Hitman Pro question to clear false positive

ricdam · July 4, 2018, 9:40pm

Hi there,

One of my customers use Hitman Pro antivirus and it’s returning a false positive. I contact Hitman Pro to clear the false positive and they are asking me the following question:

“Our team has analyzed your application and they are seeing some particularly strange behavior.
Is there any particular reason to start the mapped PE file on the heap via an APC instead of calling it directly or via an own created thread?”

Can you please advise?

Cheers

gdgsupport · July 7, 2018, 8:23pm

XLS Padlock uses virtualization to pack all of its internal components into one single EXE file, especially for Universal format. That’s probably why they see that behavior. Which version of XLS Padlock are you using? And

ricdam · July 8, 2018, 1:23am

I am using the latest 2018.2 version, and the EXE file is Universal format.
I have just replied to Hitman Pro, will let you know if they have any other question.

Cheers,