A method and system for identification of malware threats on web resources. The system employs a scheduled antivirus (AV) scanning of web resources. The scheduled scanning of web resources allows to create malware check lists and to configure access to web resources. Frequency and depth of inspection (i.e., scan) are determined for each web resource. The user identifiers are used for scheduled AV scanning of web resources. The system allows for scanning a web resource based on selected configurations without using additional client applications.