Solved

Can I rename winvnc.exe to hide it int he Task Manager?

Posted on 2008-06-25
9
1,827 Views
Last Modified: 2013-11-30
When running winvnc.exe on a remote computer, the user runs the Task Manager and sees it there. He then ends the program. It makes it impossible, then, to remotely connect to his computer when other users want me to do that.

Is there any way to rename this exe file? This VNC (UltraVNC) is set up as a server so it [somehow] runs whenever the computer is restarted. I need it to continue to do that but disguise the file name....

0
Comment
Question by:chevronrod
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 7

Expert Comment

by:Christopher Martinez
ID: 21871435
I dont think so. You can attempt to rename the exe file on the client PC and attempt to call that particular .exe file. It is possible if this is a network environment to disable access to remove that file from task manager.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 21871826
I am hesitant to offer any solutions to this.

If VNC is required to be running by company management, then the user has violated policy and should be dealt with accordingly.

If it is not required by management, then why are you trying to access the computer?
0
 
LVL 39

Accepted Solution

by:
abel earned 500 total points
ID: 21873045
If you rename the filename then a malicious user will still find it and remove it via the task manager or other means if it wants to (I agree with what the others are saying: why would one kill the process that makes remote access possible in the first place? Even viral programs don't do that, they need the remote access...).

There are a couple of easy solutions though. First is to change the credentials of the service to, say, an administrator. In addition, you must make sure that the user logging into the desktop does not have administrative rights (but that's the first thing you should look out for when enabling remote access!). That way the user cannot kill the process anymore.

If you don't want that, you could disguise the filename (just change the registry key of the service that describes the process), but that is hardly a solution.

What one could also do, is adding a ghost process to the system which checks for some processes that must be running (and their exit states when they are killed). If they are killed, the ghost process will automatically relaunch the aborted process.

HTH,
Cheers,
-- Abel --
0
 

Author Comment

by:chevronrod
ID: 21875529
To first answer the reasons... This is a shared computer. WinVNC is not REQUIRED to be running on the computer. But a second user and a third like to have it on there because they are 200 miles from my office and like me to be able to get in and help out from time to time. The first user fears that outsiders (from Timbuktoo, or somewhere) will get into the computer and so he shuts down WinVNC. The other users have to restart the computer to get it to start up again.

Now, ABEL, I really like your ghost process idea. A LOT. Would you be able to help me find out how to get a process like that written or downloaded or whatever? So far I am leaning toward awarding you the points.

If someone can get this ghost process set up for me, there will be some hundreds of additional points awarded to that person.

Thanks.
0
ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

 
LVL 13

Expert Comment

by:kdearing
ID: 21877754
You shouldn't have to restart the computer to get VNC running.
START | PROGRAMS | ULTRA VNC | VNC SERVER
0
 

Author Closing Comment

by:chevronrod
ID: 31470840
I liked the idea of a ghost process. I don't know how to write one but hopefully someday someone will come forward to help me with it. In the meantime, I like this solution, so I'm accepting this answer.
0
 
LVL 39

Expert Comment

by:abel
ID: 21913652
Your welcome :)

Though i have to apologize for not returning to the Q. earlier. I can write such a program for you, or you can write one yourself using tools already available in Windows and added some help from Sysinternals if needed (not sure you need that though). Combine that with some batch (BAT) or VBS techniques and you should be done.

@kdearing: the whole point of the Q. was that this is a remote computer.... once VNC dies, the computer is not accessible anymore until someone physically attends to it.
0
 

Author Comment

by:chevronrod
ID: 21919236
abel. I will ask a different question as that is only way I know to give you points.... Is that o.k. with you?
0
 
LVL 39

Expert Comment

by:abel
ID: 21920884
Of course that's ok. But don't make it a "this question is for Abel" kind of question. Other experts should be given equal chance of answering it (and I'll be away for five days, so if you want a quick response, others may help you).
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Haven’t we all been there – Mom (or Grandma) needs help on her computer, so calls her IT son (or grandson) for help.  Wouldn’t it be so much easier to just remotely connect to her computer and fix the thing rather than trying to go through it on the…
Let’s list some of the technologies that enable smooth teleworking. 
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now