We’ve merged our File Investigator Technology with Windows File Find, to search for files by their File Type, Contents, Operating System Platform, Data Storage Method, File Attributes, plus more. Forget using file extensions, now you can search for files intelligently and browse through their metadata.
The Name & Location tab provides you with the usual Name filespec (ex: *.doc), as well as the drive and folder location to Look in. The screen shot on the right (click the image to enlarge) shows three of the 109 different columns of information available. The Description column indicates what type each file is. This type goes far beyond the file extension match provided from the MS Windows Registry. File Investigator analyzes the contents of every file and definitively identifies the file type. Even when none of your installed applications can recognize a file, File Investigator File Find still identifies it. The third column, in this example, provides some useful metadata for many file types. You can see image resolutions, color depths, sound sampling rates, compression codecs, etc. The Preview window (bottom pane) is displaying one of the files in hexadecimal.
The Content tab provides the ability to filter your search results by File Type, Platform/OS, Storage Method, Content Type and Accuracy level that File Investigator is able to achieve on each file. Checking the ‘Has wrong file extension’ box filters out all files with a file extension known to belong to their file type. The screen shot on the left (click the image to enlarge) shows the same three columns used previously, but now it only includes files that are known to include Video content. The Preview window now displays the highlighted MS Audio/Visual Interleave file as a playable movie. The video previewer uses the MS Multimedia Player to play the multimedia files that codecs have been installed for.
The Date Modified tab can be used to filter your search by a range of Created and Modified dates. The screen shot on the right (click the image to enlarge) shows five new columns. Valid MIME Label(s) lists the type values typically used to describe each attachment file type in email communications. The Text Metadata Summary is displaying text strings extracted from the files. These strings are organized by the type of information they are providing. The fourth column provides categories by the type of Content typically found in each file type. As you can see from the Scan Time column (displayed in seconds) each file only requires a fraction of a second to be analyzed. The SHA-1 column provides a hash value for each file. The Preview window is using the Text Previewer to display all of the text strings found in the highlighted file.
The Text & Attributes tab filters your search with a text string, by file size and file attributes. The NTFS ADS (Alternate Data Streams) filter is a recent addition that can either filter out the hidden streams or filter out everything but the streams. These streams are files that hide behind regular files. Unless you use a utility designed to see them, you don’t know they are there, but they can contain malicious content. The Preview window is using the Details Previewer to display all of the information that File Investigator extracts from the selected file. This view is useful when you need more information that isn’t in one of the columns that you selected to display (using the Options Dialog below). The Background section can provide links to applications for viewing, editing and converting the selected file as well as programmer references.
The menus are self explanatory except for the following selections:
File >> Open, Edit & Print are the same as the options that appear on the context menu that appears when you right mouse click on a file in MS Windows Explorer.
File >> Fix Extension repairs wrong file extensions on the marked files, by renaming the file with an extension from our list of known good file extensions for the files type. If a file already has a valid file extension, then the file extension is rotated to the next extension on our valid list. This can be helpful when your application doesn’t work with some of the valid extensions.
Tools >> Options… opens a dialog for entering Registration key(s), File Investigator File Find display options and Advanced analysis options.
The File Find tab (click the image to enlarge) shows the File Investigator File Find options related to the user interface. You can change everything from where FI File Find icons/shortcuts will appear, to the columns that are used and the Fall Back Previewer as a default for files types that don’t have their own. For a list of all of the available columns, click HERE. A couple recent additions are the Left and Right Double Click Commands. These fields allow you to specify what happens when you double click your left or right mouse button on a file. For example, entering NOTEPAD.EXE in one of these fields will cause that mouse double click to open the file with MS Notepad. If the Left Double Click field is left empty, then the MS Windows Registry associated context menu Open command is used.
The Advanced tab (click the image to enlarge) provides the flexibility to select the Identification Stages used, Hash Codes & Checksums calculated as well as how deep the analysis is allowed to venture into each file. You can decide on your own balance between powerful in-depth searches that use a great amount of processing power, and faster more time efficient searches that use a subset of the available features. The default settings exclude the calculating of hash values, as well as the secondary Identification Stages, in order to ensure good performance across all generations of processors and computer clock speeds.
Feel free to try this product before you buy it. A registration key is required for the trial period. Purchase a perpetual license and receive 1 year of quarterly updates and support. We are constantly adding more, and improving existing, file types in our products.
All of these features may also be added to your own product(s), with the File Investigator OEM API Kit.
Price: $299 (includes 1st year of maintenance & support)
