No disrespect but I really doubt that Kaspersky are targeting his business.
Bouncer - Discussion & Support Thread
- Thread starter WildByDesign
- Start date
As far as the random detections, I made the mistake of testing out the VIPRE Rescue Tool (I won't ever use anything from that company after that except as a last resort) which quarantined many files while leaving other, similar ones alone. For example, I had a bunch of Android .apk files from old backups, and it would say one version of an app was infected while another version or two it would ignore. I thought that was quite strange.
And I'm in agreement with Opcode: it wouldn't surprise me if some of the AV companies are intentionally flagging it for competitive reasons, but I doubt that's the case for most of them. I doubt this program is a big enough presence for them to care at all about, especially the bigger companies. I could be entirely incorrect, but I suspect it has to do with their software thinking Bouncer is malware based on what it does and how it does it, not taking into consideration the reasoning for it. In fact, Bouncer being such a low-profile program probably not only means it doesn't get attention from the big players for competitive reasons, but also that it most likely doesn't get attention for making sure it's white-listed to prevent being flagged for what would be suspicious coding and behavior if not for its purpose. Similarly, I suspect the reason many/most AV programs aren't flagged by most of the others due to their nature is due to white-listing. And Bouncer probably just didn't make the list.
And I'm in agreement with Opcode: it wouldn't surprise me if some of the AV companies are intentionally flagging it for competitive reasons, but I doubt that's the case for most of them. I doubt this program is a big enough presence for them to care at all about, especially the bigger companies. I could be entirely incorrect, but I suspect it has to do with their software thinking Bouncer is malware based on what it does and how it does it, not taking into consideration the reasoning for it. In fact, Bouncer being such a low-profile program probably not only means it doesn't get attention from the big players for competitive reasons, but also that it most likely doesn't get attention for making sure it's white-listed to prevent being flagged for what would be suspicious coding and behavior if not for its purpose. Similarly, I suspect the reason many/most AV programs aren't flagged by most of the others due to their nature is due to white-listing. And Bouncer probably just didn't make the list.
- Jan 24, 2016
- 23
Indeed, he shot at his feet himself, by disregarding users' need of a GUI...
- Jul 3, 2015
- 8,153
Bouncer came out with a new version a short while ago, it has a new feature called AdminByPass. When enabled, the rules will not apply to processes running at admin or system privileges. (Similar to SRP.) So you don't have to worry that you are messing up Windows processes and updates etc.
The free demo version allows up to 5 KB of text in the config file, as usual. That's a lot, if you know how to cut out the fat.
excubits.com
I had a weird issue that the automatically installed config was mysteriously missing C: at the beginning of the path, in a couple places, but it was easy to see and easy to fix. After that, it worked right.
For those unfamiliar with Bouncer, it is a powerful anti-exe program that runs totally as a kernel driver. It doesn't run exe files or services, other than the optional system tray icon. If you want it to do more than the default config, which is kinda minimal, you just write whatever rules you want, in the config file.
Bouncer controls not just exe files but also dlls and drivers. That's unique.
You can add any number of lol bins. You can use the famous Excubits list.
This program has a learning curve. It needs patience to set it up and get the hang of it. It's not for people who want to click a few buttons and say goodbye.
The free demo version allows up to 5 KB of text in the config file, as usual. That's a lot, if you know how to cut out the fat.
Bouncer - Products | Excubits
Bouncer is a powerful anti exe for Windows, protecting against ransomware, trojans, viruses and more.
excubits.com
I had a weird issue that the automatically installed config was mysteriously missing C: at the beginning of the path, in a couple places, but it was easy to see and easy to fix. After that, it worked right.
For those unfamiliar with Bouncer, it is a powerful anti-exe program that runs totally as a kernel driver. It doesn't run exe files or services, other than the optional system tray icon. If you want it to do more than the default config, which is kinda minimal, you just write whatever rules you want, in the config file.
Bouncer controls not just exe files but also dlls and drivers. That's unique.
You can add any number of lol bins. You can use the famous Excubits list.
This program has a learning curve. It needs patience to set it up and get the hang of it. It's not for people who want to click a few buttons and say goodbye.
- Feb 20, 2019
- 41
A very good app, without telemetry, without things that rots the OS. In addition, it's pedagogical.
- Feb 20, 2019
- 41
I can't help.
I don't use CMDCHECK. It decreases responsiveness on my PC, brings latency when launching applications. Not dramatically but still. So I did not even try to work with. Without (and without SHA256), Bouncer has virtually no impact.
- Jul 3, 2015
- 8,153
Thanks for the info, I didn't realize it has that kind of impact.
I was using bouncer last week, and in fact, I did feel a performance penalty.
This week I ran it with
Code:
*>*This week, it felt lighter than last week.
Perhaps the combination of the two types of protection is the problem?
- Feb 20, 2019
- 41
Maybe you know AppTimer ?
PassMark AppTimer - Measure application startup time
www.passmark.com
Apptimer will save the data to a log file and you will be able to compare.
Today, I bought AppGuard Solo. I had not used AppGuard for years. The app has become very expensive but it's a good app (someone think that ALL app sucks but it does not matter
).Like Bouncer in some conditions (heavy config file, with SHA256 ans CdnLineCheck), AppGuard is so light in memory and CPU but could bring latency (measured with AppTimer), more than many Antivirus sometimes, however, these latencies occurs only when lauching apps and for the rest of the time, the OS is like a feather.
Ex, for PDF-XChange Editor, on my i7 with a NVMe Samsung 950 Pro.
With Cylance, around 0.4840 second
With DrWeb, around 0.5305 second
With AppGuard Solo, around 0.5610 second
BUT, with Sophos Home Premium, around 0.5805 second
Not a big deal, yes, but if we speak in percentage and not in seconds, well, we see that near any security application bring its heaviness.
For Bouncer, it varies according to the configuration file.
- Jun 4, 2017
- 174
I can just second this, it really depends on your config. Using the full version and having a big config file with parent checking and all the other stuff active adds delay to every app start.
In the past, I played with Bouncer + Memprotect + Pumpernickel and the delay was pretty heavy (measured with AppTimer)
- Jun 4, 2017
- 174
I have most of the paid excubits apps and like them but currently, I am using H_C and it works quite well, so I don't see the need for bouncer now.
- Jul 3, 2015
- 8,153
Yes, H_C does it. Great tool. I am using H_C also. I use Bouncer just to satisfy my paranoid side, so I can block a few LOL bins that H_C doesn't cover, and also to monitor rundll32. I can't say I truly need it, but it makes me happy.
- Jun 4, 2017
- 174
Yes, this happens to me sometimes, too! But then I have to keep calm not to nail down all the family devices
- Jun 4, 2017
- 174
I just tried it on my main system which is a fast i7 ...
for me it adds 0.5 seconds to the start of Brave Browser , which is a lot.
Active are commandline checks and everything is whitelisted except a bunch of LOLs...
Strange that you are not noticing delays....
- Jul 3, 2015
- 8,153
If half a second is a lot to you, then that's the answer. My system is not as fast as yours in the first place, so I don't count split seconds.
- Nov 19, 2014
- 2,344
- Jun 4, 2017
- 174
Similar threads
