The integrity of a computer may be checked by issuing a command to read data from a hardware component of the computer and retrieving the data from a data transfer buffer. The command may be sent to a secure driver that places the central processing unit (CPU) of the computer in system management mode to trigger execution of a system management interrupt (SMI) handler. The SMI handler may read the data from the hardware component, encrypt the data, and place the encrypted data in the data transfer buffer. A system integrity check application program may read the encrypted data to determine presence of malicious code based on the data. For example, the application program may infer presence of malicious code when the encrypted data does not conform to a particular encryption algorithm or when the data does not appear in the data transfer buffer.