Many Windows system files and registry keys are owned by the
SYSTEM (a.k.a LocalSystem) account, which has a high privilege level. If you need to modify a registry key owned by the
SYSTEM account, there are at least two options.
The first option that comes to your mind is to take ownership of the corresponding registry key, assign yourself Full Control permissions. Once the registry key or the values are updated, revert the permissions and ownership to
There is, however, an easier option. You can run the program — e.g., the Command Prompt or the Registry Editor under the
SYSTEM or LocalSystem account directly and update the registry values.
This article lists five different methods using which you can run programs under the
SYSTEM or LocalSystem account in any version of Windows, including Windows 10. You can also add a Run as SYSTEM right-click menu option for .exe files.
Run a program under the SYSTEM account using:
Before proceeding, understand that the terms
NT AUTHORITY\SYSTEM are one and the same.
How to Run Programs as SYSTEM (LocalSystem account)
To run a program under the
SYSTEM account, use one of the following tools:
PsExec.exe console tool from Microsoft’s Windows Sysinternals to run a program under the SYSTEM context. Follow these instructions:
- Download PsExec from Microsoft Sysinternals.
- Unzip and extract the tool to a permanent folder — e.g.,
- Open an elevated or admin Command Prompt window.
- To start the Registry Editor under the SYSTEM account, type the following command, and press ENTER:
d:\tools\psexec.exe -sid c:\windows\regedit.exe
PsExeccommand-line starts the Registry Editor under
LOCALSYSTEMaccount so that you can modify protected areas in the registry.
Note: If you run Command Prompt (
cmd.exe) under the
SYSTEMaccount, it spawns a new Command Prompt window. And, any program you launch from that Command Prompt window would run under the
SYSTEM(LocalSystem) account, which is a high privileged account. You must be cautious when running programs under the SYSTEM account so that you don’t accidentally run an undesired program as
- In the Registry Editor window, go to the desired registry key and modify the values you want.
- Exit the Registry Editor.
AdvancedRun is a simple tool for Windows that allows you to run a program with different settings that you choose, including – low or high priority, start directory, main window state (Minimized/Maximized), run the program with different user or permissions, Operating system compatibility settings, and environment variables. You can also save the desired settings into a configuration file and then run the program automatically from command-line with the desired settings.
Using Advanced Run, you also launch a program under
SYSTEM or a different user context.
Type in the program name to run and choose
SYSTEM user in the Run As dropdown box, and click Run.
You can also create a desktop shortcut to run a program as SYSTEM. Here is the command-line syntax you use:
AdvancedRun.exe /EXEFilename "C:\Windows\regedit.exe" /RunAs 4 /Run
/RunAs 4 instructs to start the program under the LocalSystem account. The possible value data for the
/RunAs switch are below:
1– Run as current user (elevate)
2– Run as current user (no elevation)
3– Run as Administrator (force elevation)
4– Run as SYSTEM
8– Run as TrustedInstaller
This starts the program under the LocalSystem account, which you can verify in the Task Manager Details tab.
Run as SYSTEM via the right-click menu
To launch a program under the SYSTEM account (with Advanced Run) from the right-click context menu, make a .reg file from the following contents and run the file.
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\exefile\shell\runassystem] @="Run as SYSTEM" [HKEY_CLASSES_ROOT\exefile\shell\runassystem\command] @="d:\\tools\\AdvancedRun.exe /EXEFilename \"%1\" /RunAs 4 /Run"
Change the path to AdvancedRun.exe in the .reg file if necessary.
This adds the
Run as SYSTEM command to the right-click menu for .exe files and its shortcuts.
NirCmd can start a program elevated as well as launch it under the
Use this command-line to start the Registry Editor elevated and under the
nircmd.exe elevatecmd runassystem c:\windows\regedit.exe
Context menu implementation
Make a .reg file from the following contents and run the file.
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\exefile\shell\runassystem] @="Run as SYSTEM" [HKEY_CLASSES_ROOT\exefile\shell\runassystem\command] @="d:\\tools\\nircmd.exe elevatecmd runassystem \"%1\""
RunAsSystem (from Uwe Sieber) is a console tool that launches a program under the SYSTEM account or context. It also passes the window style and its process priority to the executed process by default. You can override the window size as well as the child process priority using command-line arguments. Uwe Sieber is the one who developed the famous USB Drive Letter Manager program.
It waits for the started process to end and then passes back its return code (aka errorlevel). However, in a batch file, you have to add
RunAsSystem [-min|-max|-normal|-noact|-hid] [-low|-below|-normal|-above|-high] "executable" [params for executable]
RunAsSystem "C:\Windows\notepad.exe" RunAsSystem "%windir%\regedit.exe" RunAsSystem "%windir%\System32\cmd.exe" /k dir /s "C:\System Volume Information"
Context menu implementation
Make a .reg file from the following contents and run the file.
Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\exefile\shell\runassystem] @="Run as SYSTEM" [HKEY_CLASSES_ROOT\exefile\shell\runassystem\command] @="d:\\tools\\RunAsSystem.exe \"%1\""
The above .reg file adds a Run as SYSTEM command in the right-click menu for .exe files. The .reg file assumes that the file
RunAsSystem.exe is placed under the
d:\tools folder. If not, alter the path accordingly in the .reg file.
NSudo (GitHub) is a similar portable utility like Advanced Run, except that NSudo is not digititally signed. NSudo can launch programs under SYSTEM, Current User, Current Process, or the TrustedInstaller account. We’ve earlier seen how to use NSudo to launch programs as TrustedInstaller.
Select the mode (System) from the dropdown, type in the executable path, and click Run.
Optionally, you can also add a predefined set of programs or commands in the Open: drop-down list box by editing the file named
NSudo.json located in the same folder as the executable.
To run a program under the SYSTEM context using NSudo command-line, use this syntax:
NSudo -U:S c:\windows\system32\cmd.exe
See below for the full list of command-line arguments supported by this utility.
NSudo : Command-line support
NSudo version 6.2.1812.31 -U:[ Option ] Create a process with specified user option. Available options: T TrustedInstaller S System C Current User P Current Process D Current Process (Drop right) PS: This is a mandatory parameter. -P:[ Option ] Create a process with specified privilege option. Available options: E Enable All Privileges D Disable All Privileges PS: If you want to use the default privileges to create a process, please do not include the "-P" parameter. -M:[ Option ] Create a process with specified Integrity Level option. Available options: S System H High M Medium L Low PS: If you want to use the default Integrity Level to create a process, please do not include the "-M" parameter. -Priority:[ Option ] Create a process with specified [rocess priority option. Available options: Idle BelowNormal Normal AboveNormal High RealTime PS: If you want to use the default Process Priority to create a process, please do not include the "-Priority" parameter. -ShowWindowMode:[ Option ] Create a process with a specified window mode option. Available options: Show Hide Maximize Minimize PS: If you want to use the default window mode to create a process, please do not include the "-ShowWindowMode" parameter. -Wait Make NSudo wait for the created process to end before exiting. PS: If you don't want to wait, please do not include the "-Wait" parameter. -CurrentDirectory:[ DirectoryPath ] Set the current directory for the process. PS: If you want to use the NSudo's current directory, please do not include the "-CurrentDirectory" parameter. -UseCurrentConsole Create a process with the current console window. PS: If you want to create a process with the new console window, please do not include the "-UseCurrentConsole" parameter. -Version Show version information of NSudo. -? Show this content. -H Show this content. -Help Show this content. Context Menu: -Install : Copy NSudo to the Windows directory and add the context menu. -Uninstall : Remove NSudo in the Windows directory and the context menu. PS: 1. All NSudo command arguments is case-insensitive. 2. You can use the "/" or "--" override "-" and use the "=" override ":" in the command line parameters. For example, "/U:T" and "-U=T" are equivalent. 3. To ensure the best experience, NSudoC does not support context menu. Example: If you want to run Command Prompt with TrustedInstaller, enable all privileges and the default Integrity Level. NSudo -U:T -P:E cmd
Context menu addition
- Run NSudo with
-Installparameter. It copies NSudo to the Windows directory and adds the context menu.
- To remove the context menu, run NSudo with the
-Uninstallparameter. It removes NSudo from the Windows directory and the context menu.
Editor’s Pick: Advanced Run for GUI (and CLI), and PsExec for CLI.
One small request: If you liked this post, please share this?One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:
- Pin it!
- Share it to your favorite blog + Facebook, Reddit
- Tweet it!
About the author
Ramesh Srinivasan founded Winhelponline.com back in 2005. He is passionate about Microsoft technologies and he has been a Microsoft Most Valuable Professional (MVP) for 10 consecutive years from 2003 to 2012.