Question

After four days of "done" and a day of "Couldn't create process" (which was fixed by removing all other stray "UNINSTALLED" anti-virus program files from appdata and manually searching and deleting files from registry). Now I am back to "Done". I usually just close the installer after a few minutes of "done", then I rant and rage for a few minutes and start over with searching my computer for running processes that may be blocking the install. But I ended up leaving it for half an hour and "done" became "Msi Transaction Owner Change Failed".
I did notice this in previous Logs, I do not have those old logs, at the bottom of the log there were repeated (line after line for upwards of 20 entries) of the "msi transaction owner change failed".

 

I hope this link works for Ad-aware Antivirus, I have never used Dropbox but the file was too big to upload here.

MSIc8bec.zip

System Info.zip

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

"Viper", maybe that are left-overs of Ad-aware version 10, in that version Lavasoft didn't use the Bitdefender engine but another one. If you need it, it's possible that I can help you with the FRST logs on Monday.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0

"Viper", maybe that are left-overs of Ad-aware version 10, in that version Lavasoft didn't use the Bitdefender engine but another one. If you need it, it's possible that I can help you with the FRST logs on Monday.

Thank you. After I've finished going through these logs, I will rescan with FRST and upload the logs for next week if I dont resolve the issue through the weekend. It's quite the educational experience, that's for sure.

Share this post


Link to post
Share on other sites
  • 0

Absolutely. It will definitely cut out a lot of time and troubleshooting to head straight for the graphics card and update it. I've seen so many people resolve their issues by updating the graphics card.

 

Share this post


Link to post
Share on other sites
  • 0

Absolutely. It will definitely cut out a lot of time and troubleshooting to head straight for the graphics card and update it. I've seen so many people resolve their issues by updating the graphics card.

 

:)

 

How is it going for you?

Share this post


Link to post
Share on other sites
  • 0

:)

 

How is it going for you?

Not any better than it was... "Network Protection Engine" is blocking my ability to uninstall and reinstall - I can't even rewrite the current files. I've even tried using Windows fix uninstaller again - it's all still there... every bit of it. It will NOT uninstall from my system. Its removing the Malware Engine - I'm watching the files hit the trash (which is auto-emptied) but its all STILL THERE... it's like its just writing over itself, repairing itself, and pissing me off... Its actually funny, I wanted AdAware back, I got it back all right... now I can't get rid of it so that I can try to upgrade to 12 LOL

Share this post


Link to post
Share on other sites
  • 0

FRST Addition file shows loaded nodule:
2016-12-15 13:05 - 2016-12-15 13:05 - 01645816 ____C () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareNetworkProtection.dll

BUT IT'S NOT ACTUALLY THERE... Appears I am missing the Network Protection.dll file - being why nothing works... so I am probably missing SEVERAL files, like I received an incomplete install... blergh so hard just BLERGH... I'll fight with it and try to remove it all from my system tiny bit by tiny bit and start over again ... If there is a way that I can uninstall this nonsense AND clear all traces from my system so that I can 100% CLEAN install, that would be fantastic.

thanks again for your patience and time.

Share this post


Link to post
Share on other sites
  • 0

FRST Addition file shows loaded nodule:

2016-12-15 13:05 - 2016-12-15 13:05 - 01645816 ____C () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareNetworkProtection.dll

BUT IT'S NOT ACTUALLY THERE... Appears I am missing the Network Protection.dll file - being why nothing works... so I am probably missing SEVERAL files, like I received an incomplete install... blergh so hard just BLERGH... I'll fight with it and try to remove it all from my system tiny bit by tiny bit and start over again ... If there is a way that I can uninstall this nonsense AND clear all traces from my system so that I can 100% CLEAN install, that would be fantastic.

thanks again for your patience and time.

Disregard the whole "Missing file" bit... but if there is some means of removing AdAware files in their entirety, please let me know...

Share this post


Link to post
Share on other sites
  • 0

I can help you removing more with the help of FRST, please scan and upload FRST.txt and Addition.txt.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0

I can help you removing more with the help of FRST, please scan and upload FRST.txt and Addition.txt.

grumble grumble

I still have AdAware in the scheduled tasks AND AdAware Drivers (bitDefender, ThreatTrack and GFI), those are just the listings I can identify I believe a few of the "X"'d listings on whitelisted drivers are also AdAware. That being my biggest issue now, identifying components of AdAware that aren't signed as AdAware, Ad-Aware or Lavasoft

Addition.txt

FRST.txt

Share this post


Link to post
Share on other sites
  • 0

1. I see that SUPERAntiSpyware is running, please keep it disabled since it might disturb (un)installation of adaware antivirus.

2. There are pieces of adware Conduit in the log file, I suggest that you use AdwCleaner to get rid of it.

 

3. Please, start Notepad.
Copy all text that is in the box:

CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKU\S-1-5-21-2027619272-3895658584-1614262663-1001 -> DefaultScope {DA444DCF-78B6-40C7-B80D-C4B9C9A219F5} URL = 
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 gfiark; C:\windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\windows\System32\drivers\gfibto.sys [14456 2013-08-04] (GFI Software)
R0 ignis; C:\windows\System32\drivers\ignis.sys [300840 2016-08-15] (Bitdefender)
S3 avchv; system32\DRIVERS\avchv.sys [X]
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]
2017-02-24 10:04 - 2017-02-24 10:04 - 00000000 ___DC C:\Users\Nichole\AppData\Roaming\Lavasoft
2017-02-24 10:03 - 2017-02-24 10:03 - 00000000 ___DC C:\ProgramData\BitDefender
2017-02-24 10:01 - 2017-02-24 10:01 - 00000000 ___DC C:\Users\Nichole\AppData\Roaming\LavasoftStatistics
2017-02-24 09:59 - 2017-02-24 09:59 - 00000000 ___DC C:\Program Files\Lavasoft
2017-02-24 09:57 - 2017-02-24 09:57 - 00000000 ___DC C:\Users\Nichole\AppData\Local\Lavasoft
2017-02-24 09:23 - 2017-02-24 09:23 - 00000000 ___DC C:\ProgramData\Lavasoft
2017-02-23 20:30 - 2017-02-23 20:30 - 00000000 ___DC C:\Users\Nichole\AppData\Local\AdAwareUpdater
2017-02-23 20:24 - 2017-02-23 20:24 - 00000000 ___DC C:\ProgramData\adaware
Task: {45EBFAA6-6E57-41BB-B8F3-84F128D1F1AC} - System32\Tasks\{88DF196E-C440-4B83-9E6F-4F3AA1C1F3C3} => msiexec.exe /package "C:\ProgramData\adaware\adaware antivirus\msi_cache\3213e784-cabb-4c97-93a6-84f8b3d40a5a\AdAwareUpdater.msi"
Task: {4AEDFCC6-762F-417D-86CC-D43A73BC5CC9} - System32\Tasks\{74D782DF-30EE-4F81-87EA-63C91FB1CE8B} => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe 
Task: C:\windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
FirewallRules: [{6985D172-D3DA-4C04-BC79-7C88CC021B4F}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{61A074D7-5F26-4DA4-8E31-DD945ABE328C}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{96187D50-197C-40E0-8C7E-03DAD04124B9}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{E58E58C9-48ED-4E2E-87B1-F26367D5A57B}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{6A4999B9-63BF-4E85-B74E-94422957B036}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{81C2F85F-B3C7-4A20-A9A5-0979730C6624}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{B46D8FEE-CC24-4069-AF0D-AF3197B9A409}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{58D0F5D8-CBF7-43D0-A37F-773F81B6A165}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [TCP Query User{D8E4370C-58BE-4B3D-9EFE-3738D219C3FC}C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [UDP Query User{AD6D0B91-EE1B-4BF9-AD1F-2B6A6EA60AE0}C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe
Reboot:

and paste in Notepad. Check that no files have been split on two lines.
Save the file as fixlist.txt on the desktop.

Exit all programs.
Start FRST, please.
Click the Fix button.
Wait until the tool has finished.

It creates a log file, called Fixlog.txt, on the desktop.
Please, paste the content of that file in your reply.


4.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
UAC (User Acess Control) have a lower setting than default for Administrators, ConsentPromptBehaviorAdmin is usually 5.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0

omgah. Thank you! I have never dealt with more stubborn files in my life. Before I spam with the "fix" (I excluded the repeat of the fixlist since telling you what you told me is redundant) Can you please explain #4 ?

The fix:

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => key removed successfully
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => key not found.
HKU\S-1-5-21-2027619272-3895658584-1614262663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\System\CurrentControlSet\Services\gfiark => key removed successfully
gfiark => service removed successfully
gfibto => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\gfibto => key removed successfully
gfibto => service removed successfully
ignis => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ignis => key removed successfully
ignis => service removed successfully
HKLM\System\CurrentControlSet\Services\avchv => key removed successfully
avchv => service removed successfully
HKLM\System\CurrentControlSet\Services\SBRE => key removed successfully
SBRE => service removed successfully
"C:\Users\Nichole\AppData\Roaming\Lavasoft" => not found.
"C:\ProgramData\BitDefender" => not found.
"C:\Users\Nichole\AppData\Roaming\LavasoftStatistics" => not found.
"C:\Program Files\Lavasoft" => not found.
"C:\Users\Nichole\AppData\Local\Lavasoft" => not found.
"C:\ProgramData\Lavasoft" => not found.
"C:\Users\Nichole\AppData\Local\AdAwareUpdater" => not found.
"C:\ProgramData\adaware" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45EBFAA6-6E57-41BB-B8F3-84F128D1F1AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45EBFAA6-6E57-41BB-B8F3-84F128D1F1AC} => key removed successfully
C:\windows\System32\Tasks\{88DF196E-C440-4B83-9E6F-4F3AA1C1F3C3} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{88DF196E-C440-4B83-9E6F-4F3AA1C1F3C3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AEDFCC6-762F-417D-86CC-D43A73BC5CC9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AEDFCC6-762F-417D-86CC-D43A73BC5CC9} => key removed successfully
C:\windows\System32\Tasks\{74D782DF-30EE-4F81-87EA-63C91FB1CE8B} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{74D782DF-30EE-4F81-87EA-63C91FB1CE8B} => key removed successfully
C:\windows\Tasks\Ad-Aware Update (Weekly).job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6985D172-D3DA-4C04-BC79-7C88CC021B4F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61A074D7-5F26-4DA4-8E31-DD945ABE328C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96187D50-197C-40E0-8C7E-03DAD04124B9} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E58E58C9-48ED-4E2E-87B1-F26367D5A57B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A4999B9-63BF-4E85-B74E-94422957B036} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81C2F85F-B3C7-4A20-A9A5-0979730C6624} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B46D8FEE-CC24-4069-AF0D-AF3197B9A409} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58D0F5D8-CBF7-43D0-A37F-773F81B6A165} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D8E4370C-58BE-4B3D-9EFE-3738D219C3FC}C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AD6D0B91-EE1B-4BF9-AD1F-2B6A6EA60AE0}C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe => value removed successfully


The system needed a reboot.

==== End of Fixlog 10:44:40 ====

Share this post


Link to post
Share on other sites
  • 0

All righty. I have uninstalled, cleaned, fixed, rebooted umpteen times, fixed that registry entry, turned off Windows Update, stopped other program updaters on startup stopped SuperAnti Spyware on startup, ... Reinstalled AdAware 12...

Error: msi transaction owner change failed.

2017.02.28_11.43.39.358359_Adaware_Installer_pid=4928.txt

2017.02.28_11.47.34.971182_AdAwareUpdater_pid=4440.txt

20170228T194650.024502PID4440_AdAwareUpdater_EmergencyLog.log

Edited by nichole811559

Share this post


Link to post
Share on other sites
  • 0

adaware software asks if you allow them to connect to your computer to try to solve the problem. You'll see everything they do, and you'll be able to stop them and communicate with them. If you accept it, please send me your email address in a PM. adaware software will respond in another PM and later on send you a file by email.

Share this post


Link to post
Share on other sites
  • 0

adaware software asks if you allow them to connect to your computer to try to solve the problem. You'll see everything they do, and you'll be able to stop them and communicate with them. If you accept it, please send me your email address in a PM. adaware software will respond in another PM and later on send you a file by email.

Okay, I sent you my email. I was getting ready to gather and upload files when I got this message. Are the files still needed?

Again, I thank you sofreakingmuch for your help and patience.

Share this post


Link to post
Share on other sites
  • 0

You're welcome :)

 

They don't need to see the content of any folders etc. before they connect to your computer.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0

End results:
AdAware 12.0.649.11190 will *not* function in any capacity unless I disable graphics driver

I can not install, open, scan, repair, uninstall or otherwise touch anything AdAware, anywhere on my computer with the graphics driver active. This means that AdAware is not recognized as desktop shortcuts, start menu shortcut, C:\(anywhere), Programs and Features, or the icon in the bottom right of my desktop

"Network Protection Engine" does not initialize (even with graphics driver disabled) therefore blocking updates, repairs and uninstall attempts.
Thanks to the attempts made today through remote-connect I DO have AdAware again, but it does not recognize that it is in fact updated so it is not functioning properly. I am able to scan my system manually with Display Drivers disabled, so I'm going to leave everything as it is until the next update is released with fixes.

 

I truly appreciate all of your help Cecilia. Now that I have a partially functioning antivirus program again...
Can you please tell me how to get my password reset so that I can, hopefully, get my Pro version back? I've asked for a PW reset but the email never goes through and I'm locked out of my account.

Share this post


Link to post
Share on other sites
  • 0

End results:

AdAware 12.0.649.11190 will *not* function in any capacity unless I disable graphics driver

I can not install, open, scan, repair, uninstall or otherwise touch anything AdAware, anywhere on my computer with the graphics driver active. This means that AdAware is not recognized as desktop shortcuts, start menu shortcut, C:\(anywhere), Programs and Features, or the icon in the bottom right of my desktop

"Network Protection Engine" does not initialize (even with graphics driver disabled) therefore blocking updates, repairs and uninstall attempts.

Thanks to the attempts made today through remote-connect I DO have AdAware again, but it does not recognize that it is in fact updated so it is not functioning properly. I am able to scan my system manually with Display Drivers disabled, so I'm going to leave everything as it is until the next update is released with fixes.

 

I truly appreciate all of your help Cecilia. Now that I have a partially functioning antivirus program again...

Can you please tell me how to get my password reset so that I can, hopefully, get my Pro version back? I've asked for a PW reset but the email never goes through and I'm locked out of my account.

Hello,

 

if you disabled graphical driver and install adaware and then enable it again it won't works. AdAware can't works with your current graphical card. I recommend you to wait next release. There it should be fixed. Thank you.

Share this post


Link to post
Share on other sites
  • 0

Can you please tell me how to get my password reset so that I can, hopefully, get my Pro version back? I've asked for a PW reset but the email never goes through and I'm locked out of my account.

Did you use the same email address when you purchased the program as the one adaware software used when connecting to your computer?

Share this post


Link to post
Share on other sites
  • 0

Now that I have a partially functioning antivirus program again...

Can you please tell me how to get my password reset so that I can, hopefully, get my Pro version back? I've asked for a PW reset but the email never goes through and I'm locked out of my account.

I've sent a PM to you with a new password.

Share this post


Link to post
Share on other sites
  • 0

Hello,

 

if you disabled graphical driver and install adaware and then enable it again it won't works. AdAware can't works with your current graphical card. I recommend you to wait next release. There it should be fixed. Thank you.

Most definitely waiting. Thank you for all of your help and hard work!!!

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this