Quote - Your plan of action looks very sensible, and I would be very interested in any results you obtain if you do get a 'suspect' exe to study, whatever the result.

Thanks, it is my intention also to document every step, so people can verify it themselves, instead of having to rely on my word alone. Also, if I have to take it up to F-Secure lab, I'll do my best to squeeze a full report out of it. 

Quote - Since you are approaching this in a professional way and intending to investigate first hand, I would be inclined to trust your findings. I think you should be mentally prepared though that some people will not believe your results unless they agree with their pre-concieved ideas on what the answer will be.

Sadly, this is a feature built into humans. Fallible, we are. 

Quote - It appears to me that you are the man that actually can!

Lady, but no offense taken. ;) 

Quote - I agree with Ian regarding your test and verification investigations........some people only want to hear what they are saying themselves!

Possibly, but I want to give them benefit of doubt, and start with the assumption "they saw something, let's investigate what they saw". In order to investigate, I must know details. If people worry that they can't tell me out in public, because "of course they'd be taken off store and you couldn't check or modified to remove the harmful bits" or something like that, my private message box is accepting contacts.

Like I said, I'm willing to get the item, poke and prod and see what happens. However, I expect cooperation from the other party too, and that cooperation requires...

1. Providing me .exe file names (names, not files themselves), and willingness to answer questions if I have any; my questions are going to be along lines of "OS, running processes, day of acquiring the file, source, default browsers, software used to initial examination of the issue" and so on.
2. Comparing file hashtags afterward in order to find out whether we have the same version, acquiring a different sample if I must

I am fully ready to do all this in privacy of private messages or e-mail, hey, whatever. But I am not willing to go running around like a headless chicken and guesswork which .exe file is doing it.

Just because file XYZ is bringing up an alarm, and is from the batch claimed to be foul, it does not mean that file ABC from the same batch is going to do the same. What if in compiling the exe one option was switched off? What if I grab ABC which doesn't alarm anything, whereas the culprit is XYZ? 

This is why I absolutely need to know a file name that gave the trouble. This is why I need to compare results and hashtags.

Believe me, if I find anything that looks like virus/trojan/rootkit/data miner/etc I will absolutely blow a gasket and go on warpath. 

But in order to do that, I need cooperation.

If I can't get any cooperation, I cannot allocate resources and investigate.

Quote - By the way, my dog likes you.

Err, I'm honored? My in-laws' dog just wants to stick her nose into my face or my crotch. Is this doggese for "I like you"?