VSS In EnCase
In Encase, I am trying to determine the way to natively view Volume Shadow copies. I have found the enscript, but when reading about it, it says that VSS analysis has native support since 8.07. I have tried right clicking on the entry to view the file structure, but no luck. I cannot seem to find much information about this on the internet either.
EnCase 8.07 has native support for volume shadow copy (as you have mentioned). This can be accessed via the Device Menu for the evidence item.
Load the evidence into Entries
Right Click on the Evidence File (top of the tree pane)
Device -> Analyse Volume Shadow Copies
You should be presented with a dialog that lists each of the Volume Shadows Copies. You can then decided to either recover the full volume, or simply objects that meet certain criteria.
When recovery is completed it should present as a new evidence file/s.
The EnCase Online Help has some detail, however if you have access to Opentext MySupport - the release notes for EnCase 8.07 has more detail and some screenshots
Hope that helps a little