Jump to content

Remote Utilities rutserv.exe flagged as malware


Recommended Posts

Hello Malwarebytes,

Our customer reports here that Remote Utilities Host main executable file rutserv.exe is being flagged as malicious by MalwareBytes. Could you please check this?

File details

Name: rutserv.exe

Hash: ce5ba1e5d70d95d52b89a1b8278ff8dd4d1e25c38c90ca202b43bdc014795d78

Signature: yes, EV Code Signing issued to Remote Utilities LLC by Digicert Inc.

 

P.S. VirusTotal reports doesn't show anything but we are reporting this anyway. Perhaps, the VT Malwarebytes engine shows different results than the one in the software.

Thanks.

Link to post
Share on other sites

Forgot to share a link with the customer request. Here it is.

For your convenience I've also attached a zipped file in question. The archive password is 'infected'. Well, the file is not infected, of course. It's just a stupid tradition among antivirus software vendors to demand "zip file with the password 'infected'" :)

rutserv.zip

Link to post
Share on other sites

Log for staff.

https://www.virustotal.com/gui/file/ce5ba1e5d70d95d52b89a1b8278ff8dd4d1e25c38c90ca202b43bdc014795d78/detection

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/9/21
Scan Time: 2:06 PM
Log File: ccf1266e-c955-11eb-abcb-001a7dda7102.json

-Software Information-
Version: 4.4.0.117
Components Version: 1.0.1318
Update Package Version: 1.0.41517
License: Premium

-System Information-
OS: Windows 10 (Build 19043.1052)
CPU: x64
File System: NTFS
User: I7-PC\SAPC

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 0 min, 9 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
RiskWare.RemoteUtilities, C:\MALWARE TEST\RUTSERV\RUTSERV.EXE, No Action By User, 9433, 947675, 1.0.41517, , ame, , 6C6BA57BE4B7B2FB661A99FEA872F6B8, CE5BA1E5D70D95D52B89A1B8278FF8DD4D1E25C38C90CA202B43BDC014795D78

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Quote

File: 1
RiskWare.RemoteUtilities, C:\MALWARE TEST\RUTSERV\RUTSERV.EXE, No Action By User, 9433, 947675, 1.0.41517, , ame, , 6C6BA57BE4B7B2FB661A99FEA872F6B8, CE5BA1E5D70D95D52B89A1B8278FF8DD4D1E25C38C90CA202B43BDC014795D78

This.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.