SanityCheck is an advanced rootkit and malware detection tool for Windows which thoroughly scans the system for threats and irregularities which indicate malware or rootkit behavior.
This program does a thorough check on your system to look for irregularities which are typically the work of rootkits, viruses and other malware. This software goes to great lengths to check your system for hidden processes, hidden drivers, hidden threads and detects many different types of hooks, hacks and hijacks. Note that certain irregularities may be the work of antivirus or another security product that you have installed. This is because security software itself often makes use of the same controversial techniques which are normally associated with malware. This is why it is recommended to first disable all antivirus, antispyware, firewall and other security software which may be running on your system. In case any irregularities are found the report will attempt to find a responsible process or module and offer suggestions on how to proceed in the investigation. SanityCheck works to detect: Hidden processes Processes with spoofed names Processes attempting to appear as standard Windows processes Processes with obviously deceptive names Processes without product, company and description information Valid signatures in processes and kernel modules Intercepted system services and the modules responsible Intercepted kernel routines and the modules responsible Intercepted kernel object callout routines and the modules responsible Drivers with intercepted dispatch entry pointsDownload