[code]
# ps aux | grep srch_strings
root     28508  0.0  0.0  16800   336 pts/1    S    11:46   0:00 sh -c '/usr/bin/srch_strings' -a -t d -e l '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc' > '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni'
root     28509  0.0  0.0  16804   464 pts/1    S    11:46   0:00 sh -c '/usr/bin/srch_strings' -a -t d -e l '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc' > '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni'
root     28510 78.9  0.0   6416    84 pts/1    R    11:46  32:37 /usr/bin/srch_strings -a -t d -e l /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc
root     28511 77.0  0.0   6420    88 pts/1    D    11:46  31:50 /usr/bin/srch_strings -a -t d -e l /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc
root     28567  0.0  0.0  11584  1968 pts/10   S+   12:27   0:00 grep --colour=auto srch_strings
[/code]

As I think this says, jobs 28508 and 28509 both cram the unicode strings into the same file:
[code]
/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
[/code]
and while that's not the right thing to be happening, I'm afraid I can't help it, other than wait for both the jobs to finish.

I think it'll be the same output as if only the second job was on. I think I had instances where I had two text files grown by feeding in from same kind of jobs, and I think that the latter job's output is the only one that remains. But we'll see.

Now there was the timeout which I presented previously.

LINK HERE

I canceled it, and moved back, and closed the already seen previous screen with the "Close" button.

And I am taken to the Case Gallery.

Analyze > Keyword Search, in which I Load Unallocated, and enter the search "AVI LIST" (without quotes).

No use. Again the result is immediate and nothing is found.

Will try going back further... and retrace my steps to here again, so I "Close Host" and then "Close Case" and went to the "Main Menu", and went to "Open Case".

Back to the same "Keyword Search of Unallocated Space", with the same search, and same immediate null results.

Shutting the `links -g' altogether with Alt-F4.

Re-issuing:

[code]
links -g http://g5n:9999/31564462051203138502/autopsy &
[/code]

and doing exactly the same, but now the same "Keyword Search of Unallocated Space", with the same search for "AVI LIST" has started and is under way.

I think it's doing what I need of it:

[code]
gbn ~ # cat /mnt/g5n-C/autopsy/g5nCmn/g5n/logs/host.log | tail
Sun May 10 08:51:14 2015: Host g5n opened by miroR
Sun May 10 08:51:25 2015: Image vol1 opened by miroR
Sun May 10 11:17:35 2015: Volume added: strings  vol5 vol4   output/vgn-Cmn-0-0-ext-2.unalloc-blkls.asc
Sun May 10 11:39:25 2015: Volume added: strings  vol6 vol4   output/vgn-Cmn-0-0-ext-2.unalloc-blkls-1.asc
Sun May 10 11:45:45 2015: Volume added: strings  vol7 vol4   output/vgn-Cmn-0-0-ext-2.unalloc-blkls-2.asc
Sun May 10 12:47:11 2015: Volume added: unistrings  vol8 vol4    output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 12:51:13 2015: Volume added: unistrings  vol9 vol4    output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 13:18:14 2015: Host g5n opened by miroR
Sun May 10 13:20:51 2015: Host g5n opened by miroR
Sun May 10 13:20:55 2015: Image vol1 opened by miroR
[/code]

[/code]
gbn ~ # cat /mnt/g5n-C/autopsy/g5nCmn/g5n/logs/miroR.log | tail
Sun May 10 08:52:19 2015: vgn-Cmn-0-0-ext-2.unalloc: Saving ASCII strings to output/vgn-Cmn-0-0-ext-2.unalloc-blkls.asc
Sun May 10 09:02:19 2015: vgn-Cmn-0-0-ext-2.unalloc: Saving ASCII strings to output/vgn-Cmn-0-0-ext-2.unalloc-blkls-1.asc
Sun May 10 09:16:00 2015: vgn-Cmn-0-0-ext-2.unalloc: Saving ASCII strings to output/vgn-Cmn-0-0-ext-2.unalloc-blkls-2.asc
Sun May 10 11:18:18 2015: vgn-Cmn-0-0-ext-2.unalloc: Saving Unicode strings to output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 11:46:08 2015: vgn-Cmn-0-0-ext-2.unalloc: Saving Unicode strings to output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 11:46:08 2015: vgn-Cmn-0-0-ext-2.unalloc: Saving Unicode strings to output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 13:18:14 2015: Host g5n opened
Sun May 10 13:20:51 2015: Host g5n opened
Sun May 10 13:20:55 2015: vol1: volume opened
Sun May 10 13:21:15 2015: vgn-Cmn-0-0-ext-2.unalloc: ASCII, Unicode, search for AVI LIST
[/code]

[code]
gbn ~ # cat /mnt/g5n-C/autopsy/g5nCmn/g5n/logs/miroR.exec.log | tail
Sun May 10 11:18:13 2015: '/usr/bin/md5sum' /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.asc
Sun May 10 11:26:40 2015: '/usr/bin/srch_strings' -a -t d -e l '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc' > '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni'
Sun May 10 11:46:03 2015: '/usr/bin/md5sum' /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls-1.asc
Sun May 10 11:46:03 2015: '/usr/bin/md5sum' /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls-2.asc
Sun May 10 11:46:08 2015: '/usr/bin/srch_strings' -a -t d -e l '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc' > '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni'
Sun May 10 11:46:08 2015: '/usr/bin/srch_strings' -a -t d -e l '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc' > '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni'
Sun May 10 12:47:11 2015: '/usr/bin/md5sum' /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 12:51:13 2015: '/usr/bin/md5sum' /Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls.uni
Sun May 10 13:21:15 2015: '/usr/bin/blkcat' -f ext -s -o 0 -i raw '/Cmn/autopsy/g5nCmn/g5n/images/vgn-Cmn'
Sun May 10 13:21:15 2015: '/bin/grep'  'AVI LIST' '/Cmn/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-blkls-2.asc'
gbn ~ # 
[/code]

And these are the hits; I'm describing and pasting over what Autopsy shows to me:

[code]
Searching for ASCII: Done
Saving: Done
21 hits- link to results
Searching for Unicode: Done
Saving: Done
0 hits

New Search

21 occurrences of AVI LIST were found
Search Options: 
ASCII  
Case Sensitive

-------------------------------------

Unit 8362688 (Hex - Ascii - Original)
1: 8 (AVI LIST~)

Unit 8481440 (Hex - Ascii - Original) 2: 8 (AVI LIST~)

Unit 8512160 (Hex - Ascii - Original) 3: 8 (AVI LIST~)

Unit 9059592 (Hex - Ascii - Original) 4: 8 (AVI LIST~)

Unit 11257501 (Hex - Ascii - Original) 5: 8 (AVI LIST~)

Unit 11269789 (Hex - Ascii - Original) 6: 8 (AVI LIST~)

Unit 11853437 (Hex - Ascii - Original) 7: 8 (AVI LIST~)

Unit 11873917 (Hex - Ascii - Original) 8: 8 (AVI LIST~)

Unit 11894397 (Hex - Ascii - Original) 9: 8 (AVI LIST~)

Unit 11914877 (Hex - Ascii - Original) 10: 8 (AVI LIST~)

Unit 12469631 (Hex - Ascii - Original) 11: 8 (AVI LIST~)

Unit 12566748 (Hex - Ascii - Original) 12: 8 (AVI LIST~)

Unit 12632284 (Hex - Ascii - Original) 13: 8 (AVI LIST~)

Unit 12934223 (Hex - Ascii - Original) 14: 8 (AVI LIST~)

Unit 13076712 (Hex - Ascii - Original) 15: 8 (AVI LIST~)

Unit 13248744 (Hex - Ascii - Original) 16: 8 (AVI LIST~)

Unit 19096265 (Hex - Ascii - Original) 17: 8 (AVI LIST~)

Unit 19099975 (Hex - Ascii - Original) 18: 8 (AVI LIST~)

Unit 19332590 (Hex - Ascii - Original) 19: 8 (AVI LIST2)

Unit 19334555 (Hex - Ascii - Original) 20: 8 (AVI LIST~)

Unit 24152834 (Hex - Ascii - Original) 21: 8 (<*AVI LIST2)

-------------------------------------

AVI LIST was not found
Search Options:  
Unicode  
Case Sensitive
[/code]

And that is apparently corresponding to this file:

[code]
gbn ~ # cat /mnt/g5n-C/autopsy/g5nCmn/g5n/output/vgn-Cmn-0-0-ext-2.unalloc-10.srch 
21||AVI LIST|ascii
8362688|8|AVI LIST~
8481440|8|AVI LIST~
8512160|8|AVI LIST~
9059592|8|AVI LIST~
11257501|8|AVI LIST~
11269789|8|AVI LIST~
11853437|8|AVI LIST~
11873917|8|AVI LIST~
11894397|8|AVI LIST~
11914877|8|AVI LIST~
12469631|8|AVI LIST~
12566748|8|AVI LIST~
12632284|8|AVI LIST~
12934223|8|AVI LIST~
13076712|8|AVI LIST~
13248744|8|AVI LIST~
19096265|8|AVI LIST~
19099975|8|AVI LIST~
19332590|8|AVI LIST2
19334555|8|AVI LIST~
24152834|8|<*AVI LIST2
gbn ~ # 
[/code]

Just, the Autopsy gives me also the links to continue the research and hopefully eventually accomplish the recovery.

Under every "Hex", every "Ascii", and every "Original" there is a link underneath.

Every "Hex" indeed, if followed (tabbed to and Right Arrow'ed on, or, simply, but I like it less: clicked on), shows, each one of them, I suppose, any may check quite a few yet, [shows] lines to the effect of:

[code]
0       52494646 641e0000 41564920 4c495354     RIFF d... AVI  LIST
16      7e010000 6864726c 61766968 38000000     ~... hdrl avih 8...
32      409c0000 00000000 00000000 00090000     @... .... .... ....
[/code]
which is exactly the beginning of an avi file, made, in my case, with mencoder.

The first stage of my journey is done.