Jump to content

False Positive: Remote Utilities (host module exe's)

Recommended Posts


This detection has a long history and for all these years we weren't able to get a single reply from Eset regarding this matter.

Remote Utilities is legitimate software produced by Remote Utilities LLC. Currently, the executable files (rutserv.exe and rfusclient.exe) of our Host module - the one that is installed on remote computers - are being detected as "a variant of Win32/RemoteAdmin.RemoteUtilities.D potentially unsafe" . This is despite the following: 

- Both files are signed with a valid EV (Extended Validation) Code Signing certificate issued by DigiCert to Remote Utilities LLC.

- Our company identity and legal registration can be easily verified.

- The product has been on the market for 8 years already, constantly improving and updating. You perfectly know that this is legitimate software and a company.

- Now the most interesting part - neither of our direct competitors are classified as potentially unsafe. You will NOT find detections such as "a variant of Win32/RemoteAdmin.TeamViewer.D potentially unsafe" or "a variant of Win32/RemoteAdmin.RealVNC.D potentially unsafe" or "a variant of Win32/RemoteAdmin.LogMeIn.D potentially unsafe". Of almost all remote access software it's only Remote Utilities that Eset thinks is unsafe. 

This is what we have tried: 

- Sending emails to samples@eset.com and vendorcomplaints@eset.com . Not a single reply.  

- Publicly discussing the matter with Eset representative on Spiceworks community. No avail. 

- Sending whitelisting requests using instructions on this page https://support.eset.com/kb3345/?locale=en_US&viewlocale=en_US

- Calling Eset's regional offices asking them to contact the headquarters with this problem. They did their best but yet again there was silence.   

We still hope that this issue can be resolved by Eset. The biggest question is why this "unsafe" classification is being applied to Remote Utilities and not to all similar software. Isn't it unfair competition and misleading our (and your) American, German etc. customers? 

P.S. There is a good chance that this message won't be allowed by forum moderators. So we'll take a screenshot and publish it on Twitter in case we are not allowed to voice our opinion on Eset's own forum. 

Link to comment
Share on other sites

  • Administrators

This forum is by no means a channel for disputing detections. We were informed that you had received an official response from samples[at]eset.com.

For instructions for reporting false positives, please read https://support.eset.com/kb141/.

Having said that, we'll draw this topic to a close.

Link to comment
Share on other sites

  • Marcos locked this topic
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...