Which of the following is a methodology for recovering evidence from USB devices?

AccessData's FTK Imager is designed specifically for creating forensic images of data contained in various types of storage devices, including USB devices. Its primary function is to allow forensic investigators to capture bit-for-bit copies of data, ensuring that all data, including deleted files, is preserved for analysis. This tool also enables users to examine and recover file systems, thus providing a comprehensive methodology for evidence recovery.

The other options do not specialize in forensic data recovery. Anti-virus software is focused on detecting and removing malware, while file compression tools are used to reduce file sizes and do not provide forensic capabilities. Document editing applications are designed for creating and modifying files and would not be relevant in a forensic context.