Downloading a file used to be a risk. It can still be risky and you might still end up with malware on your system but there are more robust protections in place now. Both your browser and your OS scan items to make sure they’re safe to run. Another way to make sure you’ve downloaded a safe file is to check the checksum of a file.
No two people can have the same fingerprints. Similarly, no two files can ever have the same checksum values. If a file has been modified, its checksum value will be different from what it was before the modification was made.
When you check the checksum value of a file, you first need to know what its original value was. Normally, developers who are distributing software will provide it themselves on the download page for their product. Checksum is applied using MD5 or SHA. Some developers will generate Checksum values from both so that you can check whichever you want.
Check checksum value
Microsoft provides a tool called File Checksum Integrity Verifier utility that you can use to check the checksum value of a file.
Download and extract it. You will have to use it from the Command Prompt. Open Command Prompt and use the cd command to move to the folder you extracted the tool to.
Move the file that you want to check the checksum value for to the same directory as the one you extracted the File Checksum Integrity Verifier utility to and then run the following command to run the check.
fciv.exe -both filename
fciv.exe -both ReIcon_x64.exe
This will display both the MD5 and SHA checksum values. You can manually compare them, use a spreadsheet tool, or a simple difference checking tool.
Checksum does not match
In the event that the file you downloaded and ran the check for generates a different checksum than the one the developer provided, you might be dealing with a malicious or corrupt file.
If the file is corrupt, it’s likely because it didn’t download correctly. Try downloading it again. If the problem persists, it is entirely possible that the file that is available has been modified in which case, you should not use/run it. A mismatch in checksum value may also indicate a file that has been modified. This tends to happen with free or open-source apps that people try to re-distribute. They add in additional code that is meant to harm your system and bundle it into a trusted app.
The only way to stay safe is to always download apps from their official sources.