Closing potentially dodgey websites and avoiding close event scripts

Heres a curly one for you all. I was asked by a client what do when they came across one of those popup windows such as the fake virus scanner ones where they get the message window suggesting their site may be infected and would they like their machine scanned.

Now I warned them that even just closing this message box via the cross gave the writers an opportunity to run more script via the windows close event. (not 100% sure of this). I was then asked if shutting the browser down via the task manager would bypass this event but I was not certain of the answer here so I thought I would ask here to see if anyone knew.

So is there a best method of getting out of those sites like the pretend virus scanning ones to minimise the risk of dodgy scripts being run?

I usually just close them (with the browser’s close button, not any ‘Close’ links/buttons on the actual page) and it’s fine. If another one pops up I try to close it quickly before it’s finished loading which ought to stop any Javascripting. That said I can’t recall coming across any that persistant in a long while.

In what browser and OS? It should be easy just to close the tab on the browser.

Well it’s windows xp in this case and the client uses IE. However in the case of the popup message boxes you cant close the window/tab until you have closed the messagebox. And in some cases closing the window is not a lot of help as that can trigger scripts that just open new ones.