Foobar
2015-03-11, 13:34
Hi,
please apologize if either I am posting in the wrong forum or posts about FileAlyzer are unwanted. I understand that its free and old. I however like to use it and believe there is bug.
Short abstract:
FileAlyzer creates a list of last used files [A, B, C]. When starting the App for a new file [D] it processes each item of last used files. If those files where stored on locations that may create a timeout upon a filerequest, starting of FileAlyzer may take multiple minutes.
Longer abstract using ProcMon:
13:08:35,5032217 FileAlyzer2.exe Start Process
LastRun
13:08:35,5881760 FileAlyzer2.exe 12552 RegQueryValue HKCU\Software\Safer Networking Limited\LastOpenedFile SUCCESS Type: REG_MULTI_SZ, Length: 242, Data: \\192.168.1.197\wwwdata\html\File-A.png, \\192.168.1.197\wwwdata\html\File-B.png, \\192.168.1.000\wwwdata\html\File-C.png
Query Last run files
13:08:35,5914775 FileAlyzer2.exe 12552 CreateFile \\192.168.1.197\wwwdata\html\File-A.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:35,5940017 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-A.png FAST IO DISALLOWED
13:08:35,5940135 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-A.png SUCCESS CreationTime: 11.03.2015 11:32:58, LastAccessTime: 11.03.2015 13:06:43, LastWriteTime: 11.03.2015 11:32:58, ChangeTime: 11.03.2015 11:32:58, FileAttributes: A
13:08:35,5940489 FileAlyzer2.exe 12552 CloseFile \\192.168.1.197\wwwdata\html\File-A.png SUCCESS
13:08:35,5973143 FileAlyzer2.exe 12552 CreateFile \\192.168.1.197\wwwdata\html\File-B.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:35,5997870 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-B.png FAST IO DISALLOWED
13:08:35,5997976 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-B.png SUCCESS CreationTime: 11.03.2015 11:33:16, LastAccessTime: 11.03.2015 13:06:47, LastWriteTime: 11.03.2015 11:33:16, ChangeTime: 11.03.2015 11:33:16, FileAttributes: A
13:08:35,5998140 FileAlyzer2.exe 12552 CloseFile \\192.168.1.197\wwwdata\html\File-B.png SUCCESS
13:08:44,6526594 FileAlyzer2.exe 12552 CreateFile \\192.168.1.000\wwwdata\html\File-C.png BAD NETWORK PATH Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
Query current file
13:08:44,6554302 FileAlyzer2.exe 12552 CreateFile C:\File-D.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:44,6554675 FileAlyzer2.exe 12552 QueryBasicInformationFile C:\File-D.png SUCCESS CreationTime: 11.03.2015 13:08:09, LastAccessTime: 11.03.2015 13:08:09, LastWriteTime: 11.03.2015 11:32:58, ChangeTime: 11.03.2015 13:08:15, FileAttributes: A
13:08:44,6554895 FileAlyzer2.exe 12552 CloseFile C:\File-D.png SUCCESS
13:08:44,7374880 FileAlyzer2.exe 12552 CreateFile C:\File-D.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:44,7375110 FileAlyzer2.exe 12552 QueryBasicInformationFile C:\File-D.png SUCCESS CreationTime: 11.03.2015 13:08:09, LastAccessTime: 11.03.2015 13:08:09, LastWriteTime: 11.03.2015 11:32:58, ChangeTime: 11.03.2015 13:08:15, FileAttributes: A
[...]
13:08:45,0992077 FileAlyzer2.exe 12552 CloseFile C:\File-D.png SUCCESS
1. Please note the RegQueryValue on LastOpenedFile (blue) returns File-A, File-B and File-C. File-C has an previously found but now invalid path (red)
2. Please note the Timestamp (green) on completing File-B after LastOpenedFile processing, 13:08:35
3. Please note the Timestamp (red) on completing File-C after access failed ("BAD NETWORK PATH") processing, 13:08:44
It took roughly 10 seconds for QueryBasicInformationFile on File-C to complete, because of the network timeout.
4. Please note the final CloseFile on the current-working-file File-D at 13:08:45. This is when the FileAlyzer GUI window becomes visible.
If you regulary work with files from SMB Shares or changing USB drives LastOpenedFile (which may hold up to 15? cache entries) causes FileAlyzer take multiple minutes before the GUI Window finally appears.
Steps to reproduce:
1. Create HKCU\Software\Safer Networking Limited\LastOpenedFile and add multiple files on invalid SMB Shares, e.g. \\0.0.0.0\a.exe|\\127.0.0.1\c.exe|\\192.168.0.1\foo.com (| = \r\n)
2. Start FileAlyzer on a valid file (c:\bar.exe)
3. Measure delay between clicking "Analyze with FileAlyzer 2" and appearance of the actual window (hence, not the taskbar item)
Expected:
Start time should be only impacted by AccessTime to current file
Possible solutions:
* Allow an option [x] Do not track last used files
- or -
* Exclude USB mounted and network mounted files from LastOpendFiles
- or -
You might want to stop tracking LastOpendFiles at all. I usually find it awkward tracking data that is neither used in the application nor presented to the user at all and can't be cleared.
Best regards,
Jan
please apologize if either I am posting in the wrong forum or posts about FileAlyzer are unwanted. I understand that its free and old. I however like to use it and believe there is bug.
Short abstract:
FileAlyzer creates a list of last used files [A, B, C]. When starting the App for a new file [D] it processes each item of last used files. If those files where stored on locations that may create a timeout upon a filerequest, starting of FileAlyzer may take multiple minutes.
Longer abstract using ProcMon:
13:08:35,5032217 FileAlyzer2.exe Start Process
LastRun
13:08:35,5881760 FileAlyzer2.exe 12552 RegQueryValue HKCU\Software\Safer Networking Limited\LastOpenedFile SUCCESS Type: REG_MULTI_SZ, Length: 242, Data: \\192.168.1.197\wwwdata\html\File-A.png, \\192.168.1.197\wwwdata\html\File-B.png, \\192.168.1.000\wwwdata\html\File-C.png
Query Last run files
13:08:35,5914775 FileAlyzer2.exe 12552 CreateFile \\192.168.1.197\wwwdata\html\File-A.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:35,5940017 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-A.png FAST IO DISALLOWED
13:08:35,5940135 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-A.png SUCCESS CreationTime: 11.03.2015 11:32:58, LastAccessTime: 11.03.2015 13:06:43, LastWriteTime: 11.03.2015 11:32:58, ChangeTime: 11.03.2015 11:32:58, FileAttributes: A
13:08:35,5940489 FileAlyzer2.exe 12552 CloseFile \\192.168.1.197\wwwdata\html\File-A.png SUCCESS
13:08:35,5973143 FileAlyzer2.exe 12552 CreateFile \\192.168.1.197\wwwdata\html\File-B.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:35,5997870 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-B.png FAST IO DISALLOWED
13:08:35,5997976 FileAlyzer2.exe 12552 QueryBasicInformationFile \\192.168.1.197\wwwdata\html\File-B.png SUCCESS CreationTime: 11.03.2015 11:33:16, LastAccessTime: 11.03.2015 13:06:47, LastWriteTime: 11.03.2015 11:33:16, ChangeTime: 11.03.2015 11:33:16, FileAttributes: A
13:08:35,5998140 FileAlyzer2.exe 12552 CloseFile \\192.168.1.197\wwwdata\html\File-B.png SUCCESS
13:08:44,6526594 FileAlyzer2.exe 12552 CreateFile \\192.168.1.000\wwwdata\html\File-C.png BAD NETWORK PATH Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
Query current file
13:08:44,6554302 FileAlyzer2.exe 12552 CreateFile C:\File-D.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:44,6554675 FileAlyzer2.exe 12552 QueryBasicInformationFile C:\File-D.png SUCCESS CreationTime: 11.03.2015 13:08:09, LastAccessTime: 11.03.2015 13:08:09, LastWriteTime: 11.03.2015 11:32:58, ChangeTime: 11.03.2015 13:08:15, FileAttributes: A
13:08:44,6554895 FileAlyzer2.exe 12552 CloseFile C:\File-D.png SUCCESS
13:08:44,7374880 FileAlyzer2.exe 12552 CreateFile C:\File-D.png SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
13:08:44,7375110 FileAlyzer2.exe 12552 QueryBasicInformationFile C:\File-D.png SUCCESS CreationTime: 11.03.2015 13:08:09, LastAccessTime: 11.03.2015 13:08:09, LastWriteTime: 11.03.2015 11:32:58, ChangeTime: 11.03.2015 13:08:15, FileAttributes: A
[...]
13:08:45,0992077 FileAlyzer2.exe 12552 CloseFile C:\File-D.png SUCCESS
1. Please note the RegQueryValue on LastOpenedFile (blue) returns File-A, File-B and File-C. File-C has an previously found but now invalid path (red)
2. Please note the Timestamp (green) on completing File-B after LastOpenedFile processing, 13:08:35
3. Please note the Timestamp (red) on completing File-C after access failed ("BAD NETWORK PATH") processing, 13:08:44
It took roughly 10 seconds for QueryBasicInformationFile on File-C to complete, because of the network timeout.
4. Please note the final CloseFile on the current-working-file File-D at 13:08:45. This is when the FileAlyzer GUI window becomes visible.
If you regulary work with files from SMB Shares or changing USB drives LastOpenedFile (which may hold up to 15? cache entries) causes FileAlyzer take multiple minutes before the GUI Window finally appears.
Steps to reproduce:
1. Create HKCU\Software\Safer Networking Limited\LastOpenedFile and add multiple files on invalid SMB Shares, e.g. \\0.0.0.0\a.exe|\\127.0.0.1\c.exe|\\192.168.0.1\foo.com (| = \r\n)
2. Start FileAlyzer on a valid file (c:\bar.exe)
3. Measure delay between clicking "Analyze with FileAlyzer 2" and appearance of the actual window (hence, not the taskbar item)
Expected:
Start time should be only impacted by AccessTime to current file
Possible solutions:
* Allow an option [x] Do not track last used files
- or -
* Exclude USB mounted and network mounted files from LastOpendFiles
- or -
You might want to stop tracking LastOpendFiles at all. I usually find it awkward tracking data that is neither used in the application nor presented to the user at all and can't be cleared.
Best regards,
Jan