Last week my friend told me that she made a terrible mistake. She conducted raw serch and found no search hits within M$ docx files. She did not know what's wrong in the first place until her clients told her that some words actually exist in those docx files...She exported those docx files and examine them very carefully. Yes she found those wors exactly the same with keywords.

She asked me what's going on with EnCase raw search. Why no search hits in docx files...I show her how to conduct raw search on compound files as below:

1. Run EnScript: File-Mounter so you could expand compound files

2. Choose file type: docx

3. Now you could see those docx files become volume with xml files

4. Conduct raw search and you could see search hits inside docx files now

I told her that Forensic is a strict science and she should double check the search results again to make sure she won't make any mistakes. In Court we swear that the evidence that we shall give, shall be the truth, the whole truth and nothing but the truth. I suggest her to re-examine at those evidence and forensic reports she signed in recent years, and see if any wrong with raw search in compound files.

How to search compound files的更多相关文章

  1. EnCase v7 search hits in compound files?

    I used to conduct raw search in EnCase v6, and I'd like to see if EnCase v7 raw search could hit key ...

  2. Python开发环境Wing IDE之Search in Files工具详解

    Search in Files工具是Wing IDE中最强大的搜索选项.它支持磁盘.项目,打开编辑器,或其它文件集的多文件批量搜索.它还可以使用通配符搜索,并可以做基于正则表达式的搜索/替换. 建议用 ...

  3. Everything search syntax

    Operators: space AND | OR ! NOT < > Grouping " " Search for an exact phrase. Wildcar ...

  4. Inplace Search on document libraries and lists is not working

    [http://sharepointfarmer.com/inplace-search-on-document-libraries-and-lists-is-not-working/] I ran i ...

  5. Javascript > Eclipse > problems encountered during text search

    Reproduce: Ctrl + H, Select "File Search", will encounter eclipse kinds of bug/error alert ...

  6. 42 Bing Search Engine Hacks

    42 Bing Search Engine Hacks November 13, 2010 By Ivan Remember Bing, the search engine Microsoft lau ...

  7. lucene原理及源码解析--核心类

    马云说:大家还没搞清PC时代的时候,移动互联网来了,还没搞清移动互联网的时候,大数据时代来了. 然而,我看到的是:在PC时代搞PC的,移动互联网时代搞移动互联网的,大数据时代搞大数据的,都是同一伙儿人 ...

  8. 简单编写Makefile

    相信很多朋友都有过这样的经历,看着开源项目中好几页的makefile文件,不知所云.在日常学习和工作中,也有意无意的去回避makefile,能改就不写,能用ide就用ide.其实makefile并没有 ...

  9. grep 命令过滤配置文件中的注释和空行

    grep 用法 Usage: grep [OPTION]... PATTERN [FILE]... Search for PATTERN in each FILE or standard input. ...

随机推荐

  1. HttpClient和HttpURLConnection整合汇总对比

    性能 1.HttpUrlConnection直接支持GZIP压缩:HttpClient也支持,但要自己写代码处理. 2.HttpUrlConnection直接支持系统级连接池,即打开的连接不会直接关闭 ...

  2. Java中的String与常量池

    string是java中的字符串.String类是不可变的,对String类的任何改变,都是返回一个新的String类对象.下面介绍java中的String与常量池. 1. 首先String不属于8种 ...

  3. java中四种引用类型(转)

    今天看代码,里面有一个类java.lang.ref.SoftReference把小弟弄神了,试想一下,接触java已经有3年了哇,连lang包下面的类都不了解,怎么混.后来在网上查资料,感觉收获颇多, ...

  4. Java链式方法 连贯接口(fluent interface)

    有两种情况可运用链式方法: 第一种  除最后一个方法外,每个方法都返回一个对象 object2 = object1.method1(); object3 = object2.method2(); ob ...

  5. arm-linux-ld

    arm-linux-ld 直接指定代码段,数据段,BSS段的起始地址 -Ttest startaddr -Tdata startaddr -Tbss startaddr 示例: arm-linux-l ...

  6. 如何使用XAMPP本地搭建一个属于你自己的网站

    你好,从今天开始,我将为大家带来一些我学习SEO和建站的免费教程,今天为大家带来的是如何用XAMPP搭建一个属于你自己的网站.来到这里,可以说很多在百度上已经过时了的资料需要总结的资料这里都有,你只要 ...

  7. crm 4 IFRAME 元素隐藏

    function hidebtn(elementTitle) { var x = document.getElementsByTagName("LI"); for (i = 0; ...

  8. 零成本实现接口自动化测试 – Java+TestNG 测试Restful service

    接口自动化测试 – Java+TestNG 测试 Restful Web Service 关键词:基于Rest的Web服务,接口自动化测试,数据驱动测试,测试Restful Web Service, ...

  9. php 通过PATH_SEPARATOR判断当前服务器系统类型

    PATH_SEPARATOR是php中的一个预定义常量,我们可以直接echo这个常量,在linux系统中,该常量输出":",在windows系统中,该常量输出";&quo ...

  10. Android——getSystemService

    android的后台运行在很多service,它们在系统启动时被SystemServer开启,支持系统的正常工作,比如MountService监 听是否有SD卡安装及移除,ClipboardServi ...