HoggyDog

Unable to edit or remove suddenly appearing new rule

Recommended Posts

1. Emsisoft Anti-Malware. Version and build unknown because, contrary to the sticky "Information to Include" the version number is nowhere to be found in my installation of Emsisoft Anti-Malware.

2. Windows 7 Home Premium SP1 all latest updates.

 

About an hour ago, a major online game that I had been playing earlier in the day (Guyild Wars 2) was suddenly blocked by Emsisoft Anti-Malware. Upon investigation, I discovered a "Surf Protection Rule" that says it is "My Own" but that I did not enter or approve. Even worse:

1. The URL or IP that is being blocked is blank.

2. The rule states that it is set to "Block Silently" which denies me the opportunity to get a popup showing what is going on

3. I am unable to remove or delete the rule

4. I am unable to edit the rule because Emsisoft insists that I enter a URL; please see #1 above

5. A "thorough" scan using Emsisoft Anti-Malware and MalwareBytes Anti-Malware reveals no malware

 

Other than disabling or uninstalling Emsisoft Anti-Malware, can you suggest any steps I might be able to take to fix this?

 

Also, please consider removing the idiotic requirement to hand-enter a URL when trying to delete or edit a rule's behavior from "Block Silently" to "Alert." If Emsisoft Anti-Malware itself can't even read the URL from its own logs as it displays the rule and latest blocking event, because the URL field is blank, how does Emsisoft Anti-Malware expect a customer to figure out what the URL is in order to hand-enter it? If I highlight a rule and press delete, you should just delete the damned rule, no questions asked!

 

I will attach a screenshot of what Emsisoft is telling me. I will also attach a screenshot of Malwarebytes Anti-Malware's display, which clearly shows the version number on the top frame to customers in case they need to know it... unlike Emsisoft, which hides that information but then asks customers to include it without telling where it is in a sticky post on the support forum.

 

Thank you.

 

EDIT to add: after completely uninstalling Emsisoft Anti-Malware and rebooting, I am now able to log in to Guild Wars 2- proving that it was, indeed, Emsisoft Anti-Malware preventing me from logging in to a reputable, well known and not-malicious server that I have been using daily for 4 years.

post-33077-0-31593800-1450055898_thumb.png
Download Image

post-33077-0-40179900-1450057088_thumb.png
Download Image

Share this post


Link to post
Share on other sites

Based upon the "My own" entries showing in your Surf Protection rules, you must be importing a custom Hosts file.

 

What Hosts file source(s) are you using to compile your "My own" rules?

 

Based upon the time stamps, is it possible the blank rule is a corrupted entry that was imported from your Hosts file?

 

Good luck!

Share this post


Link to post
Share on other sites

Based upon the "My own" entries showing in your Surf Protection rules, you must be importing a custom Hosts file.

 

What Hosts file source(s) are you using to compile your "My own" rules?

 

Based upon the time stamps, is it possible the blank rule is a corrupted entry that was imported from your Hosts file?

 

Good luck!

I have never imported a host file. Those rule entries are produced when Emsi alerts to (whatever) and I click block or allow. I normally keep my PuP and Privacy categories set to "Alert" and the more serious two on the left set to "Block and Notify."

Share this post


Link to post
Share on other sites

EDIT to add: after completely uninstalling Emsisoft Anti-Malware and rebooting, I am now able to log in to Guild Wars 2- proving that it was, indeed, Emsisoft Anti-Malware preventing me from logging in to a reputable, well known and not-malicious server that I have been using daily for 4 years.

As someone who used Emsisoft Anti-Malware in the past, and is now using Emsisoft Internet Security, I can tell you that none of them blocks Guild Wars 2 (I play it everyday), nor do they interfere with it smile.png

Share this post


Link to post
Share on other sites

The rule in your screenshot appeared to be blank, so it's possible it was capable of matching multiple addresses. It more than likely appeared either due to a corruption of the custom Host Rules, or perhaps a bug in Emsisoft Anti-Malware.

If you find a way to reproduce the issue with this broken rule appearing, then we can collect debug information to forward to our developers.

BTW: We have at least one developer who plays GuildWars 2, and if Emsisoft Anti-Malware was blocking access to the game servers (even randomly) there would very quickly be a bug report open in our system so that it would be fixed. ;)

Share this post


Link to post
Share on other sites

As someone who used Emsisoft Anti-Malware in the past, and is now using Emsisoft Internet Security, I can tell you that none of them blocks Guild Wars 2 (I play it everyday), nor do they interfere with it smile.png

Smiley face notwithstanding, your response seems arrogant and condescending to me. I have already posted what Emsisoft IS DOING yet you blihtely state that it doesn't do that. Too funny.

 

I have been playing GW2 since pre-launch beta, and Emsisoft has never blocked it before. However, a response to my statement that Emsisoft has suddenly started blocking GW2, complete with a screenshot, then a later edit stating that ininstalling then reinstalling Emsisoft cleared the blockage of GW2, thereby proving beyond any reasonable doubt that Emsisoft was, in fact, blocking GW2 AND a mention in the edit that I have been playing GW2 for four years... stating that Emsisoft "doesn't do that" is just absurd.

 

PS: "Everyday" is an adjective meaning "commonplace." What you should have said is "every day." Please look it up.

Share this post


Link to post
Share on other sites

In the post above yours (#5) Emsisoft Employee GT500 stated

 

 

The rule in your screenshot appeared to be blank, so it's possible it was capable of matching multiple addresses. It more than likely appeared either due to a corruption of the custom Host Rules, or perhaps a bug in Emsisoft Anti-Malware.

If you find a way to reproduce the issue with this broken rule appearing, then we can collect debug information to forward to our developers.

 

I think that was a pretty fair assumption, and you say it is sorted now. I know the staff and devs will have noted what happened so rest assured about that :)

 

And thanks for taking the time to report what happened to you.

 

As for Aura being 'arrogant and condescending' ..well that is not the way that post seems to me. It seemed to be trying to reassure you.

 

It's Xmas Day, lets move on and leave bad feelings behind :)

Share this post


Link to post
Share on other sites

The "My own" rules for Surf Protection are stored in the "a2user.dat" file, within the "Program Files/Emsisoft Anti-Malware" folder.

 

This is a text-format file that can be viewed and edited using MS Notepad or MS Word while EAM is running.

 

Saving an edited "a2user.dat" file requires shutting down protection by right-clicking EAM's icon in the notification area of the Taskbar and selecting "Shut down protection", as well as the stopping of the "a2AntiMalware" service using Windows Task Manager.

 

Regardless of the origin of the "My own" rule that is presenting the problem, it is possible to remove any-or-all of the "My own" rules, and to save the edited file using the above method.  

 

Also, make sure the saved file name remains "a2user.dat" and is not changed into "a2user.dat.txt" by MS Notepad or MS Word in the "Program Files/Emsisoft Anti-Malware" folder.

 

Then, the "a2AntiMalware" service can be re-started and EAM re-started.  Once EAM is fully running, the EAM icon in the notification area of the Taskbar can be right-clicked and "Host rules" selected.  

 

Surf Protection rules that have been deleted should no longer show up in the rules list and, hopefully, their problem-effects should also be gone.

 

Merry Christmas!

Share this post


Link to post
Share on other sites

Smiley face notwithstanding, your response seems arrogant and condescending to me. I have already posted what Emsisoft IS DOING yet you blihtely state that it doesn't do that. Too funny.

He's just explaining his experiences, and trying to assure you that what you experienced was not the norm.

Also, he's Canadian, so his English may be a little different from ours. ;)

Share this post


Link to post
Share on other sites

Is this something that you have been able to reproduce? If we can find a way to get it to happen in our own testing, then it shouldn't be too difficult to figure out the cause and fix it. ;)

Share this post


Link to post
Share on other sites

Unable to reproduce the bug.I tried.However, the problem has been seen twice in 11.0.0.5958 version.

I also reported to the Russian support.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.