????

Your IP : 216.73.216.152

Current Path : C:/Windows/System32/en-US/
Upload File :
Current File : C:/Windows/System32/en-US/ci.dll.mui

MZ����@���	�!�L�!This program cannot be run in DOS mode.

$��<߱�R���R���R�U�����R�U�P���R�Rich��R�PEL�!j

���@ @f8.rdata�@@.rsrcp h@@*�=�
T88*�=�$��8.rdata8x.rdata$zzzdbg @.rsrc$01@!e.rsrc$02 ����˲���ن����X)Z�9�*�=�0�0�H�`�x���������	�			 8!���!^�P"d`�����MUI�����`$�%��'?���3F��y�́�q�������MUIen-USIsolated User Mode (IUM)EnclavePA%00�PP�PP������������P�������������|��������������l�����"�����#�����#���`&
���0���8�&�h:*�*�hA,�,�pB�����B����lC�����C����`D�����D����`E�����E����`F���F����H�	��H���K�	�8O��hQ� �T�
��[Info

Start

Stop

 Log Always

Error

Warning

 Information

Verbose

HMicrosoft-Windows-CodeIntegrity

`Microsoft-Windows-CodeIntegrity/Operational

XMicrosoft-Windows-CodeIntegrity/Verbose

\Code Integrity determined an unsigned kernel module %2 is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.

,Code Integrity is unable to verify the image integrity of the file %2 because the set of per-page image hashes could not be found on the system.

�Code Integrity is unable to verify the image integrity of the file %2 because the set of per-page image hashes could not be found on the system. The image is allowed to load because kernel mode debugger is attached.

8Windows is unable to verify the image integrity of the file %2 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

�Code Integrity is unable to verify the image integrity of the file %2 because a file hash could not be found on the system. The image is allowed to load because kernel mode debugger is attached.

�Code Integrity found a set of per-page image hashes for the file %2 in a catalog %4.

�Code Integrity found a set of per-page image hashes for the file %2 in the image embedded certificate.

�Code Integrity found a file hash for the file %2 in a catalog %4.

�Code Integrity found a file hash for the file %2 in the image embedded certificate.

pCode Integrity successfully loaded the %2 catalog.

hCode Integrity started loading the %2 catalog.

`Code Integrity started reloading catalogs.

xCode Integrity started validating file hash of %2 file.

|Code Integrity started validating page hashes of %2 file.

�Code Integrity started loading catalog cache from %2 file.

`Code Integrity determined a revoked kernel module %2 is loaded into the system.  Check with the publisher to see if a new signed version of the kernel module is available.

8Code Integrity determined a revoked kernel module %2 is loaded into the system. The image is allowed to load because kernel mode debugger is attached.

�The driver %2 is blocked from loading as the driver has been revoked by Microsoft.

�Windows was unable to update the boot catalog cache file.  Status %1.

�Code Integrity determined kernel module %2 is loaded into the system which does not have a valid embedded digital signature. Check with the publisher to see if an embedded signed version of the kernel module is available.

`Code Integrity was unable to load the %2 catalog because the signing certificate for this catalog has been revoked.  This can result in images failing to load because a valid signature cannot be found.  Check with the publisher to see if a new signed version of the catalog and images are available.

�Code Integrity started loading catalog %2 from the cache file.

xCode Integrity started saving catalog cache to %2 file.

pCode Integrity saved catalog %2 to the cache file.

@Code Integrity determined a revoked image %2 is loaded into the system.  Check with the publisher to see if a new signed version of the image is available.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy. However, due to code integrity auditing policy, the image was allowed to load.

(Code Integrity determined a revoked image %2 is loaded into the system. The image is allowed to load because kernel mode debugger is attached.

�Windows is unable to verify the integrity of the file %2 because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

<Code Integrity determined an unsigned image %2 is loaded into the system. Check with the publisher to see if a signed version of the image is available.

�Code Integrity started validating image header of %2 file.

�Code Integrity started retrieving the cached data of %2 file.

tCode Integrity started setting the cache of %2 file.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the security requirements for %5.

tCode Integrity determined that a process (%4) attempted to load %2 that did not meet the security requirements for %5. However, due to system policy, the image was allowed to load.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy. However, due to code integrity auditing policy, the image was allowed to load.

<Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy.

�Code Integrity was unable to load the weak crypto policy value from registry. Status %1.

�Code Integrity was unable to load the weak crypto policy from registry store. Status %1.

�Code Integrity was unable to load the weak crypto policies. Status %1.

Code Integrity determined that the module %2 is not compatible with hypervisor enforcement due to it having non-page aligned sections.

TCode Integrity determined that the module %2 is not compatible with strict mode hypervisor enforcement due to it having an executable section that is also writable.

�Code Integrity was unable to verify a page for a module verified using hypervisor enforcement. Status %1.

Code Integrity determined that process (%4) spent %7 and %8 microseconds for Code Integrity check and policy check to load %2 with validated %6 signing level. For all components without EA cache, Code Integrity spent about %90  more time when policy enforced.

�Code Integrity determined kernel module %2 that did not meet the WHQL requirements is loaded into the system. However, due to code integrity auditing policy, the image was allowed to load.

�Code Integrity determined kernel module %2 that did not meet the WHQL requirements is loaded into the system. Check with the publisher to see if a WHQL compliant kernel module is available.

�Code Integrity will enable WHQL driver enforcement for this boot session.  Settings %1. Exemption %2.

�Code Integrity will disable WHQL driver enforcement for this boot session.  Settings %1.

Code Integrity determined that a process (%4) attempted to load %2 that did not meet the signing requirements for Isolated User Mode.

�Code Integrity determined that the kernel module %2 is not compatible with hypervisor enforcement. Status %3.

�Code Integrity testing module %2 against policy %11. Status %3

�Signature information for another event. Match using the Correlation Id.

�Code Integrity policy %5 %2 is set to unrefreshable. id %4. Status: %6

�No change in active Code Integrity policy %5 %2 after refresh. id %4. Status %6

�Not allowed to refresh Code Integrity policy %5 %2. id %4. Status %6

�Refreshed and activated Code Integrity policy %5 %2. id %4. Status %6

�Refreshed but not activated Code Integrity policy %5 %2. id %4. Status %6

xCode Integrity policy refresh started for %1 policies.

xCode Integrity policy refresh finished for %1 policies.

�Ignoring refresh for Code Integrity policy ID %1. Status %2.

�Windows blocked file %2 which has been disallowed for protected processes.

�Trying to refresh Code Integrity policy with policy ID %1.

�Code Integrity failed to set cache for %2 file due to validation failure. Status %3.

�Code Integrity failed to set cache for %2 file because it does not meet signing level requirements. Status %3.

�Code Integrity successfully switched from %3 mode to %4 mode.

|Code Integrity already switched from %3 mode to %4 mode.

�Code Integrity failed to switch from %3 mode to %4 mode with error code %5.

Code Integrity determined that %4 is trying to load %2 which failed the dynamic code trust verification with error code of %5.

xSignature information for Code Integrity policy ID %1.

�Code Integrity was unable to load the %2 catalog. Status %3.

xCode Integrity completed reloading catalogs. Status %1.

|Code Integrity completed validating file hash. Status %1.

�Code Integrity completed validating page hashes. Status %1.

�Code Integrity completed loading catalog cache. Status %1.

|Code Integrity completed saving catalog cache. Status %1.

�Code Integrity completed validating image header. Status %1.

�Code Integrity completed setting the file cache. Status %1.

4Code Integrity determined that a process (%6) attempted to load %2 that is not compatible with hypervisor enforcement. Failure bitmap %4. Status %3.

�Code Integrity completed retrieval of file cache. Status %1.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated Advanced Threat Protection policy. However, due to code integrity auditing policy, the image was allowed to load.

TCode Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated Advanced Threat Protection policy.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy (Policy ID:%29). However, due to code integrity auditing policy, the image was allowed to load.

\Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy (Policy ID:%29).

hCode Integrity determined that a process (%4) attempted to load %2 that violated Driver policy. However, due to code integrity auditing policy, the image was allowed to load.

�Code Integrity determined that a process (%4) attempted to load %2 that violated Driver policy.

�Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy (Policy ID:%33). However, due to code integrity auditing policy, the image was allowed to load.

\Code Integrity determined that a process (%4) attempted to load %2 that did not meet the %5 signing level requirements or violated code integrity policy (Policy ID:%33).

L3

L2

Unchecked

Unsigned

 Enterprise

Custom 1

$Authenticode

Custom 2

Store

8Custom 3 / Antimalware

Microsoft

HStore or Enterprise (Custom 4)

Custom 5

8Dynamic Code Generation

Windows

HWindows Protected Process Light

 Windows TCB

Custom 6

(Shared Sections

Dinvalid Code Integrity policy

Lenterprise Code Integrity policy

TWindows revoke Code Integrity policy

<SKU Code Integrity policy

Xenterprise update Code Integrity policy

`Windows update revoke Code Integrity policy

LSKU update Code Integrity policy

XWindows lockdown Code Integrity policy

dWindows update lockdown Code Integrity policy

lAdvanced Threat Protection Code Integrity policy

xAdvanced Threat Protection update Code Integrity policy

DDriver Code Integrity policy

`Driver update revoke Code Integrity policy

,Non-native image

<Invalid section alignment

PA section has an invalid alignment

|A non-discarable section is both writable and executable

lA shared section is both writable and executable

|The Import Address Table is within an executable section

dThe Import Address Table location is invalid

XThe Import Address Table was not found

dThe image sections are not contiguous on disk

tThe sections of the image are not in ascending order

\A section of the image has invalid sizing

lThe image has a non-conformant Authenticode entry

(Unknown failure

�4VS_VERSION_INFO��
{
|O
{
|O?�StringFileInfo�040904B0LCompanyNameMicrosoft CorporationTFileDescriptionCode Integrity Modulen'FileVersion10.0.20348.3451 (WinBuild.160101.0800).InternalNameci.dll�.LegalCopyright� Microsoft Corporation. All rights reserved.>OriginalFilenameci.dll.muij%ProductNameMicrosoft� Windows� Operating SystemDProductVersion10.0.20348.3451DVarFileInfo$Translation	�PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING