[kiskav]

Hi All,

Is there any free utility which gets MD5 sum from the user & deletes any matching MD5 sum files in a pc. ?

To explain it in detail,
User finds the Md5 sum of the Roguewares.
Add/Append those MD5 in the Tool. Apends it frequently.
Once the Tool is executed, it will check the pc & delete the matching ones :)

Will the above be called as an Engine ?? if so, it would be too much to look for ;)

[EP_X0FF]

Hello,

MD5 based antimalware scanners absolutely ineffective against current server-side polymorphism.

As a classical example you can take Fake AV "Security Shield" from russian hax0r Peter Severa. You calculate MD5 for fake av in 12:00 and in 12:15 server is already loaded with repacked executable with different MD5. So basically you are calculating checksums for nothing.

Regards.

[Brookit]

Beside what EP_X0FF said, you can check the tool WinMHR. It is not exactly what you want, but it has a similiar approach.
It is a free AntiMalware program which scans files/folders/drives and compares the MD5/SHA-1 hash values against a database of known malware hashes (The Malware Hash Registry).

The Malware Hash Registry
The Malware Hash Registry (MHR) project is a look-up service similar to the Team Cymru IP address to ASN mapping project. This project differs however, in that you can query our service for a computed MD5 or SHA-1 hash of a file and, if it is malware and we know about it, we return the last time we've seen it along with an approximate anti-virus detection percentage.

WinMHR
Features:

• Monitors all running programs for malicious activity
• Easily check files, folders, or entire drives for malware
• Schedule daily scans of your computer's files
• Works on Windows XP SP3, Windows Vista, Windows 7

http://www.team-cymru.org/Services/MHR/WinMHR/

[kiskav]

Thanks Ep_XOFF & Brookit for your detailed Explanation :) That was a real piece of Valuable info for me. :)