We’ve been using F-Secure as our virus/malware protection in our company for a little over a year now. I have been and continue to be impressed with the product and the company support.
Recently I purchased my new laptop with Windows Vista installed. More recently I purchased a new HTC P4300 smartphone with Windows Mobile 5. It’s been working great, and I love the phone. The only weird issue has been syncing with the USB cable. In order to make it work I had to temporarily turn off the firewall inside of F-Secure Client Security. Syncing via Bluetooth was working fine so I tended to lean on that.
Today I decided it was time to fix the issue. I gave a call to the business support line at F-Secure, explained the problem quickly to the technician. She told me right off the bat that this was an issue she had no experience with, so she asked if I minded giving her a little time to investigate. Of course I said that was fine.
Within 30 minutes I had an email from her outlining the solution. My total phone time was about 5 minutes and then another 5 to put the fix into place. Thank you!
The problem is simply that the Sync Center in Vista uses some ports over the USB connection that are new enough not to be included as a standard. After adding the ports and making sure that one of the applications was allowed, everything worked great. Since I do not believe they have a technical article yet, I thought I would outline the solution here in case anyone else needs it.
Please note that these steps only work if your security policy allows you to edit a few things. If you are running in a corporate environment you may need to give these instructions to your network administrator to include in the corporate policies for your virus protection.
The first thing to do is to get into the Client Security configuration screen where we’ll be doing most of the work. Right click on the F-Secure icon in your system tray and choose Open F-Secure Client Security. This will bring up the main window. You will want to choose the Internet Shield menu option on the left, then click on the Change link next to Application Control.
Next you need to add the application that does the communication to the allowed list in Application Control. wmdHost.exe is the component that performs the actual communication requests. It is possible that this application may already be there, but if it is not, simply click Add it to include it in the list. If it is not in the list it should be found in C:\Windows\WindowsMobile\ If you do have to add the file, I’ve noticed that my Client Security software will default to the access level of prompt for a new application. The other bit that is odd is that it will not let me change it when I’m adding the file. I complete the addition to the list, then go back in to the details to modify it. At this point it will let me change the behavior to Allow.
Finally you need to create a new service and add the necessary ports. There are 5 inbound and 1 outbound port necessary.
Start by switching to the Firewall configuration screen, then to the Services tab and add a new one. I simply called it Windows Mobile Sync Center. Make sure to choose the TCP protocol.
On the screen where you add, there are two areas for ports. They are termed Initiator ports and Responder ports. These map to inbound and outbound. Here are the correct settings:
Initiator (inbound) ports:
Responder (outbound) ports:
Once you’ve made all of those configuration changes you are ready to give it a shot. Grab your Windows Mobile device and your USB cable and hook them up. You should get the Connected check box and see it synchronize as expected.
I hope that helps you out!