If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
pipes channel ?!
What is it and how do I get rid of it ?
Why isn't it prevented by my McAfee AV and Malwarebytes programs ? |
Ads |
#2
|
|||
|
|||
pipes channel ?!
On Thu, 19 Oct 2017 14:27:49 -0400, SteveGG wrote:
What is it and how do I get rid of it ? Why isn't it prevented by my McAfee AV and Malwarebytes programs ? It's for communication between applications/processes. It can be between local processes, or local and remote processes. If remote process is involved, it uses SMB (TCP port 445). Keep in mind that SMB is used for Windows Networking. Blocking that port will block remote Pipe communication but also cripple the Windows Network. Blocking only the Pipe communication requires a software which can control network request at protocol level. Similar like a filtering proxy application, except it's for SMB rather than HTTP. I haven't seen any security application that can do this. If there's any it would be a HIPS application, or AV with HIPS functionality. A mere AV or firewall can't do this. |
#3
|
|||
|
|||
pipes channel ?!
JJ wrote:
On Thu, 19 Oct 2017 14:27:49 -0400, SteveGG wrote: What is it and how do I get rid of it ? Why isn't it prevented by my McAfee AV and Malwarebytes programs ? It's for communication between applications/processes. It can be between local processes, or local and remote processes. If remote process is involved, it uses SMB (TCP port 445). Keep in mind that SMB is used for Windows Networking. Blocking that port will block remote Pipe communication but also cripple the Windows Network. Blocking only the Pipe communication requires a software which can control network request at protocol level. Similar like a filtering proxy application, except it's for SMB rather than HTTP. I haven't seen any security application that can do this. If there's any it would be a HIPS application, or AV with HIPS functionality. A mere AV or firewall can't do this. He's referring to this. "Pipeschannels.com Adware" https://malwaretips.com/blogs/remove-pipeschannels-com/ Removing adware is hardly ever as easy as that site makes it out to be. That's why I didn't copy and paste that answer in the first place. Because the track record on Whack-a-mole is so poor with that stuff. That particular site gives generic cleaning procedures, that may or may not work. While AdwCleaner is conceptually a good tool, it's pretty hard for a single developer to keep up with the torrent of variations. A company with 200 employees could probably do a good job of fleshing out AdwCleaner and updating it daily. AdwCleaner used to be run by a single developer, but is now hosted by MalwareBytes. And I don't know how many developers MalwareBytes has, or whether they have the time to work on PUPs products. Or whether they're just providing download bandwidth for it. I think MalwareBytes does remove some PUPs, but whether this is intentional, a "focus" on their part, is unclear. By acquiring AdwCleaner, it suggests they want separation between products for some reason. The reason AV companies are hesitant to remove PUPs, is "barratry". The usage of lawyers, where lawyers are not wanted or needed. A company wishing to "ride the razor edge" of malware, makes a product which "does no damaged" but "makes us money". If a large AV company removes the product, the adware company files in court that the AV company is "restraining their trade" and "you really need that Ask Toolbar" and "we're white hats, with dirty underwear". It's only when adware affects a critical system function, that the big boys get involved. Ask Toolbar did something at one time, to mess with something Microsoft didn't want them messing with. And Microsoft got even :-) https://en.wikipedia.org/wiki/Barratry_(common_law) "litigation... for the purposes of ... harassment" There would be no PUPs in circulation, if we could "shoot all the lawyers" /s. Then your favorite AV product could remove them as a service to you. Paul |
Thread Tools | |
Display Modes | Rate This Thread |
|
|