certUtil -hashfile <PATH_TO_FILE> <HASH_ALGORITHM> | findstr /v "hash" if <RESULT_HASH> == <VALID_HASH> (echo yes)