c:\windows\system32\APISlice.dll
CRC32: 529DB134
MD5: 5AE09979540864BF2AFF6427DB5AEABD
SHA-1: 5EF48F7CCD80A42E173E26F459D3A19B3F22896F
Submitted to virus lab a couple of days a go - Win32:Malware-gen
Today - Win32:PUP-gen
I can't find much info on the www.
http://www.google.nl/search?hl=nl&lr=&q=%22APISlice.dll&btnG=Zoeken&aq=f&aqi=g1&aql=&oq=&gs_rfai=Except one post that I find interesting about Acer eDataSecurity Management and Windows Live\Messenger
http://forums.v3.co.uk/showthread.php?p=1259092The "False positive" comes from one of our Acer laptop. With Acer eDataSecurity Management disabled
http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1294158428#Antivirus results AhnLab-V3 - 2011.01.04.03 - 2011.01.04 - -
AntiVir - 7.11.1.24 - 2011.01.04 - -
Antiy-AVL - 2.0.3.7 - 2011.01.04 -
Trojan/Win32.Agent.gen Avast - 4.8.1351.0 - 2011.01.04 - -
Avast5 - 5.0.677.0 - 2011.01.04 -
Win32:PUP-gen AVG - 9.0.0.851 - 2011.01.04 - -
BitDefender - 7.2 - 2011.01.04 - -
CAT-QuickHeal - 11.00 - 2011.01.04 -
TrojanPSW.Agent.uyr ClamAV - 0.96.4.0 - 2011.01.04 - -
Command - 5.2.11.5 - 2011.01.04 - -
Comodo - 7292 - 2011.01.04 - -
Emsisoft - 5.1.0.1 - 2011.01.04 -
Trojan-PWS.Win32.Agent!IK eSafe - 7.0.17.0 - 2011.01.02 - -
eTrust-Vet - 36.1.8080 - 2011.01.04 - -
F-Prot - 4.6.2.117 - 2011.01.04 - -
F-Secure - 9.0.16160.0 - 2011.01.04 - -
Fortinet - 4.2.254.0 - 2011.01.03 - -
GData - 21 - 2011.01.04 - -
Ikarus - T3.1.1.90.0 - 2011.01.04 -
Trojan-PWS.Win32.Agent Jiangmin - 13.0.900 - 2011.01.04 -
Trojan/PSW.Agent.nbp K7AntiVirus - 9.75.3435 - 2011.01.04 - -
Kaspersky - 7.0.0.125 - 2011.01.04 -
Trojan-PSW.Win32.Agent.uyr McAfee - 5.400.0.1158 - 2011.01.04 -
Artemis!5AE099795408 McAfee-GW-Edition - 2010.1C - 2011.01.04 -
Artemis!5AE099795408 Microsoft - 1.6402 - 2011.01.04 - -
NOD32 - 5758 - 2011.01.04 - -
Norman - 6.06.12 - 2011.01.03 -
W32/Suspicious_Gen2.FRSGZ nProtect - 2011-01-04.01 - 2011.01.04 -
Trojan-PWS/W32.Agent.73728.Z Panda - 10.0.2.7 - 2011.01.04 - -
PCTools - 7.0.3.5 - 2011.01.04 - -
Prevx - 3.0 - 2011.01.04 - -
Rising - 22.81.01.03 - 2011.01.04 -
Trojan.Win32.Generic.52532D2B Sophos - 4.60.0 - 2011.01.04 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.01.04 - -
Symantec - 20101.3.0.103 - 2011.01.04 - -
TheHacker - 6.7.0.1.110 - 2011.01.03 -
Trojan/PSW.Agent.uyr TrendMicro - 9.120.0.1004 - 2011.01.04 - -
TrendMicro-HouseCall - 9.120.0.1004 - 2011.01.04 - -
VBA32 - 3.12.14.2 - 2011.01.04 -
TrojanPSW.Agent.uyr VIPRE - 7951 - 2011.01.04 -
Trojan.Win32.Generic!BT ViRobot - 2011.1.4.4236 - 2011.01.04 - -
VirusBuster - 13.6.127.0 - 2011.01.04 - -
File info: MD5: 5ae09979540864bf2aff6427db5aeabd
SHA1: 5ef48f7ccd80a42e173e26f459d3a19b3f22896f
SHA256: fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c
File size: 73728 bytes
Scan date: 2011-01-04 16:27:08 (UTC)
Edit Malwarebytes and Superantispyware finds nothing