Version 1.2 of LOG-MD-Free Edition has been released adding the following features:
- AutoRuns Report - Compare a baseline autoruns to a suspect autoruns report using tools like WinMerge or Notepad++ to find new and potentially malicious AutoRuns.
- Locked Files Report - Look for locked binaries trying to hide from other security tools and the process locking them so you can unhook the handle and clean the system! Compare a baseline locked file report to a suspect system using tools like WinMerge or NotePad++, or just parse the file for .EXE, DLL, .BAT, .CMD, .PS1, .VBS, etc.
- DNS Client Event logs are now an option to be collected. Gather that DNS info for potential blocking or further investigation of suspect domains.
- Minor bug fixes
- Updated Quick Start Guides
Watch our videos to help you learn about LOG-MD, what it can do, and actual Malware Discovery hunting using LOG-MD, including so called "Fileless or non-malware malware"