• The ASR GUI tool is safe

    Home » Forums » Newsletter and Homepage topics » The ASR GUI tool is safe

    Author
    Topic
    #2453015

    ON SECURITY By Susan Bradley Most antivirus programs flag ASR GUI as infected. Those results are false positives. In my most recent AskWoody MS-DEFCON
    [See the full post at: The ASR GUI tool is safe]

    Susan Bradley Patch Lady

    Viewing 3 reply threads
    Author
    Replies
    • #2453032

      Is there some confusion in this article between PS2Exe and psexec? The ASR GUI tool is written as a Powershell script, and can be run as such. It does not use psexec, but it does contain “psexec” in text. There is also an executable for ASR GUI, which I am pretty sure was created from the Powershell script using PS2Exe.

      1 user thanked author for this post.
      b
    • #2453244

      Could you elaborate a bit.  First I always find Github terribly opaque and the entry for ASR GUI is no different: I didn’t see where there was an obvious way just to download the program and its documentation.  Also, can you explain what we should do about ASR?   Which “S”s should we do something about  and how.   You mention using gpedit but don’t say how.  Sorry to be so clueless about this matter.

      • #2453673

        At the given link to github, there are two files. One is an executable file, one is a .ps1 Powershell script. Download and run either.  There is no documentation for the program itself (it doesn’t really need it.) For the things it allows you to set or unset, you’ll have to look up the meaning of those settings. In Susan’s initial post on this topic, she explained which one to use for this problem: Block Office from creating child processes.

        As for gpedit, run gpedit.msc. You can do this from a command line, or from the start menu’s Run… option.

    • #2453261

      I’ve tried using ASR_Rules_PoSh_GUI to “Set all Office applications from creating child processes and I’m getting the following error.  Tried Googling it but didn’t find anything.  Anyone have an idea?  TIA,

      Error 1
      Error 2

    • #2454156

      That’s likely a Windows Defender error.

    Viewing 3 reply threads
    Reply To: The ASR GUI tool is safe

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: