The Doctor Makes a “House Call!”
One of our “Dr. Bill” Podcast listeners writes with a problem:
“Hey, what’s up Doc! I don’t know if you’ve already talked about this, but I hope it’s OK to ask. The log file named “trace.txt” on my computer located at “C:\WINDOWS\system32\LogFiles\WMI” is always taking up space on my computer until it takes up all the room on my hard drive so that I can’t save or download anything. The only way I can get my space back is to restart and go through the same problem after I’ve logged in. I ran my McAfee Spyware and Virus Protection. And I also ran Ad-Aware and Spybot S&D. But none of them found anything. I tried deleting it but it said it was being used. So I found out that “wmiprvse.exe” was using it. I used Windows Task Manager to end the process, but every time I ended it, it kept popping back up. Is there anything I can do to stop this log file from taking up all the room on my PC? Your advice is needed.
Thanks,
Kai”
My answer:
No problem! It sounds like someone, at some point, ran the “Bootvis” program to trace Windows activities to debug something. Bootvis can be helpful at first, but also pretty “evil!” However, there is a way to disable it, in fact two!
Here are the two methods that seem to work for this issue:
An actual way of removing it is from Windows Registry, so Start->Run… and type “regedit” and click “OK.” From regedit go to:
‘HKEY_LOCAL_MACHINE->System->CurrentControlSet->
Control->WMI->GlobalLogger’
and there you should find a key named “Start” double click it and you can give it a new value, put a zero (“0”) instead of the “1” that is there now. Now, Windows won’t start the Bootvis logger at startup.
The second solution is:
During boot, press the “F8” key twice to get Startup options.
Select “Safe Mode, with Command Prompt,” login as administrator. At the prompt, navigate to Windows\system32\logfiles\wmi\trace.log (Or, trace.txt, in your case) (you still can’t delete the file at this stage.) Use the command “attrib +r trace.txt” without the quotes (this stops Windows from altering this file anymore!)
Restart Windows normally.
Go to the file in File Manager/Windows Explorer.
Delete the file.
Create a new (empty) trace.txt file (using Notepad and save it in the same directory where you deleted the original)
Hope this helps!
By the way, the “wmiprvse.exe” program is the “Windows Management Instrumentation component of the Microsoft Windows operating system that provides management information and control in an enterprise environment. By using industry standards, managers can use WMI to query and set information on desktop systems, applications, networks, and other enterprise components. Developers can use WMI to create event monitoring applications that alert users when important incidents occur.”
Send me YOUR questions, and you can help me help others with the same problems!