• Content Count

  • Joined

  • Last visited

  • Days Won


Posts posted by Nick

  1. Hello, I've been using OA since the Tall Emu years. I have a question concerning the clean install. I've asked the same question in the past but still I have some doubts so, please, excuse me for asking again now.

    With the early versions of OA the best way to uninstall it was to remove the software in Safe Mode (OS: Win XP PRO SP3) and then reboot twice. As regards the current stable version, is it still better to uninstall OA in Safe Mode in order to prevent as many leftovers as possible?

    Thank you and sorry for my English,


    System Information:

    Win XP Pro SP3 (Hardware DEP)

    Avast! Free AV 7.0.1466

    Online Armor Free

    *Avast!/OA mutually excluded

    HostMan/HostsServer 3.2.73 (MVPS HOSTS + hpHosts "ad/tracking servers only")

    Norton ConnectSafe aka Norton DNS v2

  2. I tried it another time and can confirm that events which are dealt for a " Session" basis do not get enlisted in that respective tab.

    That's how it should work for a " session" basis event/decision, in my opinion. Those events should not be enlisted in the Firewall tab - just the opposite for permanent user decisions.

    So once again I had to delete DAP from PROGRAMS and rerun it.

    Another option would be a system reboot (ending session)...

  3. Could you please check the harddisk DMA mode.

    Thank you very much, ctrlaltdelete. I was getting mad!

    I checked the hard disk DMA mode and it had been set to PIO mode from the correct ULTRA DMA mode, without any notification to the user.

    I followed these:

    1. Double-click Administrative Tools, and then click Computer Management.
    2. Click System Tools, and then click Device Manager.
    3. Expand the IDE ATA/ATAPI Controllers node.
    4. Double-click the controller for which you want to restore the typical DMA transfer mode.
    5. Click the Driver tab.
    6. Click Uninstall.
    7. When the process completes, restart your computer. When Windows restarts, the hard disk controller is re-enumerated and the transfer mode is reset to the default value for each device that is connected to the controller.

    and now the faster transfer mode (ULTRA DMA) is re-enabled.

    Now I guess I must avoid using "direct disk access" when scanning the system with the EEK (by the way I use the direct disk access with the Avast! Boot Scanner without any issues). Is that a known issue?

    May I ask you also another question? Does the Full Scan in the EEK turn on the "direct disk access" by default?

    If you need some other information (see also below) about my system/HD for future reference, let me know.

    Thank you very much again for your help,



    Seagate Barracuda 7200.12

    Device Model: ST3500418AS

    Firmware Version: CC38

    User Capacity: 500.107.862.016 bytes [500 GB]

    Sector Size: 512 bytes logical/physical

    ATA Version is: 8

    ATA Standard is: ATA-8-ACS revision 4

    SMART support is: Available - device has SMART capability.

    SMART support is: Enabled

  4. Hello, this morning I did a custom scan with the latest version of the EEK (I have "installed" it on my system drive C), just to check my system as I usually do.

    I have also enabled the "Use direct disk access" for the very first time. Once the scan was completed and nothing was found I rebooted my system. By the way, I'm sure that my system is clean with no malware.

    Since then my system acts very sluggish, everything is slowed down. I'm not sure but the problem seems to be my local disc which has become very, very slow. During normal HD operations also the cursor moves and reacts slowy...

    This issue started after enabling the "Use direct disk access" option.

    Before proceeding with the EEK scan I turned off my AV.

    Thank you very much for your help and sorry for my English.

    System Information:

    Win XP Pro SP3 (Hardware DEP)

    Avast! Free AV 7.0.1426.0

    Online Armor Free

    *Avast!/OA mutually excluded

    HostMan/HostsServer 3.2.73 (MVPS HOSTS + hpHosts "ad/tracking servers only")

    Norton DNS v2 (B-Security)

  5. Not sure if it could be of any help to your investigation and, by the way, I don't want to hijack any thread (just reporting some info), but this morning before updating the Flash Plugin for Firefox using the full installer (, I enabled OA's Learning Mode. Well, after the installation process, I checked OA's Program List and it did block one of the "fpb.tmp" files, regardless of Learning Mode.



    Win XP Pro SP3

    Avast! Free AV 7.0.1426.0

    Online Armor Free

  6. (1) When I had OA installed, I would get daily pop ups for some .bin file for Avast. I excluded the Avast folder, but that didn't seem to catch everything if I recall correctly. What is the recommended set up for Avast users? I believe the preferred method is to exclude the Avast program folder in OA program guard and to exclude the OA folder in Avast (file sheild and maybe another)? Please confirm/correct


    I'm an Avast user. I would recommend that you exclude OA program folder and subfolders in the File System Shield (expert settings). I would suggest also excluding OA processes in the Behavior Shield (although I'm not completely sure it's necessary since I don't use that shield),

    Latest Avast versions allow users to exclude processes in the Web Shield too. However, I've never bothered setting those exclusions in the current version. Just in case, these are the OA's processes that connect to the Web:

    1) oaui.exe

    2) oasrv.exe

    3) oadump.exe

    4) oamine.exe

    5) oarau.exe

    6) oascan.exe


    As for OA, you could add the "AVAST Software" program folder and subfolders to the Exclusion List (I did). That will prevent any Avast related pop-ups from being showed.

    However, before setting any exclusions you should take a look at the Known Online Armor Issues:

    If your anti-virus solution uses a proxy to implement its web or email scanning capabilities and you excluded your anti-virus software in Online Armor then the Banking Mode may have no affect.


    Hope this helps.

  7. So do you first check the digital signatures of the updates and then allow them to install in learning mode? Of course you have to download the updates manually for that.

    Honestly, I just turn on Learning Mode and use Windows Update via IE. Once the update process is completed, after the system reboot, I turn off LM and quickly check OA's History to see what happened.

    However, before enabling OA's Learning Mode - regardless of the circumstances - it is extremely important that you are completely sure that your system is free from any malware.

    I hope this might be helpful to you.

  8. I'll take this opportunity to ask another related question (however, let me now if I have to start a new thread).

    If we set Firefox to runsafer, should we do the same also for the plug-in-container or that's not necessary (as the the plug-in-container will eventually run as runsafer once invoked by the FF process?

    Thanks in advance

  9. Hello,

    In the past versions there was a "purely cosmetic" issue in OA, at each boot two OA components were shown in the History: oahlp.exe and oaui.exe - just in case, you can see some old pics here: http://support.emsis...dpost__p__32832

    When I did a clean install of OA the issue disappeared. However, yesterday after upgrading to the current OA build using the online update inside OA, the issue came back. That happened on both my parents' machine and mine.

    So I decided to do a clean install of OA on my machine and the issue disappeared again (not sure if it's relevant but after the fresh install I run the online updater and OA downloaded oainj.exe).

    Both machines have the same OS/security software. Do you think I should do a clean install of the 1557 build also on the machine where the issue is still present?



    System Information:

    Win XP Pro SP3 (Hardware DEP)

    Avast! Free AV 6.0.1367 (Behaviour/Script Shield removed)

    Online Armor Free (Web Shield disabled)

    *Avast!/OA mutually excluded

    HostMan/HostsServer 3.2.73 (MVPS HOSTS)

    Norton DNS v2 (A-Security)