The second detection could well be a false positive or come in the realm of adware, that abuses a known security hole, CVE-2012-4969.
polonus