» rutserv.exe
Overview
Analysis
File Details
Behaviors (1)

rutserv.exe

Windows Protection System

Usoris Systems

The application rutserv.exe by Usoris Systems has been detected as a potentially unwanted program by 4 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “TektonIT - RMS Host”.

File name:

rutserv.exe

Publisher:

SystemMS (signed by Usoris Systems)

Product:

Windows Protection System

Description:

OEM

Version:

6.3.0.4

MD5:

e7af3cecfdb5db3a1dc08ea134017a01

SHA-1:

391f84aeda753fddf6abeace728885eb4b0ff4a8

SHA-256:

7698b94b926963c29416f46c371d31f7cd5cee1ec29f380c0e125653c87307fc

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

7/13/2025 7:41:09 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Potentially harmful program RemoteAdmin.DFW

2013.0.4477

ESET NOD32

Win32/RemoteAdmin.RemoteUtilities.D potentially unsafe application

6.3.12010.0

F-Secure

Trojan.Generic.15963902

5.15.154

Kaspersky

not-a-virus:RemoteAdmin.Win32.RMS

15.0.2.529

File size:

6 MB (6,300,600 bytes)

Product version:

6.3.0.4

Trademarks:

Windows Protection System, SystemMS

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\system\rutserv.exe

Digital Signature

Signed by:

Usoris Systems

Authority:

Symantec Corporation

Valid from:

2/2/2015 3:00:00 AM

Valid to:

5/4/2017 2:59:59 AM

Subject:

CN=Usoris Systems, O=Usoris Systems, L=Victoria, S=Mahe, C=SC

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

2810859351B08906D00293C09A255A

File PE Metadata

Compilation timestamp:

6/24/2015 5:35:40 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x5027BC

Entry point:

55, 8B, EC, 83, C4, F0, B8, DC, 93, 8E, 00, E8, E0, D6, B0, FF, E8, BB, 51, FE, FF, E8, 2A, 7A, B0, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 00, 00, 00, 19, 00, 00, 02, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

5 MB (5,249,024 bytes)

Service

Display name:

TektonIT - RMS Host

Service name:

RManService

Description:

Allows Remote Manipulator System users to connect to this machine.

Type:

Win32OwnProcess

Remove rutserv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.