Two Trojans - Anyone see these???

I did a scan on a computer and saw these two trojans. Anyone seen them before, don't know if these are false positives from AVG antispyware.

dja2k

 

Well, considering I have iTunes installed and do not have that "additunes" thingy you got there, yes I'd be concerned Also, there's the location, \system32\, that's kinda wrong place for normal applications to install anything.

Just my .02€

PS. There's always Virustotal (and Jotti) where to submit suspicious stuff for second opinion(s).

 

according to a quick google search they dont seem to be FP's
do you have the online armour with KAV? if so update the av module and run a scan of the system32 folder. if not then follow the advice from the above poster about using virustotal.

 

Nothing else (Asquared, KAV, etc) picked those two up but only AVG antispyware did. My OA AV+ KAV definations are up to date and those two .exe's aren't even on my OA list, they haven't tried to run.

dja2k

 

The next question is, are those legit files? For example, that additunes.exe seems to be associated with something called 3gp converter?

 

Now we are getting somewhere. I have some video converters, don't know if that belongs to one of them. And another related process to additunes is ATOMChanger.exe according to a google search and look how similar that is to the other apexchanger.exe.

dja2k

 

Weird that I have another exe in the system32 called apexcoverter and that one isn't flagged as a trojan. Look at the attachments, nothing else picks additunes nor apexchanger as torjans.

dja2k

 

Virus Total results are in the attachments. From what I see, only AVG Antispyware (ewido) shows those as trojans on both results, so they are probably false positives.

~VirusTotal screenshots removed per Policy. - Ron~

dja2k

 

Maybe this will help.
http://www.siteadvisor.pl/sites/findmysoft.com/downloads/7616545/

 

Yep that might be the traces leftover. I think I installed apex converter in the past but removed it. Weird thing is that AVG AS barely picked them up. Thanks all of you.

dja2k

 

Yes, it's a combination of 2 things.
1. First an incomplete uninstall with leftovers.
2. Then 2 false positives (= leftovers) reported by a scanner.
Much ado about nothing and a waste of time, which is usually the case when scanners report false positives.