First let me say that this happend in the end of 2015 but I had no time until now to type this in a clear text.
As a short preamble: In this story I will fix the common known "Windows 8.1 Online User Lockout". Which is caused by the fact that W8.1 has offline and online profiles. Which makes it sometimes impossible to log in an onlineaccount when your are offline. Which ist by the way the default setting. This solution maybe works for you if you have the same error caused by other reasons.
Windows never let you go...
I quit using windows for about 1 or 2 years. But my family and my girlfriends family still use Windows 7, 8, 8.1. And of course they ask me because I am in this field and all PC and OS are the same. I mean its just a computer with this switch to turn it on...right? This one day the sister of my girlfriend (lets name her Jane Doe here) asked me to help her with her laptop. Its a kind of crappy-hybrid-multitouch-machine form a local discounter. It has very small battery but is Ok in stationary use. What she asked me fore is:
- install an adblocker in Firefox
- clear the browserhistory which is full of pron by some reason....
- and install an antivirussystem
I accepted because I am a nice uy and seeing Jane with a PC is like see your grandma doing stuff. And quit Windows at 7 and never used 8 in any case.
The tasks
I don't use AV on my systems because I think you can avoid the most trouble when you are just careful[ARTIKEL]. Anyways she wanted a program and we choose Sophos Antivirus. It is provided by our universtiy and I installed it for my girlfriend, too. So less maintenance for me :). She gave me her machine and the password for her user login in left the place for a few hours. I thought this is a 1 hour job (slow downstream there) with some cups of coffee. First I uninstalled Avira Antivirus (Jane was unsatisfied with this). After that I deleted the browser history and intalled "Adblockplus". After a painful slow downlod of Sohpos I installed it.
At this point I have to tell you a little bit about Sophos. The benefit in security of this program is, that it blocks EVERYTHING. ALL applications and network traffic by deafult. The user is asked when an application needs acsess. After some time there is a withelist for all "good" programms and traffic on your PC.
Everything means Everything
After the installation Sophos asked me politly for a reboot to finish the installation. After the reboot I was not able to login. Win8.1 pretends to be online but showed and error: "This PC is offline. Please enter last used Password on this pc" (Or something like that) I started some research and found out that some profiles can only be acessed when there is internet connection. Up to this point I was not aware of the online/offline profiles in the newer Windows versions. My first guess was that Sophos locks all connections direct after boot. Because Jane has the default setup of an online account.
At this point I knew it was ma fault because I forget to check all possible variations. But why the heck is Microsoft intro.Butducing a online-only-thing. Of course to harvest data and all stuff form users. But seeting all this up by default is just a slap in the faces of all users.
But I broke it so I had to fix it. Some forums sggested to make a fresh Windows install. I can not imagine a world where this is the first suggestet solution to a problem. But I am sure Mircosoft can....After a short call Jane told me there is no important data on the harddrive, so I am free to fix it in any way.
--------------WARNING----------------------------WARNING----------------------------WARNING--------------
If you continue resding here and will try anthing of what I did you have to accept some risk:
- Loss of all your data
- Physical damage to your harddrive
- Void your warrenty by openinge the housing
- Loss of braincells and patencience caused by commen Windows rages
I can't take any responsibily for physical,mental or monetary damage caused by this manual/tutorial!!
--------------WARNING----------------------------WARNING----------------------------WARNING--------------
THIS solution maybe works for you if you have the same error caused by other reasons. The following is the whole story I expirenced to fix it. If you just want to fix it, you can extract the "fix"-parts from the story.
What is required: -locked w8.1 with acess to the HDD or SSD -Linux system live or a system you can hook up the drive -chntpw -ntfs-fix -maybe ntfs-3g drivers -patenice and some time -If you dont have acess to a linux system you can try this tool (I tried it too) [LINk pogotstick password tool]
WARNING: -remove hdd can void warrenty -loss of data -physical damage on the laptop
-This is what I tried out hat my girlfriends home: -Reset password (so I had 2 passwords for the maschine bt both didnt work out) -Plug a network cable in to make sure it has network acess (dont worked, maybe problem with router or cable) -Tether network form my mobile phone via Wlan and USB -Wlan dont worked -USB worked but 8.1 showed "Limited"-Acess to the internet. Seemes we had some network trouble. But remember in my gfs wifi all looks fine connect. -I could acess the router at my gfs place to check if the laptop got internet so I moved to my location- Any maybe MS locked the IP I used after to many login tries. -This is what i tried at my place -Connect to my wifi, Dont work. Wasent able to get in new wifi. I think it worked because at my gfs place the wifi-password was saved before the lockout. Same reason why it doesnt work with my phones wifi. -Plug in networkcable, "Limited"-Acess again -After this tries I decieded to try more of a brutal method. Means to reset the password with a Linux based solution: -Frist I tried to use "pogotstick password tool"[LINK] -First USB -Second burend CD -Both dont work because the laptop wasent able to boot on CD or USB drive. w8.1 makes it really complicate to boo form a device and I finallay faild. But this laptop ist akward in this way. You are not able to set a CD as boot device in the BIOS or change anything else there, like disable wifi by BIOS. W8.1 changed the way you can acess secure mode or boot on a device with its new tuned Recoverytool. Maybe I am to long out of windows to get it work but i way annoyed. Until this point i investet about 4 hours in this. -I thought about kill the OS and make it new. Got the GO fro the owner. But I dont want to use this last option for now -After some searching I found a tool called "chntpw" which is able to reset and unlock User and password unter Windows. -Took HHD out of laptop and put into my Desktop PC with arch linux -Mount HDD move to folder Windows/System32/config/ and run "sudo chntpw SAM" [LINK to tutorial I followed] -Didnt worked because the disk was mounted in read-only mode -try mount -o rw faild -mount with -v failed -I needed some time to figure out what is going on. I thought it is something with the ntfs fs on the disk. In the ast oi wasnt able to mount disks that are in a hibernated state. I friend of mine, sulami, gave me the hint to install the "ntfs-3g" driver for arch. After failed mount again it showed me the error that the drive is locked my hiberbate or fast-restart from w8.1. -Fast restart saves mascine state on drive and locks it[LINK]. Btw kills ssds fast. -I was able to fix this. After some googleing I found the tool "ntfs-fix", which is included under arch in the ntfs-3g driver -It clears the journal of ntfs and removes the hibernate state. -NOTICE: You need to crash the machine on the login screen to fix this. If you normally shut it down from the login screen this tool cant fix it.WARNING crash your maschine on own risk. Loss of data blabla etc. -Now I was able to use chntpw how it is discribed in the tutorial above. -I saw that Sophos created some Usergroups like "SpophosAdministraotr" and some more. I think that Spophos blocks ths internet for other user expect some like SophosAdministrator. -And I was only able to modify the local users and the onl ylocal user exists is the default Windows Administrator. I moved the User in all of the Spohos groups but it didnt solved the problem because the user "Adminstrator" dont shows up as a user in the login area. I wiped the Administraotr password to blank, too. -On second try I fiured out that the local user "Administrator" is disabled by default. With chntpw I was able to activate it. -On the login screen you have to press "ESC" (took me some time of key smashing to get it) and you can login as local admin. -I uninstalled Sophos and was able to login as the online user because all users have acess to the internet now. -Next thing is to go back to Avira (The owner wnats it, I dont use this kind of software) and change from online to offline user. Or maybe make a third user which is local. And demote the online User from administrator to normal user. Funny fact, the admin cant change the pw of the online user...how ever I dont care at this point.
Resumee: After 6 hours i was able to fix it. I would avoid Sophos as a Antvirussoftware for w8.1 because it is so powerful and locks all services out including the ones you need to log in. If it is MS fault or the one from Sophos I dont know. But after this I wont touch a w8.1 PC for a long time.