反病毒引擎 版本 最后更新 扫描结果 
AhnLab-V3 2008.7.25.1 2008.07.25 - 
AntiVir 7.8.1.12 2008.07.25 ADSPY/Wsearch.CQ 
Authentium 5.1.0.4 2008.07.24 - 
Avast 4.8.1195.0 2008.07.25 Win32:WSearch-B 
AVG 8.0.0.130 2008.07.25 Generic3.JFD 
BitDefender 7.2 2008.07.25 - 
CAT-QuickHeal 9.50 2008.07.24 AdWare.WSearch.co (Not a Virus) 
ClamAV 0.93.1 2008.07.25 - 
DrWeb 4.44.0.09170 2008.07.25 - 
eSafe 7.0.17.0 2008.07.24 - 
eTrust-Vet 31.6.5980 2008.07.24 - 
Ewido 4.0 2008.07.24 - 
F-Prot 4.4.4.56 2008.07.24 - 
F-Secure 7.60.13501.0 2008.07.25 AdWare.Win32.WSearch.cq 
Fortinet 3.14.0.0 2008.07.25 PossibleThreat 
GData 2.0.7306.1023 2008.07.25 Win32:WSearch-B 
Ikarus T3.1.1.34.0 2008.07.25 Virus.Win32.WSearch.B 
Kaspersky 7.0.0.125 2008.07.25 not-a-virus:AdWare.Win32.WSearch.cq 
McAfee 5346 2008.07.24 - 
Microsoft 1.3704 2008.07.24 - 
NOD32v2 3298 2008.07.25 Win32/Adware.WSearch 
Norman 5.80.02 2008.07.24 W32/WSearch.SD 
Panda 9.0.0.4 2008.07.24 - 
PCTools 4.4.2.0 2008.07.24 - 
Prevx1 V2 2008.07.25 - 
Rising 20.54.42.00 2008.07.25 - 
Sophos 4.31.0 2008.07.25 - 
Sunbelt 3.1.1536.1 2008.07.18 - 
Symantec 10 2008.07.25 - 
TheHacker 6.2.96.389 2008.07.25 - 
TrendMicro 8.700.0.1004 2008.07.25 - 
VBA32 3.12.8.1 2008.07.24 - 
ViRobot 2008.7.24.1309 2008.07.24 Adware.WSearch.38400.B 
VirusBuster 4.5.11.0 2008.07.24 - 
Webwasher-Gateway 6.6.2 2008.07.25 Ad-Spyware.Wsearch.CQ 
附加信息 
File size: 38400 bytes 
MD5...: 6b9106527485567e3361f799cb315bd0 
SHA1..: 7fe5f65cfb2402f085f43c5c6516743b77c80b01 
SHA256: 2552438d9cf6dd494c14e5b65d524f47c8cb28a7192b831c283abfbf28de69be 
SHA512: 35c01b73f8fd25e8d3f198ca3cb55942001ff1a638e7648b074914127eb30c60
9a861ae94fea1b7c9b17c0e311e80f6dde4fde79436eae4e7ac0a042534ff639 
PEiD..: - 
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x18114
timedatestamp.....: 0x487aed6f (Mon Jul 14 06:08:47 2008)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0x247c 0x2480 6.45 94e29bdac3731475b51d0477ec50dc02
.rdata 0x2900 0x1724 0x1780 4.82 dae5aa52b7d9bd97e32017f9c94c931a
.data 0x4080 0x1325 0x1380 0.15 739d8ad023b53ae5f1e77bdf13f148f1
PAGE 0x5400 0x243f 0x2480 6.35 7b6151fa045d3819ad94b2160a7be9f3
INIT 0x7880 0x1042 0x1080 5.71 d6ff79d7c04c4d78d86865d978c8b130
.rsrc 0x8900 0x420 0x480 3.16 fb8291672bc2837bf7cde3419d210566
.reloc 0x8d80 0x848 0x880 6.14 8fd078b1d1c612c3b5db9e45965d3739

( 2 imports ) 
> ntoskrnl.exe: _wcsicmp, ExFreePool, ExSystemTimeToLocalTime, KeQuerySystemTime, ExAllocatePoolWithTag, _except_handler3, ZwClose, ZwQueryValueKey, DbgPrint, ZwOpenKey, RtlInitUnicodeString, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, strstr, RtlFreeAnsiString