I know its just a registry editor but it makes it so much easier to do some of the tasks I need to do like autologin.
I wanted to know about how I go about verifying the program I am downloading and that it is from whom it says its from.
I know tweakui pops up that it is a microsoft signed program but others are not so obvious.
Example: I had been reading about malware being in the Master Boot Record and wanted to explore how I would verify that my MBR was infected or not. I found word of mbrcheck.exe and downloaded this program. It seems good but how do I know mbrcheck.exe is not infecting me? I'm doubting it is infected because it says my MBR was written from Dell when I was expecting it to say something about microsoft written mbr meaning it gave a lot of information that was more correct than I was expecting. I was hoping I could read somewhere on the net to look at the MBR in more detail without any third party program. I am good with linux commands and was hoping there was a way to verify the MBR using dd to copy just the MBR and verify what was in the MBR that way. I didn't find anything about patterns to match good or bad so I went with mbrcheck.exe I only see a version number for mbrcheck.exe I don't see any contact info or company info I have no clue as to where its from or if it itself hasn't been infected. In linux we have checksums and if a developer is smart they have a pgp signed statement stating the md5 checksum. Thus you have the persons pgp public key to verify and you know overtime that some of these can be trusted. At that point you can trust the md5sum and then verify the executable with that. I see nothing like this in the windows world and it scares the bejesus out of me.
A.)
I'd like to know the official site for mbrcheck.exe if anyone can help?
B.)
I'd like to know how to verify I have an uninfected binary.
MBRCheck.exe version 1.2.3 has md5sum cb2d120a4b72422a8141192831b1f500
if someone can verify that please. Thanks.