Windows 7 Bad Driver AvgIdx64 Causing Start Failures

DanV

New Member
Event Viewer in my Win 7:
The following boot-start or system-start driver(s) failed to load:
Avgldx64

This is the train of events that lead to trouble:
1. I had AVG free for months and never had any problems with it.
2. 3 weeks ago I downloaded IObit Ultimate and Iobit Malware Fighter to compare it to AVG. That's when the problems began. First, AVG crashed. I tried to uninstall and install it again, but new install failed several times, so I gave up. I uninstalled it completely, but I think I saw two folders with AVG name somewhere on my laptop left.
3. I had to uninstall IObit in Safe Mode, because it was causing tremendous slowness and freezing which eventually lead to shutdown and start failure, so I got rid of that.
4. I thought I solved it, because for a week or so everything got back to normal - speed, performance.
5. The last two times I had boot failures, and the diagnostics showed a message "Bad Driver" something. So, I launched the event viewer and found the above-mentioned bad driver causing boot failure.

You have probably estimated my tech level by now. This little Dell Inspiron is my working horse, I need it, and these problems are scaring the hell out of me. What do I do?
With Avg uninstalled, I do not see how I can find this bad driver to uninstall it.
Any advice would be very much appreciated!
Thank you!
 
Check the AVG site I belive thay have their own unistaller to make sure all file are removed.
Thanks! Not helping so far. Their uninstaller does not see the program, or any of its components, since I previously uninstalled it. What a mess.
 
First.... that looks like a 64bit driver so make sure that you use the correct removal tool (the latest version 2014) for your architecture (32bit x86 or 64bit x64) from HERE
If still no joy then you may want to run a search for that driver likely with a .sys extension on your C:\ drive.
It'll likely be here C:\Windows\System32\drivers but it could very well be elsewhere as well. You may want to use something the Everything by VoidTools from HERE
or Agent Ransack by MythicSoft from HERE
If and when you find it you may want to consider renaming it with a different file extension like
AvgIdx64.sys to AvgIdx64.OLD
See if that provides any relief from your current issue.
 
First.... that looks like a 64bit driver so make sure that you use the correct removal tool (the latest version 2014) for your architecture (32bit x86 or 64bit x64) from HERE
If still no joy then you may want to run a search for that driver likely with a .sys extension on your C:\ drive.
It'll likely be here C:\Windows\System32\drivers but it could very well be elsewhere as well. You may want to use something the Everything by VoidTools from HERE
or Agent Ransack by MythicSoft from HERE
If and when you find it you may want to consider renaming it with a different file extension like
AvgIdx64.sys to AvgIdx64.OLD
See if that provides any relief from your current issue.
Thank you!!
I just finished with your first suggestion. I ran both AVG remover 2013 and 2014 for 64 bit.
The 2013 remover did something and restarted the system, after which Mozilla Firefox started updating itself. The 2014 did not even find anything to uninstall or clean. However, I followed these instructions and manually removed the leftover files and folders:
C:\Program files(x86)\AVG
C:\ProgramData\MFAData

as well as some IObit leftover folders there.
I have been using the Wise Program Uninstaller and Jet Clean's Uninstaller, as well as traditional Windows Uninstaller for AVG and IObit, and they all seem to be over-advertised.:mad:

Afterwards, I ran Comodo Clean Endpoint which restarted my system twice. I then restarted it myself, and so far no problem occurred.
I found a similar thread on AVG with AVG and IObit and bad driver all in one.
I will see if I can sort out your other suggestions. Thanks a lot!:)
 
If still no joy then you may want to run a search for that driver likely with a .sys extension on your C:\ drive.
It'll likely be here C:\Windows\System32\drivers but it could very well be elsewhere as well.
There are 8 of them:
avgidsdrivera.sys
avgidsha.sys ----- this one loads even in Safe Mode
avgldx64.sys ---- Renamed
avgloga.sys
avgmfx64.sys
avgrkx64.sys
avgtdia.sys
avgtpx64.sys

Do I rename them all? or just the avgldx64.sys one?
Not funny - my Comodo Virtual Kiosk stopped loading:waah:
 
Last edited:
There are 8 of them:
avgidsdrivera.sys
avgidsha.sys ----- this one loads even in Safe Mode
avgldx64.sys ---- Renamed
avgloga.sys
avgmfx64.sys
avgrkx64.sys
avgtdia.sys
avgtpx64.sys
Do I rename them all? or just the avgldx64.sys one?
That would be my suggestion (rename them all).... make sure you are "showing extension" and just rename the .sys to .OLD
That is generally a very safe way of doing things, reasonably easy to reverse if anything untoward happens. After a few successful reboots without issue you can then locate them easily and get them off your system.

NOTE: As a general rule of thumb, avoid installing two Anti Virus products simultaneously. Make sure one is completely and successfully removed before installing a second.
 
It booted ok 5 times in a row. The 6th one was a failure again.
That would be my suggestion (rename them all).... make sure you are "showing extension" and just rename the .sys to .OLD
That is generally a very safe way of doing things, reasonably easy to reverse if anything untoward happens. After a few successful reboots without issue you can then locate them easily and get them off your system.

NOTE: As a general rule of thumb, avoid installing two Anti Virus products simultaneously. Make sure one is completely and successfully removed before installing a second.
Thanks, will do. I am currently re-installing Comodo Firewall, because I want my Virtual Kiosk back. This is some sort of a grotesque fairy tale gone bad.
 
No, did not fix it. It boots 50/50 - one corrupted boot that boots Windows, but it won't respond and shows the blue screen, file attached. The next time it boots right.
Now, I have
The following boot-start or system-start driver(s) failed to load:
AVGIDSHA
avgtp
oodivd
oodivdh

What am I doing wrong?
 

Attachments

  • BlueScreen.txt
    720 bytes · Views: 404
WinKey + R and type msconfig (hit enter or click OK)
Select the startup tab look for any references to AVG
The last two are new to me but seem to be related to O&O DiskImage so you might want to look for that as well and uncheck them
Next WinKey + R and type services.msc (hit enter or click OK)
Look for the same two reference, if present double click and change the start up type to Manual or Disable
Next WinKey + R and type regedit (Hit enter or Click OK)
Check these three places
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Look for references in the right side data pane for AVG and or O&O DiskImage
If present, select them in the right pane and delete them by hitting the delete key and confirm
Using the Windows Registry Editor can cause serious, system-wide problems that may require you to re-install Windows to correct them. It cannot be guaranteed that any problems resulting from the use of the Windows Registry Editor can be solved. If you choose to edit the Windows Registry please understand that you do so at your own risk so unless you feel fairly comfortable and confident you should probably not use the Editor. Changes made to the Windows Registry can take effect immediately and those that do not will take effect following the next reboot of your computer, and a current backup is not automatically made for you....So manually create a system restore point, backup the registry and export the key you are editing for safe keeping before doing so.
 
No, did not fix it. It boots 50/50 - one corrupted boot that boots Windows, but it won't respond and shows the blue screen, file attached. The next time it boots right.
Now, I have
The following boot-start or system-start driver(s) failed to load:
AVGIDSHA
avgtp
oodivd
oodivdh

What am I doing wrong?
WinKey + R and type msconfig (hit enter or click OK)
Select the startup tab look for any references to AVG
The last two are new to me but seem to be related to O&O DiskImage so you might want to look for that as well and uncheck them
Next WinKey + R and type services.msc (hit enter or click OK)
Look for the same two reference, if present double click and change the start up type to Manual or Disable
Next WinKey + R and type regedit (Hit enter or Click OK)
Check these three places
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Look for references in the right side data pane for AVG and or O&O DiskImage
If present, select them in the right pane and delete them by hitting the delete key and confirm

Looks scary.
Last night I used http://www.dell.com diagnostics tool, and it found no problem other than suggested updating my Bios, which I did with this .
After that, the system shut down automatically, as stated in the update program, but the laptop would not power off. Even pressing down the power button for 30 seconds did not help. I had to take the battery out of it. After that, it booted and shute down ok 3 times.
Will get to your advice today. Even though it scares the hell out of me.
 
You may want to continue rebooting to test machine's stability and general behavior to determine what problem(s) may still be present before resorting to any advance steps.
 
Hopefully your situation is repaired, but programs that reinstall themselves on reboots can be hard to find. I was wondering if, when you did the AVG manual uninstall, whether you got the items in the AppData folder referenced, since that folder is hidden.

If you continue to have problems, in some circumstances, the best way to uninstall something is to reinstall it first.... considering your experiences so far, this would probably be a hard decision for you to make.

You seem to be concentrating more on AVG than the other software you loaded. Do you feel the other software is no longer involved?

There is an advanced utility to find startup items on your system. You can download it from a Microsoft site and it will show all the items being loaded and where they are being loaded from. It is called Autoruns and can be found at the SysInternals site along with some other utilities used for troubleshooting.


Edit: I forgot to ask, what has been the configuration of Windows Defender during your trials?
 
You may want to continue rebooting to test machine's stability and general behavior to determine what problem(s) may still be present before resorting to any advance steps.
Thank you!
Hopefully your situation is repaired, but programs that reinstall themselves on reboots can be hard to find. I was wondering if, when you did the AVG manual uninstall, whether you got the items in the AppData folder referenced, since that folder is hidden.

If you continue to have problems, in some circumstances, the best way to uninstall something is to reinstall it first.... considering your experiences so far, this would probably be a hard decision for you to make.

You seem to be concentrating more on AVG than the other software you loaded. Do you feel the other software is no longer involved?

There is an advanced utility to find startup items on your system. You can download it from a Microsoft site and it will show all the items being loaded and where they are being loaded from. It is called Autoruns and can be found at the SysInternals site along with some other utilities used for troubleshooting.


Edit: I forgot to ask, what has been the configuration of Windows Defender during your trials?
Thank you for the reply!
I suppose IObit Ultimate was the one that caused the problem in the first place. What cleanup tool can help me get rid of its leftovers?
I tried to re-install Avg several times with no success.
I think I turned Windows Defender off when I installed AVG back in January. It is now back on because I am currently not using antivirus. I have Comodo Firewall, Spybot S&D, Spyware Blaster and JetClean. Comodo's Virtual Kiosk crashed yesterday. I also ran a full uninstall and cleanup, and reinstall for it, but Kiosk doesn't work anyway. Here is my Comodo thread.
I think I've mentioned this before, but I also updated Bios last night. I need an antivirus, but it scares the hell out of me to do any installations now.

UPD: I ran the Autoruns as you suggested, and there is probably a lot to derive from the report, but I cannot upload it here. Will screenshots do?
 
Last edited:
Autoruns 1.png Autoruns 2.png Autoruns 3.png Autoruns 4.png
 
I recklessly deleted 2 AVG and 2 IObit leftovers that were in yellow.
I rebooted twice, so far so good. I tried starting Virtual Kiosk just in case, and it loaded. Somewhat slower than before, and I had to reset it, so now it works in the 'tablet' mode. I'll see how it goes.
 
I see quite a few things in the listings. First, all the yellow ones are entries in the registry where the files to which they refer have been removed. There are three things you can do about all of the entries in the listings you may want to change. Just above each questionable entry it gives the Registry location where the file is being referenced. You can uncheck the entry so it will stop trying to load, go into the registry and remove the reference to the file, or use a third party Registry Cleaning software to remove the entries.

I do not currently have a Registry cleaner, but I believe some folks in the forum use CC Cleaner. The warning about registry cleaners is they may want to remove something that should not be removed, so I check what they will do and approve or disprove each item operation. It would also be good if the cleaner you might use would keep a backup that could be restored in cases of problems.

Edit: I also noticed you had a PC Doctor module on the system -- not really sure about that..

I do see the two AVG entries, that do still seem to be loading, so we can concentrate on those. The fact the drivers are still being loaded means you have not gotten all of AVG yet, or they were reinstalled by another part of the program. Again you could uncheck them for testing and keep them from loading. If you want to remove the entries that start them you might go to the referenced registry key and remove the AVG entries. The warning about working with the Registry is you can keep you system from booting if you make a mistake. If you do not feel comfortable making changes, use the third party software or just uncheck them in Autoruns. But it is always good to make a copy of the registry prior to working on it.

As far as all the possible items you need to check, you are the best judge. I will look for anything that looks funny to me, but I probably don't run some of your software.
 
Last edited:
I recklessly deleted 2 AVG and 2 IObit leftovers that were in yellow.
I rebooted twice, so far so good. I tried starting Virtual Kiosk just in case, and it loaded. Somewhat slower than before, and I had to reset it, so now it works in the 'tablet' mode. I'll see how it goes.
I see quite a few things in the listings. First, all the yellow ones are entries in the registry where the files to which they refer have been removed. There are three things you can do about all of the entries in the listings you may want to change. Just above each questionable entry it gives the Registry location where the file is being referenced. You can uncheck the entry so it will stop trying to load, go into the registry and remove the reference to the file, or use a third party Registry Cleaning software to remove the entries.

I do not currently have a Registry cleaner, but I believe some folks in the forum use CC Cleaner. The warning about registry cleaners is they may want to remove something that should not be removed, so I check what they will do and approve or disprove each item operation. It would also be good if the cleaner you might use would keep a backup that could be restored in cases of problems.

Edit: I also noticed you had a PC Doctor module on the system -- not really sure about that..

I do see the two AVG entries, that do still seem to be loading, so we can concentrate on those. The fact the drivers are still being loaded means you have not gotten all of AVG yet, or they were reinstalled by another part of the program. Again you could uncheck them for testing and keep them from loading. If you want to remove the entries that start them you might go to the referenced registry key and remove the AVG entries. The warning about working with the Registry is you can keep you system from booting if you make a mistake. If you do not feel comfortable making changes, use the third party software or just uncheck them in Autoruns. But it is always good to make a copy of the registry prior to working on it.

As far as all the possible items you need to check, you are the best judge. I will look for anything that looks funny to me, but I probably don't run some of your software.
So, the fact that I deleted them from Autoruns does not mean that I deleted them from the Registry? or does it?
 
Back
Top