Possible Virus? Browser automatically populates with "67yujhnm"

Posted on 2004-04-17
Last Modified: 2010-07-27
For the past 2 weeks I've experienced my computer automatically executing commands, e.g. pop-screens, open / close applications and most often when I am working with Internet Explorer the command bar is populated with the string "67yujhnm".

I am using a Toshiba Satellite Pro 4600 and I am on Windowns 2000. A question on this has been asked before, but I've been unsuccessful downloading the tool mentioned (Hijack this).

I am always running Norton Anti-Virus which is also auto-enabled, but this does not seem to catch the problem.

Is this a virus, and how could I get rid of this?

Thanks in advance for the help, Johan.
Question by:johanyssel
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Accepted Solution

tituba2 earned 500 total points
ID: 10854779
It is spyware.  Your virus software doesn't catch spyware.

Download, install and update the following spyware software.

Click - start - run msconfig
clear all startup items

Boot in safe mode.

Run all these spyware products.  Delete whatever it finds.



CW Shredder
LVL 49

Expert Comment

ID: 10855547
Try downloading here

HijackThis : 

Alternatively , first take a backup of your registry
go inside registry and search for that term "67******" and remove all instances of it ,

Press CTRL + F to get search box. Type in that text there. Once it finds one , press F3 to find next and so on
LVL 17

Expert Comment

ID: 10856602
I'm intrigued by this one. There's no reference to it anywhere else. McAfee doesn't know anything about it, nor does Symantec or any of the spyware removers.

Please see:

The same problem was reported. Also, a similar problem was reported at back in December:

I don't have any advice except to contact Symantec and check on how to send them an image of your hard drive. It could be a new virus/hijacker that has passed unnoticed so far.

Good Vibes!

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today -


Author Comment

ID: 10866197
Hi Tituba2

Thanks for your help. I have all 3 the spyware programs (latest versions) you mentioned already, and even after executing all of them, it didn't solve the problem.

I cannot execute msconfig on my machine, I get the error "Cannot find the file "msconfig" (or one of its components). Make sure the path and filename are correct and that all required libraries are available." Could this be a possible cause of the problem?.



Author Comment

ID: 10866229
Question to Sunray_2003

I've searched my registry and could not find the problem string.

I've downloaded Hijack This. This program only generates a log. Should I post it here for your attention? Thanks. Johan

Expert Comment

ID: 10867985
Sounds like a Trojan.  You need to find msconfig

Go to Windows Explorer, folder options, view all files.

Search for msconfig.*

Disable all startup items

Download and install this trojan finder

Boot in safe and run this and please let us know as this appears to be a growing threat.

Author Comment

ID: 10869265
Thanks tituba2

I've searched my complete C drive and do not find the file msconfig! I've downloaded the Troyan Remover version 6.1.6 as you recommended, and executed it. (It found no problems, and ouput the message "No active malicious files were found and no changes were made".

However, since I could not find msconfig I did not disable startup items and did not boot (and execute) in safe mode. Is it important to do this in safe mode, or was it OK that I just executed this program in normal mode?


Expert Comment

ID: 10915158
I need this trojan. Because I don't know how this trojan runs and i need its sourcecode.

Author Comment

ID: 10915885
Hi voquangle

How can I identify this trojan and send you the sourcecode?


Expert Comment

ID: 10916979
If your OS is 2000, you wouldn't have msconfig.  However, you can use XP's msconfig on 2000 to disable startup items.  Go to

and download the msconfig or copy it from someone who has XP.

Have you been able to clean off this virus/trojan?  If you identify the virus file, send it to Symantec.  

So voq - are you a virus writer?


Author Comment

ID: 11296626
Hi everybody

Just to let you know that my problem has been solved, and I believe it was caused by a hardware problem, not a virus. I've followed all advice and tried (for days!) so many different options, until I finally re-fitted the keyboard cable. This solved 90% of my problems, until I then replaced the keyboard completely, and all problems are gone now!

Thanks for everybody who tried assisting in solving this problem.


Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
Change your it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question