,.-
May 12th, 2006, 04:39 PM
I just performed tests with Armadillo 4.x protected malware (Optix Lite 0.4). Code splicing + copy mem II + debug-blocker was enabled.
Incidentally, I noticed that RegDefend did not block or show an alert when the Optix server registered itself (autostart entry). That's why Regrun's alert was triggered.
I did not investigate this issue in more detail. Therefore, I am unable to rule out that RegDefend was not correctly configured.
But someone may want to have a look.
Incidentally, I noticed that RegDefend did not block or show an alert when the Optix server registered itself (autostart entry). That's why Regrun's alert was triggered.
I did not investigate this issue in more detail. Therefore, I am unable to rule out that RegDefend was not correctly configured.
But someone may want to have a look.