- Dec 23, 2014
Hi, @Kees1958.Although I have a Windows Pro, I prefer to use Hard_Configurator (and Configure Defender) over group policy settings.
@Andy Ful question: could you also add the update (interval) values to increase? Except for the "disable update while using battery", all other values could be cranked up automatically when people choose HIGH or MAX setting for Configure Defender.
I use Configure Defender and add below registry values manually (link to explanation: Signature Updates | Windows security encyclopedia)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates]
It is good to see you here back again.
For the reasons mentioned below, I skipped the settings related to local signatures. I am convinced (for now) that adding such settings would produce more trouble than gain (for most users).
Some AVs rely on local signatures and require frequent signature updates (like secondary AV scanners). When the computer is connected to the Internet, Microsoft Defender relies on signatures in the cloud and does not require frequent updates. The local scanning can be still useful for deleting some inactive malware leftovers.
Frequent signature updates can cause performance issues, especially on Windows startup, or when the user is running many tasks, or when gaming, etc.
The additional protection caused by frequent signature updates in Defender is close to 0, except when the Internet connection is broken or disabled.
So, the problem can occur when the computer is disconnected from the Internet. Some users can open unsafe files and run unsafe applications from flash drives (USB drives). It is worth mentioning that in such cases the Defender's signatures are relatively poor even with frequent updates. So, another protection layer is required (like for example H_C or manual scanning with another AV engine).
Anyway, I am opened to the discussion. Maybe I have missed something important.