ntoskrnl.exe

ntoskrnl.exe: ntoskrnl.exe (and ntkrnlpa.exe on systems with Physical Address Extension support) is the kernel image for the family of Microsoft Windows NT operating systems. It provides the Kernel and Executive layers of the Windows NT kernel space, and is responsible for various system services such as hardware virtualization, process and memory management, etc., thus making it a fundamental part of the system. It contains the Cache Manager, the Executive, the Kernel, the Security Reference Monitor, the Memory Manager, and the Scheduler, among other things.^[1]

Contents

1 Startup

2 Names of kernel

3 Notes

4 See also

Startup

This system binary is not a Native Application (in that it is not linked against ntdll.dll), instead containing a standard main entry point, a stub that calls the kernel initialization function but is unused as the OS loader (internal symbol OSLOADER) calls KiSystemStartup directly.

// // NTOSKRNL main // int __cdecl main(IN PLOADER_PARAMETER_BLOCK LoaderBlock) { // // Fire up NT! // KiSystemStartup(LoaderBlock); return 0; }

While ntoskrnl.exe is not linked against ntdll.dll, it is linked against bootvid.dll, hal.dll and kdcom.dll. Because it requires a static copy of C Runtime objects it depends on, the executable is usually about 2MB in size.

Names of kernel

NTOSKRNL.EXE : 1 CPU

NTKRNLMP.EXE : N CPU SMP

NTKRNLPA.EXE : 1 CPU, PAE

NTKRPAMP.EXE : N CPU SMP, PAE

Notes

^ Russinovich, M: Systems Internals Tips and Trivia, SysInternals Information

See also

Architecture of Windows NT

Windows NT Startup Process

Inside the Windows Vista Kernel (TechNet Magazine)

v · d · eMicrosoft Windows components

Core

Active Scripting (WSH · VBScript · JScript) · Aero · AutoPlay · AutoRun · ClearType · COM (ActiveX · ActiveX Document · COM Structured storage · DCOM · OLE · OLE Automation · Transaction Server) · Desktop Window Manager · DirectX · Explorer · Graphics Device Interface · Imaging Format · .NET Framework · Search (IFilter · Saved search) · Server Message Block · Shell (Extensions · File associations · Namespace · Special Folders) · Start menu · Previous Versions · Taskbar · Windows USER · Win32 console · XML Paper Specification

Management tools

Backup and Restore Center · cmd.exe · Control Panel (Applets) · Device Manager · Disk Cleanup · Disk Defragmenter · Driver Verifier · Event Viewer · IEAK · IExpress · Management Console · Netsh · Problem Reports and Solutions · Resource Monitor · ‎Sysprep · System Policy Editor · System Configuration · Task Manager · System File Checker · System Restore · WMI · Windows Installer · Windows PowerShell · Windows Update · WAIK · WinSAT · Windows Easy Transfer

Applications

Calculator · Character Map · Contacts · DVD Maker · Fax and Scan · Internet Explorer · Journal · Magnifier · Media Center · Media Player · Mobile Device Center · Mobility Center · Narrator · Notepad · Paint · Windows Photo Viewer · Private Character Editor · Remote Assistance · Windows Desktop Gadgets · Snipping Tool · Sound Recorder · Store · Speech Recognition · Tablet PC Input Panel · WordPad · Portable Workspace Creator

Games

3D Pinball for Windows - Space Cadet · Chess Titans · FreeCell · Hearts · Hover! · Hold 'Em – Inkball · Mahjong Titans · Minesweeper · Purble Place · Reversi · Solitaire · Spider Solitaire · Microsoft Tinker

Kernel

Ntoskrnl.exe · hal.dll · System Idle Process · Registry · DLL · EXE · NTLDR / Boot Manager · Winlogon · Recovery Console · I/O · WinRE · WinPE · Kernel Patch Protection

Services

SCM · BITS · Task Scheduler · Wireless Zero Configuration · Shadow Copy · Error Reporting · Multimedia Class Scheduler · CLFS

File systems

NTFS (Hard link · Junction point · Mount Point · Reparse point · Symbolic link · TxF · EFS) · WinFS · FAT (FAT12 · FAT16 · FAT32) · exFAT · CDFS · UDF · DFS · IFS

Server

Domains · Active Directory · DNS · Group Policy · Roaming user profiles · Folder redirection · Distributed Transaction Coordinator · MSMQ · Windows Media Services · Rights Management Services · IIS · Terminal Services · WSUS · Windows SharePoint Services · Network Access Protection · PWS · DFS Replication · Remote Differential Compression · Print Services for UNIX · Remote Installation Services · Windows Deployment Services · System Resource Manager · Hyper-V

Architecture

NT series architecture · Object Manager · Startup process (Vista/7) · I/O request packet · Kernel Transaction Manager · Logical Disk Manager · Security Accounts Manager · Windows File Protection / Windows Resource Protection · Windows library files · LSASS · CSRSS · SMSS · MinWin

Security

Action Center · BitLocker · Defender · Data Execution Prevention · Mandatory Integrity Control · Protected Media Path · User Account Control · User Interface Privilege Isolation · Windows Firewall

Compatibility

command.com · Interix · Unix subsystem (Microsoft POSIX) · Virtual DOS machine · Windows on Windows · Windows XP Mode · WoW64

Categories:
Microsoft Windows stubs
Windows NT kernel

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

Ntoskrnl.exe — (and ntkrnlpa.exe on systems with Physical Address Extension support) is the kernel image for the family of Microsoft Windows NT operating systems. It provides the Microkernel and Executive layers of the Windows NT kernel space, and is… … Wikipedia
Ntoskrnl.exe — (y ntkrnlpa.exe en sistemas con soporte de extensión de dirección física) es la imagen del kernel para la familia de sistemas operativos Microsoft Windows NT. Proporciona el núcleo y las capas del núcleo de Windows NT, y es responsable de… … Wikipedia Español
Ntoskrnl.exe — (сокр. от англ. NT OS kernel «ядро операционной системы NT») файл ядра операционных систем семейства Windows NT (NT 4.0, 2000 … Википедия
Ntoskrnl.exe — Noyau Windows NT Le noyau de Windows NT est le composant Microsoft qui assure l accès sécurisé des différentes tâches de Windows à la couche du matériel (Hardware abstraction layer). Sur un système 32 bits classique monoprocesseur, le noyau s… … Wikipédia en Français
Ntoskrnl — Ntoskrnl.exe файл ядра операционных систем семейства Windows NT (NT 4.0, 2000, XP, 2003, Vista, 2008). Данный файл запускается загрузчиком ядра NTLDR. Различают 4 версии ядра: ntoskrnl.exe однопроцессорное ядро Windows; ntkrnlmp.exe… … Википедия
Ntoskrnl — Noyau Windows NT Le noyau de Windows NT est le composant Microsoft qui assure l accès sécurisé des différentes tâches de Windows à la couche du matériel (Hardware abstraction layer). Sur un système 32 bits classique monoprocesseur, le noyau s… … Wikipédia en Français
Cmd.exe — У этого термина существуют и другие значения, см. Cmd. cmd.exe Windows после запуска Cmd.exe интерпретатор командной строки (англ. command line interpreter) для операционных сис … Википедия
svchost.exe — в семействе операционных систем Microsoft Windows (2000, XP, Vista, Seven) главный процесс (англ. Host process) для служб, загружаемых из динамических библиотек. Использование единого процесса для работы нескольких сервисов позволяет… … Википедия
Svchost.exe — в семействе операционных систем Microsoft Windows (2000, XP, Vista, Seven) главный процесс (англ. Host process) для … Википедия
Rundll32.exe — Хост процесс Windows (Rundll32) компонент операционных систем семейства Microsoft Windows, запускающий программы, находящиеся в динамически подключаемых библиотеках … Википедия

Academic Dictionaries and Encyclopedias

ntoskrnl.exe

Contents

Startup

Names of kernel

Notes

See also

Look at other dictionaries:

Share the article and excerpts

Academic Dictionaries and Encyclopedias

Wikipedia

ntoskrnl.exe

Contents

Startup

Names of kernel

Notes

See also

Look at other dictionaries:

Share the article and excerpts

Direct link