The “Indicators” wait non-responsiveness can be reproduced every single time for the affected. Even if it didn’t crash, I eventually gave up waiting & clicked “Close All Images” to trigger PeStudio to crash & exit, so that I could get it to stop. For these 2 examples, PeStudio sometimes crashed & exited, while I was waiting.
And while the user waits w/o doing anything, PeStudio may or may not suddenly crash. Firefox 35.0 offline installer 38 MB, or Avira Antivirus offline installer 146 MB), the “Indicators” response-time is VERY long (>10 mins).
If the user tries to “Close All Images” or “Close Selected Image” while “Indicators” is still at “wait” status, this is when PeStudio crashes & exits.įor larger. exe files (even small ones of 1 MB size), PeStudio’s “Indicators” image tends to hang at “wait …” for 30–90 seconds, even though the results for all other images are finalized. So it is not clear which “interesting” value triggered the red alert.Ģ) When individually scanning certain. (via Betanews)ġ) Sometimes, PeStudio’s left window displays something in red, but the corresponding entry at the right-hand window has no value flagged in red. The integration of VirusTotal is excellent and the remaining options that it provides can give you valuable clues whether a program may potentially be malicious in nature. PeStudio is a useful helper program for Windows users who want to analyze executable files before they run them on their system. PeStudio comes as a graphical user interface but also as a command line version that you can run right from it.
It needs to be noted at this point that PeStudio finds indicators and that red or orange color codes do not have to mean that something fishy is going on. accesses libraries at runtime, creates or modifies files) which can be very useful in your analysis. There you may find information about the program's capabilities (e.g. The indicators listing may be of importance as it lists important information discovered during the scan at the very top. Other information that it provides include imported libraries and symbols, the file and DOS header, as well as certificate and resource information. A click on strings may for instance reveal commands, for instance Registry manipulation, used by the program or module names that may reveal information about its function.
0 kommentar(er)
