AppCheck v2.5.46.2 Released (21. May . 2020) Website / Download: https://www.checkmal.com/download/AppCheckSetup.exe
AppCheck v2.5.47.1 Released (02. June. 2020) Website / Download: https://www.checkmal.com/download/AppCheckSetup.exe
AppCheck v2.5.48.3 Released (21. Jul. 2020) Website / Download: https://www.checkmal.com/download/AppCheckSetup.exe Spoiler: Changes v2.5.48.3 Version 2.5.48.3 (21. Jul. 2020. 05:00 UTC) Improved RansomGuard detection Improved ExploitGuard detection Improved Ransom Shelter function Improved appcheck update in certain Windows account permissions Added system boot file (bootmgr) protection Improved stability of policy file (policy.pol) Added option to enable "SMB Allow/Block List" (AppCheck Pro for Windows server trial (15 days)) Improved false positive detections.
AppCheck v2.5.49.1 Released (19. Aug. 2020) Website / Download: https://www.checkmal.com/download/AppCheckSetup.exe Spoiler: Changes v2.5.49.1 Version 2.5.49.1 (19. Aug. 2020. 04:00 UTC) Improved Ransomware detection and rollback process. Improved ExploitGuard detection. Improved Ransom Shelter function. Improved detection log Fixed crash AppCheck.exe (User Interface) process when detect long filename. Add a file extension list for protection (.efi). Other minor improvement. Improved false positive detections.
can it be run alongside main AV? also can I disable outbound connection if I opted out for sending anonymous files or the outbound is needed for something (appacheck.exe) also which exe is needed to connect for updating the soft
I suppose that depends on what the "main AV" is although I'm sure it's the developer's mission is all of them that be. I've been using AppCheck Pro since it came out on three systems; no issues with Defender on WIn10 or MSE on Win7. I can't report on the free version if that's the "it" you're inquiring about. These are the connections I've logged as of late: appcheck.exe - anti-ransomware appchecks.exe - anti-ransomware service appechecksetup.exe - installer appcheckupdate.exe - updater An exe used during updating: c:\users\user\appdata\local\temp\~nsua.tmp\un_a.exe My connections as of the most recent update have been to checkmal.com, 1e100.net and phicdn.net. There are options to disable "send suspicious files upon detection" and "use Auto Update" which I've done for both. I use its "check for updates" to do it manually. I've disabled its Exploit Guard as I run MBAE. Cheers.
thank you for your exhaustive answer hej I noticed the program does make backup folders on USB devices despite the license saying it does not support USB protection in free mode any clarification on this? in case of ransomware attack my files on USB will be recoverable after the attack if I pay the full subscription?
AppCheck v2.5.51.4 Released (2. Nov. 2020) Website / Download: https://www.checkmal.com/download/AppCheckSetup.exe Spoiler: Changes v2.5.51.4 Version 2.5.51.4 (2. Nov. 2020. 05:00 UTC) User Interface Improvements Changes of AppCheck Tools UI changes on RansomGuard Option and fixed errors Improved RansomShelter functionality and options Fixed an issue where open files were not backed up during auto-backup. Fixed where files added to whitelist backed up to the RansomShelter. Fixed real-time protection issue when registering genuine products in the trial version of AppCheck Server. Changed CMS log transmission quantity for stability. Fixed specific registry is not removed while removing AppCheck through CMS. Improved False Postives
Sorry, your #616 slipped by my notice. "Backup(AppCheck)" folders are used by the Ransom Guard service; they're the "RansomShelter" folders. So, your USB files are protected. Folders named "AutoBackup(AppCheck)" are created when "Use Automatic Backup" is enabled and configured in the Pro version. You shouldn't have any of those in the free version unless they might be leftover from the trial version - I don't know if those get deleted when the trial expires. According to the CheckMal web site: "AppCheck Pro provides additional protection through flexible scheduled backup of user specified folder or files." That should read, "folders." One might assume files in that folder are offered protection from attack. Cheers.
AppCheck v2.5.51.5 Released (11. Nov. 2020) Website / Download: https://www.checkmal.com/download/AppCheckSetup.exe
Thanks for the info. The devs are currently making a new user guide for the latest version and they say it will be out soon.
Cool, because lately I have been wondering about certain features. But anyway, I have recently upgraded to the newest version, and after that my desktop (Win 8.1) became unstable. I noticed that Vivaldi started to crash twice in a week which never happens, and my computer even blue screened. I can't say for sure it was AppCheck that was causing the problem, but since I downgraded the system is stable again. Also, it seems like after the AppCheck upgrade a lot of space on my SSD (about 4GB) disappeared? Not sure what's going on, but newer isn't always better, that's for sure.
If your system turned blue, then a MEMORY.DMP dump file of several gigabytes in size was created in it, you can easily delete it without consequences. Look for this file in C:\Windows, C:\Windows\Minidump, C:\Windows \LiveKernelReports But first launch BlueScreenView https://www.nirsoft.net/utils/blue_screen_view.html or WhoCrashed https://www.resplendence.com/whocrashed.htm and there will be information about what caused the blue screen.
I am using also the latest version AppCheck v2.5.51.5 here but I am not using Vivaldi. A pal had issues with Vivaldi crashing with ver3.1 but this was when he updated to Win 10 (2004). I am using Win 10 1809 in the partition with AppCheck Pro. Will update the partition by next week if things will clear-up here. Is your bsod related to this? this ? I sent this thread link to AppCheck seeking that they reply so members can get help. You may need to send the mem dump to CheckMAL as aldist stated. https://imgpile.com/images/uQsbVE.png
Well, as it turns out, on the day I posted that (of course), with the release of version 2.5.51.4, the "Improved RansomShelter functionality and options," it seems the "Backup(AppCheck)" folders scheme has been replaced. Where RansomShelter settings existed under the Ransom Guard tab, it's now got its own tab: <NEW OLD> A "Protective Shelter" exists in C:\ProgramData\CheckMAL\AppCheck\RansomShelter wherein there's a Device folder containing numbered HarddiskVolumeXX folders where the sheltered data is stored. Only by opening a volume folder can I discover, by folder names, etc., which partition or device is serviced by that specifically numbered folder. That's my environment; the contents of your RansomShelter folder might differ. I discovered I no longer have "Backup(AppCheck)" folders on my partitions and devices. Except for one on C: which is weird; it's dated 11/3 and contains only an AppData Local Temp folder for 8GadgetPackGadgets dated 2/8 which no longer exists on C:. I've got support ticket in with CheckMal about that apparent anomaly. I also inquired if there would be any advantage to relocating the RansomShelter folder to a different partition or an external drive. Personally, I'm not wild about the default location. UPDATE: Here's what support said: They didn't comment on the presence of the leftover (?) "Backup(AppCheck)" folder on my C: drive, but I just deleted it without issue. "set it up at D:\ before using it," doesn't make sense. I'm just going to change to D:\RansomShelter. Of course, D: within this context means "another partition." Note: once the change is done, Real-Time Protection needs to be temporarily disabled to delete the previous RansomShelter folder on C:
Thanks for the feedback guys. Will check it out, but sometimes it also depends on the machine, perhaps the newest AppCheck isn't compatible with my other security software, but not a big deal.
Yes, I confirm that. The Ransomware Shelter default route is now integrated into one folder, "C:\ProgramData\CheckMAL\AppCheck\RansomShelter" This was also stated by AppCheck support when I asked them last week. Images below are from 2.5.51.5 https://i.postimg.cc/rsG4b637/ransomware-shelter.png https://i.postimg.cc/5yQ7FtHL/2-5-51-5.png