[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Access to this path or file is denied

Posted on 2008-02-09
10
Medium Priority
?
1,482 Views
Last Modified: 2012-05-05
I have been using ipscan.exe for years.  It's a great little tool that will list everything on a network, including switches, hubs, printers, workstations, etc.  Recently I have been unable to access the program.  I get the message Access to the specified path or file is denied.  The banner at the top of the window that pops up giving the message lists the path of the file, for example c:\windows\system32\ipscan.exe.   I normally run this from a Windows 2000 workstation, but I am getting this message from all the workstations (Windows XP Pro) and servers (Windows 2000 and 2003 server).  Is there any way of telling when access is deined, why access is denied?   That would be a big help?
0
Comment
Question by:jvanderw
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 66

Expert Comment

by:johnb6767
ID: 20860074
RegMon for Windows v7.04
http://www.microsoft.com/technet/sysinternals/utilities/regmon.mspx

FileMon for Windows v7.04
http://www.microsoft.com/technet/sysinternals/FileAndDisk/Filemon.mspx

Set the filter at the top to highlight "access denied", and and try and recreate the errors....Then go to these and look for the red, and it will tell you where the permissions are shot....

Or even use the new and improved utility form Sysinternals, that contains them both....

Process Monitor v1.22
http://www.microsoft.com/technet/sysinternals/utilities/processmonitor.mspx
0
 

Expert Comment

by:xunrage_
ID: 20863091
It is included in the antivirus/antispyware database. Probably the antivirus/antispyware block its execution.
0
 
LVL 18

Expert Comment

by:Johnjces
ID: 20866441
I concur with xunrage_.

Our AV, Symantec Endpoint Protection, marks it as a hacking tool and will not allow it to be run and has on occasion removed it.

We had to white list as a good program.

What AV are you using?

John
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
LVL 1

Expert Comment

by:jjthomas3
ID: 20867408
Another [less likely] possibility is that your Network Administrators have set a group policy object banning the use of the program. Our corporate LAN/WAN uses GPO (Group Policy Objects) to ban the use of programs such as NC.EXE (Net Cat) and other suspect programs used by hackers (and legit users alike).

If Symantec (if you're running it)  is the root cause you should see the program in the "Quarantined Files" view by double-clicking on the SAV shield in the task bar, then expanding the "VIEW" node, and then clicking on "Quarantine", if you see ipscan.exe listed.....then that would be the issue.

If it is a group policy object you would run GPEDIT.MSC from the Run box (START --> RUN). Once inside the Group Policy Editor (GPEDIT.MSC) you would expand "Windows Settings" then "Security Settings" then "Software Restriction Policies" and finally highlight "Additional Rules".  If you see IPSCAN.EXE or its path listed here then your issue is GPO.

[lastly and least likely] Also you might check the Windows Firewall as well, software restrictions can also be set by the Windows firewall.
0
 
LVL 1

Expert Comment

by:jjthomas3
ID: 20867455
Oh, on a side note....were you running the program from a remote share or is the file installed on every machine from which you access has been denied to the path /file ?
0
 

Author Comment

by:jvanderw
ID: 20876823
jjthomas3, I am "trying" to run this on several machines.  It doesnt require an installation, it is a simple .exe program.  Before  the problem I could laundh te program from any location.  I would launch from \windows\system32\   no problems.  No, can't launch from anywhere.  
I want to find out what is causing the no access, then act on that.  I think I will be successful trying
the utilites and suggestions above.  Thanks
                                     
0
 

Author Comment

by:jvanderw
ID: 20876834
jjthomas3, I am "trying" to run this on several machines.  It doesnt require an installation, it is a simple .exe program.  Before  the problem I could laundh te program from any location.  I would launch from \windows\system32\   no problems.  No, can't launch from anywhere.  
I want to find out what is causing the no access, then act on that.  I think I will be successful trying
the utilites and suggestions above.  Thanks
                                     
0
 

Author Comment

by:jvanderw
ID: 20878412
Johnjces; What AV are you using?
I am using Symantec Endpoint protection,  version 11.01.  I just upgraded from Symantec Enterprise security AV system version 10.01.  Version 11.01 is a huge change.  This version has a complely different look and feel, no more Symantec System Center Console.  No there is a Symantec Endpoint Protection Manager.  It's a completely different interface.  it's lost some of it's edge.  It may have expanded on it's capabilities, but the look and feel of the manager is horrible.  
So, in answer to your question, it's Symantec Endpoint protection version 11.01.  Version 10. was much better IMHO.


0
 
LVL 18

Accepted Solution

by:
Johnjces earned 2000 total points
ID: 20878566
jvanderw

I too am using the Endpoint protection version 11. I concur about your feelings with Endpoint Protection manager. It is a resource hog! I want safety and some of our users have to wait 20 minutes after booting to effectively use their PCs as I have a "brief" scan at startup set. The AV server we have set up for EPP will use 100% CPU when a new update comes in as it massages it and readies it to be sent to the clients.

Anyway, I had to specifically allow ipscan.exe. we use it all the time. Great tool! I guess it's pretty good for hackers as well.

There is a place under your console, err.. Endpoint Protection Manager, where you can white list it. It took a few times, boots, before I could use it even though I forced an update.

Version 10 was good. But, I think 11 is better in its "sniffing" abilities. We really got hammered in October when we had 10 and it should of heuristically found this virus which was a rewrite or repackage of a known virus. AVG Fre was the first to point us in the right direction.

Anyway, I'll bet that EPP is blocking the file. It did me for some time till I figured out where to whitelist files!

John
0
 

Author Closing Comment

by:jvanderw
ID: 31429555
You were right on target with this.  Why does it take several boots to get this thing to finally take?  
So, it was great hearing from someone else who uses this EPP.  My first instinct was to roll back the v10, but ultimatly I choose to stick with v11.

0

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Still wondering grappling over to strengthen your password, worry no more. Choose a Strong Passphrase instead though second factor is highly recommended. Read on more on the how-to and tips to enhance your "password" using easier to remember passphr…
Are you looking to start a business? Do you own and operate a small company? If so, here are some courses you need to take before you hire a full-time IT staff.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question