09-07-2023 05:25 AM
Hello Team,
We are unable to delete certain file due to the error "Access is denied".
Is there any other way to delete these files.
09-07-2023 09:26 AM
Hello @RamyashreeMada
Thank you for reaching out to live community. Please note that we do have a feature known as search and destroy malicious files in Cortex XDR.
This feature helps you in searching for specific files according to the file hash, the file full path, or a partial path using regex parameters from the Action Center or the Query Builder. After you find the file, you can quickly select it in the search results and destroy the file by hash or by path. You can also destroy a file from the Action Center, without performing a search, if you know the path or hash. When you destroy a file by hash, all the file instances on the endpoint are removed.
For further details please find the Document provided below with detail steps on how to configure this feature. Thank you:
If you find this answer relevant to resolve your query, then please mark this as a Solution. Thank you.
09-07-2023 09:26 AM
Hello @RamyashreeMada
Thank you for reaching out to live community. Please note that we do have a feature known as search and destroy malicious files in Cortex XDR.
This feature helps you in searching for specific files according to the file hash, the file full path, or a partial path using regex parameters from the Action Center or the Query Builder. After you find the file, you can quickly select it in the search results and destroy the file by hash or by path. You can also destroy a file from the Action Center, without performing a search, if you know the path or hash. When you destroy a file by hash, all the file instances on the endpoint are removed.
For further details please find the Document provided below with detail steps on how to configure this feature. Thank you:
If you find this answer relevant to resolve your query, then please mark this as a Solution. Thank you.
09-11-2023 11:12 AM
The response is more general and specific to the issue presented by the user. I think you get access denied because the file is already being used or locked by windows, the best way to delete is from software center. But don't take my word for it, I'm still researching this issue too. I was also under the impression that Cortex xdr agent has elevated privileges, so it should not be permission level issues.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
