What's the trick to get the freeware full installer for archival, out of a common freeware stub installer situation?

[Arlen Holder]

What's the trick to get the full installer for archival, out of a freeware
stub installer situation (such as with Partition Manager freeware)?

A friend asked me to 'save' her 3-1/2 inch SATA HDD data where the HDD
isn't recognized when I plug it into my desktop; so I figured I'd look at
the partitions as the very first step in debugging if the data is there.

Googling for a freeware partition manager, the first hit was this:
<https://www.partitionwizard.com/free-partition-manager.html>

1. At that web site, I clicked the big blue "Download Now" button:
<https://cdn2.minitool.com/?p=pw&e=pw-free>
2. That downloaded what turns out to be a lousy stub, useless for archival:
Name: pw12-free.exe
Size: 2112000 bytes (2062 KiB)
SHA256: EF806CEE914F03EC40DB81468872EAB8C1C8AC6498F2D5D813F19110EF44AB53
3. That stub connects to the net to download & then install the product:
C:\Program Files\MiniTool Partition Wizard 12\{stuff}

Obviously, the downloaded stub installer must be sequencing two key tasks:
a. The stub downloads the "real" full offline installer freeware, & then,
b. Somehow it executes that "real" full offline installer to install.

Given at some point, the full offline installer must be on my system...
o Is there a trick to get the full installer for archival in that process?
--
The high cost of freeware is in the effort expended in choosing the best.

[Paul]

https://cdn2.minitool.com/download-center/release/products/pw/v12/pw12-free-offline.exe

Name: pw12-free-offline.exe
Size: 27919144 bytes (26 MiB)
SHA1: 503D9AC09B0FADE93DE00554E856A1B2277C1348

https://www.virustotal.com/gui/file/cd4142f00d8ad88297324cf3a4f63bb0c114296c03f5abf810fe92a3f10c9141/detection

Um, yeah, I can see why you'd want a stub downloader for that :-)

Paul

[Arlen Holder]

On Wed, 22 Jul 2020 19:42:10 -0400, Paul wrote:

> https://cdn2.minitool.com/download-center/release/products/pw/v12/pw12-free-offline.exe
>
> Name: pw12-free-offline.exe
> Size: 27919144 bytes (26 MiB)
> SHA1: 503D9AC09B0FADE93DE00554E856A1B2277C1348

Hi Paul,

Wow. You're _too_ helpful!

I appreciate that you found the offline installer, which, of course, solves
the immediate problem, but it doesn't solve the "teach a man how to fish"
problem by giving me that fish! :)

I do appreciate your offline installer link (and wonder _how_ you found
it). How did you _find_ that link?

More importantly, in general, when a stub downloads the full installer, is
there a way to "catch" the download so we can archive the full installer in
all stubbed downloads?

Is there a "special place" that stubs download their installers to before
executing them, for example?

> https://www.virustotal.com/gui/file/cd4142f00d8ad88297324cf3a4f63bb0c114296c03f5abf810fe92a3f10c9141/detection
> Um, yeah, I can see why you'd want a stub downloader for that :-)

I don't understand why a stub downloader makes a difference "if" it's
malware. Can you clarify?

As for it being malware, it's clean, according to that report, by
o Symantec
o Comodo
o Avast
o AVG
o Kaspersky
o TrendMicro
o McAfee
o Malwarebytes
etc.

Given it's clean by MANY of the AV programs, I'm not sure what you're
intimating is the AV problem with the stub. I suspect those that flag it
are mistaken (bearing in mind it's a partition manager).

Are you interpreting those AV results differently than I am?
--
The high cost of freeware can be ameliorated when people share experiences.

[Paul]

You can look in the TEMP folder (there are a couple), but the
stub can put stuff where ever it wants. It could even crap on
your D: drive if it wants.

I'd probably start by running that in WINE, have the operation
fail for various reasons, and extract the file in question from
the "wreckage". For that particular example, I would not start by loading
that into the main OS.

You can make a filelist before and after, and spot the new materials.

You can also do that in the middle of the install, when the installer
is prompting for something, then go scan and see what you got so far.

In the AV scan, BitDefender found something. But at this point I
don't plan to burrow any deeper, because experience tells me
it will be largely a waste of time. At one time, the AV companies
used to write reports for some of these things, and in "one-hop"
you could have your answer. If I enter some search terms
today *nothing* shows up. Big vacuum.

I can only assume it's a PUPS, and maybe the "free" product was
supported by cruft when first delivered. Some of these companies
disable their OpenCandy delivery vehicle, maybe a year after the
product comes out.

So for me, that product starts in WINE, and with a bit of luck,
I get a carcass to add to my collection (from one of the TEMPs).

Paul

[Arlen Holder]

On Wed, 22 Jul 2020 23:26:15 -0400, Paul wrote:

> You can look in the TEMP folder (there are a couple), but the
> stub can put stuff where ever it wants. It could even crap on
> your D: drive if it wants.

Hi Paul,

I appreciate your purposefully helpful informative posts, as we both seem
to strive to fully answer a question, where the result, whether intentional
(as in my case) or not, others can benefit from now, and in the future.

I was afraid of that fact that the stub could download into any folder it
wanted to, where I was hoping there was some kind of "standard" directory I
could monitor (or even a "leftover" directory, such as what Chrome-based
browsers seem to use).
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/hqKijRgHOC0/vB3pH-sZAgAJ>

Chrome-based browsers, for example, leave very useful remnants in:
o %LOCALAPPDATA%

For example, the Epic stub first downloads the full installer in:
o "%LOCALAPPDATA%\Epic Privacy Browser\Installer\"

And then that download will next install the Epic executable here:
o "%LOCALAPPDATA%\Epic Privacy Browser\Application\epic.exe"

The Brave browser, as noted here, also uses %LOCALAPPDATA% as shown here:
<https://groups.google.com/forum/#!topic/alt.comp.freeware/bog50yqc_As>
o "%LOCALAPPDATA%\BraveSoftware\Brave-Browser\User Data\"

But, as you noted, they can use "anything", where, I guess I need to look
up all the possible "TEMP" directories to see what goes into there.

Given the definition:
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/2HxabZ93Y3U/Rzdj4qPc4LIJ>
o TMP -> developer tools temporary files
o TEMP -> user apps temporary files

I can find (most of?) the temporary directories in the control panel:
<https://adamtheautomator.com/powershell-environment-variables/>

Win+R > control > {Category}: System and security > System > Advanced System Settings > System Properties > Advanced > Environment Variables
o {User} %TEMP%===%USERPROFILE%\AppData\Local\Temp
o {User} %TMP%===%USERPROFILE%\AppData\Local\Temp
o {System} %TEMP%===%SystemRoot%\TEMP (aka %windir%\temp)
o {System} %TMP%===%SystemRoot%\TMP (aka %windir%\tmp)

Where I think there are a few more not in the control panel:
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/R6UJkSBAe5U/jEixhqB0opIJ>
o %USERPROFILE%\Local Settings\Temp
(aka C:\Documents and Settings\{user}\Local Settings\Temp)
o C:\Windows\assembly\temp
o C:\Windows\assembly\tmp

Of course, there's also the "Downloads" directories...
<https://answers.microsoft.com/en-us/windows/forum/windows_10-files/temporary-downloads-folder/e686f397-57b9-4ac8-8ede-5d8e039cefb7>
o %UserProfile%\Downloads

Did I miss any of the default "temp/tmp" directories?
<https://www.askvg.com/where-does-windows-store-temporary-files-and-how-to-change-temp-folder-location/>

> I'd probably start by running that in WINE, have the operation
> fail for various reasons, and extract the file in question from
> the "wreckage". For that particular example, I would not start by loading
> that into the main OS.

I was thinking along similar lines, of having the operation fail, and then
run a before/after logging program, which could tell us what was different
between the before and after.

Best would be a before/after logger that could tell which files were not
only added, but which were deleted by the stub, but that might not exist.

> You can make a filelist before and after, and spot the new materials.
>
> You can also do that in the middle of the install, when the installer
> is prompting for something, then go scan and see what you got so far.

Do you have a good recommendation for a before/after logger?
o Normally I just use "dir /s/a/l/on/b C: > c:\tmp\20200723salonb.txt

Googling, there seems to be a Windows system installer log mechanism:
o *How to enable Windows Installer logging*
<https://support.microsoft.com/en-us/help/223300/how-to-enable-windows-installer-logging>
o HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
o Type: Reg_SZ, Value: Logging, Data: voicewarmupx

There seem to be a few freeware utilities for installation logging:
o *7 Tools to Monitor Software Installs*
<https://www.raymond.cc/blog/monitor-software-installs-remove-leftovers-install-monitor/>
1. Advanced Uninstaller Pro <https://www.advanceduninstaller.com/>
2. Install Monitor (no longer free?) <https://www.mirekusoft.com/downloads/>
3. Primo <http://randy_hall.tripod.com/download.htm>
4. Total Uninstall <https://www.totaluninstaller.com/download.html>
(last freeware version) <>
5. Comodo Programs Manager <https://www.comodo.com/home/support-maintenance/programs-manager.php>
6. ZSoft Uninstaller <http://www.zsoft.dk/>
7. Ashampoo Magical UnInstall <https://www.ashampoo.com/en/usd/pin/2003/system-software/uninstaller-8>

There are lots of other hits so that's why I ask what folks like best:
o *How to log and compare Windows Registry data before and after any program installation?*
<https://stackoverflow.com/questions/1911689/how-to-log-and-compare-windows-registry-data-before-and-after-any-program-instal>
o Total Commander <https://www.ghisler.com/>
o RegShot <https://sourceforge.net/projects/regshot/>
o Process Monitor <https://docs.microsoft.com/en-us/sysinternals/downloads/procmon>
o Program Installation Monitor <https://sourceforge.net/projects/program-installation-monitor/>
o Revo Uninstaller <https://www.revouninstaller.com/revo-uninstaller-free-download/>

What uninstaller/logger do you recommend that can tell us what happened
between executing the stub and final installation (which might catch the
full network installer download location before it's auto deleted)?

> In the AV scan, BitDefender found something. But at this point I
> don't plan to burrow any deeper, because experience tells me
> it will be largely a waste of time. At one time, the AV companies
> used to write reports for some of these things, and in "one-hop"
> you could have your answer. If I enter some search terms
> today *nothing* shows up. Big vacuum.

Thanks and I don't want you to spend more time on this.
Just whatever you know off the top of your head is more than I know.

I don't use AV programs anymore, and I haven't gotten a virus in a decade
(AFAIK), even as I must install dozens of software packages a week, on
average.

Maybe I'm just lucky (or ignorant).

> I can only assume it's a PUPS, and maybe the "free" product was
> supported by cruft when first delivered. Some of these companies
> disable their OpenCandy delivery vehicle, maybe a year after the
> product comes out.

Thanks. I forgot what a PUPS was, so I googled to refresh my memory:
o *PUPs Explained: What is a Potentially Unwanted Program*
<https://www.howtogeek.com/232791/pups-explained-what-is-a-potentially-unwanted-program/>

I have a one-strike-you're-out policy on freeware.
o The instant it does something obnoxious, it's out.

> So for me, that product starts in WINE, and with a bit of luck,
> I get a carcass to add to my collection (from one of the TEMPs).

Understood. I gave up on WINE long ago for Windows emulation in Linux,
where I can use VMs, but I gave up on them long ago also as too much
trouble; but they worked great when I was getting frequent calls from the
Indians named "joe" pushing the Microsoft Support scam on me (hehheh).

Thanks for your help, where any advice on what uninstaller folks like will
help to log the activity of before, during, and after...

During is the hard part, of course, as we can presume they will delete the
full network installer if they don't want it lying around as a TMP file.

[Brian Gregory]

I think you are a possibly a little over optimistic about modern AVs.
They can typically be shown to miss a lot of nasty stuff.

I think the thing to do is to report it as a possible false positive to
one of the more reputable ones that says it's infected.

I use Microsoft when I can.
https://www.microsoft.com/en-us/wdsi/filesubmission

In the past they have usually only taken a couple of days to complete an
analysis.

--
Brian Gregory (in England).

[Joel's Earthlink Newsgroups]

[Joel's Earthlink Newsgroups]

-------- Forwarded Message --------
Subject: What's the trick to get the freeware full installer for
archival, out of a common freeware stub installer situation?
Date: Wed, 22 Jul 2020 22:46:44 -0000 (UTC)
From: Arlen Holder <arlen...@newmachine.com>
Organization: Mixmin
Newsgroups:
alt.comp.os.windows-10,alt.comp.freeware,microsoft.public.windowsxp.general

[Joel's Earthlink Newsgroups]

-------- Forwarded Message --------
Subject: What's the trick to get the freeware full installer for
archival, out of a common freeware stub installer situation?
Date: Wed, 22 Jul 2020 22:46:44 -0000 (UTC)
From: Arlen Holder <arlen...@newmachine.com>
Organization: Mixmin
Newsgroups:
alt.comp.os.windows-10,alt.comp.freeware,microsoft.public.windowsxp.general

[John C.]

Not sure why you posted your forwarding of Arlen Holder's OP three
times. Also, not sure why he thinks the MiniTool Partition Wizard Free
12.1 download is a stub installer. MajorGeeks has it available here:

https://www.majorgeeks.com/files/details/minitool_partition_wizard_home_edition.html

It *is* adware though, according to Softpedia:

https://www.softpedia.com/get/System/Hard-Disk-Utils/Partition-Wizard-Home-Edition.shtml

and thus is off-topic in alt.comp.freeware.

Generally speaking though, if a program's website doesn't offer an
alternative download which can be installed offline, then you're out of
luck.

--
John Corliss BS206. No ad, CD, commercial, cripple, demo, nag, pirated,
share, spy, time-limited, trial or web wares for me please. I filter out
posts made from Google Groups, cross-posted messages and anything from
that bonehead Arlen Holder. I recommend you do likewise.

[p-0''0-h the cat (coder)]

On Thu, 23 Jul 2020 19:15:35 -0500, another nym shifting arsehole troll
<champi...@gmail.com> wrote:

>The high cost of freeware is in the effort expended in choosing the best.

Ah!, another nym shifting arsehole troll for my bozo bin. Bye.

*plonk*

Sent from my iFurryUnderbelly.

--
p-0.0-h the cat

Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
Devil incarnate, Linux user#666, BaStarD hacker, Resident evil, Monkey Boy,
Certifiable criminal, Spineless cowardly scum, textbook Psychopath,
the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll infâme,
the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
shyster [pending approval by STATE_TERROR], cripple, sociopath, kook,
smug prick, smartarse, arsehole, moron, idiot, imbecile, snittish scumbag,
liar, total ******* retard, shill, pooh-seur, scouringerer, jumped up chav,
punk ass dole whore troll, no nothing innumerate religious maniac,
lycanthropic schizotypal lesbian, the most complete ignoid, joker, and furball.

NewsGroups Numbrer One Terrorist

Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
By Appointment to God Frank-Lin.

Signature integrity check
md5 Checksum: be0b2a8c486d83ce7db9a459b26c4896

I mark any messages from trolls »Q« and 'Arlene' Holder as stinky

[Flasherly]

On Fri, 24 Jul 2020 00:42:26 -0700, "John C." <r9j...@yahoo.com>
wrote:

>> Obviously, the downloaded stub installer must be sequencing two key tasks:
>> a. The stub downloads the "real" full offline installer freeware, &
>> then, b. Somehow it executes that "real" full offline installer to install.
>>
>> Given at some point, the full offline installer must be on my system...
>> o Is there a trick to get the full installer for archival in that process?

Fun and games with "stubs". OK.

Whatever may be the claim a software distributor purports to
accomplish, by interjecting themselves for a program installer,
whether passed on to another site location, they're claiming authority
by right or privilege, for presentment as one perceived from a host
for a third-party's intercession given privileged permission, the host
allows a client then to modify their computer software from a remote
WEB connection. That's an "online" install, perhaps system
modification, maybe a qualification, agreement and concession, or even
an established first to qualify some with a right even to be online.

Your first qualifier of a "full-offline installer" is not fully
percipient of options available. Networking, remote computing with
privileges supercede (sic) what one is not limited to by being a plug
at the end of terminal status, are effectively then a shared capacity
whereby choices present for the operating system will be defined in
manner and indulgence operating systems posit conjointly to indulge.

Within limits of a permissiveness given another operating system, an
end result of modifications which may, by dint of network protocols
and therein structural definitions, ipso facto for proper integrals of
intentful properties provided the operating system, may be
self-sufficient unto a program thus propagated remotely through
host-client proceedings

Analysis may be subsequently conducted from "testbed" imagery
established prior, various mirrored or binary imaging in an instance,
to establish event occurrence modifications, you're question would
directly infer, for disjoined discrepancies of comparative means.

That would be properly to identify and place such an installer, you
may indeed believe exists, for and at least until your analysis is
completed through establishing such a factuality indeed can be
conclusively and manifestly said evident.

Perhaps a matter of sophistication and resources involved with subject
need clarification. An instance of resources require, most commonly,
such that everyone may be said see advantage to a need provided a
hypothetical partitioner;- sophistication for mirroring and binary
streams of mirrors of partitions may however tax a somewhat higher
conceptual achievement beyond common perceptual propagation;- while
thus neither can reflect a same intensity given distributional means
over a degree of sophistication and times sophistication is quite
likely additionally to warrant.

Legality, however, will take precedence in your case. A manufacturer
of a computer disk realizes they incur risk to sell that disk,
whereupon then to tell the purchaser to buy or learn how to run
additional software to verify their disk indeed is as stated within
working order;- De jure, the practise is one of established
alliances, with partitioning software, which commonly relates to an
allied partitioner from an "online installer", that perspective is one
often given privileged identity as a token passed along to a customer
upon taking possession their physical disk.

[Arlen Holder]

On Fri, 24 Jul 2020 00:42:26 -0700, John C. wrote:

> Generally speaking though, if a program's website doesn't offer an
> alternative download which can be installed offline, then you're out of
> luck.

That, really, was the key question, after all...
(Where I don't usually ask a question if I haven't googled for it first!)

I stated from the start I simply was googling for a freeware tool that
could find the hard disk drive (where I generally archive my freeware).

In fact, the damn tool did NOT find the hard disk drive anyway, so it
wasn't worth the download bits to archive it.

So the question can either remain:
Q: *What's a good way to archive an installer that starts from a stub?*

Or, the question can morph (or be the subject of a new thread):
Q: *What's a good freeware tool to recognize a drive Windows won't?*
(which I haven't started a thread on yet, as I need to google first)
--
When adults post with purposefully helpful intent, everyone benefits.

[Arlen Holder]

UPDATE:

I was writing up a tutorial for concurrently running all three Microsoft
web browsers on Windows 10 (Internet explorer & the old & new MS Edge)
<https://i.postimg.cc/PrcV1pXF/browser06.jpg>

When I found, by accident, where Microsoft temporarily stores the full
offline Edge browser installer which is downloaded, presumably, by the
Microsoft Edge setup installer stub:
<https://i.postimg.cc/2SzGQkQZ/archive-installer.jpg>

C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.50\Installer\
Name: msedge.7z
Size: 299176204 bytes (285 MiB)
SHA256: 4D9036485183EEEE727CE8E69372A0C792F03E24C32B52AA0BC4112571C65B58

Unless you put programs where they belong, like I do, if you're like most
people who just let the programs install wherever _they_ want to go, then
you don't really need this 7z file to install Microsoft Edge separately
since the Microsoft Edge (Chromium based) full offload installer is here:

Name: MicrosoftEdgeEnterpriseX64.msi
Size: 90255360 bytes (86 MiB)
SHA256: 4CBD6B9FD748A05BA5ACB3F05CCE152AF197047B54DD61BD5C6D8CEC5FE37146
<https://www.microsoft.com/en-us/edge/business/download>

And here:

Name: microsoft-edge-84-0-522-40.msi
Size: 89464832 bytes (85 MiB)
SHA256: 67915E029FF91D85B815B7D4AA04A1C009579609207228FFB453441BEF74B01D
<https://microsoft-edge.en.uptodown.com/windows/download>

But for those, like I, who put programs where they belong, it's nice to
know you can now follow the same procedure in this Epic relocation thread
(which also works for other Chromium-based browsers installed via a stub)
to put the Microsoft browser (and all Chromium based browsers) where they
belong. <https://i.postimg.cc/QN6rbSQD/browser05.jpg>

See also:
o *Philosophy on a tutorial for setting up Windows in a well organized KISS philosopy such that search is never needed & reinstall is trivial*
<https://groups.google.com/forum/#!topic/microsoft.public.windowsxp.general/1Gf59YRkaI8>
--
Usenet is a great public helpdesk to get ideas from a bunch of nice people.

[Arlen Holder]

On Sat, 1 Aug 2020 04:01:32 -0000 (UTC), Arlen Holder wrote:

> I was writing up a tutorial for concurrently running all three Microsoft
> web browsers on Windows 10 (Internet explorer & the old & new MS Edge)
> <https://i.postimg.cc/PrcV1pXF/browser06.jpg>
>
> When I found, by accident, where Microsoft temporarily stores the full
> offline Edge browser installer which is downloaded, presumably, by the
> Microsoft Edge setup installer stub:
> <https://i.postimg.cc/2SzGQkQZ/archive-installer.jpg>

Updates because the ioBit program trashed my carefully installed Epic
browser, so I needed to look up the old tutorials on installing things
where they belong, particularly when they only come as worthless stubs.

o What's the trick to get the freeware full installer for archival, out of a common freeware stub installer situation?
<https://groups.google.com/forum/#!topic/alt.comp.freeware/y6kP58ROiLU>

And the similar (but specific to Epic) thread of:
o What's the best way to MOVE an app to where it belongs, after it has already been installed?
<https://groups.google.com/forum/#!topic/microsoft.public.windowsxp.general/hqKijRgHOC0>

For a tutorial on how to install all three MS browsers concurrently:
o Tutorial to set up 3 Microsoft web browsers (Edge UWB, new Edge, & Internet Explorer) to work concurrently coexisting peacefully even after subsequent Windows Updates
<https://groups.google.com/forum/#!topic/alt.comp.microsoft.windows/hUAf1lnum3E>

And for a tutorial on how to install the Brave browser properly:
o Tutorial: How to install the free Brave privacy-based tor-enabled web browser where YOU want it to install (and how to save a full offline installer in the process)
<https://groups.google.com/forum/#!topic/alt.comp.freeware/bog50yqc_As>

And a tutorial for how to install the last known good version of Epic:
o Save your old freeware Epic privacy browser Windows installer as the new ones changed how they did VPN
<https://groups.google.com/forum/#!topic/alt.comp.freeware/7FwuZz7WNSk>

All of which support the KISS philosophy of installing where things belong:
oPhilosophy on a tutorial for setting up Windows in a well organized KISS philosopy such that search is never needed & reinstall is trivial
<https://groups.google.com/forum/#!topic/alt.comp.freeware/i9Cz3POZFCo>

Particularly for web browsers:
o Do we have (yet) an actionable list of all free Windows & Linux web browsers (and their main purpose)?
<https://groups.google.com/forum/#!topic/alt.comp.freeware/krNaXA-YEbw>

Such that today, I posted a summary of freeware Windows uninstallers:
o Which freeware program uninstaller on Windows do you use and/or recommend?
<https://groups.google.com/forum/#!topic/alt.comp.freeware/N0JBhC1YkdQ>