Pifts.exe Coverup or mistake? you decide

2009-03-10 10:07:00

#1

Mitch: 16 more years; +877|6768|South Florida

http://blog.bull3t.me.uk/archives/inter … -piftsexe/

Apparently something big is happening. A mysterious program known as pifts.exe is attempting to contact a server in Africa and seems to be associated with Symantec's anti-virus system, Norton. There is virtually no information on the internet regarding pifts.exe, aside from this blog and threads such as these. Symantec are supposedly deleting any mention of pifts.exe from their community forums and so users have moved to ZoneAlarm's Forums.

Last edited by Mitch (2009-03-10 10:07:47)

15 more years! 15 more years!

2009-03-10 10:08:45

#2

S.Lythberg: Mastermind; +429|6689|Chicago, IL

Norton is a virus, I uninstalled it immediately

2009-03-10 10:25:48

#3

Ioan92: Member; +337|5965

The best antivirus in the world is your brain.

2009-03-10 10:26:27

#4

max: Vela Incident; +1,652|6810|NYC / Hamburg

It's a conspiracy. Norton got together with the FBI to find a way to get Magic Lantern onto all PCs

/tinfoil hat

_{once upon a midnight dreary, while i pron surfed, weak and weary, over many a strange and spurious site of ' hot xxx galore'. While i clicked my fav'rite bookmark, suddenly there came a warning, and my heart was filled with mourning, mourning for my dear amour, " 'Tis not possible!", i muttered, " give me back my free hardcore!"..... quoth the server, 404.}

2009-03-10 10:26:48

#5

phishman420: Banned; +821|5924

https://blogs.securiteam.com/wp-content/NOD32_1.jpg

2009-03-10 10:27:13

#6

bennisboy: Member; +829|6889|Poundland

wat?

2009-03-10 10:31:19

#7

CammRobb: Banned; +1,510|6373|Carnoustie MASSIF

bennisboy wrote:
wat?

2009-03-10 10:32:01

#8

Freezer7Pro: I don't come here a lot anymore.; +1,447|6440|Winland

Goverment supervision tbh.

The idea of any hi-fi system is to reproduce the source material as faithfully as possible, and to deliberately add distortion to everything you hear (due to amplifier deficiencies) because it sounds 'nice' is simply not high fidelity. If that is what you want to hear then there is no problem with that, but by adding so much additional material (by way of harmonics and intermodulation) you have a tailored sound system, not a hi-fi. - Rod Elliot, ESP

2009-03-10 10:44:18

#9

loubot: O' HAL naw!; +470|6821|Columbus, OH

oh last friday @ 09:35 eastern time (gmt -5). My GPS lost comms with GPS satellites for 15 minutes or so on a clear day...it was odd. I thought who is going to fix the GPS sats if they are down

2009-03-10 10:55:36

#10

Ioan92: Member; +337|5965

loubot wrote:
oh last friday @ 09:35 eastern time (gmt -5). My GPS lost comms with GPS satellites for 15 minutes or so on a clear day...it was odd. I thought who is going to fix the GPS sats if they are down

I'm pretty sure there can be other reasons for loosing the GPS signal, like I dunno; interferences?

or

Inb4itwascuttoletufoflyundetected

2009-03-10 10:58:38

#11

steelie34: pub hero!; +603|6624|the land of bourbon

i have long preached the folly of using AV software, which by it's own definition, installs and runs on the same level as viruses.

https://bf3s.com/sigs/36e1d9e36ae924048a933db90fb05bb247fe315e.png

2009-03-10 11:02:43

#12

mafia996630: © 2009 Jeff Minard; +319|7006|d

COMODO ftw.

Also this pifts.exe thing is picking up steam.

2009-03-10 11:20:34

#13

Mitch: 16 more years; +877|6768|South Florida

Im obligated to say "Ubuntu ftw"

15 more years! 15 more years!

2009-03-10 11:24:48

#14

Finray: Hup! Dos, Tres, Cuatro; +2,629|6031|Catherine Black

Mac OSX ftw?

2009-03-10 11:26:04

#15

Mitch: 16 more years; +877|6768|South Florida

Finray wrote:
Mac OSX ftw?

Mac is like Linux* but with even less compadibility.

Last edited by Mitch (2009-03-10 11:30:40)

15 more years! 15 more years!

2009-03-10 11:28:19

#16

VicktorVauhn: Member; +319|6635|Southern California

Mitch wrote:
Finray wrote:
Mac OSX ftw?
Mac is like Linus but with even less compadibility.

https://3.bp.blogspot.com/_L_gIAFtvJx4/SQ-lt7n2PLI/AAAAAAAAAEI/dJBCg3gBRyU/s1600-R/linus.gif

2009-03-10 11:31:00

#17

Mitch: 16 more years; +877|6768|South Florida

VicktorVauhn wrote:
Mitch wrote:
Finray wrote:
Mac OSX ftw?
Mac is like Linus but with even less compadibility.
http://3.bp.blogspot.com/_L_gIAFtvJx4/S … /linus.gif

Hahahahahaha oops xD

15 more years! 15 more years!

2009-03-10 12:12:32

#18

pinkie_slapepd: Member; +8|5796|♥♥

Nortan fails at hacking.

2009-03-10 12:48:14

#19

Ioan92: Member; +337|5965

From Symantec

Hi everyone,

Symantec released a diagnostic patch "PIFTS.exe" targeting Norton Internet Security and Norton Antivirus 2006 & 2007 users on March 9, 2009. This patch was released for approximately 3 hours (4:30 - 7:40 PM March 9, 2009 Pacific Time). In a case of human error, the patch was released by Symantec "unsigned", which caused the firewall user prompt for this file to access the Internet. The firewall alert for the patch caused understandable concern for users and began to be reported back to Symantec. Releasing a patch unsigned is an extremely rare occurrence that does not pose any security issues to our users. The patch reached a limited number of Norton customers and has subsequently been pulled from further distribution. Norton users are fully protected and do not need to take any action as a result of this issue.

There has been activity in the Norton User Forum related to PIFTS.exe which has generated additional concern and media speculation. At approximately 10:30pmET Monday March 9, Symantec detected that our User Forum boards were being abused by an individual or individuals. One individual created a new user account and posted about the name of the patch executable, PIFTS.exe. Within minutes, several dozen user accounts were created commenting on the initial thread, and/or creating new threads on the topic. Over the next few hours, over 200 user accounts were created. Within the first hour there were 600 new posts on this subject alone. While the intent of the spammer(s) remains unclear, there were no malicious links and it simply resulted in a widespread communications challenge for Symantec. Below are some examples of the forum spam we received from these new user accounts. These forum posts contained no text in the body of the message, simply a subject:

* O LAWD IM CHOKIN ON PIFTS PLZ HALP
* OH GOD YOU GOT CHOCOLATE IN MY PIFTS
* If you wanna be my NORTON/ you gotta deal with my P ! F T S . E X E
* IF PIFTS.EXE WAS HERE, THEN WHO WAS PHONE?
* PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE PIFTS.EXE
* I LOVE MY PIFTS.EXE

Symantec strictly adheres to its Norton Community Terms of Service and does not delete postings unless they are in violation of these guidelines. Upon determining that our User Forums were being abused, Symantec began removing the spam posts.

Finally, it has also been reported by the Washington Post that hackers are taking advantage of this situation. "Some of the top searches (currently the 3rd and 4th result in a Google search) are Web sites that try to install malicious software when you visit them." When searching for information on "pifts.exe," Symantec strongly advises all users to be wary of following links to unknown sites as malicious users are attempting to use this hot topic to distribute malware.

Oh well, there goes my wild conspiracy theories, damn

BF2S Forums Pifts.exe Coverup or mistake? you decide

bennisboy wrote:

loubot wrote:

Finray wrote:

Mitch wrote:

Finray wrote:

VicktorVauhn wrote:

Mitch wrote:

Finray wrote:

Board footer