NPE flags SYMTDIV.SYS as "bad"!!

JorgeA · ‎05-06-2009

Hello,

I just ran Norton Power Eraser using the rootkit reboot function, and when the results came back I got the following screen:

SYMTDIV.SYS1.jpg

In case you're wondering if this is some malware posing as a Symantec driver elsewhere on the computer, here is the location of the file, according to NPE:

SYMTDIV.SYS2.jpg

This is a false positive, right?

If so, then the question is, why would Norton Power Eraser be flagging one of Norton's own products as "bad"?

For my everyday security, I use Norton 360, version 5.

--JorgeA

dickevans · ‎04-08-2008

JorgeA,

NPE is a very aggressive tool for cleaning up systems. This is one of the reasons that it creates a log and allows you to reverse its decisions. False positives are possible and they do happen. This is one of the cautions we try to give users before suggesting that they use this tool. It is also near the bottom of the list of suggestions just because some of the other tools can do the job with less trauma involved.

Hope this helps

Dick
Win7x64 SP1 current NIS V20

JorgeA · ‎05-06-2009

Hi Dick,

Thanks for the explanation.

My PC has been sluggish over the past few weeks and I've been doing various things to lessen the load on it, to see if it becomes snappier again. But nothing seems to be making much of a difference, so I started to wonder if it might be some kind of well-hidden malware -- hence the rootkit scan with NPE.

And then it was startling to see that NPE would identify one of Norton's own files as "bad." I'm reluctant to tell NPE to "fix"it, of course, lest the operation play havoc with N360. As you said, it's possible to undo the damage, but "better safe than sorry"!

FWIW, no other online (ESET, F-Secure), on-demand (MBAM, MSERT), or even Linux-based Live CD scanner (Panda, AVG) has found anything wrong with my PC that could account for the sluggishness. I've moved videos and ISOs to an external drive, run Disk Cleanup, and defragged the hard disk, too.

--JorgeA

dickevans · ‎04-08-2008

Would it also be a correct assumption that you have rebooted a few times along the way? If your system stays on, like mine, an occasional break by being turned off for an hour or two can also do wonders.

History note, memory works faster warm, CPU slows with heat. That's going back to the days of the 8086 and 80286

Dick
Win7x64 SP1 current NIS V20

JorgeA · ‎05-06-2009

dickevans wrote:
Would it also be a correct assumption that you have rebooted a few times along the way? If your system stays on, like mine, an occasional break by being turned off for an hour or two can also do wonders.
History note, memory works faster warm, CPU slows with heat. That's going back to the days of the 8086 and 80286

Yup, you would assume correctly. Rebooting is one of the things I do when the computer starts acting sluggish; that way (I hope) it can start fresh again.

But lately that hasn't been helping all that much.

I did not know about the "memory works faster warm, CPU slows with heat" maxim. Seems like they more-or-less cancel each other out? What would the maxim imply for somebody who wants to quicken up their PC's performance? Launching programs and opening browser windows are often (but not always) slow to act. Hardware diagnostics aren't pointing to any problems in that respect.

I've also been delaying some startup programs, or disabling altogether the ones I never use, but I don't seem to be getting much additional mileage out of that.

--JorgeA

dickevans · ‎04-08-2008

JorgeA,

I haven't asked yet about the operating system, RAM and free disk space All of thosee also impact performance.

Thanks

Dick
Win7x64 SP1 current NIS V20

JorgeA · ‎05-06-2009

Hi Dick,

I'm on Windows Vista, Service Pack 1. Nominally it's a 500GB HDD, but after the "marketing GB vs. real GB" conversion that shakes out to 454GB once you account for the 11GB recovery partition. Of that 454GB in the C: drive, 275GB is free.

RAM is 4GB and I'm also using 4GB of an 8GB CompactFlash card as a ReadyBoost cache (free space is 3.46GB). Hmm, I've been using that CF card for a couple of years now -- wonder if it could be wearing out, like solid-state drives are said to after a while. Maybe that's the source of the problem.

Thanks for following up with me!

--JorgeA

dickevans · ‎04-08-2008

JorgeA wrote:
Hi Dick,

I'm on Windows Vista, Service Pack 1. Nominally it's a 500GB HDD, but after the "marketing GB vs. real GB" conversion that shakes out to 454GB once you account for the 11GB recovery partition. Of that 454GB in the C: drive, 275GB is free.

RAM is 4GB and I'm also using 4GB of an 8GB CompactFlash card as a ReadyBoost cache (free space is 3.46GB). Hmm, I've been using that CF card for a couple of years now -- wonder if it could be wearing out, like solid-state drives are said to after a while. Maybe that's the source of the problem.

Thanks for following up with me!

--JorgeA

That's why we're here. To assist The ReadyBoost may be something to investigate. I would expect no change in performance if the card is bad and removed. You might even see an increase if it is shorting rather than an open circuit. If you are running x32 then there is a limit on the amount of RAM the OS will recognize and use. Running a memory disgnostic might not be a waste of time either

Dick
Win7x64 SP1 current NIS V20