VBA32 has received the next gold award for detection and removal of modern rootkits .

Recently virus writers more often use rootkit-technologies. The reason of this is quite obvious – they make it possible to hide malware and its components from PC users and antivirus programs. In the Internet it is easily to find initial texts of  ready-made rootkits. And as a rule it leads to wide spread of this technology in various Trojan software or spywares (spyware/adware, keyloggers etc.).

Rootkit is software for hiding the malefactor’s or malware presence traces in the system.  Rootkit-technologies allows the malware to hide its activity in the victim’s computer by disguising the files, processes as well as its presence in the system.

For detection and removal of such harmful programs there is a set of specialized software products – antirootkits.

The aim of this test is to evaluate the ability of the most popular antivirus and anti-rootkit products to detect and remove malicious programs (‘in-the-wild’ samples) that use rootkit technologies .

ITW malware testing gives us a good idea of how well the antirootkit software under analysis can cope with well-known rootkits.

More information about testing methology and testing results you can read here:

Testing methodology »                                  

Testing results analysis and awards »

Gold Anti-Rootkit Protection Award	GMER 1.0.15.15281 (10,5 from 12 points) VBA32 Antirootkit 3.12 (beta) (10 from 12 points)
Silver Anti-Rootkit Protection Award	RootRepeal 1.3.5 (9 from 12 points) Online Solutions Autorun Manager 5.0.11922.0 (8 from 12 points) XueTr 1.0.2.0 (8 from 12 points) Rootkit Unhooker 3.8.386.589 (7,5 from 12 points) KernelDetective 1.3.1 (7,5 from 12 points)
Bronze Anti-Rootkit Protection Award	SysReveal 1.0.0.27 (6,5 from 12 points) Sophos Anti-Rootkit 1.5.0 (6 from 12 points)
Failed	Trend Micro RootkitBuster 2.80 (3 from 12 points) Eset SysInspector 1.2.012.0 (2,5 from 12 points) Panda Anti-Rootkit 1.0.8.0 (1,5 from 12 points)

Grigoriy Smirnov, Testing Engineer, Anti-Malware Test Lab, comments the test results as follows:

“Having brought our testing to the logical end we obtained a detailed picture of modern anti-rootkits abilities on removing complicated malware ITW-samples using rootkit technologies. On the basis of the results obtained we can come to the conclusions that antivirus vendors whose products participated in the testing just pretend they can offer solutions for complicated threats liquidation. In fact most of the vendors' anti-rootkits cannot resist modern rootkits because of their technical weakness that is proved by our tests. VBA32 AntiRootkit by VirusBlockAda is a positive exception from this picture. This product managed to detect the most complicated infections using system drivers patching. This result is undoubtedly an evidence of this solution high predictability. Keep it up! But Gmer – the winner of this testing is also worth mentioning. I think this product has always been a model among rootkits.”

Vba32 AntiRootkit is a free product. It can be downloaded here:  http://anti-virus.by/en/vba32arkit.shtml