LOG-MD Free Edition is for everyone. Basic features to help all users harvest valuable log events and baseline files and registry and compare them on suspect systems or your malware lab. LOG-MD Free Edition includes the following features:
Audit the system log settings with a PASS/FAIL
Bypass minimum audit log compliance requirements in order to harvest logs that are enabled and collecting, even if system is non-compliant to the Windows Logging Cheat Sheet
PowerShell version and audit log settings information
Create a report of audit settings
Guide you to enable and configure needed audit log settings required by LOG-MD
Harvest security related log events
a. Creates 16 detailed reports
7. Command line summary and detailed WhoIs lookups if IPv4 addresses
8. File system hash baseline of all system files
9. Compare the system files against a baseline and create a report of differences
a. Compare good file system hashes against a suspect system eliminating known good files
10. Locked Files report to find locked binaries created by malware
11. Baseline the registry
12. Compare the registry against a baseline and create a report of differences
a. Compare a good system registry snapshot against a suspect system eliminating known good keys and values
13. Report of large registry keys hiding malicious scripts and payloads and create a report
14. Report of AutoRuns to discover new or malicious autoruns
15. Report of Running Processes and the modules loaded to discover new or malicious processes and modules
To get started and for help with LOG-MD Free Edition type;
LOG-MD -h
Hashes of the Log-MD.exe Free Edition ver 2.2.1 (July 2019):
MD5: 6ca34e3ee57547f6fdbc06b42407e747
SHA1: 016b4b4e114f47ee46af20fc28c95a3451fecbb7
SHA256: 42bdec4ed42835eb21c088088824e26a26a6a8139d0fcbea0e6c2302a5476250
Log-MD_32bit Free Edition version is no longer support and is only available with LOG-MD-Pro as Microsoft has End-of-Lifed Windows 32bit.
Hashes of the Log-MD.exe Free Edition ver 2.1 (Sept 2018):
MD5: c91bdd8c2f1449d083efacae38f61410
SHA1: 25fbd55664723f28393c6454c7c35ee7df9955b9
SHA256: 196b3419f04665645013615d50143a41091d2aca257df7c6b505698c7d2b09ab
Hashes of the Log-MD_32bit.exe Free Edition ver 2.1 (Sept 2018):
MD5: e6cd9f04255415267be36569fced7fcd
SHA1: 9943ec2c0a94978cf522b640ef85e67cc2ac1bdd
SHA256: 6a21cb2b0e38da180237955ccf43e583d101bdc82907d569b49dafa04bf6a8af
----------------------------------------------------------------------------------------------------------------------------------------
You may also find and verify the latest hashes at: