Overview
Lansweeper’s deployment functionality relies on dedicated executables that are copied to target assets when software packages are installed or updated. Occasionally, these deployment executables may be flagged by antivirus or vulnerability-scanning tools. This article explains why this occurs, what to expect, and how to prevent disruptions.
Deployment Executables
By default, each Lansweeper installation includes two versions of the deployment engine:
- RemoteDeployment_x86.exe
- RemoteDeployment_x64.exe
These files are located in:
Program Files (x86)\Lansweeper\Service\Deployers\They are used by the Deployment module to execute installation or update actions on remote assets. Additional information about deployments is available here:
https://community.lansweeper.com/t5/deploying-software-other-changes/tkb-p/kb_deploying-software-and...
Why These Files May Be Flagged
The deployment executables contain several capabilities required to perform legitimate administrative tasks on remote machines, such as:
- Accessing the Windows registry
- Interacting with the Task Scheduler
Because these behaviors are also commonly found in malicious executables, some antivirus or heuristic-based scanning engines may temporarily classify the deployment files as suspicious—especially when a new version is released and has not yet established reputation or trust.These detections are generally false positives and tend to resolve automatically over time. Lansweeper also proactively contacts antivirus vendors to help expedite reclassification.
Recommendation: Whitelist the Deployment Executables
To prevent deployments from being interrupted or blocked, we recommend adding the following executables to your antivirus or endpoint protection allowlist:
RemoteDeployment_x86.exeRemoteDeployment_x64.exe
Location: Program Files (x86)\Lansweeper\Service\Deployers\
Whitelisting these files ensures that legitimate deployment operations are not delayed, quarantined, or prevented by false detections.
