New Malware Imitates Browser Warning Pages

Jake writes with this excerpt from Ars: "Microsoft is warning about a new piece of malware, Rogue:MSIL/Zeven, that auto-detects a user's browser and then imitates the relevant malware warning pages from Internet Explorer, Firefox, or Chrome. The fake warning pages are very similar to the real thing; you have to look closely to realize they aren't the real thing. The ploy is a basic social engineering scheme, but in this case the malware authors are relying on the user's trust in their browser, a tactic that hasn't been seen before. Beyond the warning pages, the actual malware looks like the real deal: it allows you to scan files, tells you when you're behind on your updates, and enables you to change your security and privacy settings. Performing a scan results in the product finding malicious files, but of course it cannot delete them unless you update, which requires paying for the full version. Attempting to buy the product will open an HTML window that provides a useless 'Safe Browsing Mode' with high-strength encryption. To top it all off, the rogue antivirus webpage looks awfully similar to the Microsoft Security Essentials webpage; even the awards received by MSE and a link to the Microsoft Malware Protection Center have been copied."

Not new...

[Darkness404]

Imitating warning pages or other elements of the UI is not a new tactic. Back in the 90s and 2000s there were lots of "You are the 223423424th person to view this page" banners that were deliberately trying to imitate Windows 9X or XP.

Re:

[jornak]

This is also old news in regards to the actual topic. Malware has been imitating error pages and injecting code into pages (like "Google detects you're infected, use software to fix!" on Google") for the longest time..

Re:Not new...

[Anonymous Coward]

How could you even think of browsing the internet without Internet Explorer 8 on Microsoft Windows 7? Do you realize that using knock-off "operating systems" and programs like Foxfire and Chrum and Oprah is intellectual property theft? Why do you think you fools are getting viruses? It's not cool. You're not slick and getting one over on "the man". It's fucking bullshit. Microsoft Internet Explorer 8 was designed and engineered to exacting standards to mesh flawlessly with the intricate security in Microsoft Windows 7. Your knock-off crap is not. Why do you freetards insist on removing your noses to spite your faces? Do you just tire of smelling your own bullshit? Microsoft Windows 7 and Microsoft Internet Explorer 8 are superior to this freetard shit in every possible way. Microsoft have invested billions of dollars in blood sweat and tears to deliver an exceptionally secure system and you people just take it for granted. What would you do if Microsoft were driven out of business because you thought you could steal from them and use Lumix and frebsd? You people disgust me with your Lunix and Crabble puke. Do you think you're special? Guess what... You're not! You can't think you can honestly get away with continually stealing the fruits of the billions of dollars Microsoft Research has invested in producing the intellectual property that you dorks so cavalierly pilfer to inject into your Gnom and KED and Quark shit. You all disgust me. You people need to look into the mirror and reevaluate your lives.

Re:Not new...

[paiute]

How could you even think of browsing the internet without Internet Explorer 8 on Microsoft Windows 7?

2/10: for using it's and your correctly.

Re:

[History's Coming To]

I need to look in a mirror and re-evaluate my life....

Actually, it's a very, very good troll that brings up some interesting points, so I'll bite.

The thrust of your argument is that older and/or non-company vended net software is dangerous when it comes to picking up viruses. There's an element of truth in that, a regularly patched system, be it *nix based or Windows is generally a good idea. This is, however, a different thing to having every possible update just for the sake of it. If I installe

Re:

[arth1]

Sure, the modern internet is very snazzy and all, but being able to "install and run our video codec" is asking for trouble if you just want to look at naughty ladies.

Ah, but many aren't satisfied with that -- they want the ladies to move too, which requires a codec.

Less is often more.

But far from always. Less clothes (to continue using the naughty ladies example) isn't more in -40 degree weather, trust me. No more than needed for the purpose is a better rule of thumb. If your need is to play HDMI video

Re:

[fractoid]

The thrust of your argument is that older and/or non-company vended net software is dangerous when it comes to picking up viruses.

It is? I thought it was that Linux (and free software in general) was claimed to be a rip-off of commercial software developments' IP. Which, while definitely not true in the broadest sense, you could make a case for. A lot of free software intentionally duplicates functionality found in popular commercial software as a way to get around paying for said commercial software. The problem is that the initial design of software is far harder to get right than the implementation, and I can easily see how a comme

Re:

[armanox]

Let me ask you this Mr. Coward - can you show me what the free world has stolen from Microsoft?

Re:

[armanox]

The article you site states an estimated development cost for the kernel. I requested evidence of something being stolen (usually refers to physical or intellectual property).

Re:

[Runaway1956]

I looked into the mirror. "How are you today, Mirrorimage?" "Oh, fine, except I get tired of hearing the Microsoft shills calling me thief, and worse." "Oh, don't worry about the shills. Do you realize what crummy lives they lead? Think about it." "Oh, wow - sucks to be so pathetic that you have to praise the unpraiseworthy. Suck even more to praise those unpraiseworthies who will never even notice or appreciate your pathetic noises." "Yep, you got it. I would rather BE a thief, than to be a shill.

Re:

[Xtifr]

removing your noses to spite your faces

I think that's supposed to be "removing your noses despite your faces". (Although I personally prefer "to spit in your faces".) :)

Re:

[Xtifr]

Yes, and it's also "cutting off", not "removing". Sorry, I guess my attempt at humor fell a bit flat there.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[mlts]

What I see as an attack vector are third party add-ons. You can have a secure browser, but if an add-on gets compromised, it is all for naught.

What it really will take is hooks to OS level protection for the Web browser. Microsoft got something right with the low security mode of IE7/IE8 in Vista/W7, but it would be good to be able to isolate add-ons completely from each other on the OS basis so they don't even share the same memory space as the browser, and absolutely no filesystem space, unless the user

Your Post is at Virus Risk!1! Scan?

[ackthpt]

The biggest security hole is Microsoft's version of the javascript interpreter. They should collaborate with Google and adopt the rewrite for Chrome, it would solve half the problems right there.

BTW, I found a virius in yor post - clikc this link to free triel of PostScan 2010!

IE 9 won't share WSH's JS interpreter

[tepples]

The biggest security hole is Microsoft's version of the javascript interpreter.

IE 9 will not use Windows Script Host's JavaScript interpreter. I predict that this change will make it easier for Microsoft to maintain the integrity of the sandbox.

Re:

[sconeu]

But then how can they claim that IE is an "integrated part of the OS" and not removable?

MSHTML

[tepples]

But then how can they claim that IE is an "integrated part of the OS" and not removable?

By continuing to use MSHTML for the help system. "Internet Explorer" itself is an insignificant piece of code, acting as a wrapper around an MSHTML browser control.

Re:

[JamesTRexx]

And topping that off I use Sandboxie [sandboxie.com] with Firefox on the Windows machines.

Re:

[tepples]

Why wait for IE 9 to not use WSH when I have a choice of great browsers that I can use right now that also don't use WSH?

Because you still need to use IE 8 even if only to download one of those great browsers. This reduces but does not eliminate your window of vulnerability.

Re:

[_133MHz]

Another way to make these really obvious is to use your operating system with any language other than English. Malware writers don't bother with localization, so their fake error messages always display in English regardless of your actual OS language. Even the USB autorun viruses are dead easy to spot, you know something's fishy when there's a lonely English menu option in the Autorun dialog, usually "Open folder to view files" while the rest aren't.

Amazingly, most people still click on the damned things.

Re:

[camperslo]

Imitating warning pages or other elements of the UI is not a new tactic.

Perhaps browsers could be developed to use some feature that 3rd party pages couldn't easily duplicate? It might not be practical to use colors/effects etc not supported by standard browser features, but maybe a browser could be designed to display some preset USER SPECIFIC DATA or graphic that javascript and other net-driven browser code does NOT have access to?

Re:

[AmiMoJo]

My bank has a user-selected image when logging in, just to prove that it is the real site. Unfortunately you can only select from a limited number of images (can't upload your own) but it does let you set two secret words that are displayed along with it.

Re:

[treeves]

Didn't say it was a new technique or tactic, just a new piece of malware.
Would you prefer they don't say it was new in the headline (makes it rather awkward: "Malware imitates warning pages"), don't report it at all, or what?

Themes

[characterZer0]

All the more reason to theme your window manager - it makes this stuff obvious.

Re:

[clang_jangle]

It's actually kind of hilarious sometimes to see windows-style fake error messages when browsing in Opera on FreeBSD.

Re:

[Smivs]

It's actually kind of hilarious sometimes to see windows-style fake error messages when browsing in Opera on FreeBSD.

Yeah, love 'em. Opera/Ubuntu

Re:

[daedae]

I saw one that replaced your HOSTS file to prevent you from going to symantec, kapersky, etc., and show a host not found error instead. Sadly, it wasn't clever enough to check your browser first, so it displayed the IE error page in Firefox.

Re:

[marcosdumay]

WTF is that, privilege unescalling? If you can already replace the HOSTS file, why would you change a page to get the user clicking on something?

Re:

[fractoid]

WTF is that, privilege unescalling? If you can already replace the HOSTS file, why would you change a page to get the user clicking on something?

Because you don't want them downloading and running a cleanup tool that would remove you from their system.

A few recent viruses/adbots/spambots/systemfuckers will do this. They'll do a few different tricks (patching I.E., changing hosts file, sabotaging downloads) to try and stop you from getting to any antivirus or recovery sites. It makes it virtually impossible to recover your system without a system cleanup live CD, which basically guarantees that your average non-technical user won't be able to fix t

Re:

[Rick17JJ]

I once encountered a fake "Microsoft Warning" message on my Linux computer. That was probably about 5 years ago. The "Microsoft Warning" said that spyware had been detected on my computer. The pop-up recommended purchasing a specific anti-virus product to fix the problem. Seeing the Microsoft pop-up was funny, since I did not have any Microsoft products at all installed on my computer.

On two occasions since then, I have also been diverted to websites that claimed to have detected spyware and viruses on my

Re:

[natehoy]

My understanding is also that there has not yet been any problem with Linux viruses circulating in the wild.

Not as much, but that doesn't make it impossible. Most Linux distro managers maintain ClamAV in their repositories. You might want to consider installing it.

Re:

[Nadaka]

There are have been a few over the years, just like for macs. Contrast that with 10s of thousands for windows.

Re:Themes

[qoncept]

So now we're up to, what, 1 legitimate reasons?

Re:

[anorlunda]

Uh thank you very much.

Practical and immediately useful advice from a Slashdot comment. What will they think of next?

Firefox personas

[Burz]

I thought it was weird of Mozilla to push the personas idea since it seems tacky. But it's true that the window frame represents the security context for an application like a web browser, and a uniform customization of the frame would make the browser more secure against window imitation threats.

Re:Themes

[bheer]

I don't understand; how does theming your window manager help against this? [microsoft.com] I'm assuming the malware bit is *inside* the Google Chrome window, so even if you themed your windows with say a Pikachu theme, the *insides* of the Chrome window would still contain the rogue site, imitating Chrome's red and white-colored malware block UI.

The only way out of this is if crucial error pages are protected with some sort of "sign-in seal", like Yahoo uses for its login screens.

 

Re:

[bill_mcgonigle]

I don't understand; how does theming your window manager help against this?

Theming probably doesn't, but assuming Google checks its dialogs for proper grammar probably does.

Re:

[couchslug]

"I don't understand; how does theming your window manager help against this? "

It doesn't.

If Windows users cared about avoiding these things, they'd browse using a virtual browser appliance, or browse using a second OS in a VM.

Portable VirtualBox allows fun things like .rar'ing a backup copy of a complete VM plus the software to run it, so if your VM is compromised you can simply delete it and extract a fresh copy.

http://www.dedoimedo.com/computers/portable-virtualbox.html [dedoimedo.com]

Re:

[UnknowingFool]

Not even that, just changing the color from the standard theme color is often enough. I don't know how many times I've seen Fisher Price blue "virus" warnings come up when my Windows theme color was silver.

Re:

[Ichijo]

All the more reason to theme your window manager - it makes this stuff obvious.

Unless, of course, the malware reads your theme configuration file.

Re:

[cheekyjohnson]

Actually, even that isn't required. People just need to stop running random executable files that they find on the internet. Seriously, I don't even have anti-virus software and I don't even get viruses because I avoid stupid shit that's obviously a virus. Also, using IE doesn't help, either.

Re:

[drumstik]

That's actually not near enough these days - you're far behind the times ;) These days all you have to do is see an infected add that slipped through, open a malicious PDF, put in an infected flash drive, etc. It's really sad to see Slashdot users - people who are supposed to be the cream of the nerd crop - spouting this decade old stuff as if Conficker never existed. If you run Windows and do not run an antivirus solution, you are bad at computer security, full stop.

Re:

[cheekyjohnson]

"you are bad at computer security, full stop."

Odd because I've *never* gotten a virus, and I don't use shitty browsers such as IE. The solution really *is* to not be an idiot, and you will avoid 99% of malware. Exploits are possible, yes, but they happen rarely, and certainly never happen to me. Seriously, the only reason that poorly made malware gets so many people is because 99% of the people who own computers barely know how to work a television remote.

Re:

[drumstik]

I hope you're right, and you're lucky. Because if you're wrong, you likely wouldn't know it. You'd just spew out whatever infection vector the virus uses (and perhaps have some banking passwords stolen, as well).

Re:

[cheekyjohnson]

Well, I do have anti-virus software, it's just not the kind that constantly looks out for viruses. I do scans every once in a while to get rid of spyware and such, but never really find any bad malware. I was mainly talking about the lack of need for that kind of anti-virus software.

Re:

[jpapon]

The solution really *is* to not be an idiot, and you will avoid 99% of malware.

Ah, but you see, I want to avoid all of it.

Re:

[cheekyjohnson]

"then you are as at fault as anyone"

At fault of what? That would be true if I had ever gotten a virus, but I haven't. In fact, no one I know that has any decent knowledge of computers has got a virus. Not because of some anti-virus software, but because they aren't complete idiots.

Re:

[fractoid]

These days all you have to do is see an infected add that slipped through, open a malicious PDF, put in an infected flash drive, etc. It's really sad to see Slashdot users - people who are supposed to be the cream of the nerd crop - spouting this decade old stuff as if Conficker never existed. If you run Windows and do not run an antivirus solution, you are bad at computer security, full stop.

In my years of running Windows, I never used a resident AV program (although I did periodic online scans) and I got a virus exactly *once*, when someone emailed me an executable asking "hay is this a viruz??" and I (not being used to the trackpad on my new laptop) accidentally double-clicked instead of click-and-dragged.

Then again I haven't run Windows at home for a few years now, so maybe it's rougher out there than it was. Back when I did run XP it was sufficient to just use a combination of Firefox, Ad

Re:

[maxwell demon]

Of course not. BTW, for your security, you should install KnowScript. You surely have heard about it. Get it at www.evilmalware.com :-)

Re:

[Yvan256]

I get asked every month or so to help someone fix their bloated windows zombie machine. I always suggest switching, but nobody has tried it yet.

Keep suggesting switching, help people switch if necessary. But for crying out loud, stop doing free technical support for Microsoft.

Re:

[kevinmenzel]

Because you couldn't do the same thing on Windows?

Why is this new?

[HockeyPuck]

There's plenty of rogue/fake AntiVirus programs [wikipedia.org] out there. Is the new part that they imitate your browser rather than looking like a real anti virus program?

Re:

[nigelo]

Well, let's see now; from RTFS:

"auto-detects a user's browser and then imitates the relevant malware warning pages from Internet Explorer, Firefox, or Chrome...relying on the user's trust in their browser, a tactic that hasn't been seen before".

So, mebbe?

Re:

[Even on Slashdot FOE]

All of the ones I have seen so far have no idea what I am running, so that sound like a new trick.

Possible solution

[OnePumpChump]

The first time the browser is used, create a security image like bank websites use. Store that image or the word used to generate it someplace where the malware will presumably not be able to access it.

Re:

[Darkness404]

It already looks different than the genuine protection page (where it says to download and "upgrade") and so for the technically savvy people that should be an obvious red flag, for everyone else, they wouldn't know the difference with or without a security image.

Re:

[jeffmeden]

"Proven antivirus protection fin one click!"

Whether it's shark fin, mahi fin, or tuna fin is user-selectable...

Re:

[Nadaka]

"Proven antivirus protection fin one click!"

Whether it's shark fin, mahi fin, or tuna fin is user-selectable...

They are french mal-ware writers.

What they really mean is "Proven antivirus protection ends in one click!"

Re:

[Thaelon]

There's a study out there [computerworld.com] that has proven that those security images don't work.

The new part of this

[querist]

One part is old - imitating the web browser error page, specifically the IE error page. I've had many a chuckle when running Galleon or some other Linux browser and seeing it pop up a well-imitated IE error page. The new part on this one is that they're checking which browser it is and making sure the error page matches the browser.

Get all the details at the conference.

[Just_Say_Duhhh]

Is this just an advance posting of a presentation at MalCon [slashdot.org]?

These guys really need a conference to hone their skills, and take advantage of everyone who doesn't read /. daily (because those of us who do read /. daily are too smart to be conned by these losers). Right?

Re:

[NevarMore]

(because those of us who do read /. daily are too smart to be conned by these losers). Right?

I see that you are new here.

Bit of Advice

[kid_wonder]

You spend all this time writing this creative software (malware)...

Try fracking finding someone who can proofread your english; it's abysmal and frankly embarrassing. I realize it is not your native language but this lack of attention to detail is exactly the reason you find yourself writing malware in the first place ... oh and why the only people you manage to trick into this are on the bottom side of the intelligence bell curve.

Re:

[click2005]

I would say let those idiots get scammed if they're stupid enough to fall for this sort of obvious fake.
Unfortunately it'll only get worse until some politicians get paid to propose a bill that will
require IPSs to filter bad traffic to protect Joe Public. ISPs will of course use that as an excuse to
get around any net neutrality rules that get proposed. Eventually all traffic not pre-approved will get
filtered/blocked/downgraded.

Re:

[Beerdood]

Lol at the firefox warning button here [microsoft.com]

"Get me our of here and upgrade"

So what, you're getting me one more 'our of browsing on this site before I have to upgrade? Allright, I'll upgrade in an hour.

Re:

[cheekyjohnson]

"oh and why the only people you manage to trick into this are on the bottom side of the intelligence bell curve."

So... 99% of the people that own computers?

Re:

[RJHelms]

I was going to post exactly this. The sample Google Chrome image in the article is immediately obvious as a fake because real Chrome warning pages have proper subject-verb agreement and don't have character encoding images. I imagine Firefox warning pages don't have the two buttons overlapping.

I'm really forced to wonder this about a lot of malware and phishing scams - I somewhat frequently get e-mails telling me I won an "iPhone-4G" on "Facebooks", how hard it is to get those right?

At the same time, I thin

Re:

[EvilIdler]

When people who actually sell the damn phones can't get it right (one major phone company sells "iPhone 4GS" here), I think most people aren't even sure how to spell most products they own. I've seen Toyota-owners misspell the brand of their car in creative ways too. Don't expect too much.

Re:

[flimflammer]

oh and why the only people you manage to trick into this are on the bottom side of the intelligence bell curve.

I disagree with this line entirely.

Sure, those of us at Slashdot may realize the obvious attempts at breaching our computers safety, but not everyone realizes they need to distrust and scrutinize every little thing they come across, especially when it looks like a very legitimate message from the browser itself (English errors notwithstanding). Even still, that doesn't make the completely stupid, just naive.

Re:

[idontgno]

not everyone realizes they need to distrust and scrutinize every little thing they come across, especially when it looks like a very legitimate message from the browser itself (English errors notwithstanding).

Experience keeps a dear school, but fools will learn in no other.
-- Ben Franklin

Re:

[arth1]

Naivety is a special branch of stupidity.
If you default to trusting, you are stupid, but far from alone. There's one born every minute.

Re:

[bill_mcgonigle]

oh and why the only people you manage to trick into this are on the bottom side of the intelligence bell curve.

Why would they want to compromise your computer? You're smart enough to notice and take action, it'll be out of their botnet in hours. That's just more accounting and command-and-control overhead for little benefit.

Re:

[jeffmeden]

Thanks you for a advice. Are you available profread for me? Pay $1000 day, work at home. Send name and bank number to malgod@malgot.org an will advance you paymet for first work.

Corrction: malgod@malgod.org

You owe me $1000, send me your bank account number and I will collect the fee directly.

Re:Bit of Advice

[LocalH]

Corrction: malgod@malgod.org

Correction: "Correction"

You owe me $10,000, as I'm charging my standard rates for proofreading for proofreaders.

Security Fix Schedule

[ackthpt]

Firefox will have it fixed within hours.
Chrome will have it fixed within days.
Microsoft will issue a patch with in months.

Re:

[nasalicio]

If that wasn't so true it'd be hilarious. Sadly, too, you can be assured that if/when MS does release a patch, they will wait until a Tuesday to do so.

Re:

[mrsquid0]

> Firefox will have it fixed within hours.
> Chrome will have it fixed within days.
> Microsoft will issue a patch with in months.

Apple will ignore it.

Re:Security Fix Schedule

[gaspyy]

That'd be the day - when a browser developer can issue a patch for human stupidity.

But that web site was SECURE!

[Junior J. Junior III]

The .gif image of a shield SAID SO!

Re:

[jeffmeden]

This part never fails to amuse me. An arbitrary image that happens to say "it's safe because I said so, and look; I even know what day it is today!" makes me feel GREAT about the web site. It needs to say "go find the lock icon in your browser. does it look locked? good. on your way."

Linux users

[digitalhermit]

Bastards, I use Elinks. Couldn't they at least humor me and do background=#00000000 and set the font to courier 10 in neon green?

Malware?

[dandart]

Is there a Linux port? I'd love some malware. I miss having people trying to install software on my computer without permission! Maybe I should go get a Mac.

Re:

[Yvan256]

What's funny is all those fake warning boxes trying to trick me.

"Windows XP has detected a problem!" ...really? I thought my Mac mini was running Snow Leopard!? I guess I was wrong!

Just Hurting Kids and Old People

[ideonexus]

What offends me most about these malware tactics is that I'm savvy enough to recognize the spoof, but the low income kids and old people in my neighborhood aren't. I know not to click on anything that pops up in my browser when I'm surfing, but every week I get people on my porch needing help cleaning out their infected systems, which I do and they get infected again within a week. How can these malware authors take pride in preventing little kids and old people access to the Internet or their software? Where's the sport? What pathetic losers.

Re:

[smegmatic]

Malware authors are not the first dishonest people to make money off of children and old people. I doubt they care if you think they are "pathetic losers". I doubt they take pride in what they do. I doubt they're doing it for sport. They just want some money.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[iopha]

Wikipedia tells me that some of the people pushing this "rogue software" that masquerades as legitimate security product clear hundreds of thousands of dollars per month. These aren't the hackers of yore, hunting for vulnerabilities as a kind of intellectual exercise, or just looking to crow about their exploits on IRC. There's money to be made, not like twenty years ago, when you'd get the Stoned virus from a dial-up BBS download of an ANSI art editor and kind of think it was neat.

Re:

[WillDraven]

The fucked up thing about the whole thing is most of these malware writers are kids and/or people with kids in shitty environments. They do work like this because Bob down the street bought a new bike with the money he made selling spam bots, and my kids are fucking starving, so fuck those rich people I'm infecting their computers to send spam to pay my bills.

You want to get rid of spam and malware?

Fix the global economy so nobody is poor.

What about us?

[Yvan256]

...auto-detects a user's browser and then imitates the relevant malware warning pages from Internet Explorer, Firefox, or Chrome.

What about Safari and Opera users?

Re:

[RJHelms]

Real Safari users use Chrome.

Re:

[Yvan256]

I know both use Webkit, but I think they use different Javascript engines.

Re:

[Yvan256]

Safari is available on Mac OS X, Windows, iPhone, iPod touch and iPad.
Opera is avaiable on Mac OS X, Windows, Linux, Nintendo Wii and Nintendo DSi, and a shitload of smartphones.

Still think there's only three Safari or Opera users?

Re:

[Yvan256]

It's not Opera, it's Opera mini. Almost the same name, huge difference.

Seen it

[ReederDa]

I've actually seen this malware in action. If you're infected and it decides to start running, there's not really much you can do. Disables the task manager as well. Library computers are most at risk.

Re:

[WildBlueYonder]

Not only does it disable the task manager, this (or a variant of it) disables Control Panel and ways to get to useful parts of the control panel without going through it (like running msconfig.exe directly). They also change your proxy settings on your web browsers so that you can't go online to attempt to trouble shoot the problem. At this point even an above-average computer user can be flummoxed as most of the basic tools are taken away from them. Although after this point they kinda drop the ball. Once

Re:

[cbhacking]

Disabling task manager means nothing.

%windir%\system32\perfmon.exe /res - resource monitor. All the information you can get from Taskmgr, and a whole lot more. For bonus point,s it allows you to suspend (without killing) processes. There's a lot of malware that won't auto-resume a suspended process but will auto-restart a killed one.

tasklist/taskkill - ps and kill for Windows. Not as powerful as either, but perfectly valid tools for killing problematic processes.

Powershell (included with recent Windows vers

Grammar

[yoyhed]

Looking at these new screenshots, they STILL have fucking grammar issues. If I'm going to fall for something, it's not going to be an error page with spelling errors and unnecessary exclamation points. How hard would it be for these fuckers to find a native English speaker to proofread their shit for them? Jeez.

This is why i still use lynx

[Nyder]

God I love lynx. Can't infect my shit.

Of course, i have to borrow my neighbors computer to post here, lynx don't do web 2.0.

But I'm sure there's be a lynxweb2.0 fork anytime now...

Users must pass the Turing test - no exceptions

[Torodung]

The solution to this problem is to teach users to think for themselves, and to understand what's being asked of them. You sure as hell wouldn't trust a brand new doctor if he put you in for major surgery/medications after simply taking your weight ("Ooh, you're heavy, let's put a staple in your stomach"), why would you trust some inane browser message to do the same to your computer?

Any user must know what their level of aptitude is, know their limitations, and think for themselves (which is not the same as