Solved

How to prevent a program from monitoring changes to the registry?

Posted on 2007-11-17
7
351 Views
Last Modified: 2012-05-05
Dear Masters

I know that a program by using RegNotifyChangeKeyValue API function can monitor registry changes.
but suppose that i want to create a registry key containing my program expire date, so this program can monitor it and then this key can be removed so my software can be used without limitations in time or date. so it seems that i should prevent such monitors from working. my question is that how i can prevent a program (which is monitoring registry) from monitoring registry?

Thank you in advance for your information.
===================================
Sincerely, Yours
Milad
0
Comment
Question by:miladyyy
  • 3
  • 2
7 Comments
 
LVL 19

Expert Comment

by:weellio
ID: 20304727
if they have 'read' access to the key, then you can't stop them from monitoring the registry key.

your question should be 'how can i put an expiration on my demo program'

why not try having your software expire after a specific number of uses, not days and encrypt the data within the exe itself,. or for that matter you can hash the date within there as well.
0
 

Author Comment

by:miladyyy
ID: 20305361
Dear Master (weellio)

Thank you for lightening-speed response, to some extent you are right but when putting information in the exe users can backup original unsed exe in a safe place and then overwrite used exe with the original one. so expire does not mean in that way, do you know EXECryptor software?
it stores information in registry but another software called Trial-Reset can delete its registry entries.
although EXECryptor is the strongest protector for Win32 applications i think a monitor program has detected EXECryptor's registry keys. so delete is available and possible whenever we want. but only this API can monitor registry changes, without it there is nearly no way to detect registry changes.
so i wanted to know if there is a way of killing this monitoring.

Please help me with it.
Thank you in advance for your information and guidance.

Sincerely, Yours
================
Milad
0
 
LVL 19

Expert Comment

by:weellio
ID: 20308971
one possibility is not creating the expiration data in the registry during the install, but after the first or second opening of the program.  normally this isn't monitored as closely.


check out activelock
http://www.activelock.com/download.html


or these other EE options
http://www.experts-exchange.com/Programming/Languages/.NET/Visual_Basic.NET/Q_21486786.html?
http://www.experts-exchange.com/Programming/System/Windows__Programming/MFC/Q_10054037.html?

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:miladyyy
ID: 20311309
Dear weellio

Thank you for your response, but even ActiveLock expire date or its registry entries can be deleted by Trial-Reset, and if someone runs a registry monitor program before running the application for the first time or before setup, they can detect any registry changes, by the way it seems that there is no way and i should try to find a solution by myself. Again thank you for your guidance.

Sincerely, yours
==============
Milad
0
 
LVL 19

Accepted Solution

by:
weellio earned 50 total points
ID: 20317187
unless you somehow bypass whatever it is they are going to use to monitor the registry, then there is no way to get what you want.

it is like you are trying to get in the front door of someone's house while they are watching you. unless you can get them to close their eyes they will see what you are doing.

0
 
LVL 1

Expert Comment

by:Computer101
ID: 21000164
Forced accept.

Computer101
EE Admin
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now