 | This article includes a list of general references, but it lacks sufficient corresponding inline citations .(March 2024) |
 | The topic of this article may not meet Wikipedia's general notability guideline .(March 2024) |
The booting process of Microsoft Windows varies between different releases.
In Windows versions 1.01 to Windows 2.11, the system was loaded when WIN.COM was executed. It then loaded WIN100.BIN or WIN200.BIN and WIN100.OVL or WIN200.OVL, along with the configuration settings file WIN.INI . The default shell is the MS-DOS Executive.
The modules GDI.EXE, KERNEL.EXE and USER.EXE, fonts, and the various device drivers (such as COMM.DRV, MOUSE.DRV, KEYBOARD.DRV) are incorporated in WIN100.BIN/WIN200.BIN and WIN100.OVL/WIN200.OVL.
In Windows 3.x and 95/98/ME, the boot loader phase is handled by MS-DOS. During the boot phase, CONFIG.SYS and AUTOEXEC.BAT are executed, along with the configuration settings files WIN.INI and SYSTEM.INI . Virtual device drivers are also loaded in the startup process: they are most commonly loaded from the registry (HKLM\System\CurrentControlSet\Services\VxD) or from the SYSTEM.INI file.
MS-DOS starts WIN.COM. In Windows 3.x, the WIN.COM starts KRNL286.EXE (standard mode) or KRNL386.EXE (386 enhanced mode). In Windows 9x, the WIN.COM starts VMM32.VXD.
When all system configuration files and device drivers have been loaded, the 16-bit modules, KRNL386.EXE, GDI.EXE, and USER.EXE, are loaded, then the 32-bit DLLs (KERNEL32.DLL, GDI32.DLL, and USER32.DLL) are loaded. The 32-bit VxD message server (MSGSRV32) starts MPREXE.EXE, which is responsible for loading the network logon client (such as Client for Microsoft Networks, Microsoft Family Logon or Windows Logon).
When a user is logging on to Windows, the startup sound is played, the shell (usually EXPLORER.EXE) is loaded from the [boot] section of the SYSTEM.INI file, and startup items are loaded.
In all versions of Windows 9x except ME, it is also possible to load Windows by booting to a DOS prompt and typing "win". There are some command line switches that can be used with the WIN command: with the /D switch, Windows boots to safe mode, and with the /D:n switch, Windows boots to safe mode with networking. The latter switch only works properly with Windows 95. [1] In Windows 3.1, additional options are available, such as /3, which starts Windows in 386 enhanced mode, and /S, which starts Windows in standard mode [2]
A startup sound was first added in Windows 3.0 after installing the Multimedia Extensions (MME), [3] but not enabled by default until Windows 3.1.
 | This section needs expansionwith: notable, non-"how-to" material selected from this version of "Booting process of Windows NT", as per Wikipedia:Articles for deletion/Booting process of Windows NT. You can help by adding to it. (April 2024) |
In Windows NT, the booting process is initiated by NTLDR in versions before Vista and the Windows Boot Manager (BOOTMGR) in Vista and later. [4] The boot loader is responsible for accessing the file system on the boot drive, starting ntoskrnl.exe , and loading boot-time device drivers into memory. Once all the boot and system drivers have been loaded, the kernel starts the session manager (smss.exe), which begins the login process. After the user has successfully logged into the machine, winlogon applies User and Computer Group Policy setting and runs startup programs declared in the Windows Registry and in "Startup" folders. [5]
The Windows API, informally WinAPI, is the foundational application programming interface (API) that allows a computer program to access the features of the Microsoft Windows operating system in which the program is running. Programs access API functionality via dynamic-link library (DLL) technology.
NTLDR is the boot loader for all releases of Windows NT operating system from 1993 with the release of Windows NT 3.1 up until Windows XP and Windows Server 2003. From Windows Vista onwards it was replaced by the BOOTMGR bootloader. NTLDR is typically run from the primary storage device, but it can also run from portable storage devices such as a CD-ROM, USB flash drive, or floppy disk. NTLDR can also load a non NT-based operating system given the appropriate boot sector in a file.
In DOS memory management, conventional memory, also called base memory, is the first 640 kilobytes of the memory on IBM PC or compatible systems. It is the read-write memory directly addressable by the processor for use by the operating system and application programs. As memory prices rapidly declined, this design decision became a limitation in the use of large memory capacities until the introduction of operating systems and processors that made it irrelevant.
Windows 9x is a generic term referring to a line of discontinued Microsoft Windows operating systems from 1995 to 2000, which were based on the Windows 95 kernel and its underlying foundation of MS-DOS, both of which were updated in subsequent versions. The first version in the 9x series was Windows 95, which was succeeded by Windows 98 and then Windows Me, which was the third and last version of Windows on the 9x line, until the series was superseded by Windows XP.
AUTOEXEC.BAT is a system file that was originally on DOS-type operating systems. It is a plain-text batch file in the root directory of the boot device. The name of the file is an abbreviation of "automatic execution", which describes its function in automatically executing commands on system startup; the filename was coined in response to the 8.3 filename limitations of the FAT file system family.
In computing, a virtual address space (VAS) or address space is the set of ranges of virtual addresses that an operating system makes available to a process. The range of virtual addresses usually starts at a low address and can extend to the highest address allowed by the computer's instruction set architecture and supported by the operating system's pointer size implementation, which can be 4 bytes for 32-bit or 8 bytes for 64-bit OS versions. This provides several benefits, one of which is security through process isolation assuming each process is given a separate address space.
The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interfaces can all use the registry. The registry also allows access to counters for profiling system performance.
The architecture of Windows NT, a line of operating systems produced and sold by Microsoft, is a layered design that consists of two main components, user mode and kernel mode. It is a preemptive, reentrant multitasking operating system, which has been designed to work with uniprocessor and symmetrical multiprocessor (SMP)-based computers. To process input/output (I/O) requests, it uses packet-driven I/O, which utilizes I/O request packets (IRPs) and asynchronous I/O. Starting with Windows XP, Microsoft began making 64-bit versions of Windows available; before this, there were only 32-bit versions of these operating systems.
Winlogon is the component of Microsoft Windows operating systems that is responsible for handling the secure attention sequence, loading the user profile on logon, creates the desktops for the window station, and optionally locking the computer when a screensaver is running. The roles and responsibilities of Winlogon have changed significantly in Windows Vista and later operating systems.
A dynamic-link library (DLL) is a shared library in the Microsoft Windows or OS/2 operating system.
As the next version of Windows NT after Windows 2000, as well as the successor to Windows Me, Windows XP introduced many new features but it also removed some others.
ntoskrnl.exe, also known as the kernel image, contains the kernel and executive layers of the Microsoft Windows NT kernel, and is responsible for hardware abstraction, process handling, and memory management. In addition to the kernel and executive layers, it contains the cache manager, security reference monitor, memory manager, scheduler (Dispatcher), and blue screen of death.
The Session Manager Subsystem, or smss.exe, is a component of the Microsoft Windows NT family of operating systems, starting in Windows NT 3.1. It is executed during the startup process of those operating systems.
The Microsoft Windows operating system supports a form of shared libraries known as "dynamic-link libraries", which are code libraries that can be used by multiple processes while only one copy is loaded into memory. This article provides an overview of the core libraries that are included with every modern Windows installation, on top of which most Windows applications are built.
The Windows Boot Manager (BOOTMGR) is the bootloader provided by Microsoft for Windows NT versions starting with Windows Vista and Windows Server 2008. It is the first program launched by the BIOS or UEFI of the computer and is responsible for loading the rest of Windows. It replaced the NTLDR present in older versions of Windows.
The Client/Server Runtime Subsystem, or csrss.exe, is a component of the Windows NT family of operating systems that provides the user mode side of the Win32 subsystem. In modern versions of Windows, it is primarily involved with process and thread management, console window handling, side-by-side assembly loading and the shutdown process. Historically, it had also been responsible for window management and graphics rendering, however, these operations have been moved to kernel mode starting with Windows NT 4.0 to improve performance.
MSConfig is a system utility to troubleshoot the Microsoft Windows startup process. It can disable or re-enable software, device drivers and Windows services that run at startup, or change boot parameters.
SYSTEM.INI is an initialization used in early versions of Microsoft Windows to load device drivers and the default Windows shell, among other system settings. Many of these settings were honored in Windows 9x, although the INI files had begun to be phased out in favor of the Windows Registry. Windows NT 4.0, 2000, XP and Server 2003 still acknowledge some SYSTEM.INI entries in order to provide backwards compatibility with older 16-bit applications. Windows Vista and beyond also have SYSTEM.INI as well. However, when a fresh install of XP/Server 2003 is performed, the SYSTEM.INI file created contains by default only these lines:
The Windows 9x series of operating systems refers to a series of Microsoft Windows operating systems produced from 1995 to 2000. They are based on the Windows 95 kernel which is a monolithic kernel. The basic code is similar in function to MS-DOS. They are 16-/32-bit hybrids and require support from MS-DOS to operate.
Service Control Manager (SCM) is a special system process under the Windows NT family of operating systems, which starts, stops and interacts with Windows service processes. It is located in the %SystemRoot%\System32\services.exe executable. Service processes interact with SCM through a well-defined API, and the same API is used internally by the interactive Windows service management tools such as the MMC snap-in Services.msc and the command-line Service Control utility sc.exe.
| Processes |  | ||||||
|---|---|---|---|---|---|---|---|
| Booting firmware |
| ||||||
| Hybrid firmware bootloader | |||||||
| Bootloaders |
| ||||||
| Partition layouts | |||||||
| Partitions | |||||||
| Utilities |
| ||||||
| Network boot | |||||||
| ROM variants | |||||||
| Related | |||||||
