SC + Vista Compatibility - WORKING!!!!!!

[fangthorn]

GROAN!
Just when I thought it was working fine, it is now failing
I tested it on my LAN and it worked fine, now I have just tested it with a remote user, using AOL as their ISP (not that that should matter) and the connection establishes itself OK and I get to see the remote user's screen for half a second, then it disappears from my screen.
The remote user is using Vista with Windows Standard desktop (not Aero).
I have tested it both with and without UAC enabled - same result.

Any suggestions?
Thanks

[Radeon]

That sounds very Firewall/Antivirus related to me. I would suggest adding the exe to the users allowed applications list and see how you get on.

Only problem is that similar to what the previous posts say, sometimes it just doesn't seem to allow things when added. We sometimes have an issue like this with McAfee and we are yet to find a solution.

[fangthorn]

I have just driven over to the user and examined their machine.
It is a new Dell machine
- Inspiron 530s Viiv E6750 Core 2 Duo Processor (2.66GHz, 1333Mhz FSB, 4MB cache)
- English McAfee 9.0 Security Centre
- Video Card ATI Radeon HD 2400 XT 256MB Half Height

I tried switching the firewall off but had the same results (I didn't think the antivirus would cause this problem?)

I'll see if I can get a trial version of the same mcafee and load it onto my Vista machine ...
Thanks

23-1-2008
I have tried the above on my Vista machine and can report that SC continues to work correctly - so I am at a loss to explain why my user is having this problem.

[Radeon]

I mention antivirus as the connection is quite often detected a malicious due to what it is. McAfee is the one we have the most trouble with.

[Caramel]

looks like this has picked up a lot - have have been busy over the last few days so i have not had a chance to give radeon's solution a try.

regards to firewall issues... ARRRRRRGGGH... that said i have had all sorts of issues over the years with damn firewalls... most of the time the pc does not need a firewall as it is behind a nat router. But majority of the time i find that overzealous anti-virus makers are making "all-in-one" solutions including firewalls etc and giving me a headache, also salespeople selling these all-in-ones and firewalls make a killing by scaring ppl into buying a firewall that they don't actually need. </rant>

try upporting a program that uses a MS SQL database in tcp/ip with multiple pc's connecting... then you will see why i hate firewalls that don't need to be there.

don't get me wrong pc's SHOULD be firewalled from the big bad intarweb but nat routers will do that job a hell of a lot better than some buggy over active windows software app.

............

back to radeon's app as i said i have not had a chance to test yet but will do so this comming week

[Caramel]

radeon ... nice work !!

it seems we have cracked it and vista is finally supportable via vnc

i have edited my version since posting original one to use an autoit wrapper instead of a straight 7z one so that the initial exe can be repaced while connected (handy for "helping" clients with updates.. ie "doing it for them")

i will clean up my code for it and post it if ppl want it (uses radeon's aero.exe)

also does not require the use of nircmd to hide the cmd window

[Da GMan]

All I can say is F%$@g Brilliant, you are the master and we bow in your presence!!!!

[Caramel]

rofl...

i was playing around trying to find a way around UAC prompts being inaccessable to the vncviewer...

found that if you change the reg key "ConsentPromptBehaviorAdmin" to 0 you get no prompt just full admin rights... ie run a prog as admin and up it comes full admin no prompt (and no reboot required - instant)

so... what does this mean for our little script happening here?

crack open the "winvnc.cmd" search/replace "PromptOnSecureDesktop" with "ConsentPromtBehaviorAdmin" and ka-ching admin vnc support... client does not have to sit around waiting for you to ask them to "click on the 'continue'/'allow' for me' and having to explain why you can do everything but click on it yourself...



the only flaw that i can see with this is that if the pc crashes without closing winvnc.exe (ie the batch file does not complete) then the registry key would not be switched back and the user would basically have UAC then turned off until sc_vnc is run again and closed properly..
could be worked around by adding batch file to run on startup but that would be a dirty way to do it and could potentially be picked up as malicious by scanners...

[Radeon]

Great find Caramel!!! Only thing we have found is that it fails to work for Vista when the user is logged in as a standard user.

However we have made a change to your idea which is instead of replacing "PromptOnSecureDesktop" with "ConsentPromptBehaviorAdmin", we have added the two together.

This means that when you are logged in as an admin user, it ditches all prompts which is great but when you are logged in as standard user, you still get the messages but the key thing is it doesn’t disconnect you!

[Caramel]

i was actually thinking the very same thing myself after posting...

i posted right before i left work and thought of that on the way home - your post (and the notification of it) reminded me

[JohnZS]

Kudos for Radeon et al
For ages we've been trying to connect various XP to Vista PC's for remote admin and what not...with NO success.
By chance Google took me to this site, we gave Ruis' UltraVNC a whirl but had issues with the hook driver not working after reboot and also the fact it wasn't exactly very click and play (you had to set up the server), which isn't good for non-tech savvy people.
Anyway, saw your rejazzed Tool Radeon, and it worked wonders...we were in shock and awe when we saw it running for the 1st time connecting an XP machine to a Vista Business Machine.

Well Done and keep up the good work!
I'm off to eat some toast now.
~JZS~

[zeroasterisk]

I second, third, and fourth the kudos for Caramel and Radeon!
-----------------------------------------------------------
That's right - even with my problem-child firewall issue... I was able to create a single-click that worked with Vista... it was a little bit sluggish but fantastic that it worked at all... no funky driver install or firewall issues.
-----------------------------------------------------------
And, just in case you missed the link, it's:

http://www.mediafire.com/?d6g4p20cdby

Big-Ups Radeon.
-----------------------------------------------------------
I'd also like to see/hear about future improvements with the script - specific to Vista and otherwise... sounds like you guys are really improving things and I don't want to miss them.

[Caramel]

just cleaned my autoit version for realease..

• - uses radeon's aero.exe (renamed to aero_disable.exe as aero.exe has potential to conflict and 'taskkill /im aero.exe' could kill a process that we didn't mean to kill)

• - Disables 'PromptOnSecureDesktop' and also 'ConsentPromptBehaviorAdmin' (if user is an admin effectivly disables UAC till we disconnect - if user is 'user' UAC still prompts but is visable)

• - uses AutoIt (http://www.autoitscript.com) to package and drop (also detects vista at this point and runs the batch file accordingly)

• - The autoit wrapper allows for the exe to be replaced while you are connected (ie you can upgrade the sc_vnc.exe to include new helpdesk.txt or whatever)

Download:
http://sydflexi.dyndns.org/release/down ... ersion.zip

[Alberto]

Radeon/Caramel nice work !!!

I was actually thinking if it's possible to:

- detect windows vista

- if vista not found:
- run winvnc.exe and exit

- if vista found:
- turn off transparency
- disable 'PromptOnSecureDesktop'
- disable 'ConsentPromptBehaviorAdmin'
- start and wait winvnc.exe
- turn on transparency
- enable 'PromptOnSecureDesktop'
- enable 'ConsentPromptBehaviorAdmin'

directly from the aero_disable.exe written in C# or by modifying the winvnc.exe program written in VC6 instead of run the batch file.

Please let me know if you can do so or if you can post the source code written in c# so I can try to modify it.

Thanks. Alberto

P.S. for Caramel: The link you have posted is not working - this is the error message: No file with this name for download.

[Radeon]

Hi Alberto,

Due to the way we terminate the application, it would not correct the registry, meaning the user would be left with dodgy UAC settings. It could be done quite easily but the way we have seems to be the best way at the moment.

With regards to the source, we are not going to be releasing it publicly for the time being as there is a company (which we bought our support software from) which would benefit from this allot and to be honest, we don’t want to do them any favours.

[pgmoney]

I was actually thinking if it's possible to:

- detect windows vista

- if vista not found:
- run winvnc.exe and exit

- if vista found:
- turn off transparency
- disable 'PromptOnSecureDesktop'
- disable 'ConsentPromptBehaviorAdmin'
- start and wait winvnc.exe
- turn on transparency
- enable 'PromptOnSecureDesktop'
- enable 'ConsentPromptBehaviorAdmin'

directly from the aero_disable.exe written in C# or by modifying the winvnc.exe program written in VC6 instead of run the batch file.

Here is something free that does exactly that... it hasn't been fully tested but it's pretty simple so there shouldn't be any bugs.

it's a 25k zip file download... it will be at the link below until friday when we do a server cleanup then it will be deleted.

http://www.advantig.com/files/scVista.zip

[JohnZS]

That was a lovely piece of toast I enjoyed the other evening....toasted to perfection, not too charcoaly, but toasted just enough for a nice crunch... plenty of marge to... lovely,

I learned a valuble leasson today, eyes and ears, and also that system restore is actually not a bad piece of software.

Anyway just a few questions. Would it be possible to have say the computer's name displayed on screen at all?

As you can probably tell I'm not the brightest bulb in the light shop and on more than one ocassion have had to do a spot of remote admining on more than one PC..... in some cases...even network these PC's together.

It would make networking a lot easier if I could see the name of the computer Onscrean istead of rummaging around the "My Computer System Properties page"

If either of you guys can pull that off... it would be amazing

I'm off for a cold shower now.

Keep up the good work guys

~JZS~

[Greta]

Here is something free that does exactly that... it hasn't been fully tested but it's pretty simple so there shouldn't be any bugs.

it's a 25k zip file download... it will be at the link below until friday when we do a server cleanup then it will be deleted.

Is it also possible that you post the source of scVista.exe?

[Radeon]

Good way to do things, but we currently like it running a script as we include several extras in our script like systeminfo output to a txt file on the remote machine. This can be done in code but would be a bit harder for the 'standard' user cannot modify unless they setup a dev

Also, we have just been testing this new way of yours pgmoney and I have to say that it does the job but there are some problems

We ran your exe which was fine but the remote connection was picked up by Bit Defender, McAfee and Norton as a possible threat. the software then gave us the opportunity to terminate the application (which we did) leaving the registry incorrect. We didn’t think this would be a problem as we thought we could just run it again with no anti virus running and let it reset the registry on close down. It seems that you do not back the registry up in order for it to correctly restore.

I think you need to add in back of the registry that is changed to your exe then it should work great. Have a look at the script in our download to get an idea as to how ours works.

cheers

[Greta]

Hi Radeon,

Also the same question to you. Would you post the source of Aero.exe here?

Greetings Greta.

[Radeon]

Hi Greta, please see privious post....

With regards to the source, we are not going to be releasing it publicly for the time being as there is a company (which we bought our support software from) which would benefit from this allot and to be honest, we don’t want to do them any favours.

[pgmoney]

I’m confused as to what your "scVista.zip" actually achieves, other than more danger of it not reverting to original settings and les flexibility?

We ran the scvnc and it was picked up by Bit Defender, McAfee and Norton as malicious! On top of that, Norton and McAfee, terminated the scvnc (named winvnc.exe)

The file was uploaded for one person. It took all of 10 minutes to code something they specifically requested.

1 - There is not an scVnc.exe in the zip file I uploaded. The scvnc.exe is your own local winvnc.exe you had to manually rename to scvnc.exe

2 - scVista.exe is a digitally signed exe scanned by Norton, McAfee and Avg.

3 - If scVista.exe was terminated by your virus software it would never have been able to make any changes, execute any commands or launch any files.

4 - If winvnc was terminated, scVista would have continued it's processes.

Besides, a program like Aero.exe with no internal termination method other than to use an external kill program like tskill that SHOULD already be on the remote system to end it is deeply flawed. What if the kill program is missing, restricted, corrupt, not available or the kill fails? Your program would never stop running. Closed loops like that are unwise.

Which brings up another point. scVista restores the original settings, it doesn't assume it was enable and enable UAC if the user had already disabled it.

I've updated the readme text to explain more fully how it actually works.

You will need to launch scVista instead of the original
winvnc.exe

1 - Rename the UVNC SC winvnc.exe to scvnc.exe
2 - Rename scVista.exe to winvnc.exe
3 - Include both files in your package when you build
your customer modules.

- If not running under vista:
- Runs scvnc.exe (original name winvnc.exe) and waits for it to exit

- If it is running under vista:
- Checks to see if it was previously terminated abnormally and restores
original settings if it was.
- Reads current regsitry settings
- Makes a backup of the settings to reregscv.reg
- Disables 'ConsentPromptBehaviorAdmin'
- Disables 'PromptOnSecureDesktop'
- Temporarilly disables Aero if it is enabled
- Starts and waits for scvnc.exe (original name winvnc.exe) to exit
- restores 'PromptOnSecureDesktop' back to original values
- restores 'ConsentPromptBehaviorAdmin' back to original values
- restores Aero back to it's original mode if applicable.
- deletes the backup reregscv.reg

[Radeon]

You are also missing a point in what I was saying. I could see that you exe is clever enough to cache the registry settings but… if you start the exe then terminate it in an incorrect way to simulate a crash what is supposed to happen then? There is no recovery to the registry keys at all.

I think it might be a good idea for you to take a look at our script and revisit your code. The reason I comment is because I do not like extra work being created for people who are not as informed as you are. Especially work which could be avoided if it was thought about a little more. Your explanation as to what it does is fine enough. It’s your application that’s the problem.

As for you comment about antivirus, the fact the antivirus detected it wasn’t the point, it was what happened to the registry afterwards that I was concerned with.
ewhere

[pgmoney]

Is it also possible that you post the source of scVista.exe?

After recent feedback, I'll be deleting it in 1 hour. The last thing I need is false rumors saying I'm distributing virus laden malware because of a free program to help someone out. If you want the updated zip, get it now as it will be gone at 11:30 my time.

[Radeon]

I am not saying your code is malicious!

I am saying you code was detected as malicious, such as mine has been on other peoples machines. The point I was making is that your code as it is currently, does not protect against it being terminated in an incorrect way.

If you look at Caramel and our script, it takes a copy of the registry key and places it in the same place with _VNC at the end. Then... if the script is terminated incorrectly, whether it be antivirus/pc crash/power cut ect it checks for that key on next run of the app. If the _VNC key is their, it does nothing to the registry, meaning, on correct close down, everything gets restored.

If you still wish to remove your script then please do, but don’t take constructive criticism like we are trying you argue with you, any help is always great, I just don’t want people being put at risk.

[pgmoney]

You are also missing a point in what I was saying. I could see that you exe is clever enough to cache the registry settings but… if you start the exe then terminate it in an incorrect way to simulate a crash what is supposed to happen then? There is no recovery to the registry keys at all.

Yes there is. If the backup.reg file exists, it means the program terminated early, before it could delete the file and then it restores the original settings from the backup.reg file. Is it possible the reg file can get deleted before running the scVista.exe again, yes, but not likely in most cases.

The source of my slightly aggressive tone may stem from being falsely accused of distributing files with viruses. That's something that is simply not taken lightly by any professional software vendor.

[pgmoney]

If you look at Caramel and our script, it takes a copy of the registry key and places it in the same place with _VNC at the end. Then... if the script is terminated incorrectly, whether it be antivirus/pc crash/power cut ect it checks for that key on next run of the app. If the _VNC key is their, it does nothing to the registry, meaning, on correct close down, everything gets restored.

SC runs in a temporary folder that is deleted when the program ends, the backup _VNC file you write probably won't be there when you restart the machine and no settings will be restored. I fail to see how this is different than what I did other than I store the file where it is more likely to survive a reboot.

But enough of this, I have work to do... the scVista only has 30 more minutes of life and it will be gone. I sincerely hope your project does well. It has real potential to help folks out.

[Radeon]

Read all of the posts above and tell me where exactly we accused you of distributing files with viruses.

Also, our script writes to the registry the backup _vnc keys. That’s where our versions differ, take a look at our script and you will see. The point being that there is no backup file for a reboot of a pc to delete where as with yours there is. Meaning, with a few tweaks yours would be just as good a method.

[pgmoney]

Also, our script writes to the registry the backup _vnc keys.

You continue to insist aero.exe is the best way, like I said previously, a program like Aero.exe with no built-in termination method other than to use an external kill program that is ASSUMED to be on the remote system like tskill to end it is deeply flawed. If the non-included kill program fails, is missing, restricted, corrupt or not available. Your program will never stop running. You really need to add a kill switch of some kind if you can.

I seriously dislike adding unnecessary keys to the registry but since you insist, I changed it to do it your way... if the computer crashes and they never run it again there will be keys left in their registry. This one will be available until 1pm my time at the below url:

http://www.advantig.com/files/scVista.zip

With disabling UAC and Aero in one exe, you should be able to add it to any build method, even the online creator or your offline creator without changing anything other than renaming the exe files and dropping it into your source zip. Any other commands and functions you have added to your script or batch files should not need to be changed. It should even work unchanged with other vnc flavors running as an application since there is no vnc specific stuff done or even non-vnc programs but running as a service would have to be addressed.

By the way, I can't look at your script... no file by that name is available at the link posted.

Now I have other things to attend to so have fun, defending this simple little tool took longer than writing it... I won't be so quick to help anyone again.

Edit: I just tried it with TightVNC, RealVNC and even PC Helpware and some graphics programs that didn't work with aero and it works with them too although PC Helpware probably doesn't need it.

[Greta]

Hi Greta, please see privious post....

No problem. Sorry I asked, I hadn’t read this.