Event ID:
Source:
Microsoft Windows security
Category:
System Integrity
Message:
Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.
File Name: \Device\HarddiskVolume3\Windows\System32\sysfer.dll


Event ID:
Source:
Microsoft Windows security auditing.
Message:
The Windows Filtering Platform has permitted a connection.

Application Information:
Process ID: 4320
Application Name: \device\harddiskvolume2\windows\system32\svchost.exe

Network Information:
Direction: Inbound
Source Address: 224.0.0.252
Source Port: 5355
Destination Address: 167.196.121.75
Destination Port: 60070
Protocol: 17

Filter Information:
Filter Run-Time ID: 83103
Layer Name: Receive/Accept
Layer Run-Time ID: 44


Found 2 records