Ccapp.exe file description |
Ccapp.exe with description Symantec User Session is a process file from company Symantec Corporation belonging to product Client and Host Security Platform.
In total there are 6 launchpoints for this file including "Running processes".
There are 15 different variations of the file in our database and the file is
digitally signed from DynoMedia Incorporated - VeriSign Time Stamping Services Signer - G2
We do not recommend removing digitally signed files from DynoMedia Incorporated
What is ccApp.exe?
CcApp.exe is the Symantec Common Client Application. It is used by many Norton applications, including Norton AntiVirus, Norton AntiSpam, and Norton Internet Security. Norton uses it for its background virus protection and email scanning features.
This process is not essential to the operation of the system; however, it is essential to the proper functioning of Norton products. If you do not want to use the background scanning features of your Symantec software, you should disable it in the application. If you do not have any Symantec product installed, you should not have any processes with this name. The presence of this process on systems without Symantec software typically indicates a virus or spyware infection.
Dangers of ccApp
As ccApp.exe is a relatively common process that is found on any system with Symantec Norton software installed, it is common for virus writers and spyware vendors to disguise their malware as the genuine Symantec Common Client Application
Some malicious files will have the same name but will be stored somewhere other than in %ProgramFiles%\Common Files\Symantec Shared. Other malware will use a name that appears similar to the name of this process but with slight differences in spelling or with appended digits. The following malware is known to disguise itself as ccApp.exe:
- Adclicker-DF (%SystemRoot%)
- This is an adware application that lowers the infected system's internet security settings
- W32/Lebreat-A
- This worm opens a backdoor on port 8885 and attempts to perform a distributed denial of service attack on www.symantec.com
There will typically be only one copy of ccApp.exe running at a given time for each user that is logged in on a system with a Norton product installed. If multiple copies are running or if there is an instance running without any Norton software installed, the system may be infected with malware.
Common problems
- CcApp.exe uses 100% of the CPU when sending email
- If you are using Norton Internet Security, this can be caused by the outbound email scanner. Disabling the outbound email scanner should resolve the problem.
- If the above does not work, ensure that you have set a rule allowing your email client to access the network.
- CcApp wants access to port 8885
- Your system is probably infected with W32/Lebreat-A. See W32/Lebreat-A above.
- CcApp uses an excessive amount of memory
- There is a known memory leak in some versions of Norton Internet Security that causes this symptom. As a workaround, try setting a Permit rule for the program "Microsoft Generic Host Process for Win32 Services."
|
Automatic startup locations |
 |
001 Running Processes |
 |
002 Autorun registry entries local machine |
|
003 Autorun registry entries Current User |
 |
005 Current user startup startmenu |
 |
010 Installed services |
 |
033 Winlogon Userinit |
|
File versions in our database |
| |
Company |
Version |
Size |
 |
Symantec Corporation |
1.03.15 |
4294967295 |
|
Symantec Corporation |
107.0.0.74 |
406376 |
|
Symantec Corporation |
104.0.15.2 |
216680 |
|
Symantec Corporation |
2.2.1.004 |
136312 |
|
Symantec Corporation |
103.0.3.8 |
132720 |
|
Symantec Corporation |
2.1.0.610 |
132256 |
|
Symantec Corporation |
103.0.2.10 |
132216 |
|
Symantec Corporation |
104.0.15.2 |
130664 |
|
Symantec Corporation |
104.0.13.2 |
122472 |
|
Symantec Corporation |
106.3.0.10 |
116328 |
|
Symantec Corporation |
106.3.2.6 |
116328 |
|
Symantec Corporation |
106.3.2.7 |
116072 |
|
Symantec Corporation |
106.2.0.21 |
115816 |
|
Symantec Corporation |
106.3.3.16 |
115560 |
|
Symantec Corporation |
106.3.4.6 |
115560 |
|
|
Digital signatures found for this file |
| |
Signer of certificate |
Issuer of certificate |
 |
DynoMedia Incorporated |
VeriSign Time Stamping Services Signer - G2 |
|
Symantec Corporation |
VeriSign Time Stamping Service |
|
Symantec Corporation |
VeriSign Time Stamping Services Signer |
|
Symantec Corporation |
VeriSign Time Stamping Services Signer - G2 |
|
|
MD5 security rating in our database |
 |
 |
|
15 |
files (Not yet rated
and
not
signed) |
|
|
5 |
files (Not yet rated
and
digitally
signed) |
 |
|
327 |
files (Safe
and
digitally
signed) |
|
|
|
Some versions of this filename have not yet been checked for safety.
|
Fix ccapp.exe application error: Run a free registry scan
Warning: Some malware might rename itself to ccapp.exe. Always make sure that your file is from a verified publisher. |
|
| User comments for Ccapp.exe |
There are no comments yet.
|
|
Database statistics
Top process list
