Around 7:30 p.m. Pacific Time, Symantec noticed that its Norton support forums were being flooded with blank messages that had PIFTS.exe in their subject line. Within three hours there were 600 posts about PIFTS.exe. The posts contained no text, only subjects such as "IF PIFTS.EXE WAS HERE, THEN WHO WAS PHONE?" and "OH GOD YOU GOT CHOCOLATE IN MY PIFTS."

Symantec began deleting the messages, assuming they were from spammers.

Soon the SANS Internet Storm Center had picked up on PIFTS.exe and noted that Symantec discussion-group messages were being deleted. Noting that messages mentioning the mysterious file name were being deleted from Symantec's support forums, SANS said that something "truly bizarre was going on."

By now, Norton users were becoming worried. "Norton Users Worried By PIFTS.exe, Stonewalling By Symantec," read a

"Whether you believe this is something malicious or not, it is worrying the lengths the company will go to stop people from asking questions about PIFTS.exe," to the Abovetopsecret.com Web site. "If you have Norton on your computer, I currently advise you to not allow pifts.exe through your firewall."