For a long time I have a false positive (I think).
I have running in my Vista Home Premium system the InControl2.5 Startup Mngr
Spybot says it is malware Free-Key-Logger.
It is based on the software registry key "Virtuoza"
I don't think this is malware.
Download at
http://www.get-in-control.com/download/
I know there are also Cracked Virtuoza InControl Startup Manager v2.4 versions on the web.
But here I have a "Giveaway of the Day - free licensed" version 2.5 running.

Please read:
How to report False Positives
http://forums.spybot.info/showthread.php?t=19117

hello
and thank you for reporting this issue, also thanks to md usa spybot fan for referencing the link on how to report the false positive.


Since Virtuoza and a second software named InControl (the other is actually InCtrl ) appeared to be suspicious, I checked out this software. InControl 2.5 appears to be a legit startup manager for Windows.
The vendor Virtuoza Inc. also sells commercial keyloggers which also register themselves in the named registry key for Virtuoza. To avoid detecting the Virtuoza key when no keylogger is installed we will change our detection rules to only detect this when one of Virtuozas keyloggers is installed.

I've been dealing with koolynoody.net and contentmatch.net. I have Spybot S&D working at "Highest" Scan Priority, although I'm wondering if I shouldn't have stayed with Time Critical (blocks everything else). I have SpyBlaster working in the background. I have McAfee Security Center. I use SUPERSpyware v. #4.5, and for good measure, I use Comcast Spyware scan Powered by PestPatrol.

Of all the antivirus, Malware, Spyware, and Adware viruses that these anti-virus or antiMalware, etc. have been able to stop, the only one that caught Koolynoody.net and contentmatch.net was Comcast Spyware scan Powered by PestPatrol (Yahoo, as does Comcast, provides the same application on their Toolbars free.)

Nonetheless, my point is that for the longest time, when PestPatrol caught contentmatch.net or koolynoody.net, which are Trojan Spyware and/or BHO's, it would delete one Koolynoody.net or Contentmatch.net, and that was it. One day, for reasons I can't remember, I decided to do a search myself on Windows XP registry. I found several installations of Koolynoody.net, when PestPatrol caught it, and, when PestPatrol caught Content.match, same-same.

Point, either myl anti-virus application and Spy-Adware-virus applications missed these malicious virus, or only one installation was deleted. Can anyone explain that? It seems to me that PestPatrol, being the only one to notice these virus, and the other anti-virus application should be able to detect all the installations of a Trojan (and many times a Trojans acts like a BHO, as I understand it) or what's the sense. Delete only one installation, and if there's several more, what do you thing the other installations will do? PestPatrol, Spybot, McAfee, even Windows Live OneCare, are all missing these malicious virus, even if they detect it, they usually delete only one.

Mordido:

I'm sorry but I fail to understand the relationship between the problem you posted and the eleven month old "Fixed" InControl (http://forums.spybot.info/showthread.php?t=24573) false positive thread that Dik Heikoop (http://forums.spybot.info/member.php?u=16164) originally posted in the False Positives (http://forums.spybot.info/forumdisplay.php?f=16) forum.

If I understand the problem that you have encountered, I believe that you may be better served by posting the Requests for additions to Spybot's detections (http://forums.spybot.info/forumdisplay.php?f=17) forum following these instructions:
Infected Files. How To Submit. Please do not attach or link them here.
http://forums.spybot.info/showthread.php?t=1699

Mordido,

Looks like it's another false detection by PestPatrol, assuming you're also receiving the detection of a Restricted Sites entry added by Spybot S&D's Immunization.

KoolyNoody - false positive?
http://www.wilderssecurity.com/showthread.php?t=214536

Normally I'd give most anti-spyware the benefit of a doubt, but I've seen so many false positives and bad detections come out of this piece of junk that I've got no qualms about calling it what it is. Please understand this is purely my own opinion and is by no stretch of the imagination the position of either these forums or the developers of Spybot Search and Destroy, neither of which were consulted relating to this post.

My point is, you are comparing the results of several different programs of varying effectiveness and thus rather than improving your chances of successful detection, are simply adding to your own confusion. You need to pick a small set of specific tools you can actually trust and keep those current (upgraded), along with learning their own idiosyncracies. This is a difficult enough task for technically skilled individuals and simply inundating for anyone else.

In other words, the commonly accepted idea that multiple security applications increases true security is patently false, as is much of the other mythology that exists around the technology of computers today. Picking one good tool to cover each type of malware (or several types), preferably with as little overlap and thus potential conflict as possible, is a much more proven technique.

Moral of the story, use the KISS principal (Keep It Simple Stupid), as I've done myself on my own PCs as well as those of both relatives and the various organizations I've supported over the years. In general, if you're confused by your security software, then it's ineffective at protecting you no matter how good or bad it might actually be.

Bitman

Mordido's new topic.
http://forums.spybot.info/showthread.php?t=45073