BREAKING NEWS: Windows Defender Advanced Threat Protection (Windows Defender ATP) to include AI-driven automated investigation and remediation capabilities later this year.Learn more
Alert level: Low Detected with Windows Defender Antivirus
Also detected as: Win32/Winwebsec (other) Rogue:Win32/Winwebsec (other)
Essential Cleaner is a variant of Win32/Winwebsec - a family of programs that claims to scan for malware and displays fake warnings of "malicious programs and viruses". They then inform the user that he or she needs to pay money to register the software to remove these non-existent threats.
Win32/Winwebsec has been distributed with many different names. The name used by the malware, the user interface and other details vary to reflect each variant's individual branding. The following details describe Win32/Winwebsec when it is distributed with the name "Essential Cleaner".
Warning: Win32/Winwebsec may stop affected users from running all but a short list of specified applications. This may have an adverse effect on security applications that would otherwise remove this malware. If your antivirus scanner is unable to remove this threat because of this behavior, please see the additional removal instructions below.