Every file is different from another. But with a md5 or SHA1 checksum of the original file, legitimate copies can be verified easily. This is possible because even changing one byte from the original file will make the file hash change. Checking the file integrity like this can avoid possibilities of getting affected by spywares or viruses.

Ok. Now you have the md5 checksum and the file to be verified for integrity. Now what? How to verify the checksum?


Windows
Download Microsoft Checksum Integrity Verifier utility (http://download.microsoft.com/download/c/f/4/cf454ae0-a4bb-4123-8333-a1b6737712f7/windows-kb841290-x86-enu.exe) OR
Download HashTab (http://www.beeblebrox.org/hashtab/HashTab%20Setup.exe)
Mac
Download HashTab for Mac (http://www.beeblebrox.org/hashtab/hashtab_10.4_universal_1.0.0.dmg.gz)
Linux
Use md5sum utility like
md5sum KNOPPIX_V5.2.1CD-2009-07-04-EN.iso
Webservers using PHP
All the above mentioned methods work thtter when you have direct desktop/console access to the concerned machines. But if it is a webserver (used as a HTTP file proxy, most probably), you can use PHP to easily get the file hash.
<?php
echo hash_file('md5', 'KNOPPIX_V5.2.1CD-2009-07-04-EN.iso');
?> Change 'md5' to 'sha1' to get the SHA1 hash instead.

Hope it helps. Please let me know if you use any other technique to verify checksums.

Isn't CRC32 meant for this purpose? How about that?

Indeed. CRC32 can be used for this. In fact crc32 is way faster than md5 and sha1. But crc32 will have more collisions compared to the others. Means the chance of 2 different files giving the same checksum is more. In our case, accuracy is more important (also mostly it is just one file we need to check) than speed, md5 or SHA1 is preferred.