I would not touch that game or any others at the same site. I would get rid of the game if I have it on the pc, if the file can be totally deleted I would do that too then empty the trash bin.

I would also run superantispyware right away, update, then full scan.

Iwin has had problems before with having spyware infections I would not go anywhere near that site.

ravencajun or others,
Would someone address my questions above concerning this trojan?

superantispyware has it quarantined, but the button to restore or remove (under manage quarantined items) is grayed out. Should I just leave it in quarantine? I tried to tell someone else about this trojan as she has it on her computer as well, and she just got annoyed with me. She's saying that its no threat since she isn't on the internet when she plays the game. I agreed for us to disagree.

Sapphires

When you click on Quarintine in Superantispyware do you see the little + sign beside the dates? Click on the plus sign and then highlight the trojan horse and click on the remove button.
The remove button will be grayed out until you click the plus sign and then highlight the trojan name. It should be removed.............

what a trojan horse does is once it is on your computer it makes a connection any time you get online to it's home base and sends all your info to who ever it is that put out the trojan horse.So your friend could not be more wrong and if she does any banking or has any of her personal info anywhere on her pc it could well be in jeopardy. once the thing loads itself to your pc it just sits there and waits till it sees a connection then it phones home.

ok you originally said AVG had it in quarantine, is it AVG or superantispyware?
If you ran AVG I was saying to also be sure you run superantispyware too because it will often get some of the stuff that AVG won't
You can leave it in quarantine or delete it, I would try to delete the entire program that it came with and any thing associated with it and would never go back to that site.

Linda is correct you must select the item then you can delete.

here is what you need to give your friend this is from the
sunbelt malware research labs, info trojan horse dropper agent.
Trojan-Dropper
Type Malware
Type Description Malware ("malicious software") consists of software with clearly malicious, hostile, or harmful functionality or behavior and that is used to compromise and endanger individual PCs as well as entire networks.
Category Trojan Downloader
Category Description A Trojan Downloader is a program typically installed through an exploit or some other deceptive means and that facilitates the download and installation of other malware and unwanted software onto a victim's PC. A Trojan Downloader may download adware, spyware or other malware from multiple servers or sources on the internet.
Level High
Level Description High risks are typically installed without user interaction through security exploits, and can severely compromise system security. Such risks may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware. These risks may also collect and transmit personally identifiable information (PII) without your consent and severely degrade the performance and stability of your computer.

IF she has no problem with everything on her pc being sent out over the trojan connection to some hacker likely in Russia then by all means she should just leave it on her computer.
Sorry I just do not get some people.

The even bigger risk is that now someone could gain control of her pc and it will become a zombie pc in their arsenal of spam bots that send out spam and porn to everyone.

let me explain some thing about how these things get on peoples computers, ok say you go to that site where you can either play games on line or download the game, you see a pop up that says PLAY or Download which ever case it may be, so you think ok that button just means PLAY but in reality just because the button says PLAY does not mean that is what that button really does, any time you actively push a button you could be pushing a button that is actually saying yes please install this malware onto my pc, the action of pushing the button is all it takes, you see a game come up to play and think ok here is my game but in the background what is happening is a trojan is being installed on your pc and phoning home to the hacker that wrote it and giving him your info or worse giving him control of your pc.

The bogus CNN and msnbc links I have posted about do the same thing, in those cases it looks like a legit link to CNN so you click on it, there you go you took an action you clicked, that click in the back ground is now installing on your pc the dreaded malware antivirus2008 or 2009 or something worse.
In some cases on seriously infected sites you do not even have to push anything just going to the site is enough because they can have malicious code in the page code and if you have a browser that has not had all it's patches etc then they get in through holes that are open.

If you are not absolutely sure about the safety and security of a site do not click anything on it. I would use mcafee site advisor on the browser so you can see at a glance if it is a green or a red site.
if you use firefox you can add dr.web
Dr.Web anti-virus link checker

mcAfee site advisor can be used on IE and firefox both.

Hi,
Both my Avg and superantispyware found this, in Avg it is in the vault and superantispyware it is quarantined. In Avg it says it IS NOT healable, so will just removing it be enough and removing it in superantispyware, is that enough to be safe? Anxiously awaiting your reply. Thank you so much. Can you hear the desperation in my words. I get so stessed about these things.

The person I tried to tell about this, well she wants to argue rather than listen. She always wants to be right and I guess she is a little defensive because she bought the game and gave to me to also download.
It's a shame as I really enjoy this game and am half way through it.
Sapphires

ravencajun,
How do you use the mcafee site advisor on the browser? Where do you get it from and is it easy to install? Thanks.
Sapphires

super easy to install just the click of a button LOL but the right button!!
SiteAdvisor: the Web, tested.
If you look carefully you will see it says site advisor for firefox and below that a link that says site advisor for IE, select the one for which ever browser you are using, if you use both, go in with that browser and select to download the version for the browser you are using.
That is it, then any time you go to a site it will have a bar down in your bottom bar of your screen which will be green if it is a clean site, yellow for questionable, RED for get the heck out of here. When you search on google it will put icons on each link with the same colors, never go red.

that game is a very common game and can be found at good legit sites that are safe. I will find one for you to get it from. I too play that game.

Yes if it is locked down in the vault and quarantined you should be good. I would just go to add remove and delete the game. Then do a search for that trojan name to make sure nothing shows up, plus do a search for the game too and delete anything you may find still associated with it.

I will give you an online trojan scanner link please go there and allow it to scan your pc and clean anything it finds.
TrojanScan
http://www.ewido.net/en/

and to be absolutely sure do this one too.
Trend Micro's FREE online virus scanner

let me know how it goes.

once we are sure you are clean you will likely need to clear out all your restore points in system restore because if you were to use one and go back in time to a point where you still had this trojan you would again be reinfected.

ravencajun,
Okay I downloaded and installed McAfee SiteAdvisor, however I don't see any bar near the browser indicating anything McAfee related. Where is it hiding? I did the one for IE. Thanks.
Sapphires

have you tried doing a google search it will show up as icons at each site name and if you hover over it you get info. you can click on it to get more info. on my firefox I have a bar at the center of my bottom bar of my browser window that says McAfee siteadvisor when on a good site it is green and right beside that is a little bitty circle with an arrow in it if you click on that you get some options for siteadvisor.
I have not used IE in so long I have totally forgotten what it looks like on IE.
here is a thumbnail pic you can click on to make larger of my screen capture, if you look down at the center of the bottom browser bar you will see the green rectangle that says Mcafee siteadvisor
{{gwi:1487637}}

I am using FireFox now and it DOES show up and now when I do a Google search I see the icons etc... I wonder why I can't see it when using IE, I am pretty sure I downloaded the one for IE is there a way to check?

Sapphires

it should show up in your add ons for Ie too look in your IE tools internet options or where ever it shows the add ons, or go to google using Ie and see if you see the same icons.

Sapphires you have to do both downloads when you are using IE go to the siteadvisor site and click on the link that says for IE and get that one.

you apparently already have the one for firfox installed. just having the download for firefox will not work on IE so just go with IE and get the IE version download.

sapphires I have been checking into the game you want, the problem is that game is created and put out by iWin, there fore any that you get could have that trojan if it was put on there when it was created. I have played versions of it online on yahoo before but never downloaded it.
I personally would contact iWin and tell them that you have a trojan and give the specific name that is attached to that game file.

Now I just noticed that you said your friend bought the game then gave it to you to install. Was this done by a download or was this done by an actual purchased cd with the game on it, did she buy a cd or did she download it directly and if so from which site did she download it? IF she downloaded it off the internet at some game site it could be that, that site added a trojan to the download file.
If she got an actual cd then if the trojan is on that cd we know the trojan definitely came with the game.

Until more is known about this I would be hesitant to get the game from anywhere because it is created by iWin and if they are the ones putting the trojan on it well you see the problem, there would be no clean version.

I have found several copies of that game on crack sites with codes to get it free and a passcode to open it, now if by some chance it came from that kind of source it is pretty much a given it will be infected.

ravencajun,
My friend bought the Jewel Quest 111 from iWin they sent her the CD and she installed it then gave it to me, I then passed it along to my sister. I have informed both of this. Another question, I removed this Trojan from the vault of superantispyware and Avg but where did it go?. It didn't go to the recycle bin? Thank you.
Sapphires

ravencajun,
ok, I think I am ready to "clean out all restore points in system restore. Remember please to give precise instructions, lol.
Sapphires