Jump to content

Avast! has blocked a (perhaps) malicious request from Online Armor


Hanziness
 Share

Recommended Posts

Good evening!

I was just running a program, when Avast! popped up with a message:

MALICIOUS URL BLOCKED

...

Object: | an IP address |/crs/crs.php

Infection: URL:MAL

Action: Blocked

Process: C:\Program Files\Tall Emu\Online Armor\oaui.exe

-----

Could you help?

I removed the oaui.exe entry and blocked it from accessing the internet....

I'm using an old version of OA (4.0.0.35 (FREE))

Should I update it or it's just a false positive?

Thank you very much!

Link to comment
Share on other sites

oaui.exe connects to OA's servers to lookup your IP address to display in the Firewall Status window. It also connects when checking for updates. Perhaps Avast has blacklisted the IP for some reason, although you didn't record the actual IP in your post.

I would recommended updating your version of OA and also excluding Avast and OA from each other :) In OA, this can be done under Options -> Exclusions.

Link to comment
Share on other sites

What Avast! version are you using? OAUI.exe is the GUI for Online Armor. You may want to go Explorer, right click it and select properties to see if it is digitally signed, but sure looks like an FP. There is also an RC2 for OA5 available here at the forum so you may just want to do an OA upgrade.

Link to comment
Share on other sites

Thank you for your quick reply

I thought that Online Armor is sending the usage statistics to the server.

I'll report this to AVAST! Software

My current IP: 89.168.125.5

The blocked IP: 68.178.232.99 - the full address is: 68.178.232.99/crs/crs.php

I will update Online Armor tomorrow, because it's a bit late.

Again, thank you very much

EDIT #1:

I'm using Avast! 6 FREE

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...