Solved

Can I rename winvnc.exe to hide it int he Task Manager?

Posted on 2008-06-25
9
1,842 Views
Last Modified: 2013-11-30
When running winvnc.exe on a remote computer, the user runs the Task Manager and sees it there. He then ends the program. It makes it impossible, then, to remotely connect to his computer when other users want me to do that.

Is there any way to rename this exe file? This VNC (UltraVNC) is set up as a server so it [somehow] runs whenever the computer is restarted. I need it to continue to do that but disguise the file name....

0
Comment
Question by:chevronrod
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 7

Expert Comment

by:Christopher Martinez
ID: 21871435
I dont think so. You can attempt to rename the exe file on the client PC and attempt to call that particular .exe file. It is possible if this is a network environment to disable access to remove that file from task manager.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 21871826
I am hesitant to offer any solutions to this.

If VNC is required to be running by company management, then the user has violated policy and should be dealt with accordingly.

If it is not required by management, then why are you trying to access the computer?
0
 
LVL 39

Accepted Solution

by:
abel earned 500 total points
ID: 21873045
If you rename the filename then a malicious user will still find it and remove it via the task manager or other means if it wants to (I agree with what the others are saying: why would one kill the process that makes remote access possible in the first place? Even viral programs don't do that, they need the remote access...).

There are a couple of easy solutions though. First is to change the credentials of the service to, say, an administrator. In addition, you must make sure that the user logging into the desktop does not have administrative rights (but that's the first thing you should look out for when enabling remote access!). That way the user cannot kill the process anymore.

If you don't want that, you could disguise the filename (just change the registry key of the service that describes the process), but that is hardly a solution.

What one could also do, is adding a ghost process to the system which checks for some processes that must be running (and their exit states when they are killed). If they are killed, the ghost process will automatically relaunch the aborted process.

HTH,
Cheers,
-- Abel --
0
ScreenConnect 6.0 Free Trial

Discover new time-saving features in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

 

Author Comment

by:chevronrod
ID: 21875529
To first answer the reasons... This is a shared computer. WinVNC is not REQUIRED to be running on the computer. But a second user and a third like to have it on there because they are 200 miles from my office and like me to be able to get in and help out from time to time. The first user fears that outsiders (from Timbuktoo, or somewhere) will get into the computer and so he shuts down WinVNC. The other users have to restart the computer to get it to start up again.

Now, ABEL, I really like your ghost process idea. A LOT. Would you be able to help me find out how to get a process like that written or downloaded or whatever? So far I am leaning toward awarding you the points.

If someone can get this ghost process set up for me, there will be some hundreds of additional points awarded to that person.

Thanks.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 21877754
You shouldn't have to restart the computer to get VNC running.
START | PROGRAMS | ULTRA VNC | VNC SERVER
0
 

Author Closing Comment

by:chevronrod
ID: 31470840
I liked the idea of a ghost process. I don't know how to write one but hopefully someday someone will come forward to help me with it. In the meantime, I like this solution, so I'm accepting this answer.
0
 
LVL 39

Expert Comment

by:abel
ID: 21913652
Your welcome :)

Though i have to apologize for not returning to the Q. earlier. I can write such a program for you, or you can write one yourself using tools already available in Windows and added some help from Sysinternals if needed (not sure you need that though). Combine that with some batch (BAT) or VBS techniques and you should be done.

@kdearing: the whole point of the Q. was that this is a remote computer.... once VNC dies, the computer is not accessible anymore until someone physically attends to it.
0
 

Author Comment

by:chevronrod
ID: 21919236
abel. I will ask a different question as that is only way I know to give you points.... Is that o.k. with you?
0
 
LVL 39

Expert Comment

by:abel
ID: 21920884
Of course that's ok. But don't make it a "this question is for Abel" kind of question. Other experts should be given equal chance of answering it (and I'll be away for five days, so if you want a quick response, others may help you).
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Logmein alternative 10 115
Guacamole and browser performance 1 86
Add Windows 2008 R2 Session Host to 2012 R2 RDWeb 3 61
Windows 2008 vs 2012 13 74
In this article, I'll explain how to setup a Plex Media Server (https://plex.tv/) on a Redhat (Centos) 7 based NAS with screenshots to help those looking for assistance.  What is Plex? If you aren't familiar with Plex, it’s a DLNA media serv…
Let’s list some of the technologies that enable smooth teleworking. 
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question