Strongly encouraged to erase Norton Antivirus and PIFTS.EXE from your system

[ftpaddict]

PIFTS
Public Internet and File Tracking System

It goes offshore because there's no law forbidding sending it to foreign governments. If governments want to spy on their own citizens, it is normal for them to have foreigners do it in order to get around normal restrictions about spying on their own people.

This is why there have been reports of the file sending data to Africa.

There have also been reports of it accessing your internet history.

If you find it, DELETE IT.

Source: Norton community forums.

All threads asking about pifts.exe are immediately erased from the symantec forums and the user is instantly banned. All attempts to contact technical support result in customers being put on hold indefinitely.

Norton Antivirus copies PIFTS.EXE on your system via LiveUpdate and from this point on CANNOT BE CONSIDERED SAFE ANYMORE. Immediate removal of all Norton products is strongly advised if you care about your privacy.

I've quickly gathered some links to this whole conundrum on my blog:

What the hell is PIFTS.EXE? Weblog Of The Everyday


Spread the word.

[ftpaddict]

This is not a joke.

[gazonk]

Originally Posted by ftpaddict

Immediate removal of all Norton products is strongly advised if you care about your privacy.

Ouch. Norton is not a good idea anyway, it can suck the life out of the fastest PC - so I sometimes wonder what malware is worse - Norton or those programs that it's supposed to remove? And now it seems to contain spyware too...

Edit: Good link: http://isc.sans.org/diary.html?storyid=5992

[reeftool]

I got rid of Norton about 3 years ago because it became such a resource hog. A normal system restart after a software update took 20 minutes on my P4-2.4Gig system which I think is unacceptable. I switched to Kapersky and my computer worked fine again. I know its getting old but it does everything I need and runs fairly quick with most applications with the exception of my video editing software which is kind of slow but I don't use it that often. I was not going to replace a computer just to run a (bleep) antivirus program.

[Gooshin]

i just nuke my computer once a year, tedious but works.

[RoxnDox]

Originally Posted by ftpaddict

This is not a joke.

No, but there seems to be a great deal of mistrust and knee-jerking reactions in addition to whatever the hell Norton has done. My position is to deny this pifts.exe any access to the interneet and then wait until somebody either figures out exactly what happens, or the Norton folks 'fess up to their (a) errors, or (b) deliberate actions in letting this software out.

Jim

[séamuis]

Kaspersky.

[lithos]

AVG.

And not screwing around on the internet.

[ftpaddict]

OS X or Linux. Problem solved.

[Venturi]

I divorced from Norton 10yrs ago, McAfee too. Both are bloated system resource hogs. ZoneAlarm AV is working well and playing nicely with others on XP here.

[Wildnsyko]

Thanks for the info. My parents have Norton on their computer and Mom complains about it all the time. She's gonna freak over this one. Maybe she'll finally call AT&T and get DSL and get rid of Norton.

[stewart_photo]

This application (PIFTS.EXE) seems to gather product usage statistics and product activation verification for the various Norton applications. Since I seriously doubt any government (foreign or domestic) would be interested in how often customers use Norton Ghost, for example, to backup their computers, I really think conspiracy theorists have went way out on a limb on this one.

The only IP's I've seen this application access are those owned by Symantec, Swapdrive (probably related to Swapdrive features contained in several Symantec applications), and Microsoft (apparently checks for critical Symantec updates on the Microsoft Automatic Updates website and triggers LiveUpdate). I've seen no effort by this application to contact any IP in Africa. Finally, I'm not aware of any method to determine if the application is accessing internet history.

As far as I can tell, this application is not at all unusual, with most computers (any operating system) containing similar applications with similar functions.

stewart

[ajuett]

AVG since 1999ish. Install no other junk apps claiming to speed up or protect your system and surf wisely with FireFox and ABP (AdBlock Plus is an add-on).

[cpopham]

Originally Posted by ftpaddict

This is not a joke.

And that's why stuff like this isn't a laughing matter.

Norton might be a horrible program to use, it might bog down your computer horribly, but one thing it isn't, is actually malware.

If you don't read about a story like this in the mainstream tech media, it's generally not real.

There's no need to go running for the tinfoil...

[ftpaddict]

Originally Posted by stewart_photo

This application (PIFTS.EXE) seems to gather product usage statistics and product activation verification for the various Norton applications. Since I seriously doubt any government (foreign or domestic) would be interested in how often customers use Norton Ghost, for example, to backup their computers, I really think conspiracy theorists have went way out on a limb on this one.

The only IP's I've seen this application access are those owned by Symantec, Swapdrive (probably related to Swapdrive features contained in several Symantec applications), and Microsoft (apparently checks for critical Symantec updates on the Microsoft Automatic Updates website and triggers LiveUpdate). I've seen no effort by this application to contact any IP in Africa. Finally, I'm not aware of any method to determine if the application is accessing internet history.

As far as I can tell, this application is not at all unusual, with most computers (any operating system) containing similar applications with similar functions.

stewart

What you are saying is true. But how can you explain Symantec and even digg wiping out evidence about the file?