Kaspersky Basic | Standard | Plus | Premium

Protection using Antimalware Scan Interface (AMSI)

This section informs you that third-party applications such as Microsoft Office can send scripts to the Kaspersky application to be scanned using the Antimalware Scan Interface (AMSI), and describes how to disable protection using the AMSI in the Kaspersky application.

In this Help section

About protection using Antimalware Scan Interface

How to enable protection using Antimalware Scan Interface

How to exclude a script from scanning using Antimalware Scan Interface

Page top
[Topic 185853]

About protection using Antimalware Scan Interface

Antimalware Scan Interface (AMSI) allows a third-party application that supports AMSI to send objects (for example, PowerShell scripts) to the Kaspersky application for additional scanning and to receive scan results for these objects. For example, Microsoft Office applications can be such third-party applications. For more information about the AMSI interface, refer to Microsoft documentation.

Antimalware Scan Interface allows only to detect a threat and notify a third-party application about the detected threat. After receiving the threat notification, the third-party application prevents malicious actions (for example, shuts down).

The Kaspersky application may decline a request from a third-party application if, for example, this application exceeds the maximum number of requests allowed for a period. In this case, the Kaspersky application displays a notification about the declined request. If you receive such a notification, you do not have to perform any actions.

Protection using Antimalware Scan Interface is available on Windows 10 Home / Pro / Education / Enterprise and Windows 11 Home / Pro / Enterprise operating systems.

Page top
[Topic 185854]

How to enable protection using Antimalware Scan Interface

To enable protection using Antimalware Scan Interface:

  1. Open the main application window.
  2. Click Settings button in the lower part of the main window.

    This opens the Settings window.

  3. Go to Security settingsAMSI Protection.
  4. In the Script scanner section, select the Scan scripts using Antimalware Scan Interface (AMSI) check box.

Page top

[Topic 186113]

How to exclude a script from scanning using Antimalware Scan Interface

To exclude a script from scanning using Antimalware Scan Interface:

  1. Open the main application window.
  2. Click Settings button in the lower part of the main window.

    This opens the Settings window.

  3. Go to Security settingsAMSI Protection.
  4. In the Script scanner section, select the Scan scripts using Antimalware Scan Interface (AMSI) check box.
  5. Click the Manage exclusions link to go to the Exclusions window.
  6. In the Exclusions window, click the Add button.

    The Add new exclusion window opens.

  7. In the File or folder field, specify the folder with the script.
  8. In the Object field, specify the name of the script.

    You can also add several files of the same type to the exclusions by using a mask.

  9. In the Protection components section, select the check box next to the File Anti-Virus component.
  10. Select the Active status.

The specified object will not be scanned using Antimalware Scan Interface.

Page top

[Topic 186114]