There are posts here at PC-Chat with the startup problems of their PC as Missing NTLDR, not staying the bootup, etc.. Here I made just in case understandings help where I had a problem and how do magboot Windows XP.
What happens to our computer we switch on the power.
Sorry to please you if I did long Etong. On You please see paragraphs 5 lng describing the boot process. But because the unlearned Here I please and I want to share with those who have wanted to know what the Windows XP Startup or Boot Process.
Understanding Windows XP Startup Process
To diagnose and correct a startup problem, you need to understand what occurs during startup. The first step in isolating startup problems is for you to determine whether the problem occurs before, during, or after Microsoft Windows XP Professional starts up.
The root cause of startup failure, including contributing factors, can stem from a variety of problems, such as user error, application faults, hardware failures, or virus activity. If the condition is serious enough, you might need to reinstall Windows XP Professional or restore files from backup media.
In x86-based systems, startup failures that occur before the operating system loader (Ntldr) starts could indicate missing or deleted files, or it could indicate damage to the hard disk master boot record (MBR), partition table, or boot sector. If a problem occurs during startup, the system might have incompatible software or drivers, incompatible or improperly configured hardware, or corrupted system files.
The startup process for x64-based computers is the same as that of x86-based computers.Startup Phases
The Windows XP Professional startup process closely resembles that of Microsoft Windows NT version 4.0, Microsoft Windows 2000, and Microsoft Windows Server™ 2003, but it significantly differs from Microsoft MS-DOS, Microsoft Windows 95, Microsoft Windows 98, and Microsoft Windows Millennium Edition (Windows Me).
All computers running Windows XP Professional share the same startup sequence:
• Power-on self test (POST) phase
• Initial startup phase
• Boot loader phase
• Detect and configure hardware phase
• Kernel loading phase
• Logon phase
The preceding startup sequence applies to systems started or restarted after a normal shutdown, and it does not apply when you bring your computer out of hibernation or standby. See “Resolving Power Management Problems” later in this chapter for more information about problems that might occur when you bring your computer out of standby or hibernation.
For Windows XP Professional to start, the system and boot partitions must contain the files listed in .Windows XP Professional Startup Files
1. Ntldr
- Location: Root of the system partition
- Description: The operating system loader.
- Location: Root of the system partition
- Description: A file that specifies the paths to Windows XP Professional installations. For multiple-boot systems, Boot.ini contains the operating system choices that display on the startup menu.
- Location: Root of the system partition
- Description: A hidden system file that Ntldr loads for a Windows XP Professional multiple-boot configuration that includes MS-DOS, Windows 95, Windows 98, or Windows Me. Bootsect.dos contains the boot sector for these operating systems.
- Location: Root of the system partition
- Description: The file that passes information about the hardware configuration to Ntldr.
- Location: Root of the system partition (required for SCSI or Advanced Technology Attachment [ATA]controllers with firmware disabled or that do not support extended INT-13 calls).
- Description: The device driver used to access devices attached to a SCSI or ATA hard disk whose adapter is not using BIOS. The contents of this file depend on the startup controller used.
- Location: systemroot\System32
- Description: The core (also called the kernel) of the Windows XP Professional operating system. Code that runs as part of the kernel does so in privileged processor mode and has direct access to system data and hardware. During installation on single processor systems, Windows XP Professional Setup copies Ntoskrnl.exe from the operating system CD. During installation on multiprocessor systems, Windows XP Professional Setup copies Ntoskrnlmp.exe and renames it Ntoskrnl.exe.
- Location: systemroot\System32
- Description: The hardware abstraction layer (HAL) dynamic-link library file. The HAL abstracts low-level hardware details from the operating system and provides a common programming interface to devices of the same type (such as video adapters). The Microsoft Windows XP Professional operating system CD contains several Hal files. Setup copies to your computer the file that fits your hardware configuration and then renames the file as Hal.dll.
XP Boot Sequence
Power-On Self Test
- As soon as you turn on a computer, its central processing unit (CPU) begins to carry out the programming instructions contained in the basic input/output system (BIOS). The BIOS, which is a type of firmware, contains the processor-dependent code that starts the computer regardless of the operating system installed. The first set of startup instructions is the power-on self test (POST). The POST is responsible for the following system and diagnostic functions:
• Performs initial hardware checks, such as determining the amount of memory present
• Verifies that the devices needed to start an operating system, such as a hard disk, are present
• Retrieves system configuration settings from nonvolatile complementary metal-oxide semiconductor (CMOS) memory, which is located on the motherboard - The contents of CMOS memory remain even after you shut down the computer. Examples of hardware settings stored in CMOS memory include boot order and Plug and Play information.
- After the motherboard POST completes, add-on adapters that have their own firmware (for example, video and hard drive controllers) carry out internal diagnostic tests.
Initial Startup Phase
After the POST, the settings that are stored in CMOS memory, such as boot order, determine the devices that the computer can use to start an operating system. For example, if the boot order specifies the floppy disk as the first startup device and the hard disk as second (some firmware displays this order as “A, C”), the following scenarios might occur at startup:
The floppy disk drive contains a floppy disk
The BIOS searches the floppy disk drive for a bootable floppy disk. If one is present, the first sector (the floppy disk boot sector) loads into memory. If the floppy disk is not bootable, an error message similar to the following appears:
Non-system disk or disk errorThe computer displays the preceding message until you insert a bootable floppy disk or until you remove the floppy disk and restart the computer.
Replace and press any key when ready
The floppy disk drive does not contain a floppy disk
If you restart the computer without a floppy disk, the computer reads the boot code instructions located on the master boot record (MBR). The MBR is the first sector of data on the startup hard disk and contains instructions (called boot code) and a table (called a partition table) that identify primary and extended partitions. The BIOS reads the MBR into memory and transfers control to the code in the MBR.
The computer then searches the partition table for the active partition. The first sector of the active partition contains boot code that enables the computer to do the following:
• Determine the file system used.If an active partition does not exist or if boot sector information is missing or corrupt, a message similar to any of the following might appear:
• Locate and start the operating system loader file, Ntldr.
Invalid partition tableIf an active partition is successfully located, the code in the boot sector locates and starts Ntldr and the BIOS releases control to it.
Error loading operating system
Missing operating system
BOOT: Couldn’t find NTLDR
NTLDR is missing
Boot Loader Phase
Ntldr loads startup files from the boot partition and then does the following:
Sets an x86-based processor to run in 32-bit flat memory mode
An x86-based computer first starts in real mode. In real mode, the processor disables certain features to allow compatibility with software designed to run on 8-bit and 16-bit processors. Ntldr then switches the processor to 32-bit mode, which allows access to large amounts of memory and enables Windows XP Professional to start.
Starts the file system
Ntldr contains the program code that Windows XP Professional needs to read and write to disks formatted by using the NTFS or file allocation table (FAT16 or FAT32) file systems.
Reads the Boot.ini file
Ntldr parses the Boot.ini file to determine the location of the operating system boot partition. For systems that use a single-boot configuration, Ntldr initiates the hardware-detection phase by starting Ntdetect.com. For multiple-boot configurations that include Windows XP Professional, Windows 2000, Windows Server 2003, Windows NT 4.0, Windows 95, Windows 98, Windows Me, or MS-DOS, you receive a menu of operating system choices at startup. In addition, if the Recovery Console has been installed, the boot loader menu is displayed during startup with the Recovery Console as one of the available options.
If you choose Windows XP Professional, Windows 2000, Windows Server 2003, or Windows NT 4.0, Ntldr proceeds with the hardware-detection phase. If you do not select Windows XP Professional, Windows 2000, Windows Server 2003, or Windows NT 4.0, control is passed to the boot sector for the other operating system. For example, if you select Windows 95, Windows 98, Windows Me, or MS-DOS, Ntldr passes control to Bootsect.dos by reading MBR code that Bootsect.dos contains. This action causes the MBR code in Bootsect.dos to execute as if the instructions were read from the disk.
Detects hardware and hardware profiles
Ntldr starts Ntdetect.com, a program that performs basic device detection. Ntldr then passes Boot.ini information, as well as hardware and software data in the registry, to Ntoskrnl.exe. Ntdetect.com detects hardware profile information (for example, docked and undocked configurations for portable computers) and also checks for information stored in Advanced Configuration and Power Interface (ACPI) tables. ACPI-compliant firmware enables Windows XP Professional to detect device power management features and determine device resource requirements.
Detect and Configure Hardware Phase
After processing the Boot.ini file, Ntldr starts Ntdetect.com. Ntdetect.com collects information about installed hardware by using calls to system firmware routines. Ntdetect.com then passes this information back to Ntldr. Ntldr gathers the data received from Ntdetect.com and organizes the information into internal data structures. Ntldr then starts Ntoskrnl.exe and provides it with information obtained from Ntdetect.com.
Ntdetect.com collects the following type of hardware and device information:
• System firmware information, such as time and dateNtdetect.com plays a greater role for device enumeration in computers that are not ACPI compliant because in those computers, the firmware, not the operating system, determines the resources assigned to devices. For computers with ACPI firmware, Windows XP Professional assigns the hardware resources to use.
• Bus and adapter types
• Video adapters
• Keyboard
• Communication ports
• Disks
• Floppy disks
• Input devices (such as mouse devices)
• Parallel ports
• Devices installed on the Industry Standard Architecture (ISA) bus
During this phase, Ntdetect.com searches for hardware profile information. Windows XP Professional creates a single default profile for desktop computers and creates two default profiles for portable computers. For portable computers, the operating system selects the appropriate profile based on the hardware state of the computer:
Desktop computer.Profile 1
• Portable computer.Hardware profiles are especially useful for portable computers because the hardware state of these computers is not static. Drivers for devices not listed in a particular hardware profile are not loaded during startup.
o Docked Profile
o Undocked Profile
Kernel Loading Phase
Ntldr is responsible for loading the Windows kernel (Ntoskrnl.exe) and the hardware abstraction layer (HAL) into memory. The Hal.dll file that your computer uses can vary. During installation, Windows XP Professional Setup copies one of several HAL files and renames the file Hal.dll.
Together, the kernel and the HAL initialize a group of software components that are called the Windows executive. The Windows executive processes the configuration information stored in registry control sets, and starts services and drivers.
Control sets
Ntldr reads control set information from the HKEY_LOCAL_ MACHINE\SYSTEM registry key, which is created from information in the systemroot\System32\Config\System file, so that Ntldr can determine which device drivers need to be loaded during startup. Typically, several control sets exist, with the actual number depending on how often system configuration settings change.
The kernel uses the internal data structures provided by Ntldr to create the HKEY_LOCAL_MACHINE\HARDWARE key, which contains the hardware data collected at system startup. The data includes information about various hardware components and system resources allocated to each device. To monitor the kernel load process, watch the Starting up progress indicator that appears during startup.
Logon Phase
The Windows subsystem starts Winlogon.exe, a system service that enables logging on and off. Winlogon.exe then does the following:
• Starts the Services subsystem (Services.exe), also known as the Service Control Manager (SCM).The Graphical Identification and Authentication (GINA) component collects the user name and password, and passes this information securely to the LSA for authentication. If the user supplied valid credentials, access is granted by using either the Kerberos V 5 authentication protocol or NTLM.
• Starts the Local Security Authority (LSA) process (Lsass.exe).
• Parses the Ctrl+Alt+Del key combination at the Begin Logon prompt.
Winlogon initializes security and authentication components while the Service Control Manager initializes Auto-load services and drivers. After the user logs on, the following events occur:
• Control sets are updated.
The control set referenced by the LastKnownGood registry entry is updated with the contents in the Clone entry. Clone, which is a copy of the CurrentControlSet entry, is created each time you start your computer. When a user logs on, the LastKnownGood control set is updated with configuration information from the previous user session.
• Group Policy settings take effect.
Group Policy settings that apply to the user and computer take effect.
• Startup programs run.
Windows XP Professional starts logon scripts, startup programs, and services referenced in these registry subkeys and folder locations:Windows XP Professional startup is not complete until a user successfully logs on to the computer.
o HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Runonce
o HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Explorer\Run
o HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run
o HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ Run
o HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run
o HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\RunOnce
o systemdrive\Documents and Settings\All Users\Start Menu\Programs\ Startup
o systemdrive\Documents and Settings\username\Start Menu\Programs\ Startup
-------------------------------------END--------------------------------------
0 comments:
Post a Comment