IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> KIS blocking me from ebay?
jonnyred
post 31.01.2009 15:06
Post #1


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




Hi just wondering if you can help. Since yesterday KIS is blocking me from signing in to ebay, never happened before in the las year.

It says there is a problem with the site security certificate.

If i hold mouse over sign in, address in bottom left the address shows as https://ebay.co.uk/ws/eBayISAPI.dll?SignIn

If i click on sign in, there is a pause then it says there is a problem with the certificate.
address at top shows as https://ebay.co.uk/ws/eBayISAPI.dll?SignIn&_trksid=m38

Is there a difference,

have run scans with KIS nothing, also ran a couple other scans all show nothing. Perhaps it is a seting that i have changed by mistake ? any help greatfully received as i have had a few problems with KIS and to be honest i am clos to binning it. It seems to take an awful lot of time to admin and i get KIS popups for just about everything. i expect these are settings as well though.

once again gateful for any advice from experienced users
Go to the top of the page
 
+Quote Post
westray1234
post 31.01.2009 18:36
Post #2


Advanced Member I
***

Group: Members
Posts: 114
Joined: 3.08.2008
From: uk




QUOTE(jonnyred @ 31.01.2009 11:06) *
Hi just wondering if you can help. Since yesterday KIS is blocking me from signing in to ebay, never happened before in the las year.

It says there is a problem with the site security certificate.

If i hold mouse over sign in, address in bottom left the address shows as https://ebay.co.uk/ws/eBayISAPI.dll?SignIn

If i click on sign in, there is a pause then it says there is a problem with the certificate.
address at top shows as https://ebay.co.uk/ws/eBayISAPI.dll?SignIn&_trksid=m38

Is there a difference,

have run scans with KIS nothing, also ran a couple other scans all show nothing. Perhaps it is a seting that i have changed by mistake ? any help greatfully received as i have had a few problems with KIS and to be honest i am clos to binning it. It seems to take an awful lot of time to admin and i get KIS popups for just about everything. i expect these are settings as well though.

once again gateful for any advice from experienced users

there something wrong with the ebay urls you posted as I cant open them just enter www.ebay.co.uk in your broswer and then click on sign in to see if that works if not you must have malware or something altering your url or browser settings incorrect

This post has been edited by westray1234: 31.01.2009 18:48
Go to the top of the page
 
+Quote Post
jonnyred
post 31.01.2009 19:10
Post #3


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




Tried that and the same thing happens. I type the address then when home page opens click on sign in link and get stopped there.

Have run scans with KIS, Spyware Doctor, and malwarebytes, all come up clean. Also posted HJT logs in another forum and was told they were clean. If there is something on here it is well hidden and i dont know where / what to look for.

Guess i will try on my laptop and see what happens.

Any other ideas would be good
Go to the top of the page
 
+Quote Post
jonnyred
post 31.01.2009 19:23
Post #4


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




just checked the certificcate and it says it is for secureinclude.ebaystatic.com at 88.221.176.166
Go to the top of the page
 
+Quote Post
jonnyred
post 31.01.2009 20:03
Post #5


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




this is just getting weirder ! just tried ebay again and now when i click signin the browser bar goes green not red as before and it says the certificate is by verisign and all ok ?

i am at a loss to explain, anybody ?
Go to the top of the page
 
+Quote Post
westray1234
post 31.01.2009 21:22
Post #6


Advanced Member I
***

Group: Members
Posts: 114
Joined: 3.08.2008
From: uk




the browser bar should be green not red in IE7 with phising filter turned on and web page should have a verisign logo and also a padlock in broswer and if you run pointer over it ishould say versign identifies this site if you click on it should give more info
I have just click on the urls you posted I cant connect and as these are https they should have a padlock on the browser THEY DONT HAVE THIS

This post has been edited by westray1234: 31.01.2009 21:27
Go to the top of the page
 
+Quote Post
jonnyred
post 31.01.2009 21:51
Post #7


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




Yes i see. I get a red browser and the certificate says mismatched. so there is a verisign emblam in bottom corner do we think that is fake too? if you click on that it goes to https://verisign.

the red browser i see also begins https:// so is this a secure fake sit as it were ? how can you fake a https address ?

how did this sh*t happen with kaspersky running ?
Go to the top of the page
 
+Quote Post
jonnyred
post 31.01.2009 22:08
Post #8


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




also tried with firefox, typed address, clicked on sign in and mozilla said it was bad also

https://signin.ebay.co.uk/ws/eBayISA...2F&_trksid=m37

have i somehow got something on my pc that takes me to the wrong place when i click on ebay ?
Go to the top of the page
 
+Quote Post
westray1234
post 31.01.2009 22:16
Post #9


Advanced Member I
***

Group: Members
Posts: 114
Joined: 3.08.2008
From: uk




QUOTE(jonnyred @ 31.01.2009 17:51) *
Yes i see. I get a red browser and the certificate says mismatched. so there is a verisign emblam in bottom corner do we think that is fake too? if you click on that it goes to https://verisign.

the red browser i see also begins https:// so is this a secure fake sit as it were ? how can you fake a https address ?

how did this sh*t happen with kaspersky running ?
you should click on the padlock to see if verisign says the site is as it looks does the urls that you tried have a padlock or not you shoulalways look for the padlock on the sites
I would send these urls in an email to ebay (check the site for security issues and where to send emails to ) this probably not a kaspersky issue as I hoped it blocked you from accessing a phising site you didnt manage to get to the sign in page to enter your details did you?? by the way what version of kis are you running
Go to the top of the page
 
+Quote Post
jonnyred
post 1.02.2009 04:20
Post #10


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




KIS 2009

i am gonna reinstall windows tomorrow and start from scratch
Go to the top of the page
 
+Quote Post
Whizard
post 1.02.2009 08:06
Post #11


Professional
***************

Group: Moderators
Posts: 20714
Joined: 19.11.2005
From: Toronto/Canada




Deactivate port 443 in Network option or SSL scanning all together.


--------------------
Networking and Security Guru
~^Whizard^~
Go to the top of the page
 
+Quote Post
jonnyred
post 1.02.2009 17:38
Post #12


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




ok will try that but can you tell me in simple terms why im doing that please.
Go to the top of the page
 
+Quote Post
richbuff
post 2.02.2009 02:36
Post #13


Are You Kidding?
*****************

Group: Global moderators

Posts: 1000785
Joined: 14.06.2007




QUOTE(jonnyred)
...can you tell me in simple terms why im doing that please.
Short answer: So it will work.
Medium answer: Scan encrypted connections is Off by default, to provide the correct balance of security and functionality.
Long answer; see: http://www.viruslist.com/en/analysis?pubid=204791929


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
jonnyred
post 2.02.2009 22:23
Post #14


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




So if i have no scanning on port 443 then what is protecting me if i go to a supposed secure site that is bad ?

Or do i need to go away and read up on advanced TCP/IP principles ?

Sorry but i am completely dumb to all of this.
Go to the top of the page
 
+Quote Post
jonnyred
post 14.07.2010 22:19
Post #15


Member
**

Group: Members
Posts: 15
Joined: 12.07.2007




I recently had to rebuild my PC as it got infected (yes even with kis 2010).
i have just tried to log into my ebay account when both IE and KIS flashed up warning.

The address is https://signin.ebay.co.uk/ws/eBayISAPI.dll?...w.ebay.co.uk%2F so looks ok to me. KIS is stating IEEXPLORE.EXE cannot confirm the authenticity of secureinclude.ebaystatic.com

remote address 88.221.168.173 remote port 443

KIS is waiting for me to accept or deny the certificat, any help gratefully received. Trying to avoid all dodginess in wake of rebuild

cheers
Go to the top of the page
 
+Quote Post
Don Pelotas
post 14.07.2010 22:25
Post #16


Global Moderator
****************

Group: Global moderators

Posts: 28886
Joined: 7.04.2005




Merged with your thread from a year ago.......the answers are the same and read post # 13 again....take medium answer and go with that.


--------------------
Go to the top of the page
 
+Quote Post
bekind2animals
post 15.07.2010 01:59
Post #17


Advanced Member I
***

Group: Members
Posts: 72
Joined: 14.03.2010




This is just an FYI as the info from the "Pros" is the best! I sell on ebay and have had my share of malware,hackers etc.All fixed when I purchased KIS! THANK YOU! The address you gave: Ebay has a site in UK-for marketing reasons.It will hijack your normal sign-in.When you log into ebay,look on the bottom of your screen in the title bar: do you see any of the following : guest=1
If so,yes,you are being hijacked to UK marketing site.Here is a good one: I ran trace and it is registered to ebay under the name :"SHERLOCK HOLMES"
NO joke!
To sign in:
(1) manually type in http://www.ebay.com
(2) On ebay home page:click on red sign in box below the welcome-do NOT use sign in button at the top (it reroutes you)
(3) after you click on,you must see (a) a message that you are being directed to a secure site and (b)the Verisign "lock" symbol must be present (or DO NOT sign in).If you get ANYTHING else-do not log into your account,but sign in as "guest"(on the left side) and let ebay security run you thru and help you (they will).Request help stating you believe your account has been taken over.
(3a) BEFORE SIGNING IN with your personal info:DELETE anything after the final words "SignIn"that appears in your TOP title bar.That is where the hijacking occurs.THEN REFRESH the page.You should see this as your address before you enter ANY personal info: https://signin.ebay.com/ws/eBayISAPI.dll?SignIn

Until KIS I had so many ebay problems it was mind boggling.Ebay can very frustrating.It is continually bombarded with nosey marketing and down right vicious hackers/scammers.
But! the pros here say it the best!
Take Care! Happy ebaying
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 19.12.2014 12:39