How is Sophos anti rootkit?

Discussion in 'other anti-malware software' started by cheater87, Oct 22, 2006.

Thread Status:
Not open for further replies.
  1. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,122
    Location:
    Pennsylvania.
    Is it free? I want to give it a go. Also how easy is it to use?
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I am looking at that program myself.
    I found the website that I linked below that has a lot of antirootkit programs listed with some ratings.
    Sophos is listed with screenshots and a d/l link.
    It is free and I'm downloading it now.


    http://www.antirootkit.com/software/index.htm
     
  3. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Sophos Antirootkit is easy to use.
    It can scan three areas-running processes,local hard drives,and the windows registry.
    A scan of all three areas took 8 mins,45 seconds on my computer.It has a clean button also.

    I would definitely use GMER or Ice Sword over SAR though.
    GMER looks like it has monitoring capabilities?Didn't try that feature.
    GMER and Ice Sword both have more info and are better programs IMO.
     
  4. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,122
    Location:
    Pennsylvania.
    are they free? also would HIPS detect a rootkit?
     
  5. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Yep.
    The ones that I have been messing with are free.Most of these programs are btw.

    Regarding the HIPS question..I don't know.
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    You asked "Are they free?" I'm not clear as to whether you were asking about free anti-rootkits or free HIPS. Ergo...

    +All manner of anti-rootkits (free & otherwise) are listed over yonder.
    +As to HIPS, there are many freebies. Antihook is a bloody good one. So is Cyberhawk. Prevx1 is superb -- it starts free & stays free under certain conditions. These are but 3 of many possible free HIPS.

    As to your question about whether a HIPS will detect a rootkit--

    As I understand it................

    +A rootkit is not itself an "exploit." Instead, it is part of the payload of certain malware. It is the malware which instigates the exploit. The rootkit merely provides cover.
    +The malware ITSELF is the "intruder" that seeks to deflower my virginal computer.
    +Main function of the HIPS app I use is Intrusion Prevention -- the "IP" part of HIPS
    +Ergo, if my HIPS does its job, and if I use my HIPS with care, then the malware that wants to hide itself with a rootkit will be killed at my computer's front door.
    +Ergo, detection of a rootkit isn't necessary UNLESS it gets established in my computer. My HIPS will prevent that happening UNLESS I do something stupid.
    +Since I all-too-often do stupid things, I also use Rootkit hunter/killer apps by Sophos & GMER.
    +If Sophos or GMER ever spot a rootkit-in-residence (they have never done so YET) I shan't ask them to clean it. I will instead restore a virginal image made by my ever-faithful Image for DOS.
     
  7. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    That link from Bellgamin is identical to the one I posted in my first reply.

    Haven't you checked that link?
    There are many antirootkit programs listed there and it tells whether or not they are free.
     
Loading...
Thread Status:
Not open for further replies.