Last week my friend told me that she made a terrible mistake. She conducted raw serch and found no search hits within M$ docx files. She did not know what's wrong in the first place until her clients told her that some words actually exist in those docx files...She exported those docx files and examine them very carefully. Yes she found those wors exactly the same with keywords.

She asked me what's going on with EnCase raw search. Why no search hits in docx files...I show her how to conduct raw search on compound files as below:

1. Run EnScript: File-Mounter so you could expand compound files

2. Choose file type: docx

3. Now you could see those docx files become volume with xml files

4. Conduct raw search and you could see search hits inside docx files now

I told her that Forensic is a strict science and she should double check the search results again to make sure she won't make any mistakes. In Court we swear that the evidence that we shall give, shall be the truth, the whole truth and nothing but the truth. I suggest her to re-examine at those evidence and forensic reports she signed in recent years, and see if any wrong with raw search in compound files.

How to search compound files的更多相关文章

  1. EnCase v7 search hits in compound files?

    I used to conduct raw search in EnCase v6, and I'd like to see if EnCase v7 raw search could hit key ...

  2. Python开发环境Wing IDE之Search in Files工具详解

    Search in Files工具是Wing IDE中最强大的搜索选项.它支持磁盘.项目,打开编辑器,或其它文件集的多文件批量搜索.它还可以使用通配符搜索,并可以做基于正则表达式的搜索/替换. 建议用 ...

  3. Everything search syntax

    Operators: space AND | OR ! NOT < > Grouping " " Search for an exact phrase. Wildcar ...

  4. Inplace Search on document libraries and lists is not working

    [http://sharepointfarmer.com/inplace-search-on-document-libraries-and-lists-is-not-working/] I ran i ...

  5. Javascript > Eclipse > problems encountered during text search

    Reproduce: Ctrl + H, Select "File Search", will encounter eclipse kinds of bug/error alert ...

  6. 42 Bing Search Engine Hacks

    42 Bing Search Engine Hacks November 13, 2010 By Ivan Remember Bing, the search engine Microsoft lau ...

  7. lucene原理及源码解析--核心类

    马云说:大家还没搞清PC时代的时候,移动互联网来了,还没搞清移动互联网的时候,大数据时代来了. 然而,我看到的是:在PC时代搞PC的,移动互联网时代搞移动互联网的,大数据时代搞大数据的,都是同一伙儿人 ...

  8. 简单编写Makefile

    相信很多朋友都有过这样的经历,看着开源项目中好几页的makefile文件,不知所云.在日常学习和工作中,也有意无意的去回避makefile,能改就不写,能用ide就用ide.其实makefile并没有 ...

  9. grep 命令过滤配置文件中的注释和空行

    grep 用法 Usage: grep [OPTION]... PATTERN [FILE]... Search for PATTERN in each FILE or standard input. ...

随机推荐

  1. android xml操作

    import java.io.FileInputStream; import java.io.FileOutputStream; import java.util.ArrayList; import ...

  2. python第一个hello world注意问题!!

    如果你第一次写python代码,想写一个通常的hello world ,那么你需要注意这个hello world的写法,这和python的版本有直接关系!!! Python 3.x: print('h ...

  3. SQL 优化原则

    一.问题的提出 在应用系统开发初期,由于开发数据库数据比较少,对于查询SQL语句,复杂视图的的编写等体会不出SQL语句各种写法的性能优劣,但是如果将应用 系统提交实际应用后,随着数据库中数据的增加,系 ...

  4. 配置webstorm使用supervisor时出现 /usr/bin/env: node: 没有那个文件或目录 解决方法

    配置好supervisor路径后 出现了 启动时出现了 /usr/bin/env: node: 没有那个文件或目录 需要讲.nvm下的node链接到, /usr/bin/目录下 sudo ln -s ...

  5. SQLServer 2008以上误操作数据库恢复方法——日志尾部备份(转)

    问题: 经常看到有人误删数据,或者误操作,特别是update和delete的时候没有加where,然后就喊爹喊娘了.人非圣贤孰能无过,做错可以理解,但不能纵容,这个以后再说,现在先来解决问题. 遇到这 ...

  6. [Flex] ButtonBar系列——flex3 ButtonBar样式之颜色的填充

    <?xml version="1.0" encoding="utf-8"?> <mx:Application xmlns:mx="h ...

  7. 防止重复发送 Ajax 请求

    作者:长天之云链接:http://www.zhihu.com/question/19805411/answer/15465427来源:知乎 不推荐用外部变量锁定或修改按钮状态的方式,因为那样比较难: ...

  8. 针对android方法数64k的限制,square做出的努力。精简protobuf

    1.早期的Dalvik VM内部使用short类型变量来标识方法的id,dex限制了程序的最大方法数是65535,如果超过最大限制,无法编译,把dex.force.jumbo=true添加到proje ...

  9. 10G之后统计信息收集后为什么执行计划不会被立马淘汰

    在10G之前,使用DBMS_STATS收集统计信息将会导致与此对象相关的游标失效,下次执行此 的时候将会进行HARD PARSE,除非收集的时候NO_INVALIDATE设置为TRUE. 由于硬解析会 ...

  10. python 实例属性之单,双下划线

    具体区别看下面例子 class A: def __init__(self,name='Andy'): self._name = name class B: def __init__(self,name ...