Hi Guys, I've been trying to completely uninstall a couple of pieces of software from my Win7 x86 machine prior to selling it. On reinstalling them after they have been uninstalled by Windows and also had their files and registry entries thoroughly removed by me, they present as still being registered. In fact even reinstalling them in a sandbox or on a virtual machine does not prevent them from picking up their license info. I have also tried replacing the OS with a fresh copy to no avail. It seems likely that they have both written their license info off the OS partition, perhaps on an unused area of the hard drive or even on the motherboard. I am curious to know if anyone has any idea where developers are writing their info and what form it might be in?
Not really, but I have used IObit uninstaller which after doing the regular uninstall will go around cleaning out all the temporary files and registry entries left by the Win unstaller. Run that , then do your test . ...T
You have to delete all partitions / create new / format during a clean install, so you did it wrong if licenses were left on the machine after a new OS install Unless they use MS's new PID activation method, which is unlikely
Can you name the software that is supposedly able to get to this data even from inside a VM? I don't buy it. Is it written to the installer, a USB dongle, or online activation servers?
I'm with MrMagic here. What do you mean by "replacing"? If you simply installed the "new" OS over the "old" OS you need to begin a do-over and wipe the drive first. You might even want to consider a program like DBAN if you're really concerned about residual sensitive data.
I'm assuming that you want to remove the programs without reinstalling the os. If so, it might not be possible, because there are HWID / MID algorithms that have been in existence before MS started using them in Windows 10. Arturia has been using one for years. Why not see if the offending programs have a method to un-register the software to the machine?
The two applications that I have been trying to remove are DRD System's VideoReDo4 (VRD4) and Vandyke's SecureCRT. I have run some VRD4 installation tests using the latest version of Vmware workstation running Win7 and found that VRD4 was not able to access it's license info on the host machine. It's possible that my original comments were based on running an older Win7 VM that at some point had a long forgotten VRD4 installation that had been removed. I also found a earlier image of the OS partition that was taken prior to installing VRD4 and after taking a temporary image of the current state of the partition, used the old image to overwrite the existing one. I then created a list of all the files on the system and exported a copy the registry. On installing VRD4 on this rolled back setup, it ran as a trial copy proving that it's licence is written somewhere on the OS partition and not at some esoteric location. After inputting it's licence details another list of the files and registry entries was made. Comparing the file lists and registry exports allowed me to remove most of what I considered to be the relevant keys from the registry and a few licence references from c:\users\... . However, Win7 is a bit of a chatterbox, and there was quite a number of OS related changes made to the registry making the job far from straightforward. The entries that I removed were CLSID's, HKLM\Software\licences, and HKU\s-1-5-21..\Software\The Silicon Relms Toolsworks\Armadillo. After that, I then installed VRD4 in a sandbox so that it couldn't write to the system, but on running, it again managed to find it's licence info. It's possible that information was not completely removed, or it is shunting info to and through from memory. On another clean machine, I installed VRD4 using a sandbox and it came up as a trial copy. I then registered it in the sandbox, and now have a copy of exactly what it wrote to the virtual environment. So it may be possible to deduce from this reduced amount of information what is going on.