Certain computer system components may want to monitor code loaded into a runtime environment. For instance, certain programs may monitor the integrity of agent code in the host memory to check whether the agent code has been compromised by malicious code, such as viruses, worms, etc. Monitored agent code may comprise an anti-virus program, whose integrity is essential to protect the system. Further, viruses and worms are capable of breaching the kernel boundary and tampering with critical kernel components that are responsible for monitoring the security of the system. To perform the operations to monitor and check the agent code, the program or virtual partition performing the monitoring operations determines the location of the code in the memory to check whether unauthorized and possibly malicious changes have been made to the code since being loaded into memory. In certain systems, the code may be loaded into fixed locations in the memory which the monitoring program or partition uses to access the code to determine if there have been unauthorized changes. Alternatively, the monitoring program or partition may search page-by-page through the memory to locate the agent code to monitor and check.