Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

I can’t deal with the question in your Subject – NIS 2008 - What is ccSvcHst.exe actually doing? But:

<< so had to first download and then install Systemworks first then NIS --It should have been simple - but it took me over 12 hours!     >>

This was for Systemworks and NIS 2008?

I’ve seen elsewhere here that if you do want to have both installed on the same system you must install NIS first and then when you install NSW you must make a Custom install and omit Norton AntiVirus – if you don’t you will get conflicts.

Was the 12 hours because of downloading on dial up?

There is terrific support here from Norton Staff – names in red – as well as from other users so you should get the help you need.

Would you answer the questions about versions and the 12 hours and then we can decide what next – almost certainly uninstall and run the Norton Removal Tool to clean up and then reinstall in the way recommended.

Thank you for your reply.

One of the reasons for the length of time is that after installing NSW/NIS - it wants to do a Live Update and scan - whilst you can stop the scan - the Live update continues in the background - I think it was ALEupdater.exe - it kept on getting so far and then it would stop

- as I mentioned it would use 100% of my CPU and make the PC unusable. Norton just kept on telling me I needed to update. Eventually I just left the PC running ( it appeared to have frozen as the CPU was at 100%) and would come back every 15 mins or so - it took about an hour for this stage - this had to be repeated as I was installing NSW 2006 - then the upgrade to 2008 and then NIS - at each stage Norton wanted to do another Live update.

I am on Broadband - so that was not a limiting factor. It actually took me a lot longer than the 12 hours - I tried to do some of the work on Friday night / Saturday morning - but all the Symantec Servers were down and the install could not continue - as I could not get past the activation stage! So I started again completely on Saturday morning.

When I ran the Norton Removal tool (2008 version) after it completed  and the PC rebooted it took me to a Symantec web-page and it gave me guidance as how to proceed - that guidance said to install NSW First and then NIS. In fact it stressed you must install NSW first if you are going to reinstall NSW & NIS.

BUT more importantly - where is your source that it is recommended that NIS is installed first and then NSW? 

Is it the official stance from Norton or just a user recommendation?

 << BUT more importantly - where is your source that it is recommended that NIS is installed first and then NSW?  >>

I was referring to messages posted by Norton Staffers -- names in red.

I suggest you do an across all the boards search on [NIS NSW] which will produce messages on this from users and staff. I'm on my way out in a moment but here is one which states the general position and also brings in version dates:

http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=2176 

There are plenty of other messages and you will find different statements about sequence but the critical matter seems to be that NSW which contains NAV must be a custom install with NAV not installed.

Thanks again.

Interesting - I had tried to read through the forum previously - but had not read that particular thread in full - there is a bit of conflict within that thread as "Users" ( no names) advocate the install of NIS and then NSW -

BUT

The "Staff" are saying the opposite - i.e. NSW and then NIS

with the caveat of not installing NAV within NSW - but this was then countered by saying that whatever version is installed the newer version will always "Win", so in my case I did:

1. NSW version-2006
2. Upgrade to NSW 2008 - this would include an upgrade to NAV 2008
3. I did initially try to install NIS 2006 - but Norton would not allow it - i.e NAV 2008 would win over the NAV in NIS 2006
4. NIS 2008 upgrade - the NAV upgrade would be the same as in the NSW 2008 upgrade

So I am happy that I have installed NSW & NIS in accordance with Norton's instructions - be it via this forum or via the web-page that I was directed to after using the Norton Removal tool 2008.

I was not relishing having to uninstall again! So now we can concentrate on the original question:

So what exactly does this program do and is there a conflict with IE to generate my 100% CPU?   

I did have another few queries which are detailed more in the original posting above.

Thanks

You will find that varying statements between people here does happen, even between Norton Staff -- it may be serious or it may merely mean that it doesn't matter provided you deal with the aspect that does -- in this case the common item NAV.

On your general question I think you would do best to monitor and post in the thread(s?) that are already active on the topic of ccSvcHst You have seen how search works so you could drop that into the search box and identify the threads. The latest post I've seen in one shows a Norton Staffer trying to identify a continuing problem a user is having respecting "zombies" 9which is another search term you can use in relation to ccSvcHst.

Good luck.

Thanks -

Before posting on the forum I tried to do a search for a comparable problem and if found one I would have added my input into that thread as having duplicate threads running is not wanted on any forum of this nature.

I looked at your suggestion but the reference to "zombie"s - i.e. programmes that do not cleanly shut down was in respect to Norton 360 and I feel it is therefore not appropriate to include my comments into that discussion  - unless of course I have totally missed your point?

Based on this I raised a separate topic thread and hope that a member of Staff will review this and give an answer to the original question: 

  So what exactly does this program do and is there a conflict with IE to generate my 100% CPU?    

(Plus the other few queries which are detailed more in the original posting above.)   

Thanks

I'll look out for it.

I would agree about not joining in a NIS problem into a N360 thread although I would imagine that it is the same ccSvcHst in both cases and perhaps the same triggers.

Good luck.

Having recently installed NIS 2008  I am still having the same issues ( see my initial post) - which in summary means my PC will sometimes effectively Freeze as the CPU stays at 100% whilst using IE  - whilst trying to resolve this I have noticed the following items which puzzles me:

I hope someone can explain this for me in layman's terms:

As I understand it - NIS creates program rules in the Personal Firewall section as and when I use them.

1. But why would Norton create what appears to my untrained eye "exactly" the same rule?
2. Why does it create some "Custom" Entries versus "Auto" or "Allow"

But when I look at the Rule for "Internet Explorer" there is one rule that seems contrary to what I expect:

The rule appears to "Allow" everything except:

Under the "Communications Section" it says:

Only allow communication that match all types and ports listed below

In the box below it says:

Remote domain (Port 53)

Is this correct / to be expected ?  (I thought that most websites used Port 80 for Internet Traffic)

I did modify it to temporarily allow all communications and my Browsing speed increased significantly - but have not modified any other program's ( see below) - but as the rules were all created by NIS 2008 wonder if I have misunderstood......... and this rule need to be applied.

What is the "normal" rule for IE ?

Thanks

ps - I have noticed that quite a few other programs have this Remote domain ( port 53) rule  - including  firefox - Windows System - Java - Windows update plus others

Hi,

Yes, in the default mode out of the box, the NIS firewall will create rules as needed for the program.  In your case, Internet Explorer may use many different ports for different types of traffic.  Port 53 (DNS), 80 (HTTP), and 443 (SSL) are the most commonly used ones by web browsers.  In your case, you should see a port 80 in the list after trying to browse to the site.  A couple of questions:

1) Did you notice which process was taking up near 100% of your  CPU time?  You can check by right clicking on the task bar and click on "Task Manager".  You can then sort by CPU % and see which process is taking up the time.

2) Have you fully LiveUpdated your NIS 2008 installation?

3) How often does this happen?  If you delete the Internet Explorer again and relaunch it, does the same issue occur? 

Short summary of port 53 (DNS) traffic:  This basically takes a named address (www.symantec.com) and translates it into an IP address.  Basically almost all programs that access the internet need this.

Let me know  your findings, thank you. 

Hi LostSoula2,

Sorry to hear thatthis have not gone as planned.

Your primary concern is that ccSvcHst.exe is chewing resources up and nothing you do will change it.  Is this correct?

You are using an older PC - P4 ... as in how old are we talking about?

I've had this problem myself and I posted a workaround.

What is your operating system?  Have you updated it with all of the latest service packs and patches?

Did you install the parental control add-on for NIS2008?  If so there is a known problem with this that will cause ccSvcHst.exe to consume CPU resources until the add-on pack is removed.  I've not bothered to see if this 'issue' has been fixed but I last tested it about 2 weeks ago - no joy.

Need to make certain that your system has the juice to handle the software ... 

Will await you responses ... 

Hi,

My bad.  XP SP2  - P4 2.2 and 1.5 gig RAM.  This chip appeared about 7 or 8 years ago.  My question about your system specifications is more pressing.  Older motherboards and components were great in their day (bleeding edge in fact) but 7 years if a lifetime in IT.

RAM isn't a problem per se.

The basic specs for NIS2008 and System Works 2008 aren't enormous but I would not bother running either product on minimum spec systems: possible - not fun.

BTW - if you line up 10 PC enthusiasts (pick 10 enthusiasts in any field) and ask atechnical question then you may get 10 different responses.  It's the nature of life - and the same in all technical fields from medicine to the military.  There are a number of roads to a solution and you need to bear in mind, not one of us is sitting beside you.  I'm in Australia and others (here) may be from Europe or the UK or Russia or China.

I installed the parental add-on pack onto NIS2008 and it was fine until I activated the settings.  Once I did then CPU went off the chart and remained that way for days until I uninstalled it.  As soon as I did thing went back to normal.

See here.

I clicked solved in error.  And yet it's solved so long as the add-on was not installed.

Can you please let me know what the state of the world is with your PC?

What Symantec products are installed - versions / add-ons?

Have you resolved your high CPU resource use ... is it always high (as shown on my thread) or high every now and then?

Mine remained high as soon as I altered settings and peaked with minimal activity - open notepad, for example. 

So ... let's see what's under the hood.

BTW - you are not running any other products like Zonealarm or a free AV or firewall solution?  Your OS firewall is set to off?

Just checking ..

Hi Mike & Chester - Thanks for your replies.  (Did try replying this morning - but my PC kept on "freezing" whilst I was composing my reply and in error I shut down all my IE tabs and lost my message to you guys!)

Mike - I am not sure we have the same issue............... As whilst I had NIS 2005 installed I found that IE 7 would occasionally consume 100% of my CPU - Task bar indicated "iexplorer.exe" and the process underneath the program that was responsible for the 100%  was "ieframe.dll"

This had been going on for some time and as indicated in my first post I tried numerous routes to attempt to resolve this.

I completely uninstalled NSW/NIS 2005 plus ran the Norton Removal tool 2008 and then installed NSW/NIS 2006 and upgraded to NSW/NIS 2008 running all the various live updates that were required. I did download the Norton Parental control add-on pack - found that it was too cumbersome for me (plus it hung whilst attempting e-mail training) and I switched it off - but left it installed.

I then noticed that the PC freezing had become worse after installing NIS 2008 and "leapt" to the conclusion that Norton and IE 7 had a conflict.

It had been mentioned that perhaps due to the age of my PC that this may also be an issue - I would hope not as my PC comfortably exceeds the minimum requirement to run Windows XP / Norton which is basically a Pentium Processor running  300mhz with 128mb ram. My specs are:

Specs from SiSoftware Sandra

Processor Model : Intel(R) Pentium(R) 4 CPU 2.20GHz

L2 On-board Cache : 512kB

Mainboard : ASUSTeK Computer INC. P4S266VX

System BIOS : Award Software, Inc. BIOS Revision 1003 Date 21/5/2002

Chipset 1 Model : ASUSTeK Computer Inc SiS650

Video Adapter : NVIDIA GeForce 6200

Total Memory : 1536MB DDR-SDRAM

Windows System : Microsoft Windows XP/2002 Professional (Win32 x86) 5.01.2600 (Service Pack 3)

I removed Internet Explorer 7 and then re-installed plus all the security updates - this had no effect and the hanging / 100% CPU still kept on appearing.

It had also been mentioned that the Parental Control might be a culprit - so I uninstalled that but to be honest noticed no difference....

I then uninstalled NIS 2008 - NSW 2008 - Live Update - Technical Support Web controls (I do not recollect installing this!) - then ran the NRT.

I then briefly browsed the Internet without any firewall or AV program and had no freezing / hanging issues - I had opened up a IE session with 8 tabs open and chose to view Loot.com as previously today with NIS 2008 etc installed I had noticed a strange occurrence - with Task Manager on Top and with my mouse resting on the Loot.com page, but without moving I noticed a repeatable pattern occurring -

Every 5 seconds ccSvcHst.exe would pop up in Task Manager for about a second taking a small amount of CPU and then immediately it had reduced back to Zero - iexplorer.exe would rise to 100% CPU and stay there for two or three seconds -

this cycle just kept on repeating

- If I moved my mouse away from the Loot.com web-page and placed it on the Task Manager the CPU reduced its consumption

- BUT immediately the mouse was resting on the Loot.com tab the cycle started repeating itself.

As you can see in the screenshot below:

 I then activated the Windows firewall and checked to see if any difference occurred whilst browsing the same scenario - No problems seen.

I then downloaded a Free copy of AVG 8 and installed this - repeated the same as above - i.e.. IE 7 with 8 tabs - mouse resting on Loot.com - no Hanging seen.

I have now been using my PC in this mode for another 7-8 hours - I had noticed that AVG does do a scan about every minute and the CPU will spike up briefly and then drops back - on a few websites  - ebay.co.uk -  pistonheads.com I have seen the CPU raise to 100% briefly or for up to a second when moving back a page - i.e.. When viewing an item on eBay and going back to the list of items for sale.  But the PC remains usable.

So to summarise it appears that there is an incompatibility on my PC between Norton and IE 7 - whether its because of the age of my PC or its configuration  I cannot comment -

BUT it does appear odd that ccSvcHst.exe checks something every 5 seconds  and this causes the CPU to rise to 100% for IE.

I have no solution to offer - apart for me to completely uninstall Norton and to rely upon another companies AV and Firewall  which is not an ideal solution.................

- I did a Google search this afternoon and found a few more reference to the fact the Norton is not totally compatible with IE 7 and that excessive periods of a PC freezing had been seen - but no solution was discussed.

It would be appreciated if any other user or "staff" on the forum could attempt to replicate the above - and thus we may be able to establish if its a common problem with any configuration PC or related to the age of the PC?

or preferably offer a solution 

Thank you.

Hey lostsoulal2,

The post above about different users having different ideas is almost certainly right :-). However, I'm running an overclocked (approx) 3Ghz system with more RAM than you can shake a stick at but it still cranked the CPU to 100% when I visited Loot.com, something that few pages ever do. Two reasons I can see for this.

1 The number of pop-ups is frankly ridiculous. Blocked or no your CPU will still check them behind the scenes.

2. The front page itself is not particularly efficiently coded IMHO. This can cause ccSvcHST.exe  (part of whom's function is to check pages for unpredictable behaviours as far as I'm aware) to get mightily confused.

In some senses I think ccSvcHst.exe is actually doing you a favor.

Hi Webrat, Thanks for your comments - Interesting thought.

So are you suggesting it was:

 the web-page that was "generating" something every 5 seconds

 that then triggered ccSvcHst.exe to fire up and then confuse the hell out of iexplore.exe?

I could go along with that as I only see this sort of behaviour on certain web-sites - loot.com - ebay.co.uk - pistonheads.com to quote a few examples.

I have been browsing these web-pages for a number of years and it was only after upgrading to NIS 2008 that this scenario was noticed - hence my initial leap to blame NIS..................

How could we prove that it was the Loot.com web page that triggered the events ?

Thanks

ps - But I also see similar type surges in CPU % whilst browsing on this forum - in fact I mentioned before that even as I am typing this reply the CPU will often rise to 100% and my screen refreshes to an earlier section of my response - i.e I then have to scroll down to the insertion point to restart typing.

Hey lostsoulal2,

At the risk of getting a little off topic (but still trying to be helpful, so I hope the mods etc will bear with me) most pages will cause a brief CPU surge whilst they load, my point above was that Loot.com generated a very lengthy surge to the point where I almost hit 'End Task' in Task Manager - I then repeated the process after exiting my pop-up blocker (purely because I was now curious) and lo and behold was flooded with them.

Short surges are often generated by a process known as prefetch, where the browser assembles page content behind the scenes before displaying it - ensuring that the page displays properly and you do not have to wait for images to download etc. This is an accepted method to deliver a 'seamless' web experience, particularly for larger sites using a variety of web technologies.

Longer surges can be caused by a range of issues. One fundamental is poor site design, forcing your browser to use a display method known as 'quirks mode' which essentially makes a best guess as to how the site should be displayed on your browser. On small sites this may not be much of an issue, but on large ones it can cause the browser/CPU to go into what pro's I have spoken to term 'Deep Thought' whilst it tries to work out exactly what should happen. Good designers will use standards compliant coding which avoids many of these issues by feeding the browser information it immediately recognises and can process with minimal delay or CPU load.  

As for the issue with screen refresh on the forum post screen, my best guess is that this happens during busy periods, as I have seen it myself. The page itself is being constantly scanned either by the browser, server or both (otherwise you would not see what you write) but that scan is only one amongst countless operations the system has to perform. At some point it may put that operation 'on hold' and then revisit it when it has time.

I'm posting these thoughts largely because I use NIS 2008 and rarely have a problem with it in terms of affecting performance. If you really wanted to check your system stability vs. specific website functionality you could employ a 'typhoid mary' system i.e connect an unprotected (newly formatted) laptop to the same sites you would ordinarily use and see what happens. It's not a method for the faint hearted but as long as you limit any sensitive info to the absolute minimum required to perform the check the risks of the short term usage required should be acceptable. Of course, that is entirely up to you to judge :-)

Do you have the updated new version of Java? (There is a recent new one) Download it or go to another computer to download it and install to your computer desk top via CD/DVD Older ones can be a security risk Go to add/remove and get rid of all older versions.  Now install the new version.
Have you tried another browser fire fox 3 (instead of IE7?) to check performance? 

Check add/remove for any programs that do not look right. 

Could you temporarily disable Phishing Protection and check?  Also, have you run Cleanup within Norton SystemWorks yet? 

By the way, to answer an earlier question, GoBack can take a long time to uninstall when there have been a lot of recent changes on the system.  GoBack is a sector based real time monitoring recovery program.  While uninstalling, the history is cleared in a 16 bit DOS environment, so groups of a large number of changes can really slow that process down.