Category: At least Windows Server 2012, Windows 8 or Windows RT

This policy setting allows you to specify the time of day at which to check for definition updates. The time value is represented as the number of minutes past midnight (00:00). For example 120 (0x78) is equivalent to 02:00 AM. By default this setting is configured to check for definition updates 15 minutes before the scheduled scan time. The schedule is based on local time on the computer where the check is occurring. If you enable this setting the check for definition updates will occur at the time of day specified. If you disable or do not configure this setting the check for definition updates will occur at the default time.

This policy setting allows you to configure the antimalware service to receive notifications to disable individual definitions in response to reports it sends to Microsoft MAPS. Microsoft MAPS uses these notifications to disable definitions that are causing false positive reports. You must have configured your computer to join Microsoft MAPS for this functionality to work. If you enable this setting or do not configure the antimalware service will receive notifications to disable definitions. If you disable this setting the antimalware service will not receive notifications to disable definitions.

This policy setting allows you to define the number of days after which a catch-up definition update will be required. By default the value of this setting is 1 day. If you enable this setting a catch-up definition update will occur after the specified number of days. If you disable or do not configure this setting a catch-up definition update will be required after the default number of days.

This policy setting allows you to specify an interval at which to check for definition updates. The time value is represented as the number of hours between update checks. Valid values range from 1 (every hour) to 24 (once per day). If you enable this setting checks for definition updates will occur at the interval specified. If you disable or do not configure this setting checks for definition updates will occur at the default interval.

This policy setting allows you to manage whether a check for new virus and spyware definitions will occur immediately after service startup. If you enable this setting a check for new definitions will occur after service startup. If you disable this setting or do not configure this setting a check for new definitions will not occur after service startup.

This policy setting configures a local override for the configuration to join Microsoft MAPS. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

This policy setting customize which remediation action will be taken for each listed Threat ID when it is detected during a scan. Threats should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid Threat ID while the value contains the action ID for the remediation action that should be taken. Valid remediation action values are:2 = Quarantine3 = Remove6 = Ignore

This policy setting allows you to configure UNC file share sources for downloading definition updates. Sources will be contacted in the order specified. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources. For example: “{ -> -> unc1 | -> -> unc2 }”. The list is empty by default. If you enable this setting the specified sources will be contacted for definition updates. Once definition updates have been successfully downloaded from one specified source the remaining sources in the list will not be contacted. If you disable or do not configure this setting the list will remain empty by default and no sources will be contacted.

This policy setting allows you to configure the automatic scan which starts after a definition update has occurred. If you enable or do not configure this setting a scan will start following a definition update. If you disable this setting a scan will not start following a definition update.

This policy setting allows you to configure definition updates when the computer is running on battery power. If you enable or do not configure this setting definition updates will occur as usual regardless of power state. If you disable this setting definition updates will be turned off while the computer is running on battery power.