Solved Rkill warning on location of Temp folder how do I deal with

October 10, 2013 at 12:44:02
Specs: Windows 7
Security Rkill (program developed by BleepingComputer.com) scan says that my %Temp% folder is set to C:\windows\TEMP ," which can be dangerous " and that it is "skipping termination for this folder" well I copied and pasted the Temp folder to Documents and Settings but even though I have permission I can't delete it from windows because it saays it is in use. All I can figure about that is that is because - of course- I have windows open. What can I do about this? 1- how do I get it out of windows folder and 2- why is that dangerous? TY

See More: Rkill warning on location of Temp folder how do I deal with

Report •


✔ Best Answer
October 10, 2013 at 16:20:02
"C:\windows\TEMP ," which can be dangerous"
I would like to check further.

1: Download & run Unhide
http://www.bleepingcomputer.com/for...
http://download.bleepingcomputer.co...
To run Unhide, simply download it to your desktop and then double-click on the Unhide icon. The program will open a black box and start making the files on your fixed disks visible again. Please note, that this program will not unhide removable drives like flash cards and usb drives as the FakeHDD rogues do not target these types of drives. Once it has finished, the program will display a Windows alert stating that your files have been restored. You should then reboot your computer for all of the settings to go into effect.
Copy & Paste the contents of the log. Let me know if it doesn't produce a log please.

2: Reboot

3: Run RogueKiller
http://www.softpedia.com/get/Securi...
http://www.softpedia.com/progScreen...
http://majorgeeks.com/RogueKiller_d...
http://www.geekstogo.com/forum/file...
http://tigzy.geekstogo.com/roguekil...
http://www.sur-la-toile.com/RogueKi...
User guide
http://www.adlice.com/softwares/rog...
Official tutorial
http://tigzyrk.blogspot.fr/2012/11/...
If RougeKiller won't run, open IE & turn off SmartScreen Filter.
http://windows.microsoft.com/en-AU/...
Download & SAVE to your Desktop.
Quit all programs that you may have started.
Shutdown your antivirus to avoid any conflicts.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7/8, right-click and select "Run as Administrator to start"
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and Copy & Paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Exit/Close RogueKiller.
When completed make sure to re-enable your antivirus.



#1
October 10, 2013 at 13:02:31
You don't have to delete the temp folder from within the windows folder.

In addition, there is no security risk, when using the default c:\windows\temp folder.

The users temp folder is located in the users profile folder.

So I can't see any problem here.


Report •

#2
October 10, 2013 at 13:19:07
OK but I thought Rkill was reliable are you saying it is just wrong?

Report •

#3
October 10, 2013 at 13:38:49
Yepp.
It makes no difference where the temp folder is located.

The system services and third party services like antivirus do use the c:\windows\temp folder and programs, running with user permissions, do use the temp folder in the appropriate profile folder.

Even if the systems temp folder were located in c:\temp, where is the difference.

It doesn't hurt more or less than in the windows folder.


Report •

Related Solutions

#4
October 10, 2013 at 16:20:02
✔ Best Answer
"C:\windows\TEMP ," which can be dangerous"
I would like to check further.

1: Download & run Unhide
http://www.bleepingcomputer.com/for...
http://download.bleepingcomputer.co...
To run Unhide, simply download it to your desktop and then double-click on the Unhide icon. The program will open a black box and start making the files on your fixed disks visible again. Please note, that this program will not unhide removable drives like flash cards and usb drives as the FakeHDD rogues do not target these types of drives. Once it has finished, the program will display a Windows alert stating that your files have been restored. You should then reboot your computer for all of the settings to go into effect.
Copy & Paste the contents of the log. Let me know if it doesn't produce a log please.

2: Reboot

3: Run RogueKiller
http://www.softpedia.com/get/Securi...
http://www.softpedia.com/progScreen...
http://majorgeeks.com/RogueKiller_d...
http://www.geekstogo.com/forum/file...
http://tigzy.geekstogo.com/roguekil...
http://www.sur-la-toile.com/RogueKi...
User guide
http://www.adlice.com/softwares/rog...
Official tutorial
http://tigzyrk.blogspot.fr/2012/11/...
If RougeKiller won't run, open IE & turn off SmartScreen Filter.
http://windows.microsoft.com/en-AU/...
Download & SAVE to your Desktop.
Quit all programs that you may have started.
Shutdown your antivirus to avoid any conflicts.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7/8, right-click and select "Run as Administrator to start"
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and Copy & Paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Exit/Close RogueKiller.
When completed make sure to re-enable your antivirus.


Report •

#5
October 10, 2013 at 18:02:32
PD5X

If you simply wonna empty the c:\windows\temp folder, download and burn a Linux Live CD.
Boot the computer from that CD, go to the Windows drive to the folder \Windows\Temp, mark all files and folder within the Temp folder and delete them.

After that, restart the computer and boot up to windows.


Report •

#6
October 15, 2013 at 22:22:25
I thank all for responses

Report •

#7
October 15, 2013 at 23:03:36
"I thank all for responses"
I would like to see the contents of the logs please as per 1: & 3: in my post #4

message edited by Johnw


Report •

Ask Question