Home > database >  Script triggers virus scanner. How can we slow it down?
Script triggers virus scanner. How can we slow it down?

Time:02-04

This script that identifies duplicate files triggers a virus scanner. How can we slow it down?

Get-ChildItem -Recurse -File `
| Group-Object -Property Length `
| ?{ $_.Count -gt 1 } `
| %{ $_.Group } `
| Get-FileHash `
| Group-Object -Property Hash `
| ?{ $_.Count -gt 1 } `
| %{ $_.Group }
| %{ $_.path -replace "$([regex]::escape($(pwd)))",'' }

Is there a way to put like a 2 second pause in between files so it takes a long time to complete?

TIA

Edits for comments: Don't want to say the antivirus software but it's very advanced. I got the backticks from stack overflow, so garbage in garbage out :) [seriously thanks for the tip]

It works flawlessly on network shares with about 100 files on it.

CodePudding user response:

The speed of your script isn't the problem with an A/V scanner. My guess is possibly the use of [regex]::replace(pattern, text) and Get-FileHash could be something your A/V flags on during heuristic analysis. Without knowing the A/V software, it's impossible to know if others have experienced and resolved the same problem you are having.

The real correct answer is to open a ticket with your A/V vendor on it flagging false positives. Signing your scripts is also known to help scripts with A/V some. Some A/Vs allow whitelisting by checksum, which you could use to approve your scripts if your vendor doesn't have any alternatives. Using the checksum of a signed script is even safer, as you can guarantee the code came from your organization at the time the checksum is calculated.

You can also configure A/V software to whitelist a directory, and you can effectively work around the issue by running scripts out of that directory while you sort the issue with your vendor. However, whitelisting by path should not be your permanent solution. Figure out why your scripts are getting flagged with the vendor, then follow their recommendations.

That said, to answer your original question "Is there a way to put like a 2 second pause in between files....?", yes. Start-Sleep will achieve what you want (but I have serious doubts it would affect your A/V results). The last block can be one line but is made multiline for readability (the semicolon ; is required if on one line):

Note: I've also replaced the backticks with better multi-line formatting. You can end a line with | operator and continue the code on the next line in a single expression. This also works for other operators as well.

This change has also fixed an issue in your original sample where you forgot the penultimate backtick. Backticks are easy to forget, and can be hard to look for. This is one reason why their use is not recommended for multi-line expressions.

Get-ChildItem -Recurse -File |
  Group-Object -Property Length |
  ?{ $_.Count -gt 1 } |
  %{ $_.Group } |
  Get-FileHash |
  Group-Object -Property Hash |
  ?{ $_.Count -gt 1 } |
  %{ $_.Group } |
  %{
    $_.path -replace "$([regex]::escape($(pwd)))",'';
    Start-Sleep 2
  }

Page link:https//www.codepudding.com/database/288135.html

Prev:PowerShell conversion of String into FileInfo automatically - What is this called?
Next:What does Cs (as in ComputerInfo.CsName) mean when you run Get-ComputerInfo in powershell?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding