Determining if you’re compromised can be a complex process. You need to analyze all the components of a virus, APT, or other unauthorized activity and use several different (and sometimes difficult) approaches to be successful. One useful method is to use memory analysis.
IOActive’s BlockWatch does that for you. It is the largest available hash database, containing 400+ million integrity checks. It provides software assurance and high integrity verification of the volatile memory in Windows®-based systems. The IOActive Memory Cruncher is a free Software-as-a-Service (SaaS) application that gives you instant access to BlockWatch’s network-hosted secure hash whitelist.
The Memory Cruncher addresses the complex challenges associated with integrity attestation. It interprets physical memory snapshots, normalizes inputs, and ensures completeness. You can easily generate reports in Microsoft® Word® or simply browse to get a good idea about what is really running on your computer.