X-Ways Investigator is a powerful investigation/document analysis/report generation application for law enforcement, intelligence agencies, and the private sector. It runs under Windows. It was designed for investigators who are specialized in areas such as accounting, building laws, money laundering, corruption, homicide, child pornography, etc., also for investigative analysts, agents, attorneys, paralegals, prosecutors, internal and external auditors, for the analysis part of computer forensics and electronic discovery. X-Ways Investigator is based on X-Ways Forensics and is a subset thereof. It's simplified user interface offers much fewer technical options than WinHex and X-Ways Forensics, so that investigators can better concentrate on the matter at hand.

X-Ways Investigator is part of a certain philosophy: Splitting up the workload into preparatory work done by forensic computing specialists (computer forensic examiners) with X-Ways Forensics and investigative work done by investigators can be a pivotal change, greatly accelerate the forensic process and improve its quality. It reduces the computer specialists' workload by allowing the investigators to take over much earlier.

Feature overview:

Case management, logging
Automated reports that can be imported and further processed by any other application that understands HTML, such as MS Word
File viewer for hundreds of file formats included
Ability to print documents with all file metadata on a cover page
Can natively read media/images with these file systems: FAT12/16/32, TFAT, exFAT, NTFS, Ext2/3/4, Next3?, CDFS, UDF, HFS, HFS+, ReiserFS, Reiser4, UFS, UFS2
Can interpret raw image files and .e01 evidence files
A natural choice to examine the files assorted in evidence file containers with X-Ways Forensics
Ability to run powerful keyword searches, both conventional and index searches (indexes created with X-Ways Forensics)
Search hit listings with context preview, e.g. like “all search hits for the search terms A, B, and D in MS Word and MS PowerPoint files below \Documents and Settings with last access date in 2004”
Gallery view for pictures, Calendar view for timestamps
Ability to associate comments about files for inclusion in the report or for filtering
Ability to tag files and add them to customized report tables of notable items
Directory tree on the left, ability to explore and tag directories including all their subdirectories
Powerful dynamic filters based on filename, true file type, timestamps, file size, comments, report tables...
Recursive view of all existing and deleted files in all subdirectories
Skin color detection (e.g. a gallery view sorted by skin tone contents greatly accelerates a search for traces of child pornography)
Interface for PhotoDNA (only for law enforcement), which can recognize known pictures (even if stored in a different format or altered!) and can return the classification (“CP”, “relevant”, “irrelevant”) to X-Ways Investigator
... and much more

X-Ways Investigator CTR is an even further reduced version of X-Ways Investigator, which can open only the evidence file containers of X-Ways Forensics and X-Ways Investigator (raw format or .e01 evidence file), no other images and no disks/media. X-Ways Investigator CTR is suitable exclusively as an add-on to X-Ways Forensics when splitting up the analysis work across multiple investigators/specialist or when providing files in containers to lawyers or other people involved in the case, like an extremely powerful viewer program for containers. Findings can be exported from X-Ways Investigator CTR and imported back into the main case in X-Ways Forensics if desired.

Further limitations compared to X-Ways Investigator:

hash computation and hash database not available
menu commands for exporting lists/subtrees not available
only option to refine the volume snapshot: metadata extraction
attaching external files not possible
GREP syntax not supported for searching
case log not included in case report
internal ID columns missing
All this for a price less than half of X-Ways Investigator. To verify what functionality exactly is available in X-Ways Forensics CTR, you can activate the user interface of X-Ways Investigator CTR in the General Options dialog window in X-Ways Forensics.

Only for V.I.P