Skip to end of metadata
Go to start of metadata

We are often asked from concerned customers if our installers have been infected with malware, or if third parties have included toolbars and additional download items to our installer.

We take the provenance of our downloads seriously. If you believe that a download has been compromised, please contact us immediately, after finding that any of the following checks fail.

The following steps will enable to you confirm that the file you downloaded is byte for byte, the one created by our build process.

If any of the checks below fail, then the file is not to be trusted; please re-download using only links on www.macrium.com

You can read more about code signing and the assurance it confers here.
http://msdn.microsoft.com/en-us/library/ie/ms537361%28v=vs.85%29.aspx
 

  1. Right click on the downloaded file, and chose properties:

    1. Check that the file has a digital signature (if not, the digital signature tab is not present).

    2. Select digital signatures tab.
      There will be two signatures, sha1 and sha256. Having two signatures ensures complete coverage for all Windows Operating Systems:

    3. Check the digital signatures are valid, Click details on both certificates.  




  2. Verify the code signing, confirming that the file hasn't been modified and then resigned with a certificate that resembles ours:

    1.  Click view certificate button.

    2. Click details tab.
      1. The thumbprint for the sha1 certificate should be: ‎0e d1 de cf 94 75 35 21 3b 5b ff ba 81 d3 cd e3 1f 1a b4 48  and 



      2. The sha256 certificate should be: 8bcc580e03f385d13c76367ad73c4373b5dd331c