I'm troubleshooting a SAV client 10.2.0.276 with the help of scan engine 18.104.22.168 and up to date definitions. Seems to be the same problem described here, unless successful SAV quarantine all files. Tmp, so that no files to delete when you boot in safe mode. Once or twice a day, upset tens of Auto-Protect of these files, all of this forms with DWH ***. tmp in the Temp folder. The link leads to a specific KB Trojan horse generic entry in the type of Trojan. Still appear once or twice a day, and I can not understand what is being, or is actually a Trojan horse in the first place. I suspect it is a false positive, but can not be sure. Does anyone know what could be the creation of these files, and how I can stop the malicious software, or fix SAV not call if it is a false positive?