remove the wrong tag

[geminusbc]

Hello. I would kindly like to untag some wrong bookmarks any ideas?! Kindest regards,

[rcordovano]

Assuming you are using Autopsy 3.1.0 or later, you can use the tree view to navigate to the Bookmark tags you want to remove (e.g., Tags, Bookmark, File Tags). You can then select one or more tags in the "upper right" table view, right click, and select "Delete Tag(s)" from the pop up (context) menu.

On Wed, Feb 22, 2017 at 1:12 PM, geminusbc notifications@github.com wrote:

Hello. I would kindly like to untag some wrong bookmarks any ideas?! Kindest regards,

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/sleuthkit/autopsy/issues/2535, or mute the thread https://github.com/notifications/unsubscribe-auth/ABolxcCZ1mxgIBdOlumI8EH0dQcJA5GLks5rfHqZgaJpZM4MI_3K .

[rcordovano]

Please provide a more clear explanation of the problem you are trying to solve and as the tech lead for Autopsy development and customization for Basis Technology I will be happy to try to provide an answer that you do not consider to be "bullshit." Also, please note that I have direct access to my boss, Brian Carrier, so his resources can be brought to bear on your question as well if needed, once the problem you are trying to solve is clearly understood.

Respectfully, Richard Cordovano Autopsy/Autopsy Customization Team Lead Director of Engineering, Digital Forensics Basis Technology

On Thu, Feb 23, 2017 at 12:13 PM, geminusbc notifications@github.com wrote:

Actually you're talking bullshit and I am using Autopsy 4.3.0. Such a wonderful tool such a waste of time sometimes..

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/sleuthkit/autopsy/issues/2535#issuecomment-282057289, or mute the thread https://github.com/notifications/unsubscribe-auth/ABolxSxUfIFCS1O3Wct2uZYjys1_FH6kks5rfb5WgaJpZM4MI_3K .

[geminusbc]

Hello mate, Really have to apologize.as I am really really under pressure. On the other hand I feel so happy you're working for Basis Technology as I will be able to rise any particular question straight to the company. without wasting anyone's time. I will try to send some screenshots today just to make myself clearly understood. I do appreciate though your quick response. Kindest respects, Ciprian L Cazanel

http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Virus-free. www.avg.com http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On 23 February 2017 at 17:47, Richard Cordovano notifications@github.com wrote:

Please provide a more clear explanation of the problem you are trying to solve and as the tech lead for Autopsy development and customization for Basis Technology I will be happy to try to provide an answer that you do not consider to be "bullshit." Also, please note that I have direct access to my boss, Brian Carrier, so his resources can be brought to bear on your question as well if needed, once the problem you are trying to solve is clearly understood.

Respectfully, Richard Cordovano Autopsy/Autopsy Customization Team Lead Director of Engineering, Digital Forensics Basis Technology

On Thu, Feb 23, 2017 at 12:13 PM, geminusbc notifications@github.com wrote:

Actually you're talking bullshit and I am using Autopsy 4.3.0. Such a wonderful tool such a waste of time sometimes..

— You are receiving this because you commented. Reply to this email directly, view it on GitHub <https://github.com/sleuthkit/autopsy/issues/2535#issuecomment-282057289 , or mute the thread https://github.com/notifications/unsubscribe-auth/ ABolxSxUfIFCS1O3Wct2uZYjys1_FH6kks5rfb5WgaJpZM4MI_3K .

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/sleuthkit/autopsy/issues/2535#issuecomment-282066787, or mute the thread https://github.com/notifications/unsubscribe-auth/AWa1GhrboCKO3nCG-vLmcyS_OjzGT5Zjks5rfcY_gaJpZM4MI_3K .

[geminusbc]

[image: Inline images 1]

I. I really do consider it that you should find a way to cancel/delete any accidentally bookmarked artifacts. And I am talking about the structure in the upper right.It is pretty difficult for me while processing ,going every single time onto the bookmarked tags.(down left) instead of right clicking it and delete it. I also have to mention that sometimes deleting the bookmark will not work. II. I am also concerned i n terms of modules flexibility about registry viewer. The Windows registry module will fail installing on Autopsy 4.30 III. Also have to consider HPA/DCO concepts.I would suggest you to be more constructive. Nearly beating FTK /OS forensics and i will have to thank you for that. Best of my regards

I will be more than happy to send you my other colleagues feedback whenever possible.

http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Virus-free. www.avg.com http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail <#m_5108572328788314423_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

[rcordovano]

"I. I really do consider it that you should find a way to cancel/delete any accidentally bookmarked artifacts. And I am talking about the structure in the upper right.It is pretty difficult for me while processing ,going every single time onto the bookmarked tags.(down left) instead of right clicking it and delete it."

I'm sorry to say that your screen shots did not make it through. However, I think I have figured out what you are asking for - you would like to be able to delete a tag by right clicking on the tagged artifact or file whenever it is in the results viewers on the right hand side, rather than navigating through the tags tree, right? That sounds like a good idea to me. I will reopen this issue until we can schedule someone to add this capability.

"I also have to mention that sometimes deleting the bookmark will not work."

We have not encountered this problem. If you have any more information about the conditions under which you experience this problem, we will work try to reproduce the problem and debug it.

"II. I am also concerned i n terms of modules flexibility about registry viewer. The Windows registry module will fail installing on Autopsy 4.30"

Are you saying that something is going wrong with the recent activity ingest module? It uses a copy of RegRipper bundled with Autopsy for Windows registry file parsing. Is the Autopsy installer failing to install RegRipper on your system? Is the recent activity module failing to start up when you run the ingest (analysis) modules? Once we understand the nature of this problem, we will work try to reproduce it and debug it.

Best Regards, Richard Cordovano Autopsy/Autopsy Customization Team Lead Director of Engineering, Digital Forensics Basis Technology