Apparent SHeur2 or gadmon issue

Hello, and thanks in advance for any help you can provide. This takes a little exposition since I only have one file to attach. Friday I got a spontaneous IE popup, which is odd since I don't use IE on the machine. I updated spybot S&D which had been installed, and ran - no issues. I did a full AVG scan - 3 instances of what was called SHeur2.GAS indicated as removed. Windows had updates ready to install but not yet installed. I hit install for those. Then things got weird. Couldn't get back to windows update page, AVG stopped updating and said it couldn't find the server. Couldn't get to majorgeeks.com, and we're off. A friend tried some stuff, but to no avail. I did some checking here and at other sites on a different computer, and it appears that the files that may be causing the problems are gadcom.exe and csrssc.exe, which I can't get rid of.

Next, I got to here and went through the steps in read and run me first. Everything completed that could be completed, with explanations for things not completed:
1. sun java 1.6 v7 won't uninstall, sun java 1.6 v11 won't install
2. SUPERAntispyware won't install
3. spybot was already installed - now it won't run or reinstall
4. malwarebytes was installed in safemode - won't install in regular and won't run in regular
5. combofix won't install - tried the error correction stuff to no avail

Good news (if there is any) is that MGTools installed and ran, resulting in the attached log. During running it, a note does pop up that registry editing has been disabled by the administrator - but the account I'm using is an admin account with all rights and privileges. I ran it a few times. Posting all from a different computer, as the other one won't go to any site that might appear to offer help.

Thanks in advance for any help you can offer.

 

Thanks for the response. I had been browsing the forum for similar issues on installing the software, and I apologize for going off the program, but I followed these instructions in an earlier attempt to get the apps installed:

After reboot, AVG immediately popped up with the resident shield - after I turned that off, I attempted to install the programs. All installed correctly except SuperAntiSpyware. The various scans (and Spybot S&D) appear to have caught and fixed Simtfraud-c, gadmon, SHeur2, and some others. I have those logs and will attach if you want, but here are the latest logs from all but SuperAntiSpyware.

Tonight, I followed your analyse.exe instructions - only finding the O3 toolbar entry - the other two were not there. SAS still doesn't install. The attached logs are run after the removal of that. Computer appears otherwise to be running well.

One more note - still cannot uninstall JRE 1.6 v 7 - get the transform failure and have been unable to take care of it. Also, JRE 1.6 v 11 still won't install - get error 25099.

Thanks again. You guys are computer savers.

 

Thanks again.

Have successfully uninstalled Java old version and successfully installed v11.

Ran the fixme.reg and got a note that it had been successfully performed.

Ran ccleaner.

Ran the wrong MGtools (ran MGtools.exe - sorry, had closed browser and messed that up). Re-ran mgtools\getlogs.bat.

Computer appears to be running well with no issues.

Log attached.

 

Big thanks to Corporal Punishment, who deserves a promotion, and to chaslang.

No further problems evident. Will follow final steps.

 

In following the final steps, I cannot seem to find any way to get to system restore. It's not where the clean guide says it should be, and it's not where Windows XP says it will be. Any thoughts?

Thanks

 

All is now taken care of - after a reboot into safe mode, then a regular reboot, I was able to disable and reenable system restore.

Thanks again!

 

Sorry to be back, but I'm having another issue. I had Adobe Acrobat Reader installed on the system before all this and I could view pdf files. Now, I can't. The Adobe folder is gone. I downloaded the Adobe Reader 9.0 installer, and when I attempt to install, I get Windows error 1303.

System is Windows XP Home Edition SP3

I tried booting into safe mode to install, logged in as Administrator, and get the message that the Administrator has set privileges that do not allow installation.

Could something done in the removal of malware, or by the malware itself, broken the installation privileges? The user account is also listed as an Adminstrator.

Any suggestions? Thanks in advance.

 

Also, Windows critical updates labeled Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.0 Service Pack 1 will not install.

 

Thanks. I must have had a browser plug-in that allowed me to look at pdf files. Couldn't install the subinacl file but rooted around the software forum and found steps for taking ownership of folders, then assigning permissions. Turns out the administrators account didn't have ownership of the Program Files folder - tough to install without that. Took ownership and re-applied permissions, and all works.

Thanks, and I'll quit bugging you.