Click here to Skip to main content
11,935,012 members (47,277 online)
Click here to Skip to main content
Add your own
alternative version

Tagged as


88 bookmarked

The Birth of Windows Desktop

, 28 Jun 2012 CPOL
Rate this:
Please Sign up or sign in to vote.
Steps involved in getting to your windows desktop from your power on the machine


Have you ever thought of how your operating system (Windows) is loaded? It’s quite interesting to know about the miniature details that are involved in the process. This article will shed some light on this topic.


The actual execution of the processor begins when you power on the system. Following are the major steps involved.

  1. BIOS performs some initial check and read the Zero sector of the hard disc, This Zero sector has a special name - MBR(Master Boot Record).


  2. MBR contains two sections:
    1. Boot Code (446 bytes)
    2. Partition Table Entries (16 bytes colored entries in the bottom)
  3. The purpose of boot code is to iterate over all the partition table entries and check for a bootable partition (if the first byte of the partition entry is 0x80, then it is a bootable partition. Also called as boot partition or system volume). (There can be only four entries specified in the MBR, does it mean we are limited with 4 drives ?) (this is where extended partitions come into the picture).
  4. Now besides locating the boot partition, it will know exactly from which sector the boot partition begins. This is done by examining the 8th-12th bytes in the partition entry (so in the above picture 3f 00 00 00 converted to little endian we get 0000003f = 63rd Sector). In general, it will be 63rd sector.
  5. Again the first sector (63rd) of the bootable partition is called as Boot Sector which contains enough code to read a special file named ntldr (NT loader) from the root (c:\) drive. This is the time where you may at times see “NTLDR is missing” error message. Following are the tasks performed by ntldr.
    1. The main purpose of ntldr is to setup the stage for the windows kernel to load.
    2. It enables paging and preliminary hardware detection using BIOS routines(int) and
    3. Reads boot.ini to display boot menu.


    4. If the system is hibernated during the last shutdown, it will resume from hiberfil.sys.
    5. Most importantly, it loads boot start drivers (these are the core drivers for proper functioning of OS). Following are the examples for boot start drivers:


    6. Sets CPU registers, etc., and pass on the control to ntoskrnl.exe (NT OS Kernel). This ends the life of ntldr.
  6. Ntoskrnl is mainly responsible for setting up the following OS services (here, you will see Windows XP logo progress bar).
    1. Phase 0 Initialization
      1. Memory Management Services
      2. Process Management Services (First kernel mode process the system process is created)
      3. Object Manger Services
      4. Plug and Play Management Services
      5. Security Reference Monitor Services
    2. Phase 1 Initialization
      1. Hal initialization (Hardware Abstraction Layer)
      2. Multi processor support
      3. Scheduler support (inherently dependent on processor architecture)
      4. Power management


  7. Now the control is passed on to smss.exe (Session Manager Subsystem). It is the first user mode process that is created in the life span of windows.


    1. The following are the tasks performed by smss process:
      1. Runs check disk (disc check):


      2. Pending file copy and file deletes (some softwares need to overwrite the files which are in use by the OS and they will ask you for reboot) and this is the phase where those pending copy and deletes will be performed.
      3. Page file is created (pagefile.sys):


    2. Loads registry hives from \Windows\System32\Config\*.*.
    3. Finally, it creates two processes csrss.exe (Client Server Run-Time Subsystem), Winlogon.exe. 
      1. Csrss.exe is responsible for user mode functionality of the system and sits as an interface for windows API)
      2. Winlogon.exe is responsible for starting all auto-start services (services.exe) and creating the lsass.exe (Local Security and Authentication Subsystem) this process is for authenticating the user logins 
      3. Next winlogon will show the logon screen to the user, upon successful logon winlogon will load the explorer.exe under the current user profile. This is where you will see the desktop.




Though the actual process involves more complicated steps, I have oversimplified the overall flow in favor of novice users and tried not to lose the brevity of the content. Please feel free to comment on the post. Positive criticism is most welcome.


  1. Windows Internals 4th Ed By Mark E. Russinovich, David A. Solomon


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Vineel Kumar Reddy Kovvuri
Software Developer Microsoft
India India
Hello, This is Vineel Kumar Reddy Kovvuri, I am interested in Systems Programming, love to tinker with low level functionality of Windows and Linux. Works for Microsoft.

You may also be interested in...

Comments and Discussions

GeneralMy vote of 5 Pin
Abinash Bishoyi4-Mar-13 4:46
memberAbinash Bishoyi4-Mar-13 4:46 
GeneralMy vote of 5 Pin
gndnet12-Oct-12 14:19
membergndnet12-Oct-12 14:19 
GeneralMy vote of 5 Pin
Sergio Andrés Gutiérrez Rojas28-Jun-12 13:39
memberSergio Andrés Gutiérrez Rojas28-Jun-12 13:39 
QuestionMy vote of 5 Pin
eka80828-Jun-12 7:02
membereka80828-Jun-12 7:02 
QuestionCorrecting a 'math' error: Pin
The Starman22-Jun-12 21:15
memberThe Starman22-Jun-12 21:15 
General+some more Pin
xawari1-Dec-10 8:12
memberxawari1-Dec-10 8:12 
GeneralMy vote of 5 Pin
sjelen30-Nov-10 3:32
membersjelen30-Nov-10 3:32 
GeneralMy vote of 5 Pin
Kraeven29-Nov-10 21:45
memberKraeven29-Nov-10 21:45 
GeneralMy vote of 5 Pin
jose.mira23-Nov-10 0:55
memberjose.mira23-Nov-10 0:55 
GeneralMy vote of 5 Pin
Dileep7723-Nov-10 0:40
memberDileep7723-Nov-10 0:40 
GeneralMy vote of 5 Pin
RaviRanjankr22-Nov-10 18:23
memberRaviRanjankr22-Nov-10 18:23 
GeneralMy vote of 5 Pin
KunalChowdhury22-Nov-10 18:07
mentorKunalChowdhury22-Nov-10 18:07 
GeneralNice Info Pin
Cybercockroach22-Nov-10 17:57
memberCybercockroach22-Nov-10 17:57 
GeneralMy vote of 5 Pin
SledgeHammer0122-Nov-10 10:50
memberSledgeHammer0122-Nov-10 10:50 
GeneralRe: My vote of 5 Pin
DEVRAHUL28-Jun-12 20:21
memberDEVRAHUL28-Jun-12 20:21 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.151126.1 | Last Updated 28 Jun 2012
Article Copyright 2010 by Vineel Kumar Reddy Kovvuri
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid