How to remove nvhwnd.exe

» File
File Details
Overview
Analysis

nvhwnd.exe

The module nvhwnd.exe has been detected as Trojan.CoinMiner

nvhwnd.exe

Remove nvhwnd.exe

File Details

Main Info:

Product Name:	NVIDIA Cure
Company Name:	www.nvidia.com
MD5:	b8ff2e333fe31fcfb6c19c8753ca93fc
Size:	7 MB
First Published:	2018-08-21 17:07:44 (5 years ago)
Latest Published:	2018-08-24 11:09:33 (5 years ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2018-08-24 11:09:33 (5 years ago)

Common Places:

%commonappdata%

%temp%\{b0a6e5b8-0d90-11e8-a38b-806e6f6e6963}

%localappdata%\microsoft\windows\inetcache\ie

%temp%\{bbed3e02-0b41-11e3-8249-806e6f6e6963}

%temp%\{846ee340-7039-11de-9d20-806e6f6e6963}

%localappdata%\microsoft\windows\temporary internet files\content.ie5

File Names:

NVIDIA_Cure.exe

nvhwnd.exe

nvidia.vmp[1].exe

Geography:

	57.1%
	42.9%

OS Version:

Windows 10	50.0%
Windows 7	28.6%
Windows 8.1	21.4%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00c496a8

PE Sections:

Name	Size of data	MD5
.text	0	00000000000000000000000000000000
.rdata	0	00000000000000000000000000000000
.data	0	00000000000000000000000000000000
.pdata	0	00000000000000000000000000000000
.nv_fatb	0	00000000000000000000000000000000
.nvFatBi	0	00000000000000000000000000000000
.gfids	0	00000000000000000000000000000000
.tls	512	1f354d76203061bfdd5a53dae48d5435
.vmp0	0	00000000000000000000000000000000
.vmp1	7408640	b95b601c798bca84f0bb2000ff7ccd5c
.reloc	512	6dc8ba0b2ea071770265fc4989c3e179
.rsrc	543744	cb6f97dbc1328b795bb309117bd4b38c

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for nvhwnd.exe

copyright for information about nvhwnd.exe