Application Verifier - Stop Codes - LuaPriv
The following stop codes are contained in this set of tests.
The Verifier could not get an object's name.
Probable causeThe Verifier attempted to canonicalize the name of an object opened by the application, but was unable to do so. This indicates that some diagnostic information may be missing from reports of security issues.
Information displayed by Application Verifier- Format: - Object: Unable to query the object's name 0x%x
- Parameter 1 - Handle to the Object
- Parameter 2 - NTSTATUS
- Parameter 3 - Key Type
- Parameter 4 - Key Data
- Test Layer: LuaPriv
- Stop ID: CANNOTQUERYOBJECT
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not get an object's path name.
Probable causeThe Verifier could not find the canonical path to the object. As a result, the object's name will probably be incomplete. This may make it difficult to locate the source of any problems the Predictor does find.
Information displayed by Application Verifier- Format: - Object: Could not get '%hs' from pathname (%ws) due to error 0x%x
- Parameter 1 - Type of name (LPSTR)
- Parameter 2 - Pathname (LPWSTR)
- Parameter 3 - LastError
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: CANTCANONICALIZEPATH
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not open an object.
Probable causeThe Verifier tried unsuccessfully to open an object to obtain information from it. The object was not analyzed.
Information displayed by Application Verifier- Format: - Object: Cannot open '%hs' (%ws) for '%hs' due to error 0x%x
- Parameter 1 - Description of the object (LPSTR)
- Parameter 2 - Object Pathname (LPWSTR)
- Parameter 3 - Win32 Error
- Parameter 4 - Parent handle (Registry only)
- Test Layer: LuaPriv
- Stop ID: CANTOPEN_NONCRITICAL
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Could not interpret HKEY_CURRENT_USER.
Probable causeThe Verifier was unable to interpret HKEY_CURRENT_USER in the way it was listed. Without knowing the canonical path to HKCU, registry keys there may be inappropriately flagged as restrictive by the Verifier.
Information displayed by Application Verifier- Format: - Registry: Could not '%hs' HKEY_CURRENT_USER due to error 0x%x
- Parameter 1 - Win32 ErrorKey Handle (if open)
- Parameter 2 - Key Handle (if open)
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: BADHKCU
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Initialization failed.
Probable causeThe USERPROFILE environment variable could not be found. Because of this, the current user's profile could not be identified and opened; therefore, the Verifier might falsely identify some files and/or directories as being excessively restrictive.
Information displayed by Application Verifier- Format: - Profile: The USERPROFILE environment variable could not be found
- Parameter 1 - N/A
- Parameter 2 - N/A
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: NO_USERPROFILE
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Okay Object.
Probable causeThe Verifier assumed that this object was inherently 'safe' due to its location.
Information displayed by Application Verifier- Format: - %hs: %hs '%ws' looks okay because it exists in (%ws)
- Parameter 1 - Object Name
- Parameter 2 - Object Type
- Parameter 3 - Object Prefix
- Parameter 4 - Object Handle (if available)
- Test Layer: LuaPriv
- Stop ID: OK_OBJECT_PREFIX
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
Object opened/created in a restricted namespace.
Probable causeThis object was found in the listed namespace, which is not writable by standard users. Use the Local\ prefix for standard user account compliance.
Information displayed by Application Verifier- Format: - %hs: %hs '%ws' is in restricted namespace (%ws)
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Namespace
- Parameter 4 - Object Handle (if available)
- Test Layer: LuaPriv
- Stop ID: RESTRICTED_NAMESPACE
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Object opened/created without a namespace.
Probable causeThis object was created without a namespace, which can cause it to be created in Session\ or Global\, depending on whether Terminal Server is used. Use the Local\ prefix for standard user account compliance. Note: In Windows Vista, the object will be created in the Local\ namespace.
Information displayed by Application Verifier- Format: - %hs: %hs '%ws' has no namespace
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - N/A
- Parameter 4 - Object Handle (if available)
- Test Layer: LuaPriv
- Stop ID: NO_NAMESPACE
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not find the parent directory.
Probable causeThe Verifier attempted to determine where a file or directory resided, but an error prevented this.
Information displayed by Application Verifier- Format: - %hs: Could not canonicalize (%ws) due to error 0x%x
- Parameter 1 - API Name
- Parameter 2 - Child Name
- Parameter 3 - Win32 Error
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: CANTGETPARENT
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not open an object's parent.
Probable causeThe Verifier was unable to open the parent of the given object (to determine whether standard users would be able to create child objects). As a result, the parent has not been analyzed.
Information displayed by Application Verifier- Format: - File: Could not open '%hs' (%ws) to validate call to %hs '%ws' due to error 0x%x
- Parameter 1 - Parent Object Name
- Parameter 2 - Child Object Name
- Parameter 3 - Win32 Error
- Parameter 4 - Child Object Handle (if available)
- Test Layer: LuaPriv
- Stop ID: CANT_OPEN_PARENT
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application is running with privilege.
Probable causeThe verifier discovered that the application was being run by an administrative user. This may be already known, but when intentionally running as a standard user, the user account should not be a member of the listed group.
Information displayed by Application Verifier- Format: - Running as a user in privileged group '%ws'
- Parameter 1 - Privileged Group
- Parameter 2 - N/A
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: NON_LUA_USER
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
Sid conversion failed.
Probable causeThe Verifier failed to convert a static (configuration) Security Identifier (SID) from the human-readable form to the form usable by Windows.
Information displayed by Application Verifier- Format: - Failed to convert '%hs' to sid due to error 0x%x
- Parameter 1 - String Sid
- Parameter 2 - Win32 Error
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: STRING2SID_FAILED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called the GetTokenInformation function.
Probable causeThe application called the GetTokenInformation function and requested the listed class of information. This will work as a standard user, but it generally indicates that the application expects to be run by an administrator and is examining the access token to determine this.
Information displayed by Application Verifier- Format: - Privs: Called GetTokenInformation, requesting '%hs'
- Parameter 1 - Type Name
- Parameter 2 - Type
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: GETTOKENINFO
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Cannot find the canonical name for a privilege.
Probable causeThis privilege probably does not exist on your version of Windows. This break message is no cause for concern and is purely diagnostic information.
Information displayed by Application Verifier- Format: - Could not determine displayname of '%ws' due to error 0x%x
- Parameter 1 - Privilege Name
- Parameter 2 - Win32 Error
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: UNKNOWN_PRIVILEGE
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not look up the privilege.
Probable causeThe Verifier was prevented from looking up the name of the privilege with the listed LUID. This will prevent the Verifier from producing certain diagnostics.
Information displayed by Application Verifier- Format: - Could not determine name of privilege for '%hs' due to error 0x%x
- Parameter 1 - Privilege LUID *
- Parameter 2 - Requesting API
- Parameter 3 - Win32 Error
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: PRIV_LOOKUP_FAILED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Requested a security-relevant privilege.
Probable causeThe application requested (and received) the listed privilege, which is not granted to standard users. This API call will fail as a standard user account, which may have performance and audit implications in addition to having an impact on the functionality of the application.
Information displayed by Application Verifier- Format: - Privs: Requested %ws%hs%ws%hs with %hs successfully
- Parameter 1 - Privilege LUID *
- Parameter 2 - Privilege's display name (if available)
- Parameter 3 - Requesting API
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: USED_PRIVILEGE_LUID
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application requested a security-relevant privilege.
Probable causeThe application unsuccessfully requested the listed privilege, which is not granted to standard users. The API call will fail as a standard user, which may have performance and audit implications, in addition to having an impact on the application's functionality.
Information displayed by Application Verifier- Format: - Privs: Requested %ws%hs%ws%hs with %hs, but was denied
- Parameter 1 - Privilege LUID *
- Parameter 2 - Privilege's display name (if available)
- Parameter 3 - Requesting API
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: FAILED_PRIVILEGE_LUID
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application is running with privilege.
Probable causeThe application was launched by a user with access to the listed privilege. This indicates that the user is not a standard user. This may already be known, but to run as a standard user, the user should NOT be granted the given listed privilege.
Information displayed by Application Verifier- Format: - Running as user with access to %ws%hs%ws%hs
- Parameter 1 - Privilege LUID *
- Parameter 2 - Privilege's display name (if available)
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: PRIVILEGED_USER
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
Failed to enable a non-security-relevant privilege.
Probable causeThe application requested the listed privilege unsuccessfully. Although this privilege is not security-relevant (E.G. a standard user might have the privilege), this could be indicative of nonstandard privilege requirements in the application. In this case, the application may generate excessive audit traffic or its functionality may be impaired.
Information displayed by Application Verifier- Format: - Privs: Could not enable '%ws' (the '%ws' privilege) with %hs
- Parameter 1 - Privilege LUID *
- Parameter 2 - Privilege's name
- Parameter 3 - Requesting API
- Parameter 4 - Privilege's displayname (if available)
- Test Layer: LuaPriv
- Stop ID: IRRELEVANT_PRIVILEGE_DENIED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application failed to enable a non-security relevant privilege.
Probable causeThe application requested the listed privilege unsuccessfully. Although this privilege is not security-relevant (E.G. a standard user might potentially have the privilege), this could be indicative of nonstandard privilege requirements in the application. In this case, the application may generate excessive audit traffic or its functionality may be impaired.
Information displayed by Application Verifier- Format: - Privs: Could not enable unknown privilege '%ws' with %hs
- Parameter 1 - Privilege LUID *
- Parameter 2 - Privilege's name
- Parameter 3 - Requesting API
- Parameter 4 - Privilege's displayname (if available)
- Test Layer: LuaPriv
- Stop ID: IRRELEVANT_UNKNOWN_PRIVILEGE_DENIED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not query a registry value.
Probable causeThe Verifier tried unsuccessfully to query a registry value.
Information displayed by Application Verifier- Format: - Registry: Could not query value '%ws' due to error 0x%x
- Parameter 1 - Key Handle
- Parameter 2 - Value Name
- Parameter 3 - Win32 Error
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: CANT_QUERY_VALUE
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The Verifier could not parse an INI file mapping.
Probable causeThe application used an INI file that was mapped to a registry key by the system. While parsing the structure of that INI file mapping, the Verifier encountered unknown syntax. The API call has not been checked.
Information displayed by Application Verifier- Format: - Ini: Did not understand the '%ws' in '%ws' -- unknown INI file mapping prefix
- Parameter 1 - Value Mapping
- Parameter 2 - INI Mapping
- Parameter 3 - N/A
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: UNKNOWN_MAPPING
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application was denied access to an object.
Probable causeThe application was denied access to the given profile section due to insufficient privilege. If the application's functionality is imparied, this access problem may be the cause.
Information displayed by Application Verifier- Format: - Ini: %hs Denied access to profile '%ws' due to error 0x%x
- Parameter 1 - INI File (profile)
- Parameter 2 - Section
- Parameter 3 - Value
- Parameter 4 - Win32 Error
- Test Layer: LuaPriv
- Stop ID: INI_PROFILE_ACCESS_DENIED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application was able to access the object's security descriptor.
Probable causeThe application was granted the requested access to this object. A standard user should also be able to access this object.
Information displayed by Application Verifier- Format: - %hs: (%ws) access 0x%x is okay '%hs'
- Parameter 1 - Object Name
- Parameter 2 - Access Requested
- Parameter 3 - Security Descriptor
- Parameter 4 - String Security Descriptor
- Test Layer: LuaPriv
- Stop ID: OK_OBJECT_DUMP
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
The object's security descriptor is inaccessible.
Probable causeThe application was granted the requested access to this object. A standard user, however, may have trouble accessing this object.
Information displayed by Application Verifier- Format: - %hs: (%ws) access 0x%x granted to '%hs'
- Parameter 1 - Object Name
- Parameter 2 - Access Requested
- Parameter 3 - Security Descriptor
- Parameter 4 - String Security Descriptor
- Test Layer: LuaPriv
- Stop ID: BAD_OBJECT_DUMP
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Unable to display a security descriptor.
Probable causeThe Verifier attempted to display a security descriptor, but could not render it into human-readable form. This is probably due to low memory, but could be the result of a non-standard security descriptor.
Information displayed by Application Verifier- Format: - Could not convert %hs security descriptor '%ws' to text due to error 0x%x
- Parameter 1 - Object Name
- Parameter 2 - Object Type
- Parameter 3 - Security Descriptor
- Parameter 4 - Win32 Error
- Test Layer: LuaPriv
- Stop ID: SD2TEXT
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Deny Access Control Entry (ACE) encountered.
Probable causeThe application opened an object (such as a file or registry key) and requested access that was explicitly denied to one or more entities. Depending on who is denied access, this might prevent access by less-privileged users.
Information displayed by Application Verifier- Format: - %hs: (%ws) denies '%hs' to '%ws'
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Access Control Entry
- Parameter 4 - Access Mask
- Test Layer: LuaPriv
- Stop ID: DENY_ACE
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Access was restricted to trusted users only.
Probable causeThe application opened an object (such as a file or registry key) and requested access permissions that were granted solely to trusted users. This indicates that untrusted users will have difficulty running the application correctly.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) only grants requested '%hs' to '%ws'
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Access Mask
- Parameter 4 - String SID
- Test Layer: LuaPriv
- Stop ID: RESTRICTED_RIGHT
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Access was restricted to trusted users only.
Probable causeThe application opened an object (such as a file or registry key) and requested access permissions that were granted solely to trusted users. This indicates that untrusted users will have difficulty running the application correctly. This message will always be followed by other messages.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) only grants requested '%hs' to '%ws' (and others-- see subsequent stops)
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Access Mask
- Parameter 4 - String SID
- Test Layer: LuaPriv
- Stop ID: RESTRICTED_RIGHT_MORE
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Access is restricted solely to the owner.
Probable causeThe application opened an object (such as a file or registry key) and requested access that is granted to privileged entities AND TO THE OWNER. The owner is also currently privileged, suggesting that this object will not be accessible by unprivileged entities.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) grants '%hs' to 'Creator/Owner'. The current owner is '%ws'
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Access Mask
- Parameter 4 - SID of the current owner
- Test Layer: LuaPriv
- Stop ID: CREATOR_OWNER
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Safe Object.
Probable causeThe application opened an object (such as a file or registry key) and requested access that is granted to at least one non-privileged entity (listed). This suggests that the same operation will work when attempted by non-privileged/standard users.
Information displayed by Application Verifier- Format: - %hs: (%ws) looks okay because it grants to '%ws'
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Access Control Entry
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: OK_OBJECT_GRANT
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
Inaccessible object.
Probable causeThe application opened an object (such as a file or registry key) that grants no explicit access to anyone. Barring administrative intervention (such as SE_TAKEOWNERSHIP_PRIVILEGE or SE_BACKUP_PRIVILEGE), the operation being performed by the application should never succeed. Therefore, what the application is doing will not work for standard users.
Information displayed by Application Verifier- Format: - %hs: (%ws) DACL allows no access by 'anyone'
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Object's DACL
- Parameter 4 - N/A
- Test Layer: LuaPriv
- Stop ID: EMPTY_DACL
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Part of a security descriptor is missing.
Probable causeThe Verifier attempted to analyze the object's security descriptor, but received an unexpected error when attempting to break it into pieces for scrutiny. This may suggest that the object's security descriptor could be invalid.
Information displayed by Application Verifier- Format: - Object: Could not query %hs (%ws) %hs due to error 0x%x
- Parameter 1 - Object Name
- Parameter 2 - What's Missing (string)
- Parameter 3 - Security Descriptor
- Parameter 4 - Win32 error
- Test Layer: LuaPriv
- Stop ID: MISSING_PIECE
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Part of a security descriptor is missing.
Probable causeThe Verifier attempted to analyze the object's security descriptor, but received an unexpected error when attempting to break it into pieces for scrutiny. This may suggest that the object's security descriptor could be invalid.
Information displayed by Application Verifier- Format: - Object: Could not retrieve ACE number %ld from %hs (%ws) DACL due to error 0x%x
- Parameter 1 - Object Name
- Parameter 2 - Missing ACE index
- Parameter 3 - Security Descriptor
- Parameter 4 - Win32 error
- Test Layer: LuaPriv
- Stop ID: MISSING_ACE
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application requested MAXIMUM_ALLOWED access.
Probable causeThe application requested MAXIMUM_ALLOWED access to an object (such as a file or registry key). Because of this, the open function will always succeed, even if no permission is actually granted to the user. This is unacceptable programming practice. In addition, the Verifier cannot authoritatively determine what rights the application actually needs in order to operate. The Verifier has attempted to analyze the application as if all access privileges granted were actually required, which may cause false-positives.
Information displayed by Application Verifier- Format: - %hs: Opened (%ws) with '%hs' for 0x%x (%hsMAXIMUM_ALLOWED), was granted 0x%x access
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Requested Access
- Parameter 4 - Granted Access
- Test Layer: LuaPriv
- Stop ID: MAXIMUM_ALLOWED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application requested MAXIMUM_ALLOWED access.
Probable causeThe application requested MAXIMUM_ALLOWED access to an object (such as a file or registry key). Because of this, the open function will always succeed, even if no permission is actually granted to the user. This is unacceptable programming practice. In addition, the Verifier cannot authoritatively determine what rights the application actually needs in order to operate. The Verifier has attempted to determine what rights might have been granted to the application by the object, but failed to do so.
Information displayed by Application Verifier- Format: - %hs: Opened (%ws) with '%hs' for 0x%x (%hsMAXIMUM_ALLOWED), but granted access could not be determined due to error 0x%x. The object should be checked manually
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Requested Access
- Parameter 4 - Error Value
- Test Layer: LuaPriv
- Stop ID: UNKNOWN_MAXIMUM_ALLOWED
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Skipped unknown permissions.
Probable causeThe application requested permissions that are unknown to the Verifier. Lacking context, the Predictor cannot currently diagnose problems relating to these access bits.
Information displayed by Application Verifier- Format: - Did not check unknown permissions 0x%x on '%hs' (%ws)
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Unknown access mask bits
- Parameter 4 - Security Descriptor
- Test Layer: LuaPriv
- Stop ID: UNKNOWN_PERMS
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application was granted access to an object.
Probable causeThe application was granted access to the given profile section. The profile section has not yet been analyzed for security relevance. This message is for debugging purposes only.
Information displayed by Application Verifier- Format: - Ini: %hs Granted access to profile '%ws'
- Parameter 1 - INI File (profile)
- Parameter 2 - Section
- Parameter 3 - Value
- Parameter 4 - Win32 Error
- Test Layer: LuaPriv
- Stop ID: INI_PROFILE_ACCESS_GRANTED
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
The application performed a hard administrator check.
Probable causeThe application asked the operating system whether the listed SID was present in the user's access token. The SID corresponds to a privileged entity; this means that the application performs somewhat differently if the user is a member of the listed group (usually, administrators).
Information displayed by Application Verifier- Format: - Called CheckTokenMembership against trusted entity '%ws' (%hs)
- Parameter 1 - Token Handle (optional)
- Parameter 2 - Binary SID
- Parameter 3 - Present?
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: CHECKTOKENMEMBERSHIP_TRUSTED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called CheckTokenMembership.
Probable causeThe application asked the operating system whether the listed SID was present in the user's access token. The SID was not identifiable as a trusted entity, so this message is informational only.
Information displayed by Application Verifier- Format: - Called CheckTokenMembership against entity '%ws' (%hs)
- Parameter 1 - Token Handle (optional)
- Parameter 2 - Binary SID
- Parameter 3 - Present?
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: CHECKTOKENMEMBERSHIP_UNTRUSTED
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: no
- Create backtrace: yes
The application called a WriteProfile API with LUA issue.
Probable causeThe application called a WriteProfile API with parameters that might fail under standard user account.
Information displayed by Application Verifier- Format: - Ini: %hs called with Ini file '%ws', Section '%ws', Key '%ws'
- Parameter 1 - INI File (profile)
- Parameter 2 - Section
- Parameter 3 - Key
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: INI_PROFILE_CONCERN
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application performed an operation that required privilege.
Probable causeThe application used MAXIMUM_ALLOWED to get access required to call this function. This function would fail if called by a Standard User.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) requires '%hs' access. This access was restricted to trusted users when the application called %hs with 'MAXIMUM_ALLOWED'. If the application were running as a standard user, the call to %hs would succeed, but this call to %hs would fail.
- Parameter 1 - Handle to the object being manipulated
- Parameter 2 - Name of the operation that would fail (string)
- Parameter 3 - Access(es) required by the operation
- Parameter 4 - Access(es) obtained for this handle that were restricted by this object's DACL
- Test Layer: LuaPriv
- Stop ID: OP_REQUIRES_ACCESS
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The predictor was unable to query required information from a handle
Probable causeThe predictor was unable to query the access granted on a handle on which the application had requested MAXIMUM_ALLOWED.
Information displayed by Application Verifier- Format: - The operating system returned unexpected error 0x%x when querying handle 0x%p
- Parameter 1 - Handle to the object being manipulated
- Parameter 2 - Error returned by the Operating System
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: CANNOT_QUERY_ACCESS
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application tried to launch a process that needs to run elevated on Windows Vista.
Probable causeThe application tried to use CreateProcess family API to launch a process that needs to run elevated on Windows Vista. It should use ShellExecute family API instead.
Information displayed by Application Verifier- Format: - %hs ('%ws', '%ws') tried to launch a process that needs to run elevated on Windows Vista.
- Parameter 1 - API name
- Parameter 2 - Application name
- Parameter 3 - Command line
- Parameter 4 - Last error code set by the API
- Test Layer: LuaPriv
- Stop ID: ELEVATION_REQUIRED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application tried to launch a process that might need to run elevated on Windows Vista.
Probable causeThe application tried to use CreateProcess family API to launch a process that might need to run elevated on Windows Vista. It should use ShellExecute family API instead.
Information displayed by Application Verifier- Format: - %hs ('%ws', '%ws') tried to launch a process that might need to run elevated on Windows Vista.
- Parameter 1 - API name
- Parameter 2 - Application name
- Parameter 3 - Command line
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: ELEVATION_DETECTED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application was denied access to an object.
Probable causeThe application called the listed API, which failed with an access error suggesting a potential LUA issue.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) is denied '%hs' access with error 0x%x.
- Parameter 1 - Error returned
- Parameter 2 - Access Requested (if applicable)
- Parameter 3 - Access Requested (for compatibility)
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: OBJECT_INACCESSIBLE
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called an API that failed unexpectedly, possibly due to bad parameters.
Probable causeThe application called the listed API, which failed with an access error suggesting a potential LUA issue.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) is denied '%hs' access with error 0x%x.
- Parameter 1 - Error returned
- Parameter 2 - Access Requested (if applicable)
- Parameter 3 - Access Requested (for compatibility)
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FAILED_API_CALL
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application opened the Security eventlog
Probable causeThe application opened the Security log, which requires SE_SECURITY_PRIVILEGE to read or write. The SECURITY privilege is, by default, only granted to Administrators.
Information displayed by Application Verifier- Format: - %hs was invoked on the (Security) Eventlog. The Security log always requires SE_SECURITY_PRIVILEGE to access.
- Parameter 1 - Eventlog Handle
- Parameter 2 - n/a
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: SECURITY_LOG_OPENED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application was denied access to an object.
Probable causeThe application was denied access to the given profile section due to insufficient privilege. If the application's functionality is imparied, this access problem may be the cause.
Information displayed by Application Verifier- Format: - Ini: %hs called with Ini file '%ws', Section '%ws', Key '%ws', failed with error 0x%x.
- Parameter 1 - INI File (profile)
- Parameter 2 - Section
- Parameter 3 - Key
- Parameter 4 - Error returned
- Test Layer: LuaPriv
- Stop ID: INI_PROFILE_FAILED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application deleted a virtualized object.
Probable causeThe application deleted an object (file, registry key, etc...) that the system had already designated Virtualized. This means that the next time the application attempts to open the object, it will still exist.
Information displayed by Application Verifier- Format: - %hs called against %hs '%ws'.
- Parameter 1 - n/a
- Parameter 2 - n/a
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: VIRTUALIZED_DELETION
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application provided unknown flags to an API.
Probable causeThe application called an API with flag values that were unknown to the Verifier. The verifier analyzed the call anyway but the output may be suspect because the API may be newer than the Verifier.
Information displayed by Application Verifier- Format: - %hs called with flags 0x%x (unknown 0x%x).
- Parameter 1 - Passed Flag Mask
- Parameter 2 - Unknown flag(s)
- Parameter 3 - Understood flag(s)
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: UNKNOWN_API_OPTIONS
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application tried to set a global Windows hook.
Probable causeThe application tried to set a global Windows hook, which does not work for a standard user.
Information displayed by Application Verifier- Format: - %hs %d (%hs) called to set a global Windows hook.
- Parameter 1 - API Name
- Parameter 2 - Hook Id
- Parameter 3 - Thread Id
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: SET_GLOBAL_HOOK
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application failed to set a Windows hook.
Probable causeThe application failed to set a global Windows hook, which might be caused by inadequate privileges.
Information displayed by Application Verifier- Format: - %hs %d (%hs) failed to set a Windows hook with error 0x%x.
- Parameter 1 - API Name
- Parameter 2 - Hook Id
- Parameter 3 - Thread Id
- Parameter 4 - Error code
- Test Layer: LuaPriv
- Stop ID: SET_HOOK_FAILED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called NetUserGetInfo.
Probable causeThe application called NetUserGetInfo and requested the user privilege information. This will work as a standard user, but it generally indicates that the application expects to be run by an administrator and is examining the access token to determine this.
Information displayed by Application Verifier- Format: - NetUserGetInfo (level: %d) called.
- Parameter 1 - User Name
- Parameter 2 - Level
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: NETUSERGETINFO
- Stop code: 3300NAN
- Severity: Warning
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called SetActivePwrScheme.
Probable causeThe application called SetActivePwrScheme that might fail under standard user account.
Information displayed by Application Verifier- Format: - SetActivePwrScheme (ID: %d) called to set the active power scheme.
- Parameter 1 - Power scheme Id
- Parameter 2 - Global power policy
- Parameter 3 - Power policy
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: SETACTIVEPWRSCHEME
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called SetActivePwrScheme.
Probable causeThe application called SetActivePwrScheme that might fail under standard user account.
Information displayed by Application Verifier- Format: - SetActivePwrScheme (ID: %d) called to set the active power scheme and failed with error 0x%x.
- Parameter 1 - Power scheme Id
- Parameter 2 - Global power policy
- Parameter 3 - Power policy
- Parameter 4 - Error code
- Test Layer: LuaPriv
- Stop ID: SETACTIVEPWRSCHEME_FAILED
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application called AccessCheck.
Probable causeThe application called AccessCheck against Builtin Administrators. It generally indicates that the application expects to be run by an administrator and is examining the access token to determine this.
Information displayed by Application Verifier- Format: - AccessCheck (%ws) called and returned AccessStatus of %d.
- Parameter 1 - Sid
- Parameter 2 - AccessStatus
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: ACCESSCHECK
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
The application performed a hard admin check
Probable causeThe application called the API listed above to determine if it should do something administrative. This constitutes a hard admin check.
Information displayed by Application Verifier- Format: - The application called %hs to check for administrative power.
- Parameter 1 - Successful?
- Parameter 2 - n/a
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: HARDADMINCHECK
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Information: Application file name.
Probable causeInformation: Application file name.
Information displayed by Application Verifier- Format: - %ws
- Parameter 1 - File Name
- Parameter 2 - n/a
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_NAME
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Information: Application file version.
Probable causeInformation: Application file version.
Information displayed by Application Verifier- Format: - %d.%d.%d.%d
- Parameter 1 - dwFileVersionMS
- Parameter 2 - dwFileVersionLS
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_VERSION
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Information: Application file product version.
Probable causeInformation: Application file product version.
Information displayed by Application Verifier- Format: - %d.%d.%d.%d
- Parameter 1 - dwProductVersionMS
- Parameter 2 - dwProductVersionLS
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_PRODUCT_VERSION
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Information: Application file description.
Probable causeInformation: Application file description.
Information displayed by Application Verifier- Format: - %ws
- Parameter 1 - File description
- Parameter 2 - Language
- Parameter 3 - Code page
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_DESCRIPTION
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Information: Application file product name.
Probable causeInformation: Application file product name.
Information displayed by Application Verifier- Format: - %ws
- Parameter 1 - File product name
- Parameter 2 - Language
- Parameter 3 - Code page
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_PRODUCT_NAME
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Information: Application file company name.
Probable causeInformation: Application file company name.
Information displayed by Application Verifier- Format: - %ws
- Parameter 1 - File company name
- Parameter 2 - Language
- Parameter 3 - Code page
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_COMPANY_NAME
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Information: Application file original filename.
Probable causeInformation: Application file original filename.
Information displayed by Application Verifier- Format: - %ws
- Parameter 1 - File original filename
- Parameter 2 - Language
- Parameter 3 - Code page
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: FILE_ORIGINAL_FILENAME
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
Access was restricted to elevated processes.
Probable causeThe application opened an object (such as a file or registry key) and requested access permissions that were granted solely to elevated processes with high mandatory integrity label.
Information displayed by Application Verifier- Format: - %hs: %hs (%ws) only allows '%hs' access by elevated processes with high mandatory integrity label
- Parameter 1 - Object Type
- Parameter 2 - Object Name
- Parameter 3 - Denied Access Bit
- Parameter 4 - String of Denied Access Bit
- Test Layer: LuaPriv
- Stop ID: RESTRICTED_BY_MIC
- Stop code: 3300NAN
- Severity: Error
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: yes
Information: LUAPriv version.
Probable causeInformation: LUAPriv version.
Information displayed by Application Verifier- Format: - LUAPriv version: %d.%d
- Parameter 1 - Version major
- Parameter 2 - Version minor
- Parameter 3 - n/a
- Parameter 4 - n/a
- Test Layer: LuaPriv
- Stop ID: LUAPRIV_VERSION
- Stop code: 3300NAN
- Severity: Info
- One-time error:
- Error report: None
- Log to file: yes
- Create backtrace: no
See Also
Application Verifier - Stop Codes and Definitions
Application Verifier - Overview
Application Verifier - Features
Application Verifier - Testing Applications
Application Verifier - Tests within Application Verifier