Hello,
memory scanner is seamlessly integrated into CIS 3.9 and it can detect malware in memory which the file scanner doesn’t detect because of unsupported crypters and packers.
But what about a rootkit in the MBR? Is it active in memory areas where memory scanner can detect it? If yes, just theoratically or also practically? Are there already memory scanner signatures for it?
And what else can be done by the memory scanner?
Thanks.