I have seen variants of this issue posted before in past Symantec issue posts but I wanted to see if any updates have occurred in a possible solution for this annoying issue.
In our organization, we create Windows 7 accounts for our 'Public' workstations that are fairly locked down. These are mandatory roaming profiles. When the patron logs out of the account, the cached copy is deleted from the hard drive with the fresh copy then being brought over from a central server. Well every so often, the cached copy of the profile is not completely removed as Symantec has a log file in the following path locked, preventing deletion.
C:\users\USERNAME\AppData\Local\Symantec\Symantec Endpoint Protection\Logs\xxxxxx.log
The log file that is locked even prevents deletion from a Domain Admin so a script to remove it does not work. If one were to reboot the workstation then this can be deleted with no issue.