1

The cause

So, I did a stupid and executed an infected exe. Immediately my PC started acting up, all sorts of applications were installing, ads were popping up, you name it. I quickly started a Windows Defender scan but 10 seconds later a notification popped up that Windows Defender was disabled by group policy.

The clean up

I managed to download and run Malwarebytes which as far as I know cleaned up most of it. I had to change the HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender key in the registry to enable Windows Defender again. And after a little bit of cleaning up I think my PC is clean again.

My question

However, my Settings > Updates & security > Windows Defender menu still says "some settings are managed by your organization".

I can turn on or off Windows Defender, but the two options below it "Cloud Protection" and "Automatic Sample submission" are greyed out. Any idea on how to get rid of that and make sure nothing else was changed?

I've tried looking around in gpedit.msc as some posts suggested but could not find anything regarding those two settings.

My Settings screen

Improve this question
6
  • The message indicates those are also controlled by Group Policy settings.
    – Daniel B
    Commented Aug 24, 2016 at 16:13
  • Yep, but any idea on where to find those? I've been looking around in gpedit.msc but none of the posts I could find talk about cloud protection and sample submission.
    – s1h4d0w
    Commented Aug 24, 2016 at 16:14
  • Look under "Computer Configuration / Administrative Templates / Windows Components / Windows Defender"
    – Ƭᴇcʜιᴇ007
    Commented Aug 24, 2016 at 16:20
  • 1
    That would be my guess, too. However, I have the same behavior and no options set. I did however use O&O ShutUp 10 to disable some stuff. The program can also revert those settings, so maybe it also applies here.
    – Daniel B
    Commented Aug 24, 2016 at 16:21
  • @Ƭᴇcʜιᴇ007 I did do that, it all has a Not configured state, so as far as I know nothing in there was changed. The comments are also all no
    – s1h4d0w
    Commented Aug 24, 2016 at 16:33

2 Answers 2

Reset to default
0

User @DanielB posted about O&O ShutUp 10 which is an application that stops communication to Microsoft by changing your Windows settings.

After installing and opening it I got a nice overview of my options. After fiddling around with it I found the Undo all changes (factory reset) button which fixed my problem!

Improve this answer
0

I had the same problem and I faced it today only here's the thing which you can do for your PC now.

  • First of all open your group policy editor
  • then in computer configuration go to administrative
  • in that click on Windows component and search for windows defender

  • after that click on maps and you will find two options:

    • one is join Microsoft maps
    • and second is send file samples

When further analysis is required 1 by 1 double tap on both the options and select it to disable then click ok and restart your computer.
After that you will see that your error will be gone from Windows Defender and now again repeat the process but this time click the option not configured instead of disable and again restart.
And your problem is solved now.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .