BIOS: PERFORMS POWER ON SELF TEST (POST)
BIOS: LOADS MBR FROM THE BOOT DEVICE SPECIFIED/SELECTED BY THE BIOS
MBR: CONTAINS A SMALL AMOUNT OF CODE THAT READS THE PARTITION TABLE, THE FIRST PARTITION MARKED AS ACTIVE IS DETERMINED TO BE THE SYSTEM VOLUME
MBR: LOADS THE BOOT SECTOR FROM THE SYSTEM VOLUME
BOOT SECTOR: READS THE ROOT DIRECTORY OF THE SYSTEM VOLUME AT LOADS NTLDR
NTLDR: READS BOOT.INI FROM THE SYSTEM VOLUME TO DETERMINE THE BOOT DRIVE (PRESENTING A MENU IF MORE THAN 1 ENTRY IS DEFINED)
NTLDR: LOADS AND EXECUTES NTDETECT.COM FROM THE SYSTEM VOLUME TO PERFORM BIOS HARDWARE DETECTION
NTLDR: LOADS NTOSKRNL.EXE, HAL.DLL, BOOTVID.DLL (AND KDCOM.DLL FOR XP UPWARDS) FROM THE BOOT (WINDOWS) VOLUME
NTLDR: LOADS \WINDOWS\SYSTEM32\CONFIG\SYSTEM WHICH BECOMES THE SYSTEM HIVE HKEY_LOCAL_MACHINE\SYSTEM
NTLDR: LOADS DRIVERS FLAGGED AS “BOOT” DEFINED IN THE SYSTEM HIVE, THEN PASSES CONTROL TO NTOSKRNL.EXE
NTOSKRNL.EXE: BRINGS UP THE LOADING SPLASH SCREEN AND INITIALIZES THE KERNEL SUBSYSTEM
NTOSKRNL.EXE: STARTS THE BOOT-START DRIVERS AND THEN LOADS & STARTS THE SYSTEM-START DRIVERS
NTOSKRNL.EXE: CREATES THE SESSION MANAGER PROCESS (SMSS.EXE)
SMSS.EXE: RUNS ANY PROGRAMS SPECIFIED IN BOOTEXECUTE (E.G. AUTOCHK, THE NATIVE API VERSION OF CHKDSK)
SMSS.EXE: PROCESSES ANY DELAYED MOVE/RENAME OPERATIONS FROM HOTFIXES/SERVICE PACKS REPLACING IN-USE SYSTEM FILES
SMSS.EXE: INITIALIZES THE PAGING FILE(S) AND THE REMAINING REGISTRY HIVES
** BEFORE THIS STEP COMPLETES, BUGCHECKS WILL NOT RESULT IN A MEMORY DUMP AS WE NEED A WORKING PAGE FILE ON THE BOOT (WINDOWS) VOLUME **
SMSS.EXE: STARTS THE KERNEL-MODE PORTION OF THE WIN32 SUBSYSTEM (WIN32K.SYS)
SMSS.EXE: STARTS THE USER-MODE PORTION OF THE WIN32 SUBSYSTEM (CSRSS.EXE)
SMSS.EXE: STARTS WINLOGON.EXE
WINLOGON.EXE: STARTS THE LOCAL SECURITY AUTHORITY (LSASS.EXE)
WINLOGON.EXE: LOADS THE GRAPHICAL USER IDENTIFICATION AND AUTHENTICATION DLL (MSGINA.DLL BY DEFAULT)
WINLOGON.EXE: DISPLAYS THE LOGON WINDOW
WINLOGON.EXE: STARTS THE SERVICES CONTROLLER (SERVICES.EXE)
** AT THIS POINT USERS CAN LOGON **
SERVICES.EXE: STARTS ALL SERVICES MARKES AS AUTOMATIC
Comments
Post a Comment