Did PC Magazine recommend an infected program?

Discussion in 'malware problems & news' started by emjay8, Oct 23, 2007.

Thread Status:
Not open for further replies.
  1. emjay8

    emjay8 Registered Member

    Joined:
    Oct 23, 2007
    Posts:
    1
    In the October 16, 2007 issue of PC Magazine on page 78 they recommended a program from docs.kr called Shock Aero to reproduce Vista's 3D switcher in XP.

    I downloaded the Shock Aero 3D setup .exe file and decided to run it through jotti.org first. It cleared all of the major AV programs, but was flagged by VBA32 as being infected with Trojan-Downloader.Win32.Banload.tn

    Does anyone know anything about VBA32 or this injection? Could it be a flase flag?
     
  2. Chris12923

    Chris12923 Registered Member

    Joined:
    May 31, 2004
    Posts:
    1,097
    If I'm not mistaken the VBA on jotti has hueristics on high setting. I would say this is a false positive if none of the others detect it. VBA is good AV in my opinion but with high settings like any other it can have some FP's.

    Thanks,

    Chris
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Slightly off-topic, but if you want vista's 3d switcher, you could try an app called "topdesk"...it can also emulate mac's expose switcher
     
  4. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    It may very well be a false positive.VBA32 on the higher heuristics settings can produce those results.
     
  5. Mitya

    Mitya Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    15
    Vba32 scans files at jotti.org with advanced heuristics, so it may cause some false positives. If you send this file to support-en@anti-virus.by, we'll fix the problem.
     
Loading...
Thread Status:
Not open for further replies.