0

I have an application (Utility.exe) that refuses to perform certain operations if it detects another process (Target.exe) is running. I am not certain of the detection method that it uses. It may be a periodic poll for a list of processes, and if a process name matches certain criteria then the application locks down specific features.

  • If I rename Target.exe >> FooBar.exe and launch FooBar.exe then both tools work concurrently (ie the features of Utility.exe don't lock down)
  • However, Target.exe periodically updates from a remote location and relaunches a process with the filename Target.exe at which point Utility.exe ceases to function — this hack doesn't not fully solve my issue.
  • I have no control over the source code of Target.exe or Utility.exe

I want to run both applications concurrently.

Is there a way I can prevent Utility.exe from detecting Target.exe, thus removing the need to rename this process?

Improve this question
2
  • 1
    In windows, all users are capable of seeing all processes at least by filename, though other info will be suppressed, so other than a rootkit, it will be difficult to do it the way you suggest. I'd probably try using a filesystem watcher of some kind to watch for the file creation and to rename it then.
    – Frank Thomas
    Commented Jul 1, 2015 at 23:36
  • @FrankThomas is right. As a last resort, you could try hack Target.exe with a hex-editor so that, when it auto-updates, it goes with the name Marget.exe, or whatever - same number of characters of course.
    – misha256
    Commented Jul 2, 2015 at 0:39

1 Answer 1

Reset to default
1

Run foobar.exe and make a batch file script as follows:

@echo off
:loop
taskkill /PID "target.exe"
goto loop

run this batch script. The process target.exe will get terminated as soon as it is initiated. Or, you could find where the new target.exe file is copied by the remote server and designate that folder as read-only.

Improve this answer
2
  • Do not forget to run the code as administrator.
    – Kraken
    Commented Jul 2, 2015 at 0:43
  • You should update your answer to include that information if it does not work without doing so
    – Ramhound
    Commented Jul 2, 2015 at 11:24

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .