how to find and block pifts.exe (the Norton sneaky file)?

H

H.S.

Hello,

Just came across this news which is apparently still unfolding:
http://www.reddit.com/r/reddit.com/comments/83hjr/symantec_covering_up_the_piftsexe_file_and/
http://www.tech-linkblog.com/2009/03/conspiracy-theories-run-rampant-due-to-piftsexe.html/
http://slashdot.org/comments.pl?sid=1155299

Apparently Zone Alarm is warning users that a pifts.exe is trying to
access the internet. It belong to Norton (Symantec), who in turn have
been deleting all related posts from their message boards -- censoring
everything related to it. Everything is very fishy. The file apparently
tries to call random IP addresses.

I was wondering, how can one safeguard oneself from such a file's
outgoing access without having Zone Alarm? Or just by using Window's
built-in tools?

Second, how does one find out if such a file exists on his machine?
Apparently, it is in a hidden folder (see first post at
http://slashdot.org/comments.pl?sid=1155299).

Thanks.
 
H

H.S.

H.S. said:
Hello,

Just came across this news which is apparently still unfolding:
http://www.reddit.com/r/reddit.com/comments/83hjr/symantec_covering_up_the_piftsexe_file_and/
http://www.tech-linkblog.com/2009/03/conspiracy-theories-run-rampant-due-to-piftsexe.html/
http://slashdot.org/comments.pl?sid=1155299

Apparently Zone Alarm is warning users that a pifts.exe is trying to
access the internet. It belong to Norton (Symantec), who in turn have
been deleting all related posts from their message boards -- censoring
everything related to it. Everything is very fishy. The file apparently
tries to call random IP addresses.

I was wondering, how can one safeguard oneself from such a file's
outgoing access without having Zone Alarm? Or just by using Window's
built-in tools?

Second, how does one find out if such a file exists on his machine?
Apparently, it is in a hidden folder (see first post at
http://slashdot.org/comments.pl?sid=1155299).
Click to expand...

Got it. Quote from
http://forums.zonealarm.org/zonelabs/board/message?board.id=Off-Topic&message.id=19903
is the following:
The "PIFTS.EXE" file is located within the "C:\Documents and
Settings\All Users\Application
Data\Symantec\LiveUpdate\Downloads\Updt61" folder on my hard drive. The
"UpdtXXX" folder (where "XXX" may be any 2 or 3 digit number) will most
likely be different in your computer. By default, the "Application Data"
folder is hidden. So, you may need to unhide the folder first before
viewing its contents. And if searching for the "PIFTS.EXE" file, you
will need to alter the "More Advanced Options" to include "Search Hidden
Files and Folders". By default, the Windows Search utility does NOT
search hidden files/folders.

end quote.
 
P

Peter Foldes

Here is the best solution that I can recommend for you

(1) Uninstall Norton and replace with something like Avast,Nod32 and etc (no MacAfee
or Trend)
(2)Uninstall ZA and use your Windows Firewall

Both these programs above are not very friendly when they decide to get into a bad
mood. They are extremely moody programs when it comes to XP\Vista\
 
H

H.S.

Peter said:
Here is the best solution that I can recommend for you

(1) Uninstall Norton and replace with something like Avast,Nod32 and etc
(no MacAfee or Trend)
(2)Uninstall ZA and use your Windows Firewall

Both these programs above are not very friendly when they decide to get
into a bad mood. They are extremely moody programs when it comes to
XP\Vista\
Click to expand...


I knew that Norton Symantec products were resource hungry. I saw how bad
they were when I removed Symantec antivirus from my laptop several weeks
ago. Its performance shot up, it became very fast and responsive. I have
installed AVG since. The machine is much better running in terms of
being busy than with Symantec products. And it runs quite cool and quite
now! With Symantec stuff, its fan just wouldn't take any break at all,
just change speeds now and then.

Zone Alarm is a different case. It does make the machine take longer to
boot, but it gives outgoing firewall control and is not as resource
hungry as Symantec stuff. Without ZA, the above reports by different
users would not have been realized; Windows firewall would never have
flagged this. Having said this, I have removed ZA from the laptop as
well (since several weeks ago after using it for some years) and now
rely on Windows firewall.

But this pifts.exe is a reminder of what is lacking in Windows firewall.

Regards.
 
Top