Morning.
So I'm having some issues with a new setup.
I've gone and upgraded my forensic desktop after a crash to Windows 8 (from Win 7 - full format and install)
However, I'm having some issues that I didn't have (and don't have on my second machine running 7)
First one I noticed yesterday, when trying to click anything in the IEF Preview as its doing its scan it craps out. (v6.5)
Crash report
Timestamp 04/01/2015 112731
Operating System Microsoft Windows NT 6.2.9200.0
IEF Report Viewer Version 6.5.0.0640
.NET Version 4.0.30319.34209
Installed Languages
English (United Kingdom)
Current Locale en-GB
Exception This WebView has already been destroyed.
at EO.WebBrowser.WebView.r()
at EO.WebBrowser.WebView.LoadHtml(String html, String baseUrl)
at Magnet.Presentation.CaseAnalysis.Iefrv.ArtifactSelectorView.set_CurrentSelectionHtml(String value)
at Magnet.Presentation.CaseAnalysis.Iefrv.ArtifactSelectorView.ListController_CurrentArtifactTypeChanged(Object sender, EventArgs e)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at Magnet.Application.CaseAnalysis.Iefrv.ArtifactListController.OnCurrentArtifactTypeChanged(String artifactType)
at Magnet.Application.CaseAnalysis.Iefrv.ArtifactListController.set_CurrentArtifactType(String value)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at Magnet.Presentation.CaseAnalysis.Iefrv.ArtifactTypeListView.LvArtifactTypes_MouseClick(Object sender, MouseEventArgs e)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at Magnet.Iefrv.Program.Main() in File0line 73
Second issue is with EnCase v6.19.7 (I know, I know, its old school)
I'm not getting any mapped drives in my browser when I try to export, I can just see my C\
I'm pretty sure Windows 8 is based on the same(ish) architecture as 7 and should be fully backwards compatible so I'm not sure if its a Windows or Forensic Software issue?
If anybody else if using 8 could you please confirm if there are any known issues!
Thanks.
4R
I can't comment on the IEF issue, sorry, but what I did notice with Windows 8 and EnCase 6.19.7 (it's old but still better than 7!) was that the Physical Disk Emulator stopped working altogether.
I also haven't tried running IEF on Windows 8.1 (or any other forensic tool for that matter). Windows 8 and Windows 7 are different enough to give forensic software fits.
That said, IEF is supposed to support running on Windows 8. Give Magnet a call and see if they can help you.
do you mean windows 8.0 or 8.1? why would you go with 8.0? get 8.1
with that said, i do all my dev work and forensics on windows 8.1 and have not had any issues.
what else is on the machine? anti virus, etc