- Fixed ScanFolderString JSON not formatted correctly
- Fixed update check always returning there was a update
- Fixed update check always returning there was an update
- Version **4.2.2**:
- Optimized scanning speed of PDF files
@ -51,7 +62,7 @@ The following Operating Systems are supported:
- Version **4.2.1**:
- Optimized scanning speed of big files
- Optimized scanning speed in Linux version
- Version **4.2**:
- Reduced glibc minimum version to 2.17 on Linux
- Added "Logging()" function to enable/disable logging
@ -76,9 +87,7 @@ The following Operating Systems are supported:
## Known Issues
- XvirusAI engine is still in BETA. It is not recomended to use in production yet.
- XvirusAI engine does not work in C++ bindings.
- The checkUpdate function can now check for SDK updates but can't update it
- The checkUpdate function can check for SDK/CLI updates but can't update it automatically
## Get Started
@ -88,24 +97,24 @@ This project shows you how to dynamically load Xvirus SDK (`XvirusSDK.dll`) for
You can run it by building it, copying the files from the `bin` folder to the output folder of the build and then running `xvbdc.exe`.
## Avaiable Functions
## Available Functions
You can find the definition of all functions and structs in the file `xvneng.h` located in the "headers" folder.
- **load** - Loads Xvirus Scan Engine into memory, if set `force`=true it will reload the scan engine, even if it is already loaded.
- **unload** - Unloads Xvirus Scan Engine from memory.
- **scan** - Scans the file located at `filepath`. It will return a [`ScanResult`](#Model).
- **scan** - Scans the file located at `filepath`. It will return a [`ScanResult`](#model).
- **scanAsString** - Scans the file located at `filepath`. It will return one of the following strings:
- "**Safe**" - If no malware is detected.
- "**Malware**" - If malware is detected but the name isn't known.
- **_Malware Name_** - If it is malware from a known family (example: "Trojan.Downloader").
- "**AI.{aiScore}**" - Score of the file using XvirusAI from 0 to 100, the higher the score the more probable it is malicious (example: "AI.99").
- "**File not found!**" - If no file is found in the submited path.
- "**File not found!**" - If no file is found in the submitted path.
- "**File too big!**" - If the file size is bigger than the set limit.
- "**Could not get file hash!**" - There was an error calculating the hash of the file.
- **scanFolder** - Scans all the files inside the folder at `folderpath`. It will return an pointer for a array of [`ScanResult`](#Model).
- **scanFolder** - Scans all the files inside the folder at `folderpath`. It will return a pointer for an array of [`ScanResult`](#model).
- **scanFolderAsString** - Scans all the files inside the folder at `folderpath`. It will return the scan result message for each file scanned.
- **checkUpdates** - Checks and updates the databases and AI engine to the most recent versions. If `checkSDKUpdates`=true then it will also check for SDK updates. If `loadDBAfterUpdate`=true then it will reload the Xvirus Scan Engine after the update is done. It can return the following strings:
- **checkUpdates** - Checks and updates the databases and AI engine to the most recent versions. If `loadDBAfterUpdate`=true then it will reload the Xvirus Scan Engine after the update is done. It can return the following strings:
- "**There is a new SDK version available!**"
- "**Database was updated!**"
- "**Database is up-to-date!**"
@ -114,15 +123,14 @@ You can find the definition of all functions and structs in the file `xvneng.h`
- **baseFolder** - Sets and return the `BaseFolder` path. If `baseFolder` Null value is provided it will only return.
- **version** - returns the version of the SDK/CLI.
## Model
The `scan` and `scanFolder` functions return a struct `ScanResult` with the following properties:
```c++
struct ScanResult {
bool sucess; // true if scan was sucessful
bool sucess; // true if scan was successful
wchar_t* error; // error message, only has value if success=false
bool isMalware; // true if malware
wchar_t* name; // detection name
@ -135,7 +143,7 @@ All other functions return a struct `ActionResult` with the following properties
```c++
struct ActionResult {
bool sucess; // true if action was sucessful
bool sucess; // true if action was successful
wchar_t* result; // result message, only has value if success=true
wchar_t* error; // error message, only has value if success=false
};
@ -143,11 +151,29 @@ struct ActionResult {
## Settings
Settings are located in the "`settings.json`" file in the root folder of the SDK. There are 5 avaiable options:
Settings are located in the "`settings.json`" file in the root folder of the SDK/CLI. Available options:
### Engine Settings
- **EnableSignatures** - Enables signature-based scanning of files. Default: _true_
- **EnableHeuristics** - Enables heuristics scanning of files. Default: _true_
- **EnableAIScan** - Enables XvirusAI scan engine. This feature is still in BETA. Default: _false_
- **HeuristicsLevel** - Heuristics aggressiveness level from 1 to 5, higher is more aggressive. Default: _4_
- **AILevel** - AI scan aggressiveness level from 1 to 100, higher is more aggressive. Default: _10_
### File Size Limits
- **MaxScanLength** - Maximum file size to be scanned in bytes. If set "null" then there is no limit. Default: _null_
- **MaxHeuristicsPeScanLength** - Maximum PE file size for heuristics scanning in bytes. If set "null" then there is no limit. Default: _20971520_ (20MB)
- **MaxHeuristicsOthersScanLength** - Maximum non-PE file size for heuristics scanning in bytes. If set "null" then there is no limit. Default: _10485760_ (10MB)
- **MaxAIScanLength** - Maximum file size for AI scanning in bytes. If set "null" then there is no limit. Default: _20971520_ (20MB)
### Update Settings
- **CheckSDKUpdates** - Enables checking for SDK updates. Default: _true_
- **DatabaseFolder** - Path to the database folder, it accepts both relative and absolute paths. Default: _"Database"_
- **DatabaseVersion** - KeyValue list of database files version. This is updated automatically when using the "checkUpdate()" function.
@ -155,9 +181,16 @@ Example of a `settings.json` file:
```JSON
{
"EnableSignatures": true,
"EnableHeuristics": true,
"EnableAIScan": false,
"EnableAIScan": true,
"HeuristicsLevel": 4,
"AILevel": 10,
"MaxScanLength": null,
"MaxHeuristicsPeScanLength": 20971520,
"MaxHeuristicsOthersScanLength": 10485760,
"MaxAIScanLength": 20971520,
"CheckSDKUpdates": true,
"DatabaseFolder": "Database",
"DatabaseVersion": {
"AIModel": 0,
@ -176,4 +209,4 @@ Example of a `settings.json` file:
If any of the functions fails the `success` property returns `false` and the `error` property contains the error message.
All exceptions are logged in the `errorlog.txt` file.
All exceptions are logged in the `errorlog.txt` file.
Dani Santos
5 months ago
