Windows main OS binary question

Home Forums Discussions General Windows main OS binary question

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • May 24, 2007 at 6:20 am #5098
    Deneb
    Participant

      Hello,

      is the ntoskrnl.exe the binary that’s running the “System” process of Windows OS? We need a procedure of validating the integrity of the windows OS “System” process… Which binaries need to be tested for verifying the “System” process integrity?

      May 24, 2007 at 7:39 am #6250
      Vadim Smirnov
      Keymaster

        Any kernel module can run a thread in the context of the system process, what integrity do you mean here?

        May 24, 2007 at 2:32 pm #6251
        Deneb
        Participant

          yeap, right, the sys process is loading drivers and so on… I think I will abandon the idea… the whole thing was about checking for microsoft signatures the main binary running the OS.

        • Author
          Posts
        Viewing 3 posts - 1 through 3 (of 3 total)
        • You must be logged in to reply to this topic.