I'm having a little trouble understanding what to do about this message. I have clients occasionally getting infected files in their temporary internet files folder. The actions we have set for everyting are Delete then Quarantine. The reports we are getting are that the files were "Left Alone" For example:
Risk / Risk Type: Trojan.Pidief / Viral
Action / Source: Left alone / Auto-Protect scan
File / Entry: C:\Doccuments and Settings\<username>\Local Settings\Temp\plugtmp-6\plugin-allpdf.php
There is an associated entry in the Application logs of the system as follows:
Source: Symantec Antivirus
Type: Error
Event ID: 51
Description: Security Risk Found!Trojan.Pidief in File: C:\Documents and Settings\mas908\Local Settings\Temp\plugtmp-6\plugin-allpdf.php by: Auto-Protect scan. Action: Delete failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.
As "SYSTEM" has full access to the location of the file, I don't really understand why these things are not being deleted. Can anyone shed some light on this?