Power computer users and IT administrators are provided with a binary file search rule, which is capable of searching files by binary HEX patterns located at specific places inside of files. In order to add a binary file search rule, add the 'HEX Pattern' file search rule, select an appropriate pattern matching operator, enter the HEX pattern to search for and enter the position inside of the file where the binary pattern should be located.

The HEX pattern should be specified as a list of bytes in the hexadecimal format with each byte represented by two hexadecimal characters delimited by the space character. The position of the HEX pattern should be specified as an absolute offset from the beginning of the file. For example, in order to find all executable files, including files with intentionally changed file extensions, add the 'HEX Pattern' file search rule, set the HEX pattern to '4D 5A' and set the pattern position to zero.

The binary file search is a time consuming operation especially when searching files via the network. In order to improve the performance of the binary file search operations, open the file search command options dialog, select the 'Advanced' tab and increase the number of the file search threads to the number of CPUs in the computer. The binary pattern file matching rule is very useful when the user needs to detect specific file formats containing format-specific signature patterns at designated positions. Multiple binary pattern rules may be combined with logical operators to detect files containing multiple patterns at different positions.