GesWAll conflict (3.0.14 x32)[Fixed]

Not a bug indeed. It,s a conflict. Using GW 2.7 beta and CFP v

If I launch any application inside GW( isolated), I get a lot of popups about the application istalling a global hook MSCTF.dll and these popups can,t be remembered no matter how many times i choose rememmber and allow.

Only workaround at the moment is to apply a pre-defined security policy9 like treat as isolated application) that gets rid of this pop up but it causes a lot of CPU spikes.

If i disable GW policy, no such alerts.

Is it possible to address it in next build? Thanks

[attachment deleted by admin]

I suspect these cannot be remembered by CFP because GW is applying the hooks on the fly (dynamically) every time you use it & probably to its own version of the application concerned (for obvious reasons). Nature of the beast (GW) I guess. Not sure if it’s a bug on CFPs behalf (unless the CPU spikes are)… but, it might indeed need coding work to resolve… I would also recommend reporting this to GW’s people… as it might require work from both sides or cooperation to resolve.

Add that DLL to * policy (all application).
Anyway Geswall has some HIPS fetures so I guess you should use CFP firewall only install and configure GW to protect CFP.

It doesn,t resolve the issue!

I will notify them too.

Geswall is a sandbox.

you forgot to add “too” :smiley:

According to GesWall support, it is a Comodo issue, a bug he believes. GeSWall
doesn’t install global hooks and doesn’t use MSCTF.dll.

So they cannot fix this, it is up to Comodo developers. I wish to have some comments from developere here.


You could try to run GMER - Rootkit Detector and Remover to gather a list of hooked kernel functions. Geswall and D+ could rely on the same functions and this could cause an issue.

Maybe it would be a good idea to raise a Support Ticket.
Mention this topic and the answer Geswall developers gave to you. If you could quote their answer that could help too.

NOTE: If your reply from Comodo Support states that your support ticket was closed please don’t worry. You can reply to that email to reopen that ticket. Tickets are usually closed by default after a reply.

MSCTF.dll is a M$ CTFMon DLL, not a Geswall (or whatever) one. This dll is responsible for multiple keyboard layouts support in every app (i have this since i use EN-US and RU layouts).

So far I had raised two support tickets with Comodo( one about CFP v 2 and second about BOClean). Both had a dead end, so I will not try it again.

I have reported the issue here and if they will be interested, they can fix it. I am not even using CFP at the moment. I will try to post in the wish list though.

Too bad. We were invited to not submit Support tickets for issues described by other members.
Anyway it’s not a matter of “if they will be interested” the bugreport boards should be based on a cooperative approach to report bugreports but many members don’t even read the sticky notices nor create compliant topics. So bugs are difficult to track and sometimes to notice. Using a support ticket provide another channell to submit a bugreport.

When the bug is aknowledged it will usually get a priority score and will be fixed before lower priority ones.

I undersdtand taht but I can,t submit a support ticket as besides a bitter experience with the support tickets in the past, I don,t even have CFP on my system at the moment so I will not be able to provide any logs/ info etc.

OK, I went ahead and submitted a support ticket!

This is b’caz of very nature of MSOffice. More details can be found at following article:

So there is nothing wrong with CFP or GesWall.

Hope this helps.


Hi umesh, my points are as follows:

1- I get this alert popup only when I run anything inside sandbox( GesWall). And CFP will not remember this no matter how many times I allow with remember this option.

2- I don,t get this popup when I run my browser outside the sandbox( GesWall).

3- I don,t have even MS Office installed on my PC. I do have OpenOffic and MS OneNote though.

4- All I want is to get rid of this pop up and this action to be allowed silently. CFP doesn,t allow me to do so.

Thanks for any help.

Take care
all the best

The conflict is no more with latest version of CFP.