Should I block it?

90%
90% of PCs block this file from running.
Possible reason:
Multiple malware detections

VersionsAdditional versions

6.2.1.2643 50.00%
6.1.0.1561 50.00%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
AdjustTokenPrivileges, AllocateAndInitializeSid, ChangeServiceConfigA, CloseServiceHandle, CreateServiceA, LookupPrivilegeValueA, OpenProcessToken, OpenSCManagerA, OpenServiceA, RegCloseKey, RegCreateKeyExA, RegDeleteKeyA, RegDeleteValueA, RegEnumKeyExA, RegEnumValueA, RegFlushKey, RegOpenKeyExA, RegQueryInfoKeyA, RegQueryValueExA, RegSetValueExA, StartServiceA
comctl32.dll
ImageList_Add, ImageList_AddMasked, ImageList_BeginDrag, ImageList_Copy, ImageList_Create, ImageList_Destroy, ImageList_DragEnter, ImageList_DragLeave, ImageList_DragMove, ImageList_DragShowNolock, ImageList_DrawEx, ImageList_DrawIndirect, ImageList_EndDrag, ImageList_GetImageCount, ImageList_Remove, ImageList_Replace, ImageList_SetImageCount, InitCommonControls
comdlg32.dll
ChooseColorA, ChooseFontA, ChooseFontW, CommDlgExtendedError, GetOpenFileNameA, GetOpenFileNameW, GetSaveFileNameA, GetSaveFileNameW
gdi32.dll
Arc, BitBlt, Chord, CombineRgn, CreateBitmap, CreateBrushIndirect, CreateCompatibleBitmap, CreateCompatibleDC, CreateDIBSection, CreateDIBitmap, CreateEllipticRgn, CreateFontIndirectA, CreateFontIndirectW, CreatePatternBrush, CreatePen, CreatePenIndirect, CreatePolygonRgn, CreateRectRgn, CreateRoundRectRgn, CreateSolidBrush, DPtoLP, DeleteDC, DeleteObject, Ellipse, EnumFontFamiliesA, EnumFontFamiliesExA, EnumFontFamiliesExW, ExcludeClipRect, ExtCreatePen, ExtCreateRegion, ExtFloodFill, ExtSelectClipRgn, ExtTextOutA, ExtTextOutW, GetBitmapBits, GetBkColor, GetCharABCWidthsA, GetClipBox, GetClipRgn, GetCurrentObject, GetDCOrgEx, GetDIBits, GetDeviceCaps, GetMapMode, GetObjectA, GetObjectType, GetObjectW, GetPixel, GetROP2, GetRandomRgn, GetRgnBox, GetStockObject, GetTextAlign, GetTextColor, GetTextExtentPoint32A, GetTextExtentPoint32W, GetTextMetricsA, GetViewportExtEx, GetViewportOrgEx, GetWindowExtEx, GetWindowOrgEx, IntersectClipRect, LPtoDP, LineTo, MaskBlt, MoveToEx, OffsetRgn, OffsetViewportOrgEx, PatBlt, Pie, PolyBezier, Polygon, Polyline, PtInRegion, RealizePalette, RectVisible, Rectangle, RestoreDC, RoundRect, SaveDC, SelectClipRgn, SelectObject, SelectPalette, SetArcDirection, SetBkColor, SetBkMode, SetBrushOrgEx, SetMapMode, SetPixel, SetPolyFillMode, SetROP2, SetStretchBltMode, SetTextAlign, SetTextCharacterExtra, SetTextColor, SetViewportExtEx, SetViewportOrgEx, SetWindowExtEx, SetWindowOrgEx, StretchBlt, TextOutW, FillRgn, GetTextExtentExPointA, GetTextExtentExPointW
hhctrl.ocx
HtmlHelpA
imagehlp.dll
StackWalk64, SymCleanup, SymEnumerateModules, SymEnumerateModules64, SymEnumerateSymbols, SymEnumerateSymbols64, SymFunctionTableAccess64, SymGetModuleBase64, SymGetOptions, SymGetSearchPath, SymInitialize, SymLoadModule64, SymSetOptions, SymSetSearchPath
kernel32.dll
BeginUpdateResourceA, CloseHandle, CompareStringA, CompareStringW, CopyFileA, CreateDirectoryA, CreateDirectoryW, CreateEventA, CreateFileA, CreateFileMappingA, CreateNamedPipeA, CreateProcessA, CreateThread, DeleteCriticalSection, DeleteFileA, DeleteFileW, DeviceIoControl, DosDateTimeToFileTime, DuplicateHandle, EndUpdateResourceA, EnterCriticalSection, EnumCalendarInfoA, EnumResourceLanguagesA, EnumResourceNamesA, EnumResourceTypesA, ExitProcess, ExitThread, FileTimeToDosDateTime, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FindResourceExA, FlushInstructionCache, FormatMessageA, FreeEnvironmentStringsA, FreeLibrary, FreeResource, GetACP, GetCommandLineA, GetConsoleMode, GetConsoleOutputCP, GetCurrentDirectoryA, GetCurrentDirectoryW, GetCurrentProcess, GetCurrentProcessId, GetCurrentThreadId, GetDateFormatA, GetEnvironmentStringsA, GetExitCodeProcess, GetExitCodeThread, GetFileAttributesA, GetFileAttributesW, GetFileSize, GetFileTime, GetFileType, GetLastError, GetLocalTime, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetProcAddress, GetProcessAffinityMask, GetProcessHeap, GetProcessWorkingSetSize, GetStartupInfoA, GetStdHandle, GetSystemInfo, GetTempPathA, GetThreadLocale, GetThreadPriority, GetTickCount, GetUserDefaultLCID, GetVersionExA, GetWindowsDirectoryA, GlobalAddAtomA, GlobalAlloc, GlobalDeleteAtom, GlobalLock, GlobalMemoryStatus, GlobalReAlloc, GlobalSize, GlobalUnlock, HeapAlloc, HeapFree, InitializeCriticalSection, LeaveCriticalSection, LoadLibraryA, LoadLibraryExA, LoadResource, LocalAlloc, LocalFileTimeToFileTime, LocalFree, LockResource, MapViewOfFile, MoveFileA, MoveFileW, MulDiv, MultiByteToWideChar, OpenFileMappingA, OpenProcess, OutputDebugStringA, PeekNamedPipe, ReadFile, ReadProcessMemory, RemoveDirectoryA, RemoveDirectoryW, ResetEvent, ResumeThread, SetCurrentDirectoryA, SetCurrentDirectoryW, SetEndOfFile, SetErrorMode, SetEvent, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, SetProcessAffinityMask, SetProcessWorkingSetSize, SetThreadPriority, SetUnhandledExceptionFilter, SizeofResource, Sleep, SuspendThread, TerminateThread, TlsAlloc, TlsGetValue, TlsSetValue, TryEnterCriticalSection, UnmapViewOfFile, UpdateResourceA, VirtualAlloc, VirtualFree, VirtualQueryEx, WaitForMultipleObjects, WaitForSingleObject, WideCharToMultiByte, WriteFile, WriteProcessMemory, DllMain
lua5.1-32.dll
luaL_loadfile, luaL_loadstring, luaL_newstate, luaL_openlibs, luaL_ref, luaL_unref, lua_atpanic, lua_call, lua_close, lua_createtable, lua_error, lua_getfield, lua_gettable, lua_gettop, lua_isnumber, lua_isstring, lua_pcall, lua_pushboolean, lua_pushcclosure, lua_pushinteger, lua_pushlightuserdata, lua_pushlstring, lua_pushnumber, lua_pushvalue, lua_rawgeti, lua_setfield, lua_settable, lua_settop, lua_toboolean, lua_tointeger, lua_tolstring, lua_tonumber, lua_touserdata, lua_type, lua_isuserdata, lua_newthread, lua_objlen, lua_pushnil
ole32.dll
CLSIDFromProgID, CoCreateGuid, CoCreateInstance, CoFreeUnusedLibraries, CoInitialize, CoTaskMemAlloc, CoTaskMemFree, CoUninitialize, GetErrorInfo, OleInitialize, OleUninitialize
oleaut32.dll
SafeArrayAccessData, SafeArrayCreate, SafeArrayGetElement, SafeArrayGetLBound, SafeArrayGetUBound, SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayRedim, SafeArrayUnaccessData, SysAllocStringLen, SysFreeString, SysReAllocStringLen, VariantChangeTypeEx, VariantClear, VariantCopy, VariantInit
shell32.dll
DragAcceptFiles, DragFinish, DragQueryFileA, DragQueryFileW, ExtractIconA, SHBrowseForFolder, SHBrowseForFolderW, SHGetMalloc, SHGetPathFromIDList, SHGetPathFromIDListW, SHGetSpecialFolderLocation, ShellExecuteA
user32.dll
DllMain
version.dll
GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
ws2_32.dll
WSACleanup, WSAStartup, bind, closesocket, connect, recv, recvfrom, send, sendto, setsockopt, socket
wsock32.dll
WSAStartup, gethostbyaddr, gethostbyname

cheatengine-i386.exe

By Cheat Engine

Remove cheatengine-i386.exe
Version:   6.2.1.2643
MD5:   89569baa0a13ca53df342cf7a0cc70fe
SHA1:   88f07db216f388a603179649d83bf1fc9ac8cb06
SHA256:   fe902750890b160866471369271acd0394cb5e98e62276ed9f6d25e12610018f
Warning 4 antivirus scanners has detected malware.

Overview

cheatengine-i386.exe is malware that executes as a process with the local user's privileges. It is installed with a couple of know programs including Cheat Engine 6.2 published by Dark Byte and Cheat Engine 6.1 published by Dark Byte.

DetailsDetails

File name:cheatengine-i386.exe
Publisher:Cheat Engine
Description:Cheat Engine
Typical file path:C:\Program Files\cheat engine 6.1\cheatengine-i386.exe
File version:6.2.1.2643
Product version:6.2
Size:6.39 MB (6,702,592 bytes)
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Dark Byte
1% remove
Cheat Engine, commonly abbreviated as CE, is an open source memory scanner/hex editor/debugger created by Eric Heijnen ("Dark Byte") for the Windows operating system. Cheat Engine is mostly used for cheating in computer games, and is sometimes modified and recompiled to evade detection. Cheat Engine can view the disassembled memory of a process and make alterations to give the user advantages such as infinite health, time or ammunition....

MalwareMalware detections

Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum 5.5.1.3 HackTool.CheatEngine!5dzNa68vhD0
Baidu Antivirus 3.5.1.41473 Malware.Win32.HackTool.34
ESET NOD32 7.8859 a variant of Win32/HackTool.CheatEngine.AB
Kingsoft 2013.4.9.267 Win32.HackTool.Undef.(kcloud)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00421955%
0.028634%
Kernel CPU:0.00378746%
0.013761%
User CPU:0.00043209%
0.014873%
Kernel CPU time:347,102,225 ms/min
100,923,805ms/min
Memory
Private memory:63.87 MB
21.59 MB
Private (maximum):50.78 MB
Private (minimum):6.43 MB
Non-paged memory:63.87 MB
21.59 MB
Virtual memory:251.46 MB
140.96 MB
Virtual memory (peak):354.34 MB
169.69 MB
Working set:50.78 MB
18.61 MB
Working set (peak):87.63 MB
37.95 MB
Resource allocations
Threads:3
12
Handles:246
600
GUI GDI count:228
103
GUI GDI peak:287
142
GUI USER count:220
49
GUI USER peak:235
71

BehaviorsProcess properties

Integrety level:High
Platform:32-bit
Command line:"C:\Program Files\cheat engine 6.2\cheatengine-i386.exe"
Owner:User

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 100.00%

Distribution by countryDistribution by country

Indonesia installs about 50.00% of cheatengine-i386.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 50.00%
Lenovo 50.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE