Since monday we receive a lot of false alerts from Systemcenter Endpoint Protection. Win32/Kadena.gen!plock is detected on some clients in the c:\users\<username>\appdata\local\temp folder and the files are OLK(randomnumber).tmp and is created by Outlook.exe
endpoint on the client detects and can not clean because the TMP file is deleted by outlook. The error in the history is:
Error:0x80508023
items: File:c:\users\< Username>\Appdata\local\temp\OLK3DEF.TMP