Reverse engineering an install on windows

Click For Summary

Discussion Overview

The discussion revolves around the challenges of reverse engineering the installation of legacy software on Windows Server 2008, particularly when installation programs are unavailable. Participants explore methods to identify and replicate the components of installed programs, including executables, DLLs, dependencies, and registry entries.

Discussion Character

  • Exploratory
  • Technical explanation
  • Debate/contested

Main Points Raised

  • One participant notes the importance of the Windows registry in associating system components but warns that there are no strict rules, which may lead to missing crucial entries.
  • Another suggests cloning a working installation as a practical approach to dissecting the software.
  • A different participant advises contacting the original manufacturers for replacement disks or digital downloads, emphasizing that examining the registry is a secondary option.
  • One participant expresses frustration over the unavailability of support for legacy systems, stating that their company is willing to pay but the original companies no longer exist.
  • Another participant shares their experience with similar legacy systems and suggests that simply copying the program folder might work, questioning whether errors occur when transferring relevant subfolders.
  • One participant raises the possibility of upgrading to more modern software, questioning if the transition pain would be less than the current challenges faced.
  • A later reply recommends using process monitoring software to track what files and registry locations the software accesses, suggesting that this could aid in replicating the installation.

Areas of Agreement / Disagreement

Participants express a range of views on the best approach to take, with no consensus on a single method. Some advocate for cloning or copying files, while others emphasize the importance of examining the registry or suggest contacting manufacturers. The discussion remains unresolved regarding the most effective strategy.

Contextual Notes

Participants acknowledge the complexity of legacy systems and the potential for incomplete information due to the lack of documentation and support. The discussion highlights the uncertainty surrounding the effectiveness of various proposed methods.

newjerseyrunner
Messages
1,532
Reaction score
637
Hello,
I'm in sort of a strange predicament. I need to figure out how to install a bunch of software that we don't have install programs for. They did at one time, but I think they've been lost by the employee before me or even before that.

Luckily though, I do have servers with the program installed on and I do have the licenses so I don't need to work around that. The problem I'm up against though, is how do I take an installed program and figure out where all of it's components are (executables, dlls, dependencies, registry entries, service hooks...) I'm quite unfamiliar with all of the nuances of MS Windows and know it's software management is pretty much non-existent.

I need to do this with a number of proprietary abandonware components.

It's MS Server 2008 if that's helpful.
 
Computer science news on Phys.org
Windows uses the registry to associate all the components of a system.
There are not hard and fast rules about how that should be done though.
If you examine the registry content you will likely glean some useful information, but you might miss important entries that don't seem obvious.
If the products you want to use really are abandonware with no user support or documentation still in existence you could waste a lot of time getting nowhere.
 
I would suggest contacting the manufacturer of the programs to see if they are willing to provide you replacement disks or a digital download for the software that you are looking for. This is your best option.

As rootone suggested, examining the windows registry is the other. Most of the settings for a program are stored in either HKCU or HKLM within the Software tree, but it could be else where too. You can search through that for your applications and export the relevant keys (I'd do a search for the name of the program/publisher as well. ) and attempt copying the program to another system. But if the software in question used an activation procedure, then this will most likley not work.

Pay extra if it comes down to it to get replacement disks, it's worth avoiding the windows registry.
 
The issue isn't about paying, my company is perfectly willing to pay. The problem is that these are legacy systems and the companies that created the products literally don't exist any more. I have a nuclear option of simplying copying the VM, but I want a repeatable install procedure.
 
Try copying the program folder then. I have several instances of the exact same issue at work, 25 year old instrument control systems in my case.
With the older programs, you may be able to get away with just copying the program and transferring it. Do you get errors if you just move the relevant subfolders from program files to a new system?
 
Routaran said:
Try copying the program folder then. I have several instances of the exact same issue at work, 25 year old instrument control systems in my case.
With the older programs, you may be able to get away with just copying the program and transferring it. Do you get errors if you just move the relevant subfolders from program files to a new system?
Yeah, they were complicated systems that installed things all over the place. I'm really hoping I'm not stuck cloning VMs forever.
 
What is it that this software accomplishes? Can you upgrade to a more modern software? The pain of transitioning may be less than that of whatever you are doing and are planning on doing.

BoB
 
  • Like
Likes   Reactions: rootone
newjerseyrunner said:
Yeah, they were complicated systems that installed things all over the place. I'm really hoping I'm not stuck cloning VMs forever.
You'll have to use some process monitor software to figure out what the program on question is doing.
Here's Sysinternals' Process Monitor software
https://technet.microsoft.com/en-us/sysinternals/processmonitor

It will show you all the files/registry locations any program running on your system accesses. Filter by the process name and see what your application is doing and all the different files/locations it's using. Then make a list and copy the relevant data over to a new system. This is a slow, and rather painful process. Depending on how many different things your application hits, it might be infinitely simpler to clone your VM.

Give it a go, hopefully you'll get lucky.
 

Similar threads

How to Read this Output from 'Net Share' (Win Command Line)
  • · Replies 6 ·
Replies
6
Views
3K
How Can I Script Windows for a New Server Installation?
  • · Replies 4 ·
Replies
4
Views
2K
Troubleshooting Windows Installation: Converting Dynamic Disk to Basic Type
  • · Replies 4 ·
Replies
4
Views
4K
Windows 10 Update - Caused Loop (Need a Computer )
  • · Replies 12 ·
Replies
12
Views
4K
Old programs cannot be installed after recovery in Win8
  • · Replies 9 ·
Replies
9
Views
6K
I'm getting an error during installation of ARPACK library for Windows
  • · Replies 2 ·
Replies
2
Views
3K
I'm considering switching to Linux but I'm not versed in ICS
  • · Replies 18 ·
Replies
18
Views
2K
How to install PLUTO on Windows
  • · Replies 5 ·
Replies
5
Views
4K
Why Does Windows 8.1 Flicker After Updates?
  • · Replies 5 ·
Replies
5
Views
3K
What do you think of Windows Subsystem for Linux (WSL)?
  • · Replies 12 ·
Replies
12
Views
5K