diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md b/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md
index 80c64fb69d..8b351b1709 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md
@@ -117,10 +117,8 @@ When you're done reviewing and undoing actions that were taken as a result of fa
 
 ### Review completed actions
 
-![Action center](images/autoir-action-center-1.png) 
-
 1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in. 
-2. Select the **History** tab to view a list of actions that were taken. 
+2. Select the **History** tab to view a list of actions that were taken.  
 3. Select an item to view more details about the remediation action that was taken.
 
 ### Undo an action
@@ -141,7 +139,7 @@ When you're done reviewing and undoing actions that were taken as a result of fa
 
 1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in.
 2. On the **History** tab, select a file that has the Action type **Quarantine file**.
-3. In the pane on the right side of the screen, select **Apply to X more instances of this file**, and then select **Undo**.
+3. In the pane on the right side of the screen, select **Apply to X more instances of this file**, and then select **Undo**. 
 
 ## Part 3: Review or define exclusions
 
@@ -351,7 +349,6 @@ Depending on the [level of automation](https://docs.microsoft.com/windows/securi
 > [!IMPORTANT]
 > We recommend using *Full automation* for automated investigation and remediation. Don't turn these capabilities off because of a false positive. Instead, use ["allow" indicators to define exceptions](#indicators-for-microsoft-defender-for-endpoint), and keep automated investigation and remediation set to take appropriate actions automatically. Following [this guidance](automation-levels.md#levels-of-automation) helps reduce the number of alerts your security operations team must handle. 
 
-
 ## Still need help?
 
 If you have worked through all the steps in this article and still need help, contact technical support.
@@ -364,4 +361,4 @@ If you have worked through all the steps in this article and still need help, co
 
 [Manage Microsoft Defender for Endpoint](manage-atp-post-migration.md)
 
-[Overview of Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use) 
\ No newline at end of file
+[Overview of Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use)