Norton - Connectivity To This Website Is Not Secure

Oh My! · Mar 30, 2025 at 9:08 PM

My pleasure. I was hoping we could resolve it.

Thank you for hanging in there as long as you did and your prompt replies. We gave it a good shot.

Gary

Oh My! · Mar 30, 2025 at 9:49 PM

Just remembered we should reverse our last registry key fix, even though it didn't complete successfully.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonSvc.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonUI.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPNSvc.exe
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

Fishhead · Mar 30, 2025 at 10:04 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-03-2025
Ran by Peter (30-03-2025 19:03:03) Run:14
Running from C:\Users\Peter\Downloads
Loaded Profiles: Peter
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonSvc.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonUI.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPNSvc.exe
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
End::
*****************

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonSvc.exe => could not remove, key could be protected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonUI.exe => could not remove, key could be protected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPNSvc.exe => removed successfully
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"DisableExceptionChainValidation"="0"
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32Info.exe]
"DisableExceptionChainValidation"="0"
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clview.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CMigrate.exe]
"DisableExceptionChainValidation"="0"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cnfnot32.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cscript.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllhost.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions]
"mscoree.dll"="1"
"NAVOPTRF.dll"="1"
"jvm.dll"="1"
"mscorwks.dll"="1"
"javai.dll"="1"
"PMSTE.dll"="1"
"Vegas60k.dll"="1"
"Cleanup.dll"="1"
"symlcnet.dll"="1"
"main123w.dll"="1"
"DJSMAR00.dll"="1"
"divx.dll"="1"
"ppw32hlp.dll"="1"
"ASSTE.dll"="1"
"msjava.dll"="1"
"TFDTCTT8.dll"="1"
"mscorsvr.dll"="1"
"DRMINST.dll"="1"
"vb40032.dll"="1"
"NPMLIC.dll"="1"
"eMigrationmmc.dll"="1"
"mso.dll"="1"
"eProcedureMMC.dll"="1"
"eQueryMMC.dll"="1"
"vbe6.dll"="1"
"xlmlEN.dll"="1"
"msci_uno.dll"="1"
"divxdec.ax"="1"
"Apitrap.dll"="1"
"NSWSTE.dll"="1"
"udtapi.dll"="1"
"ISSTE.dll"="1"
"EncryptPatchVer.dll"="1"
"jvm_g.dll"="1"
"fullsoft.dll"="1"
"ums.dll"="1"
"AVSTE.dll"="1"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drvinst.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ehexthost32.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excelcnv.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ExtExport.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FIRSTRUN.EXE]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FlashPlayerApp.exe]
"DisableExceptionChainValidation"="0"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\graph.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ie4uinit.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ieinstal.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ielowutil.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ieUnatt.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe]
"MitigationOptions"="0001000000000000"
"DisableExceptionChainValidation"="0"
"DisableUserModeCallbackFilter"="1"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LICLUA.EXE]
"DisableExceptionChainValidation"="0"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorsvw.exe]
"MitigationOptions"="0000000001000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msfeedssync.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mshta.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msohtmed.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msosync.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msqry32.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ngen.exe]
"MitigationOptions"="0000000001000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ngentask.exe]
"MitigationOptions"="0000000001000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonSvc.exe]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonUI.exe]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenotem.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\orgchart.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSPPREARM.EXE]
"DisableExceptionChainValidation"="0"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PresentationHost.exe]
"MitigationOptions"="1111110000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PrintIsolationHost.exe]
"MitigationOptions"="0000200000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RdrCEF.exe]
"DisableExceptionChainValidation"="0"
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RdrServicesUpdater.exe]
"DisableExceptionChainValidation"="0"
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll32.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runtimebroker.exe]
"MitigationOptions"="0000000001000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanost.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanpst.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotocolhost.exe]
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\selfcert.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setlang.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\splwow64.exe]
"MitigationOptions"="0000200000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoolsv.exe]
"MitigationOptions"="0000200000000000"
"DisableExceptionChainValidation"="3"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SystemSettings.exe]
"MitigationOptions"="0000000001000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winword.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordconv.exe]
"MitigationOptions"="0001000000000000"
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscript.exe]
"DisableExceptionChainValidation"="3"

=== End of ExportKey ===

Oh My! · Mar 30, 2025 at 10:14 PM

Norton is still giving us a hard time.

Please boot into Safe Mode, disable Norton as you did before and run the script again.

Fishhead · Mar 30, 2025 at 10:56 PM

First, I could not disable auto-Protect and Smart Firewall while in safe mode. So I did it prior going into safe mode. Even though they were turned off until the next boot.
Once in Safe mode I ran FRST and immediately a notice appeared telling that Fixlog.txt had been copies to my desktop

I never copied the other text.

Here is that log.

Result of scheduled files to move (Boot Mode: Safe Mode (minimal)) (Date&Time: 30-03-2025 19:48:11)

Result of scheduled keys to remove after reboot:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonSvc.exe => removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NortonUI.exe => removed successfully

==== End of Fixlog 19:48:11 ====

Is this correct of a log from before?

Oh My! · Mar 31, 2025 at 9:31 AM

That is perfect. Now we are all set.

Fishhead · Mar 31, 2025 at 10:48 AM

So what is it that I should be doing now?

Oh My! · Mar 31, 2025 at 2:28 PM

If you have no further questions or issues I will post some tool/log cleanup instructions.

Fishhead · Mar 31, 2025 at 2:37 PM

Please do.

Oh My! · Mar 31, 2025 at 2:40 PM

I feel like I am losing a friend but........

Here is our final step and some additional information to consider.

===================================================

KpRm by Kernel-panik

--------------

Download KpRm and save it to your Desktop (see here if you must use Chrome)

Note: If the file is detected as malware it is not and it is safe to download. The detection is a false positive.

Right click on the icon and select Run as administrator

Click Yes on the Disclaimer

Place a check mark in Delete Tools, Create Restore Point, and Delete in 7 days

Click Run

Click OK on All operations are completed

KpRm will delete itself from you Desktop and you can either save or remove the report that is generated

You are free to remove any other tools/reports still remaining

===================================================

All Clean!

--------------

Your computer is now clean. Please consider this going forward.

===================================================

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean.

Have you Been Hacked? 10 Indicators That Say Yes

So How did I get infected?

How to Spot the Real Download Button on Websites

Pirated Software is All Fun and Games Until Your Data is Stolen

Do You Need Anti-Ransomware Software for Your PC?

How Browser Extensions Turn Into Malware

Why You Should Update All Your Software

How Safe Are Password Managers?

Whats the Best Way to Back Up My Computer?

Why Is My Internet So Slow?

Thank you for placing your trust in Major Geeks. It was a pleasure serving you.

Log in or Sign up

Norton - Connectivity To This Website Is Not Secure

Oh My! Malware Expert Staff Member

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Log in or Sign up

Norton - Connectivity To This Website Is Not Secure

Oh My! Malware Expert Staff Member

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Fishhead Private First Class

Oh My! Malware Expert Staff Member

Useful Searches