It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


Norton Anti-Virus is malware.

page: 1

log in


posted on Mar, 23 2009 @ 02:48 AM
( Warning: Long read. Summary at bottom. )

Ladies and gentleman, we live in grim times. So much so that we can't even trust our anti-virus software.

Recently, Norton Anti-Virus, run by Symatec, has found themselves to be knee deep in their own #. This is due to a recent update of Norton, which contained an enigmatic little file called "PIFTS.exe". Due to them forgetting to properly sign the file, it triggered firewalls across the world. People who were curious about it quickly discovered that the file lead to a non-existent directory. The file itself was eventually found, and its purpose is a grim one indeed.

PIFTS.exe scans and collects data from your cookies, browsing history, and temporary internet files. It interfaces in some way with Google Desktop, and then attempts to send this information to a Symatec server.

And to Microsoft.

And to a server located somewhere in Africa.

And, perhaps most startling of all, to a company called "SwapDrive", run by one Marc Wallace. Described on its corporate website as a "Competitive Intelligence Company", it employs some interesting people. The most notable is someone identified as "Roland Schumann", who's description on the website does a excellent job of describing him and his qualifications.

"Roland Schumann is a former military intelligence officer, having served both on active duty and in the reserves. Trained in
unconventional warfare and electronic intelligence gathering, he also has practical experience in airborne operations, human
intelligence (HUMINT), counter-intelligence, and counter-terrorism. He has performed risk analyses in Latin America for the US
government and in the United States for commercial and government interests."(sic)

A point I should mention is that SwapDrive is based in the quint town of Arlington, VA. Which is also home to a geometric government facility ( And alleged airstrip ), known to most as The Pentagon. But, sadly, this isn't the end of the tale.

After discovering the program, and its function, many were confused. So, naturally, they turned to Norton's official forums to try and find answers. Their answer came in the form of every thread so much as mentioning PIFTS.exe being deleted. This irked many, who in turn went to 4chan and declared raiding season open.

The "raid" was semi-successful, but did far more then any could have hoped. Symatec, sensing an easy out, cited the "raid" as the basis for deleting any and all PITS.exe related threads. This is demonstrably untrue. Archives, screen shots, empirical evidence, and eyewitness testimony by the hundreds if not thousands all point to this being a direct and willful lie on the part of Symatec.

Finally, after much deliberation, Symatec released a statement the next day that effectively dodged any actual discussion of the matter, and opened an official thread for "answering questions". The result was thirty pages of vitriol, anger, and confusion ( All justifiable in my opinion ) by the members of the community. After said thirty pages, "Senior" members of the board began to ask innocuous questions, which were promptly answered by Symatec, while the remaining questions about what exactly is happening were unanswered.

But, it STILL dosen't end there. Even Google is involved. Given that the top layer of refernces to PIFTS.exe have seemingly vanished from their search engine, and that PIFTS.exe interacts with Google Desktop before sending the information out, the only reasonable conclusion is that Google is at best aiding a cover up and at worst actively colluding with SYmatec and entities unknown.


Summary: Get a real file deleter and wipe Norton off your drive, then install a firewall that lets you monitor incoming and outgoing connections. ( If you value your privacy, of course. )

[edit on 23-3-2009 by TheDustman]

posted on Mar, 23 2009 @ 02:57 AM
You are wrong.
This has been covered alot over the whole web.
Independent experts have looked at it extensively.
It was connecting to symantecs data backup server
In Washington DC.
Because that's where they store there own data aswell.
The file was put out to collect diagnostic info and send it to there, for there experts to look at, to sort out conflicts in code.
It is not Malware at all.
However does symantec spy on you?
Well maybe they do, don't all company's?
It was not related at all to MS or Google.
If they cant look at your cookies and temp files etc, how are they supposed to weed out false positives?
They need to know the code of almost everything, in order to make there security software function properly.
I personally don't use it, but its not malware.

posted on Mar, 23 2009 @ 03:13 AM
Norton offered the best anti-virus protection - once.

Policies changed and the company philosophy. It is no longer even in the top 5 anti-virus programs and there is an overwhelming drive to attract and maintain customers based on their once solid rep.

The current version of their product is a terrible memory hog that can immobilize your computer and not particularly effective in preventing malware from entering. Almost impossible to get rid of traces in your system and registry even when you remove it through the uninstall tool they provide.

Avoid the company and it's products.


posted on Mar, 23 2009 @ 03:15 AM
bravoo dustman you have brought truth forward for people to see!
i stoped using norton along time ago when i started seeing it cant protect or clear just hogs your system to oblivion....maybe the new versions are better but i doubt it...
AND NOW THIS!? trying to spy on us...and when we found out they dont give an answer?they just delete threads? why those incopetent evil greedy bastards i will take care that no one that i know uses norton any more..not that they do..theyr not dumb...

posted on Mar, 23 2009 @ 03:29 AM
As a user of Symantec Internet Security 2009, I can say first hand that it DOES NOT hog system resources and memory and slow things down to a crawl.
Granted, earlier versions were guilty of this - I had Norton 360 and removed it simply because of it's resource intensive operating, but the newer products are much better and much more user friendly. Seems they listened to customers!

posted on Mar, 23 2009 @ 03:30 AM
Norton is the biggest piece of crap around. EVERYBODY I know who uses it has issues with their PC. These include malware and viral infections, both real and imagined, system slow downs, malfunctions and a plethora of start-up issues.

Smart people steer clear of Nortons and McAffee.


posted on Mar, 23 2009 @ 03:44 AM
I would like to add some interesting links to the discussion. I would at them to the OP, but I'm out of room.

posted on Mar, 23 2009 @ 03:47 AM
sounds like a really #ty coverup for government operation tryting to spy on us... or some other cover up,theyr explanation on what are they doing so so unfocused and unclearly sayd that..its just sucks

posted on Mar, 23 2009 @ 05:38 AM

We already had a thread about this. :/

Yes, it's a cover up, but Symantec products suck anyway.

posted on Mar, 23 2009 @ 08:23 AM
This is why i use a mac instead for PC's...

posted on Mar, 23 2009 @ 08:26 PM

Originally posted by Britguy
As a user of Symantec Internet Security 2009, I can say first hand that it DOES NOT hog system resources and memory and slow things down to a crawl.
Granted, earlier versions were guilty of this - I had Norton 360 and removed it simply because of it's resource intensive operating, but the newer products are much better and much more user friendly. Seems they listened to customers!

Thanks for the update. Good to know something get's better rather than worse.

Some of the older AV companies have been taken over by bad guys so it's good to know who is still reliable

The latest scam is fake free antivirus progams that get on your system and actually add malware to your system.

Got one from a download site and took me a while to get rid of all the traces.


posted on Mar, 23 2009 @ 08:43 PM
This may well have been an old feature. The only reason it was even discovered is due to Symatec forgetting to properly sign the file. If it wasn't for that, it would've done this without a hitch. That raises the question of exactly how long this has been happening, and if the "problem" is exclusive to Symatec.

top topics


log in