msconfig

I have an entry in msconfig/Startup with a check in a box but blank space under Item and Location. Has anyone seen this sort of thing before? I'm wondering if it might be related to my win32/trojandownloader.zlob.bfl infestation. SC_Keylog has been detected by both Counterspy and Spyware Doctor (not Spysweeper or NOD32) and each time it is removed, it reappears within a day. I'm wondering if it's reinstalled at startup. Interesting to me is the detected location of SC_Keylog, a desktop shortcut to an Excel spreadsheet. Each time it reappears, the location is the same shortcut.

 

I have seen this situation before and don't believe it's related to malware.
First, I would run SuperAntispyware (Free edition) to remove any infestation.
Then, you could try MSConfig Cleanup:
http://www.majorgeeks.com/MSConfig_Cleanup_d4642.html

 

I have seen blank entries in msconfig before also, and they're not necessarily related to anything bad. If you scan completely with a few programs and you're clean, I wouldn't worry much about it...

 

I'm going to uncheck it and see what happens.

 

Best bet imho, after scanning as suggested, if that doesn't solve the problem, is to upload a HJT log to one of the sites that analyses and helps with malware removal, they will tell you if anything untoward is lurking.

 

Hi max.

I have Adobe Acrobat (not Reader) installed. It creates a blank entry in HKLM\Run (msconfig startup) for [SIZE=-1]Adobe Speed Launch. I have disabled the entry, and Adobe launcher doesn't start when I boot my rig anymore. Now, why exactly is it showing as a blank entry, I have no idea

This is just an example, as your blank entry may not have anything to do with Acrobat. Anyway, I also don't feel it's anything malicious, it could very well be a remnant of an unproper uninstallation where registry 'run' keys were improperly updated/deleted.
[/SIZE]

 

From time to time, I've had some blank entries too. In my case, I have always gone to the registry where the blank is located and if the entry is truly of no use (which to date, they have all been), I have deleted it. IMO, these entries crop up from software installations or removals.

I'm about as sure as I can ever be that mine were never malware related. But YMMV, so my method may not work for you...

 

Hello,

I have seen this entry the first time after I installed WGA Notification on one of the machines. As a side note, it's worth noting that WGA Notification is since long gone, but it was a lesson in legit spyware.

I'm not sure if the two are related, but the blank entry coincided with the WU.

Mrk

 

I have had them myself. In my case they were related to my HP printer.