Code Integrity determined a revoked kernel module %{FileNameBuffer} is loaded into the system. The image is allowed to load because kernel mode debugger is attached.
# | Name | In Type |
Out Type |
---|---|---|---|
1 | FileNameLength | win:UInt16 | xs:unsignedShort |
2 | FileNameBuffer | win:UnicodeString | xs:string |
3 | SecureRequired | win:HexInt32 | win:HexInt32 |
4 | RequestedSigningLevel | win:UInt8 | xs:unsignedByte |
5 | ProcessNameLength | win:UInt16 | xs:unsignedShort |
6 | ProcessNameBuffer | win:UnicodeString | xs:string |
Version: 1
Fingerprint: ULQXWVX2T44UM