Proceed with caution if you are not one to regularly change the registry as system damage can occur. To complete this same process in that situation involves a registry modification. If you are running an OS higher than Windows 7, you will NOT see the above message, rather you will see an error message. To prevent this, do what you need to do in this window and then exit to get back to your familiar desktop. If you leave this window up for several minutes, you will end up getting logged off. Once again, verify your status with the whoami command and see that you are once again wielding the awesome power of the SYSTEM account. Select ‘View the message’ and your desktop briefly disappears and the screen is blank except for your new command prompt window. If you are running Windows 7, this will cause an icon to appear on your taskbar demanding your attention. Now to start the service: sc start cmdsvc In this command, the service name is cmdsvc.
The word after ‘create’ is what you have named your new service – feel free to give it any (unused) name you desire. Sc create cmdsvc binpath= “cmd /K start” type= own type= interact It involves creating a test service (to be used just for the purpose of creating the CMD window with the SYSTEM credentials) and then starting this service. The second method may be to your liking as well.
My current box has no services running that are unstoppable, but figure 3 demonstrates where you to look to see it. Notice that you now can type commands as if you are SYSTEM! Feel the power! For example, using the sc command, check for a service that is listed as UNSTOPPABLE and disable it (it will likely still not allow you to stop it directly, but disabling it and rebooting accomplishes the same task). However, note which user account holds sway within this window (Figure 2 below): This will open a new command prompt window which doesn’t look all that impressive on the surface. If you want to take a look at your options, type psexec /?. Launch CMD as an administrator and navigate to the folder where you unzipped PsTools.zip. Once you have downloaded this and extracted it to a folder, you can proceed to the next step.
The first method requires the installation of PsExec, which is a component of the PsTools download provided by Mark Russinovich PsExec v2.11. Warning aside, with this power you can debug scripts that aren’t functioning correctly, stop unstoppable services (sound like a Superman reference), and many other tasks which are not ordinarily available to the Administrator account. Typing commands that may cause you to drop out of your support plan with Microsoft is not a career-extending activity, so I suggest trying this out in a test environment where collateral damage is minimized. You have enough power to actually damage the OS, which also means one should take great care when exercising this power. “I am already an administrator and I have all the power.” Dismayingly this is not true – the SYSTEM account is even more powerful than the Administrator account.
It applies to Windows 7/8 and Server 2008/2012 ( Windows 10 has a slightly different method). That is not to say you can’t do this in previous versions of Windows, but in earlier versions it was much easier to accomplish what you are about to see. This blog explores two ways to launch a command prompt as user SYSTEM in Windows.