Hi malware fighters,
All information on a mysterious executable in their updater suddenly were taken of the forums and the Internet: http://it.slashdot.org/article.pl?sid=09/03/10/139229
This is real security through obscurity. What is this PIFTS PIFTS.EXE?
polonus
Hi CharleyO,
Here you can have a look at what it does in SafeHex:
http://pastebin.com/m1e207a78
That it resolves to swapdrive is also interesting, though, in that they may be sending our information out to be stored on their servers in Washington.
For those who don’t know, Yahoo, Symantec, and Swapdrive (being owned by Symantec) are all basically the same company now or very close linked anyway.
Could be something quite benign, could not be, but cleaning up all the Google traces later is making people curious,
WARNING:We’ve been sent an example of a web page targeting the term “PIFTS.exe” along with other popular search terms that lead to obfuscated javascript that leads in turn to actual malware.
Take care if you search for this: you might find the bad guys out there taking advantage of our interest in PIFTS.exe already.
At the time of writing the page we were notified about was not (anymore?) indexed in google, but YMMV,
polonus
Hi malware fighters,
Symantec’s spokesman Cole said the PIFTS file was part of a “diagnostics patch” shipped to Norton customers on Monday evening. The purpose of the update, Cole said, was to help determine how many customers would need to be migrated to newer versions of its software as more Windows users upgrade to Windows 7.
“We have to make sure before we migrate users to a new product that we can see what kind of load we can expect on our servers, and which customers are going to have to be moved up to the latest version of our product,” Cole said.
The removal of the forum threads were because new registered users tried to abuse these, and that is always being taken off immediately.
Users beware of variants of PIFTS.exe on the Internet, because these could contain malicous code as malcreants like to jump to the occasion spreading their malicious creations, and it could well cause your good old computer to go really pfffffftttt, Re: http://www.sophos.com/blogs/gc/
polonus
What an absolute load of rubbish.
There is no correlation with the number of users they have to those that might, just might upgrade to windows 7 and if they do would they after this fiasco trust them to be open and above board.
I think they got with their fingers in the cookie jar and are hunting for an excuse.
They could just have easily said all customers need to migrate as that is about as much use as who of their existing customers might upgrade to windows 7 possibly 9-12 months away.
I seem to recall a company that produced CD and DVD players etc
that got caught in the famous “DRM” scandle.
Is it now Symantec’s turn to loose millions because they can’t tell the truth ???
Hi 
What a load of… Hogwash! :
I’m So Glad I killed NIS 09 … & … Installed Avast Instead 
First the Ask Toolbar … & … Now This!
I reckon I had a lucky escape.
Got Rid… Just In Time! ;D
Good you can alway scan your pc for virus and if u want a firewall let us know or if you got windows firewall then nothing to say lol
Hi Mr.Agent
Yep! … I’ve got a Firewall
At the moment I’m using - PC Tools Firewall Plus
Need an easy one!
As I’m not so clever when it comes to Firewall stuff :-[
Only Trouble Is…
Symantec have bought - PC Tools Firewall Plus :
Any Funny Business…
And I’m just hoping that the New Firewall Avast is making… Is a good un
As long as Avast doesn’t make their new Firewall too complicated - Like… e.g. Comodo
Thanks!
ya i also hope its will be good dont worry they know what they do im sure
Hi posters in this thread,
Now aren’t you all glad now to be part of this big avast family?
Well at least I am, and that is a sure thing…
polonus
Hi polonus
Now aren't you all glad now to be part of this big avast family?
I Sure Am!
Yes i do, no cons to say
Hi malware fighters,
Stonewall raised: http://community.norton.com/norton/board/message?board.id=nis_feedback&thread.id=39119
polonus
The bit I found interesting was if the diagnostic patch (huh) had have been signed it would have sailed through the firewall, presumably they are talking about the NIS firewall.
Has no one told symantec some malware authors also have signed malware. Nothing should be allowed out signed or otherwise and should be challenged the first time it attempts to get an internet connection. Otherwise this drives a coach and horses through NIS’s supposed internet security.
All in all they have shot themselves in the foot as far from a diagnostic patch it could well put their users at risk trying to find information on this a stumbling upon a malicious site exploiting the poorly though out action of pushing out theis so called diagnostic patch.
Now aren't you all glad now to be part of this big avast family?Sure am :) And Damian when are you going to invite the family all over for dinner ;D Guess i will use the PCTools Firewall Plus until the Avast! one is available ;)
Hi drhayden1
Please Note!
If you do install - PC Tools Firewall Plus
You should probably turn - Enhanced Security Verification - OFF
Open … PC Tools Firewall Plus
Click On - Settings
Click On - Filtering Tab
Un-Tick - Enable Enhanced Security Verification
Click On - Apply
I’ve got PC Tools Firewall Plus on both my Laptop and Desktop Computer … But with ESV - OFF
Why?
Coz…
Starting Since Version 4 … PC Tools Firewall Plus … Now Comes With - Enhanced Security Verification ( ESV )
ESV … Is a relatively new feature that PC Tools have added to their Firewall … But It Has Problems :
Can Cause… High CPU Spikes, Manic Hard Drive, Freezes, Blue Screens :o
So!
Even though - PC Tools Firewall Plus … Is a great little Firewall 
Enhanced Security Verification … Is Best Left - OFF … Till they get it right!
Just remember to turn ESV - OFF … And you should have No Problems at all
Just remember to turn ESV - OFF .. And you should have No Problems at all
thanks-just did-but never had any problems with pctools firewall in the first place
Hi drhayden1
Sorry! :-[
I didn’t realise you already had PC Tools Firewall Plus installed.
That’s why I wanted to warn you
Blue Screens … Can be rather a Shock! :o
Some people say their computers are OK with … ESV - ON
But for most people… 
See Here : http://www.pctools.com/forum/forumdisplay.php?f=30
I didn't realise you already had PC Tools Firewall Plus installedBeen using it since the beginning and waiting on the Avast! Firewall ::) ??? ;D