Winweb Security is a rogue anti-spyware program that uses deceptive scan results as a tactic to scare the user into purchasing the software. When Winweb Security is installed it will be configured to run automatically when the user's computer starts.


Once running, the program will perform a scan and then list a variety of malware that cannot be removed until the user first purchase a license of the software. 

The malware files that Winweb Security says exists on the user's computer, actually do not exist or are legitimate programs.

When running, the user will also see pop-ups on your desktop stating that "Internet Explorer is injected with worm Lsas.Blaster.Keylogger". This alert will then prompt the user to purchase the software in order to protect their computer. This alert is fake, and the infection listed does not even exist.

Community content is available under CC-BY-SA unless otherwise noted.