I run the Application Verifier on a brand new WindowsApplication project
created i VB. It contains just one button stating "Hello World". What is
very strange then is that the application verifier states ha whole bunch of
errors that in my opinion should not occur at all when created with the
latest tool. For example "using an obsolete API"

If the base stuff in .NET does not create a .exe file conforming to
"Designed for Windows" how should we ever manage that?

Have i misunderstood it all or what is wrong here

attached is the log file with all errors..

I am running:

Visual Studio.NET 2003    7.1.3088

Framework                        1.1.4322

Application Verifier 2.5

Best regards

Fredrik Nelson

# LOG_BEGIN 2/19/2004 16:44:47 '\\COUGAR\Dev\WindowsApplication2.exe'
'C:\Documents and Settings\All
Users\Documents\AppVerifierLogs\WindowsApplication21.log'
# SHIM_BEGIN FilePaths 9
# LOGENTRY FilePaths 0 'Used a Windows Temp path that was not obtained using
an approved method.
# DESCRIPTION BEGIN
The application used a Windows Temp path that was not obtained using a
method approved by the Designed for Windows Logo Program. Use the
GetTempPath API to locate appropriate storage for temporary files.
# DESCRIPTION END
# LOGENTRY FilePaths 1 'Used a Windows directory path that was not obtained
using an approved method.
# DESCRIPTION BEGIN
The application used a Windows directory path that was not obtained using a
method approved by the Designed for Windows Logo Program. Use the correct
API function when accessing the Windows directory path:
GetWindowsDirectory()
# DESCRIPTION END
# LOGENTRY FilePaths 2 'Used a System Windows directory path that was not
obtained using an approved method.
# DESCRIPTION BEGIN
The application used a System Windows directory path that was not obtained
using a method approved by the Designed for Windows Logo Program. Use the
correct API function when accessing the Windows System directory path:
GetSystemWindowsDirectory()
# DESCRIPTION END
# LOGENTRY FilePaths 3 'Used a Windows System directory path that was not
obtained using an approved method.
# DESCRIPTION BEGIN
The application used a Windows System Directory path that was not obtained
using a method approved by the Designed for Windows Logo Program. Use the
correct API function when accessing the Windows System directory path:
GetSystemDirectory()
# DESCRIPTION END
# LOGENTRY FilePaths 4 'Used a My Documents directory path that was not
obtained using an approved method.
# DESCRIPTION BEGIN
The application used a My Documents directory path that was not obtained
using a method approved by the Designed for Windows Logo Program. Use the
correct API function when accessing a user's My Documents directory path:
SHGetFolderPath() with CSIDL=CSIDL_PERSONAL
# DESCRIPTION END
# LOGENTRY FilePaths 5 'Used a common programs directory path that was not
obtained using an approved method.
# DESCRIPTION BEGIN
The application used a common program directory path that was not obtained
using a method approved by the Designed for Windows Logo Program. Use the
correct API function when accessing the common programs directory path:
SHGetFolderPath() with CSIDL=CSIDL_COMMON_PROGRAMS.
# DESCRIPTION END
# LOGENTRY FilePaths 6 'Used a common Start menu directory path that was not
obtained using an approved method.
# DESCRIPTION BEGIN
The application used a common Start menu directory path that was not
obtained using a method approved by the Designed for Windows Logo Program.
Use the correct API function when accessing the common Start menu directory
path: SHGetFolderPath() with CSIDL=CSIDL_COMMON_STARTMENU.
# DESCRIPTION END
# LOGENTRY FilePaths 7 'Used a programs directory path that was not obtained
using an approved method.
# DESCRIPTION BEGIN
The application used a programs directory path that was not obtained using a
method approved by the Designed for Windows Logo Program. Use the correct
API function when accessing the programs directory path: SHGetFolderPath()
with CSIDL=CSIDL_PROGRAMS
# DESCRIPTION END
# LOGENTRY FilePaths 8 'Used a Start menu directory path that was not
obtained using an approved method.
# DESCRIPTION BEGIN
The application used a Start menu directory path that was not obtained using
a method approved by the Designed for Windows Logo Program. Use the correct
API function when accessing the start menu directory path: SHGetFolderPath()
with CSIDL=CSIDL_STARTMENU
# DESCRIPTION END
# SHIM_BEGIN HighVersionLie 2
# LOGENTRY HighVersionLie 0 'Called the GetVersion API.
# DESCRIPTION BEGIN
The application called the GetVersion API. This is an informational message;
no action is required.
# DESCRIPTION END
# URL 'http://go.microsoft.com/fwlink/?linkid=5644
# LOGENTRY HighVersionLie 1 'Called the GetVersionEx API.
# DESCRIPTION BEGIN
The application called the GetVersionEx API. This is an informational
message; no action is required.
# DESCRIPTION END
# SHIM_BEGIN RegistryChecks 18
# LOGENTRY RegistryChecks 0 'Read from Current User Registry Key: Console.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: Console. It should not
read this area of the registry directly for console information. Registry
keys change with each version of Windows. To guarantee compatibility, use
the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 1 'Read from Current User Registry Key:
ControlPanel.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: ControlPanel. It should
not read this area of the registry directly for Control Panel information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 2 'Read from Current User Registry Key:
Environment.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: Environment. It should
not read from this area of the registry directly for environment
information. Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API call: getenv()
# DESCRIPTION END
# URL 'http://go.microsoft.com/fwlink?linkid=392
# LOGENTRY RegistryChecks 3 'Read from Current User Registry Key:
Identities.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: Identities. It should
not read from this area of the registry directly for user information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 4 'Read from Current User Registry Key:
KeyboardLayout.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: KeyboardLayout. It
should not read from this area of the registry directly for keyboard
information. Registry keys change with each version of Windows.  To
guarantee compatibility, use the correct API call: GetKeyboardLayout()
# DESCRIPTION END
# URL 'http://go.microsoft.com/fwlink?linkid=393
# LOGENTRY RegistryChecks 5 'Read from Current User Registry Key: Printers.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: Printers. It should not
read from this area of the registry directly for system information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls: GetPrinter() and GetPrinterData()
# DESCRIPTION END
# URL 'http://go.microsoft.com/fwlink?linkid=394
# LOGENTRY RegistryChecks 6 'Read from Current User Registry Key:
RemoteAccess.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: RemoteAccess. It should
not read from this area of the registry directly for remote access service
information. Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# URL 'http://go.microsoft.com/fwlink?linkid=395
# LOGENTRY RegistryChecks 7 'Read from Current User Registry Key:
SessionInformation.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: SessionInformation. It
should not read this area of the registry directly for session information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 8 'Read from Current User Registry Key:
UNICODEProgramGroups.
# DESCRIPTION BEGIN
The application from Current User Registry Key: UNICODEProgramGroups. It
should not read this area of the registry directly for program group
information. Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 9 'Read from Current User Registry Key:
VolatileEnvironment.
# DESCRIPTION BEGIN
The application read from Current User Registry Key: VolatileEnvironment. It
should not read this area of the registry directly for information. Registry
keys change with each version of Windows. To guarantee compatibility, use
the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 10 'Read from Current User Registry Key:
Windows31MigrationStatus.
# DESCRIPTION BEGIN
The application read from Current User Registry Key:
Windows31MigrationStatus. It should not read this area of the registry
directly for information. Registry keys change with each version of Windows.
To guarantee compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 11 'Read from Local Machine Registry Key:
Hardware.
# DESCRIPTION BEGIN
The application read from Local Machine Registry Key: Hardware. It should
not read this area of the registry directly for hardware information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 12 'Read from Local Machine Registry Key: SAM.
# DESCRIPTION BEGIN
The application read from Local Machine Registry Key: SAM. It should not
read this area of the registry directly for security-related information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 13 'Read from Local Machine Registry Key:
Security.
# DESCRIPTION BEGIN
The application read from Local Machine Registry Key: Security. It should
not read this area of the registry directly for security-related
information. Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 14 'Read from Local Machine Registry Key: System.
# DESCRIPTION BEGIN
The application read from Local Machine Registry Key: System. It should not
read this area of the registry directly for system-related information.
Registry keys change with each version of Windows. To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 15 'Read from the HKEY_CURRENT_CONFIG Registry
Key.
# DESCRIPTION BEGIN
The application read from Current Configuration Registry Keys. It should not
read this area of the registry directly for configuration information.
Registry keys change with each version of Windows.  To guarantee
compatibility, use the correct API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 16 'Read from Users Registry Keys.
# DESCRIPTION BEGIN
The application read from Users Registry Keys. It should not read this area
of the registry directly for user-related information.  Registry keys change
with each version of Windows. To guarantee compatibility, use the correct
API calls.
# DESCRIPTION END
# LOGENTRY RegistryChecks 17 'Wrote to a non-Current User Registry Key.
# DESCRIPTION BEGIN
The application wrote to a non-Current User Registry Key. Applications
should store information to the Current User section of the registry, which
allows each user to have their own saved preferences.
# DESCRIPTION END
# SHIM_BEGIN DXFileVersionInfo 1
# LOGENTRY DXFileVersionInfo 0 'Performed a version check on DirectX files.
# DESCRIPTION BEGIN
The application attempted to get version information directly from DirectX
files. Applications should not try to detect DirectX version information,
but should instead attempt to install the DirectX version with which the
application is compatible. For more information, see the DirectX SDK.
# DESCRIPTION END
# SHIM_BEGIN ObsoleteAPICalls 1
# LOGENTRY ObsoleteAPICalls 0 'Called an obsolete API.
# DESCRIPTION BEGIN
The application called an obsolete API. Applications should not call
obsolete APIs. Find and use current APIs instead.
# DESCRIPTION END
# URL 'http://go.microsoft.com/fwlink/?linkid=5610
# SHIM_BEGIN KernelModeDriverInstall 2
# LOGENTRY KernelModeDriverInstall 0 'Installed a kernel-mode driver.
# DESCRIPTION BEGIN
The application installed a kernel-mode driver. To properly install
kernel-mode drivers, applications should use the CreateService API.
# DESCRIPTION END
# LOGENTRY KernelModeDriverInstall 1 'Installed a file system filter driver
that executes in kernel-mode.
# DESCRIPTION BEGIN
The application installed a file system filter driver that executes in
kernel-mode. To properly install kernel-mode drivers, applications should
use the CreateService API.
# DESCRIPTION END
# SHIM_BEGIN SecurityChecks 29
# LOGENTRY SecurityChecks 0 'Called an API and passed arguments that may
lead to security issues.
# DESCRIPTION BEGIN
The lpApplicationName argument is NULL, lpCommandLine has spaces, and the
exe name is not in quotes.
# DESCRIPTION END
# LOGENTRY SecurityChecks 1 'Called an API that should not be used due to
potential security issues.
# DESCRIPTION BEGIN
The application called an API that should not be used due to potential
security issues. Use the more secure API, CreateProcess or
CreateProcessAsUser.
# DESCRIPTION END
# LOGENTRY SecurityChecks 2 'Set a dangerous security descriptor.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) an excessively
permissive security descriptor.  Depending on the permissions granted
(detailed in the log entry), an unauthorized user could perform illegitimate
actions on the object (for example, delete it).  This could disrupt
application operation in different ways, depending on the permissions
granted and what they mean for the object in question.
# DESCRIPTION END
# LOGENTRY SecurityChecks 3 'Set a questionable security descriptor.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) a security
descriptor that is potentially questionable for the reasons detailed within
the log entry.  This is a notice that security problems MAY exist with the
object in question.
# DESCRIPTION END
# LOGENTRY SecurityChecks 4 'Unable to verify security.
# DESCRIPTION BEGIN
The verifier was unable to determine the security status of a call to this
API.  The log entries detail the specific reason(s).
# DESCRIPTION END
# LOGENTRY SecurityChecks 5 'Supplied a questionable SID.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) security that
included a SID (Security Identifier) that is prone to abuse, misuse, or
other programming errors.  The SID's usage in the security descriptor should
be reviewed for correctness.  This message means that security problems MAY
exist with the object in question.
# DESCRIPTION END
# LOGENTRY SecurityChecks 6 'Supplied an unknown SID.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) security that
included a SID (Security Identifier) not known to the verifier.  If the SID
is not well-known, then the Verifier cannot judge its trustworthiness.
# DESCRIPTION END
# LOGENTRY SecurityChecks 7 'Supplied an invalid access mask.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) security that
included a descretionary access control list (DACL) granting permission bits
unknown to the verifier.  These bits (listed in the entry) should be
reviewed to determine if they are actually valid (e.g. newer than the
Verifier).  If the bits are valid, the entry in the DACL should be checked
to see if it is safe to grant those bits to the entity listed.  If the bits
are NOT currently valid, then the object presents a possible security risk
because future implementations may render those bits valid, giving the
listed principal more power than the implementor intended.
# DESCRIPTION END
# LOGENTRY SecurityChecks 8 'Supplied a possibly-untrustworthy owner for the
object.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) security
descriptor specified an owner who may or may not be fully trusted.  Any
object's owner is automatically granted the ability to change the security
permissions on that object (WRITE_DAC).  The owner (listed in the message)
should be reviewed to determine if this is safe.  If this object is only to
be accessed by the owner, then this message can be ignored.  This message
means that security problems MAY exist with the object in question.
# DESCRIPTION END
# LOGENTRY SecurityChecks 9 'Supplied an unknown owner.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) security that
specified an owner whose SID could not be resolved.  The owner (listed in
the message) should be reviewed to determine why it cannot be resolved.
This message probably does not represent a security hole, but may be the
result of a programming error.
# DESCRIPTION END
# LOGENTRY SecurityChecks 10 'Supplied an untrustworthy owner for the
object.
# DESCRIPTION BEGIN
The application assigned an object (file, registry key, etc.) security that
specified an owner who is not trustworthy.  Any object's owner is
automatically granted the ability to change the security permissions on that
object (WRITE_DAC).  The owner (listed in the message) should be changed.
# DESCRIPTION END
# LOGENTRY SecurityChecks 11 'Moved a file to a location where it inherits
dangerous access permissions.
# DESCRIPTION BEGIN
The application moved a file to a different volume and placed it in a
location where it inherits dangerous access permissions. The application
should explicitly set the security attributes for the new file, since the
MoveFile APIs do not copy the security attributes of the original file when
called with the MOVEFILE_COPY_ALLOWED flag.
# DESCRIPTION END
# LOGENTRY SecurityChecks 12 'Copied a file to a location where it inherits
dangerous access permissions.
# DESCRIPTION BEGIN
The application copied a file to a different volume and placed it in a
location where it inherits dangerous access permissions. The application
should explicitly set the security attributes for the new file, since the
CopyFile APIs do not copy the security attributes of the original file.
# DESCRIPTION END
# LOGENTRY SecurityChecks 13 'Called setsockopt with options that are
susceptible to hijacking.
# DESCRIPTION BEGIN
The application did not set the SO_EXCLUSIVEADDRUSE flag in the setsockopt
API. Doing so prevents unwanted hosts using SO_REUSEADDR from binding onto a
port and hijacking the host.
# DESCRIPTION END
# LOGENTRY SecurityChecks 14 'Called an API that should not be used due to
potential security issues.
# DESCRIPTION BEGIN
The application called the insecure API gets. Consider using fgets or
ReadConsole instead.
# DESCRIPTION END
# LOGENTRY SecurityChecks 15 'Called an API that should not be used due to
potential security issues.
# DESCRIPTION BEGIN
The application called the insecure API _getws. Consider using fgetws or
ReadConsole instead.
# DESCRIPTION END
# LOGENTRY SecurityChecks 16 'Attempted to impersonate without the
Impersonation privilege
# DESCRIPTION BEGIN
The application called an API that generatlly requires
SeImpersonatePrivilege, but the application does not possess that privilege.
Without this privilege, the application may be unable to access many system
objects, except in cases where it impersonates itself. If you're seeing this
message, then the application may be (falsely) assuming it can perform
operations and access local objects on behalf of authenticated callers.  If
the impersonation requests are being denied, the application is likely to
see ACCESS_DENIED errors.
# DESCRIPTION END
# LOGENTRY SecurityChecks 17 'Possessed a dangerous privilege (server only)
# DESCRIPTION BEGIN
The application possessed one or more privileges that it may not have
actually needed.  If the application can be subverted (via other security
holes), then these privileges could be used by an attacker to gain
additional footing within the system. To determine whether this warning
applies to your application, check to see if any of the privileges can be
safely expunged from the process token (by calling AdjustTokenPrivileges
with the SE_PRIVILEGE_REMOVED bit on WinXP+).
# DESCRIPTION END
# LOGENTRY SecurityChecks 18 'Accessed an object with a dangerous security
descriptor.
# DESCRIPTION BEGIN
The application accessed an object (file, registry key, etc.) with an
excessively permissive security descriptor.  Depending on the permissions
granted (detailed in the log entry), an unauthorized user could perform
illegitimate actions on the object (for example, delete it).  This could
disrupt application operation in different ways, depending on the
permissions granted and what they mean for the object in question. The
object may have been created by another application-- this message means
that the infrastructure on which this application is built probably has
security issues.  The entity responsible for setting the security of the
object should be identified and informed of the problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 19 'Accessed an object with a questionable
security descriptor.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
descriptor is potentially questionable for the reasons detailed within the
log entry. The object may have been created by another application-- this
message means that the infrastructure on which this application is built MAY
have security issues.  The entity responsible for setting the security of
the object should be identified and informed of the potential problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 20 'Accessed an object granting permission to a
questionable SID.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
included a SID (Security Identifier) that is prone to abuse, misuse, or
other programming errors.  The SID's usage in the security descriptor should
be reviewed for correctness. The object may have been created by another
application-- this message means that the infrastructure on which this
application is built MAY have security issues.  The entity responsible for
setting the security of the object should be identified and informed of the
potential problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 21 'Accessed an object granting permission to an
unknown SID.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
included a SID (Security Identifier) not known to the verifier.  If the SID
is not well-known, then the Verifier cannot judge its trustworthiness. The
object may have been created by another application-- this message means
that the infrastructure on which this application is built MAY have security
issues.  The entity responsible for setting the security of the object
should be identified and informed of the potential problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 22 'Accessed an object granting invalid access.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
included a descretionary access control list (DACL) granting permission bits
unknown to the verifier.  These bits (listed in the entry) should be
reviewed to determine if they are actually valid (e.g. newer than the
Verifier).  If the bits are valid, the entry in the DACL should be checked
to see if it is safe to grant those bits to the entity listed.  If the bits
are NOT currently valid, then the object presents a possible security risk
because future implementations may render those bits valid, giving the
listed principal more power than the implementor intended. The object may
have been created by another application-- this message means that the
infrastructure on which this application is built probably will have
security issues.  The entity responsible for setting the security of the
object should be identified and informed of the potential problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 23 'Accessed an object whose owner may be
untrustworthy.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
descriptor specified an owner who may or may not be fully trusted.  Any
object's owner is automatically granted the ability to change the security
permissions on that object (WRITE_DAC).  The owner (listed in the message)
should be reviewed to determine if this is safe.  If this object is only to
be accessed by the owner, then this message can be ignored. The object may
have been created by another application-- this message means that the
infrastructure on which this application is built MAY have security issues.
The entity responsible for setting the security of the object should be
identified and informed of the potential problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 24 'Accessed an object whose owner could not be
validated.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
descriptor specified an owner whose SID could not be resolved.  The owner
(listed in the message) should be reviewed to determine why it cannot be
resolved. The object may have been created by another application.  The
entity responsible for setting the security of the object should be
identified and informed of the potential problem.   This message probably
does not represent a security hole, but may be the result of a programming
error.
# DESCRIPTION END
# LOGENTRY SecurityChecks 25 'Accessed an object whose owner should not be
trusted.
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) whose security
descriptor specified an owner who is not trustworthy.  Any object's owner is
automatically granted the ability to change the security permissions on that
object (WRITE_DAC).  The owner (listed in the message) should be changed.
The object may have been created by another application-- this message means
that the infrastructure on which this application is built PROBABLY has
security issues.  The entity responsible for setting the security of the
object should be identified and informed of the potential problem.
# DESCRIPTION END
# LOGENTRY SecurityChecks 26 'Security Information for objects that have
been flagged by SecurityChecks
# DESCRIPTION BEGIN
Each entry in this log is for an object that SecurityChecks flagged as
dangerous or questionable.  The individual messages list the object name and
its security descriptor in SDDL format.  These messages are provided to help
track down errors found elsewhere in the log.
# DESCRIPTION END
# LOGENTRY SecurityChecks 27 'Called an API that doesn't support
impersonation while impersonating
# DESCRIPTION BEGIN
The application called an API that does not support impersonation while
impersonating.  Although the API may succeed, the object created by the API
may not have the Security Descriptor that the programmer intended.
# DESCRIPTION END
# LOGENTRY SecurityChecks 28 'Opened an object for too much access
# DESCRIPTION BEGIN
The application opened an object (file, registry key, etc.) for a suspicious
set of access permissions-- usually all possible access permissions.  It is
very unlikely that the application actually intends to use all of these
access bits. Opening an object for too much access makes it difficult to
distinguish legitimate access (by auditing the Security Log) from attack
activity.  Further, it makes it difficult to restrict the security of the
object in future implementations of the given software without damaging
application compatibility. To fix this, determine what access the
application really needs on the object and change the given API call to
request only those permissions.
# DESCRIPTION END
# SHIM_BEGIN MISCPROGRAMMINGERRORS 8
# LOGENTRY MISCPROGRAMMINGERRORS 0 'Used the Desktop as the parent window
when the CreateWindow(Ex) API was called.
# DESCRIPTION BEGIN
When calling the CreateWindow/Ex API, the application used the Desktop as
the parent window. This can cause Windows to become unstable. Set the parent
window to a valid window or a NULL value.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 1 'Called the SetTimer API without a parent
window or callback function.
# DESCRIPTION BEGIN
The application called the SetTimer API without a parent window or callback
function. This creates a timer message without the necessary parameters for
starting and stopping, which will consume operating system resources. Set
the SetTimer API with a parent window or callback function.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 2 'Called the GetDiskFreeSpace API.
# DESCRIPTION BEGIN
To test if the application ignores the high 32 bits, the return value from
the GetDiskFreeSpace API has been changed so that the lower 32 bits are
zero. If the application displays an error message indicating there is
insufficient disk space, there is a bug with the usage of this API.  Check
that the application uses the full 64-bit number and does not truncate the
number to 32 bits.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 3 'Called the GetDiskFreeSpaceEx API.
# DESCRIPTION BEGIN
To test if the application ignores the high 32 bits, the return value from
the GetDiskFreeSpace API has been changed so that the lower 32 bits are
zero. If the application displays an error message indicating there is
insufficient disk space, there is a bug with the usage of this API.  Check
that the application uses the full 64-bit number and does not truncate the
number to 32 bits.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 4 'Called the GetDiskFreeSpace API.
# DESCRIPTION BEGIN
The GetDiskFreeSpace function cannot report volume sizes that are greater
than 2 GB. To ensure that your application works with large capacity hard
drives, use the GetDiskFreeSpaceEx function.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 5 'Called an API to broadcast a WM_COMMAND
message.
# DESCRIPTION BEGIN
The application called an API to broadcast a WM_COMMAND message to all
top-level windows. This has the potential to crash any application that is
running that receives this message.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 6 'Called the PulseEvent API.
# DESCRIPTION BEGIN
A thread waiting on a synchronization object can be removed from the wait
state momentarily due to a kernel-mode APC, and then returned to the wait
state after the APC is complete.

If the call to PulseEvent occurs while the thread has been momentarily taken
out of the wait state and before it is returned to the wait state, it will
not be released by PulseEvent because PulseEvent releases only threads that
are waiting at the moment it is called.

Since there is no way to detect that this has occurred, PulseEvent is
unreliable and should not be used.

It exists solely for backwards compatibility with older programs.
# DESCRIPTION END
# LOGENTRY MISCPROGRAMMINGERRORS 7 'A window owned by the closing module was
still open when FreeLibrary was called.
# DESCRIPTION BEGIN
A window owned by the closing module was still open when FreeLibrary was
called.  A module should not have any windows open when it is unloaded.
Make sure that you destroy any windows owned by a module before you unload
the module using FreeLibrary.
# DESCRIPTION END
# SHIM_BEGIN InteractiveServices 8
# LOGENTRY InteractiveServices 0 'Ran as an Interactive Service under
LocalSystem
# DESCRIPTION BEGIN
The application ran as an Interactive Service under the LocalSystem account
giving it system-level security rights. This can be a serious security
hazard, as Interactive Services can be hi-jacked to give a user escalated
security privileges.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 1 'Created an Interactive Service
# DESCRIPTION BEGIN
The application created an Interactive Service using CreateService. This can
be a serious security hazard, as Interactive Services can be hi-jacked to
give a user escalated security privileges.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 2 'Sent a UI to the interactive desktop
# DESCRIPTION BEGIN
The application used messageBox to send a notification to the interactive
desktop. This could be a serious security hazard, as GUI widgets from
accounts with a hugh security level (such as LocalSystem) can be manipulated
to execute code at an elevated security level.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 3 'Sent a UI to the interactive desktop.
# DESCRIPTION BEGIN
The application used MessageBoxEx to send a notification to the interactive
desktop.  This can be a serious security hazard because GUI widgets from
accounts with a high security level (such as LocalSystem) can be manipulated
to execute code at an elevated security level.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 4 'Opened active desktop on the interactive
window station
# DESCRIPTION BEGIN
The application opened the interactive desktop (on the interactive window
station) in an attempt to send a UI to it.  This can be a serious security
hazard, as GUI widgets from accounts with a high security level (such as
LocalSystem) can be manipulated to execute code at an elevated security
level.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 5 'Opened active desktop on the interactive
window station
# DESCRIPTION BEGIN
The application opened the interactive desktop (on the interactive window
station) in an attempt to send a UI to it.  This can be a serious security
hazard, as GUI widgets from accounts with a high security level (such as
LocalSystem) can be manipulated to execute code at an elevated security
level.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 6 'Opened active desktop on the interactive
window station.
# DESCRIPTION BEGIN
The application opened the interactive desktop (on the interactive window
station) in an attempt to send a UI to it.  This can be a serious security
hazard, as GUI widgets from accounts with a high security level (such as
LocalSystem) can be manipulated to execute code at an elevated security
level.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# LOGENTRY InteractiveServices 7 'Accessed the address of OpenDesktop
# DESCRIPTION BEGIN
The application used GetProcAddress to retreive the address of OpenDesktop.
This can be a serious security hazard, as GUI widgets from accounts with a
high security level (such as LocalSystem) can be manipulated to execute code
at an elevated security level.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/htm
l/secure08192002.asp
# SHIM_BEGIN DFWChecksAll 2
# LOGENTRY DFWChecksAll 0 'Do not attempt to replace files that are
protected by Windows File Protection
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 2.1. The application attempted to
modify, rename, move, replace, or delete a file which is protected by
Windows. Changes to protected files can cause version conflicts and
operating system instability. Protected files are the core of the operating
system and it is essential for operating system stability that the proper
versions be maintained. Before modifying a file not created by the
application, ensure that the SfcIsFileProtected API is called.
# DESCRIPTION END
# URL
'http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wfp/wfp_3f
l0.asp
# LOGENTRY DFWChecksAll 1 'Perform Windows version checking correctly
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 1.4. The application called the
GetVersion or GetVersionEx API to obtain the version of Windows. The version
reporting for this API is for informational purposes only. If the
application does not install or function properly, investigate if it
correctly handles future versions of Windows. Also, check any areas in the
code where GetVersion or GetVersionEx is used.
# DESCRIPTION END
# SHIM_BEGIN DFWChecksSetup 5
# LOGENTRY DFWChecksSetup 0 'Application should install files to Program
Files directory
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 2.5 & 2.6. The application wrote a
file to an area other than the Program Files directory. According to the
Designed for Windows XP Application Specification, any files not placed in
the Program Files directory must be documented. Use the SHGetFolderPath API
to obtain the Program Files directory, and then document any files written
outside of this directory.
# DESCRIPTION END
# LOGENTRY DFWChecksSetup 1 'Application binaries must have valid file
version information
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 2.3. The application installed a
binary file without valid file version information.  Correct file version
information has several benefits, including making it easier to meet the
requirement of not overwriting files with older versions. The Product Name,
Company Name, and File version of an executable should be should be
contained in its version resource. Edit and recompile the resource file for
this binary to include the required information.
# DESCRIPTION END
# LOGENTRY DFWChecksSetup 2 'Application binaries should not be replaced by
an older version
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 2.3. The application overwrote a newer
binary file with an older version of that file. An application should not
regress any files that you do not produce or that are shared by applications
you do not produce. Perform version checks on binary files using the
VerInstall API.
# DESCRIPTION END
# LOGENTRY DFWChecksSetup 3 'At installation time, an application should not
write to HKCU.
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 2.8. The application wrote to the
HKEY_CURRENT_USER area of the Registry. Writing to this area of the Registry
at installation time prevents the information from being available to all
users. Configure the application to write to the HKEY_LOCAL_MACHINE area of
the Registry or an All Users data directory.
# DESCRIPTION END
# SHIM_BEGIN DFWChecksNonSetup 4
# LOGENTRY DFWChecksNonSetup 0 'Application should write user created data
to My Documents.
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 3.1. The application wrote user
created data to a location other than the My Documents folder.  The My
Documents folder has many benefits which include all users (including those
with restricted account types) have write access to this location and users
have a familiar place to organize and store all their data. Use the
SHGetFolderPath API call to obtain a users My Documents directory.
# DESCRIPTION END
# LOGENTRY DFWChecksNonSetup 1 'Application should write to the appropriate
locations in a user's profile.
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 3.2. The application wrote user
profile information to a location other than the HKEY_CURRENT_USER Registry
area. Configure the application to write user profile information to the
HKEY_CURRENT_USER Registry area only.
# DESCRIPTION END
# LOGENTRY DFWChecksNonSetup 2 'Application should not write file data to
inappropriate places
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 3.2. The application wrote application
or user information to an unapproved file location. Use the SHGetFolderPath
API to obtain the My Documents, Application Data, Local Application Data, or
Common Application Data directories. These directories are appropriate
locations for files created by an application.
# DESCRIPTION END
# LOGENTRY DFWChecksNonSetup 3 'Limited users should not write to certain
subsections of HKCU
# DESCRIPTION BEGIN
Designed for Windows Logo Requirement 3.4. Limited users should not write to
\Software\Policies or \Software\Microsoft\Windows\CurrentVersion\Policies.
These keys are for group policy objects that should be enabled or disabled
through the Group Policy Editor. During runtime, an application should write
data to the appropriate areas: HKCU, My Documents directory, and the
CSIDL_COMMON_APPDATA and CSIDL_COMMON_DOCUMENTS folders.  For directories,
use the SHGetFolderPath API to appropriately get the folder location.
# DESCRIPTION END
# SHIM_BEGIN LogStartAndStop 2
# LOGENTRY LogStartAndStop 0 'Started.
# DESCRIPTION BEGIN
The application started running. This is an informational message; no action
is required.
# DESCRIPTION END
# LOGENTRY LogStartAndStop 1 'Stopped.
# DESCRIPTION BEGIN
The application stopped running. This is an informational message; no action
is required.
# DESCRIPTION END
....
....
....

(0x1f0003) on object Global\CLR_PerfMon_StartEnumEvent