My original PowerShell script to share.
Scripting Purpose: Lists files in a directory where all software signatures do not match.
System requirements: Win7 + PowerShell 2.0 and above.
#nd your file has been tampered with by hackers. PS1 the PS1 document should be saved as a Unicode document that contains the BOM header. #Enter a directory to verify that the signature of all files is tampered with under this directory (including subdirectories). #support Win7 + PowerShell 2.0 and above. write-Warning ' you enter a directory. This script verifies that the signature of all files under this directory (including subdirectories) has been tampered with ' Write-Warning ' Note: When the antivirus software "intercepts" the virus file, it will make the script run halfway through the card. ' [string]$ target Directory= Read-host-Prompt ' Enter a directory 'if(-not(Test-path$ target Directory) ) {Write-error ' No this directory, script quits! ' Exit1}$ All Files= (Get-childitem-literalpath$ target Directory -file-recurse-erroraction ' silentlycontinue '). Fullnamewrite-Warning ' The following files have been tampered with by hackers! : 'foreach($ Single File inch $ All Files){ $ file Status= Get-authenticodesignature-literalpath$ Single File#QQ Group number =183173532#name =powershell AC Group if($ file Status. Status-eq' Hashmismatch ') {Write-host$ Single File-foregroundcolor Red}}
PowerShell script: Your files have been tampered with by hackers. PS1