HAL.DLL: The hardware abstraction layer, in through hal.dll, provides a standard interface for entities outside of HAL. The object that uses hal.dll does not need to be aware of the internal implementation of the driver. The value that hal.dll provides to the system is that the client objects that use hal.dll do not need to be concerned whether this version of windows is 32 bit or 64 bit.
Since HAL is loaded into kernel address and runs in kernel address space, its functions cannot be called by applications directly, they can only be called by the kernel and kernel mode device drivers. For example: The PCI kernel device drivers directly call the routines in hal.dll to access the I/O ports associated with the devices attached to the PCI.
HAL.DLL is a kernel mode dll that interfaces between ntoskrnl.exe and the drivers to the hardware, it also behaves as a device driver for the motherboard and it’s components that are not managed by a specific device driver.
If hal.dll is not found at this moment it clearly gives an error about the missing file.
The hal.dll has a counterpart in the linux/unix world known as the hal daemon, they both have the same name because of the same functionality of hardware abstract layering. The hardware abstraction layer allows generic read/write i.e. simpler function calls, to the hardware, possible. hal.dll is located in the C:\Windows\system32 folder.
NTOSKERNEL.EXE: NTOSKERNEL stands for NT Operating System Kernel, and it is exactly that, the Windows Kernel. The Windows Kernel
NTOSKRNL.EXE, the core file of the kernel-mode component of Windows NT, contains the Cache Manager, the Executive, the Kernel, the Security Reference Monitor, the Memory Manager, and the Scheduler, among other things, and is in charge of getting NT up and running. You may be surprised to know that it has a standard main(), like normal programs built in C, that is executed when it is loaded by the OSLOADER (WINLOAD.EXE):
//
// NTOSKRNL main
//
int main( boot parameters )
{
//
// Fire up NT!
//
KiSystemStartup();
return 0;
}
The WINDOWS REGISTRY Initialization
The Windows Registry is a database that stores configuration settings and options on Windows. It contains settings for low-level operating system components and for applications running on the platform that have opted to use the registry. The Registry is stored in binary format under C:\Windows\system32\config. Some of the components of the registry and their physical location are given below:
Windows Location
Registry Key
C:\Windows\system32\config \SAM
HKEY_LOCAL_MACHINE\SAM
C:\Windows\system32\config \SECURITY
HKEY_LOCAL_MACHINE\SECURITY
C:\Windows\system32\config \SOFTWARE
HKEY_LOCAL_MACHINE\SOFTWARE
C:\Windows\system32\config \SYSTEM
HKEY_LOCAL_MACHINE\SYSTEM
C:\Windows\system32\config \DEFAULT
HKEY_USERS\.DEFAULT
The content under HKEY_USERS/<User_ID> is loaded from the c:\Users folder.
歡迎光臨 艾歐踢論壇 (http://www.iot.idv.tw/ucenter/) | Powered by Discuz! X3.2 |