Reverse engineering an install on windows

Click For Summary
SUMMARY

This discussion focuses on reverse engineering software installations on Windows Server 2008, particularly for proprietary abandonware. Key strategies include examining the Windows registry for relevant entries, utilizing Sysinternals' Process Monitor to track file and registry access, and considering cloning existing virtual machines (VMs) as a fallback. The importance of contacting original manufacturers for replacement software is emphasized, although many may no longer exist. Participants highlight the challenges of transferring legacy software components without installation programs.

PREREQUISITES
  • Familiarity with Windows Server 2008 and its registry structure
  • Understanding of Sysinternals tools, specifically Process Monitor
  • Knowledge of software installation components, including executables and DLLs
  • Experience with virtual machine management and cloning
NEXT STEPS
  • Research how to use Sysinternals Process Monitor for tracking application behavior
  • Learn about Windows registry editing and exporting keys from HKCU and HKLM
  • Explore methods for cloning virtual machines effectively
  • Investigate options for migrating legacy software to modern systems
USEFUL FOR

This discussion is beneficial for IT professionals, system administrators, and software engineers dealing with legacy systems, particularly those tasked with maintaining or migrating abandonware applications.

newjerseyrunner
Messages
1,532
Reaction score
637
Hello,
I'm in sort of a strange predicament. I need to figure out how to install a bunch of software that we don't have install programs for. They did at one time, but I think they've been lost by the employee before me or even before that.

Luckily though, I do have servers with the program installed on and I do have the licenses so I don't need to work around that. The problem I'm up against though, is how do I take an installed program and figure out where all of it's components are (executables, dlls, dependencies, registry entries, service hooks...) I'm quite unfamiliar with all of the nuances of MS Windows and know it's software management is pretty much non-existent.

I need to do this with a number of proprietary abandonware components.

It's MS Server 2008 if that's helpful.
 
Computer science news on Phys.org
Windows uses the registry to associate all the components of a system.
There are not hard and fast rules about how that should be done though.
If you examine the registry content you will likely glean some useful information, but you might miss important entries that don't seem obvious.
If the products you want to use really are abandonware with no user support or documentation still in existence you could waste a lot of time getting nowhere.
 
I would suggest contacting the manufacturer of the programs to see if they are willing to provide you replacement disks or a digital download for the software that you are looking for. This is your best option.

As rootone suggested, examining the windows registry is the other. Most of the settings for a program are stored in either HKCU or HKLM within the Software tree, but it could be else where too. You can search through that for your applications and export the relevant keys (I'd do a search for the name of the program/publisher as well. ) and attempt copying the program to another system. But if the software in question used an activation procedure, then this will most likley not work.

Pay extra if it comes down to it to get replacement disks, it's worth avoiding the windows registry.
 
The issue isn't about paying, my company is perfectly willing to pay. The problem is that these are legacy systems and the companies that created the products literally don't exist any more. I have a nuclear option of simplying copying the VM, but I want a repeatable install procedure.
 
Try copying the program folder then. I have several instances of the exact same issue at work, 25 year old instrument control systems in my case.
With the older programs, you may be able to get away with just copying the program and transferring it. Do you get errors if you just move the relevant subfolders from program files to a new system?
 
Routaran said:
Try copying the program folder then. I have several instances of the exact same issue at work, 25 year old instrument control systems in my case.
With the older programs, you may be able to get away with just copying the program and transferring it. Do you get errors if you just move the relevant subfolders from program files to a new system?
Yeah, they were complicated systems that installed things all over the place. I'm really hoping I'm not stuck cloning VMs forever.
 
What is it that this software accomplishes? Can you upgrade to a more modern software? The pain of transitioning may be less than that of whatever you are doing and are planning on doing.

BoB
 
  • Like
Likes rootone
newjerseyrunner said:
Yeah, they were complicated systems that installed things all over the place. I'm really hoping I'm not stuck cloning VMs forever.
You'll have to use some process monitor software to figure out what the program on question is doing.
Here's Sysinternals' Process Monitor software
https://technet.microsoft.com/en-us/sysinternals/processmonitor

It will show you all the files/registry locations any program running on your system accesses. Filter by the process name and see what your application is doing and all the different files/locations it's using. Then make a list and copy the relevant data over to a new system. This is a slow, and rather painful process. Depending on how many different things your application hits, it might be infinitely simpler to clone your VM.

Give it a go, hopefully you'll get lucky.
 

Similar threads

How to Read this Output from 'Net Share' (Win Command Line)
  • · Replies 6 ·
Replies
6
Views
3K
How Can I Script Windows for a New Server Installation?
  • · Replies 4 ·
Replies
4
Views
2K
Windows 10 Update - Caused Loop (Need a Computer )
  • · Replies 12 ·
Replies
12
Views
4K
Troubleshooting Windows Installation: Converting Dynamic Disk to Basic Type
  • · Replies 4 ·
Replies
4
Views
4K
Old programs cannot be installed after recovery in Win8
  • · Replies 9 ·
Replies
9
Views
6K
I'm getting an error during installation of ARPACK library for Windows
  • · Replies 2 ·
Replies
2
Views
3K
I'm considering switching to Linux but I'm not versed in ICS
  • · Replies 18 ·
Replies
18
Views
2K
How to install PLUTO on Windows
  • · Replies 5 ·
Replies
5
Views
3K
Why Does Windows 8.1 Flicker After Updates?
  • · Replies 5 ·
Replies
5
Views
3K
What do you think of Windows Subsystem for Linux (WSL)?
  • · Replies 12 ·
Replies
12
Views
5K