The ability to scan extracted files and email databases for malware is now available to all users at no additional charge.

Identifiable threats include:

• Adspy
• Backdoor
• Constructor
• Dialer
• Dropper
• Exploit
• Heuristic
• Phishing
• Riskware
• Trash
• Trojware
• Virware
• Worm

After configuring the malware scan options in the Options section, you can initiate a malware scan in the Malware section of the selected extraction. The results will appear on the toolbar, displaying the scanned file status, identified threats, scan start time, and other relevant details.

Mobile Forensic Updates

We’ve added support for screen-locked Android devices based on the SDM665, SDM675, SDM730, and SDM855 chipsets. The list of supported devices includes many models released before 2020: Lenovo Z6 Pro, LG Q70, Sony Xperia 1, Xiaomi Mi A3, Xiaomi Redmi Note 7 Pro, Xiaomi Mi 9T, Xiaomi Mi 9, and many others.

Oxygen Forensic^® Detective v.16.3 brings support for screen-locked Omix and Reeder devices based on the MTK and UNISOC chipsets.

New supported devices include:

• Omix X7
• Omix X5
• Omix X700
• Omix X600
• Reeder P13 Blue Max
• Reeder P13 Blue

View all supported models →

We’ve added support for screen-locked Android devices based on the MT6750 and MT6855 chipsets and running Android OS 10 and higher. This update covers 190 Android devices of various manufacturers.

Oxygen Forensic^® Detective v.16.3 allows extraction of the communities from WhatsApp and WhatsApp Business via Android Agent. You can choose to extract all the communities or selected communities only.

Now extracted physical dumps of memory cards can be saved to E01 format at the end of the extraction in Device Extractor.

Several enhancements have been made to this method:

• Users can now switch directly into DFU if the iOS version is known, without switching a device to the Recovery Mode.
• We’ve also added the instructions on how to switch a device into DFU using test points.

We’ve made two significant enhancements:

• Steam private and group chats can now be extracted.
• Authorization by scanning a QR code is added.

In certain cases extensions of plain text files might be deleted or altered by a user. Oxygen Forensic^® Detective v.16.3 introduces two options how these files can be identified:

1. Choose the “Select file type by content” box on the General tab of KeyScout.
2. Alternatively you can select the File signature option for plain text files on the Files tab of KeyScout.

The following new computer artifacts are supported:

• List of installed applications from NTUSER.dat file (Windows)
• Information about packages installed by Pacman (GNU/Linux)
• Supported applications from the Arch Linux distribution
• Passwords from 1Password (Windows, macOS, GNU/Linux)
• Passwords from DuckDuckGo (macOS)
• Microsoft Defender (Windows)
• Transmission Torrent client (Windows, macOS, GNU/Linux)
• Microsoft Photos (Windows)
• Microsoft Sticky Notes (Windows)
• Apple Weather (macOS)
• Spark installed from the App Store (macOS)
• NordVPN installed from the App Store (macOS)
• Facebook Messenger installed from the App Store (macOS)
• Additional data from AnyDesk (Windows, macOS, GNU/Linux)
• Additional data from Opera (Windows, macOS, GNU/Linux)

PX4 Autopilot is an open-source flight control system oriented for drones and other uncrewed vehicles. Now you can analyze the flight history of custom-built drones based on the PX4 controller by importing their ULog logs in Oxygen Forensic^® Detective. Parsed data will include the drone information, home points, global and GPS points, sensors data and journals.

Oxygen Forensic^® Detective v.16.3 allows the import and parsing of X (Twitter)  archives that can be downloaded following official X instructions. Parsed data will include contacts, group messages, direct messages, deleted tweets, followers, following, blocked users, search history, and other categories.

We’ve added a Facial Categorization Wizard that allows the selection of specific file folders for facial categorization. With customizable file filter criteria encompassing file types, specific folders, and file sizes, this feature significantly speeds up the processing of files through our facial categorization engine.

The following languages have been added to our Translation module: Estonian, Hebrew, Latvian, Lithuanian, Nepali, Norwegian, Romanian, and Urdu. Overall, 27 languages are now supported.