AppCheck Anti-Ransomware (AppCheck below) supports Windows 7 (32/64bit) and higher operating system. Installer is integrated into single installer file, and automatically appropriate language by detecting operating system language.
The system scan displays the results of the scan as "safe" or "Infected" through a manual scan of the Ransomware payment instructions file.
If the system is diagnosed as "Dangerous" as a result of the scan, you can click the circle to check the details of the system scan. You can delete and move to quarantine the diagnosed files by clicking the "Remediate All" button.
Real-time protection includes RansomGuard (Ransomware Proactive Defense, RansomShelter, File Destruction Detection, MBR Protection, Netork drive Protection, File Protection in Shared Folders), automatic deletion of files stored in Ransom Shelter, and enable/disable protection on both Ransom Shelter <Backup (AppCheck)> folder and Auto Backup <AutoBackup (AppCheck)> folder.
RansomGuard blocks and remediates the Ransomware encryption behavior and notifies "Ransomware behavior detected" when file encryption behavior has detected.
While Auto Backup feature is independent of Real-time protection, Automatic Backup folder <AutoBackup (AppCheck)> cannot be protected when Real-time protection is disabled.
Depending on Real-time protection is enabled or disabled, the AppCheck icon changes color in the system tray.
MBR Protection enables to protect any alteration process or behavior of Master Boot Record(MBR) and GUID Partition Table(GPT).
The network drive protection feature provided in AppCheck Pro is designed to block(remove) and protect files located in the shared folder connected through the network drive. Files are automatically restored when the file encryption behavior is detected.
Unlike SMB server protection, network drive protection blocks if the ransomware tries to encrypt files in network drive in the AppCheck installed PC.
Note that AppCheck (Free) only blocks the process when ransomware behavior is detected, while AppCheck Pro provides removal.
MBR Protection feature provides protection from Ransomwares and malwares which alters Master Boot Record and interrups booting to Operating System.
This feature supports both GPT and MBR partition systems and availble in AppCheck Pro.
Auto Backup feature is provided in AppCheck Pro. You may configure to periodically backup the folder to designated destination using file history method.
Users can specify backup run for only specific extensions, folders, and exclusions.
Backup destination can be either Local Disk, Network Shared Folder (SMB / CIFS).
In particular, the Auto Backup folder <AutoBackup (AppCheck)> protects your backup files from various file tampering action, including Ransomware..
AppCheck Anti-Ransomware Free has some features limited in Ransom Guard and Auto Backup. Individuals who want to use without limitations or for companies and government should purchase AppCheck Pro.
To purchase the AppCheck Pro license, click on the "Registration" button (key shape icon) at the top of the AppCheck main screen, and click "Buy Now"
For online registration and activation Internet connection is required. You may receive license information through your email. Enter email and license key provided and click "OK" to complete the online activation.
You may receive license expiration information before 30 days of expiration. You may need to purchase for the license renewal in this period.
When AppCheck license is expired, all features are disabled. If you have a new license purchased, you may need to remove AppCheck and reinstall to enter the new license.
RansomShelter is a temporary backup folder >Backup(AppCheck)< created in each drives, while files are created/modified/deleted in certain conditions. These files can be maintained up to seven days.
The purpose of this backup is to keep your original files and recover them in case of Ransomware encrypts files.
The folder is safely protected while Real-Time Protection is on. In some cases user might need extra spaces in the disk drive, may click "Empty RansomShelter"(trash icon), to delete RansomShelter folders in each drives.
Files are completely removed from the disk and not moved to windows Recycle Bin. In cases of files are not removed due to the permission issue, you may turn off Real-Time Protection while manually deleting the folders.
The AppCheck Tools provides detailed information of threat, quarantine, and event log. The log is automatically cleaned up if the accumulated amount of events exceeds a certain level.
Detection Log displays detailed information of Ransom Guard activity including blocking, removal, and restoration through Ransomware behavior detection.
Quarantine Log displays the Ransomware files, Encrypted files, and Ransomware payment information files that have been deleted through the Ransomware Behavior Detection and kept in the Quarantine folder. The Quarantine folder is located at "C:\ ProgramData\CheckMAL\AppCheck\Quarantine"
Event log displays information about terminations and start of Program itself, service, real-time protection, Ransom Guard, Auto Backup, option changes, update and alert messages.
The AppCheck option provides normal, Ransom guard, automatic backup (AppCheck Pro only), and Whitelist settings.
Auto Update checks for updates for every 3 hours and notifies at boot time if a higher version is updated.
If the user clicks the notification window, release note in CheckMAL website is displayed in the default system web browser.
The user may click "Check for Update" link in the About AppCheck, and the will be notified "Current version is up-to-date." if installed AppCheck is the latest version.
If encryption is detected on your shared folder, files will be recovered automatically, and remote IP(version 4) is blocked for 1 hour.
To turn it off manually, disable and enable AppCheck Real-time protection.
Note that to protect shared folder from remote file destruction, it is required to disable "Internet Protocol Version 6 (TCP / IPv6)" check on the network interface.
For safety usage of backup to Network Shared Folder, it is recommended by creating a separate account with dedicated folder and not to use it for another purpose.
To delete the Auto Backup folder <AutoBackup(AppCheck)> and internal files, please temporarily disable real-time protection.
Users may add a file to exclude the Ransom Guard monitoring under the user's judgment.
Display information about AppCheck including current version, manual update checks, copyright and licensing information, thanks to, and genuine registration information.
The free (non-commercial) version of the AppCheck only blocks the Ransomware behavior through Ransom Guard and does not provide automatic remediation(deletion).
AppCheck Pro provides automatic remediation (delete) by default, however, if the binary contains digital signatures, the process is only blocked.
Therefore, if the file is only blocked by Ransomware behavior detection by AppCheck, please take the additional measures as follows.
Please upgrade your web browser for better website experience.