Some recommendations needed.

I have a game called insaniqurium deluxe. Has anyone ever hearrd of Cheat engine? Because I am thinking abou t using it but some people say it contains a virus or rootkit. I looked at siteadvisor, it was green. I looked on youtube, nothing about virus, and I searched it on yahoo, only things saying its not a virus.

I really want it, im not going to have it for long, and its an offline game, so no cheating in multiplayer…

What should I do? Majority points to no virus…

SiteAdvisor I would take with a huge pinch of salt as their database can be very out of date, we have seen sites listed as clean (Green) when they are in fact infected and vice versa.

Anything that seeks to bypass something, be that registration/license (keygens) or cheat engines to as it says cheat, are highly likely to come with an uninvited guest (read trojan) so aside from any moral issue they are generally high risk. Who are you going to complain to if this is the case, certainly not to the game maker whose game you are trying to cheat, etc.

It really doesn’t matter how long you are going to have it, one installation is enough to activate any payload if it has any.

I know, the thing is though there are more positive results(Its all over youtube, search it.) I am still conflicted. What about sandboxie? could I try isolating it in that and see what happens?

Hi

WOT scanner is giving a yellow on this on four accounts.
DrWeb’s av link checker:
hxtp://d.trymedia.com/d/popcap/tg_60m_pkg53/t_25yt/InsaniquariumDeluxeSetup.exe?curr_selected=USD redirects to hxtp://38.108.189.125/e=1344/b=mhTJFliHFuHkqRpEFJB2hQAAAAAAAAAAAAAAAAAAAAAAaEbOxk8R4thHuRMSrqoXdF8yNXl0AAAAAAAAAAAAAFVTRAAAAAAAABmZElRoJyZ0Z182MG1fcGtnNTMAAAAAcG9wY2FwAAAAAAAAAAAAAA==/e=1152/b=SW5zYW5pcXVhcml1bSBEZWx1eGU=/e=1024/b=L2RkL3BvcGNhcC90Z182MG1fcGtnNTMvdF8yNXl0L0luc2FuaXF1YXJpdW1EZWx1eGVTZXR1cC5leGU-Y3Vycl9zZWxlY3RlZD1VU0Q=/t=1254769126/h=ffced0050e418f8e85911d17810fd92c/r/dm/dm3/InsaniquariumDeluxeSetup-dm.exe

Checking: hxtp://38.108.189.125/e=1344/b=mhTJFliHFuHkqRpEFJB2hQAAAAAAAAAAAAAAAAAAAAAAaEbOxk8R4thHuRMSrqoXdF8yNXl0AAAAAAAAAAAAAFVTRAAAAAAAABmZElRoJyZ0Z182MG1fcGtnNTMAAAAAcG9wY2FwAAAAAAAAAAAAAA==/e=1152/b=SW5zYW5pcXVhcml1bSBEZWx1eGU=/e=1024/b=L2RkL3BvcGNhcC90Z182MG1fcGtnNTMvdF8yNXl0L0luc2FuaXF1YXJpdW1EZWx1eGVTZXR1cC5leGU-Y3Vycl9zZWxlY3RlZD1VU0Q=/t=1254769126/h=ffced0050e418f8e85911d17810fd92c/r/dm/dm3/InsaniquariumDeluxeSetup-dm.exe
Engine version: 5.0.0.12182
Total virus-finding records: 653252
File size: 122.80 KB
File MD5: f1a7a47d7bf4f74fd6e5fed4e5b74b75

hxtp://38.108.189.125/e=1344/b=mhTJFliHFuHkqRpEFJB2hQAAAAAAAAAAAAAAAAAAAAAAaEbOxk8R4thHuRMSrqoXdF8yNXl0AAAAAAAAAAAAAFVTRAAAAAAAABmZElRoJyZ0Z182MG1fcGtnNTMAAAAAcG9wY2FwAAAAAAAAAAAAAA==/e=1152/b=SW5zYW5pcXVhcml1bSBEZWx1eGU=/e=1024/b=L2RkL3BvcGNhcC90Z182MG1fcGtnNTMvdF8yNXl0L0luc2FuaXF1YXJpdW1EZWx1eGVTZXR1cC5leGU-Y3Vycl9zZWxlY3RlZD1VU0Q=/t=1254769126/h=ffced0050e418f8e85911d17810fd92c/r/dm/dm3/InsaniquariumDeluxeSetup-dm.exe packed by UPX

hxtp://38.108.189.125/e=1344/b=mhTJFliHFuHkqRpEFJB2hQAAAAAAAAAAAAAAAAAAAAAAaEbOxk8R4thHuRMSrqoXdF8yNXl0AAAAAAAAAAAAAFVTRAAAAAAAABmZElRoJyZ0Z182MG1fcGtnNTMAAAAAcG9wY2FwAAAAAAAAAAAAAA==/e=1152/b=SW5zYW5pcXVhcml1bSBEZWx1eGU=/e=1024/b=L2RkL3BvcGNhcC90Z182MG1fcGtnNTMvdF8yNXl0L0luc2FuaXF1YXJpdW1EZWx1eGVTZXR1cC5leGU-Y3Vycl9zZWxlY3RlZD1VU0Q=/t=1254769126/h=ffced0050e418f8e85911d17810fd92c/r/dm/dm3/InsaniquariumDeluxeSetup-dm.exe - Ok

But I would not trust: hxtp://38.108.189.125/e=1344
Last time malcode was found on this site was on 2009-09-18.
Malicious software includes 1280 adwares.

This site was hosted on 1 network(s) including AS174 (COGENT).

Did this site host malware?

Yes this site hosted malicious software and infected 76 domains, e.g.
portalit.net/, trymedia.com/, svetagames.com/

I would stay away from additional unwanted adware etc.,

polonus

what is this a scan of?

Hi John2009,

Without installing the extension in your browser, you can perform the download URL scan here:
http://online.us.drweb.com/?url=1

polonus

but is that the scan of the cheat engine program?

dr.web says the file is clean…

http://online.us.drweb.com/cache/?i=64ad75b4ead9006d2455af0bcf7b07f9

and its green on mywot. Are you sure you got the right website?

http://www.mywot.com/en/scorecard/www.cheatengine.org

@ Polonus: thanks for the tip about this extension, never heard of it before. But I knew about the publisher long ago, so I just installed that in FF.
…don’t know yet if I’ll keep it but I’ll test it for a while, works with the EICAR file at least :wink: