Deleting a file in System32 folder
I am trying to remove a file from the System32 directory (C:\Windows\System32\MpSigStub.exe) , however no matter what I try it doesn't seem to want to delete the file. I have Tried running an online shell script with the following:
del "C:\Windows\System32\MpSigStub.exe" which works when I run it in my elevated cmd window perfectly fine. In my none elevated cmd window I get an access is denied error.
I am running this as local system but still the file doesn't delete.
I have tried an Online KScript with the following:
- Verify that the file “$(KACE_SYS_DIR)\MpSigStub.exe” exists
- Launch “$(KACE_SYS_DIR)\cmd.exe” with params “del ”C:\Windows\System32\MpSigStub.exe“”.
And still the file remains.
Please could someone let me know where I am going wrong? Is there a way of using an elevated CMD prompt with KACE?