🛡️ VWAR

Professional-Grade Real-Time Malware Detection System

VWAR is an advanced malware detection and prevention system that combines YARA rule-based scanning with real-time file monitoring, providing comprehensive protection against ransomware, spyware, trojans, worms, and APT malware.

Developed by Bitss.one

---

🎉 What's New in v3.0.0

🚀 Major Updates (December 1, 2025)

NEW: USB-First Offline Activation System

• 🔌 USB Auto-Detection - Automatically searches for *.enc license files on USB drives at startup
• 📦 Multi-License Selection - If multiple .enc files found, user selects which to activate
• ⚡ Instant Offline Activation - Activates immediately from USB without internet
• 🌐 Server Connection Page - Centralized online features control (online activation, YARA sync, device info sync, updates)
• 📴 Offline-First Architecture - Default: no API calls, all features work offline
• 🔄 Dual Device Storage - Stores device info both locally and on USB for seamless sync
• 🎯 Auto-Navigate - If USB not found, launches app and auto-navigates to Server Connection page
• ↔️ Connection Mode Toggle - Easy switch between offline ↔ online with automatic synchronization
• ✅ Real-Time Language Switching - UI refreshes instantly when changing EN/FR in both modes

🎨 Previous Major Updates

• ⚡ Adaptive Validation Intervals - Smart license checking: 60s (>30 days), 30s (8-30 days), 10s (≤7 days), 5s (expired)
• 🔄 Real-Time Auto-Renew Sync - Auto-renewal status syncs with database every validation cycle (10-60s)
• 📊 Dynamic License Terms Page - Updates every 2 seconds showing real-time license status
• 🎯 Prominent Days Display - Large color-coded "X Days Active" on homepage (Green >7 days, Red ≤7 days with blinking animation)
• 🔄 YARA Auto-Update - Background thread automatically updates YARA rules during license validation
• 🕐 24-Hour Offline Grace - Extended from 6 hours to 24 hours for better offline resilience
• ✅ 30-Day Auto-Renew Validation - Prevents enabling auto-renew when <30 days remaining with user-friendly popup

See full changelog

---

✨ Key Features

🛡️ Real-Time Protection

• C++ Monitor Integration: High-performance file system monitoring using native Windows APIs
• Python Watchdog: Fallback monitoring for comprehensive coverage
• Multi-Drive Support: Monitors Downloads, Desktop, Documents, and all non-system drives
• Instant Threat Detection: Scans files immediately upon creation or modification
• Minimal Performance Impact: <2% CPU usage, ~50-100MB RAM

🔐 USB-First Offline Activation (NEW v3.0.0)

• 🔌 Automatic USB Search: Scans all removable drives for *.enc license files at startup
• 📦 Multi-File Selection: Dialog appears if multiple .enc files found (shows filename + drive letter)
• ⚡ Instant Activation: Auto-activates from USB without internet connection required
• 📴 Offline-First Mode: Default operation mode with no API calls (all features work offline)
• 🌐 Server Connection Page: One-click access to online features (activation, YARA sync, device sync, updates)
• ↔️ Connection Mode Toggle: Switch between offline ↔ online modes with automatic synchronization
• 💾 Dual Device Storage: Device info stored both locally (data/device_info.json) and on USB (vwar_license_state.json)
• 🎯 Smart Navigation: If USB not found, app launches and auto-navigates to Server Connection page
• 🔄 Automatic Sync: Syncs device info before going offline and validates with server when going online
• ✅ Real-Time Language Support: UI updates instantly for language changes in both offline and online modes

🔍 Advanced Threat Detection

• YARA Rules Engine: Industry-standard pattern matching for malware signatures
• Multiple Threat Categories: Ransomware, spyware, trojans, worms, APT malware
• Regular Updates: Expandable rule sets for emerging threats
• Low False Positives: Optimized detection algorithms
• Customizable Rules: Add custom YARA rules for specific threats

📦 ScanVault System

• Innovative File Isolation: Captures files before execution for safe scanning
• Automated Workflow: Scan → Restore (if clean) or Quarantine (if threat)
• Zero-Day Protection: Prevents malware execution during download
• Metadata Preservation: Maintains original file information for restoration
• Intelligent Handling: Special treatment for installers and trusted files
• Automatic Installation Detection: Detects running installers (.exe, .msi, .bat) and scans files in-place without interrupting installation
• Smart Installation Mode: Only quarantines malware during installation, clean files stay where installed
• Installation Logging: Separate installation.log tracks all installation-related scans and actions

🔐 Quarantine Management

• Secure Isolation: Threats stored in protected quarantine folder
• Detailed Metadata: File path, detection time, matched rules preserved
• Restore Capability: False positives can be restored with re-scanning
• Manual Review: Inspect and manage quarantined items
• Permanent Deletion: Safely remove confirmed threats

⏰ Flexible Scheduling

• Multiple Frequencies: Realtime, Hourly, Twice Daily, Daily, Custom intervals
• Time Selection: Intuitive hour/minute spinbox controls
• Path Configuration: Scan specific folders and drives
• Subdirectory Options: Include/exclude nested folders
• Background Execution: Non-intrusive scanning during scheduled times
• Manual Triggers: "Run Now" button for immediate execution

💾 Backup & Restore

• Manual Backups: User-initiated file and folder backups
• Automatic Backups: Schedule regular backup tasks
• Version History: Multiple backup versions preserved
• Easy Restoration: Quick recovery of backed-up files
• Configurable Storage: Choose backup destination

🔒 Hardware-Locked Activation

• Secure Licensing: License bound to CPU + Motherboard IDs
• Multi-Device Support: Each license supports up to 2 devices
• Smart Device Management: Automatic slot allocation (Device 1 & Device 2)
• Re-Activation Support: Recognizes previously activated devices automatically
• Online Validation: Encrypted API communication for verification
• 📴 Offline-First Mode: Default to offline, optional online mode via Server Connection
• Adaptive Validation Intervals: Smart checking based on expiry proximity
  • 60 seconds when >30 days remaining (stable mode)
  • 30 seconds when 8-30 days remaining (normal mode)
  • 10 seconds when ≤7 days remaining (urgent mode)
  • 5 seconds when expired (fast renewal detection)
• 24-Hour Offline Grace: Continues working offline for 24 hours using cached validation
• Server-Side Enforcement: License changes detected within 5-60 seconds based on urgency
• Auto-Renew Management: Enable/disable auto-renewal with 30-day validation
• Synchronized Status: Auto-renew status updates in real-time across all pages
• Dynamic License Display: Terms page refreshes every 2 seconds showing current status
• Visual Alerts: Color-coded days remaining (Green >7, Red ≤7 with blinking animation)
• USB Auto-Activation: Searches USB for *.enc files, activates offline immediately
• USB Device Storage: Stores device info on USB for portable license tracking
• Time-Jump Detection: Prevents system clock manipulation
• Renewal System: 7-day advance warning before expiration
• Grace Period: Warnings before expiration
• Graceful Degradation: View quarantine after expiry (scanning disabled)
• Offline Mode: Temporary grace period for internet loss

🖥️ Modern User Interface

• Intuitive Design: Clean, professional Tkinter GUI
• Color-Coded Theme: Consistent cyan (#009AA5) and teal (#004d4d) palette
• System Tray Integration: Minimize to tray for background operation
• Tabbed Help System: Comprehensive documentation built-in
• Real-Time Status: Live monitoring indicators and progress displays

🔔 Smart Notifications

• Desktop Alerts: Toast notifications for critical events (via win10toast)
  • Scan started/completed notifications
  • Threat detection alerts with rule names
  • Scheduled scan completion summaries
• Dynamic Tray Tooltips: Real-time status updates in system tray
  • Shows current scanning file during manual scans
  • Updates during scheduled scan operations
  • Resets to idle state when complete
• In-App Progress Bars: Visual feedback on scan pages
• Scheduled Scan Modals: Detailed progress for automated scans
• Customizable: Enable/disable notification types in Settings

🔄 Automatic Updates

• GitHub Integration: Checks for updates via GitHub releases
• Version Comparison: Automatic detection of newer versions
• Download Links: Direct access to latest releases
• Change Logs: View what's new in updates

---

💻 System Requirements

Minimum Requirements

• OS: Windows 10 (32-bit or 64-bit, version 1607 or later) / Windows 11 (32-bit or 64-bit)
• Python: 3.11.5 or later
• RAM: 4 GB (2 GB for 32-bit systems)
• Disk Space: 500 MB (plus space for quarantine and backups)
• CPU: Dual-core processor
• Internet: Required for activation and updates (offline mode available)

Recommended Requirements

• OS: Windows 10 version 21H2 or later / Windows 11 (64-bit recommended)
• Python: 3.11.5+
• RAM: 8 GB or more (4 GB for 32-bit systems)
• Disk Space: 2 GB+ (for extensive quarantine storage)
• CPU: Quad-core processor or better
• Internet: Broadband connection

USB KEY Protection Edition

• OS: Windows 10 (32-bit or 64-bit, version 1607+) / Windows 11 (32-bit or 64-bit)
• Architecture: Supports both 32-bit and 64-bit systems
• Device Limit: Unlimited devices (portable USB-based activation)
• Activation: Offline USB-based license (no internet required)
• Operation: USB-only scanning (portable mode)

---

📥 Installation

Option 1: Executable (Recommended for End Users)

1. Download the latest VWAR.exe from Releases
2. Extract to desired location (e.g., C:\Program Files\VWAR\)
3. Right-click on VWAR.exe → Run as Administrator
4. VWAR will search for USB licenses first, or guide you to Server Connection
5. VWAR will start and create a system tray icon

Option 2: From Source (For Developers)

1. Clone the repository

   git clone https://github.com/TM-Mehrab-Hasan/BITSS-VWAR-Software.git
   cd BITSS-VWAR-Software

2. Install Python 3.11.5+

   • Download from python.org
   • Ensure "Add to PATH" is checked during installation

3. Install dependencies

   pip install -r requirements.txt

4. Run VWAR

   python main.py

---

🚀 Quick Start

First Launch - USB-First Workflow (NEW v3.0.0)

1. Insert USB with License File (optional - if you have offline license)
   • Copy {username}_license.enc or license.enc to USB root
2. Run VWAR as Administrator (required for system-wide monitoring)
3. USB Search Dialog Appears: "VWAR IS SEARCHING LICENSE FROM USB..."
   • If found: Auto-activates offline → "VWAR IS ACTIVATED OFFLINE"
   • If not found: "Offline activator not found" dialog
4. Activate License
   • Option A (USB Found): Auto-activated, all features enabled immediately
   • Option B (USB Not Found): Click "Go to Server Connection" → Enter license key online
5. All Features Active: Real-time protection, scanning, backups enabled

Basic Operations

Manual Scan:

1. Go to Scan page
2. Click Browse to select files/folders
3. Click Start Scan
4. Review results and take action on threats

Schedule Automatic Scans:

1. Go to Schedule Scan page
2. Choose frequency (Hourly, Daily, Custom)
3. Set time using spinbox controls
4. Add paths to scan
5. Click Save

Online Features (Server Connection Page):

1. Click Server Connection button (bottom navigation)
2. Page automatically enables online mode
3. Available options:
   • Online Activation: Enter license key for server-based activation
   • Connection Mode Toggle: Switch between offline ↔ online
   • Device Info Sync: Send hardware ID to server
   • YARA Rules Sync: Download latest threat rules
   • Check Updates: Verify software updates
4. Toggle back to offline mode when done (auto-syncs)

Review Threats:

1. Go to Scan Vault page
2. View quarantined items
3. Select and Restore (if false positive) or Delete (if confirmed threat)

System Tray:

• Click X button → Minimize to tray (stays running)
• Right-click tray icon → Quick actions menu
• Use Quit VWAR button to exit completely

---

📊 Version History

v3.0.0 (Current - December 1, 2025)

Major Update: USB-First Offline Activation System

New Features

• USB-First Offline Activation with automatic USB search
• Multi-license file selection dialog
• Offline-First Architecture (default: no API calls)
• Server Connection page for online features
• Connection mode toggle (offline ↔ online)
• Dual device storage (local + USB)
• Automatic synchronization on mode transitions
• Real-time language switching in both modes
• 50+ new bilingual translation keys (EN/FR)

Technical Implementation

• activation/usb_detector.py (465 lines) - USB search, file selection, dialogs
• utils/connection_mode.py (64 lines) - Offline/online mode management
• utils/server_connection_page.py (580 lines) - UI page with sync features
• Updated multiple files for offline-first integration
• Enhanced installer with registry entries

UI/UX Improvements

• USB search loading dialog with progress indicator
• Multi-file selection dialog showing drive letters
• Success messages with license validity dates
• Auto-navigation to Server Connection when USB not found
• Connection mode indicator
• Real-time sync status messages
• Bilingual support throughout

v3.0.0 (November 2, 2025)

Major Update: Adaptive Validation, Enhanced UI & Critical Bug Fixes

• Adaptive validation intervals (60s, 30s, 10s, 5s based on expiry proximity)
• Real-Time Auto-Renew Sync with database
• Dynamic License Terms page (2-second refresh)
• Prominent Days Display with color-coding and blinking animation
• YARA Auto-Update system
• 24-Hour Offline Grace period
• 30-Day Auto-Renew Validation
• Fixed critical YARA scanner crash

v3.0.0 (October 2025)

• Real-time malware detection with C++ monitor
• YARA-based scanning engine
• ScanVault file isolation system
• Flexible scheduled scanning
• System tray integration
• 2-Device License Support
• Hardware-locked licensing with encryption
• Backup & restore system
• Modern tabbed help system
• Enhanced Toast Notifications

---

⚠️ Disclaimer

VWAR is designed to complement existing security solutions, not replace them. While we strive for high detection rates, no security software can guarantee 100% protection. Always practice safe computing habits and maintain regular backups.

---

Made with ❤️ by Bitss.one

© 2025 Bitss.one. All rights reserved.