All of a sudden I can't recall if there's a way to verify file integrity of classic game installers once we download them. I know there is with Steam (fuk steam) and I assume there might be with Galaxy (never tried it never will) but is there a way to tell if you're downloaded files are okay if you're just downloading the Classic installers???

oh, and please GOG, do a better job of differentiating between the two please. I mistakenly downloaded 8GB of an installer only to learn AFTERWARD that it included the Galaxy crap. Forever, it was my "default" when clicking on things in my library that the Classic Installers would come up. So I tended not to look. But today I downloaded one and apparently it's "Default" is for the Galaxy included installer to come up. Please do something. Maybe give us an option under My Settings to choose which default comes up?

Thanks for any help and sorry for the rant. My health has deteriorated badly and it seems so has my frame of mind. I am so easily angry at things now it feels strange. If I've offended anyone here recently I apologize. Health or not, that's not right. I am sorry.

I'd swear there was, but when I recently wanted to check that in one installer, I could not find the option. I'm either stupid or going crazy again. Or both. They won't, because they want you to mistakenly download the Galaxy crap. From their point of view the problem is you realised it and didn't install it. What happened to you recently happened to me, and happened to many other people too. And we only know of the small percentage of those who did realise it and then posted about it. Ever since the Galaxy installers were implemented people have been asking GOG to inform people about them and the classic installers better, and to give us the option to make classic installers default. GOG absolutely refuses to respond in any way.

Aaahh, someone posted some info just a couple weeks back. Maybe see if the answer is found in this thread:

https://www.gog.com/forum/general/md5_hashes_for_big_downloads_like_the_witcher_3

Search for MD5 if that one doesn't help, for some other threads about it.

These instructions are for the Windows versions, in Windows:

1. For smaller games where the installer is in one (exe) file:

Right-click on the installer => Properties => Digital Signatures => click on the signature on the list => Details => wait 5-30 seconds (depending on the size of the installer) => "This digital signature is ok" means the installer is ok.

2. For bigger games where the installer is divided into an exe file and one or more bin files, you actually have to run the installer and install the game, as it runs the file integrity check before installing the game (the file integrity is enabled by default in the installer options I think; if not, it can be enabled there).

I think the older GOG installers (years ago) were better in this sense because they let you run the file integrity verification without actually installing the game. You could exit the installer right after the integrity check, without running the actual installation. Nowadays if automatically proceeds to installing the game right after checking the file integrity. The smaller installers (in one exe file) don't have this file integrity check option in the installer itself.

Also, GOG provides md5 checksums for almost all its installers, but getting those md5 checksums from GOG servers needs a bit of extra work.

If your intention is to check the file integrity of your whole GOG game collection, I suggest you use e.g. gogrepo.py for that. I wouldn't want to manually check all my 1395 installers. my mouse would break down from overclicking.


EDIT: I've been also thinking one way to check the file integrity might be to uncompress the installers with the innoextract utility? If the files are extracted successfully, then the installer is fine. I was earlier thinking about this as the last option for those few installers where GOG is not providing a md5 checksum (because in those cases e.g. gogrepo.py can only check that the file size is correct, it doesn't perform any other file integrity check for such installers without md5 checksums). So in my view gogrepo.py should do it like this:

- If the file has a md5 checksum, check the integrity with it. (gogrepo already does this)
- If it is a zip file (extras) without md5 checksum, test the zip file. (gogrepo already does this)
- If it is an installer without a md5 checksum, test the file integrity with innoextract.

Not sure if that would work, I should test it...

Well, I found it. It was under "OPTIONS" and it had two options listed 1)create desktop icon and 2) perform file integrity check before installation. Default was 1 being checked and 2 being unchecked. So I checked 2, clicked install, and it did a file integrity check before installation.

For me the integrity check is enabled by default, so maybe the GOG installers save your preference somewhere to the Windows registry so that you don't have to select or deselect it every time you run an installer.

However, as I said, only the bigger multi-part installers have that integrity check. Smaller games which come in a one part installer don't have that option to run integrity check before the installation. To check their integrity, you must do what I mentioned earlier in my message.

Albeit, I am unsure if that "digital signature check" is performed automatically when you run a one-part installer? At least I recall when I sometime tried to run a corrupted GOG installer, it would complain about it already when I double-clicked it. So if your intention is to install the game anyway, maybe there is no need to separately check the digital signature before that, but Windows checks it anyway when you run the installer exe. I'm sure some expert (JMich?) knows the answer to this.

Thanks for this info, very useful. +1

As said, it might be that the digital signature is always checked for the exe file when you run it, so maybe it is unnecessary to check it from the file properties. Ie., if the one-part installer runs (you are able to launch it by double-clicking the installer), then the installer is fine. That would also explain why the one-part installers on GOG are missing the pre-installation integrity check option.

I tried to find the asnwer to that, whether the digital signature is automatically checked whenever you run an executable, but I didn't find a clear answer at least here:

https://docs.microsoft.com/en-us/windows-hardware/drivers/install/digital-signatures

But at least it would make sense it is always checked, as why else would it be there if it is not used? :) (just trying to use some common logic here, but you never know...)

Yes, it would make sense but sometimes sense seems to go missing! :) So it is nice to have an easy way to check if only for peace of mind and, like you say, it only takes seconds.