Version 2.2.1 is out! It took us a while because we converted LOG-MD to Unicode to better support foreign language and other Windows API and Unicode characters. This introduced a lot of bugs that had to be fixed to the Unicode format.

With version 2.2 and later the 32bit version of LOG-MD Free Edition is no longer supported. Microsoft has announced it has End-of-Lifed Windows 32bit, so it is now only available to LOG-MD-Professional users on request.

We added several new features:

• Converted all whitelists and settings files to UNICODE to be more compatible with Windows internals

• Converted to using .TMP files to make consumption to log management easier

• Added -a option that runs just the audit check

• Updated -c to be just a configuration check

• Added -99 to harvest all existing log events that LOG-MD harvests (Pro only)

• Added -proc Running Processes and Modules check

• Added -vt so VirusTotal can be run with -ar and -proc (Pro only)

• Added MasterDigest_3rd_Party.txt to store VT and other results separate from the MasterDigest (Pro only)

• Added Report_Remote_Access.csv to record RDP session activity (Pro only)

• Added more user details to Report_User_Activity.csv

• Added Admin tools executing in odd place to Interesting Artifacts report (Pro only)

• Added files with unicode characters to the Interesting Artifacts report (Pro only)

• Added Producer Consumer Ratio (PCR) to the SRUM report (Pro only)

• Separate reports are now created for Autoruns with and without Virustotal (Pro only)

• Updated Quick Start Guide and Manual

• Other minor bugs and improvements, fixed Win 7 Autoruns issue that left out many known locations