| Tuesday May 24th 2016

What is PIFTS.exe?

Cliff Notes: Symantec releases an update that searches your internet history, Google searches, and index dat files. The program records them and has a wait on it as in what to do with the information it has gathered. Well, /g/ found out, told /x/ and the internet was informed. Hackers opened everything up and looked at it in depth and we found out it was all true. Some retard told /b/ and /b/ raided the Norton forums and now they have the potential cover they needed to discredit anyone who speaks out.

Norton AntiVirus GodfatherSomething strange is going on across the Internet. Some Norton AntiVirus users are receiving pop-up messages alerting them about an application called PIFTS.exe that is trying to connect to a server. But what is PIFTS.exe? Why does it need to access the Internet? What is it trying to access? What connection does it have to Norton (or Symantec, the company that produces Norton-branded products)?

As of right now, we don’t have many answers to these questions. What we do know is that it appears to be linked to a Norton update cycle. Whether Symantec is responsible for the application or not still isn’t known. Nor do we know what the application’s purpose is. All we know is that the application appears to connect the user’s computer to a remote server.

To make matters more confusing, it appears that inquiries posted by Symantec customers to the official Norton forums have been removed. Other online communities like ZoneAlarm’s forum are now hosting discussion threads about PIFTS.exe. Tech-Linkblog has a post about the application that includes screenshots of posts in the Norton forums before they were removed. It looks like no one is quite sure what is going on, but there are several theories being bandied about.
One theory is that PIFTS.exe is part of an automatic update and is nothing to worry about. Another is that Norton has been compromised by malicious hackers. At least one theory is that the application would connect the user’s computer to a server in Africa. With threads disappearing from Norton’s forums, paranoia is understandably running high. Is Norton trying to cover something up? Or is someone else deleting the posts?

It’s possible that the entire debacle is much ado about nothing, but until Symantec addresses the issue in an honest and informative way we’ll probably see dozens of different theories ranging from an honest blunder to malevolent attacks on customers. My advice is to not allow PIFTS access to the Internet and to watch for an official statement from Symantec regarding the problem.

//Edit: Here is Symantec’s official statement.

Anonymous attacking the Symantec discussion forums


Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.