What is it?

nvctrl.exe is associated with several variants of the Trojan.zlob browser hijacker.

What does it do?

From Symantec:

"When Trojan.Zlob.E is executed, it perfroms the following actions:

Drops the following files:

%System% compat.tlb
%System%msvol.tlb
%System%hp[RANDOM].tmp

Notes:
%System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
The variable [RANDOM] refers to a sequence of 4 randomly generated numbers or letters.

Adds the value:

"nvctrl.exe" = "nvctrl.exe"

to the registry subkey:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerRun

in an attempt to ensure that it runs every time Windows starts... ..."

More info and removal:

Read more about trojan.zlob's hijacker variants and how to remove them [url=http://securityresponse.symantec.com/avcenter/venc/data/trojan.zlob.e.html]@ Symantec[/url]