I think this app deserves a separate dedicated thread. In time it will get better and better, besides the development team is currently working in an International website for their product. Just out of curiosity I found a new release today, don't know when it came out or changelog, going to investigate further. AppCheck 2.0.0.20 Code: https://www.checkmal.com/download/AppCheckSetup.exe Edit ~ I found changelog webpage by googling it: Release History (changelog) Code: https://www.checkmal.com/page/support/notice/?detail=read&idx=11
They are providing a lot of videos, in which ransomware/malware is dropped on AppCheck. These videos can be found on YT or on CheckMal's website (242 videos )
It seems they do frequent updates for AppCheck. That's cool. Release History (changelog) Code: https://www.checkmal.com/page/support/notice/?detail=read&idx=11
I assume the AppCheck developers are reading postings here, so I make the following suggestion. Submit AppCheck to Malware Research Group for a comparative test against other stand alone anti-ransomware such as HMP-A and the like. MRG has done like tests in the past. Doing so will give added legitimacy to your product by having an AV Lab perform the testing. As an alternative source, A-V Comparatives also performs commissioned comparative testing. They recently performed one for PC-Matic using 1000 ransomware samples.
Yes, at least 5-7 updates per month. I noticed it too. I even found files from Program Files in the backup folder of AppCheck, after modifying some files within Program Files.
itman then I don't understand. please take a peek at my screen shot. I do have the autobackup folder on my c drive but had not ticked it in options.
I just realized this is a new thread on AppCheck .....duh. What happened to this thread? https://www.wilderssecurity.com/threads/interesting-antiransomware-freeware.391031/
As I said in first post. This app deserves its own thread, in my opinion. So please be my guest and comment anything you like.
Boredog- Excellent question. First off, please note that there are 2 versions of AppCheck, the Free and the Pro. I apologize in advance that this answer will be overly extensive! But before I begin, please note that AppCheck does NOT use Honeypots!!! This is a false protection pathway as a great deal of current ransomware would be oblivious to such Pots, thereby screwing the user. Anyway, about AppCheck: 1). The Free version will create the directory "C:\Backup(AppCheck) on the C: drive. 2). The Paid version will create an additional directrory "Wherever\AutoBackup(AppCheck)". I put in the Wherever as the user can specify the drive on which it resides. Now about the C:Backup folder- for this I must refer you to my video, especially at the 1:07 mark. Note that although you did see an initial encryption of some files, they were quickly deleted and that non-encrypted Docs were restored. What was actually occurring was the files trashed were first copied to the Backup(AppCheck) directory, then Appcheck deleted the encrypted versions, then restored the originals. Second- once again refer to my video at the 3:31 and 4:21 mark. You will note here that at 3:31 either the ransomware was too efficiently coded or my VM was too slow to provide the protection seen in the above first case, and we were left with a couple of encrypted files that were not restored. At the 4:21 mark thing happened so fast that although AppCheck deleted the encrypted stuff it was unable to copy the originals so we were left with only 40 files (down from 57). Now as CheckMal realizes that not all ransomware are coded to the same level of efficiency and not all systems are equally fast we get the AutoBackup directory, which is proof from outside malicious manipulation. I will ask you to wait for a few days until I publish the second AC video, but in it is demonstrated how trashed protected files can be manually restored. Finally it is important to realize the goal of AppCheck- It protects that which is actually held for ransom. In other words, it will not protect Adobe PhotoShop Elements itself, but it will protect the Photo of your Grandmother petting your dearly departed cat. One can be re-installed, the other cannot be.
Remarks on how useless AppCheck is as an OS protection tool has been posted many times in the "interesting anti-ransomware freeware" thread. Re-posting these observations and opinions won't add any value on how good or bad AppCheck performs as a DATA protection tool. AppCheck is to be used discussed and evaluated as data damage control program.
For Cruelsister. When you test do you test how else the system is infected, unless something else is protecting it. Kees, can you post your censorship credentials, please
Three bases which you CAN (not SHALL) use to limit risk and impact of security threats Proactive prevention Blacklist, whitelist, HIPS like security programs Damage control IDS honeypots like ransomware free and behavioral blockers like AppCheck (arbitrary sandboxes redirecting/reducing rights also limit possible damage) Disaster recovery Data and image backup and recovery, data replication and emergency fallback centers When you want to start a war against damage control systems as a category, go get yourself a hacksaw and remove the safety belts and airbag out of your car, but don't start a rant against the use and function of damage control systems in this thread, use the other 'interesting anti-ransomware' thread instead (you have already hijacked that one) When you prefer to use disaster recovery or rely solely on your proactive prevention and don't need AppCheck. That is fine and good for you, but it tells everything about you and your setup and nothing on AppCheck as free data damage protection tool, use the 'what is your setup'' or the other 'interesting anti-ransomware' thread instead (you have already hijacked that one)
Actually I do use all three, just ranked differently, so I am going to make one last post, and this is not based on theory but actual testing of real life malware. 1. Does Appcheck do what it says it will. ABSOLUTELY!! 2. But, if your system is protected as in items one or two above you should never see appcheck work. 3. If you should see Appcheck protect your data in real life your system IS INFECTED, and compromised. Your data is safe but your system isn't 4. From some of the changes I've seen real malware make, the only remedial action I'd feel safe with is image restore. NOTE: This applies to all Ransomware protection, not just Appcheck. Bye
Pete Thanks, all points above are true and valid. An airbag might protect its passengers, but after an accident you need to repair your car, no doubt about that point you are making (restoring an image after an infection). I am with you and fully agreeing on this. You have client data on your network, so you like to have risk vectors covered twice (e.g. use both NVT and VS). Seasoned members who are well covered with 1 (e.g. use VoodooShield) and 3 (e.g. use Macrium) can add a layer on a different dimension with AppCheck (2 damage control) to be and feel more secured also. Regards Kees
Hi Kees One of the reasons I wanted to hit that point hard is, I know most of our knowledgeable are well aware of what I am saying, but it's the inexperienced new comer who could look at the thread and see the holy grail. That is my concern. I know you get it. Pete
Actually I would advise inexperienced or novice users stumbling into thread you could do no better than follow cruelsisters videos and opinions for well informed and most importantly UNBIASED reviews on this and other security softwares...Look up her videos on youtube
youtube.com/watch?v=TknEQb6H2Do Courtesy of @cruelsister. Thanks for the video. Do they have an English purchase site yet? I got through the Korean purchase site, but it ends in wanting to install a plugin for payment.
They're currently working on an International website for non-Koreans, a developer who works there told me by email the other day.