# Bug Report "File creation failed" and the analysis result included



## zjlywjh001 (Feb 15, 2019)

Recently I encountered the problem of gpu-z that it always shows a "file creation failed" Error on version later than 2.8.0.




Though this kind of error does not affect the running of the gpu-z 2.16.0 and later, but if this error occored the software will offer a error computing support information in the software:



The last line, the four ticks will be randomly disappeared when the above error occurs. For example, If the "File creation failed" window occurs twice ,the four ticks will randomly remains only two.
I searched all the webs, but nobody konws why this error occurs.
*And Most important for me, when I run the latest version of 3dmark, because of the error of gpu-z the test will  stuck on the  "collecting system information" stage.*


So I do some reverse engineering on the software.
First unpack the upx, and use IDA to disassemble the software and see how this error occurs.

After some analysis , I found that it seemed that after the version 2.9.0, the program will always create a file with the same name called "GPUQuery_External.exe" for different compute tests.
So the program will delete the file after every test.
But the problem comming.. emmmmm..

The previous WaitForSingleObject function only wait for 2.71 seconds.
In some condition the new process can't quit normally, It seemed that the process just remains on the background.
So when try next stage, The delete operation will failed, It will also cause the "Open" and "Write" operation to throw an exception.

In the end, this error occurs..





I hope this bug will be fixed soon, It has exists thorough 2.9-2.16.
I'll be glad if  my 3dmark runs good...


----------



## W1zzard (Feb 15, 2019)

Excellent investigation. The problem is that I haven't found a way to reproduce that error.

When does it happen on your system? During high load? or at startup?


----------



## zjlywjh001 (Feb 15, 2019)

W1zzard said:


> Excellent investigation. The problem is that I haven't found a way to reproduce that error.
> 
> When does it happen on your system? During high load? or at startup?



At first GPU-Z works fine on my system for a long time.  
But from same day (Maybe Microsoft pushed some update to me) , I can hardly start gpu-z normally without this error.
 From that moment on, I have very low probability to execute gpu-z without this error, seems 1 in 20 times to be normal.
 My windows version is 1809.


----------



## Naki (Feb 15, 2019)

Antivirus blocking extra file? What antivirus do you use?


----------



## zjlywjh001 (Feb 15, 2019)

Naki said:


> Antivirus blocking extra file? What antivirus do you use?


I have tried to close all the antivirus software including windows defender, but still have this problem.


----------



## Naki (Feb 15, 2019)

Don't close. Just tell us which one it is!
You may need to add a file or folder exception to the antivirus rules/settings.


----------



## zjlywjh001 (Feb 15, 2019)

Naki said:


> Don't close. Just tell us which one it is!
> You may need to add a file or folder exception to the antivirus rules/settings.


I have done some test with W1zzard. This error is some timing issues, so it is hard to reproduce. I think W1zzard will solve this soon.


----------



## W1zzard (Feb 15, 2019)

zjlywjh001 said:


> I have done some test with W1zzard. This error is some timing issues, so it is hard to reproduce. I think W1zzard will solve this soon.


Thanks a lot! Your testing was very helpful.

This is indeed a timing issue. GPU-Z renames the Query_External EXE after it has started it (so other GPU-Z instances can run at the same time). The problem was that CreateProcess() didn't fully start the process and the rename immediately after it could fail. I added some delay now, which fixes it.


----------



## AnitaYK (Jul 29, 2019)

Sorry to revive this, but I'm getting the same error, first time was a day or so ago, and the error exists when launching GPU-Z 2.22.0 (and 2.21.0). 

I did not do the bug testing/dissection as the OP did, but the error is exactly the same as they described.


----------



## W1zzard (Jul 29, 2019)

and it worked before? Does the directory exist where it's trying to put the file? Or disk full maybe?


----------



## AnitaYK (Jul 29, 2019)

Thanks for your response!

It's running directly from the folder it was downloaded to, which is where it's been running from for a year now.  Nothing new here. The file GPUQuery_External (.exe?) exists in the appdata/temp folder and is 0 bytes in size, and is read-only.


----------



## W1zzard (Jul 30, 2019)

Aha! Try removing the readonly flag. If that doesn't work, delete the file


----------



## AnitaYK (Jul 30, 2019)

Deleted the file, that eliminated the error when loading GPU-Z. Odd! Thanks for your help.


----------



## W1zzard (Jul 30, 2019)

Yeah no idea why it would get marked as readonly, GPU-Z certainly didn't do that


----------



## AnitaYK (Jul 31, 2019)

Hence why I remarked 'Odd', what marks temp files as ro. Odd.


----------



## AnitaYK (Aug 11, 2019)

Anddddd...its back again. The GPUQuery_External file exists and is 0 in size, same as my original posted image. If I delete the file, gpuz continues on with no further errors.


----------



## W1zzard (Aug 11, 2019)

and it's read-only again?


----------



## Solaris17 (Aug 11, 2019)

Just throwing in my 2c but I know some AV and some protection mechanisms in windows 10 will prevent execution from temp to help stop malware.

I haven’t looked into this, but maybe it does this by marking them readonly?


----------



## W1zzard (Aug 11, 2019)

Solaris17 said:


> Just throwing in my 2c but I know some AV and some protection mechanisms in windows 10 will prevent execution from temp to help stop malware.
> 
> I haven’t looked into this, but maybe it does this by marking them readonly?


Read only can be executed just fine


----------



## AnitaYK (Aug 12, 2019)

"Remove readonly attribute from temporary files before trying to delete " from new version 2.23 release notes, AHA! Will try this now and report back.

YES! 2.33 Fixed it!


----------



## brucechow (Mar 13, 2020)

Just reporting back, I still have this bug when I try to install it on my secondary drive. I have a windows SSD and a HDD, if I install gpuz from secondary HDD I have this error message


----------



## W1zzard (Mar 13, 2020)

brucechow said:


> Just reporting back, I still have this bug when I try to install it on my secondary drive. I have a windows SSD and a HDD, if I install gpuz from secondary HDD I have this error message


just to clarify, you are using the installer? and depending on where it is installed to (from?) you get that error?

The path reported in the error message should always be the same though?


----------



## brucechow (Mar 13, 2020)

Downloading fgrom here US-1:








						TechPowerUp GPU-Z (v2.52.0) Download
					

GPU-Z is a lightweight utility designed to give you all information about your video card and GPU.




					www.techpowerup.com
				




Installing in D: return me the C: location as error.

If I install on C:, I get no errors...

C: is and ssd and D: hdd


----------



## AOK (Mar 31, 2020)

Soooo. I start the file from custom C:\Tools\ folder with win defender exclussion. I get ONLY CreateProcess failed window with no further info. I get it 9 times before starting it. (9x hit OK).

The programs works fine except for - I am unable to tick an y of the computing ticks in the bottom, neither of the following is tickable:

OpenCL, CUDA, DirectCopmute, DirectML Vulkan, Ray Tracing, PhysX, OpenGL,

Please note that none of them is grayed out!

GPU-Z: 2.30.0 ( but this going on for quite a few versions now)
My rig: i7-6700K @ 4.2 GHz (4 cores/8 threads) | 64 GB DDR4 @ 3200 MHz | GTX 1080Ti - 11GB GDDR5 352 bit | XPG SX8200 Pro PCIe Gen3x4 M.2 2280 SSD 2x512GB | Mushkin SSD 1TB | Win 10x64 (build 1909 - 10.0.18363.720)

PLS advice.


----------



## W1zzard (Mar 31, 2020)

AOK said:


> Soooo. I start the file from custom C:\Tools\ folder with win defender exclussion. I get ONLY CreateProcess failed window with no further info. I get it 9 times before starting it. (9x hit OK).
> 
> The programs works fine except for - I am unable to tick an y of the computing ticks in the bottom, neither of the following is tickable:
> 
> ...


I think your issue is a different one than discussed in this thread.

Do you see anything useful in Windows Event Viewer?


----------



## Naki (Mar 31, 2020)

*AOK -- *your Windows File Explorer fonts are wildly different from standard Windows/Microsoft fonts somehow.
Did you use built-in Windows 10 OS functionality to change this, please?
OR was it done via editing some Windows Registry keys, and/or Windows OS settings files?

OR maybe it was done via a Windows 10 Theming/Tweaking add-on program, free or paid one? Such as those provided by Stardock, or Classic Shell, OldNewExplorer/etc?
If so, please could you list the name of program(s) used to do it? 
I am thinking that program you used and tweaks done may have led to "tweak it 'till it breaks" condition.


----------



## AOK (Apr 1, 2020)

W1zzard said:


> I think your issue is a different one than discussed in this thread.
> Do you see anything useful in Windows Event Viewer?



Yep - you were right! 


```
Access to C:\Users\xxx\AppData\Local\Temp\GPUQuery_External.exe has been restricted by your Administrator by location with policy rule {1d49a534-fcf6-431e-9801-45dedffc4cd8} placed on path C:\Users\***\AppData\Local\Temp\*.exe.
```

Any idea how to find to re-adjust this rule? And better - can I make specific exceptions and leave the rule as it is? I did that on purpose - long time ago against malicious code.

Naki, nope - the theme is custom made manually. It was a set of policies I don't remember exactly how I did some time ago for security reasons.


----------



## W1zzard (Apr 1, 2020)

Thanks for the update.

You used a GPO like that? http://www.fatdex.net/php/2014/06/0...unning-inside-any-user-appdata-directory-gpo/

I doubt it's an effective security mechanism, and a lot of installers will fail that way. 
Not sure if whitelisting specific apps is possible here, any GPO experts?


----------



## AOK (Apr 1, 2020)

Sooo -  I found what it is.  Thanks for the link, Mr W. It was a great starting point. I hope even though it's a different issue the info below would be interesting and useful for others as well.

*CryptoPrevent* which obviously tries hard to prevent the HDDs to get crypted applies a set of polices among which is the execution of exe in temp folder. So far I didn't had problems. Except for viber. When you allow with the gpedit in the Software Restriction Policies/Additional Rules (in Loc.Comp) the GPU-Z exe both as path and hash.... doesn't work!
One should start it and go and allow the GPUQuery_External.exe in order for it to work. And even then the first thread (is blocked - I guess it's the one with the physX since it's the only one NOT ticked). This means even though I have thrown it as exception the stupid windows is not reading it the first time -either that or my *1080ti* does not have physX )) Are these ticks for showing that my card supports it?

Another weird thing: *P*rocess *E*xplorer (admin mode) doesn't see *GPUQuery_External.exe* even while active which easy since I still get it blocked in its first iteration of detections.
*W1zzard, *why is that? The exe is in the temp I see it there, but not in PE. Would love to know - since I will leave the global prevention policy stay and yet want to know how to detect other child processes invisible for PE.


----------



## W1zzard (Apr 1, 2020)

AOK said:


> Are these ticks for showing that my card supports it?


Correct



AOK said:


> doesn't see *GPUQuery_External.exe*








Works for me. The process is alive only for 2-3 seconds though, try clicking the refresh button in the top right of the window (right to the left of the hamburger settings icon)


----------

