Efrain

Windows 10. I don't believe it's flash. These are actual videos stored on a server. The officers log into a website, browse for the video then click on a thumbnail to see the video. They never see this app. Somewhere in the process a Java script runs and the player is installed for them (if not already installed) then the video starts to play within the browser (Edge or Chrome).

I'm going to try the hash tomorrow. I'm not a fan of the application but that's what we're stuck with for now. I'm not a developer of this product. We purchased it from a company called L3 (Safe Fleet Mobile Vision). Thanks!

I got the hash but haven't tried it yet. I will tomorrow. Again, thank you so much.

I've thought of contacting the organization but my experience with them hasn't been great. I thought having an exclusion would be the easier route. Thanks! No, they can NOT.

@AdvancedSetupThe officers log into a website, browse for the video then click on a thumbnail to see the video. They never see this app. Somewhere in the process a Java script runs and the player is installed for them (if not already installed) then the video starts to play within the browser (Edge or Chrome). The problem is that Malwarebytes thinks this is a malicious app and stops it from working so the video never plays. It's a horrible, stupid system that we are stuck with for now. As for the logs, we have an Endpoint agent running on the PCs. There's no app to click on to see and download logs. If you point me to the folder/files that you need I can upload. Thank you very much for you help!

@Porthos The officers log into a website, browse for the video then click on a thumbnail to see the video. They never see this app. Somewhere in the process a Java script runs and the player is installed for them (if not already installed) then the video starts to play within the browser (Edge or Chrome). The problem is that Malwarebytes thinks this is a malicious app and stops it from working so the video never plays. It's a horrible, stupid system that we are stuck with for now.

Where is this log located? Thanks.

File uploaded in False Positive section. Thanks.

This file keeps getting detected as a exploit. It's used by our police department to view video from their car and body cams. Please advise on what can be done about this. Thank you. FlashbackPlayer.zip

Would that work even if the user name is always different? For example: C:\Users\AJOHNSON\AppData\Local\Temp\FlashbackPlayer.exe C:\Users\DSMITH\AppData\Local\Temp\FlashbackPlayer.exe Notice the folder after C:\Users is different. Thanks!

So how to I determine what the HASH value is? Thanks.

I keep getting the attached detection (see attached). Following is the full path: C:\Users\dalonso\AppData\Local\Temp\FlashbackPlayer.exe. The user name changes, depending on the user that's logged in. How do I add an exclusion for this? Thanks!

I use Malwarebytes Nebula. How do I determine how many items have been quarantined during the past year? Thank you!

Hi. I already opened a case with Malwarebytes but have not gotten a response. Again, thanks for all the help!

Thanks for the replies thus far. We'll planning on re-installing Malwarebytes on our Exchange server tonight with the exclusions in the Microsoft article I mentioned above. However, it would be greatly appreciated if Malwarebytes provided better guidance on this. Particularly, I'd like to know: 1. Is Malwarebytes Endpoint Protection recommended and safe to run on a Windows server used for Exchange. 2. What does Malwarebytes recommend (if any) as far as exclusions, policy configurations, etc. for Exchange. Thank you!