Verify what action is selected in VSE.
2.Double clik Full Scan
3.Under action conferm Delet is selected.
4.Click Scan items and make requird changes.
5.Click Performance tab and Set the Artimes level High.
6.Increase the Artims level high in OAS as well.
Try these and let me know.
And VSe will remove this threat as it was coverd in the following DAT.
Another thing that you have asked, Keep UAC enabled on all client machines and users shoudnt have Domain priviliges,(failing doing so will brought potential threats to yur environment, because users wil install remove, browse any thing they want.)
I turned up artimes to high on our full scan (ran once a week), and medium on our daily quick scan. It was set to Low on both scans before, so i'll see how this works out.
You can also define a user account to use for the scans, and I entered in the local admin credentials (it was blank before), so that might help as well.
I'm also working on getting UAC turned on, although it's not my decision and may be a lengthy battle. For now i'm going through the best practise document for VSE and see if we can make any improvements. We have made lots of improvements since the previous admin, but I have a feeling we still have a long way to go.
I understand, I would like to add here that VSE will not work as firewall or will not stop user actions, let say if your user clicked any email having malicious link, so what would happen, your system will be compromised, in this case VSE will monitor suspious activities withen the system and will remove it, Its better idea to review VSE best practice guide and do according to that.
Also downlod McAfee stringer tool from here and run it on machines which are compromised, you can also do it via ePo on many machine creatig a client task.
Some more tools are here:
And I want that Run stinger tool in safe mode with networking.
Please let me know if you find something.