Windows Defender does a great job of protecting us from all sorts of malware. Sometimes, however, it gets a little too aggressive and quarantines a program that you happen to know is safe to use. Defender is not the only AntiVirus (AV) program that pops up these false positives. All of them try to err on the side of caution. In today’s example, we’ll be discussing one of NirSoft’s portable freeware utilities called Network Password Recovery. If you try to unZIP this file and run the program, Windows Defender will get very cranky indeed. It will quarantine the software without notice. Your file will basically disappear from sight. So, how do you restore a quarantined program? This Quick Tips article will show you how. Read on…
Note: This is a must-read if you are at all concerned about the safety of using NirSoft’s utilities and if you’d like to learn about all those free, portable goodies. Check out Jim Hillier’s excellent article, NirSoft: 200+ Free Portable Tools & Utilities. Now, if only Windows Defender would read that article, too…
Browsers Get Cranky, Too
Note: Click on any of the following images to enlarge them for easier reading.
Even trying to download Network Password Recovery coughed this up:
No, it doesn’t contain any malware. If you are following along and want to try out this useful software, then simply allow the download in the browser of your choice.
Oh, and I suppose I should tell you that if you follow this Network Password Recovery link, you will see this choice near the bottom of that page:
Choose the download that applies to your system.
7ZIP Got Cranky, too
When I tried to unZIP the downloaded file, Defender barged in and aborted the process. 7ZIP complained that it couldn’t complete the operation due to a virus. And guess what? The ZIP file was gone! Windows Defender had duly quarantined it without a hint of respect for me or my wishes.
This brings us to how to get it back.
Unquarantine That Quarantined File
- Use the Windows key + I to open Settings
- Choose Update & Security
- In the left panel, choose Windows Security
- In the right panel, choose Virus & threat protection
That should bring you here:
Click the link labeled, Protection history. The new window should look similar to this:
The Threat notification for the Nirsoft file should be right at the top of the list, it being the most recent file that Windows Defender attacked.
Expand it, then expand Actions, and then choose Restore. That should restore the ZIP file and you should now be able to extract it using your favorite archive manager.
I will presume you have successfully extracted the Nirsoft files. If you try to run the netpass-x**.exe file, then Windows Defender will once again defend you. It will quarantine that file and you will have to follow the above steps to restore it. Once you have done that, you will finally be able to run NetPass.
The whole reason I wanted to run this NetPass utility in the first place was to check out a huge Windows security hole I had heard about. Focus your peepers on this:
NetPass offers a lot of information here including the Password strength. What is important to note here is in the Password column. I have blurred my information here for obvious reasons but it might be a moot point.
If you use Autologin in Windows, then that strong password you worked so hard to create and remember is stored in plain text on your computer! Let that sink in for a moment.
If one of the many nefarious ones gets their grubby hands on your computer and knows where to look, they will have access to your entire Microsoft account and everything connected to it. Mindblowing!
This brings up a very good question. How is it that Microsoft fights so vigorously to stop you from using a perfectly harmless little utility while at the same time leaves a gaping security hole in its flagship operating system? Well, Microsoft, how do you respond? We’re waiting…
As always, if you have any helpful suggestions, comments or questions, please share them with us,