This tool is an auxiliary tool for virus analysis, featuring various file format recognition functions. It uses part of the code from the format recognition engine of Super Cop, and integrates functions such as shell detection, PE file editing, MD5 calculation, and quick utilization of third-party tools. It is suitable for systematic processing of some virus and Trojan samples during virus analysis. It supports file dragging, directory dragging, and allows setting right-click shell detection for files and directories. In addition to the built-in shell library unpack.avd that comes with FFI, it can also use an extended shell library (which must be named userdb.txt, and this library format is compatible with the PEID library format, allowing users to collect their own userdb...).