diff --git a/yara/apt_moonlightmaze.yar b/yara/apt_moonlightmaze.yar
index 1834257..1ce0ada 100644
--- a/yara/apt_moonlightmaze.yar
+++ b/yara/apt_moonlightmaze.yar
@@ -41,9 +41,8 @@ strings:
 	$a11="ork error" ascii fullword
 
 condition:
-
-	((any of ($a*)))
-
+	// Change from "any of them" to 3 of them due to false positives with Nvidia drivers
+	3 of ($a*)
 }
 
 
diff --git a/yara/gen_invoke_mimikatz.yar b/yara/gen_invoke_mimikatz.yar
index 07c7949..12c5b93 100644
--- a/yara/gen_invoke_mimikatz.yar
+++ b/yara/gen_invoke_mimikatz.yar
@@ -15,7 +15,6 @@ rule Invoke_Mimikatz {
 		date = "2016-08-03"
 		hash1 = "f1a499c23305684b9b1310760b19885a472374a286e2f371596ab66b77f6ab67"
 	strings:
-		$x1 = "Invoke-Mimikatz" wide fullword
 		$x2 = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAEAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm" ascii
       $x3 = "Write-BytesToMemory -Bytes $Shellcode1 -MemoryAddress $GetCommandLineWAddrTemp" fullword ascii
 	condition: