New
#21
This is odd, if there is no phoning home, and its not running as a deployment from a server on your network there should be no reason for it to need open ports, right? Does it automatically check for updates?
This is odd, if there is no phoning home, and its not running as a deployment from a server on your network there should be no reason for it to need open ports, right? Does it automatically check for updates?
I don't know why O&O used that method. It may relate to their corporate products which are meant to be managed over a network. When I ran that scan my accounting software also had several local ports open.
Getting back to the OPs problem it doesn't matter why it uses tcp ports just that it does and his are blocked. I use the windows firewall and did not have to open ports for O&O. I don't have any in or outbound rules for O&O. I'm guessing that windows firewall isn't monitoring local tcp connections.
I found one related error in the Windows Event Viewer, as shown...anyone know what it means, or if it suggests a solution?
Log Name: Application
Source: Application Error
Date: 12/7/2010 3:49:57 PM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: Newhope
Description:
Faulting application name: OODCNT.EXE, version: 12.0.0.339, time stamp: 0x4be9b75f
Faulting module name: fslsp_x64.dll_unloaded, version: 0.0.0.0, time stamp: 0x4aed0fc7
Exception code: 0xc0000005
Fault offset: 0x0000000074ad014c
Faulting process id: 0x1240
Faulting application start time: 0x01cb9658a7935317
Faulting application path: C:\Program Files\SysMan\Utilities\O&O\Defrag\OODCNT.EXE
Faulting module path: fslsp_x64.dll
Report Id: ee247864-024b-11e0-88a3-00e018998877
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2010-12-07T21:49:57.000000000Z" />
<EventRecordID>28548</EventRecordID>
<Channel>Application</Channel>
<Computer>Newhope</Computer>
<Security />
</System>
<EventData>
<Data>OODCNT.EXE</Data>
<Data>12.0.0.339</Data>
<Data>4be9b75f</Data>
<Data>fslsp_x64.dll_unloaded</Data>
<Data>0.0.0.0</Data>
<Data>4aed0fc7</Data>
<Data>c0000005</Data>
<Data>0000000074ad014c</Data>
<Data>1240</Data>
<Data>01cb9658a7935317</Data>
<Data>C:\Program Files\SysMan\Utilities\O&O\Defrag\OODCNT.EXE</Data>
<Data>fslsp_x64.dll</Data>
<Data>ee247864-024b-11e0-88a3-00e018998877</Data>
</EventData>
</Event>
AHA! fslsp_64.dll is from F-Secure, as I suspected all along:
FSLSP_X64.DLL, Prevx
I just ran a search for the file, and it doesn't appear to be anywhere on C: