Generic Trojan - DWH*.tmp in Temp folder
I am troubleshooting a SAV 10.2.0.276 client with scan engine 126.96.36.199 and up-to-date definitions. It appears to be the same issue described here , except that SAV successfully quarantines all of the .tmp files, so there are no files to delete when I boot into safe mode.
Once or twice daily, Auto-Protect nags dozens of these files, all of them like this with DWH***.tmp in the Temp folder:
Scan type: Auto-Protect Scan
Event: Security Risk Found!
Risk: Trojan Horse
Action taken: Quarantine succeeded : Access denied
Date found: Monday, February 11, 2008 7:06:07 PM
The link goes to a generic Trojan Horse KB entry- nothing specific about the type of trojan. They keep on popping up once or twice daily, and I cannot figure out what is creating them, or if it really is a Trojan Horse in the first place. I suspect it is a false positive, but cannot be sure.
Anybody know what might be creating these files, and how I can either stop the malicious software, or fix SAV to not call it out if it is a false positive?