I am curious what ccSvcHst.exe is doing with frequent TCP attmpts (port 80) even with all pertinent options
disabled (anything that would initiate an automatic internet check):
Automatic LiveUpdate
Norton Community Watch
SONAR
a few others I can't remember...
I run PeerGuardian from time to time simply to see what activity is going on. With HTTP blocked, I noticed repeated
attempts to connect to an address (sorry, I don't have the exact IP but it began with 67. and a whois indicated it was
owned by Symantec). The attempts were spaced around 5 minutes apart.
I fired up ProcessExplorer from Wininternals and when viewing the properties of ccSvcHst.exe and selecting the TCP/IP tab with the "resolve addresses" option checked, I saw the IP that was indicated in PeerGuardian.
Please keep in mind I had nothing else running on my PC and this behavior does not occurr in NIS 2009. I'm curious exactly why NIS 2010 needs to repeatedly contact Symantec. I ran the same test using both NIS 2009 and NIS 2010 and over a period of 30 minutes of monitoring each one, NIS 2009 never attempted to contact the internet unless I specifically asked it to (like a manual LiveUpdate).
PS:
I like the Norton product and my post isn't intended to belittle it. I am just curious what the activity is. It was
not another program on my system, my test was an identical environment. For those who may wonder why I
turn off certain features, I mainly use NIS for the superb anti-virus and the ability to control internet access on
a per-program basis.
Edit:
If needed, I can reinstall NIS 2010 and rerun the test, posting the IP address that PeerGuardian supplies.