NetSlayer RAT (flshtray.ocx)

Discussion in 'Security Signatures' started by Chris R. Speaker, Jan 25, 2005.

  1. Hello everyone,

    I have a question about a possible false positive. A while ago I
    downloaded and used a freeware ActiveX control call TrayIcon V1.00
    (flshtray.ocx). MS antispyware is detecting this as the Netslayer RAT. Does
    anyone have any information about this activeX control as regards to it
    being a Trojan/spyware file? It seems to be a pretty widely used control so
    I assumed it was safe (thankfully I'm no longer using it anyway it but I'd
    still like to know). Thanks for any information.
     
    Chris R. Speaker, Jan 25, 2005
    #1
    1. Advertisements

  2. Chris,

    I would work with that vendor to make sure. If they do not believe they are
    installing spyware, then they need to fill out a dispute form located at
    http://www.spynet.com/vendors.aspx

    -steve

    Steve Dodson [MSFT]
    MCSE, CISSP
    PSS Security

    --

    This posting is provided "AS IS" with no warranties, and confers no rights.
    Use of included script samples are subject to the terms specified at
    http://www.microsoft.com/info/cpyright.htm

    Note: For the benefit of the community-at-large, all responses to this
    message are best directed to the newsgroup/thread from which they
    originated.
    --------------------
    >From: "Chris R. Speaker" <>
    >Subject: NetSlayer RAT (flshtray.ocx)
    >Date: Mon, 24 Jan 2005 19:21:12 -0500
    >Lines: 11
    >X-Priority: 3
    >X-MSMail-Priority: Normal
    >X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
    >X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
    >X-RFC2646: Format=Flowed; Original
    >Message-ID: <>
    >Newsgroups: microsoft.private.security.spyware.signatures
    >NNTP-Posting-Host: ACC83907.ipt.aol.com 172.200.57.7
    >Path:

    cpmsftngxa10.phx.gbl!cpmsftngsa06.privatenews.microsoft.com!CPMSFTNGSA04.pri
    vatenews.microsoft.com
    >Xref: cpmsftngxa10.phx.gbl

    microsoft.private.security.spyware.signatures:627
    >X-Tomcat-NG: microsoft.private.security.spyware.signatures
    >
    >Hello everyone,
    >
    > I have a question about a possible false positive. A while ago I
    >downloaded and used a freeware ActiveX control call TrayIcon V1.00
    >(flshtray.ocx). MS antispyware is detecting this as the Netslayer RAT.

    Does
    >anyone have any information about this activeX control as regards to it
    >being a Trojan/spyware file? It seems to be a pretty widely used control

    so
    >I assumed it was safe (thankfully I'm no longer using it anyway it but I'd
    >still like to know). Thanks for any information.
    >
    >
    >
     
    Steve Dodson [MSFT], Jan 27, 2005
    #2
    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. JJ

    Possible false positive on smtp.ocx

    JJ, Jan 6, 2005, in forum: Security Signatures
    Replies:
    4
    Views:
    1,126
    Bill Sanderson
    Jan 7, 2005
  2. Aseem

    SCRRUN.DLL RAT or False Positive

    Aseem, Jan 12, 2005, in forum: Security Signatures
    Replies:
    4
    Views:
    868
    Bill Sanderson
    Jan 13, 2005
  3. Savvas Radevic

    bug on MSI D.O.T. and kcgame RAT (winsys.exe)

    Savvas Radevic, Jan 24, 2005, in forum: Security Signatures
    Replies:
    1
    Views:
    1,565
    Steve Dodson [MSFT]
    Jan 24, 2005
  4. Terry Rasmussen

    False Positive with Beast (RAT)/ImagePak

    Terry Rasmussen, Feb 2, 2005, in forum: Security Signatures
    Replies:
    3
    Views:
    1,173
    Bill Sanderson
    Feb 3, 2005
Loading...