diff --git a/rules/windows/process_creationprocess_creation_lolbins_suspicious_driver_installed_by_pnputil.yml b/rules/windows/process_creationprocess_creation_lolbins_suspicious_driver_installed_by_pnputil.yml
deleted file mode 100644
index e7a5f636c..000000000
--- a/rules/windows/process_creationprocess_creation_lolbins_suspicious_driver_installed_by_pnputil.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-title: Suspicious Driver Install by pnputil.exe
-status: experimental
-id: a2ea3ae7-d3d0-40a0-a55c-25a45c87cac1
-author: @LuxNoBulIshit, @aloneliassaf, Austin Songer @austinsonger
-date: 2021/09/30
-description: Detects when a possible suspicious driver is being installed via pnputil.exe lolbin
-references:
-    - https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/pnputil-command-syntax
-    - https://strontic.github.io/xcyclopedia/library/pnputil.exe-60EDC5E6BDBAEE441F2E3AEACD0340D2.html
-tags:
-    - attack.persistence
-    - attack.t1547
-    - attack.t1547.006
-logsource:
-    category: process_creation
-    product: windows
-detection:
-    selection:
-        CommandLine|contains:
-            - '-i'
-            - '-a'
-            - '-e'
-            - '.inf'
-        Image|endswith:
-            - '\pnputil.exe'
-    condition: selection
-fields:
-    - ComputerName
-    - User
-    - CommandLine
-    - ParentCommandLine
-falsepositives:
-    - System administrator Usage
-    - Penetration test
-level: medium