home

rutserv.exe

Remote Manipulator System

Usoris Systems

The application rutserv.exe by Usoris Systems has been detected as a potentially unwanted program by 21 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “TektonIT - RMS Host”.
Publisher:
TektonIT  (signed by Usoris Systems)

Product:
Remote Manipulator System

Description:
RMS

Version:
6.3.0.2

MD5:
123809145089775be00fc392376be38f

SHA-1:
c7ee04814d50df2f010a3cb3b74528cdff15e9a8

SHA-256:
8186f539d911e7f8841633c6f277a4a414a23fb2f989155792fb0f004c74faa9

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
7/13/2025 2:32:17 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.RemoteAdmin.TektonIT.A
45

AegisLab AV Signature
RemoteAdmin.W32.RMS.nb!c
2.1.4+

AhnLab V3 Security
Unwanted/Win32.RemoteAdmin.R163478
3.8.1.15

Avira AntiVirus
BDS/Backdoor.Gen2
8.3.3.4

Arcabit
Application.RemoteAdmin.TektonIT.A
1.0.0.779

AVG
RemoteAdmin
2017.0.2523

Bitdefender
Application.RemoteAdmin.TektonIT.A
1.0.20.1780

Bkav FE
W32.HfsAdware
1.3.0.8455

Dr.Web
Program.RemoteAdmin.776
9.0.1.0356

ESET NOD32
Win32/RemoteAdmin.RemoteUtilities.D potentially unsafe (variant)
10.14312

Fortinet FortiGate
Riskware/RemoteAdmin_RemoteUtilities
12/21/2016

F-Secure
Application.RemoteAdmin.TektonIT
11.2016-21-12_4

G Data
Application.RemoteAdmin.TektonIT
16.12.25

K7 AntiVirus
Unwanted-Program
13.243.21253

Kaspersky
not-a-virus:RemoteAdmin.Win32.RMS
14.0.0.-891

Malwarebytes
RiskWare.RemoteAdmin
v2016.12.21.06

McAfee
Artemis!123809145089
5600.6179

NANO AntiVirus
Riskware.Win32.RemoteAdmin.dtlqta
1.0.44.12357

Rising Antivirus
Malware.Undefined!8.C-406fZv2wldC (cloud)
23.00.65.161219

VIPRE Antivirus
Trojan.Win32.Generic
53174

Zillya! Antivirus
Trojan.Virlock.Win32.41827
2.0.0.3088

File size:
6.2 MB (6,506,936 bytes)

Product version:
6.3.0.2

Copyright:
Copyright © 2015 TektonIT. All rights reserved.

Trademarks:
Remote Manipulator System, TektonIT

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\spom\rutserv.exe

Digital Signature
Signed by:
Usoris Systems

Authority:
Symantec Corporation

Valid from:
2/2/2015 7:00:00 AM

Valid to:
5/4/2017 6:59:59 AM

Subject:
CN=Usoris Systems, O=Usoris Systems, L=Victoria, S=Mahe, C=SC

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2810859351B08906D00293C09A255A

File PE Metadata
Compilation timestamp:
5/13/2015 12:45:47 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x5336F8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 88, A3, 91, 00, E8, 14, C3, AD, FF, E8, BB, 50, FE, FF, E8, CA, 67, AD, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
5.2 MB (5,449,216 bytes)

Service
Display name:
TektonIT - RMS Host

Service name:
RManService

Description:
Allows Remote Manipulator System users to connect to this machine.

Type:
Win32OwnProcess


Remove rutserv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.