They need to follow the steps outlined in the KB article mentioned below to resolve the issue :
http://www.symantec.com/business/support/index?page=content&id=HOWTO59193
Could you confirm if the customer has followed the above KB article?
For now there are two suggestions that could possibly work in the current situation.
1/Customer needs to follow the KB article mentioned above to clear the corrupt virus definitions and restart the server in question.
2/They need to follow the above KB article and then try using the task kill utility with the switches mentioned below to see if the ccSvcHst.exe process could be gracefully killed. This utility should be available by default in the C:\Windows\System32 folder on the affected server.
taskkill -F -IM ccSvcHst.exe
Once the customer has followed the correct procedure to clear the corrupt virus definitions, the issue should not re-occur in future. However, if it does, we would be glad to investigate that further.
Another solution is to set the service to disabled then reboot.