Just ran unlocker1.8.7.exe through Virus Total as Nod32 picked it up in an overnight scan. Nod32 is the only AV showing this file as Win32/Agent.QBA. False positive?

Hello Banger696,

If you have a program that you think is a false positive, you should submit it to our virus labs for analysis.

How to submit virus or potential false positive samples to ESET's labs
http://kb.eset.com/esetkb/index?page=content&id=SOLN141

Thanks, I have followed the proceedure. :)

I too had this problem few days ago.
Submitted file as F.P. to samples@eset.com on 12 Sept. 09.

No replay.

Just for information, there is a thread here that discusses Unlocker. http://www.wilderssecurity.com/showthread.php?t=248573

Me , too . ESET Virus Lab = no reaction

Here is a proof . Someone should have answered

Ok I've just downloaded it again and it appears to be clean, unselected ebay shortcuts etc on install and the Install folder and install application come up clean. Maybe indeed it was infected and has now been cleaned up. No ebay shortcuts on my desktop either. Strange.

Ok, downloaded "Unlocker v.1.8.7" again and re-installed.

Seems that author has changed something in the installer even
if it has the same revision.

Installer and installed prog. are clean now.

I appreciate that ESET Smart Security contributed on discovery

Detection was verified and confirmed that it's correct. However, I'll inquire about it tomorrow again when I get to the office.

-{ Quote: "Detection was verified and confirmed that it's correct. However, I'll inquire about it tomorrow again when I get to the office." }-
hello
I think you mean that "eBay shortcut" triggers detection is correct,but the module can be choosen by users,ESET do not allow this kind of interact installation?

Hello,
I sent the ebayshortcuts.exe malware to ESET plus another variant I found yesterday.
I'm sure it's a kind of malware.
Norman added detection too and you can find some information from Google. like http://it.toolbox.com/blogs/paytonbyrd/beware-unlocker-187-26919.
Anyway I read somewhere that latest version of Unlocker doesn't came bundled with this crap. I'm not sure if it's true since I don't use such program.

-{ Quote: "Installer and installed prog. are clean now." }-
The new version of the adware-like trojan was inserted to the installer, perhaps with the intention to avoid detection?
There are more vendors who bundle the component with their applications and at the same time telling their software is FREE.

best is avoid this software !!!

here is a good new thread about it

http://www.wilderssecurity.com/showthread.php?p=1543063#post1543063

cheers

I informed Cedrick 'Nitch' Collomb, the creator of Unlocker that there was a possible Trojan in version 1.8.7. My NOD32 scan detected it and it was reported on Wilders Security Forum, that others detected it too. I sent him the information from Wilders Security. Cedrick insists that it is a "false possitive", which it very well could be, as other anti-virus programs do not detect any problem. Cedrick informed me today that he has promptly addressed the issue and fixed what may have been a problem, with the new release of version1.8.8. Unlocker is a great and useful utility, very worthwhile. :)

-{ Quote: "Cedrick informed me today that he has promptly addressed the issue and fixed what may have been a problem, with the new release of version1.8.8. Unlocker is a great and useful utility, very worthwhile." }-
Good PR from a first poster ;D