If we have identify / analyse and demarcate licensed instances of some software vis a vis pirated, what's the approach that should be undertaken?
Take note, that's not a non-compliance of no. of licences purchased vis a vis deployed but licenced vs piracy issue. Some of the earliest investigation have resulted in noticing instances of folders like, 'crack', 'serial' or files like 'crack.exe' or 'keygen.exe' etc. on users c or d drives.
Considering that all machines are domain attached, a script can be run using GPO to identify the existence of these files and folders. But then, some of these can be just screesavers or other low value items while others maybe related to big ticket items like 'Adobe', 'oracle' etc. How do we demarcate? How do we automate?
Can someone advise on best appraoch to yield desired results? The current scope is only identification and not removal. SCCM 2010 is available to undertake some jobs if it's helpful.