Avast WEBforum

Other => Viruses and worms => Topic started by: pingo on January 29, 2014, 04:50:52 PM

Title: Can I safely delete snapshot.etl?
Post by: pingo on January 29, 2014, 04:50:52 PM

A boot-time scan reports "wdi/.../snapshot.etl is infected with Win32:Banker-GVY [Rtk]". Can I delete this file without compromising Windows functioning?
Thank you for your time.

Title: Re: Can I safely delete snapshot.etl?
Post by: Pondus on January 29, 2014, 04:55:56 PM

upload and test the file at one of these online scanners.  www.virustotal.com / www.metascan-online.com / www.jotti.org

post link to scan result here

Title: Re: Can I safely delete snapshot.etl?
Post by: pingo on January 29, 2014, 06:02:02 PM

Thanks for the reply.

Problem is I'm in the middle of a boot scan, with Avast waiting for my response to "File is in Windows folder, are you sure?". Are you saying I should just skip it, let the scan finish, then go in and copy the file?

Title: Re: Can I safely delete snapshot.etl?
Post by: essexboy on January 29, 2014, 07:07:01 PM

Quote

ETL files are log files that have been created by the Microsoft Tracelog software application. This Microsoft program creates event logs in the binary file format. These logs are created from the kernel in a Microsoft operating system.

The ETL logs can contain information about disk access and page faults, logging high-frequency events and recording the performance of the Microsoft operating system. This information can be used to analyze and adjust voice response software applications.

As it is only a log then you can delete it

Title: Re: Can I safely delete snapshot.etl?
Post by: pingo on January 29, 2014, 07:18:23 PM

OK, thanks. Done. Will report any anomalies.