From 7ad8dcaad371cca98c381ecb8040790595e2766c Mon Sep 17 00:00:00 2001
From: JKornev <8bit.dosninja@gmail.com>
Date: Thu, 20 Dec 2018 02:54:24 +0300
Subject: [PATCH] Windows 10 path normalization fix

---
 Hidden/Helper.c | 2 ++
 Hidden/Helper.h | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/Hidden/Helper.c b/Hidden/Helper.c
index 00a03f2..50db0d0 100644
--- a/Hidden/Helper.c
+++ b/Hidden/Helper.c
@@ -207,6 +207,7 @@ NTSTATUS NormalizeDevicePath(PCUNICODE_STRING Path, PUNICODE_STRING Normalized)
 			return status;
 
 		// \Device\Harddisk0\Partition0\Windows -> \Device\Harddisk0\Partition0
+		// Win10: \Device\BootDevice\Windows -> \Device\BootDevice
 
 		winDir.Length = 0;
 		for (i = (resolvedLink.Length - sizeof(WCHAR)) / sizeof(WCHAR); i >= 0; i--)
@@ -222,6 +223,7 @@ NTSTATUS NormalizeDevicePath(PCUNICODE_STRING Path, PUNICODE_STRING Normalized)
 		}
 
 		// \Device\Harddisk0\Partition0 -> \Device\HarddiskVolume1
+		// Win10: \Device\BootDevice -> \Device\HarddiskVolume2
 
 		status = ResolveSymbolicLink(&resolvedLink, Normalized);
 		if (!NT_SUCCESS(status))
diff --git a/Hidden/Helper.h b/Hidden/Helper.h
index eb9abdb..51b8c1f 100644
--- a/Hidden/Helper.h
+++ b/Hidden/Helper.h
@@ -75,7 +75,7 @@ NTSTATUS QuerySystemInformation(SYSTEM_INFORMATION_CLASS Class, PVOID* InfoBuffe
 NTSTATUS QueryProcessInformation(PROCESSINFOCLASS Class, HANDLE ProcessId, PVOID* InfoBuffer, PSIZE_T InfoSize);
 VOID FreeInformation(PVOID Buffer);
 
-#define NORMALIZE_INCREAMENT (USHORT)128
+#define NORMALIZE_INCREAMENT (USHORT)0x200
 
 NTSTATUS NormalizeDevicePath(PCUNICODE_STRING Path, PUNICODE_STRING Normalized);