#148 no flag set for NTFS encrypted/compressed file.

[oncer oncer surname]

I analize NTFS dd-image content with TSK.
Deal with TSK_FS_FILE instances opened for each found File.
There are a lot of files that are Compressed or Encrypted by NTFS on a partition, and there are no any flag set (i suppose this should be TSK_FS_META_FLAG_COMP set) for such files that indicates on a fact that they are compressed.

Is this correct behavior ?

[Brian Carrier]

Can you provide a sample or more examples? I have an image here with compressed files that are properly taggged. What version of WIndows created the file system?