What is seekinside.exe

I found a program in my XP registry at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
called Poll Trust
with a value of:
C:\DOCUME~1\Gary\APPLIC~1\FILMDR~1\seekinside.exe

Does anyone know what this is?

Thanks,
Docfxit

PS: I have followed all the instructions at:
http://forums.majorgeeks.com/showthread.php?t=35407
Except for one - I get an error when I try to run Symantec Security Check. I can get to the page with no problem. I get a popup with an alert that says:
"Redirection limit for this URL exceeded. Unable to load the requested page. This may be caused by cookies that are blocked."

I have checked to see if my cookies were blocked at:
http://www.emsvillage.com/help/cookies-test.cfm
and it says they are working.

 

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Thank you very much for looking at my log. I have been trying to figure out what is going on with this Laptop for a long time now. Although I have a number of things happening the most annoying is my system tray icons disappear and the desktop icons are being re-written all the time. It stops the entire PC while it's happening.

The three O1 entries are correct and I put them in there.
There are a number of O2 entries I don't recognize.

There are a number of other things I don't recognize.

Thank you very much for looking at this for me.

Docfxit

 

Please download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster

• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program.

Now I want you to run SpyBot and get into the Advanced mode by selecting Mode and then
Advanced mode. Then select Settings and the in the left column select Ignore Products.
In the right window pane make sure the All products tab is selected. Then in that
window, right click your mouse and choose "Deselect all". Now in the left pane click
at the top on SpyBot S&D and then choose Search for Updates. Download any updates
required. Now click Check for Problems. Fix any that are found.

After you complete the above, reboot and post a fresh HJT log.

 

Thank you very much for helping me. SpyBot did remove 44 new items. I am using the new Spybot 1.4. I still have the problem. I did follow all your directions. I did backup my hosts file because after I am done I will need to restore the hosts except for adsubtract that I am no longer using.

Thank you for your time

 

Scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
(Keep this if you need it)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;

O2 - BHO: (no name) - {0C36B3CB-EC4D-A2CF-8A60-EDAEA715A422} - C:\DOCUME~1\Gary\APPLIC~1\KNOBCU~1\multi default.exe
O2 - BHO: Give4Free Plugin Installer - {208E7E77-507A-4649-B0C9-D39E9049C7A2} - C:\Program Files\Give4Free Plugin\ibho.dll
O4 - HKCU\..\Run: [POLL TRUST] C:\DOCUME~1\Gary\APPLIC~1\FILMDR~1\seekinside.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following if they should remain:

C:\Program Files\Give4Free ←–– Delete this whole folder if it exist!

C:\Documents and Settings\Gary\Application Data\KNOBCU~1 ←–– Delete this whole folder if it exist!

C:\Documents and Settings\Gary\Application Data\FILMDR~1 ←–– Delete this whole folder if it exist!

NEXT:
Run CCleaner

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot to Normal Windows , Scan with HijackThis and attach the new log.

 

Hi,

Thank you very much for guiding me in cleaning up this laptop. It's really nice you are taking the time to help everyone here. I did follow all your instructions. I have a couple little questions. Did you ask me to remove the application reference to Knobcu because you know it is spyware or is it because you don't recognize it. It's a really great program. If it's spyware (or causes other grief I won't use it) If it's because you don't recognize it I think you might like to see it in action.

I still have the problems.

Thank you,

Docfxit

 

If you know the program and are 100% comfortable with it then you can leave it as is and ignore that part of my fix!

Your HJT log looks clean, what problems are you currently experiencing?

 

Thank you for the offer to "ignore that part of my fix". I wouldn't veer from your instructions until my problems are fixed.

I have a few problems. The first problem I really need to fix is the icons are refreshed on this PC all the time. If I am in the middle of looking at a system window, the window closes. During this time the entire PC stops responding until it's done. This takes about 60seconds and happens about every 15 min.

Thank you for any incite,

Docfxit

 

Could you better explain this problem, this sounds weird?

Your desktop refreshes itself, correct? Also, can you change your wallpaper, settings and things like that in Display?

 

Yes I can change the wallpaper.

I'll try to explain better. When it happens

1. All system windows close. (Not mimimize)
2. All icons on the desktop disappear.
3. All icons on the system tray disappear.
4. All changes to the Quick Launch bar disappear.
5. All Icons that were created before the last time it rebooted come back to the desktop. Any icons that were created since the last reboot are gone for ever.
6. Some of the Icons in the system tray come back. The rest are gone until I re-boot. And some of them I need on a regular basis.


I usually try to work on one problem at a time. Maybe I should let you know of another problem just in case it helps you draw a different conclusion.

The next problem is when I use Dial-Up-Networking to my ISP:
1. I hear it dial.
2. It says Authenticating.
3. It says checking password.
4. It says accepted password.
5. The goes to a blue screen with a message:
"Stop: 0X0000008e (0XC0000005,0xfe7f3ab7,0xf0c86890,0x0000000)
6. The only way to recover is to turn the PC off and On.

Thank you,

Docfxit

 

This sounds more like a Software problem so post this in there. If needed you will be sent back to me in this forum.

Good Luck!