I just read about pifts.exe at a fellow Swedish blogger.
It does look a little suspicious, but I am not convinced it is a cover up.
All the threads I have seen mentioning pifts.exe at the Norton Forum site, before being deleted, has contained loads of junk.
I might be a social attack against Norton.
I am by no means a security guru, but can all you developers please end your stupid habit of saving passwords in clear text to the database.
It makes my cry when I click ‘forgot password’ on a web site and get a mail with my old password in it.
Make a hash out of the users password combined with a random value, called salt. Store the salt and the hash in the database.