logo ASAP Utilities

Answered Questions (FAQ)

If you have a question or experience a problem with ASAP Utilities then please verify if there is already an answer to your question or solution for you problem in our list of frequently answered questions.

Priority support for clients

If you can't find the answer on our website then please contact us.

Version history

A history of the various updates and improvements throughout the years

How it makes YOU rock in Excel

These short tutorials show you how to benefit from the tools in ASAP Utilities and are guaranteed to save you time and speed up your work in Excel.

User Guide

The ASAP Utilities User Guide is a practical manual that will show you how to get the best out of our excel add-in

Uninstall

How to (temporary) uninstall ASAP Utilities.

Bug report

If you have found a bug first make sure you are using the most recent version. If that is the case go to our bug-report page

Debug information

In some cases you will be asked by our support-team to turn on the debug-mode to help solve specific problems.

Links

Links to interesting websites

Excel Books

The best books on Excel. Whether you want to learn Excel, write better formula's, learn how to use macros or write professionals applications in Excel these are the best books

Why ASAP Utilities uses Win32 APIs and how to make an exception for ASAP Utilities in case Win32 api calls are blocked by Windows Defender

Published: November 19, 2021 (latest revision April 7, 2022)
reference id: QA0340

Question

Does ASAP Utilities use Win32 API calls?

And why does Windows Defender cause the cryptic Excel error message:
"Excel cannot open the file '....xlam' because the file format or file extension is not valid. Verify that the file has not been corrupted and that the file extension matches the format of the file.

Answer

Yes, ASAP Utilities uses Win32 API calls.

Just Excel/VBA itself can be too limited for certain basic actions and ASAP Utilities wouldn't be able to do, or do as smooth, what it can without the few API calls.

ASAP Utilities uses a few Win32 API calls for its core functionality, such as reading certain parts of the registry (for example to determine if you use the 32-bits or 64-bits edition of Excel), storing items in memory, reading the user's language settings for Windows and Excel, get the users application data folder to store settings, etc...

API calls are also required for more basic functionality such as displaying messages with Unicode characters, such as for our clients with the Russian, Chinese or Japanese version of ASAP Utilities, having a decent progress window, determining which version of Excel is being used so we know what built-in functionality exists (For example Excel's VBA returns 16 for Excel 2016, Excel 2019, Excel 2021 and Excel 365 which isn't helpful), determine where the %APPDATA% folder is, etc, etc.

Tools such as the following also use Win32 API calls to provide functionality otherwise not possible:

Microsoft Defender might need an exception

Microsoft Defender for Endpoint and Microsoft 365 Defender can use attack surface reduction rules (ASR rules) to help prevent malware infection.
One of these rules is:

"Block Win32 API calls from Office macros"

In case your company has the rule "Block Win32 API calls from Office macros" defined, then ASAP Utilities can't function properly.
Some users may even get a cryptic error from Excel stating that the ASAP Utilities file format or file extention is not correct due to this rule. (Excel cannot open the file 'ASAP Utilities.xlam' because the file format or file extension is not valid. Verify that the file has not been corrupted and that the file extension matches the format of the file.)

From Microsoft:

Office VBA enables Win32 API calls. Malware can abuse this capability, such as calling Win32 APIs to launch malicious shellcode without writing anything directly to disk. Most organizations don't rely on the ability to call Win32 APIs in their day-to-day functioning, even if they use macros in other ways.

Intune name: Win32 imports from Office macro code
Configuration Manager name: Block Win32 API calls from Office macros
GUID: 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B

Source:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-worldwide#block-win32-api-calls-from-office-macros

Defender: Warn mode for users

(NEW!) Prior to warn mode capabilities, attack surface reduction rules that are enabled could be set to either audit mode or block mode. With the new warn mode, whenever content is blocked by an attack surface reduction rule, users see a dialog box that indicates the content is blocked. The dialog box also offers the user an option to unblock the content. The user can then retry their action, and the operation completes. When a user unblocks content, the content remains unblocked for 24 hours, and then blocking resumes.

Warn mode helps your organization have attack surface reduction rules in place without preventing users from accessing the content they need to perform their tasks.

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-worldwide#warn-mode-for-users

Exception for ASAP Utilities

It goes without saying that there is no malware in our product. We developed ASAP Utilities completely by ourselves and nothing was outsourced.

All the files from ASAP Utilities are signed with a Code Signing certificate to make sure the files (exe and xlam) are from our company and have not been tampered with.
Our company name is A Must in Every Office BV, you can see that in the certificate.
As an extra protection layer In Excel you can choose to disable all macros except digitally signed macros or require application add-ins to be signed by a trusted publisher.

In case your organization has the "Block Win32 API calls from Office macros" rules applied in combination with "block mode", then you can still use ASAP Utilities by making and exception for our files as explained by Microsoft.

The ASAP Utilities xlam files

The "%ProgramFiles(x86)%\ASAP Utilities\" folder is the default installation folder. In case you installed ASAP Utilities in another location, then the ASAP Utilities.xlam is in that location.

  • All languages:
    %ProgramFiles(x86)%\ASAP Utilities\ASAP Utilities.xlam
  • English
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_en-us.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_en-us.xlam
  • German
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_de-de.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_de-de.xlam
  • Spanish
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_es-es.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_es-es.xlam
  • French
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_fr-fr.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_fr-fr.xlam
  • Italian
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_it-it.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_it-it.xlam
  • Dutch
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_nl-nl.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_nl-nl.xlam
  • Portuguese (Brazil)
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_pt-br.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_pt-br.xlam
  • Russian
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_ru-ru.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_ru-ru.xlam
  • Chinese (Simplified)
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_zh-hans.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_zh-hans.xlam
  • Japanese
    %ProgramFiles(x86)%\ASAP Utilities\resources\ASAP_Utilities_ribbon_ja-jp.xlam
    %AppData%\ASAP Utilities\resources\ASAP_Utilities_ribbon_ja-jp.xlam

%LocalAppData%\...\Content.MSO\ and .tmp file

In case it still doesn't work with the above exceptions and you get a warning with a reference to a randomly named .tmp file in the %LocalAppData%\Microsoft\Windows\INetCache\Content.MSO\ folder, then you need to update Windows Defender because it's something that Microsoft has already solved.
We recommend to turn on "Cloud-delivered protection" in Windows Defender:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus

Resources






« back


Home Privacy Policy Cookie Policy EULA Download All added Excel tools Sitemap Contact Us