When starting up my computer, my start up task bar, icons and anything else related to the desktop do not show up... The only way I can open things is through control alt delete. I downloaded virusterminator and it detected something in my startup labeled hmk.. I removed it and my stuff came back for 5 seconds and disappeared again... what could this be and what do i need to do to get rid of it? also just a another note i started it up in safe mode and the same thing happens just a blank screen...

10 Years
Discussion Span
Last Post by TechTJ

i cant find it on this site, but why would it do the same thing on safe mode? and what can i download to get rid of this virus? I cant do much on this computer anymore without access to my taskbar and icons lol


few questions..
what did you do right before this started happening? download something..delete something... drop the machine....
Do you know what exactly you deleted.. you said "hmk" but different viruses that get in your registry and startup usually use names that are similar to something that already exists.. just off by a digit or uppercase letter.
Can you get to your harddrive files?

if you have no AV software and you can get online, try housecall by trendmicro (online free scan) if that turns up nothing that will help, start backing up and formatting.. (unless anyone has any other ideas.) sorry.....


i did the housecall scan it got rid of all but these three; troj_zlob.evz Troj_zlob.ewz and troj_vundo.aab how do i get rid of these?


File isfmntr.exe received on 12.06.2007

Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - TR/Dldr.Zlob.ejs.4
Authentium - - -
Avast - - -
AVG - - Downloader.Zlob
BitDefender - - -
CAT-QuickHeal - - TrojanDownloader.Zlob.ejs
ClamAV - - -
DrWeb - - Trojan.Popuper.origin
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - W32/Zlobmi.EJS!tr.dldr
F-Prot - - -
F-Secure - - Trojan-Downloader.Win32.Zlob.ejs
Ikarus - - Trojan.Zlob.2
Kaspersky - - Trojan-Downloader.Win32.Zlob.ejs
McAfee - - Puper
Microsoft - - TrojanDownloader:Win32/Zlob.gen!OD
NOD32v2 - - -
Norman - - W32/Malware.BGJH
Panda - - Adware/OnlineAddon
Prevx1 - - Generic.Dropper.xCodec
Rising - - Trojan.DL.Win32.Zlob.ejs
Sophos - - Troj/Delf-EUW
Sunbelt - - Trojan-Downloader.Zlob.Media-Codec
Symantec - - VirusProtectPro
TheHacker - - -
VBA32 - - Trojan-Downloader.Win32.Zlob.ejs
VirusBuster - - Trojan.DL.Zlob.Gen.34
Webwasher-Gateway - - Trojan.Dldr.Zlob.ejs.4
this is one of the three 2 are in video add ons under program files the other the trojan vundo is in system forlder system thirty two file jkkkklk they wond let me delete them and housecall cannot get rid of them, if i scan them with another program they will come out negative... what do i do next?


Download and extract the Autoruns program by Sysinternals to C:\Autoruns


Reboot into Safe Mode so that the malware is not started when you are doing these steps. Many malware monitor the keys that allow them to start and if they notice they have been removed, will automatically replace that startup key. For this reason booting into safe mode allows us to get past that defense in most cases.

Navigate to the C:\Autoruns folder you created in Step 1 and double-click on autoruns.exe.

When the program starts, click on the Options menu and enable the following options by clicking on them. This will place a checkmark next to each of these options.

Include empty locations

Verify Code Signatures

Hide Signed Microsoft Entries

Then press the F5 key on your keyboard to refresh the startups list using these new settings.

The program shows information about your startup entries in 8 different tabs. For the most part, the filename you are looking for will be found under the Logon or the Services tabs, but you should check all the other tabs to make sure they are not loading elsewhere as well. Click on each tab and look through the list for the filename that you want to remove. The filename will be found under the Image Path column. There may be more than one entry associated with the same file as it is common for malware to create multiple startup entries. It is important to note that many malware programs disguise themselves by using the same filenames as valid Microsoft files. it is therefore important to know exactly which file, and the folder they are in, that you want to remove. You can check our Startup Database for that information or ask for help in our computer help forums.

Once you find the entry that is associated with the malware, you want to delete that entry so it will not start again on the next reboot. To do that right click on the entry and select delete. This startup entry will now be removed from the Registry.

Now that we made it so it will not start on boot up, you should delete the file using My Computer or Windows Explorer. If you can not see the file, it may be hidden. To allow you to see hidden files you can follow the steps for your operating system found in this tutorial:

How to see hidden files in Windows

When you are finished removing the malware entries from the Registry and deleting the files, reboot into normal mode as you will now be clean from the infection.

Try that. let me know it goes.


Also you may want to try the Recovery Consol that microsoft includes with the operating system disk. You could have deleted a registry or something could have gotton moved. This will replaced whats nessary.

Best regards

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.