Jump to content
dugdugdug

IL Print app flagged as exploit

Recommended Posts

il-print.exe

This is a java helper app that you have to install in Windows 10 to print labels from the InventoryLab browser app. Malwarebytes blocks it and closes the app. 

Export: 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/12/20
Protection Event Time: 5:41 PM
Log File: 5b8c1d3a-c488-11ea-a49a-7085c20e0414.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.976
Update Package Version: 1.0.26741
License: Premium

-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0

-Exploit Data-
Affected Application: Java
Protection Layer: Application Behavior Protection
Protection Technique: Java malicious inbound socket detected
File Name: 
URL: 

(end)

Share this post


Link to post
Share on other sites

Greetings,

Until this is resolved, you may work around this issue by opening Malwarebytes and navigating to settings by clicking the small gear icon in the upper right, then selecting the Security tab.  Once there, click on the Advanced Settings button under Exploit Protection and under the last tab called Java protection, uncheck the second option which refers to blocking inbound shell attacks.  That should prevent the detection while awaiting a fix so that you may continue using your printer.

Share this post


Link to post
Share on other sites

You're welcome, I'm glad I could help.

A member of the Malwarebytes staff should respond here once they have addressed the issue.

Thank you for reporting this issue to us, and for your patience.

Share this post


Link to post
Share on other sites
12 hours ago, LiquidTension said:

Hello,

Thank you for the report.

Could you run the Malwarebytes Support Tool please and provide the generated file?
https://support.malwarebytes.com/hc/en-us/articles/360039023453-Upload-Malwarebytes-Support-Tool-logs-offline

I'm sorry - I ran the repair process without realizing i was supposed to gather logs. I did it afterwards. Hopefully what you wanted is still in there.

mbst-grab-results.zip

Share this post


Link to post
Share on other sites

Does the detection still occur if you re-enable the Java setting I asked you to disable previously?  If so, the logs should still be useful.

Share this post


Link to post
Share on other sites
10 hours ago, exile360 said:

Does the detection still occur if you re-enable the Java setting I asked you to disable previously?  If so, the logs should still be useful.

I turned the detection back on and the app worked this time. Success. Thanks again.

Share this post


Link to post
Share on other sites

Oh it occurs to me that I turned it back on AFTER generating the logs. Should I generate a new log file now that I have turned it back on?

Share this post


Link to post
Share on other sites

I don't think it makes a difference at this point since the detection is no longer occurring, however you might try restarting the system now that you have re-enabled the Java setting and once more verify that the block does not occur just to make certain the issue is resolved.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.