Go Premium for a chance to win a PS4. Enter to Win


Possible Virus? Browser automatically populates with "67yujhnm"

Posted on 2004-04-17
Medium Priority
Last Modified: 2010-07-27
For the past 2 weeks I've experienced my computer automatically executing commands, e.g. pop-screens, open / close applications and most often when I am working with Internet Explorer the command bar is populated with the string "67yujhnm".

I am using a Toshiba Satellite Pro 4600 and I am on Windowns 2000. A question on this has been asked before, but I've been unsuccessful downloading the tool mentioned (Hijack this).

I am always running Norton Anti-Virus which is also auto-enabled, but this does not seem to catch the problem.

Is this a virus, and how could I get rid of this?

Thanks in advance for the help, Johan.
Question by:johanyssel

Accepted Solution

tituba2 earned 1500 total points
ID: 10854779
It is spyware.  Your virus software doesn't catch spyware.

Download, install and update the following spyware software.

Click - start - run msconfig
clear all startup items

Boot in safe mode.

Run all these spyware products.  Delete whatever it finds.



CW Shredder
LVL 49

Expert Comment

ID: 10855547
Try downloading here

HijackThis : http://www.spychecker.com/program/hijackthis.html 

Alternatively , first take a backup of your registry
go inside registry and search for that term "67******" and remove all instances of it ,

Press CTRL + F to get search box. Type in that text there. Once it finds one , press F3 to find next and so on
LVL 17

Expert Comment

ID: 10856602
I'm intrigued by this one. There's no reference to it anywhere else. McAfee doesn't know anything about it, nor does Symantec or any of the spyware removers.

Please see:


The same problem was reported. Also, a similar problem was reported at computercops.com back in December:


I don't have any advice except to contact Symantec and check on how to send them an image of your hard drive. It could be a new virus/hijacker that has passed unnoticed so far.

Good Vibes!

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.


Author Comment

ID: 10866197
Hi Tituba2

Thanks for your help. I have all 3 the spyware programs (latest versions) you mentioned already, and even after executing all of them, it didn't solve the problem.

I cannot execute msconfig on my machine, I get the error "Cannot find the file "msconfig" (or one of its components). Make sure the path and filename are correct and that all required libraries are available." Could this be a possible cause of the problem?.



Author Comment

ID: 10866229
Question to Sunray_2003

I've searched my registry and could not find the problem string.

I've downloaded Hijack This. This program only generates a log. Should I post it here for your attention? Thanks. Johan

Expert Comment

ID: 10867985
Sounds like a Trojan.  You need to find msconfig

Go to Windows Explorer, folder options, view all files.

Search for msconfig.*

Disable all startup items

Download and install this trojan finder

Boot in safe and run this and please let us know as this appears to be a growing threat.

Author Comment

ID: 10869265
Thanks tituba2

I've searched my complete C drive and do not find the file msconfig! I've downloaded the Troyan Remover version 6.1.6 as you recommended, and executed it. (It found no problems, and ouput the message "No active malicious files were found and no changes were made".

However, since I could not find msconfig I did not disable startup items and did not boot (and execute) in safe mode. Is it important to do this in safe mode, or was it OK that I just executed this program in normal mode?


Expert Comment

ID: 10915158
I need this trojan. Because I don't know how this trojan runs and i need its sourcecode.

Author Comment

ID: 10915885
Hi voquangle

How can I identify this trojan and send you the sourcecode?


Expert Comment

ID: 10916979
If your OS is 2000, you wouldn't have msconfig.  However, you can use XP's msconfig on 2000 to disable startup items.  Go to


and download the msconfig or copy it from someone who has XP.

Have you been able to clean off this virus/trojan?  If you identify the virus file, send it to Symantec.  

So voq - are you a virus writer?


Author Comment

ID: 11296626
Hi everybody

Just to let you know that my problem has been solved, and I believe it was caused by a hardware problem, not a virus. I've followed all advice and tried (for days!) so many different options, until I finally re-fitted the keyboard cable. This solved 90% of my problems, until I then replaced the keyboard completely, and all problems are gone now!

Thanks for everybody who tried assisting in solving this problem.


Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question