How to repair a Windows system that got stuck at Glary Utilities' BootDefragDriver.sys while booting

boot drivers windows defragment

Solution 1:

Using a Linux Live USB I realized that C:\Windows\System32\drivers\BootDefragDriver.sys wasn't even there. Copying it from another system and re-booting didn't help.

So, I checked the configuration of the other system and found two Registry keys:

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BOOTDEFRAGDRIVER     
HKLM\SYSTEM\CurrentControlSet\Services\BootDefragDriver

These entries appear/disappear, as well as the aforementioned BootDefragDriver.sys, if you activate/deactivate Glary Utilities' Boot Defrag/Optimization.

So, the next task was to edit the Registry from outside Windows. I remembered having used a Linux command line tool for this in the past but before I recalled its name to be able to search for it I stumbled across:

AVG Rescue CD GNU/Linux (ARL) (ISO for CD and USB)

(The german download page mentions that it's from 2016 and there are other alternatives that are recommended.)

This tool is GREAT! It starts a COW-based application that includes a Registry Utility amongst others (if you prefer shell one-liners, or mc, simply < Exit > it).

AVG Rescue CD GNU/Linux (ARL)

Be sure to run the USB version's setup.exe as Administrator, otherwise the USB drive will not be bootable (though the setup says so at the end). You need an USB drive with at least 1.5 GiB free space.

Note: Apparently the Registry Utility is only able to work with the partition mounted first. If you happen to have more than one Windows partition, like me, and the one of interest isn't mounted as the first, exit the tool and perform, for example:

# umount /mnt/sdb1
# mount /dev/sdb2 /mnt/sdb1

Restart the tool with arl (it tells you so at exiting).

BE EXTREMLY(!) CAREFUL when selecting the keys to be removed with arl's Registry Utility. When you select < Remove > and hit Enter, it's done! There is NO CONFIRMATION OF ANY KIND and NO UNDO.

After removing the aforementioned keys in all ControlSets:

HKLM\SYSTEM\ControlSetNNN\Enum\Root\LEGACY_BOOTDEFRAGDRIVER     
HKLM\SYSTEM\ControlSetNNN\Services\BootDefragDriver

the system started normally again.

Next steps are to invoice Glarysoft with the $ 1,000 I lost spending an entire day with this and to remove it from every system I get hands on in the future and never install it anywhere again.

Please leave a comment below if the link to arl doesn't work again as it happened in the past.

Related

How to view HEIC format pictures in Explorer and the Photos app on Windows 10
Automated Removal of Duplicate Folders (and contents of same) [Linux or Windows]
Unchanged meetings always prompt to save changes in Outlook 2016
Terminal not listing Applications folder
Will Excel VBA calls to Internet Explorer work in Windows 11?
Windows 10 cannot connect to Linux Samba shares, except from SMB1/CIFS
Cannot access Samba shares from Windows 10
Windows 10 cannot access Samba Share but can from other devices
Outlook rule for messages for while I am the only name in the "To:" box
How do you toggle overwrite in Wordpad? (The insert key pastes, so doesn't help)
Windows 7 rightclick menu from toolbar like ALT-SPACE?
Matrix/Vector Derivative