Hi msaluste.

Here the anubis report for the file attached: http://anubis.iseclab.org/?action=result&task_id=18bd5af96ab5f35e4bd2a97e9407e5468&format=html
Low risk file could be classified as risktool or a FP.
wait for avast’s verdict

There are some characteristics the software shares with particular code on Zeus malware.

odm3o1u3 script[1];
\4X23OP2B\style[1].css in spoofs
unnamed file 0x00120028 for mail account creator

Non-system processes like wshtcpip.dll originate from software you installed on your system. As most applications store data in your system’s registry, it is likely that your registry has suffered fragmentation and accumulated harmful errors.

Public Declare Function mciExecute& Lib “winmm.dll” (ByVal lpstrCommand As String)
Mutexes:
_SHuassist.mtx. • IEXPLORE.EXE: CritOpMutex. Network Connections Attempts to download files

Shell.CMruPidlList mutex is also found for particular worms,

Also checked on this on your site, see attached (could this have been detected?)

polonus