NIS 2010 frequent TCP attempts with options disabled

I am curious what ccSvcHst.exe is doing with frequent TCP attmpts (port 80) even with all pertinent options

disabled (anything that would initiate an automatic internet check):

 

Automatic LiveUpdate

Norton Community Watch

SONAR

a few others I can't remember...

 

I run PeerGuardian from time to time simply to see what activity is going on. With HTTP blocked, I noticed repeated

attempts to connect to an address (sorry, I don't have the exact IP but it began with 67. and a whois indicated it was

owned by Symantec). The attempts were spaced around 5 minutes apart.

 

I fired up ProcessExplorer from Wininternals and when viewing the properties of ccSvcHst.exe and selecting the TCP/IP tab with the "resolve addresses" option checked, I saw the IP that was indicated in PeerGuardian.

 

Please keep in mind I had nothing else running on my PC and this behavior does not occurr in NIS 2009. I'm curious exactly why NIS 2010 needs to repeatedly contact Symantec. I ran the same test using both NIS 2009 and NIS 2010 and over a period of 30 minutes of monitoring each one, NIS 2009 never attempted to contact the internet unless I specifically asked it to (like a manual LiveUpdate).

 

PS:

 

I like the Norton product and my post isn't intended to belittle it. I am just curious what the activity is. It was

not another program on my system, my test was an identical environment. For those who may wonder why I

turn off certain features, I mainly use NIS for the superb anti-virus and the ability to control internet access on

a per-program basis.

 

Edit:

 

If needed, I can reinstall NIS 2010 and rerun the test, posting the IP address that PeerGuardian supplies.

Message Edited by MrSmite on 01-07-2010 04:35 PM