Boot Process (Windows).

Today we will explore the complete boot process from pressing the power button to the login screen. 

We have to understand this boot process in order to troubleshoot startup problem windows driver crash or any application crash which interact with HAL (Hardware abstract layer) or any device driver which become rouge. 

We can divide it into 4 phase. 

1. PreBoot

2. Windows Boot Manager

3. Windows OS Loader

4. Windows NT OS Kernel

Let's Clear few key parts before getting into the boot process. 

- The heart of a computer is the CPU, and the CPU gets instructions from memory.

- ROM (Read-only Memory): Rom is the home of BIOS and firmware. 

- BIOS is the very first code that runs when the system power on. It identifies the system devices and stored permanently on motherboard's ROM.

- POST aka power-on self-test is the very first process that runs on a computer. It ensures all the Hardware are in place and working properly. 

- MBR ( Master boot record ) aka Sector Zero. MBR contain boot code and partition table. It has a total of 512 bytes of space in which 446 byte is for boot code and remains 64 byte is for the partition table. 

- Boot record: Usually it starts from Sector 1 or the disk and it contains OS and file system information.  

Let us start the computer now. 

Phase 1 PreBoot:  

- The system starts POST (power on self-test) and checks for all hardware devices. 

- system check for boot sequence from BIOS ROM. Typically BIOS parameters are stored in CMOS.

- BIOS can be password protected. 

- Then control passes to the MBR of the first Bootable device. 

- MBR points to the boot record and loads the Bootloader of the selected OS.

- Bootloader is a small programme that loads the OS. - 

-Then the control passes to the Operating system. 

- The system then starts the Windows Boot Manager. This is located here: %SystemDrive%\bootmgr

Phase 2: Windows Boot manager:

This step determines if you have multiple OS installed on your computer. If yes, then it offers a menu with the names of the OSs. When you select the OS, it will load the right program, i.e. Winload.exe to boot you into the correct OS.

Winload.exe located on the Windows boot partition – %SystemRoot%\system32\winload.exe

Phase 3: Windows OS Loader

WinLoad.exe loads important drivers to kick start the Windows Kernel. The kernel uses the drivers to talk to the hardware and do the rest of the things required for the boot process to continue.

Phase 4: Windows NT OS Kernel

This is the last stage which picks up the Registry settings, additional drivers, etc. Once that has been read, the control is taken by the system manager process. 

Then it loads up the UI, the rest of the hardware and software in the respective system and userspace.  

That’s when you finally get to see your Windows OS Login screen.

Hope you enjoy the blog. Please share and like if you feel this was informative. 

Have a nice day ahead.