I just got this message the first time i switched on my computer after upgrading to Home Assistant 2025.9.1.
Does the HASS Agent have anything resembling ‘trojan:Win32/Vigorf.A’.
1 Like
Isn’t HASS Agent a completely seperate open source project? Maybe ask on their Github issues page?
It is and should be bugged on thier github.
For the record defender picked the same file on my pc. I quarantined it but have not had a chance to do a full false positive investigation yet to determine if they’re pulling a bad file or if it’s a false.
This has nothing to do with the HA update.
Hass Agent hasn’t been updated since 2022.
So If it is infected (it isn’t) then it has been for three years.
1 Like
Oh defender false positives all the time. Id rather that than the alternative actually…
Notice I didn’t go chase it?
But Hass agent also isn’t complaining…
There’s an explanation for the false positive here: Bug: windows 11 warning of trojan virus · Issue #441 · LAB02-Research/HASS.Agent · GitHub
Ahhhh the ring0 driver. Yep that makes sense. There’s a lot of people who don’t agree with that call. Personally I do… generic unfettered ring 0 is a problem but that’s beside the point
Short version… many of the major manufacturers are blocking this driver as it allows ring 0 (protected code, hypervisor level) access to the processor and is a very popular infection vector used and / or delivered by many pieces of malware.
Theres a legitimate use for this driver in HASS if you’re trying to monitor processor etc. But you should be ok I’d you quarantine the file - if you’re not doing things that require the service to manipulate the processor.
So far mine is working fine, I don’t grab stuff off the desktop processor for my use.
I’m using it to monitor my main PC’s system resources.
The Gamers Nexus video was a good explanation of the issue.
1 Like