Temporary malware inspection files may not be deleted in some cases from the ScanStorage folder on a Microsoft Forefront Threat Management Gateway (TMG) 2010 client. Over time, this may cause the folder to exceed the maximum storage limit. When the limit is exceeded, new client downloads cannot finish successfully. Additionally, you receive the following error message:
Access to the file is blocked.
Access to filename file is blocked due to security policy settings: The disk space allowed for malware inspection is currently full
By default, the location of the ScanStorage folder is as follows:
However, the location can be changed on the Storage tab of the Malware Inspection properties.
The files are deleted as expected when the TMG Firewall Service is restarted.
This problem occurs because temporary files may not be deleted if TMG is configured to use the progress notification content delivery method for the client, and then you download a file. When the download is complete, and the content is scanned, you are presented with a direct link to download the file. If you click the link, a dialog box appears that has Open, Save, and Cancel options for the download. If you click Cancel at this point, or you cancel the download after you click Save, the temporary file for the download may not be deleted from the ScanStorage folder.
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates