A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 7 » Windows 7 Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

pipes channel ?!



 
 
Thread Tools Rate Thread Display Modes
  #1  
Old October 19th 17, 07:27 PM posted to alt.windows7.general
SteveGG
external usenet poster
 
Posts: 366
Default pipes channel ?!

What is it and how do I get rid of it ?

Why isn't it prevented by my McAfee AV and Malwarebytes programs ?
Ads
  #2  
Old October 20th 17, 03:40 PM posted to alt.windows7.general
JJ[_11_]
external usenet poster
 
Posts: 744
Default pipes channel ?!

On Thu, 19 Oct 2017 14:27:49 -0400, SteveGG wrote:
What is it and how do I get rid of it ?

Why isn't it prevented by my McAfee AV and Malwarebytes programs ?


It's for communication between applications/processes. It can be between
local processes, or local and remote processes. If remote process is
involved, it uses SMB (TCP port 445). Keep in mind that SMB is used for
Windows Networking. Blocking that port will block remote Pipe communication
but also cripple the Windows Network.

Blocking only the Pipe communication requires a software which can control
network request at protocol level. Similar like a filtering proxy
application, except it's for SMB rather than HTTP. I haven't seen any
security application that can do this. If there's any it would be a HIPS
application, or AV with HIPS functionality. A mere AV or firewall can't do
this.
  #3  
Old October 20th 17, 06:40 PM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default pipes channel ?!

JJ wrote:
On Thu, 19 Oct 2017 14:27:49 -0400, SteveGG wrote:
What is it and how do I get rid of it ?

Why isn't it prevented by my McAfee AV and Malwarebytes programs ?


It's for communication between applications/processes. It can be between
local processes, or local and remote processes. If remote process is
involved, it uses SMB (TCP port 445). Keep in mind that SMB is used for
Windows Networking. Blocking that port will block remote Pipe communication
but also cripple the Windows Network.

Blocking only the Pipe communication requires a software which can control
network request at protocol level. Similar like a filtering proxy
application, except it's for SMB rather than HTTP. I haven't seen any
security application that can do this. If there's any it would be a HIPS
application, or AV with HIPS functionality. A mere AV or firewall can't do
this.


He's referring to this.

"Pipeschannels.com Adware"

https://malwaretips.com/blogs/remove-pipeschannels-com/

Removing adware is hardly ever as easy as that
site makes it out to be.

That's why I didn't copy and paste that answer
in the first place. Because the track record on
Whack-a-mole is so poor with that stuff. That particular
site gives generic cleaning procedures, that may or may
not work.

While AdwCleaner is conceptually a good tool,
it's pretty hard for a single developer to keep up
with the torrent of variations. A company with
200 employees could probably do a good job of
fleshing out AdwCleaner and updating it daily.
AdwCleaner used to be run by a single developer,
but is now hosted by MalwareBytes. And I don't
know how many developers MalwareBytes has, or
whether they have the time to work on PUPs products.
Or whether they're just providing download bandwidth
for it.

I think MalwareBytes does remove some PUPs, but whether
this is intentional, a "focus" on their part, is
unclear. By acquiring AdwCleaner, it suggests they
want separation between products for some reason.

The reason AV companies are hesitant to remove
PUPs, is "barratry". The usage of lawyers, where
lawyers are not wanted or needed. A company wishing
to "ride the razor edge" of malware, makes a product
which "does no damaged" but "makes us money". If
a large AV company removes the product, the adware
company files in court that the AV company is
"restraining their trade" and "you really need
that Ask Toolbar" and "we're white hats, with dirty
underwear". It's only when adware affects
a critical system function, that the big boys
get involved. Ask Toolbar did something at one
time, to mess with something Microsoft didn't want
them messing with. And Microsoft got even :-)

https://en.wikipedia.org/wiki/Barratry_(common_law)

"litigation... for the purposes of ... harassment"

There would be no PUPs in circulation, if we could
"shoot all the lawyers" /s. Then your favorite AV
product could remove them as a service to you.

Paul
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 01:41 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.