Wednesday, May 28, 2008

Windows 2000\XP boot up process

Here is how Windows 2000\XP boot up.

Preboot:

1. POST routines run.

2. BIOS finds the boot devices and loads ans tuns MBR.

3. MBR locates the active partition in the partition table. Load
the boot sector into memory an run it.

The files used to load 2000\XP in this sequence:
Ntldr, Boot.ini, Bootsect.dos (if you have Windows 9x), Ntdetect.com, Winnt\system32\Ntoskrnl.exe.

Boot:

1. Ntldr (NT Loader) is loaded, executed and started the minifile system drivers to load Windows in FAT or NTFS partition format.

2. Ntldr read the boot.ini and you have operrating system selection. (if boot.ini is not found, it will attemp to load on the first partition of the first disk.)

3. If Windows 9x\Me is selected, Ntldr loads bootsect.dos.
If Windows 2000/XP is selected, Ntdetect.com performs hardware detection. Ntdetect.com detects bus/adapter type, comm ports, flating point pocessor, floppy, keyboard, mouse, parallel ports, SCSI, video cards which in the registry HLM\HARDWARE key.

4. After collection hardware information, Hardware Profiles menu is present if there is more than one hardware profile.

5. NTldr loads Winnt\System32\Ntoskrnl.exe, hal.dll (hardwareware abstraction layer), HKLM\SYSTEM key from winnt\system32\Config\System, and loads and initializes device drivers control set that used to iniialize the computer. The order list of loading device
drivers is in HKLM\SYSTEM\CurrentControlSet\Control\ServiceGroupOrder.

6. After successful initialization, a set of registry key will be set in HKLM\HARDWARE. A copy of ControlSet will be created in HKL\System.

7. Kernal scans and loads the device drivers in HKLM\SYSTEM\CurrentControlSet\Services.

8. Session Manger (Smss.exe) executes commands in BootExecute data item, creates the pagining file by Memory Manager, DOD device key, subsystem and services for Windows.

9. The Win32 subsystem start Winlogon.exe, loads Local Security Authority (Lsass.exe) and
display Login dailog box.

10. Service Controller makes a final scan and runs serverices marked to run automatically in
HKLM\SYSTEM\CurrentControlSet\Services.

11. After successfully logon, a copy of cntrol set is made to LastKnownGood control set.
Permanent Link 28.5.08
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)