Many rules fail to initiate rewrite to https & some that do produce insecure sessions
Navigating to symantec.com, www.symantec.com, mcafee.com, ibm.com, www.mcaffee.com, npr.org, www.npr.org, nytimes.com, www.nytimes.com among many others results in "This website does not supply identity information". For some the site icon in a larger area appears that would suggest secure occasion occurs briefly. Examples that rewrite to https successfully include eff.com, torproject.org, adobe.com, mozilla.com. Entering full url https://full_host_name will establish a secure session for many of those that otherwise fail to rewrite. For npr.org gets rewritten to https://www.npr.org but doesn't connect in https scheme. Correct rules show in the HTTPS Everywhere control most of time but for some such as oracle.com the only rule identified is 2o7.net Navigating to https://www.oracle.net does not result in secure scheme but oracle logo appears to left of url. computerworld.com behaves similarly except that it's rule and 12 others including 2o7.net appear in the control list. lenovo.com and symantec.com both appear at first to have a secure connection which then is replaced by insecure but has been rewritten as https://www.lenovo.com/us/en/.
Disabled all addins and navigated to several of the sites where the https rewrite appeared to have happened and the results were as follows: IBM - secured, Oracle - not secured, NPR - not secured, NYTimes - not secured and Lenovo - not secured. Using Chrome without the beta HTTPS Everywhere, IBM - secured; Lenovo, NPR, NYTimes, Symantec - connection secure but other resources partially secured; McAfee - not secured.
Symptoms sound like virus/trojan but have run latest version of Microsoft msert.exe which found no infections. Norton as shown below is always on with real time protection and full scans daily.
Any ideas about what is going on welcome.
Environment: Windows 7 Ultimate SP1 w Norton Internet Security 220.127.116.11 on workstation behind SPI router/firewall; Firefox 12.0 w all Addons disabled except: HTTPS Everywhere 2.0.2, Norton Toolbar 2012.5.3.7, Norton Vulnerability Protection 10.1.0.68 - 3, Secure Login 0.9.9, Following plugins current: Flash, Java, MS Office, Nitro PDF 7.3, Acrobat 10.1.2.45 not current: GoogleUpdate disabled, Silverlight.