Yesterday, while researching some blacklisted domains, we came across five rogue scanning UIs hosted from a single URL.That's five scams for the price of one and we only needed to refresh our browser. All of our screenshots were taken from a computer running Linux.The first one called itself AntivirusPlus and wanted its victim to Erase infected.Next, we refreshed, and there was another version of AntivirusPlus (red & white emblem) asking the victim to Protect now.Refreshing again, and it became XPert Antivirus (again with red & white emblem).But then back to AntivirusPlus on the next refresh, this time with a friendly 7 on the left side and an option to Turn on.And last but not least, the classic Windows XP look and feel.Before the XP UI was launched, this prompt was displayed:Hmm… notice anything interesting about the Cancel button? We have just one thing to say to that.Spasibo, ne nado.