I have a software activation logic which relies on thre parameters:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstallDate
Id of system volume
I'm interested in question: could these parameters ever change under any conditions except manual modification of registry values (for 1, 2) in single OS installation?
System volume id, as far as i know, can change only when the volume is formated.
Both DigitalProductId and InstalLDate also should be constant in single OS as they identify a license (concrete windows installation) and the date the OS was initially installes respectively. So according to this logic they shouldn't ever change.
I want to find any documentation that proves these points. Unfortunately my searching for such a documentation didn't give me enough as all that i've found are articles like this http://technet.microsoft.com/en-us/library/cc709644(v=ws.10).aspx which contain inderect information on the topic.
Also i've looked through this great post: http://siginetsoftware.com/forum/showthread.php?596-Investigating-the-Microsoft-Digital-ProductID-(DPID)
It partially proves my points but doesn't give a 100% guarantee
I repeat a question here once again:
Could parameters 1-3 ever change in single Windows installation?
Thanks in advance
My research has shown that independently of windows updates, service packs and other software, these keys remain the same.
Related
According to the description for the guidItem member of the NOTIFYICONDATA structure at http://msdn.microsoft.com/en-us/library/bb773352(v=vs.85).aspx programs that make use of the Windows system tray need to identify their icon with a valid GUID on Windows 7. I did this, but I'm running into a problem. If my application is running in directory A and then the user at some point decides to move it and run it in directory B, when the program makes the call to Shell_NotifyIcon it fails (returns 0) with GetLastError set to 1460 (ERROR_TIMEOUT).
If you read further down at the very bottom of that MSDN article to troubleshooting point 2, it basically describes that programs identifying their system tray icon with a GUID cannot change paths or this will happen. It also then has this interesting little blurb in it:
If the path must be changed, the application should remove any GUID
information that was added when the existing icon was registered.
Does anyone know of a Win32 API call or a way to do this? Presumably this would be a function taking the GUID that I want to remove, and calling it would remove any settings for any exe that windows identified as using this GUID. If so, I could setup my program to attempt to call Shell_NotifyIcon, and then if it fails, I'll call a function to clear everything out and try again.
The only other option I can think of to allow a program that has the potential for needing to be run in multiple locations (not at the same time) to use the same GUID for its system tray icon is to brute force modify the settings in the registry according to this article: http://deployment.xtremeconsulting.com/2011/07/08/windows-7-notification-area-automation-falling-back-down-the-binary-registry-rabbit-hole/ I would like to avoid this approach if possible, for obvious reasons.
Any help on this issue will be greatly appreciated.
Here's a complete list of possibilities that I'm aware of:
sign your EXE with a valid certificate;
do not ever move the EXE (precludes portable programs);
do not assign a GUID to your notify icon,
the hacky approach you linked to,
generate a GUID based on your application path.
Let's take a look at that last idea, in particular. Windows wants a unique GUID for every path. We just want a GUID that doesn't change for as long as the path is fixed. That's actually trivial to achieve. Here's an outline:
generate a random GUID using a service like make a guid
obtain your executable path
hash your path with a hash function that outputs at least 128 bits, like MD5 or SHA-1
XOR your GUID with the path hash, truncating to 128 bits
use the result as the tray icon GUID
This comes with a gotcha: the application path is not necessarily unique. But this shouldn't be a major problem because firstly, most of the time it's unique, and secondly, the worst that will happen if run via an alternative path is that the user will have to reposition the tray icon once.
I've got the same problem as in this question, except in Windows. Our product has a 100+ MB code base, and searching for stuff in there takes an awful amount of time (several minutes). It's nice when you can narrow your search to a specific subfolder, but that isn't always possible.
I was wondering if there is some tool that would make it faster, probably by indexing. Accuracy is paramount, if a substring exists somewhere, it must be found, even if the file is not indexed or the index is out of date. Also it would be ideal if .svn folders would be ignored when searching.
Failing that, I was wondering if I could make something like that myself. Is there maybe a ready made indexing engine available for such tasks? I was wondering about Windows Indexing Service (or whatever it is called these days), but so far my experience with it (the Windows standard file search facility) has been rather dismal, with it often missing files that were right in front of its nose.
Yes, I have seen Window Indexing service miss files too, but I haven't checked KBs or user forums for explanations. I'm glad to see it confirmed that it's not just me ;-)!
There look to be alot of file index programs available, I would be surprised if you can't find one that meets your needs (although, see later).
Here are some things to consider:
If your team is using an IDE, isn't there an index feature/plug-in? (none of the SVNs provide Indexing capabilites?). Also, add some tags to your question so this will be seen by other windows developers using the same dev enviorment that you are using.
The SO link you provided mentions several options: slocate, rlocate, and I found mlocate. The wikipedia page for slocate says
Locate32 for Windows Windows analog of GNU locate with GUI, released under GNU license
which seems to meet your main requirement. Looking at the screen shots with the multi-tab interface (one labeled advanced) would give me hope that you can exclude svn (at least from results, possibly from what is indexed).
Your requirement for
if a substring exists somewhere, it
must be found, even if the file is not
indexed or the index is out of date.
seems contradictory. For the substring requirement, I can see many indexing programs ignore c lang syntax elements ( {([])}, etc), and, for example, 'then' is either removed because it is considered a noise word, or that it gets stemmed-down to 'the' and THEN is removed because it is noise word.
To get to 'must be found', and really be sure, you would have to develop a test suite to see what the index program is doing for anything that is corner case. (For a 100 MB code base, not out of the question, especially since you are considering rolling your own).
Finally 'even if the file is not indexed ...'. Well, you either use an index or your don't (obviously). Unfortunately, for your requirement, while rlocate is looking for changes all the time, slocate (on Unix) doesn't seem to. Probably if you read/check on the docs or user forums for locate32 you'll get the answers you need.
Rlocate would give you what you need, but from an rlocate page 'rlocate will work only on Linux with version 2.6.'. mlocate doesn't seem to be have a Windows port either only.
Finally here is a link I found that is interesting about mlocate : mlocate vs rlocate. This is the google cache, because the redhat.com said 'not available'.
Is there a way to get a file hardlinks count on Windows without using GetFileInformationByHandle()?
MSDN says:
Depending on the underlying network features of the operating system and the type of server connected to, the GetFileInformationByHandle function may fail, return partial information, or full information for the given file.
In practice, retrieving the link count on a network share, whatever the Windows version at both ends, always return 1. The only case where it works is when accessing a samba share. Looks like they forgot to duplicate Windows bug/limitation. Also, the "partial results" without telling you they are partial is pretty nice for an API call.
It seems a little strange but what about GetFileInformationByHandleEx. It doesn't contain the waiver that you quoted above, so perhaps has the smarts built into it to handle some of the problems that GetFileInformationByHandle can have.
For that you can try FindFirstFileNameW and FindNextFileNameW.
It isn't good option to enumerate stuff to get count but it is another way.
Using VB6
I want to compare the system date, if the exe should not work after 02/11/2009
vb6 code
Dim dte As Date
dte = DateValue(Now)
'MsgBox DateValue(Now)
If dte > DateValue("01/11/2009") Then
Unload Me
End If
But if the user change the system date, it will work, my exe should not work after 10 days. How to set.
Need VB6 CODE Help.
There is no 100% secure way of doing this. Usually software doing that encrypts the date into some obscure registry key. But is not in accord with Kerkhoffs' principle.
Generally speaking you would have to persist the installation or first run date somewhere on the system (where users cannot easily modify or delete it) to compare it to the current system data. Beside this you shall protect your program against tampering attacks.
To protect against system time changes there is also no 100% good solution. An easy one would be to look at some files in the profile of the user and take the newest one. If this time is later than the current system time (with some delta), then someone manipulated the datetime settings.
All this is worth almost nothing, as it is really easy to workaround such a protection (even without deep programming knowledge). I would consider a solution in limiting the functionality of your program and protecting your code against tampering (what you have to do anyway, no matter what you choose as a solution).
The amount of effort to implement a truly robust date-based protection system is not proportional to the protection provided.
In any case, the last scheme I used seemed to work. I stored the last run date and number of days left in some obscure registry keys. Each time the app started I checked that last run date key was still in place and had a valid value and I checked the number of days left. Both these values were stored encrypted. To add a level of confusion I read and wrote a number of garbage keys in more obvious locations.
The trial expired if I found evidence of tampering such as changed garbage keys, a current date that was older than the last run date and a few other things.
To slow down users trying to hack the software I encrypted the names of the registry keys in the code so they wouldn't be obvious when the exe was viewed in a hex editor.
Was all that effort worth it? Probably not. I suspect a lot less would have detered most casual crackers and the serious ones, well, they would have cracked it anyway.
I my opinion, it is possible just save time difference between your exe release date and future locking date.
If user system clock is set back than release date give user to set it right and then simply check if exe is running before future locking date.
I think you got it……
Software copy protection is a big subject, and there's many possible approaches, from commercial libraries and hardware keys, to "roll your own" like you're suggesting.
I advise you read some of the other discussions on copy protection on Stack Overflow. E.g. this or this or this.
I have an application and I'm trying to make sure it's running in a secure environment. First of all, I check if Windows is genuine, which makes it more likely that the user keeps it up-to-date. If not, I just pop up a message warning the user there's a possible risk because he still needs to validate Windows.
Now, I want to do a bit more. I also want to check if the user has installed a virusscanner. I don't care which one, as long as he has installed one. Then the same for checking if a firewall is installed. And if possible, I want to check when the user updated his Windows/Scanner/Firewall the last time just to make sure it's not too old. So:
1) How do I check if a virusscanner is installed?
2) How do I determine when the virusscanner was updated?
3) How to detect when the virusscanner did it's last full-system check?
4) How do I detect if a firewall is installed and active?
5) How do I check when Windows received it's most recent update?
Basically, when my application starts I want to display a screen with warnings (just once per day) just in case any of these things have a problem. This because my application works with all kinds of sensitive information that the user collects from his clients. (Which includes bank account numbers, ID numbers of passports, NAW+DOB, income and a lot more.) Basically, if the system has a problem, the user must confirm that he's aware of these problems. It takes the possible liability away from my application if he continues while knowing his system is possibly insecure...And language? Basically C++ or Delphi for WIN32 examples and C# for .NET examples. It's more about .NET/Windows API/.NET than language.
I think you can do most of this via WMI
Something like this:
ManagementObjectSearcher wmiData = new ManagementObjectSearcher(#"root\SecurityCenter", "SELECT * FROM AntiVirusProduct");
ManagementObjectCollection data = wmiData.Get();
foreach (ManagementObject virusChecker in data)
{
// This is the virus checkers name.
String virusCheckerName = virusChecker["displayName"];
}
[You didn't mention what language, so the sample above is in C#, but WMI can be done from pretty much anything]
[Edit: You can do the same but with "FirewallProduct" instead for firewall info. Also, for the anti virus, you can look at the "productUptoDate" property on the results for info on if it's up to date]
The WMI reference should help you find the others. (1, 2, 3, and 4 I'm pretty certain are available through WMI. 5 I'm not so certain about, but I think it probably should be)
You'll probably find WMI Code Creator helpful for testing and figuring out what queries/objects you need to use. Also Scriptomatic and WMI Admin tools might be useful.
Since I was looking for a C++ and not .NET depended way, I mixed between this answer and MSDN example: Getting WMI Data from the Local Computer.
The commands that need to be changed in order to get the AV name are:
_bstr_t(L"ROOT\\CIMV2") to _bstr_t(L"ROOT\\SecurityCenter2"). Keep in mind that SecurityCenter2 is for Win 7, Vista SP2 and beyond according to this. Below Vista SP2, you need to use SecurityCenter.
bstr_t("SELECT * FROM Win32_OperatingSystem") to bstr_t("SELECT * FROM AntivirusProduct")
hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0); to hr = pclsObj->Get(L"displayName", 0, &vtProp, 0, 0);.
This changed code has been checked and fully working.
For a simpler method you can always iterate over this algorithm and look for your AV by name.