Correct was not thinking of your concern. Was thinking more in the terms of a user making a copy of the file, renaming it and then using it on his/her system with copies of tokenized files until he/she was able to inject their own program, but your concern is actually much more likely.

I suppose I'm too used to analyzing from a more advanced level.

As for the UserID being in the tokenized file as plain text not sure where you saw that. I'm certainly not seeing anything like that here.

Well think Shawn has some good ideas about CRC checking the exectuable and if possible even the path.

Told him to also include some semi-legal disclaimers along with the utility and even inside the utility because you know sooner or later someone is going to try and abuse the tool on purpose like a butt-head. Just like they did with WSH - actually a nice tool but then the scripting kiddies thought it would be cool to damage people's stuff with it.