If your PC is turned on and even if it's locked or in sleep mode anyone can dump the entire contents of your RAM out to a storage device. It's not too hard to write a small program and keep it to yourself that wont be detected by anti-malware.Īnother way is by using Firewire. Anti-malware really only useful against mainstream known stuff. Any small piece of malware that might slip in can easily steal the keys from needed to decrypt the volumes right from live memory. The decryption key is stored in memory every time you access your encrypted volume.
If you have physical access to the machine using TrueCrypt volumes it's usually quite possible to get the key. TrueCrypt is actually not that hard to get around depending on your you use it unfortunately.
