found this at a clients house it wasnt active…MBAM didnt detect yesterday but it did detect this today…
is this a false positive or real malware??
Try another scanner since this was done 7 hours ago and see what results you get. Otherwise, I’m sure Avast will check with their detections and look into it.
Hi folks,
See discussion here: https://forums.comodo.com/av-false-positivenegative-detection-reporting/submit-malware-here-to-be-blacklisted-2012-no-live-malware-t80088.0.html;msg609066
polonus
thanks! that does look like a malware…submitted to avast via chest! 
The name alone xp-antispy smacks of rogue anti-malware, so I would have been suspicious on the name alone.
I would have investigated first and there are many search hits on xp-antispy, some showing it is a legit program available on many download sites, http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/XPAntispy.shtml.
What it does might well be considered suspicious activity, sort of PUP like.
What you have to determine is if this is that legit program.
as i said earlier,this was on client machine always it executed itself on the machine and crash! i guess it is a suspicious program
I traced the location of file using COMODO Killswitch as it was xp machine and task manager in XP doesnt show locations…it was residing in a odd location somewhere in windows/temp
Hi DavidR,
That is true. If true indian had googled http://www.google.nl/search?sugexp=chrome,mod=13&sourceid=chrome&ie=UTF-8&q=ed313ef6053dada4ff737b27f3fe0b4bfe547d993938d1bb05396b21f3615ceb he would have stumbled upon that information right away.
Then again this would have brought him even further: http://www.google.nl/search?sugexp=chrome,mod=13&sourceid=chrome&ie=UTF-8&q=Quarantine.zip
A browser has a search function, then why not use it! e.g. http://f.virscan.org/Quarantine.zip.html (flagged trojan like behaviour)
polonus