First, I had Ewido Anti Malware quarrentine SpywareStrike.exe, though I think I could have just deleted the file. DO NOT USE THE UNINSTALLER.
Then I used killbox to delete and unregister the netwrap.dll. Before that I had been been using it to kill svchost.exe, assuming it was infected. This would also delay that pop up ballon, which made me think there is a relationship there. Then I saw your post, and killed both of them.
Once Killbox finished with netwrap, I then used hijack this to delete any reference to spyware striker.
So far, the system seems free of reinfection.
However, I had to clear the system of a few trojans before I did any of this, so if you are getting it again, I imagine there is still a trojan on the system somewhere, reinstalling it. I guess we'll see if this system stays free of reinfection.
I should mention that this is so new, Spybot, Adaware, Microsoft - none of them even see it. Only Ewido even detects Spyware Striker, though all it does is quarrintine the exe file, it doesn't kill that balloon. I should also mention stopped system restore from saving checkpoints and purged it, because from what I could tell, it was reinstalling from the restore file.
Edited by lpmiller, 06 January 2006 - 03:34 PM.