Last week my friend told me that she made a terrible mistake. She conducted raw serch and found no search hits within M$ docx files. She did not know what's wrong in the first place until her clients told her that some words actually exist in those docx files...She exported those docx files and examine them very carefully. Yes she found those wors exactly the same with keywords.

She asked me what's going on with EnCase raw search. Why no search hits in docx files...I show her how to conduct raw search on compound files as below:

1. Run EnScript: File-Mounter so you could expand compound files

2. Choose file type: docx

3. Now you could see those docx files become volume with xml files

4. Conduct raw search and you could see search hits inside docx files now

I told her that Forensic is a strict science and she should double check the search results again to make sure she won't make any mistakes. In Court we swear that the evidence that we shall give, shall be the truth, the whole truth and nothing but the truth. I suggest her to re-examine at those evidence and forensic reports she signed in recent years, and see if any wrong with raw search in compound files.

How to search compound files的更多相关文章

  1. EnCase v7 search hits in compound files?

    I used to conduct raw search in EnCase v6, and I'd like to see if EnCase v7 raw search could hit key ...

  2. Python开发环境Wing IDE之Search in Files工具详解

    Search in Files工具是Wing IDE中最强大的搜索选项.它支持磁盘.项目,打开编辑器,或其它文件集的多文件批量搜索.它还可以使用通配符搜索,并可以做基于正则表达式的搜索/替换. 建议用 ...

  3. Everything search syntax

    Operators: space AND | OR ! NOT < > Grouping " " Search for an exact phrase. Wildcar ...

  4. Inplace Search on document libraries and lists is not working

    [http://sharepointfarmer.com/inplace-search-on-document-libraries-and-lists-is-not-working/] I ran i ...

  5. Javascript > Eclipse > problems encountered during text search

    Reproduce: Ctrl + H, Select "File Search", will encounter eclipse kinds of bug/error alert ...

  6. 42 Bing Search Engine Hacks

    42 Bing Search Engine Hacks November 13, 2010 By Ivan Remember Bing, the search engine Microsoft lau ...

  7. lucene原理及源码解析--核心类

    马云说:大家还没搞清PC时代的时候,移动互联网来了,还没搞清移动互联网的时候,大数据时代来了. 然而,我看到的是:在PC时代搞PC的,移动互联网时代搞移动互联网的,大数据时代搞大数据的,都是同一伙儿人 ...

  8. 简单编写Makefile

    相信很多朋友都有过这样的经历,看着开源项目中好几页的makefile文件,不知所云.在日常学习和工作中,也有意无意的去回避makefile,能改就不写,能用ide就用ide.其实makefile并没有 ...

  9. grep 命令过滤配置文件中的注释和空行

    grep 用法 Usage: grep [OPTION]... PATTERN [FILE]... Search for PATTERN in each FILE or standard input. ...

随机推荐

  1. 关于java MulticastSocket中的joinGroup(SocketAddress mcastAddr,NetworkInterface netif)

    今天复习了一下java网络编程这方面(其实是之前没有学好),之前在linux下用c来做过一些例子,不过不好久没有用也就忘得一干二净了.不知道c/c++的东西不太好记,还是当初没好好学. 关于组播这方面 ...

  2. 加密---公钥&密钥

    一直以来对公钥和私钥都理解得不是很透彻,感觉到模棱两可.今天在网上找了半天,通过查看对这个密钥对的理解,总算弄清楚了.      公钥和私钥就是俗称的不对称加密方式,是从以前的对称加密(使用用户名与密 ...

  3. JavaScript判断字符串是否含有中文(实用)

    引用页: http://javasam.iteye.com/blog/1465048 UTF-8有点类似于Haffman编码,它将Unicode编码为:0x00-0x7F的字符,用单个字节来表示:0x ...

  4. channelartlist标签调用实例

    channelartlist标签,大家都知道在DedeCMS的系统中,我们可以用这个标签进行循环子栏目及其栏目的文档数据,这也是DedeCMS系统中,唯一一个支持标签嵌套的调用标签,以DedeV5.6 ...

  5. [ActionScript 3.0] AS3 Socket安全沙箱策略文件

    当与一个主机建立一个Socket连接时,Flash Player要遵守如下安全沙箱规则: 1.Flash的.swf文件和主机必须严格的在同一个域名,只有这样才可以成功建立连接: 2.一个从网上发布的. ...

  6. java代码中后台向前台传递list或map集合案例

    导入jar包 新建一个servert传递map集合 ajax.java代码: package servlet; import java.io.IOException; import java.io.P ...

  7. [SQL]公交新路问题

    --解答一 CREATE TABLE T_Line( ID nvarchar(), --公交线路号 Station nvarchar(), --站点名称 Orders int) --行车方向(通过它反 ...

  8. [SQL]patindex的用法

    返回指定表达式中某模式第一次出现的起始位置:如果在全部有效的文本和字符数据类型中没有找到该模式,则返回零. Transact-SQL 语法约定 语法 PATINDEX ( '%pattern%' , ...

  9. SQL SERVER系统表

    sysaltfiles 主数据库 保存数据库的文件 syscharsets 主数据库 字符集与排序顺序sysconfigures 主数据库 配置选项syscurconfigs 主数据库 当前配置选项s ...

  10. Android——Handler总结

    一.Handler的定义:          主要接受子线程发送的数据, 并用此数据配合主线程更新UI.          解释: 当应用程序启动时,Android首先会开启一个主线程 (也就是UI线 ...