[Vol-users] stings input file format question

I am mystified why I see the following: in one case I get output from strings and the other I get an input file format error. I have tried this with 1.3 and 2.0 and get the same result. It takes 1.3 a looonnngg time to return the error, 2.0 returs the error quickly. I thought the reason may be length, so I broke up the Ypycub offsets into increasingly smaller input files; no success was achived with the smaller input files. I don't see a format difference in these 2 files. The offsets come from an Encase search of 120225b.mem. It is a 458MB WinXPSP3x86 image converted from hiberfil.sys. Vol 1.3 example: The same result is seen with Vol 2.0 The input file is: 357229672:Glows 280642408:Glows 257105340:Glows 113457472:Glows 357230696:Glows C:\Python27\Volatility-1.3_Beta>python volatility strings -f e:\tests\120225b\IRinfo\120225b.mem -s 120225b_Glows_offsets.txt 357229672 [kernel:df864468 ] Glows 280642408 [1456:45b8368 ] Glows 257105340 [kernel:e1ec1dbc ] Glows 113457472 [1456:2ac0940 ] Glows 357230696 [kernel:df864868 ] Glows ----------------------cut-here------------------------- The input file is: 7744388:Ypycub 10830274:Ypycub 70385414:Ypycub 70918297:Ypycub 70918649:Ypycub 73375514:Ypycub 91390974:Ypycub 104879126:Ypycub 104879154:Ypycub 132968006:Ypycub 215776800:Ypycub 232868024:Ypycub 232869190:Ypycub 237434963:Ypycub 237434991:Ypycub 256642118:Ypycub 285030170:Ypycub 310449659:Ypycub 310449687:Ypycub 314178656:Ypycub 325974496:Ypycub 327972307:Ypycub 327972335:Ypycub 338814062:Ypycub 338814854:Ypycub 339229856:Ypycub 339763304:Ypycub 339763544:Ypycub 339893168:Ypycub 340101984:Ypycub 343215259:Ypycub 343215287:Ypycub 357229759:Ypycub 361836122:Ypycub 367889650:Ypycub 455348611:Ypycub 455348639:Ypycub C:\Python27\Volatility-1.3_Beta>python volatility strings -f e:\tests\120225b\IRinfo\120225b.mem -s 120225b_Ypycub_offsets.txt Usage: strings [options] (see --help) volatility: error: String file format invalid. Thanks for any assistance. Mike