Known File Database

The known file database feature is used to allow you to efficiently filter your results so as to hide known trusted files from display.

In order to use it from the main wizard form, click skip , then goto the tools menu and choose the menu item to build known file db.

This will bring up a seperate form where you can launch the system file scanner which will enumerate all exe, dll, and sys files on your system.

Make sure to only run this on a known clean system because any files it detects will be assumed to be clean in the future. It will store the file name, path, version and hash.

Once this completes, you can close this form and select the tools menu item for hide known files. When this menu item is checked, all known files in the database will be hidden from display in the listboxes.

If there are known clean files still displayed (files outside of the scanned default directories) just click the tools menu item to update known files.

This form will list all of the unknown files presently shown in a given snapshot and allow you to easily mark the ones you trust as known.

If you have built a known database, known files will display in blue.

Known files that have had their MD5 hash change will show in red.

Hopefully this feature will save some time, and it can be turned on or off at any time.