Windows security flagged Trojan:Win32/Casdet!rfn

[Zuluuk]

Windows security flagged Trojan:Win32/Casdet!rfn

\yuzu\load\0100152000022000\Force_FXAA_On.zip \yuzu\load\0100152000022000\Level_of_Detail_Enhance.zip \yuzu\load\01006A800016E000\30_FPS.zip \yuzu\load\01006A800016E000\Boot_Straight_to_menu.zip \yuzu\load\010074F013262000\Vulkan_Workaround.rar \yuzu\load\01007EF00011E000\60FPS.zip \yuzu\load\01007EF00011E000\Disable_Dynamic_Resolution.zip \yuzu\load\010093801237C000\Disable_Bloom.7z \yuzu\load\010093801237C000\Disable_FXAA.7z \yuzu\load\0100F9F00C696000\CTRNF_60fps.zip \yuzu\load\0100F9F00C696000\CTRNF_UnlockEverything.zip

I have tried to allow, and redownload but there are nothing in the mod folder.

[amakvana]

False positive. I have send off the latest copy to Microsoft, AVG and Avast for them to remove from their detections.

See VirusTotal report:

https://www.virustotal.com/gui/file/a76a3c417f6114111ecdd1a3611535fc01c518eab5151f183be30ad1f292ae61

The AVG and Avast detection (FileRepMalware) is based on File Reputation and all software that meets the following conditions gets flagged

[1. The file is not prevalent enough, ie. not enough Avast users tried to launch the file yet,

2. The file is not signed or Avast does not trust the signature.
3. The file was not added to their cleanset.](https://forum.avast.com/index.php?topic=183825.msg1297167#msg1297167)

The rebranding means for antiviruses, the software looks "brand new" again

For now - add SwitchEmuModDownloader into your exceptions and run again

[Zuluuk]

![Uploading empty mod.jpg…]() Its not complaining about SwitchEmuModDownloader its complaining about the zip / 7z that it is downloading. When i add the exceptions, there is no mod downloaded even though the list says it has downloaded.

[amakvana]

What's being flagged up is the process behind the downloading / unpacking of the files, which comes from SwitchEmuModDownloader. Hence this is the executable which needs whitelisting.

If a mod archive is empty, that means it has been removed from the source itself.

I've just cleared out my /load/ folder, reran SwitchEmuModDownloader, selected Switch-Mods repo and the mods pull down fine

[Zuluuk]

ty, just wanted to confirm if the official switch-mod repo is working atm?

[amakvana]

Works fine for me 👍

[Zuluuk]

:) then thats strange, trying to get the mod for botw, I deleted the loads folder, launched yuzu to create the load folders. Used switchemudownloader, says successful and it is on the list but the folder / mod is empty.

The file is shown in the progress bar, but the load folder for the game is empty...

[amakvana]

:) then thats strange, trying to get the mod for botw, I deleted the loads folder, launched yuzu to create the load folders. Used switchemudownloader, says successful and it is on the list but the folder / mod is empty.

Mods for BoTW are some of the mods which have been taken offline at the source.

I'm currently in touch with the creator of the mods to see if they can reupload any missing mods onto their GitHub repo

[Zuluuk]

https://web.archive.org/web/20240105120752/https://yuzu-emu.org/wiki/switch-mods/

not sure if this helps.

[amakvana]

https://web.archive.org/web/20240105120752/https://yuzu-emu.org/wiki/switch-mods/

not sure if this helps.

I pull it down using https://git.h3cjp.net/H3cJP/yuzu/wiki/Switch-Mods as it loads faster than the archive.org copies

[amakvana]

EDIT: The AV vendors have messaged saying the false positive detection will be removed from their databases in the next 24-48 hours.

[kathyrollo]

Came here to report the same thing. Good to know it's a false-positive. After adding my entire Emulators/ directory, which contain subdirectories for all the standalone/portable emulators I use, the Official Switch-Mods Repo now pulls down fine. I thought whitelisting the entire directory was better for my case.