In the TSSUTIL report, why is the SRC / DRC of *0C*-0A treated as a violation? Is there a way to prevent these entries from coming out in the audit / tracking file?

The DRC 010 (x'0A') is considered a violation. This is why it shows in the TSSUTIL report. Since it is a violation, it cannot be removed.

The SRC / DRC of *0C*-0A means:

0C=PASSWORD EXPIRED 

0A = PASSWORD HAS EXPIRED. NEW PASSWORD MISSING 

Despite the fact that this can occur frequently and looks to be normal, it has always been treated as a violation by Top Secret because it is considered as a potential one.