Solved

Windows 7 C:\Logs Directory and "Bitree_obtain_mutex"

Posted on 2013-05-30
10
1,078 Views
Last Modified: 2013-06-19
I have noticed on my Windows 7 laptop with an SSD drive that i have a directory called C:\Logs. Inside is 100's of files that consume 25 GB of my 100 GB drive. They all start with Tree_xxxxx.log. I have never seen this directory on Windows XP. The files range in size from 1 kb to 400 MB. They all contain variations of ..

Oct 02 08:55:32.511 thread: 10036 bitree_obtain_mutex() waiting for mutex

I have searched Microsoft site for information but found nothing. I assume they are safe to delete but not sure where they are coming from and why they are being created and if there is any way to stop creating these files.

Here is sample
Tree-264.log
0
Comment
Question by:mjburgard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 19

Accepted Solution

by:
strivoli earned 500 total points
ID: 39209972
If the files are recent there could be an always running process that writes these log files. Auditing will help you understand what is writing these logs. You could also consider Process Monitor in order to understand what is writing these logs. The main difference between the two approaches (auditing and Process Monitor) is that the 1st allows you to inspect historical data (depending on the max Windows Security Log size) while the 2nd is mostly Real-Time.

Once you discovered which process writes these logs, consider stopping it or modify it's behavior in order to avoid these log files.
0
 
LVL 19

Expert Comment

by:strivoli
ID: 39209974
Forgot to give you the Process Monitor link.
0
 
LVL 1

Author Comment

by:mjburgard
ID: 39210948
Ok,

I am running Process Monitor and finding out that 5 or 6 programs I run are writing a log file to C:\Logs. This includes CHrome, outlook, SearchProtocol, explorer, and a few other specific programs. Best that I can determine each program is making some sort of regular call or attempt to update itself. For example, one program checks every minute to see the status of my employees. Another connects my e-mail to my CRM program and links e-mails. However, some of these programs run on other computers and they don't create the log files so that is interesting.  I am doing more checking. I deleted all the logs and they start up again immediately.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 19

Expert Comment

by:strivoli
ID: 39211004
How is the TEMP/TMP System and/or User Variable set to? If it is set to c:\logs that explains why so many programs access the folder.
0
 
LVL 1

Author Comment

by:mjburgard
ID: 39211939
Ok,

Temp and Tmp are set to C:\WIndows|TEMP as they should be. When I turn off Chrome or other programs, the Proc Monitor shows these programs no longer write the logs. Explorer appears to write them all the time. Over 50 MB of files were created in less than 10 minutes. This means about 250 MB an hour. Appears to a natural limit of around 25 GB before they seem to self delete - although that is not confirmed at this time. I noticed no files earlier than 22 April on my system. The quest continues. Don't really know where to go. The contents of the logs don't show up in a google search - if I pick pieces of the log and try to search on them.
0
 
LVL 19

Expert Comment

by:strivoli
ID: 39214346
Is your system virus/malware free?
0
 
LVL 19

Expert Comment

by:strivoli
ID: 39228900
Kindly help us keep EE clean. If you need more help, please ask. If I/we didn't help, please delete the question. Thank you.
0
 
LVL 1

Author Comment

by:mjburgard
ID: 39260275
I use SAV and MWB and both run all the time and say I am virus free. I will likely just accept your answer and move on. No one seems to have any info on these log files. I will look into it some more.
0
 
LVL 29

Expert Comment

by:serialband
ID: 39260472
It seems that the mutex may be part of the system threading used by .Net 4.

http://msdn.microsoft.com/en-us/library/system.threading.mutex.aspx


Do you have some application that's opening the mutex and not closing it?  What did you install on April 22?
0
 
LVL 1

Author Comment

by:mjburgard
ID: 39260939
answer is I have a program that will write logs in the C:\logs file if it exists (Which Windows 7 creates). If I delete C:\logs, it will not create the logs. Go figure.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question