home

nWiz.exe

NVIDIA nView Wizard, Version 136.53

NVIDIA Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘nwiz’.
Publisher:
NVIDIA Corporation  (signed and verified)

Product:
NVIDIA nView Wizard, Version 136.53

Version:
6.14.10.13653

MD5:
6c142fbdd42d82151ed683a3f49c8523

SHA-1:
7a6b2a51b8d378e7ac7b204cc5ea9d71800b06cb

SHA-256:
26a104ed891f3b3c63eb4b626ba573f061b5508f9a12e3d699abaa0e5c24a22d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 4:39:02 PM UTC  (today)

File size:
3 MB (3,100,520 bytes)

Product version:
6.14.10.13653

Copyright:
(C) NVIDIA Corporation. All rights reserved.

Original file name:
nWiz.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\nvidia corporation\nview\nwiz.exe

Digital Signature
Signed by:
NVIDIA Corporation

Authority:
VeriSign, Inc.

Valid from:
9/2/2011 12:00:00 AM

Valid to:
9/1/2014 11:59:59 PM

Subject:
CN=NVIDIA Corporation, OU=Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NVIDIA Corporation, L=Santa Clara, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
43BB437D609866286DD839E1D00309F5

File PE Metadata
Compilation timestamp:
8/30/2012 10:41:48 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:0Eyb5swbu+HzoU/ZU99f7YGeqYXNKJoqS3wATH4AIWQ/BHq34NvMk17hBeBC:0Eyb5nuvSZUwwYDkYWhBe

Entry address:
0x2404C

Entry point:
E8, 90, 82, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, A8, 68, 44, 00, 89, 0D, A4, 68, 44, 00, 89, 15, A0, 68, 44, 00, 89, 1D, 9C, 68, 44, 00, 89, 35, 98, 68, 44, 00, 89, 3D, 94, 68, 44, 00, 66, 8C, 15, C0, 68, 44, 00, 66, 8C, 0D, B4, 68, 44, 00, 66, 8C, 1D, 90, 68, 44, 00, 66, 8C, 05, 8C, 68, 44, 00, 66, 8C, 25, 88, 68, 44, 00, 66, 8C, 2D, 84, 68, 44, 00, 9C, 8F, 05, B8, 68, 44, 00, 8B, 45, 00, A3, AC, 68, 44, 00, 8B, 45, 04, A3, B0, 68, 44, 00, 8D, 45, 08, A3, BC, 68, 44...
 
[+]

Code size:
204 KB (208,896 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
nwiz

Command:
C:\Program Files\nvidia corporation\nview\nwiz.exe \installquiet


Scan nWiz.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.