diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..f9347da
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,6 @@
+# Auto detect text files and perform LF normalization
+* text=auto
+
+# Plain text (Windows)
+*.txt    diff=astextplain eol=crlf
+*.ini    diff=astextplain eol=crlf
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..56e5ba3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,17 @@
+# Delphi local files (user-specific info)
+*.local
+*.identcache
+
+# Delphi history and backups
+__history/
+*.~*
+
+# Compiled binaries
+*.dcu
+*.exe
+*.dll
+*.msi
+
+# MSI local stuff
+*.wixobj
+*.wixpdb
diff --git a/LICENSE b/LICENSE
index a84c395..34720ea 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,25 +1,202 @@
-This is free and unencumbered software released into the public domain.
+                                 Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
 
-Anyone is free to copy, modify, publish, use, compile, sell, or
-distribute this software, either in source code form or as a compiled
-binary, for any purpose, commercial or non-commercial, and by any
-means.
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
-In jurisdictions that recognize copyright laws, the author or authors
-of this software dedicate any and all copyright interest in the
-software to the public domain. We make this dedication for the benefit
-of the public at large and to the detriment of our heirs and
-successors. We intend this dedication to be an overt act of
-relinquishment in perpetuity of all present and future rights to this
-software under copyright law.
+1. Definitions.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
-OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
 
-For more information, please refer to <http://unlicense.org>
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
 
diff --git a/README.md b/README.md
index 840e121..837e679 100644
--- a/README.md
+++ b/README.md
@@ -1,188 +1,463 @@
-<b>RDP Wrapper Library by Stas'M</b><br>
-<br>
-The goal of this project is to enable Remote Desktop Host support and concurrent RDP sessions on reduced functionality systems for home usage.<br>
-<br>
-RDP Wrapper works as a layer between Service Control Manager and Terminal Services, so the original termsrv.dll file remains untouched. Also this method is very strong against Windows Update.<br>
-<br>
-Screenshots:<br>
-<div style="padding-top: 4px; width: 534px; white-space: nowrap; overflow: auto; overflow-y: hidden">
-<a href="http://stascorp.com/images/rdpwrap/VistaST.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pVistaST.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/VistaHB.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pVistaHB.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win7ST.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin7ST.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win7HB.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin7HB.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win8DP.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin8DP.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win8CP.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin8CP.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win8RP.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin8RP.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win8.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin8.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win81P.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin81P.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win81.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin81.jpg"></a>&nbsp;
-<a href="http://stascorp.com/images/rdpwrap/Win10TP.png" target="_blank"><img src="http://stascorp.com/images/rdpwrap/pWin10TP.jpg"></a>&nbsp;
-</div><br>
-This solution was inspired by <a href="http://forums.mydigitallife.info/threads/39411-Windows-Product-Policy-Editor" target="_blank">Windows Product Policy Editor</a>, big thanks to <b>kost</b> :)<br>
-- binarymaster<br>
-<br>
-Attention:<br>
-It's recommended to have original termsrv.dll file with the RDP Wrapper installation. If you have modified it before with other patchers, it may become unstable and crash in any moment.<br>
-<br>
-Information:<br>
-• Source code is available, so you can build it on your own<br>
-• RDP Wrapper does not patch termsrv.dll, it loads termsrv with different parameters<br>
-• RDPWInst and RDPChecker can be redistributed without development folder and batch files<br>
-• RDPWInst can be used for unattended installation / deployment<br>
-• Windows 2000, XP and Server 2003 will not be supported<br>
-<br>
-Porting to other platforms:<br>
-• <b>ARM</b> for Windows RT (see links below)<br>
-• <b>IA-64</b> for Itanium-based Windows Server? <i>Well, I have no idea</i> :)<br>
-<br>
-<b>Links:</b><br>
-• Official GitHub repository:<br>
-<a href="https://github.com/binarymaster/rdpwrap/" target="_blank">https://github.com/binarymaster/rdpwrap/</a><br>
-• Active discussion in the comments here:<br>
-<a href="http://andrewblock.net/2013/07/19/enable-remote-desktop-on-windows-8-core/" target="_blank" title="Enable remote desktop on Windows 8 core / basic">Enable remote desktop on Windows 8 core / basic - Andrew Block .net</a><br>
-• MDL Projects and Applications thread here:<br>
-<a href="http://forums.mydigitallife.info/threads/55935-RDP-Wrapper-Library-(works-with-Windows-8-1-Basic)" target="_blank" title="Enable remote desktop on Windows 8 core / basic">RDP Wrapper Library (works with Windows 8.1 Basic)</a><br>
-• Some ideas about porting to ARM for Windows RT (post #23):<br>
-<a href="http://forum.xda-developers.com/showthread.php?t=2093525&page=3" target="_blank" title="Enable remote desktop on Windows 8 core / basic">[Q] Mod Windows RT to enable Remote Desktop</a><br>
-• Adding «Remote Desktop Users» group:<br>
-<a href="http://superuser.com/questions/680572/" target="_blank">http://superuser.com/questions/680572/</a><br>
-<br>
-Files description:<br>
-<br>
-<table style="border-collapse: collapse; width: 100%; border: 1px solid black;" width="" align="">
-<tbody>
-<tr><td style="border: 1px solid black;"><b>RDPWInst.exe</b></td><td style="border: 1px solid black;">RDP Wrapper Library installer/uninstaller</td></tr>
-<tr><td style="border: 1px solid black;"><b>RDPCheck.exe</b></td><td style="border: 1px solid black;">Local RDP Checker (you can check the RDP is working)</td></tr>
-<tr><td style="border: 1px solid black;"><b>install.bat</b></td><td style="border: 1px solid black;">Quick install batch file</td></tr>
-<tr><td style="border: 1px solid black;"><b>uninstall.bat</b></td><td style="border: 1px solid black;">Quick uninstall batch file</td></tr>
-</tbody>
-</table><br>
-Change log:<br>
-<br>
-<b><u>2014.11.14</u></b><br>
-• Version 1.4<br>
-• Added support for Windows 10 Technical Preview Update 1<br>
-• Added support for Windows Vista SP2 with KB3003743<br>
-• Added support for Windows 7 SP1 with KB3003743<br>
-• Added new RDP Configuration Program<br>
-<br>
-<b><u>2014.10.21</u></b><br>
-• Installer updated<br>
-• Added feature to install RDP Wrapper to System32 directory<br>
-• Fixed issue in the installer - NLA setting now remains unchanged<br>
-• Local RDP Checker updated<br>
-• SecurityLayer and UserAuthentification values changed on check start<br>
-• RDP Checker restores values on exit<br>
-<br>
-<b><u>2014.10.20</u></b><br>
-• Version 1.3<br>
-• Added support for Windows 10 Technical Preview<br>
-• Added support for Windows 7 with KB2984972<br>
-• Added support for Windows 8 with KB2973501<br>
-• Added extended support for Windows Vista (SP0, SP1 and SP2)<br>
-• Added extended support for Windows 7 (SP0 and SP1)<br>
-• Some improvements in the source code<br>
-• Installer updated to v2.2<br>
-• Fixed installation bug in Vista x64 (wrong expand path)<br>
-• Local RDP Checker updated<br>
-• Added description to error 0x708<br>
-<br>
-<b><u>2014.07.26</u></b><br>
-• Version 1.2<br>
-• Added support for Windows 8 Developer Preview<br>
-• Added support for Windows 8 Consumer Preview<br>
-• Added support for Windows 8 Release Preview<br>
-• Added support for Windows 8.1 Preview<br>
-• Added support for Windows 8.1<br>
-• More details you will see in the source code<br>
-• Installer updated to v2.1<br>
-<br>
-<b><u>2013.12.09</u></b><br>
-• C++ port of RDP Wrapper was made by <b>Fusix</b><br>
-• x64 architecture is supported now<br>
-• Added new command line installer v2.0<br>
-• Added local RDP checker<br>
-• Source code (C++ port, installer 2.0, local RDP checker) is also included<br>
-<br>
-<b><u>2013.10.25</u></b><br>
-• Version 1.1 source code is available<br>
-<br>
-<b><u>2013.10.22</u></b><br>
-• Version 1.1<br>
-• Stable release<br>
-• Improved wrapper (now it can wrap internal unexported termsrv.dll SL Policy function)<br>
-• Added support for Windows 8 Single Language (tested on Acer Tablet PC with Intel Atom Z2760)<br>
-<br>
-<b><u>2013.10.19</u></b><br>
-• Version 1.0<br>
-• First [beta] version<br>
-• Basic SL Policy wrapper<br>
-<br>
-<b>Supported Terminal Services versions:</b><br>
-• <u>6.0.X.X</u> (Windows Vista / Server 2008)<br>
-• <u>6.0.6000.16386</u> (Windows Vista)<br>
-• <u>6.0.6001.18000</u> (Windows Vista SP1)<br>
-• <u>6.0.6002.18005</u> (Windows Vista SP2)<br>
-• <u>6.0.6002.19214</u> (Windows Vista SP2 with KB3003743 GDR)<br>
-• <u>6.0.6002.23521</u> (Windows Vista SP2 with KB3003743 LDR)<br>
-• <u>6.1.X.X</u> (Windows 7 / Server 2008 R2)<br>
-• <u>6.1.7600.16385</u> (Windows 7)<br>
-• <u>6.1.7601.17514</u> (Windows 7 SP1)<br>
-• <u>6.1.7601.18540</u> (Windows 7 SP1 with KB2984972 GDR)<br>
-• <u>6.1.7601.22750</u> (Windows 7 SP1 with KB2984972 LDR)<br>
-• <u>6.1.7601.18637</u> (Windows 7 SP1 with KB3003743 GDR)<br>
-• <u>6.1.7601.22843</u> (Windows 7 SP1 with KB3003743 LDR)<br>
-• <u>6.2.8102.0</u> (Windows 8 Developer Preview)<br>
-• <u>6.2.8250.0</u> (Windows 8 Consumer Preview)<br>
-• <u>6.2.8400.0</u> (Windows 8 Release Preview)<br>
-• <u>6.2.9200.16384</u> (Windows 8 / Server 2012)<br>
-• <u>6.2.9200.17048</u> (Windows 8 with KB2973501 GDR)<br>
-• <u>6.2.9200.21166</u> (Windows 8 with KB2973501 LDR)<br>
-• <u>6.3.9431.0</u> (Windows 8.1 Preview)<br>
-• <u>6.3.9600.16384</u> (Windows 8.1 / Server 2012 R2)<br>
-• <u>6.3.9600.17095</u> (Windows 8.1 with KB2959626)<br>
-• <u>6.4.9841.0</u> (Windows 10 Technical Preview)<br>
-• <u>6.4.9860.0</u> (Windows 10 Technical Preview Update 1)<br>
-<br>
-<b>Confirmed working on:</b><br>
-• Windows Vista Starter (x86 - Service Pack 1 and higher)<br>
-• Windows Vista Home Basic (x86 - Service Pack 1 and higher)<br>
-• Windows Vista Home Premium (x86 - Service Pack 1 and higher)<br>
-• Windows Vista Business (x86 - Service Pack 1 and higher)<br>
-• Windows Vista Enterprise (x86 - Service Pack 1 and higher)<br>
-• Windows Vista Ultimate (x86 - Service Pack 1 and higher)<br>
-• Windows 7 Starter<br>
-• Windows 7 Home Basic<br>
-• Windows 7 Home Premium<br>
-• Windows 7 Professional<br>
-• Windows 7 Enterprise<br>
-• Windows 7 Ultimate<br>
-• Windows 8 Developer Preview<br>
-• Windows 8 Consumer Preview<br>
-• Windows 8 Release Preview<br>
-• Windows 8<br>
-• Windows 8 Single Language<br>
-• Windows 8 Pro<br>
-• Windows 8 Enterprise<br>
-• Windows 8.1 Preview<br>
-• Windows 8.1<br>
-• Windows 8.1 Single Language<br>
-• Windows 8.1 Pro<br>
-• Windows 8.1 Enterprise<br>
-• Windows 10 Technical Preview<br>
-<br>
-<b>Working partially:</b><br>
-• Windows Vista Starter RTM x86 (termsrv.dll 6.0.6000.16386 : RDP works, but termsrv.dll crashes on logon attempt)<br>
-<br>
-<u>Installation instructions:</u><br>
-1. Download and unpack files<br>
-2. Run <b>Command Prompt (cmd)</b> as administrator<br>
-3. Change directory to <b>/bin</b> (where binaries and batch files are placed)<br>
-4. Type <b>install.bat</b> and press Enter<br>
-5. See command output for details<br>
-<br>
-<u>To uninstall:</u><br>
-1. Run <b>Command Prompt</b> as administrator<br>
-2. Change directory to <b>/bin</b><br>
-3. Type <b>uninstall.bat</b> and press Enter<br>
-4. See command output for details<br>
+# RDP Wrapper Library by Stas'M
+
+[![Telegram](https://img.shields.io/badge/chat-Telegram-blue.svg)](https://t.me/rdpwrap)
+![Environment](https://img.shields.io/badge/Windows-Vista,%207,%208,%2010-brightgreen.svg)
+[![Release](https://img.shields.io/github/release/stascorp/rdpwrap.svg)](https://github.com/stascorp/rdpwrap/releases)
+![License](https://img.shields.io/github/license/stascorp/rdpwrap.svg)
+![Downloads](https://img.shields.io/github/downloads/stascorp/rdpwrap/latest/total.svg)
+![TotalDownloads](https://img.shields.io/github/downloads/stascorp/rdpwrap/total.svg)
+
+The goal of this project is to enable Remote Desktop Host support and concurrent RDP sessions on reduced functionality systems for home usage.
+
+RDP Wrapper works as a layer between Service Control Manager and Terminal Services, so the original termsrv.dll file remains untouched. Also this method is very strong against Windows Update.
+
+[pVistaST]:  http://stascorp.com/images/rdpwrap/pVistaST.jpg
+[pVistaHB]:  http://stascorp.com/images/rdpwrap/pVistaHB.jpg
+[pWin7ST]:   http://stascorp.com/images/rdpwrap/pWin7ST.jpg
+[pWin7HB]:   http://stascorp.com/images/rdpwrap/pWin7HB.jpg
+[pWin8DP]:   http://stascorp.com/images/rdpwrap/pWin8DP.jpg
+[pWin8CP]:   http://stascorp.com/images/rdpwrap/pWin8CP.jpg
+[pWin8RP]:   http://stascorp.com/images/rdpwrap/pWin8RP.jpg
+[pWin8]:     http://stascorp.com/images/rdpwrap/pWin8.jpg
+[pWin81P]:   http://stascorp.com/images/rdpwrap/pWin81P.jpg
+[pWin81]:    http://stascorp.com/images/rdpwrap/pWin81.jpg
+[pWin10TP]:  http://stascorp.com/images/rdpwrap/pWin10TP.jpg
+[pWin10PTP]: http://stascorp.com/images/rdpwrap/pWin10PTP.jpg
+[pWin10]:    http://stascorp.com/images/rdpwrap/pWin10.jpg
+
+[fVistaST]:  http://stascorp.com/images/rdpwrap/VistaST.png
+[fVistaHB]:  http://stascorp.com/images/rdpwrap/VistaHB.png
+[fWin7ST]:   http://stascorp.com/images/rdpwrap/Win7ST.png
+[fWin7HB]:   http://stascorp.com/images/rdpwrap/Win7HB.png
+[fWin8DP]:   http://stascorp.com/images/rdpwrap/Win8DP.png
+[fWin8CP]:   http://stascorp.com/images/rdpwrap/Win8CP.png
+[fWin8RP]:   http://stascorp.com/images/rdpwrap/Win8RP.png
+[fWin8]:     http://stascorp.com/images/rdpwrap/Win8.png
+[fWin81P]:   http://stascorp.com/images/rdpwrap/Win81P.png
+[fWin81]:    http://stascorp.com/images/rdpwrap/Win81.png
+[fWin10TP]:  http://stascorp.com/images/rdpwrap/Win10TP.png
+[fWin10PTP]: http://stascorp.com/images/rdpwrap/Win10PTP.png
+[fWin10]:    http://stascorp.com/images/rdpwrap/Win10.png
+
+| NT Version    | Screenshots |
+| ------------- | ----------- |
+| Windows Vista | [![Windows Vista Starter][pVistaST]][fVistaST] [![Windows Vista Home Basic][pVistaHB]][fVistaHB] |
+| Windows 7     | [![Windows 7 Starter][pWin7ST]][fWin7ST] [![Windows 7 Home Basic][pWin7HB]][fWin7HB] |
+| Windows 8     | [![Windows 8 Developer Preview][pWin8DP]][fWin8DP] [![Windows 8 Consumer Preview][pWin8CP]][fWin8CP] [![Windows 8 Release Preview][pWin8RP]][fWin8RP] [![Windows 8][pWin8]][fWin8] |
+| Windows 8.1   | [![Windows 8.1 Preview][pWin81P]][fWin81P] [![Windows 8.1][pWin81]][fWin81] |
+| Windows 10    | [![Windows 10 Technical Preview][pWin10TP]][fWin10TP] [![Windows 10 Pro Technical Preview][pWin10PTP]][fWin10PTP] [![Windows 10][pWin10]][fWin10] |
+---
+[WinPPE]: http://forums.mydigitallife.info/threads/39411-Windows-Product-Policy-Editor
+
+This solution was inspired by [Windows Product Policy Editor][WinPPE], big thanks to **kost** :)
+
+— binarymaster
+
+### Attention:
+It's recommended to have original termsrv.dll file with the RDP Wrapper installation. If you have modified it before with other patchers, it may become unstable and crash in any moment.
+
+### Information:
+- Source code is available, so you can build it on your own
+- RDP Wrapper does not patch termsrv.dll, it loads termsrv with different parameters
+- RDPWInst and RDPChecker can be redistributed without development folder and batch files
+- RDPWInst can be used for unattended installation / deployment
+- Windows 2000, XP and Server 2003 will not be supported
+
+### Key features:
+- RDP host server on any Windows edition beginning from Vista
+- Console and remote sessions at the same time
+- Using the same user simultaneously for local and remote logon (see configuration app)
+- Up to [15 concurrent sessions](https://github.com/stascorp/rdpwrap/issues/192) (the actual limitation depends on your hardware and OS version)
+- Console and RDP session shadowing (using [Task Manager in Windows 7](http://cdn.freshdesk.com/data/helpdesk/attachments/production/1009641577/original/remote_control.png?1413476051) and lower, and [Remote Desktop Connection in Windows 8](http://woshub.com/rds-shadow-how-to-connect-to-a-user-session-in-windows-server-2012-r2/) and higher)
+- Full [multi-monitor support](https://github.com/stascorp/rdpwrap/issues/163) for RDP host
+- ...and if you find a new feature not listed here, [tell us](https://github.com/stascorp/rdpwrap/issues/new) ;)
+
+### Porting to other platforms:
+- **ARM** for Windows RT (see links below)
+- **IA-64** for Itanium-based Windows Server? *Well, I have no idea* :)
+
+### Building the binaries:
+- **x86 Delphi version** can be built with *Embarcadero RAD Studio 2010*
+- **x86/x64 C++ version** can be built with *Microsoft Visual Studio 2013*
+
+[andrewblock]:   http://web.archive.org/web/20150810054558/http://andrewblock.net/enable-remote-desktop-on-windows-8-core/
+[mydigitallife]: http://forums.mydigitallife.info/threads/55935-RDP-Wrapper-Library-(works-with-Windows-8-1-Basic)
+[xda-dev]:       http://forum.xda-developers.com/showthread.php?t=2093525&page=3
+[yt-updating]:   http://www.youtube.com/watch?v=W9BpbEt1yJw
+[yt-offsets]:    http://www.youtube.com/watch?v=FiD86tmRBtk
+
+### Links:
+- Official GitHub repository:
+<br>https://github.com/stascorp/rdpwrap/
+- Official Telegram chat:
+<br>https://t.me/rdpwrap
+- Active discussion in the comments here:
+<br>[Enable remote desktop on Windows 8 core / basic - Andrew Block .net][andrewblock]
+- MDL Projects and Applications thread here:
+<br>[RDP Wrapper Library (works with Windows 8.1 Basic)][mydigitallife]
+- Some ideas about porting to ARM for Windows RT (post #23):
+<br>[\[Q\] Mod Windows RT to enable Remote Desktop][xda-dev]
+- Adding «Remote Desktop Users» group:
+<br>http://superuser.com/questions/680572/
+
+#### Tutorial videos:
+- [~~Updating RDP Wrapper INI file manually~~][yt-updating] (now use installer to update INI file)
+- [How to find offsets for new termsrv.dll versions][yt-offsets]
+
+### Files in release package:
+
+| File name | Description |
+| --------- | ----------- |
+| `RDPWInst.exe`  | RDP Wrapper Library installer/uninstaller |
+| `RDPCheck.exe`  | Local RDP Checker (you can check the RDP is working) |
+| `RDPConf.exe`   | RDP Wrapper Configuration |
+| `install.bat`   | Quick install batch file |
+| `uninstall.bat` | Quick uninstall batch file |
+| `update.bat`    | Quick update batch file |
+
+### Frequently Asked Questions
+
+> Where can I download the installer or binaries?
+
+In the [GitHub Releases](https://github.com/stascorp/rdpwrap/releases) section.
+
+> Is it legal to use this application?
+
+There is no definitive answer, see [this discussion](https://github.com/stascorp/rdpwrap/issues/26).
+
+> The installer tries to access the Internet, is it normal behaviour?
+
+Yes, it works in online mode by default. You may disable it by removing `-o` flag in the `install.bat` file.
+
+> What is online install mode?
+
+Online install mode introduced in version 1.6.1. When you installing RDP Wrapper first time using this mode, it will download [latest INI file](https://github.com/stascorp/rdpwrap/blob/master/res/rdpwrap.ini) from GitHub. See [this discussion](https://github.com/stascorp/rdpwrap/issues/132).
+
+> What is INI file and why we need it?
+
+INI file was introduced in version 1.5. It stores system configuration for RDP Wrapper — general wrapping settings, binary patch codes, and per build specific data. When new `termsrv.dll` build comes out, developer adds support for it by updating INI file in repository.
+
+> Config Tool reports version 1.5, but I installed higher version. What's the matter?
+
+Beginning with version 1.5 the `rdpwrap.dll` is not updated anymore, since all settings are stored in INI file. Deal with it.
+
+> Config Tool shows `[not supported]` and RDP doesn't work. What can I do?
+
+Make sure you're connected to the Internet and run `update.bat`.
+
+> Update doesn't help, it still shows `[not supported]`.
+
+Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check whether your `termsrv.dll` build is listed here. If you can't find such issue, create a new — specify your build version for adding to support.
+
+> Why `RDPCheck` doesn't allow to change resolution and other settings?
+
+`RDPCheck` is a very simple application and only for testing purposes. You need to use Microsoft Remote Desktop Client (`mstsc.exe`) if you want to customize the settings. You can use `127.0.0.1` or `127.0.0.2` address for loopback connection.
+
+### Known issues:
+- Beginning with Windows 8 **on tablet PCs** inactive sessions will be logged out by system - [more info](https://github.com/stascorp/rdpwrap/issues/37)
+- Beginning with Windows 10 you can accidentally lock yourself from PC - [more info](https://github.com/stascorp/rdpwrap/issues/50)
+- Beginning with the Creators Update for Windows 10 Home, RDP Wrapper will no longer work, claiming that the listener is `[not listening]` because of `rfxvmt.dll` is missing - [more info](https://github.com/stascorp/rdpwrap/issues/194#issuecomment-323564111), [download links](https://github.com/stascorp/rdpwrap/issues/194#issuecomment-325627235)
+- Terminal Service does not start after installing some updates or "Access Denied" issue - [#215](https://github.com/stascorp/rdpwrap/issues/215), [#101](https://github.com/stascorp/rdpwrap/issues/101)
+- RDP Wrapper does not work with RemoteFX enabled hosts - [#127](https://github.com/stascorp/rdpwrap/issues/127), [#208](https://github.com/stascorp/rdpwrap/issues/208), [#216](https://github.com/stascorp/rdpwrap/issues/216)
+- RDP works, but termsrv.dll crashes on logon attempt - Windows Vista Starter RTM x86 (termsrv.dll `6.0.6000.16386`)
+- If Terminal Services hangs at startup, try to add **`rdpwrap.dll`** to antivirus exclusions. Also try to isolate RDP Wrapper from other shared services by the command:
+<br>`sc config TermService type= own`
+- RDP Wrapper can be removed by AVG Free Antivirus and [Norton Antivirus](https://github.com/stascorp/rdpwrap/issues/191) - first make sure you downloaded [official release](https://github.com/stascorp/rdpwrap/releases) from GitHub, then add it to exclusions.
+
+---
+
+### Change log:
+
+#### 2017.12.27
+- Version 1.6.2
+- Installer updated
+- Include updated INI file for latest Windows builds
+- Added check for supported Windows versions ([#155](https://github.com/stascorp/rdpwrap/issues/155))
+- Added feature to take INI file from current directory ([#300](https://github.com/stascorp/rdpwrap/issues/300))
+- Added feature to restore rfxvmt.dll (missing in Windows 10 Home [#194](https://github.com/stascorp/rdpwrap/issues/194))
+- RDP Config updated
+- Added feature to allow custom start programs ([#13 (comment)](https://github.com/stascorp/rdpwrap/issues/13#issuecomment-77651843))
+- MSI installation package added ([#14](https://github.com/stascorp/rdpwrap/issues/14))
+
+#### 2016.08.01
+- Version 1.6.1
+- Include updated INI file for latest Windows builds
+- Installer updated
+- Added online install mode
+- Added feature to keep settings on uninstall
+- RDP Config updated
+- Fixed update firewall rule on RDP port change
+- Added feature to hide users on logon
+
+#### 2015.08.12
+- Version 1.6
+- Added support for Windows 10
+- INI file has smaller size now - all comments are moved to KB file
+- Installer updated
+- Added workaround for 1056 error (although it isn't an error)
+- Added update support to installer
+- Newest RDPClip versions are included with installer
+- RDP Checker updated
+- Changed connect IP to 127.0.0.2
+- Updated some text messages
+- RDP Config updated
+- Added all possible shadowing modes
+- Also it will write settings to the group policy
+
+#### 2014.12.11
+- Version 1.5
+- Added INI config support
+- Configuration is stored in INI file now
+- We can extend version support without building new binaries
+- Added support for Windows 8.1 with KB3000850
+- Added support for Windows 10 Technical Preview Update 2
+- Installer updated
+- RDP Config updated
+- Diagnostics feature added to RDP Config
+
+#### 2014.11.14
+- Version 1.4
+- Added support for Windows 10 Technical Preview Update 1
+- Added support for Windows Vista SP2 with KB3003743
+- Added support for Windows 7 SP1 with KB3003743
+- Added new RDP Configuration Program
+
+#### 2014.10.21
+- Installer updated
+- Added feature to install RDP Wrapper to System32 directory
+- Fixed issue in the installer - NLA setting now remains unchanged
+- Local RDP Checker updated
+- SecurityLayer and UserAuthentification values changed on check start
+- RDP Checker restores values on exit
+
+#### 2014.10.20
+- Version 1.3
+- Added support for Windows 10 Technical Preview
+- Added support for Windows 7 with KB2984972
+- Added support for Windows 8 with KB2973501
+- Added extended support for Windows Vista (SP0, SP1 and SP2)
+- Added extended support for Windows 7 (SP0 and SP1)
+- Some improvements in the source code
+- Installer updated to v2.2
+- Fixed installation bug in Vista x64 (wrong expand path)
+- Local RDP Checker updated
+- Added description to error 0x708
+
+#### 2014.07.26
+- Version 1.2
+- Added support for Windows 8 Developer Preview
+- Added support for Windows 8 Consumer Preview
+- Added support for Windows 8 Release Preview
+- Added support for Windows 8.1 Preview
+- Added support for Windows 8.1
+- More details you will see in the source code
+- Installer updated to v2.1
+
+#### 2013.12.09
+- C++ port of RDP Wrapper was made by Fusix
+- x64 architecture is supported now
+- Added new command line installer v2.0
+- Added local RDP checker
+- Source code (C++ port, installer 2.0, local RDP checker) is also included
+
+#### 2013.10.25
+- Version 1.1 source code is available
+
+#### 2013.10.22
+- Version 1.1
+- Stable release
+- Improved wrapper (now it can wrap internal unexported termsrv.dll SL Policy function)
+- Added support for Windows 8 Single Language (tested on Acer Tablet PC with Intel Atom Z2760)
+
+#### 2013.10.19
+- Version 1.0
+- First [beta] version
+- Basic SL Policy wrapper
+
+---
+
+#### Supported Terminal Services versions:
+- 6.0.X.X (Windows Vista / Server 2008)
+- 6.0.6000.16386 (Windows Vista)
+- 6.0.6001.18000 (Windows Vista SP1)
+- 6.0.6002.18005 (Windows Vista SP2)
+- 6.0.6002.19214 (Windows Vista SP2 with KB3003743 GDR)
+- 6.0.6002.23521 (Windows Vista SP2 with KB3003743 LDR)
+- 6.1.X.X (Windows 7 / Server 2008 R2)
+- 6.1.7600.16385 (Windows 7)
+- 6.1.7600.20890 (Windows 7 with KB2479710)
+- 6.1.7600.21316 (Windows 7 with KB2750090)
+- 6.1.7601.17514 (Windows 7 SP1)
+- 6.1.7601.21650 (Windows 7 SP1 with KB2479710)
+- 6.1.7601.21866 (Windows 7 SP1 with KB2647409)
+- 6.1.7601.22104 (Windows 7 SP1 with KB2750090)
+- 6.1.7601.18540 (Windows 7 SP1 with KB2984972 GDR)
+- 6.1.7601.22750 (Windows 7 SP1 with KB2984972 LDR)
+- 6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR)
+- 6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR)
+- 6.1.7601.23403 (Windows 7 SP1 with KB3125574)
+- 6.1.7601.24234 (Windows 7 SP1 with KB4462923)
+- 6.2.8102.0 (Windows 8 Developer Preview)
+- 6.2.8250.0 (Windows 8 Consumer Preview)
+- 6.2.8400.0 (Windows 8 Release Preview)
+- 6.2.9200.16384 (Windows 8 / Server 2012)
+- 6.2.9200.17048 (Windows 8 with KB2973501 GDR)
+- 6.2.9200.21166 (Windows 8 with KB2973501 LDR)
+- 6.3.9431.0 (Windows 8.1 Preview)
+- 6.3.9600.16384 (Windows 8.1 / Server 2012 R2)
+- 6.3.9600.17095 (Windows 8.1 with KB2959626)
+- 6.3.9600.17415 (Windows 8.1 with KB3000850)
+- 6.3.9600.18692 (Windows 8.1 with KB4022720)
+- 6.3.9600.18708 (Windows 8.1 with KB4025335)
+- 6.3.9600.18928 (Windows 8.1 with KB4088876)
+- 6.3.9600.19093 (Windows 8.1 with KB4343891)
+- 6.4.9841.0 (Windows 10 Technical Preview)
+- 6.4.9860.0 (Windows 10 Technical Preview Update 1)
+- 6.4.9879.0 (Windows 10 Technical Preview Update 2)
+- 10.0.9926.0 (Windows 10 Pro Technical Preview)
+- 10.0.10041.0 (Windows 10 Pro Technical Preview Update 1)
+- 10.0.10240.16384 (Windows 10 RTM)
+- 10.0.10586.0 (Windows 10 TH2 Release 151029-1700)
+- 10.0.10586.589 (Windows 10 TH2 Release 160906-1759 with KB3185614)
+- 10.0.11082.1000 (Windows 10 RS1 Release 151210-2021)
+- 10.0.11102.1000 (Windows 10 RS1 Release 160113-1800)
+- 10.0.14251.1000 (Windows 10 RS1 Release 160124-1059)
+- 10.0.14271.1000 (Windows 10 RS1 Release 160218-2310)
+- 10.0.14279.1000 (Windows 10 RS1 Release 160229-1700)
+- 10.0.14295.1000 (Windows 10 RS1 Release 160318-1628)
+- 10.0.14300.1000 (Windows Server 2016 Technical Preview 5)
+- 10.0.14316.1000 (Windows 10 RS1 Release 160402-2227)
+- 10.0.14328.1000 (Windows 10 RS1 Release 160418-1609)
+- 10.0.14332.1001 (Windows 10 RS1 Release 160422-1940)
+- 10.0.14342.1000 (Windows 10 RS1 Release 160506-1708)
+- 10.0.14352.1002 (Windows 10 RS1 Release 160522-1930)
+- 10.0.14366.0 (Windows 10 RS1 Release 160610-1700)
+- 10.0.14367.0 (Windows 10 RS1 Release 160613-1700)
+- 10.0.14372.0 (Windows 10 RS1 Release 160620-2342)
+- 10.0.14379.0 (Windows 10 RS1 Release 160627-1607)
+- 10.0.14383.0 (Windows 10 RS1 Release 160701-1839)
+- 10.0.14385.0 (Windows 10 RS1 Release 160706-1700)
+- 10.0.14388.0 (Windows 10 RS1 Release 160709-1635)
+- 10.0.14393.0 (Windows 10 RS1 Release 160715-1616)
+- 10.0.14393.1198 (Windows 10 RS1 Release Sec 170427-1353 with KB4019472)
+- 10.0.14393.1737 (Windows 10 RS1 Release Inmarket 170914-1249 with KB4041691)
+- 10.0.14393.2457 (Windows 10 RS1 Release Inmarket 180822-1743 with KB4343884)
+- 10.0.14901.1000 (Windows 10 RS Pre-Release 160805-1700)
+- 10.0.14905.1000 (Windows 10 RS Pre-Release 160811-1739)
+- 10.0.14915.1000 (Windows 10 RS Pre-Release 160826-1902)
+- 10.0.14926.1000 (Windows 10 RS Pre-Release 160910-1529)
+- 10.0.14931.1000 (Windows 10 RS Pre-Release 160916-1700)
+- 10.0.14936.1000 (Windows 10 RS Pre-Release 160923-1700)
+- 10.0.14942.1000 (Windows 10 RS Pre-Release 161003-1929)
+- 10.0.14946.1000 (Windows 10 RS Pre-Release 161007-1700)
+- 10.0.14951.1000 (Windows 10 RS Pre-Release 161014-1700)
+- 10.0.14955.1000 (Windows 10 RS Pre-Release 161020-1700)
+- 10.0.14959.1000 (Windows 10 RS Pre-Release 161026-1700)
+- 10.0.14965.1001 (Windows 10 RS Pre-Release 161104-1700)
+- 10.0.14971.1000 (Windows 10 RS Pre-Release 161111-1700)
+- 10.0.14986.1000 (Windows 10 Build 160101.0800)
+- 10.0.14997.1001 (Windows 10 Build 160101.0800)
+- 10.0.15002.1001 (Windows 10 Build 160101.0800)
+- 10.0.15007.1000 (Windows 10 Build 160101.0800)
+- 10.0.15014.1000 (Windows 10 Build 160101.0800)
+- 10.0.15019.1000 (Windows 10 RS Pre-Release 170121-1513)
+- 10.0.15025.1000 (Windows 10 RS Pre-Release 170127-1750)
+- 10.0.15031.0 (Windows 10 RS2 Release 170204-1546)
+- 10.0.15042.0 (Windows 10 RS2 Release 170219-2329)
+- 10.0.15046.0 (Windows 10 Build 160101.0800)
+- 10.0.15048.0 (Windows 10 Build 160101.0800)
+- 10.0.15055.0 (Windows 10 Build 160101.0800)
+- 10.0.15058.0 (Windows 10 Build 160101.0800)
+- 10.0.15061.0 (Windows 10 Build 160101.0800)
+- 10.0.15063.0 (Windows 10 Build 160101.0800)
+- 10.0.15063.296 (Windows 10 Build 160101.0800)
+- 10.0.15063.994 (Windows 10 Build 160101.0800)
+- 10.0.15063.1155 (Windows 10 Build 160101.0800)
+- 10.0.16179.1000 (Windows 10 Build 160101.0800)
+- 10.0.16184.1001 (Windows 10 Build 160101.0800)
+- 10.0.16199.1000 (Windows 10 Build 160101.0800)
+- 10.0.16215.1000 (Windows 10 Build 160101.0800)
+- 10.0.16232.1000 (Windows 10 Build 160101.0800)
+- 10.0.16237.1001 (Windows 10 Build 160101.0800)
+- 10.0.16241.1001 (Windows 10 Build 160101.0800)
+- 10.0.16251.0 (Windows 10 Build 160101.0800)
+- 10.0.16251.1000 (Windows 10 Build 160101.0800)
+- 10.0.16257.1 (Windows 10 Build 160101.0800)
+- 10.0.16257.1000 (Windows 10 Build 160101.0800)
+- 10.0.16273.1000 (Windows 10 Build 160101.0800)
+- 10.0.16275.1000 (Windows 10 Build 160101.0800)
+- 10.0.16278.1000 (Windows 10 Build 160101.0800)
+- 10.0.16281.1000 (Windows 10 Build 160101.0800)
+- 10.0.16288.1 (Windows 10 Build 160101.0800)
+- 10.0.16291.0 (Windows 10 Build 160101.0800)
+- 10.0.16294.1 (Windows 10 Build 160101.0800)
+- 10.0.16296.0 (Windows 10 Build 160101.0800)
+- 10.0.16299.0 (Windows 10 Build 160101.0800)
+- 10.0.16299.15 (Windows 10 Build 160101.0800)
+- 10.0.16353.1000 (Windows 10 Build 160101.0800)
+- 10.0.16362.1000 (Windows 10 Build 160101.0800)
+- 10.0.17004.1000 (Windows 10 Build 160101.0800)
+- 10.0.17017.1000 (Windows 10 Build 160101.0800)
+- 10.0.17025.1000 (Windows 10 Build 160101.0800)
+- 10.0.17035.1000 (Windows 10 Build 160101.0800)
+- 10.0.17046.1000 (Windows 10 Build 160101.0800)
+- 10.0.17063.1000 (Windows 10 Build 160101.0800)
+- 10.0.17115.1 (Windows 10 Build 160101.0800)
+- 10.0.17128.1 (Windows 10 Build 160101.0800)
+- 10.0.17133.1 (Windows 10 Build 160101.0800)
+- 10.0.17134.1 (Windows 10 Build 160101.0800)
+- 10.0.17723.1000 (Windows 10 Build 160101.0800)
+- 10.0.17763.1 (Windows 10 Build 160101.0800)
+
+#### Confirmed working on:
+- Windows Vista Starter (x86 - Service Pack 1 and higher)
+- Windows Vista Home Basic
+- Windows Vista Home Premium
+- Windows Vista Business
+- Windows Vista Enterprise
+- Windows Vista Ultimate
+- Windows Server 2008
+- Windows 7 Starter
+- Windows 7 Home Basic
+- Windows 7 Home Premium
+- Windows 7 Professional
+- Windows 7 Enterprise
+- Windows 7 Ultimate
+- Windows Server 2008 R2
+- Windows 8 Developer Preview
+- Windows 8 Consumer Preview
+- Windows 8 Release Preview
+- Windows 8
+- Windows 8 Single Language
+- Windows 8 Pro
+- Windows 8 Enterprise
+- Windows Server 2012
+- Windows 8.1 Preview
+- Windows 8.1
+- Windows 8.1 Connected (with Bing)
+- Windows 8.1 Single Language
+- Windows 8.1 Connected Single Language (with Bing)
+- Windows 8.1 Pro
+- Windows 8.1 Enterprise
+- Windows Server 2012 R2
+- Windows 10 Technical Preview
+- Windows 10 Pro Technical Preview
+- Windows 10 Home
+- Windows 10 Home Single Language
+- Windows 10 Pro
+- Windows 10 Enterprise
+- Windows Server 2016 Technical Preview
+
+Installation instructions:
+- Download latest release binaries and unpack files
+- Right-click on **`install.bat`** and select Run as Administrator
+- See command output for details
+
+To update INI file:
+- Right-click on **`update.bat`** and select Run as Administrator
+- See command output for details
+
+To uninstall:
+- Go to the directory where you extracted the files
+- Right-click on **`uninstall.bat`** and select Run as Administrator
+- See command output for details
diff --git a/bin/RDPCheck.exe b/bin/RDPCheck.exe
deleted file mode 100644
index 5f62298..0000000
Binary files a/bin/RDPCheck.exe and /dev/null differ
diff --git a/bin/RDPConf.exe b/bin/RDPConf.exe
deleted file mode 100644
index 6e38978..0000000
Binary files a/bin/RDPConf.exe and /dev/null differ
diff --git a/bin/RDPWInst.exe b/bin/RDPWInst.exe
deleted file mode 100644
index 1a50250..0000000
Binary files a/bin/RDPWInst.exe and /dev/null differ
diff --git a/bin/install.bat b/bin/install.bat
index e33e2f8..5e6ed34 100644
--- a/bin/install.bat
+++ b/bin/install.bat
@@ -1,8 +1,14 @@
 @echo off
-RDPWInst -i
+if not exist "%~dp0RDPWInst.exe" goto :error
+"%~dp0RDPWInst" -i -o
 echo ______________________________________________________________
 echo.
 echo You can check RDP functionality with RDPCheck program.
 echo Also you can configure advanced settings with RDPConf program.
 echo.
+goto :anykey
+:error
+echo [-] Installer executable not found.
+echo Please extract all files from the downloaded package or check your anti-virus.
+:anykey
 pause
diff --git a/bin/uninstall.bat b/bin/uninstall.bat
index ace7aa5..1c72289 100644
--- a/bin/uninstall.bat
+++ b/bin/uninstall.bat
@@ -1,4 +1,10 @@
 @echo off
-RDPWInst -u
+if not exist "%~dp0RDPWInst.exe" goto :error
+"%~dp0RDPWInst" -u
 echo.
+goto :anykey
+:error
+echo [-] Installer executable not found.
+echo Please extract all files from the downloaded package or check your anti-virus.
+:anykey
 pause
diff --git a/bin/update.bat b/bin/update.bat
new file mode 100644
index 0000000..f3874aa
--- /dev/null
+++ b/bin/update.bat
@@ -0,0 +1,10 @@
+@echo off
+if not exist "%~dp0RDPWInst.exe" goto :error
+"%~dp0RDPWInst" -w
+echo.
+goto :anykey
+:error
+echo [-] Installer executable not found.
+echo Please extract all files from the downloaded package or check your anti-virus.
+:anykey
+pause
diff --git a/res/RDPWInst.wxs b/res/RDPWInst.wxs
new file mode 100644
index 0000000..9352ffc
--- /dev/null
+++ b/res/RDPWInst.wxs
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
+  <?define ProductName="RDP Wrapper Library" ?>
+  <?define ProductVersion="1.6.2" ?>
+  <?define ProductCode="37ea5771-3352-4a52-9fac-9297331daebd"?>
+  <?define UpgradeCode="6623f60c-e84f-41e7-a55b-f421165deeb5"?>
+  <?define Manufacturer="Stas'M Corp. and contributors"?>
+
+  <Product Id="$(var.ProductCode)" Name="$(var.ProductName)" Language="1033" Version="$(var.ProductVersion)" Manufacturer="$(var.Manufacturer)" UpgradeCode="$(var.UpgradeCode)">
+    <Package InstallerVersion="200" Compressed="yes"/>
+    <Property Id="MSIFASTINSTALL" Value="1" />
+    <Property Id="DISABLEROLLBACK" Value="1" />
+    <MajorUpgrade AllowDowngrades="yes"/>
+
+    <Media Id="1" Cabinet="media1.cab" EmbedCab="yes"/>
+
+    <Directory Id="TARGETDIR" Name="SourceDir">
+      <Directory Id="CommonAppDataFolder">
+        <Directory Id="PACKAGECACHE" Name="Package Cache">
+          <Directory Id="INSTALLLOCATION" Name="{$(var.ProductCode)}">
+            <Component Id="RDPWrap" Guid="affd77d1-b35c-46f3-a97f-1686dc57b8b8">
+              <File Id='RDPWInst' DiskId='1' Source='RDPWInst.exe'/>
+            </Component>
+          </Directory>
+        </Directory>
+      </Directory>
+    </Directory>
+
+    <Feature Id="RDPWrapInstall" Title="RDPWrapSetup" Level="1">
+      <ComponentRef Id="RDPWrap" />
+    </Feature>
+
+    <CustomAction Id='InstallAction' FileKey='RDPWInst' ExeCommand='-i -o' Execute='immediate' Return='check'/>
+    <CustomAction Id='UninstallAction' FileKey='RDPWInst' ExeCommand='-u' Execute='immediate' Return='check'/>
+    <CustomAction Id='UpdateAction' FileKey='RDPWInst' ExeCommand='-w' Execute='immediate' Return='check'/>
+<!--     <CustomAction Id='ChangeAction' Directory='ProgramFilesFolder' ExeCommand='RDP Wrapper\RDPConf' Execute='immediate' Return='check'/>
+    <CustomAction Id='RepairAction' Directory='ProgramFilesFolder' ExeCommand='RDP Wrapper\RDPCheck' Execute='immediate' Return='check'/> -->
+
+    <InstallExecuteSequence>
+      <Custom Action='InstallAction' After='InstallFinalize'>NOT Installed AND NOT WIX_UPGRADE_DETECTED</Custom>
+      <Custom Action='UninstallAction' Before="RemoveFiles">REMOVE AND NOT UPGRADINGPRODUCTCODE</Custom>
+      <Custom Action='UpdateAction' Before="RemoveFiles">UPGRADINGPRODUCTCODE</Custom>
+<!--       <Custom Action='ChangeAction' After='InstallFinalize'>Installed AND NOT REINSTALL AND NOT UPGRADINGPRODUCTCODE AND NOT REMOVE</Custom>
+      <Custom Action='RepairAction' After='InstallFinalize'>REINSTALL</Custom> -->
+    </InstallExecuteSequence>
+
+  </Product>
+</Wix>
diff --git a/res/build_wxs.bat b/res/build_wxs.bat
new file mode 100644
index 0000000..9eeef72
--- /dev/null
+++ b/res/build_wxs.bat
@@ -0,0 +1,3 @@
+@echo off
+"%ProgramFiles%\WiX Toolset v3.11\bin\candle" RDPWInst.wxs
+"%ProgramFiles%\WiX Toolset v3.11\bin\light" RDPWInst.wixobj
diff --git a/res/legacy.install.bat b/res/legacy.install.bat
index a7d8de2..303cc32 100644
--- a/res/legacy.install.bat
+++ b/res/legacy.install.bat
@@ -50,6 +50,7 @@ if not !errorlevel!==0 (
 echo [*] Setting firewall configuration...
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
 netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow
+netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=udp localport=3389 profile=any action=allow
 echo [*] Looking for TermService PID...
 tasklist /SVC /FI "SERVICES eq TermService" | find "PID" /V
 echo.
@@ -88,4 +89,4 @@ echo net start Service2
 echo etc.
 goto END
 
-:END
\ No newline at end of file
+:END
diff --git a/res/rdpclip-x64.exe b/res/rdpclip-x64.exe
deleted file mode 100644
index bc2fcd4..0000000
Binary files a/res/rdpclip-x64.exe and /dev/null differ
diff --git a/res/rdpclip-x86.exe b/res/rdpclip-x86.exe
deleted file mode 100644
index 4b9bb5b..0000000
Binary files a/res/rdpclip-x86.exe and /dev/null differ
diff --git a/res/rdpwrap-arm-kb.ini b/res/rdpwrap-arm-kb.ini
new file mode 100644
index 0000000..7376c9a
--- /dev/null
+++ b/res/rdpwrap-arm-kb.ini
@@ -0,0 +1,172 @@
+; RDP Wrapper Library configuration
+; for Windows RT (ARMv7)
+
+; This is experimental file
+
+[Main]
+Updated=2016-03-07
+LogFile=\rdpwrap.txt
+
+[SLPolicy]
+TerminalServices-RemoteConnectionManager-AllowRemoteConnections=1
+TerminalServices-RemoteConnectionManager-AllowMultipleSessions=1
+TerminalServices-RemoteConnectionManager-AllowAppServerMode=1
+TerminalServices-RemoteConnectionManager-AllowMultimon=1
+TerminalServices-RemoteConnectionManager-MaxUserSessions=0
+TerminalServices-RemoteConnectionManager-ce0ad219-4670-4988-98fb-89b14c2f072b-MaxSessions=0
+TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-MaxSessions=2
+TerminalServices-RDP-7-Advanced-Compression-Allowed=1
+TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-LocalOnly=0
+TerminalServices-RemoteConnectionManager-8dc86f1d-9969-4379-91c1-06fe1dc60575-MaxSessions=1000
+TerminalServices-DeviceRedirection-Licenses-TSEasyPrintAllowed=1
+TerminalServices-DeviceRedirection-Licenses-PnpRedirectionAllowed=1
+TerminalServices-DeviceRedirection-Licenses-TSMFPluginAllowed=1
+TerminalServices-RemoteConnectionManager-UiEffects-DWMRemotingAllowed=1
+
+[PatchCodes]
+Zero=00
+bjmp5=05E0
+CDefPolicy_Query_r3_r5=40F20013C5F8203305E0
+CDefPolicy_Query_r3_r0=40F20013C0F8203305E0
+
+[6.2.9200.16384]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10066DCC          MOV.W           R3, #0x11C
+; .text:10066DD0          STR             R3, [SP,#0x16C+var_13C]
+; .text:10066DD2          LDR             R3, =__imp_GetVersionExW
+; .text:10066DD4          MOVS            R4, #1            <- 0
+; .text:10066DD6          ADD             R0, SP, #0x16C+var_13C
+; .text:10066DD8          LDR             R3, [R3]
+SingleUserPatch.arm=1
+SingleUserOffset.arm=66DD4
+SingleUserCode.arm=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10059164          LDR.W           R2, [R5,#0x324]   ; D5 F8 24 23   ; [R5,#0x324] -> R2
+; .text:10059168          LDR.W           R3, [R5,#0x320]   ; D5 F8 20 33   ; [R5,#0x320] -> R3
+; .text:1005916C          CMP             R2, R3            ; 9A 42         ; compare
+; .text:1005916E          BNE             loc_1005917A      ; 04 D1         ; jump if (R2 != R3)
+; Changed
+; .text:10059164          MOVW            R3, #0x100        ; 40 F2 00 13   ; 0x100 -> R3
+; .text:10059168          STR.W           R3, [R5,#0x320]   ; C5 F8 20 33   ; R3 -> [R5,#0x320]
+; .text:1005916C          B               loc_1005917A      ; 05 E0         ; jump
+; .text:1005916E          BNE             loc_1005917A      ; 04 D1         ; / never executed /
+DefPolicyPatch.arm=1
+DefPolicyOffset.arm=59164
+DefPolicyCode.arm=CDefPolicy_Query_r3_r5
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.arm=1
+SLPolicyOffset.arm=5F934
+SLPolicyFunc.arm=New_Win8SL
+
+[6.3.9600.16384]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:1008E6C2          BL              _IsLicenseTypeLocalOnly_CSLQuery__SAJAAU_GUID__PAH_Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:1008E6C6          CMP             R0, #0
+; .text:1008E6C8          BLT             loc_1008E6DA
+; .text:1008E6CA          LDR             R3, [SP,#0x20+var_14]
+; .text:1008E6CC          CBZ             R3, loc_1008E6DA  ; 2B B1         ; jump if (R3 == 0)
+; Changed
+; .text:1008E6CC          B               loc_1008E6DA      ; 05 E0         ; jump
+LocalOnlyPatch.arm=1
+LocalOnlyOffset.arm=8E6CC
+LocalOnlyCode.arm=bjmp5
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10069E74          MOV.W           R3, #0x11C
+; .text:10069E78          STR             R3, [SP,#0x164+var_13C]
+; .text:10069E7A          LDR             R3, =__imp_GetVersionExW
+; .text:10069E7C          MOVS            R4, #1            <- 0
+; .text:10069E7E          ADD             R0, SP, #0x164+var_13C
+; .text:10069E80          LDR             R3, [R3]
+SingleUserPatch.arm=1
+SingleUserOffset.arm=69E7C
+SingleUserCode.arm=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10064D54          LDR.W           R2, [R0,#0x324]   ; D0 F8 24 23   ; [R0,#0x324] -> R2
+; .text:10064D58          LDR.W           R3, [R0,#0x320]   ; D0 F8 20 33   ; [R0,#0x320] -> R3
+; .text:10064D5C          CMP             R2, R3            ; 9A 42         ; compare
+; .text:10064D5E          BNE             loc_10064D6A      ; 04 D1         ; jump if (R2 != R3)
+; Changed
+; .text:10064D54          MOVW            R3, #0x100        ; 40 F2 00 13   ; 0x100 -> R3
+; .text:10064D58          STR.W           R3, [R0,#0x320]   ; C0 F8 20 33   ; R3 -> [R0,#0x320]
+; .text:10064D5C          B               loc_10064D6A      ; 05 E0         ; jump
+; .text:10064D5E          BNE             loc_10064D6A      ; 04 D1         ; / never executed /
+DefPolicyPatch.arm=1
+DefPolicyOffset.arm=64D54
+DefPolicyCode.arm=CDefPolicy_Query_r3_r0
+; Hook CSLQuery::Initialize
+SLInitHook.arm=1
+SLInitOffset.arm=32188
+SLInitFunc.arm=New_CSLQuery_Initialize
+
+[6.3.9600.17095]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:1008E35A          BL              _IsLicenseTypeLocalOnly_CSLQuery__SAJAAU_GUID__PAH_Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:1008E35E          CMP             R0, #0
+; .text:1008E360          BLT             loc_1008E372
+; .text:1008E362          LDR             R3, [SP,#0x20+var_14]
+; .text:1008E364          CBZ             R3, loc_1008E372  ; 2B B1         ; jump if (R3 == 0)
+; Changed
+; .text:1008E364          B               loc_1008E372      ; 05 E0         ; jump
+LocalOnlyPatch.arm=1
+LocalOnlyOffset.arm=8E364
+LocalOnlyCode.arm=bjmp5
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10069C2C          MOV.W           R3, #0x11C
+; .text:10069C30          STR             R3, [SP,#0x164+var_13C]
+; .text:10069C32          LDR             R3, =GetVersionExW
+; .text:10069C34          MOVS            R4, #1            <- 0
+; .text:10069C36          ADD             R0, SP, #0x164+var_13C
+; .text:10069C38          LDR             R3, [R3]
+SingleUserPatch.arm=1
+SingleUserOffset.arm=69C34
+SingleUserCode.arm=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:100649E0          LDR.W           R2, [R0,#0x324]   ; D0 F8 24 23   ; [R0,#0x324] -> R2
+; .text:100649E4          LDR.W           R3, [R0,#0x320]   ; D0 F8 20 33   ; [R0,#0x320] -> R3
+; .text:100649E8          CMP             R2, R3            ; 9A 42         ; compare
+; .text:100649EA          BNE             loc_100649F6      ; 04 D1         ; jump if (R2 != R3)
+; Changed
+; .text:100649E0          MOVW            R3, #0x100        ; 40 F2 00 13   ; 0x100 -> R3
+; .text:100649E4          STR.W           R3, [R0,#0x320]   ; C0 F8 20 33   ; R3 -> [R0,#0x320]
+; .text:100649E8          B               loc_10064D6A      ; 05 E0         ; jump
+; .text:100649EA          BNE             loc_10064D6A      ; 04 D1         ; / never executed /
+DefPolicyPatch.arm=1
+DefPolicyOffset.arm=649E0
+DefPolicyCode.arm=CDefPolicy_Query_r3_r0
+; Hook CSLQuery::Initialize
+SLInitHook.arm=1
+SLInitOffset.arm=32E3C
+SLInitFunc.arm=New_CSLQuery_Initialize
+
+[SLInit]
+bServerSku=1
+bRemoteConnAllowed=1
+bFUSEnabled=1
+bAppServerAllowed=1
+bMultimonAllowed=1
+lMaxUserSessions=0
+ulMaxDebugSessions=0
+bInitialized=1
+
+[6.3.9600.16384-SLInit]
+bFUSEnabled.arm       =A57E0
+lMaxUserSessions.arm  =A57E4
+bAppServerAllowed.arm =A57E8
+bInitialized.arm      =A57EC
+bMultimonAllowed.arm  =A57F0
+bServerSku.arm        =A57F4
+ulMaxDebugSessions.arm=A57F8
+bRemoteConnAllowed.arm=A57FC
+
+[6.3.9600.17095-SLInit]
+bFUSEnabled.arm       =A67E0
+lMaxUserSessions.arm  =A67E4
+bAppServerAllowed.arm =A67E8
+bInitialized.arm      =A67EC
+bMultimonAllowed.arm  =A67F0
+bServerSku.arm        =A67F4
+ulMaxDebugSessions.arm=A67F8
+bRemoteConnAllowed.arm=A67FC
diff --git a/res/rdpwrap-ini-kb.txt b/res/rdpwrap-ini-kb.txt
new file mode 100644
index 0000000..a258ab4
--- /dev/null
+++ b/res/rdpwrap-ini-kb.txt
@@ -0,0 +1,6289 @@
+[Main]
+; Last updated date
+Updated=2018-10-10
+; Address to log file (RDP Wrapper will write it, if exists)
+LogFile=\rdpwrap.txt
+; Hook SLPolicy API on Windows NT 6.0
+SLPolicyHookNT60=1
+; Hook SLPolicy API on Windows NT 6.1
+SLPolicyHookNT61=1
+
+[SLPolicy]
+; Allow Remote Connections
+TerminalServices-RemoteConnectionManager-AllowRemoteConnections=1
+; Allow Multiple Sessions
+TerminalServices-RemoteConnectionManager-AllowMultipleSessions=1
+; Allow Multiple Sessions (Application Server Mode)
+TerminalServices-RemoteConnectionManager-AllowAppServerMode=1
+; Allow Multiple Monitors
+TerminalServices-RemoteConnectionManager-AllowMultimon=1
+; Max User Sessions (0 = unlimited)
+TerminalServices-RemoteConnectionManager-MaxUserSessions=0
+; Max Debug Sessions (Windows 8, 0 = unlimited)
+TerminalServices-RemoteConnectionManager-ce0ad219-4670-4988-98fb-89b14c2f072b-MaxSessions=0
+; Max Sessions
+; 0 - logon not possible even from console
+; 1 - only one active user (console or remote)
+; 2 - allow concurrent sessions
+TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-MaxSessions=2
+; Allow Advanced Compression with RDP 7 Protocol
+TerminalServices-RDP-7-Advanced-Compression-Allowed=1
+; IsTerminalTypeLocalOnly = 0
+TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-LocalOnly=0
+; Max Sessions (hard limit)
+TerminalServices-RemoteConnectionManager-8dc86f1d-9969-4379-91c1-06fe1dc60575-MaxSessions=1000
+; Allow EasyPrint
+TerminalServices-DeviceRedirection-Licenses-TSEasyPrintAllowed=1
+; Allow PnP Redirection
+TerminalServices-DeviceRedirection-Licenses-PnpRedirectionAllowed=1
+; Allow Media Foundation plugins
+TerminalServices-DeviceRedirection-Licenses-TSMFPluginAllowed=1
+; Allow DWM Remoting
+TerminalServices-RemoteConnectionManager-UiEffects-DWMRemotingAllowed=1
+
+[PatchCodes]
+nop=90
+Zero=00
+jmpshort=EB
+nopjmp=90E9
+CDefPolicy_Query_edx_ecx=BA000100008991200300005E90
+CDefPolicy_Query_eax_rcx_jmp=B80001000089813806000090EB
+CDefPolicy_Query_eax_esi=B80001000089862003000090
+CDefPolicy_Query_eax_rdi=B80001000089873806000090
+CDefPolicy_Query_eax_ecx=B80001000089812003000090
+CDefPolicy_Query_eax_ecx_jmp=B800010000898120030000EB0E
+CDefPolicy_Query_eax_rcx=B80001000089813806000090
+CDefPolicy_Query_edi_rcx=BF0001000089B938060000909090
+
+[6.0.6000.16386]
+; HOW TO search CSessionArbitrationHelper::IsSingleSessionPerUserEnabled function in IDA Pro:
+; 1. Search text: CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; 2. All xrefs will point to this function (in x64 version xref points to subroutine, so you need to go one level up)
+; 3. Go to first graph block and find memset, VersionInformation, call GetVersionExW, and so on
+
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F320000
+; .text:6F3360B9          lea     eax, [ebp+VersionInformation]
+; .text:6F3360BF          inc     ebx            <- nop
+; .text:6F3360C0          push    eax             ; lpVersionInformation
+; .text:6F3360C1          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F3360CB          mov     [esi], ebx
+; .text:6F3360CD          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=160BF
+SingleUserCode.x86=nop
+; Imagebase: 7FF756E0000
+; .text:000007FF75745E38          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75745E3D          mov     ebx, 1     <- 0
+; .text:000007FF75745E42          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75745E4A          mov     [rdi], ebx
+; .text:000007FF75745E4C          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=65E3E
+SingleUserCode.x64=Zero
+; HOW TO search CDefPolicy::Query function in IDA Pro:
+; 1. Search text: CDefPolicy::Query
+; 2. All xrefs will point to this function (in x64 version xref sometimes points to subroutine, so you need to go one level up)
+; 3. Go to first graph block and find cmp/jz instructions on the bottom of block
+
+; Patch CDefPolicy::Query
+; Original
+; .text:6F335CD8          cmp     edx, [ecx+320h]
+; .text:6F335CDE          pop     esi
+; .text:6F335CDF          jz      loc_6F3426F1
+; Changed
+; .text:6F335CD8          mov     edx, 100h
+; .text:6F335CDD          mov     [ecx+320h], edx
+; .text:6F335CE3          pop     esi
+; .text:6F335CE4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=15CD8
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+; Original
+; .text:000007FF7573C88F          mov     eax, [rcx+638h]
+; .text:000007FF7573C895          cmp     [rcx+63Ch], eax
+; .text:000007FF7573C89B          jnz     short loc_7FF7573C8B3
+; Changed
+; .text:000007FF7573C88F          mov     eax, 100h
+; .text:000007FF7573C894          mov     [rcx+638h], eax
+; .text:000007FF7573C89A          nop
+; .text:000007FF7573C89B          jmp     short loc_7FF7573C8B3
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=5C88F
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6001.18000]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6E800000
+; .text:6E8185DE          lea     eax, [ebp+VersionInformation]
+; .text:6E8185E4          inc     ebx            <- nop
+; .text:6E8185E5          push    eax             ; lpVersionInformation
+; .text:6E8185E6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6E8185F0          mov     [esi], ebx
+; .text:6E8185F2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=185E4
+SingleUserCode.x86=nop
+; Imagebase: 7FF76220000
+; .text:000007FF76290DB4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF76290DB9          mov     ebx, 1     <- 0
+; .text:000007FF76290DBE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF76290DC6          mov     [rdi], ebx
+; .text:000007FF76290DC8          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=70DBA
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6E817FD8          cmp     edx, [ecx+320h]
+; .text:6E817FDE          pop     esi
+; .text:6E817FDF          jz      loc_6E826F16
+; Changed
+; .text:6E817FD8          mov     edx, 100h
+; .text:6E817FDD          mov     [ecx+320h], edx
+; .text:6E817FE3          pop     esi
+; .text:6E817FE4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=17FD8
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+; Original
+; .text:000007FF76285BD7          mov     eax, [rcx+638h]
+; .text:000007FF76285BDD          cmp     [rcx+63Ch], eax
+; .text:000007FF76285BE3          jnz     short loc_7FF76285BFB
+; Changed
+; .text:000007FF76285BD7          mov     eax, 100h
+; .text:000007FF76285BDC          mov     [rcx+638h], eax
+; .text:000007FF76285BE2          nop
+; .text:000007FF76285BE3          jmp     short loc_7FF76285BFB
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=65BD7
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6002.18005]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F580000
+; .text:6F597FA2          lea     eax, [ebp+VersionInformation]
+; .text:6F597FA8          inc     ebx            <- nop
+; .text:6F597FA9          push    eax             ; lpVersionInformation
+; .text:6F597FAA          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F597FB4          mov     [esi], ebx
+; .text:6F597FB6          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=17FA8
+SingleUserCode.x86=nop
+; Imagebase: 7FF766C0000
+; .text:000007FF76730FF0          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF76730FF5          mov     ebx, 1     <- 0
+; .text:000007FF76730FFA          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF76731002          mov     [rdi], ebx
+; .text:000007FF76731004          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=70FF6
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F5979C0          cmp     edx, [ecx+320h]
+; .text:6F5979C6          pop     esi
+; .text:6F5979C7          jz      loc_6F5A6F26
+; Changed
+; .text:6F5979C0          mov     edx, 100h
+; .text:6F5979C5          mov     [ecx+320h], edx
+; .text:6F5979CB          pop     esi
+; .text:6F5979CC          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=179C0
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+; Original
+; .text:000007FF76725E83          mov     eax, [rcx+638h]
+; .text:000007FF76725E89          cmp     [rcx+63Ch], eax
+; .text:000007FF76725E8F          jz      short loc_7FF76725EA7
+; Changed
+; .text:000007FF76725E83          mov     eax, 100h
+; .text:000007FF76725E88          mov     [rcx+638h], eax
+; .text:000007FF76725E8E          nop
+; .text:000007FF76725E8F          jmp     short loc_7FF76725EA7
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=65E83
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6002.19214]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F580000
+; .text:6F597FBE          lea     eax, [ebp+VersionInformation]
+; .text:6F597FC4          inc     ebx            <- nop
+; .text:6F597FC5          push    eax             ; lpVersionInformation
+; .text:6F597FC6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F597FD0          mov     [esi], ebx
+; .text:6F597FD2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=17FC4
+SingleUserCode.x86=nop
+; Imagebase: 7FF75AC0000
+; .text:000007FF75B312A4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75B312A9          mov     ebx, 1     <- 0
+; .text:000007FF75B312AE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75B312B6          mov     [rdi], ebx
+; .text:000007FF75B312B8          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=712AA
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F5979B8          cmp     edx, [ecx+320h]
+; .text:6F5979BE          pop     esi
+; .text:6F5979BF          jz      loc_6F5A6F3E
+; Changed
+; .text:6F5979B8          mov     edx, 100h
+; .text:6F5979BD          mov     [ecx+320h], edx
+; .text:6F5979C3          pop     esi
+; .text:6F5979C4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=179B8
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+; Original
+; .text:000007FF75B25FF7          mov     eax, [rcx+638h]
+; .text:000007FF75B25FFD          cmp     [rcx+63Ch], eax
+; .text:000007FF75B26003          jnz     short loc_7FF75B2601B
+; Changed
+; .text:000007FF75B25FF7          mov     eax, 100h
+; .text:000007FF75B25FFC          mov     [rcx+638h], eax
+; .text:000007FF75B26002          nop
+; .text:000007FF75B26003          jmp     short loc_7FF75B2601B
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=65FF7
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6002.23521]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F580000
+; .text:6F597FAE          lea     eax, [ebp+VersionInformation]
+; .text:6F597FB4          inc     ebx            <- nop
+; .text:6F597FB5          push    eax             ; lpVersionInformation
+; .text:6F597FB6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F597FC0          mov     [esi], ebx
+; .text:6F597FC2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=17FB4
+SingleUserCode.x86=nop
+; Imagebase: 7FF75AC0000
+; .text:000007FF75B31EA4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75B31EA9          mov     ebx, 1     <- 0
+; .text:000007FF75B31EAE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75B31EB6          mov     [rdi], ebx
+; .text:000007FF75B31EB8          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=71EAA
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F5979CC          cmp     edx, [ecx+320h]
+; .text:6F5979D2          pop     esi
+; .text:6F5979D3          jz      loc_6F5A6F2E
+; Changed
+; .text:6F5979CC          mov     edx, 100h
+; .text:6F5979D1          mov     [ecx+320h], edx
+; .text:6F5979D7          pop     esi
+; .text:6F5979D8          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=179CC
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+; Original
+; .text:000007FF75B269CB          mov     eax, [rcx+638h]
+; .text:000007FF75B269D1          cmp     [rcx+63Ch], eax
+; .text:000007FF75B269D7          jnz     short loc_7FF75B269EF
+; Changed
+; .text:000007FF75B269CB          mov     eax, 100h
+; .text:000007FF75B269D0          mov     [rcx+638h], eax
+; .text:000007FF75B269D6          nop
+; .text:000007FF75B269D7          jmp     short loc_7FF75B269EF
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=669CB
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.1.7600.16385]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F2E0000
+; .text:6F2F9E1F          lea     eax, [ebp+VersionInformation]
+; .text:6F2F9E25          inc     ebx            <- nop
+; .text:6F2F9E26          push    eax             ; lpVersionInformation
+; .text:6F2F9E27          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F2F9E31          mov     [esi], ebx
+; .text:6F2F9E33          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=19E25
+SingleUserCode.x86=nop
+; Imagebase: 7FF75A80000
+; .text:000007FF75A97D90          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75A97D95          mov     ebx, 1     <- 0
+; .text:000007FF75A97D9A          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75A97DA2          mov     [rdi], ebx
+; .text:000007FF75A97DA4          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17D96
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F2F96F3          cmp     eax, [esi+320h]
+; .text:6F2F96F9          jz      loc_6F30E256
+; Changed
+; .text:6F2F96F3          mov     eax, 100h
+; .text:6F2F96F8          mov     [esi+320h], eax
+; .text:6F2F96FE          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=196F3
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000007FF75A97AD2          cmp     [rdi+63Ch], eax
+; .text:000007FF75A97AD8          jz      loc_7FF75AA4978
+; Changed
+; .text:000007FF75A97AD2          mov     eax, 100h
+; .text:000007FF75A97AD7          mov     [rdi+638h], eax
+; .text:000007FF75A97ADD          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17AD2
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7600.20890]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=19E2D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17DF2
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=196FB
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17B0E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7600.21316]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=19E2D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17E3E
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=196FB
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17B5E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.17514]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F2E0000
+; .text:6F2FA497          lea     eax, [ebp+VersionInformation]
+; .text:6F2FA49D          inc     ebx            <- nop
+; .text:6F2FA49E          push    eax             ; lpVersionInformation
+; .text:6F2FA49F          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F2FA4A9          mov     [esi], ebx
+; .text:6F2FA4AB          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+; Imagebase: 7FF75A80000
+; .text:000007FF75A980DC          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75A980E1          mov     ebx, 1     <- 0
+; .text:000007FF75A980E6          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75A980EE          mov     [rdi], ebx
+; .text:000007FF75A980F0          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180E2
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F2F9D53          cmp     eax, [esi+320h]
+; .text:6F2F9D59          jz      loc_6F30B25E
+; Changed
+; .text:6F2F9D53          mov     eax, 100h
+; .text:6F2F9D58          mov     [esi+320h], eax
+; .text:6F2F9D5E          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000007FF75A97D8A          cmp     [rdi+63Ch], eax
+; .text:000007FF75A97D90          jz      loc_7FF75AA40F4
+; Changed
+; .text:000007FF75A97D8A          mov     eax, 100h
+; .text:000007FF75A97D8F          mov     [rdi+638h], eax
+; .text:000007FF75A97D95          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D8A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.18540]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F2E0000
+; .text:6F2FA4DF          lea     eax, [ebp+VersionInformation]
+; .text:6F2FA4E5          inc     ebx            <- nop
+; .text:6F2FA4E6          push    eax             ; lpVersionInformation
+; .text:6F2FA4E7          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F2FA4F1          mov     [esi], ebx
+; .text:6F2FA4F3          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A4E5
+SingleUserCode.x86=nop
+; Imagebase: 7FF75A80000
+; .text:000007FF75A98000          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75A98005          mov     ebx, 1     <- 0
+; .text:000007FF75A9800A          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75A98012          mov     [rdi], ebx
+; .text:000007FF75A98014          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=18006
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F2F9D9F          cmp     eax, [esi+320h]
+; .text:6F2F9DA5          jz      loc_6F30B2AE
+; Changed
+; .text:6F2F9D9F          mov     eax, 100h
+; .text:6F2F9DA4          mov     [esi+320h], eax
+; .text:6F2F9DAA          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D9F
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000007FF75A97C82          cmp     [rdi+63Ch], eax
+; .text:000007FF75A97C88          jz      loc_7FF75AA3FBD
+; Changed
+; .text:000007FF75A97C82          mov     eax, 100h
+; .text:000007FF75A97C87          mov     [rdi+638h], eax
+; .text:000007FF75A97C8D          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17C82
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.22750]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F2E0000
+; .text:6F2FA64F          lea     eax, [ebp+VersionInformation]
+; .text:6F2FA655          inc     ebx            <- nop
+; .text:6F2FA656          push    eax             ; lpVersionInformation
+; .text:6F2FA657          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F2FA661          mov     [esi], ebx
+; .text:6F2FA663          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A655
+SingleUserCode.x86=nop
+; Imagebase: 7FF75A80000
+; .text:000007FF75A97E88          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75A97E8D          mov     ebx, 1     <- 0
+; .text:000007FF75A97E92          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75A97E9A          mov     [rdi], ebx
+; .text:000007FF75A97E9C          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17E8E
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F2F9E21          cmp     eax, [esi+320h]
+; .text:6F2F9E27          jz      loc_6F30B6CE
+; Changed
+; .text:6F2F9E21          mov     eax, 100h
+; .text:6F2F9E26          mov     [esi+320h], eax
+; .text:6F2F9E2C          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E21
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000007FF75A97C92          cmp     [rdi+63Ch], eax
+; .text:000007FF75A97C98          jz      loc_7FF75AA40A2
+; Changed
+; .text:000007FF75A97C92          mov     eax, 100h
+; .text:000007FF75A97C97          mov     [rdi+638h], eax
+; .text:000007FF75A97C9D          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17C92
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.18637]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F2E0000
+; .text:6F2FA4D7          lea     eax, [ebp+VersionInformation]
+; .text:6F2FA4DD          inc     ebx            <- nop
+; .text:6F2FA4DE          push    eax             ; lpVersionInformation
+; .text:6F2FA4DF          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F2FA4E9          mov     [esi], ebx
+; .text:6F2FA4EB          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A4DD
+SingleUserCode.x86=nop
+; Imagebase: 7FF75A80000
+; .text:000007FF75A980F4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75A980F9          mov     ebx, 1     <- 0
+; .text:000007FF75A980FE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75A98106          mov     [rdi], ebx
+; .text:000007FF75A98108          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180FA
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F2F9DBB          cmp     eax, [esi+320h]
+; .text:6F2F9DC1          jz      loc_6F30B2A6
+; Changed
+; .text:6F2F9DBB          mov     eax, 100h
+; .text:6F2F9DC0          mov     [esi+320h], eax
+; .text:6F2F9DC6          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19DBB
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000007FF75A97DC6          cmp     [rdi+63Ch], eax
+; .text:000007FF75A97DCC          jz      loc_7FF75AA40BD
+; Changed
+; .text:000007FF75A97DC6          mov     eax, 100h
+; .text:000007FF75A97DCB          mov     [rdi+638h], eax
+; .text:000007FF75A97DD1          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17DC6
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.21650]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180BE
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D5A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.21866]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180BE
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D5A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.22104]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180C6
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D5E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.22843]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; Imagebase: 6F2E0000
+; .text:6F2FA64F          lea     eax, [ebp+VersionInformation]
+; .text:6F2FA655          inc     ebx            <- nop
+; .text:6F2FA656          push    eax             ; lpVersionInformation
+; .text:6F2FA657          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:6F2FA661          mov     [esi], ebx
+; .text:6F2FA663          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A655
+SingleUserCode.x86=nop
+; Imagebase: 7FF75A80000
+; .text:000007FF75A97F90          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
+; .text:000007FF75A97F95          mov     ebx, 1     <- 0
+; .text:000007FF75A97F9A          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000007FF75A97FA2          mov     [rdi], ebx
+; .text:000007FF75A97FA4          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17F96
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:6F2F9E25          cmp     eax, [esi+320h]
+; .text:6F2F9E2B          jz      loc_6F30B6D6
+; Changed
+; .text:6F2F9E25          mov     eax, 100h
+; .text:6F2F9E2A          mov     [esi+320h], eax
+; .text:6F2F9E30          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E25
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000007FF75A97D6E          cmp     [rdi+63Ch], eax
+; .text:000007FF75A97D74          jz      loc_7FF75AA4182
+; Changed
+; .text:000007FF75A97D6E          mov     eax, 100h
+; .text:000007FF75A97D73          mov     [rdi+638h], eax
+; .text:000007FF75A97D79          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D6E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.23403]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A65D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17F62
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E29
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17CE2
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.24234]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A675
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17F56
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E41
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D2E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.2.8102.0]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:1000F7E5          lea     eax, [esp+150h+VersionInformation]
+; .text:1000F7E9          inc     esi            <- nop
+; .text:1000F7EA          push    eax             ; lpVersionInformation
+; .text:1000F7EB          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:1000F7F3          mov     [edi], esi
+; .text:1000F7F5          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=F7E9
+SingleUserCode.x86=nop
+; .text:000000018000D83A          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
+; .text:000000018000D83F          mov     ebx, 1     <- 0
+; .text:000000018000D844          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000000018000D84C          mov     [rdi], ebx
+; .text:000000018000D84E          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=D840
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1000E47C          cmp     eax, [esi+320h]
+; .text:1000E482          jz      loc_1002D775
+; Changed
+; .text:1000E47C          mov     eax, 100h
+; .text:1000E481          mov     [esi+320h], eax
+; .text:1000E487          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=E47C
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000000018000D3E6          cmp     [rdi+63Ch], eax
+; .text:000000018000D3EC          jz      loc_180027792
+; Changed
+; .text:000000018000D3E6          mov     eax, 100h
+; .text:000000018000D3EB          mov     [rdi+638h], eax
+; .text:000000018000D3F1          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=D3E6
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=1B909
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=1A484
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.8250.0]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:100159C5          lea     eax, [esp+150h+VersionInformation]
+; .text:100159C9          inc     esi            <- nop
+; .text:100159CA          push    eax             ; lpVersionInformation
+; .text:100159CB          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:100159D3          mov     [edi], esi
+; .text:100159D5          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=159C9
+SingleUserCode.x86=nop
+; .text:0000000180011E6E          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
+; .text:0000000180011E73          mov     ebx, 1     <- 0
+; .text:0000000180011E78          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180011E80          mov     [rdi], ebx
+; .text:0000000180011E82          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11E74
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10013520          cmp     eax, [esi+320h]
+; .text:10013526          jz      loc_1002DB85
+; Changed
+; .text:10013520          mov     eax, 100h
+; .text:10013525          mov     [esi+320h], eax
+; .text:1001352B          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13520
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000000018001187A          cmp     [rdi+63Ch], eax
+; .text:0000000180011880          jz      loc_1800273A2
+; Changed
+; .text:000000018001187A          mov     eax, 100h
+; .text:000000018001187F          mov     [rdi+638h], eax
+; .text:0000000180011885          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1187A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=1A0A9
+SLPolicyFunc.x86=New_Win8SL_CP
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=18FAC
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.8400.0]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:1001547E          lea     eax, [esp+150h+VersionInformation]
+; .text:10015482          inc     esi            <- nop
+; .text:10015483          push    eax             ; lpVersionInformation
+; .text:10015484          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:1001548C          mov     [edi], esi
+; .text:1001548E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=15482
+SingleUserCode.x86=nop
+; .text:000000018002081E          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
+; .text:0000000180020823          mov     ebx, 1     <- 0
+; .text:0000000180020828          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180020830          mov     [rdi], ebx
+; .text:0000000180020832          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=20824
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10013E48          cmp     eax, [esi+320h]
+; .text:10013E4E          jz      loc_1002E079
+; Changed
+; .text:10013E48          mov     eax, 100h
+; .text:10013E4D          mov     [esi+320h], eax
+; .text:10013E53          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13E48
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000000018001F102          cmp     [rdi+63Ch], eax
+; .text:000000018001F108          jz      loc_18003A02E
+; Changed
+; .text:000000018001F102          mov     eax, 100h
+; .text:000000018001F107          mov     [rdi+638h], eax
+; .text:000000018001F10D          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1F102
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=19629
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=2492C
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.9200.16384]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:1001554E          lea     eax, [esp+150h+VersionInformation]
+; .text:10015552          inc     esi            <- nop
+; .text:10015553          push    eax             ; lpVersionInformation
+; .text:10015554          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:1001555C          mov     [edi], esi
+; .text:1001555E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=15552
+SingleUserCode.x86=nop
+; .text:000000018002BAA2          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
+; .text:000000018002BAA7          mov     ebx, 1     <- 0
+; .text:000000018002BAAC          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000000018002BAB4          mov     [rdi], ebx
+; .text:000000018002BAB6          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2BAA8
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10013F08          cmp     eax, [esi+320h]
+; .text:10013F0E          jz      loc_1002E161
+; Changed
+; .text:10013F08          mov     eax, 100h
+; .text:10013F0D          mov     [esi+320h], eax
+; .text:10013F13          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13F08
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000000018002A31A          cmp     [rdi+63Ch], eax
+; .text:000000018002A320          jz      loc_18003A0F9
+; Changed
+; .text:000000018002A31A          mov     eax, 100h
+; .text:000000018002A31F          mov     [rdi+638h], eax
+; .text:000000018002A325          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2A31A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=19559
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=21FA8
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.9200.17048]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:1002058E          lea     eax, [esp+150h+VersionInformation]
+; .text:10020592          inc     esi            <- nop
+; .text:10020593          push    eax             ; lpVersionInformation
+; .text:10020594          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:1002059C          mov     [edi], esi
+; .text:1002059E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=20592
+SingleUserCode.x86=nop
+; .text:0000000180020942          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
+; .text:0000000180020947          mov     ebx, 1     <- 0
+; .text:000000018002094C          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180020954          mov     [rdi], ebx
+; .text:0000000180020956          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=20948
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1001F408          cmp     eax, [esi+320h]
+; .text:1001F40E          jz      loc_1002E201
+; Changed
+; .text:1001F408          mov     eax, 100h
+; .text:1001F40D          mov     [esi+320h], eax
+; .text:1001F413          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=1F408
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000000018001F206          cmp     [rdi+63Ch], eax
+; .text:000000018001F20C          jz      loc_18003A1B4
+; Changed
+; .text:000000018001F206          mov     eax, 100h
+; .text:000000018001F20B          mov     [rdi+638h], eax
+; .text:000000018001F211          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1F206
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=17059
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=24570
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.9200.21166]
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10015576          lea     eax, [esp+150h+VersionInformation]
+; .text:1001557A          inc     esi            <- nop
+; .text:1001557B          push    eax             ; lpVersionInformation
+; .text:1001557C          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:10015584          mov     [edi], esi
+; .text:10015586          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1557A
+SingleUserCode.x86=nop
+; .text:000000018002BAF2          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
+; .text:000000018002BAF7          mov     ebx, 1     <- 0
+; .text:000000018002BAFC          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000000018002BB04          mov     [rdi], ebx
+; .text:000000018002BB06          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2BAF8
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10013F30          cmp     eax, [esi+320h]
+; .text:10013F36          jz      loc_1002E189
+; Changed
+; .text:10013F30          mov     eax, 100h
+; .text:10013F35          mov     [esi+320h], eax
+; .text:10013F3B          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13F30
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+; Original
+; .text:000000018002A3B6          cmp     [rdi+63Ch], eax
+; .text:000000018002A3BC          jz      loc_18003A174
+; Changed
+; .text:000000018002A3B6          mov     eax, 100h
+; .text:000000018002A3BB          mov     [rdi+638h], eax
+; .text:000000018002A3C1          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2A3B6
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+; Hook SLGetWindowsInformationDWORDWrapper
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=19581
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=21FD0
+SLPolicyFunc.x64=New_Win8SL
+
+[6.3.9431.0]
+; HOW TO search CEnforcementCore::GetInstanceOfTSLicense function in IDA Pro:
+; 1. Search text: CSLQuery::IsLicenseTypeLocalOnly
+; 2. All xrefs will point to this function
+; 3. Go to function beginning and check ; CODE XREF string, it will point to GetInstanceOfTSLicense function
+; 4. Follow CODE XREF, switch to graph view, the next block below is to patch
+; Another way:
+; 1. Search text: CEnforcementCore::GetInstanceOfTSLicense FAILED - License type me
+; 2. All xrefs will point to GetInstanceOfTSLicense
+; 3. Follow xref, the previous block above is to patch
+
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:1008A604          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:1008A609          test    eax, eax
+; .text:1008A60B          js      short loc_1008A628
+; .text:1008A60D          cmp     [ebp+var_8], 0
+; .text:1008A611          jz      short loc_1008A628 <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=8A611
+LocalOnlyCode.x86=jmpshort
+; .text:000000018009F713          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:000000018009F718          test    eax, eax
+; .text:000000018009F71A          js      short loc_18009F73B
+; .text:000000018009F71C          cmp     [rsp+48h+arg_18], 0
+; .text:000000018009F721          jz      short loc_18009F73B <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9F721
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:100306A4          lea     eax, [esp+150h+VersionInformation]
+; .text:100306A8          inc     ebx            <- nop
+; .text:100306A9          mov     [edi], ebx
+; .text:100306AB          push    eax             ; lpVersionInformation
+; .text:100306AC          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=306A8
+SingleUserCode.x86=nop
+; .text:00000001800367F3          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:00000001800367F8          mov     ebx, 1     <- 0
+; .text:00000001800367FD          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180036805          mov     [rdi], ebx
+; .text:0000000180036807          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=367F9
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1002EA25          cmp     eax, [ecx+320h]
+; .text:1002EA2B          jz      loc_100348C1
+; Changed
+; .text:1002EA25          mov     eax, 100h
+; .text:1002EA2A          mov     [ecx+320h], eax
+; .text:1002EA30          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2EA25
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:00000001800350FD          cmp     [rcx+63Ch], eax
+; .text:0000000180035103          jz      loc_18004F6AE
+; Changed
+; .text:00000001800350FD          mov     eax, 100h
+; .text:0000000180035102          mov     [rcx+638h], eax
+; .text:0000000180035108          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=350FD
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; HOW TO search CSLQuery::Initialize function in IDA Pro:
+; 1. Search text: CSLQuery::Initialize - SLGetWindowsInformationDWORD failed
+; 2. All xrefs will point to this function
+
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=196B0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2F9C0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.16384]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100A271C          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100A2721          test    eax, eax
+; .text:100A2723          js      short loc_100A2740
+; .text:100A2725          cmp     [ebp+var_8], 0
+; .text:100A2729          jz      short loc_100A2740 <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A2729
+LocalOnlyCode.x86=jmpshort
+; .text:000000018008181F          cmp     [rsp+48h+arg_18], 0
+; .text:0000000180081824          jz      loc_180031DEF <- nop + jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=81824
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10018024          lea     eax, [esp+150h+VersionInformation]
+; .text:10018028          inc     ebx            <- nop
+; .text:10018029          mov     [edi], ebx
+; .text:1001802B          push    eax             ; lpVersionInformation
+; .text:1001802C          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=18028
+SingleUserCode.x86=nop
+; .text:000000018002023B          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180020240          mov     ebx, 1     <- 0
+; .text:0000000180020245          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:000000018002024D          mov     [rdi], ebx
+; .text:000000018002024F          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=20241
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10016115          cmp     eax, [ecx+320h]
+; .text:1001611B          jz      loc_10034DE1
+; Changed
+; .text:10016115          mov     eax, 100h
+; .text:1001611A          mov     [ecx+320h], eax
+; .text:10016120          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=16115
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:0000000180057829          cmp     [rcx+63Ch], eax
+; .text:000000018005782F          jz      loc_18005E850
+; Changed
+; .text:0000000180057829          mov     eax, 100h
+; .text:000000018005782E          mov     [rcx+638h], eax
+; .text:0000000180057834          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=57829
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=1CEB0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=554C0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.17095]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100A36C4          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100A36C9          test    eax, eax
+; .text:100A36CB          js      short loc_100A36E8
+; .text:100A36CD          cmp     [ebp+var_8], 0
+; .text:100A36D1          jz      short loc_100A36E8 <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A36D1
+LocalOnlyCode.x86=jmpshort
+; .text:00000001800B914B          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:00000001800B9150          test    eax, eax
+; .text:00000001800B9152          js      short loc_1800B9173
+; .text:00000001800B9154          cmp     [rsp+48h+arg_18], 0
+; .text:00000001800B9159          jz      short loc_1800B9173 <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=B9159
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10036BA5          lea     eax, [esp+150h+VersionInformation]
+; .text:10036BA9          inc     ebx            <- nop
+; .text:10036BAA          mov     [edi], ebx
+; .text:10036BAC          push    eax             ; lpVersionInformation
+; .text:10036BAD          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36BA9
+SingleUserCode.x86=nop
+; .text:0000000180021823          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180021828          mov     ebx, 1     <- 0
+; .text:000000018002182D          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180021835          mov     [rdi], ebx
+; .text:0000000180021837          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=21829
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:10037529          cmp     eax, [ecx+320h]
+; .text:1003752F          jz      loc_10043662
+; Changed
+; .text:10037529          mov     eax, 100h
+; .text:1003752E          mov     [ecx+320h], eax
+; .text:10037534          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=37529
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:000000018001F6A1          cmp     [rcx+63Ch], eax
+; .text:000000018001F6A7          jz      loc_18007284B
+; Changed
+; .text:000000018001F6A1          mov     eax, 100h
+; .text:000000018001F6A6          mov     [rcx+638h], eax
+; .text:000000018001F6AC          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1F6A1
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=117F1
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=3B110
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.17415]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100B33EB          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100B33F0          test    eax, eax
+; .text:100B33F2          js      short loc_100B340F
+; .text:100B33F4          cmp     [ebp+var_C], 0
+; .text:100B33F8          jz      short loc_100B340F <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B33F8
+LocalOnlyCode.x86=jmpshort
+; .text:000000018008B2D4          cmp     [rsp+58h+arg_18], 0
+; .text:000000018008B2D9          jz      loc_180025C39 <- nop + jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B2D9
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10037111          lea     eax, [esp+150h+VersionInformation]
+; .text:10037115          inc     ebx            <- nop
+; .text:10037116          mov     [edi], ebx
+; .text:10037118          push    eax             ; lpVersionInformation
+; .text:10037119          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37115
+SingleUserCode.x86=nop
+; .text:0000000180033CE3          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180033CE8          mov     ebx, 1     <- 0
+; .text:0000000180033CED          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180033CF5          mov     [rdi], ebx
+; .text:0000000180033CF7          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=33CE9
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1003CFF9          cmp     eax, [ecx+320h]
+; .text:1003CFFF          jz      loc_1004A52F
+; Changed
+; .text:1003CFF9          mov     eax, 100h
+; .text:1003CFFE          mov     [ecx+320h], eax
+; .text:1003D004          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFF9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:0000000180045825          cmp     [rcx+63Ch], eax
+; .text:000000018004582B          jz      loc_180067704
+; Changed
+; .text:0000000180045825          mov     eax, 100h
+; .text:000000018004582A          mov     [rcx+638h], eax
+; .text:0000000180045830          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45825
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=18478
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DBC0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.18692]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B3458
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B2E9
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37105
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=37039
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFE9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45835
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=18488
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DBD0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.18708]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B35D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B376
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=370F5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=36FE9
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=457D5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=18308
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DB70
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.18928]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B39D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B25D
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37D25
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=36C09
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D6F9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45495
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=18328
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5D830
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.19093]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B3958
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8AE4E
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3F045
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=36BC9
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D899
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45305
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=18288
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5D660
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.4.9841.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:1009569B          call    sub_100B7EE5
+; .text:100956A0          test    eax, eax
+; .text:100956A2          js      short loc_100956BF
+; .text:100956A4          cmp     [ebp+var_C], 0
+; .text:100956A8          jz      short loc_100956BF <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=956A8
+LocalOnlyCode.x86=jmpshort
+; .text:0000000180081133          call    sub_1800A9048
+; .text:0000000180081138          test    eax, eax
+; .text:000000018008113A          js      short loc_18008115B
+; .text:000000018008113C          cmp     [rsp+58h+arg_18], 0
+; .text:0000000180081141          jz      short loc_18008115B <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=81141
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10030121          lea     eax, [esp+150h+VersionInformation]
+; .text:10030125          inc     ebx            <- nop
+; .text:10030126          mov     [edi], ebx
+; .text:10030128          push    eax             ; lpVersionInformation
+; .text:10030129          call    ds:GetVersionExW
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30125
+SingleUserCode.x86=nop
+; .text:0000000180012153          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180012158          mov     ebx, 1     <- 0
+; .text:000000018001215D          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180012165          mov     [rdi], ebx
+; .text:0000000180012167          call    cs:GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=12159
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1003B989          cmp     eax, [ecx+320h]
+; .text:1003B98F          jz      loc_1005E809
+; Changed
+; .text:1003B989          mov     eax, 100h
+; .text:1003B98E          mov     [ecx+320h], eax
+; .text:1003B994          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3B989
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:000000018000C125          cmp     [rcx+63Ch], eax
+; .text:000000018000C12B          jz      sub_18003BABC
+; Changed
+; .text:000000018000C125          mov     eax, 100h
+; .text:000000018000C12A          mov     [rcx+638h], eax
+; .text:000000018000C130          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=C125
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46A68
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1EA50
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.4.9860.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100962BB          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100962C0          test    eax, eax
+; .text:100962C2          js      short loc_100962DF
+; .text:100962C4          cmp     [ebp+var_C], 0
+; .text:100962C8          jz      short loc_100962DF <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=962C8
+LocalOnlyCode.x86=jmpshort
+; .text:0000000180081083          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:0000000180081088          test    eax, eax
+; .text:000000018008108A          js      short loc_1800810AB
+; .text:000000018008108C          cmp     [rsp+58h+arg_18], 0
+; .text:0000000180081091          jz      short loc_1800810AB <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=81091
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10030841          lea     eax, [esp+150h+VersionInformation]
+; .text:10030845          inc     ebx            <- nop
+; .text:10030846          mov     [edi], ebx
+; .text:10030848          push    eax             ; lpVersionInformation
+; .text:10030849          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30845
+SingleUserCode.x86=nop
+; .text:0000000180011AA3          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180011AA8          mov     ebx, 1     <- 0
+; .text:0000000180011AAD          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180011AB5          mov     [rdi], ebx
+; .text:0000000180011AB7          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11AA9
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1003BEC9          cmp     eax, [ecx+320h]
+; .text:1003BECF          jz      loc_1005EE1A
+; Changed
+; .text:1003BEC9          mov     eax, 100h
+; .text:1003BECE          mov     [ecx+320h], eax
+; .text:1003BED4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3BEC9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:000000018000B9F5          cmp     [rcx+63Ch], eax
+; .text:000000018000B9FB          jz      sub_18003B9C8
+; Changed
+; .text:000000018000B9F5          mov     eax, 100h
+; .text:000000018000B9FA          mov     [rcx+638h], eax
+; .text:000000018000BA00          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=B9F5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46F18
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1EB00
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.4.9879.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100A9CBB          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100A9CC0          test    eax, eax
+; .text:100A9CC2          js      short loc_100A9CDF
+; .text:100A9CC4          cmp     [ebp+var_C], 0
+; .text:100A9CC8          jz      short loc_100A9CDF <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9CC8
+LocalOnlyCode.x86=jmpshort
+; .text:0000000180095603          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:0000000180095608          test    eax, eax
+; .text:000000018009560A          js      short loc_18009562B
+; .text:000000018009560C          cmp     [rsp+58h+arg_18], 0
+; .text:0000000180095611          jz      short loc_18009562B <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95611
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10030C51          lea     eax, [esp+150h+VersionInformation]
+; .text:10030C55          inc     ebx            <- nop
+; .text:10030C56          mov     [edi], ebx
+; .text:10030C58          push    eax             ; lpVersionInformation
+; .text:10030C59          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30C55
+SingleUserCode.x86=nop
+; .text:0000000180016A2E          call    memset_0
+; .text:0000000180016A33          mov     ebx, 1     <- 0
+; .text:0000000180016A38          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180016A40          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180016A45          mov     [rdi], ebx
+; .text:0000000180016A47          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16A34
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1002DAB9          cmp     eax, [ecx+320h]
+; .text:1002DABF          jz      loc_1006C38A
+; Changed
+; .text:1002DAB9          mov     eax, 100h
+; .text:1002DABE          mov     [ecx+320h], eax
+; .text:1002DAC4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2DAB9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:000000018001BDC5          cmp     [rcx+63Ch], eax
+; .text:000000018001BDCB          jz      sub_180045540
+; Changed
+; .text:000000018001BDC5          mov     eax, 100h
+; .text:000000018001BDCA          mov     [rcx+638h], eax
+; .text:000000018001BDD0          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1BDC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=41132
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=24750
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.9926.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8C28
+LocalOnlyCode.x86=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=31725
+SingleUserCode.x86=nop
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CF99
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=3F140
+SLInitFunc.x86=New_CSLQuery_Initialize
+; x64 contributed by v-yadli
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+;;;OFFSET = 0x61
+;;;BASE   = 0x95F90
+LocalOnlyOffset.x64=95FF1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+;;;OFFSET   = 0x43
+;;;BASE     = 0x12F90
+;;;;instruction = 0xBB 0x01 0x00 0x00 0x00
+;;;                   ^^^ +1 offset
+SingleUserOffset.x64=12A34
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+;;;
+;;;BASE     = 0xBDF0
+;;;OFFSET   = 0x15
+DefPolicyOffset.x64=BE05
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=24EC0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10041.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100A9D7B          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100A9D80          test    eax, eax
+; .text:100A9D82          js      short loc_100A9D9F
+; .text:100A9D84          cmp     [ebp+var_C], 0
+; .text:100A9D88          jz      short loc_100A9D9F <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9D88
+LocalOnlyCode.x86=jmpshort
+; .text:0000000180097133          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:0000000180097138          test    eax, eax
+; .text:000000018009713A          js      short loc_18009715B
+; .text:000000018009713C          cmp     [rsp+58h+arg_18], 0
+; .text:0000000180097141          jz      short loc_18009715B <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=97141
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10032211          lea     eax, [esp+150h+VersionInformation]
+; .text:10032215          inc     ebx            <- nop
+; .text:10032216          mov     [edi], ebx
+; .text:10032218          push    eax             ; lpVersionInformation
+; .text:10032219          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32215
+SingleUserCode.x86=nop
+; .text:0000000180015C5E          call    memset_0
+; .text:0000000180015C63          mov     ebx, 1     <- 0
+; .text:0000000180015C68          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180015C70          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180015C75          mov     [rdi], ebx
+; .text:0000000180015C77          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15C64
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1002DFC9          cmp     eax, [ecx+320h]
+; .text:1002DFCF          jz      loc_10056550
+; Changed
+; .text:1002DFC9          mov     eax, 100h
+; .text:1002DFCE          mov     [ecx+320h], eax
+; .text:1002DFD4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2DFC9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:000000018000B795          cmp     [rcx+63Ch], eax
+; .text:000000018000B79B          jz      sub_18003A79A
+; Changed
+; .text:000000018000B795          mov     eax, 100h
+; .text:000000018000B79A          mov     [rcx+638h], eax
+; .text:000000018000B7A0          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=B795
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46960
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10240.16384]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7D38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96901
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32A95
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=18F74
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2F5B9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=22865
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46581
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=250F0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10586.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7C18
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96AA1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=353B5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=190D4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30B69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=229A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=469DE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=25220
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10586.589]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7BE8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96A51
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=353B5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=190D4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30B69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=229A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=469DE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=25220
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.11082.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7C98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96AB1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35405
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=190D4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30BB9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=229A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46A3E
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=25220
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.11102.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D58
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95CD1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35A85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A9C4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30159
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B5D5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44FD2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D160
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14251.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D58
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95CD1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35A85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A9C4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30159
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B5D5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44FD2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D160
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14271.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4CE8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=941E1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35915
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=263F4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF79
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C185
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=47725
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE50
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14279.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4D28
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=94191
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35915
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=263F4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF79
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C185
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=47725
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE50
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14295.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4D28
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D691
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=25514
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1BA35
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=47748
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C860
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14300.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F5F1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26B04
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D125
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC60
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14316.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F5F1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32B55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26B04
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C1C9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46ABD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC60
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14328.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F5F1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32B55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26B04
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C1C9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D365
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46ABD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC60
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14332.1001]
+; contributed by maxpiva
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F601
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=357E5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2AE44
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316A9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C025
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4755F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CAD0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14342.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8EF31
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=357E5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316A9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1CEF5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4755F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CA20
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14352.1002]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4478
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D911
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35465
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24474
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30099
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AC05
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44792
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CDB0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14366.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9088
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FB01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34F65
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=21DE4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316E9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1A855
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4793E
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CCE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14367.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9088
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FB01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34F65
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=21DE4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316E9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1A855
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4793E
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CCE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14372.0]
+; x64 contributed by kbmorris
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F931
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14379.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F941
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14383.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F941
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14385.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F941
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14388.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14393.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14393.1198]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6088
+LocalOnlyCode.x86=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+
+[10.0.14393.1737]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6198
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D861
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35AD5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30039
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45724
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14393.2457]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6248
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D811
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36CE5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29CF4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31209
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B545
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45824
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C920
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14901.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14905.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14915.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6D98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E241
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35E35
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29EB4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30399
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B4A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46092
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14926.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6D18
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E071
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35E55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29EB4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=303B9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B4A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=460A2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14931.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4908
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B411
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35705
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29264
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AD05
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=452FD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C7FC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14936.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A3F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B9A1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35355
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=25174
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1BB55
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44CFE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C62C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14942.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A3F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9115B
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35355
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=199BD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1064E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44CFE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=258EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14946.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4018
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=911AB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35355
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=199AD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1064E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44CFD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=258DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14951.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A78D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=94A6B
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3BA85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1CEDD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=32629
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11E9E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=3F680
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22EE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14955.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A78D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=94A6B
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3BA85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1CEDD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=32629
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11E9E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=3F680
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22EE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14959.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A79B8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=934AB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=2EF05
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16A0D
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2A4E9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10A8E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=448A0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26960
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14965.1001]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7868
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9345B
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3BA85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17DFD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=32A59
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1212E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=3F680
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26610
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14971.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7968
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925FB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36FE5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1803D
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D9A9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11FBE
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46500
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26180
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14986.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7878
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=926BB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36FA5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17FFD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D979
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11F7E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=464A0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26140
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14997.1001]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15002.1001]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=346B5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D779
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=47D90
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15007.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9648
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34665
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D719
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=47D30
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15014.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9648
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34685
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D739
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=47D50
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15019.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A39F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=928FB
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=BADF5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=FBDD
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=A8479
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx_jmp
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=20AAE
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=3C240
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=24480
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15025.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9259B
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2C08D
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1DD0E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E5B8
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15031.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5BA8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E221
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30A75
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A114
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2B1D9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C7B5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4532D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D80C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15042.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5BA8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E221
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30A75
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A114
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2B1D9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C7B5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4532D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D80C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15046.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=80BB8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E361
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=31E95
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15E14
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=38A19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=E745
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=9422D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21FFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15048.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=80BB8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E361
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=31E95
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15E14
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=38A19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=E745
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=9422D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21FFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15055.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5348
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D2E1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=374C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=181E4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3BAD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10B65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=44EFF
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22AEC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15058.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15061.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.296]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.994]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CB01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15EA4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=FAE5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=234DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.1155]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CB01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15EA4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=FAE5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=234DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16179.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AA568
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8C141
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34425
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16F84
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31219
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1E7F5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45F30
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21700
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16184.1001]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AA568
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8C141
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34425
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16F84
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31219
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1E7F5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45F30
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21700
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16199.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=ABA68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CED1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=348C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=28C14
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=319B9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=CB25
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=469B0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=FA30
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16215.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7CE8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8DE21
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F05
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=28724
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E019
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=CC15
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46462
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=FB00
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16232.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7D38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8DD41
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F35
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=287B4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E0C9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=CC15
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4650F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=FB00
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16237.1001]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E911
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BC84
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E119
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DA55
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4655D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2180C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16241.1001]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E911
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BC84
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E119
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DA55
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4655D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2180C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16251.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=ABC88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8EC21
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3A525
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BCB4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31779
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DAF5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=447FD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2183C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16251.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=ABC88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8EC21
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3A525
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BCB4
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31779
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DAF5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=447FD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2183C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16257.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB718
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E841
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=33925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11364
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C409
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1EFD5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4504D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2495C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16257.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB718
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E841
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=33925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11364
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C409
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1EFD5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4504D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2495C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16273.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB798
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E871
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=33925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11364
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C409
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1EFD5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4504D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2495C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16275.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=90001
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39435
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C724
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D75
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D0C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16278.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=90001
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39435
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C724
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D75
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D0C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16281.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16288.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16291.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16294.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16296.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16299.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16299.15]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16353.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=90001
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39435
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C724
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D75
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D0C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16362.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FBA1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=2F61C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=19D1C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE99
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D9C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17004.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8EB8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FB41
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=2F65C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=19D1C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DF09
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=4643F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D9C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17017.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F291
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3477C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1977C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31049
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=125A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45CDD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=227DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17025.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB498
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F291
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3477C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1977C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31049
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=125A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45CDD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=227DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17035.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB3F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F271
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=354AC
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=14E7C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31F19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10CB5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45C4D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22AEC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17046.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB3F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F281
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=354AC
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=14E8C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31F19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10CC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=45C4D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22AFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17063.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD7F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=92671
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=153CC
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=111CE
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2318C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17115.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17128.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17133.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17134.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17723.1000]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=75D91
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelperMgr::IsSingleSessionPerUserEnabled
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1296C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17A45
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1B10C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17763.1]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AF8E4
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=77941
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelperMgr::IsSingleSessionPerUserEnabled
+SingleUserPatch.x86=1
+SingleUserOffset.x86=4D505
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1322C
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=4BD09
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17F45
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=5B02A
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1ABFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[SLInit]
+; Is server
+bServerSku=1
+; Enable listener - allow remote connections
+bRemoteConnAllowed=1
+; Allow fast user switching
+bFUSEnabled=1
+; Allow RemoteApp server
+bAppServerAllowed=1
+; Allow multi monitor
+bMultimonAllowed=1
+; Maximum user sessions (0 - unlimited)
+lMaxUserSessions=0
+; Maximum debug/glass sessions (0 - unlimited)
+ulMaxDebugSessions=0
+; SLInit function is succeeded
+bInitialized=1
+
+[6.3.9431.0-SLInit]
+; HOW TO search SLInit global variables in IDA Pro:
+; 1. Search text: The SL policy for ',27h,'Allow Multiple Sessions',27h,' is not defined
+; 2. Xref will point to CSLQuery::Initialize function
+; 3. Follow xref, look for cmp instruction nearby
+; 4. It will be comparsion with CSLQuery::bServerSku constant
+; 5. Now it's easy to find other constants
+
+; Strings to find other values:
+; CSLQuery::GetMaxUserSessions
+; CSLQuery::IsAppServerInstalled failed: 
+; CSLQuery::AreRemoteConnectionsAllowed f
+; CSLQuery::IsMultimonAllowed
+; CSLQuery::GetMaxDebugSessions
+; CSLQuery::IsFUSEnabled
+
+bFUSEnabled.x86       =A22A8
+lMaxUserSessions.x86  =A22AC
+bAppServerAllowed.x86 =A22B0
+bInitialized.x86      =A22B4
+bMultimonAllowed.x86  =A22B8
+bServerSku.x86        =A22BC
+ulMaxDebugSessions.x86=A22C0
+bRemoteConnAllowed.x86=A22C4
+
+bFUSEnabled.x64       =C4490
+lMaxUserSessions.x64  =C4494
+bAppServerAllowed.x64 =C4498
+bInitialized.x64      =C449C
+bMultimonAllowed.x64  =C44A0
+bServerSku.x64        =C44A4
+ulMaxDebugSessions.x64=C44A8
+bRemoteConnAllowed.x64=C44AC
+
+[6.3.9600.16384-SLInit]
+bFUSEnabled.x86       =C02A8
+lMaxUserSessions.x86  =C02AC
+bAppServerAllowed.x86 =C02B0
+bInitialized.x86      =C02B4
+bMultimonAllowed.x86  =C02B8
+bServerSku.x86        =C02BC
+ulMaxDebugSessions.x86=C02C0
+bRemoteConnAllowed.x86=C02C4
+
+bServerSku.x64        =E6494
+ulMaxDebugSessions.x64=E6498
+bRemoteConnAllowed.x64=E649C
+bFUSEnabled.x64       =E64A0
+lMaxUserSessions.x64  =E64A4
+bAppServerAllowed.x64 =E64A8
+bInitialized.x64      =E64AC
+bMultimonAllowed.x64  =E64B0
+
+[6.3.9600.17095-SLInit]
+bFUSEnabled.x86       =C12A8
+lMaxUserSessions.x86  =C12AC
+bAppServerAllowed.x86 =C12B0
+bInitialized.x86      =C12B4
+bMultimonAllowed.x86  =C12B8
+bServerSku.x86        =C12BC
+ulMaxDebugSessions.x86=C12C0
+bRemoteConnAllowed.x86=C12C4
+
+bServerSku.x64        =E4494
+ulMaxDebugSessions.x64=E4498
+bRemoteConnAllowed.x64=E449C
+bFUSEnabled.x64       =E44A0
+lMaxUserSessions.x64  =E44A4
+bAppServerAllowed.x64 =E44A8
+bInitialized.x64      =E44AC
+bMultimonAllowed.x64  =E44B0
+
+[6.3.9600.17415-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =F9054
+lMaxUserSessions.x64  =F9058
+bAppServerAllowed.x64 =F905C
+bInitialized.x64      =F9060
+bMultimonAllowed.x64  =F9064
+bServerSku.x64        =F9068
+ulMaxDebugSessions.x64=F906C
+bRemoteConnAllowed.x64=F9070
+
+[6.3.9600.18692-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =F9054
+lMaxUserSessions.x64  =F9058
+bAppServerAllowed.x64 =F905C
+bInitialized.x64      =F9060
+bMultimonAllowed.x64  =F9064
+bServerSku.x64        =F9068
+ulMaxDebugSessions.x64=F906C
+bRemoteConnAllowed.x64=F9070
+
+[6.3.9600.18708-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =FA054
+lMaxUserSessions.x64  =FA058
+bAppServerAllowed.x64 =FA05C
+bInitialized.x64      =FA060
+bMultimonAllowed.x64  =FA064
+bServerSku.x64        =FA068
+ulMaxDebugSessions.x64=FA06C
+bRemoteConnAllowed.x64=FA070
+
+[6.3.9600.18928-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =FA054
+lMaxUserSessions.x64  =FA058
+bAppServerAllowed.x64 =FA05C
+bInitialized.x64      =FA060
+bMultimonAllowed.x64  =FA064
+bServerSku.x64        =FA068
+ulMaxDebugSessions.x64=FA06C
+bRemoteConnAllowed.x64=FA070
+
+[6.3.9600.19093-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =FA054
+lMaxUserSessions.x64  =FA058
+bAppServerAllowed.x64 =FA05C
+bInitialized.x64      =FA060
+bMultimonAllowed.x64  =FA064
+bServerSku.x64        =FA068
+ulMaxDebugSessions.x64=FA06C
+bRemoteConnAllowed.x64=FA070
+
+[6.4.9841.0-SLInit]
+bFUSEnabled.x86       =BF9F0
+lMaxUserSessions.x86  =BF9F4
+bAppServerAllowed.x86 =BF9F8
+bInitialized.x86      =BF9FC
+bMultimonAllowed.x86  =BFA00
+bServerSku.x86        =BFA04
+ulMaxDebugSessions.x86=BFA08
+bRemoteConnAllowed.x86=BFA0C
+
+bFUSEnabled.x64       =ECFF8
+lMaxUserSessions.x64  =ECFFC
+bAppServerAllowed.x64 =ED000
+bInitialized.x64      =ED004
+bMultimonAllowed.x64  =ED008
+bServerSku.x64        =ED00C
+ulMaxDebugSessions.x64=ED010
+bRemoteConnAllowed.x64=ED014
+
+[6.4.9860.0-SLInit]
+bFUSEnabled.x86       =BF7E0
+lMaxUserSessions.x86  =BF7E4
+bAppServerAllowed.x86 =BF7E8
+bInitialized.x86      =BF7EC
+bMultimonAllowed.x86  =BF7F0
+bServerSku.x86        =BF7F4
+ulMaxDebugSessions.x86=BF7F8
+bRemoteConnAllowed.x86=BF7FC
+
+bFUSEnabled.x64       =ECBD8
+lMaxUserSessions.x64  =ECBDC
+bAppServerAllowed.x64 =ECBE0
+bInitialized.x64      =ECBE4
+bMultimonAllowed.x64  =ECBE8
+bServerSku.x64        =ECBEC
+ulMaxDebugSessions.x64=ECBF0
+bRemoteConnAllowed.x64=ECBF4
+
+[6.4.9879.0-SLInit]
+bFUSEnabled.x86       =C27D8
+lMaxUserSessions.x86  =C27DC
+bAppServerAllowed.x86 =C27E0
+bInitialized.x86      =C27E4
+bMultimonAllowed.x86  =C27E8
+bServerSku.x86        =C27EC
+ulMaxDebugSessions.x86=C27F0
+bRemoteConnAllowed.x86=C27F4
+
+bFUSEnabled.x64       =EDBF0
+lMaxUserSessions.x64  =EDBF4
+bAppServerAllowed.x64 =EDBF8
+bInitialized.x64      =EDBFC
+bMultimonAllowed.x64  =EDC00
+bServerSku.x64        =EDC04
+ulMaxDebugSessions.x64=EDC08
+bRemoteConnAllowed.x64=EDC0C
+
+[10.0.9926.0-SLInit]
+bFUSEnabled.x86       =C17D8
+lMaxUserSessions.x86  =C17DC
+bAppServerAllowed.x86 =C17E0
+bInitialized.x86      =C17E4
+bMultimonAllowed.x86  =C17E8
+bServerSku.x86        =C17EC
+ulMaxDebugSessions.x86=C17F0
+bRemoteConnAllowed.x86=C17F4
+; x64 contributed by v-yadli
+bFUSEnabled.x64       =EEBF0
+lMaxUserSessions.x64  =EEBF4
+bAppServerAllowed.x64 =EEBF8
+bInitialized.x64      =EEBFC
+bMultimonAllowed.x64  =EEC00
+bServerSku.x64        =EEC04
+ulMaxDebugSessions.x64=EEC08
+bRemoteConnAllowed.x64=EEC0C
+
+[10.0.10041.0-SLInit]
+bFUSEnabled.x86       =C5F60
+lMaxUserSessions.x86  =C5F64
+bAppServerAllowed.x86 =C5F68
+bInitialized.x86      =C5F6C
+bMultimonAllowed.x86  =C5F70
+bServerSku.x86        =C5F74
+ulMaxDebugSessions.x86=C5F78
+bRemoteConnAllowed.x86=C5F7C
+
+bFUSEnabled.x64       =F3448
+lMaxUserSessions.x64  =F344C
+bAppServerAllowed.x64 =F3450
+bInitialized.x64      =F3454
+bMultimonAllowed.x64  =F3458
+bServerSku.x64        =F345C
+ulMaxDebugSessions.x64=F3460
+bRemoteConnAllowed.x64=F3464
+
+[10.0.10240.16384-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.10586.0-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.10586.589-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.11082.1000-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.11102.1000-SLInit]
+bInitialized.x86      =C1F5C
+bServerSku.x86        =C1F60
+lMaxUserSessions.x86  =C1F64
+bAppServerAllowed.x86 =C1F68
+bRemoteConnAllowed.x86=C1F6C
+bMultimonAllowed.x86  =C1F70
+ulMaxDebugSessions.x86=C1F74
+bFUSEnabled.x86       =C1F78
+
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+bServerSku.x64        =F244C
+lMaxUserSessions.x64  =F2450
+bAppServerAllowed.x64 =F2454
+
+[10.0.14251.1000-SLInit]
+bInitialized.x86      =C1F5C
+bServerSku.x86        =C1F60
+lMaxUserSessions.x86  =C1F64
+bAppServerAllowed.x86 =C1F68
+bRemoteConnAllowed.x86=C1F6C
+bMultimonAllowed.x86  =C1F70
+ulMaxDebugSessions.x86=C1F74
+bFUSEnabled.x86       =C1F78
+
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+bServerSku.x64        =F244C
+lMaxUserSessions.x64  =F2450
+bAppServerAllowed.x64 =F2454
+
+[10.0.14271.1000-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =EF3C0
+lMaxUserSessions.x64  =EF3C4
+bAppServerAllowed.x64 =EF3C8
+bInitialized.x64      =F0460
+bRemoteConnAllowed.x64=F0464
+bMultimonAllowed.x64  =F0468
+ulMaxDebugSessions.x64=F046C
+bFUSEnabled.x64       =F0470
+
+[10.0.14279.1000-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =EF3C0
+lMaxUserSessions.x64  =EF3C4
+bAppServerAllowed.x64 =EF3C8
+bInitialized.x64      =F0460
+bRemoteConnAllowed.x64=F0464
+bMultimonAllowed.x64  =F0468
+ulMaxDebugSessions.x64=F046C
+bFUSEnabled.x64       =F0470
+
+[10.0.14295.1000-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =E73C0
+lMaxUserSessions.x64  =E73C4
+bAppServerAllowed.x64 =E73C8
+bInitialized.x64      =E8460
+bRemoteConnAllowed.x64=E8464
+bMultimonAllowed.x64  =E8468
+ulMaxDebugSessions.x64=E846C
+bFUSEnabled.x64       =E8470
+
+[10.0.14300.1000-SLInit]
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14316.1000-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14328.1000-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14332.1001-SLInit]
+; contributed by maxpiva
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14342.1000-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bInitialized.x64      =E9430
+bRemoteConnAllowed.x64=E9434
+bMultimonAllowed.x64  =E9438
+ulMaxDebugSessions.x64=E943C
+bFUSEnabled.x64       =E9440
+bServerSku.x64        =E944C
+lMaxUserSessions.x64  =E9450
+bAppServerAllowed.x64 =E9454
+
+[10.0.14352.1002-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =E73C0
+lMaxUserSessions.x64  =E73C4
+bAppServerAllowed.x64 =E73C8
+bInitialized.x64      =E8460
+bRemoteConnAllowed.x64=E8464
+bMultimonAllowed.x64  =E8468
+ulMaxDebugSessions.x64=E846C
+bFUSEnabled.x64       =E8470
+
+[10.0.14366.0-SLInit]
+bInitialized.x86      =C4F68
+bServerSku.x86        =C4F6C
+lMaxUserSessions.x86  =C4F70
+bAppServerAllowed.x86 =C4F74
+bRemoteConnAllowed.x86=C4F78
+bMultimonAllowed.x86  =C4F7C
+ulMaxDebugSessions.x86=C4F80
+bFUSEnabled.x86       =C4F84
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA480
+bRemoteConnAllowed.x64=EA484
+bMultimonAllowed.x64  =EA488
+ulMaxDebugSessions.x64=EA48C
+bFUSEnabled.x64       =EA490
+
+[10.0.14367.0-SLInit]
+bInitialized.x86      =C4F68
+bServerSku.x86        =C4F6C
+lMaxUserSessions.x86  =C4F70
+bAppServerAllowed.x86 =C4F74
+bRemoteConnAllowed.x86=C4F78
+bMultimonAllowed.x86  =C4F7C
+ulMaxDebugSessions.x86=C4F80
+bFUSEnabled.x86       =C4F84
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA480
+bRemoteConnAllowed.x64=EA484
+bMultimonAllowed.x64  =EA488
+ulMaxDebugSessions.x64=EA48C
+bFUSEnabled.x64       =EA490
+
+[10.0.14372.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+; x64 contributed by kbmorris
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14379.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14383.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14385.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14388.0-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14393.0-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14393.1198-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+[10.0.14393.1737-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14393.2457-SLInit]
+bInitialized.x86      =C1F94
+bServerSku.x86        =C1F98
+lMaxUserSessions.x86  =C1F9C
+bAppServerAllowed.x86 =C1FA0
+bRemoteConnAllowed.x86=C1FA4
+bMultimonAllowed.x86  =C1FA8
+ulMaxDebugSessions.x86=C1FAC
+bFUSEnabled.x86       =C1FB0
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14901.1000-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14905.1000-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14915.1000-SLInit]
+bInitialized.x86      =C4F6C
+bServerSku.x86        =C4F70
+lMaxUserSessions.x86  =C4F74
+bAppServerAllowed.x86 =C4F78
+bRemoteConnAllowed.x86=C4F7C
+bMultimonAllowed.x86  =C4F80
+ulMaxDebugSessions.x86=C4F84
+bFUSEnabled.x86       =C4F88
+
+bServerSku.x64        =E93D0
+lMaxUserSessions.x64  =E93D4
+bAppServerAllowed.x64 =E93D8
+bInitialized.x64      =EA470
+bRemoteConnAllowed.x64=EA474
+bMultimonAllowed.x64  =EA478
+ulMaxDebugSessions.x64=EA47C
+bFUSEnabled.x64       =EA480
+
+[10.0.14926.1000-SLInit]
+bInitialized.x86      =C4F6C
+bServerSku.x86        =C4F70
+lMaxUserSessions.x86  =C4F74
+bAppServerAllowed.x86 =C4F78
+bRemoteConnAllowed.x86=C4F7C
+bMultimonAllowed.x86  =C4F80
+ulMaxDebugSessions.x86=C4F84
+bFUSEnabled.x86       =C4F88
+
+bServerSku.x64        =E93D0
+lMaxUserSessions.x64  =E93D4
+bAppServerAllowed.x64 =E93D8
+bInitialized.x64      =EA470
+bRemoteConnAllowed.x64=EA474
+bMultimonAllowed.x64  =EA478
+ulMaxDebugSessions.x64=EA47C
+bFUSEnabled.x64       =EA480
+
+[10.0.14931.1000-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E63D0
+lMaxUserSessions.x64  =E63D4
+bAppServerAllowed.x64 =E63D8
+bInitialized.x64      =E7470
+bRemoteConnAllowed.x64=E7474
+bMultimonAllowed.x64  =E7478
+ulMaxDebugSessions.x64=E747C
+bFUSEnabled.x64       =E7480
+
+[10.0.14936.1000-SLInit]
+bInitialized.x86      =C0F6C
+bServerSku.x86        =C0F70
+lMaxUserSessions.x86  =C0F74
+bAppServerAllowed.x86 =C0F78
+bRemoteConnAllowed.x86=C0F7C
+bMultimonAllowed.x86  =C0F80
+ulMaxDebugSessions.x86=C0F84
+bFUSEnabled.x86       =C0F88
+
+bInitialized.x64      =E8460
+bRemoteConnAllowed.x64=E8464
+bMultimonAllowed.x64  =E8468
+ulMaxDebugSessions.x64=E846C
+bFUSEnabled.x64       =E8470
+bServerSku.x64        =E847C
+lMaxUserSessions.x64  =E8480
+bAppServerAllowed.x64 =E8484
+
+[10.0.14942.1000-SLInit]
+bInitialized.x86      =C0F6C
+bServerSku.x86        =C0F70
+lMaxUserSessions.x86  =C0F74
+bAppServerAllowed.x86 =C0F78
+bRemoteConnAllowed.x86=C0F7C
+bMultimonAllowed.x86  =C0F80
+ulMaxDebugSessions.x86=C0F84
+bFUSEnabled.x86       =C0F88
+
+bInitialized.x64      =EC460
+bRemoteConnAllowed.x64=EC464
+bMultimonAllowed.x64  =EC468
+ulMaxDebugSessions.x64=EC46C
+bFUSEnabled.x64       =EC470
+bServerSku.x64        =EC47C
+lMaxUserSessions.x64  =EC480
+bAppServerAllowed.x64 =EC484
+
+[10.0.14946.1000-SLInit]
+bInitialized.x86      =C0F6C
+bServerSku.x86        =C0F70
+lMaxUserSessions.x86  =C0F74
+bAppServerAllowed.x86 =C0F78
+bRemoteConnAllowed.x86=C0F7C
+bMultimonAllowed.x86  =C0F80
+ulMaxDebugSessions.x86=C0F84
+bFUSEnabled.x86       =C0F88
+
+bInitialized.x64      =EC460
+bRemoteConnAllowed.x64=EC464
+bMultimonAllowed.x64  =EC468
+ulMaxDebugSessions.x64=EC46C
+bFUSEnabled.x64       =EC470
+bServerSku.x64        =EC47C
+lMaxUserSessions.x64  =EC480
+bAppServerAllowed.x64 =EC484
+
+[10.0.14951.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EF3D0
+lMaxUserSessions.x64  =EF3D4
+bAppServerAllowed.x64 =EF3D8
+bInitialized.x64      =F0470
+bRemoteConnAllowed.x64=F0474
+bMultimonAllowed.x64  =F0478
+ulMaxDebugSessions.x64=F047C
+bFUSEnabled.x64       =F0480
+
+[10.0.14955.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EF3D0
+lMaxUserSessions.x64  =EF3D4
+bAppServerAllowed.x64 =EF3D8
+bInitialized.x64      =F0470
+bRemoteConnAllowed.x64=F0474
+bMultimonAllowed.x64  =F0478
+ulMaxDebugSessions.x64=F047C
+bFUSEnabled.x64       =F0480
+
+[10.0.14959.1000-SLInit]
+bInitialized.x86      =C4F68
+bServerSku.x86        =C4F6C
+lMaxUserSessions.x86  =C4F70
+bAppServerAllowed.x86 =C4F74
+bRemoteConnAllowed.x86=C4F78
+bMultimonAllowed.x86  =C4F7C
+ulMaxDebugSessions.x86=C4F80
+bFUSEnabled.x86       =C4F84
+
+bServerSku.x64        =EE3D0
+lMaxUserSessions.x64  =EE3D4
+bAppServerAllowed.x64 =EE3D8
+bInitialized.x64      =EF470
+bRemoteConnAllowed.x64=EF474
+bMultimonAllowed.x64  =EF478
+ulMaxDebugSessions.x64=EF47C
+bFUSEnabled.x64       =EF480
+
+[10.0.14965.1001-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bInitialized.x64      =EF460
+bRemoteConnAllowed.x64=EF464
+bMultimonAllowed.x64  =EF468
+ulMaxDebugSessions.x64=EF46C
+bFUSEnabled.x64       =EF470
+bServerSku.x64        =EF47C
+lMaxUserSessions.x64  =EF480
+bAppServerAllowed.x64 =EF484
+
+[10.0.14971.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EE3C0
+lMaxUserSessions.x64  =EE3C4
+bAppServerAllowed.x64 =EE3C8
+bInitialized.x64      =EE470
+bRemoteConnAllowed.x64=EE474
+bMultimonAllowed.x64  =EE478
+ulMaxDebugSessions.x64=EE47C
+bFUSEnabled.x64       =EE480
+
+[10.0.14986.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EE3C0
+lMaxUserSessions.x64  =EE3C4
+bAppServerAllowed.x64 =EE3C8
+bInitialized.x64      =EE470
+bRemoteConnAllowed.x64=EE474
+bMultimonAllowed.x64  =EE478
+ulMaxDebugSessions.x64=EE47C
+bFUSEnabled.x64       =EE480
+
+[10.0.14997.1001-SLInit]
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15002.1001-SLInit]
+bInitialized.x86      =C6F74
+bServerSku.x86        =C6F78
+lMaxUserSessions.x86  =C6F7C
+bAppServerAllowed.x86 =C6F80
+bRemoteConnAllowed.x86=C6F84
+bMultimonAllowed.x86  =C6F88
+ulMaxDebugSessions.x86=C6F8C
+bFUSEnabled.x86       =C6F90
+
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15007.1000-SLInit]
+bInitialized.x86      =C6F74
+bServerSku.x86        =C6F78
+lMaxUserSessions.x86  =C6F7C
+bAppServerAllowed.x86 =C6F80
+bRemoteConnAllowed.x86=C6F84
+bMultimonAllowed.x86  =C6F88
+ulMaxDebugSessions.x86=C6F8C
+bFUSEnabled.x86       =C6F90
+
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15014.1000-SLInit]
+bInitialized.x86      =C6F74
+bServerSku.x86        =C6F78
+lMaxUserSessions.x86  =C6F7C
+bAppServerAllowed.x86 =C6F80
+bRemoteConnAllowed.x86=C6F84
+bMultimonAllowed.x86  =C6F88
+ulMaxDebugSessions.x86=C6F8C
+bFUSEnabled.x86       =C6F90
+
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15019.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =ECBDC
+lMaxUserSessions.x64  =ECBE0
+bAppServerAllowed.x64 =ECBE4
+bInitialized.x64      =F0490
+bRemoteConnAllowed.x64=F0494
+bMultimonAllowed.x64  =F0498
+ulMaxDebugSessions.x64=F049C
+bFUSEnabled.x64       =F04A0
+
+[10.0.15025.1000-SLInit]
+bServerSku.x64        =EE3E0
+lMaxUserSessions.x64  =EE3E4
+bAppServerAllowed.x64 =EE3E8
+bInitialized.x64      =EF488
+bRemoteConnAllowed.x64=EF48C
+bMultimonAllowed.x64  =EF490
+ulMaxDebugSessions.x64=EF494
+bFUSEnabled.x64       =EF498
+
+[10.0.15031.0-SLInit]
+bInitialized.x86      =C2F6C
+bServerSku.x86        =C2F70
+lMaxUserSessions.x86  =C2F74
+bAppServerAllowed.x86 =C2F78
+bRemoteConnAllowed.x86=C2F7C
+bMultimonAllowed.x86  =C2F80
+ulMaxDebugSessions.x86=C2F84
+bFUSEnabled.x86       =C2F88
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA488
+bRemoteConnAllowed.x64=EA48C
+bMultimonAllowed.x64  =EA490
+ulMaxDebugSessions.x64=EA494
+bFUSEnabled.x64       =EA498
+
+[10.0.15042.0-SLInit]
+bInitialized.x86      =C2F6C
+bServerSku.x86        =C2F70
+lMaxUserSessions.x86  =C2F74
+bAppServerAllowed.x86 =C2F78
+bRemoteConnAllowed.x86=C2F7C
+bMultimonAllowed.x86  =C2F80
+ulMaxDebugSessions.x86=C2F84
+bFUSEnabled.x86       =C2F88
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA488
+bRemoteConnAllowed.x64=EA48C
+bMultimonAllowed.x64  =EA490
+ulMaxDebugSessions.x64=EA494
+bFUSEnabled.x64       =EA498
+
+[10.0.15046.0-SLInit]
+bInitialized.x86      =C4F18
+bServerSku.x86        =C4F1C
+lMaxUserSessions.x86  =C4F20
+bAppServerAllowed.x86 =C4F24
+bRemoteConnAllowed.x86=C4F28
+ulMaxDebugSessions.x86=C4F2C
+bMultimonAllowed.x86  =C5010
+bFUSEnabled.x86       =C5014
+
+bInitialized.x64      =EB468
+bRemoteConnAllowed.x64=EB46C
+bMultimonAllowed.x64  =EB470
+ulMaxDebugSessions.x64=EB474
+bFUSEnabled.x64       =EB478
+bServerSku.x64        =EB484
+lMaxUserSessions.x64  =EB488
+bAppServerAllowed.x64 =EB48C
+
+[10.0.15048.0-SLInit]
+bInitialized.x86      =C4F18
+bServerSku.x86        =C4F1C
+lMaxUserSessions.x86  =C4F20
+bAppServerAllowed.x86 =C4F24
+bRemoteConnAllowed.x86=C4F28
+ulMaxDebugSessions.x86=C4F2C
+bMultimonAllowed.x86  =C5010
+bFUSEnabled.x86       =C5014
+
+bInitialized.x64      =EB468
+bRemoteConnAllowed.x64=EB46C
+bMultimonAllowed.x64  =EB470
+ulMaxDebugSessions.x64=EB474
+bFUSEnabled.x64       =EB478
+bServerSku.x64        =EB484
+lMaxUserSessions.x64  =EB488
+bAppServerAllowed.x64 =EB48C
+
+[10.0.15055.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bServerSku.x64        =E83D8
+lMaxUserSessions.x64  =E83DC
+bAppServerAllowed.x64 =E83E0
+bInitialized.x64      =E9490
+bRemoteConnAllowed.x64=E9494
+bMultimonAllowed.x64  =E9498
+ulMaxDebugSessions.x64=E949C
+bFUSEnabled.x64       =E94A0
+
+[10.0.15058.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15061.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.296-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.994-SLInit]
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.1155-SLInit]
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.16179.1000-SLInit]
+bInitialized.x86      =C7F6C
+bServerSku.x86        =C7F70
+lMaxUserSessions.x86  =C7F74
+bAppServerAllowed.x86 =C7F78
+bRemoteConnAllowed.x86=C7F7C
+bMultimonAllowed.x86  =C7F80
+ulMaxDebugSessions.x86=C7F84
+bFUSEnabled.x86       =C7F88
+
+bServerSku.x64        =E83D8
+lMaxUserSessions.x64  =E83DC
+bAppServerAllowed.x64 =E83E0
+bInitialized.x64      =E9490
+bRemoteConnAllowed.x64=E9494
+bMultimonAllowed.x64  =E9498
+ulMaxDebugSessions.x64=E949C
+bFUSEnabled.x64       =E94A0
+
+[10.0.16184.1001-SLInit]
+bInitialized.x86      =C7F6C
+bServerSku.x86        =C7F70
+lMaxUserSessions.x86  =C7F74
+bAppServerAllowed.x86 =C7F78
+bRemoteConnAllowed.x86=C7F7C
+bMultimonAllowed.x86  =C7F80
+ulMaxDebugSessions.x86=C7F84
+bFUSEnabled.x86       =C7F88
+
+bServerSku.x64        =E83D8
+lMaxUserSessions.x64  =E83DC
+bAppServerAllowed.x64 =E83E0
+bInitialized.x64      =E9490
+bRemoteConnAllowed.x64=E9494
+bMultimonAllowed.x64  =E9498
+ulMaxDebugSessions.x64=E949C
+bFUSEnabled.x64       =E94A0
+
+[10.0.16199.1000-SLInit]
+bInitialized.x86      =C8F74
+bServerSku.x86        =C8F78
+lMaxUserSessions.x86  =C8F7C
+bAppServerAllowed.x86 =C8F80
+bRemoteConnAllowed.x86=C8F84
+bMultimonAllowed.x86  =C8F88
+ulMaxDebugSessions.x86=C8F8C
+bFUSEnabled.x86       =C8F90
+
+bServerSku.x64        =E83E8
+lMaxUserSessions.x64  =E83EC
+bAppServerAllowed.x64 =E83F0
+bInitialized.x64      =E94A0
+bRemoteConnAllowed.x64=E94A4
+bMultimonAllowed.x64  =E94A8
+ulMaxDebugSessions.x64=E94AC
+bFUSEnabled.x64       =E94B0
+
+[10.0.16215.1000-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EA3E8
+lMaxUserSessions.x64  =EA3EC
+bAppServerAllowed.x64 =EA3F0
+bInitialized.x64      =EB4A0
+bRemoteConnAllowed.x64=EB4A4
+bMultimonAllowed.x64  =EB4A8
+ulMaxDebugSessions.x64=EB4AC
+bFUSEnabled.x64       =EB4B0
+
+[10.0.16232.1000-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EA3E8
+lMaxUserSessions.x64  =EA3EC
+bAppServerAllowed.x64 =EA3F0
+bInitialized.x64      =EB4A0
+bRemoteConnAllowed.x64=EB4A4
+bMultimonAllowed.x64  =EB4A8
+ulMaxDebugSessions.x64=EB4AC
+bFUSEnabled.x64       =EB4B0
+
+[10.0.16237.1001-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16241.1001-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16251.0-SLInit]
+bInitialized.x86      =C9F78
+bServerSku.x86        =C9F7C
+lMaxUserSessions.x86  =C9F80
+bAppServerAllowed.x86 =C9F84
+bRemoteConnAllowed.x86=C9F88
+bMultimonAllowed.x86  =C9F8C
+ulMaxDebugSessions.x86=C9F90
+bFUSEnabled.x86       =C9F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16251.1000-SLInit]
+bInitialized.x86      =C9F78
+bServerSku.x86        =C9F7C
+lMaxUserSessions.x86  =C9F80
+bAppServerAllowed.x86 =C9F84
+bRemoteConnAllowed.x86=C9F88
+bMultimonAllowed.x86  =C9F8C
+ulMaxDebugSessions.x86=C9F90
+bFUSEnabled.x86       =C9F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16257.1-SLInit]
+bInitialized.x86      =C9F7C
+bServerSku.x86        =C9F80
+lMaxUserSessions.x86  =C9F84
+bAppServerAllowed.x86 =C9F88
+bRemoteConnAllowed.x86=C9F8C
+bMultimonAllowed.x86  =C9F90
+ulMaxDebugSessions.x86=C9F94
+bFUSEnabled.x86       =C9F98
+
+bServerSku.x64        =EB3F0
+lMaxUserSessions.x64  =EB3F4
+bAppServerAllowed.x64 =EB3F8
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16257.1000-SLInit]
+bInitialized.x86      =C9F7C
+bServerSku.x86        =C9F80
+lMaxUserSessions.x86  =C9F84
+bAppServerAllowed.x86 =C9F88
+bRemoteConnAllowed.x86=C9F8C
+bMultimonAllowed.x86  =C9F90
+ulMaxDebugSessions.x86=C9F94
+bFUSEnabled.x86       =C9F98
+
+bServerSku.x64        =EB3F0
+lMaxUserSessions.x64  =EB3F4
+bAppServerAllowed.x64 =EB3F8
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16273.1000-SLInit]
+bInitialized.x86      =C9F7C
+bServerSku.x86        =C9F80
+lMaxUserSessions.x86  =C9F84
+bAppServerAllowed.x86 =C9F88
+bRemoteConnAllowed.x86=C9F8C
+bMultimonAllowed.x86  =C9F90
+ulMaxDebugSessions.x86=C9F94
+bFUSEnabled.x86       =C9F98
+
+bServerSku.x64        =EB3F0
+lMaxUserSessions.x64  =EB3F4
+bAppServerAllowed.x64 =EB3F8
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16275.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16278.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16281.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16288.1-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16291.0-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16294.1-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16296.0-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16299.0-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16299.15-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16353.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16362.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.17004.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.17017.1000-SLInit]
+bInitialized.x86      =C9EB8
+bServerSku.x86        =C9EBC
+lMaxUserSessions.x86  =C9EC0
+bAppServerAllowed.x86 =C9EC4
+bRemoteConnAllowed.x86=C9EC8
+bMultimonAllowed.x86  =C9ECC
+ulMaxDebugSessions.x86=C9ED0
+bFUSEnabled.x86       =C9ED4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17025.1000-SLInit]
+bInitialized.x86      =C9EB8
+bServerSku.x86        =C9EBC
+lMaxUserSessions.x86  =C9EC0
+bAppServerAllowed.x86 =C9EC4
+bRemoteConnAllowed.x86=C9EC8
+bMultimonAllowed.x86  =C9ECC
+ulMaxDebugSessions.x86=C9ED0
+bFUSEnabled.x86       =C9ED4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17035.1000-SLInit]
+bInitialized.x86      =C9ED8
+bServerSku.x86        =C9EDC
+lMaxUserSessions.x86  =C9EE0
+bAppServerAllowed.x86 =C9EE4
+bRemoteConnAllowed.x86=C9EE8
+bMultimonAllowed.x86  =C9EEC
+ulMaxDebugSessions.x86=C9EF0
+bFUSEnabled.x86       =C9EF4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17046.1000-SLInit]
+bInitialized.x86      =C9ED8
+bServerSku.x86        =C9EDC
+lMaxUserSessions.x86  =C9EE0
+bAppServerAllowed.x86 =C9EE4
+bRemoteConnAllowed.x86=C9EE8
+bMultimonAllowed.x86  =C9EEC
+ulMaxDebugSessions.x86=C9EF0
+bFUSEnabled.x86       =C9EF4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17063.1000-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17115.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17128.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17133.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17134.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17723.1000-SLInit]
+bInitialized.x64      =E9AB0
+bServerSku.x64        =E9AB4
+lMaxUserSessions.x64  =E9AB8
+bAppServerAllowed.x64 =E9AC0
+bRemoteConnAllowed.x64=E9AC4
+bMultimonAllowed.x64  =E9AC8
+ulMaxDebugSessions.x64=E9ACC
+bFUSEnabled.x64       =E9AD0
+
+[10.0.17763.1-SLInit]
+bInitialized.x86      =CD798
+bServerSku.x86        =CD79C
+lMaxUserSessions.x86  =CD7A0
+bAppServerAllowed.x86 =CD7A8
+bRemoteConnAllowed.x86=CD7AC
+bMultimonAllowed.x86  =CD7B0
+ulMaxDebugSessions.x86=CD7B4
+bFUSEnabled.x86       =CD7B8
+
+bInitialized.x64      =ECAB0
+bServerSku.x64        =ECAB4
+lMaxUserSessions.x64  =ECAB8
+bAppServerAllowed.x64 =ECAC0
+bRemoteConnAllowed.x64=ECAC4
+bMultimonAllowed.x64  =ECAC8
+ulMaxDebugSessions.x64=ECACC
+bFUSEnabled.x64       =ECAD0
diff --git a/res/rdpwrap.ini b/res/rdpwrap.ini
new file mode 100644
index 0000000..40e1b54
--- /dev/null
+++ b/res/rdpwrap.ini
@@ -0,0 +1,4998 @@
+; RDP Wrapper Library configuration
+; Do not modify without special knowledge
+
+[Main]
+Updated=2018-10-10
+LogFile=\rdpwrap.txt
+SLPolicyHookNT60=1
+SLPolicyHookNT61=1
+
+[SLPolicy]
+TerminalServices-RemoteConnectionManager-AllowRemoteConnections=1
+TerminalServices-RemoteConnectionManager-AllowMultipleSessions=1
+TerminalServices-RemoteConnectionManager-AllowAppServerMode=1
+TerminalServices-RemoteConnectionManager-AllowMultimon=1
+TerminalServices-RemoteConnectionManager-MaxUserSessions=0
+TerminalServices-RemoteConnectionManager-ce0ad219-4670-4988-98fb-89b14c2f072b-MaxSessions=0
+TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-MaxSessions=2
+TerminalServices-RDP-7-Advanced-Compression-Allowed=1
+TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-LocalOnly=0
+TerminalServices-RemoteConnectionManager-8dc86f1d-9969-4379-91c1-06fe1dc60575-MaxSessions=1000
+TerminalServices-DeviceRedirection-Licenses-TSEasyPrintAllowed=1
+TerminalServices-DeviceRedirection-Licenses-PnpRedirectionAllowed=1
+TerminalServices-DeviceRedirection-Licenses-TSMFPluginAllowed=1
+TerminalServices-RemoteConnectionManager-UiEffects-DWMRemotingAllowed=1
+
+[PatchCodes]
+nop=90
+Zero=00
+jmpshort=EB
+nopjmp=90E9
+CDefPolicy_Query_edx_ecx=BA000100008991200300005E90
+CDefPolicy_Query_eax_rcx_jmp=B80001000089813806000090EB
+CDefPolicy_Query_eax_esi=B80001000089862003000090
+CDefPolicy_Query_eax_rdi=B80001000089873806000090
+CDefPolicy_Query_eax_ecx=B80001000089812003000090
+CDefPolicy_Query_eax_ecx_jmp=B800010000898120030000EB0E
+CDefPolicy_Query_eax_rcx=B80001000089813806000090
+CDefPolicy_Query_edi_rcx=BF0001000089B938060000909090
+
+[6.0.6000.16386]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=160BF
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=65E3E
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=15CD8
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=5C88F
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6001.18000]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=185E4
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=70DBA
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=17FD8
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=65BD7
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6002.18005]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=17FA8
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=70FF6
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=179C0
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=65E83
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6002.19214]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=17FC4
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=712AA
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=179B8
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=65FF7
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.0.6002.23521]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=17FB4
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=71EAA
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=179CC
+DefPolicyCode.x86=CDefPolicy_Query_edx_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=669CB
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx_jmp
+
+[6.1.7600.16385]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=19E25
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17D96
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=196F3
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17AD2
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7600.20890]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=19E2D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17DF2
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=196FB
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17B0E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7600.21316]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=19E2D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17E3E
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=196FB
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17B5E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.17514]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180E2
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D8A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.18540]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A4E5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=18006
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D9F
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17C82
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.18637]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A4DD
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180FA
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19DBB
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17DC6
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.21650]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180BE
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D5A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.21866]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180BE
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D5A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.22104]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A49D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=180C6
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19D53
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D5E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.22750]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A655
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17E8E
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E21
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17C92
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.22843]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A655
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17F96
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E25
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D6E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.23403]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A65D
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17F62
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E29
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17CE2
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.1.7601.24234]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1A675
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17F56
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=19E41
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17D2E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+
+[6.2.8102.0]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=F7E9
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=D840
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=E47C
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=D3E6
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=1B909
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=1A484
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.8250.0]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=159C9
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11E74
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13520
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1187A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=1A0A9
+SLPolicyFunc.x86=New_Win8SL_CP
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=18FAC
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.8400.0]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=15482
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=20824
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13E48
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1F102
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=19629
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=2492C
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.9200.16384]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=15552
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2BAA8
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13F08
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2A31A
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=19559
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=21FA8
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.9200.17048]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=20592
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=20948
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=1F408
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1F206
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=17059
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=24570
+SLPolicyFunc.x64=New_Win8SL
+
+[6.2.9200.21166]
+SingleUserPatch.x86=1
+SingleUserOffset.x86=1557A
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2BAF8
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=13F30
+DefPolicyCode.x86=CDefPolicy_Query_eax_esi
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2A3B6
+DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
+SLPolicyInternal.x86=1
+SLPolicyOffset.x86=19581
+SLPolicyFunc.x86=New_Win8SL
+SLPolicyInternal.x64=1
+SLPolicyOffset.x64=21FD0
+SLPolicyFunc.x64=New_Win8SL
+
+[6.3.9431.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=8A611
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9F721
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=306A8
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=367F9
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2EA25
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=350FD
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=196B0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2F9C0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.16384]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A2729
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=81824
+LocalOnlyCode.x64=nopjmp
+SingleUserPatch.x86=1
+SingleUserOffset.x86=18028
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=20241
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=16115
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=57829
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=1CEB0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=554C0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.17095]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A36D1
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=B9159
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36BA9
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=21829
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=37529
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1F6A1
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=117F1
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=3B110
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.17415]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B33F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B2D9
+LocalOnlyCode.x64=nopjmp
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37115
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=33CE9
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFF9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45825
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=18478
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DBC0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.18692]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B3458
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B2E9
+LocalOnlyCode.x64=nopjmp
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37105
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=37039
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFE9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45835
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=18488
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DBD0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.18708]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B35D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B376
+LocalOnlyCode.x64=nopjmp
+SingleUserPatch.x86=1
+SingleUserOffset.x86=370F5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=36FE9
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=457D5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=18308
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DB70
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.18928]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B39D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B25D
+LocalOnlyCode.x64=nopjmp
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37D25
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=36C09
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D6F9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45495
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=18328
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5D830
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.3.9600.19093]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B3958
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8AE4E
+LocalOnlyCode.x64=nopjmp
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3F045
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=36BC9
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D899
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45305
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=18288
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5D660
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.4.9841.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=956A8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=81141
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30125
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=12159
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3B989
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=C125
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46A68
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1EA50
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.4.9860.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=962C8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=81091
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30845
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11AA9
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3BEC9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=B9F5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46F18
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1EB00
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[6.4.9879.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9CC8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95611
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30C55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16A34
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2DAB9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1BDC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=41132
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=24750
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.9926.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8C28
+LocalOnlyCode.x86=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=31725
+SingleUserCode.x86=nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CF99
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+SLInitHook.x86=1
+SLInitOffset.x86=3F140
+SLInitFunc.x86=New_CSLQuery_Initialize
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95FF1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=12A34
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=BE05
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=24EC0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10041.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9D88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=97141
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15C64
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2DFC9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=B795
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46960
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10240.16384]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7D38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96901
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32A95
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=18F74
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2F5B9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=22865
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46581
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=250F0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10586.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7C18
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96AA1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=353B5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=190D4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30B69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=229A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=469DE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=25220
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.10586.589]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7BE8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96A51
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=353B5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=190D4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30B69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=229A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=469DE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=25220
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.11082.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7C98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=96AB1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35405
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=190D4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30BB9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=229A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46A3E
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=25220
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.11102.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D58
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95CD1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35A85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A9C4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30159
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B5D5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44FD2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D160
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14251.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D58
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=95CD1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35A85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A9C4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30159
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B5D5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44FD2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D160
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14271.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4CE8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=941E1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35915
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=263F4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF79
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C185
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=47725
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE50
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14279.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4D28
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=94191
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35915
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=263F4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF79
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C185
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=47725
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE50
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14295.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4D28
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D691
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=25514
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1BA35
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=47748
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C860
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14300.1000]
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F5F1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26B04
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D125
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=CC60
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14316.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F5F1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32B55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26B04
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C1C9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46ABD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC60
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14328.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F5F1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32B55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26B04
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C1C9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D365
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46ABD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC60
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14332.1001]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F601
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=357E5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2AE44
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316A9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C025
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4755F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CAD0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14342.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8EF31
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=357E5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=26774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316A9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1CEF5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4755F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CA20
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14352.1002]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4478
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D911
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35465
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24474
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30099
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AC05
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44792
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CDB0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14366.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9088
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FB01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34F65
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=21DE4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316E9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1A855
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4793E
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CCE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14367.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9088
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FB01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34F65
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=21DE4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=316E9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1A855
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4793E
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CCE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14372.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F931
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14379.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F941
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14383.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F941
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14385.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F941
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34635
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=295A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B295
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=460D2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CC10
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14388.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14393.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14393.1198]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6088
+LocalOnlyCode.x86=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+
+[10.0.14393.1737]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6198
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D861
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35AD5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30039
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45724
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14393.2457]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6248
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D811
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36CE5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29CF4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31209
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B545
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45824
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C920
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14901.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14905.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6038
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D781
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=359C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=299A4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF29
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AFC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45636
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C930
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14915.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6D98
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E241
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35E35
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29EB4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=30399
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B4A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46092
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14926.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A6D18
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E071
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35E55
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29EB4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=303B9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1B4A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=460A2
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=CE40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14931.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4908
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B411
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35705
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=29264
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FF69
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1AD05
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=452FD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C7FC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14936.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A3F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B9A1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35355
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=25174
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1BB55
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44CFE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=C62C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14942.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A3F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9115B
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35355
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=199BD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1064E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44CFE
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=258EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14946.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A4018
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=911AB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35355
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=199AD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1064E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44CFD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=258DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14951.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A78D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=94A6B
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3BA85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1CEDD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=32629
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11E9E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=3F680
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22EE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14955.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A78D8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=94A6B
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3BA85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1CEDD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=32629
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11E9E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=3F680
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22EE0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14959.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A79B8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=934AB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=2EF05
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16A0D
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2A4E9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10A8E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=448A0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26960
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14965.1001]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7868
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9345B
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3BA85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17DFD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=32A59
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1212E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=3F680
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26610
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14971.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7968
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925FB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36FE5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1803D
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D9A9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11FBE
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46500
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26180
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14986.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7878
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=926BB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36FA5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=17FFD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D979
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=11F7E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=464A0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=26140
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.14997.1001]
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15002.1001]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9698
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=346B5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D779
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=47D90
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15007.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9648
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34665
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D719
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=47D30
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15014.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9648
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=931EB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34685
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=274ED
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3D739
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1D95E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=47D50
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=E000
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15019.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A39F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=928FB
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=BADF5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=FBDD
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=A8479
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx_jmp
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=20AAE
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=3C240
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=24480
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15025.1000]
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=9259B
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2C08D
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1DD0E
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=E5B8
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15031.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5BA8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E221
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30A75
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A114
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2B1D9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C7B5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4532D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D80C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15042.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5BA8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E221
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=30A75
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=2A114
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2B1D9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1C7B5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4532D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D80C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15046.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=80BB8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E361
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=31E95
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15E14
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=38A19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=E745
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=9422D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21FFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15048.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=80BB8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E361
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=31E95
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15E14
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=38A19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=E745
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=9422D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21FFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15055.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5348
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8D2E1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=374C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=181E4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3BAD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10B65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=44EFF
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22AEC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15058.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15061.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.296]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A5D68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CAA1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=35075
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=24E74
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2FCD9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=2DD65
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4549D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=D1EC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.994]
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CB01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15EA4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=FAE5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=234DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.15063.1155]
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CB01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15EA4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=FAE5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=234DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16179.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AA568
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8C141
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34425
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16F84
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31219
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1E7F5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45F30
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21700
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16184.1001]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AA568
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8C141
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=34425
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=16F84
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31219
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1E7F5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45F30
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=21700
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16199.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=ABA68
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8CED1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=348C5
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=28C14
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=319B9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=CB25
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=469B0
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=FA30
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16215.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7CE8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8DE21
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F05
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=28724
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E019
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=CC15
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=46462
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=FB00
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16232.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7D38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8DD41
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F35
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=287B4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E0C9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=CC15
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4650F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=FB00
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16237.1001]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E911
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BC84
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E119
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DA55
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4655D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2180C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16241.1001]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A7F38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E911
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39F85
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BC84
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3E119
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DA55
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4655D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2180C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16251.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=ABC88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8EC21
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3A525
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BCB4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31779
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DAF5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=447FD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2183C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16251.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=ABC88
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8EC21
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3A525
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1BCB4
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31779
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=DAF5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=447FD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2183C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16257.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB718
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E841
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=33925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11364
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C409
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1EFD5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4504D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2495C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16257.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB718
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E841
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=33925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11364
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C409
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1EFD5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4504D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2495C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16273.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB798
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8E871
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=33925
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=11364
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3C409
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=1EFD5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4504D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2495C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16275.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=90001
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39435
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C724
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D75
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D0C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16278.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=90001
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39435
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C724
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D75
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D0C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16281.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16288.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16291.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16294.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16296.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16299.0]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16299.15]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E08
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FD01
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39215
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C774
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DC89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=461BD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D5C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16353.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=90001
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=39435
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1C724
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE89
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D75
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D0C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.16362.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8E38
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FBA1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=2F61C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=19D1C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DE99
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=463D4
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D9C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17004.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A8EB8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8FB41
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=2F65C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=19D1C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3DF09
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=12D85
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=4643F
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22D9C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17017.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB388
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F291
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3477C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1977C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31049
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=125A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45CDD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=227DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17025.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB498
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F291
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=3477C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1977C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31049
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=125A5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45CDD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=227DC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17035.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB3F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F271
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=354AC
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=14E7C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31F19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10CB5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45C4D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22AEC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17046.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AB3F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8F281
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=354AC
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=14E8C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=31F19
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10CC5
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=45C4D
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22AFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17063.1000]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD7F8
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=92671
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=153CC
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=111CE
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=2318C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17115.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17128.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17133.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17134.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AD738
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=925D1
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=36B0C
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1511C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=33569
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=10E78
+DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=474AD
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E6C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17723.1000]
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=75D91
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1296C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17A45
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x64=1
+SLInitOffset.x64=1B10C
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[10.0.17763.1]
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=AF8E4
+LocalOnlyCode.x86=jmpshort
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=77941
+LocalOnlyCode.x64=jmpshort
+SingleUserPatch.x86=1
+SingleUserOffset.x86=4D505
+SingleUserCode.x86=nop
+SingleUserPatch.x64=1
+SingleUserOffset.x64=1322C
+SingleUserCode.x64=Zero
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=4BD09
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=17F45
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+SLInitHook.x86=1
+SLInitOffset.x86=5B02A
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=1ABFC
+SLInitFunc.x64=New_CSLQuery_Initialize
+
+[SLInit]
+bServerSku=1
+bRemoteConnAllowed=1
+bFUSEnabled=1
+bAppServerAllowed=1
+bMultimonAllowed=1
+lMaxUserSessions=0
+ulMaxDebugSessions=0
+bInitialized=1
+
+[6.3.9431.0-SLInit]
+bFUSEnabled.x86       =A22A8
+lMaxUserSessions.x86  =A22AC
+bAppServerAllowed.x86 =A22B0
+bInitialized.x86      =A22B4
+bMultimonAllowed.x86  =A22B8
+bServerSku.x86        =A22BC
+ulMaxDebugSessions.x86=A22C0
+bRemoteConnAllowed.x86=A22C4
+
+bFUSEnabled.x64       =C4490
+lMaxUserSessions.x64  =C4494
+bAppServerAllowed.x64 =C4498
+bInitialized.x64      =C449C
+bMultimonAllowed.x64  =C44A0
+bServerSku.x64        =C44A4
+ulMaxDebugSessions.x64=C44A8
+bRemoteConnAllowed.x64=C44AC
+
+[6.3.9600.16384-SLInit]
+bFUSEnabled.x86       =C02A8
+lMaxUserSessions.x86  =C02AC
+bAppServerAllowed.x86 =C02B0
+bInitialized.x86      =C02B4
+bMultimonAllowed.x86  =C02B8
+bServerSku.x86        =C02BC
+ulMaxDebugSessions.x86=C02C0
+bRemoteConnAllowed.x86=C02C4
+
+bServerSku.x64        =E6494
+ulMaxDebugSessions.x64=E6498
+bRemoteConnAllowed.x64=E649C
+bFUSEnabled.x64       =E64A0
+lMaxUserSessions.x64  =E64A4
+bAppServerAllowed.x64 =E64A8
+bInitialized.x64      =E64AC
+bMultimonAllowed.x64  =E64B0
+
+[6.3.9600.17095-SLInit]
+bFUSEnabled.x86       =C12A8
+lMaxUserSessions.x86  =C12AC
+bAppServerAllowed.x86 =C12B0
+bInitialized.x86      =C12B4
+bMultimonAllowed.x86  =C12B8
+bServerSku.x86        =C12BC
+ulMaxDebugSessions.x86=C12C0
+bRemoteConnAllowed.x86=C12C4
+
+bServerSku.x64        =E4494
+ulMaxDebugSessions.x64=E4498
+bRemoteConnAllowed.x64=E449C
+bFUSEnabled.x64       =E44A0
+lMaxUserSessions.x64  =E44A4
+bAppServerAllowed.x64 =E44A8
+bInitialized.x64      =E44AC
+bMultimonAllowed.x64  =E44B0
+
+[6.3.9600.17415-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =F9054
+lMaxUserSessions.x64  =F9058
+bAppServerAllowed.x64 =F905C
+bInitialized.x64      =F9060
+bMultimonAllowed.x64  =F9064
+bServerSku.x64        =F9068
+ulMaxDebugSessions.x64=F906C
+bRemoteConnAllowed.x64=F9070
+
+[6.3.9600.18692-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =F9054
+lMaxUserSessions.x64  =F9058
+bAppServerAllowed.x64 =F905C
+bInitialized.x64      =F9060
+bMultimonAllowed.x64  =F9064
+bServerSku.x64        =F9068
+ulMaxDebugSessions.x64=F906C
+bRemoteConnAllowed.x64=F9070
+
+[6.3.9600.18708-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =FA054
+lMaxUserSessions.x64  =FA058
+bAppServerAllowed.x64 =FA05C
+bInitialized.x64      =FA060
+bMultimonAllowed.x64  =FA064
+bServerSku.x64        =FA068
+ulMaxDebugSessions.x64=FA06C
+bRemoteConnAllowed.x64=FA070
+
+[6.3.9600.18928-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =FA054
+lMaxUserSessions.x64  =FA058
+bAppServerAllowed.x64 =FA05C
+bInitialized.x64      =FA060
+bMultimonAllowed.x64  =FA064
+bServerSku.x64        =FA068
+ulMaxDebugSessions.x64=FA06C
+bRemoteConnAllowed.x64=FA070
+
+[6.3.9600.19093-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =FA054
+lMaxUserSessions.x64  =FA058
+bAppServerAllowed.x64 =FA05C
+bInitialized.x64      =FA060
+bMultimonAllowed.x64  =FA064
+bServerSku.x64        =FA068
+ulMaxDebugSessions.x64=FA06C
+bRemoteConnAllowed.x64=FA070
+
+[6.4.9841.0-SLInit]
+bFUSEnabled.x86       =BF9F0
+lMaxUserSessions.x86  =BF9F4
+bAppServerAllowed.x86 =BF9F8
+bInitialized.x86      =BF9FC
+bMultimonAllowed.x86  =BFA00
+bServerSku.x86        =BFA04
+ulMaxDebugSessions.x86=BFA08
+bRemoteConnAllowed.x86=BFA0C
+
+bFUSEnabled.x64       =ECFF8
+lMaxUserSessions.x64  =ECFFC
+bAppServerAllowed.x64 =ED000
+bInitialized.x64      =ED004
+bMultimonAllowed.x64  =ED008
+bServerSku.x64        =ED00C
+ulMaxDebugSessions.x64=ED010
+bRemoteConnAllowed.x64=ED014
+
+[6.4.9860.0-SLInit]
+bFUSEnabled.x86       =BF7E0
+lMaxUserSessions.x86  =BF7E4
+bAppServerAllowed.x86 =BF7E8
+bInitialized.x86      =BF7EC
+bMultimonAllowed.x86  =BF7F0
+bServerSku.x86        =BF7F4
+ulMaxDebugSessions.x86=BF7F8
+bRemoteConnAllowed.x86=BF7FC
+
+bFUSEnabled.x64       =ECBD8
+lMaxUserSessions.x64  =ECBDC
+bAppServerAllowed.x64 =ECBE0
+bInitialized.x64      =ECBE4
+bMultimonAllowed.x64  =ECBE8
+bServerSku.x64        =ECBEC
+ulMaxDebugSessions.x64=ECBF0
+bRemoteConnAllowed.x64=ECBF4
+
+[6.4.9879.0-SLInit]
+bFUSEnabled.x86       =C27D8
+lMaxUserSessions.x86  =C27DC
+bAppServerAllowed.x86 =C27E0
+bInitialized.x86      =C27E4
+bMultimonAllowed.x86  =C27E8
+bServerSku.x86        =C27EC
+ulMaxDebugSessions.x86=C27F0
+bRemoteConnAllowed.x86=C27F4
+
+bFUSEnabled.x64       =EDBF0
+lMaxUserSessions.x64  =EDBF4
+bAppServerAllowed.x64 =EDBF8
+bInitialized.x64      =EDBFC
+bMultimonAllowed.x64  =EDC00
+bServerSku.x64        =EDC04
+ulMaxDebugSessions.x64=EDC08
+bRemoteConnAllowed.x64=EDC0C
+
+[10.0.9926.0-SLInit]
+bFUSEnabled.x86       =C17D8
+lMaxUserSessions.x86  =C17DC
+bAppServerAllowed.x86 =C17E0
+bInitialized.x86      =C17E4
+bMultimonAllowed.x86  =C17E8
+bServerSku.x86        =C17EC
+ulMaxDebugSessions.x86=C17F0
+bRemoteConnAllowed.x86=C17F4
+
+bFUSEnabled.x64       =EEBF0
+lMaxUserSessions.x64  =EEBF4
+bAppServerAllowed.x64 =EEBF8
+bInitialized.x64      =EEBFC
+bMultimonAllowed.x64  =EEC00
+bServerSku.x64        =EEC04
+ulMaxDebugSessions.x64=EEC08
+bRemoteConnAllowed.x64=EEC0C
+
+[10.0.10041.0-SLInit]
+bFUSEnabled.x86       =C5F60
+lMaxUserSessions.x86  =C5F64
+bAppServerAllowed.x86 =C5F68
+bInitialized.x86      =C5F6C
+bMultimonAllowed.x86  =C5F70
+bServerSku.x86        =C5F74
+ulMaxDebugSessions.x86=C5F78
+bRemoteConnAllowed.x86=C5F7C
+
+bFUSEnabled.x64       =F3448
+lMaxUserSessions.x64  =F344C
+bAppServerAllowed.x64 =F3450
+bInitialized.x64      =F3454
+bMultimonAllowed.x64  =F3458
+bServerSku.x64        =F345C
+ulMaxDebugSessions.x64=F3460
+bRemoteConnAllowed.x64=F3464
+
+[10.0.10240.16384-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.10586.0-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.10586.589-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.11082.1000-SLInit]
+bFUSEnabled.x86       =C3F60
+lMaxUserSessions.x86  =C3F64
+bAppServerAllowed.x86 =C3F68
+bInitialized.x86      =C3F6C
+bMultimonAllowed.x86  =C3F70
+bServerSku.x86        =C3F74
+ulMaxDebugSessions.x86=C3F78
+bRemoteConnAllowed.x86=C3F7C
+
+lMaxUserSessions.x64  =F23B0
+bAppServerAllowed.x64 =F23B4
+bServerSku.x64        =F23B8
+bFUSEnabled.x64       =F3460
+bInitialized.x64      =F3464
+bMultimonAllowed.x64  =F3468
+ulMaxDebugSessions.x64=F346C
+bRemoteConnAllowed.x64=F3470
+
+[10.0.11102.1000-SLInit]
+bInitialized.x86      =C1F5C
+bServerSku.x86        =C1F60
+lMaxUserSessions.x86  =C1F64
+bAppServerAllowed.x86 =C1F68
+bRemoteConnAllowed.x86=C1F6C
+bMultimonAllowed.x86  =C1F70
+ulMaxDebugSessions.x86=C1F74
+bFUSEnabled.x86       =C1F78
+
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+bServerSku.x64        =F244C
+lMaxUserSessions.x64  =F2450
+bAppServerAllowed.x64 =F2454
+
+[10.0.14251.1000-SLInit]
+bInitialized.x86      =C1F5C
+bServerSku.x86        =C1F60
+lMaxUserSessions.x86  =C1F64
+bAppServerAllowed.x86 =C1F68
+bRemoteConnAllowed.x86=C1F6C
+bMultimonAllowed.x86  =C1F70
+ulMaxDebugSessions.x86=C1F74
+bFUSEnabled.x86       =C1F78
+
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+bServerSku.x64        =F244C
+lMaxUserSessions.x64  =F2450
+bAppServerAllowed.x64 =F2454
+
+[10.0.14271.1000-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =EF3C0
+lMaxUserSessions.x64  =EF3C4
+bAppServerAllowed.x64 =EF3C8
+bInitialized.x64      =F0460
+bRemoteConnAllowed.x64=F0464
+bMultimonAllowed.x64  =F0468
+ulMaxDebugSessions.x64=F046C
+bFUSEnabled.x64       =F0470
+
+[10.0.14279.1000-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =EF3C0
+lMaxUserSessions.x64  =EF3C4
+bAppServerAllowed.x64 =EF3C8
+bInitialized.x64      =F0460
+bRemoteConnAllowed.x64=F0464
+bMultimonAllowed.x64  =F0468
+ulMaxDebugSessions.x64=F046C
+bFUSEnabled.x64       =F0470
+
+[10.0.14295.1000-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =E73C0
+lMaxUserSessions.x64  =E73C4
+bAppServerAllowed.x64 =E73C8
+bInitialized.x64      =E8460
+bRemoteConnAllowed.x64=E8464
+bMultimonAllowed.x64  =E8468
+ulMaxDebugSessions.x64=E846C
+bFUSEnabled.x64       =E8470
+
+[10.0.14300.1000-SLInit]
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14316.1000-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14328.1000-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14332.1001-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bServerSku.x64        =E93C0
+lMaxUserSessions.x64  =E93C4
+bAppServerAllowed.x64 =E93C8
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+
+[10.0.14342.1000-SLInit]
+bInitialized.x86      =C4F58
+bServerSku.x86        =C4F5C
+lMaxUserSessions.x86  =C4F60
+bAppServerAllowed.x86 =C4F64
+bRemoteConnAllowed.x86=C4F68
+bMultimonAllowed.x86  =C4F6C
+ulMaxDebugSessions.x86=C4F70
+bFUSEnabled.x86       =C4F74
+
+bInitialized.x64      =E9430
+bRemoteConnAllowed.x64=E9434
+bMultimonAllowed.x64  =E9438
+ulMaxDebugSessions.x64=E943C
+bFUSEnabled.x64       =E9440
+bServerSku.x64        =E944C
+lMaxUserSessions.x64  =E9450
+bAppServerAllowed.x64 =E9454
+
+[10.0.14352.1002-SLInit]
+bInitialized.x86      =C0F5C
+bServerSku.x86        =C0F60
+lMaxUserSessions.x86  =C0F64
+bAppServerAllowed.x86 =C0F68
+bRemoteConnAllowed.x86=C0F6C
+bMultimonAllowed.x86  =C0F70
+ulMaxDebugSessions.x86=C0F74
+bFUSEnabled.x86       =C0F78
+
+bServerSku.x64        =E73C0
+lMaxUserSessions.x64  =E73C4
+bAppServerAllowed.x64 =E73C8
+bInitialized.x64      =E8460
+bRemoteConnAllowed.x64=E8464
+bMultimonAllowed.x64  =E8468
+ulMaxDebugSessions.x64=E846C
+bFUSEnabled.x64       =E8470
+
+[10.0.14366.0-SLInit]
+bInitialized.x86      =C4F68
+bServerSku.x86        =C4F6C
+lMaxUserSessions.x86  =C4F70
+bAppServerAllowed.x86 =C4F74
+bRemoteConnAllowed.x86=C4F78
+bMultimonAllowed.x86  =C4F7C
+ulMaxDebugSessions.x86=C4F80
+bFUSEnabled.x86       =C4F84
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA480
+bRemoteConnAllowed.x64=EA484
+bMultimonAllowed.x64  =EA488
+ulMaxDebugSessions.x64=EA48C
+bFUSEnabled.x64       =EA490
+
+[10.0.14367.0-SLInit]
+bInitialized.x86      =C4F68
+bServerSku.x86        =C4F6C
+lMaxUserSessions.x86  =C4F70
+bAppServerAllowed.x86 =C4F74
+bRemoteConnAllowed.x86=C4F78
+bMultimonAllowed.x86  =C4F7C
+ulMaxDebugSessions.x86=C4F80
+bFUSEnabled.x86       =C4F84
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA480
+bRemoteConnAllowed.x64=EA484
+bMultimonAllowed.x64  =EA488
+ulMaxDebugSessions.x64=EA48C
+bFUSEnabled.x64       =EA490
+
+[10.0.14372.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14379.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14383.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14385.0-SLInit]
+bInitialized.x86      =C3F68
+bServerSku.x86        =C3F6C
+lMaxUserSessions.x86  =C3F70
+bAppServerAllowed.x86 =C3F74
+bRemoteConnAllowed.x86=C3F78
+bMultimonAllowed.x86  =C3F7C
+ulMaxDebugSessions.x86=C3F80
+bFUSEnabled.x86       =C3F84
+
+bInitialized.x64      =EA460
+bRemoteConnAllowed.x64=EA464
+bMultimonAllowed.x64  =EA468
+ulMaxDebugSessions.x64=EA46C
+bFUSEnabled.x64       =EA470
+bServerSku.x64        =EA47C
+lMaxUserSessions.x64  =EA480
+bAppServerAllowed.x64 =EA484
+
+[10.0.14388.0-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14393.0-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14393.1198-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+[10.0.14393.1737-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14393.2457-SLInit]
+bInitialized.x86      =C1F94
+bServerSku.x86        =C1F98
+lMaxUserSessions.x86  =C1F9C
+bAppServerAllowed.x86 =C1FA0
+bRemoteConnAllowed.x86=C1FA4
+bMultimonAllowed.x86  =C1FA8
+ulMaxDebugSessions.x86=C1FAC
+bFUSEnabled.x86       =C1FB0
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14901.1000-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14905.1000-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E73D0
+lMaxUserSessions.x64  =E73D4
+bAppServerAllowed.x64 =E73D8
+bInitialized.x64      =E8470
+bRemoteConnAllowed.x64=E8474
+bMultimonAllowed.x64  =E8478
+ulMaxDebugSessions.x64=E847C
+bFUSEnabled.x64       =E8480
+
+[10.0.14915.1000-SLInit]
+bInitialized.x86      =C4F6C
+bServerSku.x86        =C4F70
+lMaxUserSessions.x86  =C4F74
+bAppServerAllowed.x86 =C4F78
+bRemoteConnAllowed.x86=C4F7C
+bMultimonAllowed.x86  =C4F80
+ulMaxDebugSessions.x86=C4F84
+bFUSEnabled.x86       =C4F88
+
+bServerSku.x64        =E93D0
+lMaxUserSessions.x64  =E93D4
+bAppServerAllowed.x64 =E93D8
+bInitialized.x64      =EA470
+bRemoteConnAllowed.x64=EA474
+bMultimonAllowed.x64  =EA478
+ulMaxDebugSessions.x64=EA47C
+bFUSEnabled.x64       =EA480
+
+[10.0.14926.1000-SLInit]
+bInitialized.x86      =C4F6C
+bServerSku.x86        =C4F70
+lMaxUserSessions.x86  =C4F74
+bAppServerAllowed.x86 =C4F78
+bRemoteConnAllowed.x86=C4F7C
+bMultimonAllowed.x86  =C4F80
+ulMaxDebugSessions.x86=C4F84
+bFUSEnabled.x86       =C4F88
+
+bServerSku.x64        =E93D0
+lMaxUserSessions.x64  =E93D4
+bAppServerAllowed.x64 =E93D8
+bInitialized.x64      =EA470
+bRemoteConnAllowed.x64=EA474
+bMultimonAllowed.x64  =EA478
+ulMaxDebugSessions.x64=EA47C
+bFUSEnabled.x64       =EA480
+
+[10.0.14931.1000-SLInit]
+bInitialized.x86      =C1F6C
+bServerSku.x86        =C1F70
+lMaxUserSessions.x86  =C1F74
+bAppServerAllowed.x86 =C1F78
+bRemoteConnAllowed.x86=C1F7C
+bMultimonAllowed.x86  =C1F80
+ulMaxDebugSessions.x86=C1F84
+bFUSEnabled.x86       =C1F88
+
+bServerSku.x64        =E63D0
+lMaxUserSessions.x64  =E63D4
+bAppServerAllowed.x64 =E63D8
+bInitialized.x64      =E7470
+bRemoteConnAllowed.x64=E7474
+bMultimonAllowed.x64  =E7478
+ulMaxDebugSessions.x64=E747C
+bFUSEnabled.x64       =E7480
+
+[10.0.14936.1000-SLInit]
+bInitialized.x86      =C0F6C
+bServerSku.x86        =C0F70
+lMaxUserSessions.x86  =C0F74
+bAppServerAllowed.x86 =C0F78
+bRemoteConnAllowed.x86=C0F7C
+bMultimonAllowed.x86  =C0F80
+ulMaxDebugSessions.x86=C0F84
+bFUSEnabled.x86       =C0F88
+
+bInitialized.x64      =E8460
+bRemoteConnAllowed.x64=E8464
+bMultimonAllowed.x64  =E8468
+ulMaxDebugSessions.x64=E846C
+bFUSEnabled.x64       =E8470
+bServerSku.x64        =E847C
+lMaxUserSessions.x64  =E8480
+bAppServerAllowed.x64 =E8484
+
+[10.0.14942.1000-SLInit]
+bInitialized.x86      =C0F6C
+bServerSku.x86        =C0F70
+lMaxUserSessions.x86  =C0F74
+bAppServerAllowed.x86 =C0F78
+bRemoteConnAllowed.x86=C0F7C
+bMultimonAllowed.x86  =C0F80
+ulMaxDebugSessions.x86=C0F84
+bFUSEnabled.x86       =C0F88
+
+bInitialized.x64      =EC460
+bRemoteConnAllowed.x64=EC464
+bMultimonAllowed.x64  =EC468
+ulMaxDebugSessions.x64=EC46C
+bFUSEnabled.x64       =EC470
+bServerSku.x64        =EC47C
+lMaxUserSessions.x64  =EC480
+bAppServerAllowed.x64 =EC484
+
+[10.0.14946.1000-SLInit]
+bInitialized.x86      =C0F6C
+bServerSku.x86        =C0F70
+lMaxUserSessions.x86  =C0F74
+bAppServerAllowed.x86 =C0F78
+bRemoteConnAllowed.x86=C0F7C
+bMultimonAllowed.x86  =C0F80
+ulMaxDebugSessions.x86=C0F84
+bFUSEnabled.x86       =C0F88
+
+bInitialized.x64      =EC460
+bRemoteConnAllowed.x64=EC464
+bMultimonAllowed.x64  =EC468
+ulMaxDebugSessions.x64=EC46C
+bFUSEnabled.x64       =EC470
+bServerSku.x64        =EC47C
+lMaxUserSessions.x64  =EC480
+bAppServerAllowed.x64 =EC484
+
+[10.0.14951.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EF3D0
+lMaxUserSessions.x64  =EF3D4
+bAppServerAllowed.x64 =EF3D8
+bInitialized.x64      =F0470
+bRemoteConnAllowed.x64=F0474
+bMultimonAllowed.x64  =F0478
+ulMaxDebugSessions.x64=F047C
+bFUSEnabled.x64       =F0480
+
+[10.0.14955.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EF3D0
+lMaxUserSessions.x64  =EF3D4
+bAppServerAllowed.x64 =EF3D8
+bInitialized.x64      =F0470
+bRemoteConnAllowed.x64=F0474
+bMultimonAllowed.x64  =F0478
+ulMaxDebugSessions.x64=F047C
+bFUSEnabled.x64       =F0480
+
+[10.0.14959.1000-SLInit]
+bInitialized.x86      =C4F68
+bServerSku.x86        =C4F6C
+lMaxUserSessions.x86  =C4F70
+bAppServerAllowed.x86 =C4F74
+bRemoteConnAllowed.x86=C4F78
+bMultimonAllowed.x86  =C4F7C
+ulMaxDebugSessions.x86=C4F80
+bFUSEnabled.x86       =C4F84
+
+bServerSku.x64        =EE3D0
+lMaxUserSessions.x64  =EE3D4
+bAppServerAllowed.x64 =EE3D8
+bInitialized.x64      =EF470
+bRemoteConnAllowed.x64=EF474
+bMultimonAllowed.x64  =EF478
+ulMaxDebugSessions.x64=EF47C
+bFUSEnabled.x64       =EF480
+
+[10.0.14965.1001-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bInitialized.x64      =EF460
+bRemoteConnAllowed.x64=EF464
+bMultimonAllowed.x64  =EF468
+ulMaxDebugSessions.x64=EF46C
+bFUSEnabled.x64       =EF470
+bServerSku.x64        =EF47C
+lMaxUserSessions.x64  =EF480
+bAppServerAllowed.x64 =EF484
+
+[10.0.14971.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EE3C0
+lMaxUserSessions.x64  =EE3C4
+bAppServerAllowed.x64 =EE3C8
+bInitialized.x64      =EE470
+bRemoteConnAllowed.x64=EE474
+bMultimonAllowed.x64  =EE478
+ulMaxDebugSessions.x64=EE47C
+bFUSEnabled.x64       =EE480
+
+[10.0.14986.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =EE3C0
+lMaxUserSessions.x64  =EE3C4
+bAppServerAllowed.x64 =EE3C8
+bInitialized.x64      =EE470
+bRemoteConnAllowed.x64=EE474
+bMultimonAllowed.x64  =EE478
+ulMaxDebugSessions.x64=EE47C
+bFUSEnabled.x64       =EE480
+
+[10.0.14997.1001-SLInit]
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15002.1001-SLInit]
+bInitialized.x86      =C6F74
+bServerSku.x86        =C6F78
+lMaxUserSessions.x86  =C6F7C
+bAppServerAllowed.x86 =C6F80
+bRemoteConnAllowed.x86=C6F84
+bMultimonAllowed.x86  =C6F88
+ulMaxDebugSessions.x86=C6F8C
+bFUSEnabled.x86       =C6F90
+
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15007.1000-SLInit]
+bInitialized.x86      =C6F74
+bServerSku.x86        =C6F78
+lMaxUserSessions.x86  =C6F7C
+bAppServerAllowed.x86 =C6F80
+bRemoteConnAllowed.x86=C6F84
+bMultimonAllowed.x86  =C6F88
+ulMaxDebugSessions.x86=C6F8C
+bFUSEnabled.x86       =C6F90
+
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15014.1000-SLInit]
+bInitialized.x86      =C6F74
+bServerSku.x86        =C6F78
+lMaxUserSessions.x86  =C6F7C
+bAppServerAllowed.x86 =C6F80
+bRemoteConnAllowed.x86=C6F84
+bMultimonAllowed.x86  =C6F88
+ulMaxDebugSessions.x86=C6F8C
+bFUSEnabled.x86       =C6F90
+
+bServerSku.x64        =F0408
+lMaxUserSessions.x64  =F040C
+bAppServerAllowed.x64 =F0410
+bInitialized.x64      =F0480
+bRemoteConnAllowed.x64=F0484
+bMultimonAllowed.x64  =F0488
+ulMaxDebugSessions.x64=F048C
+bFUSEnabled.x64       =F0490
+
+[10.0.15019.1000-SLInit]
+bInitialized.x86      =C5F68
+bServerSku.x86        =C5F6C
+lMaxUserSessions.x86  =C5F70
+bAppServerAllowed.x86 =C5F74
+bRemoteConnAllowed.x86=C5F78
+bMultimonAllowed.x86  =C5F7C
+ulMaxDebugSessions.x86=C5F80
+bFUSEnabled.x86       =C5F84
+
+bServerSku.x64        =ECBDC
+lMaxUserSessions.x64  =ECBE0
+bAppServerAllowed.x64 =ECBE4
+bInitialized.x64      =F0490
+bRemoteConnAllowed.x64=F0494
+bMultimonAllowed.x64  =F0498
+ulMaxDebugSessions.x64=F049C
+bFUSEnabled.x64       =F04A0
+
+[10.0.15025.1000-SLInit]
+bServerSku.x64        =EE3E0
+lMaxUserSessions.x64  =EE3E4
+bAppServerAllowed.x64 =EE3E8
+bInitialized.x64      =EF488
+bRemoteConnAllowed.x64=EF48C
+bMultimonAllowed.x64  =EF490
+ulMaxDebugSessions.x64=EF494
+bFUSEnabled.x64       =EF498
+
+[10.0.15031.0-SLInit]
+bInitialized.x86      =C2F6C
+bServerSku.x86        =C2F70
+lMaxUserSessions.x86  =C2F74
+bAppServerAllowed.x86 =C2F78
+bRemoteConnAllowed.x86=C2F7C
+bMultimonAllowed.x86  =C2F80
+ulMaxDebugSessions.x86=C2F84
+bFUSEnabled.x86       =C2F88
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA488
+bRemoteConnAllowed.x64=EA48C
+bMultimonAllowed.x64  =EA490
+ulMaxDebugSessions.x64=EA494
+bFUSEnabled.x64       =EA498
+
+[10.0.15042.0-SLInit]
+bInitialized.x86      =C2F6C
+bServerSku.x86        =C2F70
+lMaxUserSessions.x86  =C2F74
+bAppServerAllowed.x86 =C2F78
+bRemoteConnAllowed.x86=C2F7C
+bMultimonAllowed.x86  =C2F80
+ulMaxDebugSessions.x86=C2F84
+bFUSEnabled.x86       =C2F88
+
+bServerSku.x64        =E93E0
+lMaxUserSessions.x64  =E93E4
+bAppServerAllowed.x64 =E93E8
+bInitialized.x64      =EA488
+bRemoteConnAllowed.x64=EA48C
+bMultimonAllowed.x64  =EA490
+ulMaxDebugSessions.x64=EA494
+bFUSEnabled.x64       =EA498
+
+[10.0.15046.0-SLInit]
+bInitialized.x86      =C4F18
+bServerSku.x86        =C4F1C
+lMaxUserSessions.x86  =C4F20
+bAppServerAllowed.x86 =C4F24
+bRemoteConnAllowed.x86=C4F28
+ulMaxDebugSessions.x86=C4F2C
+bMultimonAllowed.x86  =C5010
+bFUSEnabled.x86       =C5014
+
+bInitialized.x64      =EB468
+bRemoteConnAllowed.x64=EB46C
+bMultimonAllowed.x64  =EB470
+ulMaxDebugSessions.x64=EB474
+bFUSEnabled.x64       =EB478
+bServerSku.x64        =EB484
+lMaxUserSessions.x64  =EB488
+bAppServerAllowed.x64 =EB48C
+
+[10.0.15048.0-SLInit]
+bInitialized.x86      =C4F18
+bServerSku.x86        =C4F1C
+lMaxUserSessions.x86  =C4F20
+bAppServerAllowed.x86 =C4F24
+bRemoteConnAllowed.x86=C4F28
+ulMaxDebugSessions.x86=C4F2C
+bMultimonAllowed.x86  =C5010
+bFUSEnabled.x86       =C5014
+
+bInitialized.x64      =EB468
+bRemoteConnAllowed.x64=EB46C
+bMultimonAllowed.x64  =EB470
+ulMaxDebugSessions.x64=EB474
+bFUSEnabled.x64       =EB478
+bServerSku.x64        =EB484
+lMaxUserSessions.x64  =EB488
+bAppServerAllowed.x64 =EB48C
+
+[10.0.15055.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bServerSku.x64        =E83D8
+lMaxUserSessions.x64  =E83DC
+bAppServerAllowed.x64 =E83E0
+bInitialized.x64      =E9490
+bRemoteConnAllowed.x64=E9494
+bMultimonAllowed.x64  =E9498
+ulMaxDebugSessions.x64=E949C
+bFUSEnabled.x64       =E94A0
+
+[10.0.15058.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15061.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.0-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.296-SLInit]
+bInitialized.x86      =C2F70
+bServerSku.x86        =C2F74
+lMaxUserSessions.x86  =C2F78
+bAppServerAllowed.x86 =C2F7C
+bRemoteConnAllowed.x86=C2F80
+bMultimonAllowed.x86  =C2F84
+ulMaxDebugSessions.x86=C2F88
+bFUSEnabled.x86       =C2F8C
+
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.994-SLInit]
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.15063.1155-SLInit]
+bInitialized.x64      =E9468
+bRemoteConnAllowed.x64=E946C
+bMultimonAllowed.x64  =E9470
+ulMaxDebugSessions.x64=E9474
+bFUSEnabled.x64       =E9478
+bServerSku.x64        =E9484
+lMaxUserSessions.x64  =E9488
+bAppServerAllowed.x64 =E948C
+
+[10.0.16179.1000-SLInit]
+bInitialized.x86      =C7F6C
+bServerSku.x86        =C7F70
+lMaxUserSessions.x86  =C7F74
+bAppServerAllowed.x86 =C7F78
+bRemoteConnAllowed.x86=C7F7C
+bMultimonAllowed.x86  =C7F80
+ulMaxDebugSessions.x86=C7F84
+bFUSEnabled.x86       =C7F88
+
+bServerSku.x64        =E83D8
+lMaxUserSessions.x64  =E83DC
+bAppServerAllowed.x64 =E83E0
+bInitialized.x64      =E9490
+bRemoteConnAllowed.x64=E9494
+bMultimonAllowed.x64  =E9498
+ulMaxDebugSessions.x64=E949C
+bFUSEnabled.x64       =E94A0
+
+[10.0.16184.1001-SLInit]
+bInitialized.x86      =C7F6C
+bServerSku.x86        =C7F70
+lMaxUserSessions.x86  =C7F74
+bAppServerAllowed.x86 =C7F78
+bRemoteConnAllowed.x86=C7F7C
+bMultimonAllowed.x86  =C7F80
+ulMaxDebugSessions.x86=C7F84
+bFUSEnabled.x86       =C7F88
+
+bServerSku.x64        =E83D8
+lMaxUserSessions.x64  =E83DC
+bAppServerAllowed.x64 =E83E0
+bInitialized.x64      =E9490
+bRemoteConnAllowed.x64=E9494
+bMultimonAllowed.x64  =E9498
+ulMaxDebugSessions.x64=E949C
+bFUSEnabled.x64       =E94A0
+
+[10.0.16199.1000-SLInit]
+bInitialized.x86      =C8F74
+bServerSku.x86        =C8F78
+lMaxUserSessions.x86  =C8F7C
+bAppServerAllowed.x86 =C8F80
+bRemoteConnAllowed.x86=C8F84
+bMultimonAllowed.x86  =C8F88
+ulMaxDebugSessions.x86=C8F8C
+bFUSEnabled.x86       =C8F90
+
+bServerSku.x64        =E83E8
+lMaxUserSessions.x64  =E83EC
+bAppServerAllowed.x64 =E83F0
+bInitialized.x64      =E94A0
+bRemoteConnAllowed.x64=E94A4
+bMultimonAllowed.x64  =E94A8
+ulMaxDebugSessions.x64=E94AC
+bFUSEnabled.x64       =E94B0
+
+[10.0.16215.1000-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EA3E8
+lMaxUserSessions.x64  =EA3EC
+bAppServerAllowed.x64 =EA3F0
+bInitialized.x64      =EB4A0
+bRemoteConnAllowed.x64=EB4A4
+bMultimonAllowed.x64  =EB4A8
+ulMaxDebugSessions.x64=EB4AC
+bFUSEnabled.x64       =EB4B0
+
+[10.0.16232.1000-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EA3E8
+lMaxUserSessions.x64  =EA3EC
+bAppServerAllowed.x64 =EA3F0
+bInitialized.x64      =EB4A0
+bRemoteConnAllowed.x64=EB4A4
+bMultimonAllowed.x64  =EB4A8
+ulMaxDebugSessions.x64=EB4AC
+bFUSEnabled.x64       =EB4B0
+
+[10.0.16237.1001-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16241.1001-SLInit]
+bInitialized.x86      =C5F78
+bServerSku.x86        =C5F7C
+lMaxUserSessions.x86  =C5F80
+bAppServerAllowed.x86 =C5F84
+bRemoteConnAllowed.x86=C5F88
+bMultimonAllowed.x86  =C5F8C
+ulMaxDebugSessions.x86=C5F90
+bFUSEnabled.x86       =C5F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16251.0-SLInit]
+bInitialized.x86      =C9F78
+bServerSku.x86        =C9F7C
+lMaxUserSessions.x86  =C9F80
+bAppServerAllowed.x86 =C9F84
+bRemoteConnAllowed.x86=C9F88
+bMultimonAllowed.x86  =C9F8C
+ulMaxDebugSessions.x86=C9F90
+bFUSEnabled.x86       =C9F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16251.1000-SLInit]
+bInitialized.x86      =C9F78
+bServerSku.x86        =C9F7C
+lMaxUserSessions.x86  =C9F80
+bAppServerAllowed.x86 =C9F84
+bRemoteConnAllowed.x86=C9F88
+bMultimonAllowed.x86  =C9F8C
+ulMaxDebugSessions.x86=C9F90
+bFUSEnabled.x86       =C9F94
+
+bServerSku.x64        =EB3EC
+lMaxUserSessions.x64  =EB3F0
+bAppServerAllowed.x64 =EB3F4
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16257.1-SLInit]
+bInitialized.x86      =C9F7C
+bServerSku.x86        =C9F80
+lMaxUserSessions.x86  =C9F84
+bAppServerAllowed.x86 =C9F88
+bRemoteConnAllowed.x86=C9F8C
+bMultimonAllowed.x86  =C9F90
+ulMaxDebugSessions.x86=C9F94
+bFUSEnabled.x86       =C9F98
+
+bServerSku.x64        =EB3F0
+lMaxUserSessions.x64  =EB3F4
+bAppServerAllowed.x64 =EB3F8
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16257.1000-SLInit]
+bInitialized.x86      =C9F7C
+bServerSku.x86        =C9F80
+lMaxUserSessions.x86  =C9F84
+bAppServerAllowed.x86 =C9F88
+bRemoteConnAllowed.x86=C9F8C
+bMultimonAllowed.x86  =C9F90
+ulMaxDebugSessions.x86=C9F94
+bFUSEnabled.x86       =C9F98
+
+bServerSku.x64        =EB3F0
+lMaxUserSessions.x64  =EB3F4
+bAppServerAllowed.x64 =EB3F8
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16273.1000-SLInit]
+bInitialized.x86      =C9F7C
+bServerSku.x86        =C9F80
+lMaxUserSessions.x86  =C9F84
+bAppServerAllowed.x86 =C9F88
+bRemoteConnAllowed.x86=C9F8C
+bMultimonAllowed.x86  =C9F90
+ulMaxDebugSessions.x86=C9F94
+bFUSEnabled.x86       =C9F98
+
+bServerSku.x64        =EB3F0
+lMaxUserSessions.x64  =EB3F4
+bAppServerAllowed.x64 =EB3F8
+bInitialized.x64      =EC4A0
+bRemoteConnAllowed.x64=EC4A4
+bMultimonAllowed.x64  =EC4A8
+ulMaxDebugSessions.x64=EC4AC
+bFUSEnabled.x64       =EC4B0
+
+[10.0.16275.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16278.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16281.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16288.1-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16291.0-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16294.1-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16296.0-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16299.0-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16299.15-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16353.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.16362.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.17004.1000-SLInit]
+bInitialized.x86      =C6F7C
+bServerSku.x86        =C6F80
+lMaxUserSessions.x86  =C6F84
+bAppServerAllowed.x86 =C6F88
+bRemoteConnAllowed.x86=C6F8C
+bMultimonAllowed.x86  =C6F90
+ulMaxDebugSessions.x86=C6F94
+bFUSEnabled.x86       =C6F98
+
+bServerSku.x64        =ED3E8
+lMaxUserSessions.x64  =ED3EC
+bAppServerAllowed.x64 =ED3F0
+bInitialized.x64      =EE4A0
+bRemoteConnAllowed.x64=EE4A4
+bMultimonAllowed.x64  =EE4A8
+ulMaxDebugSessions.x64=EE4AC
+bFUSEnabled.x64       =EE4B0
+
+[10.0.17017.1000-SLInit]
+bInitialized.x86      =C9EB8
+bServerSku.x86        =C9EBC
+lMaxUserSessions.x86  =C9EC0
+bAppServerAllowed.x86 =C9EC4
+bRemoteConnAllowed.x86=C9EC8
+bMultimonAllowed.x86  =C9ECC
+ulMaxDebugSessions.x86=C9ED0
+bFUSEnabled.x86       =C9ED4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17025.1000-SLInit]
+bInitialized.x86      =C9EB8
+bServerSku.x86        =C9EBC
+lMaxUserSessions.x86  =C9EC0
+bAppServerAllowed.x86 =C9EC4
+bRemoteConnAllowed.x86=C9EC8
+bMultimonAllowed.x86  =C9ECC
+ulMaxDebugSessions.x86=C9ED0
+bFUSEnabled.x86       =C9ED4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17035.1000-SLInit]
+bInitialized.x86      =C9ED8
+bServerSku.x86        =C9EDC
+lMaxUserSessions.x86  =C9EE0
+bAppServerAllowed.x86 =C9EE4
+bRemoteConnAllowed.x86=C9EE8
+bMultimonAllowed.x86  =C9EEC
+ulMaxDebugSessions.x86=C9EF0
+bFUSEnabled.x86       =C9EF4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17046.1000-SLInit]
+bInitialized.x86      =C9ED8
+bServerSku.x86        =C9EDC
+lMaxUserSessions.x86  =C9EE0
+bAppServerAllowed.x86 =C9EE4
+bRemoteConnAllowed.x86=C9EE8
+bMultimonAllowed.x86  =C9EEC
+ulMaxDebugSessions.x86=C9EF0
+bFUSEnabled.x86       =C9EF4
+
+bServerSku.x64        =EC2E8
+lMaxUserSessions.x64  =EC2EC
+bAppServerAllowed.x64 =EC2F0
+bInitialized.x64      =ED3A0
+bRemoteConnAllowed.x64=ED3A4
+bMultimonAllowed.x64  =ED3A8
+ulMaxDebugSessions.x64=ED3AC
+bFUSEnabled.x64       =ED3B0
+
+[10.0.17063.1000-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17115.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17128.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17133.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17134.1-SLInit]
+bInitialized.x86      =CBF38
+bServerSku.x86        =CBF3C
+lMaxUserSessions.x86  =CBF40
+bAppServerAllowed.x86 =CBF44
+bRemoteConnAllowed.x86=CBF48
+bMultimonAllowed.x86  =CBF4C
+ulMaxDebugSessions.x86=CBF50
+bFUSEnabled.x86       =CBF54
+
+bServerSku.x64        =F1378
+lMaxUserSessions.x64  =F137C
+bAppServerAllowed.x64 =F1380
+bInitialized.x64      =F2430
+bRemoteConnAllowed.x64=F2434
+bMultimonAllowed.x64  =F2438
+ulMaxDebugSessions.x64=F243C
+bFUSEnabled.x64       =F2440
+
+[10.0.17723.1000-SLInit]
+bInitialized.x64      =E9AB0
+bServerSku.x64        =E9AB4
+lMaxUserSessions.x64  =E9AB8
+bAppServerAllowed.x64 =E9AC0
+bRemoteConnAllowed.x64=E9AC4
+bMultimonAllowed.x64  =E9AC8
+ulMaxDebugSessions.x64=E9ACC
+bFUSEnabled.x64       =E9AD0
+
+[10.0.17763.1-SLInit]
+bInitialized.x86      =CD798
+bServerSku.x86        =CD79C
+lMaxUserSessions.x86  =CD7A0
+bAppServerAllowed.x86 =CD7A8
+bRemoteConnAllowed.x86=CD7AC
+bMultimonAllowed.x86  =CD7B0
+ulMaxDebugSessions.x86=CD7B4
+bFUSEnabled.x86       =CD7B8
+
+bInitialized.x64      =ECAB0
+bServerSku.x64        =ECAB4
+lMaxUserSessions.x64  =ECAB8
+bAppServerAllowed.x64 =ECAC0
+bRemoteConnAllowed.x64=ECAC4
+bMultimonAllowed.x64  =ECAC8
+ulMaxDebugSessions.x64=ECACC
+bFUSEnabled.x64       =ECAD0
diff --git a/src-installer/RDPWInst.dpr b/src-installer/RDPWInst.dpr
index 5ddda70..6c95f3f 100644
--- a/src-installer/RDPWInst.dpr
+++ b/src-installer/RDPWInst.dpr
@@ -1,3 +1,19 @@
+{
+  Copyright 2018 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
 program RDPWInst;
 
 {$APPTYPE CONSOLE}
@@ -9,7 +25,10 @@ uses
   Windows,
   Classes,
   WinSvc,
-  Registry;
+  Registry,
+  WinInet,
+  AccCtrl,
+  AclAPI;
 
 function EnumServicesStatusEx(
   hSCManager: SC_HANDLE;
@@ -24,6 +43,11 @@ function EnumServicesStatusEx(
   pszGroupName: PWideChar): BOOL; stdcall;
   external advapi32 name 'EnumServicesStatusExW';
 
+function ConvertStringSidToSid(
+  StringSid: PWideChar;
+  var Sid: PSID): BOOL; stdcall;
+  external advapi32 name 'ConvertStringSidToSidW';
+
 type
   FILE_VERSION = record
     Version: record case Boolean of
@@ -59,6 +83,7 @@ const
   TermService = 'TermService';
 var
   Installed: Boolean;
+  Online: Boolean;
   WrapPath: String;
   Arch: Byte;
   OldWow64RedirectionValue: LongBool;
@@ -143,7 +168,8 @@ begin
   end;
   TermServiceHost := Reg.ReadString('ImagePath');
   Reg.CloseKey;
-  if Pos('svchost.exe', LowerCase(TermServiceHost)) = 0 then
+  if (Pos('svchost.exe', LowerCase(TermServiceHost)) = 0)
+  and (Pos('svchost -k', LowerCase(TermServiceHost)) = 0) then
   begin
     Reg.Free;
     Writeln('[-] TermService is hosted in a custom application (BeTwin, etc.) - unsupported.');
@@ -266,32 +292,45 @@ var
   hSvc: THandle;
   Code: DWORD;
   pch: PWideChar;
+  procedure ExitError(Func: String; ErrorCode: DWORD);
+  begin
+    if hSC > 0 then
+      CloseServiceHandle(hSC);
+    if hSvc > 0 then
+      CloseServiceHandle(hSvc);
+    Writeln('[-] ', Func, ' error (code ', ErrorCode, ').');
+  end;
 begin
+  hSC := 0;
+  hSvc := 0;
   Writeln('[*] Starting ', SvcName, '...');
   hSC := OpenSCManager(nil, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CONNECT);
   if hSC = 0 then
   begin
-    Code := GetLastError;
-    Writeln('[-] OpenSCManager error (code ', Code, ').');
+    ExitError('OpenSCManager', GetLastError);
     Exit;
   end;
 
   hSvc := OpenService(hSC, PWideChar(SvcName), SERVICE_START);
   if hSvc = 0 then
   begin
-    CloseServiceHandle(hSC);
-    Code := GetLastError;
-    Writeln('[-] OpenService error (code ', Code, ').');
+    ExitError('OpenService', GetLastError);
     Exit;
   end;
 
   pch := nil;
   if not StartService(hSvc, 0, pch) then begin
-    CloseServiceHandle(hSvc);
-    CloseServiceHandle(hSC);
     Code := GetLastError;
-    Writeln('[-] StartService error (code ', Code, ').');
-    Exit;
+    if Code = 1056 then begin // Service already started
+      Sleep(2000);            // or SCM hasn't registered killed process
+      if not StartService(hSvc, 0, pch) then begin
+        ExitError('StartService', Code);
+        Exit;
+      end;
+    end else begin
+      ExitError('StartService', Code);
+      Exit;
+    end;
   end;
   CloseServiceHandle(hSvc);
   CloseServiceHandle(hSC);
@@ -318,6 +357,8 @@ begin
     Halt(Code);
   end;
 
+  dwResumeHandle := 0;
+
   SetLength(Svc, 1489);
   FillChar(Svc[0], sizeof(Svc[0])*Length(Svc), 0);
   if not EnumServicesStatusEx(hSC, SC_ENUM_PROCESS_INFO, SERVICE_WIN32, SERVICE_STATE_ALL,
@@ -557,41 +598,196 @@ begin
   ResStream.Free;
 end;
 
+function ExtractResText(ResName: String): String;
+var
+  ResStream: TResourceStream;
+  Str: TStringList;
+begin
+  ResStream := TResourceStream.Create(HInstance, ResName, RT_RCDATA);
+  Str := TStringList.Create;
+  try
+    Str.LoadFromStream(ResStream);
+  except
+
+  end;
+  ResStream.Free;
+  Result := Str.Text;
+  Str.Free;
+end;
+
+function GitINIFile(var Content: String): Boolean;
+const
+  URL = 'https://raw.githubusercontent.com/stascorp/rdpwrap/master/res/rdpwrap.ini';
+var
+  NetHandle: HINTERNET;
+  UrlHandle: HINTERNET;
+  Str: String;
+  Buf: Array[0..1023] of Byte;
+  BytesRead: DWORD;
+begin
+  Result := False;
+  Content := '';
+  NetHandle := InternetOpen('RDP Wrapper Update', INTERNET_OPEN_TYPE_PRECONFIG, nil, nil, 0);
+  if not Assigned(NetHandle) then
+    Exit;
+  UrlHandle := InternetOpenUrl(NetHandle, PChar(URL), nil, 0, INTERNET_FLAG_RELOAD, 0);
+  if not Assigned(UrlHandle) then
+  begin
+    InternetCloseHandle(NetHandle);
+    Exit;
+  end;
+  repeat
+    InternetReadFile(UrlHandle, @Buf[0], SizeOf(Buf), BytesRead);
+    SetString(Str, PAnsiChar(@Buf[0]), BytesRead);
+    Content := Content + Str;
+  until BytesRead = 0;
+  InternetCloseHandle(UrlHandle);
+  InternetCloseHandle(NetHandle);
+  Result := True;
+end;
+
+procedure GrantSidFullAccess(Path, SID: String);
+var
+  p_SID: PSID;
+  pDACL: PACL;
+  EA: EXPLICIT_ACCESS;
+  Code, Result: DWORD;
+begin
+  p_SID := nil;
+  if not ConvertStringSidToSid(PChar(SID), p_SID) then
+  begin
+    Code := GetLastError;
+    Writeln('[-] ConvertStringSidToSid error (code ', Code, ').');
+    Exit;
+  end;
+  EA.grfAccessPermissions := GENERIC_ALL;
+  EA.grfAccessMode := GRANT_ACCESS;
+  EA.grfInheritance := SUB_CONTAINERS_AND_OBJECTS_INHERIT;
+  EA.Trustee.pMultipleTrustee := nil;
+  EA.Trustee.MultipleTrusteeOperation := NO_MULTIPLE_TRUSTEE;
+  EA.Trustee.TrusteeForm := TRUSTEE_IS_SID;
+  EA.Trustee.TrusteeType := TRUSTEE_IS_WELL_KNOWN_GROUP;
+  EA.Trustee.ptstrName := p_SID;
+
+  Result := SetEntriesInAcl(1, @EA, nil, pDACL);
+  if Result = ERROR_SUCCESS then
+  begin
+    if SetNamedSecurityInfo(pchar(Path), SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, nil, nil, pDACL, nil) <> ERROR_SUCCESS then
+    begin
+      Code := GetLastError;
+      Writeln('[-] SetNamedSecurityInfo error (code ', Code, ').');
+    end;
+    LocalFree(Cardinal(pDACL));
+  end
+  else begin
+    Code := GetLastError;
+    Writeln('[-] SetEntriesInAcl error (code ', Code, ').');
+  end;
+end;
+
 procedure ExtractFiles;
+var
+  RDPClipRes, RfxvmtRes, S: String;
+  OnlineINI: TStringList;
 begin
   if not DirectoryExists(ExtractFilePath(ExpandPath(WrapPath))) then
-    if ForceDirectories(ExtractFilePath(ExpandPath(WrapPath))) then
-      Writeln('[+] Folder created: ', ExtractFilePath(ExpandPath(WrapPath)))
+    if ForceDirectories(ExtractFilePath(ExpandPath(WrapPath))) then begin
+      S := ExtractFilePath(ExpandPath(WrapPath));
+      Writeln('[+] Folder created: ', S);
+      GrantSidFullAccess(S, 'S-1-5-18'); // Local System account
+      GrantSidFullAccess(S, 'S-1-5-6'); // Service group
+    end
     else begin
       Writeln('[-] ForceDirectories error.');
       Writeln('[*] Path: ', ExtractFilePath(ExpandPath(WrapPath)));
       Halt(0);
     end;
+  if Online then
+  begin
+    Writeln('[*] Downloading latest INI file...');
+    OnlineINI := TStringList.Create;
+    if GitINIFile(S) then begin
+      OnlineINI.Text := S;
+      S := ExtractFilePath(ExpandPath(WrapPath)) + 'rdpwrap.ini';
+      OnlineINI.SaveToFile(S);
+      Writeln('[+] Latest INI file -> ', S);
+    end
+    else
+    begin
+      Writeln('[-] Failed to get online INI file, using built-in.');
+      Online := False;
+    end;
+    OnlineINI.Free;
+  end;
+  if not Online then
+  begin
+    S := ExtractFilePath(ParamStr(0)) + 'rdpwrap.ini';
+    if FileExists(S) then
+    begin
+      OnlineINI := TStringList.Create;
+      OnlineINI.LoadFromFile(S);
+      S := ExtractFilePath(ExpandPath(WrapPath)) + 'rdpwrap.ini';
+      OnlineINI.SaveToFile(S);
+      Writeln('[+] Current INI file -> ', S);
+      OnlineINI.Free;
+    end else
+      ExtractRes('config', ExtractFilePath(ExpandPath(WrapPath)) + 'rdpwrap.ini');
+  end;
+
+  RDPClipRes := '';
+  RfxvmtRes := '';
   case Arch of
     32: begin
       ExtractRes('rdpw32', ExpandPath(WrapPath));
-      if not FileExists(ExpandPath('%SystemRoot%\System32\rdpclip.exe')) then
-        ExtractRes('rdpclip32', ExpandPath('%SystemRoot%\System32\rdpclip.exe'));
+      if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 0) then
+        RDPClipRes := 'rdpclip6032';
+      if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then
+        RDPClipRes := 'rdpclip6132';
+      if (FV.Version.w.Major = 10) and (FV.Version.w.Minor = 0) then
+        RfxvmtRes := 'rfxvmt32';
     end;
     64: begin
       ExtractRes('rdpw64', ExpandPath(WrapPath));
-      if not FileExists(ExpandPath('%SystemRoot%\System32\rdpclip.exe')) then
-        ExtractRes('rdpclip64', ExpandPath('%SystemRoot%\System32\rdpclip.exe'));
+      if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 0) then
+        RDPClipRes := 'rdpclip6064';
+      if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then
+        RDPClipRes := 'rdpclip6164';
+      if (FV.Version.w.Major = 10) and (FV.Version.w.Minor = 0) then
+        RfxvmtRes := 'rfxvmt64';
     end;
   end;
+  if RDPClipRes <> '' then
+    if not FileExists(ExpandPath('%SystemRoot%\System32\rdpclip.exe')) then
+      ExtractRes(RDPClipRes, ExpandPath('%SystemRoot%\System32\rdpclip.exe'));
+  if RfxvmtRes <> '' then
+    if not FileExists(ExpandPath('%SystemRoot%\System32\rfxvmt.dll')) then
+      ExtractRes(RfxvmtRes, ExpandPath('%SystemRoot%\System32\rfxvmt.dll'));
 end;
 
 procedure DeleteFiles;
 var
   Code: DWORD;
+  FullPath, Path: String;
 begin
-  if not DeleteFile(PWideChar(ExpandPath(TermServicePath))) then
+  FullPath := ExpandPath(TermServicePath);
+  Path := ExtractFilePath(FullPath);
+
+  if not DeleteFile(PWideChar(Path + 'rdpwrap.ini')) then
   begin
     Code := GetLastError;
     Writeln('[-] DeleteFile error (code ', Code, ').');
     Exit;
   end;
-  Writeln('[+] Removed file: ', ExpandPath(TermServicePath));
+  Writeln('[+] Removed file: ', Path + 'rdpwrap.ini');
+
+  if not DeleteFile(PWideChar(FullPath)) then
+  begin
+    Code := GetLastError;
+    Writeln('[-] DeleteFile error (code ', Code, ').');
+    Exit;
+  end;
+  Writeln('[+] Removed file: ', FullPath);
+
   if not RemoveDirectory(PWideChar(ExtractFilePath(ExpandPath(TermServicePath)))) then
   begin
     Code := GetLastError;
@@ -643,17 +839,25 @@ begin
   FileVersion.bPrivate := (VersionInfo.Value.dwFileFlags and VFF_PRIVATE) = VFF_PRIVATE;
   FileVersion.bSpecial := (VersionInfo.Value.dwFileFlags and VFF_SPECIAL) = VFF_SPECIAL;
 
+  FreeLibrary(hFile);
   Result := True;
 end;
 
 procedure CheckTermsrvVersion;
 var
   SuppLvl: Byte;
+  VerTxt: String;
+
+  procedure UpdateMsg;
+  begin
+    Writeln('Try running "update.bat" or "RDPWInst -w" to download latest INI file.');
+    Writeln('If it doesn''t help, send your termsrv.dll to project developer for support.');
+  end;
 begin
   GetFileVersion(ExpandPath(TermServicePath), FV);
-  Writeln('[*] Terminal Services version: ',
-  Format('%d.%d.%d.%d',
-  [FV.Version.w.Major, FV.Version.w.Minor, FV.Release, FV.Build]));
+  VerTxt := Format('%d.%d.%d.%d',
+  [FV.Version.w.Major, FV.Version.w.Minor, FV.Release, FV.Build]);
+  Writeln('[*] Terminal Services version: ', VerTxt);
 
   if (FV.Version.w.Major = 5) and (FV.Version.w.Minor = 1) then
   begin
@@ -682,69 +886,20 @@ begin
       Writeln('[!] This version of Terminal Services may crash on logon attempt.');
       Writeln('It''s recommended to upgrade to Service Pack 1 or higher.');
     end;
-    if (FV.Release = 6000) and (FV.Build = 16386) then
-      SuppLvl := 2;
-    if (FV.Release = 6001) and (FV.Build = 18000) then
-      SuppLvl := 2;
-    if (FV.Release = 6002) and (FV.Build = 18005) then
-      SuppLvl := 2;
-    if (FV.Release = 6002) and (FV.Build = 19214) then
-      SuppLvl := 2;
-    if (FV.Release = 6002) and (FV.Build = 23521) then
-      SuppLvl := 2;
   end;
-  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then begin
+  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then
     SuppLvl := 1;
-    if (FV.Release = 7600) and (FV.Build = 16385) then
-      SuppLvl := 2;
-    if (FV.Release = 7601) and (FV.Build = 17514) then
-      SuppLvl := 2;
-    if (FV.Release = 7601) and (FV.Build = 18540) then
-      SuppLvl := 2;
-    if (FV.Release = 7601) and (FV.Build = 22750) then
-      SuppLvl := 2;
-    if (FV.Release = 7601) and (FV.Build = 18637) then
-      SuppLvl := 2;
-    if (FV.Release = 7601) and (FV.Build = 22843) then
-      SuppLvl := 2;
-  end;
-  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 2) then begin
-    if (FV.Release = 8102) and (FV.Build = 0) then
-      SuppLvl := 2;
-    if (FV.Release = 8250) and (FV.Build = 0) then
-      SuppLvl := 2;
-    if (FV.Release = 8400) and (FV.Build = 0) then
-      SuppLvl := 2;
-    if (FV.Release = 9200) and (FV.Build = 16384) then
-      SuppLvl := 2;
-    if (FV.Release = 9200) and (FV.Build = 17048) then
-      SuppLvl := 2;
-    if (FV.Release = 9200) and (FV.Build = 21166) then
-      SuppLvl := 2;
-  end;
-  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 3) then begin
-    if (FV.Release = 9431) and (FV.Build = 0) then
-      SuppLvl := 2;
-    if (FV.Release = 9600) and (FV.Build = 16384) then
-      SuppLvl := 2;
-    if (FV.Release = 9600) and (FV.Build = 17095) then
-      SuppLvl := 2;
-  end;
-  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 4) then begin
-    if (FV.Release = 9841) and (FV.Build = 0) then
-      SuppLvl := 2;
-    if (FV.Release = 9860) and (FV.Build = 0) then
-      SuppLvl := 2;
-  end;
+  if Pos('[' + VerTxt + ']', ExtractResText('config')) > 0 then
+    SuppLvl := 2;
   case SuppLvl of
     0: begin
       Writeln('[-] This version of Terminal Services is not supported.');
-      Writeln('Send your termsrv.dll to project developer for support.');
+      UpdateMsg;
     end;
     1: begin
       Writeln('[!] This version of Terminal Services is supported partially.');
       Writeln('It means you may have some limitations such as only 2 concurrent sessions.');
-      Writeln('Send your termsrv.dll to project developer for adding full support.');
+      UpdateMsg;
     end;
     2: begin
       Writeln('[+] This version of Terminal Services is fully supported.');
@@ -873,36 +1028,148 @@ end;
 procedure TSConfigFirewall(Enable: Boolean);
 begin
   if Enable then
-    ExecWait('netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow')
-  else
+  begin
+    ExecWait('netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow');
+    ExecWait('netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=udp localport=3389 profile=any action=allow');
+  end else
     ExecWait('netsh advfirewall firewall delete rule name="Remote Desktop"');
 end;
 
+function CheckINIDate(Filename, Content: String; var Date: Integer): Boolean;
+var
+  Str: TStringList;
+  I: Integer;
+begin
+  Result := False;
+  Str := TStringList.Create;
+  if Filename <> '' then begin
+    try
+      Str.LoadFromFile(Filename);
+    except
+      Writeln('[-] Failed to read INI file.');
+      Exit;
+    end;
+  end else
+    Str.Text := Content;
+  for I := 0 to Str.Count - 1 do
+    if Pos('Updated=', Str[I]) = 1 then
+      Break;
+  if I >= Str.Count then begin
+    Writeln('[-] Failed to check INI date.');
+    Exit;
+  end;
+  Content := StringReplace(Str[I], 'Updated=', '', []);
+  Content := StringReplace(Content, '-', '', [rfReplaceAll]);
+  Str.Free;
+  try
+    Date := StrToInt(Content);
+  except
+    Writeln('[-] Wrong INI date format.');
+    Exit;
+  end;
+  Result := True;
+end;
+
+procedure CheckUpdate;
+var
+  INIPath, S: String;
+  Str: TStringList;
+  I, OldDate, NewDate: Integer;
+begin
+  INIPath := ExtractFilePath(ExpandPath(TermServicePath)) + 'rdpwrap.ini';
+  if not CheckINIDate(INIPath, '', OldDate) then
+    Halt(ERROR_ACCESS_DENIED);
+  Writeln('[*] Current update date: ',
+    Format('%d.%.2d.%.2d', [OldDate div 10000, OldDate div 100 mod 100, OldDate mod 100]));
+
+  if not GitINIFile(S) then begin
+    Writeln('[-] Failed to download latest INI from GitHub.');
+    Halt(ERROR_ACCESS_DENIED);
+  end;
+  if not CheckINIDate('', S, NewDate) then
+    Halt(ERROR_ACCESS_DENIED);
+  Writeln('[*] Latest update date:  ',
+    Format('%d.%.2d.%.2d', [NewDate div 10000, NewDate div 100 mod 100, NewDate mod 100]));
+
+  if NewDate = OldDate then
+    Writeln('[*] Everything is up to date.')
+  else
+    if NewDate > OldDate then begin
+      Writeln('[+] New update is available, updating...');
+
+      CheckTermsrvProcess;
+
+      Writeln('[*] Terminating service...');
+      AddPrivilege('SeDebugPrivilege');
+      KillProcess(TermServicePID);
+      Sleep(1000);
+
+      if Length(ShareSvc) > 0 then
+        for I := 0 to Length(ShareSvc) - 1 do
+          SvcStart(ShareSvc[I]);
+      Sleep(500);
+
+      Str := TStringList.Create;
+      Str.Text := S;
+      try
+        Str.SaveToFile(INIPath);
+      except
+        Writeln('[-] Failed to write INI file.');
+        Halt(ERROR_ACCESS_DENIED);
+      end;
+      Str.Free;
+
+      SvcStart(TermService);
+
+      Writeln('[+] Update completed.');
+    end else
+      Writeln('[*] Your INI file is newer than public file. Are you a developer? :)');
+end;
+
 var
   I: Integer;
 begin
-  Writeln('RDP Wrapper Library v1.4');
-  Writeln('Installer v2.2');
-  Writeln('Copyright (C) Stas''M Corp. 2014');
+  Writeln('RDP Wrapper Library v1.6.2');
+  Writeln('Installer v2.6');
+  Writeln('Copyright (C) Stas''M Corp. 2018');
   Writeln('');
 
   if (ParamCount < 1)
   or (
-    (ParamStr(1) <> '-i')
+    (ParamStr(1) <> '-l')
+    and (ParamStr(1) <> '-i')
+    and (ParamStr(1) <> '-w')
     and (ParamStr(1) <> '-u')
     and (ParamStr(1) <> '-r')
   ) then
   begin
     Writeln('USAGE:');
-    Writeln('RDPWInst.exe [-i[-s]|-u|-r]');
+    Writeln('RDPWInst.exe [-l|-i[-s][-o]|-w|-u[-k]|-r]');
     Writeln('');
+    Writeln('-l          display the license agreement');
     Writeln('-i          install wrapper to Program Files folder (default)');
     Writeln('-i -s       install wrapper to System32 folder');
+    Writeln('-i -o       online install mode (loads latest INI file)');
+    Writeln('-w          get latest update for INI file');
     Writeln('-u          uninstall wrapper');
+    Writeln('-u -k       uninstall wrapper and keep settings');
     Writeln('-r          force restart Terminal Services');
     Exit;
   end;
 
+  if ParamStr(1) = '-l' then
+  begin
+    Writeln(ExtractResText('license'));
+    Exit;
+  end;
+
+  if not CheckWin32Version(6,0) then
+  begin
+    Writeln('[-] Unsupported Windows version:');
+    Writeln('  only >= 6.0 (Vista, Server 2008 and newer) are supported.');
+    Exit;
+  end;
+
   if not SupportedArchitecture then
   begin
     Writeln('[-] Unsupported processor architecture.');
@@ -918,6 +1185,13 @@ begin
       Writeln('[*] RDP Wrapper Library is already installed.');
       Halt(ERROR_INVALID_FUNCTION);
     end;
+    Writeln('[*] Notice to user:');
+    Writeln('  - By using all or any portion of this software, you are agreeing');
+    Writeln('  to be bound by all the terms and conditions of the license agreement.');
+    Writeln('  - To read the license agreement, run the installer with -l parameter.');
+    Writeln('  - If you do not agree to any terms of the license agreement,');
+    Writeln('  do not use the software.');
+
     Writeln('[*] Installing...');
     if ParamStr(2) = '-s' then
       WrapPath := '%SystemRoot%\system32\rdpwrap.dll'
@@ -931,6 +1205,7 @@ begin
     CheckTermsrvProcess;
 
     Writeln('[*] Extracting files...');
+    Online := (ParamStr(2) = '-o') or (ParamStr(3) = '-o');
     ExtractFiles;
 
     Writeln('[*] Configuring service library...');
@@ -993,16 +1268,31 @@ begin
     SvcStart(TermService);
     Sleep(500);
 
-    Writeln('[*] Configuring registry...');
-    TSConfigRegistry(False);
-    Writeln('[*] Configuring firewall...');
-    TSConfigFirewall(False);
+    if ParamStr(2) <> '-k' then
+    begin
+      Writeln('[*] Configuring registry...');
+      TSConfigRegistry(False);
+      Writeln('[*] Configuring firewall...');
+      TSConfigFirewall(False);
+    end;
 
     if Arch = 64 then
       RevertWowRedirection;
 
     Writeln('[+] Successfully uninstalled.');
   end;
+
+  if ParamStr(1) = '-w' then
+  begin
+    if not Installed then
+    begin
+      Writeln('[*] RDP Wrapper Library is not installed.');
+      Halt(ERROR_INVALID_FUNCTION);
+    end;
+    Writeln('[*] Checking for updates...');
+    CheckUpdate;
+  end;
+
   if ParamStr(1) = '-r' then
   begin
     Writeln('[*] Restarting...');
diff --git a/src-installer/RDPWInst.dproj b/src-installer/RDPWInst.dproj
index 78b7b03..6afda06 100644
--- a/src-installer/RDPWInst.dproj
+++ b/src-installer/RDPWInst.dproj
@@ -20,8 +20,9 @@
 			<Base>true</Base>
 		</PropertyGroup>
 		<PropertyGroup Condition="'$(Base)'!=''">
+			<DCC_ExeOutput>..\bin\</DCC_ExeOutput>
 			<DCC_UnitAlias>WinTypes=Windows;WinProcs=Windows;DbiTypes=BDE;DbiProcs=BDE;DbiErrs=BDE;$(DCC_UnitAlias)</DCC_UnitAlias>
-			<DCC_DependencyCheckOutputName>RDPWInst.exe</DCC_DependencyCheckOutputName>
+			<DCC_DependencyCheckOutputName>..\bin\RDPWInst.exe</DCC_DependencyCheckOutputName>
 			<DCC_ImageBase>00400000</DCC_ImageBase>
 			<DCC_Platform>x86</DCC_Platform>
 		</PropertyGroup>
@@ -41,14 +42,14 @@
 			<BuildConfiguration Include="Base">
 				<Key>Base</Key>
 			</BuildConfiguration>
-			<BuildConfiguration Include="Debug">
-				<Key>Cfg_2</Key>
-				<CfgParent>Base</CfgParent>
-			</BuildConfiguration>
 			<BuildConfiguration Include="Release">
 				<Key>Cfg_1</Key>
 				<CfgParent>Base</CfgParent>
 			</BuildConfiguration>
+			<BuildConfiguration Include="Debug">
+				<Key>Cfg_2</Key>
+				<CfgParent>Base</CfgParent>
+			</BuildConfiguration>
 		</ItemGroup>
 		<Import Project="$(BDS)\Bin\CodeGear.Delphi.Targets" Condition="Exists('$(BDS)\Bin\CodeGear.Delphi.Targets')"/>
 		<ProjectExtensions>
@@ -60,7 +61,7 @@
 						<Parameters Name="UseLauncher">False</Parameters>
 						<Parameters Name="LoadAllSymbols">True</Parameters>
 						<Parameters Name="LoadUnspecifiedSymbols">False</Parameters>
-						<Parameters Name="RunParams">-i</Parameters>
+						<Parameters Name="RunParams">-w</Parameters>
 					</Parameters>
 					<VersionInfo>
 						<VersionInfo Name="IncludeVerInfo">False</VersionInfo>
diff --git a/src-installer/RDPWInst.dproj.local b/src-installer/RDPWInst.dproj.local
deleted file mode 100644
index 673bb99..0000000
--- a/src-installer/RDPWInst.dproj.local
+++ /dev/null
@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<BorlandProject>
-	<Transactions>
-    <Transaction>2013.12.07 17:17:05.152.dproj,C:\Users\user\Documents\RAD Studio\Projects\Project1.dproj=C:\Users\user\Documents\Delphi Projects (local)\RDPWrapInst\RDPInstall.dproj</Transaction>
-    <Transaction>2013.12.07 19:48:57.905.dproj,C:\Users\user\Documents\Delphi Projects (local)\RDPWrapInst\RDPInstall.dproj=C:\Users\user\Documents\Delphi Projects (local)\RDPWrapInst\RDPWInst.dproj</Transaction>
-    <Transaction>2013.12.08 01:45:08.501.dproj,C:\Users\user\Documents\Delphi Projects (local)\RDPWrapInst\RDPWInst.dproj=C:\Users\user\Documents\Delphi Projects (local)\RDPWrap\devel\installer2.0-binarymaster\RDPWInst.dproj</Transaction>
-  </Transactions>
-</BorlandProject>
diff --git a/src-installer/RDPWInst.identcache b/src-installer/RDPWInst.identcache
deleted file mode 100644
index 2ed9853..0000000
Binary files a/src-installer/RDPWInst.identcache and /dev/null differ
diff --git a/src-installer/RDPWInstResource.rc b/src-installer/RDPWInstResource.rc
deleted file mode 100644
index a0a5a20..0000000
--- a/src-installer/RDPWInstResource.rc
+++ /dev/null
@@ -1,4 +0,0 @@
-rdpclip64 RCData "..\\rdpclip-x64.exe"
-rdpclip32 RCData "..\\rdpclip-x86.exe"
-rdpw32 RCData "..\\v1.2-x86-binarymaster\\rdpwrap.dll"
-rdpw64 RCData "..\\v1.2-x86-x64-Fusix\\rdpw64.dll"
diff --git a/src-installer/resource.res b/src-installer/resource.res
index f0f95de..0e896e1 100644
Binary files a/src-installer/resource.res and b/src-installer/resource.res differ
diff --git a/src-rdpcheck/MainUnit.dcu b/src-rdpcheck/MainUnit.dcu
deleted file mode 100644
index 97137d3..0000000
Binary files a/src-rdpcheck/MainUnit.dcu and /dev/null differ
diff --git a/src-rdpcheck/MainUnit.pas b/src-rdpcheck/MainUnit.pas
index af750f1..3c4655f 100644
--- a/src-rdpcheck/MainUnit.pas
+++ b/src-rdpcheck/MainUnit.pas
@@ -1,3 +1,19 @@
+{
+  Copyright 2015 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
 unit MainUnit;
 
 interface
@@ -28,13 +44,12 @@ implementation
 procedure TFrm.FormCreate(Sender: TObject);
 var
   Reg: TRegistry;
-  Port: Integer;
 begin
   RDP.DisconnectedText := 'Disconnected.';
   RDP.ConnectingText := 'Connecting...';
   RDP.ConnectedStatusText := 'Connected.';
   RDP.UserName := '';
-  RDP.Server := '127.0.0.1';
+  RDP.Server := '127.0.0.2';
   Reg := TRegistry.Create;
   Reg.RootKey := HKEY_LOCAL_MACHINE;
 
@@ -116,8 +131,8 @@ begin
     $1707: ErrStr := 'Delegation of credentials to the target server is not allowed unless mutual authentication has been achieved.';
     $2207: ErrStr := 'The smart card is blocked.';
     $1C07: ErrStr := 'An incorrect PIN was presented to the smart card.';
-    $B09: ErrStr := 'Network Level Authentication is required.';
-    $708: ErrStr := 'The RDP seems to work, but your client doesn''t support loopback connections. Try to connect to your PC from another device in the network.';
+    $B09: ErrStr := 'Network Level Authentication is required, run RDPCheck as administrator.';
+    $708: ErrStr := 'RDP is working, but the client doesn''t allow loopback connections. Try to connect to your PC from another device in the network.';
     else ErrStr := 'Unknown code 0x'+IntToHex(discReason, 1);
   end;
   if (discReason > 2) then
diff --git a/src-rdpcheck/RDPCheck.dpr b/src-rdpcheck/RDPCheck.dpr
index 3e05407..5f4c5ad 100644
--- a/src-rdpcheck/RDPCheck.dpr
+++ b/src-rdpcheck/RDPCheck.dpr
@@ -1,3 +1,19 @@
+{
+  Copyright 2014 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
 program RDPCheck;
 
 uses
diff --git a/src-rdpcheck/RDPCheck.dproj b/src-rdpcheck/RDPCheck.dproj
index d88a8c6..c5027ce 100644
--- a/src-rdpcheck/RDPCheck.dproj
+++ b/src-rdpcheck/RDPCheck.dproj
@@ -20,8 +20,9 @@
 			<Base>true</Base>
 		</PropertyGroup>
 		<PropertyGroup Condition="'$(Base)'!=''">
+			<DCC_ExeOutput>..\bin\</DCC_ExeOutput>
 			<DCC_UnitAlias>WinTypes=Windows;WinProcs=Windows;DbiTypes=BDE;DbiProcs=BDE;DbiErrs=BDE;$(DCC_UnitAlias)</DCC_UnitAlias>
-			<DCC_DependencyCheckOutputName>RDPCheck.exe</DCC_DependencyCheckOutputName>
+			<DCC_DependencyCheckOutputName>..\bin\RDPCheck.exe</DCC_DependencyCheckOutputName>
 			<DCC_ImageBase>00400000</DCC_ImageBase>
 			<DCC_Platform>x86</DCC_Platform>
 		</PropertyGroup>
@@ -44,14 +45,14 @@
 			<BuildConfiguration Include="Base">
 				<Key>Base</Key>
 			</BuildConfiguration>
-			<BuildConfiguration Include="Debug">
-				<Key>Cfg_2</Key>
-				<CfgParent>Base</CfgParent>
-			</BuildConfiguration>
 			<BuildConfiguration Include="Release">
 				<Key>Cfg_1</Key>
 				<CfgParent>Base</CfgParent>
 			</BuildConfiguration>
+			<BuildConfiguration Include="Debug">
+				<Key>Cfg_2</Key>
+				<CfgParent>Base</CfgParent>
+			</BuildConfiguration>
 		</ItemGroup>
 		<Import Project="$(BDS)\Bin\CodeGear.Delphi.Targets" Condition="Exists('$(BDS)\Bin\CodeGear.Delphi.Targets')"/>
 		<ProjectExtensions>
@@ -68,7 +69,7 @@
 						<VersionInfo Name="IncludeVerInfo">True</VersionInfo>
 						<VersionInfo Name="AutoIncBuild">False</VersionInfo>
 						<VersionInfo Name="MajorVer">2</VersionInfo>
-						<VersionInfo Name="MinorVer">1</VersionInfo>
+						<VersionInfo Name="MinorVer">2</VersionInfo>
 						<VersionInfo Name="Release">0</VersionInfo>
 						<VersionInfo Name="Build">0</VersionInfo>
 						<VersionInfo Name="Debug">False</VersionInfo>
@@ -82,13 +83,13 @@
 					<VersionInfoKeys>
 						<VersionInfoKeys Name="CompanyName">Stas&apos;M Corp.</VersionInfoKeys>
 						<VersionInfoKeys Name="FileDescription">Local RDP Checker</VersionInfoKeys>
-						<VersionInfoKeys Name="FileVersion">2.1.0.0</VersionInfoKeys>
+						<VersionInfoKeys Name="FileVersion">2.2.0.0</VersionInfoKeys>
 						<VersionInfoKeys Name="InternalName">RDPCheck</VersionInfoKeys>
-						<VersionInfoKeys Name="LegalCopyright">Copyright © Stas&apos;M Corp. 2014</VersionInfoKeys>
+						<VersionInfoKeys Name="LegalCopyright">Copyright © Stas&apos;M Corp. 2015</VersionInfoKeys>
 						<VersionInfoKeys Name="LegalTrademarks">Stas&apos;M Corp.</VersionInfoKeys>
 						<VersionInfoKeys Name="OriginalFilename">RDPCheck.exe</VersionInfoKeys>
 						<VersionInfoKeys Name="ProductName">RDP Host Support</VersionInfoKeys>
-						<VersionInfoKeys Name="ProductVersion">1.3.0.0</VersionInfoKeys>
+						<VersionInfoKeys Name="ProductVersion">1.6.0.0</VersionInfoKeys>
 						<VersionInfoKeys Name="Comments">http://stascorp.com</VersionInfoKeys>
 					</VersionInfoKeys>
 					<Excluded_Packages>
diff --git a/src-rdpcheck/RDPCheck.dproj.local b/src-rdpcheck/RDPCheck.dproj.local
deleted file mode 100644
index 51a53c6..0000000
--- a/src-rdpcheck/RDPCheck.dproj.local
+++ /dev/null
@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<BorlandProject>
-	<Transactions>
-    <Transaction>2013.12.08 02:49:59.064.pas,C:\Users\user\Documents\RAD Studio\Projects\Unit2.pas=C:\Users\user\Documents\Delphi Projects (local)\RDPWrap\devel\rdpcheck-binarymaster\MainUnit.pas</Transaction>
-    <Transaction>2013.12.08 02:49:59.064.dfm,C:\Users\user\Documents\RAD Studio\Projects\Unit2.dfm=C:\Users\user\Documents\Delphi Projects (local)\RDPWrap\devel\rdpcheck-binarymaster\MainUnit.dfm</Transaction>
-    <Transaction>2013.12.08 02:50:08.464.dproj,C:\Users\user\Documents\RAD Studio\Projects\Project1.dproj=C:\Users\user\Documents\Delphi Projects (local)\RDPWrap\devel\rdpcheck-binarymaster\RDPCheck.dproj</Transaction>
-  </Transactions>
-</BorlandProject>
diff --git a/src-rdpcheck/RDPCheck.identcache b/src-rdpcheck/RDPCheck.identcache
deleted file mode 100644
index d2f5d39..0000000
Binary files a/src-rdpcheck/RDPCheck.identcache and /dev/null differ
diff --git a/src-rdpcheck/RDPCheck.res b/src-rdpcheck/RDPCheck.res
index 9ff016e..724bf2e 100644
Binary files a/src-rdpcheck/RDPCheck.res and b/src-rdpcheck/RDPCheck.res differ
diff --git a/src-rdpconfig/LicenseUnit.dfm b/src-rdpconfig/LicenseUnit.dfm
new file mode 100644
index 0000000..fae5719
--- /dev/null
+++ b/src-rdpconfig/LicenseUnit.dfm
@@ -0,0 +1,47 @@
+object LicenseForm: TLicenseForm
+  Left = 0
+  Top = 0
+  BorderIcons = []
+  BorderStyle = bsDialog
+  Caption = 'License Agreement'
+  ClientHeight = 344
+  ClientWidth = 386
+  Color = clBtnFace
+  Font.Charset = DEFAULT_CHARSET
+  Font.Color = clWindowText
+  Font.Height = -11
+  Font.Name = 'Tahoma'
+  Font.Style = []
+  OldCreateOrder = False
+  Position = poOwnerFormCenter
+  PixelsPerInch = 96
+  TextHeight = 13
+  object mText: TMemo
+    Left = 8
+    Top = 8
+    Width = 370
+    Height = 297
+    ReadOnly = True
+    ScrollBars = ssBoth
+    TabOrder = 0
+    WordWrap = False
+  end
+  object bAccept: TButton
+    Left = 115
+    Top = 311
+    Width = 75
+    Height = 25
+    Caption = '&Accept'
+    ModalResult = 1
+    TabOrder = 1
+  end
+  object bDecline: TButton
+    Left = 196
+    Top = 311
+    Width = 75
+    Height = 25
+    Caption = '&Decline'
+    ModalResult = 2
+    TabOrder = 2
+  end
+end
diff --git a/src-rdpconfig/LicenseUnit.pas b/src-rdpconfig/LicenseUnit.pas
new file mode 100644
index 0000000..a44a2ad
--- /dev/null
+++ b/src-rdpconfig/LicenseUnit.pas
@@ -0,0 +1,43 @@
+{
+  Copyright 2014 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
+unit LicenseUnit;
+
+interface
+
+uses
+  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
+  Dialogs, StdCtrls;
+
+type
+  TLicenseForm = class(TForm)
+    mText: TMemo;
+    bAccept: TButton;
+    bDecline: TButton;
+  private
+    { Private declarations }
+  public
+    { Public declarations }
+  end;
+
+var
+  LicenseForm: TLicenseForm;
+
+implementation
+
+{$R *.dfm}
+
+end.
diff --git a/src-rdpconfig/MainUnit.dcu b/src-rdpconfig/MainUnit.dcu
deleted file mode 100644
index 2e2f289..0000000
Binary files a/src-rdpconfig/MainUnit.dcu and /dev/null differ
diff --git a/src-rdpconfig/MainUnit.dfm b/src-rdpconfig/MainUnit.dfm
index 887995d..c077af1 100644
--- a/src-rdpconfig/MainUnit.dfm
+++ b/src-rdpconfig/MainUnit.dfm
@@ -2,9 +2,9 @@ object MainForm: TMainForm
   Left = 0
   Top = 0
   BorderStyle = bsDialog
-  Caption = 'Remote Desktop Protocol Configuration'
-  ClientHeight = 245
-  ClientWidth = 326
+  Caption = 'RDP Wrapper Configuration'
+  ClientHeight = 314
+  ClientWidth = 404
   Color = clBtnFace
   Font.Charset = DEFAULT_CHARSET
   Font.Color = clWindowText
@@ -15,98 +15,227 @@ object MainForm: TMainForm
   Position = poDesktopCenter
   OnCloseQuery = FormCloseQuery
   OnCreate = FormCreate
+  OnDestroy = FormDestroy
   PixelsPerInch = 96
   TextHeight = 13
-  object lRDPPort: TLabel
-    Left = 203
-    Top = 22
-    Width = 47
-    Height = 13
-    Caption = 'RDP Port:'
-  end
   object bOK: TButton
-    Left = 45
-    Top = 212
+    Left = 40
+    Top = 281
     Width = 75
     Height = 25
     Caption = 'OK'
     ModalResult = 1
-    TabOrder = 0
+    TabOrder = 4
     OnClick = bOKClick
   end
   object bCancel: TButton
-    Left = 126
-    Top = 212
+    Left = 121
+    Top = 281
     Width = 75
     Height = 25
     Caption = 'Cancel'
     ModalResult = 2
-    TabOrder = 1
+    TabOrder = 5
     OnClick = bCancelClick
   end
   object bApply: TButton
-    Left = 207
-    Top = 212
+    Left = 202
+    Top = 281
     Width = 75
     Height = 25
     Caption = 'Apply'
     Enabled = False
-    TabOrder = 2
+    TabOrder = 6
     OnClick = bApplyClick
   end
-  object cbSingleSessionPerUser: TCheckBox
-    Left = 8
-    Top = 31
-    Width = 130
-    Height = 17
-    Caption = 'Single Session Per User'
-    TabOrder = 3
-    OnClick = cbAllowTSConnectionsClick
-  end
   object rgNLA: TRadioGroup
-    Left = 8
-    Top = 54
-    Width = 310
+    Left = 202
+    Top = 89
+    Width = 194
     Height = 73
-    Caption = 'Security Mode'
+    Caption = 'Authentication Mode'
     Items.Strings = (
-      'Disable Security (not recommended)'
-      'Default Authentication (compatibility with older clients)'
-      'Network Level Authentication (best)')
-    TabOrder = 4
-    OnClick = cbAllowTSConnectionsClick
-  end
-  object cbAllowTSConnections: TCheckBox
-    Left = 8
-    Top = 8
-    Width = 174
-    Height = 17
-    Caption = 'Enable Remote Desktop Protocol'
-    TabOrder = 5
+      'GUI Authentication Only'
+      'Default RDP Authentication'
+      'Network Level Authentication')
+    TabOrder = 2
     OnClick = cbAllowTSConnectionsClick
   end
   object rgShadow: TRadioGroup
-    Left = 8
-    Top = 133
-    Width = 310
-    Height = 73
+    Left = 202
+    Top = 168
+    Width = 194
+    Height = 105
     Caption = 'Session Shadowing Mode'
     Items.Strings = (
       'Disable Shadowing'
-      'Shadowing will request user permission'
-      'Shadowing sessions immediately')
-    TabOrder = 6
+      'Full access with user'#39's permission'
+      'Full access without permission'
+      'View only with user'#39's permission'
+      'View only without permission')
+    TabOrder = 3
     OnClick = cbAllowTSConnectionsClick
   end
-  object seRDPPort: TSpinEdit
-    Left = 256
-    Top = 19
-    Width = 62
-    Height = 22
-    MaxValue = 65535
-    MinValue = 0
+  object bLicense: TButton
+    Left = 283
+    Top = 281
+    Width = 87
+    Height = 25
+    Caption = 'View license...'
     TabOrder = 7
-    Value = 0
-    OnChange = seRDPPortChange
+    OnClick = bLicenseClick
+  end
+  object gbDiag: TGroupBox
+    Left = 8
+    Top = 6
+    Width = 388
+    Height = 77
+    Caption = 'Diagnostics'
+    TabOrder = 0
+    object lListener: TLabel
+      Left = 11
+      Top = 55
+      Width = 70
+      Height = 13
+      Caption = 'Listener state:'
+    end
+    object lService: TLabel
+      Left = 11
+      Top = 36
+      Width = 67
+      Height = 13
+      Caption = 'Service state:'
+    end
+    object lsListener: TLabel
+      Left = 91
+      Top = 55
+      Width = 44
+      Height = 13
+      Caption = 'Unknown'
+    end
+    object lsService: TLabel
+      Left = 91
+      Top = 36
+      Width = 44
+      Height = 13
+      Caption = 'Unknown'
+    end
+    object lsTSVer: TLabel
+      Left = 226
+      Top = 36
+      Width = 44
+      Height = 13
+      Caption = 'Unknown'
+    end
+    object lsWrapper: TLabel
+      Left = 91
+      Top = 17
+      Width = 44
+      Height = 13
+      Caption = 'Unknown'
+    end
+    object lsWrapVer: TLabel
+      Left = 226
+      Top = 17
+      Width = 44
+      Height = 13
+      Caption = 'Unknown'
+    end
+    object lTSVer: TLabel
+      Left = 202
+      Top = 36
+      Width = 20
+      Height = 13
+      Caption = 'ver.'
+    end
+    object lWrapper: TLabel
+      Left = 11
+      Top = 17
+      Width = 74
+      Height = 13
+      Caption = 'Wrapper state:'
+    end
+    object lWrapVer: TLabel
+      Left = 202
+      Top = 17
+      Width = 20
+      Height = 13
+      Caption = 'ver.'
+    end
+    object lsSuppVer: TLabel
+      Left = 202
+      Top = 55
+      Width = 70
+      Height = 13
+      Caption = '[support level]'
+    end
+  end
+  object gbGeneral: TGroupBox
+    Left = 8
+    Top = 89
+    Width = 188
+    Height = 184
+    Caption = 'General Settings'
+    TabOrder = 1
+    object lRDPPort: TLabel
+      Left = 8
+      Top = 44
+      Width = 47
+      Height = 13
+      Caption = 'RDP port:'
+    end
+    object cbAllowTSConnections: TCheckBox
+      Left = 8
+      Top = 18
+      Width = 132
+      Height = 17
+      Caption = 'Enable Remote Desktop'
+      TabOrder = 0
+      OnClick = cbAllowTSConnectionsClick
+    end
+    object cbSingleSessionPerUser: TCheckBox
+      Left = 8
+      Top = 69
+      Width = 129
+      Height = 17
+      Caption = 'Single session per user'
+      TabOrder = 2
+      OnClick = cbAllowTSConnectionsClick
+    end
+    object cbHideUsers: TCheckBox
+      Left = 8
+      Top = 92
+      Width = 149
+      Height = 17
+      Caption = 'Hide users on logon screen'
+      TabOrder = 3
+      OnClick = cbAllowTSConnectionsClick
+    end
+    object seRDPPort: TSpinEdit
+      Left = 61
+      Top = 41
+      Width = 62
+      Height = 22
+      MaxValue = 65535
+      MinValue = 0
+      TabOrder = 1
+      Value = 0
+      OnChange = seRDPPortChange
+    end
+    object cbCustomPrg: TCheckBox
+      Left = 8
+      Top = 115
+      Width = 169
+      Height = 17
+      Caption = 'Allow to start custom programs'
+      TabOrder = 4
+      OnClick = cbAllowTSConnectionsClick
+    end
+  end
+  object Timer: TTimer
+    Interval = 250
+    OnTimer = TimerTimer
+    Left = 352
+    Top = 27
   end
 end
diff --git a/src-rdpconfig/MainUnit.pas b/src-rdpconfig/MainUnit.pas
index 5d7a033..48aa051 100644
--- a/src-rdpconfig/MainUnit.pas
+++ b/src-rdpconfig/MainUnit.pas
@@ -1,10 +1,26 @@
+{
+  Copyright 2017 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
 unit MainUnit;
 
 interface
 
 uses
   Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
-  Dialogs, StdCtrls, Spin, ExtCtrls, Registry;
+  Dialogs, StdCtrls, Spin, ExtCtrls, Registry, WinSvc;
 
 type
   TMainForm = class(TForm)
@@ -17,6 +33,23 @@ type
     rgShadow: TRadioGroup;
     seRDPPort: TSpinEdit;
     lRDPPort: TLabel;
+    lService: TLabel;
+    lListener: TLabel;
+    lWrapper: TLabel;
+    lsListener: TLabel;
+    lsService: TLabel;
+    lsWrapper: TLabel;
+    Timer: TTimer;
+    lTSVer: TLabel;
+    lsTSVer: TLabel;
+    lWrapVer: TLabel;
+    lsWrapVer: TLabel;
+    bLicense: TButton;
+    gbDiag: TGroupBox;
+    lsSuppVer: TLabel;
+    cbHideUsers: TCheckBox;
+    gbGeneral: TGroupBox;
+    cbCustomPrg: TCheckBox;
     procedure FormCreate(Sender: TObject);
     procedure cbAllowTSConnectionsClick(Sender: TObject);
     procedure seRDPPortChange(Sender: TObject);
@@ -24,22 +57,305 @@ type
     procedure bCancelClick(Sender: TObject);
     procedure bOKClick(Sender: TObject);
     procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);
+    procedure bLicenseClick(Sender: TObject);
+    procedure TimerTimer(Sender: TObject);
+    procedure FormDestroy(Sender: TObject);
   private
     { Private declarations }
   public
     { Public declarations }
+    function ExecWait(Cmdline: String): Boolean;
     procedure ReadSettings;
     procedure WriteSettings;
   end;
+  FILE_VERSION = record
+    Version: record case Boolean of
+      True: (dw: DWORD);
+      False: (w: record
+        Minor, Major: Word;
+      end;)
+    end;
+    Release, Build: Word;
+    bDebug, bPrerelease, bPrivate, bSpecial: Boolean;
+  end;
+  WTS_SESSION_INFOW = record
+    SessionId: DWORD;
+    Name: packed array [0..33] of WideChar;
+    State: DWORD;
+  end;
+  WTS_SESSION = Array[0..0] of WTS_SESSION_INFOW;
+  PWTS_SESSION_INFOW = ^WTS_SESSION;
 
+const
+  winstadll = 'winsta.dll';
 var
   MainForm: TMainForm;
   Ready: Boolean = False;
+  Arch: Byte;
+  OldWow64RedirectionValue: LongBool;
+  OldPort: Word;
+  INI: String;
+
+function WinStationEnumerateW(hServer: THandle;
+  var ppSessionInfo: PWTS_SESSION_INFOW; var pCount: DWORD): BOOL; stdcall;
+  external winstadll name 'WinStationEnumerateW';
+function WinStationFreeMemory(P: Pointer): BOOL; stdcall; external winstadll;
 
 implementation
 
 {$R *.dfm}
-{$R manifest.res}
+{$R resource.res}
+
+uses
+  LicenseUnit;
+
+function ExpandPath(Path: String): String;
+var
+  Str: Array[0..511] of Char;
+begin
+  Result := '';
+  FillChar(Str, 512, 0);
+  if Arch = 64 then
+    Path := StringReplace(Path, '%ProgramFiles%', '%ProgramW6432%', [rfReplaceAll, rfIgnoreCase]);
+  if ExpandEnvironmentStrings(PWideChar(Path), Str, 512) > 0 then
+    Result := Str;
+end;
+
+function DisableWowRedirection: Boolean;
+type
+  TFunc = function(var Wow64FsEnableRedirection: LongBool): LongBool; stdcall;
+var
+  hModule: THandle;
+  Wow64DisableWow64FsRedirection: TFunc;
+begin
+  Result := False;
+  hModule := GetModuleHandle(kernel32);
+  if hModule <> 0 then
+    Wow64DisableWow64FsRedirection := GetProcAddress(hModule, 'Wow64DisableWow64FsRedirection')
+  else
+    Exit;
+  if @Wow64DisableWow64FsRedirection <> nil then
+    Result := Wow64DisableWow64FsRedirection(OldWow64RedirectionValue);
+end;
+
+function RevertWowRedirection: Boolean;
+type
+  TFunc = function(var Wow64RevertWow64FsRedirection: LongBool): LongBool; stdcall;
+var
+  hModule: THandle;
+  Wow64RevertWow64FsRedirection: TFunc;
+begin
+  Result := False;
+  hModule := GetModuleHandle(kernel32);
+  if hModule <> 0 then
+    Wow64RevertWow64FsRedirection := GetProcAddress(hModule, 'Wow64RevertWow64FsRedirection')
+  else
+    Exit;
+  if @Wow64RevertWow64FsRedirection <> nil then
+    Result := Wow64RevertWow64FsRedirection(OldWow64RedirectionValue);
+end;
+
+function GetFileVersion(const FileName: TFileName; var FileVersion: FILE_VERSION): Boolean;
+type
+  VS_VERSIONINFO = record
+    wLength, wValueLength, wType: Word;
+    szKey: Array[1..16] of WideChar;
+    Padding1: Word;
+    Value: VS_FIXEDFILEINFO;
+    Padding2, Children: Word;
+  end;
+  PVS_VERSIONINFO = ^VS_VERSIONINFO;
+const
+  VFF_DEBUG = 1;
+  VFF_PRERELEASE = 2;
+  VFF_PRIVATE = 8;
+  VFF_SPECIAL = 32;
+var
+  hFile: HMODULE;
+  hResourceInfo: HRSRC;
+  VersionInfo: PVS_VERSIONINFO;
+begin
+  Result := False;
+
+  hFile := LoadLibraryEx(PWideChar(FileName), 0, LOAD_LIBRARY_AS_DATAFILE);
+  if hFile = 0 then
+    Exit;
+
+  hResourceInfo := FindResource(hFile, PWideChar(1), PWideChar($10));
+  if hResourceInfo = 0 then
+    Exit;
+
+  VersionInfo := Pointer(LoadResource(hFile, hResourceInfo));
+  if VersionInfo = nil then
+    Exit;
+
+  FileVersion.Version.dw := VersionInfo.Value.dwFileVersionMS;
+  FileVersion.Release := Word(VersionInfo.Value.dwFileVersionLS shr 16);
+  FileVersion.Build := Word(VersionInfo.Value.dwFileVersionLS);
+  FileVersion.bDebug := (VersionInfo.Value.dwFileFlags and VFF_DEBUG) = VFF_DEBUG;
+  FileVersion.bPrerelease := (VersionInfo.Value.dwFileFlags and VFF_PRERELEASE) = VFF_PRERELEASE;
+  FileVersion.bPrivate := (VersionInfo.Value.dwFileFlags and VFF_PRIVATE) = VFF_PRIVATE;
+  FileVersion.bSpecial := (VersionInfo.Value.dwFileFlags and VFF_SPECIAL) = VFF_SPECIAL;
+
+  FreeLibrary(hFile);
+  Result := True;
+end;
+
+function IsWrapperInstalled(var WrapperPath: String): ShortInt;
+var
+  TermServiceHost,
+  TermServicePath: String;
+  Reg: TRegistry;
+begin
+  Result := -1;
+  WrapperPath := '';
+  Reg := TRegistry.Create;
+  Reg.RootKey := HKEY_LOCAL_MACHINE;
+  if not Reg.OpenKeyReadOnly('\SYSTEM\CurrentControlSet\Services\TermService') then begin
+    Reg.Free;
+    Exit;
+  end;
+  TermServiceHost := Reg.ReadString('ImagePath');
+  Reg.CloseKey;
+  if Pos('svchost.exe', LowerCase(TermServiceHost)) = 0 then
+  begin
+    Result := 2;
+    Reg.Free;
+    Exit;
+  end;
+  if not Reg.OpenKeyReadOnly('\SYSTEM\CurrentControlSet\Services\TermService\Parameters') then
+  begin
+    Reg.Free;
+    Exit;
+  end;
+  TermServicePath := Reg.ReadString('ServiceDll');
+  Reg.CloseKey;
+  Reg.Free;
+  if (Pos('termsrv.dll', LowerCase(TermServicePath)) = 0)
+  and (Pos('rdpwrap.dll', LowerCase(TermServicePath)) = 0) then
+  begin
+    Result := 2;
+    Exit;
+  end;
+
+  if Pos('rdpwrap.dll', LowerCase(TermServicePath)) > 0 then begin
+    WrapperPath := TermServicePath;
+    Result := 1;
+  end else
+    Result := 0;
+end;
+
+function GetTermSrvState: ShortInt;
+type
+  SERVICE_STATUS_PROCESS = record
+    dwServiceType,
+    dwCurrentState,
+    dwControlsAccepted,
+    dwWin32ExitCode,
+    dwServiceSpecificExitCode,
+    dwCheckPoint,
+    dwWaitHint,
+    dwProcessId,
+    dwServiceFlags: DWORD;
+  end;
+  PSERVICE_STATUS_PROCESS = ^SERVICE_STATUS_PROCESS;
+const
+  SvcName = 'TermService';
+var
+  hSC: SC_HANDLE;
+  hSvc: THandle;
+  lpServiceStatusProcess: PSERVICE_STATUS_PROCESS;
+  Buf: Pointer;
+  cbBufSize, pcbBytesNeeded: Cardinal;
+begin
+  Result := -1;
+  hSC := OpenSCManager(nil, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CONNECT);
+  if hSC = 0 then
+    Exit;
+
+  hSvc := OpenService(hSC, PWideChar(SvcName), SERVICE_QUERY_STATUS);
+  if hSvc = 0 then
+  begin
+    CloseServiceHandle(hSC);
+    Exit;
+  end;
+
+  if QueryServiceStatusEx(hSvc, SC_STATUS_PROCESS_INFO, nil, 0, pcbBytesNeeded) then
+    Exit;
+
+  cbBufSize := pcbBytesNeeded;
+  GetMem(Buf, cbBufSize);
+
+  if not QueryServiceStatusEx(hSvc, SC_STATUS_PROCESS_INFO, Buf, cbBufSize, pcbBytesNeeded) then begin
+    FreeMem(Buf, cbBufSize);
+    CloseServiceHandle(hSvc);
+    CloseServiceHandle(hSC);
+    Exit;
+  end else begin
+    lpServiceStatusProcess := Buf;
+    Result := ShortInt(lpServiceStatusProcess^.dwCurrentState);
+  end;
+  FreeMem(Buf, cbBufSize);
+  CloseServiceHandle(hSvc);
+  CloseServiceHandle(hSC);
+end;
+
+function IsListenerWorking: Boolean;
+var
+  pCount: DWORD;
+  SessionInfo: PWTS_SESSION_INFOW;
+  I: Integer;
+begin
+  Result := False;
+  if not WinStationEnumerateW(0, SessionInfo, pCount) then
+    Exit;
+  for I := 0 to pCount - 1 do
+    if SessionInfo^[I].Name = 'RDP-Tcp' then begin
+      Result := True;
+      Break;
+    end;
+  WinStationFreeMemory(SessionInfo);
+end;
+
+function ExtractResText(ResName: String): String;
+var
+  ResStream: TResourceStream;
+  Str: TStringList;
+begin
+  ResStream := TResourceStream.Create(HInstance, ResName, RT_RCDATA);
+  Str := TStringList.Create;
+  try
+    Str.LoadFromStream(ResStream);
+  except
+
+  end;
+  ResStream.Free;
+  Result := Str.Text;
+  Str.Free;
+end;
+
+function TMainForm.ExecWait(Cmdline: String): Boolean;
+var
+  si: STARTUPINFO;
+  pi: PROCESS_INFORMATION;
+begin
+  Result := False;
+  ZeroMemory(@si, sizeof(si));
+  si.cb := sizeof(si);
+  si.dwFlags := STARTF_USESHOWWINDOW;
+  si.wShowWindow := SW_HIDE;
+  UniqueString(Cmdline);
+  if not CreateProcess(nil, PWideChar(Cmdline), nil, nil, True, 0, nil, nil, si, pi) then begin
+    MessageBox(Handle,
+      PWideChar('CreateProcess error (code: ' + IntToStr(GetLastError) + ').'),
+      'Error', MB_ICONERROR or MB_OK);
+    Exit;
+  end;
+  CloseHandle(pi.hThread);
+  WaitForSingleObject(pi.hProcess, INFINITE);
+  CloseHandle(pi.hProcess);
+  Result := True;
+end;
 
 procedure TMainForm.ReadSettings;
 var
@@ -58,6 +374,11 @@ begin
     cbSingleSessionPerUser.Checked := Reg.ReadBool('fSingleSessionPerUser');
   except
 
+  end;
+  try
+    cbCustomPrg.Checked := Reg.ReadBool('HonorLegacySettings');
+  except
+
   end;
   Reg.CloseKey;
 
@@ -68,6 +389,7 @@ begin
   except
 
   end;
+  OldPort := seRDPPort.Value;
   SecurityLayer := 0;
   UserAuthentication := 0;
   try
@@ -86,6 +408,13 @@ begin
     rgShadow.ItemIndex := Reg.ReadInteger('Shadow');
   except
 
+  end;
+  Reg.CloseKey;
+  Reg.OpenKeyReadOnly('\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System');
+  try
+    cbHideUsers.Checked := Reg.ReadBool('dontdisplaylastusername');
+  except
+
   end;
   Reg.CloseKey;
   Reg.Free;
@@ -108,6 +437,11 @@ begin
     Reg.WriteBool('fSingleSessionPerUser', cbSingleSessionPerUser.Checked);
   except
 
+  end;
+  try
+    Reg.WriteBool('HonorLegacySettings', cbCustomPrg.Checked);
+  except
+
   end;
   Reg.CloseKey;
 
@@ -116,6 +450,11 @@ begin
     Reg.WriteInteger('PortNumber', seRDPPort.Value);
   except
 
+  end;
+  if OldPort <> seRDPPort.Value then
+  begin
+    OldPort := seRDPPort.Value;
+    ExecWait('netsh advfirewall firewall set rule name="Remote Desktop" new localport=' + IntToStr(OldPort));
   end;
   case rgNLA.ItemIndex of
     0: begin
@@ -149,11 +488,175 @@ begin
     except
 
     end;
+  end;
+  Reg.CloseKey;
+  Reg.OpenKey('\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services', True);
+  if rgShadow.ItemIndex >= 0 then begin
+    try
+      Reg.WriteInteger('Shadow', rgShadow.ItemIndex);
+    except
+
+    end;
+  end;
+  Reg.CloseKey;
+  Reg.OpenKey('\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System', True);
+  try
+    Reg.WriteBool('dontdisplaylastusername', cbHideUsers.Checked);
+  except
+
   end;
   Reg.CloseKey;
   Reg.Free;
 end;
 
+function CheckSupport(FV: FILE_VERSION): Byte;
+var
+  VerTxt: String;
+begin
+  Result := 0;
+  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 0) then
+    Result := 1;
+  if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then
+    Result := 1;
+  VerTxt := Format('%d.%d.%d.%d',
+  [FV.Version.w.Major, FV.Version.w.Minor, FV.Release, FV.Build]);
+  if Pos('[' + VerTxt + ']', INI) > 0 then
+    Result := 2;
+end;
+
+procedure TMainForm.TimerTimer(Sender: TObject);
+var
+  WrapperPath, INIPath: String;
+  FV: FILE_VERSION;
+  L: TStringList;
+  CheckSupp: Boolean;
+begin
+  CheckSupp := False;
+  case IsWrapperInstalled(WrapperPath) of
+    -1: begin
+      lsWrapper.Caption := 'Unknown';
+      lsWrapper.Font.Color := clGrayText;
+    end;
+    0: begin
+      lsWrapper.Caption := 'Not installed';
+      lsWrapper.Font.Color := clGrayText;
+    end;
+    1: begin
+      lsWrapper.Caption := 'Installed';
+      lsWrapper.Font.Color := clGreen;
+      CheckSupp := True;
+      INIPath := ExtractFilePath(ExpandPath(WrapperPath)) + 'rdpwrap.ini';
+      if not FileExists(INIPath) then
+        CheckSupp := False;
+    end;
+    2: begin
+      lsWrapper.Caption := '3rd-party';
+      lsWrapper.Font.Color := clRed;
+    end;
+  end;
+  case GetTermSrvState of
+    -1, 0: begin
+      lsService.Caption := 'Unknown';
+      lsService.Font.Color := clGrayText;
+    end;
+    SERVICE_STOPPED: begin
+      lsService.Caption := 'Stopped';
+      lsService.Font.Color := clRed;
+    end;
+    SERVICE_START_PENDING: begin
+      lsService.Caption := 'Starting...';
+      lsService.Font.Color := clGrayText;
+    end;
+    SERVICE_STOP_PENDING: begin
+      lsService.Caption := 'Stopping...';
+      lsService.Font.Color := clGrayText;
+    end;
+    SERVICE_RUNNING: begin
+      lsService.Caption := 'Running';
+      lsService.Font.Color := clGreen;
+    end;
+    SERVICE_CONTINUE_PENDING: begin
+      lsService.Caption := 'Resuming...';
+      lsService.Font.Color := clGrayText;
+    end;
+    SERVICE_PAUSE_PENDING: begin
+      lsService.Caption := 'Suspending...';
+      lsService.Font.Color := clGrayText;
+    end;
+    SERVICE_PAUSED: begin
+      lsService.Caption := 'Suspended';
+      lsService.Font.Color := clWindowText;
+    end;
+  end;
+  if IsListenerWorking then begin
+    lsListener.Caption := 'Listening';
+    lsListener.Font.Color := clGreen;
+  end else begin
+    lsListener.Caption := 'Not listening';
+    lsListener.Font.Color := clRed;
+  end;
+  if WrapperPath = '' then begin
+    lsWrapVer.Caption := 'N/A';
+    lsWrapVer.Font.Color := clGrayText;
+  end else
+    if not GetFileVersion(ExpandPath(WrapperPath), FV) then begin
+      lsWrapVer.Caption := 'N/A';
+      lsWrapVer.Font.Color := clGrayText;
+    end else begin
+      lsWrapVer.Caption :=
+      IntToStr(FV.Version.w.Major)+'.'+
+      IntToStr(FV.Version.w.Minor)+'.'+
+      IntToStr(FV.Release)+'.'+
+      IntToStr(FV.Build);
+      lsWrapVer.Font.Color := clWindowText;
+    end;
+  if not GetFileVersion('termsrv.dll', FV) then begin
+    lsTSVer.Caption := 'N/A';
+    lsTSVer.Font.Color := clGrayText;
+  end else begin
+    lsTSVer.Caption :=
+    IntToStr(FV.Version.w.Major)+'.'+
+    IntToStr(FV.Version.w.Minor)+'.'+
+    IntToStr(FV.Release)+'.'+
+    IntToStr(FV.Build);
+    lsTSVer.Font.Color := clWindowText;
+    lsSuppVer.Visible := CheckSupp;
+    if CheckSupp then begin
+      if INI = '' then begin
+        L := TStringList.Create;
+        try
+          L.LoadFromFile(INIPath);
+        except
+
+        end;
+        INI := L.Text;
+        L.Free;
+      end;
+      case CheckSupport(FV) of
+        0: begin
+          lsSuppVer.Caption := '[not supported]';
+          lsSuppVer.Font.Color := clRed;
+        end;
+        1: begin
+          lsSuppVer.Caption := '[supported partially]';
+          lsSuppVer.Font.Color := clOlive;
+        end;
+        2: begin
+          lsSuppVer.Caption := '[fully supported]';
+          lsSuppVer.Font.Color := clGreen;
+        end;
+      end;
+    end;
+  end;
+end;
+
+procedure TMainForm.bLicenseClick(Sender: TObject);
+begin
+  LicenseForm.mText.Text := ExtractResText('LICENSE');
+  if LicenseForm.ShowModal <> mrOk then
+    Halt(0);
+end;
+
 procedure TMainForm.cbAllowTSConnectionsClick(Sender: TObject);
 begin
   if Ready then
@@ -167,11 +670,28 @@ begin
 end;
 
 procedure TMainForm.FormCreate(Sender: TObject);
+var
+  SI: TSystemInfo;
 begin
+  GetNativeSystemInfo(SI);
+  case SI.wProcessorArchitecture of
+    0: Arch := 32;
+    6: Arch := 64; // Itanium-based x64
+    9: Arch := 64; // Intel/AMD x64
+    else Arch := 0;
+  end;
+  if Arch = 64 then
+    DisableWowRedirection;
   ReadSettings;
   Ready := True;
 end;
 
+procedure TMainForm.FormDestroy(Sender: TObject);
+begin
+  if Arch = 64 then
+    RevertWowRedirection;
+end;
+
 procedure TMainForm.FormCloseQuery(Sender: TObject; var CanClose: Boolean);
 begin
   if bApply.Enabled then
diff --git a/src-rdpconfig/RDPConf.dpr b/src-rdpconfig/RDPConf.dpr
index 2076e60..3fd645f 100644
--- a/src-rdpconfig/RDPConf.dpr
+++ b/src-rdpconfig/RDPConf.dpr
@@ -1,8 +1,25 @@
+{
+  Copyright 2014 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
 program RDPConf;
 
 uses
   Forms,
-  MainUnit in 'MainUnit.pas' {MainForm};
+  MainUnit in 'MainUnit.pas' {MainForm},
+  LicenseUnit in 'LicenseUnit.pas' {LicenseForm};
 
 {$R *.res}
 
@@ -11,5 +28,6 @@ begin
   Application.MainFormOnTaskbar := True;
   Application.Title := 'Remote Desktop Protocol Configuration';
   Application.CreateForm(TMainForm, MainForm);
+  Application.CreateForm(TLicenseForm, LicenseForm);
   Application.Run;
 end.
diff --git a/src-rdpconfig/RDPConf.dproj b/src-rdpconfig/RDPConf.dproj
index e333e60..aa9ab96 100644
--- a/src-rdpconfig/RDPConf.dproj
+++ b/src-rdpconfig/RDPConf.dproj
@@ -20,8 +20,9 @@
 			<Base>true</Base>
 		</PropertyGroup>
 		<PropertyGroup Condition="'$(Base)'!=''">
+			<DCC_ExeOutput>..\bin\</DCC_ExeOutput>
 			<DCC_UnitAlias>WinTypes=Windows;WinProcs=Windows;DbiTypes=BDE;DbiProcs=BDE;DbiErrs=BDE;$(DCC_UnitAlias)</DCC_UnitAlias>
-			<DCC_DependencyCheckOutputName>RDPConf.exe</DCC_DependencyCheckOutputName>
+			<DCC_DependencyCheckOutputName>..\bin\RDPConf.exe</DCC_DependencyCheckOutputName>
 			<DCC_ImageBase>00400000</DCC_ImageBase>
 			<DCC_Platform>x86</DCC_Platform>
 		</PropertyGroup>
@@ -41,17 +42,20 @@
 			<DCCReference Include="MainUnit.pas">
 				<Form>MainForm</Form>
 			</DCCReference>
+			<DCCReference Include="LicenseUnit.pas">
+				<Form>LicenseForm</Form>
+			</DCCReference>
 			<BuildConfiguration Include="Base">
 				<Key>Base</Key>
 			</BuildConfiguration>
-			<BuildConfiguration Include="Debug">
-				<Key>Cfg_2</Key>
-				<CfgParent>Base</CfgParent>
-			</BuildConfiguration>
 			<BuildConfiguration Include="Release">
 				<Key>Cfg_1</Key>
 				<CfgParent>Base</CfgParent>
 			</BuildConfiguration>
+			<BuildConfiguration Include="Debug">
+				<Key>Cfg_2</Key>
+				<CfgParent>Base</CfgParent>
+			</BuildConfiguration>
 		</ItemGroup>
 		<Import Project="$(BDS)\Bin\CodeGear.Delphi.Targets" Condition="Exists('$(BDS)\Bin\CodeGear.Delphi.Targets')"/>
 		<ProjectExtensions>
diff --git a/src-rdpconfig/RDPConf.res b/src-rdpconfig/RDPConf.res
index db065ef..f987dd9 100644
Binary files a/src-rdpconfig/RDPConf.res and b/src-rdpconfig/RDPConf.res differ
diff --git a/src-rdpconfig/manifest.res b/src-rdpconfig/manifest.res
deleted file mode 100644
index 82e8f47..0000000
Binary files a/src-rdpconfig/manifest.res and /dev/null differ
diff --git a/src-rdpconfig/resource.res b/src-rdpconfig/resource.res
new file mode 100644
index 0000000..68f82f2
Binary files /dev/null and b/src-rdpconfig/resource.res differ
diff --git a/src-x86-binarymaster/LiteINI.pas b/src-x86-binarymaster/LiteINI.pas
new file mode 100644
index 0000000..08d144d
--- /dev/null
+++ b/src-x86-binarymaster/LiteINI.pas
@@ -0,0 +1,375 @@
+{
+  Copyright 2014 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
+unit LiteINI;
+
+interface
+
+uses
+  SysUtils;
+
+type
+  SList = Array of String;
+  INIValue = record
+    Name: String;
+    Value: String;
+  end;
+  INISection = record
+    Name: String;
+    Values: Array of INIValue;
+  end;
+  INIFile = Array of INISection;
+
+procedure SListClear(var List: SList);
+function SListAppend(var List: SList; S: String): Integer;
+function SListFind(List: SList; Value: String): Integer;
+function INIFindSection(INI: INIFile; Section: String): Integer;
+function INIFindValue(INI: INIFile; Section: Integer; Value: String): Integer;
+function INIAddSection(var INI: INIFile; Section: String): Integer;
+function INIAddValue(var INI: INIFile; Section: Integer; ValueName, Value: String): Integer;
+procedure INIUnload(var INI: INIFile);
+procedure INILoad(var INI: INIFile; FileName: String);
+function INISectionExists(INI: INIFile; Section: String): Boolean;
+function INIValueExists(INI: INIFile; Section: String; Value: String): Boolean;
+function INIReadSectionLowAPI(INI: INIFile; Section: Integer; var List: SList): Boolean;
+function INIReadSection(INI: INIFile; Section: String): SList;
+function INIReadStringLowAPI(INI: INIFile; Section, Value: Integer; var Str: String): Boolean;
+function INIReadString(INI: INIFile; Section, Value, Default: String): String;
+function INIReadInt(INI: INIFile; Section, Value: String; Default: Integer): Integer;
+function INIReadDWord(INI: INIFile; Section, Value: String; Default: Cardinal): Cardinal;
+function INIReadIntHex(INI: INIFile; Section, Value: String; Default: Integer): Integer;
+function INIReadDWordHex(INI: INIFile; Section, Value: String; Default: Cardinal): Cardinal;
+function INIReadBool(INI: INIFile; Section, Value: String; Default: Boolean): Boolean;
+function INIReadBytes(INI: INIFile; Section, Value: String): TBytes;
+function INIReadBytesDef(INI: INIFile; Section, Value: String; Default: TBytes): TBytes;
+
+implementation
+
+procedure SListClear(var List: SList);
+begin
+  SetLength(List, 0);
+end;
+
+function SListAppend(var List: SList; S: String): Integer;
+begin
+  SetLength(List, Length(List) + 1);
+  List[Length(List) - 1] := S;
+  Result := Length(List) - 1;
+end;
+
+function SListFind(List: SList; Value: String): Integer;
+var
+  I: Integer;
+begin
+  Result := -1;
+  for I := 0 to Length(List) - 1 do
+    if List[I] = Value then begin
+      Result := I;
+      Break;
+    end;
+end;
+
+function INIFindSection(INI: INIFile; Section: String): Integer;
+var
+  I: Integer;
+begin
+  Result := -1;
+  for I := 0 to Length(INI) - 1 do
+    if INI[I].Name = Section then begin
+      Result := I;
+      Exit;
+    end;
+end;
+
+function INIFindValue(INI: INIFile; Section: Integer; Value: String): Integer;
+var
+  I: Integer;
+begin
+  Result := -1;
+  if (Section < 0) or (Section >= Length(INI)) then
+    Exit;
+  for I := 0 to Length(INI[Section].Values) - 1 do
+    if INI[Section].Values[I].Name = Value then begin
+      Result := I;
+      Exit;
+    end;
+end;
+
+function INIAddSection(var INI: INIFile; Section: String): Integer;
+begin
+  Result := INIFindSection(INI, Section);
+  if Result >= 0 then
+    Exit;
+  Result := Length(INI);
+  SetLength(INI, Result + 1);
+  INI[Result].Name := Section;
+  SetLength(INI[Result].Values, 0);
+end;
+
+function INIAddValue(var INI: INIFile; Section: Integer; ValueName, Value: String): Integer;
+var
+  I: Integer;
+begin
+  Result := -1;
+  if (Section < 0) or (Section >= Length(INI)) then
+    Exit;
+  I := INIFindValue(INI, Section, ValueName);
+  if I = -1 then begin
+    Result := Length(INI[Section].Values);
+    SetLength(INI[Section].Values, Result + 1);
+    INI[Section].Values[Result].Name := ValueName;
+    INI[Section].Values[Result].Value := Value;
+  end else begin
+    INI[Section].Values[I].Value := Value;
+    Result := I;
+  end;
+end;
+
+procedure INIUnload(var INI: INIFile);
+begin
+  SetLength(INI, 0);
+end;
+
+procedure INILoad(var INI: INIFile; FileName: String);
+var
+  F: TextFile;
+  S, ValueName, Value: String;
+  INIList: SList;
+  I, Sect: Integer;
+begin
+  INIUnload(INI);
+  if not FileExists(FileName) then
+    Exit;
+  AssignFile(F, FileName);
+  Reset(F);
+  // Read and filter lines
+  while not EOF(F) do begin
+    Readln(F, S);
+    if (Pos(';', S) <> 1)
+    and (Pos('#', S) <> 1)
+    and (
+      ((Pos('[', S) > 0) and (Pos(']', S) > 0)) or
+      (Pos('=', S) > 0)
+    )
+    then
+      SListAppend(INIList, S);
+  end;
+  CloseFile(F);
+  // Parse 2 (parse format)
+  Sect := -1;
+  for I := 0 to Length(INIList) - 1 do begin
+    S := Trim(INIList[I]);
+    if Length(S) >= 2 then
+      if (S[1] = '[') and (S[Length(S)] = ']') then begin
+        S := Trim(Copy(S, 2, Length(S) - 2));
+        Sect := INIAddSection(INI, S);
+        Continue;
+      end;
+    S := INIList[I];
+    if Pos('=', S) > 0 then begin
+      ValueName := Trim(Copy(S, 1, Pos('=', S) - 1));
+      Value := Copy(S, Pos('=', S) + 1, Length(S) - Pos('=', S));
+      if Sect = -1 then
+        Sect := INIAddSection(INI, '');
+      INIAddValue(INI, Sect, ValueName, Value);
+    end;
+  end;
+end;
+
+function INISectionExists(INI: INIFile; Section: String): Boolean;
+begin
+  Result := INIFindSection(INI, Section) > -1;
+end;
+
+function INIValueExists(INI: INIFile; Section: String; Value: String): Boolean;
+var
+  Sect: Integer;
+begin
+  Sect := INIFindSection(INI, Section);
+  Result := INIFindValue(INI, Sect, Value) > -1;
+end;
+
+function INIReadSectionLowAPI(INI: INIFile; Section: Integer; var List: SList): Boolean;
+var
+  I: Integer;
+begin
+  Result := False;
+  SetLength(List, 0);
+  if (Section < 0) or (Section >= Length(INI)) then
+    Exit;
+  for I := 0 to Length(INI[Section].Values) - 1 do
+    SListAppend(List, INI[Section].Values[I].Name);
+  Result := True;
+end;
+
+function INIReadSection(INI: INIFile; Section: String): SList;
+var
+  Sect: Integer;
+begin
+  Sect := INIFindSection(INI, Section);
+  INIReadSectionLowAPI(INI, Sect, Result);
+end;
+
+function INIReadStringLowAPI(INI: INIFile; Section, Value: Integer; var Str: String): Boolean;
+begin
+  Result := False;
+  if (Section < 0) or (Section >= Length(INI)) then
+    Exit;
+  if (Value < 0) or (Value >= Length(INI[Section].Values)) then
+    Exit;
+  Str := INI[Section].Values[Value].Value;
+  Result := True;
+end;
+
+function INIReadString(INI: INIFile; Section, Value, Default: String): String;
+var
+  Sect, Val: Integer;
+begin
+  Sect := INIFindSection(INI, Section);
+  Val := INIFindValue(INI, Sect, Value);
+  if not INIReadStringLowAPI(INI, Sect, Val, Result) then
+    Result := Default;
+end;
+
+function INIReadInt(INI: INIFile; Section, Value: String; Default: Integer): Integer;
+var
+  S: String;
+  E: Integer;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  Val(S, Result, E);
+  if E <> 0 then
+    Result := Default;
+end;
+
+function INIReadDWord(INI: INIFile; Section, Value: String; Default: Cardinal): Cardinal;
+var
+  S: String;
+  E: Integer;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  Val(S, Result, E);
+  if E <> 0 then
+    Result := Default;
+end;
+
+function INIReadIntHex(INI: INIFile; Section, Value: String; Default: Integer): Integer;
+var
+  S: String;
+  E: Integer;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  Val('$'+S, Result, E);
+  if E <> 0 then
+    Result := Default;
+end;
+
+function INIReadDWordHex(INI: INIFile; Section, Value: String; Default: Cardinal): Cardinal;
+var
+  S: String;
+  E: Integer;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  Val('$'+S, Result, E);
+  if E <> 0 then
+    Result := Default;
+end;
+
+function INIReadBool(INI: INIFile; Section, Value: String; Default: Boolean): Boolean;
+var
+  S: String;
+  I: Cardinal;
+  E: Integer;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  Val(S, I, E);
+  if E <> 0 then
+    Result := Default
+  else
+    Result := I > 0;
+end;
+
+function StringToBytes(S: String; var B: TBytes): Boolean;
+var
+  I: Integer;
+begin
+  Result := False;
+  if Odd(Length(S)) then
+    Exit;
+  SetLength(B, Length(S) div 2);
+  for I := 0 to Length(B) - 1 do begin
+    B[I] := 0;
+    case S[(I*2)+2] of
+      '0': ;
+      '1': B[I] := B[I] or $1;
+      '2': B[I] := B[I] or $2;
+      '3': B[I] := B[I] or $3;
+      '4': B[I] := B[I] or $4;
+      '5': B[I] := B[I] or $5;
+      '6': B[I] := B[I] or $6;
+      '7': B[I] := B[I] or $7;
+      '8': B[I] := B[I] or $8;
+      '9': B[I] := B[I] or $9;
+      'A','a': B[I] := B[I] or $A;
+      'B','b': B[I] := B[I] or $B;
+      'C','c': B[I] := B[I] or $C;
+      'D','d': B[I] := B[I] or $D;
+      'E','e': B[I] := B[I] or $E;
+      'F','f': B[I] := B[I] or $F;
+      else Exit;
+    end;
+    case S[(I*2)+1] of
+      '0': ;
+      '1': B[I] := B[I] or $10;
+      '2': B[I] := B[I] or $20;
+      '3': B[I] := B[I] or $30;
+      '4': B[I] := B[I] or $40;
+      '5': B[I] := B[I] or $50;
+      '6': B[I] := B[I] or $60;
+      '7': B[I] := B[I] or $70;
+      '8': B[I] := B[I] or $80;
+      '9': B[I] := B[I] or $90;
+      'A','a': B[I] := B[I] or $A0;
+      'B','b': B[I] := B[I] or $B0;
+      'C','c': B[I] := B[I] or $C0;
+      'D','d': B[I] := B[I] or $D0;
+      'E','e': B[I] := B[I] or $E0;
+      'F','f': B[I] := B[I] or $F0;
+      else Exit;
+    end;
+  end;
+  Result := True;
+end;
+
+function INIReadBytes(INI: INIFile; Section, Value: String): TBytes;
+var
+  S: String;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  if not StringToBytes(S, Result) then
+    SetLength(Result, 0);
+end;
+
+function INIReadBytesDef(INI: INIFile; Section, Value: String; Default: TBytes): TBytes;
+var
+  S: String;
+begin
+  S := INIReadString(INI, Section, Value, '');
+  if not StringToBytes(S, Result) then
+    Result := Default;
+end;
+
+end.
diff --git a/src-x86-binarymaster/rdpwrap.dll b/src-x86-binarymaster/rdpwrap.dll
deleted file mode 100644
index 7594ec4..0000000
Binary files a/src-x86-binarymaster/rdpwrap.dll and /dev/null differ
diff --git a/src-x86-binarymaster/rdpwrap.dpr b/src-x86-binarymaster/rdpwrap.dpr
new file mode 100644
index 0000000..38b85f6
--- /dev/null
+++ b/src-x86-binarymaster/rdpwrap.dpr
@@ -0,0 +1,737 @@
+{
+  Copyright 2014 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+}
+
+library rdpwrap;
+
+uses
+  SysUtils,
+  Windows,
+  TlHelp32,
+  LiteINI;
+
+{$R rdpwrap.res}
+
+// Hook core definitions
+
+type
+  OldCode = packed record
+    One: DWORD;
+    two: Word;
+  end;
+
+  far_jmp = packed record
+    PushOp: Byte;
+    PushArg: Pointer;
+    RetOp: Byte;
+  end;
+
+  mov_far_jmp = packed record
+    MovOp: Byte;
+    MovArg: Byte;
+    PushOp: Byte;
+    PushArg: Pointer;
+    RetOp: Byte;
+  end;
+
+  TTHREADENTRY32 = packed record
+    dwSize: DWORD;
+    cntUsage: DWORD;
+    th32ThreadID: DWORD;
+    th32OwnerProcessID: DWORD;
+    tpBasePri: LongInt;
+    tpDeltaPri: LongInt;
+    dwFlags: DWORD;
+  end;
+  //IntArray = Array of Integer;
+  FILE_VERSION = record
+    Version: record case Boolean of
+      True: (dw: DWORD);
+      False: (w: record
+        Minor, Major: Word;
+      end;)
+    end;
+    Release, Build: Word;
+    bDebug, bPrerelease, bPrivate, bSpecial: Boolean;
+  end;
+
+const
+  THREAD_SUSPEND_RESUME = 2;
+  TH32CS_SNAPTHREAD = 4;
+var
+  INI: INIFile;
+  LogFile: String = '\rdpwrap.txt';
+  bw: {$if CompilerVersion>=16} NativeUInt {$else} DWORD {$endif};
+  IsHooked: Boolean = False;
+
+// Unhooked import
+
+function OpenThread(dwDesiredAccess: DWORD; bInheritHandle: BOOL;
+  dwThreadId: DWORD): DWORD; stdcall; external kernel32;
+
+function CreateToolhelp32Snapshot(dwFlags, th32ProcessID: DWORD): DWORD;
+  stdcall; external kernel32;
+
+function Thread32First(hSnapshot: THandle; var lpte: TTHREADENTRY32): bool;
+  stdcall; external kernel32;
+
+function Thread32Next(hSnapshot: THandle; var lpte: TTHREADENTRY32): bool;
+  stdcall; external kernel32;
+
+// Wrapped import
+
+var
+  TSMain: function(dwArgc: DWORD; lpszArgv: PWideChar): DWORD; stdcall;
+  TSGlobals: function(lpGlobalData: Pointer): DWORD; stdcall;
+
+// Hooked import and vars
+
+var
+  SLGetWindowsInformationDWORD: function(pwszValueName: PWideChar;
+    pdwValue: PDWORD): HRESULT; stdcall;
+  TermSrvBase: Pointer;
+  FV: FILE_VERSION;
+
+var
+  Stub_SLGetWindowsInformationDWORD: far_jmp;
+  Old_SLGetWindowsInformationDWORD: OldCode;
+
+// Main code
+
+procedure WriteLog(S: AnsiString);
+var
+  F: TextFile;
+begin
+  if not FileExists(LogFile) then
+    Exit;
+  AssignFile(F, LogFile);
+  Append(F);
+  Write(F, S+#13#10);
+  CloseFile(F);
+end;
+
+function GetModuleHandleEx(dwFlags: DWORD; lpModuleName: PWideChar;
+  var phModule: HMODULE): BOOL; stdcall; external kernel32 name 'GetModuleHandleExW';
+
+function GetCurrentModule: HMODULE;
+const
+  GET_MODULE_HANDLE_EX_FLAG_PIN = 1;
+  GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT = 2;
+  GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS = 4;
+begin
+  Result := 0;
+  GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, @GetCurrentModule, Result);
+end;
+
+function GetBinaryPath: String;
+var
+  Buf: Array[0..511] of Byte;
+begin
+  ZeroMemory(@Buf[0], Length(Buf));
+  GetModuleFileName(GetCurrentModule, PWideChar(@Buf[0]), Length(Buf));
+  Result := PWideChar(@Buf[0]);
+end;
+
+procedure StopThreads;
+var
+  h, CurrTh, ThrHandle, CurrPr: DWORD;
+  Thread: TTHREADENTRY32;
+begin
+  CurrTh := GetCurrentThreadId;
+  CurrPr := GetCurrentProcessId;
+  h := CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
+  if h <> INVALID_HANDLE_VALUE then
+  begin
+    Thread.dwSize := SizeOf(TTHREADENTRY32);
+    if Thread32First(h, Thread) then
+      repeat
+        if (Thread.th32ThreadID <> CurrTh) and
+          (Thread.th32OwnerProcessID = CurrPr) then
+        begin
+          ThrHandle := OpenThread(THREAD_SUSPEND_RESUME, false,
+            Thread.th32ThreadID);
+          if ThrHandle > 0 then
+          begin
+            SuspendThread(ThrHandle);
+            CloseHandle(ThrHandle);
+          end;
+        end;
+      until not Thread32Next(h, Thread);
+      CloseHandle(h);
+  end;
+end;
+
+procedure RunThreads;
+var
+  h, CurrTh, ThrHandle, CurrPr: DWORD;
+  Thread: TTHREADENTRY32;
+begin
+  CurrTh := GetCurrentThreadId;
+  CurrPr := GetCurrentProcessId;
+  h := CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
+  if h <> INVALID_HANDLE_VALUE then
+  begin
+    Thread.dwSize := SizeOf(TTHREADENTRY32);
+    if Thread32First(h, Thread) then
+      repeat
+        if (Thread.th32ThreadID <> CurrTh) and
+          (Thread.th32OwnerProcessID = CurrPr) then
+        begin
+          ThrHandle := OpenThread(THREAD_SUSPEND_RESUME, false,
+            Thread.th32ThreadID);
+          if ThrHandle > 0 then
+          begin
+            ResumeThread(ThrHandle);
+            CloseHandle(ThrHandle);
+          end;
+        end;
+      until not Thread32Next(h, Thread);
+      CloseHandle(h);
+  end;
+end;
+
+function GetModuleAddress(ModuleName: String; ProcessId: DWORD; var BaseAddr: Pointer; var BaseSize: DWORD): Boolean;
+var
+  hSnap: THandle;
+  md: MODULEENTRY32;
+begin
+  Result := False;
+  hSnap := CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, ProcessId);
+  if hSnap = INVALID_HANDLE_VALUE Then
+    Exit;
+  md.dwSize := SizeOf(MODULEENTRY32);
+  if Module32First(hSnap, md) then
+  begin
+    if LowerCase(ExtractFileName(md.szExePath)) = LowerCase(ModuleName) then
+    begin
+      Result := True;
+      BaseAddr := Pointer(md.modBaseAddr);
+      BaseSize := md.modBaseSize;
+      CloseHandle(hSnap);
+      Exit;
+    end;
+    while Module32Next(hSnap, md) Do
+    begin
+      if LowerCase(ExtractFileName(md.szExePath)) = LowerCase(ModuleName) then
+      begin
+        Result := True;
+        BaseAddr := Pointer(md.modBaseAddr);
+        BaseSize := md.modBaseSize;
+        Break;
+      end;
+    end;
+  end;
+  CloseHandle(hSnap);
+end;
+
+{procedure FindMem(Mem: Pointer; MemSz: DWORD; Buf: Pointer; BufSz: DWORD;
+  From: DWORD; var A: IntArray);
+var
+  I: Integer;
+begin
+  SetLength(A, 0);
+  I:=From;
+  if From>0 then
+    Inc(PByte(Mem), From);
+  while I < MemSz - BufSz + 1 do
+  begin
+    if (not IsBadReadPtr(Mem, BufSz)) and (CompareMem(Mem, Buf, BufSz)) then
+    begin
+      SetLength(A, Length(A)+1);
+      A[Length(A)-1] := I;
+    end;
+    Inc(I);
+    Inc(PByte(Mem));
+  end;
+end;}
+
+function GetModuleVersion(const ModuleName: String; var FileVersion: FILE_VERSION): Boolean;
+type
+  VS_VERSIONINFO = record
+    wLength, wValueLength, wType: Word;
+    szKey: Array[1..16] of WideChar;
+    Padding1: Word;
+    Value: VS_FIXEDFILEINFO;
+    Padding2, Children: Word;
+  end;
+  PVS_VERSIONINFO = ^VS_VERSIONINFO;
+const
+  VFF_DEBUG = 1;
+  VFF_PRERELEASE = 2;
+  VFF_PRIVATE = 8;
+  VFF_SPECIAL = 32;
+var
+  hMod: HMODULE;
+  hResourceInfo: HRSRC;
+  VersionInfo: PVS_VERSIONINFO;
+begin
+  Result := False;
+
+  if ModuleName = '' then
+    hMod := GetModuleHandle(nil)
+  else
+    hMod := GetModuleHandle(PWideChar(ModuleName));
+  if hMod = 0 then
+    Exit;
+
+  hResourceInfo := FindResource(hMod, PWideChar(1), PWideChar($10));
+  if hResourceInfo = 0 then
+    Exit;
+
+  VersionInfo := Pointer(LoadResource(hMod, hResourceInfo));
+  if VersionInfo = nil then
+    Exit;
+
+  FileVersion.Version.dw := VersionInfo.Value.dwFileVersionMS;
+  FileVersion.Release := Word(VersionInfo.Value.dwFileVersionLS shr 16);
+  FileVersion.Build := Word(VersionInfo.Value.dwFileVersionLS);
+  FileVersion.bDebug := (VersionInfo.Value.dwFileFlags and VFF_DEBUG) = VFF_DEBUG;
+  FileVersion.bPrerelease := (VersionInfo.Value.dwFileFlags and VFF_PRERELEASE) = VFF_PRERELEASE;
+  FileVersion.bPrivate := (VersionInfo.Value.dwFileFlags and VFF_PRIVATE) = VFF_PRIVATE;
+  FileVersion.bSpecial := (VersionInfo.Value.dwFileFlags and VFF_SPECIAL) = VFF_SPECIAL;
+
+  Result := True;
+end;
+
+function GetFileVersion(const FileName: String; var FileVersion: FILE_VERSION): Boolean;
+type
+  VS_VERSIONINFO = record
+    wLength, wValueLength, wType: Word;
+    szKey: Array[1..16] of WideChar;
+    Padding1: Word;
+    Value: VS_FIXEDFILEINFO;
+    Padding2, Children: Word;
+  end;
+  PVS_VERSIONINFO = ^VS_VERSIONINFO;
+const
+  VFF_DEBUG = 1;
+  VFF_PRERELEASE = 2;
+  VFF_PRIVATE = 8;
+  VFF_SPECIAL = 32;
+var
+  hFile: HMODULE;
+  hResourceInfo: HRSRC;
+  VersionInfo: PVS_VERSIONINFO;
+begin
+  Result := False;
+
+  hFile := LoadLibraryEx(PWideChar(FileName), 0, LOAD_LIBRARY_AS_DATAFILE);
+  if hFile = 0 then
+    Exit;
+
+  hResourceInfo := FindResource(hFile, PWideChar(1), PWideChar($10));
+  if hResourceInfo = 0 then
+    Exit;
+
+  VersionInfo := Pointer(LoadResource(hFile, hResourceInfo));
+  if VersionInfo = nil then
+    Exit;
+
+  FileVersion.Version.dw := VersionInfo.Value.dwFileVersionMS;
+  FileVersion.Release := Word(VersionInfo.Value.dwFileVersionLS shr 16);
+  FileVersion.Build := Word(VersionInfo.Value.dwFileVersionLS);
+  FileVersion.bDebug := (VersionInfo.Value.dwFileFlags and VFF_DEBUG) = VFF_DEBUG;
+  FileVersion.bPrerelease := (VersionInfo.Value.dwFileFlags and VFF_PRERELEASE) = VFF_PRERELEASE;
+  FileVersion.bPrivate := (VersionInfo.Value.dwFileFlags and VFF_PRIVATE) = VFF_PRIVATE;
+  FileVersion.bSpecial := (VersionInfo.Value.dwFileFlags and VFF_SPECIAL) = VFF_SPECIAL;
+
+  Result := True;
+end;
+
+function OverrideSL(ValueName: String; var Value: DWORD): Boolean;
+begin
+  Result := True;
+  if INIValueExists(INI, 'SLPolicy', ValueName) then begin
+    Value := INIReadDWord(INI, 'SLPolicy', ValueName, 0);
+    Exit;
+  end;
+  Result := False;
+end;
+
+function New_SLGetWindowsInformationDWORD(pwszValueName: PWideChar;
+  pdwValue: PDWORD): HRESULT; stdcall;
+var
+  dw: DWORD;
+begin
+  // wrapped SLGetWindowsInformationDWORD function
+  // termsrv.dll will call this function instead of original SLC.dll
+
+  // Override SL Policy
+
+  WriteLog('Policy query: ' + pwszValueName);
+  if OverrideSL(pwszValueName, dw) then begin
+    pdwValue^ := dw;
+    Result := S_OK;
+    WriteLog('Policy rewrite: ' + IntToStr(pdwValue^));
+    Exit;
+  end;
+
+  // If the requested value name is not defined above
+
+  // revert to original SL Policy function
+  WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
+    @Old_SLGetWindowsInformationDWORD, SizeOf(OldCode), bw);
+
+  // get result
+  Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
+  if Result = S_OK then
+    WriteLog('Policy result: ' + IntToStr(pdwValue^))
+  else
+    WriteLog('Policy request failed');
+  // wrap it back
+  WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
+    @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
+end;
+
+function New_Win8SL(pwszValueName: PWideChar; pdwValue: PDWORD): HRESULT; register;
+var
+  dw: DWORD;
+begin
+  // wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
+  // for Windows 8 support
+
+  // Override SL Policy
+
+  WriteLog('Policy query: ' + pwszValueName);
+  if OverrideSL(pwszValueName, dw) then begin
+    pdwValue^ := dw;
+    Result := S_OK;
+    WriteLog('Policy rewrite: ' + IntToStr(pdwValue^));
+    Exit;
+  end;
+
+  // If the requested value name is not defined above
+  // use function from SLC.dll
+
+  Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
+  if Result = S_OK then
+    WriteLog('Policy result: ' + IntToStr(pdwValue^))
+  else
+    WriteLog('Policy request failed');
+end;
+
+function New_Win8SL_CP(eax: DWORD; pdwValue: PDWORD; ecx: DWORD; pwszValueName: PWideChar): HRESULT; register;
+begin
+  // wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
+  // for Windows 8 Consumer Preview support
+
+  Result := New_Win8SL(pwszValueName, pdwValue);
+end;
+
+function New_CSLQuery_Initialize: HRESULT; stdcall;
+var
+  Sect: String;
+  bServerSku,
+  bRemoteConnAllowed,
+  bFUSEnabled,
+  bAppServerAllowed,
+  bMultimonAllowed,
+  lMaxUserSessions,
+  ulMaxDebugSessions,
+  bInitialized: PDWORD;
+begin
+  bServerSku := nil;
+  bRemoteConnAllowed := nil;
+  bFUSEnabled := nil;
+  bAppServerAllowed := nil;
+  bMultimonAllowed := nil;
+  lMaxUserSessions := nil;
+  ulMaxDebugSessions := nil;
+  bInitialized := nil;
+  WriteLog('>>> CSLQuery::Initialize');
+  Sect := IntToStr(FV.Version.w.Major)+'.'+IntToStr(FV.Version.w.Minor)+'.'+
+          IntToStr(FV.Release)+'.'+IntToStr(FV.Build)+'-SLInit';
+  if INISectionExists(INI, Sect) then begin
+    bServerSku := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'bServerSku.x86', 0));
+    bRemoteConnAllowed := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'bRemoteConnAllowed.x86', 0));
+    bFUSEnabled := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'bFUSEnabled.x86', 0));
+    bAppServerAllowed := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'bAppServerAllowed.x86', 0));
+    bMultimonAllowed := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'bMultimonAllowed.x86', 0));
+    lMaxUserSessions := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'lMaxUserSessions.x86', 0));
+    ulMaxDebugSessions := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'ulMaxDebugSessions.x86', 0));
+    bInitialized := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'bInitialized.x86', 0));
+  end;
+
+  if bServerSku <> nil then begin
+    bServerSku^ := INIReadDWord(INI, 'SLInit', 'bServerSku', 1);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(bServerSku), 1)+'] bServerSku = ' + IntToStr(bServerSku^));
+  end;
+  if bRemoteConnAllowed <> nil then begin
+    bRemoteConnAllowed^ := INIReadDWord(INI, 'SLInit', 'bRemoteConnAllowed', 1);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(bRemoteConnAllowed), 1)+'] bRemoteConnAllowed = ' + IntToStr(bRemoteConnAllowed^));
+  end;
+  if bFUSEnabled <> nil then begin
+    bFUSEnabled^ := INIReadDWord(INI, 'SLInit', 'bFUSEnabled', 1);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(bFUSEnabled), 1)+'] bFUSEnabled = ' + IntToStr(bFUSEnabled^));
+  end;
+  if bAppServerAllowed <> nil then begin
+    bAppServerAllowed^ := INIReadDWord(INI, 'SLInit', 'bAppServerAllowed', 1);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(bAppServerAllowed), 1)+'] bAppServerAllowed = ' + IntToStr(bAppServerAllowed^));
+  end;
+  if bMultimonAllowed <> nil then begin
+    bMultimonAllowed^ := INIReadDWord(INI, 'SLInit', 'bMultimonAllowed', 1);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(bMultimonAllowed), 1)+'] bMultimonAllowed = ' + IntToStr(bMultimonAllowed^));
+  end;
+  if lMaxUserSessions <> nil then begin
+    lMaxUserSessions^ := INIReadDWord(INI, 'SLInit', 'lMaxUserSessions', 0);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(lMaxUserSessions), 1)+'] lMaxUserSessions = ' + IntToStr(lMaxUserSessions^));
+  end;
+  if ulMaxDebugSessions <> nil then begin
+    ulMaxDebugSessions^ := INIReadDWord(INI, 'SLInit', 'ulMaxDebugSessions', 0);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(ulMaxDebugSessions), 1)+'] ulMaxDebugSessions = ' + IntToStr(ulMaxDebugSessions^));
+  end;
+  if bInitialized <> nil then begin
+    bInitialized^ := INIReadDWord(INI, 'SLInit', 'bInitialized', 1);
+    WriteLog('SLInit [0x'+IntToHex(DWORD(bInitialized), 1)+'] bInitialized = ' + IntToStr(bInitialized^));
+  end;
+  Result := S_OK;
+  WriteLog('<<< CSLQuery::Initialize');
+end;
+
+procedure HookFunctions;
+var
+  ConfigFile, Sect, FuncName: String;
+  V: DWORD;
+  TS_Handle, SLC_Handle: THandle;
+  TermSrvSize: DWORD;
+  SignPtr: Pointer;
+  I: Integer;
+  PatchList: SList;
+  Patch: Array of TBytes;
+  Jump: far_jmp;
+  MovJump: mov_far_jmp;
+begin
+  { hook function ^^
+     (called once)   }
+  IsHooked := True;
+  TSMain := nil;
+  TSGlobals := nil;
+  SLGetWindowsInformationDWORD := nil;
+
+  WriteLog('Loading configuration...');
+  ConfigFile := ExtractFilePath(GetBinaryPath) + 'rdpwrap.ini';
+  WriteLog('Configuration file: ' + ConfigFile);
+  INILoad(INI, ConfigFile);
+  if Length(INI) = 0 then begin
+    WriteLog('Error: Failed to load configuration');
+    Exit;
+  end;
+
+  LogFile := INIReadString(INI, 'Main', 'LogFile', ExtractFilePath(GetBinaryPath) + 'rdpwrap.txt');
+  WriteLog('Initializing RDP Wrapper...');
+
+  // load termsrv.dll and get functions
+  TS_Handle := LoadLibrary('termsrv.dll');
+  if TS_Handle = 0 then begin
+    WriteLog('Error: Failed to load Terminal Services library');
+    Exit;
+  end;
+  TSMain := GetProcAddress(TS_Handle, 'ServiceMain');
+  TSGlobals := GetProcAddress(TS_Handle, 'SvchostPushServiceGlobals');
+  WriteLog(
+    'Base addr:  0x' + IntToHex(TS_Handle, 8) + #13#10 +
+    'SvcMain:    termsrv.dll+0x' + IntToHex(Cardinal(@TSMain) - TS_Handle, 1) + #13#10 +
+    'SvcGlobals: termsrv.dll+0x' + IntToHex(Cardinal(@TSGlobals) - TS_Handle, 1)
+  );
+
+  V := 0;
+  // check termsrv version
+  if GetModuleVersion('termsrv.dll', FV) then
+    V := Byte(FV.Version.w.Minor) or (Byte(FV.Version.w.Major) shl 8)
+  else begin
+    // check NT version
+    // V := GetVersion; // deprecated
+    // V := ((V and $FF) shl 8) or ((V and $FF00) shr 8);
+  end;
+  if V = 0 then begin
+    WriteLog('Error: Failed to detect Terminal Services version');
+    Exit;
+  end;
+
+  WriteLog('Version:    '+
+  IntToStr(FV.Version.w.Major)+'.'+
+  IntToStr(FV.Version.w.Minor)+'.'+
+  IntToStr(FV.Release)+'.'+
+  IntToStr(FV.Build));
+
+  // temporarily freeze threads
+  WriteLog('Freezing threads...');
+  StopThreads();
+
+  WriteLog('Caching patch codes...');
+  PatchList := INIReadSection(INI, 'PatchCodes');
+  SetLength(Patch, Length(PatchList));
+  for I := 0 to Length(Patch) - 1 do begin
+    Patch[I] := INIReadBytes(INI, 'PatchCodes', PatchList[I]);
+    if Length(Patch[I]) > 16 then  // for security reasons
+      SetLength(Patch[I], 16);     // not more than 16 bytes
+  end;
+
+  if (V = $0600) and (INIReadBool(INI, 'Main', 'SLPolicyHookNT60', True)) then begin
+    // Windows Vista
+    // uses SL Policy API (slc.dll)
+
+    // load slc.dll and hook function
+    SLC_Handle := LoadLibrary('slc.dll');
+    SLGetWindowsInformationDWORD := GetProcAddress(SLC_Handle, 'SLGetWindowsInformationDWORD');
+
+    if @SLGetWindowsInformationDWORD <> nil then
+    begin
+      // rewrite original function to call our function (make hook)
+
+      WriteLog('Hook SLGetWindowsInformationDWORD');
+      Stub_SLGetWindowsInformationDWORD.PushOp := $68;
+      Stub_SLGetWindowsInformationDWORD.PushArg := @New_SLGetWindowsInformationDWORD;
+      Stub_SLGetWindowsInformationDWORD.RetOp := $C3;
+      ReadProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
+        @Old_SLGetWindowsInformationDWORD, SizeOf(OldCode), bw);
+      WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
+        @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
+    end;
+  end;
+  if (V = $0601) and (INIReadBool(INI, 'Main', 'SLPolicyHookNT61', True)) then begin
+    // Windows 7
+    // uses SL Policy API (slc.dll)
+
+    // load slc.dll and hook function
+    SLC_Handle := LoadLibrary('slc.dll');
+    SLGetWindowsInformationDWORD := GetProcAddress(SLC_Handle, 'SLGetWindowsInformationDWORD');
+
+    if @SLGetWindowsInformationDWORD <> nil then
+    begin
+      // rewrite original function to call our function (make hook)
+
+      WriteLog('Hook SLGetWindowsInformationDWORD');
+      Stub_SLGetWindowsInformationDWORD.PushOp := $68;
+      Stub_SLGetWindowsInformationDWORD.PushArg := @New_SLGetWindowsInformationDWORD;
+      Stub_SLGetWindowsInformationDWORD.RetOp := $C3;
+      ReadProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
+        @Old_SLGetWindowsInformationDWORD, SizeOf(OldCode), bw);
+      WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
+        @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
+    end;
+  end;
+  if V = $0602 then begin
+    // Windows 8
+    // uses SL Policy internal unexported function
+
+    // load slc.dll and get function
+    // (will be used on intercepting undefined values)
+    SLC_Handle := LoadLibrary('slc.dll');
+    SLGetWindowsInformationDWORD := GetProcAddress(SLC_Handle, 'SLGetWindowsInformationDWORD');
+  end;
+  if V = $0603 then begin
+    // Windows 8.1
+    // uses SL Policy internal inline code
+  end;
+  if V = $0604 then begin
+    // Windows 10
+    // uses SL Policy internal inline code
+  end;
+
+  Sect := IntToStr(FV.Version.w.Major)+'.'+IntToStr(FV.Version.w.Minor)+'.'+
+          IntToStr(FV.Release)+'.'+IntToStr(FV.Build);
+
+  if INISectionExists(INI, Sect) then
+    if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
+      if INIReadBool(INI, Sect, 'LocalOnlyPatch.x86', False) then begin
+        WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
+        SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'LocalOnlyOffset.x86', 0));
+        I := SListFind(PatchList, INIReadString(INI, Sect, 'LocalOnlyCode.x86', ''));
+        if I >= 0 then
+          WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw);
+      end;
+      if INIReadBool(INI, Sect, 'SingleUserPatch.x86', False) then begin
+        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
+        SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SingleUserOffset.x86', 0));
+        I := SListFind(PatchList, INIReadString(INI, Sect, 'SingleUserCode.x86', ''));
+        if I >= 0 then
+          WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw);
+      end;
+      if INIReadBool(INI, Sect, 'DefPolicyPatch.x86', False) then begin
+        WriteLog('Patch CDefPolicy::Query');
+        SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'DefPolicyOffset.x86', 0));
+        I := SListFind(PatchList, INIReadString(INI, Sect, 'DefPolicyCode.x86', ''));
+        if I >= 0 then
+          WriteProcessMemory(GetCurrentProcess, SignPtr, @Patch[I][0], Length(Patch[I]), bw);
+      end;
+      if INIReadBool(INI, Sect, 'SLPolicyInternal.x86', False) then begin
+        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
+        SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SLPolicyOffset.x86', 0));
+        MovJump.MovOp := $89;  // mov eax, ecx
+        MovJump.MovArg := $C8; // __msfastcall compatibility
+        MovJump.PushOp := $68;
+        MovJump.PushArg := @New_Win8SL;
+        MovJump.RetOp := $C3;
+        FuncName := INIReadString(INI, Sect, 'SLPolicyFunc.x86', 'New_Win8SL');
+        if FuncName = 'New_Win8SL' then
+          MovJump.PushArg := @New_Win8SL;
+        if FuncName = 'New_Win8SL_CP' then
+          MovJump.PushArg := @New_Win8SL_CP;
+        WriteProcessMemory(GetCurrentProcess, SignPtr,
+          @MovJump, SizeOf(mov_far_jmp), bw);
+      end;
+      if INIReadBool(INI, Sect, 'SLInitHook.x86', False) then begin
+        WriteLog('Hook CSLQuery::Initialize');
+        SignPtr := Pointer(Cardinal(TermSrvBase) + INIReadDWordHex(INI, Sect, 'SLInitOffset.x86', 0));
+        Jump.PushOp := $68;
+        Jump.PushArg := @New_CSLQuery_Initialize;
+        Jump.RetOp := $C3;
+        FuncName := INIReadString(INI, Sect, 'SLInitFunc.x86', 'New_CSLQuery_Initialize');
+        if FuncName = 'New_CSLQuery_Initialize' then
+          Jump.PushArg := @New_CSLQuery_Initialize;
+        WriteProcessMemory(GetCurrentProcess, SignPtr,
+          @Jump, SizeOf(far_jmp), bw);
+      end;
+    end;
+
+  // unfreeze threads
+  WriteLog('Resumimg threads...');
+  RunThreads();
+end;
+
+function TermServiceMain(dwArgc: DWORD; lpszArgv: PWideChar): DWORD; stdcall;
+begin
+  // wrap ServiceMain function
+  WriteLog('>>> ServiceMain');
+  if not IsHooked then
+    HookFunctions;
+  Result := 0;
+  if @TSMain <> nil then
+    Result := TSMain(dwArgc, lpszArgv);
+  WriteLog('<<< ServiceMain');
+end;
+
+function TermServiceGlobals(lpGlobalData: Pointer): DWORD; stdcall;
+begin
+  // wrap SvchostPushServiceGlobals function
+  WriteLog('>>> SvchostPushServiceGlobals');
+  if not IsHooked then
+    HookFunctions;
+  Result := 0;
+  if @TSGlobals <> nil then
+    Result := TSGlobals(lpGlobalData);
+  WriteLog('<<< SvchostPushServiceGlobals');
+end;
+
+// export section
+
+exports
+  TermServiceMain index 1 name 'ServiceMain',
+  TermServiceGlobals index 2 name 'SvchostPushServiceGlobals';
+
+begin
+  // DllMain procedure is not used
+end.
\ No newline at end of file
diff --git a/src-x86-binarymaster/src/rdpwrap.dproj b/src-x86-binarymaster/rdpwrap.dproj
similarity index 100%
rename from src-x86-binarymaster/src/rdpwrap.dproj
rename to src-x86-binarymaster/rdpwrap.dproj
index 36208c0..2b81a43 100644
--- a/src-x86-binarymaster/src/rdpwrap.dproj
+++ b/src-x86-binarymaster/rdpwrap.dproj
@@ -42,14 +42,14 @@
 			<BuildConfiguration Include="Base">
 				<Key>Base</Key>
 			</BuildConfiguration>
-			<BuildConfiguration Include="Debug">
-				<Key>Cfg_2</Key>
-				<CfgParent>Base</CfgParent>
-			</BuildConfiguration>
 			<BuildConfiguration Include="Release">
 				<Key>Cfg_1</Key>
 				<CfgParent>Base</CfgParent>
 			</BuildConfiguration>
+			<BuildConfiguration Include="Debug">
+				<Key>Cfg_2</Key>
+				<CfgParent>Base</CfgParent>
+			</BuildConfiguration>
 		</ItemGroup>
 		<Import Project="$(BDS)\Bin\CodeGear.Delphi.Targets" Condition="Exists('$(BDS)\Bin\CodeGear.Delphi.Targets')"/>
 		<ProjectExtensions>
diff --git a/src-x86-binarymaster/src/rdpwrap.res b/src-x86-binarymaster/rdpwrap.res
similarity index 100%
rename from src-x86-binarymaster/src/rdpwrap.res
rename to src-x86-binarymaster/rdpwrap.res
diff --git a/src-x86-binarymaster/src/rdpwrap.dpr b/src-x86-binarymaster/src/rdpwrap.dpr
deleted file mode 100644
index d968cb7..0000000
--- a/src-x86-binarymaster/src/rdpwrap.dpr
+++ /dev/null
@@ -1,1704 +0,0 @@
-library rdpwrap;
-
-// RDP Wrapper Library project by Stas'M
-
-// Terminal Services supported versions
-// 6.0.X.X        (Windows Vista, any)                    [policy hook only]
-// 6.0.6000.16386 (Windows Vista)                         [policy hook + extended patch]
-// 6.0.6001.18000 (Windows Vista SP1)                     [policy hook + extended patch]
-// 6.0.6001.22565 (Windows Vista SP1 with KB977541)       [todo]
-// 6.0.6001.22635 (Windows Vista SP1 with KB970911)       [todo]
-// 6.0.6001.22801 (Windows Vista SP1 with KB2381675)      [todo]
-// 6.0.6002.18005 (Windows Vista SP2)                     [policy hook + extended patch]
-// 6.0.6002.22269 (Windows Vista SP2 with KB977541)       [todo]
-// 6.0.6002.22340 (Windows Vista SP2 with KB970911)       [todo]
-// 6.0.6002.22515 (Windows Vista SP2 with KB2381675)      [todo]
-// 6.0.6002.22641 (Windows Vista SP2 with KB2523307)      [todo]
-// 6.0.6002.19214 (Windows Vista SP2 with KB3003743 GDR)  [policy hook + extended patch]
-// 6.0.6002.23521 (Windows Vista SP2 with KB3003743 LDR)  [policy hook + extended patch]
-// 6.1.X.X        (Windows 7, any)                        [policy hook only]
-// 6.1.7600.16385 (Windows 7)                             [policy hook + extended patch]
-// 6.1.7600.20890 (Windows 7 with KB2479710)              [todo]
-// 6.1.7600.21316 (Windows 7 with KB2750090)              [todo]
-// 6.1.7601.17514 (Windows 7 SP1)                         [policy hook + extended patch]
-// 6.1.7601.21650 (Windows 7 SP1 with KB2479710)          [todo]
-// 6.1.7601.21866 (Windows 7 SP1 with KB2647409)          [todo]
-// 6.1.7601.22104 (Windows 7 SP1 with KB2750090)          [todo]
-// 6.1.7601.18540 (Windows 7 SP1 with KB2984972 GDR)      [policy hook + extended patch]
-// 6.1.7601.22750 (Windows 7 SP1 with KB2984972 LDR)      [policy hook + extended patch]
-// 6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR)      [policy hook + extended patch]
-// 6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR)      [policy hook + extended patch]
-// 6.2.8102.0     (Windows 8 Developer Preview)           [policy hook + extended patch]
-// 6.2.8250.0     (Windows 8 Consumer Preview)            [policy hook + extended patch]
-// 6.2.8400.0     (Windows 8 Release Preview)             [policy hook + extended patch]
-// 6.2.9200.16384 (Windows 8)                             [policy hook + extended patch]
-// 6.2.9200.17048 (Windows 8 with KB2973501 GDR)          [policy hook + extended patch]
-// 6.2.9200.21166 (Windows 8 with KB2973501 LDR)          [policy hook + extended patch]
-// 6.3.9431.0     (Windows 8.1 Preview)                   [init hook + extended patch]
-// 6.3.9600.16384 (Windows 8.1)                           [init hook + extended patch]
-// 6.3.9600.17095 (Windows 8.1 with KB2959626)            [init hook + extended patch]
-// 6.4.9841.0     (Windows 10 Technical Preview)          [init hook + extended patch]
-// 6.4.9860.0     (Windows 10 Technical Preview Update 1) [init hook + extended patch]
-
-// Known failures
-// 6.0.6000.16386 (Windows Vista RTM x86, crashes on logon attempt)
-
-// Internal changelog:
-
-// 2014.11.13 :
-// - researching KB3003743
-// - added support for version 6.0.6002.19214
-// - added support for version 6.0.6002.23521
-// - added support for version 6.1.7601.18637
-// - added support for version 6.1.7601.22843
-
-// 2014.11.02 :
-// - researching termsrv.dll 6.4.9860.0
-// - done
-
-// 2014.10.19 :
-// - added support for version 6.0.6000.16386 (x64)
-// - added support for version 6.0.6001.18000 (x64)
-// - added support for version 6.1.7600.16385
-
-// 2014.10.18 :
-// - corrected some typos in source
-// - simplified signature constants
-// - added support for version 6.0.6000.16386 (x86)
-// - added support for version 6.0.6001.18000 (x86)
-// - added support for version 6.0.6002.18005
-// - added support for version 6.1.7601.17514
-// - added support for version 6.1.7601.18540
-// - added support for version 6.1.7601.22750
-// - added support for version 6.2.9200.17048
-// - added support for version 6.2.9200.21166
-
-// 2014.10.17 :
-// - collecting information about all versions of Terminal Services beginning from Vista
-// - added [todo] to the versions list
-
-// 2014.10.16 :
-// - got new updates: KB2984972 for Win 7 (still works with 2 concurrent users) and KB2973501 for Win 8 (doesn't work)
-
-// 2014.10.02 :
-// - researching Windows 10 TP Remote Desktop
-// - done! even without debugging symbols ^^)
-
-// 2014.07.20 :
-// - added support for Windows 8 Release Preview
-// - added support for Windows 8 Consumer Preview
-// - added support for Windows 8 Developer Preview
-
-// 2014.07.19 :
-// - improved patching of Windows 8
-// - added policy patches
-// - will patch CDefPolicy::Query
-// - will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-
-// 2014.07.18 :
-// - researched patched files from MDL forum
-// - CSLQuery::GetMaxSessions requires no patching
-// - it's better to change the default policy, so...
-// - will patch CDefPolicy::Query
-// - will patch CEnforcementCore::GetInstanceOfTSLicense
-// - will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-// - the function CSLQuery::Initialize is hooked correctly
-
-// 2014.07.17 :
-// - will hook only CSLQuery::Initialize function
-// - CSLQuery::GetMaxSessions will be patched
-// - added x86 signatures for 6.3.9431.0 (Windows 8.1 Preview)
-
-// 2014.07.16 :
-// - changing asm opcodes is bad, will hook CSL functions
-
-// 2014.07.15 :
-// - added x86 signatures for 6.3.9600.16384 (Windows 8.1)
-// 2014.07.15 :
-// - added x86 signatures for 6.3.9600.17095 (Windows 8.1 with KB2959626)
-
-uses
-  SysUtils,
-  Windows,
-  TlHelp32;
-
-{$R rdpwrap.res}
-
-// Hook core definitions
-
-type
-  OldCode = packed record
-    One: DWORD;
-    two: Word;
-  end;
-
-  far_jmp = packed record
-    PushOp: Byte;
-    PushArg: Pointer;
-    RetOp: Byte;
-  end;
-
-  mov_far_jmp = packed record
-    MovOp: Byte;
-    MovArg: Byte;
-    PushOp: Byte;
-    PushArg: Pointer;
-    RetOp: Byte;
-  end;
-
-  TTHREADENTRY32 = packed record
-    dwSize: DWORD;
-    cntUsage: DWORD;
-    th32ThreadID: DWORD;
-    th32OwnerProcessID: DWORD;
-    tpBasePri: LongInt;
-    tpDeltaPri: LongInt;
-    dwFlags: DWORD;
-  end;
-  IntArray = Array of Integer;
-  FILE_VERSION = record
-    Version: record case Boolean of
-      True: (dw: DWORD);
-      False: (w: record
-        Minor, Major: Word;
-      end;)
-    end;
-    Release, Build: Word;
-    bDebug, bPrerelease, bPrivate, bSpecial: Boolean;
-  end;
-
-const
-  THREAD_SUSPEND_RESUME = 2;
-  TH32CS_SNAPTHREAD = 4;
-var
-  bw: DWORD;
-  IsHooked: Boolean = False;
-  FCount: Cardinal = 0;
-
-// Unhooked import
-
-function OpenThread(dwDesiredAccess: DWORD; bInheritHandle: BOOL;
-  dwThreadId: DWORD): DWORD; stdcall; external kernel32;
-
-function CreateToolhelp32Snapshot(dwFlags, th32ProcessID: DWORD): DWORD;
-  stdcall; external kernel32;
-
-function Thread32First(hSnapshot: THandle; var lpte: TTHREADENTRY32): bool;
-  stdcall; external kernel32;
-
-function Thread32Next(hSnapshot: THandle; var lpte: TTHREADENTRY32): bool;
-  stdcall; external kernel32;
-
-// Wrapped import
-
-var
-  TSMain: function(dwArgc: DWORD; lpszArgv: PWideChar): DWORD; stdcall;
-  TSGlobals: function(lpGlobalData: Pointer): DWORD; stdcall;
-
-// Hooked import and vars
-
-var
-  SLGetWindowsInformationDWORD: function(pwszValueName: PWideChar;
-    pdwValue: PDWORD): HRESULT; stdcall;
-  TermSrvBase: Pointer;
-  FV: FILE_VERSION;
-
-const
-  CDefPolicy_Query_edx_ecx: Array[0..12] of Byte =
-  ($BA,$00,$01,$00,$00,$89,$91,$20,$03,$00,$00,$5E,$90);
-  CDefPolicy_Query_eax_esi: Array[0..11] of Byte =
-  ($B8,$00,$01,$00,$00,$89,$86,$20,$03,$00,$00,$90);
-  CDefPolicy_Query_eax_ecx: Array[0..11] of Byte =
-  ($B8,$00,$01,$00,$00,$89,$81,$20,$03,$00,$00,$90);
-
-// ------------------- TermService build 6.0.6000.16386
-
-// Original
-// .text:6F335CD8          cmp     edx, [ecx+320h]
-// .text:6F335CDE          pop     esi
-// .text:6F335CDF          jz      loc_6F3426F1
-//_______________
-//
-// Changed
-// .text:6F335CD8          mov     edx, 100h
-// .text:6F335CDD          mov     [ecx+320h], edx
-// .text:6F335CE3          pop     esi
-// .text:6F335CE4          nop
-// CDefPolicy_Query_edx_ecx
-
-// ------------------- TermService build 6.0.6001.18000
-
-// Original
-// .text:6E817FD8          cmp     edx, [ecx+320h]
-// .text:6E817FDE          pop     esi
-// .text:6E817FDF          jz      loc_6E826F16
-//_______________
-//
-// Changed
-// .text:6E817FD8          mov     edx, 100h
-// .text:6E817FDD          mov     [ecx+320h], edx
-// .text:6E817FE3          pop     esi
-// .text:6E817FE4          nop
-// CDefPolicy_Query_edx_ecx
-
-// ------------------- TermService build 6.0.6002.18005
-
-// Original
-// .text:6F5979C0          cmp     edx, [ecx+320h]
-// .text:6F5979C6          pop     esi
-// .text:6F5979C7          jz      loc_6F5A6F26
-//_______________
-//
-// Changed
-// .text:6F5979C0          mov     edx, 100h
-// .text:6F5979C5          mov     [ecx+320h], edx
-// .text:6F5979CB          pop     esi
-// .text:6F5979CC          nop
-// CDefPolicy_Query_edx_ecx
-
-// ------------------- TermService build 6.0.6002.19214
-
-// Original
-// .text:6F5979B8          cmp     edx, [ecx+320h]
-// .text:6F5979BE          pop     esi
-// .text:6F5979BF          jz      loc_6F5A6F3E
-//_______________
-//
-// Changed
-// .text:6F5979B8          mov     edx, 100h
-// .text:6F5979BD          mov     [ecx+320h], edx
-// .text:6F5979C3          pop     esi
-// .text:6F5979C4          nop
-// CDefPolicy_Query_edx_ecx
-
-// ------------------- TermService build 6.0.6002.23521
-
-// Original
-// .text:6F5979CC          cmp     edx, [ecx+320h]
-// .text:6F5979D2          pop     esi
-// .text:6F5979D3          jz      loc_6F5A6F2E
-//_______________
-//
-// Changed
-// .text:6F5979CC          mov     edx, 100h
-// .text:6F5979D1          mov     [ecx+320h], edx
-// .text:6F5979D7          pop     esi
-// .text:6F5979D8          nop
-// CDefPolicy_Query_edx_ecx
-
-// ------------------- TermService build 6.1.7600.16385
-
-// Original
-// .text:6F2F96F3          cmp     eax, [esi+320h]
-// .text:6F2F96F9          jz      loc_6F30E256
-//_______________
-//
-// Changed
-// .text:6F2F96F3          mov     eax, 100h
-// .text:6F2F96F8          mov     [esi+320h], eax
-// .text:6F2F96FE          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.1.7601.17514
-
-// Original
-// .text:6F2F9D53          cmp     eax, [esi+320h]
-// .text:6F2F9D59          jz      loc_6F30B25E
-//_______________
-//
-// Changed
-// .text:6F2F9D53          mov     eax, 100h
-// .text:6F2F9D58          mov     [esi+320h], eax
-// .text:6F2F9D5E          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.1.7601.18540
-
-// Original
-// .text:6F2F9D9F          cmp     eax, [esi+320h]
-// .text:6F2F9DA5          jz      loc_6F30B2AE
-//_______________
-//
-// Changed
-// .text:6F2F9D9F          mov     eax, 100h
-// .text:6F2F9DA4          mov     [esi+320h], eax
-// .text:6F2F9DAA          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.1.7601.22750
-
-// Original
-// .text:6F2F9E21          cmp     eax, [esi+320h]
-// .text:6F2F9E27          jz      loc_6F30B6CE
-//_______________
-//
-// Changed
-// .text:6F2F9E21          mov     eax, 100h
-// .text:6F2F9E26          mov     [esi+320h], eax
-// .text:6F2F9E2C          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.1.7601.18637
-
-// Original
-// .text:6F2F9DBB          cmp     eax, [esi+320h]
-// .text:6F2F9DC1          jz      loc_6F30B2A6
-//_______________
-//
-// Changed
-// .text:6F2F9DBB          mov     eax, 100h
-// .text:6F2F9DC0          mov     [esi+320h], eax
-// .text:6F2F9DC6          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.1.7601.22843
-
-// Original
-// .text:6F2F9E25          cmp     eax, [esi+320h]
-// .text:6F2F9E2B          jz      loc_6F30B6D6
-//_______________
-//
-// Changed
-// .text:6F2F9E25          mov     eax, 100h
-// .text:6F2F9E2A          mov     [esi+320h], eax
-// .text:6F2F9E30          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.2.8102.0
-
-// Original
-// .text:1000E47C          cmp     eax, [esi+320h]
-// .text:1000E482          jz      loc_1002D775
-//_______________
-//
-// Changed
-// .text:1000E47C          mov     eax, 100h
-// .text:1000E481          mov     [esi+320h], eax
-// .text:1000E487          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.2.8250.0
-
-// Original
-// .text:10013520          cmp     eax, [esi+320h]
-// .text:10013526          jz      loc_1002DB85
-//_______________
-//
-// Changed
-// .text:10013520          mov     eax, 100h
-// .text:10013525          mov     [esi+320h], eax
-// .text:1001352B          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.2.8400.0
-
-// Original
-// .text:10013E48          cmp     eax, [esi+320h]
-// .text:10013E4E          jz      loc_1002E079
-//_______________
-//
-// Changed
-// .text:10013E48          mov     eax, 100h
-// .text:10013E4D          mov     [esi+320h], eax
-// .text:10013E53          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.2.9200.16384
-
-// Original
-// .text:10013F08          cmp     eax, [esi+320h]
-// .text:10013F0E          jz      loc_1002E161
-//_______________
-//
-// Changed
-// .text:10013F08          mov     eax, 100h
-// .text:10013F0D          mov     [esi+320h], eax
-// .text:10013F13          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.2.9200.17048
-
-// Original
-// .text:1001F408          cmp     eax, [esi+320h]
-// .text:1001F40E          jz      loc_1002E201
-//_______________
-//
-// Changed
-// .text:1001F408          mov     eax, 100h
-// .text:1001F40D          mov     [esi+320h], eax
-// .text:1001F413          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.2.9200.21166
-
-// Original
-// .text:10013F30          cmp     eax, [esi+320h]
-// .text:10013F36          jz      loc_1002E189
-//_______________
-//
-// Changed
-// .text:10013F30          mov     eax, 100h
-// .text:10013F35          mov     [esi+320h], eax
-// .text:10013F3B          nop
-// CDefPolicy_Query_eax_esi
-
-// ------------------- TermService build 6.3.9431.0
-
-// Original
-// .text:1002EA25          cmp     eax, [ecx+320h]
-// .text:1002EA2B          jz      loc_100348C1
-//_______________
-//
-// Changed
-// .text:1002EA25          mov     eax, 100h
-// .text:1002EA2A          mov     [ecx+320h], eax
-// .text:1002EA30          nop
-// CDefPolicy_Query_eax_ecx
-
-// ------------------- TermService build 6.3.9600.16384
-
-// Original
-// .text:10016115          cmp     eax, [ecx+320h]
-// .text:1001611B          jz      loc_10034DE1
-//_______________
-//
-// Changed
-// .text:10016115          mov     eax, 100h
-// .text:1001611A          mov     [ecx+320h], eax
-// .text:10016120          nop
-// CDefPolicy_Query_eax_ecx
-
-// ------------------- TermService build 6.3.9600.17095
-
-// Original
-// .text:10037529          cmp     eax, [ecx+320h]
-// .text:1003752F          jz      loc_10043662
-//_______________
-//
-// Changed
-// .text:10037529          mov     eax, 100h
-// .text:1003752E          mov     [ecx+320h], eax
-// .text:10037534          nop
-// CDefPolicy_Query_eax_ecx
-
-// ------------------- TermService build 6.4.9841.0
-
-// Original
-// .text:1003B989          cmp     eax, [ecx+320h]
-// .text:1003B98F          jz      loc_1005E809
-//_______________
-//
-// Changed
-// .text:1003B989          mov     eax, 100h
-// .text:1003B98E          mov     [ecx+320h], eax
-// .text:1003B994          nop
-// CDefPolicy_Query_eax_ecx
-
-// ------------------- TermService build 6.4.9860.0
-
-// Original
-// .text:1003BEC9          cmp     eax, [ecx+320h]
-// .text:1003BECF          jz      loc_1005EE1A
-//_______________
-//
-// Changed
-// .text:1003BEC9          mov     eax, 100h
-// .text:1003BECE          mov     [ecx+320h], eax
-// .text:1003BED4          nop
-// CDefPolicy_Query_eax_ecx
-
-var
-  Stub_SLGetWindowsInformationDWORD: far_jmp;
-  Old_SLGetWindowsInformationDWORD: OldCode;
-
-// Main code
-
-procedure WriteLog(S: AnsiString);
-const
-  LogFile = '\rdpwrap.txt';
-var
-  F: TextFile;
-begin
-  if not FileExists(LogFile) then
-    Exit;
-  AssignFile(F, LogFile);
-  Append(F);
-  Write(F, S+#13#10);
-  CloseFile(F);
-end;
-
-procedure StopThreads;
-var
-  h, CurrTh, ThrHandle, CurrPr: DWORD;
-  Thread: TTHREADENTRY32;
-begin
-  CurrTh := GetCurrentThreadId;
-  CurrPr := GetCurrentProcessId;
-  h := CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
-  if h <> INVALID_HANDLE_VALUE then
-  begin
-    Thread.dwSize := SizeOf(TTHREADENTRY32);
-    if Thread32First(h, Thread) then
-      repeat
-        if (Thread.th32ThreadID <> CurrTh) and
-          (Thread.th32OwnerProcessID = CurrPr) then
-        begin
-          ThrHandle := OpenThread(THREAD_SUSPEND_RESUME, false,
-            Thread.th32ThreadID);
-          if ThrHandle > 0 then
-          begin
-            SuspendThread(ThrHandle);
-            CloseHandle(ThrHandle);
-          end;
-        end;
-      until not Thread32Next(h, Thread);
-      CloseHandle(h);
-  end;
-end;
-
-procedure RunThreads;
-var
-  h, CurrTh, ThrHandle, CurrPr: DWORD;
-  Thread: TTHREADENTRY32;
-begin
-  CurrTh := GetCurrentThreadId;
-  CurrPr := GetCurrentProcessId;
-  h := CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
-  if h <> INVALID_HANDLE_VALUE then
-  begin
-    Thread.dwSize := SizeOf(TTHREADENTRY32);
-    if Thread32First(h, Thread) then
-      repeat
-        if (Thread.th32ThreadID <> CurrTh) and
-          (Thread.th32OwnerProcessID = CurrPr) then
-        begin
-          ThrHandle := OpenThread(THREAD_SUSPEND_RESUME, false,
-            Thread.th32ThreadID);
-          if ThrHandle > 0 then
-          begin
-            ResumeThread(ThrHandle);
-            CloseHandle(ThrHandle);
-          end;
-        end;
-      until not Thread32Next(h, Thread);
-      CloseHandle(h);
-  end;
-end;
-
-function GetModuleAddress(ModuleName: String; ProcessId: DWORD; var BaseAddr: Pointer; var BaseSize: DWORD): Boolean;
-var
-  hSnap: THandle;
-  md: MODULEENTRY32;
-begin
-  Result := False;
-  hSnap := CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, ProcessId);
-  if hSnap = INVALID_HANDLE_VALUE Then
-    Exit;
-  md.dwSize := SizeOf(MODULEENTRY32);
-  if Module32First(hSnap, md) then
-  begin
-    if LowerCase(ExtractFileName(md.szExePath)) = LowerCase(ModuleName) then
-    begin
-      Result := True;
-      BaseAddr := Pointer(md.modBaseAddr);
-      BaseSize := md.modBaseSize;
-      CloseHandle(hSnap);
-      Exit;
-    end;
-    while Module32Next(hSnap, md) Do
-    begin
-      if LowerCase(ExtractFileName(md.szExePath)) = LowerCase(ModuleName) then
-      begin
-        Result := True;
-        BaseAddr := Pointer(md.modBaseAddr);
-        BaseSize := md.modBaseSize;
-        Break;
-      end;
-    end;
-  end;
-  CloseHandle(hSnap);
-end;
-
-{procedure FindMem(Mem: Pointer; MemSz: DWORD; Buf: Pointer; BufSz: DWORD;
-  From: DWORD; var A: IntArray);
-var
-  I: Integer;
-begin
-  SetLength(A, 0);
-  I:=From;
-  if From>0 then
-    Inc(PByte(Mem), From);
-  while I < MemSz - BufSz + 1 do
-  begin
-    if (not IsBadReadPtr(Mem, BufSz)) and (CompareMem(Mem, Buf, BufSz)) then
-    begin
-      SetLength(A, Length(A)+1);
-      A[Length(A)-1] := I;
-    end;
-    Inc(I);
-    Inc(PByte(Mem));
-  end;
-end;}
-
-function GetModuleVersion(const ModuleName: TFileName; var FileVersion: FILE_VERSION): Boolean;
-type
-  VS_VERSIONINFO = record
-    wLength, wValueLength, wType: Word;
-    szKey: Array[1..16] of WideChar;
-    Padding1: Word;
-    Value: VS_FIXEDFILEINFO;
-    Padding2, Children: Word;
-  end;
-  PVS_VERSIONINFO = ^VS_VERSIONINFO;
-const
-  VFF_DEBUG = 1;
-  VFF_PRERELEASE = 2;
-  VFF_PRIVATE = 8;
-  VFF_SPECIAL = 32;
-var
-  hMod: HMODULE;
-  hResourceInfo: HRSRC;
-  VersionInfo: PVS_VERSIONINFO;
-begin
-  Result := False;
-
-  if ModuleName = '' then
-    hMod := GetModuleHandle(nil)
-  else
-    hMod := GetModuleHandle(PWideChar(ModuleName));
-  if hMod = 0 then
-    Exit;
-
-  hResourceInfo := FindResource(hMod, PWideChar(1), PWideChar($10));
-  if hResourceInfo = 0 then
-    Exit;
-
-  VersionInfo := Pointer(LoadResource(hMod, hResourceInfo));
-  if VersionInfo = nil then
-    Exit;
-
-  FileVersion.Version.dw := VersionInfo.Value.dwFileVersionMS;
-  FileVersion.Release := Word(VersionInfo.Value.dwFileVersionLS shr 16);
-  FileVersion.Build := Word(VersionInfo.Value.dwFileVersionLS);
-  FileVersion.bDebug := (VersionInfo.Value.dwFileFlags and VFF_DEBUG) = VFF_DEBUG;
-  FileVersion.bPrerelease := (VersionInfo.Value.dwFileFlags and VFF_PRERELEASE) = VFF_PRERELEASE;
-  FileVersion.bPrivate := (VersionInfo.Value.dwFileFlags and VFF_PRIVATE) = VFF_PRIVATE;
-  FileVersion.bSpecial := (VersionInfo.Value.dwFileFlags and VFF_SPECIAL) = VFF_SPECIAL;
-
-  Result := True;
-end;
-
-function GetFileVersion(const FileName: TFileName; var FileVersion: FILE_VERSION): Boolean;
-type
-  VS_VERSIONINFO = record
-    wLength, wValueLength, wType: Word;
-    szKey: Array[1..16] of WideChar;
-    Padding1: Word;
-    Value: VS_FIXEDFILEINFO;
-    Padding2, Children: Word;
-  end;
-  PVS_VERSIONINFO = ^VS_VERSIONINFO;
-const
-  VFF_DEBUG = 1;
-  VFF_PRERELEASE = 2;
-  VFF_PRIVATE = 8;
-  VFF_SPECIAL = 32;
-var
-  hFile: HMODULE;
-  hResourceInfo: HRSRC;
-  VersionInfo: PVS_VERSIONINFO;
-begin
-  Result := False;
-
-  hFile := LoadLibraryEx(PWideChar(FileName), 0, LOAD_LIBRARY_AS_DATAFILE);
-  if hFile = 0 then
-    Exit;
-
-  hResourceInfo := FindResource(hFile, PWideChar(1), PWideChar($10));
-  if hResourceInfo = 0 then
-    Exit;
-
-  VersionInfo := Pointer(LoadResource(hFile, hResourceInfo));
-  if VersionInfo = nil then
-    Exit;
-
-  FileVersion.Version.dw := VersionInfo.Value.dwFileVersionMS;
-  FileVersion.Release := Word(VersionInfo.Value.dwFileVersionLS shr 16);
-  FileVersion.Build := Word(VersionInfo.Value.dwFileVersionLS);
-  FileVersion.bDebug := (VersionInfo.Value.dwFileFlags and VFF_DEBUG) = VFF_DEBUG;
-  FileVersion.bPrerelease := (VersionInfo.Value.dwFileFlags and VFF_PRERELEASE) = VFF_PRERELEASE;
-  FileVersion.bPrivate := (VersionInfo.Value.dwFileFlags and VFF_PRIVATE) = VFF_PRIVATE;
-  FileVersion.bSpecial := (VersionInfo.Value.dwFileFlags and VFF_SPECIAL) = VFF_SPECIAL;
-
-  Result := True;
-end;
-
-function OverrideSL(ValueName: String; var Value: DWORD): Boolean;
-begin
-  Result := True;
-  // Allow Remote Connections
-  if ValueName = 'TerminalServices-RemoteConnectionManager-AllowRemoteConnections' then begin
-    Value := 1;
-    Exit;
-  end;
-  // Allow Multiple Sessions
-  if ValueName = 'TerminalServices-RemoteConnectionManager-AllowMultipleSessions' then begin
-    Value := 1;
-    Exit;
-  end;
-  // Allow Multiple Sessions (Application Server Mode)
-  if ValueName = 'TerminalServices-RemoteConnectionManager-AllowAppServerMode' then begin
-    Value := 1;
-    Exit;
-  end;
-  // Allow Multiple Monitors
-  if ValueName = 'TerminalServices-RemoteConnectionManager-AllowMultimon' then begin
-    Value := 1;
-    Exit;
-  end;
-  // Max User Sessions (0 = unlimited)
-  if ValueName = 'TerminalServices-RemoteConnectionManager-MaxUserSessions' then begin
-    Value := 0;
-    Exit;
-  end;
-  // Max Debug Sessions (Win 8, 0 = unlimited)
-  if ValueName = 'TerminalServices-RemoteConnectionManager-ce0ad219-4670-4988-98fb-89b14c2f072b-MaxSessions' then begin
-    Value := 0;
-    Exit;
-  end;
-  // Max Sessions
-  // 0 - logon not possible even from console
-  // 1 - only one active user (console or remote)
-  // 2 - allow concurrent sessions
-  if ValueName = 'TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-MaxSessions' then begin
-    Value := 2;
-    Exit;
-  end;
-  // Allow Advanced Compression with RDP 7 Protocol
-  if ValueName = 'TerminalServices-RDP-7-Advanced-Compression-Allowed' then begin
-    Value := 1;
-    Exit;
-  end;
-  // IsTerminalTypeLocalOnly = 0
-  if ValueName = 'TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-LocalOnly' then begin
-    Value := 0;
-    Exit;
-  end;
-  // Max Sessions (hard limit)
-  if ValueName = 'TerminalServices-RemoteConnectionManager-8dc86f1d-9969-4379-91c1-06fe1dc60575-MaxSessions' then begin
-    Value := 1000;
-    Exit;
-  end;
-  // Allow Easy Print
-  if ValueName = 'TerminalServices-DeviceRedirection-Licenses-TSEasyPrintAllowed' then begin
-    Value := 1;
-    Exit;
-  end;
-  Result := False;
-end;
-
-function New_SLGetWindowsInformationDWORD(pwszValueName: PWideChar;
-  pdwValue: PDWORD): HRESULT; stdcall;
-var
-  dw: DWORD;
-begin
-  // wrapped SLGetWindowsInformationDWORD function
-  // termsrv.dll will call this function instead of original SLC.dll
-
-  // Override SL Policy
-
-  WriteLog('Policy query: ' + pwszValueName);
-  if OverrideSL(pwszValueName, dw) then begin
-    pdwValue^ := dw;
-    Result := S_OK;
-    WriteLog('Rewrite: ' + IntToStr(pdwValue^));
-    Exit;
-  end;
-
-  // If the requested value name is not defined above
-
-  // revert to original SL Policy function
-  WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
-    @Old_SLGetWindowsInformationDWORD, SizeOf(OldCode), bw);
-
-  // get result
-  Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
-  if Result = S_OK then
-    WriteLog('Result: ' + IntToStr(pdwValue^))
-  else
-    WriteLog('Failed');
-  // wrap it back
-  WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
-    @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
-end;
-
-function New_Win8SL(pwszValueName: PWideChar; pdwValue: PDWORD): HRESULT; register;
-var
-  dw: DWORD;
-begin
-  // wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
-  // for Windows 8 support
-
-  // Override SL Policy
-
-  WriteLog('Policy query: ' + pwszValueName);
-  if OverrideSL(pwszValueName, dw) then begin
-    pdwValue^ := dw;
-    Result := S_OK;
-    WriteLog('Rewrite: ' + IntToStr(pdwValue^));
-    Exit;
-  end;
-
-  // If the requested value name is not defined above
-  // use function from SLC.dll
-
-  Result := SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
-  if Result = S_OK then
-    WriteLog('Result: ' + IntToStr(pdwValue^))
-  else
-    WriteLog('Failed');
-end;
-
-function New_Win8SL_CP(eax: DWORD; pdwValue: PDWORD; ecx: DWORD; pwszValueName: PWideChar): HRESULT; register;
-begin
-  // wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
-  // for Windows 8 Consumer Preview support
-
-  Result := New_Win8SL(pwszValueName, pdwValue);
-end;
-
-function New_CSLQuery_Initialize: HRESULT; stdcall;
-var
-  bServerSku,
-  bRemoteConnAllowed,
-  bFUSEnabled,
-  bAppServerAllowed,
-  bMultimonAllowed,
-  lMaxUserSessions,
-  ulMaxDebugSessions,
-  bInitialized: PDWORD;
-begin
-  bServerSku := nil;
-  bRemoteConnAllowed := nil;
-  bFUSEnabled := nil;
-  bAppServerAllowed := nil;
-  bMultimonAllowed := nil;
-  lMaxUserSessions := nil;
-  ulMaxDebugSessions := nil;
-  bInitialized := nil;
-  WriteLog('> CSLQuery::Initialize');
-  if (FV.Release = 9431) and (FV.Build = 0) then begin
-    bFUSEnabled :=        Pointer(Cardinal(TermSrvBase) + $A22A8);
-    lMaxUserSessions :=   Pointer(Cardinal(TermSrvBase) + $A22AC);
-    bAppServerAllowed :=  Pointer(Cardinal(TermSrvBase) + $A22B0);
-    bInitialized :=       Pointer(Cardinal(TermSrvBase) + $A22B4);
-    bMultimonAllowed :=   Pointer(Cardinal(TermSrvBase) + $A22B8);
-    bServerSku :=         Pointer(Cardinal(TermSrvBase) + $A22BC);
-    ulMaxDebugSessions := Pointer(Cardinal(TermSrvBase) + $A22C0);
-    bRemoteConnAllowed := Pointer(Cardinal(TermSrvBase) + $A22C4);
-  end;
-  if (FV.Release = 9600) and (FV.Build = 16384) then begin
-    bFUSEnabled :=        Pointer(Cardinal(TermSrvBase) + $C02A8);
-    lMaxUserSessions :=   Pointer(Cardinal(TermSrvBase) + $C02AC);
-    bAppServerAllowed :=  Pointer(Cardinal(TermSrvBase) + $C02B0);
-    bInitialized :=       Pointer(Cardinal(TermSrvBase) + $C02B4);
-    bMultimonAllowed :=   Pointer(Cardinal(TermSrvBase) + $C02B8);
-    bServerSku :=         Pointer(Cardinal(TermSrvBase) + $C02BC);
-    ulMaxDebugSessions := Pointer(Cardinal(TermSrvBase) + $C02C0);
-    bRemoteConnAllowed := Pointer(Cardinal(TermSrvBase) + $C02C4);
-  end;
-  if (FV.Release = 9600) and (FV.Build = 17095) then begin
-    bFUSEnabled :=        Pointer(Cardinal(TermSrvBase) + $C12A8);
-    lMaxUserSessions :=   Pointer(Cardinal(TermSrvBase) + $C12AC);
-    bAppServerAllowed :=  Pointer(Cardinal(TermSrvBase) + $C12B0);
-    bInitialized :=       Pointer(Cardinal(TermSrvBase) + $C12B4);
-    bMultimonAllowed :=   Pointer(Cardinal(TermSrvBase) + $C12B8);
-    bServerSku :=         Pointer(Cardinal(TermSrvBase) + $C12BC);
-    ulMaxDebugSessions := Pointer(Cardinal(TermSrvBase) + $C12C0);
-    bRemoteConnAllowed := Pointer(Cardinal(TermSrvBase) + $C12C4);
-  end;
-  if (FV.Release = 9841) and (FV.Build = 0) then begin
-    bFUSEnabled :=        Pointer(Cardinal(TermSrvBase) + $BF9F0);
-    lMaxUserSessions :=   Pointer(Cardinal(TermSrvBase) + $BF9F4);
-    bAppServerAllowed :=  Pointer(Cardinal(TermSrvBase) + $BF9F8);
-    bInitialized :=       Pointer(Cardinal(TermSrvBase) + $BF9FC);
-    bMultimonAllowed :=   Pointer(Cardinal(TermSrvBase) + $BFA00);
-    bServerSku :=         Pointer(Cardinal(TermSrvBase) + $BFA04);
-    ulMaxDebugSessions := Pointer(Cardinal(TermSrvBase) + $BFA08);
-    bRemoteConnAllowed := Pointer(Cardinal(TermSrvBase) + $BFA0C);
-  end;
-  if (FV.Release = 9860) and (FV.Build = 0) then begin
-    bFUSEnabled :=        Pointer(Cardinal(TermSrvBase) + $BF7E0);
-    lMaxUserSessions :=   Pointer(Cardinal(TermSrvBase) + $BF7E4);
-    bAppServerAllowed :=  Pointer(Cardinal(TermSrvBase) + $BF7E8);
-    bInitialized :=       Pointer(Cardinal(TermSrvBase) + $BF7EC);
-    bMultimonAllowed :=   Pointer(Cardinal(TermSrvBase) + $BF7F0);
-    bServerSku :=         Pointer(Cardinal(TermSrvBase) + $BF7F4);
-    ulMaxDebugSessions := Pointer(Cardinal(TermSrvBase) + $BF7F8);
-    bRemoteConnAllowed := Pointer(Cardinal(TermSrvBase) + $BF7FC);
-  end;
-  if bServerSku <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(bServerSku), 1)+'] bServerSku = 1');
-    bServerSku^ := 1;
-  end;
-  if bRemoteConnAllowed <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(bRemoteConnAllowed), 1)+'] bRemoteConnAllowed = 1');
-    bRemoteConnAllowed^ := 1;
-  end;
-  if bFUSEnabled <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(bFUSEnabled), 1)+'] bFUSEnabled = 1');
-    bFUSEnabled^ := 1;
-  end;
-  if bAppServerAllowed <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(bAppServerAllowed), 1)+'] bAppServerAllowed = 1');
-    bAppServerAllowed^ := 1;
-  end;
-  if bMultimonAllowed <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(bMultimonAllowed), 1)+'] bMultimonAllowed = 1');
-    bMultimonAllowed^ := 1;
-  end;
-  if lMaxUserSessions <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(lMaxUserSessions), 1)+'] lMaxUserSessions = 0');
-    lMaxUserSessions^ := 0;
-  end;
-  if ulMaxDebugSessions <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(ulMaxDebugSessions), 1)+'] ulMaxDebugSessions = 0');
-    ulMaxDebugSessions^ := 0;
-  end;
-  if bInitialized <> nil then begin
-    WriteLog('[0x'+IntToHex(DWORD(bInitialized), 1)+'] bInitialized = 1');
-    bInitialized^ := 1;
-  end;
-  Result := S_OK;
-end;
-
-procedure HookFunctions;
-var
-  V: DWORD;
-  TS_Handle, SLC_Handle: THandle;
-  TermSrvSize: DWORD;
-  SignPtr: Pointer;
-  Results: IntArray;
-  Jump: far_jmp;
-  MovJump: mov_far_jmp;
-  nop: DWORD;
-  b: Byte;
-begin
-  { hook function ^^
-     (called once)   }
-  IsHooked := True;
-  nop := $90909090;
-  TSMain := nil;
-  TSGlobals := nil;
-  SLGetWindowsInformationDWORD := nil;
-  WriteLog('init');
-
-  // load termsrv.dll and get functions
-  TS_Handle := LoadLibrary('termsrv.dll');
-  if TS_Handle = 0 then begin
-    WriteLog('Error: Failed to load Terminal Services library');
-    Exit;
-  end;
-  WriteLog('Base addr:  0x'+IntToHex(TS_Handle, 8));
-  TSMain := GetProcAddress(TS_Handle, 'ServiceMain');
-  WriteLog('SvcMain:    termsrv.dll+0x'+IntToHex(Cardinal(@TSMain) - TS_Handle, 1));
-  TSGlobals := GetProcAddress(TS_Handle, 'SvchostPushServiceGlobals');
-  WriteLog('SvcGlobals: termsrv.dll+0x'+IntToHex(Cardinal(@TSGlobals) - TS_Handle, 1));
-
-  V := 0;
-  // check termsrv version
-  if GetModuleVersion('termsrv.dll', FV) then
-    V := Byte(FV.Version.w.Minor) or (Byte(FV.Version.w.Major) shl 8)
-  else begin
-    // check NT version
-    // V := GetVersion; // deprecated
-    // V := ((V and $FF) shl 8) or ((V and $FF00) shr 8);
-  end;
-  if V = 0 then begin
-    WriteLog('Error: Failed to detect Terminal Services version');
-    Exit;
-  end;
-
-  WriteLog('Version: '+IntToStr(FV.Version.w.Major)+'.'+IntToStr(FV.Version.w.Minor));
-  WriteLog('Release: '+IntToStr(FV.Release));
-  WriteLog('Build:   '+IntToStr(FV.Build));
-
-  // temporarily freeze threads
-  WriteLog('freeze');
-  StopThreads();
-
-  if (V = $0600) then begin
-    // Windows Vista
-    // uses SL Policy API (slc.dll)
-
-    // load slc.dll and hook function
-    SLC_Handle := LoadLibrary('slc.dll');
-    SLGetWindowsInformationDWORD := GetProcAddress(SLC_Handle, 'SLGetWindowsInformationDWORD');
-
-    if @SLGetWindowsInformationDWORD <> nil then
-    begin
-      // rewrite original function to call our function (make hook)
-
-      WriteLog('Hook SLGetWindowsInformationDWORD');
-      Stub_SLGetWindowsInformationDWORD.PushOp := $68;
-      Stub_SLGetWindowsInformationDWORD.PushArg := @New_SLGetWindowsInformationDWORD;
-      Stub_SLGetWindowsInformationDWORD.RetOp := $C3;
-      ReadProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
-        @Old_SLGetWindowsInformationDWORD, SizeOf(OldCode), bw);
-      WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
-        @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
-    end;
-
-    if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
-      // Patch functions:
-      // CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-      // CDefPolicy::Query
-
-      if (FV.Release = 6000) and (FV.Build = 16386) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F320000
-        // .text:6F3360B9          lea     eax, [ebp+VersionInformation]
-        // .text:6F3360BF          inc     ebx            <- nop
-        // .text:6F3360C0          push    eax             ; lpVersionInformation
-        // .text:6F3360C1          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F3360CB          mov     [esi], ebx
-        // .text:6F3360CD          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $160BF);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $15CD8);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_edx_ecx[0],
-        SizeOf(CDefPolicy_Query_edx_ecx), bw);
-      end;
-      if (FV.Release = 6001) and (FV.Build = 18000) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6E800000
-        // .text:6E8185DE          lea     eax, [ebp+VersionInformation]
-        // .text:6E8185E4          inc     ebx            <- nop
-        // .text:6E8185E5          push    eax             ; lpVersionInformation
-        // .text:6E8185E6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6E8185F0          mov     [esi], ebx
-        // .text:6E8185F2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $185E4);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $17FD8);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_edx_ecx[0],
-        SizeOf(CDefPolicy_Query_edx_ecx), bw);
-      end;
-      if (FV.Release = 6002) and (FV.Build = 18005) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F580000
-        // .text:6F597FA2          lea     eax, [ebp+VersionInformation]
-        // .text:6F597FA8          inc     ebx            <- nop
-        // .text:6F597FA9          push    eax             ; lpVersionInformation
-        // .text:6F597FAA          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F597FB4          mov     [esi], ebx
-        // .text:6F597FB6          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $17FA8);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $179C0);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_edx_ecx[0],
-        SizeOf(CDefPolicy_Query_edx_ecx), bw);
-      end;
-      if (FV.Release = 6002) and (FV.Build = 19214) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F580000
-        // .text:6F597FBE          lea     eax, [ebp+VersionInformation]
-        // .text:6F597FC4          inc     ebx            <- nop
-        // .text:6F597FC5          push    eax             ; lpVersionInformation
-        // .text:6F597FC6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F597FD0          mov     [esi], ebx
-        // .text:6F597FD2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $17FC4);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $179B8);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_edx_ecx[0],
-        SizeOf(CDefPolicy_Query_edx_ecx), bw);
-      end;
-      if (FV.Release = 6002) and (FV.Build = 23521) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F580000
-        // .text:6F597FAE          lea     eax, [ebp+VersionInformation]
-        // .text:6F597FB4          inc     ebx            <- nop
-        // .text:6F597FB5          push    eax             ; lpVersionInformation
-        // .text:6F597FB6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F597FC0          mov     [esi], ebx
-        // .text:6F597FC2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $17FB4);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $179CC);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_edx_ecx[0],
-        SizeOf(CDefPolicy_Query_edx_ecx), bw);
-      end;
-    end;
-  end;
-  if (V = $0601) then begin
-    // Windows 7
-    // uses SL Policy API (slc.dll)
-
-    // load slc.dll and hook function
-    SLC_Handle := LoadLibrary('slc.dll');
-    SLGetWindowsInformationDWORD := GetProcAddress(SLC_Handle, 'SLGetWindowsInformationDWORD');
-
-    if @SLGetWindowsInformationDWORD <> nil then
-    begin
-      // rewrite original function to call our function (make hook)
-
-      WriteLog('Hook SLGetWindowsInformationDWORD');
-      Stub_SLGetWindowsInformationDWORD.PushOp := $68;
-      Stub_SLGetWindowsInformationDWORD.PushArg := @New_SLGetWindowsInformationDWORD;
-      Stub_SLGetWindowsInformationDWORD.RetOp := $C3;
-      ReadProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
-        @Old_SLGetWindowsInformationDWORD, SizeOf(OldCode), bw);
-      WriteProcessMemory(GetCurrentProcess, @SLGetWindowsInformationDWORD,
-        @Stub_SLGetWindowsInformationDWORD, SizeOf(far_jmp), bw);
-    end;
-
-    if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
-      // Patch functions:
-      // CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-      // CDefPolicy::Query
-
-      if (FV.Release = 7600) and (FV.Build = 16385) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F2E0000
-        // .text:6F2F9E1F          lea     eax, [ebp+VersionInformation]
-        // .text:6F2F9E25          inc     ebx            <- nop
-        // .text:6F2F9E26          push    eax             ; lpVersionInformation
-        // .text:6F2F9E27          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F2F9E31          mov     [esi], ebx
-        // .text:6F2F9E33          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19E25);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $196F3);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-      end;
-      if (FV.Release = 7601) and (FV.Build = 17514) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F2E0000
-        // .text:6F2FA497          lea     eax, [ebp+VersionInformation]
-        // .text:6F2FA49D          inc     ebx            <- nop
-        // .text:6F2FA49E          push    eax             ; lpVersionInformation
-        // .text:6F2FA49F          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F2FA4A9          mov     [esi], ebx
-        // .text:6F2FA4AB          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1A49D);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19D53);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-      end;
-      if (FV.Release = 7601) and (FV.Build = 18540) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F2E0000
-        // .text:6F2FA4DF          lea     eax, [ebp+VersionInformation]
-        // .text:6F2FA4E5          inc     ebx            <- nop
-        // .text:6F2FA4E6          push    eax             ; lpVersionInformation
-        // .text:6F2FA4E7          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F2FA4F1          mov     [esi], ebx
-        // .text:6F2FA4F3          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1A4E5);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19D9F);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-      end;
-      if (FV.Release = 7601) and (FV.Build = 22750) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F2E0000
-        // .text:6F2FA64F          lea     eax, [ebp+VersionInformation]
-        // .text:6F2FA655          inc     ebx            <- nop
-        // .text:6F2FA656          push    eax             ; lpVersionInformation
-        // .text:6F2FA657          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F2FA661          mov     [esi], ebx
-        // .text:6F2FA663          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1A655);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19E21);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-      end;
-      if (FV.Release = 7601) and (FV.Build = 18637) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F2E0000
-        // .text:6F2FA4D7          lea     eax, [ebp+VersionInformation]
-        // .text:6F2FA4DD          inc     ebx            <- nop
-        // .text:6F2FA4DE          push    eax             ; lpVersionInformation
-        // .text:6F2FA4DF          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F2FA4E9          mov     [esi], ebx
-        // .text:6F2FA4EB          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1A4DD);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19DBB);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-      end;
-      if (FV.Release = 7601) and (FV.Build = 22843) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // Imagebase: 6F2E0000
-        // .text:6F2FA64F          lea     eax, [ebp+VersionInformation]
-        // .text:6F2FA655          inc     ebx            <- nop
-        // .text:6F2FA656          push    eax             ; lpVersionInformation
-        // .text:6F2FA657          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:6F2FA661          mov     [esi], ebx
-        // .text:6F2FA663          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1A655);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19E25);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-      end;
-    end;
-  end;
-  if V = $0602 then begin
-    // Windows 8
-    // uses SL Policy internal unexported function
-
-    // load slc.dll and get function
-    // (will be used on intercepting undefined values)
-    SLC_Handle := LoadLibrary('slc.dll');
-    SLGetWindowsInformationDWORD := GetProcAddress(SLC_Handle, 'SLGetWindowsInformationDWORD');
-
-    if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
-      // Patch functions:
-      // CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-      // CDefPolicy::Query
-      // Hook function:
-      // SLGetWindowsInformationDWORDWrapper
-
-      if (FV.Release = 8102) and (FV.Build = 0) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:1000F7E5          lea     eax, [esp+150h+VersionInformation]
-        // .text:1000F7E9          inc     esi            <- nop
-        // .text:1000F7EA          push    eax             ; lpVersionInformation
-        // .text:1000F7EB          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:1000F7F3          mov     [edi], esi
-        // .text:1000F7F5          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $F7E9);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $E47C);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-
-        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1B909);
-        MovJump.MovOp := $89;  // mov eax, ecx
-        MovJump.MovArg := $C8; // __msfastcall compatibility
-        MovJump.PushOp := $68;
-        MovJump.PushArg := @New_Win8SL;
-        MovJump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @MovJump, SizeOf(mov_far_jmp), bw);
-      end;
-      if (FV.Release = 8250) and (FV.Build = 0) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:100159C5          lea     eax, [esp+150h+VersionInformation]
-        // .text:100159C9          inc     esi            <- nop
-        // .text:100159CA          push    eax             ; lpVersionInformation
-        // .text:100159CB          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:100159D3          mov     [edi], esi
-        // .text:100159D5          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $159C9);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $13520);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-
-        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1A0A9);
-        MovJump.MovOp := $89;  // mov eax, ecx
-        MovJump.MovArg := $C8; // __msfastcall compatibility
-        MovJump.PushOp := $68;
-        MovJump.PushArg := @New_Win8SL_CP;
-        MovJump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @MovJump, SizeOf(mov_far_jmp), bw);
-      end;
-      if (FV.Release = 8400) and (FV.Build = 0) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:1001547E          lea     eax, [esp+150h+VersionInformation]
-        // .text:10015482          inc     esi            <- nop
-        // .text:10015483          push    eax             ; lpVersionInformation
-        // .text:10015484          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:1001548C          mov     [edi], esi
-        // .text:1001548E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $15482);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $13E48);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-
-        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19629);
-        MovJump.MovOp := $89;  // mov eax, ecx
-        MovJump.MovArg := $C8; // __msfastcall compatibility
-        MovJump.PushOp := $68;
-        MovJump.PushArg := @New_Win8SL;
-        MovJump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @MovJump, SizeOf(mov_far_jmp), bw);
-      end;
-      if (FV.Release = 9200) and (FV.Build = 16384) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:1001554E          lea     eax, [esp+150h+VersionInformation]
-        // .text:10015552          inc     esi            <- nop
-        // .text:10015553          push    eax             ; lpVersionInformation
-        // .text:10015554          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:1001555C          mov     [edi], esi
-        // .text:1001555E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $15552);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $13F08);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-
-        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19559);
-        MovJump.MovOp := $89;  // mov eax, ecx
-        MovJump.MovArg := $C8; // __msfastcall compatibility
-        MovJump.PushOp := $68;
-        MovJump.PushArg := @New_Win8SL;
-        MovJump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @MovJump, SizeOf(mov_far_jmp), bw);
-      end;
-      if (FV.Release = 9200) and (FV.Build = 17048) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:1002058E          lea     eax, [esp+150h+VersionInformation]
-        // .text:10020592          inc     esi            <- nop
-        // .text:10020593          push    eax             ; lpVersionInformation
-        // .text:10020594          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:1002059C          mov     [edi], esi
-        // .text:1002059E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $20592);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1F408);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-
-        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $17059);
-        MovJump.MovOp := $89;  // mov eax, ecx
-        MovJump.MovArg := $C8; // __msfastcall compatibility
-        MovJump.PushOp := $68;
-        MovJump.PushArg := @New_Win8SL;
-        MovJump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @MovJump, SizeOf(mov_far_jmp), bw);
-      end;
-      if (FV.Release = 9200) and (FV.Build = 21166) then begin
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:10015576          lea     eax, [esp+150h+VersionInformation]
-        // .text:1001557A          inc     esi            <- nop
-        // .text:1001557B          push    eax             ; lpVersionInformation
-        // .text:1001557C          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-        // .text:10015584          mov     [edi], esi
-        // .text:10015586          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1557A);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $13F30);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_esi[0],
-        SizeOf(CDefPolicy_Query_eax_esi), bw);
-
-        WriteLog('Hook SLGetWindowsInformationDWORDWrapper');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $19581);
-        MovJump.MovOp := $89;  // mov eax, ecx
-        MovJump.MovArg := $C8; // __msfastcall compatibility
-        MovJump.PushOp := $68;
-        MovJump.PushArg := @New_Win8SL;
-        MovJump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @MovJump, SizeOf(mov_far_jmp), bw);
-      end;
-    end;
-  end;
-  if V = $0603 then begin
-    // Windows 8.1
-    // uses SL Policy internal inline code
-
-    if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
-      // Patch functions:
-      // CEnforcementCore::GetInstanceOfTSLicense
-      // CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-      // CDefPolicy::Query
-      // Hook function:
-      // CSLQuery::Initialize
-
-      if (FV.Release = 9431) and (FV.Build = 0) then begin
-        WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
-        // .text:1008A604          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-        // .text:1008A609          test    eax, eax
-        // .text:1008A60B          js      short loc_1008A628
-        // .text:1008A60D          cmp     [ebp+var_8], 0
-        // .text:1008A611          jz      short loc_1008A628 <- jmp
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $8A611);
-        b := $EB;
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @b, 1, bw);
-
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:100306A4          lea     eax, [esp+150h+VersionInformation]
-        // .text:100306A8          inc     ebx            <- nop
-        // .text:100306A9          mov     [edi], ebx
-        // .text:100306AB          push    eax             ; lpVersionInformation
-        // .text:100306AC          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $306A8);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $2EA25);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_ecx[0],
-        SizeOf(CDefPolicy_Query_eax_ecx), bw);
-
-        WriteLog('Hook CSLQuery::Initialize');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $196B0);
-        Jump.PushOp := $68;
-        Jump.PushArg := @New_CSLQuery_Initialize;
-        Jump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @Jump, SizeOf(far_jmp), bw);
-      end;
-      if (FV.Release = 9600) and (FV.Build = 16384) then begin
-        WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
-        // .text:100A271C          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-        // .text:100A2721          test    eax, eax
-        // .text:100A2723          js      short loc_100A2740
-        // .text:100A2725          cmp     [ebp+var_8], 0
-        // .text:100A2729          jz      short loc_100A2740 <- jmp
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $A2729);
-        b := $EB;
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @b, 1, bw);
-
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:10018024          lea     eax, [esp+150h+VersionInformation]
-        // .text:10018028          inc     ebx            <- nop
-        // .text:10018029          mov     [edi], ebx
-        // .text:1001802B          push    eax             ; lpVersionInformation
-        // .text:1001802C          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $18028);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $16115);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_ecx[0],
-        SizeOf(CDefPolicy_Query_eax_ecx), bw);
-
-        WriteLog('Hook CSLQuery::Initialize');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $1CEB0);
-        Jump.PushOp := $68;
-        Jump.PushArg := @New_CSLQuery_Initialize;
-        Jump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @Jump, SizeOf(far_jmp), bw);
-      end;
-      if (FV.Release = 9600) and (FV.Build = 17095) then begin
-        WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
-        // .text:100A36C4          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-        // .text:100A36C9          test    eax, eax
-        // .text:100A36CB          js      short loc_100A36E8
-        // .text:100A36CD          cmp     [ebp+var_8], 0
-        // .text:100A36D1          jz      short loc_100A36E8 <- jmp
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $A36D1);
-        b := $EB;
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @b, 1, bw);
-
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:10036BA5          lea     eax, [esp+150h+VersionInformation]
-        // .text:10036BA9          inc     ebx            <- nop
-        // .text:10036BAA          mov     [edi], ebx
-        // .text:10036BAC          push    eax             ; lpVersionInformation
-        // .text:10036BAD          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $36BA9);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $37529);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_ecx[0],
-        SizeOf(CDefPolicy_Query_eax_ecx), bw);
-
-        WriteLog('Hook CSLQuery::Initialize');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $117F1);
-        Jump.PushOp := $68;
-        Jump.PushArg := @New_CSLQuery_Initialize;
-        Jump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @Jump, SizeOf(far_jmp), bw);
-      end;
-
-    end;
-  end;
-  if V = $0604 then begin
-    // Windows 10
-    // uses SL Policy internal inline code
-
-    if GetModuleAddress('termsrv.dll', GetCurrentProcessId, TermSrvBase, TermSrvSize) then begin
-      // Patch functions:
-      // CEnforcementCore::GetInstanceOfTSLicense
-      // CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-      // CDefPolicy::Query
-      // Hook function:
-      // CSLQuery::Initialize
-
-      if (FV.Release = 9841) and (FV.Build = 0) then begin
-        WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
-        // .text:1009569B          call    sub_100B7EE5
-        // .text:100956A0          test    eax, eax
-        // .text:100956A2          js      short loc_100956BF
-        // .text:100956A4          cmp     [ebp+var_C], 0
-        // .text:100956A8          jz      short loc_100956BF <- jmp
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $956A8);
-        b := $EB;
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @b, 1, bw);
-
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:10030121          lea     eax, [esp+150h+VersionInformation]
-        // .text:10030125          inc     ebx            <- nop
-        // .text:10030126          mov     [edi], ebx
-        // .text:10030128          push    eax             ; lpVersionInformation
-        // .text:10030129          call    ds:GetVersionExW
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $30125);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $3B989);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_ecx[0],
-        SizeOf(CDefPolicy_Query_eax_ecx), bw);
-
-        WriteLog('Hook CSLQuery::Initialize');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $46A68);
-        Jump.PushOp := $68;
-        Jump.PushArg := @New_CSLQuery_Initialize;
-        Jump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @Jump, SizeOf(far_jmp), bw);
-      end;
-
-      if (FV.Release = 9860) and (FV.Build = 0) then begin
-        WriteLog('Patch CEnforcementCore::GetInstanceOfTSLicense');
-        // .text:100962BB          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-        // .text:100962C0          test    eax, eax
-        // .text:100962C2          js      short loc_100962DF
-        // .text:100962C4          cmp     [ebp+var_C], 0
-        // .text:100962C8          jz      short loc_100962DF <- jmp
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $962C8);
-        b := $EB;
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @b, 1, bw);
-
-        WriteLog('Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled');
-        // .text:10030841          lea     eax, [esp+150h+VersionInformation]
-        // .text:10030845          inc     ebx            <- nop
-        // .text:10030846          mov     [edi], ebx
-        // .text:10030848          push    eax             ; lpVersionInformation
-        // .text:10030849          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $30845);
-        WriteProcessMemory(GetCurrentProcess, SignPtr, @nop, 1, bw);
-
-        WriteLog('Patch CDefPolicy::Query');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $3BEC9);
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-        @CDefPolicy_Query_eax_ecx[0],
-        SizeOf(CDefPolicy_Query_eax_ecx), bw);
-
-        WriteLog('Hook CSLQuery::Initialize');
-        SignPtr := Pointer(Cardinal(TermSrvBase) + $46F18);
-        Jump.PushOp := $68;
-        Jump.PushArg := @New_CSLQuery_Initialize;
-        Jump.RetOp := $C3;
-        WriteProcessMemory(GetCurrentProcess, SignPtr,
-          @Jump, SizeOf(far_jmp), bw);
-      end;
-
-    end;
-  end;
-
-  // unfreeze threads
-  WriteLog('resume');
-  RunThreads();
-end;
-
-function TermServiceMain(dwArgc: DWORD; lpszArgv: PWideChar): DWORD; stdcall;
-begin
-  // wrap ServiceMain function
-  WriteLog('> ServiceMain');
-  if not IsHooked then
-    HookFunctions;
-  Result := 0;
-  if @TSMain <> nil then
-    Result := TSMain(dwArgc, lpszArgv);
-end;
-
-function TermServiceGlobals(lpGlobalData: Pointer): DWORD; stdcall;
-begin
-  // wrap SvchostPushServiceGlobals function
-  WriteLog('> SvchostPushServiceGlobals');
-  if not IsHooked then
-    HookFunctions;
-  Result := 0;
-  if @TSGlobals <> nil then
-    Result := TSGlobals(lpGlobalData);
-end;
-
-// export section
-
-exports
-  TermServiceMain index 1 name 'ServiceMain';
-exports
-  TermServiceGlobals index 2 name 'SvchostPushServiceGlobals';
-
-begin
-  // DllMain procedure is not used
-end.
\ No newline at end of file
diff --git a/src-x86-binarymaster/src/rdpwrap.dproj.local b/src-x86-binarymaster/src/rdpwrap.dproj.local
deleted file mode 100644
index b3811b7..0000000
--- a/src-x86-binarymaster/src/rdpwrap.dproj.local
+++ /dev/null
@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<BorlandProject/>
diff --git a/src-x86-binarymaster/src/rdpwrap.identcache b/src-x86-binarymaster/src/rdpwrap.identcache
deleted file mode 100644
index 89a10bb..0000000
Binary files a/src-x86-binarymaster/src/rdpwrap.identcache and /dev/null differ
diff --git a/src-x86-x64-Fusix/src/Export.def b/src-x86-x64-Fusix/Export.def
similarity index 100%
rename from src-x86-x64-Fusix/src/Export.def
rename to src-x86-x64-Fusix/Export.def
diff --git a/src-x86-x64-Fusix/IniFile.cpp b/src-x86-x64-Fusix/IniFile.cpp
new file mode 100644
index 0000000..5c610d3
--- /dev/null
+++ b/src-x86-x64-Fusix/IniFile.cpp
@@ -0,0 +1,562 @@
+/*
+Copyright 2014 Stas'M Corp.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+#include "stdafx.h"
+#include <Windows.h>
+#include <stdlib.h>
+#include "IniFile.h"
+
+INI_FILE::INI_FILE(wchar_t *FilePath)
+{
+	DWORD Status = 0;
+	DWORD NumberOfBytesRead = 0;
+
+	HANDLE hFile = CreateFile(FilePath, GENERIC_READ, FILE_SHARE_WRITE|FILE_SHARE_READ,
+		NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+
+	if (hFile == INVALID_HANDLE_VALUE)
+	{
+		return;
+	}
+
+	FileSize = GetFileSize(hFile, NULL);
+	if (FileSize == INVALID_FILE_SIZE)
+	{
+		return;
+	}
+
+	FileRaw = new char[FileSize];
+	Status = ReadFile(hFile, FileRaw, FileSize, &NumberOfBytesRead, NULL);
+	if (!Status)
+	{
+		return;
+	}
+
+	CreateStringsMap();
+	Parse();
+}
+
+
+INI_FILE::~INI_FILE()
+{
+	for (DWORD i = 0; i < IniData.SectionCount; i++)
+	{
+		delete[] IniData.Section[i].Variables;
+	}
+	delete[] IniData.Section;
+	delete[] FileStringsMap;
+	delete FileRaw;
+}
+
+bool INI_FILE::CreateStringsMap()
+{
+	DWORD StringsCount = 1;
+
+	for (DWORD i = 0; i < FileSize; i++)
+	{
+		if (FileRaw[i] == '\r' && FileRaw[i + 1] == '\n') StringsCount++;
+	}
+
+	FileStringsCount = StringsCount;
+
+	FileStringsMap = new DWORD[StringsCount];
+	FileStringsMap[0] = 0;
+
+	StringsCount = 1;
+
+	for (DWORD i = 0; i < FileSize; i++)
+	{
+		if (FileRaw[i] == '\r' && FileRaw[i + 1] == '\n')
+		{
+			FileStringsMap[StringsCount] = i + 2;
+			StringsCount++;
+		}
+	}
+
+	return true;
+}
+
+int INI_FILE::StrTrim(char* Str)
+{
+	int i = 0, j;
+	while ((Str[i] == ' ') || (Str[i] == '\t'))
+	{
+		i++;
+	}
+	if (i>0)
+	{
+		for (j = 0; j < strlen(Str); j++)
+		{
+			Str[j] = Str[j + i];
+		}
+		Str[j] = '\0';
+	}
+
+	i = strlen(Str) - 1;
+	while ((Str[i] == ' ') || (Str[i] == '\t'))
+	{
+		i--;
+	}
+	if (i < (strlen(Str) - 1))
+	{
+		Str[i + 1] = '\0';
+	}
+	return 0;
+}
+
+DWORD INI_FILE::GetFileStringFromNum(DWORD StringNumber, char *RetString, DWORD Size)
+{
+	DWORD CurrentStringNum = 0;
+	DWORD EndStringPos = 0;
+	DWORD StringSize = 0;
+
+	if (StringNumber > FileStringsCount) return 0;
+
+	for (DWORD i = FileStringsMap[StringNumber]; i < FileSize; i++)
+	{
+		if (i == (FileSize - 1))
+		{
+			EndStringPos = FileSize;
+			break;
+		}
+		if (FileRaw[i] == '\r' && FileRaw[i + 1] == '\n')
+		{
+			EndStringPos = i;
+			break;
+		}
+	}
+
+	StringSize = EndStringPos - FileStringsMap[StringNumber];
+
+	if (Size < StringSize) return 0;
+
+	memset(RetString, 0x00, Size);
+	memcpy(RetString, &(FileRaw[FileStringsMap[StringNumber]]), StringSize);
+	return StringSize;
+}
+
+bool INI_FILE::IsVariable(char *Str, DWORD StrSize)
+{
+	bool Quotes = false;
+
+	for (DWORD i = 0; i < StrSize; i++)
+	{
+		if (Str[i] == '"' || Str[i] == '\'') Quotes = !Quotes;
+		if (Str[i] == '=' && !Quotes) return true;
+	}
+	return false;
+}
+
+bool INI_FILE::FillVariable(INI_SECTION_VARIABLE *Variable, char *Str, DWORD StrSize)
+{
+	bool Quotes = false;
+
+	for (DWORD i = 0; i < StrSize; i++)
+	{
+		if (Str[i] == '"' || Str[i] == '\'') Quotes = !Quotes;
+		if (Str[i] == '=' && !Quotes)
+		{
+			memset(Variable->VariableName, 0, MAX_STRING_LEN);
+			memset(Variable->VariableValue, 0, MAX_STRING_LEN);
+			memcpy(Variable->VariableName, Str, i);
+			memcpy(Variable->VariableValue, &(Str[i + 1]), StrSize - (i - 1));
+			StrTrim(Variable->VariableName);
+			StrTrim(Variable->VariableValue);
+			break;
+		}
+	}
+	return true;
+}
+
+bool INI_FILE::Parse()
+{
+	DWORD CurrentStringNum = 0;
+	char CurrentString[512];
+	DWORD CurrentStringSize = 0;
+
+	DWORD SectionsCount = 0;
+	DWORD VariablesCount = 0;
+
+	DWORD CurrentSectionNum = -1;
+	DWORD CurrentVariableNum = -1;
+
+	// Calculate sections count
+	for (DWORD CurrentStringNum = 0; CurrentStringNum < FileStringsCount; CurrentStringNum++)
+	{
+		CurrentStringSize = GetFileStringFromNum(CurrentStringNum, CurrentString, 512);
+
+		if (CurrentString[0] == ';') continue; // It's a comment
+
+		if (CurrentString[0] == '[' && CurrentString[CurrentStringSize - 1] == ']')	// It's section declaration
+		{
+			SectionsCount++;
+			continue;
+		}
+	}
+
+	DWORD *SectionVariableCount = new DWORD[SectionsCount];
+	memset(SectionVariableCount, 0x00, sizeof(DWORD)*SectionsCount);
+
+	for (DWORD CurrentStringNum = 0; CurrentStringNum < FileStringsCount; CurrentStringNum++)
+	{
+		CurrentStringSize = GetFileStringFromNum(CurrentStringNum, CurrentString, 512);
+
+		if (CurrentString[0] == ';') continue; // It's a comment
+
+
+		if (CurrentString[0] == '[' && CurrentString[CurrentStringSize - 1] == ']')	// It's section declaration
+		{
+			CurrentSectionNum++;
+			continue;
+		}
+		if (IsVariable(CurrentString, CurrentStringSize))
+		{
+			VariablesCount++;
+			SectionVariableCount[CurrentSectionNum]++;
+			continue;
+		}
+	}
+
+	IniData.SectionCount = SectionsCount;
+	IniData.Section = new INI_SECTION[SectionsCount];
+	memset(IniData.Section, 0x00, sizeof(PINI_SECTION)*SectionsCount);
+
+	for (DWORD i = 0; i < SectionsCount; i++)
+	{
+		IniData.Section[i].VariablesCount = SectionVariableCount[i];
+		IniData.Section[i].Variables = new INI_SECTION_VARIABLE[SectionVariableCount[i]];
+		memset(IniData.Section[i].Variables, 0x00, sizeof(INI_SECTION_VARIABLE)*SectionVariableCount[i]);
+	}
+
+	delete[] SectionVariableCount;
+
+	CurrentSectionNum = -1;
+	CurrentVariableNum = -1;
+
+	for (DWORD CurrentStringNum = 0; CurrentStringNum < FileStringsCount; CurrentStringNum++)
+	{
+		CurrentStringSize = GetFileStringFromNum(CurrentStringNum, CurrentString, 512);
+
+		if (CurrentString[0] == ';') // It's a comment
+		{
+			continue;
+		}
+
+		if (CurrentString[0] == '[' && CurrentString[CurrentStringSize - 1] == ']')
+		{
+			CurrentSectionNum++;
+			CurrentVariableNum = 0;
+			memset(IniData.Section[CurrentSectionNum].SectionName, 0, MAX_STRING_LEN);
+			memcpy(IniData.Section[CurrentSectionNum].SectionName, &(CurrentString[1]), (CurrentStringSize - 2));
+			continue;
+		}
+
+		if (IsVariable(CurrentString, CurrentStringSize))
+		{
+			FillVariable(&(IniData.Section[CurrentSectionNum].Variables[CurrentVariableNum]), CurrentString, CurrentStringSize);
+			CurrentVariableNum++;
+			continue;
+		}
+	}
+
+	return true;
+}
+
+PINI_SECTION INI_FILE::GetSection(char *SectionName)
+{
+	for (DWORD i = 0; i < IniData.SectionCount; i++)
+	{
+		if (
+			(strlen(IniData.Section[i].SectionName) == strlen(SectionName)) &&
+			(memcmp(IniData.Section[i].SectionName, SectionName, strlen(SectionName)) == 0)
+		)
+		{
+			return &IniData.Section[i];
+		}
+	}
+	return NULL;
+}
+
+bool INI_FILE::SectionExists(char *SectionName)
+{
+	if (GetSection(SectionName) == NULL)	return false;
+	return true;
+}
+
+bool INI_FILE::VariableExists(char *SectionName, char *VariableName)
+{
+	INI_SECTION_VARIABLE Variable = { 0 };
+	return GetVariableInSectionPrivate(SectionName, VariableName, &Variable);
+}
+
+bool INI_FILE::GetVariableInSectionPrivate(char *SectionName, char *VariableName, INI_SECTION_VARIABLE *RetVariable)
+{
+	INI_SECTION *Section = NULL;
+	INI_SECTION_VARIABLE *Variable = NULL;
+
+	// Find section
+	Section = GetSection(SectionName);
+	if (Section == NULL)
+	{
+		SetLastError(318); // This region is not found
+		return false;
+	}
+
+	// Find variable
+	for (DWORD i = 0; i < Section->VariablesCount; i++)
+	{
+		if (
+			(strlen(Section->Variables[i].VariableName) == strlen(VariableName)) &&
+			(memcmp(Section->Variables[i].VariableName, VariableName, strlen(VariableName)) == 0)
+		)
+		{
+			Variable = &(Section->Variables[i]);
+			break;
+		}
+	}
+	if (Variable == NULL)
+	{
+		SetLastError(1898); // Member of the group is not found
+		return false;
+	}
+
+	memset(RetVariable, 0x00, sizeof(*RetVariable));
+	memcpy(RetVariable, Variable, sizeof(*Variable));
+
+	return true;
+}
+
+bool INI_FILE::GetVariableInSection(char *SectionName, char *VariableName, INI_VAR_STRING *RetVariable)
+{
+	bool Status = false;
+	INI_SECTION_VARIABLE Variable = {};
+
+	Status = GetVariableInSectionPrivate(SectionName, VariableName, &Variable);
+	if (!Status)	return Status;
+
+	memset(RetVariable, 0x00, sizeof(*RetVariable));
+	memcpy(RetVariable->Name, Variable.VariableName, strlen(Variable.VariableName));
+	memcpy(RetVariable->Value, Variable.VariableValue, strlen(Variable.VariableValue));
+
+	return true;
+}
+
+bool INI_FILE::GetVariableInSection(char *SectionName, char *VariableName, INI_VAR_DWORD *RetVariable)
+{
+	bool Status = false;
+	INI_SECTION_VARIABLE Variable = {};
+
+	Status = GetVariableInSectionPrivate(SectionName, VariableName, &Variable);
+	if (!Status)	return Status;
+
+	memset(RetVariable, 0x00, sizeof(*RetVariable));
+	memcpy(RetVariable->Name, Variable.VariableName, strlen(Variable.VariableName));
+
+#ifndef _WIN64
+	RetVariable->ValueDec = strtol(Variable.VariableValue, NULL, 10);
+	RetVariable->ValueHex = strtol(Variable.VariableValue, NULL, 16);
+#else
+	RetVariable->ValueDec = _strtoi64(Variable.VariableValue, NULL, 10);
+	RetVariable->ValueHex = _strtoi64(Variable.VariableValue, NULL, 16);
+#endif
+	return true;
+}
+
+bool INI_FILE::GetVariableInSection(char *SectionName, char *VariableName, INI_VAR_BYTEARRAY *RetVariable)
+{
+	bool Status = false;
+	INI_SECTION_VARIABLE Variable = {};
+
+	Status = GetVariableInSectionPrivate(SectionName, VariableName, &Variable);
+	if (!Status)	return Status;
+
+	DWORD ValueLen = strlen(Variable.VariableValue);
+	if ((ValueLen % 2) != 0) return false;
+
+	// for security reasons not more than 16 bytes
+	if (ValueLen > 32) ValueLen = 32;  // 32 hex digits
+
+	memset(RetVariable, 0x00, sizeof(*RetVariable));
+	memcpy(RetVariable->Name, Variable.VariableName, strlen(Variable.VariableName));
+
+	for (DWORD i = 0; i <= ValueLen; i++)
+	{
+		if ((i % 2) != 0) continue;
+
+		switch (Variable.VariableValue[i])
+		{
+		case '0': break;
+		case '1': RetVariable->Value[(i / 2)] += (1 << 4); break;
+		case '2': RetVariable->Value[(i / 2)] += (2 << 4); break;
+		case '3': RetVariable->Value[(i / 2)] += (3 << 4); break;
+		case '4': RetVariable->Value[(i / 2)] += (4 << 4); break;
+		case '5': RetVariable->Value[(i / 2)] += (5 << 4); break;
+		case '6': RetVariable->Value[(i / 2)] += (6 << 4); break;
+		case '7': RetVariable->Value[(i / 2)] += (7 << 4); break;
+		case '8': RetVariable->Value[(i / 2)] += (8 << 4); break;
+		case '9': RetVariable->Value[(i / 2)] += (9 << 4); break;
+		case 'A': RetVariable->Value[(i / 2)] += (10 << 4); break;
+		case 'B': RetVariable->Value[(i / 2)] += (11 << 4); break;
+		case 'C': RetVariable->Value[(i / 2)] += (12 << 4); break;
+		case 'D': RetVariable->Value[(i / 2)] += (13 << 4); break;
+		case 'E': RetVariable->Value[(i / 2)] += (14 << 4); break;
+		case 'F': RetVariable->Value[(i / 2)] += (15 << 4); break;
+		}
+
+		switch (Variable.VariableValue[i + 1])
+		{
+		case '0': break;
+		case '1': RetVariable->Value[(i / 2)] += 1; break;
+		case '2': RetVariable->Value[(i / 2)] += 2; break;
+		case '3': RetVariable->Value[(i / 2)] += 3; break;
+		case '4': RetVariable->Value[(i / 2)] += 4; break;
+		case '5': RetVariable->Value[(i / 2)] += 5; break;
+		case '6': RetVariable->Value[(i / 2)] += 6; break;
+		case '7': RetVariable->Value[(i / 2)] += 7; break;
+		case '8': RetVariable->Value[(i / 2)] += 8; break;
+		case '9': RetVariable->Value[(i / 2)] += 9; break;
+		case 'A': RetVariable->Value[(i / 2)] += 10; break;
+		case 'B': RetVariable->Value[(i / 2)] += 11; break;
+		case 'C': RetVariable->Value[(i / 2)] += 12; break;
+		case 'D': RetVariable->Value[(i / 2)] += 13; break;
+		case 'E': RetVariable->Value[(i / 2)] += 14; break;
+		case 'F': RetVariable->Value[(i / 2)] += 15; break;
+		}
+	}
+	RetVariable->ArraySize = ValueLen / 2;
+	return true;
+}
+
+bool INI_FILE::GetVariableInSection(char *SectionName, char *VariableName, bool *RetVariable)
+{
+	bool Status = false;
+	INI_SECTION_VARIABLE Variable = {};
+
+	Status = GetVariableInSectionPrivate(SectionName, VariableName, &Variable);
+	if (!Status)	return Status;
+
+	*RetVariable = (bool)strtol(Variable.VariableValue, NULL, 10);
+	return true;
+}
+
+bool INI_FILE::GetSectionVariablesList(char *SectionName, INI_SECTION_VARLIST *VariablesList)
+{
+	INI_SECTION *Section = NULL;
+
+	Section = GetSection(SectionName);
+	if (Section == NULL)
+	{
+		SetLastError(318); // This region is not found
+		return false;
+	}
+
+	VariablesList->EntriesCount = Section->VariablesCount;
+
+	VariablesList->NamesEntries = new INI_SECTION_VARLIST_ENTRY[VariablesList->EntriesCount];
+	memset(VariablesList->NamesEntries, 0x00, sizeof(INI_SECTION_VARLIST_ENTRY)*VariablesList->EntriesCount);
+
+	VariablesList->ValuesEntries = new INI_SECTION_VARLIST_ENTRY[VariablesList->EntriesCount];
+	memset(VariablesList->ValuesEntries, 0x00, sizeof(INI_SECTION_VARLIST_ENTRY)*VariablesList->EntriesCount);
+
+	for (DWORD i = 0; i < Section->VariablesCount; i++)
+	{
+		memcpy(VariablesList->NamesEntries[i].String, Section->Variables[i].VariableName,
+			strlen(Section->Variables[i].VariableName));
+
+		memcpy(VariablesList->ValuesEntries[i].String, Section->Variables[i].VariableValue,
+			strlen(Section->Variables[i].VariableValue));
+	}
+
+	return true;
+}
+
+
+// ---------------------------- WCHAR_T BLOCK ----------------------------------------------
+
+bool INI_FILE::SectionExists(wchar_t *SectionName)
+{
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+
+	return GetSection(cSectionName);
+}
+
+bool INI_FILE::VariableExists(wchar_t *SectionName, wchar_t *VariableName)
+{
+	INI_SECTION_VARIABLE Variable = { 0 };
+
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+	char cVariableName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+	wcstombs(cVariableName, VariableName, MAX_STRING_LEN);
+
+	return GetVariableInSectionPrivate(cSectionName, cVariableName, &Variable);
+}
+
+bool INI_FILE::GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, INI_VAR_STRING *RetVariable)
+{
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+	char cVariableName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+	wcstombs(cVariableName, VariableName, MAX_STRING_LEN);
+
+	return GetVariableInSection(cSectionName, cVariableName, RetVariable);
+}
+
+bool INI_FILE::GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, INI_VAR_DWORD *RetVariable)
+{
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+	char cVariableName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+	wcstombs(cVariableName, VariableName, MAX_STRING_LEN);
+
+	return GetVariableInSection(cSectionName, cVariableName, RetVariable);
+}
+
+bool INI_FILE::GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, INI_VAR_BYTEARRAY *RetVariable)
+{
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+	char cVariableName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+	wcstombs(cVariableName, VariableName, MAX_STRING_LEN);
+
+	return GetVariableInSection(cSectionName, cVariableName, RetVariable);
+}
+
+bool INI_FILE::GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, bool *RetVariable)
+{
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+	char cVariableName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+	wcstombs(cVariableName, VariableName, MAX_STRING_LEN);
+
+	return GetVariableInSection(cSectionName, cVariableName, RetVariable);
+}
+
+bool INI_FILE::GetSectionVariablesList(wchar_t *SectionName, INI_SECTION_VARLIST *VariablesList)
+{
+	char cSectionName[MAX_STRING_LEN] = { 0x00 };
+
+	wcstombs(cSectionName, SectionName, MAX_STRING_LEN);
+
+	return GetSectionVariablesList(cSectionName, VariablesList);
+}
\ No newline at end of file
diff --git a/src-x86-x64-Fusix/IniFile.h b/src-x86-x64-Fusix/IniFile.h
new file mode 100644
index 0000000..632bf74
--- /dev/null
+++ b/src-x86-x64-Fusix/IniFile.h
@@ -0,0 +1,126 @@
+/*
+Copyright 2014 Stas'M Corp.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+#include "stdafx.h"
+#include <Windows.h>
+
+#define MAX_STRING_LEN 255
+
+// Out values struсts
+typedef struct _INI_VAR_STRING
+{
+	char Name[MAX_STRING_LEN];
+	char Value[MAX_STRING_LEN];
+} INI_VAR_STRING, *PINI_VAR_STRING;
+
+typedef struct _INI_VAR_DWORD
+{
+	char Name[MAX_STRING_LEN];
+#ifndef _WIN64
+	DWORD ValueDec;
+	DWORD ValueHex;
+#else
+	DWORD64 ValueDec;
+	DWORD64 ValueHex;
+#endif
+
+} INI_VAR_DWORD, *PINI_VAR_DWORD;
+
+typedef struct _INI_VAR_BYTEARRAY
+{
+	char Name[MAX_STRING_LEN];
+	BYTE ArraySize;
+	char Value[MAX_STRING_LEN];
+} INI_VAR_BYTEARRAY, *PINI_VAR_BYTEARRAY;
+
+typedef struct _INI_SECTION_VARLIST_ENTRY
+{
+	char String[MAX_STRING_LEN];
+} INI_SECTION_VARLIST_ENTRY, *PINI_SECTION_VARLIST_ENTRY;
+
+typedef struct _INI_SECTION_VARLIST
+{
+	DWORD EntriesCount;
+	[length_is(EntriesCount)] INI_SECTION_VARLIST_ENTRY *NamesEntries;
+	[length_is(EntriesCount)] INI_SECTION_VARLIST_ENTRY *ValuesEntries;
+} INI_SECTION_VARLIST, *PINI_SECTION_VARLIST;
+
+// end
+
+typedef struct _INI_SECTION_VARIABLE
+{
+	char VariableName[MAX_STRING_LEN];
+	char VariableValue[MAX_STRING_LEN];
+} INI_SECTION_VARIABLE, *PINI_SECTION_VARIABLE;
+
+
+typedef struct _INI_SECTION
+{
+	char SectionName[MAX_STRING_LEN];
+	DWORD VariablesCount;
+	[length_is(SectionCount)]	INI_SECTION_VARIABLE *Variables;
+
+} INI_SECTION, *PINI_SECTION;
+
+typedef struct _INI_DATA
+{
+	DWORD SectionCount;
+	[length_is(SectionCount)] INI_SECTION *Section;
+} INI_DATA, *PINI_DATA;
+
+class INI_FILE
+{
+public:
+	INI_FILE(wchar_t*);
+	~INI_FILE();
+
+	// char block
+	bool SectionExists(char *SectionName);
+	bool VariableExists(char *SectionName, char *VariableName);
+	bool GetVariableInSection(char *SectionName, char *VariableName, INI_VAR_STRING *Variable);
+	bool GetVariableInSection(char *SectionName, char *VariableName, INI_VAR_DWORD *Variable);
+	bool GetVariableInSection(char *SectionName, char *VariableName, bool *Variable);
+	bool GetVariableInSection(char *SectionName, char *VariableName, INI_VAR_BYTEARRAY *Variable);
+	bool GetSectionVariablesList(char *SectionName, INI_SECTION_VARLIST *VariablesList);
+
+	// wchar_t tramps
+	bool SectionExists(wchar_t *SectionName);
+	bool VariableExists(wchar_t *SectionName, wchar_t *VariableName);
+	bool GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, INI_VAR_STRING *Variable);
+	bool GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, INI_VAR_DWORD *Variable);
+	bool GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, bool *Variable);
+	bool GetVariableInSection(wchar_t *SectionName, wchar_t *VariableName, INI_VAR_BYTEARRAY *Variable);
+	bool GetSectionVariablesList(wchar_t *SectionName, INI_SECTION_VARLIST *VariablesList);
+
+private:
+	DWORD FileSize;	// Ini file size
+	char *FileRaw;	// Ini file raw dump
+	DWORD FileStringsCount;	//	String-map length
+	DWORD *FileStringsMap;	// String-map
+	INI_DATA IniData;	// Parsed data
+
+	// Common service functions
+	int StrTrim(char* Str);
+
+	// Class service functions
+	bool CreateStringsMap(); // Create file string-map
+	bool Parse();	// Parse file to class structures
+	DWORD GetFileStringFromNum(DWORD StringNumber, char *RetString, DWORD Size);	// Get string from string-map
+	bool IsVariable(char *Str, DWORD StrSize);
+	bool FillVariable(INI_SECTION_VARIABLE *Variable, char *Str, DWORD StrSize);	// Fill INI_SECTION_VARIABLE struct (for Parse)
+	PINI_SECTION GetSection(char *SectionName);
+	bool GetVariableInSectionPrivate(char *SectionName, char *VariableName, INI_SECTION_VARIABLE *RetVariable);
+};
diff --git a/src-x86-x64-Fusix/RDPWrap.cpp b/src-x86-x64-Fusix/RDPWrap.cpp
new file mode 100644
index 0000000..c5a80c6
--- /dev/null
+++ b/src-x86-x64-Fusix/RDPWrap.cpp
@@ -0,0 +1,869 @@
+/*
+  Copyright 2014 Stas'M Corp.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/
+
+#include "stdafx.h"
+#include "IniFile.h"
+#include <stdlib.h>
+
+typedef struct
+{
+	union
+	{
+		struct
+		{
+			WORD Minor;
+			WORD Major;
+		} wVersion;
+		DWORD dwVersion;
+	};
+	WORD Release;
+	WORD Build;
+} FILE_VERSION;
+
+#ifdef _WIN64
+typedef unsigned long long PLATFORM_DWORD;
+struct FARJMP
+{	// x64 far jump | opcode | assembly
+	BYTE MovOp;		// 48	mov rax, ptr
+	BYTE MovRegArg;	// B8
+	DWORD64 MovArg;	// PTR
+	BYTE PushRaxOp; // 50	push rax
+	BYTE RetOp;		// C3	retn
+};
+#else
+typedef unsigned long PLATFORM_DWORD;
+struct FARJMP
+{	// x86 far jump | opcode | assembly
+	BYTE PushOp;	// 68	push ptr
+	DWORD PushArg;	// PTR
+	BYTE RetOp;		// C3	retn
+};
+#endif
+
+FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
+SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
+
+INI_FILE *IniFile;
+wchar_t LogFile[256] = L"\\rdpwrap.txt\0";
+HMODULE hTermSrv;
+HMODULE hSLC;
+PLATFORM_DWORD TermSrvBase;
+FILE_VERSION FV;
+SERVICEMAIN _ServiceMain;
+SVCHOSTPUSHSERVICEGLOBALS _SvchostPushServiceGlobals;
+bool AlreadyHooked = false;
+
+DWORD INIReadDWordHex(INI_FILE *IniFile, char *Sect, char *VariableName, PLATFORM_DWORD Default)
+{
+	INI_VAR_DWORD Variable;
+
+	if(IniFile->GetVariableInSection(Sect, VariableName, &Variable))
+	{
+		return Variable.ValueHex;
+	}
+	return Default;
+}
+
+void INIReadString(INI_FILE *IniFile, char *Sect, char *VariableName, char *Default, char *Ret, DWORD RetSize)
+{
+	INI_VAR_STRING Variable;
+
+	memset(Ret, 0x00, RetSize);
+	if(!IniFile->GetVariableInSection(Sect, VariableName, &Variable))
+	{
+		strcpy_s(Ret, RetSize, Default);
+		return;
+	}
+	strcpy_s(Ret, RetSize, Variable.Value);
+}
+
+void WriteToLog(LPSTR Text)
+{
+	DWORD dwBytesOfWritten;
+
+	HANDLE hFile = CreateFile(LogFile, GENERIC_WRITE, FILE_SHARE_WRITE | FILE_SHARE_READ, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
+	if (hFile == INVALID_HANDLE_VALUE) return;
+
+	SetFilePointer(hFile, 0, 0, FILE_END);
+	WriteFile(hFile, Text, strlen(Text), &dwBytesOfWritten, NULL);
+	CloseHandle(hFile);
+}
+
+HMODULE GetCurrentModule()
+{
+	HMODULE hModule = NULL;
+	GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, (LPCWSTR)GetCurrentModule, &hModule);
+	return hModule;
+}
+
+/*PLATFORM_DWORD SearchAddressBySignature(char *StartPosition, PLATFORM_DWORD Size, char *Signature, int SignatureSize)
+{
+	PLATFORM_DWORD AddressReturn = -1;
+
+	for (PLATFORM_DWORD i = 0; i < Size; i++)
+	{
+		for (int j = 0; StartPosition[i+j] == Signature[j] && j < SignatureSize; j++)
+		{
+			if (j == SignatureSize-1) AddressReturn = (PLATFORM_DWORD)&StartPosition[i];
+		}
+	}
+
+	return AddressReturn;
+}*/
+
+bool GetModuleCodeSectionInfo(HMODULE hModule, PLATFORM_DWORD *BaseAddr, PLATFORM_DWORD *BaseSize)
+{
+	PIMAGE_DOS_HEADER		pDosHeader;
+	PIMAGE_FILE_HEADER      pFileHeader;
+	PIMAGE_OPTIONAL_HEADER  pOptionalHeader;
+
+	if (hModule == NULL) return false;
+
+	pDosHeader = (PIMAGE_DOS_HEADER)hModule;
+	pFileHeader = (PIMAGE_FILE_HEADER)(((PBYTE)hModule)+pDosHeader->e_lfanew+4);
+	pOptionalHeader = (PIMAGE_OPTIONAL_HEADER)(pFileHeader+1);
+
+	*BaseAddr = (PLATFORM_DWORD)hModule;
+	*BaseSize = (PLATFORM_DWORD)pOptionalHeader->SizeOfCode;
+
+	if (*BaseAddr <= 0 || *BaseSize <= 0) return false;
+	return true;
+}
+
+void SetThreadsState(bool Resume)
+{
+	HANDLE h, hThread;
+	DWORD CurrTh, CurrPr;
+	THREADENTRY32 Thread;
+
+	CurrTh = GetCurrentThreadId();
+	CurrPr = GetCurrentProcessId();
+
+	h = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
+	if (h != INVALID_HANDLE_VALUE)
+	{
+		Thread.dwSize = sizeof(THREADENTRY32);
+		Thread32First(h, &Thread);
+		do
+		{
+			if (Thread.th32ThreadID != CurrTh && Thread.th32OwnerProcessID == CurrPr)
+			{
+				hThread = OpenThread(THREAD_SUSPEND_RESUME, false, Thread.th32ThreadID);
+				if (hThread != INVALID_HANDLE_VALUE)
+				{
+					if (Resume)		ResumeThread(hThread);
+					else			SuspendThread(hThread);
+					CloseHandle(hThread);
+				}
+			}
+		} while (Thread32Next(h, &Thread));
+		CloseHandle(h);
+	}
+}
+
+BOOL __stdcall GetModuleVersion(LPCWSTR lptstrModuleName, FILE_VERSION *FileVersion)
+{
+	typedef struct
+	{
+		WORD             wLength;
+		WORD             wValueLength;
+		WORD             wType;
+		WCHAR            szKey[16];
+		WORD             Padding1;
+		VS_FIXEDFILEINFO Value;
+		WORD             Padding2;
+		WORD             Children;
+	} VS_VERSIONINFO;
+
+	HMODULE hMod = GetModuleHandle(lptstrModuleName);
+	if(!hMod)
+	{
+		return false;
+	}
+
+	HRSRC hResourceInfo = FindResourceW(hMod, (LPCWSTR)1, (LPCWSTR)0x10);
+	if(!hResourceInfo)
+	{
+		return false;
+	}
+
+	VS_VERSIONINFO *VersionInfo = (VS_VERSIONINFO*)LoadResource(hMod, hResourceInfo);
+	if(!VersionInfo)
+	{
+		return false;
+	}
+
+	FileVersion->dwVersion = VersionInfo->Value.dwFileVersionMS;
+	FileVersion->Release = (WORD)(VersionInfo->Value.dwFileVersionLS >> 16);
+	FileVersion->Build = (WORD)VersionInfo->Value.dwFileVersionLS;
+
+	return true;
+}
+
+BOOL __stdcall GetFileVersion(LPCWSTR lptstrFilename, FILE_VERSION *FileVersion)
+{
+	typedef struct
+	{
+		WORD             wLength;
+		WORD             wValueLength;
+		WORD             wType;
+		WCHAR            szKey[16];
+		WORD             Padding1;
+		VS_FIXEDFILEINFO Value;
+		WORD             Padding2;
+		WORD             Children;
+	} VS_VERSIONINFO;
+
+	HMODULE hFile = LoadLibraryExW(lptstrFilename, NULL, LOAD_LIBRARY_AS_DATAFILE);
+	if(!hFile)
+	{
+		return false;
+	}
+
+	HRSRC hResourceInfo = FindResourceW(hFile, (LPCWSTR)1, (LPCWSTR)0x10);
+	if(!hResourceInfo)
+	{
+		return false;
+	}
+
+	VS_VERSIONINFO *VersionInfo = (VS_VERSIONINFO*)LoadResource(hFile, hResourceInfo);
+	if(!VersionInfo)
+	{
+		return false;
+	}
+
+	FileVersion->dwVersion = VersionInfo->Value.dwFileVersionMS;
+	FileVersion->Release = (WORD)(VersionInfo->Value.dwFileVersionLS >> 16);
+	FileVersion->Build = (WORD)VersionInfo->Value.dwFileVersionLS;
+
+	return true;
+}
+
+bool OverrideSL(LPWSTR ValueName, DWORD *Value)
+{
+	INI_VAR_DWORD Variable = {0};
+
+	if (IniFile->VariableExists(L"SLPolicy", ValueName))
+	{
+		if (!(IniFile->GetVariableInSection(L"SLPolicy", ValueName, &Variable))) *Value = 0;
+		else *Value = Variable.ValueDec;
+		return true;
+	}
+	return false;
+}
+
+HRESULT WINAPI New_SLGetWindowsInformationDWORD(PWSTR pwszValueName, DWORD *pdwValue)
+{
+	// wrapped SLGetWindowsInformationDWORD function
+	// termsrv.dll will call this function instead of original SLC.dll
+
+	// Override SL Policy
+
+	extern FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
+	extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
+
+	char *Log;
+	DWORD dw;
+	SIZE_T bw;
+	HRESULT Result;
+
+	Log = new char[1024];
+	wsprintfA(Log, "Policy query: %S\r\n", pwszValueName);
+	WriteToLog(Log);
+	delete[] Log;
+
+	if (OverrideSL(pwszValueName, &dw))
+	{
+		*pdwValue = dw;
+
+		Log = new char[1024];
+		wsprintfA(Log, "Policy rewrite: %i\r\n", dw);
+		WriteToLog(Log);
+		delete[] Log;
+
+		return S_OK;
+	}
+
+	WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
+	Result = _SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
+	if (Result == S_OK)
+	{
+		Log = new char[1024];
+		wsprintfA(Log, "Policy result: %i\r\n", dw);
+		WriteToLog(Log);
+		delete[] Log;
+	} else {
+		WriteToLog("Policy request failed\r\n");
+	}
+	WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
+
+	return Result;
+}
+
+HRESULT __fastcall New_Win8SL(PWSTR pwszValueName, DWORD *pdwValue)
+{
+	// wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
+	// for Windows 8 support
+
+	// Override SL Policy
+
+	extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
+
+	char *Log;
+	DWORD dw;
+	HRESULT Result;
+
+	Log = new char[1024];
+	wsprintfA(Log, "Policy query: %S\r\n", pwszValueName);
+	WriteToLog(Log);
+	delete[] Log;
+
+	if (OverrideSL(pwszValueName, &dw))
+	{
+		*pdwValue = dw;
+
+		Log = new char[1024];
+		wsprintfA(Log, "Policy rewrite: %i\r\n", dw);
+		WriteToLog(Log);
+		delete[] Log;
+
+		return S_OK;
+	}
+
+	Result = _SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
+	if (Result == S_OK)
+	{
+		Log = new char[1024];
+		wsprintfA(Log, "Policy result: %i\r\n", dw);
+		WriteToLog(Log);
+		delete[] Log;
+	} else {
+		WriteToLog("Policy request failed\r\n");
+	}
+
+	return Result;
+}
+
+#ifndef _WIN64
+HRESULT __fastcall New_Win8SL_CP(DWORD arg1, DWORD *pdwValue, PWSTR pwszValueName, DWORD arg4)
+{
+	// wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
+	// for Windows 8 Consumer Preview support
+
+	return New_Win8SL(pwszValueName, pdwValue);
+}
+#endif
+
+HRESULT WINAPI New_CSLQuery_Initialize()
+{
+	extern PLATFORM_DWORD TermSrvBase;
+	extern FILE_VERSION FV;
+
+	char *Log;
+	DWORD *bServerSku = NULL;
+	DWORD *bRemoteConnAllowed = NULL;
+	DWORD *bFUSEnabled = NULL;
+	DWORD *bAppServerAllowed = NULL;
+	DWORD *bMultimonAllowed = NULL;
+	DWORD *lMaxUserSessions = NULL;
+	DWORD *ulMaxDebugSessions = NULL;
+	DWORD *bInitialized = NULL;
+
+	WriteToLog(">>> CSLQuery::Initialize\r\n");
+
+	char *Sect;
+	Sect = new char[256];
+	memset(Sect, 0x00, 256);
+	wsprintfA(Sect, "%d.%d.%d.%d-SLInit", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build);
+
+	if (IniFile->SectionExists(Sect))
+	{
+		#ifdef _WIN64
+		bServerSku = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bServerSku.x64", 0));
+		bRemoteConnAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bRemoteConnAllowed.x64", 0));
+		bFUSEnabled = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bFUSEnabled.x64", 0));
+		bAppServerAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bAppServerAllowed.x64", 0));
+		bMultimonAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bMultimonAllowed.x64", 0));
+		lMaxUserSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "lMaxUserSessions.x64", 0));
+		ulMaxDebugSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "ulMaxDebugSessions.x64", 0));
+		bInitialized = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bInitialized.x64", 0));
+		#else
+		bServerSku = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bServerSku.x86", 0));
+		bRemoteConnAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bRemoteConnAllowed.x86", 0));
+		bFUSEnabled = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bFUSEnabled.x86", 0));
+		bAppServerAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bAppServerAllowed.x86", 0));
+		bMultimonAllowed = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bMultimonAllowed.x86", 0));
+		lMaxUserSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "lMaxUserSessions.x86", 0));
+		ulMaxDebugSessions = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "ulMaxDebugSessions.x86", 0));
+		bInitialized = (DWORD*)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "bInitialized.x86", 0));
+		#endif
+	}
+	delete[] Sect;
+
+	if (bServerSku)
+	{
+		*bServerSku = INIReadDWordHex(IniFile, "SLInit", "bServerSku", 1);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] bServerSku = %d\r\n", bServerSku, *bServerSku);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (bRemoteConnAllowed)
+	{
+		*bRemoteConnAllowed = INIReadDWordHex(IniFile, "SLInit", "bRemoteConnAllowed", 1);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] bRemoteConnAllowed = %d\r\n", bRemoteConnAllowed, *bRemoteConnAllowed);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (bFUSEnabled)
+	{
+		*bFUSEnabled = INIReadDWordHex(IniFile, "SLInit", "bFUSEnabled", 1);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] bFUSEnabled = %d\r\n", bFUSEnabled, *bFUSEnabled);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (bAppServerAllowed)
+	{
+		*bAppServerAllowed = INIReadDWordHex(IniFile, "SLInit", "bAppServerAllowed", 1);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] bAppServerAllowed = %d\r\n", bAppServerAllowed, *bAppServerAllowed);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (bMultimonAllowed)
+	{
+		*bMultimonAllowed = INIReadDWordHex(IniFile, "SLInit", "bMultimonAllowed", 1);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] bMultimonAllowed = %d\r\n", bMultimonAllowed, *bMultimonAllowed);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (lMaxUserSessions)
+	{
+		*lMaxUserSessions = INIReadDWordHex(IniFile, "SLInit", "lMaxUserSessions", 0);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] lMaxUserSessions = %d\r\n", lMaxUserSessions, *lMaxUserSessions);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (ulMaxDebugSessions)
+	{
+		*ulMaxDebugSessions = INIReadDWordHex(IniFile, "SLInit", "ulMaxDebugSessions", 0);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] ulMaxDebugSessions = %d\r\n", ulMaxDebugSessions, *ulMaxDebugSessions);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	if (bInitialized)
+	{
+		*bInitialized = INIReadDWordHex(IniFile, "SLInit", "bInitialized", 1);
+
+		Log = new char[1024];
+		wsprintfA(Log, "SLInit [0x%p] bInitialized = %d\r\n", bInitialized, *bInitialized);
+		WriteToLog(Log);
+		delete[] Log;
+	}
+	WriteToLog("<<< CSLQuery::Initialize\r\n");
+	return S_OK;
+}
+
+void Hook()
+{
+	extern FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
+	extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
+	extern HMODULE hTermSrv;
+	extern HMODULE hSLC;
+	extern PLATFORM_DWORD TermSrvBase;
+	extern FILE_VERSION FV;
+	extern wchar_t LogFile[256];
+
+	AlreadyHooked = true;
+	char *Log;
+
+	wchar_t ConfigFile[256] = { 0x00 };
+	WriteToLog("Loading configuration...\r\n");
+
+	GetModuleFileName(GetCurrentModule(), ConfigFile, 255);
+	for (DWORD i = wcslen(ConfigFile); i > 0; i--)
+	{
+		if (ConfigFile[i] == '\\')
+		{
+			memset(&ConfigFile[i + 1], 0x00, ((256 - (i + 1))) * 2);
+			memcpy(&ConfigFile[i + 1], L"rdpwrap.ini", strlen("rdpwrap.ini") * 2);
+			break;
+		}
+	}
+
+	Log = new char[1024];
+	wsprintfA(Log, "Configuration file: %S\r\n", ConfigFile);
+	WriteToLog(Log);
+	delete[] Log;
+
+	IniFile = new INI_FILE(ConfigFile);
+	// TODO: implement this
+	if (IniFile == NULL)
+	{
+		WriteToLog("Error: Failed to load configuration\r\n");
+		return;
+	}
+
+	INI_VAR_STRING LogFileVar;
+
+	if(!(IniFile->GetVariableInSection("Main", "LogFile", &LogFileVar)))
+	{
+		GetModuleFileName(GetCurrentModule(), LogFile, 255);
+		for(DWORD i = wcslen(LogFile); i > 0; i--)
+		{
+			if(LogFile[i] == '\\')
+			{
+				memset(&LogFile[i+1], 0x00, ((256-(i+1)))*2);
+				memcpy(&LogFile[i+1], L"rdpwrap.txt", strlen("rdpwrap.txt")*2);
+				break;
+			}
+		}
+	}
+	else
+	{
+		// TODO: Change it before add UNICODE in IniFile
+		wchar_t wcLogFile[256];
+		memset(wcLogFile, 0x00, 256);
+		mbstowcs(wcLogFile, LogFileVar.Value, 255);
+		wcscpy(LogFile, wcLogFile);
+	}
+
+	SIZE_T bw;
+	WORD Ver = 0;
+	PLATFORM_DWORD TermSrvSize, SignPtr;
+	FARJMP Jump;
+
+	WriteToLog("Initializing RDP Wrapper...\r\n");
+
+	hTermSrv = LoadLibrary(L"termsrv.dll");
+	if (hTermSrv == 0)
+	{
+		WriteToLog("Error: Failed to load Terminal Services library\r\n");
+		return;
+	}
+	_ServiceMain = (SERVICEMAIN)GetProcAddress(hTermSrv, "ServiceMain");
+	_SvchostPushServiceGlobals = (SVCHOSTPUSHSERVICEGLOBALS)GetProcAddress(hTermSrv, "SvchostPushServiceGlobals");
+
+	Log = new char[4096];
+	wsprintfA(Log,
+		"Base addr:  0x%p\r\n"
+		"SvcMain:    termsrv.dll+0x%p\r\n"
+		"SvcGlobals: termsrv.dll+0x%p\r\n",
+		hTermSrv,
+		(PLATFORM_DWORD)_ServiceMain - (PLATFORM_DWORD)hTermSrv,
+		(PLATFORM_DWORD)_SvchostPushServiceGlobals - (PLATFORM_DWORD)hTermSrv);
+	WriteToLog(Log);
+	delete[] Log;
+
+	// check termsrv version
+	if (GetModuleVersion(L"termsrv.dll", &FV))
+	{
+		Ver = (BYTE)FV.wVersion.Minor | ((BYTE)FV.wVersion.Major << 8);
+	} else {
+		// check NT version
+		// Ver = GetVersion(); // deprecated
+		// Ver = ((Ver & 0xFF) << 8) | ((Ver & 0xFF00) >> 8);
+	}
+	if (Ver == 0)
+	{
+		WriteToLog("Error: Failed to detect Terminal Services version\r\n");
+		return;
+	}
+
+	Log = new char[1024];
+	wsprintfA(Log, "Version:    %d.%d.%d.%d\r\n", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build);
+	WriteToLog(Log);
+	delete[] Log;
+
+	// temporarily freeze threads
+	WriteToLog("Freezing threads...\r\n");
+	SetThreadsState(false);
+
+	bool Bool;
+	if (!(IniFile->GetVariableInSection("Main", "SLPolicyHookNT60", &Bool))) Bool = true;
+
+	if ((Ver == 0x0600) && Bool)
+	{
+		// Windows Vista
+		// uses SL Policy API (slc.dll)
+
+		// load slc.dll and hook function
+		hSLC = LoadLibrary(L"slc.dll");
+		_SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD");
+		if (_SLGetWindowsInformationDWORD != INVALID_HANDLE_VALUE)
+		{
+			// rewrite original function to call our function (make hook)
+
+			WriteToLog("Hook SLGetWindowsInformationDWORD\r\n");
+			#ifdef _WIN64
+			Stub_SLGetWindowsInformationDWORD.MovOp = 0x48;
+			Stub_SLGetWindowsInformationDWORD.MovRegArg = 0xB8;
+			Stub_SLGetWindowsInformationDWORD.MovArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
+			Stub_SLGetWindowsInformationDWORD.PushRaxOp = 0x50;
+			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
+			#else
+			Stub_SLGetWindowsInformationDWORD.PushOp = 0x68;
+			Stub_SLGetWindowsInformationDWORD.PushArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
+			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
+			#endif
+
+			ReadProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
+			WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
+		}
+	}
+
+	if (!(IniFile->GetVariableInSection("Main", "SLPolicyHookNT61", &Bool))) Bool = true;
+
+	if ((Ver == 0x0601) && Bool)
+	{
+		// Windows 7
+		// uses SL Policy API (slc.dll)
+
+		// load slc.dll and hook function
+		hSLC = LoadLibrary(L"slc.dll");
+		_SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD");
+		if (_SLGetWindowsInformationDWORD != INVALID_HANDLE_VALUE)
+		{
+			// rewrite original function to call our function (make hook)
+
+			WriteToLog("Hook SLGetWindowsInformationDWORD\r\n");
+			#ifdef _WIN64
+			Stub_SLGetWindowsInformationDWORD.MovOp = 0x48;
+			Stub_SLGetWindowsInformationDWORD.MovRegArg = 0xB8;
+			Stub_SLGetWindowsInformationDWORD.MovArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
+			Stub_SLGetWindowsInformationDWORD.PushRaxOp = 0x50;
+			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
+			#else
+			Stub_SLGetWindowsInformationDWORD.PushOp = 0x68;
+			Stub_SLGetWindowsInformationDWORD.PushArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
+			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
+			#endif
+
+			ReadProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
+			WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
+		}
+	}
+	if (Ver == 0x0602)
+	{
+		// Windows 8
+		// uses SL Policy internal unexported function
+
+		// load slc.dll and get function
+		// (will be used on intercepting undefined values)
+		hSLC = LoadLibrary(L"slc.dll");
+		_SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD");
+	}
+	if (Ver == 0x0603)
+	{
+		// Windows 8.1
+		// uses SL Policy internal inline code
+	}
+	if (Ver == 0x0604)
+	{
+		// Windows 10
+		// uses SL Policy internal inline code
+	}
+
+	char *Sect;
+	INI_VAR_STRING PatchName;
+	INI_VAR_BYTEARRAY Patch;
+	Sect = new char[256];
+	memset(Sect, 0x00, 256);
+	wsprintfA(Sect, "%d.%d.%d.%d", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build);
+
+	if (IniFile->SectionExists(Sect))
+	{
+		if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
+		{
+			#ifdef _WIN64
+			if (!(IniFile->GetVariableInSection(Sect, "LocalOnlyPatch.x64", &Bool))) Bool = false;
+			#else
+			if (!(IniFile->GetVariableInSection(Sect, "LocalOnlyPatch.x86", &Bool))) Bool = false;
+			#endif
+			if (Bool)
+			{
+				WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
+				Bool = false;
+				#ifdef _WIN64
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "LocalOnlyOffset.x64", 0));
+				Bool = IniFile->GetVariableInSection(Sect, "LocalOnlyCode.x64", &PatchName);
+				#else
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "LocalOnlyOffset.x86", 0));
+				Bool = IniFile->GetVariableInSection(Sect, "LocalOnlyCode.x86", &PatchName);
+				#endif
+				if (Bool) Bool = IniFile->GetVariableInSection("PatchCodes", PatchName.Value, &Patch);
+				if (Bool && (SignPtr > TermSrvBase)) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw);
+			}
+			#ifdef _WIN64
+			if (!(IniFile->GetVariableInSection(Sect, "SingleUserPatch.x64", &Bool))) Bool = false;
+			#else
+			if (!(IniFile->GetVariableInSection(Sect, "SingleUserPatch.x86", &Bool))) Bool = false;
+			#endif
+			if (Bool)
+			{
+				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
+				Bool = false;
+				#ifdef _WIN64
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SingleUserOffset.x64", 0));
+				Bool = IniFile->GetVariableInSection(Sect, "SingleUserCode.x64", &PatchName);
+				#else
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SingleUserOffset.x86", 0));
+				Bool = IniFile->GetVariableInSection(Sect, "SingleUserCode.x86", &PatchName);
+				#endif
+				if (Bool) Bool = IniFile->GetVariableInSection("PatchCodes", PatchName.Value, &Patch);
+				if (Bool && (SignPtr > TermSrvBase)) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw);
+			}
+			#ifdef _WIN64
+			if (!(IniFile->GetVariableInSection(Sect, "DefPolicyPatch.x64", &Bool))) Bool = false;
+			#else
+			if (!(IniFile->GetVariableInSection(Sect, "DefPolicyPatch.x86", &Bool))) Bool = false;
+			#endif
+			if (Bool)
+			{
+				WriteToLog("Patch CDefPolicy::Query\r\n");
+				Bool = false;
+				#ifdef _WIN64
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "DefPolicyOffset.x64", 0));
+				Bool = IniFile->GetVariableInSection(Sect, "DefPolicyCode.x64", &PatchName);
+				#else
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "DefPolicyOffset.x86", 0));
+				Bool = IniFile->GetVariableInSection(Sect, "DefPolicyCode.x86", &PatchName);
+				#endif
+				if (Bool) Bool = IniFile->GetVariableInSection("PatchCodes", PatchName.Value, &Patch);
+				if (Bool && (SignPtr > TermSrvBase)) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw);
+			}
+			#ifdef _WIN64
+			if (!(IniFile->GetVariableInSection(Sect, "SLPolicyInternal.x64", &Bool))) Bool = false;
+			#else
+			if (!(IniFile->GetVariableInSection(Sect, "SLPolicyInternal.x86", &Bool))) Bool = false;
+			#endif
+			if (Bool)
+			{
+				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
+				char *FuncName;
+				FuncName = new char[1024];
+				#ifdef _WIN64
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLPolicyOffset.x64", 0));
+				Jump.MovOp = 0x48;
+				Jump.MovRegArg = 0xB8;
+				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
+				Jump.PushRaxOp = 0x50;
+				Jump.RetOp = 0xC3;
+
+				INIReadString(IniFile, Sect, "SLPolicyFunc.x64", "New_Win8SL", FuncName, 1024);
+
+				if (strcmp(FuncName, "New_Win8SL"))
+				{
+					Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
+				}
+				#else
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLPolicyOffset.x86", 0));
+				Jump.PushOp = 0x68;
+				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
+				Jump.RetOp = 0xC3;
+
+				INIReadString(IniFile, Sect, "SLPolicyFunc.x86", "New_Win8SL", FuncName, 1024);
+
+				if (strcmp(FuncName, "New_Win8SL"))
+				{
+					Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
+				}
+				if (strcmp(FuncName, "New_Win8SL_CP"))
+				{
+					Jump.PushArg = (PLATFORM_DWORD)New_Win8SL_CP;
+				}
+				#endif
+				delete[] FuncName;
+				if (SignPtr > TermSrvBase) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
+			}
+			#ifdef _WIN64
+			if (!(IniFile->GetVariableInSection(Sect, "SLInitHook.x64", &Bool))) Bool = false;
+			#else
+			if (!(IniFile->GetVariableInSection(Sect, "SLInitHook.x86", &Bool))) Bool = false;
+			#endif
+			if (Bool)
+			{
+				WriteToLog("Hook CSLQuery::Initialize\r\n");
+				char *FuncName;
+				FuncName = new char[1024];
+				#ifdef _WIN64
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLInitOffset.x64", 0));
+				Jump.MovOp = 0x48;
+				Jump.MovRegArg = 0xB8;
+				Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
+				Jump.PushRaxOp = 0x50;
+				Jump.RetOp = 0xC3;
+
+				INIReadString(IniFile, Sect, "SLInitFunc.x64", "New_CSLQuery_Initialize", FuncName, 1024);
+
+				if (strcmp(FuncName, "New_CSLQuery_Initialize"))
+				{
+					Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
+				}
+				#else
+				SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLInitOffset.x86", 0));
+				Jump.PushOp = 0x68;
+				Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
+				Jump.RetOp = 0xC3;
+
+				INIReadString(IniFile, Sect, "SLInitFunc.x86", "New_CSLQuery_Initialize", FuncName, 1024);
+
+				if (strcmp(FuncName, "New_CSLQuery_Initialize"))
+				{
+					Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
+				}
+				#endif
+				delete[] FuncName;
+				if (SignPtr > TermSrvBase) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
+			}
+		}
+	}
+	delete[] Sect;
+
+	WriteToLog("Resumimg threads...\r\n");
+	SetThreadsState(true);
+	return;
+}
+
+void WINAPI ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv)
+{
+	WriteToLog(">>> ServiceMain\r\n");
+	if (!AlreadyHooked) Hook();
+
+	if (_ServiceMain != NULL) _ServiceMain(dwArgc, lpszArgv);
+	WriteToLog("<<< ServiceMain\r\n");
+}
+
+void WINAPI SvchostPushServiceGlobals(void *lpGlobalData)
+{
+	WriteToLog(">>> SvchostPushServiceGlobals\r\n");
+	if (!AlreadyHooked) Hook();
+
+	if (_SvchostPushServiceGlobals != NULL) _SvchostPushServiceGlobals(lpGlobalData);
+	WriteToLog("<<< SvchostPushServiceGlobals\r\n");
+}
diff --git a/src-x86-x64-Fusix/src/RDPWrap.sln b/src-x86-x64-Fusix/RDPWrap.sln
similarity index 100%
rename from src-x86-x64-Fusix/src/RDPWrap.sln
rename to src-x86-x64-Fusix/RDPWrap.sln
diff --git a/src-x86-x64-Fusix/src/RDPWrap.v11.suo b/src-x86-x64-Fusix/RDPWrap.v11.suo
similarity index 100%
rename from src-x86-x64-Fusix/src/RDPWrap.v11.suo
rename to src-x86-x64-Fusix/RDPWrap.v11.suo
diff --git a/src-x86-x64-Fusix/src/RDPWrap.vcxproj b/src-x86-x64-Fusix/RDPWrap.vcxproj
similarity index 96%
rename from src-x86-x64-Fusix/src/RDPWrap.vcxproj
rename to src-x86-x64-Fusix/RDPWrap.vcxproj
index e7589ec..ebc2664 100644
--- a/src-x86-x64-Fusix/src/RDPWrap.vcxproj
+++ b/src-x86-x64-Fusix/RDPWrap.vcxproj
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
       <Configuration>Debug</Configuration>
@@ -27,26 +27,26 @@
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v120</PlatformToolset>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v120</PlatformToolset>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v120</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v120</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
@@ -160,6 +160,7 @@
     <Text Include="ReadMe.txt" />
   </ItemGroup>
   <ItemGroup>
+    <ClInclude Include="IniFile.h" />
     <ClInclude Include="stdafx.h" />
     <ClInclude Include="targetver.h" />
   </ItemGroup>
@@ -178,6 +179,7 @@
       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
       </PrecompiledHeader>
     </ClCompile>
+    <ClCompile Include="IniFile.cpp" />
     <ClCompile Include="RDPWrap.cpp" />
     <ClCompile Include="stdafx.cpp">
       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
diff --git a/src-x86-x64-Fusix/src/RDPWrap.vcxproj.filters b/src-x86-x64-Fusix/RDPWrap.vcxproj.filters
similarity index 88%
rename from src-x86-x64-Fusix/src/RDPWrap.vcxproj.filters
rename to src-x86-x64-Fusix/RDPWrap.vcxproj.filters
index b394450..62569f2 100644
--- a/src-x86-x64-Fusix/src/RDPWrap.vcxproj.filters
+++ b/src-x86-x64-Fusix/RDPWrap.vcxproj.filters
@@ -24,6 +24,9 @@
     <ClInclude Include="targetver.h">
       <Filter>Заголовочные файлы</Filter>
     </ClInclude>
+    <ClInclude Include="IniFile.h">
+      <Filter>Заголовочные файлы</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="stdafx.cpp">
@@ -35,6 +38,9 @@
     <ClCompile Include="dllmain.cpp">
       <Filter>Файлы исходного кода</Filter>
     </ClCompile>
+    <ClCompile Include="IniFile.cpp">
+      <Filter>Файлы исходного кода</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <None Include="Export.def">
diff --git a/src-x86-x64-Fusix/src/ReadMe.txt b/src-x86-x64-Fusix/ReadMe.txt
similarity index 100%
rename from src-x86-x64-Fusix/src/ReadMe.txt
rename to src-x86-x64-Fusix/ReadMe.txt
diff --git a/src-x86-x64-Fusix/src/dllmain.cpp b/src-x86-x64-Fusix/dllmain.cpp
similarity index 100%
rename from src-x86-x64-Fusix/src/dllmain.cpp
rename to src-x86-x64-Fusix/dllmain.cpp
diff --git a/src-x86-x64-Fusix/rdpw32.dll b/src-x86-x64-Fusix/rdpw32.dll
deleted file mode 100644
index 6bc21c8..0000000
Binary files a/src-x86-x64-Fusix/rdpw32.dll and /dev/null differ
diff --git a/src-x86-x64-Fusix/rdpw64.dll b/src-x86-x64-Fusix/rdpw64.dll
deleted file mode 100644
index 668e647..0000000
Binary files a/src-x86-x64-Fusix/rdpw64.dll and /dev/null differ
diff --git a/src-x86-x64-Fusix/src/RDPWrap.cpp b/src-x86-x64-Fusix/src/RDPWrap.cpp
deleted file mode 100644
index 1626726..0000000
--- a/src-x86-x64-Fusix/src/RDPWrap.cpp
+++ /dev/null
@@ -1,2544 +0,0 @@
-// RDPWrap C++ port by Fusix (Nikita Parshin)
-// assisted by binarymaster (Stas'M)
-
-// Terminal Services supported versions
-// 6.0.X.X        (Windows Vista, any)                    [policy hook only]
-// 6.0.6000.16386 (Windows Vista)                         [policy hook + extended patch]
-// 6.0.6001.18000 (Windows Vista SP1)                     [policy hook + extended patch]
-// 6.0.6001.22565 (Windows Vista SP1 with KB977541)       [todo]
-// 6.0.6001.22635 (Windows Vista SP1 with KB970911)       [todo]
-// 6.0.6001.22801 (Windows Vista SP1 with KB2381675)      [todo]
-// 6.0.6002.18005 (Windows Vista SP2)                     [policy hook + extended patch]
-// 6.0.6002.22269 (Windows Vista SP2 with KB977541)       [todo]
-// 6.0.6002.22340 (Windows Vista SP2 with KB970911)       [todo]
-// 6.0.6002.22515 (Windows Vista SP2 with KB2381675)      [todo]
-// 6.0.6002.22641 (Windows Vista SP2 with KB2523307)      [todo]
-// 6.0.6002.19214 (Windows Vista SP2 with KB3003743 GDR)  [policy hook + extended patch]
-// 6.0.6002.23521 (Windows Vista SP2 with KB3003743 LDR)  [policy hook + extended patch]
-// 6.1.X.X        (Windows 7, any)                        [policy hook only]
-// 6.1.7600.16385 (Windows 7)                             [policy hook + extended patch]
-// 6.1.7600.20890 (Windows 7 with KB2479710)              [todo]
-// 6.1.7600.21316 (Windows 7 with KB2750090)              [todo]
-// 6.1.7601.17514 (Windows 7 SP1)                         [policy hook + extended patch]
-// 6.1.7601.21650 (Windows 7 SP1 with KB2479710)          [todo]
-// 6.1.7601.21866 (Windows 7 SP1 with KB2647409)          [todo]
-// 6.1.7601.22104 (Windows 7 SP1 with KB2750090)          [todo]
-// 6.1.7601.18540 (Windows 7 SP1 with KB2984972 GDR)      [policy hook + extended patch]
-// 6.1.7601.22750 (Windows 7 SP1 with KB2984972 LDR)      [policy hook + extended patch]
-// 6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR)      [policy hook + extended patch]
-// 6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR)      [policy hook + extended patch]
-// 6.2.8102.0     (Windows 8 Developer Preview)           [policy hook + extended patch]
-// 6.2.8250.0     (Windows 8 Consumer Preview)            [policy hook + extended patch]
-// 6.2.8400.0     (Windows 8 Release Preview)             [policy hook + extended patch]
-// 6.2.9200.16384 (Windows 8)                             [policy hook + extended patch]
-// 6.2.9200.17048 (Windows 8 with KB2973501 GDR)          [policy hook + extended patch]
-// 6.2.9200.21166 (Windows 8 with KB2973501 LDR)          [policy hook + extended patch]
-// 6.3.9431.0     (Windows 8.1 Preview)                   [init hook + extended patch]
-// 6.3.9600.16384 (Windows 8.1)                           [init hook + extended patch]
-// 6.3.9600.17095 (Windows 8.1 with KB2959626)            [init hook + extended patch]
-// 6.4.9841.0     (Windows 10 Technical Preview)          [init hook + extended patch]
-// 6.4.9860.0     (Windows 10 Technical Preview Update 1) [init hook + extended patch]
-
-// Known failures
-// 6.0.6000.16386 (Windows Vista RTM x86, crashes on logon attempt)
-
-// Internal changelog:
-
-// 2014.11.13 :
-// - researching KB3003743
-// - added support for version 6.0.6002.19214
-// - added support for version 6.0.6002.23521
-// - added support for version 6.1.7601.18637
-// - added support for version 6.1.7601.22843
-
-// 2014.11.02 :
-// - researching termsrv.dll 6.4.9860.0
-// - done
-
-// 2014.10.19 :
-// - added support for version 6.0.6000.16386 (x64)
-// - added support for version 6.0.6001.18000 (x64)
-// - added support for version 6.1.7600.16385
-
-// 2014.10.18 :
-// - corrected some typos in source
-// - simplified signature constants
-// - added support for version 6.0.6000.16386 (x86)
-// - added support for version 6.0.6001.18000 (x86)
-// - added support for version 6.0.6002.18005
-// - added support for version 6.1.7601.17514
-// - added support for version 6.1.7601.18540
-// - added support for version 6.1.7601.22750
-// - added support for version 6.2.9200.17048
-// - added support for version 6.2.9200.21166
-
-// 2014.10.17 :
-// - collecting information about all versions of Terminal Services beginning from Vista
-// - added [todo] to the versions list
-
-// 2014.10.16 :
-// - got new updates: KB2984972 for Win 7 (still works with 2 concurrent users) and KB2973501 for Win 8 (doesn't work)
-
-// 2014.10.02 :
-// - researching Windows 10 TP Remote Desktop
-// - done! even without debugging symbols ^^)
-
-// 2014.07.25 :
-// - added few comments about ARM platform for developers
-
-// 2014.07.22 :
-// - fixed bug in x64 signatures
-
-// 2014.07.20 :
-// - added support for Windows 8 Release Preview
-// - added support for Windows 8 Consumer Preview
-// - added support for Windows 8 Developer Preview
-
-// 2014.07.19 :
-// - improved patching of Windows 8
-// - added policy patches
-// - will patch CDefPolicy::Query
-// - will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-
-// 2014.07.18 :
-// - researched patched files from MDL forum
-// - CSLQuery::GetMaxSessions requires no patching
-// - it's better to change the default policy, so...
-// - will patch CDefPolicy::Query
-// - will patch CEnforcementCore::GetInstanceOfTSLicense
-// - will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-// - the function CSLQuery::Initialize is hooked correctly
-
-// 2014.07.17 :
-// - will hook only CSLQuery::Initialize function
-// - CSLQuery::GetMaxSessions will be patched
-// - added x86 signatures for 6.3.9431.0 (Windows 8.1 Preview)
-// - added x64 signatures for 6.3.9431.0 (Windows 8.1 Preview)
-// - just for check ^^)
-
-// 2014.07.16 :
-// - changing asm opcodes is bad, will hook CSL functions
-
-// 2014.07.15 :
-// - added x86 signatures for 6.3.9600.16384 (Windows 8.1)
-// - added x64 signatures for 6.3.9600.16384 (Windows 8.1)
-// - added x86 signatures for 6.3.9600.17095 (Windows 8.1 with KB2959626)
-// - added x64 signatures for 6.3.9600.17095 (Windows 8.1 with KB2959626)
-
-#include "stdafx.h"
-
-typedef struct
-{
-	union
-	{
-		struct 
-		{
-			WORD Minor;
-			WORD Major;
-		} wVersion;
-		DWORD dwVersion;
-	};
-	WORD Release;
-	WORD Build;
-} FILE_VERSION;
-
-#ifdef _WIN64
-typedef unsigned long long PLATFORM_DWORD;
-struct FARJMP
-{	// x64 far jump | opcode | assembly
-	BYTE MovOp;		// 48	mov rax, ptr
-	BYTE MovRegArg;	// B8
-	DWORD64 MovArg;	// PTR
-	BYTE PushRaxOp; // 50	push rax
-	BYTE RetOp;		// C3	retn
-};
-// x64 signatures
-char CDefPolicy_Query_eax_rcx_jmp[] = {0xB8, 0x00, 0x01, 0x00, 0x00, 0x89, 0x81, 0x38, 0x06, 0x00, 0x00, 0x90, 0xEB};
-char CDefPolicy_Query_eax_rdi[] = {0xB8, 0x00, 0x01, 0x00, 0x00, 0x89, 0x87, 0x38, 0x06, 0x00, 0x00, 0x90};
-char CDefPolicy_Query_eax_rcx[] = {0xB8, 0x00, 0x01, 0x00, 0x00, 0x89, 0x81, 0x38, 0x06, 0x00, 0x00, 0x90};
-
-// termsrv.dll build 6.0.6000.16386
-
-// Original
-// .text:000007FF7573C88F          mov     eax, [rcx+638h]
-// .text:000007FF7573C895          cmp     [rcx+63Ch], eax
-// .text:000007FF7573C89B          jnz     short loc_7FF7573C8B3
-//_______________
-//
-// Changed
-// .text:000007FF7573C88F          mov     eax, 100h
-// .text:000007FF7573C894          mov     [rcx+638h], eax
-// .text:000007FF7573C89A          nop
-// .text:000007FF7573C89B          jmp     short loc_7FF7573C8B3
-// char CDefPolicy_Query_eax_rcx_jmp[]
-
-// termsrv.dll build 6.0.6001.18000
-
-// Original
-// .text:000007FF76285BD7          mov     eax, [rcx+638h]
-// .text:000007FF76285BDD          cmp     [rcx+63Ch], eax
-// .text:000007FF76285BE3          jnz     short loc_7FF76285BFB
-//_______________
-//
-// Changed
-// .text:000007FF76285BD7          mov     eax, 100h
-// .text:000007FF76285BDC          mov     [rcx+638h], eax
-// .text:000007FF76285BE2          nop
-// .text:000007FF76285BE3          jmp     short loc_7FF76285BFB
-// char CDefPolicy_Query_eax_rcx_jmp[]
-
-// termsrv.dll build 6.0.6002.18005
-
-// Original
-// .text:000007FF76725E83          mov     eax, [rcx+638h]
-// .text:000007FF76725E89          cmp     [rcx+63Ch], eax
-// .text:000007FF76725E8F          jz      short loc_7FF76725EA7
-//_______________
-//
-// Changed
-// .text:000007FF76725E83          mov     eax, 100h
-// .text:000007FF76725E88          mov     [rcx+638h], eax
-// .text:000007FF76725E8E          nop
-// .text:000007FF76725E8F          jmp     short loc_7FF76725EA7
-// char CDefPolicy_Query_eax_rcx_jmp[]
-
-// termsrv.dll build 6.0.6002.19214
-
-// Original
-// .text:000007FF75B25FF7          mov     eax, [rcx+638h]
-// .text:000007FF75B25FFD          cmp     [rcx+63Ch], eax
-// .text:000007FF75B26003          jnz     short loc_7FF75B2601B
-//_______________
-//
-// Changed
-// .text:000007FF75B25FF7          mov     eax, 100h
-// .text:000007FF75B25FFC          mov     [rcx+638h], eax
-// .text:000007FF75B26002          nop
-// .text:000007FF75B26003          jmp     short loc_7FF75B2601B
-// char CDefPolicy_Query_eax_rcx_jmp[]
-
-// termsrv.dll build 6.0.6002.23521
-
-// Original
-// .text:000007FF75B269CB          mov     eax, [rcx+638h]
-// .text:000007FF75B269D1          cmp     [rcx+63Ch], eax
-// .text:000007FF75B269D7          jnz     short loc_7FF75B269EF
-//_______________
-//
-// Changed
-// .text:000007FF75B269CB          mov     eax, 100h
-// .text:000007FF75B269D0          mov     [rcx+638h], eax
-// .text:000007FF75B269D6          nop
-// .text:000007FF75B269D7          jmp     short loc_7FF75B269EF
-// char CDefPolicy_Query_eax_rcx_jmp[]
-
-// termsrv.dll build 6.1.7600.16385
-
-// Original
-// .text:000007FF75A97AD2          cmp     [rdi+63Ch], eax
-// .text:000007FF75A97AD8          jz      loc_7FF75AA4978
-//_______________
-//
-// Changed
-// .text:000007FF75A97AD2          mov     eax, 100h
-// .text:000007FF75A97AD7          mov     [rdi+638h], eax
-// .text:000007FF75A97ADD          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.1.7601.17514
-
-// Original
-// .text:000007FF75A97D8A          cmp     [rdi+63Ch], eax
-// .text:000007FF75A97D90          jz      loc_7FF75AA40F4
-//_______________
-//
-// Changed
-// .text:000007FF75A97D8A          mov     eax, 100h
-// .text:000007FF75A97D8F          mov     [rdi+638h], eax
-// .text:000007FF75A97D95          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.1.7601.18540
-
-// Original
-// .text:000007FF75A97C82          cmp     [rdi+63Ch], eax
-// .text:000007FF75A97C88          jz      loc_7FF75AA3FBD
-//_______________
-//
-// Changed
-// .text:000007FF75A97C82          mov     eax, 100h
-// .text:000007FF75A97C87          mov     [rdi+638h], eax
-// .text:000007FF75A97C8D          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.1.7601.22750
-
-// Original
-// .text:000007FF75A97C92          cmp     [rdi+63Ch], eax
-// .text:000007FF75A97C98          jz      loc_7FF75AA40A2
-//_______________
-//
-// Changed
-// .text:000007FF75A97C92          mov     eax, 100h
-// .text:000007FF75A97C97          mov     [rdi+638h], eax
-// .text:000007FF75A97C9D          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.1.7601.18637
-
-// Original
-// .text:000007FF75A97DC6          cmp     [rdi+63Ch], eax
-// .text:000007FF75A97DCC          jz      loc_7FF75AA40BD
-//_______________
-//
-// Changed
-// .text:000007FF75A97DC6          mov     eax, 100h
-// .text:000007FF75A97DCB          mov     [rdi+638h], eax
-// .text:000007FF75A97DD1          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.1.7601.22843
-
-// Original
-// .text:000007FF75A97D6E          cmp     [rdi+63Ch], eax
-// .text:000007FF75A97D74          jz      loc_7FF75AA4182
-//_______________
-//
-// Changed
-// .text:000007FF75A97D6E          mov     eax, 100h
-// .text:000007FF75A97D73          mov     [rdi+638h], eax
-// .text:000007FF75A97D79          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.2.8102.0
-
-// Original
-// .text:000000018000D3E6          cmp     [rdi+63Ch], eax
-// .text:000000018000D3EC          jz      loc_180027792
-//_______________
-//
-// Changed
-// .text:000000018000D3E6          mov     eax, 100h
-// .text:000000018000D3EB          mov     [rdi+638h], eax
-// .text:000000018000D3F1          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.2.8250.0
-
-// Original
-// .text:000000018001187A          cmp     [rdi+63Ch], eax
-// .text:0000000180011880          jz      loc_1800273A2
-//_______________
-//
-// Changed
-// .text:000000018001187A          mov     eax, 100h
-// .text:000000018001187F          mov     [rdi+638h], eax
-// .text:0000000180011885          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.2.8400.0
-
-// Original
-// .text:000000018001F102          cmp     [rdi+63Ch], eax
-// .text:000000018001F108          jz      loc_18003A02E
-//_______________
-//
-// Changed
-// .text:000000018001F102          mov     eax, 100h
-// .text:000000018001F107          mov     [rdi+638h], eax
-// .text:000000018001F10D          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.2.9200.16384
-
-// Original
-// .text:000000018002A31A          cmp     [rdi+63Ch], eax
-// .text:000000018002A320          jz      loc_18003A0F9
-//_______________
-//
-// Changed
-// .text:000000018002A31A          mov     eax, 100h
-// .text:000000018002A31F          mov     [rdi+638h], eax
-// .text:000000018002A325          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.2.9200.17048
-
-// Original
-// .text:000000018001F206          cmp     [rdi+63Ch], eax
-// .text:000000018001F20C          jz      loc_18003A1B4
-//_______________
-//
-// Changed
-// .text:000000018001F206          mov     eax, 100h
-// .text:000000018001F20B          mov     [rdi+638h], eax
-// .text:000000018001F211          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.2.9200.21166
-
-// Original
-// .text:000000018002A3B6          cmp     [rdi+63Ch], eax
-// .text:000000018002A3BC          jz      loc_18003A174
-//_______________
-//
-// Changed
-// .text:000000018002A3B6          mov     eax, 100h
-// .text:000000018002A3BB          mov     [rdi+638h], eax
-// .text:000000018002A3C1          nop
-// char CDefPolicy_Query_eax_rdi[]
-
-// termsrv.dll build 6.3.9431.0
-
-// Original
-// .text:00000001800350FD          cmp     [rcx+63Ch], eax
-// .text:0000000180035103          jz      loc_18004F6AE
-//_______________
-//
-// Changed
-// .text:00000001800350FD          mov     eax, 100h
-// .text:0000000180035102          mov     [rcx+638h], eax
-// .text:0000000180035108          nop
-// char CDefPolicy_Query_eax_rcx[]
-
-// termsrv.dll build 6.3.9600.16384
-
-// Original
-// .text:0000000180057829          cmp     [rcx+63Ch], eax
-// .text:000000018005782F          jz      loc_18005E850
-//_______________
-//
-// Changed
-// .text:0000000180057829          mov     eax, 100h
-// .text:000000018005782E          mov     [rcx+638h], eax
-// .text:0000000180057834          nop
-// char CDefPolicy_Query_eax_rcx[]
-
-// termsrv.dll build 6.3.9600.17095
-
-// Original
-// .text:000000018001F6A1          cmp     [rcx+63Ch], eax
-// .text:000000018001F6A7          jz      loc_18007284B
-//_______________
-//
-// Changed
-// .text:000000018001F6A1          mov     eax, 100h
-// .text:000000018001F6A6          mov     [rcx+638h], eax
-// .text:000000018001F6AC          nop
-// char CDefPolicy_Query_eax_rcx[]
-
-// termsrv.dll build 6.4.9841.0
-
-// Original
-// .text:000000018000C125          cmp     [rcx+63Ch], eax
-// .text:000000018000C12B          jz      sub_18003BABC
-//_______________
-//
-// Changed
-// .text:000000018000C125          mov     eax, 100h
-// .text:000000018000C12A          mov     [rcx+638h], eax
-// .text:000000018000C130          nop
-// char CDefPolicy_Query_eax_rcx[]
-
-// termsrv.dll build 6.4.9860.0
-
-// Original
-// .text:000000018000B9F5          cmp     [rcx+63Ch], eax
-// .text:000000018000B9FB          jz      sub_18003B9C8
-//_______________
-//
-// Changed
-// .text:000000018000B9F5          mov     eax, 100h
-// .text:000000018000B9FA          mov     [rcx+638h], eax
-// .text:000000018000BA00          nop
-// char CDefPolicy_Query_eax_rcx[]
-
-#else
-typedef unsigned long PLATFORM_DWORD;
-struct FARJMP
-{	// x86 far jump | opcode | assembly
-	BYTE PushOp;	// 68	push ptr
-	DWORD PushArg;	// PTR
-	BYTE RetOp;		// C3	retn
-};
-// x86 signatures
-char CDefPolicy_Query_edx_ecx[] = {0xBA, 0x00, 0x01, 0x00, 0x00, 0x89, 0x91, 0x20, 0x03, 0x00, 0x00, 0x5E, 0x90};
-char CDefPolicy_Query_eax_esi[] = {0xB8, 0x00, 0x01, 0x00, 0x00, 0x89, 0x86, 0x20, 0x03, 0x00, 0x00, 0x90};
-char CDefPolicy_Query_eax_ecx[] = {0xB8, 0x00, 0x01, 0x00, 0x00, 0x89, 0x81, 0x20, 0x03, 0x00, 0x00, 0x90};
-
-// termsrv.dll build 6.0.6000.16386
-
-// Original
-// .text:6F335CD8          cmp     edx, [ecx+320h]
-// .text:6F335CDE          pop     esi
-// .text:6F335CDF          jz      loc_6F3426F1
-//_______________
-//
-// Changed
-// .text:6F335CD8          mov     edx, 100h
-// .text:6F335CDD          mov     [ecx+320h], edx
-// .text:6F335CE3          pop     esi
-// .text:6F335CE4          nop
-// char CDefPolicy_Query_edx_ecx[]
-
-// termsrv.dll build 6.0.6001.18000
-
-// Original
-// .text:6E817FD8          cmp     edx, [ecx+320h]
-// .text:6E817FDE          pop     esi
-// .text:6E817FDF          jz      loc_6E826F16
-//_______________
-//
-// Changed
-// .text:6E817FD8          mov     edx, 100h
-// .text:6E817FDD          mov     [ecx+320h], edx
-// .text:6E817FE3          pop     esi
-// .text:6E817FE4          nop
-// char CDefPolicy_Query_edx_ecx[]
-
-// termsrv.dll build 6.0.6002.18005
-
-// Original
-// .text:6F5979C0          cmp     edx, [ecx+320h]
-// .text:6F5979C6          pop     esi
-// .text:6F5979C7          jz      loc_6F5A6F26
-//_______________
-//
-// Changed
-// .text:6F5979C0          mov     edx, 100h
-// .text:6F5979C5          mov     [ecx+320h], edx
-// .text:6F5979CB          pop     esi
-// .text:6F5979CC          nop
-// char CDefPolicy_Query_edx_ecx[]
-
-// termsrv.dll build 6.0.6002.19214
-
-// Original
-// .text:6F5979B8          cmp     edx, [ecx+320h]
-// .text:6F5979BE          pop     esi
-// .text:6F5979BF          jz      loc_6F5A6F3E
-//_______________
-//
-// Changed
-// .text:6F5979B8          mov     edx, 100h
-// .text:6F5979BD          mov     [ecx+320h], edx
-// .text:6F5979C3          pop     esi
-// .text:6F5979C4          nop
-// char CDefPolicy_Query_edx_ecx[]
-
-// termsrv.dll build 6.0.6002.23521
-
-// Original
-// .text:6F5979CC          cmp     edx, [ecx+320h]
-// .text:6F5979D2          pop     esi
-// .text:6F5979D3          jz      loc_6F5A6F2E
-//_______________
-//
-// Changed
-// .text:6F5979CC          mov     edx, 100h
-// .text:6F5979D1          mov     [ecx+320h], edx
-// .text:6F5979D7          pop     esi
-// .text:6F5979D8          nop
-// char CDefPolicy_Query_edx_ecx[]
-
-// termsrv.dll build 6.1.7600.16385
-
-// Original
-// .text:6F2F96F3          cmp     eax, [esi+320h]
-// .text:6F2F96F9          jz      loc_6F30E256
-//_______________
-//
-// Changed
-// .text:6F2F96F3          mov     eax, 100h
-// .text:6F2F96F8          mov     [esi+320h], eax
-// .text:6F2F96FE          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.1.7601.17514
-
-// Original
-// .text:6F2F9D53          cmp     eax, [esi+320h]
-// .text:6F2F9D59          jz      loc_6F30B25E
-//_______________
-//
-// Changed
-// .text:6F2F9D53          mov     eax, 100h
-// .text:6F2F9D58          mov     [esi+320h], eax
-// .text:6F2F9D5E          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.1.7601.18540
-
-// Original
-// .text:6F2F9D9F          cmp     eax, [esi+320h]
-// .text:6F2F9DA5          jz      loc_6F30B2AE
-//_______________
-//
-// Changed
-// .text:6F2F9D9F          mov     eax, 100h
-// .text:6F2F9DA4          mov     [esi+320h], eax
-// .text:6F2F9DAA          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.1.7601.22750
-
-// Original
-// .text:6F2F9E21          cmp     eax, [esi+320h]
-// .text:6F2F9E27          jz      loc_6F30B6CE
-//_______________
-//
-// Changed
-// .text:6F2F9E21          mov     eax, 100h
-// .text:6F2F9E26          mov     [esi+320h], eax
-// .text:6F2F9E2C          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.1.7601.18637
-
-// Original
-// .text:6F2F9DBB          cmp     eax, [esi+320h]
-// .text:6F2F9DC1          jz      loc_6F30B2A6
-//_______________
-//
-// Changed
-// .text:6F2F9DBB          mov     eax, 100h
-// .text:6F2F9DC0          mov     [esi+320h], eax
-// .text:6F2F9DC6          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.1.7601.22843
-
-// Original
-// .text:6F2F9E25          cmp     eax, [esi+320h]
-// .text:6F2F9E2B          jz      loc_6F30B6D6
-//_______________
-//
-// Changed
-// .text:6F2F9E25          mov     eax, 100h
-// .text:6F2F9E2A          mov     [esi+320h], eax
-// .text:6F2F9E30          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.2.8102.0
-
-// Original
-// .text:1000E47C          cmp     eax, [esi+320h]
-// .text:1000E482          jz      loc_1002D775
-//_______________
-//
-// Changed
-// .text:1000E47C          mov     eax, 100h
-// .text:1000E481          mov     [esi+320h], eax
-// .text:1000E487          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.2.8250.0
-
-// Original
-// .text:10013520          cmp     eax, [esi+320h]
-// .text:10013526          jz      loc_1002DB85
-//_______________
-//
-// Changed
-// .text:10013520          mov     eax, 100h
-// .text:10013525          mov     [esi+320h], eax
-// .text:1001352B          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.2.8400.0
-
-// Original
-// .text:10013E48          cmp     eax, [esi+320h]
-// .text:10013E4E          jz      loc_1002E079
-//_______________
-//
-// Changed
-// .text:10013E48          mov     eax, 100h
-// .text:10013E4D          mov     [esi+320h], eax
-// .text:10013E53          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.2.9200.16384
-
-// Original
-// .text:10013F08          cmp     eax, [esi+320h]
-// .text:10013F0E          jz      loc_1002E161
-//_______________
-//
-// Changed
-// .text:10013F08          mov     eax, 100h
-// .text:10013F0D          mov     [esi+320h], eax
-// .text:10013F13          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.2.9200.17048
-
-// Original
-// .text:1001F408          cmp     eax, [esi+320h]
-// .text:1001F40E          jz      loc_1002E201
-//_______________
-//
-// Changed
-// .text:1001F408          mov     eax, 100h
-// .text:1001F40D          mov     [esi+320h], eax
-// .text:1001F413          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.2.9200.21166
-
-// Original
-// .text:10013F30          cmp     eax, [esi+320h]
-// .text:10013F36          jz      loc_1002E189
-//_______________
-//
-// Changed
-// .text:10013F30          mov     eax, 100h
-// .text:10013F35          mov     [esi+320h], eax
-// .text:10013F3B          nop
-// char CDefPolicy_Query_eax_esi[]
-
-// termsrv.dll build 6.3.9431.0
-
-// Original
-// .text:1002EA25          cmp     eax, [ecx+320h]
-// .text:1002EA2B          jz      loc_100348C1
-//_______________
-//
-// Changed
-// .text:1002EA25          mov     eax, 100h
-// .text:1002EA2A          mov     [ecx+320h], eax
-// .text:1002EA30          nop
-// char CDefPolicy_Query_eax_ecx[]
-
-// termsrv.dll build 6.3.9600.16384
-
-// Original
-// .text:10016115          cmp     eax, [ecx+320h]
-// .text:1001611B          jz      loc_10034DE1
-//_______________
-//
-// Changed
-// .text:10016115          mov     eax, 100h
-// .text:1001611A          mov     [ecx+320h], eax
-// .text:10016120          nop
-// char CDefPolicy_Query_eax_ecx[]
-
-// termsrv.dll build 6.3.9600.17095
-
-// Original
-// .text:10037529          cmp     eax, [ecx+320h]
-// .text:1003752F          jz      loc_10043662
-//_______________
-//
-// Changed
-// .text:10037529          mov     eax, 100h
-// .text:1003752E          mov     [ecx+320h], eax
-// .text:10037534          nop
-// char CDefPolicy_Query_eax_ecx[]
-
-// termsrv.dll build 6.4.9841.0
-
-// Original
-// .text:1003B989          cmp     eax, [ecx+320h]
-// .text:1003B98F          jz      loc_1005E809
-//_______________
-//
-// Changed
-// .text:1003B989          mov     eax, 100h
-// .text:1003B98E          mov     [ecx+320h], eax
-// .text:1003B994          nop
-// char CDefPolicy_Query_eax_ecx[]
-
-// termsrv.dll build 6.4.9860.0
-
-// Original
-// .text:1003BEC9          cmp     eax, [ecx+320h]
-// .text:1003BECF          jz      loc_1005EE1A
-//_______________
-//
-// Changed
-// .text:1003BEC9          mov     eax, 100h
-// .text:1003BECE          mov     [ecx+320h], eax
-// .text:1003BED4          nop
-// char CDefPolicy_Query_eax_ecx[]
-
-#endif
-
-FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
-SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
-
-HMODULE hTermSrv;
-HMODULE hSLC;
-PLATFORM_DWORD TermSrvBase;
-FILE_VERSION FV;
-SERVICEMAIN _ServiceMain;
-SVCHOSTPUSHSERVICEGLOBALS _SvchostPushServiceGlobals;
-bool AlreadyHooked = false;
-
-void WriteToLog(LPSTR Text)
-{
-	DWORD dwBytesOfWritten;
-
-	HANDLE hFile = CreateFile(L"\\rdpwrap.txt", GENERIC_WRITE, FILE_SHARE_WRITE|FILE_SHARE_READ, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
-	if (hFile == INVALID_HANDLE_VALUE) return;
-
-	SetFilePointer(hFile, 0, 0, FILE_END);
-	WriteFile(hFile, Text, strlen(Text), &dwBytesOfWritten, NULL);
-	CloseHandle(hFile);
-}
-
-PLATFORM_DWORD SearchAddressBySignature(char *StartPosition, PLATFORM_DWORD Size, char *Signature, int SignatureSize)
-{
-	PLATFORM_DWORD AddressReturn = -1;
-
-	for (PLATFORM_DWORD i = 0; i < Size; i++)
-	{
-		for (int j = 0; StartPosition[i+j] == Signature[j] && j < SignatureSize; j++)
-		{
-			if (j == SignatureSize-1) AddressReturn = (PLATFORM_DWORD)&StartPosition[i];
-		}
-	}
-
-	return AddressReturn;
-}
-
-bool GetModuleCodeSectionInfo(HMODULE hModule, PLATFORM_DWORD *BaseAddr, PLATFORM_DWORD *BaseSize)
-{
-	PIMAGE_DOS_HEADER		pDosHeader;
-	PIMAGE_FILE_HEADER      pFileHeader;
-	PIMAGE_OPTIONAL_HEADER  pOptionalHeader;
-
-	if (hModule == NULL) return false;
-
-	pDosHeader = (PIMAGE_DOS_HEADER)hModule;
-	pFileHeader = (PIMAGE_FILE_HEADER)(((PBYTE)hModule)+pDosHeader->e_lfanew+4);
-	pOptionalHeader = (PIMAGE_OPTIONAL_HEADER)(pFileHeader+1);
-
-	*BaseAddr = (PLATFORM_DWORD)hModule;
-	*BaseSize = (PLATFORM_DWORD)pOptionalHeader->SizeOfCode;
-
-	if (*BaseAddr <= 0 || *BaseSize <= 0) return false;
-	return true;
-}
-
-void SetThreadsState(bool Resume)
-{
-	HANDLE h, hThread;
-	DWORD CurrTh, CurrPr;
-	THREADENTRY32 Thread;
-
-	CurrTh = GetCurrentThreadId();
-	CurrPr = GetCurrentProcessId();
-	
-	h = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
-	if (h != INVALID_HANDLE_VALUE)
-	{
-		Thread.dwSize = sizeof(THREADENTRY32);
-		Thread32First(h, &Thread);
-		do
-		{
-			if (Thread.th32ThreadID != CurrTh && Thread.th32OwnerProcessID == CurrPr)
-			{
-				hThread = OpenThread(THREAD_SUSPEND_RESUME, false, Thread.th32ThreadID);
-				if (hThread != INVALID_HANDLE_VALUE)
-				{
-					if (Resume)		ResumeThread(hThread);
-					else			SuspendThread(hThread);
-					CloseHandle(hThread);
-				}
-			}
-		} while (Thread32Next(h, &Thread));	
-		CloseHandle(h);
-	}
-}
-
-BOOL __stdcall GetModuleVersion(LPCWSTR lptstrModuleName, FILE_VERSION *FileVersion)
-{
-	typedef struct 
-	{
-		WORD             wLength;
-		WORD             wValueLength;
-		WORD             wType;
-		WCHAR            szKey[16];
-		WORD             Padding1;
-		VS_FIXEDFILEINFO Value;
-		WORD             Padding2;
-		WORD             Children;
-	} VS_VERSIONINFO;
-
-	HMODULE hMod = GetModuleHandle(lptstrModuleName);
-	if(!hMod)
-	{
-		return false;
-	}
-	
-	HRSRC hResourceInfo = FindResourceW(hMod, (LPCWSTR)1, (LPCWSTR)0x10);	
-	if(!hResourceInfo)
-	{
-		return false;
-	}
-	
-	VS_VERSIONINFO *VersionInfo = (VS_VERSIONINFO*)LoadResource(hMod, hResourceInfo);
-	if(!VersionInfo)
-	{
-		return false;
-	}
-
-	FileVersion->dwVersion = VersionInfo->Value.dwFileVersionMS;
-	FileVersion->Release = (WORD)(VersionInfo->Value.dwFileVersionLS >> 16);
-	FileVersion->Build = (WORD)VersionInfo->Value.dwFileVersionLS;
-
-	return true;
-}
-
-BOOL __stdcall GetFileVersion(LPCWSTR lptstrFilename, FILE_VERSION *FileVersion)
-{
-	typedef struct 
-	{
-		WORD             wLength;
-		WORD             wValueLength;
-		WORD             wType;
-		WCHAR            szKey[16];
-		WORD             Padding1;
-		VS_FIXEDFILEINFO Value;
-		WORD             Padding2;
-		WORD             Children;
-	} VS_VERSIONINFO;
-
-	HMODULE hFile = LoadLibraryExW(lptstrFilename, NULL, LOAD_LIBRARY_AS_DATAFILE);
-	if(!hFile)
-	{
-		return false;
-	}
-	
-	HRSRC hResourceInfo = FindResourceW(hFile, (LPCWSTR)1, (LPCWSTR)0x10);	
-	if(!hResourceInfo)
-	{
-		return false;
-	}
-	
-	VS_VERSIONINFO *VersionInfo = (VS_VERSIONINFO*)LoadResource(hFile, hResourceInfo);
-	if(!VersionInfo)
-	{
-		return false;
-	}
-
-	FileVersion->dwVersion = VersionInfo->Value.dwFileVersionMS;
-	FileVersion->Release = (WORD)(VersionInfo->Value.dwFileVersionLS >> 16);
-	FileVersion->Build = (WORD)VersionInfo->Value.dwFileVersionLS;
-
-	return true;
-}
-
-bool OverrideSL(LPWSTR ValueName, DWORD *Value)
-{
-	// Allow Remote Connections
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-AllowRemoteConnections") == 0)
-	{
-		*Value = 1;
-		return true;
-	}
-	// Allow Multiple Sessions
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-AllowMultipleSessions") == 0)
-	{
-		*Value = 1;
-		return true;
-	}
-	// Allow Multiple Sessions (Application Server Mode)
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-AllowAppServerMode") == 0)
-	{
-		*Value = 1;
-		return true;
-	}
-	// Allow Multiple Monitors
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-AllowMultimon") == 0)
-	{
-		*Value = 1;
-		return true;
-	}
-	// Max User Sessions (0 = unlimited)
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-MaxUserSessions") == 0)
-	{
-		*Value = 0;
-		return true;
-	}
-	// Max Debug Sessions (Win 8, 0 = unlimited)
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-ce0ad219-4670-4988-98fb-89b14c2f072b-MaxSessions") == 0)
-	{
-		*Value = 0;
-		return true;	
-	}
-	// Max Sessions
-	// 0 - logon not possible even from console
-	// 1 - only one active user (console or remote)
-	// 2 - allow concurrent sessions
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-MaxSessions") == 0)
-	{
-		*Value = 2;
-		return true;
-	}
-	// Allow Advanced Compression with RDP 7 Protocol
-	if (wcscmp(ValueName, L"TerminalServices-RDP-7-Advanced-Compression-Allowed") == 0)
-	{
-		*Value = 1;
-		return true;
-	}
-	// IsTerminalTypeLocalOnly = 0
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-45344fe7-00e6-4ac6-9f01-d01fd4ffadfb-LocalOnly") == 0)
-	{
-		*Value = 0;
-		return true;
-	}
-	// Max Sessions (hard limit)
-	if (wcscmp(ValueName, L"TerminalServices-RemoteConnectionManager-8dc86f1d-9969-4379-91c1-06fe1dc60575-MaxSessions") == 0)
-	{
-		*Value = 1000;
-		return true;	
-	}
-	return false;
-}
-
-HRESULT WINAPI New_SLGetWindowsInformationDWORD(PWSTR pwszValueName, DWORD *pdwValue)
-{
-	// wrapped SLGetWindowsInformationDWORD function
-	// termsrv.dll will call this function instead of original SLC.dll
-
-	// Override SL Policy
-
-	extern FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
-	extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
-
-	char *Log;
-	DWORD dw;
-	SIZE_T bw;
-	HRESULT Result;
-
-	Log = new char[1024];
-	wsprintfA(Log, "Policy query: %S\r\n", pwszValueName);
-	WriteToLog(Log);
-	delete[] Log;
-
-	if (OverrideSL(pwszValueName, &dw))
-	{
-		*pdwValue = dw;
-
-		Log = new char[1024];
-		wsprintfA(Log, "Rewrite: %i\r\n", dw);
-		WriteToLog(Log);
-		delete[] Log;
-
-		return S_OK; 
-	}
-
-	WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
-	Result = _SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
-	if (Result == S_OK)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "Result: %i\r\n", dw);
-		WriteToLog(Log);
-		delete[] Log;
-	} else {
-		WriteToLog("Failed\r\n");
-	}
-	WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
-
-	return Result;
-}
-
-HRESULT __fastcall New_Win8SL(PWSTR pwszValueName, DWORD *pdwValue)
-{
-	// wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
-	// for Windows 8 support
-
-	// Override SL Policy
-
-	extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
-
-	char *Log;
-	DWORD dw;
-	HRESULT Result;
-
-	Log = new char[1024];
-	wsprintfA(Log, "Policy query: %S\r\n", pwszValueName);
-	WriteToLog(Log);
-	delete[] Log;
-
-	if (OverrideSL(pwszValueName, &dw))
-	{
-		*pdwValue = dw;
-
-		Log = new char[1024];
-		wsprintfA(Log, "Rewrite: %i\r\n", dw);
-		WriteToLog(Log);
-		delete[] Log;
-
-		return S_OK; 
-	}
-
-	Result = _SLGetWindowsInformationDWORD(pwszValueName, pdwValue);
-	if (Result == S_OK)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "Result: %i\r\n", dw);
-		WriteToLog(Log);
-		delete[] Log;
-	} else {
-		WriteToLog("Failed\r\n");
-	}
-	
-	return Result;
-}
-
-#ifndef _WIN64
-HRESULT __fastcall New_Win8SL_CP(DWORD arg1, DWORD *pdwValue, PWSTR pwszValueName, DWORD arg4)
-{
-	// wrapped unexported function SLGetWindowsInformationDWORDWrapper in termsrv.dll
-	// for Windows 8 Consumer Preview support
-
-	return New_Win8SL(pwszValueName, pdwValue);
-}
-#endif
-
-HRESULT WINAPI New_CSLQuery_Initialize()
-{
-	extern PLATFORM_DWORD TermSrvBase;
-	extern FILE_VERSION FV;
-
-	char *Log;
-	DWORD *bServerSku = NULL;
-	DWORD *bRemoteConnAllowed = NULL;
-	DWORD *bFUSEnabled = NULL;
-	DWORD *bAppServerAllowed = NULL;
-	DWORD *bMultimonAllowed = NULL;
-	DWORD *lMaxUserSessions = NULL;
-	DWORD *ulMaxDebugSessions = NULL;
-	DWORD *bInitialized = NULL;
-
-	WriteToLog("> CSLQuery::Initialize\r\n");
-
-	if (FV.Release == 9431 && FV.Build == 0)
-	{
-		#ifdef _WIN64
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xC4490);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xC4494);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xC4498);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xC449C);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xC44A0);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xC44A4);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xC44A8);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xC44AC);
-		#else
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xA22A8);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xA22AC);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xA22B0);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xA22B4);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xA22B8);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xA22BC);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xA22C0);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xA22C4);
-		#endif
-	}
-	if (FV.Release == 9600 && FV.Build == 16384)
-	{
-		#ifdef _WIN64
-		bServerSku =			(DWORD*)(TermSrvBase + 0xE6494);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xE6498);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xE649C);
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xE64A0);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xE64A4);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xE64A8);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xE64AC);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xE64B0);
-		#else
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xC02A8);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xC02AC);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xC02B0);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xC02B4);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xC02B8);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xC02BC);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xC02C0);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xC02C4);
-		#endif
-		/* __ARM_ARCH_7
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0x?);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0x?);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0x?);
-		bInitialized =			(DWORD*)(TermSrvBase + 0x?);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0x?);
-		bServerSku =			(DWORD*)(TermSrvBase + 0x?);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0x?);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0x?);
-		*/
-	}
-	if (FV.Release == 9600 && FV.Build == 17095)
-	{
-		#ifdef _WIN64
-		bServerSku =			(DWORD*)(TermSrvBase + 0xE4494);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xE4498);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xE449C);
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xE44A0);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xE44A4);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xE44A8);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xE44AC);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xE44B0);
-		#else
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xC12A8);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xC12AC);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xC12B0);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xC12B4);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xC12B8);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xC12BC);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xC12C0);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xC12C4);
-		#endif
-	}
-	if (FV.Release == 9841 && FV.Build == 0)
-	{
-		#ifdef _WIN64
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xECFF8);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xECFFC);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xED000);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xED004);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xED008);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xED00C);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xED010);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xED014);
-		#else
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xBF9F0);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xBF9F4);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xBF9F8);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xBF9FC);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xBFA00);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xBFA04);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xBFA08);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xBFA0C);
-		#endif
-	}
-	if (FV.Release == 9860 && FV.Build == 0)
-	{
-		#ifdef _WIN64
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xECBD8);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xECBDC);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xECBE0);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xECBE4);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xECBE8);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xECBEC);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xECBF0);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xECBF4);
-		#else
-		bFUSEnabled =			(DWORD*)(TermSrvBase + 0xBF7E0);
-		lMaxUserSessions =		(DWORD*)(TermSrvBase + 0xBF7E4);
-		bAppServerAllowed =		(DWORD*)(TermSrvBase + 0xBF7E8);
-		bInitialized =			(DWORD*)(TermSrvBase + 0xBF7EC);
-		bMultimonAllowed =		(DWORD*)(TermSrvBase + 0xBF7F0);
-		bServerSku =			(DWORD*)(TermSrvBase + 0xBF7F4);
-		ulMaxDebugSessions =	(DWORD*)(TermSrvBase + 0xBF7F8);
-		bRemoteConnAllowed =	(DWORD*)(TermSrvBase + 0xBF7FC);
-		#endif
-	}
-	if (bServerSku)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] bServerSku = 1\r\n", bServerSku);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*bServerSku = 1;
-	}
-	if (bRemoteConnAllowed)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] bRemoteConnAllowed = 1\r\n", bRemoteConnAllowed);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*bRemoteConnAllowed = 1;
-	}
-	if (bFUSEnabled)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] bFUSEnabled = 1\r\n", bFUSEnabled);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*bFUSEnabled = 1;
-	}
-	if (bAppServerAllowed)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] bAppServerAllowed = 1\r\n", bAppServerAllowed);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*bAppServerAllowed = 1;
-	}
-	if (bMultimonAllowed)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] bMultimonAllowed = 1\r\n", bMultimonAllowed);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*bMultimonAllowed = 1;
-	}
-	if (lMaxUserSessions)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] lMaxUserSessions = 0\r\n", lMaxUserSessions);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*lMaxUserSessions = 0;
-	}
-	if (ulMaxDebugSessions)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] ulMaxDebugSessions = 0\r\n", ulMaxDebugSessions);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*ulMaxDebugSessions = 0;
-	}
-	if (bInitialized)
-	{
-		Log = new char[1024];
-		wsprintfA(Log, "[0x%p] bInitialized = 1\r\n", bInitialized);
-		WriteToLog(Log);
-		delete[] Log;
-
-		*bInitialized = 1;
-	}
-	return S_OK;
-}
-
-void Hook()
-{
-	extern FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD;
-	extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD;
-	extern HMODULE hTermSrv;
-	extern HMODULE hSLC;
-	extern PLATFORM_DWORD TermSrvBase;
-	extern FILE_VERSION FV;
-
-	AlreadyHooked = true;
-
-	bool Result;
-	char *Log;
-	SIZE_T bw;
-	WORD Ver = 0;
-	PLATFORM_DWORD TermSrvSize, SignPtr;
-	FARJMP Jump;
-	BYTE b;
-
-	WriteToLog("init\r\n");
-
-	hTermSrv = LoadLibrary(L"termsrv.dll");
-	if (hTermSrv == 0)
-	{
-		WriteToLog("Error: Failed to load Terminal Services library\r\n");
-		return;
-	}
-	_ServiceMain = (SERVICEMAIN)GetProcAddress(hTermSrv, "ServiceMain");
-	_SvchostPushServiceGlobals = (SVCHOSTPUSHSERVICEGLOBALS)GetProcAddress(hTermSrv, "SvchostPushServiceGlobals");
-
-	Log = new char[1024];
-	wsprintfA(Log, "Base addr:  0x%p\r\n", hTermSrv);
-	WriteToLog(Log);
-	delete[] Log;
-
-	Log = new char[1024];
-	wsprintfA(Log, "SvcMain:    termsrv.dll+0x%p\r\n", (PLATFORM_DWORD)_ServiceMain - (PLATFORM_DWORD)hTermSrv);
-	WriteToLog(Log);
-	delete[] Log;
-
-	Log = new char[1024];
-	wsprintfA(Log, "SvcGlobals: termsrv.dll+0x%p\r\n", (PLATFORM_DWORD)_SvchostPushServiceGlobals - (PLATFORM_DWORD)hTermSrv);
-	WriteToLog(Log);
-	delete[] Log;
-
-	// check termsrv version
-	if (GetModuleVersion(L"termsrv.dll", &FV))
-	{
-		Ver = (BYTE)FV.wVersion.Minor | ((BYTE)FV.wVersion.Major << 8);
-	} else {
-		// check NT version
-		// Ver = GetVersion(); // deprecated
-		// Ver = ((Ver & 0xFF) << 8) | ((Ver & 0xFF00) >> 8);
-	}
-	if (Ver == 0)
-	{
-		WriteToLog("Error: Failed to detect Terminal Services version\r\n");
-		return;
-	}
-
-	Log = new char[1024];
-	wsprintfA(Log, "Version: %d.%d\r\n", FV.wVersion.Major, FV.wVersion.Minor);
-	WriteToLog(Log);
-	delete[] Log;
-
-	Log = new char[1024];
-	wsprintfA(Log, "Release: %d\r\n", FV.Release);
-	WriteToLog(Log);
-	delete[] Log;
-
-	Log = new char[1024];
-	wsprintfA(Log, "Build:   %d\r\n", FV.Build);
-	WriteToLog(Log);
-	delete[] Log;
-
-	// temporarily freeze threads
-	WriteToLog("freeze\r\n");
-	SetThreadsState(false);
-
-	if (Ver == 0x0600)
-	{
-		// Windows Vista
-		// uses SL Policy API (slc.dll)
-		
-		// load slc.dll and hook function
-		hSLC = LoadLibrary(L"slc.dll");
-		_SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD");
-		if (_SLGetWindowsInformationDWORD != INVALID_HANDLE_VALUE)
-		{
-			// rewrite original function to call our function (make hook)
-
-			WriteToLog("Hook SLGetWindowsInformationDWORD\r\n");
-			#ifdef _WIN64
-			Stub_SLGetWindowsInformationDWORD.MovOp = 0x48;
-			Stub_SLGetWindowsInformationDWORD.MovRegArg = 0xB8;
-			Stub_SLGetWindowsInformationDWORD.MovArg =  (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
-			Stub_SLGetWindowsInformationDWORD.PushRaxOp = 0x50;
-			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
-			#else
-			Stub_SLGetWindowsInformationDWORD.PushOp = 0x68;
-			Stub_SLGetWindowsInformationDWORD.PushArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
-			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
-			#endif
-
-			ReadProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
-			WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
-		}
-
-		if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
-		{
-			// Patch functions:
-			// CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-			// CDefPolicy::Query
-
-			if (FV.Release == 6000 && FV.Build == 16386)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF756E0000
-				// .text:000007FF75745E38          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75745E3D          mov     ebx, 1     <- 0
-				// .text:000007FF75745E42          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75745E4A          mov     [rdi], ebx
-				// .text:000007FF75745E4C          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x65E3E);
-				b = 0;
-				#else
-				// Imagebase: 6F320000
-				// .text:6F3360B9          lea     eax, [ebp+VersionInformation]
-				// .text:6F3360BF          inc     ebx            <- nop
-				// .text:6F3360C0          push    eax             ; lpVersionInformation
-				// .text:6F3360C1          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F3360CB          mov     [esi], ebx
-				// .text:6F3360CD          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x160BF);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x5C88F);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx_jmp, sizeof(CDefPolicy_Query_eax_rcx_jmp), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x15CD8);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_edx_ecx, sizeof(CDefPolicy_Query_edx_ecx), &bw);
-				#endif
-			}
-			if (FV.Release == 6001 && FV.Build == 18000)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF76220000
-				// .text:000007FF76290DB4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF76290DB9          mov     ebx, 1     <- 0
-				// .text:000007FF76290DBE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF76290DC6          mov     [rdi], ebx
-				// .text:000007FF76290DC8          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x70DBA);
-				b = 0;
-				#else
-				// Imagebase: 6E800000
-				// .text:6E8185DE          lea     eax, [ebp+VersionInformation]
-				// .text:6E8185E4          inc     ebx            <- nop
-				// .text:6E8185E5          push    eax             ; lpVersionInformation
-				// .text:6E8185E6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6E8185F0          mov     [esi], ebx
-				// .text:6E8185F2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x185E4);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x65BD7);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx_jmp, sizeof(CDefPolicy_Query_eax_rcx_jmp), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17FD8);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_edx_ecx, sizeof(CDefPolicy_Query_edx_ecx), &bw);
-				#endif
-			}
-			if (FV.Release == 6002 && FV.Build == 18005)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF766C0000
-				// .text:000007FF76730FF0          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF76730FF5          mov     ebx, 1     <- 0
-				// .text:000007FF76730FFA          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF76731002          mov     [rdi], ebx
-				// .text:000007FF76731004          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x70FF6);
-				b = 0;
-				#else
-				// Imagebase: 6F580000
-				// .text:6F597FA2          lea     eax, [ebp+VersionInformation]
-				// .text:6F597FA8          inc     ebx            <- nop
-				// .text:6F597FA9          push    eax             ; lpVersionInformation
-				// .text:6F597FAA          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F597FB4          mov     [esi], ebx
-				// .text:6F597FB6          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17FA8);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x65E83);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx_jmp, sizeof(CDefPolicy_Query_eax_rcx_jmp), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x179C0);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_edx_ecx, sizeof(CDefPolicy_Query_edx_ecx), &bw);
-				#endif
-			}
-			if (FV.Release == 6002 && FV.Build == 19214)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75AC0000
-				// .text:000007FF75B312A4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75B312A9          mov     ebx, 1     <- 0
-				// .text:000007FF75B312AE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75B312B6          mov     [rdi], ebx
-				// .text:000007FF75B312B8          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x712AA);
-				b = 0;
-				#else
-				// Imagebase: 6F580000
-				// .text:6F597FBE          lea     eax, [ebp+VersionInformation]
-				// .text:6F597FC4          inc     ebx            <- nop
-				// .text:6F597FC5          push    eax             ; lpVersionInformation
-				// .text:6F597FC6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F597FD0          mov     [esi], ebx
-				// .text:6F597FD2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17FC4);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x65FF7);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx_jmp, sizeof(CDefPolicy_Query_eax_rcx_jmp), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x179B8);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_edx_ecx, sizeof(CDefPolicy_Query_edx_ecx), &bw);
-				#endif
-			}
-			if (FV.Release == 6002 && FV.Build == 23521)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75AC0000
-				// .text:000007FF75B31EA4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75B31EA9          mov     ebx, 1     <- 0
-				// .text:000007FF75B31EAE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75B31EB6          mov     [rdi], ebx
-				// .text:000007FF75B31EB8          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x71EAA);
-				b = 0;
-				#else
-				// Imagebase: 6F580000
-				// .text:6F597FAE          lea     eax, [ebp+VersionInformation]
-				// .text:6F597FB4          inc     ebx            <- nop
-				// .text:6F597FB5          push    eax             ; lpVersionInformation
-				// .text:6F597FB6          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F597FC0          mov     [esi], ebx
-				// .text:6F597FC2          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17FB4);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x669CB);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx_jmp, sizeof(CDefPolicy_Query_eax_rcx_jmp), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x179CC);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_edx_ecx, sizeof(CDefPolicy_Query_edx_ecx), &bw);
-				#endif
-			}
-		}
-	}
-	if (Ver == 0x0601)
-	{
-		// Windows 7
-		// uses SL Policy API (slc.dll)
-		
-		// load slc.dll and hook function
-		hSLC = LoadLibrary(L"slc.dll");
-		_SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD");
-		if (_SLGetWindowsInformationDWORD != INVALID_HANDLE_VALUE)
-		{
-			// rewrite original function to call our function (make hook)
-
-			WriteToLog("Hook SLGetWindowsInformationDWORD\r\n");
-			#ifdef _WIN64
-			Stub_SLGetWindowsInformationDWORD.MovOp = 0x48;
-			Stub_SLGetWindowsInformationDWORD.MovRegArg = 0xB8;
-			Stub_SLGetWindowsInformationDWORD.MovArg =  (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
-			Stub_SLGetWindowsInformationDWORD.PushRaxOp = 0x50;
-			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
-			#else
-			Stub_SLGetWindowsInformationDWORD.PushOp = 0x68;
-			Stub_SLGetWindowsInformationDWORD.PushArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD;
-			Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3;
-			#endif
-
-			ReadProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
-			WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw);
-		}
-
-		if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
-		{
-			// Patch functions:
-			// CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-			// CDefPolicy::Query
-
-			if (FV.Release == 7600 && FV.Build == 16385)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75A80000
-				// .text:000007FF75A97D90          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75A97D95          mov     ebx, 1     <- 0
-				// .text:000007FF75A97D9A          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75A97DA2          mov     [rdi], ebx
-				// .text:000007FF75A97DA4          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17D96);
-				b = 0;
-				#else
-				// Imagebase: 6F2E0000
-				// .text:6F2F9E1F          lea     eax, [ebp+VersionInformation]
-				// .text:6F2F9E25          inc     ebx            <- nop
-				// .text:6F2F9E26          push    eax             ; lpVersionInformation
-				// .text:6F2F9E27          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F2F9E31          mov     [esi], ebx
-				// .text:6F2F9E33          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19E25);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17AD2);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x196F3);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-			}
-			if (FV.Release == 7601 && FV.Build == 17514)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75A80000
-				// .text:000007FF75A980DC          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75A980E1          mov     ebx, 1     <- 0
-				// .text:000007FF75A980E6          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75A980EE          mov     [rdi], ebx
-				// .text:000007FF75A980F0          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x180E2);
-				b = 0;
-				#else
-				// Imagebase: 6F2E0000
-				// .text:6F2FA497          lea     eax, [ebp+VersionInformation]
-				// .text:6F2FA49D          inc     ebx            <- nop
-				// .text:6F2FA49E          push    eax             ; lpVersionInformation
-				// .text:6F2FA49F          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F2FA4A9          mov     [esi], ebx
-				// .text:6F2FA4AB          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A49D);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17D8A);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19D53);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-			}
-			if (FV.Release == 7601 && FV.Build == 18540)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75A80000
-				// .text:000007FF75A98000          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75A98005          mov     ebx, 1     <- 0
-				// .text:000007FF75A9800A          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75A98012          mov     [rdi], ebx
-				// .text:000007FF75A98014          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x18006);
-				b = 0;
-				#else
-				// Imagebase: 6F2E0000
-				// .text:6F2FA4DF          lea     eax, [ebp+VersionInformation]
-				// .text:6F2FA4E5          inc     ebx            <- nop
-				// .text:6F2FA4E6          push    eax             ; lpVersionInformation
-				// .text:6F2FA4E7          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F2FA4F1          mov     [esi], ebx
-				// .text:6F2FA4F3          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A4E5);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17C82);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19D9F);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-			}
-			if (FV.Release == 7601 && FV.Build == 22750)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75A80000
-				// .text:000007FF75A97E88          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75A97E8D          mov     ebx, 1     <- 0
-				// .text:000007FF75A97E92          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75A97E9A          mov     [rdi], ebx
-				// .text:000007FF75A97E9C          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17E8E);
-				b = 0;
-				#else
-				// Imagebase: 6F2E0000
-				// .text:6F2FA64F          lea     eax, [ebp+VersionInformation]
-				// .text:6F2FA655          inc     ebx            <- nop
-				// .text:6F2FA656          push    eax             ; lpVersionInformation
-				// .text:6F2FA657          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F2FA661          mov     [esi], ebx
-				// .text:6F2FA663          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A655);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17C92);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19E21);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-			}
-			if (FV.Release == 7601 && FV.Build == 18637)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75A80000
-				// .text:000007FF75A980F4          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75A980F9          mov     ebx, 1     <- 0
-				// .text:000007FF75A980FE          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75A98106          mov     [rdi], ebx
-				// .text:000007FF75A98108          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x180FA);
-				b = 0;
-				#else
-				// Imagebase: 6F2E0000
-				// .text:6F2FA4D7          lea     eax, [ebp+VersionInformation]
-				// .text:6F2FA4DD          inc     ebx            <- nop
-				// .text:6F2FA4DE          push    eax             ; lpVersionInformation
-				// .text:6F2FA4DF          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F2FA4E9          mov     [esi], ebx
-				// .text:6F2FA4EB          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A4DD);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17DC6);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19DBB);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-			}
-			if (FV.Release == 7601 && FV.Build == 22843)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// Imagebase: 7FF75A80000
-				// .text:000007FF75A97F90          lea     rcx, [rsp+198h+VersionInformation] ; lpVersionInformation
-				// .text:000007FF75A97F95          mov     ebx, 1     <- 0
-				// .text:000007FF75A97F9A          mov     [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000007FF75A97FA2          mov     [rdi], ebx
-				// .text:000007FF75A97FA4          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17F96);
-				b = 0;
-				#else
-				// Imagebase: 6F2E0000
-				// .text:6F2FA64F          lea     eax, [ebp+VersionInformation]
-				// .text:6F2FA655          inc     ebx            <- nop
-				// .text:6F2FA656          push    eax             ; lpVersionInformation
-				// .text:6F2FA657          mov     [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:6F2FA661          mov     [esi], ebx
-				// .text:6F2FA663          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A655);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17D6E);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19E25);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-			}
-		}
-	}
-	if (Ver == 0x0602)
-	{
-		// Windows 8
-		// uses SL Policy internal unexported function
-		
-		// load slc.dll and get function
-		// (will be used on intercepting undefined values)
-		hSLC = LoadLibrary(L"slc.dll");
-		_SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD");
-
-		if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
-		{
-			// Patch functions:
-			// CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-			// CDefPolicy::Query
-			// Hook function:
-			// SLGetWindowsInformationDWORDWrapper
-
-			if (FV.Release == 8102 && FV.Build == 0)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:000000018000D83A          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
-				// .text:000000018000D83F          mov     ebx, 1     <- 0
-				// .text:000000018000D844          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000000018000D84C          mov     [rdi], ebx
-				// .text:000000018000D84E          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xD840);
-				b = 0;
-				#else
-				// .text:1000F7E5          lea     eax, [esp+150h+VersionInformation]
-				// .text:1000F7E9          inc     esi            <- nop
-				// .text:1000F7EA          push    eax             ; lpVersionInformation
-				// .text:1000F7EB          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:1000F7F3          mov     [edi], esi
-				// .text:1000F7F5          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xF7E9);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xD3E6);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xE47C);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-
-				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A484);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1B909);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 8250 && FV.Build == 0)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:0000000180011E6E          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180011E73          mov     ebx, 1     <- 0
-				// .text:0000000180011E78          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180011E80          mov     [rdi], ebx
-				// .text:0000000180011E82          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x11E74);
-				b = 0;
-				#else
-				// .text:100159C5          lea     eax, [esp+150h+VersionInformation]
-				// .text:100159C9          inc     esi            <- nop
-				// .text:100159CA          push    eax             ; lpVersionInformation
-				// .text:100159CB          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:100159D3          mov     [edi], esi
-				// .text:100159D5          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x159C9);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1187A);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x13520);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-
-				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x18FAC);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1A0A9);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL_CP;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 8400 && FV.Build == 0)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:000000018002081E          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180020823          mov     ebx, 1     <- 0
-				// .text:0000000180020828          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180020830          mov     [rdi], ebx
-				// .text:0000000180020832          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x20824);
-				b = 0;
-				#else
-				// .text:1001547E          lea     eax, [esp+150h+VersionInformation]
-				// .text:10015482          inc     esi            <- nop
-				// .text:10015483          push    eax             ; lpVersionInformation
-				// .text:10015484          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:1001548C          mov     [edi], esi
-				// .text:1001548E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x15482);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1F102);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x13E48);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-
-				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2492C);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19629);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 9200 && FV.Build == 16384)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:000000018002BAA2          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
-				// .text:000000018002BAA7          mov     ebx, 1     <- 0
-				// .text:000000018002BAAC          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000000018002BAB4          mov     [rdi], ebx
-				// .text:000000018002BAB6          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2BAA8);
-				b = 0;
-				#else
-				// .text:1001554E          lea     eax, [esp+150h+VersionInformation]
-				// .text:10015552          inc     esi            <- nop
-				// .text:10015553          push    eax             ; lpVersionInformation
-				// .text:10015554          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:1001555C          mov     [edi], esi
-				// .text:1001555E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x15552);
-				b = 0x90;
-				#endif
-				/* __ARM_ARCH_7
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x?); // unknown
-				*/
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2A31A);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x13F08);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-				/* __ARM_ARCH_7
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x?); // unknown
-				*/
-
-				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x21FA8);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19559);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.RetOp = 0xC3;
-				#endif
-				/* __ARM_ARCH_7
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x5F934);
-				// hook opcodes?
-				Don't know how to make far jump on ARM platform
-				*/
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 9200 && FV.Build == 17048)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:0000000180020942          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180020947          mov     ebx, 1     <- 0
-				// .text:000000018002094C          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180020954          mov     [rdi], ebx
-				// .text:0000000180020956          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x20948);
-				b = 0;
-				#else
-				// .text:1002058E          lea     eax, [esp+150h+VersionInformation]
-				// .text:10020592          inc     esi            <- nop
-				// .text:10020593          push    eax             ; lpVersionInformation
-				// .text:10020594          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:1002059C          mov     [edi], esi
-				// .text:1002059E          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x20592);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1F206);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1F408);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-
-				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x24570);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x17059);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 9200 && FV.Build == 21166)
-			{
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:000000018002BAF2          lea     rcx, [rsp+180h+VersionInformation] ; lpVersionInformation
-				// .text:000000018002BAF7          mov     ebx, 1     <- 0
-				// .text:000000018002BAFC          mov     [rsp+180h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000000018002BB04          mov     [rdi], ebx
-				// .text:000000018002BB06          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2BAF8);
-				b = 0;
-				#else
-				// .text:10015576          lea     eax, [esp+150h+VersionInformation]
-				// .text:1001557A          inc     esi            <- nop
-				// .text:1001557B          push    eax             ; lpVersionInformation
-				// .text:1001557C          mov     [esp+154h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:10015584          mov     [edi], esi
-				// .text:10015586          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1557A);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2A3B6);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rdi, sizeof(CDefPolicy_Query_eax_rdi), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x13F30);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_esi, sizeof(CDefPolicy_Query_eax_esi), &bw);
-				#endif
-
-				WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x21FD0);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x19581);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_Win8SL;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-		}
-	}
-	if (Ver == 0x0603)
-	{
-		// Windows 8.1
-		// uses SL Policy internal inline code
-
-		if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
-		{
-			// Patch functions:
-			// CEnforcementCore::GetInstanceOfTSLicense
-			// CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-			// CDefPolicy::Query
-			// Hook function:
-			// CSLQuery::Initialize
-
-			if (FV.Release == 9431 && FV.Build == 0)
-			{
-				WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
-				#ifdef _WIN64
-				// .text:000000018009F713          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:000000018009F718          test    eax, eax
-				// .text:000000018009F71A          js      short loc_18009F73B
-				// .text:000000018009F71C          cmp     [rsp+48h+arg_18], 0
-				// .text:000000018009F721          jz      short loc_18009F73B <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x9F721);
-				#else
-				// .text:1008A604          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:1008A609          test    eax, eax
-				// .text:1008A60B          js      short loc_1008A628
-				// .text:1008A60D          cmp     [ebp+var_8], 0
-				// .text:1008A611          jz      short loc_1008A628 <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x8A611);
-				#endif
-				b = 0xEB;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:00000001800367F3          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
-				// .text:00000001800367F8          mov     ebx, 1     <- 0
-				// .text:00000001800367FD          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180036805          mov     [rdi], ebx
-				// .text:0000000180036807          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x367F9);
-				b = 0;
-				#else
-				// .text:100306A4          lea     eax, [esp+150h+VersionInformation]
-				// .text:100306A8          inc     ebx            <- nop
-				// .text:100306A9          mov     [edi], ebx
-				// .text:100306AB          push    eax             ; lpVersionInformation
-				// .text:100306AC          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x306A8);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x350FD);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx, sizeof(CDefPolicy_Query_eax_rcx), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2EA25);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_ecx, sizeof(CDefPolicy_Query_eax_ecx), &bw);
-				#endif
-
-				WriteToLog("Hook CSLQuery::Initialize\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x2F9C0);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x196B0);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 9600 && FV.Build == 16384)
-			{
-				WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
-				#ifdef _WIN64
-				// .text:000000018008181F                 cmp     [rsp+48h+arg_18], 0
-				// .text:0000000180081824                 jz      loc_180031DEF <- nop + jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x81824);
-				b = 0x90;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x81825);
-				b = 0xE9;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-				#else
-				// .text:100A271C          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:100A2721          test    eax, eax
-				// .text:100A2723          js      short loc_100A2740
-				// .text:100A2725          cmp     [ebp+var_8], 0
-				// .text:100A2729          jz      short loc_100A2740 <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xA2729);
-				b = 0xEB;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-				#endif
-
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:000000018002023B          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180020240          mov     ebx, 1     <- 0
-				// .text:0000000180020245          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:000000018002024D          mov     [rdi], ebx
-				// .text:000000018002024F          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x20241);
-				b = 0;
-				#else
-				// .text:10018024          lea     eax, [esp+150h+VersionInformation]
-				// .text:10018028          inc     ebx            <- nop
-				// .text:10018029          mov     [edi], ebx
-				// .text:1001802B          push    eax             ; lpVersionInformation
-				// .text:1001802C          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x18028);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x57829);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx, sizeof(CDefPolicy_Query_eax_rcx), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x16115);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_ecx, sizeof(CDefPolicy_Query_eax_ecx), &bw);
-				#endif
-
-				WriteToLog("Hook CSLQuery::Initialize\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x554C0);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1CEB0);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 9600 && FV.Build == 17095)
-			{
-				WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
-				#ifdef _WIN64
-				// .text:00000001800B914B          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:00000001800B9150          test    eax, eax
-				// .text:00000001800B9152          js      short loc_1800B9173
-				// .text:00000001800B9154          cmp     [rsp+48h+arg_18], 0
-				// .text:00000001800B9159          jz      short loc_1800B9173 <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xB9159);
-				#else
-				// .text:100A36C4          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:100A36C9          test    eax, eax
-				// .text:100A36CB          js      short loc_100A36E8
-				// .text:100A36CD          cmp     [ebp+var_8], 0
-				// .text:100A36D1          jz      short loc_100A36E8 <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xA36D1);
-				#endif
-				b = 0xEB;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:0000000180021823          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180021828          mov     ebx, 1     <- 0
-				// .text:000000018002182D          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180021835          mov     [rdi], ebx
-				// .text:0000000180021837          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x21829);
-				b = 0;
-				#else
-				// .text:10036BA5          lea     eax, [esp+150h+VersionInformation]
-				// .text:10036BA9          inc     ebx            <- nop
-				// .text:10036BAA          mov     [edi], ebx
-				// .text:10036BAC          push    eax             ; lpVersionInformation
-				// .text:10036BAD          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x36BA9);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1F6A1);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx, sizeof(CDefPolicy_Query_eax_rcx), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x16115);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_ecx, sizeof(CDefPolicy_Query_eax_ecx), &bw);
-				#endif
-
-				WriteToLog("Hook CSLQuery::Initialize\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x3B110);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x117F1);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-		}
-	}
-	if (Ver == 0x0604)
-	{
-		// Windows 10
-		// uses SL Policy internal inline code
-
-		if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize))
-		{
-			// Patch functions:
-			// CEnforcementCore::GetInstanceOfTSLicense
-			// CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
-			// CDefPolicy::Query
-			// Hook function:
-			// CSLQuery::Initialize
-
-			if (FV.Release == 9841 && FV.Build == 0)
-			{
-				WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
-				#ifdef _WIN64
-				// .text:0000000180081133          call    sub_1800A9048
-				// .text:0000000180081138          test    eax, eax
-				// .text:000000018008113A          js      short loc_18008115B
-				// .text:000000018008113C          cmp     [rsp+58h+arg_18], 0
-				// .text:0000000180081141          jz      short loc_18008115B <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x81141);
-				#else
-				// .text:1009569B          call    sub_100B7EE5
-				// .text:100956A0          test    eax, eax
-				// .text:100956A2          js      short loc_100956BF
-				// .text:100956A4          cmp     [ebp+var_C], 0
-				// .text:100956A8          jz      short loc_100956BF <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x956A8);
-				#endif
-				b = 0xEB;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:0000000180012153          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180012158          mov     ebx, 1     <- 0
-				// .text:000000018001215D          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180012165          mov     [rdi], ebx
-				// .text:0000000180012167          call    cs:GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x12159);
-				b = 0;
-				#else
-				// .text:10030121          lea     eax, [esp+150h+VersionInformation]
-				// .text:10030125          inc     ebx            <- nop
-				// .text:10030126          mov     [edi], ebx
-				// .text:10030128          push    eax             ; lpVersionInformation
-				// .text:10030129          call    ds:GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x30125);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xC125);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx, sizeof(CDefPolicy_Query_eax_rcx), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x3B989);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_ecx, sizeof(CDefPolicy_Query_eax_ecx), &bw);
-				#endif
-
-				WriteToLog("Hook CSLQuery::Initialize\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1EA50);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x46A68);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-			if (FV.Release == 9860 && FV.Build == 0)
-			{
-				WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n");
-				#ifdef _WIN64
-				// .text:0000000180081083          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:0000000180081088          test    eax, eax
-				// .text:000000018008108A          js      short loc_1800810AB
-				// .text:000000018008108C          cmp     [rsp+58h+arg_18], 0
-				// .text:0000000180081091          jz      short loc_1800810AB <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x81091);
-				#else
-				// .text:100962BB          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
-				// .text:100962C0          test    eax, eax
-				// .text:100962C2          js      short loc_100962DF
-				// .text:100962C4          cmp     [ebp+var_C], 0
-				// .text:100962C8          jz      short loc_100962DF <- jmp
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x962C8);
-				#endif
-				b = 0xEB;
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n");
-				#ifdef _WIN64
-				// .text:0000000180011AA3          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
-				// .text:0000000180011AA8          mov     ebx, 1     <- 0
-				// .text:0000000180011AAD          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
-				// .text:0000000180011AB5          mov     [rdi], ebx
-				// .text:0000000180011AB7          call    cs:__imp_GetVersionExW
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x11AA9);
-				b = 0;
-				#else
-				// .text:10030841          lea     eax, [esp+150h+VersionInformation]
-				// .text:10030845          inc     ebx            <- nop
-				// .text:10030846          mov     [edi], ebx
-				// .text:10030848          push    eax             ; lpVersionInformation
-				// .text:10030849          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x30845);
-				b = 0x90;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &b, sizeof(b), &bw);
-
-				WriteToLog("Patch CDefPolicy::Query\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0xB9F5);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_rcx, sizeof(CDefPolicy_Query_eax_rcx), &bw);
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x3BEC9);
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &CDefPolicy_Query_eax_ecx, sizeof(CDefPolicy_Query_eax_ecx), &bw);
-				#endif
-
-				WriteToLog("Hook CSLQuery::Initialize\r\n");
-				#ifdef _WIN64
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x1EB00);
-				Jump.MovOp = 0x48;
-				Jump.MovRegArg = 0xB8;
-				Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.PushRaxOp = 0x50;
-				Jump.RetOp = 0xC3;
-				#else
-				SignPtr = (PLATFORM_DWORD)(TermSrvBase + 0x46F18);
-				Jump.PushOp = 0x68;
-				Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize;
-				Jump.RetOp = 0xC3;
-				#endif
-				WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw);
-			}
-		}
-	}
-	WriteToLog("resume\r\n");
-	SetThreadsState(true);
-	return;
-}
-
-void WINAPI ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv)
-{
-	WriteToLog("> ServiceMain\r\n");
-	if (!AlreadyHooked) Hook();
-
-	if (_ServiceMain != NULL) _ServiceMain(dwArgc, lpszArgv);
-}
-
-void WINAPI SvchostPushServiceGlobals(void *lpGlobalData)
-{
-	WriteToLog("> SvchostPushServiceGlobals\r\n");
-	if (!AlreadyHooked) Hook();
-
-	if (_SvchostPushServiceGlobals != NULL) _SvchostPushServiceGlobals(lpGlobalData); 
-}
\ No newline at end of file
diff --git a/src-x86-x64-Fusix/src/version.bin b/src-x86-x64-Fusix/src/version.bin
deleted file mode 100644
index 184c65d..0000000
Binary files a/src-x86-x64-Fusix/src/version.bin and /dev/null differ
diff --git a/src-x86-x64-Fusix/src/stdafx.cpp b/src-x86-x64-Fusix/stdafx.cpp
similarity index 100%
rename from src-x86-x64-Fusix/src/stdafx.cpp
rename to src-x86-x64-Fusix/stdafx.cpp
diff --git a/src-x86-x64-Fusix/src/stdafx.h b/src-x86-x64-Fusix/stdafx.h
similarity index 100%
rename from src-x86-x64-Fusix/src/stdafx.h
rename to src-x86-x64-Fusix/stdafx.h
diff --git a/src-x86-x64-Fusix/src/targetver.h b/src-x86-x64-Fusix/targetver.h
similarity index 100%
rename from src-x86-x64-Fusix/src/targetver.h
rename to src-x86-x64-Fusix/targetver.h
diff --git a/technical.txt b/technical.txt
new file mode 100644
index 0000000..eec609f
--- /dev/null
+++ b/technical.txt
@@ -0,0 +1,561 @@
+RDP Wrapper Library project by Stas'M
+
+Terminal Services supported versions
+6.0.X.X          (Windows Vista, any)                           [policy hook only]
+6.0.6000.16386   (Windows Vista)                                [policy hook + extended patch]
+6.0.6000.20723   (Windows Vista with KB944917)                  [todo]
+6.0.6001.18000   (Windows Vista SP1)                            [policy hook + extended patch]
+6.0.6001.22286   (Windows Vista SP1 with KB958612)              [todo]
+6.0.6001.22357   (Windows Vista SP1 with KB958612 v2)           [todo]
+6.0.6001.22323   (Windows Vista SP1 with KB960742)              [todo]
+6.0.6001.22392   (Windows Vista SP1 with KB968680)              [todo]
+6.0.6001.22565   (Windows Vista SP1 with KB977541)              [todo]
+6.0.6001.22635   (Windows Vista SP1 with KB970911)              [todo]
+6.0.6001.22801   (Windows Vista SP1 with KB2381675)             [todo]
+6.0.6002.18005   (Windows Vista SP2)                            [policy hook + extended patch]
+6.0.6002.22269   (Windows Vista SP2 with KB977541)              [todo]
+6.0.6002.22340   (Windows Vista SP2 with KB970911)              [todo]
+6.0.6002.22515   (Windows Vista SP2 with KB2381675)             [todo]
+6.0.6002.22641   (Windows Vista SP2 with KB2523307)             [todo]
+6.0.6002.22790   (Windows Vista SP2 with KB2672601)             [todo]
+6.0.6002.19214   (Windows Vista SP2 with KB3003743 GDR)         [policy hook + extended patch]
+6.0.6002.23521   (Windows Vista SP2 with KB3003743 LDR)         [policy hook + extended patch]
+6.1.X.X          (Windows 7, any)                               [policy hook only]
+6.1.7100.0       (Windows 7 Release Candidate)                  [todo]
+6.1.7600.16385   (Windows 7)                                    [policy hook + extended patch]
+6.1.7600.20661   (Windows 7 with KB951422)                      [todo]
+6.1.7600.21085   (Windows 7 with KB951422 v2)                   [todo]
+6.1.7600.20621   (Windows 7 with KB979470)                      [todo]
+6.1.7600.20890   (Windows 7 with KB2479710)                     [policy hook + extended patch]
+6.1.7600.21316   (Windows 7 with KB2750090)                     [policy hook + extended patch]
+6.1.7600.21420   (Windows 7 with KB2800789)                     [todo]
+6.1.7601.17514   (Windows 7 SP1)                                [policy hook + extended patch]
+6.1.7601.21855   (Windows 7 SP1 with KB951422 v2)               [todo]
+6.1.7601.21650   (Windows 7 SP1 with KB2479710)                 [policy hook + extended patch]
+6.1.7601.21866   (Windows 7 SP1 with KB2647409)                 [policy hook + extended patch]
+6.1.7601.22104   (Windows 7 SP1 with KB2750090)                 [policy hook + extended patch]
+6.1.7601.22213   (Windows 7 SP1 with KB2800789)                 [todo]
+6.1.7601.22476   (Windows 7 SP1 with KB2870165)                 [todo]
+6.1.7601.22435   (Windows 7 SP1 with KB2878424)                 [todo]
+6.1.7601.22477   (Windows 7 SP1 with KB2896256)                 [todo]
+6.1.7601.18540   (Windows 7 SP1 with KB2984972 GDR)             [policy hook + extended patch]
+6.1.7601.22750   (Windows 7 SP1 with KB2984972 LDR)             [policy hook + extended patch]
+6.1.7601.18637   (Windows 7 SP1 with KB3003743 GDR)             [policy hook + extended patch]
+6.1.7601.22843   (Windows 7 SP1 with KB3003743 LDR)             [policy hook + extended patch]
+6.1.7601.23403   (Windows 7 SP1 with KB3125574)                 [policy hook + extended patch]
+6.1.7601.24234   (Windows 7 SP1 with KB4462923)                 [policy hook + extended patch]
+6.2.8102.0       (Windows 8 Developer Preview)                  [policy hook + extended patch]
+6.2.8250.0       (Windows 8 Consumer Preview)                   [policy hook + extended patch]
+6.2.8400.0       (Windows 8 Release Preview)                    [policy hook + extended patch]
+6.2.9200.16384   (Windows 8)                                    [policy hook + extended patch]
+6.2.9200.17048   (Windows 8 with KB2973501 GDR)                 [policy hook + extended patch]
+6.2.9200.21166   (Windows 8 with KB2973501 LDR)                 [policy hook + extended patch]
+6.3.9431.0       (Windows 8.1 Preview)                          [init hook + extended patch]
+6.3.9600.16384   (Windows 8.1)                                  [init hook + extended patch]
+6.3.9600.17095   (Windows 8.1 with KB2959626)                   [init hook + extended patch]
+6.3.9600.17415   (Windows 8.1 with KB3000850)                   [init hook + extended patch]
+6.3.9600.18692   (Windows 8.1 with KB4022720)                   [init hook + extended patch]
+6.3.9600.18708   (Windows 8.1 with KB4025335)                   [init hook + extended patch]
+6.3.9600.18928   (Windows 8.1 with KB4088876)                   [init hook + extended patch]
+6.3.9600.19093   (Windows 8.1 with KB4343891)                   [init hook + extended patch]
+6.4.9841.0       (Windows 10 Technical Preview)                 [init hook + extended patch]
+6.4.9860.0       (Windows 10 Technical Preview UP1)             [init hook + extended patch]
+6.4.9879.0       (Windows 10 Technical Preview UP2)             [init hook + extended patch]
+10.0.9926.0      (Windows 10 Pro Technical Preview)             [init hook + extended patch]
+10.0.10041.0     (Windows 10 Pro Technical Preview UP1)         [init hook + extended patch]
+10.0.10049.0     (Windows 10 Pro Technical Preview UP2)         [todo]
+10.0.10061.0     (Windows 10 Pro Technical Preview UP3)         [todo]
+10.0.10240.16384 (Windows 10 RTM)                               [init hook + extended patch]
+10.0.10525.0     (Windows 10 th2_release.150812-1658)           [todo]
+10.0.10532.0     (Windows 10 th2_release.150822-1406)           [todo]
+10.0.10547.0     (Windows 10 th2_release.150913-1511)           [todo]
+10.0.10586.0     (Windows 10 th2_release.151029-1700)           [init hook + extended patch]
+10.0.10586.589   (Windows 10 th2_release.160906-1759)           [init hook + extended patch]
+10.0.11082.1000  (Windows 10 rs1_release.151210-2021)           [init hook + extended patch]
+10.0.11102.1000  (Windows 10 rs1_release.160113-1800)           [init hook + extended patch]
+10.0.14251.1000  (Windows 10 rs1_release.160124-1059)           [init hook + extended patch]
+10.0.14271.1000  (Windows 10 rs1_release.160218-2310)           [init hook + extended patch]
+10.0.14279.1000  (Windows 10 rs1_release.160229-1700)           [init hook + extended patch]
+10.0.14295.1000  (Windows 10 rs1_release.160318-1628)           [init hook + extended patch]
+10.0.14300.1000  (Windows Server 2016 Technical Preview 5)      [init hook + extended patch]
+10.0.14316.1000  (Windows 10 rs1_release.160402-2227)           [init hook + extended patch]
+10.0.14328.1000  (Windows 10 rs1_release.160418-1609)           [init hook + extended patch]
+10.0.14332.1001  (Windows 10 rs1_release.160422-1940)           [init hook + extended patch]
+10.0.14342.1000  (Windows 10 rs1_release.160506-1708)           [init hook + extended patch]
+10.0.14352.1002  (Windows 10 rs1_release.160522-1930)           [init hook + extended patch]
+10.0.14366.0     (Windows 10 rs1_release.160610-1700)           [init hook + extended patch]
+10.0.14367.0     (Windows 10 rs1_release.160613-1700)           [init hook + extended patch]
+10.0.14372.0     (Windows 10 rs1_release.160620-2342)           [init hook + extended patch]
+10.0.14379.0     (Windows 10 rs1_release.160627-1607)           [init hook + extended patch]
+10.0.14383.0     (Windows 10 rs1_release.160701-1839)           [init hook + extended patch]
+10.0.14385.0     (Windows 10 rs1_release.160706-1700)           [init hook + extended patch]
+10.0.14388.0     (Windows 10 rs1_release.160709-1635)           [init hook + extended patch]
+10.0.14393.0     (Windows 10 rs1_release.160715-1616)           [init hook + extended patch]
+10.0.14393.1198  (Windows 10 rs1_release_sec.170427-1353)       [init hook + extended patch]
+10.0.14393.1737  (Windows 10 rs1_release_inmarket.170914-1249)  [init hook + extended patch]
+10.0.14393.2457  (Windows 10 rs1_release_inmarket.180822-1743)  [init hook + extended patch]
+10.0.14901.1000  (Windows 10 rs_prerelease.160805-1700)         [init hook + extended patch]
+10.0.14905.1000  (Windows 10 rs_prerelease.160811-1739)         [init hook + extended patch]
+10.0.14915.1000  (Windows 10 rs_prerelease.160826-1902)         [init hook + extended patch]
+10.0.14926.1000  (Windows 10 rs_prerelease.160910-1529)         [init hook + extended patch]
+10.0.14931.1000  (Windows 10 rs_prerelease.160916-1700)         [init hook + extended patch]
+10.0.14936.1000  (Windows 10 rs_prerelease.160923-1700)         [init hook + extended patch]
+10.0.14942.1000  (Windows 10 rs_prerelease.161003-1929)         [init hook + extended patch]
+10.0.14946.1000  (Windows 10 rs_prerelease.161007-1700)         [init hook + extended patch]
+10.0.14951.1000  (Windows 10 rs_prerelease.161014-1700)         [init hook + extended patch]
+10.0.14955.1000  (Windows 10 rs_prerelease.161020-1700)         [init hook + extended patch]
+10.0.14959.1000  (Windows 10 rs_prerelease.161026-1700)         [init hook + extended patch]
+10.0.14965.1001  (Windows 10 rs_prerelease.161104-1700)         [init hook + extended patch]
+10.0.14971.1000  (Windows 10 rs_prerelease.161111-1700)         [init hook + extended patch]
+10.0.14986.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.14997.1001  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15002.1001  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15007.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15014.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15019.1000  (Windows 10 rs_prerelease.170121-1513)         [init hook + extended patch]
+10.0.15025.1000  (Windows 10 rs_prerelease.170127-1750)         [init hook + extended patch]
+10.0.15031.0     (Windows 10 rs2_release.170204-1546)           [init hook + extended patch]
+10.0.15042.0     (Windows 10 rs2_release.170219-2329)           [init hook + extended patch]
+10.0.15046.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15048.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15055.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15058.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15061.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15063.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15063.296   (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15063.994   (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.15063.1155  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16179.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16184.1001  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16199.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16215.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16232.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16237.1001  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16241.1001  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16251.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16251.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16257.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16257.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16273.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16275.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16278.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16281.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16288.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16291.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16294.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16296.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16299.0     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16299.15    (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16353.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.16362.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17004.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17017.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17025.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17035.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17040.1000  (Windows 10 WinBuild.160101.0800)              [todo]
+10.0.17046.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17063.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17074.1002  (Windows 10 WinBuild.160101.0800)              [todo]
+10.0.17083.1000  (Windows 10 WinBuild.160101.0800)              [todo]
+10.0.17115.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17128.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17133.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17134.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17723.1000  (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+10.0.17763.1     (Windows 10 WinBuild.160101.0800)              [init hook + extended patch]
+
+Source code changelog (rdpwrap library):
+
+2018.10.10 :
+- added support for termsrv.dll 6.1.7601.24234 x86
+
+2018.10.04 :
+- added support for termsrv.dll 10.0.14393.2457 x86
+
+2018.10.03 :
+- added support for termsrv.dll 6.1.7601.24234 x64
+- added support for termsrv.dll 10.0.15063.994 x64
+- added support for termsrv.dll 10.0.17723.1000 x64
+- added support for termsrv.dll 10.0.17763.1
+
+2018.09.10 :
+- added support for termsrv.dll 6.1.7600.20890
+- added support for termsrv.dll 6.1.7600.21316
+- added support for termsrv.dll 6.1.7601.21650
+- added support for termsrv.dll 6.1.7601.21866
+- added support for termsrv.dll 6.1.7601.22104
+- added support for termsrv.dll 6.3.9600.19093
+- added support for termsrv.dll 10.0.14393.2457 x64
+- added support for termsrv.dll 10.0.15063.1155 x64
+
+2018.05.16 :
+- added support for termsrv.dll 10.0.17115.1
+- added support for termsrv.dll 10.0.17128.1
+- added support for termsrv.dll 10.0.17133.1
+- added support for termsrv.dll 10.0.17134.1
+
+2018.03.26 :
+- added support for termsrv.dll 6.3.9600.18928 by 1nd1g0
+
+2017.12.27 :
+- added support for termsrv.dll 10.0.17017.1000
+- added support for termsrv.dll 10.0.17025.1000
+- added support for termsrv.dll 10.0.17035.1000
+- added support for termsrv.dll 10.0.17046.1000
+- added support for termsrv.dll 10.0.17063.1000
+
+2017.10.13 :
+- added support for termsrv.dll 10.0.14393.1737
+- added support for termsrv.dll 10.0.16299.0
+- added support for termsrv.dll 10.0.16299.15
+- added support for termsrv.dll 10.0.17004.1000
+
+2017.09.24 :
+- added support for termsrv.dll 10.0.16291.0
+- added support for termsrv.dll 10.0.16294.1
+- added support for termsrv.dll 10.0.16296.0
+- added support for termsrv.dll 10.0.16362.1000
+
+2017.09.15 :
+- added support for termsrv.dll 10.0.16288.1
+
+2017.09.06 :
+- added support for termsrv.dll 10.0.16273.1000
+- added support for termsrv.dll 10.0.16275.1000
+- added support for termsrv.dll 10.0.16278.1000
+- added support for termsrv.dll 10.0.16281.1000
+- added support for termsrv.dll 10.0.16353.1000
+
+2017.08.04 :
+- added support for termsrv.dll 10.0.16257.1
+- added support for termsrv.dll 10.0.16257.1000
+
+2017.07.30 :
+- added support for termsrv.dll 6.3.9600.18708
+- added support for termsrv.dll 10.0.16232.1000
+- added support for termsrv.dll 10.0.16237.1001
+- added support for termsrv.dll 10.0.16241.1001
+- added support for termsrv.dll 10.0.16251.0
+- added support for termsrv.dll 10.0.16251.1000
+
+2017.06.29 :
+- added support for termsrv.dll 6.3.9600.18692
+
+2017.06.10 :
+- added support for termsrv.dll 10.0.15063.296
+- added support for termsrv.dll 10.0.16215.1000
+
+2017.05.29 :
+- added support for termsrv.dll 10.0.16199.1000
+
+2017.05.17 :
+- added support for termsrv.dll 10.0.14997.1001 x64
+
+2017.05.12 :
+- added support for termsrv.dll 10.0.14393.1198 x86
+
+2017.05.03 :
+- added support for termsrv.dll 10.0.16179.1000
+- added support for termsrv.dll 10.0.16184.1001
+
+2017.03.22 :
+- added support for termsrv.dll 10.0.15063.0
+
+2017.03.21 :
+- added support for termsrv.dll 10.0.15061.0
+
+2017.03.16 :
+- added support for termsrv.dll 10.0.15058.0
+
+2017.03.14 :
+- added support for termsrv.dll 10.0.15055.0
+
+2017.03.05 :
+- added support for termsrv.dll 10.0.15048.0
+
+2017.03.02 :
+- added support for termsrv.dll 10.0.15046.0
+
+2017.03.01 :
+- added support for termsrv.dll 10.0.15031.0
+- added support for termsrv.dll 10.0.15042.0
+
+2017.02.03 :
+- added support for termsrv.dll 10.0.15025.1000 x64
+
+2017.01.28 :
+- added support for termsrv.dll 10.0.15019.1000
+
+2017.01.21 :
+- added support for termsrv.dll 10.0.15014.1000
+
+2017.01.15 :
+- added support for termsrv.dll 10.0.15007.1000
+
+2017.01.12 :
+- added support for termsrv.dll 10.0.15002.1001
+
+2016.12.23 :
+- added support for termsrv.dll 10.0.14986.1000
+
+2016.11.19 :
+- added support for termsrv.dll 10.0.14959.1000
+- added support for termsrv.dll 10.0.14965.1001
+- added support for termsrv.dll 10.0.14971.1000
+
+2016.10.28 :
+- added support for termsrv.dll 10.0.14955.1000
+
+2016.10.21 :
+- added support for termsrv.dll 10.0.14951.1000
+
+2016.10.19 :
+- added support for termsrv.dll 10.0.14946.1000
+
+2016.10.08 :
+- added support for termsrv.dll 10.0.14942.1000
+
+2016.09.30 :
+- added support for termsrv.dll 10.0.14936.1000
+
+2016.09.27 :
+- added support for termsrv.dll 10.0.14931.1000
+
+2016.09.15 :
+- added support for termsrv.dll 10.0.14926.1000
+
+2016.09.14 :
+- added support for termsrv.dll 10.0.10586.589
+
+2016.09.03 :
+- added support for termsrv.dll 10.0.14915.1000
+
+2016.08.28 :
+- added support for termsrv.dll 6.1.7601.23403
+- added support for termsrv.dll 10.0.14901.1000
+- added support for termsrv.dll 10.0.14905.1000
+
+2016.08.12 :
+- added support for termsrv.dll 10.0.14385.0
+
+2016.08.01 :
+- preparing the release
+
+2016.07.23 :
+- added online install mode to installer
+- added feature to keep settings on uninstall
+- fixed update firewall rule on port change in config tool
+- added feature to hide users on logon
+
+2016.07.22 :
+- added support for termsrv.dll 10.0.14393.0
+
+2016.07.15 :
+- added support for termsrv.dll 10.0.14383.0
+- added support for termsrv.dll 10.0.14388.0
+
+2016.07.06 :
+- added support for termsrv.dll 10.0.14379.0
+
+2016.06.27 :
+- added support for termsrv.dll 10.0.14372.0 x86
+
+2016.06.26 :
+- added support for termsrv.dll 10.0.14372.0 x64 by kbmorris
+
+2016.06.17 :
+- fixed issue with termsrv.dll 10.0.14352.1002
+- added support for termsrv.dll 10.0.14366.0
+- added support for termsrv.dll 10.0.14367.0
+
+2016.05.30 :
+- added support for termsrv.dll 10.0.14352.1002
+
+2016.05.14 :
+- added support for termsrv.dll 10.0.14342.1000
+
+2016.05.08 :
+- added support for termsrv.dll 10.0.14300.1000 x64
+- added support for termsrv.dll 10.0.14328.1000
+
+2016.04.29 :
+- added support for termsrv.dll 10.0.14332.1001 by maxpiva
+
+2016.04.14 :
+- added support for termsrv.dll 10.0.14316.1000
+
+2016.04.06 :
+- added support for termsrv.dll 10.0.14295.1000
+
+2016.03.07 :
+- added experimental codes for ARMv7 architecture (see rdpwrap-arm-kb.ini)
+- Windows RT / termsrv.dll 6.2.9200.16384
+- Windows RT 8.1 / termsrv.dll 6.3.9600.16384
+- Windows RT 8.1 / termsrv.dll 6.3.9600.17095
+
+2016.03.06 :
+- added support for termsrv.dll 10.0.14279.1000
+
+2016.02.29 :
+- added support for termsrv.dll 10.0.14271.1000
+
+2016.01.28 :
+- added support for termsrv.dll 10.0.14251.1000
+
+2016.01.26 :
+- added support for termsrv.dll 10.0.11102.1000
+
+2016.01.15 :
+- updated messages in the installer
+- added support for termsrv.dll 10.0.11082.1000
+
+2015.11.14 :
+- added support for termsrv.dll 10.0.10586.0
+
+2015.08.11 :
+- embed new rdpclip versions in the installer (for NT 6.0 and 6.1)
+- preparing the release
+
+2015.08.07 :
+- added INI update feature to installer
+
+2015.07.30 :
+- fixed issue with Windows 10 Home x86 (wrong LocalOnly offset was specified in INI file)
+
+2015.07.17 :
+- added support for termsrv.dll 10.0.10240.16384
+- added HOW TO hints to KB (so other reverse engineers can do this hard work more easier)
+
+2015.07.16 :
+- moved all comments from INI file to Knowledge Base text file
+- now INI file have smaller size
+- updated RDP checker: changed IP Address to 127.0.0.2 (sometimes client doesn't want to connect .1), updated text message
+- updated RDP config: list all possible shadowing modes, also write group policy
+- updated installer: added workaround for 1056 error
+- updated copyright years in source code
+- obtained files from build 10.0.10240.16384
+- researching Windows 10 RTM
+
+2015.03.23 :
+- researching Windows 10 Pro Technical Preview UP1
+- added support for termsrv.dll 10.0.10041.0
+
+2015.03.20 :
+- new build 10.0.10041.0 was released, obtaining files...
+
+2015.01.26 :
+- researching Windows 10 Pro Technical Preview (10.0.9926.0 x86)
+- added support for termsrv.dll 10.0.9926.0 (x86)
+
+2015.01.22 :
+- v-yadli contributed offsets for version 10.0.9926.0 (x64)
+
+2014.12.13 :
+- added more policy values to INI file
+
+2014.12.10 :
+- C++ version seems to work well now!
+- added support for termsrv.dll 6.4.9879.0
+- preparing the new release
+
+2014.12.09 :
+- many bug fixes in C++ version, you can track it in the git history :)
+- it can be compiled now :D
+- we are getting closer to the finish line!
+
+2014.12.03 :
+- added INI reader by Fusix for C++ version
+- asulwer also helped with the development
+
+2014.11.25 :
+- corrected some typos in INI file
+- added EasyPrint policy value
+
+2014.11.24 :
+- added support for termsrv.dll 6.3.9600.17415
+
+2014.11.21 :
+- new LiteINI module to read INI files
+- added support to store patch settings in INI file
+- version support can be extended without recompilation
+- C++ version needs to be updated
+
+2014.11.20 :
+- improved comments
+- researching KB3000850
+- found required files
+- improving RDPWrap...
+- placing signatures, offsets, values, etc in separate config file
+- working with code
+
+2014.11.13 :
+- researching KB3003743
+- added support for version 6.0.6002.19214
+- added support for version 6.0.6002.23521
+- added support for version 6.1.7601.18637
+- added support for version 6.1.7601.22843
+
+2014.11.02 :
+- researching termsrv.dll 6.4.9860.0
+- done
+
+2014.10.19 :
+- added support for version 6.0.6000.16386 (x64)
+- added support for version 6.0.6001.18000 (x64)
+- added support for version 6.1.7600.16385
+
+2014.10.18 :
+- corrected some typos in source
+- simplified signature constants
+- added support for version 6.0.6000.16386 (x86)
+- added support for version 6.0.6001.18000 (x86)
+- added support for version 6.0.6002.18005
+- added support for version 6.1.7601.17514
+- added support for version 6.1.7601.18540
+- added support for version 6.1.7601.22750
+- added support for version 6.2.9200.17048
+- added support for version 6.2.9200.21166
+
+2014.10.17 :
+- collecting information about all versions of Terminal Services beginning from Vista
+- added [todo] to the versions list
+
+2014.10.16 :
+- got new updates: KB2984972 for Win 7 (still works with 2 concurrent users) and KB2973501 for Win 8 (doesn't work)
+
+2014.10.02 :
+- researching Windows 10 TP Remote Desktop
+- done! even without debugging symbols ^^)
+
+2014.07.20 :
+- added support for Windows 8 Release Preview
+- added support for Windows 8 Consumer Preview
+- added support for Windows 8 Developer Preview
+
+2014.07.19 :
+- improved patching of Windows 8
+- added policy patches
+- will patch CDefPolicy::Query
+- will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+
+2014.07.18 :
+- researched patched files from MDL forum
+- CSLQuery::GetMaxSessions requires no patching
+- it's better to change the default policy, so...
+- will patch CDefPolicy::Query
+- will patch CEnforcementCore::GetInstanceOfTSLicense
+- will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+- the function CSLQuery::Initialize is hooked correctly
+
+2014.07.17 :
+- will hook only CSLQuery::Initialize function
+- CSLQuery::GetMaxSessions will be patched
+- added x86 signatures for 6.3.9431.0 (Windows 8.1 Preview)
+
+2014.07.16 :
+- changing asm opcodes is bad, will hook CSL functions
+
+2014.07.15 :
+- added x86 signatures for 6.3.9600.16384 (Windows 8.1)
+2014.07.15 :
+- added x86 signatures for 6.3.9600.17095 (Windows 8.1 with KB2959626)