i just found myself infected with "webget" malware which mcafee totally failed to stop.
It seemed to install from a fake adobe acroreader site. I clicked on a pdf which told me I did not have the latest acrobat reader installed. I foolishly follwoed the link and found random really annoying flashing ads everytime I browsed. I ran a full Scan in safe mode but McAfee told me everything was fine even though it wasn't.
I identified that a webget directory had recently been created under c:\program files (x86).
the malware had also installed a mysearchdial app, with settings under c:\users\name\appdata\roaming\mysearchdial\
I was able to locate the files by checking the mcAfee firewall settings - several items (sone with names and some without) had enabled full firewall access.
Attempting to shred webget using mcaffee gave the error access denied.
atttempting to remove with windows file explorer was unsuccessful. I could not run file exporer as administrator.
the malware also corrupts the windows update database (discovered by running the windows torubleshooter for windows update)
Another mcafee scan still said everything was fine.
I restarted windows in safe mode again (via windows 8.1 advanced startup options)
i ran cmd (command prompt) and used DOS to del everything in the webget directory and the misearchdial directories both in program files and users.....appdata.
restarting confirms malware is finished,
running windows update took a long time - it thinks it never installed any updates (are you kidding this is windows - it has installed hundreds of updates in the last year!!).
still macafee is none the wiser.
McAfee - you let me down, can I have the last 5 hours of my life back please?
You are not the only one whom has fallen for these instances. If you feel that you may still have remnants of this on your system. You can try this reputable Removal Guide http://malwaretips.com/blogs/start-mysearchdial-removal/ You can also find some excellent (free) Anti-Virus/Malware removal Tools listed under my Signature, in the second link.
You will see identical applications used in the removal guide, listed in the link below my Signature. I personally keep on hand "Malwarebytes Anti-Malware" (Free Version Only) don,t accept the (Free Trial Version) as it contains the RTS Module, that will clash with McAfee. Malwarebytes detects specific PUPS/Malware that most Anti-Virus Solutions don,t. Please know that McAfee is not soley alone in this aspect.
This PROGRAM is designed to work alongside all Anti-Virus Applications, as a compliment to your protection. It is entirely compatiable when using the (Free) version.
All the very Best,
Message was edited by: catdaddy on 5/7/14 9:37:51 AM CDT
I moved this to Malware Discussions as a better spot for it. Catdaddy's recommendation is a good one.
No AV is 100% guaranteed unfortunately. Be extra careful what you download and where you surf and always keep all aspects of your system up to date, including parts of it you may not use.
And when I click on those links it tells me the site is vulnerable to Hearbleed and it doesn't look like a trustworthy site. Is this forum an official mcafee forum??
Webget is not a virus or a trojan or a worm, it is simply adware and annoying. I doubt any antivirus on the market would flag it. You can't expect any software to do it all, there is no such thing. If you don't believe me ask any independent malware forum - BleeepingComputer is a good one.
Regarding the links above that could be your browser acting up because of something else. Heartbleed is no longer a threat. Or it could simply be this forum software which has been known to break links.
Strange that link does not give me any warning at all and is green-flagged by both SiteAdvisor & WoT.Message was edited by: Ex_Brit on 07/05/14 11:01:32 EDT AM
If I may add, both links work properly on my end Ex_Brit. It very well could be as you mentioned.
Scratch that....I also confirm that it must be the Forum Software breaking the links. I just tried again, to make absolutely sure.
Would not Connect.Message was edited by: catdaddy on 5/7/14 10:10:41 AM CDT
It appears to be a Firefox issue and possibly with other browsers but the link I first posted works just fine in IE. No warnings at all
This is nothing to do with malware so don't anyone worry about it, it's a browser issue seemingly.
My statement that webget is not malware and therefore not detected by antivirus engines stands.
I agree it's a darn nuisance however.