ccSvcHost Not Responding on Shutdown

Hi

 

I have a three PC License and recently installed NIS2010 on my son's PC using exactly the same installation as I did on my own.  He is using Windows XP Professional with Service Pack 3.

 

Everything works as it should other than he is getting a message on shutdown saying that ccSvcHost is not responding.  Using the "end now" button then permits the PC to shut down.

 

Searching the web for this problem only refers to problems with ccSvcHost and NIS2007

 

Can anyone suggest what might be the problem?

This message comes when the norton doesnt shutdown properly when the computer is shutting down. You can try reinstalling the norton.

Hello EricG

 

If you can reproduce the problem and are able to get some logs, would you be interested in helping Symantec with this problem ?

Hi

 

Yes I can assist but what logs are you referring to?  Would I need to set up NIS2010 to produce the logs or are they produced automatically?  Where would I find these logs within the system?

Hello EricG

 

I asked earlier today to find out the procedure to be followed since I haven't asked this of anyone before. I am awaiting an answer either to me or a response from Symantec Employee, names in Red, in the thread.

FWIW

found these instructions from Tim asking for Logs...

 


 

Here are the instructions on gathering logs:
1) Download SymNRA from this KB Document - http://www.symantec.com/norton/support/kb/web_view .jsp?wv_type=public_web&docurl=20080507162141EN

2) Follow the instructions on the document. However, on Step 2 item 6, check ALL the boxes in the Advanced Options.

3) Reproduce the issue (try to open the Main UI)
4) Click Finish - you may be asked to reboot.
5) Fill out the survey again, and make sure to check all the items in Advanced Options again.
6) After information is gathered, it will display the location of the logs.
Once you have the logs ready, please send me a Private Message

and I'll send you the instructions on where to upload the file.

Cheers,
Tim
Norton Forums Administrator

 


this is copied from my archives...not specific to this issue.

 

Not from Tony Weiss for this issue...copied from my archives....

 


 

Creating and Gathering Logs

 If you encounter a problem with a Norton product, occasionally our teams need to gather detailed information about the issue. These come in a few forms, most commonly as logs. Most of the time, your system won't create the logs unless you get the problem to occur again with a logging tool enabled. Below are steps to setup the tool and to generate those logs. Also note that you can type anything into the "case number" field; it doesn't matter what you enter.

1) Visit the below site:

http://www.symantec.com/norton/support/kb/web_view .jsp?wv_type=public_web&docurl=20080507162141EN

2) Make one change to the steps listed:
Step 2.6: Check all the advanced options
3) In the end, no files will be sent to Symantec. The file to upload will be located here:

On Windows XP:
C:\Documents and Settings\All Users\Application Data\Symantec\ErrLogs

On Windows Vista:
C:\programdata\Symantec\ErrorLogs

4) Rename these files to your username, and upload the logs to the location provided by the Symantec Employee.

Creating and Gathering Complete Memory Dumps

 

We all dread the Blue Screen error, commonly referred to as Blue Screen of Death (BSOD). By default, Windows is only configured to create a small memory dump --
the minidump -- when a BSOD occurs. However, the minidump does not provide us with enough information
to figure out the problem. For this reason, we ask that you first
manually configure your computer to write a full memory dump in case
the system failure occurs again. This way, we can capture all the
critical data. By default, the full memory dump will be located in your
Windows folder, and will be called "MEMORY.DMP".

 

NOTE: You need to be logged in as Administrator to be able to create a Complete Memory Dump.

 

Windows XP:
1) Go to the System portion of the Control Panel (Shortcut: Windows Key + Pause/Break), then Click on the Advanced tab.

2) Under Startup and Recovery click Settings.

3) Click the drop-down menu under Write debugging information and select Complete memory dump.

Windows Vista:
1) Go to the System portion of the Control Panel (Shortcut: Windows Key + Pause/Break), click Advanced system settings, and click on the Advanced tab.

2) Under "Startup and Recovery" click Settings.

3) Click the drop-down menu under Write debugging information and select Complete memory dump.

 

4) Perform the action that causes the BSOD.

5) Find and compress the dump file, rename it to your username, and upload it to the location provided by the Symantec Employee.


 

Creating and Gathering User Mode Dumps

 

There may also be program crashes or hangs that do not cause a Blue Screen Error. In Symantec products, you'll typically see a spike in CPU use of the process "ccsvchst.exe" and a Symantec Service Framework error. For these types of issues, we will need to gather a User Mode Dump of process. Creating User Mode Dumps of running processes is very easy for Windows Vista, but it is a little more complicated in Windows XP. Below are instructions for creating User Mode Dumps for both operating systems. The dump creation process may take a long time, so please be patient.

 

Windows Vista:
1) Launch Task Manager. (CTRL+SHIFT+ESC)
2) Select the Processes tab.
3) Click Show processes from all users. (if not running as Administrator or not the only user account on the system)
4) Right-Click all ccsvchst.exe processes, and select Create Dump File.

5) Perform the action that causes the crash.

6) Compress and upload the dump to the location provided by the Symantec Employee.

 

Windows XP:
1) Install Debugging Tools for Windows:
    a) http://www.microsoft.com/whdc/devtools/debugging/i nstallx86.mspx,

 
download and install the most recent program, doing a COMPLETE install.
    b) Locate ntsd.exe. (probably in "C:\Program Files\Debugging Tools for Windows")
    c) Launch command prompt.
    d) Switch to directory containing ntsd.exe in command prompt.
    e) Leave the command prompt open for the duration; you will be entering a command in this window to obtain the dump.

2) Shutoff SymProtect Tamper Protection before the problem happens. This can be done in Settings > Administrative Settings. You should only shut off SymProtect temporarily. Perform the action that causes the crash. When the dump is collected, be sure to TURN IT BACK ON.

 

3) Locate ccSvcHst.exe using too much CPU time:
    a) Launch Task Manager. (CTRL+SHIFT+ESC)
    b) Select the Processes tab.
    c) Click show processes from all users.Check the box for PID and click OK.
    d) Wait for or re-create hung process.
    e) Write down PID of ccSvcHst using too much CPU.

 

4) Create dump of ccsvchst from the command prompt (it will take a long time to create the dump). Type all of the below, replacing [PID] with the PID number you wrote down:

        ntsd.exe -p [PID] -c ".dump /mfh c:\ccSvcHst.dmp; .detach; q"

5) IMPORTANT: turn back on SymProtect Tamper Protection when the dump is finished being created.

6) Compress and upload the dump to the location provided by the Symantec Employee.


Creating and Gathering SEAST Logs for Norton Ghost

 

The log gathering tools for Norton Ghost are a bit different -- they are included with the software. Also note that you can type anything into the case number field; it doesn't matter what you enter:


1) In [Installed Drive Letter]:\Program Files\Norton Ghost\Utility, launch seast.exe.
2) Choose Gather Technical Support Information and wait for the confirmation screen.
3) Navigate to [Installed Drive Letter]:\Documents and Settings\All Users\Application Data\Symantec\Norton Ghost. Several files should have been generated in the "Support" folder. (for Vista, [Installed Drive Letter]:\ProgramData\Symantec\Norton Ghost\Support)
4) Zip the contents of the Support folder, name it with your USERNAME, and upload it to the location provided by the Symantec Employee.

Message Edited by Tony_Weiss on 03-06-2009 03:54 PM
Message Edited by Tony_Weiss on 05-20-2009 09:33 PM
Tony Weiss
Norton Forums Community Manager
Symantec Corporation

Not from Tony Weiss for this issue...copied from my archives....

Hi

 

Thanks for the information.

 

I shall follow your instructions and provide the necessary logs at my earliest opportunity.  The PC is at my son's house so there may be a delay in responding - please bear with me.

EricG, I notice that this is occurring on your son's system. Do you have the add-on pack (parental control features) installed on his system? If so, this is a known issue that is expected to be resolved in the next add-on pack update. If not, and the problem is highly reproducible, then we'd like to get a crash dump for analysis. I can provide you further instructions for obtaining the dump if you don't have the add-on pack and are willing to assist.

Hi Reese

 

Yes, The add-on pack is installed but not enabled at the moment as this PC is fairly new.  Should I uninstall the add-on pack?

 

At the moment I am at his house but cannot now reproduce the problem.  I will have to wait until it happens again. 

 


EricG wrote:

Hi Reese

 

Yes, The add-on pack is installed but not enabled at the moment as this PC is fairly new.  Should I uninstall the add-on pack?

 

At the moment I am at his house but cannot now reproduce the problem.  I will have to wait until it happens again. 


The problem is timing related and may not happen every time. Uninstalling the add-on pack should remedy the problem. If not, let us know and we can look into it further.

 

P.S. I just realized that the fixed add-on pack was probably released today. Rather than uninstalling you might want to try getting all available updates and see if the problem goes away.

Hi

I have uninstalled the add-on pack as my son doesn't use it.  I shall have to wait and see whether the problem occurs again.

I uninstalled the Add-on Pack and the problem seems to have disappeared.

Hello EricG

 

Thank you for coming back and giving us an update. I'm glad to see that your problem seems to be resolved. Would you please mark the post which gave you the solution so that all will know that the problem has been solved and will be quickly able to find the solution. Thank you.

Hi

 

How does one mark the post?

Forget that last post - I just found it!