Jump to content

Viruses on OpenRCT2 downloads.

Recommended Posts

Ok so whenever i download any version of openrct2 windows defender is sending notifications about virus detected. I eventually try ignoring it but its not even letting me open the program. I scanned with malwarebytes and it found 5 threats. I also removed what was found by windows defender and it removed all the installed files from the openrct2 installer. I dont know if explained this well but please ask for details. Here is a screenshot of what malwarebytes found. There was nothing before i tried installing it.


Share this post

Link to post

Dexty111: I got the same thing on my download, with windows defender on windows 10. Tried to download the win32 installer, and windows defender detected it with a trojan named "Win32/Occamy.C" It did not detect anything with in 64-bit installer. Which one did you get? the win32 one, or the win64 one?

But what got me a little worried is that I downloaded both of these files in parallel as I accidentally clicked to download the 32-bit installer first when I was actually going to get the 64-bit one. The 64-bit one finished first, so I launched it and was like mid way into installing before the 32-bit download finished with the message about the trojan.

Can you devs look into whether the 64-bit version may be also infected? This is the first time in perhaps 10 years that I detect malware in a file downloaded from a seemingly trustable source.


Edit: I also did a sha256 check on the file, and the checksum displayed on the web page, is the same as the actual file downloaded.

Edited by Coastertwister
Additional information

Share this post

Link to post

Unfortunately this happens regularly, and are regarded as false-positives. It's good practice to re-check files using VirusTotal.com: https://www.virustotal.com/#/url/9b79f965f5cf50cf6ffbc42e01f93891afafa382403cc2ce14f2b58d6dafb0b4/detection

I'm not sure if code signing, which we had in the past, helps preventing false-positives. But it is something that should be considered again.

Share this post

Link to post

I'd not worry to much about this - the helpful developers have more knowledge than I do, but I've had this before, and I simply went and downloaded the game anyways.

Not too sure why cleaners and security apps freak out with OpenRCT2. It's not like we're a band of hackers or anything. 👺

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...