ntoskrnl.exe... unknown for MS?

Hi All,

Just hours ago Windows Defender (Windows 8 ) "detected" and asked for my permission to send to Microsoft for analysis the "unknown to them" system file "ntoskrnl.exe" (NT kernel & system type) located at C:\Windows\System32. Needless to say this is way strange since it is a system file, however on the file properties it says it was created just yesterday Feb.12th so I thought it's because the latest MS updates installed yesterday. HitmanPro, Avira, Kaspersky TDSSKiller and F-Secure didn't find anything. Is it something to be concerned about? Thanks.

 

Yeah, I think it's from the Windows Updates that day. As long as it's digitally signed by Microsoft, I wouldn't worry too much about it.

On my Win 8 64 bit system, I also have ntoskrnl.exe at C:\Windows\System32 that says it was created on Tuesday, ‎February ‎12, ‎2013, ‏‎4:27:19 PM

SHA-1 file hash is 5AD42FBF655A0034D502AB17FDA2ACCBECC747D2
Windows Defender isn't giving any prompts though.

 

Thanks for your input. I think so as well, I haven't received reply from MS's MPC so far, so I'll assume it was a WD hiccup because of the newest updates.

What concerned me a bit was the WD message saying that system app was not recognized and prompted me to have it sent to them for analysis

 

This ntoskrnl.exe hooks into everything, kernal level too. I'm using PChunter and I'm seeing all kinds of hooks.

What is it?

 

According to Wikipedia: