My Toshiba laptop suddenly was unable to boot to Windows 7 Home yesterday... the post was generating an error "No operating system."
So then I booted into Linux via a live CD. From there, I could mount my Windows C-drive... its documents were still intact. However, using the app GParted to look at my hard drive, I noticed that sda3, the Toshiba Recovery Partition, was of "unknown file format."
Also, it was missing its usual label "HDD RECOVERY" and no space appeared to be used out of its 10.08GB (usually, 9.49GB is filled). Strangely, the boot flag was set to that partition (sda3) instead of its usual location on sda1, the System partition.
I used GParted to move the boot flag back to sda1, and after that, the laptop was able to boot to Win7 again. However, Disk Management showed that the recovery partition was of "RAW" file format with 0GB used.
Any clue on whether all this might have been caused by a destructive trojan or MBR rootkit which messed with my boot flag? Perhaps it was attempting to hide in the recovery partition? I just returned from a 1-week visit to my cousin's house, which has a "suspect" network... she had 40 trojans removed from her laptop a month before. I was getting a few script error messages while on the internet there.
Or was this related to hardware failure... how could that destroy one partition and move a boot flag? FYI, I did have a poor shutdown from Linux live CD right before (CD was ejected too early, but after the failed shutdown, I cleared the memory with an unplug and battery removal)... could that mess up the MBR/boot AND corrupt an entire partition? (I doubt it, as Linux was booted off a CD into memory, not installed.)
I can no longer use the non-existent recovery partition to reinstall Windows7 (and wouldn't trust the hard drive without a 0-fill wipe first, anyway), but thankfully, I made 3 recovery DVDs last year. I just need to run those, correct? Thanks.