Maxa Cookie Manager a trojan?

NOD32 creates havoc when I try to update Maxa Cookie Manager Pro(MCM) from version 4.2 to 5. NOD32 stops the installation and reports that the update file "probably is a variant of Win32/Genetik trojan". Not only that, it destroys version 4.2 of MCM. The key file cookie.exe is gone (changed to a tmp file). I had to uninstall ver 4.2 and then reinstall it. So I submitted the file to ESET for analysis. No answer so far.

I have contacted the MCM people and they told me that this should be taken care of by ESET. But that is not so. The last two days I sent the MCM file to virustotal.com and only ESET (1 of 43!)found it to be a trojan. I scanned it with Malwarebytes and Trojan Hunter. They found nothing. It is obviously a false positive.

How long is this to going to last? NOD32 is now very close to being removed and replaced.

I use Windows 7 HP/64.

 

The program must resemble certain malware in some points which triggered the heuristic detection. That happens with every heuristic analyzis no matter what AV program is used. The heuristics can detect suspicious code but cannot tell if it's part of a legit or malicious application.
As for the alleged FP in question, I've tracked down all samples submitted from within the gui as well as those emailed per the instructions here but couldn't find any report with cookie.exe in attachment. Please submit it to ESET so that the file can be analyzed and whitelisted if it turns out to be actually FP.
In the mean time, you can restore the file from quarantine via the Restore and exclude from scanning option in the right-click menu.

 

Don't overreact. Every AV / Anti-Malware product finds FP's from time to time. Malwarebytes does so on a fairly frequent basis and that doesn't make it a bad product that should be removed. Report things in the right way as Marcos recommends and they'll be looked at.

 

I did submit the file in question, but not named cookie.exe because NOD32 did not allow me to use it. I submitted the temp file that NOD32 changed it to. I retried the installation several times and each time cookie.exe changed to a temp file. Now they are gone from my computer. It is still remarkable that only NOD32 found this code but the other 42 in virustotal.com did not.
I will try to submit the installation file. It is not in this computer, though.

 

Now, I have more info after contacting Maxa Tools. It appears that ESET only analysed the regular version of Maxa Cookie Manager. I have the Pro version. The told me that many customers have the same complaints. They will contact ESET again. Sigh!

I did, though, submit the full installation file for version 5 of the Pro version to ESET a few minutes ago. So, may we hope for a solution?

 

MAXA Cookie Manager from MAXA Research Int'l Inc. has the identical code as Ultimate Cookie Manager from Treasure Island Software.
It is very unlikely for 2 distinct developers to produce the identical code. Please ask the company if they are the authors/developers of the program and if they could tell us something about the twins.

 

How would I know? I have no special relation with them, only a few e-mails. I am just a customer concerned about NOD32's blocking of an upgrade. So why do you not ask that question instead? That would be more appropiate.

Are we dealing with a false positive or not. That is my concern. I do have a license for Maxa Cookie Manager and I like to continue using the programme.