» BatteryOptimizerService.exe
Overview
Analysis
File Details
Behaviors (1)

BatteryOptimizerService.exe

Battery Optimizer

ReviverSoft LLC

The application BatteryOptimizerService.exe, “Battery Optimizer is an advanced laptop battery diagnostic tool that can help you get extra life out of your battery.” by ReviverSoft has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “Battery Optimizer”.

File name:

Publisher:

ReviverSoft LLC (signed and verified)

Product:

Battery Optimizer

Description:

Battery Optimizer is an advanced laptop battery diagnostic tool that can help you get extra life out of your battery.

Version:

3, 0, 3, 5

MD5:

e9eaad20527f98b3b32bafb4b2583551

SHA-1:

52d451e7a15995823d18db24a1cc51712551d017

SHA-256:

c8847e5cf42faf8397000cef2c42a1778167abb58f6599a57ede580c97cc74bb

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 5:03:21 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Optional.Service

15.2.13.15

File size:

110.4 KB (113,024 bytes)

Product version:

3, 0, 3, 5

ReviverSoft 2009

Original file name:

BatteryOptimizerService.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\reviversoft\battery optimizer\batteryoptimizerservice.exe

Digital Signature

Signed by:

ReviverSoft LLC

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

10/29/2009 1:00:00 AM

Valid to:

10/27/2010 1:59:59 AM

Subject:

CN=ReviverSoft LLC, OU=Secure Application Development, O=ReviverSoft LLC, L=Walnut Creek, S=California, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

63EB81EA551540406D7B7123BD90D4C3

File PE Metadata

Compilation timestamp:

5/14/2010 6:37:08 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:LTjsK/+EKs3OQe6XVpQTNtYnoPXX5WLbR:LTjpLKaOQe6j6Hx/c5

Entry address:

0x787C

Entry point:

48, 83, EC, 28, E8, CF, 53, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 58, 10, 48, 89, 68, 18, 48, 89, 70, 20, 89, 48, 08, 57, 48, 83, EC, 20, 48, 8B, CA, 48, 8B, DA, E8, 7E, 5F, 00, 00, 8B, 4B, 18, 48, 63, F0, F6, C1, 82, 75, 17, E8, D6, 0F, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4B, 18, 20, 83, C8, FF, E9, 34, 01, 00, 00, F6, C1, 40, 74, 0D, E8, BA, 0F, 00, 00, C7, 00, 22, 00, 00, 00, EB, E2, 33, FF, F6, C1, 01, 74, 19, 89, 7B, 08, F6, C1, 10, 0F, 84, 89, 00, 00, 00, 48, 8B, 43... 
[+]

Code size:

68 KB (69,632 bytes)

Service

Display name:

Battery Optimizer

Description:

Battery optimizer service.

Type:

Win32OwnProcess

Depends on:

RPCSS

Remove BatteryOptimizerService.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.