It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI: Tech Fears Arise Over Norton and Pifts.exe

page: 18
267
<< 15  16  17    19  20  21 >>

log in

join
share:

posted on Mar, 10 2009 @ 02:52 PM
link   

Originally posted by -0mega-
Unless people post pieces of code here from the program that do what people claim that it does


Doesn't your friend have midterms they need help with?

Or are you finally able to quit posting here and bring out some of those 1337 skillz you claimed to have earlier?

I knew the 4Chan boys would get the blame for it - but let's make sure they know there were posters asking plenty of reasonable questions beforehand that were deleted.

-m0r




posted on Mar, 10 2009 @ 02:53 PM
link   

Originally posted by -0mega-
Oh man, this is starting to look like the ChadDrone thread in the beginning.

Unless people post pieces of code here from the program that do what people claim that it does, people shouldn't be ranting and raving about some supreme killer virus made by Norton.

What is all this speculation based on anyway? An IP Address?


Maybe you outta read the thread.... Plenty of code bits, address locations, IP addresses. Lot of professional, individuals working on this.



posted on Mar, 10 2009 @ 02:57 PM
link   
reply to post by RE2505
 


Not my efforts. I haven't written since 91, not one of the two that I did ever erased any information. The operating system isn't even in practical use anymore.

Right now, as it is, I'm one of the guys that retrieves your inane crap, and cleans up your systems. I'm the electronic plumber you call when you've gunked up your machine, I'm the electronic locksmith you call when you've gotten yourself locked out of your system, I'm the electronic doctor that will tell you what you need to do to keep your system well... then watch when you don't do those things. I'm the guy that will tell you to back up what you want to keep, then answer the phone when you call frantically two years later when you need to recover your files after you never followed the backup advice to begin with. I deal with this # day in, and day out. Oh, I do pretty well at it, financially. The most effective antivirus there is is the organ that lies between peoples ears. Unfortunately, most don't put that organ to use.

One idiot took Avast! off of her machine becuase it kept bugging her too much. I'm looking at machine five this week that has the latest smitfraud suite on it, and I"m starting to think that I don't charge enough.

So, yeah there internet tough guy. The line forms to the left.



posted on Mar, 10 2009 @ 02:58 PM
link   
Just saw this on the Norton site, forgive me if it's been posted here already:

Hi everyone,



Symantec released a diagnostic patch "PIFTS.exe" targeting Norton Internet Security and Norton Antivirus 2006 & 2007 users on March 9, 2009. This patch was released for approximately 3 hours (4:30 - 7:40 PM March 9, 2009 Pacific Time). In a case of human error, the patch was released by Symantec "unsigned", which caused the firewall user prompt for this file to access the Internet. The firewall alert for the patch caused understandable concern for users and began to be reported back to Symantec. Releasing a patch unsigned is an extremely rare occurrence that does not pose any security issues to our users. The patch reached a limited number of Norton customers and has subsequently been pulled from further distribution. Norton users are fully protected and do not need to take any action as a result of this issue.



There has been activity in the Norton User Forum related to PIFTS.exe which has generated additional concern and media speculation. At approximately 10:30pmET Monday March 9, Symantec detected that our User Forum boards were being abused by an individual or individuals. One individual created a new user account and posted about the name of the patch executable, PIFTS.exe. Within minutes, several dozen user accounts were created commenting on the initial thread, and/or creating new threads on the topic. Over the next few hours, over 200 user accounts were created. Within the first hour there were 600 new posts on this subject alone. While the intent of the spammer(s) remains unclear, there were no malicious links and it simply resulted in a widespread communications challenge for Symantec. Below are some examples of the forum spam we received from these new user accounts. These forum posts contained no text in the body of the message, simply a subject:



O LAWD IM CHOKIN ON PIFTS PLZ HALP
OH GOD YOU GOT CHOCOLATE IN MY PIFTS
If you wanna be my NORTON/ you gotta deal with my P ! F T S . E X E
IF PIFTS.EXE WAS HERE, THEN WHO WAS PHONE?
PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE
I LOVE MY PIFTS.EXE


Symantec strictly adheres to its Norton Community Terms of Service and does not delete postings unless they are in violation of these guidelines. Upon determining that our User Forums were being abused, Symantec began removing the spam posts.



Finally, it has also been reported by the Washington Post that hackers are taking advantage of this situation. "Some of the top searches (currently the 3rd and 4th result in a Google search) are Web sites that try to install malicious software when you visit them." When searching for information on "pifts.exe," Symantec strongly advises all users to be wary of following links to unknown sites as malicious users are attempting to use this hot topic to distribute malware.

Message Edited by davecole on 03-10-2009 12:45 PM



posted on Mar, 10 2009 @ 03:00 PM
link   
Who uses Norton anyways?


I use it once for one year, and made my starup dead slow. It also takes loads of process which harms the PC in the long run.

I only use free software that includes Comodo (ZA is good, but its too damn slow, but comodo does the same job quicker), Avira, CCleaner(To get rid of junk, but I use it rarely too), Malwarebytes' Anti-Malware (I used it rarely), and KeyScrambler (for the internet). With that said, I have not buy any anti-virus software in years, and neither should you


Hopefully Norton can come up with a decent answer for this whole issue because it's weird.



posted on Mar, 10 2009 @ 03:01 PM
link   
heres symantec's reply..
just found out about this, and I dont necessarily care, but for your benifit, heres what they said..
community.norton.com/




Hi everyone,



Symantec released a diagnostic patch "PIFTS.exe" targeting Norton Internet Security and Norton Antivirus 2006 & 2007 users on March 9, 2009. This patch was released for approximately 3 hours (4:30 - 7:40 PM March 9, 2009 Pacific Time). In a case of human error, the patch was released by Symantec "unsigned", which caused the firewall user prompt for this file to access the Internet. The firewall alert for the patch caused understandable concern for users and began to be reported back to Symantec. Releasing a patch unsigned is an extremely rare occurrence that does not pose any security issues to our users. The patch reached a limited number of Norton customers and has subsequently been pulled from further distribution. Norton users are fully protected and do not need to take any action as a result of this issue.



There has been activity in the Norton User Forum related to PIFTS.exe which has generated additional concern and media speculation. At approximately 10:30pmET Monday March 9, Symantec detected that our User Forum boards were being abused by an individual or individuals. One individual created a new user account and posted about the name of the patch executable, PIFTS.exe. Within minutes, several dozen user accounts were created commenting on the initial thread, and/or creating new threads on the topic. Over the next few hours, over 200 user accounts were created. Within the first hour there were 600 new posts on this subject alone. While the intent of the spammer(s) remains unclear, there were no malicious links and it simply resulted in a widespread communications challenge for Symantec. Below are some examples of the forum spam we received from these new user accounts. These forum posts contained no text in the body of the message, simply a subject:



O LAWD IM CHOKIN ON PIFTS PLZ HALP
OH GOD YOU GOT CHOCOLATE IN MY PIFTS
If you wanna be my NORTON/ you gotta deal with my P ! F T S . E X E
IF PIFTS.EXE WAS HERE, THEN WHO WAS PHONE?
PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE
I LOVE MY PIFTS.EXE


Symantec strictly adheres to its Norton Community Terms of Service and does not delete postings unless they are in violation of these guidelines. Upon determining that our User Forums were being abused, Symantec began removing the spam posts.



Finally, it has also been reported by the Washington Post that hackers are taking advantage of this situation. "Some of the top searches (currently the 3rd and 4th result in a Google search) are Web sites that try to install malicious software when you visit them." When searching for information on "pifts.exe," Symantec strongly advises all users to be wary of following links to unknown sites as malicious users are attempting to use this hot topic to distribute malware.

Message Edited by davecole on 03-10-2009 12:45 PM


edited because my "speeling" sucks

[edit on 2009/3/10 by joe_dirt976]



posted on Mar, 10 2009 @ 03:01 PM
link   
And also this one, again, sorry if it's been posted already:

Hi everyone,

No doubt you've read the Official Statement about PIFTS.EXE and the reasons why many posts were removed from this forum. There was no "conspiracy" or "cover-up" - someone was spamming our forums, and we took action to remove these posts. As it increased over a few hours, many threads were removed, and several users were denied access to post in the forums. We were gathering information to distribute, and I'm sorry it took this long to post the info to everyone.



After reviewing some of the emails I've received, it appears that some posts were removed in error, as well as the access of some users. If you feel your access was removed in error, please contact me directly (my email address is listed on my user profile) and I will restore your access to the forums. I apologize for this inconvenience, and thank you for your patience while we deal with this difficult situation. Thank you also to the users who have helped us identify the malicious posts to this forum, it was a big help.

For the sake of keeping the PIFTS.EXE questions consolidated, please feel free to post all your questions/comments about PIFTS.EXE to this thread. Please do not post to a new thread, as we wish to keep all posts in one area. Before you post, please review our official statement for answers to your questions. Thanks again for your understanding with this difficult issue.



Tony Weiss
Norton Forums Administrator
Symantec Corporation



posted on Mar, 10 2009 @ 03:02 PM
link   
wow.. i've been a recent viwer on ATS. first time registering.. but always reading the daily gossip.. but yeah i just saw this on norton web site too.. wow. but anyway, nice thread and i still think its a cover-up!



posted on Mar, 10 2009 @ 03:04 PM
link   
reply to post by Terra Serranum
[Symantec strictly adheres to its Norton Community Terms of Service and does not delete postings unless they are in violation of these guidelines. Upon determining that our User Forums were being abused, Symantec began removing the spam posts.]

But they deleted EVERY thread about PIFTS.exe

It was an attempted bleach of anything mentioning PIFTS.exe and there were a lot of legitimate posts that got deleted.



posted on Mar, 10 2009 @ 03:06 PM
link   

Originally posted by m0r1arty
Doesn't your friend have midterms they need help with?

Or are you finally able to quit posting here and bring out some of those 1337 skillz you claimed to have earlier?


Never claimed to have ''1337 skillz''
Friend does need help, but apparently watching a movie I gave her had higher priority, now she needs to study for dutch test xd.

Grab a disassembler, Grab a Debugger, open the thing in both of them, and sniff around a bit.

Don't need to be an expert to see the stuff that's at the very least involved (Which I already posted)


Originally posted by notreallyalive
Maybe you outta read the thread.... Plenty of code bits, address locations, IP addresses. Lot of professional, individuals working on this.


I did read a lot of pages in this thread, but all I've seen so far is:
o ZoneAlarm asks whether program should be given access
o Person sees log about some IP
o People track and say Africa / SwapDrive w/e

A little while later
o People shout about PIFTS.exe Stealing your cookies / tracking your internet behaviour / sending all your info to Google / destroying your pc.

Oh yeah, there was someone mentioning some stuff you can see in a hex editor as well, and someone mentioned a name. Whoopdeedoo.

Now I will retract my statement if you can show me a quote of someone showing some significant Code that actually does do one of the abovementioned.

[edit on 10/3/09 by -0mega-]



posted on Mar, 10 2009 @ 03:08 PM
link   
It was probably 4chan fault
They got too many spammers and so called "hackers" who can't erased their own info when "hacking" into another person email


The Norton forums were probably down because someone use it to start/initiate a DDOS attack.

Sad



posted on Mar, 10 2009 @ 03:08 PM
link   
The statement by Dave Cole, senior director of product management at Symantec, and other "official" statements sound so convincing I'd easily believe it if I hadn't been on here all morning.

Sad that millions of people will not know the truth behind this, simply the eloquent b# the moneymakers provide us...

Thank you all at ATS for such insightful, well researched, and passionate communication today!

tell a friend about ATS!



posted on Mar, 10 2009 @ 03:10 PM
link   

Originally posted by Terra Serranum
If you wanna be my NORTON/ you gotta deal with my P ! F T S . E X E
IF PIFTS.EXE WAS HERE, THEN WHO WAS PHONE?


I'm predicting Bumper Stickers and T-shirts coming from this. Can I add...

Norton PIFTS me off!
SHHH! You can't say "PIFTS" on the Internet!
Norton says, "Give the PIFTS that keep on PIFTing"
ATS: Deny PIFTS.exe

[edit on 10-3-2009 by saint4God]



posted on Mar, 10 2009 @ 03:15 PM
link   
well they officially made a discussion about it at community.norton.com...

Maybe they will give some "answers"?



posted on Mar, 10 2009 @ 03:21 PM
link   
reply to post by tommyboy1981
 


(Page 9)



But there is no autorun added to the registry so once it has been executed there is no way to execute it again unless the main components call PIFTS.exe each time they run.


Dude... You ARE kidding right? (Read: There are a LOT more ways to insert code into a Winbox than 'autorun'
)


(Page 12... I think I'm losing ground.
)

reply to post by zsrgt
 




No,

This has nothing to do with the whole PIFTS.EXE thing.

Like you said you were scammed. What you should have done is just reformatted and reinstalled your OS.


This is really BAD advice...

If you are a novice, get some help from someone that has a clue. Do NOT reformat your machine. And do NOT pay anyone for anything with regards to an annoying popup.


The 'official' cover story from Symantec... (How many have there been?
)

That would be 100% after the fact spin and it rhymes with B and S.



If I was a betting man, I would float a line like this...

It looks like the pot smoking chimps at Symantec got busted... (or sabotaged
)

And are now spamming their own boards to try to smoke screen the whole thing.

You might want to keep in mind the sophistication of the recent spate of root kit/trojans... And the fact that none of the so-called 'tools' (by anyone) actually repair the registry damages.

You WILL inevitably bring your machine up to date (in compliance with the norm).

What do you THINK the implications of that are? How about vis-a-vis the role of the 'virus' packages?

Bottom line parting thought...

Do you REALLY think you have ANY privacy on the net?





[edit on 10-3-2009 by golemina]



posted on Mar, 10 2009 @ 03:21 PM
link   

Originally posted by Unlimitedpossibilities
well they officially made a discussion about it at community.norton.com...

Maybe they will give some "answers"?


The fun never stops. Rule #1 of a conspiracy, begin your statement with:

"There was no "conspiracy" or "cover-up" " - Tony Weiss, Norton Forums Administrator, Symantec Corporation

I kid, I wish Tony and family all the best and am sorry Norton selected him as the one to be pushed out in front.

Then comes: "Why does Symantec hate freedom and privacy?"

I can assure you Symantec loves freedom and privacy. They love the freedom to see what you're doing and the privacy of not having to answer for it. Oh goodness...now it seems I have the same virus these other posters do...



posted on Mar, 10 2009 @ 03:24 PM
link   
Mass Hysteria at its finest guys. You got to love it.
Don't always believe everything you are told. you know the old saying a pinch of salt.

P.S. 4CHAN IS FAMOUS FOR SOME GREAT JOKES.

This is just a Internet meme e.g. urban myth stuff



posted on Mar, 10 2009 @ 03:29 PM
link   
PIFTS.exe is a file created by Norton that connects to stats.norton.com and let's their servers know the status of one of their software updates installed on your computer.

Calm the hell down, I said go back inside your homes and dont look at what is going on outside.



posted on Mar, 10 2009 @ 03:29 PM
link   
reply to post by joe_dirt976
 


Thus far, Symantec is handling it pretty well. They're just saying, "It was a little screw-up. Sorry guys."

Fair enough. We will forgive you...

... BUT... what makes this file so special? If you browse through Norton's forum, you'll notice many, many posts of the same kind "What does this file do...", "This file wants to access the Internet... Should I allow it?" and so on... Hundreds of similar questions. (And perhaps even grander ideas for conspiracies?) What makes Pifts so different that it took the Internet by storm?

I watched this pretty much all day long. My first post in this thread is the first post after the OP - more than 12 hours ago.
I posted the following link:
Search Results At that point there were only 3 results in the search and all 3 of them were already deleted when I tried to look at them. I can understand that they want to delete spam - we do it on ATS as well. But do they really resort to "Delete all Pifts threads" after only 3 threads - off which at least 1 was a legitimate thread?!

It simply doesn't add up. I'm more than willing to give Symantec the benefit of the doubt... Perhaps somewhere there's a poor programmer hoping he'll still have a job at the end of the day... But from where I'm sitting... 1 + 1 doesn't equal 2...



[edit on 10-3-2009 by Gemwolf]



posted on Mar, 10 2009 @ 03:31 PM
link   
reply to post by saint4God
 


So do you honestly think YOU are being spyed upon?


Sorry, were not all Russian KGB...I know everyone wants to live a movie script...



new topics

top topics



 
267
<< 15  16  17    19  20  21 >>

log in

join