SYSTEM security group keeps getting removed from %tmp% folder

A Windows 10 64-bit domain joined computer has an issue where the SYSTEM security group keeps getting removed from the %tmp% folder. This temp folder is located within the default location of C:\Users\username\AppData\Local\Temp.

This creates issues such as programs not being able to upgrade and the user not being able to print.

This computer currently has all latest Windows 10 updates installed and according to Malwarebytes it is completely clean and doesn't have any malware or harmful software installed. the SFC and DISM commands have also been run and the event viewer logs don't display any serious issues or warnings.

While this issue can be fixed by adding the SYSTEM security group back within the  Security tab (with the full control permissions) it is a hassle to keep doing this.

What can be done to prevent this issue from occurring?
IT GuyNetwork EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AntonInfCommented:
This sound slike the domain has a registry change each time you sign into the network.

Does this happen when you log in locally
IT GuyNetwork EngineerAuthor Commented:
Yes this has been happening intermittently for all logon accounts on this computer both local and domain accounts.

What can be done to prevent this from happening?
Adam BrownSr Solutions ArchitectCommented:
Make sure Inheritance is enabled on the folder above the temp folder (AppData or Local). More than likely Inheritance was disabled on the folder's security settings. Go into the Advanced security window and check it out there. If Inheritance isn't enabled, the manual permission settings could get reset as part of a system or application process on reboot.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
arnoldCommented:
Why do you want/need system to have access to user tmp space?
Anti-virus tools run a component under user credentials and have access to all user's space.

Local/temp is an equivalent to the %userprofiel%\local settings in a roaming profike setup this gets discarded when the roaming profile is copied out to the server on logoff and recreated on logon.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.