Since this feature is mainly restricted to high-level Windows APIs, handling memory pools requires working through the kernel executive, Non-paged pools and paged pools are memory regions created by the Memory Manager during system startup, allowing kernel-mode components of the operating system to allocate memory. Both reside in the system address space and are mapped into the virtual address space of each process. The key distinction is that non-paged pools remain in physical memory at all times, while paged pools can be paged in and out of the system.NtosKrnl.exe, in kernel mode.