Author Topic: Compose.exe asked for permission to modify \Device\Afd\Endpoint and Registry key (Read 6975 times)

savior · « **on:** April 01, 2015, 11:35:35 AM »

While I was browsing, all of my tabs in Mozilla froze for about 30 seconds. Then, Comodo Firewall alerted me that compose.exe was attempting to modify \Device\Afd\Endpoint and HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters.

Here is the BolehVPN log from that time:

Wed Apr 01 11:48:41 2015 [server] Inactivity timeout (--ping-restart), restarting
Wed Apr 01 11:48:41 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:48:41 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:48:41 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:48:42 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:48:42 2015 SIGUSR1[soft,ping-restart] received, process restarting
Wed Apr 01 11:48:54 2015 UDPv4 link local: [undef]
Wed Apr 01 11:48:54 2015 UDPv4 link remote: [AF_INET]62.212.85.79:443
Wed Apr 01 11:49:00 2015 [server] Peer Connection Initiated with [AF_INET]62.212.85.79:443

Wed Apr 01 11:49:21 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Apr 01 11:49:21 2015 open_tun, tt->ipv6=0
Wed Apr 01 11:49:21 2015 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{4A63F6C9-2291-4423-BFCA-8CD416EAFDB4}.tap
Wed Apr 01 11:49:21 2015 Set TAP-Windows TUN subnet mode network/local/netmask = 172.16.0.0/172.16.0.61/255.255.255.0 [SUCCEEDED]
Wed Apr 01 11:49:21 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of 172.16.0.61/255.255.255.0 on interface {4A63F6C9-2291-4423-BFCA-8CD416EAFDB4} [DHCP-serv: 172.16.0.254, lease-time: 31536000]
Wed Apr 01 11:49:21 2015 Successful ARP Flush on interface [12] {4A63F6C9-2291-4423-BFCA-8CD416EAFDB4}
Wed Apr 01 11:49:31 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:49:31 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:49:31 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:49:31 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 11:49:32 2015 Initialization Sequence Completed

disconnecting from the network...

Wed Apr 01 12:03:56 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 12:03:56 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 12:03:56 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 12:03:57 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Apr 01 12:03:57 2015 SIGTERM[hard,] received, process exiting

Run script: 2

Should I be worried?

PitBoss · « **Reply #1 on:** April 01, 2015, 12:50:38 PM »

Compose is our vpn program. Please allow firewall to allow access and permission to make modification to the tcp/ip.

Thank you

BolehVPN Support

News:

Author Topic: Compose.exe asked for permission to modify \Device\Afd\Endpoint and Registry key (Read 6975 times)

savior

Compose.exe asked for permission to modify \Device\Afd\Endpoint and Registry key

PitBoss

Re: Compose.exe asked for permission to modify \Device\Afd\Endpoint and Registry key