Can I rename winvnc.exe to hide it int he Task Manager?

Posted on 2008-06-25
Last Modified: 2013-11-30
When running winvnc.exe on a remote computer, the user runs the Task Manager and sees it there. He then ends the program. It makes it impossible, then, to remotely connect to his computer when other users want me to do that.

Is there any way to rename this exe file? This VNC (UltraVNC) is set up as a server so it [somehow] runs whenever the computer is restarted. I need it to continue to do that but disguise the file name....

Question by:chevronrod
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1

Expert Comment

by:Christopher Martinez
ID: 21871435
I dont think so. You can attempt to rename the exe file on the client PC and attempt to call that particular .exe file. It is possible if this is a network environment to disable access to remove that file from task manager.
LVL 13

Expert Comment

ID: 21871826
I am hesitant to offer any solutions to this.

If VNC is required to be running by company management, then the user has violated policy and should be dealt with accordingly.

If it is not required by management, then why are you trying to access the computer?
LVL 39

Accepted Solution

abel earned 500 total points
ID: 21873045
If you rename the filename then a malicious user will still find it and remove it via the task manager or other means if it wants to (I agree with what the others are saying: why would one kill the process that makes remote access possible in the first place? Even viral programs don't do that, they need the remote access...).

There are a couple of easy solutions though. First is to change the credentials of the service to, say, an administrator. In addition, you must make sure that the user logging into the desktop does not have administrative rights (but that's the first thing you should look out for when enabling remote access!). That way the user cannot kill the process anymore.

If you don't want that, you could disguise the filename (just change the registry key of the service that describes the process), but that is hardly a solution.

What one could also do, is adding a ghost process to the system which checks for some processes that must be running (and their exit states when they are killed). If they are killed, the ghost process will automatically relaunch the aborted process.

-- Abel --
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 21875529
To first answer the reasons... This is a shared computer. WinVNC is not REQUIRED to be running on the computer. But a second user and a third like to have it on there because they are 200 miles from my office and like me to be able to get in and help out from time to time. The first user fears that outsiders (from Timbuktoo, or somewhere) will get into the computer and so he shuts down WinVNC. The other users have to restart the computer to get it to start up again.

Now, ABEL, I really like your ghost process idea. A LOT. Would you be able to help me find out how to get a process like that written or downloaded or whatever? So far I am leaning toward awarding you the points.

If someone can get this ghost process set up for me, there will be some hundreds of additional points awarded to that person.

LVL 13

Expert Comment

ID: 21877754
You shouldn't have to restart the computer to get VNC running.

Author Closing Comment

ID: 31470840
I liked the idea of a ghost process. I don't know how to write one but hopefully someday someone will come forward to help me with it. In the meantime, I like this solution, so I'm accepting this answer.
LVL 39

Expert Comment

ID: 21913652
Your welcome :)

Though i have to apologize for not returning to the Q. earlier. I can write such a program for you, or you can write one yourself using tools already available in Windows and added some help from Sysinternals if needed (not sure you need that though). Combine that with some batch (BAT) or VBS techniques and you should be done.

@kdearing: the whole point of the Q. was that this is a remote computer.... once VNC dies, the computer is not accessible anymore until someone physically attends to it.

Author Comment

ID: 21919236
abel. I will ask a different question as that is only way I know to give you points.... Is that o.k. with you?
LVL 39

Expert Comment

ID: 21920884
Of course that's ok. But don't make it a "this question is for Abel" kind of question. Other experts should be given equal chance of answering it (and I'll be away for five days, so if you want a quick response, others may help you).

Featured Post

ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As an IT person for a call center we are always looking for tools to make our jobs easier. Well I found the ultimate application for the job. SmartCode VNC Manager gets the job done. Its easy to get up and running just run the wizard to pul…
Local Printing Using Remote Desktop Windows 7 sometimes has issues with printing to a local printer using a Remote Desktop Connection (RDC). The 1st step is to verify that printers are checked on the Local Resources tab of the Remote Desktop C…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question