THE BUG / ISSUE . . .
- What you did:
Setup a functional and fully updated copy of Windows XP Professional SP3 (WXPP-32bit) on an Intel P4-E6500/4GB platform; used that computer for approximately two years without difficulty.
Installed Microsoft “Virtual PC 2007” (VPC07) onto the tested/stable WXPP platform (“Host”).
Installed multiple different sources (OEM, Retail, VLK) of WXPP-32bit (again SP3 w All MS Security Updates) as “Guests” under VPC07 (emulating P4-521/1GB-RAM + 6G-HD) onto original WXPP Host.
Tested all WXPP Guests for full functionality and stability: PASS!
Tested all WXPP Guests for full interchange of data with Host through “Clipboard-Linkage” provide by VPC07 and supplemented by “Virtual Machine Additions” (VMA) for VPC07. (Standard install of VPC07 provides simple ‘text-based’ linkage of Host and Guest clipboards; VMA adds ‘graphic-based’ linkages between those two clipboards): PASS!
Clean Installed latest version of Comodo Internet Security (CIS) as combined Firewall and Proactive Defense onto several different installations of Guest WXPP, so that CIS was also running under VPC07.
2. What actually happened or you actually saw:
MAJOR BUG Observed: (A) Data on Host clipboard (text and Grphics) was still transferred to Guest clipboard; (B) Data placed onto Guest clipboard (in any format, and verified as being there with Guest’s “Clipboard Viewer” (CV)) was no longer being transfered onto Host clipboard (again verified, but with Host’s CV)! This was observed with all source-versions of installed Guest WXPP.
3. What you expected to happen or see:
We expected to see VPC07 clipboard linkages between Guest and Host to continue functioning in both directions after CIS was installed.
4. How you tried to fix it & what happened:
(A) Deinstallation and fresh reinstallation of CIS has no effect on final behavior. (CIS removed / system rebooted => clipboards fully functional; CIS reinstalled and running => clipboards only work in one direction (Host data => Guest system).)
(B) Verified that cause was not previous “clipboard bug” reported on Microsof forums for VPC07 (see verfication in 4(A), above).
(C) Tried deinstallation of VMA for VPC07 => behavior in 4(A) continued; reinstalled VMA for VPC07 => behavior in 4(A) continued.
5. If its an application compatibility problem have you tried the application fixes here?:
Yes; either did not appear applicable or had no effect.
6. Details & exact version of any application (execpt CIS) involved with download link:
(A) Windows XP Professional SP3 with full security updates as of June 20,2011
(B) Microsoft Virtual PC 2007 with Service Pack 1 (MS has not released any patches after SP1 in 2008).
(C) Comodo CIS V.5.4.189822.1355: 10 May, 2011
(D) No other Security Software installed on either Host or Guest machines.
(E) No other Application Software installed on Guest machines.
7. Whether you can make the problem happen again, and if so exact steps to make it happen:
YES: Detailed above in 1 and 4(A); 100% function, or 100% non-function, EVERY TIME, depending upon CIS status.
8. Any other information (e.g., your guess regarding the cause, with reasons):
We performed additional testing to try to isolated the cause.
(A) We turned off ALL functions in CIS (all proactive and monitoring activities) => simple presence of running CIS appeared to continue interfering with clipboards functions.
(B) We removed the “run at startup” Registry Entry for CIS, so that CIS would be present (installed) on the Guest WXPP, but would not begin running when that virtual machine was booted/restarted:
(i) Restarted Guest with installed CIS (but NOT started at bootup) functioned perfectly => clipboards functioned in BOTH directions; (ii) Taking fully functional Guest machine in state "i", and then manually starting CIS, clipboards returns to error state of 4(A) => data NOT moving out of Guest/Virtual machine. (iii) Taking crippled Guest machine in state "ii", and then manually stopping CIS, and verifying all associated processes were also stopped (through Task Manager), clipboards remained in error state of 4(A) => data NOT moving out of Guest/Virtual machine.
(C) We repeated all tested outlined in “B” above, but using CIS V.4.1.150349.920 from a download in September 2010; all results from 4(A) and 8(B)(i - iii) were identical to first round of testing.
(C) Guess: Since WXPP does not normally “export” its clipboard data, VPC07 must have to install some sort of internal interecept/injection “hook” or secret “network connection” inside the Guest copy of WXPP. The basic hook is independent of VMA, so it must be monitoring the data flow into the Guest’s clipboard as part of a direct modification of one of the Guest OS’s core files. Apparently, the process of starting CIS breaks part of this (intercept) hook, and closing down CIS does not completely restore the Guest machine’s original state. (Data flow from Host to guest might not be affected, as it is a different hook. It should not be too suprising that CIS would interfere with “secret” communications attempting to move in or out of the Guest WXPP platform upon which it is running. The exact details of why CIS might itself intercept, but not correctly “chain” clipboard data-flow is beyond my experience.)
(Most of the rest of the reporting template did not appear to be applicable,please contact me directly if I can provide any additional information, OR if you would like to try specific tests/workarounds/fixes on my established test-beds.)
. . . BUT SINCE YOU HAVE CONTACT ME, AND INFORMED ME YOU WILL NOT EVEN LOOK AT THIS ISSUE WITHOUT SUCH “NON-INFORMATION/REPETITION,” PLEASE SEE BELOW:
FILES APPENDED . . .
- Screenshots illustrating the bug:
There are no “screen-shots” as the bug results in nothing appearing (should I attach a blank screen shot?).
2. Screenshots of related CIS event logs or the Defense+ Active Processes List:
No events (Other than CIS “Starts” / “Stops”) appeared in the logs; no error messages, NOTHING.
3. A CIS config. report or file:
(Sorry, I needed to use the computer; I uninstalled CIS. If this “CIS config” report iis really THAT important, let me know and I will reinstall and print a copy).
Otherwise, CIS was installed directly from the download, without any additional configuration, EXCEPT TURNING OFF ALL SERVICES!
CIS JUST SITTING AND RUNNING ON THE COMPUTER, OR SHUT-DOWN ON THE COMPUTER AFTER RUNNING (AS PER ABOVE), CAUSES THIS MISBEHAVIOR IN THE UNDERLYING OPERATING SYSTEM.
4. Crash or freeze dump file:
5. Screenshot of More~About page:
(Sorry, I needed to use the computer; I uninstalled CIS. If this “About Page” is really THAT important, let me know and I will reinstall and dump and image).
COMPUTER / OS / CIS CONFIGURATION . . .
- CIS version, AV database version & configuration used:
Comodo CIS V.5.4.189822.1355: 10 May, 2011
No AV Database
2. a) Have you updated (without uninstall) from CIS 3 or 4:
3. a) Have you imported a config from a previous version of CIS:
4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.):
5. Defense+, Sandbox, Firewall & AV security level:
D+ = None
Sandbox = Not Enabled
AV = Not Installed
6. OS version, service pack, number of bits, UAC setting, & account type:
Windows XP, SP3, 32 bit
None in XP
CIS run as “Admin”
7. Other security and utility software installed:
8. Virtual machine used:
Microsoft Virtual PC-2007 with Service Pack 1
Thanks for all your help; great product; just wish it would work better under virtual environments.
– H.Parker (AucLinks)