Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


WmiPrvSE modifying Rasphone.pbk

  • Please log in to reply
1 reply to this topic

#1 Thelps


  • Members
  • 43 posts
  • Gender:Male
  • Local time:02:08 PM

Posted 25 January 2016 - 10:26 AM

Hi all,


Every time I start my VPN Client I find that my Firewall/Antivirus warns me that WmiPrvSE is modifying Rasphone.pbk.


This is presented as a warning by the AV/Firewall.


Should I be concerned? What legitimate causes could be the root of this? 

BC AdBot (Login to Remove)


#2 CKing123


  • Members
  • 1,463 posts
  • Gender:Male
  • Location:British Columbia, Canada
  • Local time:06:08 AM

Posted 08 July 2016 - 09:59 AM

You shouldn't be concerned about this:



When you create a connection to a wireless, dial-up, broadband, or VPN network, Windows stores the configuration in a connection profile. By default, these profiles are stored in the file RASPhone.pbk found in the following folder:


After you create a connection profile, you can then connect to that network as needed by using any one of the connection techniques described in Connect to a Remote Network.

Since malware can use this to inject ads, etc its why your AV is considering this as suspicious





If I am helping you and I don't respond within 2 days, feel free to send me a PM

Sysnative Windows Update Senior Analyst 

Github | Keybase

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users