Tag Archives: Windows

Windows Boot Sequence

  1. Turn on your computer;
  2. The Computer initiates a POST (Power On Self Test) for devices that have a BIOS (Basic Input/Output System);
    • Test the memory & various Subsystems
      • Examples: AGP and Network cards
  3. BIOS then attempts to find the MBR (Master Boot Record)
    • A 512-byte sector (LBA 0 or HD0)
  4. If successful, the Windows OS takes Control, and looks for NTLDR(Boot Loader for Windows NT based OSes)
    1. In Vista and Server 2008, this has been replaced with:
    2. NTLDRallows:
      1. Memory Addressing
      2. Initiates the File System
      3. Reads boot.ini
    3. NTLDRhas to be at the ROOT of an active partition to detect:
      1. NTDETECT.COM
      2. BOOT.INI
      3. BOOTSECT.DOS (needed for multi-OS installs)
      4. NTBOOTDD.SYS(need for SCSI adapters)
        • Only used if:
          • Boot Drive is SCSI;
          • Not using real-mode INT 0x13;
        • Then a copy of the SCSI miniport driver is loaded for Windows to run
      5. Troubleshooting:
  5. If XP is selected in the Boot Menu, NTLDRruns:
    1. NTDETECT.COM
      • Gathers basic information from hardware BIOs
    2. BOOT.INI
    3. BOOTSECT.DOS
    4. The systems starts in 16-bit real mode, and then moves into 32-bit protected mode
    5. It is possible to select F8 for Additional Boot Modes (Safe Mode, Last Known Good Configuration, etc.)
  6. NTLDR then loads NTOSKRNL.EXE and HAL.DLL
    1. Located at: %SystemRoot%System32
    2. Additional files/locations loaded:
      1. kdcom.dll (Kernel Debugger HW)
      2. bootvid.dll (Windows Logo & Side-Scrolling bar)
  7. NTLDRreads the Registry for the following information:
    1. Hardware Profile
    2. Authorized Device Drivers
    3. And needs to be in the Exact Order
  8. “Session Manager” is then started
    1. Smss.exe starts Autochk
      1. Mounts all drives
      2. Checks drives for a Clean shutdown state
    2. Starts win32k.sys for the Graphical User Interface (GUI) interface
    3. Starts csrss.exe (Client/Server Runtime Subsystem)
      1. User-Mode Applications
    4. Creates Virtual Memory/Paging file
      1. HKLMSYSTEMCurrentControlSetControlSession ManagerMemory Management
  9. NTOSKRNL.EXE takes control and starts WINLOGON.EXE which in turn starts LSASS.EXE
    1. LSASS.EXE (Local Security Authority Subsystem Service) provides the Logon screen

– Andrew
§ § § § §

Problems with Robocopy on W2K8

Has anyone had problems getting robocopy to copy from one partition to another on W2K8? I have setup a script that copies files from a W2K3 machine to a W2K8 machine without issue.

But then I try and do a similar copy from one internal HD to an External USB drive, no files are copied!

I already know about the new “Security” related issues that were introduced with Vista and W2K8, and I have tried previous versions as well!

If you have any thoughts or ideas, they would be greatly appreciated!

TIA,

– Andrew
§ § § § §

listsrv – PatchManagement.org

If you are an Systems Administrator that is responsible for Patching and Updating Servers and Workstations, it is HIGHLY recommend that you subscribe to the FREE PatchManagement.org’s listsrv!

PatchManagement.org is hosted by Shavlik Technologies, and is updated continuously!

Since the “group” is geared toward Sys Admins, the conversation are very topical and technical and one can learn a great deal!

Again, HIGHLY recommended!

– Andrew
§ § § § §