The GMER log is, albeit massive, clean of infection.
You didn't run DDS - did you forget? It's not a problem, don't worry.
All scans you ran were clean, all additional scans I had you run were clean, this means there's a very good chance that there is no malware on your computer.
That said, the whole ksnapshot.etl thing intrigues me, as my research about it has not been conclusive. We need to get the file checked out.
As all automated methods for searching have failed, and manual grabbing didn't work out either, let's give it one last shot.
I hope you don't mind, but for this step I would like you to turn off the protective UAC feature. The whole run-as-administrator-thing has been a bit cumbersome, and as I myself don't have Vista it's not exactly clear to me what needs to be run as administrator and what doesn't.Temporarily disable UAC
You need to temporarily disable Vistas User Account Control
, as it may interfere with some of the tools we use
- Click the Start button and then Control Panel
- In the control panels lefthand pane, make sure Control Panel Home is selected
- In the righthand pane, click User Accounts and Family Safety
- Click User Accounts
- Click Turn User Account Control on or off
- If Use UAC to protect your computer doesn't have a checkmark, skip to the next step
- If it does, remove the checkmark, press OK and then restart your computer
We'll re-enable UAC again after we're done cleaning your computer.
Now, press Windows key + F and do a search for ksnapshot.etl
Be sure to select Everywhere
from the drop-down-box containing locations, not just the default of Indexed Locations.
In the Advanced Search area, click to select the Include non-indexed, hidden, and system files (might be slow)
The search should turn up with at least one hit. Select one of the files which were found and drag it to your desktop while pressing the Ctrl button
. The file will now be copied to your desktop.
Go to the Jotti site and now see if you can upload the ksnapshot.etl which had been copied to your desktop.
Then re-enable UAC. Use the same instructions, but instead of un
checking, now check