:confused:

Hi
Quoted from the main website (www.pctools.com/memory-scanner/)

This tool is designed to assist in answering a common question asked by many customers whose systems have been susceptible to threats: "Is my system still infected?"

A threat may potentially slip under the radar of conventional malware scanners by engaging in stealth techniques to stay undetected as long as possible. Often, in such a scenario, the original threat file is encrypted with polymorphic encryptors which rely on anti-debugging and anti-emulation techniques, presenting a challenging task for malware scanners in detecting it.

However, when such a threat is loaded in memory, it needs to decrypt its own malicious code, completely or partially, or it is unable to run. These stealth techniques are used by threat families including Citwail/Pandex/DieHard, Storm and Mailbot/Rustock.