fix indents

windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md

@@ -173,11 +173,12 @@ First, you should check that the service is set to start automatically when Wind
     sc qc diagtrack
     ```
 
-If the service is enabled, then the result should look like the following screenshot:
+    If the service is enabled, then the result should look like the following screenshot:
 
-![Result of the sc query command for diagtrack](images/windefatp-sc-qc-diagtrack.png)
+    ![Result of the sc query command for diagtrack](images/windefatp-sc-qc-diagtrack.png)
+
+    If the `START_TYPE` is not set to `AUTO_START`, then you'll need to set the service to automatically start.
 
-If the `START_TYPE` is not set to `AUTO_START`, then you'll need to set the service to automatically start.
 
 **Use the command line to set the Windows 10 telemetry and diagnostics service to automatically start:**
 
@@ -227,15 +228,15 @@ If your endpoints are running a third-party antimalware client, the Windows Defe
   a. Click **Start**, type **cmd**, and select **Command prompt**.
 
 2.	Enter the following command, and press Enter:
-```
-sc qc WdBoot
-```
-If the ELAM driver is enabled, the output will be:
+    ```
+    sc qc WdBoot
+    ```
+    If the ELAM driver is enabled, the output will be:
 
-```
-[SC] QueryServiceConfig SUCCESS
+    ```
+    [SC] QueryServiceConfig SUCCESS
 
-SERVICE_NAME: WdBoot
+    SERVICE_NAME: WdBoot
             TYPE               : 1  KERNEL_DRIVER
             START_TYPE         : 0   BOOT_START
             ERROR_CONTROL      : 1   NORMAL
@@ -245,12 +246,12 @@ SERVICE_NAME: WdBoot
             DISPLAY_NAME       : Windows Defender Boot Driver
             DEPENDENCIES       :
             SERVICE_START_NAME :
-```
-If the ELAM driver is disabled the output will be:
-```
-[SC] QueryServiceConfig SUCCESS
+    ```
+    If the ELAM driver is disabled the output will be:
+    ```
+    [SC] QueryServiceConfig SUCCESS
 
-SERVICE_NAME: WdBoot
+    SERVICE_NAME: WdBoot
             TYPE               : 1  KERNEL_DRIVER
             START_TYPE         : 0   DEMAND_START
             ERROR_CONTROL      : 1   NORMAL
@@ -260,7 +261,8 @@ SERVICE_NAME: WdBoot
             DISPLAY_NAME       : Windows Defender Boot Driver
             DEPENDENCIES       :
             SERVICE_START_NAME :
-```
+    ```
+
 ### Enable the ELAM driver
 
 1. Open an elevated PowerShell console on the endpoint:
@@ -276,15 +278,15 @@ SERVICE_NAME: WdBoot
     ```
 3. Run the following PowerShell script:
 
-```text
-Add-Type @'
-using System;
-using System.IO;
-using System.Runtime.InteropServices;
-using Microsoft.Win32.SafeHandles;
-using System.ComponentModel;
+    ```text
+    Add-Type @'
+    using System;
+    using System.IO;
+    using System.Runtime.InteropServices;
+    using Microsoft.Win32.SafeHandles;
+    using System.ComponentModel;
 
-public static class Elam{
+    public static class Elam{
         [DllImport("Kernel32", CharSet=CharSet.Auto, SetLastError=true)]
         public static extern bool InstallELAMCertificateInfo(SafeFileHandle handle);
 
@@ -302,12 +304,12 @@ public static class Elam{
             }
             Console.Out.WriteLine("Call successful.");
         }
-}
-'@
+    }
+    '@
 
-$driverPath = $env:SystemRoot + "\System32\Drivers\WdBoot.sys"
-[Elam]::InstallWdBoot($driverPath)
-```
+    $driverPath = $env:SystemRoot + "\System32\Drivers\WdBoot.sys"
+    [Elam]::InstallWdBoot($driverPath)
+    ```