Contents
Protection using Antimalware Scan Interface (AMSI)
This section informs you that third-party applications such as Microsoft Office can send scripts to the Kaspersky application to be scanned using the Antimalware Scan Interface (AMSI), and describes how to disable protection using the AMSI in the Kaspersky application.
About protection using Antimalware Scan Interface
Antimalware Scan Interface (AMSI) allows a third-party application that supports AMSI to send objects (for example, PowerShell scripts) to the Kaspersky application for additional scanning and to receive scan results for these objects. For example, Microsoft Office applications can be such third-party applications. For more information about the AMSI interface, refer to Microsoft documentation.
Antimalware Scan Interface allows only to detect a threat and notify a third-party application about the detected threat. After receiving the threat notification, the third-party application prevents malicious actions (for example, shuts down).
The Kaspersky application may decline a request from a third-party application if, for example, this application exceeds the maximum number of requests allowed for a period. In this case, the Kaspersky application displays a notification about the declined request. If you receive such a notification, you do not have to perform any actions.
Protection using Antimalware Scan Interface is available on Windows 10 Home / Pro / Education / Enterprise and Windows 11 Home / Pro / Enterprise operating systems.
Page topHow to enable protection using Antimalware Scan Interface
To enable protection using Antimalware Scan Interface:
- Open the main application window.
- Click
in the lower part of the main window.
This opens the Settings window.
- Go to Security settings → AMSI Protection.
- In the Script scanner section, select the Scan scripts using Antimalware Scan Interface (AMSI) check box.
How to exclude a script from scanning using Antimalware Scan Interface
To exclude a script from scanning using Antimalware Scan Interface:
- Open the main application window.
- Click
in the lower part of the main window.
This opens the Settings window.
- Go to Security settings → AMSI Protection.
- In the Script scanner section, select the Scan scripts using Antimalware Scan Interface (AMSI) check box.
- Click the Manage exclusions link to go to the Exclusions window.
- In the Exclusions window, click the Add button.
The Add new exclusion window opens.
- In the File or folder field, specify the folder with the script.
- In the Object field, specify the name of the script.
You can also add several files of the same type to the exclusions by using a mask.
- In the Protection components section, select the check box next to the File Anti-Virus component.
- Select the Active status.
The specified object will not be scanned using Antimalware Scan Interface.