读取文件哈希而不必打开文件? [英] Read File Hash Without having to open the file?

问题描述

是否有一种无需打开文件即可检查系统文件哈希的快速方法?另外，以字节形式扫描文件是否更快，如果可以的话，最好的方法是什么?....

我只是试图通过计算每个文件的哈希值以使其与txt文件中的病毒哈希值定义进行比较，来尽可能快地遍历文件.我还想知道使用MS Office数据库是否可以增强该过程，并提供一些有关在访问后如何访问它的建议.

提前谢谢您，祝您有美好的一天！

Is there a quick way to check a system file hash without the need to open the file? Also is it quicker to scan a file in the form of bytes and if so what is the best method?....

I am only trying to iterate through files as quickly as possible by calculating each files hash to compare against it to the virus hash definitions in my txt file. I would also like to know if using a MS office database would enhance the procedure and some advice on how to access it once I have made it.

Thank you in advance have a good day!!

推荐答案

首先，系统文件哈希是什么?没有这样的事情. Windows不会为Windows文件夹下的每个文件保留哈希值数据库.

您读取每个文件并构建自己的哈希表.当然，您需要为要保护的每个系统文件及其每个版本生成哈希.这包括由Service Pack和修补程序替换的所有文件版本.祝你好运！

您的另一个问题是，如果病毒不接触系统文件怎么办?如果您仅查看系统文件，该病毒便会潜入您身边.会是一些病毒扫描程序，现在不是吗?

我认为您的方法是完全错误的，但是，试图通过生成所有病毒的特征来枚举缺陷，即使不是更糟也是一样糟糕.

First off, WHAT system file hash? There''s no such thing. Windows doesn''t keep a database of hash values for every file under the Windows folder.

You read the every file and build your own hash tables. You''ll of course, need to generate the hashes for every system file you want to protect and every version of them. This includes all versions of files replaced by service packs and hot fixes. Good luck with that!

Your other problem is what if the virus doesn''t touch the system files? If you just look at the system files, the virus will sneak right past you. Some virus scanner that would be, now wouldn''t it?

I think your methodolgy is entirely wrong, though, trying to enumerate badness by generating signatures of all viruses is just as bad if not worse.

这篇关于读取文件哈希而不必打开文件?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！