diff --git a/TitanEngine/TitanEngine.Handler.cpp b/TitanEngine/TitanEngine.Handler.cpp
index 7a5d767..3d1a20b 100644
--- a/TitanEngine/TitanEngine.Handler.cpp
+++ b/TitanEngine/TitanEngine.Handler.cpp
@@ -6,1085 +6,945 @@
 __declspec(dllexport) long TITCALL HandlerGetActiveHandleCount(DWORD ProcessId)
 {
 
-    int HandleCount = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	int HandleCount = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId)
-            {
-                HandleCount++;
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        return(HandleCount);
-    }
-    return(NULL);
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId)
+		{
+			HandleCount++;
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	return(HandleCount);
+
+	return(NULL);
 }
 __declspec(dllexport) bool TITCALL HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle)
 {
+	bool HandleActive = false;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
 
-    bool HandleActive = false;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
+		{
+			HandleActive = true;
+			break;
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	if(HandleActive)
+	{
+		return true;
+	}
 
-    if(ZwQuerySystemInformation != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
-            {
-                HandleActive = true;
-                break;
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        if(HandleActive)
-        {
-            return true;
-        }
-    }
-    return false;
+	return false;
 }
 __declspec(dllexport) void* TITCALL HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName)
 {
 
-    bool NameFound = false;
-    HANDLE myHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
-    LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
-    LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    LPVOID tmpHandleFullName = NULL;
+	bool NameFound = false;
+	HANDLE myHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
+	LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
+	LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	LPVOID tmpHandleFullName = NULL;
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
-                        cZwQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleFullName, 0x1000);
-                        if(pObjectNameInfo->Name.Length != NULL)
-                        {
-                            WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
-                            NameFound = true;
-                            if(TranslateName)
-                            {
-                                tmpHandleFullName = TranslateNativeName((char*)HandleFullName);
-                                if(tmpHandleFullName != NULL)
-                                {
-                                    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-                                    HandleFullName = tmpHandleFullName;
-                                }
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                        break;
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        if(!NameFound)
-        {
-            VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-            return(NULL);
-        }
-        else
-        {
-            return(HandleFullName);
-        }
-    }
-    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-    VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-    return(NULL);
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
+					NtQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleFullName, 0x1000);
+					if(pObjectNameInfo->Name.Length != NULL)
+					{
+						WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
+						NameFound = true;
+						if(TranslateName)
+						{
+							tmpHandleFullName = TranslateNativeName((char*)HandleFullName);
+							if(tmpHandleFullName != NULL)
+							{
+								VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+								HandleFullName = tmpHandleFullName;
+							}
+						}
+					}
+					EngineCloseHandle(myHandle);
+					break;
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	if(!NameFound)
+	{
+		VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+		return(NULL);
+	}
+	else
+	{
+		return(HandleFullName);
+	}
+
+	VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	return(NULL);
 }
 __declspec(dllexport) void* TITCALL HandlerGetHandleNameW(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName)
 {
 
-    bool NameFound = false;
-    HANDLE myHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
-    LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
-    LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    LPVOID tmpHandleFullName = NULL;
+	bool NameFound = false;
+	HANDLE myHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
+	LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
+	LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	LPVOID tmpHandleFullName = NULL;
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
-                        cZwQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleFullName, 0x1000);
-                        if(pObjectNameInfo->Name.Length != NULL)
-                        {
-                            //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
-                            NameFound = true;
-                            lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
-                            if(TranslateName)
-                            {
-                                tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
-                                if(tmpHandleFullName != NULL)
-                                {
-                                    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-                                    HandleFullName = tmpHandleFullName;
-                                }
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                        break;
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        if(!NameFound)
-        {
-            VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-            return(NULL);
-        }
-        else
-        {
-            return(HandleFullName);
-        }
-    }
-    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-    VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-    return(NULL);
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
+					NtQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleFullName, 0x1000);
+					if(pObjectNameInfo->Name.Length != NULL)
+					{
+						//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
+						NameFound = true;
+						lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
+						if(TranslateName)
+						{
+							tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
+							if(tmpHandleFullName != NULL)
+							{
+								VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+								HandleFullName = tmpHandleFullName;
+							}
+						}
+					}
+					EngineCloseHandle(myHandle);
+					break;
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	if(!NameFound)
+	{
+		VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+		return(NULL);
+	}
+	else
+	{
+		return(HandleFullName);
+	}
+
+	VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	return(NULL);
 }
 __declspec(dllexport) long TITCALL HandlerEnumerateOpenHandles(DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount)
 {
 
-    HANDLE myHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-    unsigned int HandleCount = NULL;
-    ULONG QuerySystemBufferSize = 0x2000;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	HANDLE myHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	unsigned int HandleCount = NULL;
+	ULONG QuerySystemBufferSize = 0x2000;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
 
-    if(ZwQuerySystemInformation != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId && HandleCount < MaxHandleCount)
-            {
-                myHandle = (HANDLE)HandleInfo->hHandle;
-                RtlMoveMemory(HandleBuffer, &myHandle, sizeof HANDLE);
-                HandleBuffer = (LPVOID)((ULONG_PTR)HandleBuffer + sizeof HANDLE);
-                HandleCount++;
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        return(HandleCount);
-    }
-    return(NULL);
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId && HandleCount < MaxHandleCount)
+		{
+			myHandle = (HANDLE)HandleInfo->hHandle;
+			RtlMoveMemory(HandleBuffer, &myHandle, sizeof HANDLE);
+			HandleBuffer = (LPVOID)((ULONG_PTR)HandleBuffer + sizeof HANDLE);
+			HandleCount++;
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	return(HandleCount);
+
+	return(NULL);
 }
 __declspec(dllexport) long long TITCALL HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn)
 {
 
-    HANDLE myHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
-    LPVOID HandleFullData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    LPVOID HandleNameData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)HandleFullData;
-    bool DontFreeStringMemory = false;
-    ULONG_PTR ReturnData = NULL;
+	HANDLE myHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
+	LPVOID HandleFullData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	LPVOID HandleNameData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)HandleFullData;
+	bool DontFreeStringMemory = false;
+	ULONG_PTR ReturnData = NULL;
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
-            {
-                if(DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                {
-                    RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
-                    cZwQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
-                    if(InformationReturn == UE_OPTION_HANDLER_RETURN_HANDLECOUNT)
-                    {
-                        ReturnData = (ULONG_PTR)ObjectBasicInfo.HandleCount;
-                    }
-                    else if(InformationReturn == UE_OPTION_HANDLER_RETURN_ACCESS)
-                    {
-                        ReturnData = (ULONG_PTR)HandleInfo->GrantedAccess;
-                    }
-                    else if(InformationReturn == UE_OPTION_HANDLER_RETURN_FLAGS)
-                    {
-                        ReturnData = (ULONG_PTR)HandleInfo->Flags;
-                    }
-                    else if(InformationReturn == UE_OPTION_HANDLER_RETURN_TYPENAME)
-                    {
-                        //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                        if(HandleInfo->GrantedAccess != 0x0012019F)
-                        {
-                            RtlZeroMemory(HandleFullData, 0x1000);
-                            cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
-                            cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
-                            RtlZeroMemory(HandleNameData, 0x1000);
-                            if(pObjectTypeInfo->TypeName.Length != NULL)
-                            {
-                                WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
-                                ReturnData = (ULONG_PTR)HandleNameData;
-                                DontFreeStringMemory = true;
-                            }
-                        }
-                    }
-                    else if(InformationReturn == UE_OPTION_HANDLER_RETURN_TYPENAME_UNICODE)
-                    {
-                        //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                        if(HandleInfo->GrantedAccess != 0x0012019F)
-                        {
-                            RtlZeroMemory(HandleFullData, 0x1000);
-                            cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
-                            cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
-                            RtlZeroMemory(HandleNameData, 0x1000);
-                            if(pObjectTypeInfo->TypeName.Length != NULL)
-                            {
-                                //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
-                                lstrcpyW((wchar_t*)HandleNameData, (wchar_t*)pObjectTypeInfo->TypeName.Buffer);
-                                ReturnData = (ULONG_PTR)HandleNameData;
-                                DontFreeStringMemory = true;
-                            }
-                        }
-                    }
-                    EngineCloseHandle(myHandle);
-                    break;
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        if(!DontFreeStringMemory)
-        {
-            VirtualFree(HandleNameData, NULL, MEM_RELEASE);
-        }
-        VirtualFree(HandleFullData, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        return(ReturnData);
-    }
-    if(!DontFreeStringMemory)
-    {
-        VirtualFree(HandleNameData, NULL, MEM_RELEASE);
-    }
-    VirtualFree(HandleFullData, NULL, MEM_RELEASE);
-    return(NULL);
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId && (HANDLE)HandleInfo->hHandle == hHandle)
+		{
+			if(DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+			{
+				RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
+				NtQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
+				if(InformationReturn == UE_OPTION_HANDLER_RETURN_HANDLECOUNT)
+				{
+					ReturnData = (ULONG_PTR)ObjectBasicInfo.HandleCount;
+				}
+				else if(InformationReturn == UE_OPTION_HANDLER_RETURN_ACCESS)
+				{
+					ReturnData = (ULONG_PTR)HandleInfo->GrantedAccess;
+				}
+				else if(InformationReturn == UE_OPTION_HANDLER_RETURN_FLAGS)
+				{
+					ReturnData = (ULONG_PTR)HandleInfo->Flags;
+				}
+				else if(InformationReturn == UE_OPTION_HANDLER_RETURN_TYPENAME)
+				{
+					//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+					if(HandleInfo->GrantedAccess != 0x0012019F)
+					{
+						RtlZeroMemory(HandleFullData, 0x1000);
+						NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
+						NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
+						RtlZeroMemory(HandleNameData, 0x1000);
+						if(pObjectTypeInfo->TypeName.Length != NULL)
+						{
+							WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
+							ReturnData = (ULONG_PTR)HandleNameData;
+							DontFreeStringMemory = true;
+						}
+					}
+				}
+				else if(InformationReturn == UE_OPTION_HANDLER_RETURN_TYPENAME_UNICODE)
+				{
+					//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+					if(HandleInfo->GrantedAccess != 0x0012019F)
+					{
+						RtlZeroMemory(HandleFullData, 0x1000);
+						NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
+						NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
+						RtlZeroMemory(HandleNameData, 0x1000);
+						if(pObjectTypeInfo->TypeName.Length != NULL)
+						{
+							//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
+							lstrcpyW((wchar_t*)HandleNameData, (wchar_t*)pObjectTypeInfo->TypeName.Buffer);
+							ReturnData = (ULONG_PTR)HandleNameData;
+							DontFreeStringMemory = true;
+						}
+					}
+				}
+				EngineCloseHandle(myHandle);
+				break;
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	if(!DontFreeStringMemory)
+	{
+		VirtualFree(HandleNameData, NULL, MEM_RELEASE);
+	}
+	VirtualFree(HandleFullData, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	return(ReturnData);
+
+	if(!DontFreeStringMemory)
+	{
+		VirtualFree(HandleNameData, NULL, MEM_RELEASE);
+	}
+	VirtualFree(HandleFullData, NULL, MEM_RELEASE);
+	return(NULL);
 }
 __declspec(dllexport) bool TITCALL HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle)
 {
 
-    HANDLE myHandle;
+	HANDLE myHandle;
 
-    if(hProcess != NULL)
-    {
-        DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_CLOSE_SOURCE);
-        EngineCloseHandle(myHandle);
-    }
-    return false;
+	if(hProcess != NULL)
+	{
+		DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_CLOSE_SOURCE);
+		EngineCloseHandle(myHandle);
+	}
+	return false;
 }
 __declspec(dllexport) long TITCALL HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount)
 {
 
-    wchar_t uniFileOrFolderName[MAX_PATH] = {};
+	wchar_t uniFileOrFolderName[MAX_PATH] = {};
 
-    if(szFileOrFolderName != NULL)
-    {
-        MultiByteToWideChar(CP_ACP, NULL, szFileOrFolderName, lstrlenA(szFileOrFolderName)+1, uniFileOrFolderName, sizeof(uniFileOrFolderName)/(sizeof(uniFileOrFolderName[0])));
-        return(HandlerEnumerateLockHandlesW(uniFileOrFolderName, NameIsFolder, NameIsTranslated, HandleDataBuffer, MaxHandleCount));
-    }
-    else
-    {
-        return(NULL);
-    }
+	if(szFileOrFolderName != NULL)
+	{
+		MultiByteToWideChar(CP_ACP, NULL, szFileOrFolderName, lstrlenA(szFileOrFolderName)+1, uniFileOrFolderName, sizeof(uniFileOrFolderName)/(sizeof(uniFileOrFolderName[0])));
+		return(HandlerEnumerateLockHandlesW(uniFileOrFolderName, NameIsFolder, NameIsTranslated, HandleDataBuffer, MaxHandleCount));
+	}
+	else
+	{
+		return(NULL);
+	}
 }
 __declspec(dllexport) long TITCALL HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount)
 {
 
-    int FoundHandles = NULL;
-    HANDLE hProcess = NULL;
-    HANDLE myHandle = NULL;
-    HANDLE CopyHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-    DWORD LastProcessId = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
-    LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
-    LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    int LenFileOrFolderName = lstrlenW(szFileOrFolderName);
-    LPVOID tmpHandleFullName = NULL;
+	int FoundHandles = NULL;
+	HANDLE hProcess = NULL;
+	HANDLE myHandle = NULL;
+	HANDLE CopyHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	DWORD LastProcessId = NULL;
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(LastProcessId != HandleInfo->ProcessId)
-            {
-                if(hProcess != NULL)
-                {
-                    EngineCloseHandle(hProcess);
-                }
-                hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
-                LastProcessId = HandleInfo->ProcessId;
-            }
-            if(hProcess != NULL)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
-                        cZwQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleFullName, 0x1000);
-                        if(pObjectNameInfo->Name.Length != NULL)
-                        {
-                            //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
-                            lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
-                            if(NameIsTranslated)
-                            {
-                                tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
-                                if(tmpHandleFullName != NULL)
-                                {
-                                    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-                                    HandleFullName = tmpHandleFullName;
-                                }
-                            }
-                            if(NameIsFolder)
-                            {
-                                if(lstrlenW((LPCWSTR)HandleFullName) > LenFileOrFolderName)
-                                {
-                                    RtlZeroMemory((LPVOID)((ULONG_PTR)HandleFullName + LenFileOrFolderName * 2), 2);
-                                }
-                            }
-                            if(lstrcmpiW((LPCWSTR)HandleFullName, szFileOrFolderName) == NULL && MaxHandleCount > NULL)
-                            {
-                                RtlMoveMemory(HandleDataBuffer, &HandleInfo->ProcessId, sizeof ULONG);
-                                HandleDataBuffer = (LPVOID)((ULONG_PTR)HandleDataBuffer + sizeof ULONG);
-                                CopyHandle = (HANDLE)HandleInfo->hHandle;
-                                RtlMoveMemory(HandleDataBuffer, &CopyHandle, sizeof HANDLE);
-                                HandleDataBuffer = (LPVOID)((ULONG_PTR)HandleDataBuffer + sizeof HANDLE);
-                                FoundHandles++;
-                                MaxHandleCount--;
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-        return(FoundHandles);
-    }
-    VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-    return(NULL);
+
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
+	LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
+	LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	int LenFileOrFolderName = lstrlenW(szFileOrFolderName);
+	LPVOID tmpHandleFullName = NULL;
+
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(LastProcessId != HandleInfo->ProcessId)
+		{
+			if(hProcess != NULL)
+			{
+				EngineCloseHandle(hProcess);
+			}
+			hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
+			LastProcessId = HandleInfo->ProcessId;
+		}
+		if(hProcess != NULL)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
+					NtQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleFullName, 0x1000);
+					if(pObjectNameInfo->Name.Length != NULL)
+					{
+						//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
+						lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
+						if(NameIsTranslated)
+						{
+							tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
+							if(tmpHandleFullName != NULL)
+							{
+								VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+								HandleFullName = tmpHandleFullName;
+							}
+						}
+						if(NameIsFolder)
+						{
+							if(lstrlenW((LPCWSTR)HandleFullName) > LenFileOrFolderName)
+							{
+								RtlZeroMemory((LPVOID)((ULONG_PTR)HandleFullName + LenFileOrFolderName * 2), 2);
+							}
+						}
+						if(lstrcmpiW((LPCWSTR)HandleFullName, szFileOrFolderName) == NULL && MaxHandleCount > NULL)
+						{
+							RtlMoveMemory(HandleDataBuffer, &HandleInfo->ProcessId, sizeof ULONG);
+							HandleDataBuffer = (LPVOID)((ULONG_PTR)HandleDataBuffer + sizeof ULONG);
+							CopyHandle = (HANDLE)HandleInfo->hHandle;
+							RtlMoveMemory(HandleDataBuffer, &CopyHandle, sizeof HANDLE);
+							HandleDataBuffer = (LPVOID)((ULONG_PTR)HandleDataBuffer + sizeof HANDLE);
+							FoundHandles++;
+							MaxHandleCount--;
+						}
+					}
+					EngineCloseHandle(myHandle);
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+	return(FoundHandles);
 }
 __declspec(dllexport) bool TITCALL HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated)
 {
 
-    wchar_t uniFileOrFolderName[MAX_PATH] = {};
+	wchar_t uniFileOrFolderName[MAX_PATH] = {};
 
-    if(szFileOrFolderName != NULL)
-    {
-        MultiByteToWideChar(CP_ACP, NULL, szFileOrFolderName, lstrlenA(szFileOrFolderName)+1, uniFileOrFolderName, sizeof(uniFileOrFolderName)/(sizeof(uniFileOrFolderName[0])));
-        return(HandlerCloseAllLockHandlesW(uniFileOrFolderName, NameIsFolder, NameIsTranslated));
-    }
-    else
-    {
-        return false;
-    }
+	if(szFileOrFolderName != NULL)
+	{
+		MultiByteToWideChar(CP_ACP, NULL, szFileOrFolderName, lstrlenA(szFileOrFolderName)+1, uniFileOrFolderName, sizeof(uniFileOrFolderName)/(sizeof(uniFileOrFolderName[0])));
+		return(HandlerCloseAllLockHandlesW(uniFileOrFolderName, NameIsFolder, NameIsTranslated));
+	}
+	else
+	{
+		return false;
+	}
 }
 __declspec(dllexport) bool TITCALL HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated)
 {
 
-    bool AllHandled = true;
-    HANDLE hProcess = NULL;
-    HANDLE myHandle = NULL;
-    HANDLE CopyHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-    DWORD LastProcessId = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
-    LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
-    LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    int LenFileOrFolderName = lstrlenW(szFileOrFolderName);
-    LPVOID tmpHandleFullName = NULL;
+	bool AllHandled = true;
+	HANDLE hProcess = NULL;
+	HANDLE myHandle = NULL;
+	HANDLE CopyHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	DWORD LastProcessId = NULL;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
+	LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
+	LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	int LenFileOrFolderName = lstrlenW(szFileOrFolderName);
+	LPVOID tmpHandleFullName = NULL;
+
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(LastProcessId != HandleInfo->ProcessId)
+		{
+			if(hProcess != NULL)
+			{
+				EngineCloseHandle(hProcess);
+			}
+			hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
+			LastProcessId = HandleInfo->ProcessId;
+		}
+		if(hProcess != NULL)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
+					NtQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleFullName, 0x1000);
+					if(pObjectNameInfo->Name.Length != NULL)
+					{
+						//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
+						lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
+						if(NameIsTranslated)
+						{
+							tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
+							if(tmpHandleFullName != NULL)
+							{
+								VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+								HandleFullName = tmpHandleFullName;
+							}
+						}
+						if(NameIsFolder)
+						{
+							if(lstrlenW((LPCWSTR)HandleFullName) > LenFileOrFolderName)
+							{
+								RtlZeroMemory((LPVOID)((ULONG_PTR)HandleFullName + LenFileOrFolderName * 2), 2);
+							}
+						}
+						if(lstrcmpiW((LPCWSTR)HandleFullName, szFileOrFolderName) == NULL)
+						{
+							if(!HandlerCloseRemoteHandle(hProcess, (HANDLE)HandleInfo->hHandle))
+							{
+								AllHandled = false;
+							}
+						}
+					}
+					EngineCloseHandle(myHandle);
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+	if(AllHandled)
+	{
+		return true;
+	}
+	else
+	{
+		return false;
+	}
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(LastProcessId != HandleInfo->ProcessId)
-            {
-                if(hProcess != NULL)
-                {
-                    EngineCloseHandle(hProcess);
-                }
-                hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
-                LastProcessId = HandleInfo->ProcessId;
-            }
-            if(hProcess != NULL)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
-                        cZwQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleFullName, 0x1000);
-                        if(pObjectNameInfo->Name.Length != NULL)
-                        {
-                            //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
-                            lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
-                            if(NameIsTranslated)
-                            {
-                                tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
-                                if(tmpHandleFullName != NULL)
-                                {
-                                    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-                                    HandleFullName = tmpHandleFullName;
-                                }
-                            }
-                            if(NameIsFolder)
-                            {
-                                if(lstrlenW((LPCWSTR)HandleFullName) > LenFileOrFolderName)
-                                {
-                                    RtlZeroMemory((LPVOID)((ULONG_PTR)HandleFullName + LenFileOrFolderName * 2), 2);
-                                }
-                            }
-                            if(lstrcmpiW((LPCWSTR)HandleFullName, szFileOrFolderName) == NULL)
-                            {
-                                if(!HandlerCloseRemoteHandle(hProcess, (HANDLE)HandleInfo->hHandle))
-                                {
-                                    AllHandled = false;
-                                }
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-        if(AllHandled)
-        {
-            return true;
-        }
-        else
-        {
-            return false;
-        }
-    }
-    VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-    return false;
 }
 __declspec(dllexport) bool TITCALL HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated)
 {
 
-    wchar_t uniFileOrFolderName[MAX_PATH] = {};
+	wchar_t uniFileOrFolderName[MAX_PATH] = {};
 
-    if(szFileOrFolderName != NULL)
-    {
-        MultiByteToWideChar(CP_ACP, NULL, szFileOrFolderName, lstrlenA(szFileOrFolderName)+1, uniFileOrFolderName, sizeof(uniFileOrFolderName)/(sizeof(uniFileOrFolderName[0])));
-        return(HandlerIsFileLockedW(uniFileOrFolderName, NameIsFolder, NameIsTranslated));
-    }
-    else
-    {
-        return false;
-    }
+	if(szFileOrFolderName != NULL)
+	{
+		MultiByteToWideChar(CP_ACP, NULL, szFileOrFolderName, lstrlenA(szFileOrFolderName)+1, uniFileOrFolderName, sizeof(uniFileOrFolderName)/(sizeof(uniFileOrFolderName[0])));
+		return(HandlerIsFileLockedW(uniFileOrFolderName, NameIsFolder, NameIsTranslated));
+	}
+	else
+	{
+		return false;
+	}
 }
 __declspec(dllexport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated)
 {
 
-    HANDLE hProcess = NULL;
-    HANDLE myHandle = NULL;
-    HANDLE CopyHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG QuerySystemBufferSize = 0x2000;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-    DWORD LastProcessId = NULL;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
-    LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
-    LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    int LenFileOrFolderName = lstrlenW(szFileOrFolderName);
-    LPVOID tmpHandleFullName = NULL;
+	HANDLE hProcess = NULL;
+	HANDLE myHandle = NULL;
+	HANDLE CopyHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG QuerySystemBufferSize = 0x2000;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	DWORD LastProcessId = NULL;
+
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	PUBLIC_OBJECT_BASIC_INFORMATION ObjectBasicInfo;
+	LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
+	LPVOID HandleFullName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	int LenFileOrFolderName = lstrlenW(szFileOrFolderName);
+	LPVOID tmpHandleFullName = NULL;
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(LastProcessId != HandleInfo->ProcessId)
+		{
+			if(hProcess != NULL)
+			{
+				EngineCloseHandle(hProcess);
+			}
+			hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
+			LastProcessId = HandleInfo->ProcessId;
+		}
+		if(hProcess != NULL)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
+					NtQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleFullName, 0x1000);
+					if(pObjectNameInfo->Name.Length != NULL)
+					{
+						//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
+						lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
+						if(NameIsTranslated)
+						{
+							tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
+							if(tmpHandleFullName != NULL)
+							{
+								VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+								HandleFullName = tmpHandleFullName;
+							}
+						}
+						if(NameIsFolder)
+						{
+							if(lstrlenW((LPCWSTR)HandleFullName) > LenFileOrFolderName)
+							{
+								RtlZeroMemory((LPVOID)((ULONG_PTR)HandleFullName + LenFileOrFolderName * 2), 2);
+							}
+						}
+						if(lstrcmpiW((LPCWSTR)HandleFullName, szFileOrFolderName) == NULL)
+						{
+							VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+							VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+							VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+							EngineCloseHandle(myHandle);
+							return true;
+						}
+					}
+					EngineCloseHandle(myHandle);
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	VirtualFree(HandleFullName, NULL, MEM_RELEASE);
+	return false;
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(LastProcessId != HandleInfo->ProcessId)
-            {
-                if(hProcess != NULL)
-                {
-                    EngineCloseHandle(hProcess);
-                }
-                hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
-                LastProcessId = HandleInfo->ProcessId;
-            }
-            if(hProcess != NULL)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(&ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION);
-                        cZwQueryObject(myHandle, ObjectBasicInformation, &ObjectBasicInfo, sizeof PUBLIC_OBJECT_BASIC_INFORMATION, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleFullName, 0x1000);
-                        if(pObjectNameInfo->Name.Length != NULL)
-                        {
-                            //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleFullName, 0x1000, NULL, NULL);
-                            lstrcpyW((wchar_t*)HandleFullName, (wchar_t*)pObjectNameInfo->Name.Buffer);
-                            if(NameIsTranslated)
-                            {
-                                tmpHandleFullName = TranslateNativeNameW((wchar_t*)HandleFullName);
-                                if(tmpHandleFullName != NULL)
-                                {
-                                    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-                                    HandleFullName = tmpHandleFullName;
-                                }
-                            }
-                            if(NameIsFolder)
-                            {
-                                if(lstrlenW((LPCWSTR)HandleFullName) > LenFileOrFolderName)
-                                {
-                                    RtlZeroMemory((LPVOID)((ULONG_PTR)HandleFullName + LenFileOrFolderName * 2), 2);
-                                }
-                            }
-                            if(lstrcmpiW((LPCWSTR)HandleFullName, szFileOrFolderName) == NULL)
-                            {
-                                VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-                                VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-                                VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-                                EngineCloseHandle(myHandle);
-                                return true;
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-        return false;
-    }
-    VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-    VirtualFree(HandleFullName, NULL, MEM_RELEASE);
-    return false;
 }
 // TitanEngine.Handler[Mutex].functions:
 __declspec(dllexport) long TITCALL HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount)
 {
 
-    HANDLE myHandle = NULL;
-    HANDLE copyHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG RequiredSize = NULL;
-    ULONG TotalHandleCount = NULL;
-    unsigned int HandleCount = NULL;
-    ULONG QuerySystemBufferSize = 0x2000;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    LPVOID HandleFullData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    LPVOID HandleNameData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)HandleFullData;
+	HANDLE myHandle = NULL;
+	HANDLE copyHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG RequiredSize = NULL;
+	ULONG TotalHandleCount = NULL;
+	unsigned int HandleCount = NULL;
+	ULONG QuerySystemBufferSize = 0x2000;
+
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	LPVOID HandleFullData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	LPVOID HandleNameData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)HandleFullData;
+
+
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(HandleInfo->ProcessId == ProcessId && HandleCount < MaxHandleCount)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(HandleFullData, 0x1000);
+					NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleNameData, 0x1000);
+					if(pObjectTypeInfo->TypeName.Length != NULL)
+					{
+						WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
+						if(lstrcmpiA((LPCSTR)HandleNameData, "Mutant") == NULL)
+						{
+							copyHandle = (HANDLE)HandleInfo->hHandle;
+							RtlMoveMemory(HandleBuffer, &copyHandle, sizeof HANDLE);
+							HandleBuffer = (LPVOID)((ULONG_PTR)HandleBuffer + sizeof HANDLE);
+							HandleCount++;
+						}
+					}
+					EngineCloseHandle(myHandle);
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(HandleFullData, NULL, MEM_RELEASE);
+	VirtualFree(HandleNameData, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	return(HandleCount);
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(HandleInfo->ProcessId == ProcessId && HandleCount < MaxHandleCount)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(HandleFullData, 0x1000);
-                        cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleNameData, 0x1000);
-                        if(pObjectTypeInfo->TypeName.Length != NULL)
-                        {
-                            WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
-                            if(lstrcmpiA((LPCSTR)HandleNameData, "Mutant") == NULL)
-                            {
-                                copyHandle = (HANDLE)HandleInfo->hHandle;
-                                RtlMoveMemory(HandleBuffer, &copyHandle, sizeof HANDLE);
-                                HandleBuffer = (LPVOID)((ULONG_PTR)HandleBuffer + sizeof HANDLE);
-                                HandleCount++;
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(HandleFullData, NULL, MEM_RELEASE);
-        VirtualFree(HandleNameData, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        return(HandleCount);
-    }
-    VirtualFree(HandleFullData, NULL, MEM_RELEASE);
-    VirtualFree(HandleNameData, NULL, MEM_RELEASE);
-    return(NULL);
 }
 __declspec(dllexport) long long TITCALL HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString)
 {
 
-    wchar_t uniMutexString[MAX_PATH] = {};
+	wchar_t uniMutexString[MAX_PATH] = {};
 
-    if(szMutexString != NULL)
-    {
-        MultiByteToWideChar(CP_ACP, NULL, szMutexString, lstrlenA(szMutexString)+1, uniMutexString, sizeof(uniMutexString)/(sizeof(uniMutexString[0])));
-        return((ULONG_PTR)HandlerGetOpenMutexHandleW(hProcess, ProcessId, uniMutexString));
-    }
-    else
-    {
-        return(NULL);
-    }
+	if(szMutexString != NULL)
+	{
+		MultiByteToWideChar(CP_ACP, NULL, szMutexString, lstrlenA(szMutexString)+1, uniMutexString, sizeof(uniMutexString)/(sizeof(uniMutexString[0])));
+		return((ULONG_PTR)HandlerGetOpenMutexHandleW(hProcess, ProcessId, uniMutexString));
+	}
+	else
+	{
+		return(NULL);
+	}
 }
 __declspec(dllexport) long long TITCALL HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString)
 {
-    if(!szMutexString || lstrlenW(szMutexString)>=512)
-        return 0;
-    int i;
-    HANDLE myHandle;
-    LPVOID HandleBuffer = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    LPVOID cHandleBuffer = HandleBuffer;
-    int OpenHandleCount = HandlerEnumerateOpenMutexes(hProcess, ProcessId, HandleBuffer, 0x1000 / sizeof HANDLE);
-    wchar_t RealMutexName[512] = L"\\BaseNamedObjects\\";
-    wchar_t* HandleName;
+	if(!szMutexString || lstrlenW(szMutexString)>=512)
+		return 0;
+	int i;
+	HANDLE myHandle;
+	LPVOID HandleBuffer = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	LPVOID cHandleBuffer = HandleBuffer;
+	int OpenHandleCount = HandlerEnumerateOpenMutexes(hProcess, ProcessId, HandleBuffer, 0x1000 / sizeof HANDLE);
+	wchar_t RealMutexName[512] = L"\\BaseNamedObjects\\";
+	wchar_t* HandleName;
 
-    if(OpenHandleCount > NULL)
-    {
-        lstrcatW(RealMutexName, szMutexString);
-        for(i = 0; i < OpenHandleCount; i++)
-        {
-            RtlMoveMemory(&myHandle, cHandleBuffer, sizeof HANDLE);
-            HandleName = (wchar_t*)HandlerGetHandleNameW(hProcess, ProcessId, myHandle, true);
-            if(HandleName != NULL)
-            {
-                if(lstrcmpiW(HandleName, RealMutexName) == NULL)
-                {
-                    VirtualFree(HandleBuffer, NULL, MEM_RELEASE);
-                    return((ULONG_PTR)myHandle);
-                }
-            }
-            cHandleBuffer = (LPVOID)((ULONG_PTR)cHandleBuffer + sizeof HANDLE);
-        }
-    }
-    VirtualFree(HandleBuffer, NULL, MEM_RELEASE);
-    return(NULL);
+	if(OpenHandleCount > NULL)
+	{
+		lstrcatW(RealMutexName, szMutexString);
+		for(i = 0; i < OpenHandleCount; i++)
+		{
+			RtlMoveMemory(&myHandle, cHandleBuffer, sizeof HANDLE);
+			HandleName = (wchar_t*)HandlerGetHandleNameW(hProcess, ProcessId, myHandle, true);
+			if(HandleName != NULL)
+			{
+				if(lstrcmpiW(HandleName, RealMutexName) == NULL)
+				{
+					VirtualFree(HandleBuffer, NULL, MEM_RELEASE);
+					return((ULONG_PTR)myHandle);
+				}
+			}
+			cHandleBuffer = (LPVOID)((ULONG_PTR)cHandleBuffer + sizeof HANDLE);
+		}
+	}
+	VirtualFree(HandleBuffer, NULL, MEM_RELEASE);
+	return(NULL);
 }
 __declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutex(char* szMutexString)
 {
 
-    wchar_t uniMutexString[MAX_PATH] = {};
+	wchar_t uniMutexString[MAX_PATH] = {};
 
-    if(szMutexString != NULL)
-    {
-        MultiByteToWideChar(CP_ACP, NULL, szMutexString, lstrlenA(szMutexString)+1, uniMutexString, sizeof(uniMutexString)/(sizeof(uniMutexString[0])));
-        return(HandlerGetProcessIdWhichCreatedMutexW(uniMutexString));
-    }
-    else
-    {
-        return(NULL);
-    }
+	if(szMutexString != NULL)
+	{
+		MultiByteToWideChar(CP_ACP, NULL, szMutexString, lstrlenA(szMutexString)+1, uniMutexString, sizeof(uniMutexString)/(sizeof(uniMutexString[0])));
+		return(HandlerGetProcessIdWhichCreatedMutexW(uniMutexString));
+	}
+	else
+	{
+		return(NULL);
+	}
 }
 __declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString)
 {
-    if(!szMutexString || lstrlenW(szMutexString)>=512)
-        return 0;
-    HANDLE hProcess = NULL;
-    DWORD ReturnData = NULL;
-    HANDLE myHandle = NULL;
-    LPVOID QuerySystemBuffer;
-    ULONG RequiredSize = NULL;
-    DWORD LastProcessId = NULL;
-    ULONG TotalHandleCount = NULL;
-    ULONG QuerySystemBufferSize = 0x2000;
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(WINAPI *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwQuerySystemInformation)(DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-    typedef NTSTATUS(__fastcall *fZwQueryObject)(HANDLE hObject, DWORD fInfoType, LPVOID fBuffer, ULONG fBufferSize, PULONG fRequiredSize);
-#endif
-    LPVOID ZwQuerySystemInformation = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQuerySystemInformation");
-    LPVOID ZwQueryObject = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwQueryObject");
-    fZwQuerySystemInformation cZwQuerySystemInformation = (fZwQuerySystemInformation)(ZwQuerySystemInformation);
-    fZwQueryObject cZwQueryObject = (fZwQueryObject)(ZwQueryObject);
-    PNTDLL_QUERY_HANDLE_INFO HandleInfo;
-    LPVOID HandleFullData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    LPVOID HandleNameData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)HandleFullData;
-    LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
-    PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
-    wchar_t RealMutexName[512] = L"\\BaseNamedObjects\\";
+	if(!szMutexString || lstrlenW(szMutexString)>=512)
+		return 0;
+	HANDLE hProcess = NULL;
+	DWORD ReturnData = NULL;
+	HANDLE myHandle = NULL;
+	LPVOID QuerySystemBuffer;
+	ULONG RequiredSize = NULL;
+	DWORD LastProcessId = NULL;
+	ULONG TotalHandleCount = NULL;
+	ULONG QuerySystemBufferSize = 0x2000;
+	PNTDLL_QUERY_HANDLE_INFO HandleInfo;
+	LPVOID HandleFullData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	LPVOID HandleNameData = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)HandleFullData;
+	LPVOID ObjectNameInfo = VirtualAlloc(NULL, 0x2000, MEM_COMMIT, PAGE_READWRITE);
+	PPUBLIC_OBJECT_NAME_INFORMATION pObjectNameInfo = (PPUBLIC_OBJECT_NAME_INFORMATION)ObjectNameInfo;
+	wchar_t RealMutexName[512] = L"\\BaseNamedObjects\\";
+
+
+	lstrcatW(RealMutexName, szMutexString);
+	QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	while(NtQuerySystemInformation(SystemHandleInformation, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
+	{
+		QuerySystemBufferSize = RequiredSize;
+		VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+		QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
+	}
+	RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
+	QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
+	HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
+	while(TotalHandleCount > NULL)
+	{
+		if(LastProcessId != HandleInfo->ProcessId)
+		{
+			if(hProcess != NULL)
+			{
+				EngineCloseHandle(hProcess);
+			}
+			hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
+			LastProcessId = HandleInfo->ProcessId;
+		}
+		if(hProcess != NULL)
+		{
+			//if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
+			if(HandleInfo->GrantedAccess != 0x0012019F)
+			{
+				if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
+				{
+					RtlZeroMemory(HandleFullData, 0x1000);
+					NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
+					NtQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
+					RtlZeroMemory(HandleNameData, 0x1000);
+					if(pObjectTypeInfo->TypeName.Length != NULL)
+					{
+						//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
+						lstrcpyW((wchar_t*)HandleNameData, (wchar_t*)pObjectNameInfo->Name.Buffer);
+						if(lstrcmpiW((LPCWSTR)HandleNameData, L"Mutant") == NULL)
+						{
+							NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
+							NtQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
+							RtlZeroMemory(HandleNameData, 0x1000);
+							if(pObjectNameInfo->Name.Length != NULL)
+							{
+								RtlZeroMemory(HandleNameData, 0x1000);
+								//WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
+								lstrcpyW((wchar_t*)HandleNameData, (wchar_t*)pObjectNameInfo->Name.Buffer);
+								if(lstrcmpiW((LPCWSTR)HandleNameData, RealMutexName) == NULL)
+								{
+									ReturnData = HandleInfo->ProcessId;
+									break;
+								}
+							}
+						}
+					}
+					EngineCloseHandle(myHandle);
+				}
+			}
+		}
+		HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
+		TotalHandleCount--;
+	}
+	VirtualFree(HandleFullData, NULL, MEM_RELEASE);
+	VirtualFree(HandleNameData, NULL, MEM_RELEASE);
+	VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
+	VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
+	return(ReturnData);
 
-    if(ZwQuerySystemInformation != NULL && ZwQueryObject != NULL)
-    {
-        lstrcatW(RealMutexName, szMutexString);
-        QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        while(cZwQuerySystemInformation(NTDLL_SystemHandleInfo, QuerySystemBuffer, QuerySystemBufferSize, &RequiredSize) == (NTSTATUS)0xC0000004L)
-        {
-            QuerySystemBufferSize = RequiredSize;
-            VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-            QuerySystemBuffer = VirtualAlloc(NULL, QuerySystemBufferSize, MEM_COMMIT, PAGE_READWRITE);
-        }
-        RtlMoveMemory(&TotalHandleCount, QuerySystemBuffer, sizeof ULONG);
-        QuerySystemBuffer = (LPVOID)((ULONG_PTR)QuerySystemBuffer + 4);
-        HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)QuerySystemBuffer;
-        while(TotalHandleCount > NULL)
-        {
-            if(LastProcessId != HandleInfo->ProcessId)
-            {
-                if(hProcess != NULL)
-                {
-                    EngineCloseHandle(hProcess);
-                }
-                hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE, false, HandleInfo->ProcessId);
-                LastProcessId = HandleInfo->ProcessId;
-            }
-            if(hProcess != NULL)
-            {
-                //if(!(HandleInfo->GrantedAccess & SYNCHRONIZE) || ((HandleInfo->GrantedAccess & SYNCHRONIZE) && ((WORD)HandleInfo->GrantedAccess != 0x19F9))){// && (WORD)HandleInfo->GrantedAccess != 0x89))){
-                if(HandleInfo->GrantedAccess != 0x0012019F)
-                {
-                    if(DuplicateHandle(hProcess, (HANDLE)HandleInfo->hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_SAME_ACCESS))
-                    {
-                        RtlZeroMemory(HandleFullData, 0x1000);
-                        cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, 8, &RequiredSize);
-                        cZwQueryObject(myHandle, ObjectTypeInformation, HandleFullData, RequiredSize, &RequiredSize);
-                        RtlZeroMemory(HandleNameData, 0x1000);
-                        if(pObjectTypeInfo->TypeName.Length != NULL)
-                        {
-                            //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectTypeInfo->TypeName.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
-                            lstrcpyW((wchar_t*)HandleNameData, (wchar_t*)pObjectNameInfo->Name.Buffer);
-                            if(lstrcmpiW((LPCWSTR)HandleNameData, L"Mutant") == NULL)
-                            {
-                                cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, 8, &RequiredSize);
-                                cZwQueryObject(myHandle, ObjectNameInformation, ObjectNameInfo, RequiredSize, &RequiredSize);
-                                RtlZeroMemory(HandleNameData, 0x1000);
-                                if(pObjectNameInfo->Name.Length != NULL)
-                                {
-                                    RtlZeroMemory(HandleNameData, 0x1000);
-                                    //WideCharToMultiByte(CP_ACP, NULL, (LPCWSTR)pObjectNameInfo->Name.Buffer, -1, (LPSTR)HandleNameData, 0x1000, NULL, NULL);
-                                    lstrcpyW((wchar_t*)HandleNameData, (wchar_t*)pObjectNameInfo->Name.Buffer);
-                                    if(lstrcmpiW((LPCWSTR)HandleNameData, RealMutexName) == NULL)
-                                    {
-                                        ReturnData = HandleInfo->ProcessId;
-                                        break;
-                                    }
-                                }
-                            }
-                        }
-                        EngineCloseHandle(myHandle);
-                    }
-                }
-            }
-            HandleInfo = (PNTDLL_QUERY_HANDLE_INFO)((ULONG_PTR)HandleInfo + sizeof NTDLL_QUERY_HANDLE_INFO);
-            TotalHandleCount--;
-        }
-        VirtualFree(HandleFullData, NULL, MEM_RELEASE);
-        VirtualFree(HandleNameData, NULL, MEM_RELEASE);
-        VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-        VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE);
-        return(ReturnData);
-    }
-    VirtualFree(HandleFullData, NULL, MEM_RELEASE);
-    VirtualFree(HandleNameData, NULL, MEM_RELEASE);
-    VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE);
-    return(NULL);
 }
diff --git a/TitanEngine/TitanEngine.Hider.cpp b/TitanEngine/TitanEngine.Hider.cpp
index 8e32a6f..36a0e1c 100644
--- a/TitanEngine/TitanEngine.Hider.cpp
+++ b/TitanEngine/TitanEngine.Hider.cpp
@@ -5,33 +5,28 @@
 // TitanEngine.Hider.functions:
 __declspec(dllexport) void* TITCALL GetPEBLocation(HANDLE hProcess)
 {
-    typedef NTSTATUS(WINAPI *fNtQueryInformationProcess)(HANDLE ProcessHandle, PROCESSINFOCLASS ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength);
-    ULONG RequiredLen = 0;
-    void * PebAddress = 0;
-    PPROCESS_BASIC_INFORMATION myProcessBasicInformation = (PPROCESS_BASIC_INFORMATION)VirtualAlloc(NULL, sizeof(PROCESS_BASIC_INFORMATION) * 4, MEM_COMMIT|MEM_RESERVE, PAGE_READWRITE);
+	ULONG RequiredLen = 0;
+	void * PebAddress = 0;
+	PPROCESS_BASIC_INFORMATION myProcessBasicInformation = (PPROCESS_BASIC_INFORMATION)VirtualAlloc(NULL, sizeof(PROCESS_BASIC_INFORMATION) * 4, MEM_COMMIT|MEM_RESERVE, PAGE_READWRITE);
 
-    if(!myProcessBasicInformation)
-        return 0;
+	if(!myProcessBasicInformation)
+		return 0;
 
-    fNtQueryInformationProcess cNtQueryInformationProcess = (fNtQueryInformationProcess)GetProcAddress(GetModuleHandleA("ntdll.dll"),"NtQueryInformationProcess");
+	if(NtQueryInformationProcess(hProcess, ProcessBasicInformation, myProcessBasicInformation, sizeof(PROCESS_BASIC_INFORMATION), &RequiredLen) == STATUS_SUCCESS)
+	{
+		PebAddress = (void*)myProcessBasicInformation->PebBaseAddress;
+	}
+	else
+	{
+		if(NtQueryInformationProcess(hProcess, ProcessBasicInformation, myProcessBasicInformation, RequiredLen, &RequiredLen) == STATUS_SUCCESS)
+		{
+			PebAddress = (void*)myProcessBasicInformation->PebBaseAddress;
+		}
+	}
 
-    if(cNtQueryInformationProcess != NULL)
-    {
-        if(cNtQueryInformationProcess(hProcess, ProcessBasicInformation, myProcessBasicInformation, sizeof(PROCESS_BASIC_INFORMATION), &RequiredLen) == STATUS_SUCCESS)
-        {
-            PebAddress = (void*)myProcessBasicInformation->PebBaseAddress;
-        }
-        else
-        {
-            if(cNtQueryInformationProcess(hProcess, ProcessBasicInformation, myProcessBasicInformation, RequiredLen, &RequiredLen) == STATUS_SUCCESS)
-            {
-                PebAddress = (void*)myProcessBasicInformation->PebBaseAddress;
-            }
-        }
-    }
 
-    VirtualFree(myProcessBasicInformation, 0, MEM_RELEASE);
-    return PebAddress;
+	VirtualFree(myProcessBasicInformation, 0, MEM_RELEASE);
+	return PebAddress;
 }
 
 __declspec(dllexport) void* TITCALL GetPEBLocation64(HANDLE hProcess)
diff --git a/TitanEngine/TitanEngine.Injector.cpp b/TitanEngine/TitanEngine.Injector.cpp
index 42b2310..c5400c0 100644
--- a/TitanEngine/TitanEngine.Injector.cpp
+++ b/TitanEngine/TitanEngine.Injector.cpp
@@ -26,13 +26,7 @@ __declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t*
     LPVOID remStringData;
     LPVOID remCodeData;
     ULONG_PTR remInjectSize = (ULONG_PTR)((ULONG_PTR)&injectedRemoteFreeLibrary - (ULONG_PTR)&injectedRemoteLoadLibrary);
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwSetInformationThread)(HANDLE fThreadHandle, DWORD fThreadInfoClass, LPVOID fBuffer, ULONG fBufferSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwSetInformationThread)(HANDLE fThreadHandle, DWORD fThreadInfoClass, LPVOID fBuffer, ULONG fBufferSize);
-#endif
-    LPVOID ZwSetInformationThread = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwSetInformationThread");
-    fZwSetInformationThread cZwSetInformationThread = (fZwSetInformationThread)(ZwSetInformationThread);
+
     ULONG_PTR NumberOfBytesWritten;
     DWORD ThreadId;
     HANDLE hThread;
@@ -56,10 +50,9 @@ __declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t*
             if(WaitForThreadExit)
             {
                 hThread = CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)remCodeData, remStringData, CREATE_SUSPENDED, &ThreadId);
-                if(ZwSetInformationThread != NULL)
-                {
-                    cZwSetInformationThread(hThread, 0x11, NULL, NULL);
-                }
+
+                NtSetInformationThread(hThread, ThreadHideFromDebugger, NULL, NULL);
+
                 ResumeThread(hThread);
                 WaitForSingleObject(hThread, INFINITE);
                 VirtualFreeEx(hProcess, remCodeData, NULL, MEM_RELEASE);
@@ -120,13 +113,6 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h
     LPVOID remCodeData;
     ULONG_PTR remInjectSize1 = (ULONG_PTR)((ULONG_PTR)&injectedExitProcess - (ULONG_PTR)&injectedRemoteFreeLibrarySimple);
     ULONG_PTR remInjectSize2 = (ULONG_PTR)((ULONG_PTR)&injectedRemoteFreeLibrarySimple - (ULONG_PTR)&injectedRemoteFreeLibrary);
-#if !defined(_WIN64)
-    typedef NTSTATUS(WINAPI *fZwSetInformationThread)(HANDLE fThreadHandle, DWORD fThreadInfoClass, LPVOID fBuffer, ULONG fBufferSize);
-#else
-    typedef NTSTATUS(__fastcall *fZwSetInformationThread)(HANDLE fThreadHandle, DWORD fThreadInfoClass, LPVOID fBuffer, ULONG fBufferSize);
-#endif
-    LPVOID ZwSetInformationThread = (LPVOID)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwSetInformationThread");
-    fZwSetInformationThread cZwSetInformationThread = (fZwSetInformationThread)(ZwSetInformationThread);
     ULONG_PTR NumberOfBytesWritten;
     DWORD ThreadId;
     HANDLE hThread;
@@ -153,10 +139,9 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h
                 if(WaitForThreadExit)
                 {
                     hThread = CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)remCodeData, remStringData, CREATE_SUSPENDED, &ThreadId);
-                    if(ZwSetInformationThread != NULL)
-                    {
-                        cZwSetInformationThread(hThread, 0x11, NULL, NULL);
-                    }
+
+                    NtSetInformationThread(hThread, ThreadHideFromDebugger, NULL, NULL);
+
                     ResumeThread(hThread);
                     WaitForSingleObject(hThread, INFINITE);
                     VirtualFreeEx(hProcess, remCodeData, NULL, MEM_RELEASE);
@@ -200,10 +185,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h
                 if(WaitForThreadExit)
                 {
                     hThread = CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)remCodeData, remStringData, CREATE_SUSPENDED, &ThreadId);
-                    if(ZwSetInformationThread != NULL)
-                    {
-                        cZwSetInformationThread(hThread, 0x11, NULL, NULL);
-                    }
+					NtSetInformationThread(hThread, ThreadHideFromDebugger, NULL, NULL);
                     ResumeThread(hThread);
                     WaitForSingleObject(hThread, INFINITE);
                     VirtualFreeEx(hProcess, remCodeData, NULL, MEM_RELEASE);
diff --git a/TitanEngine/TitanEngine.vcxproj b/TitanEngine/TitanEngine.vcxproj
index a238f5a..1ab3633 100644
--- a/TitanEngine/TitanEngine.vcxproj
+++ b/TitanEngine/TitanEngine.vcxproj
@@ -298,6 +298,7 @@
     <ClInclude Include="Global.TLS.h" />
     <ClInclude Include="LzmaDec.h" />
     <ClInclude Include="LzmaTypes.h" />
+    <ClInclude Include="ntdll.h" />
     <ClInclude Include="resource.h" />
     <ClInclude Include="scylla_wrapper.h" />
     <ClInclude Include="stdafx.h" />
diff --git a/TitanEngine/ntdll.h b/TitanEngine/ntdll.h
new file mode 100644
index 0000000..49c6fc1
--- /dev/null
+++ b/TitanEngine/ntdll.h
@@ -0,0 +1,260 @@
+#pragma once
+
+#include <windows.h>
+
+#ifndef _WIN64
+#pragma comment(lib, "ntdll_x86.lib")
+#else
+#pragma comment(lib, "ntdll_x64.lib")
+#endif
+
+
+
+typedef LONG NTSTATUS;
+
+typedef struct _UNICODE_STRING {
+	USHORT Length;
+	USHORT MaximumLength;
+	PWSTR  Buffer;
+} UNICODE_STRING, *PUNICODE_STRING;
+
+typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
+	ULONG Attributes;
+	ACCESS_MASK GrantedAccess;
+	ULONG HandleCount;
+	ULONG PointerCount;
+
+	ULONG Reserved[10];    // reserved for internal use
+
+} PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
+
+typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
+
+	UNICODE_STRING TypeName;
+
+	ULONG Reserved [22];    // reserved for internal use
+
+} PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
+
+typedef struct _PROCESS_BASIC_INFORMATION {
+	PVOID Reserved1;
+	PVOID PebBaseAddress;
+	PVOID Reserved2[2];
+	ULONG_PTR UniqueProcessId;
+	PVOID Reserved3;
+} PROCESS_BASIC_INFORMATION;
+typedef PROCESS_BASIC_INFORMATION *PPROCESS_BASIC_INFORMATION;
+
+typedef enum _PROCESSINFOCLASS {
+	ProcessBasicInformation,
+	ProcessQuotaLimits,
+	ProcessIoCounters,
+	ProcessVmCounters,
+	ProcessTimes,
+	ProcessBasePriority,
+	ProcessRaisePriority,
+	ProcessDebugPort,
+	ProcessExceptionPort,
+	ProcessAccessToken,
+	ProcessLdtInformation,
+	ProcessLdtSize,
+	ProcessDefaultHardErrorMode,
+	ProcessIoPortHandlers,          // Note: this is kernel mode only
+	ProcessPooledUsageAndLimits,
+	ProcessWorkingSetWatch,
+	ProcessUserModeIOPL,
+	ProcessEnableAlignmentFaultFixup,
+	ProcessPriorityClass,
+	ProcessWx86Information,
+	ProcessHandleCount,
+	ProcessAffinityMask,
+	ProcessPriorityBoost,
+	ProcessDeviceMap,
+	ProcessSessionInformation,
+	ProcessForegroundInformation,
+	ProcessWow64Information,
+	ProcessImageFileName,
+	ProcessLUIDDeviceMapsEnabled,
+	ProcessBreakOnTermination,
+	ProcessDebugObjectHandle,
+	ProcessDebugFlags,
+	ProcessHandleTracing,
+	ProcessIoPriority,
+	ProcessExecuteFlags,
+	ProcessResourceManagement,
+	ProcessCookie,
+	ProcessImageInformation,
+	MaxProcessInfoClass             // MaxProcessInfoClass should always be the last enum
+} PROCESSINFOCLASS;
+
+typedef enum _SYSTEM_INFORMATION_CLASS {
+	SystemBasicInformation,
+	SystemProcessorInformation,             // obsolete...delete
+	SystemPerformanceInformation,
+	SystemTimeOfDayInformation,
+	SystemPathInformation,
+	SystemProcessInformation,
+	SystemCallCountInformation,
+	SystemDeviceInformation,
+	SystemProcessorPerformanceInformation,
+	SystemFlagsInformation,
+	SystemCallTimeInformation,
+	SystemModuleInformation,
+	SystemLocksInformation,
+	SystemStackTraceInformation,
+	SystemPagedPoolInformation,
+	SystemNonPagedPoolInformation,
+	SystemHandleInformation,
+	SystemObjectInformation,
+	SystemPageFileInformation,
+	SystemVdmInstemulInformation,
+	SystemVdmBopInformation,
+	SystemFileCacheInformation,
+	SystemPoolTagInformation,
+	SystemInterruptInformation,
+	SystemDpcBehaviorInformation,
+	SystemFullMemoryInformation,
+	SystemLoadGdiDriverInformation,
+	SystemUnloadGdiDriverInformation,
+	SystemTimeAdjustmentInformation,
+	SystemSummaryMemoryInformation,
+	SystemMirrorMemoryInformation,
+	SystemPerformanceTraceInformation,
+	SystemObsolete0,
+	SystemExceptionInformation,
+	SystemCrashDumpStateInformation,
+	SystemKernelDebuggerInformation,
+	SystemContextSwitchInformation,
+	SystemRegistryQuotaInformation,
+	SystemExtendServiceTableInformation,
+	SystemPrioritySeperation,
+	SystemVerifierAddDriverInformation,
+	SystemVerifierRemoveDriverInformation,
+	SystemProcessorIdleInformation,
+	SystemLegacyDriverInformation,
+	SystemCurrentTimeZoneInformation,
+	SystemLookasideInformation,
+	SystemTimeSlipNotification,
+	SystemSessionCreate,
+	SystemSessionDetach,
+	SystemSessionInformation,
+	SystemRangeStartInformation,
+	SystemVerifierInformation,
+	SystemVerifierThunkExtend,
+	SystemSessionProcessInformation,
+	SystemLoadGdiDriverInSystemSpace,
+	SystemNumaProcessorMap,
+	SystemPrefetcherInformation,
+	SystemExtendedProcessInformation,
+	SystemRecommendedSharedDataAlignment,
+	SystemComPlusPackage,
+	SystemNumaAvailableMemory,
+	SystemProcessorPowerInformation,
+	SystemEmulationBasicInformation,
+	SystemEmulationProcessorInformation,
+	SystemExtendedHandleInformation,
+	SystemLostDelayedWriteInformation,
+	SystemBigPoolInformation,
+	SystemSessionPoolTagInformation,
+	SystemSessionMappedViewInformation,
+	SystemHotpatchInformation,
+	SystemObjectSecurityMode,
+	SystemWatchdogTimerHandler,
+	SystemWatchdogTimerInformation,
+	SystemLogicalProcessorInformation,
+	SystemWow64SharedInformation,
+	SystemRegisterFirmwareTableInformationHandler,
+	SystemFirmwareTableInformation,
+	SystemModuleInformationEx,
+	SystemVerifierTriageInformation,
+	SystemSuperfetchInformation,
+	SystemMemoryListInformation,
+	SystemFileCacheInformationEx,
+	MaxSystemInfoClass  // MaxSystemInfoClass should always be the last enum
+} SYSTEM_INFORMATION_CLASS;
+
+typedef enum _OBJECT_INFORMATION_CLASS {
+	ObjectBasicInformation,
+	ObjectNameInformation,
+	ObjectTypeInformation,
+	ObjectTypesInformation,
+	ObjectHandleFlagInformation,
+	ObjectSessionInformation,
+	MaxObjectInfoClass  // MaxObjectInfoClass should always be the last enum
+} OBJECT_INFORMATION_CLASS;
+
+typedef enum _THREADINFOCLASS {
+	ThreadBasicInformation,
+	ThreadTimes,
+	ThreadPriority,
+	ThreadBasePriority,
+	ThreadAffinityMask,
+	ThreadImpersonationToken,
+	ThreadDescriptorTableEntry,
+	ThreadEnableAlignmentFaultFixup,
+	ThreadEventPair_Reusable,
+	ThreadQuerySetWin32StartAddress,
+	ThreadZeroTlsCell,
+	ThreadPerformanceCount,
+	ThreadAmILastThread,
+	ThreadIdealProcessor,
+	ThreadPriorityBoost,
+	ThreadSetTlsArrayAddress,
+	ThreadIsIoPending,
+	ThreadHideFromDebugger,
+	ThreadBreakOnTermination,
+	ThreadSwitchLegacyState,
+	ThreadIsTerminated,
+	MaxThreadInfoClass
+} THREADINFOCLASS;
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+	NTSYSCALLAPI
+		NTSTATUS
+		NTAPI
+		NtQueryInformationProcess (
+		__in HANDLE ProcessHandle,
+		__in PROCESSINFOCLASS ProcessInformationClass,
+		__out_bcount(ProcessInformationLength) PVOID ProcessInformation,
+		__in ULONG ProcessInformationLength,
+		__out_opt PULONG ReturnLength
+		);
+
+	NTSYSCALLAPI
+		NTSTATUS
+		NTAPI
+		NtQueryObject (
+		__in HANDLE Handle,
+		__in OBJECT_INFORMATION_CLASS ObjectInformationClass,
+		__out_bcount_opt(ObjectInformationLength) PVOID ObjectInformation,
+		__in ULONG ObjectInformationLength,
+		__out_opt PULONG ReturnLength
+		);
+
+	NTSYSCALLAPI
+		NTSTATUS
+		NTAPI
+		NtQuerySystemInformation (
+		__in SYSTEM_INFORMATION_CLASS SystemInformationClass,
+		__out_bcount_opt(SystemInformationLength) PVOID SystemInformation,
+		__in ULONG SystemInformationLength,
+		__out_opt PULONG ReturnLength
+		);
+
+	NTSYSCALLAPI
+		NTSTATUS
+		NTAPI
+		NtSetInformationThread (
+		__in HANDLE ThreadHandle,
+		__in THREADINFOCLASS ThreadInformationClass,
+		__in_bcount(ThreadInformationLength) PVOID ThreadInformation,
+		__in ULONG ThreadInformationLength
+		);
+
+#ifdef __cplusplus
+};
+#endif
diff --git a/TitanEngine/ntdll_x64.lib b/TitanEngine/ntdll_x64.lib
new file mode 100644
index 0000000..d4f11e8
Binary files /dev/null and b/TitanEngine/ntdll_x64.lib differ
diff --git a/TitanEngine/ntdll_x86.lib b/TitanEngine/ntdll_x86.lib
new file mode 100644
index 0000000..a173db3
Binary files /dev/null and b/TitanEngine/ntdll_x86.lib differ
diff --git a/TitanEngine/stdafx.h b/TitanEngine/stdafx.h
index ec083ec..5158805 100644
--- a/TitanEngine/stdafx.h
+++ b/TitanEngine/stdafx.h
@@ -12,9 +12,8 @@
 #define WIN32_LEAN_AND_MEAN             // Exclude rarely-used stuff from Windows headers
 // Windows Header Files:
 #include <windows.h>
-#include <Winternl.h>
-
-
+//#include <winternl.h>
+#include "ntdll.h"
 #include "aplib.h"
 #include "LzmaDec.h"
 
@@ -719,10 +718,6 @@ typedef struct
 
 // UnpackEngine.Handler:
 
-#define NTDLL_SystemHandleInfo 0x10
-#define ObjectBasicInformation 0
-#define ObjectNameInformation 1
-#define ObjectTypeInformation 2
 
 /*typedef enum _POOL_TYPE {
 	NonPagedPool,