Where can i find some good documentation(tutorial/book) on windows(NT family) internal structure.
I don't mean the typical system programming texts about internal system objects and memory managment but something that would clarify the structure of the OS,like where the windows kernel part resident,what happens step-by-step when a windows system boots up,what's the importance of the major system files etc
Windows systems seem really chaotic.
In the linux world people can find text like "From?PowerUp?To?Bash?Prompt?HOWTO" but i have never seen yet such text for windows.
A lot of texts analyze how works a windows system after it's loaded but dont go very deep on how it gets loaded.
You can find a lot of info on how threads are scheduled but not
which module does the job and where is it in the hard disk.
Thanks

(I know that this is not a pure assembly topic but is related to win32asm)
Posted on 2003-01-08 01:09:27 by ellostron
sysinternals, perhaps?
Posted on 2003-01-08 02:28:57 by dion
Look for the books&articles of Matt Pietrek.

Regards,

Vortex
Posted on 2003-01-08 03:16:46 by Vortex
AFAIK there are only two, but very good, books about windows internals.

1. Inside Microsoft Windows 2000

2. Undocumented Windows 2000 Secrets

Home by Sven B. Schreiber

To fetch many nondocumented structs, func, vars etc... from M$ Debug Symbols use PdbDump
Posted on 2003-01-08 04:44:45 by Four-F
This book is a little outdated, but yet has usefull info:

Undocumented Windows NT

There are interesting things in EliCZ page:

Undocumented structures.
Native API.
Driver Skeleton.
Posted on 2003-01-10 00:54:12 by n u M I T_o r