diff --git a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_kernel32.rb b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_kernel32.rb
index 6563a7ae3a..f0067d561a 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_kernel32.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_kernel32.rb
@@ -886,7 +886,7 @@ class Def_windows_kernel32
       ["DWORD","dwNotifyFilter","in"],
       ])
 
-    dll.add_function( 'FindFirstFileA', 'DWORD',[
+    dll.add_function( 'FindFirstFileA', 'HANDLE',[
       ["PCHAR","lpFileName","in"],
       ["PBLOB","lpFindFileData","out"],
       ])
@@ -909,7 +909,7 @@ class Def_windows_kernel32
       ["DWORD","dwAdditionalFlags","in"],
       ])
 
-    dll.add_function( 'FindFirstFileW', 'DWORD',[
+    dll.add_function( 'FindFirstFileW', 'HANDLE',[
       ["PWCHAR","lpFileName","in"],
       ["PBLOB","lpFindFileData","out"],
       ])
diff --git a/modules/exploits/windows/local/bypassuac_injection_winsxs.rb b/modules/exploits/windows/local/bypassuac_injection_winsxs.rb
index b6771f6e42..96d9ff1699 100644
--- a/modules/exploits/windows/local/bypassuac_injection_winsxs.rb
+++ b/modules/exploits/windows/local/bypassuac_injection_winsxs.rb
@@ -276,8 +276,8 @@ class MetasploitModule < Msf::Exploit::Local
       andOperation = fileAttributes & client.railgun.const("FILE_ATTRIBUTE_DIRECTORY")
       if andOperation
         # Removes the remainder part composed of 'A' of the path and the last null character
-        normalizedData = findFileData[fileNamePadding, fileNamePadding + maxPath].split('AAA')[0]
-        path = "#{payload_filepath}\\#{normalizedData[0, normalizedData.length - 1]}"
+        normalizedData = findFileData[fileNamePadding, fileNamePadding + maxPath].split("\x00", 2).first
+        path = "#{payload_filepath}\\#{normalizedData}"
         directoryNames.push(path)
       end