Need some help with 2345SafeCenter


  • There are two news published by huorong which is famous IT & Anti-virus company in china :

    http://www.huorong.cn/info/151212805083.html

    https://www.huorong.cn/info/1554067875200.html

    These two news & malicous software analysis articles are very instersting.

  • Thanks!

  • Hello, according to the tests of these days, Kaspersky does not seem to have any incompatibility issues with the 2345 Security Center application. They have not shown any obvious conflicts on one computer. However, at the same time, it is also regrettable that Kaspersky did not identify and block the pop-up advertisement module of the application.

  • @huang1111 said in Need some help with 2345SafeCenter:

    Hello, according to the tests of these days, Kaspersky does not seem to have any incompatibility issues with the 2345 Security Center application. They have not shown any obvious conflicts on one computer. However, at the same time, it is also regrettable that Kaspersky did not identify and block the pop-up advertisement module of the application.

    Hello, huang1111

    The same to me here. Do you try to run a malware in a controlled enviroment such as vmware to see whether KL product and 2345 application also report "found a malware" and process it without any problem at the same time or not. On my side, it seem that 2345 process malware speed is higher than KL product. It is not a problem, I think. But I take care their PDM model behavior: If I allow some malicous actions in 2345 proactive defense model ( 应用入口防护/Application Defense, 系统底层防护/System protection ), KL product could be blocked or detect it and countinue to handle it, which is the best important things, I think. Do you also test this way?

    Regards.

  • @wesly-zhang said in Need some help with 2345SafeCenter:

    @huang1111 said in Need some help with 2345SafeCenter:

    Hello, according to the tests of these days, Kaspersky does not seem to have any incompatibility issues with the 2345 Security Center application. They have not shown any obvious conflicts on one computer. However, at the same time, it is also regrettable that Kaspersky did not identify and block the pop-up advertisement module of the application.

    Hello, huang1111

    The same to me here. Do you try to run a malware in a controlled enviroment such as vmware to see whether KL product and 2345 application also report "found a malware" and process it without any problem at the same time or not. On my side, it seem that 2345 process malware speed is higher than KL product. It is not a problem, I think. But I take care their PDM model behavior: If I allow some malicous actions in 2345 proactive defense model ( 应用入口防护/Application Defense, 系统底层防护/System protection ), KL product could be blocked or detect it and countinue to handle it, which is the best important things, I think. Do you also test this way?

    Regards.

    Hello, this is no longer in the scope of our compatibility testing. There are two anti-virus software installed on one computer. Such a system environment is not normal, so we do not need to pay special attention to this very special problem. In addition, I cannot find virus samples to test this situation, because in most cases Kaspersky can scan more viruses than 2345 Security Center, which makes this type of testing very difficult.

  • thank you for your help!

  • Can also say, do other antivirus consider 2345 as malware or adware ?

  • , last edited by Wesly.Zhang

    @dmitriy-pisarets said in Need some help with 2345SafeCenter:

    Can also say, do other antivirus consider 2345 as malware or adware ?

    I think Adware is more relevant. For this program, it has not reached the level of malicious programs. undecided

    You can ask your chinese colleagues about the evaluation of 2345 company.

  • @wesly-zhang, can you please check it with other antiviruses ? avast, nod, panda etc...

  • @dmitriy-pisarets said in Need some help with 2345SafeCenter:

    @wesly-zhang, can you please check it with other antiviruses ? avast, nod, panda etc...

    Hi,

    Sure. Sorry for my delay. Some other its drivers are also been detected by microsoft.

    2345Base.sys - Microsoft - PUA:Win32/2345Cn | SHA-256 3d9e93488d7ae760de63a13c4eba132b02236261e5512d7ee4a1ee7e7c761569

    2345ExProtect.sys - Microsoft - PUA:Win32/2345Cn | SHA-256 66735892e6742efa89eb93363f06e220bf3c87626607f49b1908fba4ae6ecc22

    2345Iron.sy - Microsoft - PUA:Win32/2345Cn | SHA-256 8d61e864702700ffa26e0621757fbee1f97359571a7710652f3dee9a3b992574

    2345Misc.sys - Microsoft - PUA:Win32/2345Cn | SHA-256 c662e56c3dc2e9751bf0cff4c1bca61bd1c857de4317ef6da56b4c0b1d668737

    2345NetMgr.sys - Microsoft - PUA:Win32/2345Cn | SHA-256 633e31ec8cd87c9bdbc563b9d9676c4b73eeffd9daa69fe84a1c5f2fce14d1fb

    2345Prot.sys - Microsoft - PUA:Win32/2345Cn | SHA-256 987df613a7639cb64c823826b74832c5931f6ff02a7e1ff418040aa29389a42c

    Now, Only Microsoft Defender detect its driver files as a adware. This is the result. undecided

    But its main executable file: 2345SafeTray.exe | SHA-256 92a26f8364f1b9ce1501941ce8b435cece7e40d6ce8131b1bf5a54a8e4a422e1 has been 8 AV solutions detected as adware.

    Cylance Unsafe

    Cyren W32/Trojan.LVBB-6338

    ESET-NOD32 A Variant Of Win32/2345.H Potentially Unwanted

    Fortinet Riskware/2345

    K7AntiVirus Adware ( 0055ce2c1 )

    K7GW Adware ( 0055ce2c1 )

    Microsoft PUA:Win32/2345Cn

    Sophos AV Generic PUA KH (PUA)

    I use ESENT NOD32 Online scanner ( enable detect potential unwanted and unsafe applications ) to check all 2345 product folder. Here is the result:

    Scan log: https://cloud.qainfo.ru/s/GKOLefB4xB9hhD7

    I also use panda cloud cleaner and avast free antivirus. There is no any PUA detection, Maybe they don't know 2345 product.



Looks like your connection to Beta Testing was lost, please wait while we try to reconnect.