SanityCheck is an advanced rootkit and malware detection tool for Windows which thoroughly scans the system for threats and irregularities which indicate malware or rootkit behavior..

This program does a thorough check on your system to look for irregularities which are typically the work of rootkits, viruses and other malware. This software goes to great lengths to check your system for hidden processes, hidden drivers, hidden threads and detects many different types of hooks, hacks and hijacks.

Note that certain irregularities may be the work of antivirus or another security product that you have installed. This is because security software itself often makes use of the same controversial techniques which are normally associated with malware. This is why it is recommended to first disable all antivirus, antispyware, firewall and other security software which may be running on your system.

In case any irregularities are found SanityCheck will attempt to find a responsible process or module and offer suggestions on how to proceed in the investigation.

SanityCheck works to detect:

Hidden processes

Processes with spoofed names

Processes attempting to appear as standard Windows processes

Processes with obviously deceptive names

Processes without product, company and description information

Valid signatures in processes and kernel modules

Intercepted system services and the modules responsible

Intercepted kernel routines and the modules responsible

Intercepted kernel object callout routines and the modules responsible

Drivers with intercepted dispatch entry points



Limitations:
Note that although this software creates a comprehensible report it is not intended for absolute novice users who do not have not any type of idea about the software that is installed and running on their systems.