Windows Vista boot-up process:
System is powered on
The CMOS loads the BIOS and then runs POST
Looks for the MBR on the bootable device
Through the MBR the boot sector is located and the BOOTMGR is loaded
BOOTMGR looks for active partition
BOOTMGR reads the BCD file from the \boot directory on the active partition
The BCD (boot configuration database) contains various configuration parameters( this information was previously stored in the boot.ini)
When windows vista is selected, BOOTMGR transfer control to the Windows Loader (winload.exe) or winresume.exe in case the system was hibernated.
Winloader loads drivers that are set to start at boot and then transfers the control to the windows kernel.
There is not msgina.dll in windows vista ( the shell draws the login screen)
OK. Now that we have the two boot-up processes on the board, we should examine what is different on windows vista boot up process. As we can see the difference starts at the MBR. In windows vista, NTLDR was replaced by three new boot loader components, supposedly designed to load windows quicker and more securely. Those components are;
Windows Boot Manager (Bootmgr.exe)
Windows OS Loader (Winload.exe)
Windows Resume Loader (Winresume.exe)
Windows Boot Manager reads the boot configuration data (BCD) and display an operating system selection menu to the user
Windows OS loader is the operating system boot loader. It is invoked by the windows boot manager in order to load the operating system kernel (ntoskrnl.exe) and boot-class device drivers.
Notice the Boot Configuration Data ( BCD) This new data store serves essentially the same purpose as boot.ini. However, BCD abstracts the underlying firmware and provides a common programming interface to manipulate the boot environment for all Windows-supported computer platforms) Boot Configuration Data allows for third party integration so anyone can implement tools like diagnostics or recovery options
Windows Resume loader replaces the Hiberfil.sys.
Another change that is worth noting is the msgina.dll file, I guess Microsoft sensed that was being abused too much and integrated the logon screen into the shell. Msgina.dll was used on windows XP to change custom login screens.
System is powered on
The CMOS loads the BIOS and then runs POST
Looks for the MBR on the bootable device
Through the MBR the boot sector is located and the BOOTMGR is loaded
BOOTMGR looks for active partition
BOOTMGR reads the BCD file from the \boot directory on the active partition
The BCD (boot configuration database) contains various configuration parameters( this information was previously stored in the boot.ini)
When windows vista is selected, BOOTMGR transfer control to the Windows Loader (winload.exe) or winresume.exe in case the system was hibernated.
Winloader loads drivers that are set to start at boot and then transfers the control to the windows kernel.
There is not msgina.dll in windows vista ( the shell draws the login screen)
OK. Now that we have the two boot-up processes on the board, we should examine what is different on windows vista boot up process. As we can see the difference starts at the MBR. In windows vista, NTLDR was replaced by three new boot loader components, supposedly designed to load windows quicker and more securely. Those components are;
Windows Boot Manager (Bootmgr.exe)
Windows OS Loader (Winload.exe)
Windows Resume Loader (Winresume.exe)
Windows Boot Manager reads the boot configuration data (BCD) and display an operating system selection menu to the user
Windows OS loader is the operating system boot loader. It is invoked by the windows boot manager in order to load the operating system kernel (ntoskrnl.exe) and boot-class device drivers.
Notice the Boot Configuration Data ( BCD) This new data store serves essentially the same purpose as boot.ini. However, BCD abstracts the underlying firmware and provides a common programming interface to manipulate the boot environment for all Windows-supported computer platforms) Boot Configuration Data allows for third party integration so anyone can implement tools like diagnostics or recovery options
Windows Resume loader replaces the Hiberfil.sys.
Another change that is worth noting is the msgina.dll file, I guess Microsoft sensed that was being abused too much and integrated the logon screen into the shell. Msgina.dll was used on windows XP to change custom login screens.
No comments:
Post a Comment