Hello @itguy1024 ,
yes, Secure Endpoint has full access to the disk, but if the service does not get the right access permission from the Operating System (e.g. running process), this might generate a failed quarantine event. Another option could be, that the file is a temporary file from the browser cache. So when Secure Endpoint wants to remove the file, it is not there any more.
In such a case, we need a closer look how the event looked like.
Greetings,
Thorsten