I don’t like the shortened URLs either (always suspicious of what I can’t see), so much so I have installed the LongURL Mobile Expander firefox add-on.

That said even though VT shows clean, I don’t believe that for a second. It is highly suspect for this dll to be connecting to the internet and to sites that avast considers malicious.

This type of activity is often indicative of having a rootkit on your system.