The last few days, I've been encountering a fairly recent SmitFraud variant called IE Antivirus. It hasn't been difficult to remove, but it isn't detected by current versions of several standard tools. NOD32 (both the online scan and the installed software) fails to detect it, as does NAV 2007, Spybot 1.5, and ComboFix. However, Smitfraudfix seems to kill it just fine, though it misses some of the other malware I'm seeing associated with this variant.

So far, every instance of this beastie that I've encountered also seem to be accompanied by Starware's malware, though it isn't clear whether the infection actually came from Starware's website, or another site. Last week, one of my daughters tried to play a game on Neopets, and the link opened an IE window from within Firefox which reported numerous "infections", urged her to download IE AntiVirus, and attempted to install an ActiveX control. I'd post the link, but it became inactive within hours after the incident.

What I've so far found to be effective in killing this is: 1. run ComboFix. This removes some of the Starware files, but not all, and it is likely to catch some of the more common, hard to remove nasties that you might find bundled with your specific infection. 2. run Spybot. This should remove any Starware files left over and catch most of the other "bonus" software you might find on the infected computer. 3. run Smitfraudfix. This should leave you with a clean computer.