It looks like this question has been out there for a while. My company recently implemented McAfee, and we are seeing this type of activity as well. It looks as if the threats are all in the C:\Documents and Settings\All Users\Application Data\McAfee\DLP\Temp folder structure. We are seeing several different threats indicated, some that I wouldn't expect to see in this location (Java Exploit CVE-2012-1723 is one). Does anyone have any information on this?