pifts.exe?

[CentralDogma]

All of the sudden people around the World are seeing PIFTS.EXE popping up. Norton Antivirus is asking users if they want to accept it. ... I look a look for this and it is SwapDrive. So this must be an update to Swapdrive but I am unsure as to why it pops up that way. The other ip is in Africa or at least take the .80 out of the equation and it points to an Africa IP. ... Seems Norton Deleted all post about PIFTS.EXe so I don?t know what happened but This will have to come out in the open sooner or later. I just hope it isn?t going to be to late.

link

Heard that Yahoo answers was deleting questions related to it, but has since stopped. Can anyone with NIS confirm that this thing exists?

[CentralDogma]

Just wanted to update: Symantec is still deleting any topic on pifts. People who call up Symantec's support line are being told it's "part of the install process". Rumor is that it has to do with Magic Lantern. An analysis has confirmed that it is dangerous, but that could be normal for an antivirus program.

Looks like the story has gotten attention from The Register, The Inquirer, and The Washington Post. So, mabey there is something to this.

Also, just to warn people, don't go around downloading exe's named pifts. Some copycats have created viruses with the same name to take advantage of the situation

[ElliottLan]

It seems to send client statistics to an IP which people claimed was in Africa or something. IMO it was mostly hype. I acquired the EXE and packet-sniffed it myself and it only appeared to send a blank client version (as I persoanlly don't run norton antivirus)

Time will tell I guess!

Here is Symantec's official response:

http://community.norton.com/norton/board/m...9&jump=true

http://community.norton.com/norton/board/m...thread.id=39123

If pifts is here then WHO WAS PHONE? :p

[Tim Lopez]

Hello everyone,

I?m one of the administrators for the Norton Community Forums. First off, I would like to apologize for the removal of legitimate posts, and delayed response in acknowledging the PIFTS.exe issue. While the reason for merging like-posts in to a single thread was not intended to silence the voices of the users, we do understand that it ended up causing a lot of suspicions about the topic. We are sorry for the confusion that we have caused, and have developed new strategies to ensure this doesn?t happen again.

We launched the beta of the Norton Community Forums in April 2008. We?ve been very transparent with many issues that have come up on the boards, and utilized this opportunity to have more open discussions with those who use our software. We have also been very lenient with posts. There are threads on the forums that are critical of our products and discuss non-Symantec scanning software recommended by other users, as well as other non-relevant 3rd party software. I'm not saying this to get a pat on the back, but to acknowledge that we encourage open and honest communication on our forums. We strive to be transparent and give our customers the best information as quickly as possible.

We?ve spent the past 2 days compiling all the information regarding PIFTS.exe and detailing what it does. We?ve also included information regarding the timeline of events that happened on the forums. To view this information, please visit this forum thread: http://community.norton.com/norton/board/m...thread.id=39119

We also have a discussion thread for all things PIFTS.exe related at the following thread: http://community.norton.com/norton/board/m...thread.id=39123

Please read through the above two threads if you have any questions, as many questions have already been addressed (such as rumors that we sent personal information to our servers, rumors regarding sending information to Google, and other rumors that we were involved in a conspiracy or ?cover up?).

We welcome you to join in on the discussion if you have any concerns that need to be addressed.

Again, we?re sorry for the mishap and all the confusion that this has caused.

Cheers,

Tim Lopez

Norton Forums Administrator

http://community.norton.com