TrafficMonitor.sys is identified as Trojan:Win32/Vigorf.A by Windows Security

[abhi-deshpande]

Prerequisites

• [x] I have searched for related issues in the issues list.
• [x] I have read the FAQ in detail and searched for related issues in FAQ list.

Current TrafficMonitor Version

1.85.1 (x64)

Current Operating System Version

Windows 11 Pro 24H2 26100.4946

What happened?

After a recent Security Intelligence Update for Microsoft Defender Antivirus, the TrafficMonitor.sys file is identified as Trojan:Win32/Vigorf.A by WIndows Security. This seems to be a false positive, but I am not sure why it is happening.

Log Output

Additional Information

No response

[m-a-hannan]

I was about to report the same thing.

[Touhid0101]

Experiencing the same issue

[khaledsallam14]

i got the same Trojan. from same ver. 1.85.1 (x64) 26100.4946

[Inemene]

same here.. Im worried that this isnt safe to use but according to virustotal it seems like its false positive..

[abhi-deshpande]

I just tried to search more about this threat and found that it really has to do with latest virus definitions for Windows Security. This issue is affecting a lot of legitimate apps.

See here: https://github.com/LibreHardwareMonitor/LibreHardwareMonitor/issues/1844

This project also uses core components from LibreHardwareMonitor.

[gnc-gh]

There is a new method to solve this problem. https://github.com/zhongyang219/TrafficMonitor/issues/2164#issuecomment-3310561714 I replaced the file "LibreHardwareMonitorLib.dll" in the "TrafficMonitor" folder with the one from the "LibreHardwareMonitor nightly build", and it solved the issue temporarily. The steps are as follows: 1. Go to the URL "https://github.com/LibreHardwareMonitor/LibreHardwareMonitor". 2. Download the nightly build zip. 3. Verify that TrafficMonitor.exe has been closed. 4. Extract "LibreHardwareMonitorLib.dll" from the nightly build zip, then copy and replace it in the "TrafficMonitor" folder. 5. Restart "TrafficMonitor.exe".

[KertLynx]

I replaced the file "LibreHardwareMonitorLib.dll" in the "TrafficMonitor" folder with the one from the "LibreHardwareMonitor nightly build", and it solved the issue temporarily.

The steps are as follows: 1. Go to the URL "https://github.com/LibreHardwareMonitor/LibreHardwareMonitor". 2. Download the nightly build zip. 3. Verify that TrafficMonitor.exe has been closed. 4. Extract "LibreHardwareMonitorLib.dll" from the nightly build zip, then copy and replace it in the "TrafficMonitor" folder. 5. Restart "TrafficMonitor.exe".

This is did not help. It still throws a lot of security threats.

[gnc-gh]

I replaced the file "LibreHardwareMonitorLib.dll" in the "TrafficMonitor" folder with the one from the "LibreHardwareMonitor nightly build", and it solved the issue temporarily. The steps are as follows: 1. Go to the URL "https://github.com/LibreHardwareMonitor/LibreHardwareMonitor". 2. Download the nightly build zip. 3. Verify that TrafficMonitor.exe has been closed. 4. Extract "LibreHardwareMonitorLib.dll" from the nightly build zip, then copy and replace it in the "TrafficMonitor" folder. 5. Restart "TrafficMonitor.exe".

This is did not help. It still throws a lot of security threats.

https://github.com/zhongyang219/TrafficMonitor/issues/2164#issuecomment-3310561714

[MW11W]

[tony8077616]

Wait Developor use this LibreHardwareMonitor and update it

[Bedingled403]

https://bbs.kafan.cn/thread-2278851-1-1.html https://bbs.kafan.cn/thread-2285111-1-1.html

#2151

[KertLynx]

[KertLynx]

This application is dangerous and can hard your hard drives. I had to remove it and run an antivirus scan just to be safe. I have reported this to Github as malware. I'd suggest everyone to also add your comments at https://hellogithub.com/en/repository/5ef48af2b2794d4798b17d6539ec7305 to let userbase know to stay away from this malware.

[ZeroSnake00]

same here

[ZeroFighter17]

This application is dangerous and can hard your hard drives. I had to remove it and run an antivirus scan just to be safe. I have reported this to Github as malware. I'd suggest everyone to also add your comments at https://hellogithub.com/en/repository/5ef48af2b2794d4798b17d6539ec7305 to let userbase know to stay away from this malware.

Now, here's something I'm going to ask you....have you experienced ANY hardware issues, or ANYTHING other than Windows Defender screeching its head off about a "Virus" on your system before, during, and after using it? I most certainly haven't, and I'm still using it without even getting a virus pop-up.

[KertLynx]

This application is dangerous and can hard your hard drives. I had to remove it and run an antivirus scan just to be safe. I have reported this to Github as malware. I'd suggest everyone to also add your comments at https://hellogithub.com/en/repository/5ef48af2b2794d4798b17d6539ec7305 to let userbase know to stay away from this malware.

Now, here's something I'm going to ask you....have you experienced ANY hardware issues, or ANYTHING other than Windows Defender screeching its head off about a "Virus" on your system before, during, and after using it? I most certainly haven't, and I'm still using it without even getting a virus pop-up.

I would rather trust dozens of security alerts posted by many here than one person like you saying its harmless.

[KertLynx]

Based on the suggestion on this thread https://github.com/zhongyang219/TrafficMonitor/issues/2164#issuecomment-3458112599, I downloaded the latest nightly build from here: https://nightly.link/LibreHardwareMonitor/LibreHardwareMonitor/workflows/master/master/LibreHardwareMonitor.zip and copied LibreHardwareMonitorLib.dll and nothing else. Didn't even install PawnIO and it seems to work. So far no security alerts!