When you download a file from the internet, quite often you cannot be 100% guaranteed that the file has not been changed in some way from the original. This could either be by the site you are downloading from, corruption due to errors in the download process, an individual who has uploaded the file for you, or possibly the most dangerous, the file has been infected by malicious software.
One of the ways you can identify whether a file has been changed from its original state is to check its digital signature. Or you can verify a file’s integrity by checking its hash value. Every file has unique data contained within it, and when you apply a certain algorithm called a “cryptographic hash function” to it, a string value is returned which is only valid for that file in its current state.
If even one byte in the file changes, the value given when the check is run again will be different. A couple of popular hash algorithms are MD5 and SHA-1 and you will sometimes see these values listed on website download pages. A prime example is ISO images for operating systems like Linux and Windows. All the official Windows ISO images will have an SHA-1 hash listed somewhere online which you can then compare against to see if the one you downloaded is identical to the original.
If you have something like an MD5 or an SHA based hash value from a website and want to check the integrity of the downloaded file, a way to calculate its hash value is required. Here we show you 10 different tools that can calculate and compare hash values, they were tested on Windows 10 and 7.
1. IgorWare Hasher
Hasher is a small, portable and easy to use freeware tool that is able to calculate SHA1, MD5 and CRC32 checksums for a single file. You can browse for the file, drag and drop or add a context menu entry to right click and choose “Generate Hash”. There’s also an option to generate a hash from a block of text which you can type or paste into the box. The program opens a window for each file you select so don’t open more than a couple at once.
In addition to copying or saving the hash result to a file, you can load the hash file back into the program to check against another or the same file. The Options menu has some useful settings like keeping the program on top, making the hash values upper case, auto calculating after drag and drop, and adding the context menu entry. For some strange reason, Igorware Hasher downloads as a RAR file so make sure you have an archiver like WinRAR or 7-Zip to open it.
HashCheck works in a slightly different way to a traditional checking tool because it integrates into the system’s file properties window. You’ll get an extra tab called Checksums alongside the standard tabs of Compatibility, Details, Previous versions and etc. The original Hashcheck is from 2009 but seems to work fine in Windows 10. A more recent version is available on GitHub which we’ll also mention below.
The tiny (85KB) installer simply registers HashCheck.dll on the system so it’s very light on resources. Right click on one or more files or a folder and go to Properties > Checksums. Values for CRC-32, MD4, MD5, and SHA-1 will be shown in the window. The Save button can save the selected file checksums into a separate list for each hashing method which you can load later on to see if any of the files have changed.
A list can be created quickly from the context menu by right clicking on the file(s) and selecting “Create checksum file”.
As HashCheck is open source software, someone has taken the original code and updated it while adding some new features. Notable improvements include multithreading support, adding SHA-256 and SHA-512 (MD4 has been removed), calculating only selected checksums, adding extra translations, and digitally signing the files/installer.
This version of HashCheck is much newer and from 2016. It was created by Christopher Gurnee and is hosted on GitHub. MD5 and SHA-3 are disabled by default in this version but can easily be enabled in the Options window.
3. Nirsoft HashMyFiles
HashMyFiles is another small and portable tool from Nir Sofer that is simple and straightforward to use. The number of ways to open files is impressive because you can add single or multiple files, folders (including sub folders), running processes, and also by wildcard with custom folder depth. There’s also the Explorer context menu which can be manually enabled. The program shows hashes for CRC32, MD5, SHA-1, SHA-256, SHA-384, and SHA-512. General file information is also included in the display.
HashMyFiles can export the data to a TXT, HTML, XML or CSV file but you can’t use it to load back into the program to re-check files later on. A number of command line arguments are also available and other functions like always on top, extra file information, uppercase text, and send the hash to VirusTotal are in the Options menu. Also in the Options menu, “Mark Hash in Clipboard” compares a hash in the clipboard with the files and will show a match in green. “Mark Identical Hashes” shows the same files in differing colors.
HashTools is from software developer BinaryFortress who make well known shareware applications like DisplayFusion and ClipboardFusion. This program is portable and will accept an individual file, multiple files or an entire folder for processing. An option to add a “Hash with HashTools” entry to the context menu is in the Settings window.
When you add files to HashTools they will not be processed until you press one of the buttons across the bottom to calculate the appropriate checksums. CRC32, MD5, SHA-1, SHA-256, SHA-384, and SHA-512 are supported. The Create SFV button will create CRC32 checksums for the files and save them into an SFV file which you can use to verify later on. Right clicking a file will allow copying of the hash or its path along with supplying a hash manually or from the clipboard to compare with.
5. ComputeHash 2.0
ComputeHash is a small and very simple tool to use with no advanced or confusing features. It works entirely from the Windows context menu and you simply right click on a file and select the “Computer Hash” option. It will display MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes all at once. Double click the executable to add the entry to the context menu, use uninstall.bat to remove it again.
Each checksum can be copied to the clipboard, or all values can be saved to a text file. The uppercase checkbox might make the values a bit easier to read. ComputeHash requires .Net Framework 2 so Windows 10 users will be prompted to install it if it’s not already installed. We are looking at version 2.0 from 2011 here, there is a version 4.4 from 2015 but we found it doesn’t display the checksums properly in Windows 7 or Windows 10.
This utility is by the same developer as the well known HostsMan Windows HOSTS file editor. It has a number of useful options and files can be added to the list in several ways. You can open one or multiple files at once, entire folders (including sub folders), by paths, by running processes and via nine different types of hash list. It can also create a hash value for small text strings. CRC32, MD5, RIPEMD and the SHA family of hash algorithms are supported.
File association, drag and drop and the right click context menu option is also there, along with an option to search for the checksum on Google. A potentially valuable feature for those that need it is the ability to upload and query files on Virustotal. This requires an API key from VirusTotal but anyone can get a key by signing up for a free account. Uploading and checking can then be done from within MultiHasher. Portable and installer versions of MultiHasher are available.
7-Zip is probably the most popular and well known free file archiver around today. Not least because of its 7z archive format that can achieve great compression ratios. The ability to verify file checksums with CRC or SHA has been in 7-Zip since 2011. A few years later a function was added to 7-Zip that introduced a context menu entry where you can quickly check a file’s integrity through the program’s user interface.
Just right click on a file and go to “CRC SHA” and the options will be available to get a checksum for CRC-32, CRC-64, SHA1, SHA256, or the asterisk will get all at once (including BLAKE2sp). Do note that when you select multiple files 7-Zip will give the overall checksums for all files added together and not each file individually. The 7z.exe command line tool has this function by using the “h” command along with a hash switch “-scrc[CRC32|CRC64|SHA1|SHA256|*].
7z.exe h -scrcSHA256 [filetocheck.ext]
HashTab is another tool that uses the system file properties window to show file hashes and is quite similar to HashCheck. After right clicking on the file and going to Properties, the tab is called “File Hashes” and you will get CRC32, MD5 and SHA-1 hash values displayed by default. One major limitation HashTab has compared to HashCheck is it only works on one file at a time.
Pressing Settings gives access to an impressive selection of 27 additional hash values that can all be displayed. These include the Keccak, RIPEMD, SHA and MD families along with several others like GOST, ED2K, Adler32, and Tiger. You can compare the current file with a hash value in the clipboard by using the Hash Comparison box or use the “Compare a file” button to compare another file with the selected one.
Not to be confused with the Igorware tool at the top of our list, this hashing tool is pretty simple to use and lets you drag and drop or browse for a single file to get a checksum. We are looking at version 1.20 from 2009 as all the later versions have a five second nag window on startup, so we really can’t recommend them. They do have more available hashes and folder/multi-file support if you feel like trying one out.
This older version is a small executable and will give you hash values for CRC32, MD5, SHA-1, and ELF. The current hash can be copied to the clipboard and you can manually compare the current hash value with a previous one from the clipboard or the next file that gets checked. Enabling the log file will keep a history of processed hashes and any comparison results.
Download Hasher (version 1.20 is at the bottom)
10. Microsoft CertUtil, FCIV, and PowerShell
We’ve grouped these three options together as they are all by Microsoft and the first two are built into Windows. They can be useful for adding into scripts or creating simple drag and drop shortcuts and etc.
CertUtil is a command line tool that is primarily for showing information for and handling digital certificates on the system. One of its functions is being able to show the hash of a file, which is what we are looking for. The command to use for a file is as follows.
Certutil -hashfile [filetocheck.ext]
This will output the SHA1 checksum of the file. Other algorithms are supported, just append MD2, MD4, MD5, SHA256, SHA384, or SHA512 to the line and it will show that value instead. Only one algorithm is supported at a time, so if you want SHA1 and MD5 you will have to run the tool twice.
Certutil -hashfile [filetocheck.ext] MD5
The PowerShell function is also built into Windows so needs no external executable. It works in a similar way to CertUtil. Windows 7 users will need to manually install PowerShell version 4 or above for this command to work.
Just supplying the file to the get-filehash command will output the hash as SHA256 by default. You can change this by adding -a and the new algorithm, MD5, SHA1, SHA384, SHA512, MACTripleDES, and RIPEMD160 are supported.
Get-Filehash [filetocheck.ext] -a SHA1
Note that like the Certutil tool, only one hashing method can be entered into the command at a time.
This last tool is not built into Windows but is still made by Microsoft. The File Checksum Integrity Verifier (FCIV) is from way back in 2004 and Microsoft offers no support for it. It has a few more advanced options than the other two commands, including recursing into subdirectories, an exclusions list and the ability to save/list/verify checksums in an XML database.
By default, FCIV outputs MD5 checksums but you can change this to SHA1 by appending -SHA1 or -Both to output MD5 and SHA1 at the same time.
Fciv [filetocheck.ext] -Both
It’s odd this tool has no support because it has a proper knowledge base designation of KB841290 and there is a full page on the Microsoft website detailing FCIV’s usage. A download link is on the same page.
There are dozens of these tools about, and you might already have your favorite. Of course, feel free to tell us about the hash program you like best. If you want to try the reverse and actually have a go at identifying the file from a hash value, you might like to look at this article.