I have a legitimate and legal software program that allows users to
attach large files (i.e. digital pictures, powerpoint files, etc.) to
their emails.  The program is free.  The problem is that the software
is being illegally removed or 'ripped out' by competing software
companies.   Originally I implemented a process of requiring a
'kaptia'
box when a user accesses the add/remove programs and wants to
un-install my software; however, my competitors are still somehow
removing my software when they are present on the same machine.
My software is free to users and is not ad supported (which my
competitors show tons of pop up ads to users in order to monetize
their 'free' product).  I want to keep my software free and at the
same time allow my users to remove my software if they legitimately
wish to do so but I want to prevent competitors from
illegally deleting my software from a users desktop.

What measures can I put in place to prevent this from happening?

Change the executable/dll filenames and registry keys, if any, that
your application use. You can even change their locations and
sizes/signatures for files. This will probably make your competitor to
have to change their code to continue uninstalling your new version.

Also there might be a registry key/path location/file that is common
for both programs and simply the last one installed overwrites
something required by the first one to run (this can be the case if
uninstallations are not intentional strictly towards your product, but
all similar products or if you have evidence that uninstallations are
not complete, just your app is defunct or something similar). In that
case, you can also try to add another simple application to
system/user startup that will check if your application has been
illegaly removed, and if so - do a silent re-install or simply copy
over again files that have been removed/modified from the backup
location (where you have put them during initial installation).

If a user logged in/running your competitor's app is admin on that
computer/network or has sufficient privileges to tamper with your
files, you can hardly stop him to uninstall your app as long as your
competitor knows where is and how your app works. You simply have to
outsmart them.

What they are doing is illegal and malicious.  They are manipulating
data not owned by them (at the minimum it is a flagrant copyright
violation).  You have several options:

1)  Report them to several anti-virus vendors to get their application
added to virus definition lists.
2)  Get a cease-and-desist court order and request to freeze their assets.
3)  Sue them or get law enforcement to put the owners of those
businesses behind bars.
4)  Contact a number of news sites and their beats.  If the article
makes the front page, the competitor sites (along with your own) will
be Denial of Serviced (DoS'd).  Don't be whiny, but present your topic
with a business-like sense such as a public relations department would
do.  If you get lucky, you might make slashdot.org front page and both
you and your competitors will be DoS'd by zillions of users.  This can
be a great source of PR for your product depending on how you play
this route.

I'd personally start with #4, execute #2 if that doesn't work,
threaten #3 and execute #1, then execute #3.  Be sure to have regular
press releases and press contact - that information will filter down
to the Internet community and people will see you as the good guy and
your competitors as the bad guys.  The result of this will be more
people using your product.

If you do not take any legal action against them, the courts may rule
in favor of them if it ever comes to that.  Some simple PR (free
publicity if done right) is usually sufficient to get such people to
straighten up and fly right.  This approach is a whole ton simpler
than playing cat-and-mouse with code.

It would seem that your competitors are simply removing the files (and
registry entries?) from your clients computer, rather than executing
the uninstall program (in effect they have written their own
uninstaller).

As with a previous comment, changing file names / directory names /
registry locations or a version by version basis would invalidate
their existing uninstallers.

Or alternatively you could try the method of salting (ie generating a
random string and using it as part of the install directory / registry
keys - the salting should be randomly generated as part of the install
process and not pre-determined in the binary before shipping). They
use this method with mozilla profiles to help avoid malicious access.
Ie  C:\Program Files\MyApp\ would become C:\Program
Files\MyApp.jdtsghtn\  The same idea can be applied to registry keys
and dll files.

For filenames, this can still be countered, as a script could run 
delete C:\Program Files\*MyApp*
The counter to this would be to install into C:\Program
Files\jdtsghtn\ or more neatly C:\Program Files\Outlook
Express\jdtsghtn\ and just create shortcuts within C:\Program
Files\MyApp\

If you have to save the salting to a config file, you might want to
encrypt it (with the key embedded in the binary), or alternatively
allocate a space within your binary, then during the install, hex edit
it to embed the salting(s). You could do this by declaring a unique
string within your program code ie
string salt = "SALTING" 
and then read the exe as a binary file, search for the ASCII codes for
SALTING and replace with a 6 letter salt. (Though do a search before
hand to ensure that the ASCII equivalent of your chosen keyword
doesn't appear elsewhere)


However the application still needs to be registered within the
computer (and the uninstaller), and the files need to be readable by
the computer. It would still be possible to parse the results of
dir C:\ /S 
to locate your program directory (but would slow down the users
machine to generate). There would also be other methods of searching
the windows registry for where the program is registered.


Other alternative suggestions would include installing a second
program, placing a link to it in
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current_Version\Run
which basically checks that the program has not been unintentionally
uninstalled (the uninstaller would need to leave behind a key in the
registry somewhere - also salted so others couldn't fake it), and
redownloads and installs the program if if hasn't been correctly
uninstalled. You would need to leave this program running in memory
(doing nothing), and programmed with a shutdown command to rewrite the
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current_Version\Run
registry key.



The short answer is that there is no technical difference between an
enemy program and a user. Anything a user can do, can be scripted. If
a user can manually uninstall the program without your installer, then
an enemy program can script this uninstall. This is similar (but the
reverse situation) to the core reason why Digital Rights Management is
fundamentally flawed (as in it will always be possible for a user to
crack it - as the key to decrypting the content is on their computer,
hidden but still embedded in their decoder).

I hope this posting helps you, it won't stop them completely, but you
can make it alot harder to uninstall (there may come a point where it
costs them too much in manpower to figure out how). Though you may
need to explain some of these measures to your customers, ones might
equate such measures (especially the extra startup item) as being less
than benign (though Joe-Sixpack would likely be unaware of them).

Here is the step by step method to protect your files.

1) If its NT based system then register your exe file as a service
with low priority thread and in the starting of this exe you open file
pointers and let them be open and when service closes down, just close
the file pointers. Benefit of service is, it loads automatically when
windows starts and no program has access to remove it from service
that easily.
2) This one protects your files being automatically deleted if anyone
will try to delete your file except your service, it will get file
already in use exception.
3) In windows 98 system, there is option of converting your executable
into mini service.
4) When exe file is running, it is not easy to remove it, and you can
write a code of uninstallation in your service which is running in
background. Once someone tries to uninstall, you can show a visual
confirmtion (show some characters in bitmap and tell them to fill in)
which any automatic program cant do.

If you still need my help can I give my email address, I know inside
out of every OS of the world and my answer will be the maximum
possible secure way you can secure your product.

when your competitors will know that you are doing somethign of this
kind, it will not be easy for them to remove it, but remember there is
always a way when other program can harm your program, i am claiming
that it will be difficult but it will not be impossible.

The easy way for doing it,is to write a small execuatable that open
all your application file for read.

This appliction should run on startup.

If someone is tring to close this app , the app should popup a message
"Do you want to uninstall?"

For more details how to keep your app simple,and still hard to remove contact
MomoShlomo@hotmail (only if you arn't a spyware)

Ok well heres a simple solution... make a silent installer that
installs your program that restores the installation upon running it.
Ok now as part of the install... make it install a copy of itself into
a random directory like C:\windows\system, or system32 or something
else, and log its location into 
HKEY_CURRENTUSER/Software/Microsoft/Windows/Currentversion/run.....

what this will do... is when the computer restarts, it reinstalls your
application, randomizes the directory of the "restorer" and updates
the registry so if it is ever deleted it is restored again...

You should be able to add an encryption method to your installation
and uninstallation that would require your users to submit a 16 - 32
character code that they would make up during installation that would
be sent to a database within your server. They would then need this
code to uninstall the program so that is gives it a PGP like security
effect.


This could also be a marketable feature not only providing a service
but security. (AND EVERYONE LOVES SECURITY)

Hope this answers your question.