This policy setting allows you to configure scanning for packed executables. It is recommended that this type of scanning remain enabled. If you enable or do not configure this setting, packed executables will be scanned. If you disable this setting, packed executables will not be scanned. Counter Measure: Configure this setting depending on your organization's requirements. Potential Impact: Scanning can impact performance. Fix: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Scan\Scan packed executables (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Scan!DisablePackedExeScanning