Dear Joash,
the SymHelp report is not a universal tool for every kind of IT issue. It is not designed to investigate on suspected memory leaks. PoolMon is the tool for such things, plus memory dump analysis:
http://support.microsoft.com/kb/177415/en-us
According to my experience, SEP 12.1 might cause high non-paged memory usage due to the fact that, even if NTP is not installed, the Symantec network driver is still loaded.
Try to disable the Symantec network driver (it is not necessary when the NTP is not installed) and let us know if you still see the same issue:
SC config <DriverName> start= disabled
Where <DriverName> is:
SymTDI: For Windows XP and 2003 servers
SymTDIv: For Windows Vista and 2008 (up to SP2) servers
SymNets: For Windows 7 and 2008 R2 servers
After the command completes successfully, the system should be restarted so the drivers can be disabled.
To restore functionality, type the following command then restart the system:
SC config <DriverName> start= system
You also need to distiguish a memory leak by "just" a high usage, it is not the same at all.