Dexty111 Posted November 19, 2018 Posted November 19, 2018 Ok so whenever i download any version of openrct2 windows defender is sending notifications about virus detected. I eventually try ignoring it but its not even letting me open the program. I scanned with malwarebytes and it found 5 threats. I also removed what was found by windows defender and it removed all the installed files from the openrct2 installer. I dont know if explained this well but please ask for details. Here is a screenshot of what malwarebytes found. There was nothing before i tried installing it.
jensj12 Posted November 19, 2018 Posted November 19, 2018 If you trust the OpenRCT2 files, select them in that window and click restore (don't restore files you don't know).
Coastertwister Posted November 21, 2018 Posted November 21, 2018 (edited) Dexty111: I got the same thing on my download, with windows defender on windows 10. Tried to download the win32 installer, and windows defender detected it with a trojan named "Win32/Occamy.C" It did not detect anything with in 64-bit installer. Which one did you get? the win32 one, or the win64 one? But what got me a little worried is that I downloaded both of these files in parallel as I accidentally clicked to download the 32-bit installer first when I was actually going to get the 64-bit one. The 64-bit one finished first, so I launched it and was like mid way into installing before the 32-bit download finished with the message about the trojan. Can you devs look into whether the 64-bit version may be also infected? This is the first time in perhaps 10 years that I detect malware in a file downloaded from a seemingly trustable source. Edit: I also did a sha256 check on the file, and the checksum displayed on the web page, is the same as the actual file downloaded. Edited November 21, 2018 by Coastertwister Additional information
janisozaur Posted November 21, 2018 Posted November 21, 2018 @Dexty111 I think you got a little confused, this is OpenRCT2 forum, not malwarebytes or Windows defender one.
GingerAdonis Posted November 21, 2018 Posted November 21, 2018 Unfortunately this happens regularly, and are regarded as false-positives. It's good practice to re-check files using VirusTotal.com: https://www.virustotal.com/#/url/9b79f965f5cf50cf6ffbc42e01f93891afafa382403cc2ce14f2b58d6dafb0b4/detection I'm not sure if code signing, which we had in the past, helps preventing false-positives. But it is something that should be considered again.
BlazingEmpireHD Posted November 22, 2018 Posted November 22, 2018 I'd not worry to much about this - the helpful developers have more knowledge than I do, but I've had this before, and I simply went and downloaded the game anyways. Not too sure why cleaners and security apps freak out with OpenRCT2. It's not like we're a band of hackers or anything. 👺
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now