The startup order of Windows

The startup process for Windows includes the following phases:

　　Start Self test phase

This phase is mainly to read the BIOS, and then memory, CPU, hard disk, keyboard and other devices for self-test. This stage is displayed on the screen as the print information for the self-test.

On-Screen display: Print information for self-test

　　Initializing startup phase

This phase, depending on the boot sequence specified by the BIOS, finds the priority boot device that can be started, such as local disks, CD Driver, USB devices, and so on, and then prepares to boot the system from these devices.

Screen display: Black screen

　　Boot Load Phase

This phase first loads the NTLDR from the boot partition (such as the C disk), and then Ntldr the following settings:

1. Built-in memory mode, if it is a x86 processor and the operating system is 32 bits, set to 32-bit flat memory mode, or 64-bit memory mode if it is a 64-bit operating system + 64-bit processor.

2. Boot file system

3. Read Boot.ini file

Screen display: Black screen, if you press F8 or multiple systems will display the Startup options menu.

　　Detecting and configuring hardware phases

This phase examines and configures a number of hardware devices, respectively:

　　- system firmware, such as time and date

　　- Bus and adapter

　　- Display Adapter

　　- Keyboard

　　- Communication port

　　- Disk

　　- floppy disk

　　- input devices (such as mouse)

　　- and the mouth

　　- devices running on the ISA bus

Screen display: Black screen

　　Kernel load phase

During the kernel load phase, NTLDR first loads the Windows kernel Ntoskrnl.exe and the hardware Abstraction layer (HAL). HAL is similar to the embedded operating system of the BSP (Borad support package), the abstraction layer of the hardware at the bottom of the characteristics of the isolation, the operating system to provide a unified call interface, the operating system porting to different hardware as long as the corresponding HAL can be changed, Other kernel components do not need to be modified, which is the usual design pattern for the operating system.

Next, NTLDR reads the driver installed by this machine from Hkey_local_ Machinesystemcurrentcontrolset, and then loads the driver sequentially.

After the driver is loaded, Windows makes the following settings:

1. Create System Environment variables

2. Start Win32.sys, which is the kernel mode portion of the Windows subsystem.

3. Start Csrss.exe, which is the user mode section of the Windows subsystem.

4. Start Winlogon.exe

5. Create a virtual memory paging file

6. Renaming some necessary documents (mainly the driver file, if updated, it needs to be renamed before the next reboot)

　　Screen display: Display Windows logo interface and progress bar

Logon phase

There are a few things you can do at this stage:

1. Start all Windows services installed on the machine that need to be started automatically

2. Start Local Security certification Lsass.exe

3. Show Login Interface

Screen display: Show login interface