Category: At least Windows Vista

This policy setting allows you to configure the recovery behavior for corrupted files to one of three states:Regular: Detection troubleshooting and recovery of corrupted files will automatically start with a minimal UI display. Windows will attempt to present you with a dialog box when a system restart is required. This is the default recovery behavior for corrupted files. Silent: Detection troubleshooting and recovery of corrupted files will automatically start with no UI. Windows will log an administrator event when a system restart is required. This behavior is recommended for headless operation. Troubleshooting Only: Detection and troubleshooting of corrupted files will automatically start with no UI. Recovery is not attempted automatically. Windows will log an administrator event with instructions if manual recovery is possible. If you enable this setting the recovery behavior for corrupted files will be set to either the regular (default) silent or troubleshooting only state. If you disable this setting the recovery behavior for corrupted files will be disabled. No troubleshooting or resolution will be attempted. If you do not configure this setting the recovery behavior for corrupted files will be set to the regular recovery behavior. No system or service restarts are required for changes to this policy to take immediate effect after a Group Policy refresh. Note: This policy setting will take effect only when the Diagnostic Policy Service (DPS) is in the running state. When the service is stopped or disabled system file recovery will not be attempted. The DPS can be configured with the Services snap-in to the Microsoft Management Console.

Disabling heap termination on corruption can allow certain legacy plug-in applications to function without terminating Explorer immediately although Explorer may still terminate unexpectedly later.

This policy setting turns on logging. If you enable or do not configure this policy setting then events can be written to this log. If the policy setting is disabled then no new events can be logged. Events can always be read from the log regardless of this policy setting.

This policy setting specifies the maximum size of the log file in kilobytes. If you enable this policy setting you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes) in kilobyte increments. If you disable or do not configure this policy setting the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.

This policy setting controls the location of the log file. The location of the file must be writable by the Event Log service and should only be accessible to administrators. If you enable this policy setting the Event Log uses the path specified in this policy setting. If you disable or do not configure this policy setting the Event Log uses the system32 or system64 subdirectory.

This policy setting controls Event Log behavior when the log file reaches its maximum size. If you enable this policy setting and a log file reaches its maximum size new events are not written to the log and are lost. If you disable or do not configure this policy setting and a log file reaches its maximum size new events overwrite old events. Note: Old events may or may not be retained according to the “Backup log automatically when full” policy setting.

This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string. If you enable this policy setting only users whose security descriptor matches the configured value can access the log. If you disable or do not configure this policy setting only system software and administrators can write or clear this log and any authenticated user can read events from it.