Need to download EXE update on another computer and transfer it via USB drive. How?
A Win 10 installation on another of my workstations is corrupting all downloads and after many hours of trying to discover the problem, I downloaded the update EXE to another computer that wasn't corrupting downloads.
The problem now is how to transfer the file via a USB thumbdrive, since normally it has properties (metadata) that can't be transferred to another location, which makes it unusable.
Any suggestions? Is there a workaround for this?
please read my post again. I did exactly that, but Win 10 downloads have metadata attached that will not transfer and I cannot dowload off the system with the probs as it corrupts the files and they will not install over. When I say "update" I'm refering to latest build of the Acronis file.
Sarmour, you do not need any metadata that Windows 10 may add to the downloaded Acronis installer, you can safely transfer the file to your USB drive and copy it from there to your other system. I do this most days with various different files.
Of more concern than metadata is why your other Windows 10 computer is corrupting all downloads?
I would recommend opening an Administrator Command prompt window and running SFC /SCANNOW to verify the integrity of that installation and if that runs without throwing up any issues, then schedule a CHKDSK /R for all your drives / partitions on this system to ensure you don't have a disk going bad.
I would also recommend doing a full Windows Memory Test to make sure you haven't got a bad memory chip.
If none of the above show up any problems, then think about doing a full, offline antivirus scan using a tool such as the AVG Rescue CD and using such as Malwarebytes Antimalware to scan too.
Steve, thanks for the comments. I will try again to load the updated EXE from a transfered USB file, but have had probs in the past with Win 10 accepting them as legit. This is affecting other prog's as well, but not all.
I had already run SFC /scannow several times in days past and ran it again earlier today and it shows totally normal system files. My bootdrive is a Crucial 1 TB SSD, and I have done mem tests in the past few weeks, but will try again. All have been totally normal up til now. Bootdrive appears fine and bypassing that by saving to an external drive eliminates that possibility anyway.
I have used every virus/worm detector I can think of, including running Emsisoft Emergency Kit tests, tdsskiller, MBAR, etc etc...but all to no avail. I'm serious thinking I could have some kind of conflict with the TP-Link 3200 tri-band router that gateways this LAN to the internet, but I can download uncorrupted files to other directly connected PC's. I think it could possibly be a defective NIC on the Gigabyte MB, so I might plug in an old NIC I already checked and double-checked the NIC setting, but I have to test that theory just as a possibility. I've tested any attached HDD's and normally have them shut off, both eSATA and USB 3.
I tried to use WireShark to see if some of the packets were being corrupted some way, but it's just too complicated for something like this. Acronis and BitDefender have not played nice together in the past, but I've loaded and reloaded both and am tired of that route, since it seems to have nothing to do with it.
I've shut down every possible TSR and unnecessary services, disconnected from the internet, shut down firewalls or AV progs (BitDefender Internet Security 2017), and basically used every trick I know in 30 yrs of running and building, fixing PCs....but am totally stumped. Sigh.
Anybody have further suggestions?
I have had no issues copying installers and/or files from one thumb drive to another. There is no metadata associated with an installer application that has yet to be run. IF this was the case, you'd never be able to download an installer file in the first place - the metadata would live wherever the original file was originally created.
I would highly recommend using another computer and creating a rescue media (from the .iso you can download from your accoutn and burn to disc) and take a full disk backup of your computer "as is" for posterity.
I would then recommend 1 of 3 options
1) Create a new user profile on the machine. See if the same behavior occurs under that profile. If not, your current user profile may be corrupted and you should consider starting with the new profile and deleting the old one after you've moved your data to it.
2) Try re-running the Windows installer and do a repair install (if you can't download or create this on this machine - use a different one to get that created first). Perhaps a repair install may get your system on track again.
3) Perhaps more time consuming up front, but possibly will save you time and trouble down the road. Cut your losses and reinstall Windows from scratch. You may even want to consider using a new hard drive in case the current one is going bad and the underlying culprit of your trouble.
Does the corruption of downloads happen for all browsers on the same computer? I had an issue with corrupted downloads with IE on Windows 8. Ended up uninstalling the updates to go to an older version. I thought it has to do with antivirus software, but I couldnt figure it out. The corruption went away when I reinstalled the latest IE updates, but there were other problems when saving to encrypted folders. I ended up reinstalling Windows cleanly.
I've tried using four different browsers in the past, but will check again. Below is an idea of what I see in the "Digital Signature Details" under the "Advanced" tab for "Unauthenticated attributes - Counter Sign" for the AcronisTrueImage2017_8029.exe file:
__________start info__________
30 82 01 f4 02 01 01 30 0......0
72 30 5e 31 0b 30 09 06 r0^1.0..
03 55 04 06 13 02 55 53 .U....US
31 1d 30 1b 06 03 55 04 1.0...U.
0a 13 14 53 79 6d 61 6e ...Syman
74 65 63 20 43 6f 72 70 tec Corp
6f 72 61 74 69 6f 6e 31 oration1
30 30 2e 06 03 55 04 03 00...U..
13 27 53 79 6d 61 6e 74 .'Symant
65 63 20 54 69 6d 65 20 ec Time
53 74 61 6d 70 69 6e 67 Stamping
20 53 65 72 76 69 63 65 Service
73 20 43 41 20 2d 20 47 s CA - G
32 02 10 0e cf f4 38 c8 2.....8.
fe bf 35 6e 04 d8 6a 98 ..5n..j.
1b 1a 50 30 09 06 05 2b ..P0...+
0e 03 02 1a 05 00 a0 5d .......]
30 18 06 09 2a 86 48 86 0...*.H.
f7 0d 01 09 03 31 0b 06 .....1..
09 2a 86 48 86 f7 0d 01 .*.H....
07 01 30 1c 06 09 2a 86 ..0...*.
48 86 f7 0d 01 09 05 31 H......1
0f 17 0d 31 37 30 32 32 ...17022
30 31 37 35 30 35 31 5a 0175051Z
30 23 06 09 2a 86 48 86 0#..*.H.
f7 0d 01 09 04 31 16 04 .....1..
14 f2 de fc ad 06 f9 b3 ........
8e 22 ad 8b 3e d4 d8 6f ."..>..o
69 31 89 53 e0 30 0d 06 i1.S.0..
09 2a 86 48 86 f7 0d 01 .*.H....
01 01 05 00 04 82 01 00 ........
20 f7 30 62 76 92 2c 26 .0bv.,&
22 f0 9b c2 83 c7 d0 21 "......!
f3 2d 35 5a 21 7b 45 64 .-5Z!{Ed
84 a6 5b a0 40 70 24 af ..[.@p$.
a4 dd ae b1 d2 8e 00 c9 ........
f4 77 cf 33 8c 7e 17 a4 .w.3.~..
d5 9e 8a ce f5 4e a3 6d .....N.m
d8 49 78 80 6d 37 f4 d2 .Ix.m7..
34 14 82 a5 58 4c 86 68 4...XL.h
dd 14 7b d4 2e 0b e7 02 ..{.....
64 66 7d ee bb 71 44 5d df}..qD]
1c d3 71 be 15 fd ee 3d ..q....=
86 95 58 88 6b a3 f5 5e ..X.k..^
83 6e ac 04 4e 34 4b e4 .n..N4K.
b0 0d 08 a7 28 d9 fc ab ....(...
28 9a bf 5d 9d 32 1f 65 (..].2.e
dd 5e 43 6f fa 38 12 11 .^Co.8..
39 95 7f d1 56 c3 68 f5 9..V.h.
f1 4c 5c a2 c0 b8 a0 aa .L\.....
3e 82 c0 0c 41 9b a7 00 >...A...
d5 dd 35 aa dc 15 df 24 ..5....$
bd 01 39 9d da e9 7e db ..9...~.
62 8d ec 61 da 8b a6 35 b..a...5
17 5f bb 27 2e 6d 27 49 ._.'.m'I
ec 07 69 93 fd 08 0e 33 ..i....3
4c 1c ad 64 d9 df ad 70 L..d...p
65 6e 44 c8 b1 a8 e8 82 enD.....
46 d3 86 c0 53 2d 21 95 F...S-!.
ba 9f 0b d8 08 b0 b0 5e .......^
62 9c 6b b9 77 c9 f1 07 b.k.w...
f0 35 e4 82 88 26 4f 0f .5...&O.
80 e6 be 61 6a ac fb c0 ...aj...
________end info____________
under Digital Signature Information it was showing "This diital signature is not valid"
Updated info. As Steve Smith suggested, I loaded and ran the downloaded EXE after getting it from another system (on the same LAN and primary router). I just ignored the warning and it appeared to download perfectly and then install perfectly as well. Having done that, the same prob with Acronis that caused me to followup on the whole corrupted download thing is back. When I try to "browse" to another download target for a new backup, the TrueImage.exe stops working (crashes...and yes, I turned off AV and other things to try...)!
Out of the frying pan, into the fire...
sarmour, the metadata information looks to have been created by your Symantec security software not Acronis.
In terms of the problem with ATIH 2017 then this is the first mention of this issue in this topic.
What is the background to the True Image issue?
Have you tried doing a complete clean install of ATIH 2017 after using the Acronis Cleanup Tool to remove all traces of any earlier versions of the product? If not then I would recommend doing so.
Steve, that is really interesting. That I know of, I have nothing from Symantec on my computer! I noticed the same thing, but assumed it was something to do with Acronis' posting of the exe on their website (though I can't imagine why). I need to check the original download on the other system and see if that metadata was altered in any way.
Like most long time users, I'm always somewhat paranoid about some new kind of stealthy trojan/worm/rootkit/etc that has somehow gotten in and is mutating and encrypting itself. I am very cautious, but 31 years of PC experience (suffering) have shown that anything is possible. If it was programmed by a human, it can be reverse-engineered by a human and hardware/software backdoors are not uncommon. Like the Chinese manufacturer/supplier for most of the DVRs in the world with their compromised systems and the many dozens of distributers burned by them...
One observaton on Acronis and BitDefender. In the past I have had trouble with the two playing together nicely, since both have active TSR's running at privileged levels. I did exactly what you suggested (cleanup tool/clean install) with the BitDefender software, but only normally deinstalled/reinstalled the Acronis software. At that time, it was a workaround that seemed to do the trick. I am seriously considering doing that again with both softwares, but the major question I have has to do with what prompted my initial posting: why are my downloads corrupting and not working correctly?
sarmour, I understand your concern over security and I don't believe it is wrong to be a little paranoid in today's world where there are so many threats sitting as close as a hijacked webpage or email attachment.
I don't have any answer to your question as to why your downloads are corrupting / not working correctly?
Out of interest what tool are you using to examine the metadata where the Symantec information is being shown. I have used a couple of utilities on my own computer but am not seeing anything that resembles what you posted?
Sorry I wasn't more specific, but it's actually pretty easy, but just buried under many layers (Windows of course). Here's the sequence:
Right click on the exe file>Properties>Digital Signatures>select the name under "Name of signer: Digest algorithm Timestamp" and click on the button Details>in the Digital Signature Details window, click the Advanced tab>you should be seeing a Signature window and clicking any Field item will give yoiu the Value down below.
Selecting those values in the lower window from the bottom up will allow you to copy them. It's probably the same data as would be in the hive...er...Registry. I didn't look with regedit to confirm that, but what I wanted to know was how Windows 10 was seeing that data. It's just data for the certification that Acronis uses to transfer their files, which confirms if it's reliable or not. When I download on my compromised system, it shows as NOT OKAY, but when I download to another system and transfer, it appears okay. I haven't compared that data yet, but probably will today.
Don't know if that helps or confuses things.
NEW COMMENT: I just compared them and the compromised file (with error message "The digital signature of the object did not verify" appears to be trancated somewhat.
One more comment: the sizes between the "good" file and the "error" file are exactly the same, as are the Serial numbers for the Certs.
Ok, thanks for the extra information, what I do see with my ATIH 2017 build 8029 installer file is that the certificate issuer is Symantec Trust Network:
CN = Symantec Class 3 SHA256 Code Signing CA
OU = Symantec Trust Network
O = Symantec Corporation
C = US
So that solves one mystery as to why we are seeing Symantec in the metadata information.
The next check point is the checksum for the download file. See the attached screen shot from my system of the checksum values calculated for my installer file - I use a utility called HashTab v6.0.0 which adds a File Hashes tab to the Properties page of any file etc. MD5 = 5CD8B6576791E3263C585B6E7EF6B3D1 for my installer.
Attached is the hash comparisons between my "good" file and the compromised one. Good is exactly like yours.
Sorry, attached is the "bad" file hash screenshot
Here's the side by side screenshot of the two. The name explains which is which
Ok, so the file hashes confirm that the downloaded file is corrupted in some way but if this is happening for other files that you download, then we are back to asking the question as to why?
Another question, do you have a full system backup image from before these download corruption problems started? If yes, then perhaps it is time to consider restoring the system back to before the problem. If not, then perhaps a clean install of Windows is going to be needed here.
Yikes. The worst part is that the cleanest old full back was recently deleted...something I hardly ever do. Sigh. You'd think I'd learn. Anyway, I will be checking out all recent downloads and redownloading clean versions to check out.
If they are all corrupt, I will certainly have to think about biting the bullet and doing a clean install to another drive. With MS just about to dump another "better update" on us, I might just see what happens after the next update. Fun fun fun.
I think in the meantime, I'll reinstall every major prog with "clean" exe's. I just really didnt' need all this right now, but......life under /DOS/Windows has niver been easy. No wonder people flock to sealed Apple boxes!
I'll post if I find anything more interesting/different on this saga...thanks for the help
BTW FYI, just so I can suffer more, I'm running a prerelease Win10 version I dropped back to (Build 14965). The later one crashed and burned on me
Good luck with the further actions needed. An in-place upgrade of your current Windows 10 build might be enough if this is something corrupted in the OS. As to any downloaded, corrupted exe's then normally these bomb out when installing, if they will even start to attempt to install at all, but better safe than sorry and to do what you are planning to ensure that you have clean installs of all your major programs.