How is Sophos anti rootkit?

Is it free? I want to give it a go. Also how easy is it to use?

 

I am looking at that program myself.
I found the website that I linked below that has a lot of antirootkit programs listed with some ratings.
Sophos is listed with screenshots and a d/l link.
It is free and I'm downloading it now.


http://www.antirootkit.com/software/index.htm

 

Sophos Antirootkit is easy to use.
It can scan three areas-running processes,local hard drives,and the windows registry.
A scan of all three areas took 8 mins,45 seconds on my computer.It has a clean button also.

I would definitely use GMER or Ice Sword over SAR though.
GMER looks like it has monitoring capabilities?Didn't try that feature.
GMER and Ice Sword both have more info and are better programs IMO.

 

are they free? also would HIPS detect a rootkit?

 

Yep.
The ones that I have been messing with are free.Most of these programs are btw.

Regarding the HIPS question..I don't know.

 

You asked "Are they free?" I'm not clear as to whether you were asking about free anti-rootkits or free HIPS. Ergo...

+All manner of anti-rootkits (free & otherwise) are listed over yonder.
+As to HIPS, there are many freebies. Antihook is a bloody good one. So is Cyberhawk. Prevx1 is superb -- it starts free & stays free under certain conditions. These are but 3 of many possible free HIPS.

As to your question about whether a HIPS will detect a rootkit--

As I understand it................

+A rootkit is not itself an "exploit." Instead, it is part of the payload of certain malware. It is the malware which instigates the exploit. The rootkit merely provides cover.
+The malware ITSELF is the "intruder" that seeks to deflower my virginal computer.
+Main function of the HIPS app I use is Intrusion Prevention -- the "IP" part of HIPS
+Ergo, if my HIPS does its job, and if I use my HIPS with care, then the malware that wants to hide itself with a rootkit will be killed at my computer's front door.
+Ergo, detection of a rootkit isn't necessary UNLESS it gets established in my computer. My HIPS will prevent that happening UNLESS I do something stupid.
+Since I all-too-often do stupid things, I also use Rootkit hunter/killer apps by Sophos & GMER.
+If Sophos or GMER ever spot a rootkit-in-residence (they have never done so YET) I shan't ask them to clean it. I will instead restore a virginal image made by my ever-faithful Image for DOS.

 

That link from Bellgamin is identical to the one I posted in my first reply.

Haven't you checked that link?
There are many antirootkit programs listed there and it tells whether or not they are free.