Archive

Archive for the ‘Security’ Category

Run A Process As NT AUTHORITY\SYSTEM

April 22nd, 2009 Prashanth Pai 3 comments

Who is NT AUTHORITY\SYSTEM ?

It is a built-in user account that is run on a Windows OS. It has powers even more than the Administrator account ! Using that account, one can gain complete control over everything. You can kill any stubborn process, make system wide changes etc. But, one cannot log in as NT AUTHORITY\SYSTEM. Windows doesn’t allow this and for a good reason coz malicious programs if run as NT AUTHORITY\SYSTEM, then it would be nothing less than a disaster!

Why should I become the NT AUTHORITY\SYSTEM ?

There are many rare instances when you will need to become the NT AUTHORITY\SYSTEM like in case you cannot end a virus process using Task Manager or from command line using taskkill even when the /f switch is used.

How can I become NT AUTHORITY\SYSTEM ?

Here is a little trick that allows you to gain system wide access as NT AUTHORITY\SYSTEM in XP. This won’t work in Vista. Read more…

Categories: How To, Security, Tutorial, Tweak Tags: , , ,

RegSwitch, TaskmgrSwitch, cmdSwitch VB Scripts

April 20th, 2009 Prashanth Pai No comments

A virus or trojan usually disables or blocks access to regedit, taskmgr and cmd. Whenever you access these disabled components, you’ll get a dialog box with messages like these :
“Registry editing has been disabled by your administrator” or
“Task Manager has been disabled by your administrator” or
“The command prompt has been disabled by your administrator”

Registry editing has been disabled by your administrator

Registry editing has been disabled by your administrator


Read more…

Categories: Security, Software, Tweak Tags: , , , , ,