NvCplDaemon, NvCpl and IDTSysTrayApp

Hello, Chairman Wood

Although you posted a follow-up of reply of "Please ignore.."

Please review this guide for dealing with startups: Dealing with Startup Processes

* Let us know if you suspect malware on your machine by posting the requested logs from our

READ & RUN ME FIRST. Malware Removal Guide

dr.m

 

You're very welcome!

Let me review your logs before you make any changes - that will make things alot easier for me.

dr.m

 

Hello, Chairman Wood

Comment: Please be careful with online gambling sites and software - we deal with lots of infected machines from their use.

Try doing this: Download either AntiVir Personal Edition or Avast from this link, BUT do not install either yet -- just have it available.

How to Protect yourself from malware!

Now, physically dis-connect your machine from the internet and uninstall AVG9 using the 32bit version in this link.

AVG Remover

NOTE: Run the remover, re-boot, then run it again.

* If you notice significant improvement, then don't re-install AVG - instead, install one of my suggested anti-virus programs instead.

Next - there is a new updated SUPERAntiSpyware version available..

• Please uninstall your current version (this is necessary).
• Then download this SUPERAntiSpyware
• Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.
• After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.
• Now run a new "Quick scan" of your system. And attach this new log.

Then - run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, use right click and select Run As Administrator).

Please attach the below logs to your next reply:

• C:\MGlogs.zip
• updated SASlog.txt log from SuperAntiSpyware

* Make sure you tell me if you had any problems running this procedure and give a description of how things are working now!

dr.m

 

Chairman Wood

You're welcome!

Answering your questions in the order asked:

1. Ad Aware is not as effective (to say the least) as SUPERAntiSpyware and Malwarebytes that we had you install. So we suggest that you uninstall Ad-Aware (unless you purchased it) to avoid wasting any system resources on it.

2a. Both SUPERAntiSpyware and Malwarebytes are "On demand scanners only", and unless upgraded to the "Pro" version offer no "real-time protection".

2b. You can prevent SUPERAntiSpyware from loading @ startup by:

• Open/start SUPERAntiSpyware
• Click the Preferences button
• Under Startup Options
  • Un-tick "Show SUPERAntiSpyware when Windows starts"
  • Un-tick "Show SUPERAntiSpyware icon in system tray"
• Under Startup Scanning
  • Tick "Do not scan when SUPERAntiSpyware starts"

3. AFTER you clear the entries that show you have some startups being controlled by MSConfig --- re-set your system to "Normal Startup Mode"...yes - you can then start using HJT, per Dealing with Startup Processes

4. It would require a vast amount of time and constant updating, to even begin to list known gaming sites that might infect you. *Since you have Mozilla FireFox installed - I suggest that you add these: WOT / Adblock Plus / NoScript *Other suggestions may be given in our Software Forum


Your logs look good! If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Go to add/remove programs and uninstall HijackThis.
7. Goto the C:\MGtools folder and find the MGclean.bat file. Double-click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
8. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work through the below link:
   • How to Protect yourself from malware!

Safe surfing! http://i268.photobucket.com/albums/jj5/drmoriarty/Emoticons/char145.gif