Of course everyone should know that Norton make the most fail-prone, crappy anti-virus and related products which are useless bloatware, and if you want real protection you should choose nod32 or kaspersky…

But now Norton have truly set their users up the bomb.

In a very recent Norton update, users were asked to download a file called PIFTS.exe, which allegedly collects some kind of information from you and sends it to certain IP addresses. It has been claimed that it is sent to somewhere in Africa – however other users have denied this claim. The IP addresses which I am aware of it tries to contact are two – the first, a Microsoft IP, and the second is an unknown IP address within USA (somebody claimed Google). I didn’t save the IPs anywhere, so I can’t put them up here at this time.

A lot of people have been posting on the Norton forums at http://community.norton.com/norton/ – and the staff have deleted every single post and thread made about the file, and banned every user who made these posts and threads.

People have rang up Symantec about it, and they have been put on hold, lied to, told the staff know nothing, etc.

Important Links

Tech Link Blog Article
ATS Thread
Another Blog
Symantec Co-operates with the FBI, on logging users’ keystrokes
Disasembled Program (assembly code of pifts.exe)

There’s a lot more links at the above links.

Steps to solve the problem

1. Uninstall all Symantec Software, making special note to get rid of their UpdateLive crap or whatever they call it these days.
2. Be sure to shift+delete everything to do with Norton and Symantec on your computer.
3. Install kaspersky or nod32.
4. ???
5. $$ Profit $$