One of the problems with registry checks is they are prone to 'Installation Capture' type attacks. ie. Install Shield, captures registry settings when the application installs and first runs. There are a couple of clever solutions to this problem, one is to write something that runs say 3 days after the install date. This then means that the install capture won't register the modificiation, and ensure that on uninstall that the registry entry is not removed. You can also get clever by using file attrib flags for various non changing system files, say for example using the Archive flag. Another nice unique feature that I have employed is using a random (say 1 in 50) net check. If they are connected to the internet, the application checks for a newer version, at the same time it checks the server date and time, realises its a trial version and disables the application.Originally Posted by cairnswm
Bookmarks