Last week my friend told me that she made a terrible mistake. She conducted raw serch and found no search hits within M$ docx files. She did not know what's wrong in the first place until her clients told her that some words actually exist in those docx files...She exported those docx files and examine them very carefully. Yes she found those wors exactly the same with keywords.

She asked me what's going on with EnCase raw search. Why no search hits in docx files...I show her how to conduct raw search on compound files as below:

1. Run EnScript: File-Mounter so you could expand compound files

2. Choose file type: docx

3. Now you could see those docx files become volume with xml files

4. Conduct raw search and you could see search hits inside docx files now

I told her that Forensic is a strict science and she should double check the search results again to make sure she won't make any mistakes. In Court we swear that the evidence that we shall give, shall be the truth, the whole truth and nothing but the truth. I suggest her to re-examine at those evidence and forensic reports she signed in recent years, and see if any wrong with raw search in compound files.

How to search compound files的更多相关文章

  1. EnCase v7 search hits in compound files?

    I used to conduct raw search in EnCase v6, and I'd like to see if EnCase v7 raw search could hit key ...

  2. Python开发环境Wing IDE之Search in Files工具详解

    Search in Files工具是Wing IDE中最强大的搜索选项.它支持磁盘.项目,打开编辑器,或其它文件集的多文件批量搜索.它还可以使用通配符搜索,并可以做基于正则表达式的搜索/替换. 建议用 ...

  3. Everything search syntax

    Operators: space AND | OR ! NOT < > Grouping " " Search for an exact phrase. Wildcar ...

  4. Inplace Search on document libraries and lists is not working

    [http://sharepointfarmer.com/inplace-search-on-document-libraries-and-lists-is-not-working/] I ran i ...

  5. Javascript > Eclipse > problems encountered during text search

    Reproduce: Ctrl + H, Select "File Search", will encounter eclipse kinds of bug/error alert ...

  6. 42 Bing Search Engine Hacks

    42 Bing Search Engine Hacks November 13, 2010 By Ivan Remember Bing, the search engine Microsoft lau ...

  7. lucene原理及源码解析--核心类

    马云说:大家还没搞清PC时代的时候,移动互联网来了,还没搞清移动互联网的时候,大数据时代来了. 然而,我看到的是:在PC时代搞PC的,移动互联网时代搞移动互联网的,大数据时代搞大数据的,都是同一伙儿人 ...

  8. 简单编写Makefile

    相信很多朋友都有过这样的经历,看着开源项目中好几页的makefile文件,不知所云.在日常学习和工作中,也有意无意的去回避makefile,能改就不写,能用ide就用ide.其实makefile并没有 ...

  9. grep 命令过滤配置文件中的注释和空行

    grep 用法 Usage: grep [OPTION]... PATTERN [FILE]... Search for PATTERN in each FILE or standard input. ...

随机推荐

  1. HTML5与HTML4的区别

    一.推出的理由及目标 web浏览器之间的兼容性很低 文档结构不够明确 web应用程序的功能受到了限制 二.语法的改变 内容类型 文件扩展名html htm  内容类型 texthtml   二者不变 ...

  2. RabbitMQ介绍2 - AMQP协议

    这一节介绍RabbitMQ的一些概念,当然也是AMQP协议的概念.官方网站也有详细解释,包括协议的命令: http://www.rabbitmq.com/tutorials/amqp-concepts ...

  3. js实现的新闻列表垂直滚动实现详解

    js实现的新闻列表垂直滚动实现详解:新闻列表垂直滚动效果在大量的网站都有应用,有点自然是不言而喻的,首先由于网页的空间有限,使用滚动代码可以使用最小的空间提供更多的信息量,还有让网页有了动态的效果,更 ...

  4. nfs不能自动mount(转载)

    From:http://www.wenzizone.com/2009/08/14/nfs_can_not_automount_supplementary.html 手动挂载nfs没有问题,说明port ...

  5. Opensturt和Struct区别

    1 OpenStruct和Struct区别,Opestruct你需要创建时,直接给属性赋值,而Struct需要先定义属性后 ,再给属性赋值.选择哪个就看你对属性赋值的时机, 2 Struct和Open ...

  6. ASP.NET优化

    源地址:http://www.cnblogs.com/wangjingblogs/archive/2013/02/27/2934706.html http://jingyan.baidu.com/ar ...

  7. DEDE织梦,文章页里的幻灯调用,能调用全部栏目的吗

    arclist 是必须要有 typeid 设置的,如果你没设置,默认是取的当前栏目的 typeid,而首页取到的是 top,所以你强制指定typeid=top就可以了.---------------- ...

  8. [Java] 匿名内部类

    package test.file; import java.io.File; import java.io.FilenameFilter; /** * 匿名的内部类 * @author Frost. ...

  9. django提供xml下载

    def test_file_download(request): wb = export_to_xls() response = HttpResponse() response['Content-Ty ...

  10. hibernate one-to-many many-to-one 双向注解

    建表语句: DROP TABLE IF EXISTS `t_company`; CREATE TABLE `t_company` ( `companyId` ) unsigned NOT NULL A ...