I and my colleagues have been sending information to you for a long time that there is a problem in Autopsy version 4.11 and new 4.12. In both versions for Window’s 10 and 7 operating systems (we tested these) in the Polish version, the program does not work. After starting the program, you cannot create a new case, open an old case or close this window by pressing the “X” button in the upper right corner. Version 4.10 works fine. The problem occurs regardless of whether the program is installed from your installation package or moved from another computer, and in the 32-bit and 64-bit versions.
In my opinion, there is an error in the program code. Button presses in this window are not supported.
I would like to ask for correction and information, because we work all the time on version 4.10.
I had a similar problem , solved uninstalling also ALL Autopsy 3rd Party Modules.
Just my 2 cents
Hope this helps.
Were you able to reinstall the 3rd party modules and get everything to work?
In my previous Autopsy installation I had many autopsy 3rd party modules addins installed.
Now I’ve installed only a limited subset
Thank you for your help, but the program that starts right after the installation hangs. We do not have any external modules installed.
Hello! I had a problem with the opportunity to reply to the forum, but it seems that everything is already working.
We tried to install 4.11 on many computers, but it did not work on any. I thought 4.12 would be fixed, but it still doesn’t work despite uninstalling from device 4.10.
I don’t understand what you suggest when writing about “many autopsy 3rd party modules”. If 4.10 worked, what should I uninstall?
I will add!
I have reinstalled version 4.10 and it is working correctly. Help!
I use Autopsy 4.11 and 4.12 with Windows 10 Pro in polish version and it runs fine. Are you using the current version of Windows and Java? Maybe here is the problem?
If the problem were only with me, I could think about it, but we have a problem on many computers, also used by my colleagues. As for my computer I’m writing from, I’m absolutely sure that I have the latest JAVA version and the current WINDOW’s version. So that’s not the problem. I was thinking if the antivirus program is to blame, but different computers work on each computer.
From my point of view, it looks as if the events in the AUTOPSY opening window were simply not handled. The program must be canceled. However, after reinstallation version 4.10 works. It’s very intriguing.
I’m still trying to solve the problem. The expectations chain analysis passed the message (PID: 14444): “At least one thread of the autopsy64.exe process is waiting for the input / output operation to be completed.” In the Windows / System log, I found that programn triggers the message: "According to the settings of the permissions specific to the application, no Local Activation permission is granted to the COM server application with the CLSID class identifier
{2593F8B9-4EAF-457c-B68A-50F6B8EA6B54}
and the APPID application ID
{} 15C20B67-12E7-4BB6-92BB-7AFF07997402
DESKTOP-FVQ54TH \ Dell user with the SID security identifier (S-1-5-21-154221264-513886638-3241479391-1001) from the LocalHost address (using LRPC) running in the application container with the SID identifier Not Available (Not Available). This security permission can be modified using the Component Services administration tool. "This may help someone solve the problem. I would like to inform you that I run the program from an administrator account and as an administrator.
More! The Windows Troubleshooter sends a message saying that Autopsy64 is not compatible with Windows.
Further investigation!
It appears that AUTOPSY does not work on those computers where the older version was installed. Also if the older version was uninstalled before installing 4.12. At home I have 4.10 installed and it was the first AUTOPSY on this machine because I bought a new computer. At work on one computer I have 4.91 and it is impossible to start even 4.10. On the second computer I have 4.10 and 4.11 and 4.12 cannot be installed. My friend has the same thing.
Today we were analyzing the situation. At the moment, it seems to us that there is a branch in the registry when uninstalling. She is trying to redirect the new version to the directory with the old version at launch, and since there is nothing there, it hangs. But this is just a loose assumption to examine. Maybe someone will come up with something.
Hello again! I installed 4.10 on another computer where AUTOPSY 4.9.1 is and is working. This is WINDOWS 7 64 bit. Here, an attempt to enable 4.10 leads to the message: “JVM creation failed”. I install and enable from an administrator account. 4.9.1 works correctly. Any ideas?
820/5000
Hello!
How to check if external modules have been installed for AUTOPSY? I don’t remember doing anything like that, but I don’t see a way anywhere to check if any additional module is installed.
The only custom setting I changed was the other logo - Options / praktations / Specify logo. I doubt that would be a problem.
In “Plugins / Instaled” besides Autopsy I have 10: KeywordSearch, Recent Activity and other similar things. But the “Uninstal” option for them is disabled. I do not remember that I would install something and I think it was installed at the time of installation in the package.
Three of these ten have the following indicated: “Source: Ant”. Is this about? It’s: “Ident Api”, “TestNG”, “JUnit”. The last two are inactive and you cannot enable their activity. None can be uninstalled.
Any ideas? How do I uninstall those add-ons that have inactive uninstallation?
You have successfully installed version 4.12 32 bit on one computer on Windows 7 64 bit. But moving this directory to another computer still causes an error.
I keep fighting the problem. I did everything that was written at https://wiki.sleuthkit.org/index.php?title=Autopsy_3_Troubleshooting. While it was successful on a computer in WINDOWS 7, it still doesn’t work on Windows 10 - 64 bit. For me, there is no C: \ Users \ USERNAME \ AppData \ Roaming \ .autopsy \ dev \ config \ Modules, for which you suggest removing it. I removed the v: C: \ Users \ USERNAME \ AppData \ Roaming \ .autopsy \ directory and after restarting Autopsy it has been re-created, but the program still does not work. Any other ideas?
Damm even I am having a similar kind of issue, I have searched all over the internet and even have posted on number of threads on different forum, no solution seems to work. I am really frustrated, can anyone of you here help me resolve this issue, I am very much tired now.
Hi, Microsoft implemented a security feature in the Windows 10 Pro version. Which block certain applications from writing to specific directories, when trying to use Autopsy the last few days for an analysis, the application was stoped by this security measure.
This feature does this for many application on the system, when on its own services. I dont know if this is the issue at this moment in time.
I have issue but with autopsy windows. I have Windows 8.1 .I download and run autopsy, but its blank, new case window don’t appear.Kindly tell me any solution.
Hi, I was having issues on 4.18 and I got mine working. So, I did a fresh install on a different computer. I didn’t try to up the core count for processing. I’ve got 20 cores and 32g of ram in the workstation and if you try to up things to make them run faster it’ll hurt performance. Try using the CCleaner registry tool after a uninstall and restart on the OS. I’m running windows 10 64bit.
I thought last night it was hanging up but I made a .vdk backup to work with as an image. It took literally almost 12hours to run and maxed out my ram. I let it run overnight and it’s analyzing files as I am typing this. Just run it as the program without the third-party apps because I tried that and it hung up on me too.
If you don’t want to run on a live file system then I would not make the backup using this program. I would instead make a bit for bit copy and use the copy separately or, you could go back and run the program after the .vdk live copy is done.
I would like to point out as above that a 1tb drive took 12hrs+ for just the copy function to work.