Showing results for 
Search instead for 
Did you mean: 

check for malware

New Member

check for malware

Webroot scan did not find malware.  However I got a message from microsoft security essentials alert that

my computer has adware, trojan and hack tool that should be removed.

I suggest webroot users use "Microsfot Safety Scanner" to check for malware.

Scanner is temporary.

I have Windows 7 home

Retired Webrooter

Re: check for malware

If you think your computer is infected, please Open a Support Ticket so that we can get you in touch with one of our support technicians. Our advanced malware removal is free, and it is better to be safe than sorry if you think for any reason you may be infected.


Even if Webroot misses a threat, we have advanced rollback and remediation technology that journals all of the actions of unknown programs/files which we can then revert and remediate.

Mike R

Social Media Manager

Retired Webrooter

Re: check for malware

Without looking at the logs I am guessing thats its the fake Microsoft Safety Scanner that is doing the rounds at the moment. The removal tool is actually an infection that WSA always catches. It will be called "Security Scanner[1].exe" and you should see it in the scan logs of Webroot if you tried to save it. If you submit a log I can confirm this. In anycase I would not visit that site anymore as its either infected or has a malicious link in it.

Community Expert Advisor

Re: check for malware

I agree with Mike. Not to worry. WSA has rollback and remediation tech. And moreover the support team offers free malware removal. Those are at the top of the reasons why I love WSA so much.Smiley Happy
Community Expert Advisor

Re: check for malware

I think Roy has a point. fake MS scanner could be a possibility that causing the prob.
Threat Researcher

Re: check for malware

Hi Renie67,

You have most likely seen a fake Windows Security alert that is quite common at the moment from multiple different sources. These are websites that prompts you to download a malicious file to your computer by faking the look of a legitimate Microsoft application. This fake antivirus called Microsoft Security Essentials can be seen below:




It is always advised to forced close your browser (via Task Manager or Close Button) if this occurs and report the URL in the address bar to ourselves so we can block it for all users. I would also recommend making sure your Adobe Flash and Java is up to date and that you use a more secure web browser such as Google Chrome or Mozilla Firefox.


Follow me on Twitter @WebrootEamon
Retired Webrooter

Re: check for malware

Hi Renie67,


To add to Eamon's and Rakanisheu's points, we've actually posted about this type of scan very recently on our Webroot Threat Blog. It's an informative and interesting read that helps you avoid these fake AV scams and stay protected should you encounter one.

--Yegor P--
Social Media Content Coordinator

New to the Community? Sign up for FREE today.
Gold VIP
Microsoft Windows

Re: check for malware

Hello EamonF and Welcome to the Webroot Community Forums.


Nice to see more Threat Researcher's on the Forums! Smiley Wink






Gold.gif EPA.gif  ambassadorsig.png

2016-07-18_12-11-32.png  Microsoft® Windows Insider MVP - Windows Security  beta_tester_transparent.png

Silver VIP

Re: check for malware

Hello EamonF!  Welcome to the Community, I hope we continue to see you on here!



New to the Community? Register now and start posting!

Helpful Webroot Links:

Download (PC)   Download (Best Buy Subscription)   Submit Trouble Ticket   Account Console   User Guides   

"If you don't learn something new every day, you need to pay more attention. I often get my daily learning here so grab a chair and stay a while!"

WSA-Complete (Beta PC), WSA Mobile (Android), WSA Business Mobile (Android) WSA-Endpoint (PC- Some of the time.....)
Community Expert Advisor

Re: check for malware

I've noticed renie67 has WSA and the allegedly fake MS scanner. The fake AV is causing the prob.

WSA will remove the fake AV once it's blacklisted and rollback the changes. If the fake AV has already been known to exist for sometime and WSA team is aware and have probably blacklisted why did WSA not catch the AV? So if I happen to get the fake AV by mistake do I have to contact support to remove it? Will WSA not prevent it or detect it after a scan and remove it?