ESET Insiders SM03 16 Posted September 4, 2023 ESET Insiders Posted September 4, 2023 Hi, While 'Web Access Protection' is on, EIS is preventing file downloading from OxyCloud domain (https://oxy.cloud/en/ & https://download.oxy.st/) Files are only downloading when turning off the 'Web Access Protection' manually. facing this same since last two / three version of EIS (16.x) Initially thought this is a bug & will be fixed in future release but as still its continues & exist so reporting here Pls fix this is future release as its very annoying to disable that everytime I try to download something from OxyCloud
Administrators Marcos 5,461 Posted September 4, 2023 Administrators Posted September 4, 2023 Please try again, it seems to work for me now.
ESET Insiders SM03 16 Posted September 5, 2023 Author ESET Insiders Posted September 5, 2023 (edited) Hi @Marcos I just checked after reading your comment here, & now it is downloading without disabling that 'Web Access Protection'. Not sure what've happened as last I checked, EIS didn't release any newer version in the last 12/24 hours where they made any changes to the new version. or ESET made any changes via the regular A/V signature (Modules) update lately so that as result, now its working? Anyway, IDK it maybe someone can tell me more about this. And apart from this do we have any tentative release window locked for the upcoming v17? (Sep/Oct?) Edited September 5, 2023 by SM03
Administrators Marcos 5,461 Posted September 5, 2023 Administrators Posted September 5, 2023 One of the urls used by the cloud service was blacklisted so we unblocked it.
ESET Insiders SM03 16 Posted September 5, 2023 Author ESET Insiders Posted September 5, 2023 Whichone was blocked earlier? oxy.cloud/en or download.oxy.st? And any info about the v17 release that I asked earlier?
Administrators Marcos 5,461 Posted September 5, 2023 Administrators Posted September 5, 2023 It was a different domain. V17 will be available later this year. micasayyo 1
ESET Insiders SM03 16 Posted September 5, 2023 Author ESET Insiders Posted September 5, 2023 Hi @Marcos I was just downlaoding a file from Oxy & it's (again) now blocking [Attached screen recorded video for the same] 1.mp4
Administrators Marcos 5,461 Posted September 5, 2023 Administrators Posted September 5, 2023 Works for me fine. Please provide logs collected with ESET Log Collector.
ESET Insiders SM03 16 Posted September 6, 2023 Author ESET Insiders Posted September 6, 2023 (edited) @Marcos What're the settings that you need to be checked [under artifatcs to collect] in log collector? Edited September 6, 2023 by SM03
Administrators Marcos 5,461 Posted September 6, 2023 Administrators Posted September 6, 2023 There's no such setting, I'd need to check logs.
ESET Insiders SM03 16 Posted September 6, 2023 Author ESET Insiders Posted September 6, 2023 (edited) See this, am asking about this. Also, what should I select for log ages & log collctiom mode? Edited September 6, 2023 by SM03
Administrators Marcos 5,461 Posted September 6, 2023 Administrators Posted September 6, 2023 It's enough to use default settings.
stepan 0 Posted October 6, 2023 Posted October 6, 2023 (edited) Same problem. Eset blocked Oxy cloud downloads https://download.oxy.st/d/fCjh/2/97fca367fff80ad5951b19b1c2c512a3# If Disable and re-enable protection I can download files from Oxy Cloud until next time when I remove browser's cookies. For 5 days - 3 false positives. Reported and still waiting answer from Eset. For example when I report something to Avast they answer almost instantly and fix it. Edited October 6, 2023 by stepan
Administrators Marcos 5,461 Posted October 6, 2023 Administrators Posted October 6, 2023 Please provide logs collected with ESET Log Collector. Clicking the link above downloads the file alright without any alert being triggered by ESET.
itman 1,806 Posted October 6, 2023 Posted October 6, 2023 (edited) 3 hours ago, Marcos said: Clicking the link above downloads the file alright without any alert being triggered by ESET. Augur detection triggers in ESSP using Firefox; Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 10/6/2023 3:14:54 PM;HTTP filter;file;https://smelel.icu/sm/redirect?landID=40&company=29374&uuid=e641a93e-8f14-40a7-9316-1d443f385b06&apiKey=b68c106c3df6f586f8cb1f48c5036112;ML/Augur.C trojan;connection terminated;xxxxxxx;Event occurred during an attempt to access the web by the application: C:\Program Files\Mozilla Firefox\firefox.exe (3AC154D0A0390E254E88F9BF89E7040B00ED02F3).;2C03C7B3B8AEAD5C16FB471F5760B54641AFE5E6;10/6/2023 3:14:51 PM https://www.virustotal.com/gui/file/05f1adce2d162fc881ccc2f633342dade521e92fa0a0d84f14ced9f8f436fa8c Edited October 6, 2023 by itman
Recommended Posts