Solved

MD5 in Hijackthis

Posted on 2007-04-05
5
428 Views
Last Modified: 2013-12-04
Dear Experts,
AS we know we have Unique MD5  For Every Files. So MD5 is a Good Way For differing From Real File than similar Files.
in Hijckthis Anlayze Section on thier Site We have Correct MD5 For Important Files. As those Reports and our calculating we can recognize Infected Files.
Which Program Can Calculate MD5 Cryption For a special Program?

Best Regards
Hamid Reza
0
Comment
Question by:123456
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
DToolshed earned 125 total points
ID: 18856709
Here are 3 programs. They each have a free version, as well as a "commercial" version that you would pay for.

http://www.fastsum.com/
or
http://www.pc-tools.net/win32/md5sums/
or
http://www.irnis.net/soft/acsv/

Remember, MD5 is not perfect, and not totally unique. It can tell someone if a file was corrupt during download, but for file verification, it is not foolproof. It has been shown that some files can be modified in such a way as to create the original MD5 checksum again (2 different files with the same checksum is called a "collision").
http://en.wikipedia.org/wiki/MD5
0
 
LVL 2

Author Comment

by:123456
ID: 18868970
in some situations we want to copy our programs in a different Drive.
and Hijack report Mayour files may be a nasty file.
2- can you propose a solution to sure us for  differing from real file and similar files?

2 ---> have 125 other points.

0
 
LVL 5

Expert Comment

by:DToolshed
ID: 18869026
Well, MD5 is by far the most common, and probably the easiest. There is no system that I am aware of right now that can be 100% reliable, but MD5 is probably 99.95% reliable. You just have to be aware that it is not perfect, so that if something seems not right with a result, you can find another way to double check it. It doesn't happen often, but it does happen.
With MD5 checksums, even files of the same name and size will give a different MD5 sum, because the MD5 hash is created from the binary data itself. It is very hard to make another file result in an identical hash, but it has been done. If you are doing it to check for virus or spyware infection, checking against a known-good source copy of the file, and a known-good MD5 hash, then it's pretty reliable.
I don't see a need to use anything else right now. You just need to be aware that the system is not perfect. Just like everything else in computer security.
0
 
LVL 2

Author Comment

by:123456
ID: 18869105
does microsoft have knowldgment database For MD5 of windows Files?
0
 
LVL 5

Expert Comment

by:DToolshed
ID: 18869146
They don't have a database of MD5 hashes for Windows files.
They do have a command line tool for creating MD5 128-bit or SHA-1 160-bit value.
http://support.microsoft.com/kb/841290/
It can output to an XML file, and can be used in a batch file, so you can create your own database of your own systems. You have to maintain it whenever the system is changed, however. And that means you have to know what files are changed with each software install, and with every update/hotfix/service pack/etc. That can be a very large task.
0

Featured Post

Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Not using commercial AV product on Windows 10. 10 130
Windows 10, Hotmail and AdChoices 7 65
Mac OS upgrade: Does it expunge malware? 4 51
Wannacry 44 108
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question