CPF Newbie, ZA Refugee... A couple questions

I loaded CPF last Friday after unloading ZASS. Friday and Saturday I was using my Spy Sweeper 5.2 w/ AV for my AS/AV apps. Sat. evening I loaded NOD32 trial and turned SSW AV shields off. My PC is XP SP2 w/ IE7. Everything has been running pretty well for the most part but I have a couple questions.

1.) Sat. am before loading NOD32, I experienced a serious slowdown of web page loading. So slow you could see the message text appear character by character on the ZA users forum. It seemed to go away after rebooting the PC and it is possibly a problem w/ SSW and IE7 but if anyone has an other suggestions as to what was causing the slowdown, they would be appreciated.

2.) I have not received my license and confirmation e-mails yet for CPF. I downloaded the setup file last Thursday and provided my name and e-mail address. Should I just continue to wait for these or should I send someone an e-mail about this.

3.) I have got a lot (several hundred) of warnings on my activity log. Almost all are the same warning - Medium severity from the network monitor - "Inbound policy violation (Access denied, Protocol = IGMP). These occur two at a time every 2 min. 5 sec. like clockwork. I have attached screen shots of the log file and network control rules. These warnings don’t appear to be hurting anything but they clutter the log file so much, you can’t see anything important that might be there. I have not set up any trusted networks or added any rules, so the present rules must be CPF defaults? There was another thread on this a month or so ago setup by ROY (Topic: V2.3.6.81 IGMP inbound from router) who apparently figured out how to fix it but I’m not knowledgable enough to figure out what he did or why the problem occurred in the first place. Any help with this would be appreciated.


SSW 5.2 AS shields on, AV shields off

[attachment deleted by admin]

  1. the problem you are talking about is wellknown and is IE7 problem as i and everyone els i know who is using IE7 gets that random slow down from time to time

  2. i cant help you with

  3. it could be from your isp…but i would change my ip if i were you…by using the ipconfig command

Hey oldshep,

  1. As Trevor correctly pointed out, there have been numerous reports of IE7 experiencing intermittent slowdowns just as you describe. In the words of St.William of Redmond, “Reboot, reboot and sin no more.”

  2. The Comodo activation emails are sometimes trapped by junk filters. Please check your emails junk filters and/or your ISP’s filters. If you don’t do any good there, send me an PM and I’ll forward a code for you via PM.

  3. IGMP is the protocol that’s used for multicast group membership. If you don’t need it, you can create a rule in the Network Monitor to filter these. Details of the rules are as follows;

Action : BLOCK
Direction : IN
Protocol : IP
Source IP : ANY
Destination : YOUR IP ADDRESS (or ANY)
IP Details : IGMP

This rule needs to be ABOVE the “catch all” blocking rule that is usually at the bottom of your rules list. That should be the end of the IGMP alerts. you will need to check that your apps still run as you expect them to, though.

Hope this helps,
Ewen :slight_smile:

Hey Ewen, Thanks for the quick response.

1.) I figure IE7 had something to do with the slowdowns since I’ve been having intermittent pblms ever since I did the upgrade. Had to change a bunch of privacy rules in ZA etc. To date, no one thing I’ve done has completely fixed the problem so IE7 is definately a suspected culprit.

2.) On the license and confirmation e-mails, I’ll wait around till tomorrow afternoon and if I don’t get anything I’ll send you a pm. The e-mail address I gave Comodo is a web mail account and I don’t know what gets filtered there. But I did get the “Welcome to the Comodo User’s forum” e-mail on that account.

3.) I did a little checking on the web and in my router manual. My router does have IGMP routing enabled. This router was supplied by the phone company as I have fiber optic phone / TV / Internet service combined. The TV set top box uses the internet to update its program guide so maybe the the router needs to do these broadcasts for the TV program guide. I could try disabling the IGMP broadcast in the router but that might screw up the cable TV.

I did input the rule you suggested and the warnings appear to have stopped and I still have internet access :-). I’ll keep an eye on things to see if any of my applications stop working and post back if needed.

Thanks again for your help… and as far as I can tell, CPF is working quite well.


hmm i thought that comodo came default with IGMP blocked?..Never noticed as i always replace the rules in comodo with my own

I just installed a few days ago and this rule was there by default. I also have warnings in my logs.

When would you need a rule for this IGMP? What kind of programs would it be linked too? I’m curious cuz I see blocks in my log but I don’t know what is causing them to be there.


Rilla927 (R)

One other pice of info. I find that when I restart my PC, there is one outbound IGMP blocked by CPF. New Logs and network control rules pics are attached after adding the rule Ewen suggested.

The only other thing I can think of is when I had ZA, there was a trusted zone setup for the “Loopback Adapter”. I’m not sure why it was there but folks on the ZA forum said it was harmless and used for “internal computer” communication. Could this IGMP communication be related to the Loopback adapter?


[attachment deleted by admin]

The IP that showed up in the alert log is part of the IGMP block of IP addresses -

Here’s a detailed article about IGMP…


It made my head hurt trying to read it, so I just browsed thru… ??? ;D


1.) Sat. am before loading NOD32, I experienced a serious slowdown of web page loading. So slow you could see the message text appear character by character on the ZA users forum. It seemed to go away after rebooting the PC and it is possibly a problem w/ SSW and IE7 but if anyone has an other suggestions as to what was causing the slowdown, they would be appreciated.

Hi oldshep,

There is a known issue between SpySweeper 5.2 & IE7, having to do with the Java Runtime Environment. I had this problem soon after I updated to SS 5.2 & IE7. If you install install the the latest JRE 5 Update 10, your webpage loading should get back to normal.

Here is a location for the latest JRE: http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html

Hope this helps!

I just updated my java runtime & got update 9 & went in again after I installed that one & it tells me that It is the most current version available. Tried to open the link you mention with update 10 & it won’t let that page load
I’m also tired of my slow pages.


KingKull, I decided to call Webroot support just for the heck of it. After waiting on hold for 20 mins., the Webroot tech told me that their latest version ( was supposed to fix the Java problem and speed things up. I’ve been changing so much on my computer lately that I can’t remember if this latest version was loaded during the last serious net slowdown I experienced. Anyway, I downloaded the file you suggested but I’m going to wait a bit to see how things are running before I apply it. When I asked the Webroot tech about the JAVA update, she kind of shrugged her shoulders and said “try it if you want to”.

Anyways, thanks for the info.


Hey oldshep,
Just a quick note. I installed the 2132 SS update before doing the JRE update, and at least for me, it didn’t bring the browsing speed up to snuff. On my end, the JRE update did the trick. Good luck, and post back with your results!