SanityCheck is an advanced rootkit and malware
detection tool for Windows which thoroughly scans
the system for threats and irregularities which
indicate malware or rootkit behavior. By making use
of special deep inventory techniques, this program
detects hidden and spoofed processes, hidden
threads, hidden drivers and a large number of hooks
and hacks which are typically the work of rootkits
and malware. It offers a comprehensible report which
gives a detailed explanation of any irregularities
found and offers suggestions on how to solve or
further investigate any situation.
Makes use of special deep inventory techniques
SanityCheck makes use of a special Windows feature
(a GlobalFlag setting) which allows it to create a
deep inventory of drivers, devices, processes,
threads and a lot of other information about your
system. By making use of this feature in combination
with other techniques it is able to create a very
thorough scan of irregularities on your system.
Detect hidden processes
SanityCheck goes to incredible lengths to detect
processes which hide themselves from the Windows
taskmanager and programming interfaces. It uses
seven unmentioned safe techniques to reveal hidden
processes in both usermode and kernelmode.
Detect obfuscated processes
Sanity Check detects processes which do efforts to
obfuscate their names. This is a typical activity
associated with malware.