Discussion:
Access to resource has been disallowed
(too old to reply)
Popeye
2009-03-09 15:31:02 UTC
Permalink
Some of our users have been getting the "Access to resource 'xyz' has been
disallowed" error message when they type in just 'xyz' in the address bar of
IE without the http.

If they type in "http://xyz" instead, the URL is parsed correctly without
any problems. I looked through the Microsoft Knowledge Base and the only tech
note that discusses a similar error message doesn't seem to apply in our
case. (We're running IE 6.0.2900.2180 on Win XP Professional.)

Our users cannot change their settings in IE, so it's odd that some users
see this problem and some don't. We've been unable to consistently reproduce
this problem across all our users' machines.

Any ideas as to why we might be seeing this problem?
PA Bear [MS MVP]
2009-03-09 19:24:18 UTC
Permalink
There is a very good chance are that you are seeing the affects of a
hijackware infection. Note that if all these computers are on a network and
just one of them is infected, the infection could rapidly spread to all
other machines. If you don't remove all machines from the network and make
sure every single one of them is clean before reconnecting them to the
network, you'll be back to Square One within seconds!

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

2. Run the Windows Live Safety Center's 'Protection' scan (only!) in Safe
Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

3. Run a /thorough/ check for hijackware, including posting the requested
logs in an appropriate forum, not here.

Checking for/Help with Hijackware
http://aumha.net/viewtopic.php?f=30&t=4075
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://forums.spybot.info/forumdisplay.php?f=22,
http://aumha.net/viewforum.php?f=30, or other appropriate forums.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Post by Popeye
Some of our users have been getting the "Access to resource 'xyz' has been
disallowed" error message when they type in just 'xyz' in the address bar of
IE without the http.
If they type in "http://xyz" instead, the URL is parsed correctly without
any problems. I looked through the Microsoft Knowledge Base and the only
tech note that discusses a similar error message doesn't seem to apply in
our case. (We're running IE 6.0.2900.2180 on Win XP Professional.)
Our users cannot change their settings in IE, so it's odd that some users
see this problem and some don't. We've been unable to consistently reproduce
this problem across all our users' machines.
Any ideas as to why we might be seeing this problem?
Popeye
2009-03-10 07:40:01 UTC
Permalink
Thanks a lot; this is most helpful. I'll ask our admins to take a look at the
affected machines to see what we find.

If it is the result of a hijackware infection, is it likely to manifest
itself only when the users try to access certain sites? For instance, if the
affected users type in just "google" in the address bar, they are redirected
to Windows Live Search for "google". They only see the "Access to resource
has been disallowed" with a couple of URLs.
Post by PA Bear [MS MVP]
There is a very good chance are that you are seeing the affects of a
hijackware infection. Note that if all these computers are on a network and
just one of them is infected, the infection could rapidly spread to all
other machines. If you don't remove all machines from the network and make
sure every single one of them is clean before reconnecting them to the
network, you'll be back to Square One within seconds!
PA Bear [MS MVP]
2009-03-10 20:51:15 UTC
Permalink
[To keep track of things, it helps immensely if you include all of previous
message(s) in your replies to the newsgroup. Thank you.]
Post by Popeye
If it is the result of a hijackware infection, is it likely to manifest
itself only when the users try to access certain sites?
No! If a hijackware infection is the cause, the Operating System (Windows)
is infected, not IE.
Post by Popeye
Thanks a lot; this is most helpful. I'll ask our admins to take a look at
the affected machines to see what we find.
If it is the result of a hijackware infection, is it likely to manifest
itself only when the users try to access certain sites? For instance, if the
affected users type in just "google" in the address bar, they are redirected
to Windows Live Search for "google". They only see the "Access to resource
has been disallowed" with a couple of URLs.
Post by PA Bear [MS MVP]
There is a very good chance are that you are seeing the affects of a
hijackware infection. Note that if all these computers are on a network
and just one of them is infected, the infection could rapidly spread to
all
other machines. If you don't remove all machines from the network and make
sure every single one of them is clean before reconnecting them to the
network, you'll be back to Square One within seconds!
<paste>
Post by Popeye
http://www.microsoft.com/security/malwareremove/default.mspx
2. Run the Windows Live Safety Center's 'Protection' scan (only!) in Safe
http://onecare.live.com/site/en-us/center/howsafe.htm
3. Run a /thorough/ check for hijackware, including posting the requested
logs in an appropriate forum, not here.
Checking for/Help with Hijackware
http://aumha.net/viewtopic.php?f=30&t=4075
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://www.elephantboycomputers.com/page2.html#Removing_Malware
**Seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://forums.spybot.info/forumdisplay.php?f=22,
http://aumha.net/viewforum.php?f=30, or other appropriate forums.**
If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
Post by PA Bear [MS MVP]
Some of our users have been getting the "Access to resource 'xyz' has been
disallowed" error message when they type in just 'xyz' in the address bar of
IE without the http.
If they type in "http://xyz" instead, the URL is parsed correctly without
any problems. I looked through the Microsoft Knowledge Base and the only
tech note that discusses a similar error message doesn't seem to apply in
our case. (We're running IE 6.0.2900.2180 on Win XP Professional.)
Our users cannot change their settings in IE, so it's odd that some users
see this problem and some don't. We've been unable to consistently reproduce
this problem across all our users' machines.
Any ideas as to why we might be seeing this problem?
Loading...