How to remove nvhwnd.exe
nvhwnd.exe
The module nvhwnd.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | NVIDIA Cure |
| Company Name: | www.nvidia.com |
| MD5: | 63c886491776e6691a47e59b341ea394 |
| Size: | 6 MB |
| First Published: | 2018-07-16 13:14:24 (6 years ago) |
| Latest Published: | 2018-07-16 13:14:25 (6 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-07-16 13:14:25 (6 years ago) |
Common Places:
| %localappdata%\microsoft\windows\temporary internet files\content.ie5 |
| %temp%\{846ee340-7039-11de-9d20-806e6f6e6963} |
File Names:
| nvidia.vmp[1].exe |
| nvhwnd.exe |
Geography:
| 100.0% |
OS Version:
| Windows 7 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x0005c478 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 667648 | d7c59b676467f43923ef8a62a021bd53 |
| .rdata | 226304 | 141cc6ae78004c917d17d5417bdf5b0a |
| .data | 11776 | ec84924429ecdad5984e63c6b1080b58 |
| .pdata | 35840 | e7a4f5006ec0280d8e44688cac0a774b |
| .nv_fatb | 5476352 | 29f12c8c99803c8e758d669a9266d31d |
| .nvFatBi | 512 | 9863994998bcab3f3d0d2d1892bdd9da |
| .gfids | 3072 | 6e5f34df973ddaee70814d9450547045 |
| .tls | 512 | 1f354d76203061bfdd5a53dae48d5435 |
| .rsrc | 373760 | 39508242659e57f6e442200f80f40049 |
| .reloc | 6656 | f4519d674439ecc844bb1c67f06e72a6 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nvhwnd.exe
