How do I detect what setup authoring tool was used?

Is there a way to discover what installer tool does a product use? I mean, is there any way, checking the files properties or the processes running to discover what setup authoring tool (InstallShield, SetupFactory, InstallAware, Tarma, etc.) was used?

Thanks.

It's possible, but only if you are familiar with all these setup authoring tools. Most of them use custom installer properties, custom actions or custom tables specific only to them.

However, if it's a really simple installer these unique elements may not be used. So it really on a case by case basis.

What product interests you? Perhaps one of us can determine the setup authoring tool they used.

It's not bulletproof, but if you look under

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Most products that leave a trace in the add/remove programs applet will have an entry under here.

If you open the 'UninstallString' value, that will include the path to an exe that is invoked to perform the uninstallation. If it's msiexec then you have a product installed by Windows Installer. Otherwise you might need to get hold of the exe and inspect the file's version resource to get a little more information. Note that this may give an inconclusive result if, for example, the uninstaller is a bootstrapper exe that daisy chains a set of .msi packages.

If you need to find out what MSI authoring tool was used to generate the MSI, you might be able to infer this from the summary information stream of the .msi package in the uninstallstring, but not every authoring tools fills this value in.

Properties of setup file -> Version (XP) or Details (7) -> Description, like Created with Actual Installer

As alternative to above answers I would recommend to open installer's file in hex editor. Then do search for string containing 'install' or something like this. Usually near matched string will be name of program that produced installer package. For example, in my case this was a 'Smart Install Maker'.