Category: At least Windows Server 2012, Windows 8 or Windows RT

This policy setting allows you to configure heuristics. Suspicious detections will be suppressed right before reporting to the engine client. Turning off heuristics will reduce the capability to flag new threats. It is recommended that you do not turn off heuristics. If you enable or do not configure this setting heuristics will be enabled. If you disable this setting heuristics will be disabled.

This policy setting allows you to configure scanning for packed executables. It is recommended that this type of scanning remain enabled. If you enable or do not configure this setting packed executables will be scanned. If you disable this setting packed executables will not be scanned.

This policy setting allows you to manage whether or not to scan for malicious software and unwanted software in the contents of removable drives such as USB flash drives when running a full scan. If you enable this setting removable drives will be scanned during any type of scan. If you disable or do not configure this setting removable drives will not be scanned during a full scan. Removable drives may still be scanned during quick scan and custom scan.

This policy setting allows you to configure reparse point scanning. If you allow reparse points to be scanned there is a possible risk of recursion. However the engine supports following reparse points to a maximum depth so at worst scanning could be slowed. Reparse point scanning is disabled by default and this is the recommended state for this functionality. If you enable this setting reparse point scanning will be enabled. If you disable or do not configure this setting reparse point scanning will be disabled.

This policy setting allows you to create a system restore point on the computer on a daily basis prior to cleaning. If you enable this setting a system restore point will be created. If you disable or do not configure this setting a system restore point will not be created.

This policy configures Windows software trace preprocessor (WPP Software Tracing) components.

This policy allows you to configure tracing levels for Windows software trace preprocessor (WPP Software Tracing). Tracing levels are defined as:1 – Error2 – Warning3 – Info4 – Debug

This policy setting allows you to manage whether or not end users can pause a scan in progress. If you enable or do not configure this setting a new context menu will be added to the task tray icon to allow the user to pause a scan. If you disable this setting users will not be able to pause scans.

This policy setting allows you to configure the maximum directory depth level into which archive files such as . ZIP or . CAB are unpacked during scanning. The default directory depth level is 0. If you enable this setting archive files will be scanned to the directory depth level specified. If you disable or do not configure this setting archive files will be scanned to the default directory depth level.

This policy setting allows you to configure the maximum size of archive files such as . ZIP or . CAB that will be scanned. The value represents file size in kilobytes (KB). The default value is 0 and represents no limit to archive size for scanning. If you enable this setting archive files less than or equal to the size specified will be scanned. If you disable or do not configure this setting archive files will be scanned according to the default value.