PowerShell: How to Replace a System File – For Experimentation Purposes

# When attempting to rename a system protected file such as notepad.exe
rename-item $notepadExe "$notepadExe.bak" -force

# Error message
rename-item : Access to the path is denied.
At line:1 char:1
+ rename-item $notepadExe "$notepadExe.bak"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : PermissionDenied: (C:\Windows\system32\notepad.exe:String) [Rename-Item], UnauthorizedAccessException
    + FullyQualifiedErrorId : RenameItemUnauthorizedAccessError,Microsoft.PowerShell.Commands.RenameItemCommand

# Grant local admins full access to the system file
$fullAdminPermissions = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators","Full","Allow")
$acl = Get-ACL $notepadExe
Set-Acl $notepadExe $acl

# Rename the old notepad.exe and then copy the new one into its stead
rename-item $notepadExe "$notepadExe.bak" -force
copy-item $newNotePadExe 'C:\Windows\system32\notepad.exe'

# Result: when trying to open the new notepad.exe, this error occurred
notepad.exe - System Error
The program can't start because api-ms-win-shcore-path-l1-1-0.dll is missing from your computer. Try reinstalling the program to fix this problem. 

Leave a Reply

Your email address will not be published. Required fields are marked *