overview.md)
-##### [Web threat protection](web-threat-protection.md)
+##### [Web threat protection](microsoft-defender-atp/web-threat-protection.md)
 ###### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
 ###### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
-##### [Web content filtering](web-content-filtering.md)
+##### [Web content filtering](microsoft-defender-atp/web-content-filtering.md)
 
 #### [Controlled folder access](microsoft-defender-atp/controlled-folders.md)
 #### [Attack surface reduction](microsoft-defender-atp/attack-surface-reduction.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-activity-summary.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-activity-summary.png
new file mode 100644
index 0000000000000000000000000000000000000000..d9fc4ed73a5faa65fff0661bef17c8642fcb4aab
GIT binary patch
literal 19413
zcmc$lX*64XyzjMr)YGVHpHi){eL5hDRt+^*wG=fEA*N1BXsCIXR*SZZ7NIrILrAnr
z5F~9CMa?3JNYyMPW|D~9?VNSroELYkyVgDDzOeR6cI>tD-~arE&-eR#ZDD3801^f9
z@bCy2-MMAO!*h_s!*f9R@58`5{_4=jz~O+umElbuOpo{i@Zv9bJySg%p3h1AyZ3p4
z*GHb-aq#EiIdyUW?|_ljg%uti6HlXCdNv_0%M`vQ;nvaiRlSFhPp#1xKOZlA7JW~z
z(*DzZy;e|=a>2c%`HE-*)615hE<AwPENMSTdUFx<=HFYzvL2PMqCs{OoL<VDlKbc&
zqj|h>7awtKJ4@T~vAcV4?#FD(;1jbS2Y@^HSsC+(033Og-sDN`zrG$F1su*!{mlYS
zKYM$Ao^StT;(znWy|9(3BwgIqhi&zOy1RYdAFoMELNj`G*h2}TDxKXKDsqwsf%~v2
zHR9z6YH#GxKKX_R&;0(j`mSvuM#SZ5oWxjHw%?i&9l>S0YSq+#yylL3euxh@VJJ02
zZ<<OBk>TM<7+kKS(t{>K-PPb@H6edLYeW6Xb4B-O!f~%P=f55rpUXu^3TB(=RUF)C
z5!4(q&DGJCgif&;`1J#y@lvaQ;#d1h4CR>!!je)j<=wf}ccNZZ%~(hG?7(pYG5B<v
zqjy7yhp&l3Ly;F1)9eT<Mml9;;ZylNks>psPxo8KKXQ7Xx*|A%T0%UZ&RX6>^Ef_N
zHC`VuQEUiW9&6a12v?L;;;OVM-~VRe+ec^<_1gIw^ykNG@5Q0=)jrWL?!7^bw~_6H
z+~bkl)pjZ7_H4W&A>ibtyHCB)wP}uWpm&+5{zB^8V|aZID^_TO8rj=SU-IwSd>&DL
z$|dA}Z~$Y1zB*}MZ>mO7mRyV|_MC^;88Gcxwug8;P(nf~Uc<k*XdkG7x;znB3%q$|
zGl<s*)YIatvK(EO+G+f-=|P^dMEKI@b#x;dnQJw0FLeAg_+)~cBUpmD)!?@^bpg%~
zPk9<9FP8vMf6(<A4zG$JYr#in#HHnqv53*ldbD9WaOoh1wA~Fk=0qa{N3?V7u3JnB
z4Zpi<now?CQlF&5`ib6d*To6j*`JdH@!V)({eB_%C%AQC9NP)5*a@#)ss%PiJ!hMW
z$T`_y_NR^#l*wM}QsjiNDpJ;?MR(M0r(809L+y4YxrC#`rxMium@mW%O3`yd{=D89
zjP5=-rGHHQf@E?<7U#OrAia5eLI+<9qbB^J0MG7GPNd_MWW>rhjC*fR?Nm<C7;OEr
z;b2Vr8wP<pAxQF57A)M<SSU*IOVfVv<L|neG{-dY9f<gbV)f5|y;Dp*p@l@06gJ2_
zF(|boMY^$Dl{_xrFl1#JyGx>udj_Ob)W9fh^7x%Ud(CzR=vm74L{~7opK2%>b=@7;
zC!HJdr?D|$EW*Ezf+gS5Y}Jia`|w~$dv@5-+m~;N+M;OaoXXlz@8N6{xC!kaOdv9Q
zYw7EpT@|{SCjB=Z=k+1CJ-<1uVg2y2jVVgRy6IlHz+f<Rn-WZ}-C7?s*Igz+(l6OY
z-`pOLtmD$x2wVyWSiHR`-pFANe?c#sK1iuzXfodVl7mNk5Ztea1nVV&M<x*4z?NhC
zCV*`^2{jm7gP56GlFK>`qcx-@sJ?SnZEcgp*<QpK-^U(n8+N9`vYvhzc3_t6TDZXQ
zP(^sU51!fP9JElZqqvFt^QOxm3;E!#aU^aE<y0pAlI*ljm`Wu3cgA)0wFv4?lN`y!
z;RPhbWsBzZT`Ov_T$+MuT>8_aJ@+J+K%AC+_Qd);vENWi0)g@!_ibnL{Grd=dk5Tv
z9Dlks>P}L9vQVW%4W>rkKE(gEEOW(7b9ws3&FrZGnJYuvpi3f;PAyf$#ej{OsW_=Q
z|4!M`oygJ3x`{BI50KvyhZjgr{t0Xj1Hr%rGb9Cl_c*hbM^7raw+N_hT+Nn{OS6A)
zL~0ztS}4WeyiX@^qokx{(Ix(KJ@lsa9yxoRo3@mn>^R-sZ)n^i3U5obvw2RVS^h4Y
z)HM7ygrikXwIxZpid_fKXJ5JB<QT=Ap|pwlEX9=v`7f52)_;3(xItyuX;30)WYV(u
zfu-8LuMKqI11sxC%T4+hO0z{d+0(<&aCF)C)fZy_z<=vOoZi<Z-^)SlQRyX_-T@U=
z_*l)gpM_3jtQZdB8rqs2_?Vk@N{aVK+%1(FzJj|hk3YIO(Ny8%;C_wnoyW0`%BYn9
zN<#%Xj0WGWACo1@8@6mXC##l$T1P%Vq_lraXhz8-M0wS)yM3ajRO3O<aoZPaVdS=D
zQej+`7H6xD5U5?4XWun;kF)9A7_=PusnXc)PFFwYu%mY^(lKb%Z7RPZ=Qa3WX>n?M
zLVO$LVUo8_FR*}fGLa46yw#(2CgVKBTqfnb<P2cQe0?8(h;wK$o9wFSr%2dMcC2+X
zAvAk8ZrZ6m8Oc`vR)05htGIC`ny|C$3dGpR1jx2&nfOuhD_?!qRSK0JAYaYpge&9>
zH26-nHN-14{hTA_$4SnTT-_MI_Bhs#MiZi(wA{Fy4;%hAZFY|EP1KsujTU2<0&|*G
zUhm{gVDr*+<)o*84gbO$Im|qvEBK?16z^$`&v6Ec;tPjf>F%v20kNM|ImyC*c!VR$
zpFPU+mRCbH$A$Iez%%ga3{`k@GIge_g86NrpvFOCa9FXZCKg5t8TJ$ftMvA$&xuQE
zd5U>uT~QpsnnT?%L(0MhcJmO|NTTUSrHhiuCg@$i-_QA21f$krk_Teosfu3=Elt(C
zA(?DZ_2}b}yF8>zaIoTjC&NlWLStxd^=iBLNkLf!xUN~@*NAqB;J3Qn#W3L_xg6nQ
z2sx@k=CQ?bpADCmjcoK_PB{JJwZ!?5qK7f9#hqLc*NA>Trk(l~XIy~n{?_H?$W_%O
z3qB^6y2{C2d;IIE4}p^=HG#5~tNV6XY<h!Tx3`Nf0O@z_{L@;Pr1j?zBT71FUV*R+
z3cg9j(@_;wL1MRgr@xhLr8NE6vJ;Y#B9$hI1(BTTiJJ5PHL72H)gvvPUEl3Jc8sG1
zw9b2(-pGgwh6&yAlzdV6tj3Fk(a8(HcI>F|U#N@FnAx}2SdDy=5kD!w=G-fO=BPKL
z$0xCbrFc8)MzOcV40$)qqdwqG1`c~t@y+Z%@rngs1D<Hr%zCyu78<e_$hQ`Zzfgjl
z3&z+7Ft^udy=Rb+)o%@H#TZM?AH3%Bqjp!Visy9u+aMaM<R{k%Ef-)}z?ysu?$!wY
zdV|FM^(7*QdTLn)r(s=Qg=cl5ztC}eQL$tnLJNoa_S)`BBLm;%dIkrdUyceFcvbbT
ztgrWNr^%hr0XMdUCw4hIm}Q(e|9By2nasS;!UQ*6BkT^m8heuy^e&vyNOF$cREZ+*
zaTw|B1=~xt_zqB;wYlyLiM{#0aGY1fX}+=2HlvhBG>!M(Sk>mhDpY#nOOJ+}bO<?$
zz3i`0Mf0nludlpkbRfFtKoHD1eX1*eX7NYm$*O*J6PVG&pxg7?pS{ngd1wEYrv%?_
zZ`SGel^>1KM<YQ0KG8zQ4frn<r?VKuI|XUCd5?B{?FLJOP@oy&?#3M<DJLK@^<QNo
zvo@_wJnD5or-|KqFzkk$>yUAd&E;Mp!rR22Zcjbi-(~R1)f(*!@>N3v6~@^}6Ip4~
zn0ZOUBig4UFTMfWM^#cIePFEIx-?7S98}6ENa}=27|b~}C?Qjk(3QX7T|ar)HCA4r
z^Q3Kk%kDp|$)!1ADA$}~TlU+nt_RNv2j>ub>$z@>mSn6HM4wp_XgQXme7W*$>i2=t
zaDx;Zy?0i#5Zk`0vt@xaRh<x<74YIeg_*%BO`$?%SZcj~&-QSxEAn}9y33gB0Sj8A
z_afzSCY*AUpLoFtJr<UnaB$|)*{U1$`f-W1-$*#iyapg;?^OIfMU`U2%>d6EJ-((V
zZ^U=Mb}N41;={J4sVbKxESc`z+q`8Af36r;!f2YY!{2sw&WvI$NbBwbg~_%a{Zgj)
zpS0I&C@0j{U3xGf9_--5e&!f3Smk|XLJKqjlqM3omyMX%p9S%(ZBbIt^zFj?8V78Q
zXY`~6(N$^ra%WL*VIkX*TWIYAW5NY6%LCbx0TTZp4@n5AG|vu}51xvuANJp-G!lCp
z<=2!{#vXr}+Mwl?42Ko^lHo%=1c>?o@>O4==F(~6NH9v?-wKv<(8C_&_uXVkV^Z#K
ze#fTodBYwW{1d3+ho#^%lUgcwDTe~JjIk5Qn}c#cZQqstZkIXU%v!9NGWVDLdgO(;
z?c-Fz;baf__>Qz2^3qS#D;Z6w)CVv573%X;6_LYwFAg&|EmsskPl(yZ!u400J4JZu
zMy+d=$H_XLk%Dvi-eRb;TI{7Sd;SeD@DJ>LDCvrGtDVcneE)e#B?!K{h$(A++u7o#
zxel{Pb8lxVGUwHdX}Np{tfnbm5kHcCzc5Gge$+=GQFjH>hS5PzrWG?4)tN!X6$&!B
z$!uSB<z^g7CfBy(6#rNGvx@1W7i_N1k9;oVI+gunnTU#xvh-?-9(|p1iA4wFVB767
z^#f1)Peuv-F3*fnYGbX-owi;nk$@if=$RfKK&EWhV$)f%@nC^-wLif(R6um0U-7(j
zX4$44tbUJ0bE4v<>mzXt2_jwbH37X!^_|+KV&UZ3%cY{Y#r%808<{?=vsTZ!v?{`E
zqdI&v)FfAA#tQFUOB}|p-P0@#dXwQT<JdFU`Dkbn-!2)>S|D~mCOHQMr917`RYzH$
zO~4pjt{oa!EzMZ2`3{m}O`>>2#W3(y;DT-XULLIC0^?}QJ(=vT%Y);Pe-Z?^Gjkr2
z{+`ekm8#b#FYPGYF1^iH&nbNITedW7iD2@@vN2(H6px&hea2KA{ZoAMkux7Z2v?aI
zoyZ5e^S#sX9O$0S8H?f@b1ljmbeXRM5h_u4<U4R+%e&PVEuS|XWPNgcFW(MTrJb)@
zjE=s-e<Q)U`IFownD8lU&n|d5x~e1M+L#^a7y6Hd2n<vV*XLKYJ#gfZr*+w7S#xAv
zM|Ig6aw)B($?}TJWuMOXKCTuI^LcRw?Aq9h;zo?k7b)ol(EBw9h;%YDtHi#msq-Bs
zdj5^cSdi(!u8pd3M=t6`RCqusw5@hEz`9DutKMEDZ*_{g?Hn<btGjHOeIKzoZ6aUQ
zI?|22|Mf#r*ZDaC@!yE+w8=QhwF46qmdj2Qzk$m&Pl=<}CStcaTWCVPk9H!M$Mf@W
z<WZ!Bo8h`pprNH&Dv*g==h87Rg$me5V<)2GXe7puvUds#2)^IHUmV+rTyUH8pxA!&
z0^2-4tuzfK6}Ct187yB+cls{XG$f1?-!D*OMYd>=PX)h!*n1V=?C05!AkoJ25hWO@
zVN*SMWO0w<H`C7*Jg5G)zh?pJR$DrR-V|_nCK9x2xl;CZl#Z@QYC`eDC}-aCzGdR9
zg{?04uJvzOp7|01a-AG}05-BdH~a^4mWnYD@|;P3;ARwBaibr{z5~rrX^y6Q#yrQm
z;N1T;`sSt743sH><r$n256v>A61gjjI2+?<3NhIDM0c<w?xv875%|`++$Q)2(GsnV
zv;J1e`XRSNau*Px9V}wFCMsETm@S5Z;5!hxPX~W#Z;yBJ!8+0dXRZLvC~Db99`vg+
z2GM;`_%HZ9XQk1g#^rH|;A8$AcJ7(wB5micH2JBko+Gh+DIVWvZ1iJ{oNa4zaQzMt
zom6QeR+8qzLpiz9^C5Uw%l7?9y*^*vTBlt5!|75nt8j_1vhXV?p6sBp1w4c8+(O@=
z6hUk3hao?rI4X52E)12*&;1ANwh?7d7A9UkpUY+>USGR|h$(jZkJZoDY1hEK$*w0F
zOB|L4RTA4F(zjI(&Obt>1bkKypRu6jne}Nnc;SbmM=ffcvh{~LpD^DIi@2h@K*x!!
zif0gE9@B@&B-SsvV)Fw=pTo~|3M9)d-?a72nJH8%seU{dtJr$FL+)f?D@JrAp%G-$
zqHr+*$=e==vlyu&jC-4H$~H)e6m~v;a2x4B@ku_qv+1mU^~KD4@NuwX$1?&3tYgc^
zSp-)zXR~+N?m3}jeASDm3MboeJPYBxbCZP{wf^({xr=0--PLw4pH3l(4*?BVnNyHn
zU2apA)+<m?ndNzkf3G&p@nK4O@lDr=)dmK5s30_c%v(a^D{Rc7-Bfk;0OMqTV)3EE
zv~yuUilB&;0OYy5!8+(+XA)luuAkW<9h*)G)AFBv8|pm-n<$7Obht0of7Y2N5>pkN
zvArGK3xV<j-JMvM&iGBWk*|=x$G1Z{CPE{QZc8r&b>Di<sicRi?7cdn$igTlB!Dk3
zUK)=0IP3ko)ywRlXLH|q^)6c@An9D!&_lIaOD|X{bkMX4Zx~5i*S@;Qz6vps-uvYB
z3Th!Nbm2vumG`L{1L;i2ot7H$!Zd5%BOv?uTF~OS2Ss0Khvt;MWN>aX8^WBfI9?=R
zJ~8xR_yIiGS+cX^i*gLsyevx@X-sazjFg?QroA5yY!@=|a&}F)(!qpYocZXUBio=7
z5p{>&&KwaK)7UF3$V%gOhN~FAq<nshMc6x7e;i7fWP*=B5T2XXK3=flNmUTyW@s!B
z9&omZDz_rh+<F&!G@AdNWO>=w>g8DYl#eIQdg=3Ajt-BVZn*Y&PC>lFMwRyV{H#mJ
zBs1ifQ`q=4P^Zoxd*zuZy+xY~u53A`+jNiLq{0rd@_gxGlJ+9dliG0W+a4w@ET_c}
zhz}%u3uDF4mb=sBOq;_t1Hu`#rD9ChxWEpZS~Wv5T&IQpJhykX;2NHJX)nkH=KxV#
zUc6*!`#6C2VKLI~4WZj7MkX@sM;Qw#wO#tK&`n}#?ml)b%&X4E=4`B?@DYldMP;BP
zMDeho<Wi!}qD*i%5yFm`N3@;Ub2&;>CI(M{A9`-;GK*5Y)>(;VpUAdZZMSC3X=wHZ
zGacq5?nd$XW4ga|-+cLJ21p>W55HBJMW4&Q*Fx7e8WzzSO{z~l8F^0QbsXg%p}Sr=
zpe+5ZhQ1Dm^}eP7GkVA77iF@a=~&JEuVt~<0>8))-ON&~0_W$+P!q}uI^TnhCXsw8
zcA-`}i{hSSSHvLQ@ROWqzTev2<mZhuCZFdD(o;(O%H)zTBfFbbh|PshbO#{8)LP^~
z^t+6L?weFNjjV~KOh;uI%#ghM6l`Eex9hGj;A}@c?F;1zn!v=y#Cm1aaP-_DT?0z-
z<tceo)^fb|n`@7ppWW(R7R>$hFY35cWVdbvm$i=$!x;_j+9K$eIkSaQ=RQ>&d|aB1
z!vR5N&gajN_Ce53g{Jwcy#<A!2DNS$tx75(*wSWa*zbJ7UBr5~+PG|K&LVcCVD`vW
zgZ24gxM1*%Ere}{aL(?tem*4XofMF&3Lm?rx8sYs9e+wkqWcu|r@WBugSGw$&7kog
z5TRRW?c#Bn%CxzMh4)++NIlB%F-U)azhky-`Qq{HM?!fOG^_lBawrd&%U~&D1}LDz
zf*H-*EUM;dWsj$DNl$U@Q`XxKm+?Cfyw{34`mykt9&Q)!UVnZ<0?uP$wGdV2(TG2u
zJ#=hgv@7^b#jS==P~M~mVyHv?=;HvTyL$&qq0`^L{=3}Pwz6=#^}?LAXvxgtn-|#u
zfjUD#ZiO7+<qw-KNpqf`u4E`HZUzrGC8UMZ&~>u`uGLcmly8ONDyC3ZnB~{9Q+qY1
z{#dP{M7IiWaafyON1z)n-%_H#uNc04dvI?0p*=EbQMBNO;RYmEMXS<g{;&x<;jFb;
z&VqP$<#DiLs&rTsLHp0(%TRl>jL!RRCX`2Sc$ZjaYU!Suu`pW~u=)B-sLBBSTAyvw
z3M2;39K){bS69ZzUfiBiMupHu9y+5zpFtVgZpJkdHVvN^x<-4SWUMS^4xl;e)JTc-
z4=*k$qGY<&nbRq=Pa53j)Pee5Lh!cAPwRVoXRbbY$&xI=7u@JfS_it+p4SI|k4?6V
z`~S*Pqecu04sIv~%=cx%HmeyoCqu$=&7nA4(6WX!2sCxoPZm8{59{iYZn%u54wYMT
z*1juWY9CZmxy#Jc0!4B;+fh0&n1V`Gva)l&)*a*7*DkP7409BBX)sL{e_;;2I<Qud
zrNuvYX4bHJccHk+Rx-}m)LJwlQ#Gfgw@zTNt*+_lV1B?wnEjZ>2riZ;1)9tCX-;P5
zg<ecA-6%yv>`xiHxoN|-YnQIbhZW1KB@DdFQjNHn?jGt+m0nk4My?_6LOzgSRFT2E
z+}kG$UJuNMPrr|&@FJM;+?adL2g+%Cq5Pr%8aY)SV=GTs472QPK3;5LQi!Ra_mQRW
z8@oYxh7LlFsNp>8s780I0=<Qa0~Gzds4b9L;Bnn8bHu;b(Fa38XS?2L|2c63dtyWF
zzN=a0Ec?X*=@mDMDZDrFw@sWD@4MTc>Ll&M%&4D7ZfpS`vcxrP1H8+xs)>ba+(|a!
z2&k7G11{qwv_w06gYp%XX+lFe3O*}|(*eX5o*Qlb1A@Tuk+_~NaCqnY*MGiyV&f3-
z@{D2M|D%)Lc<vrseKj1oD9@RpB|xpX^q<m5<!IKOT}j~G8;AQ#|36A7|D&=E;gw~f
zLBlbzx~fQtv5Isy5Cx}vzQDGYM(LGbdVV=D;v~ba?41Hu#niN!mqSHxn>Ck*to;uf
z^7bJ!RJ_u{H~I~ob9LGq%rbrGb9IA>n)Up9Ya(jC-~Uo`@5u`J^(Tt63E5`M<*W~S
z>42UJ&+qF$4mLh|-1+`O3csS36av+=&nE%cjq~qSCpWV?<>>8Fh?SO7)67|b%jyL8
z>G9$6>nO7T$q>=ilCnKoa`)q({lpvGDJ#uh*cZ4eE7J400L}>n0C^RgIhQ+i4w-q~
zw?LE4?O8*t_xoXRi^kg{50gr;JKT*ybMK*_@99I<=DzIZ#w4E^zEc;*_y9%et(f0(
zEq$YGAahf}6Ohj!&3|z`6aGUpD(&R#OeN8`^7SckQc<S`eK7#z^4>XVjw889Ehylp
ztw>Fw{<=;8>Btb&+4+h%##xu*K5Y({T7JR7mA&FI?U?WP!O3g-Ofn1`w#E=RK>g6#
z10=@FGK*UC+@&w(lms=3z4W)uX`_^Jpi@4M@B@egJ6jXeyGpMkaL|q+lQDpr;7tqL
z7}4DuZU7qWAKL7tYi^qizG`~9YgBPHKhM{L7_%2qo8<(6o{onz@M41HJuhFM90$4~
zVT2zBPR4rg7aF?iQaiz81u6S5_@rQY=vX37WM&X&Dpm)yux+`(LwdGUF_`CiU^{Yq
zf=2b3C{H0rZc{jH<H)TA_ti#GIn0h@-F!iOTdrq~$LC5PrkWID!_w@w-YICvx!jzt
zs`~HF2#x^8nH{vMMr6xCU6MFk-J!;ojKU;8*C?i&mH{qFcW-35(R_Oh7BqgJ9SSxn
ze!KpavrUSsA^{4A1mYSAfOsd++ky0FobaK<I>R~&g{s(i8QNyJYTsJkNL-n0p-jd}
zEUJ<NPI3qK6_T0G?dwC_y=}sttZ4?9IVX_iK0&PP1>Vs`aO2uY0c3b%g632&pk3kF
zu3USo%v_g_QVn6YOK0d0uVPw$pan#=o1F8gn84aiLO5ABHp%e`Zc)p%Vu$JwYy~ot
z5k!SU)I!&$cQP~J00lg;*Ws9En5G~Q&YVe~x_W@;hP9Qu9wB<1Rwef5@vje)juV1f
zzi&ttk%|Ef{ve0PB8j@YNot^k;xlw8-C64A_iPHybEhaoi0c$~A}li$EI_n?dN<Fc
zWo5o4@-FncZzK&zwuao<m(srNYiez|1p$V_$Z|{Ge~aj*_iv<$8$#?Z-90UZ@bgC3
z4*LOQA!@h$l8+>pM2IM!mLfR;Vnwbd1}s!Z)lo*-EYW;$3R}~KiaOlyo4QlI^vY}O
z#yV;gIas9MgrTw&O~_(M4MNdJEJamxDIx{T-n~gaf}~Y9tE`Je;BtI|SAd^nrgu|+
zk|MauTzj*KJ@~mDSDF*iDOlly#KaBjC7~&$;lWfj*Kdv59ma@F=I43#Lcfm1k>wWY
z?0^CqdHXM_Y0ugnfM*BjYw_@Sge_i}hul*Fq=DMrNva#k*?GV9VN`s6EOaAoB67P~
zCa(kDntSDbG$HA01eX#_kCW>33B>&H;xf&9lI+T>{l|SH$2Dk`Cj~ovR$E1a;n2F*
zx<m`FFO;M_LLpUjnHncFGI||UEzPH<Q1MTG=gXnLUM1BZI0PuGa2?Po#XT~0T<$jX
zDKWY-PhE<)Fqj$$fscV#fxU<W0I}R$8{B%C)wJ3s=6&xuOl21dStJNIW^DFpI0Y?S
ztbHEkJRr>Pe8AF;AIM|o*?)0>{axR<JnYC}+d`a)n_5Msf}Rzd?J}=yyBaJjw({gK
zE0lkSps3PhCw4F52UYd5tup5I!O4}w9W6=Mzr#tzCcEYJSTSs%i9)T-Zh46t!fqUj
zVgJ*XAT~#hn?P_mW8tTU)~e`t4Um6#1#7q7alUama!ldHVSz1k?Xbvcnc$WLwc%NG
z+Zm03vdq<PwLO0wHodV5;WzNp(x-kO$-^6ncB^VCLcdTnqvDBhhW7TaYrQ{m{cOMJ
zpu`0l*L$+gI&KGzM|7d1#^zi@`Z){c?K9(IR<0-qL0hGkz!6v}hQ8pQ6IeJAGH8zA
z9umYgHwFju%iDZ$%<ZeI;(GrKB(Zx-Of#|ckM6naRBhG>VOO{S2!Fqt&)9<BcFqU`
z$dT#UgwW+iH!d;K8>xr4hkyW7Qn;As>g?#<G|3t}J6l#5-dJnmv7pfES%FsVHLWw(
zT75}wpqY86Bub3Gw|tj940fW{U^>LoHf8!<nvZR&iKKhh677O%heL}4KT2-5@9nPl
zQutE5psPf;b}*lHf$vh(0S-}{w}4^$`bw`hyAqM{UOnGOSE@)Z5(FaGdI3N7X2)H$
z|HJl#K<g5-*Sg(a<YnyodLQQ`;AZgm!Zeg<uKq}g=<^&BHWE(ve5v=zg~Q68KjrY~
zJ!;r}py)N7$ZcAr#t%;dtGb~U>ovAdupuK`G=P>C?%8~i#3sd5HfEGS+$MjXPwFg}
zNjFB$KT0o)IfXJxx%}mq(jLr#PyFdK?ol3|j5L6L@@6C0wA;1M>%7M)u+r=Z3wsge
zTuC;Au{GvZ74oxbYusP44#3@i%vJQJ07)1~uu|OD2Y)uwadLY$gGt<<g^5A?3b|I1
zGArS^fa=KEz3FkFxTT1=4r%E-AE*g*wEEiYH~t;<tRK2<d*BL6tL&e1i>RwtK>_;i
zTe^i?C3nLC$-{QFPK8o{&&lEPWn!0_iUkw(D=Mpvg|7RYMxd@PS9Bs~?B$nHckGW>
zrsoV7Nu{A4N7`H^x)0(xZT+h3$ldbTv|8rl%=X+x!&>rfrbO6UhxB+9n@+0|zngU>
ze`_Mn*n_N4H|__Z)0v!zf!F<8^FUUkk4BsS0Lq92*H%3O?yi%1hy`3XiWeUz<@;##
zxzE)MsslF|OE>}9J^~2EUi*44MIcdwH7|27vr!b}1g-Hnfk1^@mqg6_;E%resneco
zVWqowfj47WjeZ<~f^}qT!K!_HBi9o$B5W@{{vvZ)z|n`;YB=>$Z56e4PuHg8_gZ0j
zgBovofyLLHCc@1jq{ob{U81h7d1(ElfmmzqEGj6nB;rFjZ=qXPn)mCAX|Hs<Yi~)U
zQ;IxE`p)ed0UsP)ZVBsChR6VP#01wUzLn6#7O=qqQw^Aam(E!>lAGtlOLP3*kbUDM
z#uL=We?RWd5JmuTB_sI_klhbppScc=5zM!n{h^luNxo!<EE*P&7fZ8@p0N-)r0usp
z<`q}ZZQ8;iC;{v8_{ML)&RmO-LKJ2?5QX#cl{EvM_~PpUq)(b&jpL~%&%H-(8$55y
z!9U<INsd0+bv<KVjl<te31MULX(AIp$bd|N|EK@m&_P}8)sP|2%hf*%0$BmYm6rGR
zNQAv^iI6@$OC9-Bg4wigHR{v$ZS|gJ0IjdS8(2VP;DkAxH90>_))|UcrQC5u^Za*>
zP~($8$hWr*WPGF!6{!CyKB3+_Lw%HD8Y#8HDi~hQ0h|vBW8IO%1h8&cm}RwjfUM9;
z+`84-Dlw?^kE8>(pQ`p)h@BRxUH3D(dy#5;oNcd0=DfkL+JZOF9h9M5VMt}@n<Pu!
zP|7=p`C^O}vq<~!8c?@Ab-e)AG?7P=dCL@R8g)!~)l9n7uHjdO(~8V>v&kg9RZQm%
z=O^hi5c_Z0VT&+&d1-D?x=YYU21pp&Lo=X;)A5Z3U!9P&o@~uV%{T#nz@Ct#Is4%u
zrBiM$NOr(S>8+$T!@3ygBc@cTFQT-cyK^PAca!*?!xk>mGygSzcceTsJ}RrTEWWEv
zY!3UK#J71(_s`0Czi4^w<~!zB!H~87Y|u1!eX*jJ5_fq7Vo~+mWoVn5{h4t~&(k!Q
zyJDGLZLi$>i0ec72{kJI(X=~YqQDe8!a9Kld{;kmJ-y$dr!NgWKso0=A{D6>7-wK?
zVuUWx49h#OE_cD`?PY%++8mL%HoLqt*tF=^SSGj^L=N<YI9>f&*Ar*{e8BW~2V9u7
zNpb~kaUm;&9vlrf(JnqkZ`gL>rk*WS&<&y<0iK=)_!vw0*`hB3CZDpUvGl2B>a*8;
z|8r4{;gL7E86YDT<4xjmg5#m>5_BM~bS$J)8eZ4gUD2mkzy>`J32T2}nFy!*0%n5J
zEh8Dw*KOV3U$b22(B|3Lk$>l4ilEpHp~96ooUyPD&RSPNH6p}x=G>ESr0xzhlxV|K
zQ(2lD*2zTz%TeI1lU?@<e!z~#C{B0!v);948TpH7J0B}UY0Zh=0IGhRrZ<67NB3gY
z86+jn2K)9j3phUMZ*Ym;^CU?#=OK~7MyXq})+IaDC2Pu$e%9`FSj2cp-WMIpo^`dn
zZ5~?il{4y|8>sKoC=XCOA|`H@^ZStCPSmcQrNx;YdgFNJlXPfUc^1YcULNaVR(u0F
zBjOU09~4?JGoSv98b(8p!BI`jE%L|OnO{TgL~$M-3&O0I2_fh2<Rw)l*uVv;TW5GB
z4)Gm*s!6YZfw)^rKQiLo2&dc@ah@-^EqtKRP=Q|ErLbDcD$QGbR+fBX;%mj%g;-jZ
zT%*_Roq01}C#=hTe!RC9oapK8>cuXem@d>XZBLZ&$HmAz9Taq3#*;C%%#qM|v;A6n
zr{dy$o(~3tuAwvc>TZ{Ib2bdceM8K64b@K2&a7?{r3o3EmLe$Upiz}Q8-2AhdNU~p
z^Dr(UGPIidQRdNd?Ql;+u0E`O`VWDrH5!nTNZ%MV3)B^X)mA;$uBpmG?1g%h%Cfvd
zMT6J7RRcM_*Uy)(6}#pf%dII=&>#qcwV|^>ZNAYp=x3W&BhL9lKM^N2iyiYc(e;^0
zNGqN+aI1!s$EA=!^PfPC5MZSw9Z3a@N@RKLNRyiEY@wK_xyHh@%-`BdrGa10RpMET
zm|(_3Kd3hm8o}<%cMBZ7qk|i~;J8Ar$yTculp>z7T8aE)B;D{rQ0IblByu3(`&K~S
z1p(cCdq9aPhxY}sGO4rmTb#JnN`DoqX`#Ixw2#s?|NK0^KKsI3Rrd?`<7#O@V6*eh
zj9f4woY5TI^U!}V=a==7nSKX%4pob@3zYs-bt}*A?BaVCL~gZY?%|d{$03{w`UTQJ
zYwZaVb9l~{Cim`Mj&}IWUpUW6mj@je#{nha4}Om&CUsXXq~97YbY0-|^*%VBIqSx|
z3(!DJ_#Sg^%G~nzI0{Jy1aGSs{{}XO0EB1CT*aKxFU)K5u#0H7&S{|{7}{Kip~#zr
z9h8)aTnx*iH$w&ReqHtarVD(D-L;#5@xeG%&_B17K=W>FK-W!ZNdLTs%XfJ0k*?qz
zG2=1&>rCz7;yR1w^ShKWI2S^Ycp~X}Bx*8dj`H%z$z69#XksGxI*X2wLM&Cad2qHU
zKDyfoAk}j7D{7R5tS<YcfSslKYaHRVwO)0Wn%l&Us(mx&WLGk7sZ4CFyfm9$)h8q;
z0w!bzkBxU{T^)=BI(i+c0N&Y8ErQ#+7q&Q+4!23=1DkzQUO?w}RV{o=a4*)mwug-W
z6kg{|-*=H<oP%>p#l6A;1<0S4W7TO2VFN@=BYl=(?GRR8Ov#$h1*Dup^}u2yVI9sq
z$w)dk>kIebela<k_34oIC!X;6d_GF3<;8&|abB8xZlu|S@!vqSw(c*I8U^ASPu~C8
zI-4`G52PN6%m4TAss9V?mHshrUz84t+ghBF44eNJa%a#F@Y3#+n*c!9ON>*FN|81X
zYGhz50G}=UQu<b#f=MV@s4M7U=~Ncr(KFH?@C(c$t`2{SJdg(~yFM?a;+ZOV2h`lD
zeZnKB<0ME_npbS!>?J{ItP|U8%cMv1D+B;!B4l?tx)q!SCImijf@_JceMp^|%3VGm
zBkGnc49dK;Jf5tY%d|al@L5U0pFDzo+%cWApGoR-Ikd4F7%eAst6}W^%wajHNM)6%
zxHdZAbX!BHjXyol4c1eQWCZ}W-t^Vd#rJgyhWe5zoesl5$u}bzx#YUv+rEi=M7kd*
zk>ihP*v7Ldf%>sKaz}Zd4eT?!zDH#Rg%$VC8z%mmwmrd9rYP{wMrj}~sPX2A+c;pP
z3}7@}YlBnW8naC57ym87+??D%Zk?;e4?yv=Qa#u1rpRAItH_3)QEv*6=(#3txc+%^
z^5Rm_G;X%hDLYO2KC6{AmMEsy(<=?ny3m#T6pxkoF<iUdZ}=Z1W*=k}tjnh*P6z!Y
zMW?Ig#KthonI$tHi#635R%@2Z&es#W4G~DbPX3wK_`%)ECzsZ*$-_%hn~33=>CMRt
zwM-eG%e~*VK%=|K>wN(*7?BlAbMLCI5rPt|x`K2%mUEp-Yv5-}h$9*ifNfD7X6{%O
z(SAYJjY9KuFk+bvj<CpD%32Nvpl<1+8ZQa(M{GVC&l25R%)nG5&o^{$7^g)7R&n*f
z>2G{e9|kMjd)52(u1i`yT*=e(2a14n^?k=}+^>(<{HA}Zi`Dtel^&VNjEjw%S`1Gp
z4HXkh%W_X1$lnmB&edo6Zo0s%#vTn<I{5c!eL?gny=@a9b)-pPQcSBRS()OP^a(Nf
zQuki{UAbQsHM=H`+#0Rg(442=SJ$Uu8IL4i%|Mi-l+Bc!nL@^K_(9yrQ^&fRT_Xka
zmeh%-tcZnbW-RT!>gA6~FtW)YC3G%(ui0KQhIvV~>gkTPxsHQ!?;2VkDtTd04(kG*
zn#2`<_H9{cT~meQReud@iW@RgXqBNzD0Xl}wXYg^_}ZUV5ieaw==aTTwd`W)%Sl-8
z4!_b(BQwPrOt?yyaf&!;_T%_0Z03BzfbV3C$n+EbOjW1c8fDMWjzFX84Pj$Ld?1L_
z?qRPak%6}eH6}lX);;C$ob6hyEq0Zc0knh^v5*O-dZc-v?lbxU3&JleC~F8|tN3N9
zx(i2V2UIPtd9R<6cOqdl+jFz_gE>e0h$3ObN~<VBlTmH5tQDx(VreMhOeSfHPc*Z2
z=;;2!NH1@XB~3<s6vymWhn#cUM47YZ_Wb#zANpDQWP!5iRY@mY>$KjCj9jiI`9W1x
zdi4dhf6Y0Z8#^{8Ii`@2ZV9d7)JRmoPMDa)&2IlV*+O~t{E$~1&4(Jr@mrI2RUcr<
z^~%{A>wpD}<FOwpxdqCSPrn}6i#!K5F?IzEI#cI*mOo7;s?#h`##_Z_u06&9<#}uF
z0L)n<Xz7Esca3>M?v;t<MrxFLOCe8J_v^g{mqP-LKm!obaBSN&a#%xpyAasGqR972
zB~jCd1thbqqcnUPin&i<{Y~HD<;#I%uu}H+*l_-%&>>d|>w&GVBIDua0XL*vL$~c#
zYRR<kIipY_f%{RN++Kp7{a`N@u&Kw6PCS`bS{%Y&t{Vr*Rn8}E8nDennhrg?TtUjy
zm7l*Flu|&cvBwxIGBN<Ce2wa>lg$vGodx&YQ(Ee$syjO?rhoZ2%%rVLf1IvPbBzk+
zsx{D20YLQBSS=OJFdKB_HB@Xi@3F?tkB8>m_!pi78!&ri0AOt5_|S*6V@N?>&k79A
zQ>!Sp%^I3|sRNRD*#~UtsWYZpd11w2J=km5;U1&|Uvv+jnkVDneaS3qKF#6rnYv9o
zNA^AP79TuGW!S#OM=_xSrVN*Ha50s2(@aQ1KdbG-*+aj-`Pi?Vq1xbDT5Q-Z)Lk)h
zwOnDic?ejNkLJcHi6)almyxE9-B&*=$b1!SoVv?=`i78SH-67K6hpTLQ-Q$*R9&8{
z^pWh#$<IH1zK0sRVYP0pYp=OdLG@P&IQaMI5sWBk4V7<f2z7aF`*dR<e3L6+{*t*?
z)TgDd@qShe0{BeZ%5D56>~vxQj74j@U7EFNk^4A1t7UZ&TFxxvF-BLP3bA+Hvno4S
ztc1ZcXSQ4gZE=c7sALM#!uCo{<uH6~rx%o*dYG4*b~vFTk4S&`w`=EMkyU4qDE}vZ
zbbK*+_`K2Jr56)58y>7jyvnA|mEq-GU<gzP>F;C=IByzqsozVt=bJIRHr0xwNPe<6
z(W&9DXC-AuTFr*f(+=v_7L0yF0DP&Ps&HCpNVfhO6wwvGLL8EuN{<kC-2pY4P4kCT
z>~C%f(UKbIimUP0JWz{#-Nd5QRT<D;i`aEBe%@T%pMrZ-@M+IhyC}JPwr)3Dgs;b;
z$r)y}v|pOdH4{weY)Z15rfGGu4uMF-shz?p<%>COvX4Vt0t1(EWxq(gawe^!$3V8n
zT5&H0u5XVwLE-=zc=I$&+YSnG721tc(?4`$nCRG7b*S>73h!~4USe&{Db0@+w+-br
zK|SBke#)OVK}7xxKBDs^MsXWtR6YRJPvDK1sX2Yhx-#O!gQ;TP6U70UWf!E(=gFkz
zjWs!Z?NcCXU*zN8r!)CVm2zU>-kGwBNLi_FS7Fa?#6Xde_w28ac+EEg5PkxyI6lz2
zgLGRy7g+oZE3EbB8X-r6hEC`0lHbfZ?lSjSGbfQb>|s%P^Xyn`P*rMigVTLCr*)$V
z#sMA&+bVgEr?AbtYe7pRAwQjl<FrOeDxu|6v&x_X739Weg*Y<>P|ZLz(#p&Xd57kM
z`f3&V5_ziFNc!?7xmj1^KGBUI$%>iNd=EBdVK9ixC=2G_<<%#))Ya0|&e2rgAN@!E
ziYjup5c~Y#<Rf+D1L41sfwfoctfIi9>7DtY7i;!vMp$T_E!?CQ+W<ZQ)Wt4lzn?((
z0C@->ja0QZ9yPP>3<9T~a*V|~;N65$#)pBZu0GIdtAD5Bbn&t)vYK<rm6YX&O#xrT
z!Ei%-deaZdpU;T}@!X3-k@BcHFa7B1?sMW<M3tM7t|{iOcN)+2M{`z=NNsJzvamq$
zxpzVQ@b}H;r7Kkd|Kg^T<2me=*Wzgkks>*jsZ~fFh@-TXvj!>XNFzo@-Z%wcK|6JW
z_Av9Z6o_Z2xNF!{dT07#WLM^Fclv5>0`Fh<-<1(ER2^V47p0IGF`xQx1d)W&G#~kv
zwU+3(M^~yAzHe4{rldJy{I-kz%D?BmX=&abPw@w~%Q7{Blh6p*IsFbQafk_DP_JZm
zK(dVQN{@_X$*?8%bdad(lMhs^aXb`Z3p+CSpv&S)#j@?|nuk^wX)bSS+*E|%>z}M(
zq3+wmLoqcR`whG+74HU@Mjk<u9+*dgF4iSb6qADvUFUgZ*}S~~N&lPo?UufN*ur#`
zNkvDgqWy1}8g$_-`u^6>JDD!uZ1p!5>fGeYK<Q}13&VW8UqxK~${COfw*{TU4XU8a
z-=CQ+47i0j$NcRRZJVA_Q_4s+rj({uO$xjj^X`1XnuivjM6*T~Z%L&IQhs_xcEX#!
z^y;+p@ou%;hWcbzZvOr20y6*Uxc)JnpM0&JZi2{+B+vd@hH?(H#1@k<P?~3r{vg`U
zT1EiU-+F5JX8N$7oMjK*M#0Mx!h5NyAjPNN<0BM{u4}fDHP&$}8>-GWpn7Q?sT=%o
z)rXXJf}G|lk7d9e%ioTM%nU@N00osh#RTc&AfU&t10%6dX0o@caEpVAV~591fz7c#
zi^bbG2Yl9Yk<xv&kvL}24V`h_CAX;}2{MWj%#&B{Q4+V=&Uk*wP};wCQ95_>7=W@H
zGJXvHhvsbaUq<le2me#p{{P=j{J)dfXK(%4c3Wte{JkUb%yWDzh`QrkqfZ~wjRIy6
zEgtryh_o`mh9>{5GXMWY8}(nlclZ9?105cZ(yO%pQ7!&|-gAK2w>;pVY&TtLa}Mi`
zUoBmeulw~69W}N6l!kRWCmC%Vv9i34A^R&f_PTSA3(8WrDk`VxBc3TcC$CiHM(wmx
zw0GRp_PV*P`kf?HqzS2zamxFB>#4*zo=vZw$}`@>wtNk)x{@Nmzuv5X|4zHUcZ~Gp
z_3Y~L%RgPhmsQk&e6nNB1jLdPfYc>Is&?xN`Md853dHh>cu=IdR?YrnKEtMTcH!C;
zuaBb%v&O5(Z65sj#c-ON<Ob#1p4bS6H&lz^Bj@&SNXnhN<b8VOZ8+1F0o+hsD~8r^
zp6?0cl=H6I>hZj&Zl*Vmz4wPQUS-|>132F&3a2EO>dt1!*E(ta#b15myg@x6f@<#B
z=<sqh8BJdtA10{$Id`MQ{vK{yYoqUl_ckRc5NN3r<L*U$&<@9H(kib}kT3Y!^*alf
zLp-Wn0Of)JoYX6ggtD=n1{YEC)(N$Dhi!4nxmHQp(6ls%PVA>;RnMWakiQr8%gGnu
z;q%v>jn05emx_^!@{qYB*@{JDk>Xddx;COOY>e5q<?a2fp|Tfy%vxWI54`k*e4hBA
z5@WNw0_bytqc&?7j27s?2rXC5v=(WgtfiSaM=o)&s2ne#yEQnC;)GGtsn(xS=AGP<
z5R8L`{1tglIK3e~eB(2sp>`N52Rz|&#VKIIrg5KlH*>ZeSNoWAg-IoC4AHvSyYAK<
zDY(4-@3Q4P)a;p*Jy>cUJXjKW265BcZ+}cE&Cw^YOQG?JRuLU(g&)}R?X;ch8|qO3
zcYz1NWd471CSFuG19%#+N@P=X*h^DB9@QqFfZvu!meR=$npL_&)tFo;Q<qwNB_Una
zIp6!Q49H0B#U>&5g}>9?)<NlmHi|}`+57WaKoLF)2gDV8t1i|0s1->wL)9qs{jlxN
zH5FILG4@{5^Fx&XJ?*HdPtH3{Hrp~zOQ@-#`Bz65*1&d3bE6jL-m7}cE?h2tJ4CFm
zZey`8t;@-qyNX`@E@&cW-LWdSfG=UjcA1cSQ>HF-<)l`l^*h$GoOHViAE{fgl%tfg
zMSBN?@q!KxU)((RPD-1-C7|;ImKx22w>zYB>-UG0+f5wf9<fpue!Z#DGLd@-n}UhK
z>_4c%+_YTJl)pr_JdLt@{2c;SSL;}FDXW}G8E;=lRzO@rFZzUCro;@4rN)G&j_0nS
z{r#GrY6{6Y+8OX?doALcOv>FRI_dSmY{IT`&Md5}nhC|ntba*w`?7o7R4OVL>trP1
zGhDetX3Cw^BdF3j+Y|->TGZ7R6Vy1ayd_N4SN7kS8-T~eM3G>nN%4W8c8zYD>u#oI
zu1yN*DmGp~9rVA;nD9mdgH<h?qJEUky&K5Ozf8Za_j1Wx=l$VmR0U>H)sxgyw<|pw
zX7YicAA8idMG7%4Se52nqB%G2@0_U$_o_qWdrM*|Eo%i3#&vYTi)Ussld6LnuZCr{
z{{FeIG6HknzYpJ@v6%A2OPO+hW&^A^DztUL!R$<VkOTi4zph-|k*p{d3=_T`xm%xM
z;1+%(HK}7c+hA~eIXt@Rs8?8XjX;e+%SlXgoo`JRkz`MC_UmX}7q55&_bQyC2KI+h
z#E`Jes`*Dxp12ZMWgn%_wnW;m4+}RXN@%jyQVrNY&+$o3w|{nX2_+Kg<NiHc2cGp`
z3@A3~f_xkf5pjB&?-;S#I(0Rxky#?<m6RDKOHJLnLaqL~Rv8}f<a4052DngT_$3YM
zInjC2{Ah5dHx9NOVrO6@x%gr$hRq;UZPgc~W77vp0^*D*(%|=1PH4g&Yp*^%$ZX(K
zcJOFxtv5wOGTC%2x5y&LOG+_F^0FQF4e+1~o4m&Tdb_#1bGqYwWX8%=(0t#yy~heP
zjmPVQCT_;5L7Imbohp?_eO0M`DmiQ9&SIBN!)5*iy%a%~ZHUcvzFX2q$k$oqI#*pP
z2%Yv!Sro$vOs+fmu0-?qvqQUV<6j@H4sO2njLjz(WZ#qy6b>qk4j#E5r`CYEdg|y%
zVqS#xo-8+oF9Kbc1$g$=nH9@Lhc<T$Y8Jm1-{|a&518;X;X2SlIGZFUkL>tkC?7h0
z1o!bXqiO1x_Qt0%=0eq4nFW&{X>EXV9*!;;Un_004pz~WwI3Ze0=7-|CH3a{=~8&v
z*$!+zUXYzU<~M+Kl_f*l37J0l4goF3ZkA3z*aY<SZCc^UBvJjPzueeg20n;mB5!?z
zW<;=GrBwx_R)of%QePhh2+I0lZ&T#VN8IgL;ir+qLDhlsYCbAez^}~U`?5p2GJ=<6
zcj-3SD@NEZYi<u?wf!1b6d)UN7ekov`ml9CQ}PjVOByMcg4Gq)6f{<GtI+8T$NSc5
zn`o=0-=wLA^qtK$>oROrLoK~*caYyMD@@!%I%*n@grNQ|MzY)TI`}wXE%09*CmWyz
zgU4<?-p2`4(#-3Nqe^!3HwsUBTJsMr9d-$%U4=29(9nl&`MD1U4Qypd1@y@bN0%?>
z2OgDsVKC?cb(R2`+iT>3rEc!e{pOPP-CBZ15brbPj~z^3Lyf<86>cp8EqDRs4OkW-
zDw*cx0Jz~eD^}h%CYdhAqrJ7_M&1M~Y;B?|44n=(0b8FdR@Bmi>0EQ~*??u8<P0Xf
ze?XN^hbuedBX14LP-gC=MK(h&UT?@%aZ7XWc#{g3<}X_O*T>eNCL10;tVVX}sJKI1
zI!PR9cC5?tQwXcN4_oNSc)+%no%<GHEbq8!Il-Uc*wfH(+E%<K5i}21f8!%GcVW(L
z?qvLVxRz~Aa&qWZg7QM1s~AMgLGM}g^DEaaxYg6e`R_olqYu_5!y=sjts2fCI9`i_
zwB#t{nGo-fZCF_h4i(vcdg9LSSOjkleCBa?DewKb**X4_%g0RyYJh+tGxxRNkmuUj
zM+Y8Wok@G|nMO=~nQqXMu23E;KLWdK-j#o-R`lS_;VTwzY8DbYot5%Pt8LgXo2F)9
zEP8pT)P&NpIxxbrzi1#`=9cErmiu$#yq=veDJlp1#QKSpEM)C^{)}gK^{vnnc$VEq
zfyVnlTVSDX0TIY_)z5Mai0Md6ulm=8u44&Fe*R&;847QyxbI;51YtEHqA8eR++`P;
z8Z4(s%*o{cELVz4KAt9Q>mh7D7Re9fBVfpxt|SJ%#M+=$8$qAtK|)}%MpT%%sn0jW
z2&ob?&3_LSdelY#%kW?gC~eKGrGn|O7CSToKA#+;G%%u^wp@AkhndYHqdd~!iI^jG
znw3_WNBgVTPE7z}k=JYY{tot3LD*Q^WTePs7yZDORb#Y8`C8f3XKZ?R7wbHUFVMBm
zG-+|~USz#V`73GUm&6&X1_8&E<#D1t6lwyP-&Q^}g(cgVK66;wv4@YMlGa>uZOoD>
zVK+rF)j3!l(}mSsQ;m7ZeNqQF)Tq>H>|W6C0RvK-8u6FrX!UUF!eN)%oRZ}q8ap(l
zjM_>esLxEX=akXr=-NZ$QOTf{j`TDfro+Abt@0^kD!~&*z0)|2R^IQJ6XkHeW*lwW
zp9_{tJL#vc$gK3UXyrGiq~BI8)AJ@lZ*6=@z;FakPiV{#+|XHlRwl^l>dZ9y;M2`+
zyR&v>z7-1Ete@xc!kn>l`kpVa5yqp^izXvTw0&@G3Ccd^Y_3(0Ix!8+l3}#YIxIJ+
zqaBls8sEGt=?h7i5vNW&vI477@pg~lkBA=2H{7I$Y6R>TdmhVsY4pblzb-MLRSkc8
zM3Q_+gUQQvYA#3IPnRk@^t76c40_zH)?l4_^2SJzTv6(Bet?Jepttg%GPK<js+Y1*
z*{ft_ob$-CVWvu<Y(R8^^e>h=^7?0|e|3!MATsQ=rjhg+XOy{_kDH1SJ7ZwwXNw>k
zqm9*-JL~!R3ID#c!THO)YyPue(XpS{FJ)^K5@w3jbcHl9FFQLN`J*nMR)P%<^A>BO
zH9rm%DSarKY~6Z|duNBaOhAf+Eu40&Odj|k;}ei$6n-bx#{Yj!PwVNN;Jlk&^FVdY
z_2)Y+<G0HtPxYv-O0=`uw%qp5!Be%#7oIfN-94~O?AH_J!yz0cm0IzQmv@-oD{%gk
z`Ob~=_uremjt|?eJ*^b&3%Y4DssBl^qPJb&#*Lers}{;?ozd=Hd~4G(PI=koHu5Gf
zxUTQ=on7I<`*iy!TN{p->*c0Py!-MqVs*;KFxHLBwN<wt2Og;M$LRCY*vDB?bJtwb
z`#V)B-s<(@o+*>nBZKpPuGT(z+$Za%SMyexo1A(!nVEk!^k?r35i3>Vk=M;i-CFrM
z_0RJOb1h1FxSP%YhN?PT7UiDsW$wJbWtA;YgI^cjul@crwIyff)NMX#ji18J6;?HB
z=}cZ^v!y85?_QL{vTNmwGf!FCPj!C1z(|;F(b2xkz~IXg(F&h-e|>+=-Tfs!xmlOK
z<zD<<SNl7xR8I?7Q!me13aP2*eJ#wp_Dk&5HD$5IDyKJ3TWfK7TmQTpi{CvuSrPJb
zE^x8k$K^j)d$Ro15=fLU+WW>`I7HwJhheV3U4iubuiLm|Sv5)$E}p!8Ed0Ky?1e+8
z-`%=U<uci9OYd^#9=-F^y*^(sPAWaB@P>Q6)3mbo^5hijeQ)n%zG28&yE-c0HalFM
zBRXAnkKVo?LiLvuCS~2YmHF09(sp||dvnmdu!X6aRl74aY${Y<DlGQCER@%8n0#-Y
zuJ*RGSBetuNB{J&OWq^%^HQXI>XJD&CzaOLTRvSMrM3L~-Tw{u)3(`6mCp@d>KgLx
z%ZY%wTXL*lOO)KcaJ$$q?`c3JaO-bz(Kp$%(du_(%kCJ;W$X2>KefB1cFt$s^X}^A
zvA_8Hd!xjkuGcbC1ggotEw;<hfX8H$%G+bEtgMS{g1?{G;PYx}a@vnCOM^a#J@tCN
z{KKCWpMx#`t~<RnxvTGU*}AKRzs{%6dC0tMNf0P9w8M8*EnOXU>%R8g{m<0b&Oc|q
zs-@k0!mGV<PC;jPuDDUTVa}$dg_qBnmd4(5J-zC6@#bA$SCrbltvmYR_z@B5TlsP=
zr>|WNd%FB$1u$YB%ar{P{3!7`e6!_5;CUhMDieElf0-x#*#BvC-b~dyp~v4pyq3Gu
z$%bX>j|aEk$8LWfS2q9rKSjBqeQ(1fPu|^lRqdmCLY)2I58b<~Kb+3{Gy8vc`;_&e
zzo)Hpzpr~osascuKQrQ**RsiJ&R?64{V`3y#$*0^Rr8(o^8G-C`3tX_6?n_kw`Xs2
z`CQ>~IQT>1p^vpS2Fn~cTdzLfx9-5!S$apibvAXpzO=ME`{t%p8y3$g-+u*$0{1`o
zcIusdb!qiFrYo-5$`=BzG_BH`a8f?R$?DVU%;eu!`+aOS2{SlZCEiF)TRcsf_0KL5
z-vj-}yzVw0syn>s{HuQp^!iyGj%LP(+rQc(|HApPQ)Pa{mM_dFWOkd(*>f<U)_rG4
z&oLjy{$IT9SJdaO4nErYd+)FK%dP7_F5Y9V13gdb1$6qGw!1WlAHJFS?9P8?0WoI(
T{HQt$(6EiCtDnm{r-UW|>N#)(

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index 181eb6c2a8..7aefb5a1de 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -123,13 +123,19 @@ This card lists the parent web content categories with the largest percentage ch
 
 In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
 
-![Image of all web protection cards](images/web-activity-by-category.png)
+![Image of web activity by category card](images/web-activity-by-category.png)
 
 ### Web content filtering summary card
 
 This card displays the distribution of blocked access attempts across the different parent web content categories. Select one of the colored bars to view more information about a specific parent web category.
 
-![Image of all web protection cards](images/web-content-filtering-summary.png)
+![Image of web content filtering summary card](images/web-content-filtering-summary.png)
+
+### Web activity summary card
+
+This card displays the total number of requests for web content in all URLs.
+
+![Image of web activity summary card](images/web-activity-summary.png)
 
 ### View card details
 
@@ -160,4 +166,6 @@ You need to be logged in to an AAD account with either App administrator or Glob
 ## Related topics
 
 - [Web protection overview](web-protection-overview.md)
-- [Respond to web threats](web-protection-response.md)
+- [Web threat protection](web-threat-protection.md)
+- [Monitor web security](web-protection-monitoring.md)
+- [Respond to web threats](web-protection-response.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
index fa838cc1dc..dd52925080 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
@@ -29,7 +29,7 @@ The cards are generally split into two categories: [web threat protection](web-t
 
 ## Web threat protection
 
-The cards that make up web threat protection are "Web threat detections over time," "Web threat summary," and Web activity summary."
+The cards that make up web threat protection are "Web threat detections over time" and "Web threat summary."
 
 Web threat protection includes:
 - Comprehensive visibility into web threats affecting your organization
@@ -38,7 +38,7 @@ Web threat protection includes:
 
 ## Web content filtering
 
-The cards that make up web content filtering are "Web activity by category" and "Web content filtering summary."
+The cards that make up web content filtering are "Web activity by category," "Web content filtering summary," and "Web activity summary."
 
 Web content filtering includes:
 - Users are prevented from accessing websites in blocked categories, whether they are browsing on-premises or away
@@ -46,6 +46,7 @@ Web content filtering includes:
 - You can access web reports in the same central location, with visibility over actual blocks and web usage
 
 ## In this section
+
 Topic | Description
 :---|:---
 [Web threat protection](web-threat-protection.md) | Stop access to phishing sites, malware vectors, exploit sites, untrusted or low-reputation sites, as well as sites that you have blocked.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
index 8bf7647688..66e0e293ed 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
@@ -34,4 +34,12 @@ To turn on network protection on your machines:
 - Turn network protection on using Intune device configuration, SCCM, Group Policy, or your MDM solution. [Read more about enabling network protection](enable-network-protection.md)  
 
 >[!Note]
->If you set network protection to **Audit only**, blocking will be unavailable. Also, you will be able to detect and log attempts to access malicious and unwanted websites on Microsoft Edge only.
\ No newline at end of file
+>If you set network protection to **Audit only**, blocking will be unavailable. Also, you will be able to detect and log attempts to access malicious and unwanted websites on Microsoft Edge only.
+
+## Related topics
+
+- [Web protection overview](web-protection-overview.md)
+- [Web threat protection](web-threat-protection.md)
+- [Monitor web security](web-protection-monitoring.md)
+- [Respond to web threats](web-protection-response.md)
+- [Network protection](network-protection.md)
\ No newline at end of file

From 9b63bbc0f8eb21f42278a8669a14ff5ffa0def12 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 16:49:49 -0800
Subject: [PATCH 061/247] Added TVM APIs

---
 windows/security/threat-protection/TOC.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 1d0ce5d117..2af50f3e0e 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -390,6 +390,9 @@
 ####### [Get machine by ID](microsoft-defender-atp/get-machine-by-id.md)
 ####### [Get machine log on users](microsoft-defender-atp/get-machine-log-on-users.md)
 ####### [Get machine related alerts](microsoft-defender-atp/get-machine-related-alerts.md)
+####### [Get installed software](get-installed-software.md)
+####### [Get discovered vulnerabilities](get-discovered-vulnerabilities.md)
+####### [Get security recommendation](get-security-recommendations.md)
 ####### [Add or Remove machine tags](microsoft-defender-atp/add-or-remove-machine-tags.md)
 ####### [Find machines by IP](microsoft-defender-atp/find-machines-by-ip.md)
 

From f527ab00a00e245469a5b50a1ad2ee8903080a98 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 16:59:05 -0800
Subject: [PATCH 062/247] Update get-recommendation-software.md

---
 .../microsoft-defender-atp/get-recommendation-software.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
index 4032adfef3..e8473ba5f8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@@ -1,5 +1,5 @@
 ---
-title: Get recommendation software
+title: Get recommendation by software
 description: Retrieves a security recommendation related to a specific software.
 keywords: apis, graph api, supported apis, get, security recommendation, security recommendation for software, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get recommendation software
+# Get recommendation by software
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 

From a28e30170e2b4d0d2ed367ed8db168e197d33d91 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 17:00:09 -0800
Subject: [PATCH 063/247] Update get-recommendation-vulnerabilities.md

---
 .../get-recommendation-vulnerabilities.md                     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
index 954479aad6..48f13ed4b9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@@ -1,5 +1,5 @@
 ---
-title: Get recommendation vulnerabilities
+title: Get recommendation by vulnerabilities
 description: Retrieves a list of vulnerabilities associated with the security recommendation.
 keywords: apis, graph api, supported apis, get, list of vulnerabilities, security recommendation, security recommendation for vulnerabilities, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get recommendation vulnerabilities
+# Get recommendation by vulnerabilities
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 

From 5f669542aa3ed186f109adcad4f5995375858c10 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 13 Jan 2020 17:01:35 -0800
Subject: [PATCH 064/247] Update get-recommendation-machines.md

---
 .../microsoft-defender-atp/get-recommendation-machines.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index 772dc4e34b..0060478641 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -1,5 +1,5 @@
 ---
-title: Get recommendation machines
+title: Get recommendation by machines
 description: Retrieves a list of machines associated with the security recommendation. 
 keywords: apis, graph api, supported apis, get, security recommendation for vulnerable machines, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get recommendation machines
+# Get recommendation by machines
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 

From 5ac23d076d488514138341c379146e9dbcda1764 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 13 Jan 2020 17:16:55 -0800
Subject: [PATCH 065/247] toc

---
 windows/security/threat-protection/TOC.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 21b8325782..a6937a0472 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -32,8 +32,10 @@
 #### [Exploit protection](microsoft-defender-atp/exploit-protection.md)
 #### [Network protection](microsoft-defender-atp/network-protection.md)
 
-#### [Web protection](microsoft-defender-atp/web-protection-overview.md)
-##### [Web threat protection](microsoft-defender-atp/web-threat-protection.md)
+#### [Web protection]()
+##### [Web protection overview](microsoft-defender-atp/web-protection-overview.md)
+##### [Web threat protection]()
+###### [Web threat protection overview](microsoft-defender-atp/web-threat-protection.md)
 ###### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
 ###### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
 ##### [Web content filtering](microsoft-defender-atp/web-content-filtering.md)

From c1462bc1225b6f1358a7e65428c5286577eb7c10 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 13 Jan 2020 17:21:51 -0800
Subject: [PATCH 066/247] shrink images

---
 .../images/web-activity-by-category600.png      | Bin 0 -> 41138 bytes
 .../web-content-filtering.md                    |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/web-activity-by-category600.png

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/web-activity-by-category600.png b/windows/security/threat-protection/microsoft-defender-atp/images/web-activity-by-category600.png
new file mode 100644
index 0000000000000000000000000000000000000000..d01215dee9f5b141965225e5a5e0d76ce7caf2f3
GIT binary patch
literal 41138
zcmb@ubx<5#^!_=x!(fBE!{APECqR%SxC|bG2MDf%1`kef2n2Uakijju1_%y8f(F;^
z_q)H^f3~)Ew|1$bnxUp|H}suz&v`!2xzXCMRPeAVu|XgZo|>wnE(nBd00JTTW1<7U
zA#Uim01im*x+?OZ>T&9Q;03CkoTeNIRF{DBV1Wj_#&T6PbO(VTEdPBYsp&GGf<XBy
zYKn4iyv>es(EQ)%6Zf-W5t*QL|Ni~kblDQ^lLAhE*?ND>3li+`&12w;r(4*&mj3oQ
z^DoYqM3^b&X--hk@?YtWz=@p9Yu9srOolM9Jf<7@cyrf(KQQ#kX~PJCW0)8@HuS$E
z7(*dM>A&M9jJ@`M-c5~*2Kn!-D0l&a@qf<dBQf}&lkp>vWBzB5?*G#u|9)XszVJF8
z%9Zll9!_R!=FW?VB%m7^`y#sI^vt}~U^lUSFjsN@aO=LDM(}4Om8(AJS^DfM@cr_C
zH<4HqO#m_Ijl@f){r%&fSaC3cE<FM-=yQ|9!VMOLmzQ_{LPaH$&!WBE`%JzCZ6E~Y
z{_EvQ*XZTpf|IedG_QGQ3f9)3`WKO^ou@~?=Bki}fcua3(>HeF-lzFaqmdzg)dqDv
zDZ_Lh?yqQ;_2e;c1$-WE>K-fx8XOj?e>MA4^NGHx(9<N_%KOyj{%52o9B1u2=((oS
zsOjZE998K*lw02$SO_VDC8}XpV9rXrPj9o5^~AAhz1IZouX>x9yo~d9pVuFcmROvf
zoi{f(3ztK2a8VT^ag#V+vpOhz{P;1ATHO8RMvoG+N$Y8I5i*-$y|r$!s!lW+Z|;+{
z=RwND)4j`w!+Gw<M;0W8l>&u(UV)=9e@&=SqpDG}V;SW9`BQ0WDfNqwP*r|Vopy_}
zDThvB*qa(N(~rk1`(Dsv8P9_^w@>#cU*DAJPIm_QHGtZy?pM(V?gZ_|qgq;8oJI$c
z7G(TyT=UIP9kr5K<9wO^ihJxOK0N%Jpv!Ki5_N9>IEFy1g!%=1i$t-(n^1<qbn^Ht
z<Vk&z<Q^@$X<vMF%<+;z2akVMPuC-eFY>wAOM;qrnotVAXTCn}5cpv7-9s%))TP>~
z&ZO;wfbGu=`VM1uy6gn2(G(7*pvTK}$$*1H8u<>bY%!hkH)V`0>S-zQG%rSe|M2pp
z8)-LgaXvq4Sv%-l3%no83;FYK`)|5X3FnBHl=DrZu)}<N3+M?JlFDN$@ff2B5~@UD
zEmBKnO`TEpH=wu>`%@s#st^%-M}_5ox*oE^p9%NlS%(F$Eylma#+G4s%~5II(uN^n
zuzTEL5F9%&`1(jquI1*6YBH@<{#l1RmAx)aJKq_#r#xBfs)2}dY2L&*?MY4*DkUGt
zJkaYDDo(vrpe3M__?!M}1?9GWf*`Pqo4^RNOR2Zj-E^|ru~k#V=rUBqVuTV}KM-g#
z$mvy#ay=k&f8PC+%%=6OsBzjkL<mMj>5B+Kwh0bkr!zrWJDP!Sx#ha}_}vOC7NcAS
zpLhF+4U8nD>IFMkEJxyNhds!^10$lb89BbG<r~yl3II<pQ`9B*;bKPX{7+uc!41mQ
z@oz5RA2;{dU_161laO(**j6StDPP?0s`AwU9akS3vco_ug+%ib{MK@R`s-(AHKOG-
zUW}*@m@WG=rK9~ZWRFcv8T?i+uaAE>RXsgkuW>qG9WC1}AJYAta$0Uq6?fkq3d156
zn#H6GR_Z(c{ljK^C~2u$ArhZ^YcS#Z3*BfMHy7|1ru}NLQ-8QQv-!JN*SXa57k<O}
z=38P(f%~8F>9W^s;sJM!X4j^-z=w#}SrUs%q>@_ZqX{u;YS8#r_M37OB{oC<#AuZJ
zYjxxqG0WDr{cUm21Clc1(q==sx5*JQkL=6MP7S70UWvh=_bWGc9IwBpJgj^xpceno
z*L+PXhR^eYTEA$3K)1{iZU5IlEg7^}WiiJ^?XtUow;blxl@B*t37Z=m3^YH>|E{#T
z3(N@38VNgOkoMZ#E|Ba^C_gfG1YPYhR2em05Yr63J~C>u{%XkZ_xBGKPXFsFqaYEN
zC1yA}o^JPiv6>ad^@+i)!;Sg*Oak5mI`qM5y0xyX)$r~GJ$p>Q?WIwTGYyB$?7x$)
z$8s+6?Uq8F(J!Jd%`_Y(DBMYORI>}D?`2<Qi&;?WQ{9&M`)IE9VRgpYrP~|0+8gc6
z{P1$&&WocG`Q~^1-7r;1*q%-%F#8h~X0@Izi|GvYGra5zg95q(tt<C7&0rdrvGUBB
zUBa<1uLrj4<DKxnRkiuo4=mg#5={=nCNql+#q>V|A9wUSL{>1r-4mDK>O3X?9O=oz
z<wGn~>L~D-cUE>`-3FmQ;={#JwHB&PJtb@Jupz7&Z}^cO?oYZTx)Hu1(eICznx+dB
zFlfk-k*7#_OvGqffT&X0#gD)7-Bm{}xO)aH?eA?mr{HR6^<I{qJpz}45tt#VIAlDF
z&3DL2NTbxO%&i@jZm1BU*e*ybZ>0da3ZGu3amy>;41Vv6y{Y%&AB4zdRAR{sg7}B8
z{{DK+2CFbZnvNfa5FgxK9zGtS)TZE3i)jzOj-4AKJ4YpSJ>OQVBHl(>*3nW=gHAbE
zd>Ax%7ZQL2fldYhQ}UlN2m=i@t)ilWTFe#E+)wsXMb&Dl(ca0}KZFI{31uNqCa9B=
z8>+pKL6FqNWBUD_X~#ql<W{z$z*IgFW`XO9w}LazwvDx5*7m_BF(M?2km==GXMk|r
zjkDHJA_EH$ytDp@xoxU`BH{4Rp(FSCw>x((_amNG>bsEu!>Tq<g?^15AqEQ8(u<`_
zR>7bmO<*C>zeienAq{+_W~DKvKDCkC2ixE*DBbQ(<eC5Bm_7P&-i^%lA%*?(z{<s9
zT~Q#h2XG~3uWA#bDH2>x+BniUKC6gWq8{dtV_9>`Z=h*%@W`R;wtvNn(Vqo=dQAE?
zV}E~M@1$MpdIn_*`^C4Ju``)O+&0u3h`kV3n=tFpu*+Zy&|s0fkZmd~h^G{OIZxRi
z^U1jGL#oH|tRY7H6AHTOW?%FUhG5dx9Xkw%eVI`yW`tC*+t^vlgH>==t$L+x%$)5v
zIyMQE-D#<je<8LY?xr*%uK1fcS;-rNNJOS!>CXI-@n<HLSC2Gcp|sLfEt|hxTh;?V
zGne)W3DEVe&$l^ZPglxGqwB*BMv~cTcDrc}B783oIHY+4tUnpHjhokMpKp(`y()1u
z%NUsZ>LALUm)qexiawL6trCt+mS!Hi9!<)X7E5toLzpLHZ*+ID&wYEoBWRz=0*}Of
z%h0@vOHx~cM=P}G5v(fU@`Oy`crZTmFV%r?pX&0O9a!`7AA~K7p~ju^BNTO_cX?AE
zZYCL)bvk+GHv3~ni-%t`8=h}}7Ix4ZV_L$L=qb^pVgc6HrA*A*AdDW{V2T<(4uo+q
z77ds8MT?p3N^f6|l;6iAeb>t(nJqDI@cMKVwRru}%Nn=?A~i~lTO)&S34`Cv>T^B9
z0PbL%Tq;Fw2V@;p#9))xV8g59DvsABL+FBmK;EP>6YI8^)%bTSbNxe4U4eY~bk~jb
zNQ&B^pT=}Ndd#~hd5s6v7Xy^7@(f~$tSLS-C7PbP<2Jkej*+spvRU+)M9ixB5J)R6
zKSL3<4%w+Q35TvCHv{`?O#Y~h72Bs^P=vRlIDJqnFO(@`mfv0>qa6#=s&xdyYgT!Q
z!MD&|9)7qSLr{#Rj5bR%9WD^Lr<?^+6x-#F62`<Z5OB-!BE%O%w+~m9Tbgp#?o!2>
z4!_t~0*?)ki9H|IbR9G!s^df=E;=|oF#pIoS_NvPuqQb=Ow!}M)BlEoDc5M>-y++=
zFc!j1U8^liC%YW{PWdh$2Q-bj5pi^)`wBt_txb%|R+f~-D*AB!_ZN4WZfV*ct4^8j
z*XcDdwSKip>IKDgg{66?W80_D0)<Fb{h6Vuz41I5Hc?0EV^@n_H6VZsTkW;7sHaZ%
z)a$Q-kdf<No0$>B>6(?p$CBAPodqg)n_ZSmlKtl$e>GZ^2<?YZ;?pd>&CbqYv5rbC
zkIl(8v!Pq~Y0Da*FSt%Ev3IDx*6Ieg7QiMuSfC~O_-(S_f?D5QGev2WS&g}Qzcy`X
zxy`DSS@ZL(`OXrt@cTEnyI)+I+&9Vlyl7;Osbr8Ckom*fVW*0b9M0&Pt^7wJpmy64
zj1v1OrENkUt>A&@znLx7%xPaHV#p?%{N=+i85qWbOYB8$f*ZH)z-hIt9|bEucRkaV
z!4bo+*_xh!kj*R{%dXVX=i!x3DeQ13EIBKsQQP!0IHvozSL$hwVk~%S?LC*$r<Cv0
zvH|NWh5er#?t@dow<~p4k=P6C@iR=@?jWuM>43X$iE<AZmg;=XuxT;hi*EzE7M^j#
zgv8R2_>4(DeAw5xXlDA1Vm>|kacsSq`6}ZIM9*R@sZ{4Od>DKAsM`{Ao*WYuGxlXF
zr&@(xm7`xk2soHNY_b;>hd)x<EMFF>sc+-OKwBJ@=*y854o`oj2O{LfB&}k8E9JFB
zA{BUhkJMc+flNkQNm?3`i6Z$4A9}YD(h2Ga1R|DFg*J^9W7+?Sw8@N~-lD0;ApW9o
zycX|Rf{PYMPap-QI^3!DVS{&9$OOktK@~3S+!YOE1MgJhcf=9q{<VC~tN~H%QL?lA
zmiOAZLj;Q0?b0C6Pi=)j(wIfILdPSPGPaCp4-qoHjQL)#D2*`h<5;LMH$No4BuKK4
z?zu+dIRNUE3VxLRu(J)#e5al}Oach>H9L-fi_3zl%mGV&1u29#>Sy`eiUaB}e^_-R
z#=;=uMlvQeQCb0A^DqC*Mgp}o<FDBK?ywvYO(Rl{$XHdx0kd3a7^lSgXLnI9ZlNAY
z+j?#%&Mv1PS46*AVTlYCeE$9F@5bIBa0}L-9vUJWoo0-#C@$%Gxg*+YTrBd}X{CMH
zou_`A5i`4>=(S~+5W1{1>NuNp@!VgZEDYT9Bui5|7KDadClFF;4}vpTUZ#0FP1b8C
z*^Ue#TmHHIN0zk)Ro?T-eC4`=s{y3+>8Hw#i#0slJlS3J1!F#h$Qk-N(o&kY4^PW3
zcM?$<$NXa*{%AU|b-6GyUbB~1)W4d{&j0Yzk7cza7AnQqS5jAFR1~9~Tc>iPkNRC7
zmxqrc-^vFb|B}kYvam6ar_flACS;0eCiIy6QxahPGehk#C-K>fuiCO_5H${DrXiA%
z%>b$e!G%%J^jy(84#gt-wSY|P4Y>t!$Pe5{vH*O#Sg9)*)v+Bx7$z%)K~`lawmKNn
z2eJ}obuDf&{qa!(Nr6O`TpraDH#i;H3cHd%LyZ5p7X`!sy3QwExR*xF#)TvEFgr}e
zT=bF$htr><ZNS6Jgl(-Dq8=e&tlFOpBAASL$>Nac5Y5(%7wZvy4<Qacn&JKIVWf}&
z@EdYsq}`uhga);V8@^G(@<uRwI5-T^Ap1+<!XmzD2`!9nz<8U$Gqw#IB9THd0@~s`
zKy|-ZmNl!>j&uNDE>{`~l8(Gn0rjlbzuZ`=t+bRoWkAN6myMD!u$|IN8pxOJe7^ld
zN9yi6Q&_e2bc5P1I?`Wm^%t&0z=$6@OXMcTy6!VX9E;n!`{O(h6~f7?9Gg-9e(q&a
zU|xpuXXTb&bKk?XQpd$sxlOjHn%(yr-wjN=H(!^(vF9-FY+qyhR2704Ip2=1$)iO1
zxi45cS7>dh4uxF?r<SYDluTFo5pX!@Y3N}n6ye#Shr9ooKr<}k4R|16hOmoOKEdQy
zoY6%w+Z*iz;I}9!aYtXP+zaGkZg7M`q|zNw*%#a+qu9g4vDPKXCF|tn%>b>!Qz>l0
z6p@$rLf@GbiWF^!{^?%%=P#LIEa$8_Z1kGE!1wIHgG;Wr8O@B}>4GLYI>4eVB*J52
zPT-hVm!YpHSl*LpCI>i@K+VYMkq#g<&nw~tk9d>6j#t{8(ChUpx`Oj_PcK*{{#2X3
zm`kNxEdP@DtO84oOx^$D(y5aUVfE1HBey%4Ei2N)hHAim_n=<!<kMNz_w)%nF7na9
z`Rpy~yE9P8vd~Zop@g-y%Wy18t1pk1!?dwut_^ao!p<uO+%$UZ=zU9GYXPOn^kG=6
zaz9By^Wb8v>u}FuX_0Hw+CFR(*DIK0gljFUQVN|kq;?7B+!IJ0DS(fgLW=zLOi?md
z6@D5nhKrp-cz~sK(>)eNu(``uvYCr?@{cE3WEwAqBurG19h!yN(~NORoS{ANc-rlC
z_)prv9W5;OZ7KN4Rew2QImC2X;yNHi9c+1&ZXP&QYDU-qS!_yVjgo3aYMm=k2L*2Z
z==ee<PpPNYC^gHml3BZ2a3q&vWUul>4=k*a&2b+erERW(sl)m>Yp;7a0|fti8{BGv
zZ@V<hEe@4<@d`{l`qk~(Vs0i>oR-eucB#M>u`Uhze??DE#%WpIXh>hw)1h;zc-1xp
z5~9+4qAmi&LZS0h{79_+tr&!|@t}`4Q*5s?^0`E^QO=tBvs;!N3HE$Z)jqQ(PqJ3M
zX4U$PjE2*(OWTNWplPS|9d7q=7k)=2TgCP&TM@pR%&b=4!^Ez=|C}+m1jJmS9Cm`@
zWlpZvNj|UzDD3TUpmr^SQ{Z*UPfACzpeIT0iJj5(=!W6ahK3lz=w;9Ta15Nu4Q{@7
zjLq+-deA6waTaK$G2aZ{y2d>@oP%(TR$9+yFM|!lQuedO8*IYG2g(I2b4Svjl~Lx|
zz6coCS+-pqF6g&d?Od_e{~0Q%dmojq@L;SB7h!mIkrlE)MB1QOamn*fM)LbuLS^&9
zzEs1yLn+^fJYg1uJ%(t?8-Rb|u&c9MRMv%&^}&V3nG})q;)AWo6^WV+3-PZ*ZTjx;
zM44G@0A1;jIoxd=+hDLS3=JA+wUHqm;M*aC2;eX1*+jdhf|!NuFtPK!vK#)aq!j5%
z+XtzXBxkFtL;Dv@x)$yyKg6I(PQ0-M_pVc<WOXhkmL*{zK@LSP1lu^#)g}n^tyul0
zx<pqeI>25~&dkS8#Gj>sY^15<yOZsfc_Gb<##Vs6YX=N1dyua~`38`e%hjRYggBAs
zfpl&#BvIyLxUWipd{p6Yxo`AZ87(we(|BBEsevgRBSY`Gu3&VH$RnsdE32EIB;-~|
zmYUx3)<O%-3#umvrfN=4Nq3$7w8vH9b9#v`CK%O&*BlCD4H5^I_fM<&XOjN{OXPfk
zwCw7Kc*?m=GGC?c!F<&pJG~eePG-#|p?d2xOHv!JlNElh^v^`2-{h^)Eek*9e6M%y
z_P-=sC^J^!)UQ4_>MjHqWRdY2LhUB9-;NSKJnX^VJ+Qxd^AviEGy9uN)Xd~<j~D@@
z38<e(#&ceHutdH>cA%OLxnGB8@R_ve^hPX2b;nUH2v=k8`Z&UagOPJ(Typm%30aEv
z``8IQUiC@MRq69;x6pFl6%z`RTaTo1IfSiPk9qyu<u0yOOJFJHgTXH0<Y+eqRYzC(
z*$ld;pJ&Az>_+!rm$H;nkXXz|{Gye|)cTmlX=?N@nZrt%i9R`NeA8B9*d4E4F;a2s
z=NHjDlOKVa{hSg()7HbxUdNIWe6q~FDjj_(qLh~7*=@6-H&uplg#{%dJ4dvmrg_w1
z>zXd;hiic@Ri0r2J;?>&;i&FfGM#S(lG(xSbJeD7llY253%INnsCX4`S7Uu{^37o%
zf~n9S(X`gO%j4DXt*AGR=t=0`^C{0(8S8UvXN1*y_qUO|)Qur8s8F-?kn!yTQmU4z
zQtbeYI)q%lRszbTO1!CaYDVwy&>(BxpAkH`Str}Sh!zqV7{5quLQG6s4d<uPqtZC7
zHL;+BBn~kR1R1nKkucOT&!gPX(_R=vBFE>o;v;V`AfPd+Xy?I=@*b8CJ^sOwIeh$#
zbnLHFC|1fd(&=+yZ+klUx(gk3%%TQ+3P~7|*L0q0jq+EL=o}Sjwb_7yjWESxO<N&-
z=(`|;@>*GC@j@OTwQ-43=x>esP#4;zV|Ek6PsD==CKg*kfa6^;7^TGUkuETKRF)F;
z47|WaXrfT$1;Q>2i!dMbc?w5`cIpEH9{$#zN-qh<Rw|p2453CEoY|RTwPc}*MU1Ja
ze;brarVP@QJJDCV6F<E&aI|YwF?Rif@4}+O(Ky*fd6t;N_{=hc>%&hYe~|mg8y5P5
zzdZwLNtf+uFye5ntLxKSOjgO;PXxy?7mNvu1O;J2y&azpVNc35g;lUTPg+HiMwA20
z7_=0@14tSVIm2W;%9j{;&+wbSKX{3Uj6+B<AYzg_*Q_}6%d&O@4xC2K?``xn!<~%b
zbVBJs0!x|Ht~ii^1%e+%hGw9)?;>-lwhFG5ZV;UdgGA}j100&-u}F@6aCbBI_>o|`
z5&fu^NLsNLg#(9Zlh-hvy48@dXskc7-WH6tChnkx!H)(a^nGC7nCQts9XKBdith%6
z<YiQ%yt)G2C-JP{TqAn0l8GxR!8%}CFgU}NfqdOw7MBR(PA)_L8KxFYI`CZv$OB0S
zK-nmAU{}dt7{ZetT#2<pYeGfLRgJ=rb_PGM>mv^XDVDGlCK5n17`7|@dqyy>p(Zgy
z1S8m<mTgz`?~-Ip$gX8+>j>zZvE|YJ$a!p-JPZWrq@50|dk244G_)d8d6cJ@f0rMK
zk|wT51l1O!vk&<uOPhqAjS&(qWX0e(C%#Ky(4VM0D-4+ugV3M66P&LDlY_;;a#u%4
z`^uDVrr8O8D6=TdMVgE?t)gKP2ej9HXK8#YdpJv6v8ZxbP)xg74%F`~r`iOn#1Itr
z7u&*oE=1?}-5BaAQsBfrl-ANzvlOn8$#R!soMSmZ*Ptl1MqVhTwqC7CVSEz${kabr
zdo4Ap1omd)x@|A9XOthdqpL5~p5z`vutY2QpREnQ>pHztYd0EtG@9*YDo=n!!-r4#
z&I*;7r^VVcwqw$&Bo>SaSUh<{xNWL{#~xoC8&jD7Z`oo*XmDv0J?m;@3sz-|1r}6e
z1?(5*@Ayu@6`ahbnPP6#^!YQ3x>}uOzl^F0QYGT_e5zuhTJ6WjBX|Hk0vl8zE}0aS
zp13(>DH(`Ecv}Ert9)f7<Wl11O7pzO?B-PRUVdl+r;^XR9zQK4;gS+vUYhM)_XjYa
zXc0Sug!CH|BomZ{9%1P>2r)`7P0)V5^fMZ6eco$YECxEV_9JQ@CP`9TI=ZWB`gmM^
zy(qc{6Q>gt6AN!-d@UFwYfNGS-v0rXZiD|XIMV+M7&WjDWC8wD?Ek~6P~5)z{A2xJ
z<D(Ry{Vz^+y2i--zauQ%4{ZNWS=RrHd-%TwV*j58VWWc|-IMi36SG+#q;Q=7{UxZD
z%h)zsX{c^uV&do*UDWFHFG3?zQYqUs`>XFI9kcJnUb9r53{at^0Kh5ci!pAQUR72Y
z9@Ts^+dF(33HF(iS2HIRf;K5Ytsc|RV6{L`KqsBT|NOuN)V!ij^M--%7qtQT%Vk+z
zTECrEGSPmfWEcQ5U+)NHRDrzE(Qg$Gw*lkoBpnThO!e-9qS*0QJ&}O5>hkKk-M?MU
zdXHh<$J{R2Kn}zDlt8vHe=#~qzYCy%-5$!-lnL_q%f7n0+AP)SxYn$BzB9Jv^|RT@
z*vZeo&13&F3Ae7nbt<pE9w2QvF8})|DdjQ(z(VW(PdoqdHJ{t_uTBJRBolcu=~G3@
z!+=g^y%~lj;J>I%+Gvi<Yu-M2F`gy<S~>nkJ$(L0V-g^)*?;Nzv)&Dt;E<raNai*c
zIh4|?HYp<(xqZmw2P9O=%NC71Y0bOq!_vpCfYXbM6zAXHM|#k3ie2(n>n(bHmvblJ
z0J*qrdIZqMQZteK6AqwF>6W~#3gVxnmI>6LmGUj_LSik+`SI~U<nQ30p(Lg!*0u`$
z>ZtVe^y8T0UDhNfmFA<{bGav8DkSmWmEJCEoleVlI~G{D5098eTSb<6AF&dz$drR=
zBwc0GpoZr<{kKQPE!G1U`v9o0Se6e(zFc>^s{FJG(9q@PK;PP^ML@veS^vu~g{aZ&
zn9pA&tf<;wlU>@b&Us;Tw%Omz9hS(O1AtTxUFP)30)@kCpdP;^CL*V|Fs%O*oH+^Q
zB17k_%&0_SbIKChJUA#{>++~J?_zCwKbPXt$x$<(7o66?8xCfWADW2!q8gXgRQxLE
z`*gcf%*4poGuCWVlVYV&J>9P(*VDynuWt*K@nrPZs!e|sYwYXlwm8!?m3L+d(G0>d
z2)0|+0#k`tK8+$mP=3m9hBy&m#m<y!sR3$E@rRw40zpsh*Uk9ipGdj%RHHZhi_a$F
zwud%)o2xnzV=Idnk>$H5E?q72PiNAIj@1qo0zn>suA`-vbfAh@x{9haZBVYdjiVG!
zDY9jFiFqsWADiXUbBv~D`4kxW^*`C>j%KAb(3HodHQ!Aq&Goy-S)oxSNY8=oRjzi(
z&h|F5VT0}cd&_URl0KYdnyWGceUD|)5bmr-$6vZx!Y<WoUCdynnGz@CGX1X3uA7P<
zUME8U%XaFL#s_1*d!9!QZKvR^iTtp0z5_cEY>|}mtRpAi=m}51!=oHJQ8wvtc_2lI
zrSq8j?$5S0_}?FSJwdo~Tbzd<@2{P@Fd58ocuaAdPfpO#F<T$Uv!$zu)y}PlSpp((
zB@+LxHmCrzm4T2+IYlE=VD$FiAJ5bOvc|qxir2Z)0i1%i8u~hrvC6-c4>v_&1axLK
zF%CJBZt_-0&Cb6I|3u&sD>Ev^S1zCf;UMvCh2Fj*L?+Om!>m0lTgp!_joX+LAoa7d
zmR?@hUS>82Qd+qwK=wCW68FV=t+PX7lCcWVCf4q+j*<c4?%nrSITByxMgS7J;ITnz
z5M6E3q^n;5P6GKz0g@rDU7K7T!E&wTYG=R~6FwhYyYqze`tx^gC&#9SR@E_$7Sr*B
zy<^3fVbF{&*{i>++zD~5aRBu0`Uh5TblXxkY;n%{`>VmY+WZGk5~I?zp8-7{P-`YN
z9nO!0JYsl+KW?8{8P<E(d3$H4Dn=7!Haex-sHcwrBvQjn;a%p^8iw<#aE1P81Rm9_
z=EM2dgx0pUTO3@KwtVNrz+$ZGwnI^8RT8Fg6dcLO81&25k4Hwoe%RHd8P0yw@uUlz
zsx)k9{5i=3teho14}f(+!0!tBtKFx;S?e=%bP1M|YYRuwH=UwPEP?FYm>ag%LXsI)
zm(1a#y(y;8LiV~q04uB%xkYOI`1EkQGuaKVcf1w&)fJRC{3GK$;ns-8FhB0(_YZvt
zx5+n%aSEHaeRG~zp!~9x;%kB!GTzU?qj)Et`n*epW#7yzdK55I5?7*8^T`kDg+;T}
zr9`&SX+PrBWRF9oxjGpLc8KuxTi)EhIolGjyK<}=Ty8m04MoM;ZrpEC#aQwMaM4fC
z6(Ms2%mP#A-}OpW(_mtxd%^<}C+o-WmnB_}DJU2Od!9*<(Q>DWxeEP@R?iZ=zrQ+E
zws?Cpq~oN!yr&qQsJvbKi3|wnq-N__%vQXK=4XwyWmEpHb(t@d9*`~spWyjm{oM$A
z;pOZ=;bPDwr$9dL<Nb~bmx43pXSVoj?krU**_S|6;4FQWJKgN|caa}p*452yu`j&6
zf%4`TC3R=eTHxy%!loQU1a~Yy{@_+f1Q6Or+uPh9;}ghaa?_Zq>pVyGXl9_*Yppzk
z@w77+)duk*?W4tq_00|y)l)&~Up_|HZ2&QjNYvTHY0Cw9i+c%wgeq-?tE8%cZd0<4
zn$Z~oh>bb|cH@=<(=<zw@zmmu2cvKQ*{xk|lpzcvB`sDY9jDJ0FZ#*(EpHqI_eRMl
zbRYodpSv%psTQ%iIU^oqkq?UsiHOQy(W^2kyNuz-+u|Q+0Nf9IO|{-CL5;FLmL|$s
zQ?z`?03g>J?99J|GSDSoH@Gi{;HNOD;2YYbTM0R8)RNOrC7uaEOsw2AN_oxNTLD6D
z`kR#;1O!AE^Z`HH>8_H65Wh)Z2|T1O%vWa3j+wa$hnBKfHs}a+yudg5TC$>~=vja-
zWoV5_r92$h9>EVF#FTO67ljI4(Ew*034VHfqalmCkqcVblY!+EhWj)Ldi|X=Q-YxD
zQ^S!Yt%tOA>nxS*SBj(4Fwlu`eIcq7jb*Prr`3`ezrJ$Jn8YBUw2n6|x>oQ_Qqd66
z%o2G^7Ah=eQGY!BwIPl4IA)7gD+>x(B&G#=+DN(HeqQl8-#e>i-V7vWd!;=U;tr~g
zl&ds*^kwZx6_R2X?W4B<_ghC|SsrJ%9aImea3qs(zA<Qa`du#9(MmAhjlfBCuK3A6
zv}yFsYnJ%n#~g3hL4JhLgRp-q)PT>t%XrWN_II+NC<Q2@YwQR{NRj;je$crfbgk*g
z3h|H3fAHJJB((sWwz==58Q5-qw+O>HhCifpzBK~g=g_xfL>dXQ#Df2;%oLmzc0x)D
zA*g;^sHnEAXP%pRCF;D=RnpFO+mFidTl0%>I<Q<|aK6`m<r>#3?AXNgV9FQNNqh2s
zL_F6JyohoJk5uHlE%0|W$r7^vYX1Bb_=tQP{_g(%Bxy<I?<iGuNwd?ky$?n|mV3ff
zk;?uxG8*;)3d@$}YAqNEeC28!j!$az-Rq>}TK4;t^Ct*biKk7p1!nI?Z^S-x#7Edy
zG-OHNi+AUTE?pIT{cVdFI+k;BbF@h+tu7W6rq-zQs~t5xSYTXfiwEzVF!#(mC4XBO
zwY0y1QOlF*F*)I0msZ5=oy)KC)Vy_B2_1~**jtt3FVe9d1=X(p&5pmm21MeQtZ7WC
ztsvtd`EO?Rt4Duk@zl7tyLk6oze10@>AOO{T!wh&VSYT|4k@<@X@v4`daks(`6fif
zQQF_<**gU7ski;x)^igKxbuixXbjHi#$ZI_@okhddGRW{wM6oR{R?yhM_ek2H_L$l
z4lkAu$NnzGr#-QynK>>LdU9rU(W`$MTng9GyUK5mz^5rJT)}peee~M9i6jv`Lh=c1
zswtzW0We<azCv!2S4vRH&&;vbxqhvON>Q8+7IlBC(UsVnN3XvIG|#S1CJwV}McWg(
zQY;A+gZ`r@;lH|G`99s2eqYcrf2TzrG&#<|DYreO!|b%=aYtiG^@u`1NdKtkhgj6B
z&~qw#`=j}aOkSFW?k^)MFr&|?7VC@<^q*eA-{MJN>jeTZc6JU6z46huDK;V@b(mX_
zuMnkJGyT;I33N5w6&yzzK(SfTEp;|kOXY0Be`PfouQRG68=sZB6V>%JJ#JMMI=Rt8
z=@zVV?6#JVn29=CZh5Uvz^YS>hw}Z0AM|Lp77SW>-sn}~#CMpj<dAvLR#^E7y1CdV
z&XINH-4^vZ-&S7SIVV=lNMs1aCSlKqbD-*9JDbkQ!yh0*$yQZMp3H8WeVnU&F!?=(
zF#|O(;Z1BfZ@kizt5&5)I<NVYQD@@n+1B8&%yaDg{W>-7^bL$ouNN?*>2!y!UFDCT
z9)Ju6w9#FV@BjSFEb<Hwq4JFN<uv$~n0Bwr^qy5S>)Ul?IPP_?n<~Z#-k^LVy6|EF
zxAkbQ!YHwiVpb#1&w#qmgHoW8!;8$BI~p4sO;qqal9HIL@o1KC1x4b_Qgc*h<;qv>
zjh@e=jZMM(AuJ?XT0I{=`6?PsD%Xy!(l`^$57n~n^4~VFdTleswDFFx<vU>AhN>#v
zE*gvSclXHSB)VYE20q@Eiw$1#Tl`0{N6EP!l9WA+ZiA?54dhI^cftkaI<?at@2*k-
z%f+Dx*HNo9R0~)u=GIj0)}#Z3r1lPns8F4YRg=c*Cf?*<@FC;LZGw87Gwj(i9$Yn{
z=s=0#f~rlCbCW%GyFXo;{L`?0uSqrxlkiPGP*_gz(u8a{4Mar(@R(eaX-@Npd{<a1
zrWFR%-C@4+>X69*7nf2<n@&PDmmZ=`_RamoZuPy~Pm3kIuvRqaR=DQ!kTYt=T;5T4
zGo#X{a)WbzPt-$^V?6Cw<iwy6@yIGE4CWNVMuTE`dP4+J_`STN^=O)AzX*csHB1R*
zhz$A)Ttu%DpKTigk?X=hwIUlx#j<row1V8i1(ctr7Al{t2_R#&%?wab0M@lat}9+6
zY4FESzHu&)xYUX_NlTsw8MpLJ%?hZ8TDg*j30RnlY?V<4v+Gaq*1$S|abT_yd7C(9
z)$iJ$jQATbR787#yaFXuQnt^SKvni(zDi$9z<TK05y{r3M8i$f5(-1!r)TC`fX9AC
zkw!3MsN+2K{Ek3kSGdDHK#tu%t{$Y8^iX}lu6N|>WRa+8rAUcRhf5wa#)*-WFCYHN
z7EK0GnV9vT357Yru&JO3M*1Gl64LsrD39ukd-}+<&8RS#6pk#x8iuR4B3I{si`@m&
z%UEO6$bN^~BVhPWZ_fSC*mZ*leZuQf&EzE8uXF7_IQCQZUoZA&^x2d=_Qq@x2w2G5
z=@Z+xasEhs-vICEYUQ}^z9J}wgw=VQ5UvYcd+ai6G_jz!5o)p1yB>jL_0;YYSW_L$
zC;J59F=0;ri3pbyqi1(N{0#$lz|jfPlw#5|+M#LAzkgJyBBXJ%=Mjz;cwq{Wc<Dzk
zK8_&d;GUb9xKUQ4@)6NU_9{}B$G=rRk#LtU^uW;hT_-E=_=5`ryKb+Hn+)jpsBd{3
zQRTIZU#7nNodl{ACvW5z&yPb)M|MLNq}(=(+xduhe+k-Mw0tiXw8QogP{?VtUw&1U
z56K*>>(DUz?y+Bv(kbP7czLv}wL4)>zcrwxoemDZyzB}8cPB+(YmHbs8>Gv5m`?Z@
zB3b0m=Z3C9#d_saVp<e<w#xlig`$TPnIGiv*+wlG{OmXTE?_<1@0#{~oV;-;W+=;+
zX>c&5^?}#aX1{><kamtE(n^T9`_AWE97xs$baEIAW-0YyR`it8nWfzfblrz4<^15y
z)C?IRVk)N+zB9a+yt}q$s-2QvALzR;lI`@r{ra}Te0J$xrF8t<eQV$#OJUjGv9l-}
zRK46}EV{qCr9~<(7s8KrO(%Ru7e}nvMa}1$_z5{>E^W-XQ4=Ofd41CL9nT5$=+r;*
zHfs>52flcSe*U(b9Z&O|_+e+{S2e!6Inut>0bQC@V+BIh232V!rR?H9nt1Ti3?x5O
zAMsTqQ=YpvB&5;O|7Lgj#L>79v!dO1?TSX?AVa&_Uz}UNn9e4lIV7-s3@V~S0FLfg
zPdVl43Pwz0q*IQ=`!TG#%jX<~o=5d7-|$m`Q<hyD-u3hEt))$d&;6W%bde840kjYh
z2&P(vW|`tOZ6TRrbZI7|=MDtb!u?QxvWz<1$8n;XDC7Q{NRRPs{@2TbOPuG;eX+x0
zfs3bI$W607g2-gdBSj{+=d3geO%vUm5rI)2vep=BwDQud&uXx?EVV^}n4&Y^>=&i{
zgc-O~XUWW(<rM@D;Sq8etREbds8?~1!TfuPr<uLnDC@e8i>GX5<~7w6!Am2iUsNTW
zSanU7X)8}Vg_A{(BMB^xph%(jXrz;saKx(AQh@@w+<d!|dItoZ)1ST^9ErNVq(Hq0
z@anH{3fH9SV_PD`Hi|19t}i<VTdBU%r!o>asx&N*(14sB$<l=K*ZJZ=lz@Yc_w6|g
z%{%RQaz59Nm#JKbuviZk%`A;iq`cMF^|EGsiAD<%q+|8Pa*jQ}(|K}gIB0s<@?{a8
z8=S#&;6a5xR1##+en>{h7c^PNN5BW26-gK5NPj<uO`I?3yw>@Z7!~0I4(fWki*an|
z_d)#_fD=X2%7KJ#6qWU_<Tngi!T4peNR=6J-D|CmyphZXy9-gh$t!*eBsr;@A2qkm
z<}z2-f)(q30e1)mE1wfdAwhn}$`3E|6EgDFPP2()>GAQ-W#nCoo%moo1G>qNIyGrr
z<Nr!Zv7uaRAVy4Q{uI$%G59ieJ`Fm_m>d#Lu8pv=p(PUP`X-n86BQ{#ZSxWitdXLz
zF6YI^J!FhOdR0c6+>1B(XHQ37Yh^F+WHA8`k!g^zP0RwVkkhmQgxly_K>yOQG0)Q|
zU02nk91;VhAL?2Q-e0VPb0qs745+LjiAuQ~1b|;eUZ6y!m(P_u&?Y%U8DU4VUkEbr
zD`?kJ@J-nK;{W>M4zL*PP4T?S?8k?M<tq;B26|GGcV1tv@%%mcGJ0WEL1*z(R!YX(
z)f}jR%CAFXh+}&5WpN8q)38ao_HY!F%(v+*(U4{6T~Xv=MMp&)%o-WmEmr<@1Lm0S
z1`l8rv=)JpF2fntz~gbCR=xYZkjuFiRAa?e9rt9@)@`0~72b(fvDgjA@SvK;@PeZ9
z#78RenuFw`1Z4kaygdPboL`w*iq)KN{X|A!JP1B7^Zv(v1u@Ym(n=PITZ6eS;@*H&
zKqxSie{zFEDN_sOpmeGgN!LRpOmc$|K5r&4Remo_UhV+}Io!gczEaNs&uY4k&7`$f
z0%q`Svfj|#m3#CrH5eB%kDwa%fEBZ>%VJFK+f8JBO-SmM3VqA0NEP2tkCywz%C)8i
zNi@fkI<ziH#vfe#9#2_I!z@qI$B|WYEd*EXWg@~W7^T$(R!y7|=Xr#Rwdv4i3`1^2
zx8MG=|N8lunY6cAthB{#0oR}vJ=hbBB6c2pSKkL6Sy{f%97ygqjcA0euhjcA;P>Di
zEL^*Lp`tGlv*Kq*`q8&O*B*5vwI<UCy8hfzPk;NDo{!3Y!h)6QzWLPL6>sZcq1qx-
zo&qVQZb#xHDkg2S>{69PFc-%4clYZ#MKp)BIo{K{5vm=cH!lcO-_1ZO{mV`peiH<l
zn3@}MPuW6qvmA;NRz-<l$Qq)?vcRLFsD~HE?B`@GZDD2M;BFBp<@b;KjHF!trQP$b
zyOF^Uj2|m>cV136{K<RIAD%DRcIt3l>u6b73soBuylX95!axXb<Tfk~#OJ*5tXy&k
zgY?l1$U==)znY_=$wOci=wKZ1++YIDLOA)cafu^E*F6Th8I@HW4rWX3K&5C122Q0A
zQ$mz5+R~L~&IX_b{U{zFnEMJRZ1U#Y9Z4OPz&F~7k-)AD<c{Hx{erc(r1+w4z$Vt+
zTWko~9*bSijbOsKGX|#^M=z)%0XAiSNmKmiSA&;(5%DJbQ!+xHEo^S^;LW@u4lE=%
z9J}~c^3udl{AbBrX%wKZVy>Ia04|NL+DZr`itrnKLYb*=+N?v23{uL1B)-j+xsD+;
zMnL!Si|AA}kpyoaP|;0XFmL(}FnqGa?CUkMB$e(ijw;-gLM*AW{a;^lI%Rz0Hfpi|
zXY_O$a?k3xsE<Nj+p@$^L;mjQA1*y6l<#bbz_}LJD4G9&lP|<JuURw%>(@)F6?Q;D
z#u1`R`$FK{%y0EP7yPjiDcf%y5g5mT?HKNm#Ax#}dHj?!>@0<8i4=<e4W-qV4-2NN
z^oSS<4_U_U2_nAQd5=AHwX=0@?rdeg8l{e1Y5p@qd~{;-x=uC-%Zk_(Owi(#oP~Br
z1LXpFhFCF7uR{Q_{_}U+GZM;bIEK1}*YQO+FDxAG<7s}#`(F`rA0EP@1$;){c*ZEq
z8sx7)yThM8Z0*L0#z@?kSlr)>!1_Z-=@1{n`-3m>Wgn8okW42|a8PyHKJ0i>!(ocC
zy9dG*P3?rI&TSvyJtH!RRw~z(8!+F~#qo?WSu{Bc;NUK^`X^KLeAbW>#QsgNqN6D1
zS7ewhGn#F9Jv4!xOHvzbK$i(y!n6c3{*(u{5HuJ?-DWM{ukOv@2>dhaXjW9>UQ<k1
z8)7|pSipVv=TfGt{~hkWr;G$4?RCF(Z1?mXEY%iGc?kuFYz0IvHpxKfWg}I9c}A9k
z89EvK1MhkeJK$#q|5IrCnX04-%sV`EZrDPqo0FU;<#p++yJ(1?d?fyk9Vx=<F6|Kg
zx*O*Bm5xjHUXoFktaN|dT9IvY9CRM8@=M1S1gErg{@dMjmQu*#LHNh>ZkFRQ9?Rwn
zMT!Lrit3Bw%YyZ@4~Nor<GFM67WcmLxll6P+{s>Z-0xDp4;)s{G=KgmhjMLbvie0e
zWbg+Z;_K=3waV6R*>e`l$lsj4C+&3*oZOuhaeZ#F=(6ney<Ad>9>pZ=Q9>z2Iv}VC
zx|xi|OJf|3i!>l^wMz=BXrD53?aH^@rAE8^pv<(%XJJ)n-s)Olqyh@;eQVv1D{s<!
z{$ckgg;PtE+}%#Pxy{nWejqVlU(=k{Q5DhkiOi|H97ccYsQz|R)#@oFxq-RPv)x4Q
z*+S$L@A`mZ769J!8A-b9L$`Qy4VrSx8_Y;i*0Y-OR^Z4nq^+;rcn!!cHX>eNUpMBK
z_*2#P7!S%xqMLZrL%4&Ukh3sa?W-a&!GdJ2-4tNxo64t8V$4wI%I2HBDFvt3CpdRh
zwB#Ugy6Z0{8qqO>$OYyHGHr~sep(*4!w~vn3P>4^Ewlk+3ny1m<<{z0HUqiZ;*!8$
zyE&;yF|hPIeP7apUC7rol;r~oIENzsX1MN>r5>n{uo7nvm0WU?@brSv@(ZY$=@lj;
zE)CX+YMEJ8*2TfxYjoT_UT!0y^xd(ngD^_4fma}Z#WtmIU?M=mMurGGwcc3tbiY=Y
z>z7&2-Ra_}2}N;SZB*;5(KQVGW;V9+qx{Xc(;UKBHjgeA5@1!SO2GHJ+alPXYtYX}
z;j7e|FPb&jf1EB)ovks~;`Rbmx-%*;z|?q~9Oh<ATTYu#fD5bjM&P~mpg;0<0--CX
zVB~%ZHAZ8-1zI%jHLVeq*FwCQg)08Y)1TBz<luK%33TQ9=~qWf@5L>GIZVID&QC-J
z-@^n(v$($mMykHo?h5fZxQN^>n4zQjn$^Z;S;WWA*xGt<y*7H|wl(_|uCj5K%NATp
z0I%mk#{G<Wj6rUY^rv`tRrQ5p_GKU0lax#!{RT_?;**FaWw#Seq(MSf$!~hwEmL^k
zTDUfYLS}emO_Y*xBp~m`tF$Kyw{>tuvHi3iLE4EE60x5)Sf(5Kq5fxF7w9vI8@wgS
zf9$bDg;iDSHI+YApuN@T>VECJ_e@Su?r;8fnGaQS?xbSxwd1!S$(``hIHZHs4}y$o
zBL`&OcJm29TaS#$yY&`TOw3glTf;mu9us=0?_LY_2)2CK03$w+ND3X~h0}85RHx|=
zJ#G%u@?u;{$)Q-oPGlTU+c+|EI3GmFWmN-BNqhY};6*ZJeCA5yT~NYf1t8+5M;8<v
z?NOGPex0f;;bOy?5>7tQokuhgi^oQ2XB?S$k^g8$=Yz;putbBU8sYQO&7VBsl>&ed
z=r(Imc%F3dTJ%Posq=0cOwn$XJ6Vj3d^ibU-@9f}ze7K=;-PSWbgl*5$HiMA{Q*_H
zJ0sz%TmtPxx)JTm(E+uOx;@Yo6hQ>!JGT?aI4G)VKMf!B)IcZ^EGE$D6177zDzwim
znkDc$H1ux(pxt|qheCpG)F;g#M!AX61Fh}Gu2Dw#6@b%&4X8E#k|&-jLTGJ*h`o`&
zZPDdi1ej*rxDrTiM7^cyyl=lqnpJK!2+8+$B(JeSaFU+nU^&XG<Z`~L++&O9Tc`g<
zSN9g2lJmpk66bHEFm?@phJa6fXDD)-P_X}Ibi@0(@<Y%kHOe~X+9#G*pAGWf^zz??
zC9G2=#v_p(lef2EUiT}){biXg*9U{6TCx^|h)07Ahd25Iyx(Kiy#*y0SS2dco|<vr
z4`X_|9cM@4Qi;rJ1m^t2_O1SPrSWfV2>0U3O&X~i^hHqLxk??ku@!>+*$w|ZYq(MT
zbm%G{$?Orfh7L!D2uTJ+3MkMZzFJ9z@3Bvg6J9vAbuna}9elobsa-@vJ722w!D#?-
z6x$D=!b^L!S24*WN#`7&nCZ=kwB`(PIHB|~xrnAgFAGxBW%>i;e44`FoBTer&l&vB
z?+n)^x>^D+l|2mh09RLyXS_S?S7`rvX4yYPuvp6yT{T8hIK6M*1DeNhLDd$P!UYa6
z`OFQ-0j*W_o^{$OBtHn#Gx!Qb#(Kv-eZdOr2XvKiv(XQJn<3%BRxoW?9SlqV!qWt$
zhQ6+g7Zr7Yz_FJNZdl9OA|-jj%2&M^tpU|b41!|on4c2mKe={Yqg|SG`ulVpZlscX
z_fS1vY9d{qy!`cH=VD*Zgzk~HkZ8*Q0K-C1q<ph8XPMv+0HlsHn$Z?<mD?INz94LO
zB~SaVHLHYqHi*$R{F}D5zdA#i=C?=tqU|I!u`9UKalHN^Si3;}{i#HJG?i%XNBSrx
z4@R8UaIi}-7WqP-y8PK9uY@4Fnn8rCBr8QL7X5a;^%x^iXjN4EPws=SgU2JVjy1dU
zK>NMK0^Yn@jt#z^SQ~}BJ?iPw9kXSoD%|o0Q=5eU*ma6B#<}jA?|{}#(=~HADFb@#
zHpk~fbr8QCeSr5h*>p%Zl8<UKYm*tyU=O3tcMtmxI#eXRW3Zd|U7hBa=0G0JZ8WX1
zZ-=uh<O!d*zLvN)t#feWCbsIYO8N*tp|9znXGEPHSJf(GT6~SZo=xF2d@14a_uI+u
z`VmxOOcVbb8eTJ#fS!@noKGRxA&uT^+J6__n2oO-CF(Y$!AVLnkhvRz_H3f+7b_TP
zp?ciLWy|RMk%yp#zWYGS*8a&YhuLoy2Zy3EE$3el0bt3PMVjJ``|`I<xK-_&ERnSm
zvg}2Ul`VlxM-u#$A+i6?cSjHHbmVC^_F3AwX=c)YWKwV3De;{HJ(06cQSR#_^&@X<
z><%c`bb?&R+BqJ@@b4|8WW{^Aql11BA7MICR|{(3gRjtVAm?AAETVt7o`t57t}J+y
z5sgf>nBi0`OQqNg0`#D0{kPG(dvI>6o%Z_I#M)JQbJs6ch4RZP_mWnuABtI=SHzyC
zL%sTbpSOSgV?C517mjfpGE53Ve^6eICg=Z5h^cmo1^|kt*Jt4Z=(X9hB(m=|Ns)#>
zv!tJJ`m<GOz8JinzX?9H<$J__#O&VRBi@78;xe2d$#u#3_4{p@b$XX+eSfqZK}zO@
zTF<wJoVW0HWs85vTH{$VBhK>Ji2hC&bf>mV5}ctV6Zd}H>%&J~qzs@R>fdkyPUH`-
z<M%!=#|BhFgp}(83NP=`f_IK`)4^O*CA6_pD{tyto(d42^RYF9l~AV1gpJ-fIkaL_
z3jET{Yq;Y&M)G2X7!CyipuZ`uvuu@{Uc!P<CF`t_ef0=k=Q_ubd2>xq@zJC!P{B02
zRkSh?GYUiERkpO#G`aG!P@muk&1LKvRmj#iyY`Poz-oU$+h0enuS3@=GNAUrMbIiT
z-Xc#ze++(4*nN=@7ESd28Q~oh)DK!qQl=&zq)vDcc{eG$RuC?s+?K-m_T>p&0I{N7
z;%NBqMbhz%2yDq1=={D=D&PBaqN^7sM#MH#ur^^Q7fNaXJ#Brl`GrqzBZoIb6@dM`
zwWv>v`JG1Y^cl*}f&&wm*U!iUlCA&FTu~IoR@E{2)rbCIqs`l4o0v1H#HTdwPaljB
zq{ZOadPa${_H}^_bWc;vU|MKI@|}*bsj#M{!9QOsjoMy5w^10RoU%RxlKq~;hfd{F
zSHh<_<p3h_k`o-ii5!{I=djPDiUba%PgraQG+4JL1&BM1?)6Xf-mTx)<%65B-QMzL
z_Rhw6C#?qDskVE|bsc4a&v%d)D3O~t%oP38zv~LxrXZo9-?fo-DWA&Xm=(tuNOHX*
zb}J^o=fh`YZFX324y-nnm)3uBPkeDJMn8`HyvU9Gj=y!CL)M_Y-e#iu89JQbt-xN5
zc{>tP+k?Tc6vcHkTlP<%yBajm_V-tP85c>+OG($TMd3c?=DQuTfE}EE(p#c@v_nC3
zE`7;MYpH$s990;ZH0~nv_96PQtU*1}oph!6JPNA$i?rJ9MU_tL|6}6<)3E=$eG2|R
z*|PqB-7(?+!JPmC;O))L5WtCd0DWcG-JDk1|JyRK#R6-G-{ohfNP^|~hx*ol`{s+i
zRa1$N?|9A3%s!l~N>PZxf*T#D<N>0_8{m8WpT}S^{>htqvCABwZ;byLskrp3hw?*E
zF7MOPM{2b4RzF-Hn=YqaTLE^ndfPEdC*w$bnv~q2Ck|kdt2=rWxc!qiRqy;;;;|F3
z?~E~>laXAXtfk9He4M?y=4kakE4(<kExp>GAiW3&u+2y}3WlRG^#sr|W(~B9pKtc#
zET=7;U0uz0w%JWMFGGMG7zmIL0nAeG){Abx)|u1z^yp<jSO4|){>!V940cJE-@0d)
zW!-&0oR&psE`S!EwS}k<@3SrSs--3t#VD|V)qn>UF>9=l!>R_rSC|27+h@QIusnYA
zzcKfgQCYX$`=`<fN=Yjn(hW+3h%}1Q-FcDHjg-<2BA`er-O{Oq2-4E6bV%py>v?A8
z&Hu&Bn)%II^GaOzEnL9$J<q+5eH@?dArnERJd~@*{PX8e;k0R9^Rqnp6Bovp1<&Fk
zcJ{*Jqn++7UKNXNb_|8UJG0*R+F+?WI6e>B7xBAD)obz^tzq=2vqh^<%J*<uQUHhc
zf%mfyxRvGuOayc?Wr)){q~nIyytioU8u6iYYr4E6yww|c7Z@XqXPrctQG9i?AvmPV
zyB{C>U9wv!xyvUAS3i98Xl<ue@>&V5O_`YOyq5C$>3Z`%(ywH6!4IRsv6cGa>i%&l
zzs*4<E)}oL6$Ovl86H^y3d6&%PD}Ml@A&s#cim@-c#*HF7>I(-;JJTSxQ(V1X0pi)
z^6?7r6V8PMFrlEG))YB)Or6t`JVZxbZ(PR*K75iEg8gr<j~(*nYM)=SV3YIaAo|V&
z-?%^)+WBZxdn$RJIVr6bQao4R<flhR)gcw}4eLii4F`3~gXh_D@-KewRKy0D6DH@V
z8joJ4en0^7K}pcz_a<{0jEm_``?YrS#KU>At$t<4(@3FQM%9D}VknB!E?<+TaAHgy
zAER)7d5npt0M4%;^VG7K<Vs$t3`Qzpip=J{iOz%f_-1eg9ch^q616z+%KWyb8Z?<G
zXset$yx!b>6yF(6@M0h&?Q;1Ik@NXagm#%x;M;fpvN6eZdy73ti{R=H?RqtpSegaf
zFB^R+Ts>tUJC^_c`sBQNz~bq69mt@VtYo2-RYEiZ8S)i?j|f|33cD(VOh9IDL>M2u
zBl@0qD1~M2q!Dj+;gGKUoDr$;{AY3bo+lf}J^}pTy{}xv^iUJ<Fcv|}=}83V;aWv5
z>n0(y%EhFa=Sr`+OG{6M&u`wyWnnT?8iQ)*TontjL<}B0d3#rTdV2c6C&%e<eKej`
zomCn6;O0PXL?;y7WbxH`kuOqtWgqD^+m%Q-Wf$p{>q)1*>WaRvTY9rCTpqIOh0Yff
zJo3q+Uz49mmQ6woJwz#kSN&*fj!Rzosy!4Z-!s#0AJ8BUvxJNaISIFGxcCoI+a7ri
zF@UG4c+9xU>X)6SPuHg~JafoF>A1<A15qPN^7f}MK6b~vo{DzcmdYlOjWv7syV<c#
znkOxGW4!c>qiP&o$ooewva3JRij&3kaMor`O8Ct8&3@M)zCh$ulfW75o(OljB?RBz
zCzZi%rbudsUe64V_lL1C3Q;)2C9k?tO+UNuKmu)m{owvnag;II=~tg*FFCeXsjN`T
z=ILgvb{>36V$*o*U8LnlhegD`j%D65K5~E35q{yW)cf13Bpu-=%N4%og2StKY)|Ji
zkN$l8xs>)VcKp}sEH)w2%MHTGnKw({m8st`e9<f(ah6P%CZDZydTjAC_2cCLVRnJ8
z6-LhO@i1?~L$}>QDS4}(9RgcYX#?O-Qls1pvjt<IWXOI^vF>Qbo1^dpajye8*^9#z
zU<F8?<NkbY)cNSUlJ{dz2Z2BEiXLZAPJZhpW?Rl3Q2br#UAsA5{o?rJR(8J%cu4j0
ztTZR=tBns{ujPpXIU|21&{@VednQ*QNhicza(+F_e4pEWTkose*5|x&R=mXVRpoTE
z-n+y0N~axa)u!L?qzSph_Xp32ob-z^Ql(5m#B{;2j4$Z$-KEzb#C~M(Jv~P&nznlC
z-k-{|SV}PIuA0X4cO@c4XM7^e4Lx=n&;x6(gU8skhRoD<6m1OuHc$C7Cb-kI*~BAA
zEpF)AgZ}gppcj3c+Le)ib&AiqvAFc=o;k1lU?k_Whz~@?_-svOv}j<>6v=ZP8K+3f
zwU*P|7S63?#P!2SJx7i}yVkAvLd0#;)`<Y0xl8e`5Nc(*&$&K&52UH?STy{QjF$KO
zN+79)=qTp4_#qKb=Xt9qMJOv$V2*$*^k%8Y8^ZNa7WMinvw_UVw}{zuP!Yy1b8u?g
zh%ekJHwh4Qm}P*jf4JwP-EZf`#Z5MvEu<~D%69x`qP7wX)Q8jDD<P&xTW~yMga8L{
zOf(4w^W7bYb8oENqP6iCo2EX08b!hQ+hzG>T-XNQeclPBc_&80s|#TQ<7ZD#FT|XK
z2~53nUKI{4nqGC};N#nEOjbwO{ch}9Zb(df`J(5=PX7MMo+-zlhviFhV4#0_aH29I
zt`prC>G-(GqBpT8eEGppt!kF!Qc+`naI@*3JH?92=yYBc1nFRud%4jH7DlsAX`QWz
z7eZUg+B4uN9?H9eZ;0d&&0s#WNL`K-(sSsZZ{zi!)nfrLidoM)<t~ctn@%^Rp5-Z#
zzaU9B2ZtrA+J5?eAbyV_P0K1V5ohne(uEENB-LhZs<!m)X26G^nq*ElHe@FGt*avO
z^Mzh@<G-PnXzt`){OsS->}QVqtK4>+lSQX0HBIi5%{@aS9_7@*n6xK1dx?+9xIeVq
zqS1OXl&hRS)!5(kOcr18;T@dRtIKn8f~5B4+z$j8F6PVOEiXl-K5S2v&tyfc*AbXL
z5P2Wr70k_|{W<3rTirj@>~Zdu=#7PYov1%~4wnxH`>M))WX+V586!x)I6koI6>mIB
zQ;QdJFd)A0R&MBOfAC^eDPHu6b3*=2KaCF4?=j?U%}VDvf0R}GhvAl1N>44IqcFiX
z4>`i4;iY|Mj2?y06NJls8d~N}sih^=oy4K3a<ns58bpXdHGkxT%x>OFy~+SOLlf2d
z-5|oOUiD@nI+1$LNSgK7{9##ssk=Ixf^%Y`qA$_5C%^VZ+K#{E2VH3btA<SNqx2Jr
zz_(AL)u|ml=_T%JLaf54thN1CrD95nMOht}GR3tWQx*9Y#w%Pi`2>a}R*Mg;CQNT3
zWxqyqyDZ+;mg%`tNp3${D$fg9iNKJ5{M{D=5{Iao_i`vT3X@pXhi*2yrq>AHlz#C0
zbq@;3m)!;WzpbI8;vV))Z{!H*3n?pgs@H|fTsOw_pWGda?Z6_|!%Kjxf<?Wmwc<t_
zY6PCfC7Awy5to^p-%OR`(H3y{r3Nxi4yx;OdKna*G5fSP{T%h_X`6it$O${RF@%4k
zhNouv+ZS>6yj`ULZ(d?o1j!kjqW65sy~ATUF-*^p!BkU?Un{*SDGtr2V|w`?MhahO
zj!_W2l}Ak`$4avMUHL^ss4PjG$uzt#+W&$Ux|)>5F2&TPMVm(#`x~XQMSjdsYQ(Y5
zX+Gx(5=M#XKWr)0QQuD$E;MXuzSYf^!nM&X6xf(6n4k@(o;sPj!1x3r7;7Je2mOnA
zUve>nZH?Xji;hs%aFoX!QL?e_>m%CE<OFzoQ6~>ao@WTV=I9)*zjGLQROCL9**Rj&
zFzjZ0^GUk2PM&fGT~s>%sN1dMrQ<n&u5>}feqX-WPnDmmsYCHXhT_&^RcU$To|0+m
zC2CL5DbctBl8Rl^1>^ZFRSI8zjeqz^q-o3o6~%TMjP<#Xzele&>P==2Zp#>G4-Z<5
z6&WyYiM-->)s>x6sofSEv2pHTH<(2u5zkl6iZ_uxFuwV`)?TbSwmIs%?DEGSgR%=X
zCC@+Qy?q*vlfzZDCejn1CZ53XCVB1cO5e)(oZs*hY!WK;TO@;mYiy2<>IJtcL}kEC
zzHO=g`Q_KQHFN8u{;?hw<?{;*Y~3{T{th!b8-(Z5VQ%Vi`+_zjMYP~p;Xw$ekAU^&
z=X<eF)~`=Gs;~c!$nU4R>DM_D$Y+T+>5!RrMiwSlR#^|9;kZju@MzdU{C^m40ei!H
z*2nYmjJLHewL6j$O4UUEyr}PQ06Bw+#u>~IP$%uPlK(cJJ{S!Tk_?hcd}PM>A^4Nc
zhz1=)?h{m8IY&e7Ahg9l$pk87soZ-Vw*!*A!j87g4?nB>eNkurXXwoL%=AM=>j+9)
zaN9kj`G0<^_Y0~SxTRC8jBbPkppelB*-g+q4#iCdq}Si|{j;czK$QXql;nrYq|%$p
z405S*(jj*kXX@S5*@D$&ZzSW{($q42v0bf~GnJe_TRXMHqhDqH><VsR9k8COM~taT
z2o4T}6ZjX7-gJF76dqV^`n_Njov5Wrvg)DdVvd<mJF8J+lmPi{O2L=N@g`Is$q@ZG
zO(HVsWOpZHBG;oVnW-iCCJ@<UN!W50iO-Y0N`5Tjxt=qY#HbdR*D6E1?>?rKieHVd
zbVTFps2X+eQG22%=?g0Q<^80-$s?5g!9K-eeCV|f*d(-8Xvk1d1JBA{-mEh*?TY5u
zL!jVW-yvqLdQ0Z`y~>?k^z3NMRK|!oLu-x!H`ZQDEiPZE>qII?%>PQdIFF<t3;<p&
z0v^=9AGP)tc@by)u8_?%8|_HPA{Bg}wSo8j=^Ki!>5aFyegx3OI2yy?E-cydQ>a8?
zACbFM)566)+3DYZ2uwPhKQ2%i_g|Li|09m*<|=wlW+;65>sR;%>ME7P_W6Up;e3_8
zISZbB%NQzNtN9!B;tp1nB2E{<7`wXLlkPXIf4&n)*JhtlW7|+3CKc;<*Aku6@WYaj
zv+87-{Bk^;UoneSd13L<oa+ZD7u3*#YSWNifZOsg34=;dD1hAcht2h2ASNoc(qXN=
zr$YZbfn5D_w|bP?R#u6!zyUw*_7B^pB}<EhTKk4A%tOW!sU7_;n-kB0P4{^y&z17_
z>TM;D#@o1K-ONl;LO07NzPgZ}e*A_931B+cT<rwkR;eR!M-sN%;n)p^;&=2?Y~S&|
ziNQ0N?TJG!Y*#mjNg^Gd0CxS))!Qq5r289OEmqTdl8(gzo~;hyZIE~PY+jV~s8%+L
zqNb@CExyye<2~s}&Otj?SO94an!Y5I;Z%Rc*_!W+J<uYh6tKzJZf}(==?KALMk?f*
ze$^Wz*cHkX`S<5g`)*BsEBN*4W#nk7rr~4_!m?5Z{dVs?`=@o)vuM%7;`kqa#*&1K
z2lyVH|1xCXU+rfW^FE5-C1_Wi5-b+@wp-k&VHs#PiLp&7=Jl#_cYUo?$#%3Pck6yT
z_3=?yvT3XBSvOH-K!6AyU2a>9#OKjF8Y{JdC&G;eH^&N@l+$fQBq=2)%N}~`l4D}9
z&y^|MmvEB4Lr#n9?qg)C-fAc5u|!MmN>5>YG+j02UQU4&h{Uyw+M+C5C~7rov}jwf
zl|;1!@>P;_@b5+iQrN?2-WrL*;O#<tn@ZyDZm1X}R;EVFA*I|qKa?90515iDdYr9w
z);|LoeBaNrie^K=nZITh*mj}Z$e%zvlqBp*0nxBx(Os_(Je)T?!zR%1^}{oI-!t~v
zjxhuvfK1cmdY&99m>^^l%WXYRaE)rA9^>6Q8s=4I(#id?b>(@rjex7A(V>IH9!lLt
zjs4X6Kt-r2=X;4#djqtSMe(v*zINQ6?L(gyM{jI&L5TaHL9E+!f4OI*iF|O&ZEq3%
zwptA7z_>8hIDT(0if4HVULUJphc6<Dx~zBSaocG)mxAfK=sN<+2fBR<ly~u|%arUP
zbw<i2wXjN}uP0qsFx7*CpdeAGvexpSZ*E3RVh7l+cgKA?yMK7gDRf^d@)?Y~M^Mi4
zuJ#27F=^B|2ry|0A35J0R#mm}Tr~YUI!g+^0RcDMF~=P8(|W(HcL;~UR`n>im>aLc
zKfv9SF6@zGib}%L;I@r>Q25<(p&i2}3DwHwk@IqFllQUJk9*Cgx{~wlodxD|1KhL5
z)6zy_?e}(XVAC#dtiDDk!Eos`SXc=|#k>;>N_9al24|^IVB5n80{o?KQ3=Sj`3EV~
zIUBKde78y5*rjimY)k!~9z%HL3S=XwD4MA3x~AVE<8l>~0ltQbx(R*kK_N}uu&9_=
zzohllDHTmYvq96@yUdnQyc9?m6?*r)Yvj0dPqaX4`QM-ZgmNs37^0`9{5P&la-;Gy
zypFeXSKfZ#d(BGJnIe^=U+?j}50A)nrB|JQm(rdS?T$N4BgGMzns)gTSI;!@_0%0D
zXt~Aba{?aT9n5pJO%rjC1_qXaq17Ar^Z7tjQKK7D$2BLkPh+_Z#lIS%5e`K)&WF4Y
z$Hc*{v*g}e)VJ%V&Xnm88C1(tV*Dd2YIbqrbavxrXTplJ%<O`Frhsi8MtetwX1={x
z8n5}=dg;AoV}JwBt=o80mZfHM;qq@$B2e%s8;dhuU!3At`Awzqe^91TeHwF*$J;=8
z%wq<9@nrs}{Y8`qVTs}&&i(${xq|fDWAvSDZEA15@dT~QrU&sKH7SWmeVsomQ!{Dz
zPpLvjmtoDs52f^i>S&UQ?PU=S{nN-nUMODPzFHgl&E9R`-@1sPnekx0U!*0+_3cI^
ztplp`eW#4;==+~k|87IZCWK$|JuUll4;XAe)f(BGzcq<r!u=~{H}OHH#T_h@6a4eA
z0JlE%d-#bG`)~cKj4!=rFi1H~8h1yWlZ&)nDgX24FdPn$V)&FcU#1g9BJd6a%TxfD
z4F`jDQ#FzMV{rM`RlR;UTyA_)?ihN%<y`FrVwj3#F?1$)ktxx>!=Ex0W5Vm}2s-_j
zD?e-@8yTDe)7~C;i<JyPME!U$N&qp+9<jw~!T2k_FB5+)hUBd@D#mW$MBq*fI6htJ
zP0~fJ198J_Xfsa(E$6ldtsah%W2f1hf92HWmM2m2l&4bMg8PJYGIGQY4`;;@T2kN!
zk<ur!9?D7L&F!;#v`|f0R>ObxwVdEFo<Lm#Nb-JrmRhIu#d3H|#O^MJxa)FH0Uh{K
zvdttgNjRtx4v%BH%=Mt~)<<&8Xw*YDXi2nMAMU?#4kzx@@1yjTz9IIrD?vRqk=A1W
z&p<xO%}sY#fkW$c>=H^_=WmLVdt}~{3lWzdxU;N$_ri9PtFip|D93}idy?2v4Cr$T
zZL9FAQqU|UCNYap>oE5NFU)_wf5Pmp6}gK>+Dp9>h{+slk7m$;9=Q}}pM$=IvW3%r
zV++MRa{qN`+a*9vi}3`|><kOM(KzT=@0_;!>0zz}@OC;>dFxS+_r%gR^*r^!Hr)@y
zL|4mI$^DakWwg-dR6rVTAsTzrDcG9^1IPM_x0D_+Rb4<q#U$h89T~Eq5n};q>W(1P
zODt<iD#$aOYuP0}(C)1gY3!vb;gmG`-LZk{NVRxM!-}#>Y#z~=Z4jFW=`<_xtqt6@
z?|%0pj>2ogngi?j??ucz>ye&5{va|GGZ&{UW+KsxHSZJkf_J>5>BcwWDuIh9{-Ir%
zD@X9|w~<3Z*^a{yU9(K86|-W~t~4L5iMjOPzG?kL|I_wvg^pdA;uuG0`nQyYv%iM&
z35@Cyf|*t_hTohtCZ7+GvEj#r1bD!(Gqg}7lEvzU91clbnck=7!K~-Zkd+wIY-x2x
ztR&#?A1*Ev4H_P#-As|35w13GZIu!p^i^(c5^(>iw>JAJEGrd)?!HDh2b**?eQ)Dt
zCNc#3T>8`*LRh?;Qc9H60D+>JlaNr^Oc;v4f8A!uRW>i)ogt$7VNb(Q*fA-0Aa-`3
zOBU<&Oj30D67%>l!#O!33BK&V-wjyU$e4IDzm+iZPb{bZ8%X2-8v_0RH5d8+*Pmp}
ze;yJ`&WG#jdwYB32-<6|MxRqP(8g$xVQmihL3Ojek9>Htygm=t1TQdweplP(UqOK%
zeQ`GBKnTpw%gbEHlU?KAz{o?Y*AGQreDN#x@br`~&GbhCi?2A<stOXhuA>gNrZoM|
z)|j2#-N(1uy3+V8mjQ99R%7=FISrs~Q!Xn&v8qqc6v~BhFt5#lgj%Bv_L?Qr7YMOV
zL_3N;jlP#mK!2sy*YW2E3|VslFNz#>Opy@keaN7a@YC};UT2gLvd>1i{w-UG7ewex
z5oBR<a&j(GOpYE!_&mV>oWP`#^W+`=B7V^L=HhaW|4_avmujYX63DTiyS+|!Kl(vw
zn0L-I-$wj;0J@2b8mY+nhkeSg5vu*Jj#M?K5;amU7ewzJgQ3YE^}*5a22aOk#`fKD
zh1b6ID7U2EoBFr3wpJJYE4E#19uw3$bmSa5olf?%Lp_O@bCjPnobwYYG1n*68khAe
zK3LTI;uEXkQ#*iDVmXr#KHcK43jHoChfYl*DER9&FwIb0AF);%K14JCEv3bGX1;V(
zaI5yy^z+#<@$-t>lGj@WB4094?}crhXd#9(J@yvm1B1{HMb`0-+fE<OHY-n<R%Zl!
zr@24&^=Ru<-P>z91%pjrYUOh6#d-4?tHaGU!5qx-@=5BUyWF>1C!<Y^k0LHl?6WY=
z&l|-un#bFA@>fOKVkSa&9)?~9;qN!2MMU7gHoLyMTt46Vq5z=KQJvvW-tN|OA73ML
z{n1$uIk|oWtZrQ@y{onQ_*#EJ;yUq18lPf#ENw2}0+6#FFmc8}TJjri?CkpIwt$He
zechfEu9oR$S4C4ZoAE+=;AaCmS^^Y&>z)jen3u&G%5*Z}AFTIwcVj(W{;d0QTf14!
z8T2M{d>Wsqca5kI0r`X#Xtc3YwGJCbkj?ig)Tw@_BLw_uP5?)e45SMk`l&Zx8vtx<
zRp=%v?jX^(n3O4Zd&S^g0tV}f9JPXH#%VwSn&w?YqND4&922Ph3TXeW_K$9Xq8JOa
zp7l;~*WSB)yAny~$J-l6AiJzR0x#h&`L^FZ+MEWBG};vwNyzpdny;Q9bQ}gy_$;o8
zkeJd{@&pyAi()}i@2&hZ@NzIuIYDEe^udQUAOHvDC?zRWSPqo5T+cyfxJ5_&IoC}o
zk-xJ|>0@~HgNL@`jH<JulNykwWr6_&0rjvwD7Ozl<rxy(+nFeLzHak{DSx&#S0*97
zEG{C;imfl1GYK+jZ@$=Cd77;sY^GI0oC6<mUTN_&QN(?Rtj*mpo<Swsm7GonOIJbW
z&b@~;BJP{9)XLOa)i$|ykmrTgifO#Wkf^FXum7FmM47QKo}eT<lJqV5Gm{u%PI+^U
zi5C6utPQ2FI|LwU&TfF$_)^b6XgrPIDPAV}p8V7lo`8)4<f~!C)59vcE1xcyVO?qt
z@~;>Yt}uKgU1+|QpG9F~C<c6XP-)~hwaQn(ZGm9f)Axv^5}T~0rZf(#A^Sb;y`Ljb
zI8<f0{1ql#I(|aR)F1+}j>K8F46H1_Nl?2CTL)6B;C<>zcPp+1<!fm@2KMJzA^}<l
zihnwu#se&zrFd-`G4xexn7o}aI1$vu7!m*N#$|5b&8eN{1khZ%!I51Z$!pnLRAMZR
z<!MP%CN5x+eZ2PTQ^UY&f4VPBQFlx`!v=tM_`~O5=sRw>xNP?cMCr%!LA@8Z7~11O
z`SB-3qu3{sX7FD>+UoEZOI2!m7%GCk=^OcAkH@4de?e8^jI8|QRR4$Vf6$qW%MPA`
zuc+JdWOqSaHh4`OhtK%rVDmIThP=@iFc_N<(6Y?}De&(jRE&dTU|}Z?06*9_PbK5?
z8ec-f05kyb!bJYK{2iptg1o_5s=Q>W>(aN|Sta`Qe+9O*8$HSgpwK&<t-~mZYIzU_
zvmIN5ezb*u^KHJ=d;}*|4&y5S-kRnqWp0|vr1%MCD-2sQ;b(zfcbbab&ZT@ENwsAf
zoH}bdG5AqDg-d_Pdx;7fl3gC6tQbICs79>zS6{R~!o$mg`GJ+!vv2o>tHxV8Q-CCJ
zu9PL%f7B;om0zrTU4kHU4G>0};gYG>Q4#Y&)>Bp@K!_OfA``Poj3L0%d0K#TFXqU9
zrI$Dh4)}eZY~@l!aKrXvU9ASUV#B7zdf)SdJsxR;m`ZNxXQj6Rjj%8boX!@(&>A?j
zjb|+JhFtoFUrg~#VwSuS{UG*<TKoG4<r=$R(-3dutG{jCYWeg1qde7<Je<oiM7p5(
zpP!y5ktZ8mTedg;e0u*QyX!l<8NZlZir7Pc7^R9^d|Vt)#>AuAth63xnu)2I{A{ks
zF-|_5e-3z2nc7c9^{yN1mG(0_Tclf)H4vjqw9J}qIy7*x7#M5bkjVJMpCK!{u_wp;
z5SZr!NOt=Df~=nz!l#EF0c%Xbv9$ztoYH*rJx-M-bHEA6QOHn$N;r249w`<JwFF?G
ze<5B!+S2v%xm#)C=6V>#7nu9^$8SE0T6450cI`&3$cIC|_B<x3qptjyRE!FD^_|jh
zs`+DLXq1&@X9$cx9`uC?MprniK6*zlKENWBmtZcHqdQ(=WBqt?d*(PQPT?JYVK5G<
zN=pap>gM9bJCTJSX~Xft$~L!y!>UonFws=fr3{j}3@tQ{F+2Yy=W8P*sxuaFiWo%P
zwqrSTYyLL%cd}@58vYVRawkl_M;DKGxPmhIac*b&D?MN@;=7r4ZX7EBL4gV{R+g=a
z2au5FcpH@aiF8jCB>Jcbs?S>A-MtIMjPZ&mUzfD13`f$^3cAAehAnE+YhJ0@d(Q6L
zzAiiX&^)+}9Pb02o|tdJ7FQhz2ZyP0adhi`?<<E#pt%ys@vgO>Ji`BRC&KC(4F?#T
zG&cyEpGFa?7iS!iNqyA#1*ngnE7bFqch(zqd12qR<-xXhL>X`}UGJ*fo-SzoRnAF&
z*=1l`f3;F~*jy${=b7<dZw7M=Svi;Ngf-<;afK9?VubHR*~dvYRC@XNoOcE}rnPHf
ziYc7Gn#FuhxU1<pMz@@PJ}xf5u{8<md?wLd*}FZQ{%f1XYd%&(No?-+<N`K{hQg>Q
z5jv~vX)6O%GoxxsShPEeW!UVvvjDXo%P)uPsRUJsi3uwg7$S0M73N(tf~hFD1!G1O
zv_2jHrYNnloimtui;N{gFng`}7(GFMu~Xg**zC>#(Xao$`;wmN`>VC#FY~P*kR*Ra
z@2N}h8_6;&+z2#L&LkVue;ju7r}<`T*?ed@KzsU;1N%Zyv=ce?Wtpb}=7k-*MoRRb
z?o5?0QS%<n`7;`~2d~?glSZf3MH-F0X&dz^@|_6vO^)d9(i`?#B-oR2WV4?u*Z-F;
z;eREhqIK=SppYo{GhP0E$$~pN!U$jw>m)^bxo?+ylcq`=U!$0Bn_lr%=e9WA9-;mj
zK~A4nk5*h0CV374-@i`Oy-<u+D}TsJV$(D@C$|x6B#3lu`Pi>z^!znk`D25cV2;Wz
zk<KXuC7;*+0<AJ!j-H&?EEcHc3bT!;Bln}OZr1uh%JXF_-ru>oxoY;JE~0NC0BP?X
zkPsTPMa~_je14>E6LQ);<e&`Tm%gAY#CHOJx#0MrvJe`B-n^XUU1iJLy296kuksW!
zbf6M>fEug97Y%syHGyAmE1v#-wX>H`V1{S@UjDW3S16FDux4qFZ%Dq^;{liNGVD_@
zpBgK!5xaUrEK;*MQ>m+xDO!lit5Fv|>OoW{Xmt42788wV3{FYL`t<Z>R+MssaQbqS
zIJNYfo_mXo6vu(*Z9$=uuWoz{e#lw0PH-G(Yt&lH49p^4w;yCt0v%|9WGqS#gzRSr
zdx#gecRzM`u`{7>KK9#ff~SJQJ*e&ev25e*?T{*ENd0m!)p45Ga63sEA+wOHKQfEQ
z8$6dn?}>Q*;KG`unx-UL1Q!LP(gZgJyRyMeCtVmbtifc|@I1&Ufb6zSMF^Rc65iqz
z{xzTVP^Xa2dr8160OaIx-u;Z>IX2Crk$+O)P(_lO_S;7|)~ONwgyhr;59w<N&cn{0
zM*bEazLH#Icq8D4OTrgG#;+w}jGoSC8C_F~^Jm~oQkBt1>B-qRk{mFFIyZP9+c$BN
z+{EAg>o5`OEG0g7#7a_i8JWgwa~{&&R(<EbXu(PbgSA>zh|GCdh-b&yq2J|V?r%4^
z0cXM<eoGg!Uq6-mWA*}5F5Op{fGyOPnR^YFc(S&I?&`LN%Q6wl0YIAGg@L=SS)GAM
zT24~0p3H7eg2getwaG+czP%W@Kt(&<?Jq(={!?SaV-i++NcMqe&=^1T4Rzp>Bc4Hn
zn>uRkO^j=P3&yCM_g_m)(_0VaspI?tl8V_{d{_Kz_$@2~9Ng@IA2I<;`1p7c!%-VT
z{2%U}Pfwf3nYmnrw}keA^MoHu2mtdI`yQ;@+vSlHQ}izVXu+)}XfmerHJJ9_w8~9;
zc8xpCfCO`Pmm;_yNH=CjMZa19g3aRru>W2t5)Fm&N(w*2NF|evIn#v;ktL1SG9Km&
zU%c@XZfJ~^T^Osidt%jn|MR!pl;Qy{DSpvSc(%shpb}xR-^O>iK~lf;Jz6nODUHE6
zTc$qh#6-Cjf5Jbl-mvCX8o@~VfxzuD8|fU$_n*YF?Pyc^EPj|xKBq|I@qK4ERijM3
zjD<iGDsdX9T9|NJJke%zAlplyuA<kn9ISa7Lt)-IdTY4G#X7*NEhwZa^LeR%%)O6?
zc(z1(lSc?#={v_y{rC613J?#Xzv9)IZoe@)v-;&TvwCBTRO2f&2DUoRtGygfQFYNI
z9Q8G)Avh%6U|py#HSd3?j`{<jWehJOKeX7K>DUh+?|#6XKKgV;RT#vr{BA_{!}oD?
z%;0g@eUqy_Y%v-7>nU9PEX=C+QZOX0{{G3Xk<1FgA+(li9+aRt_?CXv1V%Svc{x7z
zw^(-H6EeC<hvv7bhQq(g#E%>_rSVyGpSjwO?%(B6lX;O>cu+6b@#R(CuaHjgZ}4Y0
zUN6z!NW|+s4VGWpH}7KzDZ~>kC^Nc3As#(kA0Oul!Iz#*GV**Id*ROg(S)}hQ<`w+
zq&*mS;Yi#lyGxOO%KdKv5y9!f2b^qij$b%zjA)WeOv)G7Ec>?-Nzqsqg>deA%m^z&
zV|*KZjI=kdBWzS>p5mLj=0w@PddW-e_lSgph8um9D1VKAnO>;x-Xx_fiu$OpuY5mT
z$M%c*my%>=!iOMF#17oQRm63-^WFR!^GoVr0=?p7^kw}(TkJ8e_li!$J|FJTRutu{
zE_@EMeb-1{Wmx4|HwZGc3nYF(CZX+Y+x<lbfBuiHiE49jK8CGN=dxI|%Zf~3%3Hm@
z_)~%9!~jFd?df{!|NTEWk60}(%Y<RjMh9P$(Ef+;_j(~7eyGTo^uH{h`X3QlI{YJI
zV~>}+6yvh~7{--1?8q54G27?FR%9EX$P?37A^Ot4`tM}28#Ky6CYcc&cF7RSmG2CX
zTi#6Lt1#;^L4xY)zCKBTVC|Yjw}}7jy{~?k^)eBw4agl3&YORqKl0p1wjc&bik~J^
zFg~FkT0?95R+hN04O8;7#mx(g*OS1|SoygnqE=4GM8P~Y)|$rc_r4S6xNk`~ET*Kx
zmnOVd-Xv1F8<cp9)gnBfM2P;%F<eU}96Ies-1YGG?yD;|%`pP>1{7LT8uW{q5-BjR
zkvrX=QwR<xFh8v@hf#*v8(?PW!EpvQcCIOi5SA^pE3^l{F`J$Kz3)4^&RPS%ax{sy
zZMx|u@7j^#7f<g{iCRq&^5X#+5Gj{D@TRP_pBr0h1LGh-!+c>pLv(pr=m8=M?99<L
zX!J0i+FziVgB@Ug`HcxNs_SGQb3H0{YYa=n@AKsF_Y)sxbP@+JvYHjd0!52=io_7v
z;|^rC#5yi?Y?#mi1qG69ER|%QbTG>vM3j`2$c8t?&NR3w03ny91l~S;bXw>n!2_YU
zH;_IED4&vJn5eerTDX?JM-jo!u&HF#4v?+P!AWP4?K9K6*DR^mpDM0A^Mv8V>GlFc
z%SsGWoSxy=r4NNR=FtpqvO_Bno+9HV265qWbm>QrH0oW~7;s402akffq(CdUD5@u*
ze=@QKj3|MKcztIGy+3kVtlMtzzs{`d3a1rvn8n}8R|TOyICj1(H=^z6GQkBldQ}_w
z9_yon%d5n!H}$#Z9}?9p(Ks+^^h|rYto-VDY7^Mb{9^To^Y-*3?FNgel1(0LsUl-%
zXBU@*GUJY3Fz^2`yZglCTO<qAKd}Ii>qDpafVUuWJBD9>SNK06#PkC`%l<?$Cgt*_
z&Sa<q3J<Npq{r*>4fl7GZLNKWSSu*r%4Z~BHY@-yD9dgi``7*#qfV8T^ZE!2xrkfj
zw{PIz<F<YkkA_Y7S>zR%HGwb24sYL329-oP>0sPKa~=SWx!&v-^dB!W;E1C;pWO&2
z(1dZo2pMIJ3)MRecXxMXRBZ9-_K?`V<E)<TzL-Pz$X(hT!@|@>D%#*HKQ;>~;MQQ%
zXW}Vj)F0+bwn<lbE@2?(p$Q-Yk>+x8ed%coQWRXLhy+bTug+0QEmwi@{CF#Y-+HJQ
zdYI+yCT}DWQa+BCaS4{yF{EN^;EV;LVlv1tGO)_2rN1$oI@<EnV6PkZy7>KA-wv!b
z&yCA%RupD1%XH?-UBa@?Z~MD%O%{%^dd~~8m@#qI{<T+Y^l&1!yxBF1loi3zQepR-
z7c{9X2GuxexO+?Yc>J%$hOlZw;-Qd7?rVFsHTeXb&G~DMzUR>x%mb-B`fBfB&&ve&
z5G-$U{qvRlV<NLE)f?;JXHdp7LdPKNwCIJeAEKP8Lf*#jI4C)DXJfL$Trny(ofG0{
ziB`WpfnF*$s(zQv&8`Pxew}ZKo+_kp(mVAV5?-{LsB_ugeM2P}{Nc&ykGtAx-yIKU
zPB~NEuxJx`Oqukxg74hdsjwKZC&8ndU_9QQ`&X&uC3Y}mx`*s^mIn+ax6|A(;zHcQ
zkDkNEInSeMU3*Wj^+zD@2E`Z=Y2kBex#kbVN-^KYiiYQF&CT(kn*iImrgmpg%6Yk)
z<u=8|1D1ZX{borc<0mod{_FhKk%RIkQ%g9(@g-L~(@7FnCyxQh!2$c+;=!2G3!A`J
zhPon#a&0wx09)vz`7x-<enu8az{|#x#L_6-Z(8PhCh2#v$Bb0S^qODE(>;BY?Ichp
z2yiu(u3rm}!(L+5Sp8P}H&QXm#ad)PUH5T3NVni+;Sf@+E7Wg@P7{3*5hjm{X4M{y
zJ*t)r6m|OM?2SE!6L})~szfC!gGHHJEK$y~1S!Xx&pq%_RdK}qkCdk9&;*JSw#!Y@
z1&=xhntWFF&5^k%KTIn=q~D$2dN|EcTz2!(Ip@6}Vb8tbfWAOWZ<Y2T)H8%qA{l&J
zpZoAM3IX%^_X^C|h1}9KT(ER47}@r;h!ARFMN^A#0yQOZ*KJ$g@$A4l<HmwBT578r
zgDR)WPnCUO2F`@a<Dp<lKA_9MD#MH9vmEG7?oZEs{wY+g#ZSz7vg*xri@V`WLhFoJ
zvd)(q)0rj4ddg|jBXi6D7+zs9TfgA0AL${~CX~5jJ$1Itpz>a8ky(z$cB~}1Shu!d
zihPk0C#dsHLU%>3qS<*(@w&o~IKGrj)L+%EeHJVljlnuiyLT66o4n1!v>yaJV$=RY
zY{lVA%k2`dqu^v)q^I$lq^X~Q(*~*4Iq%Nj^i}WprcCL|7$cAN#o7A;(<42pzCXi?
zV5E1Z<?*g-W0ohT*FHF}4ZKnC!=z-i+rH!L+dRSw4$w7hK8VZidfT(R;D73ScDPeI
z#)98z-fgMET01!OGrS0Ym%N$T>M0=MVU-i#mk*z{D{EvT@5)cTgnt&fJ7A8cC0(df
zTyN+@_mf30r{IVhU&uhT+6!qFXI1~qPOB^d+bIbf(IQ%<e+<Jipd9eQ?oT<iocq4x
zM=((e*~J3>w2*CQaN)6EsYXB-megMo$CS4E*S0s&-gF3%l3~$>J-D@rEvls9*oF9A
z-?dYHhlE8f2Okd)FRBm){}ujg+Q-2Ml{QV-8#4yU_`%hSfOll-j~Q`&6O(jROTZNQ
zMW-9(tpeeNq-MzN(*=F(!?$5P^9D8SH8-Y=M<efx)YK5;RI$`$au~<7Jpc5B$lXP}
zi<maphYDVFPy?zoty_Q*fF=kF`cU^Yp_RQ$O&>m4Yx_kN6X{By(?bNBnx<ptYL;dK
z$Iy-({Cs?m(66Xylynw4!cvfoFZexQzPYQU0vBD1)$>mZA}*!yVb3z4%<HHE*TTDO
zhU=?;WQr-u#!xX5F-N9=c=g%Ci!$|q<|h*@Y$%cHG@<=_854cqe75oHP>a8WFRhIv
zo3;@gL7F87O-!JyzZ_>pR$$_WK`YAJSnEyK^MM4<$uBe(Zpa6k;{-hb<N}3cwELBZ
z7_jiIckAjaF;Y4zg8#v;j!&w0+IeAzpheV%LK<&Uy&C?Fd$iIr633K5L2wS|js*bW
zbWPCPQD1a4{1~TAIF?aS;}S=61=^Lvo{}=-c7;`TZHCVTrt?2Drl5r4>B*!I)9Jp!
zt_L|Wf^Ix^Babk3$TEze2cK{9EpAO7+Om?xk%UX2HSA2)YA!jj?_t=I&MroY(!}8B
zfw6C>YJmzl0X!95Xn6wREac+TpsxRZv@h^KQc3<VpX3MTwQleQGcFX?*Er|?@3Zjt
zEx@J&&ammDD9{kb?{p?bL_}<n(k>&wkNTgbtF(a~WdD;3TK|_9g?r5*Eqz7*S4!3J
zB-|E@c`Df*a|RY!dc%@dzRRu6O*-V#OMk6n_*Ja_dsZv*=#e6r;Tg@kW9x69!?BCJ
zxW_L6XgP?0cjLGVOjyylpyjxDs^aC<x7l%=<9hX%u>JJ1GYZy^;!-`71ZpswaYqP|
z=J;SdhxZ*PCnsbb1WVvl8N6NzVH5BM=cs12VR2i+I3~KT;d?x=Efv1*&&h!-3$hBw
z{?MzH>97C(@*uCS6eG$v4zrCcnVFeTRl>+Dbh_DBw<QY@w*WQggm}{MoWmkW@I$#S
zmYzpH#tC<skk#SnXFo3R14EL>L)7Qwncw;0xa2>IyK<V~Az2QTw=~+EtbQTv_V+`A
zi;+^MXphp*2)mZ<@15r%F$Xh$S*|x5=~K3$^!9c4F=$SNbgle$qvwBNcUU=qPM$at
zmIv&jt2Y>Qky`@uG7J*|$}L~M$Owxrsz9nMIwFT7rYDY``9FsN6I!3u#gGy!a&kl5
zmoin;XaZQW3cnd)*NnP`2E|XZQ4Dqyjx|kEub1YY=xIy7_hDVSKXfR5{Fb0Y8MbIJ
z8@Gp6BlhrmchdTEgEzpt{TPa+FD-2mf4G)I9)<e&M9=xKMnsFn{&Uajk!aZN?mM<q
zo3zM~(f2?4V9?Z*^_g;z%C1%>u`;3Z6oGd9^L{*+f8cnD6qHyeCq*d@#!;<uNy61L
zZ?CRVHOIN3w|MK`E7Um#;?Xi#Y<3tIyZtduY}zv$oc}Gj5DPE4&BYOAsv^ASZjWfC
zavPgZPw))2I8grvNbnd-K;64Xru7FK!@9_f$+ommEm?*4G3Re<nNg5Amtij{Yu&E<
z^_4Hh0Bk0PVtvh|%=g+%66>C*$1~<o0KQGtoWazL%FsB8HL3m*;F?Sz*(Afnv=3@H
za~MqWdJIZ_^*OB&^}o{7DA8erakED498_~qjWO^JZhr5)JJYWW|KmTMK`y3G=>PsG
zW;S}79~Gq`cdUMOx~zXoF^%~ivO*XKJJ3+Xq%^qOpJO*c6tAzK<vJOZB>6dU-~XsS
zG*Z%hdtcW)Q}5L}%yELhD_%hMq%->dQ{-$7c`idy^X`=)ueH)=^D^K|BZ<ezJy?Ax
z(!hIKdUq|wga@vo7smwqVu<yZ<f0z2@5MG~q3wxv`6HSG?=a**6uBUUV}K*QRt{vF
zk!p(G<)ybQpA5vjd!<~iU*)|=)p^|Qk2?0nBBG>c$+Eef#Q#&UQyj{hjx@pi^x0dJ
zx?@GZ8J_-p50i1>GztF_2L3JV?N+m%gpDH@YlMdt4r3luTTv?8Ovc!fY0BGOZU3(9
zvr}ZTRBnibBJCSuLHODsf)EbQ>60Q3EypFK4=gLTeZ2{8C+C0PZd*^4WTg4T1MKz1
zOBpTL0Q^LQJWlPanmNmhnj!+pCUrYB4758k8Zgt&aZMj{-Z<ho^<I`EMoiQiUkW4h
z1yxXR!lcHubC6dIZ_(~gNk)a~`JKYK56x*eTncx~*)cc9N|JgKn0oOfMq=Mp+kCOA
zcUlsrLM3uPPOb1B=WN0(sWk5+AvVN+Hc{g{C5T)+Rv#5h8ZNNxdr<J4V(?;Wr<hT{
zzDjn4Lki>NLqF)tdXmK&UUK_C=fqDkf}V-u_^_|E<!#KV!{6ApMZ~uJy^i5O;=ERU
z9AE#Pgdifiab7SJ9nU019M8_EBUI~l7Z^=C<(!BA<sl-tXr)6FQ+Z}qwr51nL|~66
z>vRmYhz$v;wzAk<BLCVDbOQ2>N_Az<=g~V(|1H0XwIIYO)IP84p9N*}@1rx!WcpG}
zyd3LF3)Z&^i4UyNp0W5&_M*(u@()>de>hKIRJ8B>Wj!@}gUl&jMAaVBF|p!pqh-eQ
zO_(U5w0bt9C7+Vfk5hRVy`$eRE;wm~kcN}d1|i4j!_Q0f9uafm%izmy2o<G}aOldz
z4L$nqWxk3&Hnn(AX4t`dQBSq)RP5c^nTFNL?f8e!O>UorNxtslgsb4Hh#JcytQxs7
zj48u9$Lg1f+UHj+$`S!9xFp5U!6?FR?vX`wlXtH)!HmxlC}1=4vTvf}Y0N9?)17<A
zZ~(=Km0fyug@_C+mm+FcPDL<Gr6eEgy$&-ln7jjz;+K}<Ffzv<@Wi})sr^A&@>NGK
zv2fKFQ2`u$to@W#EsS~)ZFh-^=$!yyo9hkm5Z_xQ>{hU;xNet_Nr_>hz3G;RJ70FY
zfsxcpnYZ_}TTJ7n;OS;pB>Ro(NhslmGDnS3H?Ye|$Hmtp^#H<D`d+Vgm_A*Ta{$?0
ztuO5futG0`akqEu#POBOWW@Xqv|j(?*fpT5yO4xoHlxAC32P1*QuDWeEL#LMIxaNo
z2~N!mchVmp=|On9_G^9px<j~x-X8>mYG%7bc1XkD-+T_$@8Yh1;tapv9hny>9nYeW
zQB3#T&3xZ<X|KT^p5t^Ko%F_{oX7NxpZEg5A77o%QYitFZE2UL2luslUgQkA&@{Sj
zO|x|M)1kPgvupDrb9k`&L4NUD6!S0T7MlOmz+YN}&@na0&+%qYiO5pxc3%=x+17fz
zox9mNeBNkAkdPW8-fxaY%$j32Q?Cv?YMCJTkZ9<CsXP<K$ysWm;~3Gp{Tcy#)MH5n
zBhXr14fRD5b*h0F$Nn^$DlVrd{&TnRtKHadKHvh}sGcAXXK--1R;3m9Tr_-up1gF-
zg1PTkmzsTF>zh86n=(gCebd#WD_dT9ihj+2mfM|JV}-h^pVdn_UDro7zpw;2mg;O_
z79MrrsWqsG5x+?8mKFJ|RalWV7^+(*+phyteG0WYx##{7caYYg4$>vXfDOCrD^%yM
zqLZ64eV>!qBqmr<+mMEm7Ur6xow?FQPK}}o=fhs&>S%4L1&<200(X_)s2e)K0X7?$
z6+5FmmSi6pwQaV>z_OA6ZvA@+cNIgDH7d5`dg?tHEqE~Po;J}v*}se2!QOIgMN5KM
zc}q<38l9%qXr^phX?YmGx1fld7WH~QYJ2Cb`8k%cmJXyH4kv9%XljbLZlb$L60CS{
zZhR+@#=@p*CJRi0;Tq6;62Ts-EqfuLmo@)dvRvbECn_y`d!{8{mEmY@SQnXafz{?C
z`Ss3!dgx)%LjtH7Fynl^l6K73l8-Zo)~N!yBD3{GmLb^OL@sO=4kxSn;-rbq4U`!N
z%C@`ovP!PhbbhQs1ac{yhRF|}8@OM#3E$MTX{bT)b6{z>$E=jBVWvLgGyh4~m%@?o
zpOqga`omkuA{bjdXe+DttM_rq)on7DSAUKWPCQ?nw9JhJ>Or}LJ4{z|({YU!>wdY)
z$?+uY8vnFiom{L__yorx;QI>?{QKP`(IGcF=y#4<Z9*PC=&YZ=S4Tx_@A%&Qrlb<F
zIKE`~N9h~Rk*PeRCZR6)mLaB29G$;tU^~<ClN%zL%eRQWse`Mcgyg|Ajt0i&(@aP9
z{lDH^ISXlqlW`7OMUHskf^2iDO3ehO80CLf4ke#ZM1S|wBhp|O{Tx&KT{oE{phAk`
zdGt;FSmbx(Bx<<X@&xN6pJVHdo_K+XyIcnCHAzU#nBnBq1Z}Lz+ua<V<M;>0bhr2Q
z!CU}IZk5Rz+fofCq{JON5W*#E)OOnq<c~)i3m;3k8~<TD1YXbow+@eu=_K9w?>3oJ
zy;GCS|NTR?5C5&#{~tLDe_*y)-F47_%{2ShH?NF6FX;D!W8IftqmMyLjhKTM<+CMe
zwD1_qQ|Lr>1^Jx>KO~#<{*RaO9`66SP3Ql`EBIeO$we&|wx{Z#shhqRyAYLlEn-hq
z&XT!@Kq6Ac&9xliDJ1GJ3-VT$94ytd)AiZg-;eK0;r!3l2DyCatx5HNUzvDd;I;YC
z>3|F=i0Z=4(Akr=0Y7DI`{shU6UhDl2MNF>9fZvsS4>LPQ%l69@D-cX;QXR_vtHEq
z%5Nk2&p;MfY!hI-El|VJ{Gq>8zfy-ug$x{fqH$pL>I3}@uHJCu9!z5OhZa$fRs+XT
z69f|;B99D}GAwqoeh9tOGOK1*!HZ7j)TiqR!yCsAiJeCw%#(f>9?$OeVD7ft!}JVg
z=O;;I3(^xcjg){iBr3%;fDr23y6g3o*jFGM1Y@mvH-Y3M7kWU>=(NZXFYb%+)%mnS
zkN2Ef%!>hl;k;*Wk>e6^%phf>t%+uRIIpdz_U-SoY3Nb#ThaV{6&Py--oscmHkajb
zTv_d<(74ZQ^i3(W*qp6kg^?>9${j_w`j}ie`h~%E%x-a=LblfU8mi7JJTdRp;^W`d
z-ua-IJ=4>h9bl9P>3eDK2}=^vAXw+PVAleVv0h|ZVU|DzLk!7eO;^<bzRC~{NQPu*
zGY!NtBY9Dj$j*aMu;{wR7gk*ZH{ty^1MSYY_jTba_{`aXgh7CO)CJy!TUFLCm~D$l
zkQ(-%N+PXPN4Kp>7TBtsxIX&12Z#~NZ~@jkv<00Gl^RNjtwQI=>$Hegs99SAJRn6u
z#ALyDBnTclpzOIeP$+Wsr)u^O)?R#d-^r}9`K{)*JxvSK?*tyxZ`~1p21eso-CLwk
zFSnm|r-u`W2lMyeSC?+(vI>}B%@S_+)-JtsZ=#f>2xP^=jbH7<!!ORI7U)8{x_+8O
zOnj+7Tvx1KmynzFIbAtIsKWZ+ih2^oWLA1eF(iepf_?{W;(&?~EvN0u+a%~di9lls
zhsKgu+9vz$XVL+~?thj82j}r!5g=G94pnM$A#KPEa<R__{6jC@0(Zq%wHzEArnq?K
zvU=CmzvKccORZ6h=aFacv;*<>_{$wqzPtvdcgx-q(zCLsF9{g@mSbh-ANFvaW*7eT
z(xf@lWH)3&P9Q%%#^?dAuGzr$46noXy)+Tan%{oXvR8*G7kplcI(ba#Zl?!5M6N`O
zP{A_wq_M>Sf&XzlgEAc~MTrlOqwl%I#Itip-u8Mv8c40~_fT#<U5nSs=X*j#F}A7P
z75;Mu`YV`ds_L`_q%qZSm(0~1_D_HH)`V^9U-tBzmb&<kbuAj^h?@*kxl1Y>9OjSd
z8EBm7LlQ$DWy>W`l<eOw(yZCqLD8E<OxC0v-4~JX(`Zr1?Nw(`94p%2awlH?o<*Us
z(|nn;!quYin%Y19q0>??(&}fWsVR00%KhTzvfZSg9-^hJeo<bgv4j@H0xw+TdugeX
zP%D*&)1dyrfT1YqfNpK)@V{jHQadK9b9q#$ZS&sbqzNYzMX<e@?aoWB^ZJm^n?S4f
z#_#(jr+$5oeY@tdi`SN4FdBN}>)RDi;*LVH6?2Y#c8FV1+Rh}oA2rmSOyyAz&l0po
z??7S!Nt{@qds59czt)D(t&wYKZep}ewj<=Qc_|i+)I0aIVSgG4vd4mTQhl(kh;7dI
zIKvODKJ>=zC*n`c1C5Slqx_Nq0r#JtaygvfESjB^)Y5Z(fbnm!s-Ct{c132*ev_dG
ztmf*{-FYhaOy>3y-CRy|fyqWotf;vH@$pR%_up384{NlC;gz=N>+9#*RImHt`2-93
z<}D0FK_XQpp7sS(vsEG-9;iXC46?Yl^qj^pmwzVdg8Pb7XivkoQmw`7aNTyNFUY8V
zWsL;}aDzShl7T3Thl7gxk+AhC<-Ukpc*^fETYE@??huiMoA!j9bLcW<W=hS)Ag_#N
zUo4G40f$*V>kAk9OMdH%O6Y6V_9@E~c^=DJ&y^HcA*N(ud(P()QE!?u7;G>Da8K}i
zbprTsYzBp=y-xT4q+lNJD8h<wGs){KLLO<EC|B&au#0IOhjK6HqpL(SM<((sU56N*
z*J9DWL%Ed?U2Eago#Y3ix5IPVGDr!z3|~2`Exh){S3CNyrK+y2HU6!->^_eMZGW{B
z`_Hyh4N)AAEx*VXr1sVAA8<Xv_urwfF+cl%Klu1RdddAC#{JdTpn@Tva3Og4h9YAU
znX1UUHb#sH{tkC-{eN=<|6kp;|HsStKi9}z7-F$gQ&S_Q3owMw)vORhO`eED%Gv$t
zY0SZKf4a~LD0F9H4;-5y>e>UBhn?=l>r2g2gTpC*s9g6B8Vl!|nwkVS>bOq#k>glB
z>}UQ34ywcU|DDNReQ3g^cqj>buS}+p?+ryJE!Ya212))RK%^ja#W|65AlOaP0}_&*
zuEEW=;aXJ(m|N#uW%60p*iBZ+w_u_(jU%;ZaLXgV`gzoSk+IFW;udh~vx7@{bO+x8
zuG)V@ua^53VX4<plP>8ax6J}XgoAggh`U>C(7FCD&$!3YX4;nKyyQu#R<n{p>Jdmi
z%m0`r(8h8jNLTiA6#=P(2hrYmuwPI3`I6B-4ow73q8#vV5V{5gVDn!4U73Pp@%Rs<
zi#!DjY~ftbpO}QogdDjv1riP|8a$Npa6hHSEb*j&e+K##hy9V|)T~c3r!*FKo$fC7
zUxms!OW*H?IQJY{u6?mRR9er`JFonX8rQ&I|K59bQ`>X5RdL|^PU}9UBPF&0^q3Ej
zQ6_laCTdRpz)yhJYh-SySkZEAt~6%4!F#;syF{7X;m)|G*Q*UySi8up>oe8$n2U>?
z*XqOEseAuvnNKu1pAI;gXqvn)3#B*ee~;z6bGhg-r}26YQBK{1lTtN8krbByF{2W-
z0rRQr_it^8DL726;{<<$il-k<KnFGzJb)Q|JalE?J|I|mlUA3foX$%B^nwxe5h6T#
zl`9HyB`^yyfDLqLB2UV~M2FiylRY40p$%0YWIO}+nR-_*J;3)I)}l{)!tEamyD!2U
z8X7YFFV9?IuSrs-gmWiW8mM$XvV;tG!VW^Q2&7@T7#&3Ky=K-duAyoNkNYz(JiSWO
zup_Tazz}sq=c3e{sR({Bf!QxE`6|d1K6r-ei?o{czy(JOgWMESS-GhD|6-Q=vJ7_u
zorAoc;#e^6#q86y^}&Ez{RT0+mRvH2e)blpT26O`!w!{vf?x)~lX~j>zbintAy;jM
zb#ayCG1#){kra@=ysiupceC~rf7nwfkOTB{7+4bQ0eu6yq&^_uFuJU=t7X4rapKv!
zVc)}^=L_PQf_?fwh~?8h|0FArz3~~mhc9mtbDB&J7`VEBhuy$#nDAh<^;im-(wAWG
zJ<AYwPY!&IA%As&ZZ=)#uU;hyTdsU{&W<*?n$8d604o2tcXn}a=_zc$6RT{=dL>xz
zw9t<3JbCZ>qbSTA|3kr-*0G;$q<tDg^~*Q)ha35xX0ewmFg>!WYz`wLc^3Z`5g6~F
zFinA`Rhar243n?6#+04^{492Qn7nZ}IaXcvf|x@?32Y;;C{IPhjnMqt+C$6>3A9zS
z#H$g+kc}AZlH6ZrIdDfRObUrs$WHhYvEXzRY1X^Uw*I^p^if`a-v(2VI1Y>>GX33B
zy7F!tw)k;8+jv=|Rc`+M2r=}<67P}E-`HE6I_1b`aUQPhGJ|5BuWHC}uE|O%xYzRf
z(_ihkCU{T^*~i9PR8xbM#L3lFo$bZ@hou^uU``vJ$b$&94L5h@30zm!Q|DJQZz$AZ
zv1C33V&ea|+O9jC%D?|3B9+;pW$!%-4G~4g$;=)pD`X}5hHQ~!mK`c5lyQt?AFB>o
zWu5H3XR;kU@4N5s_x<O0UBBykuIGCEdoJg=ocq2%@Aqqpo*EsWeXPD&TXze4mDCj!
z4#*G-*bk5H*KlY;d@`*{LvV5RkY;p%Xbj*NbP1i(=j_H#V;hx1=@fpe%E<#3$_>i=
zCQx}fnlyyw^4Z%3@f;n=FDmMEa54{-^!l;jRk?f-JCb_gv7*o3`XjraSp`9oi$d)8
z`YrL{(u-Vg9}?dcy%g3n_BPisrB`g6uCwLCB6<n{VGWp%$$^k0c4P5!7D<`)hEgQ!
zphvN4WnyDpkZbpHLJgB}f*7vY9^>?7MtQ4-VP#8RcB9%2Ph;2p0h41=q0gxl&JX-@
zb~3}rP;~hBqBNEIpyQcwxwI67ASDNohR&tRVtsKibQpZ$-X>msf)X%B!<qXr--x8Z
z@=MRM3n^LGyLiH(XY}XZ@0Zjpzq>&@?{JF!y=KY<r#`InSvK?8XpSd`QTj08#p5Gc
z=R5{z7ti9ar4Ql`uEu1laI~Y7>k)8Kj!jO;KN$6-c;*Mt2iO>dgu7hJckOF9L)-m&
zkA`$Ziw6PL%{$eAm?Bdz<mf6=Gm8pyEZj98VlJJd!|UZcU9sydd5yGiasEst9!i*5
z8mgMM&8_>z%4*B=l-?t5#*;avCBse=I_MgJu}-<-rW}#1%3N?~;x|QsmJ&5HN~~Y#
z^uXPQ?<JCUV}G5J{3{)Tgu=h7)H3|}C7wG0*Co?^Z=d=_5Pxzbx!VbNPC*y~qj5Kg
z*5tdo@<;V2__Z5)zZgaOu8dT}IH?_(c)>MbSTPXhglPpVbq<(X?tTBf?!TUC;U7@=
zuvh1z_ZBuR6L9!%)lYW0i$8u0<2B4iU_1XA;FEgza!7djDj{@H97}S4pj0)lH;0;y
zntV9;IrI6glVh#>RR+*b7zHQdy~>jtT!t*Jcj*F`4~^XuP4Z%&I=p=&-8&-X;(C>l
z#uN@h&w3-c(+*+t;)D)f$TwT(4U}P=5B%rK4}<k64sx-hr$mesak*=?VSaDVEREjf
zQB&Ea@l_e;ZOtIc46DscFLoIxO6c-#SGk+mb(KDQDXObK*X@wrBUFrs5{xXu)2l)T
z)hWf&V>q8cHjMcm+hnpc&TCN)*=<5Vy@4HQImh|-PJP;1XQMX+Qeph(hYhyP;V>6E
z4#AvEV#eGOj!V$Rsip?0L74Sroa$#MGk3*$uHPh#y6bE{-}y>?4i;rz1p7-h_DYXh
z1W?<rx_bDajs}jq(3r-+u4eGateL4*YG2S~V_}Dto32l)xO~~BJ(WlPU_ixVc}N5l
z=mwv;You~_IS%7@B5<W4N<e;fRds^9Oa8OY&coUBaUWfxIrmd#xzZ^8KfUwoU+Lee
zJhD5!5c%nVrOV@Y^YZ5d1d$3j!^hT)U#B2b=qR>h<SHqjpQo#4T8ZGQ3?tLjfg!c+
zZ$RfZb(-EW=*CWY1zwc$j+GNA^L{^>clcekp}jzMUn1ir7*=&0P9X#v-KzDfk`Z?0
z)-VW3&-XO#_MUTnzQpT3*VAnv;C-Au75c=ucp$0I4kZ3^7=#m!5{nd5vlwl<BAXk6
z3zbpuj@hdSs(u(HW;k74;tdEN$APo=4+%r~i>Wx$xNhG%1`9J>kntq{2__@ArSxv=
z5h<WMMBkBx1!0gF7VdEdRUWTydX0QgL+$tfWvu^6y!=l-@Be)hZ{C$*Grpjxd`jvZ
z%|@8#tidpVWMuWn9Y9RpBP&AN>pvh4)2c+-<KOQQt$V7xuT%e+P&nW&qJJEu%k8h4
z<1x2~<q&<~AD`!K$y!dV_{H_vK@;iwKP~#lnu~1PGj41yJpf>$p9%jPpn?$UlubmV
z0*kUK$~a=IFfqZlC1KRLj*pEtvdGqYEemHo9l_$mlnHHT-=40|PXI-|vuo)J127~4
z#K_9*Az#MyO#p$=Xu30+hjMxf_JI5w+l%I<LkEE+CLYL^*-g!xP{jx~WPb*T=jdlz
z#f(lYaD$XuTfu$0&9T2nv%Z;GY~l^!+8Ztq$;kQsEf_yVCo@mTjRj+m8l1L{CQ5^*
z&<GX{#tU^gNhe@#wnzE7Pr;ctHaW=y3nYq}nYsTIClZ(mNZGSYqrs44^ooiV<#WG4
zZTJd0x@WfmM`5<LwJozR0ecNv#2St`RRDLm;fXgFS7wz*x=9=1CPi?0@StP9zR!KO
zL+KN1kT?Mcw096SO0E6SkY*b67#d8#jqk~lK}+y6Y>@WGmtl=ZD~~d_sY9(<i#uD>
zw%c?AfGC^efkdv{3!Cs%OnOgAyQB^r?fMYOu9hg)l*8G4svPW3;M57*V!0;AYLI8z
zgKLV-jDku_b);fxv%1O)0Hue09$GSt_{dl(XkUGQ^9;8Wl!d}TfRm>9PT7`vQN(f|
zm=$TKu1i&*kep~qZ0_1VglJeGPVNPqNE(o$$QgOFKS}&f3QSaLG>JPAY3y$Xq#bQq
zX0!`^_Kb@b{W8?!+w#qTc06J(XX1~7uMVi(k{q+59<<esiSWd5fCTgL7>(D)d>;={
zZm5G3>(&U8MR-HG7*R(Jy0}fXXdkU7K6d-kM2tuH6G-s8e?In9P|~KZGa~2HP^k|&
z9=o@@(Ijy0v50YLBRWX{W+;Ap>-ql7NJR0Tcc!4kvs*9`!XAc(5n)#U&gQZh1mcO;
z&6l^NNSHYdRB`~cq{VUGWrPG}b>)Dl+m6)7LY;6&=$p4weVeTfr5dubvJ;RKw;Gwq
zAI+L^kkzz|eRJ*BO76MIpkXkO>fM3z01cQ5BQ+W!0qIqh&0XKAJv1~%D*LY=@vB*t
zB;&tbO%x1=`U>m54;5)O0i|i6$%pw(Rqd4kmw+xNE*Q$W1v_onu_E6^0YMO4pOc9S
z2&Q&0spI6d%`+AJ2I!I~_>F!9*Sxt#34*;G!8xZyPv?Q+#Op6k>+NdqlTl#&woN6c
zhh%2M*yQ~eX^^LKY`a_|OKrWBeb3AHHad2M>Z<#Lg?b`N2~o-sX9bS?5Vd`r2bIC}
z%K>kxGx`b+wAtQ|@kFAV<#w4Xqfzl+(P1Bm6x1_<@?IMYo~))G&zVIeV|Bc%Hk@&L
zqJRg(4Qcb?rwPPa8nb$CEMN%v(9>wlOtR4~iLV_b^xo@&kmGND{(&G6wR|wP<$C4t
zFLP-7iv=)KB_x8yJ(;4xy2^7MqY%i}+K`Cu$ZSua4ODU(%XroSnelc#Ib~}zzcOXL
z*R+~R1DrvJnv}1f>k|!trJCS5e=d=U&au<H;U|Q&b;hX{E$7-^{}vzP3xmK*!tgyd
zx_N9?pW6`Cd{=g-+SUsFEv-AGez=ifdONBNHY@TSFj`KO(=XF4kb-WxK-i@G`coR#
z48{IVs@0kZE;xZ^w-+dwOnDR1*;6b8{1W^e7E0+QTz<iItGsE%hStHJP?!lnvzZSK
zs0pSQeD}LMjiyc>y>C)v^9i<%YxaZ>0-x-Aw0?L1pM|<q@n|uIOnD7zVjS?G6wO7G
zXokPO^jHVbt9Nln7DDF5V(B04ZY~onvAJ5KbquZO!k!5`+Kqb0iw;w0t|5EXneT5V
zTV^|_sw*&0DoT=4%iZmpL5JA=E%*smr?$>!QVIt0ePOPNPEzfl_BfGbM-%V)F5>Ve
z{>;i1Q5U9U3I(9PUt~E8NI8Hhy{@}t8nxL%2Jyj7HWJZB#`~)uq4Bk`Bm{X5Uxnu|
zRp3d9fr(zXgW3g`$Feg0ia);?274TL+?~2CFnUsmMnG+XKfmnD(r^VIY;-ZfN2i`w
z&|9Gd^}8%x%&)TdjC8<-WI5ZHTj8^_wkR|Ragpa0t(3w~{O~AV-pk!Jn!Vcc>Pqy@
zB#SaKI<%9M0%h^FjGM`ql&U{!X~Xc7)6dSTi%}EseK@xe|DK-fAP#gZSr~4`Evo(1
zvk5L-X@`qLDz{ggYY**qS5d-BA_OHKodi)5@6A<D_JX_ko?#{l%P%nyZJw>i;Aq#L
zI(WK)=DQE4a(D(|xXdj?w$P|iYk7w4!V<>L>jKSNR!5ryx!c;B$STGDlUyI@kcpMi
z`u!o6Aiw1^GR|s1i#eJE@PfE?F5<}6x4>p7j|TxxInlx_jPY^=E;CPD)yVt=6?^Fe
zy84&=+MF+Z>u#fCz>^mZdHYGvR>PKS4^xRYc#)dodwZ2YIWayRS9|@45M$miX_o~!
ze_FX`MId3m*b&vb3-~@yQkhIgATq0W=^ar&DQupgB?5?S7H72gX~p1U82<$(q;vei
zWVN<XW>HaWk1l}gS-Yhsgf>aXZzr-13kr=*78Q0yw9=!F%@7QBHkNqcR9W#i`v^uZ
z$tQDGv%{Yw8zk_Mwtur7DPxDeZas)aa}4S=dog(iP!QtfDK?0-O~gG!Xj1b4o<<fS
zH$zW|ZOyJN!*U~T(&1_H__Ji*uEzqrIIhFCmx23roh@Kof)v_No$3$+0J6hoU#4P2
zOF~h&#29}Vm=rXpTGRL-ENG%)S#XBY6U$$-&O98-WcV$LhCDCiD4RwnfFWwJifrzb
zihke%Fbif9KCaFrrlUadnQf!qQ)+3rfI%8<h%y4^P4|%%@Z3CBSz3j5oyrIvQZ7xJ
z=WhuIY^I{!0PaAo+rFE)p>Y2zgu^!9jaTL3)i+cIA67PGCcvnaE&k#z?<yozG?jmH
zXnowC0f}$>!X^{rBTnQOSzE4p6}y~s*H5?LkT+oMGs-h9b2ov-K`)1re0toN$|?jU
ze5dX@Txm49*Ge0HPl~ZWUY*kAhy&%$71lK1lO41!_c;Qo_DRI1Jz6)-2Aw4QKmSp=
z03{339HLut({w2PF_3yNfCWD~2BWrp1oj)qb+!I-R>2Qs9vx`@iw_y<WA*+*)uFjs
z*rj#es|bMjH42m*O~u)rYtQnL+=JVpl2n{%wM>oIFDIMh)Jqn6rDj+nf3zoFxgmXj
zfc?lAUWU=c{F92sgXf?!DeJj)(QP9f?4-t)6?EK@nN;+VufW}5RDACZ1RN_4!2Ofv
zLsaEFT}yc<w3t^tZlIlv)c>!w8G83k5tH&;ZAlJwQsh5E+sFALZ>AQW^iRCm8Sef1
z_XVNgR_?H?-Y<`mZE+L=`jfvYpr2D(uI`o~S>XGG0vWyoXkm50DGgDlcG&-TTedbg
zc!Po#c|pZOTyf_(JMRLF|8qV;!H!>BPQ`FoD!XgKSOJ<v3K2u+k(&KIaJ&|r=6lL+
zO^)&f$@<qnb3VNM&xrjz>hCH1zvDmpzXHvFKKS2<zO}CJQ_l43Dx^7LL`dLARY~J|
Jo}xv-zW`NzQs@8x

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index 7aefb5a1de..c9ff0f3add 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -123,7 +123,7 @@ This card lists the parent web content categories with the largest percentage ch
 
 In the first 30 days of using this feature, your organization might not have sufficient data to display in this card.
 
-![Image of web activity by category card](images/web-activity-by-category.png)
+![Image of web activity by category card](images/web-activity-by-category600.png)
 
 ### Web content filtering summary card
 

From d1701c8f50b3d0bb7eaa1a58d5dd1c0fb0aaab2c Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Tue, 14 Jan 2020 12:53:30 -0800
Subject: [PATCH 067/247] updating text

---
 .../microsoft-defender-atp/web-content-filtering.md      | 2 +-
 .../microsoft-defender-atp/web-protection-monitoring.md  | 7 ++++---
 .../microsoft-defender-atp/web-protection-overview.md    | 8 +++-----
 .../microsoft-defender-atp/web-protection-response.md    | 9 +++++----
 4 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index c9ff0f3add..5a60f9e9ae 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -39,7 +39,7 @@ To summarize the benefits:
 ## User experience
 
 The standard blocking experience is provided by Network Protection, which provides a system-level toast notifying the user of a blocked connection.
-For a more user-friendly experience, consider user SmartScreen on Edge
+For a more user-friendly experience, consider using SmartScreen on Edge.
 
 ## Prerequisites
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md
index da6e550794..36d58deb28 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md
@@ -8,14 +8,13 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: lomayor
-author: lomayor
+ms.author: ellevin
+author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 08/30/2019
 ---
 
 # Monitor web browsing security
@@ -54,4 +53,6 @@ Select a domain to view the list of machines that have attempted to access URLs
 
 ## Related topics
 - [Web protection overview](web-protection-overview.md)
+- [Web content filtering](web-content-filtering.md)
+- [Web threat protection](web-threat-protection.md)
 - [Respond to web threats](web-protection-response.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
index dd52925080..d3dd75a836 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
@@ -21,15 +21,13 @@ ms.topic: article
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
 
-Web protection in Microsoft Defender ATP lets you secure your machines against web threats and help you regulate unwanted content. You can find it in the Microsoft Defender Security Center by going to **Reports > Web protection**.
+Web protection in Microsoft Defender ATP is a capability made up of [Web threat protection](web-threat-protection.md) and [Web content filtering](web-content-filtering.md). Web protection lets you secure your machines against web threats and helps you regulate unwanted content. You can find Web protection reports in the Microsoft Defender Security Center by going to **Reports > Web protection**.
 
 ![Image of all web protection cards](images/web-protection.png)
 
-The cards are generally split into two categories: [web threat protection](web-threat-protection.md) and [web content filtering](web-content-filtering.md).
-
 ## Web threat protection
 
-The cards that make up web threat protection are "Web threat detections over time" and "Web threat summary."
+The cards that make up web threat protection are **Web threat detections over time** and **Web threat summary**.
 
 Web threat protection includes:
 - Comprehensive visibility into web threats affecting your organization
@@ -38,7 +36,7 @@ Web threat protection includes:
 
 ## Web content filtering
 
-The cards that make up web content filtering are "Web activity by category," "Web content filtering summary," and "Web activity summary."
+The cards that make up web content filtering are **Web activity by category**, **Web content filtering summary**, and **Web activity summary**.
 
 Web content filtering includes:
 - Users are prevented from accessing websites in blocked categories, whether they are browsing on-premises or away
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md
index e963f8f504..e9e6949f27 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md
@@ -8,14 +8,13 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: lomayor
-author: lomayor
+ms.author: ellevin
+author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 08/30/2019
 ---
 
 # Respond to web threats
@@ -67,4 +66,6 @@ With web protection in Microsoft Defender ATP, your end users will be prevented
 
 ## Related topics
 - [Web protection overview](web-protection-overview.md)
-- [Monitor web security](web-protection-monitoring.md)
+- [Web content filtering](web-content-filtering.md)
+- [Web threat protection](web-threat-protection.md)
+- [Monitor web security](web-protection-monitoring.md)
\ No newline at end of file

From 59b773f0a6679a241ec2dbef604a0343831d6ce1 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 14 Jan 2020 13:17:44 -0800
Subject: [PATCH 068/247] resolved conversations for seven files

---
 .../microsoft-defender-atp/configure-endpoints.md               | 2 +-
 .../microsoft-defender-atp/enable-attack-surface-reduction.md   | 2 +-
 .../microsoft-defender-atp/enable-controlled-folders.md         | 2 +-
 .../microsoft-defender-atp/enable-exploit-protection.md         | 2 +-
 .../microsoft-defender-atp/enable-network-protection.md         | 2 +-
 .../microsoft-defender-atp/minimum-requirements.md              | 2 +-
 .../microsoft-defender-atp/troubleshoot-onboarding.md           | 2 --
 7 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
index 8c9156855a..c3f4376a4a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
@@ -39,7 +39,7 @@ The following deployment tools and methods are supported:
 Topic | Description
 :---|:---
 [Onboard Windows 10 machines using Group Policy](configure-endpoints-gp.md) | Use Group Policy to deploy the configuration package on machines.
-[Onboard Windows 10 machines using Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) | You can use either use Microsoft Endpoint Configuration Manager (current branch) version 1606 or Microsoft Endpoint Configuration Manager (current branch) version 1602 or earlier to deploy the configuration package on machines.
+[Onboard Windows machines using Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) | You can use either use Microsoft Endpoint Configuration Manager (current branch) version 1606 or Microsoft Endpoint Configuration Manager (current branch) version 1602 or earlier to deploy the configuration package on machines.
 [Onboard Windows 10 machines using Mobile Device Management tools](configure-endpoints-mdm.md) | Use Mobile Device Management tools or Microsoft Intune to deploy the configuration package on machine.
 [Onboard Windows 10 machines using a local script](configure-endpoints-script.md) | Learn how to use the local script to deploy the configuration package on endpoints.
 [Onboard non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi.md) | Learn how to use the configuration package to configure VDI machines.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index a650504eab..1b8c03d660 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -33,7 +33,7 @@ You can enable attack surface reduction rules by using any of these methods:
 
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager]
+* [Microsoft Endpoint Configuration Manager](#microsoft-endpoint-configuration-manager)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 540db7cb84..511c7973f6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -30,7 +30,7 @@ You can enable controlled folder access by using any of these methods:
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager]
+* [Microsoft Endpoint Configuration Manager](#microsoft-endpoint-configuration-manager)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 44116db422..9c926b6d06 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -35,7 +35,7 @@ You can enable each mitigation separately by using any of these methods:
 * [Windows Security app](#windows-security-app)
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager]
+* [Microsoft Endpoint Configuration Manager](#microsoft-endpoint-configuration-manager)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
index 56e3f35e81..db54d852de 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
@@ -30,7 +30,7 @@ You can enable network protection by using any of these methods:
 
 * [Microsoft Intune](#intune)
 * [Mobile Device Management (MDM)](#mdm)
-* [Microsoft Endpoint Configuration Manager]
+* [Microsoft Endpoint Configuration Manager](#microsoft-endpoint-configuration-manager)
 * [Group Policy](#group-policy)
 * [PowerShell](#powershell)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index 402f18bcd8..987ba57bd7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -180,7 +180,7 @@ For more information, see [Windows Defender Antivirus compatibility](../windows-
 ## Windows Defender Antivirus Early Launch Antimalware (ELAM) driver is enabled
 If you're running Windows Defender Antivirus as the primary antimalware product on your machines, the Microsoft Defender ATP agent will successfully onboard.
 
-If you're running a third-party antimalware client and use Mobile Device Management solutions or Microsoft Endpoint Configuration Manager (current branch) version 1606, you'll need to ensure that the Windows Defender Antivirus ELAM driver is enabled. For more information, see [Ensure that Windows Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy).
+If you're running a third-party antimalware client and use Mobile Device Management solutions or Microsoft Endpoint Configuration Manager (current branch), you'll need to ensure that the Windows Defender Antivirus ELAM driver is enabled. For more information, see [Ensure that Windows Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy).
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
index 128ffc542f..e4cd47a5a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
@@ -44,8 +44,6 @@ If the script completes successfully, see [Troubleshoot onboarding issues on the
 When onboarding machines using the following versions of Configuration Manager:
 - System Center 2012 Configuration Manager
 - System Center 2012 R2 Configuration Manager
-- Microsoft Endpoint Configuration Manager (current branch) version 1511
-- Microsoft Endpoint Configuration Manager (current branch) version 1602
 
 
 Deployment with the above-mentioned versions of Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console.

From e0f2ea92ae410de95e68881ab2a680ca68c33671 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 14 Jan 2020 17:34:36 -0800
Subject: [PATCH 069/247] resolving conflict

---
 .../threat-protection/microsoft-defender-atp/management-apis.md  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index a2c3304742..09028e4bc3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -65,4 +65,3 @@ Managed security service provider | Get a quick overview on managed security ser
 - [Create and build Power BI reports using Microsoft Defender ATP data](powerbi-reports.md)
 - [Role-based access control](rbac.md)
 
-

From 67d301386424d2ab3f762386e3e5d8d7c85b1a37 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 14 Jan 2020 17:58:12 -0800
Subject: [PATCH 070/247] resolving conflict

---
 .../threat-protection/microsoft-defender-atp/management-apis.md  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index 09028e4bc3..2ea167343f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -56,7 +56,6 @@ Managed security service provider | Get a quick overview on managed security ser
 
 
 
-
 ## Related topics
 - [Onboard machines](onboard-configure.md)
 - [Enable the custom threat intelligence application](enable-custom-ti.md)

From 82368a8c5ce1e05048bba3345281bd326f02bf05 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 18 Jan 2020 07:05:10 -0800
Subject: [PATCH 071/247] changed sccm to configmgr in docs path

---
 windows/deployment/update/wufb-autoupdate.md                | 2 +-
 windows/deployment/upgrade/upgrade-readiness-get-started.md | 2 +-
 .../deployment/upgrade/upgrade-readiness-requirements.md    | 2 +-
 windows/deployment/windows-autopilot/add-devices.md         | 2 +-
 windows/deployment/windows-autopilot/existing-devices.md    | 6 +++---
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/windows/deployment/update/wufb-autoupdate.md b/windows/deployment/update/wufb-autoupdate.md
index f4d794c2b8..ac584017e2 100644
--- a/windows/deployment/update/wufb-autoupdate.md
+++ b/windows/deployment/update/wufb-autoupdate.md
@@ -25,7 +25,7 @@ Automatic Update governs the "behind the scenes" download and installation proce
 
 |Policy|Description |
 |-|-|
-|Configure Automatic Updates|Governs the installation activity that happens in the background. This allows you to configure the installation to happen during the [maintenance window](https://docs.microsoft.com/sccm/core/clients/manage/collections/use-maintenance-windows). Also, you can specify an installation time where the device will also try to install the latest packages. You can also pick a certain day and or week.|
+|Configure Automatic Updates|Governs the installation activity that happens in the background. This allows you to configure the installation to happen during the [maintenance window](https://docs.microsoft.com/configmgr/core/clients/manage/collections/use-maintenance-windows). Also, you can specify an installation time where the device will also try to install the latest packages. You can also pick a certain day and or week.|
 |Automatic Update Detection Frequency|Lets you set the scan frequency the device will use to connect to Windows Update to see if there is any available content. Default is 22 hours, but you can increase or decrease the frequency. Keep in mind a desktop computer may need to scan less frequently than laptops, which can have intermittent internet connection.|
 |Specify Intranet Microsoft Update Service Location|Used for Windows Server Update Services or Microsoft Endpoint Configuration Manager users who want to install custom packages that are not offered through Windows Update.|
 |Do not connect to any Windows Update Internet locations <br>Required for Dual Scan|Prevents access to Windows Update.|
diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md
index ea1383f381..ac367ac459 100644
--- a/windows/deployment/upgrade/upgrade-readiness-get-started.md
+++ b/windows/deployment/upgrade/upgrade-readiness-get-started.md
@@ -29,7 +29,7 @@ Before you begin, consider reviewing the following helpful information:<BR>
     - [Upgrade Readiness requirements](upgrade-readiness-requirements.md): Provides detailed requirements to use Upgrade Readiness.<BR>
     - [Upgrade Readiness blog](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/bg-p/WindowsAnalyticsBlog): Contains announcements of new features and provides helpful tips for using Upgrade Readiness.
 
->If you are using Microsoft Endpoint Configuration Manager, also check out information about how to integrate Upgrade Readiness with Configuration Manager: [Integrate Upgrade Readiness with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
+>If you are using Microsoft Endpoint Configuration Manager, also check out information about how to integrate Upgrade Readiness with Configuration Manager: [Integrate Upgrade Readiness with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/clients/manage/upgrade/upgrade-analytics).
 
 When you are ready to begin using Upgrade Readiness, perform the following steps:
 
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
index 63790211b8..182b05e075 100644
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md
@@ -57,7 +57,7 @@ If you are not using Azure Portal or Azure Log Analytics, go to [Log Analytics](
 
 ## Microsoft Endpoint Configuration Manager integration
 
-Upgrade Readiness can be integrated with your installation of Configuration Manager. For more information, see [Integrate Upgrade Readiness with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
+Upgrade Readiness can be integrated with your installation of Configuration Manager. For more information, see [Integrate Upgrade Readiness with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/clients/manage/upgrade/upgrade-analytics).
 
 
 
diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index f2f6c4a975..3eff6520a5 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -61,7 +61,7 @@ Note that the hardware hash also contains details about when it was generated, s
 
 ### Collecting the hardware ID from existing devices using Microsoft Endpoint Configuration Manager
 
-Starting with Microsoft Endpoint Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
+Starting with Microsoft Endpoint Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
 
 > [!Note]
 > Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index 4bb98a3633..ec0def3245 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -31,7 +31,7 @@ This topic describes how to convert Windows 7 or Windows 8.1 domain-joined compu
 
 - Microsoft Endpoint Configuration Manager Current Branch (1806) OR Microsoft Endpoint Configuration Manager Technical Preview (1808)
 - The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
-    - Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
+    - Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
 - Assigned Microsoft Intune Licenses
 - Azure Active Directory Premium
 - Windows 10 version 1809 or later imported into Config Mgr as an Operating System Image
@@ -47,7 +47,7 @@ To enable and configure the enrollment and status page:
 
 1. Open [Intune in the Azure portal](https://aka.ms/intuneportal).
 2. Access **Intune > Device enrollment > Windows enrollment** and [Set up an enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status). 
-3. Access **Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune** and [Configure automatic MDM enrollment](https://docs.microsoft.com/sccm/mdm/deploy-use/enroll-hybrid-windows#enable-windows-10-automatic-enrollment) and configure the MDM user scope for some or all users. 
+3. Access **Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune** and [Configure automatic MDM enrollment](https://docs.microsoft.com/configmgr/mdm/deploy-use/enroll-hybrid-windows#enable-windows-10-automatic-enrollment) and configure the MDM user scope for some or all users. 
 
 See the following examples.
 
@@ -138,7 +138,7 @@ See the following examples.
 
     ![Notepad JSON](images/notepad.png)
 
-    After saving the file, move the file to a location suitable as an SCCM package source.
+    After saving the file, move the file to a location suitable as a Microsoft Endpoint Configuration Manager package source.
 
     >[!IMPORTANT]
     >Multiple JSON profile files can be used, but each must be named **AutopilotConfigurationFile.json** in order for OOBE to follow the Autopilot experience. The file also must be encoded as ANSI. <br><br>**Saving the file with Unicode or UTF-8 encoding or saving it with a different file name will cause Windows 10 OOBE to not follow the Autopilot experience**.<br>

From 58a14f08a9b76500626aa36587ae60f7a5216380 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 18 Jan 2020 08:22:25 -0800
Subject: [PATCH 072/247] minor corrections

---
 .../manage-settings-with-mdm-for-surface-hub.md           | 8 ++++----
 .../windows/deploy-windows-10-in-a-school-district.md     | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
index 81037717a5..d33697a021 100644
--- a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
+++ b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
@@ -56,7 +56,7 @@ You can use MDM to manage some [Surface Hub CSP settings](#supported-surface-hub
 
 ### Supported Surface Hub CSP settings
 
-You can configure the Surface Hub settings in the following table using MDM. The table identifies if the setting is supported with Microsoft Intune, SMicrosoft Endpoint Configuration Manager, or SyncML.
+You can configure the Surface Hub settings in the following table using MDM. The table identifies if the setting is supported with Microsoft Intune, Microsoft Endpoint Configuration Manager, or SyncML.
 
 For more information, see [SurfaceHub configuration service provider](https://msdn.microsoft.com/library/windows/hardware/mt608323). 
 
@@ -160,10 +160,10 @@ The following tables include info on Windows 10 settings that have been validate
 
 |             Setting             |                           Details                            |                                           CSP reference                                            |                                                         Supported with<br>Intune?                                                          |                                                                  Supported with<br>Configuration Manager?                                                                  | Supported with<br>SyncML\*? |
 |---------------------------------|--------------------------------------------------------------|----------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------|
-| Install trusted CA certificates | Use to deploy trusted root and intermediate CA certificates. | [RootCATrustedCertificates CSP](https://msdn.microsoft.com/library/windows/hardware/dn904970.aspx) | Yes. <br> See [Configure Intune certificate profiles](https://docs.microsoft.com/intune/deploy-use/configure-intune-certificate-profiles). | Yes. <br> See [How to create certificate profiles in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/create-certificate-profiles). |             Yes             |
+| Install trusted CA certificates | Use to deploy trusted root and intermediate CA certificates. | [RootCATrustedCertificates CSP](https://msdn.microsoft.com/library/windows/hardware/dn904970.aspx) | Yes. <br> See [Configure Intune certificate profiles](https://docs.microsoft.com/intune/deploy-use/configure-intune-certificate-profiles). | Yes. <br> See [How to create certificate profiles in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/create-certificate-profiles). |             Yes             |
 
 <!--
-| Install client certificates  | Use to deploy Personal Information Exchange (.pfx, .p12) certificates. | [ClientCertificateInstall CSP](https://msdn.microsoft.com/library/windows/hardware/dn920023.aspx) | Yes. <br> See [How to Create and Deploy PFX Certificate Profiles in Intune Standalone](https://blogs.technet.microsoft.com/karanrustagi/2016/03/16/want-to-push-a-certificate-to-device-but-cant-use-ndes-continue-reading/). | Yes. <br> See [How to create PFX certificate profiles in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/create-pfx-certificate-profiles). | Yes |
+| Install client certificates  | Use to deploy Personal Information Exchange (.pfx, .p12) certificates. | [ClientCertificateInstall CSP](https://msdn.microsoft.com/library/windows/hardware/dn920023.aspx) | Yes. <br> See [How to Create and Deploy PFX Certificate Profiles in Intune Standalone](https://blogs.technet.microsoft.com/karanrustagi/2016/03/16/want-to-push-a-certificate-to-device-but-cant-use-ndes-continue-reading/). | Yes. <br> See [How to create PFX certificate profiles in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/create-pfx-certificate-profiles). | Yes |
 -->
 \*Settings supported with SyncML can also be configured in a Windows Configuration Designer provisioning package.
 
@@ -265,7 +265,7 @@ Configuration Manager supports managing modern devices that do not require the C
 18. When you're done, on the **Browse Settings** dialog, click **Close**.
 19. Complete the wizard. <br> You can view the new configuration item in the **Configuration Items** node of the **Assets and Compliance** workspace.
 
-For more information, see [Create configuration items for Windows 8.1 and Windows 10 devices managed without the Microsoft Endpoint Configuration Manager client](https://docs.microsoft.com/sccm/compliance/deploy-use/create-configuration-items-for-windows-8.1-and-windows-10-devices-managed-without-the-client).
+For more information, see [Create configuration items for Windows 8.1 and Windows 10 devices managed without the Microsoft Endpoint Configuration Manager client](https://docs.microsoft.com/configmgr/compliance/deploy-use/create-configuration-items-for-windows-8.1-and-windows-10-devices-managed-without-the-client).
 
 ## Related topics
 
diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 025f95676c..ab79290c97 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -99,7 +99,7 @@ Now that you have the plan (blueprint) for your district and individual schools
 
 The primary tool you will use to deploy Windows 10 in your school is MDT, which uses Windows ADK components to make deployment easier. You could just use the Windows ADK to perform your deployment, but MDT simplifies the process by providing an intuitive, wizard-driven user interface (UI).
 
-You can use MDT as a stand-alone tool or integrate it with Microsoft Endpoint Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with  Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as Configuration Manager) but result in fully automated deployments.
+You can use MDT as a stand-alone tool or integrate it with Microsoft Endpoint Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as Configuration Manager) but result in fully automated deployments.
 
 This guide focuses on LTI deployments to deploy the reference device. You can use ZTI deployments with Configuration Manager or LTI deployments to deploy the reference images to your faculty and student devices. If you want to only use MDT, see [Deploy Windows 10 in a school](https://technet.microsoft.com/edu/windows/deploy-windows-10-in-a-school).
 

From 09edfad7fe8daf70c9be2569355f9584fa24b0a5 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sat, 18 Jan 2020 08:59:09 -0800
Subject: [PATCH 073/247] changing docs path from sccm to configmgr

---
 .../update/waas-manage-updates-configuration-manager.md         | 2 +-
 windows/deployment/update/waas-optimize-windows-10-updates.md   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update/waas-manage-updates-configuration-manager.md b/windows/deployment/update/waas-manage-updates-configuration-manager.md
index 69abb40e2f..f3161e0ec2 100644
--- a/windows/deployment/update/waas-manage-updates-configuration-manager.md
+++ b/windows/deployment/update/waas-manage-updates-configuration-manager.md
@@ -307,7 +307,7 @@ With the task sequence created, you’re ready to deploy it. If you’re using t
 
 ## See also
 
-[Manage Windows as a service using Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/manage-windows-as-a-service)
+[Manage Windows as a service using Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmbr/osd/deploy-use/manage-windows-as-a-service)
 
 
 ## Related topics
diff --git a/windows/deployment/update/waas-optimize-windows-10-updates.md b/windows/deployment/update/waas-optimize-windows-10-updates.md
index 7cc93640af..1e0f4be7b7 100644
--- a/windows/deployment/update/waas-optimize-windows-10-updates.md
+++ b/windows/deployment/update/waas-optimize-windows-10-updates.md
@@ -43,7 +43,7 @@ Two methods of peer-to-peer content distribution are available in Windows 10.
 | BranchCache | ![no](images/crossmark.png) | ![no](images/crossmark.png) |![yes](images/checkmark.png) | ![yes](images/checkmark.png) |
 
 > [!NOTE]
-> Microsoft Endpoint Configuration Manager has an additional feature called Client Peer Cache that allows peer-to-peer content sharing between clients you use Microsoft Endpoint Configuration Manager to manage, in the same Configuration Manager boundary Group. For more information, see [Client Peer Cache](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/client-peer-cache).
+> Microsoft Endpoint Configuration Manager has an additional feature called Client Peer Cache that allows peer-to-peer content sharing between clients you use Microsoft Endpoint Configuration Manager to manage, in the same Configuration Manager boundary Group. For more information, see [Client Peer Cache](https://docs.microsoft.com/configmgr/core/plan-design/hierarchy/client-peer-cache).
 >
 > In addition to Client Peer Cache, similar functionality is available in the Windows Preinstallation Environment (Windows PE) for imaging-related content. Using this technology, clients imaging with Microsoft Endpoint Configuration Manager task sequences can source operating system images, driver packages, boot images, packages, and programs from peers instead of distribution points. For detailed information about how Windows PE Peer Cache works and how to configure it, see [Prepare Windows PE peer cache to reduce WAN traffic in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/get-started/prepare-windows-pe-peer-cache-to-reduce-wan-traffic).
 

From 2e3d6ee04bc3f54c9212da99540aeb963e2e74c8 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sun, 19 Jan 2020 04:45:45 -0800
Subject: [PATCH 074/247] correcting according to Suggestions

---
 windows/deployment/windows-10-poc.md | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/windows/deployment/windows-10-poc.md b/windows/deployment/windows-10-poc.md
index ef8a9734cc..42a1176551 100644
--- a/windows/deployment/windows-10-poc.md
+++ b/windows/deployment/windows-10-poc.md
@@ -79,11 +79,7 @@ One computer that meets the hardware and software specifications below is requir
 - **Computer 1**: the computer you will use to run Hyper-V and host virtual machines. This computer should have 16 GB or more of installed RAM and a multi-core processor.
 - **Computer 2**: a client computer from your corporate network. It is shadow-copied to create a VM that can be added to the PoC environment, enabling you to test a mirror image of a computer on your network. If you do not have a computer to use for this simulation, you can download an evaluation VHD and use it to represent this computer. Subsequent guides use this computer to simulate Windows 10 replace and refresh scenarios, so the VM is required even if you cannot create this VM using computer 2.
 
-<<<<<<< HEAD
-Harware requirements are displayed below:
-=======
 Hardware requirements are displayed below:
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
 <div style='font-size:9.0pt'>
 
@@ -665,11 +661,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
     Dismount-VHD -Path c:\vhd\d.vhd
     </pre>
 
-<<<<<<< HEAD
-    Next, create the PC1 VM with two attached VHDs, and boot to DVD ($maxram must be defined previously using the same Windows PowerShell promt):
-=======
     Next, create the PC1 VM with two attached VHDs, and boot to DVD ($maxram must be defined previously using the same Windows PowerShell prompt):
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
     <pre style="overflow-y: visible">
     New-VM -Name "PC1" -VHDPath c:\vhd\w7.vhd -SwitchName poc-internal
@@ -859,11 +851,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
 
 17. Open an elevated Windows PowerShell prompt on PC1 and verify that the client VM has received a DHCP lease and can communicate with the consoto.com domain controller.
 
-<<<<<<< HEAD
-    To open Windows PowerShell on Windows 7, click **Start**, and search for "**power**." Right-click **Windows PowerShell** and then click **Pin to Taskbar** so that it is simpler to use Windows Powershell during this lab. Click **Windows PowerShell** on the taskbar, and then type **ipconfig** at the prompt to see the client's current IP address. Also type **ping dc1.contoso.com** and **nltest /dsgetdc:contoso.com** to verify that it can reach the domain controller. See the following examples of a successful network connection:
-=======
     To open Windows PowerShell on Windows 7, click **Start**, and search for "**power**." Right-click **Windows PowerShell** and then click **Pin to Taskbar** so that it is simpler to use Windows PowerShell during this lab. Click **Windows PowerShell** on the taskbar, and then type **ipconfig** at the prompt to see the client's current IP address. Also type **ping dc1.contoso.com** and **nltest /dsgetdc:contoso.com** to verify that it can reach the domain controller. See the following examples of a successful network connection:
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
     ```
     ipconfig
@@ -1006,11 +994,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
     cmd /c netsh routing ip nat add interface name="Internal" mode=PRIVATE
     </pre>
 
-<<<<<<< HEAD
-32. The DNS service on SRV1 also needs to resolve hosts in the contoso.com domain. This can be accomplished with a conditional forwarder. Open an elevated Windows PowerShell prompt on SRV1 and type the following command:
-=======
 32. The DNS service on SRV1 also needs to resolve hosts in the `contoso.com` domain. This can be accomplished with a conditional forwarder. Open an elevated Windows PowerShell prompt on SRV1 and type the following command:
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
     <pre style="overflow-y: visible">
     Add-DnsServerConditionalForwarderZone -Name contoso.com -MasterServers 192.168.0.1

From 6f3ddb12b17b2bcd25ae761aacd96e6a1b68174a Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Sun, 19 Jan 2020 04:58:04 -0800
Subject: [PATCH 075/247] removal of SCCM

---
 .../basic-level-windows-diagnostic-events-and-fields-1703.md  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
index 6a45e90797..b679ecf92c 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
@@ -1323,7 +1323,7 @@ The following fields are available:
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
 - **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise Microsoft Endpoint Configuration Manager environment.
 - **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
-- **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier.
+- **SystemCenterID**  The Microsoft Endpoint Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier.
 
 
 ### Census.Firmware
@@ -4528,7 +4528,7 @@ The following fields are available:
 - **DeviceIsMdmManaged**  This device is MDM managed.
 - **IsNetworkAvailable**  If the device network is not available.
 - **IsNetworkMetered**  If network is metered.
-- **IsSccmManaged**  This device is SCCM managed.
+- **IsSccmManaged**  This device is managed by Microsoft Endpoint Configuration Manager.
 - **NewlyInstalledOs**  OS is newly installed quiet period.
 - **PausedByPolicy**  Updates are paused by policy.
 - **RecoveredFromRS3**  Previously recovered from RS3.

From fe3c2e6a99b1495664914907c0213d2fc5780c11 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Mon, 20 Jan 2020 08:23:11 -0800
Subject: [PATCH 076/247] minor corrections

---
 windows/deployment/mbr-to-gpt.md                                | 2 +-
 .../planning/deployment-considerations-for-windows-to-go.md     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/mbr-to-gpt.md b/windows/deployment/mbr-to-gpt.md
index bce6a639b2..5dc23ca66e 100644
--- a/windows/deployment/mbr-to-gpt.md
+++ b/windows/deployment/mbr-to-gpt.md
@@ -75,7 +75,7 @@ If any of these checks fails, the conversion will not proceed and an error will
 |/convert| Instructs MBR2GPT.exe to perform the disk validation and to proceed with the conversion if all validation tests pass. |
 |/disk:\<diskNumber\>| Specifies the disk number of the disk to be converted to GPT. If not specified, the system disk is used. The mechanism used is the same as that used by the diskpart.exe tool **SELECT DISK SYSTEM** command.|
 |/logs:\<logDirectory\>| Specifies the directory where MBR2GPT.exe logs should be written. If not specified, **%windir%** is used. If specified, the directory must already exist, it will not be automatically created or overwritten.|
-|/map:\<source\>=\<destination\>| Specifies additional partition type mappings between MBR and GPT. The MBR partition number is specified in decimal notation, not hexidecimal. The GPT GUID can contain brackets, for example: **/map:42={af9b60a0-1431-4f62-bc68-3311714a69ad}**. Multiple /map options can be specified if multiple mappings are required. |
+|/map:\<source\>=\<destination\>| Specifies additional partition type mappings between MBR and GPT. The MBR partition number is specified in decimal notation, not hexadecimal. The GPT GUID can contain brackets, for example: **/map:42={af9b60a0-1431-4f62-bc68-3311714a69ad}**. Multiple /map options can be specified if multiple mappings are required. |
 |/allowFullOS| By default, MBR2GPT.exe is blocked unless it is run from Windows PE. This option overrides this block and enables disk conversion while running in the full Windows environment. <br>**Note**: Since the existing MBR system partition is in use while running the full Windows environment, it cannot be reused. In this case, a new ESP is created by shrinking the OS partition.|
 
 ## Examples
diff --git a/windows/deployment/planning/deployment-considerations-for-windows-to-go.md b/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
index 26f0cb8b74..022ac067c8 100644
--- a/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
+++ b/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
@@ -60,7 +60,7 @@ DirectAccess can be used to ensure that the user can login with their domain cre
 
 ### <a href="" id="wtg-imagedep"></a>Image deployment and drive provisioning considerations
 
-The Image Deployment process can be accomplished either by a centralized IT process for your organization or by individual users creating their own Windows To Go workspaces. You must have local Administrator access and access to a Windows 10 Enterprise or Windows 10 Education image to create a Windows To Go workspace, or you must be using Microsoft Endpoint Configuration Manager 2012 Service Pack 1 or later to distribute Windows To Go workspaces to users. The image deployment process takes a blank USB drive and a Windows 10 Enterprise image (WIM) and turns it into a Windows To Go drive.
+The Image Deployment process can be accomplished either by a centralized IT process for your organization or by individual users creating their own Windows To Go workspaces. You must have local Administrator access and access to a Windows 10 Enterprise or Windows 10 Education image to create a Windows To Go workspace, or you must be using System Center Configuration Manager 2012 Service Pack 1 or later to distribute Windows To Go workspaces to users. The image deployment process takes a blank USB drive and a Windows 10 Enterprise image (WIM) and turns it into a Windows To Go drive.
 
 ![windows to go image deployment](images/wtg-image-deployment.gif)
 

From 98e4087023b6e75078685d16b907b18c2f09da9c Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Mon, 20 Jan 2020 09:46:45 -0800
Subject: [PATCH 077/247] corrected sccm to configmgr in policy-ddf-file

---
 windows/client-management/mdm/policy-ddf-file.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
index 5cea02dabc..8a9c1a34dc 100644
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
@@ -1657,10 +1657,10 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/configmgr/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
@@ -11034,10 +11034,10 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/configmgr/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
@@ -23032,10 +23032,10 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/configmgr/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
@@ -51686,10 +51686,10 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 - How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
 - How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- Manage apps from the Microsoft Store for Business with Microsoft Endpoint Configuration Manager  (https://docs.microsoft.com/configmgr/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
 - How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>

From a9c3d85395c490984c153f3df23c9c06187c6a39 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Mon, 20 Jan 2020 12:03:51 -0800
Subject: [PATCH 078/247] minor corrections in four files

---
 ...dded-8-1-handheld-devices-to-windows-10.md | 18 ++++++++---------
 .../mdm/mdm-enrollment-of-windows-devices.md  |  2 +-
 .../windows-10-mobile-and-mdm.md              | 20 +++++++++----------
 .../provisioning-create-package.md            |  2 +-
 4 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md b/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
index 7544b5297b..bc63f284f6 100644
--- a/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
+++ b/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
@@ -108,15 +108,15 @@ Trigger the device to check for updates either manually or using Microsoft Endpo
 
 1.  Remotely trigger a scan of the test device by deploying a Trigger Scan Configuration Baseline.
 
-    ![device scan using sccm](images/windowsembedded-update2.png)
+    ![device scan using Configuration Manager](images/windowsembedded-update2.png)
 
 2.  Set the value of this OMA-URI by browsing to the settings of this Configuration Item and selecting the newly created Trigger Scan settings from the previous step.
 
-    ![device scan using sccm](images/windowsembedded-update3.png)
+    ![device scan using Configuration Manager](images/windowsembedded-update3.png)
 
 3.  Ensure that the value that is specified for this URI is greater than the value on the device(s) and that the Remediate noncompliant rules when supported option is checked. For the first time, any value that is greater than 0 will work, but for subsequent configurations, ensure that you specify an incremented value.
 
-    ![device scan using sccm](images/windowsembedded-update4.png)
+    ![device scan using Configuration Manager](images/windowsembedded-update4.png)
 
 4.  Create a Configuration Baseline for TriggerScan and Deploy. It is recommended that this Configuration Baseline be deployed after the Controlled Updates Baseline has been applied to the device (the corresponding files are deployed on the device through a device sync session).
 5.  Follow the prompts for downloading the updates, but do not install the updates on the device.
@@ -228,7 +228,7 @@ This process has three parts:
 1.  Create a configuration item and specify that file path and name on the device as `NonPersistent\DUCustomContentURIs.xml`
 2.  Check the box **Remediate noncompliant settings**.
 
-    ![embedded device upate](images/windowsembedded-update21.png)
+    ![embedded device update](images/windowsembedded-update21.png)
 
 3.  Click **OK**.
 
@@ -238,11 +238,11 @@ This process has three parts:
 1.  Create a configuration baseline item and give it a name (such as ControlledUpdates).
 2.  Add the DUControlledUpdates and DUCustomContentURIs configuration items, and then click **OK**.
 
-    ![embedded device upate](images/windowsembedded-update22.png)
+    ![embedded device update](images/windowsembedded-update22.png)
 
 3.  Deploy the configuration baseline to the appropriate device or device collection.
 
-    ![embedded device upate](images/windowsembedded-update23.png)
+    ![embedded device update](images/windowsembedded-update23.png)
 
 4.  Click **OK**.
 
@@ -468,14 +468,14 @@ Use this procedure for pre-GDR1 devices.
 2.  In Microsoft Endpoint Configuration Manager under **Assets and Compliance** &gt; **Compliance Settings**, right-click on **Configuration Items**.
 3.  Select **Create Configuration Item**.
 
-    ![device update using sccm](images/windowsembedded-update5.png)
+    ![device update using Configuration Manager](images/windowsembedded-update5.png)
 4.  Enter a filename (such as GetDUReport) and then choose **Mobile Device**.
 5.  In the **Mobile Device Settings** page, check the box **Configure Additional Settings that are not in the default settings group**, and the click **Next**.
 
-    ![device update using sccm](images/windowsembedded-update6.png)
+    ![device update using Configuration Manager](images/windowsembedded-update6.png)
 6.  In the **Additional Settings** page, click **Add**.
 
-    ![device update using sccm](images/windowsembedded-update7.png)
+    ![device update using Configuration Manager](images/windowsembedded-update7.png)
 7.  In the **Browse Settings** page, click **Create Setting**.
 
     ![device update](images/windowsembedded-update8.png)
diff --git a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
index d6d47fa107..87c13cbc3e 100644
--- a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
+++ b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
@@ -359,7 +359,7 @@ The **Info** button can be found on work or school connections involving MDM. Th
 
 Clicking the **Info** button will open a new page in the Settings app that provides details about your MDM connection. You’ll be able to view your organization’s support information (if configured) on this page. You’ll also be able to start a sync session which will force your device to communicate to the MDM server and fetch any updates to policies if needed.
 
-Starting in Windows 10, version 1709, clicking the **Info** button will show a list of policies and line-of-business apps installed by your organization. Here is an example screehshot.
+Starting in Windows 10, version 1709, clicking the **Info** button will show a list of policies and line-of-business apps installed by your organization. Here is an example screenshot.
 
 ![work or school info](images/unifiedenrollment-rs1-35-b.png)
 
diff --git a/windows/client-management/windows-10-mobile-and-mdm.md b/windows/client-management/windows-10-mobile-and-mdm.md
index 81a57e3657..b91046a934 100644
--- a/windows/client-management/windows-10-mobile-and-mdm.md
+++ b/windows/client-management/windows-10-mobile-and-mdm.md
@@ -280,7 +280,7 @@ Employees are usually allowed to change certain personal device settings that yo
 
 *Applies to: Corporate devices*
 
-Windows 10 Mobile devices use state-of-the-art technology that includes popular hardware features such as cameras, global positioning system (GPS) sensors, microphones, speakers, near-field communication (NFC) radios, storage card slots, USB interfaces, Bluetooth interfaces, cellular radios, and Wi Fi. You can use hardware restrictions to control the availability of these features.
+Windows 10 Mobile devices use state-of-the-art technology that includes popular hardware features such as cameras, global positioning system (GPS) sensors, microphones, speakers, near-field communication (NFC) radios, storage card slots, USB interfaces, Bluetooth interfaces, cellular radios, and Wi-Fi. You can use hardware restrictions to control the availability of these features.
 
 The following lists the MDM settings that Windows 10 Mobile supports to configure hardware restrictions.
 
@@ -303,12 +303,12 @@ The following lists the MDM settings that Windows 10 Mobile supports to configur
 
 *Applies to: Personal and corporate devices*
 
-Certificates help improve security by providing account authentication, Wi Fi authentication, VPN encryption, and SSL encryption of web content. Although users can manage certificates on devices manually, it’s a best practice to use your MDM system to manage those certificates throughout their entire lifecycle – from enrollment through renewal and revocation.
+Certificates help improve security by providing account authentication, Wi-Fi authentication, VPN encryption, and SSL encryption of web content. Although users can manage certificates on devices manually, it’s a best practice to use your MDM system to manage those certificates throughout their entire lifecycle – from enrollment through renewal and revocation.
 To install certificates manually, you can post them on Microsoft Edge website or send them directly via email, which is ideal for testing purposes.
 Using SCEP and MDM systems, certificate management is completely transparent and requires no user intervention, helping improve user productivity, and reduce support calls. Your MDM system can automatically deploy these certificates to the devices’ certificate stores after you enroll the device (as long as the MDM system supports the Simple Certificate Enrollment Protocol (SCEP) or Personal Information Exchange (PFX)). The MDM server can also query and delete SCEP enrolled client certificate (including user installed certificates), or trigger a new enrollment request before the current certificate is expired.
 In addition to SCEP certificate management, Windows 10 Mobile supports deployment of PFX certificates. The table below lists the Windows 10 Mobile PFX certificate deployment settings.
 Get more detailed information about MDM certificate management in the [Client Certificate Install CSP](https://msdn.microsoft.com/library/windows/hardware/dn920023(v=vs.85).aspx) and [Install digital certificates on Windows 10 Mobile](/windows/access-protection/installing-digital-certificates-on-windows-10-mobile).
-Use the Allow Manual Root Certificate Installation setting to prevent users from manually installing root and intermediate CA certificates intentionally or accidently.
+Use the Allow Manual Root Certificate Installation setting to prevent users from manually installing root and intermediate CA certificates intentionally or accidentally.
 
 > **Note:** To diagnose certificate-related issues on Windows 10 Mobile devices, use the free Certificates app in Microsoft Store. This Windows 10 Mobile app can help you:
 > -   View a summary of all personal certificates
@@ -322,11 +322,11 @@ Use the Allow Manual Root Certificate Installation setting to prevent users from
 
 *Applies to: Corporate and personal devices*
 
-Wi-Fi is used on mobile devices as much as, or more than, cellular data connections. Most corporate Wi Fi networks require certificates and other complex information to restrict and secure user access. This advanced Wi Fi information is difficult for typical users to configure, but MDM systems can fully configure these Wi-Fi profiles without user intervention.
+Wi-Fi is used on mobile devices as much as, or more than, cellular data connections. Most corporate Wi-Fi networks require certificates and other complex information to restrict and secure user access. This advanced Wi-Fi information is difficult for typical users to configure, but MDM systems can fully configure these Wi-Fi profiles without user intervention.
 You can create multiple Wi-Fi profiles in your MDM system. The below table lists the Windows 10 Mobile Wi Fi connection profile settings that can be configured by administrators.
 
--   **SSID** The case-sensitive name of the Wi Fi network Service Set Identifier
--   **Security type** The type of security the Wi Fi network uses; can be one of the following authentication types:
+-   **SSID** The case-sensitive name of the Wi-Fi network Service Set Identifier
+-   **Security type** The type of security the Wi-Fi network uses; can be one of the following authentication types:
     -   Open 802.11
     -   Shared 802.11
     -   WPA-Enterprise 802.11
@@ -341,13 +341,13 @@ You can create multiple Wi-Fi profiles in your MDM system. The below table lists
 -   **Extensible Authentication Protocol Transport Layer Security (EAP-TLS)** WPA-Enterprise 802.11 and WPA2-Enterprise 802.11 security types can use EAP-TLS with certificates for authentication
 -   **Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MSCHAPv2)** WPA-Enterprise 802.11 and WPA2-Enterprise 802.11 security types can use PEAP-MSCHAPv2 with a user name and password for authentication
 -   **Shared key** WPA-Personal 802.11 and WPA2-Personal 802.11 security types can use a shared key for authentication.
--   **Proxy** The configuration of any network proxy that the Wi Fi connection requires (to specify the proxy server, use its fully qualified domain name [FQDN], Internet Protocol version 4 [IPv4] address, IP version 6 [IPv6] address, or IPvFuture address)
--   **Disable Internet connectivity checks** Whether the Wi Fi connection should check for Internet connectivity
+-   **Proxy** The configuration of any network proxy that the Wi-Fi connection requires (to specify the proxy server, use its fully qualified domain name [FQDN], Internet Protocol version 4 [IPv4] address, IP version 6 [IPv6] address, or IPvFuture address)
+-   **Disable Internet connectivity checks** Whether the Wi-Fi connection should check for Internet connectivity
 -   **Proxy auto-configuration URL** A URL that specifies the proxy auto-configuration file
 -   **Enable Web Proxy Auto-Discovery Protocol (WPAD)** Specifies whether WPAD is enabled
 
 In addition, you can set a few device wide Wi-Fi settings.
--   **Allow Auto Connect to Wi Fi Sense Hotspots** Whether the device will automatically detect and connect to Wi-Fi  networks
+-   **Allow Auto Connect to Wi-Fi Sense Hotspots** Whether the device will automatically detect and connect to Wi-Fi  networks
 -   **Allow Manual Wi-Fi Configuration** Whether the user can manually configure Wi-Fi  settings
 -   **Allow Wi-Fi** Whether the Wi-Fi hardware is enabled
 -   **Allow Internet Sharing** Allow or disallow Internet sharing
@@ -958,7 +958,7 @@ DHA-enabled device management solutions help IT managers create a unified securi
 
 For more information about health attestation in Windows 10 Mobile, see the [Windows 10 Mobile security guide](/windows/device-security/windows-10-mobile-security-guide).
 
-Thisis a lists of attributes that are supported by DHA and can trigger the corrective actions mentioned above.
+This is a list of attributes that are supported by DHA and can trigger the corrective actions mentioned above.
 -   **Attestation Identity Key (AIK) present** Indicates that an AIK is present (i.e., the device can be trusted more than a device without an AIK).
 -   **Data Execution Prevention (DEP) enabled** Whether a DEP policy is enabled for the device, indicating that the device can be trusted more than a device without a DEP policy.
 -   **BitLocker status** BitLocker helps protect the storage on the device. A device with BitLocker can be trusted more than a device without BitLocker.
diff --git a/windows/configuration/provisioning-packages/provisioning-create-package.md b/windows/configuration/provisioning-packages/provisioning-create-package.md
index 3689adcee6..4fb2a033f1 100644
--- a/windows/configuration/provisioning-packages/provisioning-create-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-create-package.md
@@ -71,7 +71,7 @@ You use Windows Configuration Designer to create a provisioning package (.ppkg)
    | Common to Windows 10 Team edition |    Common settings and settings specific to Windows 10 Team     | [Microsoft Surface Hub](https://technet.microsoft.com/itpro/surface-hub/provisioning-packages-for-certificates-surface-hub) |
 
 
-5. On the **Import a provisioning package (optional)** page, you can click **Finish** to create your project, or browse to and select an existing provisioning packge to import to your project, and then click **Finish**.
+5. On the **Import a provisioning package (optional)** page, you can click **Finish** to create your project, or browse to and select an existing provisioning package to import to your project, and then click **Finish**.
 
 >[!TIP]
 >**Import a provisioning package** can make it easier to create different provisioning packages that all have certain settings in common. For example, you could create a provisioning package that contains the settings for your organization's network, and then import it into other packages you create so you don't have to reconfigure those common settings repeatedly.

From e7b9fedc7f8c2ef0d23ac8d629c39458cd6dd0cc Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Mon, 20 Jan 2020 12:51:16 -0800
Subject: [PATCH 079/247] replacing sccm with configmgr in docs paths

---
 .../mdm/bulk-enrollment-using-windows-provisioning-tool.md    | 2 +-
 .../provisioning-packages/provisioning-create-package.md      | 2 +-
 ...s-10-operating-system-image-using-configuration-manager.md | 4 ++--
 ...-deployment-with-windows-pe-using-configuration-manager.md | 4 ++--
 ...n-to-deploy-with-windows-10-using-configuration-manager.md | 4 ++--
 .../deploy-windows-10-using-pxe-and-configuration-manager.md  | 4 ++--
 ...on-for-windows-10-deployment-with-configuration-manager.md | 4 ++--
 ...onitor-windows-10-deployment-with-configuration-manager.md | 4 ++--
 ...h-installation-of-windows-10-with-configuration-manager.md | 4 ++--
 ...ws-7-client-with-windows-10-using-configuration-manager.md | 4 ++--
 windows/deployment/deploy.md                                  | 2 +-
 11 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
index 182e1020aa..eed325e37c 100644
--- a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
+++ b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
@@ -35,7 +35,7 @@ On the desktop and mobile devices, you can use an enrollment certificate or enro
 > [!NOTE]
 > -   Bulk-join is not supported in Azure Active Directory Join.
 > -   Bulk enrollment does not work in Intune standalone environment.
-> -   Bulk enrollment works in Microsoft Endpoint Configuration Manager + Intune hybrid environment where the ppkg is generated from the SCCM console.
+> -   Bulk enrollment works in Microsoft Endpoint Configuration Manager + Intune hybrid environment where the ppkg is generated from the Microsoft Endpoint Configuration Manager console.
 > -   To change bulk enrollment settings, login to **AAD**, then **Devices**, and then click **Device Settings**. Change the number under **Maximum number of devices per user**.
 
 ## What you need
diff --git a/windows/configuration/provisioning-packages/provisioning-create-package.md b/windows/configuration/provisioning-packages/provisioning-create-package.md
index 4fb2a033f1..035bdf4010 100644
--- a/windows/configuration/provisioning-packages/provisioning-create-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-create-package.md
@@ -148,7 +148,7 @@ For details on each specific setting, see [Windows Provisioning settings referen
 
 - Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](https://go.microsoft.com/fwlink/p/?LinkId=615922)
 
-- [How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
+- [How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
 
 ## Related topics
 
diff --git a/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md
index 6ac06fb09b..9fdf3cf07d 100644
--- a/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 Operating system images are typically the production image used for deployment throughout the organization. This topic shows you how to add a Windows 10 operating system image created with Microsoft Endpoint Configuration Manager, and how to distribute the image to a distribution point.
 
diff --git a/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
index eccb9f8b03..04dc40cc6e 100644
--- a/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
@@ -24,8 +24,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 In this topic, you will learn how to configure the Windows Preinstallation Environment (Windows PE) to include the network drivers required to connect to the deployment share and the storage drivers required to see the local storage on machines. Even though the Windows PE boot image and the Windows 10 operating system contain many out-of-the-box drivers, it is likely you will have to add new or updated drivers to support all your hardware. In this section, you import drivers for both Windows PE and the full Windows 10 operating system.
 
diff --git a/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
index 8d21f1a46f..f19cafa1a4 100644
--- a/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for  Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for  Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 Microsoft Endpoint Configuration Manager supports deploying applications as part of the Windows 10 deployment process. In this section, you create an application in Microsoft Endpoint Configuration Manager that you later configure the task sequence to use.
 
diff --git a/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md b/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md
index 97c53aa86f..6b8c2133f1 100644
--- a/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 In this topic, you will learn how to deploy Windows 10 using Microsoft Endpoint Configuration Manager deployment packages and task sequences. This topic will walk you through the process of deploying the Windows 10 Enterprise image to a Unified Extensible Firmware Interface (UEFI) machine named PC0001.
 
diff --git a/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md
index 12fea06c8f..99f2e1edd9 100644
--- a/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 This topic walks you through the steps to finalize the configuration of your Windows 10 operating deployment, which includes enablement of the optional Microsoft Deployment Toolkit (MDT) monitoring for Microsoft Endpoint Configuration Manager, logs folder creation, rules configuration, content distribution, and deployment of the previously created task sequence.
 
diff --git a/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md
index bea24fb1c9..c1461b27eb 100644
--- a/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft Endpoint Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. You will also use the Deployment Workbench to access the computer remotely via the Microsoft Diagnostics and Recovery Toolkit (DaRT) Remote Connection feature.
 
diff --git a/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
index 1e8f2eb90b..4ccb6b76ea 100644
--- a/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 This topic will walk you through the process of integrating Microsoft Endpoint Configuration Manager SP1 with Microsoft Deployment Toolkit (MDT) 2013 Update 2, as well as the other preparations needed to deploying Windows 10 via Zero Touch Installation. Additional preparations include the installation of hotfixes as well as activities that speed up the Pre-Boot Execution Environment (PXE).
 
diff --git a/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md
index b88c225cd4..d9550467e3 100644
--- a/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 This topic will show you how to use a previously created task sequence to refresh a Windows 7 SP1 client with Windows 10 using Microsoft Endpoint Configuration Manager and Microsoft Deployment Toolkit (MDT) 2013 Update 2. When refreshing a machine to a later version, it appears as an upgrade to the end user, but technically it is not an in-place upgrade. A computer refresh also involves taking care of user data and settings from the old installation and making sure to restore those at the end of the installation. For more information, see [Refresh a Windows 7 computer with Windows 10](../deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10.md).
 
diff --git a/windows/deployment/deploy.md b/windows/deployment/deploy.md
index ee22704919..adca6df481 100644
--- a/windows/deployment/deploy.md
+++ b/windows/deployment/deploy.md
@@ -31,7 +31,7 @@ Windows 10 upgrade options are discussed and information is provided about plann
 |[Windows 10 deployment test lab](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, additional guides are provided to  deploy Windows 10 in the test lab using [Microsoft Deployment Toolkit](windows-10-poc-mdt.md) or [Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md). |
 |[Plan for Windows 10 deployment](planning/index.md) | This section describes Windows 10 deployment considerations and provides information to assist in Windows 10 deployment planning. |
 |[Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) |This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT). |
-|[Deploy Windows 10 with Microsoft EndpointConfiguration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft Endpoint Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or. |
+|[Deploy Windows 10 with Microsoft Endpoint Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft Endpoint Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or. |
 |[Windows 10 deployment tools](windows-10-deployment-tools-reference.md) |Learn about available tools to deploy Windows 10, such as the Windows ADK, DISM, USMT, WDS, MDT, Windows PE and more. |
 |[How to install fonts that are missing after upgrading to Windows 10](windows-10-missing-fonts.md)|Windows 10 introduced changes to the fonts that are included in the image by default. Learn how to install additional fonts from **Optional features** after you install Windows 10 or upgrade from a previous version.|
 

From 36e9c49b26ac1a3943fe335beb0894df47ffeddd Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Mon, 20 Jan 2020 13:14:43 -0800
Subject: [PATCH 080/247] minor correction

---
 ...ws-7-client-with-windows-10-using-configuration-manager.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
index 4f12606f4d..b00e32b337 100644
--- a/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
@@ -23,8 +23,8 @@ ms.topic: article
 -   Windows 10 versions 1507, 1511
 
 >[!IMPORTANT]
->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
+>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). 
+>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10).
 
 In this topic, you will learn how to replace a Windows 7 SP1 computer using Microsoft Endpoint Configuration Manager. This process is similar to refreshing a computer, but since you are replacing the machine, you have to run the backup job separately from the deployment of Windows 10.
 

From a2ac33b8913093a3f2bbb9e703380a218689bfc9 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 21 Jan 2020 08:38:55 -0800
Subject: [PATCH 081/247] updating bookmark

---
 ...s-for-windows-embedded-8-1-handheld-devices-to-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md b/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
index bc63f284f6..32ac15d67d 100644
--- a/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
+++ b/windows/client-management/mdm/enable-offline-updates-for-windows-embedded-8-1-handheld-devices-to-windows-10.md
@@ -141,7 +141,7 @@ There are two ways to retrieve this file from the device; one pre-GDR1 and one p
 3.  After the report XML is sent to the device, Microsoft Endpoint Configuration Manager displays a compliance log that contains the report information. The log can contain significant amount of data.
 4.  Parse this log for the report XML content.
 
-For a step-by-step walkthrough, see [How to retrieve a device update report using Microsoft Endpoint Configuration Manager logs](#how-to-retrieve-a-device-update-report-using-system-center-configuration-manager-logs).
+For a step-by-step walkthrough, see [How to retrieve a device update report using Microsoft Endpoint Configuration Manager logs](#how-to-retrieve-a-device-update-report-using-microsoft-endpoint-configuration-manager-logs).
 
 **Post-GDR1: Retrieve the report xml file using an SD card**
 

From a702eca096f7bf5e027ccf369bf6281be55199a0 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 13:50:44 -0800
Subject: [PATCH 082/247] Added property descriptions

---
 .../microsoft-defender-atp/software.md             | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
index 48647a6c93..31c8ef62c0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -37,11 +37,11 @@ Method |Return Type |Description
 Property |	Type	|	Description
 :---|:---|:---
 id | String | Software ID
-Name | String | 
-Vendor | String | 
-Weaknesses | Long | 
-publicExploit | Boolean | 
-activeAlert | Boolean | 
-exposedMachines | Long | 
-impactScore | Double | 
+Name | String | Software name 
+Vendor | String | Software vendor name 
+Weaknesses | Long | Number of discovered vulnerabilities 
+publicExploit | Boolean | Public exploit is available for some of the vulnerabilities
+activeAlert | Boolean | Active alert is associated with this software
+exposedMachines | Long | Number of exposed machines
+impactScore | Double | Exposure score impact of this software 
 

From b9e4a040a95cf2e980cac30c67ee612925552bb7 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 13:53:45 -0800
Subject: [PATCH 083/247] Added property descriptions

---
 .../microsoft-defender-atp/vulnerability.md   | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
index 1ab9f93f8a..7d023c0efc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -35,16 +35,16 @@ Method |Return Type |Description
 ## Properties
 Property |	Type	|	Description
 :---|:---|:---
-id | String | 
-Name | String | 
-Description | String | 
-Severity | String | 
-cvssV3 | Double | 
-exposedMachines | Long | 
-publishedOn | DateTime | 
-updatedOn | DateTime | 
-publicExploit | Boolean | 
-exploitVerified | Boolean | 
-exploitInKit | Boolean | 
-exploitTypes | String collection | 
-exploitUris | String collection | 
+id | String | Vulnerability ID
+Name | String | Vulnerability title
+Description | String | Vulnerability description 
+Severity | String | Vulnerability Severity. Possible values are: “Low”, “Medium”, “High”, “Critical”
+cvssV3 | Double | CVSS v3 score
+exposedMachines | Long | Number of exposed machines
+publishedOn | DateTime | Date when vulnerability was published
+updatedOn | DateTime | Date when vulnerability was updated
+publicExploit | Boolean | Public exploit is available 
+exploitVerified | Boolean | Exploit is verified to work
+exploitInKit | Boolean | Exploit is part of an exploit kit
+exploitTypes | String collection | Exploit Impact. Possible values are: “Denial of service”, “Local privilege escalation”, “Denial of service”
+exploitUris | String collection | Exploit source URLs

From 7b30a81026b1a9daf1526c6096534868d6eab9d1 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 14:00:07 -0800
Subject: [PATCH 084/247] Update recommendation.md

---
 .../microsoft-defender-atp/recommendation.md  | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index b5169fbe69..a2ad1dbf57 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -37,23 +37,23 @@ Method |Return Type |Description
 ## Properties
 Property |	Type	|	Description
 :---|:---|:---
-id | String | 
-productName | String | 
-recommendationName | String | 
-Weaknesses | Long | 
-Vendor | String | 
-recommendedVersion | String | 
-recommendationCategory | String | 
-subCategory | String | 
-severityScore | Double | 
-publicExploit | Boolean | 
-activeAlert | Boolean | 
-associatedThreats | String collection | 
-remediationType | String | 
+id | String | Recommendation ID
+productName | String | Related software name  
+recommendationName | String | Recommendation name
+Weaknesses | Long | Number of discovered vulnerabilities
+Vendor | String | Related vendor name
+recommendedVersion | String | Recommended version
+recommendationCategory | String | Recommendation category. Possible values are: “Accounts”, “Application”, “Network”, “OS”, “SecurityStack
+subCategory | String | Recommendation sub-category
+severityScore | Double | Number of secure score points given
+publicExploit | Boolean | Public exploit is available 
+activeAlert | Boolean | Active alert is associated with this recommendation
+associatedThreats | String collection | Threat analytics report is associated with this recommendation
+remediationType | String | Remedation Type. Possible values are: “ConfigurationChange”,“Update”,“Upgrade”,”Uninstall”
 Status | Enum | Recommendation exception status. Possible values are: “Active” and “Exception”
-configScoreImpact | Double | 
-exposureImpacte | Double| 
-totalMachineCount | Long | 
+configScoreImpact | Double | Secure score impact
+exposureImpacte | Double | Exposure score impact
+totalMachineCount | Long | Number of installed machines
 exposedMachinesCount | Long | 
 nonProductivityImpactedAssets | Long | 
 relatedComponent | String |  

From 419106734b73dbcf06f0cd05ee039f46a9c80b26 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 21 Jan 2020 15:33:31 -0800
Subject: [PATCH 085/247] updating bookmarks

---
 education/windows/deploy-windows-10-in-a-school-district.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index ab79290c97..21bc21a1b5 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1525,7 +1525,7 @@ For more information about how to configure Configuration Manager to deploy and
 
 ### Manage updates by using Intune
 
-If you selected to manage updates by using Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Manage updates by using Configuration Manager](#manage-updates-by-using-system-center-configuration-manager) section.
+If you selected to manage updates by using Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Manage updates by using Microsoft Endpoint Configuration Manager](#manage-updates-by-using-microsoft-endpoint-configuration-manager) section.
 
 To help ensure that your users have the most current features and security protection, keep Windows 10 and your apps current with updates. To configure Windows 10 and app updates, use the **Updates** workspace in Intune.
 
@@ -1692,7 +1692,7 @@ For more information about completing this task, see the “How do I find and re
 For more information, see:
 <ul>
 <li><a href="#manage-updates-by-using-intune" data-raw-source="[Manage updates by using Intune](#manage-updates-by-using-intune)">Manage updates by using Intune</a></li>
-<li><a href="#manage-updates-by-using-system-center-configuration-manager" data-raw-source="[Manage updates by using Microsoft Endpoint Configuration Manager](#manage-updates-by-using-system-center-configuration-manager)">Manage updates by using Microsoft Endpoint Configuration Manager</a></li>
+<li><a href="#manage-updates-by-using-microsoft-endpoint-configuration-manager" data-raw-source="[Manage updates by using Microsoft Endpoint Configuration Manager](#manage-updates-by-using-microsoft-endpoint-configuration-manager)">Manage updates by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td>x</td>

From 1eb9706a82e457ede829d389739217756fd48e30 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Tue, 21 Jan 2020 16:10:52 -0800
Subject: [PATCH 086/247] Add custom OMA-URI info

Previously, only had instructions for using built-in Intune WDAC policies
---
 .../mdm/applicationcontrol-csp.md             |  57 +++++++++++++-----
 ...plication-control-policies-using-intune.md |  38 ++++++++++--
 .../images/wdac-intune-custom-oma-uri.png     | Bin 0 -> 78906 bytes
 3 files changed, 74 insertions(+), 21 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index 5a4fd15cf0..3d6869c047 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -112,24 +112,43 @@ Scope is dynamic. Supported operation is Get.
 
 Value type is char.
 
-## Usage guidance  
+## Microsoft Endpoint Manager (MEM) Intune Usage Guidance  
 
-To use ApplicationControl CSP, you must:
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
-- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+For customers using Intune standalone or hybrid management with Configuration Manager (MEMCM) to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune)
 
-If you are using hybrid MDM management with System Center Configuration Manager or using Intune, ensure that you are using Base64 as the Data type when using Custom OMA-URI functionality to apply the Code Integrity policy via uploading the binary file.
+## Non-Intune Usage Guidance
+
+In order to leverage the ApplicationControl CSP without using Intune, you must:
+
+1. Know a generated policy’s GUID, which can be found in the policy xml as <PolicyID> or <PolicyTypeID> for pre-1903 systems.
+2. Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+3. Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
+
+Below is a sample certutil invocation:
+
+```cmd
+certutil  -encode WinSiPolicy.p7b WinSiPolicy.cer
+```
+
+An alternative to using certutil would be to use the following PowerShell invocation:
+
+```powershell
+[Convert]::toBase64String($(Get-Content -Encoding Byte -ReadCount 0 -Path <bin file>))
+```
+
+### Deploy Policies
 
-### Deploy policies
 To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
 
 To deploy base policy and supplemental policies:
-- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
-- Repeat for each base or supplemental policy (with its own GUID and data).
+
+1. Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
+2. Repeat for each base or supplemental policy (with its own GUID and data).
 
 The following example shows the deployment of two base policies and a supplemental policy (which already specifies the base policy it supplements and does not need that reflected in the ADD).
 
-**Example 1: Add first base policy**
+#### Example 1: Add first base policy**
+
 ```xml
 <Add>
     <CmdID>1</CmdID>
@@ -144,7 +163,9 @@ The following example shows the deployment of two base policies and a supplement
     </Item>
 </Add>
 ```
-**Example 2: Add second base policy**
+
+#### Example 2: Add second base policy**
+
 ```xml
 <Add>
     <CmdID>1</CmdID>
@@ -159,7 +180,9 @@ The following example shows the deployment of two base policies and a supplement
     </Item>
 </Add>
 ```
-**Example 3: Add supplemental policy**
+
+#### Example 3: Add supplemental policy**
+
 ```xml
 <Add>
     <CmdID>1</CmdID>
@@ -174,6 +197,7 @@ The following example shows the deployment of two base policies and a supplement
     </Item>
 </Add>
 ```
+
 ### Get policies
 
 Perform a GET using a deployed policy’s GUID to interrogate/inspect the policy itself or information about it.
@@ -203,17 +227,20 @@ The following is an example of Get command:
 ```
 
 ### Delete policies
+
 To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy**.
 
-> [!Note]
->  Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
-    
+> [!NOTE]
+> Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
+
 To delete a signed policy:
+
 1. Replace it with a signed update allowing unsigned policy.
 2. Deploy another update with unsigned policy.
 3. Perform delete.
-    
+
 The following is an example of Delete command:
+
 ```xml
    <Delete>
      <CmdID>1</CmdID>
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index 5fa737a5b4..b94d7ddead 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -27,20 +27,46 @@ ms.date: 05/17/2018
 -   Windows 10
 -   Windows Server 2016
 
+You can use Microsoft Endpoint Manager (MEM) Intune to configure Windows Defender Application Control (WDAC). Intune includes native support for WDAC, which allows you to configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or to also allow reputable apps as defined by the Intelligent Security Graph (ISG). Using the built-in policies can be a helpful starting point, but many customers may find the available circle-of-trust options to be too limited. Additionally, the native policies are currently deployed via the AppLocker CSP, which requires a reboot even for 'rebootless' policies (which have the 'Update Policy No Reboot' option enabled).
 
-You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). You can either configure an Endpoint Protection profile for WDAC, or create a custom profile with an OMA-URI setting. By using an Endpoint Protection profile, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps as defined by the Intelligent Security Graph.
+In order to deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. Beginning in 1903, Custom OMA-URI policy deployment leverages the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp), which has support for multiple policies and rebootless policies. Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies via the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
+
+## Using Intune's Built-In Policies
 
 1. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
 
-3. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Endpoint protection** as the **Profile type**.  
+2. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Endpoint protection** as the **Profile type**.  
 
    ![Configure profile](images/wdac-intune-create-profile-name.png)
 
-4. Click **Configure** > **Windows Defender Application Control**, choose from the following settings and then click **OK**:
+3. Click **Configure** > **Windows Defender Application Control**, choose from the following settings and then click **OK**:
 
    - **Application control code integrity policies**: Select **Audit only** to log events but not block any apps from running or select **Enforce** to allow only Windows components and Store apps to run.  
    - **Trust apps with good reputation**: Select **Enable** to allow reputable apps as defined by the Intelligent Security Graph to run in addition to Windows components and Store apps.
 
-   ![Configure WDAC](images/wdac-intune-wdac-settings.png)
-   
-To add a custom profile with an OMA-URI see, [Use custom settings for Windows 10 devices in Intune](https://docs.microsoft.com/intune/configuration/custom-settings-windows-10).
+   ![Configure built-in WDAC](images/wdac-intune-wdac-settings.png)
+
+## Using a Custom OMA-URI Profile
+
+For 1903+ systems, the steps to use Intune's Custom OMA-URI functionality to leverage the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp) and deploy a custom WDAC policy are:
+
+1. Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>`
+2. Convert the policy XML to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+3. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
+4. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Custom** as the **Profile type**.
+5. Add a row, then give your policy a name and use the following settings:
+    - **OMA-URI**: ./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy
+    - **Data type**: Base64
+    - **Certificate file**: upload your binary format policy file
+
+    ![Configure custom WDAC](images/wdac-intune-custom-oma-uri.png)
+
+For pre-1903 systems, the steps to use Intune's Custom OMA-URI functionality to leverage the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp) and deploy a custom WDAC policy are:
+
+1. Convert the policy XML to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+2. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
+3. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Custom** as the **Profile type**.
+4. Add a row, then give your policy a name and use the following settings:
+    - **OMA-URI**: ./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/_Grouping_/CodeIntegrity/Policy)
+    - **Data type**: Base64
+    - **Certificate file**: upload your binary format policy file
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png
new file mode 100644
index 0000000000000000000000000000000000000000..1ba4774163c7c6c11be23370ac7ce9ebd0e0aeb3
GIT binary patch
literal 78906
zcma&Nd0f(4@HbAYm6o^6%yOwL&B~~(%$0V_jmj<e%GBI*MFk`)^O_}@xi3_vq~@0U
zN~UIRprWE8;*NlTiU@+hkM6zS=leYW{pR&@;c!0ZbI#11nK?7>6MM(Pc;}7-I{*N{
z&fB-H-va=)Gy?z|4{X~iX_*g-J}CLKA?Tj*RX{OTi7NT9+2e}&6#$?NDZT!1i{$h6
zr?>2a0DxUBe||Q!`+t250L(CNU%z4%=Da|XhRJiX#9|1a=(6-G#kcbHk&lLlC$>cO
zqB@I@*HxIm*-<sP=uqGPps@0zI-+Zcgz~I&a;S*iM=MC$Mhb0?XqG-&_oQfeu<qDp
zSNUt$6ZelhJJ|FVAAc%hXRTp%gXX$xXK(It2CKTH31F1Kxo+69Axg84j7hx%3gV&2
z-<>Ywc&r!k-<>3L{X?r7s^#L1|Naj+GylP7yg_%ewDDdkaT|Bj|1{tE(6Bn{?e~Ew
z8!ET*hZBEDX5TS~DxcerrJu?DCG~F;K<4o=hibnNHB$34oo4_48h<>v^WB$NwRywS
z|I=W#{Oh3q(H9e&e{A@#?Zxem4F4wT&8F?o{^zw@Gu~H|BQp+N`mf7_J15qrRmHdd
zQu?pq%<&{2a+6^K5Mb21X$A=r)ffq>;QCxhW1+W*8bX~qCw%%%xuV2(xBzUx%MKpU
zsF?FMrft>_`$(^Mwf`C!wvh8BOIDR2E4Yy*^}Fe$)ezjLiVZ#hpFIv2-qQD#r6EwU
z8$PEX723BrRr{B`g+rM}pS+Eh;BTGT(s0A&o5#pue<t(0XodtK_b6`088MxDe0e!H
zT|%B08+GmqbUWDOuXVrlGD^Hok&kOzcy~3`H{1zixVGOH!#ksY>T!#Wa)3C7?*}3}
z<4%(zDeArkg=W%YQuDC(UvJ3y1^nq1ozPnqqJTH`A!fcP%CvBW$EjFcD=k?;vfJg1
zRO_IpXGYr_F(fB}8Ly#EJe^Tx8#CY3KzRO$gLd^_=~<$I+TC0h#4yxZ{U&L0IoM$M
z6Hv1qc6+2s|B`_tSna;8woyBG+QHwGri|#1AQn0j6ZaO|Rz)!NN&1j1*Yn(Ml>H<$
zLwY%@4E%(-n~a~YLI-nVL+_+JPWRLRqvJ_oa2@*hKb%-V8rj^t_ZbOaaP@4HVVj0I
zmVWqfDfjP5!FNX}qtdT1&(=BoSRkzG-o3zQzcA%a;$@2go-7B587*2e=3*F}&KMeu
z4oFf?I*`m7-W##NZ#m1vo)uCG+i9e&4o$(&L`&GWb#t@xR4H(Wf$FL?6-@YhVy)DV
z*1m$2ZOk#>jhD9xWKEBcGm9hDjaJLD>gMz_I1{%uz8ERks(uUu!qoZrGFIXAAS&Jz
z#S}xv`vzDIpWXvU>gqWlE7@1Y)lU5EkYr&aWY=H{Iot)jHO52pA7=6EA36lC*>ST*
zu=?U}z|C_`kO5<-0$Y>{YNH7O=Y;m*E5KQ8KzbLj_|yZJOWaJXx#y}c?!x$+gCz)O
zZt*yrkSqZAfs$P;d(VEnbA0cP=&PUZ92c0!D&4;mkbU!r>aCwGsIaFwySz(hu@9bk
zqUX;03^9P1oS+4s?p!l(7IYL15hUUfUx`^U9{!oyE;E~gRs%^P1bN{ZkE+=ZIYxO1
z-XQi(Kt^`>HQDUouNL85WaoOrsE94q!b}e%GxKTxpa+P@WU$5dg~XNvqK_IIr$1A)
z>EYMJ_R9&P$z2}2{vs@Yqfpk}52=Zj3*%S4M80L0qG~f2L!|`er!;D@@E|ihmS`DI
zz?$wF#E4GR;Bx40tCbKXM(|usjliHm_H%rrqVw45O`sZ~_PsA6V{$FtAq>vi{3`~%
zb2Vm&O3+|rYR#=vJ6A&*H{)W4b&Y9V{z5w>W%M-qIss>ff)e|2jY^cO@i=Hxe-f@$
zPPXZj0y_Jv2Uhp^h4uNI3*5c<EML%Gd$D7?5iYRbWUdTM))6d*$=``!)EuSnrpcnN
z*>MpHM*dN56#ly5QX%6+01Z*^;Np<U2g%iqrwbi<+;7U`OCCv?!5_T9qeZMOB^`Dq
z{IWMH*=Kt+W2jxn>gB=NvLddlyQVJxj<re_4Ve{GVU(hz8o+#sG@gM3FQ&Td?&}Eo
zqT0SfueRj#(jRr^wX0fnD0o{7+7vjAL>;#`h)39mdJAVtGJ~LFFKh6t{!L5yQ?J_b
z?QrHsxE=6Bljem}H4QD;TEh_d(^t6gpD5<`9^C~c5))TV4b9S~Y}b$fqb2_+i_GGb
zLBkgNNQ$>m`4n>{{1t}Ztqz~eQX3S3HK=g(DUesa1@sW-qr;TJB5AR^y<+$cW+41b
z6C&qT6RbwRh=7W?51oo41h?F651*b>Dv(lv8JCO(MDJst;SReZ<<}*8<kl?_2+NtD
z7&!wnt8+v9!RxNO7_9xMVDvOGG-#@zS+LyjoWD}h{a+Q6!U{`rjo8)Ruf0(WR$E#7
z9kQ9Ce-*Nh58&6o-?Y-Gi>(172TGm`Q<NU2WI3CitgwRchA*{G&F844$Qdd0b8oi>
zF4Vw7%wB|qbZN%WS>q8d$Pw4fB4-q6?M@Mtk~0GXH>`V@Us`+0-M=qzA#P;cr|UPo
z_%V_EiG6sgCOV~_=gOkH;NxBSkzEmQNJ0E-!ui=viCrfoIySnROSAUT^s5gX1d5Gz
zg?fM#z9Yt^wc6n7p<ZpKF*H^5){RA<_Ef5VCtzw^UAjGv6scHvf*{pRPmR6!@Suhr
zKtqJ%J&q|0c`4@mf_Mt#KZ41@$K{JRU?GpM3rTc_an!WU826iQy9#tf26XEzCH-3p
zxeI#gr{IKFSXjC(YAsR3`Jfi^cBh{dMit-L7ekLbhK-cYjBDN#{zsRRS@SFWXygqq
zGNmb!%em0@!Im?;sbArw>uc-CyAcy*6>v5UnKv&Dj07`Sm=bQ*_nMgv!ouxtM0ln@
ztfuDS;*T0zM6l#FEYV#;>$+%VRtq${HEVSzutvBRC$bRN{oGpT^0x5t^L%FEILuw`
zS8GGSe+Fpp4z~vi>}Rvw8d--MNywEVqJHpGcxgj1>S#Nww+M5pkBeE+Y+ESBIR$<@
zjqpU<978L<KY&<%SU0wU3aZh;GQ_vC{4=Pb^L;5Br;S2Vo2-_zRf5{(ZR7QsmxN15
z#2Y0Ar(L$Bfjw|<PW()%ZMG;U@{vkBNIrWAIOz+zgJP@BydWy+`VK@cbFY=|J?8>3
z;SFCO{Pga<udZM@b?$^N&5ec{!?@Rd;v*=$_CerCJp3#%1FpD+47ZJUm<u#7obSTt
zby#nt2X{r)&Aq>j(4qBl7{pJ7n+SP@I@iq;oyTyMo_%TSjxp7R@A&ffmb0Xtgx_*a
zno+UUpaItBSLmc};k!mro08y>kzC#vLW`j>d4~nc4%ejX9G#MFc)HfaA3nZOaF|dQ
zLI+)Uv%{#hu;rHw1*;Y$mq#G9V*6(v4qotujPLFb;Iof~It1;bWQu>?Z+zMhJ>W4X
zOsVFW1Ullf^wZjZl4GJBG19uKfhnJxJY2%fxOCHkH@c)U6Er>2aP>7PGRaSvydpeC
z_(FsBi1D+2hw9%g?Y==@DGHFHPrPV6SNJ$q1Z$@(@VaN=%=nn#HLwZ?%LXI+UXnxV
z+82`AnYJA%O-FrUgIUbMxBV$6TtjvLSK@~hbhc$LY`@vgPToWDoB{Nppzn=%ex;XW
zdylD>7a<!wJ2!%MufAf~poybh!2<joU5BJfWo1bXyvU5{enHcrv#x=VSX(3B#3sYV
zADi?<yy*+!%QL?{`%S%sxfDIw4?y8<X;K914j!+HU(e6WwW*13W-eC6pttYpszk;2
zW|0l=DTfj<O@}X;LstE3Hn&sKb;yBncGxEUytEb}Jgv~#c>c5HI6-Z0zfTz0)Iztr
z>Z`QBZI!Fb{OX+jO<QDmQ^4IWt>E#AOC=3;5s4%VOJ~CS=P84O3~2>+?QN$FrcB=B
zTl=&TwA4)g%7%zAY~Km<cxfO}h8`>QuPaBn_Mx~xP5Mx=IkLU^cHB>zlfKI_ZlIJn
z{na*@`p@ZI1N$lWuLFsyL&WyN(tbhvv0)TlU(EmvG4h`jT@IkLfEtd^>E>EFr7Szj
zdc+z$DHB#B%vAZp28&Xeh!Jq?9!@RJ1~>7v#6o1)6Gu_`7~-kbU9P2OZGw9n&dy$M
zvM3V2u&Hh7fsJ6Z7S9E7C<hfnl!Qxgn0Y{Fp?WH;V{LVR5^deoBpBoC#27M17koQ^
z38^?Y7Ps%bkz;pFY`S<#%FoFq6Lgo(l&vzrRW*?F+1BX#6`0e#K#U5MV{I5J&aayv
zJ(pECvzx*z>Q^)U$-etP5y*!Pj+rrEE+1<6`bgBJ<G8yBx%Y|kzRZg*m|eX+*iE$4
zl*9OwsG&+bhqT-j@fu2e*VHubm8@#9HqJmhF#Y#?NAd1D(b%3IDBr1Zc?DH5^8uVU
zlx5TY0Fs<++wA$iWqCovLkOuQ!oHbAiVF7e@Sza#E7Pa2u+gjS(So3OVoLjY>ju||
zuSP7{uDig*J#HOaDF$H_wI02-zXt-JclAUp#0`&s>ze;{7N>jKtJbcL{TAw3Xfgiu
ztFwt8r7S(kn_m%N2(zG^^lYEu4d_n9O9yMjaC$|!@Y9di8Yr5Q2wCZCnK1@!?ELzG
zhiU0}$3r`s%Sst=PJ1^EIFcK$6SM$@+;>qb8Oz1Ro7y9)STcwPGPwumPy@0v6M_cd
z2SeTBp;SXHUH-Gjg^pZMb^SZm2xO2q5MwVGP*+|QJBN04_=)xT5Jb3QTcN3Om_Au_
z3)A(zs4O2fq-HF<t3l@adGUYn9FJY(Tp}qMgx3BiaitUrpM)lSK-f+<RNCva9xFfn
zvB6JwgyC<dtS0x&qDqDvquHC~0jt^ktF0Jrfy~qcYq)S&QA>Bb^sU|UawBe=xuJ`#
z+fSB!ogScKAwMV=;K|xT41@+LH$yxz`Zv~;?EiCzy4o`-uYT{2-b+EaGnHD9y*JR2
zU;W3qHp}Q{B$->c50$>-VqRVk!9QizKuIvYLrZjRY`!mtWMg(0|M(<U{GJnQF8t!&
z$g8u6D7dbJO572-6@5D-hF))q#LR5jbPvxvCXO_b$1g8kYg{n;5sDDMierPSkJguW
zXBc4%@i@k6<8l|sGhoQ`g-{?$O<(Q=y6jZO8*uby?@$bQiB0SMe>nx4c-62mr--wv
zf=5+4xN~)3-Q~!xZyEJtGrXzzGW~9uGSUr{oMD(m=veW0ENdNjz8JlVm=ndHZpJ~G
z{Ty6tRNZRkwMrfZNbh{`gHu$!a*ZhI76E#kkC}u}j8>zWQYBxH!bf3(CKl4xo!U74
zUZ9<Jf=YSE#{4)>B7*J;^QQ*Hrl=3uqaU2bDOFy-aiIR5r~zdO8@hfA3<dpAd)SIb
z<s=H+AJY-|`CxG5rJC%Dz>ioE72x6GH#i+Ni3ACai+ak6P?(kbTzhd#^~PyNO~sTC
zJ`J-H|H3wuI;$hwo0?+=$;Q3b)Lr!`1qo`pLu%U3>KfhWPoyvNTI>y$+<keA*WjtA
z4hFMZ+ah=Y+C7wzzHgQMIaw7jmd#62@G7%(K%<{6O+LE$1u0l}LOvOqV$H|+O%PAB
zx<F=G6!-A*(<UkcoXdGrAdI3P@$gLwe}=7)Rp9T;GtY|XqmUy1S4$R6?e#u9GM#I&
zo?Cov3hvJ_7T$IhFS)_TG!>eJw;N%e6U`SZ-Z%>7=b~01CG}kaUC4W~%vuvDv|jL+
zPUJf8_foA%1U$Z12WNO$Z#J=xIX~~&PltZ?3n!Ma)D0I5V6V`(%`?0~jfEv^#D!B7
ziU#VdDsjR)KtLG4Tqirun+e#bWM|ytA49@2$;!^ys5(E|oocu2{1&%k*YNg{?k?CS
zy*$;3kZQV8{ll-$A_^F-j349ZUB!df?sy~htmHc$PBLB_t+x62uet>bwUY$*Hxszu
zRg6aRy#rwZ?KLwWa)M277sONX9@#Ne&iwd=oZ<K0qOSplmEv-g^azMmYXUKnJBC&&
zLC!_q1CG&42%6lKubss@f0PK3(B71adl~%9PuI&MP@+ZSAI3q>wWciP6h~Bt59Q8)
zh&4{p8bjH{8`<Mx=!lY)C-V^*O){443*>SnW+huaJ!Q8BT4(mMbr$T|KFnTWqr1t%
z7?|E?IgXExH0-XT-G_f*uP<>4`*gzmz96gHbSXg6gtAmg!)a@D)mcHUoRLaeyT*O=
zQ{i)AZ3!6;H4k5(Y)cRGw4UGJW)(uct`#{f?PI&nb0aPPjOO#&LCoYBG>A5!Q;A@|
zl~quK-;Ztzk6Y;}a|uE^wIM<MIp|1BSH|*b*yO&(_376GEAsddnmx7uM25IN_?x<(
z_^lQv#rS^?C3m*MMjD}zpYRC4vyVFD0kK`FDOp6B=7j5S8-|D+T!b-@^X^P^2noG#
z2+&s(`6tJ7IsJF?1Yi}SIzJ?FC*J1S!TOs4Xa0IB{F7mNR{Gu$y4t%(>6uDB_gI$r
zIpeH_p$+u3;n*rbFp8kRJ~-Yt?EPf>u9pG-_8&7@Ws*$)uiOy4TO|D_BO#$5AFuuI
z7f+IoDpmc-<Ncv$SE40z_?MntDSX`WYG=jf|C7x!`EqT;nM0|jNt#eDGek@(_ds6s
z9sP3F_1Cbb<e62_n3^PiHDj!|7a+_I|0pe@gJvWR3%D9%NlNXw%$28rO;;BW<My)O
zNyaS2Osi}M01knkPXM;=6>q>HCjPL2drR`G_OJhatNrHY4Kn+ilg%pvC8I1pMQ#QF
z-W~ii)-G9yq;J|kqyK&L|60=S&8+HBPr55dkNfhPl_dYNNnL#FU{C1<uxHPZQ|N(q
zHJ8x#6xiBseaVs^U58Zz0KJ6QVa4IpIsBL>xPI-Jg!O<!)!EX|S)&CP;^@K54rA(H
zLF`AJhmAdF6jMAEx#~BFoB>Yyoh4<%N(S)!(({umBXVCz*iuVSP_Yr4S~%#1-n8{K
zy|~^2BV_pdx`eu?+m*YIG)4aH?es%Ht0{3-$PUQd1v*p-#MYELb3+>Z(c2eQ{mgYI
zx+0ExcXO;sBHPfq_xQa+SiLD2CIm9hE6_ZMjEN&Nk<TJ;>!9Wa4|7gsAJ}(FO3Aq(
zh|aVOOH^I^uG92RYQ@RHmcH7B?fsq80D`3l{=Tb0AB*-4eeK)|kp?VSzL-<#D5J-g
z(18r@aJ17}AoFe;+<z0`*%M=>fR|WZO6K#|X;tWz6~lYT&CL*BxLHs;+#a=Nl9(Mq
z^=(8fCLB0Bbziwk;M=&mj$0W<jBFSDUR8+9<4fau@7nGh8|uT{=essC*7ceCxB^Ck
zDm?)ec})XeVCA|ic~^E=`pvM!4V!+Eg(R{ke}$?Gd?1RZ|C9z+T;r#}1B!?%Gd=v#
z+FU)sP~^UcWX^LYf8qGs+8O<bl{L^j33Em;bxV0&M2ryivF6{O%{f2q5#aVVh*bv$
zg&*%~SsFzQ7U4#jKB0!isPSo>_$#y4KaRmXD5a|VbHv#)esF_oE5{0dOpmdU!MUn%
zz>*a)X=ARX??C2_up<~asgYR~%|_w-Y<sqpzV+nyY;B@TFOCKrP&9VRt?)N)asWI)
z9gyMP%65uaM{|#_F<>}2jp$EVh**Xm1UwV=c%rlNTtv$$TjaHU!Bi^r3sb7Ox|&AY
zE^l8Gkh05Y)<n1tLG(+p8gqLxs%aQd7#JvCH+gH=Ye6)wG8AosQ~D^JRe*>tGFFX%
zJVwVGbqEO|{W>cP(Cv-f1)aV7cgSp;yUOdmChOMtY)zq<&yR2l?z<8C1oRzQ90FXY
z8wh#%H6nqU{zsSL;-NwuKB;g#IX*LQ4eVbgn9^$GHt#buM5M<L5F_Tl0}Ia5sLQQ#
zA)nbF*L%Mw&%6li9hC>+PaY_qY+*dxMpWg;GK2OR!j>O<m{3zdaI2Dt9DeJYdL4bD
zcc)F`TE^N5)hPphHR-FWf%5`>CDd?*;ZN122xxzsMiy%!&I|fZakYd2UHH0(>*6ZB
z{As#wIU_(gp^v1kEvBfEwE(5yojmAK@@mYA9IMMNu@UHDIGW;u)m<6mUX+v@P8!0I
z1B^qwQB|xpo7n$uc`d@PN15N>Vf?!mUAoI=B!$^a2A4MiR=r0~KiD)m886vrqpDuT
z)!OI99mbp<&Gy{Yws+I#XETtrzJnIQ5u=<ef6xcTd7~MtEU%lO2z2r*)p&^Er@1X9
zx2CZ}BM8qJx8Y(0ro_7bykm-RLaMIY;0dVS49UomVjM<0OLE`db)nSgw{0S&2N{v#
z0xrOa5vM?_8Mr;W(5cC%&`<cN0v?<>_?vsHi6M?e*_+F(e^;HC8c!)tW)uP`N_E`E
zod5v;9(Y_WM0=a)L*%39@_Kg>2#QXK*Tkfu$q6w{`n7oBT-MWDw<p>(>h~f_Ehxz<
z#hc8Usy6K+1b8?mW!r`lY>JwM-k!B#vbr=GC(cK4qQH2?&11NOJxVeXt{ee!iJm%L
z;=8<J-ireL>Vdfu!^<(Mlx~DeOyI=>2&#M59FWo@?(M;Y7l&8_Wx@O&K2nDfeDlGm
z!W0Pa#*EX#WUf=!ih0xg)s@7M4<n)4q{GJ4#~zA>LWTDuYe0TJL4c2IppIpJZ;lAd
zDW~;^ZiF9#Z8*4J7SiTK|33SCH3l7M#_As$tfqh0?l18q>v(>=MtHs&u2Dbz0vHz&
zM0(^T|GORjW3rw4rtqik=|=izsPYbH%r4z4cz=;>S{ES$yxI9DG%S1~{Qx7^#o$!A
zPCT#EyiPsPL#B^v>s%6)S?naMWodeI?|QIP2<b6}>=DA<L=`+COoNg-0?)0z?h5{{
zocs_Pmuxs=<W@*q!CSkjR<v}{^jTD4mNVh+hb;~9&*Ant3?mp%@YX(sazr?X*o;fL
z7Cg{_4`I`a#+Nz+ur-wN4)zROUu30F%O=9;yUAM3EP4@gkSdc=IF^YD0dK~vD9zQc
z%~4Mnt^@qj<*?R5Ic)9R+{2x7!8*D#o5<|B`uvqZ!(Nxjld=H8@Q()LWnbH_?=hLI
zoXNUxwBRh~kTij5kq0aC&~ojpFkX-e-7kR88CjBY6+(##p52Z8J?TsYBo%@jFx<Un
z`u(SyU_8>2zRx9BJ6;+Fj?VtH&T7YG3O*=5GAKb@8aETC?ASFPNU(y8=0lclNC7TG
zRt603ai32BE2)Y>Qs>t9!2Le!d_4pdU3O_$@EH978z$!}_=!$tEk~;hDH|+TW=|IP
z%4=IB4UzLrEeiXcA~!u3+ZT8@E%}eG<g?G?%`AlkJy<)tjxC)SBD7TB{PY_(@D<|W
zXY-$tQ{i<#orZ4f4Nys(pFR9S%chTcVuQ<;O$#!ZN3SdfBS_&Lo&_ewM`K7h+N%x<
zHBSru#GPaHmLCU^M}%c#^+6|4V{!au1t1=G@1Q3^9Dc!I-GyJeu+c*}m>w~J;=C_^
zQ=TP)n#u1nyse$7hw`w$t!H6?8({C~xzyov<zZc8)@7iy^N+2qEl##2A>lQ^ABKX1
z{1HCV`)cLdHygTGX<6U*%s*PGrXJbcxX&?QsLW5CfrQzi&DLKtVImACC9yCoKw<uI
zV-AJYa2@@&I1zf=jQzX`Dq5=xYNyscpdFX^C3QmsmI0hoS9qbez)m&G$WkFQur#!>
zeyBDt@-C=*H&|4n(0GUDg0fS2vQzckx=a>jZYa#0SXFziUq%3{G~3@GZ0C9x>HIEp
zk`>MvQ4UUSbkfy^o>?2rh0yL&$df77)L@E>_=-N<4o(q@?|*fOqz22R71KH&xokXl
zT>&eI!Ws<gs*Z}T$bmwh=OLhOGhKCKt|9`tSLo0g9HpyJe96|>Kk_~sn>_)Sn!Dr?
zZ`ifQm6n?wWM0prU_sZ`n(Rfvh_~vnrR~Zg36RJJ@haP^puhqSq?;QCwr$QbWIb#H
zUHSn}V0T-N56Yr(y|R)18fDIng(hgH{x9e%<q}*SUHr{RIAj_T5|af0oLOWhz)DUJ
zW=ZT{K?Bf(m155T4GAZKloY?g5wz3PSWAP}+w=k&(Dq3fGz(i#3(&vPxjIys1<ehQ
zxFm|&l{#+#>M^*cdI3y$vzTJG`!l9Gi&YLpeU5dhwZw_JE?(bjf%OxQsmc^PeE6#a
zPTUUyDM})?Aeg0F1;QuqV3xogL6GS&BF8KP6kKmpou2dtPZ4!?O9Iup9Ajp}9@5g(
zdg~>R-3N3)OP`fLbj7jTk9D7jk<q<)R+yb4#~PUw1;*FRM716aeYez!RIkU&VkQaW
z&&XoErIoIZT1SQ$_FlhdcTnWRm@h*)T`E=A-YCei+jU#wYmP2m=9}zE?5Sw+zcpO>
zc)8m0+8%|m@?%R;%9&x)ldW#X5iLOI@GcHo`P|Wfg%#+Yd|K5p8h9m73q{Vhe^uTl
z>k|5<dZ%rX$u0!%oOV&>?C6G@1ENUYIY`|=Rj8|elu<>bkpD7hx9J-t-F^nvjWymF
zD>*tGHR8|bv=%$n?_puYk&oKrm1B1vyf~~GVV6MA6SMXGBKZT8xJpEk9u-Aw-0(}v
zVUNQ`6zR8{(9`Y_|1a(JTOM{%v7jg5ZlLOv1!&E<WH<^N(n*D+Onz&x{{?%;<LuO^
zYw1r}GMO??Z1n8P&|4@qOCX?SR_(t8#6BJr(v#{{#UJipBn^aw{lv6tL?S$<lswko
zQM)qBcC+i(^|sCh6?^H(=(Jdv4OEX@*|Nw*@Gga~bEK-ZFDy)`86Um*=FIHx)@JvN
zT}H?5)}ILL>j_-=&U?^>k6lY@SAUi2HZtq9cG-hgKLy4H82nT;Vxr_2`M`IrQia7P
zmyoROPK%ZvsPON_I%`g$X+buduV<1wSbY_&_XBGI*encpYvrJZ#d-YB+Cu@jWUIDu
z!60XR@y8OI9@4QXYG)Wumn?j}3E;Sirqa<F<`=Zie>KT0mBTk>3Rwsb9szaBP@u~N
zfiN@MAYrsxb<TP)mJ!8j<qoMg`C^bki1vM=Mj_e_-^iL!%VPchL0FSwu;pf%hJ=}y
z5bs%XP-fyHW(SGYeON=?;(QCPR(o=%=*FY?wQ-}e@ev6MV{278&WIQ~YujDXc4AIN
z(}e5t#&co3$gryXuli0*u4?y*#Gp-6qcyZhuEr=4A=;wM5Uq5d)QFt6gRCcOt)dAn
zVB1=erTCuMy2pU~_^ko+DSS?~0aN8K_7`MS`CKgS7mk~(MCVx2kLxZS3?zJai_6$|
z2(8vs;O)L8kQ_<73K#BRrwIRs1=e?Rid4Jr*#)Yh?#5++CJNKVJ(in_G(fr1VvIK_
zCBYX1iMCB)&c`w~N7yZ*Pd1|}R-iYW>C1|t>)V-?6S)~8n-o&RJ)j?X)_|gno;I3&
zi=z?1b-Fqsl4KDIC}U<YW97u=j=Nk%!56pZig~L_P9bRshT>;DC@7DZJ83&l?{Lff
zh$&ule#`4KPQcu@U{5mN%*}0pb~8ICx0#FUfw~t)KI@A(+p9wc3y~r#Oz<njYyq{Z
zE%0TEN-t^d(OmWUpf%0A&V7bmDDKwUb*nQ`_b%(@2OG~XeyY-*5LUb3y-U)TtH#9x
zDZ%16;MXPpW#yU$GZD+b7<NO<$$$pWwziy~5t6A`VCH8`-P#rid7f}G7`1lcssQvP
z(;VU2xdG2yjNBs{y?En%4XbL>)~PTqF(XM2Bw8sZz@XFGTFzdXCC)i^Q7`AD#Diqo
z$xqcjDv;-d>%vKI(an%JL{U#(rJxzR=Ik>a4%pwib<VKgG~$OKFx2uBZ{5YKF%TD+
z+mwYU(rC=s?<D3@bir4XgT(Ay8rv5s9~Q}PFKNGr151H>72M;?4Wm1_jY7IcPyNmA
zqCwC};SlXWc(o0V)~wN;HAvOt9$~j}GP9jL=7v9u!y25fHJx{1<3hc7W95NTn8k+d
zz^0EeF3Y-{3FNj7fMI`5>p!tX%PY^9YusELVZq<04r*AhSF(?1eHY{)#}F~Lz+NGj
zjIt{>7*zI;++pO^U0YYT^w3vt#;hk5n&Fp!dXeH*4|-ppJUM9pS7p4Q<U@6`QatE%
zNRInX!&6-uM2mu67qtJEYSG_r^8<<Jo7d}wm?Vu4C>OAgMsM76h0|<&(gfI^&$#BS
zP!h7H6hKvu2o&8okV~d|unU4aT_Ue)m|+b4ou9y0J}K-sWIo|eo_lg@WOFSt8WCYj
zwNsDB_uWnD!Wft}?`MhmahOu45x7@P^+#(=*snt44-DWu$h;!_cm4sPr~jSdcQ~iK
zl1sP*B5N&Qg<NSPjwoaU;H_kuG$L_F-m9WUal5lKT}y}h=JHd)n~a8c;$;2g6G`!S
z(}dZ)%}a6SNcj~sB&WC`@-H#(H^{_s_371ES<x3VN!!V|DIC?rQ%npZ#V>q6tmoH%
ziqyB7S3V{k{IVQE^joh|Id|7joC+4Xw}y~3*&y_z@&tt`pscA_`Z8~Q5raYEhHr~a
zCoMgvs#WltY%K;hu+~k?U34vTi~?#p=_-k06B)oTdFOBFQCEhLU&fvNmVvzm*Gb6?
zNaRYbX+fTNE_bb|!RJY>*U2fHXCop{+-qVnkPRlf)i#O{n-dumTgHSS0N98N^O!$f
zv>qKq{tmA+8%o4kWEAA%jZQM`HMPUKN>Br)Se>;SlswUKNwTIc56w)dQ`ijpd~XnM
zUOHuW0VYUz?yz6n=CTeXCNUdZx~w?Sz<KG(z`5fd3vBx{6m*0`ONemVVTEoS`7O`i
zxi}x~w*9IHdwlXl;p_YD3Yk)Y`nPQqi!MW`80Uqj^&+l#mmxzREKYD(6BMNhsL?4E
z*mZqaShfG+`?_*T5V+l?1|}38E{P-51rsaTPQ<hoP2r%9YJVXjSfw*Epx)~yYbY-U
z^NC#?(dtdgzzykKEo#gvyw|P=yk+p{e#zz=Z}A?m8+qoeRcI6XSOQ}2a4rS0=&R$;
zefN4tR+3hp;f%kPHo>mHSg<kyi7bXXCs<?(An9Jl9`=RuAZ_!XujWf#ji0ps{Xo|y
zCXM4GPE!f{i7ZI=UPU6lsY-Rdbv_Mt9X`Va9~|vpHgl&h+9GmoAQRizI`5ubi|_3y
zPo|FR8k_iwt;&nTOJgEEwXc`ixg-!({0N17xV;=}`oiJqI_3vlc6uWRruuvR+E0r{
zfd-L!a1Xu>QbEOtYi{F6wk4i1O@)=_@_HcKjS+xhu*@*@XuIUtAB2!UKU3;@johOa
z{7s@7D8mUM?c}TzLx!~AgKN0Eyxx&E6v_{Ehjr}z_>9FU@_#&Lm+zVd^+<xn&b=!?
zVKwP9w2ICq)OpxY$szG4@{~TQ<yl>FQU~&+`8_}c)hw(DdjWV^5_LHZC30_(%whsx
z<{<<(s|P2EpvLQRK&J&^Cb`<X-noHw0***x;HJJTmygA88Qigts(FnMm*GYALKVa5
zP>kof@JqV}Cu2tc?krXq2*fD7j9-~#4)hG&p4IDei1p)r5{B1uM0LavWcB+o=Q?xH
zw)2X^oS(8BlA!y&h1INGPGi(aW^nQ8z?_?)Ap<dmQLMxHE$bJw>5Q>+aPcqbrut%y
zD!KVBBc~mkM8bErW0ihZX(>{lr$;y)F@;XRu_9GbJ)_Loz8YKGsoQ;RWT3>muisyD
zZp9Dr(DkNQ9I1X2;(3rt(^%>{P>d2C9)8nNt1em;$m%O!3$|!WYgE{q6_#`W7^HFt
zBD_b)49VYzsWA*G8mY7{^l!SXFg9bbOIDM>6;b;$IjOw15<Njk3e(&1qm~817Lz({
z+=2r_HqFj?^mSGH4bAm5f44>w(iT@kNrF4^`)C`CGj)65y692=fmxjq*M|+{Pi<nC
z7a3Q*ey@1VMiOTKGWWgz`G5z+N4zFqH`n~AWdcaeuFK#^>*(C-%s?6(XK@}N@>|UC
zob8EOQr_+5JNcpZiEO7){;*TTgB-@rTlyaTu&<eEKCc(4ea^45v>;=76M2}m3Ew(3
zt@zR#z;8sFa>@&1+8bb`Ll<IY3&czi_bK=hpcJJz%)N#4u9aw6$!YQdzTfz_A|#;}
z0UM8GU5of7+{3G|2t8;6Do`EU9cB~2e8}8IJ`Rtlu;4U34t5w#=~m;X)VDO#uHHcS
zqpZ)8ghql{u^^^m-_%?<uD(*wSl(mw;Bz&jLPb=F2u{5X=W3j+^d6(kGzkKEF4Q1w
zRV7H|E6fN2Uz#yhpa-p%$pZj;OWIipK7NaSyhCNPQR%H^OzCS4Q;lIW!>tcPQ^kIX
z3&6vsjY{{f?J_lMn0VbPZ)>HI7q2(0IEVQ`=f=)?j+<J&QW6kiX(x+sIX>-t7^{Yq
z!CY?3?`ugJNr_X=ywqklv;|S$3m+jI#6G1&wksMP4H#~f&J1x(_?oTP3D-4wuxchU
zZFz-Cy|nbe0Yl4=y(^XBrWx?q+;lnm@m=74wlIIzq#m`-5fGnL<*PG}ok{>^$JvMe
ziaT3hCb4pL>&sno*tU*UHxFmO3CA%X6dKX6lE3KfwColo^5}I0?m7wn5aV3&#E2q=
zOs6^Hx;Yai$V%Yrx=BJu3h0>2olBDSy4dRDyS<lQ0S)lbvc#aQgBL1C)5OnPTU#2|
zWR1!-7niS#+fqNJ9L{U}a_$(n>&PafC*bp0R40s?V&HIDeu{b8)Iha**j?=-gtUl}
z&+6jeRJL2wezrnT10BA2<F{ud{Myg(tsz4UAMXiL+z9;L6O@ZenBr`LXS<~oD(%UR
zrs#8a=x%T7K~Uol2aAat@1q;{Yft4mwX3+(&r6O;Ng}RkX|d=mq=~Ga?umC%NoQmR
zG%3lYjQHyF_EH)eCj8~3dtkcGZxoB6zZQRV-49v(+B)DRfCqgEYN`kBV$<ELv^iOi
zu>{L8R`20h>Bs|mV88>A_D5Di<k@!U7546+J$+=XDDG&?C34m{god*Bx{8xT;Byn#
z!)t}29k7n3;k|rj5UM#oIFI98XEzV=5wREwa?(P<0RcR;ZHpYku(>%_J7Ya14jPG|
z=wcTS#~#M=9w?8cMC}TArQcOMfo@n+1f02)$}(pE?7G@H8Kde)p*1nb)NW9t4%JW^
z&B5xCE7fR?_{uB$xp{NLiF+))S+~Dc;;MCDoK*F>ZD1(=+<M!Xe<kUKoN@N~3wH(V
zKj+okd;Gtd3}iDgeNd~Z&ubWy^-jbvxV}7Gt*l@O;~78;7*~$n1>s4>YJqWJ$KZP>
z?gT9+<i&%)4VjL&UtWIpfHA6i?DX;`LQGqxo<Y{|`+aI1Dw}o2p=*@b(fqQ<@7hkO
zc?n6|pF_g+qaq6so0|=z9qHX3rR=DamRG21VDLckImCjg*b!5+;xC7m+L#@q42_ub
zN35Kr?AW(>1v-U|YXCi}CA85+B-Ke67V&}SAWnZmU{`~7I3-4$+~#+Qz#xxVW~3gd
z8A^S?qap-3t$1qE;$u4sD%l(vc3);oGw6O&4Q(49as7ycj6uQ^(*e|zJjM5^P2YN@
zaNIpWaYL`~Z_ydw=WCGcX=Q)0Y)<r+X7Pt7V(QyiX$#eaOZ}pUgX?E`!+7AWvHk0!
zptL$?#Q^Nf`0$~iU$D1B>bS1MF<B`!Eim0sjctAnONFiLaqFxL9&ofvTG+>OLm^L>
zxEA*+KaIR38=SXAVn*6V2;5tR#hq*^FJlK`Ec5)eJfNxQAz@4-%MT;h;BkT?(pavY
z+ery$eZGF`DL5pTP3m**6`BN)iA?r9G80-p0U4wsGI)J>hjW<1b(Y0W@Ytfaes_Y`
zn-GgBESVSu0DN>gepVdRG?UO}sza|xq~ycLV2wPYf2V0M;A2T@*9T4Pi)@F`jP-Ts
z>J$1<(E)AuH(5I_W6J2e;cKOFD|jc$JeCZ~Em?~l-T*Ls4LvHUiv0}M){r30FZT-U
z2|TCTlI~PkndlYZAMp7DRkdxqB(dE5F;c{8z=7~z(R`XMhW0@^<kwwPe=Fh%zWDHL
zx)@j<@;qygB<KS?gGc{?t<QhHW*yP_l$zu+&#Y&KcIMcNCnxoU&ku6gWTPVgY`s>C
ze`<|Cnyy(q1qfBvPD{dra{+$}es}iUKmR{Kcr8iA@Lzg%CGLOm@V!SQvkL!KUw`Ff
z^@vIlo@D!yf6#_jee&SIy924V{BzLpy84n{65R*cvf>gDZJAlOI^(5Q?MfouU`T4C
zXWseZJGVknlgW-;^P#FFubL@851-B|826rg_C(KHwGh=uLvmlQ1?pK=uW)$pxi>8|
zSDTLcJ8b}5#{8+ME??sBr*d?Ba2F|2l$y)py2{au0naV;G0q%{Z22bcVeY5p9Yw=)
zR{hmXKhmedU@i$#_;AXe)Cg1^J)-hp1K`JHx92#Hy?$A9Bkrkb%k`on+09K^4(}_q
zK23yl*+arQ_0q1`*B8?f-$2Z(6qS~N$rJE7os;J_v93fx)hxe{w`^fKY$UbtyWpyl
zlIwm+ne?~o@XOfIIfD<1#35bq6FEyEeaH{rx*dD%9hpA@zigl8wOjs4c$QZ{aCLW3
zHm*W_+2P2VR?3jB?Bme4*zX&QGP}bL&d2-Io?n0s>a(5C_O0qy`4aPRW|<SA8NRn~
zEW(?IEJGWehU3j9XZ3^}<P*9-vs6g!3M6>1=2#-|dNKgON)Q&_=Wi5b9dUWMR-tz4
zsvNEgva6-QD)+&ih^!#-nZ7mP4_~W^F<CRm!aEHOaj!h@7w_lvwa?d(zj2s`8~a(N
z&$(Lckf24Cyx)SRdf`5LEpt+$q9uRiz9y6LF_zf<qW>aA(Kl5+o3)}(Vj_q~RK91%
zoEVYHmd<K7;3}ReYD-`ba}WC8({2!PPUx@udA!yiJFjl6THbU1RiH}p5H*CNs^jOY
z@)uHfbZ4t<{Rwba?lYatEtkq?&ot*3S2w(pW<<PwRHb$=tkwe260L^~zu!a*Ka)9e
z%De4s)$IM2v-aMqTdV!_f2FZ@R7(o$D=u@gjP@I2k7a`V;;Xib=8Yasl|H@$BX(Bm
z<@F1u8*u(sfBA&nsVG8z9p8DTWbk?r>Y<eJxwl(0p-6f62uv>I7rdh{N{}4RcVATb
zmC<6^D!f<5m0TbBNRiaZpEa0$ByMgX_tIO`^<<4KFyX)Lsx7=pqIWo}4rsCBoWV-?
zhJ^>-K5|OgJjIfe@S5;j>u>bC5!=S9m?6qRH<GyQ2b52p@XH3`9m?fDz3r@iyH54B
z&p>~hR7$E}j|-LOjz7}>>}FT&mR!k6h=8oibCB~os}I*Md8`@i+X(0tN53E$v6WH#
zlu&o_W4#?R^*1H1&g@T9?aRHywZx1R7}FXBQALr`j1UNvyUk*0dO&w1`1qVG>*Nkk
zH(!Jy;c52{oxidfO-D<PFjHPP#z^+MVT@#J@BQK19L(KOeJu1lqRoD%^ybo_v$C<6
z+f_d2HiZ0H3%j9uRfl<|no~PeFdM@D7*-K~J2WHz6?HwLB&q-P#_SzEQz~T`tx$(U
z(X<BN*&Q8K5)9QDtt%d{e2BYq-_5E(9v+IBmyc$cN<aW$v(&G+^||<!0TnvaMyS?e
zl{C~pQVThYz+<3AnY*cog^QSA=`q=(h@^{?uV>D1_chl_Demj$H2UV+tp7T1RVqy0
zejd7k`?H4Ygx%TWU;zP>QXXSmPB2v@CUZqeV!G~Zqa5}hwkbJQ)zzSdr{c2Qk3P7X
zdwR@$`Bp>`;(cvJmXtx_#x{TI<48TaVbD(eOV`YpJlBR$O1>Yv+au_20_fiTzl=(m
z{7N}_{+93DkD)QuqObdip5J|qU;du0%Xe#lrTf>&=2x{PS%&S~40!PIY(B2I{|shJ
zr6wd56J`8G?QG8%gex=G2a^QDyiPJa_PV^d@Kw0hubv1R!RygAt5G@NM5OT{5aiY6
zlkAhs;XLV*OD^aeq?FA}hoLR?jk%9gW+U_Gp%Sy+>uR!R7jY**_`cRG?K_0!T)i;f
z=m1?^=o>0>xZvKsUti)1e~6-?U!s0|i8*-)tSfN^*8ky3KB9db^0yK{ukWb#G}s`~
z>D3DoOFz$jGW!SS5&N$%lHgwcGx%qo?EZg|A^)|%*e9`c|I&|-*54ntY;}IK{i6%p
zg+GJgbu=t?e0U*iG;AU9C#B-aKd_UJXO3Za%1Is)wAQnlyz2v{jmEa9E`}})fBJ)G
z$(M|^3Y>&~A=N|bxwj;@xMu%6C8HPpE8+9IU4O2&{h|L~)4B2gAXB7zfliW}KUM#M
zaekk6QHniu=~-ku=IQQj|3YmppN?)#*e2nE?N5bM8zm<05B+`b$-f=d!amh8s)#-*
z!IE1pBd7oU_7GG_^Tc1y@1G9)0p=}PO@d;^GEX7@tF*19WugQLL{FB~0BYPMY5zao
zUta|Pcz|$KnKfHtC4{oZ8RKfcq`D;N(FcIq*@0Zi+_vV?T~a;kBW%wGe3>}&LNY<P
zI&Dh6>6W7Vr9Yg07QDGRs=0Y{v*5(D%>ct9V9CR_)`Xuew_`SbB>!FaRIz$IqLA_5
zMY`|p37=od{VTVRG3#qM#L%y|2M2q5Cz8Y2bJSI$KS7e#_C`yV0xz<CKA{X+OLK<L
z?<W4kj>}Q*DVK5wS7lDI8rbp7My|8Ywn)yPZDCWBGn;}Vq<LiLYdKWaTnW&Yl+x!N
z3=eE3ivnW=ECGV|f+(Df&$8fNgrrv3nYzalTDK3{e;?WP{UR_w^cDH*V3ov6N^}Ah
zs}tVLDx0;4)g>inJ`8nCx9K^pdAH+B-rs%hV@EICz!C)efX?5RrrYVyrBC;2fYxs7
zTQN&bfsIy)8sH(V>aj;L8v)On`g5)<R_c(xAr8V{R~f8*AnsXD2m%!j+Pb*5^Ytng
zU$yOMYnEss03axr@A@)ll3(1TnQKwaX1!MGTd30O8MEzUZle=Q2#b>~q-WJQ8SOU6
zcsQjt>gl~4zzg$5*{9>Gw5{{9_7ZrO@rwzHa7D$uRv6<)_s8#8f5U>?%FB}d+wHBb
z^)Rkce%o}UWbZrq+rL3~cF$B4TC-Mxp<>RjjO5wKlR+f|=nI<MxemvD&)|$CTW8IJ
z20pE@Ln5?iSMoyN4%~BvDrs%^xZl0{GO4hv{KhoRBuFaV-lMR!;z0GW3q?EcS6=kI
z_tfzLe`WU9;Q0<0i(peWB^!#}87P(Zktc!2`l8y+T=TZP?$fKko_JNmxxw?^9PmiD
z?m|}gI8eRcWYy(%>MWFfV|%tZuRAn3+q4W%=}*Bhx3S8Li>t53?b)tXP}&HHFthsh
zwYPs-x7j6pez!7Y+^RZtY$6S7-BM&dS~KCG=y}&5qtbK0*S_Ab(ILHH#taI!FZl3Q
z`l4rnzUX3>zkM<;wb<On)Eu*{2daF%J>I1-$vQNg8G(*@KJ!Ny&)~q*gF4V=e>s^F
z|L-m3`MpOx>gGCqHdNK5CnK#rj(mElsfe%2FLt(1SF-*5epdSk+BeIope{gbyawx~
zm64YAx~<_a?bMBJXKI^UHn3jo()%5{A-XX2Zcdfk$&D1JG2znn+KXSZ;)=R5to{18
z*LJJMEv&J!3DZ`#2l}q+j(_2=9vG|uB6+9Memu=jwua;-<8^J6`&9Le%kW&CeE87F
z@xdFgp(r7VW}7@*9F;2(e;$Y19<wXN;aNuDVp+@BL&ZFpvAOj~|K~RYvnk**684K_
zVWzmfQuEB@e634@PTRJ(CxS$p8HIMC$-9{VeIX56QJP~Gw4Pwu^jQ}>ANKU&KkSG+
zq+WD8b-2oMpDw9#e8Mr4s&|lRt(c~2kT-gx(mg->wPL~DdcF5@$%O&=%B=VxK4l~?
z!xLZS6(01!@tet@eR4v6ZmNQF`ZL`-dxI>hwrm;?@O_GHr3LiZXUm*{QoKT}lO+iT
zlmb`QfI~&4)Wqi5;_wZ$(7~8=qiSri71R~Y4v;yeZBsaUswguEtm-$YOalvMfB97Y
z>H%IjG3X<DU`>;ezRn^g(?u1YC`5htbHr?d)3>VT5egN>S)lLS;qSqR<=sHs?25F+
zeCyi8N9t#1<n|DWzT_W&b}CX;&&mTPu4iJJna3>;_;qFPbK|`2SUDzF;_y)Freglx
zPu_yxKc4kubkDX_?B(J=nGt^O@|?~iG)SC*gf`iK3(Y?upQSoxt}rR}ZR~-)?Z~0b
z`pkPezTv5!lTNn|!Mc*Qs-%zKG;{6Rw1G7=>s3;GkMZU}r2sJ!3;EjEU_bI`;<Qex
zip)ZUR;T%dfsM6RZskRtE1UxtB$=MQHVZ3Piqf4tBey+rKx*vEKVnmOA$A{2)+#Tg
zst5SUh>*m1+u;&k@utwy)BbV&qD%N*HE~2vE{>4@>Rix%uYsz=rD${MNJ?0!8*T%<
zZSxOVK5vp=zwE$x7nR$N|FqZ7<eXOLlzHg8hZ`pdMZIg)5ma-t9f`%u8>igT%g0W4
z0e9vn&;6qnQK#}oFQ|if-7D*jMdj9Y-}I7pwe8Fcu|9F*x$V&7FDH?m9N+#NrLc*p
zDx9nH2Sr%8`kmC&f`YEZ4gPZHm2KxTUzU}1{E%EZB3&&0R&&`47M<L&72ARdJaZ+4
zX!q_B8u!<F?#+uu=`QGjl1obRahbT#pfgFPpD@e6wZ^SV=4Mpoci8!VScILmmSmIj
zR64?^X-`-*RoQ3RmEi(^U)#DU6@Vl({cG$Y{_{7-zK2r0qUx^mUM~q4e!intGdne~
zI7J&4aA-S^)@B!&@XwiYt9qg;ER$wZUcDN+$-b)ol6?AId|usJ?KLNfaSz=zhBFd;
zQ$E7YO?9tfb!ec1*)L;UK5pN8WbhtQIvsl^fOL66uj!Nd1?CUfuZ~vSPN4j2^2U+P
zqdg~lUS6`9GqZd72n}|1Rv-Deb5%j1_TYUq4R!DS1AWXuiIEBYSH7G1iFp!-bF;^z
z_+*tEX6;&QjiR6W@dqvr!cOqY59ys%IPLu#Cw?{Ue6BxMalDGSKYWdQ9(^k5=Zt1Z
z<FOjzC~VE~t#g3yiN;Q+{t-3ClRxtMF>$BtHyq`DugyTm+$7&T=A7lAlb@vS%KKJ9
zy_5O=7=$J9ON^~`tVZs5MTLgCRE?th^O<t@o~hZ?`2(N{(gB(DUse~3%@0mFpLh>D
z`;?2kazWIPmlT*WN;65Mgys`L<f=QnavyXQ4pUpq4vh&0U!A}Qd7<NW7#MF!uRp>o
zMBe!HBiNR3Q2Dry=H2wHEH}|#XNy0AoB@rv&2{8R|Dbb!8QtGFaWj_PZ1GR*B1uq`
zJJse!hNkz9H$p2ta4K*2pS`Ldy3m_?)^)*3vMxc&gfKy~9>NM`C06;7It}}c+&50D
zPxx+}Y>APDyco~3=1GEr+W;j+Ki!c0V#LEdMpsY6owBAz#{%c{h_x@_`H$fBoz_LU
z9m!pDvu`*Dh-oGy*FejZ^Z_N&8AwwZ&CHvjWQ+fD&-cl#-{#G}dHFsz=5Y+2DRZya
z9^ty~SZbpiuyEBmGwm+w%LC<e)h!E~blR(ms);50GPDg0;7y{Bj?)VfJM8`Wf&J*X
z!b)prlfBxwFSA%o|C<Yw&-6?E(<Zn?mjBS-Y8G7w0l>KfLr#BU%LVoy0QSmO{8Z=q
zSk0$T&06fa9z3I(oV_aNCUI2b5Bjql5kiiA>4PXiiRWRzSGxhmkXoRX58L^1+Dy|z
zzw-WV?gyI{>XL_**75=VD_#2=$ENe5zZX7A*pv0vO9z-z(WRNDY3&v_JeO&dH@X!q
zs+tYwmuQ<!45QkmKR~an?CA0SP_2B?*re@<;GT(o<H1ymn`2P0Ey1DetL0mU2zcA1
z(xA5e<at-e^7Px$&m-pxv=s_JFQi}T+c;)yDhaA(w3@jZb9qB>613pPEnoyC3$ikw
zgRBGQoYN}q#=P=OaN9VYml|^yAvr*7y1OX)J9*;AkHM6p<9(P^o2f33l^*Rqy$%vU
zJK%*yX~=WUNrRA3SaEetDoV<|n?hQj$pm(MQ#%22ei~Mjowu2CcG^Q<j5{*^<#zM`
z$J~2HHQ9Atqd^2jq*&-8D2mcVKzbLI-kXFf0-^T+p%)RAru2@q(1cJz?;s#8AfX6^
z-U+>T&K2(adB^j8<2~p1x&G)t2ie!o-fOQl*PL_1YBdoKjd4>5gx$t}C2g`KE=lj>
z3_bEr1M>Cks@txTct7z)QMV!LZygMheM|t15afX0YN)Vi+Pw#y>g=SA)phy{>-)E*
zteA^fq6!e0gOi?K70)oMu{a31A~omHE9x9%sD^=McvEGc4P=E!i)eBE{`jB3{Z(&x
zd1Yt4<+Vw1-ky7D$3msVAEW4Sb%UglGrd%GpTYb!qLZ6IF8xdr>vb5$xx$(7p&X1>
z&s;oVA^0#k*DeR$<!x=>h9`iv4GJA?UH!}^35!-?i8>QSC(FyQ!vs-(-AVb>^g3|!
zy}**Ov8J#Dm|WPDJf>o=!k5Y7z?sZv<?Ei$A>#T>?5eVxb$%PHs-)Ue!=gjU%1Yi|
zYoh{w*a0CtNb}qf68Ozv8Zf(PrYU7k$IA%}614Xu%1HF~?>@30hd{;UR|hVys}?<9
z;1xf7@{)caVEV%nUoKn-LszH85^iXqWq#`ISk3JK87;}TvK;-2G~17M*QiglrrVh^
zZOhjz6pm4rCto`SL*nx7^g~AEG02Z;D~gZ{nr{|rVN)k(4YlY~X6GMBT!yt;p^i{<
zHe-vooxHQzVA@{s+9==5s$#CkCwZO!_hI{!I|-amdq}ujs~eQawj7$0s5P!K>SEvJ
z;Sg@6S!Yn7imzw7KlR#PmpF_Yp7h8xknYj7B0JTJEW-~Xy++#_6I$#nc`nk@JRqBE
zwT6w?(6!7jJ4YuJMh4jyD@t8GZHmV@`jEK?gH>EHw~G409fGjm6Z@XouMH;7-!eaQ
z>ivv)5TQ3!!_S*3JW)eC10}-JKZq-6jCXw7u)VU_o0N0ByEHByA?LXxak(o&%lV6*
zj!x6a$o>=rqInl^C{sssm!`^{o5j!H=0_b(*|?O$^TDR+0Y)yv3;fi}ZzD@mTcLh-
z-)NVJqRR-Z%b=dkiwWSwTdKjQyxDzek)90M-TBhZYZxhqH0oQ7IkEEx*+e72K2N~*
z`~<{OQ&kQV8Sul^ne+Eew-mVj*9#C0!i9Y9niRNvqy|XRf$|bW_;dRFwv>bMbcX*!
zKmTx`$ioX}a=(Y3t=8<$4=l{%j7qEV`APaBhsb&YwDXA&8eT|_yh%>v)hcC{*-n^}
z=?)$3r?`0mFV`j~3RB`!(9DaKWVlHZkb~fIu4bKatUd{$g}f%^%?M8NJ7l~(k}+^-
zCUE^6N4AjSHtA^eX~lEzkIaN`AQ}$<U$1XQ;0EQ_TqGjp;1qx_X~;eF+%|eu9&I#j
zacw$g-AaG8vRIiKAXPTAYgtX^32{BbU~2SxSteweey7R0<d@XxcDLGlDt^t&uMy=8
zu6S>V8P(=xwpOh*QB!!Gx^n}?uOy%JtccWhfeveD9ArL-eABR3wq#nA33VN0ycrtb
z9$RTCZIPt-!}I)P-|htlV)&KzmY>A&e3YHBX!3)9%Kls8fFk7w#o|H)5Ka*sYI0vV
zH%RDO3!?(rULs2LyLMi64KMVvA&PDi^xJ+D@w|u0>!K?kd|5Dn2-Z+9tSjS&ayy>w
zO~XEYh2<M+Cyu>!W7Zg7CP1@m%tdka@5OE2a=uij*x=G{%TVU4$Qds2`ULBQ_aQGT
zu+O)_OER_<a=|9oCJrY(5lIKXAcl#SpAwjkf9jUG3$ft#F6b0*ARQztEqrfJM94@n
zF^TwNl3yk9M{-7S45>$w_6#Hy#)9VnYVxD5lX%1c@XBb`WP=A76J8Q`YDXG&zd>+k
zt)xavJOKdd+dAkTOrD_=_lj~+<An#{-O_YEf}{{=z44DRP4VUOK2sHpR?ovn7oBUb
zKK*nrmYA+qZFX8^;yhB!!X`HDJm+9B$gX+8Q~{sD5aJd%i1NTDX`v%kTfB7*gQ%Xo
z;wr%hy>>!iJF$*=tL+O4`~Tnu-wZZ$q`8~dPfAu@0-HY(EA|cYglV)U4yueR^=JCn
z<O~nC^VQ<EG(OCABCZc6wSW}-eEj9ChZGf=MeA<{Q#7tsUk@`+aFs&sDQ$y?%zvr(
zAoHM!Ox`P{tCA@pF%5Mt)$MrR_WSG#FBg7w+cK`Gf<S>Xtz47Cy#-T$(j>;LgMUy+
z2YV^%q+G-$URJA&K1@Ay-6%F#4wwG)z^b-}%iZ@ipmzej_`AR9@{E#K6J7DJe^sQ2
zG+%qa$~=4W6o4gr7xIg`?obxJ%X+O4mWV~`MRe$JMCC788bWJVrIjl6Ai+Qe#K8ti
zWz`;^9)u-mSB1Qk!pd1$*$zBLvvKzah!vKbI8{-5*=y@f2RXRXu4o|x3WwyP0vezl
z&SglLXYD#Z$k@U1j1q6F=x?<(!slp>(H4hoyx7{8Qr-d<Hqo`o!tNnMgX}R{KC8{*
z+f(krW8DQYoP--rfh#`7W1qXj{6%=%^7FHSdKJ&<t|mfFI)bm<PQ#!cIfz6S7q%){
zZ+9KMg^mqVbIz@5t`gQMtwvD|<?4r}psGYAX6#dJeOK*c(Yl3Zywa8?eugI3rir}I
z9L^1n3tevj(;7m&m|^X@zOfVW28h>wJ~=7@(^^9doqlfE9rG~u5TU>h7QmR`joWxt
z>8yIhFCB{n8=xRsa3Q!h&ys5=Qu_#30U&>PRnx^0YGfj<d{PEJX>nMoDeXEz6uIlD
zw!(I8eu&mFNDA0aUg(X-g#Xj70+2jvZ;I;zB?gVzuKEn?e2MQ(8vOn2y`+<@F#gA(
zQD4&N4cVgE=s)uNyO!Og7YmQ6hP8xzK*vQ#=OXQr!8?oiDnn1Q4SePfTC#_+4WOc4
zGD450RUMxUB14N}?+4eWak~x#`kS^VM<GhPWoM9XHfR2q`rUuB=T%(xTnTjzlR#L0
znSfW+sMCw``&*-d^!XQ%KC^ySGMa@85I36g%4;@>u)RoCaj1uHwJ7f0zq{;nTHo6#
zDG2P>t7pyrgyn`E{$%%RoZJVE+ml~u7tP}Kt+*JI%7)528x5=mB91Jj!EpuEqA?NU
z>?u}?gbg3^Z5?6_bRP*QRdP*c!Dn}3Ox4n9`E2t^<~RAdW)%rmNX+7R8)euCUe~Pl
zwAnG8iKrw?gZ>3wPgBHi26*CaR`74WiIv;vem>!!&gA~$jqDfsIIRNS{#Rr3lw5uB
z9o=G+YXX<JRSwA<W7oJ!GAXIEQTZm{y=mbF6{nFsqFl|PvkP|+ibIZfxY}R$@%nFl
zEw#pll78|So%ZOX$s68n2f+*U<iNW!RYrcad^_=`GPy=`r11s%0FUO@$&Pcq-GuOX
zjNU3WBk}q~tqu-n{(PGm`Jsa>jFz`unE)hN6KP*>T6>a8tdBS@h)|%f%rotD6?vH`
zupXR$JZxRlK}OOg&`|lf!7Xxqr>@dDczsoF)2j8ZN-i^U`GdqR!Fk$DMGkrW=>Xe#
z#+<5B&5_Ig@G3d2NACJ+!~a!#0R2rGmz!bCZyw$tV<H98xhCV1&46i{+y&3pd!9?u
zZQ=<M?n)GA#L!#k5{Zr{;-5W&fu>C{7l(dTzbjr-(@O~I{`gQW4({a!&J|E#n>a~8
zT!iYZN#5dt!O3ZXMEX%6S6*pvIB&QJI0favRX!DLHStU<l<a!-ZrCRCsql@4g<~S*
zBDufz%w|K@(=;z#k#Ih={N?equN7pJhIHLs7iC(sM>RjAz1TqzFs}D%moX=*%XK+h
zGHOq{`{M0Vic9=DRtWg`j|oifMg-qLKXUdL_<o8=ZHadSDLA0vByVuqc{tF{Py@lz
zpEM8~s|bM?T$9J;G1se<5~J<w=cC=S{xDX~g?h~$GPbH*(#J5cou|(|smJcw!;a0?
zU-+*{7JJEbD3jJ6ktEJU%XJ8&FBW08jvaqNRqe}we!UR9`$J+fD)G`KOx!XN#mDXv
zxL~v#bG3&LNCT#UQAnx?ZCIS2FOx&DQHBq;JPo~6PUcm6MN#W9UF2Fp>T}ua`Iiyo
zww26NN6o9`mw5~1;>ID2x#9r&lFU#!X9g9$th1#|O@+_*mvVPr%zS8HR<#}C=iQ}(
zq%s8Oukk(=QrON4J7n;*L1c^Jc?<wPWe{6Tl^Q82sa=AAeX3pKxvSXeTA3?wXnrFB
zzHXqC5F8yrpC2z?ge?;9RC*d&bwmMK?torY;nx#W^kxZ`a8@W4teF~n9IY6VY)aU~
zkTGPIJ_vuuI2M>E_u?JW%2n=*dF9w-h6`kJ4S;$XCOkLm?I_Mx3lQ4g-t~)pX$Zhn
zLIW_Da}1m{rvpCMpwc-2pT_Gq@XY`_Lj38Gzg517)RJ3W{y^+yNoy8D-zPFrrg3Ru
z&viG*SHE)dfzG<Nz1LU>*KXJ$;r<t&ZId3(KI>!qidDei$QgeoFL}yGc~f%I&KJxZ
zrg%selOmw>;T%3~r@Sp;5ii1F;zPvMju}y;s8;W-=+h`_NAczFN6sJe!W)3vxqH8M
zAy&@?7`o-z(YC8>4X^^$RRq(R@6vQMy#_k@_@k1Y#FK?UJI{p(m@-NG)m<j{*P!vO
zfWM471*ZW$%!51i@AF>>HO9q9Kdmt0m)$soFig1}cvFae8#%QPM>7J0x?G4gq!_R3
zAHb3;TdV*0c&Ze7hF3Vca=3IefL+Xevh_y5(w*Cyb}5CCUFJi`$H?3kGAtlTztP}x
z?oml_lpSYi73|&`YOH$pM}~3esrWXrQmW`ES+iuR(e-8{BSb88JS#n082eLt&xjLM
zHvLgPOrkw}3Su~N5?e(kgym@aG$sZ5+7iNzJHF08pT6pGbG5Q$0@)$UH#ITGm9z8A
z$(Qyz3xS(*nZd9X^#-?Ge)z%}O2Frvd^hohU#i!Nfh}zEdi{CbB)>#eg;novUe;vr
z19n@Nr4l?R`YqSpFPFWSe@a9Qhq=~xH1M|8$V4nd!-vSAqANpq=aOxYo`9_e^{3{2
z!bKhVl-PjOlQn8Enr?=mcVY(Kqy2(c4r}A<{)MHQH-V{w*Vj6VC1ED22Qb@mOGw{t
zHf!&Ffwrnwf@Y%}1c>Av3{@ObCU?9Oy2Ir&cQDR<)rC!gI1iIQnKD4_lF+Ug(%f_1
zT5oViQD0>J+dbY5+BRO9*U!wyQfIx$+bb>qew5crr9`VTWNyctKLn8(`@XtrbuHr^
za=_%CgxTlz9z3=6md>7XYOm(3Ww1q57Y^3%BwFdsZZvjkPae0Ev$4EeU%IA3i5B)e
zT7ir7KLY-kJTea1PXFLy=+xkFGiv5UqSH}Xj>OM%E}*bUEDy%h@jfjtK0UF*4E&z?
zcVU@=mOxRPHSrWK?>L`!DlpfP=d1|wdQ>9oGq>%Ieymj?kdJ1V1n^Limg^<h>}>O+
zM6enEGFhmbJmf<yo6-xBD^PW)Y6YC^c)NEHJ(8f>T_qd?e^Z0s&F_EFwfCd`z2WEM
zP8FYl1DIkrP;#FB2qY^tpxJYEwep^NTkP57>0!U5%3xv`g$FvlaTOLoO`t!x)Xypz
z5{N2c(_*J&iW?icZSiH@a_CGr&oPg2K0Gg@h1^Y~Tb?W;Qe0en{2SG`zUOty=-m1@
ze7)WH{u@oDN<SnrHrnd82CnyT|0UI0(Y^Z;xl3E<J3-bpyT8wA#m(6fSlHp#zOUFV
zZ0md?oaXpx>7A^@1>~C4A<zl7A=w@26|UQ!obBD(66V#*1S+!!G>obIe;L7$QgIPV
z0jyJ8T*CuqZ-dRzbP%D)RhR{GGrQ!j$nRE30l$=()$?oS`?%PU&;I-%b=CLq_&$9$
zaU1>DX*@w^P&hMSZ#02wGU$3srHx!Raf`8AXuApx+!i~`u6M%|az<M?uA5)R#;&yz
zO)M?4A4)7v9wyYvVi8ZT=+<u5DHADvsrz-53ZomBgw#ku9owp>XtH1})YIk-A@0?4
zDb*FDj>iPUD{wHk)COcw$R(imXIELc<B3M|$wnbbljJ|L|0YlrX9_W4<`w2({#YZa
ziZfT~=A9(-$KP)>#1C9==`E(p<B3nJt(tarb+ol$fBEA<IchdwTMfVvJfiW*Mf(q6
zJ>5KkTwTAI+<M$ov}!c4rSn9W2<1GNI%*33a9Rne){6S?d={zCMK4tuoI~ls&yB04
zHRd9Oz^%z+^>Mn*-+C6v!rGEyB$V%Ru+aLFUfKgodK*R$WH@&##>2(U07S_1pZV>a
zA9~Jb`Q~izX?}lbBL7ftgnNi79onQ;i5|n`;+|Rs)*}h~oP#KUx|%&>N((c9@EF0k
zcj1aa#3FT&z@0#!F>xk|GYvqn9q7ILz{j73urj@5n@y|YY+4#B%f@CydFR`~n_hbt
zx9U+-JtLjbL3Vxyc?kI2!vh$}&8v~nM1MMa^JV>23E9b%D2uTXF<h8cZKc!-3NPP_
z?JYD&NQVEa%N<}q=Z{_#N2+rcY(!r+bbWo3Vr6r<#5%NN3g7VR8WMD^PC@+g{A0HB
zB%U&H<Qbx2rCLXyGGwj$1vB9E@&67opQfaLtv+rZfy~#1lPOZ)J?o|VyRqR^w(>>N
z<C{{wiAHJ_t3f1mZ3T))^Q@|t0B2p{(mSt0abq(eU0NKzik9UK@NQNyyYtLC!w^iH
z_*_WoWQ(u)cQx;u^~6CzE-G8N3VE>%SphgYnM*(I-8!9pRc%ubOo>U<V{!|r2HlR|
zd%C~BztPCDEatYMKjGBP39fSojC8Jd_BQ@yOaSI`=r|O%owZ5BAZC*zj1Ma|GTIDf
zG#?1K*Mhn<@`;Q}@i>Q;Wo<kcNZLACbF!^;`AkN;I@sI|$w=9DPrW~x(5=u}`5Y9e
z`(@WGxp)H9p99b$Ahk{k;(~%Wb>0|YqwzMBCY?dV)uJb!+m#J>xF~F0{Eoij9>`sB
z5AtN<V;6w4mX;xz(4(s*h=dQ9Hpca0!Bcle9zqE8_&g1brZS)`<gUia0zKH_e)SYH
zBRb3YIBD?@P9JY2eOp+F7oqfJiFs=Zgze)fGb6hypXLkwIYnQ0@4LytZB0ibBL!_m
zE*6$~pIjSK&8o$DMJX`K1&~xI-ZSv~k>XS}i~FoN!15Gl<N@+4BAH|aj5bKGH~$eh
z;qiOPv=)j@fJ|!qbn+6=OTb?y!GCf?8CMzu509ye+O;2*Ynoo(Ij*iEy*EKwR}@0v
zpZvUAvff!*Zg=yp-cRIIA_2KD{1ZQcr1Ne^C_>ZB><0yisGkG}4*l~G{x<=z;PHFI
zr(~d0$#naDzBty#wg0sy02TWZPckNydLG&xidzCb2EeKW|2Hs?w$z|oihxgWi9vlq
zzo7a(U|Sr}UhNG795{mGITF@xTyF-54gY>R4U*7@!fV&0H~EF(eu1rTNsWlazyI`O
zYSo;=t9<oo=*TbCl|H<MUWNP=;mPH}|Dmt^-IrC^`s2(vFb2ieJ6XqQ8wwcSJ!QKi
z?i3p<jJ1t7ISm<_IKF~2f!}$q-IpVsu)`oGSg8nh%!#$BXnn=m4uQY@8#{VYwb}%9
zy-m%n9&qJua6%R%+gxD+R#32T)RsHqXxqK4D1_QY(12YNtGx7+gPB3zqTaHw{d@tT
zoCHVAp8q>!zu7%`<*n}!6|@D^0&NZNyB>oW>dGIF<ZKgo9=|~lt}~SzLM`hYds_HA
zCxQ09dFl!{x7wrsmeJw2#n95s`}EW{1Au>}+r1$_5k8;##Qdz75t#ql_c*TIYkT?X
zQM`653(ONM8ZB79-6TJl#|hAv--xy=-FKp@+$m~9B?GL91Aq>?iZ!~dxtNo<XeAp}
zX-j&Um-V_#?`n2^8E4}+(+Kw*870#Y7a#kCfuVb-Z`RQ`&l7(Yy8I<z8>>B)8N^_g
z$lLv?AjhkX^nUG}zE3fR+bkASg_P)1Dw_|=lUd#A#-G{9cV-TpYWU;a7<pg9Y*;^R
z_@<bato3^6{@XqYkB!4R4`GcIvEI@6aHSmqyrv6|BDmZWHr9kJcol<bTM~;<D<p(Q
zwvQVx(%u`ZXXj@+MJNyEtNnHVaBm<D-w=P_YfYj9Q`+1+=t%B+aBltT3ri5!&9_(^
z`vy5BRP;*Shxt(U<<~o?<}KlY2<QCgd3Syy7^cWoFc(f3JxG!_)dlA7IhEtBKhX1y
zGGOuf;UU}trjv}IjMq&v-&*ampoh|fc+d78qRWe=$1EOA@k75RNn=9GU~lSRCQjxN
zFFgitj1z#))sj}t?@+8L`S{Hr%|+;#nPp!r7+t)Xy1Y1K#(!cC*6`4SeaN}<<)aQR
zr5p{$YkOBXEQmGGe1EkBPbGat7VZ41k;-%6HEy?vQ^BE_x0iTXg?2vXTgZk{*Whw1
zAA_W>?(Xcxh4kZ^Jb2r1rAFAo`6U?e5%z2grCYjOU%jzWd~}o3+FAT^NXrhN!o|o}
z7}rXs5%qX-qv3c(Yb=*dDdkbveX|F|UFxhVXC_mxE!Cr|&MUR$*o&aME}px;Vr)1j
z84$Kks{;mRk2c7D81wPvTNa>ua%0nCM>1Y$sdEaRQ>7^R54XX~%{|yrdrW#B3iH3I
zasopcnT}5zFFi$GgR7m)On=NDHeS|?c&FvR%R;@q+w_whiR|@Bjx6+<xbsJNgmLM?
z(UuU8UZLd*RR$`3Q0T+37I<XQg|A>B1*NO|w&qj62O8XX(rw@CsC-a&0qwE<R#U=z
zPEK@CC7|;OOp;_BP}UenL{!s^c1jR*`!u|O8sxKj2j+xWuI%pP+TbZMmA1<xQd>Sy
z47<6YOtw<D_I2@E_E;h5E-eGfZbt+1&$3~WlO|JtFN;>B&aqeDe{;rC;Iv)pCRvJa
zLGOszf<8cJ3E(1|zpGpS*Bftf@reN3@S~7P^xJV%4~*ZsGxF6=f;<27s*c4i*Tq`v
zAWeQ9AATy8SWs<Jew*$lY2N**0&1@Q_EJk>5rqO5(C?ShA;1dI7T}GhYo^xec-P2h
z{tA^vTlji>mEYo%NJATG&0tKdm9(_giRQQ7>+I}9Yn2-=BYI<4yiV`l>oNg&chZQX
z<EQ0(DGGS-diZS}`uy*A<UuRsv03fPn@23*{N7t+yefICgSpCw`pcSg??k%33(HWk
z=Ht0pd7TK|EijlPSWe+BXrrx!^J9GY>I``siQ{vKT*p^ev$HD<?dlrc^zI!NeApn&
zt8aq5`)QNBd#P&uekswI?zR9?#;DyE5-vq*zVi*h-BB|M>0jR!()D=Nm)g&P-zUCE
z+W-6TT<!AYr%qKziS6ju`R&j4FHVc4%1h2h_FLA{M)rOH-zE@qU%cCsrNGoJ4=6xq
zqp|Z1E(82~u8L}{JJodcvtxrV-8u<l=JH;$@={rR7_vPui$RHE?a;@aFu3&$3$OS4
zw>ole$GcF?JWETqj>F&Gh`noTC=aEAT^DBPu{xxlfyAYx(Aw6k=)tWXau7k@yR6tm
zn><33{6eLmlnfseqe;O&LbwT?^=!;SSRw@Sr5b;2uW(muM7!v%uPM;QXBtg?;7{-3
zMDXfF>Dyy%7J>U#;cq7A=83u)D9fGZ1};PutZfs6_I6o}ws@dq2}68TlNo{^>i_J<
z2|V9lT~QpO=KOk!=8kYfid-`0l=je69s3bp9DSelK}9v*+5$(8^n4Z!*k&0L$U#xM
zHB^|%^NB0lKhbw_KvoZ+tS^g))10RTPsSl)=kCa^Q_rB$;9~@qU{nPGtk?B;;D9!E
zST?7?TrZHeR309snwDaQSXw&J(Q7KhUu`R}Ic?nF9A{V}-MzLDYv4NeGqd5&JEJP`
zyoH+X&UgvrBogGlcv5fs`L8+XwEpWG&QWy65!Wx?Y#u#BV`i4h_m+Mm1A}t}bBYR%
z63?{RqE<3E@B2$ng}D7Djfrh@V$3nUNh*SR%jZl8W?1-87AlDdv0Jxo6A+ZC(WedW
zAT=M;q~o8EGrfgTLfjVA!C<9d5Xb~kjSjcN?=iGiaE1mpl1bhUU{!1BD4E83xatF)
zDWK>6M}({WI!KT$(o${FzBusK-DdzFAnfv$*xj(zM_e>Isq)z~aXynZ&c4$Gy!9a6
zhB;GQ6f-m(=*3Is?FVxRycjpQ?LTp@_1ezD=s?2IopW(Kws&OhWDyyA!fN<65*hbX
zxGk9~C~Nozk^F=vF!(6WlR%8bK%VaYscyr{hC=ph%N_J^d~=ZDNMIvH31-gJQ3=P7
z^uR$X%S!y5^3Kj|zh?+K)$!g404T($vHrxFr2EfuR)yy~=N$vt3KMtC4Koh*5xx@#
z`;P?r+>)%oHVqs1J6I=Qia_fynsnOj0II-8IcX<A`4YNV;D#!ZlxM(24%?FZiVJAr
zMrGTDq5RbjsjUXFMIh0Cmzq!@<b{#Oh;G~VTG@r5o^Ir{+=$p!XIhYl%n_KQ4S%h|
zwH(Pjp<1RCqUEHclLjwdtcCQ|#NEkOhT7f2hztZ7jnv=M$*Y?+l#h8_v;tcX`G7n0
z{1K1eC&q!A#Ebs{dyDxn{~H<P+}}HWx++$+KrE`Ya^QT_E9CT!v`9)=$jIPeZgsUm
zSc<hK{Vv?reoe8VxESjCg>9UEsJea8!d37730mZQn?;GOP=lw(@Ikz*gmJ*boMfl3
zdI2bjORwH!AvA+e2ZLJ`7Z^B04lh@Yfa8+~zW(6yi14^Wn5o;*NtsZ<A<=X|>v3ON
zf9Zr{m!Qm<S%fwB3iq1Oe6kMei`fWuk&0C{d}uo{pVI#r-BCM$Vy!)EI+@$x5ADV*
z8kTNGRGaBt!sDsx4xCrI>R77MAVDYVOCk?0ex9B=KV8TCo`24+%5eCXh5atndncky
zNMbRMdFN!vcQ0u!wPNbbS-b;k(A<~9%d=jWr}p7P?P@?;+WA@HgF)YL*d=A11drL_
z#>9sA08nzAj*8v!)3+1i+l}x9+O7JREs6l{{4aEEoJQ*<<*+BfqH1#OQRC^v<{pre
zZ9K(`>|xr!FufFAoUYpR6<kdHw_(f!EP<O$c#<mEZtHhIegYT+f^LD?b&6c@AHyl`
zjY~N69ID(uJSXqKWxj1co&fyePqEXI_J14o0`QwI9s^x7g{@|6pYKIkh0SONfOraw
z`krlfV3BBL^n7R3#Cw{*0Qtk1iT)X9b1mg{qbi5=^=ti%-m`bpiVfPhVf?4p{-+8d
z&1X7VyR+oW3AmX3Mbz)20Gqf!GW!5tqYiXB;irfa009J0+&`Q;M&3{-K|&TF!6z&|
zXSpGctD=aEU%cQ-ze@G{F9|jy2;WeMPCoACifSJg5mU$}MTxD{@pWC8zq@=>-mpdT
zb^S=6i;Aq#0duqQx1dN_xJMXiZ<_eOH%ItXo4>9zK8e+{`vY4_$pHw%;}2I-y>{fp
zwtwACl<;j}2=M<5blQQw|Mlk1D{LL~_fVT7Dv>?AhCe4-cmmbPKI>{KTPGJKpKPh8
z9`@u;$`Du^oH1JHN~crZHI5y+R~=uKxH_(7Xy@sTD#ealYoZ(UEkjnR?(UHdmYXG)
zeJOK(K7~AZAnxT324MgSF$CzKJ?X-ctb>8w^$gc%0G?CBb-KLl_5(ri9aQnM`E=nf
zaAKqOLRm||g^r8%MfU117RBt6H3cMiG575g^UQ{Z=tj(m-Z|b4MWp7yhSu{V!c*Oh
z+HMWy8ZZb^UE&}_sST#P_ZY=Ikn6kgmOV%sjCowv<)2??;Pl7mT;fFl9v2fWIERT`
zC+A!oA)1k(Ip*o8#_q%kv2GpnG-hoD6Ln?HFSYB%3V5kcN2oQ=sLeUE7Hy<fC9)8V
zQ2yoGU>tn(X=x}3Itr_sxjjygNozh&epq)o5EtV^Ciq0PQ-4l$vQ(qvMUn%<t6kHH
zSkY6akrU>)1l@>fr(HYySPyftB?H}xhnq{y-w$b$%#xg0>I~FQZ?;`60DwSFl>GGU
z#GLEMHehC7$<_T`L99SrK@Hm@NxOh<Tl#@(B>xNbrBbR!*Y#&U7+mq_k?bGuZMX;D
z$V=0Z?b;ra7yqHD{EHd(BwCwi4J??Rmj^f-+FQt8%>F1VF^EY}18<&{O}tN-n_Z<D
zkJLBEA&@8CKi@^)--t!MjVX9by79#}pxNKZ+Vt$?;U4z$Yr$+)<m{?lys^m@U3hp1
zpbOi*Np{Tc)?6RSe3Kt~OVOOo#{hN^OdLKOp_L;sl{mJR@I&AK91_dNTR+LyY}EO2
zK-i3ai6Au2+UCR268C5pW9z)aahaXMhW9t;bD=|(4QEzt!*8{|pG#gvw!e>I4)>fw
z_2P)cv3cuGR56aBhuK32juHd>e|jMxNePOm;m7mh=Q<otHP-db@3+ayt&_WWGKd-+
zNU%41dGS6<T002%QBr;kNA&Y(b%!B3@{^0q{6jfbICmeJga`o?pqG4`ik!Vk_L#bR
zWvVR3;mw7PhD`4g_D60~g6|0;dKjI$#zhA3A=@my`r3u<O%cx{A9b{8>Lr2A+d^|`
z#TKdQ=D;>~o`+?Fxu)gpi+MO=NXQB1<2?hnyKX-LYB7XO()yRxf?XuN!!3OxMFzC^
zuC9xjfzY9hKI(}ar<&BCSHIfXX!yhJZ=BaXVH&9dkfSGeLNv`zYgsxf=7pY?A{w!$
zPfr2Ib@OoNhR?gg>$|G`{PC7!XmM=AJKI33v73Sdr%eofy#tHu>lOCKKzk6k<!A&=
z%;@5HV`R<!Fr-Y6^#VN$n=-GF8akA85we=>&;_2d=l4HqBuLZP`Bf|(z<JU&q%BF}
zjBcs@CV3Rgsb@n?$a_f6TlC1MkYegbg`=7O4?TS)-ncvu%fgmM|KDQIv!SpuEA!XM
zXO3uLF^c;=@7xs4=4>EwF4-H4I?VpDRj>r%3QK7eIfQy7#@aW&X|<|k^+uK&>tck>
z$_S^5b9UoTW2~o2k>f<HwO);fvWxTOYdibf-HIYhBom)P`=s%(yyzp}kLx*#ptBzl
zj75#?jYDL#?`{N8uR#m#VQ;rnDk^mnpyd|l*ow+$6A9F~7eA@Rk!uJ7(0Fh&$njrE
zzm_;F($sRwDn*AnC0l5AC(|2%O)4St<9C6=+kOriYbbgQxaDU5Pll6s(%v(o2kt+B
zh(c{fXq5V;nH9!HfNw_IsD0zJKxgk5#gVlV)+Q?dgQe-%cl|lcOR@vr60f&=jD8r=
zbAL&jx=e$G4`^yCdcC59c_YMtFT?kns&6l6GZdh162U_8RD;c$awu1A7U$%9x)Gw-
zu4)NI<ML`{db%@-(rTD)q%Sh$f<WHtGUj=~@PK3x8&&qjyCwK9;w<-0zUQ@PP+79R
z63*kkFC0!AjLhTJ(H}f_IeEK<jF$O7N{}B{HYY*!rCk&p4?PR&?61uyRbCFeX45a@
zIb@OtOdG0JJSn_)M{%S3hqJG9XuFQK)fsn%K+cvAo4KL!^dipmw&{WmK9<drVL*4I
zT~M(<qtqZwAv5rXq4k!0%<!AaYlqjC!}7ce?N)lCTAGnmTsqEX9wG8~dn`y69mw+D
z4c_^lBRYXQRY8YWXTWc7Rygg3=T7I-3DKDuY73LCu5)XGh$KB29Qkr4$HXBXga8j{
zK#!clc&}B5LpZp;c&QmzQMv$?*Vrpx2A(|D_9vG-_fT_dBYd;e)CPsMrv=~dW8zlA
z6$n(Z9r-12eZ$bQ-yZY2I+N!!`kv}>**AN0w=etS)~TQQpN|wvW$S{W9aeGXO52gv
z`Zd>9DekA5>FuQ56*8TWcw6DjYS50`Td~d!#kRk93jC7Cr+cF=m_wQvg;(35Vg}0J
zwHtTtifz3LT;IL*2~?#vd%yqV`tz~>K}N%f2il>(bs?<$gJf*7I!jp2^Fr~43ozHM
z>uS`c*$Q!1i;7F(dE`I!Dp9Tri@wM4IOW><XqgQ2+tB`S29cLI;hNUwF<QhPC$jR}
zIPO+?V0K0LG40xzsGT^?D%7hy=mglu5O7WGFl)?q`CCrQW^%Mg2|!8G;F9BQZdTu&
zZ8Al&@F|U+-5H7?UD$=1qN4Jku5v#J@-pF1oEVzl)OPdvhyA+6$)#IFd)uErifjSU
zL#Yrp29q;xkO>GiF?#Q*2~c(c>@FU|A7A_zVm0DcPpEIg2zi&(&3=*4YAiJfArw)^
zd%J=FR+XI}A{(JUStUQz4L75WJBDqoQV1LAK?+QdLzm;oSn%E8WGp=P;zYpp4i*!6
zwHTNZcKkl$l;3Atg)Xg#Yr{ZD_+1@aos!3tQw=w@hHeh=R$V%+_vw${6MKGg|7Lfo
zva<oIg0l;%T!pVsi|s4#`Kmwufa>pLayJq`^4ji#C}IN7Tq+?g*bCbopA)~n3S-fB
znSaQ<AEbdLx#>skLyB#9H7Bcf;7EZ9PjUz~G#X(=$HM?rI!xkm5hQi{#GsWWcffY6
zPGcLAs+J>Sk}Dt8eTx%fk%tmyUsSxkbK+6{bKKl>t;Pu%@8j(qa@H9f8*62;g!Nzl
ztxYX6=JCn$)q?wRft=Bzt}y$7;p++VKfX^6br;3upF2Yaebn18$coUqmc~=2qnF4>
zQ(UIC->zhZG&BG;^VE#OOTq-~1@PopmH|#Vi%}JEXc}xW!A^j%A^=~O7EiF11Xa^K
z@-B*{mkXV^{M#~7UuqcXxXr@Xw%*M!F)3$v5@yVh5l5LDN1LjBxIu7qv#3@;@<~i@
zz9sQ365FW09{T;@Vw<meIz{KV=^)qO+4O@Hv{n4CPWucHYmBdw9m`_8r1CxMB7J{#
z^F7bjliErikF;jYGA)uA;c-q;sICy`;EC$!N$E}Ef}xhCJ_U%A)1E%LC)-zTP<?#~
zU^+`6qn~R)Z+G)@XI4&4{k$!c3`E}}N#cORz~pI>A=<d4mQ1IX7q)tph6wVom7iV2
zbc=*>DKq?Rrza;@jW)JkB!ppZuR{ZGdfF-D+BE9uh(1`b8`@4ZV%G6#JyaqSDxwgD
zj&Or32K6})EkFz1!aJ_}iur@wPk8#&*C<3X{A!+dh%EdZNC6*)mNjskvOcS0xckX<
zH39i?=Jx4Scyp6Lyt5E47d<73+L%89oa6%tNHD&Lh7&6{8oaIZ5SSDo`6Br2bb^T%
zWr0K_xmEEbbpK^vfdz+9v7<lDhY-}Cp;x37qS~8P9^RSH=CnFo;*%Of9=E`f1FPYl
z-{h?S(B=lS@@BIMNLmI&<jnvQ80H0iVB%*&^*%Vg9(S}W9=I;!OuQx$MaU-TJ$>IH
zLgxitlC^%s?{dy#)EAqb^|bp->ci{3B|XVYUJbUtw_(348dAL;nm33Zy{Q8DQu)tn
z%~jjNPI8|d)gVDm`B0?om-}{q7;Nwugiw1)v464I+iGa4M<b$Ya{;Y2>TxEYmcVh}
zt-T)ZHl%0n0yeHDw;UuaYn6$7&m0b)ax{41Ib7Kt+`83#$_)GsU&p8-<9dJN{E1ns
zq?E$e%Zlt$+pzmK3<k+5t6nVoPD)&qax;nr%Y)rQt^UWw>B5g8OoDm_Jt3?gJb;@!
ztX)#v5`u)YJ}<m3bk3P%cba-{%;UdNIW?Z_m50aKbX5(2P6BhOO)@I?0$rZ9-5^4T
zSd^Tdc!=$uaOb%^v!na2zeDiVd8qArOFh(Lg7@pwIJ8Fd(qZz#Jv!A0Fhqr5j+-Jr
ztvFut$SqYc_+RFoWTR^O8#_aXy&$}M*CpP{kdNn~E>{ymheYPK?{hZuj_jYD7<X^K
z!kU0>HU~X76E?O)MfOjyL2rLCukx%}K)xLRg%UdDP>Unv!e)uK%Ag;9(1cbe<1z{$
zCcoNKqws<-L1i@)zdh?%MrZFVmfdCK^$GZ7s}~0jhY4kgz(E~e;Ox~w-iwozg(WLu
zpPr*K%^KeFB7tyad!f|&=Pa@|!R4ZvBN0Lh7pH9KxZ}`C)%4zy;QYOB0&8BJlOfNe
zxSD$~DpDPxm0Yc%$<(J&J2TY((cKzf{sE{luMf9M<@Y!N$uR&Tz5s~K0JHmr!?uYc
zj`{-QW&t4I2qwXkD~+<B|3jeorMOR1r3fOv>Ig660WGx3tM=B_7mn*b85d)fDZD`S
zG|s+IASbv3x{|^IuUv#vDV&Dk<f(tww8#HZ5f?M!emXHr5Uaq#$7&ax74HbpLWDBn
zK8{dtAo??2zY1Zq;kuf$CLce5hqLz)keaU5S_oYI40ID152&UPU~+QO>F6X149Q~G
z?!?5$&gtq!5Ft^@N_sqcd2c!ZjVGg>o<|3+IiucdrD2fAd#0e1by!PDQgN$tqR?F2
zUU#O32rHbI$6Bui8?O0hUF~t<_|h_(7HR<dmA#DU<D62I=ICTD>h&vPKs^B{*M@Up
zSF{b+vDYTw%LqlxT>&0&xqGWfLAi~2)GSbr${};xNq>v9Zq|y_OYjiMC*hD`bD{K_
zU~G+M_n=M3LjFH@7)bi!oH#rH<qDL)qJT%iXX_ZMJ~sdcu9^h!#C%J`R6dL6<ps<i
zqzb{4`bF(9{<ZrB>gBPPZx(NoOmlP~RDg2!@kpHR2$03|ia*P@`)7*I$#F27RLNMj
zl_t<(pVM5FiHRyDi0W0~phq@m@pQ^+nP?<e<;lux0VVQbZf?zq(-5FX2A&_jxa409
zNa3!;bD9@xS-F004aQ}10t1h<2zMM$S(PJKWQTM4u{<?wMhcrY(0@9e%SOPWkc{9x
zZtln{8mx;S(77UQ@*dZ&e;Xb}9VODD;=N4h^d{k?8=<a3yPjpo&_!WP&De%Z^MB@E
z0yp;pnjGp19(QaZ-vA<JQhU}f&u!Cr5_Vt}RiG21pLXYqEU2skv`pk&a%7K`VLB{q
zM?JerNWSGfsNmgTUi-nIaBSZTuF*X+#D8X4Bl1OK_GU&93AGg}S*U`%$+*~MMI8s5
z9qboDvBRT97<EgDJ7cwOh=aA!%-hUwE&dgsr`)V(17teDk@xMLrerr1Fc6>yj$Jrl
z8Zch3GFAg+$6Wzo+|T+l{2uN$3O~_Vt3=(LiU4)sng-l+wVpt<V94o;a$WRO=o~nj
zY3Uz5CXJtL@HHk<9E%%7_z3{3R#g4`v4vsd`+p_GH-QT<@H@BUWGr{IaxC1BbJo61
z4yCx@(2%UF^6YBs0#lAZQqQMiHG9daVYBK8P?vAr(i@v}x%_-M)B#*j;6W|)4}1b5
z{K08G`3T@WN%C+uO-&p$tYfGC?Nawgod18x-2ZdG#U5jsLh^u>=N3w2b9vHp6B;-T
zKvd<cSS+9Kg;xrYbc_N1tMvB-(7@JT`}cPr)VoJfpFPmqh>k~#b<&!5WLplcMc#?Y
zijlMWn#}(-p)r0Xu!h%ugu}4z-CRe+2m!VJ4;7!CDA!!fl>mxGCH3cj6i{ma^Gp9P
zIl9fCMJGO2xM6Cl1?^IgI?poQH-u56Ax>e3f2C=f0`RRR!WOx(YamHiz)V59#g*E2
zrX?tm7ZSdX|AL0YphlAyf<k%&jrGbC7Dl_||2@Ojt#vKLIRz}Ie!2T}tY`zE75rD9
z-rFf+kR1$Bi0L(S3)#&D&p_e4g(X<N3g<AZ53b*4di2yKv{S6D7RdO|FG}z8p?0X+
z5?|&am2F+)c~!r>LCI&pNf9EcLiQnSS`rl+)@NTIV^!hD@NiB5Ra@!Pn6nwkXkuv_
zdYLyEcI+v2-hUvdIJv3ty!vq=L6w}hQ@<2ZbsNO#Q<5bD&_9S=$M59Kc|Nqy1qjq=
zKzqoBx=)mJGG77Wn<U*8Z2(_->%zj}dh^^smU>>ZXa*{FwL{+8s$R{q^m;S;6A(l_
zgYu~e@Ml?y>;n2{j-8e0sS-yNYrQ^E%er|g*r<wbDC*=b?zEe#ich|j19U!7=jLPb
zqfB+g#Uho{3g@5(vw`G~_~Y=l!^^Y2%PP*Mzzld>Q?U_2GtjI5GE(@hYjL$X`>DnD
zN9%08k%ISKRzoUP8kw<N=mq9=B#7{%|DEekajFj>G%<dbv$nx*etn~RZ93>{-Y~fp
zJ)mL8bcMb)*I_juqu{mOb%N=>n_aa4<N!Q8Mn&z}c?<1U^nlEv$K2g=XvZ9KCQ5G}
zp_K=|sERf*bhiWtet5wvHM^Y{&w;aA2w&x7F<wX5FPfMYp$at4t;Unu7M~0yE-M3u
z3>)C|U3&vWxdOy83!eKvh1ky%O=$wH*NF3Czy56qxP~M%C(UQ<04Ry3E{0QligCvr
z@X$PN&+B=cqSTEY4B=&uk#~*Ei?>8;S-e#$i%ojw4ycO5l5YR;z)(9+9VZMdE^;3Z
zujIUugQ%z8yK`d-*iq{()7o&M?h)&C;T#Mdx`jUD8d~hv^`=d_Y@*&8MaRJ56@IR2
z4R%{M?IddKCoS~e5Be1!r6l1lKuRo-&klbnnkBR?;(199YGN`otPu4+*{kz+xC;_M
zPk3MpU4J*pTrnX*FQ(g)R)_RI1ojt})ekavB0V_s9do{__8@PwnGfc|U<I@6v6h(7
zwTBL9buVc>Hrcdor@q(b$_`OG^VLhKW!?{>7|)vU$&ua<b~AdWyLn3(X}IMxZFAWF
zT8UtUMQkx)@?m2?pYWc~G{-K$+bRa{-9Az-ZC)4Bs*ng70;n5klw<4%a2Q~Du-e~3
zi#oyFOng5IMnVe4WeqOM<Efs*`2_nZnPtLV8hM=vTFya7(&S=UXl0RJGKQmnqXXef
zfhpG%^_4fTFreynR8G950m~ElQ>R`de&rSJEr7pvcqf~tune$!1E{vJlcQ%i;dCG+
z3wf3O-twOfhp8wP@w_m40rUAA9n%#+=byi7?ZC2A!(V&6QrmI?>Qn4lzKV!SJafc0
zFiV{NUOia>)719TH+Us#A9HpKT&fqCWFlE<Ka%B$Iu5(FvMJSC#=aeW_=n$GqYk)y
zm%sdFo(j;5^|3w>6;dr7?tS44`rMefN~9XC@4sbCvekSKB=Db?i8p5ZerG&Vq(8F8
zB$ZApM_t4Ro{wKx%l;CfHhEU2x2uTTl4METMY_GTd8#;q8>}=OP};8|x%ywSQI+Sy
zt9gVPOx2@cd={SoY26s9%M{SUu(VWBBy-^Hxz1zWo45d1ZZ?MKsj1K)LUfeSN}U3-
z;e!jLzzb`jhK^CAz{@-#b3N6@=27B^D}<RcshO7G?3`W~gzZ2(B?)rH+GqNVf2Bqf
zaBlix$hYoEP}ek&CGo{lb8@A{X|Q))LaHQO2{nM{qNT|sN&{+K&IrN04<!DFJ=FwK
zPk+;S?@`51;<~>Blo|jX?uf6v93`5^1pDb4CV(Q9UrOcY@ScoL%+-9R6%yIq`}2c^
z2v57G;z<;6mCT{h-Mv&1w<5dh1u6kV0ZtgcXtYLtO{lrCLXMh9J*kQ-4Ov+6w8m1#
z3r=tlGiDmNw8B}VA+`VIF5LQkFoR8WZwzA~e|J21C|!%?X8p<Ap;dm)UPe4Ow*CBB
zv&_Nrd(%RziyV%cx|+s}lH39QTjO@MwyH!;|8V_5AQ!DVx&2<gbj@dCeOV&a7bn<q
z<K}C?z|QzvE$|xBZdM!^dS{OFh$fJ=DT&-My*87;S%VH(wbNZJ-ymC}uQbWbdg502
zO<UhO5Iv`b-7BiIt22N5<X}TPWSs-*3@r~5@_QjcanZ_n;qc#|D}~E`apm(;hAP{=
zA8~~jLE3D>6m_u96#v+1DL4T%n7>-h5&?CaCt;b`V<w5dUk)qT0IOx^X}n$C$!>1i
z^Wf8xTbim7SLog<s`!gi699>!uD1x-j=jvqpC<h0D+1O0F!?TLb|*%-ElapFRh?it
zQS$3I>@48A&@k`RrSnn-;0xHMcn87>zyS#DdIr0JuRjwHzMZ+LD_d46EfImCD#<I2
zUIW)_l?oh1yxQ56c1N_Lztd6f25z)<8VUp-<4X=z8|0Gvo$JcAJZ8lHf2M1ZusbRL
z+X;PT-t@%X_rFjtr-<vfnEsLF0C(9Ld)onQxH_pCOUvoDl!;QnXve2p*Z76lO+W8E
zz!(T8YyTeyCo%hZj)|AHG0&BKnIUn7MQKGrCG5Z@_s{75ofOdCSAaW)21^hr2q;;;
zoBGgwt@tW|#sz*L^dtY>#h^9jU{aBH_O=+iQ;_lWXNhtxnK1E|gME8ITPsQTf7N2P
zmYy0B=X1LrZsVs{8C~mBhU_RVL8+%k?g0z~wKcmYJ$6LRczZ@^N57uh=r~?|%APM!
zfB#dCjYDwxKiSn0|9>(A|83&^A7cZu&;RBq{@*5rS8wuPuk!z=|4xV)eWGkxE_V8R
zu`N;Pech_gxKE*WJzC-qE3dun&9HIm(!r;hlc0Y3I_v(PCrP%xH%1=q`Aw1rxSc*G
z^|}o?W!m!(PdigYi0^#{REfZ|=eZ5|K8sagSh;gNBYAtmL!vz{_7rr|qy+#Qrp3lT
zx+ch>{Shm(QGKy0yZTsVi59Z;8UQ}b$-zdAn{y^u&Rs9CAN-XNlJZd8^VTb=>-MKS
z!Sn^#z>c5bKfxRx)u~&82%kJN_<?olgY-yYm4UwW!PS=TTM>QP@inId*!S|K;rz;T
zq<s~Q87}V)(j8}X(T9+tT>-1hY?U;h2ZB!=3>WB@x&+C2%{W?Fo3YXdww?9l8N&?q
zKQT+H4YnLM2{Ruk3=YrI0+;t;&|8Si9N75$aJk>y*K-Adz-cwc7L(^0tdm5K&szc3
zwb!w%2y)ZLx4QNG@Lb}odHuqnLpjGYNdz!L1nQlL!gnluI`U9kWmafSim#68mw+VW
z&X3lVX{X<Yh5OR%bj5YJMQX<1q6X9<38We}zN$rzr!C??`xc+Ld2st7V-Ul$1PpWr
z+KcxajXqwpDA<p-E9+Q$*vpFTZ=vT2G~95qb$d5hr3RSx<CpbN=9l{;fn8PBTE8=`
zpQD^VFoJOp`VyfJ*dQ5t_f*A<1YPrSO*XnY+R-*Fwp49%ZJL)#))f=zoE^k_lSH1X
zzDV@6^_SmsLkf*3iK&{+XPX<c8;yH&k@ql-3J_M#uhC}7^zrp}LF?VE?Kx))M~?Yx
z<B^_>uM0&seTeOXH3m@W9OLoU38SceeQ4jg(C>x@R?<n~jaB*n;zom~+)Vq53R_J?
zy|tfRIVmQme%7y;pN}tVAQw7wFtO7S$)~!74JULWR9DkyKUDM`Y-JOX`DEr+$W3d6
z_BoXOrN@T!N*LlTN?p2CqW+C(RW`QgNyz#UJ+zS?!~>{tbBELTkJ&8|4|NN_ctSb)
z+syx-&lstCq94;Ij^3V$P4!`@^V6{KF0z4=v1N%%1#zHf2xWjfi6j0JuQYcLHTKKj
zHLkTxd@C}3q&dcullzdCl0L62Cq`(zL=G|f@Hu2^s+bMFtCakl!wDk`xE_xfXT3E$
zSNKed>O22Rt*Y-GLFF24iQ+(rGxvq(+kgLB<hkJt+eH^3xhZ~fRD~P7)7dzmS+Cu-
z=VaPqVD-`ma+_fzm?<MfT%^24NlD99GH(8F?EO<Fj|qbbuIdUL7MzSFNb5`QlS<uB
zfZAZ94~R)&oa-lXb)N*6j8|*sjofr(R7gz!%&n-_k-rVjK&`YiBGY=$9=WP4_V-GH
zyB#m3zttSSOX2RhclU>ik#Yrj7fhmFM#Jthef(q`c}-%@b4shN^>DldH}!rO?EmeP
zC5>USPJpK{+?dbi?u*Ey`fhDsIM7ajMyE0hJpY>o_z%uea~Z|j&{~3D!7uY+S<j7X
zCP}<TwX;d1>bM`26|I1uHMXrtC-QdDH&|-sZzm-9&INd4mfoY;c%8kEv1^?=X+K`Y
zB}7yz3%H6ch$L{jN^47$w~Qj4`OM}yynFMOx@t>v1l(;kg3A~(U$z|7LL1)un;4yb
z#Z1Jrj0jFyB@9KRx+=eAsE_^QKa8-u#{*Zp_{gl{p!d2%z^uSl+#uI;(pf0$hp?+H
z(Ekli(NQ5#H@^pcWG3{Sy{No9#3G)S8)f?kGXZZCs(3OY{#oD6?NDLxfV!?{&l|ja
zeE;IUiyJ*axYVd&g{E{L@x76>0;5|njr{lAyqhnw$&EsFd*Tk}d$?v<Q9%Oh=1rjj
zQoDQPueTOk8<Vp>O~7|?j9$1kdPIHy_kOy^Lb{9#2BtA#;uLrlJqZKikt`3j1XBPv
zqz$mWgY4VlryPTi)HNDr3H1j8q*!FFMQYoOMwEP}&9k02VmL-GM|jQhVei7(t=CGw
z2~!uun<Y+1?baFCc>N(YA+k06S*x8jykh6p!6wE~B425?eskpvL4cO@>JEE&q(#=n
zhqCXqQ}<pT&fWW&w7<ueQ`Gk0(Dd8DJqfZIzRBI-)9sd`L9waowaUePv|3h<AZyVB
zn1lcf`b>P)a|32_@x$aGtP-{CQ5AW*2^O$LDRs`x5{OTjRpY7MJ={LDFLG3K`Z>iv
z&~rb|R<Gt!U+JU1bg%LF4+*foef?5zvQmWouV>DG+=mi)$Cj(7qKtxA%NEToy*Gf%
zaTj!$BxNIrnsvAgr!VTvt=fZXesirChbH-RFn<2bl|I<V^Y*vbq@wXeqhBp!6UY9G
z!bS;km)!AdnCQR=hDEZgNxenJJaHd1nx<55oJP!c?4PrOD$5)28IbVM%wKnOo4>`u
z5~!uz8P!^an?QkBTGN2PZebqJ3ZXya8kmcf-D*XUZ1)HR8ifTKpG#a0OHNOW8c}np
zf^R)!9T99L+*Xow95g_Av{vU#9DQ{0F`s6xlw=##Y^`Utk|itK-!z%nP3dOQ>Qr*>
zHU)1box=j*D_#(X9<iCP1u~P+1xkxI;tTqf57;NBm0yc_HEY(PwO3|UGiCc^4eWe)
zD0D0J=e&f5?ddJe!@Dau4ZcHkzb~n(4)QO)GjDJfi~E@txQ2DsYx1>?dcJXDMC|t*
z3rKsXxzx(p6|FaN$unB3{Z7!7XS4o~78;I!_be?KRAqXf^`{HZolZe7NnQV0dtYv6
zVxm)Ln)3TR%{kD?3;z#oZygt9*S(LTB8mzKsHg}iARW@uC`floj?#^EgNjOnba%JX
z4N7-2z|ajt*8oGDJ>c`a@AH0t?>WEo`<!$C;|Sby-@Ddc>sr^kcGh%+dVjJGFPX`^
zJ{}3~o?ePpcs{H+zcYzrbsUELh2BzIYUK3P_A|77a6T40pYbrqssX*;M9Rc6Ln|xW
zbU3)G`eOxw0OIO_)>^XizG}-?k8JkDhsLfO>4unWXB{u?0N4Ha1kIYMQVzkhR5*k2
zY`s>)sWi(nD!GBGVl~KJQ*)H0>4b^eIbikdm#KtI96s;9NNHlHUU~xj>mcu{^>_a|
zJ`SlJg{22}6Aoq}>|@f2lzWH1OeyDh3sgH2RUbwfMo`8KZ64Q<C}#Mj<*xQnOfjyx
zL^C$M#*>E?PL}%JGk0)*t+_CR1KuUVb4&AnDD>27ZBf(xsAYh1dTNIo5!T;_jSL{u
zO7+~a;!Wj@9S26HGZGl|jtX^eUGHfXaJs2b9s3J3Q4CA9#Z^Rsy<m8Co_$o{!zgQ7
z_It?dhiCUIC-~iDN8B;>e)>06DIr{ztR5S{%-<&ZE2(@th+|aYz4aEArAqI|jFn&y
zv^jjc6deAwUNvKv>F4VfI%s+PcN29VUdqZ!h?SX6zTP4iba$8+wv^~)=2b48dRD&x
zrIctVO}u?fN9oW98GC<rW98eR49mE$mW)>QMf;INWwvX1N@|XAM%%_6e%E()f-l+5
z>!lw{<~HQJmwJODAS>7X4E&&-$)r6L_Z!T(_$z?bE^njTbe`P(0VB1qj+b{zDeT<8
z4_P{K(uo?aVDj)<axJ+2BSPyLnWm3Asg}>%P!(GhE64PG>#*q0j8NE#L=<al6unW+
zDOrs1{Ot9goshO0h&TlwZjM_aNDb`8D!Wo3*o$x@lC58&aB`1CbDrk0CzSkl{vG$(
zkMru`^Q_Y<8r2&HRjevF7y+t)suE$Me(NP=|GgiO!dSu4GA2}(6z;ehzi-{!q+{Z5
z$6#jvX86W(ZSa={JNsYyn|fiR46!i;Ch68!{3;wP)`}OGSORu)Vs9__fJIWesO^&1
zDe<VYCr*;t4PhX)J?+WC=HD@|bIacs=Exh>z#P6(DvL9GO#q@=W*)cR-ldU#^1mHC
zeYw&$f4$COsF)aA{^~MGb@_C*(XVnM*;rIsyz&u{Tgtzvj_S3&2tOV^F>T-ou}bl@
z^1lZD`s9>zlI-R^kjD9V1t`aYs(2_MEu!L;3+bG{D)vz$ECBhd%Ie<(r~jL1gGMY8
z>TTbrZc&rfqNX<Pe&vo!Lm<Ca2<3SR(gH%Ymsh*Uybw|2j4<wr=Y7ni{pFu}x!`pb
zF63k>FXd!GHf;GGKu7!Yo*ve8oJrw#P*OjjEfGY!qpR+A?#w$}DG#aHf!m30Ua~JQ
z+xsW`Rjs}vD_QS{_VR^8<b&x8N!tsX1YVyH$OB!>;Q!K;Wo!4d-Gma$Ibk+d)^fec
zYRAgc1K9prQO_7P0Gc2D;Xisn*YGlm$KqX+hO%CZW#0mthO>JSlE(5pJoyEBdA=+0
zpzMcRslWlKm)QW3yvkQw0PIl%^@1oOXE)ETq}ga;6P8bm5%^NfzrIway6v`GAiceK
z=SuwiouWBX6t>)W`&N}+Y2||$>>J-{i>ZQolWz^I1Nyrv8$IUp;X#^k_I%n({M?O|
z%6kUevrUir-KrVNr?0y1gd`LTE?`&f^-Hih?&zZG6YZ$b&?W|OJf?G$_%Fh<$>d1K
zoD$ul^@)OoF@iNpRL^*f`{>DArzt`gL*+AINA_<@4S!-%L>Q~uUX=WBwPdHXs2jGF
zB;}3!w{1Ej^BMk|<}8}i>jJRbLIa_lvc<N$!NyXt6>p6MQBbq_ytB{a;XIXwdlp;u
zv)8v8U~rs-<?v7UTqxd7PQ_Vwb2=TbWSBvKXu`V1#0tm;ems5s@03$73;3FN35T7r
z)CZSb<&rk#zF*3-zrvxV&+Sm9>y{ZBnF``GL%HljVO*!?=D2kwrAHjFm-g@Theywx
z#6dc8CWHQGQyiQ5@FT7GpuGH7Ux7}`cfH3I;XxM#?f=0>1(=cwXiSDA@KTlP?x0t5
zz*m&|4bA#Z?7V&+XWf6yYy4%M&|$p(><h$jaGaUDu?&D2TC@|DS|(7=h2h8t-Q{wc
z#>?1WA`|XPC-CuFJRL``@3KLO9TTDI1Mk>bX4Q_~c8huE;2J_ijMDyLGj7Fu%JE0|
z%<P#Ks8W~0HiKLyFvmBE`!@0Dv*jutbH|+(kCOr|t5VDOzpB>F{3o+85Zlc8=?gmR
zFEU=j`ZYM!^FTV(`>obS<?#;mdFBtj2i^Zucowafw<ZBwuf2k+j_lzU0Ipf32DEAS
z6q)g=)nxLh28xSBDkrjrTS}exwY!Sxvl@)#B_*s2zLpq$I?X1E#(P3y>T3QiBmBPc
zcJ-)g0)Kz8EMh6)JFf%p&W@g1)dn{g3{>`?r70Wb>mSj>GF;wRw||Ba2bb1*aoOoW
zbnll)7vWHV@bUt3-kNWhl$}ao9}(wKtotD04iFwPkxKqYo%e4du1(|c?tPc$UT5V-
zm5M%G)9#P{;*H?a3mVXbV`2N+XHM7&v%K1|V(TvYH2XFzyM*q$Dku~hoFClCSMDlM
zc&7@aKqK=bjR~%YLzo2Fr2V-`Q+kh9$L=@L4WL7zx+WhI6gzJ-O4UCBB(7D!ej#I}
zdAO%}db=qjE~O(wnYy;^n;1u3w!<iE1=H3YA~lByn-G{!r8sSY#Pwt;IDG6-gV(T`
zbAckSU!1%9W}t-+eQy(cq={N)!5-~GE<~?CJEP{<lwE3QLU|=e$vtjRcZuWGMsiVc
zb*UJk4kcBI5g8i|9P5`py`!;WVeQQNdUtIrLkE{gcYnWa8F2erI#oCBlpPr<LuH`9
zN6aRRJ2H%huztO>Pjr(oxL*3GhFaw*&&bu-3s%M5XUgf8r7YYr?2S@4<X6)lZ4%8X
zKG?1{RP#b+$%=#13@Y}7HJ$CE(!bh2`?Lk5u}2udVI3KOYe;5$P+X{64@>3s_J2(6
z|M2-JD>cP(EHM=}%|L97slZS%jf%!(va-qc)wE_#VJ){bmdOZCH*v7-yEidb*Z(X!
z>)TcdfkTUp`Y8%(j!j}>Cv}A;ArPqP<h>rzU1n`XWA{|TtPaAfzvhb9*(xg;t=h`E
zpB8}gvFlWkt=6nkIlAX|(>DikTxn?T65sg<0VkGkyg*s3_e}ou7Q<HjX?EnGWin#&
z0wzoO-i9+1T<RbPrm!OWuZI1jXrD!TYat2+7L%a=N&|JQMOQYv#_kpLE8+`cq02&G
zgGsv+pPGEy8V8DeA6s0jZrhJ}vcM!&bAsLkav7L=$GcGxHd<Ly6hvML6se+QB2C48
z7*JPz=Lvpvp)D(4<chE)SMciv7{TcMGU*uNrZ~IG2X-UBMwTuSYyXQuk^LTNOeh&|
zhWsrCsTPwmcSniKWtqEmQ#s<?ETGIE9`1}K+fF|Qq!;Iu{3g1h9|StmpqAg&&hcQ>
zVEt|dV-stGs|?>!Y78aM$yF&ZV97F{r`ta6u0o8J)-+<|8&j{Z^rk~4dq**veZvdF
z>;@h9->wy$vzb}JS>FJe=M@z&hr=Ku4d}n6vcJPp;h#Bw_`Xw*b?zj&+For+`yN1O
zO*!dl@*(9bqPM~<Ai8pUTxL$8^LrgOjszZ?%Z_eOPdxcgo?W?6wUNE=8@g<&=$w|Y
z(}1E+#b5vxJzwK!AW}!M;KZc+b&;)If+YBXQcr=lT*hPA>3*nj#qLSA518X|;_H<L
z*<8JNJl2{`LnSY2es=!PEC~;^Gn&meLgy-)lh73UFSB~bAx*b@v%r`LWIp$OM#8kr
z$PeZeh7(C&eHFTjRG>H1nPA(WVuv;k1wO)Z`OSwd;H-MalD7-g6W@YKI1faVtzqg^
zyQGrzvW3w(n|-hKI^5&UcZ0can_|XWK<+UhxLBYbXDt^vywHWZ6_s$VvPtj?Uu+@8
zVWGtC@0Lu<KE}^}L;2h3>hrZ>EH9)Sjz73dmYB%HEe&w6)D_fY*kz6@{Y-7KI+P+Z
zEj3m3?I=#gfJ_gv0Mn@_j$5T{+{zb-j;>*|yt3K_lpEfpK)~^>chnJi0WEEqPuO^I
zt!G7^c!e4Z$4L5QOqV7wBR#!LJHG!N<eO1T6=Og#qk|16Jn%YPcjpW3h&V`#tyfd*
zw`3dPP``A357G-Ui!^R=ngNb|`lS)VV;?IZQ-rK})8W%c2XB-)p`34u7TYD<XX|7K
zyK>^ydK#mC5r8fRm+Z@br`Snt!S1A7e~Fez8AjfjU|F>sel#_(zgw$^M7x9GdQ_ox
z;nvcR&NfmzBQ}QOd7W9c8*i?U{1nt__WOwv++2hFH`Yd4&jou8^-#24=wEpKfB0%S
zfYjK4%`ItBv!4#=0=-Rhaa^mJGNXJKw*f>S4#YgmPR<ZcxwdJOt_V$T^m+mIlfyaN
zowkhCc?Id8fQf-B%R^hP1VoREPac}~T7IK{3l06HQ2@A8;5VPA=l`FNj`)wW8ZO@j
zls5fw?!f>5ani(p`}60Rp6eJN`AROT*J3IpkN!7>9@aygQvs!B3>fU*gw80I7Q3`i
z7x;77&@SE-cbnaQJ}N>09Xeug(W^F^fNKEq{wc(TK&r7eWF6_~j`KO>|IP6fAK_cq
z&LV_~x9f_+QH4pDEj|{_(T|XnR~SFge=#S)S~YZVby<M|t@hBjWi_cIAdoJmR@FG;
z3E=!+_~B08nEG9IXCx{E<hvH))keYM<CfGwnMV;1_h={Gwz=ZDYdpxq7Ij)~RG#Qb
z8(SG0mULt1(kf9rC$pO@te*KL0Cao@4>f#ps#?|trYo-^p96}JT*L0_@5(iv$t|yS
ztc{*&x9+=>?kgSQ{5N9pGIjGUi7iI6bRwn7v6CDN%_ZVpznh!}b#&&6e5i0N<B;Gj
zir>wrgMCNrPPe{=1gz7G0<B3rHO2SNMa*!fCGExi>jG{D2_HV_GF{o~g7FU?UM~;|
zKR<gHsQJ78QpgCcw?&PuPTF`)BULw+_AiNkoa;rgMjWhEL89epe@b@@4xHFv8$UWN
zEp7eG#2AY7G~&ch^_1zvvF#-cQreYLzKun4Lk3dCvzh`-9%WSazuU?iA5E{X_GYs(
z=twEAB&0Z0$<`Z+%d)i%Q1VpAHP8TB!pMEYAR3md@qIoJmH5;5pHudAhE{sY(v>Uh
zMc$o9>2*mK*!$NJE4;?-H=V2gxNYTcMpq`dBgX&D<m6hUt-95wM=ZRj!rdxCLKX2Q
z09E;9Z6?^=<3VQSdS7i`GNbY+%le8y-EIf1@M?5hLMs*Mj_+=T2X*U;9wPi$AnADe
zWjlH~G^&i<D1F!B)YxEau_<fgO8Oin|3D57uQrgg1<{&2hcu`|(Q;{G&T@)hR4U8i
z%e!v$^}+SeE<g=9tjs?3y2yR|ctRi+__O)o#+v}&tWtJB8-FCn;-t0&HPZ0K8g2n%
zkB`}U5=uZqz9XijnmedA8E!rs5M~T&H?JG|zs(z$GS<vrjQ*xrKRDQzweRC1x0Rnu
zyL9H2lci<cMtImw%C7wDhb0hoTyGCG(EvGaJnuKzg{PV!I_f*I_@mIN{nHRvXKQ+v
z7EVZ`W88sbYf0_fs9nsS2F|5q_n+_1wr0zO0gExqi0ljlBk{JR@5T!MsjJXvGQ`a`
zH9zhIQ<HCd%a2*smgQzG2n(Ekttw^>2Y1=o5ai|8DbscU){QN^#O4^+&Jba$CBHtn
zF1&Ah;)3iT+Nj$+pTRLlcyiluO~A(Aqk8Q{c~mh5#k&U}GcS;{c?YN`Z)Hak&JP#f
z@BU6VOE}1$Pj}bGH^*p^S&1=EDT*i<)Jcc~q0FI9uT0JHVrd-o8!W>_3aXQ$5C+XG
zXHcbfLk%c6ua2Z+ae7Q^q8QHaujb4(XOn#wPK%sQLx==r*B7QOwr76KqJ);4ca+d;
z0`#cDowTgXOD{cc_p7;J^HLHwtT(;V$tcV0)yCOxGC1Rds{^HjFJT)N)=5wTv?hn+
zA;g5hp%>X%Su>HffG`th!;R#4BTOyZnBjc&&F~vb;<pWK`0vKEq6AGkP=Y2mBLCZg
zD5!0z-i>N9$qu%{{EJm7r(I}9TS;0aJiH@)A+v4luHmCeE?Da7+s9FM<j|KK{vKH4
z^a;3e?jyxcSQy%KMC&vpF||KNMyyKg55vrW3^&cw$Xl|}!?{^AZizo6Y;iWLUJQJ$
ztl*>1u-0R45ewRHEy|BYHlQoVz>AZ9rMGSE6r!sk^oPmH&w-YuiBaO~`@Sa&x)_qy
z{v8bNM8OT#rV?k?q`tApmR384g^@{@j!vs?f=aBJ9>Fs+LzROGSrjAc!TirLjG<yZ
zWYg<+W8i3vwh9e2-e2gy3)GK<b)Qj|v+b-IJ<h{6bL!f2G?LP1P&FNhIi&yDK;Jsx
z3C;h&#r<Ge+d$*=v_d}7p#u@Y!Xhz0QGB(|;geBN&Fhj4n;s{4LdA%xPW!5p``hwK
zEwKW@_i(<=41{6(I=_v&dyMk5fy-u9w!@*@Ws2;80~{Jr`3lSYwzP~>&QxS|^Yn@w
z14r48<iKOr-q`_khoRv3?1l)FSlm`y9vw%qdEcuId5JoDbAu0z<;~<3{3I4_F_$b4
z;Hx#uJtP|#Bvon%7b6Po61BNSo6=tc$3Km8sUryH=n9D)hr{gMLvN^Ial_-~2J{0>
zgm^)T;r~I2PfPhL!hWm8CA@)=*8`>31PJ!Tq_-{(ae>L7a7WK#RA!hYRohUe?>i`j
zVM@mc9Exhz4(@TYfTP4fK1olPxuZgv_EdSfOqmlNMf`}4#PNuk_a*csGe=yiyI6uT
zA-AJ$F*j8wEMB@fUj-0v`j?HCUY2a7uC5OO4$`l8uJ7UOTK{&$3~HVJIM41)?*5sL
zQyd%*fdc8)eqGuj`7-`}d0u?9gsikAf*Z|4ic_XLugRBK=;NiLy~Lzs<{w57ud!S(
zh0Fw<?v8im@shD@MTQ6R<OkUC*K7D~3{IfmPT6InybjSXPnRT&9@s6&n9mmZ1aB|p
zf6ZCrdi}bme=NP*+*oh8YfNDvJlO@-A7-6gg`}kZQS*k5WiGa-3`;J-GZxN5zYb?(
zKiq-EI?a?{5fHe{jU@VK_Yb~14$ig?ThsiLd6X&&{<R1)DaOUh%UN`<=0(q}^hck|
z9QiDUaz=DXU0-}3WtHEp;;DQjw}r}gW=uk=#tXtgYE>n8Uphwz7ta2_$fbNdRsQky
zCuV*aklDi-t4w3r*XG;(-He5WOCKghJUz{WSu!XJU@n8Px;Cb6)qtYTbb)sqlZu;z
z?@gc9n`hq-q8xW^(~Vn1?v{4jADcdoNVZAY(4WKzA>fSs-GDnrk$}+da8$h-RIw^o
zUum_D!;vTTE|x{c)!IK<zCeU|>CMhUR$eqw=0{L4b7fRx&Pg=iY-N?RZ{ajV2N?VT
zetqRJPDnkwkQ?!ix!{XTv(K|hHjHhL;(m5Jj?J}Tp<Q*NxLG?prmOaS?0$MliP3f(
zGfG8g$eP`PS*07BK6WO9JSzVyQNJ)aVf{+F;qW-KnZ~{Z$MbgMfjc}8b9<5^ZQcJf
zcTzpAc3HXt&OaG4O`bNNoKcj}D?s-!(!2{wSK5KB;@L`fvGO9tzM!JXWTbHfd-g;E
zbe>WshB3B<^B&Izb$Xh;K_YQ_rwy^u#7%7tsZRv=hXdD(udFk)SLAB|J2oN}V91?s
z6P3MNdJB84uHB9eBLgS)+Qzo{0%IF*zR3JoxXY3d`_X|+0I1_V0J))VYrZM=`9q$2
zu70iy#!sqvR1?|{nzde<qkWeTe&N2l&K&YUxAH-=`M_8!he~wyD3pc|@r-_7{cS<5
z9DaeXN%xMPID6$}^;;H$+<sQ>&iTcB|DGWa6or%9{F8QBzDk3aKpAOxh(`ngPdIU+
zOg=)~EZQ<pHyj?&sl0igtL`=&<1WC5ZA)p(-gSij?}5oBG8;h;7&J0DtrtgXwU4s!
zhK1^i@#^azSoEjLZn&ellEDzxZDm@8n(>VY>3$2ydHuotjba^aFAZe~6=0I5$yj~P
zuvGB0F`U85ijc3QR%}mSS<}AS&K}qHyXn&tnj8Y!4kUG6c|UWwACJgDY-MicjC3Ad
z3@v|^w*^Q_%X8Lms?97?+h?rwUy|#=(SjzStGC>Yh(CTxQ7V#vr{)?tpzYmAG2a;6
zOE{}t)?Os^I_A5%QG2q(9yj$<fB;FYc%nRI=kxnA%|ayF#JtU*hm{&weIm~Ifmf$m
zpCV;QTC-L;&7X+Kh_P|cKR<XwJe@mBUZF6cDer=N|D8d(N*Ghk`>Ka5@Mlk|chHV=
zfcLs;^~kF-3R~~4mv|3e81{96Kr$4?_aZldp@ouR>m|G;<=G!{OheRuapIj%8IIa#
z1SNZy*ihK~0S3y}0f6?EVI9`zm<WqXBWaLa5w0D?zx)N-i{2pY>-Bs<R37{lO8ad+
z#|9wLiRaIV#8G+*|E8KYMu6gSeXK=kzy7&Mf#&g_k9X82#65S0)h$+khCe_+(5_8w
z%>_c|+uYaBU<81^58f1&2LKB8AfaKNuz+4?KU!y`eMH`*oo06v2q$!Gx)-#lsjTLx
zxJ_WMXkLV7l?)d}H7EoYNk>_Z8HtN_0|RH^YBe{(r2-vVV%;;;fwmXdyNjb@FF*f_
zQ1%}I>VG3`9lyA6|4?VixmC#JtVhn~0XNy0e$>?Y)9K)Ua+bkKd#DR2gUbO~oV*N^
zp<>Tsy9uWPI+8Rg&A`vsKA>3o0~s<sgf}^^d|;W#E1NX-yu9h;e0{?8!xMz#^pQcS
zc9oTPTBF^XB6(D(wgB1!Z!h+Dp;3)K)fxw!yR^8WwpU-;zPUc)3&Ac%Z=7jT!hK;C
zR#S{6dX+sq4(-ADOZ*@>y4lyO8>DRks)Tu3Xnn7TZhd;m=gt0}C7H_SOJLa>Tmc9_
zZ(aO~(O&0XHJiRuEy<9~fJIM%vlGU<9*-#=ELKm^;OQ2T&7i?wEep$^CiK0{5EEAK
z5~L4BY>|tBQxV)wCxc}D=Y7uen5tn}TF#?}>>+M0gA?86r-7n&iRCN1<<03(?)UMv
zyc1|xIzXCa$Ajb~@g3>7)JOia!#Pw2t?18q8Dis-{|f9t1guB!?^4tYax<hLd?d?L
zT4cr<k#<w`A~HNw_M$O&x<)&Kr71L}iB>{p246XLnsWCsQ`;}-ma6Ej#*jk#_i@%D
zC^t^MPMQ(sVhDJrihTU_5zeo8Gn2T}<bNvPdi{(O(E0bXQ#*AX<#*Kj#->^pg2aN7
z7$@k>vt1!OuPWw7?0LP{OV^HF%Thy@?KAL~SB_pFudFJ_l8(oqoqO;fUNd-fIcmM8
z;LE05J&GgS`qx9|y=B@=)DBV&+kzidxWV38<G~DxCxs5dag?H0QQ|1z`te2<TQ5Rm
z%1*LY#V!w5>WhhY$c;A}`@`6X+u{y4o;QCww8EbOIQd=7KMSh<!7DtMvL}Z{Hdq_6
zLE{<3L1f+46m2RCZJQY^BN+iMg7F{HPx@gs2V^WUIteGR(;VjguWMZ|_Vr_B*6NzH
zuCWqGeW^PbGr8!3AJ%I<&Ziq?jy0gp1daRYXYz8hsnea=@mFFiT~zD7BpI%+=5?gM
zamA6l>+MJz91+ahRWxAAx9AN{oTb>ehm`R%tRUZQgjC`9NE$`mvwmK}Xk`A)sMOv(
z*vLHkqBbY9b}nUOsl*iCbG|=OX}Kzz;F^nY+<2xGWsCr(A)EI7Xs1nEt<z!0&XJ(I
z(IQ&ot5AL@rF85Ig|90G)MaL7W^Id$>1$&p62nkvT20M_>2+W#G^(K@W9;ngvGCNA
zl9JZ^AXdzcI|5uzW%GGLS!BPQDbp4{kwm_d;+6>+wwEexZS+Rw?5xjRJhQaQVLLgB
zMw6B7vY@9c<sIg|O%69-|0n#<MUHvNx>$&g!<YPiOCzS-=N-D)%?-KU*BHwXg}gVY
zl9cP>X;IR0U+J6KIQY6@0ba(~pZvnYJSB~;9!7HTQZdFKeyTncsASduP^eK>qmVwI
z$de9>chLBjkE3>WEo!6yb9vl~yg<@Ta9)BUUuxdlB7O5&39>$y$F5iFDN^ru0I!ok
z%MSwn{NQ75w}f#vYG&35zFGp3@`)9IysX^`o<>cek2`t#n_crn&xn=}%XE!Pq`qyi
zzY#n*%?go~u6gi6a%|#2!aOT%!fN^>QJGoAMAyWP1z}E#sogbXvj^k>Wu2MD{!iF?
zTy8A|ztu4MO-qgE`%7=bpyOBv6K2`~T9VGB!bF|9*)dvF5W|V)&k)8%z3F~_qZ2iQ
z@4i;I6DlozZCfW(6JB^;N25?<-hUz;rFP%(c?f;CxCM+9D)OC&VWIr>sC^v^*NL~Y
zl>7B_W^k)<UNWIh{MmNk!nvA5a&q!K+G>j}um~=P4d*E?hmdoVqSVrICJL~T9f5(i
zwbzl{?0RAEn7+Vw<nOG&%*vteqPw@v1H+)VKR~38Z_o`qo<xYQPS2$ede@BE&$XLz
z6n2&|iaa`X<a8woA>`c#Tb51Od?KwlD6M-gio&l#dz@VdUx;nFu6!v}aE1{vyPe>2
z7Sd*Fc)7zAtmaz-=j%Udjz&-G*HyIOvK!^GRZXPYC(Y5+)G3H;glxL6o!Lw+YTOh9
zYm-J^3@<i%8ng`Uqt{x<{P?Si?GfJeHLr<U>YbnU<3DQFy>Bc8be7t;51Leh75vhe
z5iv-LBiTss16iLjkF9W)dhRuR3i_%PHVL6oS4*>(*BU*4idy(~cfmYedno+ZI~OZl
z%-iJOqJM9*SHJ(g%{D$jz0k!aU>fxQ#gCuU#YACz6pedn`CIaSdR_W>X-UcRn3$MC
z6DWf!1QKy@U{?gl;sVy&S|moWk&zGiA;ZJNq!q%^(b3Ebpx>jgu&|=C#wssX9T9jv
z?r*3Cb1}5sVd#OYf&ehjl#$cIQ4B`Ucydvp1RC(Pl;$y}+u67(%k`(yle@Kun5;4F
zzi-^<!Q+XNjLw=B77>YSDQ_Aq5_aLUbjJETxXQ`iP?1w&)%}dAG1Dm^ODM$;9qOB2
zSaZ}2XMIfnjh=?F_E0;sw76K8o`FG)v3l$CK9Dd{?cv$=({nE`QdU-$lmXB0GB7de
z7#kli&ey2W)~t0It+ZJQE~%|09%bvFpHGdVF*P;qlw6R`ae>c1Q0RHQeZ)G;6p^jm
z^HcehJ>*}HAAx@|F8?s|deq+vI8I=OL`#t4b$hY6-igM+D~pU4ml9P;mY|T=uNAUI
zxV$!O)L~G{i`U6J#>)GRFyW<IdV(kDm%SAElI&78N<dJeP3YW*JnzjTb0*)9mG>8r
zwy!YoF~!I+)~V6D{4R|Vnm=7waB0dwznT80O64L%4n?(V+s0t_T2xtM^b}bR7SHMv
zfrX2O0M=u7A>9(~$nir~67mO3w>`S8+~HQM0_7=+HF*NwH|d`-ElX`j9S#$(811)2
z4BIa+&F!hbdUQMEj_|gQ+QVY#iZ#6~JJ|`-QU<b(GmXJ@f|<5@iFw`{@x*?yA~dOb
z>Fo&{O#wu&`%Ti)T=kO2fra+9se&d4h)2J+f%BS~vvMl^ROYT3zlzq%DMlW{f414H
zabzSiN_@BHhS6c<h7sk=cO%M{GzARusH|&!)N_=)@Fi~DRJNxp>E2DlxT?`BLF4_{
zwTH2I_|K5+?VLBBTgEr!?l}go=q7YxJW)Ut*O*tTr|P|Za67asb1$;W`G&5(ITBMf
zGA8Jg7Ew-Yuy;N&E|F9$r{^<q6NdoqU5$3d9BA5!8+V$uBdg5SF+NC2NB^jiei`+i
z8-02)q9`RzimOvMv6^4SD9c+eifQ0gJEv#k-IP^Miu^ylOd26cVNFb^IkHsr!9j>?
z@pkCv-qfR$kDY$fq7*He-dtS`##de6O=?Y<D2GyIZt{q`yV^A7@_R39>dPSLIu6Ak
z{R$yXS6b%%;-w>pl};RP56mqGdw*S{+LN3uu2R9!Uo0g;jCX!awVrO#Rc>DRj{Iy(
z61?60sIR($SjS1IE~y~IIhSjlxX#{P>$-5olEN_@Pde+=&c@5{$>dq8JpL&&3`$8P
zq5sNT+-ahrI)PwOxA`n8ibS+dpVQ}5W3)i#+%&-tC-R7NZ+u1ShRNyJA&JMA(e%*|
z(gK&Kb<0{u5B8%6@zKN$D;p|C^EdO8=w@i|IWAY1R?FivSFVX=E~a>orm1o+>K^oy
znY73_;Vn%}EI<{ySGaR>mlSSE3ELgCoh8cE)#`{#*@y+Y#!E-z*6k9J^*{dp=76NA
z{oGA07#ErK#8&t&POD^KOzdX(<fliEy2SK*+I9|;_Bf^UTIEGzbaATQjCJ;E6TPV|
z4)!1Dn~QTruG6nUP0eK%53LbPa=M{aJNzODwyb7DX$z7KI8o^ouV*mxi#Zak+NYi(
zLdOSXQAhn>TqmsO9r>%qaZh0)Cj`ifLMWm~e5&t#8^ZLYz~6b}R-B-_pF5w|dC7Lq
zjcp5jef~4E*#{{DW4GcsP`?lz*Pi`rRVpQVe|_C{o#;A)ba3%KYE{+MR!Gm=kgBNT
z_OYwMd3rPlF4-Ax4s_cMQt`9qL_ArRvYegx-WA(raTU25&nkwqaERLkj{?#^OJ09l
zA74nGOdf;8Qv7(xls3s)A%+Qm)SP%Au}nmTQP9lF+BOoA(KfjT4>RLTX}AAKEa)&{
zWyoXCTCTvQ`*cNOHAe0*DkFUJRLvh+qn=JLBM(E0P%f41P^{lR*Py>s+HN}4hbLZ=
z8fJ&xu!|tn=P%(37Y=i)vy_g0^k<*RuFq3?(iuaJ)gaYt^!a6sz(hAhr$Qhr%<r|>
ze(p(6+8FCIBMPEdEh@`T6h$Rsy&g%eh4QxrytOcbw?10WlRx-n_wq(0@tci1FYMaQ
z_w>76&6BGrGxBXZwvw0j+e@3|S@M<Ui3O?EzSX4slESN6hCaDf1L<&`@R;h!(kY7P
z=SmAXD2jSEcik=j0Y;k0qJ$eSSbXn~ko2VqYQz#`bJeUIe>|q>fkqDsbO|wmL!IAy
zKNXn7mrAbhJQuqy7MN*UW)^hnN=kM*TG^82?Tshgve>@PO*^%l75!R|wlqu}Q(W3y
z#s-7P+OdD>Eq-c+w}Or%oAt&z3sp`>+$=V>eTV6?*Y=)2tJ!UjelA!9y{C4U#5>iM
zyKKL55Kl~=aX;p9xL4laH~QYf?a_uUq8;Hj3|$#n3#Rig=30_bhkNlRJlam!ToSLt
zd_gulPQ^k5o$E9w$%1s7%mre?Jk9485*R5u-A-VQ^ujCEr7kB-uUrqC=qbAYvM{)c
zz9q7*$_o&PsdEWF6W4m_Q**OfZ5wpU91EemfG2#T9JF}{K50?JMsY*;v{pVJAJ8lu
zp?Bov)x20Hx?+Zxo>!Y%K=Ijm%{s)U<K6P|YFg}k>VQl<|I@=jpcBw#Y*{$%x$q<8
z8X{KHAoS2nH`|TwN$C;~rn7>6ihC)UD_Iwsbn>v|(oH#hjqAJ_>m4V0B0jgF7VlU3
zrVpG8>yb3E{aW@Vr>AQbxH-FAdT`$iSX(TV`EV)w%{PJ?rtnT2uREPL0tXqFo*Y9x
zM<>l*?S6GAqqcRvpYbrxPW{>0ep9K6rLT9+m(y#ScE{%@6-D|qUk0XvWN<oLak_F{
z3<YZU_hnjb^-Fc7-CGuPSlsE|740a|K36ZfZgMD;*v>X$vM5C&uIieYNU(Eo=t1)}
z3u|i`*4NkdX~FiqI9tQlU;6Xsj0R<1Ufvrke^xfO=YoQQ`V4it%tq-x1B7;2<xQy}
z)+vQcsr)lp9o7<hqD$qm8he8w2mN2RXV_I^4=7Guw%Mgdr0hN6ReMWCHB;T&A%!nv
z3nO|)xf6mO6<NJIOI>@kPQbb9IC<M6xHqXp>q<+>i%8;6@U1+?&B&UiDgFX^=Dr~s
zGNN5=z3zgfB~ARa?#_>$Nb&BMEi{ua2O_Aq`#Jd-h{%er6u7&E@wT`W$Vo(PLJHQG
zy2XSG$a#DCmrt_SThjVBp?fxGP~N9@Fr;u<REQRG|0kucjm$Bpvl+iKtTZ7<!%5P*
zW>kmnuWeWSOAT@6H(vtA=&b%XA?O^KTkw$cr|y>4PJKmzZX)@oDX+!026mPWFcy%=
z^o9479qTcanAn4NP&VP?@lp+6_7eHa=r`<F9>t1xGKL)95&d>;ChVLTUA9(O?6Zgh
zw%&Tnj$nn<8D$8X3I~DYN6!xvl=Cx`VjnLO%e}3Y8C{74c++SfAA3_^y6x5l!RDze
zHV+EgiuC0I4C*M#CeADeY-08@H&;k}PCn?%nj<@>S~;v2>&P-}$q&~P!bD_X+ueID
z3$%ghByn!F(GvqJBK$Ec=L3*aHTLe&z$%EdrqeT&Lk6y=6v;W53_a~C<|H8*u`96o
zGs<&~*iSRksv#sD=h}-2r>iXsd_T*OCnYl-NnX-DtvC~0bJ2<<u2LAh@Ns#%=)30w
zk1U5zyWLAN0ylGV**WhDh5~g|v`qI&c#0E)=j%KrZN+hI@g`0(;V^vsFT1b(d}z`m
zg{eK038eI#cm1IqhUcSPdqFkBBK$j!a7^d3wDUdBgW_)IvATppEhn9}<Kwz16W3XO
z`ly#vC*IU>e3BzUIGl2PrDiy(jsv;X$$iRw>IjW0uRE_EH8_6Tk4)+_lylr}A`mP|
zOM7l&Y1!vA^OYbM90S_zv>0VThir%|DJ;}>0@#}&pSrsGFbK457uxT`cNRK^fmT{B
zpuB?6nu3zDOYyyqj*dQ!z1o7h$Q`EacpY)2Za%MP6bV+x&%QlWl9pt8UvMKE$UxlI
zD>H0QnlD#9)7BT@BbRA&x1<eUzPUkp{wm%|U6HKF;>_B>9Wj-jrbcynwn9m;D0!@$
z9?JRr@=#lmw<R<?*7dHSB;UfGAb3=4q%eUL-pOb|n@V+4eH@{lo2Z>8t<}Vh0_f{0
zW_UjTDUl=Vj}H!xC#MN#1ug5YOO;2v(KpLDklWF!R~vg&YLD5XPOC(^{-7?sPe=(d
z&jt+-FhZl8Cb-6ti~JE5ST0mmZqwzhC66uRPP%Jx^enzqnDLQUxl4VhI(1)Zfp&Oy
z(rjX}Y&x&9SDf!khgm%hKU;G@#o6(<IK%S(6LGPI83s?MuZfmMp_f}ukeu31S9V${
z5I;9KtCVSN*eLC`Ic|=?o~jPmvqQQc2J%O08Fow*RLD`@RY1vqoSeGHli^~66-4x2
zHGG%N1Qj8?zUXaowr83L?3Hn_N)RV3*e$GiMCu2se*e{&czV7r4yW`79mmP!Z+^r0
zv&g!tBdY=&S<G|1@aSm9^Pp|hA$Uum=;_5b$FZ`r>!<gh?7s4PCOo7gX`C#9mq#01
zOh;)sUpg<ILtaTi4xy<YZdo8r-`076u^&i7>Wp#VwTv|T;7n7kj65Lw7AXux7yA%I
zVuX1=W34Sw@_dWEf<K$k;;JnWCk2ZsT8ufW(-A#e`@O812$$|;bhx>*nusg~o@W2h
z(DNKmx~R>EL1$OVe&f~%pJ?{-nzhM23cHW2lXGs5-e5OD3(dw1p62L)=!(b79-zyT
z{|3wGE}IlyKtKRj;H%wN*|;d*%KyV|%i)qoBd_p%!u!jCn5zvI8QO|$2|d5Z{qA(i
zNR)*OuBe7@hj88Ep(c`8*`M%iexn~~Mu?@=&ZohBKV^20xYx)GYrm@A&3(V;pe<=d
zu%83QcvhG5WuwL8vOn{wLDW4GaM`L)Zi#`ro=$6DLUS4H+v6X^X#}NxO1%RwE^dwQ
z#x@#Q31?q<tJbEDcfHS~b?Q2OLt*(#)4C!xT?fm)>K?RE5Av72^L!3OO`kv?-L){!
z(@*4*FDwj|w#!hCNE>MTR@E`lrliUql1XyHfEG<4_90PBv)V!KtSqTV%pP%0=jwhU
zq7R7dXtIRS4*hbG=2zSKNm3u9e3%8`AFMVoZZN(7<JW+HcMwTrwFbK8uWq>5xAyxy
z+N^m&$+AK%Midj4_DO47<pXwIU~ZfbW&;U+dSIN799IE7iMymMiJM##I&}t#wwK&O
zBP&<%v;aQo71X4Rn=WWl&z<~{%_^KRq3q@E`g8q0Q`h4GQY4Z~Pv7RX{Dh~jOGS$q
z@$*Heh55t6y^(>uB3CQs9;rJf_8JvlZ4-arr=-aADtU~9sgbqvi_$Bfi#`07K+4S!
zH1{6lq(!<hywMw9Kl{Zg+d^qx9{uR}c&KKT9Wa2E#bsqNd8j$&i#QgAH8+2=jw>!L
zebC0%KR6hA2jC19C&6tXHkY<&PeaXcYd^JzlA=9e-&7xf3A-RIyHU+TpQ*l^lI%lG
zv9>S3W+<JbLH_F#1)d%H%YW=&cTK>~ylm;4`0(1U_QIp<*l3mmRAL|6lhC9-<6VUE
zvU(E(oE~<u!T{1;#YPR7%dW*)IQpN2Lp1h+ESjkxCn|MvxhYyv4Jter#>Mvo=ARVU
z%^s$&tm2&aY7A*$F&5R*DSg@_$vd;YjNgnUBqWAsXOs7T-)4N<!;6UB?_}wDd*I1!
zqNmri2iR}DE~TZVxm{gS@b)m;;f0QfJc$SfRX7|Tq)8?vEghZpyScf!Q*ooXy(|Ds
z=5g)Mp#wNfjZ|P*<(lr{9XKUEX3!{?wM)6gTM`$+ksvI|k|Z9B9(M)(eAFesUs(1x
zcbI6hBZVJ0;++h6@-u9nhT-VK%%;ApbXB(3&_L?wCpPI3*kget5d|s*)?i>zmw<=&
z3(T`(mkkxZr<&IG?X!dh9WmzIdp<mS#iOaO3;0fqj&fpZ*Y}VUH`3Qz+`spXzf-;-
zD}tM&rFF%&GB%D<Pe>9@N~@0sGsr0!UE$Yudh_%vZyijE4qxQMR{ix<yH#@cnGE@E
z0-Wctk*@WfcJJA_UD|$#@Es-}&}Ky@f4XS$!<?z_=ZEVxJ53%<g%hJz6flXjWiEP)
zU}CxW$we(knxc(s{kBsQJN>R4+;BcbvH4QI%H&Ju(}t<<>ddFevJzg`f@%b@y;tQZ
zV!%$a8%R$o8wqiv8rs<R7c2ob!J%b<oM5g*-yLQ7A)*WHss~JArev&)<g(YnV#@Xk
zo-SyWaNZ1cSNZV0lp@-qJCvobbOc#$vq1hE5?ptj=UCB@dtN0&9L8^lH^k9u5MNkU
z=U%W@bFONjxv^}u4piu-Ix9J*9F)yt2}_)5zt(Ivkh;Sg`Ja}V!FOS#u7gi65^jm%
z!EL(TI%Lc7rSqA7?LMbdnY?;Z_AzWg23*KZr?XniRi4;63v#yc%k<#*n+!i4B(!DW
zyqi26(N2&6MYkC<yAe`|SRio<o_CC_Jx9n?sU8x}vrHB1bZNYGw`x^rUs$0&q7`eO
z(m$?N+Blq-*csvfe*MPp<9*2ae()F;$M|<pAA@E{cYGh-*C)4hF;GL^a!taBBc0F3
zTd=H$03lfBJkkN1k@4e@=<jEve4MPVqR0A3JyN}J!X)JO({B&|nt;Fs_(rI=DN)dR
zuA_gAGo{HQ6v9!Yq!d<*XfL&zWAqn~$avCD;tr#`OgOS7VMc$G=r6w0F+2OCc;p<5
zk)i#AuPQd0mynRy7HlEEMr47XPeV7<=BJP&o00aoWVo4y{DU}os?mdq&eqEvUG}!q
zTxt1aH5QtzD{h#eSOf`fjgj7>en|5GBHe<@5&qr9vOs-~dmXF|dUxA_r3IF-#W0KY
zAbv+9#WO()%=2uQ(=9ocJoE2_*1>yc`&UZ$FR~)7BKYB4PEaY0<0X%~3UQGyPMF>w
zk7PYe+a254Zb9FlAyE2{1*j>tMacJj%5_flXtpDvGZe>i44-$ABHYQk!=fX>g}bWO
zWJ6kYZ}2ALRNhYSE(PZ1-l<WL;AHf4Jb6u3ZP`?AN6W^pzeR^93)9#}SVpHBY61%|
zxMMA8+h*Sfb99p(gp03F;J#)B$v&8PL$%(|gmDG^XeiU=p6A}`M=tfmu_<6JuQ<n{
zpTsDM6<*ukiAU5-Ne&G+`4RvJ@z_KhHar|Y079y`(tpHLb;4sPSUBi!SU5N-=^0A|
zggJ^;p=kxH;vQJQ<xLkx`NC#PK0`T^&rFG_MMEflC4~2!wo|^*hj66yUU9g9v@_k$
zOj4bs03!bJ&^VOb!Dd0$ZZKzOA2uHRd`$E*h5(IYF$^XzA0~9yoOB_B{p-gkY!*@<
z&>ZDZeA&daqk^DJOzAt9ixdEM?cUT%DWQUW|3Hih7&LAUO*+Bp;U`DC!xh#`xkUy&
zY6ji0Ki6>VhuhnIR=}_(9+{e%sRCqtIE+>$w<Cg4J%T~A5M-^$s)VCsV_6lx`uqDw
zWsMt!SrGmGI4^I8bj6G2QW@MUWfMbf7JwcnEe<eZstb%5c!0o~fj*+rPWJUCyaY19
z-+UY)y#$28XD|A{@Qot6j-#;>K8&s#z$Agib8%~5QzO<TTq8h!u`NWqqpT)sGXO0H
zuRtOF2SJcc)@4@R!rjm6g*TYoL}Sud5@;}DRXb5r1iQuE?3(>y_2Hx4r9A7UZdHSx
z_!1xjr~{&8Ra#owbV~3}i$x_RdS>S4YAX2}KN%pkrka&DZE6rm;M!v&E31CV`ygkx
z$WsZ8IwGD}S0rmL7x&)g$5TK)RLMgKN?Ny2ZQA4=;4As<NJEYJ8wW)svwnlLfS_zQ
zm1&M4d3lY+WB&&YDAGdW%e;)$expsE$M^-$&>Hc<PK&yzJnYdhuZhoog5E`&^}d9{
z6Bk)4GE+<^$Ws6o$J;_R(VR9gdGvH)%`<Yf*^suesy6ua?!frJ`%b_2UP-#P{LfAk
zt!Z8cN>^P=b0~!6jpV-et)>ci4eZ|7<igaqi&4rH4)hNBG9*duj%K?s+vI!U#-y2n
zT!Imp8q(_j$e2LL%uG#RLPbqXOoBAXq@<+UdV9Y|buj*&*%0|NL|`f6YyRns5gz%w
zV7TorqwO6qfmhj3GhsGIE_nJP=)CBPe`JEdWUmiMLhbbeM<-CxL3GN?w?$2Xg~rfq
zx%Q;xH~464UbhJtz8C{?ez@(~i6eZx!g_eL$RH00`u(3f9~V;>%rqeah3p^DYeRQK
zS#H7p1b>+oLZmZ(%mXcnM^8~x@xtVgQdCBkKl>k(8?@^0IiJbdQ5ajG3D@a$x%-bU
z8W)NHDSfX!_dT*5LUXvgkaUz1_rhVO>ywnJAhOf=xt-F!IsK0IRD?oYEvlaq<t|nw
z>-m3tQLIo1IuzYuGqsp!>zd=XP^Hwk`S5z^9HMRO=P7g0$rq5s3ozM89H%m4W;Iw0
zL3TEWjYhc0ZoIS${C?wd6Y{4314%uY^12|fDgb)7ivhSJfm$Idx^*Y&GSZGypQ`lA
zq9!q0>g*-Wc@8t=<5=yPkn<ZJW;>0D)(eikq4aUdzqU`XV(s{Z)%lLJ$3b@~a)6Iq
zV=B<96gS#Y9Hy@O_#A!YzYr6o_N`2h&X!&AA~CwD!}=*j#<{3lHan<g`Zx1Gl$Moo
z&#G<`>Br#{6!*;S)aa1XLkT1rNFw?q`R#T?KXBTnG8R?4@73;YzoeB}2vxBRbVTga
zleW|no}7SC3|t={8>S0UewPtq`-KqO0f;JYe%pHs?c;L418JWpF5{u(N1+-8zHEK2
zn@klA^hwP2vbsCcGGakWQBLbX7X-g-+zX$QIjLiv{pZxA!8@X0_6oO%s7{GM?y7S_
z70LzNqCiH;eEooR324TAn9avnuAK<x=QkFZ@a^|LiWP5GYMD#QT)qohkYRcZ$<-qv
zd!0_n*P~M3VuTL2H{0<GA!nUZ4>l($k!x)VQ||IwM%+~PRr}(0=keo{6v0kiM7|Rg
zf*ayJT$BtUrsrOFNQ$5tT3t1mOIa$<pVQ0RJT334$VxjH;*OHCK?ay1TFiUM%j0mT
zazd;k+|iFW2-kSi$*m7j{n0DLikXsvJE05E{tLVMAEWeaaz6}Mn?)b*n42Nf`L4k>
z<^qnA#>%8s^xSwbBN30)Kmr+2lQ#UN#i*!x*PF-<`-2rf0Ys=E_4948veD2i=Z8~m
zkASlv=trt=pySh|WWwKc7ypR@Rk!BmM0)Q5!#R5+tAS)Jc`lXwS<7aKTm>X}Bhx%@
z)YU@#+oJx$M;_AC^d~+FT=RpLoD9gd^ZpKX;=@;5(jBpTeAHz(nqHo!No0^Wv6#&U
zoGhDjPH(`HN@_Q8Ez2w&5lIsPZbIJ_K>tf66O4FLbZi#lv^es`lb7K$;<Wo#2H_Xz
zscn=c5Z>jj!Qac*tOBX?Yx-^7mqZImcPS&-*qGHAfR_gTLE-?Gh>(!5o2`FrOpP2W
zs-OT;`>eW)I|K0EAA1y<e{FmJZadfm?~xahms9u`jalJ0bHaJyE|!yxr4%{p2fjR(
zrbDXsDKU4;(n9)I7GMW@hM$jPpawcmYRMg(CPQD1)<HI2>XZ0#Vo?4v!(JD5j(Z}(
zX-R^twV&eh;fdR`3s@<UNyDG5#|8=8&nJ_cr|~Wu)(JT=LYI-@zu8(}atHdOkfDXl
z#n!dtmK3s{x@S-ot7?J!gX*NQsD0<c&XNO$iNN6F=a{wE*nYtqYmo!CRU#eKl5QFS
z<t4QXp-+x}r&jmdRk_f~d`2EF^X@dB$poRb1R&EO$Ip*iK)~;~oaDKN*uwpbALUiB
zNQ9{sWFxgr*%@25hS_^_RZr;U1tXw+sZKbV;w97Hb`-d7ivG-a8jR6stVy6)xdSE3
zyWdI{82P-f3S^`+(_5VW|F!bbWlwJP&Qk%cSP*wS$HO!Tjrw1@CW&q9lTtsOP%|Aw
zRhQ65`G;2<wMg@$)2Z`QqP*J|%K!~+5D$dem_aCEY=J?#4y#(bJQODMXX5}akE9Kg
zr6ArDL*`40lfr-Zcci}j3DgB#$V1v<MbJTlofQ*+&VaWk_Q&k@DVg4j=BLQS;s1M=
zY2p>mD7k;kF+?(#V1a=`4z_y*aW38n-06iYrOTnfTy+5{B)QL!p|BHh-DPz0=+Lih
z)8qW(X&FoN$HGNR<oQyOAQkoMFDEavyoD+b8XgFq8Cd=&<L~vQPRr<L^z^^2hk5gq
z0dv~My4sNg%a9+Wl1GepC{hiYJMVP*vQ3!jgX+;_380ibKM#VRNIk9NabZMkXwyt$
z$$}a{4P*Dz1`5GxH~>{VB^BA_u}H)tVAKK*Dqvih0U%f!Ha>1M_7Aw_{IQXaPD6#T
zn!390{9_|yWASg_zIAH2wdn$<F5~&hUz_}eJNd_>MLF=gVjn2ItAjhqYfVB}^TS@W
zEr&{`7B$J&WGH?mKm46YzUb6(?r}}*!{FTu@a5l@7|NXiQJ3oX1~MY%O|eEhlE(y(
zI86((+(Cw2m6%_V9CreMPeS^EX`MV5oeYYSGC;mUCa>KJq(p-n>5*v#)~d?8^M1DT
z<?4gHK@a!HJ8T<Es>Z9j%c@O&Yt8oK4pqkSRl;oAgt}{M;CRfDqwmE7x_tK5dx%|Y
zbxgzze(@r^!p=DtU}cb`_0oh0qltv!gs7EmGe{=MRHcqS)1N1^CIZ|WJ$#-@mQP6H
zLvg-nKmE1BA5U*jOdJ$97q^Rwl*T(4YrmFnK<e4TtSqoBq}C2v{qD57q{|>9of<nc
zka6qQ9YxCrsI(GsjI^_O@H{WO0foJK0clUxVeM_Rh|TId5{Oc3NOi&*mvi2*C4{&~
z{Wei1`i1X%x%wTdwQptFxo7wD*>g?i#2;rb{>(JqQ(4!MU)U1^F0F&o<4qO+vusz%
zY&F;6*^z4F3HPkWX-|B#ScfK0K0d#;tKV$f|9Eq)xLGDzwIF0pIRia+z)iP)2N60s
zSvL+luV(v^$FIp4ZvA%5VyV1_+{8^FR~oAqblwh8OiJfcsKr#bWz3S2VU^3$n-#9j
z3dRFa;&Pb4FZ<^I`zY$GQWd|FQ35y7rjm^7pQiPBLO5OV6sDN8!kUpvDRstsGb(v}
zIYTmhB^!1B3bo!SV5jK?+AtJ|FB^{nu-2haMqm9}yX|2|cIKcD-F5n&zGr5fgvFxj
zo~?!IfqF(lYP@;^#Xh2muUnKwlgfV}8HzRgmNtV55@eTfQIkMCBZ1dODEh*{rT;KS
zWYDZzXUx^CW)+Cfoo4qz*p9boGi0<^xtnwP9l&d;`174)4;hpkw`B~Uwnzb3;sQXH
z`kWEamb>SjF=)pi^_Uy78AGsw8Dx5ZsPnHoa}ZaKc*8Z`=>QUrtPo0@7zI4?<&j-t
zb#dkJlQz3R7t5oAbppF8?OXdr>$Yk^&si?;2Jm+N6w&16HWHiletQngqqjXp_RK?m
zr34UQ@Om#i7#%R8sB+eOXC!pYYhOG#2E7fy+-jDx^Fg6HKO1u1{pJYW`5zWFejU%~
z!-#q<!Z)Tu1bXaEX_he(^YP*p5?{j>xEb}iM1H#I3JbHq<(ZkHE#9I|Y(`6TTscjv
zOdSy!Jz=f=Vxf}a;#BYgsX<vuVRfVCivJe`6U{w2JdIT6<5WLJMC#NJJHm;Onxk2E
zdS~5=7J6t<?TpTGZNLPxS(ikMs7ZRlu&NYwS?ktp^_@;#q`kRMRK=sz$KQ`8E7p#K
zu%mj$*DRguyc-k6NXuH!_<}}t7Debbe|o0|jNS-g{0aGO-M#_K>9srR_RU}IijCN7
zdK2U(9pI}wyzfii(iF3V^4vdKEpy23TYp0hrO{-h&F8n!H1!XKoG$J&N@E6x4yUHZ
zdVDffzgq~(SX@_3%1&8a4-Y^5Mnn*gv%j$L4r}|A`gN16+Ul4*omj_#L?xxict1oY
z4;dKK8ay2xOr&*(st%W2fxWRf*8Tp#xvc*10(qfFxU-Fn0aSg!?n?yYWKr##qG>YE
z0sa%mK>Ft^PaNWxl-jM^*VH4N16j_Q%+(1#Xcbn`^~!Wx0${6*m&Aqv<qszcUF7My
zKw`jAhfD87_qZsEMLCP#VNZv%MOHG+b;G7wg?C@6OGj?zc%U#Zu8^|F^Vpaqgyvr}
z^TR1yGxDV<eLz<Zn3rN-#I`VondwAYBGNMIRTv&%sOyz(W@emR@bungJP#4;BmBCe
zlVbcxy1l+Xw;UqN0R5e4U~?1@aWAttRy-QPX&W{gbr6J~qeo!3b`rT;_~M!7qGK3@
zSs1w*^oSk@W{gmJzaDk$bk2&6u$Lh_$EMLNst$DRDOx+*iDfK9_v40O%0QG>3a$j9
z<7DYMFge&%^zmvgO3_@j8FSgwTuK-f3x2oK4z(wb<<>N`(cnaS)1-fwKb8O-qMjYF
zT&7OqK;mimBb_L<D~2~SAA&P3^#5Y+y~CR5qJB{<fQS`DinLb+1O%i@N2Q1~DIpLD
zNN>^!z1UEZrqX+F354E46Odj)4-f(ZLg<ki>30BqzwbQveCOPI&OOg__aAv?CNq0x
z_qBfOxAroN*E4>%f~a<vjnXO3MFdpQFKkANU&ex^Gn@I^+j818d<{3w2@I6f-j}aD
z+|>WEA@IWw@eS<FZopz)=5quPF?RgPt%J*bI!4vC`3*ChMLYLKHY9yLn~DKr1NbqO
zOKp#nj@zO3GxoV{vn2Pr!)c__*B`s*W_V7vjv=wS*+B83<x3o0WNeRgJJ`3Rl2lCc
zwt$~de9A)7@SaV#up`y?qXbAsb#)i@&vE5WDOyfFDD&r^p;w%jx}^D}MD(JDn3&v{
zT8ZkVo9@rkkC;ztPYPXf`*6b?%>o$XKB0|*E~$Hm7V#Q}&GVn~w65v*<cL-aGj9wX
z$vr-{)74FT3&Wmb%dap<QBZ9rboBAmo)Z+vjx8MIk6oEJzlIZW@;Q>r=JzLW*4U^E
zgWagvYmIrQWtg?|hkZJj!2Wu(sUrT;I+~o5Ba3l%IeVKwG4_@z#ItVH0OJ2BFlmJ%
zwSRY<ckFj#J3@1}|LZ+L7s{{VBHT>1ShO3bFKMpOL;=G=<gnt(gp5-VMH+uVL`iav
zNex#B5uxCpxplpp@CXb{m>jN0e>pbO5z*Gt$8t81zWl<>@@i*eK_PUY`$&epT#(8?
zKsW!=qb$&$Tx*SOd=b`l>3o<6a+5ASP!zpTsNcrQMoEbkoK6js?>u)O-99yXg`(}X
z#A9NlV&<CP&^(_3OPT-Ccd`F$y85%OIQq)%dG~_y{nk0N{j<ME#oDt|*kY5(Nmv<9
zg{jOVP3!jmB}BCL20x`h3|*uY2Q6EU5KOE!<t7<*|BQvSc<XFN_V;I*t#rOM&)Vg{
zh~WE~c(OU3KJPh@tDl)PzQuc1sz7W(IGxBX#Wy64hNo?4l@YJ<!~KAHh&G&1sa=MS
z_OIJKbnyqfg@!4&wk?;>@Pdyysu$uFFFvMX{1$qGygZja64tC`Z+NYc+Fn#O;d+~i
z<eFOg-3HE6qdiHSzRhC=OS1K-$7e`{ME-!1Db@=Ye#tH6Z6;o-JHttmvUUPHt@(${
zCV8)ZA!qUF?J{3j4-BLLY-l7T9)Rg9!g;CO3pA!E9NJJY<{LEt7)ySG7+CJw<AY*;
zH{W>dzZ0;)7o2$igXX=kQoAblhR)0>fW+&^!vzQvZPw&h7#$(K#T$6EKE5Zhq$f$r
zHc`x_rC4VC{}m!>k>#8XN`)ClZfjWke6}I#sri4uHUkEZfhqhw9SzWpHlsmm{>I0=
z7&3>tws=9Vaut2~+2_l?16HMU<%wDTMH|w9mXoq}tmO<IYdIe@tXU#k$aCG2XEy=P
zgdcFs2~4sl_P59Wky~Iw<4*v3zLH|^Q4gO!Xx;+0`;Xx~?#2Kg#h;loNA4mZ5yP5~
zg1F{skAo>bA9-_$ol2ncg~gc&S${v2*==)+Gby0~-FE;`{JHzMk?x7gGySA<bpca|
zTlYTP$=j!>{N?M~Sz7xNh3#UPnrT9ue2$7>>pZ#>AP*P-myU&!j~ZoRN=H*#7!IyO
zViWffi?%X>4+jP()$>M9B!61{y$Fqw1XM2)Sm3eJB)cDc3}pkL868k(A*R1hv;EJd
zEDKTsI%rs1O%;07=R<I*{ZZ3rt}QxE>U06qtheu0_=Nk|0>39L(-VZ0-wf@o4ON?X
z-u;7O?|zQ^jFbyINcB@vfKY$ESDh3XYK5ptXlhK6DDJg~QfunD&&Ax_6wBJnFi`eY
zVh`^Lnb|BF^_X0OQX?!lKRHcuJ9(pp1~-(L!u9B*pR9`dqpr4l;DftByL&^2#2o)}
z^%n9jA5zGB+UDXc^ZM9=PhK*0;&T6TSPcfwrvr^B0eNrU7Z-hIA!02&O1I97J$3h9
zN`wa!J*GsGmjh;&ikp*A0Eox7&}YeM?FSlP(tE6$&%`c_N<)fD5Bopnss&3tEAE|F
zJ|Ti0FA(4NCYKb=MI2qNIek&n%m9^vVM{8U?=Pw+9HMkWUM-E$+hd`!UV0GDoVw?d
zVV35vvm1IvIbLrX4DoM{95&i)r6vC}?X?vhvsGKdu2@oW;|4Ya9thI@rrG-iFh<>o
z9k1?p+L%Teh2+mEU$gTssJO(jLS%33B`OPY&@4T&f$518&9r{N&DFE-gMW3xj0-^)
zd!ZeU_7$-7iLe60KQ06>;;&d^qh7FDGg+!h8CMG@rx3*(ttN;n2UgZgpED!Jjk<Cp
z*%s~*RcjyIlM>(y+KN9@K$t<821Z8G_(9GL3KJV2ADf3>+S`k-(E3f$b{%i(-2K7!
zE+B3>Qf-q`A9t?qy(zV0tNz9r2Rl2}F)X%Q=lHIG)4Tp)#=w=o_733iUr6}>UzhXW
znF|iEdGD=sx_Rqo?DNKfZ~sH^0K(!y30~29B&;k4!ly<7001kls^SDJ0R0ma_T})z
zpYD^N3m9cMjwT~{O3oYC>_Ly7NgrSdUz(0q&shNCd=5ME3j;OgDG7;OLE0C<n~nQL
zas{`8k%%D4;^=SxsV1nHpPQ#Lv)7!eARx_7zqid;cMLgCBD=}O{o(OhMp^3Kt6cZc
zvzHGOftdzbsldf@l3CEH2h0CLox*4C{<ii!EIQJflU!Md=8J<3xvb4{tkfl!5Xnej
z%VS27;YM{zc`CMF0&Tm+ThX20Ki2Ml<BRvy$0Ik(C(MC&IyDMYk&s+Sl@14XR1L3c
zO^Qw~!?D-89~h%>W4r_r#F>;>*X`1eTcgBhi$&3FYtdO!+vVeXqw!{S122DOvs@tT
z$}1fVAih3akJ7sUATBHhcg~Q!DqMU(;Ri|bH&#X3RIA$8F4&ZGxoxSg>-YG0z56}D
zSN~GsQ+0Z!i(;s^Vo0(dFMtiGDZci1hvAYS;mrv#`@UynOa1h|*6*p|-$Kw|^)jOT
z?m~|?%UvhSln)2*ckG(SR>)i{uUXf!PCO!50PcXY3CGn<(uk<P`+Fg|P5md=PMNI~
z#V?X2giN@Ri$dU0xd8{Q`D`wJmIJe|<2Cr(!O*tA|5=iI@eJ*(B|)TfWf&IHa##}n
zuzoiSI~!GwSkAT0>@<v4L(wi$lH4BljCAe9u76+OzG|afP;Ym1l(;^XP_SR8%&y?4
zibB_NLWAvr)yS#&xK8gq!m%~*A(z^g5kGMOE<bK#4DMiJmBbFv#VEhX(z19qOj*!e
zxqmtGPGv!ql&E=m#1gWPI~BI0SJ!|e-8=ir3g-7Car<a8>Zm*_3BAS_&1UZZt$GdI
zU4vSybtde|-3&bn@*tN7gs|@v$9*Z~1}yq~J>YX33uRRTeCF+OygZ2yjiQILaa8Q;
zfjVM(N3pyWV!|!mDB3s3uf?CXNlC6>WNtUxU#!k(KKw=OsE_g7>QFcTLGxv`dS5gE
zD9p#J$S*+MaxNAyc7O;`2s5Z3>ZadMn79*A2wWVm=U3}`U#R$*!^Sv+jd+VuhnscN
zoFlX(a(33xo6A={++Fu;^gc&AoFA+Rt>L<w;GGS0o)kz7(D(Sioz~L<TSGye5^4-N
zX82)mx^vy9?v}Qpdx$}Ldd1Nwwd1b2UXds|0?dD|RsHBLV2-r>>G`^jgw@NTeO{)P
zho|2AZI^qTJlrMv{^6>G`BV{0dqr1T-Vtxpj7*sf-C<f+@IKt533%c3>*E>inqgyc
z?84WB`m+1iO%xox7pzt%QLCkrM<W~SCFR(zkozG)e4PX8M<r&V^KiGS+4A_GHh6{T
zg|F<3akj|F<b5;fn0+mD`{C5Wp`VF5bap$oqF`}PUR{rtq+t^iaZH}d1}uzi0P>!f
zpReTYT|EkSqw?P=jvafnO)kEKG!hbAwDbH?pe2y7BfPUA!0-GPU_`33O-(GfhxFZ&
z4IvmDC@*!2#sY%Lb5(;oqm>FkQ~WdNKvkmzi2a{t&Ka7{oCCa_%Nm3=O=lP=NM6kk
z8l4)kfpU_--<{fEfkW2vKgcI=Y!dX}Tqb15HL8&0SQ2){{B%0EWNO~}TL2Btjr`Kl
zdfYO7@Oh&N_nHl;#YHydyFc-Mt4tPTvQm5F^`3kz>m9#V-4D1Iu-;{{0DIV}Nm$eK
z_$yhxC^{{&&ZO}E3u=yxd<F<pdiwg||N5*=0bfkQ%2@Xn-~yba|8G_n&M!wS@6;Xg
zG0b5R$Jr{$tH~iBzj$-~fNI%~@417_UQ%S0srsn>&8F|34*F}-B(mW3=#4t#?6W2z
zsx-EqE*S^OE_Odh7JV1j`k2iJhaS32rD``7@M<@mqZPRb7g!9vm)<bdQ}#Mc+GA4f
zjBI7Nx>UDXS<;TM#WP@EI(-{kTM!tW-O=%Ei!eE94-~JrEMr$tQ$yoRmTIC2{#9tZ
zcj)aP&#bPEpHfB^sH`jn#n3@3JTh^2LEYcN_UXB-rTQ|XfpcPgjaPwf3EyKK>ZS7J
zBNs0I0(|((T$r#jNAs<5?lX)M9Ckj&B??f1@gCCs$ugFaT*pxdAlmlfuAfA-Bze7a
zs`Orm=vMOrE$PjN$;sp69p^!z!7O%^_XQI$ria^H#x$=6S@VEyWu>2c7%Zn7(DUv1
z(`cW2qQT-HKwuue0o(y|f8~_B5RQq7gd{P70&yFbRR|XzyPXFoxJ6t^lGZj#Scfs~
zbg&AWG0xt<d|rnazY$>!(PlazVqCivkCb&uS%ohkfTkGJfy>;vu9GVGD=EEgnpAsY
zBht`#hy+*cnUAClRoqIO>w^Q(MyVjRE|d7mSzjlUavSvy5ENYiKb)Vie?GJl#08V_
zk(Gi^4D)~JfKBfe@LSNF^c`9JTGT3CQhEYo!8L7Q>Dk8Q*D2IadV@Gt{2#@dqZfX=
zA1b%jACzvO6k4MXq6LTt4N%K+ek_&FiTZk+3F|`W;qtkP*}>esB#gC#%*stcyQo+g
zb0gQuD~^9ME*YP`@AyRXec=fZb9_v~8Q%A!a6l>g%NOHp5>^8N|E(C5N^U`cyRw~K
z{^H`Iww_+@;lUpEm_dn(()L&2;^OKr&DC0F?B(}FYnbt)BRrF8@SQ4{!NK{qFAOW=
zWm+-^3+R`}5iOs}#h2%O+I}7SIQ6;8-|zjFa!VHY?=)qo#JiolK(f+cn;!}1wFfTt
zYXFtqcbQfE96{{UeM5}@#0Jgi<sYgp_%R0H@6Q*2VlgEh@dfApz74QCSeY_+1*wc_
z{@gA*D`oV>c&Ns6!|w7zYl4Gq>?B8QZ0zD_N%j>M>6g)G1Nmh{wX#(DKGAUh-dUJd
z2&PM=HS+1}In&*QR>waPeRcX>Bx4B_@S8l448Wh;NOaPtMB*y2<Av^@A)lh^`Dkc&
zYiX-`@<1(2a{a<<8WPrze`{4XevKTYU;ff5Ix;$%TK5deo0DF2oN+1VKwJkUT+;Bx
zRwkcsJAl8rg5H7tzOrko>BCmG%t3okfZ*#$PGIwlkiU5%xsjEPYCsj1vixn<^KZG%
z0?sGB6Mu6@Rkpo?ADlz<p?o(i?CN|=6Nxdi+`@OzJ!j`{FB8ri>5WeLUH|RpKil2=
z?1)g@S3!=noxL<Gk5s-;e`|)`*ZVg*6f8c0evWzkr=-0BJ8yF*j}D1$Tr{tT{8nUU
zEQC7{B(55JWnOcRms#vP65$EIUPQ=BXvV#N=pAL<|4Ru{-rDsL@3C>su6m#fsnl7@
z@sjDQaZ`S3a=cw#a=Oy^&r*dy*}r=6eD-SI7?vBMvlJXC_`Tkj{F?n+`@|~9-iJ#d
zd>i0{n%1Ru)-h9E7gYC{nmnn1vPQrupkoED&1v`}q4mw=LSJCr#(Feqvs>pd1tW(T
z?6j8&fz4zii@(8N#_E97dh_|?<ln(oZoD)$*4GRcfm)Le$AUZsbrcA@?JLfm2>iC%
zdb4OR>GEhAc>8MK^Sxe?L*EyEwBvdIh-*<ZZ$^p5`ON8WNZc*7`|N=0pdWQhohti%
zQKnV4b^`S+iXSa%fwO`nS>y$K6sUlMvu?HABgpt$WGHyO1F`2Y)XP;7SNm-x&Y7>>
ztL6oLau^sdn<@3^BMNy&N)-sZL=>FuHZ;Z4(u{@ZXFK-!GE{GqeF2{o<kj{~?wDtw
z7iCjA12{~+M)lgor7`O^xk(XAn?|_>x02N!I|k<s3mhDK4lBN4sTN~a|AH|e%Tn{S
zzylhD<5UfHV<oXJSR=f>j2fC;!RFse$fxq1i{Fqid&8wl>t})M8WNwe;Iq1D<X+9&
zf6bkx{+G+kaUN*ihH8fW_j1Kf9WeqT+ErZPDpQ&rB1+8m(&QeYCi~(ceZ)Na>eqjy
z8sWa?TzwBO6U}7;!n5y1?l`W^m31Twg4zSq<1}+PT`rc|3tFGfKJ$wr^TQI{!p52r
z{`K~UY&ClYSk=z+^#>5&>Vtl#CLLnX4{-Si-)r2CV1!+rQCFv1)=LDX7P|Y1tA&o*
z3kedYR|R`DG4)q{sQgX}5nmq1*fmn3f+$bqtaw&pe`J$iy0m>?fA;05N>Ps}J<J_8
z=X=TRju_+#`T`DJNR(NZnnee@g)<w2rY?jGLAsed;?r7$jiKia(-mtE&jdM8E=4({
zRW#xzMprc^z5Giu3lGwmN_68f&#J^!o6Vac*Ya99>yVV4EVb;FKGScoXYn)0`&XBA
zdL{772?o|HL45@*Cqp`gd$dp!fv&7_B0@x!-Q)am(mq)_go@61yZHR3n-yE6uS%mu
zRcI6Sa-GBP2`v#HDSFTCFb#=_Sj{d9jz?*D3bHQ-0~MkJ`m!G3`##Zi&95|Ch`t2=
zJjiXr@*Fqy^zU;SCOmZYa&a5ME1w*)#+UogYl<R=bPJZg3A<#lfp<~;*!)cMJCAWh
zPuz0Vo>EY^bM}2^Jfon^kvD0_f-Q%s0G>(Q?{Jk3VjQ*>&Q|>vzulRj8F}9A`A&L;
zRqoupb@e2?UF6zQeER;k(;Zi2X)6>v?L~36I}nwhW(!>hG|sm`l}3<i<#<c=Dy~F^
zg%*l=s~Y=X_K~+}?(Xifj-qSw`9|UmCN8Nmn&?AfVU}v2G4}?~-|k+8^9}E?r`ubh
zqre$K?AHDA7t0b{5_5yzk9w~jO72Vym>ur3B84arm-v3KJ?6fpOH-c%W5}jA%n66)
zJhm*}&kW(>j7jG-l<^&H5`xQe@obEV&{&mM^jGxY_~<?*7F5|LZe@DE<w-M`^#;KW
zghvZIG-|$;e`Tn@d*i8mg8p`M`kO})*f%yrDqqoJd9a%d{$u9Fq|@DHWx?f^vGzpK
z=m+`vLXWP-A!F>jHO+${I(EJJs~&f+j;%H&P!0P~%I^Mx)t7swaamje7iuVXO_JX#
zg~j90zUAQuUF3@rGZy;M5=mb!_jZX(OhoFrBMhw{fqhSUXw%Acf%C`r+DOgcj>dbS
zSQx@r-8a>$i+IlNpY#Uf?12x~2SR><&IDYhJW7?ek|))VS;Q}5!GchIOL1WVG%=!+
z<z35N<}@e>fvw%NJPKhbo1-8VK=z`H7Nb5Mq&bEG;@l_Q)ug7c2Hy5r%HM9?#V2G(
z07Z}3RcSMSQ@k(MvxAC^wd)YNGcA5bsC%D5Fte_1f(O_p1&%;ynVV<s5(y3!fVede
z(LA8f&B=K>kfm1SBHQ{?O7Tmxq}H70dJ>-?R7)%Uj-pMe3r4LwUUYK!vtQRvdDM>Y
z*Vx!xU{~P9UsFwPoFqc%kJs;P0uBpfVkw@G-3`Ir?QRCt5G@eC)7zd-ob&d#$KJ|e
zQK06E9TdT3nOiFmb2%9+H38uPL@iLBiDkcC{!dsno_8`Wq?%G_(S#2=mLI}5>idbM
zuOIiCKc^;2H5J&}udk3@?Mg-DfPLgj$p-&2w+k0f+ZU{U3ij-M)^)nq!v<3qX=8aW
zWKt1WSB1|pVbkP;Hs{mB#>D=t#!soUuq}c*w&o9V9*Zl*+mm2$R@DQ7vn`t4+mL_E
z)%)Pyt+{6Hk>%C3<mY_9jLkM2j7RAnMm;C(;HhpNt{Ap!C~Xtc<JzxEO49m)bx1#J
z9d4BRK5WCClMXr+@$DgKQh4iSRLj`x93A_|^-#dsbNq$qt1RItZ-eYEsDxS&F5EdP
zI`Y|!LNELx)7Tcq2nb6JIbQNl(!xLLf;w@$hrIpV6@1i}bNaQs+|G?aico8|q0{rY
ztL0C_@usM2KF`JS#f(^086`cQH@&~?@)pq^&VkLe>zt(d!08HzUL>-juVe*0PDHsI
zIFkO$tgnVsZ^@RD$;c$CkCo;<ldxaPDT})`EMuJZX)6a~mrBpK#G$OM`QTXt^Tj(i
z_$nVQwRGRjd7Rx_?d|}Cxd^y<48R?ySMRRrG#j@>dUd-EU<}L+D+10H4EE!IwQuM~
zb4MD)g^`u%Iv^jNCaNK^CN9CGp&o6wTyT!Og!@9-3#G^4H?rhUUi?+Ho}TAHkd)H@
zTM4pSfbdgVwfvII?8FO{M7Ax6ug)s_)!Ym|d*h$Hv%MBqm?d*KwX){dJNbaE!@^fI
z|GbXm@$sV+Z~h9&vbTZryG)P%%E_!6fME9ZQ_5daxtH<y{QZBN8_-|AB5|1{zu2np
z_SOov0{50{!?r5|h=^J-I6MqTBGn=zBNr#@>v2F9DYi;mmKkYjw}HsO%{^zB!ikLX
zH#byb@$KGqU9PICA)$=9eLYYKVTTDH{U^Kpcr0X&sAOT0<+Z(>3q;b!W_Dw0z1<~%
zia?3~m4LIZ9V-FAPy3J4arh3@PJ!?uuG-;&W(7y-;7FuJrJm5!m#g^q@UGB3qrIxr
z@}rrnY~xE;*=0jUTRUZ`>;?LP#G|a|3nrICU2vy$!z1jr9{kP_;Gwlfi5N#xc=HbI
z{;1c45W3i8#;v*03qA2YL%S<3k+#utDAyfk=*D-sOdOk(Xl)be+mkF(T;d(~YQ-}F
zH{z=^txG=zi$M=por$m?F`eU>@u_qirmJCc_<Pz1*c3*+)cY*StI&I@ja;|3@7E9Z
zC`V8Dgt-nR=GqBIr1UpaZnj8?a=UK#{j?bu?x(i3ehUC)K)Tjh)XGvYmL4{Au9HQl
zz%;ZUca;Z>PWPVACd%ZPdbwiqj&#$4FD>lVSL!GGuLUgLVu*;2wgccr5+)5mG|Q~s
zYDp<+(r23u9T0vy(Ys1F8j4*>!kE9%1$$&dBu6lbFC3xY*9(zLHLIIlh>GqXA9bD|
z!ssswD{u{sab(!G1oTJ`SIv_3!(*Ux&2?G2t)Vv@s#}QWRbmt7SCy|C-7NC0@wz>n
zUlw%Q%fJ38O(+>$2||M=U$mSToOvmn)5Ei6?-b2lm{(q|#=+vAhoc5U6lhyh=^V&Q
z^zeKf4KTcu3D9CozZXNvMDkb&`MuK(o~VWK=k9O3SH&cD*KL!Y8|uE;D&+0dO<!~K
zZQ6B#X(h?bqf{KmOIla!4N+Z`CC|2^negy$5<4;Yxi+5ODv85si7fST+fT5U^}q3S
zD|MT()i|*pA#2DB&lF>Qt*ze}VXJ*3`~E8>r~RLmLakFmA18ez#{y#NR~!O~>-s(=
zzsjT;sdXh*6PmyHWC-pY1qLx`ql3MwElqbyFjlRh%?!49DN|ZPZ)o!u<&|}&*ToiY
zbx?-s;R=iL+n9HJXw0&3s#i_Z`5v}X$>+;eAy7txo8qgwJXf$H+F;4R#B`2*gQj6c
zsqEihJ%f9_ixi5kvK%o7Om6g|ALY&R5)&AXy58CP7#!^=N)bJXf-U^FFw}cqGf=G=
zue76JR9b?i2hPxXk(o_t%13JFrw`4TUb^F9cu%n`=kB9W=%VR%ECHLY!6df(NF(RU
zQP!h6aT8{AzG#c5oEV`JyC;vud@LKc>GM=@T(WX~a#474nPp2s%zcAgUJWO2leXw)
zfgS}v&UP5~B=QfJ#m@F2bDe5erMh=se|m#$9ivrMiswhfp)re#{mSQ{zogu=?Z^0e
z@+2Ano;=KY0V36BwZnx==eV&L>F{}Vv_x_+axznNDe2Kw+Ylv$N^Q?DV$LgYFq1*X
zPBBHf-YUN_Eis-OY}snfb8{okgbB+x;a0R7lz4@j2suY|(r`>H*`D)GkT~X~0NOHR
z?XI8d<z#>OjC$MPnv{C4)7;j(B=PNc)Z@-wYf`Y_lKuG^_2(7op&AVfMn&EV3<&!0
zj7Ut+ka+d?NEv;tk_sE!?ZIEyzUw8Gcz!0kEMT76!GXJe{cFr_@p7rr&vk=HDU+ot
zx6EQ%vbsS&J@JWQrh6D<-t*=T^PZ}Zq3MAB#+=rC#~ztd^mrj<AbX#S>qAVnMe9t*
zTF+2~eul=JSvM*Me?wU?>^dH$S}9Pr45>zY@bFOF59@Ic^C4o}y4(AQ1Ke;aK%;NY
zihQHzwS(c~sSYQCD>&#6#!aEN%cd=L<bD3^CQ#eW<92TmM~}!<+qIKDoBUdiWkV*g
z%y-Ec<|7J3X8mftcP?K~eN{5~dthrhy!rKl73`k!9%e**P6jdH&qz<Qv-r`o=5hB?
zk*k0DY!SNp-r}|&AgB#HC+p&4d!2YJv1{25nC*d9#nHJ}SLC3EIS4+2Y4$+(87Ya$
ziSQgkNvi=iEd4{2#?B(FW2>Gsyu&Yjsi4l#f{G^^P&-yf88%z&o4Xuu&-M&$OJU{%
zYwqC&g)fFOX3gr9&KmpVryEppJp_9-DTld@XGj_m-Lr@_In#;yl55+_n<H!Gw(GmT
zCPU%9zNZtRRn?5z!PiBZ0~Hn)@r*D;f^%VqojC~BTZ)7aH^6O}oDHvnSo)_HZMHhB
z3cVGyki{QU?)VQru<jJ#!QQ@nYgYNivnU(uUs$4MBxpp5+kaczdiI(8{m^2c#9_~^
zhzK#uYatYF9a|rjuC!di^ybH}&>k(7zBK>tDg0y_A5$>uuA;fq_>rV*;vA8gwCUsb
zp4_U|kG?olVM*^ydx}iKKo^30Ik2rNB(*rl=%IqXVOr)4xpnV&w_6>X2@rS0HU!oc
zHU8ELa|4k?CzDQbaDUg&4XYjN=W;NF+C|EYc_NlYcSG7!4QRw2zo~gS*X1`5kVUDF
zg2lD-ObSAa54<pHWIIbAVKt2o*1xu8#D(dbz1H=te^sb{r9Oxen`FK(wPzNwa$u6^
zkT)yM-y>KwLsp5k_t#Xn53B30?g_Ce9k0ELHT__<(CC}2j*0E#gJLm~h=JB4S$>`L
z#0(`}noMuWflrDUD}y|<@9!iU>=&sn1en0;X>W{9=W16^e(u?#%6mk#3R~Ij;l`>`
zrd#2eH^y(HE(PDPtp}Edh<P{FK(Kl`ae?nd@B+r?*R)pt)*O8W(INPw)~)4*C{vvC
zn@}giFzG`N%UutASvE=nyS<20)-w_xT}}MxQ>8c5LKXSab%4uKNvNu$eVr7#Qvy@$
zxf562*W+!%Lwx7ELzuabE;oMer&iA8!}&x>ud3J?^2=AvrH9`?;=Q@u(3}Ft@ME5b
z3SCPg#5_qw!J5^%G*@f7aPNASqWll*k>QD%N@3)S6tG%aTTiO*4~Z7_t=)Cx{7B9(
zUgO?3f77eZOD3+=CgTP>HIt<YHuVL<K@<iP2c{3otRcGdH?CEO_O3biNJ7c4yh|G`
zJ|KuMrIp#de3Io|pJsJNd1kM_lo2S0e{}A0J+2h4QA?g=knYY`KZX%+w|#w+Lr$4?
zb#FN!MnijF!FHn7K=k`dx8aC~(4$yDrnWz4>OS+abb+kbRhU@FyTPW0#(9Rjc2~~l
zdnCoLQod5bc)6|juf>(mu&Zufp4Ucs6eX2FcXyWfppqJ*iPcY2?^}MbM+utLuJ(0j
z71Z3@dN1d?Lc25`oC76;bXR8OOxw{e)r~AXP#sGDP{vw`)DEKkZZmf(g7!*g&u)WT
z@X5JZbq#i)tyKC7IQ$uTq6q{7KusVuF<oe;x-?QVY>WW}0%L3M{KVhGs*%N#$m^H(
zy`yKlm6&V%Y50ZJ@^nBQ-%nM_e=G~kzZjugA**?7Ex+mO^xiUT;qc3%!r04QaW^lr
zPKR9|+;`EI*ZVE=bld64Cndq<HI;9)1m)jROm~o}qg*9W9MApa42fy7XLa6Ys6xsK
z2dqu|3aV#v%P?=Yd)D8<XGU6hX?*6Ro_c9=;6u!f^rYW1=|w_#%Ze46o}(hQtK|#=
zD$%Y4t}l694|={XKnP)|UEZTBMN3vbHQ%d@bso&~H$2C}67e$VcVV`WaO>(rtexui
zWY6FWVS57*5MYNT&%x6=$UnJsP%(Pa{K@SB8k3Q|aoshjs%tpiPXvZ@t@`Ty!Tsul
z>YuP%9`!<X&98Ow(ITcgP?S&Ds^?7c3yce8&jfWf==tiX*Ni|xJW3Mhy6Q#x-V~+X
zd24uSJbwMn)=w$pv}A*BT%F+n^Od1w;&<V(nOjXtaamh4n0LdIuE=4BWZSoyEn605
zDiy}+$QEdNFP$boT9pgBl%SGFf~3dX5HB~XSuw%Ume~0Gsyp9U%)U745_ZEtR0Hxo
z<`joz6|0ND7{NXuw84`prri%gfaV%Aqu#4g4vMta7;5rdaT;F}UmP(V!YgMlW>5p-
z>j(XPk5J~d5S;0G6v=qbH}DFZKnQ}p`<J5Z&MMtwi(nRqOKJO~?p7mF`V1lQH*Bk}
zGtO9UI07+p*d;IVzt*e5>}GQwt_3ca{fu`?X>9rwm5^TSoaV1+o)?d>1zXsrdIw8H
zXxZz37MdABdbEDz7!mIfi|p1vm+zg%DDh3k0u-C2FyVj^x0{Hg$yBb^?ewJ*Lu$S8
zR4;XL2#nd1+ljqE?WD@T7`P|Mpj-mXt(q?`Wv`LXk+)E;-|*v}dXT#;iXm@&E90lE
zzN`OTF8@x;T3q^X-fsVG*MpJE5AB~PyWiR4dwC|i2T^bo^4RjmtR%IheG28bqjFee
zyAbj*5~e{yBE+mD_edMHzu3a5vKF4Yx_+^s&VYbiW0ArAZp{-<Su27_lhQ09_a;NU
za8r$~d7t86&nDy!G(9e9SeZOqa84<{utSc+rGjI`7g|^?so(gRgS!0pZ~&=VU(}uf
zO0u-hxT@rX(f7l;tt$3>)IyJJ3iZbLGnzKIi2>LJ$?5U3WZXZg2wl{Nx<_PlZF{)&
zE)nn6T{{>X=Eip_gU98%_vpcQG9YD_FYnH$SS!s&JOQau1cO1dHOz42a4KAVQwbEQ
z)|TV0Zy+y-xy-vi^@iS-Ls>7JxuT)ziqvYC?Yv`k2nBrgvpxNdOK^sjjo)|8%~ktn
zY=`GVb2{&!^z=o+lob~3$>5l8dE*#SLo=}L7if{NX0i5+oh;P_Zir)O7D%u8`Q@v)
z1cf)oEh%ebdG{mZrLR*<yA8Bj9l#W)m<9L!_Np+~<nv~ca-rCF7Dl#I-)q@rCec<}
zc>0}^cn0>*RgX}F#g9Mk^|B={v>^395&93Xd-p!G$RY0RuHCLa2wJ}RAnt{%+t$`@
z`tCdqh{23`r%Pn}G7~p!)+1H9kCaWBj;K!XynGmC_hojb48^tox+VEAFG=Mty$bnU
z%~cPA3uCkT;^=_?xSVb7+!%7tu5dPr9pV8qx4xkRdr{?5wwNU9I{KrTKVC#eR7zdl
zpriw{!g?%wl923&F2KG@AMLvg4N44@lY+u#yx^@xQbQ{vGlMG+vl+c>v_fI672<or
z1uZZ2GQSE$VwIxl<FidNk(bG?W&uF~4O0Z%-m?qa2p6ll9AJ&AHEFU!*Jgary!YSH
zj0|S7ZQ?V{dw(_m`TXADw-`NRF?s7)t~ak^Dg4ix+OQ!>@m8o1Z!^Su-c6X1<xlkR
za+{;|vI$R@VXjr}ezUaO+18IR+>(gxQg3c~X4rz8eNH($!{^EwvmHXkETfCf$li-)
z$b@E5Pi+;!39<T`5N9$(y<{o0>Z!0Z3M<!Rd>Kh&E8c#wV0f0GK=0k=szht&DHIS;
zcP;DrB!iEveb0^jP~BF9<2J>6G4^GOU}D7Q#+_X!fj7)YF`%NJ0ls0UZVxr`q#+;w
z6z44;DerHXS)=E%ekF5I=%Fd`%|Imxbbe!EyNKXo(6faj=BXX6g$a-FT1OsBJh_3$
zBdRC5k$0<HDij^^&7r88z+scqx`&SNb8Kr?yeBg^dnyI!!r93_Y3Qr|X?)UBd3V%u
zcQ&<#{I+8mq>r@4*JI%bxT{IU`xqX??GPquZJGvN5~(ciZx=5!Ne|n}r=?P!<9YW|
zZ{Vu~R@p^JSoZ_HoOKN!Nhe56r>c>mHYQ5Kq9h0VAuMPxZ6nYeXCP|OVMqt}Zv~<t
zh*I+#zlF{veWgf-uukxs7!t+1Yu$q0S78n+*(3Qb!HQ@j3CvQ`D*DK+#WiTtOt?04
zp3LyN*+-{Ur^y+sY1~^Y8R{ZnR~@M$KZThj%ZOy$jR!n2Lcd!ZZpvoeIACpEX<5a|
zks$=QdIo?0IJ9_>zJ&YC0bwc%%`Tpt-`z8>#!wDj*H4}EhE>LMQ~=fkeC#(T%6eg4
zat2a$pp@qr#vkTiER_~7gxXFUIWho1E<W_u(4e=O7-7X1&7K;s04`dMJIYI-rl=Kd
zw<{mYH4}<C94ARRw}Hyb``<H_Zp?L82xqXk)a9G|C7W4TzyS|=ai8CX&@mrewL6$F
zQM;0`IpjjV(71%eXy8x_^Q*W)o;yudlNKQ^Xk0Yemg6ve8Engo&=ls1pQps_uvMrJ
z9eK~8S6x5uob`uyyqO|>)sy>tBdBLEJpbaWuNvg9h5^%g@6^swqt(R|v#>GE=SveV
zH}tv$<#i+X3%U9ol6@fA3C>>=g9t^LqH+`nl`t#Y&EFZ$JTIqop8#l<F915t|JwIA
z7794FP`)a>_>}C}Tss$gJI`jX&}O8f7-o@7H=`jxQj%>@aHwvAI|G0`n@@B}Q<^r8
z0{U*8STP&9Sm|r<_ljdIKNZ4Pnz#UKChWh=d9lrSNVI-ORRZJVzdMk8Z1t4wCsoKi
zRf3Ltz2>VZ5Q(_tQN6uT0B{5tOY_ctZ8+sDSm{M3oLnOVxC2+vN3;sZ&>_GcL%cFO
zHtU-taW=w-KO8^Bj5>3grz|ASbwHiU3lRO7Zv8c&_jkaEGHErhCkJJMSqjEo_?}Ny
zcH%IvO?h36Tt0-k83~g6>zDX%cwc7Or>W)uF!PTmF9I_DEE2jjs<qY1TtFTrlV{k<
zm|4vNK_)2@d({d4&s#U=k$Oi(a`g25M1Q9W>7!}NAyJ|EahHX&%m6-?r`iO+gbzO#
z@HkcO6a$tU;HZ$LPxjB+B@<+ip|?alg4yS~2UQ!qHZLoKiSJaJt|S3%m2NXo$Th~A
zapPiu$tjrAmv9IK*k02slZFHOA{^mbxcm7Evv>wqHlsi$3NrKo4w}7R02j|mqTg~u
zk02q2S;e#9Q86?KVpy(Map_}%T9P)CXbR5~*;xBLw#;*5g~84;q_4ukEsC_GgWl6E
zH*6H|Hpv{a*ftOxnJT^?Pj;+TOIA$K;jhou%-9oX?TqdWJ0s-r^bPsxeV6I;vE7Fn
z4iPS*mU*s=hPmu;d!xBHaF64}!ZjDW*GmpPTQPR=C=vbSg38wR_|(X5IQd^4>Q$*z
z2WA~aT;LEte5b-RxpAJ!(olUq*Hrys15YdCq*m+0PC%bJ50hA=qe+<f?g2Vy-<Rjd
zx7h4gGA3H7H01PJt%2;>lT16eKyHWk#T8dDzoxRrb2}(16wZ_M_)(*K7b9<-9q3zp
z9@+sO6}LbR(~ByS$sQv`4yE?>dZ?1V^$~on!2b;=2()}TP%g->Fltf1tq7HdgtI4D
zXAiW!*N0ioo>yI;&?S!PENz>6FTXJ}Li^<>E#Qu(;><!zEMwU(CujWlr|<4xTYp9f
zb=^MA5YwUd|6IlYIO*N`%IQv~DsiDswZF}2C7K~~u~HUasMyJV8S_iOV$9PPEx;ov
z7J*Qq*;~oraERfB8<?MaLkF{ZE8+oL<^*RZURuXoU-C%*VAEEfucq2UmT$lV73#Xn
z(iavhx_sMutK%MauUUK&kTXpZEKOQ3J68CbXX?~Z`NluPD+ohYCqCE}Jt@60_QPPA
zp88xqLP0$)r32KNAVJ^Xhs@?a;qCw<LKgDySd!*RkGC00nep0o?JTkvd(`@{K#|42
zM$orrV@wMdCZ<s9MbsRQRx9^b6qL2MDBb3%EgM!1NnoR(a|{xRj?C@4SpbBY%Qwma
z*MGF%?vieZ<dH<$zOo-R$m%w12J?VN=k%8kw`0HoJ!nSfZ#?mD@eJcv=Qo`rU>2Dj
zz7+2$47e)DwBoY@0@ThFEnQ&Z<J-HmQgE-NGgE3dQe2R`wWlon9u!9^RL7^<86FR^
z8%>weA3xSzX}H0;&W(4CxP=NxAqm%bBDe1ktP~hz=!21i-6*XJg_=w|e<>%_p&-x1
z8ys27>R1s1uuA}CKPmmevO~_)KodOI!BHRNYt@nuhxb3qj)~IA0`@7=x}pPK2oFOH
zrk5*#hKAe-_sD_=p4#<~RU|A_42x^s8FIaojVSe5fsIM<DT;}y(Gx%K;+QUECV3so
zhtSQiflUVs?ho2@*ePxG*t?_5TeoU5CElY4CYJ0Sd%lZBS7&-Q5genuoLzDEtwY5s
zJbQM=p;>Hk)DOXy(yh3w^ZN>uekDB@jx|JD`^aZ^5f_7%%}~Qw_>?iH!m>C63!jsH
z49z74l?Q`vQ2Y*BaOzmJ^pe*fA2!oZ$PF5-bQ&VF!->c}sWoe^SC1Pjc^S!-sC>nh
zlAbdb<C4WLIUk_T-|~o(0pKjSh8}B&*+Tpllfh8Rf9KoB$p!vT%90tip}ucJg=e(4
zmUB%*WgaPx>VUH3L09o*txm1g`Gvba3)+dU(}8Y;mb1{c{IW-AeSwe!WOZubJxf{S
z?t;A3QADEu(iN#+CZTmYKU4^QislE-I2|=`$U?U2Rge6v$2_^gH<?7cwBn@IQPo{{
zK?8|m^#W2tt?$9=QiKF+y<e5Dcl<h3AJUx@Py0rvM$K(O)<U)(%pB(!Q))SyA^W@#
zmLsyKUw^7SnKtFeRqbBFEx)I);6ex#A2r@|Tx67PpDcq$Y^VTv@sd=GptjqDka5=-
ze{p8yBDeZOC{|1JHL2}GhR^cEVyLApKxW*?2cDziO)T~}$&3U2*-XxV=Y#+)7s}1%
zRIVWrq51T;S!|J72|I5;oSgxI#0oyZ5wM&^YF|xICbhsK?k2bont2P^snG+oeGC1W
z51SJ<Q2};yAk|lbX7V41Sg&YV9NKdIs>rYjnmJpj!s>!>-TQT{Sp>u%YZfBoaEXe<
zTv?rK`JwZzLCf2G#rof@-kcfzr8EW?1dZ1C?Z#bOs=MoKFc7z_k|+j*>GYV6AW!tX
zOmCxaw&RhHR6zHB7u4ald7J6Vzw3s3*|Rnr3CXAU^tCqgmsk0M+O3yWZ1$+3<K_Qk
zY_Re$y7zPLE|;LSwfLA!^`CD&L}q(2VzqFgQfjzRmyRNU7_YnaaE>m~w*_okk%zJg
zR)~<waLV$oc|o83p+li<shtmA@vID7XGb=krgx_%O6RqX=AGy+O__?>h*&~4zo-w-
z;8%ENYo!0B``81cP;0}ogwK?}f|D{RA`yc*ufrD_dB)bQ6vDOx9;6Gqw)s_wX_bnb
zFcsuI-g|2tO5uHWMvCn_r3NHk9nfw+!IJ!nLTy`C#_A!02UG38Vj;DY7<t29W*&V|
zE`?|{Z2~a7fpFK0SXE_Ce1d~fzMy@mh=}$@<S}bP_#N^n?caH^g9)>D7iMeqT;cs-
zx}v);;J>!J|BGXHdZ0<%q@`&0zYyP%41$l%8<4*x*$ucTLnLU1wBlAnwP>tpK;>>3
zA|aHpW@3~Q!uc`uFm}i9&Mqll-_HOI5E*yux4h@2@iFQPbsu&YR=X=Ip;ymB6RjIE
z{t+eDCy6a~R!G8zK+SKz1<{+2#?g%*SuFG@*|$+2t2YBl=5emsFNt2M;wHE9v9;pk
z-QieY!>$dLAC>7JuJj!$JPKL3=ve<=NDZMf=?SR?q7XLM|A=7l-FrJVmAK)TKPDn4
zs(4EU-o8Y^62|3dq;Gmc0#nOu5EpG_`3diAvvM4<CYk@-Rlu*cxU_`R)YnI#P~spR
z9k~C|p&K9%y+X1LC4c$!>64J%;tdIMSCvzN);x)Wup=-aEG#VUoS`7$zB2e<QUl8k
zCmU$3f2zt1{XdqoYdb3{2S`wH0OQWQT&J9i<e35!3FK|zMcEJdBg%Bn6KdZ((7)z&
zW6*jN{As*MeTJ5rSbI-1aiss&v2Zy54fu8SIIMpVcf!1r)g`_A_S8arU8l@f7q-*p
zkYhBdwQS(yP_tG)R&yYAY~T@R_#aq;?O1@3^a^>Ww+{%F@h5#gYkgCP#<t<x2CU&5
zHX--!J)_jXa|M0rv)2c@X&feXTdlg+3?^zXM3M%MN9eE|yO5ovl!FYgE@(e(m?n5&
z<W1RFLPRMSG-9bQ5N~TjNtID_!f$h5SP&zHxSM``{C8^wl2<}sbc{jAgfJFikd^|C
z6|{H&zRU?J+n`YGDc@+PLQLFc;oF<m=m6(-Sn>Zg^OJ~w5xR)@ROV^-S^=8Cbirb{
zj?PB@C(MpGZ<lJnRwKPOoxc&Z%#2Q~z>-HRy4H$11vD0?`qug04r8IeO&T4q0|MJD
z*dOyV)DnYW1i8t>&~?QEYoELevwU{iN)7kKDq6)<UGnQp6?*onmX^iHtHGB_H`k*o
zGMfJ_wX8sfy6&vo8LOt4Wn+e+9PV#82t=fDg^ExHu=eV=$tLO4)`sP^@<?Z*pSmO!
z?R9B~R@Xca>Z$>w0Y24~OpCxmGzCjjcz!z~sc-o#=Om-UkOA(YX~K<5GaXy~EjXZB
zx<-qOV4`GaGYR&Lnb}~~K$NNq`-5r?$jbujwaT)%r3BZ1iC8|M{`mOQ`4MQAyX<z2
zTmz&jZhU?2xMAtnQBS9!XKq?;M>KxRxMiV~*>GG<L5=54kLglRkLgkpdI0h1AwWoE
zdo3U35^OY9c<+npcddtyP0gDs*LlV&vF^Or$N3SfO!)Em5U<?W4=(zE6L_qx{_}2_
zebF=GGqI{|LqW1*Kdh7VG#_AQorRM07*bm;P`@1gNw`?Z6tnt!4#{Mxe;b!w<mS0f
zW7CoFt<u0gMaceL$=%S#+&E~VzVegq8Y=KLn@6)Z2gDJ-@T;ZRej8RC$*Euj4Cg_m
zFu;nn5P@LypGjNx>!I=ozp5_lvxR8yf5fhHiB>+TfoW`ZYt(5G1^6;J`E-f|s|vbC
zi&zzXy9I~|`*EJZ?B`o%y`IaAR_dF6Xbpigj>av!F<DhJyQ2LoI<`rNQThF8ZRI>U
zZ|K207o`?Es{umLw`W{yTxTKHeQEMun|+Eae|CT-AyHKhD(twd&rrt8HTcWv5J^HA
zq3@=g5>$5!gPM`yxwv}G0eWLpt8{U~iA&Epb7h_IC{iqlGW&c>u5<P6@w|^wpl(Tp
zn3qsVIICk#AoouNLwoR>YEZFvLR=U8QUxrMzG+c}Mgs3p%<UkF=ytY9;{>QfB0QDL
zZnVLZ_rkx&-ZWdS(Hf633pBcL4Fk}D3IICEe=uPh1sE9J#C;<RdcUvT61M54wh=1T
zs)1SO8-%IVXx>tkN(V75eSckf%!e^<dSBHrbj*h7FE{rKiPbbRB18cjDh&+{<rWuf
z9_$e-^nq^X$^($=%?_^*{7?Aa|0Re4sGGgc)&dqFTJ1XdTkf=0gU#nb^9BGzC7(yX
zytnaG9R(EQYmM+5_Y7a4e(I-<drLrUAF%SD|CdE12MaFj2<9&nR4Al&fW~ndlqwgj
zj1L9#7rYAn@a^9`E<kk7SPA~eW5?_mE0@vHO?SXw<0O3y1!m@WF^^v<St_w<oqY8M
z;T-Da%6|vcg=4-D`vv%)yGa6p)%dgP`BSq1&?V)r>zsMY^@i)u|FSN?3!XCkr}N|g
z<A6r_k4q)Tx5SZB-aIDvpQbpr{6;uF%ktixrl<w<Xl7r8&Dx8}@~lgS%lB0WUE-4X
zaXSts097Yczg~>c5JWA3(gz2jt2tBm1b!#i<7=+yyvZKgenxBSs98Ys_gh`btf_Tk
zui*vq!B3vN)gP8{Q6-ff7$z^bvl>bFb`4*jCNtpKN?5H~Fvy>j23NT$Whh4z`h?Y0
zUf!k?IHUJ|J*iT`ds!G|-e=@$`BkmjbxjWEYX5`T{s=uOR)7^29acJJSOIU$cnysD
zm#n4xni70auMMewRd@E0T~4qIt!nthNaALcL}n1}e2BNb&U{x|`%tBA2FGxV^sdVQ
z-$2vAFybG9O_XbuPc+WvZ4Z0m-w{v3r1&44oF@t6PAH4sTVuGiP0nYc{%F;(fwC7V
zL*W=<BdZe4eBZ|?3xoNt#_BanraPjab>y#h0u|EG^wt&Kt(vKM9e3+JEZ%ZB*8X50
zzsMw0Xf&ZJQ96?)>5kjP-zGfzF3h{_-iaAJC~o!Z8Rb~6ELx4fUSyvSz4W&}e}uCe
z4;hutjK7J&Eeo%Rsn#zWtLopVM%0a{Tyu$?sI&}QiF2rRjTIf%$~`QeF`)5?jN%=Z
z8#vpw)aY>FQQi1OKgGp;zxln)^{%bUD22K%?u#zWo(=Z<Dx)sl)E$(Rd2aJrHNp%I
zn1bZ(LS7f@G{CgA`qCfGdbt>LeFDP0&On@B=CF6RvAu#Hq09iS9(Ka4)5V(z`oB?R
zAxFwCVW%7q;FD2rN&!+Z8*^QkZB>b^B_Z&V71ic=B1(y91#)!ERu=Xf3zd!b>x1~T
zW5$;Hm3?vN<`$Q4R-AW<Kn_t$WCg$iVkF!nT`bh^4OahP#g(+4mp_w*`2Hx+)z@mt
z@J3CGK{s@E*%nVlbCay4*5ONQ3En3AZ;vLCT)3_?o0O<KPh~vjRS?j31?Ot1%i`Ky
zGQ&Q*gUYL3Hm;V`Ts5$pbO}jnD}iF!yq>!F7D1q%<HO)D4Z2_NX0AT65n|NI+Z&F;
z{M#SIBZJApw=)vxC)->dXl;beP~*2GH6UeD5RBhz-i^cJHd|Hm?RpgmAvr7u9o$fA
zQNu8P*=MPHoz&7+eQ-uDm*d`RQ!>&XVxaA|Rdqp`2AvDDJ?!wH+iz91ciiBpv_gEJ
zId-j--6m2>ff_?se!rvY1Fqm+YpDBV8dSMv<+aW_D*pcvz$?ACELaUN(Mnq;54S}n
zhPD8Lfq8N8C1}=`2qQ%o-$MzVN@{u?vBtAs+Z^vbAcT_B(Cdu$wg(ps{?@(zPl!wK
z0>nOy-suY9y!Jsa**)A%g%X<1t!w#HEDlP>P2dYMAy)`|4+=r{F)I^Ce%*V(vgao+
z<~F`JJh=Ai=lXvagXOCF1F@0<;b2cZQPf~k)`Av8nVrP>BvD>UH%?lKoKI8zvk;jT
zW2lHn(K8yla3#^%(Ovdu7?qM+3V+PCKgzRIz$qW<4MM6FUOUB%kCtpHI40!D#>~vB
zW!fe?hVt{eT?5#uFE7+9ROHb+EIIag?s=(tKP;6d1lpFiO2{G}Vk$YN{qC=a{WFxX
zHyh|a87B_-44x)g*<)g=zI{+mz15d`<!XhrGRbEyS!|HPc$pN_jiV(6Eh{}hn3V1O
z4}due1fanrtfN+X0VB?Mn;|KOk(>H`QldE5)C%~_c~Dk-T_^K!>Ds^ZJqc^s1q9V+
z3HNG->EJTgh4uGyFujpgl}^3_gtXRpL+u+V-DzhnjRd@NZtDWymiABHB2|}%?iBRj
z8UK#X$B1CZcB57x3ZnNhfAbo!3Y`=qB`D}p*70&9>wWt#BJ{xEb`Fr~%3sHy6v~Yc
zO6?b8O@@F)?Aql&polCjExig`y6}zHzyk2}#$Tx9&6K9V8?LJ-7tjB_XwZHME}5lP
z0K8HTfZtCm5LnG3{-RL871@rzYBzAgYJMz9Fp!Af{Xa)%T`ECKm)HU?gJc1)c5v_|
zpkk)J?jTzKJGgwVhw;z>@u*`Mxc!w}skP{<KIvYKdpAA-{-vjhF8H{yPt*UXTz_$R
z;LgtiC%W0`Gf(LOJ?d}zZ(Zfsj~V!9Ql1FZxBTyV#Stfuxb@HV3aiA6bgP~Dh@bkv
zQmz#^HToC~=zJ$u5q=t@@4#ndqyuhtxAPubp0Ii;b87HGg%_cTJCAFtj2h2DRh5&d
zOVB`6SS$Ri9^1LD*uOwH@aU_-|GHKG=cQ*|XqiXaVN1KgI_Qq@bqnjQ@*#on*LF45
zBu~djnk7n2*K{TD^oVAOVJkPkpQXuqtIJE=wp|K4C1qLdzVUqi+YFPQbGF;lqdoqn
z6h;n6V0^h!{H<x(_?%wT@b^}2pJiizePgyppNo57_NL3sGD_68tlX|z*>t(avI~kW
zT|u^Gx>d;x2K^YW@QOMiiVoxr{WnC>D(=eruH!9_OaWHJ-6EIGcgeORyE*t9Mgn2i
zz4)d{bJqwOzoo7oFn))uI-_&f&?=R5{}j?}jnClFbgi3<O8Pq`!ouE&atn1k;}q@G
zNX(V~lt-@x{Hz1D0V6$mNOY_U174CqS1ym~fm%L6Xsk|aXgtobTEcYK>gd16eTnG3
zv=H{!Jx`V@q;HeuS(s{E0e*!FJaJ!jVXxS5Rf0|Oyi*hryBy#ZR7&_z|M3E_p`M=G
z7@xDJ%nH<aDRwhvm-oWEYu?N;*DhUBjos7@;9}NaO~BIO%48uowkoF{&FudnO;+YF
z>2P5sz*>InP!qM`ydY1tBB2dBCnWZrkX8rBsBhdwkT0>#y*|WmRL{%v3sm&(rpq<o
zs>?&~mHDbSR0FBbN~9%w=h=q%s`yJSaQ!F#Uu2z<+7C(5j-N(s%B{A&bBwAC;!0xi
zcCvHSzP^D`(waym!Q1+u|H0ARxG|F3Vv>L7&vZpH7Gh0LmEQd6)`Rm9S2+h`6JjDw
zZRXP)P@vYEZi8iM)5oxQ(BVy9<9yZstF<c+hq7(^lcXn0DxrETm4{HuE?Y!Op}b`s
z#$b$n$uc8Z#u6$;WuL+%>(~-AiZP_eHW>SiEk(vyvP4Yw?;g_gJRQgTe!a){&42eC
z_uR)^zw5fr^E%J-cmD45lrX2j1DUmk0V}0S$Hy8fG7KfH3Td_1heU~ei)xtNp*C$+
z@umR%(1UVtytw{g@mbOweE|riQ!B}bFTg@m0>L&<9>}~~NJ&)cuO9J}LY*2WppSj=
zZtl#7t{SfJ>9ATa3cY4DaCJQRK|quz%)pk-_0Vf?7!^g!yRPB1X#P`nNsfR&3)!PB
zZ?|r*`r&{KS$z~&r(!?MII5w6)II0{nWUY3v?D&p?gfyk8aF9Y9`;$IBlnLXet+H5
z+X2bxb<u+CQJi?(=9{|X>e`JapDB!sv0``LyEApm9kRxD^gqUrv<oq*`(HlQyNtCx
zM_#^bZcj;eI}U^hTZYE%xSodP_%00tgs9R*--1&{#Z+6n$MT}i>9nro%3k;RSFeK3
zzVDU$xU__XI?xlVK6zA*e3sK$PJT~U<-m{gFPq1y98ix;XaLF)l`k*(Tixu$9vU*$
zfIBRO781;tbr#uMP;a+5f#C<wk>`ktoTN#rDKBxvu5~bwM4EP>qn|6&lYH;7msnB$
zP6~8|;<Nm1;NC1(7(qoZ3zFx$iaf>~G!918fm2y!$d$b_o)^@M1yHMB%2(%_7EtT0
z8^wBB&9WtA*G{pyOHN7nhL+$fiYhnWb*<JJo1?$pB48Rl^7%BT1==SSZ$6jr{sRni
za0Do$)~2D})ZUgbulQKw!dKQiu?VzkQ0^6dm)tMjDQ|RTD2Z{oYA5S+xddy0-dJNJ
zqmgqQ>(wOvr*Qj}UNNBUcMHrmF?4&prIp6QLZk%;k>`^hBAZOZr_+@t;V74ck3DJ}
zUj-|~t9$7V+zl=J2LdGr+8Ss@A{1pc4XCzQ&l=AVh374+xMYHVkNTOjH^P|=y=DkU
zsLhj-So^h_-lmE{j9F8Pf>l)U&{Ktsb}rw=ryWW@Q=UuH+5?_(XjC*-+_dZBrM*h}
zdm<vmK1NY+m~43c-AUCzV|SE2|J2I!p#4gQa~t`(QK5`}JlG30y#|>9xFweBj5>Z6
zC4iqd+s)IIofd>$nW=*ELwx>aW)073*@TpD6*8IZKBxZ)JL((D57Y!cVH!_pT<RsO
zb4OTkL`t4Kq0~0)G*)vFc1;wTOOkvQuic5=D=PcaSu#g<+v*3G&b|_~s84u3ZgNL$
z!|YP*S2H`5&mNarWi#J`W(xa<vpN?6HW$C^N8F_>&u;GQ6%mY@FXu5ilSfKy{~FAP
z=Dhso@UYI{K5pQ*=xaE?*LWRdnIlU{pw(nr*0->W{!*ht{lR~7yaanilSn4bc=gs+
zYDWFCbBO-~sJMSxpvY5CS5pG)Paao6xL0%HP8)a}Z1=b6_6#qBdwrF(`My;zlej`o
zm=xpk$m^?n*6&_aWh4NgT(h(87CImAM3aYIPk1G!F67F)@LI0u`MVcBd5QWKxHdKm
zcbRdM#_JD#vpm`b_mq;IA2#rT$HZ4djBlKe|IxFZfmR)D^#u=3Syj2h{R*50+&>Ov
zw(v{}pq1^r1C(CRMsnCc%Q*#KyP3%)gm=o6E1Kaf>rcW=@MopfSQ~abrp0R*nNYZK
zUJK4^$0z3Q&ie-u`6{1@qO5EH7>GoGaCIl@vuxpGb#BK{E?t%#CLHAUQpvn;(GijE
zS4G}dyEU-7nItSG|1T^rxuu<Xcy6o!EYiiX_6lT@JDLrW7tgD$Kq#m=-pQ2~!B)N=
zm2NkF3sUh4ctbGyoM^{!N%C29q0U!8w=}R-9`l<i@ERTd;dV*tMN6?lv4q*Tao@r$
z!~KKa2z7GfIzBU^T>ZGb(An|ykDl6Rgyr@c*22&SIfe9P3aVT&vi9XcJvp_p-lx~6
zQs%MJ2>qmw9MY>z!fmNCFxPMJ2ko;nM&faLtaZ)oO%jU<dB+bWCC{Fa&N3NhvfEA)
zctbqj)wsJ2o@%*I=!Q*qgc4&Uz-Lg!F)7tDwve*%1F~l+=Bf4uOVL(WeQruA9bNd~
z(WE>Y_mc7UK8}!So8s^N;nUsQ2ZnZ;xCt34*X<R?-nZrt7V6}+4v)Z_gK<~Aiy#t9
zVDBmEmYllNi@0e?s)(M*({sDZ#RVv<J8(6$QSm&&sbO^c<D^H}Tny<~s|d|ism~M<
z_fvMNh;5NtWLsky0m<WN^btYj>n~C&kQ3`GD7XtCapBaNHO@T9dDj6h+wHYtKSdfg
z%|0{O3ad*5Cs%64lCoLB;3Xq9zT(R917vyPeF4>`ssa6{d>4`3O;M|#?u4h^c;uvj
zKPp{g>gZqM_U$$FA^8OQ0=fOPSK<=6TRE5uy;`pbkrnGn&oQsRd7;uh5|x(7Upvkw
zJ13M}xFpt7EfWCAUpcbAe#kyBjv@Y_*Zw{!tbXnuV!F7no0pbEysf`4>D0rt*sSD0
zp@7-*s?;5{Rtj1*!=mntn@vw#QEv!)mpF%ZwygK4K5!BiO#4sj3U`dhCekB~WmtA$
zq9&f$#ESrjKK0ajUF&Cg_D3piMe?a^xHJ;S%=FE4euybN8S|6!_2>B-W3dZ!QWgfr
z$-9D;eD|F<=HC_?03FR;RFgihePF6)FQ|?7!%Z^7k!=$O*!oAZhq>(S41t2lYM4N_
z?JV=%kv?$~t-3loI_Up)%0TH(jo!A4JIdLagZ___63jt=(-PF>e13W#zy#VP5Y-t4
z><3a}kD`H=*n2P8Q$m;pn==@o6P6iG1XFC9|6Ne=5B-gQ#AJ<*(js9jn!87ZN6zww
zMFNlC3<iEdb7L#I0D+_!tMje>5~blXu)3byKWBqVrG8;_pkTap&Epek0UhLH$%Vw_
z3BGV+g0R~=f-qo307ez`(2XxTKypk|<;sEsz)JC9W0uzl!6bhob9UU`a$I7rtP0jf
zY46cy6XuT_X_dnNk8#;PS!6NtbI<-$F81_(UPp~3bfwr=q0eS={pKB3b<SU+6`Whk
zQnt_IAP{R3#@PmMVx_7Z#+K|=fammoR*eN(|0!s}n3MGVGwL@<QXM(P$iNd9{tAi(
zmeA^m9Q<j4qD)cb<13|K6XH8E4p01Pe))*!V3?{{Zotsd7Kj7?VNpF?m&S+2zeUXw
z-+L<>3^VLr;En7~*1K84EAIa80^YbVF4pG8JA#0g^{`nY(|Vsz?{doJ)y`*BJAAgC
zSyzD<^B+@0#JsEE<(%eQSaU{gTW(<SW773Ak+PNvUS3lfa_UZ4pQ!QFX>jMn#9mcm
zyO~r_Kob5I<hRptS!_Fb9MYb(AeT(w?blD@lV;9Wm%mwDS5dkJkXwnxnYQm?JVxq;
zHWr1r6~6-fa3ypKh$^>^PXJnWH1VX%;kkz9(&uyANEQjCDT$YMxkA0pVfm{9@Tb)y
zp8eMyh77Y+iWD8v;P^Lf<t=>^u7@3S!!OzrcPAV+ZFbv(Gt{0+4?e``!BcMk(NzZ1
z9AM-H{%t4szyDy!72`TL5+O*FjA~F}0a{JmPCx(`jvw^Y>#5drybfRjE1$9u_m3&+
zCb3r#YCAryZRbXS{~CQjDsYp|8w0T`zyI`)0?RDJ2ahvtUbvQsZyeGSg-cS~;t--#
z<y$i$9+na!D7^jCr2zrB-+R__#-P6ZTQ=*5gNgFDtNt=6ngC4GJvtok-A7p<Elxv6
zA97D>6>8CxeOW0Q=PuJY=zT|BQbx;RX6o(?#1*sQ&^t+t>NhdH9F>e}318jcTMVqq
z^iL{Wj;Uz!GD<aU!XA(ktTLn#8KSfJjMkNSro0ZQ?N~Atmeob2R%GJwCI|!qo1bsA
zvA#CNEOJ2f0L2?#US6lZE(zq`v7{|VBuVYs;5<Cb#o5_sME4<bx-WNSW+T1;sOcsE
zDxLI&k=Sb!Z+8oq>UGqbNe#*v!>Q4xBl~m(-!>=9Ar`t#U7C|*ke6*c7;9ra1V-2<
z_i<~w|82TMw@sx*uuG-_bYb~#p#PK{`U|>EYs_qc7JTx5myjyoScmok0zZy#=xHdc
zYv-0SQnY0ufeYP7<m?}$=yA?m>X(_>{VS$d(?WXax4x@-HIk)*zhe48pn`Ybdq0@?
z{6HtzqzPbOqySV<O=cNq6Fd1E7bEs$>t+KNPeQ(LpQ903+7b>a6$aK8z}ND^--8lO
zj>pW`&6EmlU-M{5<+Bvo%oE|jZI0)dP6GG@^T{q5VK$#%x}C_=47H^(yUzh@era2X
zhto=$m#M*oS=ycev;^1?&fLN1?KA}DFu{<-kyDPC+!WYpW8dmf|8J(J$v<JW(@Lf_
zfdQUWgW?nvmN(W{s@}Wp05ul7P$!ouWkfi=j~po+bZ9~N=q&gC;6>ns&CFiu{G7cS
z3UnJrEoeYTab&*&pgN8|GXJc50+5Kx4j5{t_Bgbf&#0lexX6nkS6C2lHg<vjoQH1U
zOqgmzQ<nX`WgcnezBAK&VJ0P-E5LGO5|-0-nQ-iT1UP)aBcCD^8LSoo`V%m*N7w?c
zJ2wE<D>heoIKmW%z+rt;)k_}sQu0J*Cy0Q0-mOta6%|Lda-sKK_4D(S&Y#ngtdYd5
z0mzTdGHE5(7yjYk_y(zBgLy;hP^&Mga`O+8F<9c@9b*L~kpiK+(+_%}K$^Cxw<nwo
z(DIFBTuP-sBO;ucVeaGKT%)T;yf=mu)6duf^RuaF1;~e$%%a?e4OXC)w#+B`6+L&F
z=R}_dRR#`hly`!Hv(}IcGxCTDBULI=-we)z6;i)_C)^m+_kGnTzWeFGagWh``31FF
zzo%r>pu#5J+#ykCnggWU{3$QB4MBxC0P_SWuo(b3@Ni(w_}m(VuKqMgvGt;>gmK5B
ztR%YBTsOp{Y|q@aogmxWpOs>miA7}LRMJaHa1#@#Eygzh)XbTXpOm+L-=Llt^eHv<
z=;O#Gcw#Nroj{seChJx8@-CE9z+kTE={cG2%6RZ~W9M_#hQngNu_gkj{1CYNAE^Ey
AIsgCw

literal 0
HcmV?d00001


From 9c8993c5e5dec0fe7b2c6beb36a03748df1b2a3a Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Tue, 21 Jan 2020 16:14:13 -0800
Subject: [PATCH 087/247] Correct minor typos

---
 windows/client-management/mdm/applicationcontrol-csp.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index 3d6869c047..26145df9b5 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -147,7 +147,7 @@ To deploy base policy and supplemental policies:
 
 The following example shows the deployment of two base policies and a supplemental policy (which already specifies the base policy it supplements and does not need that reflected in the ADD).
 
-#### Example 1: Add first base policy**
+#### Example 1: Add first base policy
 
 ```xml
 <Add>
@@ -164,7 +164,7 @@ The following example shows the deployment of two base policies and a supplement
 </Add>
 ```
 
-#### Example 2: Add second base policy**
+#### Example 2: Add second base policy
 
 ```xml
 <Add>
@@ -181,7 +181,7 @@ The following example shows the deployment of two base policies and a supplement
 </Add>
 ```
 
-#### Example 3: Add supplemental policy**
+#### Example 3: Add supplemental policy
 
 ```xml
 <Add>

From 2093e10d9b8fa85c2565ea2b61f32434380985b8 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 21 Jan 2020 16:27:00 -0800
Subject: [PATCH 088/247] more bookmark updates

---
 .../windows/deploy-windows-10-in-a-school-district.md     | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 21bc21a1b5..f4407af6e6 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1120,7 +1120,7 @@ Import device drivers for each device in your institution. For more information
 <li>For apps that are not offline licensed, obtain the .appx files from the app software vendor directly.</li>
 </ul>
 <br/>If you are unable to obtain the .appx files from the app software vendor, then you or the students will need to install the apps on the student devices directly from Microsoft Store or Microsoft Store for Business.<br/><br/>
-If you have Intune or Microsoft Endpoint Configuration Manager, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the <a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a> and <a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a> sections. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.<br/><br/>
+If you have Intune or Microsoft Endpoint Configuration Manager, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the <a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a> and <a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a> sections. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.<br/><br/>
 In addition, you must prepare your environment for sideloading Microsoft Store apps. For more information about how to:<br/><br/>
 <ul>
 <li>Prepare your environment for sideloading, see <a href="https://technet.microsoft.com/windows/jj874388.aspx" data-raw-source="[Try it out: sideload Microsoft Store apps](https://technet.microsoft.com/windows/jj874388.aspx)">Try it out: sideload Microsoft Store apps</a>.</li>
@@ -1499,7 +1499,7 @@ For more information about Intune, see [Microsoft Intune Documentation](https://
 
 ### Deploy and manage apps by using Intune
 
-If you selected to deploy and manage apps by using Microsoft Endpoint Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager) section.
+If you selected to deploy and manage apps by using Microsoft Endpoint Configuration Manager and Intune in a hybrid configuration, then skip this section and continue to the [Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager) section.
 
 You can use Intune to deploy Microsoft Store and Windows desktop apps. Intune provides improved control over which users receive specific apps. In addition, Intune allows you to deploy apps to companion devices (such as Windows 10 Mobile, iOS, or Android devices). Finally, Intune helps you manage app security and features, such as mobile application management policies that let you manage apps on devices that are not enrolled in Intune or that another solution manages.
 
@@ -1728,7 +1728,7 @@ For more information about completing this task, see the following resources:
 For more information, see:
 <ul>
 <li><a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a></li>
-<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
+<li><a href="#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td></td>
@@ -1742,7 +1742,7 @@ Microsoft Store apps are automatically updated from Microsoft Store. The menu ba
 You can also deploy Microsoft Store apps directly to devices by using Intune, Microsoft Endpoint Configuration Manager, or both in a hybrid configuration. For more information, see:
 <ul>
 <li><a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a></li>
-<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-system-center-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
+<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td></td>

From 932fc1568306ca61c68dfa39e794de22333e6332 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 21 Jan 2020 17:15:33 -0800
Subject: [PATCH 089/247] more bookmarks

---
 education/windows/deploy-windows-10-in-a-school-district.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index f4407af6e6..2ea5f07e95 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1120,7 +1120,7 @@ Import device drivers for each device in your institution. For more information
 <li>For apps that are not offline licensed, obtain the .appx files from the app software vendor directly.</li>
 </ul>
 <br/>If you are unable to obtain the .appx files from the app software vendor, then you or the students will need to install the apps on the student devices directly from Microsoft Store or Microsoft Store for Business.<br/><br/>
-If you have Intune or Microsoft Endpoint Configuration Manager, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the <a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a> and <a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a> sections. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.<br/><br/>
+If you have Intune or Microsoft Endpoint Configuration Manager, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the <a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a> and <a href="#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a> sections. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.<br/><br/>
 In addition, you must prepare your environment for sideloading Microsoft Store apps. For more information about how to:<br/><br/>
 <ul>
 <li>Prepare your environment for sideloading, see <a href="https://technet.microsoft.com/windows/jj874388.aspx" data-raw-source="[Try it out: sideload Microsoft Store apps](https://technet.microsoft.com/windows/jj874388.aspx)">Try it out: sideload Microsoft Store apps</a>.</li>

From 4f2f7963259174c15cf1ba2b8c1aa91d2af4927e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 17:35:32 -0800
Subject: [PATCH 090/247] Added property description

---
 .../microsoft-defender-atp/recommendation.md                | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index a2ad1dbf57..7117f61a03 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -54,6 +54,6 @@ Status | Enum | Recommendation exception status. Possible values are: “Active
 configScoreImpact | Double | Secure score impact
 exposureImpacte | Double | Exposure score impact
 totalMachineCount | Long | Number of installed machines
-exposedMachinesCount | Long | 
-nonProductivityImpactedAssets | Long | 
-relatedComponent | String |  
+exposedMachinesCount | Long | Number of installed machines that are exposed to vulnerabilities
+nonProductivityImpactedAssets | Long | Number of machines which are not affected  
+relatedComponent | String |  Related software component

From d45aecc0a4a6045353a14c50321b7f431eaf0764 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 21 Jan 2020 18:07:19 -0800
Subject: [PATCH 091/247] last bookmark

---
 education/windows/deploy-windows-10-in-a-school-district.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 2ea5f07e95..9c23b9b96d 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1742,7 +1742,7 @@ Microsoft Store apps are automatically updated from Microsoft Store. The menu ba
 You can also deploy Microsoft Store apps directly to devices by using Intune, Microsoft Endpoint Configuration Manager, or both in a hybrid configuration. For more information, see:
 <ul>
 <li><a href="#deploy-and-manage-apps-by-using-intune" data-raw-source="[Deploy and manage apps by using Intune](#deploy-and-manage-apps-by-using-intune)">Deploy and manage apps by using Intune</a></li>
-<li><a href="#deploy-and-manage-apps-by-using-system-center-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
+<li><a href="#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager" data-raw-source="[Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager)">Deploy and manage apps by using Microsoft Endpoint Configuration Manager</a></li>
 </ul>
 </td>
 <td></td>

From 3a2901f1491df2936bb4bd8e4e6b1d3eb53014f4 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 19:57:38 -0800
Subject: [PATCH 092/247] Update get-installed-software.md

---
 .../microsoft-defender-atp/get-installed-software.md          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
index 171a32a275..1b2a634eff 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -58,7 +58,7 @@ If successful, this method returns 200 OK with the installed software informatio
 Here is an example of the request.
 
 ```
-GET https://api.securitycenter.windows.com/api/machines/ ac233fa6208e1579620bf44207c4006ed7cc4501/software
+GET https://api.securitycenter.windows.com/api/machines/ac233fa6208e1579620bf44207c4006ed7cc4501/software
 ```
 
 **Response**
@@ -82,4 +82,4 @@ Here is an example of the response.
         }
     ]
 }
-```
\ No newline at end of file
+```

From 13b94a5695695a5cf6dcab4b86337d03126446f9 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 19:58:48 -0800
Subject: [PATCH 093/247] Update get-discovered-vulnerabilities.md

---
 .../microsoft-defender-atp/get-discovered-vulnerabilities.md  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
index bc067f116f..e20da5c5b7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -58,7 +58,7 @@ If successful, this method returns 200 OK with the discovered vulnerability info
 Here is an example of the request.
 
 ```
-GET https://api.securitycenter.windows.com/api/machines/ ac233fa6208e1579620bf44207c4006ed7cc4501/vulnerabilities
+GET https://api.securitycenter.windows.com/api/machines/ac233fa6208e1579620bf44207c4006ed7cc4501/vulnerabilities
 ```
 
 **Response**
@@ -86,4 +86,4 @@ Here is an example of the response.
             "exploitUris": []
         }
 }
-```
\ No newline at end of file
+```

From bfb085cc3d7f9c5eb156f255f7053f9b5e79ee14 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 20:10:36 -0800
Subject: [PATCH 094/247] Update TOC.md

---
 windows/security/threat-protection/TOC.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 2af50f3e0e..addc5617ed 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -479,7 +479,6 @@
 #### [Common Vulnerabilities and Exposures (CVE) to KB map]()
 ##### [Get CVE-KB map](microsoft-defender-atp/get-cvekbmap-collection.md)
 
-
 #### [Pull detections to your SIEM tools]()
 ##### [Learn about different ways to pull detections](microsoft-defender-atp/configure-siem.md)
 ##### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md)

From 19108ca43ae510996853081740b2e61b90d1301a Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 20:17:01 -0800
Subject: [PATCH 095/247] Update software.md

---
 .../threat-protection/microsoft-defender-atp/software.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
index 31c8ef62c0..49e8e4c12d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -40,7 +40,7 @@ id | String | Software ID
 Name | String | Software name 
 Vendor | String | Software vendor name 
 Weaknesses | Long | Number of discovered vulnerabilities 
-publicExploit | Boolean | Public exploit is available for some of the vulnerabilities
+publicExploit | Boolean | Public exploit exists for some of the vulnerabilities
 activeAlert | Boolean | Active alert is associated with this software
 exposedMachines | Long | Number of exposed machines
 impactScore | Double | Exposure score impact of this software 

From 4af7d0783ee4549601c0bc86a12145e79dfadfc4 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 20:18:15 -0800
Subject: [PATCH 096/247] Update vulnerability.md

---
 .../threat-protection/microsoft-defender-atp/vulnerability.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
index 7d023c0efc..0ede996269 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -43,8 +43,8 @@ cvssV3 | Double | CVSS v3 score
 exposedMachines | Long | Number of exposed machines
 publishedOn | DateTime | Date when vulnerability was published
 updatedOn | DateTime | Date when vulnerability was updated
-publicExploit | Boolean | Public exploit is available 
+publicExploit | Boolean | Public exploit exists 
 exploitVerified | Boolean | Exploit is verified to work
 exploitInKit | Boolean | Exploit is part of an exploit kit
-exploitTypes | String collection | Exploit Impact. Possible values are: “Denial of service”, “Local privilege escalation”, “Denial of service”
+exploitTypes | String collection | Exploit impact. Possible values are: “Denial of service”, “Local privilege escalation”, “Denial of service”
 exploitUris | String collection | Exploit source URLs

From de04d48b36c73054b6d966c073637b0eae99f266 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 21 Jan 2020 20:19:49 -0800
Subject: [PATCH 097/247] Update recommendation.md

---
 .../threat-protection/microsoft-defender-atp/recommendation.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index 7117f61a03..d41c53fd57 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -49,7 +49,7 @@ severityScore | Double | Number of secure score points given
 publicExploit | Boolean | Public exploit is available 
 activeAlert | Boolean | Active alert is associated with this recommendation
 associatedThreats | String collection | Threat analytics report is associated with this recommendation
-remediationType | String | Remedation Type. Possible values are: “ConfigurationChange”,“Update”,“Upgrade”,”Uninstall”
+remediationType | String | Remedation type. Possible values are: “ConfigurationChange”,“Update”,“Upgrade”,”Uninstall”
 Status | Enum | Recommendation exception status. Possible values are: “Active” and “Exception”
 configScoreImpact | Double | Secure score impact
 exposureImpacte | Double | Exposure score impact

From c0fae4f9ca3de1c3448973b62d02edab8d04dc62 Mon Sep 17 00:00:00 2001
From: jsuther1974 <jsuther@microsoft.com>
Date: Wed, 22 Jan 2020 09:05:05 -0800
Subject: [PATCH 098/247] Removed rebootless comment

---
 ...dows-defender-application-control-policies-using-intune.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index b94d7ddead..4447a187fc 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -27,7 +27,7 @@ ms.date: 05/17/2018
 -   Windows 10
 -   Windows Server 2016
 
-You can use Microsoft Endpoint Manager (MEM) Intune to configure Windows Defender Application Control (WDAC). Intune includes native support for WDAC, which allows you to configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or to also allow reputable apps as defined by the Intelligent Security Graph (ISG). Using the built-in policies can be a helpful starting point, but many customers may find the available circle-of-trust options to be too limited. Additionally, the native policies are currently deployed via the AppLocker CSP, which requires a reboot even for 'rebootless' policies (which have the 'Update Policy No Reboot' option enabled).
+You can use Microsoft Endpoint Manager (MEM) Intune to configure Windows Defender Application Control (WDAC). Intune includes native support for WDAC, which allows you to configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or to also allow reputable apps as defined by the Intelligent Security Graph (ISG). Using the built-in policies can be a helpful starting point, but many customers may find the available circle-of-trust options to be too limited. 
 
 In order to deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. Beginning in 1903, Custom OMA-URI policy deployment leverages the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp), which has support for multiple policies and rebootless policies. Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies via the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
 
@@ -69,4 +69,4 @@ For pre-1903 systems, the steps to use Intune's Custom OMA-URI functionality to
 4. Add a row, then give your policy a name and use the following settings:
     - **OMA-URI**: ./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/_Grouping_/CodeIntegrity/Policy)
     - **Data type**: Base64
-    - **Certificate file**: upload your binary format policy file
\ No newline at end of file
+    - **Certificate file**: upload your binary format policy file

From 592779801a9e44d5e87855aa7c3453c05a589003 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Wed, 22 Jan 2020 09:56:25 -0800
Subject: [PATCH 099/247] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200122092630 (#1905)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 windows/release-information/status-windows-10-1909.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml
index 6fb137f7db..36288e57f2 100644
--- a/windows/release-information/status-windows-10-1909.yml
+++ b/windows/release-information/status-windows-10-1909.yml
@@ -21,7 +21,7 @@ sections:
       Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
       
  <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2019:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
+<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2020:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
 </td></tr></table>
 
       " 

From 4c4fafce93a7a2f42fe0bbab7228384eb9f2ebef Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Wed, 22 Jan 2020 10:43:06 -0800
Subject: [PATCH 100/247] Update surface-pro-arm-app-management.md

Updated per feedback
---
 devices/surface/surface-pro-arm-app-management.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/devices/surface/surface-pro-arm-app-management.md b/devices/surface/surface-pro-arm-app-management.md
index 26e145c547..c5869a15d4 100644
--- a/devices/surface/surface-pro-arm-app-management.md
+++ b/devices/surface/surface-pro-arm-app-management.md
@@ -8,7 +8,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 11/20/2019
+ms.date: 1/22/2020
 ms.reviewer: jessko
 manager: dansimp
 ms.audience: itpro
@@ -124,7 +124,7 @@ The following tables show the availability of selected key features on Surface P
 | Deployment                              | Surface Pro 7 | Surface Pro X | Notes                                                                                                                           |
 | --------------------------------------- | ------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------- |
 | Windows Autopilot                       | Yes           | Yes           |                                                                                                                                 |
-| Support for Network Boot (PXE)          | Yes           | Yes           |                                                                                                                                 |
+| Support for Network Boot (PXE)          | Yes           | No           |                                                                                                                                 |
 | Windows Configuration Designer          | Yes           | No            | Not recommended for Surface Pro X.                                                                                              |
 | WinPE                                   | Yes           | Yes           | Not recommended for Surface Pro X. Microsoft does not provide the necessary .ISO and drivers to support WinPE with Surface Pro X. |
 | Endpoint Configuration Manager: Operating System Deployment (OSD) | Yes           | No            | Not supported on Surface Pro X.                                                                                              |

From 83f3c54c4b6b66d46f3ff079f9a9f510ebf89814 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:07:23 -0800
Subject: [PATCH 101/247] removing files

---
 ...types-windows-defender-antivirus - Copy.md | 104 -----
 ...sight-windows-defender-antivirus - Copy.md | 166 --------
 ...sions-windows-defender-antivirus - Copy.md | 366 ------------------
 ...tions-windows-defender-antivirus - Copy.md | 130 -------
 ...tions-windows-defender-antivirus - Copy.md | 106 -----
 ...sions-windows-defender-antivirus - Copy.md | 199 ----------
 ...ation-windows-defender-antivirus - Copy.md |  72 ----
 ...dows-defender-antivirus-features - Copy.md |  49 ---
 ...scans-windows-defender-antivirus - Copy.md |  37 --
 ...eport-windows-defender-antivirus - Copy.md |  85 ----
 ...eploy-windows-defender-antivirus - Copy.md |  38 --
 ...-apps-windows-defender-antivirus - Copy.md | 149 -------
 ...ction-windows-defender-antivirus - Copy.md | 143 -------
 13 files changed, 1644 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 1ec92d64e6..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,104 +0,0 @@
----
-title: Configure scanning options for Windows Defender AV
-description: You can configure Windows Defender AV to scan email storage files, back-up or reparse points, network files, and archived files (such as .zip files).
-keywords: advanced scans, scanning, email, archive, zip, rar, archive, reparse scanning
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 10/25/2018
-ms.reviewer: 
-manager: dansimp
-
----
-
-# Configure Windows Defender Antivirus scanning options
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-**Use Microsoft Intune to configure scanning options**
-
-See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-<a id="ref1"></a>
-
-**Use Configuration Manager to configure scanning options:**
-
-See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-**Use Group Policy to configure scanning options**
-
-To configure the Group Policy settings described in the following table:
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
-
-4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
-
-Description | Location and setting | Default setting (if not configured) | PowerShell `Set-MpPreference` parameter or WMI property for `MSFT_MpPreference` class
----|---|---|---
-See [Email scanning limitations](#ref1)) below | Scan > Turn on e-mail scanning | Disabled | `-DisableEmailScanning`
-Scan [reparse points](https://msdn.microsoft.com/library/windows/desktop/aa365503.aspx) | Scan > Turn on reparse point scanning | Disabled | Not available
-Scan mapped network drives | Scan > Run full scan on mapped network drives | Disabled | `-DisableScanningMappedNetworkDrivesForFullScan`
- Scan archive files (such as .zip or .rar files). The [extensions exclusion list](configure-extension-file-exclusions-windows-defender-antivirus.md) will take precedence over this setting. | Scan > Scan archive files | Enabled | `-DisableArchiveScanning`
-Scan files on the network | Scan > Scan network files | Disabled | `-DisableScanningNetworkFiles`
-Scan packed executables | Scan > Scan packed executables | Enabled | Not available
-Scan removable drives during full scans only | Scan > Scan removable drives | Disabled | `-DisableRemovableDriveScanning`
-Specify the level of subfolders within an archive folder to scan | Scan > Specify the maximum depth to scan archive files | 0 | Not available
- Specify the maximum CPU load (as a percentage) during a scan. Note: This is not a hard limit but rather a guidance for the scanning engine to not exceed this maximum on average. | Scan > Specify the maximum percentage of CPU utilization during a scan | 50 |  `-ScanAvgCPULoadFactor`
- Specify the maximum size (in kilobytes) of archive files that should be scanned. The default, **0**, applies no limit | Scan > Specify the maximum size of archive files to be scanned | No limit | Not available
- Configure low CPU priority for scheduled scans | Scan > Configure low CPU priority for scheduled scans | Disabled | Not available
- 
->[!NOTE]
->If real-time protection is enabled, files are scanned before they are accessed and executed. The scanning scope includes all files, including those on mounted removable devices such as USB drives.
-
-**Use PowerShell to configure scanning options**
-
-See [Manage Windows Defender Antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-**Use WMI to configure scanning options**
-
-For using WMI classes, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx).
-
-### Email scanning limitations
-
-We recommend using [always-on real-time protection](configure-real-time-protection-windows-defender-antivirus.md) to protect against email-based malware.
-
-Always-on protection scans emails as they arrive and as they are manipulated, just like normal files in the operating system. This provides the strongest form of protection and is the recommended setting for scanning emails.
-
-You can also use this Group Policy to enable scanning of older email files used by Outlook 2003 and older during on-demand and scheduled scans. Embedded objects within an email file (such as attachments and archived files) are also scanned. The following file format types can be scanned and remediated:
-
-- DBX
-- MBX
-- MIME
-
-PST files used by Outlook 2003 or older (where the archive type is set to non-unicode) can also be scanned, but Windows Defender cannot remediate threats detected inside PST files. This is another reason why we recommend using [always-on real-time protection](configure-real-time-protection-windows-defender-antivirus.md) to protect against email-based malware.
-
-If Windows Defender Antivirus detects a threat inside an email, it will show you the following information to assist you in identifying the compromised email, so you can remediate the threat:
-
-- Email subject
-- Attachment name
-
->[!WARNING]
->There are some risks associated with scanning some Microsoft Outlook files and email messages. You can read about tips and risks associated with scanning Outlook files and email messages in the following articles:
->
-> - [Scanning Outlook files in Outlook 2013](https://technet.microsoft.com/library/dn769141.aspx#bkmk-1)
-> - [Scanning email messages in Outlook 2013](https://technet.microsoft.com/library/dn769141.aspx#bkmk-2)
-
-## Related topics
-
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Configure and run on-demand Windows Defender Antivirus scans](run-scan-windows-defender-antivirus.md)
-- [Configure scheduled Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 1fb5ff7d26..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,166 +0,0 @@
----
-title: Enable Block at First Sight to detect malware in seconds
-description: Enable the Block at First sight feature to detect and block malware within seconds, and validate that it is configured correctly.
-keywords: scan, BAFS, malware, first seen, first sight, cloud, defender
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.reviewer: 
-manager: dansimp
-ms.custom: nextgen
----
-
-# Enable block at first sight
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Block at first sight is a feature of next-generation protection that provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are also enabled. In most cases, these prerequisite settings are also enabled by default, so the feature is running without any intervention. 
-
-You can [specify how long the file should be prevented from running](configure-cloud-block-timeout-period-windows-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information) when a file is blocked. You can change the company name, contact information, and message URL.
-
->[!TIP]
->Visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
-
-## How it works
-
-When Windows Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or clean.
-
-Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
-![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
-
-In Windows 10, version 1803, block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
-
-Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
-
-If the cloud backend is unable to make a determination, Windows Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs additional analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or safe.
-
-In many cases, this process can reduce the response time for new malware from hours to seconds.
-
-## Confirm and validate that block at first sight is enabled
-
-Block at first sight requires a number of settings to be configured correctly or it will not work. These settings are enabled by default in most enterprise Windows Defender Antivirus deployments.
-
-### Confirm block at first sight is enabled with Intune
-
-1. In Intune, navigate to **Device configuration - Profiles > *Profile name* > Device restrictions > Windows Defender Antivirus**.
-
-   > [!NOTE]
-   > The profile you select must be a Device Restriction profile type, not an Endpoint Protection profile type.
-
-2. Verify these settings are configured as follows:
-
-   - **Cloud-delivered protection**: **Enable**
-   - **File Blocking Level**: **High**
-   - **Time extension for file scanning by the cloud**: **50**
-   - **Prompt users before sample submission**: **Send all data without prompting**
-
-   ![Intune config](images/defender/intune-block-at-first-sight.png)
-
-   > [!WARNING]
-   > Setting the file blocking level to **High** will apply a strong level of detection. In the unlikely event that it causes a false positive detection of legitimate files, use the option to [restore the quarantined files](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus).
-
-For more information about configuring Windows Defender Antivirus device restrictions in Intune, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
-
-For a list of Windows Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus).
-
-### Enable block at first sight with SCCM
-
-1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
-
-2. Click **Home** > **Create Antimalware Policy**.
-
-3. Enter a name and a description, and add these settings:
-   - **Real time protection**
-   - **Advanced**
-   - **Cloud Protection Service**
-
-4. In the left column, click **Real time protection**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
-   ![Enable real-time protection](images/defender/sccm-real-time-protection.png)
-
-5. Click **Advanced**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
-   ![Enable Advanced settings](images/defender/sccm-advanced-settings.png)
-
-6. Click **Cloud Protection Service**, set **Cloud Protection Service membership type** to **Advanced membership**, set **Level for blocking malicious files** to **High**, and set **Allow extended cloud check to block and scan suspicious files for up to (seconds)** to **50** seconds.
-   ![Enable Cloud Protection Service](images/defender/sccm-cloud-protection-service.png)
-
-7. Click **OK** to create the policy.
-
-
-### Confirm block at first sight is enabled with Group Policy
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components** > **Windows Defender Antivirus** > **MAPS**, configure the following Group Policies, and then click **OK**:
-
-   -  Double-click **Join Microsoft MAPS** and ensure the option is set to **Enabled**. Click **OK**.
-
-   - Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either **Send safe samples (1)** or **Send all samples (3)**.
-
-    > [!WARNING]
-    > Setting to **Always prompt (0)** will lower the protection state of the device. Setting to **Never send (2)** means block at first sight will not function.
-
-4. In the **Group Policy Management Editor**, expand the tree to **Windows components** > **Windows Defender Antivirus** > **Real-time Protection**:
-
-    1. Double-click **Scan all downloaded files and attachments** and ensure the option is set to **Enabled**, and then click **OK**.
-
-    2. Double-click **Turn off real-time protection** and ensure the option is set to **Disabled**, and then click **OK**.
-
-If you had to change any of the settings, you should re-deploy the Group Policy Object across your network to ensure all endpoints are covered.
-
-### Confirm block at first sight is enabled with the Windows Security app
-
-You can confirm that block at first sight is enabled in Windows Settings.
-
-Block at first sight is automatically enabled as long as **Cloud-based protection** and **Automatic sample submission** are both turned on.
-
-### Confirm Block at First Sight is enabled on individual clients
-
-1. Open the Windows Security app by clicking the shield icon in the task bar.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Manage Settings** under **Virus & threat protection settings**:
-
-   ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
-
-3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
-
-> [!NOTE]
-> If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
-
-### Validate block at first sight is working
-
-You can validate that the feature is working by following the steps outlined in [Validate connections between your network and the cloud](configure-network-connections-windows-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud).
-
-## Disable block at first sight
-
-> [!WARNING]
-> Disabling block at first sight will lower the protection state of the endpoint and your network.
-
-You may choose to disable block at first sight if you want to retain the prerequisite settings without using block at first sight protection. You might wish to do this if you are experiencing latency issues or you want to test the feature's impact on your network.
-
-### Disable block at first sight with Group Policy
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and then click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree through **Windows components** > **Windows Defender Antivirus** > **MAPS**.
-
-4. Double-click **Configure the 'Block at First Sight' feature** and set the option to **Disabled**.
-
-    > [!NOTE]
-    > Disabling block at first sight will not disable or alter the prerequisite group policies.
-
-## Related topics
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 6ab53e6c67..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,366 +0,0 @@
----
-title: Configure and validate exclusions based on extension, name, or location
-description: Exclude files from Windows Defender Antivirus scans based on their file extension, file name, or location.
-keywords: exclusions, files, extension, file type, folder name, file name, scans
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 12/10/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure and validate exclusions based on file extension and folder location
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-> [!IMPORTANT]
-> Windows Defender Antivirus exclusions don't apply to other Microsoft Defender ATP capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender ATP [custom indicators](../microsoft-defender-atp/manage-indicators.md).
-
-## Exclusion lists
-
-You can exclude certain files from Windows Defender Antivirus scans by modifying exclusion lists. **Generally, you shouldn't need to apply exclusions**. Windows Defender Antivirus includes a number of automatic exclusions based on known operating system behaviors and typical management files, such as those used in enterprise management, database management, and other enterprise scenarios and situations.
-
-> [!NOTE]
-> Automatic exclusions apply only to Windows Server 2016 and above. The default antimalware policy we deploy at Microsoft doesn't set any exclusions by default.
-
-This topic describes how to configure exclusion lists for the files and folders.
-
-Exclusion | Examples | Exclusion list
----|---|---
-Any file with a specific extension | All files with the `.test` extension, anywhere on the machine | Extension exclusions
-Any file under a specific folder | All files under the `c:\test\sample` folder | File and folder exclusions
-A specific file in a specific folder | The file `c:\sample\sample.test` only | File and folder exclusions
-A specific process | The executable file `c:\test\process.exe` | File and folder exclusions
-
-Exclusion lists have the following characteristics:
-
-- Folder exclusions will apply to all files and folders under that folder, unless the subfolder is a reparse point. Reparse point subfolders must be excluded separately.
-- File extensions will apply to any file name with the defined extension if a path or folder is not defined.
-
->[!IMPORTANT]
->The use of wildcards such as the asterisk (\*) will alter how the exclusion rules are interpreted. See the [Use wildcards in the file name and folder path or extension exclusion lists](#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists) section for important information about how wildcards work.
->
->You cannot exclude mapped network drives. You must specify the actual network path.
->
->Folders that are reparse points that are created after the Windows Defender Antivirus service starts and that have been added to the exclusion list will not be included. You must restart the service (by restarting Windows) for new reparse points to be recognized as a valid exclusion target.
-
-To exclude files opened by a specific process, see [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md).
-
-The exclusions apply to [scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md), [on-demand scans](run-scan-windows-defender-antivirus.md), and [real-time protection](configure-real-time-protection-windows-defender-antivirus.md).
-
->[!IMPORTANT]
->Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
->
->Changes made in the Windows Security app **will not show** in the Group Policy lists.
-
-By default, local changes made to the lists (by users with administrator privileges, including changes made with PowerShell and WMI) will be merged with the lists as defined (and deployed) by Group Policy, Configuration Manager, or Intune. The Group Policy lists will take precedence when there are conflicts.
-
-You can [configure how locally and globally defined exclusions lists are merged](configure-local-policy-overrides-windows-defender-antivirus.md#merge-lists) to allow local changes to override managed deployment settings.
-
-## Configure the list of exclusions based on folder name or file extension
-
-### Use Intune to configure file name, folder, or file extension exclusions
-
-See the following articles:
-- [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure)
-- [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus)
-
-### Use Configuration Manager to configure file name, folder, or file extension exclusions
-
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-### Use Group Policy to configure folder or file extension exclusions
-
->[!NOTE]
->If you specify a fully qualified path to a file, then only that file is excluded. If a folder is defined in the exclusion, then all files and subdirectories under that folder are excluded.
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
-
-4. Double-click the **Path Exclusions** setting and add the exclusions:
-
-    1. Set the option to **Enabled**. 
-    2. Under the **Options** section, click **Show...**.
-    3. Enter each folder on its own line under the **Value name** column. If you are entering a file, ensure you enter a fully qualified path to the file, including the drive letter, folder path, filename, and extension. Enter **0** in the **Value** column.
-
-5. Click **OK**.
-
-    ![The Group Policy setting for file and folder exclusions](images/defender/wdav-path-exclusions.png)
-
-6. Double-click the **Extension Exclusions** setting and add the exclusions:
-
-    1. Set the option to **Enabled**.
-    2. Under the **Options** section, click **Show...**.
-    3. Enter each file extension on its own line under the **Value name** column.  Enter **0** in the **Value** column.
-
-7. Click **OK**.
-
-    ![The Group Policy setting for extension exclusions](images/defender/wdav-extension-exclusions.png)
-
-<a id="ps"></a>
-
-### Use PowerShell cmdlets to configure file name, folder, or file extension exclusions
-
-Using PowerShell to add or remove exclusions for files based on the extension, location, or file name requires using a combination of three cmdlets and the appropriate exclusion list parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender).
-
-The format for the cmdlets is:
-
-```PowerShell
-<cmdlet> -<exclusion list> "<item>"
-```
-
-The following are allowed as the \<cmdlet>:
-
-Configuration action | PowerShell cmdlet
----|---
-Create or overwrite the list | `Set-MpPreference`
-Add to the list | `Add-MpPreference`
-Remove item from the list | `Remove-MpPreference`
-
-The following are allowed as the \<exclusion list>:
-
-Exclusion type | PowerShell parameter
----|---
-All files with a specified file extension | `-ExclusionExtension`
-All files under a folder (including files in subdirectories), or a specific file | `-ExclusionPath`
-
->[!IMPORTANT]
->If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
-
-For example, the following code snippet would cause Windows Defender AV scans to exclude any file with the `.test` file extension:
-
-```PowerShell
-Add-MpPreference -ExclusionExtension ".test"
-```
-
-For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
-
-### Use Windows Management Instruction (WMI) to configure file name, folder, or file extension exclusions
-
-Use the [**Set**, **Add**, and **Remove** methods of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class for the following properties:
-
-```WMI
-ExclusionExtension
-ExclusionPath
-```
-
-The use of **Set**, **Add**, and **Remove** is analogous to their counterparts in PowerShell: `Set-MpPreference`, `Add-MpPreference`, and `Remove-MpPreference`.
-
-For more information, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx).
-
-<a id="man-tools"></a>
-
-### Use the Windows Security app to configure file name, folder, or file extension exclusions
-
-See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
-
-<a id="wildcards"></a>
-## Use wildcards in the file name and folder path or extension exclusion lists
-
-You can use the asterisk `*`, question mark `?`, or environment variables (such as `%ALLUSERSPROFILE%`) as wildcards when defining items in the file name or folder path exclusion list. The way in which these wildcards are interpreted differs from their usual usage in other apps and languages. Make sure to read this section to understand their specific limitations.
-
->[!IMPORTANT]
->There are key limitations and usage scenarios for these wildcards:
->
->- Environment variable usage is limited to machine variables and those applicable to processes running as an NT AUTHORITY\SYSTEM account.
->- You cannot use a wildcard in place of a drive letter.
->- An asterisk `*` in a folder exclusion will stand in place for a single folder. Use multiple instances of `\*\` to indicate multiple nested folders with unspecified names.
-
-The following table describes how the wildcards can be used and provides some examples.
-<table>
-    <tr>
-        <th>Wildcard</th>
-        <th>Use in file name and file extension exclusions</th>
-        <th>Use in folder exclusions</th>
-        <th>Example use</th>
-        <th>Example matches</th>
-    </tr>
-    <tr>
-        <td><b>*</b> (asterisk)</td>
-        <td>Replaces any number of characters. <br />Only applies to files in the last folder defined in the argument. </td>
-        <td>Replaces a single folder. <br />Use multiple <b>*</b> with folder slashes <b>\</b> to indicate multiple, nested folders. </br>After matching the number of wild carded and named folders, all subfolders will also be included.</td>
-        <td>
-            <ol>
-                <li>C:\MyData\<b>*</b>.txt</li>
-                <li>C:\somepath\<b>*</b>\Data</li>
-                <li>C:\Serv\<b>*</b>\<b>*</b>\Backup
-            </ol>
-        </td>
-        <td>
-            <ol>
-                <li>C:\MyData\<b>notes</b>.txt</li>
-                <li>Any file in:
-                    <ul>
-                        <li>C:\somepath\<b>Archives</b>\Data and its subfolders</li>
-                        <li>C:\somepath\<b>Authorized</b>\Data and its subfolders</li>
-                    </ul>
-                <li>Any file in:
-                <ul>
-                    <li>C:\Serv\<b>Primary</b>\<b>Denied</b>\Backup and its subfolders</li>
-                    <li>C:\Serv\<b>Secondary</b>\<b>Allowed</b>\Backup and its subfolders</li>
-                </ul>
-            </ol>
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <b>?</b> (question mark)
-        </td>
-        <td>
-            Replaces a single character. <br />
-            Only applies to files in the last folder defined in the argument.
-        </td>
-        <td>
-            Replaces a single character in a folder name. </br>
-            After matching the number of wild carded and named folders, all subfolders will also be included.
-        </td>
-        <td>
-            <ol>
-                <li>C:\MyData\my<b>?</b>.zip</li>
-                <li>C:\somepath\<b>?</b>\Data</li>
-                <li>C:\somepath\test0<b>?</b>\Data</li>
-            </ol>
-        </td>
-        <td>
-            <ol>
-                <li>C:\MyData\my<b>1</b>.zip</li>
-                <li>Any file in C:\somepath\<b>P</b>\Data and its subfolders</li>
-                <li>Any file in C:\somepath\test0<b>1</b>\Data and its subfolders</li>
-            </ol>
-        </td>
-    </tr>
-    <tr>
-        <td>Environment variables</td>
-        <td>The defined variable will be populated as a path when the exclusion is evaluated.</td>
-        <td>Same as file and extension use. </td>
-        <td>
-            <ol>
-                <li><b>%ALLUSERSPROFILE%</b>\CustomLogFiles</li>
-            </ol> 
-        </td>
-        <td>
-            <ol>
-                <li><b>C:\ProgramData</b>\CustomLogFiles\Folder1\file1.txt</li>
-            </ol>
-        </td>
-    </tr>
-</table>
-
->[!IMPORTANT]
->If you mix a file exclusion argument with a folder exclusion argument, the rules will stop at the file argument match in the matched folder, and will not look for file matches in any subfolders.
->
->For example, you can exclude all files that start with "date" in the folders `c:\data\final\marked` and `c:\data\review\marked` by using the rule argument <b>c:\data\\\*\marked\date*.\*</b>.
->
->This argument, however, will not match any files in **subfolders** under `c:\data\final\marked` or `c:\data\review\marked`.
-
-<a id="review"></a>
-
-## Review the list of exclusions
-
-You can retrieve the items in the exclusion list using one of the following methods:
-- [Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
-- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
-- MpCmdRun
-- PowerShell
-- [Windows Security app](windows-defender-security-center-antivirus.md#exclusions)
-
->[!IMPORTANT]
->Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
->
->Changes made in the Windows Security app **will not show** in the Group Policy lists.
-
-If you use PowerShell, you can retrieve the list in two ways:
-
-- Retrieve the status of all Windows Defender Antivirus preferences. Each of the lists will be displayed on separate lines, but the items within each list will be combined into the same line.
-- Write the status of all preferences to a variable, and use that variable to only call the specific list you are interested in. Each use of `Add-MpPreference` is written to a new line.
-
-### Validate the exclusion list by using MpCmdRun
-
-To check exclusions with the dedicated [command-line tool mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus?branch=v-anbic-wdav-new-mpcmdrun-options), use the following command:
-
-```DOS
-MpCmdRun.exe -CheckExclusion -path <path>
-```
-
->[!NOTE]
->Checking exclusions with MpCmdRun requires Windows Defender Antivirus CAMP version 4.18.1812.3 (released in December 2018) or later.
-
-### Review the list of exclusions alongside all other Windows Defender Antivirus preferences by using PowerShell
-
-Use the following cmdlet:
-
-```PowerShell
-Get-MpPreference
-```
-
-In the following example, the items contained in the `ExclusionExtension` list are highlighted:
-
-![PowerShell output for Get-MpPreference showing the exclusion list alongside other preferences](images/defender/wdav-powershell-get-exclusions-all.png)
-
-For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
-
-### Retrieve a specific exclusions list by using PowerShell
-
-Use the following code snippet (enter each line as a separate command); replace **WDAVprefs** with whatever label you want to name the variable:
-
-```PowerShell
-$WDAVprefs = Get-MpPreference
-$WDAVprefs.ExclusionExtension
-$WDAVprefs.ExclusionPath
-```
-
-In the following example, the list is split into new lines for each use of the `Add-MpPreference` cmdlet:
-
-![PowerShell output showing only the entries in the exclusion list](images/defender/wdav-powershell-get-exclusions-variable.png)
-
-For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
-
-<a id="validate"></a>
-
-## Validate exclusions lists with the EICAR test file
-
-You can validate that your exclusion lists are working by using PowerShell with either the `Invoke-WebRequest` cmdlet or the .NET WebClient class to download a test file.
-
-In the following PowerShell snippet, replace *test.txt* with a file that conforms to your exclusion rules. For example, if you have excluded the `.testing` extension, replace `test.txt` with `test.testing`. If you are testing a path, ensure you run the cmdlet within that path.
-
-```PowerShell
-Invoke-WebRequest "http://www.eicar.org/download/eicar.com.txt" -OutFile "test.txt"
-```
-
-If Windows Defender Antivirus reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm the contents are the same as what is described on the [EICAR test file website](http://www.eicar.org/86-0-Intended-use.html).
-
-You can also use the following PowerShell code, which calls the .NET WebClient class to download the test file - as with the `Invoke-WebRequest` cmdlet; replace *c:\test.txt* with a file that conforms to the rule you are validating:
-
-```PowerShell
-$client = new-object System.Net.WebClient
-$client.DownloadFile("http://www.eicar.org/download/eicar.com.txt","c:\test.txt")
-```
-
-If you do not have Internet access, you can create your own EICAR test file by writing the EICAR string to a new text file with the following PowerShell command:
-
-```PowerShell
-[io.file]::WriteAllText("test.txt",'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*')
-```
-
-You can also copy the string into a blank text file and attempt to save it with the file name or in the folder you are attempting to exclude.
-
-## Related topics
-
-- [Configure and validate exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md)
-- [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md)
-- [Configure Windows Defender Antivirus exclusions on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 39f0cb02b4..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,130 +0,0 @@
----
-title: Configure and validate Windows Defender Antivirus network connections
-description: Configure and test your connection to the Windows Defender Antivirus cloud protection service.
-keywords: antivirus, windows defender antivirus, antimalware, security, defender, cloud, aggressiveness, protection level
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 10/08/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure and validate Windows Defender Antivirus network connections
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-To ensure Windows Defender Antivirus cloud-delivered protection works properly, you need to configure your network to allow connections between your endpoints and certain Microsoft servers.
-
-This article lists the connections that must be allowed, such as by using firewall rules, and provides instructions for validating your connection. Configuring your protection properly helps ensure that you receive the best value from your cloud-delivered protection services.
-
-See the blog post [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) for some details about network connectivity.
-
->[!TIP]
->You can also visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
->
->- Cloud-delivered protection
->- Fast learning (including block at first sight)
->- Potentially unwanted application blocking
-
-## Allow connections to the Windows Defender Antivirus cloud service
-
-The Windows Defender Antivirus cloud service provides fast, strong protection for your endpoints. Enabling the cloud-delivered protection service is optional, however it is highly recommended because it provides important protection against malware on your endpoints and across your network.
-
->[!NOTE]
->The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
-
-See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) for details on enabling the service with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
-
-After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
-
-Because your protection is a cloud service, computers must have access to the internet and reach the ATP machine learning services. Do not exclude the URL `*.blob.core.windows.net` from any kind of network inspection. The table below lists the services and their associated URLs. Make sure that there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL `*.blob.core.windows.net`). Below mention URLs are using port 443 for communication.
-
-
-| **Service**| **Description** |**URL** |
-| :--: | :-- | :-- |
-| Windows Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)|Used by Windows Defender Antivirus to provide cloud-delivered protection|`*.wdcp.microsoft.com` <br/> `*.wdcpalt.microsoft.com` <br/> `*.wd.microsoft.com`|
-| Microsoft Update Service (MU)|	Security intelligence and product updates	|`*.update.microsoft.com`|
-|Security intelligence updates Alternate Download Location (ADL)|	Alternate location for Windows Defender Antivirus Security intelligence updates if the installed Security intelligence is out of date (7 or more days behind)|	`*.download.microsoft.com`|
-| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission	| `ussus1eastprod.blob.core.windows.net` <br/>    `ussus1westprod.blob.core.windows.net` <br/>    `usseu1northprod.blob.core.windows.net` <br/>    `usseu1westprod.blob.core.windows.net` <br/>    `ussuk1southprod.blob.core.windows.net` <br/>    `ussuk1westprod.blob.core.windows.net` <br/>    `ussas1eastprod.blob.core.windows.net` <br/>    `ussas1southeastprod.blob.core.windows.net` <br/>    `ussau1eastprod.blob.core.windows.net` <br/>    `ussau1southeastprod.blob.core.windows.net` |
-| Certificate Revocation List (CRL)|Used by Windows when creating the SSL connection to MAPS for updating the CRL	| `https://www.microsoft.com/pkiops/crl/` <br/> `https://www.microsoft.com/pkiops/certs` <br/>   `https://crl.microsoft.com/pki/crl/products` <br/> `https://www.microsoft.com/pki/certs` |
-| Symbol Store|Used by Windows Defender Antivirus to restore certain critical files during remediation flows	| `https://msdl.microsoft.com/download/symbols` |
-| Universal Telemetry Client| Used by Windows to send client diagnostic data; Windows Defender Antivirus uses this for product quality monitoring purposes	| This update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints:   `vortex-win.data.microsoft.com` <br/>   `settings-win.data.microsoft.com`|
-
-## Validate connections between your network and the cloud
-
-After whitelisting the URLs listed above, you can test if you are connected to the Windows Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you are fully protected.
-
-**Use the cmdline tool to validate cloud-delivered protection:**
-
-Use the following argument with the Windows Defender Antivirus command-line utility (`mpcmdrun.exe`) to verify that your network can communicate with the Windows Defender Antivirus cloud service:
-
-```DOS
-"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -ValidateMapsConnection
-```
-
-> [!NOTE]
-> You need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. This command will only work on Windows 10, version 1703 or higher.
-
-For more information, see [Manage Windows Defender Antivirus with the mpcmdrun.exe commandline tool](command-line-arguments-windows-defender-antivirus.md).
-
-**Attempt to download a fake malware file from Microsoft:**
-
-You can download a sample file that Windows Defender Antivirus will detect and block if you are properly connected to the cloud.
-
-Download the file by visiting the following link:
-- https://aka.ms/ioavtest
-
->[!NOTE]
->This file is not an actual piece of malware. It is a fake file that is designed to test if you are properly connected to the cloud.
-
-If you are properly connected, you will see a warning Windows Defender Antivirus notification:
-
-![Windows Defender Antivirus notification informing the user that malware was found](images/defender/wdav-malware-detected.png)
-
-If you are using Microsoft Edge, you'll also see a notification message:
-
-![Microsoft Edge informing the user that malware was found](images/defender/wdav-bafs-edge.png)
-
-A similar message occurs if you are using Internet Explorer:
-
-![Windows Defender Antivirus notification informing the user that malware was found](images/defender/wdav-bafs-ie.png)
-
-You will also see a detection under **Quarantined threats** in the **Scan history** section in the Windows Security app:
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Scan history** label:
-
-    ![Screenshot of the Scan history label in the Windows Security app](images/defender/wdav-history-wdsc.png)
-
-3. Under the **Quarantined threats** section, click the **See full history** label to see the detected fake malware:
-
-    ![Screenshot of quarantined items in the Windows Security app](images/defender/wdav-quarantined-history-wdsc.png)
-
->[!NOTE]
->Versions of Windows 10 before version 1703 have a different user interface. See [Windows Defender Antivirus in the Windows Security app](windows-defender-security-center-antivirus.md).
-
-The Windows event log will also show [Windows Defender client event ID 2050](troubleshoot-windows-defender-antivirus.md).
-
->[!IMPORTANT]
->You will not be able to use a proxy auto-config (.pac) file to test network connections to these URLs. You will need to verify your proxy servers and any network filtering tools manually to ensure connectivity.
-
-## Related articles
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-
-- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)
-
-- [Run an Windows Defender Antivirus scan from the command line](command-line-arguments-windows-defender-antivirus.md) and [Command line arguments](command-line-arguments-windows-defender-antivirus.md)
-
-- [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 03afa1681f..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,106 +0,0 @@
----
-title: Configure Windows Defender Antivirus notifications
-description: Configure and customize Windows Defender Antivirus notifications.
-keywords: notifications, defender, antivirus, endpoint, management, admin
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure the notifications that appear on endpoints
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-In Windows 10, application notifications about malware detection and remediation are more robust, consistent, and concise.
-
-Notifications appear on endpoints when manually triggered and scheduled scans are completed and threats are detected. These notifications also appear in the **Notification Center**, and a summary of scans and threat detections appear at regular time intervals.
-
-You can also configure how standard notifications appear on endpoints, such as notifications for reboot or when a threat has been detected and remediated.
-
-## Configure the additional notifications that appear on endpoints
-
-You can configure the display of additional notifications, such as recent threat detection summaries, in the [Windows Security app](windows-defender-security-center-antivirus.md) and with Group Policy.
-
-> [!NOTE]
-> In Windows 10, version 1607 the feature was called **Enhanced notifications** and could be configured under **Windows Settings** > **Update & security** > **Windows Defender**. In Group Policy settings in all versions of Windows 10, it is called **Enhanced notifications**.
-
-> [!IMPORTANT]
-> Disabling additional notifications will not disable critical notifications, such as threat detection and remediation alerts.
-
-**Use the Windows Security app to disable additional notifications:**
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
-
-    ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
-
-3. Scroll to the **Notifications** section and click **Change notification settings**.
-
-4. Slide the switch to **Off** or **On** to disable or enable additional notifications.
-
-**Use Group Policy to disable additional notifications:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration**.
-
-3. Click **Administrative templates**.
-
-4. Expand the tree to **Windows components > Windows Defender Antivirus > Reporting**.
-
-5. Double-click **Turn off enhanced notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
-
-## Configure standard notifications on endpoints
-
-You can use Group Policy to:
-
-- Display additional, customized text on endpoints when the user needs to perform an action
-- Hide all notifications on endpoints
-- Hide reboot notifications on endpoints
-
-Hiding notifications can be useful in situations where you can't hide the entire Windows Defender Antivirus interface. See [Prevent users from seeing or interacting with the Windows Defender Antivirus user interface](prevent-end-user-interaction-windows-defender-antivirus.md) for more information.
-
-> [!NOTE]
-> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Endpoint Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
-
-See [Customize the Windows Security app for your organization](../windows-defender-security-center/windows-defender-security-center.md) for instructions to add custom contact information to the notifications that users see on their machines.
-
-**Use Group Policy to hide notifications:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**. 
-
-4. Double-click **Suppress all notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
-
-**Use Group Policy to hide reboot notifications:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration**.
-
-3. Click **Administrative templates**.
-
-4. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
-
-5. Double-click **Suppresses reboot notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
-
-## Related topics
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-- [Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 79e9d90a7b..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,199 +0,0 @@
----
-title: Configure exclusions for files opened by specific processes
-description: You can exclude files from scans if they have been opened by a specific process.
-keywords: Windows Defender Antivirus, process, exclusion, files, scans
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 12/10/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure exclusions for files opened by processes
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can exclude files that have been opened by specific processes from Windows Defender Antivirus scans.
-
-This topic describes how to configure exclusion lists for the following:
-
-<a id="examples"></a>
-
-Exclusion | Example
----|---
-Any file on the machine that is opened by any process with a specific file name | Specifying "test.exe" would exclude files opened by: <ul><li>c:\sample\test.exe</li><li>d:\internal\files\test.exe</li></ul>  
-Any file on the machine that is opened by any process under a specific folder | Specifying "c:\test\sample\\*" would exclude files opened by:<ul><li>c:\test\sample\test.exe</li><li>c:\test\sample\test2.exe</li><li>c:\test\sample\utility.exe</li></ul> 
-Any file on the machine that is opened by a specific process in a specific folder | Specifying "c:\test\process.exe" would exclude files only opened by c:\test\process.exe
-
-When you add a process to the process exclusion list, Windows Defender Antivirus won't scan files opened by that process, no matter where the files are located. The process itself, however, will be scanned unless it has also been added to the [file exclusion list](configure-extension-file-exclusions-windows-defender-antivirus.md).
-
-The exclusions only apply to [always-on real-time protection and monitoring](configure-real-time-protection-windows-defender-antivirus.md). They don't apply to scheduled or on-demand scans.
-
-Changes made with Group Policy to the exclusion lists **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions). However, changes made in the Windows Security app **will not show** in the Group Policy lists.
-
-You can add, remove, and review the lists for exclusions in [Group Policy](#gp), [Microsoft Endpoint Configuration Manager, Microsoft Intune, and with the Windows Security app](#man-tools), and you can [use wildcards](#wildcards) to further customize the lists.
-
-You can also [use PowerShell cmdlets and WMI to configure the exclusion lists](#ps), including [reviewing](#review) your lists.
-
-By default, local changes made to the lists (by users with administrator privileges; this includes changes made with PowerShell and WMI) will be merged with the lists as defined (and deployed) by Group Policy, Configuration Manager, or Intune. The Group Policy lists will take precedence in the case of conflicts.
-
-You can [configure how locally and globally defined exclusions lists are merged](configure-local-policy-overrides-windows-defender-antivirus.md#merge-lists) to allow local changes to override managed deployment settings.
-
-## Configure the list of exclusions for files opened by specified processes
-
-<a id="gp"></a>
-
-### Use Microsoft Intune to exclude files that have been opened by specified processes from scans
-
-See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-### Use Microsoft Endpoint Configuration Manager to exclude files that have been opened by specified processes from scans
-
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-### Use Group Policy to exclude files that have been opened by specified processes from scans
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
-
-4. Double-click **Process Exclusions** and add the exclusions:
-
-    1. Set the option to **Enabled**.
-    2. Under the **Options** section, click **Show...**.
-    3. Enter each process on its own line under the **Value name** column. See the [example table](#examples) for the different types of process exclusions.  Enter **0** in the **Value** column for all processes.
-
-5. Click **OK**.
-
-![The Group Policy setting for specifying process exclusions](images/defender/wdav-process-exclusions.png)
-
-<a id="ps"></a>
-
-### Use PowerShell cmdlets to exclude files that have been opened by specified processes from scans
-
-Using PowerShell to add or remove exclusions for files that have been opened by processes requires using a combination of three cmdlets with the `-ExclusionProcess` parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender).
-
-The format for the cmdlets is:
-
-```PowerShell
-<cmdlet> -ExclusionProcess "<item>"
-```
-
-The following are allowed as the \<cmdlet>:
-
-Configuration action | PowerShell cmdlet
----|---
-Create or overwrite the list | `Set-MpPreference`
-Add to the list | `Add-MpPreference`
-Remove items from the list | `Remove-MpPreference`
-
->[!IMPORTANT]
->If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
-
-For example, the following code snippet would cause Windows Defender AV scans to exclude any file that is opened by the specified process:
-
-```PowerShell
-Add-MpPreference -ExclusionProcess "c:\internal\test.exe"
-```
-
-See [Manage antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-Windows Defender Antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-### Use Windows Management Instruction (WMI) to exclude files that have been opened by specified processes from scans
-
-Use the [**Set**, **Add**, and **Remove** methods of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class for the following properties:
-
-```WMI
-ExclusionProcess
-```
-
-The use of **Set**, **Add**, and **Remove** is analogous to their counterparts in PowerShell: `Set-MpPreference`, `Add-MpPreference`, and `Remove-MpPreference`.
-
-See the following for more information and allowed parameters:
-
-- [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx)
-
-<a id="man-tools"></a>
-
-### Use the Windows Security app to exclude files that have been opened by specified processes from scans
-
-See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
-
-<a id="wildcards"></a>
-
-## Use wildcards in the process exclusion list
-
-The use of wildcards in the process exclusion list is different from their use in other exclusion lists.
-
-In particular, you cannot use the question mark ? wildcard, and the asterisk \* wildcard can only be used at the end of a complete path. You can still use environment variables (such as %ALLUSERSPROFILE%) as wildcards when defining items in the process exclusion list.
-
-The following table describes how the wildcards can be used in the process exclusion list:
-
-Wildcard | Use | Example use | Example matches
----|---|---|---
-\* (asterisk) | Replaces any number of characters | <ul><li>C:\MyData\\*</li></ul> | <ul><li>Any file opened by C:\MyData\file.exe</li></ul>
-? (question mark) | Not available | \- | \-
-Environment variables | The defined variable will be populated as a path when the exclusion is evaluated |  <ul><li>%ALLUSERSPROFILE%\CustomLogFiles\file.exe</li></ul> | <ul><li>Any file opened by C:\ProgramData\CustomLogFiles\file.exe</li></ul>
-
-<a id="review"></a>
-
-## Review the list of exclusions
-
-You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
-
-If you use PowerShell, you can retrieve the list in two ways:
-
-- Retrieve the status of all Windows Defender Antivirus preferences. Each of the lists will be displayed on separate lines, but the items within each list will be combined into the same line.
-- Write the status of all preferences to a variable, and use that variable to only call the specific list you are interested in. Each use of `Add-MpPreference` is written to a new line.
-
-### Validate the exclusion list by using MpCmdRun
-
-To check exclusions with the dedicated [command-line tool mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus?branch=v-anbic-wdav-new-mpcmdrun-options), use the following command:
-
-```DOS
-MpCmdRun.exe -CheckExclusion -path <path>
-```
-
->[!NOTE]
->Checking exclusions with MpCmdRun requires Windows Defender Antivirus CAMP version 4.18.1812.3 (released in December 2018) or later.
-
-
-### Review the list of exclusions alongside all other Windows Defender Antivirus preferences by using PowerShell
-
-Use the following cmdlet:
-
-```PowerShell
-Get-MpPreference
-```
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-### Retrieve a specific exclusions list by using PowerShell
-
-Use the following code snippet (enter each line as a separate command); replace **WDAVprefs** with whatever label you want to name the variable:
-
-```PowerShell
-$WDAVprefs = Get-MpPreference
-$WDAVprefs.ExclusionProcess
-```
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-## Related articles
-
-- [Configure and validate exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md)
-- [Configure and validate exclusions based on file name, extension, and folder location](configure-extension-file-exclusions-windows-defender-antivirus.md)
-- [Configure Windows Defender Antivirus exclusions on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 7b22fa2f60..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,72 +0,0 @@
----
-title: Remediate and resolve infections detected by Windows Defender Antivirus
-description: Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
-keywords: remediation, fix, remove, threats, quarantine, scan, restore
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure remediation for Windows Defender Antivirus scans
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
-
-This topic describes how to configure these settings with Group Policy, but you can also use [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
-
-You can also use the [`Set-MpPreference` PowerShell cmdlet](https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference) or [`MSFT_MpPreference` WMI class](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx) to configure these settings.
-
-## Configure remediation options
-
-You can configure how remediation works with the Group Policy settings described in this section.
-
-To configure these settings:
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
-
-4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
-
-Location | Setting | Description | Default setting (if not configured)
----|---|---|---
-Scan | Create a system restore point | A system restore point will be created each day before cleaning or scanning is attempted | Disabled
-Scan | Turn on removal of items from scan history folder | Specify how many days items should be kept in the scan history | 30 days
-Root | Turn off routine remediation | You can specify whether Windows Defender Antivirus automatically remediates threats, or if it should ask the endpoint user what to do. | Disabled (threats are remediated automatically)
-Quarantine | Configure removal of items from Quarantine folder | Specify how many days items should be kept in quarantine before being removed | Never removed
-Threats | Specify threat alert levels at which default action should not be taken when detected | Every threat that is detected by Windows Defender Antivirus is assigned a threat level (low, medium, high, or severe). You can use this setting to define how all threats for each of the threat levels should be remediated (quarantined, removed, or ignored) | Not applicable
-Threats | Specify threats upon which default action should not be taken when detected | Specify how specific threats (using their threat ID) should be remediated. You can specify whether the specific threat should be quarantined, removed, or ignored | Not applicable
-
-> [!IMPORTANT]
-> Windows Defender Antivirus detects and remediates files based on many factors. Sometimes, completing a remediation requires a reboot. Even if the detection is later determined to be a false positive, the reboot must be completed to ensure all additional remediation steps have been completed.
-> </p>
-> If you are certain Windows Defender Antivirus quarantined a file based on a false positive, you can restore the file from quarantine after the device reboots. See [Restore quarantined files in Windows Defender Antivirus](restore-quarantined-files-windows-defender-antivirus.md).
-> </p>
-> To avoid this problem in the future, you can exclude files from the scans. See [Configure and validate exclusions for Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md).
-
-Also see [Configure remediation-required scheduled full Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md#remed) for more remediation-related settings.
-
-## Related topics
-
-- [Configure Windows Defender Antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md)
-- [Configure scheduled Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
-- [Configure and run on-demand Windows Defender Antivirus scans](run-scan-windows-defender-antivirus.md)
-- [Configure the notifications that appear on endpoints](configure-notifications-windows-defender-antivirus.md)
-- [Configure end-user Windows Defender Antivirus interaction](configure-end-user-interaction-windows-defender-antivirus.md)
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md
deleted file mode 100644
index 3532148261..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md	
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Configure Windows Defender Antivirus features
-description: You can configure Windows Defender Antivirus features with Intune, Microsoft Endpoint Configuration Manager, Group Policy, and PowerShell.
-keywords: Windows Defender Antivirus, antimalware, security, defender, configure, configuration, Config Manager, Microsoft Endpoint Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure Windows Defender Antivirus features
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can configure Windows Defender Antivirus with a number of tools, including:
-
-- Microsoft Intune
-- Microsoft Endpoint Configuration Manager
-- Group Policy
-- PowerShell cmdlets
-- Windows Management Instrumentation (WMI)
-
-The following broad categories of features can be configured:
-
-- Cloud-delivered protection
-- Always-on real-time protection, including behavioral, heuristic, and machine-learning-based protection
-- How end-users interact with the client on individual endpoints
-
-The topics in this section describe how to perform key tasks when configuring Windows Defender Antivirus. Each topic includes instructions for the applicable configuration tool (or tools).
-
-You can also review the [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) topic for an overview of each tool and links to further help.
-
-## In this section
-Topic | Description
-:---|:---
-[Utilize Microsoft cloud-provided Windows Defender Antivirus protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) | Cloud-delivered protection provides an advanced level of fast, robust antivirus detection
-[Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)|Enable behavior-based, heuristic, and real-time antivirus protection
-[Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)|Configure how end-users interact with Windows Defender Antivirus, what notifications they see, and whether they can override settings
diff --git a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md
deleted file mode 100644
index b0b2030e32..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Run and customize scheduled and on-demand scans
-description: Customize and initiate Windows Defender Antivirus scans on endpoints across your network.
-keywords: scan, schedule, customize, exclusions, exclude files, remediation, scan results, quarantine, remove threat, quick scan, full scan, Windows Defender Antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Windows Defender Antivirus scans.
-
-## In this section
-
-Topic | Description
----|---
-[Configure and validate file, folder, and process-opened file exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
-[Configure Windows Defender Antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md) | You can configure Windows Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
-[Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) | Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
-[Configure scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
-[Configure and run scans](run-scan-windows-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
-[Review scan results](review-scan-results-windows-defender-antivirus.md) | Review the results of scans using  Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 295d507e65..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,85 +0,0 @@
----
-title: Deploy, manage, and report on Windows Defender Antivirus
-description: You can deploy and manage Windows Defender Antivirus with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, or WMI
-keywords: deploy, manage, update, protection, windows defender antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Deploy, manage, and report on Windows Defender Antivirus
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can deploy, manage, and report on Windows Defender Antivirus in a number of ways.
-
-Because the Windows Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
-
-However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
-
-You'll also see additional links for:
-
-- Managing Windows Defender Antivirus protection, including managing product and protection updates
-- Reporting on Windows Defender Antivirus protection
-
-> [!IMPORTANT]
-> In most cases, Windows 10 will disable Windows Defender Antivirus if it finds another antivirus product that is running and up-to-date. You must disable or uninstall third-party antivirus products before Windows Defender Antivirus will function. If you re-enable or install third-party antivirus products, then Windows 10 automatically disables Windows Defender Antivirus.
-
-Tool|Deployment options (<a href="#fn2" id="ref2">2</a>)|Management options (network-wide configuration and policy or baseline deployment) ([3](#fn3))|Reporting options  
----|---|---|---  
-Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management)  
-Microsoft Endpoint Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
-Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
-PowerShell|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
-Windows Management Instrumentation|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
-Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
-
-1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
-  
-2.	<span id="fn2" />In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date ([except on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)). Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers. [(Return to table)](#ref2)
-
-3. <span id="fn3" />Configuration of features and protection, including configuring product and protection updates, are further described in the [Configure Windows Defender Antivirus features](configure-notifications-windows-defender-antivirus.md) section in this library. [(Return to table)](#ref2)
-
-[Endpoint Protection point site system role]: https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-site-role
-[default and customized antimalware policies]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies
-[client management]:  https://docs.microsoft.com/sccm/core/clients/manage/manage-clients
-[enable Endpoint Protection with custom client settings]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-configure-client
-[Configuration Manager Monitoring workspace]:  https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection 
-[email alerts]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts
-[Deploy the Microsoft Intune client to endpoints]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune
-[custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection
- [custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection 
-[manage tasks]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#choose-management-tasks-for-endpoint-protection
-[Monitor endpoint protection in the Microsoft Intune administration console]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#monitor-endpoint-protection
-[Set method of the MSFT_MpPreference class]:  https://msdn.microsoft.com/library/dn439474 
-[Update method of the MSFT_MpSignature class]:  https://msdn.microsoft.com/library/dn439474
-[MSFT_MpComputerStatus]:  https://msdn.microsoft.com/library/dn455321 
-[Windows Defender WMIv2 Provider]: https://msdn.microsoft.com/library/dn439477
-[Set-MpPreference]:  https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference.md
-[Update-MpSignature]: https://technet.microsoft.com/itpro/powershell/windows/defender/update-mpsignature
-[Get- cmdlets available in the Defender module]: https://technet.microsoft.com/itpro/powershell/windows/defender/index
-[Configure update options for Windows Defender Antivirus]: manage-updates-baselines-windows-defender-antivirus.md
-[Configure Windows Defender features]: configure-windows-defender-antivirus-features.md
-[Group Policies to determine if any settings or policies are not applied]: https://technet.microsoft.com/library/cc771389.aspx
-[Possibly infected devices]: https://docs.microsoft.com/azure/active-directory/active-directory-reporting-sign-ins-from-possibly-infected-devices
-[Windows Defender Antivirus events]: troubleshoot-windows-defender-antivirus.md
-
-## In this section
-
-Topic | Description
----|---
-[Deploy and enable Windows Defender Antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with Microsoft Endpoint Configuration Manager, Microsoft Intune, or Group Policy Objects.
-[Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating Security intelligence (protection updates). You can update Security intelligence in a number of ways, using Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, and WMI.
-[Monitor and report on Windows Defender Antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use Microsoft Intune, Microsoft Endpoint Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 6f8dd3363b..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: Deploy and enable Windows Defender Antivirus 
-description: Deploy Windows Defender Antivirus for protection of your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or WMI.
-keywords: deploy, enable, Windows Defender Antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Deploy and enable Windows Defender Antivirus
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Depending on the management tool you are using, you may need to specifically enable or configure Windows Defender Antivirus protection.
-
-See the table in [Deploy, manage, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md#ref2) for instructions on how to enable protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management Instruction (WMI).
-
-Some scenarios require additional guidance on how to successfully deploy or configure Windows Defender Antivirus protection, such as Virtual Desktop Infrastructure (VDI) environments.
-
-The remaining topic in this section provides end-to-end advice and best practices for [setting up Windows Defender Antivirus on virtual machines (VMs) in a VDI or Remote Desktop Services (RDS) environment](deployment-vdi-windows-defender-antivirus.md).
-
-## Related topics
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-- [Deploy, manage updates, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md)
-- [Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 43e244ba36..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,149 +0,0 @@
----
-title: Block potentially unwanted applications with Windows Defender Antivirus
-description: Enable the potentially unwanted application (PUA) antivirus feature to block unwanted software such as adware.
-keywords: pua, enable, unwanted software, unwanted apps, adware, browser toolbar, detect, block, Windows Defender Antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: detect
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-audience: ITPro
-ms.date: 10/02/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Detect and block potentially unwanted applications
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge)
-
-Potentially unwanted applications are not considered viruses, malware, or other types of threats, but they might perform actions on endpoints which adversely affect endpoint performance or use. _PUA_ can also refer to an application that has a poor reputation, as assessed by Microsoft Defender ATP, due to certain kinds of undesirable behavior.
-
-For example:
-
-* **Advertising software:** Software that displays advertisements or promotions, including software that inserts advertisements to webpages.
-* **Bundling software:** Software that offers to install other software that is not digitally signed by the same entity. Also, software that offers to install other software that qualify as PUA.
-* **Evasion software:** Software that actively tries to evade detection by security products, including software that behaves differently in the presence of security products.
-
-For more examples and a discussion of the criteria we use to label applications for special attention from security features, see [How Microsoft identifies malware and potentially unwanted applications](../intelligence/criteria.md).
-
-Potentially unwanted applications can increase the risk of your network being infected with actual malware, make malware infections harder to identify, or waste IT resources in cleaning them up.
-
-## How it works
-
-### Microsoft Edge
-
-The next major version of Microsoft Edge, which is Chromium-based, blocks potentially unwanted application downloads and associated resource URLs. This feature is provided via [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md).
-
-#### Enable PUA protection in Chromium-based Microsoft Edge
-
-Although potentially unwanted application protection in Microsoft Edge (Chromium-based) is off by default, it can easily be turned on from within the browser.
-
-1. From the tool bar, select **Settings and more** > **Settings**
-1. Select **Privacy and services**
-1. Under the **Services** section, you can toggle **Potentially unwanted app blocking** on or off
-
-> [!TIP]
-> If you are running Microsoft Edge (Chromium-based), you can safely explore the URL-blocking feature of PUA protection by testing it out on one of our Windows Defender SmartScreen [demo pages](https://demo.smartscreen.msft.net/).
-
-#### Blocking URLs with Windows Defender SmartScreen
-
-In Chromium-based Edge with PUA protection turned on, Windows Defender SmartScreen will protect you from PUA-associated URLs.
-
-Admins can  [configure](https://docs.microsoft.com/DeployEdge/configure-microsoft-edge) how Microsoft Edge and Windows Defender SmartScreen work together to protect groups of users from PUA-associated URLs. There are several group policy [settings](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreen-settings) explicitly for Windows
-Defender SmartScreen available, including [one for blocking PUA](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreenpuaenabled). In addition, admins can
-[configure Windows Defender SmartScreen](https://docs.microsoft.com/microsoft-edge/deploy/available-policies?source=docs#configure-windows-defender-smartscreen) as a whole, using group policy settings to turn Windows Defender SmartScreen on or off.
-
-Although Microsoft Defender ATP has its own block list, based upon a data set managed by Microsoft, you can customize this list based on your own threat intelligence. If you [create and manage indicators](../microsoft-defender-atp/manage-indicators.md#create-indicators-for-ips-and-urlsdomains-preview) in the Microsoft Defender ATP portal, Windows Defender SmartScreen will respect the new settings.
-
-### Windows Defender Antivirus
-
-The potentially unwanted application (PUA) protection feature in Windows Defender Antivirus can detect and block PUAs on endpoints in your network.
-
-> [!NOTE]
-> This feature is only available in Windows 10.
-
-Windows Defender Antivirus blocks detected PUA files, and any attempts to download, move, run, or install them. Blocked PUA files are then moved to quarantine.
-
-When a PUA is detected on an endpoint, Windows Defender Antivirus sends a notification to the user ([unless notifications have been disabled](configure-notifications-windows-defender-antivirus.md)) in the same format as other threat detections. The notification will be prefaced with _PUA:_ to indicate its content.
-
-The notification will appear in the usual [quarantine list within the Windows Security app](windows-defender-security-center-antivirus.md#detection-history).
-
-#### Configure PUA protection in Windows Defender Antivirus
-
-You can enable PUA protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, or via PowerShell cmdlets.
-
-You can also use the PUA audit mode to detect PUAs without blocking them. The detections will be captured in the Windows event log.
-
-> [!TIP]
-> You can visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com/Page/UrlRep) to confirm that the feature is working, and see it in action.
-
-PUA audit mode is useful if your company is conducting an internal software security compliance check and you'd like to avoid any false positives.
-
-##### Use Intune to configure PUA protection
-
-See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-##### Use Configuration Manager to configure PUA protection
-
-PUA protection is enabled by default in the Microsoft Endpoint Configuration Manager (Current Branch), starting with  version 1606.
-
-See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring Microsoft Endpoint Configuration Manager (Current Branch).
-
-For Configuration Manager 2012, see [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA).
-
-> [!NOTE]
-> PUA events blocked by Windows Defender Antivirus are reported in the Windows Event Viewer and not in Microsoft Endpoint Configuration Manager.
-
-##### Use Group Policy to configure PUA protection
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and select **Edit**.
-
-2. In the **Group Policy Management Editor**, go to **Computer configuration** and select **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus**.
-
-4. Double-click **Configure protection for potentially unwanted applications**.
-
-5. Select **Enabled** to enable PUA protection.
-
-6. In **Options**, select **Block** to block potentially unwanted applications, or select **Audit Mode** to test how the setting will work in your environment. Select **OK**.
-
-##### Use PowerShell cmdlets to configure PUA protection
-
-Use the following cmdlet:
-
-```PowerShell
-Set-MpPreference -PUAProtection
-```
-
-Setting the value for this cmdlet to `Enabled` will turn the feature on if it has been disabled.
-
-Setting `AuditMode` will detect PUAs without blocking them.
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-#### View PUA events
-
-PUA events are reported in the Windows Event Viewer, but not in Microsoft Endpoint Configuration Manager or in Intune.
-
-You can turn on email notifications to receive mail about PUA detections.
-
-See [Troubleshoot event IDs](troubleshoot-windows-defender-antivirus.md) for details on viewing Windows Defender Antivirus events. PUA events are recorded under event ID **1160**.
-
-#### Allow-listing apps
-
-Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be allow-listed. See [How to Configure Endpoint Protection in Configuration Manager](https://docs.microsoft.com/previous-versions/system-center/system-center-2012-R2/hh508770(v=technet.10)#to-exclude-specific-files-or-folders) for information on allowing files which are currently blocked by PUA protection in Windows Defender Antivirus.
-
-## Related articles
-
-- [Next-generation protection](windows-defender-antivirus-in-windows-10.md)
-- [Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 6d7e496eec..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,143 +0,0 @@
----
-title: Enable cloud-delivered protection in Windows Defender Antivirus
-description: Enable cloud-delivered protection to benefit from fast and advanced protection features.
-keywords: windows defender antivirus, antimalware, security, cloud, block at first sight
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.reviewer: 
-manager: dansimp
-ms.custom: nextgen
----
-
-# Enable cloud-delivered protection
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
->[!NOTE]
->The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
-
-Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
-![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
-
-You can enable or disable Windows Defender Antivirus cloud-delivered protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
-
-See [Use Microsoft cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for an overview of Windows Defender Antivirus cloud-delivered protection.
-
-There are specific network-connectivity requirements to ensure your endpoints can connect to the cloud-delivered protection service. See [Configure and validate network connections](configure-network-connections-windows-defender-antivirus.md) for more details.
-
->[!NOTE]
->In Windows 10, there is no difference between the **Basic** and **Advanced** options described in this topic. This is a legacy distinction and choosing either setting will result in the same level of cloud-delivered protection. There is no difference in the type or amount of information that is shared. See the [Microsoft Privacy Statement](https://go.microsoft.com/fwlink/?linkid=521839) for more information on what we collect.
-
-**Use Intune to enable cloud-delivered protection**
-
-1. Sign in to the [Azure portal](https://portal.azure.com).
-2. Select **All services > Intune**.
-3. In the **Intune** pane, select **Device configuration > Profiles**, and then select the **Device restrictions** profile type you want to configure. If you haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
-4. Select **Properties**, select **Settings: Configure**, and then select **Windows Defender Antivirus**.
-5. On the **Cloud-delivered protection** switch, select **Enable**.
-6. In the **Prompt users before sample submission** dropdown, select **Send all data without prompting**. 
-7. In the **Submit samples consent** dropdown, select one of the following:
-
-    - **Send safe samples automatically**
-    - **Send all samples automatically**
-
-        >[!NOTE]
-        >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
-
-        > [!WARNING]
-        > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-
-8. Click **OK** to exit the **Windows Defender Antivirus** settings pane, click **OK** to exit the **Device restrictions** pane, and then click **Save** to save the changes to your **Device restrictions** profile.
-
-For more information about Intune device profiles, including how to create and configure their settings, see [What are Microsoft Intune device profiles?](https://docs.microsoft.com/intune/device-profiles)
-
-**Use Configuration Manager to enable cloud-delivered protection:**
-
-See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-**Use Group Policy to enable cloud-delivered protection:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration**.
-
-3. Click **Administrative templates**.
-
-4. Expand the tree to **Windows components > Windows Defender Antivirus > MAPS**
-
-5. Double-click **Join Microsoft MAPS** and ensure the option is enabled and set to **Basic MAPS** or **Advanced MAPS**. Click **OK**.
-
-6. Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either of the following:
-
-    1. **Send safe samples** (1)
-    2. **Send all samples** (3)
-
-        >[!NOTE]
-        >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
-
-        > [!WARNING]
-        > Setting to 0 (Always Prompt) will lower the protection state of the device. Setting to 2 (Never send) means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-
-7. Click **OK**.
-
-**Use PowerShell cmdlets to enable cloud-delivered protection:**
-
-Use the following cmdlets to enable cloud-delivered protection:
-
-```PowerShell
-Set-MpPreference -MAPSReporting Advanced
-Set-MpPreference -SubmitSamplesConsent AlwaysPrompt
-```
-
->[!NOTE]
->You can also set -SubmitSamplesConsent to `None`. Setting it to `Never` will lower the protection state of the device, and setting it to 2 means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md)  and [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-**Use Windows Management Instruction (WMI) to enable cloud-delivered protection:**
-
-Use the [**Set** method of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn439474(v=vs.85).aspx) class for the following properties:
-
-```WMI
-MAPSReporting 
-SubmitSamplesConsent
-```
-
-See the following for more information and allowed parameters:
-- [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx)
-
-**Enable cloud-delivered protection on individual clients with the Windows Security app**
-
-> [!NOTE]
-> If the **Configure local setting override for reporting Microsoft MAPS** Group Policy setting is set to **Disabled**, then the **Cloud-based protection** setting in Windows Settings will be greyed-out and unavailable. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
-
-    ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
-
-3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
-
->[!NOTE]
->If automatic sample submission has been configured with Group Policy then the setting will be greyed-out and unavailable.
-
-## Related topics
-
-- [Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md)
-- [Configure block at first sight](configure-block-at-first-sight-windows-defender-antivirus.md)
-- [Use PowerShell cmdlets to manage Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md)
-- [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)]
-- [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx)
-- [Utilize Microsoft cloud-delivered protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
-- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From 190dbd830a60e80cd335920db47f81da3e0473ea Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:13:41 -0800
Subject: [PATCH 102/247] Delete
 configure-advanced-scan-types-windows-defender-antivirus - Copy.md

---
 ...types-windows-defender-antivirus - Copy.md | 104 ------------------
 1 file changed, 104 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 1ec92d64e6..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,104 +0,0 @@
----
-title: Configure scanning options for Windows Defender AV
-description: You can configure Windows Defender AV to scan email storage files, back-up or reparse points, network files, and archived files (such as .zip files).
-keywords: advanced scans, scanning, email, archive, zip, rar, archive, reparse scanning
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 10/25/2018
-ms.reviewer: 
-manager: dansimp
-
----
-
-# Configure Windows Defender Antivirus scanning options
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-**Use Microsoft Intune to configure scanning options**
-
-See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-<a id="ref1"></a>
-
-**Use Configuration Manager to configure scanning options:**
-
-See [How to create and deploy antimalware policies: Scan settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scan-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-**Use Group Policy to configure scanning options**
-
-To configure the Group Policy settings described in the following table:
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
-
-4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
-
-Description | Location and setting | Default setting (if not configured) | PowerShell `Set-MpPreference` parameter or WMI property for `MSFT_MpPreference` class
----|---|---|---
-See [Email scanning limitations](#ref1)) below | Scan > Turn on e-mail scanning | Disabled | `-DisableEmailScanning`
-Scan [reparse points](https://msdn.microsoft.com/library/windows/desktop/aa365503.aspx) | Scan > Turn on reparse point scanning | Disabled | Not available
-Scan mapped network drives | Scan > Run full scan on mapped network drives | Disabled | `-DisableScanningMappedNetworkDrivesForFullScan`
- Scan archive files (such as .zip or .rar files). The [extensions exclusion list](configure-extension-file-exclusions-windows-defender-antivirus.md) will take precedence over this setting. | Scan > Scan archive files | Enabled | `-DisableArchiveScanning`
-Scan files on the network | Scan > Scan network files | Disabled | `-DisableScanningNetworkFiles`
-Scan packed executables | Scan > Scan packed executables | Enabled | Not available
-Scan removable drives during full scans only | Scan > Scan removable drives | Disabled | `-DisableRemovableDriveScanning`
-Specify the level of subfolders within an archive folder to scan | Scan > Specify the maximum depth to scan archive files | 0 | Not available
- Specify the maximum CPU load (as a percentage) during a scan. Note: This is not a hard limit but rather a guidance for the scanning engine to not exceed this maximum on average. | Scan > Specify the maximum percentage of CPU utilization during a scan | 50 |  `-ScanAvgCPULoadFactor`
- Specify the maximum size (in kilobytes) of archive files that should be scanned. The default, **0**, applies no limit | Scan > Specify the maximum size of archive files to be scanned | No limit | Not available
- Configure low CPU priority for scheduled scans | Scan > Configure low CPU priority for scheduled scans | Disabled | Not available
- 
->[!NOTE]
->If real-time protection is enabled, files are scanned before they are accessed and executed. The scanning scope includes all files, including those on mounted removable devices such as USB drives.
-
-**Use PowerShell to configure scanning options**
-
-See [Manage Windows Defender Antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-**Use WMI to configure scanning options**
-
-For using WMI classes, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx).
-
-### Email scanning limitations
-
-We recommend using [always-on real-time protection](configure-real-time-protection-windows-defender-antivirus.md) to protect against email-based malware.
-
-Always-on protection scans emails as they arrive and as they are manipulated, just like normal files in the operating system. This provides the strongest form of protection and is the recommended setting for scanning emails.
-
-You can also use this Group Policy to enable scanning of older email files used by Outlook 2003 and older during on-demand and scheduled scans. Embedded objects within an email file (such as attachments and archived files) are also scanned. The following file format types can be scanned and remediated:
-
-- DBX
-- MBX
-- MIME
-
-PST files used by Outlook 2003 or older (where the archive type is set to non-unicode) can also be scanned, but Windows Defender cannot remediate threats detected inside PST files. This is another reason why we recommend using [always-on real-time protection](configure-real-time-protection-windows-defender-antivirus.md) to protect against email-based malware.
-
-If Windows Defender Antivirus detects a threat inside an email, it will show you the following information to assist you in identifying the compromised email, so you can remediate the threat:
-
-- Email subject
-- Attachment name
-
->[!WARNING]
->There are some risks associated with scanning some Microsoft Outlook files and email messages. You can read about tips and risks associated with scanning Outlook files and email messages in the following articles:
->
-> - [Scanning Outlook files in Outlook 2013](https://technet.microsoft.com/library/dn769141.aspx#bkmk-1)
-> - [Scanning email messages in Outlook 2013](https://technet.microsoft.com/library/dn769141.aspx#bkmk-2)
-
-## Related topics
-
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Configure and run on-demand Windows Defender Antivirus scans](run-scan-windows-defender-antivirus.md)
-- [Configure scheduled Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From c48b07ab431fcbedf22f125ddf74b0b1a4ae87e6 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:14:01 -0800
Subject: [PATCH 103/247] Delete
 configure-block-at-first-sight-windows-defender-antivirus - Copy.md

---
 ...sight-windows-defender-antivirus - Copy.md | 166 ------------------
 1 file changed, 166 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 1fb5ff7d26..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,166 +0,0 @@
----
-title: Enable Block at First Sight to detect malware in seconds
-description: Enable the Block at First sight feature to detect and block malware within seconds, and validate that it is configured correctly.
-keywords: scan, BAFS, malware, first seen, first sight, cloud, defender
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.reviewer: 
-manager: dansimp
-ms.custom: nextgen
----
-
-# Enable block at first sight
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Block at first sight is a feature of next-generation protection that provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are also enabled. In most cases, these prerequisite settings are also enabled by default, so the feature is running without any intervention. 
-
-You can [specify how long the file should be prevented from running](configure-cloud-block-timeout-period-windows-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information) when a file is blocked. You can change the company name, contact information, and message URL.
-
->[!TIP]
->Visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
-
-## How it works
-
-When Windows Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or clean.
-
-Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
-![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
-
-In Windows 10, version 1803, block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
-
-Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
-
-If the cloud backend is unable to make a determination, Windows Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs additional analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or safe.
-
-In many cases, this process can reduce the response time for new malware from hours to seconds.
-
-## Confirm and validate that block at first sight is enabled
-
-Block at first sight requires a number of settings to be configured correctly or it will not work. These settings are enabled by default in most enterprise Windows Defender Antivirus deployments.
-
-### Confirm block at first sight is enabled with Intune
-
-1. In Intune, navigate to **Device configuration - Profiles > *Profile name* > Device restrictions > Windows Defender Antivirus**.
-
-   > [!NOTE]
-   > The profile you select must be a Device Restriction profile type, not an Endpoint Protection profile type.
-
-2. Verify these settings are configured as follows:
-
-   - **Cloud-delivered protection**: **Enable**
-   - **File Blocking Level**: **High**
-   - **Time extension for file scanning by the cloud**: **50**
-   - **Prompt users before sample submission**: **Send all data without prompting**
-
-   ![Intune config](images/defender/intune-block-at-first-sight.png)
-
-   > [!WARNING]
-   > Setting the file blocking level to **High** will apply a strong level of detection. In the unlikely event that it causes a false positive detection of legitimate files, use the option to [restore the quarantined files](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus).
-
-For more information about configuring Windows Defender Antivirus device restrictions in Intune, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
-
-For a list of Windows Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus).
-
-### Enable block at first sight with SCCM
-
-1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
-
-2. Click **Home** > **Create Antimalware Policy**.
-
-3. Enter a name and a description, and add these settings:
-   - **Real time protection**
-   - **Advanced**
-   - **Cloud Protection Service**
-
-4. In the left column, click **Real time protection**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
-   ![Enable real-time protection](images/defender/sccm-real-time-protection.png)
-
-5. Click **Advanced**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
-   ![Enable Advanced settings](images/defender/sccm-advanced-settings.png)
-
-6. Click **Cloud Protection Service**, set **Cloud Protection Service membership type** to **Advanced membership**, set **Level for blocking malicious files** to **High**, and set **Allow extended cloud check to block and scan suspicious files for up to (seconds)** to **50** seconds.
-   ![Enable Cloud Protection Service](images/defender/sccm-cloud-protection-service.png)
-
-7. Click **OK** to create the policy.
-
-
-### Confirm block at first sight is enabled with Group Policy
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components** > **Windows Defender Antivirus** > **MAPS**, configure the following Group Policies, and then click **OK**:
-
-   -  Double-click **Join Microsoft MAPS** and ensure the option is set to **Enabled**. Click **OK**.
-
-   - Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either **Send safe samples (1)** or **Send all samples (3)**.
-
-    > [!WARNING]
-    > Setting to **Always prompt (0)** will lower the protection state of the device. Setting to **Never send (2)** means block at first sight will not function.
-
-4. In the **Group Policy Management Editor**, expand the tree to **Windows components** > **Windows Defender Antivirus** > **Real-time Protection**:
-
-    1. Double-click **Scan all downloaded files and attachments** and ensure the option is set to **Enabled**, and then click **OK**.
-
-    2. Double-click **Turn off real-time protection** and ensure the option is set to **Disabled**, and then click **OK**.
-
-If you had to change any of the settings, you should re-deploy the Group Policy Object across your network to ensure all endpoints are covered.
-
-### Confirm block at first sight is enabled with the Windows Security app
-
-You can confirm that block at first sight is enabled in Windows Settings.
-
-Block at first sight is automatically enabled as long as **Cloud-based protection** and **Automatic sample submission** are both turned on.
-
-### Confirm Block at First Sight is enabled on individual clients
-
-1. Open the Windows Security app by clicking the shield icon in the task bar.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Manage Settings** under **Virus & threat protection settings**:
-
-   ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
-
-3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
-
-> [!NOTE]
-> If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
-
-### Validate block at first sight is working
-
-You can validate that the feature is working by following the steps outlined in [Validate connections between your network and the cloud](configure-network-connections-windows-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud).
-
-## Disable block at first sight
-
-> [!WARNING]
-> Disabling block at first sight will lower the protection state of the endpoint and your network.
-
-You may choose to disable block at first sight if you want to retain the prerequisite settings without using block at first sight protection. You might wish to do this if you are experiencing latency issues or you want to test the feature's impact on your network.
-
-### Disable block at first sight with Group Policy
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and then click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree through **Windows components** > **Windows Defender Antivirus** > **MAPS**.
-
-4. Double-click **Configure the 'Block at First Sight' feature** and set the option to **Disabled**.
-
-    > [!NOTE]
-    > Disabling block at first sight will not disable or alter the prerequisite group policies.
-
-## Related topics
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)

From 3849fde3440e4eafd97b1a43d56592b3393960ac Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:14:23 -0800
Subject: [PATCH 104/247] Delete
 configure-network-connections-windows-defender-antivirus - Copy.md

---
 ...tions-windows-defender-antivirus - Copy.md | 130 ------------------
 1 file changed, 130 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 39f0cb02b4..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,130 +0,0 @@
----
-title: Configure and validate Windows Defender Antivirus network connections
-description: Configure and test your connection to the Windows Defender Antivirus cloud protection service.
-keywords: antivirus, windows defender antivirus, antimalware, security, defender, cloud, aggressiveness, protection level
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 10/08/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure and validate Windows Defender Antivirus network connections
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-To ensure Windows Defender Antivirus cloud-delivered protection works properly, you need to configure your network to allow connections between your endpoints and certain Microsoft servers.
-
-This article lists the connections that must be allowed, such as by using firewall rules, and provides instructions for validating your connection. Configuring your protection properly helps ensure that you receive the best value from your cloud-delivered protection services.
-
-See the blog post [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) for some details about network connectivity.
-
->[!TIP]
->You can also visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
->
->- Cloud-delivered protection
->- Fast learning (including block at first sight)
->- Potentially unwanted application blocking
-
-## Allow connections to the Windows Defender Antivirus cloud service
-
-The Windows Defender Antivirus cloud service provides fast, strong protection for your endpoints. Enabling the cloud-delivered protection service is optional, however it is highly recommended because it provides important protection against malware on your endpoints and across your network.
-
->[!NOTE]
->The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
-
-See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) for details on enabling the service with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
-
-After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
-
-Because your protection is a cloud service, computers must have access to the internet and reach the ATP machine learning services. Do not exclude the URL `*.blob.core.windows.net` from any kind of network inspection. The table below lists the services and their associated URLs. Make sure that there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL `*.blob.core.windows.net`). Below mention URLs are using port 443 for communication.
-
-
-| **Service**| **Description** |**URL** |
-| :--: | :-- | :-- |
-| Windows Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)|Used by Windows Defender Antivirus to provide cloud-delivered protection|`*.wdcp.microsoft.com` <br/> `*.wdcpalt.microsoft.com` <br/> `*.wd.microsoft.com`|
-| Microsoft Update Service (MU)|	Security intelligence and product updates	|`*.update.microsoft.com`|
-|Security intelligence updates Alternate Download Location (ADL)|	Alternate location for Windows Defender Antivirus Security intelligence updates if the installed Security intelligence is out of date (7 or more days behind)|	`*.download.microsoft.com`|
-| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission	| `ussus1eastprod.blob.core.windows.net` <br/>    `ussus1westprod.blob.core.windows.net` <br/>    `usseu1northprod.blob.core.windows.net` <br/>    `usseu1westprod.blob.core.windows.net` <br/>    `ussuk1southprod.blob.core.windows.net` <br/>    `ussuk1westprod.blob.core.windows.net` <br/>    `ussas1eastprod.blob.core.windows.net` <br/>    `ussas1southeastprod.blob.core.windows.net` <br/>    `ussau1eastprod.blob.core.windows.net` <br/>    `ussau1southeastprod.blob.core.windows.net` |
-| Certificate Revocation List (CRL)|Used by Windows when creating the SSL connection to MAPS for updating the CRL	| `https://www.microsoft.com/pkiops/crl/` <br/> `https://www.microsoft.com/pkiops/certs` <br/>   `https://crl.microsoft.com/pki/crl/products` <br/> `https://www.microsoft.com/pki/certs` |
-| Symbol Store|Used by Windows Defender Antivirus to restore certain critical files during remediation flows	| `https://msdl.microsoft.com/download/symbols` |
-| Universal Telemetry Client| Used by Windows to send client diagnostic data; Windows Defender Antivirus uses this for product quality monitoring purposes	| This update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints:   `vortex-win.data.microsoft.com` <br/>   `settings-win.data.microsoft.com`|
-
-## Validate connections between your network and the cloud
-
-After whitelisting the URLs listed above, you can test if you are connected to the Windows Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you are fully protected.
-
-**Use the cmdline tool to validate cloud-delivered protection:**
-
-Use the following argument with the Windows Defender Antivirus command-line utility (`mpcmdrun.exe`) to verify that your network can communicate with the Windows Defender Antivirus cloud service:
-
-```DOS
-"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -ValidateMapsConnection
-```
-
-> [!NOTE]
-> You need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. This command will only work on Windows 10, version 1703 or higher.
-
-For more information, see [Manage Windows Defender Antivirus with the mpcmdrun.exe commandline tool](command-line-arguments-windows-defender-antivirus.md).
-
-**Attempt to download a fake malware file from Microsoft:**
-
-You can download a sample file that Windows Defender Antivirus will detect and block if you are properly connected to the cloud.
-
-Download the file by visiting the following link:
-- https://aka.ms/ioavtest
-
->[!NOTE]
->This file is not an actual piece of malware. It is a fake file that is designed to test if you are properly connected to the cloud.
-
-If you are properly connected, you will see a warning Windows Defender Antivirus notification:
-
-![Windows Defender Antivirus notification informing the user that malware was found](images/defender/wdav-malware-detected.png)
-
-If you are using Microsoft Edge, you'll also see a notification message:
-
-![Microsoft Edge informing the user that malware was found](images/defender/wdav-bafs-edge.png)
-
-A similar message occurs if you are using Internet Explorer:
-
-![Windows Defender Antivirus notification informing the user that malware was found](images/defender/wdav-bafs-ie.png)
-
-You will also see a detection under **Quarantined threats** in the **Scan history** section in the Windows Security app:
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Scan history** label:
-
-    ![Screenshot of the Scan history label in the Windows Security app](images/defender/wdav-history-wdsc.png)
-
-3. Under the **Quarantined threats** section, click the **See full history** label to see the detected fake malware:
-
-    ![Screenshot of quarantined items in the Windows Security app](images/defender/wdav-quarantined-history-wdsc.png)
-
->[!NOTE]
->Versions of Windows 10 before version 1703 have a different user interface. See [Windows Defender Antivirus in the Windows Security app](windows-defender-security-center-antivirus.md).
-
-The Windows event log will also show [Windows Defender client event ID 2050](troubleshoot-windows-defender-antivirus.md).
-
->[!IMPORTANT]
->You will not be able to use a proxy auto-config (.pac) file to test network connections to these URLs. You will need to verify your proxy servers and any network filtering tools manually to ensure connectivity.
-
-## Related articles
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-
-- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)
-
-- [Run an Windows Defender Antivirus scan from the command line](command-line-arguments-windows-defender-antivirus.md) and [Command line arguments](command-line-arguments-windows-defender-antivirus.md)
-
-- [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) 

From d8d3ee5ff9239b42592b66fd7a417e7b6619cfab Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:14:35 -0800
Subject: [PATCH 105/247] Delete
 configure-notifications-windows-defender-antivirus - Copy.md

---
 ...tions-windows-defender-antivirus - Copy.md | 106 ------------------
 1 file changed, 106 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 03afa1681f..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,106 +0,0 @@
----
-title: Configure Windows Defender Antivirus notifications
-description: Configure and customize Windows Defender Antivirus notifications.
-keywords: notifications, defender, antivirus, endpoint, management, admin
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure the notifications that appear on endpoints
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-In Windows 10, application notifications about malware detection and remediation are more robust, consistent, and concise.
-
-Notifications appear on endpoints when manually triggered and scheduled scans are completed and threats are detected. These notifications also appear in the **Notification Center**, and a summary of scans and threat detections appear at regular time intervals.
-
-You can also configure how standard notifications appear on endpoints, such as notifications for reboot or when a threat has been detected and remediated.
-
-## Configure the additional notifications that appear on endpoints
-
-You can configure the display of additional notifications, such as recent threat detection summaries, in the [Windows Security app](windows-defender-security-center-antivirus.md) and with Group Policy.
-
-> [!NOTE]
-> In Windows 10, version 1607 the feature was called **Enhanced notifications** and could be configured under **Windows Settings** > **Update & security** > **Windows Defender**. In Group Policy settings in all versions of Windows 10, it is called **Enhanced notifications**.
-
-> [!IMPORTANT]
-> Disabling additional notifications will not disable critical notifications, such as threat detection and remediation alerts.
-
-**Use the Windows Security app to disable additional notifications:**
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
-
-    ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
-
-3. Scroll to the **Notifications** section and click **Change notification settings**.
-
-4. Slide the switch to **Off** or **On** to disable or enable additional notifications.
-
-**Use Group Policy to disable additional notifications:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration**.
-
-3. Click **Administrative templates**.
-
-4. Expand the tree to **Windows components > Windows Defender Antivirus > Reporting**.
-
-5. Double-click **Turn off enhanced notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
-
-## Configure standard notifications on endpoints
-
-You can use Group Policy to:
-
-- Display additional, customized text on endpoints when the user needs to perform an action
-- Hide all notifications on endpoints
-- Hide reboot notifications on endpoints
-
-Hiding notifications can be useful in situations where you can't hide the entire Windows Defender Antivirus interface. See [Prevent users from seeing or interacting with the Windows Defender Antivirus user interface](prevent-end-user-interaction-windows-defender-antivirus.md) for more information.
-
-> [!NOTE]
-> Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Endpoint Configuration Manager Endpoint Protection monitoring dashboard and reports](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
-
-See [Customize the Windows Security app for your organization](../windows-defender-security-center/windows-defender-security-center.md) for instructions to add custom contact information to the notifications that users see on their machines.
-
-**Use Group Policy to hide notifications:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**. 
-
-4. Double-click **Suppress all notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
-
-**Use Group Policy to hide reboot notifications:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration**.
-
-3. Click **Administrative templates**.
-
-4. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
-
-5. Double-click **Suppresses reboot notifications** and set the option to **Enabled**. Click **OK**. This will prevent additional notifications from appearing.
-
-## Related topics
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-- [Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)

From 86534618270f6d5ef3f5e493f8c65071daab0b53 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:14:59 -0800
Subject: [PATCH 106/247] Delete
 configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md

---
 ...sions-windows-defender-antivirus - Copy.md | 199 ------------------
 1 file changed, 199 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 79e9d90a7b..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,199 +0,0 @@
----
-title: Configure exclusions for files opened by specific processes
-description: You can exclude files from scans if they have been opened by a specific process.
-keywords: Windows Defender Antivirus, process, exclusion, files, scans
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 12/10/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure exclusions for files opened by processes
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can exclude files that have been opened by specific processes from Windows Defender Antivirus scans.
-
-This topic describes how to configure exclusion lists for the following:
-
-<a id="examples"></a>
-
-Exclusion | Example
----|---
-Any file on the machine that is opened by any process with a specific file name | Specifying "test.exe" would exclude files opened by: <ul><li>c:\sample\test.exe</li><li>d:\internal\files\test.exe</li></ul>  
-Any file on the machine that is opened by any process under a specific folder | Specifying "c:\test\sample\\*" would exclude files opened by:<ul><li>c:\test\sample\test.exe</li><li>c:\test\sample\test2.exe</li><li>c:\test\sample\utility.exe</li></ul> 
-Any file on the machine that is opened by a specific process in a specific folder | Specifying "c:\test\process.exe" would exclude files only opened by c:\test\process.exe
-
-When you add a process to the process exclusion list, Windows Defender Antivirus won't scan files opened by that process, no matter where the files are located. The process itself, however, will be scanned unless it has also been added to the [file exclusion list](configure-extension-file-exclusions-windows-defender-antivirus.md).
-
-The exclusions only apply to [always-on real-time protection and monitoring](configure-real-time-protection-windows-defender-antivirus.md). They don't apply to scheduled or on-demand scans.
-
-Changes made with Group Policy to the exclusion lists **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions). However, changes made in the Windows Security app **will not show** in the Group Policy lists.
-
-You can add, remove, and review the lists for exclusions in [Group Policy](#gp), [Microsoft Endpoint Configuration Manager, Microsoft Intune, and with the Windows Security app](#man-tools), and you can [use wildcards](#wildcards) to further customize the lists.
-
-You can also [use PowerShell cmdlets and WMI to configure the exclusion lists](#ps), including [reviewing](#review) your lists.
-
-By default, local changes made to the lists (by users with administrator privileges; this includes changes made with PowerShell and WMI) will be merged with the lists as defined (and deployed) by Group Policy, Configuration Manager, or Intune. The Group Policy lists will take precedence in the case of conflicts.
-
-You can [configure how locally and globally defined exclusions lists are merged](configure-local-policy-overrides-windows-defender-antivirus.md#merge-lists) to allow local changes to override managed deployment settings.
-
-## Configure the list of exclusions for files opened by specified processes
-
-<a id="gp"></a>
-
-### Use Microsoft Intune to exclude files that have been opened by specified processes from scans
-
-See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-### Use Microsoft Endpoint Configuration Manager to exclude files that have been opened by specified processes from scans
-
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-### Use Group Policy to exclude files that have been opened by specified processes from scans
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
-
-4. Double-click **Process Exclusions** and add the exclusions:
-
-    1. Set the option to **Enabled**.
-    2. Under the **Options** section, click **Show...**.
-    3. Enter each process on its own line under the **Value name** column. See the [example table](#examples) for the different types of process exclusions.  Enter **0** in the **Value** column for all processes.
-
-5. Click **OK**.
-
-![The Group Policy setting for specifying process exclusions](images/defender/wdav-process-exclusions.png)
-
-<a id="ps"></a>
-
-### Use PowerShell cmdlets to exclude files that have been opened by specified processes from scans
-
-Using PowerShell to add or remove exclusions for files that have been opened by processes requires using a combination of three cmdlets with the `-ExclusionProcess` parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender).
-
-The format for the cmdlets is:
-
-```PowerShell
-<cmdlet> -ExclusionProcess "<item>"
-```
-
-The following are allowed as the \<cmdlet>:
-
-Configuration action | PowerShell cmdlet
----|---
-Create or overwrite the list | `Set-MpPreference`
-Add to the list | `Add-MpPreference`
-Remove items from the list | `Remove-MpPreference`
-
->[!IMPORTANT]
->If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
-
-For example, the following code snippet would cause Windows Defender AV scans to exclude any file that is opened by the specified process:
-
-```PowerShell
-Add-MpPreference -ExclusionProcess "c:\internal\test.exe"
-```
-
-See [Manage antivirus with PowerShell cmdlets](use-powershell-cmdlets-windows-defender-Windows Defender Antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-### Use Windows Management Instruction (WMI) to exclude files that have been opened by specified processes from scans
-
-Use the [**Set**, **Add**, and **Remove** methods of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class for the following properties:
-
-```WMI
-ExclusionProcess
-```
-
-The use of **Set**, **Add**, and **Remove** is analogous to their counterparts in PowerShell: `Set-MpPreference`, `Add-MpPreference`, and `Remove-MpPreference`.
-
-See the following for more information and allowed parameters:
-
-- [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx)
-
-<a id="man-tools"></a>
-
-### Use the Windows Security app to exclude files that have been opened by specified processes from scans
-
-See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
-
-<a id="wildcards"></a>
-
-## Use wildcards in the process exclusion list
-
-The use of wildcards in the process exclusion list is different from their use in other exclusion lists.
-
-In particular, you cannot use the question mark ? wildcard, and the asterisk \* wildcard can only be used at the end of a complete path. You can still use environment variables (such as %ALLUSERSPROFILE%) as wildcards when defining items in the process exclusion list.
-
-The following table describes how the wildcards can be used in the process exclusion list:
-
-Wildcard | Use | Example use | Example matches
----|---|---|---
-\* (asterisk) | Replaces any number of characters | <ul><li>C:\MyData\\*</li></ul> | <ul><li>Any file opened by C:\MyData\file.exe</li></ul>
-? (question mark) | Not available | \- | \-
-Environment variables | The defined variable will be populated as a path when the exclusion is evaluated |  <ul><li>%ALLUSERSPROFILE%\CustomLogFiles\file.exe</li></ul> | <ul><li>Any file opened by C:\ProgramData\CustomLogFiles\file.exe</li></ul>
-
-<a id="review"></a>
-
-## Review the list of exclusions
-
-You can retrieve the items in the exclusion list with MpCmdRun, PowerShell, [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/intune/device-restrictions-configure), or the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
-
-If you use PowerShell, you can retrieve the list in two ways:
-
-- Retrieve the status of all Windows Defender Antivirus preferences. Each of the lists will be displayed on separate lines, but the items within each list will be combined into the same line.
-- Write the status of all preferences to a variable, and use that variable to only call the specific list you are interested in. Each use of `Add-MpPreference` is written to a new line.
-
-### Validate the exclusion list by using MpCmdRun
-
-To check exclusions with the dedicated [command-line tool mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus?branch=v-anbic-wdav-new-mpcmdrun-options), use the following command:
-
-```DOS
-MpCmdRun.exe -CheckExclusion -path <path>
-```
-
->[!NOTE]
->Checking exclusions with MpCmdRun requires Windows Defender Antivirus CAMP version 4.18.1812.3 (released in December 2018) or later.
-
-
-### Review the list of exclusions alongside all other Windows Defender Antivirus preferences by using PowerShell
-
-Use the following cmdlet:
-
-```PowerShell
-Get-MpPreference
-```
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-### Retrieve a specific exclusions list by using PowerShell
-
-Use the following code snippet (enter each line as a separate command); replace **WDAVprefs** with whatever label you want to name the variable:
-
-```PowerShell
-$WDAVprefs = Get-MpPreference
-$WDAVprefs.ExclusionProcess
-```
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-## Related articles
-
-- [Configure and validate exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md)
-- [Configure and validate exclusions based on file name, extension, and folder location](configure-extension-file-exclusions-windows-defender-antivirus.md)
-- [Configure Windows Defender Antivirus exclusions on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From 8cd32f18ff6447691046762ae420d097f0241998 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:15:13 -0800
Subject: [PATCH 107/247] Delete
 configure-remediation-windows-defender-antivirus - Copy.md

---
 ...ation-windows-defender-antivirus - Copy.md | 72 -------------------
 1 file changed, 72 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 7b22fa2f60..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,72 +0,0 @@
----
-title: Remediate and resolve infections detected by Windows Defender Antivirus
-description: Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
-keywords: remediation, fix, remove, threats, quarantine, scan, restore
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure remediation for Windows Defender Antivirus scans
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
-
-This topic describes how to configure these settings with Group Policy, but you can also use [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
-
-You can also use the [`Set-MpPreference` PowerShell cmdlet](https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference) or [`MSFT_MpPreference` WMI class](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx) to configure these settings.
-
-## Configure remediation options
-
-You can configure how remediation works with the Group Policy settings described in this section.
-
-To configure these settings:
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
-
-4. Double-click the policy **Setting** as specified in the table below, and set the option to your desired configuration. Click **OK**, and repeat for any other settings.
-
-Location | Setting | Description | Default setting (if not configured)
----|---|---|---
-Scan | Create a system restore point | A system restore point will be created each day before cleaning or scanning is attempted | Disabled
-Scan | Turn on removal of items from scan history folder | Specify how many days items should be kept in the scan history | 30 days
-Root | Turn off routine remediation | You can specify whether Windows Defender Antivirus automatically remediates threats, or if it should ask the endpoint user what to do. | Disabled (threats are remediated automatically)
-Quarantine | Configure removal of items from Quarantine folder | Specify how many days items should be kept in quarantine before being removed | Never removed
-Threats | Specify threat alert levels at which default action should not be taken when detected | Every threat that is detected by Windows Defender Antivirus is assigned a threat level (low, medium, high, or severe). You can use this setting to define how all threats for each of the threat levels should be remediated (quarantined, removed, or ignored) | Not applicable
-Threats | Specify threats upon which default action should not be taken when detected | Specify how specific threats (using their threat ID) should be remediated. You can specify whether the specific threat should be quarantined, removed, or ignored | Not applicable
-
-> [!IMPORTANT]
-> Windows Defender Antivirus detects and remediates files based on many factors. Sometimes, completing a remediation requires a reboot. Even if the detection is later determined to be a false positive, the reboot must be completed to ensure all additional remediation steps have been completed.
-> </p>
-> If you are certain Windows Defender Antivirus quarantined a file based on a false positive, you can restore the file from quarantine after the device reboots. See [Restore quarantined files in Windows Defender Antivirus](restore-quarantined-files-windows-defender-antivirus.md).
-> </p>
-> To avoid this problem in the future, you can exclude files from the scans. See [Configure and validate exclusions for Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md).
-
-Also see [Configure remediation-required scheduled full Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md#remed) for more remediation-related settings.
-
-## Related topics
-
-- [Configure Windows Defender Antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md)
-- [Configure scheduled Windows Defender Antivirus scans](scheduled-catch-up-scans-windows-defender-antivirus.md)
-- [Configure and run on-demand Windows Defender Antivirus scans](run-scan-windows-defender-antivirus.md)
-- [Configure the notifications that appear on endpoints](configure-notifications-windows-defender-antivirus.md)
-- [Configure end-user Windows Defender Antivirus interaction](configure-end-user-interaction-windows-defender-antivirus.md)
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From 0ffa525977f8d1768102dbdcc70ede0ca937c007 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:15:24 -0800
Subject: [PATCH 108/247] Delete configure-windows-defender-antivirus-features
 - Copy.md

---
 ...dows-defender-antivirus-features - Copy.md | 49 -------------------
 1 file changed, 49 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md
deleted file mode 100644
index 3532148261..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features - Copy.md	
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Configure Windows Defender Antivirus features
-description: You can configure Windows Defender Antivirus features with Intune, Microsoft Endpoint Configuration Manager, Group Policy, and PowerShell.
-keywords: Windows Defender Antivirus, antimalware, security, defender, configure, configuration, Config Manager, Microsoft Endpoint Configuration Manager, SCCM, Intune, MDM, mobile device management, GP, group policy, PowerShell
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure Windows Defender Antivirus features
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can configure Windows Defender Antivirus with a number of tools, including:
-
-- Microsoft Intune
-- Microsoft Endpoint Configuration Manager
-- Group Policy
-- PowerShell cmdlets
-- Windows Management Instrumentation (WMI)
-
-The following broad categories of features can be configured:
-
-- Cloud-delivered protection
-- Always-on real-time protection, including behavioral, heuristic, and machine-learning-based protection
-- How end-users interact with the client on individual endpoints
-
-The topics in this section describe how to perform key tasks when configuring Windows Defender Antivirus. Each topic includes instructions for the applicable configuration tool (or tools).
-
-You can also review the [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) topic for an overview of each tool and links to further help.
-
-## In this section
-Topic | Description
-:---|:---
-[Utilize Microsoft cloud-provided Windows Defender Antivirus protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) | Cloud-delivered protection provides an advanced level of fast, robust antivirus detection
-[Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)|Enable behavior-based, heuristic, and real-time antivirus protection
-[Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md)|Configure how end-users interact with Windows Defender Antivirus, what notifications they see, and whether they can override settings

From 88a89ced2364eb8cc7b74822cefb190d549dcdbb Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:15:42 -0800
Subject: [PATCH 109/247] Delete
 configure-extension-file-exclusions-windows-defender-antivirus - Copy.md

---
 ...sions-windows-defender-antivirus - Copy.md | 366 ------------------
 1 file changed, 366 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 6ab53e6c67..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,366 +0,0 @@
----
-title: Configure and validate exclusions based on extension, name, or location
-description: Exclude files from Windows Defender Antivirus scans based on their file extension, file name, or location.
-keywords: exclusions, files, extension, file type, folder name, file name, scans
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 12/10/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Configure and validate exclusions based on file extension and folder location
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-> [!IMPORTANT]
-> Windows Defender Antivirus exclusions don't apply to other Microsoft Defender ATP capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender ATP [custom indicators](../microsoft-defender-atp/manage-indicators.md).
-
-## Exclusion lists
-
-You can exclude certain files from Windows Defender Antivirus scans by modifying exclusion lists. **Generally, you shouldn't need to apply exclusions**. Windows Defender Antivirus includes a number of automatic exclusions based on known operating system behaviors and typical management files, such as those used in enterprise management, database management, and other enterprise scenarios and situations.
-
-> [!NOTE]
-> Automatic exclusions apply only to Windows Server 2016 and above. The default antimalware policy we deploy at Microsoft doesn't set any exclusions by default.
-
-This topic describes how to configure exclusion lists for the files and folders.
-
-Exclusion | Examples | Exclusion list
----|---|---
-Any file with a specific extension | All files with the `.test` extension, anywhere on the machine | Extension exclusions
-Any file under a specific folder | All files under the `c:\test\sample` folder | File and folder exclusions
-A specific file in a specific folder | The file `c:\sample\sample.test` only | File and folder exclusions
-A specific process | The executable file `c:\test\process.exe` | File and folder exclusions
-
-Exclusion lists have the following characteristics:
-
-- Folder exclusions will apply to all files and folders under that folder, unless the subfolder is a reparse point. Reparse point subfolders must be excluded separately.
-- File extensions will apply to any file name with the defined extension if a path or folder is not defined.
-
->[!IMPORTANT]
->The use of wildcards such as the asterisk (\*) will alter how the exclusion rules are interpreted. See the [Use wildcards in the file name and folder path or extension exclusion lists](#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists) section for important information about how wildcards work.
->
->You cannot exclude mapped network drives. You must specify the actual network path.
->
->Folders that are reparse points that are created after the Windows Defender Antivirus service starts and that have been added to the exclusion list will not be included. You must restart the service (by restarting Windows) for new reparse points to be recognized as a valid exclusion target.
-
-To exclude files opened by a specific process, see [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md).
-
-The exclusions apply to [scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md), [on-demand scans](run-scan-windows-defender-antivirus.md), and [real-time protection](configure-real-time-protection-windows-defender-antivirus.md).
-
->[!IMPORTANT]
->Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
->
->Changes made in the Windows Security app **will not show** in the Group Policy lists.
-
-By default, local changes made to the lists (by users with administrator privileges, including changes made with PowerShell and WMI) will be merged with the lists as defined (and deployed) by Group Policy, Configuration Manager, or Intune. The Group Policy lists will take precedence when there are conflicts.
-
-You can [configure how locally and globally defined exclusions lists are merged](configure-local-policy-overrides-windows-defender-antivirus.md#merge-lists) to allow local changes to override managed deployment settings.
-
-## Configure the list of exclusions based on folder name or file extension
-
-### Use Intune to configure file name, folder, or file extension exclusions
-
-See the following articles:
-- [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure)
-- [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus)
-
-### Use Configuration Manager to configure file name, folder, or file extension exclusions
-
-See [How to create and deploy antimalware policies: Exclusion settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-### Use Group Policy to configure folder or file extension exclusions
-
->[!NOTE]
->If you specify a fully qualified path to a file, then only that file is excluded. If a folder is defined in the exclusion, then all files and subdirectories under that folder are excluded.
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
-
-4. Double-click the **Path Exclusions** setting and add the exclusions:
-
-    1. Set the option to **Enabled**. 
-    2. Under the **Options** section, click **Show...**.
-    3. Enter each folder on its own line under the **Value name** column. If you are entering a file, ensure you enter a fully qualified path to the file, including the drive letter, folder path, filename, and extension. Enter **0** in the **Value** column.
-
-5. Click **OK**.
-
-    ![The Group Policy setting for file and folder exclusions](images/defender/wdav-path-exclusions.png)
-
-6. Double-click the **Extension Exclusions** setting and add the exclusions:
-
-    1. Set the option to **Enabled**.
-    2. Under the **Options** section, click **Show...**.
-    3. Enter each file extension on its own line under the **Value name** column.  Enter **0** in the **Value** column.
-
-7. Click **OK**.
-
-    ![The Group Policy setting for extension exclusions](images/defender/wdav-extension-exclusions.png)
-
-<a id="ps"></a>
-
-### Use PowerShell cmdlets to configure file name, folder, or file extension exclusions
-
-Using PowerShell to add or remove exclusions for files based on the extension, location, or file name requires using a combination of three cmdlets and the appropriate exclusion list parameter. The cmdlets are all in the [Defender module](https://technet.microsoft.com/itpro/powershell/windows/defender/defender).
-
-The format for the cmdlets is:
-
-```PowerShell
-<cmdlet> -<exclusion list> "<item>"
-```
-
-The following are allowed as the \<cmdlet>:
-
-Configuration action | PowerShell cmdlet
----|---
-Create or overwrite the list | `Set-MpPreference`
-Add to the list | `Add-MpPreference`
-Remove item from the list | `Remove-MpPreference`
-
-The following are allowed as the \<exclusion list>:
-
-Exclusion type | PowerShell parameter
----|---
-All files with a specified file extension | `-ExclusionExtension`
-All files under a folder (including files in subdirectories), or a specific file | `-ExclusionPath`
-
->[!IMPORTANT]
->If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
-
-For example, the following code snippet would cause Windows Defender AV scans to exclude any file with the `.test` file extension:
-
-```PowerShell
-Add-MpPreference -ExclusionExtension ".test"
-```
-
-For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
-
-### Use Windows Management Instruction (WMI) to configure file name, folder, or file extension exclusions
-
-Use the [**Set**, **Add**, and **Remove** methods of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class for the following properties:
-
-```WMI
-ExclusionExtension
-ExclusionPath
-```
-
-The use of **Set**, **Add**, and **Remove** is analogous to their counterparts in PowerShell: `Set-MpPreference`, `Add-MpPreference`, and `Remove-MpPreference`.
-
-For more information, see [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx).
-
-<a id="man-tools"></a>
-
-### Use the Windows Security app to configure file name, folder, or file extension exclusions
-
-See [Add exclusions in the Windows Security app](windows-defender-security-center-antivirus.md#exclusions) for instructions.
-
-<a id="wildcards"></a>
-## Use wildcards in the file name and folder path or extension exclusion lists
-
-You can use the asterisk `*`, question mark `?`, or environment variables (such as `%ALLUSERSPROFILE%`) as wildcards when defining items in the file name or folder path exclusion list. The way in which these wildcards are interpreted differs from their usual usage in other apps and languages. Make sure to read this section to understand their specific limitations.
-
->[!IMPORTANT]
->There are key limitations and usage scenarios for these wildcards:
->
->- Environment variable usage is limited to machine variables and those applicable to processes running as an NT AUTHORITY\SYSTEM account.
->- You cannot use a wildcard in place of a drive letter.
->- An asterisk `*` in a folder exclusion will stand in place for a single folder. Use multiple instances of `\*\` to indicate multiple nested folders with unspecified names.
-
-The following table describes how the wildcards can be used and provides some examples.
-<table>
-    <tr>
-        <th>Wildcard</th>
-        <th>Use in file name and file extension exclusions</th>
-        <th>Use in folder exclusions</th>
-        <th>Example use</th>
-        <th>Example matches</th>
-    </tr>
-    <tr>
-        <td><b>*</b> (asterisk)</td>
-        <td>Replaces any number of characters. <br />Only applies to files in the last folder defined in the argument. </td>
-        <td>Replaces a single folder. <br />Use multiple <b>*</b> with folder slashes <b>\</b> to indicate multiple, nested folders. </br>After matching the number of wild carded and named folders, all subfolders will also be included.</td>
-        <td>
-            <ol>
-                <li>C:\MyData\<b>*</b>.txt</li>
-                <li>C:\somepath\<b>*</b>\Data</li>
-                <li>C:\Serv\<b>*</b>\<b>*</b>\Backup
-            </ol>
-        </td>
-        <td>
-            <ol>
-                <li>C:\MyData\<b>notes</b>.txt</li>
-                <li>Any file in:
-                    <ul>
-                        <li>C:\somepath\<b>Archives</b>\Data and its subfolders</li>
-                        <li>C:\somepath\<b>Authorized</b>\Data and its subfolders</li>
-                    </ul>
-                <li>Any file in:
-                <ul>
-                    <li>C:\Serv\<b>Primary</b>\<b>Denied</b>\Backup and its subfolders</li>
-                    <li>C:\Serv\<b>Secondary</b>\<b>Allowed</b>\Backup and its subfolders</li>
-                </ul>
-            </ol>
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <b>?</b> (question mark)
-        </td>
-        <td>
-            Replaces a single character. <br />
-            Only applies to files in the last folder defined in the argument.
-        </td>
-        <td>
-            Replaces a single character in a folder name. </br>
-            After matching the number of wild carded and named folders, all subfolders will also be included.
-        </td>
-        <td>
-            <ol>
-                <li>C:\MyData\my<b>?</b>.zip</li>
-                <li>C:\somepath\<b>?</b>\Data</li>
-                <li>C:\somepath\test0<b>?</b>\Data</li>
-            </ol>
-        </td>
-        <td>
-            <ol>
-                <li>C:\MyData\my<b>1</b>.zip</li>
-                <li>Any file in C:\somepath\<b>P</b>\Data and its subfolders</li>
-                <li>Any file in C:\somepath\test0<b>1</b>\Data and its subfolders</li>
-            </ol>
-        </td>
-    </tr>
-    <tr>
-        <td>Environment variables</td>
-        <td>The defined variable will be populated as a path when the exclusion is evaluated.</td>
-        <td>Same as file and extension use. </td>
-        <td>
-            <ol>
-                <li><b>%ALLUSERSPROFILE%</b>\CustomLogFiles</li>
-            </ol> 
-        </td>
-        <td>
-            <ol>
-                <li><b>C:\ProgramData</b>\CustomLogFiles\Folder1\file1.txt</li>
-            </ol>
-        </td>
-    </tr>
-</table>
-
->[!IMPORTANT]
->If you mix a file exclusion argument with a folder exclusion argument, the rules will stop at the file argument match in the matched folder, and will not look for file matches in any subfolders.
->
->For example, you can exclude all files that start with "date" in the folders `c:\data\final\marked` and `c:\data\review\marked` by using the rule argument <b>c:\data\\\*\marked\date*.\*</b>.
->
->This argument, however, will not match any files in **subfolders** under `c:\data\final\marked` or `c:\data\review\marked`.
-
-<a id="review"></a>
-
-## Review the list of exclusions
-
-You can retrieve the items in the exclusion list using one of the following methods:
-- [Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
-- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings)
-- MpCmdRun
-- PowerShell
-- [Windows Security app](windows-defender-security-center-antivirus.md#exclusions)
-
->[!IMPORTANT]
->Exclusion list changes made with Group Policy **will show** in the lists in the [Windows Security app](windows-defender-security-center-antivirus.md#exclusions).
->
->Changes made in the Windows Security app **will not show** in the Group Policy lists.
-
-If you use PowerShell, you can retrieve the list in two ways:
-
-- Retrieve the status of all Windows Defender Antivirus preferences. Each of the lists will be displayed on separate lines, but the items within each list will be combined into the same line.
-- Write the status of all preferences to a variable, and use that variable to only call the specific list you are interested in. Each use of `Add-MpPreference` is written to a new line.
-
-### Validate the exclusion list by using MpCmdRun
-
-To check exclusions with the dedicated [command-line tool mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus?branch=v-anbic-wdav-new-mpcmdrun-options), use the following command:
-
-```DOS
-MpCmdRun.exe -CheckExclusion -path <path>
-```
-
->[!NOTE]
->Checking exclusions with MpCmdRun requires Windows Defender Antivirus CAMP version 4.18.1812.3 (released in December 2018) or later.
-
-### Review the list of exclusions alongside all other Windows Defender Antivirus preferences by using PowerShell
-
-Use the following cmdlet:
-
-```PowerShell
-Get-MpPreference
-```
-
-In the following example, the items contained in the `ExclusionExtension` list are highlighted:
-
-![PowerShell output for Get-MpPreference showing the exclusion list alongside other preferences](images/defender/wdav-powershell-get-exclusions-all.png)
-
-For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
-
-### Retrieve a specific exclusions list by using PowerShell
-
-Use the following code snippet (enter each line as a separate command); replace **WDAVprefs** with whatever label you want to name the variable:
-
-```PowerShell
-$WDAVprefs = Get-MpPreference
-$WDAVprefs.ExclusionExtension
-$WDAVprefs.ExclusionPath
-```
-
-In the following example, the list is split into new lines for each use of the `Add-MpPreference` cmdlet:
-
-![PowerShell output showing only the entries in the exclusion list](images/defender/wdav-powershell-get-exclusions-variable.png)
-
-For more information, see [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/itpro/powershell/windows/defender/index).
-
-<a id="validate"></a>
-
-## Validate exclusions lists with the EICAR test file
-
-You can validate that your exclusion lists are working by using PowerShell with either the `Invoke-WebRequest` cmdlet or the .NET WebClient class to download a test file.
-
-In the following PowerShell snippet, replace *test.txt* with a file that conforms to your exclusion rules. For example, if you have excluded the `.testing` extension, replace `test.txt` with `test.testing`. If you are testing a path, ensure you run the cmdlet within that path.
-
-```PowerShell
-Invoke-WebRequest "http://www.eicar.org/download/eicar.com.txt" -OutFile "test.txt"
-```
-
-If Windows Defender Antivirus reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm the contents are the same as what is described on the [EICAR test file website](http://www.eicar.org/86-0-Intended-use.html).
-
-You can also use the following PowerShell code, which calls the .NET WebClient class to download the test file - as with the `Invoke-WebRequest` cmdlet; replace *c:\test.txt* with a file that conforms to the rule you are validating:
-
-```PowerShell
-$client = new-object System.Net.WebClient
-$client.DownloadFile("http://www.eicar.org/download/eicar.com.txt","c:\test.txt")
-```
-
-If you do not have Internet access, you can create your own EICAR test file by writing the EICAR string to a new text file with the following PowerShell command:
-
-```PowerShell
-[io.file]::WriteAllText("test.txt",'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*')
-```
-
-You can also copy the string into a blank text file and attempt to save it with the file name or in the folder you are attempting to exclude.
-
-## Related topics
-
-- [Configure and validate exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md)
-- [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md)
-- [Configure Windows Defender Antivirus exclusions on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
-- [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From 68c0222c52d30994d5f02f6ee6a0d03975823d7e Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:16:00 -0800
Subject: [PATCH 110/247] Delete
 customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md

---
 ...scans-windows-defender-antivirus - Copy.md | 37 -------------------
 1 file changed, 37 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md
deleted file mode 100644
index b0b2030e32..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Run and customize scheduled and on-demand scans
-description: Customize and initiate Windows Defender Antivirus scans on endpoints across your network.
-keywords: scan, schedule, customize, exclusions, exclude files, remediation, scan results, quarantine, remove threat, quick scan, full scan, Windows Defender Antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Windows Defender Antivirus scans.
-
-## In this section
-
-Topic | Description
----|---
-[Configure and validate file, folder, and process-opened file exclusions in Windows Defender Antivirus scans](configure-exclusions-windows-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
-[Configure Windows Defender Antivirus scanning options](configure-advanced-scan-types-windows-defender-antivirus.md) | You can configure Windows Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
-[Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) | Configure what Windows Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
-[Configure scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
-[Configure and run scans](run-scan-windows-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
-[Review scan results](review-scan-results-windows-defender-antivirus.md) | Review the results of scans using  Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app

From 64dffe84400ca520cacc698816ff3bc1dd56be34 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:16:13 -0800
Subject: [PATCH 111/247] Delete
 deploy-manage-report-windows-defender-antivirus - Copy.md

---
 ...eport-windows-defender-antivirus - Copy.md | 85 -------------------
 1 file changed, 85 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 295d507e65..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,85 +0,0 @@
----
-title: Deploy, manage, and report on Windows Defender Antivirus
-description: You can deploy and manage Windows Defender Antivirus with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, or WMI
-keywords: deploy, manage, update, protection, windows defender antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Deploy, manage, and report on Windows Defender Antivirus
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-You can deploy, manage, and report on Windows Defender Antivirus in a number of ways.
-
-Because the Windows Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
-
-However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
-
-You'll also see additional links for:
-
-- Managing Windows Defender Antivirus protection, including managing product and protection updates
-- Reporting on Windows Defender Antivirus protection
-
-> [!IMPORTANT]
-> In most cases, Windows 10 will disable Windows Defender Antivirus if it finds another antivirus product that is running and up-to-date. You must disable or uninstall third-party antivirus products before Windows Defender Antivirus will function. If you re-enable or install third-party antivirus products, then Windows 10 automatically disables Windows Defender Antivirus.
-
-Tool|Deployment options (<a href="#fn2" id="ref2">2</a>)|Management options (network-wide configuration and policy or baseline deployment) ([3](#fn3))|Reporting options  
----|---|---|---  
-Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management)  
-Microsoft Endpoint Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
-Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
-PowerShell|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
-Windows Management Instrumentation|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
-Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
-
-1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
-  
-2.	<span id="fn2" />In Windows 10, Windows Defender Antivirus is a component available without installation or deployment of an additional client or service. It will automatically be enabled when third-party antivirus products are either uninstalled or out of date ([except on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)). Traditional deployment therefore is not required. Deployment here refers to ensuring the Windows Defender Antivirus component is available and enabled on endpoints or servers. [(Return to table)](#ref2)
-
-3. <span id="fn3" />Configuration of features and protection, including configuring product and protection updates, are further described in the [Configure Windows Defender Antivirus features](configure-notifications-windows-defender-antivirus.md) section in this library. [(Return to table)](#ref2)
-
-[Endpoint Protection point site system role]: https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-site-role
-[default and customized antimalware policies]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies
-[client management]:  https://docs.microsoft.com/sccm/core/clients/manage/manage-clients
-[enable Endpoint Protection with custom client settings]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection-configure-client
-[Configuration Manager Monitoring workspace]:  https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection 
-[email alerts]:  https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts
-[Deploy the Microsoft Intune client to endpoints]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune
-[custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection
- [custom Intune policy]:  https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#configure-microsoft-intune-endpoint-protection 
-[manage tasks]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#choose-management-tasks-for-endpoint-protection
-[Monitor endpoint protection in the Microsoft Intune administration console]: https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#monitor-endpoint-protection
-[Set method of the MSFT_MpPreference class]:  https://msdn.microsoft.com/library/dn439474 
-[Update method of the MSFT_MpSignature class]:  https://msdn.microsoft.com/library/dn439474
-[MSFT_MpComputerStatus]:  https://msdn.microsoft.com/library/dn455321 
-[Windows Defender WMIv2 Provider]: https://msdn.microsoft.com/library/dn439477
-[Set-MpPreference]:  https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference.md
-[Update-MpSignature]: https://technet.microsoft.com/itpro/powershell/windows/defender/update-mpsignature
-[Get- cmdlets available in the Defender module]: https://technet.microsoft.com/itpro/powershell/windows/defender/index
-[Configure update options for Windows Defender Antivirus]: manage-updates-baselines-windows-defender-antivirus.md
-[Configure Windows Defender features]: configure-windows-defender-antivirus-features.md
-[Group Policies to determine if any settings or policies are not applied]: https://technet.microsoft.com/library/cc771389.aspx
-[Possibly infected devices]: https://docs.microsoft.com/azure/active-directory/active-directory-reporting-sign-ins-from-possibly-infected-devices
-[Windows Defender Antivirus events]: troubleshoot-windows-defender-antivirus.md
-
-## In this section
-
-Topic | Description
----|---
-[Deploy and enable Windows Defender Antivirus protection](deploy-windows-defender-antivirus.md) | While the client is installed as a core part of Windows 10, and traditional deployment does not apply, you will still need to enable the client on your endpoints with Microsoft Endpoint Configuration Manager, Microsoft Intune, or Group Policy Objects.
-[Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md) | There are two parts to updating Windows Defender Antivirus: updating the client on endpoints (product updates), and updating Security intelligence (protection updates). You can update Security intelligence in a number of ways, using Microsoft Endpoint Configuration Manager, Group Policy, PowerShell, and WMI.
-[Monitor and report on Windows Defender Antivirus protection](report-monitor-windows-defender-antivirus.md) | You can use Microsoft Intune, Microsoft Endpoint Configuration Manager, the Update Compliance add-in for Microsoft Operations Management Suite, or a third-party SIEM product (by consuming Windows event logs) to monitor protection status and create reports about endpoint protection.

From 33a9ba3c06660f4cba1f04c06f62ee5d39ad9be4 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:16:25 -0800
Subject: [PATCH 112/247] Delete deploy-windows-defender-antivirus - Copy.md

---
 ...eploy-windows-defender-antivirus - Copy.md | 38 -------------------
 1 file changed, 38 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 6f8dd3363b..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: Deploy and enable Windows Defender Antivirus 
-description: Deploy Windows Defender Antivirus for protection of your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or WMI.
-keywords: deploy, enable, Windows Defender Antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-ms.date: 09/03/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Deploy and enable Windows Defender Antivirus
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Depending on the management tool you are using, you may need to specifically enable or configure Windows Defender Antivirus protection.
-
-See the table in [Deploy, manage, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md#ref2) for instructions on how to enable protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management Instruction (WMI).
-
-Some scenarios require additional guidance on how to successfully deploy or configure Windows Defender Antivirus protection, such as Virtual Desktop Infrastructure (VDI) environments.
-
-The remaining topic in this section provides end-to-end advice and best practices for [setting up Windows Defender Antivirus on virtual machines (VMs) in a VDI or Remote Desktop Services (RDS) environment](deployment-vdi-windows-defender-antivirus.md).
-
-## Related topics
-
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
-- [Deploy, manage updates, and report on Windows Defender Antivirus](deploy-manage-report-windows-defender-antivirus.md)
-- [Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment](deployment-vdi-windows-defender-antivirus.md)

From b48f71aae0cac4146f88368269ac8febc4d19e48 Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:16:37 -0800
Subject: [PATCH 113/247] Delete
 detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md

---
 ...-apps-windows-defender-antivirus - Copy.md | 149 ------------------
 1 file changed, 149 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 43e244ba36..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,149 +0,0 @@
----
-title: Block potentially unwanted applications with Windows Defender Antivirus
-description: Enable the potentially unwanted application (PUA) antivirus feature to block unwanted software such as adware.
-keywords: pua, enable, unwanted software, unwanted apps, adware, browser toolbar, detect, block, Windows Defender Antivirus
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: detect
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.custom: nextgen
-audience: ITPro
-ms.date: 10/02/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Detect and block potentially unwanted applications
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge)
-
-Potentially unwanted applications are not considered viruses, malware, or other types of threats, but they might perform actions on endpoints which adversely affect endpoint performance or use. _PUA_ can also refer to an application that has a poor reputation, as assessed by Microsoft Defender ATP, due to certain kinds of undesirable behavior.
-
-For example:
-
-* **Advertising software:** Software that displays advertisements or promotions, including software that inserts advertisements to webpages.
-* **Bundling software:** Software that offers to install other software that is not digitally signed by the same entity. Also, software that offers to install other software that qualify as PUA.
-* **Evasion software:** Software that actively tries to evade detection by security products, including software that behaves differently in the presence of security products.
-
-For more examples and a discussion of the criteria we use to label applications for special attention from security features, see [How Microsoft identifies malware and potentially unwanted applications](../intelligence/criteria.md).
-
-Potentially unwanted applications can increase the risk of your network being infected with actual malware, make malware infections harder to identify, or waste IT resources in cleaning them up.
-
-## How it works
-
-### Microsoft Edge
-
-The next major version of Microsoft Edge, which is Chromium-based, blocks potentially unwanted application downloads and associated resource URLs. This feature is provided via [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md).
-
-#### Enable PUA protection in Chromium-based Microsoft Edge
-
-Although potentially unwanted application protection in Microsoft Edge (Chromium-based) is off by default, it can easily be turned on from within the browser.
-
-1. From the tool bar, select **Settings and more** > **Settings**
-1. Select **Privacy and services**
-1. Under the **Services** section, you can toggle **Potentially unwanted app blocking** on or off
-
-> [!TIP]
-> If you are running Microsoft Edge (Chromium-based), you can safely explore the URL-blocking feature of PUA protection by testing it out on one of our Windows Defender SmartScreen [demo pages](https://demo.smartscreen.msft.net/).
-
-#### Blocking URLs with Windows Defender SmartScreen
-
-In Chromium-based Edge with PUA protection turned on, Windows Defender SmartScreen will protect you from PUA-associated URLs.
-
-Admins can  [configure](https://docs.microsoft.com/DeployEdge/configure-microsoft-edge) how Microsoft Edge and Windows Defender SmartScreen work together to protect groups of users from PUA-associated URLs. There are several group policy [settings](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreen-settings) explicitly for Windows
-Defender SmartScreen available, including [one for blocking PUA](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreenpuaenabled). In addition, admins can
-[configure Windows Defender SmartScreen](https://docs.microsoft.com/microsoft-edge/deploy/available-policies?source=docs#configure-windows-defender-smartscreen) as a whole, using group policy settings to turn Windows Defender SmartScreen on or off.
-
-Although Microsoft Defender ATP has its own block list, based upon a data set managed by Microsoft, you can customize this list based on your own threat intelligence. If you [create and manage indicators](../microsoft-defender-atp/manage-indicators.md#create-indicators-for-ips-and-urlsdomains-preview) in the Microsoft Defender ATP portal, Windows Defender SmartScreen will respect the new settings.
-
-### Windows Defender Antivirus
-
-The potentially unwanted application (PUA) protection feature in Windows Defender Antivirus can detect and block PUAs on endpoints in your network.
-
-> [!NOTE]
-> This feature is only available in Windows 10.
-
-Windows Defender Antivirus blocks detected PUA files, and any attempts to download, move, run, or install them. Blocked PUA files are then moved to quarantine.
-
-When a PUA is detected on an endpoint, Windows Defender Antivirus sends a notification to the user ([unless notifications have been disabled](configure-notifications-windows-defender-antivirus.md)) in the same format as other threat detections. The notification will be prefaced with _PUA:_ to indicate its content.
-
-The notification will appear in the usual [quarantine list within the Windows Security app](windows-defender-security-center-antivirus.md#detection-history).
-
-#### Configure PUA protection in Windows Defender Antivirus
-
-You can enable PUA protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, or via PowerShell cmdlets.
-
-You can also use the PUA audit mode to detect PUAs without blocking them. The detections will be captured in the Windows event log.
-
-> [!TIP]
-> You can visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com/Page/UrlRep) to confirm that the feature is working, and see it in action.
-
-PUA audit mode is useful if your company is conducting an internal software security compliance check and you'd like to avoid any false positives.
-
-##### Use Intune to configure PUA protection
-
-See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-##### Use Configuration Manager to configure PUA protection
-
-PUA protection is enabled by default in the Microsoft Endpoint Configuration Manager (Current Branch), starting with  version 1606.
-
-See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring Microsoft Endpoint Configuration Manager (Current Branch).
-
-For Configuration Manager 2012, see [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA).
-
-> [!NOTE]
-> PUA events blocked by Windows Defender Antivirus are reported in the Windows Event Viewer and not in Microsoft Endpoint Configuration Manager.
-
-##### Use Group Policy to configure PUA protection
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and select **Edit**.
-
-2. In the **Group Policy Management Editor**, go to **Computer configuration** and select **Administrative templates**.
-
-3. Expand the tree to **Windows components > Windows Defender Antivirus**.
-
-4. Double-click **Configure protection for potentially unwanted applications**.
-
-5. Select **Enabled** to enable PUA protection.
-
-6. In **Options**, select **Block** to block potentially unwanted applications, or select **Audit Mode** to test how the setting will work in your environment. Select **OK**.
-
-##### Use PowerShell cmdlets to configure PUA protection
-
-Use the following cmdlet:
-
-```PowerShell
-Set-MpPreference -PUAProtection
-```
-
-Setting the value for this cmdlet to `Enabled` will turn the feature on if it has been disabled.
-
-Setting `AuditMode` will detect PUAs without blocking them.
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md) and [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-#### View PUA events
-
-PUA events are reported in the Windows Event Viewer, but not in Microsoft Endpoint Configuration Manager or in Intune.
-
-You can turn on email notifications to receive mail about PUA detections.
-
-See [Troubleshoot event IDs](troubleshoot-windows-defender-antivirus.md) for details on viewing Windows Defender Antivirus events. PUA events are recorded under event ID **1160**.
-
-#### Allow-listing apps
-
-Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be allow-listed. See [How to Configure Endpoint Protection in Configuration Manager](https://docs.microsoft.com/previous-versions/system-center/system-center-2012-R2/hh508770(v=technet.10)#to-exclude-specific-files-or-folders) for information on allowing files which are currently blocked by PUA protection in Windows Defender Antivirus.
-
-## Related articles
-
-- [Next-generation protection](windows-defender-antivirus-in-windows-10.md)
-- [Configure behavioral, heuristic, and real-time protection](configure-protection-features-windows-defender-antivirus.md)

From 7d66536c2a05822df20c2ce508fd1b08c3c6762b Mon Sep 17 00:00:00 2001
From: Laura Keller <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 12:17:01 -0800
Subject: [PATCH 114/247] Delete
 enable-cloud-protection-windows-defender-antivirus - Copy.md

---
 ...ction-windows-defender-antivirus - Copy.md | 143 ------------------
 1 file changed, 143 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md

diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md
deleted file mode 100644
index 6d7e496eec..0000000000
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus - Copy.md	
+++ /dev/null
@@ -1,143 +0,0 @@
----
-title: Enable cloud-delivered protection in Windows Defender Antivirus
-description: Enable cloud-delivered protection to benefit from fast and advanced protection features.
-keywords: windows defender antivirus, antimalware, security, cloud, block at first sight
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
-ms.reviewer: 
-manager: dansimp
-ms.custom: nextgen
----
-
-# Enable cloud-delivered protection
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
->[!NOTE]
->The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
-
-Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
-![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
-
-You can enable or disable Windows Defender Antivirus cloud-delivered protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
-
-See [Use Microsoft cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for an overview of Windows Defender Antivirus cloud-delivered protection.
-
-There are specific network-connectivity requirements to ensure your endpoints can connect to the cloud-delivered protection service. See [Configure and validate network connections](configure-network-connections-windows-defender-antivirus.md) for more details.
-
->[!NOTE]
->In Windows 10, there is no difference between the **Basic** and **Advanced** options described in this topic. This is a legacy distinction and choosing either setting will result in the same level of cloud-delivered protection. There is no difference in the type or amount of information that is shared. See the [Microsoft Privacy Statement](https://go.microsoft.com/fwlink/?linkid=521839) for more information on what we collect.
-
-**Use Intune to enable cloud-delivered protection**
-
-1. Sign in to the [Azure portal](https://portal.azure.com).
-2. Select **All services > Intune**.
-3. In the **Intune** pane, select **Device configuration > Profiles**, and then select the **Device restrictions** profile type you want to configure. If you haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
-4. Select **Properties**, select **Settings: Configure**, and then select **Windows Defender Antivirus**.
-5. On the **Cloud-delivered protection** switch, select **Enable**.
-6. In the **Prompt users before sample submission** dropdown, select **Send all data without prompting**. 
-7. In the **Submit samples consent** dropdown, select one of the following:
-
-    - **Send safe samples automatically**
-    - **Send all samples automatically**
-
-        >[!NOTE]
-        >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
-
-        > [!WARNING]
-        > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-
-8. Click **OK** to exit the **Windows Defender Antivirus** settings pane, click **OK** to exit the **Device restrictions** pane, and then click **Save** to save the changes to your **Device restrictions** profile.
-
-For more information about Intune device profiles, including how to create and configure their settings, see [What are Microsoft Intune device profiles?](https://docs.microsoft.com/intune/device-profiles)
-
-**Use Configuration Manager to enable cloud-delivered protection:**
-
-See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
-
-**Use Group Policy to enable cloud-delivered protection:**
-
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2. In the **Group Policy Management Editor** go to **Computer configuration**.
-
-3. Click **Administrative templates**.
-
-4. Expand the tree to **Windows components > Windows Defender Antivirus > MAPS**
-
-5. Double-click **Join Microsoft MAPS** and ensure the option is enabled and set to **Basic MAPS** or **Advanced MAPS**. Click **OK**.
-
-6. Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either of the following:
-
-    1. **Send safe samples** (1)
-    2. **Send all samples** (3)
-
-        >[!NOTE]
-        >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
-
-        > [!WARNING]
-        > Setting to 0 (Always Prompt) will lower the protection state of the device. Setting to 2 (Never send) means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-
-7. Click **OK**.
-
-**Use PowerShell cmdlets to enable cloud-delivered protection:**
-
-Use the following cmdlets to enable cloud-delivered protection:
-
-```PowerShell
-Set-MpPreference -MAPSReporting Advanced
-Set-MpPreference -SubmitSamplesConsent AlwaysPrompt
-```
-
->[!NOTE]
->You can also set -SubmitSamplesConsent to `None`. Setting it to `Never` will lower the protection state of the device, and setting it to 2 means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-
-See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md)  and [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) for more information on how to use PowerShell with Windows Defender Antivirus.
-
-**Use Windows Management Instruction (WMI) to enable cloud-delivered protection:**
-
-Use the [**Set** method of the **MSFT_MpPreference**](https://msdn.microsoft.com/library/dn439474(v=vs.85).aspx) class for the following properties:
-
-```WMI
-MAPSReporting 
-SubmitSamplesConsent
-```
-
-See the following for more information and allowed parameters:
-- [Windows Defender WMIv2 APIs](https://msdn.microsoft.com/library/dn439477(v=vs.85).aspx)
-
-**Enable cloud-delivered protection on individual clients with the Windows Security app**
-
-> [!NOTE]
-> If the **Configure local setting override for reporting Microsoft MAPS** Group Policy setting is set to **Disabled**, then the **Cloud-based protection** setting in Windows Settings will be greyed-out and unavailable. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
-
-    ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png)
-
-3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
-
->[!NOTE]
->If automatic sample submission has been configured with Group Policy then the setting will be greyed-out and unavailable.
-
-## Related topics
-
-- [Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md)
-- [Configure block at first sight](configure-block-at-first-sight-windows-defender-antivirus.md)
-- [Use PowerShell cmdlets to manage Windows Defender Antivirus](use-powershell-cmdlets-windows-defender-antivirus.md)
-- [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)]
-- [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx)
-- [Utilize Microsoft cloud-delivered protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
-- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)

From 67f9e5a7b1cc8db353e34a5835d0db4a0aa32c54 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 Jan 2020 12:36:08 -0800
Subject: [PATCH 115/247] removed refs to 1703

---
 .../deployment/windows-autopilot/add-devices.md  | 10 +++++-----
 .../windows-autopilot/autopilot-faq.md           | 16 +++++++---------
 .../demonstrate-deployment-on-vm.md              |  2 +-
 .../windows-autopilot/troubleshooting.md         |  6 +++---
 .../windows-autopilot-requirements.md            |  2 +-
 .../windows-autopilot/windows-autopilot.md       |  2 +-
 6 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index 4d7af27528..05e8ed74c0 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -21,7 +21,7 @@ ms.topic: article
 
 **Applies to**
 
--   Windows 10
+- Windows 10
 
 Before deploying a device using Windows Autopilot, the device must be registered with the Windows Autopilot deployment service. Ideally, this would be performed by the OEM, reseller, or distributor from which the devices were purchased, but this can also be done by the organization by collecting the hardware identity and uploading it manually.
 
@@ -41,7 +41,7 @@ Windows Autopilot does not require delegated administrator permissions when esta
 
 ## Automatic registration of existing devices
 
-If an existing device is already running Windows 10 version 1703 or later and enrolled in an MDM service such an Intune, that MDM service can ask the device for the hardware ID (also known as a hardware hash).  Once it has that, it can automatically register the device with Windows Autopilot.
+If an existing device is already running a supported version of Windows 10 semi-annual channel and enrolled in an MDM service such an Intune, that MDM service can ask the device for the hardware ID (also known as a hardware hash).  Once it has that, it can automatically register the device with Windows Autopilot.
 
 For instructions on how to do this with Microsoft Intune, see [Create an Autopilot deployment profile](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-deployment-profile) documentation describing the "Convert all targeted devices to Autopilot" setting. 
 
@@ -53,7 +53,7 @@ To perform manual registration of a device, you must first capture its hardware
 
 ## Device identification
 
-To define a device to the Windows Autopilot deployment service, a unique hardware ID for the device needs to be captured and uploaded to the service. While this step is ideally done by the hardware vendor (OEM, reseller, or distributor), automatically associating the device with an organization, it is also possible to do this through a harvesting process that collects the device from within a running Windows 10 version 1703 or later installation.
+To define a device to the Windows Autopilot deployment service, a unique hardware ID for the device needs to be captured and uploaded to the service. While this step is ideally done by the hardware vendor (OEM, reseller, or distributor), automatically associating the device with an organization, it is also possible to do this through a harvesting process that collects the device from within a running Windows 10 installation.
 
 The hardware ID, also commonly referred to as a hardware hash, contains several details about the device, including its manufacturer, model, device serial number, hard drive serial number, and many other attributes that can be used to uniquely identify that device.
 
@@ -61,14 +61,14 @@ Note that the hardware hash also contains details about when it was generated, s
 
 ### Collecting the hardware ID from existing devices using System Center Configuration Manager
 
-Starting with System Center Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
+Starting with System Center Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
 
 > [!Note]
 > Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).
 
 ### Collecting the hardware ID from existing devices using PowerShell
 
-The hardware ID, or hardware hash, for an existing device is available through Windows Management Instrumentation (WMI), as long as that device is running Windows 10 version 1703 or later. To help gather this information, as well as the serial number of the device (useful to see at a glance the machine to which it belongs), a PowerShell script called [Get-WindowsAutoPilotInfo.ps1 has been published to the PowerShell Gallery website](https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo).
+The hardware ID, or hardware hash, for an existing device is available through Windows Management Instrumentation (WMI), as long as that device is running a supported version of Windows 10 semi-annual channel. To help gather this information, as well as the serial number of the device (useful to see at a glance the machine to which it belongs), a PowerShell script called [Get-WindowsAutoPilotInfo.ps1 has been published to the PowerShell Gallery website](https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo).
 
 To use this script, you can download it from the PowerShell Gallery and run it on each computer, or you can install it directly from the PowerShell Gallery. To install it directly and capture the hardware hash from the local computer, use the following commands from an elevated Windows PowerShell prompt:
 
diff --git a/windows/deployment/windows-autopilot/autopilot-faq.md b/windows/deployment/windows-autopilot/autopilot-faq.md
index e2ac992f75..e7ff819f7d 100644
--- a/windows/deployment/windows-autopilot/autopilot-faq.md
+++ b/windows/deployment/windows-autopilot/autopilot-faq.md
@@ -45,10 +45,10 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 | Question | Answer |
 | --- | --- |
 | What changes need to be made in the factory OS image for customer configuration settings?     |No changes are required on the factory floor to enable Windows Autopilot deployment.  |
-| What version of the OA3 tool meets Windows Autopilot deployment requirements?     | Windows Autopilot can work with any version of the OA3 tool. We recommend using Windows 10, version 1703 and above to generate the 4K hardware hash.    |
-|  At the time of placing an order, do customers need to be state whether they want it with or without Windows Autopilot options?   | Yes, if they want Windows Autopilot, they will want Windows 10, version 1703 or later versions. Also, they will want to receive the CSV file or have the file upload (that is, registration) completed on their behalf.    |
+| What version of the OA3 tool meets Windows Autopilot deployment requirements?     | Windows Autopilot can work with any version of the OA3 tool. We recommend using a supported version of Windows 10 semi-annual channel to generate the 4K hardware hash.    |
+|  At the time of placing an order, do customers need to be state whether they want it with or without Windows Autopilot options?   | Yes, if they want Windows Autopilot, they will want a supported version of Windows 10 semi-annual channel. Also, they will want to receive the CSV file or have the file upload (that is, registration) completed on their behalf.    |
 |  Does the OEM need to manage or collect any custom imaging files from customers and perform any image uploads to Microsoft?   | No change, OEMs just send the CBRs as usual to Microsoft. No images are sent to Microsoft to enable Windows Autopilot.  Windows Autopilot only customizes OOBE and allows policy configurations (disables admin account, for example).  |
-|  Are there any customer impacts to upgrading from Windows 8 to Windows 10?    | The devices must have Windows 10, version 1703 or later to enroll in Windows Autopilot deployment. Otherwise, there are no impacts.    |
+|  Are there any customer impacts to upgrading from Windows 8 to Windows 10?    | The devices must be running a supported version of Windows 10 semi-annual channel to enroll in Windows Autopilot deployment. Otherwise, there are no impacts.    |
 | Will there be any change to the existing CBR with 4K hardware hash?    | No.  |
 | What new information needs to be sent from the OEM to Microsoft?    | Nothing, unless the OEM opts to register the device on the customer’s behalf, in which case they would upload the device ID using a CSV file into Microsoft Partner Center, or use the OEM Direct API.  |
 | Is there a contract or amendment for an OEM to participate in Windows Autopilot Deployment?    | No.  |
@@ -67,9 +67,9 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 
 | Question | Answer |
 | --- | --- |
-| Must every hardware hash submitted by the OEM contain the SMBIOS UUID (universally unique identifier), MAC (media access control) address, and unique disk serial number (if using Windows 10, version 1703 and above OEM Activation 3.0 tool)?    | Yes. Since Windows Autopilot is based on the ability to uniquely identify devices applying for cloud configuration, it is critical to submit hardware hashes that meet the outlined requirement.   |
+| Must every hardware hash submitted by the OEM contain the SMBIOS UUID (universally unique identifier), MAC (media access control) address, and unique disk serial number (if using Windows 10 OEM Activation 3.0 tool)?    | Yes. Since Windows Autopilot is based on the ability to uniquely identify devices applying for cloud configuration, it is critical to submit hardware hashes that meet the outlined requirement.   |
 | What is the reason for needing the SMBIOS UUID, MAC Address, and Disk Serial Number in the hardware hash details?    | For creating the hardware hash, these are the fields that are needed to identify a device, as parts of the device are added or removed. Since we don’t have a unique identifier for Windows devices, this is the best logic to identify a device.    |
-| What is difference between OA3 hardware hash, 4K hardware hash, and Windows Autopilot hardware hash?    | None.  They’re different names for the same thing.  The Windows 10, 1703 version of the OA3 tool output is called the OA3 Hash, which is 4K in size, which is usable for the Windows Autopilot deployment scenario. Note: When using a non-1703 version OA3Tool, you get a different sized Hash, which may not be used for Windows Autopilot deployment.  |
+| What is difference between OA3 hardware hash, 4K hardware hash, and Windows Autopilot hardware hash?    | None.  They’re different names for the same thing.  The OA3 tool output is called the OA3 Hash, which is 4K in size, which is usable for the Windows Autopilot deployment scenario. Note: When using an older, unsupported Windows version OA3Tool, you get a different sized Hash, which may not be used for Windows Autopilot deployment.  |
 |  What is the thought around parts replacement and repair for the NIC (network interface controller) and Disk? Will the hardware hash become invalid?   |  Yes.  If you replace parts, you need to gather the new hardware hash, though it depends on what is replaced, and the characteristics of the parts. For example, if you replace the TPM or motherboard, it’s a new device and you must have new hardware hash. If you replace one network card, it’s probably not a new device, and the device will function with the old hardware hash.  However, as a best practice, you should assume the old hardware hash is invalid and get a new hardware hash after any hardware changes. This is recommended anytime you replace parts. |
 
 ## Motherboard replacement
@@ -131,10 +131,8 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 
 |Question|Answer
 |------------------|-----------------|
-|If I wipe the machine and restart, will I still receive Windows Autopilot?|Yes, if the device is still registered for Windows Autopilot and is running Windows 10, version 1703 7B and above releases, it will receive the Windows Autopilot experience.|
-|Can I harvest the device fingerprint on existing machines?|Yes, if the device is running Windows 10, version 1703 and above, you can harvest device fingerprints for registration. There are no plans to backport the functionality to previous releases and no way to harvest them on pre-Windows 10, version 1703 devices that have not been updated to Windows 10, version 1703.|
-|What is Windows 10, version 1703 7B and why does it matter?| Windows 10, version 1703 7B is a Windows 10, version 1703 image bundled with cumulative updates. To receive Autopilot, clients must run Windows 10, version 1703 7B or later. These cumulative updates contain a critical fix for Autopilot. Consider the following:<br><br><I>Windows Autopilot will not apply its profiles to the machine unless Azure AD credentials match the expected Azure AD tenant. For the Windows 10, version 1703 release, it was assumed that would be determined by the domain name, so the domain name used to register (for example contoso.com) should match the domain name used to sign in (for example user@contoso.com). But what happens if your tenant has multiple domains (for example us.contoso.com, or fr.contoso.com)? Since these domain names do not match, the device will not be configured for Autopilot. However, both domains are part of the same Azure AD tenant, and as such it was determined the matching scheme was not useful. This was improved upon by making use of the tenant ID. By using the tenant ID, you can determine that if the user signs into a domain with a tenant matching the one they registered with, you can safely consider this to be a match. The fix for this problem already exists in Windows 10, version 1709 and was backported into the Windows 10, version 1703 7B release.</I>  <br><br>**Key takeaways**:  When using pre-Windows 10, version 1703 7B clients the user’s domain must match the domain they registered with. This functionality is found in Windows 10 version 1709 clients using build >= 16215, and Windows 10, version 1703 clients >= 7B. |
-|What is the impact of not updating to 7B?|See the detailed scenario described directly above.|
+|If I wipe the machine and restart, will I still receive Windows Autopilot?|Yes, if the device is still registered for Windows Autopilot and is running a supported version of Windows 10 semi-annual channel, it will receive the Windows Autopilot experience.|
+|Can I harvest the device fingerprint on existing machines?|Yes, if the device is running a supported version of Windows 10 semi-annual channel, you can harvest device fingerprints for registration. There are no plans to backport the functionality to legacy releases and no way to harvest them on devices running unsupported versions of Windows.|
 |Is Windows Autopilot supported on other SKUs, for example, Surface Hub, HoloLens, Windows Mobile.|No, Windows Autopilot isn’t supported on other SKUs.|
 |Does Windows Autopilot work after MBR or image reinstallation?|Yes.|
 | Can machines that have reimaged a few times go through Autopilot? What does the error message "This user is not authorized to enroll" mean? Error code 801c0003. |There are limits to the number of devices a particular Azure AD user can enroll in Azure AD, as well as the number of devices that are supported per user in Intune.  (These are configurable but not infinite.)  You’ll run into this frequently if you reuse the devices, or even if you roll back to previous virtual machine snapshots.|
diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
index 42b356bd61..516142c42a 100644
--- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
+++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
@@ -39,7 +39,7 @@ The following video provides an overview of the process:
 ## Prerequisites
 
 These are the things you'll need to complete this lab:
-<table><tr><td>Windows 10 installation media</td><td>Windows 10 Professional or Enterprise (ISO file), version 1703 or later is required. If you do not already have an ISO to use, a link is provided to download an <a href="https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise" data-raw-source="[evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise)">evaluation version of Windows 10 Enterprise</a>.</td></tr>
+<table><tr><td>Windows 10 installation media</td><td>Windows 10 Professional or Enterprise (ISO file) for a supported version of Windows 10, semi-annual channel. If you do not already have an ISO to use, a link is provided to download an <a href="https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise" data-raw-source="[evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise)">evaluation version of Windows 10 Enterprise</a>.</td></tr>
 <tr><td>Internet access</td><td>If you are behind a firewall, see the detailed <a href="windows-autopilot-requirements-network.md" data-raw-source="[networking requirements](windows-autopilot-requirements-network.md)">networking requirements</a>. Otherwise, just ensure that you have a connection to the Internet.</td></tr>
 <tr><td>Hyper-V or a physical device running Windows 10</td><td>The guide assumes that you will use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V.</td></tr>
 <tr><td>A Premium Intune account</td><td>This guide will describe how to obtain a free 30-day trial premium account that can be used to complete the lab.</td></tr></table>
diff --git a/windows/deployment/windows-autopilot/troubleshooting.md b/windows/deployment/windows-autopilot/troubleshooting.md
index 63437b2ab3..f58d814409 100644
--- a/windows/deployment/windows-autopilot/troubleshooting.md
+++ b/windows/deployment/windows-autopilot/troubleshooting.md
@@ -80,9 +80,9 @@ On Windows 10 version 1709 and above, information about the Autopilot profile se
 | TenantMatched | This will be set to 1 if the tenant ID of the user matches the tenant ID that the device was registered with.  If this is 0, the user would be shown an error and forced to start over. |
 | CloudAssignedOobeConfig | This is a bitmap that shows which Autopilot settings were configured.  Values include: SkipCortanaOptIn = 1, OobeUserNotLocalAdmin = 2, SkipExpressSettings = 4, SkipOemRegistration = 8, SkipEula = 16 |
 
-### Windows 10 version 1703 and above
+### Windows 10 semi-annual channel supported versions
 
-On Windows 10 version 1703 and above, ETW tracing can be used to capture detailed information from Autopilot and related components.  The resulting ETW trace files can then be viewed using the Windows Performance Analyzer or similar tools.  See [the advanced troubleshooting blog](https://blogs.technet.microsoft.com/mniehaus/2017/12/13/troubleshooting-windows-autopilot-level-300400/) for more information.
+On devices running a [supported version](https://docs.microsoft.com/windows/release-information/) of Windows 10 semi-annual channel, ETW tracing can be used to capture detailed information from Autopilot and related components.  The resulting ETW trace files can then be viewed using the Windows Performance Analyzer or similar tools.  See [the advanced troubleshooting blog](https://blogs.technet.microsoft.com/mniehaus/2017/12/13/troubleshooting-windows-autopilot-level-300400/) for more information.
 
 ## Troubleshooting Azure AD Join issues
 
@@ -106,7 +106,7 @@ When a profile is downloaded depends on the version of Windows 10 that is runnin
 
 | Windows 10 version | Profile download behavior |
 | --- | --- |
-| 1703 and 1709 | The profile is downloaded after the OOBE network connection page. This page is not displayed when using a wired connection. In this case, the profile is downloaded just prior to the EULA screen. |
+| 1709 | The profile is downloaded after the OOBE network connection page. This page is not displayed when using a wired connection. In this case, the profile is downloaded just prior to the EULA screen. |
 | 1803 | The profile is downloaded as soon as possible.  If wired, it is downloaded at the start of OOBE. If wireless, it is downloaded after the network connection page. |
 | 1809 | The profile is downloaded as soon as possible (same as 1803), and again after each reboot. |
 
diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
index 1b234651ad..19a71f5d22 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@@ -27,7 +27,7 @@ Windows Autopilot depends on specific capabilities available in Windows 10, Azur
 
 ## Software requirements
 
-- Windows 10 version 1703 (semi-annual channel) or higher is required. 
+- A [supported version](https://docs.microsoft.com/windows/release-information/) of Windows 10 semi-annual channel is required. Windows 10 Enterprise 2019 long-term servicing channel (LTSC) is also supported.
 - The following editions are supported:
   - Windows 10 Pro
   - Windows 10 Pro Education
diff --git a/windows/deployment/windows-autopilot/windows-autopilot.md b/windows/deployment/windows-autopilot/windows-autopilot.md
index 7079e66d14..a7e2877f3a 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot.md
@@ -58,7 +58,7 @@ From the IT pro's perspective, the only interaction required from the end user i
 
 ## Requirements
 
-Windows 10 version 1703 or higher is required to use Windows Autopilot. See [Windows Autopilot requirements](windows-autopilot-requirements.md) for detailed information on software, configuration, network, and licensing requirements.
+A [supported version](https://docs.microsoft.com/windows/release-information/) of Windows 10 semi-annual channel is required to use Windows Autopilot. Windows 10 Enterprise LTSC 2019 is also supported. See [Windows Autopilot requirements](windows-autopilot-requirements.md) for detailed information on software, configuration, network, and licensing requirements.
 
 ## Related topics
 

From b78ff5d8922d3ba84e5be78dac62c206ba0534ee Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Wed, 22 Jan 2020 13:27:01 -0800
Subject: [PATCH 116/247] Updated article

---
 devices/surface/images/fig1-downloads-msi.png | Bin 0 -> 51026 bytes
 ...age-surface-driver-and-firmware-updates.md | 147 ++++++++++++++----
 2 files changed, 116 insertions(+), 31 deletions(-)
 create mode 100644 devices/surface/images/fig1-downloads-msi.png

diff --git a/devices/surface/images/fig1-downloads-msi.png b/devices/surface/images/fig1-downloads-msi.png
new file mode 100644
index 0000000000000000000000000000000000000000..4d8b1410ff4d83ed26dfc281972e309ccb721a72
GIT binary patch
literal 51026
zcmb??WmJ@H+qJ-eL&*$C=M1GVw1jjFB`6{S0|L^hG)PGf3@}JHNQ!_c;ZV|@l8Q)6
zBhn=e@?AXdbH8`3@5i^+x7Pe3<~*-6_OXw>_Z4>ko+>#B1Id*uSIE`XkPoh0A;4U@
zf)@%V0)FySIlcbM6}BttNQH-<ChHl*=~23;T_48##twaZU$yd*JdMq3DB$>_l0+Hy
zWJcq`Q-!7I1ihXlY(;j0SVBTiBjc%T=laFqp=b1=P`_ZCbZ5%Uu}^;A-qfK%<8tO{
z`b<rUYX(F_Lx>X!!Tb9MZKTSE3=|yQuVFyo!`c4!iE4%^q{P9MUS|^j{h#ol-Q*xe
z#h5@!OwH>L-&FqjTZxDO&}$a(KY!ev2jT#`KJ6+T|HnXZHiZHkc@XmNAD5eW#H~gX
zJI_9Xu>pVks6kfg|NS6$<O2nh-RocR{p}%up(rsgi2m{2NVa6k7`DDV<`354fB$YQ
zF!juTEE4d%|8G;j=YoH6win%>e*5c3`$_BA*jO4`TAPlS)a5jMhNz8+%IKN{N=#S8
zJ@J?S7+v0pczwEI(!^_t`Vr0)oyeox^X%JuE9G#SO5-~B@i<NmyS*R%dT;MB*KIYP
z7J2T>r<O#3%<^Mbi2k|UU|F==+Q@hih3u2puV0VUc{tjR;pUo1jH{hqlhX^gA8dZN
z6{z11)GgHG)1i)M>$}cx{I4_6!j1F4@LQX1sH47dzu5r%CMRcz@0O6z7Z%T1yh)r{
z5IL*tlmSHK6$e=4&YjV)e>_ezF?@SKYHO@LjB4Y%$Bdgd;nzFF#Kbf-G(QknAt9lW
zQVUhv>H3=e^>LB5$^^DPK_259|J=V8?ttpGk>a$<XWx1xpZ}aCNtgC2D>kYbda=K1
z1%*O4MU0TV4+~7iXMFZv+jd4Vr`_az4Kmw4)#3cd!NJOh5cj2t53=~5IeVXOQ~_V&
zvMHMrA$u@pq1WW+>;3DCY6jzq$BeJdp!8nEx8g^m#^t`J?rX#E;=lV}oR3sI{YsX|
zt&jrKtX2ExdA&!5{?PP$LiXe*JEM>}#+7)VxFz(yQIlUo;!T~-FooZ&DKCEgG}AY7
z4ld`n=1_-NW8zAn|2S%BDx~R1k%8FLAr3~#=LM6jbSatMo3|Oo>{8q|r^bm}hu=BQ
zG>(*6Y1FO0FBE?Gh`5!^Y)JW^7s|;T+?OiSW#YT9%Z}5WYYjGjjih82Gz};=tn9(z
zM=^-@+(|+_)so)9NEKuvEgu-E)IDD@Pd0Wp2;t%Vzdaw`0Bil;fYin(?yQQ=NX9zF
zu1H23DlSbYwB`GU@65k^`NH2!mef4y*!11F{K*%%_t9La{q}5&-W!!jGF`nuL8X-E
zv46YC!2YC5;A_e3C)kgdb<~8$9f|8HvRZ}=VkKX3Yq8KiO&I?0SdNr}!XroMje4Nq
zo80Fa|M~(pd|+#;_BX#zGT&@D4ph}x=!*8}x=Y4ztDE806Q_z^3SR+*6tjo5_y4tJ
zOn3t<?Gs&@%_YWl`H!}*vig`h*6)OTcO8@o9pLMG!pHf4Io4eA?b=0tz>RiQRd@Pf
zipD35Xj`KdFtN+>JxHC@QhWZTSD;DyYb9{4ZV7+?JFWto#T|7yB3bh1R1q5n{1UZT
z_(z*T77aBuoOS;zgF5$(B4ik4*FzX_t3_*m+CRZ-ww+S`3jCVRg9qt?i)ti+Jxp40
zY|<<*YW4s5fG&anhB8fgy|4Y}sxeUjzgc+w)?4}SsEcH~N+kgcbn1U4dH_7a7`gaV
zOpvyf@3-ZFj5QzsL8-0!qQNsdS0eyL_#QV-O;kL!0N|x7r8lh39{8Js{n5vh-}E2b
zd+q&@aVC7LGt}sNYB%2==KhH@naTahlaKnE)PDnS^er$`6`Q5fLKL%<-PUwNQhNG2
z*AlWi42zX`$VBBnFnF|D_+gkB4|I8LxxrapKT_jEdU0lLc0;-9Viuib!1<7Sx|(RB
zoWyVZ%;URTvM+Ft^~x+i*?rgo&gn*3FMm0dT_ydYqTFOl!QbG8n-jf2i2=(L!6vI5
zJw`Y{uW5tR(awAQ;&mz(#Eh~&)eRTFPq{fU>+gqoKh)2I<{A#C(~NbG^lO-&9e2<^
z9{c&_jVp%DsPb8&41gjB6Sf~}$_>h-?5FF;CEeGb49Xm)i$3|xR#*6D_isx*iv>lg
zLnt>B)Fm9Ut7+zUQKja}Hq=uUPviMexMu1Xy?j+_kXPeXGk$A|t(k5k2BB^tpt+q3
zw>uCPxwiBa0uy4_AAO}70u95vOTEcdY1xv0*0N@G1-7q&5FyXQ?;evt4O)*BpT-GW
z^)OY!YQ8ICpZsX<_TH>f4cso!()hs-ltQKtI!mjpen%~vbz8EhzrJc|k?7Cq1Q$-g
z{#dV=Q?R8W#QfXIdikK;`dF!6?ei5fXzxZKPAT--$a`Jhx|RGipbY$Kw>*Orw?>pp
zCYGE5r(q+EI}_(I?bWqmphx)^xRVgWPo=~>`e-NA-p?K_ZO-@TW1myljQ>SL!|{)_
z17IE#6P331tHbY9wj=QgNveOw0QKyyh`^MVa}|e^nvqfZWqEvc>!~?8qnKvZdPg|z
z<Rx?iVCm#Ndx=Q2#?NDQON@>mAFj_d&1|5JO3i~gIXTBy-ezqYeZIjh7|VUi`BYB9
zmA`&lF?l)mfw_6kWN4M&`HMH_R=r7;uS9JPQK*zj3%%Ehgi1!`hh<t>vIh&%a<wn0
zM9UxK-Er?19nEFTi#vg2+W;jhNzUKTcB0~)u~Q2n{U!y!<;?Q0m9O@n;y6q0eJj+j
zdgR#f4LFd?C)~v{7$jTA-Dtm0@!Zi1%2yJb8@z$?6?qEWmV=A;gFvBS3LW-dOX7QE
zt+^eh$jHjNb+TByRw6=Yj(4)0<!|IwA++!6!J*LYJDe=b){=PY#Wi$iv19*?RYPJQ
z*{$Pl_!KB42Vb@13^X+(s0B=>N@`bmY>HcTPsVMs?s`zbMx*IPIt?OihYMn@r`H#9
zubufGwU@Wdv_1Aex00>{IER}*X|>%|qAT;YI}2TP-o1&uhab)ivgfv9nwEZ1etGbY
z{mTQLJ;N%8jPu{8TbquYqKtv3!|!$1V!Utp>q}o$$L<~K<f=gr?XsLZ=|ide%e7{{
z$_eIW)Ol>V`*Yh*ew6to{%MA1@J4JnK$x@+*Z0KRXGZL+z9+qF!uuN=G3C!E4!g+T
zrpO7&Plk{nwa$(fqB9_$o|r3kBV*NN(N+*v&20S-CL3Jg6w=!PX&gjcT)~%>Wirk4
zN2*P&I%}-va(|l5{^~ak5n*orqIhntk1CN2x7Rr1wJ~!!%Hc)chno&fZ?v!=1evzB
zwgbL~AQM-fzKK_!+se?=XE#ur!s6Mo+(l_1A?ZY>jCcAIQ_A0q@ml%eSA>G76V(Od
zPru%i>aQf21sI-d>rde9du*7;MKl*0*L_r0QJFY9-iw^&K%NyDR<4>^ZPPD}zSHU2
z(3q;UO)g}GQ=8DMub*?2-K6q836xb$fbsmK?O_qN?1shSsg|f#06d`P-mlNH7%Hmg
zf%8T_I~^rI1)9!=HUyN<2vyEGC_v1k`&%;?xMy+V@K75}gIR{8TbaZ6+VO;&Iz}v5
zeB=PY2{N!bGd_2;AdTk-lbZ$$2J+WiGL*41ey9D!V(pHmtwTtE816>=GFq+h*J-vw
z(6zdx<!xYdJ$!pz<+HRMC*<YsYh^|bd#ezL)BtGr-SrFri?`!em%Ij=^3G#xdefUm
z`9}Hu*NU662WxPWrxXs80*yyG-bw0AjIA>aWJ8A1uvzj!$cBc%7r%DdK#9si5yjXh
zgWoh>Q3MzHko^yhC-1%Qc}9719jCn>K;(bEDy>Q(dzAe}C98mHw7grs5x3x#>w89C
z?iq+(%s__*%JmRwlaSK*IMnZSMo9mzRryOHWDAhb2f^a?5gGta^<PJV#xp#op8{8?
zG3}?w%3hedlpM0^SJG{+5u?Fq3eANN(NR(ESt3yXpRYr&Ed>$A5zA0@4O2OT=;4?x
z2$%yQfs%w&%bL}gl|`q3$l!RS)KCPJQ&zhPI1{yD!c<#tI47FhMJovj!f(dAb4_a=
z5Ja#3oUHngw#}~Q%W&Hzmnv%b_Gg~ZL<(pxM;h^2EG5;`lPjbqK>4JoOIYB72xA#A
zZ?%3&(ZE1<&%&va3NB8YE?n^`H3ZI5Qrd_V7O3>@Vpwt@2Yw28LN6uSNHA)xJQ%{n
z;X?fnZHPcHA!rDw-Rp>s+zJpZFnAgL=AMuL=?mN;nb6*L8--MOrWT458i-2wQOq_~
zUK{-|V>bFgpvVKPOhfEr9*bTMTwVq0oNJCu1BPzFt9_y)P~Nn47p#>@4w8hwY&0*0
zS4u3TE{%~-aeazLvhIm1o<hyvQTg`fTp2u!9V*a%V|TDVelQox%HmGH6mxYj|1o$L
zKa-Wl631`hW>VvlSAGCH!&#rSpCdrd4O&wop4+B}Ot|KN!vHOy(Q!-aZnlY2rfTQ%
zR}y^i@2Y|Fb6RU<h)u=NnLg;wmEsF03?$x}?O+WIruOgA;GL_*1}I`p=USCx&%Lmz
zzl?6DY6=r8BVurLE&}MALw8W3DO2oytD_$-K4?I)vV3;K(mu2DIiC@gIK3mJV=67U
zn<6;(IOmErSh^?^mmN7A?EY4lm20Cq0FF$Fc$-|!3OyLo5Xkc)wqbwpF{`NUl?yZo
zCGqu6b^R`z89hAqYT(N8a+cil+rGhR@IearTDt3i^Gqp9zUhk`Dh=mpZlx%ZZ-vf7
zv`71kJs?#?xM7WvOo~#)NP}t)^A%Y`#pkoKD_(Pw5!uS%w{DxTkwP@V)!Ktx&Q2dM
zr|b-{IL5?OvB=!*7tLco)uX&BNDyHpA)ZkUw8DTBY;csl<waDeTlnL>+H^&v4VkUg
zYz~>f0M-<=8cS*aIvVl=AsYi}0xKet-w_Iv;vw$fAP*XSygX#|RA{_VYLfI(jJGFT
zbGQDaEVGuJF*g;uF;x0x&0&5j44sSQwj}0#b(MtE%f%sB5k!EdgELHHaOs+da*@4e
zE;JS_f*=GJ{<@~q^)keb*enQQ=@ORG7MC!=7hh|p+m7G5nDyy4m1h>teb(e9VXzo8
zUxD(AKuDBkluq6K2iNc+;S7oxbuoL(-SBVRIDV`Yf&<Kigz07d;_5CfE#=qZTCX<A
zPsEK3x$mMm=ZQ4v<M)42dJoNF)U1W0_el$R_UAlSH7pJNoH#qaRjNj_@Jk(86whC9
z<c#hzE3y~6p5d+yC8IRd-x0#n3$AXytzO7agyefnIjh#v+?sk+I?(Fg9Dqk8F3<_F
z8J4>bCQOP=bp@|z7&-Vp>JD9I4X0b$J=-f<Fz+*0ob_uR-Uy`UZwCJ^qQoSiD`^YM
z9~YtdNQnRjSLe$9V+-5#bjk*bIU^T$n3A}=DSg#xX}oiY{>B6}qnhvSetM~X((cW{
zWj=+JSn&^k=?u|tsJau_EVpQq%Gtw$DqfP2@x+fDq5~lwx4C8<8}>(_#w|{~?e-82
zR&x-{IroLomrhYAZxV%h8-}TnVMHCtsG#bj*e7^X?sUC8Lr|@uYPT6pa1RBvs&57!
zxa1~evgPtWzoG|_>_epqFzEpeJmpB87fkG?B*A7^%9F=g`zec!3B?R8Lwh&j_vU{G
zOR_!;sV!CIlfi3mxa_{D2&RHWsjAFD1cRhW^7x%>i`|TP=X-;4Qpswok*A#JV0OxQ
z{~jck=pgh1J1OaU>|RMDu<V2Qfdq3|COKpvz3kwZwX-Z?8aEvZK|-xP$6c)c5``jz
z_~9_Hdi(Qd`qq#2tU<8z7C0%5_*PtBE0I6JSr#TSO4ed0V41A}Q*9p2vSE|Oyl*Ll
zmWg?%qhhR56YZxY|Mf8kh}B<CI!#c1vHWq2O-N&hB6G@Y%M6`28?YPORd+H`-OlXX
zr2);Z@guURlkg^E&}$F8BsS@jUSs_~B?NgDu;m?yxpv#L&c@p21|3!2pHI5(v4M%#
zTXSiWrMdR#p%_hMsk@Li$4{(>fo7qs38c*brc+#m1_%D9tBftd6up#sj2OfW9<ehd
z<tSopY;qBn-vyIV@XQTb84nF9Fo#D$<k!s=(Bw3Q!#COY6|i&9!UQ##)xRxw<z{}8
z;rBs-OW&6{LbT&d?(l(YqD~=ks9{fQ2wp;@azuSMt1a}j1L6<*4r9Ixfx{u_>g>2E
zT}W%vi`lYn_*F$vY@j^MlUUEx$P&6({Td$ONd!><$=~tCU~S^*6}n|mZP0${E`;!X
zfrBr`{^$Gr8c25Y^p5a1#ELZdkdo>cc!hJ#-ClcYp~!5>2^Pg3Zd2$W+sIR-2tMTS
zE=DdKCawBQRL|iz4Sp6ChR;79@z8X9;dbk*YmaCk-Mw21NQk+WX0PEUA#BDg*_F8U
zO@rHh!=KHmWyF7qwJ}$l=DY~i7Xgt#NH1MZM40~zD$^n}&D_%UQdaWUJ(>K!voa;x
z6wz)3W{FARH@wGF5*A9ja+yX|5H6Y+0s<pTvb8yVt6(-{JFH!#%tojIs9U84!ln0m
zUD|!Ipaao)$sSoD#62*a6~|FrU-}-l>h$$ji#g;M_&!E-GoqTgEIOgF%{b=VmE&NC
zkZ9nxiGrG+)2_Gj*Y^VaiCAb+Bm#Ng1K~V;dtZp;ow0RIbha9}q~d`!A&f>eC(az&
zPCowVfs865QF`GQBRXtI11pSV@cxZrLJPUw?e&dUCOla3;$4i*e2RFneyDV2cAIlZ
z(9Kc^Bh!MIWg9q7o4b98PZ1kg$jjgJE}G2@)_j#^9z_}lnk%h0cpm-dnlZ_tHHj5p
zwwbqDracKn1qjCpvx7fTXor}pGi!fI4)$!@ZEs{pXrSD2!ev_!+QEtkDn)QCZD63&
z6kaRFf(Iun<~S|Q-miJcz}19>adn|@iqI%daX?#8zJ?V~ocs1$_OB(&O>us`gK~f@
zVR<OE;Ww$oo@Oj{i!KK5-`Msf8n}YgG}CUgim|Ov;|UD(O-1S|Z-Wl@c1RS9G}i@`
zn~wrG-%YAN!ufc8>7JHu*EC$-Z6S63q0BqTgw`4&RSW8F<&5vZ{6cz|`kF?Xh7g;R
zvPe&&iQRFnC&_w>KNsLHPj7BkRev-$%e{+Y)ZspY0R3CfaxBY@1I{5D5G)f<mITrI
zN|wu$;)|m}`%XCb`qR9-)zG(5_%D}Ye$SaSC5x5^LUz^<i+KwAgqp5BfAi-OT5d8a
z4u%u+Y$l*y4M}FR@It7JL7<l+<$*CWHejl$qX()lEwiAl*aoC#fN$$=Xd!$2`LOq3
z%Gp9mcP7u2W~m9JCrc&(t?;BfT3sOCkCMuX>jR2dXRBtx_2AmclT_6gNsvO#0-Z;R
zmz$IIGXrGWa!1WHz8RC!yz9kLrC7qfeXS^^;O%rYRyRfxI!86PrB8a6>WzgTyd&f)
zLK=}CHZLH3<Y|mfJymc<$CxDuI%=QTqq}*5K1v_*fXJLoB_Vc#A;MNLN#taLRSNA!
zj(#Qif*($pY!=nFy-aA%*Rk7Svq+T!*{GmG6V0$QOF=zZ2XA+|%?kI31b!11oTKT@
zRHeCdW}<N+LsrTHA3l?nYixU_8o+!a<rK|}7xYuhNT3vJ&0$8EyJc`?ert%8M~jtx
z_2^XP;Z+sdyaDXPgIFRG*J)C$!hv<GxD$n$wULT}Q})c!qopmB`d?W2>=@W`Lh)y~
z!b8FFB7^dLQuS!+E4`q2$%9(wTY+*zc*zn6@^dd!^vqo%zwtO-K<2N7Q+a2n1en7V
z$l&eR#+0N=P&i(^PGEpj65IZ3elUcqY}&AugP}?v1H+H~bW2Y)(D}X=t9jNbv`N#X
zlu{UG%}Q^xdmOa!^(7{?HnQ4#o&h__vC+IAjg8SvS_!DQ#%-e*Y1;B~=}j@^Ib};r
zqwti~?Sm`fl$%jlsArzXEu?7%&J>n{y9LjLZdb&f`LIzVOn)08JzMaSGWibgQ}kGy
zXP*27^|Tp=U|-J=6c>S6F|tYGMy>?keTcz9x=?g#lC8jq$ZAWuYAbb0Bj<^gX@!2f
z-27GNM}YjZJl|d834Vz9INZy9AbMh<hQrMbVP{PT8P7F+3E0s?7g!z|X%xhCi-nZz
z7ao5+*wSCZTje+66U7>bo@LRqr<_L82E+1axaxp_rQ;6DuJQq2v^g^=n~_9kP~+T-
zoFEtSjkem*G&dE>a1QAp)E=Z39kxsr+cU##6GX%%@mZ_*QI)%IP|6RlxtbvEt*flJ
z6Pt`N6^|o``$BC3mxH%{YGpyvtGjkR0t*GsU*xju3lHfTv;QFyvEkQ5HVcs|$_u?~
zf6<J2r7nUWsD3M6k1O=I;4`ibq?4tisbSa^_9<G=nA@X5JF0ZT<0=WW3?WuA#8xk;
z<fe{sCc@ge&RD#5wP&{EZi*4J4n1zwne%W4&nq%+%_M<1)7Eh6P>buhRw1Fg0uO8q
z?UAP1;>c^K#ZO4>->g>*^jhpj<dHfr4w~%kw-8d9wZ&2oU)7H4?(4(*UOfdHPF-j3
zgM6%DCFRh&RrCtoCB~)#UGUKgpgVc>@w1IAo93!Jd(4<VmXmLP+y%wHx76!#!}Dbm
zZ70gIv^DP=%Ly58jz`nd4C-cst&J%&3Y<NF<M{Fz#ru_{qP09k-durz<(B~d20(s1
z4&Q$4EA<Sp6&j=%1e1-?s%MlAmmbBiBoC*9DM8-Io8HgAYJkF9@=}FsuJQ^gMlN#~
zcb9=xK=g_+lDku7Srm9ZHou%z;;Y*8{PYZ}<*z?D{B;s;6M0B*2DNum5Zvo~5iZ96
zc6jvaSK=btLC}avqXn#k8v`GN;-z?U<8Zkge{Kyt<~Dv8plItSl+fTo)xxjn$!>L~
z8A^nw{E37B-2uf1fXoC}cpRbKSMUy|&FnkKb^m&G<w5s20P&bg{gG9eJP&^LY?*k>
ztmwNS7;)0yzb6g&9vm^RKU7UQ;QaaeSB_cI7RND1I=a_7&41IhXOYktHfil#-6-%`
z@|9S#+cR;^{Gg|?bi;4{SAGOE^cZ8nKr9ch@1g#SjCiRfqwToZ6jJ(`v*-WpSN=!V
zW~&3ML9A)L5_$i!4F8ei$29@JFilFn<4@7_f6Oa+cVIGo{JT8=Qq#*)fd>-v2zW{R
z&+*p*3p2%dQMcr83jnO8r3kQ6cAHnI1^zX@GBAE!ccIZgeY<XJz_A>k!s9Xd3tax^
zY0AQZ@!ezfYyN5X#PnY-Obx-q`hSg23yi-G|KRekg-Ig@7RL2zf#<)*=f50Z*<|To
z-lP~6urNQa-QW4w`2RmPCdQVSgM$O*;!<`ThAJU^9Rh3&C{iAYM21WYQDPL<@U8x0
zPd=r>hJ}^3x3`ns9cllMu@e<657;n>Tep4{Q~?q>bu9m%HUqkd6T-*{7+aNUiD_Ug
zaB7ctm*Uxmb^da^xY>cFiZ9iF$PJaK1Y6dy`7CF6*qt71sC1^PS0fV;219_LpOQNH
zy!g*mPA>yiUTeHWw+%U)3yaAM6y)UWAR=e56rc8dL(OkAW*<19MnX#J3U_J65Fa!X
zP*^U~{1q<WN&}<nG=_hZhjzQ;8yKtChW(KR-~mGe*i|BMm#XntdP-^qU=f`H^36s`
z-Dc0W{bS$##Jj1&9h;4(4yU`l0>ywG>fS-EZ+YbRr-!=jhz}_2&ZPB`jN%^wAAm$#
z?9%vFIpQ${xe%k7*uge~nf8E;Sf*Qq`qJ9gR%|z3=00g(H4X^T=|@Gng-LF!!=Frm
zR)F1|S+5(W6oQIoktqVCw9Sd%=ckW+eClQPhjl_KAN&CkE~Mz{Y6<W8Fm8mT<iz%`
zo7y=Tne$&?HxIkJ)e4Pj%HT%U3vIxCiQLw$054MF-&TP%0w&8ygSW@R#iiWJEaB7)
zxYKLDAJ=<2*Ubi!rWdZpYso(4)hoi)xGo#U!j+5E<GCChbF{E6vc4y%NCr_mK<vI$
z>1{_#GKARfWlE2alo;Crx@NI6OV{n?^o5d3KmFA2d##&Zox43Zga7dotrRe=jVaeb
zH-is=o$PnEquQG${(+aO<^3P1$t{J~KC?a7_PrWdJh8M}PviFL&3IKy%{!(%Yh9P`
ziI<dm_TaD6+oaD)y8<kF9kdWkYjWcYU2aqo8yO|a3cwvFtb7y{1DKLkr&~=k#EL{L
zLx6?g04hzDbbDWZWDGb~mp;N+zxa$DV7rwA^82?ti9Ac2E$`JB0OR-44$&*P4=V&{
z(y2JX;|CAo$|3Wc6F4&^4}oRpdO(HU6d_Uq&F0@to4TUz7f!=hru|060C?15z%dyq
z&}M%G*i*f>Q`OF??rGm#Z~hmHxL-9hI@Zr20zJoY@^=i&EW<JYo5>-Tx}~eS6V(&A
z0_erx@qdn$T5QB=@C$X?&^!X9*;OjzeIxBmkXgx3YtaXwvc$`$D?%M?OpY4hmxAFF
zPBzDYDsH#f9XnEKtAFVV*#Woh0Pz278iKJM%bDH-W47JCxxiL;6hAv@Ar<O23EN*A
zm2$3fUQn@Nw#-&SG#<@|59lWDn!H%ytkQ}-zdk5;QLkHU`0d5v=7y17$Tj9?BG!FQ
zUNhcX4gB)g<{$oX`tG^oBa#~TM;<xMxdPTR|BWfH<qR7NnO`yAox7L^T*exGy_dsW
z$E}hLdXxAvJS|^;^gBNpm<%b^zqxh^i84A%Kmx%@;__}Z1ji_>0Xm;s$xW;jhBhdL
z7UO@m6M7CvdzXe6`+f4wj0`D{k3d9&nG%C-06b6n!kkO_Is-5%^#DPwDiptpzR1UG
zcd-<3w!Uu&ARm5w@}<=PLXQ})JNo%1TGCnV;V{6tY6B#|526O;*`{53`7ZMvGLHX6
z*%)^4?6sZ|vXA$q&$ip#0Yh;N$aMVdlx}CW;33UIUG+X#e@f193&*4TzPe)^Kmmg)
zhwm;(DOW>IPOz(C^t(oQ%pQ1=P60dH`YKcz;&GqSJaSO(_mKrH8`0>!cDm8+wwG3`
zw@jO_cmsB!{mM|@ChwF+R|Ne6Q6q2=$IAz0*A8fYpY08bInBy1D+bxFE+s$SEDFri
zNOmvGOX%-BRb}yN?@8ocZink>w&%tD7a$j}<8L(_W|o5~Qz8jRY%;w%YhLd9)7+t=
zqWbPBVLx$8ytCM(VZy7~l+)5o?`AcCr9r*=H30CZNXcauyQpf=EvlV~2m7<tKX_}(
zA|>Q|@|?T7{*=pVVd&HHWq8Haw#B8J#Oi}dgI!k?vtGp$ZSGyCxrmo9UA|f2EC%O*
z;7P_lM8mAf@7ySxK~H{MwWZQ7;q8~|cW@Htj24*$yzP^<4<6n$Y2uEXQ#L4V&imvJ
zZ^0@U_@Oh+n?If-y$^)qSn9qJm0~(cXaTce&J_3TLKszlCX8?4C9*Y56SJQhA?Z}9
zcRY$39MdXD*uSjDneSY#<3T0TFYia{hD1*EZd<l8dqYmYn(UP7XF66a7yF?Td8}Fu
z?dw!I|KFO4sb7TuH{M_=ipF3-N}f2jo+RQd)K4qCl*EPe(?iBlp?nu|w6(-Z*pBGF
zuYqyXRC*T3%wf~F(ij9pP;~SlnRGrp%71c)KvjTfc-keFgR#vDmtiQ%Ke^W|2Pd0?
zXPkS)drthfkjqL`AoA_{AB+I40}zh6ci*y}MS{~KKxGdhWrG1&3*;$BHi<WdaNL+{
z6%dZ0-H5*;aOba-;KzYG<%+0CDWv`G<urtq*fa=XgjC0_qb0`t1$V3|8NY^8^Zv+r
zb@Q)zq5r13fY=g(7V|JQvB*L_HFDJpVfB;cj|l-mteYT9Sl>;VycaL!2RI?u6;fQC
z3x51LxYI5KV3J-ZilR`oPU7Y4C(55C|52~yqqu>(vru=R9D<I|lusgU1uRGdpoB@a
z>-_;Bz=U0R(Lm6O0lgQ+o$)>}#tV*iiHnPix;psUyIisf@h(9aie^$|>m{5U$dCfA
znA&pTtN)!s3;X?g&z%JmHi{%R4q<6?QOD`}P-VfpYHCigcY_*mTE}OWy0;gV?=VLu
zVh;hIF^O9%Q;C@wk>BDSmrxD{C11{KR_{O8;J@Od{3Z;7*a>ukgJ)k-^V+qAkZ%?U
z`h9rZ)OZPr=H}*8HU_>^g!nO^mH|LFV-$C&c$?)nk?387NBoX8c0=xLTj><2Id-$n
zXdsEUysO0VU<7ch)<aqSaKNE@6h_Hu#0U-RGPK_GIvF0CQUs1n)vt<)KPm-0W&sS+
zfT#c_=1`tSF~Auvizu&7enhcx-N<E<46v;$L&zB=@s{|)Oz7a0&U?RN=NfvsM^s9d
zJbw4@8--u_<>gt(ruPY84U@HQYj#K5b0NAzGs_=#j^nhlC+)Mb?2e6Z_%06pFKn95
zcEclCWG09ecXQJTu3j4x8I)cas4LNa6Vjh4GkF<4v;C42d>Z9)Bi^Mudgi>zx4}2<
zX1Hy==Ybn(#q<2e3$+cfCF6~H-waQbjDF*xPq|_4a<v?Zu0-!8%HMuq^_QHPff8Fv
zpwpKeWiiWci1$Y2Xpz%gYf0;6mInaV?yv$<f%?zBAH5G9fSDIkUB>bxf6?oS2|POz
z{G5YLLH3z8EEKKWO%pQ!z>{3ua0vJZQ@~fN(tqsxZK-!3MfT|pkTuiGmdE41#}0=_
z99>5t!mr;nU+-O<Sq$H1rx+;BpO(8gD+i(seZ(@mW^sU2KPWkO+q@mDzX{|J(hJyG
zOZMgy-JK|!PA}MH-|38(Ss9NfD9e~NyER5G)_Lt&>vLm7=i^y__uKq}jefnh`MS|*
zJ236QRc47Af%;5rAP@un*#4t=>DyL(-z#p78f^0g&>gKl{R>ZyPmmWRoXhh6y@DAB
zLQu=d6k2Vp0&*%`pz){ConsbWCj9q$#fAf|oi<?l-;wugffV9;l+>nEQWX#pn7m95
z0IN{xywGU?80{N?_2H^l*Tv%9w>nb1w%Z9m2GCY&_tMPmy^0r1xBk7Z3J7S7TMwi^
z-D<jMJY^cy>UpRCA#-D_w2g>@WgWvcPomJ_`=Nff$1HFgs5<V7&H%BvH++noJT3z4
z{s9*?-_UE!t48-Oy?@LzfI!)Qd#_uv4)C=Jz~ptf3}W(LynCDJf=|&BhEi&Vu{hSQ
zaE(S~`JH^K$!mRUSo!SWGRTu6WMRZ?rr`}F|1`Nfo!$5hD++k8ave^4e<+`5Wi%Py
z0_a;6(ACe>dTecO>QkbNH~=(Byp{OB_yY8MFf<h>xHnl~3&a?>1k`EVWhx~Ak02eQ
zxcJ@o@cTXNl+RxO2*5(PlOVxV-1nZ(FMphLD6iYB?F~!4B!~>6&n&5V^`7Gs&$;b%
z(AJ$noUm*l+7U@4^X3~~{gUUKnH)%n0?D{d_q5z<h=dOiWCYSiUIQ`-4WVH1&6YBi
zV=T|6g4zx}oMw%|sy{`j4d@so*M{=KsX|C;`Jd<f+Ua7g5*d(a!zIZAT<u`wk>fa!
zAp&TKLkZtyY5+)ieKo!SVlt9nh=ML_d*#k$hziKANST4F0Mr<p_TG}YOl~fqMPmnl
z0NJn!!0;#3_s4LK7=RXlgv2_4H}0p5HE$Jyh)R4`ky6l~O&7oG${)sk0GZMJM&ING
z>e79Rz(24VNCM`9?&Y!}rRU1J8ykT%(3mo<@gj(_mGCw8lq-iUHbj(sjp39W%8#OS
zM%w{A-*wUl@aWT*Y<Cww4H#4LP5?rp-Ee{SWp=1m7;LS?g6chLalz(Ao<UI6C6u!v
zlBQ<u@X#l%B-qdE6P1O=e#c8C%eY2hUp(&Fc`0BSZ@6_n=<;xEJkEC&QO=H|4Wv<U
zKUsOpO4*D;Ky6Vp@5Gm2hHu`y$q@ba=q9jS_Ls4T!mIESgL3OA(nGde&e6(P^H0dn
z+O$2P#G83}cM@IZ_kjeI)4q~v9G7OwY*Cnz#v`Y1OAM6fN|R+g!fWa$-GzqZ@&Mv8
zW*4gcrPP5hkCHRJ@)NcxNsmoC07@#$tIcW@Q_Soaq!2D3>lTs_P706vNXjH$49n>P
zBm^vpWN=8r${}pO=HGSQ%sTT_z^1gG?|xBbb@PIOotGE={Hm`By|mg|`_S|e*pA6C
zRU>YwVYMEmWw12V5*_$im2JPpezw11cqxR@0S8>5=_T}1)D<Zd546by@<7a+yz~it
z9mlpgQP~@Y+H3++s6`fCQ3Efrgx9|i3$!y!JIm!=95nzzse#t6N~dfxq^Nz@e$qia
zB;f2c>5+r;X4z$rmjR?%C^7WM7GFfW03~KS<;%)na^zrsv?+-q!Wj!MGDlTFEUMM#
zOTsuIv=2aJ^N?iCDM9Dt`d>pD8S-r>p-&bVjP8_1K&J>}M_(&l<sLd>CS}cW0CHpZ
z)PP9gNMe{R*98!#slc7ZLab4(PT%T*>`R7Pq0ZYVsyiA<2xq-pJ&1<|F;u#stp7w>
zOr((M(JZUQk<}&e6Sc!B*Jvu+Vd$6O#GO~RC8d{9wxwWOZvJ!>LFo{bj>r~9qYPr%
zUo@Gr2Kp?k%g)~dowp0bVBK<34rUoh7%35BkHb(M-;#V|P^xqCX<&&q8ClddtMX(B
zURVm!bfM&BWd+dDy3mtvW*L?A83zjLyVo)NZ<0NR3JlVLPzn+zt53n5sg*t1(jgwG
zFA$#f3=399{Loqmm{0-9p~;FQT%!%N8%V!BFdr-^y`1i9Bu_uZ+R%IR^az&?t2k1C
zz&}D9z+62x{;X~aDR3+#4Cn*iOsZmgIa=e+lKCF}K)4%4bH=L`_=GkqLr&hX`P`>R
zgstne%UtJ$QOyFAybV*EUPM2-F(Qvhz$zKZLVK#4;b7<QNJyD#+&Olg6?q?y07QqC
zc8(2p|J_`>iFR4#RcZg<K8LrNN^|GSdK&LYxKel%Je9(8fV4WP96jJFd50oBHyKFZ
zUVk5TI}}j423B~#J^X{ivL!>oNo>F9pbwBg+Znn|#1N=z!w3AtX4w01I<nIp2!;c5
zt;r(8LO86TC9r#WN{Iz5vAZ9C*KfItl^zYr)ogsr0t#zsh?g`yR~n0@IHfukrx9-Q
zzcz<q<jzU5EyXuCQ!0QHsT*lX6-aqsRo8w0&{@?khSdR=@X1fTD1110w<c@Lx1nZK
z)pY5i0(xjLp_O_zc@_8Ccaeai=f{hlg^P-yt*2Ls^|c36U$~OnNpKPLvgs)W4&9fv
za%uQr!G9`p-!(`RAdRpeF2Adf7P>X(&6X)JkdD7oXAprRFI{MCJojE@b3GLC+sSQ^
zwRC|Z<uJ7Ss-Nolkpc)7*G=FY6fh^^r)qgTle*`eK^wWKEOTadn9veUd)G)~H?;nA
zt2*@Tcq$96W`N#+X>A^c4qpAy-_UseyV<+(Z83TSTvTYIl6vOU<S1vgqr@`Iy)FAV
zy4n3`kMKCc-<7--!uwV(r!D+W4@^szqO&}^sdDP><=ji~F*6;Q!JxF*c2<@`>69U%
z3*Ntyc#uBi<<=*q=0~K?8p^*)t03aWh?qNYh#kJcrJRMC1mX&hGFUyVDWUIW0am&!
zQ2d9~a><|}(h5JnQyC=KY`v<w=S7-U)$`?Qbudw_viV%w9c30&Mg3YqG;;N{|B?7H
zvp!&bQPz`MW~<U?<$b*OBgy7UW(Bi=RN(Y=AnmvxUWBe$BJQ4czXP!r@K5CbQ-EEe
z1Sj?0n2&55*!eu)4T6WesIb|rLEAB=f>@;iI7iQo&~8^F{LwOsXc_nQg@q$fU?apg
zp&$?0mOF59Jm^1_iUBk9oB#noV+idOFR{6jAPs({&+aE~2MTt4Y_l*}b$6hcSZ`YN
zR+aGmIxT6m9W4fUZ^M-r4oFolBORtFu-Eub**kzrePsTzA`Ux^95ERGcGR(#^Mf$W
zpw~`sM9Ira4v)xD(V)DxJ3Hrp7AdBj7+~STk4>jL&RSSMM-{@g1)TMNh4#5>g1Y1c
z&5(5NYa{*kTXWvB3n$UCC*91|zXADTTubhJG0J_GtQAluC1OK=E=ViFoy#1fm3~0O
zL0WTaB=Bc0A*`X5hd_qDM)Rau@OItdLvLs|J*Z3<QkH`(Fds;p(_|d5xgE#0*sQIH
zN9B_b6ueL|R#swB0cyDD+_XG+&O*ID0bJL|L$`S?;V#{LUoN2O)Y0<8u+AU0!<1Bs
zGx|uT0HJK>1LF1#YLAzfSxMinnp@Rwf^*!^(wAo_H}+_tG01<!H?XPTa|$-A2&cVO
z7?_^bwrXS;)`CqI_bO*lgL4QAYyq7{Ev>AV@5T8cKjxMV;ZBVf8RaE?exz+F$QCyS
z)XF722=RE|l^8wAm>9eA<n_vv#9f0_#jD~87d5bve8hzPKF?xh;VRAVQTyJi&hhv5
z&Li``0%>R%<{Pt0J)_TS-J6WP^~|Ko*A)(&!)}Use_|=r;s2m}<7DfKnp{al>Ehyb
zsiqT!(dEZ_9b;9!2L|J<Q1`ZRWj^6E(`nZJNwYO~uCe~emj*TPt7}L7aSfXjylXUN
zA&Gme?=8$-UY=LOJKrZpNI&O$%*By6mh#wrEOU&bZfVL~@77~aYnI}+63zz<Hf(br
z`^VM)gAy@N{L9YBdr%|_NZIyARz`S7h$Ae8e+Ur?PCGF#2$`MHQ|NGC8~Gs-2<Sk}
z2h=0%ISMB`5d!p5Gy*2;QM9IHIV=%j$Or9|%FjEeG6QddZ`0uOGKY^K=YK8#aGsSu
zTba3}cjsxPul9D-m<U_8+WqJ*Ba0z@juM&Zh3hyP7fXWkP%Kg&eu6rq(Cjl#>2iu7
z*n?*BMm=tRe?uW<GRvp(0!i5|rhv_!ouV<hB|ha8#B5J72V|i$3h{IBojacC8shVa
z)?da~kIcTUqNqlcF+5hM$=7+!Wf}BTc9pwJwNsKgKdYlupVA%+vbo&9InN{5u+z!t
zKp2VD;TSkJix;|DQzkiD<@ne`;+bKPi>d7IDb`k6*D*v`Et`bb%I*+Xz4IzkPWx)R
zAOYSo$&O=*m0)vIM!8!G2QCLyW~sg`90<1AZB9k%<ZC+5WkYW;&Gx*9ZCF9(U5PS>
zpMLs5aIjj$CuVL~;XB;$>bs``@g$CSS~9}WN>oF6Jh1Y#cruu?s7slX;`_<YS%#S9
z59>!Yd;`DzYNM$8X{{~%$IS%%YQ|rU+%R?3UoQ{y&@0E{AZv1b6Cr~Wb^=u&EPVxz
zv#M1w*D@+QLVWAKJxh!#qi?XSK67Mj=pj)Fo=o=N_*j>gST@b4G2T2VKHfg#Zt%L`
zzLK|}uj5^SA;j_)KYtD8HtCwt{>Gqt`v%GKS@|gci)W>gKMndftGE64H_vw@)0(WC
z>hg`|oEZIWDkG#H{7*Wz40DCly?z;L8Q~F;45(l3dd$-+5jyn?P>RbSy7ybxB!<>a
zpk2GrXQs>Ac{nS-+dQ0qm$B+bn8s_Zh-IKXaw2U-(7{=N808j?vjLe^i$vAdYm$7n
zT!GXy!B9GBPuv<S!ZSTBRM2K8)z9==Aj*cNQ`FN4w*6C_25x{*9fpzywyhc<OiNR1
zdI0jCu5nZ0suw>F90xcpKik=se+xY}-D28fGrF7l=mt<{fR}|7pctl{m9~w1w=+->
z1%7zYJ%DsA8G7GR!2YcH@yhnnnh2e`PL~eRArn5zU&xmqzkDBv*O&uDE|3a{9uqao
znQMBL5P1FB_T#Q(X0!HlFpbFzrVR9xmRhXoQgHW`PrXsJb4nC4i@*C#yUhxVa_}k9
zley|thb~OFp2RSs3~pM;TPTSMpr%A_P+a(|_B^}kzzE0`&+TC|&6p1IUan)<6rB$=
zzupq6OEzDx=@onU^GjPX&Uu^1hDazIK2<;fzb0F>{=lXLEywHW6RmMIG&7$jsc5&X
zD<Jvy*`VyHT@{JiFfS3boy|8Qk2a|S&kQV*a=7}fcV7#rBow0I-z;)Iml0=#5o~gU
z`<pAw^aJ^3T$(d88b3{l-7xnM<9m7-X>40(9&h(>nMcf_<({|i0ZrO;VF)#r%&qEo
zJx{0KV^&)#|L;$?zWcqRvZ9r}h~BTQPN<Z6n?m&rwM=C6Xj=BdwTe8e{F~tj&l6w6
z-&zp!;<nbqeK~Kt(cc`5&Kg$9htmY=dV)NCCdV(z>khw97LFx;;47z))OXhFOj9W?
z%NHe`NSJXqOe0b*S_|g1pN)8OYSD(r_%-ik@51iuUb~i8=LauBU%D^c?wGP^D*o<h
zEQhlAx>>SWlub)!XnuI>ZKLw{!^=jQcVAjS(5fXs>G^FGEv$cre()>MXHGRnU#c_T
z+g1^w>pYiSr1=YYJM%}g?KG?{l)_^{C^RwtjPBD>m|JKmBLxO{flZ*_j$V#F9)+{&
z+jG6r$==C}<XTt<ME$MJxApII-q!BYJ*KmTUPI&vyO$lk%B21DWy0;f538nvn!lip
zxu(jj*A`1B?a4aeia5KHpTrXq)O&l<Ku)Ev0<DmnE9(J^uvUvwaEAlU$!*pcLc$+}
zD9Y4mHp)_bI7zCjsh73p!nj3jS}>O1xb|mJgU-^Nu9OQIIvcD=6ai=>&BgpMNqj1E
z$Xp=dO((0JCxK3zQ#JSKU~Evjhv_Z&`ZPtBc7E31pe=xPG+MKEqwB*HVfh^w^Jr?`
zN0)lVqcHPrMFh;j=^Zlr(mmSj2!1Tnx((<It^`JaE|ZbQKFXGTbPX1E!~9!<7<&@k
zEUta0jQz0*)@ZP~QzOxKE-*Yo>!^?Y74Ay@z2QpN<$-~3l-KHSnW=hvYPZEDZvn48
zW#DpUu=uiX$%woums$z%(9H|M_cGLQvz#-4_~M^9c!znj#K{Ub8%)lQLBOeZS^^@i
zVt#YNrl5Y+S!|k+f})c-l6fk(>;W?PN)2HpePb(d&@5%r5-U#SjBL{^C^s6U-cKz1
zZ<d~N6;(N&e5;5fyjV6rUhYJ#?aUdTR@k^{+__hJ&9UV9Jh{if+kBPD+6?D|5&Ns(
z9ZSVBb#7<vlj0yJwGBJ{G^g$>vWy;GEo~Obj$!44G#ej9rRLX@Iy;I{zn$vrx`j_G
zR7IuU*d@66*i<I+(3$m$bxv4Sl8zhm-5JN;eq{fPVshhc=(BO1Ec*&(A@z^qVxRcm
z8+?|`@c1lq7?kBP_Dc?u^7eM`5;?p6#CYQFxKc9f^TYQ3kT7UG2MxDplBeELx<X3h
zEWOHNyeG?%)ZB4@(IeL=FWYxH0QWUe2~g(j<nDwR9hGk5n%hx#T6+ng&7QqdELu<+
zC3=5Ux5e3hSTG8q;xmBH5eOO8qFkVvfg(Vp*GUTz2w`iOB>lw=R&AFSLfUFV-A+Op
za#wEvjV)Q)=%VRtB3{cKd1UwAa3wlPQZ{R69~B%m>(u}l-}foBP?$6LP`lHollzBN
zpYl-@D-Cl>Q!L%r6mIBgz;a}V6OC-DR*X35%<rO>sp*SnP2hC!B@h>FZV%Z6n3-<p
z1byNWAU3)6?z?6b7Z|;BIO9JFXjxl&#Sn%f<lLRs0Q6X@kVOa;6B!Cz0LYn=9@-{`
z(_6lPDSq#v*)dQ;vQDo-e|*;}#le2Q60=_|dZF1#zm4iQH&r?^9am)9F>i;r^-`I&
z2Yi|)U0oT}vAkd+SO+}C4L_WqdB0M^i9*~d?yQ-&7!%GN?@eS1qSsSuhw*+`Y?FVP
zNN&sOW)saRU~Hs-<A;%52EI#J{hF@WTXr0(1;$9PXmJrPD$B9qYOaP;JHXa?E%Rar
zo!qS0=B`>JuA3(2F_l<sUC~2g++VD$jwaVN1bP@h91`157xWW&%+cDasA$(a4NCLV
zBImtM?f%mpfsyGfs$6M!Kl%H}l6!c1?fI+3n@na}aIi=F_#`t0iDLU`jqa|E8sv8c
zPv`W7b6p2lZgm6Np7DC6DwiY9dCx=AV<>94>W?hIaO%anTaxO5n91>ki|qr^rs7Gc
zqZ{vH`Kvs3`|0;|j9)8Xy2>cey300U3fn^E96h|5R6V5oTiX<izNhgP;{|S)1qH^S
zlRweor`c4yEcFa1r}$Y2-0&TICOLR@P<Bu>NcciU`VRnQJ3*<L53-WhAf`*z)D$@?
z9KKI@HJN@|Xy{jDv4CX45GWU!oG4o_eIY&beKWhgmSTu#A0d`j(EGqnoMzUr+Y`+Q
z^TH)F7gAZ!na2>5pjEfcKlR^C35@Z}8C+rfp@H>8)bs^AL9P7S0{PD)O!r7<JRb`U
zILWm}b~v`P?NR?wiMZ=&Bh+M$&LqUguq@D%;v?upw9FgZr-Ew;H{YO0yojD3m^k>&
ze>+%b1H7Q0gD^{FNNk&YYY&7*YKpia?TKknGzZXX3633^BEU>s&DEa5ct4c)fzGY&
z+l|JydCU!Ez*teLH=Wz%O~Z<n%*i6j_AQj-+V{!avC8-b_levVL_o|0RQT7;I_0}W
z>wzO_x&6j|@snu}5B+?+0)+=1Mo>@GXAN3ZR1I@7YqMG5#N6V~nYPJF7SV3<G=uZ2
z<CgMzNDz7o7;#=#tg2%o>2(YWYJjIA-JEzbbZroZ<DXXSZuS{5u&Fs%FzjiLt^)^2
z5umkDnsW+i$Kpni4@l;P@oWL-a^*3m{$io~khqI!f=?gKZPOcMy~~wDLMLV!c?~s<
z%BUkq+!QS9+0us_-n-J<ADqb@pw?X6cT$6kdc6yaePX2#G}nUgyzmLl>=es3qP0rR
zkJ}=ggwQmKJseog%x%c2--?O%QL(Pr^6>>q4Le@O=loHI>&r>xV;h00;wQ^`{f=L}
zDeZbQk&J>e6VH-+ZAnKrs`l$Bi`>U=oIao9FVy21%Kug5utcIdw(fs0v7jS9u~_%s
zAPj%bePz~afZ@g64QXrWak_0{l^8p|!D2QmPH>N@oSVvQfKBt3@$YG;?`D;{fr3&d
z?|5`TE?jt>?9=<6ZJv(QoeZ7e&O4n(M(1?;DPyjD3%9qNJMTBPt*YK<*lk@P+PdEK
zIjmrgxl@X?ki&wA)F?t1^$x7kiO-wFj=>LaK#@Yh^?NR^BuQ+@6d^s45W!J}?s8PP
z?F|c&N#&n5G^_wsbf-hYM$5W;Q-ZQ>%u-}+isrp(a-7NY`~g>Ooeb0`0?9<gl?O!q
zw1F`R&}LGD;G^4Tv*tW&rhgp7hYCNrw!IG}p#c{Xr^~=wm+x;)dfg(072dCpNP$=o
zTV5~=@NqR()0u84W(%QJuz~?Qlx>mMN7am&pj`EqXW4C)WSW}U<Acql#E17Wx`1Yo
zE*hgiQuS~O?pX>0??l^}THuhVGUCi{!jy%USWys#!}VcmJmm&x!eV4ED?El4W(33`
zEtbf7Emzxn6Tpw{Dr|6EbB1l<DW*d8ee{9`HE-^MGFli^Wl+9tJxKG8!4K0rQoLxg
z+C?QfuR`n9-Q#O5-9%1B-Y5;P(l#>KHCmH1uu?TFkoa1FH*rZgf($p&o87r3O;H^r
z7-kAF+lA7(@#D^ViO%dtGmM98ADeWJY(-Sn@S5B0Wr9xEqrV?$kMeYywB-jSjh(3u
zI-L^u8!%glM;kqznR?vYLmP=(wy|^3t9PJHzzOZSk6|D2Fu%MtahAt9Qe>^*UFLS1
z@wQE&jFf#mALIS5Fgg6rz9Yba_P$v8=xI?TBkc92vcTYTqrt~fgBy>x?tl7$m|W}0
zYLe`nkAJXUd5~z=ALV)KFfKb;A=UDOf5uj6Lci=z$F9T|h6btW64u66hi67pFGTsC
z?z0|$wU+hDml5*{n*4w*;4>1;YVcEfTDLhdGP2cpHQiQV-D#!uW$#|MIX>^6GzH4M
z)TLaowfUNBrjVXDwbiZvo?R9^#BI&t)V}hjbfK5d=-~U)d|<gOI#sXaQxC~4P9(Dh
z$b#2`<a9_PBp_I`NpLABTPW&C8TC;Ym-5LRrg%l*I*l$pt1nKJ=9cfnjdWEp+h<G&
z1+1VF21a&{_Y-0G)<aMR4*Aku35uOFp~<hA@z4Acv~n}e=fUHwG>ZJeS8tU8o39iK
zu4T(LEP@No3Zm}{7><1b!FbhB6P`kpv3;c6AmY;_h(8!+B)6lw>_K$PNY>dHS<g1>
zB+~Id)SF~<z9}lE<%P;QE>2q?!{IhB+tcQPE#wfmGiB&=>wY_Izx73^;L=hEVc%7P
z7V<!KNdeg@fo@VE<&1X%L4pGE7#?0HGR#xXsOPi6Ye64OgBLscx%{W@kE?c?YWjgu
zMiS0VrU6|`L6}F^tWKMSie~2qUS{WRt`LJ)L!7LXqjk+q7OTm3=*=P4iyb@yeK#no
z*eExwA1JVZEmlJWJ61mh1hU!S%lm%4qeHv#@$1Xw(%PlHiB)^&gU+f)_NtmWZVlNO
z(RYT;IUd|&wEi2VV*B9|qhE?oDK{oLy*GMlgZUn3-uK9DTPv?(@FuM@y5Blbc+zCS
z2EG==`}F+f@%q+J)Tx_&QKciQuT`=C_ZY->&4X)<+Kr^<8F^|=$C7p)GI#%}LC=zm
zS<Ah&Uz7YE2qHZh*+&(yk?E9%j$PG|@r=6~V=H+Sn^`c<w<*4*o>jU6)K<E87E3Ao
zCd}*y`Je5C-8|^gPcv>#?|PJ2HAJYGQOS77hhzy7BqfoymHvu#$mBc;T#o%jJBq_K
zi?o(^?9qGHe=2QYc@9{R@(ygxt+4QLtT@6mBAkOpY-e*@m3oJsG!=n>gT0owGtK7W
zJ)&l+`V?7P<CL|h_c%J0r_B&V!XvYJt)B9^PY*Kp=t;vP-bUzf&^!{MynFU=>y0Up
z3CT#C;0DsS&iLF&h;^={DiwzQ6Z_l8K@zPmUv68vU7zb%eL8E()F(E-8$@~|?EjGV
z=HXDb{~K^LG$>|}C1GZaUG}8xjO=SAvcy=kOZJ_?*hR8teUwVFFIi$Np^y?|-;&6l
zEnDw3&-dH&e1Grz=Ud0o(J}Yj*LvUAT-W(I&+|hD4eN1qEoVqQWAp@m*^hpYSWC}L
zjJp3yNY=GZhD(%3zQ=?j?ki0lwd$6!4F>Nrkv1db8ff&!66Zo>cdOX!5uS7C35V<Q
zb@B2vDqc#9Q@eB1x5Q;K-O_ZAhr^LJ%+CFM!c>}NF}14k!$7Nk>dfQ}Y$pxQv<0s}
zUeDVm)R_bOzy^2R)aa?T3uqe8Q=f!7s5JcW?iz2YM+@dEOb9S0JP4}u@M&6|$g`O(
zK-ySo$HDRsY0;xC`!+9cN`7K54igkuB`oYLemN|?mk>Vu`>pG%HoMnH|KZW<x&k5%
zug~uiZ<M<Ltoy!_x<12%aD{~}4~Vk)VNNZ4>$o0NDlcC_ojp9r-e!q&5@3?+i1*>%
zJTrKvNH&j`Nw>7yI7!7Y<r2S8ZwldOW5{AH#^$C_g6dDs!`bbIgv_zO8OzVaNu-<x
zpD$8y>8nti=ZL>FAZ|(+cgfR*C@v~ws1sLNDu(~Y|53<(uZVc>;&1BO@wY`yB8g9;
zJn@_Oa&hmRO?7y^R;7oT{WIG~8D$KAXw1@I04E}MS*~<9Msb$`bSL9j$MD?$(1eB%
zfF|U)U33RY&P!r6r#AT9yz(bh8D^#ff|s{_-d+$P=fwfe4OLsI^1nADegZO-#DKOB
zi4L6zVmse_mmL4x3;0o1;IbZz<9RfB!((u@Y}Nm=*`LVIj13^{_*U*EFY}UL%_GHy
z)>Uf$F)W#3B(axby-TyW$$8<VW|c_XJpXUeP!OLlSyX~x5JXT%gpTpAf4SbRVt@xL
zd)@sFpeP~QNiB@mWd4`&+!{kF8teB`65gEvu6kO(e%bdA$LDG|XiDODo?C{H`;sKO
z60pAUo@phcp`m#{XnE7`-zG>ik@NHOGttvyfklVH+OK4w-r5db1GYciXGu3U)dObH
zM4bNrVIPt4n7otW>|F{My?S+Y>sy}_Fgar4<aG1!@Oanv)i{^;02y*}R7T4ptgNDv
z#GU<MonJpcl$(c##K^6ZT^D*)B2IIGj42%Oc_)A7J{dTukQ4=MrHY%%d;et={Y`a0
z%2q6=Kq_An7ylH4=BZGl*9=R&UZ$t6E?ro!a+XQpW;c_Nu_cLTOp*c`JvZd`xqF=<
z)p?nbuS`s~mAfeBu;BzyJgNYN!UULH(0!RzcPTsx96*Omw**}`r)CoRewGv1Je65M
zmFjhJqz46VmpKC_vTl{D8Qb~u3u^_!qM<Sh=niz=vzk!FUlVM6cE6qsXiTxFm<KBR
z{+y?v{$&^f5e&)&W<Wmo{Dp29en7RW2<c6UYH4Uz99L*O&cQxba4U(7;$-~n;i19A
znRNNc@_FEe^IjW=L5K7SvV`^zTi;}i^@6A0Dhw{9@(OjJeny!XVq@8*lWltJzUgQb
zAnp8qMzONK>p*7}XDrb0UAc-J#nPfpeI4)%eeb-^NF<Hs+3@$+{o0B&abT&@s5lMk
zP0pC>T`UUx)qY7{el(5s0yP5(+>JwVuBpotjpPTM!!Li})yc8}XiF6cYP^~DR8B#B
zplbf>+CLB3S55LZ;5`Eg9)4wNPof-{1L~1CIK4~HrWz?bH-ShQ$-d*N(jZ_)9}a|^
zc&cCAWPJ=@jw5cEM#FTI6i(`&c#qv1CPlrw$RnXB3WKi{)ZvjGkjooyNa3Gv19|IP
zZ$Y4Z^;@=EZF9iho5Q9OWg8C#hM$ULG37;1lH_(XfcMttez`rf^eZT5V!2hV`>ZnW
zx3&6tTESZ{hLB2X*$T(oH*V_!7a8*w&XA*u#@7Jk(j7_w<{<*Wb&Ff`k-MxFeMX6h
z3q}z{{U-qt+nQv;12`-nYF#J&OOCQ#-}JcF&qlTHb8*0(Nwg?n(=t-la^N_khF)&d
zJ3iQX1$-kC+kkIC&i6>MRS-TdZG3#KKkM@Qm`y-L9|Nqnm3BIX>b~qN<G{(r0oYjG
zpP0cY-(8@ht2l4U;5?H)zET=%;O+CdkO_X?k@KYd{q^7V<0yj4O0iUNsrN6w@jA`{
z#i5&c9pn1(r^gKg7L5h*0OoNGm`hoW8K@-^c09bTYMORC(zu@x?^JQM<vywSvV6PS
zDd-Mk)oChzU`rIfTlE)Xm6fOW*z)S8)YmBSsFRDE$HLi_4zC#!n}r4JUi~;<O{_;Z
z229u;3SR3kD=}~7XsE7_REr#yxKT^|D>7g;r`JHL{1(5UiRg!gyyQn%xp!`r!(P;P
z#-k#g-Lz8{1{fU2t?A9>2OAky52~m~<@#dpfTJ2W4>#v-;4k|q`zH{IgEQ}|?y8Sg
z*(V*c&HBwn+jH}xsR%hAwO;%qX;dsj!@x!{)VL+EfkBo;WCI>1ovv?>cO@y11n6MB
z^QgE_A22=1sRx4|MWS29$YDMM6895PLQ0L(i12u&Z5&C!y$f*BaX^r<Cpl&u1Jf1V
zWJ!mQt^LyTXL$=@JXQ7s-l*q*Zf;cXZnbv^fWMVq!PgJ4i@^4+8ieWYr1I!E10r@=
z3$ul9feW#`t>th{hW8X)OEs3!BlRZ;+I<c_-nsqqPR)zM92RDhUlK#*WvAh4K&HML
zR(F3v)4qrGifc|bac}AKJDoYWTJ<3i19&jy0ZXTPahNUMyngU{nc8;??@?P_^)1%D
zPp&5+Q+|sLfp9nA@#4MLa<ugxm=)b4xx1O?g1ANbY<qO$n?ZSz-d}5gbyf?|s_B|D
zo8CWO)s4|99L;oaYL~Db$@r|TEZ+e%#{i%M$>AeWjhwf?57yrM%=6>R%k=qp^-L+3
zEbG`%wXX{MGZEgvWaipSUaI$O;op0f#+^TfPkJlu9PJwH#Y*{T#82*cR5wpNt!4=N
z?HpU>VJ=|YB74Rq!0otvyz993os^5T<>$jEc4_ZbO<s$!x%7PV<>heujTn0)$&am*
z5^zq^8Mpf!JZhUDxL89MaI3QZbdN5+i?^7V|JsN6EN<5rA4#M;7BE#7_gk;55>y@i
zs<1oe^WNHJitASC;+er(&ybW!4<&;imt9lkLUc67IZ~aALMCjFP1CC1J$0?2JYTeu
z_CqUM6*pc!I$pZy<Ww56xV20CQhbSrr;Uo>?e?k;`-@Pz6GDAwIwsrP{B_xlk8>&Q
zISz|}>b}r`*|1)<o1FoqMehMvh#DytOHz~sMeRplq9Hr_ibE@9F!*bD0Y>zH=!V^C
zkZ^A3WXJEfWq2^?<xheSmWBcN{(u6BT1mef>@m!fx4$=XH^jy5?Qt#1Ur1LH1e6C%
zs({PaatAw8D)@YuL~J8DE;Vw#zksC+i=yFqEMxWqW(l+po=h@pN-Rk7iV5I~Gi|bz
z;qG~SdBkkKr4fit%vrUY;+RETNkN-JPZFc>NXVjzXwq7rD+|*dBHN5zs04(~va5K0
zp=3NCh7C(=6{B7#Tk8ImP7wElggfGff%d@ub@OhPlMhe{xqy{kxAlo<|5e@OE!JTL
z+&Wk+XO~swU>`|D^~TqLNxutTjrv{r%?^fWlONx?mfLFZrb0y^{8(|-^BWO3d3_xV
zcR=gq0lAIWcymA<Lk?bUStmOSaMN+p1B~I3xElHbl3X@qCn${EZ{^p$Z0EK&(rnYs
zm2!KdJcqWcWZ4r%m8%o!4(Vqttlg%}x|Y+DDvvjN9$(Qb0sCyrD@`?RQ!T}%PfX-{
zvznX6I2xL8=6CAK<>ar9#dL2@3SK?)x!|r#&Fhm<`x^m9mG$*D_HA6}yV)FX1W(()
z?jLi_n=oiYDXR#HqlO4vTrP7*t5Pf3F1sFevEHNkx1=hyRAm}9k!+$a5w9jQ9ezl0
zluMn9GamW2u#$TB%J|Idy7736G?&}XDPI0QMJ@>%mE#xA*UG0qu70$SHm#oxofMNA
zdpcn<*vphuDZE}<L++>Sq8?pohx9x5Uh+5qxX2M-+<KYwy<GsW7_$8QS*doW`0iYs
z$eYECNJ^%&Yt4HWysdtepQ`HfoJAzSp7530P0oKeWcwl{W*LT@aLV8oP+2TeW)4G`
z48rj$4l^nE?t7n~CX8RX;`vQ`aTiZ)6Ys?Mb|)isEwP&f!ze{%b!4o2Rl9#=E5VDw
z>EbXm&j@;JG1!c)qO00zq`yG{1^a#QLu9e6S6;D$b^+OX)cnZj*Ft)uc!fNQ{5dm&
z|MF#ES7+Mj{i+H}B3`;;=}z+;L{Of)@A3u+Ug)e_F_}~f!}>x&#^?&EEg7#i$Jp-#
z^4M~cHm8cofX6k<cmw9T^2=I;dyaK*xf4yGHweq<DvU)$QhEI>WcP?g;P~fKT3CR0
zB#9i+Z+^ZlwsRA(ciqeK&7yab4`G4Eig5AzQp4N0YamdbF&o_p(=xUc&_@t*Gb=|=
z;uEVpe2gl4XuL;{^PFpACI!Y~Uu}Bt5goEepH+SlVqbz--NfKuP32l%X|5WaYOX1L
zVj%VD&N);2i1G9aNA90Q&(F1^M>Q2v&(DO5c2EYjbhemQOh4UL=Y|$3yUe)-xO~4N
z<J|k?e5w11sA(nt)PXk9nRN6eE_A-~TU8!D*tu*Z8&cBjVa?ijZ<|u^hUkO<^MG}p
z2*6Y)Z?#!GscC<DQZev!uf%3gXKDpE6W=LjRA7VKxo7Z62svmcGU=w$GHT^kEoi-<
zg)x3DHu(6Fv($>wgv-w{pk;b;YVkK`;6_+g*_NBow{2$OM*MXqN_AsK6NgZRX${!&
zt^c74q1??Ny445_W4Q?3dzNr=I5UeGg&=Y**7yi^33|DMkx2<cDO^l4!Nk4>mT~=;
z86Jkilmf9xl~a}JWk8MAzreT|b;wKg@&ftU!S0=*(_(5I_0O?k1%VLOwM-~-S=k@_
za^yIul)zh~tQG1hm7?@*#D4>-^R+$g(m3>l4%`K=v<$0HPh9UwIxLYebML_<_dSsr
zF){X_T9C(G3^>)`3aq1si`3}sJJ}S1o1Exes2Fj0DhvgIMUb1Eelygaw)C_uAcMlX
z<j#kMM=q0im_|BgOck1&r3iJa#7@Tde1y@)MtQ(G|64>;z9ex#hy1Z8{gl>$fe-r5
zTfof<jvNjdW6Exk?s9zm!8*h(wkqk3QTdDFpC-=EP4H`Wef_7DjD<gyU3@c4X<^#C
ze5=Q4KyTXaZCOH%N53))0@`@{!69WkieUCJGZ2oH@|gV%v1*YmV6sQnI=Gbf-DPl6
zD2=ayUrF-{I2wx|vy3cMc9{;dk$LSX&-U?Y{N%y#HC|&a=Cf5;iuOz1_Jyw|813~Y
z%!Us_YQOX{QP=IsJgx#BYhz77_%Pj}1J)#JqgwU)9ac7%GxRAg`z~M1*gYDG^{k>1
zHWh8Zvni-cC(PO<=x*mmp5gFqHL2l-CjI#GEc<`8vIut+1PM?+VANP2j2d=FVvLa&
zU=k~A9hFhVRB@aP)@F*MA@~fXBTN3klV6KZ-t(>9zisZ72Kd7tW~qBH7dGG7usU&s
z!)e%!WQDw;{1coNN62{hVl;BO9E+?cM&kp}UR#F^uq!L$%4WzEn3HioutB{xp)~qK
zP0pRGxC|<d%D*oHBAnW|htq0{dGbOyh*ul+yB)yms%}g?nB9$qUgyJ}Cn)1PVS*@f
zmLJdSV1{=)*ii1kzDPHtEldh&v~+rcepG_h;nr3-Y_?5aK?s*5yM<@?Fmd{B{b$PX
z?vDyLp6PlS362GTEm(a}G}N;6A>O|9FJq*~0C%wuhCF;DrYCzPDPePWb9Es;|7n46
zzGjJ>j91ZdGyjyuo3ckbM?tU64F%smu@L_BSoPhgPLUKb;7RW&Yg*yTR-03)MJHdt
z>;d)gY~L+!|L3y1H(wgs6%<H0fM=>I@U6~jP}Zes7N^h5>s7ToG$sx7aH+LLIVs;=
z+U&uqLK-QFkV&$}dR;5inuSpFYrZw-TyA%jNxu}WP;psoIX!H*f9=O$b;;z%68zx@
zq0zA<GbgX!>vtLmv%5c+jq4OPf4;@$=pWU4QXIM*lf5(%NZMh2J9=Pl_@T^2pC}yc
zmnQdVS@M0=Y=EFaZ6U+v_V~-!Ez3Ag<s7;EmFBN*p^MQS63Tg>^|nO@uB<gw!j|R!
z-|GYpfw4qL!SwOaaJzDQm>AC3(v6cq_i#3%3t<PdfpVdI=|507T`;02FUbK)OW}{y
z435ESqDZNVe&jGr7ZRm(>fsqw>=w)se{q5n@Ukl_-4ZpV_h7`+4?F(K7Ki88XBtXj
zAIert%uL00#vMo2>log~@DgB3-BW6bl$M4ACn7v+5c@XlH?F@vc|fs34@3##>T>%W
z1(CiOmU2$m75&n9$n(*9k0QavY_}GVVO61YsPb}*6VleQ8SPFRP9KMuyP(9D!N+_u
zM5YveYpAh!PFynx_AIc=r#h*&Tp>jqhF*F0)dGSh&z6fjLR5~Ls*mCgnN9_wXf@TL
zYefZ8f&E6NHQZAc4yOHcbKr2c?V=03I$@4(-a>8xbZFC`N-v#>uNF!*z7T2y?v_se
zvZ`)=U~TeJAN^_AdDLxBm*`AUL@0Hb(hpcV_{5ZZrj5xJY*roLzD}%ZW7n<XyuDH#
z(B)dK=WkR?t@?9p!Zu)~Z{2(B`}q4t=+h_Dqm~e*$#R*&u{`sSZzM0>yL)NMg>zus
z<%c)7@gk4vYF8Jx%e`$2HgV6!OVf`n`y9X4M86i8?>$%_W!zmE+A*qfmUr^ewUSx?
zRlKX5U1`*8gPS}W_7_YM`LO&bsnWjexecAd&`9s?5<8#;dSIXe_djykaNb<8x`Z*F
ze;iNoxCI*`IOuQE)N0uOGtED2w%&qLsmUY&8Uej+@;@llCJYMrQWkg~o>wPL*FswI
z6?WV1w&T*NM3u?KB8n3Rpcdi!D((m-I3M)<mdeLXH{h*B+-KjrK8DLizh%gelr2At
z+J#**=K1x+-zu$rS+yCK0A(rld!+iyETY6ZDL3hkW(!{2>=>5!HO8UHtV|`R!tEm`
zLN{A|2u{`$G!#}@{s8sZ!(~V9>_;iiZc5#gK!x2|KQfJ}YIdc?q}En}Gc+w+`th&N
zJid+-DP*izX8m;C%n+Vmo%;I*<qjIlH_<?O+pxDl$Jk_vrUSSpi=fg5_#?b$%X;a&
zBF~Q?9+Zf93Ei$NaS_oUFSO<oLLvuKQf`#GPwC4fJJde#Y@+#S_%`s-Eg>dX(_QYX
z2F3_Iyvz%f*yzMMMUnC)p^j4hDN)l}?kOW@t@0`X%$*)`tF?fB$OLD|1|Jk>e9@k!
z>skGwv>i%VtP{&%m?OhC;yRUT^Rkw=etqCM<3i#y<BCgD!_ImS@-CNMTsUw)Uc;ES
za8JpNBnYUPOyObU=L5=RKTXv$#zAXT^5zroys*qTu9fevUDtZ>P@5q|rPN}HQKrr@
zc$_(XE~A`}-gl}<K^I~tn~vUf{iG(#c9Ns6$|{#zm$&x6-W1Rm@A-U>uZB)th_tjc
zWMct1a1+aB05zQL#A1CI-)gzF60%1~p6*Es$mBb`|7(i#qi(|xSzCt}l=DO{H!#Y5
z^GwAJ%3mJM?gM<k{%`>lqCbx0tsfoB-{IT4aa%<HS8m9mdg0O9tMK}C>@Ag2Bx8(o
zZ;R+a#P36I&pZX+oFhKAf_IB%YC&>Z1IgY8Z#*xpZrgJ85<S)BH&g*ZdfX*?tDt2=
z^L5b4OhDPsV-?oGwI3bFN4l9Ux{!J+w`a`d_C}Z7oHWfG<7yXc3LjSUchGh)c%4Uj
z>F0Oyj{cUXQ4@M9Jqw~x=~kQ^XFfKzFE{YUvk3F+erI3#9bwNN6&Y0@DtVE1V12E{
zhPIl{BX3hCMppW3?%`2p_`_KYr<`y75m|?=_%Ga>tqOsz&S%nB41BK7h1|I5iywd8
zz4!~Id`X^vl;U9zr^Z`$#=;*y9j5D#ZCAG5P+XFdYO4t64LYm$+wFJV%)rO(@GSX-
zY1zi-d$zfyud9XXU|3ylLL!}g_Fz;MwaO!IsrP@=9R7IKLwx88_D_;d&Eb3GhwEB#
zGxP5_WjTcGENuKeW>u@|G%2)<eGOO~;PS-lv^RM_-3!g4Hk#La69_*r_N0rQok*@U
zgZXnhemE)Bw?S{JMe*mBXzVBcA71?bh+EI&po&sP^nK8~;~&sRE)~L+o45Z5{>1=Q
z)BtFj;s(IvDf22c|3{r?je@P@i@&?cKMDBY?wauK^WpBBbDhHE=L;-Pt5D^2=h~bW
z7|e4VF3nu<Y88KPas|_d+DbR<=Th9RBAGj105NQW!=IL&0>JjpMSuuHvK15QaXG)*
zMkRA<K0Uv|>oeRtNKfX<5wvaa(&$x|jOdmz{ljn|U$TU1N$t>k#8#<_ry2plU4PK*
zQD*D8_w~g4h#x>jw*qlm?qI!)d5$8Sk2!5bMf^;nP0B2OhrP)Z?S~SUzr1{AdWlxR
z_NP1WOP;)pLvUPnd?aIB12Dz4lWM~U530wfdrSl&CrF_!k|NL8?f`_Fsm^g0-fX)t
zau;>)A&+j31IZ;?<}}{ZM0$cL7eYU$f0MBNG;Ke({od7*G<jZlVkXq`V*U><H#lXs
zXW;j2V77kEK$~?!>$`3Lt-@fO@i$TPF|7=z-s^#Fz6aY&!WSh*Djh_D3mTh@cPWia
zpHlPhDQA~59noS1zVwg7@3Owr^!v`a-&rpGn~Bexa?1J<9rZh_k&FDTGLIy_8kfvX
zsviJ_{G@b8eLHgGL~i|u=Dycd8~`wm-%i=icO`f(=6bL+=wVFJFHqJO)=hhDWVy<(
z1LR;5<>;yhQfVAh=^v^h_96G<5nn@Z_CL2m09km8O!uQOLSDt3%EH0-rx$xQ%Cmq5
zr=dqqITGh<`4+WUwI7st)X#b;XJL+aM=M<zSSFEC8;pX(z!ekTM=KKzp07fFpRD;W
zcPMJY*tfQ0ep<l{p?ty8)jL4n=Y6I)MWm3Lth4oYt+UA$m}fcPDz!G0omM;u$Y3Yl
zK~*~7d0fsc^#LH)0!h0tEm2Qjma&Tv(o7d#mFJZ6ua;qXJOEQg)0$km_2LnO*ICke
z_Tct|S9gEEZLT_1^<w#C1M6@Prq2kIQD{8fSkd_RpPyBSRgH}_r}b~@FD0k2*qsbC
z9&=u_N+$c(Khdx^IUqsnxqek<Drmy#_wJp5yaD+*HrIM&vvuUb4O(p6iDEL+6`q2x
z10q9tsZpEMZF0Rt&2Po80I=*c*GF?3Uer{w3-T0b3+BE(IdJMtPwyqvV8i)$7NR4f
zyopxPXho5RuPH>J#Y`3bfSDD0cQJKJ4#V!d4im9kP%Uq2#2;`${P+b$@R6ripX!Ym
zTPJ`Mx`<(3vck@od;7W1G9ld&%*(+b#ldqoK~rr-(XIH|ps1?@n8*9soMS}b#j#y#
zJ7CPS@9PazhUt<@pQ^GC+xqFzh_GHNQCE_q%2MYL@#Fd1W?~5s<KH$-$E!*+os=sy
zoy}I2#m&-d2|Z*QuIvcEB*MN3JtWaqn;9Fi*c@B!z@_5!r^LG}h}!enQ9<^z4?lNR
ztP=fKPFwql@lsfc?X|e1EB3)kfO#U_S&OS3dXHfmO<EKYIK|fP9H3J10J2hE>+pIN
zZTJhnAp<pTB=EVAL{7n^S(@JqHwra7QL1$B`EG8UAjbHZ;SWIb-vRTC^tFW+5RZ`a
zOV^d2#oc5&y$k%vvyBYk+AKOC3f~NjT2lD(UGaiIdy0Hexwm4u4U2tbAZBF@zmPMf
zIa=C{;wYh0X7*4s!Hbj?tW~oPhLv>kSvUDHQwPE{p@?|Vqx$qTA|PH%QeA?WcXk-O
z*Jgql%K2}rGf)`ckoQuWF<{EQt{YqI@`&cfa?s9~+q?q^jyK?}9Nc>t%~u2@z%hLQ
zuU1I#xfC!>m(!3G(*dxL4B0~HZKH>qFE-f=^Mb7nLcLc&_LO_7*|>7d#B7W$d3%kl
zinh)7)BEM05}1?a)jkj+YDpXPrQogWFw}&g7Vd{UfOwbQd^ijMAo0^Z79<axP#QdM
zyO3!$r+QLuHGAsYP&5^M?r|h#Dg;b%7OHi>bB<Xml#ih)f_Sz|c!hrcQk)NFT(p1g
zJm#n(xkvgj_X<UL(vP}PyKG|sT|Wzqeqv*WzA)d-m86YI#;uY(eNx%&C%S_30H}D6
zY&BM}OnrJ_1?hFU^VQQ{1K2R*z4s3lH|a_9JTL{6H4mHkwZFq3Ku=!?g(7eiD(#Sv
z5py3M!FZfE3YGDlOBZIpQfHmg-@!K98iXcX-TXcyM#w-u+So9ljH0IFnnF<8K~Uu6
zuNk^h4rZ2$oN=eGr<7}#aeX)+*0BioC81)k_WjS{&MC(plvef%e3nfxi}O%zLiKO>
z&Q8v`Evx^+VNu(n`DUK;30HVFW0<Ltngo^W-L!dJMl)%CH4X~7VuZk_x=?G}IM5u+
z*)C*=>f@wr#gK~5R@Ekx#kxZjoBISB5p)}V#x6Vz+G*V_AbzZL_g0Riwz-sxeHyEh
z`dn}?H*$N!`O{ljHZ)GG)Od*pX_IOEQCBt|s(BE5AbM44f@D*}Z^Nv|xk_l%VBw$s
znPSYNRBi7l!m-nO8Zg~jUb2+Mb$43#xMAd-0c-b(_noZmjf-0=wyFHRPw&E7qvDy?
zL!IAq>$5>%=5hhM+SXFmoV%CC?}WBmuk<pVsyYxWt3X`YX^dc<u3*MA-Mlzn@r1}*
zXb4M>pN=mOa>NEy+{4&fGO##}-fkvP3;tD6Lre`XC+3|R7YUnSAk7&g%LPam@afJW
zoNRm$t&pDyJv|3JfV8LKwfMods%VD}!LA*sOp`8@8^f9Eg@L8sw@7`cv%8s(JR#~y
zd9M(^wy8MJl5t6<9DCsTo5FBa2-(VJAC_CPR=zF9vuKj6S;MmOS>i2&j?)Yw$_5&~
z%iY=6wAn3Ey%Y`w9e9=9f#Ht^`5A+Di@LSRMqUy2!t-IVyz%;Xn*3HYtV8CuA;?2n
z(Frt!AIm6qnM=udGr$;GHbZd(Bh3IEQ)l6wGL%h++7n!RI5#7uRX>W0A+{gM1*LK0
z9(+UMWRUqd(YA1RV}jk`_EIW_jjAB2MD;6B<Oo^S+*tQ4(1luVp+k20Q4{bNvI@S^
ze!Aazw?b!!l+RW4Nrdu!yP*7{vN>v-B3F$^6)%6%40OBC7L&jDK!m+!Oq3)me?JuW
zE8Bs63!bThP^r(jk&ixxV!#PJTchK&wV+gFr()MldTZfnD<78iXS%<6peB;V@gQI=
zGfL(xO>^&2#5pAxwvmcmRl0KK-3~DYt4mG5t_6(?hh-u4c_GLG9z5+?h{d(0YbycP
z*aT^12t9T8l)S7EF2{z04d6l#17OT}3f!saPcu4mGCaq=wdznzlLJ27`F>Jsn`y_6
zFP~U0?iA{N30wHXX3Ix$qVvJ>DjBl{=#G>xH{+33(bbV5T$FHIXs7eKwe4i0JxxKY
zqu|I~SUZBt7@lfUf<{5wv{-RvbF0eIc8Ajf{!ob|L2`<M2nXelmS3OoLgAjJL~&&6
zysElTAx%Z3m|7^xRdh}iq0KCY+oOH#E1qdwPOoju6C-P-lJ`L!MhHF5*gmZsE3cG1
zzw{Re9)r2+Vx`<3eu^NcRn00j#N5^&tRx!>y}?qU$MX|vx7W%%`)*FD6L*^#t_I~>
zK<!)g{OqafIZ<vY;w0`7fd|k7Me?2bhCZV&RO{Skaf>M@b0$Wx;SV$R{PfAKcOk|(
z*d`mZxmJ-bC8lx~Q;?mZl^>andn3UkZc!nviQ0;YR9N8~ydpu56G{=25>Mn3uXu(D
zF6YKIe<K<+MGN_&XsMpR7P?=YaiFVYtljKl%B?R0S;iqC=dR=BJbfdHK9Oyf*a1w=
z7ZnVHg}kgPu5ROMz@n&wFD(@rw<JYalv>g;J)W6o`fDeL!mgHO{C?Yy_Uqmd3Jx^E
zuz`{bc;r@HmxGdFO6X5AB2!QT{4|^486RkM+5*50!CXRcMiz@*qLl;x87?yuWofHW
zI6E45evT4}8+i!hY%<Nf68jc@0m?h3hB8Zm8Oc6IHwCO@st`RCX+8*O`M!mXvD|OM
zLlu<8p3~)O$(m|Y!$N(n;3X^p9o#S9ms0-BH=ry`K0pXG&<@J(wDiP!&G`4C<Dp1x
zx$kE%mjm=O_z<{F+^579eRA2dZHXPF`p;6!3GbNZdvOqh{;w44d<?8x7?!z(NbZ-z
z6Iw)pATzPSySRcaIX}dG{?uTrFBdtE%0)x>Z7L&qAK9lKhsz4$vQgJF8QWqt;LcBl
zUwTJTY5~Wb*vM1XEZ+QD@l_aw^5d`)Mr9e3z;;)$DRCa_-{oXEiG2iSYv$<w^3X06
zVjf9@H^EMH%3G^Jv(*A!Ye(&tEV?Y$xGN*Y7(HTKtV->X$sV;CVCBmQn6A~zw}TF`
zg0OV!&yLn^P1IqNy6-pGEfyXEtwhqfs5p1Mv+MzISR9mXY9}fggF)?|Qsls)?ted<
zD_o`$c%L)R!-eT-kHs0Db=;{Gs2}F$!;sG7kkSm4VU;YL=OQfP8U6_F==*Ks&g_y(
zJZfV@7^$rey-v8de^v~~($_(*oa&88Zb-kOeHC*itZlIz!6};oy+OY^D*>USig<q_
zvm90N%wqIJw&N_871{1J#9q6B;#9u$E2pKK)>H{STU@MrUQce}P6uZp)nL>}ioCS~
zcdpVw%!YQ8(?)T#`@9>FvooBg52y8h)E3OlL%jhYm!h-uQ@2?R)O__hx8|?;dYF6b
zldbsH!b)Y;M6KIG?W1=G?ad;1lV!UZkng9rC4!Vs9<_VP-rnFEq|?sXz<;7V(P^~G
zsL70h#htBAYZ2J((d#=K^cY1(brY@FElcAR??+_s^6a{|LOw74@LXU&%Ln2+X}pdl
zGWBgmLws9&5Rs;<CHA36Cc9Oj&5G>=j~EAbdcV&ne*NON$YU<ItxLOqA%u2$TX(e(
zdywUL#0R<9F%hx|KVUBMtnWCJ4*^M&^St~JR=aY$16IWet9aZTAdtSmm9kNYD&b=m
z^ZlrFM(3wMtl6;Dbw7rFjqf5}7{&RXzNvFpivo@<$mx?qA!yN;5Jp^;X8$4BA-$k4
z@m5lI;F*mr-JXqkuBjY4(|~&Puv~?-e<Gt&R|K~x{?*ObRQ(}Mn{@YmrTjY-$n!RO
zY!<mILC&{cNm}vasOMP4HAr6trGvZpph1+NZ1DRE$|hRZUa_=$InY9WyVdS-)`-@B
zzo%aU*@iJW4vYy?eWeR?WXApaEa?P>^6x4`A<I%^6jqaK3Qi(nZxj`kjG6s=u4(?c
z^%3ZR>gcM}9rDYX;961rCGCGIzxgCIynMN|$&j2r<1#rl!DRlM`JaZVBNoA(SJj-!
z==uD?wZaex<ey%)(Cfp#ISm+#P%+Yix@WhGFFpKEf7J6^p?px9QWcj($X0S_xG0@W
zr@+7c1=oUTL4VB{Kml3hzy9<P5oUtUN93rwPw{{!Boj2Nx1>q`pN0+zfm-^uY9*-{
zxk&v7EQ!Retu3t0y=?A3jcR2i2i8X!E*Gc?qt_iM!9so(db1I6bi6lxqbUF|b|OXo
z8L`;JQ#A7+{2d4Eum*Mm)s>7NBqg1Dte8NWh7zChuEUSye+uqaA;%L&bwH`y-;Y75
z@uX6748nr{Ee@?u8od`DTLM(-mcw99?VmjH`7;BEupH88F}}_OorM=5w#EKC^<eh=
zz?5V>W4EqB>nnoMrWneUQvGkI!w9H+giz^8^=0~QHBfrs%K0C_#P+{aj{4NIT3lSb
zG-UYq=G_biY6yP;iu-f7BO)JBN{P2al2IKAl2H`U;s1F^yKjKvWLH^Ua)*(V>d5b}
z20wfMnLb7)Fwj;z&t5%Llqa>?`n56dpE}Vq9Ljm11^JYu5xA%j92kG`>iwrz6w=ev
z)qtT~A@EST{Lwk?-|qd=Q>3#x*?V~Tk)k=T{%ZIJNQ;&TzyOe_=@R+F+i4v=CLqzC
zCUyhQl~~ey$pZM9{<nYBx!@6)X(Uo=<_}Zde2EYe6pZ^()+oFSGC?^^HT}}Qyavc*
z_}?dcZ#}?)c3>#TLg?R{)4<L80mI%Jh!9d!n}DFu8tg3d?kVA;HvpR_4%i$?hkQ3?
z_){HPKMo9k4RpGYTOUn&VLlB?-S{(<Z`8nhvv=^}f>wSRoR3;*A5ccR?DK+{p5@%v
z1lj)H8Xe%1i2yc{lNxufasZ69n&B}0$#K`lOT%}ZUKu|aRDF5bP2wdhIj}*CQ{xPh
ztQ~WFNiwPIV|4t_$S3cCO8ur)jr7UAauuJzaXG+7vN-)ZASD(7pE3`?19}HsKjqqK
zzk{q?W_}B46<}xi&i}`&EA2l78$;Xn!O<%Ta4Da?t|MaO&?|O4z$jF2sWk_L2`x3H
zSAikuJV^AG02m%(kInA)NN;s>J-ceVQxMHT4Vebar<~Zv*(kO`5D=~a4KIER57)X>
za}zrV(t33~t(0`1X{`q}-WYwP65a>+Y%D|8fQg3(s-%!C)7cY1*6RYAR#-H<x3N%p
zEBR6um>uagkb80Fuqg4Gz{$_N-yOgl>Cu?@dehG?;B9pQysPS{{fBBCR4loGk0S;o
z+?^mB<pmIlyanh_BG1jiVD?Ea+(!(8{crYuIj>i7nvv$n1mLi2g6nGO!shgPV}}4T
z>3CH)l|?Id?R$O%wqfCM9B-~KDmUch*MqTDVEV-Vvb0ju-`h7zQ&aO(Ozpdip4!#G
z85Nk&uK5C<6n#7Bi4@?2f*;A9oAeIs*B+=J0ut5gH68YQBj7B~0u~!x?Q|2n%uGM@
ziN~djZx7cRjU5Ui?XFGuKc?BaPI`#oVparP{nr$&PsXwAmLJ;JHcUWbz=#-vMZoHL
z!P0W&Yo`)DGB^EzYpS-j>*Ml=VBmrdTmj($c+>hHMXUpfHycR86{kXb)uwk5V2cUB
z?TX9gvens6Z_8Ac#)@-kqs7=Ck`z`IJN2t+ihZO5*+%_*Vq7PasSs;1@Q=96WMcEs
z0gxH#(a>Z-HS73TppvT3a>dn*-Ywz`U1HsozaT5`*>QmRaf&o=8y*3MQbpGVr;czM
z;S4<2Fi7E=CdqmiP&z*!gNUlx)>juWnqhmC1+6F7A?JCY&$(bGZ1(zrvt0#vR(RkT
zWy?U&1C8&<>m>u=#e4!Gg8W-4e9Eme6@QrnKR<u*+RTsdIVf=FyxLE3*;M*ZdySa$
z(=CUQ6;DD5WTz?7Dv9_A8VeQrGrNetfQ{HAoYlR1_b&Q>FQ}OG9`7{s>`TM^1YWqQ
zYtJ(_N>Le>ao?3PNGOU2Xds%a|6U~&)xjPfRcqndce!GNK=ZDP&Fvz{!xH$0PHcB~
z-0d9zs~#?&4KTjJ;|#Ak&tL{T)Rwl}JFwtMRYyH~gAf9Ax|0rC3t6`9KA;euZ#%;o
zU)6t2@JsXwhH<ND0-#9G*Jtm8IQcV;bA+tmu82Uucl|5oY@s`FWK94>QGW3DH2DH2
zl^Y5u^fO(&ISv)?Fb<IAi#l178tH@YhMocU!KDkqd^EzD^$Rj%nBQF3295$vg>2FW
zV2F`yg+_`oJ5<i9z;z+*wyw1-jT@0-1;s$Q!ZLq!oy|pZp{g`jXh{4ql96?s^)MYQ
z4cnK!V>}K3w3PrXN_j@vKLP1#9uxX%$f?6Fat<kSIIh{oS$MaEio#0gIM4DbJ)Z@+
z*L4^cXWZE#Z9^5IavBElb%g0b6Hn7hBm9D47op0yUhpdAKoq|fSQ8TKR>3h}8~YL%
zhP7#O|C(P?76lo2(U0#2|N08YfLuqfhi1^XjIP1i@u{GzvIjdq(wj6`^dXd9O4TSv
z65NIs7p-Qw7SA)6G;M+c30{Vtm7?f%Wj8x+((b5a0D0!Mnnl3Y)C*q%Mr~T*RD&vq
zV&y}b{)k#2D|~YE1Mr1}1Dc(?<CW{I29b-YxH?k0JB?F%PsD|R!L-+lJpiTVZYf)G
zL4o1b0KalZ0Q@E1JmWq)c|y-AuL3>r>ebxjK*e~^Ka|;MJuP_rcBA^Ut`-(dsZTs0
z8}sR)zxymF!d8c#-`G+{O{s6p-{E2U3&_z$b|@w`_L1?oO<ih;HmN$FFcf9m=L)i*
z<`@Yt`z@8bl_l=8k<2_I4z?D`y^7^G&g2d{D}~zQTLAU^%ja;2En@iBEck0(sgf&L
zR*&_!*v$Hrh|N1<Tz4m7G(RCMKgwNvzZ;o*eL)B;fCVlNq!5%!_$&ktlNG-BC)Pr?
z6)qn##FiwO8q|djtm4W&pz6+O>wsMW{@ymJCa?tY6YN0tTa7)juBsVzzxeT^zWrZd
zJfCf51;)zpL*tIA%8%*0<-)FUL3wp^GC<DdM6fl!OMey5c|oz8nh;Tboo5qQR8Huj
z=23==oV`w|)I(>X+A#_i#_SFaz|Tn)Ln9GX3N|(LbQe<to6K-(sD2m@SB?lTq1#&n
zP^ywT4<S0_1|5Vp>e11rp)D3xq0|gRm=tPbm<mt7o*#<223w0gwP2o*xkqza%XA}a
zPE|!8;rc87%}i%|$y^Zn79$SIy`08s+Hucr`<XCjdy+oS3X@fYB4J)bnvSD^`>`=L
zwx0Vdlny<DD1n=8(@j9#<d*(Q{dBL=eVl}a*U>&S5nCz2{=!>fu7;;$4q;XJfaPuQ
z9-{}<-ljsGY$G$9A3^moQbBFgrJ?hyToCHnXf>D{Pb%WzQRHc+v#?iqr(9OqG+DaL
zy>jeiH;sW>UL}2Q<Y$n1;$1|a4fMnWFVM6J6*nLp;-%4>W<NiOWo7|{)AM&o3pZ)Q
zvL8Yo-!60{W+B!^&)#0&nb9qEiZD+#Ilv?b_rzcC!gh77G`ABim^O@!JHCn4+QkLo
zFBI~XGv5u|RK0Lm5hP@ZO^?Yzys!bdp60wv9^5NJ=l^rQ(MPyv+_cUi0r)nO8&JE$
z378vH6~i?bE2<<b?OO<<La97QzW1&tUd+UtMS-`xn>VIhp646OW!(8f*Uvgvbg-0U
z9gDsm8{%;P*fuU9Nd_|CK#*5%PTe=!cmcCfJ{DW9T5mi1V&xXewmmh!m1y)BR)bd@
z(=<0OR)x-b6|Fs@I!%y&E|V+M<oER$fPZK=)bm2bU)r+v_&f9?Fv^>m(e92)_<igE
z;$=IF=a?GHC9lG=A?}|~kxd(#pDcKoN)ZfYJsqcNx2cppBhE>cRIi?=K&H|kBvMh@
zR-kn7Ja01tlZ}_`iZg?il2Q8bc)W`2OA~@ttmu5eSh%{{4Dw_ni<AI+$)xptOh)HV
z=^FhAg;YMCE545KM&AQ<*$7--rKr-|jX<QMiTSfhUok%>6KK9`;DD!+0w2^<VZ$UG
zg5J17*5&Jro?VX57CN$0slu^yZ*vTAJmig^#xpYY;jbg#;5x`J)P`=J73(q1S*=_2
zcjm2)>AqNobk2p{C^Uz~3I$e*#+IZ1Vhm^lI<~aV97bH{#9^&D`DK-SU9h6UW&?3g
zXH428aPJ~}u3_nl!k$si6MXPu5S9^%=kK(lH+l$Eo2M%F&W3eS^HR~V3FhK2@hth)
z5=GRN_dOKmAY5JYP#i-zye*QYZC|WlQNDwc{0vu2@>iTeyrA;qAXeX~4QYBqbtu}e
zs?N<n#=qhnd69ZO+A1D;w}ZPdeA-vWDw)-~DGGNobMCz?j^#m<r|;VmhAGKqEh4uv
znr1%d4F?EWgyC71^;)3j(y7d|Nf$Xn>yoLIYm>^b@}jEJ2ET>GHfP*=i$w&rptij>
zs#zLP2BtAuAKHupPFJu+7;+^f8c*^lKopdpP(a3@0kTcFYY)#5;C35I7bRE=FI9HY
z9Q@$|;BWDuO|T-!dyaHG999QpVm)u+5v9IdqMMABieb^o!THWiyc^2xXWMf9{*o9#
z#GS)cZwcwFTjpo6(hGsp5uXt`ZdRg2d`di6Twc6umcoWCelwnrvde|39gk@f#;Td%
z-ZPQ2`mo+$Wi~m*g>)=e6~b1s)PWW2sj6z1(+W+&PofS}H@>`8t9uSLGQ%(Q4L}Ls
zrs`JdOIXRhlwp818O|I<J+EYiP1wX@lL}B`a5W;5TGRo5mggI;*b={yY(<3L#$ar%
zf?1?Hs2DstSd~w2b_9#c-p5tAE1)6{VSLUlY9*C(F_v5%QToivCSrxY`2Ae{3$mD;
ztf;UK6`VUd5N;4xPVkI`wdK>t-Z3FKRAPIBG4xnkI!5yFYnyC5D}$DF7X+(HzhX0<
z3sUK^o)xP_cSuH8Ba$~hRnVK7pd`<?b+*XphFOPjqkaI3Ox-!kwupDM9-2>}HJ$Z0
z)S6tNUbqL|FL=XQ*3ln~sq8NM`%|^7?7Y`~X&oM>sHP}kg7^S+<Cs!0=GxkLKsepS
zV#vc-YRE-+&U+jloqniM9SJke737iL$bVgO#j8kLx9MeuCE+iqn07bc!u@3Ox3k@0
zSA3b4&g5Pl)5{PY;0e(3qco9LbY_^NR#SGd>f#UNA?=VatA<7jF)>y=k57-c!f2Pb
zstujCrl+xpPrwAh9FydF3uW-ZmTk0j$hdr=iArd%cc@TBXzXfxE>^AlcHjUp-rUCN
z6zU<^MKd*aWoSz3SAfW2g#uaaUGfHAeR~KJ1u^J!!!ZW5tDk-3+bDVm58+unvf;gK
zbd(+9iRB{~|4Fd)6}=glDBAu~g)okDZ`Hzkyzk|u>+PN5&X|n5T{?%!{c;0B<!6_B
zy|>un==v%0yn~<Zi$i&7Moo`Qjz`C%GFtUhEBE*eIm>#=US?bw+5GjkqMPGYtSqb&
z7fQg@R;|-UXrn^p2XOG!r$N={kX?ItwlSTCZMtJj9x~T5b%!<gTE}HG6N;z5VR)$f
zmg>z))Y<vx@3}+P`VP3A&V=Vm*#{->(Ae5p<$Ue*LU-KlqMz+r+&&*f{$s^t-eT7U
zh2A9hq+8h>o^wIt((HL?)cTgSSVuiGE*aYd4Y(cTcqemuee)TPZumVt1%kH#0MN1Y
z_l_5f-E1uEv(3Q<e&{j?mar3#vN~N(L&U`*4@@*}BrT=|C9W2jIiH)aekT0;@<7{~
zcC+Y`1nE?r|AvHt8k?W%Ukrr7a7LA{X+1ioONVtuaw^}9D;o<3sH(Hr8hP072E|nw
z@?!X>#2|=NI)b2y-$|Y5m<hkV_gY(aufVnA@KBopWWe3O(J>MVM1mMn%KQK@0xL06
zQjfyz!|i&OEx)m5!X1rHnRt9vOj&VHW}Teh`vXv@=YItF3QcpgOCH2APqBtZdDpYz
zogfWesUrjH1~lQT`?>#t<3f=|@}~hRw?+kEfDb`wmw=u8AEe_9nH;WjaG=(ZyhZ~Y
z@Uyosnf`O}hz39=Nzo8=vJ=2c%owCX{y_>vNk~Bzw0|75UjU$3MyzSf|H3X=+yHhl
znR?6<h6Q+*P?tqr-=7MHs6bKI26c=K$-S}wK%wiCmzMqqG)pFRs=>!48?qGvKr@Ad
zwmYPa#ouiWyGKIJ`2PQ)W&qX^+kN8#^s1yMLOov>AV$M6u9YeDC7&TL%wdVF5<EP5
zxfcN__VTl3Y12PwQ3g9X(6A)|(dTFn3iLd306=bG0x$rSNdr_ML)41kOc#2qq%r;9
z1~+l(TUg{Wb;)=wGXe!n-m3$Cs69>I6)?}Y5C8`%r?&Nv`KN|t#q*$pFHiMofi8{$
zL@MV};MBip&V2yCWXRNh1D^mbv(op}KY(8-Wa|+aD?OPmM~(bY66#nY;S&3&*huhQ
zW8>p{PUz$$Fk`=nf*@}AXD%?ly(M~KV0t~loaAuTp89usodDF@e*xs{428VV1x0un
zS@8dZEIEP-%ddNwW<X+7!2kFfC$ED({ava)GibpNWf2oKsv#Fp>YK@s;s1ijh%j;<
z@G#8u*W9D;W&qb@m!K~JF!$d9dkQXYXM(A|uaiGUF$*jP=}8O_fGmYPU6u!lIKBf)
z%!8#*woli7V*lKP2AD7-E^@4@R*U?X3h6#@OlAO^Qu}JhF9N;q-@hFC1Pm2ByB~5{
zci`b3WA~ojTH+7^z509p70Dw>o%=55e2CURguJ)~dz_Zm3AS?=0nZ>n(rqg6>76T%
zLnZaVEq!h#f-d*@VUzJc!^bE99;brc($y5j6B6>MclUpwv<*6PYGqC+l{#Vsw6KB4
z`Q*>2t6MUWuu*tU9RP%H@#sH;%mTas3jni0pu)>=Dr<N#(GC9P0eNlS)o=9*7X9_t
zU%h*`n%sekP0V*==7B==G?4OHKHZv~0_~JZl%B&oOw?~a3J3v58=&-4zycXv0!Trx
zo4N?NScO34w-k*53zS5aN&ui?u>j1}18jslDcPK10N@&W@Z)mu(f$KB;6DA#tes2|
z$Rh9nEp&TxhRkDzZq@!S-=W;nndP%I$`O8e-~#n{ZSk7?q8t6lxr@@GAdNgbyNvgd
z+9Z!o7UPk7i0$*zCfSpH&-;>YW(pUEU#APRN)!nB(_Q3za_35X!=1}H-)cP=-eZ;T
znN(-aub;3=IvO5b!x{?7`=mOIeSdu-A}E*y57A9z(pgq3`aRHywQGN;OUscqtn=GX
z`V%q6R!QfZ!%h0))b~Xrt($N#zsl?v)QTuWzKAW{<!Gz%lq_Z5(OT}@*H{>|-`IB;
z{VVu^%iis~b}_GN70$A97N>GCt$g&=G__wQJNzBDlnqSW1$V*eIrAXI#;A9T1FQ`0
z(6j8<B=?two_}UEl>{;S2kK@dbQic3KCd9cyI6zkfY|a0tEgAj6j9!FqTWVEBH;04
z^f`j7q%%>JD6f2C_8I6g31qTtmkeP2l(KFhNcRGh56E;t8QXR1ws{%^QuvjGT><7x
zNL0cRc);dB=Ium)EJ;vhnP{+-r0QPdPfI|U0wU6UvI=eH^U`1d!AOHm|NPtE$Low0
z+dy2~0nW^i<3&-cLpSuE*wKdoq6=l=21rq(yD;b)zX9Nki_jVp4QUua0pF*Z172`a
z)>Li-*o${i8ej(RNQk5`K)r6$vuy#^+m1C!cKU4?08<?RA!eBv2vdp^e&a9!@&#`K
zhjyNad!WJZs0B-tTL22V7k+@!OuG6l<IxECm=oYg0oO#ogQqab797kqS%(0+I28lF
z=#zCnI$k&-T7jK|S7Fn1qQSn7=-n{9l-0a`a`oVB77X7RSDSfd_|EtB<`;Q8Y|OXc
zO7XR<{I+ijIznlz>>M2rNPj&E9;~*~sCK-gur~V4G(PVp(_WCIY`@>Py?XZ_e%SRd
zC%GTBv&=YN?_FSLmRAt{=J*A{L0r!pAdaQ)#rm0Ei4E9WWlC?77R_D1DsYgH!4myy
zQa;h*w_DpG;Yty<F*`W^^?;e|o4!$L-N2)|{b^>dqI>QB9$nv_V6$z1JJK!H`b2dl
zxY250eHPD;cbUk2%YAO|v>caN0*=F9I+I2PCP+UG*VIl8`T%r<a{ic{MhFJrs(X&@
z03BopgKKi<!~8Tc31CaI@+bTAXxIpVdWZnVes)h}WP4>)f&>|d1p2g+ok3Ul0f0^C
z*TwO207!Em)&b1C6U<}U3X<jt3DPAoqP!CAy>1&T8Bb#R^gs+Niv*nqtW>BugHuVx
zYVA1X>)O_mnH`n<SJj_1HvwLznkOHG1t4rZfc@lQ$)(~z$vYCZp{)K2@NYc8BBBQJ
z?qI9>q~ZWld1X_PMegSZ35}JD4?Ze|`L<_AZ^$l}6s6og*A~&{_~|bVdV72$$e!if
z+YG*@cTM}u05`*Z+%(|yF~1k8(%u@jbQdduJ_QErTs2|qqSX_gBqAFZ{!9f{`6H@T
zv>d1<<J)*R$0F<J&&)THz*qp}rWqOYlVJZavTrQ_MZHGKdi@~lN6m;uw(KjA+rTCV
zSkd1*&m^X9`us*GrUhi03f$US1w*HCWE*p9l18{5L82Ji)ISF)W%YP6md@a03fD=*
z9r3~Zw<T<I7iw?3X5spp`{Swr$AP8s#W%XqMEkz0^EvjE9cO~xb$O}@v5YiHNmG^H
zPPCBLJed~r8938E*Pi!Ibzr)yv;A;@ll_j=S;)jwt=d=ysVqUMrZ;-d)xPhEPG7t|
z`hG;r1By4A%*dcyC*vm5?Iv+)`E>;;KUTM?)%Eksrc)Q_&rEIJxHwXD!|cs!)2310
zV1@FCUC&|NT3Yj5ZgXR&;ZMl~s^W!;Ue)Q&Rt3%Zs?SVudm$GY(%;JRP04u-`fj~f
zm@9o266d35Ea}I3CQ%?Ep=^!8XKnN{)AC33o4ZqjWm6TNr42K8mDA;|Q+7dOk1k+-
z$x1TAo&(U8*1!>fhx5v2M@h8NPlQtnd4XFR%SlUq7VMOy(BDmTD>>Kvdmz`%T4D4)
zb+`#K;h_V<%G>QoDaU&3z)zC(1=EKMBX2`~qvx0al7l{~bhrTFus#NnkmN#^{oHMk
zRE$UFJ`jL*047|9?uEr^p+~v*d-<0*P!6$I0Y=xb=h6sqj3Pa@U_H`nIyv~!BT@TN
znTGqCeU8WVt=cEPb1@p#vS8io@dc}$cLlIUco%%Q$_(&Jhd_|$q34F`K212)e0YKN
zdB)enBuEs;Q<xASh6Ssk#X+{dUOYOlf<6{X5R5_ug3nS4FdG%IvHMn)i6e9dF(U~f
zTsEYb(bwV$yKEOji_&n{H%m`%__G$N@hyY!$#GJy+6Ib#vmTzP(JWSu=f?nmxe51m
zfd3Wne)ZQ19<u$}cSTP*5vSh4<=cMl3PhPf<--oT$p;UW)_$^qz?R=rpp?-P{rxu?
z)rM-y9e~3OpVV;Gs1FT~_0h|x+W|z1@^kKC+mvp;aj))egIj5{dYtrw)m@Jd<_c;W
z5&j;duIBTroLwCiN!v-!=*&g0)gFxt9;}9LdVCBzo{NcCOzPUv!oFt<iErFnzVNg5
z9;3aS93q(gs+jBevB<-^AFB$TmFC~@^HTfve1g;Fzq@99tM)Q{_e0;x;y6zvrGx|g
z^gm3#u-e)(Z|a+7c$5^v!F*==x0Y=1NAkg9mm=xC(dnXr8LG|2j!NmED&5WR_FRVe
zWk1tChT|x`cy_m6Vr7#JTJ))Vfzq<MM_A0n+w~*<uMe`pvYOU-If>!Q!Ao6INW_22
zxFmlazOFqCVwb;*7dZ<~KB~}hi|O%+4@eI%A77KO`f^!f!We91lieW3t+FfS?cu5;
zHN$rV6L^KB)&PXvBZYli-s~($bSO$ldDSWm^0T3+I%1JUL_sD#cq&m3<y3iz8W&fI
zc(1%h3hwlxkq0I1AT*N0Bnu$*4I=nK`>f0|qT8&V<#yy)C{Inu%6Dd^=W``R2|nrI
z6G$O6Ke9|j)fLzP{qO55<y&}WIxd`tDfqRVFHX16oJ}b8Pk|W#hmJ(BBB5D1WCeYn
zi#|X%MS{i7n%+_+>a0epJA{rvw;5h{&Y**u&q9vC1^4z{;5!Y+cmG9;zlCGoxn7;Z
zYnA&oeRZe(5MP&6xk0?e6Td-A?-=8;0@60on~esm$UeqPpXCcc!vnsC{Xgx!XH-*L
z^!6)=noyH~2m*o7dzB(mL!?L*6+w^^1VKeaETIbo2oMNO1r?AgBGN^aA|*6IDWX&<
z0R<GLC`F3AYkLlQ&bjwL?ilZTzuYnI`IIBc+Iz3P_S$Pb^Y_fzni)fwMeNOv3W-w}
z?6LkLGQLC&jS@&xH#J8z+-aj9$(J^jfjLp8;^qab<4E>IDf9`f19<Ta^nQ(6-!FCR
z#gD7nR9E9CQK3~&DXM;y*v+{gBCMyY^!&Bm{Hs?ck_n$H4_k`6-KyPKDnfKmQLN?l
z$*H`1MpleBuFw6*)Qb-HYCg6zbBhG`no9eY)Bf~Dj%Pv7V;kN>J9X90ZA_|t?RJ=$
zzp5@=<T#qaPFwt<{y@W*?GC~~qhHQv|BBt?(;#6vX|;N^QZ3tWU2QG?r&qIUDy>b<
zK>wSlh}U;tzC?jxI^D`+x2?TuUA?vp8fiB@4Vq-CI`^@B>WfbG{LEwgO3C0}X`6%J
z8JpG{+?`6D`?kV`LelpJFwkV44kw738cUbpd{qd$2_wl#DbRAigH*?NeHaPS4_v$O
z<gHa(EJ(U9bNKC<=m=sIUamwNc8GI{w5IdjX-^pl9ATm~BXBta%cYxNN&7kTp%}$+
zPNq|KjUkw2Z}4I@&O~5dUSklv0>g+b=KhNjJr*M0SpQOx7WUSVRYrH?48VLj=o#zv
z^8`Z>-7Wbd=n{}MMl_NQyD-04vKX0%*+?WRoben2m0Oa3e)P6dLK2hoNMebeILwEM
z$5gkHAc~Rt2v39b!tR9muL2~5W^YWu>0t_qhJM*VD2>4TMsE7SPFS5m2F<qVbvOwp
zuTHq@aX`i7OTtbf7Raj~_FEp-HLQW1|A0o(-@2s7yx99tQI}NgioH=^B#wW;Nwl%&
z3Z!D#V|TJ?$Ug}++JUKwK>NBaUb4C+$%w5DTK=q^AV1l4yUpc;SEKCdTwadGl@tO0
z#kgJg*B@E%UyS{lo>W~i%D5+{v3$PRVE!fFPn7qGy+i};VeLX+FN=HSKZX~+pA4cV
zFC<O`MM%f7#vc6kaCD+|Nu9bD{e(PfaJ!i%=D+v-K6m7|D;H2~{s*L4t;+%~b+L@R
zXn%TFwRUr}vwv$O(5ofwv~zr{DJ`<op!t<2OQZqYDS<nxvhcyG_lq8u)>80J=|rV9
zcCXfN6^*QiguM(&-$0$K<TQ6|!So?fTPWh}`wr~L_;r8`5{A9e<z0b79By0=1<6Go
zkao`QWg-!MO0Dm}HL!ZziKOy+6=Z%aK`3)~6*&fTIXDl2T8?t#<m6lUIUYt;YISn!
zcjGLdw@|EDXvB-niMaY1+%m{0P8+xe_IS6FA$Up27?Q!O-C&Gl)(|GI2!TdhthI2W
z6YIVDWT$)cbxzd&ta-3_7g-=;^b7@k`?u<F`#ZTG_@nSfd9I*DVgiXek4%UxZrBNe
zR5YY>gj%)+4%AP9)eG}mX~0KuWE3mh8pmdD(r_}RK&WGW62l9B;$;3F7)4V)bp*n{
zI_<jliJI&8)qo*URjRxollEBH<ks6$3_F)Z<*<0<Y2rXB1$k8W<?_W#hRkqeqyc+;
zw6$wfMQNfL{KR2L$LSRDI7C89eWA4jPLwxA+(N}8yT~zgB`VOVNGvkWc94y&y8LEN
zjNFD+#i_!pyye|?3YYENO=P35<WJRZZA$nIKd(5?>o@%4*zi;Hr_;j~M-jEp+C2g$
zVkS6aeNL%H)qGt$s831fz3rjxIqTEX2^QSmVhj4GRu)IP1I9mkxl+K(=7A9H9aw$8
ziI7P)<Exnt3tph9X3>_M_r>z>HaA2Y_2kI0nnb+N@ExNs8S)5lev@;miSGT7Sdmi;
zCyR3ze<F<nhTpfJLCpi^TbzA!Shs23l6AfpROLgj?`n`t_ury64Rx^d*e&S|*BbPx
z&5t<XQxDr_Cmu`R@U<H*o2vF&Zfl_y`pw>4BOkl!bJ4owY!9_8>S@X*k%<20Uw0?4
z$&VyJ{dT@}x`Q>sUM`p>Tu0+Y9}Fz}LXWu>Gte)?xz7gYLWl4>lEhjO;b%Q7Oy;P1
zNfS6KPyQ^8$4iw3%=F6?I!Etf$|NvE`s*A}Op6z5U^}FjCVd4zTH>;oO-QO4ZHeG?
zE*f%$_euw=V_>==Vw6i9C>ouRF7`&rK<cJDZv}Q$)Lznx?+5wBk>zI!k*+-*KP4OX
z!Gr5<!*&Qshku^mjW0$>5^ZVqdZZF;oAN-ED7xuFQ-TE#$PN_MriSLVvO<RN+J}m}
z2vWvCC|vxo|M;`4z=CG{ahpgH>Q&z~>`O5+6njk(Z0)ZKHhiTKGn<0b8S}!emgYyR
zDlqMA;xRa_uq<5dPvB4(>kaVDB%iP&%8fj@uqEo09xYwks?C~$F|WQcdtQ%OD0zl|
zkkz}v(p~S?82mcHEFjP1+AHVu7{j#MuS`#2_WWLNZ1u8M?k|+I<bUa*Qy@L@)8^$g
zc-*IOs`IF}K1I&>LE^=yc6T|Bs9(d{*sV6yacNZ?2uoW`6u}<!VWFx=mm6l>pZlq%
zVm7i`WMOJ1z3JXc?7#LyWos2oZ6`RztsIIEgCy%?s~(d$j&sjH-hc9uylZf4=?Jnq
zq%%NM(aLsAE@P#mFDUyB?&R#CbnH;EGdWfMAm0IRD~efn&?>cZd8u9jZ)bC_>gw(3
z;e7j3@?%|GYiug_1lvc@oDzr+8paxPCUw(#R$peeOokhStjym&9>BEr0L5=mv<^++
zG#&U@C&(_yT7^|pUrt=$847zZycVXA3S;2Zi%fE&i#pr}fiB9s)|*EHIPJ^c#15Fh
zu57ZudO>D_8#A{Nqlux>@eudLYew;68*8s#@cB=8!0GGJ-at4krsL7=un)x{cf!g(
zJ`X2uT(XAK@7+n2lpT+JW;UBnoglT89i5rx8o8Fk)$bLWr|o`RUH)Td<OicJ<@1&(
zk100<3lLcPBNLrllY5f0z?S^{hycN~Y1MLM{Uplc&Ra@`v*?5QE>V`xhpSv!63*~A
zoI(pV-_*BRRMao`91%!`sb4X1FHg-1^fld;>1}D_qwZAh73w=vC5_A+tgs0ce|S>P
zN9rNZ9M`1xBL9!6NnwU|p`I!RWNA`_xC@)mI?UL(-MPQNM_fkAe1#3IDdEG6EULzo
ztc<}+di;YT^|uvp-DxH8_MZf5vwR=%EPyaDkMfCmu8;DoKW5}Ehj{7iu*abul@ZM0
z*I!-5Qv~g8aF^O97Z%Qz$tvVFH5^s+!4^ipuG&CSs_&sGd4KDtK&|BdORWTS>rIi~
zm>N^!ZqyOWo5WR2M?#}QX`^-i<@CNkaxfNBKPN|?c%WL@=-<l11_-Z>TOK?WyWsoE
zHHdD{^W*-Vrvn8_Ie+Vf_pbph^?XEC&XN1c5WpubN~k#TTYa1a(yRRKE3bfDf8$0-
z*VML74z5%J=#pvI$Zr#L=#Ul&PK&dH9NU5^V>A$Ki`U+~GZf$lD&)74lLgz|M2{jF
z76sELJ?-HxkU$#81T<PZ3uW`|-wIo>04ekBj&5l%UW0(d|DA3dcl|$LIEVFq-JaeZ
z;G|h}Du818_m#*?K^iop@*FsbYxs?jORjD{kGFMORGuz4yZuCuqbPAps5c{6csN0^
z2{KUV1rMJq+s0Pobg1{dUvoq9y9@__R~x24BmyYy5W1=5UkNn$u^QapeHz>#dPCse
z`(2j-`>8EdVMhN$2Pn!;S_fXLZ=aJuFcuJ{(nR}m7F4SzID?I^{O85~*06PuAP~ao
zH8pev-iv^)Cb)v@&()NHzEd*p_zbk66wr6~Z1DDf(Aje&a9hH4Y{?8!$>0;|&}i<q
zq8>L2e)!|P_B%8BFbHdg)wuEeEncI<4Z$gd%v$k?1XqKILC2%7#fra&53toRV$*m3
zKP%86R--5>m-Jf`S2hNRDXW$-rEf9>pU5>Af8)h@?BHasX5KBxX83dfLXZK+Xtn_u
z%Wja3E`?sni$+Zb$e}Y})6)NEtsDeR2q1S(GmsDwpmt?!X=$nClk)6r;czy7Gz5cO
zdhsVnVJLvroj&&K0oHlKh-Dc2mpuPT>;GJykHR8;g2I{#mnU1N!FH?n(Mh>J6RB7H
za}w*qAbGgmm#gA(aui@))(o3bIsdM}YVd4EnSmn^z7*WL?oW4RG@8u4NUcez`73g^
z2)J$ebibD8M)&1my%M^spo(J?V4HYAZnJ3Rch*9nXo9w08Kric1!%NS*6_J}&-c?q
z1)wumg0k>u2>~wq1S)-(XSr*9myWntUITXHvyw%lf$K7|&!;mX#4;1)ygK$Z0H_YY
z_8vqA8Pb$EPq}5dFKz%0Ie`Qjh}UBM_aAUW0CC<VXbZriGwYy4lp4g9S)Y5DlWQyY
zGPnhp_B1}+0Y=P&kskoZsy$fler%=&RNkQgFP`KF)A!mS-_`LckP$GqYYfB$<c=5{
zv-1<>`UEZjC@J#0=NeQn)U5C7+=ym4GdBv_UFEj}X$j&uAC=qTP#=0mLA7SnzVCCR
z+Kv^|nbEm5`NCw8FFLcHAh%@X9zRPc4Ih`v1#A3MaP1Gy&$Iw3PlL~%iqX#oHQsa9
zq$~RICBv87b2@i3b0Gj8>w5}!|HXsb_5d>j)ru}%D6ZeF0E#BQ?o~RvfM2Wxh%_Fk
zMA2rc>aQ+qjfjKi)6ohB=|t|;F4gT9kj@hjRtJ_Kh6SKNt;7(hn|lz-HV9Fo`zN*l
zrfYJHcS4rQ4uG$#+JFSBnuC~N1*pXA58m~`s_S!Sl!|r9ohk2~hd-|2&4K+ai2lM0
zhRf!Vz7K#Vg*4#TJ)qmd(`>INI<IsDB2DL^>h-Utdu9SDURl*0jU)kpOn%E3HY_ty
zD1fYt!&lyz(p^FAUIhkkv#n-<v`Y=}k`Bf8jVv^@ZP@@toxFggoZAU`Pm@7C%L!1|
z(g-`<?@WmS%AQtaeULFo4rDkCq+}!B_dp<<>9M`|Oav~B<Hdh0D0_WJl!<wjMRgdl
z5sq2%14-CuphUcJ^E#+=N_uN$D+5mfQH7xHY@<X15ccU641&7#m%~Al(P4K~F>n}D
zfr}vhWzK06afo1ae|b3W=-E%cfJSezvh~=TWk4}wwk>yyPYVX=O(o!UkiZRZg0qVX
zmq0ljTR`@`)UQ*18V?|GI=>wN)X5C40PdauEUx*ICSbJ_>wbc`!~~$O%-PeAnH>~K
z&SM54CY3?AtmE%`XMhmL!hoSqQtt+-JAUyLS0h0+tbUH>BZB9EM)|zF|9UGXf+3<-
zVHxc+8SjpaT|kvYY@P<{;~RW`?+nnGOqo1V0@`awLH3L{m1`hQVg4+v#2=J5G<I36
zGN7Q1&XgjIsO=z*c<i>t$LvB78Ff@X1|mZA5JQ*}=Lw1GAe_<yB5MhGSh76bl(*Gh
zASX2*SeWu=*oECQ$5B+T2J|ZY%@bCUQbpB@K6&#dUusrH+KiiY)d>7ZX%a*AVG<|q
z6%?BR$nHryfVq2tXx{@3r2GbtQ!rAG*Qrv?<Sc}G{}8fVjp=H*KOS~yf~;g|vq9!k
z5RA+N6$m%=OyWG7dLNjlPYz^nm>^s~^r*aSi4)>wQyaS>9B5PD#Pvo6ht@~a?dG?-
z0a<IQ#JN1Nt56{4Sit<)2@{e^zoHXRJ!NtUA1cFDFqe?oOaNR@8p>lz+{MN3MMc&N
z-^bS$NWTdps4k2M7A~NzOh5$8R1gFXHa!<VLSpO!WCS>0RCDVSc}%ZBAy}t>v9TTp
zice1f4l`X8ZDLY-1(?-y)Vo=!GMlfmLrcegb|`fUJDH`|@lj;OMxjI|4`VNNpb~SP
zV-Jd&sn2AW-w6cFv51^pr(k5Y<13{u5J~F|hXhj7D}>znJi)Goii@RfqB8?$7Kx6z
z{?Hl*@@}g^rRG|4?_N}Q=}tJT$cg8EiuRwcKeI=+c9nMEYl+TN;6*rbO4D95EVXI3
z<G0e279}q9w#^Ngc*RGB&(A$iFS*-U{0IzO|I(|{^!Uc&)c#3n!Q5QJr0qfAKKYFN
zEEL=z1aUS_A%y(-IE9(!ve1(IbSBLTcCdQTgk;5t@8<(;&8?VO@ZquW9bk~Zv1^~5
z{QFRYSbq@F{yd3%*<gjZz@=Ci1RjdS*2%yI2ZT~mz*z7eQK87z=fI9{sYUd_!;nT?
z@;K>m7Rm_3qB8S1-R`})fn>D7whD;5jrPJZW#D}vQm=QgoDQkqFN$S5+B6C#g|my6
z7><WLQqPj&BL%TRc|yG4)wL;nDvuqGCZULZy>L1+p7H0jC@HfacNDE9TtBE8!+149
zr_%f`=JT(N8=cw9<xDY1jHGLbor4c$7v<hYT$djLyzm?B4jQ>jkU_@(M~nd~O?WW^
z<6@zW4MWC|g3|U-xkiqp?Ij9GjZSt-s&1OUPpOmV)+Hop^SbXr)1*saH*|6|(sT<C
zw|1Kg+oxmK5jSC;ShA06GOXm%4GSV&r<4Tyr=(-EiRleIt{(9Wi???$MUYJo%@*rL
z<<+_3^$>2-)e7j+)rcw9_!ese;x1>dinG8VlGdY!9koFSe@{D%YxbNKfe%G`oG}s2
zr(cims^49*`V!CgVGhi6611>|l#-?Up{y?*2+GHm{$8SSC_qp4j1ZA$cNBtCLxsq`
z=t<_rPl1q@p+4D2O+PGvjnI)y_{JT1(~yB-L_+i%al>gE7JwNCuo^}X;Yf%=7+)Xu
zGFa3v9gUgSA+m?FBMrD%()4hM%=r12CimsL#m=A<LT;lbqTM<)&M|)<Huyn^kTfO<
zEZ=k@B2UZ~)#a5&uyyXg+SGVE@~Bo;An{rQbC&6yQwTw~F+=>@+g+XcjM%|wU9qH!
z%<Bj`@@<ZI1D{?#I>ti{6j+<E2}d)*D8)oz{=rlJ1GdVpr6GMQB`s*<^_?jeV?JkS
z^v<GaVKpJUGQ_E`y7%JQ0u1>DU~LibJ&7C)7(a11cTVkm=2m~AVbH`wTpk7|#fT+p
z;!^_>il?5nGGG!#*O)0PQnQ4V83zUo+Wu37MRrkZsBgj^Cib$jeI=w8#k;aVVHKpi
zAUtsZ8|xJprp-BQecZX)MOyfZ){udrf^<24$XZ7P8DFnPW^wWteI9yvs6&tR*qPU*
zAV-6UX7VQHqQ2;UXRtpac*5G>S;J*cZAl!0_s6BR`u{S->7*iv#6C>6ykd4od#Kp1
zPWBOHB40=xTp1%qm_$ed*c2X4lGhcTnN@03Y777d)gK5w;X(s7c_T6Aq|Zne!YG2B
zOPrZoFmBB;52j0X!*8en&&_c(hUC8j1-G*z2o2WwjsA#;zIfpD79DvQ^{C+3%82Ty
ze<E2KiwAjQk2EK4o+or5c(~3}IYUA;FT>De$;>?q$zQr3iNlbO?I=@;d+l&?U-G1x
z^Ay=Idn)Rps>=d1<XYJ%!hU-f>_>oy$!K0t;)ZG>BRTLEVge>#op>_`$oZcU#*=y@
z(yU!<1ov?rO((K=JA+n03w{R;i7wFbcB6MX0@L_JF4nj3CNX#JT>79@9qJ#hklPWp
zzVjKIf@!OG;=WJKO66dEkkdq$Cb#&29}#TVNDY5J_T;cQ@B}2CjaYYV^3D_}SX})O
z2DU=VNJqaN&f?BO6T(P#asauWq+KB<ukSLUd6c971m}z5o48a*gZb}HS!!p<yPjW&
zkFVxZid?SCbv_oE=9Ixa-j@7|Uh3MN!y2>unX05^QFO;TjC8F#YCMNTER=qky>~Uh
zDXjL|SUz}_GmTs_2(JEE9zVO^vYPxuS9;1*R*FEH{POwn`1;o3^q8(Af$}CWCO{2S
zOnL{LBlbnZffd?yo~SVXz(j*gXsAR_GzBu^czm2%)npQ0JWDG@J|GSXh$9~ntuM3L
zV;asO<VlSeiUxX5o0G)t>i~wJ!tG*(2Tz&1A4mq><0MJwLPWw?$<j+<-01R-Ls2X2
zCGAd9!Z_yU)HpNN*AHhcxC?~}P<oWgddEb>i`n`t51WQO?=`z?J6O{jBQFV170|j=
z&P;_v?l+D0U{c;38c*6l&YCbMCym`atWy?cnnv=*aYyfjNv|=!z7!(nw_|3Xs4T(6
z#|-hM2rN01-kg2No?ddDW4yJj?nMeOGBY}^-HiWnziN46u>@5PZA%sJ6!fW249w)W
zt`j)G+1>W-rPASpCifAkFznhs1@p9U@*k%@DcLDLuFHbR>ns^vaBrjoi&3G7vvRIm
zk2P>AsFYTQk4^07)GZ4LCYSY#E;FO}bn)>qh8)d?h0b;c%n4%gLifavRBA^PH{@@X
zc_RH{O{M<D0)u2K7t~V7!SQWMkK%-Jtol3ao2d6r=(CbA%!v4UEuBDlmFm)9`C~+e
z(Ql0-vKptkRLQ)}F*Oc^B^dYN9Z1?DplfpGjj8*1=E`cWa2+A@vj^fNb&xt-dN>Rw
zZ89>Cc1q(6m%Ukab}jKxkLXv-ncaHUHVwzZ#N?DJiBc%b&}ph))Pg88l8$;#CUa*=
zSg;r|5jQQ=oVFZ?kRj<W4`G%i(Yx$RSbJG00uc|+H1m0duOw|I+hod+`U*6(A~5#y
zi(_3pYeb{nBS${H0J{V;pB#OcFS)!7C?+~#93PgE!n1N&_~2$VSFXc=6lou)Ilqg*
zr-f$7Orx3cUFcq!7Ey*Cr1>~V<+B?Ln~IGzc8LshRtWy=#zUVpg%l-Oyv*V!pxvc9
z#YapA8@;LDOhz&1exyz9G<R?6OX%&8cLY{P9R>EfTGY=rLR+RACz_I4Ux7H$*dHZ6
zsa|1;2o8PajEUV@!nG1<hAHVcy27|DF~nMz+}i&tpr18UqqL6`Y1DWYS6}SdR+Aky
zbTH~!&_95Cu>H7Gf3zyc(RzRqT>P?ueL>!IQ}%(~Ta@l1h}~z;D(H}$th~KbVR8+|
z5fS?o!dIP})R;_PUj1>RjX#)DmmNzwXjSn*EB=Y(4+1Em0e0Soj;=t7Ivakg4<Mdp
zSRGw8sou*3Hm93}fl_K((;bvP@%y~`F4Tw&IyS24RO^W{n}ed?6E4}~6u#uV-$<2%
zn~UL<okLYo<^_Lm?Bk3faj8ey6K=SJ{;edeElwyqMfxnp_e6aMHN8uJ`GS`?`5z*{
zSP_Yj)9jmjd~YC-gBYWKA+IwFN;Q2j6E=Rohy7}=wdnsSS-^7Lbr$GI!1x11if2Wo
zzYHpWailbX`w_)zYXeqC?yCR^?0jOa%eK}6WGxJkwHAKqdVse)-|+E|M&lZ<Bg=r<
z(^B#zg8!!nP{<b3cWf1vHp%WY(oJT{|M-WG%nt_NbTTqBQt!UkxUu>aTn7+~?lp`8
zk>rY-*jC}!Y=MG{nIE@>Bfy14>J&0yen`R|JxuJ-r#~nfS98l$H`%$%_0RDaW1v<!
z6$kI@?$p!&_PFseg+US%SM$gZC=myJcEzBv{D*$)O>qwxE@NQd${$)8)1&f4KyRO-
z_bmA>4ms*Wa+KgCAd2f|0e}2jR(Eb2!_}cb2#HBZ>oP#B<pQ#CP5zJmr2(|7jyJI-
zr%>VoknXmJnJX?<@#A}yU)!-??OR-6P%979695uV+CUl`06f0Tl+>W|e4y{Q#PHm<
zztgJY_J_f2I&vQrB`?$D2VsrRZ=9<{EW9BW_nqBanLi_d19JB}trR^@)X{=qOFcR3
zJ-;v30uF)7VgEazvc*XTOa%OLAj6d5rM%ZKazLf^?DLiHfXBR73moywO0e>;Ve?Dl
zyNPNI6Tp!%V|P?M)L&(&f*J{oFQp|UjF#F8T^g*dtT=hm);2Wtz|!^7^O9x<egs0u
zrvK`^4hN{Hp?*_ai0<H3pPO&f)f3MG7xb3b!A$Sj{*rn+?E(0zfAi8__NDuU8-)ZN
zd{bvx?U>ff5PlPg*94_k(i#%h;#)c@+P8KITiAk|_vG-%<=-kNF!@hn5rVD=BjD_G
zN9mt_e#HpuF;*8`0(N&f{Pq}q?AXm)xAXzl^@|2Qu|LIPQdKZ|qY#u{CIC%=2KG!*
zyEv@{n#tVk5a|rbU0}}?4ajD!bj|l32@1qheFQ9@+Q(#POZ!P}C3r>?Lj^E(E&#_x
zGnn7`+GU>FNrLUD)<Z2&=;Mes?1{*2J4Fat{H}>F2067$K!alSw>B@m2mD3crvV`T
z9XGGdx(HP&dFfpX<RwAJ@rEV;krL+?>cy`6x{;r;OfnphP=g<PxUTf3%-;6@a_u@Y
zFf6sR*r|~QY}`>0(FWyc6Q&^)fcD{XWo~4X{|R;yxTsZT?tol$89n>c0erLo(sfY*
z3daYbjVOEI=yZV;xNg8^PG<N4oBRaWoSTF^Qltp3%!hKdqv%<>!{%|>i>g@4b11Qw
zQGWmc<shQ?@B_0{2;4NIUjZ;)G*II-3M*+*AXy!s<)%CTiXd7Qn7AdJ9)S`TB+!0t
z=lohX>tNKBC(sT{K(&|_Ae!A8te7or&&`L*{{C{c1D`q{WZ{LNJ0mVZGi`vsRes8U
zgomVx%r4<ze=+bRuAoZ;w;yT_nP58t4DOA)qU_!y3{NvveSZL=TGhUH=_OV^2hI1a
z5LnE?_WGB79vJeCq%no_C@nzk&D;UFu&DVcNIkU=SU){c=K#KS=~EHp3P%&hf`!$P
z&Oj2fU);ZF19>7>nC18dp#+6Sjxr@wloz18gcl;}4uO-L08U_&kxIz8{oWuI=?UwE
zAmvB}9M^}qeUaz2L8|iO=|U6@MOau3cn9YaR$(*5ogUar=&QX)XV%}IbkHoUSssLR
z<iu6s>Z_pkNi>j84}mCtWs=;?jh(C{0RD-24MF%$CuD60swUywXHMG-NPt;B3@LWo
z>U?a=auV_G@z2tV-@Stjwu3b=^V7%{M~M9pLdn2_WisDKn*zev5&KfGKRhH`J>TF4
z3g(~y89(1YF7s>C`-EsE_<dCuL7UObP6djby8}PX4W!mH$D{&E8zSI@Aa!B#q3{;u
zEeE+byM=czh(o<5;rWRuz7DkI38223JKZIGn?F+s(jIsL)%Jn<I5&>B5G)2C+G&Kq
zG=AnvQ>P$IsX-sepBw!kSK)(MnQDM<S`NT0uy#Q9T${w;5Q17rpQN_z9}s@jHw*T7
z3P1t3KL7Yh0@vi7y;jy3_&bo5LB+=sUZZ@Wob>bT<3`gHh<D?!%Rc??3YFkHC?aWp
zwKojAOkW5x!bwafTxtb3L)K>pq@!{$MjHBmeKth{skD#KE`g+QW@##g0PS5*6rffa
zii=`dyPL0)4pql*h~7gLO@JGaOcl>aovqPx1Sfpa$mBF2q}q<H0A<n?&VAU;k`uoO
za@R+istgGGC_j7yr79S_1f)9Q@gJaTS|HjVzzRMEK*RF_2X2NG53Pwq)se8HI4Pg*
zTtG-``RttndZ#cff|)x(BaURWm>oE~H(P@$ZEvX&M^HQ{9PxSHMDQ{)t9PGywh{dg
z6YvJ_tZ{z-J6dv%UReURu<8Ni;su~z$$g3Oo3Gy!S`$pPpn2$JFQ{hZ2<ejzo#KDN
zTRt!$qOB-w;Cd^Y(?jCT5g@0wB|>ov(Rw4dk6?DVw=6|_JmI~(>4H{Wq?VD~8l6c7
zihfUa?RhRAyb17mJgA>zG(Aq|55ggdVr&$F%*4f29?x;vs@Vi0{|N3Au*;`sZwA7s
z;O44Fo}$j&pxcRuQvYS5blWqOfjsQJ2rFGl0Gsx#_psAz5pgzHLx9z;2s690;THf3
zYwTk(cjjGYV6lh4J&5&vJaOHc`}b>cUNzW`3CqAvn+0fjEST&x!`xA#ZM6r@SWmmA
zxb&o9sjOn|rG2b)&26b96|m(>ARWM}Aa!}aV`&GDvO0{{?IY44Q$2&oh!TTXqJ>5*
z(T!%KH$N^xebnr9fbb6X9@mfIgfo5cT;3^2tNi-Q%DzNpH#bQ;j8%TNPob(?pC`w{
z>ZL(}r8!k#U0~?R`P)>Uj7*ZnU~`%Q_Q(K_p|#Wpc65~6doXMh5Y5p>@7vfe!bTus
z-OKjs+Y`=^8<;*`-cD<3p7+!F1RX6XYmWDvwd(eTM%~eo-GxERX#@~MLGCElMPE4a
z^zv6NtPwn&x*mR(O_wSqG@pwZL*NLUNG-t5=|lM~@IbX89$RK)YB)4-_Byb`XBV4e
z6$c_B+;|RNK7#@!E7P>Jvc3@3VcnBS=GFeh$CqKuKQ5n>u*Wg*(2~><j4#_B0xH`B
z6+n=Mub=T0^0`DW;Xz|Kj@3g}`s>pedOL(jXW1|j*V(*`s*uUWnVU&Qnofo_1Gc2=
z$cxqQLZ0{NV~qora7VY~?8NpL2^6ruKO?gJRu|W&f5t)F>!40~%CZo813P&}LMk2Z
zyo_H7`Wz7@=V>5q<$qLzo+%^3B47IGp2G23=>^pfv|yaIE4|bqz5`XPnC8s^rs-$0
z?3t4%7fx{Qb-+86)Y|YM^EU)0OZRmh^IS#zyi+ra?lz<yDtsiqQR$#yP2OsG_ew<y
z_SyA?&H3Lwd;|2b6LPF9@>le9+o$wvQ3U?Q1FXp2?Y`Qcq~iqzoKFS~o!b88Cnyri
z_euJZWH89aq-$+(==Hhn<+jBtSjU8owp3WqKQRS=8`5<Au{}o_I;w*|YV8ND7lKu~
zw`u>zcE7~cNkc1EK{d}ruyO`ZxwXr2dnm~BSK#>EEf7I<^|8If5ETzTarwPh`F%h!
z$en~!wK0PCx`QRL`uhN@-|nP;#pgj}cY4qHf4GyNeL=?murC0yY0i3|y9~k>E}&7#
ztVQhhxd>Z8VPEC;p&nriGWgWg|GC0uJKU_U3r=0^dE1dA_szhNemC>AY;pVYITS&+
zVO9z~5_JNh<*tFYHPi1#<yoLqM*myO-TyE8@<7D-`T8F(UYN=Kf`Wp$yJsQqp@x8k
zrKM%gDJW=rx+SRnhk=jJ+An+o+P7{q5yA9ett36qTH&+ZzkmNJ7r5%C%l_QvU$2V$
zhG4)&mrr<9{H6{5+5+s#==>cd|Er;3L9iW??umUm@SleBrC|}QeET6HAs_7^`TKF$
zei!BO(SI3wN&yK&I*aEenHu7S3?yM^NpG08zwq~_qgN|f#bfX|m>D)jZFc^-qQ5RK
z&y4=WGQ#R?#z&EVT<x!qPt3vKS`Tn!`EP@aU|>CVd}{HZw*LR`L$@|~zrdyMSq{{e
z7eMazK9C>WbM67DbaC<cJYUsgE<Rh86ekg|Z^ljT`q%x|!62;1GjC74N!uxyFOc-<
zf?xYj6fvN42=WnK2!91;D@6Rh-^20O4GPn7Y&<_2b+VR!sd7Dk$By0IMmXK$9DJt^
z$Pzyu9}EYi?a?B8s+ibC#OcA;3XRvG@zMJ4@$rjBxmU4oFEMQX%n(35wg)^of@3(C
zZx|c6wS?{e`6$rAIYhzi5mGFle!=$NqoxC>CKkGCjS<xU9Hjx6c#k7EKPGxS`qyX*
z=0@d##GaN#_T*HH{W%{#beDRCl6;XaF31VdTly2>OIc2vz6)DL4EHY9SfbgDvviGW
z+<NZ^CUs7Sb63bW9Mk{H@A{9y8%z_jNClN{nxaSBU%t$m>r&{huyH=%RDS-Q_)jiv
ziDuI~yh}b?jW4o$N*CQmtG!IbQ+cymZtHI*1ih%0)XWtqU=%6(!zDrYDJoXyDr19g
z&;~b!zf%9gv+o)us|Py`is-WN4_`l?7^$&}^iEqBMQ<%Wb>l#?|GdW`!t&W*{hg`v
zY99P(QDBYRXsHo1_d!`vR<6BI`N}R<cl%u$UiY1w?tNyuIRDDb67iZ<a}KB_|L7jZ
zTL4#SI648630jeMzDw4&pVL%(S3_G$exVmlSQ}HOB|WH(6&u}>i2Yh}X7)M0Z*_jk
z$!nP1p~>d1EE@O}*`L<-9C|%`ZN}}8K~}%(fX}h%8D-D!k%vasB~B@OsM&7p{o9EA
z&;G-TSiBFJk9~jgh*M_!m5Zs=VUM}xm=%hHT&(Z+XbxH5pSO&gADS<bC*C;-M>gLw
z<!S!(t&{tD(7ZQq+1CcINul&6?z=L`&2UQeBZn<aSenX33q{-2|M^(sn^w_3g_@f}
z)0d;Gt~p46+5$srZZW%P`F*}Eg;LidUwhnbdb{D5Q`lX8bklk+UzHZ}_*PV+s-5(^
zXP;sS6K_Yn*4ucfw%W{*RSt9P-kon1U%GyC<Oc3qts3C${pYimEJOcR2F5?=`L=w@
z^Y)`rveNZaD%Wh?YgeyQD=R<7@Z+D}d`=yHe1{sE{@vW^{@fBDXVLP0j=rzOcD(Nb
z>i>F9DeFx;A6!7l1uDsZ^__@Fu5xDDHGW~K81iQS>u9XO=k^kXw#a?4_F|$*x0*Or
zUnJs26ZaG%AH5ot_1WT_=@-0aUF*$jyy|9DGp$PNR4ZypDA8H}xUjeqO1rQ8k#a&d
zK>2n5l?Ch4V~^C9OXPrmrn@`aX>;I{w&wr+{Ywp*r)Y~cWxU@<?rC%JT8Vf;%>)0x
zczUS$*<Cqgi`LJ>-_Zv|UxRT|F!<O5azU~M3~Jv>u5zjVHqk|xsnYdomu+wH*4#rK
zQ(&hJqm7&2IBcO$)(#HoxiBt`m;K3a30<!a$oOHVOX~BS&RaNYUt|whPBp@Zu~m4E
z0={?EZRokXZ}&!=_D^zKPGacOcdDsbN0ZF%@W$-Fi7RVnac*tZ&a!zE4rZ$wF3nG!
zZo}nA%g=ZB_nGy66~fQ_vpeH-GN2<R7m=B{U-hMx*#G;FkHNCeESjH9By#K4H_GCG
z#>a9izy5~b>%PC9FOvvpnws9?{r8XK!H*?j(cioO`!4?V<^Rmr@hIzsgp;(yw4IsR
zE{P!`7FJeiDh$h-XUnGF6%H^D&7d2&1sCc6HKE=|z<3wO&Mwq<HfDa|jbY3<c(Wp7
zcB_;4ENJcozEBe8u*<1li&5oIV$omIaor2Bwp%0qb7}^C4xmNG2Ei|cyE6ZHcA<}d
z!K(lK_Wv8p5wMa52_XJ8KSe<%e#1i}uKyYG;AENqdHBCh_6@8-@Pp$Ytn#m>fa2tf
lJZfM5`04n6TTiarqEjn*dnRea62AldXLQ&MSBP~C`Cs&nrh)(f

literal 0
HcmV?d00001

diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index 7f470ab3ac..1d5525613c 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -17,45 +17,40 @@ ms.audience: itpro
 ms.date: 10/21/2019
 ---
 
-# Manage Surface driver and firmware updates
+# Manage and deploy Surface driver and firmware updates
+ 
 
-This article describes the available options that you can use to manage firmware and driver updates for Surface devices including Surface Pro 3 and later. 
-
-To see a list of the available downloads for Surface devices and links to download the drivers and firmware for your device, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
-
-On Surface devices, the firmware is exposed to the operating system as a driver and is visible in Device Manager. This design allows a Surface device firmware to be automatically updated along with all drivers through Windows Update. This mechanism provides a seamless, automatic experience for receiving the latest firmware and driver updates. Although automatic updating is easy for end users, updating firmware and drivers automatically may not always be appropriate for organizations and businesses. In cases where you strictly manage updates or when you deploy a new operating system to a Surface device, automatic updates from Windows Update may not be appropriate.
-
-## <a href="" id="methods-for-------firmware-deployment"></a>Methods for deploying firmware
-
-Windows Update automatically provides firmware for computers that receive updates directly from Microsoft. However, in environments where  Windows Server Update Services (WSUS) manages updates, Windows Update cannot update the firmware. For managed environments, there are a number of options you can use to deploy firmware updates.
-
-### Windows Update
-
-The simplest solution to ensure that firmware on Surface devices in your organization is kept up to date is to allow Surface devices to receive updates directly from Microsoft. You can implement this solution easily by excluding Surface devices from Group Policy that directs computers to receive updates from WSUS.
-
-Although this solution ensures that firmware will be updated as new releases are made available to Windows Update, it does present potential drawbacks. Each Surface device that receives updates from Windows Update downloads each update independently from Microsoft instead of accessing a central location. These operations increase demand on Internet connectivity and bandwidth. Additionally, such updates are not subjected to testing or review by administrators.
-
-For details about Group Policy for client configuration of WSUS or Windows Update, see [Step 4: Configure Group Policy Settings for Automatic Updates](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/deploy/4-configure-group-policy-settings-for-automatic-updates).
-
-### Windows Installer Package
-
-Surface driver and firmware updates are packaged as Windows Installer (MSI) files. To deploy these Windows Installer packages, you can use application deployment utilities such as the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager. Such solutions provide the means for administrators to test and review updates before deploying them, and to centralize deployment. For each device, it is important to select the correct MSI file for the device and its operating system. For more information see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
-
-For instructions on how to deploy updates by using Endpoint Configuration Manager (formerly System Center Configuration Manager), refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
+How you manage Surface driver and firmware updates varies depending on your environment and organizational requirements. On Surface devices, firmware is exposed to the operating system as a driver and is visible in Device Manager, enabling device firmware and drivers to be automatically updated using Windows Update or Windows Update for Business. Although this simplified approach may be feasible for startups and small or medium-sized businesses, larger organizations typically need IT admins to distributing updates internally. This may involve comprehensive planning, application compatibility testing, piloting and validating updates, before final approval and distribution across the network.
 
 > [!NOTE]
-> You can deploy applications separately from an operating system deployment through MDT by using a Post OS Installation task sequence.
+> This article is intended for technical support agents and IT professionals and applies to Surface devices only. If you're looking for help to install Surface updates or firmware on a home device, see [Update Surface firmware and Windows 10](https://support.microsoft.com/help/4023505).
+ 
+While enterprise-grade software distribution solutions continue to evolve, the business rationale for centrally managing  updates remains the same: Maintain the security of Surface devices and keep them updated with the latest operating system and feature improvements. This is essential for maintaining the stability of your production environment and enabling users to stay productive. This article provides an overview of recommended tools and processes for larger organizations to accomplish these goals.
 
-### Microsoft System Center Configuration Manager
+## Central update management in commercial environments
 
-Starting in Microsoft System Center Configuration Manager version 1710, you can synchronize and deploy Microsoft Surface firmware and driver updates by using the Configuration Manager client. The process resembles that for deploying regular updates. For additional information, see KB 4098906, [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager).
+Microsoft has streamlined tools for managing devices – including driver and firmware updates -- into a single unified experience called [Microsoft Endpoint Manager admin center](https://devicemanagement.microsoft.com/) accessed from devicemanagement.microsoft.com.
 
-## Considerations when deploying updates and operating systems together
+### Manage updates with Endpoint Configuration Manager and Intune
 
-The process of deploying firmware updates during an operating system deployment is straightforward. You can import the firmware and driver pack into either System Center Configuration Manager or MDT, and use them to deploy a fully updated environment to a target Surface device, complete with firmware. For a complete step-by-step guide to using MDT to deploy Windows to a Surface device, see [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](deploy-windows-10-to-surface-devices-with-mdt.md).
+Endpoint Configuration Manager (formerly System Center Configuration Manager) allows you to synchronize and deploy Surface firmware and driver updates with the Configuration Manager client. Integration with Microsoft Intune lets you see all your managed, co-managed and partner-managed devices in one place. This is the recommended solution for large organizations to manage Surface updates.
+ 
+For detailed steps, see the following resources:
 
-> [!IMPORTANT]
-> Select the correct MSI file for each specific device and its operating system. For more information, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
+- [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications).
+- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/en-us/configmgr/)
+
+
+### Manage updates with Microsoft Deployment Toolkit
+
+Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. MDT includes the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/en-us/download/details.aspx?id=54259).
+ 
+For detailed steps, see the following resources:
+
+- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/en-us/configmgr/mdt/)
+- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
+- [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/surface/deploy-windows-10-to-surface-devices-with-mdt)  
 
 **WindowsPE and Surface firmware and drivers**
 
@@ -63,3 +58,93 @@ System Center Configuration Manager and MDT both use the Windows Preinstallation
 
 ## Supported devices
 Downloadable MSI files are available for Surface devices from Surface Pro 2 and later. Information about MSI files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release. 
+
+
+## Managing firmware with DFCI
+With Device Firmware Configuration Interface (DFCI) profiles built into Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For more information, see:
+ 
+
+- [Intune management of Surface UEFI settings](https://docs.microsoft.com/en-us/surface/surface-manage-dfci-guide)
+- [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
+
+## Best practices for update deployment processes
+
+To maintain a stable environment and keep users productive, it’s strongly recommended to maintain parity with the most recent version of Windows 10.  For best practice recommendations, see [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/en-us/windows/deployment/update/waas-deployment-rings-windows-10-updates).
+
+## Downloadable Surface update packages
+
+Specific versions of Windows 10 have separate .msi files, each containing all required cumulative driver and firmware updates for Surface devices. Update packages may include some or all of the following components:
+
+- Wi-Fi and LTE
+- Video
+- Solid state drive
+- System aggregator module (SAM)
+- Battery
+- Keyboard controller
+- Embedded controller (EC)
+- Management engine (ME)
+- Unified extensible firmware interface (UEFI)
+
+
+### Downloading .msi files
+1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/en-us/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center.
+2. Select the .msi file name that matches the Surface model and version of Windows. The .msi file name includes the minimum supported Windows build number required to install the drivers and firmware. For example, as shown in the following figure, to update a Surface Book 2 with build 18362 of Windows 10, choose **SurfaceBook2_Win10_18362_19.101.13994.msi.** For a Surface Book 2 with build 16299 of Windows 10, choose **SurfaceBook2_Win10_16299_1803509_3. msi**.
+
+ ![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png)
+ 
+*Figure 1. Downloading Surface updates*
+ 
+ 
+### Surface .msi naming convention
+Since August 2019, .msi files have used the following naming convention:
+
+- *Product*_*Windows release*_*Windows build number*_*Version number*_*Revision of version number (typically zero)*.
+
+**Example**
+
+- SurfacePro6_Win10_18362_19.073.44195_0.msi
+
+This file name provides the following information:
+
+- **Product:** SurfacePro6
+- **Windows release:** Win10
+- **Build:** 18362
+- **Version:** 19.073.44195 – This shows the date and time that the file was created, as follows:
+    - **Year:** 19 (2019)
+    - **Month and week:** 073 (third week of July)
+    - **Minute of the month:** 44195
+- **Revision of version:** 0 (first release of this version)
+
+### Legacy Surface .msi naming convention
+Legacy .msi files (files built before August 2019) followed the same overall naming formula but used a different method to derive the version number.
+ ****
+**Example**
+
+- SurfacePro6_Win10_16299_1900307_0.msi
+
+This file name provides the following information:
+
+- **Product:** SurfacePro6
+- **Windows release:** Win10
+- **Build:** 16299
+- **Version:** 1900307 – This shows the date that the file was created and its position in the release sequence, as follows:
+    - **Year:** 19 (2019)
+    - **Number of release:** 003 (third release of the year)
+    - **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro)
+- **Revision of version:** 0 (first release of this version)
+
+
+
+## Learn more
+
+- [Download drivers and firmware for Surface](https://support.microsoft.com/en-us/help/4023482/surface-download-drivers-and-firmware)
+- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
+- [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications).
+- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/en-us/configmgr/)
+- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/en-us/configmgr/mdt/)
+- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
+- [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/surface/deploy-windows-10-to-surface-devices-with-mdt)  
+- [Intune management of Surface UEFI settings](https://docs.microsoft.com/en-us/surface/surface-manage-dfci-guide)
+- [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
+- [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/en-us/windows/deployment/update/waas-deployment-rings-windows-10-updates)
+

From 96a1a8fce10cd52be9a83adc7800d52024aa2ea6 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 Jan 2020 13:42:18 -0800
Subject: [PATCH 117/247] updated table

---
 .../windows-autopilot/add-devices.md          | 25 +++++++++++++------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index 05e8ed74c0..4a2ba1d5c7 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -103,7 +103,7 @@ Once the hardware IDs have been captured from existing devices, they can be uplo
 -   [Microsoft 365 Business & Office 365 Admin](https://support.office.com/article/Create-and-edit-AutoPilot-profiles-5cf7139e-cfa1-4765-8aad-001af1c74faa).  This is typically used by small and medium businesses (SMBs) who manage their devices using Microsoft 365 Business.
 -   [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles).  You might already be using MSfB to manage your apps and settings.
 
-A summary of each platform's capabilities is provided below.
+A summary of each platform's capabilities is provided below.<br>
 <br>
 <table>
 <tr>
@@ -123,34 +123,43 @@ A summary of each platform's capabilities is provided below.
 <tr>
 <td><a href="https://docs.microsoft.com/partner-center/autopilot">Partner Center</a></td>
 <td>YES - 1000 at a time max</td>
-<td>YES</td>
+<td>YES<b><sup>3</sup></b></td>
 <td>Tuple or PKID or 4K HH</td>
 </tr>
 
 <tr>
 <td><a href="https://docs.microsoft.com/intune/enrollment-autopilot">Intune</a></td>
-<td>YES - 500 at a time max<b>*</b></td>
-<td>YES<b>*</b></td>
+<td>YES - 1000 at a time max<b><sup>1</sup></b></td>
+<td>YES<b><sup>12</sup></b></td>
 <td>4K HH</td>
 </tr>
 
 <tr>
-<td><a href="https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles">Microsoft Store for Business</a></td>
+<td><a href="https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles">Microsoft Store for Business</a><b><sup>4</sup></b></td>
 <td>YES - 1000 at a time max</td>
 <td>YES</td>
 <td>4K HH</td>
 </tr>
 
 <tr>
-<td><a href="https://docs.microsoft.com/microsoft-365/business/create-and-edit-autopilot-profiles">Microsoft Business 365</a></td>
+<td><a href="https://docs.microsoft.com/microsoft-365/business/create-and-edit-autopilot-profiles">Microsoft 365 Business</a></td>
 <td>YES - 1000 at a time max</td>
-<td>YES</td>
+<td>YES<b><sup>3</sup></b></td>
 <td>4K HH</td>
 </tr>
 
 </table>
 
-><b>*</b>Microsoft recommended platform to use
+><b><sup>1</sup></b>Microsoft recommended platform to use<br>
+><b><sup>2</sup></b>Intune license required<br>
+><b><sup>3</sup></b>Feature capabilities are limited<br>
+><b><sup>4</sup></b>To be retired<br>
+
+Also see the following topics for more information about device IDs:
+- [Device identification](#device-identification)
+- [Windows Autopilot device guidelines](https://docs.microsoft.com/windows/deployment/windows-autopilot/autopilot-device-guidelines)
+- [Add devices to a customer account](https://docs.microsoft.com/partner-center/autopilot)
+
 
 ## Summary
 

From 2def8f00b5c3110da138a369585b4f7448d761dc Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Wed, 22 Jan 2020 13:56:23 -0800
Subject: [PATCH 118/247] Update manage-surface-driver-and-firmware-updates.md

---
 ...age-surface-driver-and-firmware-updates.md | 30 +++++++++----------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index 1d5525613c..8bb23669ef 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -39,18 +39,18 @@ For detailed steps, see the following resources:
 
 - [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
 - [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications).
-- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/en-us/configmgr/)
+- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
 
 
 ### Manage updates with Microsoft Deployment Toolkit
 
-Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. MDT includes the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/en-us/download/details.aspx?id=54259).
+Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. MDT includes the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/download/details.aspx?id=54259).
  
 For detailed steps, see the following resources:
 
-- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/en-us/configmgr/mdt/)
-- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
-- [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/surface/deploy-windows-10-to-surface-devices-with-mdt)  
+- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)
+- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
+- [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/surface/deploy-windows-10-to-surface-devices-with-mdt)  
 
 **WindowsPE and Surface firmware and drivers**
 
@@ -64,12 +64,12 @@ Downloadable MSI files are available for Surface devices from Surface Pro 2 and
 With Device Firmware Configuration Interface (DFCI) profiles built into Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For more information, see:
  
 
-- [Intune management of Surface UEFI settings](https://docs.microsoft.com/en-us/surface/surface-manage-dfci-guide)
+- [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
 - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
 
 ## Best practices for update deployment processes
 
-To maintain a stable environment and keep users productive, it’s strongly recommended to maintain parity with the most recent version of Windows 10.  For best practice recommendations, see [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/en-us/windows/deployment/update/waas-deployment-rings-windows-10-updates).
+To maintain a stable environment and keep users productive, it’s strongly recommended to maintain parity with the most recent version of Windows 10.  For best practice recommendations, see [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates).
 
 ## Downloadable Surface update packages
 
@@ -87,7 +87,7 @@ Specific versions of Windows 10 have separate .msi files, each containing all re
 
 
 ### Downloading .msi files
-1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/en-us/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center.
+1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center.
 2. Select the .msi file name that matches the Surface model and version of Windows. The .msi file name includes the minimum supported Windows build number required to install the drivers and firmware. For example, as shown in the following figure, to update a Surface Book 2 with build 18362 of Windows 10, choose **SurfaceBook2_Win10_18362_19.101.13994.msi.** For a Surface Book 2 with build 16299 of Windows 10, choose **SurfaceBook2_Win10_16299_1803509_3. msi**.
 
  ![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png)
@@ -137,14 +137,14 @@ This file name provides the following information:
 
 ## Learn more
 
-- [Download drivers and firmware for Surface](https://support.microsoft.com/en-us/help/4023482/surface-download-drivers-and-firmware)
+- [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware)
 - [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
 - [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications).
-- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/en-us/configmgr/)
-- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/en-us/configmgr/mdt/)
-- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
-- [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/en-us/surface/deploy-windows-10-to-surface-devices-with-mdt)  
-- [Intune management of Surface UEFI settings](https://docs.microsoft.com/en-us/surface/surface-manage-dfci-guide)
+- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
+- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)
+- [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
+- [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/surface/deploy-windows-10-to-surface-devices-with-mdt)  
+- [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
 - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
-- [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/en-us/windows/deployment/update/waas-deployment-rings-windows-10-updates)
+- [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates)
 

From c8783df43d74cb690c41a770dc6ec2f5d4494af8 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 Jan 2020 14:30:58 -0800
Subject: [PATCH 119/247] archived older versions

---
 windows/whats-new/TOC.md   | 7 ++++---
 windows/whats-new/index.md | 3 ---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/windows/whats-new/TOC.md b/windows/whats-new/TOC.md
index a0a0ac2708..a043492918 100644
--- a/windows/whats-new/TOC.md
+++ b/windows/whats-new/TOC.md
@@ -4,6 +4,7 @@
 ## [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
 ## [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
 ## [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
-## [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
-## [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
-## [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
+## Previous versions
+### [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
+### [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
+### [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
diff --git a/windows/whats-new/index.md b/windows/whats-new/index.md
index bad28a358c..b7051cfee0 100644
--- a/windows/whats-new/index.md
+++ b/windows/whats-new/index.md
@@ -23,9 +23,6 @@ Windows 10 provides IT professionals with advanced protection against modern sec
 - [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
 - [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
 - [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
-- [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
-- [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
-- [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
 
 ## Learn more
 

From eeac6857a3e8bd658a2826ad901f005b129e430c Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 22 Jan 2020 14:55:08 -0800
Subject: [PATCH 120/247] Merge changes from Pr/10 branch

---
 .../mdm/applicationcontrol-csp.md             |  57 +++++++------
 ...plication-control-policies-using-intune.md |  80 ++++++------------
 .../images/wdac-intune-custom-oma-uri.png     | Bin 78906 -> 78906 bytes
 3 files changed, 59 insertions(+), 78 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index 473a90c729..ef81d89611 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -1,11 +1,13 @@
 ---
 title: ApplicationControl CSP
-description: ApplicationControl CSP
+description: The ApplicationControl CSP allows you to manage multiple Windows Defender Application Control (WDAC) policies from a MDM server.
+keywords: whitelisting, security, malware
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: ManikaDhiman
+ms.reviewer: jsuther1974
 ms.date: 05/21/2019
 ---
 
@@ -61,7 +63,8 @@ This node specifies whether a policy is actually loaded by the enforcement engin
 
 Scope is dynamic. Supported operation is Get.
 
-Value type is bool. Supported values are as follows:  
+Value type is bool. Supported values are as follows:
+
 - True — Indicates that the policy is actually loaded by the enforcement engine and is in effect on a system.
 - False — Indicates that the policy is not loaded by the enforcement engine and is not in effect on a system. This is the default.
 
@@ -70,7 +73,8 @@ This node specifies whether a policy is deployed on the system and is present on
 
 Scope is dynamic. Supported operation is Get.
 
-Value type is bool. Supported values are as follows:  
+Value type is bool. Supported values are as follows:
+
 - True — Indicates that the policy is deployed on the system and is present on the physical machine.
 - False — Indicates that the policy is not deployed on the system and is not present on the physical machine. This is the default.
 
@@ -79,7 +83,7 @@ This node specifies whether the policy is authorized to be loaded by the enforce
 
 Scope is dynamic. Supported operation is Get.
 
-Value type is bool. Supported values are as follows:  
+Value type is bool. Supported values are as follows:
 
 - True — Indicates that the policy is authorized to be loaded by the enforcement engine on the system.
 - False — Indicates that the policy is not authorized to be loaded by the enforcement engine on the system. This is the default.
@@ -113,20 +117,21 @@ Scope is dynamic. Supported operation is Get.
 
 Value type is char.
 
-## Usage Guidance  
+## Microsoft Endpoint Manager (MEM) Intune Usage Guidance  
 
-> ![Note]
-> If using Intune standalone or for hybrid management with Configuration Manager (SCCM) through Microsoft Endpoint Manager, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) for more information on deploying policies with ApplicationControl CSP. Microsoft Intune handles the creation of a policy node and does all the below steps to deploy policies on your behalf, so you shouldn't do any of the below steps if using Intune to leverage ApplicationControl CSP.
+For customers using Intune standalone or hybrid management with Configuration Manager (MEMCM) to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune)
 
-In order to use ApplicationControl CSP, you must:
+## Non-Intune Usage Guidance
 
-- Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
-- Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-- Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
+In order to leverage the ApplicationControl CSP without using Intune, you must:
 
-Here is a sample certutil invocation:
+1. Know a generated policy’s GUID, which can be found in the policy xml as <PolicyID> or <PolicyTypeID> for pre-1903 systems.
+2. Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+3. Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
 
-```
+Below is a sample certutil invocation:
+
+```cmd
 certutil  -encode WinSiPolicy.p7b WinSiPolicy.cer
 ```
 
@@ -136,16 +141,18 @@ An alternative to using certutil would be to use the following PowerShell invoca
 [Convert]::toBase64String($(Get-Content -Encoding Byte -ReadCount 0 -Path <bin file>))
 ```
 
-### Deploy policies
+### Deploy Policies
 
-In order to deploy a new base policy or supplemental policy using the CSP:
+To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
 
-- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy. Refer to the the Format section in the Example 1 below.
-- Repeat for each base or supplemental policy (with its own GUID and data).
+To deploy base policy and supplemental policies:
 
-The following example shows the deployment of two base policies and a supplemental policy. Because the supplemental policy already specifies the base policy it supplements, that does not need to be repeated in the ADD.
+1. Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
+2. Repeat for each base or supplemental policy (with its own GUID and data).
 
-**Example 1: Add first base policy**
+The following example shows the deployment of two base policies and a supplemental policy (which already specifies the base policy it supplements and does not need that reflected in the ADD).
+
+#### Example 1: Add first base policy
 
 ```xml
 <Add>
@@ -162,7 +169,7 @@ The following example shows the deployment of two base policies and a supplement
 </Add>
 ```
 
-**Example 2: Add second base policy**
+#### Example 2: Add second base policy
 
 ```xml
 <Add>
@@ -179,7 +186,7 @@ The following example shows the deployment of two base policies and a supplement
 </Add>
 ```
 
-**Example 3: Add supplemental policy**
+#### Example 3: Add supplemental policy
 
 ```xml
 <Add>
@@ -212,7 +219,7 @@ The following table displays the result of Get operation on different nodes:
 |./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/PolicyInfo/Status|Was the deployment successful|
 |./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/PolicyInfo/FriendlyName|Friendly name per the policy|
 
-The following is an example of Get command:  
+The following is an example of Get command:
 
 ```xml
  <Get>
@@ -227,10 +234,10 @@ The following is an example of Get command:
 
 ### Delete policies
 
-To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy**.
+To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy**.
 
-> [!Note]
-> Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy** is not sufficient to delete a signed policy.
+> [!NOTE]
+> Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
 
 To delete a signed policy:
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index 48b33cfc5d..ea44562376 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -1,6 +1,6 @@
 ---
 title: Deploy Windows Defender Application Control (WDAC) policies by using Microsoft Intune (Windows 10)
-description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+description: You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide.
 keywords: whitelisting, security, malware
 ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
 ms.prod: w10
@@ -18,22 +18,20 @@ ms.date: 05/17/2018
 ---
 
 > [!NOTE]
-> For WDAC enhancements see [Delivering major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update](https://www.microsoft.com/security/blog/2019/07/01/). 
+> For WDAC enhancements see [Delivering major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update](https://www.microsoft.com/security/blog/2019/07/01/).
 
 # Deploy Windows Defender Application Control policies by using Microsoft Intune
 
 **Applies to:**
 
--   Windows 10
--   Windows Server 2016
+- Windows 10
+- Windows Server 2016
 
-Microsoft Intune can be used to configure Windows Defender Application Control (WDAC) on Windows 10 client computers. Intune includes both basic native support for WDAC as well as the option to use Custom OMA-URI for customized policies.
+You can use Microsoft Endpoint Manager (MEM) Intune to configure Windows Defender Application Control (WDAC). Intune includes native support for WDAC, which allows you to configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or to also allow reputable apps as defined by the Intelligent Security Graph (ISG). Using the built-in policies can be a helpful starting point, but many customers may find the available circle-of-trust options to be too limited.
 
-Intune includes a limited number of default policies, which are available in both audit and enforce mode. You can use these default policies to only allow Windows components and Microsoft Store apps to run, or choose to also allow reputable apps defined by the [Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md). These policies are currently deployed using the [AppLocker CSP](windows\client-management\mdm\applocker-csp.md), which requires a reboot even for rebootless policies.
+In order to deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. Beginning in 1903, Custom OMA-URI policy deployment leverages the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp), which has support for multiple policies and rebootless policies. Custom OMA-URI can also be used on pre-1903 systems to deploy custom policies via the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
 
-Intune also allows you the option of using Custom OMA-URI to deploy customized policies. Note that beginning in 1903, Custom OMA-URI deployment leverages the new [ApplicationControl CSP](windows\client-management\mdm\applicationcontrol-csp.md), which offers support for [multiple policies](deploy-multiple-windows-defender-application-control-policies.md) and rebootless policies (policies that have the “Enabled:Update Policy No Reboot” option set don't require a reboot to take effect).
-
-## Using Default Intune WDAC Policies
+## Using Intune's Built-In Policies
 
 1. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
 
@@ -46,53 +44,29 @@ Intune also allows you the option of using Custom OMA-URI to deploy customized p
    - **Application control code integrity policies**: Select **Audit only** to log events but not block any apps from running or select **Enforce** to allow only Windows components and Store apps to run.  
    - **Trust apps with good reputation**: Select **Enable** to allow reputable apps as defined by the Intelligent Security Graph to run in addition to Windows components and Store apps.
 
-   ![Configure WDAC](images/wdac-intune-wdac-settings.png)
+   ![Configure built-in WDAC](images/wdac-intune-wdac-settings.png)
 
-## Using Custom OMA-URI with ApplicationControl CSP
+## Using a Custom OMA-URI Profile
 
-For systems running Windows 10 version 1903 and above, the steps to use Custom OMA-URI functionality to leverage the [ApplicationControl CSP](windows\client-management\mdm\applicationcontrol-csp.md) and apply a Code Integrity policy are:
+For 1903+ systems, the steps to use Intune's Custom OMA-URI functionality to leverage the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp) and deploy a custom WDAC policy are:
 
-<!--TODO: add screenshots-->
-1. Locate the policy’s GUID, which can be found in the policy xml as `<PolicyID>`
+1. Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>`
+2. Convert the policy XML to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+3. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
+4. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Custom** as the **Profile type**.
+5. Add a row, then give your policy a name and use the following settings:
+    - **OMA-URI**: ./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy
+    - **Data type**: Base64
+    - **Certificate file**: upload your binary format policy file
 
-       ![PolicyID](images/policy-id.png)
+    ![Configure custom WDAC](images/wdac-intune-custom-oma-uri.png)
 
-2. Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet. The binary policy may be signed or unsigned.
-
-    ```powershell
-    ConvertFrom-CIPolicy -XmlFilePath ".\Policy.xml" - BinaryFilePath "Policy.bin"
-    ```
-
-3. In the Intune portal, navigate to Device configuration, then Profiles, then create a profile.
-
-    ![Create profile](images/wdac-intune-custom-create-profile-name.png)
-
-4. Name your policy, set Platform to Windows 10 and later, and change profile type to Custom (OMA-URI). Add a row and use the following:
-    - OMA-URI: ./Vendor/MSFT/ApplicationControl/Policies/_{Policy GUID}_/Policy
-    - Data type: Base64
-    - Certificate file: upload your binary format policy file
-
-    ![Create Custom OMA-URI](images/wdac-intune-custom-oma-uri.png)
-
-5. Set Scope and Applicability Rules, then save your policy.
-
-6. Finally, assign your policy to the appropriate groups.
-
-    ![Assign policy](wdac-intune-custom-assignment.png)
-
-## Using Custom OMA-URI with AppLocker CSP
-
-If you need to deploy your policies to clients running older versions of Windows 10, use Custom OMA-URI to leverage the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp):
-
-<!--TODO: confirm if these steps are correct-->
-1. Convert the policy to binary format using the ConvertFrom-CIPolicy cmdlet. The binary policy may be signed or unsigned.
-2. In the Intune portal, navigate to Device configuration, then Profiles, then create a profile.
-3. Name your policy, set Platform to Windows 10 and later, and change profile type to Custom (OMA-URI). Add a row and use the following:
-
-    - OMA-URI: ./Vendor/MSFT/AppLocker/EnterpriseDataProtection/_Grouping_/EXE/Policy
-    - Data type: Base64
-    - Certificate file: upload your binary format policy file
-
-4. Set Scope and Applicability Rules, then save your policy.
-5. Finally, assign your policy to the appropriate groups.
+For pre-1903 systems, the steps to use Intune's Custom OMA-URI functionality to leverage the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp) and deploy a custom WDAC policy are:
 
+1. Convert the policy XML to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+2. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
+3. Type a name for the new profile, select **Windows 10 and later** as the **Platform** and **Custom** as the **Profile type**.
+4. Add a row, then give your policy a name and use the following settings:
+    - **OMA-URI**: ./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/_Grouping_/CodeIntegrity/Policy)
+    - **Data type**: Base64
+    - **Certificate file**: upload your binary format policy file
diff --git a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png
index 360e07f63fa27bfe51781933e4d05406f122da79..1ba4774163c7c6c11be23370ac7ce9ebd0e0aeb3 100644
GIT binary patch
delta 59138
zcma&Nd0diB)HiOcm6mszndMShnw3#mnJev<8<kt`mZ`btiVApTW!`3KX6_4>DXF>T
zzLKe#8>pzLh`1vlU?PGb@T2>_pZ9s+|9<laA3k%<HP_6UGv}Q7p6}EzY_4C}d^q-w
zxzWxY2X;tENbJ0Q>-s$ji7hP>5*rU}+bXVE2#P+Kc=$Xp%ea00ie;G7B2fx1$Icds
zpge-}@0Y2*Rj-bGFgQH9C8`hERdT$(((Lt)>Y*k3h5?tNst;;F_b?IZS?_3H8M}{K
zn7oY`+7i(sb+rC*@yJm9vCFP<*DxpUA9u31?khR|M99is!{`Lf_teeZ+~WjMaZcyM
z$$|4d@MQx4snJhDr`-Vuagn5Nj+e1q=JWV(j^Y9SDXZ!#6{3y*{+Bqj@ZM*lQD>^G
z>0TLO8)wu1RNr~uxH{(T_nsgVD!cM$YJZCKzGL>)KDQr9J(c}S^4}^6=|{)xYy3h~
zi7ijHTm1j61SGz@-1+89sNTHc$$!nhyI3y&Jm`P)`Q+yB8~&?%e!DZ%znOBgdHd7<
z`R>-tcQvHQ%tM#{YvOX}#M+FC=+<9~|5cnhp6o+vHb?|X81`+NO#lmP4FwcPLmsrL
z$XiGWp-i6>JoySJRhIgW6hid5Il+VKmGj<4)XjQfA7~A(c3&dH7IQym%c$UG_&2g8
ze>I=997gz5vmgf$bH@>aTYA1SQ~(*f;ZtgYe8(2Y8voKa2pGfgqqpI2#2Y7;6vANn
z<}p&(pV9m(o+Uy_y$YMLh78AEUvBPA=a6S5hF!Y?0k?zA{+jp8E+a+jWVyKZ#kW_}
ze8U~V25b9$(cCk7ryjLhD+P#Rcz$4l6ZSMQlC0*dUt}sZF1Y~j`1zVtP{^BE(GI;;
zDGYes5Mt_!B+m#|xa`WMwX)Kc1XhQvp-MgM^z2wi6PoDAH{~|gi)J#bZDJOh8}ZK`
zvQdDm|4Q#~D!9YVc~JyMp4DrXB2_^2M?QiyI^efQtMxAFJ3v(L+h`efaAxfNJ*i5-
zKm?)4fsnMf#HKoep-0q%X1ku}Y$NX{qUch~+2xSOjNK&MLNzLw9UFQl!(pbk78D&%
z3`1zszWtHKVuGRdy?dV$5R0y!?a~0tB+Q}g{rgLKe^2qhIl$;uent5<PT|J_;nnx<
z1wQ?Wu5c7Bn-6kj*dX*+@oyszn$GTup~7hr$x6uwQkWxqBNlnBXBn8Y0&-CYmAKWu
zIrypYH|9<K{M-UX64I%!vT8+v;QyXnEAyjvtR%=Z<(lor$yo<7XC@{XKuM&U;c9ty
z{k&c#d-AsWXG3`#l@DPcxEc>v&McZ4LdKgQ86xOJ{~)vR<2%r3eFGb8Df6<V#*vp3
zk|Jn=?ixxZg*!vG#&~G_BQ9RU1N*==TTb>UMo;t=w0YhUI%worXoFNnZZyVY9Z^0!
zc?7c^MC%5XoN@u2FLAOkW}d6Q*b5V{50(N>oRSFyK7|kI2d6k&^qu{1=lI?o(N{m-
zInFnWRlI*EAm`>0m0Lerkzr4AcX^l1VO*YiqUO*04AVjA+@M9S&U_1Z4tx{^<tO2Q
zFNEwE5C1GJ=h;m`tAWH2yqw^SNA=wMT*G{TJA`>1kO}03Uz5oR{$d{9O>$~5h>F-!
zBgpbFG&P&?4{`w>ks#*V7n52K2tTNAocTo7qJ>`**)1mur*?U82Z}MgjRF~WzXT18
zY#6WlMZz0a8L}>GDO8eQaZ0@og9tLkVF(uSc#O%eA++#BEjE|twps;MqzBK}*7Efm
zWj@6NO$tuqt2aTa__}w#K<3n1ynPsgx%p=dYUgUqFa@tp&(fS<r*y4`G;PMljOZ9q
zyZr^W3FNWUsOxyFDH28)z&0t8uf}6x%>&8UHd&eGkMgLTFCG}3;}_N!axZZ9;<A0g
zd+kIH9fsJz0ps~{2uYj26ef2kf?j)+2JEKFAg|eS0C_|IC^s^1-Qaf-{X_s2Xs~y-
z&*Fh)>nAb<4qVPxrHS7j$yvegy&z-7%q^vzw#K~j*UC9(do^Mx-Nzc_AUQHZj;p(d
z4)2bYayB&~JE+nyRZ%5?@gl)!78<;i=B~4^Gvu>M#|o{+g2&Bx*p=U*V%Z7Edt33_
z<=IUHZMWCJL(Bu+#WST@L9p=`wYXLP=HCU=FFSA@2*yT)E$BqE#)VV0jjfnEgAl}%
zm)P(hNXGVFokc|=16xB0&DJ7s*Ngw7DgP*p^wP9`;}*L}vbR9#6k{d)C7RcxhM3A$
z9TGy+DG1aluvddQ3^>I8U_Y(DL|p3Ws2q8X9t=Oz4CKCShS%y9<B<{fVbf9g;MThx
z;WP7!g_6o}qtdZ}=zXj+oDtUqxplEJx%G(Ggz3afikt<T*1Mtn5cSuc_1C^v(tDff
z>Qoi*97J|x-e0l!{?E!OL8S$$R^)2u*U=<`sIIL23IR5g^{ztKaRI!Bcbit4bTGA`
zgu&8hf>gx^so74ZCo3(X+>uKi(+jz(sj`Oh1DxA!fs3_>5Yy)&A>A4=H0DHvbHb==
zR<RQjymqG;M$VmuLmJmT%r31x;q2cRxEMD&;nV#KQSyjD`p7ywT^pU+z;$KPoN@84
zyvXhd;59LbcTKP`w<)RngjmtWR`aM<J{o=vfkPmX;jT~*u>3b*LQ1n8p%&`ZZW2RP
zL2cbw{Bci}$~Qc^*44Sk<4CcxxhEJ})BME9i-!nm+yOEG9PY7Am<g9+zAcKT!TzJ@
zTwGj%XaffN=(>PNqZ>udSdVkQ>U1c>MgeK?t+V8euc@SN*r^}<6JB9q88*nZBq95~
zYRH?Nev)VvTvvY#E$$d5QYtI1Wl#7Yg-T&Atni`}Zg`Q%&5<1Th4%M0?2%0a@+Vzi
zSw-HBm@KbEu&4?73sRs+2%U*8<z#=Wo!uZP+U`a`WckBuYac9queAY!lY{`9DZGns
zTNkd(X@cjrX0Pr9)e6?)gyy39A6x64-xNK1R=_BlfV->yY-<eo&l2t3;pQUGdOF9c
zm9f8(oUl?%&<lQoC~GW19_?WE6{An}bI>aq?Tckt$H1?r0Z)|mF_gl)1Hkfw`tcQH
zP^~tGF1nTNpGgT_0Qyrm&KQQIHCry{C<k@O*~IHHE(v}o0IwD09e3Ff2lpVn+3~Yw
zHaWuF$cM`DV7Z)O(3CIu4w9uZ`<$St<2x9+%(+&!_nb4-m^*TP=;PaWzB>HnwD}V{
zR5vPe9PM8Jkq3~u9Ydhec*I#kCPHB?A>1b3em>BwXrUXx<#$?bqy=|J)z81X3}{pP
z*>u9kqD}bxBJJyDNlxR~D$oA(b%&UmqPIM`d&}8Uj)Jdw#x2O$8t@?V(@RuxkKk>S
zuw9Y=&`>u2GrrZph_u5TX^U;vaf(jOF*sdk?2nk($UlrP521mtyV;^uTUm0y4fw0(
zMCXTK6rj-YiHk)PekS311_F4jW1;pz`^Z_MpZA-d48RU}%nMR$*v5el*lfM@jvu6$
zXa}^Ej!Izar)Cf5a8nM=r0}&4vD_F%i!@k$1&&Pi6QryNj^RI3VZ9>UoZq2_x4(Da
zpsf@KNYW;sH=Qeb6f1;xkQcc<a|lL!Oz;{2QD$RUkc9phq>%cK#pDi#O=oKJQD68_
zHe=|`K<WwCP@Vr>^+WR7+j17S-|S$e>>+#3O7tRO?+m$qWtU|7j;T}>Cp3C?Z3ORL
zeMz@Q5yrZM`M7zSHc^Gb%$6K{o)y#coT^P@UIQm!Yz(=Rn+%q|Z_)*X+?fmE%d@{c
z2TZ&Kd1PIg_aMP-DPjck4i2Y+TQA7Zv#yPAVJub0ptkSou0qE5Ws?l<DTNZy&4(|U
zL0A22H+PUTv`K++wwPwU{Pb1<BE87TXyKE^1YUK1zfTy%#9XJR`iqpmO|`4@!s@);
zO`C-9=7781n!yv3mw?j7`iLZ=xrGz{-Lur8A-a@2tM0aACPO;^(XD-205vU(x3VE3
z4AXzYEM5vkkfy~7{Oc=_uKh^P595AhY_3dSfi35w#+2`Jj2k#LPH(jxuJ&VQ*WiBg
z{p%ot$}pj$sBD1Wacl%h(^J)lKn?w;gqH(oOpv<6GnyHonOnxRC9g-UA(FG;wSp|=
z&n$>AjRA~8V)wA?u-4egC#B{>gWfo@@`n&l&7KNPRV!ocn{Zandb4@4=(%-WYcG5h
zlf85<h)q5yAEGGujewg4bQP(k!8_Mh_a{@=O^k!lzK--^GgRT%^Oq77=Evjqoi}vo
zsg2DL0n?Ixj?P)&yEKMOwLZ4GkyOC4LN%<w9q$FAm0@fvgHTaH{leI}?E2Z=WNz_*
zs>u)5-Tw(m-fwWoiuru`P~(?}!ftJc-NgxeA1m$4y6BAF)z^#JL_JMDj5~=OuCldH
z&r21pAw_phOyXY3sFY}7^|b;se!X)5M7!&S<9m8xJjbTx6=db?dr1CpwsnUKG$qBR
z#q(Y3@}jzj09r?Ye>IL27VhKXLZPCUCQsmDV^=$(`9bl7)Q<C3jjj=244E?BcR@*e
z+&Z_C^~1=jy}E0E4+cK#?u}TC8=3gpz3}raR_C-=oozkq4a~F1eB#L$Cu2W=T%M8a
z&8rMBfSZ#~dUnim2X!XnrGnLC*nL85_~}P$jbsgR;H>zi+z5>_a(Z>Z!=!AY^MNhZ
zd8HgQueF;B8qJH>4qAjk?>j4&j^|<HP3(YbrZmt<BK2bJYr(dr0`MT>V5nO>jAEdv
z!+ZLu$bkc{X?V*Vg${9n!5BOKpqkQ>$SJhD(@&(wg970S?L{U=VR|ItEp+#{;_?FI
zu&R;Zt~!b1=f(TZbvSmBeTk^3A6oa{sw<|Fc|;WcJzz7_SY@Zje5CZ``vyOqQM$jW
zlB(=e^J-~Mj7DF!2fTLk&-N08c|w*hMBSOqjQV}I8_=_I%g>9rZR&<9vFbQk`ekO2
zf`NV~UqGa23D8g~w89j4Z1`^gDz*dX4s~~AkzfAW9le(fxHA-66Z&qTBER@gaIBY6
zEeRw}{XS&Ij*I#Ey?FoBIekU`%nnWAwef}iT%xt<UEHIS7|}a+teN1mdlR?bJfiSA
zpp8u05xEt0J0ynIV3L5I-LmN(j(bcLX)K3Z{(Y@!(eQgHAbJ_c0@oaEsOZTw#1!GM
z^wp;2Zm?&-u;+6DUznD$+y!#psf5#K>(1RF>vNNu*9ZP`3^w+vWuZ?I=2Z9(tF^J`
z>ce^}61u-;HjK}5r{l}@dZf#VH;{m=L6~^qF`{o6<~rzn32GIX7sj7%!NM2=Y;0Rp
z{c6^=DlQpB>vH+dF0NU*Mi4iP06!`~PeI9stI-U}(l195V{m>mGr`84(lqmqua$m+
zLVn9ae?LzofbR+lrUykP$oDy8@0~=c)n31_;DO$#K_#&ux_|Kv0R8~X4!)vZHHCx>
z#B>IJIv5;zsWzuF@B;=+k??T#8=8rlN&pLtihIk8k?58C96M2K&BhseZRNBNE*-rR
z|J){&GN&!mmzHY^&B4CX&{_2;1M_QpLTWqC>KNYVO=c`}TkZ6JyZdsNt|8J+9Sml*
zwMTFRw0g-Q{a=A9-n@)51jFJc%X^hu*rQNSe@{KU`8k2V?wIg+c$&Eo<2Ok-&Flu7
zW|Q5+D^43L^Rdq7O+aw6Uc`gfsk~X1e0HI~6W1&|qMuBR{9jF3GO^Qr|IlQ<)oOm}
zl?h}Z*GO>NRrK2pF|HxsEV$hS_nd6GSP8s#5Xj9(tw2i~x&yis?#VFfjA5__{$JXW
z>)c<z>x?51@qOA@gUh;eN%f3{1<wH*?2}(Op_Hj+u&57ziMnl;=?!iwDqSNio+6Xg
zkzZ5@limS*{2=-|$zj2i&pIVD>mL6I8kR*;a>7K_`%&-IxaAbIx*fZQvx{^GoH5P1
z`6>}1H8jPB2Vb0oWC%(LH_q0*ii51(@lMdSl<RyjMSo?u+V11O>J}`}O6K3+jOTn)
zHXJSR4ul7E)Xu)o4K}%57*D}@<it?e3lkS|N8Wi0zXTXmi7Jp%qhMy8G1O4@7)r4;
zVLtL6Xq;Ax*Wjdn=_=8V00WN-fW(gGH0+Dur+zwK9)V(2ns`3}cB(UBDy2FgJAKG^
z28GNCvgSC_I^NI@8$$z1R~|1!WHw7%bS#o863{C-Y8k1!)lu4Wm#wnlPxqns3Yy%F
z7snyAev1iQbfiH~HT6E?J!}0p2ft4{%<pqTO}h>mM4VKTENui%TcN7Y^6O*`mD4-a
z@1vdwo(bwoNeGx(`1(|PMwqA7!v1#45XyDU$Pp<Yn{}=mars9ykJ|xeq{N`W)Isek
zfb~X3UKMdax;Z><rMKKUD8aEk0X&e4inMU0FQ0}_?Q2?}c{R8qhYO+FQ3g(AiW-8y
zs_BZ}XtGm{fd4tJ+}R2rZGu66AR;85e$XZjifqeFNJ8=qJ6vzu2vlhAEQo=gcW0nN
zh^WOw68*K2e{i778NX5{C03y-3&UdH;%$}_thZU>%wJCge_*JmW$z4Nt9^SEpDH(S
zj%ACU(a)M2Si?>mjIT=Y#{k-^gA@HDfcN9=yIutR`@*>KDuZb9e*s8{9--79%tBng
zf4KI)4<08URjfYv?*oaaSE9v(__sX0QuL_x<<82@{|ECj{(No2nL}wN$r>;YBSb{3
z@JP7mJNEgk>(3Dl@jJjOcwAMCa?Kj)?v)Vagny6{(!jIgibZU#kr;V9E`8;R#HOoD
zhp~HEZ^fOKp=Xr0OGq37Kbw@;x>vLT3rzkI1m~9cr|z%+{jA;QmJQPTTT;v_1I4{8
zJxSOsA@TO$pT2g<K*ep-|LOhjo524ysok5IHKCp~SGF$a#WhPYMzcvxbn9Sm*#(Ga
z@33R&feuyY(2i92+HO6ua35ZW*GNe8;a`Q7gj42m<DQU)wPRxGOB|}nk$T1)E4&a#
z3ubg0QT_^IJ?uJc<T<O5>Z!m{yFp+NvNP`dRx+rfgU<g3o}FA7mHkY_lv#j-N(@<)
zq9HHTrme4NB@O0i0o~u%In+JFw!(e1Ir49B$M1Y<ZK;!dPC(W!@S!RYrnbz96Vm99
z+P<XXXQngR9dXpVhiyd^+Jx4>!|fHo8%!W@0f>HHp6WrMPac_#d>VOM8#zC8n0+ee
zz`j$GicUab5RG9GmZY-wO}qK6<cg!c4Q;g>)AuX45e&}={B>8IHXiL8`pT&dDkZUK
z@qAvnvz!)NN(0e3Bhij)fsDKD2>(qIPahj82E4%Nkh7k>O0Pz(tQg!&*xUm3MVJP4
zAncH9#z{F56yGLbDe=JB>HA96eBY+kb?nLr0E}+u|5}xg%;!mA`|jH893SpS-{-kD
z(bx4Dde}mGq6#e$8F@_|QE2J9D`i(sSjNq;qz#*Xk_1GOCvSzK19A~Y(|$;SDzEWU
z5dp=7mDyh2SY4hje>igA0}}fggSUA6P2H?s#L60YfrviCpT4EEE+j+<`<V;x&gKH=
zXFLMj-UKo0A>i=i-L1dJfT3dS7{e#jpaeNFgB5*Y)cMEJ83!d*bbgFFS;P-*P-$aZ
z;*ROk7c<#c<qudeBc`m)H1+IB+)-8p9V<CHr>xN=c$Z_xlGL-B`j(?baPGrWL4yiL
zj(L^-M$PsTF31DYoLf1L5$h-paD0sp$0Dc%fAV6)GVGwlQ$epMDm&j<xSYC0PRkcU
zp};;fBwK1~sMPIpcC`ViyA0=y1?x~?K$6*%*PB^GMT5g2Akn(<8-qS`f>E`Ba1(;u
zPiC)52x&qil?dn~RJ>uQ03R}-y|M_~-o#nd-n)N?^tSn{+`elvfLqhkHTe=AFTydn
z|3>Iz@VA7L5YReJU%)M>74lW}J~)q*3>RT>$wd<>@mcw65dU)iv}O~hWuJiokP$yf
zh*<arDm+W2EVs#qd}4iA@B5ZA`#i93Ob(1Yd7xyfmHu=aL4_B~2-;@=Uw-6aOi2YJ
zEK4JDd2O#7wDkajcb9e3TISjbm1%um4e^VLzSAOZCDdSr?oZJn^QnKEM3!g*=lT7o
zIGTchZe0C?bx}1=?leuOf*v54)JveQEv2fGG$qO)JGro<q}7-eS!TCwQWMC-U@X-c
zqq8#3xhPIIoHRfr4AKvA$5b#@EW*Is<+TXEUL_td&}sCm4pp|xdNh^MM}kx|NvwL0
zo_5(ZH5D)3Z(}N6B{f>-MV&_MUX6~t)%LeD=jSpLsQm}cgCoY++5X`73JZp_mf2o6
z!4asGmn!j4gOBrDN^i|zhDQO<7`KrU09|U;aNZ$RFezEzqyHG(V46VBm82g=If;>S
zZ=gPu68)xKsOXXzDJtYh7}De9skMW*=N7v(cx2iM9~B9gGY5ZhZZ*?Ikw`l;>Gf|a
z3z8G56)E&05LvOF)3j4Uf_D!xp&FvKP53_Y;WIhiy8uAe4)L0tGB7?NqDs9IEuPDM
za_jbFyL!W3pv;_{qFl1cw7GiIE_{Fo;E<eS6N<MkZWefZ)`iLFP^BH&A4ExfqZK!g
zkxtea(NM5*1jHeDYIlq7a!a_+3-xLS=SvMP$Ec8d0Oy#%iw6LTd-gnt+$-wq#X**a
znS<rQyk1^{Ha+;J%b5H$80W@_(?n;jQ`SnjGrZN6q>%Tcp<2YlMwCY$fI^W#{@v&r
zh*yB;<Kh}A<5}NYBEoVjr~{!J5r^O#4(^wMwmZ_k%{^O<K?RyJ2Zo1gXy3F3N<B&1
zo*%B^pRI<gH_SW-#YF@WA3DnY>Og#->Y%(X`k`~WiS`Mmw8II#OXmvCUnrB_jn9N^
zcKQJe3!lt5K+kj5KUJX(#B;mM>eT{0r28p0PNhLvC5|$h7A80Mt_M4Y5Fe3A9wD4f
z6#irU3^=(n@Z8#~?%;1qDGy+ADF(BKZbj4;oRynOWotK8k4X_^JK_I+(ApUP3}Kf`
zH-vNfZ|qXZM+Ec0W^C%U;K5E@2#Z=g@w+PkQ%j!cWX&S<gn*@d9g6^`?IvlqFlogJ
zLlo)EqVX(b2xK#QMRC4iZJu(%U|qsLLl$Etkj2!^&p+5XAFQo2yNSe_Zzxy^H0X1V
zJSii=ANk&BwCros{VgVonLAbgl^UGw6q3$2DfVDS9$K!O6U6hgVEg%qc|!|go_r`F
z(X*#%pf>|x0MImO!l1$KHIr{Y-1rlb7PNiNd0O#Oa7c8{$8}~0I*b2a>7jlpaB0F+
zl)7WrL?GT0I#vMveM3^>GIV9o;2!7MB&dp_5F~kSeGkI#llGTGAmL@_#zl{@_wW%?
zp1hy%WcG5jnt;5)VrA}RNuQjSdGau+z{I?0z!8Yt^h{(|=-vF=e{7|IbslGGA;9ax
zJ6QEBsiY8rh1%vPUon9%fd`+=end`(*Z*)FzO6e*A+mq;@`@~)Kje$_FIzM(N~0gX
zG#`o}hIe`v8kZc6A!4a7JIR!MP1Iv|w&fdM98?Yn%faY@PawzRcrEfE9QNKpPrN7`
zxS+r8%qv^m=ph)&h!{k&-&MS>$QHs(<#rj|*2>aFdf468HP^=uvUc=d>h!ttpuQ>l
zGDynl`_{HrN1M`+@LJG!1O7qYC@;bLYSr3TYnn)LS<m;(KdPy!7TMCY&mmyA+)tF5
z0JlY%uD@cyg=ltaQc-q*{KBKAT!74MypDQPk_5YL%6ire6Ry<<bx`VEsK>=#O3gr@
zsgGdS7hR|;v{lJAw2;pVEDLRF7_Q5YybJEx4H1^gH{GE+BW;x*?^HRrE}c!D9}Y7k
zRM%Y_kmkdyO!qemIym0N+P}&jWdyT^<bzWi9d)!|XV!-Dpwzo$(o`y7MF}Q5i>~M)
zY!PIE=>8Y`NJ_ADdI`1bq4UOb*X1$%D2)Dyj>?$uiYz$fSv~-Bo9(V2cNOAEeFFQg
z;3ysWl1ny5{*m`tn4C$3<oqR%c!TaWj+E@&5aW6_83Vqy)@&yX2HvQ_e{WX`NrXl=
zidI=(g@xt_5Y5a02yEY+ZNPlc4!-mqk;v+?m>7~lVf$nv{ng8znu?53jsu@j)k>w<
zdYb5~p<vh~A|xhTLgLI4BN1MDdMI0L2@4xR9?VobI(S$x1tO>V4UM84r^j0xHQ!_u
zQb9J4!(iE%25Nxbm9Ev{qHI`Rc*G@P)ULDzeQ>Y-H9+M81pj&|)pYkKbWJw10)+e&
z>s)7n6>*%szSV&mCLd9h$hNrfmj@g<@A;DCBurs2Q>Pk?OWDCFML2+=GvfrdX(l+h
z!MY|R`8AF#?CKFmul2b`jKn>}-_z@DmppbK&<6khr1ZW!j@5Cj=R}OO&c(BWoK#un
z=#&r$jIW)IYC9PE_IFo;S_4i7J%yimN)qY*Ug_?vbD)dh@AP_i2Sq-J`8=H4tz3QW
zwY)5=L#H*q_UP}+JmWn{y_K#0w??WSE!S9F+ao_-aqM@LQdZc^RGXVoL@Nk3vWtyU
zI(IZ+aRs)gfLeWw3R%h5M3QpsURJcrIEQ`)YIfQb8}9<R=d_Bm=EgSM927=!&q3=4
zt3zG&q6{k|1-utQyG>pz>I~2^Zp?|MSn-+Ss3C75x2?pnVGk26ihS4+uN1rU;KdP*
z2-`%wu85`Q7s(r(!d3yrx)da#X~R!R`#ts>k;Gqa0#DnAyuY;8Z+X~8#eyG0dO(26
zv^jXqsB|O>6VgS2rcQnBX!r?#%VqCWuWubl{cSvLl+@(eovFK6W}1jcNw3;{4v2j;
zB%mcXsEFR*zepSm3HyO=Q;!5ZrWHNb-%`4>%6GFG)^)ee2bFkfOKZ29n-12DUfHt5
z0l1gK*V&RaS{D{4RgI3`e0^r_R~yjcp1I5L*xiN`Vg0><i{H2|-MHAb<PNo$X>Ox)
zj%$}as14H)Oo09m1w#f>mR<mQ+a_65Vtgrqx!rNe!UGxptwejxF*H5Mdh_)xQYW*&
zlKF0MEdY~^=4`DRQa3-3+gW!g0GndjKEWSiPb_`^&7y^LZi?C&hSebnUICjV95zvv
zJG;XCg4TI2rx<0jxaKSY6Y${Tk+%%^Ivg+<J-ZDWMy*q0uLoo3QOq{Zuv)V(Iw1(?
z*e7ffpxkgx%t_U3=CAMgHAy;4c8+0ypM3%Ko+AZiB`u+M5ScxP)z!?;w_@wGrgjQ%
zJd9tPFf5-K74tH-Rs$7SLqh1BO;2U}iFsuWV~+D{&&7#igX)UE8oJPVDm^EXf;LT$
z)lwrl>SF{zxJ8LBT<JNf9ywzRT~E<mMd4c^Hg!S^(LIq>uRiC|8-2zT#Jox)y4qjl
z&(Ey(xmYqFm@r<6&b6Q&*ZF-g5dY0BE_2@@lxlOKxBHerfD}o+iV*Bzr3(Ir2R3xE
zi&c8=*#@d2@5W_<CyO#fy%w8_)xmjEBD6O#HPIIhjkZZ;EX2|`N7yc*PPQN`S70}s
zXv+$r>)RPslX;m!>r`UnJ&+%1PM@rVnlYSvgQemj^*Y)iVn7KAk~Y<!wRB{0CY-M#
z5lh?i01<ap(J>?)peuaBfrIi1c~dqEv`)9I59pF5r#IYwqeS#=bJi5&_5Az>SP!FX
zYMYs;0i<(b^pl>Dy}c%6s3<{bi4J}V%oS3q+XG*uD)$lRAI{gD4_ec>>(p=1jpS^t
zTemzDb?>rnL9o%n(#LA8NkNS>&bu^yxq1Q+4W<T*;y_=1`!6fiE}9CN{w44mB6cP$
zc&@GW{H%aP!GN+pq3hSSKuHVulflTf3s?Ez$6028Yu5%GV<~cvaO~oZ^R>+CDI3S4
zxTMTvU9fPa1P_PJXlXimWtBSR+D5&YmlO?=s3$+x_$Wi4;jas(yoEPI;(+2_Ais*=
zf?0F&nF*KJ-?nw$V8A5eJ3lbg;v;w6*{dlK8<^Le4HT<4W$t$ramYH5t0_SuRvwk*
zn;;h!$?GWXxQB&ELi*(0<0}lJJ2_1PntE@;&7R^R@JYci^+0%yHI~|<-jh8<(d8Ur
zwX?Hw96jboK8eB_9j`T?cLrG4P%rLyMW7^lsWB(8`9qBJvJQJPVcQ0Y5r1~uKfy)o
zOV1Z;oIGnm;oqkYs#~pBv5sed<L4%f12HzBJ^_b>v@OveQu2@7Vd&LUS6~18fv@hY
zX>S@V)34z464|W*{H`HoYRK-ds(60s`<fKRc<||vT=$&@r@Au%f_Y(|Gs^#Sjqq=`
zg~6orE$a;ebh7$;q%*`vy)W*W{Am_0c@kpBqhE89FAZ5!44^1Q1PX5)$RklaScSn|
z&XHHuP0<GaPLB~QALaKOFdlQJ&ON?0y16bP8i=r=*s8_j`tPQ8qxDT&_A^DiICPog
zD8j3@=7SYF>?crU^qvk{0Gm~Y|0*~j@btek@)qluUwR3fNMNoND3hwJMG-|T2}B!-
zDg`9%$bVVfB<gT-qG@VVUSEE~f1TO*R+OTbaw0h%XOcLVzxj8ZS%TaO3YuHe82Oio
z`wMLBu=?a`tc>t8iKyjh)Etg%<|-rw5#txX9oF?508SD6SMw{zrGj5nKnZ^9)yn7Y
z`iasYLie^1q6Q0$dRUPtKMj&G5lLO<t}mg{3D}X_B9kc#&*>Uv+$J0I!41rHV>4$R
zi(JEi+Af-MlE_$EVuZBw7wo7jUBD~n%ze$o+(KxlW(6d1B-b>dk3E;W*HjS;#J20C
z)Xl(LMC6Hk%}jbiqp?nnwF1=oMCRm{aRFEYV#tAeESxT0j}9VzLsXd#Ct=Mq3kz_D
zC+T(?T4CL#$Uzf~_Sy|{zVNsh(5cTyF%s+LH-kUj8^W2DP1|08^An%h?-#W@uY(B5
zjHcFZOLjD9L24>+{<y~?%kB&r6=B~Bga~HrS7=6&U-SK)N(xYJ+pl`CCZ<jly}I8a
zpCuWnciUQ__%f7&c3OPWAmoU48PN40qD1>OesMaV5}jI!S=WPy)%Y*HtFI6ThTENM
z;R4~|(l~s5FrkX&NJwAN5DaOn3={#u%3YBG4PG~y!}&4jkF1i2Hg94k78usPTHKUf
zbgx4fbW8u?{nE`h-rzjoH}cJxtFUI&u|#0+NFEtj^40d|ynVGJJ6SW|VAkJK3vWA6
z!e5z$MwY;w63w&t&<rml54$2cu$I}6mkVXCMvvS6cG0npNoV_r(v`!0BowB2uO<Lr
zRV2ILIGu*Lj-25@4vq~h1E%h@B^w~m8ala+rTzBtwfMfyiWJI(j*+py$g-j&yeuZt
zQ|o%Ut#cwl*$-dDL)ghOXD%F`sb{>$=43Rn;VQq@ul+D@;;R!V2lwFGp_LT0sP;CN
zXjAGL(_B<#CZ`Lw*%%=)0+Akp9qkaq0zrV>`PnkpYouP);IDvKKad8K0_w>*N4hj|
z(FfajcX_=teK?dC>JIPR`{5~*UhMy9+_u0q8|IM=kDY&8al&%SXLuErgRl3nrjSD7
zPvk3pRL!@%<fsPXO7VI@0L3({8FK-2SsaKt4kvML5lv$PU*rS)n>9mI1aQ-JS&-wR
zAd6Jv-QWZ?GEX3YWIA^G^K!*_42RAc|DclJ^k5lL+#pakm<dIDo(sRUYiKHF?C-7;
z`N2T6{EPUNDaK&$@a;L>Zu?k2?ngm*9a~sW2uY}UH||t#2HtjFVTAodhE3%6yfe3)
zv(0Ua8qEqWIUSgL6FjUhBGXH>*}r7`f;OEoasq-&e!@02l&DwBE^HY+?a(X~ytNsx
z^0Q1&mHad_%I=IQas-VRs|XwD<xX}rn7S^Vo@=9nrQZDm{u=Wue!v6Qn_h9mhE2e;
zAm!%qv~`dODLg##y0cDAxWt#yQ@R#x-k#nhzc)K9`2Z+L`4Cia51$oMun%2p5K=r^
z1y~jNH(!<?pVi+bqk-oLDFa#TG;VvTE<Yrd;qCB2(;RPuPMa}m#e$%l=H@;6yKDT0
z=X+beSta1pmsUfG{5$dcs2hy3bb1jws4@S+Iqgx`2aTkU?IP#rnOD7jt$58v;^+P{
z^S%G+fCtn^v?f<S-}10^5=6<V&tyvh+S<3eG86QVGubXcL8~c_y*(*g(z~N#Coj}4
ziRC!P8*z+q$))eSrROmK|B{vN^J<CG@AN8L6FQzhnU7wZ^sQIbj4!(Z`bwZGr9L;J
zz6M3wcLOV1pr-t|kHHTm%8&{poLgA$I<cmeo+cgO`AvK+PQcdz@QFy~H6Y@rU=O#_
zJoKP7xKL$$cbIhm;{jtA={O>y(wyD=DA;~1wMUhg+R)lUy?O)iM_QdF3Jm#kB7RKe
zzUldJY(tf<k(|fa!Dp(5MGD9eA%b!n!BIb1<vmWGZRQ7Zohd<>>MF3%SCAP5xio7c
zPYYTtmy?j#TiU@)^zj3h{J4k8=b|#&${AAE8mF7WW=Gl{gr<r7k`_USO_~(%UE5`1
z+Bo^DP0q$rJwIM|L}4ENoyLis_na`Xe5uIC$5Kz0+;Vu*^&nO?K^lFzy`aA}bu=|j
zDeF?Z?eG?$p${>NKZtokj_gn{JQ^_4CY2T9koYA>w+o?T?6L}&3QbyHBGWGYcCklO
z3u5m|X1ZwvJTfy`j(&6(w4Ws?m@{rbuCw`s$JGUD^kb(IK{;`Dp+Do!Hk6C)UH$rU
zw=AZ;bJfkm$#2qO+y{vQ8dnOIyd9U_qJ$oO4xn8pA@5_HDjyq?B@;5JPS_syWNAVb
z=vDm`zB3hk3~;`4Njzg`8$Dc)_wSb=eH^SjDJc8kg{rZ1(X+O;*2Xm%!wQY1<?EvM
zw2!HW^P4`OJI3igvdQo<<a{>85pAjvI8t7aYL-4dSfdtpSL+BqJ!15en&=mW<<`8P
zB_GsCLoD6+<r#^%_9J|2$S~c<dy*J8ig^1N>8u>40L&$Nc34Ov(;x3>jy`9L>hY!=
z1UG%RH=n%mF1l&I)^wg@hq62Ey!Zr_EaaG!l?cy5n@MUJo;YXa40={Tv!ZP3sIMM(
zFS)UC(qC4p7p~*<TA>8?bLo5c{g9<EZG&EXM9}A;<_6F%7R|j{i=F)lgSQxG_8pFu
ziaekTKqOqiS|6B+k!L$#S6I7)_Vkl5!nmU`mq^(YP%6^S>nc_pn9omM53dslcfdQF
zNA~g<LCBW);C!}Iz3l?jN64hh%Ss9O2l$B4_ARn>gO-+9t<3e*I9Mb=*1;?tjy;Uw
zx+smOM(qlCsn=aMiE3O^kT`QGjcLUC0d!yOnu<~JBU76h<El3(QHN^DO=b|a$dwwD
zdVJND{ha*yk)%Bq-pt!ytFSdX&rhoO+}1Y`eQLXH#JiIGT-GS({Dr%G)}Pbt?LGcq
zjR$iW=zf^x^rtnn@p>090%@oSS1m6bMtcTO116MWcR{(5v6>Jp#3A_Ji912!j6i-o
z7}A*KaQnsOr!Mp{m1C!uH{oO2vvl>dN8asI?Nr{ZJpo%I$Bq@0KYH7KO4Un1-2Mz2
zt``+q2yAXKh<2d$c$BfCPFh@{s6rrvCFg)e6OjYDcEw*7CAl#tMhO-%?GLP+B=6X_
zbOknziE9Kuti!j{ghZ7oI0gXTbL~YLkMXP;@D9hMh?Cp=F5&5<af{5f1GU3xE?f%0
z&uzm|l9wLYl94H931Ro8x3qxoC)ZN9;ehK$?4|V+ADav!ALlE)OKbkxCyC|k0f`#>
ze18eg_&!^M=FBMhi)3=6x3q}fKNeBm#7dc~BwiX2J{Vd*%N@aifLr7H*M&jp^-c-_
zm>2Qk!$CjcZ-&*d-G^hcQ)^q{I-%;@{2G53wXMgkGcR}`P|oRLA1Vw4Tphw%+{=P=
z(r=mI{4HX8(msmk+$t*RVo7=#*$ZMB=db01OoR{c<LcRdXxT=O6J(+Ka^3t+ayawT
z^;1tEA$crfzf&I|Fb*IQ7_5baELg=Pbch0Ea{F=i=g>v#O!J+P@g;A)o<y(LA?DK<
z5+O=L;)C<?v!bBp*~D%WZCYg#xd1T^Z{iaCyG(*5K9r_)zt_M#&#@29TwjN+KBf&9
zAJB4toxS5Sx}3Hfu~rthf^#G<U`XJ+(zV!;4H5>g0N7D+GVMpOmb#e7ez}ithvz!h
zmG-2;%Y`o`{-L(JsHkq+C64bFju9hP0}h1$jOI~o(A4)*AwTaT2ikzgxRS$j86r?c
z$g}J{;y_U1DI)q0DSqM8HLHlOCzNF81x5oiv@6$6G&Q9wcy^G@A{iF@=jgVXi}Q(q
zIJ4P&&HRakKzZ%7I9@mx@F!DvXTROE|HHG_6sH>hEl;n+{V(0V?}&I<;a?jXuAHnH
zRW8O6ZC>yWT2pII9vpmoAkBt%4mMHWP})bN`6RTiI0r;qWYw?Eda2g95{WnH;;ibK
zx4yWptpE%;mEyoL8?H|Fs-5=p@ad|CbMCq4O!mG}4N-YGEc@kJpsq#D3Y+_mbJJX7
zwfUI8;|7V#=s(HW<x9N%6t=bx_98ioTzgqmUp00y;F-A|+KEk;so2Ch%=x&yqj+TA
za-fFcNBme6%ppRH9!%R2n?NdKN0ePQNPNExxIM$N?exl9ny^nyTCW!u%WQ7WwtrWp
z`EfF&+YTDmrJH`muAzhmd<8SEl9gKrr%oW|wNIYg#Jmy(Q?>Xu(Yl3czmeF=>qe-E
zv$gxh8P;E}BQIjd=Jnqz5QcRik7X?cv|&G7+jh*gw<O*u;<8=3*KWDT;n`jR!8JWV
zP!6_IZQ1_Fnr7;-j?AObH<)i5i?e#d4lcy|)SX|159zU-&i1eBRr?b1v8Gv*p_#t7
zZ!95NhAl#y97p0!r{;78?1aZOe@2;r(jAERUd^=taJteG5-UL%M8CgbkX6LxkvjRh
z>8rBXYUr-kLd!gtI}zDIqBH$#pznaM<>a`GsYB77#>Tjpp7%@kv->+1YDr(&41<jW
zOp|9EO;$+Il5+kpeshChAFYltCDzl@KWo1xo%tb_(DQuYB3Z#VO)ZDHqDN!^gd@t|
zvSLn*O6Evqcj$8z&J?#NvPL)u{qJct3fU+0*8MzQ>5ZRPGg7JOJ^wNgP)-@9gpgIV
z{d|@GO3)eG*(TF)0@9uLR6A?SrHZ*TEd?btjW4C>5pNz=tKJK%GY49ubur=hn+f4(
zvL;V?x1X(^yWe`&&Rb<`ji27nbmop4abAAKd0vLzabx_EbdX<s^;Y46;e+Y2M|a?a
zt}5O90sc%Q*5C3kpRhZX#X!QBiJfOkhpq=9A4nRVd$TnQmLTUIfzE^eM0EB?@l(Qi
z?n}x)Gg~d%1oz50;yWrI$l^5n(?-(|gw2hlK3c1qu8g5MI{cSyjkz~b_!eu~2`f>U
z*Ix<Wu;}9LBdeIhRVY1)s13ih{#vgG*fw6x2vG{Uk<4MakUw@IfXn)#9ZD5HylpLi
zxlZ?Y%))*dSBaBmkBXG$k3ZD=<YrsqmQuw|jDW7ou@e@wS0Aih@>tW~w^5=`6#blN
z$WlV?Q$*e=i1oJ5(%Y1@I=eqzr9bZy#{xZCXhdz|M-@j((L<mx&NlPkGlM##!N=!i
zm?w95y7>YI_$NI(0PVkW=*>q<k1$eSHN}Ycyg`h3i|_sJ+Y-##QFAQx8_;gIQ)+Wr
z&{>&S^zCY&a~neb%!buiv#QNFQ^T$sE}RQteF&?Jza5%c@RG6~QJOsPYGclh-f87>
zv}UONp=fHO@7#{gYB3$_jOG=Omp+8ud2i>Gp$`tlEXYLzbQ3X)0AiZ<1-m{UzcQ#y
zV^|ARTP>4^2S)3lX8{}<R-Cn)0xVuc2TP6190iguPQ98v!`atTC#kTnhu!3xXTARO
zyk(gnW&3&92F{OKjw5Dgue~`GLQH*xc0R#S78}nMMX?RLvyFV%f5f`<Sao-!CXRy5
zc0cNJ705e1?!J60q8NBrSD7uTpR}>vpYkYDmu3*O6ZgV3D<<EyF_c{3$LjG2`Wp|v
zcmFTLG6t_oR*tvj8|Oo4OpWl%K7!{rU!xbl=IRUF8sQoKwK4_O?a3Bl`!-9sd^lTx
zEg3k2-cqFjO+!Z+eO5i&`x$U$<oTeJ;pkV%2Eegb6(vP4!!>{QMo{ry53gB{$$};$
zjShjKFE5{Don(yUOO;-7M%^H$Zf4jIZ)s@Cdz3mCS+D>ToA^Fg<2}0wJ0%3~>P*wW
zL77f9ixW-uu+_!>;bQv>?mheU#E$X1FdFtb>ig%IlZPNWVz*%RA35a%%E!K7D?s?P
zzN5xde}h=FS1*XI{sQOm+#jw;?7xmlOrQDB_@8;a`~Rhv{8#^cpV;R8TfTp=`u3o8
ztJCZ4ADmgvyje82vvH~O{c{<^5p%I`DHBco;jVl*a}2XnR{Rpbt$_(Ndp8718IEsJ
zSqfbo`S^zxQy}ha6*L9=Ol*KQaBhjOjLrRdO<FhlXX2-~ySDuIvHxG=x$*zdTO|8H
zj^Z0e)&FsNew}t!1Y!?edK%e*ezJSpzm%QJr=!~vw~6Io^F#jBMzOK`Q~tj9Sn;2R
zs$n1N>D2_E)L`*tn$gq$K0O3e)Hv~%)4L}lei927%w~QGeVHp?@I}hT!Xin`D59l^
za|X3;;xxgZXh2U{Lc#@bRh~2b%}fjhm=p8~RbOI#GVG{}MBUtAo_KUy^J&g$o(&N;
zX9GS@o_Q`FAwrEhE!TWY!Tr)7VLuJt+!EE&vblwS;^}4ygJMwWgZ8$>AFa1zHhv)e
zUH?R(W+I}9{@=a5ZykxBUdsNvbRS~Y*Tj&^&o>8$`uZkQ!ddeGWtHHM7lYv5DDh+v
z#Wv3-mB4H1PKbrwgntBbIm$itQr^(2^eJW|E1uEBanjxv$sV#PYHoI7k+Jx6kDLNc
z`|8>&0b1fr{DQr~fz2dgU<{wh2e{7(f~ojybIwI*TBWUtdpy2v`;gtY(Ouszf(k-k
zlD-U8tBB(dv0@-&wZmJO<#Xn-I>e-`2cZrb*1e}S?sk68|GVFP{OE-n7(9O;$m#3v
znGV`BsndPx;I-R&mW(nJP?KenI%HV0X8d8yMv14*1G!h0s<eq;frE%w)%t7i347KP
zgTO^YHqNdcJl)Erm+d>+Tg0j;A;GVZ>;61%3>1{~YUG*Mu$ZqD`xmQqd&h118QW<1
zQvA|XEAeR!R$8kaIuTB;i+XY|SK_(ZlFX9{73$Un89Oo6%jo$eS+JsPRwsz@qxs`@
ztiNU=Y~*A}{vCE!R=Q}{D8Fsmk}~%l{q0_(x_V|Si>#QdpimL}XJ*P=<jJ7YLDU66
zgEQahu<t2?o^0c!QP{|%7Ilgj?&+2M&^LqkTw#iu+dc00tiDJtDzCUPLp2VP%&_w)
zYO6d@bL>L#&ihptJ?}knaN(`Y{Tw>q>1-Zs!XoFuFgpV!(?4*<tXp4XhpB7+mRJ3{
z4cC*dsyj7$-kS#<>Csut?wJ6o4H&Ni&bQO%V5}S4b42+)p(!~g<v8*{Dw?s4Sy56_
zb2V<ycFn@FCW#1B%dcPh24-|xoWmD(D?ukLYtqIi(=k@9#a3grllBUpcl9%?JO_R4
z8vL5<GYV%-VGz5*_iv;wdKT&lFJ}AOrC`%a%$!Zk(962us#n|Nor{vKLc<wA1S;m)
z?4JdBiU6G+(uTG8%SxB}e`~EM=sV(3Ki}oEp}ICBCBe$$$j28N3b^Wm5+}P1MVn9W
z=CqEWe6t-3>jN|=YB64#nd#}T+8h7UO550ermm%R1M~SV-Cv;_qKne*=2p9%+(>pD
z7yQ0ncky#}Tyb}%mEXYjx*nA{U~!F^gP*aqInaMqXW}z&^}tXiD1mz_{ri)G6f0<c
z3Qosbsb59cs2s=9E<g;A9v`{^AC3|bsWvGiB~f`|7073EI%0N(*gwq-Tq<uJf1r>L
zH!`yt9r*Nma4r>6PQ-k+D9RFbRB4=<TBvhQ)NbGQ=0uQCBeTdhG-WrykkAuQVU=aM
zra|k87R{e@FbiQ%9{eMa$U|zyx6?+dE%xaUt0pELvM9O-304Z}D*E|jH>%tVa$YGE
z-fhr*C!10fP@u$&58{zW^D{kh)n4I2E)HLfhwM@k3-Z$Boid*4+}RssUcF`0M1b!T
zOdB<z*Dgo;42<j*0$8Pp5eTF_M@FAbL8jKm=G$O#jnvSgm<+=jOo=7T6~zjWKBZ+{
zG<K>uD+r?EH>5;`@aKN|RQ>D)T{to1BXqH%N=sd55>sfxN>3!v(DO_TDmZ?vZW$$0
zknBa;&K>?9Jb3;M;AVHE1^R3ECSHPGPG(*&f#6H}4*c1%2`ajl9&k|u1Kq+nZgIe`
zJ7=F8`%UM{G1*f42a-1x3hsXN=KuQsv^TS7uC;P62lvqw|6`ZuOg_F*>=?vllik<Q
zf&+5dD&uDIQ<7iDUF>W|4`nrE-P86BPxG8|ymbiPouXMSb^NBOYxkxN%;7n&(vo}h
z*9WQqJ}?>!{nFHEH~Mh$w04@Z^kRf&m)WGgwUuUG)kW<q>;o6XXwY8k#g!|?8IGQj
z+aB5{sP8K{VqJ70b{|v5GC!oc7xd5&pG<$#=^S49y2!%Q?oq>%bNF6WQABPY7GLo4
zT+n{6!Ro_hC^M-@a#*Mvb_1e)^LH5@cZ$~lEZfuHM&)(jKJN81KBw6=Z5I0W!Ny5^
zao<`^1jWpBM^ef1#%Z^Vit*Fkpq&LN^Z#f@)T#Wj3u<6)&&qmJafMa=SKZ`Y?K|^B
ztWMl`W;6Wg^T~uRw(mf$V%TI<HP+SXy#hR3?M_-+VPSXD27lS}N;dOZFUre1zgKwz
z{ltqUUu!RW!J|_;w_;k+foHCS5NzK*L}CA0&%1fCIKvq=Sb9lOE-nij8gwSv<Rg0d
zm*#|J>HMsU+zwm+_e=1zR$}NmU%4}UhWeOERgrm`Qx(ql_qC~yQkD?MtAC9@z<v7a
z(EmV^TU^t9-s=S(%`0%wY+<DZmZWL{@PI?xxzu*sz{GzJoLkkBRNz@u<BFQq&`oyL
z4VUCH?&9+6*Xpi0iVc0}rg5wx|EtmwPF|XOEwfV{8O(YS<NRU!-XlZz2vQlCGXccQ
zle*0x%`Py$!+&<RVRwS$UXeDAZXWAB;q&5>^}MO=i-#zPtCQO3hn=hP@^!$$`zR{%
z-hCH6^kAu>G3{r8o7ss4BAb1)*Q4ZQwHtcvT3fAxpW1O3XL~^xWaYcm&T6dI{*9AA
zn|D6b8?QWGP1qm4#yO8VmHcB?Bc$nAEny74=J3WT!1qK`m*c>wD*f@FCHp>kr~DTJ
z>3*+WU)#*Mz%1sR#gL=lb_P(z{aQ)6llATxlqvR7^sV*GCeB1<rMjAAt%Ccr*$VgG
z>AAFp1K>&G0qKmNmKRIR4o*9rcn3fGgp+XPg0L|^IWTjKYMew4Eg*nN)pvH~xpWqd
zP+Cn7jq`_Ip1=ipq2hMv8*RyGIKnMTxbg9Ounqp8(s6B#yBXQpZbIO%vn3zEP7+Pn
z&Gn>6|Dbb!8Q$MGc{7&PV*XDwBZe?49P9ETLo@m&nqXBPSmihS&tBCFUF=Ic>$+$u
zo*6%NQjn<80A+?UldAoQT?PY&?i;7nCVe+fwZ_OmpHJjlam7KxZ3#sMKb??*65v5T
zy}P&ZPI+^aL!lFp5wZ3;yx<|Cq06c`uQR24e(p8<03qF&=o)B|nlY#-JOgbmr<!`x
z6>V^z@A*Ey^~<cqH^0Eg+ANN)J#FUo$|GFI9Ybky0~M`0Wu@Omes)nhSJS$<NxP%E
zxQ0-=FH=ijAJHuQ;4rfovBS=v7dU{5E2^?`GTy6&{X7R?&;ze8Og+^r^G~1T5SaeM
zf2*2zACv&i9~gH06L2oF{*b#@w&JF{*2il<er(ZX&G+KyHKd$XSvRrQns6D&b^ruy
zyE2z3eyQhSzn8lujG%QOOCOfgqx9M4#Q~-L+uRSf$k(TgD6SPq_^)*DZyKM;kN#Hl
zFmX>d@Wx9Ulv>%Xk*;Co7B@1VWtcy<6(y{m3+I(;nNE%%JEY#juB`0n^?qNYbkWGT
z{Rsb_v0l@`H1nI|Fo+G_zWj^D8@dp5+qg=<uH)o+SBHv>+tJS=7YeoHi#{!8T<PC9
zZe${kwWT#%IO_BH!w4d*@c(1&tHYvt+jR#K5RtGzKm<imN`#SaQKUO$ND&yi2N-G*
zA}XbHH$zExmw?oO3?bb)bT?;#zi*#!e`oLi&iV%~m}}O%-u1@w+|PaA?;8m==Y=@O
zoyC+Oppq?xgEhCa?vu%P!z(kWNMA(&%q(yfH_kqXPuAD>N8~*FT^Fe~-2va}g5K)U
z1nKe+Z@GMg7vq!w!ofAStUNM-z^HR!>|{2Ut?dUrldz7pQ+Yh<>H_-=od3N0(Riw4
z1F}jb&$=#RA}`N!?cd@!2_kzS=6!^YbLO#EmZoJz^JQ@FAv7=G*iZ4Tl}4nS4#XLJ
ztZ|!kq~{GfcEDYpnYgZ^T5E1~_ok>ReJ(>tcHZdTQD>LDOMvNc1e{ccg7x4PMS8Kn
zvbITJeOb3Te2GJqV1D)f$Zzl6Wj9nwSzC?Cm2n|x=beN@-a^8UKnT@ELLs7SM=e^>
ztv!2%;OIISVm}kXy6y+CF0n>^D1l*=Qs$2s@IH*sv`8Yhp-nBDs3@44c8-mOgNNZb
ze(o|dT74|{XmJs_A0^<aF)kIKR1Ism<6SU3TptjHlnj`V8ZF%^1?Y_T>`2^~zV5j1
z=Utr&UzT$;%L1B_<pmWk%Eqm-rlwL>s%xdF{Z=^sUV_USFZVAR1Fz|MLlsdYDkv-1
zO32QW5M6<rzq&~h_rYY$qZ(FHT_JEf2Nl|X@{+pOYx2VaX9kLQl&V^lAy7wK)#%vG
zrh?rXK2(rpYBKb-*l;)0Nx3H4jB0DbpgBt=hc8SHkRn|<hQTAUEVcXwrACWCCM?Oo
z&+dIQRt%UpI;pL~9Mjt+7GDHi%cV+rigt!fkrv~()@uz~N?+?{8Jd>Pbh^i`a{bzG
zd2%a?^=T&&ds9WNEXjs-eGG;2WuTo8EDrdw%TC)tyyXFxBu|Q!opvE4J1XXpfj8A7
z;7YEgLTReb2mUVIP319FW`<0AF)<E^`IRc2x+|C}`j>4(W730tO!K9M4ld^T!z|s!
z8GC)@Y+*NYy92F#u-~J*pINQ+MbF+aI<f8gJo+F=bE1+9n!-0$NjZfez*0Ym$gYdD
z5wG1`n(vB9Kipmz5ekxY*%ChA7N%tV2~bl}sp#rj9YY}Z-g)i6t-g2rUbz!HgNLVi
zV)ebE5mD>sef5*Qv}`(Oxbf%T1{Xv({5>qcQ7#aK7U7u{AzT{fqhQfD6nu}NY269I
zE;MN!Sz-+<qoURc6gOzo!)N!>2nNCV9)<1v0qU|Q%B{zeQTxkNr|;`;NV9vc0@-=B
zd^wy>Dr6TCN+lS)gSjUJ|HtI%O;KyT$z;!m9-e_<0*K>F=X3`%U7^yE<(-qs8j?`y
z{)6~MI)T|3Wa|??A~1)v_&O<pYm=y9N(+8miW6d}hwS<pszi;HAV8K=S|u}FgyuSt
zS9%_sT?ONmO~sKPCHyrpG#T)X@z|$5KX|Kc-GJxtIf7&^&T-sE_tTQg&hNKlfHwvQ
z1ZuCY2VJzvqal}H)Y{eyS44-s|G7ozvJ^&l()h|`*s7`4a#_9{1<2EEU{*C9&*Wu$
zG&)+T)x|I-LH8>`!al2@TBD=M%0=dDW>%#Dt8eLhozWpRD7~2iP^GUZ{W^Z@8k$R1
zD&|=(vBew})>6;MsIT}<?M~5xL2e4dp^x^ue`HH|nTeQjj7*}->Cvv`i&41FSIQe6
z!iTdVmU;rQ5B|aeH-tdlOCs6)Tu@wqX&#HB<QLX8BC4jG5O1cJc?DYSTd&#&=DL{j
za<Aj{SbXDmxdV)5wo{e#z0B^-^Ho;LsV-tiu-lyMOd>yhMP})!MGuQR(kqWF;$fJT
zXF}L|b|Thq*qtkpt+8n}C(Ch`rVkXjenPgPx{J?BvClVQ3vVq-C4Kd;jO~xR<i+g$
zgzH3`e2Stw{Gn0g#LI9og(1f{y-5%WF}^!H{Jgp{Ky(b@#~6<?!jGi1LZigaF=|ur
zcq9XkHKg8yqFVS74aicvw<6)&OB?l)uuUykr{hf?d+JhrsPGdIzP_oB=^V|}v1MP9
z%dI<e27P4ePX~+1xSOv1waLjpU)-fDM^b7!yK7)Ftdu67?t~LkRVhwS%8#7}3mTh;
z0|}?;d-Fb)4RZ$4xMVtTNAEtgGd4yQ6RgnarlI3Q{^S)~0WRdVZ63A_Ym>R$GAF(J
z7g+eFy`C<{-mrR9ux#($@QF~SyN@G4xhc9&enhq>#oau8ps$6q>SAW&A|1vex{;!D
z#XO%6znpXuqk~f^Jq?jEdR0omYJgFcgD84Ob`#cb^i!#`I1>>~=eAV1EE4AzR$Faf
z(SqY<waYC1a_(n`1?`do1mgX+iEVtKD|_O1g7C1JZz7qPud9rD+*w5Qd4>GY!}xuN
zwS4WxK(S8`Osgu{oPgJ$vI_Fz&+fYYv%63gOzFd(W&T{^EVbQoqqK407z8l8=CX3z
zZ{5v(m-<>dAR3F&3~E(p3CUV8(Lq!#i^-O0!hOM*h=mCf&!{#s*@ui$EBAXTij_1q
zwdj3}VPfy`63i*lw=Jh|wNlfZ^s#oJTv9Fe%ITL3@v23%+7%TeU8+`bA$ry(CwFl+
za{pAA<+&fM&{}{M0|2D*?uyE7fWw>M%6Lvkzm9g=FeRtydj8D`C*R?Y>@ZgRHCyi`
zcfH}y9RZ&F(B`bHG%%aRvAwO5rzjT0Sz@WIT~pjwT%4cNBx|<Wz9)_t9-v^ISyoxb
zua;d7A@9%73W!6O3kXkH#aRH$R^b?p97Cv>iN1%9{*_69!0p8PRQoW;;TqVpeuVSM
zW)7=sTS0HYwcEozUEXU_wSTV7!x6h>6u|7q>)px#S|hx194RlHRtoy5ZX9I}rb=`6
zcvof_GA#M49$jPx#fh#JR1x^fDaEGlalM~ZSxgmWw{77v?A7EO0o&$@0@XAk+!o_!
znj>L>z~3Sli1<;skzM63(5_2!(4tx8jDD|Q>*-<TDi&ip>UroN@+E;<hbfea`XiU8
zL(z3=!N9NzWTW2)OhjmCMzLiqY-=7@zW+&@w)@OpW7+_=7LwaVg6~|vtnQvnpktix
z_Tb9o<?Ms}N!XDj6QJC%)J`&-G5P~gy!%&By?hZ=mmwSig!4?kjG;;^m8b={Jk2m*
zRQ(f-su@4a>Q1A$3F{1?QY!WQOfTZ)t!q#ljWRp;Z!fwZ*L1as@PO0y@>;PvVz_3B
zJKnJzA^Ac1=J;32dBccZQ#RU|qW+S$I&IV5paT;zSVVROAP^Qb!W?HRgJ1h0%fdQb
zTjLS8Y#G~lDr$Nw%s?@TlG7rKXm*{8ZCVCziO4VlTKAR-?{(#JXR{^U3BP=-7~~&(
z_Bc-Hx|a*idMVfXn{dgsj^|^ZNpwyx-bj3ricrml_PiRNz01}e+1epEzQTQeG1TEH
z!_3OSW#oC6A`P9T|J{uerCoX)+$q4;;6FWgD^I51<`!Ga>u#v$#@9l#i#4T(G)%oE
z^kDp&Tl1dp95pHUv~*>`A5Fx^-ju~wstne>!0h4NyK%H-S7SNGHxj0~OhHSyI##8A
z0ZM<qNniY-l_Y=?+9HPs5vdHesxbhnj^YWm@(#0uq^Zj?4cZ*|Uq*AU`eq#tm{qot
z5VdpHmOZX@3|`%;F0=DpU6x!oZMrR=L0`Q1L3kVQG-0YVowVk-m+3TlMnSgnz<zgN
znUvBwV|BUqKavu#GJ4PcdI0^Khu28xh`|W2Uaw%?Yw|6SG3U~B$7MmRStv@_NtWz{
z5OL#FINIh&=(DpgSm?=TW6>(_alomse+ft5AL*~UfQH$@O$OrKEJWlL5u`A!pE<v$
zeRP~HoOIyLmRZ;p2o2<i#i6a)N+x_w$DXPBlU%LX4p^r@=DSuqcSuk?PwJ^QwO*V0
zG{IGa9|+{cNSz-}0;cexd&H|w8fb&u9rD>JwfR;&uMy2x+qCH+?GB4+A|X3s9cSVT
zarTj`SYGh{AEW4;bn(7H64Q6*IDhbqZU}XNkvXUvC9SpHdf3}SQwhgXAJr1-$@9YI
z9AZbLMz5C3Mu%F}%!WFq{-!OP@pqlsr)>h{&#A*`m`;;sp44D>tdNI>t1moPMDktV
zw#pG#9S}uNg-W*aVb11}7B;PaAmuHKpnN_Dww)+E9uj?SA0T8Bjpk&w_ny;T47;4l
zd&FLoU^7JIdDo0jPZvoM*btou8!kGo@<+1@T>|LUuy#^aAElYJ)vWU%QVXDre&V2E
zne;q!j#Nm`k2XUHL}+4Z%4Q4^0_W8hcjMzxvpt3EZD&&-S{4;7`njOn<nVYJ->enr
zQ(o!K)PQ{&7xTO{K^*5^&_NAuF<P!jOiXMU#cdUDS$FCnc)U{N0B)h*h`?74mL7aV
zgQ&A2g>tdELT$27gUb&9GWcRE;;bCEhLEf)m8XEUR5p9XK+pMLNrz}%*gTAcCZ+H}
z;5*u3?@Y-T?}|+wB)=Gy4UZ?=!^c-ZSeRzaWxd9d>|{ARPtDD(X1+Ti545&W2CeUG
zyr+$*z#D6q*?HmKbNvOr9B^I;Jw5O=&EgkbaIDVi4L>hv0#fs|+=HXv)-BBKIBfd>
zT4m!8)K}H4T!;PGwgdL@cfYuA>UXksn;lw}E`y#+cDPfSu@mlc>muWp01O%+vriHh
z$1VHe6g6onw<&BK$<LziPQcbOIw(U{q108{t(@C}=FHj+p52F{YQfC9W4CH9T+<$G
zyUEGHrUM{R364W0d7cFN+xJ@QUxQ2l+#!)R!tori3}{aP_L_**@;05*Yskok*B@H-
z>|?J^`o682_gOD^>mnjUpO)%!Nv!R|X(k-^+{gsJ4IWzsVraouozI2qkd0LL^kPZn
z%#;#89?SZl;N%P~?Jr#SVit57Z@T8SaO<WDU>TPa+-}rg{J1!ykpv4W;;+@ZpE{S}
z9i&C*nEE<3`Rgg1{C-Q@|5Rv`P&Qs*h@?TJQ1@zsu5Mm9Vk9*wjSu@nY)6+BT{QVo
zDnPg;a00F~cobev!i!~T{xmEK`P%5mezBLGem;KH>F8i;LI<%dE?HL@JuI7^rH=*9
zt<>kd*CkVYkxNRoju~92xf3+E`!}f$!ZVL}*ClNW<oMN^)9P_9;qp?`uI<d!ao-2b
z7WNATIJVRq4%=VOyUu?X@aqh)t#BygY^;#*oA?LzlOP0^`f*N0njbxZnf7T-%(@2(
z*l@}+f$=C~NM9(`6kgZZ6slA01r(6PngdQ>7%HGqbfr+hEQBFyDx?!M0dtH>+H5dv
z>3V@Nt&v5fp{=<Iq^x!1t>ebG+@d-HrBb#=?Yb*+>b)=QRDP$t1+$u{78$>W&Z}mc
zeOoeG{Hx#YK-Vanp>JP5Ga8Pcb|q~oGx_sTN;Up2Mu8?}Gwk#sghUSjUR_qm7IF4j
zkdjXVtTMXxo?5txrA^qjRIpajSmagY^wn%dn`%z4)wQXOAGVM(F}zz{xFUZS!{>6a
zgyQdc1pXL5(DU0&`e3hPTWftiWa>z`%|=d=$irpEE2myC6Uou~J|QzQDZ11U_MZM%
zPLZ@KcW$#8;RG0n0MOG(+iW9sDb`XS*GB~s?lYTCn8&K6+*uf!aS%G?Z@gN7O-nO6
zh=v(*Et2><O2I!=G0DE*zr<hr%a>rWHaENaFoRJF9p!vss5h0k9bBGg?K_Dz?{z*O
zw#mEq?jdD5z<l&L(VL`D``(U&gQ?quc)m-$i?h{&0zjj$6M_RdzIM4jK<XjCFTz37
zShzR3fJv44E?vZM|4rjBt0w&?e3>?xw6lSk$&I9r{2fvxLBT>oY9rsszjZ&amcwM!
zyy5KX!1Y|KFO*FbPF`!S-srvB$^M5}bxGs)%i?Xy9AJ#3eR_A7)s&sJ)jOxvv1M1L
zgAcH<JK{^Q`Lys(!ukw;MRXr5BbyU#4|efYZ;nrQZEWyCHB-Q>?ZG|Tc&<ORFnFO5
z|6OjZZA3)v19~^@^`RsPKL6#43x;c!vF*X%O=G-%%F-)kRnB&^F%>`iok;AU<?Q@@
z@?`8L=8x@2lzJauir3Ci6#2N%)y6WwTr!QYQP0u8MgAVj0z1I0dCdiWLYXt7kyXUR
zthy9RD8|3*Pbfqhz}v)N97!$X*kaiBHdyFf<LeOls76Fgv2q;x&_XFrg#l}<lrXCU
zcdD3)t0*0^Im8=SLc!QY*Wi7;_Fh##+KU2hj+7gY)^dpIMZ_;hT|FcOV2vZhPq{=T
zj2<h;l(S~YUcVJ%^!WR=+Q{Ckja~WVnH-S`Rppa*4mK9X%r6rkl%S`*HWfjT!8sI{
zRG?=M+1bJ2&DQ>t&au-ePPI}QTR2N_o+p=SUrj;A6-X&8+EiNeozpn}xxl#sjh#O=
z?73crnDR^zFRUqcxCV&OX!zDSM-tE+izK@HE**=gDd?iyGod!8buJEMZyI&BchrX9
zbNs7|+h+TpbDF$4*?F4P;~&k{-xcKKXF!F~uac!6rL%X6FNbLo1$<7=%SJdDKBG$r
z(1vs9BH6c5GT_ohY%P4T9eo~+(2t&~1()64uG_!^cTWcVvZR7dCe_lDNil>36O;Mf
zTi^EHbXnOuRty<v>Z%X*F>}#K!C|M)&R|onUpD1l=%<r6UshigkQ_}2FzD$LqWBmU
zmkLc0sFI!Vt{m;CSk%wzj9wZ{*3emguo7$bTIhLg``0&drsn$#jQv{%s5RI2ejW#)
zA};Tz%WuQ2Cy{rf2cPBDE>);&-Su1PctH<Zj{NV4^l@C$*NVf2LHKNSAc+jc?UOF@
zKWl5YMN3~qoWIG|=qtyUGinDTR+bPr_nwtk;awPL*mup!lU-Z)N)i)7En_60UTzKY
zfZ?rYX307*%IN33vPT=74ZkX&Z&suGc-Y7-Q1YbtZ%MLYp|NaQ3GY^^tjeqEJCU+<
z0?y+b#fpf{$epLVySr<342yz}Yg%Kr9jvfwC(zjEYFk&`AKECeH~SC$k(;UO_h<yo
z)A?|b`MSF6{<KEDUUwSN=eq8}A#u*YDWWKK?KyYM#?gwcMVb9)63XSih7Ndg+@@3f
z{qd*{>9(@x5O0ky+lI0EW00P7kXZq*vXvI%;ki%)4uf_c;{NxNX!sqBJ0sa0m@al2
z>5a2rp_k+Z$xHG==G(~dIdJQxq>06MZg2D<;=BkYBf7A#iCe(nLpYu$r;Cp6L^6Vb
z)Il$nyAwOmqZDVTOJx!nAtv;}_T!D1Z*y~z{C5F{FmVHL2|o-m)U_;kZ#dJMkpZ0C
zZpZpI*B=ZHW;f^B8=GW)a;S|rtPp|<kd4Y^!{ZS+&tUHd^Wznb?=xN?o5vT1A`p*U
zqH$W#?}HemkpAXA;_!G$x8jeDf{!czuyy6ujKW<c!hLd0?jmyrFAf8F#Vd(rD=MyT
z=?)J3UDqM0mz+fKUmk9asqaioHanop_oG>5i6Hhge^*j4620B(pQmDIm`Da8=pniQ
zkp5oy|4t|bvLC<Kc}fB~7D=+&<&0pgTlpW81xP+XI8GZ?=(2CQFJuB1B|y^@++Sc<
zT2Mf4$binq1==;)Jv>Txz{#;kc{xM0FW{34<|KaA+SLY-8u8EV?-k>_leuo|cg4QY
z+06zlfPzYX;eY;@II(O*=327+)PL}&!csTRT$glK9N+k2-+z%{{_ILfZ~V5S?Hxv7
zYi!NJ)O5IYZXYw<60!{s=fhe=>L2^{j~!kDpWt_%s&%J}MQzat@|4NIY|_KcOPgM?
zw!l&1f5L~(%9rZ}Vt^6@Bhv?L8EdTY`QT;;B)2I7#uu{Tly|V{RFvySVb7z@tb&zW
z_`yO?BV}A;lGAcJmnRp4%9}p@r_CPIJ5q8R-{JBYV}vor4Ap%#EU&*kYb2PpnfrO<
z8eX9KM1~)QgkAV?&ad<+%KJv~OR$Uz=bjt7``_mMfx?vg)D-5upv|V^oqi8~PWPJV
ztkkeUr02@_2)6AjJ6TF0P|Kw``mrVDMl9!cj0e*B2(0U`g<2Nw+LD)T<u;>ZLE^<8
z$T3~U>Yi7g%?O`0kqpT<$Gpr;eO;t^*}tI5HF7-xf5(PaBq8tYV>chzc4wva>U(y;
zEa6w)^Pk)n;c62pJ~W2W(2h^p>8{Ph_p4^K-1A4-4Z}yvi-o&oi)MW?-!5-;;7+Y&
z+0lDX)c&@s3%)OGIG`0Ua9vPU!fe%lSG-%;d2PSinNK-RuxltXP<D$Or~Zs37bW?G
zi7_e_RZe5j9K*od1oyiq(anw%Y~_XpG%Y<0Ch(<ToK-*X@9*>`;OgM+x~>Sfjutj_
z_1TaDd#7fvzA*T(T^GliTh&U+qC=OeKg{|wFTUPFH*E0r2H9mj&%E^`k7j~Ye)P<C
zR1+TKMt(N>=ak&$#&5*wS`jz`J#g|Iy(VLH5wutJQ^ZZT88H1xKG2h$hnNx|Uu@X;
z(F7ObYmC^ae-ZLcHB#T!DCnhg-?b4u$f;t?ve7NFC0Tcm*@KxNbwk6nvpL<fHxuV)
z`}DX^j9|*nn#d37x4wK-zlbx3d~urJ<qYs(wN>6<j>BUSfPdc7qoP=D2DZZP7<A0j
zA0~c|lbU1cZnRNcJLKRCl$g3}$Fz5Jq|MJI9ad(dng`011LjW8VW9J|OS3=K!ujg*
zwYB_%>#SyWLg)Rembhg0x&Yrr9r~Vt^OI|}hfAu%8BDTqj{@!+J|JvYVw6A8pLlJe
z6k2{-rY6api`cez+5Q=3&N5DuXJNbCt8MsbjU-WzlQYXC8`BA7geQa#CcjWsV&yp{
zkCXKrXhxM7IWwbo=ro<BXMd5Wd;8PU9Uj-6yYRn;RoEIDB+l;Fo!9WYC1kxzMT_6A
z|3O+@+~pn{oZ~)r>o?yZ?ZShD4PFk-9FryTWOPy=?}q_Z*x<Z9XLfHKT0=v;@>7p9
z23B{}Vbx_Lw^t3EAv!I-RTe-`NeTAKxz#_xh+@pVis~W=2r3&ewoyEep9bd8eVnH6
zV61SHrS08|DtcU4nZ@Fu=!QFDl-Y>qZJKO{+Et+{=5SuIc2(`W9X8sepCtl<$Mq-v
zoaZiyo?<V@Ktu9^_oQX~I!PRm-8CpUrv;K?yx0Je+1na5f8229=bvz+bUyOxhl-D&
zJCR&wZNaa$qMW#%m$%MuILud>`KWNIyK|AtheN7jvYIv4i8Jp{WK*#9v=o}~@k?jh
zLw>y!^8-hL8aFhQs)0hi^<5pO(JOQ+WzOr7WiI1S{I$)*m3?91reb2IM=IaCt}-+C
zuap66_Jf+kSe!PuuB&goaBd|KhDJ_G0%X}7IGtP;*4>`>TQd=*QrOfMx%C4ESXS2!
z5~zIUa$knrzSg43%sc+}?|g5`8MAO4O<j+8Z)a=I;4Q{MvzsZ)P+X(#oYgweI>N|w
z0*8_1<+QX?9n0!EN6kC?*&o*MGi&PM?|uO0vD@bgX73lG^{8%g6C@8=ZWN<LiH)|t
zfjB*SDk|ygyBw-c*P24B8QA;i7cskk9-b<mAN^1-Z!NGG`Z~M$+3Lk{zGz9o$>46|
zO2XhyBKShV<@d$A9SO40>cw7Z#B?Zjw${FvYsW!Gv1zM<s%Cn)@1<iKe%MUrOGW@n
zZv3I&V$U!PEr7Me9JV1*W>XAMxA)@el8%Sl2$f6|6Q<VvUmbZnS60x@vf11A^oT<x
zcnuAaeL;?yg=_AE8=a&Oyv%p0;nC)q`1)BnvOaOi?)tjpJl*&xeJZo*u(^O}IQ&Zm
z?#fQiw(6i-t~g)-vH<9Y;vaZY1NOFfua0EDJyv7jzHb`%W_)Irpo8XaiS119nSivJ
zMYPY(HiPa42ZAK3pObt%ndd{z@9hZg=ex^GGW`^+Uym{DL5{`z=d|gCo%hNQJ@C&C
zzE8WOL+Wm9z=8)mKl6BPGW2t&qwhM_mKsWN3dvbL(XzKLuINRZo#ziE*a4F~M<Z~-
zQ>WtgV;7$x-@`mC-jIAAIBHiT!3|r_deMk%^lG-4iQK>t`J^a4+{DD1idsbu^=ea^
z$#(4;>j=#P@%ELuaBYX-A1SrB-szSLWzJQ0v_%RRj~7Fn=8tMDKL0U-9M^n(!#adX
zK4AL^P2<qi(W7T5dvD?~2=w;N;LXTL+Xz2XV+vVHX1(tzHsR;^i#RO2*_Jll;5sos
zTAb4kA4W6xp~zn(&(CtzqM4iLZKW2aZ!59UunHB|n54mtQQ5qkJnExZu@`u6eaMFf
zT2Oarno3#yz3WIsZhA2)HntW_Vx1kdz;YH?vj5G`)^ZiX!xU_y2+UjMd*8VI3?vi;
zoWByh9kBd}?VftPRN7R8`*<bTJ$TR>h(_&<!Nq!}W6;}$6ASHuv2ec_(Z1<9cB=Z?
z(pYy-SjUNVek8nWaOG&eIQ)oF=WB3r#1FpaSaP4#folX(V=7?lLs*ZzM}>PcHFl3R
zYM0ie(_WiwVFrN61|OY4?>e%A(HR39*$c|0^9Aa%D9gnvWoO6qYYMMT3Fi$r2vZE{
zX^owTIQ=MLlzzT-+S;2YJ$B1TCwXr-4;b6qeZ<}E7-I@EuU)&}$~gX#A5lH3LZ#LM
z!Va8w$1S<<zC_GtJE99jq-ZWy5Q~EQGIJQdIyt~%u0LzJRdl0Pa2`wm-o-~{^SX|T
zjS6g9beUTEp`Wg$H(m?cR-&7eg3sU?VRU{jqf~83To9@TWCA6`L*v>nUaa_aS4P}Q
zlS5eE80GKv(H*S0qn=qkts@ooIClxT>i6Md3-ru;{60DYQZJPM7Z}dx9K9fv0RPD-
zIrVf)nk)}j$QBG~D(gKRa`ijDCB`2Y;5XRUmr+rn9S~=xLcNW$uv(F+&Cf?Td|?`)
z?yqQ>H+Imxe}v&b-DHqu%2DR%)Oir;Agt&0Fg@1xtELxP_}sNCmKQ_g-b&+G&ISYb
zll}8$-LpABmjku>;QRppu$7Ol!^Tz)pW8axpjY*AcS29$m`yv++Y`eeGxjC+72erc
zb@Ug*L5f^?(+X7oW^~qF&qGXWRWF*c>ZJZ?W{u0gV{~4pa6PEPQ1cuWNnX8Yx71$E
zP@VwyIa*!de{lBW_{8q%>gcc8=gbN;`+pdiZzJ4*t)L=a;rUGZt)qTmCuSzTbmGKL
zs1>2z(47wDSgp=f{P3Y_*()L8^d$O09}tK<zgsQLVYt6Gw&vCg<|4;Kg10=hEO|M%
zgIvH$t=4&?3<y&H19a;pP`Zj*?{G6H=wEqMcRaSf14e0UPjP}f>2}Wy&IRTt%Yk)(
zXFmR)YBL8o46f7Rh{$6*%-(?!3us*kxdCHV&$Y*Wj3T=;B5d8cFMogkl(h9C9&S#2
z0uqxyg-?oD{i)OR!mU4h3>Mp@HyW_rz*$kL`A{;5jdBkGC!4L<VvHPSwk>4r{k=aR
zfkcmv`Wb6O)!nPQ<$!h4>XjZ^x9Qsn`P$9wNUq~6|COH*XVD$3+*$xwL4&nFc{ST;
z(8TWd+g%XTQ37kEsN=i>5Ge!^-`}k2x^4(t9()Ec@W(GaWw<7Ekzf(%y?DWvbeRJ5
zoa3zr;lCjh7=PTw7Sb}nFDRWxj22v~<^<Z$jNYBUDXHBc`nr0c#YRq2XFYno?iUY#
zQJ`}GaaV%SKj&Y#R~Wsn);kK<wET@+h)V~V$RiJz;$62S1vh`*jur-LX}ml?gN1sK
zH*mF~?GlQI{MlDy35jM-tK>=#<r_oSF;6=fNK{LPNX43HDg`{b71s{~)L_X&ISy3n
z740L~{yP<s<<ZL{sydb~Zs<bnh?xqeR?Eb1nf&$+NneR!Y|)n@yXO<ddk=(MonVkr
zkedt#3vW-_FZkQO;3Ru?QJ4U)W1Us1%(Rw09@s5({-V)j&NjG#qj&rn3t%}m^H#Z5
zN-yRGEn`)<g#qa3eXHn9!~TA%K_h~9Hn;ur;?t4+t64#T@s7I9H~KTQX?V%cFR(_@
zHM-k(Xa${%SGOZgI*ad(8bzd@|NeObOL~0DCX@@pc447BGo!()q^$FU1XIHI4mnyY
zuv-zlj2nj>b*US^1nsG_3oV-A+^$NKL5dAiiZgbMK<-+6c{Bsw;N3rLYqWijJ}vb7
zAcm0DQ#VJbM-v)OV;@$Z_eO-dlkhxIXw#Yz7%x<AeGy|#^J?2*EL`B2Zt#dcB1$7@
z(stX@D%{yfa6wz6^x^tK!}tArF@`aA4At6-$Jd)L2LZ@VCy0G|a%9AIVBs~jE9>C&
zE;}6Hj>xWLdL&}$)nP&1dxhwKV9=C_R%$r>$b!L2A3c)z?Y4<><{W%!;I~=TN%Z1h
zWS4)y#m;CmqtxCxgVPc(I~^-yiL>d%q5|!(C`H)%NzvH*sF~^Idn3VGMi)@!QOA#W
zq4$BcaI|<>wm9+H7YnZjPhB&ElcR?_*w3$d(iDoPmn|dp^e=hH1N|Tm+44=SO<IS_
z>R`&7EdLuaMojM7$UR@ez=0subm58U;gzUFEzeVUI487boU=i<?PD*WA@u^De}tL&
zhl2(7p;X$YS?R+fOX)SYZ+54=`|@jc03){cmtyyi1=n1QUx!HRJGTCs5d=cm%vD?R
zFdP5<wEjGn0&U#C<r9dAFj>gJ<5{6obr#!7vzmtYn<OP>vF#km1hv*g*y~+ToR1=A
z*4!R<?|ux->)}xC2*_*Aip@3j^k-RO-F~F+#|u)4UUII>uy(~*jaJ_&QUDnA0vmE{
zbm-ni?G9eQ3%kRU*GX&JKEmIN3*Thu(o)N5sSkP{{HV2AMKcCw)a;)@DL79-H3KuZ
zblETJ%P=Tmp3l5sm-roxe!QdYc-!#@$XSLniJ1K~owE$4w!Wc7AVY%@+Saf))aKoP
ztA&0d$*L&&`_<1Drh8n0R=~B>>L+xA<siKD<d&a`;c*p1Yw0ZS)55$u?D5lM&@SF6
z(609LHs9*DLJwD@$uLF;Tl>z!+jRIk5BG6BO?OxC{OW3{l^$4EyqJ0Sc=QdaBA{Us
zMjoTYbdNQ?U2^JEt`O^37qsIu>TgkbA2Vn5JgUP>P~Q5PFXqJx9JTkWi4fUg8mqpE
z9E7uKnp5CI_er6-kKA*}CK5|+3_TMywPc|Yna(CTjdh;C1fQoNkVU3OuVYVaFnoe!
z_dDM?${5a=!z1j|*5=jeJ;Te9QGBH)VrWu0#bB5j5Lv%mUa)*ERgrN%$b4y#Ro*VG
z?uQ=MMLySNEZhvxtaO&Mw>y7rX?3$hhJS%*?2~`D7!DSSIRHMcrprK15`$=S>zM2M
zNhsf4^P*Tm<X9oaH{(jn)T0n3#;4fQvS(va6c>+vRCU48!Sll4pbX)Me?&YQBTR|o
zOYWA-SXawhAky0C-hdQU;kSvuvZcj)Sl*f;FvIM?>B8>sWLvkGoo56OoD#vMg~AYD
zH~vclBa#UZ*O0PK?b>JVwyt5a12b8yc}Ug=6NBOJS~H_BN%o)xuHrki9-{)Mo+9Se
zDcW-%Fcjp}nz?(kx_P|-&G+jH;^))J(g;UkU*1Uaz6KRZw1XOhUF;o=AOUQ9g|LiX
z2`DF|raBQWtUzi61I2!4cv7b4Vb8M%dPRJg$kWc=Euel9raHB8KCe1KNRV_FupV}Q
zVX<AKr5~vX{ou0A3hm(4UF7;GOnO+>5Chi|vzNBncge1{x-uJ6c0S;cM!kq*okHq0
zsiRQ(B<Id8nYE5YJHXDrMP1GGguRqIeZw7KGSbnToWC&Xtv_Qz4W}_AYg1io;gRV{
zF4PW?PVv5`W40j`Ht?qG%KnwbfK1mM%cahc#)e{YHg!8gXFsXioyJ7-)+Cwl`fhzs
z7Z|(PWFh;P`@t_aMik|m%U0XdF@dQm3S<3^_ER&wpcqXgs`%wpy1sQJBo7AkDkBbT
z1E5zb0^uxdUtAUS%J16$FpnL61<-J0GPXQ9=eUEOSsCP<rl8QysXEU7et$G#DNq_u
z0o$5YfYQ?OFZ$&?tD!!AI;G{J6p?nlD`WG#Ct{W2ndj+XzG#{T4AE*DVI;d5Y^GIt
zWtr@LyrJe+!fjrIF=6piJ4S7w<zkA3+tub<{MyR)h#i^i3OS?qtEc5#Zb1lY%Y9d?
z+qx~d@ydI3`^G0ox#INwo{y`~hyM#i4Iu1oLHyEyGjjEjFiEH{U|COdglf-VY&Whd
zQWU01N0`pbECgnf{?IH#JIu`khmjXLxz(YfxAfxvJ%Ka;|H})Voa*`^hTrN!(B-jq
z*dhPG@RB)X(7rZSHFlhuqgl4s2J)KWu*&cO#<0y2aaNNCQjBu}NN!SQlY}-jC~Z&I
z8x%8e$_|~}>JK8G+eR3mLoyK#l8JbkDX1s5G!1X6IygN8e%@eZ)5xW~=}8?zG6yQJ
z<N^FTUsBpN5^mmlTDKiV?z`<ERg6O?@r&nNxN^ku5yf>RK6F9J@Fx+a@<J_do(%eM
zXPXB^w9>NtB!aZY%cc4|P==Hdhscd(GCo~Rc(%cz|6&9Q1Fj>Agn`3KhyXmJ!gwsR
zY7{Ap9l1|C;qlo*x?MHs$^f`D{Hh2C@&8P^^a_-L8DhO3T7GW3+O0KmNAUU4{p%ft
za(3G2Qr32aTsf{5CAPby^Q+d#1M)xPu^q*@!B@8D1oFmkj6|and|j~}k?E1E%SZ+_
z``L%|yFSWTqU#<M?!?&IS2Gfddp2aFfic$pI=X|5m`EfDVFw65&V|Qs9%%zj3>m!^
z!_~^0@OZ^^e*Fxokd7OyaN|rgAM?D-&8;Knk{=^RE-RI`#gXoAZhj|izTx4f#tT@_
z)n959Z-<>fnY@~FI?R^To!8)F-qU$KM*16gvac~OB=y`5-si5=az>Ji(J;}QFc>;7
zel)>mQ1$In$9V4^$o4!o1jt;4^<l0c?T%p)WUMpjmJ|9XAm^hjx$#TAa3v^lc$$dN
zl?{XMLKwQ(Fwu*@Oro_!2a0Vr8919)J7~tnB`uEv^k|YJ?q)<##;fhG;T>Ght>PAW
z64sSvLU@D7BBZ;Mde=AK{HvyV?&(b`_!U$dbsrgJIoGS>Ztc7kfc90aO;MPuXqHQL
zFz~a3^Ld)4=tk^Fuo-QtL9Xy1hh3a>MJabHM@VaDTvrSm61_0-$xDco^7zReiS7#R
zimMAm_A$c6q0f~OH#?y0DP<EAKW@H_1sCE25kjwh@7PKHe#(fL#uVGe7Z#djI(ei4
zOF!BPspjz`;-<Kmfa9a1%K{x!S23JsW~WsdXL8au`N|~v;DFkfrvuSKFlgBNY1Lmi
z1;H;Jf(dd&$@p~J_0J)490Oag0)n0prz4JTr4=&%WRJ?Ht^9L8dgEaG{zbJc$BfUa
zX>NaVSdJ?GICb-QBCw&JJJOE#B0xPR3R#;y0)6nk06d~mAg}hw)bSq9#;G4t6x5gD
zeYQOs4HaO32gNv+b3}FgVO~P|`jInZKF#{!)tq3KM5RMo8ss0|noVOh-Cy7o9WFj>
zM8<kopj^I5n*FBC@MVOiF>#BScm-unfl3?tIW4g7r~EZP*uEaIvCQwi`qqwcMK}bX
ziN_6?yl)+({(>sTOe^SD3F{&Hi}}`S!u<uMfz_^p&e#RlT8m$s$X}(k@vaYzY6TA7
zl!Mf(tY=k53e5pW8BY!>iy^jIh+>N`_bq?ZnB&m!qIY7#|6tQL6*1(G1_cynyqYSN
zBJ@8kz#_hzxjx*kO-k7YEob#_SPPp}$q@j+iS_<dmReUF>r2Ol8#fw`>A~M{)pbjg
zulCf<9vL=?h)Qp~EKMu42)J)fqa7Q!?8>lfE6a9Qa!Mw9v9E)-$@4HjiSIF-jz?3w
z(~t3kGk64vnSGpNln-C(=egH8cIo5HwiEC5I6T+NCPrdiGjUk!FS7*5k#`0_p`To~
z<8A+}`5FPn&$!^^$XRgvh&|K(nI+YCtu4H-cKyv)8*328W6-ZpBQVMh3;VHicc>JC
zU~qZ78FsSBg#1X61IKtC-+zdFB6SK$Z!C4JcYJW}Too37OFEK?K3|UV@8_S{ywBPI
z9o#)S((BlKh1G|dulKnC>rrbP0{pv2SRe79^vfJ8#_%tPe-QY#=@deFk^$2M8%2l@
ziTC^~VlP4raCv^Uqe$ior$b1nM1OnMx`;{JnlHLd3w8JUWT6=W3q<m!@}nTFuCTP_
zKIqv|+}wgGp?l{+kxC`BB$qo-&Wbm_<~f6exo?R;%3u($G;nszgo!xxA6H1~D)7zP
z`NqBC$~x}%JcO;Gb5vfm)xV6b$v>9jIAm*z;$M1Sz4PB7!{+t=MxoRWD=2mb(Z&}b
zMH*y{zp&oam$@L&AlVr}csPiT=jc)$?cw<lOpVFz-z%4a5MEZ37jeMCTiG=)(Ek#0
z`O+_HR(knZIWkvB4OkXIfI-47$fW`oeCXT@9mH|Kg(&v-irUCu{c=9-#b3v!@xrAU
zI2kQ{QzLCaZV7L4#K%F3wY;9>*RTAT%-Jq`t=`=Or1R{21of>eRmR+xe}h~H8w3F=
zb3l41E0wx>G<UxQcI8%BWcZARW)ML!T25AzLo@SDD<~|bwbXQOy(s7?b(tz_XF^Y;
z)l>JY?h=*WC>zT$60*{mswBYjWo9zgs3Hd{{|>GlwhJouTNPtPkW<TCMDTG&HbiA;
zJOlmu6(K0l0CjQ$8OUtlg8Jbw{96Be5k9|>14u9~acbhvE-^O>nFf<p$>NL_;$Qqt
z>s9<U!W;xrF&8kh5pPnZFSb&pqtCo`F6-|x3?jgVBZxDok3n#iW^+ipZyX|&W_n@Z
zftn!jm}R09&uRR;B%A(&Xbx;#E4Ky7wQ@gOsU#dQc{6{VXp*HhPaaHm9}h-o41&=;
zROnfj<=<X9CA~o7L<@$~OjW=F{fx@|+pv&AypS$w7V6@LRE{<YRej~y@=OUSRWO0x
z&&a4evh4?z(BPE_TqFg8U{rUh)l)fJNzL$Ztko-$<nDc>ioa!Z%qRy0FG&n!aA7$r
znRKPs%@Kc#q>H*>xl|+wdf3pKncG(#*{gm@1ce?}t$rIALLWp^q9a}PsWit?#B2Tz
zyxT5ChlqK;(aPa9`-XpYzwkx(bE~i@Nju-NfPVwIoiQz`KV3ErW{H@=kyMI_3Vqs<
z1@O<wFN0Li;+fdsPEnmCWWbhES~;&&<Ec;fyS~hpy*|G1?iXxBJBE4x>S*QQ7j<dt
z$v#9Brs!DSQqp?8eETJ(3v_L7Hy42&7|I=0G7-KtT;-Uzw=$G+lV05TAL)DC^%^En
z4g_w1-`=T+bRa+n1AqeDhEbqx!AOn#a3zBI;vfsX9>$k}cP<Xq@DP|bjn+sn^-==Q
znz*<w2Ni@820vbss}6mNn1O}TE&SDh-t&;~y+TKP!4QYwe*zJ$B?S*pY)-()?jK>H
zb?_Vy+_nwLw<cSv>Bdfn=_}vH`{V4NT?HC&QZG}t%P9=@I__W%r@ZO(IjgeyvJFUz
zzHviyc-;Q{^L~FTc*cS=1@B*k1%jW*YBv4|q)>@)u+~qE?bWVgC;q8%_XM5(hsyrH
ziR}M%Oveswk#sE3YwEIr=3ieNcUebxPl7;J$ubtp37omcfl<gXXckL-hZ_Sf0W1G}
z`Cg4v2*t?*&9%@-j9?q3QEQq>|4Q(!u+%U~)332yU!&?Gm%J;XR)Z`$)$e9ng9h;^
zv=Zgrw?Z5;MlYpS4D#_m{-w22yaxO&%kR}(s^R~y7~cH%ye+2#N+&+vm~x?0iDQxK
zTb^#6&V`~6_fkGJ0is|F_>GbQS0Ew|prM0UqXUJ-RHIKc6dt&W`{EvpcBKjwjxKfs
z>+)qs478T9|2^>jC+-H;HL4tPF1!jB<G<W~I-I)(5)=Nd&hKU$)W-~iONVvoIQng8
zz@`u=Xifo^v(zrY^n=5<sZLELVYN6j(>W5Z)3d_+oaim`=IEE1#c~!7kx+#%Z_rZ7
zDB?W+cwQ?%CRO25WwVp7kFg4<LsTGZKTK_@8&IAx?@g{}XzqWR*%xr=B6`}h$0IYo
zF8#dXaSmR&q?>JzC_zOt-1bw9NggP%;J=F7#+v@Tf0qrE!`*}I6xUXNx=Z!;D@dag
zp}OQ9;EHXW8Czd%nCVSb%4`rwMu#uAN|~9~D4G;rZNPj2ms1y?EOI>DX@*=&uO49P
z&`y?`JbF;3%Jmb4grkeJxq`r&jC$t$R*Qjx(D+M9P*4<dYBVf0L|09i&tEnveF~{H
z?2Y}1JA!K7KR@X{FK4ayPDVA?=j-A%fVKWFgE`;Y=a(DOo*Hj{G)vPQ%zoc)+Am+O
zoD$B4nWJAVhTwnnymj^Ig|Y<HA0*O#mNYZRu77=_ab?oyYvur{DK#jQNO3^CHd1Fa
z8YY8UY}+C=-c2tXgL(rF4&B_Aw9L5{Q)*C2(P`vl(!XT{KM|ld3R2C4ot1~`>o}Rf
zyg$5vicW7vN3vYlJp?YZGU%=5S<UMk=AyHePfbT+n&+SNM=#2OrVzjyENR<HJFi3<
zZjy@1cppdT;exrVkEl_OaAm&wtsgv5B_%z<eRvPdmL|>y;@tBuHa+mV_qZjqQ#?+#
z1KZ~ZWe$^a2+oW&!KfOG%NB*lJaYo&%mFbse>;y-*i9Tp_0G?;?++}czmbG1#oxJg
zZ33KEtBsRtC|;mr&}@}2eUu8*NS%BIBlz=b{W?_|L06@WjrYJ37h8ogvxTEt3<dU+
zDrP5<ddXcjhOZqIF>_}zqh1Q6@^13GoRdQ8=?ryB1>BBysy(f5L%1<x&e$A>U-fS<
zS#FRQlg%;9{aPQqdvc0u`smw=omsPN(!VNn7T;t7jQTQ=$n0t6aFbF0m50_CC08*`
zCW(Yi+wRv!a@HYRvlR>RMQ#s5Xiw^KNsHYcY$tb4c0dbg@3BjzSfn%mG36iS<F^<M
zkO~<7@dSE0)et_1YA)@&bMrv1uwj)~wN%)zAEbX^&^F;8U;&`(!g5a|CHiRedi47t
zSTP*P9+A*KD~Tk3j^gC$xl8{x(7q08i`RGxIS?ZiOvT9YcahK>{ImApzvP~9h*Mg6
z^J)}Qv5HQQG|^^wB6V!rrOPF^#J&Nt;r4H(-ODKgz34y&FY@T%*@b4?`z`}%xz*0%
z?=|a*5P6}@0BUZd*=wznr66;F3n*XNGig)yR2wN%GnqrU=ev|F=Y>R{*kEhvg^zzN
zA1%S|RdrF<x<;!VvUYHvD`o4a6f;tOBuN*r8E|Z3lC3fc7aw}~o6AhO8a!>7tK?;-
zJXpqcH`^27RVW<jdI3N_*F`TAD1>TxZs-whG~9u3|LbWY^_ac`w?=~bdx9(V<Ed2B
zmH6FJS-3e>%rEm4$4`nhw`DG7CP@r?u0|JSroshZ4p|roD*cy>*?L|wk(XqkDmZv+
z4U|HVoW`F(CEqZy{RCL_FfoyrA+d&bUga?Aik?HsHR!=L73J^c`KildWZSqU0{iBO
z!6#Nm_a6f2A@FgYkT@KxVKeVu&|mOV-o~exz|zvY?DH&oTkaASFPXVdo^UNys(^M<
zi8`FCE_l`Ty{W=qOjO2~8g2W!R)s|i0%g&?IQFV4bOQGvb&JV<qwl>5{}Qq4AxcSa
z+U`6m{Xtm$r}wThNUl5JEGa<?WYQsjH~<0MXkw{_crF&V@zCfDm1nAc!5v*cJ{a?J
zw7AF|g@6a+?Caj%iRX9BwXB#U=g!N%P^Hi7u8>~gZKx}iq##g=DQ8P4&MAFbY4X+;
zg|`<rY~a1H#9FB=y8Goe%Iv)_jd^HS7_B!~M<lF2NtNMx&5?NjG8bzXEsi78E|4{C
zn9^5rXOee$p2bE*Lq(5Pgx$+?W5lw`LV=+Eub2P=u~)5@-0k8_Qh6rWoyuQvc7!d_
zYq$co?1Zby7^gPjdg-2yTgnKBKom){EdMQoD^pRdl^CyOOO5%GHIfDDGX0d)CyqJa
z)U?dJF*B;zo!n~6Y9sL{d%&8S-zp2j4pHL6>+wRE?5v6Q%=+JNEP4?WUu4${$qGz&
z5+icXeAJlu$f}WTah~Cmq9{CsFIR=4Ngl#+mWW|&hn^_(ehIQ*4W^iusVu&{mDW(d
z<IJflxiC>FB;B!*TlxpB$PE!hUv1>J7=D?73rynweNB+cME&oQhPT4_np64O;+60g
zqeZ@c!%l<F54E$l?dmVzf`kK$I5%$;9?UCGt%k<3_v?@7y>BOuN^&OUvI_(-gnaB$
zoonyaD%orse%BTz+3i8q(C<`tx4qYz+jO{n4{=5ME3`96Jx(<w8z0kRFC#eMe+%J)
zk+<Uhrycv!QR;~k@Nd|dZP3*lbbsYP;8A^gZk8aqu3EIx#ALELZmbYA{&DZn(0d_x
z-NP*tbSk<K)&G~PlptU=%QE)TBJ8;wKo5_|$xX=hDPSh_z<oybPq#pJzJf$F3{03n
znp@W7-Nc8EEBTjk^~ELtZUe>t%x1_6y)QBUJ1dJ(%VUV%<Y(a$)wcmcjeEORprluX
z>Oayn3lkURpwpRcXTWjf_%h0CdP<WP!p0-|RM*LirnjncTfftipaEw`H{sytQ*(8j
z%iHV#V0!*HQyYO_<OL*`TmFBi8vaxK`)`c{L(+d|J^o)CML_S;NAdDm{_SD@*U$g|
z{y6Br^#8g#{zq%@^M;<tnUn|~|C(=(=6zqitUltNqgI0v{>=!rvbY{FLQ&ZFG-Vvp
zLtSmw)A=OE0=PE#Xvbrm*vs+wF|q4S_%Yp%XJEpKOrFrrXHW+TUOO(EpjowG=_tU+
zp6(J1?F{q_bw1mXR!<P)2EC!?>watK7x(WDni>vi36@*dgv$vxlB`yOIAeM`He|$z
zHOge>YPMD1&nUmRhe9qlUWs0{I_B`D&c=GT{($}VWpS>E-{8q}&oo5snH4@r3g(mV
z?M~`jZtS=b)SVVtdEASAFI5=GB?rt9cbC>B+rQUNvYFDr?89@nxlPa0<P+Q<@I0~B
znWI{0=OKj}vNSO^V8!+<+G<FX2WV=3j4mkDTCkW$O?@EK-akq3Ufe|@Zset;BS&Tj
zN<3!1o=S6jPb$(j>OW6r94B~u+5{51T@NMri`UJ8il)>3Q{j__)idi>IUwC7h95L*
z1XH1)oOcYI>QV>`IYvZf9H4IS#Vbay?W5V<gyU}meBB9_8ba#q{FNi(=w2mw6tS{7
zppa{G+$i*;d;W=|GrLD|Sl+-i9u1YY+Wh@G-H%s{vv)%+i&|G6b}?dm8mT$Fb=GVx
z9N+boE9!1{;}&(^%_{LM2EfTx)Ks%Isg*95)jK%q<ntv+3$$j^aqBD(8}zy2?hvbc
zeW<m0KyabL{K_PhT*6`0+b+!qdYwp$ye3!Rxap_Ia~(3}5aEf+^=IpA5^HrkGr@O8
z>!jg~tY1S7W2qx+EPYlxnp)CN<_>JKRz`wdXkX{>ue%dk`YQLLfh3lZNVBLR^sW}7
z`;_-rZ7n15IN#c`R8M}L_EUDcT^Z?(dV;R1&kn3);}bt>mW)nE7L|+V+R{hECxc>-
zHF9c?sQAe*JJ6~>_dCqgJSgSK)D6GuW_fC-2<Dg0Yhp_QdE#g#u|naRHwNWt*v=<@
zs|VDGI%)_9aTcJKF_6G@$ZV4LP$TDy3xcJm+33&dl&*pc<}r2j(9Nmvcz2p=4`pMw
zTyq2oQ>u`t4+~}r|1Ee7bI>2crG}3Fx*n<9dQ~RT;`}2AD#IM<84oG%QfC&Whw+XS
zNahVad=8(O$Y(-r%f>!uu^p8FjhYAbQpF8Vr9Ts+yHA0y6bf2yLF5jhCTNyCA^PsX
zEUWKdb6wW#klUE-Vs^40EaidP@6^{$r&g=Btyt+cXc%3!z-VVc7imBX7ve9el$BL=
z5Q&)m6Mp}g&Us9GjIE;d0ymDu;w5w^b&JODMj^~cL-z=Yk*upn5!Ih~7W9@YXLTLb
z-^vpi0KaFJ6sk$ZeUs5kjdjHdT_=wm<mY?3L|`2@=VIR~58uVHciy?3D6cD5O4^PT
zu6e6$d7d<KG*Wy;c*bQywYh13q~N0WJ<gc_-M&j~l+G*)6-RSzHjTYID3koVnN?12
z3myg&PtX1QPb%n;I77jv8*UCzn!sM6&a;rI&vh%uiCl-&(uhN<*&h_;F2SDFH7|)p
zL))oqO;oZrqoRNrFPG7U_ZTLqo!cRHrA<8{@l`}rP?;RJgWw#06sv=nns7<uP_Z4S
z;Vg?=SLQ-{Rbe`}lZCQx5lza=#=R;;?R!ss-Q%yLW04GlJQJo-{XsyygPb@`P55um
zfjrAQ94N)JkM#1^ny*{A4YMtTv@=}B?RZlY`5Y|3;<0a>x;&ne(H+DiL*D1ixg{Nb
z#*vilXp7&YW2k1{(kFvLpS2tv_oe&xD5^Vm++d4`_s{OzJ5qxjPUT8QL|n%K=Nl1I
z7^ZQwj_Z!2Tf<ozsV?BJ(HXHf+sQV~i1y)LHLCaL7Tw+<eZ4W?R2Q52X$-Y}K@~=s
zVFs0Uf9)nY&n3OJA4MvU>Dzi=E~NNgk;M!TRe9n-gQhi@m9>O;{!^B|M@q`I)A(Aw
zUZM;VX8cvnx`VRrlSZk}>qc3I&Ih4}S;%*R%w{Wv-}nHE>`24t$&l@8ZFAS(#QFpl
zIzOt^QU{hS9b1_MX$qvu3|Fr&o#f$RL|i)p9v-NYv~!}Z+ANja76&qRe#GqVFs0`<
zKiD_;)_X^oWQucq+xK|0F}F`}qGF|Neix&dn$E+R`v57-jYK>XT6S4O>YpX*?*){h
z7oE$4kJkYhw*^|ZZDtxzXw0wzNAdRl=Dt;~jiT+339jDG`w<qJm5;g$A9W|WjzoTl
zLU!+J6}piW=2`uGX7}5vKMFd$STPZz>%&+yZ)D=O1|9}Hr%op#5k%0S&ZaYYR&8Y3
z;#2vHZ8hIN#*>Bi^JliCzHScjU#{aadSi7SRkZa0%kGPuI$<IEjFBs&q256>^CXx3
zdV_?1>^@{DLAFLOfspCYGkpnNl-cY4e@J`lfT+5zZ5$O*R6syQML+>b0cmLzq&p=?
z=|;LaDk>!)-QBHpqte|B4bm`l4KT#F2fXj+xu5s_;{E;3KaRtknX_x{wXSuoYxfE`
zD`l-(In3U8Lgk?>(-K@)_LZ9`n=|a5-iILvKWCa;yPWVEif=Lwl{`gsw=Q$ma&y))
z3Y-oKPK^)4h?wNmZ#<%fKdZyqloqt=*XneJ>dMo{_dnXY8%$A@3epWL)m77)h~XCQ
zuIr3%$F@-^w@BNx>8Wo-A3J%ZEx8)LZRh*#lPx-7H+S3UCI6geDJlK<l#DQ+>rbVs
zK9!|uxn!{}F)a&smYZs&nlr9kgO<d`2L5d&3|fJPYJm%Ka{V0huMBEz_`-AIJysAl
zkOq(d4rW|Cgkis9M1Y#&DJJ=1dMVSj47{Ye@^^=Qw~waZlh4&0G`BCzX_Y0r9d##i
z&!8slPI2tdC!jZe@>odR?;lxRE(TBfV&*cZ!Zmu6bonSuU-$4z@^p1mH6!vyi}KnN
zIhV&qQ9m)8YD$cqAKHC@xAxD*K)88K``OlYm_JOVO|8<kGqcPFgDR`ul@kdfFYalt
zB&qDGHGT5P;z+n_;<lD%gw1}^_RJno=?{-EY?v$Lk-Q59zp);z)@VAHWLiZg)zOqM
z2SQp}!(<Id%(O24%O^k0BxPd>`F2H16593C;t`+v`Ic?I`qlDtN^dDHKzHoN9nFI|
zMr0DGclLdmlTQieXtpFP-wrblq0Jh`EWQy*^x!kAZJmMWB76(UMqCEX2Y1VztqeMU
z-@yO5;>rS!x0ejdDark&*j1ywLHp!e4I`Y(Qzy)r_{Z(hp*~b<i9UoAXC`mr)HgJh
z9?z(MP@s41a#ypU^Hs$vDCQ?<q&SXRlbfg_NB-dQEXT0m+hMlUtT(V1cTa9tj0?ES
z4MEuY-~AdYm65Is*7prZEnX$~DXV_oi)B*fyY>p5+e+)jj*;XDu-$*P5ES<5hg$kJ
z^Y<4`PvB*7UrjZ9_^2x?VAkfkdHVC*@a;jq(S-yrbFVU)l#?IO9GqIRl|144;S*}d
z9@xm6lPgP~`(;_je6?k@tIm1=MN(?FlB=xl6l=U`()Q)@)>hCtk$Sb{UGdDCLgzwv
zU^r~)@)yG|@b)C~E~?vg=G+41z<`&vJXv>{*#0(3?obt{;GA60zIz+CaOA8TIb6={
z;kDqFe;N7~uKkEY%SVG;+vin?s-3E}Q`)XgXw(NL_~?;jBwKSNgK_mSMYPH6^yTmE
zu$C*xSVbQm&TGLaP2BlP`x2lqjC3cF`>{af3`JnLOz}DpOMO25ivQ@_Y1QCq=5ZyR
z+7-h}HdQ<<e>FgO2{+Za_Kdps);Cx|jL>i?GaLd5R)o`X+^$V`gRZHcJ)^n9%fTy)
zH9;Ti>>Yj@tm}skGsZ*{nWouX_)_jvzEU*5!0Nx99dmuo2P~D6c^%i>cFB9~U9nOu
z?np!F%_&b#cE7e+-D`fnqfUI0bu3{^C31L!mjq#Ir53TPtsR<aNB<sHLH;D?Na%kX
zSAD$DGJCn!aiEA4SK;C!SykComhsOr61f<3R=wgLkbufNE5z!yJBv&1J}|4}47N`8
zwD!9MK7Dk|H9>Lp7D)ZPy8zT{K~X*&&>+!)%$btUnPR}1{wf$|LD*jvUH=|a{U5>*
zI`Ig&w?mJHWp!qgy80M&;f8BnfPi)|^=UE65=OI=TQkox7hdgxH0g@tyU(oi@t^X(
z;CU78f%YvlL47WM3zBGyw*ZjZoBMFTy6r@ou#KAb4t=o@#tl6U_fr?X!3qUf^%lZj
zZ2g?kdEVkbIkPH_B{``dUof6Mb&R+(b*8|3W}LwD^8>x2vuXU_w*|sjw1G~x<BP3k
zMA+Hb%Je6yoGOm@Mt4^VyGCdMDt+${rP2ewLXciG66cmUkoiJ9>l%<<oZbnSGEv~=
z&CA!%^<9bs^+i0&`HnzX%@%0*RXpDSfRH*UP(+hMJ9)RI%!dmaaD1YT!IxtH^`){<
zRm*kv00sw%_NBPl8-+9EXdt@&`n5{^l8QUgxL3Z?7tsWECtd4X1?+k?b_VRngZ*@2
z9C`E=ggI+V6}JpGryK4IxK}ZjO<i=`3XU%ln!~N!>6K)6+R{T;MB39}V2t<Sc}!(1
z3!Fu66G;(H*~NN=tK<1|BSb3@HM(;=#(eY@Y*Llr^C1f9qX!NzON_o_Q-zzT*`3uE
zaW`cpH)$9(6({D7`L(ROpz;|1cM7=}&M)%8<_iyix62jTZ3mf1$CSS^7DD6F7PBrs
z_Xl%T>uy<Y{FuJHQ8$Xfi-#7&-rsVidNnZ_YtzZ)e7KZu4g<mstCr(SAdUF$_{F~y
zS-mU~D-y+=_9oJAU2{~5TU2^}s!ab3gO@zEM;FdprE6v=O3)4Da14ZUA6r=9*A|x?
zaE?B6c#}6ceBvwt@|eHV8NN5fvRe$^(~b+w&3pa{0-`Zr_3xL51)kN@{|Cnv08gr*
zIq6cscU7*vfmy|gSW@maGVe9D_xgUAdHX(}$;VY<$FUzLA7MuQV=O%Nr2y{GrXR1+
zHidJ|4MyDQER)wVS;YMq5r0!Ao}bV1;TYzR4qLQ7GYPsN@djjXm02@<-97rXqgyZu
zDO!w(-K3e|A?F`WHuFc?K&?j_*Bo}9`W#y)?O7*a$dWI=&l7u6G)4|2wo0tx{;HWb
z_nXMXLT<9;rOoNCK23i%+N;T>kqZ*3-mkRRDh{{ck2AjM-|769OfK}7PA*0_Uv)gL
zerq{*Eydjp0CTfR_vz5@D6tS!smtcl^c59~R*Yv3HkG*S>U0z_WY!rgNJ-k{e=0V9
zf1E`UMeu;k%+2C+df07~&8lIwc!Ay`Ipjk8S3XC+tu1}^$~7MDQJ^evlB!~yXK=tU
zn(q42ruD-pDHK#v<Hc>S3)8z@EK`U_1!B)LfO=!LRZ4C$o?}RYSE=@`Bm__(3egII
zd+oQcA}>wh@$Gz-;aO$lLD#3=UD4@{`sj`1)(`B{Lg3)~I%JI7i?BZ5vS#lrd_Vmv
zG^_Z@S2a+P)IZz5mZ#E@ulQOGXqHCgMVJs>hQeUXLhLerJmksU2g@V38=mxG!r^+R
zZ{wBPuQN&icmN1t%YZ~f!A5s?N9*`{Lwam-Te=EuP0MF-&e|-;VYYJSjT<EDj^Vb!
zqdpZ9^!bvPlcW)dk$p`*qeiYds@z@)p3bWQmOc#K4IB}s>KXYv^m92d{obtf>O(UQ
zNP1vgWhq-3itX21;C#N8R9IA1B2KJJO;c=4!A^(3`Dwu5WTI41^Lur*v!<D`ja#&{
zx7V%|xPndXYHK%24~$jdvhZI+<`YG2>Ba*%KVLf}xJw#dF1c4ttNM_4=wi$nG2`YV
zl{BjoR-R~%dg&_)%W3!4NoJJpY*s-=>RzZ!ISFtgL-~$~mWzF4+9!uc?>B&?_YfmE
zbtE0I7b)!aiVF08jHd8;``xGYyZd;Ujh1RLhLi@Et}iCqOmLuxPE~UvNyT*YVrnCo
zh_-tw>qI!0y996ppa!O@AKwd4dNx&q5%418UaI`+L(}M(2|eKn7z}PU0p02n+h);G
zGJ#TvGuwzS{+uaVWv{4UvTiBue3%c;1+P^@HQTUBXX~BXPhIWDbEBiXNqXZQ3>?<J
z_7rWp-Z1+ySPohXq}o%0w#kYs2%0YBc^my6=hgt3GsPvjf3@r%q5-Tj8*`B$|7EL8
zhWRrUl+PAkSnn9QmEWsGD1?J42OI5A+#Y}5;L}pySLl1+@={gHZuEmWX6fo9%m$GC
zz}`9BjtsZe&XlGi@rtKP5u*@oDC)t2yBWBQ3t$RwSo@-uM5MTbUd)XW4c{)6i6(7`
zwXe8iKlF2G;T+!fI~x~B?rVezu~eKn>X$gIN?h6kLQCIeTDW)8IN@E*r_LK3Y>%PX
zOgjYJ8JFa|h9`yJh;(Iun1GwT)84S*>dkVd2DUmkS^k5RXlmZ0i_&1sl4L(jwY=M2
zhM6d@Xhtj4r(9m@PJ>Hz4`Vg@hUJIa_d5!_TFF0UH@8NxK`((g^^z)>$)PaOI?P|v
zSzkv}5Ffa{`M%bOacL*J*ji;q{{|p!4cTd_3c+PdV%I_~VS4gA+~&?9vpa3JPDCE-
zi%#wjk30pA9$h#S*^#^L8?tDo<dPb{RflF`MPmVxKVOq5AfZP!=gh44X`a1Rk}T+s
za#y|%B%gkN^msSKq<s4*%LmN#Sc%mN!z}J@0$v-fhJoUz)!*CyYhr~L-X6v78?Jj1
z!&!I|^QZX_rvWYZJoA9)a8w@8Z6@N>jEJ`uR7T^8pL`WN3RU4(G?+&>-^UEB?F+se
z%@ME|v_!D!n@C;H*MJgUfvGqPgr03iHE6cUr5NN2qO#X}Ug)<$aTeP_JlD;z<1Asf
z7?IqpaF3IwGu&SIOmvGzBuB+GXo)|jfNH-$a{E_PhE)&Khc5$pn`s)eHKD9er5z97
zLQ=)13J5DhJRA*0jc5+p!-_9vb~tUy;Tcw1Y6kXH(6Kns4MOE(J9owMsFsdd`vQH`
z6<pTm*4u!(!<QHU$iqLJbVZ-SOX_Ch*PdSLT2dfgqQ${8mN^>HqYFq+ODolh>wOLT
zY}{1I<X^<(Xv>8NxQx)-`ba+{0g`E}RaCo8S;ly@&s^Ssd_?p-oqMd7zf+GvNw~<!
zyK)FNNz9fz6*hIS_fmxm&h@fzzEu*Mu9fTW$c|I*s*n6h1bP`<a?k#v?4cQZ(i@{U
zk}p5QNT3d-Y>&69Tnsyy?AzV0(MMt2z;Zh%*FJN08HT6pX<d+O195yVY&!K<SBJg}
z={A1(jur-8ft?XQp#O&Xk=k{}g+u=;MmPK~eE&cEw`@R@ti$DzvaH@s1AK$-hM8FI
z<qX+j{<GUa1^@w6M@x@Rkj^=FsS|EUEgsAtf*eQtGj>}o>C3Z<GT#B2gQ*b$XI(5-
z0JaFaA`rtv%R&3g@ZZu$f5{{O8W#A=hpE~B`vDmLap1)H!+;{HKMo)G|3A*lcnO`S
zh{5~+JkR1Ww&yC=JO1LcV!7yYse}JVwTabWmlVLv83DGtJH9=VwaGp;#1-*)bYPoc
zlBdOfHxC^-fG!;}JnL6mNDHtP0C6Chv;gQy)&#GjoFKdp!T*y}Hr^pNE}evnkZ#r%
zhM`NK&f9z_mTeF&rJy*rXYh1JlC5%J@8Y5&6-LdzZ_{#On}5KQ=o&SX^al_qDme4c
zoxQOQI_yu#RQo8mEhVaqgCxeRXn|Ca5&{0fR+?R7`D3>@ki#u(w_2+>(w8x@HZdyh
z#Lb~srg}_aKT%Ni`==lf9`4`Q^vSMlTIrjrxQKcTxJL4I+snTyR(K~iyjF46x~AMa
zZ%#l<Z4v@kVhA$y@~j|I%i&Dj2<bB1M5h7^$vC&KrpJM8?Kz@v%biL&CHV^Dw)38h
zenoCiHNS%SuQG@MMN9&9r8h2xEC}WWo%!9%g6@X#Z{O-MU)bmv73kl;oG%=9dh$9z
z>(`HSX(f#ACUy2&8Iu*w6ulVwzm6EdyIdG!%*jRr1&WoW{;3f%+;e6hUHjH<Wo7rp
zT%55`Uo%$XSYPFd1g?XmVREZ-^5>BV9#~(BL}r7(>Am!d-q#zsW5a1bs=V2)4cn5-
zDu}7}RkQR5Vl(aR{FOa5@C`MA`Y~$PD3FfzVqA|8Of~NK&4=V&-GQa9(lnKF2hrE3
zP^5l`RK9~>Eve!Q{9dz}s&|{#e&$a~g|@^6KARq0im=nLUiXMWbd^Ka@seuDm;UG?
zD;sm6&MprMYq#6#vr_352bne(1Z%h3=tY*JTH>2&K!<#FFW9SHRq_xOzyaCH<BywB
ziy@Jv9L8zemd7TB8}kjBYZuaHs0E<DY&<?4puP(tIfzpRRJ&-qHn3zm$IUC3X7lG>
zHvV+y@&{L-UmRNMkaAh{wnH2-kTd+=xOe5Hzi(y<2jHaNlV^2SUw|8H`r-^W0Y%FD
z>|OE2AfMkBU0lTzSd)aXnD!4f0rjGnjr?Baj!Bzn<;_QZR{GK3-;=ou`MAn&<mJ#W
zoOoqtYMZnW?{|`OsQmn91(YXOTSH7WbL{;HykBM&9BT#ZYHY<24#OvRkAvM@Y#3OZ
zxM1~8v3pL<#Wk-Yx3RnGxE7M2@2^ibrb|TtFEZ1Z;sgsT;kuOX+LFMroA7WF%-t>}
zFZKvqi+^+D3yYi`>(v?v#0$<pmz6RHgF5VOiE{I5Rp{FQd&dq@Y<q}rZ-g|{R#@#{
z71^~raz(X~tktfc{>HOFdh*zFkB^SMLHFC!vdAJVs@HcwW?wLS{RU8c-pGm|o*gW>
z-TC#&G;u#i-jkcQzS+j}EXqu|%8?{NpcF#_=y?vbdu3=rV?{D}m{(W_Nfgy4#9)kC
znJ(F3oLAI=?DX<b8V;Aolopyi{pMo!Ok)<sSCQ0+sZ^wBVAhX<)cMwocbU}iGK;oi
z1}y+Fl|$sErC$1JvD=?4gc=tTc}Ba_Dx8fo&7ZHG{GvcG-MQFT(*JC9&C(_jPK43m
zcsPI@7lih`C{9WnNo)i~n7Qh%B*htHYuiN+=4q^lU0IO0ZfGlTGmZ_dt<r|pR=E=K
zzdPIoy+{3Ur<q8!A6;Vk$)=p$D*RhVSw=N1tSxOWqh;i#(Y*=o(Uj#^_ap5o;m<hz
zJaEPs;_+i4XsE~;2TNy$WR;FAy5`%^kae-ceyBOn52t$=aZN62Femf3d%`zKJG}ME
zr+ptP%J~`6ZS+~1!~=Jm3-e-7b(kvAh@!-wX)POD1(@ncgF%Y2Qy{r%YMk)mw(rrL
z9+s4iUmGJt5>#hnCV65*?i+(@YPM&b8=7!!Yqy3vi7Ie@cL|-C8>#M%%c03tcV@qj
zU=0-MqZ(ek9sx&uw3KUN@cqR6m9KFiqW6fpjD2gx_<k;~xpT*kld-e`qncS?^ghG)
zI)>&xPk7#2Zk{`fI)<9Z$K?tMj%~<rR#wT`@uG{hj_-{Ft6vna*>*W2;>(BBbX%95
zp;u7ZgtmCT&>IB*dOFgmbydJt1BzCeGIU+9%yQg!KhLb~ae|{SDxTw5T$hn`&Yp~@
zYMfe<XXGs1lIpw9);-;a={OJ+msJ;T8iU_#$E)ikKI?n2E;m6}f2RMAiGsO;;upzz
zJM0CkJ;ZYLVi(yO7Fne_($$zsr&t}DnYS(Z*?0KeB!@PfXy!=)sncMn0~B&a9ft=I
zC*NlfU@FW9iW>i4YKi`%l&GofIdQM``~pGW(2Ks3OM*l@;xZd&C(?{69Pva=V^yS^
zCPG!V)M>kpilNvt(SrM8S~dMUJgnf9G?0YS*JEibSD`;vSu9oILPV0@dqU=Pz{2+o
zew2|dA>COd$rPW{Ry&`Qq8l0~)0n3U_&dFe#tYAiH&T{Y2LPGr=WDk&2oCLkJ1_^m
zT)&-WbtiRx&%!GTii5!+pflU6M?auYDzK}-M~D%hnVLv+rEx%M(roJm<pL{1oOG0z
zxU}r--Eh(s)-%eHxsdbCv5s6m3f7H?umIjXe|v!+nqSuX$1$%bZ?jWhh8dKlNfAf&
zZRe-YW{JK>w3Z0G;Hq}JeA&}4hQWPiq&v(lx*!0N<T~0LY6B%zqNr)VRlj_~Iup}X
ziX$KI8G~SDSVgdN>~D?6IR7rYASigAPD${~>g|7h7?fobx}x<bWhq@4^m860UrdTr
z7BinbpA|c?HW+>^d*Cx4!WG^jeR=*(q;+1Ws;A0<{02Hxnmz%m9Lo;{Sy|PfU72iM
zd<enu-=tsO9jko%^c_1d6vzPLjZ~zv?&|Pw|7yg+!Dk4SCY_q%#V+m_17MipNNo#q
zr<#9Zdz#>D&IzUU{x@b1e^_MQ4x}D)Ytf6HM{SpMIvkqa4^Og9UNe}$3MS%;_*I8L
zLKTnHX>(G$7zmXw%m1jbUd7|gm3|$=D(hzBm!yy{%ChisYc4Z4iX`J5sLQ!9tU2Q>
zmS?`S%+)h@9IOkBf1iMX$_N+i2Zyjb>6V4i(+u+u(}}iBE%#!-cRG#CG~r-ebf&sm
zGd-fG{&nPbT5+-QW-JR@)Mvnk!;(d{6PF?8cRFQc9`uQ%R|Fg{e<96iaE!%Vb61k{
zajQw+4c@ysU5OEP(0`^|s;1P>3uM4qE(2ysQx+4yl_d4^F+Gg6Zh``tRv`U&vea3m
zGEcQDq+~h~VG_=fH69P2rIw9mifQ7y#k)qEmg-=bK$_NWOKLoR71Gg^eou6JFkrRl
z!YX5Hd7dV)XhYKeMm%}8ky+a%*Kk*ATkYAg((z(0t!+xoF}3jJiO!CMxh@EE9PG*Z
z+t4ERKtie0hJTV{cAxi_+ZVSvlLwW&YVoamjoQyFFup1TJ%yH6S%UBARorQ`=o@L~
zRE??{hSTvQA2IA|K(F#^<O%bAO*^;rB{(W3s$Q`g=Jc}hw9n4x`E?C=plP8z7VmXR
z^Hl4+1WU=of<3~Cc*95&Wb=>`=22F;dSM9vc9r$p+_l#cST_NdY*#{G`noOT|B5`H
z0nf#d>{{R*M$HT^oB5#{or6q*LE+jWf*(KbSoWsKtw9)W6r)I+mQw8kt+;xmOs^&E
z^vB-qwIW?yFHIE~4WOx~%36O&w^H=9HTsQ{8Lm)4tJIpdw4!sdl_R$0SHt@UblF7o
zZ7AB@vR;<3FTA3CF%>x#zh!ctMAHjYdRxvwA6yi;eypqio~Lz4U+O(4?}O75O+%Ki
zxf_$dd!MXaD2YhPF?Ph*xsq(L*1r>fQnRQtPwaKbe|4?qXp19u^1C1ridN}JWzyc~
z*Lh}!M67{jlTjZhC7|j^g6S=vZj}L5@_>w1jY_H?35hXN{f=K=(3(UVPbQ?GSm57~
zd&cem%BWH)g01d-(L)Y+xkpu77>C)wr(L$b=T#AjtAEo=qKhCD_p)FB1)4j2mQ29X
zMoYwX6JL||><vDoBWbN%2M7B3l;Wv>KvHvbh!2F$?qQ*=9-3xkREzT=I^43tSO(-{
zL~8m8!MkVqho{|vxR-zM15JGJF|;z>YPK!FtrJckkw~C59sW(xZG;HT3wu|C7OMSo
zkpr3LKQC{nk4t!N4Qf~}e-FEZgkfBo+?WY~&$d9TC!<85JODf@I&T03_(2N9B7P3D
z7IGM_HP$(xY|u%yzY4?~+SZ}`CUw>2Y*qJh+$F8Eu&sjetat~Ywf3kd)MeNa_!w8P
z@cJ%R@erNs<6$J!K0=@0dv^WL7+MghcKD-C0Pen9bolgY&7Y(4+{@*&S0ko#f%j~}
zFl^@X{<!}?+0fu9LG%SQ&E<hgPj0&DK#^yW{kU`f6S7okt$+`g-lD4j`qE{)h_7;9
zc*{DTTRLIld4AK;>FT)KTj&AOY3jhRM5of)JGI_^MTs&pL`M)~j;|Z{tMIU9k6N`O
z-c5S^5W9=d>|S0T@`d3RVb=d{P{x019a>$4BX*G^EEeO==`+GW1g80?i)-X9{%XXz
z+88}A2Clt-#_!GXhBb-C=VL(WOMF3?0AFp~lJQRaP8GX>a}C*mY@a36mG9z=^}5Sr
zk{5@~Q!HqzNpwB1|7X+O;`?y}Z*%0h_3L<<eNj8qe86NlkMmJKMek{k%Ph89Xr{Ky
zun|YFyKDb=r^RuAn0-Ro(so&68l2}%Tn*ni297QeN!jusJ4$#>J|_K6;ADRWop>w!
zGh{}%_>?~b+90I=YPi5Q)ej*a#$=?AR9SM9>=+Zuev&~{mY2psEc!;ra9fZJm6i<2
zQt<Eo=T7ZrJUuM54s&`Xs`|^(<gngdyp?e3wPUZNMx=!}649=z5O;Zq>l4B63H&L_
zKZSPPUrgdL1$MJi+Vz|iw$yt@CY$C0#RC(W#vulaEH~KJ^YWP?2R`rBl9fZZ(v;vu
zhjhZlrGuxa3(Jaf<YUnoryc_PmkjTnk6gDI__j$mkD`c{-qqk)Z`l@8^}Q6MmY_T3
z?xU}52u6)aCxrLGsheUK(K;>Q`u0)|S3g{H(q5`Y)jk(r`lG3L@RgTqyMwq8^16iM
zmB)?m_pJ$k16chg_Mdh2<IZye*U|_3g|;|rF@a<0q=6KjRa7mib1m!XtV8Mku0nBd
z(~f#atM@2aqjlqtMvt>uc0a9jJl!>jkzJ{6(7wb*B>k~=Z^ZPh6TaE3bh#X_l{!^}
zVipXZhaV`*%qNexrlGOt;!7PgtG;CEZqH|RWj=GqQbPJ$GKL34v-ah6*a}Vh{o^Oe
z4z0nZ0*p(j*K5I*cs^3bk+*Cf7c&`Kd^Rp|un01?h&rnQ%BY!1URx+OLv)?)j#pSM
zi^aR;Af478DMy+hfr-eXe>2=}+fw7a-?nui1R2j`)IWzp1mM&%F;5jgE#=denwy)q
z%+IH-j1)@_!r`ga)#GNDfz8mYf{TuDaB##RQi_X<oAUzMu-9$~ayysK<_c$0{B)sC
zoqJCf@m!imHh9oMx}>?@8<oAa`uprhODY{VlOpM~*eK2mhdPp9W8YfmbocdpAn;i9
z5aOfgU?n*WTln%z2001MI(Bkc7;(R;HjyO>eq&fECEvl@q^u1s_55Dj`?O{Wp2ozF
z^32pcB#){ZL~-)bFvab^ui6)^U^94Ipjle2m^Pchn>HHfsQEb$PyOUl<WN5L;+QpM
zzLdMrtRz*Q^sKjK+WMnn)Q=oq`))}4Axi(3KcBN;(>Ef4yr4rK_xLe(S{Al&{u&~(
zvhgJV&aB)BnnKT_cU!pz>m9Qsk4P5xOZ7~Or9ZE6ycF6y&J325slM}6YGiy*(jqf-
z+<NLANvV1Hc*ppaIT0?Z$?X+XqX+B`b*;JO?)TBv*qj<F0qa4`t5%wiccFz>q3|)B
zy>W9LfIrD(&|sqv7i}9Z%#Y^6@M8?+rd@|lue77*@y!<+_QEA4FYIb%tHTOTYv~lL
zEqae+BGqp@Jq~8*l&~Bnhl_sYWt=N}G3-#w%6;VRA`M+WWdXOE<R%g8#+_^i%$=$`
zCM6}!Vk|e=0n6aJ57nI}yY9nIO$$>>%9yFZwsrsp+s;8(YQ5vBgHzfZ|AC*2A`2U*
zhO6GrChsT~gTo#&Wo+$9-~9=s*z(j&TEBPoh{H^)IcGt8DU;~EV<#>*vS4DqO|XC2
zhR!C?OMptg$6{!ZE2PWCt^cX`hTGD|0!5cm5*GI(e2A-nK10(B8dbEOZ4Q|I@m^~<
zYRaItya}JfIG4S0JjEe#hOW9+QFJYM9a=fDot)RaDh`$?oq{+)Ow<%;8^$}YmEhU2
z=jEG2d}%9Q<2AHf-+zpKt6ufKGUwl3;?UY}S^*aFGZQ9cKRKRMJ<&JRkMvnw#gmj%
zufbyobXUpf1dL8YJ=H-$d-(Jr+5p(!1haMJuE<|cU8Hz6dy{^N{k`j6{QCE<TYm@r
zL}!<vS>XTdZRo%M_~R$hky!7<VxL+4lDeH%n>JQbT>LmXI=a9V&Zq{1h41az7XrqF
zpv|T>neph*(A&J=!NEcDa*?R0C>BM~^^rI@IFXqn6=#c&1Uw(lXY{f;8(p4I%z$Mf
z0Iz4r%0t?CN<o<E56+6AKocI8(A~#&KN(YFz5GySV!H+zojIcO_no`E1iX<_QJK>s
zqN1@)Wexp>BCh;aE;t|hm$^9V%Cn2DJ0CIEXE^(33MYTTg!`ryR39`V*zPlYW}suL
z+1JS^DJs%qU}RKhs@nLl3q+OFpf29+FZxhfp^A!%lq`6F4ntGZwvn;1qCCxV9jzMI
z;R@TOpyHYu(qZ=A+1ZpxIx{n~cBwg;Y*)ne9mTHun+I&u%;8xoUEfuXIfDQ7`$LHL
zCS`AbzZmwj2CfvCB~g-;1f5>2Za1Rv2udTOB&5YulO(Ai1%n!4JEZFiqk3IN<=i;k
z+(Vq)Ur19vnuP}hLSM2LBA!v4i&+T@Nwx@|`cUS+yl27e`>x{l9LnxF79qAcCDtk}
zM#q<PtAyeABs8cbxv$sU;C+QkAu^k)%B^LsKWinjv_5K*A{&Qy`GMfv*>V8Ova<ks
zvOqs{c$bZg@(%NLk4|d{VZAI^maJ5rE9iZd;Suwq^k(G#AnB6vZd3T6!{Wlsj>hwQ
z*VAu^Z0f4tErKuEFvxLG95FAXqguF98QsQN=&Kf3W^IrU9OlbI5~~(o9kJ8p!}L2}
zCN9iWEqLr%>Rg)4Z*YWp^y(P8teCq%Dk%(;8QbOps@hA(Sh<Y<*=n!)p`nOKiS4c{
z#`_U##?-&R8dEo=Dq>MaW?t%{ouTGKEb!>1us>W%^KKZ#SBqK-9P7oc*^eP0e1zg?
z<+}3NDy}YP$0=Y*FTNe?fg-Y~+M+@uMgP^E>meN(I}w$T%N0EX3lz3mM0DVLZIbMm
zAn!a<d=lvxF3(32rjGtR+nTLP+3?gOcb-%mCpOuOBmA)Bw%%c5gHqZZcZRegWMOiu
zG<UmRLY083ai+I?By->MRxZ!_o5{;uRC#|onmk;J%7&C!YiObHt)npa{PmCz-6;o0
z@7ljWGGbIs8Q$C-btV_xUQcLGnyQ4*WUTW_KyJ46IRf5`S_ZPnCvE%UuwKRBh6_!z
zU*cpU29=K-ulLO?26=y4q1lm|E~-?;GMFzRL5{V*OR<@1(o<=i`-=KtM;5f%d9SCc
zoK)9YxHd6A*d>R1m9*9Y(!MNGzMy!BAdty~j_qx|zC4&XNl_p?W*LQ3lSmpo_m*%T
zud9kDn%8SQiHsx@t2N;AIo2G`mpwI$|AH5BK)y4!Bz?v7cx0c<<KuAJ@LL(d^JB{8
zY@+&mF$4MOVh2@>l%fP01<3T$b#|N<t4gXA2w5st#53lTy@ylPxaRftdMQksWFcpQ
zh4Jw@xMJrLPj=3N;x%az`@NQv1o_$;T?uJh@c_3tnJE0)Z4!#!`(Iz~krlR{x~m7_
zqcR`ZiQL3%mI{cDSr40dfA3z0xItIT)_&p+mrQQ6f@riJUggV?_HG@Lmo-H}etkVN
zv2LhUh84J(h3x#k4RS$VFQjryKoml<XEqwiSdy(FNJ=L8JcC%C&XD2MJoFS5KHMvf
zJm~%CHf}TPBv3hqe>^IBM1(3YfFrvkCVSqrAkB{Q{an_r#R@@RAbzjY;?1rro0fzI
z0w?Cvcar-?uElbq{~$J|GyT`%R8H{z^rGc5$z?{FprTu}YHG_+Gpy@XaAo9S>&V5R
zTz$Gd*R1rHdwQ*gDTJ9bqMob^nJ&)!uZ!$6xeMJ)rj^22IVEg^hCx*UYi@5#4}Wm3
zY%ZhZLflyJqz>6i0hXyi<cvfBscd+;ap3Qzl}!{fy=7tr5o*qr-0JX-RLF7M+KAVI
ztxS<y@8Oc<a<n|OADJGueyr{XuhvLokX0B(iBc~VZ&9sYKh<QoQPOHQ*+U>voDyn}
zTepoQHV`Q04igD=ueFkiy7y<($@-D2{GdIW5~ohO+xWw?Xu<JLm~OdXX6Tm};=4IV
zU8y5%kBq5Eo;Rs3K2Q>qjPbfBy%HkO;{VFh7}0zWTFq71`)U8|N(AZ4wHr_ETP=1B
zI^8UiDyh@+Y}+=H7Is@p8WdRblxInWXw^SgC;yZts9c0UxK<5oa~t=V?8?+Fj1%Ba
z4c;q^d^B^}J?{=ys_49=J0DnsZw^olCGqN{k`yylY@C05sHnbr4=PMaalw7vUpwCw
zA!dn%;>%l)#jlG8WZ0FO2OhhTQydRhG-Y~w6Nog;x32QgPi|*Mz0jvG36;Q>kg<@p
z#UinB>Rot6m{RVosO!XTv$o1glie0Ojf?BhX13_Hx#P!Xe%+&&do-NEQ>R1nwc656
z_Mh3v2d0mB?(;g{D(meTeq-r=Z_N(biiF$;;Y&j+K~MaOxEEwK5MF%o_cr6#7bI%2
zpHfVZ(Xf)hXWA{uGGU#jGXdD6o)$B6@k~_h?nk5b3?fTaC9X%z&)xPL7^ph`GBx;0
zzQuBGDswQHnM*MtGxuuALksh19a~JRY)j!>{|EfTob<VSKB<wU#<2spAnm0OhkJB$
z2bgWSxz$e>NiLWZq~+G6<WqfcS+NPWZF{}AxSSd@o6;v6C-87T00<Rym{=7|dCq+c
zzJ!d?G7Q=G(#vvx@}Oja7u!YAAQ>v5aHHtJkVzVpTDU4tsCk($eYNdKU)1M1-15y*
z&(xkv!4DK&Os}>>@$vCWIfS3R&8?5{O&@KEfwSx{WWD@MRLvaLj^}lw{YpST)53#8
zxaaVM`Sa~hj-|AAF1OR~#@cH<I@xU~QMK~*&i;6ONz4B5^r*bhfbL`8WS}fwdox}~
zj;oPi&F-#jvz<YSo($A9r^^a4KuY%17$2$@+}1f2i|wZCv00TPkkCavQ&UL}PELJz
zo>oCk4dd$SssTONuIHz#`Fl&gfB&sXotvBc(%O%Wo&B+pkdOgmtsaYUnol3GeP&rh
zO0Z3G!9t3_@60wENqw<}vKY;s{@}gdkDI?a)MECij$Jo7q=%#(JQ0;U3x(B_otwc0
z&teL~yM}q<1Md}DzlKgyR_?75aV<MdT=xj-PAt~G&{X_1g7iINBbRACqIzLcAYXx{
zXMm1^WLrnSGe2=bi!imb{argsqVri3-NduLaN5mYE`CN5ioy%|kb5X!lWV@bWaK(5
ze|4c#TqK{8uS;O@C~LJTwRau9V|xPUduTt35-E)g)<*4qr-t-wWe>Sr%mq|NOX9ON
zouzE5hjpL)wF^sptR~I)>`TNHmD&3;7?Trw0}*`s5VEpy?kNm#7tK3Pej&cmx3y@9
zHHSi_&Ap*+TaBj1#_hj>whiwN7pnQQ7AT)Zz2vxXFGixBDR}>e*yl^XLr+OD<!VI4
zKZq*gLi(#sTSDd1C)B|hs+>ep?>yg*Q_udU7Jqk^mF{k?Nbg7>BACK>ci)=|+kLw>
zaCDZoe0?v!rO-g$->{adbo|7s&o+7|V||It=jg40oCT_VvYFFnzLp~0j&grBK2%h8
zbhC4(X^uW1jV#u^CThHINmL+u>9h}atj+=Ie*-FEE?Uly&`uh-9#SP`V>5QOs#=f*
zr^hUf&Yn=8YR0_(Eu$7p)^@5hAAh{uG{^tF6m?YmyDia6rmGomoO>opiOfwJiw`lT
z@FeQyY2Q7o!Q)P-I6YuJJBNeorcekFa>dAiCJ@QajGixYm35THbR-(MC`3XbLc)*R
zFTVKDrA3I)dL|J`>$`0G!P|^Zhq-qGs|Q5|www^yE+?s{JDz(*oh~D_@det>x-Ex?
zwUef9(*g{U&nAz&X%U2E2SNx0_1IGNU}7yNYNMU!nCI9D9$8j<S~YBV_^KC`*kdH`
zwAnx;RGgan*wo6Z$NBdsqMQXN&ZX0NKGN_BsxG#;pg_kNV01?O8X6jdAP%>iYrT!w
znrj;bI&L|DNed!xDr)Kur8l~|x(0L(>T?>RH<+{HbS0EK`Mn-d#akaf`g~VeMvD1O
z{*^4CMR8rf)TlLawoL6r$3T#uQnm%Mq7PfVx<-BaJkDA}iK5W*1hO%NkdtYt>NMvE
zL=*>!QO3yYqdn4(cXgEbnnJQ-+-?d<@z3oDf!~UW5FwH#I2z7xQLSqD5lgJ^E@rPq
zZ#{k`AO2#J1(7FkOyb1$?X9EJ(Q*7qe$%SkLdC&$)YVc>)Mk|0#riJQnnU);<4Vzv
zKfp{k^njcg`=sA!4=W_nd7OI;H7^iuiQ`IB={{A~Tzuau_NcQ4Pv7!mxj8>&B_#c}
z@)%lbg133L)2-vMuDdLAl%H<PgjzogJ6VB_@wWUdPjI~d1Y>NWMnO|)D`F*)m}OSu
zWXE<>746oFq>l|xDrB4M)=D~U4;#ZF+{r5c9eWhCA0QB+ZPYfNUoKC5QxUC0a&!#E
zQQ+f(g+%g3Eo__J6dgLeIO}jq_D5QK92K#n6;uiabM|v99uWosYF~fWCmf%yN+78H
zK-Y0G`&nEu`5?Ng=ESCmKo#*G&fPos?YY;o?ijQoSorYln`0q14i1B~-lOg3UXMfu
zbfrv^BnfiqgNmL|Tg{ftN@P=3P*K9@ss@|p$kR4;?_li)(2=`f?RhPt%-_1uRjHu%
zC_YDsz%j+&29g<L-%ej?Nsv0-;3yZ!BDTC}2V_*il8O>%iEMYm%+h%yr!LB^HxU(P
z;i4`oM@693I{^5<*`7}#*Y5_NT%`DgUoCQ^)y-$#B7ZORHmX+Mr8R1e!xSSV3p;3v
zvkj&v5hu5YDM$GWtfrgn(ggng{@el2x1VR>qunjPx7$to3m)}+BDaZeF9u*Q*IB0P
zD6z+P{Tlmnqg__AG)!noEo?KG`x-ATiR9AmxM$-_11P|p7)QI6Uz6u{^7IaAx3M|S
zZsiYmXt!&xC2>ipmvfZqq&EBGT9e0lm*&xepnS;xyj}0z69Tq9omW1F<S;t4#@&h4
z3`~8WasyFR)Ew7|YuvXK#<BEDy+woIa*t{A<Yk7sg0g33wT0?>j#fQYT^J!Al+U2<
zS$;>7hWDVGZdzL88YFNl6cmKW*r%(6r}njcu524`QC8y!&LBHt#E2pif14n#Rplsu
zQkvK$?tnaf;szaw8UUI+h8%H}W3POK#l=<uvXuL1r)CcL3(Iv(Ys_!XJstGFTgXI;
z8bdvc=T}@EntOfjtye=&sacn3#Yv(=Q{QWEs=mdo4akZ0!LB1CObdwhk>}25AcLgj
z$lT={Flp1tbiCx}>e;x1rUVJeFQ8{;>{Nb(M$W{yEH;t!aTPDf?fdF&=8pS)<R}!k
zzJcuvg>g?k*YYND(#P}8bF=#eJ41cBg>Kd?UD7v99W=|mTA=a2Z&X%dex5YK$z0D?
z@lpA?&)J@SO)&XtFb33xny^eWLDYK_8e}~^W}hp`&1D!K8w=5@v<IfJqNubqIu||B
ze36G@qm7N9ZDNZ`O766<_xAUP+yFpC`B6{{2;F5YTT{`~+~$k=T`93Hu#0LyeWN0-
zD639%!!UnW-AqpMp`}{c6=XM($=0O&`JRfv9`o5hcC(wNV545N@=dsVX<KLR-ep`2
zt3Dd>x2=g7(jN%ULVY>?@jfmO`xp@b|1RUA$INxx@+1uNPlh52cTNt&Oo$7eY&nF^
z_DE}*e#OTk_=I1;RzMC+XczM*HVLj<)kbuq(Uw&*$vrwlNn6vtOrK38B_#)^r;~Pn
zU1xgL#fOa9ZD;LzwdcuWs;}R$0~mDOt|cWUIUOC+h}Ka0!MV2ZT*+`oH3R|?s6`<y
zBNLVRtFf`MU1_bTwbUQX=rKs=Lr5PUb3F|hTKR@s1bfa2_Zc<I<m{8rA(@1EaJUI;
zk`$T8yvI$UFFqPlU(c-k%NxveSrH<4oCuBvJOvonk3;eFM$IR`s&-VgR@1?18OGNc
zkhmiOWa0U$`8Hr|(3hZx_fzbXBG)xl{)bvN4z1I~`A}Q51<#HT?@rNh%8PvdBjbbY
z=$h3X)cBRO)h6g`*Vt>7Gx{UAJ4!}Rd?S7BAmxZG{-~ttpg*0Gn#m1uX{$TepyJxz
zgxKI&7H!#2U#(L$XP4QC|0=+O_UoTCzt-tKIkivS4Hmh<>;qb@#O(JZigG`D^6M$I
zzgoT3;L%VpK5R`jDw(>-&0rZsDjzp7ukA!vxOS=6Zc=iq*Nu}0!H+DmSjbbIc;<3k
zH~CeA<rr03%;%P0g(P+Gsu)K0*-Lc-flL)+VIFi->wEsfEx?vIun4df?4_ui!>r##
z^?-%-7*+gTJW@)=To0i;9;~S>ub`>?W=WUz5J>gy*Al8I%gzwio{}L{ne80qFIZ6R
zVXjkoUCwExENQ5KJ;4BHvte98X)Tn$QhlmssI|6ey$Uq)Cfh4GCmmHRVu*`f=s#7j
z*O5brdVz<f=7{Z4a<~46XL-7Wu%H&bPF;${xRTin=u4~5@ni;{zO+L$I}k7zcGqpM
z(solIb;*RCto=0GJNzsw@B|jpG<Vub8HQ{niicy`j+kEwE<nzaIS0);Mbw-kWh>S8
ziDy|Si*!3QUqRN*imh`?v<LL!t&;|aRmyAovyxjw0$(p*`E|GpJKYT$!QmYH3d(RW
zjGi1qw-G%(@(X8!HQ+7ZAc8#5{cyN3nt2yM2#Z_?x?pEAxgQ+$^<<czi_J~!&;X@R
zt{+C6h}wMk`R-q{5V!=NiS^ed^P5j~4K8sdH&}+iI181PLu-(&CDt=ceiGs74_e8f
z(I@AbO7=wTsLztUMK{`@>FIApL#H@QjID2d)o?MqgoVX7M(6UXMdt+gHT6PlzY9CD
z8|#cog_&C_+=*478QvRjZ$97Q<*qx=l$1?W;b6$Q;fD%|hm+w~8|%*-1UL2}(=2J6
z5MN!b@-=37R>2Bkfb9Af=2%1LLoHVW1)PkPPK2niPqSR1;|+P%T#K*7HbFZlyBA7!
z&k`xkqJ&}G&TwhX!v&9<im?$-kC@*a4rSg=-5%N6Y{K0AO{DxE>rhL2gP8yEq}z<z
z!E{@EdkCJ@2qE7*RhY9)n`K+PD^F#O>6(n%PXAS=$=t2(Z7S^bonzxbp$RBzDvq+c
zvZi!0r>$vi+t0Gila+a7Ei}Dd9X*W&86lhn9lNaCz(TBZfLQXy5yICzKgkE1V4%kP
zkqExf7dq-R`NuiedQl5qvFwUCi%TxCm`Bmd;suvBx8ji1lTrhN4ZcLcX*@KQ7#$o8
z>jS}7Y{_4d7Fz#ee!5m<1dSmF{*56AB_=*%4TrHrvMDw!;gsJ33%RV}%s!vlZ>dLU
z5A%^3DXmyA)zA2_uH#nfmj*D-<n9ZOX8?ExbYhy~EDiAUcl#zGl#aG@a`ye%Tf3uU
zL61ko&SMMEI#wenh_Y;u7}A<>r5OF!`$z1S(r+=G<k2+Tgp-5(zzl4e8|Ow60DG<8
zw93gLLOuV0mx&lPuMSK&BNz}z2it??HVZk0hF$80oiX26@EitPTYZ+m$R-?^nVYKt
z9DOj9UNxsJoJj);XVfYHxh{%Ik*Js$HpNeVetwaeW5%JDB!B;&mp5aY(piIP3~!aN
zi=%fAz_yc-0Dv;h8K4ZjLSWZGFVW~E`FazdLml8V?}o_F!DH~+i{UQ>r0_}G!ALPb
zR>ze`pCR-bI=i>0p&sWP(h;OQ+asbNv;jriC(vf_3{*0IAO^W4Jr=bM{N2oMM4jnX
z3}ypm!8&6$^&@p9uyfqZs@@&c7(Ccs$hBGMR5R>~D+Urbx*&#Dqo=1&qehQ+VR5m(
zxrK$gYMv(aoe@@Jrd46vq7H)vtlT%Yw(ga>4RU?+ycO`s1JdzTC5px}3GYn-0!7qa
z)m)^IluZ-Ox^3<rq4Jk48Mui+eZQzw<}Z*&5R&VpG0QfhEUUJ>?{}vTO?yaqmYcrZ
zYrM{TpD_OsMm-_ec+nS)hXV%oC5h?x@S70EwD&o3o-of=o{?-ePMHiaJH95G@y67?
ziGzo8E1nU{jYjnKl{G=fH~Yr^-JSZi^IXcU>A!ZHSastf5a8-qm_dUuFQs;Mt~Hb+
zsz+~)Ow3JwJ{zbEkpS=Dj{{N=Erek=H{IZS=Gdf~gXDuTm>)74|46dHD9p{wp25XT
zO-%zeDWs*PTe`cyMz%5ioeL5DGfH4Z5^DYFjv-!!n_$T8&x7$TFpHPj(X(MXTRv#&
zEFuM60oLC?(nny*|L{*l@BM-YM{u!zOzQLJJ>RB6vgBJ67he)$tax1~V*F?V$p2w>
zCr3_*v2vTi;X=b)pg8zH^G2Y5cSp`9Fqm$_M2cD8;Fkt&hOk~6{Sz2wlnayp{=(AN
zlyLA6Js;0(4>?suMA@VNGQ~l={+{_6Tx|t0`C16wZr7Xt=%g{>a6k!wymp`+iY;Ob
z1SBjIsmwFCpW*f(c`}gVIBsUEq-VyUtu+Oy7+Zs$HVN`)i<9m2KfWnOI2aR->A0R!
z#Jh3HX;ZjDddy;QHDm_avhn?xCGhAYNdEbot|g4on6t1M&IhB~8$*Y~UFFuE*#|&h
zubgj5epFyEY5S93<Ofvx!*6yl0tY2PJ6Kh(_DDlk#%c0>rG9DT1a?!cgOmmDe!4;|
zn*%dycFn_ls~*{WM&UP-IV}FyW(pRrJ->(s|AEdJ=rAQt@REB(6<(R_PCtyt+;N+b
zvxo90avUOeXlA~5vgk$-fz?SH+Dk1u#!cI_-bO3iyPo&9q_mW0T5X-gAeNA*sB31c
zT9=#wP9#}J7TzNzV80#mmdh@Msjv##soB|lMlU-TqG}c3gxqByZ>k|aIs#D|xZd42
zN)x93Dl5$X6Dht0z*qddmN%9<hh<;(WPBb#u45sT2O*mIzU)12>&)eK42diba(Y`b
zvf_ctk<P1OX7>n7$GixsSrXe;IlfO$7``S6;wX0yk8GC=;Hf+%R;8Z9FAQLk$}{j^
zm4v6yhT6W1;ob^od3<G#nb2Y9op{lDg|>y1?D@lB1RAA9lU+OzcF=8?dNC~h8HyI(
z-&}7cEP$P~OW#?aphm5<C{98O+QvLI4wbtS_NQ@U6I4OY9VEWvR6=VKUEI`+!Dgpk
zH^>U%>DnFD*bAAej~_EA*gh=lD9=pY8{mnQwnh1yBbzL`D9d8;C$odC!y(MWHR2V%
zG)kL&bdPikvtcJE<B#is>;QCTV*g{L9!>0q0<$yk;~jl9cq-2=$ksy8Ny<cpypn;3
zVANRDV>y6GR?M`8aA7_&a@OrCYRzG9>5CvTM2PnBCRpJZ7*?}`DRu|Ic@X+SZeXbE
z)1YiB&~TIRfg(+(*7|r__a5UZM?IUNR18F!L!)rgv>q&94hve#u*e;Dvy}KeZ!q_c
zm;5;GfsZ2hY`+y3BWmTew@rg||2elzTg(nWZRwSUXUD0M>68tu=F|R1ixyl{Yom$9
zHS73RrB+VJ#BqOj;m?X-2&9vUhCHd-)(h~OocQA?O9`3qT74@53G?;U*Gl7wZ$f<4
zggbd!l_2we$)Kh4oU9=QNgI!jj98BV465%RL=a$-h>3|i*?UJu)G6U&ii&_5z@|69
z)raW*wnL@$*CzPyHiRSK7G(it8I@n*h&5p&7lIGrYBf<`LY1wt=gVsanGL8pBuC#Y
zO%3i{nj78IH~MfG4L8(%P($hHJQ4DIxE8kd%z(_73yb=vIqs^6OY8$lE-Nxrjl(3j
z4{z*_z5i0NY%1aO4_uJ!{ctp~ejMkzW)q(sEqop|{+rqLrF3LC2p*Wrm~UQ5YD%W)
zs(l1kg{-RtZ})4E$DlW%Gm}dRcq)SZ_a9@|Tw?!;sINiw*;R_R(Mq{%`j-{g%!NES
z_?1%CYhUU5MD_z}f01vi{zNtqqsbqY3Ojs!&;$Shr^Q6i732o~UsNlv{CN^=?Lb@U
zP3rcT(iQCPtIPVr&(0VHt<XZPND|dE=D$rUaOaf#SO_$kqA=JJL7j9PT1R-dnIa(K
zaZe@4XJ@1}IsgB%`2RHc(7A*04~rjF`rumkEDcb$1p&!p0&K&O$a81qKYW#hmemRA
z@6PD?4tB9~aHQ<*^R*h3#li99=`l&}^|Qr*fzeL@qHyd$w4S$M|C2WB8v9%{ZUi<F
z2zam{;(jS*%WNe?@W6=WoGqpJzxRNoKmG~i1zjnFTVg~pL4KYM8z9tx2Ppo>0{1AJ
z-HH;R%D@x&d&_Cy6G<<=eaJaLHWP1&g+>-OyM^!qp+6eqUii{_oQf=!XP84G^qT?=
zuYl_&le0&gK}Cx`*B|H0L`EP6Ay%xwpMnAjtml6@ei>y=G_mlo0Pv#$Wq%k0ULR|<
zjlV}t{oAUTwMg!>ps%m38QQZ7{zfi!05RR5N-=C~ztQf?K5lLRYF3jZfx7eTEC`Dt
z^tBJiM36Bd4ZjnL=hOkb7_+0^R{&1;0r2B7x#%{pWdZ>alQ!^L0eQ<DfW|VTV`H`>
z|3G9;?;Gpt)|HE>YiRh+-ZwTek@)=ibGxQ{iyrXv(jP-de{K3_KIR`k7wy>ViNB@x
zt_o_WtT7E{%L{$lvKS(jQrMtSov!qWa{pHX<-Bv-smCSpxBWNI@R@&GX=n!r1Y~Mo
z>nKQA*2U}X$?g-~<1)+7gg}B`jZ{F15`P>ZRKf-UsZcxbSwDmFr*x3vkj-ti2HDiW
zdInT#zKxp7_UsqC*)olOzQDUXlx=qP#g$`~ouyT#zqF@&@dqkm`71_kTZB7nsu2V%
z5yNjJ{5yPhR=Y^uYIIG-4S({XIzmsm=0;0liK`{?;l|_fgYl6|o93_#vdIcv17`5c
zXZ%~X1OSs`hRxE*@e517Ey@$?Ww=!E?cw$D@x7wPqE<1{k~l{bofisqD1Ez8YfBtU
z>6N|aFE^T9(_~Q*&h_o-sMuATw!+0dbS{cCTE;~pXqJz|kjg<LpS&w`zvjAm_<Ge1
zNo0u)tSWwm+a-6<3P#$cah)Us6FPH=ThFY3W0lUeOnWG+m*0VVB0KIdYyNwN$&Tu(
zuEN}oIB;|wmG7^s`kiFCNoA?K4NebLnT$i3_fsGEXtNDW9KCydY1^RDuJ``>N>QV1
zlv;l9j7mCYPM^Epk1b@##6<1b=xG)Ew_E`&rZAgVBbEzg)s&|0kYJ7sPB-YkEt2Tu
z_Jt73$xf^21!bd3*M*l$-0S5`d!UkLKVCrY<^RV3>;Dj6eNwIzfRv5nc}UikW!?TX
zuE!I`<wl@5$*djPh*D0jHQD*Cn#-R(Aj@C8R{O6g?4=@Zs(yeiW4^?q$uIzR9SdX)
zG%mH;?YCuR^!q%y%+S^I$efF~NKC`Cxj-X8-&k0kPhYUeM=aq*lZsek**6qpkyg*b
zIuw{6FSme?o`VwU@qD(zQD>$u?VAZQoo>}8eWrRjGhbrnII9Q7ez-xOE~~T5)0o}s
z2%byTkN+rZz_9qRC4KO?NgCi5XK1tZhjjmzoE`7<etSmg`#iAqXrd+TK(jq$tzYel
zql8NMOYX6DN06yxgHhW?Ly82Hi$mL_8WJjDM=kaNu2u(ot3>vdI@fj!SMAgTAG4kT
z65#RtsG=y#Y$ex!eA#hi8NTi*x?>UiGufXAi_d%R&TyYGRi%smYh&R<K8K?I5%_fg
z{8q7+p7smZezB$G+ieWjoBd{4{iW>@LnukNW!Tzeuwa*i86C8Um5@ger<m|!bdHC~
zfLrvtyPk*$D?)*VIm+@C`kZQv1gE9r)QXfL(cvSunva&M$*#`%Pf?oG6;#$&sxSC`
zL^9Lek|)qiaXC!+!h}qj{AN!)9$bAe&B5TJSKh<`53KpEdsyQ?&SKsn*(7F~7C)#a
zO<UT$F<o_|T@OMzSolPi-%Gjw^<biW<uDL8vTJO`%B9x3K0%zkwE2WTa9DR<^vU{n
z?-c*xE5S_PVZUrz*GB(WZC4uAM7FI%J0R*s8&uF1u$4h(0YO0-<N`J#1P4q92&fPg
zPzIR^q?{3%hY-Sy%tS!~1Y`&@$q*naC<21a5T-B$0tCoCLAzhyb#Je?-j7$m&N}O?
zsyh4Z+O_xheW!}}-gBibC~u-Q0ne=0kHDIQ2HAdI3=(gsk00YE^!M+LpE6x^d&*r+
z`@UHBhrf4bSh$eX{h$G}?pw>=>vtT`TJZ83s6nVi#h>n2vaaI4yzElL!i#=YJK-FN
zYkH9WgmJ9m-l}+}sExN6B8}#-7zKaD4vTM$?2n5SvD$sS>SysQYIQ{k(EfIgsom!h
zanhq0j63{Rr$xKxW4vNtAw|Ei|5!k~_L@(ayafHQchZ<yvs?3&1s)To!clUv5OT4C
zNab?x;ccz}{wmQFb64P|$til9{9Y?y5`1hl&}+7<g#?vrIojS#8}$a$iy8hi?iC2l
zMYC3$O9QLzq*sX~DO$j)gIJWz|G1~iy6QXj>EGl-TZzCq4IdlMZvU(-cfJ9ik@Xg#
zaA3Oyn#{<~THCo9|E_0AL>Yeg<q6#;&EcR)^V^RvORY^6I%`sHxvzxc_hlC)T!>?-
zd*HeVOA&%Zw2<f2TI>Sp#ILAPADp$a0ed3ip!}X52bS55X~L>6=OjPN3x15lFM}$q
z2=k{EPHoI5D3)vuK4Z-Xw>G2a^F(ajlY{nF@^*jo0n$W`8p~|Xnr}S7$=HBfD2Cs=
z8SN#Wa0YeT-BO($D3cj}dDRGrk!bVasrj~+2-vF6_vL<*_TL_;ti@7KjJAzO-grDs
zEceohxkkz%K6!JH&ctc_qX(gtQLot4nB92E-)dota(iK=oPOyB)1rStxgSe>i@-=i
zmSXnBejFg?Sb=!$gUNo)UGS?)RvGoDsO&EbXZ?L@Nr0U|=nA-1wz*#O+_-u{a&*Zy
z$&0cvm}eN-zq(~ee)B^%u-gZ!`2yZW#0ldFZCXtT|H9I3>SvECV^7AX(33v19a>dg
z1nM{m=IQ0-ErP>eji{PJ(nypj6h0ive{ZryOHoq|8S_a*#8ae!1utTHnWk|>Hw~ys
zD?GZffToE767M<9I%qc>6I!5P6*jK)UGufqqAmMWxvJ>GCyt&jm*1ldVpKhT>ml<W
z(&Q6hCNzJLuiT=doJDxup+uM-NAK-bbM@osWhp_t^_LbPN|?vK3U)*6<11E~D?c=?
z9SM>Tn6)MGyXR@V(o&g+N2aotloAQQ*qHlJx-8A1bAd_Ie5oH-zbbSu*EA6?uYQa?
zuHv>UQbSEvq_T(RDeb>4=VV|0p>^En^V5CWu0eb+l%7NvCTHKQkO^TC4WNw0pIaH{
z5Fm6yQtq5Tv^s;)czZ2w`VEeV+0GG#t64o}A;M;Id573JW*2`2&K}Wbr2H|t(!QtW
zdRWWutzq7IOyRV^Q#AT(i^d}oyLR=c45o(ZQ@6;`ng+V~`5GUb(PiPzXUt(gjVoG;
z6+@gl^}q66Ryb($CFA0+$Hu%jdxf2s&VsV)VhB!>e2zWIys#sOzUNmNoXhr2{{fzY
zF!R4+r<MDZb}7dS<20p&B(hI>s5hh>*e>{S$WBY6VI)1P4!V%hAnadpp-B%x43^6n
z+deA)0W)gmj<wYqdxsg(%vYzYrm<u-6+dawa$hW5DQ4|a%Ef|!BoxIcy;@AeLlowQ
z8-(x-4Kr$JoFWe?Ah^oc9r5RP>Ixiw8@dV3m}+rUFIP%dKQKsbDtOc9epCdu*Cb86
zS~}pT&F3E$XW^i0aBKT~j4luCq}mVoGR2<0V^(kSB{Ok1g-05eGPj9M%|Rg}Ntl@k
zUNOJ-Eol0DU?3l$-e53qK$u0}n<V?1b)Q!at<LZEk7)<|%CgxZF>$A{pxEX5eY()f
z6S`t>qFlh`<6%X2-$+(dGoS&W4#vvMfb62to|pfyi}`!f!WhkBtSzyyElJZcQQhqw
zN&D-6#V-F2y0pu@mt~gfVTD_|WbYU5z(Sfpb$f>ppbet=Q{nx<m6&)l6X*s|*Ff3Z
zohgm+Dl+7Y7WyNmQ~vF@i-gIEnNY!k7N~zx=D77w2e<wSxMVMed&isOnLNS-vI{I|
zOM`g3N!#f{xJ3k`W*Feq{3%Y}Rk?%f^^4$t1+mgxUk0KUNK`soZzsr;J?c3@GUGzr
zA4ZyfdAM5=5>PI^ZpRa?17XW-kD~2(QbM1!9s?M<sn=KQ-#3e)!GBU`=$)^7=P?^A
zFW2}=XZ_u&MU{8TdRh(*4Al}h@8_aQ!#Ir!)CZQJi<_l9yHp%z$QiiODJ8SPs+Hx4
zT{U7T_975TRSLMi<mWTX6R6m;peh6CXCSwp(pd}U0^a~z69#4rv6=mT-oMVXILHuq
zX;@>$8(NoNKyZ;0r#4(>QTVc8nzBviqsP;Vsvjf*>k_68GEN#j{KTI7RDRP({0HW}
z8Xgy(rx&)KiZwJa7mPe!o)j2*n^=)h3)Q5YA-#7(30_8ejm92es%Ns(EsgvQC8OFx
zhL{Ci-rpusf<!y%=dRymT`{zi9SepcQOJY%f6knO%JwvQj|I1wt+GFDu(BaC{2gzL
z-!}87LiMCfbQK~0xvw@wL+?*ztY!PwG_a0m%%7q^#Nm19(Q{ETze5yX$<)>3Dbd~{
z2RjSTDoA<QruL4WF#wWgN7RMn7ftJzBGTG!*YgnQU0UV^MH?TV<(LGYxj=e9ZnUW`
z<-RQH*xx44qt#s8?WO(821S7w;?SaIl;R)gpK6HVrX;o~7ReS9u%A2;C7Q~1OSgRi
zU0a1h`HkX{g9vk|9{1Ur*&xLGBLFrQa5b>+!uW3q$o94`D4$RfTHeo|1u|4mR`Y#1
zs)J38b;zqxqrG>b{F2>L(=5rF_bek7sr{4Z96XR3EZZynxoCKn9AcL0apSd_9Xqty
z#i_(2tuHL!>c<|1>+$^dP*2SDBlaS<Of+wlt0t$gG-_`5u`aIPwx0~oz<srD$-zm`
zkF$&`PaM}&Rt#E<=gDUb5p4o-xcyjjo(@%3jV_l{y5r=eF)f505NhFmiMlnwQ5=Lu
z7lEa1f?StxWe=EeRRIe;&Ufz`clY$PUgM5>!W{+OcliM@gRVa)643k;KmLF2hW?M&
zeDxTu(k_8vPg6ZH7U^pWafqY8GQ7cW|4<BHJQ8+9Y+dy`i2z_S(wjHZfHC;k*XKme
zO&s?67M_1tTZ;1yCttYrMg<$ixuCTU^)Mo8IWt@AK$@Q|nHO<Lu=6(<OfUaM1lT+$
zdp)^C*4bK31vb&O3=Pzx)UlpEMxwr>#wsAk9enDTKJOB;6{f?KkqyxO>9CIA`#mzp
zX(RvGNCY7#uhc+BZ1ZG6-}lM<SF3)H|9@-k+#&I0d!LO0&Xv)#({#LIoX01(xe=*p
zN^&7<JIrIM+Zq>TO)-3V(J>;>u~nmiMy-2Rx%O5u-p67rk4f%BgNwS>s0zSfJ5sfx
zz}H`+-ZUiPlZ$&LE4|ill=XH)3Jf(OPYS_(sp#2a7wf`A0bXJbpQ*V-{>tu(x23e-
z8O{>h!C2KdTyG~vo}Q0E?f{^SnB_4Z*!|ZNC-|`DNze`BJcn{)r%Jj*VT<RY@w`Qw
zpYP-4cEzeY2G7gWO5M(fV$O#oV-)~)U~>Ke<mJ(uWFA$Y5WD8jqXQLTk&#twld(tU
zv`A!n3|1V)VUpdy6&r1I$ThE`2_@Ql$rbZg>=QW*JFx#yCxL5mSPijCe3_oy2p^VN
zDR$K4n}tmhwWF-v3<5c1ODQ4rNY2=ZROi|?-;QNxE6053LXsD0NND61LybE9*(2oL
zMq$+Hs@2S%5h#XCoXT;`pjzQg%7i9%!H$0R!MRg==IiE{_Ba^jSKZ}s66XgJ^4BOv
zk_K4gGFqiHD%c6Unq2F-W<7qcSE5=mZ?bWUINbZht^a7J<*`nJq53+FREEVB6~{|-
z76*-zA#&ca()<|BQ)qJZWZnnaRF4%TrMh<;8~W+~Z4YdJ;u7au42K+(M4MB@OQ4~*
z<#UMEin6)NdknVTflyA6H?Ka(%j)>J4wbUc1HZKj>~<!gju?V1`%b+I@`<Od@t?AK
z1tj5t*VK_5f<lS9>bur5p@(^qq~}Z9U_b8^ZL(dPC{M57m}NCr#riBZ!_ocwBcPe`
zwNp>Pbe`?WivZ@8p2$DkY{rNo+M=*!2e88)8m?d(y>SXYk@i*oC=H&CnmEgac)Kp=
z1C&AOFG4WAyY{F9Q+vF<+}A3Q;W+259VMX^GJ6s*S-^o(%wvHAD!u(~sdb6!e2QUN
zcV4$u0DF)+???INDrDsqVwsj!!s!xpSw$lYPSK(fN?RJ>9C1Ko-Wv9KK!F|cb#5Bh
zu9TOr!aQp6iqp?^!^>^VoIwv1h&7e8ym-k`s2$QS))wA)(Gt9t>s<@3IQW1Y+xA-3
zkO=h1^{QgIpKlttVCc7JzLm`so#lL4m@g#vw1mio1VM__b~vZdHgr7K^UVl3e%N8m
z08fvUoQQMG!zHiTqPm?bQA?)>=o{FZaMZ{Wp(KBTtq(^E!K#^^(Oex?7N8~@0Z{+)
z)hj~`ro1cHQvg~a5xUPU@oG%wS)Wvyxa-rOe?>WAMRjFCS?S&*ps|EY4D?Mkg?#u$
z2MS?Wt{Y8KPZ2<>Vrp!8tgF-jtj4b$&H@#Npd5HUw8hG1XbaeAU0kht*=FbvAME~k
zhxK;~9LyA!`}jM33z|pBKQL0zz8Umy-Hdd-nv1aPTZ~n8>^175cEuye4y?Is9u(2s
zz+IgWx#QM-UKI-{yPXn7;=^Ou84<hfI-2aSRX&Ph^Ubp}UhA^-9!xO-$dX-aRWJK+
zZ}W&RAJs0CCq>~;`18w`aG<?HT3AH=xkGLM+%oLQVag+*CD=UvE#hDLPl6r{`rCN;
im(kJ@9I?l6=U1JgVbR?48tR+q<>_93Scn`MF!>j<9GPJN

delta 58630
zcma&Nd0bLk^ge8(*Q~r{qZ4&2&CIOS%mJ~i%$&+OCn|F!wVV~<R8}^r4URaVshA_q
zGmu$Y4mhBoIFOm5B9bDYAn<bU{oe2U`@Mg?>!0)4`|NXA?sfLFpY`lz)9mJ^+0BPv
zT(>scu}xu{l$6vC^Q)I^rKGl&NJ(u({jpWjQ}oLd{`RmAATBV!biqE-V_{q-#(qdB
z7Dqh9_HFwkz`-Qxvi#={w`IyKy8a^9y-<JUn6d7^C00mwy!0-}q8{tFUgvU8{*r&~
zwaqZ`B%}SWqb^Q4wNTfM2li|?-%|QV`HpS&H;#(oi)TZ8dhXIZY*gaL;EUmlXSE|1
zeTe$z{C<nDjZ%Qbm4A$CqQ}$vuOZbp|A*s-|5`acf0l0iuVIpL*m=u;jfdyn=Yw$e
z^qrd|J+lu_889w+y`Ihc)tmieMoQ{W*PdojQ4HlUn3H%UaHo`%$>;~~y^@iAt-C&M
zl+t;!)_od4D@!_<TUt*@E;+GBu5Xd@J#K6$84JHy@%POAYXQ%0{r%v-Mzws0T(QkE
z+%9S6Y;xf-wZ{%iN$pPM!~spFQhklx2ZqexFbG*z+Bh_Xip~{^O-rywrk>K=;E<oA
z6@urOiE4^+EG=nL%^zqABgSzd7qnRs#-rVp<F10Yi=)96?rzeU*G}=Q!phj_A}Dq-
zJUzvTSB~%)MXC4h*dOCaGUHXo?XWWrS+_jc11r+KUj3i1eST><U#n>cQTGph)RcHa
z*|~9hb1hY5NS~xICw+^47uAm!P!nY8P7)S$m}|i8msyslzx}G!mA`v4=DQSbeyhE=
z&8!doplWXtn@+N>>==Ei{$4*kS=x9oGtPrD2<Q4vEgp&HqH@D;)t04wO41J>Er-~d
z^2KrcN`bah8RoozqT0fYkboJ#9fSV_&Y+=vu#`{Fs68PhdBay}AY}ev?j{}20ewCY
zs%0=H{jmHo%0bFNTfX9W!|Yuv96YGG^!D@?Da(hSHp^~9M_a(cRjSyZ({IHUC6gR=
zOS&sFg9<(u(gtJ&kik|tNadzSU4#cHchO$golPNi#_|j4#>H6W1?|?oAt!gp-#>G~
zME+y+<R|Gfi2)YXn~Y`O>#{|Zzx;2c1Jp1~OWVGo;f@;J^x$+h1?!|I82(xe_L|Xt
z1oa$aVuu0OYk9E_@$pwgV@)}uc_luHj^F>#4s~vXARTzrMkLzyf#|;GYNl=jjPTBJ
za4UPITy-BVcN-kfRR?R|%plAfMIHz4#+_BP9d6xZFBJBkxC!!GQr7JprOyD8FE_{C
z*SDg0en_v@+p{1TfA)q?CKd9gexaW*Z{~!&iDpnni7?jAmKq0v^+D{50D<ZEQy&~N
z&=W_p#@{CJq^TUel5Wo{ewT0%e!#aD6Z(aUZ6-bxk4=sqY(Qu{)U(q*?Uo6Ahhvm(
zam$ZH^nN9m3Xw^PbZmDc2S62Td(A?fr>$kY{I&KPGY2g*&Mtg$OteY6g_2qMY7jBw
z;@r#@I?Ao4uO|3$dt1)!mPtyV@=d6hv98;L+VHy171Ft$WVoQcder^SMhE2^{67t^
zdp)){hlFo*P(AMy(e<Z0lepU^+68oM)KqQuUCr^1zX3?OQyzfd1VRW%<e}?c`8)N8
zh_2Os%^B|-OyS}4t%dbl2WA}CL{24$Ag(QRqik6|LDib!`>0ipBbvN~efz9?^imMB
z&O@y^?2~d>dn^`>!9TP7v!3G-CnZ%AR1fBrk3aE%!*=)SRC=qd2Mr5@^a_Q`{`Qwk
zqC6ifc~c$aAJa4dmstH&j2i}hLVn@Jev>ngPT0Nb=>~?LAj^=-X;a>O#LI$Uahw7b
z8|GSnTDPgY^0W|s%q6dDaJ%+~i`Dlm{6Z@_FC9{RPpwb1XD1|OM!y>vSLz+wk8u3X
zawd&G=#cKzpyuXtJxb;WF>VWJTkGQ5_40_?^X-)qfHMI)ZllE7ABM8eZYTlpOIi^p
zF9b2kp3U$%3sO5H_&rfM2fvuVFYMPQ<%MyZ*gqT(?-MA@6+D@jId^vgbG`~{vp83P
zwNfm96dq7s7XAD37AQnDYupAt5$sWT!P^7+P-7p1v+A>>8X70fTW}iH3Ew1TA{bEF
z<cQh#u4or<*Y>a0$FZQAK=}vAnY5>RP<p+0$6>33BEN{zurv`~f<}EiZPPJxEiUG&
zX?Of@rXy2YQYI}&dW=+0dv1iO`VOHiub=fOtFF0#D~&R~-{I1+uq0$o{oHcM>QnDv
z<~Dk7{igS1#>ZocAcSLMrni(FYzb=J_gL#hX=5`WI??R)=AC%C+#kPs(`%5lJ%{ie
zoHwJ@oNUXzFnq3i<<|Sy$*#>A3ZVsZH^vKEvDPBY`cF;8dlP-^An+2gFszc0GHmz&
zbtW`JDyddZU*TSW+QRUYWQ|X!Vi%_N8F^g!b;e@7p>MkcqfK;n_-*~26&vTkzx1@6
z5c4tvke_dFrZ6xpx1R|^y@SQk3*SuKja8Q^NtkCHXj<qqfgGqvOD@EJZnSHGtJ@Yl
ze;OY3Ufi;E{&hX~<MMq7;yW@2<O#-{>vR=zYUSk`81n@+A$fX}<R2XT?77x{_(MGR
z>4mfIDgrvE6Ly}VvTs<=@W9f$(DK?$g(|?^!n9M~ZsRnMtQ_UWhtWv23JWQu(_OgG
z54wb~%$_AKxA`)!bvHv{i71#Z9Bg822eZzkzWQsTMI`(KYBt3?Q&V&SE(qdS%toH?
zQn^mk+T3e(lw_Z$n}{&loes)5Xd>lqAz25f9nlULKOFz4iy}sUaQrMauuLNxxHRKu
zt@`lJMokR%SfW0`Zxei^gQNr^h2Aa*%eJZ*INdRnDb5wzRBUo$K9bptdiX{LQ#+%t
zJE~JFXgP#x6utg!T=bcZ^9IF@y96Za)wfehQQ_C}Y~eiH>BB=$^deFxoDTA@GBgsK
z4pydrdPVq-%LlP2(GjS;`hEF;%D^Q!O8(7*lrt9&MWh=}IP^TfP@KU;9zMGv&jLPr
zK`SUL@x0x<J9lEQq0W*PXr#?Loja>>*)XZO>sMONo8<k4-f5)GIU_td`(4ao`<D5X
z@A<+L_1chupM^1x>YjWtI0e%8su}n~a1NTF**GrU@{y6ikIq;jJnI$@u-V%~fP^k8
zDt_pFfy>vE^K}|d)MQHYG0)=MUGJvxnZ~y$+hmM#B4BT0=Is53)rmO9<PlIY8D-<y
ztpmN)K~RCIOugaMi{EYv&-r$<H;zwt?FZhb^+hw6hy2;EKqr`Ph4)ego51*}I9#Jz
z-xt))2!ebpuOn{4;3MDy8#_sPBlNo(b;qJ~eWLOCNvIZwDa@VV5vN_7IrJl&LKiD+
z<{s8Ug*}aRH4DaH2v=IzfzqX=eo)0z4vP=)@Gq{X+*+dAcx?baj|G1$SS4=|vXgEH
z-ePWI)|1oEVMJ4JKbpdK&i=R`Bt+ZN<Pr4U5{MjC-O!c}ED!C=Z?}Z+Gf=Jz^}>h?
zonVl<#JCPvd7msl%_N1e?~Q)Bce=jZmQ8K}-(~I7MR*tO>t1OAf=zX*2llFbJo{lf
z14(w-hH!j3%6o>awYVnwsU8SeqivUdO$?Mr%wzktBOfB~`k!G^K_5AH@eRL{*9ba5
z{#Uux$EJ(GSzTaczZ=1IYy4`aeA>Z2(xP_pj8zc0wuw@D=&e^qK4F_x875+9(O@Y+
zgS!NwHf~qSxIUMTwtL3W%QupF73MZkwaMwq;H`s_s49HfToQcBnu3Z?4oqm<T$}>t
zJN2Yx&deO0O`5d+^dkxi(l_HW3XW`A(Zx!ZY%M_bL^)S4qxGz|ZdI89a(Ic6!p-To
z?d-n7hXc<rqN>sOJs*b#pz_Sy>>RP_Q1<!L*YgVN6|cV7<B99<q`!Xp()L+v;Wg>R
zG<XQGrmQOUYcp7(0<uHh#`LROMAGupRg-3}(qP5y88>}FRJ%I4GH?!2L6#RNJlJ%P
z90l+wp;fWIoRj+{3;G6E>pniuGNioYQrgs7ZpildBei^=tDu`0)g%(d{wiRHX-~=G
zRh^In4Wh^A<nVjAQzjAU_6Dr94|?o^gz<hJ{N~5}VPcxLoUTgc?{~a>lr%OjD~P@D
zto$CUH8J#e?9^h~kvn4%*;ZvahlS!iz&#TV<ec!3f28?!bLQtnhre9-!~H%EdwBTJ
zVLqY$lx~*x4rBAw80!;q;<JCoE84$=u*{;rgTB4^<C1<IApkiP{rE~6HD@ntR5#`9
zDdn;z*JqnIU4C(LbWeEvS(wm))p#La&fdj~%v4b%NcfMxblrr5_0{{QZuBQwECc)F
zMu)C4SA@OPC`tT$jY!*nNO-}B$~h}hy6Ofi{tzg;Z*^DUXi+YIyW;f9TlNR`oAGk@
z(A6E_8L+b+VkPa<Lm8b+Dvfe-BrY2A`_sh1okrdD!wi{p+EjPOxswNu|AC#{^G~#V
z9?SXgsx}4LEIwHD^Gt4?a7+Ronw~a!w<^-fH(L6792g8UOVP?dM|738FWPXeR<Yy$
zjILnlr{GVXLeUUj&oh(P(Dn3%c2KEMd-S=kCiOw$-2l@izOx|dN=$3ncds73VOY|y
zq{%?d^0(I*<66V@4$f~DK4t3-vKD@;itj8yq@>)F{8Sf<WrPc=KU(lWG_~_yiIVEA
zU1iTwi`G0Pbc~($<6&y|>g#^Qg7;#Rf&6Tve+<M5=aZP>$=?8{b;==A&(KF{l$4^w
zcN0qHdW$vFb8fnBE#5BwTgmWvB=ajQI@nh%z8{x4nG(aiUVTDA>-=5BhWn^i!&0-2
z4oK?7va`T~?l{HuSp93j@n&Sj$1QH)_BG{v$gN)-kXM3LU!i@>Q<<YrhZ6j^w$AK{
z{k|fWq+Ac5X+J6+1&!r2lC&yd*VFMumiOmh`T5M7(eT5fQD3#41C4EPzg}0OT)idK
zm}nZVF>*mx->PBF-z43;Yh!ItLQGC9?g(f`K$m--Mv=L5NzM}Z;vAH;JhJfPq2K2~
zn;gHkzO$=!dsS9WZ&1-P8F(YClmzC%WeuPvtm8PkC^!7~)iQV4<9(O1z(Ex$_7;n#
zILg(lQmO}(UN^g?@n?376Z&8pWIUxgF?<AJy@1t@1`XnW(?XspGoGZ)DCk<s3(FQW
zOp3!w6>3zZqzr&F^0R(gk4|_lSI9Fzy?Fn)RjO?>#!}x3?P&MRQ17tnM=!qX*+-?^
zKANMe;cBZ|QxK!|O^Dy)NW}>8sNadDIQ4MN6QqT_4kf2TG=?{xS$D>3wXiH081#O0
zqRq`zb=W5j)}^C)Q1jOG7IF*YK6h1gc*CceD`<xsL&cwf6}HaLkP}wm!};n>4HM^!
z6&N<lMIxvg`AGX&dgi^y7jrM1C5e+LT1m<${XbRhpg>bmsyk>=PSy}x4{F(0mh;*X
z{#O6U0-v4a$Gyj>>rkx_X9gwBQ?kiDOcSkn2OPQ{)?U;KQYny7Y!$tpP3Hz5rG}3p
zK>C@OwQis-hLo5*C#!zG=Qf?-pdo;zkKaq@Tpnf8zVBR*Y%A~M4Ek479$#2(*>zz%
zI+~&wUwewD4y?9Fdr<Shg*#VtnY;_Pfb20(CUB_Y-<9;@g}dnC@oDYMHQvYNOJd`#
z^Z*IwQRG<)OVZK^-O-<?_Nz{`ObR9;G$5B0L-8~L3l7+3+xUH{KvLO1iEn<SxWhHB
zH0Ff}x|WB|X?I75UK4LEm6m!)?AlyxNxRHECfR~SNtS(I@_oI|wr<u=EK<L_aqHhX
z;P~cSu3OJj-yiG6m2A|Ts9^H7nIZSmQpPPqUbF?4)x|n_#Mk&>5Bf`syTdB#fcV5*
znd^07pZYg1S!#kq0@AA_;R2Mb@G{rajpQ@We*e`Y{^=8n)(x`A^>*0qA-?(@Es(Go
z`O@$5vn>Ax?2H|-*QZ^kVROnsr3KFuEd<QU2E1P&2?%oCANp5U`w!i{=T#jEj=QX+
zqCcZHuAs!E+rkqc+U?3zWEc>ji$N*&cqFQf5qLL7*I^G{lAz$xFOr?B3_&cnnwGQI
zbzsRuwsUhm`Gfio(nxWG>TR3?JA{y7#N1kIeek1Bqt#d3(fETC8rSWPwbZ@RybFde
z#If2R)$e>pR8;x$y9mH}tgR!q;!1(+pWNv^=deYsyL}(`oajA`odXPE08yE&@u#ov
zx4%I!j=S)B0sAe*c?}n`t2X9YG6gC^rk_-0^?-@tuA!ilI~uQaNAVuVK1g}>XV652
z@DDJpp9^k(Am`)0U)b^q)8Rs!4rD(fF1vDu121pRR>Guz`t2?1t~APtofIadOO3e-
zOBruLq771gDw`YtqzEI`v2)%2*4R;blhYeEk_c}O>TN)gy<MowqIQc3qq47?oh|!*
zJ>3KvzMvkG;CY7BT{+qycrL6z2HSe<b0&$W&=0i_IeWn<1QFGvit=<`U2zQ$&<Ihn
zvMPD(r#9NrWvT7O-H6dV=xZ^M=usRJ*Ie^Y692rdQwS`T1iqo$ogjkBw?sS1ziPoS
z`6UY}7dnS)q2?OhsU^PbNJg;PNeN2{&~xA47@y<ZH9QdaanY7$v$AnC;)^@^U3U6C
zJ(>?{uxtCJ>@mcdSPVA_yZ)@2m{_x#fci$Yjg|gLT>*I|A90GkSf~8w@w_0z6ck~B
z!XLbF80aWH+;Pn1rX&|^Y6_znw<*6Qu9$@_?Z0xa7;>UUP4#rJ2_kQ^ra=O+LN5L`
z7oMo&ZNGBM(KC%2(+hk&Lt5{s+EN#5t;vuRhsH_eu>Dw%PLS5oes?rm4w_8;knUho
zFR0$XB|>>KyJ>Y3a&|jIjI1iAMqtlIy!>IRz#AW8b<qp&$0so7-cXW0=zCzUI25?T
z|H$pGJd2sYQH;I&BOjdz$!gEQ>i;Xl88q-8JIo%Ppq8m6ZV&axhS_J`1}St=dD66b
zP-)T7QPty|stM4!35t_L*|`h_sE>gCa8;t`&6e(#v5yk|zC<F|1{tY3>n?JgfQ6ik
z@IM^WJ?qx1NDEXCOuH5Q52^86Sw19CdeN4oa}}xXFh2=((LvZl4SP42kQdM2)!X&_
z>db1IXJkfLY4_4uN}5w%@5&7?lt`OCqN6<g?$L?Zf8;ue&L`2Ibhb*wy{u#z$MlDG
zr9Tp)4zP3|?OXg2*TFpG1P6WuxnRMYOQ<CW^Z3K9>UIL386kG$!d^RA8B|N{qj!R<
zg|y3VFaAiCxGwKUdQsN7HUs4QIDoqID$3I<AzfxU9XaGulBoIEL9%j9q|GF%Vc&tx
z5~0-u-rpmXm301VH3t8T__yJ!{r3o|hdY7tneoJb<ij=}X$k+a`B(Q;c3UeqH45D<
zb+kLiJFQouT|VUgWe$lhA}ar_o&0Mqdv*VQ$-ma;{r^)jHT}P2P2m61H3u?+@HZpY
zS04-w4Sg3dj<rGVt;WUwe(>LqNFBNnUePIgHLCSQ+jhl?$W`e7-pMI?H-Qu|O?rxb
zzyBd-$bck&&HtFfUvpUz6E6;yp8YIV5Z(T-TPmmW-2{N(jT^|voc&H)L8rDnNCXc2
z?`_|g`GAlC4fD8l!YHccHXzxq|Hu05&1-9G!$d!l^cFz8zq!f(7|LP*&cZp-w-mPA
z{lfo$=Uyi@pGN}-#LXYpFQ|(vIv{^bxBnO*r4yHL8n<)g#>d}>985PlaIAt@D!}@K
ztT6J;aQ~YuKap7J%_*y)cQ*nZT}K;j(1>3Zp`AXpYY-dqeZA&97%l|$F+6fHPo`1D
zy6;{1jhUUn3%mES4`c|}Q?JBCq~Rl~41=`&0ql#NAD;H^r*Da;)Uo2r;7sG9HM9^&
zzH$%gLVFdRXG;tH$D_W9W6Ju$`9x6WHZg29uI+0!H@jRb#_348aybkA(|hF3bbZ-q
z5WyWPpi+`DGZ$u#eqQL>Fb?s~@z(->?~$zzLGvLiZ;|~(F6DuJ#8|CavueS7xZr{l
zg5GWk$uE7}%CE|hcNd)RurdG&7t^Mmghz`|uB)6rM`{OW>JNenDq8c4VY?=Q77w?I
z%&ZbGSVh?5IJa=DEjxy?iMW0PdWkSIweGx#gKHm~lVom)<+mr?%g=Xh`9ci>kdgX3
zfSWxl=h2BlxB^+$dTL!`-phK(hRNxd4#YZA4UA%7M&Z>H`(uj%91gF+HFu|p_r-sV
zyh4MJdbaHfYDy1}8g5i9gnn_`|IeiO%8tK#_wKH3ec<?CqGxgfcFP{)9`w6+rGpRG
z>n!!g?#Bu>CY?N@j?J$)tE(5Kw&UzdXgK)*z8QZUo#;3AkXui%=3gBO;@Hlsx3=(!
zRv+l);LIrukV%3ffusqIP|`GRrMfxXPt?^<XBnw4NBfoxW=|Yhr?in}o9BE=X#Ls8
z*~e0Tf~Ha?SnYV#rZB_&H9h9gk-Ru*=zbcj0JSgDs-`f6=0Yz4XQeuVMXZ)Q*`R1s
z^VDXq`YxJN;u9S0+<XYxg{R3{8LFr0e<)mE1J2l%3b}MM@x5V?Gtlkn!)2EPjI*>V
zSDUql8`J(n?Dr=A>$R`~FoC40g>a=I{SX^FJ~z>80$n^=@Rm7m>Um)>10Kx+>w!b-
zkSWHH+z^w$-d;Vr`^BYyE=6Is1Ja<FTTb!*SL2H#b;}-4ka)5a4)eS?n8z@nmE6V_
zuk>{_EgbW4E<`$N#jy71L&C%8xR!bq<Zt(Y+F(3l?do_gWsu(5##Q33`ojB`b5lft
ziO4(R&n<<43B%#Sl#@3<yng+9GjMDn$;LAuGFxr165j_kCsf_8FLw-zkK$G|6P9?0
z^}*ZJ^V7bw#)1U1g{iwEy8t8AnN*J4{_JvWgJ*xLw%15d@@R6*hjxlmWnyJOcg}O+
z11=AN825;H9TKwaii(NT4y>l+RS3DDxC0EosgQYy*}0GyJ?@G!dv^M42Y=>$Pt<}}
z?_Rg^!k2Ai#i+%evpYs<vyA5vWnT;?RA~|5OW>f%QNg`T*eFB=sI$Tv9j4qfEl0O6
zpuv^96e^))xBf1lnZ$_KZS{NUF3;J~HkaBw<cXpuZj{4!l;bXSfmmZ1yqrr=`P<VK
z?DY=Jj$Wt7F27nfckVi;g4}_iod_A6qCKa$cK6O+Khp(@q^%H5O^tnoYq6nN?kJE4
zI%2b0xxC8G>yZbH#|1Il*(qTGkdxzz=L07{xEXGPgD(kRCj^6^p=D{6Jak7NFGwRV
znP&IeDaE>u*n=YzN|*#i`csuG2!fD!Dg^p)N`l*-$mI%K=<xBNIzC2PXij5=gbdew
zGZOPl_s&0!XJ_)HHN^c`(10>`gN*B9askRM^Fus9{F`t}j>I-ULOJx?9{RBN2myb$
z7iuF~w1S6@7^;;l16LT&lO3~cODg3+%RPchWK~f{O2!;*p#)-7V}bBk^yy{1CX}m<
zN1<a@9fZG<T8TAL2+r>#EZ=%V&HkEOtsBAIVNV(Hwc&-XZ$)a1VrB6_kSUUbxcW*D
zI69~3X}q_JP{|Wo3K#5yRA|OfJ(KUd*v~+PrcH~vfiBb5hRYDsmD-P^zqKgP2vP4X
z_vAr~`tE8B0{&6703v)KG%xnuMGh$|?S$x&8xNd5G#~vL`?Sw<w-<P^rp};HR7IUz
zKsL>n9f|G+cT{$AYR@2QIa!IDy1>BNGC>z<2@xo%1}`c~+#v4~ySxZ%X)BLAPS=dV
zbu}yZgDw(1XCJ(ZN?^kHM}*vIn=Ry_H;lpug8e6*OzqmZ8Xjx&kap4JFy-O`1^%Jv
zHui<7OMM;|89rGkQFCl-rv7YR-(kqx5oPrxsqI=aDPgY4FqU24vv$o0&=p6?q-cd2
zb?WY!TGd<U>=S4k=%g?6s*I21CDD)s;c&!+0#_eaUfJPsZVl~N#mO#Bm7~B<Nwk`p
z_1{t9LHtzFeeQP@<Wq)9=Dv4ZS4evAN~dO;_X*YKYvqx~cVe!@rD(0YZB9h2^H^l0
z%^AOX6}U71ig(pJZ31u@yzcz1azr@#y=kGq)jsOi^8{zVsDZZdAH#<294k4S@G=cr
z%{T#f6KI(CL7^Ao<I01EMj-vejO?01L_oU(zs<m>VRTX9SiIiXapp;%@H=;_wB!E;
zpMNpPmh?`T)0WyI!<jyoVoXkCeH?hPMHFhn+kycI*sr~+b55z~;=6jR5~obeh~dt;
z7oUv4v80a7{1NXMe~1qXEUGM~onzy$W)Z8Htmt>AYz#^}7W{Tt#7fJNn^}0pFqf4<
zo3;I_a~+B_xnH=dN%wIdl{;Aq#@N))JfR)GnD?oN(0hX(AD-DV^~2`HNlMZlWZ;M7
z!@%1;FmOPW^;E(6>9f;vN>FVmNXWBiwM46v8-u=y+C9vK^p-Pp&0ySjJDa+c9cV4b
z<p7d3dSG26X3FZgM1N-?5H#MziZH8xM#hTEh&F+GZS|l`3X-p`?KbDQ%f=(hw%C2f
zzNm)`yy{;zwf*(rxx46Drr=qNs^vC7GY%1tpGHHfGRs2nyKQ>l9zP3GqH${prY#|`
zR6?PxC-TZOEy}~*k$Sng+@riOg$Jh;L``y-J~&EWp%j2lF2cs{y0a<q1Kj?&WbYK=
z_-OR8(`9SrS>Hk?mD?^&5ab(Geim*;5b?`tDg)D<mUYkGYnSE5tqf~StN>~?s~rPa
z$8Ncl2oV6QQ@(%gZgf(98UF$Gg~8G#wH|YqT!6Ob5E1>0kB_GN_uyGK=mrp2emlWA
z0A1~*0>5gW3O&W72K3g$Q$wS?tD05*+j;&8zLohdgyUBQ-tul6b6Z<2%_d}x@%mFp
z7G}hp+=O5Q`AvjtJ5NPe4so%CJr#OEh$-(?PvLCB2}IMUd>p^uRTRar0U=j&RgkN<
zvmUe`Z2Iw7_5)EK^?1}KJ-o`BwVIkjokl{xDmMA`Kb=YKo%C9fi(|o8jYKVx9Yusi
z{@3rt!8{?{P{`JqUVWw}UWx1?*H1hvEo2h??gIFTlT*nh1n*45C0LLCaFnwK(fGUY
zY4j@cs{!xDVo*z%4mXpcr%8>LcPB%7%$xNVAMi-|n_S-hZc=ClCcn1?K4w`(WGM%z
zRLA_z%&g8$C3h?4Bz>y+9hT8Db6(_qo~yf0$jNs0{|&oiqLn4jK7iVTxAE{;fHmHx
z1Ng((7r*_`16LVtm!S2jlmWU%<=`^?D@28*eIzCw(=ze71M&S7p+5WfFIwPz<rfH|
z3x(2UmZXD03k-xcrw)>=<Z$b6!J2%Av7^3l%{sjWj!MOF2FPy|TqSU3sZM&A<<+6o
zufGM$kTIm4+|QuOKz&-4_?XLviNM5)BhsdFAW(j#@#k)yQo-yyjdv?=TwTAP${^nG
ze+e9X?=${NRR?U8?k8U}TOh}*!q@mdt~36H{k|85&?=6u*Ub!mQGPZ0Y9e!@tV6}X
zOgr%EkiG`lh0c;GbKiwm`X3(h&n5qgn%19QtDEdpqqLvW)iS#Q0)Kh$G^J%(NTos~
z!JjX1#e&N62)_qzHXWY9)|rwd+$E=~>TDL0KW89bXXg>+b+^>fppdkb{HKZ&Bn?GT
z!CoKWR0H$PS$>@7`nwT`%^_^|)ZG9vk86y^<V%M$!h<F-Dzx9f&??43A4s1&rmSII
zAqtj6eP#)Ojf#5E>4n<pR!M5wIkDy((!L^B-a(j1qvJOS6hoA)&eI<hUUm(7J;}!~
zhYQab3jED(L2O8wk?c52*bJ-*zbDw5_=m?Pt`6<~A#8dAFa|r^&cJ04Hc-A4>iB=U
zT{gZe0F|*mz4MnuV2<rYn0m<Ho-#Lc;CN?x1_AWi_O+L27iP<o*B$)s-x&CmRSfQF
zqVzj;v03zedjB^+!=13N4?P~aoZ>>@=il~@@a$K*&8W-WDjYs5m8sLN0+<2I<o$0m
ztL&e$=%XOU*8>7n%;ZfMcxST$`v<&r4MCbJ_$4dNa1=MbieNs$YEMLt`Ego+`gu6e
ziMFq~|Elh!Ql1Acdc^NF*kg~8nd<dDAN{7M*B0#<87kQ^q<2B9CFJbt>z?Jp_d(G$
zoUA;1JGO@U%_91}8$%k{kMo)7WS>tIosa}wF}j%ZQ%PH;?*9|_V}{ONPi%h6qEmdU
zMA{Y|-&xp$^q71AWW4H_W1iUoGRm2zZ;svA8pTkIpwzbVejIQ81-^Ii%$+B~k{`b8
zFW1PxqvfN}RsEi*xrbLE@AF*?x5n-fMLlktoCX(nM4XpnK4wQ2iKg~gVpLnrqDPQ@
zgDX>t*`?xzJqHph@6GBITFNyDc%9Yaf#ozdzhhLCiCO_VtDD=1e&A_?W^9=9x&>{b
z-%gvjbH-Ktby$lvrgs-$+%!AV8@1r~)~lMLm^M)na*v*_6w%O1xuoqu;v8cT(z;y5
zPpx3(Q=q7pJT)-`jPzfJ{j_Vk?GM!iet01$paW41P0a@#W#SJK&N{8vGPz1O?w|T`
z^w?7(;7Y3u60-NEyDYYR0j###&FbD2(lZMEI@G9<r*BRZ)<Xug;TO9Ip6F=f-<5$J
z-J3qb{my1MbhYHWSbNy(N7piA<e3<dcJ3@&3Q{|YxR&~Q(M!1t5j~bFUVRo(dyI%j
zGBXNCSR9LqWvht7r$=FEB0$!cvo<JBr2z{CZwu2VqdhcKzv^d;mWD}x)!#;Ud<q5p
zpYoDAD86e?Tx;2Ri7Ph_F$c@!Q(!$)-q~2c_DoIwWRQy7N%m?)A*|8C1$Ok&+~jx5
zKeD*BH0)63w4UD!<(yy&k9n+>F;*HxeEq3WOnt3SMUt$j#shxKESNU2U#?ILT&H)h
zqQKVwSH?0|l))B)`Cl-YZ*hm-t{tQ)m6_SBrCt#(cxBxxm<s}|wEz-N>cl<erFQM^
z*u4F6!;DH&P^{eW&w|d*Yl7Qd4G*S1SSO}l>>@!SnPdwCL5R!gLwuv$X|NpuIjX@@
zDKih|pW8+=1AHbTJLbT`!unovw90`H%wl-#(H(|(%(^*$(iS!$eaGm$w#DXWZG};7
zlZ>^beQv`YqJn1iwq$d}MSt5b9yYF7q{Pgs=24~E>O>FG^v%O`9b_XPHZub9>rzJ~
z@A@W7!_Lz2hXsmo<#@pAD`dZji7VChEUns#(OUqN)UpsSky(3Add{xDrQG(_M{%?J
z`}PE_`I1nK)eii=JA{d;0!)kQJEE~E2rAYO5JQ8S9ixw%-&_pO`}=ze`XM1Iu#58r
zP;~I|(?N)iiTo4@bjhwOD>V}P-I;Q|W{Orrab1nPs&Lw*H!f8S6qvP51esE9cODP`
zA>1Y9INjTpgj;1N4H4IFdPe)LCCs8>s>f^$EfTX4&LmuL8e+(ge}0iOrHrL497^3~
zFm6TG758KjqwWuEP&aHyti)#hX77qZu6u3MLIXx3K?DO|XoUA}RE^QrSWr5q!N`!W
ziHVng*x4ZP5=IL`v+jSE33t(E-vCNlTBlrTE5GkPnem#9BcveD&qJ6YsSkJ^(JPrC
z|D<O8+$d0%$|C+jM4z#v-+PNspXS;mpS>nu3gp?gaQ=@>_r)duVE(W7HuDQXOXW>X
zZ*E9EU+mH2JRMD(rxT1!p&``|>q4&6*5(WqqJ%eH?iXilIRqF?5G2~GM6EOQq?9hd
zQt01iAyH!GYF8gc)P7x=nwHcN8f^S;jNpB!L>%*X-0+d&DQ-4Ry%%BjI>ef!Mq8jK
zNChx+%GbUdD(Iq74kqXSdj!7!Zw>N4bFsLj{qVnrlnKlnD3*os61}DV@!{_qeJ+3f
zA3C84ELT##@t@VC=Vuv4*#2*=pOjR<W67hT+h)qT^QSrzM*+y%FL~xjwb>D~giyNV
zvDxSbGs&-C?Oq&j9>T#R;0><zf!D5GtCD|6z98|$05D?z_$sEr4@m0J`jQ_cZkCdI
zb3O!pcQLi)wiqg<nRsjOL+e&Rev;7m_v<?UeVyg19DKb^%0=aGW%VWR&@)9z`QgJu
zi*F@keoi4}d|m&MH~;nfA7ye@XPpo;>2zAswez20^BrLMzPdjEi7Xu2kSpna{sk<l
zN-&8T)7lUa_kXIA+gpowGCp#_j*`<sxQ4pAIquYIS$KL&Pp>Z<pSNg~QcJ5VR71ea
zGB!w=m|j}Dw?QhWR`&<IC&9IY%1*$A#bx|m9-4!L;cgA}Bd9G#P*Qv5hlv@BXXZG-
zroWF}K6njpsv|k}M&>LX)SF8ef^{Ytlv$0o0#C;YeKZ==i{>Dbo7o$bzdqg~yYg99
ztHHA}J!+;qeJY{Ww1u*!bYm!X3ko@Li^JG!w2yA3)fekvHWn4r5_esd!>=Q^zm8uZ
zD?>x+778V^y}1eV-&u(EET1NkGr;iHGg+5*Hw<Ms7jAF$@oqH&=7+Q{la@jDtEaHS
zI&JV<X+JYwz@V~Ic42PedC2wCMLcy+odCb5hGw!qtG7r|?F$>ts+17RaQ<t7{yE$k
z5V5EDHhNS_>QIwND1glm7Remb4hosG<Xx3gD%)LZ(8N09jt);T2Er<V?2)Cqgv`jQ
zXWR9y)Rf__SYxpnm@602?r7UAOgxc>%(iZ<n<Af!ZdwV%1qiL0=ky&)ajq~H!8*^z
zs{fmOfxO!5p+9}j<+L@-7nkUS%yc*CDNO8WUzsC~XL1WPCm39#uo6*-%S+73K%ci2
zd7~Twc01{tM&LkRF99g$MW=Z_sIoR%uFD2iRNc=6r+Eu2ubi2>VFnsRlz19_p)N~n
zB8kcg)3Z}eVvnFTvoKaHwy~{j>dX5$X8~-$Z=Q2IK3g4s(X()@m>K^uGc;6i$34y9
zGDWx)h2yhqni=4m(eSwJk@Y4+r=NE`v};E>9gpV>SV^$G!1CNTA6coIBI5nTU+0TE
zSOlj>Hgq`1o`E#zAZPwPi=n!n9SK9#y~Y{W&$7>@5<?O<e<Cfn7E^-}K+Ln0MT27b
zUQxM9<Pwzs`?o8#IRd>C8R@JA`RyLhPcjVB7!j`qg_81m8O)vQu*O74FkU}P`%aCJ
za*l5R1|k})<Iv64c()wW(|RXMoUjQ|d6VO}_Uzf?+y44sV4&f^6;{}&xZ-*Q#4axu
z)O?V6v8<B-yu}N?j1GL?59@zM8S`99*$J$o&Yf&>R$~N|;g=OpyyWhg?bZ&%B=~bW
zt3GYgBxo{3ADu#*tRdq)&p(875Yc@uoVopOz^xv2FkGBRWm@|0tzH~~F|p=?l^NQ8
zbzEU+&Ce^snWbmOoZ_K*wAdM_HOBIxOAkHZ6eY9jiTagAnBvO&2jWR$YC{^OThzhH
z$WR$#Pl6I+>ZD9E=7009W>bfnde`ogw-Dp1RRVhC=;u+a5JgGxQHr%>8V}`s1!5gs
zQ{1rc>I<^xUae4iBIcLR2))Jy&DQqw(-HG#`<wHmnrfW&6qF~o#_|l%niiqBkkd7@
zMP{6~@3FBRALzHNM3Z^ZD{4M2N0OW7=p{!s+2VTp^}Uz#B8qg@50m@V9D)TJw$wdV
zYp*l*=Q;w>6>er>P37x7L7@dvz#;C~H8A;#+?VL=koXzk>vrWKuKSKMk9w$hjA?Yd
zc~z05dp`2U&A8wyWaFVW<xNtd-pXq#-|Ym2(hh-l9GpZ~2oH=iYpcqPGpBs1^mCF!
z9ILEJ6&aK3veG5l{fL>|55&R5MSd=E34HgJ>M-P6_|W>&wH>UiUkno-@X=r8JEbNG
zIqyZ4XARlJ_BNlZp}o%&)GQ^4x6f%{c<S^ys#yyLL!KXXoJf0`%uQQFPu5r&a~-4N
z4=a~NU0NgAj)@$ii)goCYtkiq>UWb9Ty@E=y%|7%nRcAvXnkkeS+=8a+A6}hO^?Mz
zLFPLrG2*vD(kM3r7l7S>G!A)feMS&C!$7=jcV-OFhTUVGf=nTORzwGhG2v)6QSkZq
zp8kW#jb(?{ujF}--O^dWopOX;_CQw1<>yiBmv*{GdCbD8SWCUjw^>_~WjlsR!mI>B
zV_0K3hqHgEgmx<{A|Mj9ohbMqH2wvM=fQ5;LBdzvqm&H5W}h!g=;1|vy9l?559}bp
z?j~Fjmjsd5KT78n5`~L$IztKuP0<CNe|>PE&r`STcLvZTuw0x<US1+ii_}EhLUAiP
z6X@}TdbZ3h0J6i5+(<vsg*dbiUrr8jHruIhYPxkt@YdboDOVag?)P9{*3@R}&FP7M
z5<H?ANoN4<Fh)Cqxb`xnXP6?H-e6;87G*m;svc5t9IYwpWgrr#8AkP5njwf8$eg&Z
zI<0rc)#pS3RLduOl4SooKdfv-_+(X}q>ad2Gp6_W*md3mk9km^Z+v);e1`SbsP=?w
zBb9Gt;O^v|RT5HNUIR0RMD(`ZAk-@rMfWuUaStH93oLsAh3mQa<<A+9ImezAV?#??
z+M3Okvh=J5XY^>0KVumdHgStaw;zr;&SEcVQy^0_2YMNWK51)^BLEjhAoOMPKGWD2
zq@_&kLKomirI4D6rPLd_Rx=r&=bUCs<TFd3w5%v1raB@1Ha~L5ZUhiGuM7lLcK~4-
z<t{>if`#^!hU5oC%)P9<$;a_xTYw~gQJ5Ib&5V8<+-)=hwI%S-6!%p39FUQx%1{=@
z+)?BuKSo?9wp^tQGZf13<k@~^{roE*DCQ@DGw>_Ob&b+Jpijj#mmer8{dDE$d2S{$
zxb<?=T5WamdqnOtPNa=4Y#%WH!Qw-0gy<cT9k0RZ_+i~NDn@Oiteb)gkmFQj-6^AK
z8ufOW=Sy8AR{bKaALW(2_Lm*wQ}E1XOeV#b>{~7U!fzS5QL`J!>pvWLT0!99l$h7M
zZZcKqRtO0+yf9VW1JiYd&I&(-qXJ)ko{;6+G;|}i8oUSmxT_g3fKXPg=2q664f)vX
z_9nne(9}Mw3<fBB6%7A^a$WB{XY#)uOPwv}^$t<AlrZv%3;n34`{xX0@mSfaYb#5Q
z`h5O~+WaiswUjp)<ZGVU&<pVhzNi8<fQ&mepX{Ea&;8YG)#y|U5VGX&^iit3K072w
zK=L)MQwkhQSa6_^e`&P|pCNBJTiv{J3hXZg3p-C{!Gs)@=TFN^I7(|>wnF|*SPtFN
z%jaB;_DD7g|69*Me2EeLakWS_)4)v|z#ID)vbg%<fw1V=T6@H}n=HkW^biNDx!)N{
z*FH_u4WS-ou)O4dB`sRI-_?Rxa1b@?j9j;Par=9~!0TBELMciRwb#c>8j{MvkUg|L
z?Dm!4=!wJq&4P~87kD*yXHE)d(2FO_#|gay!x}F+-6HLky>J1v|7H-gZ;>}Hsl8NY
zseG?)wvW&U5j%s8GqX^=$q|g)-*R;2SGrycd&%JL(SZutWFd2VmPb1FRXJiT>+r`q
zU|m4Q4O}cMTDy)@b*7<%iKLEW+PWI+rkD*MfIwHY56#$Bz8r7S3tE4D>NL*_3Oa)G
zL{Mt*rt#l^cG2x`v*zhsuo)Bc^46b$T~pDY63mAD?VhH(mc&ncAMxYQ@9&Y&${clr
z1@P{Ne`?Zvl9$ro4|XV9UK)z+^<4#UT8#VdS@WXP<NVK6muMc&xi-+H3Xc)IV+0LR
zzj$gq-|F)It7hmSEsN}keG7)>79L2uX7s5Y-FC>lC<T6<sG)tO9bMk&DC*UMv}L=~
zq4e&EyfxcOQwu!q`d&2tq8y>h9cCqx{M$`U(bfIVP;j=;>%~~vm%1sN0l-F_tEW+V
zHpRGX99!C-td=4D`Ucey8-2ZZJHbf{RL8AcltYzkHhHDg3iH6p_*oXwpp*&03HFwq
z(a>LhB4X&-%+JoHH}#(w4Wk>D=!*^Ph|OW1-XEaBsN0Z7jssXIMA<0vy5x{MEQH#)
z6;BzWgZ5^WMrir1#7_fM`}r0}G_vuUUPhde1igLSL?Hs)kHyA0Tc&uPs<Bv~0>0@~
z9`zMr<5u!gPh5U^4ji_^xij8y(&)5%QKC=aKo_~Cz=lv-xZurCnC~A|8Ca9MS6NR8
z7laGRm)?{{fuirE9(>NoH(uJPJwB8dXLz9Jx01VFb>T`U4se;qspGggiyjDju#dM!
zc(+fzimTrQD+?Mp+9G`iyMBY=qV7^VkILnS8HUcP8*nTLWDT|KvX-!j`HUU$4hQqF
zBy9)9n&WI8j?RTIpHIdcaWeZ90&8KMSbeg-ji5jz>QqgpvY4>iC{FEskh_dUs!=}m
zJjIgl#sFBoTB+>0NPKy9D&dA?VYF~N)0;@blQM1~GJScIO%q`^Ex2%*rDt^!>CO{P
zSvi!}lAG%;Vj;$^h&Ciw^fRQFDhT<C$QbWcWuOp<+Mi#JZOG}G_vKw}2Dz#WNF&0-
zFN!WR2V;<zf$eMe%ZJ1wUSb*R(m*;5ZVO-+kW{{9$RdD*-;NwA)^rI*yx^!)?Ce;P
z{X)@QW5aWEf>;H|`eJ-9lPbnJI;HhizsC-uoWdD?Ay98bw!Y9+d5G~<uM=OpZS$lG
z1v-{^vAI2}S3>@hp=+zqUw4B@H1R#5e#kRS|KX!jQazY9u-V2xKZHGY=tuzO<Reb+
zG9v+{v~KgE7mKUqYARJ3s>O&OXLnR&xZNK}r=(+z24L7mtDRZM@&S&Xu>6N%XZpD-
zrqVnT9hhH_F5~8mrkI{=&h9fMUI`s}_~YC=Vhd4p$1C7V;7*Nl5v_k+ACJFjomI|q
z_r#Z7@?)+0HX+wD^snt$_ywpYk1)LvX0MQu3D|R=i%=q{-f$L`B4Qa7p0w&$63En?
z29g5+hsAL0BUTvaU}*b&0q#~u4{ad1zMNuFYv#p|QHUwl24lqV&PDl)c49L^=3+)8
zT^}VrLQlQi3tr9_RD98Ppm@yTcq@aA=!hc<h0r|K7V;T4XeV$#`(w=dgTcDUi!q@m
z|Gf6%r+i4m&sl7`lY3zDFWvFAI5p;>_C+%mrP@(6L?MR4q%K!Z-5#GZ+7W_m43IVc
zvsv%YwX-d%e<IW$dE1+EoCwEvbsh;K6gxq6=K_@VIl<tSf$+VEM!fv~j5+jt90S@9
z5h1a7!^xu@qh;X3V$;Gs#1ffl{b^oIp1Z(yD_<_W7LtL`DWZIhFt9p|Yl7Z5QK36B
zN14d6*wnnY#aP72wo~?}V9pkre`9r1l%R30YRDzmCWD2^u^*Gx$yi-Bp>%y(T!_PP
zhhLC66KPT)sZd*Gwu)bzO1N=mEaYfqq%IoT7?I2ZI)cT8g_#)#gg?yo-=sZpBMW<{
zM^YP(oTBjx(FiU5RpH#1rKXc=J<8^m2=u6!moz6!8gmia=GHs1r^j5tg=PyN|I89U
z?QUrblr!d7{RPJFno6FJTKh{Abtm~Zw)Z=6Le!F7X`Ew2_*vrLer-*XQ{7bN>i><$
zfMThF&Q;THn({P1WRpv(V%E~J9T9Qyo*>|!7z`GKgID@Y-_AADhe=lQSKF>wlX$Pl
zzBVkjE`vY1!nnuYdwfHOaSAS(R2>Gd2{2l5*LQs}^}4lH%f8%L4biT=P20c}x^3Lt
zM{t9j8*&BKvgQiE&UrF6Px<@XIs}M!JS(bFp5WeZ9{k2@;;)EjvZDR_x9=dm;!k}(
znI%l`^<V8aoM+Zw1p&V{pWZ500ou66u~gO)EcFm3?0gyivATz-qh8Jdm5UEbO!ck7
z<2U=|ZGwV3cUdvRg*}&^MrY^k^3lIJ8I9yzb04RnI1>WSYQHAG?I*o77FgDF=T6`1
zJ2I9Mw;0ZMk7jyj(Pb}YMO4e9;7p?JmgZOYQO{~KKC|DAo-CyiCSGxgj4h+Y=L$wG
z!B$!G#_OpbEfE-NB>MtlijA>39dRd*Gx+00NT|=(401G~Ttx0KYgnSY1bnzLp-=b`
zcVmK5Rx?}T|6<!Uw7$9yV7niQh(yzTE-B@ILxssB*V9x)i<>#o^xhMAe#{QRJxBo^
zqKfUhA~id2@C*E|a{BN%Gv+*FhW!}bV@@AmSie70Yv`b`dSB!W($_oF&$3wmi2(d_
z_{Q~+@NHh>E|<q{s)x16A7CRtK4`76C>_gl5!Zy#Y@2UjY6$?=EhhI=%c{meKj-WS
zR!Fm>-bTFZP20D9VuRGf_PGj)X7N|ey^3N0Q)Q)X9c}#-0?oJ|pQQqBYBtT?$+K`E
zd!^1*{SFnKhRw5^5ZQj*`B34HCCUl_V>vF#`7l0Lo_Tz^QfaYpu=Mz7!$M4Y*_XXH
zN`8J6E!if6R{)TB7uUYrOz!e{7qIxs$a*xww`2{@pR*GEwXZKpxY_0E>W*iH<1}BL
zW!x$IvYj~k&aIinTB7^4;RJyeZgoYuQ~7}<oa|Qks@$D1m{Qb>*Zb^mbCY$=!8Pj^
z@y!Lz-7TkySz)!7%IQ>iQ2)!1t<8DSB0WgGAbCFhEs$$odB+A!C>>*z=_(_xCyuQ=
zTtr+pVDn2ta}D(e_LT|p)?S3!WQ9`y+;Q-yP2t?p>MSZ`eo_rL8%NS99p96ky5N0V
zId<#F;j1{uI`yi$p+!i^7*XlYo#cMb0`^RZ<2*pmI*CINX1am=bpLX${c>iBml(f3
z8z|HU@;e6)Du9;ofd$x1`Q~#j8qc?{Di6TL!O~#x`>?sJy#}j`Dnd@{M)xruI6$4)
zcWlYv>ZXUMKD137xmi~#$aC+iqnj5#MVyoC_mgD#qSXq!R|d0S<!#L)Me!{+g4erH
z6y+7Am#c5gO*W!O1ryI3s%?iH1;oy#+TcLok7(=8>(6RkYkQ5bWf|FhXdQ=x?*%2|
zU)y2dR$Ob{0f2iG)^4HG6X+o!nL3VUc*)*X^fY6`0yZ5&=ojr3kMf|oGBmeE9nWcf
zmy%SK7Dqz#XXV7(q5PwQ!>&vmr2idLggs+c!%2YGepf+~YHs<=l^_x0YG|{1pk(2&
zn)99^vyR8mmsbj5@2YnR@4gr<eaHAlHVnm9zg-O<!_Zcdk0U|_yM;e5RAaQ0_5Gf_
zKiD<vC!ts4I9FMmch<cie`Zi%H7F_D$P?ABpC11YxIA>$JCMyq<n>qZnr;_a3w#`U
z17wXh>o*BiG}qo6{-johl>nSmK4;`?POWFBB#WHClYN<7_gz*^%7!zt$u^yDlnvor
z0>@6=`?!qv<ru-mbH~cy;A^()smL>vE_+9mx!{tu_xPe|t)Z<nSi&Ny-IY*|rLDho
zcpW;v457VtO^~6jCWN^q&bNLT<)Cy|vVy+&ouschgqw8fNZ0t&01xIk!$z<YiI*`Q
zng^UZik7BH;`LY4q5WZb-n4~m*{Q3^DPpJG@lgMDQT6NWri%MdgUi}(2tMhe#8*w*
z91KH)L}k&`KzXg%p4!B3bKW9tgYWiR6oE$=R6l(ihyCV+n^`TZlE#=k?*96zoAzO2
z+p&F0ia$zsS(DxY*zu^0^=8q`k@`8}8#)5(Cm<t;QTh))5(VwOwe$6<BX%dC+hAAr
zOEsk>AQD$v93=?`pID5zjqZWhvX){5W`EU+n_V&%<Q`S)w3mNe`G^cDWHrAGlMAs~
zjUTvqBs772IB)c#@m=zK1n-G-^6tID5V&o-rGULKA_hc$SK~F<h~CCpRPk%}xZ-0G
zw7(SV3`7_eK*#Dm%t-iREmW3~@D;zfHYhn!>?THs*$lInEjSK5n1)2`X^?oe`4DO!
ztGbx3zvd#oUv90f+-rQlmMF5+;uwDo^)Pf6TJv8M@jp*7*FR<Hr^o`u)7;qJZJO)r
zMZh(*NEtyl)JL6Lx3_8tjCF0h)q-)mx5$l{#k@A}Tq8#4AbuVd&J5X%+6i0Ye4>Ax
zu&N>J3Oi{o7VaO>rwF!cuFw}J_8~nAF*fyexA}O5ayvD*!W}Q{J<sE?BEI;_`RT57
z%v-uvjiI!$J}<lnTYqL*1_cNrm{WUzG5kn}w(gXueu!P;HqIu=W(Dh+YcHtvZIsmX
z?PhOnn;Q4svu|IMKGV!}f<avC^a}5hNH4^pKiCR7to`p*-q~i&Wdmd9E)?!WdlS&<
zyjXK6;j*ryC_VlCuiDIr6!s-E!@$nId?i>mDA__tC=##r{6CC+c{r5s+qV{kPzh1A
zN(Nbn?4%@FvW#UcLmAsx%D&%dQ3_dRWb9;Q%peBYN!j;d>{POjea-&f>id1)=l8tN
z@gDE>hvRT?&)nB_U-xyM=jZ&KpL0uA*M+*zW$OU^CS5>n&1fjCufpvr1(Lk?h0C0Z
zt9iO7J@L4))!48OCEa@nK-nl|k1MIiC4a=;XVD@H)%=Bj&9j3XyHn#Ue1ckX<I8l5
zdmAm~ldMB!yv397n{OlzBr?4Qp-tNWO08$m$YSiAc43INg<0Lytk;`v;-)!uZzYSZ
zryST6Xy4kMQ#Y^Nb~2&YE7_ITJ}^n%=h{Xt_Yv27W`j|ap~s!hEVq-HJi78n7uKya
zYxg9rUuNGQ*3SyqtadNmqj4;DE^L`qnxagZZfDC1j%&|vtg~{gW5p^$1AUc^v`D!v
zGe)x|T7;gS)trOOgl-}l8+fMULax0`J22H2-&gg>OY-7c6>s%6p~g14)S{z&+e)xH
zt13`T>)Mg&LD@BhZi&qHNVaX@fkZlRt7XBkV8dd>1-KPSfl5!o$6%V$Z%4h@-B{hK
zcp0m8XJyQpT*OiWC{tAAf-SgRp}Vc9wUu}8SmR&5UMU?pNI1wCGv0*a>U&QDo2zqj
zWU|NXRNH1Ho5#LziGVk%7ZD@Ts-wP-Us-`?PFN4_u_gp0#M+~&c@qT%>*zQ9CLk=H
zIzE(d^$e$-gnj7Ho~nBfh&X;p?+txU>oZ(!+)Z*WK5K2rB?%?H{@vYjCt|I%t4ws!
zV&vhX+l|%lZaGpy*tD*INPD0qV{<y$kGJ<t%6`ZS@9)<)3#MeujSj4mR@xOz6f6!3
z4Ka$D&SUUA*n!7Oh2FfWH3Z6h^mtOw>MINXHP*r3YOL{U+uBKik;Tr&AGk7hX8SSs
zh)%;9_Yk|Js&|_~fj=FuRdx8^V|Cun)CN8oY!dv{cKoiP>eHDAeeVHkx1r~@ZHKeX
zMdVW}n26%l*2UF&9eb#E9&dR&naVLQ+$V?5YK`io(h4D}<QJG<Hk5bS0o+R#(mxt}
z=YA|Ye7WE4M?vMUWdo>5RqA?SKFfIf_F#$o#ywL~vv2sQTL;9c?^Xb{1faN8%S$gk
zdAzo(G@Z*;=l-*+ZylIIN8)F%W;Jzn^(kcFnX7wC+V@DKzBZYA$tE5lCV|iJ$tK_F
z_}~va+(_T!A$xnH^5(Y&eG!3+9_8ef$NWh+x9W9Mr{4{Na7<^y;FAfnsa@<Ab*znH
zrbF~=7ytUwMJ-Zgbrt)%{ribwld{2xGm0N~<|2}3$@){fPk?6@-ZcZEY>^dC^L5ni
z{J3&fScjcT2>nWri!dcRn^IB4Iz5<zDOV~`|9UB4z1q2_uY)ID=U`}lcf?F@D$rb7
zaVf-eWG0}>8@ZR;u0Rak7@8XPuL|#x4lKVTQx#bI$XsGFZ7i>E!lW<LW4`M5$Nl`}
z@K=GE+^uCSfxzc|0by(uAtqwJOG5C$dQWwA`cAT7m-KD;49|x(6HdD&rIcc&n1#|Q
z`%1C3+Y<`A>Abs!h0q`-8Xi5+8Sq{Cp){D{^C?jMQNS$}X7vYwe$jNkHQ{M!a^XTu
zyFzJbK*}1((5B2N`Iu4bTw;YXI0+>?o0^I<?>CH7fPl&5S;0+(tmsbGc)B;c!@NW)
zVF$}xy@zSvTQj9h#jl&J+o843Z3^#ss-nSXv45`HW1F+uq3@)U@0vSOn{mI}W_T*=
z<CL!8m=pIYutqI4H&?quamVp?cCpm5OWpd+?~W*%=MM@-AI=V2Ngkr}o~^fGIN|OG
zBD+B6-o%9<%A?VGP1(TR&q)#S`{RmRcXl@B$&FE0M@nf(=kN8+4)M2j?%m6p%>@)Q
z4jjL*em_F<>2I#~vw68^w%_K$Y*$7o$dK<Lno95F-KT+D2>y{?S-Q|gNk=p;bT5ZI
zSVtZ`EKvc6`C;Ccrt`L^-7*kc%k7(-CxX}4?tPwOIBnPAF1$T5+^;3~H));Pa_LZR
z2d<9DObjSn3+v<T%^2L!RZ7}fKfhkXbbhUlV^N;@@5k~S2>`RXOVg2HGW*gQ&~c}s
zd7aS#Np;fwuNmwAP|`UG{1M*ydp(H@%zSs=F<lhs+1^`tRXm%F`clu-M}4vW0&>!Z
zBIusf=0a8In@%P!y!!SQ;TDc26i7|kWGpmL{J7nPz~u40Vg!|GWap&Zw{jQPc|_h9
z)WRnm-F)7nMYGU&b?K+$i>j@j{>T%pw#^)6JUZV;8vzaGN|)>s!r>iU0qdKBu5*h%
zlwEo$R{&H?_DffJyxGt>m-i{|?8ooXD$X|N3oh=PWq9lmZ~GRHX2^LE!F|cguHB#R
zH@NacBbHtZJQp*>Rnm_-#Xqzgv+d7*5>kBj_fZ3ia1*8=|C0Uyhn$jKjwYtq(P=l*
zflj9cSP;|X%I%#xsJbbxJULY^EiN#rka$q_O<MkA<?!YqEr90)xJGvAD&zci2OLvB
zzU~uEKQPoT6HPZzUw*4>sIu;G7H>RzyIzYpx8opA3)K2WwyvIw-15lXY_V93t1(?%
z4y1JqJUzG5n;*YG_aS}%jCUs=Bp*|06CwvV4^#uyib_@$3XU6m=j>O11L1SdC8u{z
z3;0)3yldg}J3C1W-qU4s^Vo4a^w{noH<-P1qXcw~DFIG)-|NdbOKr+t%awYuJS&Lh
z1D5P^JPt%_x2GN-{B9___&)!x)l;Gx_Xm~bNB57>IV_Ep+}h+-Oxxt!-@)81>jeN-
za?MVaUj?`2^1=^rvO(GrVD4YCH+31CKPKPVpGP#Mv;V?J`3!YD7`ixN)i_q7zVPhz
zOaVrs<I3&8TDe+mLwxTq&I^sMtBao|Ka-uSTxx3eCL6wW?-OM$_dbn3m{e)6IpSI4
z*jco`d!~Pi8AVHZ^z>~>7?qIsqzouG&$zsE8ur_lxcp^?d)KFM7s~BIM2#qK#`V8A
zR`e~vuF&N`8C8m!vjSh4!1#+_Pe!=Lh&7hU3{LGlZT-yvQr2?zs3mrmxYeuNk(=We
z4_KdbJC4EG`-4-3v6c%G!*d^7BmD?|ksdaId6NcT1Da^Y0$OhGbpov8LckBZnms+$
z#Xoaze||Xkcn0<Onx6BrqIMzm2~Sr=A5jgRJ~h<&D?Vsn4OLlzh;N~!<1e*8?~qeX
z+nTg$pPH9nv})TY(n~I3g|bW%_gr~@nYo73<+=rCCp3;H9yvz!J9ma~1eWial3;6J
z6L^R7apldz+yE5Q+zilnme4yk5(<AtTwnc72bP(M$lsU{OIg0GLRgN+=4ZB+Nr<-X
zF~?@d@>-AR>;<GyIBsno+o|BzF<pGRaGLPzTg*?_gd>tl?@Z#<iF_qepv;noXAOiB
zaKDoKNp(-B-!1U5rb-;DcD2>)-(6Cm&SABJmpx1+8#(R5fCl;2Ex+$^U#>4roP06)
zz_es{q`eU3X8)#{<vqRZF-cKT$4TxF4;T{>d$|w3&xD(dz)Q4vb~r1okfYUsNx$}+
zOP=_u)1Nv0X#Sq$Yl7F3JK`c|-!)GmkPIRx78s&<uqmgSKpOImWTdd@8LGEkrjCBw
z-Iz=kF1Y@D{|4}_=fdU)>v0F4$m;9wY{#w`Z(e$~8=wmw9v*<S(hb)J^Xr#>9j`z0
zc+AU0TGGX&uFV5+W+yP)YV!#=FJ;?9l`w4GZw78sNA`gAdC`Xj_2bfcQxb~$<jsUY
zmP7=ZZrhg|2p?HX*=(^QTfbd(w0>95I-Iw6EXmib7O+}%te+ppTRJ_e6(1{RD%N~x
z+#=V03@w*5e=p|<`xQ#yozotbo-twC0IN$sYs@f0)bzD2m}PdC#5Ikfpp7|E*4;^y
zB@kWg4~gE0edmSD;ipEa2RcS`I2xjpxm;s*FtS)b|1KM226S`kc>TiK`bG9yBNP=Y
zw~5*YpmBDNq@6S1jx;>TFU0ge8Ww^6<^>B5X{PT)&k8Mw(zvTnI{l>=&GdhId`Pe&
zxr`}>Uy$ie0xRrNQ9pRIuZp%^;qQ#(0K=iD<(~6;n+qV$e~*=qk1reK8*LzBXh`xP
zYYO~Okl(bCXOw2DO64xca|J^V_1}UHwZG&8p<q$osn=lck|yXYXff<e|B8nlUIelU
z{zLWcKWiAlm*(FwsM+0~Bu5>#qM3eI(Oy@{@>Q$h$Mq!dpRX4#fd6C8`qwH^Da3>_
zuf<$m1;F=)fIt(kG@x~~b0wM}auXyjx!diBieBfD^K1<~Rrueg3Rcx$I-KGaV_MQ>
z>=BSI^>_S#-{8srG<d*2CK>#ce`-Sie%}A9obx`u@N*qa=jHekv6zU9O3qmzKV>FH
zN3p9aU`NvRm%7(Ya0zo?_+3j~-C38(TsTGJ?yS_GJkC;-_<wl|z+ZRa&>`UAWqkyG
z`4!Nya1Xq0+{?}S<VdP;5yg+E7PR4AColcIGw|o&zmtGB)jp#yvZ|vCKQG;`UH6ii
z+!`-Y^ynL-*Wm_ArP{|>!g>RMo`qi2h}fUY&qzu)X-q7rHxzg+S_m8G1Ip*6oqJ|`
zbBdgXqz;*DM&=%9h@jy7cXa$=1?jW{9BK^PaYgTKHd6D3>Mm9SjohOyQzj+z@F)pw
zwt8FC-Tun0QT74D{qVu*h(o3qh!kKS@vB22BN|PVr8|NhNgU~BZdwOt*xqDlN|CSQ
zZ_T<2yR;|DU=;&^GDb#5N%!f8(neUZ$1gcVEF9^HU{EtVdFcO`-^-!PDIWIE*{?or
zOD)Pu{)93lCT*}g?e6<~;j=Uz00m~dm_Nm&r}CXM4Wb1mjEn`oaTo9BzG3sgHyUZ1
z-px!mF0=`+kKjSk<K(Y*T<c(#9!?!7v?X7=1bzchmT1UqXzqSciS=(dQ!a(hhIxz%
zS3j)Bh7M=v5`@h4Jjw&lSX4IKJ`T<fX4jMn_L0Wd@FJWKJa7qExCK#|pZ&Q(mn-J=
z-%82Uk;Wk*^hDWJOo6PR$N&#RTyFZTc;-abR~NB-|J-OzVIgVSDG!t-niG`{U|oRy
z&UMO1@AQ)7X=uqp`65_Vd2#!(7Fz{Y92q7zDZ2XJCwNj%QF_-mT(7RvY^eS2LXYNJ
z=4-K#Dx1o7@vh$pHp4JDS?tDk+3tkn7Cb6kMD@4W15#qudhh#9EM^20JQ*xETr8YL
z_oAS`)0yV2w{ycJwO+g_BvCgm-UB4*r~7jh>YT|K;?SHyA|GnhPZfJ&*kgy++)k%j
zEABlOUTEXc0nkk$s%ubsoyR{pcWw)L1#EcQzN9S#R}dsY=BYt$JPk3pZU=ifH`x%K
zhNSrO#k;ZZJ@pL_GYZ%90Q0+=Ved<BZ_(=6Tf(EG4co$GUABhLPGq4088W`GNSuGA
zb{E{rs$dDZlw<!X-8Xndb>PCOPI++~lRheBEGHGGfu^iib{k22!r}F1a6VcI3>#&6
zZ)EwW&!7I9EnujE%ykuHx^hg&^E=;NIi^Yv<7@*s=iZBRfH^U<33-CIaQ2FTQnR13
zS(DG8S&5A2F3<EMsVd+$^W#)Ohh9r`wwA~36h+T)NQ}0;)4L>2s}(Isdsy#<?+@FO
z6$W^UZ7M}uwyV|r{3Rkj?>or2o$Sgtpz6%7W5;ibe{Fv<HRhd%G0b#GmVUa@i?!9t
zUC#TnFFRSTJxHKxo@~}=A^ec%m*YiM&8BN0)rh@OgbJh&U_*>}YtjtM#2=Nw<$UZ(
za@HxV=fsBljgMALz+pcVFo~It#J6^7PZmeNR@-80I657p?+H{EK$f^anw03--@V)2
zt{gGaY~yK2QosKa0|S|3)-d(XK7#51Q<13YWfhUa+@Fd5ndn~o_?_r{zA1qYr3E%W
zb7GcE%ezFt=;Lr$<0cp>l&<EvkxGiYd5(3WNe=n5&#MC5NAm)$4%S)kNt7-X_qQE!
zt`O^V9D7bn9d5OI>0sPnNqLB<A61xaukEQ=!5&G>&V+U6D&)yZ{Mi<=q+b<!>;k?A
zFz7e704*;h{%f1dXU2&vZ|eO|<-Lry4w`&tfPCK{FF1!Ur^Y`&{xGSg=Oe)&llJIC
z=%7gyuE*{Zq)sTsBHeO=VEIH)rX^y*SSA<i0XK=tF%dheAN7+U$XmXF*~BtQxt$yQ
zWo29#U=#n!X8)}k=CZC>GdHB-b#153*(r?N_~jNX?mX4r;`FqgX6h`Ne~k>Ac{6f>
z1~9*$BYo`s=ceFEnz+TMg(ulQ!t=G`ggmk95?Y&34BKao-U`@4S%twlLg}AE_vyxH
zbjg4u62mrFVYFqINoZw}I%aHi9T92F{L4kE?L*^aMf&<(B$oE1%ZAJRVA0{ZCPyb3
zYMqILeP+*gAn6Y@YqWO~%t|~hw*UzGS9^h=@b$09Kg@X;*L69Z!GWHVF+nGQ8iqG>
z(@z{U-JlZ7)Y0+Usr(<BR8iFs@-t}W+@O9ijwOH__Ojn0jL9H+Ay-7(<gr9>_E}<U
zE=xt0P)q)31EXq!n-Bt)K71Q7|1kAgzv=nCdtAryG^BA$^fxD#CwpZOK)No68I8A6
zO<WG|_?lw^i)<n%DiSd}ve|>5<<$@-hmSHSqG=6*#_h)T7iG=Sw=O)Xdmp;b-i$a~
zRCcFkZlJKprVaZ}5s%Z1e>COiTs|*Veo>IE|0q`f(yPZu_3g7ggRc6-vNbZy=Rq)Q
z%83p3;vy}~(brlG)EI%%eL>IbW<yz{9(NyamQLhUq7$=jQ=xYB<NjK_m^{3JXPS{d
z#8W>s9HRQ%a=tlsR}$^y`AmJenfr~Y98pyMrxW%fbI(h`K78{PA7bQDo~C-E1#;aG
z(});-FoZ^JhsDrjZjxri>hbiPsiX+B-+fHN!M_bszCpoLp}?aN=2{zCz$L)y#QZAg
zK!F}o7g9(+zIxW6{&u-f&DoN8;svC1nGLMIKzssYO^2Ne>y_*~w3yaSXFv;j=|ia!
z`5wASq6m)>LGbDhG1`esztXpWWt&O6K9cq+aWikdq#eW~zl>!N>Pz2cg#F4op1XOL
zypYLx=QUs_E}HC1={*;W)xG{chDbOmQKb*vAJo5$%{jS0h;BKPmr1$A1vfUx4*AI~
z_t}E$ME((;Hw@~P0p2c`Ebpc=2Jts-Un07N9!XVQ!K&T*17h&V;dK53#Q<$G$3oPg
zi2k!?P+h6UVXps^=M#sOUrm6gu;5Xc-77?jKK`O($J2(NPqCPmJW&<)ym$?=PIR`@
z`<w#hpl`p}?F{<mDJS7JHllmi*x%|E8M!r168vn_T#_|W#8GiItxsX7mDs7spFQO_
z0h2GG0Z8$H+nI9)Y2~aqk+MWIMcFf3%2dv(o^xJPf8yhd4ewWKakW5FFNfgRD<g_A
z6?~1(=~@)}w`-gDW$0#h71O(4xURmw5mm|E4LDW?<G+qku{M3V=Ch-f<-TjvR`hx0
z9#oDK*2nC8=Bo~cg@tQ(Lk1)ZC7g$E$uXao(v+}mKWUEz-I!Fq;U{&>z8eF!FjG_1
z0Ti06$r}tIT_9Hg=4EH6A2f+-8N-1q+c}I<_Howq4?|S=$vS$zcfxsXM}qfb#WAG;
z5<b*?y@*)$vZ${VcGyeIR$oei-av2dpr&W|r!Y$=F$oJ3J+7h+<MEbvAAcjm+o`r9
z#zUxFqqF3<mhjga-HZ$dX?5iryA#doNjl*Wnj@fl-T4F5zxmOAX^t~g*l}^R5+Wo-
zl7m)*Jnp&bmoxVsjn{{Jo@$YoTv<6nGyMwW{>xTV@J>M+8UD_o5p_sf)Kd0SX@jJq
zQo-p<o@aaV6cDq`dJSQjA=D)C{x&f?i{lD=HIXQC?P(m7=+G-OMM<TK#OqseV&p0K
zL4zeW8CVh-`sn&1($>zzoEq>0D`6Xf(@Dt<2?==@)bo~0g5<sYNG=HKF>4_GM+su^
z2({c;1sTP022^l%zYTipsWSaXE@auf+Z3EEn{^~=E<*<_9~k)}Rbnlpbu)g3Xk=!U
zXYlSY-3RS+LTA^L;{bh)A>@I6phhAMx&fHW8gak-WMEbo)@GcGv31aiuez*h+5C7#
zbLG8_w`R&|Nrn^POPM+!A4rH!v^oA@Zx01Z7x^4wMK%wsZXh6d79v+{Vpbcn6e4h=
zxC(weGxPq|n=5s4&~GyE_#`5UQMwLR=$si_`H-nl5OzwTx!0YmFg8a6##gWnyz^XW
zbDrE9H1n#yvxP#H23MTPo8M{4W8f*t@c99)Cj3~jWX@e`Hucn!@EZL3^Jga<?l~{%
z;%iN_P_?r_-rZUq5esFo(25uT#^d(hr?ukG8B(mNWH{Lnk}#74%F)<^B`87H!4oQa
z?IX{|ph{|3(&bvbE)x^l6gXp1jyJnLicUh$M))~cH{b~#Lp-#3W}F4NlY07QsnNs7
zWoNY7^@>-};$o6CQvxXo>ANKHEDAc?1oODfHpJ5d*}U%Hrr@nJ?cGy+0EtChLJt;I
zxx%8kPRjP4)iJO^M&U=W=9%#9GhSGk2)B7g=XO$AS!4SfR$h7FTo)&LCIeEz!OoNT
z$9borAs(vtNW!$x5HzmmeQ@#;_XF?%Itwp{*yMk-Niu9EHd)h$89JC-n&as7@?YxS
zHor&vxd=OqbTi<-YInAM>n_4$LnHG&QZ>X-yEC^DrL2%%!E8lrK#gAcK#61PVbUzT
zHpLDn@BIY&P7RfN<;fW+fd=Dn<-qf|AbPe{r^B={uS38il;%<oYw^@)RjsL>)NJzd
zc*DH=T)$YrN)!KJiA#!F#D$sm-e}FvkIEVN3}}-jj@T_!{xTA%y7Mv#e&_l-(t!EX
z-`*cOC!YOuxr#&<<E8zMT#^_Obo1XR*s_N(0dpz#qa7VR$zj7b)-rqJ>sm}ArlhST
z*I$_47gB9@T++^ohItk|dgaYMc=2EXvJraf1*b)4qKq2}jF_ZBO|*#2`Nb$2l4No@
z%`^nNDx)X#UqbMm(8`fA52oElPURNVvLy^v5k)g?jNPeBo4@$=eIORlBZ-&Gioden
z)`6UxpbNSE4C0w;Ynz6@$KDSlVYPk)$1i=4jH1$orax^iC=?Y^f4m*8F_8V`RcgG%
zz}gXXwm5?843pstXA##*l^^7v;nLRF)50CEl3kAK=T&Xv!SHJMLKc^@{<y=&+<<e0
zfw8gO!FmTsRKC}}v8jF-|MSrQ8(>PB6s%}yl?Mu>X)VVq!)%c1F&=@Qs~&vu8e(mO
zK3Y>-=sdmqzWFZK`C&OXD(~bxlG=(R5a!n2DJH*Nxx0mLOk$V#9s7wOq@e`YHQtdF
zv&M1H6V&@|_|Z#93YJ{?;8QmVig>M*b{+LqD^SZc0_<%272|_?uu#<P?T=v4qoJNU
zTRh}kc+7Zps>93e&yD~Q&$A&QG<_j@l~j7@3e^UtMvG?_lr0S^2I3a+?gDTG46_2`
z)97etWO6U9{n+0H$+?jL!<eRP=3Ovkq+r9o&EFH`lWb(a{5Y+^2zPw5YqaURqO1y#
z*ZO@;ImK{vn<y`r&Z(IE`7N>+f<Ni}xK{|3upmkOD9|4nr#~b-=$v3f69>wy&@yrK
zx9$08>IYpv^zPtQ{-xXN)G6&h=nA-d_3Y?QDd$lA+i23YUPwOe7sb(`88qXAdO`4J
z{(H}_rkHuSA?SqB@bG|O2)O>QGq{xhV)UKCy&rG!2eO4O|4-)X?^2|$AF6=4-<WW#
zwAoL@?XQq$Q9n=p{hP8MWwI8s+9^gVKSLgC{MxC#-!fGefc?F5<*A<Cy#tkvy4Lr5
zsXbu4>7o#<2upuc1>6K=GGa^Pp;ae;GzfLMZc}Wr{SH6&js@L83b|n=8Lu7v2O&`o
zrECNk#w+*WO=?5KJ;$zY>FE|pl`CxYfoDvF2636YO$*Zb(IHO)V0+kPaNoH<Z?;X=
z)f1wH=7w?4{T`dlRU#5@_RmzIjm%=QD(pJs9_O|IjzfZPfc~W6M6AKfPJcHceM6fZ
zU$^9+oJB7-8O)pOjSTHp;tNN_w!vAGL|*7rgBg~p3;^&SZd19ky*7tKb?m+62v|3e
zZg~2;b7$cccZOF=)xtyaKecq=b%TaOpo=fBF@uH$W3`}ELkRJs`XE<h6gqPbAlRLb
zIVqfTQ_r^vvPHcR?{UK~jl<@FVBc2GF`0mb=g0AHf1L}4Jecz+N}d!_b+t%y6*R<$
zd(xVBCILwql||?UP%>*?rz?fQ09v1x(NOfO)axIxg*%VucuqmAu!#51<2W^BCPesD
z5WcHDOfs_`Kk^u(BhrNjlu3|t!y4@c8FGdZIpE=H_{+iYZH>W)Thy?Ip685`<(!U_
zqNFBOeK)X7CE4V<L*a{XA=UIpu}}kJ6XKcQ3A%}<3vWY(P!6rV<cce@N^Bpu*BJKP
zVcU-m52uZW<K~^W?nM?EU;UFM3cC4W{uxZe&;kC!GzzaK2cU_BUnkp|i3aE<K}2Ts
zu!)9z6-irg9*jjU2a6hQfAqyxuV%ZL>!MM)L#?SJb7~$@5Q!vZoqB>9+FKX;f8vph
z^jLx}@)Z&HS($HUVf$w+REq7rMpyIPta9O%7V&7b(e#k?gDw1-2@XnM&n4Msl|>?-
z0oAk<2LHS|G-tY4LSR*wA{aC?GY5}E{L<CFlyw;GcZJ-#+<ojRZ&p)<khFTVkUp0H
z5S7=g^R4|kYNw|>*UkZNAb^-B{*q^(EUUeRhzXs@fuPN&dt<{!daN><Po>@763`a@
zco;kQ?7_YXqJ*61Nne&C2;zW^fb_%jxn?<#Hzd&?C$7pCgy#)sg_dxZJ!biL=hFn;
zDS86}HeUt6a3uG<%%_Bkq0*Z+r}%4FlD*rGV^F$*FCZ)WN40t~jmK9)Zk*PltJm)+
z<G%V(qWQR60UB*p?}e{N_(ATtp)Z@??RB2dE<?WV(?h*GDGUhV4OE_noBQR6pR!c7
zwLPlma&h$h3FE^C8Gnc59XU`sFIB5bd^JG$2VX*9&I<ZsUNyw0t-tihIeiJiO7&jn
zRd;Q?q3$K+2`QsEE=si?=#1B8D6QuT(&;;IO@5-7Km6Hi;p(79Y+VkKv8m9@;h10R
zO<u8g1h~$ymk`80A5mh9Wt>{eE>eFp%OsjkE(IM`&ze~rf7YR+_s^ZE@0>6kP)TqX
z=!}cD+9nq4-&r$ackI3?kPTX2t(5!iXa9K3oed^lsY;n|k<Me9qq2n9tH>9$c4y#5
z23+t-1kkL3G@?gI3>--cvlMLrKuskBHRc7$s*|t75R_>!wl3AQuNt%nu1T?16D8i^
zvwy+p!gneug~1s4p`9P>52E~R&1gV41NNt}!Q>sNcM#s?J}4{hH7qhp(w>6u%}0e6
zHOD0nE+@<V+4G&ce7*6rvckXmrebI5hunt6+-WD=Vn_~#qCvokJLKU-W{bAE!}{I-
z0bmcBjt;D-<8e4PqiP^MP!_7^Vn5D;H2l2vLsNNnCxEmc!96kWwkp4jD+(zyRV!DG
zs0$tS3WbL-8189p?;^Lq%s3n7c<ace`0MS^2bge%D>k*ExGHznJVLP%e!w5N9ke44
zM#{a6B6$_&E>3$<DZ)#S1O62MVs*4WU596tySrH!JBeO83*yAee%+W_JgA^ai5wjz
zUSOt7#*FE9hrzux&V|5khQOF>70z^S37ePo@Ei?lcN(qmS$Nn2!uKRlBGHZx3Q2yS
zz8mJw4s*dVDE9zwKwmFa!M@xQZGUvhZ4eovDSjj?dAm0f(ObFDv({?uwEvS~<4Id?
zUH2=tqers6$#77e(y(%4w{CEE+fu7y%`9nw4ujwJS1DAh%F9ajHGihJgU2^3+{!Z9
znkr+e-l#C#Q}FKG#+B9HkUI!S^2DxfQ&YNAt6UtaO90b=dk%wf_i{3C8-l@v<Z}kY
zqWWWIG<FY&>lUDvqn+vehYpClBkrQ$>fQIsV34Q$rF#c5o}>zaeu@rQwBM7f^sq0J
zXzIa0_I@%zz&;;5nk_y%&n?^5y~$;-`VJOA0>N|7D*mLvg*fz}SBjL<0d{m~SsG^l
z0q1iB5U9+<t7h3#GUMzicdzztu2;{v<e3aC&UfkqV_9THmx*$+!TJY@wv8&5_@KT_
zM0Y7dis}_&QV16XHzPRA+5e;zQkl&Za3yP{9S*C1Hs@hWl2|cZwSuq$F)|ty45oFy
zXvmHZH5flxpG1KjKdKpLLC^&}e@$Nt->zVL<y)qqu~(s#+GCV`b)=^E{xj&uJoo9n
z&9%|0zV*PdD2??;@GAR=DsIX5`DbNcg33z{AmGmp`lm@Rna|_mC2SqOg|YuhvncPV
z{Sle8^Vsv4c?HU#vSfM2f>~rE=+*662QW7<uUk5KozLF6R1O%tq-7#iT<N#zP#Z!!
z`1xrD=<O1nhKlVwk`>CpK-9p*#GXE{RUVuu=wAE;83xLdYbIcq9+ANh9r(4&_;Q2h
z^>y8eH7lsPFW6)SiQ6nr*lr;#ZGVjBNC?cP`x;NVyF-W`(&^n-K~V1OY3VE~wapkc
zORjJBwCDlq2m@_0fS9IgQpbrc$(tU`Wz&zseaB`BA-yMu&^aO0l0I_CbRmS7ZLZ1S
zwcMm#$KE7%g~QH(Db58ft;Q+=RW_~fe@s3vn=c+BftZY3(2Mp^MKFy-3*M(YvoJRp
zd{H{Lc)x-)3VpCJJ~vqb&NrC%fxQTns0UJ9SR<dTpgegnYKf`q&dQKc5{1H1i|-o|
z8?r~_A2UcmTqL}XOU@xz`Ve+au8x%)dl;Y{V*!i^#Laj?PCapbX2dJ^3VGDXvr5Sr
z`N%|PdIo~x3AiU4EXrR#aGDUtud$Q`BLCtKVoeRRkX+6d<y~O)G89GWhvGQ^5sSIW
zTRtz9ykW-1A1|xEv^(_DS!9_)U^Hb%Ltx5%%3w2@(7u0eKcR;(dj~FU+^f7ls3&ZC
z89#6e`~tP5hT{ZAwQSIDN}S_n*U{9i8p$&?ZWEOLJkba<84>pp%UvnGzj8g36NYlL
z2rsNGa3r?28r}7c0*b;7gc)ONg(Ia$EV|8Y!P5rk?SmN>HyJoRvFSn{{OEG=N*|B#
zCEM*x@nC$KYG|2^c45%o_IhDV!<s#EG5`csMlQH>yjH4F_<+?)Fc`6|5N}|1UwwOQ
z&~W1=opnTvQi;}uep~@@hZwBFt(08?8$HH-%RV}K=T?j<5H8Sg{@9lYwxHrW`Ha)t
z(|@TdollXidd}Z8h&fNyTBdL}l!&bi6qqdvsr@PO{scBb09~q5A&W@G<Gj<w1>YDr
zO&R5g_9mq=PH?JcUROG$zOt%SqUWKTDb5ccdeBauEEAs?tQAMWV;vA_Lj-*jc$MC5
zS<(s-C>JsUa}`8|6UdN<`^xA~U^0zp{OJpi+wWsW)9EagX~$+W6nEMXDXO6!A9Y;T
zJ?~{m93eWTwLr^N@!2vTV(-T{O9mGzHeq82=z<|FX?3AJSzfzWL8FPi_~&4tQRdgp
zh4IZm;L~)W(S@-@%S#XN1~AKh{oK1-fSztP=UWX!wU?Zj0t$O$<aKvnR|_lk??S~(
zP8wV-&9SBh&7AL6h(pJJrN@r+q-(@7IHoblIfm#pY4DQ9SQvd+DxWHI-%@`1_%;JA
z3ERkmW9|u(I-&idkOl3bKB%GsCh;Eq)ux?J)aE9>xjBDJizZ#5JC^&^4H$4k>6?84
zzd#d;rL(cKpzQX%d)5nsM~o&_0?}XskB4AHa#CZ$eX}_P>;J*(-C-6^X~DLc>hz=U
zICEtkr~HDs^q=81k)DIs<Zwvr*C7L<YAC*_sfFn@GXA5FA(w-ceGJsqGC|HsKU_cJ
zozpGo=L#Pl9D}M05RgWdqz+EztV~?=dO1?iAHVOq6~|<LK-mj8dkZv<sl9(yk7?YE
zq2FjBO-bx_-5t46*4R<Egua}d)y=2KqlVY>G@BDY{`?Hh<<3x(6FkH0e|N~HF2n{5
zA^QS0N2VfVGz)`%fE*3;azhE5)+Y^}?6e_z0d#h$0DhfS?xCA{DC>F@`DYTtFGqBJ
zg3WJ&WK|@-q<6Zr<|#I|``)v;-6fl?FPKkR4aSks5`kw7nw4TTn&<OWLRqGnC2B|1
zQey8LR?Wy!-z734Y#wVPOzG*c_6x2772L-AE9WWO8?4<l<v9WpT7%WSYYj+YX>G&O
zVXJa8;2CMm@!IUR>1Pg*UjHf#w8r2_RTbY;%zQt&R$+4xn`Tmah_#QF>)+BphQBR0
zZ>jrR910Q9k#uD*Bd(OjTLl*y4?EFqlN}lhR0?f7DE~W{4og}r1y9AfK!T<vlQ~-H
zBl%ualSS%eevHdeCHm3MeHCCF+Rn0OOvlohs!DN3nMj~|ZYF+-6Z=VMaLmzJxiz+1
z%dMHFwYb%?&I;S)%DZn7+e)a`aVZ(NU1)(I2VZVum!+!5TZbSx3KQ2|a*PUR!;dse
z(!MSa1Y=?BpM975fI4usiRZRzz_!wF*<i|~%TJN}0)mAw9z8ce!+A_6KG-Mvy6=%R
z*S7VQ=tDpR-ZI?yu)e^79p>Be!48(npS}Gd$F2wBReB9+$dNs0nk`PsSJ(DY9lAh5
z3g!HHozrh7eD2LLLN!J6!SgLu)ZGAFBqYYx0VWLcM$?Pg%cApB+iMDAT|cTp=|gIH
z^5ScPl)nQFoVOU+KE36e^c_~rZs(rPy>Tty+TqSt@s9+Ks;XlybF2}ev>43;QyUq-
zVT*fDQs&qDp(VpunDbYm!EJgO7?=Z9791bq10P!%X^Ybz69l`uHZ!0#@Ob7VBe4nf
zr6W#i>Mn!ei#E>p{E|SS(idb~REf;3w%1(oTdKe@E8W!s3@wI9M8|d1hJVb$>Q}*a
zOZI?)C7%rRH!JMkP_a|O%adG>=(Dyr7xS|9vmC(8xo0wiO}tO%i@QA>vyY|GUa9rY
zD3Nn>V!a88mwO#^3{!qtuQM<}?lRtFJL{ofXmRPC^(|Poe=y&e)Gk>lc%7%;W|M!S
zw?-VS5}-j1;$~HAmGysb2!#^HznfmU<iBUNEDb(Cjc7u`Pg$>XG_uzgnfCuj@C|f<
zI*Xn}_H=7%5s!xBBY5u|h1YdwK7hK6%6kcwsX`M-TH_&FBLg7;4`k496RQ&NBX$wl
zFRVfJbhQL20A{LBZ&FyMHB0+DPE2bdUNI*<kH6w1eKC3<z-VAdDi~L1yM_HZbZ9?D
zkgP)!!!9fI%-xqzmddFY+7)k+>roXB?!Sey5X5)uL$_OylU@!+TYXXKv8wbRp8g1M
zJ7R}=UC{>({V&uDb86|ov=~4hG_<nvht2`bou9nfnWqW2hfqZN&%y%Y`DdRoJnCJe
ze7N6q8H%HE4?La|lpFkyR*+qOzt-vz^`6UFIt1T@QMptn(@oSnd%ey!Fq%zb`g`(&
zz*VrKMsWhG`@KC)w&zGBq>yaLqY-Za%!8#1omQs_z~A5s><Gqh5+g2wp22l0mVi6T
z_Wwb#(M$TqLl?x-R1qG3D2F5mGG#PV{8wIY%nxNnUA<T42Ht_Y@bJ|mNn_xH7`aR{
zJv`Z#F!evtPo#lAY}NlpKRMJO0$q=xbS`CZS^kbc<j{YAv6DzrGA{Beb*+!ouT}G^
zNW+#LI*5PABZnWBy=v@lFJ>`VWh>AJZsax=H+yHmT>t$C8WPDc+XVV^yLYev@JNW^
zu(jU{d5Z0XpUz2hGjMP!c~T%Z`cTXK{|JtY6$MHJ#kh1|?aR`jE_8=gI$Ibs6B554
zFTuq~3lEjFS`Zr<ZjK+XPF(**FkZ-ARC79MUoYZc7E|##et?o$Vq~I9jkWEtbrMSF
zs>z>!+4E(EQY~hkOaa1L{zV@^Mwe5!ZEvRlC+az#GzF8e2~m=^3!pd!V~xt4Q)Z5P
zOO1Yf;1V}UTya2}J96Z|N7^`K=k{H_4p1H1&QEF=%#{U1-XyKM=#dz8YiEW)HU$y!
z{dnTbc8i(g-LaXEQ1F?#w2fVrA4AZVgc?J;!r*eix%xrbfN)$<*?Kj?S(t&w&S|l7
zGr4NBa&blk*m{#dzT0~i^++#z5>r0T+}kr@dU~n?HQPB=d91Q(kj;X6xTu|_r2F|A
zs-c1d+xmsJd8B0vVIr8emT@+=U+MJ>YDl(O4S{2t+^icSE0E5~SNRhq4GL{{zUY~d
zfpofT`K!6rvZ4ViiB#xq>YC=2qLeGe=L5D*_l^CGC1X*|-ze<{^HC*CG-U;c&ZVAS
z_Z{}W&nCIppRWz~&6WuTTkq-PmG+k-=jr2}c9aXv++tdNSheQ2YTfTu@(y*#c$KQW
z`tHLD%=;}e+{d2V$63a9cwiEY9ox8oW|?~w(({|wrnpazsZIN^VEEqePIzRM)G?J*
zCT^~jf<5u7orlLcCN88e500P?yM@wpT05~32Fr)`za+~$e%x3PQ-#50TToIiIE>-_
za?R(>PU4*l<IS3GLu5D1eN2(J!PS?{Pr>dC3iyYCEUY(8qc<<DzLjWyXk!E50yoRY
zW{j%0VLkL%8;ck?+*h|~c6K(=0Fx8lYUsa|0;ZNIo^i;}f0tjyPj1Td(hWX@J#s;&
zq{9!pqMuF=5nSQCODDsqG5q7n1UwdzwzlS;Z4K*p)rvKp#FW7A&deWF;uVrM-<p(C
z4$%0Oi}{B%2CK?_ps)}u-%XntB+L8}?3YZDVlbQ^S$gg%@PJbr^O8jZF{1xWYtJXU
zGkeDxJ6YJkX?vgQoWB$0ipkbZU4iLWlr@0aw9K&I=YpP3OhQVoAY{56^gbsdrs?(b
z)t(!vruQ3}HuMCZAhMs{7L_O2==5-3NO}vdz&)kyC?Me~5mBu;d#nxEUrpKAB|;v@
z<KJkerqvj^@oo4p_N0H(j~%=@D!KDD6miuJ#@pR$OhVo8ZhP;P`OC;ym9LpJRVc;L
zrD@Xdsp=5pO%;iB(~_#*@Ms^g)YJ8_3+hl<<cqf|a%uGo@c{V}67!etm1)XDZf`+Q
z3uf#Xz@`OmI_=ta-Na;oQZMLPOtplS%Pw*i5(@Rw&{Y4t5f4FPqC3)-ufYeg`MUd>
zr5*FF3~FW8PElT;?BQleEhPo!H!p<ZH9*$JP7GH5kh27937DUDGRtN6%d8Z1CLIjE
zJV`#`CF&Yq3IB8@%5(QZxpQ^j{NrXgu&_z}&_kUlx;_2s^ohcR8>Hf$7|V+W=i|n5
z&9gaC8gJniG^gw_81w}GiV{EJzNk((Ud^ZI{H%2ww=OmP3Xo+pKyH}}&DatU7&JMT
zsPtQO_&B>b>}M|~za*jiXYjLP8{S9T7p;9;k7=#GD^yT#7Y}~PI8Vw8zBQHY59I2t
zWTrbz?NZRl1X>}R__Gr^>b)C94~glz3)dbjahu@m*waJEs(JChD%!L!wUre#6YLXK
zzfhk&cj*&yIcl1A<bBxg(d-`KIG#Av0JrS?Y~oPuHGbvOH)Wu0+e(Cu@bzR%$VBY#
zbZyUfS4$qgu-Oou$k8B>B_41!`2Y~fmZHW_#4cHVzDCD}Hv7oIK9oY8VkEm@A8q@+
zHf^_)Oz1eXgB{;TWs`noh#lEOSv#7b$!<t3-n^v4J>hp@_t9)`s#Ga^mQW1r^Q>>U
zv6t$T<gpg!{hs3q^obtjp2!iLUb(~#R6Ma{Cb~vkqR2fmUP<g~!G|$Fpaq7^{w&!~
z-`hDb=5f@D;;AK^`%o2H-ZSXjJ73l#jIwB3_x)NTPjl_s<M?LR$Iwq`LPf>*@gH_t
z4>CE0-7j9^N5#Gt{J?3SR<2%<^rIb7rM|^J16jFlBSbnzk51ERmP_(x6&h-*YyD*~
zV8!Hib5=pe;$cg46u(^HFF;ryJ0&H;;XBg9X??;%)yD1a>%Pv{{myF><Tn~gu5h;^
zHRhxZ_jVK>LOdYHa&zT~i#$ZU6K@PmqIVdSffl;j-j#U<{RX+gU?I5S$}Y%GXk~*_
zakVOMqcuUwGR<i6P#}p^(&sz9bt8_=NU|Y+e{=o0d)KCW^@e9V@W=YJWxRL>yZ-Sk
zrDDvmL=8RGDFa#W7^ee{f<21_&iyEOP8>>}{3UZlIIeu*-Q7_0`5_B$pAc$MAKNE?
z@Vz?<iyHFUxZJFGY<fi;gZ}2slJD>Q-O5eRh7gE)YdydY^-si}XPHVX&Gwm4sL+nG
z|3SR6dtU~Q&;rnN@6;SzcURBa$+jm=s$Kj^cSmR@<B_KFn>QAI&9FkUEO{pEmV#$z
zt<&vxr%4e9LbJ1ByBD#4k#!$8B~EH3RzB8y_E^g~oCk1{lMJdBs99QlzqI4)SdsN7
zpDddrH3J6qme$9y$IM9NHu2VDZLMb}Fr}=CZTjPYnkz3hi$3Aqs-9e)a2NY675XU^
z&w!~W$u`?axzoqXBe9>4M7=CHc0-GukA@7pJ5%1sCf7LKqnu-0s_w?5aoeGaRz_<z
zzAAsW?{%rr8GF5(@~KwRx^aq-hpO!zEV!IIwB`h*4>%?%TH`rrpIrf40AjQ6v-`kQ
z(>Fia!~7>rY9UA`rg3U=V#)t-?YC&R&wC#KC6`SdvhjlI>h9gDhW?3fV%yELvKkK_
z%%5#{uRo|<4CvrNsdy?Gur~|4?Zkw+B|C&o(RIX)JWmvS6wl4h$#21W{oHUqMle5D
z451$#aV}W2gzjB6L(5^BRK3H{P>#j0Xh8<(==_qt)>!rYONZaN@{5IGXV3<B78jdQ
zM{oLL$!oS1HW!j;H1gwB-i#!sdJGm8rqktw?3~JRsf<VywxDY32W>T%JchN$Ywre(
z*bhSc7t!QcOPa-*b%!@@ha_McyRr|mt8SV!(=`<c%tfWZVeN(p9x{K5e|o^qhCT4B
zF>1kVK6vJw(%mh4q*Zl@bU>^1VB1}EZ+vL~g1_@FL|WR2j}HyOj}j`ZZAY8a9h^L6
zkLzs>{|Uu>3x`7A?J)(q1fnW%#%%g4>?cAqcP8hLwyL&(l6^zkfpKQ8uU%bT=XT{5
zE65A^2M2rA2U%l#3tp#JrNX^{z`Y8$dA4zR6V7Km-%p6Pk!W*M@;!#gXP<_9Q?&&p
z+P;+bz4I_P;lz|zF0CBzLpdxvw!^1P72V5(e_>tw7KZ}ED_QNMc7|^c?kAQH4@#=w
z)ZXrtk?vOU_vhKZ2rtiD#4h!fHI#ea&J9=JDD(gJslzE%v}-h_V%0Ghh<t$$+urXD
zBqgl!x(-*M6x(;ocJp*lj~YE<a?;Z^CUy`?=DP|bd3%Yg8#&{kS8Yc?q_A<N(g(Fq
zA0`vhFomeTn;wg!<_f-R`3WNn6ryRWfXiR$PL@b|F*~7EWwQKd|K)F->!W^)9#Qo1
zQMDg(KcJG`o{R$JyzQmW4yoc2wRnm*SXBo$?;fRsakJB#!$`xN0w$M1zv}w(QW@%d
zqL)_UW^U-;2g`F9WGKhk@Y+>v&*sQC&fUH>WzIGQwnt6O$hqaclnOFwQ=g9457_tT
zTVZ9~aE1iqAMJ<d4GB1u2c6avClP?$+y_!ePS8wWo4jt4J<KyRxUn#j1LnBxK<*K|
z(zmGCX$Ys_w=s>+$<;$5GkGe+R}Xj9y!o3AlOp#SJ+BkWw(A2OffOExbL3?ow=^ZN
zK~j)<(gJTb&KMpG35VpXX=El*_I`b7(`y|=+}e}Ge15D~7KWD={O!jKc=<ZV&tj0D
zeXN?NAOeNrjxsSxA2h$2+^liTP|o;*VQpg-$@(FZ6JMoKIExYRN9kv2_kyGw=;Qj6
z()>M6B_lY#2blgNLhjli+?y(x3KqPf?3OKiD|}Xm#b}<yVlZb81z_#04sXdjJr?mJ
z;&T|DorBi32Xw3fjjHbE*|V?s?}Eo`Mzgy>xupDi>mK8T)-Day4eK%!op$X^lV^oe
z_vqf;=Hn(XCN!`_-$!}|L45Na+OSa1aQwG7oaHjw$v;>v*f}^H8sA;UD)<#AJUc8V
z3d#+#WbcG_{^jnc?zQ~O4KJGpQ_5TE{&K)OcD-c*8Jz^;!~@1K*tiXsy}jOkdZP_3
zD$I=}E@x_QwfqU|A(%P$0{-4SJLJ&;7OPt?G=bNHJv9Wz0yYPV@Vg+nJx4$v_xUl4
zL}WbYE6b2{x0ZQq2wPnq(hE+Gx1`>I&Sajs@y5hRuhsRC5)=)9aK`3kH@$Aa3}r7z
zHVGAp50GxCNtsIFI5qLUzXjUzRNTLz`S`a4-(mT-(wlOx7Uk5~RL68ojozXJcYPT?
z+=)~<)}iWl0WnrIVb(CZ&V7~&UqzIk&U^f(vg*c^fTYq|h13uqGYvC{>mKfy&LchQ
zw0zp{nvWA1!$x*NKN%LC3+CT%1Piep$M<usbUOEZxjlh7`&_|JDDJfv(l)bfJehmo
z69hHVWHQj*>~WduaPtoaDEyZFP2s<qS`8P@OF4Fiu?r51-K!4V8@^nVr}m8&4S~P6
zsuXgCeUezyxOvEdHCd)I7e`pi@XToBodhbmC!y3gLJ0s(h`C%>wiVn+K?4>{zl4j|
zk{;8*iS)fij(W$t29TfaRlJO=d*qanDsEJ&+d{r`{j&upvEKH|mylap@VH2x*!x}W
zU%r3J5kym<0{N$}e($l1>U-mLGw02R-9$RNzB4kOT8dTs;&LepcYCdhJRh5*3<G<G
z7X4!dgq8S#Ipdd=H;;Z<Ma9l08BsybjT&7Ge5l^&wo(g?JM-at3JxCS0#d2=23y5j
zB;`qR3{Nh|hS$({Xr&MR0XBUlb;^HT>&*@062hBgp_?&0^bgt#UjE@{rB(lQ=@%gj
z#-^Mxle(9=z7bjk)_r(=47{FC`&_io6$|)<^G6<XAI9qJ*_PU1JFj3{%`@UfmyPHU
z-VrM>3QEc-xGWAT2a8gK^k<s8Ca+)%lysX<6Ode)@=4m^VQycrhES}pS%PWo>aY9l
zf(Fhn4iw6hUfpo}HD%O_68`m@A7xM`H!Yrmgh2F+J!5xIB0&bYc2Pp9(*rMH-y>p!
zVp#T=rtA!e#DF8Hy)LkmBafl7kv@1swN-f@vKcqO&wcjhRIn9hheqB+djjI33Z{~K
zrSkO@KH)_75eHd0SAw}sarFjQj^uD!c-QhA4QVY(oV=T%`5g+flq&4dJip^7dgk&`
zWba@DK;M@QW_H2RM&tw7|7lE|?M=?GrcvYeu8O&BlH1fvsbCI0?YL~_cue&T(MV{V
zsRR-u=llt!J1LkIkDt4PxoRQ&VDoqEPUJIb=%}QUS5?h5)Wr-*GDo+6T9Q4c#o#q3
z4ePHh3amrsm9K@Ca%Ormjm@*Z^W}ugeJZW%YGIz0Ut>Fc>mtm1fYnn{I*q=SD4Fdo
ziCGc1bf_<iRQP3c%LaWFq=8|OrQ^xQTf7I<YUcOKy;(ZbSvlR$_QZ}(%l?J*X=G2Y
zQdh#Jp**dsw*aR%L6-CQeyt^$w(Ey9W8Pc1{_*|L$sdUY&x`VL-bK~Xt5P{a!U%!o
z<VN@*OC9)cH1%_naP3uEUU1#a(az7M`;S|ePT~j##eLQm@%91a^7n$V)oz%C6sjN3
zdt@T_EgN{YA^vN-^zAH}w(zZEN7(TfU=CWVSY;-WEPmBO*MM3moBFbYJl*^6Pm2nS
zWb^tu<Mi#c>U}L7FgGTaTmXr5Os17nhBCxsQ~z>X;kN{ia0Yj<tEgv@+c4o5ZJjDs
zgmi4draC~2OYKe@Rf)c<BZqI+FDpxo8V)l&@OU`pyZ6Xkgk`5vVWeD}yTC$cZuOKk
z<@^Lx9}EQSk-8Wr!NR?PQ@Bx7o35g?KKd@xNM8huasie7>Z18qpt%IsAAmH;dkv%b
zgbjbPDJqfLj=TYKQtaq!@n8ze5GRfp^sGthS$JRItk-tgi&V;k@50p+sz3cfj+C=v
z2o-v(G`INHE|X?z6btq4X8Pz}{486PBaS|kVTfj%hUgXT<agcgg{<_czy5ywh{l)g
zgByt0ys%r<W<ZDWq=L7nMEZNsXix|yY~A;IV+Hi*{5wF)X0!PidDK)n$U~U^qJvxr
zRLa2s7N4s-dH0dhtxZ}_@dy3^rkV5zejG=PQ9_r{<4Wy{`y13|F898voTQk<tS@GO
zs5Bw3^v1-RwUCe=GMIeu&PO4WUCqzjbdffJ*q6-%yjr5q41sc~9-|k#BM_R+%x2Nj
zJr?`1l6kT6dUIfXGRF(koNQ6}kmqDT8%tR{w+4gy_X~Fv^3;q0;4-#g^h6akb##6E
zPNhXipNmEywppsYq4F|y{i_@+uV1CEg@mVmLVQ%w^zCNHqvmq3b0;XWv(=PDxG8N0
z{#XD3=si0HK5YB1kvAVroSzImvw?a<f#l4s(=K3b#sxQLe$2mEc>he9o#twj?^UpO
zXu`<<2A4V5Xz;p=_hVv*8`|(jk1_TvPDLY6<})uSKhkV?AJcI%(Eg^dFicxJLXP4-
z8u#{pVt4>aITO3oq>{rHkU?NS-YM;;q1asFV$@)weV70rqW0!5HyFptseBOBVwA+o
z_KQ_*A$^+LZ;$0QKU@89lQH1j^lP*0(e`*j^1(Hk5}{eC-JIe+6mKr2tsDOVhGpNN
zA&a)rfS5g*MbF%$7sf5;Nl0?p{&>jsPM`tIK>nclIAanSWV`mV7EAvsNBiVEwIR5D
zD`{7l3X8gXw#8W2=ldT1s#|SDQKWC8xct^FmTox0`?p(BAWM-=lo4S|a^0SKtv7lu
zkMHVlSy-#jh1Zy?@F$Iak*|v*&dv+HElTOaZN1F6AZ^;XwHznme}1`-edogOhCSea
zarV}6QFYP#D5(OXuOgx#V1Y7}lyoSfNDItRQqrx&&>Rr45D@7G>6xL2ZV*tqkrr^M
zp}V<z(Dz&S{=WBq?*79+7|%KT?7h$0Yd`B*&%$BpsAzH8PpvCg)3lN)as>Nb*K&sM
zOl<DGHHv%Z7MPQ;UZrQ~Nfx>Ih|S?qX=~Y(u2tTaXfyAe!)Cxo6Swb-)b}Lo&Q$0z
z)*4NiVu@&CMM}3-bdgFA9{Ql(Ru2fYXX}>t0_pqB*{=F?LP&gn8-<uQg;dKe&A#ho
zXvq8RM`Tae;EC;Dys#~+`!4f=N%THnEgMZPuOhKhyx3s23GEoib&-f~OuycWE9i%!
z+MdNfbU)wS<6n`8S??_8y|=WQ)zQ8cB---b>&kML8tfx4=SHo^Pmwn4d;7O-Mg!p-
z6zn;oquNzM!X2CmH0C^Q#Ww9|3f(7fAhKq|BAt7%1>$PS$f*UhUnMdNW)&7=MThlA
zYx|Uo-0v!xdJdlN<Zpd4#4D~`dlOXNG)#ewoV#qbJ4ufhD&HSj+3YV+bQkm4d|a7b
zKY)w)<whfX{=)hb_cpSqfk%OIg~C?4pLqAZVpYZqS*_eW+qR-S3#PP^h%-MQtU>l+
zX2wFppWH_{j*Mune#R9_OuKdsKiRUBJ<bD}f#6{3NWECn0i*dmm=Yar<1<YxIJh_x
zb&xfbBaIp}#<|;^8d98aRiv;jnC6XjvK}t_5kco@5F=P^CqChUA60kw+2$xSI(?%r
z(!O-Jw(oJvdG3Vr4y1$E(hBkM7G$(o4GGK3mL8bAobeY*lWIw%2azA5&NbVTiBsbH
z3k9gGtit1Ly~?5XTPl7p)1KyGrH0Lt0R46Di1lY^l1ZOZNc33!P>P$VOMW<83;bys
z9~78RYksOzH^Jgdhh7BZ^AAS`qI$xlyq8gT#UB?~U(Fo4IvW9NSmM5mfL5-@o8#_z
zx}~0uHd!xG^g1;}rl>L0e$81@aa{K3@RJ}XeNU`mRJX@Wtpv5{aahi!kca{`i@ElZ
zX`zm0r<kw)Li!&Pe9v5MAyI_6;bfbG^B4RW%Ew$x1TN~>JsgmK-xw;`=z3-XBRDBw
z^jc}DB$LM~d+<^7^YKE28XRK7H(VYG54#ynukgq|jFJR@??J^CACxI_aknKaV%{VE
zD)AZfI|68hl?Fc9DZVC)#0W`q0>c4oI?QU-E7+!AaMyYy+PP<<fS+wQw=z(gEd(>+
z0{>h$F!QR}z(zgo%sUYNRx1pB(LrYvQ+b?}FL+AG<lH?Ul%mMJdr-x-_B~(RdQMMN
zQMK|%Rz*1kGmZC<qZDbfjcBvIUesa@{JVW#AX}$Uno(=gA%JKOCdpA5fPn+%=p-ZL
zZQuR710x^c+E?`Izm8gP<E*WPC;JpK)B7pulaikgc;z*>ZeE}g0Ku!IIKUrCCQuey
z`F}7A<*ju<_Dvx6d!4a+!kpIU9Ai;hi9motKoa0;aO7N8XSVA4d`A5<1)!>YI;iDk
zE*O(wTl?5~M|cqC%ie$AeH)Q*s3UE~!RRJ^`W&^Yz4`4{+H?=o<0clJ<Ct1wmh<^r
zk{EjpvhwG?{57KQFSM|@DEN?d@vsscJx8*u+WpWCrrF{Mdt~TTU!T*r^-Jj1tJ>xo
zt<h-n%~pWRST(f~-4D$S#*tTGE~yr<QL0US&xRXMC!~aGu6`}~YF(h5&#F~F^_#5j
zMIqPEmt<j`1UC8byX{jXCnRgagXp=0?F#1UJC|vQ99iRl-AOOrGq1L!?>_D}gw(81
z#cnZ%<<lW?49%ErmBOQmQ?cjzddaK|`U=`4euVI|r3RggI-{0AO#d_82Uoz@?ISp1
zGBTv)L$8)sf^(~<`of5M)^<b|UJ!HfES{VF#g+H%SUzhKgrK-^7}&T#OQdQ6+zQRM
zl7^U5L{bC&N`U4%y@9#Z{RYxgClxUGT>eSd$s(~)Q7$;_g66vr<|YuR20%;xj5tQ(
znH53{&nPLoUo3(jF%38!P5h~_O{(X0znA*<tC*vLBPIGAi7Hnb^sBxnp6AN(fPEn`
zRmpm>etW!wZQw?6s|gZ<Z#?x2f6^35=nQDyjj}+ob*bocDkL9aNni+Gp>OOpKiN$$
z6{6V_N!d>}&UL3xPiH2;1;HmP?N5@JUDYxI)D8!U>7)N?+NGa9eL4@a`VR+g6Oa#h
zxlAr)933GF>K)!h;3GzzE+Oiq1zZjh$=C43%e62^J;LDz0!2*zXad{<48<&Dw;AnC
z>fRCsl9RIlp|6P!;1{BoVOF*$L9k@P-$3i61P-v2zdec6QyPEx)HE5Wj|RUcoaFb$
zj@v^_x@CSI%TdpGLeK+!KmZmMk+!r<mAy7M?C&3m7(rob2q-4Z!BAXk+Fo*%iVI;K
zP9jTKwca6337muPI%^yJWglQn&f>}i(k(v<@UW?|fDqEhFlbjGX$o0;AdodOVP6ni
zkiC+>-y)J%B7_Y`wC0~+x*&*q7wl@CFo3cUI7WG-f*=nzOiL?ezD%S~E0f@b^CUw$
zf7ndx{e7GTMZc7yPO^LMREy}aJA8x#AFd6g_Y{(vA&z{v-vmCf+0P+lQD<r?YYx`8
zXrsbluhJXXK|zO;_J%N0SuBJI4lL|y@-a#VaP%$Wzl_FyGBIi9)S~4pVS%GyFJw;6
z-e3J}UG4(gKd7DQ6wILDUC5Lp2J)g9e(D)(g{)I%&3Sb-|6A-jm@wGva_#K!;1`=9
z6;z#jkLDlt*^nd?C%++!=oNqSuN^i+9k#EzWp-(8kp&+S2<3|ZJ`N~C+AK&TrCAtf
zyRL13s!IH9VVVOeG;eIu;RF`x%-`A-ti8xi&YMRI)1s~azS2JgMhsS@2ZDn@8?Wb~
zn29;U)^APmSk+c(_qmnZ5{H$XCtxa70$vRH=q88dk9mdQ;oO$_bMMw7PT0TTMmGuh
zS4E%m6ikxh#I&@WVDc>*A4fg(zwoj{{_2$+hzyWvJG!f&2C)~Qac%P(PGNIO1*(Zb
zn6sQ5UwR%Tj^5Ybahc=|hoduiO9J2p7@M-5$*_NKUkB*L_rGd?|JN}+OLQ$YHMRN2
zk5^66?N&=mJF8Pj5#&Oo1fe+4aIx}9aiE9(D7OA@p->zQqZ2Nr2nzFb(*G&$GxDEb
zRs9jMEhxE6BH2yexkj-0=3nV)XMUq^Cb3feU1WbK!M<S~o6)-t(R(e*>}rfQhkt)G
zCj%?c`xM`ym8&Av;0LJ_V+1~j$6q^OL|K7=Bnj|u!Urfdv)!MqExuJSvsg{kc{NUA
z^^)$(#X%AALv_J)T&Ec=C>4YtHg`I~BmQ1cU8-zRcPtNI^YaCX)U(g^&@MganxUE1
zIa{SaeB*!hIcB}}h7T_LfLcY-na?)Ij&3bo@oxVFCYJF16EXh$UqviD35y!ES)o4&
zW$jp{dm*T4Yco>v43ul>2LL73tb>W*TB9%+tgnVCfj5vS{`WHTW6O_m*ZVRY*;#bz
zX|lwewcp#fIqgTBN&5f`6tRQ&O?Th6E)Rs7Fqr*Or1)P2DHhd$+TyEXKMvh8_4VmC
zhbE$$XWH7R*w|~%n7N^{^%YK?q7rHFd__LPIx^>sxuHF#%t2b^&^7jv3mVS~Ln9Uf
zT@-2v*=mBP?}T;0Ayv~4_ALZk)#lIEyhdTwoKIbB+D2dgIE+HhRUzK+H9Wqq?jiM6
z-baAhg>>lDI@pU<Jv4A%_bevy-pT-2F>-Mz6_l4kKM7*m3eqhDDX}{fRNmo$JPp#2
ztWQkvR)*Txt+0+TUisJwUOd{mw?^%gcQAz}?I%ceb6RY0(3Ysh=yd)Ue*qpAeV@;o
z0FqU3WFM-S7|#CiyhtGmb_Jf*ruTrvM7HmyS|foxx)J`P5NQ!*7h$O`#?uhck&3=6
zN7T9@4>Zn>=;3KU01~%1_`_%q%eyWCoXG#qXyx+;BShqVF7Yu8A_zyAl=i>Oi%CcX
zLI_!!nNCO=PXU;ofLx!gR8G6L{?qB_VRvRM9CV}X7k_;YvwM>AqSXp9MQ1VyqUiuQ
zw5G}RfPd&ND2O$PI>~-4!)I}!)Th5qO0~SjIjDsuAf~Mg2nO|aj~MG2+<En@|A833
zgCt*)J8Cl6^}bo1;=f^5x@DP6iJ5pEutjDiq{BWNO%1vkaI#W~5=mvl@0S;5@`h{G
zyDA}*Z?oG)>C`vh^WgwCRgB))>U)J@YXu8>qy`ayf;qsiWH5zgf9?L|28^j^E!I8@
zmY2ruh}U8<W78SKURU#nJ!8#<{IZ)V7Jm9Li55OIXrkhXGCmzqx9h8zx2PMOMX{ye
zUO2gpcl<GFGo&i=L|Q=0Pp3HZWj>$&&HI-%O)~9#iK1IKLd?B{g5Lw&%g2kBnCxG=
z<OK^kr(|ic<&Y}w-)1p^{rs+<^0t)$20$5kZ1W?uWxs{V5C)p%q#HV6dSc;#3ObxN
zaLwSZnh`A6JIwXU`)n@wI>H7>gCMkHF{zRtE=yUmvZ`$E8@he7Zn-U5a>;V}V>xz=
zG0<Y!{_yt)|IPP|!ESJOl&XOBd%jE_R=Vu|is<qTA98Fit|ekvv7?_Zmp4IC&!LFO
z;7>mxB1g9qOxMX*2Iml#&nx;9n*dDnS?VZ3%AQLGpmuB@Mkf=il_w2Po9=4|IU{Xz
z>CMAwPlG)XZ3&Y4+oR42KqsY*<gMU-F>+D6Et036Q944<IP!6c?|q0fV`WI`Mvtxf
z%Wl9CT3tI7C{&=nn<*sc4XdGk*wzC4U!$KT2gtd}%zifoP7DK9kH94vir1}iQ9N#d
z4Xd;rbr^H%DlNhiS)w|U05iUUTGQ1BMW7mjEP7im?`(o%8fb}Xd;-a;YqZt~?oW*0
z?cd>hKD*kavDGxgwXwX4NqHzr95>~b2V6ps?}|c!m9d{vkm(k*FbMQj6lIy=YH132
z>*B?u$e6?2PO>5*qvf}EMy`JrPowSFv3$VU-n~bzrvg^zW!Z)?Y?j~;D<?anS_MwU
zs<t2cPI>VwmX?d22<6-7d*Y>X?^a|=TDeQQKBOBLds06VJG*76tcc=@e<5cPeNe6#
z;Zj&XZ?Vs9I(QbM$v_V>UOU}+bCMi$Ab<kE*UG;J*Z4qjmZel6*+U=%9NlDh<zA)F
z+#S}?fk{*O|K^Y^u84Q7_v6G*x5=?Td-{mRdk#il2vccnZN3TTrfLt)!zh%pMET4C
z|BN;(hGQMQ0RlDVAj{xJ+hLRhN+CWIZW0X{Q|8$CWjAJp@q5K`c}~6<6&prx19}pb
zXJI0%at}*?Skaw-+E&lI-=B|i%8V9lqNb;gL-}vMxgWW!H=3-Aw;hN--XM8i{FLf-
zVT{7{xexw!&kWXiqD+s!2w=u`>l)Z%#3i2pfV*P~NzE;~NDxO-v;tnlC%zJ4|CxQn
zi{<EajE}iL!-gfVG{)JSQyPzrFyo{-YsxZXgG?K&P2O35OQn1NuAnxJw^j=YK7hmM
zr`IC|XP5J&@BU?G+BqX6&DyVtc90dcip|b@cp?sGm~`i@y6u)fE=X}^P#_)LnbeZ!
z%7>;-l|HnRCHK{*Y3%5Qx?zIDvXy#znD3aWIt)zQ@T&}ioqD{jn#Ex-46RZQ4-rua
zz<-4)4Ppe&$p>8aChfd<K+LYz6Cp+G?eZ4{?o_q>2v_;S&`)NtUOw@bVPm17165Si
ze`Ezzd4lNS?|<cp7p^`oPlG33l`1b4m!!%4h`B*~@gN`SkxMU9cY!pse;amx9M1{q
zAN_SIxRI@cUbosH*8Z!LSYHag3Qx1Cm306oQ2>q{qrhoE0w<dMs|O}UbvGd<B_%Yh
zIa}{?KiT!pxA!HoHa{}u4wg@H>9@fo)ox|Vxi8EHtLa$It$juz&Xo^V4%0?rolCu{
zx#Z~}B_`Bh>Jd@*eOj}p5gcQelhfcvR#FXY4Bq#RND%H@3pZ5AuY;^6!WTw__5Ng%
zMp139cq*Fp=!GE58GcFq9v3Q0e!D)!e4Y6ikHYCWr0#q_a_<AzRv%_4gG6wgKYjaK
z0~$Vie_60}<-YDDnneKE`Ph;#6mn78nvm@g=8j`tan`A;D8nCmFENHMBHCV%IBE6J
zKLdV5XZM$Rg{c8f<GJqCXhFMp(Njc$-QB9V-@i+Y6lV&jp#K;C<zG;5+!>8DS+>U=
zJSr=742(|itE$uvUN^GxJAzD!i5<y6u2b=U29Z@%Rlk63-1Jxgz+}k;VGBYVib!&B
zTyIdG?S4IN(f#M!KjH#T710pe-{B!LcLrR;OisOFUq$}XmpTPmR6w#FoVWhm0sL#u
z$2n$3>)pOskZ_0*?Y*}Fod5~>C&#<;>M{ghxI#DEt-W$#Kq~AND^P|i*JX4!I|oK$
z!=)1dCDgLZ0Qlpl{^iS3%pL%@Pc7(h!L_pZ_&q4}7}qjKqudplbABLlu6`6;Maba-
zZlj}%*n8lW{;e`O2^Ox6{~!PJPv`zO!L|R7+H?P^q7iQRKj^9_e(V3!gP^v*`z7JW
z|Gy$~|8;!-k56jD+T>b-H2`?AuLG7`d~MWy3J=I2b{ys>e!8#<wSSZ`iXH%gFhWbr
zJjW!K0W?g^M@n8H>F--dnzqMg(y}8;2pRE-1?GTa3-+^Dub<Y2W;K2bBXDfPE1w;e
z^f$g{z)EboiRU}T$eEpYa?nv;Y=Li$-^!`BJr8Xh-LP`0jyqu*&Jq#)X=sGef(nPY
z@a474-30V)D=~`~d6sqQg+-AjJoO+-X4KJl^ZyegAko1*E*h>?Y|+whgLM1tW-*6p
zB*zTJa0-s2j_tk;x-Dj!Ekwhu(miDuswKzcPGZ95#nAus&eaJCioeP17Wg#+{BQW3
zb_2)fY^4_7*4)B?*MK(Emuc$||3x}Y;IZ0kxi;PKw;=KDuVe`cH6#7OtNDLbOU(a6
zwS-X@XgmoyHaE~G!4_Tn+ExZN|Iwyuu^IyQ7ge@_RP(opTU$7oS)kW(#bYq2VW-Tn
z8Ge>4dLb?PG%Xgq_skmXi|3^HIK?_{)5uckDq~D3xj`*V#VVr@x-mc)LS#8y|E^J+
z^pZMZ@}$ZO|A!VGZ6D8r1cEXXLRU8~1ob2nHE1Q)XKp4_1~H0Sx!Y)jgLE)+f+)`)
z<r6~sKVT8uS0n+<1;>jv!)EaJl|y_SnxtqU`5~wMN@T9Z>_V8^?>%*^yYdal5Qxqk
znaLM4VoF4HCx)m;fisM62~$s2{4nO+zfx{bLvF3v_OPJ3yS4ZVXC!@bn$_1G86mG6
zj2^m{PS^ZSkMoJ8NhJNR3U+SBX&$y|Fn?6xprp94va65w<0Ea2qi6-&wzRbuiu^t8
z@!16-yzs9;*GqE>8RMq6cxPR(pWof2XsvV%`GvnL=9j?046Az=eL>sG=GDCB`3Oy|
z*B7<YFW50Y*dB$P6Q(=P+Z28y%K`FHlYzpmVy1dv3>`hPm@q@YF<Vp(=i0a_Lo6-e
zj=blv=Er&wo-F?1K3&OQl5@<Arj@-yyhG(<^SJocC(-$7<geA^FAV4}PE&W?qoI+n
z)N>e#di(QgSBs&gT3ly(kZy8w3XL*@@eJXR3;}gK`pm>{6sl2)@CSJ@%pet9&K`c{
z)@PH@4#j6)+EF@FFmQBGU{;PlNiH)T^0(T20nQ@8x3{zsOHmZ>Y1PA61OhU2GloO8
zP`4bd?Kh1_QC!NR$4zVf7>fAPS_)GJDQI``{`v^zLz7i`>$nf1E-MDIJy0VAayM^U
zKHJ0tRc|oYQcng%YEe#tWYN7XI%bwn$gKqYe!3VLR8deVFhFf~-*Rs(sqjk+a4hUM
zb*`LEpxN8%a;@I;I~<TaQJXVg#w@!5xw+?!f92+$0~MFi+F6Br?7ATE>8)fRo?qBK
z@HJ5&t9N6!R~-jwhjNdXeF+OTd<*cI*5V^@1}l_%PAj0TuCK+Ad;`z_Ah#_KmP@`c
z8sl<j0MG`&!7VTc)UML1ojyEhTlND$HaR$<yl}2+NHc{y$ihc<E)l*0qP*Mbur|g|
zZ8lsTwx_romQJBfQrHCK5}SHU)}o0N@?)0$(^;VAp$a^|K-xtL&B~QJDxj4K>OGes
zd(8TPuAG@hZB2Kh+1EbI#~zMfztIBRg(s4aV;sm3UjjMT9RCOCxP4bExf`5n@M~<a
z;!?33wkk5q^8!kt^lG?c$bFmSiiy*&!(+M{_Qxx#!(ZRNiKe=YzKMM?evud|#nhqH
z!6#IjtuprdBUN@Gt@%LN{Kr!mS~?j$_HdLYT`mdbsblt{>*h}7Z|+juP_?T3=ceBG
z#p77BcE0siV^iLztWi(b4zW$H*)ydI@%LJT9NHam;;$4l7^I5#t6YXApNHs}Ve>K+
zioJtJj|ef9vdNF2EH~j*p?oX_I{(i2g)=dYr^|>(Fe~BkL6EhCA;I5~py$kM?*9$n
zwpdtV*~=cl8O&W1uY~cx{o@g|g`i9QTZL4vMlYSm$kAEli9(r;%EL)9OP^v)Sswg;
zCAT@^5U@YQu3K?ksRdOeG%($}8=Gc!wttefj4@WsHQ(!apLP6Qz%wU6O)GB^KRHST
zhEWuOj&-h@@JB*hWJHXS+uTC<h`hVRbdX<%>{CRUrti9~YVN!82ixWyNIT43n!25`
zajI;-7P{F5@d?fVg<?<Fw44eHd|&SKDw~_dL9yI@leI~<TWMK#oon*-5!7WfOmXf#
zG_{^}K_-o1ADyy;C*$O?PMn#1_j{;+g=y%`y;TokRqS@1iJRdPG*ai(#(rNUc?p61
zW?O%DBBC!zDJhTs=F5*{+W-|X)AEwGTpf@#{)UjvQ$_GJ%s+L=&Yo4Eg7u6hP^2pu
zn3R!laBw*4XvrX{&VbV2{~(AnWi-hX>!<vIfQNVE&L=WL-b)?qdSSO|D{!m+Hb-%A
z&yyBW%0$c*f|;SYvVF7<^)UD6IO`MF2m#sr@uMy0kpW|#h+j;^4A5nXTj2S(v;VV`
zp~1mPwxeaGIcY@Z?l$y@!>tcZPPK`(&24Q3@<fhK`|PldcQgHSWl;qSU;6*=9U8(i
zNUf*xKcFR&?D>iU$@M2RK0>F;L>dX~wm(g(8N3ux#4m2*%Mm%u#Iyu*Yl_0@v*?e7
z2ETT-Rjkco8W!9Gm^h0IbhRtoYd!zt%EenaL-^|Jbpf86v~17@z3#nNes$rO$J3}r
z-k?<ckxSiQ>uM$gS^mMw=;ah2kQ6(ne15NjX1@YF6Fs*%7E!u!d`|U}?fHLu@>P`y
zK?|K@PX7|1<58<#syB2OhgR5MxR~s+u8o`7D0E;9VyL0^cqZ&Xxo}arlqt@|*KwJv
zvZ#k`d)jhtXSnz4TO%n3&Ab<W*%fQetfcHT>QReJmD_sdV46;vcUo!{LrvWU`to6B
zg+;Zf#}?{K+BWA{?>7up6iFp>wIiW)=`7a;$5l#2EN95g^3(jB#Uz~J3jS%8NQ?JS
zWwk(r788p7EBUih2Qj-;i&fmB<UQo~Q1M-g%A)m|vY+jz!|b{qw{>00N!6TCZ{u3g
zcYl*RB_rH~81aw%%GfjF>mz6$hqRh=F>_rpVD(rp+AJ;utd8&D4zfCfgM-jep_Rr+
zO*0iL-gWwFob#9~lI?Hji4^61dC+^XCg%1_)fwH->iJ!Fgu=oHg_1pT<ftD1XhYEt
zW~H{I=$B=EX|xy(NUHgcHI3F0d7>QSq_mrQ-!e|u>`}IUZ26<{!X$r-)xvgBwwWE+
z=lfNcgc9s~Hd<_Oa12B)DCfU;#QMn+x%_6oSsf(dC&{-Ul(OTjQ=SLewo}C0{oX8^
z*86sODsoT_YdPadj~|H~w2H+Q={HW2Ygk$=dHUE4eClpY*pX%%-_44iEH_Olckv0U
zmZ1fU@lQ)E?Y@p_?r%t@d|ewlx5O=Y2b{!i4K5KYLPD3AW_M`Kx43Oq47DvX)qPMO
z3txPAh`$C*oCsb#V1SOROxb9l>dG0H*r}O_C2A)9<i}4<e75xWn_~wJ?57!XOqyHd
z7@X{W3f^%9nUhv)H}${MAS)lsFUyE2GWKwHlGqjvC~&w(KDJ1<Zk$<(V-|@u_W_x%
z1QQF5nEX53{7>lLz*V;zlCAH-v-7)O(c9*q)9=j7u`X^bql#hIVBP-6IpoIhjV#En
zv9q~v<;P(t{*)H$=hZFt-mh_daMQBd^|B_bw1wE`VL$(AHOd~KUif<ElPAupz^rUS
zUR`bbX3;cb50Yxu);%?RsmQ;JZHE*>?=O`HC7!stpd+1@78elYzDbjuLy@9&$W*hk
z`r)j6Pu6Ss#Gs%?-#pup8+Y$&V6`&HETXmC5i;AKtb{Sn#3dV&u=mJ}d3FaJ@kB@0
z7X6~U=cD@|F``zsp?I#G;fY__Z-??feRyli4Ek_o<cLDi)=(CDyYZVGAtNJ0_Sb@e
zK$v_`Zu2Q=h6q=q2jnGFk2&2{QptrshL3(Tt4kf#F1y(~lIh}84gajW%%Ju|cbV#I
z>#BU)>Y_01xsJYWhKRd@miDHNW4sgLaf<5To9Mqtu3WHlffJ5dEv*Za+%tI1iH<I#
z``{0?Ha0;IW{gSD`T4xB|23ylXcK;+1;_4D&l$#O=XFkGHU)Tx*9`Ik?g7;-N_m&h
zRy;^`i0?xEdRVaV09P`+n|^B`YS&&|gr}Ew^ryQb{?4%*%}{JksTFAtEHXJ=W4B5D
zV@8gLA8X)v#xuhvDnE%`!<nmbbE?aC${yVE5G@{KfxR+ov{-FVI89pca$+Dv(k#$E
z!dhXd^33Wo!*Zk#es}4j8Lni1W9X(s|HSrfN99``r**XoyaaF8gtRU*Lu^yw$9Zam
zW0ytA6dnn?J=I_-YEr3Uc;{M#@gT($hX_&n$HqgMMQW<5U;iTU&ELPPfXK~=h8hvJ
za)Sb#f3KcwBR1T93Bd}Qw2S^6U_s<H?D37gfwQWw_1{_S>mTkvgZA!~3$X>n?>~(Z
zAyWu3+`IbJ(`lZ(bN9j@4R`RHwpmA$t$c>DJ>KDe{Lp4~A&lck_Ias2%br}6Mvk5v
zVB8N16MdGG-=4+xR9T-S@PLQ2d6X;HaiZOrhjj<<Fwz#djO@j_5j%Qar8fOGdOyGV
z>qE%JHV%b?Pzx7{bVsAKwCL~sVxWK7E{uGNPjy=X`upCFq4OQG)A|qZl(Sz4yQf>;
z(WefVJZ-n6y7mUs*C<+z1g6V!yK&onM)f-Cx?fV?UWh`bEry1MX8f(0!pqA`sF||e
zcL~TyE7pTT8|O2RZi2Amb;i^^K2?W0R5i4uofCI@;nSY^FOwNO8kwC3iofh_Z-kW$
zW0R_vy4|*o<JPaay_PFJg6lJisFy~uNpJ&H<Y{Z}eDN}RVn3bSH_d;4(^3DH?(w3U
z`qAoz(UK+c^4lX#RFsb0Uq_d)!hsrgI=3(+s{TBG2)Ar%x@B-t0hI_{WE7-xYC0~F
zW}z$tCHc(BlxFymNnMI=JEW7WotoO$%wXBR>ES8Bry<SF_aIEGuX~+@C^5ukYT1zU
zYtey25rcwExc@$5PFM~jR;K|Jsp_RlTnEo0OmIr;odk7shsHyj;Hu~tbP403$Hg;#
z(W6&Yc<WN;w>LCA;rbsS<Vtuv9Y`vEU)|7G+ktn)8PPs#_OdDE(h>C7zob}|=$t$m
zVa{$t#K>%TVwA6&C<)zAJ1r*<x0#Vvkk8oEwrk-UzKs&$82MPGxU-f8^K_5sw;N5K
zpBEppoMvFeXs7B(Z(@S_Nm?9_=`go)$FP*cmhAEiK+JL$`o^_mui1jq)EjdDNsZZy
zcMNSmoX-pRc(tc_>c78^g6Wb9b?aGjDPq<Io+(N4vQrh-2F#2u9Rcr*^^{)5JZTte
z<QQk8#<nO5dYZ-MB)LY-PjMBDZjnbNTB48k`jU|QKJzqL<oz0?PR7$wi>)Q<K9IvM
zYPb~^d@`=0bCGX!9!AwPf6}7OioC4FR4kFMM-=z(i>Fq(RZ%#l#OWDq4s1Kt?2aqt
zICZ=0cbUw@AmkHfL*^CY4Azn~ha+*Gr<zB_zB9AR?BIuoLWEVME6G|Gn3F}Tl_gf|
z*qpf>xjw`a23>a(3Vx%F5O}APpvLXp9`uLI{@G1mT;4URZ!bmLHp0#4vO<y57rL#;
zSLu5mGNxSp_m|clXNF2@Qqq+k>W_>5V**X(xGj6<oIAdvNpW)9G3Igky(?<Ao=TNO
zB9e6{_EAdiz$qdJUrm^J{Y3S{f$d&%bG9A``-ASb%xL2?o1*pg)AG;AijVPJi(;SW
zti*9NT2B(A;ECjj*E2vE%WQy^6IdFGKMt#RsL;flc@<|@onutaIRT>wQLixV8u6_{
z2;^vXXQXnUdy%D;g;T4|2(C|*w58uJtiVFb>34}Haa3vPyhDxc@fbz3{}(l=^k5<s
z7v~R&jFplSb!NtS$_-;N_5`y-Fy{P(0u=+1Y@3^#wwYO3aDZ@t`T>2_5L6Bpqtw8c
zzZPPj3a!3}&)#%fW{;5h<OjMtK!fkt`9z0KrGqUzzi#e!n3FJE`t83Oi@YO&r)$vv
z!CZi;ka`y}&;0^?NZrp+lDC|)b5UR+J3pN{54RnLGyv5`+y5%UCPTG;R<AaZZ9gS>
zWFY+RaY>`6K-22Hjnx~tlw}t+FkGO$GJ!eYCHOS2D%G#{-)tsR;^h3ZxS)Sm7x-U^
zeP2dVW$W1PQ=OOoOd9y36n=xsi8zwuzfI<!zvF4GDZ+X+>R^fT-_7scS|X7;9X?-M
z56t^Xk6HHh5u`-k8xwv{y{>X2hS~6bl%f+Qw_B8iqRU6R?tNW69mv7U#`f%QK@SsS
z;|!o&u!LqK8e%e}^*+blr%zBWNV)ar$Pt)JDa%<#OcoKqM0^`!<j27JU;E79NzxT6
zoby;ka;QGWHQ?AE_As_Cg;jTrnZ*|p;KV;oSDN7+9Ovfv;<`FznAL`PsqW~*1}fXm
zve&|HZZlk2Wox&~u};m*m5sv1!@Xm|15L-}!=B;?OXW)&!P0&08^q2)!Q@W^D^Y?I
zLN|`44<MK9TY4N)Qm1s7HOWnsyI|>KGJeP^U)RM5=egAb2kfz5n{5lq?8zs@>T%^*
z_P^vDAX+d~$xyT4|AbAy9A4DXN?x`evolLMoRu(;&z3KP*jX#Jiu*AtzoBb3`ufh4
z(;?kFS7+!4o{PLasQGev1u7`LFdA>WJ?=B5{CwgXPl}6AF~?d3Da*mNi=taBLE>NQ
z^l3}8G8NFM8_owYT!)7tNY4Lwftm2jMu;#Dww{;8xV{ef>?u_Z%S@8dgQ$K@|E8#a
zevlysqbr(QMMXjAoR0cjZ&zgI%&Dw(ZKqMucH#E0XVO^<&<`L5B~0GlE5wN`(iPYp
zjuxvI{=O98#umv#YqhS;2KC;X;UIZ9!zh&QB)BJC_$|<;V!gFMWa`U=Esv4Li4Wi%
zh)zoKd6=Yf_Y$RF_owb9a7_Ei0_zf@-gX`qw0-lspdrY7Zi%Gr2p4K_S6#>?aIFv#
zWAsM+nJcuZkS9Q=)VDyAiRGw0I!*P&9D}q<jzG{>XE?RHc0?}3g@sC*S*}#nx944L
zx}TL9*xu@>qaM}0z9F&1domQCkG^^ic88kppFICzk|VBL!mw|M;q~Z5o352MchqI|
z8@s}ui|T8k5n&?7qgkm_mDxMlz1^d#Poc!)TCz))&9Nk5)+3Wha!u=K_^x!JP_)BB
zvT|$hXXqGg`;vc1G~E%~4RW`SBe=j@KAaP3ps``}duXu_9u_vh7_U?3i~2^JAsmH3
zDrK*aleFngF%E>wd|)1B)Nfg&yw^$o>u2t?!G*1`%x_ApQ$J6-ejPe=(a+e~tv3G<
zyB)E&=T`hk=Ls0c(2cu9s<${BF_crtsA3&ZLZr^7%eX}M^yN?84M|Kp(Wd2~mUrEN
zv%xB*IDIi)jjG>fZ-lr)a;(GPPRQxPY=giGy+bh;c_xa0XNA^TqJiP%ivEFr-$Uzn
zL}akOwcC2IAN2X-pLt{PdRm<;2iD8HM8Ig}qw&qMa~yHNb@gk^l~YK%oE4Sqp-=aQ
zjzg`rhTVOwRjP*n$V2gLnp}Hn>y`8`qvc_emYT^^GeIHY<mI~z=?%3G)?;}mt3%3-
zPyg%A?#!V+c1PY=7T2amSSH}9b@Ff5A;S+v0jrn58QzwoZ$UuW-2R?5!5#=^IJWa?
z(`ui&E_3sEQbR`vT~;OnM<7tp@evZBE1+~uhpd$SZneZ}T5@Hhw%JZPG0|Kq7OVaj
zasg<@1q2aRybe{;ygB=gy^w#q>iudO@Le5Wcm+h&(Gg0`-0*-NlYD79?)xCP2n7f%
zLIN)oNr_ZD-oOcZ$Zz4M(I7A+`3BB&iCakDVL*h2ysPZ`Z462Ghg|_v$`h;hX5}h{
zEYmVN#5_mugW$5_zCP$jgO!#Er6FzS(HTNaiLmi_Tp$I7i|Wj7Ul%^mk8$Z4Tc<@o
z8gA5qrXg~ol%V2qub6PS6eaMTXIENtc+_@I+{-tFcXZK@0R>dprc2k;4)<MqfF*uW
z2eWI1`GUUbgI!caY?<5hzudnfNAV!%Xa+E2wntoB2$vjb5J}BfuD6R~f%o{Hup^m)
zA(%Y$`^*iUY)l7y-A$sK3k5mo?aoY?*bl+cj_lLj@3#v-Y%A>gOMd3<nZCN7R_SzP
zqp&)^R!u^rY6pbi1L{utz<kn&b*t7(%iM2HcJ;Z{tC`j<x7=J4;_}=)rzmyf)#CdN
z`<g@(x`rgTyPa9jYXs`{(*ys15o&P{Kj=9kYL2<z5fL?pwFoKaBuX^eU8z5xT$FJW
z=;A(!c?(~zJ{CMQJapTpCHllykiW5L2Q_&rUOv{psJ1BsFlDK-r|&vsZ8hOe@r}AX
zDt87=0(Nw?E+B5Sx#&l^bf_8gbcAnP#&fU70;NeU|I3{A+h97RUJUU=n7u`sApGkG
zzF{#jW)Yx%`Id(I?D>wY9w$DtL6)qUWB(VZ6R1vBaBk%)o2e#kF+)uy%xi<il{$YU
zT$5C}$RSvwJA3?C&yERO;K|)DNzE7bh(n`@`z~cKw8B8gj-E{Yb>DMwm9)0I$;U6S
zbJZwLqh+2--|I_zDRdwg$IRCyjXLRQ$Z_eKa*SCE6`Fuo5%z9xQ%c8*!N;u;-DGg0
z0|kG8tHDGGp|PE)&vPt`d`UgOGxySy22p$K%kYYU>~lt>Y;ozYOoxAH%*N_<g)8?t
z?}g)WPXy7equhz}9d@#Q$m+4~D#_*04}nVbE>LQtXMM_J)?d+<q?u_QXsyk~QA{Be
z-d-y9((9NXo1=4D<P?pHYXty^vJ}AgEVW)}@t5m1d9EtEFi7I-v6=kFuOCDEWn*G4
zU)qH`wod<C78BeNc3DZTsYoccNgA-k8^=j@4(4>(v&~ej_sZi?D~#m>f|NG$P+CY>
z98TeyScZW#MwTKLNOL)OVx;xzQC_4L@V?p|Y1DUc3h|!)dl<pSjU`=HO8dqTF+b&-
zMt;=fwywoJLg|RpfcFV)QCJVlR}SC!ZPD(^k~03XxUjD(tEh@|^`clxh`C{?WX4w$
zg1gs3Kp;Wuu6qhqDoT2p9;B(1;4V8~L%sB|K|9{#zot&3)ct|;Y*Dm>-Ur@M(lV#B
zZQ)y$DQ3=(EyUkqXU^wT)KG#Ov_1JV6td?J^ZN#{25zGR-R8?miytq`3Jh)CS{#~F
zDA(N(Zt*8IdVJL+r#c%o<{37M$!(^4BQR6(g0gQLT5WGj@>HJZbk5*R5$Art_At|Y
zeJtO&WOq*uJ2A(%2mpAgna6)0LvyI^vg<luxXdy<8n1SQxpE_<VDYzqpJ2)2@@Cpx
zRtI2c`xT4`BKlk4GZrJXNj#Wn`|cVC(uv-Jpr4nO+k|r(=?64u=T%n*2jG3%FLWV^
zmESduvnn_1GmZV=k`*vD$%?&4aYtcHWxGwB))zrpgH9h~A?B1X+Z|pvNB%`b&JmG(
zIV`U|pyzAYIBzFsW0M8cXn+c5=F#E)a26PuG6KGwH6#AyXi{9wbVy81FEcaqRSP<&
z3MJ!zd60gReMc@1RXq!(IZL+Z%99j{@3NT0yJ31OW7KtW5{~xY?Hx8MFKUCSZ@&|u
zjR?bceVD<&_R%X<Y(Ofm(^}Qm5Zu2w^3E58iemEImBurZ?uVNLql<*8O)TIugr}Id
zykHZ`RAT2kmi6rr`x^6(F<mR-8lH=Jq&kKdFA;H06bJd!XJ#uMBd0!;xi&t9?F{iO
zfwFl-akcL!>idfA^qoZ%>tHlox|spV@m*G;&g9L}*TM?LvPeGPW=CK;K^S1r*udm9
ztYEZqd(0{VTuMarf{p$lidQni7O4mA1avqq%rwpCC#U0^-}<>3;erZtc8+D=RezQc
z^nv?AUM_>Hu)V>E&_TX_4Ph;M`#yMCv&Q4|vn-qRiCr22;ZbL;rxfqp9NPNO-!)<+
zz%sZ=OysTZz8~kzKl_?$qz1-Whngh+vtJ4b4|BaTR_^-!knh5v9PCBaPSHxgCXSu|
z)h}x8^ige*F|DHOp)R!CD@6{?-)JcXDxiF)%Q2p$_|Z`hr+pN0S?I!oH4yq`w>7|#
z!#l**KedZ4i<O_m%KmAi)el$d5R%*5FgLk>Ex4>Yo!M(f`q1cDjB$PYIJvso?ZcQB
zpWeQHsg%e9=D6Yk%4usZF6jatxwe6fM%HLde7Bl1dGp(1R0^sXJCRAv8$zJg&KZwa
zc@C`(S=kzdoic>y-Opi6zj~AiGi=a)nT-8u6;QZ718a@{3Kw1O(F8axz1iSR!By4W
z<N<SA5Non2)+GSU)bfb{<K~@<Fg>iC!Y(zgJJn8K@Npa6?RS(v<7mA~0$9|rKM<e!
zP;UI_Xrf$Hd#eT%80Ka+pD}d~KRnRhMSgt1jXG{_+QTdvo0xjuWyD$Q=yH2bTI<X#
zh`!GTh?msN1UVw}Ji2)s)vHvbkO`JU3`&zdT($rbmeIS7D4CTA(B1#a?F~DV#eMC<
znesHU*V#25H=Bq>a{dGI{e$>=?^L<{hFs=Wy1HwPQj!@`rpn~gV>3S9qQeIqj`tju
zUGr2KkdIl4V(~okb4)?(3DrksYfSUBd$nCm-xn+Pm&zHgxzQfpW`b|0?3+T0Us3#-
zm)-r(cy0dMH{tp?{fS|-4R4yohu{+)jI4oe8p4s1xS=1@|ANK)R{3bC>N$?zvO<Q4
zod2C<ZrO6x{uvZu4JVSfi#X;x?p(<fQ*)bm<cXX$KU_Ov+3TB!)K-@sdcJh5JcmRN
z=pT>Ci)>gVve#^v%Wt+jI#uM@^TO}(UOL!uNNCLGH~u~6Hh{msqO5v+nfeUwT0!*&
zD$}UPHuG2A-P%ZDgb#G?@CQ@N;L<m{w<Oq)Hpo(ki_7t2<6P&*XW(&52Ow1Ah_L9S
zHqgg`5~S0YxAV*Z%v?B5fSL2MZpu)leI?f<np`CTDi}Ba&aO|~6N&R!%--)SnR}X^
zxy!dJ550Vkync%xW^LKIRUdhJdi*x(oA;cvbL#eil6yN>O6et<Kcgl+!)PQ-`-&*b
zg`)ND%s+xkHrsl_q6WX@HVaRq?S3#`M9*^`E|*7Hst34ZoHw(bC4z@dsPl-21*LsL
z2h-h(k6vtNy5XTXQ2kcQtQS}h0`%bVpExpC;N-AlZGe@))|hU-w8B#y`-c2%6<hRk
z&Fm+4^iE6+>c`;HPqlFY-MuW=hZFVB$&1)y4Cn6xkN7;SsaO$2zetS`S(J{OGwpZ@
z(KPt)EyXrc^ME&y;O*}xIPi~yDb~c~^(x-g>OFtgq6&?5k0?-wBw==UCc(Kl2p6v0
z-d$+M6ds5U4s?>+x*_he!%G`MiyD5_B<k;ew*aLlDK_(ry46#fT0Bs#@v44C)$}9r
za{0Z%x7*f=UTN}GN2oFE1G~~6!A;d8f?34$;=F3d`@Q!Y+OcjHHP9?os)naiboTD+
zeHo@6Yf06pW2@KsJ59X0$8ks51-fBS+_H-)vvc<;L!KPM^cu5f&^y+WTU<n3B^auM
zi(x;tXy3eM;cn$!n`wQv^d;cF5bup{YVDb99z2Op_=PitNcpJ>speDaK9+U(JHSPx
zB_N7Y!}6PEw;>vYVvI;bJ27L(_BENy+_7u%+<dxfYRR{rSYjOplty1QRS(mD72RGB
z*-UI#nYLh-ZR(e662fgLV>d$_uv5uL^N4Z9i1?i+xVQ>sk-@=<l(TbhmQcHiK}WmC
z?i!*;NFkMHk(!2qkn8UaL8r+j#i4)h9P%V}3o4IfDMI)8?PoUch~w@Lf6TaL`kD5p
z5|p1+c`zJ>fFGhsH_KZT2i^p1&j}b{A77R&XV7H^;AKWdqGgj+PU<rd>20}wA_U@|
zdGzU#reAxFd*DrfIu+Lr4TpNzl;n|w3SGihW}xtqn#nczEk@m$Q0>eom1?nbOVmoQ
z(t_Hc&q@o~9g^a3ZqMgA5L<x2k&ooHeE;XcNx^mug4bXwrUue;y4-KpsIcL%mHVi3
z<QjUTX;4*<@_Fl(Y&uz)c;%mY3eJ9Gu6y%2UIUr)kKpc{r3#-n+oYPj`^ug1Dz$UZ
zvI+AB<m%233@=wC1BD)NY%zyUTz}{!c5nvWdDW%knei$KY<bu6sb*h6)w?CPV-L^d
z0XmVqZ9^ygv*b@pdYZUU+ccpj%h@#L^Klq)>L(WcGskG<dAv3C+;xN$0N6XlRv+X3
z#8RagghsLu>&nBaHt*bKYpS^Crp~*~g`gDrJnSnh&okz99K~nCAhX@mc3VAY+9s?1
ziBXHogt85{&;LQ3iKHk?eEK4s=f`Na@O{!x=B5tyyY$C}bx+F`Y#3?<-uLqOv?R8r
zJNmMj%k#@Kt8L(T&Uy^-V?Z6Xh%xBc4tb6!rMp{PWD(0fEKIPHHH|c5PSR-TJFGv|
ztZE@NiyjIo)bdwymu67P!0MzXQ`)$H<RWYv_`<nJ_}>V6ChDUyClN_|Yjd|Z@pz}V
zLwlaQcE`A#2dt4mtdo5L=KfnGeD-X`%-wvKDRnUU@+SdwDOqq90$FVbkfB1u$pLom
zE{N3p*U_ff1!pF}D`0Gl=;S75J&CXrPW>qgkA3TvNTuExN0iYLGjpk{tEX6~rT-L8
zG+K*K{{AAKZC%V2oWQa(GrNLs2@I85r2{!mJ1cOh)J^jUFD7EX2y+;*ur5f%+buek
zQsB>3_Fais3SYU_%#MWd9GoMmJ2|}mFMR`Dn~!XzYiK*PzbduIlkkdAA8kf8nWb8J
zhmq_}GJ{k^4HGdPATLluJ!wV=&yCuBBqdQ@oX5Nc61917*qHu83@nO20i91;f4>ev
zrLb)e9#eSJHy0kMnVLwr)QnWi304gz=-JxA^~Ixl@}a{K@;!aEe*MI148xVXR;TBo
zBfLj(#pc4U+x(bEIY80PIsXMqYYZXn_BfY4vN)H<?OyyRbnKe$ri4R<TDD^|PK2$6
z%`C9zhn7)Tf<x>m6`*lm{=2@23`%@WB9D7xe#2Hk#Nwvj=w>_kU6%6ijlKCD<}=eR
zfr0{vyyeOd1qo08s`Yg`SZx|+nQI$ChbW2sXfIT{4#`2cGf;QXB%k$^DpicCjy*lc
z*^Ri=$1;(Ooy30+FGML9XsX0^e~0YNDMRz85Q{dQi4W*S95V>AoT;7$xKT7gz)A%C
zkHv1pJqmS_2XKR^C_5dqIHzzqIXTB)H9iJfMb=Te!>b1q=b=tT!BOKGl7a0R$zv_(
zcqi!CJmR~qU6ECLVa%f9heoofoQgHM+;e<3;Zci+PVT9x+k$Hz<ADB>i+{Km#bfk1
zx!VvI(6!ACqzku-_p&sQ9w}ZCpPt2!rZnv7rJ%FRn#28j2e@n*Je|7W$xce#q72gG
z{@L9!hIcNSNIHxyJvNPVKJwueX(WaeDt$b^&ZRm$-k-nf8CdXbX$n2eo)_4K{l0Fq
z=S8-&^dQH9zby0c;$T`FSa)EVf;CRT?eU|dV*o@qN4c*J4<8?N9MAfmm*`|mkNwi`
z6DBOVtmk=%*C*6P)ETV<(U~w66`aDIXn34MyRhx*qjo`@KX+9pC{GLl6%%H`M-@Ah
z{zj+x=9UQ6v{)jZznDn@dSN<1YO2>HLf14x*45P&m67o>ou(8?bH>Efw2X!K8t=L&
za-p+FS#q)8u(|qpzq(v<;CSWy@jsY>g9`Vir~J9^FJpH*2A<=qkMPy3S$)i3mV=;!
z<b9?ifNQ9M(1h*~bRiB!by`jo+DA#`%0Fjb=vwE#)?34q^&YK|$fG%Q)T`#!9IDtS
zl4sL{db8lZ?Y$SfBpR%Dr+Jq%Q9>)}cj~~0C{(tD`3wr4|3j}{Z5SRWng8l8?zz>2
zX=29j9Ol=4mDIM&nk;S2zidXUhO0GHX*}FyT46M+kAWj+ptMI+vky0|VZm$MXUU8x
z&~9oB@k5Cv>7T#fU;OkZyhL=J`q3%4hQ4Q^#KDSmdC{TA-dy^U>utW=y+*;Rq|;0;
zQcoD2LPhQLpiQ)XX^T!>Y{c%xjuG}C3XB33y8j)i;%WE?R=D2X&FL7svYg=cw#}_!
zJ1dasD*_#E^o-`-?h6#2zCuVV8!cnmqBXLx$P5(U`uWS<_#rAwr+8jofA5Q^U3g5c
zC6M}Gs?f(+2|7i3_g#W!P3CzGgLg~IXX4!#RObleJe2A*H0nH_MWZD2V0^dTdEsJ8
zOozn20_mx<oe|XsxW|TJyTXh2l*HvLTb#|Ipg8LF+F{u8Xbvt5?PdlmDAU&aZA20%
zxIH+hE~1$=-%8_4tdxV1Kyk4J^SZms|K{lS`Dp&MRiZLK^HHCtQiNnSuhXpediihf
zx`*6q1HyFEXt#Yew+3i&(UBW9Hj+ge<#`Dy7kBC3&FN#RybA6q(!fMJ<~j7LfmR#P
ziiW>T2R~uz0>{iu=EK=1NdIrUzObIf=%zPUv(8}@P7xMxWn=h4V)Oc13pbun-y0X9
zztkQRE}qsRoU<<s3A#^9?3CB6=g7bHAw6B@Gd0_lOhbujEoES>S$&-erVp;ArDaQG
zGN#k>aGs#%Tdte(9kSYfr;`?Gv0N$GbkDF0EP8zVon}a~ts_D>=llLni~do!c)Y7E
zv&Ty98||_N_k^;WJ*cIUslWn<8>UfO1N{ocNz-OPx9^tQ(eBLV9w^H#&>dwKKNq-b
z?8Q`G;ki67Wm?7csb3>@c<4JG#nmfrpjqrv+b{3aFHNTl@edW-xD>k?QpdTyn-3g{
z(}Vk+`%d+eq*mRj;f6j@-|()kYL;}KHg(h?djD>(5c?%tIK0Fntl-;xSgJ(S=?z;4
z-^`5dJ8RKxo>v#1KTTVEBGU2#`Cyg?VQ1|8KK^^ZcGr^AxBC=vIpw)+|6x);OJ?vA
ziqSz*_4}%#+D|X9`?+FXyuR&V``C&U4cKFPF@kpeD--pbLsmH!-`-zXs?Zv{7W^P=
zcdgZkq^kcE!pD{<uKSTnpNjsJk|`7OKDtozMwnp2SyovdP8S9Ijh@X|3i5QtnCVlu
zruP&RUj$n9M@`xphMtA?dJ;ys_7#4H${K7!t4+-K^$tl5Tifh?z39Z63XQaLG%At*
z%r8U7<@*w>bykJO4>_QJrg?nq93JXBNFFbaA1Mlsxg@(+Gr7&)C>9v#%~XTK;j|S&
zlDj{YM-b2Twtdp%Yh_I(X)saiAGal(WTvkQEcbwlZ}lYX1gq|38dGHaupgLDE2t%$
zlTf<QbBh#^A4U+qKRgh_y{DO<4w|v842yLCn9uUHFEUT^bi-vTigcP8Kho^dpbJ<?
zCe<5o8;+AKx1PVy&#A`@MYyGf^`qO@G-9<C&+w{xp0my$-qYbUfmKVn^<`~)^R8Fh
z`qEUx7*WW12L{zm<d#t4N0cYzwk?&W#NUK>FH_qtZ+~^sn1rqPoS6v6nSz6?mWvms
zjy4X<*3iZK*@Gkc`rAH+ip3;uacYSYeOn_VZlqZiBO>?1?mE0wn^I~hABca{F<?9P
z7=ZC7O*NycO0Tf65Xt2kwY~u*4PO%w5FnH?XHbcAnf$PXrXYe8G`p^)75YkMtew7K
zI&u{<5b!#1DNl=vwtR+b)u`NlTedBP*lzDYP8(UFL7+dtxU83tI4EjM`+OAFQY+mu
z>sem?otSVL*4q~BX?QH1zDJiQv!a31nCr}-K%VOqBFdooKp~2#g-o6GU^PgC*57&Y
z?VuSbXk*Km771BER^l}81=5{93BC=t;52z?NHY|T=WXJf=~v(OVg0qTB`{@m*duuu
z;;y$kmY!`6@c6yi<e-s$MLhy^1HM7CA`AI+P{?RMeqp?NJWh}kU9mmD!H2I{V(S@a
zTD;rQ&qDXO5uOfW2~vz6H(qd{P0`&k3>607P9Y%Vr@O@hpDmpDN`iPRxpwySE@@5|
zU0Fk)b80cuVP6asF;Fd()AQ^RM%7~%>;tDxsa$wXcqi1}=kmkac_})ti79x4DyLnD
z6rDG%kCDi+KmdBJdddGgFCWh7UgT%Z?IuV4pJp#N`d=76+z)Kc>EEK>@+#Tf({_bd
zW<sN<D>}K}mTV7MZtk+4{?|lOMsb_oQHcB%SZWlRi#u5FIA1jR9`U6Ci~Rs^r7NBu
zIZMMD*{^T<DI$E0gq<cHdpm<yp(RxRV3KYr!lFyN6|e#arzhSq7s=DmeV?2>4L98l
z?vO+*=bY<J%t`pg;om`~t|x2q2x=FMph!|6qCul8wv4q^qY(B_m_4x!yu0P9{tXPp
z&7WwEU$fU^iTI43x$5pUOjaX%w11F21bUQIMMC^NU_WvgkU?IJ%&32N-fFfpsn)Cw
z8_he>Jy5kJ;9N=fLdJ;XT#se*g4x5qM>_AF1g5vYgKVlgfKsWL^cPM;&Wbk`R4lbs
z8ZO%D0s&uT-~98a=e`?<%Rya{JU(lO%lcnKoDUE=MO>MbnQm%1;p(SJZVnLJ6m!~+
zyoer+%>I3<g=_q_*?N&tQ`Wrui?nk;HyRh~xcS)IUEtvizg$Miw)zIv`NE=@&BZUD
zdC!Y`Zk{Nkk<3L(LyJ2Sg0^4!@*SeM9D``eb;O6en@0z*kF3sT36K9iIiG^>NS0@v
zJZsLhgA6h4kEA&p_25{o0sEaNDQI_1=<0*8CNjkKn7f_-YZzD{dz(2BW3iPWjb@aM
z_BX23Niz6!U+j}@rlyjd#UFSjTU>LP?LRLbGW0|@NqU7*ctQ$POxzfr(XQPnk)wkd
z$@1aGXr<obs!h&fTrdR+h=%?;MWo0xW70lI_E3+C&4DrP|0?Xt<C4nSuuEELW{sI;
zrZZD%gPNHO?pjS&u9c#xDOtH7E~TKk;5D;NQ?uL&H8WIlOHBf|%F@C;6>_(61yq^<
z7ZCWaHO=?^_q~7K-{su%a?ZWyJ<s#J=gmml9C_*1)ihdg#o(GswhPLu>I%N|NKIF*
ze-s#)+#Gd}>fo*?-gez$FZxZHv$F-%3Qy+kfX?kKjLi(cH|<X_h~DkI8!vlO0jSRX
zyY%-QA79++Xx5TLXJ58055bb{W)8UK(?S4#L-_pXFFW*b2?Yd}vG=5^5BG(3CShx-
zJ0{*!B*pD=#?yTA_G}{A?x_(!^HhLsS*Xx~-()KW{x+TGnjbUWwx<&EIU`T*#z>~y
zfuSk+fRTbu*%AV0W>Jzc`4YkgIH8O7Wna~)f)`+@P+)&xfO4ODMN8Eq<gig#*OLNA
zg-OJL(8^&(4E7JqTY{juFV#AkdaAO6hm%M??D3(TB?>@4hx~|({ncjLxu{KLLy!{2
zrjfbQdj%AXK~f{laE9gHwc*(M$~3-3VJLgmt;UzcwBNSUmk$X0J%eNO?4T$-H;wk~
zpi5Fg<`5~Ycu&cGW#`>94R-BE6d+NPb~$W=(WabBc=Nw2Mo|a+8M@ra26CrKOCZwS
zByzbe9T3m}blb<o*7|&3AcSuTZZsA#;F$yh{U<qtOJF>P?(Pm$NOcXVT`tvRZ~XrM
z&&<AC13I>XrLm2Tje~6=P93#wzSNg^sVntgrC`x9PtrI4^;o3Q)^wc0A>XbKC^C)h
zl_r{!Fi}2E_ok4^sEpI0OM+CJ^vX0};W33kDFUJcrTxltph<uo4`>6=om2VMDDRPX
zYk8=ba<c0*^RGpM1S~`*xw(ItW8t9ar4*M3SdG4Mxx)9_9DZ|G!<g)|#O&YB-sdaK
z|E}B92roc3y*}@;xM~ooAi<UHZrSTcD9v=eH^Q8G95VdT-@gTr_}06THC(EmeGxI#
zLUF4-%D%H<XOM@$6sP+oI^c0o^b(R=Mvp4JN{Tgq6R4=mqPmqOsR=Vi2E;y5J{ITs
zZZCH4UME*#9vptp;Rf?ME3yvjh#v&(lb-woWOZVp<J6ub8aUKLz7H93p!({UW9FQm
z<Kg!FR}&yFpffcNh%n3W?BeJ%K22*-yY}3fS966)9ExV;XHpzA-`KI3vlkq}Unwy@
zGqNQym8=DAsw+>CTq&thw5l{@m8&-i+pR6|ylgSa0gpxNI?z=MJkZl#BS)}Q0~ZkP
z&N<_BQ0Iegv$A!r9oMi&e6%>K8xJYiXPcS{%TSE+*vH+w$9ebhzocQCjo8sVuJsRq
z7F3j8*DedLU#JV0C)}rbMceB%a?ah^M0lwERfjye5q5*yW&2gp3Yk5wSGwYP`E3c9
zcUDqV^lsq@(6<8&R17pq0)S%1v3LmT7`?aJW*9{)xiwUj##?O#(sXKMJ};>$lP*5O
z=?>eSd0$3%UwoNv&a5ZfI5JBo*7VIolQ_1OJ{f`S<%mA#rLQfa&^>gO5U+_-d{+_N
z9%EF+cH4K-21^M{DzidrvyA-g+3wfG{k7d)#6h;Aw%i%825CeSNtSV<mKPEPxNO4P
zA^MI-JX{2kousblK);dYVJu2rLPV^Tqg)lb3J^G%Vr#X_o2~f%h<3u2fMt;C*GN~t
z>>}5@mMm*<4vWH?`VIj8SkKAuS)vu_huqLqdVVUZj#Ph6LG^qE-A_uQ$X@;eP`ull
z-Rt2K1j&rO#BjSJQ98b%wI-Aynr;a}P8C`SEI&eI6Wn}3l%5u9-?wk+Gsqf$H~RYo
z=T14orPbCIC~7exh{WhN0Yh+OQFI7nZF30OQz*A4#F8iYA*9On-|Rn`n*h5FZqyD=
z-Ez6{IzXiPKFV|#a4DG@guekBjLmsmO0pLA+&=Gjg|1ah#bne8Yw&dC;m6F5BpDn!
z+(h$a6yMvPd&lp`^Vb&)uu$)Fv*Y@rF9;J`ET=kaTTZYbkf~05=Wm>WIxc)~o;RF}
z?DrRZ2ul1{U=?@ebZS+=Ffexr=zB&1WE#tB`j_vYVd6C!xO|{^;B?^34mY6Sfa|N@
z*mf7E16|G{vc&GrRMd-(JFbPl#DO&bcPl_3`l<u^;;o=Su-h3tU0!6fxb5t5;fYi`
zQ_b2~_ZO(!gOhfi&et=?Vy}~}yLh-IXs+V}r{>Lt4LratO<`X8s)zxI_Lvn98z%R6
z&ki<8i2rFYNd~Al+f{$B0x`GmwqNV%8}H&ri%;dph)#Py2*>Fs`x4PFlrqKrGePQJ
zFsV3c5Y~z&&wwA3Ppu9XTz%7lsQ;%-1jX^WhUi3`WY%4X_-^2TAh=T?CIepYIh)gM
zw0^R8SZVLWagB8_?%9`Y*g_E2Wn)|6P~|{`SsAe#(hq9vt&%v50b3E5Z&3T+PA6o-
zhVb>)+WqRL8lZDfVba`Jd4C+<{d{jV$a5D2fimY`wEqEhfxq3IBD<BepPQ)n5yZtF
zK05&FITOGwl)oOxvaLg1adjD>o-*Mlf+-H-bKfzV+O4Bv68?Iq%^<7%-TXn3Oq^jB
zTK(qhA4`>(SRqLC_xRdD<1F(qjfWaJYK18t|IUW>yN@3KQPC1?;M4~2Leai|YrpPK
z1hp;aw*OnIH+SFv42Bpver5wqBR?t^7hwKKihT^=_T>vZs9-yBfA&<%Sbfrpp0h-p
z{rNEeouDhH^?<SFZU1fXz`|QXW3y_xQxj+U%<k2Kr6F`V(N+HbmVVQ}TIpR(fAa?o
zl%KAM_1GbHxHJ|pn>jvmUSZGbM1l}rk0vy$WKOF7v?j11;HGkFDlHeOU=Bq)jwY8o
z&|UE}aR^M%wFQBVJ~<i#O0%ethju!jk41fKgpl7kXuOGBEdsUv{}}yuQ03Gp&lp#;
zbZpM<bA~7~S}U(9-SEZHsX9H!G^;w3hjv_8_K|B^KsUw?Z;Ke^>SQl80NmSvrJtZu
zt^e*tLE5m1*Q>L|BNGOz)ornF1~ukiZAYt@-U74EewdYCnz}dao|h%dCi&j*92n~!
zj~`vhsm847DXZ)}-&m24K{mDyahn^%Gn!b^HUfR*qZ&bXcVDC>SX5g!q}+$m<PtK7
zRuf{d-)LG_1CYSh+0PL+BKjgwX>CYgU!yCxu1h_Bm}g7cq{G0IzC%45F>P~#nkMGX
z?_1P7edQX$=4dE`PSaozmv5cJ$6E4U#y;`m#2gkgaco|Bx;at8y34JIEu0O4XDi+;
z=fi=iXFgzea%w7Zw*B(KOK9(vx90?QKoTeajfqb0XC$1~x98M9n?n!>)&bR6(NE*+
zVB-r1_pVWH@r;l~gl^^Mj(os1KUTnZ$SH7Sw>{?}vy7RCt`T*I@h8s@=)h+iy$U1d
z1D%7J&tov1UFxuN3=7BP+bvO;8`6BT_?mDs{5xr|?w~(ZK?88ulG!zt4{#=3GU_Iz
zVa4(Tewe0b-R#!VnObpzC7xJ=e<NtlsW9d;d27ha+(FkSdN5Yqd*C2uxdFyohC_Q9
zC8buHId*YA8XofvCx#Zo#dkq;q&?h!Ou_vVglSObESuR$+)|}E^d`=umK0bs#C}kE
zEh7^P@axwgrYzm|;R#;jGK#I82uC+e5_?JFRvO`>p2We@I2MK#?fqT>8R_>G7Xsh0
zG_=!B34q5S;+j72Qk2PR)6&keZJgdrH6{P{c?okpffm=IqF$NI?NKU*7wI^xMv+mH
zyXL|jiE_PvEbel$&>1OVb{5+DGL>c{fy-y4=6}2b-F;=$8Oy8-c(sNmE0M~U_9ey*
zQ`bSn)BJBOZ)-nr&*~EtzR!z-9J`Wh5tioqhfW$B<L~$3(~!eDRZ+~Xa^1TtOvkF(
zIQJY1Z?xPx686dS*>pr|PZIm_a@fjV#xKO3VxQg}X9K~-66@8JZYcteWz+P4vE;D$
z>5(w$gih?Y-Z(YJ%}S9Kz!XUe7F$#rJ+796Wr5okaTk152s%;Ib06sAp)(TNr5(V|
z`}E7|BM%sfA&-mv@UuhcE(`eXbnDA5Tx_Y5sL8&0B_DZnbcW<J>H`VAQ_3iI!>ZEc
zRprao8fI*QmXo~)fKc#5kZPzE#uTQZYJd(1JbR{GZQR-EXmMAwWrg?~j2-DLb{>?#
zfEKqRJ(uaG-v9N^i4b~<vHWS;Xn|q3Gr7QC-mECLCO2RqeTz?&9}%}ftTqYu+(pXP
z)oHw^;9;}c*^e9HM$>o0n}I*kT*E(Xs=M|0gr)R`i=ZAtr-~dJS$bQ06^;|JLg-wI
zBl_Cny~U-_uJYgZd4lTGBR8C{6C>4b-#V)<2A22K?;C8nyfnIPj6&IPu_=fr@V{BP
z$HIx$sEnAE@Xm21I;Glhc(iVr0X35F<T9^IoASbQ`z+J)N0l@yGs#xOm9C^H;UA`~
zNB~)Gn89_bz?N(v$9puz)KDmy8zr=eOpD6)*B)=liS+@I7fBxR_ICp#LWv3FJzHLm
z$e<0N6FbB1ALR2>l+5lNydBFwCRidiC%bj<(uXm3R6j@KGT#M|c22u@n#;XxO`OZ^
z4pgH$x0f}0>`Q;jr1BQS&Nm8qzb7;j0aExAMJ{HOXcbhGmX)`a+00tbG8ni|J-<G3
zB=rUDaNd0~h5wM@V75=I<jC|gApDFm(0*R+Xxu7SW_M;fD9hIyM!tTO2CuQP+=adG
z;_-c?#I&84QVOB3KlajO=8N=3SvX_L$DE2{JEIp%CJP3h9n(|(Db@iAqX6Z40GWoH
zFl#irlo`_SRK;`o<*X!grm^JlL2cp~`SNvt_$<K2V|R3_gcKP@j_&As<okY8RGo17
zdDLH`6Y_Q)p*0qJ%?vPkOJ2nNl=EkLE4ih!@cz5HOTnH7)&fdV+N6Z3{4VIZFZLyQ
zpHR!f43ekm)(C9Jt!6*tNkH{nbN$og6N;?H<YkM5SPQX&=hzyGy><MhWP3$qq#1o}
z_A$b3TAuKhbu4s1ZNQ1!#tFv<ZktxsIvf;F&<^9(S3)gds&y$<l$YQl$RRWIrrl?Y
zXG7}vM}N%P9UoV7<8z#M0nkvNp<3#ag3+(80*dM<Oq~H0@Q5%gP?CHk?z=^cIGv0b
zopi<DX~5-0jSaRTNduo@?X1k1oQoaaDSjTCN!&5>x5m?Ret~BE5!vLX4|;6hNZxgu
zzS)HVH1yAR=ob~}Wm5<<iy6N6`apK<5a+e}BNt<~<dtf|M6^PZM`fkds7J)y4JCnh
z(YnWc3t(m4<s^?Ix-AY;@076+>Nk85Ge3;$fJiNX?B8Z3wbi#6Cn{SxYDt6*RPlv{
zSxYM4%J-F3D@RzK`X>lEM_E`5NocS(JsP|m7Y!R4S$l(0@C#M%`=;*qSQS#!j-4b-
zlRel|h6I_YUMj+Ng<`!1pLzyA;{%wZ^HmuU5$TI7g%_Sj=IfuEl)msxS73-(aPk!*
zA%|Iy^af&$&$7ohip>QKAv*}DwXlk&y*CNL26qM)YHq%Xqlg0Bodv?=RAng`-qh+R
z%~;FHT)aMUBKg&@<yPkcO(Sy@yuin)h-mW?I%^V{94|d`M6*90AWR@Bf0Gqak~$Fx
zJ)^epJ+Rf3z?4~)-&|<Gi)@`m)$>vCC~4TC*|Bcj(Z5&S3*I+SiM3RHy!#Pbfnhm%
zrX$8One+vTcgxVDZ2+N(bd{?~zR7nDUECfo*WF@CilGh!nfqqI$pT|qtTv(OsU^Rj
z?CNUb<h4st<{1F0S^p5Ra8*8wuV7n$_8rCTM@6hXsUNN2+g-z2557n#)b;$F6Q@}v
z_$5dNt?1`2OE)Pu;A*YrE*aMNWYC2n3GC(xQee{w$&SBU&G&l}sd@QM%FvUE5YN_<
lM0&ZYzDC)q+dLA}UIa6Ka!Aw>)4W~q%Y1B&*Yt?Pe*k{4YH0uf


From e016d18c28aa704f41fc7b003c9aab1cb0e56265 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 Jan 2020 15:36:13 -0800
Subject: [PATCH 121/247] update table

---
 windows/deployment/windows-autopilot/add-devices.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index 4a2ba1d5c7..cec72b237a 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -123,13 +123,13 @@ A summary of each platform's capabilities is provided below.<br>
 <tr>
 <td><a href="https://docs.microsoft.com/partner-center/autopilot">Partner Center</a></td>
 <td>YES - 1000 at a time max</td>
-<td>YES<b><sup>3</sup></b></td>
+<td>YES<b><sup>34</sup></b></td>
 <td>Tuple or PKID or 4K HH</td>
 </tr>
 
 <tr>
 <td><a href="https://docs.microsoft.com/intune/enrollment-autopilot">Intune</a></td>
-<td>YES - 1000 at a time max<b><sup>1</sup></b></td>
+<td>YES - 500 at a time max<b><sup>1</sup></b></td>
 <td>YES<b><sup>12</sup></b></td>
 <td>4K HH</td>
 </tr>
@@ -137,7 +137,7 @@ A summary of each platform's capabilities is provided below.<br>
 <tr>
 <td><a href="https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles">Microsoft Store for Business</a><b><sup>4</sup></b></td>
 <td>YES - 1000 at a time max</td>
-<td>YES</td>
+<td>YES<b><sup>4</sup></b></td>
 <td>4K HH</td>
 </tr>
 

From 765bfc9c2aed7afe154fb61a55fa2d4552ecc443 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 16:02:51 -0800
Subject: [PATCH 122/247] submitting five corrections

---
 .../mdm/bulk-enrollment-using-windows-provisioning-tool.md    | 2 +-
 .../provisioning-packages/provisioning-packages.md            | 4 ++--
 ...onfiguring-uev-with-system-center-configuration-manager.md | 2 +-
 windows/configuration/ue-v/uev-deploy-required-features.md    | 2 +-
 windows/configuration/ue-v/uev-manage-configurations.md       | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
index eed325e37c..2818c2e55f 100644
--- a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
+++ b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
@@ -35,7 +35,7 @@ On the desktop and mobile devices, you can use an enrollment certificate or enro
 > [!NOTE]
 > -   Bulk-join is not supported in Azure Active Directory Join.
 > -   Bulk enrollment does not work in Intune standalone environment.
-> -   Bulk enrollment works in Microsoft Endpoint Configuration Manager + Intune hybrid environment where the ppkg is generated from the Microsoft Endpoint Configuration Manager console.
+> -   Bulk enrollment works in Microsoft Endpoint Configuration Manager where the ppkg is generated from the Configuration Manager console.
 > -   To change bulk enrollment settings, login to **AAD**, then **Devices**, and then click **Device Settings**. Change the number under **Maximum number of devices per user**.
 
 ## What you need
diff --git a/windows/configuration/provisioning-packages/provisioning-packages.md b/windows/configuration/provisioning-packages/provisioning-packages.md
index 8899cc5501..6669273d48 100644
--- a/windows/configuration/provisioning-packages/provisioning-packages.md
+++ b/windows/configuration/provisioning-packages/provisioning-packages.md
@@ -112,7 +112,7 @@ The following table provides some examples of settings that you can configure us
 |          Start menu customization          |                                           Start menu layout, application pinning                                            |
 |                   Other                    |                     Home and lock screen wallpaper, computer name, domain join, DNS settings, and so on                     |
 
-\* Using a provisioning package for auto-enrollment to Microsoft Endpoint Configuration Manager or Configuration Manager/Intune hybrid is not supported. Use the Configuration Manager console to enroll devices.
+\* Using a provisioning package for auto-enrollment to Microsoft Endpoint Configuration Manager is not supported. Use the Configuration Manager console to enroll devices.
 
 
 For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( https://go.microsoft.com/fwlink/p/?LinkId=619012).
@@ -136,7 +136,7 @@ Windows ICD in Windows 10, version 1607, supported the following scenarios for I
 
 * **Mobile device enrollment into management** - Enables IT administrators to purchase off-the-shelf retail Windows 10 Mobile devices and enroll them into mobile device management (MDM) before handing them to end-users in the organization. IT administrators can use Windows ICD to specify the management end-point and apply the configuration on target devices by connecting them to a Windows PC (tethered deployment) or through an SD card. Supported management end-points include: 
 
-    * Microsoft Endpoint Configuration Manager and Microsoft Intune hybrid (certificate-based enrollment) 
+    * Microsoft Intune hybrid (certificate-based enrollment) 
     * AirWatch (password-string based enrollment) 
     * Mobile Iron (password-string based enrollment) 
     * Other MDMs (cert-based enrollment) 
diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
index f8aaf3bc5a..f7f8d70fcd 100644
--- a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
+++ b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
@@ -19,7 +19,7 @@ ms.topic: article
 **Applies to**
 -   Windows 10, version 1607
 
-After you deploy User Experience Virtualization (UE-V) and its required features, you can start to configure it to meet your organization's need. The UE-V Configuration Pack provides a way for administrators to use the Compliance Settings feature of Microsoft Endpoint Configuration Manager (2012 SP1 or later) to apply consistent configurations across sites where UE-V and Configuration Manager are installed.
+After you deploy User Experience Virtualization (UE-V) and its required features, you can start to configure it to meet your organization's need. The UE-V Configuration Pack provides a way for administrators to use the Compliance Settings feature of Microsoft Endpoint Configuration Manager to apply consistent configurations across sites where UE-V and Configuration Manager are installed.
 
 ## UE-V Configuration Pack supported features
 
diff --git a/windows/configuration/ue-v/uev-deploy-required-features.md b/windows/configuration/ue-v/uev-deploy-required-features.md
index cda337c5d6..b8b4cb2155 100644
--- a/windows/configuration/ue-v/uev-deploy-required-features.md
+++ b/windows/configuration/ue-v/uev-deploy-required-features.md
@@ -52,7 +52,7 @@ The settings storage location is defined by setting the SettingsStoragePath conf
 
 -   Through [Group Policy](uev-configuring-uev-with-group-policy-objects.md) settings
 
--   With the [Microsoft Endpoint Configuration Pack](uev-configuring-uev-with-system-center-configuration-manager.md) for UE-V
+-   With the [System Center Configuration Pack](uev-configuring-uev-with-system-center-configuration-manager.md) for UE-V
 
 -   With [Windows PowerShell or Windows Management Instrumentation (WMI)](uev-administering-uev-with-windows-powershell-and-wmi.md)
 
diff --git a/windows/configuration/ue-v/uev-manage-configurations.md b/windows/configuration/ue-v/uev-manage-configurations.md
index acad942ea1..71d5841793 100644
--- a/windows/configuration/ue-v/uev-manage-configurations.md
+++ b/windows/configuration/ue-v/uev-manage-configurations.md
@@ -29,7 +29,7 @@ You can use Group Policy Objects to modify the settings that define how UE-V syn
 
 ## Configuring UE-V with Microsoft Endpoint Configuration Manager
 
-You can use System Center Configuration Manager to manage the UE-V service by using the UE-V Configuration Pack.
+You can use Microsoft Endpoint Configuration Manager to manage the UE-V service by using the UE-V Configuration Pack.
 
 [Configuring UE-V with Microsoft Endpoint Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md)
 

From deb8cc6add941dfbf77592c38b56893759803e7c Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 16:58:22 -0800
Subject: [PATCH 123/247] corrections in both files

---
 .../surface-hub/manage-settings-with-mdm-for-surface-hub.md  | 5 ++---
 education/windows/deploy-windows-10-in-a-school-district.md  | 2 +-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
index d33697a021..b3a74fc47d 100644
--- a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
+++ b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
@@ -19,9 +19,8 @@ ms.localizationpriority: medium
 Surface Hub and other Windows 10 devices allow IT administrators to manage settings and policies using a mobile device management (MDM) provider. A built-in management component communicates with the management server, so there is no need to install additional clients on the device. For more information, see [Windows 10 mobile device management](https://msdn.microsoft.com/library/windows/hardware/dn914769.aspx).
 
 Surface Hub has been validated with Microsoft’s first-party MDM providers:
-- On-premises MDM with Microsoft Endpoint Configuration Manager (beginning in version 1602)
-- Hybrid MDM with Microsoft Endpoint Configuration Manager and Microsoft Intune
 - Microsoft Intune standalone
+- On-premises MDM with Microsoft Endpoint Configuration Manager
 
 You can also manage Surface Hubs using any third-party MDM provider that can communicate with Windows 10 using the MDM protocol.
 
@@ -32,7 +31,7 @@ You can enroll your Surface Hubs using bulk, manual, or automatic enrollment.
 **To configure bulk enrollment**
 - Surface Hub supports the [Provisioning CSP](https://msdn.microsoft.com/library/windows/hardware/mt203665.aspx) for bulk enrollment into MDM. For more information, see [Windows 10 bulk enrollment](https://msdn.microsoft.com/library/windows/hardware/mt613115.aspx).<br>
 --OR--
-- If you have an on-premises Microsoft Endpoint Configuration Manager infrastructure, see [How to bulk enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](https://technet.microsoft.com/library/mt627898.aspx).
+- If you have an on-premises Microsoft Endpoint Configuration Manager infrastructure, see [How to bulk enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm).
 
 ### Manual enrollment
 **To configure manual enrollment**
diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 9c23b9b96d..c081cfa696 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1232,7 +1232,7 @@ You can use Windows Deployment Services in conjunction with MDT to automatically
 
 You can use Windows Deployment Services in conjunction with Configuration Manager to automatically initiate boot images on target devices. These boot images are Windows PE images that you use to boot the target devices, and then initiate Windows 10, app, and device driver deployment.
 
-#### To configure Windows Deployment Services for Microsoft Configuration Manager
+#### To configure Windows Deployment Services for Microsoft Endpoint Configuration Manager
 
 1. Set up and configure Windows Deployment Services.
 

From b34800fa7c027d81bbf51d7672eacf9e335985d4 Mon Sep 17 00:00:00 2001
From: lomayor <lomayor@microsoft.com>
Date: Wed, 22 Jan 2020 17:17:56 -0800
Subject: [PATCH 124/247] Name change AlertEvents > DeviceAlertEvents

---
 windows/security/threat-protection/TOC.md              |  2 +-
 ....md => advanced-hunting-devicealertevents-table.md} | 10 +++++-----
 .../advanced-hunting-schema-reference.md               |  2 +-
 .../threat-and-vuln-mgt-scenarios.md                   |  2 +-
 ...nges-to-security-settings-with-tamper-protection.md |  2 +-
 5 files changed, 9 insertions(+), 9 deletions(-)
 rename windows/security/threat-protection/microsoft-defender-atp/{advanced-hunting-alertevents-table.md => advanced-hunting-devicealertevents-table.md} (79%)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 84f646914b..6bd34daec8 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -114,7 +114,7 @@
 #### [Use shared queries](microsoft-defender-atp/advanced-hunting-shared-queries.md)
 #### [Advanced hunting schema reference]()
 ##### [Understand the schema](microsoft-defender-atp/advanced-hunting-schema-reference.md)
-##### [AlertEvents](microsoft-defender-atp/advanced-hunting-alertevents-table.md)
+##### [DeviceAlertEvents](microsoft-defender-atp/advanced-hunting-devicealertevents-table.md)
 ##### [DeviceFileEvents](microsoft-defender-atp/advanced-hunting-devicefileevents-table.md)
 ##### [DeviceImageLoadEvents](microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md)
 ##### [DeviceLogonEvents](microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
similarity index 79%
rename from windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md
rename to windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
index c7fd28fc75..28d0176f0f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
@@ -1,7 +1,7 @@
 ---
-title: AlertEvents table in the advanced hunting schema
-description: Learn about alert generation events in the AlertEvents table of the advanced hunting schema
-keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, alertevents, alert, severity, category
+title: DeviceAlertEvents table in the advanced hunting schema
+description: Learn about alert generation events in the DeviceAlertEvents table of the advanced hunting schema
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, DeviceAlertEvents, alert, severity, category
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
@@ -18,7 +18,7 @@ ms.topic: article
 ms.date: 10/08/2019
 ---
 
-# AlertEvents
+# DeviceAlertEvents
 
 **Applies to:**
 
@@ -26,7 +26,7 @@ ms.date: 10/08/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
-The `AlertEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about alerts in Microsoft Defender Security Center. Use this reference to construct queries that return information from the table.
+The `DeviceAlertEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about alerts in Microsoft Defender Security Center. Use this reference to construct queries that return information from the table.
 
 For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
index 8eb7542ce5..6e13b372ef 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
@@ -37,7 +37,7 @@ Table and column names are also listed within the Microsoft Defender Security Ce
 
 | Table name | Description |
 |------------|-------------|
-| **[AlertEvents](advanced-hunting-alertevents-table.md)** | Alerts on Microsoft Defender Security Center |
+| **[DeviceAlertEvents](advanced-hunting-devicealertevents-table.md)** | Alerts on Microsoft Defender Security Center |
 | **[DeviceInfo](advanced-hunting-deviceinfo-table.md)** | Machine information, including OS information |
 | **[DeviceNetworkInfo](advanced-hunting-devicenetworkinfo-table.md)** | Network properties of machines, including adapters, IP and MAC addresses, as well as connected networks and domains |
 | **[DeviceProcessEvents](advanced-hunting-deviceprocessevents-table.md)** | Process creation and related events |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index 55ffb2b7ca..5f9dcadac9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -174,7 +174,7 @@ DeviceTvmSoftwareInventoryVulnerabilities
 | where IsExploitAvailable == 1 and CvssScore >= 7
 | summarize NumOfVulnerabilities=dcount(CveId), 
 DeviceName=any(DeviceName) by DeviceId 
-| join kind =inner(AlertEvents) on DeviceId  
+| join kind =inner(DeviceAlertEvents) on DeviceId  
 | summarize NumOfVulnerabilities=any(NumOfVulnerabilities), 
 DeviceName=any(DeviceName) by DeviceId, AlertId 
 | project DeviceName, NumOfVulnerabilities, AlertId  
diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 21736ff5a6..5c91ca4d4b 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -219,7 +219,7 @@ Yes. The alert is shown in [https://securitycenter.microsoft.com](https://securi
 
 In addition, your security operations team can use hunting queries, such as the following:
 
-`AlertEvents | where Title == "Tamper Protection bypass"`
+`DeviceAlertEvents | where Title == "Tamper Protection bypass"`
 
 [View information about tampering attempts](#view-information-about-tampering-attempts).
 

From 61d45e9795797ce9901f8e36177ceced5b75a9d8 Mon Sep 17 00:00:00 2001
From: lomayor <lomayor@microsoft.com>
Date: Wed, 22 Jan 2020 17:25:55 -0800
Subject: [PATCH 125/247] GitIssues + Redirect for DeviceAlertEvents

---
 .openpublishing.redirection.json                             | 5 +++++
 .../advanced-hunting-devicealertevents-table.md              | 2 +-
 .../advanced-hunting-deviceimageloadevents-table.md          | 2 +-
 .../advanced-hunting-tvm-softwarevulnerability-table.md      | 2 +-
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index f8f2090d66..91081ca4d6 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -981,6 +981,11 @@
 "redirect_document_id": false
 },
 {
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table",
+"redirect_document_id": true
+},
+{
 "source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md",
 "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table",
 "redirect_document_id": true
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
index 28d0176f0f..50d1242878 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
@@ -15,7 +15,7 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 10/08/2019
+ms.date: 01/22/2020
 ---
 
 # DeviceAlertEvents
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
index d57a965bcf..bec74d489e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
@@ -26,7 +26,7 @@ ms.date: 10/08/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
-The `DeviceImageLoadEvents table` in the [advanced hunting](advanced-hunting-overview.md) schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
+The `DeviceImageLoadEvents` in the [advanced hunting](advanced-hunting-overview.md) schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
 
 For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md
index 9efd108ce9..5af1cfe1f1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md
@@ -28,7 +28,7 @@ ms.date: 11/12/2019
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-The `DeviceTvmSoftwareInventoryVulnerabilities` table in the advanced hunting schema contains the list of vulnerabilities [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) assesses devices for. Use this reference to construct queries that return information from the table.
+The `DeviceTvmSoftwareVulnerabilitiesKB` table in the advanced hunting schema contains the list of vulnerabilities [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) assesses devices for. Use this reference to construct queries that return information from the table.
 
 For information on other tables in the advanced hunting schema, see [the advanced hunting reference](advanced-hunting-reference.md).
 

From 8075e9c17621d985e5f87b0a40e9ff2aee67bbb7 Mon Sep 17 00:00:00 2001
From: lomayor <lomayor@microsoft.com>
Date: Wed, 22 Jan 2020 17:40:25 -0800
Subject: [PATCH 126/247] Update
 advanced-hunting-deviceimageloadevents-table.md

---
 .../advanced-hunting-deviceimageloadevents-table.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
index bec74d489e..fe1f719c73 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
@@ -26,7 +26,7 @@ ms.date: 10/08/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
-The `DeviceImageLoadEvents` in the [advanced hunting](advanced-hunting-overview.md) schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
+The `DeviceImageLoadEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
 
 For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md).
 

From 9b9b38cc2758d48a0c6ea80952cdfd46df795776 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 22 Jan 2020 17:49:59 -0800
Subject: [PATCH 127/247] two link corrections

---
 .../review-scan-results-windows-defender-antivirus.md           | 2 +-
 .../scheduled-catch-up-scans-windows-defender-antivirus.md      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
index 7e8c703d2d..ad189470ba 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
@@ -34,7 +34,7 @@ After an Windows Defender Antivirus scan completes, whether it is an [on-demand]
 
 ## Use Configuration Manager to review scan results
 
-See [How to monitor Endpoint Protection status](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection).
+See [How to monitor Endpoint Protection status](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection).
 
 ## Use the Windows Security app to review scan results
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
index 82c22fd0a3..b2b391a114 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
@@ -31,7 +31,7 @@ In addition to always-on real-time protection and [on-demand](run-scan-windows-d
 
 You can configure the type of scan, when the scan should occur, and if the scan should occur after a [protection update](manage-protection-updates-windows-defender-antivirus.md) or if the endpoint is being used. You can also specify when special scans to complete remediation should occur.
 
-This topic describes how to configure scheduled scans with Group Policy, PowerShell cmdlets, and WMI. You can also configure schedules scans with [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#scheduled-scans-settings) or [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+This topic describes how to configure scheduled scans with Group Policy, PowerShell cmdlets, and WMI. You can also configure schedules scans with [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#scheduled-scans-settings) or [Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
 
 To configure the Group Policy settings described in this topic:
 

From 0795bb06cd68742bbbe77d6ef23911c873b09826 Mon Sep 17 00:00:00 2001
From: MightyPen <genemi@microsoft.com>
Date: Wed, 22 Jan 2020 21:42:52 -0800
Subject: [PATCH 128/247] Fixing PR 1849, about 'kb-support' renamed from
 'troubleshooting'. And had docset-related flaw.

---
 browsers/internet-explorer/TOC.md             |  4 +-
 .../clear-ie-cache-from-command-line.md       | 86 +++++++++----------
 .../kb-support}/ie-edge-faqs.md               | 48 ++++-------
 3 files changed, 64 insertions(+), 74 deletions(-)
 rename browsers/{troubleshooting => internet-explorer/kb-support}/clear-ie-cache-from-command-line.md (76%)
 rename browsers/{troubleshooting => internet-explorer/kb-support}/ie-edge-faqs.md (93%)

diff --git a/browsers/internet-explorer/TOC.md b/browsers/internet-explorer/TOC.md
index 6bd312c3b2..06bc5b95c7 100644
--- a/browsers/internet-explorer/TOC.md
+++ b/browsers/internet-explorer/TOC.md
@@ -187,5 +187,5 @@
 ### [Internet Explorer Setup command-line options and return codes](ie11-ieak/ie-setup-command-line-options-and-return-codes.md)
 
 ## Troubleshooting
-### [Clear the Internet Explorer cache from a command line](/../troubleshooting/clear-ie-cache-from-command-line.md)
-### [IE and Microsoft Edge FAQ for IT Pros](/../troubleshooting/ie-edge-faqs.md)
+### [Clear the Internet Explorer cache from a command line](../kb-support/clear-ie-cache-from-command-line.md)
+### [Internet Explorer and Microsoft Edge FAQ for IT Pros](../kb-support/ie-edge-faqs.md)
diff --git a/browsers/troubleshooting/clear-ie-cache-from-command-line.md b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
similarity index 76%
rename from browsers/troubleshooting/clear-ie-cache-from-command-line.md
rename to browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
index 74054a95b3..0171b57d2c 100644
--- a/browsers/troubleshooting/clear-ie-cache-from-command-line.md
+++ b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
@@ -1,16 +1,16 @@
 ---
 title: Clear the Internet Explorer cache from a command line
 description: Introduces command-line commands and a sample batch file for clearing the IE cache.
-author: ramakoni
+author: ramakoni1
 manager: dcscontentpm
 ms.prod: internet-explorer
-ms.topic: troubleshooting 
+ms.topic: kb-support
 ms.author: ramakoni
 ms.custom: CI=111020
 ms.reviewer: ramakoni, DEV_Triage
 audience: ITPro
 ms.localizationpriority: Normal
-ms.date: 01/20/2020
+ms.date: 01/22/2020
 ---
 # How to clear Internet Explorer cache by using the command line
 
@@ -18,49 +18,49 @@ This article outlines the procedure to clear the Internet Explorer cache by usin
 
 ## Command line commands to clear browser cache
 
-1. Delete history from the Low folder  
+1. Delete history from the Low folder
    `del /s /q C:\Users\\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah`
 
-2. Delete history     
+2. Delete history
    `RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 1`
 
-3. Delete cookies     
+3. Delete cookies
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2`
 
-4. Delete temporary internet files     
+4. Delete temporary internet files
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8`
 
-5. Delete form data     
+5. Delete form data
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16`
 
-6. Delete stored passwords     
+6. Delete stored passwords
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32`
 
-7. Delete all  
+7. Delete all
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255`
 
-8. Delete files and settings stored by add-ons     
+8. Delete files and settings stored by add-ons
    `InetCpl.cpl,ClearMyTracksByProcess 4351`
 
 If you upgraded from a previous version of Internet Explorer, you have to use the following commands to delete the files from older versions:  
-`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9`  
+`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9`
 
 Command to reset Internet Explorer settings:  
 `Rundll32.exe inetcpl.cpl ResetIEtoDefaults`
 
 ## Sample batch file to clear Internet Explorer cache files
 
-A sample batch file is available that you can use to clear Internet Explorer cache files and other items. You can download the file from https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip.
+A sample batch file is available that you can use to clear Internet Explorer cache files and other items. You can download the file from [https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip](https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip).
 
 The batch file offers the following options:
 
-- Delete Non-trusted web History (low-level hidden cleanup) 
-- Delete History 
-- Delete Cookies 
-- Delete Temporary Internet Files 
-- Delete Form Data 
-- Delete Stored Passwords 
-- Delete All 
+- Delete Non-trusted web History (low-level hidden cleanup)
+- Delete History
+- Delete Cookies
+- Delete Temporary Internet Files
+- Delete Form Data
+- Delete Stored Passwords
+- Delete All
 - Delete All "Also delete files and settings stored by add-ons"
 - Delete IE10 and IE9 Temporary Internet Files
 - Resets IE Settings
@@ -78,32 +78,32 @@ cls
 COLOR 00
 echo Delete IE History
 echo Please select the task you wish to run.
-echo Pick one: 
+echo Pick one:
 echo.
-echo  1. Delete Non-trusted web History(low level hidden clean up) 
-echo  2. Delete History 
-echo  3. Delete Cookies 
-echo  4. Delete Temporary Internet Files 
-echo  5. Delete Form Data 
-echo  6. Delete Stored Passwords 
-echo  7. Delete All 
+echo  1. Delete Non-trusted web History(low level hidden clean up)
+echo  2. Delete History
+echo  3. Delete Cookies
+echo  4. Delete Temporary Internet Files
+echo  5. Delete Form Data
+echo  6. Delete Stored Passwords
+echo  7. Delete All
 echo  8. Delete All "Also delete files and settings stored by add-ons"
 echo  9. Delete IE10 and 9 Temporary Internet Files
 echo  10. Reset IE Settings
 echo  77. EXIT
 :choice
-Echo Hit a number [1-10] and press enter. 
+Echo Hit a number [1-10] and press enter.
 set /P CH=[1-10]
 
-if "%CH%"=="1" set x=del /s /q C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah 
-if "%CH%"=="2" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1 
-if "%CH%"=="3" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2 
-if "%CH%"=="4" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 
-if "%CH%"=="5" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16 
-if "%CH%"=="6" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32 
-if "%CH%"=="7" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255 
-if "%CH%"=="8" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351 
-if "%CH%"=="9" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9  
+if "%CH%"=="1" set x=del /s /q C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah
+if "%CH%"=="2" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1
+if "%CH%"=="3" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2
+if "%CH%"=="4" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
+if "%CH%"=="5" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16
+if "%CH%"=="6" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32
+if "%CH%"=="7" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255
+if "%CH%"=="8" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351
+if "%CH%"=="9" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9
 if "%CH%"=="10" set x=rundll32.exe inetcpl.cpl ResetIEtoDefaults
 if "%CH%"=="77" goto quit
 
@@ -111,21 +111,21 @@ if "%CH%"=="77" goto quit
 
 goto Home
 
-::Temporary Internet Files > Delete files - To delete copies of web pages, images, and media 
+::Temporary Internet Files > Delete files - To delete copies of web pages, images, and media
 ::that  are saved for faster viewing.
-::Cookies > Delete cookies - To delete cookies, which are files that are stored on your computer by 
+::Cookies > Delete cookies - To delete cookies, which are files that are stored on your computer by
 ::websites to save preferences such as login information.
 ::History > Delete history - To delete the history of the websites you have visited.
-::Form data > Delete forms - To delete all the saved information that you have typed into 
+::Form data > Delete forms - To delete all the saved information that you have typed into
 ::forms.
-::Passwords > Delete passwords - To delete all the passwords that are automatically filled in 
+::Passwords > Delete passwords - To delete all the passwords that are automatically filled in
 ::when you log on to a website that you've previously visited.
 ::Delete all - To delete all of these listed items in one operation.
 
 ::enter below in search/run to see Low  history dir if exists
 ::C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low
 
-::Delete all low(untrusted history) very hidden 
+::Delete all low(untrusted history) very hidden
 ::this will clean any unlocked  files under the dir and not delete the dir structure 
 ::del /s /q low\* /ah ::del /s /q C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah
 
diff --git a/browsers/troubleshooting/ie-edge-faqs.md b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
similarity index 93%
rename from browsers/troubleshooting/ie-edge-faqs.md
rename to browsers/internet-explorer/kb-support/ie-edge-faqs.md
index 578f76499f..b482acdd49 100644
--- a/browsers/troubleshooting/ie-edge-faqs.md
+++ b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
@@ -1,16 +1,16 @@
 ---
 title: IE and Microsoft Edge FAQ for IT Pros
 description: Describes frequently asked questions about Internet Explorer and Microsoft Edge for IT professionals.
-author: ramakoni
+author: ramakoni1
 manager: dcscontentpm
 ms.prod: internet-explorer
-ms.topic: troubleshooting 
+ms.topic: kb-support
 ms.author: ramakoni
 ms.custom: CI=111020
 ms.reviewer: ramakoni
 audience: ITPro
 ms.localizationpriority: Normal
-ms.date: 01/20/2020
+ms.date: 01/22/2020
 ---
 # Internet Explorer and Microsoft Edge frequently asked questions (FAQ) for IT Pros
 
@@ -35,7 +35,7 @@ For more information about how Internet Explorer handles cookies, see the follow
 To see where Internet Explorer stores its cookies, follow these steps:
 
 1. Start File Explorer.
-2. Select **Views** > **Change folder and search options**.
+2. Select **Views** \> **Change folder and search options**.
 3. In the **Folder Options** dialog box, select **View**.
 4. In **Advanced settings**, select **Do not show hidden files, folders, or drivers**.
 5. Clear **Hide protected operation system files (Recommended)**.
@@ -66,12 +66,10 @@ For more information, see [Internet Explorer Cookie Internals (FAQ)](https://blo
 
 #### Additional information about cookie limits
 
-**What does the Cookie RFC allow?** 
-
+**What does the Cookie RFC allow?**  
 RFC 2109 defines how cookies should be implemented, and it defines minimum values that browsers support. According to the RFC, browsers would ideally have no limits on the size and number of cookies that a browser can handle. To meet the specifications, the user agent should support the following:
 
 - At least 300 cookies total
-
 - At least 20 cookies per unique host or domain name
 
 For practicality, individual browser makers set a limit on the total number of cookies that any one domain or unique host can set. They also limit the total number of cookies that can be stored on a computer.
@@ -98,14 +96,12 @@ function FindProxyForURL(url, host)
 
 For more information about how to write a PAC file and about the different functions in a PAC file, see [the FindProxyForURL website](https://findproxyforurl.com/).
 
-**Third-party information disclaimer**
-
+**Third-party information disclaimer**  
 The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
 
 ### How to improve performance by using PAC scripts
 
 - [Browser is slow to respond when you use an automatic configuration script](https://support.microsoft.com/help/315810/browser-is-slow-to-respond-when-you-use-an-automatic-configuration-scr)
-
 - [Optimizing performance with automatic Proxyconfiguration scripts (PAC)](https://blogs.msdn.microsoft.com/askie/2014/02/07/optimizing-performance-with-automatic-proxyconfiguration-scripts-pac/)
 
 ## Other questions
@@ -135,13 +131,13 @@ For more information, see the following articles:
 
 ### Where to find Internet Explorer security zones registry entries
 
-Most of the Internet Zone entries can be found in [Internet Explorer security zones registry entries for advanced users](https://support.microsoft.com/help/182569/internet-explorer-security-zones-registry-entries-for-advanced-users). 
+Most of the Internet Zone entries can be found in [Internet Explorer security zones registry entries for advanced users](https://support.microsoft.com/help/182569/internet-explorer-security-zones-registry-entries-for-advanced-users).
+
 This article was written for Internet Explorer 6 but is still applicable to Internet Explorer 11.
 
 The default Zone Keys are stored in the following locations:
 
 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
-
 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
 
 ### Why don't HTML5 videos play in Internet Explorer 11?
@@ -151,7 +147,7 @@ To play HTML5 videos in the Internet Zone, use the default settings or make sure
 - 0 (the default value): Allow
 - 3: Disallow
 
-This key is read by the **URLACTION_ALLOW_AUDIO_VIDEO 0x00002701** URL action flag that determines whether media elements (audio and video) are allowed in pages in a URL security zone.
+This key is read by the **URLACTION\_ALLOW\_AUDIO\_VIDEO 0x00002701** URL action flag that determines whether media elements (audio and video) are allowed in pages in a URL security zone.
 
 For more information, see [Unable to play HTML5 Videos in IE](https://blogs.msdn.microsoft.com/askie/2014/12/31/unable-to-play-html5-videos-in-ie/).
 
@@ -159,7 +155,7 @@ For Windows 10 N and Windows KN editions, you must also download the feature pac
 
 For more information about how to check Windows versions, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-version-am-i-running)
 
-### What is the Enterprise Mode Site List Portal? 
+### What is the Enterprise Mode Site List Portal?
 
 This is a new feature to add sites to your enterprise mode site list XML. For more information, see [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal).
 
@@ -185,35 +181,31 @@ For more information about how to configure TLS/SSL for Internet Explorer, see [
 
 Site to Zone usually refers to one of the following:
 
-**Site to Zone Assignment List**
-
+**Site to Zone Assignment List**  
 This is a Group Policy policy setting that can be used to add sites to the various security zones.
 
 The Site to Zone Assignment List policy setting associates sites to zones by using the following values for the Internet security zones:
 
 - Intranet zone
 - Trusted Sites zone
-- Internet zone 
+- Internet zone
 - Restricted Sites zone
 
 If you set this policy setting to **Enabled**, you can enter a list of sites and their related zone numbers. By associating a site to a zone, you can make sure that the security settings for the specified zone are applied to the site.
 
-**Site to Zone Mapping**
-
+**Site to Zone Mapping**  
 Site to Zone Mapping is stored as the name of the key. The protocol is a registry value that has a number that assigns it to the corresponding zone. Internet Explorer will read from the following registry subkeys for the sites that are deployed through the Site to Zone assignment list:
 
-- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
-- HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapKey
-
-**Site to Zone Assignment List policy**
+- HKEY\_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
+- HKEY\_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapKey
 
+**Site to Zone Assignment List policy**  
 This policy setting is available for both Computer Configuration and User Configuration:
 
 - Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page
 - User Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page
 
-**References**
-
+**References**  
 [How to configure Internet Explorer security zone sites using group polices](https://blogs.msdn.microsoft.com/askie/2012/06/05/how-to-configure-internet-explorer-security-zone-sites-using-group-polices/)
 
 ### What are the limits for MaxConnectionsPerServer, MaxConnectionsPer1_0Server for the current versions of Internet Explorer?
@@ -222,8 +214,6 @@ For more information about these settings and limits, see [Connectivity Enhancem
 
 ### What is the MaxConnectionsPerProxy setting, and what are the maximum allowed values for this setting?
 
-The **MaxConnectionsPerProxy** setting controls the number of connections that a single-user client can maintain to a given host by using a proxy server. 
- 
+The **MaxConnectionsPerProxy** setting controls the number of connections that a single-user client can maintain to a given host by using a proxy server.
+
 For more information, see [Understanding Connection Limits and New Proxy Connection Limits in WinInet and Internet Explorer](https://blogs.msdn.microsoft.com/jpsanders/2009/06/29/understanding-connection-limits-and-new-proxy-connection-limits-in-wininet-and-internet-explorer/).
-
-

From e829f856293970a961fd9392d08604d1cebf3a05 Mon Sep 17 00:00:00 2001
From: MightyPen <genemi@microsoft.com>
Date: Wed, 22 Jan 2020 21:51:13 -0800
Subject: [PATCH 129/247] TOC.md 'KB Troubleshoot' is revised node name. And
 removed leading '../' from paths.

---
 browsers/internet-explorer/TOC.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/browsers/internet-explorer/TOC.md b/browsers/internet-explorer/TOC.md
index 06bc5b95c7..28a0957588 100644
--- a/browsers/internet-explorer/TOC.md
+++ b/browsers/internet-explorer/TOC.md
@@ -186,6 +186,6 @@
 ### [IExpress Wizard command-line options](ie11-ieak/iexpress-command-line-options.md)
 ### [Internet Explorer Setup command-line options and return codes](ie11-ieak/ie-setup-command-line-options-and-return-codes.md)
 
-## Troubleshooting
-### [Clear the Internet Explorer cache from a command line](../kb-support/clear-ie-cache-from-command-line.md)
-### [Internet Explorer and Microsoft Edge FAQ for IT Pros](../kb-support/ie-edge-faqs.md)
+## KB Troubleshoot
+### [Clear the Internet Explorer cache from a command line](kb-support/clear-ie-cache-from-command-line.md)
+### [Internet Explorer and Microsoft Edge FAQ for IT Pros](kb-support/ie-edge-faqs.md)

From 96ac31a1730e4b48de202e9767469dc0c59904bc Mon Sep 17 00:00:00 2001
From: MightyPen <genemi@microsoft.com>
Date: Wed, 22 Jan 2020 22:41:02 -0800
Subject: [PATCH 130/247] Fixing metadata 'manager', and fixing valid ms.prod
 by adding empty ms.technology (odd requirement).

---
 .../clear-ie-cache-from-command-line.md         | 17 ++++++++++-------
 .../kb-support/ie-edge-faqs.md                  | 17 ++++++++++-------
 2 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
index 0171b57d2c..ca00f5210f 100644
--- a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
+++ b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
@@ -1,15 +1,18 @@
 ---
 title: Clear the Internet Explorer cache from a command line
 description: Introduces command-line commands and a sample batch file for clearing the IE cache.
-author: ramakoni1
-manager: dcscontentpm
-ms.prod: internet-explorer
-ms.topic: kb-support
-ms.author: ramakoni
-ms.custom: CI=111020
-ms.reviewer: ramakoni, DEV_Triage
 audience: ITPro
+manager: msmets
+author: ramakoni1
+ms.author: ramakoni
+ms.reviewer: ramakoni, DEV_Triage
+ms.prod: internet-explorer
+ms.technology:
+ms.topic: kb-support
+ms.custom: CI=111020
 ms.localizationpriority: Normal
+# localization_priority: medium
+# ms.translationtype: MT
 ms.date: 01/22/2020
 ---
 # How to clear Internet Explorer cache by using the command line
diff --git a/browsers/internet-explorer/kb-support/ie-edge-faqs.md b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
index b482acdd49..de3c6e1b86 100644
--- a/browsers/internet-explorer/kb-support/ie-edge-faqs.md
+++ b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
@@ -1,15 +1,18 @@
 ---
 title: IE and Microsoft Edge FAQ for IT Pros
 description: Describes frequently asked questions about Internet Explorer and Microsoft Edge for IT professionals.
-author: ramakoni1
-manager: dcscontentpm
-ms.prod: internet-explorer
-ms.topic: kb-support
-ms.author: ramakoni
-ms.custom: CI=111020
-ms.reviewer: ramakoni
 audience: ITPro
+manager: msmets
+author: ramakoni1
+ms.author: ramakoni
+ms.reviewer: ramakoni, DEV_Triage
+ms.prod: internet-explorer
+ms.technology:
+ms.topic: kb-support
+ms.custom: CI=111020
 ms.localizationpriority: Normal
+# localization_priority: medium
+# ms.translationtype: MT
 ms.date: 01/22/2020
 ---
 # Internet Explorer and Microsoft Edge frequently asked questions (FAQ) for IT Pros

From 8fb90a1e4c6e14662607203a83ebf5051559d771 Mon Sep 17 00:00:00 2001
From: MightyPen <genemi@microsoft.com>
Date: Thu, 23 Jan 2020 00:20:05 -0800
Subject: [PATCH 131/247] Using trailing 2-spaces (like HTML BR) on
 'kb-support/clear-ie-cache-from-command-line.md' numbered list near top.

---
 .../clear-ie-cache-from-command-line.md       | 21 ++++++++++---------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
index ca00f5210f..1b0af06095 100644
--- a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
+++ b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
@@ -21,28 +21,28 @@ This article outlines the procedure to clear the Internet Explorer cache by usin
 
 ## Command line commands to clear browser cache
 
-1. Delete history from the Low folder
+1. Delete history from the Low folder  
    `del /s /q C:\Users\\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah`
 
-2. Delete history
+2. Delete history  
    `RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 1`
 
-3. Delete cookies
+3. Delete cookies  
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2`
 
-4. Delete temporary internet files
+4. Delete temporary internet files  
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8`
 
-5. Delete form data
+5. Delete form data  
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16`
 
-6. Delete stored passwords
+6. Delete stored passwords  
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32`
 
-7. Delete all
+7. Delete all  
    `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255`
 
-8. Delete files and settings stored by add-ons
+8. Delete files and settings stored by add-ons  
    `InetCpl.cpl,ClearMyTracksByProcess 4351`
 
 If you upgraded from a previous version of Internet Explorer, you have to use the following commands to delete the files from older versions:  
@@ -128,9 +128,10 @@ goto Home
 ::enter below in search/run to see Low  history dir if exists
 ::C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low
 
-::Delete all low(untrusted history) very hidden
-::this will clean any unlocked  files under the dir and not delete the dir structure 
+::Delete all low (untrusted history) very hidden
+::this will clean any unlocked  files under the dir and not delete the dir structure
 ::del /s /q low\* /ah ::del /s /q C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah
 
 goto Home
+:quit
 ```

From 7b0a0657fc7bd2f0a1defeb49a9cf37af172d21b Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 06:40:52 -0800
Subject: [PATCH 132/247] corrected 2012 name in two files

---
 ...-potentially-unwanted-apps-windows-defender-antivirus.md | 6 +++---
 ...microsoft-cloud-protection-windows-defender-antivirus.md | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
index 803b7d3dc7..fc883cd71d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
@@ -94,11 +94,11 @@ See [Configure device restriction settings in Microsoft Intune](https://docs.mic
 
 ##### Use Configuration Manager to configure PUA protection
 
-PUA protection is enabled by default in the Microsoft Endpoint Configuration Manager (Current Branch), starting with  version 1606.
+PUA protection is enabled by default in the Microsoft Endpoint Configuration Manager (Current Branch).
 
-See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring Microsoft Endpoint Configuration Manager (Current Branch).
+See [How to create and deploy antimalware policies: Scheduled scans settings](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) for details on configuring Microsoft Endpoint Configuration Manager (Current Branch).
 
-For Configuration Manager 2012, see [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA).
+For System Center 2012 Configuration Manager, see [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA).
 
 > [!NOTE]
 > PUA events blocked by Windows Defender Antivirus are reported in the Windows Event Viewer and not in Microsoft Endpoint Configuration Manager.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index c263d97a41..9fff5a8a0c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -60,10 +60,10 @@ Organizations running Windows 10 E5, version 1803 can also take advantage of eme
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 
-The following table describes the differences in cloud-delivered protection between recent versions of Windows and Microsoft Endpoint Configuration Manager.
+The following table describes the differences in cloud-delivered protection between recent versions of Windows and Configuration Manager.
 
 
-Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center Configuration Manager 2012 | Microsoft Endpoint Configuration Manager (Current Branch) | Microsoft Intune
+Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | System Center 2012 Configuration Manager | Microsoft Endpoint Configuration Manager (Current Branch) | Microsoft Intune
 ---|---|---|---|---|---|---
 Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service
 Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version
@@ -79,5 +79,5 @@ You can also [configure Windows Defender AV to automatically receive new protect
 [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | You can enable cloud-delivered protection with Microsoft Endpoint Configuration Manager, Group Policy, Microsoft Intune, and PowerShell cmdlets.
 [Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and Microsoft Endpoint Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
 [Configure and validate network connections for Windows Defender Antivirus](configure-network-connections-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection.
-[Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence . You can enable and configure it with Microsoft Endpoint Configuration Manager and Group Policy.
+[Configure the block at first sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for traditional Security intelligence. You can enable and configure it with Microsoft Endpoint Configuration Manager and Group Policy.
 [Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with Microsoft Endpoint Configuration Manager and Group Policy.

From 1fa883e2d72feee9ad8bde72a261f10f62d971fb Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 07:25:00 -0800
Subject: [PATCH 133/247] minor corrections

---
 .../update/waas-manage-updates-configuration-manager.md     | 2 +-
 .../update/windows-analytics-FAQ-troubleshooting.md         | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/update/waas-manage-updates-configuration-manager.md b/windows/deployment/update/waas-manage-updates-configuration-manager.md
index f3161e0ec2..5fae087a7d 100644
--- a/windows/deployment/update/waas-manage-updates-configuration-manager.md
+++ b/windows/deployment/update/waas-manage-updates-configuration-manager.md
@@ -307,7 +307,7 @@ With the task sequence created, you’re ready to deploy it. If you’re using t
 
 ## See also
 
-[Manage Windows as a service using Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmbr/osd/deploy-use/manage-windows-as-a-service)
+[Manage Windows as a service using Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/manage-windows-as-a-service)
 
 
 ## Related topics
diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
index 390875d11b..7a204e0bab 100644
--- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
+++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
@@ -284,12 +284,12 @@ Beyond the cost of Windows operating system licenses, there is no additional cos
 Note that different Azure Log Analytics plans have different data retention periods, and the Windows Analytics solutions inherit the workspace's data retention policy. So, for example, if your workspace is on the free plan then Windows Analytics will retain the last week's worth of "daily snapshots" that are collected in the workspace.
 
 
-### Why do SCCM and Upgrade Readiness show different counts of devices that are ready to upgrade?
+### Why do Microsoft Endpoint Configuration Manager and Upgrade Readiness show different counts of devices that are ready to upgrade?
 Microsoft Endpoint Configuration Manager considers a device ready to upgrade if *no installed app* has an upgrade decision of “not ready” (that is, they are all "ready" or "in progress"), while Upgrade Readiness considers a device ready to upgrade only if *all* installed apps are marked “ready”.
 
 Currently, you can choose the criteria you wish to use:
-- To use the SCCM criteria, create the collection of devices ready to upgrade within the SCCM console (using the analytics connector).
-- To use the Upgrade Readiness criteria, export the list of ready-to-upgrade devices from the corresponding Upgrade Readiness report, and then build the SCCM collection from that spreadsheet.
+- To use the Configuration Manager criteria, create the collection of devices ready to upgrade within the Configuration Manager console (using the analytics connector).
+- To use the Upgrade Readiness criteria, export the list of ready-to-upgrade devices from the corresponding Upgrade Readiness report, and then build the Configuration Manager collection from that spreadsheet.
 
 ### How does Upgrade Readiness collect the inventory of devices and applications?
 For details about this process and some tips, see [How does Upgrade Readiness in WA collects application inventory for your OMS workspace?](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/How-does-Upgrade-Readiness-in-WA-collects-application-inventory/ba-p/213586) on the Windows Analytics blog.

From 23e1804ab8130bc3f8ac5cbfb1493e9ea2a742e7 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 09:07:44 -0800
Subject: [PATCH 134/247] removed obsolete version numbers

---
 .../update/waas-manage-updates-configuration-manager.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-manage-updates-configuration-manager.md b/windows/deployment/update/waas-manage-updates-configuration-manager.md
index 5fae087a7d..9804669f93 100644
--- a/windows/deployment/update/waas-manage-updates-configuration-manager.md
+++ b/windows/deployment/update/waas-manage-updates-configuration-manager.md
@@ -214,7 +214,7 @@ Each time Microsoft releases a new Windows 10 build, it releases a new .iso file
     In this example, the Windows 10 Enterprise 1607 installation media is deployed to \\contoso-cm01\Sources\Operating Systems\Windows 10 Enterprise\Windows 10 Enterprise - Version 1607.
     
     >[!NOTE]
-    >Microsoft Endpoint Configuration Manager version 1606 is required to manage machines running Windows 10, version 1607.
+    >Microsoft Endpoint Configuration Manager is required to manage machines running Windows 10, version 1607.
     
 4. On the **General** page, in the **Name** field, type the name of the folder (**Windows 10 Enterprise - Version 1607** in this example). Set the **Version** to **1607**, and then click **Next**.
 

From 6507234020fb450da18d10c77ee6173a06e7adb6 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jan 2020 09:27:25 -0800
Subject: [PATCH 135/247] make sure this is pushed correctly

---
 windows/deployment/windows-autopilot/add-devices.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index cec72b237a..b9ed3fdd35 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -171,4 +171,4 @@ When deploying new devices using Windows Autopilot, the following steps are requ
 
 ## Other configuration settings
 
-- [Bitlocker encryption settings](bitlocker.md): You can configure the BitLocker encryption settings to be applied before automatic encryption is started.
+- [Bitlocker encryption settings](bitlocker.md): You can configure the BitLocker encryption settings to be applied before automatic encryption is started.
\ No newline at end of file

From e1258442ef709e5f1c99e8aee79e8f7abae26bdc Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jan 2020 10:31:57 -0800
Subject: [PATCH 136/247] table doesn't seem to be updating correctly

---
 windows/deployment/windows-autopilot/add-devices.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index b9ed3fdd35..4c5f020f92 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -129,8 +129,8 @@ A summary of each platform's capabilities is provided below.<br>
 
 <tr>
 <td><a href="https://docs.microsoft.com/intune/enrollment-autopilot">Intune</a></td>
-<td>YES - 500 at a time max<b><sup>1</sup></b></td>
-<td>YES<b><sup>12</sup></b></td>
+<td>YES - 500 at a time max<b><sup>1</sup></b></td> 
+<td>YES<b><sup>12</sup></b></td> 
 <td>4K HH</td>
 </tr>
 

From 53b1519f1be827cac92f5363d43075eeb3b2d7f1 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 10:56:05 -0800
Subject: [PATCH 137/247] removed obsolete configmgr version number

---
 windows/deployment/windows-autopilot/add-devices.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index 3eff6520a5..ac13eea355 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -61,7 +61,7 @@ Note that the hardware hash also contains details about when it was generated, s
 
 ### Collecting the hardware ID from existing devices using Microsoft Endpoint Configuration Manager
 
-Starting with Microsoft Endpoint Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
+Starting with Microsoft Endpoint Configuration Manager, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details. The hash information can be extracted from Configuration Manager into a CSV file.
 
 > [!Note]
 > Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).

From d4e07a5ba35a170d569b9aa9310ad04694bb413a Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jan 2020 11:09:41 -0800
Subject: [PATCH 138/247] adding workaround note

---
 windows/deployment/deploy-enterprise-licenses.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/deployment/deploy-enterprise-licenses.md b/windows/deployment/deploy-enterprise-licenses.md
index cd4f1c3e5b..e43658fdb5 100644
--- a/windows/deployment/deploy-enterprise-licenses.md
+++ b/windows/deployment/deploy-enterprise-licenses.md
@@ -25,6 +25,10 @@ This topic describes how to deploy Windows 10 Enterprise E3 or E5 licenses with
 >* Windows 10 Enterprise E3 in CSP requires Windows 10 Pro, version 1607 or later.
 >* Automatic, non-KMS activation requires Windows 10, version 1803 or later, on a device with a firmware-embedded activation key.
 
+>[!IMPORTANT]
+>An issue has been identified where devices can lose activation status or be blocked from upgrading to Windows Enterprise if the device is not able to connect to Windows Update. A workaround is to ensure that devices do not have the REG_DWORD present HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotConnectToWindowsUpdateInternetLocations and set to 1.  If this REG_DWORD is present, it must be set to 0.<br> 
+>Also ensure that the Group Policy setting: Computer Configuration > Administrative Templates > Windows Components > Windows Update > "Do not connect to any Windows Update Internet locations" is set to "Disabled".
+
 ## Firmware-embedded activation key
 
 To determine if the computer has a firmware-embedded activation key, type the following command at an elevated Windows PowerShell prompt

From 324c994b186f87cf074265f7b95148c375d2bcd8 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jan 2020 11:37:54 -0800
Subject: [PATCH 139/247] editing ProPlus info

---
 .../windows-autopilot/autopilot-device-guidelines.md           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/autopilot-device-guidelines.md b/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
index 63f327622a..43ac6da548 100644
--- a/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
+++ b/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
@@ -36,7 +36,8 @@ The following additional best practices ensure that devices can easily be provis
 
 ## Software best practice guidelines for Windows Autopilot
 
-- The Windows Autopilot device should be preinstalled with only a Windows 10 base image plus drivers and Office 365 Pro Plus Retail (C2R).
+- The Windows Autopilot device should be preinstalled with only a Windows 10 base image plus drivers.
+- You can preinstall your licensed version of Office, such as [Office 365 ProPlus](https://docs.microsoft.com/deployoffice/about-office-365-proplus-in-the-enterprise).
 - Unless explicitly requested by the customer, no other preinstalled software should be included.
   - Per OEM Policy, Windows 10 features, including built-in apps, should not be disabled or removed.
 

From 4cc70c6810e4ae0f52204a0637bdf60ccff44117 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 23 Jan 2020 12:16:32 -0800
Subject: [PATCH 140/247] Updated data detention note

---
 .../microsoft-defender-atp/tvm-dashboard-insights.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index 662c116683..e2d8e04113 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -67,7 +67,7 @@ Area | Description
 **Top exposed machines** | See the exposed machine names and their exposure level. You can click each machine name from the list and it will take you to the machine page where you can view the alerts, risks, incidents, security recommendations, installed software, discovered vulnerabilities associated with the exposed machines. You can also do other EDR-related tasks in it, such as: manage tags, initiate automated investigations, initiate a live response session, collect an investigation package, run antivirus scan, restrict app execution, and isolate machine. You can also click **Show more** to see the rest of the exposed machines list.
 
 > [!NOTE]
-> Machines with no alerts seen in the last 30 days do not count towards the exposure score of Threat & Vulnerability Management.
+> Machines that are not active in the last 30 days are not factored in on the data that reflects your organization's Threat & Vulnerability Management exposure score and configuration score.
 
 See [Microsoft Defender ATP icons](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection#windows-defender-atp-icons) for more information on the icons used throughout the portal.
 

From 4870d2cd117308e400d044f2a6b5afec72e4b558 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 23 Jan 2020 12:17:28 -0800
Subject: [PATCH 141/247] Update tvm-dashboard-insights.md

---
 .../microsoft-defender-atp/tvm-dashboard-insights.md        | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index e2d8e04113..74b76d9984 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -34,6 +34,9 @@ You can use the Threat & Vulnerability Management capability in [Microsoft Defen
 - Select remediation options, triage and track the remediation tasks
 - Select exception options and track active exceptions
 
+> [!NOTE]
+> Machines that are not active in the last 30 days are not factored in on the data that reflects your organization's Threat & Vulnerability Management exposure score and configuration score.
+
 ## Threat & Vulnerability Management in Microsoft Defender Security Center
 When you open the portal, you’ll see the main areas of the capability:
 
@@ -66,9 +69,6 @@ Area | Description
 **Top remediation activities** | Track the remediation activities generated from the security recommendations. You can click each item on the list to see the details in the **Remediation** page or click **Show more** to see the rest of the remediation activities, and active exceptions.
 **Top exposed machines** | See the exposed machine names and their exposure level. You can click each machine name from the list and it will take you to the machine page where you can view the alerts, risks, incidents, security recommendations, installed software, discovered vulnerabilities associated with the exposed machines. You can also do other EDR-related tasks in it, such as: manage tags, initiate automated investigations, initiate a live response session, collect an investigation package, run antivirus scan, restrict app execution, and isolate machine. You can also click **Show more** to see the rest of the exposed machines list.
 
-> [!NOTE]
-> Machines that are not active in the last 30 days are not factored in on the data that reflects your organization's Threat & Vulnerability Management exposure score and configuration score.
-
 See [Microsoft Defender ATP icons](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection#windows-defender-atp-icons) for more information on the icons used throughout the portal.
 
 ## Related topics

From 2b811e0814bcb8ecd9ec7061a1ad479f2eaa63cd Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 12:27:25 -0800
Subject: [PATCH 142/247] updating bookmarks

---
 windows/deployment/windows-10-deployment-posters.md        | 2 +-
 windows/deployment/windows-10-poc-sc-config-mgr.md         | 2 +-
 windows/deployment/windows-autopilot/deployment-process.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-10-deployment-posters.md b/windows/deployment/windows-10-deployment-posters.md
index b37a3cf91f..3ae808a4af 100644
--- a/windows/deployment/windows-10-deployment-posters.md
+++ b/windows/deployment/windows-10-deployment-posters.md
@@ -38,4 +38,4 @@ The Configuration Manager poster is one page in landscape mode (17x11). Click th
 ## See also
 
 [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot)<br>
-[Scenarios to deploy enterprise operating systems with Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems)
\ No newline at end of file
+[Scenarios to deploy enterprise operating systems with Configuration Manager](https://docs.microsoft.com/configmgr/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems)
\ No newline at end of file
diff --git a/windows/deployment/windows-10-poc-sc-config-mgr.md b/windows/deployment/windows-10-poc-sc-config-mgr.md
index 96ff61fc93..fc6a392e8f 100644
--- a/windows/deployment/windows-10-poc-sc-config-mgr.md
+++ b/windows/deployment/windows-10-poc-sc-config-mgr.md
@@ -50,7 +50,7 @@ Topics and procedures in this guide are summarized in the following table. An es
 <tr><td BGCOLOR="#a0e4fa"><b>Topic</b><td BGCOLOR="#a0e4fa"><b>Description</b><td BGCOLOR="#a0e4fa"><b>Time</b>
 
 <tr><td><a href="#install-prerequisites" data-raw-source="[Install prerequisites](#install-prerequisites)">Install prerequisites</a><td>Install prerequisite Windows Server roles and features, download, install and configure SQL Server, configure firewall rules, and install the Windows ADK.<td>60 minutes
-<tr><td><a href="#install-system-center-configuration-manager" data-raw-source="[Install Microsoft Endpoint Configuration Manager](#install-system-center-configuration-manager)">Install Microsoft Endpoint Configuration Manager</a><td>Download Microsoft Endpoint Configuration Manager, configure prerequisites, and install the package.<td>45 minutes
+<tr><td><a href="#install-microsoft-endpoint-configuration-manager" data-raw-source="[Install Microsoft Endpoint Configuration Manager](#install-microsoft-endpoint-configuration-manager)">Install Microsoft Endpoint Configuration Manager</a><td>Download Microsoft Endpoint Configuration Manager, configure prerequisites, and install the package.<td>45 minutes
 <tr><td><a href="#download-mdop-and-install-dart" data-raw-source="[Download MDOP and install DaRT](#download-mdop-and-install-dart)">Download MDOP and install DaRT</a><td>Download the Microsoft Desktop Optimization Pack 2015 and install DaRT 10.<td>15 minutes
 <tr><td><a href="#prepare-for-zero-touch-installation" data-raw-source="[Prepare for Zero Touch installation](#prepare-for-zero-touch-installation)">Prepare for Zero Touch installation</a><td>Prerequisite procedures to support Zero Touch installation.<td>60 minutes
 <tr><td><a href="#create-a-boot-image-for-configuration-manager" data-raw-source="[Create a boot image for Configuration Manager](#create-a-boot-image-for-configuration-manager)">Create a boot image for Configuration Manager</a><td>Use the MDT wizard to create the boot image in Configuration Manager.<td>20 minutes
diff --git a/windows/deployment/windows-autopilot/deployment-process.md b/windows/deployment/windows-autopilot/deployment-process.md
index 5959c898e3..6ea316f459 100644
--- a/windows/deployment/windows-autopilot/deployment-process.md
+++ b/windows/deployment/windows-autopilot/deployment-process.md
@@ -24,4 +24,4 @@ Windows Autopilot deployment processes are summarized in the poster below. The p
 
 [![Deploy Windows 10 with Autopilot](../media/windows10-autopilot-flowchart.png)](../media/Windows10AutopilotFlowchart.pdf)
 
-**Note**: The Windows Autopilot for existing devices process is included in the [Microsoft Endpoint Configuration Manager deployment poster](../windows-10-deployment-posters.md#deploy-windows-10-with-system-center-configuration-manager).
\ No newline at end of file
+**Note**: The Windows Autopilot for existing devices process is included in the [Microsoft Endpoint Configuration Manager deployment poster](../windows-10-deployment-posters.md#deploy-windows-10-with-configuration-manager).
\ No newline at end of file

From ce0452e23f9e9cf2a27d7cbd29efb2d3d00e1053 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 13:06:13 -0800
Subject: [PATCH 143/247] one more bookmark update

---
 windows/deployment/windows-autopilot/deployment-process.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/deployment-process.md b/windows/deployment/windows-autopilot/deployment-process.md
index 6ea316f459..6723d50e35 100644
--- a/windows/deployment/windows-autopilot/deployment-process.md
+++ b/windows/deployment/windows-autopilot/deployment-process.md
@@ -24,4 +24,4 @@ Windows Autopilot deployment processes are summarized in the poster below. The p
 
 [![Deploy Windows 10 with Autopilot](../media/windows10-autopilot-flowchart.png)](../media/Windows10AutopilotFlowchart.pdf)
 
-**Note**: The Windows Autopilot for existing devices process is included in the [Microsoft Endpoint Configuration Manager deployment poster](../windows-10-deployment-posters.md#deploy-windows-10-with-configuration-manager).
\ No newline at end of file
+**Note**: The Windows Autopilot for existing devices process is included in the [Microsoft Endpoint Configuration Manager deployment poster](../windows-10-deployment-posters.md#deploy-windows-10-with-microsoft-endpoint-configuration-manager). 
\ No newline at end of file

From e77db4ef3ff7c2fb4ffc6b4cb8cb1dc31abe7484 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Thu, 23 Jan 2020 13:34:29 -0800
Subject: [PATCH 144/247] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200123123014 (#1924)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../resolved-issues-windows-10-1607.yml                | 10 ++++++++++
 .../resolved-issues-windows-10-1709.yml                | 10 ++++++++++
 .../resolved-issues-windows-10-1803.yml                | 10 ++++++++++
 ...-issues-windows-10-1809-and-windows-server-2019.yml |  2 ++
 ...issues-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ++++++++++
 .../resolved-issues-windows-server-2008-sp2.yml        | 10 ++++++++++
 .../status-windows-10-1607-and-windows-server-2016.yml |  4 ++--
 windows/release-information/status-windows-10-1709.yml |  4 ++--
 windows/release-information/status-windows-10-1803.yml |  4 ++--
 .../status-windows-10-1809-and-windows-server-2019.yml |  4 ++--
 ...status-windows-7-and-windows-server-2008-r2-sp1.yml |  4 ++--
 .../status-windows-server-2008-sp2.yml                 |  4 ++--
 windows/release-information/windows-message-center.yml |  1 +
 13 files changed, 65 insertions(+), 12 deletions(-)

diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index d8af11db00..b586fa4b0e 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 14393.3204<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 17, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='301msg'></div><b>Apps and scripts using the NetQueryDisplayInformation API may fail with error</b><br>Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.<br><br><a href = '#301msgdesc'>See details ></a></td><td>OS Build 14393.3053<br><br>June 18, 2019<br><a href ='https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>September 10, 2019 <br>10:00 AM PT</td></tr>
@@ -82,3 +83,12 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='256msgdesc'></div><b>Internet Explorer 11 and apps using the WebBrowser control may fail to render</b><div>Internet Explorer 11 may fail to render some JavaScript after installing <a href='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a>. You may also have issues with apps using JavaScript or the <strong>WebBrowser</strong> control, such as the present PowerPoint feature of Skype Meeting&nbsp;Broadcast.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a>.</div><br><a href ='#256msg'>Back to top</a></td><td>OS Build 14393.3085<br><br>July 09, 2019<br><a href ='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>Resolved:<br>August 13, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 26, 2019 <br>04:58 PM PT</td></tr>
       </table>
       "
+
+- title: November 2018
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      </table>
+      "
diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml
index 92e479f7e8..82bf0df89e 100644
--- a/windows/release-information/resolved-issues-windows-10-1709.yml
+++ b/windows/release-information/resolved-issues-windows-10-1709.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 16299.1392<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522012' target='_blank'>KB4522012</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 19, 2019 <br>04:08 PM PT</td></tr>
       <tr><td><div id='255msg'></div><b>Domain connected devices that use MIT Kerberos realms will not start up</b><br>Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.<br><br><a href = '#255msgdesc'>See details ></a></td><td>OS Build 16299.1296<br><br>July 16, 2019<br><a href ='https://support.microsoft.com/help/4507465' target='_blank'>KB4507465</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512516' target='_blank'>KB4512516</a></td><td>August 13, 2019 <br>10:00 AM PT</td></tr>
@@ -48,6 +49,15 @@ sections:
         <div>
         </div> 
       "
+- title: October 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml
index 378576d142..bdf3c62854 100644
--- a/windows/release-information/resolved-issues-windows-10-1803.yml
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17134.950<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512501' target='_blank'>KB4512501</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17134.829<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503286' target='_blank'>KB4503286</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 17134.1009<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522014' target='_blank'>KB4522014</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
@@ -51,6 +52,15 @@ sections:
         <div>
         </div> 
       "
+- title: October 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
index 82cba46203..d113831f80 100644
--- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='360msg'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><br>The Microsoft Defender ATP service might stop running and might fail to send reporting data.<br><br><a href = '#360msgdesc'>See details ></a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a></td><td>November 12, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17763.678<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4511553' target='_blank'>KB4511553</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17763.557<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@@ -57,6 +58,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='360msgdesc'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><div>After installing the optional non-security&nbsp;update (<a href='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a>), the Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data. You might also receive a&nbsp;0xc0000409 error in <strong>Event Viewer</strong> on MsSense.exe.</div><div><br></div><div><strong>Note</strong> Microsoft Windows Defender Antivirus is not affected by this issue.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019</li><li>Server: Windows Server, version 1809; Windows Server 2019</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a>.</div><br><a href ='#360msg'>Back to top</a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a></td><td>Resolved:<br>November 12, 2019 <br>10:00 AM PT<br><br>Opened:<br>October 17, 2019 <br>05:14 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
index 7401114369..caeed9779b 100644
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='329msg'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><br>Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.<br><br><a href = '#329msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>September 24, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='307msg'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><br>Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed<br><br><a href = '#307msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>August 27, 2019 <br>02:29 PM PT</td></tr>
@@ -49,6 +50,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
index 18fc3ff189..47535347c0 100644
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503273' target='_blank'>KB4503273</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512499' target='_blank'>KB4512499</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
@@ -47,6 +48,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index d38454e785..3dba1c748b 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,9 +60,9 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
-      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>February 19, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='36msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#36msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
@@ -97,7 +97,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Next steps:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>February 19, 2019 <br>10:00 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='36msgdesc'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><div>After installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.</div><div><br></div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#36msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml
index af729c8f0f..47169eb98d 100644
--- a/windows/release-information/status-windows-10-1709.yml
+++ b/windows/release-information/status-windows-10-1709.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='193msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#193msgdesc'>See details ></a></td><td>OS Build 16299.904<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480978' target='_blank'>KB4480978</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
@@ -87,7 +87,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
index 397f577291..9f10885c6c 100644
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -64,7 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='192msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#192msgdesc'>See details ></a></td><td>OS Build 17134.523<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480966' target='_blank'>KB4480966</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
@@ -91,7 +91,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index 51ee30b209..2e9516660f 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -64,7 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='211msg'></div><b>Devices with some Asian language packs installed may receive an error</b><br>Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"<br><br><a href = '#211msgdesc'>See details ></a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 03, 2019 <br>10:59 AM PT</td></tr>
       <tr><td><div id='191msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail </b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#191msgdesc'>See details ></a></td><td>OS Build 17763.253<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480116' target='_blank'>KB4480116</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 09, 2019 <br>10:00 AM PT</td></tr>
@@ -92,7 +92,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 574e1ff814..4a7f56ecb1 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
       </table>
@@ -78,7 +78,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> You can manually install the November 2019 update for Windows Malicious Software Removal Tool (MSRT) by downloading it <a href=\"http://www.microsoft.com/en-us/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for 32-bit x86-based devices or <a href=\"https://www.microsoft.com/en-us/downloads/details.aspx?familyid=585d2bde-367f-495e-94e7-6349f4effc74\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for&nbsp;64-bit x64-based devices. If you are using WSUS or Configuration Manager, guidance can be found <a href=\"https://support.microsoft.com/help/891716\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</div><div><br></div><div><strong>Next steps:</strong> This issue has been mitigated on the server side and MSRT will no longer offered to affected platforms. We are working on a resolution and estimate a solution will be available in&nbsp;the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index 0a5c7ee17d..28cf31facc 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
@@ -77,7 +77,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> You can manually install the November 2019 update for Windows Malicious Software Removal Tool (MSRT) by downloading it <a href=\"http://www.microsoft.com/en-us/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for 32-bit x86-based devices or <a href=\"https://www.microsoft.com/en-us/downloads/details.aspx?familyid=585d2bde-367f-495e-94e7-6349f4effc74\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for&nbsp;64-bit x64-based devices. If you are using WSUS or Configuration Manager, guidance can be found <a href=\"https://support.microsoft.com/help/891716\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</div><div><br></div><div><strong>Next steps:</strong> This issue has been mitigated on the server side and MSRT will no longer offered to affected platforms. We are working on a resolution and estimate a solution will be available in&nbsp;the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index ee042491ec..671d2a1748 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
       
+      <tr><td id='383'><b>January 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='383' href='#383'></a><br><div>The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 23, 2020 <br>12:00 PM PT</td></tr>
       <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
       <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an&nbsp;<a href=\"https://en.wikipedia.org/wiki/Elliptic-curve_cryptography\" rel=\"noopener noreferrer\" target=\"_blank\"><u>elliptic-curve cryptography</u></a>&nbsp;(ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" rel=\"noopener noreferrer\" target=\"_blank\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>

From 5ad477f1f1370769eb893fcf553105959e51d2b2 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 14:42:37 -0800
Subject: [PATCH 145/247] 2012 name order change in resolution-procedures

---
 windows/deployment/upgrade/resolution-procedures.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 38e04c555d..41c49f7eb9 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -601,7 +601,7 @@ Download and run the media creation tool. See <a href="https://www.microsoft.com
 
 <tr>
 <td>0x8007002 </td>
-<td>This error is specific to upgrades using System Center Configuration Manager 2012 R2 SP1 CU3 (5.00.8238.1403)</td>
+<td>This error is specific to upgrades using System Center 2012 Configuration Manager R2 SP1 CU3 (5.00.8238.1403)</td>
 <td>Analyze the SMSTS.log and verify that the upgrade is failing on &quot;Apply Operating system&quot; Phase: Error 80072efe DownloadFileWithRanges() failed. 80072efe. ApplyOperatingSystem (0x0760)
 <br>The error 80072efe means that the connection with the server was terminated abnormally.
 <br>To resolve this issue, try the OS Deployment test on a client in same VLAN as the Configuration Manager server. Check the network configuration for random client-server connection issues happening on the remote VLAN.

From 07cb80d7ed06d2a9bdc5b18d056b497562544f24 Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Thu, 23 Jan 2020 15:19:19 -0800
Subject: [PATCH 146/247] Restored a valid metadata for ms.topic

For descriptions of valid metadata, please see [Required metadata for all topics](https://review.docs.microsoft.com/en-us/office-authoring-guide/metadata-for-max-content-on-dmc?branch=master#required-metadata-for-all-topics).
---
 .../kb-support/clear-ie-cache-from-command-line.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
index 1b0af06095..27232c758a 100644
--- a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
+++ b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
@@ -8,7 +8,7 @@ ms.author: ramakoni
 ms.reviewer: ramakoni, DEV_Triage
 ms.prod: internet-explorer
 ms.technology:
-ms.topic: kb-support
+ms.topic: troubleshooting
 ms.custom: CI=111020
 ms.localizationpriority: Normal
 # localization_priority: medium

From c5b46dcd85995a551cf1a1a2b9b3935e57f39f0f Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Thu, 23 Jan 2020 15:20:18 -0800
Subject: [PATCH 147/247] Restored valid metadata for ms.topic

For descriptions of valid metadata, please see [Required metadata for all topics](https://review.docs.microsoft.com/en-us/office-authoring-guide/metadata-for-max-content-on-dmc?branch=master#required-metadata-for-all-topics).
---
 browsers/internet-explorer/kb-support/ie-edge-faqs.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/kb-support/ie-edge-faqs.md b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
index de3c6e1b86..18643175f9 100644
--- a/browsers/internet-explorer/kb-support/ie-edge-faqs.md
+++ b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
@@ -8,7 +8,7 @@ ms.author: ramakoni
 ms.reviewer: ramakoni, DEV_Triage
 ms.prod: internet-explorer
 ms.technology:
-ms.topic: kb-support
+ms.topic: troubleshooting
 ms.custom: CI=111020
 ms.localizationpriority: Normal
 # localization_priority: medium

From ca581ca8dc90323cb9c4d939f0fb2fb1456d6027 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Thu, 23 Jan 2020 18:18:51 -0800
Subject: [PATCH 148/247] removed line 190

---
 windows/client-management/windows-10-mobile-and-mdm.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/client-management/windows-10-mobile-and-mdm.md b/windows/client-management/windows-10-mobile-and-mdm.md
index b91046a934..afb9c4241f 100644
--- a/windows/client-management/windows-10-mobile-and-mdm.md
+++ b/windows/client-management/windows-10-mobile-and-mdm.md
@@ -187,7 +187,6 @@ Azure AD is a cloud-based directory service that provides identity and access ma
 
 **Mobile Device Management**
 Microsoft [Intune](https://www.microsoft.com/server-cloud/products/microsoft-intune/overview.aspx), part of the Enterprise Mobility + Security, is a cloud-based MDM system that manages devices off premises. Like Office 365, Intune uses Azure AD for identity management so employees use the same credentials to enroll devices in Intune that they use to sign into Office 365. Intune supports devices that run other operating systems, such as iOS and Android, to provide a complete MDM solution.
-You can also integrate Intune with Configuration Manager to gain a single console for managing all devices in the cloud and on premises, mobile or PC. For more information, see [Manage Mobile Devices with Configuration Manager and Microsoft Intune](https://technet.microsoft.com/library/jj884158.aspx). For guidance on choosing between a stand-alone Intune installation and Intune integrated with Microsoft Endpoint Configuration Manager, see Choose between Intune by itself or integrating Intune with Configuration Manager.
 Multiple MDM systems support Windows 10 and most support personal and corporate device deployment scenarios. MDM providers that support Windows 10 Mobile currently include: AirWatch, Citrix, MobileIron, SOTI, Blackberry and others. Most industry-leading MDM vendors already support integration with Azure AD. You can find the MDM vendors that support Azure AD in [Azure Marketplace](https://azure.microsoft.com/marketplace/). If your organization doesn’t use Azure AD, the user must use an MSA during OOBE before enrolling the device in your MDM using a corporate account.
 
 >**Note:** Although not covered in this guide, you can use Exchange ActiveSync (EAS) to manage mobile devices instead of using a full-featured MDM system. EAS is available in Microsoft Exchange Server 2010 or later and Office 365.

From e24ab43023cc1db3e7b8f83cc98d983019f3d4bc Mon Sep 17 00:00:00 2001
From: MightyPen <genemi@microsoft.com>
Date: Thu, 23 Jan 2020 21:26:50 -0800
Subject: [PATCH 149/247] Fixing PR #1917, ms.topic = 'kb-support'.

---
 .../kb-support/clear-ie-cache-from-command-line.md            | 4 ++--
 browsers/internet-explorer/kb-support/ie-edge-faqs.md         | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
index 27232c758a..0031c6792e 100644
--- a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
+++ b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
@@ -8,12 +8,12 @@ ms.author: ramakoni
 ms.reviewer: ramakoni, DEV_Triage
 ms.prod: internet-explorer
 ms.technology:
-ms.topic: troubleshooting
+ms.topic: kb-support
 ms.custom: CI=111020
 ms.localizationpriority: Normal
 # localization_priority: medium
 # ms.translationtype: MT
-ms.date: 01/22/2020
+ms.date: 01/23/2020
 ---
 # How to clear Internet Explorer cache by using the command line
 
diff --git a/browsers/internet-explorer/kb-support/ie-edge-faqs.md b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
index 18643175f9..ef07a2a337 100644
--- a/browsers/internet-explorer/kb-support/ie-edge-faqs.md
+++ b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
@@ -8,12 +8,12 @@ ms.author: ramakoni
 ms.reviewer: ramakoni, DEV_Triage
 ms.prod: internet-explorer
 ms.technology:
-ms.topic: troubleshooting
+ms.topic: kb-support
 ms.custom: CI=111020
 ms.localizationpriority: Normal
 # localization_priority: medium
 # ms.translationtype: MT
-ms.date: 01/22/2020
+ms.date: 01/23/2020
 ---
 # Internet Explorer and Microsoft Edge frequently asked questions (FAQ) for IT Pros
 

From 431e1dd4a9e5c919b8716f470e6a99edab2cf8d5 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Fri, 24 Jan 2020 10:09:51 -0800
Subject: [PATCH 150/247] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200124091729 (#1932)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../resolved-issues-windows-10-1607.yml            |  4 ++--
 ...es-windows-7-and-windows-server-2008-r2-sp1.yml |  4 ++--
 .../resolved-issues-windows-server-2008-sp2.yml    |  4 ++--
 ...tus-windows-10-1607-and-windows-server-2016.yml |  4 ++--
 ...us-windows-7-and-windows-server-2008-r2-sp1.yml | 14 ++++++++++++--
 .../status-windows-server-2008-sp2.yml             |  4 ++--
 6 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index b586fa4b0e..829cea21b4 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -32,7 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
-      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 14393.3204<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 17, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='301msg'></div><b>Apps and scripts using the NetQueryDisplayInformation API may fail with error</b><br>Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.<br><br><a href = '#301msgdesc'>See details ></a></td><td>OS Build 14393.3053<br><br>June 18, 2019<br><a href ='https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>September 10, 2019 <br>10:00 AM PT</td></tr>
@@ -89,6 +89,6 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
index caeed9779b..9856117a73 100644
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -32,7 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='329msg'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><br>Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.<br><br><a href = '#329msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>September 24, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='307msg'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><br>Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed<br><br><a href = '#307msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>August 27, 2019 <br>02:29 PM PT</td></tr>
@@ -55,7 +55,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
index 47535347c0..8f891fdf1a 100644
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -32,7 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503273' target='_blank'>KB4503273</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512499' target='_blank'>KB4512499</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
@@ -53,7 +53,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index 3dba1c748b..4a3d572494 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='36msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#36msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@@ -97,7 +97,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='36msgdesc'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><div>After installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.</div><div><br></div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#36msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 4a7f56ecb1..f88f58ac4c 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,8 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
       </table>
@@ -73,12 +74,21 @@ sections:
         <div>
         </div> 
       "
+- title: January 2020
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in mid-February&nbsp;for organizations who have purchased Windows 7 <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" target=\"_blank\" rel=\"noopener noreferrer\">Extended Security Updates (ESU)</a>.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 24, 2020 <br>09:15 AM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      </table>
+      "
+
 - title: November 2019
 - items:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index 28cf31facc..2ea115dab7 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
@@ -77,7 +77,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "

From bbdd5bb9e44144b953d5367c62ca07c20878558b Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Fri, 24 Jan 2020 10:12:45 -0800
Subject: [PATCH 151/247] Updated description based on SME feedback

---
 .../microsoft-defender-atp/recommendation.md                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index d41c53fd57..2da5fe1030 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -45,13 +45,13 @@ Vendor | String | Related vendor name
 recommendedVersion | String | Recommended version
 recommendationCategory | String | Recommendation category. Possible values are: “Accounts”, “Application”, “Network”, “OS”, “SecurityStack
 subCategory | String | Recommendation sub-category
-severityScore | Double | Number of secure score points given
+severityScore | Double | Potential impact of the configuration to the organization’s configuration score (1-10)
 publicExploit | Boolean | Public exploit is available 
 activeAlert | Boolean | Active alert is associated with this recommendation
 associatedThreats | String collection | Threat analytics report is associated with this recommendation
 remediationType | String | Remedation type. Possible values are: “ConfigurationChange”,“Update”,“Upgrade”,”Uninstall”
 Status | Enum | Recommendation exception status. Possible values are: “Active” and “Exception”
-configScoreImpact | Double | Secure score impact
+configScoreImpact | Double | Configuration score impact
 exposureImpacte | Double | Exposure score impact
 totalMachineCount | Long | Number of installed machines
 exposedMachinesCount | Long | Number of installed machines that are exposed to vulnerabilities

From 6c0701c017c8ab72a246422294b6aedb41ca1743 Mon Sep 17 00:00:00 2001
From: lomayor <lomayor@microsoft.com>
Date: Fri, 24 Jan 2020 10:50:16 -0800
Subject: [PATCH 152/247] Update investigate-alerts.md

---
 .../microsoft-defender-atp/investigate-alerts.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
index 755dafb1e4..297de5d17d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
@@ -68,7 +68,7 @@ The **Alert process tree** takes alert triage and investigation to the next leve
 The **Alert process tree** expands to display the execution path of the alert and related evidence that occurred around the same period. Items marked with a thunderbolt icon should be given priority during investigation.
 
 >[!NOTE]
->The alert process tree might not be available in some alerts.
+>The alert process tree might not show for some alerts, including alerts not triggered directly by process activity.
 
 Clicking in the circle immediately to the left of the indicator displays its details.
 

From 5a847281fddabbcc207c430651de92296262bc8d Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Fri, 24 Jan 2020 12:06:17 -0800
Subject: [PATCH 153/247] added support statement

---
 .../windows-autopilot/windows-autopilot-requirements.md        | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
index 19a71f5d22..b93eba2709 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@@ -36,6 +36,9 @@ Windows Autopilot depends on specific capabilities available in Windows 10, Azur
   - Windows 10 Education
   - Windows 10 Enterprise 2019 LTSC
 
+>[!NOTE]
+>Procedures for deploying Windows Autopilot might refer to specific products and versions. The inclusion of these products in this content doesn't imply an extension of support for a version that is beyond its support lifecycle. Windows Autopilot does not support products that are beyond their support lifecycle. For more information, see [Microsoft Lifecycle Policy](https://go.microsoft.com/fwlink/p/?LinkId=208270).
+
 ## Networking requirements
 
 Windows Autopilot depends on a variety of internet-based services. Access to these services must be provided for Autopilot to function properly. In the simplest case, enabling proper functionality can be achieved by ensuring the following:

From 490b570aa4334fa10633d203ecbe0d6b991307c9 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 24 Jan 2020 15:55:04 -0800
Subject: [PATCH 154/247] removed hybrid from intune in provisioning-packages

---
 .../provisioning-packages/provisioning-packages.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/configuration/provisioning-packages/provisioning-packages.md b/windows/configuration/provisioning-packages/provisioning-packages.md
index 6669273d48..af989096a8 100644
--- a/windows/configuration/provisioning-packages/provisioning-packages.md
+++ b/windows/configuration/provisioning-packages/provisioning-packages.md
@@ -136,7 +136,7 @@ Windows ICD in Windows 10, version 1607, supported the following scenarios for I
 
 * **Mobile device enrollment into management** - Enables IT administrators to purchase off-the-shelf retail Windows 10 Mobile devices and enroll them into mobile device management (MDM) before handing them to end-users in the organization. IT administrators can use Windows ICD to specify the management end-point and apply the configuration on target devices by connecting them to a Windows PC (tethered deployment) or through an SD card. Supported management end-points include: 
 
-    * Microsoft Intune hybrid (certificate-based enrollment) 
+    * Microsoft Intune (certificate-based enrollment) 
     * AirWatch (password-string based enrollment) 
     * Mobile Iron (password-string based enrollment) 
     * Other MDMs (cert-based enrollment) 

From c96861d7d092af25a1c5c2d05383ac64ea690f5d Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Fri, 24 Jan 2020 16:45:10 -0800
Subject: [PATCH 155/247] review corrections

---
 .../planning/windows-10-infrastructure-requirements.md       | 2 +-
 .../update/waas-manage-updates-configuration-manager.md      | 5 +----
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/windows/deployment/planning/windows-10-infrastructure-requirements.md b/windows/deployment/planning/windows-10-infrastructure-requirements.md
index 46a5a0548c..484aa23fe6 100644
--- a/windows/deployment/planning/windows-10-infrastructure-requirements.md
+++ b/windows/deployment/planning/windows-10-infrastructure-requirements.md
@@ -40,7 +40,7 @@ Significant enhancements in the ADK for Windows 10 include new runtime provisio
 
 Microsoft Deployment Toolkit 2013 Update 1, available for download [here](https://go.microsoft.com/fwlink/p/?LinkId=625079), has also been updated to support Windows 10 and the new ADK; older versions do not support Windows 10. New in this release is task sequence support for Windows 10 in-place upgrades.
 
-For Microsoft Endpoint Configuration Manager, Windows 10 support is offered with various releases:
+For System Center Configuration Manager, Windows 10 support is offered with various releases:
 
 | Release                                     | Windows 10 management? | Windows 10 deployment?                         |
 |---------------------------------------------|------------------------|------------------------------------------------|
diff --git a/windows/deployment/update/waas-manage-updates-configuration-manager.md b/windows/deployment/update/waas-manage-updates-configuration-manager.md
index 9804669f93..da28265e33 100644
--- a/windows/deployment/update/waas-manage-updates-configuration-manager.md
+++ b/windows/deployment/update/waas-manage-updates-configuration-manager.md
@@ -212,10 +212,7 @@ Each time Microsoft releases a new Windows 10 build, it releases a new .iso file
 3. On the **Data Source** page, type the path of the extracted .iso file of the new version of Windows 10 you’re deploying, and then click **Next**.
 
     In this example, the Windows 10 Enterprise 1607 installation media is deployed to \\contoso-cm01\Sources\Operating Systems\Windows 10 Enterprise\Windows 10 Enterprise - Version 1607.
-    
-    >[!NOTE]
-    >Microsoft Endpoint Configuration Manager is required to manage machines running Windows 10, version 1607.
-    
+
 4. On the **General** page, in the **Name** field, type the name of the folder (**Windows 10 Enterprise - Version 1607** in this example). Set the **Version** to **1607**, and then click **Next**.
 
 5. On the **Summary** page, click **Next** to create the package.

From 9d2341f1b5fc04c5a157fc7ca98b6e5c31880f73 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Sat, 25 Jan 2020 15:31:41 -0800
Subject: [PATCH 156/247] Update landing page & TOC

---
 devices/surface/TOC.md         | 5 +++--
 devices/surface/get-started.md | 3 ++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md
index bc26815d56..faefd0d8fc 100644
--- a/devices/surface/TOC.md
+++ b/devices/surface/TOC.md
@@ -28,7 +28,7 @@
 ### [Windows Autopilot and Surface devices](windows-autopilot-and-surface-devices.md)
 ### [Deploying, managing, and servicing Surface Pro X](surface-pro-arm-app-management.md)
 ### [Surface Pro X app compatibility](surface-pro-arm-app-performance.md)
-### [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
 ### [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)
 ### [Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
 ### [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md)
@@ -40,13 +40,14 @@
 
 ## Manage
 
+### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
 ### [Optimize Wi-Fi connectivity for Surface devices](surface-wireless-connect.md)
 ### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
 ### [Surface Dock Firmware Update](surface-dock-firmware-update.md)
 ### [Battery Limit setting](battery-limit.md)
 ### [Surface Brightness Control](microsoft-surface-brightness-control.md)
 ### [Surface Asset Tag](assettag.md)
-### [Manage Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
+
 
 ## Secure
 ### [Intune management of Surface UEFI settings](surface-manage-dfci-guide.md)
diff --git a/devices/surface/get-started.md b/devices/surface/get-started.md
index af2bc13af9..c81e994d70 100644
--- a/devices/surface/get-started.md
+++ b/devices/surface/get-started.md
@@ -46,9 +46,10 @@ Harness the power of Surface, Windows, and Office connected together through the
                     </div>
                     <div class="cardText">
                         <h3>Deploy</h3>
+                         <p><a href="manage-surface-driver-and-firmware-updates.md">Manage and deploy Surface driver and firmware updates</a></p>
                         <p><a href="windows-autopilot-and-surface-devices.md">Autopilot and Surface devices</a></p>
                         <p><a href="surface-pro-arm-app-management.md">Deploying, managing, and servicing Surface Pro X</a></p>
-                        <p><a href="deploy-the-latest-firmware-and-drivers-for-surface-devices.md">Deploy the latest firmware and drivers</a></p>
+                      
                     </div>
                 </div>
             </div>

From 51b7cc02616b183004229b9eb2a773c568bc4b6b Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Sat, 25 Jan 2020 15:35:30 -0800
Subject: [PATCH 157/247] Update .gitignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 4d2ce285a9..10c1b78366 100644
--- a/.gitignore
+++ b/.gitignore
@@ -17,3 +17,4 @@ packages.config
 wdav-pm-sln.csproj
 wdav-pm-sln.csproj.user
 wdav-pm-sln.sln
+devices/surface-hub/surface-hub-account-overview.md

From ed5a93a06c49ed53b5c466f9c81797e2114e2010 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Sun, 26 Jan 2020 23:41:33 -0800
Subject: [PATCH 158/247] typo

---
 .../microsoft-defender-atp/configure-proxy-internet.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
index 698e0aeb8d..162531b03e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@@ -118,7 +118,7 @@ If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP
 
 ## Microsoft Defender ATP service backend IP range
 
-If you network devices don't support the URLs white-listed in the prior section, you can use the following information.
+If your network devices don't support the URLs white-listed in the prior section, you can use the following information.
 
 Microsoft Defender ATP is built on Azure cloud, deployed in the following regions:
 

From ebf48163f309e5fe8c73e36ec937d7db90780a36 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Sun, 26 Jan 2020 22:33:25 -1000
Subject: [PATCH 159/247] Remove old file & redirect

Includes updated links
---
 .openpublishing.redirection.json              |   5 +
 devices/surface/change-history-for-surface.md |  18 ++-
 ...irmware-and-drivers-for-surface-devices.md | 105 ------------------
 ...timal-power-settings-on-Surface-devices.md |   4 +-
 ...icrosoft-surface-deployment-accelerator.md |   2 +-
 .../surface/surface-pro-arm-app-management.md |   2 +-
 6 files changed, 21 insertions(+), 115 deletions(-)
 delete mode 100644 devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index f8f2090d66..1737cf2bbc 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -15572,6 +15572,11 @@
 "redirect_document_id": false
 },
 {
+"source_path": "devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md",
+"redirect_url": "/surface/manage-surface-driver-and-firmware-updates.md",
+"redirect_document_id": true
+},
+{
 "source_path": "windows/deployment/planning/windows-10-1809-removed-features.md",
 "redirect_url": "https://docs.microsoft.com/windows/deployment/planning/windows-10-removed-features",
 "redirect_document_id": false
diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md
index ebbb3fc3b5..f99bfa549c 100644
--- a/devices/surface/change-history-for-surface.md
+++ b/devices/surface/change-history-for-surface.md
@@ -18,6 +18,12 @@ ms.date: 10/21/2019
 
 This topic lists new and updated topics in the Surface documentation library.
 
+## January 2020
+| **New or changed topic** | **Description** |
+| ------------------------ | --------------- |
+| [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)| Updated with the latest information and links to related articles.|
+
+
 ## October 2019
 
 | **New or changed topic** | **Description** |
@@ -37,7 +43,7 @@ This topic lists new and updated topics in the Surface documentation library.
 | **New or changed topic** | **Description** |
 | ------------------------ | --------------- |
 | [Optimizing wireless connectivity for Surface devices](surface-wireless-connect.md)             | New document highlights key wireless connectivity considerations for Surface devices in mobile scenarios. |
-| [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)              | Updated to reflect minor changes in the file naming convention for Surface MSI files. |
+| [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)            | Updated to reflect minor changes in the file naming convention for Surface MSI files. |
 
 
 ## July 2019
@@ -76,14 +82,14 @@ New or changed topic | Description
 --- | ---
 [Surface Brightness Control](microsoft-surface-brightness-control.md) | New
 [Maintain optimal power settings on Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) | New
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Studio 2  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface Studio 2  |
 
 
 ## November 2018
 
 New or changed topic | Description
 --- | ---
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Pro 6  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface Pro 6  |
 [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) | New
 [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md) | New
 [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md) | New
@@ -93,7 +99,7 @@ New or changed topic | Description
 New or changed topic | Description
 --- | ---
 [Battery Limit setting](battery-limit.md) | New
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface GO  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface GO  |
 
 ## May 2018
 
@@ -121,7 +127,7 @@ New or changed topic | Description
 
 |New or changed topic | Description |
 | --- | --- |
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Book 2, Surface Laptop, Surface Pro, and Surface Pro with LTE Advanced information  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface Book 2, Surface Laptop, Surface Pro, and Surface Pro with LTE Advanced information  |
 
 ## October 2017
 
@@ -160,7 +166,7 @@ New or changed topic | Description
 
 |New or changed topic | Description |
 | --- | --- |
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)  | Added driver info for Surface Studio; updated info for Surface Book and Surface Pro 4 (Windows 10 .zip cumulative update), Surface Pro 3 (Windows8.1-KB2969817-x64.msu), and Surface 3 (UEFI Asset Tag management tool)|
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added driver info for Surface Studio; updated info for Surface Book and Surface Pro 4 (Windows 10 .zip cumulative update), Surface Pro 3 (Windows8.1-KB2969817-x64.msu), and Surface 3 (UEFI Asset Tag management tool)|
 
 ## November 2016
 
diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
deleted file mode 100644
index 92527470f2..0000000000
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ /dev/null
@@ -1,105 +0,0 @@
----
-title: Deploy the latest firmware and drivers for Surface devices (Surface)
-description: This article provides a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.
-ms.assetid: 7662BF68-8BF7-43F7-81F5-3580A770294A
-ms.reviewer: dansimp
-manager: kaushika
-keywords: update Surface, newest, latest, download, firmware, driver, tablet, hardware, device
-ms.localizationpriority: medium
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: surface, devices
-ms.sitesec: library
-author: dansimp
-ms.audience: itpro
-ms.date: 11/25/2019
-ms.author: dansimp
-ms.topic: article
----
-
-# Deploy the latest firmware and drivers for Surface devices
-
-> **Home users:** This article is only intended for technical support agents and IT professionals, and applies only to Surface devices. If you're looking for help to install Surface updates or firmware on a home device, please see [Update Surface firmware and Windows 10](https://support.microsoft.com/help/4023505).
-
-Under typical conditions, Windows Update automatically keeps Windows Surface devices up-to-date by downloading and installing the latest device drivers and firmware. However, you may sometimes have to download and install updates manually. For example, you may have to manually manage updates when you deploy a new version of Windows.
-
-## Downloading MSI files
-
-[Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface) provides links to download installation files for the following:
-
-- Administrative tools
-- Drivers for accessories
-- For some devices, updates for Windows
-
-## Deploying MSI files
-
-Specific versions of Windows 10 have separate MSI files. Each MSI file contains all required cumulative driver and firmware updates for Surface devices.
-
-The MSI file names contain useful information, including the minimum supported Windows build number that is required to install the drivers and firmware. For example, to install the drivers that are contained in SurfaceBook_Win10_17763_19.080.2031.0.msi on a Surface Book, the device must be running Windows 10 Fall Creators Update, version 1709 or later.
-
-For more information about build numbers for each Windows version, see [Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information).
-
-### Surface MSI naming convention
-
-Beginning in August, 2019, MSI files have used the following naming convention:
-
-> *Product*\_*Windows release*\_*Windows build number*\_*Version number*\_*Revision of version number (typically zero)*.
-
-**Example**
-
-Consider the following MSI file:
-
-> SurfacePro6_Win10_18362_19.073.44195_0.msi
-
-This file name provides the following information:
-
-- **Product:** SurfacePro6
-- **Windows release:** Win10
-- **Build:** 18362
-- **Version:** 19.073.44195 &ndash; This shows the date and time that the file was created, as follows:
-  - **Year:** 19 (2019)
-  - **Month and week:** 073 (third week of July)
-  - **Minute of the month:** 44195
-- **Revision of version:** 0 (first release of this version)
-
-### Legacy Surface MSI naming convention
-
-Legacy MSI files (files that were built before August, 2019) followed the same overall naming formula, but used a different method to derive the version number.  
-
-**Example**
-
-Consider the following MSI file:
-
-> SurfacePro6_Win10_16299_1900307_0.msi
-
-This file name provides the following information:
-
-- **Product:** SurfacePro6
-- **Windows release:** Win10
-- **Build:** 16299
-- **Version:** 1900307 &ndash; This shows the date that the file was created and its position in the release sequence, as follows:
-  - **Year:** 19 (2019)
-  - **Number of release:** 003 (third release of the year)
-  - **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro)
-- **Revision of version:** 0 (first release of this version)
-
-Use the **version** number to determine the latest files that contain the most recent security updates. For example, consider the following list:
-
-- SurfacePro6_Win10_16299_1900307_0.msi
-- SurfacePro6_Win10_17134_1808507_3.msi
-- SurfacePro6_Win10_17763_1808707_3.msi
-
-In this list, the newest file is the first file (SurfacePro6_Win10_16299_1900307_0.msi). Its **Version** field has the newest date (2019). The other files are from 2018.
-
-## Supported devices
-
-For downloadable MSI files for devices that run Surface Pro 2 and later versions, see [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface). This article contains information about MSI files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3, as they are released.  
-
-> [!NOTE]  
-> There are no downloadable firmware or driver updates available for Surface devices that run Windows RT, including Surface RT and Surface 2. To update these devices, use Windows Update.
-
-For more information about how to deploy Surface drivers and firmware, see the following articles:
-
-- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates)
-
-- [Surface for Business help](https://www.microsoft.com/surface/support/business)
diff --git a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
index e43a14a63b..b1f8eced7e 100644
--- a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
+++ b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
@@ -28,7 +28,7 @@ low power idle state (S0ix).
 
 To ensure Surface devices across your organization fully benefit from Surface power optimization features:
 
--  Install the latest  drivers and firmware from Windows Update or the Surface Driver and Firmware MSI. This creates the balanced power plan (aka power profile) by default and configures optimal power settings.  For more information, refer to [Deploying the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+-  Install the latest  drivers and firmware from Windows Update or the Surface Driver and Firmware MSI. This creates the balanced power plan (aka power profile) by default and configures optimal power settings.  For more information, refer to [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md).
 - Avoid creating custom power profiles or adjusting advanced power settings not visible in the default UI  (**System** > **Power & sleep**).
 - If you must manage the power profile of devices across your network (such as in highly managed organizations), use the powercfg command tool to export the power plan from the factory image of the Surface device and then import it into the provisioning package for your Surface devices. 
 
@@ -178,4 +178,4 @@ To learn more, see:
 
 - [Battery
     saver](https://docs.microsoft.com/windows-hardware/design/component-guidelines/battery-saver)
-- [Deploying the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+- [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
\ No newline at end of file
diff --git a/devices/surface/microsoft-surface-deployment-accelerator.md b/devices/surface/microsoft-surface-deployment-accelerator.md
index 7fbd031cf5..8fbc32d7df 100644
--- a/devices/surface/microsoft-surface-deployment-accelerator.md
+++ b/devices/surface/microsoft-surface-deployment-accelerator.md
@@ -80,7 +80,7 @@ For environments where the SDA server will not be able to connect to the Interne
 
 *Figure 2. Specify a local source for Surface driver and app files*
 
-You can find a full list of available driver downloads at [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+You can find a full list of available driver downloads at [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
 
 >[!NOTE]
 >Downloaded files do not need to be extracted. The downloaded files can be left as .zip files as long as they are stored in one folder.
diff --git a/devices/surface/surface-pro-arm-app-management.md b/devices/surface/surface-pro-arm-app-management.md
index c5869a15d4..fd98f72368 100644
--- a/devices/surface/surface-pro-arm-app-management.md
+++ b/devices/surface/surface-pro-arm-app-management.md
@@ -73,7 +73,7 @@ Surface Pro X was designed to use Windows Update to simplify the process of keep
 
 - Use Windows Update or Windows Update for Business for maintaining the latest drivers and firmware. For more information, see [Deploy Updates using Windows Update for Business](https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb).
 - If your procedures require using a Windows Installer .msi file, contact [Surface for Business support](https://support.microsoft.com/help/4037645). 
-- For more information about deploying and managing updates on Surface devices, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+- For more information about deploying and managing updates on Surface devices, see [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md).
 - Note that Windows Server Update Services (WSUS) does not support the ability to deliver drivers and firmware to Surface Pro X.
 
 ## Running apps on Surface Pro X

From a109f8f5be9790be3b3287c0f35db9e3e649d2a3 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:22:05 -0800
Subject: [PATCH 160/247] Added pre rel info

---
 .../security/threat-protection/microsoft-defender-atp/score.md  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/score.md b/windows/security/threat-protection/microsoft-defender-atp/score.md
index 06f002a203..9a903d296f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/score.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 ## Methods
 Method |Return Type |Description
 :---|:---|:---

From 5e3621cf0517e3124711ac430dccf120f200b655 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:22:43 -0800
Subject: [PATCH 161/247] Update get-machine-group-exposure-score.md

---
 .../get-machine-group-exposure-score.md                       | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
index 42995a2265..5664ee56dd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 Retrieves a collection of alerts related to a given domain address.
 
 ## Permissions
@@ -91,4 +93,4 @@ Here is an example of the response.
         }
     ]
 }
-```
\ No newline at end of file
+```

From e8d128ae4f186881f887710a45a7197c495a09fb Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:23:33 -0800
Subject: [PATCH 162/247] Added pre rel info

---
 .../microsoft-defender-atp/get-exposure-score.md                | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index fadf3a064a..389758df52 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 Retrieves the organizational exposure score.
 
 ## Permissions

From 81165d62ab174dc92a930151e2e57d5e45252ffd Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:24:35 -0800
Subject: [PATCH 163/247] Added pre rel info

---
 .../microsoft-defender-atp/get-device-secure-score.md           | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index d2f1bb53f5..8a00435973 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -22,6 +22,8 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
+[!include[Prerelease information](../../includes/prerelease.md)]
+
 Retrieves the organizational device secure score.
 
 ## Permissions

From 92693e8cc85939b6262213cb2fbf5bb7b275c88d Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:25:12 -0800
Subject: [PATCH 164/247] Update get-device-secure-score.md

---
 .../microsoft-defender-atp/get-device-secure-score.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index 8a00435973..dfd844de6b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -27,7 +27,7 @@ ms.topic: article
 Retrieves the organizational device secure score.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From c1e2b40a1e8d1dd5ac92941092d1615be2b4929d Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:32:09 -0800
Subject: [PATCH 165/247] Update TOC.md

---
 windows/security/threat-protection/TOC.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index ba2038ad57..5fefcfbc9a 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -499,7 +499,7 @@
 ##### [Raw data streaming (preview)](microsoft-defender-atp/raw-data-export.md)
 ##### [Stream advanced hunting events to Azure Events hub](microsoft-defender-atp/raw-data-export-event-hub.md)
 ##### [Stream advanced hunting events to your storage account](microsoft-defender-atp/raw-data-export-storage.md)
- 
+
 
 #### [SIEM integration]()
 ##### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md)

From 29da516e02ec9b354e5b8a0823001c7c31f02492 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Mon, 27 Jan 2020 07:45:45 -1000
Subject: [PATCH 166/247] Update
 maintain-optimal-power-settings-on-Surface-devices.md

---
 .../maintain-optimal-power-settings-on-Surface-devices.md       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
index b1f8eced7e..135851cb06 100644
--- a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
+++ b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
@@ -166,7 +166,7 @@ To learn more, see:
 | Check app usage | Your apps | Close apps.|
 | Check your power cord for any damage.| Your power cord | Replace power cord if worn or damaged.|
 
-# Learn more 
+## Learn more 
 
 - [Modern
     standby](https://docs.microsoft.com/windows-hardware/design/device-experiences/modern-standby-wake-sources)

From 09cc860c6bb00c06b23b8493446952a9b99cca39 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 09:48:34 -0800
Subject: [PATCH 167/247] fixed file path issue

---
 windows/security/threat-protection/TOC.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 5fefcfbc9a..a49cb4bec8 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -400,9 +400,9 @@
 ####### [Get machine by ID](microsoft-defender-atp/get-machine-by-id.md)
 ####### [Get machine log on users](microsoft-defender-atp/get-machine-log-on-users.md)
 ####### [Get machine related alerts](microsoft-defender-atp/get-machine-related-alerts.md)
-####### [Get installed software](get-installed-software.md)
-####### [Get discovered vulnerabilities](get-discovered-vulnerabilities.md)
-####### [Get security recommendation](get-security-recommendations.md)
+####### [Get installed software](microsoft-defender-atp/get-installed-software.md)
+####### [Get discovered vulnerabilities](microsoft-defender-atp/get-discovered-vulnerabilities.md)
+####### [Get security recommendation](microsoft-defender-atp/get-security-recommendations.md)
 ####### [Add or Remove machine tags](microsoft-defender-atp/add-or-remove-machine-tags.md)
 ####### [Find machines by IP](microsoft-defender-atp/find-machines-by-ip.md)
 

From 5ee026b828b03ed53a1ed30e42b8b42dc30b346a Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Mon, 27 Jan 2020 07:54:19 -1000
Subject: [PATCH 168/247] Revert "Update .gitignore"

This reverts commit 51b7cc02616b183004229b9eb2a773c568bc4b6b.
---
 .gitignore | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 10c1b78366..4d2ce285a9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -17,4 +17,3 @@ packages.config
 wdav-pm-sln.csproj
 wdav-pm-sln.csproj.user
 wdav-pm-sln.sln
-devices/surface-hub/surface-hub-account-overview.md

From 99db46cd4490f827e54213795e2ba7a58d30f27b Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Mon, 27 Jan 2020 09:48:20 -1000
Subject: [PATCH 169/247] Update .openpublishing.redirection.json

---
 .openpublishing.redirection.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 1737cf2bbc..12475ff7c6 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -15573,7 +15573,7 @@
 },
 {
 "source_path": "devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md",
-"redirect_url": "/surface/manage-surface-driver-and-firmware-updates.md",
+"redirect_url": "/surface/manage-surface-driver-and-firmware-updates",
 "redirect_document_id": true
 },
 {

From 8db6694234d804bb12a30caa932c74d70512e53e Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Mon, 27 Jan 2020 11:53:38 -0800
Subject: [PATCH 170/247] update with hybrid support

---
 windows/deployment/windows-autopilot/user-driven.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/user-driven.md b/windows/deployment/windows-autopilot/user-driven.md
index e8fdb8a2c2..45520df78e 100644
--- a/windows/deployment/windows-autopilot/user-driven.md
+++ b/windows/deployment/windows-autopilot/user-driven.md
@@ -28,7 +28,7 @@ Windows Autopilot user-driven mode is designed to enable new Windows 10 devices
 
 After completing those simple steps, the remainder of the process is completely automated, with the device being joined to the organization, enrolled in Intune (or another MDM service), and fully configured as defined by the organization.  Any additional prompts during the Out-of-Box Experience (OOBE) can be suppressed; see [Configuring Autopilot Profiles](profiles.md) for options that are available.
 
-Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory.  Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release.  See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
+Today, Windows Autopilot user-driven mode supports Azure Active Directory and Hybrid Azure Active Directory joined devices.  See [What is a device identity](https://docs.microsoft.com/azure/active-directory/devices/overview) for more information about these two join options.
 
 ## Available user-driven modes
 

From ee2afb197aff67d80ec79a1eee01313bdf6b7cdb Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Mon, 27 Jan 2020 11:58:22 -0800
Subject: [PATCH 171/247] corrections in six files

---
 .../enable-cloud-protection-windows-defender-antivirus.md   | 4 ++--
 .../manage-protection-updates-windows-defender-antivirus.md | 6 +++---
 .../manage-updates-baselines-windows-defender-antivirus.md  | 2 +-
 .../report-monitor-windows-defender-antivirus.md            | 2 +-
 .../run-scan-windows-defender-antivirus.md                  | 2 +-
 ...ify-cloud-protection-level-windows-defender-antivirus.md | 4 ++--
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
index 6d7e496eec..985b6f0b7c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
@@ -62,7 +62,7 @@ For more information about Intune device profiles, including how to create and c
 
 **Use Configuration Manager to enable cloud-delivered protection:**
 
-See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 **Use Group Policy to enable cloud-delivered protection:**
 
@@ -139,5 +139,5 @@ See the following for more information and allowed parameters:
 - [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)]
 - [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx)
 - [Utilize Microsoft cloud-delivered protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
-- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
+- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
 - [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
index 05002ff7a5..be5477b03f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
@@ -52,7 +52,7 @@ There are five locations where you can specify where an endpoint should obtain u
 
 - [Microsoft Update](https://support.microsoft.com/help/12373/windows-update-faq)
 - [Windows Server Update Service](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus)
-- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/core/servers/manage/updates)
+- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/core/servers/manage/updates)
 - [Network file share](https://docs.microsoft.com/windows-server/storage/nfs/nfs-overview)
 - [Security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware](https://www.microsoft.com/en-us/wdsi/defenderupdates) (Your policy and registry might have this listed as Microsoft Malware Protection Center (MMPC) security intelligence, its former name.)
 
@@ -76,7 +76,7 @@ Each source has typical scenarios that depend on how your network is configured,
 You can manage the order in which update sources are used with Group Policy, Microsoft Endpoint Configuration Manager, PowerShell cmdlets, and WMI.
 
 > [!IMPORTANT]
-> If you set Windows Server Update Service as a download location, you must approve the updates, regardless of the management tool you use to specify the location. You can set up an automatic approval rule with Windows Server Update Service, which might be useful as updates arrive at least once a day. To learn more, see [synchronize endpoint protection updates in standalone Windows Server Update Service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus).
+> If you set Windows Server Update Service as a download location, you must approve the updates, regardless of the management tool you use to specify the location. You can set up an automatic approval rule with Windows Server Update Service, which might be useful as updates arrive at least once a day. To learn more, see [synchronize endpoint protection updates in standalone Windows Server Update Service](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus).
 
 The procedures in this article first describe how to set the order, and then how to set up the **File share** option if you have enabled it.
 
@@ -110,7 +110,7 @@ The procedures in this article first describe how to set the order, and then how
 
 ## Use Configuration Manager to manage the update location
 
-See [Configure Security intelligence Updates for Endpoint Protection](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-definition-updates) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+See [Configure Security intelligence Updates for Endpoint Protection](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-definition-updates) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 
 ## Use PowerShell cmdlets to manage the update location
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
index 40bc802e34..7ebc368cbc 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
@@ -40,7 +40,7 @@ The cloud-delivered protection is always on and requires an active connection to
 
 Windows Defender Antivirus requires [monthly updates](https://support.microsoft.com/help/4052623/update-for-windows-defender-antimalware-platform) (known as "engine updates" and "platform updates"), and will receive major feature updates alongside Windows 10 releases.
 
-You can manage the distribution of updates through Windows Server Update Service (WSUS), with [ Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/sccm/sum/understand/software-updates-introduction), or in the normal manner that you deploy Microsoft and Windows updates to endpoints in your network.
+You can manage the distribution of updates through Windows Server Update Service (WSUS), with [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/sum/understand/software-updates-introduction), or in the normal manner that you deploy Microsoft and Windows updates to endpoints in your network.
 
 ## In this section
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
index b454b8490d..caea14600c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-With Windows Defender Antivirus, you have several options for reviewing protection status and alerts. You can use Microsoft Endpoint Configuration Manager to [monitor Windows Defender Antivirus](https://docs.microsoft.com/sccm/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-configure-alerts). Or, you can monitor protection using [Microsoft Intune](https://docs.microsoft.com/intune/introduction-intune).  
+With Windows Defender Antivirus, you have several options for reviewing protection status and alerts. You can use Microsoft Endpoint Configuration Manager to [monitor Windows Defender Antivirus](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-configure-alerts). Or, you can monitor protection using [Microsoft Intune](https://docs.microsoft.com/intune/introduction-intune).  
 
 Microsoft Operations Management Suite has an [Update Compliance add-in](/windows/deployment/update/update-compliance-get-started) that reports on key Windows Defender Antivirus issues, including protection updates and real-time protection settings.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
index 4db84ce762..f36197fe0f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
@@ -41,7 +41,7 @@ A full scan can be useful on endpoints that have encountered a malware threat to
 
 ## Use Configuration Manager to run a scan
 
-See [Antimalware and firewall tasks: How to perform an on-demand scan](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-firewall#how-to-perform-an-on-demand-scan-of-computers) for details on using Microsoft Endpoint Configuration Manager (current branch) to run a scan.
+See [Antimalware and firewall tasks: How to perform an on-demand scan](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-firewall#how-to-perform-an-on-demand-scan-of-computers) for details on using Microsoft Endpoint Configuration Manager (current branch) to run a scan.
 
 ## Use the mpcmdrun.exe command-line utility to run a scan
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
index 0480d91f4e..d04a0c0bd5 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
@@ -47,7 +47,7 @@ For more information about Intune device profiles, including how to create and c
 
 ## Use Configuration Manager to specify the level of cloud-delivered protection
 
-See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
+See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch).
 
 ## Use Group Policy to specify the level of cloud-delivered protection
 
@@ -77,6 +77,6 @@ See [How to create and deploy antimalware policies: Cloud-protection service](ht
 
 - [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
 - [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md)
-- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
+- [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
 
 

From 5ca81d0afa05bacbf17e488ac0bf171463fc962d Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Mon, 27 Jan 2020 11:58:29 -0800
Subject: [PATCH 172/247] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200127110202 (#1945)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../resolved-issues-windows-10-1903.yml            | 14 --------------
 ...us-windows-7-and-windows-server-2008-r2-sp1.yml |  4 ++--
 2 files changed, 2 insertions(+), 16 deletions(-)

diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml
index f6f7b30864..0554cb4e28 100644
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@@ -37,7 +37,6 @@ sections:
       <tr><td><div id='225msg'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><br>Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.<br><br><a href = '#225msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td><div id='317msg'></div><b>Updates may fail to install and you may receive Error 0x80073701</b><br>Installation of updates may fail and you may receive error code 0x80073701.<br><br><a href = '#317msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:11 AM PT</td></tr>
       <tr><td><div id='228msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Devices with a range of Intel Display Audio device drivers may experience battery drain.<br><br><a href = '#228msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>November 12, 2019 <br>08:04 AM PT</td></tr>
-      <tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='358msg'></div><b>Unable to discover or connect to Bluetooth devices using some Qualcomm adapters</b><br>Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.<br><br><a href = '#358msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='338msg'></div><b>Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters</b><br>Some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards may experience compatibility issues.<br><br><a href = '#338msgdesc'>See details ></a></td><td>N/A <br><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4522355' target='_blank'>KB4522355</a></td><td>October 24, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='248msg'></div><b>dGPU occasionally disappear from device manager on Surface Book 2</b><br>Some apps or games may close or fail to open on Surface Book 2 devices with Nvidia dGPU.<br><br><a href = '#248msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>October 18, 2019 <br>04:33 PM PT</td></tr>
@@ -54,8 +53,6 @@ sections:
       <tr><td><div id='236msg'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><br>Windows Sandbox may fail to start on devices in which the operating system language was changed between updates.<br><br><a href = '#236msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>August 30, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>August 30, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='306msg'></div><b>MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices</b><br>You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.<br><br><a href = '#306msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved External<br></td><td>August 09, 2019 <br>07:03 PM PT</td></tr>
-      <tr><td><div id='227msg'></div><b>Display brightness may not respond to adjustments</b><br>Devices configured with certain Intel display drivers may experience a driver compatibility issue.<br><br><a href = '#227msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
-      <tr><td><div id='249msg'></div><b>RASMAN service may stop working and result in the error “0xc0000005”</b><br>The RASMAN service may stop working with VPN profiles configured as an Always On VPN connection.<br><br><a href = '#249msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -116,15 +113,6 @@ sections:
       </table>
       "
 
-- title: June 2019
-- items:
-  - type: markdown
-    text: "
-      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='249msgdesc'></div><b>RASMAN service may stop working and result in the error “0xc0000005”</b><div>The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0.&nbsp;You may also receive an error in the<strong> Application section </strong>of <strong>Windows Logs</strong> <strong>in</strong>&nbsp;<strong>Event Viewer&nbsp;</strong>with Event ID 1000 referencing “svchost.exe_RasMan” and “rasman.dll”.</div><div><br></div><div>This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections.</div><div><br></div><div><strong>Affected platforms</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a>.</div><br><a href ='#249msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 28, 2019 <br>05:01 PM PT</td></tr>
-      </table>
-      "
-
 - title: May 2019
 - items:
   - type: markdown
@@ -133,8 +121,6 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='231msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with affected Qualcomm driver from being offered Windows 10, version 1903 or Windows 10, version 1909, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with an updated Qualcomm Wifi driver and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.</div><br><a href ='#231msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 22, 2019 <br>04:10 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='225msgdesc'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903</li><li>Server: Windows 10, version 1909; Windows Server, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with an updated driver for the affected Realtek Bluetooth radio and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.</div><br><a href ='#225msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='228msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with updated drivers from your device manufacturer (OEM) or Intel. The safeguard hold has been removed.</div><div><br></div><div><strong>Note </strong>If you are still experiencing the issue described, please contact your device manufacturer (OEM).</div><br><a href ='#228msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 12, 2019 <br>08:04 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a> and the safeguard hold has been removed.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='236msgdesc'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><div>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a>.</div><br><a href ='#236msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='227msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in <a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a> and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.</div><br><a href ='#227msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index f88f58ac4c..1db3c602ad 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 26, 2020 <br>06:01 PM PT</td></tr>
       <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
@@ -79,7 +79,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in mid-February&nbsp;for organizations who have purchased Windows 7 <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" target=\"_blank\" rel=\"noopener noreferrer\">Extended Security Updates (ESU)</a>.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 24, 2020 <br>09:15 AM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 26, 2020 <br>06:01 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
       </table>
       "
 

From 7583518cdc2d301344c35a968b0a5b11f6bd9b04 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Mon, 27 Jan 2020 10:25:53 -1000
Subject: [PATCH 173/247] Update .openpublishing.redirection.json

---
 .openpublishing.redirection.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 12475ff7c6..7713cc7237 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -58,7 +58,7 @@
 {
 "source_path": "devices/surface/manage-surface-pro-3-firmware-updates.md",
 "redirect_url": "https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates",
-"redirect_document_id": true
+"redirect_document_id": false
 },
 {
 "source_path": "devices/surface/update.md",

From 9652500324aec4990118e4e097ef83e60d71e15a Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 12:40:36 -0800
Subject: [PATCH 174/247] Update preview.md

---
 .../threat-protection/microsoft-defender-atp/preview.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index a605c4517f..4cde145e4c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -43,7 +43,7 @@ Turn on the preview experience setting to be among the first to try upcoming fea
 ## Preview features
 The following features are included in the preview release:
 
-- [Threat & Vulnerability Management API support](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list) <BR>Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and machine vulnerability inventory, software version distribution, machine vulnerability information, security recommandation information.
+- [Threat & Vulnerability Management API support](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list) <BR>Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and machine vulnerability inventory, software version distribution, machine vulnerability information, security recommendation information.
  
  - [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os) <BR>Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019.
 

From a5f51f1e5e99c0c4cd4cdf08b7186090e84f9469 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Mon, 27 Jan 2020 12:43:22 -0800
Subject: [PATCH 175/247] Fixed spelling error

---
 .../threat-protection/microsoft-defender-atp/recommendation.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index 2da5fe1030..221645d516 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -49,7 +49,7 @@ severityScore | Double | Potential impact of the configuration to the organizati
 publicExploit | Boolean | Public exploit is available 
 activeAlert | Boolean | Active alert is associated with this recommendation
 associatedThreats | String collection | Threat analytics report is associated with this recommendation
-remediationType | String | Remedation type. Possible values are: “ConfigurationChange”,“Update”,“Upgrade”,”Uninstall”
+remediationType | String | Remediation type. Possible values are: “ConfigurationChange”,“Update”,“Upgrade”,”Uninstall”
 Status | Enum | Recommendation exception status. Possible values are: “Active” and “Exception”
 configScoreImpact | Double | Configuration score impact
 exposureImpacte | Double | Exposure score impact

From 7e7f2b1055ab134af49da4bf52402e05195e40be Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Mon, 27 Jan 2020 14:02:39 -0800
Subject: [PATCH 176/247] Indented a note in a list item

---
 .../maintain-optimal-power-settings-on-Surface-devices.md   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
index 135851cb06..2631b5f837 100644
--- a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
+++ b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
@@ -32,8 +32,8 @@ To ensure Surface devices across your organization fully benefit from Surface po
 - Avoid creating custom power profiles or adjusting advanced power settings not visible in the default UI  (**System** > **Power & sleep**).
 - If you must manage the power profile of devices across your network (such as in highly managed organizations), use the powercfg command tool to export the power plan from the factory image of the Surface device and then import it into the provisioning package for your Surface devices. 
 
->[!NOTE]
->You can only export a power plan across the same type of Surface device.  For example, you cannot export a power plan from Surface Laptop and import it on Surface Pro.  For more information, refer to [Configure power settings](https://docs.microsoft.com/windows-hardware/customize/power-settings/configure-power-settings).
+    >[!NOTE]
+    >You can only export a power plan across the same type of Surface device.  For example, you cannot export a power plan from Surface Laptop and import it on Surface Pro.  For more information, refer to [Configure power settings](https://docs.microsoft.com/windows-hardware/customize/power-settings/configure-power-settings).
 
 - Exclude Surface devices from any existing power management policy settings. 
 
@@ -178,4 +178,4 @@ To learn more, see:
 
 - [Battery
     saver](https://docs.microsoft.com/windows-hardware/design/component-guidelines/battery-saver)
-- [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
\ No newline at end of file
+- [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)

From 97570ddcf62f66f95532bdbff5b148f5774acdc4 Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Mon, 27 Jan 2020 14:27:34 -0800
Subject: [PATCH 177/247] Add information about policy deletion

---
 ...nder-application-control-policies-using-intune.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
index c3ccef8510..128fb4d3a3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@@ -48,7 +48,8 @@ In order to deploy a custom policy through Intune and define your own circle of
 
 ## Using a Custom OMA-URI Profile
 
-For 1903+ systems, the steps to use Intune's Custom OMA-URI functionality to leverage the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp) and deploy a custom WDAC policy are:
+### For 1903+ systems
+The steps to use Intune's Custom OMA-URI functionality to leverage the [ApplicationControl CSP](https://docs.microsoft.com/windows/client-management/mdm/applicationcontrol-csp) and deploy a custom WDAC policy to 1903+ systems are:
 
 1. Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyID>`
 2. Convert the policy XML to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
@@ -61,7 +62,11 @@ For 1903+ systems, the steps to use Intune's Custom OMA-URI functionality to lev
 
     ![Configure custom WDAC](images/wdac-intune-custom-oma-uri.png)
 
-For pre-1903 systems, the steps to use Intune's Custom OMA-URI functionality to leverage the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp) and deploy a custom WDAC policy are:
+> [!NOTE]
+> Upon deletion, policies deployed through Intune via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to functionally do a rebootless delete, replace the existing policy with an Allow All policy (found at C:\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml) and then delete the updated policy. This will immediately prevent anything from being blocked and fully deactive the policy on the next reboot.
+
+### For pre-1903 systems
+The steps to use Intune's Custom OMA-URI functionality to leverage the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp) and deploy a custom WDAC policy to pre-1903 systems are:
 
 1. Convert the policy XML to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 2. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.
@@ -70,3 +75,6 @@ For pre-1903 systems, the steps to use Intune's Custom OMA-URI functionality to
     - **OMA-URI**: ./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/_Grouping_/CodeIntegrity/Policy)
     - **Data type**: Base64
     - **Certificate file**: upload your binary format policy file
+
+> [!NOTE]
+> Policies deployed through Intune via the AppLocker CSP cannot be deleted through the Intune console. In order to disable WDAC policy enforcement, either deploy an audit-mode policy and/or use a script to delete the existing policy.

From 777eadaf98117cb4c85b6b8e23b930acfee515b9 Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Mon, 27 Jan 2020 14:56:35 -0800
Subject: [PATCH 178/247] Add deletion information to AppControl CSP

---
 .../client-management/mdm/applicationcontrol-csp.md  | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index ef81d89611..121f28dad6 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -234,15 +234,23 @@ The following is an example of Get command:
 
 ### Delete policies
 
+#### Rebootless Deletion
+
+Upon deletion, policies deployed via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to functionally do a rebootless delete, first replace the existing policy with an Allow All policy (found at C:\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml) and then delete the updated policy. This will immediately prevent anything from being blocked and fully deactive the policy on the next reboot.
+
+#### Unsigned Policies
+
 To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy**.
 
+#### Signed Policies
+
 > [!NOTE]
-> Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
+> A signed policy by default can only be replaced by another signed policy. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
 
 To delete a signed policy:
 
 1. Replace it with a signed update allowing unsigned policy.
-2. Deploy another update with unsigned policy.
+2. Deploy another update with unsigned Allow All policy.
 3. Perform delete.
 
 The following is an example of Delete command:

From ee67b0eb8ef386eac41ae2bf55a10ab063c5cfdf Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Tue, 28 Jan 2020 09:03:03 -0800
Subject: [PATCH 179/247] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200128080053 (#1952)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../status-windows-7-and-windows-server-2008-r2-sp1.yml       | 4 ++--
 windows/release-information/windows-message-center.yml        | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 1db3c602ad..a5cd7e2724 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 26, 2020 <br>06:01 PM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 27, 2020 <br>12:27 PM PT</td></tr>
       <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
@@ -79,7 +79,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 26, 2020 <br>06:01 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 27, 2020 <br>12:27 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index 671d2a1748..7cd86d392d 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
       
+      <tr><td id='385'><a href = 'https://support.microsoft.com/help/4532695' target='_blank'><b>January 2020 Windows 10, version 1909 \"D\" optional release is available.</b></a><a class='docon docon-link heading-anchor' aria-labelledby='385' href='#385'></a><br><div>The January<strong> </strong>2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 28, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='383'><b>January 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='383' href='#383'></a><br><div>The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 23, 2020 <br>12:00 PM PT</td></tr>
       <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
       <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>

From df2badcb4043ed1a1fd93a8bba03f3e5737e6800 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 28 Jan 2020 11:24:24 -0800
Subject: [PATCH 180/247] corrections to get-started and add-devices

---
 windows/deployment/update/windows-analytics-get-started.md | 2 +-
 windows/deployment/windows-autopilot/add-devices.md        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md
index 5a35460bf7..46c810f36d 100644
--- a/windows/deployment/update/windows-analytics-get-started.md
+++ b/windows/deployment/update/windows-analytics-get-started.md
@@ -96,7 +96,7 @@ If your organization uses proxy server authentication for outbound traffic, use
 
 ## Deploy the compatibility update and related updates
 
-The compatibility update scans your devices and enables application usage tracking. If you don’t already have these updates installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as Microsoft Endpoint Configuration Manager.
+The compatibility update scans your devices and enables application usage tracking. If you don’t already have these updates installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as System Center Configuration Manager.
 
 | **Operating System** | **Updates** |
 |----------------------|-----------------------------------------------------------------------------|
diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index 412b068424..d0230c3d20 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -61,7 +61,7 @@ Note that the hardware hash also contains details about when it was generated, s
 
 ### Collecting the hardware ID from existing devices using Microsoft Endpoint Configuration Manager
 
-Starting with Microsoft Endpoint Configuration Manager, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details. The hash information can be extracted from Configuration Manager into a CSV file.
+Microsoft Endpoint Configuration Manager automaticaly collects the hardware hashes for existing Windows 10 devices. For more information, see . See the [What’s new in version 1802](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details. The hash information can be extracted from Configuration Manager into a CSV file.
 
 > [!Note]
 > Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).

From eb32f5424d22e7fd04b79fa660a40720b3909224 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Tue, 28 Jan 2020 13:19:35 -0800
Subject: [PATCH 181/247] replace Windows Analytics card

---
 windows/deployment/index.yml | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml
index 9530728934..97469bf8e3 100644
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@@ -10,8 +10,7 @@ metadata:
   ms.localizationpriority: high
   author: greg-lindsay
   ms.author: greglin
-  manager: elizapo
-  ms.date: 02/09/2018
+  manager: laurawi
   ms.topic: article
   ms.devlang: na
 
@@ -35,11 +34,11 @@ sections:
       image:
         src: https://docs.microsoft.com/media/common/i_upgrade.svg
       title: Windows as a service
-    - href: update/windows-analytics-overview
-      html: <p>Windows Analytics provides deep insights into your Windows 10 environment.</p>
+    - href: windows-autopilot/windows-autopilot
+      html: <p>Windows Autopilot greatly simplifies deployment of Windows devices.</p>
       image:
-        src: https://docs.microsoft.com/media/common/i_investigate.svg
-      title: Windows Analytics
+        src: https://docs.microsoft.com/media/common/i_setup.svg
+      title: Windows Autopilot
 - title:
 - items:
   - type: markdown

From 0f3890ed43977bcdb2d06dec161abcd14bda239d Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Tue, 28 Jan 2020 13:20:39 -0800
Subject: [PATCH 182/247] remove punctuation

---
 windows/deployment/index.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml
index 97469bf8e3..857c663214 100644
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@@ -35,7 +35,7 @@ sections:
         src: https://docs.microsoft.com/media/common/i_upgrade.svg
       title: Windows as a service
     - href: windows-autopilot/windows-autopilot
-      html: <p>Windows Autopilot greatly simplifies deployment of Windows devices.</p>
+      html: <p>Windows Autopilot greatly simplifies deployment of Windows devices</p>
       image:
         src: https://docs.microsoft.com/media/common/i_setup.svg
       title: Windows Autopilot

From 1d7e85350f50554567d3c7c2f54b32960d5d1cae Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Tue, 28 Jan 2020 13:24:40 -0800
Subject: [PATCH 183/247] change icon

---
 windows/deployment/index.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml
index 857c663214..4414c1e8fe 100644
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@@ -37,7 +37,7 @@ sections:
     - href: windows-autopilot/windows-autopilot
       html: <p>Windows Autopilot greatly simplifies deployment of Windows devices</p>
       image:
-        src: https://docs.microsoft.com/media/common/i_setup.svg
+        src: https://docs.microsoft.com/media/common/i_delivery.svg
       title: Windows Autopilot
 - title:
 - items:

From eb9294f037acb481845f269445d62f8b25c2c03f Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 28 Jan 2020 15:18:28 -0800
Subject: [PATCH 184/247] corrections for edition-upgrades and add-devices

---
 windows/deployment/upgrade/windows-10-edition-upgrades.md | 2 +-
 windows/deployment/windows-autopilot/add-devices.md       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/upgrade/windows-10-edition-upgrades.md b/windows/deployment/upgrade/windows-10-edition-upgrades.md
index f0ed48723b..e2806e3c0c 100644
--- a/windows/deployment/upgrade/windows-10-edition-upgrades.md
+++ b/windows/deployment/upgrade/windows-10-edition-upgrades.md
@@ -28,7 +28,7 @@ For a list of operating systems that qualify for the Windows 10 Pro Upgrade or W
 
 The following table shows the methods and paths available to change the edition of Windows 10 that is running on your computer. **Note**: The reboot requirement for upgrading from Pro to Enterprise was removed in version 1607.
 
-Note: Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](https://docs.microsoft.com/sccm/compliance/deploy-use/upgrade-windows-version) in Microsoft Endpoint Configuration Manager.
+Note: Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](https://docs.microsoft.com/configmgr/compliance/deploy-use/upgrade-windows-version) in Microsoft Endpoint Configuration Manager.
 
 ![not supported](../images/x_blk.png) (X) = not supported</br>
 ![supported, reboot required](../images/check_grn.png) (green checkmark) = supported, reboot required</br>
diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index d0230c3d20..22e55288a2 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -61,7 +61,7 @@ Note that the hardware hash also contains details about when it was generated, s
 
 ### Collecting the hardware ID from existing devices using Microsoft Endpoint Configuration Manager
 
-Microsoft Endpoint Configuration Manager automaticaly collects the hardware hashes for existing Windows 10 devices. For more information, see . See the [What’s new in version 1802](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details. The hash information can be extracted from Configuration Manager into a CSV file.
+Microsoft Endpoint Configuration Manager automatically collects the hardware hashes for existing Windows 10 devices. For more information, see [Gather information from Configuration Manager for Windows Autopilot](https://docs.microsoft.com/configmgr/comanage/how-to-prepare-win10#windows-autopilot). You can extract the hash information from Configuration Manager into a CSV file.
 
 > [!Note]
 > Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).

From 7c39ff0eec48afe05a62c693781687a27e0a18d3 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 28 Jan 2020 18:03:44 -0800
Subject: [PATCH 185/247] resolved merge conflicts

---
 windows/deployment/windows-10-poc.md | 54 ----------------------------
 1 file changed, 54 deletions(-)

diff --git a/windows/deployment/windows-10-poc.md b/windows/deployment/windows-10-poc.md
index 42a1176551..2b72ab624c 100644
--- a/windows/deployment/windows-10-poc.md
+++ b/windows/deployment/windows-10-poc.md
@@ -52,11 +52,7 @@ Topics and procedures in this guide are summarized in the following table. An es
 <div style='font-size:9.0pt'>
 
 <table border="1" cellspacing="0" cellpadding="0">
-<<<<<<< HEAD
-<tr><TD BGCOLOR="#a0e4fa"><B>Topic</B></td><TD BGCOLOR="#a0e4fa"><B>Description</B></td><TD BGCOLOR="#a0e4fa"><B>Time</B></td></tr>
-=======
 <tr><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Topic</B></font></td><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Description</B></font></td><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Time</B></font></td></tr>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 <tr><td><a href="#hardware-and-software-requirements" data-raw-source="[Hardware and software requirements](#hardware-and-software-requirements)">Hardware and software requirements</a><td>Prerequisites to complete this guide.<td>Informational
 <tr><td><a href="#lab-setup" data-raw-source="[Lab setup](#lab-setup)">Lab setup</a><td>A description and diagram of the PoC environment.<td>Informational
 <tr><td><a href="#configure-the-poc-environment" data-raw-source="[Configure the PoC environment](#configure-the-poc-environment)">Configure the PoC environment</a><td>Parent topic for procedures.<td>Informational
@@ -86,55 +82,31 @@ Hardware requirements are displayed below:
 <table border="1" cellspacing="0" cellpadding="0">
     <tr>
         <td></td>
-<<<<<<< HEAD
-        <td BGCOLOR="#a0e4fa"><strong>Computer 1</strong> (required)</td>
-        <td BGCOLOR="#a0e4fa"><strong>Computer 2</strong> (recommended)</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa"><strong>Role</strong></td>
-=======
         <td BGCOLOR="#a0e4fa"><strong><font color="#000000">Computer 1</strong> (required)</font></td>
         <td BGCOLOR="#a0e4fa"><strong><font color="#000000">Computer 2</strong> (recommended)</font></td>
     </tr>
     <tr>
         <td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Role</strong></font></td>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
         <td>Hyper-V host</td>
         <td>Client computer</td>
     </tr>
     <tr>
-<<<<<<< HEAD
-        <td BGCOLOR="#a0e4fa"><strong>Description</strong></td>
-=======
         <td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Description</strong></font></td>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
         <td>This computer will run Hyper-V, the Hyper-V management tools, and the Hyper-V Windows PowerShell module.</td>
         <td>This computer is a Windows 7 or Windows 8/8.1 client on your corporate network that will be converted to a VM to demonstrate the upgrade process.</td>
     </tr>
     <tr>
-<<<<<<< HEAD
-        <td BGCOLOR="#a0e4fa"><strong>OS</strong></td>
-=======
         <td BGCOLOR="#a0e4fa"><font color="#000000"><strong>OS</strong></font></td>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
         <td>Windows 8.1/10 or Windows Server 2012/2012 R2/2016<b>*</b></td>
         <td>Windows 7 or a later</td>
     </tr>
     <tr>
-<<<<<<< HEAD
-        <td BGCOLOR="#a0e4fa"><strong>Edition</strong></td>
-=======
         <td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Edition</strong></font></td>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
         <td>Enterprise, Professional, or Education</td>
         <td>Any</td>
     </tr>
     <tr>
-<<<<<<< HEAD
-        <td BGCOLOR="#a0e4fa"><strong>Architecture</strong></td>
-=======
         <td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Architecture</strong></font></td>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
         <td>64-bit</td>
         <td>Any<BR><I>Note: Retaining applications and settings requires that architecture (32 or 64-bit) is the same before and after the upgrade.</I></td>
     </tr>
@@ -1006,11 +978,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
     ping www.microsoft.com
     </pre>
 
-<<<<<<< HEAD
-    If you see "Ping request could not find host www.microsoft.com" on PC1 and DC1, but not on SRV1, then you will need to configure a server-level DNS forwarder on SRV1. To do this, open an elevated Windows PowerShell prompt on SRV1 and type the following command.
-=======
     If you see "Ping request could not find host `www.microsoft.com`" on PC1 and DC1, but not on SRV1, then you will need to configure a server-level DNS forwarder on SRV1. To do this, open an elevated Windows PowerShell prompt on SRV1 and type the following command.
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
     **Note**: This command also assumes that "Ethernet 2" is the external-facing network adapter on SRV1. If the external adapter has a different name, replace "Ethernet 2" in the command below with that name:
 
@@ -1066,17 +1034,10 @@ Use the following procedures to verify that the PoC environment is configured pr
     **DCDiag** displays "passed test" for all tests.<BR>
     **Get-DnsServerResourceRecord** displays the correct DNS address records for DC1, SRV1, and the computername of PC1. Additional address records for the zone apex (@), DomainDnsZones, and ForestDnsZones will also be registered.<BR>
     **Get-DnsServerForwarder** displays a single forwarder of 192.168.0.2.<BR>
-<<<<<<< HEAD
-    **Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
-    **Get-DhcpServerInDC** displays 192.168.0.1, dc1.contoso.com.<BR>
-    **Get-DhcpServerv4Statistics** displays 1 scope with 2 addresses in use (these belong to PC1 and the Hyper-V host).<BR>
-    **ipconfig** displays a primary DNS suffix and suffix search list of contoso.com, IP address of 192.168.0.1, subnet mask of 255.255.255.0, default gateway of 192.168.0.2, and DNS server addresses of 192.168.0.1 and 192.168.0.2.
-=======
     **Resolve-DnsName** displays public IP address results for `www.microsoft.com`.<BR>
     **Get-DhcpServerInDC** displays 192.168.0.1, `dc1.contoso.com`.<BR>
     **Get-DhcpServerv4Statistics** displays 1 scope with 2 addresses in use (these belong to PC1 and the Hyper-V host).<BR>
     **ipconfig** displays a primary DNS suffix and suffix search list of `contoso.com`, IP address of 192.168.0.1, subnet mask of 255.255.255.0, default gateway of 192.168.0.2, and DNS server addresses of 192.168.0.1 and 192.168.0.2.
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
 2. On SRV1, open an elevated Windows PowerShell prompt and type the following commands:
 
@@ -1090,13 +1051,8 @@ Use the following procedures to verify that the PoC environment is configured pr
 
     **Get-Service** displays a status of "Running" for both services.<BR>
     **Get-DnsServerForwarder** either displays no forwarders, or displays a list of forwarders you are required to use so that SRV1 can resolve Internet names.<BR>
-<<<<<<< HEAD
-    **Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
-    **ipconfig** displays a primary DNS suffix of contoso.com. The suffix search list contains contoso.com and your corporate domain. Two ethernet adapters are shown: Ethernet adapter "Ethernet" has an IP addresses of 192.168.0.2, subnet mask of 255.255.255.0, no default gateway, and DNS server addresses of 192.168.0.1 and 192.168.0.2. Ethernet adapter "Ethernet 2" has an IP address, subnet mask, and default gateway configured by DHCP on your corporate network.<BR>
-=======
     **Resolve-DnsName** displays public IP address results for `www.microsoft.com`.<BR>
     **ipconfig** displays a primary DNS suffix of `contoso.com`. The suffix search list contains `contoso.com` and your corporate domain. Two ethernet adapters are shown: Ethernet adapter "Ethernet" has an IP addresses of 192.168.0.2, subnet mask of 255.255.255.0, no default gateway, and DNS server addresses of 192.168.0.1 and 192.168.0.2. Ethernet adapter "Ethernet 2" has an IP address, subnet mask, and default gateway configured by DHCP on your corporate network.<BR>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
     **netsh** displays three interfaces on the computer: interface "Ethernet 2" with DHCP enabled = Yes and IP address assigned by your corporate network, interface "Ethernet" with DHCP enabled = No and IP address of 192.168.0.2, and interface "Loopback Pseudo-Interface 1" with IP address of 127.0.0.1.
 
 3. On PC1, open an elevated Windows PowerShell prompt and type the following commands:
@@ -1111,15 +1067,9 @@ Use the following procedures to verify that the PoC environment is configured pr
 
     **whoami** displays the current user context, for example in an elevated Windows PowerShell prompt, contoso\administrator is displayed.<BR>
     **hostname** displays the name of the local computer, for example W7PC-001.<BR>
-<<<<<<< HEAD
-    **nslookup** displays the DNS server used for the query, and the results of the query. For example, server dc1.contoso.com, address 192.168.0.1, Name e2847.dspb.akamaiedge.net.<BR>
-    **ping** displays if the source can resolve the target name, and whether or not the target responds to ICMP. If it cannot be resolved, "..could not find host" will be diplayed and if the target is found and also responds to ICMP, you will see "Reply from" and the IP address of the target.<BR>
-    **tracert** displays the path to reach the destination, for example srv1.contoso.com [192.168.0.2] followed by a list of hosts and IP addresses corresponding to subsequent routing nodes between the source and the destination.
-=======
     **nslookup** displays the DNS server used for the query, and the results of the query. For example, server `dc1.contoso.com`, address 192.168.0.1, Name `e2847.dspb.akamaiedge.net`.<BR>
     **ping** displays if the source can resolve the target name, and whether or not the target responds to ICMP. If it cannot be resolved, "..could not find host" will be displayed and if the target is found and also responds to ICMP, you will see "Reply from" and the IP address of the target.<BR>
     **tracert** displays the path to reach the destination, for example `srv1.contoso.com` [192.168.0.2] followed by a list of hosts and IP addresses corresponding to subsequent routing nodes between the source and the destination.
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 
 
 ## Appendix B: Terminology used in this guide
@@ -1129,12 +1079,8 @@ Use the following procedures to verify that the PoC environment is configured pr
 <div style='font-size:9.0pt'>
 
 <table border="1" cellspacing="0" cellpadding="0">
-<<<<<<< HEAD
-<tr><TD BGCOLOR="#a0e4fa"><B>Term</B><TD BGCOLOR="#a0e4fa"><B>Definition</B>
-=======
 <tr><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Term</B></font>
 <TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Definition</B></font>
->>>>>>> 15571a3eeab72fb2d45a44e76e0f33dfa45ad0d0
 <tr><td>GPT<td>GUID partition table (GPT) is an updated hard-disk formatting scheme that enables the use of newer hardware. GPT is one of the partition formats that can be chosen when first initializing a hard drive, prior to creating and formatting partitions.
 <tr><td>Hyper-V<td>Hyper-V is a server role introduced with Windows Server 2008 that lets you create a virtualized computing environment. Hyper-V can also be installed as a Windows feature on Windows client operating systems, starting with Windows 8.
 <tr><td>Hyper-V host<td>The computer where Hyper-V is installed.

From a9c3e7bbd780e422369f44a0f162e6264abe3e76 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Tue, 28 Jan 2020 20:07:47 -0800
Subject: [PATCH 186/247] corrections upgrade-readiness existing-devices
 fields-1809

---
 .../upgrade/manage-windows-upgrades-with-upgrade-readiness.md   | 2 +-
 windows/deployment/windows-autopilot/existing-devices.md        | 2 +-
 .../basic-level-windows-diagnostic-events-and-fields-1809.md    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md b/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
index bcfd0a6ac4..22a0623cd6 100644
--- a/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
+++ b/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
@@ -29,7 +29,7 @@ Use Upgrade Readiness to get:
 -   Guidance and insights into application and driver compatibility issues, with suggested fixes
 -   Data driven application rationalization tools
 -   Application usage information, allowing targeted validation; workflow to track validation progress and decisions
--   Data export to commonly used software deployment tools, including Microsoft Endpoint Configuration Manager
+-   Data export to commonly used software deployment tools, including System Center Configuration Manager
 
 The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
 
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index ec0def3245..daad48abfa 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -31,7 +31,7 @@ This topic describes how to convert Windows 7 or Windows 8.1 domain-joined compu
 
 - Microsoft Endpoint Configuration Manager Current Branch (1806) OR Microsoft Endpoint Configuration Manager Technical Preview (1808)
 - The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
-    - Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
+    - For more information on Configuration Manager support, see [Support for Windows 10 ADK](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10#windows-10-adk).
 - Assigned Microsoft Intune Licenses
 - Azure Active Directory Premium
 - Windows 10 version 1809 or later imported into Config Mgr as an Operating System Image
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
index 52244ce093..8048327d37 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@@ -2994,7 +2994,7 @@ The following fields are available:
 - **IsDeviceNetworkMetered**  Indicates whether the device is connected to a metered network.
 - **IsDeviceOobeBlocked**  Indicates whether user approval is required to install updates on the device.
 - **IsDeviceRequireUpdateApproval**  Indicates whether user approval is required to install updates on the device.
-- **IsDeviceSccmManaged**  Indicates whether the device is running the Microsoft Endpoint Configuration Manager) to keep the operating system and applications up to date.
+- **IsDeviceSccmManaged**  Indicates whether the device is running the Microsoft Endpoint Configuration Manager client to keep the operating system and applications up to date.
 - **IsDeviceUninstallActive**  Indicates whether the OS (operating system) on the device was recently updated.
 - **IsDeviceUpdateNotificationLevel**  Indicates whether the device has a set policy to control update notifications.
 - **IsDeviceUpdateServiceManaged**  Indicates whether the device uses WSUS (Windows Server Update Services).

From 03b5311757116f46fd671ce7b79d2cdcd3ae2297 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 29 Jan 2020 04:43:06 -0800
Subject: [PATCH 187/247] review corrections completed

---
 windows/deployment/usmt/usmt-common-migration-scenarios.md | 2 +-
 windows/deployment/usmt/usmt-test-your-migration.md        | 2 +-
 windows/deployment/windows-10-poc-mdt.md                   | 2 +-
 windows/deployment/windows-autopilot/existing-devices.md   | 6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/usmt/usmt-common-migration-scenarios.md b/windows/deployment/usmt/usmt-common-migration-scenarios.md
index adbd9fbc55..b23758ae60 100644
--- a/windows/deployment/usmt/usmt-common-migration-scenarios.md
+++ b/windows/deployment/usmt/usmt-common-migration-scenarios.md
@@ -130,7 +130,7 @@ A company receives 50 new laptops for their managers and needs to reallocate 50
 
 A company is allocating 20 new computers to users in the accounting department. The users each have a source computer that contains their files and settings. An administrator uses a management technology such as a logon script or a batch file to run ScanState on each source computer to collect the user states and save them to a server in a compressed migration store.
 
-1.  On each source computer, the administrator runs the ScanState tool using Microsoft Microsoft Endpoint Configuration Manager, Microsoft Deployment Toolkit (MDT), a logon script, a batch file, or a non-Microsoft management technology. ScanState collects the user state from each source computer and then saves it to a server.
+1.  On each source computer, the administrator runs the ScanState tool using Microsoft Endpoint Configuration Manager, Microsoft Deployment Toolkit (MDT), a logon script, a batch file, or a non-Microsoft management technology. ScanState collects the user state from each source computer and then saves it to a server.
 
 2.  On each new computer, the administrator installs the company's SOE, which includes Windows 10 and other company applications.
 
diff --git a/windows/deployment/usmt/usmt-test-your-migration.md b/windows/deployment/usmt/usmt-test-your-migration.md
index 533b7f5286..183f7bc16e 100644
--- a/windows/deployment/usmt/usmt-test-your-migration.md
+++ b/windows/deployment/usmt/usmt-test-your-migration.md
@@ -30,7 +30,7 @@ Running the ScanState and LoadState tools with the **/v**<em>:5</em> option crea
 
  
 
-After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft Endpoint Configuration Manager, or a non-Microsoft management technology. For more information, see [Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=140246).
+After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft Endpoint Configuration Manager, or a non-Microsoft management technology. For more information, see [Manage user state in Configuration Manager](https://docs.microsoft.com/configmgr/osd/get-started/manage-user-state).
 
 **Note**  
 For testing purposes, you can create an uncompressed store using the **/hardlink /nocompress** option. When compression is disabled, the ScanState tool saves the files and settings to a hidden folder named "File" at *StorePath*\\USMT. You can use the uncompressed store to view what USMT has stored or to troubleshoot a problem, or you can run an antivirus utility against the files. Additionally, you can also use the **/listfiles** command-line option and the diagnostic log to list the files that were gathered and to troubleshoot problems with your migration.
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index dc74d56ad8..a9ffbb1c73 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -490,7 +490,7 @@ This section will demonstrate how to export user data from an existing client co
     cscript \\SRV1\MDTProd$\Scripts\Litetouch.vbs
     ```
 
-    **Note**: Litetouch.vbs must be able to create the C:\MININT directory on the local computer.
+    **Note**: For more information on tools for viewing log files and to assist with troubleshooting, see [Configuration Manager Tools](https://docs.microsoft.com/configmgr/core/support/tools).
 
 5. Choose the **Windows 10 Enterprise x64 Custom Image** and then click **Next**.
 
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index daad48abfa..bd7fef2b74 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -29,12 +29,12 @@ This topic describes how to convert Windows 7 or Windows 8.1 domain-joined compu
 
 ## Prerequisites
 
-- Microsoft Endpoint Configuration Manager Current Branch (1806) OR Microsoft Endpoint Configuration Manager Technical Preview (1808)
+- Microsoft Endpoint Configuration Manager 
 - The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
     - For more information on Configuration Manager support, see [Support for Windows 10 ADK](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10#windows-10-adk).
 - Assigned Microsoft Intune Licenses
 - Azure Active Directory Premium
-- Windows 10 version 1809 or later imported into Config Mgr as an Operating System Image
+- Windows 10 version 1809 or later imported into Configuration Manager as an Operating System Image
   - **Important**: See [Known issues](known-issues.md) if you are using Windows 10 1903 with Configuration Manager’s built-in **Windows Autopilot existing device** task sequence template. Currently, one of the steps in this task sequence must be edited to work properly with Windows 10, version 1903.
 
 ## Procedures
@@ -156,7 +156,7 @@ See the following examples.
     - <u>Program Type</u>: **Do not create a program**
 4. Click **Next** twice and then click **Close**.
 
-**NOTE**: If you change user-driven Autopilot profile settings in Intune at a later date, you must also update the JSON file and redistribute the associated Config Mgr package.
+**NOTE**: If you change user-driven Autopilot profile settings in Intune at a later date, you must also update the JSON file and redistribute the associated Configuration Manager package.
 
 ### Create a target collection
 

From ebe3bb5fc9ef96684c6a33769eb6f61272690bba Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 29 Jan 2020 06:26:14 -0800
Subject: [PATCH 188/247] corrected version under prereqs

---
 windows/deployment/windows-autopilot/existing-devices.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index bd7fef2b74..ad9577ade4 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -29,7 +29,7 @@ This topic describes how to convert Windows 7 or Windows 8.1 domain-joined compu
 
 ## Prerequisites
 
-- Microsoft Endpoint Configuration Manager 
+- A currently supported version of Microsoft Endpoint Configuration Manager current branch or technical preview branch. 
 - The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
     - For more information on Configuration Manager support, see [Support for Windows 10 ADK](https://docs.microsoft.com/configmgr/core/plan-design/configs/support-for-windows-10#windows-10-adk).
 - Assigned Microsoft Intune Licenses

From 0c182f50894d47784b89966a4fbd4cf88041c872 Mon Sep 17 00:00:00 2001
From: jaimeo <jaimeo@microsoft.com>
Date: Wed, 29 Jan 2020 10:41:40 -0800
Subject: [PATCH 189/247] retiring all Windows Analytics topics with redirects

---
 .openpublishing.redirection.json              | 112 +++++++++++++++++-
 windows/deployment/TOC.md                     |  27 +----
 .../update/update-compliance-monitor.md       |   4 +-
 3 files changed, 113 insertions(+), 30 deletions(-)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index b8688031d0..b0c5c1a8d2 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -15590,6 +15590,116 @@
 "source_path": "windows/deployment/planning/windows-10-1903-removed-features.md",
 "redirect_url": "https://docs.microsoft.com/windows/deployment/planning/windows-10-removed-features",
 "redirect_document_id": false
-}
+},
+{
+"source_path": "windows/deployment/update/windows-analytics-azure-portal.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/windows-analytics-FAQ-troubleshooting.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/windows-analytics-get-started.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/windows-analytics-overview.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/windows-analytics-privacy.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/device-health-get-started.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/device-health-monitor.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/update/device-health-using.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-additional-insights.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-architecture.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-data-sharing.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-deployment-script.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-deploy-windows.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-get-started.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-identify-apps.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-monitor-deployment.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-requirements.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-resolve-issues.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-target-new-OS.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/upgrade-readiness-upgrade-overview.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md",
+"redirect_url": "https://docs.microsoft.com/configmgr/desktop-analytics/overview",
+"redirect_document_id": false
+},
 ]
 }
diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md
index 2e88d65395..227e2096ed 100644
--- a/windows/deployment/TOC.md
+++ b/windows/deployment/TOC.md
@@ -271,29 +271,4 @@
 ### [Manage device restarts after updates](update/waas-restart.md)
 ### [Manage additional Windows Update settings](update/waas-wu-settings.md)
 ### [Determine the source of Windows updates](update/windows-update-sources.md)
-## Windows Analytics
-### [Windows Analytics overview](update/windows-analytics-overview.md)
-### [Windows Analytics in the Azure Portal](update/windows-analytics-azure-portal.md)
-### [Windows Analytics and privacy](update/windows-analytics-privacy.md)
-### Upgrade Readiness
-#### [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md)
-#### [Upgrade Readiness architecture](upgrade/upgrade-readiness-architecture.md)
-#### [Upgrade Readiness requirements](upgrade/upgrade-readiness-requirements.md)
-#### Get started
-##### [Get started with Upgrade Readiness](upgrade/upgrade-readiness-get-started.md)
-##### [Upgrade Readiness deployment script](upgrade/upgrade-readiness-deployment-script.md)
-#### Use Upgrade Readiness
-##### [Use Upgrade Readiness to manage Windows upgrades](upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md)
-##### [Upgrade overview](upgrade/upgrade-readiness-upgrade-overview.md)
-##### [Step 1: Identify apps](upgrade/upgrade-readiness-identify-apps.md)
-##### [Step 2: Resolve issues](upgrade/upgrade-readiness-resolve-issues.md)
-##### [Step 3: Deploy Windows](upgrade/upgrade-readiness-deploy-windows.md)
-##### [Step 4: Monitor deployment](upgrade/upgrade-readiness-monitor-deployment.md)
-##### [Additional insights](upgrade/upgrade-readiness-additional-insights.md)
-##### [Targeting a new operating system version](upgrade/upgrade-readiness-target-new-OS.md)
-### Device Health
-#### [Device Health overview](update/device-health-monitor.md)
-#### [Get started with Device Health](update/device-health-get-started.md)
-#### [Using Device Health](update/device-health-using.md)
-### [Enrolling devices in Windows Analytics](update/windows-analytics-get-started.md)
-### [Troubleshooting Windows Analytics and FAQ](update/windows-analytics-FAQ-troubleshooting.md)
+
diff --git a/windows/deployment/update/update-compliance-monitor.md b/windows/deployment/update/update-compliance-monitor.md
index 8996c05986..731828c027 100644
--- a/windows/deployment/update/update-compliance-monitor.md
+++ b/windows/deployment/update/update-compliance-monitor.md
@@ -17,13 +17,11 @@ ms.topic: article
 
 # Monitor Windows Updates with Update Compliance
 
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
 
 
 ## Introduction
 
-Update Compliance is a [Windows Analytics solution](windows-analytics-overview.md) that enables organizations to:
+Update Compliance enables organizations to:
 
 * Monitor security, quality, and feature updates for Windows 10 Professional, Education, and Enterprise editions.
 * View a report of device and update issues related to compliance that need attention.

From 41f53cebaa7dc2c4b73f1bc02c9b95a6eb68d241 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:12:56 -0800
Subject: [PATCH 190/247] Added ref to TVM APIs

---
 .../microsoft-defender-atp/tvm-exposure-score.md              | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
index ee48894e3f..ad6de378c5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
@@ -48,3 +48,7 @@ Reduce the exposure score by addressing what needs to be remediated based on the
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)

From 0fcbab892a7dc12d8b7555f20afb6f832559ad08 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:13:29 -0800
Subject: [PATCH 191/247] Update configuration-score.md

---
 .../microsoft-defender-atp/configuration-score.md            | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
index 8be692ccbc..a040722887 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
@@ -74,3 +74,8 @@ See how you can [improve your security configuration](https://docs.microsoft.com
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+

From cc6bb572b7e5effe0292b2f9559b24978b32a552 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:14:17 -0800
Subject: [PATCH 192/247] Added ref to relevant TVM APIs

---
 .../microsoft-defender-atp/tvm-security-recommendation.md     | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
index 047a7888c1..112dd7f664 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
@@ -110,3 +110,7 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md) 
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)

From 1d14cd30523ddd9497eadc750315756d0a4420d1 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:15:21 -0800
Subject: [PATCH 193/247] Added refs to relevant TVM APIs

---
 .../microsoft-defender-atp/tvm-software-inventory.md         | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
index 0eb7c6a988..63d7cc7f56 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
@@ -73,3 +73,8 @@ You can report a false positive when you see any vague, inaccurate version, inco
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+

From 204723c6cc462dafd290ac617da187d2fa70ce5e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:16:12 -0800
Subject: [PATCH 194/247] Added refs to relevant TVM APIs

---
 .../microsoft-defender-atp/tvm-weaknesses.md                  | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
index aa146289f2..84c9dd892e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
@@ -133,3 +133,7 @@ You can report a false positive when you see any vague, inaccurate, missing, or
 - [Software inventory](tvm-software-inventory.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)

From 2317a7b4ea74721216b604cdc903b53bcec71419 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:17:14 -0800
Subject: [PATCH 195/247] Added refs to relevant TVM APIs

---
 .../microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md  | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index 5f9dcadac9..fbe6fcb05e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -212,3 +212,8 @@ After you have identified which software and software versions are vulnerable du
 - [Advanced hunting overview](overview-hunting.md)
 - [All advanced hunting tables](advanced-hunting-reference.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+

From 239f3152affdc7a419057ce9ee1fcfd7fc8f0367 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:18:11 -0800
Subject: [PATCH 196/247] Added refs to relevant TVM APIs

---
 .../microsoft-defender-atp/tvm-remediation.md                 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index a7dbb7c0ea..9d775ff451 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -133,5 +133,9 @@ The exception impact shows on both the Security recommendations page column and
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 
 

From dbc31e3966c375c1b42edb5a00059ed67d5312ab Mon Sep 17 00:00:00 2001
From: jaimeo <jaimeo@microsoft.com>
Date: Wed, 29 Jan 2020 11:19:45 -0800
Subject: [PATCH 197/247] deleting redirected files

---
 .../update/device-health-get-started.md       |  81 -----
 .../update/device-health-monitor.md           |  88 -----
 .../deployment/update/device-health-using.md  | 319 ------------------
 .../windows-analytics-FAQ-troubleshooting.md  | 295 ----------------
 .../update/windows-analytics-azure-portal.md  |  75 ----
 .../update/windows-analytics-get-started.md   | 216 ------------
 .../update/windows-analytics-overview.md      |  54 ---
 .../update/windows-analytics-privacy.md       |  66 ----
 ...windows-upgrades-with-upgrade-readiness.md |  47 ---
 .../upgrade-readiness-additional-insights.md  |  65 ----
 .../upgrade/upgrade-readiness-architecture.md |  39 ---
 .../upgrade/upgrade-readiness-data-sharing.md |  61 ----
 .../upgrade-readiness-deploy-windows.md       | 106 ------
 .../upgrade-readiness-deployment-script.md    | 194 -----------
 .../upgrade/upgrade-readiness-get-started.md  |  82 -----
 .../upgrade-readiness-identify-apps.md        |  45 ---
 .../upgrade-readiness-monitor-deployment.md   |  55 ---
 .../upgrade/upgrade-readiness-requirements.md |  80 -----
 .../upgrade-readiness-resolve-issues.md       | 220 ------------
 .../upgrade-readiness-target-new-OS.md        |  65 ----
 .../upgrade-readiness-upgrade-overview.md     |  77 -----
 ...de-readiness-to-manage-windows-upgrades.md |  66 ----
 22 files changed, 2396 deletions(-)
 delete mode 100644 windows/deployment/update/device-health-get-started.md
 delete mode 100644 windows/deployment/update/device-health-monitor.md
 delete mode 100644 windows/deployment/update/device-health-using.md
 delete mode 100644 windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
 delete mode 100644 windows/deployment/update/windows-analytics-azure-portal.md
 delete mode 100644 windows/deployment/update/windows-analytics-get-started.md
 delete mode 100644 windows/deployment/update/windows-analytics-overview.md
 delete mode 100644 windows/deployment/update/windows-analytics-privacy.md
 delete mode 100644 windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-additional-insights.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-architecture.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-data-sharing.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-deploy-windows.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-deployment-script.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-get-started.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-identify-apps.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-monitor-deployment.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-requirements.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-resolve-issues.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-target-new-OS.md
 delete mode 100644 windows/deployment/upgrade/upgrade-readiness-upgrade-overview.md
 delete mode 100644 windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md

diff --git a/windows/deployment/update/device-health-get-started.md b/windows/deployment/update/device-health-get-started.md
deleted file mode 100644
index e716dce744..0000000000
--- a/windows/deployment/update/device-health-get-started.md
+++ /dev/null
@@ -1,81 +0,0 @@
----
-title: Get started with Device Health
-description: Configure Device Health in Azure Monitor to monitor health (such as crashes and sign-in failures) for your Windows 10 devices.
-keywords: Device Health, oms, operations management suite, prerequisites, requirements, monitoring, crash, drivers, azure
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.reviewer: 
-manager: laurawi
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.localizationpriority: medium
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Get started with Device Health
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This topic explains the steps necessary to configure your environment for Windows Analytics Device Health. 
-
-- [Get started with Device Health](#get-started-with-device-health)
-    - [Add the Device Health solution to your Azure subscription](#add-the-device-health-solution-to-your-azure-subscription)
-    - [Enroll devices in Windows Analytics](#enroll-devices-in-windows-analytics)
-    - [Use Device Health to monitor device crashes, app crashes, sign-in failures, and more](#use-device-health-to-monitor-device-crashes-app-crashes-sign-in-failures-and-more)
-    - [Related topics](#related-topics)
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-## Add the Device Health solution to your Azure subscription
-
-Device Health is offered as a *solution* which you link to a new or existing [Azure Monitor](https://azure.microsoft.com/services/monitor/) *workspace* within your Azure *subscription*. To configure this, follows these steps:
-
-1. Sign in to the [Azure Portal](https://portal.azure.com) with your work or school account or a Microsoft account. If you don't already have an Azure subscription you can create one (including free trial options) through the portal.
-   
-    >[!NOTE]
-    > Device Health is included at no additional cost with Windows 10 [education and enterprise licensing](https://docs.microsoft.com/windows/deployment/update/device-health-monitor#device-health-licensing). An Azure subscription is required for managing and using Device Health, but no Azure charges are expected to accrue to the subscription as a result of using Device Health. 
-
-2. In the Azure portal select **Create a resource**, search for "Device Health", and then select **Create** on the **Device Health** solution.
-    ![Azure portal page highlighting + Create a resource and with Device Health selected](images/CreateSolution-Part1-Marketplace.png)
-
-    ![Azure portal showing Device Health fly-in and Create button highlighted(images/CreateSolution-Part2-Create.png)](images/CreateSolution-Part2-Create.png)
-3. Choose an existing workspace or create a new workspace to host the Device Health solution. 
-    ![Azure portal showing Azure Monitor workspace fly-in](images/CreateSolution-Part3-Workspace.png)
-    - If you are using other Windows Analytics solutions (Upgrade Readiness or Update Compliance) you should add Device Health to the same workspace.
-    - If you are creating a new workspace, and your organization does not have policies governing naming conventions and structure, consider the following workspace settings to get started:
-        - Choose a workspace name which reflects the scope of planned usage in your organization, for example *PC-Analytics*.
-        - For the resource group setting select **Create new** and use the same name you chose for your new workspace.
-        - For the location setting, choose the Azure region where you would prefer the data to be stored.
-        - For the pricing tier select **per GB**.
-4. Now that you have selected a workspace, you can go back to the Device Health blade and select **Create**.
-    ![Azure portal showing workspace selected and with Create button highlighted](images/CreateSolution-Part4-WorkspaceSelected.png)
-5. Watch for a Notification (in the Azure portal) that "Deployment 'Microsoft.DeviceHealth' to resource group 'YourResourceGroupName' was successful." and then select **Go to resource** This might take several minutes to appear.
-       ![Azure portal all services page with Azure Monitor found and selected as favorite](images/CreateSolution-Part5-GoToResource.png)
-    - Suggestion: Choose the **Pin to Dashboard** option to make it easy to navigate to your newly added Device Health solution.
-    - Suggestion: If a "resource unavailable" error occurs when navigating to the solution, try again after one hour.
-
-## Enroll devices in Windows Analytics
-
-Once you've added Device Health to a workspace in your Azure subscription, you can start enrolling the devices in your organization. For Device Health there are two key steps for enrollment:
-1. Deploy your CommercialID (from Device Health Settings page) to your Windows 10 devices (typically using Group Policy or similar)
-2. Ensure the Windows Diagnostic Data setting on devices is set to Enhanced or Full (typically using Group Policy or similar). Note that the [Limit Enhanced](https://docs.microsoft.com/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields) policy can substantially reduce the amount of diagnostic data shared with Microsoft while still allowing Device Health to function.
-For full enrollment instructions and troubleshooting, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
-
-After enrolling your devices (by deploying your CommercialID and Windows Diagnostic Data settings), it may take 48-72 hours for the first data to appear in the solution. Until then, the Device Health tile will show "Performing Assessment."
-
-## Use Device Health to monitor device crashes, app crashes, sign-in failures, and more
-
-Once your devices are enrolled and data is flowing, you can move on to [Using Device Health](device-health-using.md).
-
->[!NOTE]
->You can remove the Device Health solution from your workspace if you no longer want to monitor your organization’s devices. Windows diagnostic data will continue to be shared with Microsoft as normal as per the diagnostic data sharing settings on the devices.
-
-## Related topics
-
-[Use Device Health to monitor frequency and causes of device crashes](device-health-using.md)<BR>
-For the latest information on Windows Analytics, including new features and usage tips, see the [Windows Analytics blog](https://blogs.technet.microsoft.com/upgradeanalytics)
diff --git a/windows/deployment/update/device-health-monitor.md b/windows/deployment/update/device-health-monitor.md
deleted file mode 100644
index 7274c2a591..0000000000
--- a/windows/deployment/update/device-health-monitor.md
+++ /dev/null
@@ -1,88 +0,0 @@
----
-title: Monitor the health of devices with Device Health
-ms.reviewer: 
-manager: laurawi
-description: You can use Device Health in Azure Portal to monitor the frequency and causes of crashes and misbehaving apps on devices in your network.
-keywords: oms, operations management suite, wdav, health, log analytics
-ms.prod: w10
-ms.mktglfcycl: deploy
-
-ms.localizationpriority: medium
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Monitor the health of devices with Device Health
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-## Introduction
-
-Device Health is the newest Windows Analytics solution that complements the existing Upgrade Readiness and Update Compliance solutions by providing IT with reports on some common problems the end users might experience so they can be proactively remediated, thus saving support calls and improving end-user productivity.
-
-Like Upgrade Readiness and Update Compliance, Device Health is a solution built in Azure Portal, a cloud-based monitoring and automation service that has a flexible servicing subscription based on data usage and retention. This release is free for customers to try and will not incur charges on your Azure Portal workspace for its use. For more information about Azure Portal, see [Windows Analytics in the Azure Portal](windows-analytics-azure-portal.md) .
-
-Device Health uses Windows diagnostic data that is part of all Windows 10 devices. If you have already employed Upgrade Readiness or Update Compliance solutions, all you need to do is select Device Health from the Azure Portal solution gallery and add it to your Azure Portal workspace. Device Health requires enhanced diagnostic data, so you might need to implement this policy if you've not already done so.
-
-
-Device Health provides the following:
-
-- Identification of devices that crash frequently, and therefore might need to be rebuilt or replaced
-- Identification of device drivers that are causing device crashes, with suggestions of alternative versions of those drivers that might reduce the number of crashes
-- Notification of Windows Information Protection misconfigurations that send prompts to end users
-- No need for new complex customized infrastructure, thanks to cloud-connected access using Windows 10 diagnostic data
-
-See the following topics in this guide for detailed information about configuring and using the Device Health solution:
-
-- [Get started with Device Health](device-health-get-started.md): How to add Device Health to your environment.
-- [Using Device Health](device-health-using.md): How to begin using Device Health.
-
-An overview of the processes used by the Device Health solution is provided below.
-
-## Device Health licensing
-
-Use of Windows Analytics Device Health requires one of the following licenses:
-
-- Windows 10 Enterprise or Windows 10 Education per-device with active Software Assurance
-- Windows 10 Enterprise E3 or E5 per-device or per-user subscription (including Microsoft 365 F1, E3, or E5)
-- Windows 10 Education A3 or A5 (including Microsoft 365 Education A3 or A5)
-- Windows VDA E3 or E5 per-device or per-user subscription
-
-
-You don't have to install Windows 10 Enterprise on a per-device basis--you just need enough of the above licenses for the number of devices using Device Health.
-
-
-## Device Health architecture
-
-The Device Health architecture and data flow is summarized by the following five-step process:
-
-
-
-**(1)** User computers send diagnostic data to a secure Microsoft data center using the Microsoft Data Management Service.<BR>
-**(2)** Diagnostic data is analyzed by the Microsoft Telemetry Service.<BR>
-**(3)** Diagnostic data is pushed from the Microsoft Telemetry Service to your Azure Portal workspace.<BR>
-**(4)** Diagnostic data is available in the Device Health solution.<BR>
-**(5)** You are now able to proactively monitor Device Health issues in your environment.<BR>
-
-These steps are illustrated in following diagram:
-
- [![](images/analytics-architecture.png)](images/analytics-architecture.png)
-
->[!NOTE]
->This process assumes that Windows diagnostic data is enabled and data sharing is enabled as described in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
-
-
-
- 
-## Related topics
-
-[Get started with Device Health](device-health-get-started.md)
-
-[Use Device Health to monitor frequency and causes of device crashes](device-health-using.md)
-
-For the latest information on Windows Analytics, including new features and usage tips, see the [Windows Analytics blog](https://blogs.technet.microsoft.com/upgradeanalytics)
diff --git a/windows/deployment/update/device-health-using.md b/windows/deployment/update/device-health-using.md
deleted file mode 100644
index 2bdfae2338..0000000000
--- a/windows/deployment/update/device-health-using.md
+++ /dev/null
@@ -1,319 +0,0 @@
----
-title: Using Device Health
-ms.reviewer: 
-manager: laurawi
-description: Explains how to begin using Device Health.
-ms.prod: w10
-ms.mktglfcycl: deploy
-keywords: oms, operations management suite, wdav, health, log analytics
-
-ms.pagetype: deploy
-author: jaimeo
-ms.author: jaimeo
-ms.localizationpriority: medium
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Using Device Health
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This section describes how to use Device Health to monitor devices deployed on your network and troubleshoot the causes if they crash.
-
-
-Device Health provides IT Pros with reports on some common problems that users might experience so that they can be proactively remediated. This decreases support calls and improves productivity.
-
-Device Health provides the following benefits:
-
-- Identification of devices that crash frequently and therefore might need to be rebuilt or replaced
-- Identification of device drivers that are causing device crashes, with suggestions of alternative versions of those drivers that might reduce the number of crashes
-- Notification of Windows Information Protection misconfigurations that send prompts to end users
-
-
->[!NOTE]
->Information is refreshed daily so that health status can be monitored. Changes will be displayed about 24-48 hours after their occurrence, so you always have a recent snapshot of your devices.
-
-In Azure Portal, the aspects of a solution's dashboard are usually divided into <I>blades</I>. Blades are a slice of information, typically with a summarization tile and an enumeration of the items that makes up that data. All data is presented through <I>queries</I>. <I>Perspectives</I> are also possible, wherein a given query has a unique view designed to display custom data. The terminology of blades, tiles, and perspectives will be used in the sections that follow. 
-
-
-## Device Reliability
-
-- [Frequently crashing devices](#frequently-crashing-devices)
-- [Driver-induced OS crashes](#driver-induced-crashes)
-
-
-
-### Frequently Crashing Devices
-
-This middle blade in Device Reliability displays the devices that have crashed the most often in the last week. This can help you identify unhealthy devices that might need to be rebuilt or replaced.
-
-See the following example: 
-
-
-![The blade in the middle summarizes devices that crash most often](images/dev-health-main-tile-sterile.png)
-
-Clicking the header of the Frequently Crashing Devices blade opens a reliability perspective view, where you can filter data (by using filters in the left pane), see trends, and compare to commercial averages:
-
-![Reliability perspective](images/device-reliability2-sterile.png)
-
-"Commercial averages" here refers to data collected from deployments with a mix of operating system versions and device models that is similar to yours. If your crash rate is higher, there are opportunities for improvement, for example by moving to newer driver versions.
-
-Notice the filters in the left pane; they allow you to filter the crash rate shown to a particular operating system version, device model, or other parameter. 
-
->[!NOTE]
->Use caution when interpreting results filtered by model or operating system version. This is very useful for troubleshooting, but might not be accurate for *comparisons* because the crashes displayed could be of different types. The overall goal for working with crash data is to ensure that most devices have the same driver versions and that the version has a low crash rate.
-
->[!TIP]
->Once you've applied a filter (for example setting OSVERSION=1607) you will see the query in the text box change to append the filter (for example, with “(OSVERSION=1607)”). To undo the filter, remove that part of the query in the text box and click the search button to the right of the text box to run the adjusted query.”
-
-
-If you click through a particular device from the view blade or from the Device Reliability perspective, it will take you to the Crash History perspective for that device.
-
-![Device detail and history](images/device-crash-history2-sterile.png)
-
-This displays device records sorted by date and crash details by failure ID, also sorted by date. In this view are a number of useful items:
-
-- Crash history records by date, aggregated  by Failure ID. The Failure ID is an internal number that is used to group crashes that are related to each other. Eventually over time, you can use the Failure ID to provide additional info. If a crash was caused by driver, some driver fields will also be populated.
-
-- StopCode: this is hex value that would be displayed on a bluescreen if you were looking directly at the affected device.
-
-- Count: the number times that particular Failure ID has occurred on that specific device *on that date*.
-
-
- 
- 
-### Driver-induced crashes
-
-This blade (on the right) displays drivers that have caused the most devices to crash in the last two weeks. If your crash rate is high, you can reduce the overall operating system crashes in your deployment by upgrading those drivers with a high crash rate.
-
-
-![The blade on the right summarizes devices that crash most often](images/dev-health-main-tile-sterile.png)
-
-Clicking a listed driver on the Driver-Induced OS Crashes blade opens a driver perspective view, which shows the details for the responsible driver, trends and commercial averages for that driver, and alternative versions of the driver.
-
-![Driver detail and history](images/driver-detail-1-sterile.png)
-![Driver detail and history scrolldown](images/driver-detail-2-sterile.png)
-
-The driver version table can help you determine whether deploying a newer version of the driver might help you reduce the crash rate. In the example shown above, the most commonly installed driver version (19.15.1.5) has a crash rate of about one-half of one percent--this is low, so this driver is probably fine. However, driver version 19.40.0.3 has a crash rate of almost 20%. If that driver had been widely deployed, updating it would substantially reduce the overall number of crashes in your organization.
-
-
-## App Reliability
-
-The App Reliability report shows you useful data on app usage and behavior so that you can identify apps that are misbehaving and then take steps to resolve the problem.
-
-### App reliability events
-
-The default view includes the **Devices with events** count, which shows the number of devices in your organization that have logged a reliability event for a given app over the last 14 days. A "reliability event" occurs when an app either exits unexpectedly or stops responding. The table also includes a **Devices with Usage** count. This enables you to see how widely used the app was over the same period to put the Devices with Events count into perspective.
-
-![Main App Reliability view](images/app-reliability-main.png)
-
-When you click a particular app, the detailed **App reliability** view opens. The first element in the view is the App Information summary:
-
-![App reliability view with columns for app name, publisher, devices with usage, devices with events, percentage of devices with events logged for that app, and percentage of devices with events as a "commercial average"](images/app-reliability-app-detail.png)
-
-This table contains:
-
-- App name
-- Publisher
-- Devices with usage: the number of unique devices that logged any usage of the app
-- Devices with events: the number of unique devices that logged any reliability event for the app
-- % with events: the ratio of "devices with events" to "devices with usage"
-- % with events (commercial average): the ratio of "devices with events" to "devices with usage" in data collected from deployments with a mix of operating system versions and device models that is similar to yours. This can help you decide if a given app is having problems specifically in your environment or more generally in many environments.
-
-#### Trend section
-Following the App Information summary is the trend section:
-
-![Trend view](images/app-reliability-trend-view.png)
-
-With these trend graphs you can more easily detect if an issue is growing, shrinking, or steady. The trend graph on the left shows the number of devices that logged any reliability event for the app. The trend graph on the right shows the ratio of "devices with events" to "devices with usage."
-
-Each graph displays two lines:
-
-- Trailing window: in this line, each day’s value reflects reliability events that occurred in the 14 days leading up to that day. This is useful for gauging the long-term trend with reduced volatility due to weekends and small populations.
-- Single day: Each day’s value reflects reliability events that occurred in a single day. This is useful if an issue is quickly emerging (or being resolved).
-
-#### App and OS versions table
-The next element in the view is the App and OS versions table:
-
-
-![App/OS version view](images/app-reliability-app-OS-version.png)
-
-This table breaks out the metrics by combinations of App and OS version. This enables you to identify patterns in that might indicate devices needing an update or configuration change.
-
-For example, if the table shows that a later version of an app is more reliable than an earlier version in your environment, then prioritizing deployment of the later version is likely the best path forward. If you are already running the latest version of the app, but reliability events are increasing, then you might need to do some troubleshooting, or seek support from Microsoft or the app vendor.
-
-By default the table is limited to the most-used version combinations in your environment. To see all version combinations click anywhere in the table.
-
-
-#### Reliability event history table
-
-The next element in the view is the reliability event history table:
-
-![event history view](images/app-reliability-event-history.png)
-
-This table shows the most detailed information. Although Device Health is not a debugging tool, the details available in this table can help with troubleshooting by providing the specific devices, versions, and dates of the reliability events.
-
-This view also includes the **Diagnostic Signature** column. This value can be helpful when you are working with product support or troubleshooting on your own. The value (also known as Failure ID or Failure Name) is the same identifier used to summarize crash statistics for Microsoft and partner developers.
-
-The Diagnostic Signature value contains the type of reliability event, error code, DLL name, and function name involved. You can use this information to narrow the scope of troubleshooting. For example, a value like *APPLICATION_HANG_ThreadHang_Contoso-Add-In.dll!GetRegistryValue()* implies that the app stopped responding when Contoso-Add-In was trying to read a registry value. In this case you might prioritize updating or disabling the add-in, or using Process Monitor to identify the registry value it was trying to read, which could lead to a resolution through antivirus exclusions, fixing missing keys, or similar remedies.
-
-
-By default the table is limited to a few recent rows. To see all rows click anywhere in the table.
-
-
-### FAQs and limitations
-
-#### Why does a particular app not appear in the views?
-When we allow reliability events from all processes, the list of apps fills with noisy processes which don't feel like meaningful end-user apps (for example, taskhost.exe or odd-test-thing.exe). In order to draw focus to the apps which matter most to users, App Reliability uses a series of filters to limit what appears in the list. The filter criteria include the following:
-
-- Filter out background processes which have no detected user interaction.
-- Filter out operating system processes which, despite having user interaction, do not feel like apps (for example, Logonui.exe, Winlogon.exe). **Known limitation:** Some processes which may feel like apps are not currently detected as such (and are therefore filtered out as OS processes). These include Explorer.exe, Iexplore.exe, Microsoftedge.exe, and several others.
-- Remove apps which are not widely used in your environment. **Known limitation:** This might result in an app that you consider important being filtered out when that app is not among the 30 most widely used in your environment.
-
-
-We welcome your suggestions and feedback on this filtering process at the [Device Health Tech Community](https://aka.ms/community/DeviceHealth).
-
-#### Why are there multiple names and entries for the same app?
-For example, you might see *Skype for Business*, *‘skype for business’*, and *Lync* listed separately, but you only use *Skype for Business*. Or you might see *MyApp Pro* and *MyApp Professional* listed separately, even though they feel like the same thing.
-
-Apps have many elements of metadata which describe them. These include an Add/Remove programs title (“Contoso Suite 12”), executable file names (“ContosoCRM.exe”), executable display name (“Contoso CRM”), and others. App publishers (and in some cases app re-packagers) set these values. For the most part we leave the data as set by the publisher which can lead to some report splitting. In certain cases we apply transformations to reduce splitting, for example we (by design) convert many values to lower case so that incoming data such as "Contoso CRM" and "CONTOSO CRM" become the same app name for reporting. 
- 
-
-
-#### Clicking an app in the App Reliability Events blade sometimes results a List view of records instead of the App Reliability view
-To work around this, click the **App Reliability** tab above the results to see the expected view.
- 
-![Click app reliability tab](images/app-reliability-tab.png)
-
-
-#### Clicking "See all…" from the App Reliability Events blade followed by clicking an app from the expanded list results in raw records instead of the App Reliability view
-To work around this, replace all of the text in the Log Search query box with the following:
-
-*DHAppReliability | where AppFileDisplayName == "\<Name of app as it appeared in the list>"*
-
-For example:
-
-*DHAppReliability | where AppFileDisplayName == "Microsoft Outlook"*
-
-#### Why does the computer name show up as Unknown?
-Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics.](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started) Allowing device names to be collected can make it easier for you to identify individual devices that report problems. Without the device name, Windows Analytics can only label devices by a GUID that it generates.
-
-## Login Health
-
-Login Health provides reports on Windows login attempts in your environment, including metrics on the login methods being used (such as Windows Hello, face recognition, fingerprint recognition, PIN, or password), the rates and patterns of login success and failure, and the specific reasons logins have failed.
-
-The Login Health blades appear in the Device Health dashboard:
-
-
-![Main Login health view](images/login-health.png)
-
-### Login Errors
-The **Login errors** blade displays data on the frequency and type of errors, with statistics on specific errors. They are generally categorized into user-generated (caused by bad input) or non-user-generated (might need IT intervention) errors. Click any individual error to see all instances of the error's occurrence for the specified time period.
-
-### Login Metrics by Type
-The **Login metrics by type** blade shows the success rate for your devices, as well as the success rate for other environments with a mix of operating system versions and device models similar to yours (the **Commercial average success rate**).
-
-In the table (by type) you can gauge how broadly each login type is attempted, the number of devices that prefer the type (most used), and the success rate. If migration from passwords to an alternative such as Hello: PIN is going well, you would see high usage and high success rates for the new type.
-
-Click any of the login types to see detailed login health data for that type:
-
-![Login type detail](images/login-health-detail.png)
-
-This view shows trends over time of usage, preferred credentials, and success rate along with the most frequent errors and frequently failing devices for that login type.
-
-Click a specific login error in this view to see a list of all instances for that error and login type within the specified time range:
-
-![Login error detail](images/login-health-detail-failure.png)
-
-Included in this view are device attributes and error attributes such as the following:
-
-- LogonStatus/LogonSubStatus: Status code for the login attempt
-- SignInFailureReason: Known failure reasons evaluated from status or sub-status
-- SuggestedSignInRemediation: Suggested remediation that was presented to the user at the time of error
-
-The filters in the left pane allow you to filter errors to a particular operating system, device model, or other parameters. Alternatively, clicking the most frequently failing models from the Login Health perspective will take you to a list of error instances filtered to the login type and specified device model within the specified time range.
-
->[!NOTE]
-> Windows Hello: Face authentication errors are not currently included in the login health reports.
-
-
-
-
-## Windows Information Protection
-
-
-Windows Information Protection (WIP) helps protect work data from accidental sharing. Users might be disrupted if WIP rules are not aligned with real work behavior. WIP App Learning shows which apps on which computers are attempting to cross policy boundaries.
-
-For details about deploying WIP policies, see [Protect your enterprise data using Windows Information Protection (WIP)](https://docs.microsoft.com/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip).
-
-Once you have WIP policies in place, by using the WIP section of Device Health, you can:
-
-- Reduce disruptive prompts by adding rules to allow data sharing from approved apps.
-- Tune WIP rules, for example by confirming that certain apps are allowed or disallowed by current policy.
-
-
-![Main Windows Information Protection view](images/WIPNEWMAIN-sterile.png)
-
-
-Clicking through the **APP LEARNING** tile shows details of app statistics that you can use to explore each incident and update app policies by using AppLocker or WIP AppIDs.
-
-![WIP details view](images/WIPNEW1-chart-selected-sterile.png)
-
-In this chart view, you can click a particular app listing, which will open additional details on the app in question, including details you need to adjust your Windows Information Protection Policy:
-
-![WIP details view for a specific app](images/WIPappID-sterile.png)
-
-Here you can copy the WipAppid and use that for adjusting the WIP policy.
-
-## Data model and built-in extensibility
-
-All of the views and blades display slices of the most useful data by using pre-formed queries. You have access to the full set of data collected by Device Health, which means you can construct your own queries to expose any data that is of interest to you. For documentation on working with log searches, see [Find data using log searches](https://docs.microsoft.com/azure/log-analytics/log-analytics-log-searches). This topic section provides information about the data types being populated specifically by Device Health.
-
-### Example queries
-
-You can run these queries from the Azure Portal **Log Search** interface (available at several points in the Device Health interface) by just typing them in. There are few details to be aware of:
-
-- After running a query, make sure to set the date range (which appears upper left after running initial query) to "7 days" to ensure you get data back.
-- If you see the search tutorial dialog appearing frequently, it's likely because you are have read-only access to the Azure Portal workspace. Ask a workspace administrator to grant you "contributor" permissions (which is required for the "completed tutorial" state to persist).
-- If you use the search filters in the left pane, you might notice there is no control to undo a filter selection. To undo a selection, delete the (FilterName="FilterValue") element that is appended to the search query and then click the search button again. For example, after you run a base query of *Type = DHOSReliability KernelModeCrashCount > 0*, a number of filter options appear on the left. If you then filter on **Manufacturer** (for example, by setting *Manufacturer="Microsoft Corporation"* and then clicking **Apply**), the query will change to *Type = DHOSReliability KernelModeCrashCount > 0 (Manufacturer="Microsoft Corporation")*. Delete *(Manufacturer="Microsoft Corporation")* and then click the **search** button again to re-run the query without that filter.
-
-### Device reliability query examples
-
-|                                                                                                                              Data                                                                                                                              |                                                                                                                                                   Query                                                                                                                                                    |
-|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|                                                                                                                         Total devices                                                                                                                          |                                                                                                                    Type = DHOSReliability \| measure countdistinct(ComputerID) by Type                                                                                                                     |
-|                                                                                                  Number of devices that have crashed in the last three weeks                                                                                                   |                                                                                                        Type = DHOSReliability KernelModeCrashCount > 0 \| measure countdistinct(ComputerID) by Type                                                                                                        |
-| Compare the percentage of your devices that have not crashed with the percentage of similar devices outside your organization ("similar" here means other commercial devices with the same mix of device models, operating system versions and update levels). |                                        Type=DHOSReliability \| measure avg(map(KernelModeCrashCount, 1, 10000, 0, 1)) as MyOrgPercentCrashFreeDevices, avg(KernelModeCrashFreePercentForIndustry) as CommercialAvgPercentCrashFreeDevices by Type \| Display Table                                         |
-|                                                                                                          As above, but sorted by device manufacturer                                                                                                           | Type=DHOSReliability \| measure avg(map(KernelModeCrashCount, 1, 10000, 0, 1)) as MyOrgPercentCrashFreeDevices, avg(KernelModeCrashFreePercentForIndustry) as CommercialAvgPercentCrashFreeDevices, countdistinct(ComputerID) as NumberDevices by Manufacturer \| sort NumberDevices desc \| Display Table |
-|                                                                                                                 As above, but sorted by model                                                                                                                  |  Type=DHOSReliability \| measure avg(map(KernelModeCrashCount, 1, 10000, 0, 1)) as MyOrgPercentCrashFreeDevices, avg(KernelModeCrashFreePercentForIndustry) as CommercialAvgPercentCrashFreeDevices, countdistinct(ComputerID) as NumberDevices by ModelFamily\| sort NumberDevices desc \| Display Table  |
-|                                                                                                        As above, but sorted by operating system version                                                                                                        |  Type=DHOSReliability \| measure avg(map(KernelModeCrashCount, 1, 10000, 0, 1)) as MyOrgPercentCrashFreeDevices, avg(KernelModeCrashFreePercentForIndustry) as CommercialAvgPercentCrashFreeDevices, countdistinct(ComputerID) as NumberDevices by OSVersion \| sort NumberDevices desc \| Display Table   |
-|                                           Crash rate trending in my organization compared to the commercial average. Each interval shows percentage of devices that crashed at least once in the trailing two weeks                                            |                                  Type=DHOSReliability \| measure avg(map(KernelModeCrashCount, 1, 10000, 0, 1)) as MyOrgPercentCrashFreeDevices, avg(KernelModeCrashFreePercentForIndustry) as CommercialAvgPercentCrashFreeDevices by TimeGenerated \| Display LineChart                                  |
-|                                                                                               Table of devices that have crashed the most in the last two weeks                                                                                                |                                                            Type = DHOSReliability KernelModeCrashCount > 0 \| Dedup ComputerID \| select Computer, KernelModeCrashCount \| sort TimeGenerated desc, KernelModeCrashCount desc \| Display Table                                                             |
-|                                                                                                           Detailed crash records, most recent first                                                                                                            |                                                                                                               Type = DHOSCrashData \| sort TimeGenerated desc, Computer asc \| display Table                                                                                                               |
-|                                                                                                         Number of devices that crashed due to drivers                                                                                                          |                                                                                                   Type = DHDriverReliability DriverKernelModeCrashCount > 0 \| measure countdistinct(ComputerID) by Type                                                                                                   |
-|                                                                                                  Table of drivers that have caused the most devices to crash                                                                                                   |                                                                                       Type = DHDriverReliability DriverKernelModeCrashCount > 0 \| measure countdistinct(ComputerID) by DriverName \| Display Table                                                                                        |
-|                                                                                                           Trend of devices crashed by driver by day                                                                                                            |                                                                                            \* Type=DHOSCrashData DriverName!="ntkrnlmp.exe" DriverName IN {Type=DHOSCrashData \| measure count() by DriverName                                                                                             |
-|                      Crashes for different versions of a given driver (replace netwtw04.sys with the driver you want from the previous list). This lets you get an idea of which *versions* of a given driver work best with your devices                      |                       Type = DHDriverReliability DriverName="netwtw04.sys" \| Dedup ComputerID \| sort TimeGenerated desc \| measure countdistinct(ComputerID) as InstallCount, sum(map(DriverKernelModeCrashCount,1,10000, 1)) as DevicesCrashed by DriverVersion \| Display Table                        |
-|                                                                                                                    Top crashes by FailureID                                                                                                                    |                                                                                                            Type =DHOSCrashData \| measure count() by KernelModeCrashFailureId \| Display Table                                                                                                             |
-
-### Windows Information Protection (WIP) App Learning query examples
-
-|                                                                Data                                                                |                                         Query                                          |
-|------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------|
-| Apps encountering policy boundaries on the most computers (click on an app in the results to see details including computer names) | Type=DHWipAppLearning \| measure countdistinct(ComputerID) as ComputerCount by AppName |
-|            Trend of App Learning activity for a given app. Useful for tracking activity before and after a rule change             |                   Type=DHWipAppLearning AppName="MICROSOFT.SKYPEAPP"                   |
-
-### Exporting data and configuring alerts
-
-Azure Portal enables you to export data to other tools. To do this, in any view that shows **Log Search** just click the **Export** button. Similarly, clicking the **Alert** button will enable you to run a query automatically on a schedule and receive email alerts for particular query results that you set. If you have a PowerBI account, then you will also see a **PowerBI** button that enables you to run a query on a schedule and have the results automatically saved as a PowerBI data set.
-
-
-
-
-## Related topics
-
-[Get started with Device Health](device-health-get-started.md)<BR>
-
-For the latest information on Windows Analytics, including new features and usage tips, see the [Windows Analytics blog](https://blogs.technet.microsoft.com/upgradeanalytics)
diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
deleted file mode 100644
index 5898646433..0000000000
--- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
+++ /dev/null
@@ -1,295 +0,0 @@
----
-title: Frequently asked questions and troubleshooting Windows Analytics
-ms.reviewer: 
-manager: laurawi
-description: Frequently asked questions about Windows Analytics and steps to take when things go wrong
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, updates, upgrades, log analytics, health, FAQ, problems, troubleshooting, error
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.audience: itpro
-author: jaimeo
-ms.localizationpriority: medium
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Frequently asked questions and troubleshooting Windows Analytics
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
->[!IMPORTANT]
->**The OMS portal has been deprecated; you should start using the [Azure portal](https://portal.azure.com) instead as soon as possible.** Many experiences are the same in the two portals, but there are some key differences. See [Windows Analytics in the Azure Portal](windows-analytics-azure-portal.md) for steps to use Windows Analytics in the Azure portal. For much more information about the transition from OMS to Azure, see [OMS portal moving to Azure](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-portal-transition).
-
-This topic compiles the most common issues encountered with configuring and using Windows Analytics, as well as general questions. This FAQ, along with the [Windows Analytics Technical Community](https://techcommunity.microsoft.com/t5/Windows-Analytics/ct-p/WindowsAnalytics), are recommended resources to consult before contacting Microsoft support.
-
-## Troubleshooting common problems
-
-If you've followed the steps in the [Enrolling devices in Windows Analytics](windows-analytics-get-started.md) topic and are still encountering problems, you might find the solution here.
-
-[Devices not appearing in Upgrade Readiness](#devices-not-appearing-in-upgrade-readiness)
-
-[Devices not appearing in Device Health Device Reliability](#devices-not-appearing-in-device-health-device-reliability)
-
-[Device crashes not appearing in Device Health Device Reliability](#device-crashes-not-appearing-in-device-health-device-reliability)
-
-[Apps not appearing in Device Health App Reliability](#apps-not-appearing-in-device-health-app-reliability)
-
-[Upgrade Readiness shows many "Computers with outdated KB"](#upgrade-readiness-shows-many-computers-with-outdated-kb)
-
-[Upgrade Readiness shows many "Computers with incomplete data"](#upgrade-readiness-shows-many-computers-with-incomplete-data)
-
-[Upgrade Readiness doesn't show app inventory data on some devices](#upgrade-readiness-doesnt-show-app-inventory-data-on-some-devices)
-
-[Upgrade Readiness doesn't show IE site discovery data from some devices](#upgrade-readiness-doesnt-show-ie-site-discovery-data-from-some-devices)
-
-[Device names not appearing for Windows 10 devices](#device-names-not-appearing-for-windows-10-devices)
-
-[Custom log queries using the AbnormalShutdownCount field of Device Health show zero or lower than expected results](#custom-log-queries-using-the-abnormalshutdowncount-field-of-device-health-show-zero-or-lower-than-expected-results)
-
-[Disable Upgrade Readiness](#disable-upgrade-readiness)
-
-[Exporting large data sets](#exporting-large-data-sets)
-
-
-### Devices not appearing in Upgrade Readiness
-
-In Log Analytics workspace, go to **Solutions** and verify that you are subscribed to the Windows Analytics solutions you intend to use.
-
-Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices within a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/You-can-now-check-on-the-status-of-your-computers-within-hours/ba-p/187213) on the Tech Community Blog.
-
->[!NOTE]
-> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id, See [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started).
-
-If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues:
-
-1. Download and extract the [Upgrade Readiness Deployment Script](https://www.microsoft.com/download/details.aspx?id=53327). Ensure that the **Pilot/Diagnostics** folder is included.
-2. Edit the script as described in [Upgrade Readiness deployment script](../upgrade/upgrade-readiness-deployment-script.md).
-3. Check that `isVerboseLogging` is set to `$true`.
-4. Run the script again. Log files will be saved to the directory specified in the script.
-5. Check the output of the script in the command window and/or log **UA_dateTime_machineName.txt** to ensure that all steps were completed successfully.
-6. If you are still seeing errors you can't diagnose, then consider open a support case with Microsoft Support through your regular channel and provide this information.
-
-If you want to check a large number of devices, you should run the latest script at scale from your management tool of choice (for example, System Center Configuration Manager) and check the results centrally.
-
-If you think the issue might be related to a network proxy, check "Enable data sharing" section of the [Enrolling devices in Windows Analytics](windows-analytics-get-started.md) topic. Also see [Understanding connectivity scenarios and the deployment script](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) on the Windows Analytics blog.
-
-If you have deployed images that have not been generalized, then many of them might have the same ID and so Windows Analytics will see them as one device. If you suspect this is the issue, then you can reset the IDs on the non-generalized devices by performing these steps:
-1. Net stop diagtrack
-2. Reg delete hklm\software\microsoft\sqmclient /v MachineId /f
-3. Net start diagtrack
-
-#### Devices not appearing in Device Health Device Reliability
-
-[![Device Reliability tile showing device count highlighted](images/device-reliability-device-count.png)](images/device-reliability-device-count.png)
-
-If you have devices that appear in other solutions, but not Device Health (the Device Health overview tile shows "Performing Assessment" or the device count is lower than expected), follow these steps to investigate the issue:
-1. Using the Azure portal, remove the Device Health (appears as DeviceHealthProd on some pages) solution from your Log Analytics workspace. After completing this, add the Device Health solution to you workspace again.
-2. Confirm that the devices are running Windows 10.
-3. Verify that the Commercial ID is present in the device's registry. For details see [https://gpsearch.azurewebsites.net/#13551](https://gpsearch.azurewebsites.net/#13551).
-4. Confirm that devices are opted in to send diagnostic data by checking in the registry that **AllowTelemetry** is set to either 2 (Enhanced) or 3 (Full). 
-    - **AllowTelemetry** under **HKLM\Software\Policies\Microsoft\Windows\DataCollection** is the IT policy path.
-    - **AllowTelemetry** under **HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection** is the user preference (Settings app) path. 
-    - IMPORTANT: By convention (and in earlier versions of Windows 10) the IT policy would take precedence over any user preference. Starting with Windows 10, version 1803, the user can lower the device's effective value even when an IT policy is set. This change assists organizations in complying with regional or organizational expectations about user control over privacy settings. For organizations where user control of privacy settings is not required, the previous behavior (IT policy path always wins) can be enabled using the new policy **Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in setting user interface**.
-5. Verify that devices can reach the endpoints specified in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). Also check settings for SSL inspection and proxy authentication; see [Configuring endpoint access with SSL inspection](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started#configuring-endpoint-access-with-ssl-inspection) for more information.
-6. Wait 48 hours for activity to appear in the reports.
-7. If you need additional troubleshooting, contact Microsoft Support.
-
-
-### Device crashes not appearing in Device Health Device Reliability
-
-[![Device Reliability tile showing crash count highlighted](images/device-reliability-crash-count.png)](images/device-reliability-crash-count.png)
-
-If you know that devices are experiencing stop error crashes that do not seem to be reflected in the count of devices with crashes, follow these steps to investigate the issue:
-
-1. Verify that devices are reporting data properly by following the steps in the [Devices not appearing in Device Health Device Reliability](#devices-not-appearing-in-device-health-device-reliability) section of this topic.
-2. Trigger a known crash on a test device by using a tool such as [NotMyFault](https://docs.microsoft.com/sysinternals/downloads/notmyfault) from Windows Sysinternals.
-3. Verify that Windows Error Reporting (WER) is not disabled or redirected by confirming the registry settings in **HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting** (or **HKLM\Software\Policies\Microsoft\Windows\DataCollection**, which will take precedence if set):
-
-    - Verify that the value "Disabled" (REG_DWORD), if set, is 0.
-    - Verify that the value "DontSendAdditionalData" (REG_DWORD), if set, is 0.
-    - Verify that the value "CorporateWERServer" (REG_SZ) is not configured.
-
-4. Verify that WER can reach all diagnostic endpoints specified in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md)--if WER can only reach some of the endpoints, it could be included in the device count while not reporting crashes.
-5. Check that crash reports successfully complete the round trip with Event 1001 and that BucketID is not blank. A typical such event looks like this:
-
-   [![Event viewer detail showing Event 1001 details](images/event_1001.png)](images/event_1001.png)
-
-   You can use the following Windows PowerShell snippet to summarize recent occurrences of Event 1001. Most events should have a value for BucketID (a few intermittent blank values are OK, however).
-
-   ```powershell
-   $limitToMostRecentNEvents = 20
-   Get-WinEvent -FilterHashTable @{ProviderName="Windows Error Reporting"; ID=1001} | 
-     ?{ $_.Properties[2].Value -match "crash|blue" } |
-     % { [pscustomobject]@{ 
-       TimeCreated=$_.TimeCreated
-       WEREvent=$_.Properties[2].Value
-       BucketId=$_.Properties[0].Value
-       ContextHint = $(
-          if($_.Properties[2].Value -eq "bluescreen"){"kernel"}
-          else{ $_.Properties[5].Value }
-       )
-     }} | Select-Object -First $limitToMostRecentNEvents
-   ```
-   The output should look something like this:
-   [![Typical output for this snippet](images/device-reliability-event1001-PSoutput.png)](images/device-reliability-event1001-PSoutput.png)
-
-6. Check that some other installed device, app, or crash monitoring solution is not intercepting crash events.
-7. Wait 48 hours for activity to appear in the reports.
-8. If you need additional troubleshooting, contact Microsoft Support.
-
-#### Endpoint connectivity
-
-Devices must be able to reach the endpoints specified in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
-
-If you are using proxy server authentication, it's worth taking extra care to check the configuration. Prior to Windows 10, version 1703, WER only uploads error reports in the machine context, so whitelisting endpoints to allow non-authenticated access was typically used. In Windows 10, version 1703 and later versions, WER will attempt to use the context of the user that is logged on for proxy authentication such that only the user account requires proxy access.
-
-
-For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md#configuring-endpoint-access-with-proxy-server-authentication).
-
-### Apps not appearing in Device Health App Reliability
-
-[![App Reliability tile showing reliability events trend](images/app-reliability.png)](images/app-reliability.png)
-
-If apps that you know are crashing do not appear in App Reliability, follow these steps to investigate the issue:
-
-1. Double-check the steps in the [Devices not appearing in Device Health Device Reliability](#devices-not-appearing-in-device-health-device-reliability) and [Device crashes not appearing in Device Health Device Reliability](#device-crashes-not-appearing-in-device-health-device-reliability) sections of this topic.
-2. Confirm that an in-scope application has crashed on an enrolled device. Keep the following points in mind:
-    - Not all user-mode crashes are included in App Reliability, which tracks only apps that have a GUI, have been used interactively by a user, and are not part of the operating system.
-    - Enrolling more devices helps to ensure that there are enough naturally occurring app crashes.
-    - You can also use test apps which are designed to crash on demand.
-
-3. Verify that *per-user* Windows Error Reporting (WER) is not disabled or redirected by confirming the registry settings in **HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting** (or **HKCU\Software\Policies\Microsoft\Windows\DataCollection**, which will take precedence if set):
-
-    - Verify that the value "Disabled" (REG_DWORD), if set, is 0.
-    - Verify that the value "DontSendAdditionalData" (REG_DWORD), if set, is 0.
-    - Verify that the value "CorporateWERServer" (REG_SZ) is not configured.
-4. Check that some other installed device, app, or crash monitoring solution is not intercepting crash events.
-5. Wait 48 hours for activity to appear in the reports.
-6. If you need additional troubleshooting, contact Microsoft Support.
-
-
-### Upgrade Readiness shows many "Computers with outdated KB"
-If you see a large number of devices reported as shown in this screenshot of the Upgrade Readiness tile:
-
-[![Upgrade Readiness tile showing Computers with outdated KB datum in red box](images/outdated_outdated.png)](images/outdated_outdated.png)
-
-On Windows 7 SP1 and Windows 8.1 devices, you must deploy the compatibility update as described in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
-
-Note that the compatibility update retains the same KB number when a new version is released, so even if the update is installed on your devices, *they might not be running the latest version*. The compatibility update is now a critical update, so you can check that the latest version is installed from your management tool.
-
-
-### Upgrade Readiness shows many "Computers with incomplete data"
-If you see a large number of devices reported as shown in this screenshot of the Upgrade Readiness tile:
-
-[![Upgrade Readiness tile showing Computers with incomplete data datum in red box](images/outdated_incomplete.png)](images/outdated_incomplete.png)
-
-Download the latest deployment script and run it on an affected device to check for issues. See the [Upgrade Readiness deployment script](../upgrade/upgrade-readiness-deployment-script.md) topic for information about obtaining and running the script, and for a description of the error codes that can be displayed. Remember to wait up to 48-72 hours to see the results.
-See ["Understanding connectivity scenarios and the deployment script"](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) on the Windows Analytics blog for a summary of setting the ClientProxy for the script, which will enable the script properly check for diagnostic data endpoint connectivity.
-
-
-If this becomes a recurring issue, schedule a full inventory scan monthly, as per the device enrollment guidelines for deployment at scale.
-
-
-
-### Upgrade Readiness doesn't show app inventory data on some devices
-Upgrade Readiness only collects app inventory on devices that are not yet upgraded to the target operating system version specified in the Upgrade Readiness Overview blade. This is because Upgrade Readiness targets upgrade planning (for devices not yet upgraded).
-
-
-### Upgrade Readiness doesn't show IE site discovery data from some devices
-Double-check that IE site discovery opt-in has been configured in the deployment script. (See the [Upgrade Readiness deployment script](../upgrade/upgrade-readiness-deployment-script.md) topic for information about obtaining and running the script, and for a description of the error codes that can be displayed. See ["Understanding connectivity scenarios and the deployment script"](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) on the Windows Analytics blog for a summary of setting the ClientProxy for the script, which will enable the script properly check for diagnostic data endpoint connectivity.)
-
-Also, on Windows 10 devices remember that IE site discovery requires data diagnostics set to the Enhanced level.
-
-There are two additional configurations to check:
-1. Make sure Flip Ahead with Page Prediction is enabled. It can be configured at Internet Options -> Advanced -> Browsing -> Enable flip ahead with page prediction.
-2. Make sure IE is not running in InPrivate mode. 
-
-Finally, Upgrade Readiness only collects IE site discovery data on devices that are not yet upgraded to the target operating system version specified in the Upgrade Readiness Overview blade. This is because Upgrade Readiness targets upgrade planning (for devices not yet upgraded).
-
->[!NOTE]
-> IE site discovery is disabled on devices running Windows 7 and Windows 8.1 that are in Switzerland and EU countries.
-
-### Device names not appearing for Windows 10 devices
-Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). Allowing device names to be collected can make it easier for you to identify individual devices that report problems. Without the device name, Windows Analytics can only label devices by a GUID that it generates.
-
-### Custom log queries using the AbnormalShutdownCount field of Device Health show zero or lower than expected results
-This issue affects custom queries of the Device Health data by using the **Logs > Search page** or API. It does not impact any of the built-in tiles or reports of the Device Health solution. The **AbnormalShutdownCount** field of the **DHOSReliability** data table represents abnormal shutdowns other than crashes, such as sudden power loss or holding down the power button.
-
-We have identified an incompatibility between AbnormalShutdownCount and the Limited Enhanced diagnostic data level on Windows 10, versions 1709, 1803, and 1809. Such devices do not send the abnormal shutdown signal to Microsoft. You should not rely on AbnormalShutdownCount in your custom queries unless you use any one of the following workarounds:
-
-
-- Upgrade devices to Windows 10, version 1903 when available. Participants in the Windows Insider program can preview this change using Windows Insider builds.
-- Change the diagnostic data setting from devices running Windows 10, versions 1709, 1803, and 1809 normal Enhanced level instead of Limited Enhanced.
-- Use alternative data from devices to track abnormal shutdowns. For example, you can forward abnormal shutdown events from the Windows Event Log to your Log Analytics workspace by using the Log Analytics agent. Suggested events to forward include:
-    - Log: System, ID: 41, Source: Kernel-Power
-    - Log System, ID: 6008, Source: EventLog
-
-
-
-### Disable Upgrade Readiness
-
-If you want to stop using Upgrade Readiness and stop sending diagnostic data to Microsoft, follow these steps:
-
-1. Delete the Upgrade Readiness solution in Log Analytics workspace. In Log Analytics workspace. select **Solutions** > **Compatibility Assessment** > **Delete**.
-
-2. Disable the Commercial Data Opt-in Key on computers running Windows 7 SP1 or 8.1. On computers running Windows 10, set the diagnostic data level to **Security**:
-
-   **Windows 7 and Windows 8.1**: Delete CommercialDataOptIn registry property from *HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection*
-
-   **Windows 10**: Follow the instructions in [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization).
-
-3. If you enabled **Internet Explorer Site Discovery**, you can disable Internet Explorer data collection by setting the *IEDataOptIn* registry key to value "0".  The IEDataOptIn key can be found under: *HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection*.
-4. **Optional step:** You can also remove the “CommercialId” key from: "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection". 
-
-### Exporting large data sets
-
-Azure Log Analytics is optimized for advanced analytics of large data sets and can efficiently generate summaries and analytics for them. The query language is not optimized (or intended) for returning large raw data sets and has built-in limits to protect against overuse. There are times when it might be necessary to get more data than this, but that should be done sparingly since this is not the intended way to use Azure Log Analytics. The following code snippet shows how to retrieve data from UAApp one “page” at a time:
-
-```
-let snapshot = toscalar(UAApp | summarize max(TimeGenerated));
-let pageSize = 100000;
-let pageNumber = 0;
-
-UAApp
-| where TimeGenerated == snapshot and IsRollup==true and RollupLevel=="Granular" and Importance == "Low install count"
-| order by AppName, AppVendor, AppVersion desc
-| serialize
-| where row_number(0) >= (pageSize * pageNumber)
-| take pageSize
-```
-
-
-
-## Other common questions
-
-### What are the requirements and costs for Windows Analytics solutions?
-
-| Windows Analytics solution| Windows license requirements | Windows version requirements | Minimum diagnostic data requirements |
-|----------------------|-----------------------------------|------------------------------|------------------------------|
-| Upgrade Readiness | No additional requirements  |  Windows 7 with Service Pack 1, Windows 8.1, Windows 10 | Basic level in most cases; Enhanced level to support Windows 10 app usage data and IE site discovery |
-|  Update Compliance | No additional requirements | Windows 10 | Basic level |
-| Device Health  |  **Any** of the following licenses: <br>- Windows 10 Enterprise or Windows 10 Education per-device with active Software Assurance<br>- Windows 10 Enterprise E3 or E5 per-device or per-user subscription (including Microsoft 365 F1, E3, or E5)<br>- Windows 10 Education A3 or A5 (including Microsoft 365 Education A3 or A5)<br>- Windows VDA E3 or E5 per-device or per-user subscription<br>- Windows Server 2016 or later    | Windows 10 | - For Windows 10 version 1709 or later: Enhanced (Limited)<br>- For earlier versions: Enhanced
-
->[!NOTE]
-> Regarding licensing requirements for Device Health, you do not need per-seat licensing, but only enough licenses to cover your total device usage. For example, if you have 100 E3 licenses, you can monitor 100 devices with Device Health.
-
-Beyond the cost of Windows operating system licenses, there is no additional cost for using Windows Analytics. Within Azure Log Analytics, Windows Analytics is "zero-rated;" this means it is excluded from data limits and costs regardless of the Azure Log Analytics pricing tier you have chosen. To be more specific, Azure Log Analytics is available in different pricing tiers as described in [Pricing - Log Analytics](https://azure.microsoft.com/pricing/details/log-analytics/).
-- If you are using the free tier, which has a cap on the amount of data collected per day, the Windows Analytics data will not count towards this cap. You will be able to collect all the Windows Analytics data from your devices and still have the full cap available for collecting additional data from other sources.
-- If you are using a paid tier that charges per GB of data collected, the Windows Analytics data will not be charged. You will be able to collect all the Windows Analytics data from your devices and not incur any costs.
-
-Note that different Azure Log Analytics plans have different data retention periods, and the Windows Analytics solutions inherit the workspace's data retention policy. So, for example, if your workspace is on the free plan then Windows Analytics will retain the last week's worth of "daily snapshots" that are collected in the workspace.
-
-
-### Why do SCCM and Upgrade Readiness show different counts of devices that are ready to upgrade?
-System Center Configuration Manager (SCCM) considers a device ready to upgrade if *no installed app* has an upgrade decision of “not ready” (that is, they are all "ready" or "in progress"), while Upgrade Readiness considers a device ready to upgrade only if *all* installed apps are marked “ready”.
-
-Currently, you can choose the criteria you wish to use:
-- To use the SCCM criteria, create the collection of devices ready to upgrade within the SCCM console (using the analytics connector).
-- To use the Upgrade Readiness criteria, export the list of ready-to-upgrade devices from the corresponding Upgrade Readiness report, and then build the SCCM collection from that spreadsheet.
-
-### How does Upgrade Readiness collect the inventory of devices and applications?
-For details about this process and some tips, see [How does Upgrade Readiness in WA collects application inventory for your OMS workspace?](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/How-does-Upgrade-Readiness-in-WA-collects-application-inventory/ba-p/213586) on the Windows Analytics blog.
diff --git a/windows/deployment/update/windows-analytics-azure-portal.md b/windows/deployment/update/windows-analytics-azure-portal.md
deleted file mode 100644
index 5b1310a627..0000000000
--- a/windows/deployment/update/windows-analytics-azure-portal.md
+++ /dev/null
@@ -1,75 +0,0 @@
----
-title: Windows Analytics in the Azure Portal
-ms.reviewer: 
-manager: laurawi
-description: Use the Azure Portal to add and configure Windows Analytics solutions 
-keywords: Device Health, oms, Azure, portal, operations management suite, add, manage, configure, Upgrade Readiness, Update Compliance
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.audience: itpro
-author: jaimeo
-ms.localizationpriority: medium
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Windows Analytics in the Azure Portal
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-Windows Analytics uses Azure Log Analytics workspaces (formerly known as Operations Management Suite or OMS), a collection of cloud-based services for monitoring and automating your on-premises and cloud environments.
-
-**The OMS portal has been deprecated; you should start using the [Azure portal](https://portal.azure.com) instead as soon as possible.** Many experiences are the same in the two portals, but there are some key differences, which this topic will explain. For much more information about the transition from OMS to Azure, see [OMS portal moving to Azure](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-portal-transition).
-
-## Navigation and permissions in the Azure portal
-
-Go to the [Azure portal](https://portal.azure.com), select **All services**, and search for *Log Analytics workspaces*. Once it appears, you can select the star to add it to your favorites for easy access in the future.
-
-[![Azure portal all services page with Log Analytics found and selected as favorite](images/azure-portal-LAfav1.png)](images/azure-portal-LAfav1.png)
-
-### Permissions
-
-It's important to understand the difference between Azure Active Directory and an Azure subscription:
-
-**Azure Active Directory** is the directory that Azure uses. Azure Active Directory (Azure AD) is a separate service which sits by itself and is used by all of Azure and also Office 365.
- 
-An **Azure subscription** is a container for billing, but also acts as a security boundary. Every Azure subscription has a trust relationship with at least one Azure AD instance. This means that a subscription trusts that directory to authenticate users, services, and devices.
-
-
->[!IMPORTANT]
->Unlike the OMS portal (which only requires permission to access the Azure Log Analytics workspace), the Azure portal also requires access to be configured to either the linked *Azure subscription* or Azure resource group.
-
-To check the Log Analytics workspaces you can access, select **Log Analytics workspaces**. You should see a grid control listing all workspaces, along with the Azure subscription each is linked to:
-
-[![Log Analytics workspace page showing accessible workspaces and linked Azure subscriptions](images/azure-portal-LAmain-wkspc-subname-sterile.png)](images/azure-portal-LAmain-wkspc-subname-sterile.png)
-
-If you do not see your workspace in this view, but you are able to access the workspace from the classic portal, that means you do not have access to the workspace's Azure subscription or resource group. To remedy this, you will need to find someone with admin rights to grant you access, which they can do by selecting the subscription name and selecting **Access control (IAM)** (alternatively they can configure your access at the resource group level). They should either grant you "Log Analytics Reader" access (for read-only access) or "Log Analytics Contributor" access (which enables making changes such as creating deployment plans and changing application readiness states).
-
-When permissions are configured, you can select the workspace and then select **Workspace summary** to see information similar to what was shown in the OMS overview page.
-
-[![Log Analytics workspace page showing workspace summary](images/azure-portal-LA-wkspcsumm_sterile.png)](images/azure-portal-LA-wkspcsumm_sterile.png)
-
-## Adding Windows Analytics solutions
-
-In the Azure portal, the simplest way to add Windows Analytics solutions (Upgrade Readiness, Update Compliance, and Device Health) is to select **+ Create a resource** and then type the solution name in the search box. In this example, the search is for "Device Health":
-
-[![Add WA solutions with "create a resource"](images/azure-portal-create-resource-boxes.png)](images/azure-portal-create-resource-boxes.png)
-
-Select the solution from the list that is returned by the search, and then select **Create** to add the solution.
-
-## Navigating to Windows Analytics solutions settings
-
-To adjust settings for a Windows Analytics solution, first navigate to the **Solutions** tab for your workspace, and then select the solution to configure. In this example, Upgrade Readiness is being adjusted by selecting **CompatibilityAssessment**:
-
-[![Select WA solution to adjust settings](images/temp-azure-portal-soltn-setting.png)](images/temp-azure-portal-soltn-setting.png)
-
-From there, select the settings page to adjust specific settings:
-
-[![Settings page for Upgrade Readiness in Azure portal](images/azure-portal-UR-settings.png)](images/azure-portal-UR-settings.png)
-
->[!NOTE]
->To access these settings, both the subscription and workspace require "contributor" permissions. You can view your current role and make changes in other roles by using the **Access control (IAM)** tab in Azure.
diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md
deleted file mode 100644
index 18a4d35cd9..0000000000
--- a/windows/deployment/update/windows-analytics-get-started.md
+++ /dev/null
@@ -1,216 +0,0 @@
----
-title: Enrolling devices in Windows Analytics (Windows 10)
-ms.reviewer: 
-manager: laurawi
-description: Enroll devices to enable use of Update Compliance, Upgrade Readiness, and Device Health in Windows Analytics.
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, updates, upgrades, log analytics, health, azure portal
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: deploy
-author: jaimeo
-ms.author: jaimeo
-ms.localizationpriority: medium
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Enrolling devices in Windows Analytics
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-If you have not already done so, consult the topics for any of the three Windows Analytics solutions (Update Compliance, Upgrade Readiness, and Device Health) you intend to use and follow the steps there to add the solutions to Azure Portal.
-
-- [Get started with Device Health](device-health-get-started.md)
-- [Get started with Update Compliance](update-compliance-get-started.md)
-- [Get started with Upgrade Readiness](../upgrade/upgrade-readiness-get-started.md)
-
-If you've already done that, you're ready to enroll your devices in Windows Analytics by following these steps:
-
-
-
-## Copy your Commercial ID key
-
-Microsoft uses a unique commercial ID to map information from user computers to your Azure workspace. This should be generated for you automatically. Copy your commercial ID key from any of the Windows Analytics solutions you have added to your Windows Portal, and then deploy it to user computers.
-
-To find your commercial ID, first navigate to the **Solutions** tab for your workspace, and then select the solution. In this example, Upgrade Readiness is being adjusted by selecting **CompatibilityAssessment**:
-
-[![Select WA solution to adjust settings](images/temp-azure-portal-soltn-setting.png)](images/temp-azure-portal-soltn-setting.png)
-
-From there, select the settings page, where you can find and copy your commercial ID:
-
-[![Settings page for Upgrade Readiness in Azure portal](images/azure-portal-UR-settings.png)](images/azure-portal-UR-settings.png)
-
-
-
-
->**Important**<br> Regenerate a Commercial ID key only if your original ID key can no longer be used. Regenerating a commercial ID key resets the data in your workspace for all solutions that use the ID. Additionally, you’ll need to deploy the new commercial ID key to user computers again.
-
-
-## Enable data sharing
-
-To enable data sharing, configure your proxy server to whitelist the following endpoints. You might need to get approval from your security group to do this.
-
-| **Endpoint**  | **Function**  |
-|---------------------------------------------------------|-----------|
-|`https://ceuswatcab01.blob.core.windows.net` | Windows Error Reporting (WER); required for Device Health reports in Windows 10, version 1809 or later. Not used by Upgrade Readiness or Update Compliance AV reports. |
-| `https://ceuswatcab02.blob.core.windows.net` | Windows Error Reporting (WER); required for Device Health reports in Windows 10, version 1809 or later. Not used by Upgrade Readiness or Update Compliance AV reports.  |
-| `https://eaus2watcab01.blob.core.windows.net` | Windows Error Reporting (WER); required for Device Health reports in Windows 10, version 1809 or later. Not used by Upgrade Readiness or Update Compliance AV reports.  |
-| `https://eaus2watcab02.blob.core.windows.net` | Windows Error Reporting (WER); required for Device Health reports in Windows 10, version 1809 or later. Not used by Upgrade Readiness or Update Compliance AV reports.  |
-| `https://weus2watcab01.blob.core.windows.net` | Windows Error Reporting (WER); required for Device Health reports in Windows 10, version 1809 or later. Not used by Upgrade Readiness or Update Compliance AV reports. |
-| `https://weus2watcab02.blob.core.windows.net` | Windows Error Reporting (WER); required for Device Health reports in Windows 10, version 1809 or later. Not used by Upgrade Readiness or Update Compliance AV reports.  |
-| `https://v10c.events.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for use with devices running Windows 10, version 1803 or later **that also have the 2018-09 Cumulative Update (KB4458469, KB4457136, KB4457141) or later installed**  |
-| `https://v10.events.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for use with Windows 10, version 1803 *without* the 2018-09 Cumulative Update installed |
-| `https://v10.vortex-win.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for Windows 10, version 1709 or earlier |
-| `https://vortex-win.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for operating systems older than Windows 10 |
-| `https://settings-win.data.microsoft.com` | Enables the compatibility update to send data to Microsoft. |
-| `http://adl.windows.com` | Allows the compatibility update to receive the latest compatibility data from Microsoft. |
-| `https://watson.telemetry.microsoft.com` | Windows Error Reporting (WER); required for Device Health reports. Not used by Upgrade Readiness or Update Compliance AV reports. |
-| `https://oca.telemetry.microsoft.com`  | Online Crash Analysis; required for Device Health reports. Not used by Upgrade Readiness or Update Compliance AV reports. |
-| `https://login.live.com` | This endpoint is required by Device Health to ensure data integrity and provides a more reliable device identity for all of the Windows Analytics solutions on Windows 10. If you want to disable end-user managed service account (MSA) access, you should apply the appropriate [policy](https://docs.microsoft.com/windows/security/identity-protection/access-control/microsoft-accounts#block-all-consumer-microsoft-account-user-authentication) instead of blocking this endpoint. |
-
-
-
->[!NOTE]
->Proxy authentication and SSL inspections are frequent challenges for enterprises. See the following sections for configuration options.
-
-> [!IMPORTANT]
-> For privacy and data integrity, Windows checks for a Microsoft SSL certificate when communicating with the diagnostic data endpoints. SSL interception and inspection aren't possible. To use Desktop Analytics, exclude these endpoints from SSL inspection.<!-- BUG 4647542 --> 
-
->[!NOTE]
->Microsoft has a strong commitment to providing the tools and resources that put you in control of your privacy. As a result, Microsoft doesn't collect the following data from devices located in European countries (EEA and Switzerland):
->- Windows diagnostic data from Windows 8.1 devices
->- App usage data and [Internet Explorer site discovery](../upgrade/upgrade-readiness-additional-insights.md#site-discovery) features for Windows 7 devices
-
-
-
-### Configuring endpoint access with SSL inspection
-To ensure privacy and data integrity Windows checks for a Microsoft SSL certificate when communicating with the diagnostic data endpoints. Accordingly SSL interception and inspection is not possible. To use Windows Analytics services you should exclude the above endpoints from SSL inspection.
-
-### Configuring endpoint access with proxy server authentication
-If your organization uses proxy server authentication for outbound traffic, use one or more of the following approaches to ensure that the diagnostic data is not blocked by proxy authentication:
-
-- **Best option: Bypass** Configure your proxy servers to **not** require proxy authentication for  traffic to the diagnostic data endpoints. This is the most comprehensive solution and it works for all versions of Windows 10.
-- **User proxy authentication:** Alternatively, you can configure devices to use the logged on user's context for proxy authentication. First, update the devices to Windows 10, version 1703 or later. Then, ensure that users of the devices have proxy permission to reach the diagnostic data endpoints. This requires that the devices have console users with proxy permissions, so you couldn't use this method with headless devices.
-- **Device proxy authentication:** Another option--the most complex--is as follows: First, configure a system level proxy server on the devices. Then, configure these devices to use machine-account-based outbound proxy authentication. Finally, configure proxy servers to allow the machine accounts access to the diagnostic data endpoints.
-
-## Deploy the compatibility update and related updates
-
-The compatibility update scans your devices and enables application usage tracking. If you don’t already have these updates installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as System Center Configuration Manager.
-
-| **Operating System** | **Updates** |
-|----------------------|-----------------------------------------------------------------------------|
-| Windows 10        | Windows 10 includes the compatibility update, so you will automatically have the latest compatibility update so long as you continue to keep your Windows 10 devices up to date with cumulative updates.  |
-| Windows 8.1          | The compatibility update is included in monthly quality updates for Windows 8.1. We recommend installing the latest [Windows Monthly Rollup](https://www.catalog.update.microsoft.com/Search.aspx?q=security%20monthly%20quality%20rollup%20for%20windows%208) before attempting to enroll devices into Windows Analytics. |
-| Windows 7 SP1        | The compatibility update is included in monthly quality updates for Windows 7. We recommend installing the latest [Windows Monthly Rollup](https://www.catalog.update.microsoft.com/Search.aspx?q=security%20monthly%20quality%20rollup%20for%20windows%207) before attempting to enroll devices into Windows Analytics. |
-
-### Connected User Experiences and Telemetry service
-
-With Windows diagnostic data enabled, the Connected User Experience and Telemetry service (DiagTrack) collects system, application, and driver data. Microsoft analyzes this data, and shares it back to you through Windows Analytics. For the best experience, install these updates depending upon the operating system version.
-
-- For Windows 10, install the latest Windows 10 cumulative update.
-- For Windows 8.1, install the October 2018 monthly rollup, [KB4462926](https://support.microsoft.com/help/4462926)
-- For Windows 7, install the October 2018 monthly rollup, [KB4462923](https://support.microsoft.com/help/4462923)
-
-
-
->[!IMPORTANT]
->Restart devices after you install the compatibility updates for the first time.
-
->[!NOTE]
->We recommend you configure your update management tool to automatically install the latest version of these updates. There is a related optional update, [KB 3150513](https://catalog.update.microsoft.com/v7/site/Search.aspx?q=3150513), which can provide updated configuration and definitions for older compatibiltiy updates. For more information about this optional update, see <https://support.microsoft.com/kb/3150513>.
-
-
-
-If you are planning to enable IE Site Discovery in Upgrade Readiness, you will need to install a few additional updates.
-
-| **Site discovery** | **Update** |
-|----------------------|-----------------------------------------------------------------------------|
-| [Review site discovery](../upgrade/upgrade-readiness-additional-insights.md#site-discovery)         | [KB3080149](https://www.catalog.update.microsoft.com/Search.aspx?q=3080149)<br>Updates the Diagnostic and Telemetry tracking service to existing devices. This update is only necessary on Windows 7 and Windows 8.1 devices. <br>For more information about this update, see <https://support.microsoft.com/kb/3080149><br><br>Install the latest [Windows Monthly Rollup](https://catalog.update.microsoft.com/v7/site/Search.aspx?q=security%20monthly%20quality%20rollup). This functionality has been included in Internet Explorer 11 starting with the July 2016 Cumulative Update.  |
-
->[!NOTE]
-> IE site discovery is disabled on devices running Windows 7 and Windows 8.1 that are in Switzerland and EU countries.
-
-## Set diagnostic data levels
-
-You can set the diagnostic data level used by monitored devices either with the [Upgrade Readiness deployment script](../upgrade/upgrade-readiness-deployment-script.md) or by policy (by using Group Policy or Mobile Device Management).
-
-The basic functionality of Upgrade Readiness will work at the Basic diagnostic data level, you won't get usage or health data for your updated devices without enabling the Enhanced level. This means you won't get information about health regressions on updated devices. So it is best to enable the Enhanced diagnostic data level, at least on devices running Windows 10, version 1709 (or later) where the Enhanced diagnostic data setting can be paired with "limited enhanced" data level (see [Windows 10 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields)). For more information, see [Windows Analytics and privacy](https://docs.microsoft.com/windows/deployment/update/windows-analytics-privacy).
-
-## Enroll a few pilot devices
-
-You can use the Upgrade Readiness deployment script to automate and verify your deployment. We always recommend manually running this script on a few representative devices to verify things are properly configured and the device can connect to the diagnostic data endpoints. Make sure to run the pilot version of the script, which will provide extra diagnostics.
-
-See the [Upgrade Readiness deployment script](../upgrade/upgrade-readiness-deployment-script.md) topic for information about obtaining and running the script, and for a description of the error codes that can be displayed. See ["Understanding connectivity scenarios and the deployment script"](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) on the Windows Analytics blog for a summary of setting the ClientProxy for the script, which will enable the script properly check for diagnostic data endpoint connectivity.
-
-After data is sent from devices to Microsoft, it generally takes 48-56 hours for the data to populate in Windows Analytics. The compatibility update takes several minutes to run. If the update does not get a chance to finish running or if the computers are inaccessible (turned off or sleeping for example), data will take longer to populate in Windows Analytics. For this reason, you can expect most of your devices to be populated in Windows Analytics within 1-2 days after deploying the update and configuration to user computers. As described in the Windows Analytics blog post ["You can now check on the status of your computers within hours of running the deployment script"](https://blogs.technet.microsoft.com/upgradeanalytics/2017/05/12/wheres-my-data/), you can verify that devices have successfully connected to the service within a few hours. Most of those devices should start to show up in the Windows Analytics console within a few days.
-
-## Deploy additional optional settings
-
-Certain Windows Analytics features have additional settings you can use.
-
-- **Update Compliance** is only compatible with Windows 10 desktop devices (workstations and laptops). To use the Windows Defender Antivirus Assessment, devices must be protected by Windows Defender AV (and not a partner antivirus application), and must have enabled cloud-delivered protection, as described in [Utilize Microsoft cloud-delivered protection in Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). See the [Troubleshoot Windows Defender Antivirus reporting in Update Compliance](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting) topic for help with ensuring that the configuration is correct.
-
-- For devices running Windows 10, version 1607 or earlier, Windows diagnostic data must also be set to Enhanced (see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization#enhanced-level)) in order to be compatible with Windows Defender Antivirus. See the [Windows Defender Antivirus in Windows 10 and Windows Server 2016](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) for more information about enabling, configuring, and validating Windows Defender AV.
-
-- **Device Health** is only compatible with Windows 10 desktop devices (workstations and laptops). The solution requires that at least the Enhanced level of diagnostic data is enabled on all devices that are intended to be displayed in the solution. In Windows 10, version 1709, a new policy was added to "limit enhanced telemetry to the minimum required by Windows Analytics". To learn more about Windows diagnostic data, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization).
-
-- **IE site discovery** is an optional feature of Upgrade Readiness that provides an inventory of websites that are accessed by client devices using Internet Explorer on Windows 7, Windows 8.1, and Windows 10. To enable IE site discovery, make sure the required updates are installed (per previous section) and enable IE site discovery in the deployment script batch file.
-
-## Deploying Windows Analytics at scale
-
-When you have completed a pilot deployment, you are ready to automate data collection and distribute the deployment script to the remaining devices in your organization.
-
-### Automate data collection
-
-To ensure that user computers are receiving the most up-to-date data from Microsoft, we recommend that you establish the following data sharing and analysis processes:
-
-- Enable automatic updates for the compatibility update and related updates. These updates include the latest application and driver issue information as we discover it during testing.
-- Schedule the Upgrade Readiness deployment script to automatically run monthly. Scheduling the script ensures that full inventory is sent monthly even if devices were not connected or had low battery power at the time the system normally sends inventory. Make sure to run the production version of the script, which is lighter weight and non-interactive. The script also has a number of built-in error checks, so you can monitor the results. If you can't run the deployment script at scale, another option is to configure things centrally via Group Policy or Mobile Device Management (MDM). Although we recommend using the deployment script, both options are discussed in the sections below.
-
-When you run the deployment script, it initiates a full scan. The daily scheduled task to capture the changes is created when the update package is installed. For Windows 10 devices, this task is already included in the operating system. A full scan averages about 2 MB, but the scans for changes are very small. The scheduled task is named "Windows Compatibility Appraiser" and can be found in the Task Scheduler Library under Microsoft > Windows > Application Experience. Changes are invoked via the nightly scheduled task. It attempts to run around 3:00AM every day. If the system is powered off at that time, the task will run when the system is turned on.
-
-### Distribute the deployment script at scale
-
-Use a software distribution system such as System Center Configuration Manager to distribute the Upgrade Readiness deployment script at scale. For more information, see [Upgrade Readiness deployment script](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-deployment-script). For information on how to deploy PowerShell scripts by using Windows Intune, see [Manage PowerShell scripts in Intune for Windows 10 devices](https://docs.microsoft.com/intune/intune-management-extension).
-
-### Distributing policies at scale
-
-There are a number of policies that can be centrally managed to control Windows Analytics device configuration. All of these policies have *preference* registry key equivalents that can be set by using the deployment script. Policy settings override preference settings if both are set.
->[!NOTE]
->You can only set the diagnostic data level to Enhanced by using policy. For example, this is necessary to use Device Health.
-
-These policies are defined by values under **Microsoft\Windows\DataCollection**. All are REG_DWORD policies (except CommercialId which is REG_SZ).
-
->[!IMPORTANT]
->Configuring these keys independently without using the enrollment script is not recommended. There is additional validation that occurs when you use the enrollment script.
-
-| Policy   | Value  | 
-|-----------------------|------------------|
-| CommercialId | In order for your devices to show up in Windows Analytics, they must be configured with your organization’s Commercial ID. | 
-| AllowTelemetry  |	**In Windows 10**: 1 (Basic), 2 (Enhanced) or 3 (Full) diagnostic data. Windows Analytics will work with basic diagnostic data, but more features are available when you use the Enhanced level (for example, Device Health requires Enhanced diagnostic data and Upgrade Readiness only collects app usage and site discovery data on Windows 10 devices with Enhanced diagnostic data). For more information, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization). | 
-| LimitEnhancedDiagnosticDataWindowsAnalytics | **In Windows 10**: Only applies when AllowTelemetry=2. Limits the Enhanced diagnostic data events sent to Microsoft to just those needed by Windows Analytics. For more information, see [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields).| 
-| AllowDeviceNameInTelemetry | **In Windows 10, version 1803**: A separate opt-in is required to enable devices to continue to send the device name.  Allowing device names to be collected can make it easier for you to identify individual devices that report problems. Without the device name, Windows Analytics can only label devices by a GUID that it generates. | 
-| CommercialDataOptIn  | **In Windows 7 and Windows 8**: 1 is required for Upgrade Readiness, which is the only solution that runs on Windows 7 or Windows 8. | 
-
-You can set these values by using Group Policy (in Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds) or by using Mobile Device Management (in Provider/*Provider ID*/CommercialID). (If you are using Microsoft Intune, use `MS DM Server` as the provider ID.) For more information about deployment using MDM, see the [DMClient CSP](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp) topic in MDM documentation.
-
-The corresponding preference registry values are available in **HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection** and can be configured by the deployment script. If a given setting is configured by both preference registry settings and policy, the policy values will override. However, the **IEDataOptIn** setting is different--you can only set this with the preference registry keys:
-
-- IEOptInLevel = 0 Internet Explorer data collection is disabled
-- IEOptInLevel = 1 Data collection is enabled for sites in the Local intranet + Trusted sites + Machine local zones
-- IEOptInLevel = 2 Data collection is enabled for sites in the Internet + Restricted sites zones
-- IEOptInLevel = 3 Data collection is enabled for all sites
-
-For more information about Internet Explorer Security Zones, see [About URL Security Zones](https://docs.microsoft.com/previous-versions/windows/internet-explorer/ie-developer/platform-apis/ms537183(v=vs.85)).
-
-### Distribution at scale without using the deployment script
-
-We recommend using the deployment script to configure devices. However if this is not an option, you can still manage settings by policy as described in the previous section. However, if you don't run the deployment script, you won't benefit from its error checking, and you might have to wait a long time (possibly weeks) before devices send the initial full inventory scan.
-
-Note that it is possible to initiate a full inventory scan on a device by calling these commands:
-- CompatTelRunner.exe -m:generaltel.dll -f:DoCensusRun
-- CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun ent
-
-For details on how to run these and how to check results, see the deployment script.
-
diff --git a/windows/deployment/update/windows-analytics-overview.md b/windows/deployment/update/windows-analytics-overview.md
deleted file mode 100644
index 5d63af3e36..0000000000
--- a/windows/deployment/update/windows-analytics-overview.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
-title: Windows Analytics
-ms.reviewer: 
-manager: laurawi
-description: Introduction and overview of Windows Analytics
-keywords: Device Health, Upgrade Readiness, Update Compliance, oms, operations management suite, prerequisites, requirements, monitoring, crash, drivers
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.audience: itpro
-author: jaimeo
-ms.localizationpriority: medium
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Windows Analytics overview
-
-Windows Analytics is a set of solutions for Azure Portal that provide you with extensive data about the state of devices in your deployment. There are currently three solutions which you can use singly or in any combination:
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-
-## Device Health
-
-[Device Health](device-health-get-started.md) provides the following:
-
-- Identification of devices that crash frequently, and therefore might need to be rebuilt or replaced
-- Identification of device drivers that are causing device crashes, with suggestions of alternative versions of those drivers that might reduce the number of crashes
-- Notification of Windows Information Protection misconfigurations that send prompts to end users
-
-
-
-## Upgrade Readiness
-
-[Upgrade Readiness](../upgrade/upgrade-readiness-get-started.md) offers a set of tools to plan and manage the upgrade process end to end, allowing you to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released. Upgrade Readiness not only supports upgrade management from Windows 7 and Windows 8.1 to Windows 10, but also Windows 10 upgrades in the Windows as a service model.
-
-Use Upgrade Readiness to get:
-
-- A visual workflow that guides you from pilot to production
-- Detailed computer and application inventory
-- Powerful computer-level search and drill-downs
-- Guidance and insights into application and driver compatibility issues, with suggested fixes
-- Data-driven application rationalization tools
-- Application usage information, allowing targeted validation; workflow to track validation progress and decisions
-- Data export to commonly used software deployment tools, including System Center Configuration Manager 
-
-To get started with any of these solutions, visit the links for instructions to add it to Azure Portal.
-
->[!NOTE]
-> For details about licensing requirements and costs associated with using Windows Analytics solutions, see [What are the requirements and costs for Windows Analytics solutions?](windows-analytics-FAQ-troubleshooting.md#what-are-the-requirements-and-costs-for-windows-analytics-solutions).
diff --git a/windows/deployment/update/windows-analytics-privacy.md b/windows/deployment/update/windows-analytics-privacy.md
deleted file mode 100644
index fcfe1d41f9..0000000000
--- a/windows/deployment/update/windows-analytics-privacy.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: Windows Analytics and privacy
-ms.reviewer: 
-manager: laurawi
-description: How Windows Analytics uses data
-keywords: windows analytics, oms, privacy, data, diagnostic, operations management suite, prerequisites, requirements, updates, upgrades, log analytics, health, FAQ, problems, troubleshooting, error
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.audience: itpro
-author: jaimeo
-ms.localizationpriority: high
-ms.collection: M365-analytics
-ms.topic: article
----
-
-# Windows Analytics and privacy
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-Windows Analytics is fully committed to privacy, centering on these tenets:
-
-- **Transparency:** We fully document the Windows Analytics diagnostic events (see the links for additional information) so you can review them with your company’s security and compliance teams. The Diagnostic Data Viewer lets you see diagnostic data sent from a given device (see [Diagnostic Data Viewer Overview](https://docs.microsoft.com/windows/configuration/diagnostic-data-viewer-overview) for details).
-- **Control:** You ultimately control the level of diagnostic data you wish to share. In Windows 10, version 1709 we added a new policy to Limit enhanced diagnostic data to the minimum required by Windows Analytics
-- **Security:** Your data is protected with strong security and encryption
-- **Trust:** Windows Analytics supports the Microsoft Online Service Terms
-
-The following illustration shows how diagnostic data flows from individual devices through the Diagnostic Data Service, Azure Log Analytics storage, and to your Log Analytics workspace:
-
-[![Diagram illustrating flow of diagnostic data from devices](images/WA-data-flow-v1.png)](images/WA-data-flow-v1.png)
-
-The data flow sequence is as follows:
-
-1. Diagnostic data is sent from devices to the Microsoft Diagnostic Data Management service, which is hosted in the US.
-2. An IT administrator creates an Azure Log Analytics workspace. The administrator chooses the location, copies the Commercial ID (which identifies that workspace), and then pushes Commercial ID to devices they want to monitor. This is the mechanism that specifies which devices appear in which workspaces.
-3. Each day Microsoft produces a "snapshot" of IT-focused insights for each workspace in the Diagnostic Data Management service.
-4. These snapshots are copied to transient storage which is used only by Windows Analytics (also hosted in US data centers) where they are segregated by Commercial ID.
-5. The snapshots are then copied to the appropriate Azure Log Analytics workspace.
-6. If the IT administrator is using the Upgrade Readiness solution, user input from the IT administrator (specifically, the target operating system release and the importance and upgrade readiness per app) is stored in the Windows Analytics Azure Storage. (Upgrade Readiness is the only Windows Analytics solution that takes such user input.)
-
-
-See these topics for additional background information about related privacy issues:
-
-- [Windows 10 and the GDPR for IT Decision Makers](https://docs.microsoft.com/windows/privacy/gdpr-it-guidance)
-- [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization)
-- [Windows 7, Windows 8, and Windows 8.1 Appraiser Telemetry Events, and Fields](https://go.microsoft.com/fwlink/?LinkID=822965)
-- [Windows 10, version 1903 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903)
-- [Windows 10, version 1809 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809)
-- [Windows 10, version 1803 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803)
-- [Windows 10, version 1709 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709)
-- [Windows 10, version 1703 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703)
-- [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields)
-- [Diagnostic Data Viewer Overview](https://docs.microsoft.com/windows/configuration/diagnostic-data-viewer-overview)
-- [Licensing Terms and Documentation](https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=31)
-- [Learn about security and privacy at Microsoft datacenters](https://www.microsoft.com/datacenters)
-- [Confidence in the trusted cloud](https://azure.microsoft.com/support/trust-center/)
-- [Trust Center](https://www.microsoft.com/trustcenter)
-
-### Can Windows Analytics be used without a direct client connection to the Microsoft Data Management Service?
-No, the entire service is powered by Windows diagnostic data, which requires that devices have this direct connectivity.
-
-### Can I choose the data center location?
-Yes for Azure Log Analytics, but no for the Microsoft Data Management Service (which is hosted in the US).
diff --git a/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md b/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
deleted file mode 100644
index 078074ba23..0000000000
--- a/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: Manage Windows upgrades with Upgrade Readiness (Windows 10)
-description: Provides an overview of the process of managing Windows upgrades with Upgrade Readiness.
-ms.prod: w10
-audience: itpro
author: greg-lindsay
-ms.date: 04/25/2017
-ms.reviewer: 
-manager: laurawi
-ms.author: greglin
-ms.topic: article
----
-
-# Manage Windows upgrades with Upgrade Readiness
-
-Upgrading to new operating systems has traditionally been a challenging, complex, and slow process for many enterprises. Discovering applications and drivers and then testing them for potential compatibility issues have been among the biggest pain points.
-
-With the release of Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released. Windows Upgrade Readiness not only supports upgrade management from Windows 7, Windows 8.1 to Windows 10, but also Windows 10 upgrades in the [Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview) model.  
-
-Microsoft developed Upgrade Readiness in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Upgrade Readiness was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10. 
-
-With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft.
-
-Use Upgrade Readiness to get:
-
--   A visual workflow that guides you from pilot to production
--   Detailed computer and application inventory
--   Powerful computer level search and drill-downs
--   Guidance and insights into application and driver compatibility issues, with suggested fixes
--   Data driven application rationalization tools
--   Application usage information, allowing targeted validation; workflow to track validation progress and decisions
--   Data export to commonly used software deployment tools, including System Center Configuration Manager
-
-The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
-
-**Important**  For system, application, and driver data to be shared with Microsoft, you must configure user computers to send data. For information about what diagnostic data Microsoft collects and how that data is used and protected by Microsoft, see:
-
-- [Configure Windows diagnostic data in your organization](/windows/configuration/configure-windows-diagnostic-data-in-your-organization)
-- [Manage connections from Windows operating system components to Microsoft services](/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services)
-- [Windows 7, Windows 8, and Windows 8.1 appraiser diagnostic data events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)
-
-## **Related topics**
-
-[Upgrade Readiness architecture](upgrade-readiness-architecture.md)<br>
-[Upgrade Readiness requirements](upgrade-readiness-requirements.md)<br>
-[Upgrade Readiness release notes](upgrade-readiness-requirements.md#important-information-about-this-release)<br>
-[Get started with Upgrade Readiness](upgrade-readiness-get-started.md)<br>
-[Use Upgrade Readiness to manage Windows upgrades](use-upgrade-readiness-to-manage-windows-upgrades.md)
diff --git a/windows/deployment/upgrade/upgrade-readiness-additional-insights.md b/windows/deployment/upgrade/upgrade-readiness-additional-insights.md
deleted file mode 100644
index 43bc14033a..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-additional-insights.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Upgrade Readiness - Additional insights
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Explains additional features of Upgrade Readiness.
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness - Additional insights
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This topic provides information on additional features that are available in Upgrade Readiness to provide insights into your environment. These include:
-
-- [Site discovery](#site-discovery): An inventory of web sites that are accessed by client computers running Windows 7, Windows 8.1, or Windows 10 using Internet Explorer.
-- [Office add-ins](#office-add-ins): A list of the Microsoft Office add-ins that are installed on client computers.
-
-## Site discovery
-
-The IE site discovery feature in Upgrade Readiness provides an inventory of web sites that are accessed by client computers using Internet Explorer on Windows 7, Windows 8.1, and Windows 10. Site discovery does not include sites that are accessed using other Web browsers, such as Microsoft Edge. Site inventory information is provided as optional data related to upgrading to Windows 10 and Internet Explorer 11, and is meant to help prioritize compatibility testing for web applications. You can make more informed decisions about testing based on usage data.
-
-> [!NOTE]
-> Site discovery data is disabled by default; you can find documentation on what is collected in the [Windows 7, Windows 8, and Windows 8.1 appraiser diagnostic data events and fields](https://go.microsoft.com/fwlink/?LinkID=822965). After you turn on this feature, data is collected on all sites visited by Internet Explorer, except during InPrivate sessions. The data collection process is silent, without notification to the employee. You are responsible for ensuring that your use of this feature complies with all applicable local laws and regulatory requirements, including any requirements to provide notice to employees.
-> 
-> IE site discovery is disabled on devices running Windows 7 and Windows 8.1 that are in Switzerland and EU countries.
-
-In order to use site discovery, a separate opt-in is required; see [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started).
-
-### Review most active sites
-
-This blade indicates the most visited sites by computers in your environment. Review this list to determine which web applications and sites are used most frequently. The number of visits is based on the total number of views, and not by the number of unique devices accessing a page.
-
-For each site, the fully qualified domain name will be listed. You can sort the data by domain name or by URL. 
-
-![Most active sites](../images/upgrade-analytics-most-active-sites.png) 
-
-Click the name of any site in the list to drill down into more details about the visits, including the time of each visit and the computer name. 
-
-![Site domain detail](../images/upgrade-analytics-site-domain-detail.png)
-
-### Review document modes in use 
-
-This blade provides information about which document modes are used in the sites that are visited in your environment. Document modes are used to provide compatibility with older versions of Internet Explorer. Sites that use older technologies may require additional testing and are less likely to be compatible with Microsoft Edge. Counts are based on total page views and not the number of unique devices. For more information about document modes, see [Deprecated document modes](https://technet.microsoft.com/itpro/internet-explorer/ie11-deploy-guide/deprecated-document-modes).
-
-![Site activity by document mode](../images/upgrade-analytics-site-activity-by-doc-mode.png)
-
-### Run browser-related queries 
-
-You can run predefined queries to capture more info, such as sites that have Enterprise Mode enabled, or the number of unique computers that have visited a site. For example, this query returns the most used ActiveX controls. You can modify and save the predefined queries. 
-
-![](../images/upgrade-analytics-query-activex-name.png)
-
-## Office add-ins
-
-Office add-ins provides a list of the Microsoft Office add-ins in your environment, and enumerates the computers that have these add-ins installed.  This information should not affect the upgrade decision workflow, but can be helpful to an administrator.
-
-## Related topics
-
-[Manage Windows upgrades with Upgrade Readiness](manage-windows-upgrades-with-upgrade-readiness.md)
diff --git a/windows/deployment/upgrade/upgrade-readiness-architecture.md b/windows/deployment/upgrade/upgrade-readiness-architecture.md
deleted file mode 100644
index 73b74906d7..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-architecture.md
+++ /dev/null
@@ -1,39 +0,0 @@
----
-title: Upgrade Readiness architecture (Windows 10)
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Describes Upgrade Readiness architecture.
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness architecture
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-Microsoft analyzes system, application, and driver diagnostic data  to help you determine when computers are upgrade-ready, allowing you to simplify and accelerate Windows upgrades in your organization. The diagram below illustrates how Upgrade Readiness components work together in a typical installation. 
-
-<!-- PRESERVING ORIGINAL IMAGE CODING JUST IN CASE 
-<img src="media/image1.png" width="624" height="401" />
--->
-
-![Upgrade Readiness architecture](../images/ur-arch-diagram.png)
-
-After you enable Windows diagnostic data on user computers and install the compatibility update KB (1), user computers send computer, application and driver diagnostic data to a secure Microsoft data center through the Microsoft Data Management Service (2). After you configure Upgrade Readiness, diagnostic data is analyzed by the Upgrade Readiness Service (3) and pushed to your workspace (4). You can then use the Upgrade Readiness solution (5) to plan and manage Windows upgrades.
-
-For more information about what diagnostic data Microsoft collects and how that data is used and protected by Microsoft, see:
-
-[Configure Windows diagnostic data in your organization](/windows/configuration/configure-windows-diagnostic-data-in-your-organization)<BR>
-[Manage connections from Windows operating system components to Microsoft services](/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services)<BR>
-[Windows 7, Windows 8, and Windows 8.1 appraiser diagnostic data events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)<BR>
-
-## **Related topics**
-
-[Upgrade Readiness requirements](upgrade-readiness-requirements.md)<BR>
-[Upgrade Readiness release notes](upgrade-readiness-requirements.md#important-information-about-this-release)<BR>
-[Get started with Upgrade Readiness](upgrade-readiness-get-started.md)<BR>
diff --git a/windows/deployment/upgrade/upgrade-readiness-data-sharing.md b/windows/deployment/upgrade/upgrade-readiness-data-sharing.md
deleted file mode 100644
index 58e8a9e6c2..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-data-sharing.md
+++ /dev/null
@@ -1,61 +0,0 @@
----
-title: Upgrade Readiness data sharing
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Connectivity scenarios for data sharing with Upgrade Readiness
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness data sharing
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-To enable data sharing with the Upgrade Readiness solution, double-check the endpoints list in [Enrolling devices in Windows Analytics](../update/windows-analytics-get-started.md#enable-data-sharing) to be sure they are whitelisted.
-
-## Connectivity to the Internet
-
-There are several different methods your organization can use to connect to the Internet, and these methods can affect how authentication is performed by the deployment script.
-
-### Direct connection to the Internet
-
-This scenario is very simple since there is no proxy involved. If you are using a network firewall which is blocking outgoing traffic, please keep in mind that even though we provide DNS names for the endpoints needed to communicate to the Microsoft diagnostic data backend, We therefore do not recommend to attempt to whitelist endpoints on your firewall based on IP-addresses.
-
-In order to use the direct connection scenario, set the parameter **ClientProxy=Direct** in **runconfig.bat**.
-
-### Connection through the WinHTTP proxy
-
-This is the first and most simple proxy scenario.
-
-In order to set the WinHTTP proxy system-wide on your computers, you need to
-- Use the command netsh winhttp set proxy \<server\>:\<port\>
-- Set ClientProxy=System in runconfig.bat
-
-The WinHTTP scenario is most appropriate for customers who use a single proxy. If you have more advanced proxy requirements, refer to Scenario 3.
-
-If you want to learn more about proxy considerations on Windows, see [Understanding Web Proxy Configuration](https://blogs.msdn.microsoft.com/ieinternals/2013/10/11/understanding-web-proxy-configuration/).
-
-### Logged-in user’s Internet connection
-
-In order to accommodate complex proxy scenarios, we also support using the currently logged-in user’s internet connection. This scenario supports PAC scripts, proxy autodetection and authentication. Essentially, if the logged in user can reach the Windows diagnostic data endpoints, the diagnostic data client can send data. If runconfig.bat runs while no user is logged in, diagnostic data events get written into a buffer which gets flushed when a user logs in.
-
-In order to enable this scenario, you need:
-- A current quality update Rollup for Windows 7, 8.1 or Windows 10 Version 1511. Updates shipped after October 2016 have the needed code
-- Set the reg key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection\DisableEnterpriseAuthProxy to 0. If the value does not exist, create a new DWORD, name it DisableEnterpriseAuthProxy and set the value to 0. The deployment script will check this is configured correctly.
-- Set ClientProxy=User in bat.
-
-> [!IMPORTANT]
-> Using **Logged-in user's internet connection** with **DisableEnterpriseAuthProxy = 0** scenario is incompatible with ATP where the required value of that attribute is 1.(Read more here)[<https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection>]
-
-
-
-
-
diff --git a/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md b/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md
deleted file mode 100644
index 7ae486f5d3..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-deploy-windows.md
+++ /dev/null
@@ -1,106 +0,0 @@
----
-title: Upgrade Readiness - Get a list of computers that are upgrade ready (Windows 10)
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Describes how to get a list of computers that are ready to be upgraded in Upgrade Readiness.
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness - Step 3: Deploy Windows
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-All of your work up to now involved reviewing and resolving application and driver issues. Along the way, as you’ve resolved issues and decided which applications and drivers are ready to upgrade, you’ve been building a list of computers that are upgrade ready. 
-The blades in the **Deploy** section are:
-
-- [Deploy eligible computers](#deploy-eligible-computers)
-- [Deploy computers by group](#computer-groups) 
-
->Computers that are listed in this step are assigned an **UpgradeDecision** value, and the total count of computers in each upgrade decision category is displayed. Additionally, computers are assigned an **UpgradeAssessment** value. This value is displayed by drilling down into a specific upgrade decision category. For information about upgrade assessment values, see [Upgrade assessment](#upgrade-assessment).
-
-## Deploy eligible computers
-
-In this blade, computers grouped by upgrade decision are listed. The upgrade decision on the machines is a calculated value based on the upgrade decision status for the apps and drivers installed on the computer.  This value cannot be modified directly. The upgrade decision is calculated in the following ways:
-- **Review in progress**:  At least one app or driver installed on the computer is marked **Review in progress**.
-- **Ready to upgrade**:  All apps and drivers installed on the computer are marked as **Ready to Upgrade**.
-- **Won’t upgrade**:  At least one app or driver installed on the computer is marked as **Won’t upgrade**, or a system requirement is not met.
-
-<!-- PRESERVING ORIGINAL IMAGE CODING JUST IN CASE
-<img src="media/image9.png" width="195" height="316" />
--->
-
-![Deploy eligible computers](../images/ua-cg-16.png)
-
-Select **Export computers** for more details, including computer name, manufacturer and model, and Windows edition currently running on the computer. Sort or further query the data and then select **Export** to generate and save a comma-separated value (csv) list of upgrade-ready computers.
-
->**Important**<br> When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export fewer items at a time.
-
-## Computer groups
-
-Computer groups allow you to segment your environment by creating device groups based on log search results, or by importing groups from Active Directory, WSUS or System Center Configuration Manager. Computer groups are an OMS feature. For more information, see [Computer groups in OMS](https://blogs.technet.microsoft.com/msoms/2016/04/04/computer-groups-in-oms/).
-
-Query based computer groups are recommended in the initial release of this feature. A feature known as **Configuration Manager Upgrade Readiness Connector** is anticipated in a future release that will enable synchronization of **ConfigMgr Collections** with computer groups in OMS.
-
-### Getting started with Computer Groups
-
-When you sign in to OMS, you will see a new blade entitled **Computer Groups**. See the following example:
-
-![Computer groups](../images/ua-cg-01.png)
-
-To create a computer group, open **Log Search** and create a query based on **Type=UAComputer**, for example:
-
-```
-Type=UAComputer Manufacturer=DELL
-```
-
-![Computer groups](../images/ua-cg-02.png)
-
-When you are satisfied that the query is returning the intended results, add the following text to your search:
-
-```
-| measure count() by Computer
-```
-
-This will ensure every computer only shows up once. Then, save your group by clicking **Save** and **Yes**. See the following example:
-
-![Computer groups](../images/ua-cg-03.png)
-
-Your new computer group will now be available in Upgrade Readiness. See the following example:
-
-![Computer groups](../images/ua-cg-04.png)
-
-### Using Computer Groups
-
-When you drill into a computer group, you will see that computers are categorized by **UpgradeDecision**. For computers with the status **Review in progress** or **Won’t upgrade** you can drill down to view issues that cause a computer to be in each category, or you can simply display a list of the computers in the category. For computers that are designated **Ready to upgrade**, you can go directly to the list of computers that are ready.
-
-![Computer groups](../images/ua-cg-05.png)
-
-Viewing a list of computers in a certain status is self-explanatory, Let’s look at what happens when you click the details link on **Review in progress**:
-
-![Computer groups](../images/ua-cg-06.png)
-
-Next, select if you want to see application issues (**UAApp**) or driver issues (**UADriver**). See the following example of selecting **UAApp**:
-
-![Computer groups](../images/ua-cg-07.png)
-
-A list of apps that require review so that Dell Computers are ready for upgrade to Windows 10 is displayed.
-
-### Upgrade assessment
-
-Upgrade assessment and guidance details are explained in the following table.
-
-| Upgrade assessment    | Action required before or after upgrade pilot? | Issue    | What it means   | Guidance      |
-|-----------------------|------------------------------------------------|----------|-----------------|---------------|
-| No known issues                                 | No                                             | None                                             | Computers will upgrade seamlessly.<br>                                                                                                                                         | OK to use as-is in pilot.                                                                                                                                                                                                                                                                                                                 |
-| OK to pilot, fixed during upgrade               | No, for awareness only                         | Application or driver will not migrate to new OS | The currently installed version of an application or driver won’t migrate to the new operating system; however, a compatible version is installed with the new operating system. | OK to use as-is in pilot.                                                                                                                                                                                                                                                                                                                 |
-| OK to pilot with new driver from Windows Update | Yes                                            | Driver will not migrate to new OS                | The currently installed version of a driver won’t migrate to the new operating system; however, a newer, compatible version is available from Windows Update.                    | Although a compatible version of the driver is installed during upgrade, a newer version is available from Windows Update. <br><br>If the computer automatically receives updates from Windows Update, no action is required. Otherwise, replace the new in-box driver with the Windows Update version after upgrading. <br> <br> |
-
-Select **Export computers** to view pilot-ready computers organized by operating system. After you select the computers you want to use in a pilot, click Export to generate and save a comma-separated value (csv) file.
-
->**Important**> When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export fewer items at a time.
diff --git a/windows/deployment/upgrade/upgrade-readiness-deployment-script.md b/windows/deployment/upgrade/upgrade-readiness-deployment-script.md
deleted file mode 100644
index 47787f4477..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-deployment-script.md
+++ /dev/null
@@ -1,194 +0,0 @@
----
-title: Upgrade Readiness deployment script (Windows 10)
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Deployment script for Upgrade Readiness.
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness deployment script
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-To automate the steps provided in [Get started with Upgrade Readiness](upgrade-readiness-get-started.md), and to troubleshoot data sharing issues, you can run the [Upgrade Readiness deployment script](https://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409), developed by Microsoft.
-
->[!IMPORTANT]
->Upgrade Readiness was previously called Upgrade Analytics. References to Upgrade Analytics in any scripts or online content pertain to the Upgrade Readiness solution.
-
->[!IMPORTANT]
->The latest version of the Upgrade Readiness Script is **2.4.4 - 10.10.2018**
-
-For detailed information about using the Upgrade Readiness (also known as upgrade analytics) deployment script, see the [Upgrade Analytics blog](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/New-version-of-the-Upgrade-Analytics-Deployment-Script-available/ba-p/187164?advanced=false&collapse_discussion=true&q=new%20version%20of%20the%20upgrade%20analytics%20deployment%20script%20available&search_type=thread).
-
-> The following guidance applies to version **2.4.4 - 10.10.2018** of the Upgrade Readiness deployment script. If you are using an older version, download the latest from the [Download Center](https://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409).
-
-The Upgrade Readiness deployment script does the following:
-
-1.  Sets commercial ID key + CommercialDataOptIn + RequestAllAppraiserVersions keys.
-2.  Verifies that user computers can send data to Microsoft.
-3.  Checks whether the computer has a pending restart.  
-4.  Verifies that the latest version of KB package 10.0.x is installed (version 10.0.14348 or later is required, but version 10.0.14913 or later is recommended).
-5.  If enabled, turns on verbose mode for troubleshooting.
-6.  Initiates the collection of the diagnostic data that Microsoft needs to assess your organization’s upgrade readiness.
-7.  If enabled, displays the script’s progress in a cmd window, providing you immediate visibility into issues (success or fail for each step) and/or writes to log file.
-
-## Running the script
-
->There should be no performance impact caused by the script. The script is a light wrapper of Windows in-box components that undergo performance testing and optimization to avoid any performance impact. However, typically the script is scheduled to be run outside of working hours. 
->
->Do not run the script at each sign-on. It is recommended to run the script once every 30 days.
->
->The length of time the script takes to run on each system depends on the number of apps and drivers, and the type of hardware. Anti-virus software scanning simultaneously can increase the script run time, but the script should require no longer than 10 minutes to run, and typically the time is much shorter. If the script is observed running for an extended period of time, please run the Pilot script, and collect logs to share with Microsoft. Log files are created in the drive that is specified in the RunConfig.bat file. By default this is set to: **%SystemDrive%\UADiagnostics**.
-
-To run the Upgrade Readiness deployment script:
-
-1.  Download the [Upgrade Readiness deployment script](https://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409) and extract the .zip file. Inside, there are two folders: **Pilot** and **Deployment**. The **Pilot** folder contains advanced logging that can help troubleshoot issues and is intended to be run from an elevated command prompt. The **Deployment** folder offers a lightweight script intended for broad deployment through ConfigMgr or other software deployment system. We recommend manually running the Pilot version of the script on 5-10 machines to verify that everything is configured correctly. Once you have confirmed that data is flowing successfully, proceed to run the Deployment version throughout your organization.
-
-2.  Edit the following parameters in RunConfig.bat:
-
-    1.  Provide a storage location for log information. You can store log information on a remote file share or a local directory. If the script is blocked from creating the log file for the given path, it creates the log files in the drive with the Windows directory. Example: %SystemDrive%\\UADiagnostics
-
-    2.  Input your commercial ID key. To find your commercial ID, first navigate to the **Solutions** tab for your workspace, and then select the solution. From there, select the **Settings** page, where you can find and copy your commercial ID:
-
-    3.  By default, the script sends log information to both the console and the log file. To change the default behavior, use one of the following options:
-
-        > *logMode = 0 log to console only*
-        >
-        > *logMode = 1 log to file and console*
-        >
-        > *logMode = 2 log to file only*
-
-3.  To enable Internet Explorer data collection, set AllowIEData to IEDataOptIn. By default, AllowIEData is set to Disable. Then use one of the following options to determine what Internet Explorer data can be collected:
-
-    > *IEOptInLevel = 0 Internet Explorer data collection is disabled*
-    >
-    > *IEOptInLevel = 1 Data collection is enabled for sites in the Local intranet + Trusted sites + Machine local zones*
-    >
-    > *IEOptInLevel = 2 Data collection is enabled for sites in the Internet + Restricted sites zones*
-    >
-    > *IEOptInLevel = 3 Data collection is enabled for all sites*
-
-4. The deployment script is configured to collect and send diagnostic and debugging data to Microsoft. If you wish to disable sending diagnostic and debugging data to Microsoft, set **AppInsightsOptIn = false**. By default, **AppInsightsOptIn** is set to **true**.
-
-    The data that is sent is the same data that is collected in the text log file that captures the events and error codes while running the script. This file is named in the following format: **UA_yyyy_mm_dd_hh_mm_ss_machineID.txt**. Log files are created in the drive that is specified in the RunConfig.bat file. By default this is set to: **%SystemDrive%\UADiagnostics**.
-
-    This data gives us the ability to determine the status of your machines and to help troubleshoot issues. If you choose to opt-in to and send this data to Microsoft, you must also allow https traffic to be sent to the following wildcard endpoints:
-
-    \*vortex\*.data.microsoft.com<BR>
-    \*settings\*.data.microsoft.com
-
-5. The deployment script configures insider builds to continue to send the device name to the diagnostic data management service and the analytics portal. If you do not want to have insider builds send the device name sent to analytics and be available in the analytics portal, set **DeviceNAmeOptIn = false**. By default it is true, which preserves the behavior on previous versions of Windows. This setting only applies to insider builds. Note that the device name is also sent to AppInsights, so to ensure the device name is not sent to either place you would need to also set **AppInsightsOptIn = false**.
-
-6.  After you finish editing the parameters in RunConfig.bat, you are ready to run the script. If you are using the Pilot version, run RunConfig.bat from an elevated command prompt. If you are using the Deployment version, use ConfigMgr or other software deployment service to run RunConfig.bat as system.
-
-## Exit codes
-
-The deployment script displays the following exit codes to let you know if it was successful, or if an error was encountered.
-
-| Exit code | Suggested fix |
-|-----------|--------------|
-| 0 - Success | N/A |
-| 1 - Unexpected error occurred while executing the script. | The files in the deployment script are likely corrupted. Download the [latest script](https://go.microsoft.com/fwlink/?LinkID=822966) from the download center and try again. |
-| 2 - Error when logging to console. $logMode = 0. (console only) | Try changing the $logMode value to **1** and try again. $logMode value 1 logs to both console and file.  |
-| 3 - Error when logging to console and file. $logMode = 1. | Verify that you have set the logPath parameter in RunConfig.bat, and that the configuration script has access to connect and write to this location. |
-| 4 - Error when logging to file. $logMode = 2. | Verify that you have set the logPath parameter in RunConfig.bat, and that the configuration script has access to connect and write to this location. |
-| 5 - Error when logging to console and file. $logMode = unknown. | Verify that you have set the logPath parameter in RunConfig.bat, and that the configuration script has access to connect and write to this location. |
-| 6 - The commercialID parameter is set to unknown. | Modify the runConfig.bat file to set the CommercialID value. The value for parameter in the runconfig.bat file should match the Commercial ID key for your workspace. See [Generate your Commercial ID key](https://technet.microsoft.com/itpro/windows/deploy/upgrade-readiness-get-started#generate-your-commercial-id-key) for instructions on generating a Commercial ID key for your workspace. |
-| 8 - Failure to create registry key path: **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection**. The Commercial Id property is set at the following registry key path: **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection** | Verify that the context under which the script in running has access to the registry key. |
-| 9 - The script failed to write Commercial Id to registry.  
-Error creating or updating registry key: **CommercialId** at **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection** | Verify that the context under which the script in running has access to the registry key. |
-| 10 - Error when writing **CommercialDataOptIn** to the registry at **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection** | Verify that the deployment script is running in a context that has access to the registry key. |
-| 11 - Function **SetupCommercialId** failed with an unexpected exception. The **SetupCommercialId** function updates the Commercial Id at the registry key path: **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection** | Verify that the configuration script has access to this location. |
-| 12 - Can’t connect to Microsoft - Vortex. Check your network/proxy settings. | **Http Get** on the end points did not return a success exit code. For Windows 10, connectivity is verified by connecting to https://v10.vortex-win.data.microsoft.com/health/keepalive. For previous operating systems, connectivity is verified by connecting to https://vortex-win.data.microsoft.com/health/keepalive. If there is an error verifying connectivity, this will prevent the collected data from being sent to Upgrade Readiness. To resolve this issue, verify that the required endpoints are correctly whitelisted. For more information, see [Enrolling devices in Windows Analytics](../update/windows-analytics-get-started.md) |
-| 13 - Can’t connect to Microsoft - setting. | An error occurred connecting to https://settings.data.microsoft.com/qos. This error will prevent the collected data from being sent to Upgrade Readiness. To resolve this issue, verify that the required endpoints are correctly whitelisted. For more information, see [Enrolling devices in Windows Analytics](https://technet.microsoft.com/itpro/windows/deploy/upgrade-readiness-get-started#enable-data-sharing). Verify that the required endpoints are whitelisted correctly. See Whitelist select endpoints for more details. |
-| 14 - Can’t connect to Microsoft - compatexchange. An error occurred connecting to [CompatibilityExchangeService.svc](https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc). | This error will prevent the collected data from being sent to Upgrade Readiness. To resolve this issue, verify that the required endpoints are correctly whitelisted. For more information, see [Enrolling devices in Windows Analytics](../update/windows-analytics-get-started.md). |
-| 15 - Function CheckVortexConnectivity failed with an unexpected exception. | This error will prevent the collected data from being sent to Upgrade Readiness. To resolve this issue, verify that the required endpoints are correctly whitelisted. For more information, see [Enrolling devices in Windows Analytics](../update/windows-analytics-get-started.md). Check the logs for the exception message and the HResult. |
-| 16 - The computer requires a reboot before running the script. | Restart the device to complete the installation of the compatibility update and related updates. Reboot the computer before running the Upgrade Readiness deployment script. |
-| 17 - Function **CheckRebootRequired** failed with an unexpected exception. | Restart the device to complete installation of the compatibility update and related updates. Check the logs for the exception message and the HResult. |
-|18 - Appraiser KBs not installed or **appraiser.dll** not found. | Either the Appraiser-related updates are not installed, or the **appraiser.dll** file was not found. For more information, see appraiser diagnostic data events and fields information in the [Data collection](https://technet.microsoft.com/itpro/windows/deploy/upgrade-readiness-get-started#data-collection-and-privacy) and privacy topic. |
-| 19 - Function **CheckAppraiserKB**, which checks the compatibility update KBs, failed with unexpected exception. | Check the logs for the Exception message and HResult. The script will not run further if this error is not fixed. |
-| 20 - An error occurred when creating or updating the registry key **RequestAllAppraiserVersions** at **HKLM:\SOFTWARE\Microsoft\WindowsNT \CurrentVersion\AppCompatFlags\Appraiser** | The registry key is required for data collection to work correctly. Verify that the script is running in a context that has access to the registry key. |
-| 21 - Function **SetRequestAllAppraiserVersions** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 22 - **RunAppraiser** failed with unexpected exception. | Check the logs for the exception message and HResult. Check the **%windir%\System32** directory for the file **CompatTelRunner.exe**. If the file does not exist, reinstall the required compatibility updates which include this file, and check your organization's Group Policy to verify it does not remove this file. |
-| 23 - Error finding system variable **%WINDIR%**. | Verify that this environment variable is configured on the computer. |
-| 24 - The script failed when writing **IEDataOptIn** to the registry. An error occurred when creating registry key **IEOptInLevel** at **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection** | This is a required registry key for IE data collection to work correctly. Verify that the deployment script in running in a context that has access to the registry key. Check the logs for the exception message and HResult. |
-| 25 - The function **SetIEDataOptIn** failed with unexpected exception. | Check the logs for the exception message and HResult. |
-| 27 - The script is not running under **System** account. | The Upgrade Readiness configuration script must be run as **System**. |
-| 28 - Could not create log file at the specified **logPath**. | Make sure the deployment script has access to the location specified in the **logPath** parameter. |
-| 29 - Connectivity check failed for proxy authentication. | Install cumulative updates on the device and enable the **DisableEnterpriseAuthProxy** authentication proxy setting. The **DisableEnterpriseAuthProxy** setting is enabled by default for Windows 7\. For Windows 8.1 computers, set the **DisableEnterpriseAuthProxy** setting to **0** (not disabled). For more information on authentication proxy support, see [Authentication proxy support added in new version (12.28.16) of the Upgrade Readiness deployment script](https://go.microsoft.com/fwlink/?linkid=838688). |
-| 30 - Connectivity check failed. Registry key property **DisableEnterpriseAuthProxy** is not enabled. | The **DisableEnterpriseAuthProxy** setting is enabled by default for Windows 7\. For Windows 8.1 computers, set the **DisableEnterpriseAuthProxy** setting to **0** (not disabled). For more information on authentication proxy support, see [this blog post](https://go.microsoft.com/fwlink/?linkid=838688). |
-| 31 - There is more than one instance of the Upgrade Readiness data collector running at the same time on this computer. Use Task Manager to check if **CompatTelRunner.exe** is running, and wait until it has completed to rerun the script. The Upgrade Readiness task is scheduled by default to run daily at 0300. |
-| 32 - Appraiser version on the machine is outdated. | The configuration script detected a version of the compatibility update module that is older than the minimum required to correctly collect the data required by Upgrade Readiness solution. Use the latest version of the [compatibility update](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started#deploy-the-compatibility-update-and-related-updates) for Windows 7 SP1/Windows 8.1. |
-| 33 - **CompatTelRunner.exe** exited with an exit code | **CompatTelRunner.exe** runs the appraise task on the device. If it fails, it will provide a specific exit code. The script will return exit code 33 when **CompatTelRunner.exe** itself exits with an exit code. Check the logs for more details. Also see the **Note** following this table for additional steps to follow. |
-| 34 - Function **CheckProxySettings** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 35 - Function **CheckAuthProxy** failed with an unexpected exception. Check the logs for the exception message and HResult. |
-| 36 - Function **CheckAppraiserEndPointsConnectivity** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 37 - **Diagnose_internal.cmd** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 38 - Function **Get-SqmID** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 39 - For Windows 10: AllowTelemetry property is not set to 1 or higher at registry key path **HKLM:\SOFTWARE\Policies\Microsoft \Windows\DataCollection** or **HKLM:\SOFTWARE\Microsoft\Windows \CurrentVersion\Policies\DataCollection** | For Windows 10 devices, the **AllowTelemetry** property should be set to 1 or greater to enable data collection. The script will return an error if this is not true. For more information, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization). |
-| 40 - Function **CheckTelemetryOptIn** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 41 - The script failed to impersonate the currently logged on user. | The script mimics the UTC client to collect upgrade readiness data. When auth proxy is set, the UTC client impersonates the user that is logged on. The script also tries to mimic this, but the process failed. |
-| 42 - Function **StartImpersonatingLoggedOnUser** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 43 - Function **EndImpersonatingLoggedOnUser** failed with an unexpected exception. | Check the logs for the exception message and HResult. |
-| 44 - Diagtrack.dll version is old, so Auth Proxy will not work. | Update the device using Windows Update or Windows Server Update Services. |
-| 45 - Diagtrack.dll was not found. | Update the device using Windows Update or Windows Server Update Services. |
-| 48 - **CommercialID** mentioned in RunConfig.bat should be a GUID. | Copy the commercial ID from your workspace. To find your commercial ID, first navigate to the Solutions tab for your workspace in Azure Portal, and then select the solution. From there, select the **Settings** page, where you can find and copy your commercial ID.|
-| 50 - Diagtrack Service is not running. | The Diagtrack service is required to send data to Microsoft. Enable and run the "Connected User Experiences and Telemetry" service. |
-| 51 - RunCensus failed with an unexpected exception. | RunCensus explicitly runs the process used to collect device information. The method failed with an unexpected exception. The most common cause is incorrect setup of diagnostic data. Check the ExceptionHResult and ExceptionMessage for more details. |
-| 52 - DeviceCensus.exe not found on a Windows 10 machine. | On computers running Windows 10, the process devicecensus.exe should be present in the \system32 directory. Error code 52 is returned if the process was not found. Ensure that it exists at the specified location. |
-| 53 - There is a different CommercialID present at the GPO path: **HKLM:\SOFTWARE\Policies\Microsoft \Windows\DataCollection**. This will take precedence over the CommercialID provided in the script. | Provide the correct CommercialID at the GPO location. |
-| 54 - Microsoft Account Sign In Assistant Service is Disabled. | This service is required for devices running Windows 10. The diagnostic data client relies on the Microsoft Account Sign In Assistant (MSA) to get the Global Device ID for the device. Without the MSA service running, the global device ID will not be generated and sent by the client and Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are). |
-| 55 - SetDeviceNameOptIn function failed to create registry key path: **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection** | The function SetDeviceNameOptIn sets the registry key value which determines whether to send the device name in diagnostic data. The function tries to create the registry key path if it does not already exist. Verify that the account has the correct permissions to change or add registry keys. |
-| 56 - SetDeviceNameOptIn function failed to create property AllowDeviceNameInTelemetry at registry key path: **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection** | Verify that the account has the correct permissions to change or add registry keys.|
-| 57 - SetDeviceNameOptIn function failed to update AllowDeviceNameInTelemetry property to value 1 at registry key path: **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection** | Verify that the account has the correct permissions to change or add registry keys. |
-| 58 - SetDeviceNameOptIn function failed with unexpected exception | The function SetDeviceNameOptIn failed with an unexpected exception. |
-| 59 - CleanupOneSettings failed to delete LastPersistedEventTimeOrFirstBoot property at registry key path: **HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Diagtrack** |The CleanupOneSettings function clears some of the cached values needed by the Appraiser which is the data collector on the monitored device. This helps in the download of the most recent for accurate running of the data collector. Verify that the account has the correct permissions to change or add registry keys. |
-| 60 - CleanupOneSettings failed to delete registry key: **HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\ Diagnostics\Diagtrack\SettingsRequests** | Verify that the account has the correct permissions to change or add registry keys. |
-| 61 - CleanupOneSettings failed with an exception | CleanupOneSettings failed with an unexpected exception. |
-| 62 - AllowTelemetry property value at registry key path **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection** is not of type REG_DWORD. It should be of type REG_DWORD. | Ensure that the **AllowTelemetry** property at path **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection** is a REG_DWORD. |
-| 63 - Diagnostic data is disabled for the device | If AllowTelemetry equals **0**, devices cannot send diagnostic data. To resolve this, set the **AllowTelemetry** value at **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection**. |
-| 64 - AllowTelemetry property value at registry key path **HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection** is not of type REG_DWORD. It should be of type REG_DWORD. | Ensure that the **AllowTelemetry** property at **HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection** is a REG_DWORD. |
-| 65 - Diagnostic data is disabled for the device | If AllowTelemetry equals **0**, devices cannot send diagnostic data. To resolve this, set the **AllowTelemetry** value at **HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection**. |
-| 66 - All recent data uploads for the Universal Telemetry Client failed. | Review the UtcConnectionReport in WMI in the namespace **root\cimv2\mdm\dmmap** under the **MDM_Win32CompatibilityAppraiser_UniversalTelemetryClient01** class. Only SYSTEM has access to this class. Use [PSExec](https://docs.microsoft.com/sysinternals/downloads/psexec) to execute your WMI utility as SYSTEM.  |
-| 67 - CheckUtcCsp failed with an exception | There was an error reading the WIM/CIM class **MDM_Win32CompatibilityAppraiser_UniversalTelemetryClient01** in the namespace **root\cimv2\mdm\dmmap**. Review system for WMI errors. |
-
-
-
-
-
-
-> [!NOTE]
-> **Additional steps to follow if you receive exit code 33**
-> 
-> Check the exit code for any of these messages:
-> 
-> - CompatTelRunner.exe exited with last error code: 0x800703F1 
-> - CompatTelRunner.exe exited with last error code: 0x80070005 
-> - CompatTelRunner.exe exited with last error code: 0x80080005
-> 
-> 
-> If the exit code includes any of those messages, then run these commands from an elevated command prompt:
-> 
-> 1. Net stop diagtrack
-> 2. Net stop pcasvc
-> 3. Net stop dps
-> 4. Del %windir%\appcompat\programs\amcache.hve
-> 5. reg delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags" /v AmiHivePermissionsCorrect /f
-> 6. reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags" /v LogFlags /t REG_DWORD /d 4 /f
-> 7. Net start diagtrack
-> 8. Net start pcasvc
-> 9. Net start dps
-> 
-> Then run the Enterprise Config script (RunConfig.bat) again. 
-> 
-> If the script still fails, then contact support@microsoft.com and share the log files from the RunConfig.bat script. These log files are stored on the drive that is specified in the RunConfig.bat file. By default this is set to **%SystemDrive%\UADiagnostics**. The log file is named with the format **UA_yyyy_mm_dd_hh_mm_ss_machineID.txt**. There will be some additional logs generated under your **\<system drive>\Windows\Temp** directory with the names similar to **AslLog_....txt**. You should send those logs as well.
-
diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md
deleted file mode 100644
index 0e4b6350ae..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-get-started.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-title: Get started with Upgrade Readiness (Windows 10)
-ms.reviewer: 
-manager: laurawi
-description: Explains how to get started with Upgrade Readiness.
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics,
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.localizationpriority: medium
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Get started with Upgrade Readiness
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This topic explains how to obtain and configure Upgrade Readiness for your organization.
-
-You can use Upgrade Readiness to plan and manage your upgrade project end to end. Upgrade Readiness works by establishing communications between computers in your organization and Microsoft. Upgrade Readiness collects computer, application, and driver data for analysis. This data is used to identify compatibility issues that can block your upgrade and to suggest fixes that are known to Microsoft.
-
-Before you begin, consider reviewing the following helpful information:<BR>
-    - [Upgrade Readiness requirements](upgrade-readiness-requirements.md): Provides detailed requirements to use Upgrade Readiness.<BR>
-    - [Upgrade Readiness blog](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/bg-p/WindowsAnalyticsBlog): Contains announcements of new features and provides helpful tips for using Upgrade Readiness.
-
->If you are using System Center Configuration Manager, also check out information about how to integrate Upgrade Readiness with Configuration Manager: [Integrate Upgrade Readiness with System Center Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
-
-When you are ready to begin using Upgrade Readiness, perform the following steps:
-
-1. Review [data collection and privacy](#data-collection-and-privacy) information.
-2. [Add the Upgrade Readiness solution to your Azure subscription](#add-the-upgrade-readiness-solution-to-your-azure-subscription).
-3. [Enroll devices in Windows Analytics](#enroll-devices-in-windows-analytics).
-4. [Use Upgrade Readiness to manage Windows Upgrades](#use-upgrade-readiness-to-manage-windows-upgrades) once your devices are enrolled.
-
-## Data collection and privacy
-
-To enable system, application, and driver data to be shared with Microsoft, you must configure user computers to send data. For information about what diagnostic data Microsoft collects and how that data is used and protected by Microsoft, see [Frequently asked questions and troubleshooting Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-FAQ-troubleshooting), which discusses the issues and provides links to still more detailed information.
-
-## Add the Upgrade Readiness solution to your Azure subscription
-
-Upgrade Readiness is offered as a *solution* which you link to a new or existing [Azure Log Analytics](https://azure.microsoft.com/services/log-analytics/) *workspace* within your Azure *subscription*. To configure this, follow these steps:
-
-1. Sign in to the [Azure Portal](https://portal.azure.com) with your work or school account or a Microsoft account. If you don't already have an Azure subscription you can create one (including free trial options) through the portal.
-   
-    >[!NOTE]
-    > Upgrade Readiness is included at no additional cost with Windows 10 Professional, Education, and Enterprise editions. An Azure subscription is required for managing and using Upgrade Readiness, but no Azure charges are expected to accrue to the subscription as a result of using Upgrade Readiness. 
-
-2. In the Azure portal select **Create a resource**, search for "Upgrade Readiness", and then select **Create** on the **Upgrade Readiness** solution. 
-    ![Azure portal page highlighting + Create a resource and with Upgrade Readiness selected](../images/UR-Azureportal1.png)
-
-    ![Azure portal showing Upgrade Readiness fly-in and Create button highlighted(images/CreateSolution-Part2-Create.png)](../images/UR-Azureportal2.png)
-3. Choose an existing workspace or create a new workspace to host the Upgrade Readiness solution. 
-    ![Azure portal showing Log Analytics workspace fly-in](../images/UR-Azureportal3.png)
-    - If you are using other Windows Analytics solutions (Device Health or Update Compliance) you should add Upgrade Readiness to the same workspace.
-    - If you are creating a new workspace, and your organization does not have policies governing naming conventions and structure, consider the following workspace settings to get started:
-        - Choose a workspace name which reflects the scope of planned usage in your organization, for example *PC-Analytics*.
-        - For the resource group setting select **Create new** and use the same name you chose for your new workspace.
-        - For the location setting, choose the Azure region where you would prefer the data to be stored.
-        - For the pricing tier select **per GB**.
-4. Now that you have selected a workspace, you can go back to the Upgrade Readiness blade and select **Create**.
-    ![Azure portal showing workspace selected and with Create button highlighted](../images/UR-Azureportal4.png)
-5. Watch for a Notification (in the Azure portal) that "Deployment 'Microsoft.CompatibilityAssessmentOMS' to resource group 'YourResourceGroupName' was successful." and then select **Go to resource** This might take several minutes to appear.
-       ![Azure portal all services page with Log Analytics found and selected as favorite](../images/CreateSolution-Part5-GoToResource.png)
-    - Suggestion: Choose the **Pin to Dashboard** option to make it easy to navigate to your newly added Upgrade Readiness solution.
-    - Suggestion: If a "resource unavailable" error occurs when navigating to the solution, try again after one hour.
-
-## Enroll devices in Windows Analytics
-
-
-Once you've added Upgrade Readiness to a workspace in your Azure subscription, you can start enrolling the devices in your organization. For full instructions, see [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started).
-
-
-
-## Use Upgrade Readiness to manage Windows Upgrades
-
-Now that your devices are enrolled, you can move on to [Use Upgrade Readiness to manage Windows Upgrades](https://docs.microsoft.com/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades).
diff --git a/windows/deployment/upgrade/upgrade-readiness-identify-apps.md b/windows/deployment/upgrade/upgrade-readiness-identify-apps.md
deleted file mode 100644
index d726afe37b..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-identify-apps.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: Upgrade Readiness - Identify important apps (Windows 10)
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Describes how to prepare your environment so that you can use Upgrade Readiness to manage Windows upgrades.
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness - Step 1: Identify important apps
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This is the first step of the Upgrade Readiness workflow. In this step, applications are listed and grouped by importance level. Setting the importance level enables you to prioritize applications for upgrade.
-
-<!-- PRESERVING ORIGINAL IMAGE CODING JUST IN CASE
-<img src="media/image5.png" width="213" height="345" />
--->
-
-![Prioritize applications](../images/upgrade-analytics-prioritize.png)
-
-Select **Assign importance** to change an application’s importance level. By default, applications are marked **Not reviewed** or **Low install count** until you assign a different importance level to them.
-
-To change an application’s importance level:
-
-1.  Select **Not reviewed** or **Low install count** on the **Prioritize applications** blade to view the list of applications with that importance level.
-2.  Select the applications you want to change to a specific importance level and then select the appropriate option from the **Select importance level** list.
-3.  Click **Save** when finished.
-
-Importance levels include:
-
-| Importance level   | When to use it   | Recommendation   |
-|--------------------|------------------|------------------|
-| Low install count  | We give you a head start by identifying applications that are installed on 2% or less of your total computer inventory. \[Number of computers application is installed on/total number of computers in your inventory.\]<br><br>Low install count applications are automatically marked as **Ready to upgrade** in the **UpgradeDecision** column unless they have issues that need attention.<br> | Be sure to review low install count applications for any business critical or important applications that are not yet upgrade-ready, despite their low installation rates. For example, payroll apps or tax accounting apps tend to be installed on a relatively small number of machines but are still considered business critical applications.<br><br>                                                                                                                                                                                                 |
-| Not reviewed       | Applications that are installed on more than 2% of your total computer inventory are marked not reviewed until you set their importance level.<br><br>                                                                                                                                              | Once you’ve started to investigate an application to determine its importance level and upgrade readiness, change its status to **Review in progress** in both the **Importance** and **UpgradeDecision** columns.                                                                                                                                                                      |
-| Business critical  | By default, no applications are marked as business critical because only you can make that determination. If you know that an application is critical to your organization’s functioning, mark it **Business critical**. <br><br>                                                                                                                                                                    | You may also want to change the application’s status to **Review in progress** in the **UpgradeDecision** column to let other team members know that you’re working on getting this business critical application upgrade-ready. Once you’ve fixed any issues and validated that the application will migrate successfully, change the upgrade decision to **Ready to upgrade**. <br> |
-| Important          | By default, no applications are marked as important because only you can make that determination. If the application is important but not critical to your organization’s functioning, mark it **Important**.                                                                                                                                                                          | You may also want to change the application’s status to **Review in progress** in the **UpgradeDecision** column to let other team members know that you’re working on getting this important application upgrade-ready. Once you’ve fixed any issues and validated that the application will migrate successfully, change the upgrade decision to **Ready to upgrade**. <br>         |
-| Ignore             | By default, no applications are marked as ignore because only you can make that determination. If the application is not important to your organization’s functioning, such as user-installed applications and games, you may not want to spend time and money validating that these applications will migrate successfully. Mark these applications **Ignore**. <br>                                  | Set the application’s importance level to **Ignore** to let other team members know that it can be left as-is with no further investigation or testing. If you set the importance level to ignore, and this is an app that you are not planning on testing or validating, consider changing the upgrade decision to **Ready to upgrade**.  By marking these apps ready to upgrade, you are indicating that you are comfortable upgrading with the app remaining in its current state.<br><br>                                                                       |
-| Review in progress | Once you’ve started to investigate an application to determine its importance level and upgrade readiness, change its status to **Review in progress** in both the **Importance** and **UpgradeDecision** columns.<br>                                                                                                                                                                                 | As you learn more about the application’s importance to your organization’s functioning, change the importance level to **Business critical**, **Important**, or **Ignore**.<br><br>Until you’ve determined that priority applications will migrate successfully, leave the upgrade decision status as **Review in progress**. <br>                                               |
-
diff --git a/windows/deployment/upgrade/upgrade-readiness-monitor-deployment.md b/windows/deployment/upgrade/upgrade-readiness-monitor-deployment.md
deleted file mode 100644
index 76c3f064ee..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-monitor-deployment.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: Monitor deployment with Upgrade Readiness
-ms.reviewer: 
-manager: laurawi
-description: Describes how to use Upgrade Readiness to monitor the deployment after Windows upgrades.
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
-ms.localizationpriority: medium
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness - Step 4: Monitor
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-Now that you have started deploying an update with Upgrade Readiness, you can use it to monitor important elements.
-
-![Upgrade Readiness dialog showing "STEP 4: Monitor" and blades for "Update progress," "Driver issues," and "User feedback"](../images/UR-monitor-main.png)
- 
- 
-## Update progress
-
-The **Update progress** blade allows you to monitor the progress and status of your deployment. Any device that has attempted to upgrade in the last 30 days displays the **DeploymentStatus** attribute. You'll be able to see the number of computers that have successfully upgraded, failed to upgrade, are stalled, etc.
- 
- 
-Selecting this blade allows you to view device-level details about the deployment. For example, select **Failed** to view the original operating system version, the target operating system version, and the reason the update failed for each of the devices that failed to upgrade. In the case of the device illustrated in the following image, an attempt was made to upgrade from Windows 10, version 1703 to 1709, but the operation timed out.
-
-!["Update progress" blade showing detailed information after selecting the "failed" item](../images/UR-update-progress-failed-detail.png)
-
-
-## Driver issues
-
-The **Driver issues** blade allows you to see Device Manager errors for your upgraded devices. We include data for all compatibility-related device errors, such as "driver not found" and "driver not started." The blade summarizes errors by error type, but you can select a particular error type to see device-level details about which device(s) are failing and where to obtain a driver.
- 
- 
-For example, by selecting error code **28 - driver not installed**, you would see that the device in the following image is missing the driver for a network controller. Upgrade Readiness also notifies that a suitable driver is available online through Windows Update. If this device is configured to automatically receive updates from Windows Update, this issue would likely resolve itself following the device's next Windows Update scan. If this device does not automatically receive updates from Windows Update, you would need to deliver the driver manually. 
-
-!["Driver issue" blade showing detailed information after selecting a specific driver error](../images/UR-driver-issue-detail.png)
- 
-## User feedback
-
-The **User Feedback** blade focuses on gathering subjective feedback from your end users. If a user submits feedback through the Feedback Hub app on a device in your workspace, we will make that feedback visible to you in this blade. The Feedback Hub app is built into Windows 10 and can be accessed by typing "Feedback Hub" in the Cortana search bar.
- 
- 
-We recommend that you encourage your end users to submit any feedback they have through Feedback Hub. Not only will this feedback be sent directly to Microsoft for review, but you'll also be able to see it by using Upgrade Readiness. You should be aware that **feedback submitted through Feedback Hub will be publicly visible**, so it's best to avoid submitting feedback about internal line-of-business applications.
- 
-When viewing user feedback in Upgrade Readiness, you'll be able to see the raw "Title" and "Feedback" text from the user's submission in Feedback Hub, as well as the number of upvotes the submission has received. (Since feedback is publicly visible, the number of upvotes is a global value and not specific to your company.)  If a Microsoft engineer has responded to the submission in Feedback Hub, we'll pull in the Microsoft response for you to see as well.
-
-![Example user feedback item](../images/UR-example-feedback.png)
- 
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
deleted file mode 100644
index b200bd292e..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ /dev/null
@@ -1,80 +0,0 @@
----
-title: Upgrade Readiness requirements (Windows 10)
-ms.reviewer: 
-manager: laurawi
-description: Provides requirements for Upgrade Readiness.
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics,
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.localizationpriority: medium
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness requirements
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This article introduces concepts and steps needed to get up and running with Upgrade Readiness. We recommend that you review this list of requirements before getting started as you may need to collect information, such as account credentials, and get approval from internal IT groups, such as your network security group, before you can start using Upgrade Readiness.
-
-## Supported upgrade paths
-
-### Windows 7 and Windows 8.1
-
-To perform an in-place upgrade, user computers must be running the latest version of either Windows 7 SP1 or Windows 8.1. After you enable Windows diagnostic data, Upgrade Readiness performs a full inventory of computers so that you can see which version of Windows is installed on each computer.
-
-The compatibility update that sends diagnostic data from user computers to Microsoft data centers works with Windows 7 SP1 and Windows 8.1 only. Upgrade Readiness cannot evaluate Windows XP or Windows Vista for upgrade eligibility.
-
-<!--With Windows 10, edition 1607, the compatibility update is installed automatically.-->
-
-If you need to update user computers to Windows 7 SP1 or Windows 8.1, use Windows Update or download and deploy the applicable package from the Microsoft Download Center.
-
-> [!NOTE]
-> Upgrade Readiness is designed to best support in-place upgrades. In-place upgrades do not support migrations from BIOS to UEFI or from 32-bit to 64-bit architecture. If you need to migrate computers in these scenarios, use the wipe-and-reload method. Upgrade Readiness insights are still valuable in this scenario, however, you can ignore in-place upgrade specific guidance.
-
-See [Windows 10 Specifications](https://www.microsoft.com/windows/windows-10-specifications) for additional information about computer system requirements.
-
-### Windows 10
-
-Keeping Windows 10 up to date involves deploying a feature update, and Upgrade Readiness tools help you prepare and plan for these Windows updates.
-The latest cumulative updates must be installed on Windows 10 computers to make sure that the required compatibility updates are installed. You can find the latest cumulative update on the [Microsoft Update Catalog](https://catalog.update.microsoft.com).
-
-While Upgrade Readiness can be used to assist with updating devices from Windows 10 Long-Term Servicing Channel (LTSC) to Windows 10 Semi-Annual Channel, Upgrade Readiness does not support updates to Windows 10 LTSC. The Long-Term Servicing Channel of Windows 10 is not intended for general deployment, and does not receive feature updates, therefore it is not a supported target with Upgrade Readiness. See [Windows as a service overview](../update/waas-overview.md#long-term-servicing-channel) to understand more about LTSC.
-
-## Operations Management Suite or Azure Log Analytics
-
-Upgrade Readiness is offered as a solution in Azure Portal and Azure Log Analytics, a collection of cloud-based services for managing on premises and cloud computing environments. For more information about Azure Portal, see [Windows Analytics in the Azure Portal](../update/windows-analytics-azure-portal.md) or the Azure [Log Analytics overview](https://azure.microsoft.com/services/log-analytics/).
-
-If you’re already using Azure Portal or Azure Log Analytics, you’ll find Upgrade Readiness in the Solutions Gallery. Click the **Upgrade Readiness** tile in the gallery and then click **Add** on the solution’s details page. Upgrade Readiness is now visible in your workspace.
-
-If you are not using Azure Portal or Azure Log Analytics, go to [Log Analytics](https://azure.microsoft.com/services/log-analytics/) on Microsoft.com and select **Start free** to start the setup process. During the process, you’ll create a workspace and add the Upgrade Readiness solution to it.
-
->[!IMPORTANT]
->You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work or School account when you sign in to Azure Portal. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in Azure Portal. You also need an Azure subscription to link to your Azure Portal workspace. The account you used to create the workspace must have administrator permissions on the Azure subscription in order to link the workspace to the Azure account. Once the link has been established, you can revoke the administrator permissions.
-
-## System Center Configuration Manager integration
-
-Upgrade Readiness can be integrated with your installation of Configuration Manager. For more information, see [Integrate Upgrade Readiness with System Center Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics).
-
-
-
-## Important information about this release
-
-Before you get started configuring Upgrade Readiness, review the following tips and limitations about this release.
-
-**Upgrade Readiness does not support on-premises Windows deployments.** Upgrade Readiness is built as a cloud service, which allows Upgrade Readiness to provide you with insights based on the data from user computers and other Microsoft compatibility services. Cloud services are easy to get up and running and are cost-effective because there is no requirement to physically implement and maintain services on-premises.
-
-**In-region data storage requirements.** Windows diagnostic data from user computers is encrypted, sent to, and processed at Microsoft-managed secure data centers located in the US. Our analysis of the upgrade readiness-related data is then provided to you through the Upgrade Readiness solution in Azure Portal. Upgrade Readiness is supported in all Azure regions; however, selecting an international Azure region does not prevent diagnostic data from being sent to and processed in Microsoft's secure data centers in the US.
-
-### Tips
-
-- When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export a list with fewer items.
-
-- Sorting data by clicking a column heading may not sort your complete list of items. For information about how to sort data in Azure Portal, see [Sorting DocumentDB data using Order By](https://azure.microsoft.com/documentation/articles/documentdb-orderby).
-
-## Get started
-
-See [Get started with Upgrade Readiness](upgrade-readiness-get-started.md) for detailed, step-by-step instructions for configuring Upgrade Readiness and getting started on your Windows upgrade project.
diff --git a/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md b/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md
deleted file mode 100644
index d657b61baa..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md
+++ /dev/null
@@ -1,220 +0,0 @@
----
-title: Upgrade Readiness - Resolve application and driver issues (Windows 10)
-ms.reviewer: 
-manager: laurawi
-description: Describes how to resolve application and driver issues that can occur during an upgrade with Upgrade Readiness.
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.localizationpriority: medium
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness - Step 2: Resolve app and driver issues
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-This section of the Upgrade Readiness workflow reports application and driver inventory and shows you which applications have known issues, which applications have no known issues, and which drivers have issues. We identify applications and drivers that need attention and suggest fixes when we know about them.
-
-## In this section
-
-The blades in the **Step 2: Resolve issues** section are:
-
-- [Review applications with known issues](#review-applications-with-known-issues)
-- [Review known driver issues](#review-drivers-with-known-issues)
-- [Review low-risk apps and drivers](#review-low-risk-apps-and-drivers)
-- [Prioritize app and driver testing](#prioritize-app-and-driver-testing)
-
->You can change an application’s upgrade decision and a driver’s upgrade decision from the blades in this section. To change an application’s or a driver’s importance level, select **User changes**. Select the item you want to change and then select the appropriate option from the **Select upgrade decision** list.
-
-Upgrade decisions include:
-
-
-|  Upgrade decision  |                                                                                                                                                                  When to use it                                                                                                                                                                  |                                                                                                                                                                                                                                                   Guidance                                                                                                                                                                                                                                                   |
-|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|    Not reviewed    |                                                                             All drivers are marked as Not reviewed by default.<br><br>Any app that has not been marked **Low install count** will also have an upgrade decision of **Not reviewed** by default. <br>                                                                             |                                                                                                                        Apps you have not yet reviewed or are waiting to review later should be marked as **Not reviewed**. When you start to investigate an application or a driver to determine upgrade readiness, change their upgrade decision to **Review in progress**.<br><br>                                                                                                                         |
-| Review in progress | When you start to investigate an application or a driver to determine upgrade readiness, change its upgrade decision to **Review in progress**.<br><br>Until you’ve determined that applications and drivers will migrate successfully or you’ve resolved blocking issues, leave the upgrade decision status as **Review in progress**. <br><br> |                                                                                                                                                                        Once you’ve fixed any issues and validated that the application or driver will migrate successfully, change the upgrade decision to **Ready to upgrade**. <br>                                                                                                                                                                        |
-|  Ready to upgrade  |                                                                        Mark applications and drivers **Ready to upgrade** once you’ve resolved all blocking issues and you’re confident that they will upgrade successfully, or if you’ve decided to upgrade them as-is.                                                                         | Applications with no known issues and with low installation rates are marked **Ready to upgrade** by default.<br><br>In Step 1, you might have marked some of your apps as **Ignore**.  These should be marked as **Ready to upgrade**. Apps with low installation rates are marked as **Ready to upgrade** by default.  Be sure to review any low install count applications for any business critical or important applications that are not yet upgrade-ready, despite their low installation rates. <br> |
-|   Won’t upgrade    |                                    By default, no applications or drivers are marked **Won’t upgrade** because only you can make that determination. <br><br>Use **Won’t upgrade** for applications and drivers that you do not work on your target operating system, or that you are unable to upgrade.<br>                                     |                                                                                                                                                                         If, during your investigation into an application or driver, you determine that they should not or cannot be upgraded, mark them **Won’t upgrade**. <br><br>                                                                                                                                                                         |
-
-As you review applications with known issues, you can also see ISV support statements or applications using [Ready for Windows](https://www.readyforwindows.com/).
-
-## Review applications with known issues
-
-Applications with issues known to Microsoft are listed, grouped by upgrade assessment into **Attention needed** or **Fix available**.
-
-<!-- PRESERVING ORIGINAL IMAGE CODING JUST IN CASE
-<img src="media/image6.png" width="192" height="321" />
--->
-
-![Review applications with known issues](../images/upgrade-analytics-apps-known-issues.png)
-
-To change an application's upgrade decision:
-
-1. Select **Decide upgrade readiness** to view applications with issues. 
-2. In the table view, select an **UpgradeDecision** value. 
-3. Select **Decide upgrade readiness** to change the upgrade decision for each application.
-4. Select the applications you want to change to a specific upgrade decision and then select the appropriate option from the **Select upgrade decision** list.
-5. Click **Save** when finished.  
-
-IMPORTANT: Ensure that you have the most recent versions of the compatibility update and related KBs installed to get the most up-to-date compatibility information.
-
-For applications assessed as **Attention needed**, review the table below for details about known issues and for guidance about how to resolve them, when possible.
-
-| Upgrade Assessment | Action required prior to upgrade? | Issue     | What it means   | Guidance   |
-|--------------------|-----------------------------------|-----------|-----------------|------------|
-| Attention needed   | No                                | Application is removed during upgrade              | Compatibility issues were detected and the application will not migrate to the new operating system. <br>                                                                                                                                             | No action is required for the upgrade to proceed.                                                                                                                                                                                                                                                                                                                                         |
-| Attention needed   | Yes                               | Blocking upgrade                                   | Blocking issues were detected and Upgrade Readiness is not able to remove the application during upgrade. <br><br>The application may work on the new operating system.<br>                                                                       | Remove the application before upgrading, and reinstall and test on new operating system.                                                                                                                                                                                                                                                                                                  |
-| Attention needed   | No                                | Evaluate application on new OS                     | The application will migrate, but issues were detected that may impact its performance on the new operating system.                                                                                                                                     | No action is required for the upgrade to proceed, but be sure to test the application on the new operating system.<br>                                                                                                                                                                                                                                                                  |
-| Attention needed   | No                                | Does not work with new OS, but won’t block upgrade | The application is not compatible with the new operating system, but won’t block the upgrade.                                                                                                                                                           | No action is required for the upgrade to proceed, however, you’ll have to install a compatible version of the application on the new operating system.<br>                                                                                                                                                                                                                              |
-| Attention needed   | Yes                               | Does not work with new OS, and will block upgrade  | The application is not compatible with the new operating system and will block the upgrade.                                                                                                                                                             | Remove the application before upgrading. <br><br>A compatible version of the application may be available.<br>                                                                                                                                                                                                                                                                      |
-| Attention needed   | Yes                               | May block upgrade, test application                | Issues were detected that may interfere with the upgrade, but need to be investigated further.<br>                                                                                                                                                    | Test the application’s behavior during upgrade. If it blocks the upgrade, remove it before upgrading and reinstall and test it on the new operating system.<br>                                                                                                                                                                                                                         |
-| Attention needed   | Maybe                             | Multiple                                           | Multiple issues are affecting the application. See detailed view for more information.| When you see Multiple in the query detailed view, click **Query** to see details about what issues were detected with the different versions of the application. |
-
-For applications assessed as **Fix available**, review the table below for details about known issues and ways to fix them that are known to Microsoft.
-
-| Upgrade Assessment | Action required prior to upgrade? | Issue    | What it means   | Guidance    |
-|--------------------|-----------------------------------|----------|-----------------|-------------|
-| Fix available      | Yes                               | Blocking upgrade, update application to newest version   | The existing version of the application is not compatible with the new operating system and won’t migrate. A compatible version of the application is available.   | Update the application before upgrading.                                                             |
-| Fix available      | No                                | Reinstall application after upgrading                    | The application is compatible with the new operating system, but must be reinstalled after upgrading. The application is removed during the upgrade process.<br> | No action is required for the upgrade to proceed. Reinstall application on the new operating system. |
-| Fix available      | Yes                               | Blocking upgrade, but can be reinstalled after upgrading | The application is compatible with the new operating system, but won’t migrate.                                                                                    | Remove the application before upgrading and reinstall on the new operating system.<br>             |
-| Fix available      | Yes                               | Disk encryption blocking upgrade                         | The application’s encryption features are blocking the upgrade.                                                                                                    | Disable the encryption feature before upgrading and enable it again after upgrading.<br>           |
-
-### ISV support for applications with Ready for Windows
-
-[Ready for Windows](https://www.readyforwindows.com/) lists software solutions that are supported and in use for Windows 10. This site leverages data about application adoption from commercial Windows 10 installations and helps IT managers upgrade to Windows 10 with confidence. For more information, see [Ready for Windows Frequently Asked Questions](https://developer.microsoft.com/windows/ready-for-windows/#/faq/). 
-
-Click **Review Applications With Known Issues** to see the status of applications for Ready for Windows and corresponding guidance. For example:
-
-![Upgrade analytics Ready for Windows status](../images/upgrade-analytics-ready-for-windows-status.png)
-
-If there are known issues with an application, the specific guidance for that known issue takes precedence over the Ready for Windows guidance.
-
-![Upgrade analytics Ready for Windows status guidance precedence](../images/upgrade-analytics-ready-for-windows-status-guidance-precedence.png)
-
-If you query with RollupLevel="NamePublisher", each version of the application can have a different status for Ready for Windows. In this case, different values appear for Ready for Windows. 
-
-![Name publisher rollup](../images/upgrade-analytics-namepub-rollup.png)
-
-> [!TIP]
-> Within the Upgrade Readiness data model, an object of Type **UAApp** refers to a particular application installed on a specific computer.  
-> 
-> To support dynamic aggregation and summation of data the Upgrade Readiness solution "rolls up" (aggregates) data in preprocessing.  Rolling up to the **Granular** level enables display of the **App** level.  In Upgrade Readiness terminology, an **App** is a unique combination of: app name, app vendor, app version, and app language.  Thus, at the Granular level, you can see attributes such as **total install count**, which is the number of machines with a specific **App** installed.
-> 
-> Upgrade Readiness also has a roll up level of **NamePublisher**, This level enables you to ignore different app versions within your organization for a particular app.  In other words, **NamePublisher** displays statistics about a given app, aggregated across all versions.
-
-The following table lists possible values for **ReadyForWindows** and what they mean. For more information, see [What does the Adoption Status mean?](https://developer.microsoft.com/windows/ready-for-windows#/faq/?scrollTo=faqStatuses)
-
-| Ready for Windows Status | Query rollup level | What this means | Guidance |
-|-------------------|--------------------------|-----------------|----------|
-|Supported version available    | Granular | The software provider has declared support for one or more versions of this application on Windows 10. | The ISV has declared support for a version of this application on Windows 10. |
-|  Highly adopted | Granular | This version of this application has been highly adopted within the Windows 10 Enterprise ecosystem. | This application has been installed on at least 100,000 commercial Windows 10 devices. | 
-| Adopted   | Granular | This version of this application has been adopted within the Windows 10 Enterprise ecosystem. | This application has been installed on at least 10,000 commercial Windows 10 devices. |
-| Insufficient Data | Granular | Too few commercial Windows 10 devices are sharing information about this version of this application for Microsoft to categorize its adoption. | N/A |
-| Contact developer | Granular | There may be compatibility issues with this version of the application, so Microsoft recommends contacting the software provider to learn more. | Check [Ready for Windows](https://www.readyforwindows.com/) for additional information.|
-|Supported version available | NamePublisher | The software provider has declared support for this application on Windows 10. | The ISV has declared support for a version of this application on Windows 10.|
-|Adoption status available | NamePublisher | A Ready for Windows adoption status is available for one or more versions of this application. Please check Ready for Windows to learn more. |Check [Ready for Windows](https://www.readyforwindows.com/) for adoption information for this application.|
-| Unknown | Any | There is no Ready for Windows information available for this version of this application. Information may be available for other versions of the application at [Ready for Windows](https://www.readyforwindows.com/). | N/A |
-
-## Review drivers with known issues
-
-Drivers that won’t migrate to the new operating system are listed, grouped by availability.
-
-![Review drivers with known issues](../images/upgrade-analytics-drivers-known.png)
-
-Availability categories are explained in the table below.
-
-| Driver availability   | Action required before or after upgrade? | What it means  | Guidance     |
-|-----------------------|------------------------------------------|----------------|--------------|
-| Available in-box                         | No, for awareness only                   | The currently installed version of an application or driver won’t migrate to the new operating system; however, a compatible version is installed with the new operating system.<br>                         | No action is required for the upgrade to proceed.                                                                                                                     |
-| Import from Windows Update               | Yes                                      | The currently installed version of a driver won’t migrate to the new operating system; however, a compatible version is available from Windows Update.<br>                                                   | If the computer automatically receives updates from Windows Update, no action is required. Otherwise, import a new driver from Windows Update after upgrading. <br> |
-| Available in-box and from Windows Update | Yes                                      | The currently installed version of a driver won’t migrate to the new operating system. <br><br>Although a new driver is installed during upgrade, a newer version is available from Windows Update. <br> | If the computer automatically receives updates from Windows Update, no action is required. Otherwise, import a new driver from Windows Update after upgrading. <br> |
-| Check with vendor                        | Yes                                      | The driver won’t migrate to the new operating system and we are unable to locate a compatible version. <br>                                                                                                  | Check with the independent hardware vendor (IHV) who manufactures the driver for a solution.                                                                          |
-
-To change a driver’s upgrade decision:
-
-1.  Select **Decide upgrade readiness** and then select the group of drivers you want to review. Select **Table** to view the list in a table.
-
-2.  Select **User changes** to enable user input.
-
-3.  Select the drivers you want to change to a specific upgrade decision and then select the appropriate option from the **Select upgrade decision** list.
-
-4.  Click **Save** when finished.
-
-## Review low-risk apps and drivers
-
-Applications and drivers that are meet certain criteria to be considered low risk are displayed on this blade.
-
-![Blade showing low-risk apps](../images/ua-step2-low-risk.png)
-
-The first row reports the number of your apps that have an official statement of support on Windows 10 from the software vendor, so you can be confident that they will work on your target operating system.
-
-The second row (**Apps that are "Highly adopted"**) shows apps that have a ReadyForWindows status of "Highly adopted". This means that they have been installed on at least 100,000 commercial Windows 10 devices, and that Microsoft has not detected significant issues with the app in diagnostic data. Since these apps are prevalent in the ecosystem at large, you can be confident that they will work in your environment as well.
-
-Each row of the blade uses a different criterion to filter your apps or drivers. You can view a list of applications that meet the criterion by clicking into a row of the blade. For example, if you click the row that says "Apps that are 'Highly adopted'", the result is a list of apps that have a ReadyForWindows status of "Highly adopted". From here, you can bulk-select the results, select **Ready to upgrade**, and then click **Save**.  This will mark all apps meeting the "Highly adopted" criterion as "Ready to upgrade"--no further validation is required. Any applications that you have marked as *Mission critical* or *Business critical* are filtered out, as well as any app that has an issue known to Microsoft. This allows you to work with apps in bulk without having to worry about missing a critical app.
-
-You can customize the criteria further by using the Log Search query language. For example, if a ReadyForWindows status of "Adopted" is not sufficient by itself for you to be confident in an app's compatibility, you can add additional filters. To do this, click the row labeled **Apps that are 'Adopted'**.  Then, modify the resulting query to fit your company's risk tolerance. If, for example, you prefer that an app must be "Adopted" and have fewer than 1,000 installations, then add *TotalInstalls < 1000* to the end of the Log Search query. Similarly, you can append additional criteria by using other attributes such as monthly active users or app importance.
-
->[!NOTE]
->Apps that you have designated as *Mission critical* or *Business critical* are automatically **excluded** from the counts on this blade. If an app is critical, you should always validate it manually it prior to upgrading.
-
- At the bottom of the blade, the **OTHER APPS AND DRIVERS IN NEED OF REVIEW** section allows you to quickly access apps you have designated as **Mission critical** or **Business critical**, your remaining apps that still need to be reviewed, and your remaining drivers that need to be reviewed.
-
-
-
-## Prioritize app and driver testing
-
-Planning and executing an OS upgrade project can be overwhelming. When you are tasked with evaluating thousands of applications and drivers to ensure a successful upgrade, it can be difficult to decide where to start. The Upgrade Readiness solution provides valuable assistance for you, helping to determine the most important apps and drivers to unblock and enabling you yo create a proposed action plan.   
-
-### Proposed action plan
-
-The Upgrade Readiness proposed action plan is an optimally ordered list of apps and drivers that are in need of review.  By testing apps and drivers in the order suggested by the proposed action plan, you are able to increase your number of “Ready to upgrade” computers in an efficient manner.  The action plan can be a very powerful tool during upgrade planning – but it’s most helpful when it’s used correctly.  This topic explains the proposed action plan, describes how to use it, and calls out a few misconceptions and invalid use cases that you should avoid.
-
-The proposed action plan represents the order that Microsoft recommends you rationalize the upgrade-readiness of your apps and drivers.  By validating apps and drivers in the order proposed, you can ensure that you are testing efficiently.  
-
-Each item in the proposed action plan represents either an application or a driver that you have not yet marked “Ready to upgrade.”
-
->Since “Low install count” apps are automatically marked “Ready to upgrade”, you will not see any of these apps in the proposed action plan.  
-
-Each item in the plan has the following attributes: 
-
-| Attribute   | Description | Example value  |
-|-----------------------|------------------------------------------|----------------|
-| ItemRank | The location of this item in the context of the proposed action plan.  For example, the item with ItemRank 7 is the 7th item in the Plan.  It is crucial that the Plan is viewed in order by increasing ItemRank.  Sorting the Plan in any other way invalidates the insights that the Plan provides. | 7 | 
-| ItemType | Whether this item is an app or driver -- possible values are: "App" and "Driver." | App | 
-| ItemName | The name of the app or driver that is in need of review.  | Microsoft Visual C++ 2005 Redistributable (x64) | 
-| ItemVendor | The vendor of the app or driver.   | Microsoft Corporation | 
-| ItemVersion | The version of the app or driver.  | 12.1.0.1 | 
-| ItemLanguage | If this item is an application, then this field will be the language of the app.  If the item is a driver, then this will say "N/A." | English | 
-| ItemHardwareId | If this item is a driver, then this field will be the hardware id of the driver.  If the item is an app, then this will say "N/A." | N/A | 
-| Upgrade Decision | The upgrade decision you have provided for this app or driver.  If you have not defined an upgrade decision, then you will see the default value of “Not reviewed.”  | Review in progress | 
-| ComputersUnblocked | Assuming you have already marked all previous items in the proposed action plan “Ready to upgrade”, this represents the number of additional computers that will become “Ready to upgrade” by testing this app or driver and giving it an upgrade decision of “Ready to upgrade”.  For example, if ComputersUnblocked is 200, then resolving any issues associated with the app/driver in question will make 200 new computers “Ready to upgrade.” | 200 | 
-| CumulativeUnblocked | The total number of computers that will become “Ready to upgrade” if you validate and mark this and all prior items in the proposed action plan “Ready to upgrade”.  For example, if ItemRank is 7, and CumulativeUnblocked is 950, then fixing items 1 thru 7 in the proposed action plan will cause 950 of your computers to become “Ready to upgrade.” | 950 | 
-| CumulativeUnblockedPct | The percentage of your machines that will become “Ready to upgrade” if you make this and all prior items in the proposed action plan “Ready to upgrade.” | 0.24 |   
-
-See the following example action plan items (click the image for a full-size view):
-
-<A HREF="../images/UR-lift-report.jpg">![Proposed action plan](../images/UR-lift-report.jpg)</A>
-
-<BR>
-In this example, the 3rd item is an application: <strong>Microsoft Bing Sports</strong>, a modern app, version <strong>4.20.951.0</strong>, published by Microsoft.  By validating this app and making its UpgradeDecision “Ready to upgrade”, you can potentially make <strong>1014</strong> computers “Ready to upgrade” – but only after you have already validated items 1 and 2 in the list.  By marking items 1, 2, and 3 “Ready to upgrade”, 14779 of your computers will become upgrade-ready.  This represents 10.96% of the machines in this workspace.  
-
-#### Using the proposed action plan
-
-There are several valid use cases for the proposed action plan.  But it’s always important to remember that the information presented in the Plan is only accurate when sorted by increasing Item Rank!  Here are three potential cases in which you could use the proposed action plan: 
-
-1. Quickly determine how many apps and drivers you’ll need to validate in order to make x% of your computers upgrade-ready.  To determine this, simply find the first item in the Plan with a CumulativeUnblockedPct greater than or equal to your desired percentage of upgrade-ready computers.  The corresponding ItemRank represents the smallest number of apps and drivers that you can validate in order to reach your upgrade readiness goal.  The prior items in the proposed action plan itself represent the most efficient route to reaching your goal. 
-
-2. Use the proposed action plan to prepare a small portion of your machines for a pilot of your target Operating System.  Let’s say you want to test a new Operating System by upgrading a few hundred computers.  You can use the proposed action plan to determine how many apps and drivers you will need to validate before you can be confident that your pilot will be successful.   
-
-3. If your project deadline is approaching and you only have time to validate a few more apps and drivers, you can use the proposed action plan to determine which apps and drivers you should focus on to maximize the number of computers that you can confidently upgrade. 
-
-#### Misconceptions and things to avoid
-
-The most common misconceptions about the proposed action plan involve the assumption that each item in the plan is independent of those around it.  The apps and drivers in the plan must be considered in the correct order to draw valid conclusions.  For example, if you choose to validate items 1, 3, 4, and 5 and mark each of them “Ready to upgrade,” the proposed action plan cannot tell you how many computers will become upgrade-ready as a result of your testing.  Even the non-cumulative “ComputersUnblocked” count is dependent upon all prior issues having already been resolved.   
-
-If an item with ItemRank = 7 has a ComputersUnblocked value of 50, do not assume that 50 of your computers will become upgrade-ready if you test this item.  However, if you validate items 1 through 6 in the plan, you can make an additional 50 computers upgrade-ready by validating the 7th item in the plan. 
diff --git a/windows/deployment/upgrade/upgrade-readiness-target-new-OS.md b/windows/deployment/upgrade/upgrade-readiness-target-new-OS.md
deleted file mode 100644
index 314fd7a5a2..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-target-new-OS.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Upgrade Readiness - Targeting a new operating system version
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Explains how to run Upgrade Readiness again to target a different operating system version or bulk-approve all apps from a given vendor
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Targeting a new operating system version
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-After you've used Upgrade Readiness to help deploy a given version of Windows 10, you might want to use it again to help deploy a newer version of Windows 10. When you change the target operating system version (as described in [Use Upgrade Readiness to manage Windows upgrades](use-upgrade-readiness-to-manage-windows-upgrades.md#target-version)), the app states (Importance, AppOwner, UpgradeDecision, TestPlan, and TestResult) are not reset. Follow this guidance to preserve or reset these states as needed: 
- 
-## TestResults
-
-If you want to preserve the TestResults from the previous operating system version testing, there is nothing you need to do.
- 
-If you want to reset them, click any of the rows in the **Prioritize Application** blade (described in [Upgrade Readiness - Step 1: Identify important apps](upgrade-readiness-identify-apps.md)). This will take you to the **Log Search** user experience. Replace the query in that window with the following query:
- 
-`search in (UAApp) IsRollup == true and RollupLevel == "Granular" and TestResult <> "Not started"`
- 
-After a short period of time, you will see the "user input" perspective render, which will let you bulk-edit the results. Select the check box in the table header, click the **bulk edit** button, and then set the **TestResult** to *Not started*. Leave all other fields as they are.
-  
-## UpgradeDecision
- 
-If you want to preserve the UpgradeDecision from the previous operating system version testing, there is nothing you need to do. 
- 
-If you want to reset them, keep these important points in mind:
- 
-- Make sure to *not* reset the **Ready to upgrade** decision for the "long tail" of apps that have importance of **Ignore** or **Low install count**. Doing this will make it extremely difficult to complete the Upgrade Readiness workflow.
-- Decide which decisions to reset. For example, one option is just to reset the decisions marked **Ready to upgrade** (in order to retest those), while preserving states of apps marked **Won't upgrade**. Doing this means you won't lose track of this previous marking. Or you can reset everything.
- 
-To do this, type the following query in **Log Search**:
- 
-`search in (UAApp) IsRollup == true and RollupLevel == "Granular" and Importance <> "Ignore" and Importance <> "Low install count" and UpgradeDecision == "Ready to upgrade"` 
-
->[!NOTE]
->If you just want to reset all **UpgradeDecision** values, you can simply remove `'and UpgradeDecision == "Ready to upgrade"` from the query.
-
-After a short period of time, you will see the "user input" perspective render, which will let you bulk-edit the results. Select the check box in the table header, click the **bulk edit** button, and then set the **UpgradeDecision** to *Not reviewed*. Leave all other fields as they are.
- 
- 
-## Bulk-approving apps from a given vendor
- 
-You can bulk-approve all apps from a given vendor (for example, Microsoft) if there are no known compatibility issues. To do this, type the following query in **Log Search**:
- 
-`search in (UAApp) IsRollup == true and RollupLevel == "Granular" and AppVendor has "Microsoft" and UpgradeAssessment=="No known issues" and UpgradeDecision<>"Ready to upgrade"`
- 
-After a short period of time, you will see the "user input" perspective render, which will let you bulk-edit the results. Select the check box in the table header, click the **bulk edit" button**, and then set the **UpgradeDecision** to *Ready to upgrade*. Leave all other fields as they are.
-
-## Related topics
-
-[Windows Analytics overview](../update/windows-analytics-overview.md)
-
-[Manage Windows upgrades with Upgrade Readiness](manage-windows-upgrades-with-upgrade-readiness.md)
-
-[Get started with Upgrade Readiness](upgrade-readiness-get-started.md)
-
diff --git a/windows/deployment/upgrade/upgrade-readiness-upgrade-overview.md b/windows/deployment/upgrade/upgrade-readiness-upgrade-overview.md
deleted file mode 100644
index 5a4b7b9357..0000000000
--- a/windows/deployment/upgrade/upgrade-readiness-upgrade-overview.md
+++ /dev/null
@@ -1,77 +0,0 @@
----
-title: Upgrade Readiness - Upgrade Overview (Windows 10)
-ms.reviewer: 
-manager: laurawi
-ms.author: jaimeo
-description: Displays the total count of computers sharing data and upgraded.
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.topic: article
-ms.collection: M365-analytics
----
-
-# Upgrade Readiness - Upgrade overview
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
-The first blade in the Upgrade Readiness solution is the upgrade overview blade. This blade displays the total count of computers sharing data with Microsoft, and the count of computers upgraded. As you successfully upgrade computers, the count of computers upgraded increases.
-
-The upgrade overview blade displays data refresh status, including the date and time of the most recent data update and whether user changes are reflected. The upgrade overview blade also displays the current target OS version.  For more information about the target OS version, see [target version](use-upgrade-readiness-to-manage-windows-upgrades.md#target-version).
-
-The following color-coded status changes are reflected on the upgrade overview blade:
-
-- The "Last updated" banner:
-    - No delay in processing device inventory data = "Last updated" banner is displayed in green.
-    - Delay processing device inventory data = "Last updated" banner is displayed in amber.
-- Computers with incomplete data:
-    - Less than 4% = Count is displayed in green.
-    - 4% - 10% = Count is displayed in amber.
-    - Greater than 10%  = Count is displayed in red.
-- Computers with outdated KB:
-    - Less than 10% = Count is displayed in green.
-    - 10% - 30% = Count is displayed in amber.
-    - Greater than 30%  = Count is displayed in red.
-- User changes:
-    - Pending user changes = User changes count displays "Data refresh pending" in amber.
-    - No pending user changes = User changes count displays "Up to date" in green.
-- Target version:
-    - If the current value matches the recommended value, the version is displayed in green.
-    - If the current value is an older OS version than the recommended value, but not deprecated, the version is displayed in amber.
-    - If the current value is a deprecated OS version, the version is displayed in red.
-
-Click a row to drill down and see details about individual computers. If updates are missing, see [Enrolling devices in Windows Analytics](../update/windows-analytics-get-started.md) for information on required updates.
-
-In the following example, there is no delay in data processing, more than 10% of computers (6k\8k) have incomplete data, more than 30% of computers (6k/8k) require an update, there are no pending user changes, and the currently selected target OS version is the same as the recommended version:
-
-![Upgrade overview](../images/ur-overview.png)
-
-<!-- PRESERVING ORIGINAL IMAGE CODING JUST IN CASE
-<img src="media/image3.png" width="214" height="345" />
--->
-
-If data processing is delayed, the "Last updated" banner will indicate the date on which data was last updated. You can continue using your workspace as normal. However, any changes or additional information that is added might not be displayed until data is refreshed. When your workspace is in this state, there is no action required; data is typically refreshed and the display will return to normal again within 24 hours. 
-
-If there are computers with incomplete data, verify that you have installed the latest compatibility updates. Install the updates if necessary and then run the most recent [Upgrade Readiness deployment script](https://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409) from the Microsoft download center. The updated data payload should appear in Upgrade Readiness within 48 hours of a successful run on the deployment script.
-
-Select **Total computers** for a list of computers and details about them, including:
-
--   Computer ID and computer name
--   Computer manufacturer
--   Computer model
--   Operating system version and build
--   Count of system requirement, application, and driver issues per computer
--   Upgrade assessment based on analysis of computer diagnostic data
--   Upgrade decision status
-
-Select **Total applications** for a list of applications discovered on user computers and details about them, including:
-
--   Application vendor
--   Application version
--   Count of computers the application is installed on
--   Count of computers that opened the application at least once in the past 30 days
--   Percentage of computers in your total computer inventory that opened the application in the past 30 days
--   Issues detected, if any
--   Upgrade assessment based on analysis of application data
--   Rollup level
diff --git a/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md b/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md
deleted file mode 100644
index f2fffff9ad..0000000000
--- a/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: Use Upgrade Readiness to manage Windows upgrades (Windows 10)
-ms.reviewer: 
-manager: laurawi
-description: Describes how to use Upgrade Readiness to manage Windows upgrades.
-keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
-ms.localizationpriority: medium
-ms.prod: w10
-audience: itpro
-author: jaimeo
-ms.author: jaimeo
-ms.topic: article
----
-
-# Use Upgrade Readiness to manage Windows upgrades
-
->[!IMPORTANT]
->The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Get started with Update Compliance](../update/update-compliance-get-started.md) will continue to be supported. For more information, see [Windows Analytics retirement on January 31, 2020](https://support.microsoft.com/help/4521815/windows-analytics-retirement).
-
->[!IMPORTANT]
->>**The OMS portal has been deprecated, so you need to switch to the [Azure portal](https://portal.azure.com) now.** The two portals offer the same experience, with some key differences. Learn how to use [Windows Analytics in the Azure Portal](../update/windows-analytics-azure-portal.md). Find out more about the [OMS portal moving to Azure](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-portal-transition), or jump right in and [Get started with Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-get-started).
-
-You can use Upgrade Readiness to prioritize and work through application and driver issues, assign and track issue resolution status, and identify computers that are ready to upgrade. Upgrade Readiness enables you to deploy Windows with confidence, knowing that you’ve addressed potential blocking issues.
-
-- Based on diagnostic data from user computers, Upgrade Readiness identifies application and driver compatibility issues that may block Windows upgrades, allowing you to make data-driven decisions about your organization’s upgrade readiness.
-- Information is refreshed daily so you can monitor upgrade progress. Any changes your team makes, such as assigning application importance and marking applications as ready to upgrade, are reflected 24 hours after you make them.
-
-When you are ready to begin the upgrade process, a workflow is provided to guide you through critical high-level tasks. 
-
-<A HREF="../images/ua-cg-15.png">![Series of blades showing Upgrade Overview, Step 1: Identify Important Apps, Prioritize Applications, Step 2: Resolve issues, and Review applications with known issues](../images/ua-cg-15.png)</A>
-
-Blue tiles enumerate each step in the workflow. White tiles show data to help you get started, to monitor your progress, and to complete each step.
->**Important**: You can use the [Target version](#target-version) setting to evaluate computers that are running a specified version of Windows before starting the Upgrade Readiness workflow. By default, the Target version is configured to the released version of Windows 10 for the Semi-Annual Channel.
-
-The following information and workflow is provided:
-
-- [Upgrade overview](upgrade-readiness-upgrade-overview.md): Review compatibility and usage information about computers, applications, and drivers.
-- [Step 1: Identify important apps](upgrade-readiness-identify-apps.md): Assign importance levels to prioritize your applications.
-- [Step 2: Resolve issues](upgrade-readiness-resolve-issues.md): Identify and resolve problems with applications.
-- [Step 3: Deploy](upgrade-readiness-deploy-windows.md): Start the upgrade process.
-
-Also see the following topic for information about additional items that can be affected by the upgrade process: 
-
-- [Additional insights](upgrade-readiness-additional-insights.md): Find out which MS Office add-ins are installed, and review web site activity.
-
-## Target version
-
-The target version setting is used to evaluate the number of computers that are already running the default version of Windows 10, or a later version. The target version of Windows 10 is displayed on the upgrade overview tile. See the following example:
-
-![Upgrade overview showing target version](../images/ur-target-version.png)
-
-The default target version in Upgrade Readiness is set to the released version of the Semi-Annual Channel. Check [Windows 10 release information](https://technet.microsoft.com/windows/release-info.aspx) to learn the current version in the Semi-Annual Channel. The target version setting is used to evaluate the number of computers that are already running this version of Windows, or a later version. 
-
-The number displayed under **Computers upgraded** in the Upgrade Overview blade is the total number of computers that are already running the same or a later version of Windows compared to the target version. It also is used in the evaluation of apps and drivers: Known issues and guidance for the apps and drivers in Upgrade Readiness is based on the target operating system version.
-
-You can change the Windows 10 version you want to target. All currently supported versions of Windows 10 are available options.
-
-To change the target version setting, click on **Solutions Settings**, which appears at the top when you open you Upgrade Readiness solution:
-
-![Upgrade Readiness dialog showing gear labeled Solution Settings](../images/ua-cg-08.png)
-
->You must be signed in to Upgrade Readiness as an administrator to view settings.
-
-On the **Upgrade Readiness Settings** page, choose one of the options in the drop down box and click **Save**. The changes in the target version setting are reflected in evaluations when a new snapshot is uploaded to your workspace.
-
-![Upgrade Readiness Settings dialog showing gear labeled Save and arrow labeled Cancel](../images/ur-settings.png)

From 38744145ce535846f550441dc796a1d64e6a15bc Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:26:20 -0800
Subject: [PATCH 198/247] Update tvm-security-recommendation.md

---
 .../microsoft-defender-atp/tvm-security-recommendation.md        | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
index 112dd7f664..b9749ad819 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
@@ -111,6 +111,7 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
 - [Scenarios](threat-and-vuln-mgt-scenarios.md) 
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
 - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
 - [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
 - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
 - [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)

From 717e8490d1789c1b074ff93ab18caca7982255c9 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:26:56 -0800
Subject: [PATCH 199/247] Update tvm-software-inventory.md

---
 .../microsoft-defender-atp/tvm-software-inventory.md             | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
index 63d7cc7f56..4428d8a925 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
@@ -74,6 +74,7 @@ You can report a false positive when you see any vague, inaccurate version, inco
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
 - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
 - [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 - [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)

From 7b444a3ec0122428c6f3afcc216b49fc8e6eb1dd Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:27:20 -0800
Subject: [PATCH 200/247] Update tvm-weaknesses.md

---
 .../threat-protection/microsoft-defender-atp/tvm-weaknesses.md   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
index 84c9dd892e..1ffd2a0270 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
@@ -134,6 +134,7 @@ You can report a false positive when you see any vague, inaccurate, missing, or
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
 - [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
 - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
 - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 - [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)

From 506b78e1a956bf52dbbbc91b41ce11f676e52b4f Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:28:08 -0800
Subject: [PATCH 201/247] Update threat-and-vuln-mgt-scenarios.md

---
 .../microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md      | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index fbe6fcb05e..fbefb996b8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -212,6 +212,7 @@ After you have identified which software and software versions are vulnerable du
 - [Advanced hunting overview](overview-hunting.md)
 - [All advanced hunting tables](advanced-hunting-reference.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
 - [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
 - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)

From 593ee2c90aed66dc8d0d60cd2cb74dd0b8c48f76 Mon Sep 17 00:00:00 2001
From: LauraKellerGitHub <v-lakell@microsoft.com>
Date: Wed, 29 Jan 2020 11:28:12 -0800
Subject: [PATCH 202/247] review change requests completed

---
 ...manage-surface-driver-and-firmware-updates.md | 16 ++++------------
 ...ration-manager-to-manage-devices-with-semm.md |  2 +-
 ...ut-microsoft-application-virtualization-45.md |  2 +-
 3 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index a121254198..a3aed38191 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -31,9 +31,9 @@ While enterprise-grade software distribution solutions continue to evolve, the b
 
 Microsoft has streamlined tools for managing devices – including driver and firmware updates -- into a single unified experience called [Microsoft Endpoint Manager admin center](https://devicemanagement.microsoft.com/) accessed from devicemanagement.microsoft.com.
 
-### Manage updates with Endpoint Configuration Manager and Intune
+### Manage updates with Configuration Manager and Intune
 
-Microsoft Endpoint Configuration Manager, formerly System Center Configuration Manager, allows you to synchronize and deploy Surface firmware and driver updates with the Configuration Manager client. Integration with Microsoft Intune lets you see all your managed, co-managed and partner-managed devices in one place. This is the recommended solution for large organizations to manage Surface updates.
+Microsoft Endpoint Configuration Manager allows you to synchronize and deploy Surface firmware and driver updates with the Configuration Manager client. Integration with Microsoft Intune lets you see all your managed, co-managed and partner-managed devices in one place. This is the recommended solution for large organizations to manage Surface updates.
  
 For detailed steps, see the following resources:
 
@@ -44,13 +44,13 @@ For detailed steps, see the following resources:
 
 ### Manage updates with Microsoft Deployment Toolkit
 
-Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. MDT includes the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/download/details.aspx?id=54259).
+Included in Microsoft Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. MDT includes the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/download/details.aspx?id=54259).
  
 For detailed steps, see the following resources:
 
 Surface driver and firmware updates are packaged as Windows Installer (MSI) files. To deploy these Windows Installer packages, you can use application deployment utilities such as the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager. Such solutions provide the means for administrators to test and review updates before deploying them, and to centralize deployment. For each device, it is important to select the correct MSI file for the device and its operating system. For more information see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
 
-For instructions on how to deploy updates by using Microsoft Endpoint Configuration Manager, formerly System Center Configuration Manager, refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
+For instructions on how to deploy updates by using Microsoft Endpoint Configuration Manager refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
 - [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)
 - [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
 - [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/surface/deploy-windows-10-to-surface-devices-with-mdt)  
@@ -70,20 +70,13 @@ Downloadable MSI files are available for Surface devices from Surface Pro 2 and
 With Device Firmware Configuration Interface (DFCI) profiles built into Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For more information, see:
  
 
-<<<<<<< HEAD
-The process of deploying firmware updates during an operating system deployment is straightforward. You can import the firmware and driver pack into either Configuration Manager or MDT, and use them to deploy a fully updated environment to a target Surface device, complete with firmware. For a complete step-by-step guide to using MDT to deploy Windows to a Surface device, see [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](deploy-windows-10-to-surface-devices-with-mdt.md).
-=======
 - [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
 - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
->>>>>>> cc940ec694b53cac21b19f68969029c390ff3fe0
 
 ## Best practices for update deployment processes
 
 To maintain a stable environment and keep users productive, it’s strongly recommended to maintain parity with the most recent version of Windows 10.  For best practice recommendations, see [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates).
 
-<<<<<<< HEAD
-Configuration Manager and MDT both use the Windows Preinstallation Environment (WindowsPE) during the deployment process. WindowsPE only supports a limited set of basic drivers such as those for network adapters and storage controllers. Drivers for Windows components that are not part of WindowsPE might produce errors. As a best practice, you can prevent such errors by configuring the deployment process to use only the required drivers during the WindowsPE phase.
-=======
 ## Downloadable Surface update packages
 
 Specific versions of Windows 10 have separate .msi files, each containing all required cumulative driver and firmware updates for Surface devices. Update packages may include some or all of the following components:
@@ -160,5 +153,4 @@ This file name provides the following information:
 - [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
 - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
 - [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates)
->>>>>>> cc940ec694b53cac21b19f68969029c390ff3fe0
 
diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
index 8cfc7949fc..0cf1ab9bda 100644
--- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
+++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
@@ -20,7 +20,7 @@ ms.audience: itpro
 
 The Microsoft Surface Enterprise Management Mode (SEMM) feature of Surface UEFI devices lets administrators manage and help secure the configuration of Surface UEFI settings. For most organizations, this process is accomplished by creating Windows Installer (.msi) packages with the Microsoft Surface UEFI Configurator tool. These packages are then run or deployed to the client Surface devices to enroll the devices in SEMM and to update the Surface UEFI settings configuration.
 
-For organizations with Microsoft Endpoint Configuration Manager (formerly known as System Center Configuration Manager or SCCM), there is an alternative to using the Microsoft Surface UEFI Configurator .msi process to deploy and administer SEMM. Microsoft Surface UEFI Manager is a lightweight installer that makes required assemblies for SEMM management available on a device. By installing these assemblies with Microsoft Surface UEFI Manager on a managed client, SEMM can be administered by Configuration Manager with PowerShell scripts, deployed as applications. With this process, SEMM management is performed within Configuration Manager, which eliminates the need for the external Microsoft Surface UEFI Configurator tool.
+For organizations with Microsoft Endpoint Configuration Manager there is an alternative to using the Microsoft Surface UEFI Configurator .msi process to deploy and administer SEMM. Microsoft Surface UEFI Manager is a lightweight installer that makes required assemblies for SEMM management available on a device. By installing these assemblies with Microsoft Surface UEFI Manager on a managed client, SEMM can be administered by Configuration Manager with PowerShell scripts, deployed as applications. With this process, SEMM management is performed within Configuration Manager, which eliminates the need for the external Microsoft Surface UEFI Configurator tool.
 
 > [!Note]
 > Although the process described in this article may work with earlier versions of Endpoint Configuration Manager or with other third-party management solutions, management of SEMM with Microsoft Surface UEFI Manager and PowerShell is supported only with the Current Branch of Endpoint Configuration Manager.
diff --git a/mdop/appv-v4/about-microsoft-application-virtualization-45.md b/mdop/appv-v4/about-microsoft-application-virtualization-45.md
index b28454f7f9..40b58ca9d6 100644
--- a/mdop/appv-v4/about-microsoft-application-virtualization-45.md
+++ b/mdop/appv-v4/about-microsoft-application-virtualization-45.md
@@ -27,7 +27,7 @@ Formerly known as SoftGrid Application Virtualization, Microsoft Application Vir
 
     2.  Application Virtualization Streaming Server, a lightweight version which also ships as part of the Microsoft Desktop Optimization Pack and Microsoft Application Virtualization for Remote Desktop Services packages, offers application streaming including package and active upgrades without the Active Directory Domain Services and database overheads, and enables administrators to deploy to existing servers or add streaming to Electronic Software Delivery (ESD) systems.
 
-    3.  Standalone mode enables virtual applications to run without streaming and is interoperable with Microsoft Systems Management Server and Microsoft Endpoint Configuration Manager and third-party ESD systems.
+    3.  Standalone mode enables virtual applications to run without streaming and is interoperable with Microsoft Endpoint Configuration Manager and third-party ESD systems.
 
 -   Globalization: The product is localized across 11 languages, includes support for foreign language applications that use special characters, and supports foreign language Active Directory and servers and runtime locale detection.
 

From f2e86763ecc8c126accecb9d959e3801166d3dab Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:28:38 -0800
Subject: [PATCH 203/247] Update tvm-remediation.md

---
 .../threat-protection/microsoft-defender-atp/tvm-remediation.md  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 9d775ff451..9426fb0fcf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -136,6 +136,7 @@ The exception impact shows on both the Security recommendations page column and
 - [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
 - [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
 - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 
 

From 4075d9a19dcc499854372e521ea6e67e99085c88 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:29:36 -0800
Subject: [PATCH 204/247] Added refs to TVM APIs

---
 .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md   | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
index 98d455063a..d4667e74fa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
@@ -70,3 +70,8 @@ Microsoft Defender ATP’s Threat & Vulnerability Management allows security adm
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
+- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
+- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
+- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
+- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)

From 4b646f7a2b9ddf3f90c58bf9f882d945b9587a10 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:50:01 -0800
Subject: [PATCH 205/247] Added TVM references

---
 .../microsoft-defender-atp/get-installed-software.md          | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
index 1b2a634eff..9263243f0d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -83,3 +83,7 @@ Here is an example of the response.
     ]
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)

From 0c5f16c00b0dcfa1a90921e92394039267b07c16 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:50:49 -0800
Subject: [PATCH 206/247] Added TVM references

---
 .../microsoft-defender-atp/get-discovered-vulnerabilities.md  | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
index e20da5c5b7..f41e0af06d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -87,3 +87,7 @@ Here is an example of the response.
         }
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From b439d4417aa834330d4a9a593a78002c2b18b2a9 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:51:31 -0800
Subject: [PATCH 207/247] Added TVM references

---
 .../microsoft-defender-atp/get-security-recommendations.md  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
index 4256ba1c8c..61ca64ff6b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
@@ -94,4 +94,8 @@ Here is an example of the response.
         },
 …
 }
-```
\ No newline at end of file
+```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)

From 2f16b745e29dfa1218232a15c1ff919ed89c13ce Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 11:52:51 -0800
Subject: [PATCH 208/247] Added TVM references

---
 .../microsoft-defender-atp/get-exposure-score.md             | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index 389758df52..f57f5e53cf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -83,4 +83,7 @@ Here is an example of the response.
 ```
 
 ## Related topics
-- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability exposure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score)
+
+

From 2ee4db89bb36fe1798cbd9f504b49cbca92b792f Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:07:25 -0800
Subject: [PATCH 209/247] Added TVM references

---
 .../get-machine-group-exposure-score.md                       | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
index 5664ee56dd..a85a0bc44e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@@ -94,3 +94,7 @@ Here is an example of the response.
     ]
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability exposure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score)

From 70a1a9aec9a1660b6f27ed81bfd0e60ac2868d5c Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:08:45 -0800
Subject: [PATCH 210/247] Added TVM references

---
 .../microsoft-defender-atp/get-software.md                  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
index 67bfa09292..21e52ab884 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -81,4 +81,8 @@ Here is an example of the response.
             "impactScore": 2.39947438
         },
 ….
-}
\ No newline at end of file
+}
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)

From 609d04915386cd1a6637e6547ab13c607c3c4b2d Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:09:53 -0800
Subject: [PATCH 211/247] Update get-software.md

---
 .../threat-protection/microsoft-defender-atp/get-software.md     | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
index 21e52ab884..4df1ba1700 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -82,6 +82,7 @@ Here is an example of the response.
         },
 ….
 }
+```
 
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)

From 2a2dad4d1d70f27f6de2bacd01899644e284bf4e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:11:15 -0800
Subject: [PATCH 212/247] Added TVM references

---
 .../microsoft-defender-atp/get-software-by-id.md               | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
index 663bac6747..8e7328251d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
@@ -81,3 +81,6 @@ Here is an example of the response.
 }
 ```
 
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)

From ac0fe42041155c2c4eb62eeeeb16177453f818ba Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:12:11 -0800
Subject: [PATCH 213/247] Added TVM references

---
 .../microsoft-defender-atp/get-software-ver-distribution.md   | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index 39a3275bf2..76220e5515 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -83,4 +83,8 @@ Here is an example of the response.
         },
 …
 }
+```
 
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)

From 07ec4a396b73acdd6bbf776178e4a638002ed037 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:13:16 -0800
Subject: [PATCH 214/247] Update get-software-ver-distribution.md

---
 .../microsoft-defender-atp/get-software-ver-distribution.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index 76220e5515..7446306e86 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -81,7 +81,7 @@ Here is an example of the response.
             "installations": 750,
             "vulnerabilities": 0
         },
-…
+
 }
 ```
 

From 9cf3601833a10279a72cce301207b3c3b3f8e252 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:15:11 -0800
Subject: [PATCH 215/247] Update get-software-ver-distribution.md

---
 .../microsoft-defender-atp/get-software-ver-distribution.md   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index 7446306e86..7e2f080a07 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -80,8 +80,8 @@ Here is an example of the response.
             "version": "11.0.18363.535",
             "installations": 750,
             "vulnerabilities": 0
-        },
-
+        }
+        ]
 }
 ```
 

From b6858a1d8c9bb52d5d56439c1f6034b586b08199 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:16:30 -0800
Subject: [PATCH 216/247] Added TVM references

---
 .../microsoft-defender-atp/get-machines-by-software.md         | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index dd922cae08..7b5b1571d0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -87,3 +87,6 @@ Here is an example of the response.
 }
 ```
 
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)

From 6dd0b715b9ceea4aa60fc0ce26cdf5cc9be39a1b Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:16:57 -0800
Subject: [PATCH 217/247] Update get-machines-by-software.md

---
 .../microsoft-defender-atp/get-machines-by-software.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index 7b5b1571d0..3de42054de 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -83,7 +83,7 @@ Here is an example of the response.
             "osPlatform": "Windows10",
             "rbacGroupId": 9
         },
-…
+]
 }
 ```
 

From 61be29e5c5a3cb9c886c74134784c060e38fd33f Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:17:25 -0800
Subject: [PATCH 218/247] Update get-machines-by-software.md

---
 .../microsoft-defender-atp/get-machines-by-software.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index 3de42054de..107a9bf353 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -82,7 +82,7 @@ Here is an example of the response.
             "computerDnsName": "jane_PC",
             "osPlatform": "Windows10",
             "rbacGroupId": 9
-        },
+        }
 ]
 }
 ```

From be3c676758aa5785c6a93bed4eeb1bf8c70c7ade Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:18:50 -0800
Subject: [PATCH 219/247] Added TVM references

---
 .../microsoft-defender-atp/get-vuln-by-software.md           | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
index 6984c10ec6..38d7cb6c0e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@@ -85,9 +85,8 @@ Here is an example of the response.
             "exploitInKit": false,
             "exploitTypes": [],
             "exploitUris": []
-        },
-
-…
+        }
+        ]
 }
 ```
 

From 1703e034e13df898916d4ccda220bcbaa211c0b5 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:21:51 -0800
Subject: [PATCH 220/247] Added TVM references

---
 .../microsoft-defender-atp/get-all-vulnerabilities.md     | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index 01869cd89b..f058b00c4a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -85,8 +85,12 @@ Content-type: json
             "exploitInKit": false,
             "exploitTypes": [],
             "exploitUris": []
-        },
+        }
+        ]
         {
-..
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From 8fbc2c9cda04bd628b535c8f61f786cb0d1aa432 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:24:12 -0800
Subject: [PATCH 221/247] Added TVM references

---
 .../microsoft-defender-atp/get-vulnerability-by-id.md          | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
index f87c04ae43..2c5e79eb6e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@@ -84,3 +84,6 @@ Content-type: json
     "exploitUris": []
 }
 ```
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From 63ed5718690fbe7401858999ccee2270d9ea25b8 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:33:34 -0800
Subject: [PATCH 222/247] Added TVM references

---
 .../microsoft-defender-atp/get-machines-by-vulnerability.md   | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
index 37a235d516..d2a41e31ae 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@@ -86,3 +86,7 @@ Content-type: json
     ]
  }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From 05a439cab2b4e702a74f296bf7eb27722c8964d3 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:35:21 -0800
Subject: [PATCH 223/247] Added TVM references

---
 .../microsoft-defender-atp/get-all-recommendations.md     | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index 34c6863e7d..d6bfcc9c65 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -98,7 +98,11 @@ Content-type: json
             "exposedMachinesCount": 7,
             "nonProductivityImpactedAssets": 0,
             "relatedComponent": "Windows 10"
-        },
-…
+        }
+        ]
 }
 ```
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
+

From b93a25f13bb93c17c563d80bcb92af397df922a0 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:51:10 -0800
Subject: [PATCH 224/247] Added TVM references

---
 .../microsoft-defender-atp/get-recommendation-by-id.md        | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
index 86f7eef853..dd826d87a1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@@ -91,3 +91,7 @@ Content-type: json
     "relatedComponent": "Chrome"
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)

From f7f48140a013a41f63a7f5924aaf9fab61c4b0fd Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:52:19 -0800
Subject: [PATCH 225/247] Added TVM references

---
 .../microsoft-defender-atp/get-recommendation-software.md   | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
index e8473ba5f8..de192c1e9f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a security recommendation related to a specific software.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
@@ -79,3 +79,7 @@ Content-type: json
     "impactScore": 3.94418621
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)

From 9e2772f1ba6875bd872eb873b67adc60730c718c Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:53:14 -0800
Subject: [PATCH 226/247] Added TVM references

---
 .../microsoft-defender-atp/get-recommendation-machines.md  | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index 0060478641..3b7664b089 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a list of machines associated with the security recommendation.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
@@ -76,6 +76,9 @@ Content-type: json
             "osPlatform": "Windows10",
             "rbacGroupId": 2154
         },
-…
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)

From 55894f5ccc60d7b7f58954a7a9a9f4dfeed68c63 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:54:21 -0800
Subject: [PATCH 227/247] Added TVM references

---
 .../get-recommendation-vulnerabilities.md              | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
index 48f13ed4b9..c9ca363c20 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a list of vulnerabilities associated with the security recommendation.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
@@ -84,7 +84,11 @@ Content-type: json
             "exploitInKit": false,
             "exploitTypes": [],
             "exploitUris": []
-        },
-…
+        }
+        ]
 }
 ```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)

From c2e7e51d872da98c8c49c34eb2899885aae54671 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:55:53 -0800
Subject: [PATCH 228/247] Update get-recommendation-machines.md

---
 .../microsoft-defender-atp/get-recommendation-machines.md      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index 3b7664b089..ef3f78c2e2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -75,7 +75,8 @@ Content-type: json
             "computerDnsName": "niw_pc",
             "osPlatform": "Windows10",
             "rbacGroupId": 2154
-        },
+        }
+        ]
 }
 ```
 

From d8dbab7247cece30950d4f0f8da348a9080e1f2f Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:57:14 -0800
Subject: [PATCH 229/247] Update get-recommendation-by-id.md

---
 .../microsoft-defender-atp/get-recommendation-by-id.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
index dd826d87a1..6a56d41c99 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a security recommendation by its ID.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From 9cade067683830ead3c91d6b66ffb2bb7e6f4554 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:58:16 -0800
Subject: [PATCH 230/247] Update get-all-recommendations.md

---
 .../microsoft-defender-atp/get-all-recommendations.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index d6bfcc9c65..1735811830 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a list of all security recommendations affecting the organization.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From c42c53496453f417bd2febce838f2de5d0be3c28 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:58:31 -0800
Subject: [PATCH 231/247] Update get-machines-by-vulnerability.md

---
 .../microsoft-defender-atp/get-machines-by-vulnerability.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
index d2a41e31ae..5ee5fe1b47 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a list of machines affected by a vulnerability.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From b0547cba0dcddffaeaa4b2f8f65ea8eedc2758a6 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:58:56 -0800
Subject: [PATCH 232/247] Update get-vulnerability-by-id.md

---
 .../microsoft-defender-atp/get-vulnerability-by-id.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
index 2c5e79eb6e..e4ccb6c433 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves vulnerability information by its ID.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From 17cab28ee90d7b3b53aa7480fe8a8a7d49df8718 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 12:59:13 -0800
Subject: [PATCH 233/247] Update get-all-vulnerabilities.md

---
 .../microsoft-defender-atp/get-all-vulnerabilities.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index f058b00c4a..e0e4243d76 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -25,7 +25,7 @@ ms.topic: article
 Retrieves a list of all the vulnerabilities affecting the organization.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From 8548497d4c7bef243e4aa1aa2dc69588e2856aff Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 13:02:31 -0800
Subject: [PATCH 234/247] Update get-software.md

---
 .../microsoft-defender-atp/get-software.md                | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
index 4df1ba1700..1ec2bcccd1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -22,10 +22,10 @@ ms.topic: article
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-Retrieves the organization software inventory
+Retrieves the organization software inventory.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
@@ -79,8 +79,8 @@ Here is an example of the response.
             "activeAlert": false,
             "exposedMachines": 172,
             "impactScore": 2.39947438
-        },
-….
+        }
+        ]
 }
 ```
 

From 1c5678ceba4fcfeee5edcd755b4ce0fd9ca6157b Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 13:02:57 -0800
Subject: [PATCH 235/247] Update get-software-by-id.md

---
 .../microsoft-defender-atp/get-software-by-id.md              | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
index 8e7328251d..c57fe74368 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
@@ -24,10 +24,10 @@ ms.topic: article
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-Retrieves software details by ID
+Retrieves software details by ID.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |   Permission  |   Permission display name
 :---|:---|:---

From 15cacb671f46e56429b885aae76e12ea167f124e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 13:03:21 -0800
Subject: [PATCH 236/247] Update get-software-ver-distribution.md

---
 .../microsoft-defender-atp/get-software-ver-distribution.md   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index 7e2f080a07..2ba8c06b69 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -24,10 +24,10 @@ ms.topic: article
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-Retrieves a list of your organization's software version distribution 
+Retrieves a list of your organization's software version distribution. 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |   Permission  |   Permission display name
 :---|:---|:---

From eb0f7d829245f1e696ea4cc96ca49a8d9b8a4034 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 13:03:44 -0800
Subject: [PATCH 237/247] Update get-machines-by-software.md

---
 .../microsoft-defender-atp/get-machines-by-software.md        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index 107a9bf353..81d6659101 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -24,10 +24,10 @@ ms.topic: article
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-Retrieve a list of machines that has this software installed
+Retrieve a list of machines that has this software installed.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |   Permission  |   Permission display name
 :---|:---|:---

From 092c06896a7d11d34bdc7ca8490852a6eb1633fa Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 13:04:17 -0800
Subject: [PATCH 238/247] Update get-vuln-by-software.md

---
 .../microsoft-defender-atp/get-vuln-by-software.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
index 38d7cb6c0e..6fa52754b7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@@ -27,7 +27,7 @@ ms.topic: article
 Retrieve a list of vulnerabilities in the installed software. 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 
 Permission type |   Permission  |   Permission display name
 :---|:---|:---

From 2fa529107f2fb9a62a8acaa71c49acac39c9e661 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Wed, 29 Jan 2020 13:07:23 -0800
Subject: [PATCH 239/247] Update get-recommendation-machines.md

---
 .../microsoft-defender-atp/get-recommendation-machines.md      | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index ef3f78c2e2..d74dc47279 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -65,8 +65,7 @@ GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chr
 
 Here is an example of the response.
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineReferences",
     "value": [

From db0b320aa9f01eba013906c1f073d7524b6c0f33 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Wed, 29 Jan 2020 13:27:56 -0800
Subject: [PATCH 240/247] adding a note about a known issue with ddv

---
 windows/privacy/diagnostic-data-viewer-overview.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md
index 64cfa25866..1ef548e15d 100644
--- a/windows/privacy/diagnostic-data-viewer-overview.md
+++ b/windows/privacy/diagnostic-data-viewer-overview.md
@@ -149,3 +149,16 @@ The **Review problem reports** tool opens, showing you your Windows Error Report
 
 ![View problem reports tool with report statuses](images/control-panel-problem-reports-screen.png)
 
+## Known Issues with Diagnostic Data Viewer
+
+### Microsoft Edge diagnostic data appearing as a blob of text
+
+**Applicable to:** The new Microsoft Edge (v. 79.x.x.x or higher)
+
+**Issue:** In some cases, diagnostic data collected and sent from the New Microsoft Edge fails to be translated by the decoder, which makes that data appear as blobs of text in the Diagnostic Data Viewer. We are working on a fix for this issue.
+
+**Workaround:** Restart your computer and open Diagnostic Data Viewer.
+
+**Background:** Some of the diagnostic data collected from the new Microsoft Edge is sent using a protobuf format to reduce network bandwidth and to improve data transfer efficiency. Diagnostic Data Viewer has decoding capability to translate this protobuf format into readable text. Due to a bug, sometimes the decoder fails to translate these protobuf messages and hence some of the Microsoft Edge diagnostic data will appear as blob of text.
+
+Microsoft Edge sends a set of required data about your device, its settings and capabilities when the the “Basic” setting is set in Windows 10 (operating system) settings. This data is used to determine whether Microsoft Edge is up to date, secure and performing properly.  Microsoft Edge usage data, and data about the sites you visit, is collected as part of Windows 10 Diagnostic Data when the "Full" setting is set in Windows 10 (operating system) settings. This data is used to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. The diagnostic data collected by Microsoft Edge can be viewed using Windows Diagnostic Data viewer.
\ No newline at end of file

From 1fb7a9222515b2b5053574d1005683c3914d8a10 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Wed, 29 Jan 2020 14:46:22 -0800
Subject: [PATCH 241/247] adding a note about a known issue with ddv v2

---
 windows/privacy/diagnostic-data-viewer-overview.md | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md
index 1ef548e15d..d3f4da6ce2 100644
--- a/windows/privacy/diagnostic-data-viewer-overview.md
+++ b/windows/privacy/diagnostic-data-viewer-overview.md
@@ -157,7 +157,13 @@ The **Review problem reports** tool opens, showing you your Windows Error Report
 
 **Issue:** In some cases, diagnostic data collected and sent from the New Microsoft Edge fails to be translated by the decoder, which makes that data appear as blobs of text in the Diagnostic Data Viewer. We are working on a fix for this issue.
 
-**Workaround:** Restart your computer and open Diagnostic Data Viewer.
+**Workaround:**
+
+- Restart your computer and open Diagnostic Data Viewer.
+
+*OR*
+
+- Restart the *DiagTrack* service, through the Services tab in task manager, and open Diagnostic Data Viewer.
 
 **Background:** Some of the diagnostic data collected from the new Microsoft Edge is sent using a protobuf format to reduce network bandwidth and to improve data transfer efficiency. Diagnostic Data Viewer has decoding capability to translate this protobuf format into readable text. Due to a bug, sometimes the decoder fails to translate these protobuf messages and hence some of the Microsoft Edge diagnostic data will appear as blob of text.
 

From e858cf0f7716b84615244b8aa2812becfda7dcc5 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Wed, 29 Jan 2020 16:28:43 -0800
Subject: [PATCH 242/247] adding a note about a known issue with ddv v3

---
 windows/privacy/diagnostic-data-viewer-overview.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md
index d3f4da6ce2..c70d65a6ce 100644
--- a/windows/privacy/diagnostic-data-viewer-overview.md
+++ b/windows/privacy/diagnostic-data-viewer-overview.md
@@ -155,7 +155,7 @@ The **Review problem reports** tool opens, showing you your Windows Error Report
 
 **Applicable to:** The new Microsoft Edge (v. 79.x.x.x or higher)
 
-**Issue:** In some cases, diagnostic data collected and sent from the New Microsoft Edge fails to be translated by the decoder, which makes that data appear as blobs of text in the Diagnostic Data Viewer. We are working on a fix for this issue.
+**Issue:** In some cases, diagnostic data collected and sent from the New Microsoft Edge fails to be translated by the decoder. When decoding fails, the data appears as a blob of text in the Diagnostic Data Viewer. We are working on a fix for this issue.
 
 **Workaround:**
 
@@ -165,6 +165,4 @@ The **Review problem reports** tool opens, showing you your Windows Error Report
 
 - Restart the *DiagTrack* service, through the Services tab in task manager, and open Diagnostic Data Viewer.
 
-**Background:** Some of the diagnostic data collected from the new Microsoft Edge is sent using a protobuf format to reduce network bandwidth and to improve data transfer efficiency. Diagnostic Data Viewer has decoding capability to translate this protobuf format into readable text. Due to a bug, sometimes the decoder fails to translate these protobuf messages and hence some of the Microsoft Edge diagnostic data will appear as blob of text.
-
-Microsoft Edge sends a set of required data about your device, its settings and capabilities when the the “Basic” setting is set in Windows 10 (operating system) settings. This data is used to determine whether Microsoft Edge is up to date, secure and performing properly.  Microsoft Edge usage data, and data about the sites you visit, is collected as part of Windows 10 Diagnostic Data when the "Full" setting is set in Windows 10 (operating system) settings. This data is used to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. The diagnostic data collected by Microsoft Edge can be viewed using Windows Diagnostic Data viewer.
\ No newline at end of file
+**Background:** Some of the diagnostic data collected from the new Microsoft Edge is sent using a Protocol Buffers (protobuf) to reduce network bandwidth and to improve data transfer efficiency. Diagnostic Data Viewer has a decoding capability to translate this protobuf format into human readable text. Due to a bug, sometimes the decoder fails to translate these protobuf messages and hence some of the New Microsoft Edge diagnostic data will appear as a blob of encoded text.
\ No newline at end of file

From b723cd61b0de989ac8f5e805a991e04f16c46dd5 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Thu, 30 Jan 2020 01:53:18 -0800
Subject: [PATCH 243/247] remove PE file note

---
 .../microsoft-defender-atp/manage-indicators.md                  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
index e2674754d6..be8b72641f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
@@ -78,7 +78,6 @@ It's important to understand the following prerequisites prior to creating indic
 >[!IMPORTANT]
 >- The allow or block function cannot be done on files if the file's classification exists on the device's cache prior to the allow or block action 
 >- Trusted signed files will be treated differently. Microsoft Defender ATP is optimized to handle malicious files. Trying to block trusted signed files, in some cases, may have performance implications.
->- The PE file needs to be in the machine timeline for you to be able to take this action. 
 
  
 >[!NOTE]

From f976576e2d08e572ec277e3a74f88ace71f5a67b Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Thu, 30 Jan 2020 11:50:28 -1000
Subject: [PATCH 244/247] Updates for Surface Laptop

---
 .../enable-surface-keyboard-for-windows-pe-deployment.md | 9 ++++++++-
 .../manage-surface-driver-and-firmware-updates.md        | 6 +++---
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
index d627dec4e9..d8b89bcd23 100644
--- a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
+++ b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
@@ -9,7 +9,7 @@ ms.sitesec: library
 author: Teresa-Motiv
 ms.author: v-tea
 ms.topic: article
-ms.date: 01/17/2020
+ms.date: 01/30/2020
 ms.reviewer: scottmca
 ms.localizationpriority: medium
 ms.audience: itpro
@@ -58,12 +58,14 @@ To support Surface Laptop (1st Gen), import the following folders:
  - SurfacePlatformInstaller\Drivers\System\GPIO
  - SurfacePlatformInstaller\Drivers\System\SurfaceHidMiniDriver
  - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
+ - SurfacePlatformInstaller\Drivers\System\PreciseTouch
 
 Or for newer MSI files beginning with "SurfaceUpdate", use:
 
 - SurfaceUpdate\SerialIOGPIO
 - SurfaceUpdate\SurfaceHidMiniDriver
 - SurfaceUpdate\SurfaceSerialHubDriver
+- SurfaceUpdate\Itouch
 
 To support Surface Laptop 2, import the following folders:
 
@@ -73,6 +75,7 @@ To support Surface Laptop 2, import the following folders:
  - SurfacePlatformInstaller\Drivers\System\I2C
  - SurfacePlatformInstaller\Drivers\System\SPI
  - SurfacePlatformInstaller\Drivers\System\UART
+ - SurfacePlatformInstaller\Drivers\System\PreciseTouch
 
 Or for newer MSI files beginning with "SurfaceUpdate", use:
 
@@ -82,6 +85,7 @@ Or for newer MSI files beginning with "SurfaceUpdate", use:
 - SurfaceUpdate\IclSerialIOUART
 - SurfaceUpdate\SurfaceHidMini
 - SurfaceUpdate\SurfaceSerialHub
+- SurfaceUpdate\Itouch
 
  
 To support Surface Laptop 3 with Intel Processor, import the following folders:
@@ -93,7 +97,10 @@ To support Surface Laptop 3 with Intel Processor, import the following folders:
 - SurfaceUpdate\SurfaceHidMini
 - SurfaceUpdate\SurfaceSerialHub
 - SurfaceUpdate\SurfaceHotPlug
+- SurfaceUpdate\Itouch
    
+> [!NOTE]
+> For Surface Laptop 3 with Intel processor, the model is Surface Laptop 3. The remaining Surface Laptop drivers are located in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 3 folder.
 
 6. Verify that the WindowsPEX64 folder now contains the imported drivers. The folder should resemble the following:  
 
diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index 8bb23669ef..d7ed28fbb8 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -1,6 +1,6 @@
 ---
-title: Manage Surface driver and firmware updates (Surface)
-description: This article describes the available options to manage firmware and driver updates for Surface devices.
+title: Manage and deploy Surface driver and firmware updates 
+description: This article describes the available options to manage and deploy firmware and driver updates for Surface devices.
 ms.assetid: CD1219BA-8EDE-4BC8-BEEF-99B50C211D73
 ms.reviewer: 
 manager: dansimp
@@ -14,7 +14,7 @@ author: dansimp
 ms.author: dansimp
 ms.topic: article
 ms.audience: itpro
-ms.date: 10/21/2019
+ms.date: 01/24/2020
 ---
 
 # Manage and deploy Surface driver and firmware updates

From 294f5efe87dc8de47c589a006b63edd1efaa7654 Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Thu, 30 Jan 2020 14:25:15 -0800
Subject: [PATCH 245/247] Indented 2 notes and 5 lists in Step 5

---
 ...face-keyboard-for-windows-pe-deployment.md | 81 +++++++++----------
 1 file changed, 40 insertions(+), 41 deletions(-)

diff --git a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
index d8b89bcd23..c728d1fff0 100644
--- a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
+++ b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
@@ -50,57 +50,56 @@ To add the keyboard drivers to the selection profile, follow these steps:
 4. Right-click the **WindowsPEX64** folder and select **Import Drivers**.
 5. Follow the instructions in the Import Driver Wizard to import the driver folders into the WindowsPEX64 folder.  
 
-> [!NOTE]
->  Check the downloaded MSI package to determine the format and directory structure.  The directory structure will start with either SurfacePlatformInstaller (older MSI files) or SurfaceUpdate (Newer MSI files) depending on when the MSI was released. 
+    > [!NOTE]
+    >  Check the downloaded MSI package to determine the format and directory structure.  The directory structure will start with either SurfacePlatformInstaller (older MSI files) or SurfaceUpdate (Newer MSI files) depending on when the MSI was released. 
 
-To support Surface Laptop (1st Gen), import the following folders:
+    To support Surface Laptop (1st Gen), import the following folders:
 
- - SurfacePlatformInstaller\Drivers\System\GPIO
- - SurfacePlatformInstaller\Drivers\System\SurfaceHidMiniDriver
- - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
- - SurfacePlatformInstaller\Drivers\System\PreciseTouch
+     - SurfacePlatformInstaller\Drivers\System\GPIO
+     - SurfacePlatformInstaller\Drivers\System\SurfaceHidMiniDriver
+     - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
+     - SurfacePlatformInstaller\Drivers\System\PreciseTouch
 
-Or for newer MSI files beginning with "SurfaceUpdate", use:
+    Or for newer MSI files beginning with "SurfaceUpdate", use:
 
-- SurfaceUpdate\SerialIOGPIO
-- SurfaceUpdate\SurfaceHidMiniDriver
-- SurfaceUpdate\SurfaceSerialHubDriver
-- SurfaceUpdate\Itouch
+    - SurfaceUpdate\SerialIOGPIO
+    - SurfaceUpdate\SurfaceHidMiniDriver
+    - SurfaceUpdate\SurfaceSerialHubDriver
+    - SurfaceUpdate\Itouch
 
-To support Surface Laptop 2, import the following folders:
+    To support Surface Laptop 2, import the following folders:
 
- - SurfacePlatformInstaller\Drivers\System\GPIO
- - SurfacePlatformInstaller\Drivers\System\SurfaceHIDMiniDriver
- - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
- - SurfacePlatformInstaller\Drivers\System\I2C
- - SurfacePlatformInstaller\Drivers\System\SPI
- - SurfacePlatformInstaller\Drivers\System\UART
- - SurfacePlatformInstaller\Drivers\System\PreciseTouch
+     - SurfacePlatformInstaller\Drivers\System\GPIO
+     - SurfacePlatformInstaller\Drivers\System\SurfaceHIDMiniDriver
+     - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
+     - SurfacePlatformInstaller\Drivers\System\I2C
+     - SurfacePlatformInstaller\Drivers\System\SPI
+     - SurfacePlatformInstaller\Drivers\System\UART
+     - SurfacePlatformInstaller\Drivers\System\PreciseTouch
 
-Or for newer MSI files beginning with "SurfaceUpdate", use:
+    Or for newer MSI files beginning with "SurfaceUpdate", use:
 
-- SurfaceUpdate\SerialIOGPIO
-- SurfaceUpdate\IclSerialIOI2C
-- SurfaceUpdate\IclSerialIOSPI
-- SurfaceUpdate\IclSerialIOUART
-- SurfaceUpdate\SurfaceHidMini
-- SurfaceUpdate\SurfaceSerialHub
-- SurfaceUpdate\Itouch
+    - SurfaceUpdate\SerialIOGPIO
+    - SurfaceUpdate\IclSerialIOI2C
+    - SurfaceUpdate\IclSerialIOSPI
+    - SurfaceUpdate\IclSerialIOUART
+    - SurfaceUpdate\SurfaceHidMini
+    - SurfaceUpdate\SurfaceSerialHub
+    - SurfaceUpdate\Itouch
 
- 
-To support Surface Laptop 3 with Intel Processor, import the following folders:
+    To support Surface Laptop 3 with Intel Processor, import the following folders:
 
-- SurfaceUpdate\IclSerialIOGPIO
-- SurfaceUpdate\IclSerialIOI2C
-- SurfaceUpdate\IclSerialIOSPI
-- SurfaceUpdate\IclSerialIOUART
-- SurfaceUpdate\SurfaceHidMini
-- SurfaceUpdate\SurfaceSerialHub
-- SurfaceUpdate\SurfaceHotPlug
-- SurfaceUpdate\Itouch
-   
-> [!NOTE]
-> For Surface Laptop 3 with Intel processor, the model is Surface Laptop 3. The remaining Surface Laptop drivers are located in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 3 folder.
+    - SurfaceUpdate\IclSerialIOGPIO
+    - SurfaceUpdate\IclSerialIOI2C
+    - SurfaceUpdate\IclSerialIOSPI
+    - SurfaceUpdate\IclSerialIOUART
+    - SurfaceUpdate\SurfaceHidMini
+    - SurfaceUpdate\SurfaceSerialHub
+    - SurfaceUpdate\SurfaceHotPlug
+    - SurfaceUpdate\Itouch
+
+    > [!NOTE]
+    > For Surface Laptop 3 with Intel processor, the model is Surface Laptop 3. The remaining Surface Laptop drivers are located in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 3 folder.
 
 6. Verify that the WindowsPEX64 folder now contains the imported drivers. The folder should resemble the following:  
 

From 50d6b48d6b3f8061c60d06eac332e771169873e3 Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Thu, 30 Jan 2020 14:27:52 -0800
Subject: [PATCH 246/247] Indented Figure 1 in Step 2, also...

...cut a space character between a file name and its extension.
---
 .../surface/manage-surface-driver-and-firmware-updates.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index d7ed28fbb8..4826b50b67 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -88,11 +88,11 @@ Specific versions of Windows 10 have separate .msi files, each containing all re
 
 ### Downloading .msi files
 1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center.
-2. Select the .msi file name that matches the Surface model and version of Windows. The .msi file name includes the minimum supported Windows build number required to install the drivers and firmware. For example, as shown in the following figure, to update a Surface Book 2 with build 18362 of Windows 10, choose **SurfaceBook2_Win10_18362_19.101.13994.msi.** For a Surface Book 2 with build 16299 of Windows 10, choose **SurfaceBook2_Win10_16299_1803509_3. msi**.
+2. Select the .msi file name that matches the Surface model and version of Windows. The .msi file name includes the minimum supported Windows build number required to install the drivers and firmware. For example, as shown in the following figure, to update a Surface Book 2 with build 18362 of Windows 10, choose **SurfaceBook2_Win10_18362_19.101.13994.msi.** For a Surface Book 2 with build 16299 of Windows 10, choose **SurfaceBook2_Win10_16299_1803509_3.msi**.
 
- ![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png)
- 
-*Figure 1. Downloading Surface updates*
+    ![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png)
+
+    *Figure 1. Downloading Surface updates*
  
  
 ### Surface .msi naming convention

From b92ec35da10c4a53aba40c8f7bca7b471f26f90e Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Fri, 31 Jan 2020 09:35:10 -0800
Subject: [PATCH 247/247] pencil edits

---
 devices/surface/manage-surface-driver-and-firmware-updates.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md
index a3aed38191..e7f816ae54 100644
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@@ -37,7 +37,7 @@ Microsoft Endpoint Configuration Manager allows you to synchronize and deploy Su
  
 For detailed steps, see the following resources:
 
-- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
+- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager)
 - [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications).
 - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
 
@@ -144,7 +144,7 @@ This file name provides the following information:
 ## Learn more
 
 - [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware)
-- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
+- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager)
 - [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications).
 - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
 - [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)