NPDRIVER.SYS causes intermittent Blue Screen shutdown

Windows XP Pro SP2 fully updated
Norton Internet Security 2006 fully updated

About 1 in every 4-5 times that I boot, immediately after logon, when user software is loading, I get a blue screen that says that my computer has been shut down to prevent etc.... and the listed driver is npdriver.sys.  This is the Norton Protection Center driver.  The Web has several postings about this and other errors associated with NPDRIVER.SYS.  Several postings say that the driver is sometimes infected, especially in /SYSTEM32 locations.  Symantec's Online Chat suggestion is to uninstall and then reinstall Norton Internet Security 2006, because the file may be corrupted.  I can do this, but I'm not certain it would solve the problem.  Plus I've spent a substantial amont of time fixing "corrupted" Symantec files this way.  And I'm not certain that I would not be letting a virus or trojan remain active on my machine.  I've done a NIS full system scan, a Symantec online scan, a Windows Live OneCare scan, a Security Task Manager scan, and a BlackLight beta rootkit scanner.  Nothing turns up.  Just uninstall and reinstall, or is there a better solution?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I don't see any harm in an uninstall and then a reinstall. To be sure, you should first do an uninstall, then make sure that the file npdriver.sys has actually been removed from the C: drive, then reinstall.

If this fixes the problem, well and good.

You are correct that Norton will not catch every malware on your system. In addition to what you've already tried, I would suggest that you install Windows Defender from

Also, scan your machine with RootkitRevealer:
and just to be sure, run HiJackThis from:
You can post the log back to that same web site and click "Analyze" at the bottom to get the results analyzed.

Also, from a command prompt, type:

 > netstat -ab

to see what ports are open and by which programs.

If you pass all these tests you can be reasonably sure you don't have malware but post back if anything seems suspicious..

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TollandRCRAuthor Commented:
My system checked clean after running each of the tools that r-k suggested.  So I uninstalled BOTH Norton Internet Security 2006 and Norton SystemWorks 2006 (having learned in the past that both must usually be reinstalled), ran Symantec's removal tool (to purge the system of anything remaining after a normal uninstall), ran Microsoft's Windows Install Cleanup tool, and reinstalled the software.  No blue screens (yet).  The Chat desk at Symantec was probably right: the NPDRIVER.SYS file had been corrupted but not infected.  This is about the fourth time that a Symantec file has become "corrupted" on this machine, requiring a complete uninstall and reinstall.  If I ever figure out how these files are being corrupted, I'll post a comment.  Any ideas on this would be welcome.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.