Running the Windows Scheduler from a command prompt can elevate a user's rights.

1. Type command in the Run box.

2. Type at (timeafter1minhere) /interactive cmd.exe
(For Example: The SYSTEM CLOCK shows 8:42PM. I would type the time in the 24 hr format, like this:

at 20:43 /interactive cmd.exe

3. When the system clock goes to the next minute, another command prompt will appear. Don't Close/Close the first command prompt and open up the task manager. Go to the processes tab, click on explorer.exe and end that process. The taskbar and desktop will disappear. Do not panic! This is normal.

4. Type explorer.exe in the second command prompt. When you start any programs, you will be shown that you are currently logged in as NT AUTHORITY\SYSTEM when you click on processes tab in taskmanager or click on the start button. Now you have higher rights than administrator!

EDIT: Take note of STEP 3. Do NOT close the first command prompt if you want your original account back quickly.

You should be able to get back your original account after restarting your computer unless you did something wrong.

Getting your account back without restarting your computer:

Don't close the first command prompt. After messing around with your System account, open task manager again, end explorer.exe and then go to the first command prompt. Type explorer.exe, which launches the shell. Your login name should now be changed to your original name, instead of System.

The reason is that the 1st command prompt is still running under your name, because you started it before you have changed your account name to System. When you run explorer.exe, it follows the user who started the command prompt.

If you closed the command prompt, just restart your computer to get back to your original user account.

This post has been edited by ruijie: Dec 9 2006, 08:28 AM

I tried this out an noted one difference. Rather than gaining the id of NT AUTHORITY\SYSTEM, it was simply SYSTEM, although this could depend on which version of Windows is running. This can be a minor security threat, but really only if you let computer savvy people you don't trust use your computer. It would be very difficult to exploit via a network. And it is possible to disable access to the command prompt for users without certain privileges, which prevents them from gaining more rights.

~Viz

This is a security threat. It should be reported.

However, I cannot get my user account back to normal Administrator status now. HELP!!!
Do not try this unless you want to be stuck in a weird user account. I am now stuck and might have to create a new user!

You should have warned people first.

Logout and then back or in or restart to reset the priveleges.

~Viz

In the Processes Tab and start menu, it shows System but if you run the GUI Task Schduler, your user name is not \\Computernamehere\System, but NT AUTHORITY\SYSTEM, and if you end one of the svchost process (the remote call producure one), which runs as system, it will show a shutdown dialog box initiated by
NT Autority\System. Quickly open the run box and type shutdown -a to abort the shutdown.

I did restart the system. My user account is back to my name now, but the privilege has not returned to normal. Also, the frequently used programs on the Start Menu is cleared and doesn't work anymore, no programs appear there now except my Internet Browser and Email Client.

Any tips on how to fix this?

Have you tried to kill svchost.exe as suggested above?

xboxrulz

And if that doesn't work, use system restore. System restore should reset user accounts to the state they were in at the restore point, I believe.

~Viz