Scribd Logo
Upload

Welcome to Scribd!

  • 77 views

    Windows 2003 Booting Process

    Uploaded by

    Om Pal
    The Windows boot process begins with the BIOS performing a power-on self-test and loading the master boot record from the boot device, which reads the partition table and loads the boot sector of the active system partition. The boot sector then loads the NT Loader (NTLDR) which reads the boot configuration file and loads critical Windows files before passing control to the Windows kernel (NTOSKRNL.EXE). The kernel initializes drivers and processes and starts the Session Manager (SMSS.EXE) to complete initialization and launch the logon process.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd

    Windows 2003 Booting Process

    Uploaded by

    Om Pal
    77 views1 page
    The Windows boot process begins with the BIOS performing a power-on self-test and loading the master boot record from the boot device, which reads the partition table and loads the boot sector of the active system partition. The boot sector then loads the NT Loader (NTLDR) which reads the boot configuration file and loads critical Windows files before passing control to the Windows kernel (NTOSKRNL.EXE). The kernel initializes drivers and processes and starts the Session Manager (SMSS.EXE) to complete initialization and launch the logon process.

    Original Title

    Windows 2003 booting process

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The Windows boot process begins with the BIOS performing a power-on self-test and loading the master boot record from the boot device, which reads the partition table and loads the boot sector of the active system partition. The boot sector then loads the NT Loader (NTLDR) which reads the boot configuration file and loads critical Windows files before passing control to the Windows kernel (NTOSKRNL.EXE). The kernel initializes drivers and processes and starts the Session Manager (SMSS.EXE) to complete initialization and launch the logon process.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    77 views1 page

    Windows 2003 Booting Process

    Uploaded by

    Om Pal
    The Windows boot process begins with the BIOS performing a power-on self-test and loading the master boot record from the boot device, which reads the partition table and loads the boot sector of the active system partition. The boot sector then loads the NT Loader (NTLDR) which reads the boot configuration file and loads critical Windows files before passing control to the Windows kernel (NTOSKRNL.EXE). The kernel initializes drivers and processes and starts the Session Manager (SMSS.EXE) to complete initialization and launch the logon process.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    of 1

    Windows 2003 booting process?

    Windows - boot process & simple troubleshooting this is the (simplified) boot sequence for Windows NT,
    2000, XP and 2003:

    BIOS: performs Power On Self Test (POST)


    BIOS: loads MBR from the boot device specified/selected by the BIOS

    MBR: contains a small amount of code that reads the partition table, the first partition marked as active is
    determined to be the system volume
    MBR: loads the boot sector from the system volume

    BOOT SECTOR: reads the root directory of the system volume at loads NTLDR

    NTLDR: reads BOOT.INI from the system volume to determine the boot drive (presenting a menu if more
    than 1 entry is defined)
    NTLDR: loads and executes NTDETECT.COM from the system volume to perform BIOS hardware detection
    NTLDR: loads NTOSKRNL.EXE, HAL.DLL, BOOTVID.DLL (and KDCOM.DLL for XP upwards) from the boot
    (Windows) volume
    NTLDR: loads \WINDOWS\SYSTEM32\CONFIG\SYSTEM which becomes the system hive
    HKEY_LOCAL_MACHINE\System
    NTLDR: loads drivers flagged as "boot" defined in the system hive, then passes control to NTOSKRNL.EXE

    NTOSKRNL.EXE: brings up the loading splash screen and initializes the kernel subsystem
    NTOSKRNL.EXE: starts the boot-start drivers and then loads & starts the system-start drivers
    NTOSKRNL.EXE: creates the Session Manager process (SMSS.EXE)

    SMSS.EXE: runs any programs specified in BootExecute (e.g. AUTOCHK, the native API version of CHKDSK)
    SMSS.EXE: processes any delayed move/rename operations from hotfixes/service packs replacing in-use
    system files
    SMSS.EXE: initializes the paging file(s) and the remaining registry hives
    ** Before this step completes, bug checks will not result in a memory dump as we need a working page file
    on the boot (Windows) volume **
    SMSS.EXE: starts the kernel-mode portion of the Win32 subsystem (WIN32K.SYS)
    SMSS.EXE: starts the user-mode portion of the Win32 subsystem (CSRSS.EXE)
    SMSS.EXE: starts WINLOGON.EXE

    WINLOGON.EXE: starts the Local Security Authority (LSASS.EXE)


    WINLOGON.EXE: loads the Graphical User Identification and Authentication DLL (MSGINA.DLL by default)
    WINLOGON.EXE: displays the logon window
    WINLOGON.EXE: starts the services controller (SERVICES.EXE)
    ** At this point users can logon **

    SERVICES.EXE: starts all services marks as automatic

    NOTES:
    The SYSTEM volume is the partition from which the boot process starts, containing the MBR, boot sector,
    NTLDR, NTDETECT.COM & BOOT.INI

    The BOOT volume is the partition which contains the Windows folder - this can be a logical partition

    You might also like