on my pc i had a problem awhile back looking at usser acounts in windows xp home eddtion i would get a blank notepad instead of the acount screen when i went to my computer icon and selected acounts there i notice worm guard came up prevented the user acount window to show up and just froze today i wanted to get to usser acounts so i disabled worm guard protection and yup i was able to acess it either that or the new sp2 fixed it but befor sp2 i did remember wormguard stoping usser acount option
Hi there Mr.Blaze, Is it now solved with the SP2 or do you still need to isable WormGuard to be able to use the user account?
agent blaze reporting in nope sp2 did not fix the problem sir the problem still exsists further intel shows disableing worm guard protection temporarly gives you acess to the user acount profile in xp sir i try to do a covert mistion and take a picture of the worm guard error with my hyper snap software but the error and wormguard went into stealth mode sir. but i did obtaine more information when worm guard freezes it turns the pc cpu to 100% sir blaze report to his newbie posting by by by the way big hugs also print screen wont capture it either sux
what no hug not even a response ? you guys dont think im lieing do you i guess i could go out of my way to figure out how to get a picture of it
HUGS Blaze Thank you for the explanation but i still don't see a solution for you, waiting for the DiamondCS techies or others to find out what could be the problem. Maybe something blocking it, maybe part of the SP2 upgrade, maybe with the new ProcessGuard version or anything which needs to be changed it is all ok? I really don't know! Have not see others complaining about this so either they don't have WormGuard, or SP2, or XP Home, or don't change user, or don't have the problem at all. But there is hope, when the technicians find out with you what could be happening! Once you changed user, are you able to open WormGuard again? Is there a possibility to "run as" admin in it's settings just like you might do with TDS and Port Explorer?
Hi Blaze I am afraid that I don't have the solution (and I don't have XP, only W 98 SE). But some questions: Did you always have had that problem on your XP-system with opening user accounts while WormGuard-protection was active? Was there a time on XP that you didn't have that problem? If so, do you perhaps remember what changes you made at that time (yes, I know, it could well be that you don't remember that ). Would perhaps trying to uninstall and re-install WormGuard fix it (just a wild guess....). (safe your WormGuard key-file) First remove the WG-protection in WormGuard it self, reboot, disable temporarily other programs, uninstall WormGuard, reboot, disable temporarily other programs, install WormGuard again, reboot, activate the WG-protection in WormGuard again. Would that perhaps help? BTW in which directory is your WormGuard installed? (I have no idea whether that is important for the DCS-guys to know...).
Reinstalling after the SP2 could be helpfull, wild guess, as it helped another user with his TDS too. Another option could be the "run as" but never heard this before for WormGuard.
Hi Blazey ! Hugs !!! OK, here coming some other wild guesses : First You wrote that you were not able to make a screenshot of the alert from WormGuard. But maybe the warning from WG is saved in the log of WG !!! Did you enable logging in WG ? It is very easy to do in WG, see screenshot. Please note that I have deleted some private info (as my licence-name and the directory in which WG is installed) in the screenshot.
Just go in Windows Explorer to the path of the log-file of WG, and open it. It might be called something like wguard.log Does that log-file give you any info about what is causing your problem?
Second If that log-file does not give you the info that you would like to see, then maybe you could try this: In WormGuard, just right next to the name of your log-file, you see a button "Events". It gives you some possibilities to check which Events WG will log for you in its log-file. Maybe (yes, it is only wild-guessing from my side...) the log-file will give you more info about what is happening on your system, when you put a check-mark in all three boxes for awhile. See my screenshot.
I'm running WormGuard on SP2 and can get into User Accounts without problem. But when I click on User Accounts, PG prompts me: 5 Sep 19:26:05 - [EXECUTION] c:\windows\system32\mshta.exe with commandline mshta.exe "res://c:\windows\system32\nusrmgr.cpl/nusrmgr.hta" was ALLOWED to run Are you blocking HTA scripts globally or added nusrmgr.hta to WG's blocked files. Not sure if WG's Blocked-List Editor takes wild cards. I'm using the default blocked files. Nick
Third Sorry buddy but the guessing gets now even more wild, really wild guessing from my side now... But maybe it is here where the cullprit started.... (yes again, it is only guessing at the moment). WormGuard gives you the possibility to block certain file-types. At the moment I'm not completely sure which file-types by default, but I think that it are these ones: .jse .sha .shs .vbe Now I have to talk about file-associations. I think that I remember that some web-sites are advising to change the file-association of some dangerous file-types to NotePad. In that case such a dangerous file-type will be opened by NotePad. However, it could be that when WormGuard is blocking such a file-type, that strange things will happen. But I absolutely don't know whether that would be the case And even more: I really don't know whether opening the user-account option on your XP-system, will trigger a file-type that is listed on your WG-blocked-file-types. So, if I am right, we need to know: 1. did you change some file-types (to open those kind of files with NotePad). 2. does your WG-log-file (when logging all three options in the Events-button of WG) give you more info on this. 3. and a more general question: which kind of file-type is associated with opening the user-account on a XP-system; I really don't know the answer I'm really sorry Blazey for asking such a number of questions...... As I told you : it is only ALL wild guessing from my side... I really hope that the DCS-guys and others in the know will jump in here to try to help you !!!!! Cheers, Jan.
yes sir hugggggggggggggggggg i finaly cought the error on film sir its stealth tech was no match for my ACS Capture 2.1.0 software check it out
opps capture my porn folder from iteens lol but yup there it is the error and you cant permit it because it uses 100 cpu and freezes only way to close it is to reboot no kill process way works
First I would like to thank Nick S for his posting !!! Thanks Nick !!!!! Blaze, try this: Open WormGuard, then open the Allowed-List Editor in WG, then add manually this file with its full path: c:\windows\system32\nusrmgr.cpl then click Done in the Allowed-List Editor of WG, reboot Blaze, does that solves your problem ? BTW: 1. Have you installed HTA-stop from PSC (Kevin and Nancy)? 2. LOL you don't have to call us "Sir" . Jan, Nick, Jooske (she definitely is NOT a "sir"), etc will be OK 3. Sorry, I'm only using W 98 SE so I cannot give advice on XP Cheers, Jan.
Hi Blaze/Jan Blaze, Nick has probably got the problem you are having sorted, see his message text, with .hta ending. Seeing as it IS WormGuard alerting.. have you by any chance put HTA in the Blocked List Editor as Nick suggested, and like I have. It definitely stops HTA from running [I used to change backgrounds in IE with a proggy from MS, and it needed HTA to run, so had to delete HTA each time ] If so, delete it, close WG and try again. It may be HTA stop, but you don't get any alerts from that, it just blocks and that's it [you can re-enable of course]. See screenie [no xxxxx folder blazey, sorry ] Cheers, TAS
Thanks Tassie for your posting !!! (only a little bit of info about my own set-up: I only run W 98 SE, so I cannot run ProcessGuard. I don't have HTAstop installed, but I DO have IEClean from PSC running which blocks far more than HTAstop. And of course I have also WormGuard active all the time !!! ). Cheers, Jan.
yup i have hta stop installed but that never seem the problem wormguard the one doing the freezing ok will be back will try this c:\windows\system32\nusrmgr.cpl
Hi Jan/Blaze No probs Jan, just wanted to make sure Blaze tried all options and it seemed logical that WG blocking and with Nick's posting showing .hta being the script, it may have been entered in WG, as I remembered from a good while back, Blaze asked about some extensions to add to his Blocked List Editor. Soooo all is well in Blazey's world again Good stuff. Love the Administrator name Blaze. [Hope you sought permission, don't want to see you go out in a Blaze of Lightning] Oh, I tried to take that 'My Sex Tour' Blaze, but alas, all the clicking in the world could not make it open, dang. Anyhow, glad it's sorted. TAS
