Hi,
the way you created scans are correct , both ways can be used for policy creation
1) when you go to policies , its global actually, it would tell you which groups are using this policy , but it would give you the location use count, meaning on how many groups the policy is in use.
2) to be more specific to a group , you choose the second option. you select any particular group and change policies, you now know what you are editing on a group.
when you click shared, it means policies are shared, change in one will result change in all the groups ( coz its shared, you are editing something global)
one group will have one particular policy cant apply 2 antivirus and antispyware policy..
The time is the local machine time,
3pm on server scan set in SEPM is same as
3pm scan on server in Singapore
did the machines run scan any time before?
hope this helps.