Running Scripts

Vba32 AntiRootkit can run scripts. So, the following operations are available: deleting infected/suspicious files, copying infected/suspicious files to the quarantine, etc. To do this, select the File – Run Script menu item.

Vba32 AntiRootkit run script Running Scripts
Run Script window

A user can access the following procedures:

  • Brs_Start() – enables the technique of low-level file access;
  • Brs_QtnFile() – copies the specified file to the quarantine, it’ll be performed after rebooting;
  • Brs_DelFile() – deletes the specified file, it’ll be performed after rebooting;
  • RebootSystem() reboots the system;
  • CollectState() – collects information on the system and saves it to vba32arkit.log file.



The script will copy the c:x.exe file to the quarantine, delete the c:x.exe file and reboot the system.

A script will be executed after the Run script button is pressed. To check the syntax, press the Check script button. A script can be saved to a file (Save script) and loaded (Load script).

Also, scripts can be executed from command line of Vba32 AntiRootkit. To do this, a user should save script body to UNICODE text file and run the following:

Vba32arkit.exe /rs "file name"

As soon as the program is launched, the script from the specified file will be run.


Running Scripts