Comments on Computer Forensics, Malware Analysis & Digital Investigations: Export files with selected search hits

I know this is an old entry, but revisiting the pr...

2010-11-01T13:25:07.795-07:00

I know this is an old entry, but revisiting the preservation of metadata when using copy/unerase function. If I tag the search hits and right-click on copy/unerase, all three dates (I'm on Windows 7) are preserved?

Lance, Have you seen any similar EnScripts that wi...

2010-08-09T11:45:03.158-07:00

Lance,
Have you seen any similar EnScripts that will do the same for items in the Records tag? I'm looking for a way to highlight search hits and then flag the entry in Records so these can be exported to msg.

Anonymous, Thanks for your comments. This EnScrip...

2009-10-12T08:10:46.595-07:00

Anonymous,

Thanks for your comments. This EnScript was never designed to preserve the original modified dates, although it can easily be done. EnCase does not preserve them by default when using "copy/unerase" feature either, but that option is available in the EnScript language.

Hi, just wanted to retract my suggestion above as ...

2009-10-11T21:06:54.392-07:00

Hi, just wanted to retract my suggestion above as I have just realised that the bug is not with your script but with EnCase. So far I have found that version 6.13 and 6.14 does not preserve the Last Modified date when exporting files.

Great script. The only suggestion I have is that t...

2009-10-11T18:00:38.524-07:00

Great script. The only suggestion I have is that the script maintains the date/time stamps of the file that it exports. I've exported a number of files from a case using the script and the Last Modified and File Created date are updated to the data and time the file was exported.

Very nice job Lance (& Scott) - This Enscript ...

2009-04-07T22:08:00.000-07:00

Very nice job Lance (& Scott) - This Enscript is a great time saver!

2009-04-07T22:07:00.000-07:00

This comment has been removed by the author.