AmsiScanString function (amsi.h)
Scans a string for malware.
Syntax
HRESULT AmsiScanString(
[in] HAMSICONTEXT amsiContext,
[in] LPCWSTR string,
[in] LPCWSTR contentName,
[in, optional] HAMSISESSION amsiSession,
[out] AMSI_RESULT *result
);
Parameters
[in] amsiContext
The handle of type HAMSICONTEXT that was initially received from AmsiInitialize.
[in] string
The string to be scanned.
[in] contentName
The filename, URL, unique script ID, or similar of the content being scanned.
[in, optional] amsiSession
If multiple scan requests are to be correlated within a session, set session to the handle of type HAMSISESSION that was initially received from AmsiOpenSession. Otherwise, set session to nullptr.
[out] result
The result of the scan. See AMSI_RESULT.
An app should use AmsiResultIsMalware to determine whether the content should be blocked.
Return value
If this function succeeds, it returns S_OK. Otherwise, it returns an HRESULT error code.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 10 [desktop apps only] |
| Minimum supported server | Windows Server 2016 [desktop apps only] |
| Target Platform | Windows |
| Header | amsi.h |
| Library | Amsi.lib |
| DLL | Amsi.dll |