I just have to say, today has been an exceptionally cool day with epic wins all round.

Torley Linden and Matt Harding (of Where the Hell is Matt) get to dance together!

SameTime gets some very smooth integration with OpenSim.

SecondLinks has an epic list of blog links relating to Second Life. Nice work!

NebuAd CEO quits and Google learns very quickly about pissing off a fan base the size of a planet (see comments there for a quote of Google's official statement that they are working to remove the offending section). Worryingly, people are also reporting in those comments that they have unusually high disk activity when using Chrome.

In a series of previous posts I've been looking into Norton 360 and AVAST having detected Spyware.Ardakey keylogger in the popular Wall-E demo PC game.

Tonight I decided to continue the investigation as far as isolating the exact signature location that causes the match. Things went all too smoothly to the point where I realised it wasn't detecting it at all anymore. I double checked using the original file, I triple checked using a fresh download from the web site and compared md5sums. The file has not changed. Norton 360 no longer detects anything wrong in the unchanged file. I ran it through AVAST, same thing. No longer detects it.

Clearly signature updates have been published by the two AV companies. Possibly the same signature database, shared between the two AV solutions? I'll bet you wouldn't have known that if we weren't looking at these kinds of things. Someone ask them for a press statement about it.

As far as feedback goes, I got a bulk standard response from Pixar. Chris Boyd had no response from THQ, but CacheFly gave as good a response as they are allowed. Symantec - well I gave up clicking in circles on their site. I don't know if press statements are being prepared by the companies concerned.

We've also learnt that malware in files bigger than 10MB are bound to rule the planet because people simply can't submit them as samples! Security community: this needs fixing or at least consideration.

I've personally learnt that security people act as a highly-motivated community. I'm amazed at how quickly a network of communications happened in the background, unseen on these blog entries and all the help everyone put in to simply get as many eyes on this as possible. Microsoft Security MVPs, FaceTime and Sunbelt Software, I thank you especially for getting your eyes on this and at least introducing yourselves. Wayne Porter gets a special mention for getting the word to the right people and coordinating people whilst people got busy.

My motivation in this instance, you may ask? I'd say two things: 1. if you're a parent, you'd understand what it's like for your kid to have tears in their eyes from dashed hopes; and 2. what if it really did have malware in it - even if it was an unintentional infection prior to release?

So, was it a false positive or did the AV companies just exclude it regardless of what it contains? But that's another post. Now can my nice gradual organic growth of readers please return to what it was, thanks. Move along please, nothing to see here folks, just some guy and his blog. That's it, keep moving. Thank you.