FYI : I have Windows-7 Ultimate Ver 6.1 Service-Pack 1.
There is a tools in the Windows-7 that called Resource Monitor . You can find it in C:\Windows\System32
directory or you also can simply run it via resmon.exe in the Run.
In the list of processes there is a process named System
and its PID is equal to 4
always.
If you right-click on it and click on Suspend Process
, your computer will hang, your mouse and keyboard will disable, and you have to turn restart your system to getting back to normal state.
In the Windows-8 even if you logged with a Administrator account, you can't suspend this process (System) and when you try to suspend it, you receive Access Denied
Q1: Why Microsoft corporation provide this capability for Administrator to suspend System Process? When we need to suspend it and make or system hang?!
Q2: Is there any way in Windows-7 to config the system so that even Administrator can not suspend this process?
If you think there is no way to do that, please read the below :
We can have a list of *.dll
files that are related to a process with below command in Command-Prompt :
>tasklist /FI "PID eq Number" /M
And you can have a list of PID numbers in the resmon.exe tool.(You can also use tasklist
command in Command-Line windows).
In my system PID of resmon.exe is 1728
(Its process name is perfmon).
Let see a list of .dll
files related to resmon.exe :
C:\Windows\system32>tasklist /FI "PID eq 1728" /M
Image Name PID Modules
========================= ======== ============================================
perfmon.exe 1728 ntdll.dll, kernel32.dll, KERNELBASE.dll,
ADVAPI32.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, ATL.DLL, ole32.dll, SHLWAPI.dll,
SHELL32.dll, OLEAUT32.dll, credui.dll,
Secur32.dll, SSPICLI.DLL, IMM32.DLL,
MSCTF.dll, comctl32.dll, uxtheme.dll,
dwmapi.dll, CRYPTBASE.dll, CLBCatQ.DLL,
wdc.dll, DUser.dll, pdh.dll, pdhui.dll,
COMDLG32.dll, ODBC32.dll, wevtapi.dll,
VERSION.dll, PLA.dll, tdh.dll, NSI.dll,
IPHLPAPI.DLL, WINNSI.DLL, WINSTA.dll,
UTILDLL.dll, SETUPAPI.dll, CFGMGR32.dll,
DEVOBJ.dll, NETAPI32.dll, netutils.dll,
srvcli.dll, wkscli.dll, LOGONCLI.DLL,
BROWCLI.DLL, SAMCLI.DLL, WTSAPI32.dll,
VDMDBG.dll, odbcint.dll, DUI70.dll,
xmllite.dll, OLEACC.dll, FirewallAPI.dll,
profapi.dll, WS2_32.dll, msxml3.dll,
ntmarta.dll, WLDAP32.dll, Perfctrs.dll,
perfdisk.dll, mswsock.dll, DNSAPI.dll,
dhcpcsvc6.DLL, dhcpcsvc.DLL, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, pcwum.dll,
rasadhlp.dll
C:\Windows\system32>
Note : You have to run Command-Prompt as Administrator
Q3: If I copy the above .dll
files from Windows-8 directory and replace Windows-7 .dll
files with them, does windows-7 will behave like Windows-8? (Prevent suspending System process)
Note: Assume that we use a live windows CD and a flash memory to Replace dll files. (Normally Windows-7 don't let you to replace .dll
files)
Really appreciate your time and consideration :)
System
process is basically the operating system itself. As to why you can suspend it, only Microsoft can answer. Usually Windows tries to prevent users from doing harmful things, but it doesn't always succeed: users will eventually find new ways to break the system, be it intentionally or by mistake. Some people dislike a babysitting system, others don't; you can't really please both. No matter what method you use, copying Windows 8 system files over Windows 7 ones is a probably good idea if you want to make it unusable. Also, please avoid asking multiple questions in a single post.