In the October 16, 2007 issue of PC Magazine on page 78 they recommended a program from docs.kr called Shock Aero to reproduce Vista's 3D switcher in XP.

I downloaded the Shock Aero 3D setup .exe file and decided to run it through jotti.org first. It cleared all of the major AV programs, but was flagged by VBA32 as being infected with Trojan-Downloader.Win32.Banload.tn

Does anyone know anything about VBA32 or this injection? Could it be a flase flag?

If I'm not mistaken the VBA on jotti has hueristics on high setting. I would say this is a false positive if none of the others detect it. VBA is good AV in my opinion but with high settings like any other it can have some FP's.

Thanks,

Chris

Slightly off-topic, but if you want vista's 3d switcher, you could try an app called "topdesk"...it can also emulate mac's expose switcher

{QUOTE-> Does anyone know anything about VBA32 or this injection? Could it be a flase flag? <-QUOTE}

It may very well be a false positive.VBA32 on the higher heuristics settings can produce those results.

{QUOTE-> In the October 16, 2007 issue of PC Magazine on page 78 they recommended a program from docs.kr called Shock Aero to reproduce Vista's 3D switcher in XP.

I downloaded the Shock Aero 3D setup .exe file and decided to run it through jotti.org first. It cleared all of the major AV programs, but was flagged by VBA32 as being infected with Trojan-Downloader.Win32.Banload.tn

Does anyone know anything about VBA32 or this injection? Could it be a flase flag? <-QUOTE}

Vba32 scans files at jotti.org with advanced heuristics, so it may cause some false positives. If you send this file to support-en@anti-virus.by, we'll fix the problem.