Thursday, October 15, 2009

The Bootup Sequence of Windows XP Consist of 5 Major Steps

1) Pre-boot. This phase is started when the computer is first power on. The computer runs a power-on-self-test, which it will be probing for Plug and Play Hardware devices. After this process, the Basic Input/Output System (BIOS) will locates the Master Boot Record (MBR), which it uses to locate and start the Operating System.

2) Boot. In this phase the NTLDR is used to initialize the system and change the microprocessor from real mode to 32-bit flat memory mode. Next the following files are used to locate and load the Operating System

NTLDR
Ntdetect.com
Boot.ini

3) Kernel Load. During this phase the NTLDR loads the Ntoskrnl.exe file, but does not initialize it. It also loads the HAL and HKEY_LOCAL_MACHINE Registry key during this phase. This registry key is used to load the device drivers and some of the low level services, which are critical for a successful logon. The information that is created at this phase is called the control set. After this only the NTLDR initializes and passes over the control to the Ntoskrnl.exe (NT Kernel).

4) Kernel Initialization. Upto this point the screen was in text mode. From here onwards the screen changes and the Windows logo appear. During this phase 4 tasks are accomplished.

(a) The Hardware key is created using the data found on the Ntdetect.com file.

(b) The clone control set is created, which is a copy of the control set which was created at the kernel load phase.

(c) The kernel initializes the low-level device drivers that were loaded in the kernel load phase and loads and initializes the higher-level device drivers that are dependent upon the low-level device drivers.

(d) Finally the Session Manger loads all of the Higher-Level Services, including the Win32 sub-system, which is controls the graphical user interface, video display and all I/O devices. Also the WinLogon process is started.

5) Logon. In this stage the winlogon.exe starts the Local Security Authority (LSA), which provide a logon screen.

After a successful logon the System copies the Clone Control Set to the Last Known Good Configuration (LKG) Control Set. This will not be changed until the next successful logon.

Tuesday, October 6, 2009

Files Required to Boot Windows NT/2000/XP (x86 Platforms)

After the systems POST routine process was completely successful, then comes the process of booting up the Operating System. The Boot up process will fail if any of the following files are missing or corrupted.

NTLDR

Root directory of the startup disk

Boot.ini

Root directory of the startup disk

Bootsect.dos

Root directory of the startup disk

Ntdetect.com

Root directory of the startup disk

Ntbootdd.sys (for SCSI only)

Root directory of the startup disk

Ntoskrnl.exe

%SystemRoot%%\System32

Hal.dll

%SystemRoot%\System32

The\SYSTEM registry hive

%SystemRoot%\System32\Config

Device drivers

%SystemRoot%\System32\Drivers


The file "Bootsect.dos" is required only in multi-boot systems.

Also it is possible to boot linux and unix systems through the NT Loader.

Copy the first sector of your root linux into a file in the NT/2000 partition and name the file, for example, C:\Bootsect.inx (by analogy to C:\Bootsect.dos)

Then edit the boot.ini file as follows.
C:\BOOTSECT.LNX="Linux"