For the info of folks watching this thread - essentially all that script does is "http://www.serenescreen.com" (with the appropriate amount of fiddling to get the environment right).
This is clearly done in "user" context, after a correct password has been supplied.
Ok, I have to ask: how does a process in the null session get a .js to launch in another session? It doesn't seem like that should even be
possible under Windows' security rules.
~Ralph S.